[MONGODB] Update MongoDB chart version and other images

author Andreas Geissler <andreas-geissler@telekom.de>

Wed, 14 May 2025 10:30:23 +0000 (12:30 +0200)

committer Andreas Geissler <andreas-geissler@telekom.de>

Wed, 14 May 2025 14:45:09 +0000 (16:45 +0200)
author Andreas Geissler <andreas-geissler@telekom.de>
Wed, 14 May 2025 10:30:23 +0000 (12:30 +0200)
committer Andreas Geissler <andreas-geissler@telekom.de>
Wed, 14 May 2025 14:45:09 +0000 (16:45 +0200)
diff --git a/kubernetes/common/mongodb/.helmignore b/kubernetes/common/mongodb/.helmignore

index fb56657..207983f 100644 (file)
--- a/kubernetes/common/mongodb/.helmignore
+++ b/kubernetes/common/mongodb/.helmignore
@@ -21,3 +21,5 @@
  *.tmproj
  # img folder
  img/
+# Changelog
+CHANGELOG.md
diff --git a/kubernetes/common/mongodb/CHANGELOG.md b/kubernetes/common/mongodb/CHANGELOG.md

new file mode 100644 (file)

index 0000000..186011a
--- /dev/null
+++ b/kubernetes/common/mongodb/CHANGELOG.md
@@ -0,0 +1,2039 @@
+# Changelog
+
+## 16.5.7 (2025-05-13)
+
+* [bitnami/mongodb] :zap: :arrow_up: Update dependency references ([#33636](https://github.com/bitnami/charts/pull/33636))
+
+## <small>16.5.6 (2025-05-06)</small>
+
+* [bitnami/mongodb] chore: :recycle: :arrow_up: Update common and remove k8s < 1.23 references (#33405 ([59d21e7](https://github.com/bitnami/charts/commit/59d21e7d2e6fe9785f6960ceb690c72c64e75190)), closes [#33405](https://github.com/bitnami/charts/issues/33405)
+
+## <small>16.5.5 (2025-05-01)</small>
+
+* [bitnami/mongodb] Release 16.5.5 (#33286) ([c084df3](https://github.com/bitnami/charts/commit/c084df377f1cb009a149dd58fa9eb691aa3d635c)), closes [#33286](https://github.com/bitnami/charts/issues/33286)
+
+## <small>16.5.4 (2025-04-30)</small>
+
+* [bitnami/mongodb] Remove extra volumeClaimTemplates fields (#33236) ([3576e85](https://github.com/bitnami/charts/commit/3576e85131e5ee110040f9fa900249a57e35d79d)), closes [#33236](https://github.com/bitnami/charts/issues/33236)
+
+## <small>16.5.3 (2025-04-28)</small>
+
+* [bitnami/mongodb] Release 16.5.3 (#33211) ([8ec0951](https://github.com/bitnami/charts/commit/8ec095186aa934f76bd311a7d734a5eb77f98b58)), closes [#33211](https://github.com/bitnami/charts/issues/33211)
+
+## <small>16.5.2 (2025-04-25)</small>
+
+* [bitnami/mongodb] Fix authentication in mongodump job (#33143) ([3b50d1b](https://github.com/bitnami/charts/commit/3b50d1b1199d31408b26a7b2c71320087a2fd77f)), closes [#33143](https://github.com/bitnami/charts/issues/33143) [#33121](https://github.com/bitnami/charts/issues/33121) [#33140](https://github.com/bitnami/charts/issues/33140)
+
+## <small>16.5.1 (2025-04-14)</small>
+
+* [bitnami/mongodb] Release 16.5.1 (#32996) ([ab86a7f](https://github.com/bitnami/charts/commit/ab86a7fe41187495cbdb2c3bbbb6c179160cca2b)), closes [#32996](https://github.com/bitnami/charts/issues/32996)
+
+## 16.5.0 (2025-04-07)
+
+* [bitnami/mongodb] Set `usePasswordFiles=true` by default (#32800) ([f51db33](https://github.com/bitnami/charts/commit/f51db33f27df9c1242539be2c3a5dedb8a73249c)), closes [#32800](https://github.com/bitnami/charts/issues/32800)
+
+## <small>16.4.12 (2025-04-02)</small>
+
+* [bitnami/mongodb] Release 16.4.12 (#32752) ([a28adbd](https://github.com/bitnami/charts/commit/a28adbd7b634755e6320c2321e37f97be9578cca)), closes [#32752](https://github.com/bitnami/charts/issues/32752)
+
+## <small>16.4.11 (2025-03-28)</small>
+
+* [bitnami/mongodb] backup cronjob time zone variable should be camel case (#32663) ([e5b94bc](https://github.com/bitnami/charts/commit/e5b94bc5c00c2c96d3e8f0fcedf02ad2c020f2a6)), closes [#32663](https://github.com/bitnami/charts/issues/32663)
+
+## <small>16.4.10 (2025-03-25)</small>
+
+* [bitnami/mongodb] fix broken conditional (#32591) ([f98e77e](https://github.com/bitnami/charts/commit/f98e77e989c35d7fa67e3b118bf69e64121d7454)), closes [#32591](https://github.com/bitnami/charts/issues/32591)
+* Update README.md (#32588) ([3c9e14a](https://github.com/bitnami/charts/commit/3c9e14ac3fa81ac439f64a20c284244eadb9481d)), closes [#32588](https://github.com/bitnami/charts/issues/32588)
+
+## <small>16.4.9 (2025-03-24)</small>
+
+* [bitnami/mongodb] #27482 - fix replicaset config handling (#32381) ([5f50d43](https://github.com/bitnami/charts/commit/5f50d43900bd5305b9d83ceddd17354081109641)), closes [#32381](https://github.com/bitnami/charts/issues/32381)
+
+## <small>16.4.8 (2025-03-21)</small>
+
+* [bitnami/*] Add tanzuCategory annotation (#32409) ([a8fba5c](https://github.com/bitnami/charts/commit/a8fba5cb01f6f4464ca7f69c50b0fbe97d837a95)), closes [#32409](https://github.com/bitnami/charts/issues/32409)
+* [bitnami/mongodb] Release 16.4.8 (#32551) ([07d0b66](https://github.com/bitnami/charts/commit/07d0b664ed13ac2388db93f4369597948f16ee25)), closes [#32551](https://github.com/bitnami/charts/issues/32551)
+
+## <small>16.4.7 (2025-03-12)</small>
+
+* [bitnami/mongodb] Update dns-check init container condition (#32394) ([430e759](https://github.com/bitnami/charts/commit/430e7599e01ab720e67cc6f0fb5098704434ef28)), closes [#32394](https://github.com/bitnami/charts/issues/32394)
+
+## <small>16.4.6 (2025-03-10)</small>
+
+* [bitnami/mongodb] Use actual hostname instead of localhost for mongodb_exporter URI string (#32192) ([cbfec4f](https://github.com/bitnami/charts/commit/cbfec4f962119b505b5c81b6d61448506b7a6216)), closes [#32192](https://github.com/bitnami/charts/issues/32192)
+
+## <small>16.4.5 (2025-02-21)</small>
+
+* [bitnami/*] Fix typo in named template name (#31858) ([b739b69](https://github.com/bitnami/charts/commit/b739b69532e637bd33b4a44eeb422c3e749eac77)), closes [#31858](https://github.com/bitnami/charts/issues/31858)
+* [bitnami/*] Use CDN url for the Bitnami Application Icons (#31881) ([d9bb11a](https://github.com/bitnami/charts/commit/d9bb11a9076b9bfdcc70ea022c25ef50e9713657)), closes [#31881](https://github.com/bitnami/charts/issues/31881)
+* [bitnami/mongodb] Enable publishNotReadyAddresses for ClusterIP services (#31145) ([0e8c150](https://github.com/bitnami/charts/commit/0e8c150374229c71161e96afe8a6c801060871e2)), closes [#31145](https://github.com/bitnami/charts/issues/31145)
+* [bitnami/mongodb] Release 16.4.5 (#32135) ([3312b24](https://github.com/bitnami/charts/commit/3312b24b28c273ee9ffed1e37d22ca1f55ebac15)), closes [#32135](https://github.com/bitnami/charts/issues/32135)
+
+## <small>16.4.3 (2025-02-03)</small>
+
+* [bitnami/mongodb] Release 16.4.3 (#31699) ([701d9dc](https://github.com/bitnami/charts/commit/701d9dc6b719f9202b60374f8d8855ef717478ca)), closes [#31699](https://github.com/bitnami/charts/issues/31699)
+* Update copyright year (#31682) ([e9f02f5](https://github.com/bitnami/charts/commit/e9f02f5007068751f7eb2270fece811e685c99b6)), closes [#31682](https://github.com/bitnami/charts/issues/31682)
+
+## <small>16.4.2 (2025-01-20)</small>
+
+* [bitnami/mongodb] remove undefined rts key from network policy template (#31356) ([53dc708](https://github.com/bitnami/charts/commit/53dc708eaf3daa0b265b8ed956a1eccaa2f443d7)), closes [#31356](https://github.com/bitnami/charts/issues/31356)
+
+## <small>16.4.1 (2025-01-15)</small>
+
+* [bitnami/*] Fix typo in README (#31052) ([b41a51d](https://github.com/bitnami/charts/commit/b41a51d1bd04841fc108b78d3b8357a5292771c8)), closes [#31052](https://github.com/bitnami/charts/issues/31052)
+* [bitnami/mongodb] Release 16.4.1 (#31390) ([639b28e](https://github.com/bitnami/charts/commit/639b28e5326003ba369f423c9718f1a6a4b4985c)), closes [#31390](https://github.com/bitnami/charts/issues/31390)
+
+## 16.4.0 (2024-12-10)
+
+* [bitnami/*] Add Bitnami Premium to NOTES.txt (#30854) ([3dfc003](https://github.com/bitnami/charts/commit/3dfc00376df6631f0ce54b8d440d477f6caa6186)), closes [#30854](https://github.com/bitnami/charts/issues/30854)
+* [bitnami/mongodb] Detect non-standard images (#30926) ([9b7cdc2](https://github.com/bitnami/charts/commit/9b7cdc25e189dcb8256a4a11aa35bf46fa01b6c7)), closes [#30926](https://github.com/bitnami/charts/issues/30926)
+
+## <small>16.3.3 (2024-12-06)</small>
+
+* [bitnami/mongodb] Release 16.3.3 (#30822) ([83e96a2](https://github.com/bitnami/charts/commit/83e96a2cd17a29f10230af3ec16e0451fc5f4d0c)), closes [#30822](https://github.com/bitnami/charts/issues/30822)
+
+## <small>16.3.2 (2024-12-04)</small>
+
+* [bitnami/*] docs: :memo: Add "Backup & Restore" section (#30711) ([35ab536](https://github.com/bitnami/charts/commit/35ab5363741e7548f4076f04da6e62d10153c60c)), closes [#30711](https://github.com/bitnami/charts/issues/30711)
+* [bitnami/*] docs: :memo: Add "Prometheus metrics" (batch 4) (#30669) ([a4ec006](https://github.com/bitnami/charts/commit/a4ec00624589023a70a7094fcfb9f12e382bc280)), closes [#30669](https://github.com/bitnami/charts/issues/30669)
+* [bitnami/*] docs: :memo: Unify "Securing Traffic using TLS" section (#30707) ([b572333](https://github.com/bitnami/charts/commit/b57233336e4fe9af928ecb4f2a5f334011efb1bc)), closes [#30707](https://github.com/bitnami/charts/issues/30707)
+* [bitnami/mongodb] Release 16.3.2 (#30785) ([38df250](https://github.com/bitnami/charts/commit/38df25008477850e56123c286ff9daa5e28777e4)), closes [#30785](https://github.com/bitnami/charts/issues/30785)
+
+## <small>16.3.1 (2024-11-26)</small>
+
+* [bitnami/mongodb] Modify access modes to match YAML 1.2 schema (#30512) ([7cd0bfa](https://github.com/bitnami/charts/commit/7cd0bfa7a78bb1c97c5658a31ecf3b54d60a1812)), closes [#30512](https://github.com/bitnami/charts/issues/30512)
+
+## 16.3.0 (2024-11-14)
+
+* [bitnami/mongodb] feat: :sparkles: Add password update job (#30460) ([a4d8d5b](https://github.com/bitnami/charts/commit/a4d8d5b3c164f946901b91651a7bd5cc338a11c0)), closes [#30460](https://github.com/bitnami/charts/issues/30460)
+
+## <small>16.2.2 (2024-11-13)</small>
+
+* [bitnami/mongodb] allow setting the timezone for backup cronjob (#30421) ([f001424](https://github.com/bitnami/charts/commit/f001424f6aad534d5fe5a9ad09265b24b1fd6fe7)), closes [#30421](https://github.com/bitnami/charts/issues/30421)
+
+## <small>16.2.1 (2024-10-30)</small>
+
+* [bitnami/*] Remove wrong comment about imagePullPolicy (#30107) ([a51f9e4](https://github.com/bitnami/charts/commit/a51f9e4bb0fbf77199512d35de7ac8abe055d026)), closes [#30107](https://github.com/bitnami/charts/issues/30107)
+* [bitnami/mongodb] Fix render values of resources on init container (#30115) ([7722763](https://github.com/bitnami/charts/commit/77227635ce659923da314f1a3268574697ef63f9)), closes [#30115](https://github.com/bitnami/charts/issues/30115)
+
+## 16.2.0 (2024-10-28)
+
+* [bitnami/mongodb] fix: initial primary host variable for arbiter and hidden replicas (#29584) ([a1df969](https://github.com/bitnami/charts/commit/a1df96944f48ea2cde075396d235a07a6d7aa165)), closes [#29584](https://github.com/bitnami/charts/issues/29584)
+
+## <small>16.1.1 (2024-10-25)</small>
+
+* [bitnami/mongodb] Release 16.1.1 (#30084) ([24f6cde](https://github.com/bitnami/charts/commit/24f6cde58746cdc617a672d63add5bfd8b7e6b6d)), closes [#30084](https://github.com/bitnami/charts/issues/30084)
+
+## 16.1.0 (2024-10-23)
+
+* [bitnami/mongodb] Add resources for backup cronjob (#30021) ([4836089](https://github.com/bitnami/charts/commit/48360898aedcdb853fb8f967ed64bfdc72399ba8)), closes [#30021](https://github.com/bitnami/charts/issues/30021)
+* Update documentation links to techdocs.broadcom.com (#29931) ([f0d9ad7](https://github.com/bitnami/charts/commit/f0d9ad78f39f633d275fc576d32eae78ded4d0b8)), closes [#29931](https://github.com/bitnami/charts/issues/29931)
+
+## <small>16.0.3 (2024-10-10)</small>
+
+* [bitnami/mongodb] Fixed awk script to extract  in order to be more st… (#29824) ([86745de](https://github.com/bitnami/charts/commit/86745de16a329beadf4277bc602a12224a93e84a)), closes [#29824](https://github.com/bitnami/charts/issues/29824)
+
+## <small>16.0.2 (2024-10-09)</small>
+
+* [bitnami/mongodb] Release 16.0.2 (#29855) ([7fec11a](https://github.com/bitnami/charts/commit/7fec11aa57b1c66cea587219b86081fde3ac0b97)), closes [#29855](https://github.com/bitnami/charts/issues/29855)
+
+## <small>16.0.1 (2024-10-08)</small>
+
+* [bitnami/mongodb] Release 16.0.1 (#29830) ([6360c47](https://github.com/bitnami/charts/commit/6360c478136e8c0d58b7bb50e7f507308afc25f6)), closes [#29830](https://github.com/bitnami/charts/issues/29830)
+* [bitnami/mongodb] Update README (#29812) ([6f8a1bf](https://github.com/bitnami/charts/commit/6f8a1bf241a0032a3e44a2ea47f9574f6786d436)), closes [#29812](https://github.com/bitnami/charts/issues/29812)
+
+## 16.0.0 (2024-10-07)
+
+* [bitnami/mongodb] Release 16.0.0 (#29801) ([5973e5c](https://github.com/bitnami/charts/commit/5973e5c8e6aa766997000d6a49b9be7936298c30)), closes [#29801](https://github.com/bitnami/charts/issues/29801)
+
+## <small>15.6.26 (2024-09-23)</small>
+
+* [bitnami/mongodb] Fixed arbiter anti affinity rules to prevent it from running on the same node of a ([ded7e1f](https://github.com/bitnami/charts/commit/ded7e1f62ddcaba8fdeaf29a485aaf199295ccfc)), closes [#29565](https://github.com/bitnami/charts/issues/29565)
+
+## <small>15.6.25 (2024-09-19)</small>
+
+* [bitnami/mongodb] Release 15.6.25 (#29529) ([8091ced](https://github.com/bitnami/charts/commit/8091ced2fc72072724265e78a09ad490e4711c6a)), closes [#29529](https://github.com/bitnami/charts/issues/29529)
+
+## <small>15.6.24 (2024-09-14)</small>
+
+* [bitnami/mongodb] Release 15.6.24 (#29414) ([dd49bc9](https://github.com/bitnami/charts/commit/dd49bc9b8e14aef99705e0c9eba76ac01de93d5f)), closes [#29414](https://github.com/bitnami/charts/issues/29414)
+
+## <small>15.6.23 (2024-09-11)</small>
+
+* [bitnami/mongodb] Allow rendering resources values (#29346) ([2fbc081](https://github.com/bitnami/charts/commit/2fbc081c5441b904df0b142e5ae42f77f9357385)), closes [#29346](https://github.com/bitnami/charts/issues/29346)
+
+## <small>15.6.22 (2024-08-29)</small>
+
+* [bitnami/mongodb] add securityContext via helper to initContainter dns-check (#29038) ([56299fe](https://github.com/bitnami/charts/commit/56299fe14d54ac685fb55da7d23c6b91c15f8e3e)), closes [#29038](https://github.com/bitnami/charts/issues/29038)
+
+## <small>15.6.21 (2024-08-26)</small>
+
+* [bitnami/mongodb] Release 15.6.21 (#29035) ([21acb97](https://github.com/bitnami/charts/commit/21acb974bf8edca0550bccb71a1df126a277d59b)), closes [#29035](https://github.com/bitnami/charts/issues/29035)
+
+## <small>15.6.20 (2024-08-20)</small>
+
+* [bitnami/mongodb] Fix logic to add custom annotations to external-access service (#28883) ([785e59b](https://github.com/bitnami/charts/commit/785e59bccf87c5ecae2b472901e7f6e7fbf2c196)), closes [#28883](https://github.com/bitnami/charts/issues/28883)
+
+## <small>15.6.19 (2024-08-14)</small>
+
+* [bitnami/mongodb] Release 15.6.19 (#28889) ([8b3cb57](https://github.com/bitnami/charts/commit/8b3cb57c221f0f035e020cecc70b44e26cfd8040)), closes [#28889](https://github.com/bitnami/charts/issues/28889)
+
+## <small>15.6.18 (2024-08-07)</small>
+
+* [bitnami/mongodb] fix(NOTES.txt): Missing messages (#28685) ([7e31f12](https://github.com/bitnami/charts/commit/7e31f12208a7ae11060d3eaa68c09f74cbc4a6a4)), closes [#28685](https://github.com/bitnami/charts/issues/28685)
+
+## <small>15.6.17 (2024-08-06)</small>
+
+* [bitnami/mongodb] Release 15.6.17 (#28697) ([b6d6a24](https://github.com/bitnami/charts/commit/b6d6a2449195d87387cce9aec88cc6215763c569)), closes [#28697](https://github.com/bitnami/charts/issues/28697)
+
+## <small>15.6.16 (2024-07-25)</small>
+
+* [bitnami/mongodb] Release 15.6.16 (#28453) ([86d3ac8](https://github.com/bitnami/charts/commit/86d3ac8763d831263d8436ce890cd54ef62a9a17)), closes [#28453](https://github.com/bitnami/charts/issues/28453)
+
+## <small>15.6.15 (2024-07-24)</small>
+
+* [bitnami/mongodb] Release 15.6.15 (#28332) ([e107031](https://github.com/bitnami/charts/commit/e107031d3833f020d47d5fddcc24c7f43859443e)), closes [#28332](https://github.com/bitnami/charts/issues/28332)
+
+## <small>15.6.14 (2024-07-18)</small>
+
+* [bitnami/mongodb] Global StorageClass as default value (#28061) ([0661fba](https://github.com/bitnami/charts/commit/0661fbaf3436de16452d82cbf244a616c5892e64)), closes [#28061](https://github.com/bitnami/charts/issues/28061)
+
+## <small>15.6.13 (2024-07-16)</small>
+
+* [bitnami/mongodb] Fix autoDiscovery initContainer template (#27953) ([c3955b0](https://github.com/bitnami/charts/commit/c3955b0e2c0cd7fc287f3acc36990b8c0a8c09ac)), closes [#27953](https://github.com/bitnami/charts/issues/27953)
+
+## <small>15.6.12 (2024-07-01)</small>
+
+* [bitnami/*] Update README changing TAC wording (#27530) ([52dfed6](https://github.com/bitnami/charts/commit/52dfed6bac44d791efabfaf06f15daddc4fefb0c)), closes [#27530](https://github.com/bitnami/charts/issues/27530)
+* [bitnami/mongodb] Release 15.6.12 (#27590) ([97d0ec8](https://github.com/bitnami/charts/commit/97d0ec8a20365d93a4121dd7df98352eac8e69a7)), closes [#27590](https://github.com/bitnami/charts/issues/27590)
+
+## <small>15.6.11 (2024-06-25)</small>
+
+* [bitnami/mongodb] Recover logging to stdout (#27510) ([33bbddd](https://github.com/bitnami/charts/commit/33bbddd532d0debbe775a13a1b0c31e59ccd3c35)), closes [#27510](https://github.com/bitnami/charts/issues/27510)
+
+## <small>15.6.10 (2024-06-20)</small>
+
+* [bitnami/mongodb] add space back so script works again (#27183) ([e880657](https://github.com/bitnami/charts/commit/e880657e7744f7871d04c55283f34fad9d04598a)), closes [#27183](https://github.com/bitnami/charts/issues/27183)
+
+## <small>15.6.9 (2024-06-18)</small>
+
+* [bitnami/mongodb] Release 15.6.9 (#27382) ([d59a4b1](https://github.com/bitnami/charts/commit/d59a4b1346d607d82a68d59c6c162197b2305858)), closes [#27382](https://github.com/bitnami/charts/issues/27382)
+
+## <small>15.6.8 (2024-06-17)</small>
+
+* [bitnami/mongodb] Release 15.6.8 (#27317) ([71d3b7e](https://github.com/bitnami/charts/commit/71d3b7efac8585b90018d0cda9099104bb6a8ae4)), closes [#27317](https://github.com/bitnami/charts/issues/27317)
+
+## <small>15.6.7 (2024-06-17)</small>
+
+* [bitnami/mongodb] Release 15.6.7 (#27254) ([33a8fd2](https://github.com/bitnami/charts/commit/33a8fd21116b9ee49238ab13553010b859149bc1)), closes [#27254](https://github.com/bitnami/charts/issues/27254)
+
+## <small>15.6.6 (2024-06-10)</small>
+
+* [bitnami/mongodb] Add securityContext to generate-tls in replicaset (#26606) ([34ff09b](https://github.com/bitnami/charts/commit/34ff09b6e8f797163172059c194250961869e034)), closes [#26606](https://github.com/bitnami/charts/issues/26606)
+
+## <small>15.6.5 (2024-06-06)</small>
+
+* [bitnami/mongodb] Release 15.6.5 (#26988) ([1b8c210](https://github.com/bitnami/charts/commit/1b8c210aa7585a5a3731c3d8c033625c170fa1dc)), closes [#26988](https://github.com/bitnami/charts/issues/26988)
+
+## <small>15.6.4 (2024-06-06)</small>
+
+* [bitnami/mongodb] Release 15.6.4 (#26907) ([0fbcf92](https://github.com/bitnami/charts/commit/0fbcf926bb04ce00021013314b511324cd96056e)), closes [#26907](https://github.com/bitnami/charts/issues/26907)
+
+## <small>15.6.3 (2024-06-04)</small>
+
+* [bitnami/mongodb] Bump chart version (#26650) ([8a4412d](https://github.com/bitnami/charts/commit/8a4412df8904d90daefe8ac8a5345270867d329f)), closes [#26650](https://github.com/bitnami/charts/issues/26650)
+
+## <small>15.6.2 (2024-06-04)</small>
+
+* [bitnami/mongodb] Remove UTF-8 chars (#26607) ([9ab3365](https://github.com/bitnami/charts/commit/9ab33654ca45ee82d27088578308068e493c43cd)), closes [#26607](https://github.com/bitnami/charts/issues/26607)
+
+## <small>15.6.1 (2024-05-28)</small>
+
+* [bitnami/mongodb] Release 15.6.1 (#26481) ([f4dbc07](https://github.com/bitnami/charts/commit/f4dbc07bf19489d2ce4156675c1cf7e291ad0385)), closes [#26481](https://github.com/bitnami/charts/issues/26481)
+
+## 15.6.0 (2024-05-24)
+
+* [bitnami/mongodb] PDB review (#26154) ([a4ecaf9](https://github.com/bitnami/charts/commit/a4ecaf9ed62fe573de17ce95d9ec090d3b1bde88)), closes [#26154](https://github.com/bitnami/charts/issues/26154)
+
+## <small>15.5.3 (2024-05-24)</small>
+
+* [bitnami/mongodb]Add "or" condition between .Values.auth.existingSecret and .Values.auth.rootPasswor ([5f2204f](https://github.com/bitnami/charts/commit/5f2204f02bdd65fa5514dc0158797d0c3d85b635)), closes [#25944](https://github.com/bitnami/charts/issues/25944) [#25885](https://github.com/bitnami/charts/issues/25885)
+
+## <small>15.5.2 (2024-05-22)</small>
+
+* [bitnami/mongodb] Allow templating for initdbScriptsConfigMap (#26324) ([dc5fe4b](https://github.com/bitnami/charts/commit/dc5fe4b8240dc1c935280a541e0133426a4f349b)), closes [#26324](https://github.com/bitnami/charts/issues/26324)
+
+## <small>15.5.1 (2024-05-21)</small>
+
+* [bitnami/mongodb] Use different liveness/readiness probes (#26152) ([c8b04d4](https://github.com/bitnami/charts/commit/c8b04d44069a0d2a3e0d816fbaaff792558a9d4f)), closes [#26152](https://github.com/bitnami/charts/issues/26152)
+
+## 15.5.0 (2024-05-21)
+
+* [bitnami/*] ci: :construction_worker: Add tag and changelog support (#25359) ([91c707c](https://github.com/bitnami/charts/commit/91c707c9e4e574725a09505d2d313fb93f1b4c0a)), closes [#25359](https://github.com/bitnami/charts/issues/25359)
+* [bitnami/mongodb] feat: :sparkles: :lock: Add warning when original images are replaced (#26247) ([8a2137a](https://github.com/bitnami/charts/commit/8a2137a67a652dd54419f07da340a8ab81f19483)), closes [#26247](https://github.com/bitnami/charts/issues/26247)
+
+## <small>15.4.5 (2024-05-20)</small>
+
+* [bitnami/mongodb] Fix volumePermissions rendering (#26120) ([63a739e](https://github.com/bitnami/charts/commit/63a739e395d226e3cb7390da79656191c3711cf4)), closes [#26120](https://github.com/bitnami/charts/issues/26120)
+
+## <small>15.4.4 (2024-05-18)</small>
+
+* [bitnami/mongodb] Release 15.4.4 updating components versions (#26050) ([838329e](https://github.com/bitnami/charts/commit/838329ede3aa0b74f4c70b1b5c8b2663edb0d55f)), closes [#26050](https://github.com/bitnami/charts/issues/26050)
+
+## <small>15.4.3 (2024-05-14)</small>
+
+* [bitnami/mongodb] Release 15.4.3 updating components versions (#25849) ([8a4f695](https://github.com/bitnami/charts/commit/8a4f69561d3b3cc0865881e8e5361d6037b59345)), closes [#25849](https://github.com/bitnami/charts/issues/25849)
+
+## <small>15.4.2 (2024-05-14)</small>
+
+* [bitnami/mongodb] Release 15.4.2 updating components versions (#25845) ([13aef1b](https://github.com/bitnami/charts/commit/13aef1b55a85654cc2b489fd5d25f3ee99f74671)), closes [#25845](https://github.com/bitnami/charts/issues/25845)
+
+## <small>15.4.1 (2024-05-13)</small>
+
+* [bitnami/mongodb] Release 15.4.1 updating components versions (#25734) ([27fba2f](https://github.com/bitnami/charts/commit/27fba2f92b02d9dc5966784a4a6840b880e2d41a)), closes [#25734](https://github.com/bitnami/charts/issues/25734)
+
+## 15.4.0 (2024-05-13)
+
+* bitnami/mongodb: Allow labels for volumeClaimTemplates (#25571) ([7605c31](https://github.com/bitnami/charts/commit/7605c31a9ce6ef46639a5aee170e1ca33b620b15)), closes [#25571](https://github.com/bitnami/charts/issues/25571) [#25678](https://github.com/bitnami/charts/issues/25678) [#25680](https://github.com/bitnami/charts/issues/25680) [#25685](https://github.com/bitnami/charts/issues/25685) [#25688](https://github.com/bitnami/charts/issues/25688)
+
+## <small>15.3.1 (2024-05-13)</small>
+
+* [bitnami/mongodb] Release 15.3.1 updating components versions (#25707) ([5120460](https://github.com/bitnami/charts/commit/51204602b0fbf91fa10304c5213f33198b65de2e)), closes [#25707](https://github.com/bitnami/charts/issues/25707)
+
+## 15.3.0 (2024-05-10)
+
+* [bitnami/mongodb] Simplify and fix externalAccess configuration (#25397) ([90b73a8](https://github.com/bitnami/charts/commit/90b73a829a1c1d5b85fcfdee619fa8874b27999a)), closes [#25397](https://github.com/bitnami/charts/issues/25397)
+
+## 15.2.0 (2024-05-09)
+
+* [bitnami/*] Change non-root and rolling-tags doc URLs (#25628) ([b067c94](https://github.com/bitnami/charts/commit/b067c94f6bcde427863c197fd355f0b5ba12ff5b)), closes [#25628](https://github.com/bitnami/charts/issues/25628)
+* [bitnami/*] Set new header/owner (#25558) ([8d1dc11](https://github.com/bitnami/charts/commit/8d1dc11f5fb30db6fba50c43d7af59d2f79deed3)), closes [#25558](https://github.com/bitnami/charts/issues/25558)
+* [bitnami/mongodb] Network policy review (#25519) ([54c44d3](https://github.com/bitnami/charts/commit/54c44d3eb6cf08eebdb800a779dbc4fe77a1d40a)), closes [#25519](https://github.com/bitnami/charts/issues/25519)
+
+## <small>15.1.7 (2024-04-27)</small>
+
+* [bitnami/mongodb] Release 15.1.7 updating components versions (#25431) ([d7cae59](https://github.com/bitnami/charts/commit/d7cae59f58a5ba16677c05d8192ac012799e6397)), closes [#25431](https://github.com/bitnami/charts/issues/25431)
+
+## <small>15.1.6 (2024-04-26)</small>
+
+* [bitnami/mongodb] Release 15.1.6 updating components versions (#25416) ([0f0b8ed](https://github.com/bitnami/charts/commit/0f0b8ed733f3de4c0e3672ea4402cd0210e936ca)), closes [#25416](https://github.com/bitnami/charts/issues/25416)
+* [bitnami/multiple charts] Fix typo: "NetworkPolice" vs "NetworkPolicy" (#25348) ([6970c1b](https://github.com/bitnami/charts/commit/6970c1ba245873506e73d459c6eac1e4919b778f)), closes [#25348](https://github.com/bitnami/charts/issues/25348)
+* Replace VMware by Broadcom copyright text (#25306) ([a5e4bd0](https://github.com/bitnami/charts/commit/a5e4bd0e35e419203793976a78d9d0a13de92c76)), closes [#25306](https://github.com/bitnami/charts/issues/25306)
+
+## <small>15.1.5 (2024-04-23)</small>
+
+* [bitnami/mongodb] Fix validations and Autodiscovery (#25283) ([288a544](https://github.com/bitnami/charts/commit/288a544c640bd8850b6e2b40c254d246952524a9)), closes [#25283](https://github.com/bitnami/charts/issues/25283)
+
+## <small>15.1.4 (2024-04-09)</small>
+
+* [bitnami/mongodb] Release 15.1.4 updating components versions (#25082) ([e364fc1](https://github.com/bitnami/charts/commit/e364fc11fb808f0d4169b6a1ee7e665e646fde60)), closes [#25082](https://github.com/bitnami/charts/issues/25082)
+
+## <small>15.1.3 (2024-04-05)</small>
+
+* [bitnami/mongodb] Release 15.1.3 updating components versions (#24969) ([0d95685](https://github.com/bitnami/charts/commit/0d956854c40d09b7add2cfa2084c67d253879d10)), closes [#24969](https://github.com/bitnami/charts/issues/24969)
+
+## <small>15.1.2 (2024-04-04)</small>
+
+* [bitnami/mongodb] Release 15.1.2 (#24901) ([3687a3c](https://github.com/bitnami/charts/commit/3687a3ca8b3c36bb77b52ece5835e52edcb63c52)), closes [#24901](https://github.com/bitnami/charts/issues/24901)
+* Update resourcesPreset comments (#24467) ([92e3e8a](https://github.com/bitnami/charts/commit/92e3e8a507326d2a20a8f10ab3e7746a2ec5c554)), closes [#24467](https://github.com/bitnami/charts/issues/24467)
+
+## <small>15.1.1 (2024-04-01)</small>
+
+* Fix invalid secret pointer in MongoDB ServiceAccount (#24751) ([bccb4e6](https://github.com/bitnami/charts/commit/bccb4e6657f9d9fcca1f16c747f625fd4072eb8e)), closes [#24751](https://github.com/bitnami/charts/issues/24751)
+
+## 15.1.0 (2024-03-21)
+
+* [bitnami/mongodb] feat: backoffLimit should be configurable in backup cronjob (#24505) ([5b46a67](https://github.com/bitnami/charts/commit/5b46a673582c77c226aca29c4b4bb712a066ccdc)), closes [#24505](https://github.com/bitnami/charts/issues/24505) [#24326](https://github.com/bitnami/charts/issues/24326)
+
+## <small>15.0.2 (2024-03-19)</small>
+
+* [bitnami/mongodb] fix: :bug: Mount emptyDir in /bitnami/mongodb in arbiter node (#24535) ([798a885](https://github.com/bitnami/charts/commit/798a8853984a7b3fe811d20c577e6a8455c19bb4)), closes [#24535](https://github.com/bitnami/charts/issues/24535)
+
+## <small>15.0.1 (2024-03-18)</small>
+
+* [bitnami/mongodb] Release 15.0.1 updating components versions (#24523) ([1e9d09e](https://github.com/bitnami/charts/commit/1e9d09e4bf5661c5b47d89bd3517c1b7010b6945)), closes [#24523](https://github.com/bitnami/charts/issues/24523)
+
+## 15.0.0 (2024-03-18)
+
+* [bitnami/*] Reorder Chart sections (#24455) ([0cf4048](https://github.com/bitnami/charts/commit/0cf4048e8743f70a9753d460655bd030cbff6824)), closes [#24455](https://github.com/bitnami/charts/issues/24455)
+* [bitnami/mongodb] feat!: :lock: :boom: Improve security defaults (#24374) ([8057b1f](https://github.com/bitnami/charts/commit/8057b1fcb37a4d02eef71710e5a336fdd07692ce)), closes [#24374](https://github.com/bitnami/charts/issues/24374)
+
+## 14.13.0 (2024-03-06)
+
+* [bitnami/mongodb] feat: :sparkles: :lock: Add automatic adaptation for Openshift restricted-v2 SCC ( ([3025e74](https://github.com/bitnami/charts/commit/3025e74f11470105fb1a28b8b54fe23c8c3a793e)), closes [#24124](https://github.com/bitnami/charts/issues/24124)
+
+## <small>14.12.3 (2024-02-29)</small>
+
+* [bitnami/mongodb] Release 14.12.3 updating components versions (#23975) ([43306df](https://github.com/bitnami/charts/commit/43306df9f67a6c38743cac362676317aa7a8318e)), closes [#23975](https://github.com/bitnami/charts/issues/23975)
+
+## <small>14.12.2 (2024-02-27)</small>
+
+* [bitnami/mongodb] fix: :bug: Add missing empty-dir in arbiter (#23936) ([abcddbc](https://github.com/bitnami/charts/commit/abcddbcdbcac415d093ffb48eece332d172f0858)), closes [#23936](https://github.com/bitnami/charts/issues/23936)
+
+## <small>14.12.1 (2024-02-22)</small>
+
+* [bitnami/mongodb] Fix zombie processes by probes (#23390) ([1f9b662](https://github.com/bitnami/charts/commit/1f9b662ee7fbc5f795a77ed6d4cbbe121fc6711e)), closes [#23390](https://github.com/bitnami/charts/issues/23390) [bitnami/charts#13365](https://github.com/bitnami/charts/issues/13365)
+
+## 14.12.0 (2024-02-22)
+
+* [bitnami/mongodb] feat: :sparkles: :lock: Add readOnlyRootFilesystem support (#23746) ([550fbdc](https://github.com/bitnami/charts/commit/550fbdc01cd0be150d049bfebccd5ad4b8f81f7f)), closes [#23746](https://github.com/bitnami/charts/issues/23746)
+
+## <small>14.11.1 (2024-02-21)</small>
+
+* [bitnami/mongodb] Release 14.11.1 updating components versions (#23730) ([96c398f](https://github.com/bitnami/charts/commit/96c398f7cca8f220ce707e2d15349cbcc74de9af)), closes [#23730](https://github.com/bitnami/charts/issues/23730)
+
+## 14.11.0 (2024-02-20)
+
+* [bitnami/*] Bump all versions (#23602) ([b70ee2a](https://github.com/bitnami/charts/commit/b70ee2a30e4dc256bf0ac52928fb2fa7a70f049b)), closes [#23602](https://github.com/bitnami/charts/issues/23602)
+
+## <small>14.10.1 (2024-02-19)</small>
+
+* [bitnami/mongodb] Fix secret svcbind (#23560) ([fb988a5](https://github.com/bitnami/charts/commit/fb988a55d7b941d93762fb73a73fcef74b81981b)), closes [#23560](https://github.com/bitnami/charts/issues/23560)
+
+## 14.10.0 (2024-02-16)
+
+* [bitnami/mongodb] Added the possibilty to define number of replicas in standalone mode (#22366) ([c6c54b8](https://github.com/bitnami/charts/commit/c6c54b8d3703cfac0488918ac378203fd08ae7f8)), closes [#22366](https://github.com/bitnami/charts/issues/22366)
+
+## 14.9.0 (2024-02-15)
+
+* [bitnami/mongodb] feat: :sparkles: :lock: Add resource preset support (#23491) ([27a4bb0](https://github.com/bitnami/charts/commit/27a4bb00b253eefec6305fad1e934e221b28431c)), closes [#23491](https://github.com/bitnami/charts/issues/23491)
+
+## <small>14.8.3 (2024-02-05)</small>
+
+* [bitnami/mongodb] Fix metrics container port in the ingress of NetworkPolicy (#23173) ([c1268ad](https://github.com/bitnami/charts/commit/c1268ad0f067ed1e96278d3e937e5540d6fe0403)), closes [#23173](https://github.com/bitnami/charts/issues/23173)
+
+## <small>14.8.2 (2024-02-03)</small>
+
+* [bitnami/mongodb] Release 14.8.2 updating components versions (#23112) ([7d6b257](https://github.com/bitnami/charts/commit/7d6b257f695396d6fcd7db99fa23375ba86bff69)), closes [#23112](https://github.com/bitnami/charts/issues/23112)
+
+## <small>14.8.1 (2024-02-02)</small>
+
+* [bitnami/mongodb] feat: :lock: Enable networkPolicy (#22879) ([2240e19](https://github.com/bitnami/charts/commit/2240e1966119ee0ff851e57bb904aa145ce2649e)), closes [#22879](https://github.com/bitnami/charts/issues/22879)
+* backup cronjob respects global imagePullSecrets and image.pullPolicy (#23022) ([0524ec6](https://github.com/bitnami/charts/commit/0524ec61623218b29fdb8fce9fde4900dc7b9558)), closes [#23022](https://github.com/bitnami/charts/issues/23022)
+
+## 14.8.0 (2024-02-01)
+
+* [bitnami/mongodb] Add securityContext to init tls container (#22994) ([22daef5](https://github.com/bitnami/charts/commit/22daef5326fe56e12e054a767de28b38ec92a3c9)), closes [#22994](https://github.com/bitnami/charts/issues/22994)
+
+## <small>14.7.3 (2024-01-31)</small>
+
+* [bitnami/mongodb] Release 14.7.3 updating components versions (#22945) ([9f8e16c](https://github.com/bitnami/charts/commit/9f8e16cd0cc0b94b828052425cd71e17ac9ad6d8)), closes [#22945](https://github.com/bitnami/charts/issues/22945)
+
+## <small>14.7.2 (2024-01-29)</small>
+
+* [bitnami/mongodb] Fix issue with svcbind secret generation (#22521) ([c72da80](https://github.com/bitnami/charts/commit/c72da80995c79ccaeddc58ef8fa69a0b17614025)), closes [#22521](https://github.com/bitnami/charts/issues/22521)
+
+## <small>14.7.1 (2024-01-25)</small>
+
+* [bitnami/*] Move documentation sections from docs.bitnami.com back to the README (#22203) ([7564f36](https://github.com/bitnami/charts/commit/7564f36ca1e95ff30ee686652b7ab8690561a707)), closes [#22203](https://github.com/bitnami/charts/issues/22203)
+* [bitnami/mongodb] fix: :bug: Set seLinuxOptions to null for Openshift compatibility (#22628) ([19dba7c](https://github.com/bitnami/charts/commit/19dba7c5d668bfb4edd5ac7c935f2acd27139286)), closes [#22628](https://github.com/bitnami/charts/issues/22628)
+
+## 14.7.0 (2024-01-22)
+
+* [bitnami/mongodb] fix: :lock: Move service-account token auto-mount to pod declaration (#22437) ([ad9e50a](https://github.com/bitnami/charts/commit/ad9e50afba73fbcc1a94c8296a017a95c0fe0768)), closes [#22437](https://github.com/bitnami/charts/issues/22437)
+
+## <small>14.6.1 (2024-01-18)</small>
+
+* [bitnami/mongodb] Release 14.6.1 updating components versions (#22317) ([bf4cf67](https://github.com/bitnami/charts/commit/bf4cf67e757c4b0143b3feebe7b8e4d66fe12fd6)), closes [#22317](https://github.com/bitnami/charts/issues/22317)
+
+## 14.6.0 (2024-01-17)
+
+* [bitnami/mongodb] fix: :lock: Improve podSecurityContext and containerSecurityContext with essential ([29831ee](https://github.com/bitnami/charts/commit/29831ee42d431ca8d5c2ee54972e010adb9d4653)), closes [#22159](https://github.com/bitnami/charts/issues/22159)
+
+## <small>14.5.1 (2024-01-15)</small>
+
+* [bitnami/*] Fix docs.bitnami.com broken links (#21901) ([f35506d](https://github.com/bitnami/charts/commit/f35506d2dadee4f097986e7792df1f53ab215b5d)), closes [#21901](https://github.com/bitnami/charts/issues/21901)
+* [bitnami/*] Fix ref links (in comments) (#21822) ([e4fa296](https://github.com/bitnami/charts/commit/e4fa296106b225cf8c82445727c675c7c725e380)), closes [#21822](https://github.com/bitnami/charts/issues/21822)
+* [bitnami/mongodb] fix: :lock: Do not automount the service account token unless necessary (#22054) ([5dbc1a6](https://github.com/bitnami/charts/commit/5dbc1a614c1693c57c74f7326f324e46f2d29f48)), closes [#22054](https://github.com/bitnami/charts/issues/22054)
+
+## 14.5.0 (2024-01-08)
+
+* [bitnami/mongodb] Added possibility to configure persistence volume name and claim name (#21851) ([3b273bb](https://github.com/bitnami/charts/commit/3b273bb9cb3c212d315dcdafc6bd7806548d2c66)), closes [#21851](https://github.com/bitnami/charts/issues/21851)
+
+## <small>14.4.10 (2024-01-06)</small>
+
+* [bitnami/*] Update copyright: Year and company (#21815) ([6c4bf75](https://github.com/bitnami/charts/commit/6c4bf75dec58fc7c9aee9f089777b1a858c17d5b)), closes [#21815](https://github.com/bitnami/charts/issues/21815)
+* [bitnami/mongodb] Release 14.4.10 updating components versions (#21870) ([4740dd4](https://github.com/bitnami/charts/commit/4740dd40861a92958be4999dd6181af2043e2b47)), closes [#21870](https://github.com/bitnami/charts/issues/21870)
+
+## <small>14.4.9 (2023-12-29)</small>
+
+* [bitnami/mongodb] set authentication database for backup job (#21419) ([ba5527e](https://github.com/bitnami/charts/commit/ba5527e42df17a98beebf3c481c2d556b8cc5469)), closes [#21419](https://github.com/bitnami/charts/issues/21419)
+
+## <small>14.4.8 (2023-12-27)</small>
+
+* [bitnami/mongodb] Release 14.4.8 updating components versions (#21773) ([c9319ea](https://github.com/bitnami/charts/commit/c9319ea12d95cd1e889ae42185f18d90af7e261a)), closes [#21773](https://github.com/bitnami/charts/issues/21773)
+
+## <small>14.4.7 (2023-12-26)</small>
+
+* [bitnami/mongodb] fix: Use correct values in cronjob.annotations (#21717) ([3f38e0a](https://github.com/bitnami/charts/commit/3f38e0ac93506c808da87ae586201adcfdd2efd6)), closes [#21717](https://github.com/bitnami/charts/issues/21717)
+
+## <small>14.4.6 (2023-12-22)</small>
+
+* [bitnami/mongodb] Release 14.4.6 updating components versions (#21737) ([f139cef](https://github.com/bitnami/charts/commit/f139cef6e98ea45561a949829825c2c72af4f01d)), closes [#21737](https://github.com/bitnami/charts/issues/21737)
+
+## <small>14.4.5 (2023-12-21)</small>
+
+* [bitnami/mongodb] ServiceBinding to consider existing secret while upgrading (#21648) ([eb08954](https://github.com/bitnami/charts/commit/eb089544f9bf06246f091f572c54f9e037c66324)), closes [#21648](https://github.com/bitnami/charts/issues/21648)
+
+## <small>14.4.4 (2023-12-21)</small>
+
+* [bitnami/mongodb] Pod security context doesn't apply to cronjobs (#21705) ([360b322](https://github.com/bitnami/charts/commit/360b322bfb5b5cd7f9705e81e8a6540921d7ebb3)), closes [#21705](https://github.com/bitnami/charts/issues/21705)
+
+## <small>14.4.3 (2023-12-18)</small>
+
+* [bitnami/mongodb] remove securityContext.enabled from cronjob template (#21514) ([2521131](https://github.com/bitnami/charts/commit/25211319489a3dc1591205f2c7699936f45985e8)), closes [#21514](https://github.com/bitnami/charts/issues/21514)
+
+## <small>14.4.2 (2023-12-07)</small>
+
+* [bitnami/mongodb] Release 14.4.2 updating components versions (#21473) ([dd3be27](https://github.com/bitnami/charts/commit/dd3be2785b903db0e8307ed707116914589208e4)), closes [#21473](https://github.com/bitnami/charts/issues/21473)
+
+## <small>14.4.1 (2023-12-05)</small>
+
+* [bitnami/mongodb] fix: metric and reolicaset script issues with tls and mtls (#21383) ([2573f2b](https://github.com/bitnami/charts/commit/2573f2bebf49522f9f4c0fe62496e6c56c90e1f9)), closes [#21383](https://github.com/bitnami/charts/issues/21383)
+
+## 14.4.0 (2023-12-04)
+
+* [bitnami/mongodb]  feat: add node configuration (#21343) ([647cb1f](https://github.com/bitnami/charts/commit/647cb1f1fefef626755c33bcc9ad817911d3967d)), closes [#21343](https://github.com/bitnami/charts/issues/21343)
+
+## <small>14.3.2 (2023-11-27)</small>
+
+* [bitnami/mongodb] Release 14.3.2 updating components versions (#21274) ([53a45b3](https://github.com/bitnami/charts/commit/53a45b3c0a7791ae380a1cbc406da5efa9aab8a5)), closes [#21274](https://github.com/bitnami/charts/issues/21274)
+
+## <small>14.3.1 (2023-11-22)</small>
+
+* [bitnami/mongodb] Release 14.3.1 updating components versions (#21212) ([bce54b2](https://github.com/bitnami/charts/commit/bce54b2c815ac0ae094f0e1d24d40e52f675e5e3)), closes [#21212](https://github.com/bitnami/charts/issues/21212)
+
+## 14.3.0 (2023-11-20)
+
+* [bitnami/mongodb] Add Persistent Volume Claim Retention Policy to mongodb Statefulsets (#20921) ([7b77bd0](https://github.com/bitnami/charts/commit/7b77bd092be4d0b721f975d344ce9af37fc699cd)), closes [#20921](https://github.com/bitnami/charts/issues/20921)
+
+## <small>14.2.8 (2023-11-17)</small>
+
+* [bitnami/mongodb] Release 14.2.8 updating components versions (#21041) ([186d565](https://github.com/bitnami/charts/commit/186d565d001764f5a881b4d9f0078c76fea27a75)), closes [#21041](https://github.com/bitnami/charts/issues/21041)
+
+## <small>14.2.7 (2023-11-17)</small>
+
+* [bitnami/*] Remove relative links to non-README sections, add verification for that and update TL;DR ([1103633](https://github.com/bitnami/charts/commit/11036334d82df0490aa4abdb591543cab6cf7d7f)), closes [#20967](https://github.com/bitnami/charts/issues/20967)
+* [bitnami/mongodb] Release 14.2.7 updating components versions (#21023) ([4c10f47](https://github.com/bitnami/charts/commit/4c10f478bbdf6cb31ed14bc2cca3fa250c5edf60)), closes [#21023](https://github.com/bitnami/charts/issues/21023)
+
+## <small>14.2.6 (2023-11-14)</small>
+
+* [bitnami/mongodb] Release 14.2.6 updating components versions (#20937) ([6109497](https://github.com/bitnami/charts/commit/610949711d09e5afd870d73123745d82b1f75f8d)), closes [#20937](https://github.com/bitnami/charts/issues/20937)
+
+## <small>14.2.5 (2023-11-10)</small>
+
+* [bitnami/mongodb] Release 14.2.5 updating components versions (#20887) ([56e9f76](https://github.com/bitnami/charts/commit/56e9f7665b8e5c72312a3330c099d41c45b61fb9)), closes [#20887](https://github.com/bitnami/charts/issues/20887)
+
+## <small>14.2.4 (2023-11-09)</small>
+
+* [bitnami/mongodb] Release 14.2.4 updating components versions (#20877) ([89df2e0](https://github.com/bitnami/charts/commit/89df2e09e589d7a7d5546021b958328fbc2d2fb8)), closes [#20877](https://github.com/bitnami/charts/issues/20877)
+
+## <small>14.2.3 (2023-11-09)</small>
+
+* [bitnami/mongodb] Release 14.2.2 updating components versions (#20837) ([41aaf71](https://github.com/bitnami/charts/commit/41aaf71f19ea378eba1cfb7e661047f75288ffa2)), closes [#20837](https://github.com/bitnami/charts/issues/20837)
+* [bitnami/mongodb] Release 14.2.3 updating components versions (#20848) ([5b8cf9f](https://github.com/bitnami/charts/commit/5b8cf9fa6532be1d3b34d213008ecdd82ee513b1)), closes [#20848](https://github.com/bitnami/charts/issues/20848)
+
+## <small>14.2.2 (2023-11-09)</small>
+
+* [bitnami/mongodb] Replace deprecated pull secret partial (#20665) ([7c4ffe3](https://github.com/bitnami/charts/commit/7c4ffe3f1842ae00286bdf4f1eabc75300ae95ac)), closes [#20665](https://github.com/bitnami/charts/issues/20665)
+
+## <small>14.2.1 (2023-11-08)</small>
+
+* [bitnami/mongodb] Release 14.2.1 updating components versions (#20763) ([1f648ea](https://github.com/bitnami/charts/commit/1f648ea9195ca29aba79a27b117a40b199753394)), closes [#20763](https://github.com/bitnami/charts/issues/20763)
+
+## 14.2.0 (2023-11-07)
+
+* feat: Add support for enableServiceLinks on mongodb chart (#20309) ([f896794](https://github.com/bitnami/charts/commit/f8967946a0ca7c48764cbdde3ddcf8c7efb40cd4)), closes [#20309](https://github.com/bitnami/charts/issues/20309)
+
+## <small>14.1.1 (2023-11-06)</small>
+
+* [bitnami/mongodb] feat: Add network policy template into mongodb chart (#20478) ([23e23dc](https://github.com/bitnami/charts/commit/23e23dcd5ae760c740380749fa9ac5bd4fa14d28)), closes [#20478](https://github.com/bitnami/charts/issues/20478)
+
+## 14.1.0 (2023-10-31)
+
+* [bitnami/mongodb] feat: :sparkles: Add support for PSA restricted policy (#20506) ([bdfc03c](https://github.com/bitnami/charts/commit/bdfc03ceaf245e7a3730e0154e2e877bb48d0aa5)), closes [#20506](https://github.com/bitnami/charts/issues/20506)
+
+## <small>14.0.14 (2023-10-27)</small>
+
+* [bitnami/mongodb] Fixed mongodb arbiter configmap (#20452) ([ec0670a](https://github.com/bitnami/charts/commit/ec0670a29aeaa914d6ddd73df72fa9eb8b8817f6)), closes [#20452](https://github.com/bitnami/charts/issues/20452) [#20255](https://github.com/bitnami/charts/issues/20255)
+
+## <small>14.0.13 (2023-10-25)</small>
+
+* [bitnami/*] Rename VMware Application Catalog (#20361) ([3acc734](https://github.com/bitnami/charts/commit/3acc73472beb6fb56c4d99f929061001205bc57e)), closes [#20361](https://github.com/bitnami/charts/issues/20361)
+* [mongo] Add tls.mTLS.enabled flag to disable requiring client certs (#20329) ([8d26cb1](https://github.com/bitnami/charts/commit/8d26cb1c0b9c5d8e08bcd9bd53a0dc142536e00f)), closes [#20329](https://github.com/bitnami/charts/issues/20329)
+
+## <small>14.0.12 (2023-10-20)</small>
+
+* [bitnami/*] Skip image's tag in the README files of the Bitnami Charts (#19841) ([bb9a01b](https://github.com/bitnami/charts/commit/bb9a01b65911c87e48318db922cc05eb42785e42)), closes [#19841](https://github.com/bitnami/charts/issues/19841)
+* [bitnami/*] Standardize documentation (#19835) ([af5f753](https://github.com/bitnami/charts/commit/af5f7530c1bc8c5ded53a6c4f7b8f384ac1804f2)), closes [#19835](https://github.com/bitnami/charts/issues/19835)
+* [bitnami/mongodb] Release 14.0.12 updating components versions (#20342) ([fb7197e](https://github.com/bitnami/charts/commit/fb7197ea20c729734e632054e447e741ab9108aa)), closes [#20342](https://github.com/bitnami/charts/issues/20342)
+
+## <small>14.0.11 (2023-10-19)</small>
+
+* [bitnami/mongodb] whitespace preventing YAML from being parsed (#20219) ([9bc97e1](https://github.com/bitnami/charts/commit/9bc97e10e8e08e49c99534dbc68b872dede0a545)), closes [#20219](https://github.com/bitnami/charts/issues/20219)
+
+## <small>14.0.10 (2023-10-12)</small>
+
+* [bitnami/mongodb] Release 14.0.10 (#20156) ([794e3e5](https://github.com/bitnami/charts/commit/794e3e5d448726fb0a962b576e5743e781b16cc0)), closes [#20156](https://github.com/bitnami/charts/issues/20156)
+
+## <small>14.0.9 (2023-10-10)</small>
+
+* [bitnami/mongodb] Release 14.0.9 (#19960) ([fd0ac02](https://github.com/bitnami/charts/commit/fd0ac028e97d37e275101d81a8151a3c8c80ede5)), closes [#19960](https://github.com/bitnami/charts/issues/19960)
+
+## <small>14.0.8 (2023-10-09)</small>
+
+* [bitnami/mongodb] Release 14.0.8 (#19923) ([76a8524](https://github.com/bitnami/charts/commit/76a85248a29506ea2ef6c3b8a1f32997fa908726)), closes [#19923](https://github.com/bitnami/charts/issues/19923)
+
+## <small>14.0.7 (2023-10-09)</small>
+
+* [bitnami/mongodb] Release 14.0.7 (#19869) ([1c25080](https://github.com/bitnami/charts/commit/1c250803014d66946d0bea861dd717fd86422c85)), closes [#19869](https://github.com/bitnami/charts/issues/19869)
+
+## <small>14.0.6 (2023-10-09)</small>
+
+* [bitnami/*] Update Helm charts prerequisites (#19745) ([eb755dd](https://github.com/bitnami/charts/commit/eb755dd36a4dd3cf6635be8e0598f9a7f4c4a554)), closes [#19745](https://github.com/bitnami/charts/issues/19745)
+* [bitnami/mongodb] Release 14.0.6 (#19858) ([58adca7](https://github.com/bitnami/charts/commit/58adca7a1b37003260c1df7ff006f486783d3cc1)), closes [#19858](https://github.com/bitnami/charts/issues/19858)
+
+## <small>14.0.5 (2023-10-05)</small>
+
+* [bitnami/mongodb] support backups for standalone TLS-enabled instances (#19241) ([63e8c98](https://github.com/bitnami/charts/commit/63e8c9814fbc83dd767066d56ac2034ab57aeb9f)), closes [#19241](https://github.com/bitnami/charts/issues/19241)
+
+## <small>14.0.4 (2023-09-30)</small>
+
+* [bitnami/mongodb] Release 14.0.4 (#19660) ([809d65d](https://github.com/bitnami/charts/commit/809d65dba33be776aae27c62b365e01cdef42182)), closes [#19660](https://github.com/bitnami/charts/issues/19660)
+
+## <small>14.0.3 (2023-09-29)</small>
+
+* [bitnami/mongodb] Use common capabilities for PSP (#19633) ([78f103c](https://github.com/bitnami/charts/commit/78f103c4297c481b6baa14113f375455d5a5c353)), closes [#19633](https://github.com/bitnami/charts/issues/19633)
+
+## <small>14.0.2 (2023-09-27)</small>
+
+* [bitnami/mongodb] Release 14.0.2 (#19576) ([f731aa0](https://github.com/bitnami/charts/commit/f731aa05670ca21225110804261563a85efe71fd)), closes [#19576](https://github.com/bitnami/charts/issues/19576)
+
+## <small>14.0.1 (2023-09-25)</small>
+
+* [bitnami/mongodb] Release 14.0.1 (#19500) ([9c8163f](https://github.com/bitnami/charts/commit/9c8163f83703c8d841dd9f491c5fd9c7775c0cf1)), closes [#19500](https://github.com/bitnami/charts/issues/19500)
+
+## 14.0.0 (2023-09-22)
+
+* [bitnami/mongodb] Release 14.0.0 (#19470) ([2587a91](https://github.com/bitnami/charts/commit/2587a913f1f8ad325870d94673f87ecaf1781098)), closes [#19470](https://github.com/bitnami/charts/issues/19470)
+
+## <small>13.18.5 (2023-09-21)</small>
+
+* [bitnami/mongodb] Release 13.18.5 (#19460) ([5b4515c](https://github.com/bitnami/charts/commit/5b4515c834cca652da2282ad2c393ee8ed7289c5)), closes [#19460](https://github.com/bitnami/charts/issues/19460)
+* Revert "Autogenerate schema files (#19194)" (#19335) ([73d80be](https://github.com/bitnami/charts/commit/73d80be525c88fb4b8a54451a55acd506e337062)), closes [#19194](https://github.com/bitnami/charts/issues/19194) [#19335](https://github.com/bitnami/charts/issues/19335)
+
+## <small>13.18.4 (2023-09-14)</small>
+
+* [bitnami/mongodb] enable backup with auth: {enabled: false} (#19272) ([30b6b64](https://github.com/bitnami/charts/commit/30b6b6491581c52adc9535c366245c70524ee870)), closes [#19272](https://github.com/bitnami/charts/issues/19272)
+
+## <small>13.18.3 (2023-09-14)</small>
+
+* [bitnami/mongodb] Release 13.18.3 (#19271) ([de18b6a](https://github.com/bitnami/charts/commit/de18b6a340bc6657fec1c89262ff482eb30b6125)), closes [#19271](https://github.com/bitnami/charts/issues/19271)
+* Autogenerate schema files (#19194) ([a2c2090](https://github.com/bitnami/charts/commit/a2c2090b5ac97f47b745c8028c6452bf99739772)), closes [#19194](https://github.com/bitnami/charts/issues/19194)
+
+## <small>13.18.2 (2023-09-07)</small>
+
+* [bitnami/mongodb]: Use merge helper (#19082) ([d7ea4e9](https://github.com/bitnami/charts/commit/d7ea4e9f9b5e339b6f26ebe719573a1c974f0289)), closes [#19082](https://github.com/bitnami/charts/issues/19082)
+
+## <small>13.18.1 (2023-08-30)</small>
+
+* [bitnami/mongodb] Release 13.18.1 (#18952) ([7d5b2bf](https://github.com/bitnami/charts/commit/7d5b2bfa97af8f17631dda1e0a14722f23fd64c0)), closes [#18952](https://github.com/bitnami/charts/issues/18952)
+
+## 13.18.0 (2023-08-30)
+
+* [bitnami/mongodb] Add trivial backup option (#17816) ([323d4fb](https://github.com/bitnami/charts/commit/323d4fbba3b26b24678eda017b522dfe71db8451)), closes [#17816](https://github.com/bitnami/charts/issues/17816)
+
+## <small>13.17.2 (2023-08-28)</small>
+
+* [bitnami/mongodb] test: :white_check_mark: Add persistence tests (#18761) ([fc584e9](https://github.com/bitnami/charts/commit/fc584e95e850b9178f3ea93fcb2409a770e7e5cf)), closes [#18761](https://github.com/bitnami/charts/issues/18761)
+
+## <small>13.17.1 (2023-08-25)</small>
+
+* [bitnami/mongodb] Release 13.17.1 (#18863) ([85b3773](https://github.com/bitnami/charts/commit/85b3773c86a26253c7eecfbc0d924cb47b3d95f5)), closes [#18863](https://github.com/bitnami/charts/issues/18863)
+
+## 13.17.0 (2023-08-23)
+
+* [bitnami/mongodb] Support for customizing standard labels (#18350) ([3b23422](https://github.com/bitnami/charts/commit/3b2342203eb84f7e7ca1c21d2c9655747385860a)), closes [#18350](https://github.com/bitnami/charts/issues/18350)
+
+## <small>13.16.4 (2023-08-17)</small>
+
+* [bitnami/mongodb] Release 13.16.4 (#18556) ([d1c4f25](https://github.com/bitnami/charts/commit/d1c4f25b6b0d167b491174e5083a842afb8f6aaf)), closes [#18556](https://github.com/bitnami/charts/issues/18556)
+
+## <small>13.16.3 (2023-08-09)</small>
+
+* Remove duplicated hostAliases from dep/sts (#17831) ([ab48bc8](https://github.com/bitnami/charts/commit/ab48bc8af2da73acd9765651a0db4b286bf25c6b)), closes [#17831](https://github.com/bitnami/charts/issues/17831)
+
+## <small>13.16.2 (2023-07-31)</small>
+
+* [bitnami/mongodb] ServiceBinding secrets for custom users (#17463) ([8257309](https://github.com/bitnami/charts/commit/8257309d02bfbbc2c5352a9567de8a74d1a0c406)), closes [#17463](https://github.com/bitnami/charts/issues/17463)
+
+## <small>13.16.1 (2023-07-26)</small>
+
+* [bitnami/mongodb] Release 13.16.1 (#17929) ([b7bd19a](https://github.com/bitnami/charts/commit/b7bd19af6a1cd38a768f0cf3d56a070787496edd)), closes [#17929](https://github.com/bitnami/charts/issues/17929)
+
+## 13.16.0 (2023-07-18)
+
+* [bitnami/mongodb] Try to seed mongodb with pss-restricted (#17236) ([15d3dcb](https://github.com/bitnami/charts/commit/15d3dcbaa1fd342083d968ed7a0c5b5eaafd22a5)), closes [#17236](https://github.com/bitnami/charts/issues/17236)
+
+## <small>13.15.5 (2023-07-15)</small>
+
+* [bitnami/mongodb] Release 13.15.5 (#17700) ([48ead37](https://github.com/bitnami/charts/commit/48ead37cc70e965cc0fb05a38e04091db6854a35)), closes [#17700](https://github.com/bitnami/charts/issues/17700)
+
+## <small>13.15.4 (2023-07-01)</small>
+
+* [bitnami/mongodb] Release 13.15.4 (#17441) ([9f76ae9](https://github.com/bitnami/charts/commit/9f76ae9767f8a9265f48418344c3918505961470)), closes [#17441](https://github.com/bitnami/charts/issues/17441)
+* Add copyright header (#17300) ([da68be8](https://github.com/bitnami/charts/commit/da68be8e951225133c7dfb572d5101ca3d61c5ae)), closes [#17300](https://github.com/bitnami/charts/issues/17300)
+* Update charts readme (#17217) ([31b3c0a](https://github.com/bitnami/charts/commit/31b3c0afd968ff4429107e34101f7509e6a0e913)), closes [#17217](https://github.com/bitnami/charts/issues/17217)
+
+## <small>13.15.3 (2023-06-20)</small>
+
+* [bitnami/mongodb] Release 13.15.3 (#17229) ([e55ce93](https://github.com/bitnami/charts/commit/e55ce93d2e798dc9cb88983110bdc7a1c0d11208)), closes [#17229](https://github.com/bitnami/charts/issues/17229)
+
+## <small>13.15.2 (2023-06-19)</small>
+
+* [bitnami/*] Change copyright section in READMEs (#17006) ([ef986a1](https://github.com/bitnami/charts/commit/ef986a1605241102b3dcafe9fd8089e6fc1201ad)), closes [#17006](https://github.com/bitnami/charts/issues/17006)
+* [bitnami/several] Change copyright section in READMEs (#16989) ([5b6a5cf](https://github.com/bitnami/charts/commit/5b6a5cfb7625a751848a2e5cd796bd7278f406ca)), closes [#16989](https://github.com/bitnami/charts/issues/16989)
+* [MongoDB] Respecting the MONGODB_ROOT_USER environment variable (#17116) ([9561be7](https://github.com/bitnami/charts/commit/9561be73b8b8b7f92b858a07d3446c31186d292e)), closes [#17116](https://github.com/bitnami/charts/issues/17116)
+
+## <small>13.15.1 (2023-05-25)</small>
+
+* [bitnami/mongodb] Avoid hostname validation with TLS enabled (#16670) ([2a1621f](https://github.com/bitnami/charts/commit/2a1621fa460e426323667a86add0121b8785f043)), closes [#16670](https://github.com/bitnami/charts/issues/16670)
+
+## 13.15.0 (2023-05-24)
+
+* [bitnami/mongodb] Support specifying external master host to bootstra… (#16853) ([358ca64](https://github.com/bitnami/charts/commit/358ca646a20a7af6bd892802dd4caeb186cfdc46)), closes [#16853](https://github.com/bitnami/charts/issues/16853)
+
+## <small>13.14.2 (2023-05-24)</small>
+
+* Add apiVersion and kind in volumeClaimTemplates (#16877) ([5193124](https://github.com/bitnami/charts/commit/5193124c548339aed506b17496eb27c0acf7fe27)), closes [#16877](https://github.com/bitnami/charts/issues/16877)
+
+## <small>13.14.1 (2023-05-22)</small>
+
+* [bitnami/mongodb] Ensuring the .Values.auth.rootUser is used everywhere (#16849) ([99ebd2b](https://github.com/bitnami/charts/commit/99ebd2b762966c3fc2cdc0dfa8dff18f8e5b6854)), closes [#16849](https://github.com/bitnami/charts/issues/16849)
+
+## 13.14.0 (2023-05-22)
+
+* [bitnami/mongodb] Adding tls.pemChainIncluded value to support wider range of TLS certificates (#167 ([5c2b7b9](https://github.com/bitnami/charts/commit/5c2b7b9a6fbeba6859d08fb7ea7bd368e799a0b4)), closes [#16731](https://github.com/bitnami/charts/issues/16731)
+
+## <small>13.13.1 (2023-05-21)</small>
+
+* [bitnami/mongodb] Release 13.13.1 (#16812) ([a013246](https://github.com/bitnami/charts/commit/a013246952c25b6104a392ceea59c20916bb54f4)), closes [#16812](https://github.com/bitnami/charts/issues/16812)
+
+## 13.13.0 (2023-05-17)
+
+* Adding extra volume mounts to the metrics container (#16698) ([4b993f5](https://github.com/bitnami/charts/commit/4b993f5045a64732a78095ab4a4fe5ba505471b3)), closes [#16698](https://github.com/bitnami/charts/issues/16698)
+
+## <small>13.12.1 (2023-05-12)</small>
+
+* [bitnami/mongodb] Release 13.12.1 (#16624) ([9d8d279](https://github.com/bitnami/charts/commit/9d8d2798284c4fd13c993bcf896805b874f69815)), closes [#16624](https://github.com/bitnami/charts/issues/16624)
+
+## 13.12.0 (2023-05-12)
+
+* [bitnami/mongodb] Handle mongodb-exporter arguments with chart values (#16398) ([eb37a81](https://github.com/bitnami/charts/commit/eb37a81b05bf1550dd504ced8f2cbb2e9c5359ea)), closes [#16398](https://github.com/bitnami/charts/issues/16398)
+* Add wording for enterprise page (#16560) ([8f22774](https://github.com/bitnami/charts/commit/8f2277440b976d52785ba9149762ad8620a73d1f)), closes [#16560](https://github.com/bitnami/charts/issues/16560)
+
+## 13.11.0 (2023-05-09)
+
+* [bitnami/several] Adapt Chart.yaml to set desired OCI annotations (#16546) ([fc9b18f](https://github.com/bitnami/charts/commit/fc9b18f2e98805d4df629acbcde696f44f973344)), closes [#16546](https://github.com/bitnami/charts/issues/16546)
+
+## <small>13.10.3 (2023-05-09)</small>
+
+* [bitnami/mongodb] Release 13.10.3 (#16476) ([0ed1163](https://github.com/bitnami/charts/commit/0ed116385f9784b79908a3f90001fd07b4743b69)), closes [#16476](https://github.com/bitnami/charts/issues/16476)
+
+## <small>13.10.2 (2023-05-01)</small>
+
+* [bitnami/mongodb] Release 13.10.2 (#16315) ([cdb385d](https://github.com/bitnami/charts/commit/cdb385d5cd5024b4dc0747c349bfd9549b4c483c)), closes [#16315](https://github.com/bitnami/charts/issues/16315)
+
+## <small>13.10.1 (2023-04-27)</small>
+
+* [bitnami/mongodb] Use username as key in the Service Binding secret (#16251) ([c678dc6](https://github.com/bitnami/charts/commit/c678dc6eb98263312c57f12b67c487a1f364ef4d)), closes [#16251](https://github.com/bitnami/charts/issues/16251)
+
+## 13.10.0 (2023-04-20)
+
+* [bitnami/*] Make Helm charts 100% OCI (#15998) ([8841510](https://github.com/bitnami/charts/commit/884151035efcbf2e1b3206e7def85511073fb57d)), closes [#15998](https://github.com/bitnami/charts/issues/15998)
+
+## <small>13.9.4 (2023-04-01)</small>
+
+* [bitnami/mongodb] Release 13.9.4 (#15908) ([5b63b06](https://github.com/bitnami/charts/commit/5b63b064599b3fb38963adb33c3956947d8c7f54)), closes [#15908](https://github.com/bitnami/charts/issues/15908)
+
+## <small>13.9.3 (2023-03-24)</small>
+
+* [bitnami/mongodb] Change static DNS entry to clusterDomain variable (#15682) ([e19b3e7](https://github.com/bitnami/charts/commit/e19b3e7729e8bb64976678ca8eabb7c6349c19d2)), closes [#15682](https://github.com/bitnami/charts/issues/15682)
+
+## <small>13.9.2 (2023-03-20)</small>
+
+* [bitnami/mongodb] Release 13.9.2 (#15631) ([1b595d8](https://github.com/bitnami/charts/commit/1b595d8c95085fd820caa59846de9d35cc4deb85)), closes [#15631](https://github.com/bitnami/charts/issues/15631)
+
+## <small>13.9.1 (2023-03-13)</small>
+
+* [bitnami/mongodb] Release 13.9.1 (#15484) ([628590f](https://github.com/bitnami/charts/commit/628590fdb92e92b9dee42d1e60b144be021323be)), closes [#15484](https://github.com/bitnami/charts/issues/15484)
+
+## 13.9.0 (2023-03-10)
+
+* [bitnami/mongodb] Add support for service.headless.annotations (#15435) ([d511822](https://github.com/bitnami/charts/commit/d511822ab3e5486b4d995aa410d313dfb65458f5)), closes [#15435](https://github.com/bitnami/charts/issues/15435)
+
+## <small>13.8.3 (2023-03-08)</small>
+
+* [bitnami/charts] Apply linter to README files (#15357) ([0e29e60](https://github.com/bitnami/charts/commit/0e29e600d3adc8b1b46e506eccb3decfab3b4e63)), closes [#15357](https://github.com/bitnami/charts/issues/15357)
+* [bitnami/mongodb] Fix chart upgrade when auth.enable=false (#15387) ([782da45](https://github.com/bitnami/charts/commit/782da457b2c73f23441e3f05a5e06944677151bc)), closes [#15387](https://github.com/bitnami/charts/issues/15387)
+* fix(mongodb): fixing doc comment (#15090) ([cfe5b42](https://github.com/bitnami/charts/commit/cfe5b42dba8e0224c98e910e021ec807e009d2ff)), closes [#15090](https://github.com/bitnami/charts/issues/15090)
+
+## <small>13.8.2 (2023-03-01)</small>
+
+* [bitnami/mongodb] Release 13.8.2 (#15216) ([8a916c3](https://github.com/bitnami/charts/commit/8a916c3a8e2bb98d127c0534d896ec1784cd6f1e)), closes [#15216](https://github.com/bitnami/charts/issues/15216)
+
+## <small>13.8.1 (2023-02-22)</small>
+
+* [bitnami/mongodb] fix variable assignment preventing certificate generation (#15079) ([95873be](https://github.com/bitnami/charts/commit/95873becd9afd7cbb346948c12e9f32b0477002c)), closes [#15079](https://github.com/bitnami/charts/issues/15079)
+
+## 13.8.0 (2023-02-22)
+
+* [bitnami/mongodb] Added `allocateLoadBalancerNodePorts` option for LoadBalancer (#14919) ([d103602](https://github.com/bitnami/charts/commit/d103602c85d2979d031df94539b1fcbe667db211)), closes [#14919](https://github.com/bitnami/charts/issues/14919)
+
+## 13.7.0 (2023-02-21)
+
+* [bitnami/mongodb] feat: :sparkles: Add ServiceBinding-compatible secrets (#14910) ([6bc7961](https://github.com/bitnami/charts/commit/6bc7961f5027bb17a949c69c0e16bdd686a13745)), closes [#14910](https://github.com/bitnami/charts/issues/14910) [#14887](https://github.com/bitnami/charts/issues/14887)
+
+## <small>13.6.8 (2023-02-20)</small>
+
+* [bitnami/*] Fix markdown linter issues (#14874) ([a51e0e8](https://github.com/bitnami/charts/commit/a51e0e8d35495b907f3e70dd2f8e7c3bcbf4166a)), closes [#14874](https://github.com/bitnami/charts/issues/14874)
+* [bitnami/*] Fix markdown linter issues 2 (#14890) ([aa96572](https://github.com/bitnami/charts/commit/aa9657237ee8df4a46db0d7fdf8a23230dd6902a)), closes [#14890](https://github.com/bitnami/charts/issues/14890)
+* [bitnami/mongodb] Don't regenerate self-signed certs on upgrade (#14642) ([d481e84](https://github.com/bitnami/charts/commit/d481e84e895daaadc936c99465e7f19787f0054f)), closes [#14642](https://github.com/bitnami/charts/issues/14642)
+* [bitnami/mongodb] Release 13.6.8 (#15005) ([f7ea17f](https://github.com/bitnami/charts/commit/f7ea17f77274fb8592646c2f0233a6bf462e8361)), closes [#15005](https://github.com/bitnami/charts/issues/15005)
+
+## <small>13.6.7 (2023-01-31)</small>
+
+* [bitnami/*] Change copyright date (#14682) ([add4ec7](https://github.com/bitnami/charts/commit/add4ec701108ac36ed4de2dffbdf407a0d091067)), closes [#14682](https://github.com/bitnami/charts/issues/14682)
+* [bitnami/mongodb] Change endpoint for metrics liveness and readiness probes (#14573) ([68039b1](https://github.com/bitnami/charts/commit/68039b19040391c445c8b4112a9b9514a148c89b)), closes [#14573](https://github.com/bitnami/charts/issues/14573) [bitnami/charts#14466](https://github.com/bitnami/charts/issues/14466)
+
+## <small>13.6.6 (2023-01-25)</small>
+
+* [bitnami/mongodb] Increase timeout for probes (#14539) ([f64c2cc](https://github.com/bitnami/charts/commit/f64c2ccfb102046874226b909dd4ae620e08f10e)), closes [#14539](https://github.com/bitnami/charts/issues/14539)
+
+## <small>13.6.5 (2023-01-25)</small>
+
+* [bitnami/*] Unify READMEs (#14472) ([2064fb8](https://github.com/bitnami/charts/commit/2064fb8dcc78a845cdede8211af8c3cc52551161)), closes [#14472](https://github.com/bitnami/charts/issues/14472)
+* [bitnami/mongodb] Fix service.nameOverride and TLS certificate generation in standalone mode (#14424 ([aa4d948](https://github.com/bitnami/charts/commit/aa4d9484167515142b28ec1d3ede5a63a51f3f6c)), closes [#14424](https://github.com/bitnami/charts/issues/14424)
+
+## <small>13.6.4 (2023-01-19)</small>
+
+* [bitnami/*] Change licenses annotation format (#14377) ([0ab7608](https://github.com/bitnami/charts/commit/0ab760862c660fcc78cffadf8e1d8cdd70881473)), closes [#14377](https://github.com/bitnami/charts/issues/14377)
+* [bitnami/mongodb] Release 13.6.4 (#14441) ([dffa595](https://github.com/bitnami/charts/commit/dffa595836682ba9fc9ad8daec513d4903cf7d2b)), closes [#14441](https://github.com/bitnami/charts/issues/14441)
+
+## <small>13.6.3 (2023-01-14)</small>
+
+* [bitnami/*] Add license annotation and remove obsolete engine parameter (#14293) ([da2a794](https://github.com/bitnami/charts/commit/da2a7943bae95b6e9b5b4ed972c15e990b69fdb0)), closes [#14293](https://github.com/bitnami/charts/issues/14293)
+* [bitnami/mongodb] Release 13.6.3 (#14355) ([5a71013](https://github.com/bitnami/charts/commit/5a71013c500b5dd87cac5691f1a7e864569220e4)), closes [#14355](https://github.com/bitnami/charts/issues/14355)
+
+## <small>13.6.2 (2022-12-21)</small>
+
+* [bitnami/mongodb] Set dynamic port on mongodb-exporter uri (#14041) ([3c04e9a](https://github.com/bitnami/charts/commit/3c04e9a8adb5d45b76860894b5f66533e1986cff)), closes [#14041](https://github.com/bitnami/charts/issues/14041)
+
+## <small>13.6.1 (2022-12-15)</small>
+
+* [bitnami/mongodb] Release 13.6.1 (#13967) ([03ad0ec](https://github.com/bitnami/charts/commit/03ad0ec16c11ade4aa59f6d4fa01a003ea50009b)), closes [#13967](https://github.com/bitnami/charts/issues/13967)
+
+## 13.6.0 (2022-12-07)
+
+* [bitnami/mongodb] topology override option (#13694) ([c5df4d6](https://github.com/bitnami/charts/commit/c5df4d6b03fec1f6027d2586301a62ddf06c4f64)), closes [#13694](https://github.com/bitnami/charts/issues/13694)
+
+## 13.5.0 (2022-11-21)
+
+* [bitnami/mongodb] Add support for envvars in tls.extraDnsNames (#13558) ([59a316b](https://github.com/bitnami/charts/commit/59a316bce3d3bb4f9366183912dbb9dab518c376)), closes [#13558](https://github.com/bitnami/charts/issues/13558)
+
+## <small>13.4.4 (2022-11-15)</small>
+
+* [bitnami/mongodb] stop overwriting custom env variable MONGODB_ADVERTISED_PORT_NUMBER (#13276) ([ded7c3d](https://github.com/bitnami/charts/commit/ded7c3d42616915546ad25e639645f608e555e08)), closes [#13276](https://github.com/bitnami/charts/issues/13276)
+
+## <small>13.4.3 (2022-11-15)</small>
+
+* [bitnami/mongodb] Release 13.4.3 (#13518) ([fb9307b](https://github.com/bitnami/charts/commit/fb9307bb5862791737983973f3a7edf681f1042f)), closes [#13518](https://github.com/bitnami/charts/issues/13518)
+
+## <small>13.4.2 (2022-11-14)</small>
+
+* [bitnami/mongodb] Add commonLabels also to pods: replicaset, arbiter, hidden (#13501) ([6b3cca2](https://github.com/bitnami/charts/commit/6b3cca2863fed3eee51797a7e6b9165246e818b0)), closes [#13501](https://github.com/bitnami/charts/issues/13501)
+
+## <small>13.4.1 (2022-11-03)</small>
+
+* [bitnami/mongodb] Add loadBalancerClass options - fix typo (#13331) ([b3acaf0](https://github.com/bitnami/charts/commit/b3acaf02fd97acd89ede4dbc7e848046317d6e9d)), closes [#13331](https://github.com/bitnami/charts/issues/13331)
+
+## 13.4.0 (2022-11-02)
+
+* [bitnami/mongodb] Update common-scripts-cm.yaml (#13131) ([bcecde7](https://github.com/bitnami/charts/commit/bcecde74ff9740da875270dbbbc8fc1bc20f8f7f)), closes [#13131](https://github.com/bitnami/charts/issues/13131)
+
+## <small>13.3.1 (2022-10-30)</small>
+
+* [bitnami/mongodb] Release 13.3.1 (#13253) ([9f9f9ab](https://github.com/bitnami/charts/commit/9f9f9ab52aa8b0521e0808e71b5e4e32aa6041a1)), closes [#13253](https://github.com/bitnami/charts/issues/13253)
+
+## 13.3.0 (2022-10-24)
+
+* [bitnami/mongodb] Mongodb custom certs (#11239) ([c8e80b7](https://github.com/bitnami/charts/commit/c8e80b703827ec9b9a3b437e30c8aae50d0626b8)), closes [#11239](https://github.com/bitnami/charts/issues/11239)
+
+## 13.2.0 (2022-10-24)
+
+* [bitnami/*] Use new default branch name in links (#12943) ([a529e02](https://github.com/bitnami/charts/commit/a529e02597d49d944eba1eb0f190713293247176)), closes [#12943](https://github.com/bitnami/charts/issues/12943)
+* [bitnami/mongodb] Add loadBalancerClass options (#13092) ([6d9c603](https://github.com/bitnami/charts/commit/6d9c603c703c018edbaa00cb5988778087b16616)), closes [#13092](https://github.com/bitnami/charts/issues/13092)
+* Generic README instructions related to the repo (#12792) ([3cf6b10](https://github.com/bitnami/charts/commit/3cf6b10e10e60df4b3e191d6b99aa99a9f597755)), closes [#12792](https://github.com/bitnami/charts/issues/12792)
+
+## <small>13.1.7 (2022-09-30)</small>
+
+* [bitnami/mongodb] Release 13.1.7 (#12765) ([d346d01](https://github.com/bitnami/charts/commit/d346d01e92ccf7d760a4d65549345cf3ad8cbb20)), closes [#12765](https://github.com/bitnami/charts/issues/12765)
+
+## <small>13.1.6 (2022-09-29)</small>
+
+* [bitnami/mongodb] Release 13.1.6 (#12734) ([4e4907f](https://github.com/bitnami/charts/commit/4e4907f5fb6d660dd4db41e95041a662effeedde)), closes [#12734](https://github.com/bitnami/charts/issues/12734)
+
+## <small>13.1.5 (2022-09-20)</small>
+
+* [bitnami/mongodb] Use custom probes if given (#12528) ([e4eab8c](https://github.com/bitnami/charts/commit/e4eab8c2489eada73a106531283b5bfc49f88712)), closes [#12528](https://github.com/bitnami/charts/issues/12528) [#12354](https://github.com/bitnami/charts/issues/12354)
+
+## <small>13.1.4 (2022-09-18)</small>
+
+* [bitnami/mongodb] Release 13.1.4 (#12475) ([239e06b](https://github.com/bitnami/charts/commit/239e06b06315014c9342ca2c45e071bfd4f5af20)), closes [#12475](https://github.com/bitnami/charts/issues/12475)
+
+## <small>13.1.3 (2022-09-14)</small>
+
+* issue 12411 (#12415) ([5d31922](https://github.com/bitnami/charts/commit/5d3192203cd191479671db4f6568fd7d5c4bd388)), closes [#12415](https://github.com/bitnami/charts/issues/12415)
+
+## <small>13.1.2 (2022-08-26)</small>
+
+* [bitnami/mongodb] Fix probes when url connection contains 'true' (#12133) ([39df1e7](https://github.com/bitnami/charts/commit/39df1e709fea983e95c87876d8dd2af165cdfb1e)), closes [#12133](https://github.com/bitnami/charts/issues/12133)
+
+## <small>13.1.1 (2022-08-23)</small>
+
+* [bitnami/mongodb] Update Chart.lock (#12043) ([2c3548d](https://github.com/bitnami/charts/commit/2c3548d921f82da695160c09891d6f6241ac6765)), closes [#12043](https://github.com/bitnami/charts/issues/12043)
+
+## 13.1.0 (2022-08-22)
+
+* [bitnami/mongodb] Add support for image digest apart from tag (#11914) ([fa34484](https://github.com/bitnami/charts/commit/fa3448449254efa052da1f7093549a3540cfbf90)), closes [#11914](https://github.com/bitnami/charts/issues/11914)
+
+## <small>13.0.2 (2022-08-19)</small>
+
+* [bitnami/mongodb] Release 13.0.2 (#11861) ([5532749](https://github.com/bitnami/charts/commit/5532749be271089b45366052a78342735b864081)), closes [#11861](https://github.com/bitnami/charts/issues/11861)
+
+## <small>13.0.1 (2022-08-16)</small>
+
+* [bitnami/mongodb] Release 13.0.1 (#11776) ([1a6248b](https://github.com/bitnami/charts/commit/1a6248b9368b6b1dccd96d9baa1f4657a1a17b54)), closes [#11776](https://github.com/bitnami/charts/issues/11776)
+
+## 13.0.0 (2022-08-04)
+
+* [bitnami/mongodb] Release 13.0.0 (#11586) ([ac90a7b](https://github.com/bitnami/charts/commit/ac90a7b2d8f8f86091ad1293f0f09c09fccbced5)), closes [#11586](https://github.com/bitnami/charts/issues/11586)
+
+## <small>12.1.31 (2022-08-03)</small>
+
+* [bitnami/mongodb] Release 12.1.31 (#11538) ([5c35513](https://github.com/bitnami/charts/commit/5c35513abddcf4bcab9b9b071f2fc9f905f78a28)), closes [#11538](https://github.com/bitnami/charts/issues/11538)
+
+## <small>12.1.30 (2022-07-28)</small>
+
+* Change metrics endpoint for liveness and readiness probes (#11398) ([7a73c44](https://github.com/bitnami/charts/commit/7a73c441ad9560af8601c397085ff0332a89a9c2)), closes [#11398](https://github.com/bitnami/charts/issues/11398)
+
+## <small>12.1.29 (2022-07-27)</small>
+
+* [bitnami/mongodb] Release 12.1.29 (#11393) ([fb5a4ce](https://github.com/bitnami/charts/commit/fb5a4ce87625879a12d8e2f7a0d46c08060ef756)), closes [#11393](https://github.com/bitnami/charts/issues/11393)
+
+## <small>12.1.28 (2022-07-27)</small>
+
+* [bitnami/*] Update URLs to point to the new bitnami/containers monorepo (#11352) ([d665af0](https://github.com/bitnami/charts/commit/d665af0c708846192d8d5fb2f5f9ea65dd464ab0)), closes [#11352](https://github.com/bitnami/charts/issues/11352)
+* [bitnami/mongodb] Release 12.1.28 (#11362) ([f527284](https://github.com/bitnami/charts/commit/f5272840eaa0c6693978595ad44bdba95490c5db)), closes [#11362](https://github.com/bitnami/charts/issues/11362)
+
+## <small>12.1.27 (2022-07-19)</small>
+
+* [bitnami/mongodb] Release 12.1.27 (#11252) ([b451ec1](https://github.com/bitnami/charts/commit/b451ec12def686142582e3bc4e03dea003803de7)), closes [#11252](https://github.com/bitnami/charts/issues/11252)
+
+## <small>12.1.26 (2022-07-12)</small>
+
+* [bitnami/mongodb] Fix commonAnnotations when working with external access svc (#11128) ([fa8694f](https://github.com/bitnami/charts/commit/fa8694f8aff028b3c635474e5b6fd64c58b05f0f)), closes [#11128](https://github.com/bitnami/charts/issues/11128)
+
+## <small>12.1.25 (2022-07-09)</small>
+
+* [bitnami/mongodb] Release 12.1.25 (#11104) ([b8e2d20](https://github.com/bitnami/charts/commit/b8e2d2026a624413d58917ea6780571a933e8162)), closes [#11104](https://github.com/bitnami/charts/issues/11104)
+
+## <small>12.1.24 (2022-07-05)</small>
+
+* [bitnami/mongodb] Release 12.1.24 (#11034) ([8a34239](https://github.com/bitnami/charts/commit/8a34239e7a76770868ddddf7b10bf91900cd0924)), closes [#11034](https://github.com/bitnami/charts/issues/11034)
+
+## <small>12.1.23 (2022-07-04)</small>
+
+* [bitnami/mongodb] Release 12.1.23 (#11017) ([416904a](https://github.com/bitnami/charts/commit/416904a57e9e86a259c0c1e5dedfabc8cb23e306)), closes [#11017](https://github.com/bitnami/charts/issues/11017)
+
+## <small>12.1.22 (2022-06-30)</small>
+
