Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 28 additions & 0 deletions src/data/playground-configs.ts
Original file line number Diff line number Diff line change
Expand Up @@ -1584,6 +1584,34 @@ export const chartConfigs: Record<string, ChartConfig> = {
},
],
},
{
name: 'Network Policy',
collapsible: true,
gateField: 'networkPolicy.enabled',
fields: [
{
label: 'Egress Policy',
key: 'networkPolicy.egress.enabled',
type: 'toggle',
default: 'false',
description: 'Render explicit egress rules',
},
{
label: 'Extra Egress CIDR',
key: 'networkPolicy.egress.extraEgress[0].to[0].ipBlock.cidr',
type: 'text',
default: '10.80.0.0/16',
description: 'Additional egress destination',
},
{
label: 'Extra Egress Port',
key: 'networkPolicy.egress.extraEgress[0].ports[0].port',
type: 'number',
default: '443',
description: 'Additional TCP egress port',
},
],
},
],
tomcat: [
{
Expand Down
50 changes: 38 additions & 12 deletions src/pages/docs/charts/sonarqube.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ SonarQube Community Build provides code quality and security analysis. The HelmF
- First-class community branch plugin wiring, Java agents, and webapp replacement support
- Gateway API, Ingress, dual-stack Service fields, NetworkPolicy, PDB, persistence, and Helm tests
- External Secrets Operator support for database credentials
- `extraManifests` extension point for small companion resources and self-contained validation fixtures

<a id="install"></a>

Expand Down Expand Up @@ -97,6 +98,13 @@ networkPolicy:
enabled: true
egress:
enabled: true
extraEgress:
- to:
- ipBlock:
cidr: 10.80.0.0/16
ports:
- protocol: TCP
port: 443

pdb:
enabled: true
Expand Down Expand Up @@ -146,6 +154,21 @@ plugins:

Use an internal artifact repository for production. Startup should not depend on public internet availability.

## Extension Manifests

Use `extraManifests` for small companion resources that must ship with the release, such as a Service alias or a
short-lived validation dependency:

```yaml
extraManifests:
- apiVersion: v1
kind: ConfigMap
metadata:
name: sonarqube-extra
data:
enabled: 'true'
```

## Community Branch Plugin

Community Branch Plugin wiring is explicit because it replaces web application files and adds Java agents:
Expand Down Expand Up @@ -225,18 +248,21 @@ is enabled.

## Values

| Parameter | Default | Description |
| ------------------------------- | ----------------------------- | --------------------------------------------------------------- |
| `image.repository` | `docker.io/library/sonarqube` | Official SonarQube image. |
| `image.tag` | `26.4.0.121862-community` | SonarQube Community Build tag. |
| `sonarqube.databaseMode` | `auto` | Database mode: `auto`, `embedded`, `postgresql`, or `external`. |
| `postgresql.enabled` | `false` | Deploy HelmForge PostgreSQL dependency. |
| `waitForDatabase.enabled` | `true` | Wait for PostgreSQL before startup. |
| `plugins.enabled` | `false` | Enable plugin download init container. |
| `communityBranchPlugin.enabled` | `false` | Install and wire the community branch plugin. |
| `persistence.data.enabled` | `true` | Persist SonarQube data. |
| `gatewayAPI.enabled` | `false` | Render Gateway API HTTPRoute. |
| `externalSecrets.enabled` | `false` | Render ExternalSecret resources. |
| Parameter | Default | Description |
| ---------------------------------- | ----------------------------- | --------------------------------------------------------------- |
| `image.repository` | `docker.io/library/sonarqube` | Official SonarQube image. |
| `image.tag` | `26.4.0.121862-community` | SonarQube Community Build tag. |
| `sonarqube.databaseMode` | `auto` | Database mode: `auto`, `embedded`, `postgresql`, or `external`. |
| `postgresql.enabled` | `false` | Deploy HelmForge PostgreSQL dependency. |
| `waitForDatabase.enabled` | `true` | Wait for PostgreSQL before startup. |
| `plugins.enabled` | `false` | Enable plugin download init container. |
| `communityBranchPlugin.enabled` | `false` | Install and wire the community branch plugin. |
| `persistence.data.enabled` | `true` | Persist SonarQube data. |
| `gatewayAPI.enabled` | `false` | Render Gateway API HTTPRoute. |
| `networkPolicy.enabled` | `false` | Render NetworkPolicy. |
| `networkPolicy.egress.extraEgress` | `[]` | Additional complete NetworkPolicy egress rules. |
| `externalSecrets.enabled` | `false` | Render ExternalSecret resources. |
| `extraManifests` | `[]` | Additional Kubernetes manifests rendered with the release. |

## Links

Expand Down
1 change: 1 addition & 0 deletions src/pages/playground.astro
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ const siteSyncPlaygroundConfigs: Record<string, string> = {
memcached: 'src/data/playground-configs.ts',
notediscovery: 'src/data/playground-configs.ts',
poznote: 'src/data/playground-configs.ts',
sonarqube: 'src/data/playground-configs.ts',
};
const configuredChartSlugs = new Set([...Object.keys(mergedConfigs), ...Object.keys(siteSyncPlaygroundConfigs)]);
const playgroundCharts = charts.filter(
Expand Down