+* [bitnami/mongodb] Release 12.1.22 (#10966) ([d707550](https://github.com/bitnami/charts/commit/d70755028cf2c85847b8524b77835172849796d9)), closes [#10966](https://github.com/bitnami/charts/issues/10966)
+
+## <small>12.1.21 (2022-06-27)</small>
+
+* [bitnami/mongodb] Readiness Probe bug fix (#10865) ([b34a09f](https://github.com/bitnami/charts/commit/b34a09f62f70457a950952e5ee08c3e92b0a4acb)), closes [#10865](https://github.com/bitnami/charts/issues/10865)
+
+## <small>12.1.20 (2022-06-15)</small>
+
+* [bitnami/mongodb] Release 12.1.20 (#10768) ([9e2d3cc](https://github.com/bitnami/charts/commit/9e2d3cc39d1f4bf5b4c930af47822eecd789f178)), closes [#10768](https://github.com/bitnami/charts/issues/10768)
+
+## <small>12.1.19 (2022-06-08)</small>
+
+* [bitnami/mongodb] Release 12.1.19 (#10660) ([093d55f](https://github.com/bitnami/charts/commit/093d55f1ec11138857ec1b3aa32f7e4d19a32c1d)), closes [#10660](https://github.com/bitnami/charts/issues/10660)
+
+## <small>12.1.18 (2022-06-08)</small>
+
+* [bitnami/*] Replace Kubeapps URL in READMEs (and kubeapps Chart.yaml) and remove BKPR references (#1 ([c6a7914](https://github.com/bitnami/charts/commit/c6a7914361e5aea6016fb45bf4d621edfd111d32)), closes [#10600](https://github.com/bitnami/charts/issues/10600)
+* [bitnami/mongodb] - Fixing mongdb certificate generation issue when external access is enabled - #10 ([99119c0](https://github.com/bitnami/charts/commit/99119c04fc7642858bd3803517b01c732758822b)), closes [#10262](https://github.com/bitnami/charts/issues/10262) [#10513](https://github.com/bitnami/charts/issues/10513) [#10262](https://github.com/bitnami/charts/issues/10262) [bitnami#10262](https://github.com/bitnami/issues/10262) [bitnami#10262](https://github.com/bitnami/issues/10262)
+
+## <small>12.1.17 (2022-06-06)</small>
+
+* [bitnami/mongodb] Fix wrongly named mongodb secret key 'mongodb-passwords' (#10546) ([56a2b5d](https://github.com/bitnami/charts/commit/56a2b5dc53143a6ead1878963dcb330251547628)), closes [#10546](https://github.com/bitnami/charts/issues/10546)
+
+## <small>12.1.16 (2022-06-01)</small>
+
+* [bitnami/several] Replace maintainers email by url (#10523) ([ff3cf61](https://github.com/bitnami/charts/commit/ff3cf617a1680509b0f3855d17c4ccff7b29a0ff)), closes [#10523](https://github.com/bitnami/charts/issues/10523)
+
+## <small>12.1.15 (2022-05-30)</small>
+
+* [bitnami/several] Replace base64 --decode with base64 -d (#10495) ([099286a](https://github.com/bitnami/charts/commit/099286ae7a87784cf809df0b64ab24f7ff0144c8)), closes [#10495](https://github.com/bitnami/charts/issues/10495)
+
+## <small>12.1.14 (2022-05-30)</small>
+
+*   [bitnami/mongodb] Replicaset environment variable typo (#10465) ([ba7ad19](https://github.com/bitnami/charts/commit/ba7ad1926045a783957e37b35416edd7626fc62f)), closes [#10465](https://github.com/bitnami/charts/issues/10465)
+
+## <small>12.1.13 (2022-05-27)</small>
+
+* [bitnami/mongodb] enabled mdb all collectors (#10445) ([c7a8543](https://github.com/bitnami/charts/commit/c7a854308cb0a53ad0b73b96bf57a963ebb9c3ca)), closes [#10445](https://github.com/bitnami/charts/issues/10445)
+
+## <small>12.1.12 (2022-05-26)</small>
+
+* [bitnami/mongodb] Release 12.1.12 updating components versions ([bb711e3](https://github.com/bitnami/charts/commit/bb711e34ca5685e4b5723bb3d85adb04e3ac2cd0))
+
+## <small>12.1.11 (2022-05-23)</small>
+
+* Fixes #10300 Signed-off-by: Jonathan Weber <mail@jonathanweber.de> (#10302) ([627b9c4](https://github.com/bitnami/charts/commit/627b9c4240f48c8cd84097d8d4fa8410c35cbbe6)), closes [#10300](https://github.com/bitnami/charts/issues/10300) [#10302](https://github.com/bitnami/charts/issues/10302)
+
+## <small>12.1.10 (2022-05-21)</small>
+
+* [bitnami/mongodb] Release 12.1.10 updating components versions ([3dd8685](https://github.com/bitnami/charts/commit/3dd8685ebb935dde27fa7746bab4fb343c52cdae))
+
+## <small>12.1.9 (2022-05-20)</small>
+
+* [bitnami/mongodb] Use deepCopy in "common.secrets.passwords.manage" call  (#10319) ([a3ccd0e](https://github.com/bitnami/charts/commit/a3ccd0eef75ed55f94904f2113d4128662ffb546)), closes [#10319](https://github.com/bitnami/charts/issues/10319)
+
+## <small>12.1.8 (2022-05-19)</small>
+
+* [bitnami/mongodb] Release 12.1.8 updating components versions ([a836a36](https://github.com/bitnami/charts/commit/a836a36a33572a41ef4e54287ad87b251c84ba8d))
+
+## <small>12.1.7 (2022-05-18)</small>
+
+* [bitnami/mongodb] remove unnecessary merge call (#10308) ([a40fee8](https://github.com/bitnami/charts/commit/a40fee8dd4059dfaedfcb0796e51127f99967008)), closes [#10308](https://github.com/bitnami/charts/issues/10308)
+
+## <small>12.1.6 (2022-05-18)</small>
+
+* [bitnami/mongodb] Release 12.1.6 updating components versions ([ea71483](https://github.com/bitnami/charts/commit/ea71483c960a8823c539f92085dfd4bded021668))
+
+## <small>12.1.5 (2022-05-13)</small>
+
+* [bitnami/mongodb] Fix incorrect SAN field for MongoDB TLS certs (#10220) ([187af92](https://github.com/bitnami/charts/commit/187af92cedd0f1e92beabb4abf624113c3077ae3)), closes [#10220](https://github.com/bitnami/charts/issues/10220)
+
+## <small>12.1.4 (2022-05-13)</small>
+
+* [bitnami/*] Remove old 'ci' files (#10171) ([5df30c4](https://github.com/bitnami/charts/commit/5df30c44dbd1812da8786579ce4a94917d46a6ad)), closes [#10171](https://github.com/bitnami/charts/issues/10171)
+* [bitnami/*] Unify k8s directives separators (#10185) ([2650214](https://github.com/bitnami/charts/commit/26502141d146ca3bdfb3bf744fcdec8ca5cece44)), closes [#10185](https://github.com/bitnami/charts/issues/10185)
+
+## <small>12.1.3 (2022-05-11)</small>
+
+* [bitnami/mongodb] Add missing namespace metadata (#10141) ([dcda6af](https://github.com/bitnami/charts/commit/dcda6af36bf65b1e8c4f48c4b9fe5e6385bbe82c)), closes [#10141](https://github.com/bitnami/charts/issues/10141)
+
+## <small>12.1.2 (2022-05-10)</small>
+
+* [bitnami/mongodb] Fix metrics containerPort when using standalone (#10084) ([cf8deb1](https://github.com/bitnami/charts/commit/cf8deb12a1cbc50bd3faaafee77c5912ab951cbd)), closes [#10084](https://github.com/bitnami/charts/issues/10084)
+
+## <small>12.1.1 (2022-05-09)</small>
+
+* [bitnami/mongodb] Remove unnecessary logic around externalAccess.service.nodePorts (#10079) ([36749d7](https://github.com/bitnami/charts/commit/36749d7f3213c77440d5c5c06146b077aca36f33)), closes [#10079](https://github.com/bitnami/charts/issues/10079)
+
+## 12.1.0 (2022-05-05)
+
+* [bitnami/mongodb] Allow custom command and args in the metrics container (#10030) ([bdefd11](https://github.com/bitnami/charts/commit/bdefd1129a288f23d6d53ba8b33fc2b72943373b)), closes [#10030](https://github.com/bitnami/charts/issues/10030)
+
+## <small>12.0.2 (2022-05-03)</small>
+
+* bitnami/mongodb adding generate-tls-certs resource block (#10011) ([2712205](https://github.com/bitnami/charts/commit/27122053639af7d3320278db47d8968df6aa68c2)), closes [#10011](https://github.com/bitnami/charts/issues/10011)
+
+## <small>12.0.1 (2022-04-29)</small>
+
+* [bitnami/mongodb] Release 12.0.1 updating components versions ([6a8c5a5](https://github.com/bitnami/charts/commit/6a8c5a54b1c2517a06a38bec790fae38b3a87f50))
+
+## 12.0.0 (2022-04-29)
+
+* [bitnami/mongodb] Standarize mongodb (#9648) ([fdd8b69](https://github.com/bitnami/charts/commit/fdd8b691290c8f039d192a2b7c6f87706e7c2390)), closes [#9648](https://github.com/bitnami/charts/issues/9648)
+
+## 11.2.0 (2022-04-26)
+
+* [bitnami/mongodb] feat: :wastebasket: Remove mongo references (#9916) ([f126710](https://github.com/bitnami/charts/commit/f1267104df0dd5900be7629c2ad6dbf90655fbc9)), closes [#9916](https://github.com/bitnami/charts/issues/9916)
+
+## <small>11.1.10 (2022-04-22)</small>
+
+* [bitnami/mongodb] Fix Prometheus Rules (#9870) ([534be04](https://github.com/bitnami/charts/commit/534be04d03e115315d55ad53a548416decadb2d1)), closes [#9870](https://github.com/bitnami/charts/issues/9870)
+* [bitnami/mongodb] Release 11.1.10 updating components versions ([8fec889](https://github.com/bitnami/charts/commit/8fec88993c56557f04859fb628da252136b8a6b2))
+
+## <small>11.1.9 (2022-04-21)</small>
+
+* [bitnami/mongodb] Release 11.1.9 updating components versions ([355616f](https://github.com/bitnami/charts/commit/355616f383a1caa8907d5ee300688c67491b2e97))
+
+## <small>11.1.8 (2022-04-20)</small>
+
+* [bitnami/mongodb] Release 11.1.8 updating components versions ([c10d34c](https://github.com/bitnami/charts/commit/c10d34c9b10aad6dd8672321e6e5cf49c3fb5356))
+
+## <small>11.1.7 (2022-04-19)</small>
+
+* [bitnami/mongodb] Release 11.1.7 updating components versions ([21a6772](https://github.com/bitnami/charts/commit/21a677271896b37d73b52abfccc68b23170dc941))
+
+## <small>11.1.6 (2022-04-18)</small>
+
+* [bitnami/mongodb] Release 11.1.6 updating components versions ([d89031b](https://github.com/bitnami/charts/commit/d89031b0b37367d0bfd186463c25b612d40a8c3a))
+
+## <small>11.1.5 (2022-04-05)</small>
+
+* [bitnami/mongodb] Release 11.1.5 updating components versions ([2c93040](https://github.com/bitnami/charts/commit/2c930401b1cb5774eb4c159491280d54fe14e9a7))
+
+## <small>11.1.4 (2022-04-02)</small>
+
+* [bitnami/mongodb] Release 11.1.4 updating components versions ([15e4f8d](https://github.com/bitnami/charts/commit/15e4f8d06c3af635ee5696027d5de430bb6836fd))
+
+## <small>11.1.3 (2022-03-28)</small>
+
+* [bitnami/mongodb] Release 11.1.3 updating components versions ([a6e8ef3](https://github.com/bitnami/charts/commit/a6e8ef3cb1923008eac9a8f9d356c2205efcdba4))
+
+## <small>11.1.2 (2022-03-27)</small>
+
+* [bitnami/mongodb] Release 11.1.2 updating components versions ([ad92c81](https://github.com/bitnami/charts/commit/ad92c81b28d36f5e99a1b1160647fc40b82e41cc))
+
+## <small>11.1.1 (2022-03-16)</small>
+
+* [bitnami/mongodb] Release 11.1.1 updating components versions ([e87c6b5](https://github.com/bitnami/charts/commit/e87c6b5cfdaa2aeaa7610be41dd0dec71a613dbd))
+
+## 11.1.0 (2022-03-11)
+
+* [bitnami/mongodb] feat: :sparkles: Check replicaset status when persistence is not detected (#9387) ([7d9d4a3](https://github.com/bitnami/charts/commit/7d9d4a38a1a7cf64cb8a7163ec67de517e4f3a93)), closes [#9387](https://github.com/bitnami/charts/issues/9387)
+
+## <small>11.0.6 (2022-03-02)</small>
+
+* [bitnami/mongodb] Release 11.0.6 updating components versions ([820c436](https://github.com/bitnami/charts/commit/820c436bc06c963e0e5e3a472c2986b226470e49))
+
+## <small>11.0.5 (2022-02-27)</small>
+
+* [bitnami/mongodb] Release 11.0.5 updating components versions ([d997058](https://github.com/bitnami/charts/commit/d997058e6f9c99826242c0ae6d19ccc1cdc2106a))
+
+## <small>11.0.4 (2022-02-21)</small>
+
+* [bitnami/mongodb] Do not hardcode PDB apiVersion (#9105) ([8123881](https://github.com/bitnami/charts/commit/81238811d4a6d09b2946dff7c0b65881449b2c4f)), closes [#9105](https://github.com/bitnami/charts/issues/9105)
+
+## <small>11.0.3 (2022-02-04)</small>
+
+* [bitnami/mongodb] fix duplicated arbiter MONGODB_EXTRA_FLAGS env var (#8892) ([23ff0af](https://github.com/bitnami/charts/commit/23ff0afe07cc5d78f824c11fc969be174879424e)), closes [#8892](https://github.com/bitnami/charts/issues/8892)
+
+## <small>11.0.2 (2022-02-01)</small>
+
+* [bitnami/mongodb] Release 11.0.2 updating components versions ([5de4fe8](https://github.com/bitnami/charts/commit/5de4fe8011b189e5a6a280e9a9a1e56dd57fc863))
+
+## <small>11.0.1 (2022-01-31)</small>
+
+* [bitnami/*] Fix non-utf8 characters (#8826) ([aebe0ed](https://github.com/bitnami/charts/commit/aebe0ed63d845e1e2b38751103810adf200b18f5)), closes [#8826](https://github.com/bitnami/charts/issues/8826)
+* [bitnami/mongodb] Fix exporter command (#8843) ([e2b5314](https://github.com/bitnami/charts/commit/e2b53140f8ecb2b0c1886c76d32f3c0a8e7bbf2f)), closes [#8843](https://github.com/bitnami/charts/issues/8843)
+
+## 11.0.0 (2022-01-27)
+
+* [bitnami/mongodb*] New major version using 0.30.X for the exporter (#8818) ([282d315](https://github.com/bitnami/charts/commit/282d315386d6f7f20a65ea3b7a46bb26cc95fa15)), closes [#8818](https://github.com/bitnami/charts/issues/8818)
+
+## <small>10.31.5 (2022-01-24)</small>
+
+* fix(): Fixed closing bracket for hidden node scripts (#8754) ([8db5126](https://github.com/bitnami/charts/commit/8db51260fb7656d3301c612b6263ee459a09ba0d)), closes [#8754](https://github.com/bitnami/charts/issues/8754)
+
+## <small>10.31.4 (2022-01-20)</small>
+
+* [bitnami/*] Readme automation (#8579) ([78d1938](https://github.com/bitnami/charts/commit/78d193831c900d178198491ffd08fa2217a64ecd)), closes [#8579](https://github.com/bitnami/charts/issues/8579)
+* [bitnami/*] Update READMEs (#8716) ([b9a9533](https://github.com/bitnami/charts/commit/b9a953337590eb2979453385874a267bacf50936)), closes [#8716](https://github.com/bitnami/charts/issues/8716)
+* [bitnami/several] Change prerequisites (#8725) ([8d740c5](https://github.com/bitnami/charts/commit/8d740c566cfdb7e2d933c40128b4e919fce953a5)), closes [#8725](https://github.com/bitnami/charts/issues/8725)
+
+## <small>10.31.3 (2022-01-11)</small>
+
+* [bitnami/mongodb] Release 10.31.3 updating components versions ([ef0367c](https://github.com/bitnami/charts/commit/ef0367cebe3f8f75acd50903983e8ab72d6ee90e))
+
+## <small>10.31.2 (2022-01-07)</small>
+
+* fix(): Fixed commonlabel issues for hidden node external service (#8590) ([dfc59a9](https://github.com/bitnami/charts/commit/dfc59a99aa0865915e0baffe0a4797063436fe81)), closes [#8590](https://github.com/bitnami/charts/issues/8590)
+
+## <small>10.31.1 (2022-01-05)</small>
+
+* [bitnami/mongodb] Fixed NodePort External Access (#8515) ([7cd5728](https://github.com/bitnami/charts/commit/7cd5728f4689dd43b389c337c60aeec6ce3619a3)), closes [#8515](https://github.com/bitnami/charts/issues/8515)
+
+## 10.31.0 (2022-01-05)
+
+* [bitnami/several] Adapt templating format (#8562) ([8cad18a](https://github.com/bitnami/charts/commit/8cad18aed9966a6f0208e5ad6cee46cb217f47ab)), closes [#8562](https://github.com/bitnami/charts/issues/8562)
+
+## <small>10.30.12 (2022-01-04)</small>
+
+* [bitnami/mongodb] Release 10.30.12 updating components versions ([9fe8ea7](https://github.com/bitnami/charts/commit/9fe8ea7dc654e07b187a3a784265cf73b0793c98))
+* [bitnami/several] Add license to the README ([05f7633](https://github.com/bitnami/charts/commit/05f763372501d596e57db713dd53ff4ff3027cc4))
+* [bitnami/several] Add license to the README ([32fb238](https://github.com/bitnami/charts/commit/32fb238e60a0affc6debd3142eaa3c3d9089ec2a))
+* [bitnami/several] Add license to the README ([b87c2f7](https://github.com/bitnami/charts/commit/b87c2f7899d48a8b02c506765e6ae82937e9ba3f))
+
+## <small>10.30.11 (2021-12-31)</small>
+
+* [bitnami/mongodb] Add metrics active wait (#8537) ([3a01fd4](https://github.com/bitnami/charts/commit/3a01fd4f89c7c62a13459d58fe77fe33cf42a101)), closes [#8537](https://github.com/bitnami/charts/issues/8537)
+
+## <small>10.30.10 (2021-12-29)</small>
+
+* [bitnami/mongodb] Release 10.30.10 updating components versions ([bd5647d](https://github.com/bitnami/charts/commit/bd5647d778e26257907ba34fa3c4250830870c52))
+
+## <small>10.30.9 (2021-12-27)</small>
+
+* [bitnami/mongodb] Release 10.30.9 updating components versions ([70d0e55](https://github.com/bitnami/charts/commit/70d0e55da7591e6a2a3f56c2982fe36c40e438b8))
+
+## <small>10.30.8 (2021-12-17)</small>
+
+* Revert "[bitnami/mongodb] Fix deprecated 'IP Address in the DNS Name field on certificate' when usin ([ed8306a](https://github.com/bitnami/charts/commit/ed8306ab169c34d99d694198aec8dc0931c43014)), closes [#8416](https://github.com/bitnami/charts/issues/8416)
+
+## <small>10.30.7 (2021-12-17)</small>
+
+* [bitnami/mongodb] Fix deprecated 'IP Address in the DNS Name field on certificate' when using tls (# ([275b91a](https://github.com/bitnami/charts/commit/275b91ad43d0058577edb9c58580ff197d5ba4b9)), closes [#8416](https://github.com/bitnami/charts/issues/8416)
+* bitnami/mongodb: enable to configure topology spread constraints (#8222) ([3bcf0b6](https://github.com/bitnami/charts/commit/3bcf0b6f9e39110dbaa34915ffa3e4d098841dc9)), closes [#8222](https://github.com/bitnami/charts/issues/8222)
+* Fixed tls.extraDnsNames example (#8352) ([e7cacec](https://github.com/bitnami/charts/commit/e7caceca2c009b27fbb534776a9a366e0bbf5a46)), closes [#8352](https://github.com/bitnami/charts/issues/8352)
+
+## <small>10.30.6 (2021-12-02)</small>
+
+* [bitnami/*] Fix parameters for schema generation (#8297) ([d7d52ac](https://github.com/bitnami/charts/commit/d7d52acdbd1b0629e4e5295652fa6f5830daf2af)), closes [#8297](https://github.com/bitnami/charts/issues/8297)
+
+## <small>10.30.5 (2021-12-02)</small>
+
+* [bitnami/mongodb] Fix default replicaSetConfigurationSettings.configuration (#8295) ([7f29d4e](https://github.com/bitnami/charts/commit/7f29d4edcb28d8feac57b9b359eab1d8d2b0fb11)), closes [#8295](https://github.com/bitnami/charts/issues/8295)
+* [bitnami/several] Regenerate README tables ([a43cca7](https://github.com/bitnami/charts/commit/a43cca73cabae95609e943f6eb2cdeefc04e866b))
+
+## <small>10.30.4 (2021-12-01)</small>
+
+* [bitnami/mongodb] Release 10.30.4 updating components versions ([76dcbd5](https://github.com/bitnami/charts/commit/76dcbd5c5801143a5f23261ce1482653860380bf))
+* [bitnami/several] Regenerate README tables ([8150149](https://github.com/bitnami/charts/commit/8150149f0bb746e86ff0029fc375d43775bdf15a))
+
+## <small>10.30.3 (2021-11-30)</small>
+
+* [bitnami/mongodb] Support tls.extraDnsNames in "replicaset" architecture (#8267) ([58900c8](https://github.com/bitnami/charts/commit/58900c8dc1f732fbbf979630f44eec9e5552647e)), closes [#8267](https://github.com/bitnami/charts/issues/8267)
+
+## <small>10.30.2 (2021-11-29)</small>
+
+* [bitnami/several] Replace HTTP by HTTPS when possible (#8259) ([eafb5bd](https://github.com/bitnami/charts/commit/eafb5bd5a2cc3aaf04fc1e8ebedd73f420d76864)), closes [#8259](https://github.com/bitnami/charts/issues/8259)
+
+## <small>10.30.1 (2021-11-26)</small>
+
+* [bitnami/mongodb] Added ability to configure run-time replica set configuration settings (#7042) ([46b1e90](https://github.com/bitnami/charts/commit/46b1e90ec9ffb7c32c4de6c323594c606bfaa923)), closes [#7042](https://github.com/bitnami/charts/issues/7042)
+
+## 10.30.0 (2021-11-26)
+
+* [bitnami/mongodb] Add medium option for non-persisted. (#8238) ([d762894](https://github.com/bitnami/charts/commit/d76289431509ec90111d54d997ba5632f71d88f3)), closes [#8238](https://github.com/bitnami/charts/issues/8238)
+
+## <small>10.29.4 (2021-11-24)</small>
+
+* [bitnami/several] Fix deadlinks in README.md (#8215) ([99e90d2](https://github.com/bitnami/charts/commit/99e90d244b3244e059a42f72dcbecd3cda2b66bb)), closes [#8215](https://github.com/bitnami/charts/issues/8215)
+* Fix tls mode value (#8219) ([47947a1](https://github.com/bitnami/charts/commit/47947a1b5a5cf9ea3318d0df42b893d7e017428e)), closes [#8219](https://github.com/bitnami/charts/issues/8219)
+
+## <small>10.29.3 (2021-11-23)</small>
+
+* Add value for tlsMode (#8214) ([48c50df](https://github.com/bitnami/charts/commit/48c50df7406a95f72c8a6929ce97b146f63f52fd)), closes [#8214](https://github.com/bitnami/charts/issues/8214)
+
+## <small>10.29.2 (2021-11-10)</small>
+
+* Fix service name in TLS init container (#8085) ([9108472](https://github.com/bitnami/charts/commit/9108472c07a0ad69db5f497711d36a018f1365cb)), closes [#8085](https://github.com/bitnami/charts/issues/8085)
+
+## <small>10.29.1 (2021-11-09)</small>
+
+* [bitnami/mongodb] Fix custom passwords (#8067) ([f2e629a](https://github.com/bitnami/charts/commit/f2e629a69add604951ae1dd3525dc3ea4a215d9d)), closes [#8067](https://github.com/bitnami/charts/issues/8067)
+* [bitnami/several] Regenerate README tables ([3cefed3](https://github.com/bitnami/charts/commit/3cefed3ef961fbd7596242b1165bcfa229a9cadb))
+
+## 10.29.0 (2021-11-02)
+
+* [bitnami/mongodb] Add support for several custom users/dbs (#7930) ([4d8106f](https://github.com/bitnami/charts/commit/4d8106fc733907796fc60e0a728c77ecc7e9f7b1)), closes [#7930](https://github.com/bitnami/charts/issues/7930)
+
+## <small>10.28.7 (2021-10-28)</small>
+
+* [bitnami/mongodb] Release 10.28.7 updating components versions ([f4d7b00](https://github.com/bitnami/charts/commit/f4d7b00f5fe902d4e435f19dec129db4089d48d0))
+
+## <small>10.28.6 (2021-10-28)</small>
+
+* [bitnami/*] Mark PodSecurityPolicy resources as deprecated (#7950) ([30e6946](https://github.com/bitnami/charts/commit/30e694657e21cea03a64ddbc6744f9bab1d1a169)), closes [#7950](https://github.com/bitnami/charts/issues/7950)
+* [bitnami/several] Regenerate README tables ([412cf6a](https://github.com/bitnami/charts/commit/412cf6a513cb0c03444a6e7811c6f27193239a10))
+
+## <small>10.28.5 (2021-10-27)</small>
+
+* [bitnami/mongodb] Release 10.28.5 updating components versions ([77be157](https://github.com/bitnami/charts/commit/77be157ac7e1218ce320068bc809086dcf0f9d0f))
+* [bitnami/several] Regenerate README tables ([3df22fe](https://github.com/bitnami/charts/commit/3df22fe5caa595c007d5da96c97209942ba1f0a0))
+
+## <small>10.28.4 (2021-10-25)</small>
+
+* [bitnami/mongodb] Release 10.28.4 updating components versions ([f7b2803](https://github.com/bitnami/charts/commit/f7b280361dd71f980b2ea1f9a7903512e63e0875))
+
+## <small>10.28.3 (2021-10-22)</small>
+
+* [bitnami/several] Add chart info to NOTES.txt (#7889) ([a6751cd](https://github.com/bitnami/charts/commit/a6751cdd33c461fabbc459fbea6f219ec64ab6b2)), closes [#7889](https://github.com/bitnami/charts/issues/7889)
+
+## <small>10.28.2 (2021-10-19)</small>
+
+* [bitnami/several] Change pullPolicy for bitnami-shell image (#7852) ([9711a33](https://github.com/bitnami/charts/commit/9711a33c6eec72ea79143c4b7574dbe6a148d6b2)), closes [#7852](https://github.com/bitnami/charts/issues/7852)
+* [bitnami/several] Regenerate README tables ([dd25873](https://github.com/bitnami/charts/commit/dd2587368d006bcca6149be74d846752a15344b9))
+
+## <small>10.28.1 (2021-10-14)</small>
+
+* [bitnami/*] Generate READMEs (#7790) ([0833a8c](https://github.com/bitnami/charts/commit/0833a8c16300d68abf6030639c3479d8fb031e25)), closes [#7790](https://github.com/bitnami/charts/issues/7790)
+* [bitnami/mongodb] Release 10.28.1 updating components versions ([ddef47a](https://github.com/bitnami/charts/commit/ddef47ab1da7b2ca64dd4d39c2031a1c844dcbd5))
+
+## 10.28.0 (2021-10-13)
+
+* [bitnami/mongodb] Call tpl function on mongo existing secret value (#7781) ([b31d5b8](https://github.com/bitnami/charts/commit/b31d5b8530c76be1d4375e0ae5cc63ad7707d81a)), closes [#7781](https://github.com/bitnami/charts/issues/7781) [#7770](https://github.com/bitnami/charts/issues/7770)
+
+## <small>10.27.3 (2021-10-12)</small>
+
+* [bitnami/mongodb] Release 10.27.3 updating components versions ([eb69d9d](https://github.com/bitnami/charts/commit/eb69d9d2cf32ad8d06d6c434a99fceee86904e42))
+
+## <small>10.27.2 (2021-10-07)</small>
+
+* Fix service name for hidden MongoDB pods (#7726) ([51a5a53](https://github.com/bitnami/charts/commit/51a5a53e9833f262be91c2616efeb31348e0d376)), closes [#7726](https://github.com/bitnami/charts/issues/7726)
+
+## <small>10.27.1 (2021-10-06)</small>
+
+* [bitnami/mongodb] fix extraDnsNames (#7717) ([c76bc81](https://github.com/bitnami/charts/commit/c76bc81c91a7b09133b3b6bfab32086f5acd57ee)), closes [#7717](https://github.com/bitnami/charts/issues/7717)
+* [bitnami/several] Regenerate README tables ([acd5b18](https://github.com/bitnami/charts/commit/acd5b18ce5bc30692bd4a318dbc4ddff297d7c9a))
+
+## 10.27.0 (2021-10-05)
+
+* bitnami/mongodb - Add extra dns names for auto tls. (#7627) ([b22f271](https://github.com/bitnami/charts/commit/b22f27118382ab13945d943e4bedcaaccd834f84)), closes [#7627](https://github.com/bitnami/charts/issues/7627)
+
+## <small>10.26.4 (2021-09-27)</small>
+
+* [bitnami/*] Generate READMEs with new generator version (#7614) ([e5ab2e6](https://github.com/bitnami/charts/commit/e5ab2e6ecdd6bce800863f154cda524ff9f6c117)), closes [#7614](https://github.com/bitnami/charts/issues/7614)
+* [bitnami/mongodb] Add commonAnnotations on arbiter (#7618) ([571ac9a](https://github.com/bitnami/charts/commit/571ac9a50c387ec013798b1067efb884952ddf0c)), closes [#7618](https://github.com/bitnami/charts/issues/7618)
+* [bitnami/several] Regenerate README tables ([fa939b3](https://github.com/bitnami/charts/commit/fa939b373a54c01c20aa28cdd4e7cfb2953ce2a4))
+
+## <small>10.26.3 (2021-09-19)</small>
+
+* [bitnami/mongodb] Release 10.26.3 updating components versions ([b4d29c0](https://github.com/bitnami/charts/commit/b4d29c021c3ba10146fbef3f8e89a3f2cc8d816f))
+* [bitnami/several] Regenerate README tables ([003a0fb](https://github.com/bitnami/charts/commit/003a0fbaedeb775c546b8d8452b7a5ab0a63af52))
+
+## <small>10.26.2 (2021-09-17)</small>
+
+* [bitnami/mongodb] Allow configuration of credentials for the metrics exporter (#7311) ([2ec31ed](https://github.com/bitnami/charts/commit/2ec31edee1fd3dcaa00b2af30d8fcafc3be070dd)), closes [#7311](https://github.com/bitnami/charts/issues/7311)
+
+## <small>10.26.1 (2021-09-16)</small>
+
+* [bitnami/mongodb] Rename configmap file to match extension (#7466) ([eeead06](https://github.com/bitnami/charts/commit/eeead06d8a76969899825863bc71943befd89c70)), closes [#7466](https://github.com/bitnami/charts/issues/7466)
+
+## 10.26.0 (2021-09-13)
+
+* [bitnami/mongodb] Configurable admin/root user name (#7229) ([d7ef3be](https://github.com/bitnami/charts/commit/d7ef3be57959c905e69602a9f21cb03ee729541b)), closes [#7229](https://github.com/bitnami/charts/issues/7229)
+
+## <small>10.25.2 (2021-09-10)</small>
+
+* [bitnami/mongodb] Use Recreate as strategy type for standalone deployments (#7443) ([9578898](https://github.com/bitnami/charts/commit/9578898cb34a42cc0567f413f443de50d265b82b)), closes [#7443](https://github.com/bitnami/charts/issues/7443)
+* [bitnami/several] Regenerate README tables ([9c82ba2](https://github.com/bitnami/charts/commit/9c82ba295d70b1cac50ab4d8d494fdbefc1ec0ac))
+
+## <small>10.25.1 (2021-09-01)</small>
+
+* [bitnami/mongodb] Release 10.25.1 updating components versions ([7118531](https://github.com/bitnami/charts/commit/7118531d2ca04cac99e052ca7a8cb390008f3072))
+
+## 10.25.0 (2021-09-01)
+
+* [bitnami/mongodb] Add runtimeClassName support (#7362) ([1b78083](https://github.com/bitnami/charts/commit/1b78083de8ff3cc1b4e3eeda426b05b99024b565)), closes [#7362](https://github.com/bitnami/charts/issues/7362)
+* [bitnami/several] Regenerate README tables ([64d5d74](https://github.com/bitnami/charts/commit/64d5d747b84299ca9f63ea8a586b13870abe31a6))
+
+## <small>10.24.1 (2021-08-31)</small>
+
+* [bitnami/mongodb] Add persistence annotations to PVC (#7355) ([931b597](https://github.com/bitnami/charts/commit/931b597c43f6cd37919569acda4432a9bdd59a71)), closes [#7355](https://github.com/bitnami/charts/issues/7355)
+
+## 10.24.0 (2021-08-31)
+
+* [bitnami/mongodb] Add relabelings / metricRelabelings to ServiceMonitor (#7352) ([28417f3](https://github.com/bitnami/charts/commit/28417f38df7e1e82ee4ff66421da2a08f64f57bd)), closes [#7352](https://github.com/bitnami/charts/issues/7352)
+* [bitnami/several] Regenerate README tables ([da2513b](https://github.com/bitnami/charts/commit/da2513bf0a33819f3b1151d387c631a9ffdb03e2))
+
+## <small>10.23.13 (2021-08-25)</small>
+
+* [bitnami/mongodb] Release 10.23.13 updating components versions ([daf22c1](https://github.com/bitnami/charts/commit/daf22c13e3be5d90af7eef89f2e4559e9c008a44))
+
+## <small>10.23.12 (2021-08-25)</small>
+
+* [bitnami/mongodb] doc: use existingSecret from Notes (#7032) ([16a4bbe](https://github.com/bitnami/charts/commit/16a4bbe92d2267e530c2598ff2f4679fa61c9d86)), closes [#7032](https://github.com/bitnami/charts/issues/7032)
+
+## <small>10.23.11 (2021-08-24)</small>
+
+* [bitnami/mongodb] Release 10.23.11 updating components versions ([593efdf](https://github.com/bitnami/charts/commit/593efdff66988f27aeee3688cbe6b0e0df786ef2))
+* [bitnami/several] Regenerate README tables ([6c107e8](https://github.com/bitnami/charts/commit/6c107e835d6caf8db2e8b17dcd48c5971637e013))
+
+## <small>10.23.10 (2021-08-11)</small>
+
+* [bitnami/mongodb] Release 10.23.10 updating components versions ([b6dea8a](https://github.com/bitnami/charts/commit/b6dea8a7e8619bcaed473196a4269c97d787676c))
+
+## <small>10.23.9 (2021-08-04)</small>
+
+* [bitnami/mongodb] Clarify externalAccess parameter (#7135) ([249ae8f](https://github.com/bitnami/charts/commit/249ae8fe07822ac519ec2383d6b7c92c1cb22de6)), closes [#7135](https://github.com/bitnami/charts/issues/7135)
+
+## <small>10.23.8 (2021-08-01)</small>
+
+* [bitnami/mongodb] Release 10.23.8 updating components versions ([658b1af](https://github.com/bitnami/charts/commit/658b1afe41574b3942fd295557a5bc4a8a3c3513))
+* [bitnami/several] Update READMEs (#7108) ([44961d9](https://github.com/bitnami/charts/commit/44961d9cdfae1b0d06808124c4b47e8adc3de146)), closes [#7108](https://github.com/bitnami/charts/issues/7108)
+
+## <small>10.23.7 (2021-07-30)</small>
+
+* [bitnami/mongodb] Release 10.23.7 updating components versions ([f07bf4e](https://github.com/bitnami/charts/commit/f07bf4e39a4984d1db530aba7da9b8fba3f5c838))
+
+## <small>10.23.6 (2021-07-27)</small>
+
+* [bitnami/several] Bump version and update READMEs (#7069) ([6340bff](https://github.com/bitnami/charts/commit/6340bff66f93c8c797bda3ca0842e4bf770059f1)), closes [#7069](https://github.com/bitnami/charts/issues/7069)
+
+## <small>10.23.5 (2021-07-27)</small>
+
+* Replace <sup> strings with &trade; in the README files (#7066) ([d298b49](https://github.com/bitnami/charts/commit/d298b4996da33c9580c2594e6dc8ad665dd0ebab)), closes [#7066](https://github.com/bitnami/charts/issues/7066)
+
+## <small>10.23.4 (2021-07-26)</small>
+
+* [bitnami/several] Fix default values and regenerate README (#7045) ([90c81ac](https://github.com/bitnami/charts/commit/90c81ac55e7b35709b04ea551bc54a40453ce630)), closes [#7045](https://github.com/bitnami/charts/issues/7045)
+
+## <small>10.23.3 (2021-07-24)</small>
+
+* [bitnami/mongodb] Release 10.23.3 updating components versions ([ddc5dbe](https://github.com/bitnami/charts/commit/ddc5dbef663287bfab50b366469ab9d12ad1fab7))
+
+## <small>10.23.2 (2021-07-21)</small>
+
+* [bitnami/mongodb] Fix a bug that prevents install chart in the `replicaset` mode (#7006) ([236ba2b](https://github.com/bitnami/charts/commit/236ba2bf5442bffbdbcaaf0cd01dd82c72793cc0)), closes [#7006](https://github.com/bitnami/charts/issues/7006)
+
+## <small>10.23.1 (2021-07-19)</small>
+
+* [bitnami/mongodb] Release 10.23.1 updating components versions ([783e9d4](https://github.com/bitnami/charts/commit/783e9d4b7f1157e71349404ea5691e959d4e3646))
+
+## 10.23.0 (2021-07-15)
+
+* bitnami/mongodb  - Fix for custom clusterDomain not joining the secondary nodes (#6938) ([b33b435](https://github.com/bitnami/charts/commit/b33b435b60c3ada7b1ef8a0988d670d66fbcb3f5)), closes [#6938](https://github.com/bitnami/charts/issues/6938)
+
+## <small>10.22.1 (2021-07-15)</small>
+
+* [bitnami/mongodb] Release 10.22.1 updating components versions ([66325fb](https://github.com/bitnami/charts/commit/66325fb87c6ef2754ac96c760b3c4a2525366d4b))
+
+## 10.22.0 (2021-07-13)
+
+* [bitnami/mongodb,mariadb-galera,redis] Add diagnostic mode (#6936) ([a907452](https://github.com/bitnami/charts/commit/a9074525f83c97df584fb7ebfe408d57cbb06b22)), closes [#6936](https://github.com/bitnami/charts/issues/6936)
+
+## <small>10.21.2 (2021-07-09)</small>
+
+* [bitnami/*] Adapt values.yaml of metrics-server, MinIO and MongoDB charts (#6895) ([86922f0](https://github.com/bitnami/charts/commit/86922f08ea0e31876b82a508cd1c9b8c8b7eba4c)), closes [#6895](https://github.com/bitnami/charts/issues/6895)
+* [bitnami/mongodb] Specify standalone replicas to be 1 (#6882) ([cd7c567](https://github.com/bitnami/charts/commit/cd7c5674189a54e638d6a225e1417f86efd1dd2d)), closes [#6882](https://github.com/bitnami/charts/issues/6882)
+
+## <small>10.21.1 (2021-07-08)</small>
+
+* [bitnami/mongodb] fixed commonLabels for external access (#6888) ([aeaaf26](https://github.com/bitnami/charts/commit/aeaaf26cb058ff83d7c9725aa6a086c0785c2866)), closes [#6888](https://github.com/bitnami/charts/issues/6888)
+
+## 10.21.0 (2021-07-05)
+
+* bitnami/mongodb commonLabels (#6815) ([ffdf1f7](https://github.com/bitnami/charts/commit/ffdf1f71c5b2a32addb2b55f388fb714067a0a70)), closes [#6815](https://github.com/bitnami/charts/issues/6815)
+
+## <small>10.20.5 (2021-06-24)</small>
+
+* [bitnami/mongodb] Release 10.20.5 updating components versions ([d5f8262](https://github.com/bitnami/charts/commit/d5f82623e6c437d90d0368336314dfe257f9d9e1))
+
+## <small>10.20.4 (2021-06-22)</small>
+
+* [bitnami/mongodb] Revert changes to secrets-ca.yaml (#6700) ([993af16](https://github.com/bitnami/charts/commit/993af163008301897ee2ebf4017c11aa2d05fa9b)), closes [#6700](https://github.com/bitnami/charts/issues/6700)
+
+## <small>10.20.3 (2021-06-21)</small>
+
+* xs identation fix to extraDeploy section when un-commenting (#6710) ([2c8b58e](https://github.com/bitnami/charts/commit/2c8b58eb6d38034e93cdda6d8cc6a69003e8611c)), closes [#6710](https://github.com/bitnami/charts/issues/6710)
+
+## <small>10.20.2 (2021-06-19)</small>
+
+* [bitnami/mongodb] Release 10.20.2 updating components versions ([9abf01a](https://github.com/bitnami/charts/commit/9abf01af0c3852a597bbfa30f89404f0751249d7))
+
+## <small>10.20.1 (2021-06-18)</small>
+
+* [bitnami/mongodb] Release 10.20.1 updating components versions ([40e10f6](https://github.com/bitnami/charts/commit/40e10f6e974c0c6dd62e136020a0121b32853c14))
+
+## 10.20.0 (2021-06-16)
+
+* [bitnami/mongodb] Standardize certificates autogeneration (#6639) ([2463099](https://github.com/bitnami/charts/commit/246309975f718f836f51a1a02f13a0e936ac720d)), closes [#6639](https://github.com/bitnami/charts/issues/6639)
+
+## 10.19.0 (2021-06-03)
+
+* [bitnami/mongodb] support https://github.com/combor/k8s-mongo-labeler-sidecar - a very … (#6435) ([8a5cc0d](https://github.com/bitnami/charts/commit/8a5cc0df3279b97bb36aa7617dfaf908f0ffdbe6))
+
+## 10.18.0 (2021-06-02)
+
+* [bitnami/mongodb] Support for custom RBAC rules (#6537) ([a1efd31](https://github.com/bitnami/charts/commit/a1efd31ab4c9da2a0fbb3966fd494119a4c2a568)), closes [#6537](https://github.com/bitnami/charts/issues/6537)
+
+## 10.17.0 (2021-06-02)
+
+* [bitnami/mongodb] Add support for 'extraDeploy' (#6536) ([cdf83aa](https://github.com/bitnami/charts/commit/cdf83aa3ee3c2907b7ee70830f4416c32de15b67)), closes [#6536](https://github.com/bitnami/charts/issues/6536)
+
+## <small>10.16.4 (2021-05-27)</small>
+
+* [bitnami/mongodb] Release 10.16.4 updating components versions ([5d1db0a](https://github.com/bitnami/charts/commit/5d1db0a73ccb9e9218c794a811532c39f4dad11f))
+
+## <small>10.16.3 (2021-05-26)</small>
+
+* [bitnami/mongodb] Release 10.16.3 updating components versions ([43ef321](https://github.com/bitnami/charts/commit/43ef32145b38696ec352ac42ac88d97c4259460c))
+
+## <small>10.16.2 (2021-05-25)</small>
+
+* [bitnami/mongodb] Release 10.16.2 updating components versions ([88bd1d8](https://github.com/bitnami/charts/commit/88bd1d8a12e8e15698621b2c6918fac8870f5b5c))
+
+## <small>10.16.1 (2021-05-24)</small>
+
+* [bitnami/mongodb] Changes how the mongodb version is checked in readiness probes (#6442) ([29c842c](https://github.com/bitnami/charts/commit/29c842cb5d48971ebdb34db7de7da3cb1e0547fc)), closes [#6442](https://github.com/bitnami/charts/issues/6442)
+
+## 10.16.0 (2021-05-20)
+
+* [bitnami/*] Update Kubectl container version (#6420) ([dad6d38](https://github.com/bitnami/charts/commit/dad6d3857f54132e32b5860cd454129bc8b781fe)), closes [#6420](https://github.com/bitnami/charts/issues/6420)
+* Update README.md ([2a8ed56](https://github.com/bitnami/charts/commit/2a8ed566b58a676e9c8cc2a77ac7f1fda7c732c1))
+
+## <small>10.15.3 (2021-05-13)</small>
+
+* [bitnami/mongodb] Improve readiness probe compatibility for some old versions of mongodb (#6342) ([656c7d9](https://github.com/bitnami/charts/commit/656c7d996670a4049155963eb3180b8d7e9c5575)), closes [#6342](https://github.com/bitnami/charts/issues/6342)
+
+## <small>10.15.2 (2021-05-07)</small>
+
+* [bitnami/mongodb]  Fixed hidden node headless service name in TLS (#6281) ([8ab1a15](https://github.com/bitnami/charts/commit/8ab1a15c831585b43345f38caefb054b1ee0e5cf)), closes [#6281](https://github.com/bitnami/charts/issues/6281)
+* [bitnami/mongodb] Release 10.15.2 updating components versions ([5db07a2](https://github.com/bitnami/charts/commit/5db07a203955d0e002cc477848d063ee1b0f1f1f))
+
+## <small>10.15.1 (2021-05-05)</small>
+
+* Update NOTES.txt (#6292) ([ee5597c](https://github.com/bitnami/charts/commit/ee5597c86b1cd3587fb50feb1dbc7518195c8cab)), closes [#6292](https://github.com/bitnami/charts/issues/6292)
+
+## 10.15.0 (2021-05-04)
+
+* [bitnami/mongodb] add commonAnnotations (#6274) ([2b3e4c6](https://github.com/bitnami/charts/commit/2b3e4c61ec8ef6ee2bcb806b471a3e31ce975793)), closes [#6274](https://github.com/bitnami/charts/issues/6274)
+
+## 10.14.0 (2021-05-04)
+
+* [bitnami/mongodb] Add dataSource (#6275) ([63a7bba](https://github.com/bitnami/charts/commit/63a7bbac9b23eb486cc01b2d0498e0e54934b334)), closes [#6275](https://github.com/bitnami/charts/issues/6275)
+
+## 10.13.0 (2021-04-30)
+
+* [bitnami/mongodb] Add parameter to enable/disable journaling in MongoDB (#6254) ([c82c05b](https://github.com/bitnami/charts/commit/c82c05bdb7d4595fe6d59ae36779e2ec085c74fb)), closes [#6254](https://github.com/bitnami/charts/issues/6254)
+
+## <small>10.12.7 (2021-04-30)</small>
+
+* Fix typos in several README files (#6252) ([fd16565](https://github.com/bitnami/charts/commit/fd1656587a007ac9b8e9d895f6b99607fb225f7c)), closes [#6252](https://github.com/bitnami/charts/issues/6252)
+
+## <small>10.12.6 (2021-04-27)</small>
+
+* [bitnami/mongodb] remove nodePort: null (#6221) ([ca19612](https://github.com/bitnami/charts/commit/ca196124283ffae1b9fcd07441a81a6491b41afe)), closes [#6221](https://github.com/bitnami/charts/issues/6221)
+
+## <small>10.12.5 (2021-04-21)</small>
+
+* [bitnami/mongodb] fixed advertised hostname for hidden nodes (#6161) ([da405a4](https://github.com/bitnami/charts/commit/da405a42b25840b3e73ce5f1df89669a8f9ad715)), closes [#6161](https://github.com/bitnami/charts/issues/6161)
+
+## <small>10.12.4 (2021-04-19)</small>
+
+* Fix duplicate env variable MONGODB_EXTRA_FLAGS for hidden nodes (#6142) ([1dad545](https://github.com/bitnami/charts/commit/1dad5454dc3a36d640975bc55b003f7027f17dbb)), closes [#6142](https://github.com/bitnami/charts/issues/6142)
+
+## <small>10.12.3 (2021-04-16)</small>
+
+* T39353 Updated links (#6128) ([9d5aa6e](https://github.com/bitnami/charts/commit/9d5aa6ef8af330126610c45e9c28fb0d312c54f1)), closes [#6128](https://github.com/bitnami/charts/issues/6128)
+
+## <small>10.12.2 (2021-04-08)</small>
+
+* [bitnami/mongodb] Add support to load environment variables from files (#6049) ([5f67837](https://github.com/bitnami/charts/commit/5f67837fd1f837109426250f2d0905ef86c28431)), closes [#6049](https://github.com/bitnami/charts/issues/6049)
+
+## <small>10.12.1 (2021-04-07)</small>
+
+* [bitnami/mongodb] Release 10.12.1 updating components versions ([3882ba8](https://github.com/bitnami/charts/commit/3882ba8ab33d5d9057014a7758c17b32258d9f6d))
+
+## 10.12.0 (2021-04-05)
+
+* [bitnami/mongodb] Add startup probe (#5998) ([d1efebd](https://github.com/bitnami/charts/commit/d1efebd19577e050aee85d59a6684f37066aee1c)), closes [#5998](https://github.com/bitnami/charts/issues/5998)
+
+## <small>10.11.2 (2021-04-01)</small>
+
+* [bitnami/mongodb] Improved README (#5961) ([db4689a](https://github.com/bitnami/charts/commit/db4689af558d2a8a8392c7a2478c3fd53e90e535)), closes [#5961](https://github.com/bitnami/charts/issues/5961)
+
+## <small>10.11.1 (2021-03-25)</small>
+
+* Bumps mongodb image version used by the chart (#5911) ([762baad](https://github.com/bitnami/charts/commit/762baad337af9fde74ad5a419060c6895665627b)), closes [#5911](https://github.com/bitnami/charts/issues/5911)
+
+## 10.11.0 (2021-03-19)
+
+* [bitnami/mongodb] Fix certs permissions to match STIG requirements (#5822) ([e6d9c1c](https://github.com/bitnami/charts/commit/e6d9c1ce7ae8755ce8250dbbcbff3013927b4bf7)), closes [#5822](https://github.com/bitnami/charts/issues/5822)
+
+## <small>10.10.3 (2021-03-19)</small>
+
+* [bitnami/mongodb] Release 10.10.3 updating components versions ([5476b23](https://github.com/bitnami/charts/commit/5476b23e9ee8b2f67538a3514d1dcca16b4d5228))
+
+## <small>10.10.2 (2021-03-14)</small>
+
+* [bitnami/mongodb] Release 10.10.2 updating components versions ([2589b9d](https://github.com/bitnami/charts/commit/2589b9d8769b67ecd870d6ada4a0837998da6623))
+
+## <small>10.10.1 (2021-03-09)</small>
+
+* [bitnami/mongodb] Fix duplicate env variable MONGODB_EXTRA_FLAGS (#5698) (#5726) ([6270554](https://github.com/bitnami/charts/commit/62705543af16e7aa5eedc829f443ab109a8ec28e)), closes [#5698](https://github.com/bitnami/charts/issues/5698) [#5726](https://github.com/bitnami/charts/issues/5726)
+
+## 10.10.0 (2021-03-08)
+
+* [bitnami/mongodb] Add support for externalAccess.service.type=ClusterIP (#5706) ([766da77](https://github.com/bitnami/charts/commit/766da779e2bb11e1e0070424a377ec3b7ba1e8f6)), closes [#5706](https://github.com/bitnami/charts/issues/5706)
+
+## <small>10.9.1 (2021-03-05)</small>
+
+* fix(): Fixed portname var reference (#5689) ([1744ab1](https://github.com/bitnami/charts/commit/1744ab1173153973b26bd1e88296e9b088cc0290)), closes [#5689](https://github.com/bitnami/charts/issues/5689)
+
+## 10.9.0 (2021-03-04)
+
+* [bitnami/mongodb] add persistence.volumeClaimTemplates.requests (#5672) ([afd7de0](https://github.com/bitnami/charts/commit/afd7de04c7c95cf40ebb2d16c8c305c4863b880e)), closes [#5672](https://github.com/bitnami/charts/issues/5672)
+
+## <small>10.8.1 (2021-03-04)</small>
+
+* [bitnami/*] Remove minideb mentions (#5677) ([870bc4d](https://github.com/bitnami/charts/commit/870bc4dba1fc3aa55dd157da6687b25e8d352206)), closes [#5677](https://github.com/bitnami/charts/issues/5677)
+
+## 10.8.0 (2021-03-04)
+
+* Added hidden node support (#5505) ([ee77ab0](https://github.com/bitnami/charts/commit/ee77ab0e08d4626fbf80c65b487656acdc278a3a)), closes [#5505](https://github.com/bitnami/charts/issues/5505)
+
+## <small>10.7.2 (2021-03-02)</small>
+
+* [bitname/mongodb] fixed comment in values.yaml (#5650) ([6282c06](https://github.com/bitnami/charts/commit/6282c06401abb5568773554aa5ad6c740591dffb)), closes [#5650](https://github.com/bitnami/charts/issues/5650)
+
+## <small>10.7.1 (2021-02-22)</small>
+
+* [bitnami/*] Use common macro to define RBAC apiVersion (#5585) ([71fb99f](https://github.com/bitnami/charts/commit/71fb99f541e971b1daafaa20ffb7d18b153b8d60)), closes [#5585](https://github.com/bitnami/charts/issues/5585)
+* Fix typo in values documentation (#5540) ([5c0ef02](https://github.com/bitnami/charts/commit/5c0ef02c344e5c5911eb4b8e420b0010bb6213f1)), closes [#5540](https://github.com/bitnami/charts/issues/5540)
+
+## 10.7.0 (2021-02-12)
+
+* [bitnami/mongodb] Add metrics.containerPort (#5480) ([532f1c2](https://github.com/bitnami/charts/commit/532f1c2a576bdc60b6aeae05a55e4780b9155041)), closes [#5480](https://github.com/bitnami/charts/issues/5480)
+
+## <small>10.6.5 (2021-02-12)</small>
+
+* [bitnami/*] Add notice regarding parameters immutability after chart installation (#4853) ([5f09573](https://github.com/bitnami/charts/commit/5f095734f92555dec7cd0e3ee961f315eac170ff)), closes [#4853](https://github.com/bitnami/charts/issues/4853)
+* [bitnami/mongodb] Release 10.6.5 updating components versions ([c45e80e](https://github.com/bitnami/charts/commit/c45e80e65b0a05deb6945e78d079ececca8abd9b))
+
+## <small>10.6.4 (2021-02-10)</small>
+
+* [bitnami/mongodb] Release 10.6.4 updating components versions ([34562aa](https://github.com/bitnami/charts/commit/34562aa790f4d8555e73ea9cedaebb12a2a11b58))
+
+## <small>10.6.3 (2021-02-09)</small>
+
+* [bitnami/mongodb] Add optional parameters to configure service names used for mongo and arbiter serv ([74f2fd8](https://github.com/bitnami/charts/commit/74f2fd8f163cb4a9aa48bae1cb2a674ce4de2ae4)), closes [#5384](https://github.com/bitnami/charts/issues/5384)
+* Add registered icon to all the MongoDB references (#5426) ([56f2088](https://github.com/bitnami/charts/commit/56f20884267e56175695b2917f7704b9510f4ba6)), closes [#5426](https://github.com/bitnami/charts/issues/5426)
+
+## <small>10.6.2 (2021-02-05)</small>
+
+* [bitnami/mongodb] Release 10.6.2 updating components versions ([03b8b53](https://github.com/bitnami/charts/commit/03b8b530e9daeafa4edfa710a0a5f1868f5790ee))
+
+## <small>10.6.1 (2021-01-29)</small>
+
+* [bitnami/mongodb] fix: remove unnecesary hook (#5324) ([03eb8fc](https://github.com/bitnami/charts/commit/03eb8fca3169d2b633588b6c27e00876639a34a0)), closes [#5324](https://github.com/bitnami/charts/issues/5324)
+
+## 10.6.0 (2021-01-28)
+
+* [bitnami/mongodb] Add hostAliases (#5271) ([18fd4ce](https://github.com/bitnami/charts/commit/18fd4ce9755da7bece29d87a2e7a39df80feb5ec)), closes [#5271](https://github.com/bitnami/charts/issues/5271)
+
+## <small>10.5.2 (2021-01-26)</small>
+
+* [bitnami/mongodb] Release 10.5.2 updating components versions ([9fb3d9d](https://github.com/bitnami/charts/commit/9fb3d9dff4db8a4d0e1e667337ec8b186e72f865))
+
+## <small>10.5.1 (2021-01-22)</small>
+
+* [bitnami/mongodb] Release 10.5.1 updating components versions ([444de39](https://github.com/bitnami/charts/commit/444de39ddc578ca85d671448c61c90fef018322c))
+
+## 10.5.0 (2021-01-20)
+
+* [bitnami/mongodb] Enable psp for mongodb (#5020) ([d109865](https://github.com/bitnami/charts/commit/d10986573a3a79f1943afcb7315b80e5c69d8543)), closes [#5020](https://github.com/bitnami/charts/issues/5020)
+
+## <small>10.4.1 (2021-01-19)</small>
+
+* [bitnami/*] Change helm version in the prerequisites (#5090) ([c5e67a3](https://github.com/bitnami/charts/commit/c5e67a388743cbee28439d2cabca27884b9daf97)), closes [#5090](https://github.com/bitnami/charts/issues/5090)
+* [bitnami/mongodb] Drop values-production.yaml support (#5119) ([ccadbf3](https://github.com/bitnami/charts/commit/ccadbf3b4ffa999b8f62c337d0a51f8cdb45c407)), closes [#5119](https://github.com/bitnami/charts/issues/5119)
+
+## 10.4.0 (2021-01-14)
+
+* [bitnami/mongodb] Add serviceAccount annotations (#4968) ([430c331](https://github.com/bitnami/charts/commit/430c331dec46433d813b7c0fba4251fd167a41e6)), closes [#4968](https://github.com/bitnami/charts/issues/4968)
+* [bitnami/mongodb] Make VolumePermission init container consistent with persistence.subPath value (#4 ([be82fa7](https://github.com/bitnami/charts/commit/be82fa732710a8b7e3c13a7ca471d1f421a32eb9)), closes [#4938](https://github.com/bitnami/charts/issues/4938)
+
+## <small>10.3.7 (2021-01-12)</small>
+
+* [bitnami/mongodb] Make readiness probe only validate usable instance (#4937) ([a9668ba](https://github.com/bitnami/charts/commit/a9668ba40837371e2723ca0d5d4123326c418b5f)), closes [#4937](https://github.com/bitnami/charts/issues/4937)
+
+## <small>10.3.6 (2021-01-10)</small>
+
+* Fix probe error messages (#4876) ([79889dc](https://github.com/bitnami/charts/commit/79889dc9fd37828317d4dc1698bcd5e428510665)), closes [#4876](https://github.com/bitnami/charts/issues/4876)
+
+## <small>10.3.5 (2021-01-07)</small>
+
+* [bitnami/mongodb] Add helpful information about some variable validity (#4902) ([b009a58](https://github.com/bitnami/charts/commit/b009a5807f08b6e8dbb3dc518647cf3e418df3e2)), closes [#4902](https://github.com/bitnami/charts/issues/4902)
+
+## <small>10.3.4 (2021-01-04)</small>
+
+* Fix metrics readinessProbe and livenessProbe in standalone deployment (#4880) ([e1b2243](https://github.com/bitnami/charts/commit/e1b22435d7e74f5cc06d66b88e862c74c1681cd2)), closes [#4880](https://github.com/bitnami/charts/issues/4880)
+
+## <small>10.3.3 (2020-12-23)</small>
+
+* Fix metrics readinessProbe and livenessProbe since --test flag is removed in mongo-exporter (#4823) ([8097014](https://github.com/bitnami/charts/commit/8097014602f3a14d778e736557f103612bfa003d)), closes [#4823](https://github.com/bitnami/charts/issues/4823)
+
+## <small>10.3.2 (2020-12-22)</small>
+
+* [bitnami/mongodb] Release 10.3.2 updating components versions ([ed25600](https://github.com/bitnami/charts/commit/ed25600c2b16f06a9287be65326412fd10afd607))
+
+## <small>10.3.1 (2020-12-15)</small>
+
+* [bitnami/mongodb] Release 10.3.1 updating components versions ([b21f43d](https://github.com/bitnami/charts/commit/b21f43ddadbdd83976a532eda7fdbc7fbfc0c339))
+* allow selector definitions for volumeClaimTemplates (#4715) ([e2b744e](https://github.com/bitnami/charts/commit/e2b744e83846e1c57b288baedb217ca3e9a3bf40)), closes [#4715](https://github.com/bitnami/charts/issues/4715)
+
+## 10.3.0 (2020-12-14)
+
+* [bitnami/*] fix typos (#4699) ([49adc63](https://github.com/bitnami/charts/commit/49adc63b672da976c55af2e077aa5648a357b77f)), closes [#4699](https://github.com/bitnami/charts/issues/4699)
+* Added support for custom CA (#4690) ([7225d59](https://github.com/bitnami/charts/commit/7225d59bc602c7e2bef0770661fcd38ab7e85842)), closes [#4690](https://github.com/bitnami/charts/issues/4690)
+
+## 10.2.0 (2020-12-11)
+
+* [bitnami/mongodb] add existingSecret for tls certificates (#4687) ([c750ddd](https://github.com/bitnami/charts/commit/c750ddd2053ce2452b0ee3770e0e9d0f038b732a)), closes [#4687](https://github.com/bitnami/charts/issues/4687)
+
+## <small>10.1.5 (2020-12-11)</small>
+
+* [bitnami/*] Update dependencies (#4694) ([2826c12](https://github.com/bitnami/charts/commit/2826c125b42505f28431301e3c1bbe5366e47a01)), closes [#4694](https://github.com/bitnami/charts/issues/4694)
+
+## <small>10.1.4 (2020-12-08)</small>
+
+* [bitnami/mongodb] Register targetPod in global context (#4642) ([5222973](https://github.com/bitnami/charts/commit/52229733f86eb0bdb262af9fac3faa44e03e7205)), closes [#4642](https://github.com/bitnami/charts/issues/4642)
+
+## <small>10.1.3 (2020-12-01)</small>
+
+* [bitnami/mongodb] ensure password is handled as string (#4488) ([44910ca](https://github.com/bitnami/charts/commit/44910ca2a803b11e32382a8a134805424797eeb4)), closes [#4488](https://github.com/bitnami/charts/issues/4488)
+
+## <small>10.1.2 (2020-11-26)</small>
+
+* [bitnami/mongodb] Bump bitnami/common subchart version (#4507) ([4a93e2a](https://github.com/bitnami/charts/commit/4a93e2a663409c908db70650cb9869a86ad92350)), closes [#4507](https://github.com/bitnami/charts/issues/4507)
+
+## <small>10.1.1 (2020-11-26)</small>
+
+* [bitnami/mongodb] Use common validations (#4498) ([aaf0545](https://github.com/bitnami/charts/commit/aaf0545acd40bfecb202f6bebdeec7ede054626a)), closes [#4498](https://github.com/bitnami/charts/issues/4498)
+
+## 10.1.0 (2020-11-26)
+
+* [bitnami/*] Affinity based on common presets (v) (#4494) ([f5abfb8](https://github.com/bitnami/charts/commit/f5abfb8e423872199518733bde449d57392eab0a)), closes [#4494](https://github.com/bitnami/charts/issues/4494)
+
+## <small>10.0.5 (2020-11-18)</small>
+
+* [bitnami/mongodb] External static LoadBalancer IPs added to the SSL certificate SANs (#4249) ([72ca4e9](https://github.com/bitnami/charts/commit/72ca4e994dea7614620d247f7200767c748b3103)), closes [#4249](https://github.com/bitnami/charts/issues/4249)
+
+## <small>10.0.4 (2020-11-17)</small>
+
+* [bitnami/mongodb] Release 10.0.4 updating components versions ([03dfb8d](https://github.com/bitnami/charts/commit/03dfb8d4de7e6ce556999936e71263486459eedd))
+
+## <small>10.0.3 (2020-11-16)</small>
+
+* [bitnami/mongodb] Metrics container will not take TLS settings when cluster is TLS enabled (#4233) ([b357fc6](https://github.com/bitnami/charts/commit/b357fc61af4ce1150d3c51205864a3273cd83beb)), closes [#4233](https://github.com/bitnami/charts/issues/4233)
+
+## <small>10.0.2 (2020-11-13)</small>
+
+* [bitnami/mongodb] Release 10.0.2 updating components versions ([8fdca59](https://github.com/bitnami/charts/commit/8fdca59e14807432228776fc24ebe035714e4fc8))
+
+## <small>10.0.1 (2020-11-13)</small>
+
+* [bitnami/mongodb] Fix prometheus rules (#4339) ([487e50e](https://github.com/bitnami/charts/commit/487e50ece8160025ec7a6e2236666b14d99b27cb)), closes [#4339](https://github.com/bitnami/charts/issues/4339)
+
+## 10.0.0 (2020-11-10)
+
+* [bitnami/mongodb] Fix README.md issue (#4164) ([111391d](https://github.com/bitnami/charts/commit/111391dcc27addfb7b97e499a2a2e0ef8e487462)), closes [#4164](https://github.com/bitnami/charts/issues/4164)
+* [bitnami/mongodb] Major version. Adapt Chart to apiVersion: v2 (#4296) ([ef81720](https://github.com/bitnami/charts/commit/ef817205d8ef56360c2b022532201002a6b8459f)), closes [#4296](https://github.com/bitnami/charts/issues/4296)
+
+## <small>9.3.1 (2020-10-30)</small>
+
+* fix: add multiline string indicator in example data (#4153) ([2f94dcc](https://github.com/bitnami/charts/commit/2f94dccd10897af38a007e1c692849fd4266093e)), closes [#4153](https://github.com/bitnami/charts/issues/4153)
+
+## 9.3.0 (2020-10-29)
+
+* [bitnami/*] Include link to Troubleshootin guide on README.md (#4136) ([c08a20e](https://github.com/bitnami/charts/commit/c08a20e3db004215383004ff023a73fcc2522e72)), closes [#4136](https://github.com/bitnami/charts/issues/4136)
+* bitnami/mongodb TLS cert generation (#3959) ([97a6b86](https://github.com/bitnami/charts/commit/97a6b8613a71d8fbf1ead89c00a28d2c73c778d5)), closes [#3959](https://github.com/bitnami/charts/issues/3959)
+
+## <small>9.2.6 (2020-10-26)</small>
+
+* [bitnami/mongodb] document `auth.existingSecret` keys (#4099) ([4bd0268](https://github.com/bitnami/charts/commit/4bd0268633bc99a4a4d6f910a8540fffc35ef297)), closes [#4099](https://github.com/bitnami/charts/issues/4099)
+
+## <small>9.2.5 (2020-10-21)</small>
+
+* [bitnami/mongodb] Release 9.2.5 updating components versions ([6585677](https://github.com/bitnami/charts/commit/6585677e51846d705925f15f58191128df0707c3))
+
+## <small>9.2.4 (2020-10-09)</small>
+
+* [bitnami/mongodb] Fix typo in external access namespace (#3965) ([9c93bc8](https://github.com/bitnami/charts/commit/9c93bc8ff4919e203009eb7bf96a8e3f2e5b07c2)), closes [#3965](https://github.com/bitnami/charts/issues/3965)
+
+## <small>9.2.3 (2020-10-08)</small>
+
+* [bitnami/mongodb] Fix mongodb external access (#3937) ([d0d5956](https://github.com/bitnami/charts/commit/d0d595691e6230e56560b00f4f1be46efa5124dd)), closes [#3937](https://github.com/bitnami/charts/issues/3937)
+
+## <small>9.2.2 (2020-09-29)</small>
+
+* [bitnami/mongodb] Add 'auth.replicaSetKey' to schema json (#3812) ([add3303](https://github.com/bitnami/charts/commit/add3303181a502450ae17eb3b46070cd45c1bd0e)), closes [#3812](https://github.com/bitnami/charts/issues/3812)
+
+## <small>9.2.1 (2020-09-21)</small>
+
+* [bitnami/mongodb] Release 9.2.1 updating components versions ([e454d4e](https://github.com/bitnami/charts/commit/e454d4edc0867833dca59c989ab5005635be5c71))
+
+## 9.2.0 (2020-09-21)
+
+* [bitnami/mongodb] Add arbitrary securityContext configuration to improve security (#3718) ([caaf351](https://github.com/bitnami/charts/commit/caaf351a2e96db080376f49cecaf4d26f1b74855)), closes [#3718](https://github.com/bitnami/charts/issues/3718)
+
+## <small>9.1.2 (2020-09-11)</small>
+
+* [bitnami/mongodb] Fix values descriptions (#3656) ([ed2271d](https://github.com/bitnami/charts/commit/ed2271d53c13d6cddde28c4e966bc19328ba952e)), closes [#3656](https://github.com/bitnami/charts/issues/3656)
+
+## <small>9.1.1 (2020-09-09)</small>
+
+* [bitnami/mongodb] Release 9.1.1 updating components versions ([5885fb1](https://github.com/bitnami/charts/commit/5885fb1012f4335d53d8e819e60d58e546358334))
+
+## 9.1.0 (2020-09-07)
+
+* [bitnami/metrics-server] Add source repo (#3577) ([1ed12f9](https://github.com/bitnami/charts/commit/1ed12f96af75322b46afdb2b3d9907c11b13f765)), closes [#3577](https://github.com/bitnami/charts/issues/3577)
+* [bitnami/mongodb] Additional URI options of the MongoDB Exporter (#3590) ([c4c8783](https://github.com/bitnami/charts/commit/c4c878369f0aced7257d33c81cf361d57011c0b9)), closes [#3590](https://github.com/bitnami/charts/issues/3590)
+
+## <small>9.0.1 (2020-08-31)</small>
+
+* [bitnami/mongodb] fix required ReplicaSetKey when auth.enabled=false (#3544) ([2e55615](https://github.com/bitnami/charts/commit/2e556153228b0bd79728adaaea72570ad76aa2a3)), closes [#3544](https://github.com/bitnami/charts/issues/3544)
+
+## 9.0.0 (2020-08-25)
+
+* [bitnami/mongodb] Add notes to upgrade to 9.0.0 (#3511) ([e24e044](https://github.com/bitnami/charts/commit/e24e044e30297722a65fcfaa44b9182f80abb145)), closes [#3511](https://github.com/bitnami/charts/issues/3511)
+* [bitnami/mongodb] Release 9.0.0 updating components versions ([99c83cf](https://github.com/bitnami/charts/commit/99c83cf16905bc0849e7f569264a450cc6425edf))
+
+## <small>8.3.2 (2020-08-21)</small>
+
+* [bitnami/mongodb] Release 8.3.2 updating components versions ([a4ef29d](https://github.com/bitnami/charts/commit/a4ef29dfb1df32b3bc5504c84acd39717d40f9b4))
+
+## <small>8.3.1 (2020-08-18)</small>
+
+* [bitnami/mongodb] Do not check passwords when auth.enabled=false (#3449) ([a3bae01](https://github.com/bitnami/charts/commit/a3bae01ad63912e3b5c4c4742928df09573b6d6c)), closes [#3449](https://github.com/bitnami/charts/issues/3449)
+
+## 8.3.0 (2020-08-13)
+
+* [bitnami/*] Use common helps for upgrade password errors (#3335) ([079f5bd](https://github.com/bitnami/charts/commit/079f5bd6ec59bb058216d6a931449b895517c789)), closes [#3335](https://github.com/bitnami/charts/issues/3335)
+* fix existingSecret on metrics pod (#3370) ([28dfe83](https://github.com/bitnami/charts/commit/28dfe8395c4bb21b9aa50d830c51946b6f6bf45e)), closes [#3370](https://github.com/bitnami/charts/issues/3370)
+
+## <small>8.2.5 (2020-08-10)</small>
+
+* [bitnami/mongodb] Not enable metrics-svc.yaml with metrics.enabled=false (#3346) ([39fc0e2](https://github.com/bitnami/charts/commit/39fc0e2e29d2bf81892374d754d8c3dfba924fb6)), closes [#3346](https://github.com/bitnami/charts/issues/3346)
+* Update Chart.yaml ([b455016](https://github.com/bitnami/charts/commit/b4550164c8572682f36ea6dfe493999840ca0a94))
+
+## <small>8.2.4 (2020-08-07)</small>
+
+* [bitnami/mongodb] Release 8.2.4 updating components versions ([dbfdbb2](https://github.com/bitnami/charts/commit/dbfdbb277b0c9171ca29b52d990d5ef720c3cc06))
+
+## <small>8.2.3 (2020-08-05)</small>
+
+* [bitnami/mongodb] Fix default values for pdb.minAvailable/maxUnavailable (#3336) ([350f665](https://github.com/bitnami/charts/commit/350f6653bfcb3fd161ec71d668e568a73d37a9fd)), closes [#3336](https://github.com/bitnami/charts/issues/3336)
+
+## <small>8.2.2 (2020-08-05)</small>
+
+* [bitnami/*] Fix TL;DR typo in READMEs (#3280) ([3d7ab40](https://github.com/bitnami/charts/commit/3d7ab406fecd64f1af25f53e7d27f03ec95b29a4)), closes [#3280](https://github.com/bitnami/charts/issues/3280)
+* [bitnami/mongodb] Release 8.2.2 updating components versions ([938cd95](https://github.com/bitnami/charts/commit/938cd95e6ae334b4580dddafff0cde68f8f16f46))
+
+## <small>8.2.1 (2020-07-23)</small>
+
+* [bitnami/mongodb] Release 8.2.1 updating components versions ([7dcc46a](https://github.com/bitnami/charts/commit/7dcc46ae23080015895721b9f860e80dbe0bfffd))
+
+## 8.2.0 (2020-07-22)
+
+* [bitnami/mongodb] Allow disabling the MongoDB Arbiter (#3165) ([ed275c5](https://github.com/bitnami/charts/commit/ed275c5f8748e233dfe85b9e1bcea2723a638cd9)), closes [#3165](https://github.com/bitnami/charts/issues/3165)
+
+## <small>8.1.5 (2020-07-21)</small>
+
+* [bitnami/mongodb] Release 8.1.5 updating components versions ([7efaf3f](https://github.com/bitnami/charts/commit/7efaf3fdf94880f64d12c1ec6ed80304ada741cf))
+
+## <small>8.1.4 (2020-07-21)</small>
+
+* [bitnami/mongodb] Fix externalaccess svc (#3172) ([d1f0b7b](https://github.com/bitnami/charts/commit/d1f0b7b22e81e3536121a6ac57b28327935fb7fc)), closes [#3172](https://github.com/bitnami/charts/issues/3172)
+
+## <small>8.1.3 (2020-07-17)</small>
+
+* [bitnami/mongodb] Release 8.1.3 updating components versions ([4e772b1](https://github.com/bitnami/charts/commit/4e772b1f966d4138c485c46811969ef62ed64fc9))
+
+## <small>8.1.2 (2020-07-16)</small>
+
+* [bitnami/mongodb] Fix metrics MongoDB when auth is disabled (#3136) ([bb8b520](https://github.com/bitnami/charts/commit/bb8b520840b54a507f127ccba601aa514f37d725)), closes [#3136](https://github.com/bitnami/charts/issues/3136)
+* Fix MongoDB configmap usage (#3117) ([15a4eaa](https://github.com/bitnami/charts/commit/15a4eaa63b321755e753962ffca32758163460f5)), closes [#3117](https://github.com/bitnami/charts/issues/3117)
+
+## <small>8.1.1 (2020-07-14)</small>
+
+* [bitnami/mongodb] Release 8.1.1 updating components versions ([da1225d](https://github.com/bitnami/charts/commit/da1225d2972ee6e0f48f4091218fd5aaa46a4156))
+
+## 8.1.0 (2020-07-14)
+
+* [bitnami/all] Add categories (#3075) ([63bde06](https://github.com/bitnami/charts/commit/63bde066b87a140fab52264d0522401ab3d63509)), closes [#3075](https://github.com/bitnami/charts/issues/3075)
+* [bitnami/mongodb] Allow custom port names (#3109) ([0336cb3](https://github.com/bitnami/charts/commit/0336cb351a61f0f6093e7ea0771466ecfd0bca4d)), closes [#3109](https://github.com/bitnami/charts/issues/3109)
+
+## <small>8.0.9 (2020-07-08)</small>
+
+* [bitnami/mongodb] Release 8.0.9 updating components versions ([8a2478c](https://github.com/bitnami/charts/commit/8a2478c62a9313df92bbde1dad88100ab08f1a29))
+
+## <small>8.0.8 (2020-07-08)</small>
+
+* [bitnami/mongodb] Fix MongoDB Advertised hostname (#3060) ([d80d489](https://github.com/bitnami/charts/commit/d80d489e21f61c65c08f8c0c1f9377eb77d752bc)), closes [#3060](https://github.com/bitnami/charts/issues/3060)
+
+## <small>8.0.7 (2020-07-07)</small>
+
+* [bitnami/mongodb] Release 8.0.7 updating components versions ([59c43e8](https://github.com/bitnami/charts/commit/59c43e8c395d7b964b9568d2d00975b2e6009b1c))
+
+## <small>8.0.6 (2020-07-07)</small>
+
+* Fix Mongodb helpers sintax (#3041) ([c471a59](https://github.com/bitnami/charts/commit/c471a59057cbc827ed35ec00a7c2a0e0498b2732)), closes [#3041](https://github.com/bitnami/charts/issues/3041)
+
+## <small>8.0.5 (2020-07-06)</small>
+
+* [bitnami/mongodb] Release 8.0.5 updating components versions ([f730ec4](https://github.com/bitnami/charts/commit/f730ec44fad638ada792fa668d0be02987414af2))
+
+## <small>8.0.4 (2020-07-06)</small>
+
+* [bitnami/mongodb] Fix target port when enabling external access (#3027) ([de07253](https://github.com/bitnami/charts/commit/de072538f86428e5a46cc1ce39d7aa7e554314e3)), closes [#3027](https://github.com/bitnami/charts/issues/3027)
+
+## <small>8.0.3 (2020-07-03)</small>
+
+* [bitnami/mongodb] Release 8.0.3 updating components versions ([25b828d](https://github.com/bitnami/charts/commit/25b828d36ba4145541a8646579174c6d132d3a60))
+
+## <small>8.0.2 (2020-07-01)</small>
+
+* [bitnami/mongodb] fix up StatefulSet metrics securityContext (#2982) ([aafdbd5](https://github.com/bitnami/charts/commit/aafdbd50759edf62b48b6e4a03093d63a2f77506)), closes [#2982](https://github.com/bitnami/charts/issues/2982)
+
+## <small>8.0.1 (2020-06-30)</small>
+
+* [bitnami/mongodb] Release 8.0.1 updating components versions ([54aa501](https://github.com/bitnami/charts/commit/54aa501b7f6633c437add6eb260f9b3f16179f5f))
+
+## 8.0.0 (2020-06-30)
+
+* [bitnami/mongodb] Refactor MongoDB exposure (#2918) ([a55ce7b](https://github.com/bitnami/charts/commit/a55ce7b2c35cdbbddf68f0933709e05ededd8af0)), closes [#2918](https://github.com/bitnami/charts/issues/2918)
+
+## <small>7.14.8 (2020-06-19)</small>
+
+* [bitnami/mongodb] Release 7.14.8 updating components versions ([fd66bb3](https://github.com/bitnami/charts/commit/fd66bb3f9160a5459c647813e5d6b9ec16e67ed6))
+* [multiple charts] Update hidden properties in the different JSON schemas (#2871) ([4cff6ba](https://github.com/bitnami/charts/commit/4cff6ba8b0013b6dc368a1e7986c393e8447e75b)), closes [#2871](https://github.com/bitnami/charts/issues/2871)
+
+## <small>7.14.7 (2020-06-16)</small>
+
+* MongoDB tolerations default value (#2850) ([abc650a](https://github.com/bitnami/charts/commit/abc650a51260ba36923769d12a00a76a8be028d7)), closes [#2850](https://github.com/bitnami/charts/issues/2850)
+
+## <small>7.14.6 (2020-06-11)</small>
+
+* [bitnami/mongodb] Release 7.14.6 updating components versions ([abdb47f](https://github.com/bitnami/charts/commit/abdb47f0cfba2b86e9379ef7e007e252d4e25eda))
+* [bitnami/several] Add instructions about how to use different branches (#2785) ([c315cb0](https://github.com/bitnami/charts/commit/c315cb078a4cef97ff53cf2066b34add3f2926ba)), closes [#2785](https://github.com/bitnami/charts/issues/2785)
+
+## <small>7.14.5 (2020-06-02)</small>
+
+* [bitnami/mongodb] Release 7.14.5 updating components versions ([d17d2b2](https://github.com/bitnami/charts/commit/d17d2b2fb1048a5241799509b878fcbb318294d6))
+
+## <small>7.14.4 (2020-06-02)</small>
+
+* [bitnami/mongodb] Rename serviceaccount.yml to serviceaccount.yaml (#2710) ([9ea3da1](https://github.com/bitnami/charts/commit/9ea3da107e1c655d26a3042f5bad2094d40bb4eb)), closes [#2710](https://github.com/bitnami/charts/issues/2710)
+
+## <small>7.14.3 (2020-05-29)</small>
+
+* [bitnami/mongodb] Release 7.14.3 updating components versions ([83e99f9](https://github.com/bitnami/charts/commit/83e99f9c7728e0377929fb0800eeffd2759aa0f7))
+
+## <small>7.14.2 (2020-05-21)</small>
+
+* [bitnami/mongodb] Release 7.14.2 updating components versions ([e17eeb4](https://github.com/bitnami/charts/commit/e17eeb4ed644deff5139ba6100d6f3761d12e2e8))
+* update bitnami/common to be compatible with helm v2.12+ (#2615) ([c7751eb](https://github.com/bitnami/charts/commit/c7751eb5764e468e1854b58a1b8491d2b13e0a4a)), closes [#2615](https://github.com/bitnami/charts/issues/2615)
+
+## <small>7.14.1 (2020-05-12)</small>
+
+* [bitnami/mongodb] Remove useless define functions (#2576) ([02a6c10](https://github.com/bitnami/charts/commit/02a6c10b689739776616371cfe2650c3b0cf84ea)), closes [#2576](https://github.com/bitnami/charts/issues/2576)
+
+## 7.14.0 (2020-05-04)
+
+* [bitnami/mongodb] add storageClass field for secondary in persistence (#2407) ([da5be26](https://github.com/bitnami/charts/commit/da5be265f7dab6159509789a72529e164453f70f)), closes [#2407](https://github.com/bitnami/charts/issues/2407)
+
+## <small>7.13.2 (2020-05-01)</small>
+
+* [bitnami/mongodb] Corrected conditional check for clusterDomain and revert defaults (#2477) ([d30368c](https://github.com/bitnami/charts/commit/d30368c2986232b71004f29b569cf23b7109e2f2)), closes [#2477](https://github.com/bitnami/charts/issues/2477) [#2340](https://github.com/bitnami/charts/issues/2340)
+
+## <small>7.13.1 (2020-05-01)</small>
+
+* [bitnami/mongodb] clusterDomain values forces to use only FQDN (#2340) ([4985844](https://github.com/bitnami/charts/commit/49858447aef3d8005073f167d6e3f84373ec8b36)), closes [#2340](https://github.com/bitnami/charts/issues/2340)
+* [bitnami/mongodb] Release 7.13.1 updating components versions ([a0b7f1f](https://github.com/bitnami/charts/commit/a0b7f1f237515a8877000d12219e201dafc0c575))
+
+## 7.13.0 (2020-04-23)
+
+* [bitnami/mongodb] add nodeSelector option for secondary statefulset (#2398) ([be173dc](https://github.com/bitnami/charts/commit/be173dc85d219332f551923e2ac6b42049fd6a9c)), closes [#2398](https://github.com/bitnami/charts/issues/2398)
+
+## <small>7.12.1 (2020-04-23)</small>
+
+* [bitnami/mongodb] Release 7.12.1 updating components versions ([6c96a04](https://github.com/bitnami/charts/commit/6c96a042473ab7cf3a50a82c41bfe9fd396132ee))
+
+## 7.12.0 (2020-04-23)
+
+* [bitnami/mongodb] allow arbiter to run on a different nodeSelector (#2370) ([01cb35c](https://github.com/bitnami/charts/commit/01cb35c8b16107a30cfe4dc281056a9dcb5381a4)), closes [#2370](https://github.com/bitnami/charts/issues/2370)
+
+## <small>7.11.1 (2020-04-22)</small>
+
+* [bitnami/mongodb] Release 7.11.1 updating components versions ([59c8ec8](https://github.com/bitnami/charts/commit/59c8ec8ab645eab89925ff012a5c4c5f4ac00656))
+
+## 7.11.0 (2020-04-22)
+
+* [bitnami/mongodb] adding local and global namespace overrides for mongodb (#2351) ([055679a](https://github.com/bitnami/charts/commit/055679aac7c213f82bb1bd25c3d73c377cfaf1dc)), closes [#2351](https://github.com/bitnami/charts/issues/2351)
+
+## <small>7.10.13 (2020-04-22)</small>
+
+* [bitnami/mongodb] Release 7.10.13 updating components versions ([dd78f46](https://github.com/bitnami/charts/commit/dd78f46cf47a784544aeab50b319762b53062938))
+
+## <small>7.10.12 (2020-04-17)</small>
+
+* [bitnami/mongodb] Release 7.10.12 updating components versions ([aa69bdd](https://github.com/bitnami/charts/commit/aa69bdd399f5a4e51239f93a165ee6f55913403f))
+
+## <small>7.10.11 (2020-04-17)</small>
+
+* [bitnami/mongodb] Release 7.10.11 updating components versions ([3bbac20](https://github.com/bitnami/charts/commit/3bbac20572444c4c42ee43d0b7c44f706535e474))
+
+## <small>7.10.10 (2020-04-06)</small>
+
+* [bitnami/mongodb] Release 7.10.10 updating components versions ([f44ec94](https://github.com/bitnami/charts/commit/f44ec9461d746b8a455f3afc0219a45b946bce27))
+
+## <small>7.10.9 (2020-04-06)</small>
+
+* [bitnami/mongodb] add ALLOW_EMPTY_PASSWORD=yes when usePassword=false (#2091) ([ff1db9d](https://github.com/bitnami/charts/commit/ff1db9d4264e63ff3afb340ddaf0a4ff89ff8a82)), closes [#2091](https://github.com/bitnami/charts/issues/2091)
+
+## <small>7.10.8 (2020-04-06)</small>
+
+* [bitnami/mongodb] Fix indentation of metrics.resources (#2224) ([26ba8a0](https://github.com/bitnami/charts/commit/26ba8a0c8bc56141c6e6dbc07eb2d3830e0f57fb)), closes [#2224](https://github.com/bitnami/charts/issues/2224)
+
+## <small>7.10.7 (2020-04-03)</small>
+
+* [bitnami/mongodb]: Fix indentation on extraVolumeMounts in deployment-standalone.yaml (#2201) ([fe54855](https://github.com/bitnami/charts/commit/fe5485523a7c6447de4d49c6fa68b8e8ab6d59d8)), closes [#2201](https://github.com/bitnami/charts/issues/2201)
+
+## <small>7.10.6 (2020-03-31)</small>
+
+* [bitnami/mongodb] fix indent error in resources (#2164) ([420efdd](https://github.com/bitnami/charts/commit/420efdd0e394c4676bc7376d8b5cac35ecba6ffd)), closes [#2164](https://github.com/bitnami/charts/issues/2164) [#2163](https://github.com/bitnami/charts/issues/2163) [#2163](https://github.com/bitnami/charts/issues/2163)
+* [bitnami/mongodb] Fix indentation error (#2149) ([0b9ea37](https://github.com/bitnami/charts/commit/0b9ea37ac2495884613269bc70401e4a6b53c6cd)), closes [#2149](https://github.com/bitnami/charts/issues/2149)
+
+## <small>7.10.5 (2020-03-27)</small>
+
+* [bitnami/mongodb] Release 7.10.5 updating components versions ([a922609](https://github.com/bitnami/charts/commit/a922609db168637c03652e255c551f1a2dd5efc2))
+
+## <small>7.10.4 (2020-03-26)</small>
+
+* [bitnami/mongodb] Release 7.10.4 updating components versions ([c5538a8](https://github.com/bitnami/charts/commit/c5538a86babea164117d278e53dbeb5bea72beea))
+
+## <small>7.10.3 (2020-03-25)</small>
+
+* [bitnami/mongodb] Fix indentation error (#2139) ([886a2c0](https://github.com/bitnami/charts/commit/886a2c0a5823846906b51c200c53a45763656e2a)), closes [#2139](https://github.com/bitnami/charts/issues/2139)
+
+## <small>7.10.2 (2020-03-25)</small>
+
+* [bitnami/mongodb] Fix minor spelling error 'enalbed' (#2129) ([be41ed7](https://github.com/bitnami/charts/commit/be41ed7ee93282a1907feabf333ba55f8e45a041)), closes [#2129](https://github.com/bitnami/charts/issues/2129)
+* [bitnami/mongodb] Release 7.10.2 updating components versions ([15b463d](https://github.com/bitnami/charts/commit/15b463d570e67fa8889342bc72a60089b5a46b18))
+
+## <small>7.10.1 (2020-03-25)</small>
+
+* [bitnami/mongodb] Release 7.10.1 updating components versions ([caba123](https://github.com/bitnami/charts/commit/caba1238592e52f58652a3c8c582b8d9c7c58780))
+
+## 7.10.0 (2020-03-24)
+
+* [bitnami/mongodb] Allow using existingClaim in the cluster primary node (#2101) ([d9fcba3](https://github.com/bitnami/charts/commit/d9fcba3a3d5ccf67d2e3281baea102ae9885f90b)), closes [#2101](https://github.com/bitnami/charts/issues/2101)
+
+## <small>7.9.1 (2020-03-23)</small>
+
+* [bitnami/mongodb] Issue 2096. Encode @ : in username / password when connect to mongo (#2099) ([39ec8d6](https://github.com/bitnami/charts/commit/39ec8d6dec88339da666abf036c78e7fdd41a3cd)), closes [#2099](https://github.com/bitnami/charts/issues/2099)
+
+## 7.9.0 (2020-03-23)
+
+* [bitnami/mongodb] Fix svc name in arbitrer (#2076) ([301bb18](https://github.com/bitnami/charts/commit/301bb18b0f8455d6f64c26aedd50ee9d7c74c221)), closes [#2076](https://github.com/bitnami/charts/issues/2076)
+* Add serviceAccount.create and serviceAccount.name to mongodb chart (#2106) ([20312fc](https://github.com/bitnami/charts/commit/20312fc012d33f354ab0fde5d0b18d56efb56ba2)), closes [#2106](https://github.com/bitnami/charts/issues/2106)
+
+## <small>7.8.10 (2020-03-11)</small>
+
+* [bitnami/mongodb] Release 7.8.10 updating components versions ([9601c81](https://github.com/bitnami/charts/commit/9601c816aa9c384291a12e71a9b2c63830e519d7))
+
+## <small>7.8.9 (2020-03-11)</small>
+
+* Move charts from upstreamed folder to bitnami (#2032) ([a0e44f7](https://github.com/bitnami/charts/commit/a0e44f7d6a10b8b5643186130ea420887cb72c7c)), closes [#2032](https://github.com/bitnami/charts/issues/2032)
diff --git a/kubernetes/common/mongodb/Chart.yaml b/kubernetes/common/mongodb/Chart.yaml

index fc39ce3..62cc76c 100644 (file)
--- a/kubernetes/common/mongodb/Chart.yaml
+++ b/kubernetes/common/mongodb/Chart.yaml
@@ -1,22 +1,23 @@
-# Copyright VMware, Inc.
+# Copyright Broadcom, Inc. All Rights Reserved.
  # SPDX-License-Identifier: APACHE-2.0
  
  annotations:
    category: Database
-  licenses: Apache-2.0
    images: |
      - name: kubectl
-      image: docker.io/bitnami/kubectl:1.29.2-debian-12-r1
+      image: docker.io/bitnami/kubectl:1.33.0-debian-12-r1
      - name: mongodb
-      image: docker.io/bitnami/mongodb:7.0.5-debian-12-r4
+      image: docker.io/bitnami/mongodb:8.0.9-debian-12-r0
      - name: mongodb-exporter
-      image: docker.io/bitnami/mongodb-exporter:0.40.0-debian-12-r11
+      image: docker.io/bitnami/mongodb-exporter:0.44.0-debian-12-r5
      - name: nginx
-      image: docker.io/bitnami/nginx:1.25.4-debian-12-r1
+      image: docker.io/bitnami/nginx:1.28.0-debian-12-r0
      - name: os-shell
-      image: docker.io/bitnami/os-shell:12-debian-12-r15
+      image: docker.io/bitnami/os-shell:12-debian-12-r43
+  licenses: Apache-2.0
+  tanzuCategory: service
  apiVersion: v2
-appVersion: 7.0.8
+appVersion: 8.0.9
  dependencies:
  - name: common
    repository: 'file://./common'
@@ -24,9 +25,11 @@ dependencies:
    tags:
    - bitnami-common
    version: 2.x.x
-description: MongoDB(R) is a relational open source NoSQL database. Easy to use, it stores data in JSON-like documents. Automated scalability and high-performance. Ideal for developing cloud native applications.
+description: MongoDB(R) is a relational open source NoSQL database. Easy to use, it
+  stores data in JSON-like documents. Automated scalability and high-performance.
+  Ideal for developing cloud native applications.
  home: https://bitnami.com
-icon: https://bitnami.com/assets/stacks/mongodb/img/mongodb-stack-220x234.png
+icon: https://dyltqmyl993wv.cloudfront.net/assets/stacks/mongodb/img/mongodb-stack-220x234.png
  keywords:
  - mongodb
  - database
@@ -35,9 +38,9 @@ keywords:
  - replicaset
  - replication
  maintainers:
-- name: VMware, Inc.
+- name: Broadcom, Inc. All Rights Reserved.
    url: https://github.com/bitnami/charts
  name: mongodb
  sources:
  - https://github.com/bitnami/charts/tree/main/bitnami/mongodb
-version: 14.12.4
+version: 16.5.7
diff --git a/kubernetes/common/mongodb/README.md b/kubernetes/common/mongodb/README.md

index a4d1803..5caf0df 100644 (file)
--- a/kubernetes/common/mongodb/README.md
+++ b/kubernetes/common/mongodb/README.md
@@ -1,12 +1,12 @@
  <!--- app-name: MongoDB&reg; -->
  
-# MongoDB(R) packaged by Bitnami
+# MongoDB&reg; packaged by Bitnami
  
-MongoDB(R) is a relational open source NoSQL database. Easy to use, it stores data in JSON-like documents. Automated scalability and high-performance. Ideal for developing cloud native applications.
+MongoDB&reg; is a relational open source NoSQL database. Easy to use, it stores data in JSON-like documents. Automated scalability and high-performance. Ideal for developing cloud native applications.
  
  [Overview of MongoDB&reg;](http://www.mongodb.org)
  
-Disclaimer: The respective trademarks mentioned in the offering are owned by the respective companies. We do not provide a commercial license for any of these products. This listing has an open-source license. MongoDB(R) is run and maintained by MongoDB, which is a completely separate project from Bitnami.
+Disclaimer: The respective trademarks mentioned in the offering are owned by the respective companies. We do not provide a commercial license for any of these products. This listing has an open-source license. MongoDB&reg; is run and maintained by MongoDB, which is a completely separate project from Bitnami.
  
  ## TL;DR
  
@@ -14,44 +14,12 @@ Disclaimer: The respective trademarks mentioned in the offering are owned by the
  helm install my-release oci://registry-1.docker.io/bitnamicharts/mongodb
  ```
  
-Looking to use MongoDBreg; in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog.
+Looking to use MongoDBreg; in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog.
  
  ## Introduction
  
  This chart bootstraps a [MongoDB(&reg;)](https://github.com/bitnami/containers/tree/main/bitnami/mongodb) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
  
-Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment and management of Helm Charts in clusters.
-
-## Prerequisites
-
-- Kubernetes 1.23+
-- Helm 3.8.0+
-- PV provisioner support in the underlying infrastructure
-
-## Installing the Chart
-
-To install the chart with the release name `my-release`:
-
-```console
-helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mongodb
-```
-
-> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`.
-
-The command deploys MongoDB(&reg;) on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation.
-
-> **Tip**: List all releases using `helm list`
-
-## Uninstalling the Chart
-
-To uninstall/delete the `my-release` deployment:
-
-```console
-helm delete my-release
-```
-
-The command removes all the Kubernetes components associated with the chart and deletes the release.
-
  ## Architecture
  
  This chart allows installing MongoDB(&reg;) using two different architecture setups: `standalone` or `replicaset`. Use the `architecture` parameter to choose the one to use:
@@ -125,625 +93,53 @@ There are no services load balancing requests between MongoDB(&reg;) nodes; inst
  
  > NOTE: Although the first replica is initially assigned the primary role, any of the secondary nodes can become the primary if it is down, or during upgrades. Do not make any assumption about what replica has the primary role. Instead, configure your MongoDB(&reg;) client with the list of MongoDB(&reg;) hostnames so it can dynamically choose the node to send requests.
  
-## Parameters
-
-### Global parameters
-
-| Name                       | Description                                                                                                            | Value |
-| -------------------------- | ---------------------------------------------------------------------------------------------------------------------- | ----- |
-| `global.imageRegistry`     | Global Docker image registry                                                                                           | `""`  |
-| `global.imagePullSecrets`  | Global Docker registry secret names as an array                                                                        | `[]`  |
-| `global.storageClass`      | Global StorageClass for Persistent Volume(s)                                                                           | `""`  |
-| `global.namespaceOverride` | Override the namespace for resource deployed by the chart, but can itself be overridden by the local namespaceOverride | `""`  |
-
-### Common parameters
-
-| Name                      | Description                                                                                               | Value           |
-| ------------------------- | --------------------------------------------------------------------------------------------------------- | --------------- |
-| `nameOverride`            | String to partially override mongodb.fullname template (will maintain the release name)                   | `""`            |
-| `fullnameOverride`        | String to fully override mongodb.fullname template                                                        | `""`            |
-| `namespaceOverride`       | String to fully override common.names.namespace                                                           | `""`            |
-| `kubeVersion`             | Force target Kubernetes version (using Helm capabilities if not set)                                      | `""`            |
-| `clusterDomain`           | Default Kubernetes cluster domain                                                                         | `cluster.local` |
-| `extraDeploy`             | Array of extra objects to deploy with the release                                                         | `[]`            |
-| `commonLabels`            | Add labels to all the deployed resources (sub-charts are not considered). Evaluated as a template         | `{}`            |
-| `commonAnnotations`       | Common annotations to add to all Mongo resources (sub-charts are not considered). Evaluated as a template | `{}`            |
-| `topologyKey`             | Override common lib default topology key. If empty - "kubernetes.io/hostname" is used                     | `""`            |
-| `serviceBindings.enabled` | Create secret for service binding (Experimental)                                                          | `false`         |
-| `enableServiceLinks`      | Whether information about services should be injected into pod's environment variable                     | `true`          |
-| `diagnosticMode.enabled`  | Enable diagnostic mode (all probes will be disabled and the command will be overridden)                   | `false`         |
-| `diagnosticMode.command`  | Command to override all containers in the deployment                                                      | `["sleep"]`     |
-| `diagnosticMode.args`     | Args to override all containers in the deployment                                                         | `["infinity"]`  |
-
-### MongoDB(&reg;) parameters
-
-| Name                             | Description                                                                                                                                                                                                        | Value                     |
-| -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------- |
-| `image.registry`                 | MongoDB(&reg;) image registry                                                                                                                                                                                      | `REGISTRY_NAME`           |
-| `image.repository`               | MongoDB(&reg;) image registry                                                                                                                                                                                      | `REPOSITORY_NAME/mongodb` |
-| `image.digest`                   | MongoDB(&reg;) image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag                                                                                                     | `""`                      |
-| `image.pullPolicy`               | MongoDB(&reg;) image pull policy                                                                                                                                                                                   | `IfNotPresent`            |
-| `image.pullSecrets`              | Specify docker-registry secret names as an array                                                                                                                                                                   | `[]`                      |
-| `image.debug`                    | Set to true if you would like to see extra information on logs                                                                                                                                                     | `false`                   |
-| `schedulerName`                  | Name of the scheduler (other than default) to dispatch pods                                                                                                                                                        | `""`                      |
-| `architecture`                   | MongoDB(&reg;) architecture (`standalone` or `replicaset`)                                                                                                                                                         | `standalone`              |
-| `useStatefulSet`                 | Set to true to use a StatefulSet instead of a Deployment (only when `architecture=standalone`)                                                                                                                     | `false`                   |
-| `auth.enabled`                   | Enable authentication                                                                                                                                                                                              | `true`                    |
-| `auth.rootUser`                  | MongoDB(&reg;) root user                                                                                                                                                                                           | `root`                    |
-| `auth.rootPassword`              | MongoDB(&reg;) root password                                                                                                                                                                                       | `""`                      |
-| `auth.usernames`                 | List of custom users to be created during the initialization                                                                                                                                                       | `[]`                      |
-| `auth.passwords`                 | List of passwords for the custom users set at `auth.usernames`                                                                                                                                                     | `[]`                      |
-| `auth.databases`                 | List of custom databases to be created during the initialization                                                                                                                                                   | `[]`                      |
-| `auth.username`                  | DEPRECATED: use `auth.usernames` instead                                                                                                                                                                           | `""`                      |
-| `auth.password`                  | DEPRECATED: use `auth.passwords` instead                                                                                                                                                                           | `""`                      |
-| `auth.database`                  | DEPRECATED: use `auth.databases` instead                                                                                                                                                                           | `""`                      |
-| `auth.replicaSetKey`             | Key used for authentication in the replicaset (only when `architecture=replicaset`)                                                                                                                                | `""`                      |
-| `auth.existingSecret`            | Existing secret with MongoDB(&reg;) credentials (keys: `mongodb-passwords`, `mongodb-root-password`, `mongodb-metrics-password`, `mongodb-replica-set-key`)                                                        | `""`                      |
-| `tls.enabled`                    | Enable MongoDB(&reg;) TLS support between nodes in the cluster as well as between mongo clients and nodes                                                                                                          | `false`                   |
-| `tls.mTLS.enabled`               | IF TLS support is enabled, require clients to provide certificates                                                                                                                                                 | `true`                    |
-| `tls.autoGenerated`              | Generate a custom CA and self-signed certificates                                                                                                                                                                  | `true`                    |
-| `tls.existingSecret`             | Existing secret with TLS certificates (keys: `mongodb-ca-cert`, `mongodb-ca-key`)                                                                                                                                  | `""`                      |
-| `tls.caCert`                     | Custom CA certificated (base64 encoded)                                                                                                                                                                            | `""`                      |
-| `tls.caKey`                      | CA certificate private key (base64 encoded)                                                                                                                                                                        | `""`                      |
-| `tls.pemChainIncluded`           | Flag to denote that the Certificate Authority (CA) certificates are bundled with the endpoint cert.                                                                                                                | `false`                   |
-| `tls.standalone.existingSecret`  | Existing secret with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled.                                                                         | `""`                      |
-| `tls.replicaset.existingSecrets` | Array of existing secrets with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled.                                                               | `[]`                      |
-| `tls.hidden.existingSecrets`     | Array of existing secrets with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled.                                                               | `[]`                      |
-| `tls.arbiter.existingSecret`     | Existing secret with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled.                                                                         | `""`                      |
-| `tls.image.registry`             | Init container TLS certs setup image registry                                                                                                                                                                      | `REGISTRY_NAME`           |
-| `tls.image.repository`           | Init container TLS certs setup image repository                                                                                                                                                                    | `REPOSITORY_NAME/nginx`   |
-| `tls.image.digest`               | Init container TLS certs setup image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag                                                                                     | `""`                      |
-| `tls.image.pullPolicy`           | Init container TLS certs setup image pull policy                                                                                                                                                                   | `IfNotPresent`            |
-| `tls.image.pullSecrets`          | Init container TLS certs specify docker-registry secret names as an array                                                                                                                                          | `[]`                      |
-| `tls.extraDnsNames`              | Add extra dns names to the CA, can solve x509 auth issue for pod clients                                                                                                                                           | `[]`                      |
-| `tls.mode`                       | Allows to set the tls mode which should be used when tls is enabled (options: `allowTLS`, `preferTLS`, `requireTLS`)                                                                                               | `requireTLS`              |
-| `tls.resourcesPreset`            | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if tls.resources is set (tls.resources is recommended for production). | `none`                    |
-| `tls.resources`                  | Set container requests and limits for different resources like CPU or memory (essential for production workloads)                                                                                                  | `{}`                      |
-| `tls.securityContext`            | Init container generate-tls-cert Security context                                                                                                                                                                  | `{}`                      |
-| `automountServiceAccountToken`   | Mount Service Account token in pod                                                                                                                                                                                 | `false`                   |
-| `hostAliases`                    | Add deployment host aliases                                                                                                                                                                                        | `[]`                      |
-| `replicaSetName`                 | Name of the replica set (only when `architecture=replicaset`)                                                                                                                                                      | `rs0`                     |
-| `replicaSetHostnames`            | Enable DNS hostnames in the replicaset config (only when `architecture=replicaset`)                                                                                                                                | `true`                    |
-| `enableIPv6`                     | Switch to enable/disable IPv6 on MongoDB(&reg;)                                                                                                                                                                    | `false`                   |
-| `directoryPerDB`                 | Switch to enable/disable DirectoryPerDB on MongoDB(&reg;)                                                                                                                                                          | `false`                   |
-| `systemLogVerbosity`             | MongoDB(&reg;) system log verbosity level                                                                                                                                                                          | `0`                       |
-| `disableSystemLog`               | Switch to enable/disable MongoDB(&reg;) system log                                                                                                                                                                 | `false`                   |
-| `disableJavascript`              | Switch to enable/disable MongoDB(&reg;) server-side JavaScript execution                                                                                                                                           | `false`                   |
-| `enableJournal`                  | Switch to enable/disable MongoDB(&reg;) Journaling                                                                                                                                                                 | `true`                    |
-| `configuration`                  | MongoDB(&reg;) configuration file to be used for Primary and Secondary nodes                                                                                                                                       | `""`                      |
-
-### replicaSetConfigurationSettings settings applied during runtime (not via configuration file)
-
-| Name                                            | Description                                                                                         | Value   |
-| ----------------------------------------------- | --------------------------------------------------------------------------------------------------- | ------- |
-| `replicaSetConfigurationSettings.enabled`       | Enable MongoDB(&reg;) Switch to enable/disable configuring MongoDB(&reg;) run time rs.conf settings | `false` |
-| `replicaSetConfigurationSettings.configuration` | run-time rs.conf settings                                                                           | `{}`    |
-| `existingConfigmap`                             | Name of existing ConfigMap with MongoDB(&reg;) configuration for Primary and Secondary nodes        | `""`    |
-| `initdbScripts`                                 | Dictionary of initdb scripts                                                                        | `{}`    |
-| `initdbScriptsConfigMap`                        | Existing ConfigMap with custom initdb scripts                                                       | `""`    |
-| `command`                                       | Override default container command (useful when using custom images)                                | `[]`    |
-| `args`                                          | Override default container args (useful when using custom images)                                   | `[]`    |
-| `extraFlags`                                    | MongoDB(&reg;) additional command line flags                                                        | `[]`    |
-| `extraEnvVars`                                  | Extra environment variables to add to MongoDB(&reg;) pods                                           | `[]`    |
-| `extraEnvVarsCM`                                | Name of existing ConfigMap containing extra env vars                                                | `""`    |
-| `extraEnvVarsSecret`                            | Name of existing Secret containing extra env vars (in case of sensitive data)                       | `""`    |
-
-### MongoDB(&reg;) statefulset parameters
-
-| Name                                                | Description                                                                                                                                                                                                | Value            |
-| --------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- |
-| `annotations`                                       | Additional labels to be added to the MongoDB(&reg;) statefulset. Evaluated as a template                                                                                                                   | `{}`             |
-| `labels`                                            | Annotations to be added to the MongoDB(&reg;) statefulset. Evaluated as a template                                                                                                                         | `{}`             |
-| `replicaCount`                                      | Number of MongoDB(&reg;) nodes                                                                                                                                                                             | `2`              |
-| `updateStrategy.type`                               | Strategy to use to replace existing MongoDB(&reg;) pods. When architecture=standalone and useStatefulSet=false,                                                                                            | `RollingUpdate`  |
-| `podManagementPolicy`                               | Pod management policy for MongoDB(&reg;)                                                                                                                                                                   | `OrderedReady`   |
-| `podAffinityPreset`                                 | MongoDB(&reg;) Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`                                                                                                         | `""`             |
-| `podAntiAffinityPreset`                             | MongoDB(&reg;) Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`                                                                                                    | `soft`           |
-| `nodeAffinityPreset.type`                           | MongoDB(&reg;) Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`                                                                                                   | `""`             |
-| `nodeAffinityPreset.key`                            | MongoDB(&reg;) Node label key to match Ignored if `affinity` is set.                                                                                                                                       | `""`             |
-| `nodeAffinityPreset.values`                         | MongoDB(&reg;) Node label values to match. Ignored if `affinity` is set.                                                                                                                                   | `[]`             |
-| `affinity`                                          | MongoDB(&reg;) Affinity for pod assignment                                                                                                                                                                 | `{}`             |
-| `nodeSelector`                                      | MongoDB(&reg;) Node labels for pod assignment                                                                                                                                                              | `{}`             |
-| `tolerations`                                       | MongoDB(&reg;) Tolerations for pod assignment                                                                                                                                                              | `[]`             |
-| `topologySpreadConstraints`                         | MongoDB(&reg;) Spread Constraints for Pods                                                                                                                                                                 | `[]`             |
-| `lifecycleHooks`                                    | LifecycleHook for the MongoDB(&reg;) container(s) to automate configuration before or after startup                                                                                                        | `{}`             |
-| `terminationGracePeriodSeconds`                     | MongoDB(&reg;) Termination Grace Period                                                                                                                                                                    | `""`             |
-| `podLabels`                                         | MongoDB(&reg;) pod labels                                                                                                                                                                                  | `{}`             |
-| `podAnnotations`                                    | MongoDB(&reg;) Pod annotations                                                                                                                                                                             | `{}`             |
-| `priorityClassName`                                 | Name of the existing priority class to be used by MongoDB(&reg;) pod(s)                                                                                                                                    | `""`             |
-| `runtimeClassName`                                  | Name of the runtime class to be used by MongoDB(&reg;) pod(s)                                                                                                                                              | `""`             |
-| `podSecurityContext.enabled`                        | Enable MongoDB(&reg;) pod(s)' Security Context                                                                                                                                                             | `true`           |
-| `podSecurityContext.fsGroupChangePolicy`            | Set filesystem group change policy                                                                                                                                                                         | `Always`         |
-| `podSecurityContext.supplementalGroups`             | Set filesystem extra groups                                                                                                                                                                                | `[]`             |
-| `podSecurityContext.fsGroup`                        | Group ID for the volumes of the MongoDB(&reg;) pod(s)                                                                                                                                                      | `1001`           |
-| `podSecurityContext.sysctls`                        | sysctl settings of the MongoDB(&reg;) pod(s)'                                                                                                                                                              | `[]`             |
-| `containerSecurityContext.enabled`                  | Enabled containers' Security Context                                                                                                                                                                       | `true`           |
-| `containerSecurityContext.seLinuxOptions`           | Set SELinux options in container                                                                                                                                                                           | `nil`            |
-| `containerSecurityContext.runAsUser`                | Set containers' Security Context runAsUser                                                                                                                                                                 | `1001`           |
-| `containerSecurityContext.runAsGroup`               | Set containers' Security Context runAsGroup                                                                                                                                                                | `0`              |
-| `containerSecurityContext.runAsNonRoot`             | Set container's Security Context runAsNonRoot                                                                                                                                                              | `true`           |
-| `containerSecurityContext.privileged`               | Set container's Security Context privileged                                                                                                                                                                | `false`          |
-| `containerSecurityContext.readOnlyRootFilesystem`   | Set container's Security Context readOnlyRootFilesystem                                                                                                                                                    | `false`          |
-| `containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation                                                                                                                                                  | `false`          |
-| `containerSecurityContext.capabilities.drop`        | List of capabilities to be dropped                                                                                                                                                                         | `["ALL"]`        |
-| `containerSecurityContext.seccompProfile.type`      | Set container's Security Context seccomp profile                                                                                                                                                           | `RuntimeDefault` |
-| `resourcesPreset`                                   | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). | `none`           |
-| `resources`                                         | Set container requests and limits for different resources like CPU or memory (essential for production workloads)                                                                                          | `{}`             |
-| `containerPorts.mongodb`                            | MongoDB(&reg;) container port                                                                                                                                                                              | `27017`          |
-| `livenessProbe.enabled`                             | Enable livenessProbe                                                                                                                                                                                       | `true`           |
-| `livenessProbe.initialDelaySeconds`                 | Initial delay seconds for livenessProbe                                                                                                                                                                    | `30`             |
-| `livenessProbe.periodSeconds`                       | Period seconds for livenessProbe                                                                                                                                                                           | `20`             |
-| `livenessProbe.timeoutSeconds`                      | Timeout seconds for livenessProbe                                                                                                                                                                          | `10`             |
-| `livenessProbe.failureThreshold`                    | Failure threshold for livenessProbe                                                                                                                                                                        | `6`              |
-| `livenessProbe.successThreshold`                    | Success threshold for livenessProbe                                                                                                                                                                        | `1`              |
-| `readinessProbe.enabled`                            | Enable readinessProbe                                                                                                                                                                                      | `true`           |
-| `readinessProbe.initialDelaySeconds`                | Initial delay seconds for readinessProbe                                                                                                                                                                   | `5`              |
-| `readinessProbe.periodSeconds`                      | Period seconds for readinessProbe                                                                                                                                                                          | `10`             |
-| `readinessProbe.timeoutSeconds`                     | Timeout seconds for readinessProbe                                                                                                                                                                         | `5`              |
-| `readinessProbe.failureThreshold`                   | Failure threshold for readinessProbe                                                                                                                                                                       | `6`              |
-| `readinessProbe.successThreshold`                   | Success threshold for readinessProbe                                                                                                                                                                       | `1`              |
-| `startupProbe.enabled`                              | Enable startupProbe                                                                                                                                                                                        | `false`          |
-| `startupProbe.initialDelaySeconds`                  | Initial delay seconds for startupProbe                                                                                                                                                                     | `5`              |
-| `startupProbe.periodSeconds`                        | Period seconds for startupProbe                                                                                                                                                                            | `20`             |
-| `startupProbe.timeoutSeconds`                       | Timeout seconds for startupProbe                                                                                                                                                                           | `10`             |
-| `startupProbe.failureThreshold`                     | Failure threshold for startupProbe                                                                                                                                                                         | `30`             |
-| `startupProbe.successThreshold`                     | Success threshold for startupProbe                                                                                                                                                                         | `1`              |
-| `customLivenessProbe`                               | Override default liveness probe for MongoDB(&reg;) containers                                                                                                                                              | `{}`             |
-| `customReadinessProbe`                              | Override default readiness probe for MongoDB(&reg;) containers                                                                                                                                             | `{}`             |
-| `customStartupProbe`                                | Override default startup probe for MongoDB(&reg;) containers                                                                                                                                               | `{}`             |
-| `initContainers`                                    | Add additional init containers for the hidden node pod(s)                                                                                                                                                  | `[]`             |
-| `sidecars`                                          | Add additional sidecar containers for the MongoDB(&reg;) pod(s)                                                                                                                                            | `[]`             |
-| `extraVolumeMounts`                                 | Optionally specify extra list of additional volumeMounts for the MongoDB(&reg;) container(s)                                                                                                               | `[]`             |
-| `extraVolumes`                                      | Optionally specify extra list of additional volumes to the MongoDB(&reg;) statefulset                                                                                                                      | `[]`             |
-| `pdb.create`                                        | Enable/disable a Pod Disruption Budget creation for MongoDB(&reg;) pod(s)                                                                                                                                  | `false`          |
-| `pdb.minAvailable`                                  | Minimum number/percentage of MongoDB(&reg;) pods that must still be available after the eviction                                                                                                           | `1`              |
-| `pdb.maxUnavailable`                                | Maximum number/percentage of MongoDB(&reg;) pods that may be made unavailable after the eviction                                                                                                           | `""`             |
-
-### Traffic exposure parameters
-
-| Name                                                          | Description                                                                                                                                                                                                                                                          | Value                     |
-| ------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- |
-| `service.nameOverride`                                        | MongoDB(&reg;) service name                                                                                                                                                                                                                                          | `""`                      |
-| `service.type`                                                | Kubernetes Service type (only for standalone architecture)                                                                                                                                                                                                           | `ClusterIP`               |
-| `service.portName`                                            | MongoDB(&reg;) service port name (only for standalone architecture)                                                                                                                                                                                                  | `mongodb`                 |
-| `service.ports.mongodb`                                       | MongoDB(&reg;) service port.                                                                                                                                                                                                                                         | `27017`                   |
-| `service.nodePorts.mongodb`                                   | Port to bind to for NodePort and LoadBalancer service types (only for standalone architecture)                                                                                                                                                                       | `""`                      |
-| `service.clusterIP`                                           | MongoDB(&reg;) service cluster IP (only for standalone architecture)                                                                                                                                                                                                 | `""`                      |
-| `service.externalIPs`                                         | Specify the externalIP value ClusterIP service type (only for standalone architecture)                                                                                                                                                                               | `[]`                      |
-| `service.loadBalancerIP`                                      | loadBalancerIP for MongoDB(&reg;) Service (only for standalone architecture)                                                                                                                                                                                         | `""`                      |
-| `service.loadBalancerClass`                                   | loadBalancerClass for MongoDB(&reg;) Service (only for standalone architecture)                                                                                                                                                                                      | `""`                      |
-| `service.loadBalancerSourceRanges`                            | Address(es) that are allowed when service is LoadBalancer (only for standalone architecture)                                                                                                                                                                         | `[]`                      |
-| `service.allocateLoadBalancerNodePorts`                       | Wheter to allocate node ports when service type is LoadBalancer                                                                                                                                                                                                      | `true`                    |
-| `service.extraPorts`                                          | Extra ports to expose (normally used with the `sidecar` value)                                                                                                                                                                                                       | `[]`                      |
-| `service.annotations`                                         | Provide any additional annotations that may be required                                                                                                                                                                                                              | `{}`                      |
-| `service.externalTrafficPolicy`                               | service external traffic policy (only for standalone architecture)                                                                                                                                                                                                   | `Local`                   |
-| `service.sessionAffinity`                                     | Control where client requests go, to the same pod or round-robin                                                                                                                                                                                                     | `None`                    |
-| `service.sessionAffinityConfig`                               | Additional settings for the sessionAffinity                                                                                                                                                                                                                          | `{}`                      |
-| `service.headless.annotations`                                | Annotations for the headless service.                                                                                                                                                                                                                                | `{}`                      |
-| `externalAccess.enabled`                                      | Enable Kubernetes external cluster access to MongoDB(&reg;) nodes (only for replicaset architecture)                                                                                                                                                                 | `false`                   |
-| `externalAccess.autoDiscovery.enabled`                        | Enable using an init container to auto-detect external IPs by querying the K8s API                                                                                                                                                                                   | `false`                   |
-| `externalAccess.autoDiscovery.image.registry`                 | Init container auto-discovery image registry                                                                                                                                                                                                                         | `REGISTRY_NAME`           |
-| `externalAccess.autoDiscovery.image.repository`               | Init container auto-discovery image repository                                                                                                                                                                                                                       | `REPOSITORY_NAME/kubectl` |
-| `externalAccess.autoDiscovery.image.digest`                   | Init container auto-discovery image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag                                                                                                                                        | `""`                      |
-| `externalAccess.autoDiscovery.image.pullPolicy`               | Init container auto-discovery image pull policy                                                                                                                                                                                                                      | `IfNotPresent`            |
-| `externalAccess.autoDiscovery.image.pullSecrets`              | Init container auto-discovery image pull secrets                                                                                                                                                                                                                     | `[]`                      |
-| `externalAccess.autoDiscovery.resourcesPreset`                | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if externalAccess.autoDiscovery.resources is set (externalAccess.autoDiscovery.resources is recommended for production). | `none`                    |
-| `externalAccess.autoDiscovery.resources`                      | Set container requests and limits for different resources like CPU or memory (essential for production workloads)                                                                                                                                                    | `{}`                      |
-| `externalAccess.externalMaster.enabled`                       | Use external master for bootstrapping                                                                                                                                                                                                                                | `false`                   |
-| `externalAccess.externalMaster.host`                          | External master host to bootstrap from                                                                                                                                                                                                                               | `""`                      |
-| `externalAccess.externalMaster.port`                          | Port for MongoDB(&reg;) service external master host                                                                                                                                                                                                                 | `27017`                   |
-| `externalAccess.service.type`                                 | Kubernetes Service type for external access. Allowed values: NodePort, LoadBalancer or ClusterIP                                                                                                                                                                     | `LoadBalancer`            |
-| `externalAccess.service.portName`                             | MongoDB(&reg;) port name used for external access when service type is LoadBalancer                                                                                                                                                                                  | `mongodb`                 |
-| `externalAccess.service.ports.mongodb`                        | MongoDB(&reg;) port used for external access when service type is LoadBalancer                                                                                                                                                                                       | `27017`                   |
-| `externalAccess.service.loadBalancerIPs`                      | Array of load balancer IPs for MongoDB(&reg;) nodes                                                                                                                                                                                                                  | `[]`                      |
-| `externalAccess.service.loadBalancerClass`                    | loadBalancerClass when service type is LoadBalancer                                                                                                                                                                                                                  | `""`                      |
-| `externalAccess.service.loadBalancerSourceRanges`             | Address(es) that are allowed when service is LoadBalancer                                                                                                                                                                                                            | `[]`                      |
-| `externalAccess.service.allocateLoadBalancerNodePorts`        | Wheter to allocate node ports when service type is LoadBalancer                                                                                                                                                                                                      | `true`                    |
-| `externalAccess.service.externalTrafficPolicy`                | MongoDB(&reg;) service external traffic policy                                                                                                                                                                                                                       | `Local`                   |
-| `externalAccess.service.nodePorts`                            | Array of node ports used to configure MongoDB(&reg;) advertised hostname when service type is NodePort                                                                                                                                                               | `[]`                      |
-| `externalAccess.service.domain`                               | Domain or external IP used to configure MongoDB(&reg;) advertised hostname when service type is NodePort                                                                                                                                                             | `""`                      |
-| `externalAccess.service.extraPorts`                           | Extra ports to expose (normally used with the `sidecar` value)                                                                                                                                                                                                       | `[]`                      |
-| `externalAccess.service.annotations`                          | Service annotations for external access                                                                                                                                                                                                                              | `{}`                      |
-| `externalAccess.service.sessionAffinity`                      | Control where client requests go, to the same pod or round-robin                                                                                                                                                                                                     | `None`                    |
-| `externalAccess.service.sessionAffinityConfig`                | Additional settings for the sessionAffinity                                                                                                                                                                                                                          | `{}`                      |
-| `externalAccess.hidden.enabled`                               | Enable Kubernetes external cluster access to MongoDB(&reg;) hidden nodes                                                                                                                                                                                             | `false`                   |
-| `externalAccess.hidden.service.type`                          | Kubernetes Service type for external access. Allowed values: NodePort or LoadBalancer                                                                                                                                                                                | `LoadBalancer`            |
-| `externalAccess.hidden.service.portName`                      | MongoDB(&reg;) port name used for external access when service type is LoadBalancer                                                                                                                                                                                  | `mongodb`                 |
-| `externalAccess.hidden.service.ports.mongodb`                 | MongoDB(&reg;) port used for external access when service type is LoadBalancer                                                                                                                                                                                       | `27017`                   |
-| `externalAccess.hidden.service.loadBalancerIPs`               | Array of load balancer IPs for MongoDB(&reg;) nodes                                                                                                                                                                                                                  | `[]`                      |
-| `externalAccess.hidden.service.loadBalancerClass`             | loadBalancerClass when service type is LoadBalancer                                                                                                                                                                                                                  | `""`                      |
-| `externalAccess.hidden.service.loadBalancerSourceRanges`      | Address(es) that are allowed when service is LoadBalancer                                                                                                                                                                                                            | `[]`                      |
-| `externalAccess.hidden.service.allocateLoadBalancerNodePorts` | Wheter to allocate node ports when service type is LoadBalancer                                                                                                                                                                                                      | `true`                    |
-| `externalAccess.hidden.service.externalTrafficPolicy`         | MongoDB(&reg;) service external traffic policy                                                                                                                                                                                                                       | `Local`                   |
-| `externalAccess.hidden.service.nodePorts`                     | Array of node ports used to configure MongoDB(&reg;) advertised hostname when service type is NodePort. Length must be the same as replicaCount                                                                                                                      | `[]`                      |
-| `externalAccess.hidden.service.domain`                        | Domain or external IP used to configure MongoDB(&reg;) advertised hostname when service type is NodePort                                                                                                                                                             | `""`                      |
-| `externalAccess.hidden.service.extraPorts`                    | Extra ports to expose (normally used with the `sidecar` value)                                                                                                                                                                                                       | `[]`                      |
-| `externalAccess.hidden.service.annotations`                   | Service annotations for external access                                                                                                                                                                                                                              | `{}`                      |
-| `externalAccess.hidden.service.sessionAffinity`               | Control where client requests go, to the same pod or round-robin                                                                                                                                                                                                     | `None`                    |
-| `externalAccess.hidden.service.sessionAffinityConfig`         | Additional settings for the sessionAffinity                                                                                                                                                                                                                          | `{}`                      |
-
-### Network policy parameters
-
-| Name                                               | Description                                                                                                                           | Value               |
-| -------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------- | ------------------- |
-| `networkPolicy.enabled`                            | Specifies whether a NetworkPolicy should be created                                                                                   | `true`              |
-| `networkPolicy.allowExternal`                      | Don't require server label for connections                                                                                            | `true`              |
-| `networkPolicy.allowExternalEgress`                | Allow the pod to access any range of port and all destinations.                                                                       | `true`              |
-| `networkPolicy.extraIngress`                       | Add extra ingress rules to the NetworkPolice                                                                                          | `[]`                |
-| `networkPolicy.extraEgress`                        | Add extra ingress rules to the NetworkPolicy                                                                                          | `[]`                |
-| `networkPolicy.ingressNSMatchLabels`               | Labels to match to allow traffic from other namespaces                                                                                | `{}`                |
-| `networkPolicy.ingressNSPodMatchLabels`            | Pod labels to match to allow traffic from other namespaces                                                                            | `{}`                |
-| `persistence.enabled`                              | Enable MongoDB(&reg;) data persistence using PVC                                                                                      | `true`              |
-| `persistence.name`                                 | Name of the PVC and mounted volume                                                                                                    | `datadir`           |
-| `persistence.medium`                               | Provide a medium for `emptyDir` volumes.                                                                                              | `""`                |
-| `persistence.existingClaim`                        | Provide an existing `PersistentVolumeClaim` (only when `architecture=standalone`)                                                     | `""`                |
-| `persistence.resourcePolicy`                       | Setting it to "keep" to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted | `""`                |
-| `persistence.storageClass`                         | PVC Storage Class for MongoDB(&reg;) data volume                                                                                      | `""`                |
-| `persistence.accessModes`                          | PV Access Mode                                                                                                                        | `["ReadWriteOnce"]` |
-| `persistence.size`                                 | PVC Storage Request for MongoDB(&reg;) data volume                                                                                    | `8Gi`               |
-| `persistence.annotations`                          | PVC annotations                                                                                                                       | `{}`                |
-| `persistence.mountPath`                            | Path to mount the volume at                                                                                                           | `/bitnami/mongodb`  |
-| `persistence.subPath`                              | Subdirectory of the volume to mount at                                                                                                | `""`                |
-| `persistence.volumeClaimTemplates.selector`        | A label query over volumes to consider for binding (e.g. when using local volumes)                                                    | `{}`                |
-| `persistence.volumeClaimTemplates.requests`        | Custom PVC requests attributes                                                                                                        | `{}`                |
-| `persistence.volumeClaimTemplates.dataSource`      | Add dataSource to the VolumeClaimTemplate                                                                                             | `{}`                |
-| `persistentVolumeClaimRetentionPolicy.enabled`     | Enable Persistent volume retention policy for MongoDB(&reg;) Statefulset                                                              | `false`             |
-| `persistentVolumeClaimRetentionPolicy.whenScaled`  | Volume retention behavior when the replica count of the StatefulSet is reduced                                                        | `Retain`            |
-| `persistentVolumeClaimRetentionPolicy.whenDeleted` | Volume retention behavior that applies when the StatefulSet is deleted                                                                | `Retain`            |
-
-### Backup parameters
+## Prerequisites
  
-| Name                                                               | Description                                                                                                                           | Value               |
-| ------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------- | ------------------- |
-| `backup.enabled`                                                   | Enable the logical dump of the database "regularly"                                                                                   | `false`             |
-| `backup.cronjob.schedule`                                          | Set the cronjob parameter schedule                                                                                                    | `@daily`            |
-| `backup.cronjob.concurrencyPolicy`                                 | Set the cronjob parameter concurrencyPolicy                                                                                           | `Allow`             |
-| `backup.cronjob.failedJobsHistoryLimit`                            | Set the cronjob parameter failedJobsHistoryLimit                                                                                      | `1`                 |
-| `backup.cronjob.successfulJobsHistoryLimit`                        | Set the cronjob parameter successfulJobsHistoryLimit                                                                                  | `3`                 |
-| `backup.cronjob.startingDeadlineSeconds`                           | Set the cronjob parameter startingDeadlineSeconds                                                                                     | `""`                |
-| `backup.cronjob.ttlSecondsAfterFinished`                           | Set the cronjob parameter ttlSecondsAfterFinished                                                                                     | `""`                |
-| `backup.cronjob.restartPolicy`                                     | Set the cronjob parameter restartPolicy                                                                                               | `OnFailure`         |
-| `backup.cronjob.containerSecurityContext.enabled`                  | Enabled containers' Security Context                                                                                                  | `true`              |
-| `backup.cronjob.containerSecurityContext.seLinuxOptions`           | Set SELinux options in container                                                                                                      | `nil`               |
-| `backup.cronjob.containerSecurityContext.runAsUser`                | Set containers' Security Context runAsUser                                                                                            | `1001`              |
-| `backup.cronjob.containerSecurityContext.runAsGroup`               | Set containers' Security Context runAsGroup                                                                                           | `0`                 |
-| `backup.cronjob.containerSecurityContext.runAsNonRoot`             | Set container's Security Context runAsNonRoot                                                                                         | `true`              |
-| `backup.cronjob.containerSecurityContext.privileged`               | Set container's Security Context privileged                                                                                           | `false`             |
-| `backup.cronjob.containerSecurityContext.readOnlyRootFilesystem`   | Set container's Security Context readOnlyRootFilesystem                                                                               | `false`             |
-| `backup.cronjob.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation                                                                             | `false`             |
-| `backup.cronjob.containerSecurityContext.capabilities.drop`        | List of capabilities to be dropped                                                                                                    | `["ALL"]`           |
-| `backup.cronjob.containerSecurityContext.seccompProfile.type`      | Set container's Security Context seccomp profile                                                                                      | `RuntimeDefault`    |
-| `backup.cronjob.command`                                           | Set backup container's command to run                                                                                                 | `[]`                |
-| `backup.cronjob.labels`                                            | Set the cronjob labels                                                                                                                | `{}`                |
-| `backup.cronjob.annotations`                                       | Set the cronjob annotations                                                                                                           | `{}`                |
-| `backup.cronjob.storage.existingClaim`                             | Provide an existing `PersistentVolumeClaim` (only when `architecture=standalone`)                                                     | `""`                |
-| `backup.cronjob.storage.resourcePolicy`                            | Setting it to "keep" to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted | `""`                |
-| `backup.cronjob.storage.storageClass`                              | PVC Storage Class for the backup data volume                                                                                          | `""`                |
-| `backup.cronjob.storage.accessModes`                               | PV Access Mode                                                                                                                        | `["ReadWriteOnce"]` |
-| `backup.cronjob.storage.size`                                      | PVC Storage Request for the backup data volume                                                                                        | `8Gi`               |
-| `backup.cronjob.storage.annotations`                               | PVC annotations                                                                                                                       | `{}`                |
-| `backup.cronjob.storage.mountPath`                                 | Path to mount the volume at                                                                                                           | `/backup/mongodb`   |
-| `backup.cronjob.storage.subPath`                                   | Subdirectory of the volume to mount at                                                                                                | `""`                |
-| `backup.cronjob.storage.volumeClaimTemplates.selector`             | A label query over volumes to consider for binding (e.g. when using local volumes)                                                    | `{}`                |
+- Kubernetes 1.23+
+- Helm 3.8.0+
+- PV provisioner support in the underlying infrastructure
  
-### RBAC parameters
+## Installing the Chart
  
-| Name                                          | Description                                                                                                                                 | Value   |
-| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
-| `serviceAccount.create`                       | Enable creation of ServiceAccount for MongoDB(&reg;) pods                                                                                   | `true`  |
-| `serviceAccount.name`                         | Name of the created serviceAccount                                                                                                          | `""`    |
-| `serviceAccount.annotations`                  | Additional Service Account annotations                                                                                                      | `{}`    |
-| `serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created                                                                      | `false` |
-| `rbac.create`                                 | Whether to create & use RBAC resources or not                                                                                               | `false` |
-| `rbac.rules`                                  | Custom rules to create following the role specification                                                                                     | `[]`    |
-| `podSecurityPolicy.create`                    | Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later | `false` |
-| `podSecurityPolicy.allowPrivilegeEscalation`  | Enable privilege escalation                                                                                                                 | `false` |
-| `podSecurityPolicy.privileged`                | Allow privileged                                                                                                                            | `false` |
-| `podSecurityPolicy.spec`                      | Specify the full spec to use for Pod Security Policy                                                                                        | `{}`    |
+To install the chart with the release name `my-release`:
  
-### Volume Permissions parameters
+```console
+helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mongodb
+```
  
-| Name                                               | Description                                                                                                                                                                                                                                    | Value                      |
-| -------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- |
-| `volumePermissions.enabled`                        | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup`                                                                                                                           | `false`                    |
-| `volumePermissions.image.registry`                 | Init container volume-permissions image registry                                                                                                                                                                                               | `REGISTRY_NAME`            |
-| `volumePermissions.image.repository`               | Init container volume-permissions image repository                                                                                                                                                                                             | `REPOSITORY_NAME/os-shell` |
-| `volumePermissions.image.digest`                   | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag                                                                                                              | `""`                       |
-| `volumePermissions.image.pullPolicy`               | Init container volume-permissions image pull policy                                                                                                                                                                                            | `IfNotPresent`             |
-| `volumePermissions.image.pullSecrets`              | Specify docker-registry secret names as an array                                                                                                                                                                                               | `[]`                       |
-| `volumePermissions.resourcesPreset`                | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). | `none`                     |
-| `volumePermissions.resources`                      | Set container requests and limits for different resources like CPU or memory (essential for production workloads)                                                                                                                              | `{}`                       |
-| `volumePermissions.securityContext.seLinuxOptions` | Set SELinux options in container                                                                                                                                                                                                               | `nil`                      |
-| `volumePermissions.securityContext.runAsUser`      | User ID for the volumePermissions container                                                                                                                                                                                                    | `0`                        |
+> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`.
  
-### Arbiter parameters
+The command deploys MongoDB(&reg;) on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation.
  
-| Name                                                        | Description                                                                                                                                                                                                                | Value            |
-| ----------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- |
-| `arbiter.enabled`                                           | Enable deploying the arbiter                                                                                                                                                                                               | `true`           |
-| `arbiter.automountServiceAccountToken`                      | Mount Service Account token in pod                                                                                                                                                                                         | `false`          |
-| `arbiter.hostAliases`                                       | Add deployment host aliases                                                                                                                                                                                                | `[]`             |
-| `arbiter.configuration`                                     | Arbiter configuration file to be used                                                                                                                                                                                      | `""`             |
-| `arbiter.existingConfigmap`                                 | Name of existing ConfigMap with Arbiter configuration                                                                                                                                                                      | `""`             |
-| `arbiter.command`                                           | Override default container command (useful when using custom images)                                                                                                                                                       | `[]`             |
-| `arbiter.args`                                              | Override default container args (useful when using custom images)                                                                                                                                                          | `[]`             |
-| `arbiter.extraFlags`                                        | Arbiter additional command line flags                                                                                                                                                                                      | `[]`             |
-| `arbiter.extraEnvVars`                                      | Extra environment variables to add to Arbiter pods                                                                                                                                                                         | `[]`             |
-| `arbiter.extraEnvVarsCM`                                    | Name of existing ConfigMap containing extra env vars                                                                                                                                                                       | `""`             |
-| `arbiter.extraEnvVarsSecret`                                | Name of existing Secret containing extra env vars (in case of sensitive data)                                                                                                                                              | `""`             |
-| `arbiter.annotations`                                       | Additional labels to be added to the Arbiter statefulset                                                                                                                                                                   | `{}`             |
-| `arbiter.labels`                                            | Annotations to be added to the Arbiter statefulset                                                                                                                                                                         | `{}`             |
-| `arbiter.topologySpreadConstraints`                         | MongoDB(&reg;) Spread Constraints for arbiter Pods                                                                                                                                                                         | `[]`             |
-| `arbiter.lifecycleHooks`                                    | LifecycleHook for the Arbiter container to automate configuration before or after startup                                                                                                                                  | `{}`             |
-| `arbiter.terminationGracePeriodSeconds`                     | Arbiter Termination Grace Period                                                                                                                                                                                           | `""`             |
-| `arbiter.updateStrategy.type`                               | Strategy that will be employed to update Pods in the StatefulSet                                                                                                                                                           | `RollingUpdate`  |
-| `arbiter.podManagementPolicy`                               | Pod management policy for MongoDB(&reg;)                                                                                                                                                                                   | `OrderedReady`   |
-| `arbiter.schedulerName`                                     | Name of the scheduler (other than default) to dispatch pods                                                                                                                                                                | `""`             |
-| `arbiter.podAffinityPreset`                                 | Arbiter Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`                                                                                                                                | `""`             |
-| `arbiter.podAntiAffinityPreset`                             | Arbiter Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`                                                                                                                           | `soft`           |
-| `arbiter.nodeAffinityPreset.type`                           | Arbiter Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`                                                                                                                          | `""`             |
-| `arbiter.nodeAffinityPreset.key`                            | Arbiter Node label key to match Ignored if `affinity` is set.                                                                                                                                                              | `""`             |
-| `arbiter.nodeAffinityPreset.values`                         | Arbiter Node label values to match. Ignored if `affinity` is set.                                                                                                                                                          | `[]`             |
-| `arbiter.affinity`                                          | Arbiter Affinity for pod assignment                                                                                                                                                                                        | `{}`             |
-| `arbiter.nodeSelector`                                      | Arbiter Node labels for pod assignment                                                                                                                                                                                     | `{}`             |
-| `arbiter.tolerations`                                       | Arbiter Tolerations for pod assignment                                                                                                                                                                                     | `[]`             |
-| `arbiter.podLabels`                                         | Arbiter pod labels                                                                                                                                                                                                         | `{}`             |
-| `arbiter.podAnnotations`                                    | Arbiter Pod annotations                                                                                                                                                                                                    | `{}`             |
-| `arbiter.priorityClassName`                                 | Name of the existing priority class to be used by Arbiter pod(s)                                                                                                                                                           | `""`             |
-| `arbiter.runtimeClassName`                                  | Name of the runtime class to be used by Arbiter pod(s)                                                                                                                                                                     | `""`             |
-| `arbiter.podSecurityContext.enabled`                        | Enable Arbiter pod(s)' Security Context                                                                                                                                                                                    | `true`           |
-| `arbiter.podSecurityContext.fsGroupChangePolicy`            | Set filesystem group change policy                                                                                                                                                                                         | `Always`         |
-| `arbiter.podSecurityContext.supplementalGroups`             | Set filesystem extra groups                                                                                                                                                                                                | `[]`             |
-| `arbiter.podSecurityContext.fsGroup`                        | Group ID for the volumes of the Arbiter pod(s)                                                                                                                                                                             | `1001`           |
-| `arbiter.podSecurityContext.sysctls`                        | sysctl settings of the Arbiter pod(s)'                                                                                                                                                                                     | `[]`             |
-| `arbiter.containerSecurityContext.enabled`                  | Enabled containers' Security Context                                                                                                                                                                                       | `true`           |
-| `arbiter.containerSecurityContext.seLinuxOptions`           | Set SELinux options in container                                                                                                                                                                                           | `nil`            |
-| `arbiter.containerSecurityContext.runAsUser`                | Set containers' Security Context runAsUser                                                                                                                                                                                 | `1001`           |
-| `arbiter.containerSecurityContext.runAsGroup`               | Set containers' Security Context runAsGroup                                                                                                                                                                                | `0`              |
-| `arbiter.containerSecurityContext.runAsNonRoot`             | Set container's Security Context runAsNonRoot                                                                                                                                                                              | `true`           |
-| `arbiter.containerSecurityContext.privileged`               | Set container's Security Context privileged                                                                                                                                                                                | `false`          |
-| `arbiter.containerSecurityContext.readOnlyRootFilesystem`   | Set container's Security Context readOnlyRootFilesystem                                                                                                                                                                    | `false`          |
-| `arbiter.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation                                                                                                                                                                  | `false`          |
-| `arbiter.containerSecurityContext.capabilities.drop`        | List of capabilities to be dropped                                                                                                                                                                                         | `["ALL"]`        |
-| `arbiter.containerSecurityContext.seccompProfile.type`      | Set container's Security Context seccomp profile                                                                                                                                                                           | `RuntimeDefault` |
-| `arbiter.resourcesPreset`                                   | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if arbiter.resources is set (arbiter.resources is recommended for production). | `none`           |
-| `arbiter.resources`                                         | Set container requests and limits for different resources like CPU or memory (essential for production workloads)                                                                                                          | `{}`             |
-| `arbiter.containerPorts.mongodb`                            | MongoDB(&reg;) arbiter container port                                                                                                                                                                                      | `27017`          |
-| `arbiter.livenessProbe.enabled`                             | Enable livenessProbe                                                                                                                                                                                                       | `true`           |
-| `arbiter.livenessProbe.initialDelaySeconds`                 | Initial delay seconds for livenessProbe                                                                                                                                                                                    | `30`             |
-| `arbiter.livenessProbe.periodSeconds`                       | Period seconds for livenessProbe                                                                                                                                                                                           | `20`             |
-| `arbiter.livenessProbe.timeoutSeconds`                      | Timeout seconds for livenessProbe                                                                                                                                                                                          | `10`             |
-| `arbiter.livenessProbe.failureThreshold`                    | Failure threshold for livenessProbe                                                                                                                                                                                        | `6`              |
-| `arbiter.livenessProbe.successThreshold`                    | Success threshold for livenessProbe                                                                                                                                                                                        | `1`              |
-| `arbiter.readinessProbe.enabled`                            | Enable readinessProbe                                                                                                                                                                                                      | `true`           |
-| `arbiter.readinessProbe.initialDelaySeconds`                | Initial delay seconds for readinessProbe                                                                                                                                                                                   | `5`              |
-| `arbiter.readinessProbe.periodSeconds`                      | Period seconds for readinessProbe                                                                                                                                                                                          | `20`             |
-| `arbiter.readinessProbe.timeoutSeconds`                     | Timeout seconds for readinessProbe                                                                                                                                                                                         | `10`             |
-| `arbiter.readinessProbe.failureThreshold`                   | Failure threshold for readinessProbe                                                                                                                                                                                       | `6`              |
-| `arbiter.readinessProbe.successThreshold`                   | Success threshold for readinessProbe                                                                                                                                                                                       | `1`              |
-| `arbiter.startupProbe.enabled`                              | Enable startupProbe                                                                                                                                                                                                        | `false`          |
-| `arbiter.startupProbe.initialDelaySeconds`                  | Initial delay seconds for startupProbe                                                                                                                                                                                     | `5`              |
-| `arbiter.startupProbe.periodSeconds`                        | Period seconds for startupProbe                                                                                                                                                                                            | `10`             |
-| `arbiter.startupProbe.timeoutSeconds`                       | Timeout seconds for startupProbe                                                                                                                                                                                           | `5`              |
-| `arbiter.startupProbe.failureThreshold`                     | Failure threshold for startupProbe                                                                                                                                                                                         | `30`             |
-| `arbiter.startupProbe.successThreshold`                     | Success threshold for startupProbe                                                                                                                                                                                         | `1`              |
-| `arbiter.customLivenessProbe`                               | Override default liveness probe for Arbiter containers                                                                                                                                                                     | `{}`             |
-| `arbiter.customReadinessProbe`                              | Override default readiness probe for Arbiter containers                                                                                                                                                                    | `{}`             |
-| `arbiter.customStartupProbe`                                | Override default startup probe for Arbiter containers                                                                                                                                                                      | `{}`             |
-| `arbiter.initContainers`                                    | Add additional init containers for the Arbiter pod(s)                                                                                                                                                                      | `[]`             |
-| `arbiter.sidecars`                                          | Add additional sidecar containers for the Arbiter pod(s)                                                                                                                                                                   | `[]`             |
-| `arbiter.extraVolumeMounts`                                 | Optionally specify extra list of additional volumeMounts for the Arbiter container(s)                                                                                                                                      | `[]`             |
-| `arbiter.extraVolumes`                                      | Optionally specify extra list of additional volumes to the Arbiter statefulset                                                                                                                                             | `[]`             |
-| `arbiter.pdb.create`                                        | Enable/disable a Pod Disruption Budget creation for Arbiter pod(s)                                                                                                                                                         | `false`          |
-| `arbiter.pdb.minAvailable`                                  | Minimum number/percentage of Arbiter pods that should remain scheduled                                                                                                                                                     | `1`              |
-| `arbiter.pdb.maxUnavailable`                                | Maximum number/percentage of Arbiter pods that may be made unavailable                                                                                                                                                     | `""`             |
-| `arbiter.service.nameOverride`                              | The arbiter service name                                                                                                                                                                                                   | `""`             |
-| `arbiter.service.ports.mongodb`                             | MongoDB(&reg;) service port                                                                                                                                                                                                | `27017`          |
-| `arbiter.service.extraPorts`                                | Extra ports to expose (normally used with the `sidecar` value)                                                                                                                                                             | `[]`             |
-| `arbiter.service.annotations`                               | Provide any additional annotations that may be required                                                                                                                                                                    | `{}`             |
-| `arbiter.service.headless.annotations`                      | Annotations for the headless service.                                                                                                                                                                                      | `{}`             |
+> **Tip**: List all releases using `helm list`
  
-### Hidden Node parameters
+## Configuration and installation details
  
-| Name                                                       | Description                                                                                                                                                                                                              | Value               |
-| ---------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------- |
-| `hidden.enabled`                                           | Enable deploying the hidden nodes                                                                                                                                                                                        | `false`             |
-| `hidden.automountServiceAccountToken`                      | Mount Service Account token in pod                                                                                                                                                                                       | `false`             |
-| `hidden.hostAliases`                                       | Add deployment host aliases                                                                                                                                                                                              | `[]`                |
-| `hidden.configuration`                                     | Hidden node configuration file to be used                                                                                                                                                                                | `""`                |
-| `hidden.existingConfigmap`                                 | Name of existing ConfigMap with Hidden node configuration                                                                                                                                                                | `""`                |
-| `hidden.command`                                           | Override default container command (useful when using custom images)                                                                                                                                                     | `[]`                |
-| `hidden.args`                                              | Override default container args (useful when using custom images)                                                                                                                                                        | `[]`                |
-| `hidden.extraFlags`                                        | Hidden node additional command line flags                                                                                                                                                                                | `[]`                |
-| `hidden.extraEnvVars`                                      | Extra environment variables to add to Hidden node pods                                                                                                                                                                   | `[]`                |
-| `hidden.extraEnvVarsCM`                                    | Name of existing ConfigMap containing extra env vars                                                                                                                                                                     | `""`                |
-| `hidden.extraEnvVarsSecret`                                | Name of existing Secret containing extra env vars (in case of sensitive data)                                                                                                                                            | `""`                |
-| `hidden.annotations`                                       | Additional labels to be added to thehidden node statefulset                                                                                                                                                              | `{}`                |
-| `hidden.labels`                                            | Annotations to be added to the hidden node statefulset                                                                                                                                                                   | `{}`                |
-| `hidden.topologySpreadConstraints`                         | MongoDB(&reg;) Spread Constraints for hidden Pods                                                                                                                                                                        | `[]`                |
-| `hidden.lifecycleHooks`                                    | LifecycleHook for the Hidden container to automate configuration before or after startup                                                                                                                                 | `{}`                |
-| `hidden.replicaCount`                                      | Number of hidden nodes (only when `architecture=replicaset`)                                                                                                                                                             | `1`                 |
-| `hidden.terminationGracePeriodSeconds`                     | Hidden Termination Grace Period                                                                                                                                                                                          | `""`                |
-| `hidden.updateStrategy.type`                               | Strategy that will be employed to update Pods in the StatefulSet                                                                                                                                                         | `RollingUpdate`     |
-| `hidden.podManagementPolicy`                               | Pod management policy for hidden node                                                                                                                                                                                    | `OrderedReady`      |
-| `hidden.schedulerName`                                     | Name of the scheduler (other than default) to dispatch pods                                                                                                                                                              | `""`                |
-| `hidden.podAffinityPreset`                                 | Hidden node Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`                                                                                                                          | `""`                |
-| `hidden.podAntiAffinityPreset`                             | Hidden node Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`                                                                                                                     | `soft`              |
-| `hidden.nodeAffinityPreset.type`                           | Hidden Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`                                                                                                                         | `""`                |
-| `hidden.nodeAffinityPreset.key`                            | Hidden Node label key to match Ignored if `affinity` is set.                                                                                                                                                             | `""`                |
-| `hidden.nodeAffinityPreset.values`                         | Hidden Node label values to match. Ignored if `affinity` is set.                                                                                                                                                         | `[]`                |
-| `hidden.affinity`                                          | Hidden node Affinity for pod assignment                                                                                                                                                                                  | `{}`                |
-| `hidden.nodeSelector`                                      | Hidden node Node labels for pod assignment                                                                                                                                                                               | `{}`                |
-| `hidden.tolerations`                                       | Hidden node Tolerations for pod assignment                                                                                                                                                                               | `[]`                |
-| `hidden.podLabels`                                         | Hidden node pod labels                                                                                                                                                                                                   | `{}`                |
-| `hidden.podAnnotations`                                    | Hidden node Pod annotations                                                                                                                                                                                              | `{}`                |
-| `hidden.priorityClassName`                                 | Name of the existing priority class to be used by hidden node pod(s)                                                                                                                                                     | `""`                |
-| `hidden.runtimeClassName`                                  | Name of the runtime class to be used by hidden node pod(s)                                                                                                                                                               | `""`                |
-| `hidden.podSecurityContext.enabled`                        | Enable Hidden pod(s)' Security Context                                                                                                                                                                                   | `true`              |
-| `hidden.podSecurityContext.fsGroupChangePolicy`            | Set filesystem group change policy                                                                                                                                                                                       | `Always`            |
-| `hidden.podSecurityContext.supplementalGroups`             | Set filesystem extra groups                                                                                                                                                                                              | `[]`                |
-| `hidden.podSecurityContext.fsGroup`                        | Group ID for the volumes of the Hidden pod(s)                                                                                                                                                                            | `1001`              |
-| `hidden.podSecurityContext.sysctls`                        | sysctl settings of the Hidden pod(s)'                                                                                                                                                                                    | `[]`                |
-| `hidden.containerSecurityContext.enabled`                  | Enabled containers' Security Context                                                                                                                                                                                     | `true`              |
-| `hidden.containerSecurityContext.seLinuxOptions`           | Set SELinux options in container                                                                                                                                                                                         | `nil`               |
-| `hidden.containerSecurityContext.runAsUser`                | Set containers' Security Context runAsUser                                                                                                                                                                               | `1001`              |
-| `hidden.containerSecurityContext.runAsGroup`               | Set containers' Security Context runAsGroup                                                                                                                                                                              | `0`                 |
-| `hidden.containerSecurityContext.runAsNonRoot`             | Set container's Security Context runAsNonRoot                                                                                                                                                                            | `true`              |
-| `hidden.containerSecurityContext.privileged`               | Set container's Security Context privileged                                                                                                                                                                              | `false`             |
-| `hidden.containerSecurityContext.readOnlyRootFilesystem`   | Set container's Security Context readOnlyRootFilesystem                                                                                                                                                                  | `false`             |
-| `hidden.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation                                                                                                                                                                | `false`             |
-| `hidden.containerSecurityContext.capabilities.drop`        | List of capabilities to be dropped                                                                                                                                                                                       | `["ALL"]`           |
-| `hidden.containerSecurityContext.seccompProfile.type`      | Set container's Security Context seccomp profile                                                                                                                                                                         | `RuntimeDefault`    |
-| `hidden.resourcesPreset`                                   | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if hidden.resources is set (hidden.resources is recommended for production). | `none`              |
-| `hidden.resources`                                         | Set container requests and limits for different resources like CPU or memory (essential for production workloads)                                                                                                        | `{}`                |
-| `hidden.containerPorts.mongodb`                            | MongoDB(&reg;) hidden container port                                                                                                                                                                                     | `27017`             |
-| `hidden.livenessProbe.enabled`                             | Enable livenessProbe                                                                                                                                                                                                     | `true`              |
-| `hidden.livenessProbe.initialDelaySeconds`                 | Initial delay seconds for livenessProbe                                                                                                                                                                                  | `30`                |
-| `hidden.livenessProbe.periodSeconds`                       | Period seconds for livenessProbe                                                                                                                                                                                         | `20`                |
-| `hidden.livenessProbe.timeoutSeconds`                      | Timeout seconds for livenessProbe                                                                                                                                                                                        | `10`                |
-| `hidden.livenessProbe.failureThreshold`                    | Failure threshold for livenessProbe                                                                                                                                                                                      | `6`                 |
-| `hidden.livenessProbe.successThreshold`                    | Success threshold for livenessProbe                                                                                                                                                                                      | `1`                 |
-| `hidden.readinessProbe.enabled`                            | Enable readinessProbe                                                                                                                                                                                                    | `true`              |
-| `hidden.readinessProbe.initialDelaySeconds`                | Initial delay seconds for readinessProbe                                                                                                                                                                                 | `5`                 |
-| `hidden.readinessProbe.periodSeconds`                      | Period seconds for readinessProbe                                                                                                                                                                                        | `20`                |
-| `hidden.readinessProbe.timeoutSeconds`                     | Timeout seconds for readinessProbe                                                                                                                                                                                       | `10`                |
-| `hidden.readinessProbe.failureThreshold`                   | Failure threshold for readinessProbe                                                                                                                                                                                     | `6`                 |
-| `hidden.readinessProbe.successThreshold`                   | Success threshold for readinessProbe                                                                                                                                                                                     | `1`                 |
-| `hidden.startupProbe.enabled`                              | Enable startupProbe                                                                                                                                                                                                      | `false`             |
-| `hidden.startupProbe.initialDelaySeconds`                  | Initial delay seconds for startupProbe                                                                                                                                                                                   | `5`                 |
-| `hidden.startupProbe.periodSeconds`                        | Period seconds for startupProbe                                                                                                                                                                                          | `10`                |
-| `hidden.startupProbe.timeoutSeconds`                       | Timeout seconds for startupProbe                                                                                                                                                                                         | `5`                 |
-| `hidden.startupProbe.failureThreshold`                     | Failure threshold for startupProbe                                                                                                                                                                                       | `30`                |
-| `hidden.startupProbe.successThreshold`                     | Success threshold for startupProbe                                                                                                                                                                                       | `1`                 |
-| `hidden.customLivenessProbe`                               | Override default liveness probe for hidden node containers                                                                                                                                                               | `{}`                |
-| `hidden.customReadinessProbe`                              | Override default readiness probe for hidden node containers                                                                                                                                                              | `{}`                |
-| `hidden.customStartupProbe`                                | Override default startup probe for MongoDB(&reg;) containers                                                                                                                                                             | `{}`                |
-| `hidden.initContainers`                                    | Add init containers to the MongoDB(&reg;) Hidden pods.                                                                                                                                                                   | `[]`                |
-| `hidden.sidecars`                                          | Add additional sidecar containers for the hidden node pod(s)                                                                                                                                                             | `[]`                |
-| `hidden.extraVolumeMounts`                                 | Optionally specify extra list of additional volumeMounts for the hidden node container(s)                                                                                                                                | `[]`                |
-| `hidden.extraVolumes`                                      | Optionally specify extra list of additional volumes to the hidden node statefulset                                                                                                                                       | `[]`                |
-| `hidden.pdb.create`                                        | Enable/disable a Pod Disruption Budget creation for hidden node pod(s)                                                                                                                                                   | `false`             |
-| `hidden.pdb.minAvailable`                                  | Minimum number/percentage of hidden node pods that should remain scheduled                                                                                                                                               | `1`                 |
-| `hidden.pdb.maxUnavailable`                                | Maximum number/percentage of hidden node pods that may be made unavailable                                                                                                                                               | `""`                |
-| `hidden.persistence.enabled`                               | Enable hidden node data persistence using PVC                                                                                                                                                                            | `true`              |
-| `hidden.persistence.medium`                                | Provide a medium for `emptyDir` volumes.                                                                                                                                                                                 | `""`                |
-| `hidden.persistence.storageClass`                          | PVC Storage Class for hidden node data volume                                                                                                                                                                            | `""`                |
-| `hidden.persistence.accessModes`                           | PV Access Mode                                                                                                                                                                                                           | `["ReadWriteOnce"]` |
-| `hidden.persistence.size`                                  | PVC Storage Request for hidden node data volume                                                                                                                                                                          | `8Gi`               |
-| `hidden.persistence.annotations`                           | PVC annotations                                                                                                                                                                                                          | `{}`                |
-| `hidden.persistence.mountPath`                             | The path the volume will be mounted at, useful when using different MongoDB(&reg;) images.                                                                                                                               | `/bitnami/mongodb`  |
-| `hidden.persistence.subPath`                               | The subdirectory of the volume to mount to, useful in dev environments                                                                                                                                                   | `""`                |
-| `hidden.persistence.volumeClaimTemplates.selector`         | A label query over volumes to consider for binding (e.g. when using local volumes)                                                                                                                                       | `{}`                |
-| `hidden.persistence.volumeClaimTemplates.requests`         | Custom PVC requests attributes                                                                                                                                                                                           | `{}`                |
-| `hidden.persistence.volumeClaimTemplates.dataSource`       | Set volumeClaimTemplate dataSource                                                                                                                                                                                       | `{}`                |
-| `hidden.service.portName`                                  | MongoDB(&reg;) service port name                                                                                                                                                                                         | `mongodb`           |
-| `hidden.service.ports.mongodb`                             | MongoDB(&reg;) service port                                                                                                                                                                                              | `27017`             |
-| `hidden.service.extraPorts`                                | Extra ports to expose (normally used with the `sidecar` value)                                                                                                                                                           | `[]`                |
-| `hidden.service.annotations`                               | Provide any additional annotations that may be required                                                                                                                                                                  | `{}`                |
-| `hidden.service.headless.annotations`                      | Annotations for the headless service.                                                                                                                                                                                    | `{}`                |
+### Resource requests and limits
  
-### Metrics parameters
+Bitnami charts allow setting resource requests and limits for all containers inside the chart deployment. These are inside the `resources` value (check parameter table). Setting requests is essential for production workloads and these should be adapted to your specific use case.
  
-| Name                                         | Description                                                                                                                                                                                                                | Value                              |
-| -------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------- |
-| `metrics.enabled`                            | Enable using a sidecar Prometheus exporter                                                                                                                                                                                 | `false`                            |
-| `metrics.image.registry`                     | MongoDB(&reg;) Prometheus exporter image registry                                                                                                                                                                          | `REGISTRY_NAME`                    |
-| `metrics.image.repository`                   | MongoDB(&reg;) Prometheus exporter image repository                                                                                                                                                                        | `REPOSITORY_NAME/mongodb-exporter` |
-| `metrics.image.digest`                       | MongoDB(&reg;) image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag                                                                                                             | `""`                               |
-| `metrics.image.pullPolicy`                   | MongoDB(&reg;) Prometheus exporter image pull policy                                                                                                                                                                       | `IfNotPresent`                     |
-| `metrics.image.pullSecrets`                  | Specify docker-registry secret names as an array                                                                                                                                                                           | `[]`                               |
-| `metrics.username`                           | String with username for the metrics exporter                                                                                                                                                                              | `""`                               |
-| `metrics.password`                           | String with password for the metrics exporter                                                                                                                                                                              | `""`                               |
-| `metrics.compatibleMode`                     | Enables old style mongodb-exporter metrics                                                                                                                                                                                 | `true`                             |
-| `metrics.collector.all`                      | Enable all collectors. Same as enabling all individual metrics                                                                                                                                                             | `false`                            |
-| `metrics.collector.diagnosticdata`           | Boolean Enable collecting metrics from getDiagnosticData                                                                                                                                                                   | `true`                             |
-| `metrics.collector.replicasetstatus`         | Boolean Enable collecting metrics from replSetGetStatus                                                                                                                                                                    | `true`                             |
-| `metrics.collector.dbstats`                  | Boolean Enable collecting metrics from dbStats                                                                                                                                                                             | `false`                            |
-| `metrics.collector.topmetrics`               | Boolean Enable collecting metrics from top admin command                                                                                                                                                                   | `false`                            |
-| `metrics.collector.indexstats`               | Boolean Enable collecting metrics from $indexStats                                                                                                                                                                         | `false`                            |
-| `metrics.collector.collstats`                | Boolean Enable collecting metrics from $collStats                                                                                                                                                                          | `false`                            |
-| `metrics.collector.collstatsColls`           | List of \<databases\>.\<collections\> to get $collStats                                                                                                                                                                    | `[]`                               |
-| `metrics.collector.indexstatsColls`          | List - List of \<databases\>.\<collections\> to get $indexStats                                                                                                                                                            | `[]`                               |
-| `metrics.collector.collstatsLimit`           | Number - Disable collstats, dbstats, topmetrics and indexstats collector if there are more than \<n\> collections. 0=No limit                                                                                              | `0`                                |
-| `metrics.extraFlags`                         | String with extra flags to the metrics exporter                                                                                                                                                                            | `""`                               |
-| `metrics.command`                            | Override default container command (useful when using custom images)                                                                                                                                                       | `[]`                               |
-| `metrics.args`                               | Override default container args (useful when using custom images)                                                                                                                                                          | `[]`                               |
-| `metrics.resourcesPreset`                    | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production). | `none`                             |
-| `metrics.resources`                          | Set container requests and limits for different resources like CPU or memory (essential for production workloads)                                                                                                          | `{}`                               |
-| `metrics.containerPort`                      | Port of the Prometheus metrics container                                                                                                                                                                                   | `9216`                             |
-| `metrics.service.annotations`                | Annotations for Prometheus Exporter pods. Evaluated as a template.                                                                                                                                                         | `{}`                               |
-| `metrics.service.type`                       | Type of the Prometheus metrics service                                                                                                                                                                                     | `ClusterIP`                        |
-| `metrics.service.ports.metrics`              | Port of the Prometheus metrics service                                                                                                                                                                                     | `9216`                             |
-| `metrics.service.extraPorts`                 | Extra ports to expose (normally used with the `sidecar` value)                                                                                                                                                             | `[]`                               |
-| `metrics.livenessProbe.enabled`              | Enable livenessProbe                                                                                                                                                                                                       | `true`                             |
-| `metrics.livenessProbe.initialDelaySeconds`  | Initial delay seconds for livenessProbe                                                                                                                                                                                    | `15`                               |
-| `metrics.livenessProbe.periodSeconds`        | Period seconds for livenessProbe                                                                                                                                                                                           | `5`                                |
-| `metrics.livenessProbe.timeoutSeconds`       | Timeout seconds for livenessProbe                                                                                                                                                                                          | `10`                               |
-| `metrics.livenessProbe.failureThreshold`     | Failure threshold for livenessProbe                                                                                                                                                                                        | `3`                                |
-| `metrics.livenessProbe.successThreshold`     | Success threshold for livenessProbe                                                                                                                                                                                        | `1`                                |
-| `metrics.readinessProbe.enabled`             | Enable readinessProbe                                                                                                                                                                                                      | `true`                             |
-| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe                                                                                                                                                                                   | `5`                                |
-| `metrics.readinessProbe.periodSeconds`       | Period seconds for readinessProbe                                                                                                                                                                                          | `5`                                |
-| `metrics.readinessProbe.timeoutSeconds`      | Timeout seconds for readinessProbe                                                                                                                                                                                         | `10`                               |
-| `metrics.readinessProbe.failureThreshold`    | Failure threshold for readinessProbe                                                                                                                                                                                       | `3`                                |
-| `metrics.readinessProbe.successThreshold`    | Success threshold for readinessProbe                                                                                                                                                                                       | `1`                                |
-| `metrics.startupProbe.enabled`               | Enable startupProbe                                                                                                                                                                                                        | `false`                            |
-| `metrics.startupProbe.initialDelaySeconds`   | Initial delay seconds for startupProbe                                                                                                                                                                                     | `5`                                |
-| `metrics.startupProbe.periodSeconds`         | Period seconds for startupProbe                                                                                                                                                                                            | `10`                               |
-| `metrics.startupProbe.timeoutSeconds`        | Timeout seconds for startupProbe                                                                                                                                                                                           | `5`                                |
-| `metrics.startupProbe.failureThreshold`      | Failure threshold for startupProbe                                                                                                                                                                                         | `30`                               |
-| `metrics.startupProbe.successThreshold`      | Success threshold for startupProbe                                                                                                                                                                                         | `1`                                |
-| `metrics.customLivenessProbe`                | Override default liveness probe for MongoDB(&reg;) containers                                                                                                                                                              | `{}`                               |
-| `metrics.customReadinessProbe`               | Override default readiness probe for MongoDB(&reg;) containers                                                                                                                                                             | `{}`                               |
-| `metrics.customStartupProbe`                 | Override default startup probe for MongoDB(&reg;) containers                                                                                                                                                               | `{}`                               |
-| `metrics.extraVolumeMounts`                  | Optionally specify extra list of additional volumeMounts for the metrics container(s)                                                                                                                                      | `[]`                               |
-| `metrics.serviceMonitor.enabled`             | Create ServiceMonitor Resource for scraping metrics using Prometheus Operator                                                                                                                                              | `false`                            |
-| `metrics.serviceMonitor.namespace`           | Namespace which Prometheus is running in                                                                                                                                                                                   | `""`                               |
-| `metrics.serviceMonitor.interval`            | Interval at which metrics should be scraped                                                                                                                                                                                | `30s`                              |
-| `metrics.serviceMonitor.scrapeTimeout`       | Specify the timeout after which the scrape is ended                                                                                                                                                                        | `""`                               |
-| `metrics.serviceMonitor.relabelings`         | RelabelConfigs to apply to samples before scraping.                                                                                                                                                                        | `[]`                               |
-| `metrics.serviceMonitor.metricRelabelings`   | MetricsRelabelConfigs to apply to samples before ingestion.                                                                                                                                                                | `[]`                               |
-| `metrics.serviceMonitor.labels`              | Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with                                                                                                      | `{}`                               |
-| `metrics.serviceMonitor.selector`            | Prometheus instance selector labels                                                                                                                                                                                        | `{}`                               |
-| `metrics.serviceMonitor.honorLabels`         | Specify honorLabels parameter to add the scrape endpoint                                                                                                                                                                   | `false`                            |
-| `metrics.serviceMonitor.jobLabel`            | The name of the label on the target service to use as the job name in prometheus.                                                                                                                                          | `""`                               |
-| `metrics.prometheusRule.enabled`             | Set this to true to create prometheusRules for Prometheus operator                                                                                                                                                         | `false`                            |
-| `metrics.prometheusRule.additionalLabels`    | Additional labels that can be used so prometheusRules will be discovered by Prometheus                                                                                                                                     | `{}`                               |
-| `metrics.prometheusRule.namespace`           | Namespace where prometheusRules resource should be created                                                                                                                                                                 | `""`                               |
-| `metrics.prometheusRule.rules`               | Rules to be created, check values for an example                                                                                                                                                                           | `[]`                               |
+To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcesPreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/).
  
-Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
+### Prometheus metrics
  
-```console
-helm install my-release \
-    --set auth.rootPassword=secretpassword,auth.username=my-user,auth.password=my-password,auth.database=my-database \
-    oci://REGISTRY_NAME/REPOSITORY_NAME/mongodb
-```
+This chart can be integrated with Prometheus by setting `metrics.enabled` to `true`. This will deploy a sidecar container with [mongodb_exporter](https://github.com/percona/mongodb_exporter) in all pods and a `metrics` service, which can be configured under the `metrics.service` section. This `metrics` service will have the necessary annotations to be automatically scraped by Prometheus.
  
-> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`.
+#### Prometheus requirements
  
-The above command sets the MongoDB(&reg;) `root` account password to `secretpassword`. Additionally, it creates a standard database user named `my-user`, with the password `my-password`, who has access to a database named `my-database`.
+It is necessary to have a working installation of Prometheus or Prometheus Operator for the integration to work. Install the [Bitnami Prometheus helm chart](https://github.com/bitnami/charts/tree/main/bitnami/prometheus) or the [Bitnami Kube Prometheus helm chart](https://github.com/bitnami/charts/tree/main/bitnami/kube-prometheus) to easily have a working Prometheus in your cluster.
  
-> NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available.
+#### Integration with Prometheus Operator
  
-Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
+The chart can deploy `ServiceMonitor` objects for integration with Prometheus Operator installations. To do so, set the value `metrics.serviceMonitor.enabled=true`. Ensure that the Prometheus Operator `CustomResourceDefinitions` are installed in the cluster or it will fail with the following error:
  
-```console
-helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/mongodb
+```text
+no matches for kind "ServiceMonitor" in version "monitoring.coreos.com/v1"
  ```
  
-> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`.
-> **Tip**: You can use the default [values.yaml](https://github.com/bitnami/charts/tree/main/bitnami/mongodb/values.yaml)
-
-## Configuration and installation details
+Install the [Bitnami Kube Prometheus helm chart](https://github.com/bitnami/charts/tree/main/bitnami/kube-prometheus) for having the necessary CRDs and the Prometheus Operator.
  
-### Resource requests and limits
-
-Bitnami charts allow setting resource requests and limits for all containers inside the chart deployment. These are inside the `resources` value (check parameter table). Setting requests is essential for production workloads and these should be adapted to your specific use case.
-
-To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcePreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/).
-
-### [Rolling vs Immutable tags](https://docs.bitnami.com/tutorials/understand-rolling-tags-containers)
+### [Rolling vs Immutable tags](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html)
  
  It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image.
  
@@ -767,37 +163,63 @@ In order to access MongoDB(&reg;) nodes from outside the cluster when using a re
  
  #### Use LoadBalancer services
  
-Two alternatives are available to use *LoadBalancer* services:
+Three alternatives are available to use *LoadBalancer* services:
  
  - Use random load balancer IP addresses using an *initContainer* that waits for the IP addresses to be ready and discovers them automatically. An example deployment configuration is shown below:
  
-    ```text
-    architecture=replicaset
-    replicaCount=2
-    externalAccess.enabled=true
-    externalAccess.service.type=LoadBalancer
-    externalAccess.service.port=27017
-    externalAccess.autoDiscovery.enabled=true
-    serviceAccount.create=true
-    rbac.create=true
+    ```yaml
+    architecture: replicaset
+    replicaCount: 2
+    externalAccess:
+      enabled: true
+      service:
+        type: LoadBalancer
+      autoDiscovery:
+        enabled: true
+    serviceAccount:
+      create: true
+    automountServiceAccountToken: true
+    rbac:
+      create: true
      ```
  
      > NOTE: This option requires creating RBAC rules on clusters where RBAC policies are enabled.
  
  - Manually specify the load balancer IP addresses. An example deployment configuration is shown below, with the placeholder EXTERNAL-IP-ADDRESS-X used in place of the load balancer IP addresses:
  
-    ```text
-    architecture=replicaset
-    replicaCount=2
-    externalAccess.enabled=true
-    externalAccess.service.type=LoadBalancer
-    externalAccess.service.port=27017
-    externalAccess.service.loadBalancerIPs[0]='EXTERNAL-IP-ADDRESS-1'
-    externalAccess.service.loadBalancerIPs[1]='EXTERNAL-IP-ADDRESS-2'
+    ```yaml
+    architecture: replicaset
+    replicaCount: 2
+    externalAccess:
+      enabled: true
+      service:
+        type: LoadBalancer
+        loadBalancerIPs:
+          - 'EXTERNAL-IP-ADDRESS-1'
+          - 'EXTERNAL-IP-ADDRESS-2'
      ```
  
      > NOTE: This option requires knowing the load balancer IP addresses, so that each MongoDB&reg; node's advertised hostname is configured with it.
  
+- Specify `externalAccess.service.publicNames`. These names must be resolvable by the MongoDB&reg; containers. To ensure that, if this value is set, an initContainer is added to wait for the ip addresses associated to those names. We can combine this feature with `external-dns`, setting the required annotations to configure the load balancer names:
+
+    ```yaml
+    architecture: replicaset
+    replicaCount: 2
+    externalAccess:
+      enabled: true
+      service:
+        type: LoadBalancer
+        publicNames:
+          - 'mongodb-0.example.com'
+          - 'mongodb-1.example.com'
+        annotationsList:
+          - external-dns.alpha.kubernetes.io/hostname: mongodb-0.example.com
+          - external-dns.alpha.kubernetes.io/hostname: mongodb-1.example.com
+    ```
+
+    > NOTE: If register new DNS records for those names is not an option, the release can be upgraded setting `hostAliases` with the public IPs assigned to the external services.
+
  #### Use NodePort services
  
  Manually specify the node ports to use. An example deployment configuration is shown below, with the placeholder NODE-PORT-X used in place of the node ports:
@@ -880,15 +302,84 @@ initContainers:
  
  Learn more about [sidecar containers](https://kubernetes.io/docs/concepts/workloads/pods/) and [init containers](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/).
  
-### Persistence
+### Update credentials
  
-The [Bitnami MongoDB(&reg;)](https://github.com/bitnami/containers/tree/main/bitnami/mongodb) image stores the MongoDB(&reg;) data and configurations at the `/bitnami/mongodb` path of the container.
+Bitnami charts, with its default settings, configure credentials at first boot. Any further change in the secrets or credentials can be done using one of the following methods:
  
-The chart mounts a [Persistent Volume](https://kubernetes.io/docs/concepts/storage/persistent-volumes/) at this location. The volume is created using dynamic volume provisioning.
+#### Manual update of the passwords and secrets
  
-If you encounter errors when working with persistent volumes, refer to our [troubleshooting guide for persistent volumes](https://docs.bitnami.com/kubernetes/faq/troubleshooting/troubleshooting-persistence-volumes/).
+- Update the user password following [the upstream documentation](https://www.mongodb.com/docs/manual/reference/method/db.changeUserPassword/)
+- Update the password secret with the new values (replace the SECRET_NAME, PASSWORDS and ROOT_PASSWORD placeholders)
  
-### Backup and restore MongoDB(R) deployments
+```shell
+kubectl create secret generic SECRET_NAME --from-literal=mongodb-passwords=PASSWORD --from-literal=mongodb-root-password=ROOT_PASSWORD --dry-run -o yaml | kubectl apply -f -
+```
+
+#### Automated update using a password update job
+
+The Bitnami MongoDB provides a password update job that will automatically change the MongoDB passwords when running helm upgrade. To enable the job set `passwordUpdateJob.enabled=true`. This job requires:
+
+- The new passwords: this is configured using either `auth.rootPassword`, `auth.passwords` and `metrics.passwords` (if applicable) or setting `auth.existingSecret`.
+- The previous root password: This value is taken automatically from already deployed secret object. If you are using `auth.existingSecret` or `helm template` instead of `helm upgrade`, then set either `passwordUpdateJob.previousPasswords.rootPassword` or  setting `passwordUpdateJob.previousPasswords.existingSecret`.
+
+In the following example we update only the root password via values.yaml in a MongoDB installation:
+
+```yaml
+auth:
+  rootPassword: "newRootPassword123"
+passwordUpdateJob:
+  enabled: true
+```
+
+In the following example we update the password via values.yaml in a MongoDB installation with replication and several usernames and databases (including metrics).
+
+```yaml
+architecture: "replicaset"
+
+auth:
+  usernames:
+    - "user1"
+    - "user2"
+  rootPassword: "newRootPassword123"
+  passwords:
+    - "newUserPassword123"
+    - "newUserPassword144"
+  databases:
+    - "userdatabase"
+    - "userdatabase2"
+
+metrics:
+  username: "metricsuser"
+  password: "newMetricsPassword"
+
+passwordUpdateJob:
+  enabled: true
+```
+
+In this example we use two existing secrets (`new-password-secret` and `previous-password-secret`) to update several users and passwords (including metrics):
+
+```yaml
+auth:
+  usernames:
+    - "user1"
+    - "user2"
+  databases:
+    - "userdatabase"
+    - "userdatabase2"
+  existingSecret: new-password-secret
+
+metrics:
+  username: "metricsuser"
+
+passwordUpdateJob:
+  enabled: true
+  previousPasswords:
+    existingSecret: previous-password-secret
+```
+
+You can add extra update commands using the `passwordUpdateJob.extraCommands` value.
+
+### Backup and restore
  
  Two different approaches are available to back up and restore Bitnami MongoDB&reg; Helm chart deployments on Kubernetes:
  
@@ -920,7 +411,7 @@ This method involves the following steps:
  - Use Velero to restore the backed-up PVs on the destination cluster.
  - Create a new deployment on the destination cluster with the same chart, deployment name, credentials and other parameters as the original. This new deployment will use the restored PVs and hence the original data.
  
-Refer to our detailed [tutorial on backing up and restoring MongoDB&reg; chart deployments on Kubernetes](https://docs.bitnami.com/tutorials/backup-restore-data-mongodb-kubernetes/), which covers both these approaches, for more information.
+Refer to our detailed [tutorial on backing up and restoring MongoDB&reg; chart deployments on Kubernetes](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-backup-restore-data-mongodb-kubernetes-index.html), which covers both these approaches, for more information.
  
  ### Use custom Prometheus rules
  
@@ -943,7 +434,7 @@ Custom Prometheus rules can be defined for the Prometheus Operator by using the
                summary: High request latency
  ```
  
-### Enable SSL/TLS
+### Securing traffic using TLS
  
  This chart supports enabling SSL/TLS between nodes in the cluster, as well as between MongoDB(&reg;) clients and nodes, by setting the `MONGODB_EXTRA_FLAGS` and `MONGODB_CLIENT_EXTRA_FLAGS` container environment variables, together with the correct `MONGODB_ADVERTISED_HOSTNAME`. To enable full TLS encryption, set the `tls.enabled` parameter to `true`.
  
@@ -961,6 +452,19 @@ To use your own CA, set `tls.caCert` and `tls.caKey` with appropriate base64 enc
  
  > NOTE: Currently, only RSA private keys are supported.
  
+#### Use your own certificates
+
+To use your own certificates, set `tls.standalone.existingSecret`, `tls.replicaset.existingSecrets`, `tls.hidden.existingSecrets` and/or `tls.arbiter.existingSecret` secrets according to your needs. All of them must be references to `kubernetes.io/tls` secrets and the certificates must be created using the same CA. The CA can be added directly to each secret using the `ca.crt` key:
+
+```shell
+kubectl create secret tls "mongodb-0-cert"  --cert="mongodb-0.crt" --key="mongodb-0.key"
+kubectl patch secret "mongodb-0-cert" -p="{\"data\":{\"ca.crt\": \"$(cat ca.crt | base64 -w0 )\"}}"
+```
+
+Or adding it to the "endpoint certificate" and setting the value `tls.pemChainIncluded`. If we reuse the example above, the `mongodb-0.crt` file should include CA cert and we shouldn't need to patch the secret to add the `ca.crt` set key.
+
+> NOTE: Certificates should be signed for the fully qualified domain names. If `externalAccess.service.publicNames`is set, those names should be used in the certificates set in `tls.replicaset.existingSecrets`.
+
  #### Access the cluster
  
  To access the cluster, enable the init container which generates the MongoDB(&reg;) server/client PEM key needed to access the cluster. Please be sure to include the `$my_hostname` section with your actual hostname, and the alternative hostnames section should contain the hostnames that should be allowed access to the MongoDB(&reg;) replicaset. Additionally, if external access is enabled, the load balancer IP addresses are added to the alternative names list.
@@ -977,12 +481,699 @@ This chart allows you to set your custom affinity using the `XXX.affinity` param
  
  As an alternative, you can use the preset configurations for pod affinity, pod anti-affinity, and node affinity available at the [bitnami/common](https://github.com/bitnami/charts/tree/main/bitnami/common#affinities) chart. To do so, set the `XXX.podAffinityPreset`, `XXX.podAntiAffinityPreset`, or `XXX.nodeAffinityPreset` parameters.
  
+## Persistence
+
+The [Bitnami MongoDB(&reg;)](https://github.com/bitnami/containers/tree/main/bitnami/mongodb) image stores the MongoDB(&reg;) data and configurations at the `/bitnami/mongodb` path of the container.
+
+The chart mounts a [Persistent Volume](https://kubernetes.io/docs/concepts/storage/persistent-volumes/) at this location. The volume is created using dynamic volume provisioning.
+
+If you encounter errors when working with persistent volumes, refer to our [troubleshooting guide for persistent volumes](https://docs.bitnami.com/kubernetes/faq/troubleshooting/troubleshooting-persistence-volumes/).
+
+## Parameters
+
+### Global parameters
+
+| Name                                                  | Description                                                                                                                                                                                                                                                                                                                                                         | Value   |
+| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
+| `global.imageRegistry`                                | Global Docker image registry                                                                                                                                                                                                                                                                                                                                        | `""`    |
+| `global.imagePullSecrets`                             | Global Docker registry secret names as an array                                                                                                                                                                                                                                                                                                                     | `[]`    |
+| `global.defaultStorageClass`                          | Global default StorageClass for Persistent Volume(s)                                                                                                                                                                                                                                                                                                                | `""`    |
+| `global.storageClass`                                 | DEPRECATED: use global.defaultStorageClass instead                                                                                                                                                                                                                                                                                                                  | `""`    |
+| `global.namespaceOverride`                            | Override the namespace for resource deployed by the chart, but can itself be overridden by the local namespaceOverride                                                                                                                                                                                                                                              | `""`    |
+| `global.security.allowInsecureImages`                 | Allows skipping image verification                                                                                                                                                                                                                                                                                                                                  | `false` |
+| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `auto`  |
+
+### Common parameters
+
+| Name                      | Description                                                                                               | Value           |
+| ------------------------- | --------------------------------------------------------------------------------------------------------- | --------------- |
+| `nameOverride`            | String to partially override mongodb.fullname template (will maintain the release name)                   | `""`            |
+| `fullnameOverride`        | String to fully override mongodb.fullname template                                                        | `""`            |
+| `namespaceOverride`       | String to fully override common.names.namespace                                                           | `""`            |
+| `kubeVersion`             | Force target Kubernetes version (using Helm capabilities if not set)                                      | `""`            |
+| `clusterDomain`           | Default Kubernetes cluster domain                                                                         | `cluster.local` |
+| `extraDeploy`             | Array of extra objects to deploy with the release                                                         | `[]`            |
+| `commonLabels`            | Add labels to all the deployed resources (sub-charts are not considered). Evaluated as a template         | `{}`            |
+| `commonAnnotations`       | Common annotations to add to all Mongo resources (sub-charts are not considered). Evaluated as a template | `{}`            |
+| `topologyKey`             | Override common lib default topology key. If empty - "kubernetes.io/hostname" is used                     | `""`            |
+| `serviceBindings.enabled` | Create secret for service binding (Experimental)                                                          | `false`         |
+| `enableServiceLinks`      | Whether information about services should be injected into pod's environment variable                     | `true`          |
+| `usePasswordFiles`        | Mount credentials as files instead of using environment variables                                         | `true`          |
+| `diagnosticMode.enabled`  | Enable diagnostic mode (all probes will be disabled and the command will be overridden)                   | `false`         |
+| `diagnosticMode.command`  | Command to override all containers in the deployment                                                      | `["sleep"]`     |
+| `diagnosticMode.args`     | Args to override all containers in the deployment                                                         | `["infinity"]`  |
+
+### MongoDB(&reg;) parameters
+
+| Name                             | Description                                                                                                                                                                                                               | Value                     |
+| -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- |
+| `image.registry`                 | MongoDB(&reg;) image registry                                                                                                                                                                                             | `REGISTRY_NAME`           |
+| `image.repository`               | MongoDB(&reg;) image registry                                                                                                                                                                                             | `REPOSITORY_NAME/mongodb` |
+| `image.digest`                   | MongoDB(&reg;) image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag                                                                                                            | `""`                      |
+| `image.pullPolicy`               | MongoDB(&reg;) image pull policy                                                                                                                                                                                          | `IfNotPresent`            |
+| `image.pullSecrets`              | Specify docker-registry secret names as an array                                                                                                                                                                          | `[]`                      |
+| `image.debug`                    | Set to true if you would like to see extra information on logs                                                                                                                                                            | `false`                   |
+| `schedulerName`                  | Name of the scheduler (other than default) to dispatch pods                                                                                                                                                               | `""`                      |
+| `architecture`                   | MongoDB(&reg;) architecture (`standalone` or `replicaset`)                                                                                                                                                                | `standalone`              |
+| `useStatefulSet`                 | Set to true to use a StatefulSet instead of a Deployment (only when `architecture=standalone`)                                                                                                                            | `false`                   |
+| `auth.enabled`                   | Enable authentication                                                                                                                                                                                                     | `true`                    |
+| `auth.rootUser`                  | MongoDB(&reg;) root user                                                                                                                                                                                                  | `root`                    |
+| `auth.rootPassword`              | MongoDB(&reg;) root password                                                                                                                                                                                              | `""`                      |
+| `auth.usernames`                 | List of custom users to be created during the initialization                                                                                                                                                              | `[]`                      |
+| `auth.passwords`                 | List of passwords for the custom users set at `auth.usernames`                                                                                                                                                            | `[]`                      |
+| `auth.databases`                 | List of custom databases to be created during the initialization                                                                                                                                                          | `[]`                      |
+| `auth.username`                  | DEPRECATED: use `auth.usernames` instead                                                                                                                                                                                  | `""`                      |
+| `auth.password`                  | DEPRECATED: use `auth.passwords` instead                                                                                                                                                                                  | `""`                      |
+| `auth.database`                  | DEPRECATED: use `auth.databases` instead                                                                                                                                                                                  | `""`                      |
+| `auth.replicaSetKey`             | Key used for authentication in the replicaset (only when `architecture=replicaset`)                                                                                                                                       | `""`                      |
+| `auth.existingSecret`            | Existing secret with MongoDB(&reg;) credentials (keys: `mongodb-passwords`, `mongodb-root-password`, `mongodb-metrics-password`, `mongodb-replica-set-key`)                                                               | `""`                      |
+| `tls.enabled`                    | Enable MongoDB(&reg;) TLS support between nodes in the cluster as well as between mongo clients and nodes                                                                                                                 | `false`                   |
+| `tls.mTLS.enabled`               | IF TLS support is enabled, require clients to provide certificates                                                                                                                                                        | `true`                    |
+| `tls.autoGenerated`              | Generate a custom CA and self-signed certificates                                                                                                                                                                         | `true`                    |
+| `tls.existingSecret`             | Existing secret with TLS certificates (keys: `mongodb-ca-cert`, `mongodb-ca-key`)                                                                                                                                         | `""`                      |
+| `tls.caCert`                     | Custom CA certificated (base64 encoded)                                                                                                                                                                                   | `""`                      |
+| `tls.caKey`                      | CA certificate private key (base64 encoded)                                                                                                                                                                               | `""`                      |
+| `tls.pemChainIncluded`           | Flag to denote that the Certificate Authority (CA) certificates are bundled with the endpoint cert.                                                                                                                       | `false`                   |
+| `tls.standalone.existingSecret`  | Existing secret with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled.                                                                                | `""`                      |
+| `tls.replicaset.existingSecrets` | Array of existing secrets with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled.                                                                      | `[]`                      |
+| `tls.hidden.existingSecrets`     | Array of existing secrets with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled.                                                                      | `[]`                      |
+| `tls.arbiter.existingSecret`     | Existing secret with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled.                                                                                | `""`                      |
+| `tls.image.registry`             | Init container TLS certs setup image registry                                                                                                                                                                             | `REGISTRY_NAME`           |
+| `tls.image.repository`           | Init container TLS certs setup image repository                                                                                                                                                                           | `REPOSITORY_NAME/nginx`   |
+| `tls.image.digest`               | Init container TLS certs setup image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag                                                                                            | `""`                      |
+| `tls.image.pullPolicy`           | Init container TLS certs setup image pull policy                                                                                                                                                                          | `IfNotPresent`            |
+| `tls.image.pullSecrets`          | Init container TLS certs specify docker-registry secret names as an array                                                                                                                                                 | `[]`                      |
+| `tls.extraDnsNames`              | Add extra dns names to the CA, can solve x509 auth issue for pod clients                                                                                                                                                  | `[]`                      |
+| `tls.mode`                       | Allows to set the tls mode which should be used when tls is enabled (options: `allowTLS`, `preferTLS`, `requireTLS`)                                                                                                      | `requireTLS`              |
+| `tls.resourcesPreset`            | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if tls.resources is set (tls.resources is recommended for production). | `nano`                    |
+| `tls.resources`                  | Set container requests and limits for different resources like CPU or memory (essential for production workloads)                                                                                                         | `{}`                      |
+| `tls.securityContext`            | Init container generate-tls-cert Security context                                                                                                                                                                         | `{}`                      |
+| `automountServiceAccountToken`   | Mount Service Account token in pod                                                                                                                                                                                        | `false`                   |
+| `hostAliases`                    | Add deployment host aliases                                                                                                                                                                                               | `[]`                      |
+| `replicaSetName`                 | Name of the replica set (only when `architecture=replicaset`)                                                                                                                                                             | `rs0`                     |
+| `replicaSetHostnames`            | Enable DNS hostnames in the replicaset config (only when `architecture=replicaset`)                                                                                                                                       | `true`                    |
+| `enableIPv6`                     | Switch to enable/disable IPv6 on MongoDB(&reg;)                                                                                                                                                                           | `false`                   |
+| `directoryPerDB`                 | Switch to enable/disable DirectoryPerDB on MongoDB(&reg;)                                                                                                                                                                 | `false`                   |
+| `systemLogVerbosity`             | MongoDB(&reg;) system log verbosity level                                                                                                                                                                                 | `0`                       |
+| `disableSystemLog`               | Switch to enable/disable MongoDB(&reg;) system log                                                                                                                                                                        | `false`                   |
+| `disableJavascript`              | Switch to enable/disable MongoDB(&reg;) server-side JavaScript execution                                                                                                                                                  | `false`                   |
+| `enableJournal`                  | Switch to enable/disable MongoDB(&reg;) Journaling                                                                                                                                                                        | `true`                    |
+| `configuration`                  | MongoDB(&reg;) configuration file to be used for Primary and Secondary nodes                                                                                                                                              | `""`                      |
+
+### replicaSetConfigurationSettings settings applied during runtime (not via configuration file)
+
+| Name                                            | Description                                                                                         | Value   |
+| ----------------------------------------------- | --------------------------------------------------------------------------------------------------- | ------- |
+| `replicaSetConfigurationSettings.enabled`       | Enable MongoDB(&reg;) Switch to enable/disable configuring MongoDB(&reg;) run time rs.conf settings | `false` |
+| `replicaSetConfigurationSettings.configuration` | run-time rs.conf settings                                                                           | `{}`    |
+| `existingConfigmap`                             | Name of existing ConfigMap with MongoDB(&reg;) configuration for Primary and Secondary nodes        | `""`    |
+| `initdbScripts`                                 | Dictionary of initdb scripts                                                                        | `{}`    |
+| `initdbScriptsConfigMap`                        | Existing ConfigMap with custom initdb scripts                                                       | `""`    |
+| `command`                                       | Override default container command (useful when using custom images)                                | `[]`    |
+| `args`                                          | Override default container args (useful when using custom images)                                   | `[]`    |
+| `extraFlags`                                    | MongoDB(&reg;) additional command line flags                                                        | `[]`    |
+| `extraEnvVars`                                  | Extra environment variables to add to MongoDB(&reg;) pods                                           | `[]`    |
+| `extraEnvVarsCM`                                | Name of existing ConfigMap containing extra env vars                                                | `""`    |
+| `extraEnvVarsSecret`                            | Name of existing Secret containing extra env vars (in case of sensitive data)                       | `""`    |
+
+### MongoDB(&reg;) statefulset parameters
+
+| Name                                                | Description                                                                                                                                                                                                       | Value            |
+| --------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- |
+| `annotations`                                       | Additional labels to be added to the MongoDB(&reg;) statefulset. Evaluated as a template                                                                                                                          | `{}`             |
+| `labels`                                            | Annotations to be added to the MongoDB(&reg;) statefulset. Evaluated as a template                                                                                                                                | `{}`             |
+| `replicaCount`                                      | Number of MongoDB(&reg;) nodes                                                                                                                                                                                    | `2`              |
+| `updateStrategy.type`                               | Strategy to use to replace existing MongoDB(&reg;) pods. When architecture=standalone and useStatefulSet=false,                                                                                                   | `RollingUpdate`  |
+| `podManagementPolicy`                               | Pod management policy for MongoDB(&reg;)                                                                                                                                                                          | `OrderedReady`   |
+| `podAffinityPreset`                                 | MongoDB(&reg;) Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`                                                                                                                | `""`             |
+| `podAntiAffinityPreset`                             | MongoDB(&reg;) Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`                                                                                                           | `soft`           |
+| `nodeAffinityPreset.type`                           | MongoDB(&reg;) Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`                                                                                                          | `""`             |
+| `nodeAffinityPreset.key`                            | MongoDB(&reg;) Node label key to match Ignored if `affinity` is set.                                                                                                                                              | `""`             |
+| `nodeAffinityPreset.values`                         | MongoDB(&reg;) Node label values to match. Ignored if `affinity` is set.                                                                                                                                          | `[]`             |
+| `affinity`                                          | MongoDB(&reg;) Affinity for pod assignment                                                                                                                                                                        | `{}`             |
+| `nodeSelector`                                      | MongoDB(&reg;) Node labels for pod assignment                                                                                                                                                                     | `{}`             |
+| `tolerations`                                       | MongoDB(&reg;) Tolerations for pod assignment                                                                                                                                                                     | `[]`             |
+| `topologySpreadConstraints`                         | MongoDB(&reg;) Spread Constraints for Pods                                                                                                                                                                        | `[]`             |
+| `lifecycleHooks`                                    | LifecycleHook for the MongoDB(&reg;) container(s) to automate configuration before or after startup                                                                                                               | `{}`             |
+| `terminationGracePeriodSeconds`                     | MongoDB(&reg;) Termination Grace Period                                                                                                                                                                           | `""`             |
+| `podLabels`                                         | MongoDB(&reg;) pod labels                                                                                                                                                                                         | `{}`             |
+| `podAnnotations`                                    | MongoDB(&reg;) Pod annotations                                                                                                                                                                                    | `{}`             |
+| `priorityClassName`                                 | Name of the existing priority class to be used by MongoDB(&reg;) pod(s)                                                                                                                                           | `""`             |
+| `runtimeClassName`                                  | Name of the runtime class to be used by MongoDB(&reg;) pod(s)                                                                                                                                                     | `""`             |
+| `podSecurityContext.enabled`                        | Enable MongoDB(&reg;) pod(s)' Security Context                                                                                                                                                                    | `true`           |
+| `podSecurityContext.fsGroupChangePolicy`            | Set filesystem group change policy                                                                                                                                                                                | `Always`         |
+| `podSecurityContext.supplementalGroups`             | Set filesystem extra groups                                                                                                                                                                                       | `[]`             |
+| `podSecurityContext.fsGroup`                        | Group ID for the volumes of the MongoDB(&reg;) pod(s)                                                                                                                                                             | `1001`           |
+| `podSecurityContext.sysctls`                        | sysctl settings of the MongoDB(&reg;) pod(s)'                                                                                                                                                                     | `[]`             |
+| `containerSecurityContext.enabled`                  | Enabled containers' Security Context                                                                                                                                                                              | `true`           |
+| `containerSecurityContext.seLinuxOptions`           | Set SELinux options in container                                                                                                                                                                                  | `{}`             |
+| `containerSecurityContext.runAsUser`                | Set containers' Security Context runAsUser                                                                                                                                                                        | `1001`           |
+| `containerSecurityContext.runAsGroup`               | Set containers' Security Context runAsGroup                                                                                                                                                                       | `1001`           |
+| `containerSecurityContext.runAsNonRoot`             | Set container's Security Context runAsNonRoot                                                                                                                                                                     | `true`           |
+| `containerSecurityContext.privileged`               | Set container's Security Context privileged                                                                                                                                                                       | `false`          |
+| `containerSecurityContext.readOnlyRootFilesystem`   | Set container's Security Context readOnlyRootFilesystem                                                                                                                                                           | `true`           |
+| `containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation                                                                                                                                                         | `false`          |
+| `containerSecurityContext.capabilities.drop`        | List of capabilities to be dropped                                                                                                                                                                                | `["ALL"]`        |
+| `containerSecurityContext.seccompProfile.type`      | Set container's Security Context seccomp profile                                                                                                                                                                  | `RuntimeDefault` |
+| `resourcesPreset`                                   | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). | `small`          |
+| `resources`                                         | Set container requests and limits for different resources like CPU or memory (essential for production workloads)                                                                                                 | `{}`             |
+| `containerPorts.mongodb`                            | MongoDB(&reg;) container port                                                                                                                                                                                     | `27017`          |
+| `livenessProbe.enabled`                             | Enable livenessProbe                                                                                                                                                                                              | `true`           |
+| `livenessProbe.initialDelaySeconds`                 | Initial delay seconds for livenessProbe                                                                                                                                                                           | `30`             |
+| `livenessProbe.periodSeconds`                       | Period seconds for livenessProbe                                                                                                                                                                                  | `20`             |
+| `livenessProbe.timeoutSeconds`                      | Timeout seconds for livenessProbe                                                                                                                                                                                 | `10`             |
+| `livenessProbe.failureThreshold`                    | Failure threshold for livenessProbe                                                                                                                                                                               | `6`              |
+| `livenessProbe.successThreshold`                    | Success threshold for livenessProbe                                                                                                                                                                               | `1`              |
+| `readinessProbe.enabled`                            | Enable readinessProbe                                                                                                                                                                                             | `true`           |
+| `readinessProbe.initialDelaySeconds`                | Initial delay seconds for readinessProbe                                                                                                                                                                          | `5`              |
+| `readinessProbe.periodSeconds`                      | Period seconds for readinessProbe                                                                                                                                                                                 | `10`             |
+| `readinessProbe.timeoutSeconds`                     | Timeout seconds for readinessProbe                                                                                                                                                                                | `5`              |
+| `readinessProbe.failureThreshold`                   | Failure threshold for readinessProbe                                                                                                                                                                              | `6`              |
+| `readinessProbe.successThreshold`                   | Success threshold for readinessProbe                                                                                                                                                                              | `1`              |
+| `startupProbe.enabled`                              | Enable startupProbe                                                                                                                                                                                               | `false`          |
+| `startupProbe.initialDelaySeconds`                  | Initial delay seconds for startupProbe                                                                                                                                                                            | `5`              |
+| `startupProbe.periodSeconds`                        | Period seconds for startupProbe                                                                                                                                                                                   | `20`             |
+| `startupProbe.timeoutSeconds`                       | Timeout seconds for startupProbe                                                                                                                                                                                  | `10`             |
+| `startupProbe.failureThreshold`                     | Failure threshold for startupProbe                                                                                                                                                                                | `30`             |
+| `startupProbe.successThreshold`                     | Success threshold for startupProbe                                                                                                                                                                                | `1`              |
+| `customLivenessProbe`                               | Override default liveness probe for MongoDB(&reg;) containers                                                                                                                                                     | `{}`             |
+| `customReadinessProbe`                              | Override default readiness probe for MongoDB(&reg;) containers                                                                                                                                                    | `{}`             |
+| `customStartupProbe`                                | Override default startup probe for MongoDB(&reg;) containers                                                                                                                                                      | `{}`             |
+| `initContainers`                                    | Add additional init containers for the hidden node pod(s)                                                                                                                                                         | `[]`             |
+| `sidecars`                                          | Add additional sidecar containers for the MongoDB(&reg;) pod(s)                                                                                                                                                   | `[]`             |
+| `extraVolumeMounts`                                 | Optionally specify extra list of additional volumeMounts for the MongoDB(&reg;) container(s)                                                                                                                      | `[]`             |
+| `extraVolumes`                                      | Optionally specify extra list of additional volumes to the MongoDB(&reg;) statefulset                                                                                                                             | `[]`             |
+| `pdb.create`                                        | Enable/disable a Pod Disruption Budget creation for MongoDB(&reg;) pod(s)                                                                                                                                         | `true`           |
+| `pdb.minAvailable`                                  | Minimum number/percentage of MongoDB(&reg;) pods that must still be available after the eviction                                                                                                                  | `""`             |
+| `pdb.maxUnavailable`                                | Maximum number/percentage of MongoDB(&reg;) pods that may be made unavailable after the eviction. Defaults to `1` if both `pdb.minAvailable` and `pdb.maxUnavailable` are empty.                                  | `""`             |
+
+### Traffic exposure parameters
+
+| Name                                                          | Description                                                                                                                                                                                                                                                                 | Value                     |
+| ------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- |
+| `service.nameOverride`                                        | MongoDB(&reg;) service name                                                                                                                                                                                                                                                 | `""`                      |
+| `service.type`                                                | Kubernetes Service type (only for standalone architecture)                                                                                                                                                                                                                  | `ClusterIP`               |
+| `service.portName`                                            | MongoDB(&reg;) service port name (only for standalone architecture)                                                                                                                                                                                                         | `mongodb`                 |
+| `service.ports.mongodb`                                       | MongoDB(&reg;) service port.                                                                                                                                                                                                                                                | `27017`                   |
+| `service.nodePorts.mongodb`                                   | Port to bind to for NodePort and LoadBalancer service types (only for standalone architecture)                                                                                                                                                                              | `""`                      |
+| `service.clusterIP`                                           | MongoDB(&reg;) service cluster IP (only for standalone architecture)                                                                                                                                                                                                        | `""`                      |
+| `service.externalIPs`                                         | Specify the externalIP value ClusterIP service type (only for standalone architecture)                                                                                                                                                                                      | `[]`                      |
+| `service.loadBalancerIP`                                      | loadBalancerIP for MongoDB(&reg;) Service (only for standalone architecture)                                                                                                                                                                                                | `""`                      |
+| `service.loadBalancerClass`                                   | loadBalancerClass for MongoDB(&reg;) Service (only for standalone architecture)                                                                                                                                                                                             | `""`                      |
+| `service.loadBalancerSourceRanges`                            | Address(es) that are allowed when service is LoadBalancer (only for standalone architecture)                                                                                                                                                                                | `[]`                      |
+| `service.allocateLoadBalancerNodePorts`                       | Wheter to allocate node ports when service type is LoadBalancer                                                                                                                                                                                                             | `true`                    |
+| `service.extraPorts`                                          | Extra ports to expose (normally used with the `sidecar` value)                                                                                                                                                                                                              | `[]`                      |
+| `service.annotations`                                         | Provide any additional annotations that may be required                                                                                                                                                                                                                     | `{}`                      |
+| `service.externalTrafficPolicy`                               | service external traffic policy (only for standalone architecture)                                                                                                                                                                                                          | `Local`                   |
+| `service.sessionAffinity`                                     | Control where client requests go, to the same pod or round-robin                                                                                                                                                                                                            | `None`                    |
+| `service.sessionAffinityConfig`                               | Additional settings for the sessionAffinity                                                                                                                                                                                                                                 | `{}`                      |
+| `service.headless.annotations`                                | Annotations for the headless service.                                                                                                                                                                                                                                       | `{}`                      |
+| `service.publishNotReadyAddresses`                            | Indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready                                                                                                                                                    | `false`                   |
+| `externalAccess.enabled`                                      | Enable Kubernetes external cluster access to MongoDB(&reg;) nodes (only for replicaset architecture)                                                                                                                                                                        | `false`                   |
+| `externalAccess.autoDiscovery.enabled`                        | Enable using an init container to auto-detect external IPs by querying the K8s API                                                                                                                                                                                          | `false`                   |
+| `externalAccess.autoDiscovery.image.registry`                 | Init container auto-discovery image registry                                                                                                                                                                                                                                | `REGISTRY_NAME`           |
+| `externalAccess.autoDiscovery.image.repository`               | Init container auto-discovery image repository                                                                                                                                                                                                                              | `REPOSITORY_NAME/kubectl` |
+| `externalAccess.autoDiscovery.image.digest`                   | Init container auto-discovery image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag                                                                                                                                               | `""`                      |
+| `externalAccess.autoDiscovery.image.pullPolicy`               | Init container auto-discovery image pull policy                                                                                                                                                                                                                             | `IfNotPresent`            |
+| `externalAccess.autoDiscovery.image.pullSecrets`              | Init container auto-discovery image pull secrets                                                                                                                                                                                                                            | `[]`                      |
+| `externalAccess.autoDiscovery.resourcesPreset`                | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if externalAccess.autoDiscovery.resources is set (externalAccess.autoDiscovery.resources is recommended for production). | `nano`                    |
+| `externalAccess.autoDiscovery.resources`                      | Set container requests and limits for different resources like CPU or memory (essential for production workloads)                                                                                                                                                           | `{}`                      |
+| `externalAccess.dnsCheck.image.registry`                      | Init container dns-check image registry                                                                                                                                                                                                                                     | `REGISTRY_NAME`           |
+| `externalAccess.dnsCheck.image.repository`                    | Init container dns-check image repository                                                                                                                                                                                                                                   | `REPOSITORY_NAME/kubectl` |
+| `externalAccess.dnsCheck.image.digest`                        | Init container dns-check image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag                                                                                                                                                    | `""`                      |
+| `externalAccess.dnsCheck.image.pullPolicy`                    | Init container dns-check image pull policy                                                                                                                                                                                                                                  | `IfNotPresent`            |
+| `externalAccess.dnsCheck.image.pullSecrets`                   | Init container dns-check image pull secrets                                                                                                                                                                                                                                 | `[]`                      |
+| `externalAccess.dnsCheck.resourcesPreset`                     | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if externalAccess.autoDiscovery.resources is set (externalAccess.autoDiscovery.resources is recommended for production). | `nano`                    |
+| `externalAccess.dnsCheck.resources`                           | Set container requests and limits for different resources like CPU or memory (essential for production workloads)                                                                                                                                                           | `{}`                      |
+| `externalAccess.externalMaster.enabled`                       | Use external master for bootstrapping                                                                                                                                                                                                                                       | `false`                   |
+| `externalAccess.externalMaster.host`                          | External master host to bootstrap from                                                                                                                                                                                                                                      | `""`                      |
+| `externalAccess.externalMaster.port`                          | Port for MongoDB(&reg;) service external master host                                                                                                                                                                                                                        | `27017`                   |
+| `externalAccess.service.type`                                 | Kubernetes Service type for external access. Allowed values: NodePort, LoadBalancer or ClusterIP                                                                                                                                                                            | `LoadBalancer`            |
+| `externalAccess.service.portName`                             | MongoDB(&reg;) port name used for external access when service type is LoadBalancer                                                                                                                                                                                         | `mongodb`                 |
+| `externalAccess.service.ports.mongodb`                        | MongoDB(&reg;) port used for external access when service type is LoadBalancer                                                                                                                                                                                              | `27017`                   |
+| `externalAccess.service.loadBalancerIPs`                      | Array of load balancer IPs for MongoDB(&reg;) nodes                                                                                                                                                                                                                         | `[]`                      |
+| `externalAccess.service.publicNames`                          | Array of public names. The size should be equal to the number of replicas.                                                                                                                                                                                                  | `[]`                      |
+| `externalAccess.service.loadBalancerClass`                    | loadBalancerClass when service type is LoadBalancer                                                                                                                                                                                                                         | `""`                      |
+| `externalAccess.service.loadBalancerSourceRanges`             | Address(es) that are allowed when service is LoadBalancer                                                                                                                                                                                                                   | `[]`                      |
+| `externalAccess.service.allocateLoadBalancerNodePorts`        | Whether to allocate node ports when service type is LoadBalancer                                                                                                                                                                                                            | `true`                    |
+| `externalAccess.service.externalTrafficPolicy`                | MongoDB(&reg;) service external traffic policy                                                                                                                                                                                                                              | `Local`                   |
+| `externalAccess.service.nodePorts`                            | Array of node ports used to configure MongoDB(&reg;) advertised hostname when service type is NodePort                                                                                                                                                                      | `[]`                      |
+| `externalAccess.service.domain`                               | Domain or external IP used to configure MongoDB(&reg;) advertised hostname when service type is NodePort                                                                                                                                                                    | `""`                      |
+| `externalAccess.service.extraPorts`                           | Extra ports to expose (normally used with the `sidecar` value)                                                                                                                                                                                                              | `[]`                      |
+| `externalAccess.service.annotations`                          | Service annotations for external access. These annotations are common for all services created.                                                                                                                                                                             | `{}`                      |
+| `externalAccess.service.annotationsList`                      | Service annotations for eache external service. This value contains a list allowing different annotations per each external service.                                                                                                                                        | `[]`                      |
+| `externalAccess.service.sessionAffinity`                      | Control where client requests go, to the same pod or round-robin                                                                                                                                                                                                            | `None`                    |
+| `externalAccess.service.sessionAffinityConfig`                | Additional settings for the sessionAffinity                                                                                                                                                                                                                                 | `{}`                      |
+| `externalAccess.hidden.enabled`                               | Enable Kubernetes external cluster access to MongoDB(&reg;) hidden nodes                                                                                                                                                                                                    | `false`                   |
+| `externalAccess.hidden.service.type`                          | Kubernetes Service type for external access. Allowed values: NodePort or LoadBalancer                                                                                                                                                                                       | `LoadBalancer`            |
+| `externalAccess.hidden.service.portName`                      | MongoDB(&reg;) port name used for external access when service type is LoadBalancer                                                                                                                                                                                         | `mongodb`                 |
+| `externalAccess.hidden.service.ports.mongodb`                 | MongoDB(&reg;) port used for external access when service type is LoadBalancer                                                                                                                                                                                              | `27017`                   |
+| `externalAccess.hidden.service.loadBalancerIPs`               | Array of load balancer IPs for MongoDB(&reg;) nodes                                                                                                                                                                                                                         | `[]`                      |
+| `externalAccess.hidden.service.loadBalancerClass`             | loadBalancerClass when service type is LoadBalancer                                                                                                                                                                                                                         | `""`                      |
+| `externalAccess.hidden.service.loadBalancerSourceRanges`      | Address(es) that are allowed when service is LoadBalancer                                                                                                                                                                                                                   | `[]`                      |
+| `externalAccess.hidden.service.allocateLoadBalancerNodePorts` | Wheter to allocate node ports when service type is LoadBalancer                                                                                                                                                                                                             | `true`                    |
+| `externalAccess.hidden.service.externalTrafficPolicy`         | MongoDB(&reg;) service external traffic policy                                                                                                                                                                                                                              | `Local`                   |
+| `externalAccess.hidden.service.nodePorts`                     | Array of node ports used to configure MongoDB(&reg;) advertised hostname when service type is NodePort. Length must be the same as replicaCount                                                                                                                             | `[]`                      |
+| `externalAccess.hidden.service.domain`                        | Domain or external IP used to configure MongoDB(&reg;) advertised hostname when service type is NodePort                                                                                                                                                                    | `""`                      |
+| `externalAccess.hidden.service.extraPorts`                    | Extra ports to expose (normally used with the `sidecar` value)                                                                                                                                                                                                              | `[]`                      |
+| `externalAccess.hidden.service.annotations`                   | Service annotations for external access                                                                                                                                                                                                                                     | `{}`                      |
+| `externalAccess.hidden.service.sessionAffinity`               | Control where client requests go, to the same pod or round-robin                                                                                                                                                                                                            | `None`                    |
+| `externalAccess.hidden.service.sessionAffinityConfig`         | Additional settings for the sessionAffinity                                                                                                                                                                                                                                 | `{}`                      |
+
+### Password update job
+
+| Name                                                                  | Description                                                                                                                                                                                                                                           | Value            |
+| --------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- |
+| `passwordUpdateJob.enabled`                                           | Enable password update job                                                                                                                                                                                                                            | `false`          |
+| `passwordUpdateJob.backoffLimit`                                      | set backoff limit of the job                                                                                                                                                                                                                          | `10`             |
+| `passwordUpdateJob.command`                                           | Override default container command on mysql Primary container(s) (useful when using custom images)                                                                                                                                                    | `[]`             |
+| `passwordUpdateJob.args`                                              | Override default container args on mysql Primary container(s) (useful when using custom images)                                                                                                                                                       | `[]`             |
+| `passwordUpdateJob.extraCommands`                                     | Extra commands to pass to the generation job                                                                                                                                                                                                          | `""`             |
+| `passwordUpdateJob.previousPasswords.rootPassword`                    | Previous root password (set if the password secret was already changed)                                                                                                                                                                               | `""`             |
+| `passwordUpdateJob.previousPasswords.existingSecret`                  | Name of a secret containing the previous passwords (set if the password secret was already changed)                                                                                                                                                   | `""`             |
+| `passwordUpdateJob.containerSecurityContext.enabled`                  | Enabled containers' Security Context                                                                                                                                                                                                                  | `true`           |
+| `passwordUpdateJob.containerSecurityContext.seLinuxOptions`           | Set SELinux options in container                                                                                                                                                                                                                      | `{}`             |
+| `passwordUpdateJob.containerSecurityContext.runAsUser`                | Set containers' Security Context runAsUser                                                                                                                                                                                                            | `1001`           |
+| `passwordUpdateJob.containerSecurityContext.runAsGroup`               | Set containers' Security Context runAsGroup                                                                                                                                                                                                           | `1001`           |
+| `passwordUpdateJob.containerSecurityContext.runAsNonRoot`             | Set container's Security Context runAsNonRoot                                                                                                                                                                                                         | `true`           |
+| `passwordUpdateJob.containerSecurityContext.privileged`               | Set container's Security Context privileged                                                                                                                                                                                                           | `false`          |
+| `passwordUpdateJob.containerSecurityContext.readOnlyRootFilesystem`   | Set container's Security Context readOnlyRootFilesystem                                                                                                                                                                                               | `true`           |
+| `passwordUpdateJob.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation                                                                                                                                                                                             | `false`          |
+| `passwordUpdateJob.containerSecurityContext.capabilities.drop`        | List of capabilities to be dropped                                                                                                                                                                                                                    | `["ALL"]`        |
+| `passwordUpdateJob.containerSecurityContext.seccompProfile.type`      | Set container's Security Context seccomp profile                                                                                                                                                                                                      | `RuntimeDefault` |
+| `passwordUpdateJob.podSecurityContext.enabled`                        | Enabled credential init job pods' Security Context                                                                                                                                                                                                    | `true`           |
+| `passwordUpdateJob.podSecurityContext.fsGroupChangePolicy`            | Set filesystem group change policy                                                                                                                                                                                                                    | `Always`         |
+| `passwordUpdateJob.podSecurityContext.sysctls`                        | Set kernel settings using the sysctl interface                                                                                                                                                                                                        | `[]`             |
+| `passwordUpdateJob.podSecurityContext.supplementalGroups`             | Set filesystem extra groups                                                                                                                                                                                                                           | `[]`             |
+| `passwordUpdateJob.podSecurityContext.fsGroup`                        | Set credential init job pod's Security Context fsGroup                                                                                                                                                                                                | `1001`           |
+| `passwordUpdateJob.extraEnvVars`                                      | Array containing extra env vars to configure the credential init job                                                                                                                                                                                  | `[]`             |
+| `passwordUpdateJob.extraEnvVarsCM`                                    | ConfigMap containing extra env vars to configure the credential init job                                                                                                                                                                              | `""`             |
+| `passwordUpdateJob.extraEnvVarsSecret`                                | Secret containing extra env vars to configure the credential init job (in case of sensitive data)                                                                                                                                                     | `""`             |
+| `passwordUpdateJob.extraVolumes`                                      | Optionally specify extra list of additional volumes for the credential init job                                                                                                                                                                       | `[]`             |
+| `passwordUpdateJob.extraVolumeMounts`                                 | Array of extra volume mounts to be added to the jwt Container (evaluated as template). Normally used with `extraVolumes`.                                                                                                                             | `[]`             |
+| `passwordUpdateJob.initContainers`                                    | Add additional init containers for the mysql Primary pod(s)                                                                                                                                                                                           | `[]`             |
+| `passwordUpdateJob.resourcesPreset`                                   | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if passwordUpdateJob.resources is set (passwordUpdateJob.resources is recommended for production). | `micro`          |
+| `passwordUpdateJob.resources`                                         | Set container requests and limits for different resources like CPU or memory (essential for production workloads)                                                                                                                                     | `{}`             |
+| `passwordUpdateJob.customLivenessProbe`                               | Custom livenessProbe that overrides the default one                                                                                                                                                                                                   | `{}`             |
+| `passwordUpdateJob.customReadinessProbe`                              | Custom readinessProbe that overrides the default one                                                                                                                                                                                                  | `{}`             |
+| `passwordUpdateJob.customStartupProbe`                                | Custom startupProbe that overrides the default one                                                                                                                                                                                                    | `{}`             |
+| `passwordUpdateJob.automountServiceAccountToken`                      | Mount Service Account token in pod                                                                                                                                                                                                                    | `false`          |
+| `passwordUpdateJob.hostAliases`                                       | Add deployment host aliases                                                                                                                                                                                                                           | `[]`             |
+| `passwordUpdateJob.annotations`                                       | Add annotations to the job                                                                                                                                                                                                                            | `{}`             |
+| `passwordUpdateJob.podLabels`                                         | Additional pod labels                                                                                                                                                                                                                                 | `{}`             |
+| `passwordUpdateJob.podAnnotations`                                    | Additional pod annotations                                                                                                                                                                                                                            | `{}`             |
+
+### Network policy parameters
+
+| Name                                               | Description                                                                                                                           | Value               |
+| -------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------- | ------------------- |
+| `networkPolicy.enabled`                            | Specifies whether a NetworkPolicy should be created                                                                                   | `true`              |
+| `networkPolicy.allowExternal`                      | Don't require server label for connections                                                                                            | `true`              |
+| `networkPolicy.allowExternalEgress`                | Allow the pod to access any range of port and all destinations.                                                                       | `true`              |
+| `networkPolicy.addExternalClientAccess`            | Allow access from pods with client label set to "true". Ignored if `networkPolicy.allowExternal` is true.                             | `true`              |
+| `networkPolicy.extraIngress`                       | Add extra ingress rules to the NetworkPolicy                                                                                          | `[]`                |
+| `networkPolicy.extraEgress`                        | Add extra ingress rules to the NetworkPolicy                                                                                          | `[]`                |
+| `networkPolicy.ingressPodMatchLabels`              | Labels to match to allow traffic from other pods. Ignored if `networkPolicy.allowExternal` is true.                                   | `{}`                |
+| `networkPolicy.ingressNSMatchLabels`               | Labels to match to allow traffic from other namespaces. Ignored if `networkPolicy.allowExternal` is true.                             | `{}`                |
+| `networkPolicy.ingressNSPodMatchLabels`            | Pod labels to match to allow traffic from other namespaces. Ignored if `networkPolicy.allowExternal` is true.                         | `{}`                |
+| `persistence.enabled`                              | Enable MongoDB(&reg;) data persistence using PVC                                                                                      | `true`              |
+| `persistence.name`                                 | Name of the PVC and mounted volume                                                                                                    | `datadir`           |
+| `persistence.medium`                               | Provide a medium for `emptyDir` volumes.                                                                                              | `""`                |
+| `persistence.existingClaim`                        | Provide an existing `PersistentVolumeClaim` (only when `architecture=standalone`)                                                     | `""`                |
+| `persistence.resourcePolicy`                       | Setting it to "keep" to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted | `""`                |
+| `persistence.storageClass`                         | PVC Storage Class for MongoDB(&reg;) data volume                                                                                      | `""`                |
+| `persistence.accessModes`                          | PV Access Mode                                                                                                                        | `["ReadWriteOnce"]` |
+| `persistence.size`                                 | PVC Storage Request for MongoDB(&reg;) data volume                                                                                    | `8Gi`               |
+| `persistence.annotations`                          | PVC annotations                                                                                                                       | `{}`                |
+| `persistence.labels`                               | PVC labels                                                                                                                            | `{}`                |
+| `persistence.mountPath`                            | Path to mount the volume at                                                                                                           | `/bitnami/mongodb`  |
+| `persistence.subPath`                              | Subdirectory of the volume to mount at                                                                                                | `""`                |
+| `persistence.volumeClaimTemplates.selector`        | A label query over volumes to consider for binding (e.g. when using local volumes)                                                    | `{}`                |
+| `persistence.volumeClaimTemplates.requests`        | Custom PVC requests attributes                                                                                                        | `{}`                |
+| `persistence.volumeClaimTemplates.dataSource`      | Add dataSource to the VolumeClaimTemplate                                                                                             | `{}`                |
+| `persistentVolumeClaimRetentionPolicy.enabled`     | Enable Persistent volume retention policy for MongoDB(&reg;) Statefulset                                                              | `false`             |
+| `persistentVolumeClaimRetentionPolicy.whenScaled`  | Volume retention behavior when the replica count of the StatefulSet is reduced                                                        | `Retain`            |
+| `persistentVolumeClaimRetentionPolicy.whenDeleted` | Volume retention behavior that applies when the StatefulSet is deleted                                                                | `Retain`            |
+
+### Backup parameters
+
+| Name                                                               | Description                                                                                                                                                                                                       | Value               |
+| ------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------- |
+| `backup.enabled`                                                   | Enable the logical dump of the database "regularly"                                                                                                                                                               | `false`             |
+| `backup.cronjob.schedule`                                          | Set the cronjob parameter schedule                                                                                                                                                                                | `@daily`            |
+| `backup.cronjob.timeZone`                                          | Set the cronjob parameter timeZone                                                                                                                                                                                | `""`                |
+| `backup.cronjob.concurrencyPolicy`                                 | Set the cronjob parameter concurrencyPolicy                                                                                                                                                                       | `Allow`             |
+| `backup.cronjob.failedJobsHistoryLimit`                            | Set the cronjob parameter failedJobsHistoryLimit                                                                                                                                                                  | `1`                 |
+| `backup.cronjob.successfulJobsHistoryLimit`                        | Set the cronjob parameter successfulJobsHistoryLimit                                                                                                                                                              | `3`                 |
+| `backup.cronjob.startingDeadlineSeconds`                           | Set the cronjob parameter startingDeadlineSeconds                                                                                                                                                                 | `""`                |
+| `backup.cronjob.ttlSecondsAfterFinished`                           | Set the cronjob parameter ttlSecondsAfterFinished                                                                                                                                                                 | `""`                |
+| `backup.cronjob.restartPolicy`                                     | Set the cronjob parameter restartPolicy                                                                                                                                                                           | `OnFailure`         |
+| `backup.cronjob.backoffLimit`                                      | Set the cronjob parameter backoffLimit                                                                                                                                                                            | `6`                 |
+| `backup.cronjob.containerSecurityContext.enabled`                  | Enabled containers' Security Context                                                                                                                                                                              | `true`              |
+| `backup.cronjob.containerSecurityContext.seLinuxOptions`           | Set SELinux options in container                                                                                                                                                                                  | `{}`                |
+| `backup.cronjob.containerSecurityContext.runAsUser`                | Set containers' Security Context runAsUser                                                                                                                                                                        | `1001`              |
+| `backup.cronjob.containerSecurityContext.runAsGroup`               | Set containers' Security Context runAsGroup                                                                                                                                                                       | `1001`              |
+| `backup.cronjob.containerSecurityContext.runAsNonRoot`             | Set container's Security Context runAsNonRoot                                                                                                                                                                     | `true`              |
+| `backup.cronjob.containerSecurityContext.privileged`               | Set container's Security Context privileged                                                                                                                                                                       | `false`             |
+| `backup.cronjob.containerSecurityContext.readOnlyRootFilesystem`   | Set container's Security Context readOnlyRootFilesystem                                                                                                                                                           | `true`              |
+| `backup.cronjob.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation                                                                                                                                                         | `false`             |
+| `backup.cronjob.containerSecurityContext.capabilities.drop`        | List of capabilities to be dropped                                                                                                                                                                                | `["ALL"]`           |
+| `backup.cronjob.containerSecurityContext.seccompProfile.type`      | Set container's Security Context seccomp profile                                                                                                                                                                  | `RuntimeDefault`    |
+| `backup.cronjob.resourcesPreset`                                   | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). | `none`              |
+| `backup.cronjob.resources`                                         | Set container requests and limits for different resources like CPU or memory (essential for production workloads)                                                                                                 | `{}`                |
+| `backup.cronjob.command`                                           | Set backup container's command to run                                                                                                                                                                             | `[]`                |
+| `backup.cronjob.labels`                                            | Set the cronjob labels                                                                                                                                                                                            | `{}`                |
+| `backup.cronjob.annotations`                                       | Set the cronjob annotations                                                                                                                                                                                       | `{}`                |
+| `backup.cronjob.storage.existingClaim`                             | Provide an existing `PersistentVolumeClaim` (only when `architecture=standalone`)                                                                                                                                 | `""`                |
+| `backup.cronjob.storage.resourcePolicy`                            | Setting it to "keep" to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted                                                                             | `""`                |
+| `backup.cronjob.storage.storageClass`                              | PVC Storage Class for the backup data volume                                                                                                                                                                      | `""`                |
+| `backup.cronjob.storage.accessModes`                               | PV Access Mode                                                                                                                                                                                                    | `["ReadWriteOnce"]` |
+| `backup.cronjob.storage.size`                                      | PVC Storage Request for the backup data volume                                                                                                                                                                    | `8Gi`               |
+| `backup.cronjob.storage.annotations`                               | PVC annotations                                                                                                                                                                                                   | `{}`                |
+| `backup.cronjob.storage.mountPath`                                 | Path to mount the volume at                                                                                                                                                                                       | `/backup/mongodb`   |
+| `backup.cronjob.storage.subPath`                                   | Subdirectory of the volume to mount at                                                                                                                                                                            | `""`                |
+| `backup.cronjob.storage.volumeClaimTemplates.selector`             | A label query over volumes to consider for binding (e.g. when using local volumes)                                                                                                                                | `{}`                |
+
+### RBAC parameters
+
+| Name                                          | Description                                                                                                                                 | Value   |
+| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
+| `serviceAccount.create`                       | Enable creation of ServiceAccount for MongoDB(&reg;) pods                                                                                   | `true`  |
+| `serviceAccount.name`                         | Name of the created serviceAccount                                                                                                          | `""`    |
+| `serviceAccount.annotations`                  | Additional Service Account annotations                                                                                                      | `{}`    |
+| `serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created                                                                      | `false` |
+| `rbac.create`                                 | Whether to create & use RBAC resources or not                                                                                               | `false` |
+| `rbac.rules`                                  | Custom rules to create following the role specification                                                                                     | `[]`    |
+| `podSecurityPolicy.create`                    | Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later | `false` |
+| `podSecurityPolicy.allowPrivilegeEscalation`  | Enable privilege escalation                                                                                                                 | `false` |
+| `podSecurityPolicy.privileged`                | Allow privileged                                                                                                                            | `false` |
+| `podSecurityPolicy.spec`                      | Specify the full spec to use for Pod Security Policy                                                                                        | `{}`    |
+
+### Volume Permissions parameters
+
+| Name                                               | Description                                                                                                                                                                                                                                           | Value                      |
+| -------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- |
+| `volumePermissions.enabled`                        | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup`                                                                                                                                  | `false`                    |
+| `volumePermissions.image.registry`                 | Init container volume-permissions image registry                                                                                                                                                                                                      | `REGISTRY_NAME`            |
+| `volumePermissions.image.repository`               | Init container volume-permissions image repository                                                                                                                                                                                                    | `REPOSITORY_NAME/os-shell` |
+| `volumePermissions.image.digest`                   | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag                                                                                                                     | `""`                       |
+| `volumePermissions.image.pullPolicy`               | Init container volume-permissions image pull policy                                                                                                                                                                                                   | `IfNotPresent`             |
+| `volumePermissions.image.pullSecrets`              | Specify docker-registry secret names as an array                                                                                                                                                                                                      | `[]`                       |
+| `volumePermissions.resourcesPreset`                | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). | `nano`                     |
+| `volumePermissions.resources`                      | Set container requests and limits for different resources like CPU or memory (essential for production workloads)                                                                                                                                     | `{}`                       |
+| `volumePermissions.securityContext.seLinuxOptions` | Set SELinux options in container                                                                                                                                                                                                                      | `{}`                       |
+| `volumePermissions.securityContext.runAsUser`      | User ID for the volumePermissions container                                                                                                                                                                                                           | `0`                        |
+
+### Arbiter parameters
+
+| Name                                                        | Description                                                                                                                                                                                                                       | Value            |
+| ----------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- |
+| `arbiter.enabled`                                           | Enable deploying the arbiter                                                                                                                                                                                                      | `true`           |
+| `arbiter.automountServiceAccountToken`                      | Mount Service Account token in pod                                                                                                                                                                                                | `false`          |
+| `arbiter.hostAliases`                                       | Add deployment host aliases                                                                                                                                                                                                       | `[]`             |
+| `arbiter.configuration`                                     | Arbiter configuration file to be used                                                                                                                                                                                             | `""`             |
+| `arbiter.existingConfigmap`                                 | Name of existing ConfigMap with Arbiter configuration                                                                                                                                                                             | `""`             |
+| `arbiter.command`                                           | Override default container command (useful when using custom images)                                                                                                                                                              | `[]`             |
+| `arbiter.args`                                              | Override default container args (useful when using custom images)                                                                                                                                                                 | `[]`             |
+| `arbiter.extraFlags`                                        | Arbiter additional command line flags                                                                                                                                                                                             | `[]`             |
+| `arbiter.extraEnvVars`                                      | Extra environment variables to add to Arbiter pods                                                                                                                                                                                | `[]`             |
+| `arbiter.extraEnvVarsCM`                                    | Name of existing ConfigMap containing extra env vars                                                                                                                                                                              | `""`             |
+| `arbiter.extraEnvVarsSecret`                                | Name of existing Secret containing extra env vars (in case of sensitive data)                                                                                                                                                     | `""`             |
+| `arbiter.annotations`                                       | Additional labels to be added to the Arbiter statefulset                                                                                                                                                                          | `{}`             |
+| `arbiter.labels`                                            | Annotations to be added to the Arbiter statefulset                                                                                                                                                                                | `{}`             |
+| `arbiter.topologySpreadConstraints`                         | MongoDB(&reg;) Spread Constraints for arbiter Pods                                                                                                                                                                                | `[]`             |
+| `arbiter.lifecycleHooks`                                    | LifecycleHook for the Arbiter container to automate configuration before or after startup                                                                                                                                         | `{}`             |
+| `arbiter.terminationGracePeriodSeconds`                     | Arbiter Termination Grace Period                                                                                                                                                                                                  | `""`             |
+| `arbiter.updateStrategy.type`                               | Strategy that will be employed to update Pods in the StatefulSet                                                                                                                                                                  | `RollingUpdate`  |
+| `arbiter.podManagementPolicy`                               | Pod management policy for MongoDB(&reg;)                                                                                                                                                                                          | `OrderedReady`   |
+| `arbiter.schedulerName`                                     | Name of the scheduler (other than default) to dispatch pods                                                                                                                                                                       | `""`             |
+| `arbiter.podAffinityPreset`                                 | Arbiter Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`                                                                                                                                       | `""`             |
+| `arbiter.podAntiAffinityPreset`                             | Arbiter Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`                                                                                                                                  | `soft`           |
+| `arbiter.nodeAffinityPreset.type`                           | Arbiter Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`                                                                                                                                 | `""`             |
+| `arbiter.nodeAffinityPreset.key`                            | Arbiter Node label key to match Ignored if `affinity` is set.                                                                                                                                                                     | `""`             |
+| `arbiter.nodeAffinityPreset.values`                         | Arbiter Node label values to match. Ignored if `affinity` is set.                                                                                                                                                                 | `[]`             |
+| `arbiter.affinity`                                          | Arbiter Affinity for pod assignment                                                                                                                                                                                               | `{}`             |
+| `arbiter.nodeSelector`                                      | Arbiter Node labels for pod assignment                                                                                                                                                                                            | `{}`             |
+| `arbiter.tolerations`                                       | Arbiter Tolerations for pod assignment                                                                                                                                                                                            | `[]`             |
+| `arbiter.podLabels`                                         | Arbiter pod labels                                                                                                                                                                                                                | `{}`             |
+| `arbiter.podAnnotations`                                    | Arbiter Pod annotations                                                                                                                                                                                                           | `{}`             |
+| `arbiter.priorityClassName`                                 | Name of the existing priority class to be used by Arbiter pod(s)                                                                                                                                                                  | `""`             |
+| `arbiter.runtimeClassName`                                  | Name of the runtime class to be used by Arbiter pod(s)                                                                                                                                                                            | `""`             |
+| `arbiter.podSecurityContext.enabled`                        | Enable Arbiter pod(s)' Security Context                                                                                                                                                                                           | `true`           |
+| `arbiter.podSecurityContext.fsGroupChangePolicy`            | Set filesystem group change policy                                                                                                                                                                                                | `Always`         |
+| `arbiter.podSecurityContext.supplementalGroups`             | Set filesystem extra groups                                                                                                                                                                                                       | `[]`             |
+| `arbiter.podSecurityContext.fsGroup`                        | Group ID for the volumes of the Arbiter pod(s)                                                                                                                                                                                    | `1001`           |
+| `arbiter.podSecurityContext.sysctls`                        | sysctl settings of the Arbiter pod(s)'                                                                                                                                                                                            | `[]`             |
+| `arbiter.containerSecurityContext.enabled`                  | Enabled containers' Security Context                                                                                                                                                                                              | `true`           |
+| `arbiter.containerSecurityContext.seLinuxOptions`           | Set SELinux options in container                                                                                                                                                                                                  | `{}`             |
+| `arbiter.containerSecurityContext.runAsUser`                | Set containers' Security Context runAsUser                                                                                                                                                                                        | `1001`           |
+| `arbiter.containerSecurityContext.runAsGroup`               | Set containers' Security Context runAsGroup                                                                                                                                                                                       | `1001`           |
+| `arbiter.containerSecurityContext.runAsNonRoot`             | Set container's Security Context runAsNonRoot                                                                                                                                                                                     | `true`           |
+| `arbiter.containerSecurityContext.privileged`               | Set container's Security Context privileged                                                                                                                                                                                       | `false`          |
+| `arbiter.containerSecurityContext.readOnlyRootFilesystem`   | Set container's Security Context readOnlyRootFilesystem                                                                                                                                                                           | `true`           |
+| `arbiter.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation                                                                                                                                                                         | `false`          |
+| `arbiter.containerSecurityContext.capabilities.drop`        | List of capabilities to be dropped                                                                                                                                                                                                | `["ALL"]`        |
+| `arbiter.containerSecurityContext.seccompProfile.type`      | Set container's Security Context seccomp profile                                                                                                                                                                                  | `RuntimeDefault` |
+| `arbiter.resourcesPreset`                                   | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if arbiter.resources is set (arbiter.resources is recommended for production). | `small`          |
+| `arbiter.resources`                                         | Set container requests and limits for different resources like CPU or memory (essential for production workloads)                                                                                                                 | `{}`             |
+| `arbiter.containerPorts.mongodb`                            | MongoDB(&reg;) arbiter container port                                                                                                                                                                                             | `27017`          |
+| `arbiter.livenessProbe.enabled`                             | Enable livenessProbe                                                                                                                                                                                                              | `true`           |
+| `arbiter.livenessProbe.initialDelaySeconds`                 | Initial delay seconds for livenessProbe                                                                                                                                                                                           | `30`             |
+| `arbiter.livenessProbe.periodSeconds`                       | Period seconds for livenessProbe                                                                                                                                                                                                  | `20`             |
+| `arbiter.livenessProbe.timeoutSeconds`                      | Timeout seconds for livenessProbe                                                                                                                                                                                                 | `10`             |
+| `arbiter.livenessProbe.failureThreshold`                    | Failure threshold for livenessProbe                                                                                                                                                                                               | `6`              |
+| `arbiter.livenessProbe.successThreshold`                    | Success threshold for livenessProbe                                                                                                                                                                                               | `1`              |
+| `arbiter.readinessProbe.enabled`                            | Enable readinessProbe                                                                                                                                                                                                             | `true`           |
+| `arbiter.readinessProbe.initialDelaySeconds`                | Initial delay seconds for readinessProbe                                                                                                                                                                                          | `5`              |
+| `arbiter.readinessProbe.periodSeconds`                      | Period seconds for readinessProbe                                                                                                                                                                                                 | `20`             |
+| `arbiter.readinessProbe.timeoutSeconds`                     | Timeout seconds for readinessProbe                                                                                                                                                                                                | `10`             |
+| `arbiter.readinessProbe.failureThreshold`                   | Failure threshold for readinessProbe                                                                                                                                                                                              | `6`              |
+| `arbiter.readinessProbe.successThreshold`                   | Success threshold for readinessProbe                                                                                                                                                                                              | `1`              |
+| `arbiter.startupProbe.enabled`                              | Enable startupProbe                                                                                                                                                                                                               | `false`          |
+| `arbiter.startupProbe.initialDelaySeconds`                  | Initial delay seconds for startupProbe                                                                                                                                                                                            | `5`              |
+| `arbiter.startupProbe.periodSeconds`                        | Period seconds for startupProbe                                                                                                                                                                                                   | `10`             |
+| `arbiter.startupProbe.timeoutSeconds`                       | Timeout seconds for startupProbe                                                                                                                                                                                                  | `5`              |
+| `arbiter.startupProbe.failureThreshold`                     | Failure threshold for startupProbe                                                                                                                                                                                                | `30`             |
+| `arbiter.startupProbe.successThreshold`                     | Success threshold for startupProbe                                                                                                                                                                                                | `1`              |
+| `arbiter.customLivenessProbe`                               | Override default liveness probe for Arbiter containers                                                                                                                                                                            | `{}`             |
+| `arbiter.customReadinessProbe`                              | Override default readiness probe for Arbiter containers                                                                                                                                                                           | `{}`             |
+| `arbiter.customStartupProbe`                                | Override default startup probe for Arbiter containers                                                                                                                                                                             | `{}`             |
+| `arbiter.initContainers`                                    | Add additional init containers for the Arbiter pod(s)                                                                                                                                                                             | `[]`             |
+| `arbiter.sidecars`                                          | Add additional sidecar containers for the Arbiter pod(s)                                                                                                                                                                          | `[]`             |
+| `arbiter.extraVolumeMounts`                                 | Optionally specify extra list of additional volumeMounts for the Arbiter container(s)                                                                                                                                             | `[]`             |
+| `arbiter.extraVolumes`                                      | Optionally specify extra list of additional volumes to the Arbiter statefulset                                                                                                                                                    | `[]`             |
+| `arbiter.pdb.create`                                        | Enable/disable a Pod Disruption Budget creation for Arbiter pod(s)                                                                                                                                                                | `true`           |
+| `arbiter.pdb.minAvailable`                                  | Minimum number/percentage of Arbiter pods that should remain scheduled                                                                                                                                                            | `""`             |
+| `arbiter.pdb.maxUnavailable`                                | Maximum number/percentage of Arbiter pods that may be made unavailable. Defaults to `1` if both `arbiter.pdb.minAvailable` and `arbiter.pdb.maxUnavailable` are empty.                                                            | `""`             |
+| `arbiter.service.nameOverride`                              | The arbiter service name                                                                                                                                                                                                          | `""`             |
+| `arbiter.service.ports.mongodb`                             | MongoDB(&reg;) service port                                                                                                                                                                                                       | `27017`          |
+| `arbiter.service.extraPorts`                                | Extra ports to expose (normally used with the `sidecar` value)                                                                                                                                                                    | `[]`             |
+| `arbiter.service.annotations`                               | Provide any additional annotations that may be required                                                                                                                                                                           | `{}`             |
+| `arbiter.service.headless.annotations`                      | Annotations for the headless service.                                                                                                                                                                                             | `{}`             |
+
+### Hidden Node parameters
+
+| Name                                                       | Description                                                                                                                                                                                                                     | Value               |
+| ---------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------- |
+| `hidden.enabled`                                           | Enable deploying the hidden nodes                                                                                                                                                                                               | `false`             |
+| `hidden.automountServiceAccountToken`                      | Mount Service Account token in pod                                                                                                                                                                                              | `false`             |
+| `hidden.hostAliases`                                       | Add deployment host aliases                                                                                                                                                                                                     | `[]`                |
+| `hidden.configuration`                                     | Hidden node configuration file to be used                                                                                                                                                                                       | `""`                |
+| `hidden.existingConfigmap`                                 | Name of existing ConfigMap with Hidden node configuration                                                                                                                                                                       | `""`                |
+| `hidden.command`                                           | Override default container command (useful when using custom images)                                                                                                                                                            | `[]`                |
+| `hidden.args`                                              | Override default container args (useful when using custom images)                                                                                                                                                               | `[]`                |
+| `hidden.extraFlags`                                        | Hidden node additional command line flags                                                                                                                                                                                       | `[]`                |
+| `hidden.extraEnvVars`                                      | Extra environment variables to add to Hidden node pods                                                                                                                                                                          | `[]`                |
+| `hidden.extraEnvVarsCM`                                    | Name of existing ConfigMap containing extra env vars                                                                                                                                                                            | `""`                |
+| `hidden.extraEnvVarsSecret`                                | Name of existing Secret containing extra env vars (in case of sensitive data)                                                                                                                                                   | `""`                |
+| `hidden.annotations`                                       | Additional labels to be added to thehidden node statefulset                                                                                                                                                                     | `{}`                |
+| `hidden.labels`                                            | Annotations to be added to the hidden node statefulset                                                                                                                                                                          | `{}`                |
+| `hidden.topologySpreadConstraints`                         | MongoDB(&reg;) Spread Constraints for hidden Pods                                                                                                                                                                               | `[]`                |
+| `hidden.lifecycleHooks`                                    | LifecycleHook for the Hidden container to automate configuration before or after startup                                                                                                                                        | `{}`                |
+| `hidden.replicaCount`                                      | Number of hidden nodes (only when `architecture=replicaset`)                                                                                                                                                                    | `1`                 |
+| `hidden.terminationGracePeriodSeconds`                     | Hidden Termination Grace Period                                                                                                                                                                                                 | `""`                |
+| `hidden.updateStrategy.type`                               | Strategy that will be employed to update Pods in the StatefulSet                                                                                                                                                                | `RollingUpdate`     |
+| `hidden.podManagementPolicy`                               | Pod management policy for hidden node                                                                                                                                                                                           | `OrderedReady`      |
+| `hidden.schedulerName`                                     | Name of the scheduler (other than default) to dispatch pods                                                                                                                                                                     | `""`                |
+| `hidden.podAffinityPreset`                                 | Hidden node Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`                                                                                                                                 | `""`                |
+| `hidden.podAntiAffinityPreset`                             | Hidden node Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`                                                                                                                            | `soft`              |
+| `hidden.nodeAffinityPreset.type`                           | Hidden Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`                                                                                                                                | `""`                |
+| `hidden.nodeAffinityPreset.key`                            | Hidden Node label key to match Ignored if `affinity` is set.                                                                                                                                                                    | `""`                |
+| `hidden.nodeAffinityPreset.values`                         | Hidden Node label values to match. Ignored if `affinity` is set.                                                                                                                                                                | `[]`                |
+| `hidden.affinity`                                          | Hidden node Affinity for pod assignment                                                                                                                                                                                         | `{}`                |
+| `hidden.nodeSelector`                                      | Hidden node Node labels for pod assignment                                                                                                                                                                                      | `{}`                |
+| `hidden.tolerations`                                       | Hidden node Tolerations for pod assignment                                                                                                                                                                                      | `[]`                |
+| `hidden.podLabels`                                         | Hidden node pod labels                                                                                                                                                                                                          | `{}`                |
+| `hidden.podAnnotations`                                    | Hidden node Pod annotations                                                                                                                                                                                                     | `{}`                |
+| `hidden.priorityClassName`                                 | Name of the existing priority class to be used by hidden node pod(s)                                                                                                                                                            | `""`                |
+| `hidden.runtimeClassName`                                  | Name of the runtime class to be used by hidden node pod(s)                                                                                                                                                                      | `""`                |
+| `hidden.podSecurityContext.enabled`                        | Enable Hidden pod(s)' Security Context                                                                                                                                                                                          | `true`              |
+| `hidden.podSecurityContext.fsGroupChangePolicy`            | Set filesystem group change policy                                                                                                                                                                                              | `Always`            |
+| `hidden.podSecurityContext.supplementalGroups`             | Set filesystem extra groups                                                                                                                                                                                                     | `[]`                |
+| `hidden.podSecurityContext.fsGroup`                        | Group ID for the volumes of the Hidden pod(s)                                                                                                                                                                                   | `1001`              |
+| `hidden.podSecurityContext.sysctls`                        | sysctl settings of the Hidden pod(s)'                                                                                                                                                                                           | `[]`                |
+| `hidden.containerSecurityContext.enabled`                  | Enabled containers' Security Context                                                                                                                                                                                            | `true`              |
+| `hidden.containerSecurityContext.seLinuxOptions`           | Set SELinux options in container                                                                                                                                                                                                | `{}`                |
+| `hidden.containerSecurityContext.runAsUser`                | Set containers' Security Context runAsUser                                                                                                                                                                                      | `1001`              |
+| `hidden.containerSecurityContext.runAsGroup`               | Set containers' Security Context runAsGroup                                                                                                                                                                                     | `1001`              |
+| `hidden.containerSecurityContext.runAsNonRoot`             | Set container's Security Context runAsNonRoot                                                                                                                                                                                   | `true`              |
+| `hidden.containerSecurityContext.privileged`               | Set container's Security Context privileged                                                                                                                                                                                     | `false`             |
+| `hidden.containerSecurityContext.readOnlyRootFilesystem`   | Set container's Security Context readOnlyRootFilesystem                                                                                                                                                                         | `true`              |
+| `hidden.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation                                                                                                                                                                       | `false`             |
+| `hidden.containerSecurityContext.capabilities.drop`        | List of capabilities to be dropped                                                                                                                                                                                              | `["ALL"]`           |
+| `hidden.containerSecurityContext.seccompProfile.type`      | Set container's Security Context seccomp profile                                                                                                                                                                                | `RuntimeDefault`    |
+| `hidden.resourcesPreset`                                   | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if hidden.resources is set (hidden.resources is recommended for production). | `micro`             |
+| `hidden.resources`                                         | Set container requests and limits for different resources like CPU or memory (essential for production workloads)                                                                                                               | `{}`                |
+| `hidden.containerPorts.mongodb`                            | MongoDB(&reg;) hidden container port                                                                                                                                                                                            | `27017`             |
+| `hidden.livenessProbe.enabled`                             | Enable livenessProbe                                                                                                                                                                                                            | `true`              |
+| `hidden.livenessProbe.initialDelaySeconds`                 | Initial delay seconds for livenessProbe                                                                                                                                                                                         | `30`                |
+| `hidden.livenessProbe.periodSeconds`                       | Period seconds for livenessProbe                                                                                                                                                                                                | `20`                |
+| `hidden.livenessProbe.timeoutSeconds`                      | Timeout seconds for livenessProbe                                                                                                                                                                                               | `10`                |
+| `hidden.livenessProbe.failureThreshold`                    | Failure threshold for livenessProbe                                                                                                                                                                                             | `6`                 |
+| `hidden.livenessProbe.successThreshold`                    | Success threshold for livenessProbe                                                                                                                                                                                             | `1`                 |
+| `hidden.readinessProbe.enabled`                            | Enable readinessProbe                                                                                                                                                                                                           | `true`              |
+| `hidden.readinessProbe.initialDelaySeconds`                | Initial delay seconds for readinessProbe                                                                                                                                                                                        | `5`                 |
+| `hidden.readinessProbe.periodSeconds`                      | Period seconds for readinessProbe                                                                                                                                                                                               | `20`                |
+| `hidden.readinessProbe.timeoutSeconds`                     | Timeout seconds for readinessProbe                                                                                                                                                                                              | `10`                |
+| `hidden.readinessProbe.failureThreshold`                   | Failure threshold for readinessProbe                                                                                                                                                                                            | `6`                 |
+| `hidden.readinessProbe.successThreshold`                   | Success threshold for readinessProbe                                                                                                                                                                                            | `1`                 |
+| `hidden.startupProbe.enabled`                              | Enable startupProbe                                                                                                                                                                                                             | `false`             |
+| `hidden.startupProbe.initialDelaySeconds`                  | Initial delay seconds for startupProbe                                                                                                                                                                                          | `5`                 |
+| `hidden.startupProbe.periodSeconds`                        | Period seconds for startupProbe                                                                                                                                                                                                 | `10`                |
+| `hidden.startupProbe.timeoutSeconds`                       | Timeout seconds for startupProbe                                                                                                                                                                                                | `5`                 |
+| `hidden.startupProbe.failureThreshold`                     | Failure threshold for startupProbe                                                                                                                                                                                              | `30`                |
+| `hidden.startupProbe.successThreshold`                     | Success threshold for startupProbe                                                                                                                                                                                              | `1`                 |
+| `hidden.customLivenessProbe`                               | Override default liveness probe for hidden node containers                                                                                                                                                                      | `{}`                |
+| `hidden.customReadinessProbe`                              | Override default readiness probe for hidden node containers                                                                                                                                                                     | `{}`                |
+| `hidden.customStartupProbe`                                | Override default startup probe for MongoDB(&reg;) containers                                                                                                                                                                    | `{}`                |
+| `hidden.initContainers`                                    | Add init containers to the MongoDB(&reg;) Hidden pods.                                                                                                                                                                          | `[]`                |
+| `hidden.sidecars`                                          | Add additional sidecar containers for the hidden node pod(s)                                                                                                                                                                    | `[]`                |
+| `hidden.extraVolumeMounts`                                 | Optionally specify extra list of additional volumeMounts for the hidden node container(s)                                                                                                                                       | `[]`                |
+| `hidden.extraVolumes`                                      | Optionally specify extra list of additional volumes to the hidden node statefulset                                                                                                                                              | `[]`                |
+| `hidden.pdb.create`                                        | Enable/disable a Pod Disruption Budget creation for hidden node pod(s)                                                                                                                                                          | `true`              |
+| `hidden.pdb.minAvailable`                                  | Minimum number/percentage of hidden node pods that should remain scheduled                                                                                                                                                      | `""`                |
+| `hidden.pdb.maxUnavailable`                                | Maximum number/percentage of hidden node pods that may be made unavailable. Defaults to `1` if both `hidden.pdb.minAvailable` and `hidden.pdb.maxUnavailable` are empty.                                                        | `""`                |
+| `hidden.persistence.enabled`                               | Enable hidden node data persistence using PVC                                                                                                                                                                                   | `true`              |
+| `hidden.persistence.medium`                                | Provide a medium for `emptyDir` volumes.                                                                                                                                                                                        | `""`                |
+| `hidden.persistence.storageClass`                          | PVC Storage Class for hidden node data volume                                                                                                                                                                                   | `""`                |
+| `hidden.persistence.accessModes`                           | PV Access Mode                                                                                                                                                                                                                  | `["ReadWriteOnce"]` |
+| `hidden.persistence.size`                                  | PVC Storage Request for hidden node data volume                                                                                                                                                                                 | `8Gi`               |
+| `hidden.persistence.annotations`                           | PVC annotations                                                                                                                                                                                                                 | `{}`                |
+| `hidden.persistence.mountPath`                             | The path the volume will be mounted at, useful when using different MongoDB(&reg;) images.                                                                                                                                      | `/bitnami/mongodb`  |
+| `hidden.persistence.subPath`                               | The subdirectory of the volume to mount to, useful in dev environments                                                                                                                                                          | `""`                |
+| `hidden.persistence.volumeClaimTemplates.selector`         | A label query over volumes to consider for binding (e.g. when using local volumes)                                                                                                                                              | `{}`                |
+| `hidden.persistence.volumeClaimTemplates.requests`         | Custom PVC requests attributes                                                                                                                                                                                                  | `{}`                |
+| `hidden.persistence.volumeClaimTemplates.dataSource`       | Set volumeClaimTemplate dataSource                                                                                                                                                                                              | `{}`                |
+| `hidden.service.nameOverride`                              | The hidden service name                                                                                                                                                                                                         | `""`                |
+| `hidden.service.portName`                                  | MongoDB(&reg;) service port name                                                                                                                                                                                                | `mongodb`           |
+| `hidden.service.ports.mongodb`                             | MongoDB(&reg;) service port                                                                                                                                                                                                     | `27017`             |
+| `hidden.service.extraPorts`                                | Extra ports to expose (normally used with the `sidecar` value)                                                                                                                                                                  | `[]`                |
+| `hidden.service.annotations`                               | Provide any additional annotations that may be required                                                                                                                                                                         | `{}`                |
+| `hidden.service.headless.annotations`                      | Annotations for the headless service.                                                                                                                                                                                           | `{}`                |
+
+### Metrics parameters
+
+| Name                                         | Description                                                                                                                                                                                                                       | Value                              |
+| -------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------- |
+| `metrics.enabled`                            | Enable using a sidecar Prometheus exporter                                                                                                                                                                                        | `false`                            |
+| `metrics.image.registry`                     | MongoDB(&reg;) Prometheus exporter image registry                                                                                                                                                                                 | `REGISTRY_NAME`                    |
+| `metrics.image.repository`                   | MongoDB(&reg;) Prometheus exporter image repository                                                                                                                                                                               | `REPOSITORY_NAME/mongodb-exporter` |
+| `metrics.image.digest`                       | MongoDB(&reg;) image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag                                                                                                                    | `""`                               |
+| `metrics.image.pullPolicy`                   | MongoDB(&reg;) Prometheus exporter image pull policy                                                                                                                                                                              | `IfNotPresent`                     |
+| `metrics.image.pullSecrets`                  | Specify docker-registry secret names as an array                                                                                                                                                                                  | `[]`                               |
+| `metrics.username`                           | String with username for the metrics exporter                                                                                                                                                                                     | `""`                               |
+| `metrics.password`                           | String with password for the metrics exporter                                                                                                                                                                                     | `""`                               |
+| `metrics.compatibleMode`                     | Enables old style mongodb-exporter metrics                                                                                                                                                                                        | `true`                             |
+| `metrics.collector.all`                      | Enable all collectors. Same as enabling all individual metrics                                                                                                                                                                    | `false`                            |
+| `metrics.collector.diagnosticdata`           | Boolean Enable collecting metrics from getDiagnosticData                                                                                                                                                                          | `true`                             |
+| `metrics.collector.replicasetstatus`         | Boolean Enable collecting metrics from replSetGetStatus                                                                                                                                                                           | `true`                             |
+| `metrics.collector.dbstats`                  | Boolean Enable collecting metrics from dbStats                                                                                                                                                                                    | `false`                            |
+| `metrics.collector.topmetrics`               | Boolean Enable collecting metrics from top admin command                                                                                                                                                                          | `false`                            |
+| `metrics.collector.indexstats`               | Boolean Enable collecting metrics from $indexStats                                                                                                                                                                                | `false`                            |
+| `metrics.collector.collstats`                | Boolean Enable collecting metrics from $collStats                                                                                                                                                                                 | `false`                            |
+| `metrics.collector.collstatsColls`           | List of \<databases\>.\<collections\> to get $collStats                                                                                                                                                                           | `[]`                               |
+| `metrics.collector.indexstatsColls`          | List - List of \<databases\>.\<collections\> to get $indexStats                                                                                                                                                                   | `[]`                               |
+| `metrics.collector.collstatsLimit`           | Number - Disable collstats, dbstats, topmetrics and indexstats collector if there are more than \<n\> collections. 0=No limit                                                                                                     | `0`                                |
+| `metrics.extraFlags`                         | String with extra flags to the metrics exporter                                                                                                                                                                                   | `""`                               |
+| `metrics.command`                            | Override default container command (useful when using custom images)                                                                                                                                                              | `[]`                               |
+| `metrics.args`                               | Override default container args (useful when using custom images)                                                                                                                                                                 | `[]`                               |
+| `metrics.resourcesPreset`                    | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production). | `nano`                             |
+| `metrics.resources`                          | Set container requests and limits for different resources like CPU or memory (essential for production workloads)                                                                                                                 | `{}`                               |
+| `metrics.containerPort`                      | Port of the Prometheus metrics container                                                                                                                                                                                          | `9216`                             |
+| `metrics.service.annotations`                | Annotations for Prometheus Exporter pods. Evaluated as a template.                                                                                                                                                                | `{}`                               |
+| `metrics.service.type`                       | Type of the Prometheus metrics service                                                                                                                                                                                            | `ClusterIP`                        |
+| `metrics.service.ports.metrics`              | Port of the Prometheus metrics service                                                                                                                                                                                            | `9216`                             |
+| `metrics.service.extraPorts`                 | Extra ports to expose (normally used with the `sidecar` value)                                                                                                                                                                    | `[]`                               |
+| `metrics.livenessProbe.enabled`              | Enable livenessProbe                                                                                                                                                                                                              | `true`                             |
+| `metrics.livenessProbe.initialDelaySeconds`  | Initial delay seconds for livenessProbe                                                                                                                                                                                           | `15`                               |
+| `metrics.livenessProbe.periodSeconds`        | Period seconds for livenessProbe                                                                                                                                                                                                  | `5`                                |
+| `metrics.livenessProbe.timeoutSeconds`       | Timeout seconds for livenessProbe                                                                                                                                                                                                 | `10`                               |
+| `metrics.livenessProbe.failureThreshold`     | Failure threshold for livenessProbe                                                                                                                                                                                               | `3`                                |
+| `metrics.livenessProbe.successThreshold`     | Success threshold for livenessProbe                                                                                                                                                                                               | `1`                                |
+| `metrics.readinessProbe.enabled`             | Enable readinessProbe                                                                                                                                                                                                             | `true`                             |
+| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe                                                                                                                                                                                          | `5`                                |
+| `metrics.readinessProbe.periodSeconds`       | Period seconds for readinessProbe                                                                                                                                                                                                 | `5`                                |
+| `metrics.readinessProbe.timeoutSeconds`      | Timeout seconds for readinessProbe                                                                                                                                                                                                | `10`                               |
+| `metrics.readinessProbe.failureThreshold`    | Failure threshold for readinessProbe                                                                                                                                                                                              | `3`                                |
+| `metrics.readinessProbe.successThreshold`    | Success threshold for readinessProbe                                                                                                                                                                                              | `1`                                |
+| `metrics.startupProbe.enabled`               | Enable startupProbe                                                                                                                                                                                                               | `false`                            |
+| `metrics.startupProbe.initialDelaySeconds`   | Initial delay seconds for startupProbe                                                                                                                                                                                            | `5`                                |
+| `metrics.startupProbe.periodSeconds`         | Period seconds for startupProbe                                                                                                                                                                                                   | `10`                               |
+| `metrics.startupProbe.timeoutSeconds`        | Timeout seconds for startupProbe                                                                                                                                                                                                  | `5`                                |
+| `metrics.startupProbe.failureThreshold`      | Failure threshold for startupProbe                                                                                                                                                                                                | `30`                               |
+| `metrics.startupProbe.successThreshold`      | Success threshold for startupProbe                                                                                                                                                                                                | `1`                                |
+| `metrics.customLivenessProbe`                | Override default liveness probe for MongoDB(&reg;) containers                                                                                                                                                                     | `{}`                               |
+| `metrics.customReadinessProbe`               | Override default readiness probe for MongoDB(&reg;) containers                                                                                                                                                                    | `{}`                               |
+| `metrics.customStartupProbe`                 | Override default startup probe for MongoDB(&reg;) containers                                                                                                                                                                      | `{}`                               |
+| `metrics.extraVolumeMounts`                  | Optionally specify extra list of additional volumeMounts for the metrics container(s)                                                                                                                                             | `[]`                               |
+| `metrics.serviceMonitor.enabled`             | Create ServiceMonitor Resource for scraping metrics using Prometheus Operator                                                                                                                                                     | `false`                            |
+| `metrics.serviceMonitor.namespace`           | Namespace which Prometheus is running in                                                                                                                                                                                          | `""`                               |
+| `metrics.serviceMonitor.interval`            | Interval at which metrics should be scraped                                                                                                                                                                                       | `30s`                              |
+| `metrics.serviceMonitor.scrapeTimeout`       | Specify the timeout after which the scrape is ended                                                                                                                                                                               | `""`                               |
+| `metrics.serviceMonitor.relabelings`         | RelabelConfigs to apply to samples before scraping.                                                                                                                                                                               | `[]`                               |
+| `metrics.serviceMonitor.metricRelabelings`   | MetricsRelabelConfigs to apply to samples before ingestion.                                                                                                                                                                       | `[]`                               |
+| `metrics.serviceMonitor.labels`              | Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with                                                                                                             | `{}`                               |
+| `metrics.serviceMonitor.selector`            | Prometheus instance selector labels                                                                                                                                                                                               | `{}`                               |
+| `metrics.serviceMonitor.honorLabels`         | Specify honorLabels parameter to add the scrape endpoint                                                                                                                                                                          | `false`                            |
+| `metrics.serviceMonitor.jobLabel`            | The name of the label on the target service to use as the job name in prometheus.                                                                                                                                                 | `""`                               |
+| `metrics.prometheusRule.enabled`             | Set this to true to create prometheusRules for Prometheus operator                                                                                                                                                                | `false`                            |
+| `metrics.prometheusRule.additionalLabels`    | Additional labels that can be used so prometheusRules will be discovered by Prometheus                                                                                                                                            | `{}`                               |
+| `metrics.prometheusRule.namespace`           | Namespace where prometheusRules resource should be created                                                                                                                                                                        | `""`                               |
+| `metrics.prometheusRule.rules`               | Rules to be created, check values for an example                                                                                                                                                                                  | `[]`                               |
+
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
+
+```console
+helm install my-release \
+    --set auth.rootPassword=secretpassword,auth.username=my-user,auth.password=my-password,auth.database=my-database \
+    oci://REGISTRY_NAME/REPOSITORY_NAME/mongodb
+```
+
+> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`.
+
+The above command sets the MongoDB(&reg;) `root` account password to `secretpassword`. Additionally, it creates a standard database user named `my-user`, with the password `my-password`, who has access to a database named `my-database`.
+
+> NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available.
+
+Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
+
+```console
+helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/mongodb
+```
+
+> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`.
+> **Tip**: You can use the default [values.yaml](https://github.com/bitnami/charts/tree/main/bitnami/mongodb/values.yaml)
+
  ## Troubleshooting
  
  Find more information about how to deal with common errors related to Bitnami's Helm charts in [this troubleshooting guide](https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues).
  
  ## Upgrading
  
+### To 16.4.0
+
+This version introduces image verification for security purposes. To disable it, set `global.security.allowInsecureImages` to `true`. More details at [GitHub issue](https://github.com/bitnami/charts/issues/30850).
+
  If authentication is enabled, it's necessary to set the `auth.rootPassword` (also `auth.replicaSetKey` when using a replicaset architecture) when upgrading for readiness/liveness probes to work properly. When you install this chart for the first time, some notes will be displayed providing the credentials you must use under the 'Credentials' section. Please note down the password, and run the command below to upgrade your chart:
  
  ```console
@@ -992,6 +1183,21 @@ helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mongodb --set auth.r
  > Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`.
  > Note: you need to substitute the placeholders [PASSWORD] and [REPLICASETKEY] with the values obtained in the installation notes.
  
+### To 16.0.0
+
+To upgrade to MongoDB `8.0` from a `7.0` deployment, the `7.0` deployment must have `featureCompatibilityVersion` set to `7.0`. Please refer to the [official documentation](https://www.mongodb.com/docs/manual/release-notes/8.0/#upgrade-procedures).
+
+### To 15.0.0
+
+This major bump changes the following security defaults:
+
+- `runAsGroup` is changed from `0` to `1001`
+- `readOnlyRootFilesystem` is set to `true`
+- `resourcesPreset` is changed from `none` to the minimum size working in our test suites (NOTE: `resourcesPreset` is not meant for production usage, but `resources` adapted to your use case).
+- `global.compatibility.openshift.adaptSecurityContext` is changed from `disabled` to `auto`.
+
+This could potentially break any customization or init scripts used in your deployment. If this is the case, change the default values to the previous ones.
+
  ### To 12.0.0
  
  This major release renames several values in this chart and adds missing features, in order to be inline with the rest of assets in the Bitnami charts repository.
@@ -1105,7 +1311,7 @@ extraDeploy:
  
  ## License
  
-Copyright &copy; 2024 Broadcom. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries.
+Copyright &copy; 2025 Broadcom. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries.
  
  Licensed under the Apache License, Version 2.0 (the "License");
  you may not use this file except in compliance with the License.
@@ -1117,4 +1323,4 @@ Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  See the License for the specific language governing permissions and
-limitations under the License.
+limitations under the License.
+\ No newline at end of file
diff --git a/kubernetes/common/mongodb/common/.helmignore b/kubernetes/common/mongodb/common/.helmignore

index 7c7c21d..d0e1084 100644 (file)
--- a/kubernetes/common/mongodb/common/.helmignore
+++ b/kubernetes/common/mongodb/common/.helmignore
@@ -22,3 +22,5 @@
  .vscode/
  # img folder
  img/
+# Changelog
+CHANGELOG.md
diff --git a/kubernetes/common/mongodb/common/CHANGELOG.md b/kubernetes/common/mongodb/common/CHANGELOG.md

new file mode 100644 (file)

index 0000000..8f3dfe0
--- /dev/null
+++ b/kubernetes/common/mongodb/common/CHANGELOG.md
@@ -0,0 +1,658 @@
+# Changelog
+
+## 2.31.1 (2025-05-07)
+
+* [bitnami/common] chore: :recycle: Remove unused helpers ([#33496](https://github.com/bitnami/charts/pull/33496))
+
+## 2.31.0 (2025-05-05)
+
+* [bitnami/common] chore: :recycle: Remove deprecated APIs (<1.23.0) (#33320) ([3826a9e](https://github.com/bitnami/charts/commit/3826a9e1488c12545f11cf8cb1a11d23daf90602)), closes [#33320](https://github.com/bitnami/charts/issues/33320)
+
+## <small>2.30.2 (2025-04-30)</small>
+
+* [bitnami/common] add namespaces to extraPodAffinityTerms for affinities (#33173) ([4e35d60](https://github.com/bitnami/charts/commit/4e35d6016945db7b9fd4eef72b177d4826d69ece)), closes [#33173](https://github.com/bitnami/charts/issues/33173)
+
+## <small>2.30.1 (2025-04-30)</small>
+
+* [bitnami/common] Allows tpl in provided passwords "common.secrets.passwords.manage" (#33196) ([1f53dd8](https://github.com/bitnami/charts/commit/1f53dd862f2aca1071f5734c3ba825e3ff4fa383)), closes [#33196](https://github.com/bitnami/charts/issues/33196)
+* [bitnami/common] Restore 'Paremeters' section of the README (#32861) ([72f3f35](https://github.com/bitnami/charts/commit/72f3f353e35da99060a1662770655a12a2253887)), closes [#32861](https://github.com/bitnami/charts/issues/32861)
+
+## 2.30.0 (2025-02-19)
+
+* [bitnami/*] Use CDN url for the Bitnami Application Icons (#31881) ([d9bb11a](https://github.com/bitnami/charts/commit/d9bb11a9076b9bfdcc70ea022c25ef50e9713657)), closes [#31881](https://github.com/bitnami/charts/issues/31881)
+* [bitnami/common] Add helper to check API versions (#31969) ([5ba89c5](https://github.com/bitnami/charts/commit/5ba89c5afc3d57e36f90364638d9beabb32499f4)), closes [#31969](https://github.com/bitnami/charts/issues/31969)
+* Update copyright year (#31682) ([e9f02f5](https://github.com/bitnami/charts/commit/e9f02f5007068751f7eb2270fece811e685c99b6)), closes [#31682](https://github.com/bitnami/charts/issues/31682)
+
+## <small>2.29.1 (2025-01-23)</small>
+
+* [bitnami/common] Removing seLinuxOptions from omission (#31279) ([e7cb168](https://github.com/bitnami/charts/commit/e7cb168ca2bccd57e28bb985e099953a4f7e3b38)), closes [#31279](https://github.com/bitnami/charts/issues/31279) [#31278](https://github.com/bitnami/charts/issues/31278)
+
+## 2.29.0 (2025-01-03)
+
+* [bitnami/common] Add "common.capabilities.job.apiVersion" template (#31164) ([2ca979a](https://github.com/bitnami/charts/commit/2ca979a6add279384d60e6b35199eaf13553cefa)), closes [#31164](https://github.com/bitnami/charts/issues/31164)
+
+## 2.28.0 (2024-12-10)
+
+* [bitnami/common] New helper to detect non-standard images (#30851) ([ae33d01](https://github.com/bitnami/charts/commit/ae33d01968e8a353a569785f9867827153c797dc)), closes [#30851](https://github.com/bitnami/charts/issues/30851)
+
+## <small>2.27.2 (2024-11-27)</small>
+
+* [bitnami/common] Fix appVersion (#30628) ([b87d39e](https://github.com/bitnami/charts/commit/b87d39e27a0889c74b20c3d2fe5ae0c4a2417bfd)), closes [#30628](https://github.com/bitnami/charts/issues/30628)
+* [bitnami/common]: bump patch version (#30639) ([623e584](https://github.com/bitnami/charts/commit/623e5846ff827b7ecbcffa2dc51e2e94b14ef8fd)), closes [#30639](https://github.com/bitnami/charts/issues/30639)
+
+## <small>2.27.1 (2024-11-26)</small>
+
+* [bitnami/common] Fix VPA apiVersion (#30625) ([8c24438](https://github.com/bitnami/charts/commit/8c24438a2f6e8ec646cad9901ed82d71d4196e3e)), closes [#30625](https://github.com/bitnami/charts/issues/30625)
+
+## 2.27.0 (2024-11-07)
+
+* [bitnami/*] Remove wrong comment about imagePullPolicy (#30107) ([a51f9e4](https://github.com/bitnami/charts/commit/a51f9e4bb0fbf77199512d35de7ac8abe055d026)), closes [#30107](https://github.com/bitnami/charts/issues/30107)
+* [bitnami/common] feat: :sparkles: Add honorProvidedValues in common.secrets.manage (#30243) ([3d76a49](https://github.com/bitnami/charts/commit/3d76a4955c11fa4d2464da2c4d2096e1e3c6fa37)), closes [#30243](https://github.com/bitnami/charts/issues/30243)
+* Update documentation links to techdocs.broadcom.com (#29931) ([f0d9ad7](https://github.com/bitnami/charts/commit/f0d9ad78f39f633d275fc576d32eae78ded4d0b8)), closes [#29931](https://github.com/bitnami/charts/issues/29931)
+
+## 2.26.0 (2024-10-14)
+
+* [bitnami/common] Drop unused custom empty password validators (#29432) ([5fb0e97](https://github.com/bitnami/charts/commit/5fb0e97d9336d40d86c3295637d4233218b8afea)), closes [#29432](https://github.com/bitnami/charts/issues/29432)
+
+## 2.25.0 (2024-10-11)
+
+* [bitnami/common] Add the ability to specify namespaces for affinity (#29479) ([005e0d6](https://github.com/bitnami/charts/commit/005e0d696004dd972915f290b7caffb2bc332400)), closes [#29479](https://github.com/bitnami/charts/issues/29479)
+
+## 2.24.0 (2024-10-03)
+
+* [bitnami/common] Add common.tplvalues.merge-overwrite helper (#29668) ([611b2a5](https://github.com/bitnami/charts/commit/611b2a59e06feaac878b3b218fd848a687216158)), closes [#29668](https://github.com/bitnami/charts/issues/29668)
+
+## 2.23.0 (2024-09-13)
+
+* [bitnami/common] Add option to remove empty seLinuxOptions from securityContext in non OpenShift env ([7e44e64](https://github.com/bitnami/charts/commit/7e44e64626f5b1fc6d56889cdfdeadc1f62c7cf1)), closes [#28945](https://github.com/bitnami/charts/issues/28945)
+
+## 2.22.0 (2024-08-08)
+
+* [bitnami/common] Fallback to chart appVersion in common.images.image (#28764) ([b4aa0a6](https://github.com/bitnami/charts/commit/b4aa0a685a21c50ca10e41e3eb2023bbd4282cf7)), closes [#28764](https://github.com/bitnami/charts/issues/28764)
+
+## 2.21.0 (2024-08-05)
+
+* [bitnami/common] Allow handling of new secrets after initial installation (#28581) ([07062ee](https://github.com/bitnami/charts/commit/07062ee01382e24b8204b27083ff3e8102110c2f)), closes [#28581](https://github.com/bitnami/charts/issues/28581)
+
+## <small>2.20.5 (2024-07-16)</small>
+
+* [bitnami/common] [bitnami/wordpress] Use global.storageClass for fallback, not override (#24863) ([2b78e13](https://github.com/bitnami/charts/commit/2b78e137ac278cdf9d54523e8d37833a4ff0cd5b)), closes [#24863](https://github.com/bitnami/charts/issues/24863)
+
+## <small>2.20.4 (2024-07-11)</small>
+
+* [bitnami/*] Update README changing TAC wording (#27530) ([52dfed6](https://github.com/bitnami/charts/commit/52dfed6bac44d791efabfaf06f15daddc4fefb0c)), closes [#27530](https://github.com/bitnami/charts/issues/27530)
+* [bitnami/common] Increase ephemeral-storage default limits (#27902) ([dc0000d](https://github.com/bitnami/charts/commit/dc0000d7b56f68991bb8d8fff473103ed9026f5f)), closes [#27902](https://github.com/bitnami/charts/issues/27902)
+
+## <small>2.20.3 (2024-06-17)</small>
+
+* [bitnami/common] chore: :wrench: Relax large and xlarge presets resource requests (#27312) ([6ca69f6](https://github.com/bitnami/charts/commit/6ca69f6769d0f65acc850fa0bcc08506de50cc41)), closes [#27312](https://github.com/bitnami/charts/issues/27312)
+
+## <small>2.20.2 (2024-06-10)</small>
+
+* [bitnami/common] remove trailing spaces from imagePullSecrets rendering (#26882) ([362d4ac](https://github.com/bitnami/charts/commit/362d4ac94dd69be1b607fc531ceac4d67d8d57ef)), closes [#26882](https://github.com/bitnami/charts/issues/26882)
+
+## <small>2.20.1 (2024-06-10)</small>
+
+* [bitnami/common] improve renderSecurityContext (#27053) ([5f0bdde](https://github.com/bitnami/charts/commit/5f0bdde77cf05afa20cb4a800090748a8d102d02)), closes [#27053](https://github.com/bitnami/charts/issues/27053)
+
+## 2.20.0 (2024-06-05)
+
+* [bitnami/*] ci: :construction_worker: Add tag and changelog support (#25359) ([91c707c](https://github.com/bitnami/charts/commit/91c707c9e4e574725a09505d2d313fb93f1b4c0a)), closes [#25359](https://github.com/bitnami/charts/issues/25359)
+* [bitnami/common] Capabilities to return latest apiVersion if kubeVersion is undefined (#26758) ([6582c32](https://github.com/bitnami/charts/commit/6582c3237b772af9cb379f7eaceddb2d64b507f0)), closes [#26758](https://github.com/bitnami/charts/issues/26758)
+* [bitnami/common] docs: :memo: Add changelog ([23349c9](https://github.com/bitnami/charts/commit/23349c99b70313f3e19ebcf9d3e0c154836b2cc0))
+
+## <small>2.19.3 (2024-05-20)</small>
+
+* [bitnami/*] Change non-root and rolling-tags doc URLs (#25628) ([b067c94](https://github.com/bitnami/charts/commit/b067c94f6bcde427863c197fd355f0b5ba12ff5b)), closes [#25628](https://github.com/bitnami/charts/issues/25628)
+* [bitnami/*] Set new header/owner (#25558) ([8d1dc11](https://github.com/bitnami/charts/commit/8d1dc11f5fb30db6fba50c43d7af59d2f79deed3)), closes [#25558](https://github.com/bitnami/charts/issues/25558)
+* [bitnami/common] feat: :sparkles: Show warning when original images are replaced (#25952) ([855045a](https://github.com/bitnami/charts/commit/855045a1a62618154c1216e8da31a4d2c14c7586)), closes [#25952](https://github.com/bitnami/charts/issues/25952)
+
+## <small>2.19.2 (2024-04-29)</small>
+
+* [bitnami/common] Simplify syntax to deal with nullable objects (#25446) ([7dcea6a](https://github.com/bitnami/charts/commit/7dcea6aeb7c45d56bd6175b457bb8a2cddf8defc)), closes [#25446](https://github.com/bitnami/charts/issues/25446)
+* Replace VMware by Broadcom copyright text (#25306) ([a5e4bd0](https://github.com/bitnami/charts/commit/a5e4bd0e35e419203793976a78d9d0a13de92c76)), closes [#25306](https://github.com/bitnami/charts/issues/25306)
+
+## <small>2.19.1 (2024-03-27)</small>
+
+* [bitnami/common] chore: :wrench: Relax preset resource requests xlarge and 2xlarge instances (#24713 ([fdd93bb](https://github.com/bitnami/charts/commit/fdd93bb2a2f73a7df3e498b5072736a54610a908)), closes [#24713](https://github.com/bitnami/charts/issues/24713)
+
+## 2.19.0 (2024-03-08)
+
+* [bitnami/common] feat: :sparkles: Remove empty seLinuxOptions in adapted Openshift rendered security ([1f2f5ef](https://github.com/bitnami/charts/commit/1f2f5ef476efba7f284df0c36c265216325ffda9)), closes [#24268](https://github.com/bitnami/charts/issues/24268)
+
+## 2.18.0 (2024-03-04)
+
+* [bitnami/common] feat: :sparkles: :lock: Add compatibility support for securityContext in Openshift  ([8fb0dd4](https://github.com/bitnami/charts/commit/8fb0dd48b6d7ec69bb59db2376365f6d76b26d97)), closes [#24040](https://github.com/bitnami/charts/issues/24040)
+
+## 2.17.0 (2024-02-20)
+
+* [bitnami/*] Bump all versions (#23602) ([b70ee2a](https://github.com/bitnami/charts/commit/b70ee2a30e4dc256bf0ac52928fb2fa7a70f049b)), closes [#23602](https://github.com/bitnami/charts/issues/23602)
+
+## <small>2.16.1 (2024-02-19)</small>
+
+* [bitnami/common] chore: :wrench: Bump ephemeral storage limits (#23564) ([18c4d88](https://github.com/bitnami/charts/commit/18c4d88f7d4ae93f36d0896fa66dbe872bba1c48)), closes [#23564](https://github.com/bitnami/charts/issues/23564)
+
+## 2.16.0 (2024-02-15)
+
+* [bitnami/common] feat: :sparkles: Add ephemeral-storage to resources preset (#23544) ([23b6856](https://github.com/bitnami/charts/commit/23b68563a0e2e721aa07864cff1b877e1d074388)), closes [#23544](https://github.com/bitnami/charts/issues/23544)
+
+## <small>2.15.3 (2024-02-14)</small>
+
+* [bitnami/common] chore: :pencil2: Fix typo in comment ([d07fb32](https://github.com/bitnami/charts/commit/d07fb324bd6455bf8607f66c642ff346443199ba))
+
+## <small>2.15.2 (2024-02-14)</small>
+
+* [bitnami/common] fix: :children_crossing: Improve resource warning message (#23425) ([7593e4f](https://github.com/bitnami/charts/commit/7593e4fc69fb8c50f7d626cc305c5adc56d23f48)), closes [#23425](https://github.com/bitnami/charts/issues/23425)
+
+## <small>2.15.1 (2024-02-13)</small>
+
+* [bitnami/common] fix: :bug: Check if section is enabled before printing resource warning ([262b6ee](https://github.com/bitnami/charts/commit/262b6ee64c57a5293333879ec423ad41c44f162c))
+
+## 2.15.0 (2024-02-13)
+
+* [bitnami/*] Fix docs.bitnami.com broken links (#21901) ([f35506d](https://github.com/bitnami/charts/commit/f35506d2dadee4f097986e7792df1f53ab215b5d)), closes [#21901](https://github.com/bitnami/charts/issues/21901)
+* [bitnami/*] Move documentation sections from docs.bitnami.com back to the README (#22203) ([7564f36](https://github.com/bitnami/charts/commit/7564f36ca1e95ff30ee686652b7ab8690561a707)), closes [#22203](https://github.com/bitnami/charts/issues/22203)
+* [bitnami/*] Update copyright: Year and company (#21815) ([6c4bf75](https://github.com/bitnami/charts/commit/6c4bf75dec58fc7c9aee9f089777b1a858c17d5b)), closes [#21815](https://github.com/bitnami/charts/issues/21815)
+* [bitnami/common] feat: :sparkles: Add support for resource presets (#23410) ([310d9f9](https://github.com/bitnami/charts/commit/310d9f9e44cb913a2e482f57107970ed5bde9a69)), closes [#23410](https://github.com/bitnami/charts/issues/23410)
+
+## <small>2.14.1 (2023-12-19)</small>
+
+* [bitnami/common] Fix typo with new line in common.secrets.passwords.manage (#21653) ([7e70463](https://github.com/bitnami/charts/commit/7e704634ef564adac330f1e0a67feb2a40a271dc)), closes [#21653](https://github.com/bitnami/charts/issues/21653)
+
+## 2.14.0 (2023-12-19)
+
+* [bitnami/common] add params skipB64enc and skipQuote to common.secrets.passwords.manage (#21595) ([2070eeb](https://github.com/bitnami/charts/commit/2070eeb30bbf48639e0177a42f65a1d13f42a180)), closes [#21595](https://github.com/bitnami/charts/issues/21595)
+
+## <small>2.13.4 (2023-12-15)</small>
+
+* [bitnami/*] Remove relative links to non-README sections, add verification for that and update TL;DR ([1103633](https://github.com/bitnami/charts/commit/11036334d82df0490aa4abdb591543cab6cf7d7f)), closes [#20967](https://github.com/bitnami/charts/issues/20967)
+* [bitnami/*] Rename VMware Application Catalog (#20361) ([3acc734](https://github.com/bitnami/charts/commit/3acc73472beb6fb56c4d99f929061001205bc57e)), closes [#20361](https://github.com/bitnami/charts/issues/20361)
+* [bitnami/common] fix failOnNew implementation in common.secrets.passwords.manage (#21342) ([76a5f24](https://github.com/bitnami/charts/commit/76a5f248fbceb3d1d948c7e60fbba74fd7eb3200)), closes [#21342](https://github.com/bitnami/charts/issues/21342)
+* [bitnami/common] Standardize documentation (#20334) ([3af2426](https://github.com/bitnami/charts/commit/3af242606877aea25c623b4185e6fcd285b7308d)), closes [#20334](https://github.com/bitnami/charts/issues/20334)
+
+## <small>2.13.3 (2023-10-17)</small>
+
+* [bitnami/*] Update Helm charts prerequisites (#19745) ([eb755dd](https://github.com/bitnami/charts/commit/eb755dd36a4dd3cf6635be8e0598f9a7f4c4a554)), closes [#19745](https://github.com/bitnami/charts/issues/19745)
+* [bitnami/common]: Address admission configuration typo  (#19840) ([9a936f1](https://github.com/bitnami/charts/commit/9a936f158646e101c2507421fdcb85b787bbaf64)), closes [#19840](https://github.com/bitnami/charts/issues/19840)
+
+## <small>2.13.2 (2023-10-05)</small>
+
+* [bitnami/common] update imagePullSecrets to handle map and list format (#19702) ([1d30563](https://github.com/bitnami/charts/commit/1d30563bf53d4c0ac898cf1070af57aa28a039f1)), closes [#19702](https://github.com/bitnami/charts/issues/19702)
+
+## <small>2.13.1 (2023-10-04)</small>
+
+* [bitnami/common] render labels correctly when they contains templates (#19680) ([3cb44e3](https://github.com/bitnami/charts/commit/3cb44e376a472ca6721866b09f6d0ab412338cbc)), closes [#19680](https://github.com/bitnami/charts/issues/19680)
+
+## 2.13.0 (2023-09-29)
+
+* [bitnami/common]: Add capabilities macros to manage Pod Security Standard objects (#19428) ([322b76d](https://github.com/bitnami/charts/commit/322b76d6450840f08d53ecfddb5e151cac5c9e88)), closes [#19428](https://github.com/bitnami/charts/issues/19428)
+
+## <small>2.12.1 (2023-09-29)</small>
+
+* [bitnami/common] allow for empty appVersion (#19467) ([8b46a33](https://github.com/bitnami/charts/commit/8b46a3366abc7d216d16ace89675f3fc42691e8f)), closes [#19467](https://github.com/bitnami/charts/issues/19467)
+
+## 2.12.0 (2023-09-22)
+
+* [bitnami/common] new macro to checksum config resources (#19261) ([73945fe](https://github.com/bitnami/charts/commit/73945fedfa2acff03fe172430fcc4b8bcf55282f)), closes [#19261](https://github.com/bitnami/charts/issues/19261)
+* Revert "Autogenerate schema files (#19194)" (#19335) ([73d80be](https://github.com/bitnami/charts/commit/73d80be525c88fb4b8a54451a55acd506e337062)), closes [#19194](https://github.com/bitnami/charts/issues/19194) [#19335](https://github.com/bitnami/charts/issues/19335)
+
+## <small>2.11.1 (2023-09-15)</small>
+
+* Common - Adding app.kubernetes.io/version to common labels (#17201) ([9c497be](https://github.com/bitnami/charts/commit/9c497be9d99a98a20cd01e5858014e097ebe0eaa)), closes [#17201](https://github.com/bitnami/charts/issues/17201)
+
+## 2.11.0 (2023-09-12)
+
+* [bitnami/common] New helper to return image version (#19223) ([db46696](https://github.com/bitnami/charts/commit/db466964c6cfb3368ab87be6bb4d16f74d5c6fd0)), closes [#19223](https://github.com/bitnami/charts/issues/19223)
+* Autogenerate schema files (#19194) ([a2c2090](https://github.com/bitnami/charts/commit/a2c2090b5ac97f47b745c8028c6452bf99739772)), closes [#19194](https://github.com/bitnami/charts/issues/19194)
+
+## <small>2.10.1 (2023-09-08)</small>
+
+* [bitnami/common]: Compatiblity with Helm 3.2.0+ (#19177) ([e4fc03d](https://github.com/bitnami/charts/commit/e4fc03d96bef6ab0318d642fb65ba508c49844f1)), closes [#19177](https://github.com/bitnami/charts/issues/19177)
+
+## 2.10.0 (2023-09-04)
+
+* [bitnami/common] new macro to merge a list of values with rendering  (#18889) ([0fb66f2](https://github.com/bitnami/charts/commit/0fb66f2c6f6828a240a0c1e6857c337bf9f4202a)), closes [#18889](https://github.com/bitnami/charts/issues/18889)
+
+## <small>2.9.2 (2023-08-31)</small>
+
+* Avoid using a tpl when there is no template (#18792) ([134924a](https://github.com/bitnami/charts/commit/134924a260fe2cd758a954f34e89ccb14012f348)), closes [#18792](https://github.com/bitnami/charts/issues/18792)
+
+## <small>2.9.1 (2023-08-29)</small>
+
+* [bitnami/common] Add extraLabelSelectors to affinities templates (#18127) ([b9ecfdb](https://github.com/bitnami/charts/commit/b9ecfdb3421a057b76e6f35f58c26e631c74e686)), closes [#18127](https://github.com/bitnami/charts/issues/18127)
+
+## 2.9.0 (2023-08-22)
+
+* [bitnami/common] Add support for customizing standard labels (#18154) ([9a20483](https://github.com/bitnami/charts/commit/9a20483cfd1daa6bfe08fd8116516a9bb5cd9754)), closes [#18154](https://github.com/bitnami/charts/issues/18154)
+
+## 2.8.0 (2023-08-07)
+
+* [bitnami/common] Delete app kubernetes version field (#18240) ([5fe3ee4](https://github.com/bitnami/charts/commit/5fe3ee44eed88e9b6843c70cbeb6378194b2276b)), closes [#18240](https://github.com/bitnami/charts/issues/18240)
+
+## 2.7.0 (2023-08-07)
+
+* Add app.kubernetes.io/version based on AppVersion (#18194) ([4f698f8](https://github.com/bitnami/charts/commit/4f698f8ac54fc68cd8dab433b7c2d8ffb77a4067)), closes [#18194](https://github.com/bitnami/charts/issues/18194)
+
+## 2.6.0 (2023-07-04)
+
+* [bitnami/common] Add scope for common.tplvalues.render (#17033) ([daf1b54](https://github.com/bitnami/charts/commit/daf1b5445a5e1c961ab78673899dd8007b4f1000)), closes [#17033](https://github.com/bitnami/charts/issues/17033)
+
+## 2.5.0 (2023-06-30)
+
+* [bitnami/*] Change copyright section in READMEs (#17006) ([ef986a1](https://github.com/bitnami/charts/commit/ef986a1605241102b3dcafe9fd8089e6fc1201ad)), closes [#17006](https://github.com/bitnami/charts/issues/17006)
+* [bitnami/common] Update common.secrets.passwords.manage and common.secrets.lookup (#17397) ([5a73cf1](https://github.com/bitnami/charts/commit/5a73cf19f92b93d88ee766669a947375135db903)), closes [#17397](https://github.com/bitnami/charts/issues/17397)
+* [bitnami/several] Change copyright section in READMEs (#16989) ([5b6a5cf](https://github.com/bitnami/charts/commit/5b6a5cfb7625a751848a2e5cd796bd7278f406ca)), closes [#16989](https://github.com/bitnami/charts/issues/16989)
+* Add copyright header (#17300) ([da68be8](https://github.com/bitnami/charts/commit/da68be8e951225133c7dfb572d5101ca3d61c5ae)), closes [#17300](https://github.com/bitnami/charts/issues/17300)
+* Update charts readme (#17217) ([31b3c0a](https://github.com/bitnami/charts/commit/31b3c0afd968ff4429107e34101f7509e6a0e913)), closes [#17217](https://github.com/bitnami/charts/issues/17217)
+
+## 2.4.0 (2023-05-18)
+
+* [bitnami/common] feat: :sparkles: Add apiVersions for DaemonSet and VPA ([a86cfaf](https://github.com/bitnami/charts/commit/a86cfaf0acb7cc26a7a91256f4b76db8f31797ef))
+
+## 2.3.0 (2023-05-12)
+
+* Add wording for enterprise page (#16560) ([8f22774](https://github.com/bitnami/charts/commit/8f2277440b976d52785ba9149762ad8620a73d1f)), closes [#16560](https://github.com/bitnami/charts/issues/16560)
+* Remove duplicate in image pull secrets (#16529) ([ddfea70](https://github.com/bitnami/charts/commit/ddfea70831875639cb298a555ad6dd5e68f059e4)), closes [#16529](https://github.com/bitnami/charts/issues/16529)
+
+## <small>2.2.6 (2023-05-09)</small>
+
+* [bitnami/several] Adapt Chart.yaml to set desired OCI annotations (#16546) ([fc9b18f](https://github.com/bitnami/charts/commit/fc9b18f2e98805d4df629acbcde696f44f973344)), closes [#16546](https://github.com/bitnami/charts/issues/16546)
+
+## <small>2.2.5 (2023-05-02)</small>
+
+* [bitnami/*] Make Helm charts 100% OCI (#15998) ([8841510](https://github.com/bitnami/charts/commit/884151035efcbf2e1b3206e7def85511073fb57d)), closes [#15998](https://github.com/bitnami/charts/issues/15998)
+* [bitnami/common] Fix typo in README.md to test chart publishing from GitHub (#16143) ([5b05ec3](https://github.com/bitnami/charts/commit/5b05ec32caa73240d38135e19501ab2658397d2e)), closes [#16143](https://github.com/bitnami/charts/issues/16143)
+
+## <small>2.2.4 (2023-03-07)</small>
+
+* [bitnami/*] Fix markdown linter issues (#14874) ([a51e0e8](https://github.com/bitnami/charts/commit/a51e0e8d35495b907f3e70dd2f8e7c3bcbf4166a)), closes [#14874](https://github.com/bitnami/charts/issues/14874)
+* [bitnami/*] Fix markdown linter issues 2 (#14890) ([aa96572](https://github.com/bitnami/charts/commit/aa9657237ee8df4a46db0d7fdf8a23230dd6902a)), closes [#14890](https://github.com/bitnami/charts/issues/14890)
+* [bitnami/common] Allow empty registry name (#15296) ([f13df7b](https://github.com/bitnami/charts/commit/f13df7b00f38e5fce67eab7a1b78afb0b064344e)), closes [#15296](https://github.com/bitnami/charts/issues/15296)
+
+## <small>2.2.3 (2023-02-03)</small>
+
+* [bitnami/*] Add license annotation and remove obsolete engine parameter (#14293) ([da2a794](https://github.com/bitnami/charts/commit/da2a7943bae95b6e9b5b4ed972c15e990b69fdb0)), closes [#14293](https://github.com/bitnami/charts/issues/14293)
+* [bitnami/*] Change copyright date (#14682) ([add4ec7](https://github.com/bitnami/charts/commit/add4ec701108ac36ed4de2dffbdf407a0d091067)), closes [#14682](https://github.com/bitnami/charts/issues/14682)
+* [bitnami/*] Change licenses annotation format (#14377) ([0ab7608](https://github.com/bitnami/charts/commit/0ab760862c660fcc78cffadf8e1d8cdd70881473)), closes [#14377](https://github.com/bitnami/charts/issues/14377)
+* [bitnami/*] Unify READMEs (#14472) ([2064fb8](https://github.com/bitnami/charts/commit/2064fb8dcc78a845cdede8211af8c3cc52551161)), closes [#14472](https://github.com/bitnami/charts/issues/14472)
+* [bitnami/common] chore: Correct common.images.image global in example (#14735) ([69ada7d](https://github.com/bitnami/charts/commit/69ada7da0c9c6b7ce718faef6920c61e3632fd02)), closes [#14735](https://github.com/bitnami/charts/issues/14735)
+
+## <small>2.2.2 (2022-12-12)</small>
+
+* [bitnami/common] resolve namespace using common.names.namespace macro (#13481) ([35b84e8](https://github.com/bitnami/charts/commit/35b84e8ba209681d4f160ca102188af61307fccf)), closes [#13481](https://github.com/bitnami/charts/issues/13481)
+
+## <small>2.2.1 (2022-11-25)</small>
+
+* [bitnami/common] fix common topology key affinity function (#13593) ([f95dec8](https://github.com/bitnami/charts/commit/f95dec803bd138b76d67a296545974c5a644d63e)), closes [#13593](https://github.com/bitnami/charts/issues/13593)
+
+## 2.2.0 (2022-11-14)
+
+* [bitnami/common] affinity topologyKey override (#13435) ([624c14e](https://github.com/bitnami/charts/commit/624c14e7121557e6a29ff0e814cb800c2f3cf619)), closes [#13435](https://github.com/bitnami/charts/issues/13435)
+* [bitnami/common] Fixed naming of common.secrets.passwords.manage function in README (#13250) ([39a8bcb](https://github.com/bitnami/charts/commit/39a8bcbb1b606cc165643ae4ddcdc15f05e91583)), closes [#13250](https://github.com/bitnami/charts/issues/13250)
+
+## <small>2.1.2 (2022-10-31)</small>
+
+* [bitnami/common] Do not explicitly specify namespace in affinity term. (#12932) ([638a48e](https://github.com/bitnami/charts/commit/638a48e4d3ec7b5d160f4b525ec40218512c464b)), closes [#12932](https://github.com/bitnami/charts/issues/12932) [#12668](https://github.com/bitnami/charts/issues/12668)
+
+## <small>2.1.1 (2022-10-27)</small>
+
+* [bitnami/common] Fix appVersion mismatch (#13189) ([42b3b3e](https://github.com/bitnami/charts/commit/42b3b3e6c68e6af8ba19f7ec42be0d71b4c21852)), closes [#13189](https://github.com/bitnami/charts/issues/13189)
+
+## 2.1.0 (2022-10-27)
+
+* [bitnami/common] Add new function 'common.secrets.lookup' (#13150) ([e848934](https://github.com/bitnami/charts/commit/e84893410321b88adbd7d2e40b891685a15ce640)), closes [#13150](https://github.com/bitnami/charts/issues/13150)
+
+## <small>2.0.4 (2022-10-24)</small>
+
+* [bitnami/*] Use new default branch name in links (#12943) ([a529e02](https://github.com/bitnami/charts/commit/a529e02597d49d944eba1eb0f190713293247176)), closes [#12943](https://github.com/bitnami/charts/issues/12943)
+* [bitnami/common] kubernetes.io/tls-acme Ingress annotation triggers IngressTLS array (#13054) ([2008857](https://github.com/bitnami/charts/commit/200885790b34afd6fd04ea45949c887a907b6b38)), closes [#13054](https://github.com/bitnami/charts/issues/13054)
+* [bitnami/common] quote secret value when lookup (#11276) ([c8e3019](https://github.com/bitnami/charts/commit/c8e301965f05996a2ae18e0fc8dbfcbe64428356)), closes [#11276](https://github.com/bitnami/charts/issues/11276)
+
+## <small>2.0.3 (2022-09-12)</small>
+
+* [bitnami/common] Revert changes in HPA context from #12282 (#12372) ([55fdc3a](https://github.com/bitnami/charts/commit/55fdc3aff3e32502abfd8f0607ac2be54e585744)), closes [#12282](https://github.com/bitnami/charts/issues/12282) [#12372](https://github.com/bitnami/charts/issues/12372)
+
+## <small>2.0.2 (2022-09-05)</small>
+
+* fix context for HPA util (#12282) ([ccd54a0](https://github.com/bitnami/charts/commit/ccd54a0d47a96903f499fbcdb52a336863020efe)), closes [#12282](https://github.com/bitnami/charts/issues/12282)
+
+## <small>2.0.1 (2022-08-23)</small>
+
+* [bitnami/common] Digest/Tag new approach backward compatible (#12029) ([f1c27dc](https://github.com/bitnami/charts/commit/f1c27dc5d9540c2ea192abf1245da67f5b4f8916)), closes [#12029](https://github.com/bitnami/charts/issues/12029)
+
+## 2.0.0 (2022-08-18)
+
+* [bitnami/common] MAJOR: Add support for image digest apart from tag (#11830) ([e3fee4e](https://github.com/bitnami/charts/commit/e3fee4e41d34a6584660c3b77b8521922603ccab)), closes [#11830](https://github.com/bitnami/charts/issues/11830)
+
+## <small>1.17.1 (2022-08-18)</small>
+
+* Revert changes from #11797 (#11829) ([22bb033](https://github.com/bitnami/charts/commit/22bb033224176c498920596c8d8b25b5f60a277d)), closes [#11797](https://github.com/bitnami/charts/issues/11797) [#11829](https://github.com/bitnami/charts/issues/11829)
+
+## 1.17.0 (2022-08-18)
+
+* [bitnami/common] Add support for image digest apart from tag (#11797) ([b069345](https://github.com/bitnami/charts/commit/b0693450f653318ac7da64575dac389d7041b69f)), closes [#11797](https://github.com/bitnami/charts/issues/11797)
+
+## <small>1.16.1 (2022-07-13)</small>
+
+* [bitnami/*] Replace Kubeapps URL in READMEs (and kubeapps Chart.yaml) and remove BKPR references (#1 ([c6a7914](https://github.com/bitnami/charts/commit/c6a7914361e5aea6016fb45bf4d621edfd111d32)), closes [#10600](https://github.com/bitnami/charts/issues/10600)
+* [bitnami/common] Affinities section does not use common.names.namespace (#11137) ([b70c24c](https://github.com/bitnami/charts/commit/b70c24c82c7a9112a4288441ad1fa8c035bb68b4)), closes [#11137](https://github.com/bitnami/charts/issues/11137)
+
+## 1.16.0 (2022-06-03)
+
+* [bitnami/common] Add mysql validation (#10565) ([75ae79a](https://github.com/bitnami/charts/commit/75ae79a434137694fd82198abe1f861d6e5a04ba)), closes [#10565](https://github.com/bitnami/charts/issues/10565)
+
+## <small>1.15.2 (2022-06-02)</small>
+
+* Update Redis trademark references ([2cada87](https://github.com/bitnami/charts/commit/2cada87ed4967d5cb578b0409a0bb1edee79029a))
+
+## <small>1.15.1 (2022-06-01)</small>
+
+* [bitnami/several] Replace maintainers email by url (#10523) ([ff3cf61](https://github.com/bitnami/charts/commit/ff3cf617a1680509b0f3855d17c4ccff7b29a0ff)), closes [#10523](https://github.com/bitnami/charts/issues/10523)
+
+## 1.15.0 (2022-06-01)
+
+* Add common function common.names.fullname.namespace (#10462) ([96f447c](https://github.com/bitnami/charts/commit/96f447cd8654b6db51d9301c841bacb3a13089b3)), closes [#10462](https://github.com/bitnami/charts/issues/10462)
+
+## <small>1.14.2 (2022-05-30)</small>
+
+* [bitnami/common] use -d flag for base64 (#10491) ([ca8d588](https://github.com/bitnami/charts/commit/ca8d5886a1bc0fb37d1bc770ad2333acdffd7996)), closes [#10491](https://github.com/bitnami/charts/issues/10491) [#10486](https://github.com/bitnami/charts/issues/10486)
+
+## <small>1.14.1 (2022-05-20)</small>
+
+* Differentiate between autoscaling v1beta1 and v1beta2 (#10331) ([16d8a4e](https://github.com/bitnami/charts/commit/16d8a4ee73705ee6db2191d84e03a2ba3ea95deb)), closes [#10331](https://github.com/bitnami/charts/issues/10331)
+
+## 1.14.0 (2022-05-13)
+
+* [bitnami/common] Add common function for HPA api version (#10174) ([4379ab5](https://github.com/bitnami/charts/commit/4379ab56bd8f4d7f7b7817bf302c683bf9087e81)), closes [#10174](https://github.com/bitnami/charts/issues/10174)
+
+## <small>1.13.1 (2022-04-19)</small>
+
+* Fix affinities identifier in README.md for common chart (#9821) ([fe95640](https://github.com/bitnami/charts/commit/fe95640ce3f5ddfb0458f440959ceda3a849a3a4)), closes [#9821](https://github.com/bitnami/charts/issues/9821)
+
+## 1.13.0 (2022-03-24)
+
+* [bitnami/common] Add apiService.apiVersion function to common.capabilities (#9562) ([bba2272](https://github.com/bitnami/charts/commit/bba227223e15937bb1f29f77425f6bd7d9238c02)), closes [#9562](https://github.com/bitnami/charts/issues/9562)
+
+## 1.12.0 (2022-03-16)
+
+* [bitnami/common] Helper to allow overriding namespace name (#9396) ([794fecb](https://github.com/bitnami/charts/commit/794fecb8cb112e8e5e9d55420451752e8bd21431)), closes [#9396](https://github.com/bitnami/charts/issues/9396)
+
+## <small>1.11.3 (2022-03-03)</small>
+
+* [bitnami/common] Improve docs for passwords.manage (#9269) ([0d06114](https://github.com/bitnami/charts/commit/0d061147a5b7c7cf2bf44d2b61603ffeb48a0b51)), closes [#9269](https://github.com/bitnami/charts/issues/9269)
+
+## <small>1.11.2 (2022-02-28)</small>
+
+* [bitnami/common] README: Fixed the desscription for `common.labels.matchLabels` (#9062) ([7f17db7](https://github.com/bitnami/charts/commit/7f17db7e9bcdd7918bde322b3b76a62c6a86e752)), closes [#9062](https://github.com/bitnami/charts/issues/9062) [bitnami/charts#9060](https://github.com/bitnami/charts/issues/9060) [bitnami/charts#9060](https://github.com/bitnami/charts/issues/9060)
+
+## <small>1.11.1 (2022-02-02)</small>
+
+* [bitnami/common] Improve "common.secrets.passwords.manage" helper (#8861) ([01477b4](https://github.com/bitnami/charts/commit/01477b42f2be362388d69da913879c52f2250ac1)), closes [#8861](https://github.com/bitnami/charts/issues/8861)
+
+## 1.11.0 (2022-02-01)
+
+* [bitnami/common] Add ingress helper to detect cert-manager annotations (#8857) ([c0c986f](https://github.com/bitnami/charts/commit/c0c986f8d5c911c09dc84d289d2993ae1779a6ca)), closes [#8857](https://github.com/bitnami/charts/issues/8857)
+
+## <small>1.10.4 (2022-01-20)</small>
+
+* [bitnami/several] Add license to the README ([05f7633](https://github.com/bitnami/charts/commit/05f763372501d596e57db713dd53ff4ff3027cc4))
+* [bitnami/several] Add license to the README ([32fb238](https://github.com/bitnami/charts/commit/32fb238e60a0affc6debd3142eaa3c3d9089ec2a))
+* [bitnami/several] Add license to the README ([b87c2f7](https://github.com/bitnami/charts/commit/b87c2f7899d48a8b02c506765e6ae82937e9ba3f))
+* [bitnami/several] Change prerequisites (#8725) ([8d740c5](https://github.com/bitnami/charts/commit/8d740c566cfdb7e2d933c40128b4e919fce953a5)), closes [#8725](https://github.com/bitnami/charts/issues/8725)
+
+## <small>1.10.3 (2021-11-29)</small>
+
+* [bitnami/common] fix: :bug: Add extra check for "\"\"" values in existing secrets (#8266) ([de27be6](https://github.com/bitnami/charts/commit/de27be6e649472608f076a04a36be3674fe3b84e)), closes [#8266](https://github.com/bitnami/charts/issues/8266)
+
+## <small>1.10.2 (2021-11-29)</small>
+
+* [bitnami/several] Replace HTTP by HTTPS when possible (#8259) ([eafb5bd](https://github.com/bitnami/charts/commit/eafb5bd5a2cc3aaf04fc1e8ebedd73f420d76864)), closes [#8259](https://github.com/bitnami/charts/issues/8259)
+
+## <small>1.10.1 (2021-10-27)</small>
+
+* [bitnami/*] Mark PodSecurityPolicy resources as deprecated (#7948) ([5cac753](https://github.com/bitnami/charts/commit/5cac7539dcb6c3baef06ed6676bfa99c16fdb5fe)), closes [#7948](https://github.com/bitnami/charts/issues/7948)
+
+## 1.10.0 (2021-09-30)
+
+* [bitnami/common] Add new capability helper for Network Policies (#7658) ([3efb1ca](https://github.com/bitnami/charts/commit/3efb1cac924409cbda3216a2300cce031c56a1f5)), closes [#7658](https://github.com/bitnami/charts/issues/7658)
+
+## <small>1.9.1 (2021-09-22)</small>
+
+* [bitnami/common] fix readme for common chart (#7577) ([3f06bdd](https://github.com/bitnami/charts/commit/3f06bdd8df1c00dbdf27230bcdf925c337826abb)), closes [#7577](https://github.com/bitnami/charts/issues/7577)
+* Fix typo in bitname/common README (#7529) ([fccffb3](https://github.com/bitnami/charts/commit/fccffb33391751a1bf84c53184cffe0dcac83fd6)), closes [#7529](https://github.com/bitnami/charts/issues/7529)
+
+## 1.9.0 (2021-09-13)
+
+* [bitnami/common] Add new dependency fullname template (#7471) ([7ca2a4b](https://github.com/bitnami/charts/commit/7ca2a4bb917ac6a276a6b30be12538f4c7c3a63d)), closes [#7471](https://github.com/bitnami/charts/issues/7471)
+
+## 1.8.0 (2021-08-04)
+
+* Add cronjob apiVersion capability (#7122) ([7b84a67](https://github.com/bitnami/charts/commit/7b84a674ae99fd8ddac3b5b3c859c816b87aaf51)), closes [#7122](https://github.com/bitnami/charts/issues/7122)
+
+## <small>1.7.1 (2021-07-27)</small>
+
+* [bitnami/*] Adapt values.yaml of common library, Tomcat, Wavefront and ZooKeeper charts (#6970) ([fb2693b](https://github.com/bitnami/charts/commit/fb2693bfe67a154b159d3998232cc613e1706c70)), closes [#6970](https://github.com/bitnami/charts/issues/6970)
+* [bitnami/several] Bump version and update READMEs (#7069) ([6340bff](https://github.com/bitnami/charts/commit/6340bff66f93c8c797bda3ca0842e4bf770059f1)), closes [#7069](https://github.com/bitnami/charts/issues/7069)
+* Replace <sup> strings with &trade; in the README files (#7066) ([d298b49](https://github.com/bitnami/charts/commit/d298b4996da33c9580c2594e6dc8ad665dd0ebab)), closes [#7066](https://github.com/bitnami/charts/issues/7066)
+
+## 1.7.0 (2021-07-02)
+
+* [bitnami/common] Add supportIngressClassname (#6828) ([0c8a455](https://github.com/bitnami/charts/commit/0c8a45546a219b4b4cd370daf0643543c92739b0)), closes [#6828](https://github.com/bitnami/charts/issues/6828)
+
+## <small>1.6.1 (2021-06-16)</small>
+
+* [bitnami/common] extend common.labels.matchLabels with .Values.extraMatchLabels (#6589) ([66edf04](https://github.com/bitnami/charts/commit/66edf04e3e244c343a845f9c684edf4c8ea04406)), closes [#6589](https://github.com/bitnami/charts/issues/6589)
+
+## 1.6.0 (2021-06-15)
+
+* bitnami/common: add version detection for policy api (#6662) ([dcacf06](https://github.com/bitnami/charts/commit/dcacf06f6f2b6d622e2226935db22d5b8efa20b3)), closes [#6662](https://github.com/bitnami/charts/issues/6662)
+
+## <small>1.5.2 (2021-05-21)</small>
+
+* [bitnami/common] Update _ingress.tpl (#6437) ([9048150](https://github.com/bitnami/charts/commit/90481508542c4da588e0d71944592e6c4e8d36e4)), closes [#6437](https://github.com/bitnami/charts/issues/6437)
+
+## <small>1.5.1 (2021-05-14)</small>
+
+* Node affinity values must be quoted. (#6348) ([f73efbe](https://github.com/bitnami/charts/commit/f73efbe074436eda6276bbf32c781fa913c6a17a)), closes [#6348](https://github.com/bitnami/charts/issues/6348)
+
+## 1.5.0 (2021-05-13)
+
+* [bitnami/common] pull secrets rendering (#6286) ([dfffe74](https://github.com/bitnami/charts/commit/dfffe74c212a28e27f537dbee54c3b5a81c7d572)), closes [#6286](https://github.com/bitnami/charts/issues/6286)
+
+## <small>1.4.3 (2021-04-26)</small>
+
+* [bitnami/common] Update Redis validation's helper (#6192) ([1e3bf03](https://github.com/bitnami/charts/commit/1e3bf03e3aad56fd4dc159744626e25ec24c5772)), closes [#6192](https://github.com/bitnami/charts/issues/6192)
+
+## <small>1.4.2 (2021-03-25)</small>
+
+* [bitnami/common] Common credential error (#5884) ([328ca86](https://github.com/bitnami/charts/commit/328ca863515f6ef9fe188c71110be7b951719d66)), closes [#5884](https://github.com/bitnami/charts/issues/5884)
+
+## <small>1.4.1 (2021-02-23)</small>
+
+* [bitnami/common] Add possibility to pull images without giving registry name (#5582) ([15ca275](https://github.com/bitnami/charts/commit/15ca27520a16b590101fa39195f55017e2935a90)), closes [#5582](https://github.com/bitnami/charts/issues/5582)
+
+## 1.4.0 (2021-02-22)
+
+* [bitnami/common] Add RBAC/CRD apiVersion support for versions 1.22+ (#5583) ([fda87aa](https://github.com/bitnami/charts/commit/fda87aabcd004f9a67549f5d22d273dd9fff6836)), closes [#5583](https://github.com/bitnami/charts/issues/5583)
+
+## <small>1.3.9 (2021-02-09)</small>
+
+* Add registered icon to all the MongoDB references (#5426) ([56f2088](https://github.com/bitnami/charts/commit/56f20884267e56175695b2917f7704b9510f4ba6)), closes [#5426](https://github.com/bitnami/charts/issues/5426)
+
+## <small>1.3.8 (2021-02-03)</small>
+
+* fix(common): quote namespace name (#5363) ([d27fb5e](https://github.com/bitnami/charts/commit/d27fb5e0b327728bb4304503376aaa4d2ab50619)), closes [#5363](https://github.com/bitnami/charts/issues/5363)
+
+## <small>1.3.7 (2021-01-20)</small>
+
+* [bitnami/*] Change helm version in the prerequisites (#5090) ([c5e67a3](https://github.com/bitnami/charts/commit/c5e67a388743cbee28439d2cabca27884b9daf97)), closes [#5090](https://github.com/bitnami/charts/issues/5090)
+* [bitnami/common] Remove helm version checker from secret helper (#5156) ([20231b1](https://github.com/bitnami/charts/commit/20231b138fae524371e6b29504acd4cbd19ce697)), closes [#5156](https://github.com/bitnami/charts/issues/5156)
+
+## <small>1.3.6 (2021-01-18)</small>
+
+* [bitnami/common] same behavior with empty string when the secret obje… (#5057) ([0bae2bb](https://github.com/bitnami/charts/commit/0bae2bbb9b42c5a8dd2b8a144ffa55ace1c8a936)), closes [#5057](https://github.com/bitnami/charts/issues/5057)
+
+## <small>1.3.5 (2021-01-17)</small>
+
+* [bitnami/common] fix wrong include reference (#5056) ([11efd59](https://github.com/bitnami/charts/commit/11efd59177419d4177e59800f04b4f26ab7243f8)), closes [#5056](https://github.com/bitnami/charts/issues/5056)
+
+## <small>1.3.4 (2021-01-15)</small>
+
+* [bitnami/common] Fix lookup function backward compatibility and README (#5018) ([14a0042](https://github.com/bitnami/charts/commit/14a0042dc90c01fd38f814e1e43559384a3baa9f)), closes [#5018](https://github.com/bitnami/charts/issues/5018)
+
+## <small>1.3.3 (2021-01-14)</small>
+
+* [bitnami/several] Add Redis trademark (#5023) ([dfa89b8](https://github.com/bitnami/charts/commit/dfa89b865989da26a3c73f397fd3c402dd56ebe8)), closes [#5023](https://github.com/bitnami/charts/issues/5023)
+
+## <small>1.3.2 (2021-01-13)</small>
+
+* [bitnami/common] Add missing else statement to ingress apiversion ([22ab07a](https://github.com/bitnami/charts/commit/22ab07ac7d39d4153cc839de2b714086e99cfc04))
+
+## <small>1.3.1 (2021-01-13)</small>
+
+* [bitnami/common] Fix cases where ingress is not at the root (#4984) ([e447d9d](https://github.com/bitnami/charts/commit/e447d9d2205fc3f2f6cd990386a691fd9204b214)), closes [#4984](https://github.com/bitnami/charts/issues/4984)
+
+## 1.3.0 (2021-01-13)
+
+* [bitnami/*] POC Lookup function implementation (#4831) ([240dc1b](https://github.com/bitnami/charts/commit/240dc1bea80a3e121fd595636496d7941bdbc5e0)), closes [#4831](https://github.com/bitnami/charts/issues/4831)
+
+## <small>1.2.3 (2020-12-31)</small>
+
+* [bitnami/common] Fix incorrect backend calculation for networking/v1beta1 ([c59b869](https://github.com/bitnami/charts/commit/c59b86919f47504bc8fd06f75a024f55e58ace77))
+
+## <small>1.2.2 (2020-12-30)</small>
+
+* [bitnami/common] Fix typo in common.capabilities.kubeVersion ([a371b73](https://github.com/bitnami/charts/commit/a371b734b854aa81a7dec16c40d061f5e9a14875))
+
+## <small>1.2.1 (2020-12-30)</small>
+
+* [bitnami/common] Fix issue with global kubeversion calculation ([0bbb339](https://github.com/bitnami/charts/commit/0bbb339d60b41ab978e759863709ebb1451d07a4))
+
+## 1.2.0 (2020-12-30)
+
+* [bitnami/common] Make ingress rules compatible with all Kubernetes versions (#4859) ([2b22a21](https://github.com/bitnami/charts/commit/2b22a217020fe3d16ef98fdcdd4a562c43f9824a)), closes [#4859](https://github.com/bitnami/charts/issues/4859)
+
+## <small>1.1.4 (2020-12-23)</small>
+
+* [bitnami/common] fix: moving kube version comparison (#4804) ([cdb6ae8](https://github.com/bitnami/charts/commit/cdb6ae8f00d114f0998c604416b79f62dc27f19d)), closes [#4804](https://github.com/bitnami/charts/issues/4804)
+
+## <small>1.1.3 (2020-12-18)</small>
+
+* [bitnami/*] fix typos (#4699) ([49adc63](https://github.com/bitnami/charts/commit/49adc63b672da976c55af2e077aa5648a357b77f)), closes [#4699](https://github.com/bitnami/charts/issues/4699)
+* [bitnami/common] Adding networking apiVersion support for versions 1.19+ (#4776) ([5ed8c54](https://github.com/bitnami/charts/commit/5ed8c54f5e0a905effc4c1ae5c4931e6669cec30)), closes [#4776](https://github.com/bitnami/charts/issues/4776)
+
+## <small>1.1.2 (2020-12-11)</small>
+
+* [bitnami/common] Fix node affinity templates (#4692) ([5b51a5c](https://github.com/bitnami/charts/commit/5b51a5c004b062282849a4abaaffd6840bb6c95f)), closes [#4692](https://github.com/bitnami/charts/issues/4692)
+
+## <small>1.1.1 (2020-11-26)</small>
+
+* fix: mongodb validation auth (#4506) ([ca3fdfb](https://github.com/bitnami/charts/commit/ca3fdfbeebeba5bd7dfa4805e1ca2411e5950b09)), closes [#4506](https://github.com/bitnami/charts/issues/4506)
+
+## 1.1.0 (2020-11-26)
+
+* [bitnami/common] Add mongodb validation template (#4497) ([14ece96](https://github.com/bitnami/charts/commit/14ece96c801a7326935b6269423d8854fed3a49e)), closes [#4497](https://github.com/bitnami/charts/issues/4497)
+
+## <small>1.0.1 (2020-11-19)</small>
+
+* [bitnami/common] existingSecret is in auth map (#4389) ([de9b217](https://github.com/bitnami/charts/commit/de9b2177465e1c56ca2aa1c4c486bd37a7104d7a)), closes [#4389](https://github.com/bitnami/charts/issues/4389)
+
+## 1.0.0 (2020-11-10)
+
+* bitnami/common Major version. Adapt Chart to apiVersion: v2 (#4258) ([09dbc45](https://github.com/bitnami/charts/commit/09dbc45d11c5e8fe65d6eb64dbf51571ad2c7464)), closes [#4258](https://github.com/bitnami/charts/issues/4258)
+
+## 0.10.0 (2020-10-27)
+
+* [bitnami/common] feat: add cassandra passwords validations (#4110) ([b4923d4](https://github.com/bitnami/charts/commit/b4923d48018dff1673a32eefcc0d62eb484b36da)), closes [#4110](https://github.com/bitnami/charts/issues/4110)
+
+## 0.9.0 (2020-10-21)
+
+* [bitnami/common] feat: add redis passwords validations (#4070) ([0daa8d5](https://github.com/bitnami/charts/commit/0daa8d580c06e18d94dbc0e88467347a34418596)), closes [#4070](https://github.com/bitnami/charts/issues/4070)
+
+## <small>0.8.2 (2020-10-14)</small>
+
+* [bitnami/common] Allow backward compatibility for existingSecret (#4006) ([aa2b3a1](https://github.com/bitnami/charts/commit/aa2b3a18610c69b2f5c76b839483db43fa3c093c)), closes [#4006](https://github.com/bitnami/charts/issues/4006)
+
+## <small>0.8.1 (2020-10-05)</small>
+
+* [bitnami/common] Fix secret name bug with defaulNameSuffix. (#3888) ([d114d44](https://github.com/bitnami/charts/commit/d114d446ef86cb6e7a72de6542905ec3b07d3684))
+
+## 0.8.0 (2020-10-02)
+
+* [bitnami/common] Add statefulset capabilities and prepare MariaDB passwords validation for new forma ([1eb4436](https://github.com/bitnami/charts/commit/1eb44366a72e39e84e33bed1a4940c1b2c6025fc)), closes [#3859](https://github.com/bitnami/charts/issues/3859)
+
+## <small>0.7.1 (2020-09-22)</small>
+
+* [bitnami/common] fix: evaluate enabled as string (#3733) ([048cdae](https://github.com/bitnami/charts/commit/048cdae5488cfcfe83ec698afaa8318aa3b1d0ca)), closes [#3733](https://github.com/bitnami/charts/issues/3733)
+
+## 0.7.0 (2020-09-22)
+
+* [bitnami/metrics-server] Add source repo (#3577) ([1ed12f9](https://github.com/bitnami/charts/commit/1ed12f96af75322b46afdb2b3d9907c11b13f765)), closes [#3577](https://github.com/bitnami/charts/issues/3577)
+* PoC for pods' affinity (#3713) ([9e6a915](https://github.com/bitnami/charts/commit/9e6a915392979f0c0148875f34cca1c27e399b59)), closes [#3713](https://github.com/bitnami/charts/issues/3713)
+
+## <small>0.6.2 (2020-09-01)</small>
+
+* [bitnami/common] fix: wrong use of append function (#3566) ([c912fd0](https://github.com/bitnami/charts/commit/c912fd0b7378bf2d5d56182e6d2fa6bbd74df46f)), closes [#3566](https://github.com/bitnami/charts/issues/3566)
+
+## <small>0.6.1 (2020-08-31)</small>
+
+* [bitnami/common] fix: mariadb checks secret fields after check enabled (#3565) ([498056a](https://github.com/bitnami/charts/commit/498056ad16a6e89aa3b7cc231da7467ab5bd3986)), closes [#3565](https://github.com/bitnami/charts/issues/3565)
+
+## 0.6.0 (2020-08-19)
+
+* [bitnami/mariadb] Require password option at secret resource (#3411) ([a8d2464](https://github.com/bitnami/charts/commit/a8d24643756470d0280fc585b01397358c1c242d)), closes [#3411](https://github.com/bitnami/charts/issues/3411)
+
+## <small>0.5.2 (2020-08-19)</small>
+
+* [bitnami/common] fix: add global parameters to postgres validation (#3460) ([1c52a2a](https://github.com/bitnami/charts/commit/1c52a2a48ea65024a753eb5b32deadd46650fb18)), closes [#3460](https://github.com/bitnami/charts/issues/3460)
+
+## <small>0.5.1 (2020-08-10)</small>
+
+* fix(common): missing $ in required values helpers (#3376) ([c972152](https://github.com/bitnami/charts/commit/c972152762c14c5ab5e3847a4870f4f4f2a31224)), closes [#3376](https://github.com/bitnami/charts/issues/3376)
+
+## 0.5.0 (2020-08-10)
+
+* [bitnami/common] add psql and mysql required password validations (#3374) ([1a4419e](https://github.com/bitnami/charts/commit/1a4419e15d985f67413beff98c9fc9b9f69108fb)), closes [#3374](https://github.com/bitnami/charts/issues/3374)
+
+## 0.4.0 (2020-08-04)
+
+* [bitnami/*] Fix TL;DR typo in READMEs (#3280) ([3d7ab40](https://github.com/bitnami/charts/commit/3d7ab406fecd64f1af25f53e7d27f03ec95b29a4)), closes [#3280](https://github.com/bitnami/charts/issues/3280)
+* [bitnami/all] Add categories (#3075) ([63bde06](https://github.com/bitnami/charts/commit/63bde066b87a140fab52264d0522401ab3d63509)), closes [#3075](https://github.com/bitnami/charts/issues/3075)
+* Add common helpers to check secrets when upgrade (#3150) ([5a5807c](https://github.com/bitnami/charts/commit/5a5807c1b1db1f2337f6aa5308d3ff73a4329e6a)), closes [#3150](https://github.com/bitnami/charts/issues/3150)
+
+## <small>0.3.1 (2020-06-05)</small>
+
+* [bitnami/several] Fix table rendering in some hubs (#2770) ([fe9fd8c](https://github.com/bitnami/charts/commit/fe9fd8c261195385aae73e165ac6c1a666fef08e)), closes [#2770](https://github.com/bitnami/charts/issues/2770)
+
+## 0.3.0 (2020-06-02)
+
+* [bitnami/common]: add template function for ingress apiVersion (#2732) ([a968a50](https://github.com/bitnami/charts/commit/a968a50916ed9fa6f823a5a3ef6e4b98d615322f)), closes [#2732](https://github.com/bitnami/charts/issues/2732)
+
+## <small>0.2.4 (2020-05-29)</small>
+
+* [bitnami/common] Bump chart version (#2707) ([ff2c37a](https://github.com/bitnami/charts/commit/ff2c37a576191f4523c7f69504aea669ab68aba8)), closes [#2707](https://github.com/bitnami/charts/issues/2707)
+* [bitnami/several] Fix trailing spaces to make helm lint work on all of them (#2705) ([bafba3f](https://github.com/bitnami/charts/commit/bafba3fc8b8949897ad2d99d437bd8fc975223e4)), closes [#2705](https://github.com/bitnami/charts/issues/2705)
+
+## <small>0.2.3 (2020-05-26)</small>
+
+* fix(common): add name attribute to imagePullSecrets helper (#2664) ([1ea21a9](https://github.com/bitnami/charts/commit/1ea21a92a8f44bd0d82d0fd4ed30108a89cf5b34)), closes [#2664](https://github.com/bitnami/charts/issues/2664)
+
+## <small>0.2.2 (2020-05-19)</small>
+
+* update bitnami/common to be compatible with helm v2.12+ (#2615) ([c7751eb](https://github.com/bitnami/charts/commit/c7751eb5764e468e1854b58a1b8491d2b13e0a4a)), closes [#2615](https://github.com/bitnami/charts/issues/2615)
+
+## <small>0.2.1 (2020-05-13)</small>
+
+* bump bitnami/common version number (#2580) ([1bd1e7b](https://github.com/bitnami/charts/commit/1bd1e7bc776614b6ae10f21e9c8b23fe15db5ff4)), closes [#2580](https://github.com/bitnami/charts/issues/2580)
+
+## 0.2.0 (2020-04-17)
+
+* [bitnami/common] add secrets and warnings helpers (#2347) ([a748ff8](https://github.com/bitnami/charts/commit/a748ff82259d6553a0d4ca56ca6d7d050de859f4)), closes [#2347](https://github.com/bitnami/charts/issues/2347)
+
+## <small>0.1.1 (2020-04-08)</small>
+
+* [bitnami/common] bitnami common add values yaml (#2267) ([a88c902](https://github.com/bitnami/charts/commit/a88c90212021771eacc562dd38c04381e2f63d6f)), closes [#2267](https://github.com/bitnami/charts/issues/2267)
+
+## 0.1.0 (2020-04-03)
+
+* [bitnami/common]: add initial functions (#2188) ([9401e13](https://github.com/bitnami/charts/commit/9401e13316992c36b0e33de75d5f249645a2924e)), closes [#2188](https://github.com/bitnami/charts/issues/2188)
diff --git a/kubernetes/common/mongodb/common/Chart.yaml b/kubernetes/common/mongodb/common/Chart.yaml

index 5a844bc..fcdd1d2 100644 (file)
--- a/kubernetes/common/mongodb/common/Chart.yaml
+++ b/kubernetes/common/mongodb/common/Chart.yaml
@@ -1,4 +1,4 @@
-# Copyright VMware, Inc.
+# Copyright Broadcom, Inc. All Rights Reserved.
  # SPDX-License-Identifier: APACHE-2.0
  
  annotations:
@@ -6,10 +6,10 @@ annotations:
    licenses: Apache-2.0
  apiVersion: v2
  # Please make sure that version and appVersion are always the same.
-appVersion: 2.16.1
+appVersion: 2.31.1
  description: A Library Helm Chart for grouping common logic between bitnami charts. This chart is not deployable by itself.
  home: https://bitnami.com
-icon: https://bitnami.com/downloads/logos/bitnami-mark.png
+icon: https://dyltqmyl993wv.cloudfront.net/downloads/logos/bitnami-mark.png
  keywords:
    - common
    - helper
@@ -17,10 +17,10 @@ keywords:
    - function
    - bitnami
  maintainers:
-  - name: VMware, Inc.
+  - name: Broadcom, Inc. All Rights Reserved.
      url: https://github.com/bitnami/charts
  name: common
  sources:
-  - https://github.com/bitnami/charts
+  - https://github.com/bitnami/charts/tree/main/bitnami/common
  type: library
-version: 2.17.0
+version: 2.31.1
diff --git a/kubernetes/common/mongodb/common/README.md b/kubernetes/common/mongodb/common/README.md

index 0d01a1e..2860536 100644 (file)
--- a/kubernetes/common/mongodb/common/README.md
+++ b/kubernetes/common/mongodb/common/README.md
@@ -24,14 +24,12 @@ data:
    myvalue: "Hello World"
  ```
  
-Looking to use our applications in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog.
+Looking to use our applications in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog.
  
  ## Introduction
  
  This chart provides a common template helpers which can be used to develop new charts using [Helm](https://helm.sh) package manager.
  
-Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment and management of Helm Charts in clusters.
-
  ## Prerequisites
  
  - Kubernetes 1.23+
@@ -39,6 +37,152 @@ Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment
  
  ## Parameters
  
+The following table lists the helpers available in the library which are scoped in different sections.
+
+### Affinities
+
+| Helper identifier               | Description                                          | Expected Input                                               |
+| ------------------------------- | ---------------------------------------------------- | ------------------------------------------------------------ |
+| `common.affinities.nodes.soft`  | Return a soft nodeAffinity definition                | `dict "key" "FOO" "values" (list "BAR" "BAZ")`               |
+| `common.affinities.nodes.hard`  | Return a hard nodeAffinity definition                | `dict "key" "FOO" "values" (list "BAR" "BAZ")`               |
+| `common.affinities.nodes`       | Return a nodeAffinity definition                     | `dict "type" "soft" "key" "FOO" "values" (list "BAR" "BAZ")` |
+| `common.affinities.topologyKey` | Return a topologyKey definition                      | `dict "topologyKey" "FOO"`                                   |
+| `common.affinities.pods.soft`   | Return a soft podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $`                         |
+| `common.affinities.pods.hard`   | Return a hard podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $`                         |
+| `common.affinities.pods`        | Return a podAffinity/podAntiAffinity definition      | `dict "type" "soft" "key" "FOO" "values" (list "BAR" "BAZ")` |
+
+### Capabilities
+
+| Helper identifier                                         | Description                                                                                    | Expected Input                          |
+| --------------------------------------------------------- | ---------------------------------------------------------------------------------------------- | --------------------------------------- |
+| `common.capabilities.kubeVersion`                         | Return the target Kubernetes version (using client default if .Values.kubeVersion is not set). | `.` Chart context                       |
+| `common.capabilities.apiVersions.has`                     | Return true if the apiVersion is supported                                                     | `dict "version" "batch/v1" "context" $` |
+| `common.capabilities.job.apiVersion`                      | Return the appropriate apiVersion for job.                                                     | `.` Chart context                       |
+| `common.capabilities.cronjob.apiVersion`                  | Return the appropriate apiVersion for cronjob.                                                 | `.` Chart context                       |
+| `common.capabilities.daemonset.apiVersion`                | Return the appropriate apiVersion for daemonset.                                               | `.` Chart context                       |
+| `common.capabilities.cronjob.apiVersion`                  | Return the appropriate apiVersion for cronjob.                                                 | `.` Chart context                       |
+| `common.capabilities.deployment.apiVersion`               | Return the appropriate apiVersion for deployment.                                              | `.` Chart context                       |
+| `common.capabilities.statefulset.apiVersion`              | Return the appropriate apiVersion for statefulset.                                             | `.` Chart context                       |
+| `common.capabilities.ingress.apiVersion`                  | Return the appropriate apiVersion for ingress.                                                 | `.` Chart context                       |
+| `common.capabilities.rbac.apiVersion`                     | Return the appropriate apiVersion for RBAC resources.                                          | `.` Chart context                       |
+| `common.capabilities.crd.apiVersion`                      | Return the appropriate apiVersion for CRDs.                                                    | `.` Chart context                       |
+| `common.capabilities.policy.apiVersion`                   | Return the appropriate apiVersion for podsecuritypolicy.                                       | `.` Chart context                       |
+| `common.capabilities.networkPolicy.apiVersion`            | Return the appropriate apiVersion for networkpolicy.                                           | `.` Chart context                       |
+| `common.capabilities.apiService.apiVersion`               | Return the appropriate apiVersion for APIService.                                              | `.` Chart context                       |
+| `common.capabilities.hpa.apiVersion`                      | Return the appropriate apiVersion for Horizontal Pod Autoscaler                                | `.` Chart context                       |
+| `common.capabilities.vpa.apiVersion`                      | Return the appropriate apiVersion for Vertical Pod Autoscaler.                                 | `.` Chart context                       |
+| `common.capabilities.psp.supported`                       | Returns true if PodSecurityPolicy is supported                                                 | `.` Chart context                       |
+| `common.capabilities.supportsHelmVersion`                 | Returns true if the used Helm version is 3.3+                                                  | `.` Chart context                       |
+| `common.capabilities.admissionConfiguration.supported`    | Returns true if AdmissionConfiguration is supported                                            | `.` Chart context                       |
+| `common.capabilities.admissionConfiguration.apiVersion`   | Return the appropriate apiVersion for AdmissionConfiguration.                                  | `.` Chart context                       |
+| `common.capabilities.podSecurityConfiguration.apiVersion` | Return the appropriate apiVersion for PodSecurityConfiguration.                                | `.` Chart context                       |
+
+### Compatibility
+
+| Helper identifier                            | Description                                                                                                                                                                                                                           | Expected Input                                                   |
+| -------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------- |
+| `common.compatibility.isOpenshift`           | Return true if the detected platform is Openshift                                                                                                                                                                                     | `.` Chart context                                                |
+| `common.compatibility.renderSecurityContext` | Render a compatible securityContext depending on the platform. By default it is maintained as it is. In other platforms like Openshift we remove default user/group values that do not work out of the box with the restricted-v1 SCC | `dict "secContext" .Values.containerSecurityContext "context" $` |
+
+### Errors
+
+| Helper identifier                       | Description                                                                                                                                                            | Expected Input                                                                      |
+| --------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------- |
+| `common.errors.upgrade.passwords.empty` | It will ensure required passwords are given when we are upgrading a chart. If `validationErrors` is not empty it will throw an error and will stop the upgrade action. | `dict "validationErrors" (list $validationError00 $validationError01)  "context" $` |
+| `common.errors.insecureImages`          | Throw error when original container images are replaced. The error can be bypassed by setting the `global.security.allowInsecureImages` to true.                       | `dict "images" (list .Values.path.to.the.imageRoot) "context" $`                    |
+
+### Images
+
+| Helper identifier                 | Description                                                                                                    | Expected Input                                                                                               |
+| --------------------------------- | -------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------ |
+| `common.images.image`             | Return the proper and full image name                                                                          | `dict "imageRoot" .Values.path.to.the.image "global" $`, see [ImageRoot](#imageroot) for the structure.      |
+| `common.images.pullSecrets`       | Return the proper Docker Image Registry Secret Names (deprecated: use common.images.renderPullSecrets instead) | `dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "global" .Values.global`        |
+| `common.images.renderPullSecrets` | Return the proper Docker Image Registry Secret Names (evaluates values as templates)                           | `dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "context" $`                    |
+| `common.images.version`           | Return the proper image version                                                                                | `dict "imageRoot" .Values.path.to.the.image "chart" .Chart` , see [ImageRoot](#imageroot) for the structure. |
+
+### Ingress
+
+| Helper identifier                         | Description                                                                                                       | Expected Input                                                                                                                                                                   |
+| ----------------------------------------- | ----------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `common.ingress.backend`                  | Generate a proper Ingress backend entry depending on the API version                                              | `dict "serviceName" "foo" "servicePort" "bar"`, see the [Ingress deprecation notice](https://kubernetes.io/blog/2019/07/18/api-deprecations-in-1-16/) for the syntax differences |
+| `common.ingress.supportsPathType`         | Prints "true" if the pathType field is supported                                                                  | `.` Chart context                                                                                                                                                                |
+| `common.ingress.supportsIngressClassname` | Prints "true" if the ingressClassname field is supported                                                          | `.` Chart context                                                                                                                                                                |
+| `common.ingress.certManagerRequest`       | Prints "true" if required cert-manager annotations for TLS signed certificates are set in the Ingress annotations | `dict "annotations" .Values.path.to.the.ingress.annotations`                                                                                                                     |
+
+### Labels
+
+| Helper identifier           | Description                                                                 | Expected Input    |
+| --------------------------- | --------------------------------------------------------------------------- | ----------------- |
+| `common.labels.standard`    | Return Kubernetes standard labels                                           | `.` Chart context |
+| `common.labels.matchLabels` | Labels to use on `deploy.spec.selector.matchLabels` and `svc.spec.selector` | `.` Chart context |
+
+### Names
+
+| Helper identifier                  | Description                                                           | Expected Input                                                                                |
+| ---------------------------------- | --------------------------------------------------------------------- | --------------------------------------------------------------------------------------------- |
+| `common.names.name`                | Expand the name of the chart or use `.Values.nameOverride`            | `.` Chart context                                                                             |
+| `common.names.fullname`            | Create a default fully qualified app name.                            | `.` Chart context                                                                             |
+| `common.names.namespace`           | Allow the release namespace to be overridden                          | `.` Chart context                                                                             |
+| `common.names.fullname.namespace`  | Create a fully qualified app name adding the installation's namespace | `.` Chart context                                                                             |
+| `common.names.chart`               | Chart name plus version                                               | `.` Chart context                                                                             |
+| `common.names.dependency.fullname` | Create a default fully qualified dependency name.                     | `dict "chartName" "dependency-chart-name" "chartValues" .Values.dependency-chart "context" $` |
+
+### Resources
+
+| Helper identifier         | Description                                                                                                                                 | Expected Input       |
+| ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | -------------------- |
+| `common.resources.preset` | Return a resource request/limit object based on a given preset. These presets are for basic testing and not meant to be used in production. | `dict "type" "nano"` |
+
+### Secrets
+
+| Helper identifier                 | Description                                                                            | Expected Input                                                                                                                                                                                                                                                                   |
+| --------------------------------- | -------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `common.secrets.name`             | Generate the name of the secret.                                                       | `dict "existingSecret" .Values.path.to.the.existingSecret "defaultNameSuffix" "mySuffix" "context" $` see [ExistingSecret](#existingsecret) for the structure.                                                                                                                   |
+| `common.secrets.key`              | Generate secret key.                                                                   | `dict "existingSecret" .Values.path.to.the.existingSecret "key" "keyName"` see [ExistingSecret](#existingsecret) for the structure.                                                                                                                                              |
+| `common.secrets.passwords.manage` | Generate secret password or retrieve one if already created.                           | `dict "secret" "secret-name" "key" "keyName" "providedValues" (list "path.to.password1" "path.to.password2") "length" 10 "strong" false "chartName" "chartName" "honorProvidedValues" false "context" $`, length, strong, honorProvidedValues and chartName fields are optional. |
+| `common.secrets.exists`           | Returns whether a previous generated secret already exists.                            | `dict "secret" "secret-name" "context" $`                                                                                                                                                                                                                                        |
+| `common.secrets.lookup`           | Reuses the value from an existing secret, otherwise sets its value to a default value. | `dict "secret" "secret-name" "key" "keyName" "defaultValue" .Values.myValue "context" $`                                                                                                                                                                                         |
+
+### Storage
+
+| Helper identifier      | Description                      | Expected Input                                                                                                      |
+| ---------------------- | -------------------------------- | ------------------------------------------------------------------------------------------------------------------- |
+| `common.storage.class` | Return  the proper Storage Class | `dict "persistence" .Values.path.to.the.persistence "global" $`, see [Persistence](#persistence) for the structure. |
+
+### TplValues
+
+| Helper identifier                  | Description                                                         | Expected Input                                                                                                                                           |
+| ---------------------------------- | ------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `common.tplvalues.render`          | Renders a value that contains template                              | `dict "value" .Values.path.to.the.Value "context" $`, value is the value should rendered as template, context frequently is the chart context `$` or `.` |
+| `common.tplvalues.merge`           | Merge a list of values that contains template after rendering them. | `dict "values" (list .Values.path.to.the.Value1 .Values.path.to.the.Value2) "context" $`                                                                 |
+| `common.tplvalues.merge-overwrite` | Merge a list of values that contains template after rendering them. | `dict "values" (list .Values.path.to.the.Value1 .Values.path.to.the.Value2) "context" $`                                                                 |
+
+### Utils
+
+| Helper identifier               | Description                                                                                                                                     | Expected Input                                                         |
+| ------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------- |
+| `common.utils.fieldToEnvVar`    | Build environment variable name given a field.                                                                                                  | `dict "field" "my-password"`                                           |
+| `common.utils.secret.getvalue`  | Print instructions to get a secret value.                                                                                                       | `dict "secret" "secret-name" "field" "secret-value-field" "context" $` |
+| `common.utils.getValueFromKey`  | Gets a value from `.Values` object given its key path                                                                                           | `dict "key" "path.to.key" "context" $`                                 |
+| `common.utils.getKeyFromList`   | Returns first `.Values` key with a defined value or first of the list if all non-defined                                                        | `dict "keys" (list "path.to.key1" "path.to.key2") "context" $`         |
+| `common.utils.checksumTemplate` | Checksum a template at "path" containing a *single* resource (ConfigMap,Secret) for use in pod annotations, excluding the metadata (see #18376) | `dict "path" "/configmap.yaml" "context" $`                            |
+
+### Validations
+
+| Helper identifier                             | Description                                                                                                        | Expected Input                                                                                                                                                                                                                                                           |
+| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
+| `common.validations.values.single.empty`      | Validate a value must not be empty.                                                                                | `dict "valueKey" "path.to.value" "secret" "secret.name" "field" "my-password" "subchart" "subchart" "context" $` secret, field and subchart are optional. In case they are given, the helper will generate a how to get instruction. See [ValidateValue](#validatevalue) |
+| `common.validations.values.multiple.empty`    | Validate a multiple values must not be empty. It returns a shared error for all the values.                        | `dict "required" (list $validateValueConf00 $validateValueConf01) "context" $`. See [ValidateValue](#validatevalue)                                                                                                                                                      |
+| `common.validations.values.mariadb.passwords` | This helper will ensure required password for MariaDB are not empty. It returns a shared error for all the values. | `dict "secret" "mariadb-secret" "subchart" "true" "context" $` subchart field is optional and could be true or false it depends on where you will use mariadb chart and the helper.                                                                                      |
+
+### Warnings
+
+| Helper identifier                | Description                                                       | Expected Input                                             |
+| -------------------------------- | ----------------------------------------------------------------- | ---------------------------------------------------------- |
+| `common.warnings.rollingTag`     | Warning about using rolling tag.                                  | `ImageRoot` see [ImageRoot](#imageroot) for the structure. |
+| `common.warnings.modifiedImages` | Warning about replaced images from the original.                  | `ImageRoot` see [ImageRoot](#imageroot) for the structure. |
+| `common.warnings.resources`      | Warning about not setting the resource object in all deployments. | `dict "sections" (list "path1" "path2") context $`         |
+
  ## Special input schemas
  
  ### ImageRoot
@@ -61,7 +205,7 @@ tag:
  
  pullPolicy:
    type: string
-  description: Specify a imagePullPolicy. Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
+  description: Specify a imagePullPolicy.'
  
  pullSecrets:
    type: array
@@ -214,13 +358,13 @@ helm install test mychart --set path.to.value00="",path.to.value01=""
  
  #### Useful links
  
-- <https://docs.bitnami.com/tutorials/resolve-helm2-helm3-post-migration-issues/>
+- <https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-resolve-helm2-helm3-post-migration-issues-index.html>
  - <https://helm.sh/docs/topics/v2_v3_migration/>
  - <https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/>
  
  ## License
  
-Copyright &copy; 2024 Broadcom. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries.
+Copyright &copy; 2025 Broadcom. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries.
  
  Licensed under the Apache License, Version 2.0 (the "License");
  you may not use this file except in compliance with the License.
diff --git a/kubernetes/common/mongodb/common/templates/_affinities.tpl b/kubernetes/common/mongodb/common/templates/_affinities.tpl

index e85b1df..c6ccc62 100644 (file)
--- a/kubernetes/common/mongodb/common/templates/_affinities.tpl
+++ b/kubernetes/common/mongodb/common/templates/_affinities.tpl
@@ -1,5 +1,5 @@
  {{/*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -60,13 +60,14 @@ Return a topologyKey definition
  
  {{/*
  Return a soft podAffinity/podAntiAffinity definition
-{{ include "common.affinities.pods.soft" (dict "component" "FOO" "customLabels" .Values.podLabels "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "extraPodAffinityTerms" .Values.extraPodAffinityTerms "context" $) -}}
+{{ include "common.affinities.pods.soft" (dict "component" "FOO" "customLabels" .Values.podLabels "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "extraPodAffinityTerms" .Values.extraPodAffinityTerms "extraNamespaces" (list "namespace1" "namespace2") "context" $) -}}
  */}}
  {{- define "common.affinities.pods.soft" -}}
  {{- $component := default "" .component -}}
  {{- $customLabels := default (dict) .customLabels -}}
  {{- $extraMatchLabels := default (dict) .extraMatchLabels -}}
  {{- $extraPodAffinityTerms := default (list) .extraPodAffinityTerms -}}
+{{- $extraNamespaces := default (list) .extraNamespaces -}}
  preferredDuringSchedulingIgnoredDuringExecution:
    - podAffinityTerm:
        labelSelector:
@@ -77,6 +78,13 @@ preferredDuringSchedulingIgnoredDuringExecution:
            {{- range $key, $value := $extraMatchLabels }}
            {{ $key }}: {{ $value | quote }}
            {{- end }}
+      {{- if $extraNamespaces }}
+      namespaces:
+        - {{ .context.Release.Namespace }}
+        {{- with $extraNamespaces }}
+        {{- include "common.tplvalues.render" (dict "value" . "context" $) | nindent 8 }}
+        {{- end }}
+      {{- end }}
        topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }}
      weight: 1
    {{- range $extraPodAffinityTerms }}
@@ -89,6 +97,13 @@ preferredDuringSchedulingIgnoredDuringExecution:
            {{- range $key, $value := .extraMatchLabels }}
            {{ $key }}: {{ $value | quote }}
            {{- end }}
+      {{- if .namespaces }}
+      namespaces:
+        - {{ $.context.Release.Namespace }}
+        {{- with .namespaces }}
+        {{- include "common.tplvalues.render" (dict "value" . "context" $) | nindent 8 }}
+        {{- end }}
+      {{- end }}
        topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }}
      weight: {{ .weight | default 1 -}}
    {{- end -}}
@@ -96,13 +111,14 @@ preferredDuringSchedulingIgnoredDuringExecution:
  
  {{/*
  Return a hard podAffinity/podAntiAffinity definition
-{{ include "common.affinities.pods.hard" (dict "component" "FOO" "customLabels" .Values.podLabels "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "extraPodAffinityTerms" .Values.extraPodAffinityTerms "context" $) -}}
+{{ include "common.affinities.pods.hard" (dict "component" "FOO" "customLabels" .Values.podLabels "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "extraPodAffinityTerms" .Values.extraPodAffinityTerms "extraNamespaces" (list "namespace1" "namespace2") "context" $) -}}
  */}}
  {{- define "common.affinities.pods.hard" -}}
  {{- $component := default "" .component -}}
  {{- $customLabels := default (dict) .customLabels -}}
  {{- $extraMatchLabels := default (dict) .extraMatchLabels -}}
  {{- $extraPodAffinityTerms := default (list) .extraPodAffinityTerms -}}
+{{- $extraNamespaces := default (list) .extraNamespaces -}}
  requiredDuringSchedulingIgnoredDuringExecution:
    - labelSelector:
        matchLabels: {{- (include "common.labels.matchLabels" ( dict "customLabels" $customLabels "context" .context )) | nindent 8 }}
@@ -112,6 +128,13 @@ requiredDuringSchedulingIgnoredDuringExecution:
          {{- range $key, $value := $extraMatchLabels }}
          {{ $key }}: {{ $value | quote }}
          {{- end }}
+    {{- if $extraNamespaces }}
+    namespaces:
+      - {{ .context.Release.Namespace }}
+      {{- with $extraNamespaces }}
+      {{- include "common.tplvalues.render" (dict "value" . "context" $) | nindent 6 }}
+      {{- end }}
+    {{- end }}
      topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }}
    {{- range $extraPodAffinityTerms }}
    - labelSelector:
@@ -122,6 +145,13 @@ requiredDuringSchedulingIgnoredDuringExecution:
          {{- range $key, $value := .extraMatchLabels }}
          {{ $key }}: {{ $value | quote }}
          {{- end }}
+    {{- if .namespaces }}
+    namespaces:
+      - {{ $.context.Release.Namespace }}
+      {{- with .namespaces }}
+      {{- include "common.tplvalues.render" (dict "value" . "context" $) | nindent 6 }}
+      {{- end }}
+    {{- end }}
      topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }}
    {{- end -}}
  {{- end -}}
diff --git a/kubernetes/common/mongodb/common/templates/_capabilities.tpl b/kubernetes/common/mongodb/common/templates/_capabilities.tpl

index 115674a..6efde9d 100644 (file)
--- a/kubernetes/common/mongodb/common/templates/_capabilities.tpl
+++ b/kubernetes/common/mongodb/common/templates/_capabilities.tpl
@@ -1,5 +1,5 @@
  {{/*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -9,14 +9,20 @@ SPDX-License-Identifier: APACHE-2.0
  Return the target Kubernetes version
  */}}
  {{- define "common.capabilities.kubeVersion" -}}
-{{- if .Values.global }}
-    {{- if .Values.global.kubeVersion }}
-    {{- .Values.global.kubeVersion -}}
-    {{- else }}
-    {{- default .Capabilities.KubeVersion.Version .Values.kubeVersion -}}
-    {{- end -}}
-{{- else }}
-{{- default .Capabilities.KubeVersion.Version .Values.kubeVersion -}}
+{{- default (default .Capabilities.KubeVersion.Version .Values.kubeVersion) ((.Values.global).kubeVersion) -}}
+{{- end -}}
+
+{{/*
+Return true if the apiVersion is supported
+Usage:
+{{ include "common.capabilities.apiVersions.has" (dict "version" "batch/v1" "context" $) }}
+*/}}
+{{- define "common.capabilities.apiVersions.has" -}}
+{{- $providedAPIVersions := default .context.Values.apiVersions ((.context.Values.global).apiVersions) -}}
+{{- if and (empty $providedAPIVersions) (.context.Capabilities.APIVersions.Has .version) -}}
+    {{- true -}}
+{{- else if has .version $providedAPIVersions -}}
+    {{- true -}}
  {{- end -}}
  {{- end -}}
  
@@ -24,151 +30,96 @@ Return the target Kubernetes version
  Return the appropriate apiVersion for poddisruptionbudget.
  */}}
  {{- define "common.capabilities.policy.apiVersion" -}}
-{{- if semverCompare "<1.21-0" (include "common.capabilities.kubeVersion" .) -}}
-{{- print "policy/v1beta1" -}}
-{{- else -}}
  {{- print "policy/v1" -}}
  {{- end -}}
-{{- end -}}
  
  {{/*
  Return the appropriate apiVersion for networkpolicy.
  */}}
  {{- define "common.capabilities.networkPolicy.apiVersion" -}}
-{{- if semverCompare "<1.7-0" (include "common.capabilities.kubeVersion" .) -}}
-{{- print "extensions/v1beta1" -}}
-{{- else -}}
  {{- print "networking.k8s.io/v1" -}}
  {{- end -}}
+
+{{/*
+Return the appropriate apiVersion for job.
+*/}}
+{{- define "common.capabilities.job.apiVersion" -}}
+{{- print "batch/v1" -}}
  {{- end -}}
  
  {{/*
  Return the appropriate apiVersion for cronjob.
  */}}
  {{- define "common.capabilities.cronjob.apiVersion" -}}
-{{- if semverCompare "<1.21-0" (include "common.capabilities.kubeVersion" .) -}}
-{{- print "batch/v1beta1" -}}
-{{- else -}}
  {{- print "batch/v1" -}}
  {{- end -}}
-{{- end -}}
  
  {{/*
  Return the appropriate apiVersion for daemonset.
  */}}
  {{- define "common.capabilities.daemonset.apiVersion" -}}
-{{- if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}}
-{{- print "extensions/v1beta1" -}}
-{{- else -}}
  {{- print "apps/v1" -}}
  {{- end -}}
-{{- end -}}
  
  {{/*
  Return the appropriate apiVersion for deployment.
  */}}
  {{- define "common.capabilities.deployment.apiVersion" -}}
-{{- if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}}
-{{- print "extensions/v1beta1" -}}
-{{- else -}}
  {{- print "apps/v1" -}}
  {{- end -}}
-{{- end -}}
  
  {{/*
  Return the appropriate apiVersion for statefulset.
  */}}
  {{- define "common.capabilities.statefulset.apiVersion" -}}
-{{- if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}}
-{{- print "apps/v1beta1" -}}
-{{- else -}}
  {{- print "apps/v1" -}}
  {{- end -}}
-{{- end -}}
  
  {{/*
  Return the appropriate apiVersion for ingress.
  */}}
  {{- define "common.capabilities.ingress.apiVersion" -}}
-{{- if .Values.ingress -}}
-{{- if .Values.ingress.apiVersion -}}
-{{- .Values.ingress.apiVersion -}}
-{{- else if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}}
-{{- print "extensions/v1beta1" -}}
-{{- else if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}}
-{{- print "networking.k8s.io/v1beta1" -}}
-{{- else -}}
-{{- print "networking.k8s.io/v1" -}}
-{{- end }}
-{{- else if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}}
-{{- print "extensions/v1beta1" -}}
-{{- else if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}}
-{{- print "networking.k8s.io/v1beta1" -}}
-{{- else -}}
  {{- print "networking.k8s.io/v1" -}}
  {{- end -}}
-{{- end -}}
  
  {{/*
  Return the appropriate apiVersion for RBAC resources.
  */}}
  {{- define "common.capabilities.rbac.apiVersion" -}}
-{{- if semverCompare "<1.17-0" (include "common.capabilities.kubeVersion" .) -}}
-{{- print "rbac.authorization.k8s.io/v1beta1" -}}
-{{- else -}}
  {{- print "rbac.authorization.k8s.io/v1" -}}
  {{- end -}}
-{{- end -}}
  
  {{/*
  Return the appropriate apiVersion for CRDs.
  */}}
  {{- define "common.capabilities.crd.apiVersion" -}}
-{{- if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}}
-{{- print "apiextensions.k8s.io/v1beta1" -}}
-{{- else -}}
  {{- print "apiextensions.k8s.io/v1" -}}
  {{- end -}}
-{{- end -}}
  
  {{/*
  Return the appropriate apiVersion for APIService.
  */}}
  {{- define "common.capabilities.apiService.apiVersion" -}}
-{{- if semverCompare "<1.10-0" (include "common.capabilities.kubeVersion" .) -}}
-{{- print "apiregistration.k8s.io/v1beta1" -}}
-{{- else -}}
  {{- print "apiregistration.k8s.io/v1" -}}
  {{- end -}}
-{{- end -}}
  
  {{/*
  Return the appropriate apiVersion for Horizontal Pod Autoscaler.
  */}}
  {{- define "common.capabilities.hpa.apiVersion" -}}
-{{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .context) -}}
-{{- if .beta2 -}}
-{{- print "autoscaling/v2beta2" -}}
-{{- else -}}
-{{- print "autoscaling/v2beta1" -}}
-{{- end -}}
-{{- else -}}
+{{- $kubeVersion := include "common.capabilities.kubeVersion" .context -}}
  {{- print "autoscaling/v2" -}}
  {{- end -}}
-{{- end -}}
  
  {{/*
  Return the appropriate apiVersion for Vertical Pod Autoscaler.
  */}}
  {{- define "common.capabilities.vpa.apiVersion" -}}
-{{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .context) -}}
-{{- if .beta2 -}}
-{{- print "autoscaling/v2beta2" -}}
+{{- $kubeVersion := include "common.capabilities.kubeVersion" .context -}}
+{{- if and (not (empty $kubeVersion)) (semverCompare "<1.25-0" $kubeVersion) -}}
+{{- print "autoscaling/v1beta2" -}}
  {{- else -}}
-{{- print "autoscaling/v2beta1" -}}
-{{- end -}}
-{{- else -}}
-{{- print "autoscaling/v2" -}}
+{{- print "autoscaling/v1" -}}
  {{- end -}}
  {{- end -}}
  
@@ -176,7 +127,8 @@ Return the appropriate apiVersion for Vertical Pod Autoscaler.
  Returns true if PodSecurityPolicy is supported
  */}}
  {{- define "common.capabilities.psp.supported" -}}
-{{- if semverCompare "<1.25-0" (include "common.capabilities.kubeVersion" .) -}}
+{{- $kubeVersion := include "common.capabilities.kubeVersion" . -}}
+{{- if or (empty $kubeVersion) (semverCompare "<1.25-0" $kubeVersion) -}}
    {{- true -}}
  {{- end -}}
  {{- end -}}
@@ -185,18 +137,16 @@ Returns true if PodSecurityPolicy is supported
  Returns true if AdmissionConfiguration is supported
  */}}
  {{- define "common.capabilities.admissionConfiguration.supported" -}}
-{{- if semverCompare ">=1.23-0" (include "common.capabilities.kubeVersion" .) -}}
+{{- $kubeVersion := include "common.capabilities.kubeVersion" . -}}
    {{- true -}}
  {{- end -}}
-{{- end -}}
  
  {{/*
  Return the appropriate apiVersion for AdmissionConfiguration.
  */}}
  {{- define "common.capabilities.admissionConfiguration.apiVersion" -}}
-{{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) -}}
-{{- print "apiserver.config.k8s.io/v1alpha1" -}}
-{{- else if semverCompare "<1.25-0" (include "common.capabilities.kubeVersion" .) -}}
+{{- $kubeVersion := include "common.capabilities.kubeVersion" . -}}
+{{- if and (not (empty $kubeVersion)) (semverCompare "<1.25-0" $kubeVersion) -}}
  {{- print "apiserver.config.k8s.io/v1beta1" -}}
  {{- else -}}
  {{- print "apiserver.config.k8s.io/v1" -}}
@@ -207,9 +157,8 @@ Return the appropriate apiVersion for AdmissionConfiguration.
  Return the appropriate apiVersion for PodSecurityConfiguration.
  */}}
  {{- define "common.capabilities.podSecurityConfiguration.apiVersion" -}}
-{{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) -}}
-{{- print "pod-security.admission.config.k8s.io/v1alpha1" -}}
-{{- else if semverCompare "<1.25-0" (include "common.capabilities.kubeVersion" .) -}}
+{{- $kubeVersion := include "common.capabilities.kubeVersion" . -}}
+{{- if and (not (empty $kubeVersion)) (semverCompare "<1.25-0" $kubeVersion) -}}
  {{- print "pod-security.admission.config.k8s.io/v1beta1" -}}
  {{- else -}}
  {{- print "pod-security.admission.config.k8s.io/v1" -}}
diff --git a/kubernetes/common/mongodb/common/templates/_compatibility.tpl b/kubernetes/common/mongodb/common/templates/_compatibility.tpl

new file mode 100644 (file)

index 0000000..87343ca
--- /dev/null
+++ b/kubernetes/common/mongodb/common/templates/_compatibility.tpl
@@ -0,0 +1,46 @@
+{{/*
+Copyright Broadcom, Inc. All Rights Reserved.
+SPDX-License-Identifier: APACHE-2.0
+*/}}
+
+{{/* vim: set filetype=mustache: */}}
+
+{{/*
+Return true if the detected platform is Openshift
+Usage:
+{{- include "common.compatibility.isOpenshift" . -}}
+*/}}
+{{- define "common.compatibility.isOpenshift" -}}
+{{- if .Capabilities.APIVersions.Has "security.openshift.io/v1" -}}
+{{- true -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Render a compatible securityContext depending on the platform. By default it is maintained as it is. In other platforms like Openshift we remove default user/group values that do not work out of the box with the restricted-v1 SCC
+Usage:
+{{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.containerSecurityContext "context" $) -}}
+*/}}
+{{- define "common.compatibility.renderSecurityContext" -}}
+{{- $adaptedContext := .secContext -}}
+
+{{- if (((.context.Values.global).compatibility).openshift) -}}
+  {{- if or (eq .context.Values.global.compatibility.openshift.adaptSecurityContext "force") (and (eq .context.Values.global.compatibility.openshift.adaptSecurityContext "auto") (include "common.compatibility.isOpenshift" .context)) -}}
+    {{/* Remove incompatible user/group values that do not work in Openshift out of the box */}}
+    {{- $adaptedContext = omit $adaptedContext "fsGroup" "runAsUser" "runAsGroup" -}}
+    {{- if not .secContext.seLinuxOptions -}}
+    {{/* If it is an empty object, we remove it from the resulting context because it causes validation issues */}}
+    {{- $adaptedContext = omit $adaptedContext "seLinuxOptions" -}}
+    {{- end -}}
+  {{- end -}}
+{{- end -}}
+{{/* Remove empty seLinuxOptions object if global.compatibility.omitEmptySeLinuxOptions is set to true */}}
+{{- if and (((.context.Values.global).compatibility).omitEmptySeLinuxOptions) (not .secContext.seLinuxOptions) -}}
+  {{- $adaptedContext = omit $adaptedContext "seLinuxOptions" -}}
+{{- end -}}
+{{/* Remove fields that are disregarded when running the container in privileged mode */}}
+{{- if $adaptedContext.privileged -}}
+  {{- $adaptedContext = omit $adaptedContext "capabilities" -}}
+{{- end -}}
+{{- omit $adaptedContext "enabled" | toYaml -}}
+{{- end -}}
diff --git a/kubernetes/common/mongodb/common/templates/_errors.tpl b/kubernetes/common/mongodb/common/templates/_errors.tpl

index 07ded6f..95b8b8e 100644 (file)
--- a/kubernetes/common/mongodb/common/templates/_errors.tpl
+++ b/kubernetes/common/mongodb/common/templates/_errors.tpl
@@ -1,11 +1,11 @@
  {{/*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
  {{/* vim: set filetype=mustache: */}}
  {{/*
-Through error when upgrading using empty passwords values that must not be empty.
+Throw error when upgrading using empty passwords values that must not be empty.
  
  Usage:
  {{- $validationError00 := include "common.validations.values.single.empty" (dict "valueKey" "path.to.password00" "secret" "secretName" "field" "password-00") -}}
@@ -26,3 +26,60 @@ Required password params:
      {{- printf $errorString $validationErrors | fail -}}
    {{- end -}}
  {{- end -}}
+
+{{/*
+Throw error when original container images are replaced.
+The error can be bypassed by setting the "global.security.allowInsecureImages" to true. In this case,
+a warning message will be shown instead.
+
+Usage:
+{{ include "common.errors.insecureImages" (dict "images" (list .Values.path.to.the.imageRoot) "context" $) }}
+*/}}
+{{- define "common.errors.insecureImages" -}}
+{{- $relocatedImages := list -}}
+{{- $replacedImages := list -}}
+{{- $retaggedImages := list -}}
+{{- $globalRegistry := ((.context.Values.global).imageRegistry) -}}
+{{- $originalImages := .context.Chart.Annotations.images -}}
+{{- range .images -}}
+  {{- $registryName := default .registry $globalRegistry -}}
+  {{- $fullImageNameNoTag := printf "%s/%s" $registryName .repository -}}
+  {{- $fullImageName := printf "%s:%s" $fullImageNameNoTag .tag -}}
+  {{- if not (contains $fullImageNameNoTag $originalImages) -}}
+    {{- if not (contains $registryName $originalImages) -}}
+      {{- $relocatedImages = append $relocatedImages $fullImageName  -}}
+    {{- else if not (contains .repository $originalImages) -}}
+      {{- $replacedImages = append $replacedImages $fullImageName  -}}
+    {{- end -}}
+  {{- end -}}
+  {{- if not (contains (printf "%s:%s" .repository .tag) $originalImages) -}}
+    {{- $retaggedImages = append $retaggedImages $fullImageName  -}}
+  {{- end -}}
+{{- end -}}
+
+{{- if and (or (gt (len $relocatedImages) 0) (gt (len $replacedImages) 0)) (((.context.Values.global).security).allowInsecureImages) -}}
+  {{- print "\n\n⚠ SECURITY WARNING: Verifying original container images was skipped. Please note this Helm chart was designed, tested, and validated on multiple platforms using a specific set of Bitnami and Tanzu Application Catalog containers. Substituting other containers is likely to cause degraded security and performance, broken chart features, and missing environment variables.\n" -}}
+{{- else if (or (gt (len $relocatedImages) 0) (gt (len $replacedImages) 0)) -}}
+  {{- $errorString := "Original containers have been substituted for unrecognized ones. Deploying this chart with non-standard containers is likely to cause degraded security and performance, broken chart features, and missing environment variables." -}}
+  {{- $errorString = print $errorString "\n\nUnrecognized images:" -}}
+  {{- range (concat $relocatedImages $replacedImages) -}}
+    {{- $errorString = print $errorString "\n  - " . -}}
+  {{- end -}}
+  {{- if or (contains "docker.io/bitnami/" $originalImages) (contains "docker.io/bitnamiprem/" $originalImages) -}}
+    {{- $errorString = print "\n\n⚠ ERROR: " $errorString -}}
+    {{- $errorString = print $errorString "\n\nIf you are sure you want to proceed with non-standard containers, you can skip container image verification by setting the global parameter 'global.security.allowInsecureImages' to true." -}}
+    {{- $errorString = print $errorString "\nFurther information can be obtained at https://github.com/bitnami/charts/issues/30850" -}}
+    {{- print $errorString | fail -}}
+  {{- else if gt (len $replacedImages) 0 -}}
+    {{- $errorString = print "\n\n⚠ WARNING: " $errorString -}}
+    {{- print $errorString -}}
+  {{- end -}}
+{{- else if gt (len $retaggedImages) 0 -}}
+  {{- $warnString := "\n\n⚠ WARNING: Original containers have been retagged. Please note this Helm chart was tested, and validated on multiple platforms using a specific set of Tanzu Application Catalog containers. Substituting original image tags could cause unexpected behavior." -}}
+  {{- $warnString = print $warnString "\n\nRetagged images:" -}}
+  {{- range $retaggedImages -}}
+    {{- $warnString = print $warnString "\n  - " . -}}
+  {{- end -}}
+  {{- print $warnString -}}
+{{- end -}}
+{{- end -}}
diff --git a/kubernetes/common/mongodb/common/templates/_images.tpl b/kubernetes/common/mongodb/common/templates/_images.tpl

index e6acf9e..76bb7ce 100644 (file)
--- a/kubernetes/common/mongodb/common/templates/_images.tpl
+++ b/kubernetes/common/mongodb/common/templates/_images.tpl
@@ -1,22 +1,24 @@
  {{/*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
  {{/* vim: set filetype=mustache: */}}
  {{/*
-Return the proper image name
-{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" .Values.global ) }}
+Return the proper image name.
+If image tag and digest are not defined, termination fallbacks to chart appVersion.
+{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" .Values.global "chart" .Chart ) }}
  */}}
  {{- define "common.images.image" -}}
-{{- $registryName := .imageRoot.registry -}}
+{{- $registryName := default .imageRoot.registry ((.global).imageRegistry) -}}
  {{- $repositoryName := .imageRoot.repository -}}
  {{- $separator := ":" -}}
  {{- $termination := .imageRoot.tag | toString -}}
-{{- if .global }}
-    {{- if .global.imageRegistry }}
-     {{- $registryName = .global.imageRegistry -}}
-    {{- end -}}
+
+{{- if not .imageRoot.tag }}
+  {{- if .chart }}
+    {{- $termination = .chart.AppVersion | toString -}}
+  {{- end -}}
  {{- end -}}
  {{- if .imageRoot.digest }}
      {{- $separator = "@" -}}
@@ -36,14 +38,12 @@ Return the proper Docker Image Registry Secret Names (deprecated: use common.ima
  {{- define "common.images.pullSecrets" -}}
    {{- $pullSecrets := list }}
  
-  {{- if .global }}
-    {{- range .global.imagePullSecrets -}}
-      {{- if kindIs "map" . -}}
-        {{- $pullSecrets = append $pullSecrets .name -}}
-      {{- else -}}
-        {{- $pullSecrets = append $pullSecrets . -}}
-      {{- end }}
-    {{- end -}}
+  {{- range ((.global).imagePullSecrets) -}}
+    {{- if kindIs "map" . -}}
+      {{- $pullSecrets = append $pullSecrets .name -}}
+    {{- else -}}
+      {{- $pullSecrets = append $pullSecrets . -}}
+    {{- end }}
    {{- end -}}
  
    {{- range .images -}}
@@ -56,7 +56,7 @@ Return the proper Docker Image Registry Secret Names (deprecated: use common.ima
      {{- end -}}
    {{- end -}}
  
-  {{- if (not (empty $pullSecrets)) }}
+  {{- if (not (empty $pullSecrets)) -}}
  imagePullSecrets:
      {{- range $pullSecrets | uniq }}
    - name: {{ . }}
@@ -72,13 +72,11 @@ Return the proper Docker Image Registry Secret Names evaluating values as templa
    {{- $pullSecrets := list }}
    {{- $context := .context }}
  
-  {{- if $context.Values.global }}
-    {{- range $context.Values.global.imagePullSecrets -}}
-      {{- if kindIs "map" . -}}
-        {{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" .name "context" $context)) -}}
-      {{- else -}}
-        {{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" . "context" $context)) -}}
-      {{- end -}}
+  {{- range (($context.Values.global).imagePullSecrets) -}}
+    {{- if kindIs "map" . -}}
+      {{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" .name "context" $context)) -}}
+    {{- else -}}
+      {{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" . "context" $context)) -}}
      {{- end -}}
    {{- end -}}
  
@@ -92,7 +90,7 @@ Return the proper Docker Image Registry Secret Names evaluating values as templa
      {{- end -}}
    {{- end -}}
  
-  {{- if (not (empty $pullSecrets)) }}
+  {{- if (not (empty $pullSecrets)) -}}
  imagePullSecrets:
      {{- range $pullSecrets | uniq }}
    - name: {{ . }}
@@ -114,3 +112,4 @@ Return the proper image version (ingores image revision/prerelease info & fallba
      {{- print .chart.AppVersion -}}
  {{- end -}}
  {{- end -}}
+
diff --git a/kubernetes/common/mongodb/common/templates/_ingress.tpl b/kubernetes/common/mongodb/common/templates/_ingress.tpl

index efa5b85..2d0dbf1 100644 (file)
--- a/kubernetes/common/mongodb/common/templates/_ingress.tpl
+++ b/kubernetes/common/mongodb/common/templates/_ingress.tpl
@@ -1,5 +1,5 @@
  {{/*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -17,11 +17,6 @@ Params:
    - context - Dict - Required. The context for the template evaluation.
  */}}
  {{- define "common.ingress.backend" -}}
-{{- $apiVersion := (include "common.capabilities.ingress.apiVersion" .context) -}}
-{{- if or (eq $apiVersion "extensions/v1beta1") (eq $apiVersion "networking.k8s.io/v1beta1") -}}
-serviceName: {{ .serviceName }}
-servicePort: {{ .servicePort }}
-{{- else -}}
  service:
    name: {{ .serviceName }}
    port:
@@ -31,33 +26,6 @@ service:
      number: {{ .servicePort | int }}
      {{- end }}
  {{- end -}}
-{{- end -}}
-
-{{/*
-Print "true" if the API pathType field is supported
-Usage:
-{{ include "common.ingress.supportsPathType" . }}
-*/}}
-{{- define "common.ingress.supportsPathType" -}}
-{{- if (semverCompare "<1.18-0" (include "common.capabilities.kubeVersion" .)) -}}
-{{- print "false" -}}
-{{- else -}}
-{{- print "true" -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Returns true if the ingressClassname field is supported
-Usage:
-{{ include "common.ingress.supportsIngressClassname" . }}
-*/}}
-{{- define "common.ingress.supportsIngressClassname" -}}
-{{- if semverCompare "<1.18-0" (include "common.capabilities.kubeVersion" .) -}}
-{{- print "false" -}}
-{{- else -}}
-{{- print "true" -}}
-{{- end -}}
-{{- end -}}
  
  {{/*
  Return true if cert-manager required annotations for TLS signed
diff --git a/kubernetes/common/mongodb/common/templates/_labels.tpl b/kubernetes/common/mongodb/common/templates/_labels.tpl

index d90a6cd..0a0cc54 100644 (file)
--- a/kubernetes/common/mongodb/common/templates/_labels.tpl
+++ b/kubernetes/common/mongodb/common/templates/_labels.tpl
@@ -1,5 +1,5 @@
  {{/*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
diff --git a/kubernetes/common/mongodb/common/templates/_names.tpl b/kubernetes/common/mongodb/common/templates/_names.tpl

index a222924..ba83956 100644 (file)
--- a/kubernetes/common/mongodb/common/templates/_names.tpl
+++ b/kubernetes/common/mongodb/common/templates/_names.tpl
@@ -1,5 +1,5 @@
  {{/*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
diff --git a/kubernetes/common/mongodb/common/templates/_resources.tpl b/kubernetes/common/mongodb/common/templates/_resources.tpl

index 5eb56ca..2aaf575 100644 (file)
--- a/kubernetes/common/mongodb/common/templates/_resources.tpl
+++ b/kubernetes/common/mongodb/common/templates/_resources.tpl
@@ -1,5 +1,5 @@
  {{/*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -11,35 +11,35 @@ These presets are for basic testing and not meant to be used in production
  {{ include "common.resources.preset" (dict "type" "nano") -}}
  */}}
  {{- define "common.resources.preset" -}}
-{{/* The limits are the requests increased by 50% (except ephemeral-storage)*/}}
+{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}}
  {{- $presets := dict
    "nano" (dict
        "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "1024Mi")
+      "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi")
     )
    "micro" (dict
        "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "1024Mi")
+      "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi")
     )
    "small" (dict
        "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "1024Mi")
+      "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi")
     )
    "medium" (dict
        "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "1024Mi")
+      "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi")
     )
    "large" (dict
        "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "1024Mi")
+      "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi")
     )
    "xlarge" (dict
-      "requests" (dict "cpu" "2.0" "memory" "4096Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "1024Mi")
+      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
+      "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi")
     )
    "2xlarge" (dict
-      "requests" (dict "cpu" "4.0" "memory" "8192Mi" "ephemeral-storage" "50Mi")
-      "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "1024Mi")
+      "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
+      "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi")
     )
   }}
  {{- if hasKey $presets .type -}}
diff --git a/kubernetes/common/mongodb/common/templates/_secrets.tpl b/kubernetes/common/mongodb/common/templates/_secrets.tpl

index 84dbe38..7868c00 100644 (file)
--- a/kubernetes/common/mongodb/common/templates/_secrets.tpl
+++ b/kubernetes/common/mongodb/common/templates/_secrets.tpl
@@ -1,5 +1,5 @@
  {{/*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -67,7 +67,7 @@ Params:
  Generate secret password or retrieve one if already created.
  
  Usage:
-{{ include "common.secrets.passwords.manage" (dict "secret" "secret-name" "key" "keyName" "providedValues" (list "path.to.password1" "path.to.password2") "length" 10 "strong" false "chartName" "chartName" "context" $) }}
+{{ include "common.secrets.passwords.manage" (dict "secret" "secret-name" "key" "keyName" "providedValues" (list "path.to.password1" "path.to.password2") "length" 10 "strong" false "chartName" "chartName" "honorProvidedValues" false "context" $) }}
  
  Params:
    - secret - String - Required - Name of the 'Secret' resource where the password is stored.
@@ -80,12 +80,15 @@ Params:
    - failOnNew - Boolean - Optional - Default to true. If set to false, skip errors adding new keys to existing secrets.
    - skipB64enc - Boolean - Optional - Default to false. If set to true, no the secret will not be base64 encrypted.
    - skipQuote - Boolean - Optional - Default to false. If set to true, no quotes will be added around the secret.
+  - honorProvidedValues - Boolean - Optional - Default to false. If set to true, the values in providedValues have higher priority than an existing secret
  The order in which this function returns a secret password:
-  1. Already existing 'Secret' resource
+  1. Password provided via the values.yaml if honorProvidedValues = true
+     (If one of the keys passed to the 'providedValues' parameter to this function is a valid path to a key in the values.yaml and has a value, the value of the first key with a value will be returned)
+  2. Already existing 'Secret' resource
       (If a 'Secret' resource is found under the name provided to the 'secret' parameter to this function and that 'Secret' resource contains a key with the name passed as the 'key' parameter to this function then the value of this existing secret password will be returned)
-  2. Password provided via the values.yaml
+  3. Password provided via the values.yaml if honorProvidedValues = false
       (If one of the keys passed to the 'providedValues' parameter to this function is a valid path to a key in the values.yaml and has a value, the value of the first key with a value will be returned)
-  3. Randomly generated secret password
+  4. Randomly generated secret password
       (A new random secret password with the length specified in the 'length' parameter will be generated and returned)
  
  */}}
@@ -103,30 +106,37 @@ The order in which this function returns a secret password:
      {{- $password = index $secretData .key | b64dec }}
    {{- else if not (eq .failOnNew false) }}
      {{- printf "\nPASSWORDS ERROR: The secret \"%s\" does not contain the key \"%s\"\n" .secret .key | fail -}}
-  {{- else if $providedPasswordValue }}
-    {{- $password = $providedPasswordValue | toString }}
-  {{- end -}}
-{{- else if $providedPasswordValue }}
-  {{- $password = $providedPasswordValue | toString }}
-{{- else }}
-
-  {{- if .context.Values.enabled }}
-    {{- $subchart = $chartName }}
    {{- end -}}
+{{- end }}
  
-  {{- $requiredPassword := dict "valueKey" $providedPasswordKey "secret" .secret "field" .key "subchart" $subchart "context" $.context -}}
-  {{- $requiredPasswordError := include "common.validations.values.single.empty" $requiredPassword -}}
-  {{- $passwordValidationErrors := list $requiredPasswordError -}}
-  {{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" $passwordValidationErrors "context" $.context) -}}
+{{- if and $providedPasswordValue .honorProvidedValues }}
+  {{- $password = tpl ($providedPasswordValue | toString) .context }}
+{{- end }}
  
-  {{- if .strong }}
-    {{- $subStr := list (lower (randAlpha 1)) (randNumeric 1) (upper (randAlpha 1)) | join "_" }}
-    {{- $password = randAscii $passwordLength }}
-    {{- $password = regexReplaceAllLiteral "\\W" $password "@" | substr 5 $passwordLength }}
-    {{- $password = printf "%s%s" $subStr $password | toString | shuffle }}
+{{- if not $password }}
+  {{- if $providedPasswordValue }}
+    {{- $password = tpl ($providedPasswordValue | toString) .context }}
    {{- else }}
-    {{- $password = randAlphaNum $passwordLength }}
-  {{- end }}
+    {{- if .context.Values.enabled }}
+      {{- $subchart = $chartName }}
+    {{- end -}}
+
+    {{- if not (eq .failOnNew false) }}
+      {{- $requiredPassword := dict "valueKey" $providedPasswordKey "secret" .secret "field" .key "subchart" $subchart "context" $.context -}}
+      {{- $requiredPasswordError := include "common.validations.values.single.empty" $requiredPassword -}}
+      {{- $passwordValidationErrors := list $requiredPasswordError -}}
+      {{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" $passwordValidationErrors "context" $.context) -}}
+    {{- end }}
+
+    {{- if .strong }}
+      {{- $subStr := list (lower (randAlpha 1)) (randNumeric 1) (upper (randAlpha 1)) | join "_" }}
+      {{- $password = randAscii $passwordLength }}
+      {{- $password = regexReplaceAllLiteral "\\W" $password "@" | substr 5 $passwordLength }}
+      {{- $password = printf "%s%s" $subStr $password | toString | shuffle }}
+    {{- else }}
+      {{- $password = randAlphaNum $passwordLength }}
+    {{- end }}
+  {{- end -}}
  {{- end -}}
  {{- if not .skipB64enc }}
  {{- $password = $password | b64enc }}
diff --git a/kubernetes/common/mongodb/common/templates/_storage.tpl b/kubernetes/common/mongodb/common/templates/_storage.tpl

index 16405a0..aa75856 100644 (file)
--- a/kubernetes/common/mongodb/common/templates/_storage.tpl
+++ b/kubernetes/common/mongodb/common/templates/_storage.tpl
@@ -1,28 +1,21 @@
  {{/*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
  {{/* vim: set filetype=mustache: */}}
+
  {{/*
  Return  the proper Storage Class
  {{ include "common.storage.class" ( dict "persistence" .Values.path.to.the.persistence "global" $) }}
  */}}
  {{- define "common.storage.class" -}}
-
-{{- $storageClass := .persistence.storageClass -}}
-{{- if .global -}}
-    {{- if .global.storageClass -}}
-        {{- $storageClass = .global.storageClass -}}
-    {{- end -}}
-{{- end -}}
-
+{{- $storageClass := (.global).storageClass | default .persistence.storageClass | default (.global).defaultStorageClass | default "" -}}
  {{- if $storageClass -}}
    {{- if (eq "-" $storageClass) -}}
        {{- printf "storageClassName: \"\"" -}}
-  {{- else }}
+  {{- else -}}
        {{- printf "storageClassName: %s" $storageClass -}}
    {{- end -}}
  {{- end -}}
-
  {{- end -}}
diff --git a/kubernetes/common/mongodb/common/templates/_tplvalues.tpl b/kubernetes/common/mongodb/common/templates/_tplvalues.tpl

index a8ed763..a04f4c1 100644 (file)
--- a/kubernetes/common/mongodb/common/templates/_tplvalues.tpl
+++ b/kubernetes/common/mongodb/common/templates/_tplvalues.tpl
@@ -1,5 +1,5 @@
  {{/*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -36,3 +36,17 @@ Usage:
  {{- end -}}
  {{ $dst | toYaml }}
  {{- end -}}
+
+{{/*
+Merge a list of values that contains template after rendering them.
+Merge precedence is consistent with https://masterminds.github.io/sprig/dicts.html#mergeoverwrite-mustmergeoverwrite
+Usage:
+{{ include "common.tplvalues.merge-overwrite" ( dict "values" (list .Values.path.to.the.Value1 .Values.path.to.the.Value2) "context" $ ) }}
+*/}}
+{{- define "common.tplvalues.merge-overwrite" -}}
+{{- $dst := dict -}}
+{{- range .values -}}
+{{- $dst = include "common.tplvalues.render" (dict "value" . "context" $.context "scope" $.scope) | fromYaml | mergeOverwrite $dst -}}
+{{- end -}}
+{{ $dst | toYaml }}
+{{- end -}}
diff --git a/kubernetes/common/mongodb/common/templates/_utils.tpl b/kubernetes/common/mongodb/common/templates/_utils.tpl

index 1deefa1..0a5a5bc 100644 (file)
--- a/kubernetes/common/mongodb/common/templates/_utils.tpl
+++ b/kubernetes/common/mongodb/common/templates/_utils.tpl
@@ -1,5 +1,5 @@
  {{/*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
diff --git a/kubernetes/common/mongodb/common/templates/_warnings.tpl b/kubernetes/common/mongodb/common/templates/_warnings.tpl

index 0f763cd..62c44df 100644 (file)
--- a/kubernetes/common/mongodb/common/templates/_warnings.tpl
+++ b/kubernetes/common/mongodb/common/templates/_warnings.tpl
@@ -1,5 +1,5 @@
  {{/*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -13,10 +13,37 @@ Usage:
  
  {{- if and (contains "bitnami/" .repository) (not (.tag | toString | regexFind "-r\\d+$|sha256:")) }}
  WARNING: Rolling tag detected ({{ .repository }}:{{ .tag }}), please note that it is strongly recommended to avoid using rolling tags in a production environment.
-+info https://docs.bitnami.com/tutorials/understand-rolling-tags-containers
++info https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html
  {{- end }}
  {{- end -}}
  
+{{/*
+Warning about replaced images from the original.
+Usage:
+{{ include "common.warnings.modifiedImages" (dict "images" (list .Values.path.to.the.imageRoot) "context" $) }}
+*/}}
+{{- define "common.warnings.modifiedImages" -}}
+{{- $affectedImages := list -}}
+{{- $printMessage := false -}}
+{{- $originalImages := .context.Chart.Annotations.images -}}
+{{- range .images -}}
+  {{- $fullImageName := printf (printf "%s/%s:%s" .registry .repository .tag) -}}
+  {{- if not (contains $fullImageName $originalImages) }}
+    {{- $affectedImages = append $affectedImages (printf "%s/%s:%s" .registry .repository .tag) -}}
+    {{- $printMessage = true -}}
+  {{- end -}}
+{{- end -}}
+{{- if $printMessage }}
+
+⚠ SECURITY WARNING: Original containers have been substituted. This Helm chart was designed, tested, and validated on multiple platforms using a specific set of Bitnami and Tanzu Application Catalog containers. Substituting other containers is likely to cause degraded security and performance, broken chart features, and missing environment variables.
+
+Substituted images detected:
+{{- range $affectedImages }}
+  - {{ . }}
+{{- end }}
+{{- end -}}
+{{- end -}}
+
  {{/*
  Warning about not setting the resource object in all deployments.
  Usage:
diff --git a/kubernetes/common/mongodb/common/templates/validations/_cassandra.tpl b/kubernetes/common/mongodb/common/templates/validations/_cassandra.tpl

index eda9aad..f8fd213 100644 (file)
--- a/kubernetes/common/mongodb/common/templates/validations/_cassandra.tpl
+++ b/kubernetes/common/mongodb/common/templates/validations/_cassandra.tpl
@@ -1,35 +1,9 @@
  {{/*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
  {{/* vim: set filetype=mustache: */}}
-{{/*
-Validate Cassandra required passwords are not empty.
-
-Usage:
-{{ include "common.validations.values.cassandra.passwords" (dict "secret" "secretName" "subchart" false "context" $) }}
-Params:
-  - secret - String - Required. Name of the secret where Cassandra values are stored, e.g: "cassandra-passwords-secret"
-  - subchart - Boolean - Optional. Whether Cassandra is used as subchart or not. Default: false
-*/}}
-{{- define "common.validations.values.cassandra.passwords" -}}
-  {{- $existingSecret := include "common.cassandra.values.existingSecret" . -}}
-  {{- $enabled := include "common.cassandra.values.enabled" . -}}
-  {{- $dbUserPrefix := include "common.cassandra.values.key.dbUser" . -}}
-  {{- $valueKeyPassword := printf "%s.password" $dbUserPrefix -}}
-
-  {{- if and (or (not $existingSecret) (eq $existingSecret "\"\"")) (eq $enabled "true") -}}
-    {{- $requiredPasswords := list -}}
-
-    {{- $requiredPassword := dict "valueKey" $valueKeyPassword "secret" .secret "field" "cassandra-password" -}}
-    {{- $requiredPasswords = append $requiredPasswords $requiredPassword -}}
-
-    {{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}}
-
-  {{- end -}}
-{{- end -}}
-
  {{/*
  Auxiliary function to get the right value for existingSecret.
  
diff --git a/kubernetes/common/mongodb/common/templates/validations/_mariadb.tpl b/kubernetes/common/mongodb/common/templates/validations/_mariadb.tpl

index 17d83a2..6ea8c0f 100644 (file)
--- a/kubernetes/common/mongodb/common/templates/validations/_mariadb.tpl
+++ b/kubernetes/common/mongodb/common/templates/validations/_mariadb.tpl
@@ -1,5 +1,5 @@
  {{/*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
diff --git a/kubernetes/common/mongodb/common/templates/validations/_mongodb.tpl b/kubernetes/common/mongodb/common/templates/validations/_mongodb.tpl

index bbb445b..e678a6d 100644 (file)
--- a/kubernetes/common/mongodb/common/templates/validations/_mongodb.tpl
+++ b/kubernetes/common/mongodb/common/templates/validations/_mongodb.tpl
@@ -1,55 +1,9 @@
  {{/*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
  {{/* vim: set filetype=mustache: */}}
-{{/*
-Validate MongoDB&reg; required passwords are not empty.
-
-Usage:
-{{ include "common.validations.values.mongodb.passwords" (dict "secret" "secretName" "subchart" false "context" $) }}
-Params:
-  - secret - String - Required. Name of the secret where MongoDB&reg; values are stored, e.g: "mongodb-passwords-secret"
-  - subchart - Boolean - Optional. Whether MongoDB&reg; is used as subchart or not. Default: false
-*/}}
-{{- define "common.validations.values.mongodb.passwords" -}}
-  {{- $existingSecret := include "common.mongodb.values.auth.existingSecret" . -}}
-  {{- $enabled := include "common.mongodb.values.enabled" . -}}
-  {{- $authPrefix := include "common.mongodb.values.key.auth" . -}}
-  {{- $architecture := include "common.mongodb.values.architecture" . -}}
-  {{- $valueKeyRootPassword := printf "%s.rootPassword" $authPrefix -}}
-  {{- $valueKeyUsername := printf "%s.username" $authPrefix -}}
-  {{- $valueKeyDatabase := printf "%s.database" $authPrefix -}}
-  {{- $valueKeyPassword := printf "%s.password" $authPrefix -}}
-  {{- $valueKeyReplicaSetKey := printf "%s.replicaSetKey" $authPrefix -}}
-  {{- $valueKeyAuthEnabled := printf "%s.enabled" $authPrefix -}}
-
-  {{- $authEnabled := include "common.utils.getValueFromKey" (dict "key" $valueKeyAuthEnabled "context" .context) -}}
-
-  {{- if and (or (not $existingSecret) (eq $existingSecret "\"\"")) (eq $enabled "true") (eq $authEnabled "true") -}}
-    {{- $requiredPasswords := list -}}
-
-    {{- $requiredRootPassword := dict "valueKey" $valueKeyRootPassword "secret" .secret "field" "mongodb-root-password" -}}
-    {{- $requiredPasswords = append $requiredPasswords $requiredRootPassword -}}
-
-    {{- $valueUsername := include "common.utils.getValueFromKey" (dict "key" $valueKeyUsername "context" .context) }}
-    {{- $valueDatabase := include "common.utils.getValueFromKey" (dict "key" $valueKeyDatabase "context" .context) }}
-    {{- if and $valueUsername $valueDatabase -}}
-        {{- $requiredPassword := dict "valueKey" $valueKeyPassword "secret" .secret "field" "mongodb-password" -}}
-        {{- $requiredPasswords = append $requiredPasswords $requiredPassword -}}
-    {{- end -}}
-
-    {{- if (eq $architecture "replicaset") -}}
-        {{- $requiredReplicaSetKey := dict "valueKey" $valueKeyReplicaSetKey "secret" .secret "field" "mongodb-replica-set-key" -}}
-        {{- $requiredPasswords = append $requiredPasswords $requiredReplicaSetKey -}}
-    {{- end -}}
-
-    {{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}}
-
-  {{- end -}}
-{{- end -}}
-
  {{/*
  Auxiliary function to get the right value for existingSecret.
  
diff --git a/kubernetes/common/mongodb/common/templates/validations/_mysql.tpl b/kubernetes/common/mongodb/common/templates/validations/_mysql.tpl

index ca3953f..fbb65c3 100644 (file)
--- a/kubernetes/common/mongodb/common/templates/validations/_mysql.tpl
+++ b/kubernetes/common/mongodb/common/templates/validations/_mysql.tpl
@@ -1,50 +1,9 @@
  {{/*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
  {{/* vim: set filetype=mustache: */}}
-{{/*
-Validate MySQL required passwords are not empty.
-
-Usage:
-{{ include "common.validations.values.mysql.passwords" (dict "secret" "secretName" "subchart" false "context" $) }}
-Params:
-  - secret - String - Required. Name of the secret where MySQL values are stored, e.g: "mysql-passwords-secret"
-  - subchart - Boolean - Optional. Whether MySQL is used as subchart or not. Default: false
-*/}}
-{{- define "common.validations.values.mysql.passwords" -}}
-  {{- $existingSecret := include "common.mysql.values.auth.existingSecret" . -}}
-  {{- $enabled := include "common.mysql.values.enabled" . -}}
-  {{- $architecture := include "common.mysql.values.architecture" . -}}
-  {{- $authPrefix := include "common.mysql.values.key.auth" . -}}
-  {{- $valueKeyRootPassword := printf "%s.rootPassword" $authPrefix -}}
-  {{- $valueKeyUsername := printf "%s.username" $authPrefix -}}
-  {{- $valueKeyPassword := printf "%s.password" $authPrefix -}}
-  {{- $valueKeyReplicationPassword := printf "%s.replicationPassword" $authPrefix -}}
-
-  {{- if and (or (not $existingSecret) (eq $existingSecret "\"\"")) (eq $enabled "true") -}}
-    {{- $requiredPasswords := list -}}
-
-    {{- $requiredRootPassword := dict "valueKey" $valueKeyRootPassword "secret" .secret "field" "mysql-root-password" -}}
-    {{- $requiredPasswords = append $requiredPasswords $requiredRootPassword -}}
-
-    {{- $valueUsername := include "common.utils.getValueFromKey" (dict "key" $valueKeyUsername "context" .context) }}
-    {{- if not (empty $valueUsername) -}}
-        {{- $requiredPassword := dict "valueKey" $valueKeyPassword "secret" .secret "field" "mysql-password" -}}
-        {{- $requiredPasswords = append $requiredPasswords $requiredPassword -}}
-    {{- end -}}
-
-    {{- if (eq $architecture "replication") -}}
-        {{- $requiredReplicationPassword := dict "valueKey" $valueKeyReplicationPassword "secret" .secret "field" "mysql-replication-password" -}}
-        {{- $requiredPasswords = append $requiredPasswords $requiredReplicationPassword -}}
-    {{- end -}}
-
-    {{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}}
-
-  {{- end -}}
-{{- end -}}
-
  {{/*
  Auxiliary function to get the right value for existingSecret.
  
diff --git a/kubernetes/common/mongodb/common/templates/validations/_postgresql.tpl b/kubernetes/common/mongodb/common/templates/validations/_postgresql.tpl

index 8c9aa57..51d4716 100644 (file)
--- a/kubernetes/common/mongodb/common/templates/validations/_postgresql.tpl
+++ b/kubernetes/common/mongodb/common/templates/validations/_postgresql.tpl
@@ -1,38 +1,9 @@
  {{/*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
  {{/* vim: set filetype=mustache: */}}
-{{/*
-Validate PostgreSQL required passwords are not empty.
-
-Usage:
-{{ include "common.validations.values.postgresql.passwords" (dict "secret" "secretName" "subchart" false "context" $) }}
-Params:
-  - secret - String - Required. Name of the secret where postgresql values are stored, e.g: "postgresql-passwords-secret"
-  - subchart - Boolean - Optional. Whether postgresql is used as subchart or not. Default: false
-*/}}
-{{- define "common.validations.values.postgresql.passwords" -}}
-  {{- $existingSecret := include "common.postgresql.values.existingSecret" . -}}
-  {{- $enabled := include "common.postgresql.values.enabled" . -}}
-  {{- $valueKeyPostgresqlPassword := include "common.postgresql.values.key.postgressPassword" . -}}
-  {{- $valueKeyPostgresqlReplicationEnabled := include "common.postgresql.values.key.replicationPassword" . -}}
-  {{- if and (or (not $existingSecret) (eq $existingSecret "\"\"")) (eq $enabled "true") -}}
-    {{- $requiredPasswords := list -}}
-    {{- $requiredPostgresqlPassword := dict "valueKey" $valueKeyPostgresqlPassword "secret" .secret "field" "postgresql-password" -}}
-    {{- $requiredPasswords = append $requiredPasswords $requiredPostgresqlPassword -}}
-
-    {{- $enabledReplication := include "common.postgresql.values.enabled.replication" . -}}
-    {{- if (eq $enabledReplication "true") -}}
-        {{- $requiredPostgresqlReplicationPassword := dict "valueKey" $valueKeyPostgresqlReplicationEnabled "secret" .secret "field" "postgresql-replication-password" -}}
-        {{- $requiredPasswords = append $requiredPasswords $requiredPostgresqlReplicationPassword -}}
-    {{- end -}}
-
-    {{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}}
-  {{- end -}}
-{{- end -}}
-
  {{/*
  Auxiliary function to decide whether evaluate global values.
  
diff --git a/kubernetes/common/mongodb/common/templates/validations/_redis.tpl b/kubernetes/common/mongodb/common/templates/validations/_redis.tpl

index fc0d208..9fedfef 100644 (file)
--- a/kubernetes/common/mongodb/common/templates/validations/_redis.tpl
+++ b/kubernetes/common/mongodb/common/templates/validations/_redis.tpl
@@ -1,43 +1,10 @@
  {{/*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
  
  {{/* vim: set filetype=mustache: */}}
-{{/*
-Validate Redis&reg; required passwords are not empty.
-
-Usage:
-{{ include "common.validations.values.redis.passwords" (dict "secret" "secretName" "subchart" false "context" $) }}
-Params:
-  - secret - String - Required. Name of the secret where redis values are stored, e.g: "redis-passwords-secret"
-  - subchart - Boolean - Optional. Whether redis is used as subchart or not. Default: false
-*/}}
-{{- define "common.validations.values.redis.passwords" -}}
-  {{- $enabled := include "common.redis.values.enabled" . -}}
-  {{- $valueKeyPrefix := include "common.redis.values.keys.prefix" . -}}
-  {{- $standarizedVersion := include "common.redis.values.standarized.version" . }}
-
-  {{- $existingSecret := ternary (printf "%s%s" $valueKeyPrefix "auth.existingSecret") (printf "%s%s" $valueKeyPrefix "existingSecret") (eq $standarizedVersion "true") }}
-  {{- $existingSecretValue := include "common.utils.getValueFromKey" (dict "key" $existingSecret "context" .context) }}
-
-  {{- $valueKeyRedisPassword := ternary (printf "%s%s" $valueKeyPrefix "auth.password") (printf "%s%s" $valueKeyPrefix "password") (eq $standarizedVersion "true") }}
-  {{- $valueKeyRedisUseAuth := ternary (printf "%s%s" $valueKeyPrefix "auth.enabled") (printf "%s%s" $valueKeyPrefix "usePassword") (eq $standarizedVersion "true") }}
-
-  {{- if and (or (not $existingSecret) (eq $existingSecret "\"\"")) (eq $enabled "true") -}}
-    {{- $requiredPasswords := list -}}
-
-    {{- $useAuth := include "common.utils.getValueFromKey" (dict "key" $valueKeyRedisUseAuth "context" .context) -}}
-    {{- if eq $useAuth "true" -}}
-      {{- $requiredRedisPassword := dict "valueKey" $valueKeyRedisPassword "secret" .secret "field" "redis-password" -}}
-      {{- $requiredPasswords = append $requiredPasswords $requiredRedisPassword -}}
-    {{- end -}}
-
-    {{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}}
-  {{- end -}}
-{{- end -}}
-
  {{/*
  Auxiliary function to get the right value for enabled redis.
  
diff --git a/kubernetes/common/mongodb/common/templates/validations/_validations.tpl b/kubernetes/common/mongodb/common/templates/validations/_validations.tpl

index 31ceda8..7cdee61 100644 (file)
--- a/kubernetes/common/mongodb/common/templates/validations/_validations.tpl
+++ b/kubernetes/common/mongodb/common/templates/validations/_validations.tpl
@@ -1,5 +1,5 @@
  {{/*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
diff --git a/kubernetes/common/mongodb/common/values.yaml b/kubernetes/common/mongodb/common/values.yaml

index 36b8aba..de2cac5 100644 (file)
--- a/kubernetes/common/mongodb/common/values.yaml
+++ b/kubernetes/common/mongodb/common/values.yaml
@@ -1,9 +1,8 @@
-# Copyright VMware, Inc.
+# Copyright Broadcom, Inc. All Rights Reserved.
  # SPDX-License-Identifier: APACHE-2.0
  
  ## bitnami/common
  ## It is required by CI/CD tools and processes.
  ## @skip exampleValue
  ##
-
  exampleValue: common-chart
diff --git a/kubernetes/common/mongodb/templates/NOTES.txt b/kubernetes/common/mongodb/templates/NOTES.txt

index 89a693e..2c47d5f 100644 (file)
--- a/kubernetes/common/mongodb/templates/NOTES.txt
+++ b/kubernetes/common/mongodb/templates/NOTES.txt
@@ -2,6 +2,8 @@ CHART NAME: {{ .Chart.Name }}
  CHART VERSION: {{ .Chart.Version }}
  APP VERSION: {{ .Chart.AppVersion }}
  
+Did you know there are enterprise versions of the Bitnami catalog? For enhanced secure software supply chain features, unlimited pulls from Docker, LTS support, or application customization, see Bitnami Premium or Tanzu Application Catalog. See https://www.arrow.com/globalecs/na/vendors/bitnami for more information.
+
  {{- if .Values.diagnosticMode.enabled }}
  The chart has been deployed in diagnostic mode. All probes have been disabled and the command has been overwritten with:
  
@@ -33,38 +35,6 @@ In order to replicate the container startup scripts execute this command:
  {{- $mongoList = append $mongoList (printf "%s-%d.%s-headless.%s.svc.%s:%d" $fullname $i $fullname $releaseNamespace $clusterDomain $portNumber) }}
  {{- end }}
  
-{{- if and (eq .Values.architecture "replicaset") .Values.externalAccess.enabled (not .Values.externalAccess.autoDiscovery.enabled) (not (eq $replicaCount $loadBalancerIPListLength )) (eq .Values.externalAccess.service.type "LoadBalancer") }}
-
-####################################################################################
-### ERROR: You enabled external access to MongoDB&reg; nodes without specifying  ###
-###   the array of load balancer IPs for MongoDB&reg; nodes.                     ###
-####################################################################################
-
-This deployment will be incomplete until you configure the array of load balancer
-IPs for MongoDB&reg; nodes. To complete your deployment follow the steps below:
-
-1. Wait for the load balancer IPs (it may take a few minutes for them to be available):
-
-    kubectl get svc --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ template "mongodb.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=mongodb" -w
-
-2. Obtain the load balancer IPs and upgrade your chart:
-
-    {{- range $e, $i := until $replicaCount }}
-    LOAD_BALANCER_IP_{{ add $i 1 }}="$(kubectl get svc --namespace {{ $releaseNamespace }} {{ $fullname }}-{{ $i }}-external -o jsonpath='{.status.loadBalancer.ingress[0].ip}')"
-    {{- end }}
-
-3. Upgrade you chart:
-
-    helm upgrade --namespace {{ .Release.Namespace }} {{ .Release.Name }} oci://registry-1.docker.io/bitnamicharts/{{ .Chart.Name }} \
-      --set mongodb.replicaCount={{ $replicaCount }} \
-      --set mongodb.externalAccess.enabled=true \
-      {{- range $i, $e := until $replicaCount }}
-      --set mongodb.externalAccess.service.loadBalancerIPs[{{ $i }}]=$LOAD_BALANCER_IP_{{ add $i 1 }} \
-      {{- end }}
-      --set mongodb.externalAccess.service.type=LoadBalancer
-
-{{- else }}
-
  {{- if and (or (and (eq .Values.architecture "standalone") (or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort"))) (and (eq .Values.architecture "replicaset") .Values.externalAccess.enabled)) (not .Values.auth.enabled) }}
  -------------------------------------------------------------------------------
   WARNING
@@ -72,7 +42,7 @@ IPs for MongoDB&reg; nodes. To complete your deployment follow the steps below:
      By not enabling "mongodb.auth.enabled" you have most likely exposed the
      MongoDB&reg; service externally without any authentication mechanism.
  
-    For security reasons, we strongly suggest that you enable authentiation
+    For security reasons, we strongly suggest that you enable authentication
      setting the "mongodb.auth.enabled" parameter to "true".
  
  -------------------------------------------------------------------------------
@@ -181,7 +151,6 @@ To connect to your database from outside the cluster execute the following comma
  
  {{- end }}
  {{- end }}
-{{- end }}
  
  {{- if .Values.metrics.enabled }}
  
@@ -201,3 +170,5 @@ Then, open the obtained URL in a browser.
  {{- include "common.warnings.rollingTag" .Values.tls.image }}
  {{- include "mongodb.validateValues" . }}
  {{- include "common.warnings.resources" (dict "sections" (list "arbiter" "externalAccess.autoDiscovery" "hidden" "metrics" "" "tls" "volumePermissions") "context" $) }}
+{{- include "common.warnings.modifiedImages" (dict "images" (list .Values.image .Values.tls.image .Values.externalAccess.autoDiscovery.image .Values.externalAccess.dnsCheck.image .Values.volumePermissions.image .Values.metrics.image) "context" $) }}
+{{- include "common.errors.insecureImages" (dict "images" (list .Values.image .Values.tls.image .Values.externalAccess.autoDiscovery.image .Values.externalAccess.dnsCheck.image .Values.volumePermissions.image .Values.metrics.image) "context" $) }}
diff --git a/kubernetes/common/mongodb/templates/_helpers.tpl b/kubernetes/common/mongodb/templates/_helpers.tpl

index b6bbb1f..5b40e14 100644 (file)
--- a/kubernetes/common/mongodb/templates/_helpers.tpl
+++ b/kubernetes/common/mongodb/templates/_helpers.tpl
@@ -1,5 +1,5 @@
  {{/*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -46,6 +46,17 @@ Create a default mongo arbiter service name which can be overridden.
      {{- end }}
  {{- end }}
  
+{{/*
+Create a default mongo hidden service name which can be overridden.
+*/}}
+{{- define "mongodb.hidden.service.nameOverride" -}}
+    {{- if and .Values.hidden.service .Values.hidden.service.nameOverride -}}
+        {{- print .Values.hidden.service.nameOverride -}}
+    {{- else -}}
+        {{- printf "%s-hidden-headless" (include "mongodb.fullname" .) -}}
+    {{- end }}
+{{- end }}
+
  {{/*
  Return the proper MongoDB&reg; image name
  */}}
@@ -74,6 +85,13 @@ Return the proper image name (for the init container auto-discovery image)
  {{- include "common.images.image" (dict "imageRoot" .Values.externalAccess.autoDiscovery.image "global" .Values.global) -}}
  {{- end -}}
  
+{{/*
+Return the proper image name (for the init container dns-check image)
+*/}}
+{{- define "mongodb.externalAccess.dnsCheck.image" -}}
+{{- include "common.images.image" (dict "imageRoot" .Values.externalAccess.dnsCheck.image "global" .Values.global) -}}
+{{- end -}}
+
  {{/*
  Return the proper image name (for the TLS Certs image)
  */}}
@@ -85,7 +103,7 @@ Return the proper image name (for the TLS Certs image)
  Return the proper Docker Image Registry Secret Names
  */}}
  {{- define "mongodb.imagePullSecrets" -}}
-{{- include "common.images.renderPullSecrets" (dict "images" (list .Values.image .Values.metrics.image .Values.volumePermissions.image .Values.tls.image) "context" $) -}}
+{{- include "common.images.renderPullSecrets" (dict "images" (list .Values.image .Values.metrics.image .Values.volumePermissions.image .Values.tls.image .Values.externalAccess.dnsCheck.image .Values.externalAccess.autoDiscovery.image) "context" $) -}}
  {{- end -}}
  
  {{/*
@@ -210,17 +228,181 @@ Return true if a secret object should be created for MongoDB&reg;
  {{- end -}}
  {{- end -}}
  
+{{/*
+Return true if a secret object should be created for MongoDB
+*/}}
+{{- define "mongodb.createPreviousSecret" -}}
+{{- if and .Values.passwordUpdateJob.previousPasswords.rootPassword (not .Values.passwordUpdateJob.previousPasswords.existingSecret) }}
+    {{- true -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the secret with previous MongoDB credentials
+*/}}
+{{- define "mongodb.update-job.previousSecretName" -}}
+    {{- if .Values.passwordUpdateJob.previousPasswords.existingSecret -}}
+        {{- /* The secret with the new password is managed externally */ -}}
+        {{- tpl .Values.passwordUpdateJob.previousPasswords.existingSecret $ -}}
+    {{- else if .Values.passwordUpdateJob.previousPasswords.rootPassword -}}
+        {{- /* The secret with the new password is managed externally */ -}}
+        {{- printf "%s-previous-secret" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" -}}
+    {{- else -}}
+        {{- /* The secret with the new password is managed by the helm chart. We use the current secret name as it has the old password */ -}}
+        {{- include "common.names.fullname" . -}}
+    {{- end -}}
+{{- end -}}
+
+{{/*
+Return the secret with new MongoDB credentials
+*/}}
+{{- define "mongodb.update-job.newSecretName" -}}
+    {{- if and (not .Values.passwordUpdateJob.previousPasswords.existingSecret) (not .Values.passwordUpdateJob.previousPasswords.rootPassword) -}}
+        {{- /* The secret with the new password is managed by the helm chart. We create a new secret as the current one has the old password */ -}}
+        {{- printf "%s-new-secret" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" -}}
+    {{- else -}}
+        {{- /* The secret with the new password is managed externally */ -}}
+        {{- include "mongodb.secretName" . -}}
+    {{- end -}}
+{{- end -}}
+
  {{/*
  Get the initialization scripts ConfigMap name.
  */}}
  {{- define "mongodb.initdbScriptsCM" -}}
  {{- if .Values.initdbScriptsConfigMap -}}
-{{- printf "%s" .Values.initdbScriptsConfigMap -}}
+{{- printf "%s" (tpl .Values.initdbScriptsConfigMap $) -}}
  {{- else -}}
  {{- printf "%s-init-scripts" (include "mongodb.fullname" .) -}}
  {{- end -}}
  {{- end -}}
  
+{{/*
+Get initial primary host to configure MongoDB cluster.
+*/}}
+{{- define "mongodb.initialPrimaryHost" -}}
+{{ ternary ( printf "%s-0.%s.$(MY_POD_NAMESPACE).svc.%s" (include "mongodb.fullname" .) (include "mongodb.service.nameOverride" .) .Values.clusterDomain ) ( first .Values.externalAccess.service.publicNames ) ( empty .Values.externalAccess.service.publicNames ) }}
+{{- end -}}
+
+{{/*
+Init container definition to change/establish volume permissions.
+*/}}
+{{- define "mongodb.initContainer.volumePermissions" }}
+- name: volume-permissions
+  image: {{ include "mongodb.volumePermissions.image" . }}
+  imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
+  command:
+    - /bin/bash
+  args:
+    - -ec
+    - |
+      mkdir -p {{ printf "%s/%s" .Values.persistence.mountPath (default "" .Values.persistence.subPath) }}
+      chown {{ .Values.containerSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }} {{ printf "%s/%s" .Values.persistence.mountPath (default "" .Values.persistence.subPath) }}
+      find  {{ printf "%s/%s" .Values.persistence.mountPath (default "" .Values.persistence.subPath) }} -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R {{ .Values.containerSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }}
+  {{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }}
+  securityContext: {{- omit .Values.volumePermissions.securityContext "runAsUser" | toYaml | nindent 12 }}
+  {{- else }}
+  securityContext: {{- .Values.volumePermissions.securityContext | toYaml | nindent 12 }}
+  {{- end }}
+  {{- if .Values.volumePermissions.resources }}
+  resources: {{- include "common.tplvalues.render" (dict "value" .Values.volumePermissions.resources "context" $) | nindent 12 }}
+  {{- else if ne .Values.volumePermissions.resourcesPreset "none" }}
+  resources: {{- include "common.resources.preset" (dict "type" .Values.volumePermissions.resourcesPreset) | nindent 12 }}
+  {{- end }}
+  volumeMounts:
+    - name: empty-dir
+      mountPath: /tmp
+      subPath: tmp-dir
+    - name: {{ .Values.persistence.name | default "datadir" }}
+      mountPath: {{ .Values.persistence.mountPath }}
+{{- end -}}
+
+{{/*
+Init container definition to recover log dir.
+*/}}
+{{- define "mongodb.initContainer.prepareLogDir" }}
+- name: log-dir
+  image: {{ include "mongodb.image" . }}
+  imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
+  command:
+    - /bin/bash
+  args:
+    - -ec
+    - |
+      ln -sf /dev/stdout "/opt/bitnami/mongodb/logs/mongodb.log"
+  {{- if .Values.containerSecurityContext.enabled }}
+  securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.containerSecurityContext "context" $) | nindent 12 }}
+  {{- end }}
+  {{- if .Values.resources }}
+  resources: {{- include "common.tplvalues.render" (dict "value" .Values.resources "context" $) | nindent 12 }}
+  {{- else if ne .Values.resourcesPreset "none" }}
+  resources: {{- include "common.resources.preset" (dict "type" .Values.resourcesPreset) | nindent 12 }}
+  {{- end }}
+  volumeMounts:
+    - name: empty-dir
+      mountPath: /opt/bitnami/mongodb/logs
+      subPath: app-logs-dir
+{{- end -}}
+
+{{/*
+Init container definition to get external IP addresses.
+*/}}
+{{- define "mongodb.initContainers.autoDiscovery" -}}
+- name: auto-discovery
+  image: {{ include "mongodb.externalAccess.autoDiscovery.image" . }}
+  imagePullPolicy: {{ .Values.externalAccess.autoDiscovery.image.pullPolicy | quote }}
+  # We need the service account token for contacting the k8s API
+  command:
+    - /scripts/auto-discovery.sh
+  env:
+    - name: MY_POD_NAME
+      valueFrom:
+        fieldRef:
+          fieldPath: metadata.name
+    - name: SHARED_FILE
+      value: "/shared/info.txt"
+  {{- if .Values.externalAccess.autoDiscovery.resources }}
+  resources: {{- include "common.tplvalues.render" (dict "value" .Values.externalAccess.autoDiscovery.resources "context" $) | nindent 12 }}
+  {{- else if ne .Values.externalAccess.autoDiscovery.resourcesPreset "none" }}
+  resources: {{- include "common.resources.preset" (dict "type" .Values.externalAccess.autoDiscovery.resourcesPreset) | nindent 12 }}
+  {{- end }}
+  volumeMounts:
+    - name: shared
+      mountPath: /shared
+    - name: scripts
+      mountPath: /scripts/auto-discovery.sh
+      subPath: auto-discovery.sh
+    - name: empty-dir
+      mountPath: /tmp
+      subPath: tmp-dir
+{{- end -}}
+
+{{/*
+Init container definition to wait external DNS names.
+*/}}
+{{- define "mongodb.initContainers.dnsCheck" -}}
+- name: dns-check
+  image: {{ include "mongodb.externalAccess.dnsCheck.image" . }}
+  imagePullPolicy: {{ .Values.externalAccess.dnsCheck.image.pullPolicy | quote }}
+  command:
+    - /bin/bash
+  args:
+    - -ec
+    - |
+      # MONGODB_INITIAL_PRIMARY_HOST should be resolvable
+      while ! (getent ahosts "{{ include "mongodb.initialPrimaryHost" . }}" | grep STREAM); do
+        sleep 10
+      done
+  {{- if .Values.containerSecurityContext.enabled }}
+  securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.containerSecurityContext "context" $) | nindent 12 }}
+  {{- end }}
+  {{- if .Values.externalAccess.dnsCheck.resources }}
+  resources: {{- toYaml .Values.externalAccess.dnsCheck.resources | nindent 12 }}
+  {{- else if ne .Values.externalAccess.dnsCheck.resourcesPreset "none" }}
+  resources: {{- include "common.resources.preset" (dict "type" .Values.externalAccess.dnsCheck.resourcesPreset) | nindent 12 }}
+  {{- end }}
+{{- end -}}
+
  {{/*
  Return true if the Arbiter should be deployed
  */}}
@@ -294,6 +476,7 @@ Compile all warnings into a single message, and call fail.
  {{- $messages := append $messages (include "mongodb.validateValues.loadBalancerIPsListLength" .) -}}
  {{- $messages := append $messages (include "mongodb.validateValues.nodePortListLength" .) -}}
  {{- $messages := append $messages (include "mongodb.validateValues.externalAccessAutoDiscoveryRBAC" .) -}}
+{{- $messages := append $messages (include "mongodb.validateValues.externalAccessAutoDiscoverySA" .) -}}
  {{- $messages := append $messages (include "mongodb.validateValues.replicaset.existingSecrets" .) -}}
  {{- $messages := append $messages (include "mongodb.validateValues.hidden.existingSecrets" .) -}}
  {{- $messages := without $messages "" -}}
@@ -364,9 +547,18 @@ Validate values of MongoDB&reg; - number of replicas must be the same than LoadB
  {{- define "mongodb.validateValues.loadBalancerIPsListLength" -}}
  {{- $replicaCount := int .Values.replicaCount }}
  {{- $loadBalancerListLength := len .Values.externalAccess.service.loadBalancerIPs }}
-{{- if and (eq .Values.architecture "replicaset") .Values.externalAccess.enabled (not .Values.externalAccess.autoDiscovery.enabled ) (eq .Values.externalAccess.service.type "LoadBalancer") (not (eq $replicaCount $loadBalancerListLength )) -}}
+{{- $publicNamesListLength := len .Values.externalAccess.service.publicNames }}
+{{- if and (eq .Values.architecture "replicaset") .Values.externalAccess.enabled (eq .Values.externalAccess.service.type "LoadBalancer") -}}
+{{- if and (not .Values.externalAccess.autoDiscovery.enabled) (eq $loadBalancerListLength 0) (eq $publicNamesListLength 0) -}}
+mongodb: .Values.externalAccess.service.loadBalancerIPs, .Values.externalAccess.service.publicNames
+    externalAccess.service.loadBalancerIPs, externalAccess.service.publicNames or externalAccess.autoDiscovery.enabled are required when externalAccess is enabled.
+{{- else if and (not .Values.externalAccess.autoDiscovery.enabled) (not (eq $replicaCount $loadBalancerListLength )) (not (eq $loadBalancerListLength 0)) -}}
  mongodb: .Values.externalAccess.service.loadBalancerIPs
-    Number of replicas and loadBalancerIPs array length must be the same.
+    Number of replicas ({{ $replicaCount }}) and loadBalancerIPs array length ({{ $loadBalancerListLength }}) must be the same.
+{{- else if and (not .Values.externalAccess.autoDiscovery.enabled) (not (eq $replicaCount $publicNamesListLength )) (not (eq $publicNamesListLength 0)) -}}
+mongodb: .Values.externalAccess.service.publicNames
+    Number of replicas ({{ $replicaCount }}) and publicNames array length ({{ $publicNamesListLength }}) must be the same.
+{{- end -}}
  {{- end -}}
  {{- end -}}
  
@@ -376,9 +568,14 @@ Validate values of MongoDB&reg; - number of replicas must be the same than NodeP
  {{- define "mongodb.validateValues.nodePortListLength" -}}
  {{- $replicaCount := int .Values.replicaCount }}
  {{- $nodePortListLength := len .Values.externalAccess.service.nodePorts }}
-{{- if and (eq .Values.architecture "replicaset") .Values.externalAccess.enabled (eq .Values.externalAccess.service.type "NodePort") (not (eq $replicaCount $nodePortListLength )) -}}
+{{- if and (eq .Values.architecture "replicaset") .Values.externalAccess.enabled (eq .Values.externalAccess.service.type "NodePort") -}}
+{{- if and (not .Values.externalAccess.autoDiscovery.enabled) (eq $nodePortListLength 0) -}}
+mongodb: .Values.externalAccess.service.nodePorts
+    externalAccess.service.nodePorts or externalAccess.autoDiscovery.enabled are required when externalAccess is enabled.
+{{- else if and (not .Values.externalAccess.autoDiscovery.enabled) (not (eq $replicaCount $nodePortListLength )) -}}
  mongodb: .Values.externalAccess.service.nodePorts
-    Number of replicas and nodePorts array length must be the same.
+    Number of replicas ({{ $replicaCount }}) and nodePorts ({{ $nodePortListLength }}) array length must be the same.
+{{- end -}}
  {{- end -}}
  {{- end -}}
  
@@ -395,6 +592,19 @@ mongodb: rbac.create
  {{- end -}}
  {{- end -}}
  
+{{/*
+Validate values of MongoDB&reg; - automountServiceAccountToken should be enabled when autoDiscovery is enabled
+*/}}
+{{- define "mongodb.validateValues.externalAccessAutoDiscoverySA" -}}
+{{- if and (eq .Values.architecture "replicaset") .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled (not .Values.automountServiceAccountToken ) }}
+mongodb: automountServiceAccountToken
+    By specifying "externalAccess.enabled=true" and "externalAccess.autoDiscovery.enabled=true"
+    an initContainer will be used to autodetect the external IPs/ports by querying the
+    K8s API. Please note this initContainer requires a service account to access K8S API.
+    You can attach it to the pod by specifying "--set automountServiceAccountToken=true".
+{{- end -}}
+{{- end -}}
+
  {{/*
  Validate values of MongoDB&reg; - Number of replicaset secrets must be the same than number of replicaset nodes.
  */}}
@@ -434,24 +644,13 @@ Validate values of MongoDB&reg; exporter URI string - auth.enabled and/or tls.en
      {{- end -}}
      {{- if .Values.metrics.username -}}
          {{- $uriAuth := ternary "$(echo $MONGODB_METRICS_USERNAME | sed -r \"s/@/%40/g;s/:/%3A/g\"):$(echo $MONGODB_METRICS_PASSWORD | sed -r \"s/@/%40/g;s/:/%3A/g\")@" "" .Values.auth.enabled -}}
-        {{- printf "mongodb://%slocalhost:%d/admin?%s" $uriAuth (int .Values.containerPorts.mongodb) $tlsArgs -}}
+        {{- printf "mongodb://%s$(hostname -s):%d/admin?%s" $uriAuth (int .Values.containerPorts.mongodb) $tlsArgs -}}
      {{- else -}}
          {{- $uriAuth := ternary "$MONGODB_ROOT_USER:$(echo $MONGODB_ROOT_PASSWORD | sed -r \"s/@/%40/g;s/:/%3A/g\")@" "" .Values.auth.enabled -}}
-        {{- printf "mongodb://%slocalhost:%d/admin?%s" $uriAuth (int .Values.containerPorts.mongodb) $tlsArgs -}}
+        {{- printf "mongodb://%s$(hostname -s):%d/admin?%s" $uriAuth (int .Values.containerPorts.mongodb) $tlsArgs -}}
      {{- end -}}
  {{- end -}}
  
-{{/*
-Return the appropriate apiGroup for PodSecurityPolicy.
-*/}}
-{{- define "podSecurityPolicy.apiGroup" -}}
-{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
-{{- print "policy" -}}
-{{- else -}}
-{{- print "extensions" -}}
-{{- end -}}
-{{- end -}}
-
  {{/*
  Return true if a TLS secret object should be created
  */}}
diff --git a/kubernetes/common/mongodb/templates/arbiter/configmap.yaml b/kubernetes/common/mongodb/templates/arbiter/configmap.yaml

index 79fbfe5..a3b3f4c 100644 (file)
--- a/kubernetes/common/mongodb/templates/arbiter/configmap.yaml
+++ b/kubernetes/common/mongodb/templates/arbiter/configmap.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
diff --git a/kubernetes/common/mongodb/templates/arbiter/headless-svc.yaml b/kubernetes/common/mongodb/templates/arbiter/headless-svc.yaml

index 003bebb..088eaf4 100644 (file)
--- a/kubernetes/common/mongodb/templates/arbiter/headless-svc.yaml
+++ b/kubernetes/common/mongodb/templates/arbiter/headless-svc.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
diff --git a/kubernetes/common/mongodb/templates/arbiter/pdb.yaml b/kubernetes/common/mongodb/templates/arbiter/pdb.yaml

index 37b5c19..0799eea 100644 (file)
--- a/kubernetes/common/mongodb/templates/arbiter/pdb.yaml
+++ b/kubernetes/common/mongodb/templates/arbiter/pdb.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -18,8 +18,8 @@ spec:
    {{- if .Values.arbiter.pdb.minAvailable }}
    minAvailable: {{ .Values.arbiter.pdb.minAvailable }}
    {{- end }}
-  {{- if .Values.arbiter.pdb.maxUnavailable }}
-  maxUnavailable: {{ .Values.arbiter.pdb.maxUnavailable }}
+  {{- if or .Values.arbiter.pdb.maxUnavailable (not .Values.arbiter.pdb.minAvailable) }}
+  maxUnavailable: {{ .Values.arbiter.pdb.maxUnavailable | default 1 }}
    {{- end }}
    {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.arbiter.podLabels .Values.commonLabels ) "context" . ) }}
    selector:
diff --git a/kubernetes/common/mongodb/templates/arbiter/statefulset.yaml b/kubernetes/common/mongodb/templates/arbiter/statefulset.yaml

index ee033e9..d89d583 100644 (file)
--- a/kubernetes/common/mongodb/templates/arbiter/statefulset.yaml
+++ b/kubernetes/common/mongodb/templates/arbiter/statefulset.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -19,6 +19,7 @@ metadata:
  spec:
    serviceName: {{ include "mongodb.arbiter.service.nameOverride" . }}
    podManagementPolicy: {{ .Values.arbiter.podManagementPolicy }}
+  replicas: 1
    {{- if .Values.arbiter.updateStrategy }}
    updateStrategy: {{- toYaml .Values.arbiter.updateStrategy | nindent 4 }}
    {{- end }}
@@ -30,11 +31,14 @@ spec:
      metadata:
        labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }}
          app.kubernetes.io/component: arbiter
-      {{- if or (include "mongodb.arbiter.createConfigmap" .) .Values.arbiter.podAnnotations }}
+      {{- if or (include "mongodb.arbiter.createConfigmap" .) .Values.arbiter.podAnnotations .Values.passwordUpdateJob.enabled }}
        annotations:
          {{- if (include "mongodb.arbiter.createConfigmap" .) }}
          checksum/configuration: {{ include (print $.Template.BasePath "/arbiter/configmap.yaml") . | sha256sum }}
          {{- end }}
+        {{- if .Values.passwordUpdateJob.enabled }}
+        charts.bitnami.com/password-last-update: {{ now | date "20060102150405" | quote }}
+        {{- end }}
          {{- if .Values.arbiter.podAnnotations }}
          {{- include "common.tplvalues.render" (dict "value" .Values.arbiter.podAnnotations "context" $) | nindent 8 }}
          {{- end }}
@@ -49,8 +53,8 @@ spec:
        affinity: {{- include "common.tplvalues.render" (dict "value" .Values.arbiter.affinity "context" $) | nindent 8 }}
        {{- else }}
        affinity:
-        podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.arbiter.podAffinityPreset "component" "arbiter" "customLabels" $podLabels "topologyKey" .Values.topologyKey "context" $) | nindent 10 }}
-        podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.arbiter.podAntiAffinityPreset "component" "arbiter" "customLabels" $podLabels "topologyKey" .Values.topologyKey "context" $) | nindent 10 }}
+        podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.arbiter.podAffinityPreset "component" "mongodb" "customLabels" $podLabels "topologyKey" .Values.topologyKey "context" $) | nindent 10 }}
+        podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.arbiter.podAntiAffinityPreset "component" "mongodb" "customLabels" $podLabels "topologyKey" .Values.topologyKey "context" $) | nindent 10 }}
          nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.arbiter.nodeAffinityPreset.type "key" .Values.arbiter.nodeAffinityPreset.key "values" .Values.arbiter.nodeAffinityPreset.values) | nindent 10 }}
        {{- end }}
        {{- if .Values.arbiter.nodeSelector }}
@@ -73,7 +77,7 @@ spec:
        runtimeClassName: {{ .Values.arbiter.runtimeClassName }}
        {{- end }}
        {{- if .Values.arbiter.podSecurityContext.enabled }}
-      securityContext: {{- omit .Values.arbiter.podSecurityContext "enabled" | toYaml | nindent 8 }}
+      securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.arbiter.podSecurityContext "context" $) | nindent 8 }}
        {{- end }}
        {{ if .Values.arbiter.terminationGracePeriodSeconds }}
        terminationGracePeriodSeconds: {{ .Values.arbiter.terminationGracePeriodSeconds }}
@@ -83,6 +87,9 @@ spec:
          {{- if .Values.arbiter.initContainers }}
          {{- include "common.tplvalues.render" (dict "value" .Values.arbiter.initContainers "context" $) | nindent 8 }}
          {{- end }}
+        {{- if and .Values.externalAccess.enabled .Values.externalAccess.service.publicNames }}
+        {{- include "mongodb.initContainers.dnsCheck" . | nindent 8 }}
+        {{- end }}
          {{- if and .Values.tls.enabled .Values.arbiter.enabled }}
          - name: generate-tls-certs
            image: {{ include "mongodb.tls.image" . }}
@@ -125,7 +132,7 @@ spec:
            image: {{ include "mongodb.image" . }}
            imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
            {{- if .Values.arbiter.containerSecurityContext.enabled }}
-          securityContext: {{- omit .Values.arbiter.containerSecurityContext "enabled" | toYaml | nindent 12 }}
+          securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.arbiter.containerSecurityContext "context" $) | nindent 12 }}
            {{- end }}
            {{- if .Values.diagnosticMode.enabled }}
            command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
@@ -151,16 +158,14 @@ spec:
                valueFrom:
                  fieldRef:
                    fieldPath: metadata.namespace
-            - name: K8S_SERVICE_NAME
-              value: "{{ include "mongodb.arbiter.service.nameOverride" . }}"
              - name: MONGODB_REPLICA_SET_MODE
                value: "arbiter"
              - name: MONGODB_INITIAL_PRIMARY_HOST
-              value: {{ printf "%s-0.%s.$(MY_POD_NAMESPACE).svc.%s" (include "mongodb.fullname" .) (include "mongodb.service.nameOverride" .) .Values.clusterDomain }}
+              value: {{ include "mongodb.initialPrimaryHost" . | quote }}
              - name: MONGODB_REPLICA_SET_NAME
                value: {{ .Values.replicaSetName | quote }}
              - name: MONGODB_ADVERTISED_HOSTNAME
-              value: "$(MY_POD_NAME).$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.{{ .Values.clusterDomain }}"
+              value: "$(MY_POD_NAME).{{ include "mongodb.arbiter.service.nameOverride" . }}.$(MY_POD_NAMESPACE).svc.{{ .Values.clusterDomain }}"
              - name: MONGODB_PORT_NUMBER
                value: {{ .Values.arbiter.containerPorts.mongodb | quote }}
              - name: MONGODB_ENABLE_IPV6
@@ -168,6 +173,12 @@ spec:
              {{- if .Values.auth.enabled }}
              - name: MONGODB_INITIAL_PRIMARY_ROOT_USER
                value: {{ .Values.auth.rootUser | quote }}
+            {{- if .Values.usePasswordFiles }}
+            - name: MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD_FILE
+              value: "/opt/bitnami/mongodb/secrets/mongodb-root-password"
+            - name: MONGODB_REPLICA_SET_KEY_FILE
+              value: "/opt/bitnami/mongodb/secrets/mongodb-replica-set-key"
+            {{- else }}
              - name: MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD
                valueFrom:
                  secretKeyRef:
@@ -179,6 +190,7 @@ spec:
                    name: {{ include "mongodb.secretName" . }}
                    key: mongodb-replica-set-key
              {{- end }}
+            {{- end }}
              - name: ALLOW_EMPTY_PASSWORD
                value: {{ ternary "no" "yes" .Values.auth.enabled | quote }}
              {{- $extraFlags := .Values.arbiter.extraFlags | join " " -}}
@@ -218,8 +230,10 @@ spec:
            livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.arbiter.customLivenessProbe "context" $) | nindent 12 }}
            {{- else if .Values.arbiter.livenessProbe.enabled }}
            livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.arbiter.livenessProbe "enabled") "context" $) | nindent 12 }}
-            tcpSocket:
-              port: mongodb
+            exec:
+              command:
+                - pgrep
+                - mongod
            {{- end }}
            {{- if .Values.arbiter.customReadinessProbe }}
            readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.arbiter.customReadinessProbe "context" $) | nindent 12 }}
@@ -232,12 +246,13 @@ spec:
            startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.arbiter.customStartupProbe "context" $) | nindent 12 }}
            {{- else if .Values.arbiter.startupProbe.enabled }}
            startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.arbiter.startupProbe "enabled") "context" $) | nindent 12 }}
-            tcpSocket:
-              port: mongodb
+            exec:
+              command:
+                - /bitnami/scripts/startup-probe.sh
            {{- end }}
            {{- end }}
            {{- if .Values.arbiter.resources }}
-          resources: {{- toYaml .Values.arbiter.resources | nindent 12 }}
+          resources: {{- include "common.tplvalues.render" (dict "value" .Values.arbiter.resources "context" $) | nindent 12 }}
            {{- else if ne .Values.arbiter.resourcesPreset "none" }}
            resources: {{- include "common.resources.preset" (dict "type" .Values.arbiter.resourcesPreset) | nindent 12 }}
            {{- end }}
@@ -257,6 +272,10 @@ spec:
              - name: empty-dir
                mountPath: /bitnami/mongodb
                subPath: app-volume-dir
+            {{- if and .Values.usePasswordFiles .Values.auth.enabled }}
+            - name: mongodb-secrets
+              mountPath: /opt/bitnami/mongodb/secrets
+            {{- end }}
              {{- if or .Values.arbiter.configuration .Values.arbiter.existingConfigmap }}
              - name: config
                mountPath: /opt/bitnami/mongodb/conf/mongodb.conf
@@ -276,11 +295,16 @@ spec:
          - name: empty-dir
            emptyDir:
              sizeLimit: {{ .Values.arbiter.emptyDir.sizeLimit }}
-      {{- if or .Values.arbiter.configuration .Values.arbiter.existingConfigmap .Values.arbiter.extraVolumes .Values.tls.enabled }}
+        {{- if and .Values.usePasswordFiles .Values.auth.enabled }}
+        - name: mongodb-secrets
+          secret:
+            secretName: {{ include "mongodb.secretName" . }}
+        {{- end }}
+        {{- if or .Values.arbiter.configuration .Values.arbiter.existingConfigmap .Values.arbiter.extraVolumes .Values.tls.enabled }}
          - name: common-scripts
            configMap:
              name: {{ printf "%s-common-scripts" (include "mongodb.fullname" .) }}
-            defaultMode: 0555
+            defaultMode: 0o555
          {{- if or .Values.arbiter.configuration .Values.arbiter.existingConfigmap }}
          - name: config
            configMap:
@@ -297,10 +321,10 @@ spec:
              items:
              - key: mongodb-ca-cert
                path: mongodb-ca-cert
-              mode: 0600
+              mode: 0o600
              - key: mongodb-ca-key
                path: mongodb-ca-key
-              mode: 0600
+              mode: 0o600
          {{- else }}
          - name: mongodb-certs-0
            secret:
diff --git a/kubernetes/common/mongodb/templates/backup/cronjob.yaml b/kubernetes/common/mongodb/templates/backup/cronjob.yaml

index b1d0b58..a4bd564 100644 (file)
--- a/kubernetes/common/mongodb/templates/backup/cronjob.yaml
+++ b/kubernetes/common/mongodb/templates/backup/cronjob.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -28,6 +28,9 @@ metadata:
    {{- end }}
  spec:
    schedule: {{ quote .Values.backup.cronjob.schedule }}
+  {{- if .Values.backup.cronjob.timeZone }}
+  timeZone: {{ .Values.backup.cronjob.timeZone | quote }}
+  {{- end }}
    concurrencyPolicy: {{ .Values.backup.cronjob.concurrencyPolicy }}
    failedJobsHistoryLimit: {{ .Values.backup.cronjob.failedJobsHistoryLimit }}
    successfulJobsHistoryLimit: {{ .Values.backup.cronjob.successfulJobsHistoryLimit }}
@@ -36,6 +39,9 @@ spec:
    {{- end }}
    jobTemplate:
      spec:
+      {{- if .Values.backup.cronjob.backoffLimit }}
+      backoffLimit: {{ .Values.backup.cronjob.backoffLimit }}
+      {{- end }}
        {{- if .Values.backup.cronjob.ttlSecondsAfterFinished }}
        ttlSecondsAfterFinished: {{ .Values.backup.cronjob.ttlSecondsAfterFinished }}
        {{- end }}
@@ -61,7 +67,7 @@ spec:
          spec:
            {{- include "mongodb.imagePullSecrets" . | nindent 10 }}
            {{- if .Values.podSecurityContext.enabled }}
-          securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 12 }}
+          securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.podSecurityContext "context" $) | nindent 12 }}
            {{- end }}
            enableServiceLinks: {{ .Values.enableServiceLinks }}
            {{- if .Values.tls.enabled }}
@@ -100,11 +106,11 @@ spec:
                  {{- if .Values.externalAccess.service.loadBalancerIPs }}
                  - -i {{ join "," .Values.externalAccess.service.loadBalancerIPs }}
                  {{- end }}
-                {{- if .Values.tls.extraDnsNames }}
-                - -n {{ join "," .Values.tls.extraDnsNames }}
+                {{- if or .Values.tls.extraDnsNames .Values.externalAccess.service.publicNames }}
+                - -n {{ join "," ( concat .Values.tls.extraDnsNames .Values.externalAccess.service.publicNames ) }}
                  {{- end }}
                {{- if .Values.tls.resources }}
-              resources: {{- toYaml .Values.tls.resources | nindent 16 }}
+              resources: {{- include "common.tplvalues.render" (dict "value" .Values.tls.resources "context" $) | nindent 12 }}
                {{- else if ne .Values.tls.resourcesPreset "none" }}
                resources: {{- include "common.resources.preset" (dict "type" .Values.tls.resourcesPreset) | nindent 16 }}
                {{- end }}
@@ -114,15 +120,20 @@ spec:
              image: {{ include "mongodb.image" . }}
              imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
              env:
-            {{- if .Values.auth.enabled }}
+              {{- if .Values.auth.enabled }}
                - name: MONGODB_ROOT_USER
                  value: {{ .Values.auth.rootUser | quote }}
+              {{- if .Values.usePasswordFiles }}
+              - name: MONGODB_ROOT_PASSWORD_FILE
+                value: "/opt/bitnami/mongodb/secrets/mongodb-root-password"
+              {{- else }}
                - name: MONGODB_ROOT_PASSWORD
                  valueFrom:
                    secretKeyRef:
                      name: {{ include "mongodb.secretName" . }}
                      key: mongodb-root-password
-            {{- end }}
+              {{- end }}
+              {{- end }}
                - name: MONGODB_SERVICE_NAME
                  value: {{ include "mongodb.service.nameOverride" . }}
                - name: MONGODB_PORT_NUMBER
@@ -137,14 +148,27 @@ spec:
              command: {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.command "context" $) | nindent 14 }}
              {{- else }}
              command:
-              - /bin/sh
+              - /bin/bash
                - -c
-              - "mongodump {{- if .Values.auth.enabled }} --username=${MONGODB_ROOT_USER} --password=${MONGODB_ROOT_PASSWORD} --authenticationDatabase=admin {{- end }} --host=${MONGODB_SERVICE_NAME} --port=${MONGODB_PORT_NUMBER} ${MONGODB_CLIENT_EXTRA_FLAGS} {{- if (eq $.Values.architecture "replicaset") }}--oplog{{- end }} --gzip --archive=${MONGODUMP_DIR}/mongodump-$(date '+%Y-%m-%d-%H-%M').gz"
+              - |
+                {{- if and .Values.auth.enabled .Values.usePasswordFiles }}
+                export MONGODB_ROOT_PASSWORD="$(< $MONGODB_ROOT_PASSWORD_FILE)"
+                {{- end }}
+                mongodump {{- if .Values.auth.enabled }} --username=${MONGODB_ROOT_USER} --password=${MONGODB_ROOT_PASSWORD} --authenticationDatabase=admin {{- end }} --host=${MONGODB_SERVICE_NAME} --port=${MONGODB_PORT_NUMBER} ${MONGODB_CLIENT_EXTRA_FLAGS} {{- if (eq $.Values.architecture "replicaset") }}--oplog{{- end }} --gzip --archive=${MONGODUMP_DIR}/mongodump-$(date '+%Y-%m-%d-%H-%M').gz
+            {{- end }}
+            {{- if .Values.backup.cronjob.resources }}
+            resources: {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.resources "context" $) | nindent 14 }}
+            {{- else if ne .Values.backup.cronjob.resourcesPreset "none" }}
+            resources: {{- include "common.resources.preset" (dict "type" .Values.backup.cronjob.resourcesPreset) | nindent 14 }}
              {{- end }}
              volumeMounts:
                - name: empty-dir
                  mountPath: /tmp
                  subPath: tmp-dir
+              {{- if and .Values.usePasswordFiles .Values.auth.enabled }}
+              - name: mongodb-secrets
+                mountPath: /opt/bitnami/mongodb/secrets
+              {{- end }}
                {{- if .Values.tls.enabled }}
                - name: certs
                  mountPath: /certs
@@ -171,7 +195,12 @@ spec:
              - name: common-scripts
                configMap:
                  name: {{ printf "%s-common-scripts" (include "mongodb.fullname" .) }}
-                defaultMode: 0550
+                defaultMode: 0o550
+            {{- if and .Values.usePasswordFiles .Values.auth.enabled }}
+            - name: mongodb-secrets
+              secret:
+                secretName: {{ include "mongodb.secretName" . }}
+            {{- end }}
              {{- if .Values.tls.enabled }}
              - name: certs
                emptyDir:
@@ -183,10 +212,10 @@ spec:
                  items:
                  - key: mongodb-ca-cert
                    path: mongodb-ca-cert
-                  mode: 0600
+                  mode: 0o600
                  - key: mongodb-ca-key
                    path: mongodb-ca-key
-                  mode: 0600
+                  mode: 0o600
              {{- else }}
              - name: mongodb-certs-0
                secret:
diff --git a/kubernetes/common/mongodb/templates/backup/pvc.yaml b/kubernetes/common/mongodb/templates/backup/pvc.yaml

index caefc05..583ea41 100644 (file)
--- a/kubernetes/common/mongodb/templates/backup/pvc.yaml
+++ b/kubernetes/common/mongodb/templates/backup/pvc.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
diff --git a/kubernetes/common/mongodb/templates/common-scripts-cm.yaml b/kubernetes/common/mongodb/templates/common-scripts-cm.yaml

index bf5fead..6f65de4 100644 (file)
--- a/kubernetes/common/mongodb/templates/common-scripts-cm.yaml
+++ b/kubernetes/common/mongodb/templates/common-scripts-cm.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -19,7 +19,7 @@ data:
      #!/bin/bash
      {{- if .Values.tls.enabled }}
      # Probes are using localhost/127.0.0.1 to tests if the service is up, ready or healthy. If TLS is enabled, we shouldn't validate the certificate hostname.
-    TLS_OPTIONS='--tls {{ if .Values.tls.mTLS.enabled }}--tlsCertificateKeyFile=/certs/mongodb.pem {{ end }}--tlsCAFile=/certs/mongodb-ca-cert--tlsAllowInvalidHostnames'
+    TLS_OPTIONS='--tls {{ if .Values.tls.mTLS.enabled }}--tlsCertificateKeyFile=/certs/mongodb.pem {{ end }}--tlsCAFile=/certs/mongodb-ca-cert --tlsAllowInvalidHostnames'
      {{- end }}
      exec mongosh  $TLS_OPTIONS --port $MONGODB_PORT_NUMBER --eval 'if (!(db.hello().isWritablePrimary || db.hello().secondary)) { throw new Error("Not ready") }'
    readiness-probe.sh: |
@@ -81,9 +81,6 @@ data:
      {{- else }}
      DNS.3 = $svc.$MY_POD_NAMESPACE.svc.{{ .Values.clusterDomain }}
      {{- end }}
-    DNS.4 = localhost
-    IP.0 = ${MY_POD_HOST_IP}
-    IP.1 = 127.0.0.1
      EOL
      index=2
      for ip in "${additional_ips[@]}"; do
diff --git a/kubernetes/common/mongodb/templates/configmap.yaml b/kubernetes/common/mongodb/templates/configmap.yaml

index 7d11e08..0110445 100644 (file)
--- a/kubernetes/common/mongodb/templates/configmap.yaml
+++ b/kubernetes/common/mongodb/templates/configmap.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
diff --git a/kubernetes/common/mongodb/templates/extra-list.yaml b/kubernetes/common/mongodb/templates/extra-list.yaml

index 2d35a58..329f5c6 100644 (file)
--- a/kubernetes/common/mongodb/templates/extra-list.yaml
+++ b/kubernetes/common/mongodb/templates/extra-list.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
diff --git a/kubernetes/common/mongodb/templates/hidden/configmap.yaml b/kubernetes/common/mongodb/templates/hidden/configmap.yaml

index a830873..fb26bdd 100644 (file)
--- a/kubernetes/common/mongodb/templates/hidden/configmap.yaml
+++ b/kubernetes/common/mongodb/templates/hidden/configmap.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
diff --git a/kubernetes/common/mongodb/templates/hidden/external-access-svc.yaml b/kubernetes/common/mongodb/templates/hidden/external-access-svc.yaml

index 6cbbb40..4cfa531 100644 (file)
--- a/kubernetes/common/mongodb/templates/hidden/external-access-svc.yaml
+++ b/kubernetes/common/mongodb/templates/hidden/external-access-svc.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
diff --git a/kubernetes/common/mongodb/templates/hidden/headless-svc.yaml b/kubernetes/common/mongodb/templates/hidden/headless-svc.yaml

index 49b6845..a2af519 100644 (file)
--- a/kubernetes/common/mongodb/templates/hidden/headless-svc.yaml
+++ b/kubernetes/common/mongodb/templates/hidden/headless-svc.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -7,7 +7,7 @@ SPDX-License-Identifier: APACHE-2.0
  apiVersion: v1
  kind: Service
  metadata:
-  name: {{ printf "%s-hidden-headless" (include "mongodb.fullname" .) }}
+  name: {{ include "mongodb.hidden.service.nameOverride" . }}
    namespace: {{ include "mongodb.namespace" . | quote }}
    labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
      app.kubernetes.io/component: hidden
diff --git a/kubernetes/common/mongodb/templates/hidden/pdb.yaml b/kubernetes/common/mongodb/templates/hidden/pdb.yaml

index 5420a93..9125067 100644 (file)
--- a/kubernetes/common/mongodb/templates/hidden/pdb.yaml
+++ b/kubernetes/common/mongodb/templates/hidden/pdb.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -18,8 +18,8 @@ spec:
    {{- if .Values.hidden.pdb.minAvailable }}
    minAvailable: {{ .Values.hidden.pdb.minAvailable }}
    {{- end }}
-  {{- if .Values.hidden.pdb.maxUnavailable }}
-  maxUnavailable: {{ .Values.hidden.pdb.maxUnavailable }}
+  {{- if or .Values.hidden.pdb.maxUnavailable (not .Values.hidden.pdb.minAvailable) }}
+  maxUnavailable: {{ .Values.hidden.pdb.maxUnavailable | default 1 }}
    {{- end }}
    {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.hidden.podLabels .Values.commonLabels ) "context" . ) }}
    selector:
diff --git a/kubernetes/common/mongodb/templates/hidden/statefulset.yaml b/kubernetes/common/mongodb/templates/hidden/statefulset.yaml

index 493c2b2..64b57f3 100644 (file)
--- a/kubernetes/common/mongodb/templates/hidden/statefulset.yaml
+++ b/kubernetes/common/mongodb/templates/hidden/statefulset.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -20,7 +20,7 @@ metadata:
    annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }}
    {{- end }}
  spec:
-  serviceName: {{ printf "%s-hidden-headless" (include "mongodb.fullname" .) }}
+  serviceName: {{ include "mongodb.hidden.service.nameOverride" . }}
    podManagementPolicy: {{ .Values.hidden.podManagementPolicy }}
    replicas: {{ .Values.hidden.replicaCount }}
    {{- if .Values.hidden.updateStrategy }}
@@ -34,11 +34,14 @@ spec:
      metadata:
        labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }}
          app.kubernetes.io/component: hidden
-      {{- if or (include "mongodb.hidden.createConfigmap" .) .Values.hidden.podAnnotations }}
+      {{- if or (include "mongodb.hidden.createConfigmap" .) .Values.hidden.podAnnotations .Values.passwordUpdateJob.enabled }}
        annotations:
          {{- if (include "mongodb.hidden.createConfigmap" .) }}
          checksum/configuration: {{ include (print $.Template.BasePath "/hidden/configmap.yaml") . | sha256sum }}
          {{- end }}
+        {{- if .Values.passwordUpdateJob.enabled }}
+        charts.bitnami.com/password-last-update: {{ now | date "20060102150405" | quote }}
+        {{- end }}
          {{- if .Values.hidden.podAnnotations }}
          {{- include "common.tplvalues.render" (dict "value" .Values.hidden.podAnnotations "context" $) | nindent 8 }}
          {{- end }}
@@ -77,46 +80,26 @@ spec:
        runtimeClassName: {{ .Values.hidden.runtimeClassName }}
        {{- end }}
        {{- if .Values.hidden.podSecurityContext.enabled }}
-      securityContext: {{- omit .Values.hidden.podSecurityContext "enabled" | toYaml | nindent 8 }}
+      securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.hidden.podSecurityContext "context" $) | nindent 8 }}
        {{- end }}
        {{ if .Values.hidden.terminationGracePeriodSeconds }}
        terminationGracePeriodSeconds: {{ .Values.hidden.terminationGracePeriodSeconds }}
        {{- end }}
        enableServiceLinks: {{ .Values.enableServiceLinks }}
-      {{- if or .Values.hidden.initContainers (and .Values.volumePermissions.enabled .Values.hidden.persistence.enabled) (and .Values.externalAccess.hidden.enabled .Values.externalAccess.autoDiscovery.enabled) .Values.tls.enabled }}
        initContainers:
          {{- if .Values.hidden.initContainers }}
          {{- include "common.tplvalues.render" (dict "value" .Values.hidden.initContainers "context" $) | nindent 8 }}
          {{- end }}
          {{- if and .Values.volumePermissions.enabled .Values.hidden.persistence.enabled }}
-        - name: volume-permissions
-          image: {{ include "mongodb.volumePermissions.image" . }}
-          imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
-          command:
-            - /bin/bash
-          args:
-            - -ec
-            - |
-              mkdir -p {{ printf "%s/%s" .Values.hidden.persistence.mountPath (default "" .Values.hidden.persistence.subPath) }}
-              chown {{ .Values.containerSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }} {{ printf "%s/%s" .Values.hidden.persistence.mountPath (default "" .Values.hidden.persistence.subPath) }}
-              find  {{ printf "%s/%s" .Values.hidden.persistence.mountPath (default "" .Values.hidden.persistence.subPath) }} -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R {{ .Values.containerSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }}
-          {{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }}
-          securityContext: {{- omit .Values.volumePermissions.securityContext "runAsUser" | toYaml | nindent 12 }}
-          {{- else }}
-          securityContext: {{- .Values.volumePermissions.securityContext | toYaml | nindent 12 }}
-          {{- end }}
-          {{- if .Values.volumePermissions.resources }}
-          resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
-          {{- else if ne .Values.volumePermissions.resourcesPreset "none" }}
-          resources: {{- include "common.resources.preset" (dict "type" .Values.volumePermissions.resourcesPreset) | nindent 12 }}
-          {{- end }}
-          volumeMounts:
-            - name: empty-dir
-              mountPath: /tmp
-              subPath: tmp-dir
-            - name: datadir
-              mountPath: {{ .Values.hidden.persistence.mountPath }}
+        {{- include "mongodb.initContainer.volumePermissions" . | indent 8 }}
          {{- end }}
+        {{- if and .Values.externalAccess.hidden.enabled .Values.externalAccess.autoDiscovery.enabled (eq .Values.externalAccess.hidden.service.type "LoadBalancer") }}
+        {{- include "mongodb.initContainers.autoDiscovery" . | indent 8 }}
+        {{- end }}
+        {{- if and .Values.externalAccess.enabled .Values.externalAccess.service.publicNames }}
+        {{- include "mongodb.initContainers.dnsCheck" . | indent 8 }}
+        {{- end }}
+        {{- include "mongodb.initContainer.prepareLogDir" . | nindent 8 }}
          {{- if .Values.tls.enabled }}
          - name: generate-tls-certs
            image: {{ include "mongodb.tls.image" . }}
@@ -154,56 +137,25 @@ spec:
            command:
              - /bitnami/scripts/generate-certs.sh
            args:
-            - -s {{ printf "%s-hidden-headless" (include "mongodb.fullname" .) }}
+            - -s {{ include "mongodb.hidden.service.nameOverride" . }}
              {{- if .Values.externalAccess.hidden.service.loadBalancerIPs }}
              - -i {{ join "," .Values.externalAccess.hidden.service.loadBalancerIPs }}
              {{- end }}
-            {{- if .Values.tls.extraDnsNames }}
-            - -n {{ join "," .Values.tls.extraDnsNames }}
+            {{- if or .Values.tls.extraDnsNames .Values.externalAccess.service.publicNames }}
+            - -n {{ join "," ( concat  .Values.tls.extraDnsNames .Values.externalAccess.service.publicNames ) }}
              {{- end }}
            {{- if .Values.tls.resources }}
-          resources: {{- toYaml .Values.tls.resources | nindent 12 }}
+          resources: {{- include "common.tplvalues.render" (dict "value" .Values.tls.resources "context" $) | nindent 12 }}
            {{- else if ne .Values.tls.resourcesPreset "none" }}
            resources: {{- include "common.resources.preset" (dict "type" .Values.tls.resourcesPreset) | nindent 12 }}
            {{- end }}
          {{- end }}
-        {{- if and .Values.externalAccess.hidden.enabled .Values.externalAccess.autoDiscovery.enabled (eq .Values.externalAccess.hidden.service.type "LoadBalancer") }}
-        - name: auto-discovery
-          image: {{ include "mongodb.externalAccess.autoDiscovery.image" . }}
-          imagePullPolicy: {{ .Values.externalAccess.autoDiscovery.image.pullPolicy | quote }}
-          command:
-            - /scripts/auto-discovery.sh
-          # We need the service account token for contacting the k8s API
-          automountServiceAccountToken: true
-          env:
-            - name: MY_POD_NAME
-              valueFrom:
-                fieldRef:
-                  fieldPath: metadata.name
-            - name: SHARED_FILE
-              value: "/shared/info.txt"
-          {{- if .Values.externalAccess.autoDiscovery.resources }}
-          resources: {{- toYaml .Values.externalAccess.autoDiscovery.resources | nindent 12 }}
-          {{- else if ne .Values.externalAccess.autoDiscovery.resourcesPreset "none" }}
-          resources: {{- include "common.resources.preset" (dict "type" .Values.externalAccess.autoDiscovery.resourcesPreset) | nindent 12 }}
-          {{- end }}
-          volumeMounts:
-            - name: shared
-              mountPath: /shared
-            - name: scripts
-              mountPath: /scripts/auto-discovery.sh
-              subPath: auto-discovery.sh
-            - name: empty-dir
-              mountPath: /tmp
-              subPath: tmp-dir
-        {{- end }}
-      {{- end }}
        containers:
          - name: mongodb
            image: {{ include "mongodb.image" . }}
            imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
            {{- if .Values.hidden.containerSecurityContext.enabled }}
-          securityContext: {{- omit .Values.hidden.containerSecurityContext "enabled" | toYaml | nindent 12 }}
+          securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.hidden.containerSecurityContext "context" $) | nindent 12 }}
            {{- end }}
            {{- if .Values.diagnosticMode.enabled }}
            command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
@@ -240,19 +192,15 @@ spec:
                valueFrom:
                  fieldRef:
                    fieldPath: metadata.namespace
-            - name: K8S_SERVICE_NAME
-              value: "{{ include "mongodb.service.nameOverride" . }}"
-            - name: K8S_HIDDEN_NODE_SERVICE_NAME
-              value: "{{ include "mongodb.fullname" . }}-hidden-headless"
              - name: MONGODB_REPLICA_SET_MODE
                value: "hidden"
              - name: MONGODB_INITIAL_PRIMARY_HOST
-              value: {{ printf "%s-0.$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.%s" (include "mongodb.fullname" .) .Values.clusterDomain }}
+              value: {{ include "mongodb.initialPrimaryHost" . | quote }}
              - name: MONGODB_REPLICA_SET_NAME
                value: {{ .Values.replicaSetName | quote }}
              {{- if and .Values.replicaSetHostnames (not .Values.externalAccess.hidden.enabled) }}
              - name: MONGODB_ADVERTISED_HOSTNAME
-              value: "$(MY_POD_NAME).$(K8S_HIDDEN_NODE_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.{{ .Values.clusterDomain }}"
+              value: "$(MY_POD_NAME).{{ include "mongodb.hidden.service.nameOverride" . }}.$(MY_POD_NAMESPACE).svc.{{ .Values.clusterDomain }}"
              {{- end }}
              {{- $customUsers := include "mongodb.customUsers" . -}}
              {{- $customDatabases := include "mongodb.customDatabases" . -}}
@@ -266,14 +214,25 @@ spec:
              {{- end }}
              {{- if .Values.auth.enabled }}
              {{- if and (not (empty $customUsers)) (not (empty $customDatabases)) }}
+            {{- if .Values.usePasswordFiles }}
+            - name: MONGODB_EXTRA_PASSWORDS_FILE
+              value: "/opt/bitnami/mongodb/secrets/mongodb-passwords"
+            {{- else }}
              - name: MONGODB_EXTRA_PASSWORDS
                valueFrom:
                  secretKeyRef:
                    name: {{ include "mongodb.secretName" . }}
                    key: mongodb-passwords
              {{- end }}
+            {{- end }}
              - name: MONGODB_ROOT_USER
                value: {{ .Values.auth.rootUser | quote }}
+            {{- if .Values.usePasswordFiles }}
+            - name: MONGODB_ROOT_PASSWORD_FILE
+              value: "/opt/bitnami/mongodb/secrets/mongodb-root-password"
+            - name: MONGODB_REPLICA_SET_KEY_FILE
+              value: "/opt/bitnami/mongodb/secrets/mongodb-replica-set-key"
+            {{- else }}
              - name: MONGODB_ROOT_PASSWORD
                valueFrom:
                  secretKeyRef:
@@ -285,10 +244,15 @@ spec:
                    name: {{ include "mongodb.secretName" . }}
                    key: mongodb-replica-set-key
              {{- end }}
+            {{- end }}
              {{- if and .Values.metrics.enabled (not (empty .Values.metrics.username)) }}
              - name: MONGODB_METRICS_USERNAME
                value: {{ .Values.metrics.username | quote }}
              {{- if .Values.auth.enabled }}
+            {{- if .Values.usePasswordFiles }}
+            - name: MONGODB_METRICS_PASSWORD_FILE
+              value: "/opt/bitnami/mongodb/secrets/mongodb-metrics-password"
+            {{- else }}
              - name: MONGODB_METRICS_PASSWORD
                valueFrom:
                  secretKeyRef:
@@ -296,6 +260,7 @@ spec:
                    key: mongodb-metrics-password
              {{- end }}
              {{- end }}
+            {{- end }}
              - name: ALLOW_EMPTY_PASSWORD
                value: {{ ternary "no" "yes" .Values.auth.enabled | quote }}
              - name: MONGODB_SYSTEM_LOG_VERBOSITY
@@ -359,7 +324,7 @@ spec:
            readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.hidden.readinessProbe "enabled") "context" $) | nindent 12 }}
              exec:
                command:
-                - /bitnami/scripts/ping-mongodb.sh
+                - /bitnami/scripts/readiness-probe.sh
            {{- end }}
            {{- if .Values.hidden.customStartupProbe }}
            startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.hidden.customStartupProbe "context" $) | nindent 12 }}
@@ -371,7 +336,7 @@ spec:
            {{- end }}
            {{- end }}
            {{- if .Values.hidden.resources }}
-          resources: {{- toYaml .Values.hidden.resources | nindent 12 }}
+          resources: {{- include "common.tplvalues.render" (dict "value" .Values.hidden.resources "context" $) | nindent 12 }}
            {{- else if ne .Values.hidden.resourcesPreset "none" }}
            resources: {{- include "common.resources.preset" (dict "type" .Values.hidden.resourcesPreset) | nindent 12 }}
            {{- end }}
@@ -381,6 +346,10 @@ spec:
                subPath: {{ .Values.hidden.persistence.subPath }}
              - name: common-scripts
                mountPath: /bitnami/scripts
+            {{- if and .Values.usePasswordFiles .Values.auth.enabled }}
+            - name: mongodb-secrets
+              mountPath: /opt/bitnami/mongodb/secrets
+            {{- end }}
              {{- if or .Values.initdbScriptsConfigMap .Values.initdbScripts }}
              - name: custom-init-scripts
                mountPath: /docker-entrypoint-initdb.d
@@ -413,6 +382,9 @@ spec:
              - name: empty-dir
                mountPath: /opt/bitnami/mongodb/logs
                subPath: app-logs-dir
+            - name: empty-dir
+              mountPath: /.mongodb
+              subPath: mongosh-home
              {{- if .Values.hidden.extraVolumeMounts }}
              {{- include "common.tplvalues.render" (dict "value" .Values.hidden.extraVolumeMounts "context" $) | nindent 12 }}
              {{- end }}
@@ -421,7 +393,7 @@ spec:
            image: {{ template "mongodb.metrics.image" . }}
            imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
            {{- if .Values.containerSecurityContext.enabled }}
-          securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
+          securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.containerSecurityContext "context" $) | nindent 12 }}
            {{- end }}
            {{- if .Values.diagnosticMode.enabled }}
            command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
@@ -439,6 +411,13 @@ spec:
            {{- else }}
            args:
              - |
+              {{- if and .Values.usePasswordFiles .Values.auth.enabled }}
+              {{- if .Values.metrics.username }}
+              export MONGODB_METRICS_PASSWORD="$(< $MONGODB_METRICS_PASSWORD_FILE)"
+              {{- else }}
+              export MONGODB_ROOT_PASSWORD="$(< $MONGODB_ROOT_PASSWORD_FILE)"
+              {{- end }}
+              {{- end }}
                /bin/mongodb_exporter {{ include "mongodb.exporterArgs" $ }} --mongodb.direct-connect --mongodb.global-conn-pool --mongodb.uri "{{ include "mongodb.mongodb_exporter.uri" . }}" {{ .Values.metrics.extraFlags }}
            {{- end }}
            env:
@@ -446,14 +425,23 @@ spec:
              {{- if not .Values.metrics.username }}
              - name: MONGODB_ROOT_USER
                value: {{ .Values.auth.rootUser | quote }}
+            {{- if .Values.usePasswordFiles }}
+            - name: MONGODB_ROOT_PASSWORD_FILE
+              value: "/opt/bitnami/mongodb/secrets/mongodb-root-password"
+            {{- else }}
              - name: MONGODB_ROOT_PASSWORD
                valueFrom:
                  secretKeyRef:
                    name: {{ include "mongodb.secretName" . }}
                    key: mongodb-root-password
+            {{- end }}
              {{- else }}
              - name: MONGODB_METRICS_USERNAME
                value: {{ .Values.metrics.username | quote }}
+            {{- if .Values.usePasswordFiles }}
+            - name: MONGODB_METRICS_PASSWORD_FILE
+              value: "/opt/bitnami/mongodb/secrets/mongodb-metrics-password"
+            {{- else }}
              - name: MONGODB_METRICS_PASSWORD
                valueFrom:
                  secretKeyRef:
@@ -461,10 +449,15 @@ spec:
                    key: mongodb-metrics-password
              {{- end }}
              {{- end }}
+            {{- end }}
            volumeMounts:
              - name: empty-dir
                mountPath: /tmp
                subPath: tmp-dir
+            {{- if and .Values.usePasswordFiles .Values.auth.enabled }}
+            - name: mongodb-secrets
+              mountPath: /opt/bitnami/mongodb/secrets
+            {{- end }}
              {{- if .Values.tls.enabled }}
              - name: certs
                mountPath: /certs
@@ -483,8 +476,7 @@ spec:
            livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customLivenessProbe "context" $) | nindent 12 }}
            {{- else if .Values.metrics.livenessProbe.enabled }}
            livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.livenessProbe "enabled") "context" $) | nindent 12 }}
-            httpGet:
-              path: /
+            tcpSocket:
                port: metrics
            {{- end }}
            {{- if .Values.metrics.customReadinessProbe }}
@@ -504,7 +496,7 @@ spec:
            {{- end }}
            {{- end }}
            {{- if .Values.metrics.resources }}
-          resources: {{- toYaml .Values.metrics.resources | nindent 12 }}
+          resources: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.resources "context" $) | nindent 12 }}
            {{- else if ne .Values.metrics.resourcesPreset "none" }}
            resources: {{- include "common.resources.preset" (dict "type" .Values.metrics.resourcesPreset) | nindent 12 }}
            {{- end }}
@@ -519,7 +511,12 @@ spec:
          - name: common-scripts
            configMap:
              name: {{ printf "%s-common-scripts" (include "mongodb.fullname" .) }}
-            defaultMode: 0555
+            defaultMode: 0o555
+        {{- if and .Values.usePasswordFiles .Values.auth.enabled }}
+        - name: mongodb-secrets
+          secret:
+            secretName: {{ include "mongodb.secretName" . }}
+        {{- end }}
          {{- if or .Values.initdbScriptsConfigMap .Values.initdbScripts }}
          - name: custom-init-scripts
            configMap:
@@ -538,7 +535,7 @@ spec:
          - name: scripts
            configMap:
              name: {{ printf "%s-scripts" (include "mongodb.fullname" .) }}
-            defaultMode: 0755
+            defaultMode: 0o755
          {{- if .Values.hidden.extraVolumes }}
          {{- include "common.tplvalues.render" (dict "value" .Values.hidden.extraVolumes "context" $) | nindent 8 }}
          {{- end }}
@@ -553,10 +550,10 @@ spec:
              items:
              - key: mongodb-ca-cert
                path: mongodb-ca-cert
-              mode: 0600
+              mode: 0o600
              - key: mongodb-ca-key
                path: mongodb-ca-key
-              mode: 0600
+              mode: 0o600
          {{- else }}
          {{- range $index, $secret := .Values.tls.hidden.existingSecrets }}
          - name: mongodb-certs-{{ $index }}
@@ -583,6 +580,9 @@ spec:
          {{- if .Values.hidden.persistence.annotations }}
          annotations: {{- include "common.tplvalues.render" (dict "value" .Values.hidden.persistence.annotations "context" $) | nindent 10 }}
          {{- end }}
+        {{- if .Values.persistence.labels }}
+        labels: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.labels "context" $) | nindent 10 }}
+        {{- end }}
        spec:
          accessModes:
          {{- range .Values.hidden.persistence.accessModes }}
diff --git a/kubernetes/common/mongodb/templates/initialization-configmap.yaml b/kubernetes/common/mongodb/templates/initialization-configmap.yaml

index 7086e0b..2c1273c 100644 (file)
--- a/kubernetes/common/mongodb/templates/initialization-configmap.yaml
+++ b/kubernetes/common/mongodb/templates/initialization-configmap.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
diff --git a/kubernetes/common/mongodb/templates/metrics-svc.yaml b/kubernetes/common/mongodb/templates/metrics-svc.yaml

index f21401e..b6bd266 100644 (file)
--- a/kubernetes/common/mongodb/templates/metrics-svc.yaml
+++ b/kubernetes/common/mongodb/templates/metrics-svc.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
diff --git a/kubernetes/common/mongodb/templates/networkpolicy.yaml b/kubernetes/common/mongodb/templates/networkpolicy.yaml

index 63c4d71..4f64224 100644 (file)
--- a/kubernetes/common/mongodb/templates/networkpolicy.yaml
+++ b/kubernetes/common/mongodb/templates/networkpolicy.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -41,8 +41,23 @@ spec:
        to:
          - podSelector:
              matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }}
+    {{- if (and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled) }}
+    {{- $kubernetesEndpoints := lookup "v1" "Endpoints" (include "common.names.namespace" .) "kubernetes" }}
+    {{- range $kubernetesEndpoints.subsets }}
+    # Allow connection to API server, required by auto-discovery containers
+    - ports:
+      {{- range .ports }}
+        - port: {{ .port }}
+      {{- end }}
+      to:
+        {{- range .addresses }}
+        - ipBlock:
+            cidr: {{ printf "%s/32" .ip }}
+        {{- end }}
+    {{- end }}
+    {{- end }}
      {{- if .Values.networkPolicy.extraEgress }}
-    {{- include "common.tplvalues.render" ( dict "value" .Values.rts.networkPolicy.extraEgress "context" $ ) | nindent 4 }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.networkPolicy.extraEgress "context" $ ) | nindent 4 }}
      {{- end }}
    {{- end }}
    ingress:
@@ -53,26 +68,26 @@ spec:
        {{- end }}
        {{- if not .Values.networkPolicy.allowExternal }}
        from:
+        - podSelector:
+            matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }}
+              app.kubernetes.io/component: mongodb
+        {{- if .Values.networkPolicy.addExternalClientAccess }}
          - podSelector:
              matchLabels:
                {{ template "common.names.fullname" . }}-client: "true"
+        {{- end }}
+        {{- if .Values.networkPolicy.ingressPodMatchLabels }}
          - podSelector:
-            matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }}
-              app.kubernetes.io/component: mongodb
+            matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.ingressPodMatchLabels "context" $ ) | nindent 14 }}
+        {{- end }}
          {{- $ingressNSMatchLabels := coalesce .Values.networkPolicy.ingressNSMatchLabels .Values.networkPolicy.namespaceSelector }}
          {{- if $ingressNSMatchLabels }}
          - namespaceSelector:
-            matchLabels:
-              {{- range $key, $value := $ingressNSMatchLabels }}
-              {{ $key | quote }}: {{ $value | quote }}
-              {{- end }}
+            matchLabels: {{- include "common.tplvalues.render" (dict "value" $ingressNSMatchLabels "context" $ ) | nindent 14 }}
            {{- $ingressNSPodMatchLabels := coalesce .Values.networkPolicy.ingressNSPodMatchLabels .Values.networkPolicy.podSelector }}
            {{- if $ingressNSPodMatchLabels }}
            podSelector:
-            matchLabels:
-              {{- range $key, $value := $ingressNSPodMatchLabels }}
-              {{ $key | quote }}: {{ $value | quote }}
-              {{- end }}
+            matchLabels: {{- include "common.tplvalues.render" (dict "value" $ingressNSPodMatchLabels "context" $ ) | nindent 14 }}
            {{- end }}
          {{- end }}
        {{- end }}
diff --git a/kubernetes/common/mongodb/templates/prometheusrule.yaml b/kubernetes/common/mongodb/templates/prometheusrule.yaml

index 00df349..e0d0f28 100644 (file)
--- a/kubernetes/common/mongodb/templates/prometheusrule.yaml
+++ b/kubernetes/common/mongodb/templates/prometheusrule.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
diff --git a/kubernetes/common/mongodb/templates/psp.yaml b/kubernetes/common/mongodb/templates/psp.yaml

index 61c452b..4b93f4f 100644 (file)
--- a/kubernetes/common/mongodb/templates/psp.yaml
+++ b/kubernetes/common/mongodb/templates/psp.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
diff --git a/kubernetes/common/mongodb/templates/replicaset/external-access-svc.yaml b/kubernetes/common/mongodb/templates/replicaset/external-access-svc.yaml

index 3bc9900..400db8e 100644 (file)
--- a/kubernetes/common/mongodb/templates/replicaset/external-access-svc.yaml
+++ b/kubernetes/common/mongodb/templates/replicaset/external-access-svc.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -19,8 +19,12 @@ metadata:
    labels: {{- include "common.labels.standard" ( dict "customLabels" $root.Values.commonLabels "context" $ ) | nindent 4 }}
      app.kubernetes.io/component: mongodb
      pod: {{ $targetPod }}
-  {{- if or $root.Values.externalAccess.service.annotations $root.Values.commonAnnotations }}
-  {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list $root.Values.externalAccess.service.annotations $root.Values.commonAnnotations ) "context" $ ) }}
+  {{- if or $root.Values.externalAccess.service.annotations $root.Values.commonAnnotations $root.Values.externalAccess.service.annotationsList }}
+  {{- $exclusiveAnnotations := dict }}
+  {{- if gt (len $root.Values.externalAccess.service.annotationsList) $i }}
+  {{- $exclusiveAnnotations = index $root.Values.externalAccess.service.annotationsList $i }}
+  {{- end }}
+  {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list $root.Values.externalAccess.service.annotations $root.Values.commonAnnotations $exclusiveAnnotations ) "context" $ ) }}
    annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }}
    {{- end }}
  spec:
diff --git a/kubernetes/common/mongodb/templates/replicaset/headless-svc.yaml b/kubernetes/common/mongodb/templates/replicaset/headless-svc.yaml

index bf7a3d9..eb6337d 100644 (file)
--- a/kubernetes/common/mongodb/templates/replicaset/headless-svc.yaml
+++ b/kubernetes/common/mongodb/templates/replicaset/headless-svc.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
diff --git a/kubernetes/common/mongodb/templates/replicaset/pdb.yaml b/kubernetes/common/mongodb/templates/replicaset/pdb.yaml

index 5bbd310..a193ed2 100644 (file)
--- a/kubernetes/common/mongodb/templates/replicaset/pdb.yaml
+++ b/kubernetes/common/mongodb/templates/replicaset/pdb.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -18,8 +18,8 @@ spec:
    {{- if .Values.pdb.minAvailable }}
    minAvailable: {{ .Values.pdb.minAvailable }}
    {{- end }}
-  {{- if .Values.pdb.maxUnavailable }}
-  maxUnavailable: {{ .Values.pdb.maxUnavailable }}
+  {{- if or .Values.pdb.maxUnavailable (not .Values.pdb.minAvailable) }}
+  maxUnavailable: {{ .Values.pdb.maxUnavailable | default 1 }}
    {{- end }}
    {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }}
    selector:
diff --git a/kubernetes/common/mongodb/templates/replicaset/scripts-configmap.yaml b/kubernetes/common/mongodb/templates/replicaset/scripts-configmap.yaml

index 00b2502..3e9f066 100644 (file)
--- a/kubernetes/common/mongodb/templates/replicaset/scripts-configmap.yaml
+++ b/kubernetes/common/mongodb/templates/replicaset/scripts-configmap.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -73,7 +73,7 @@ data:
      export MONGODB_ADVERTISED_HOSTNAME="$(<${SHARED_FILE})"
      {{- else }}
      ID="${MY_POD_NAME#"{{ $fullname }}-"}"
-    export MONGODB_ADVERTISED_HOSTNAME=$(echo '{{ .Values.externalAccess.service.loadBalancerIPs }}' | tr -d '[]' | cut -d ' ' -f "$(($ID + 1))")
+    export MONGODB_ADVERTISED_HOSTNAME=$(echo '{{ coalesce .Values.externalAccess.service.publicNames .Values.externalAccess.service.loadBalancerIPs }}' | tr -d '[]' | cut -d ' ' -f "$(($ID + 1))")
      {{- end }}
      {{- else if eq .Values.externalAccess.service.type "NodePort" }}
      ID="${MY_POD_NAME#"{{ $fullname }}-"}"
@@ -113,7 +113,6 @@ data:
        {{- $fullname := include "mongodb.fullname" . }}
        {{- $releaseNamespace := include "mongodb.namespace" . }}
        {{- $clusterDomain := .Values.clusterDomain }}
-      {{- $loadBalancerIPListLength := len .Values.externalAccess.service.loadBalancerIPs }}
        {{- $mongoList := list }}
        {{- range $e, $i := until $replicaCount }}
        {{- $mongoList = append $mongoList (printf "%s-%d.%s-headless.%s.svc.%s:%d" $fullname $i $fullname $releaseNamespace $clusterDomain $portNumber) }}
@@ -122,7 +121,7 @@ data:
        {{- if .Values.externalAccess.externalMaster.enabled }}
          current_primary={{ printf "%s:%d" (.Values.externalAccess.externalMaster.host) ( int .Values.externalAccess.externalMaster.port) }}
        {{- else }}
-        current_primary=$(mongosh admin --host "{{ join "," $mongoList }}" {{- if .Values.auth.enabled }} --authenticationDatabase admin -u $MONGODB_ROOT_USER -p $MONGODB_ROOT_PASSWORD{{- end }}{{- if .Values.tls.enabled}} --tls {{ if .Values.tls.mTLS.enabled }}--tlsCertificateKeyFile=/certs/mongodb.pem {{ end }}--tlsCAFile=/certs/mongodb-ca-cert{{- end }} --eval 'db.runCommand("ismaster")' | awk -F\' '/primary/ {print $2}')
+        current_primary=$(mongosh admin --host "{{ join "," $mongoList }}" {{- if .Values.auth.enabled }} --authenticationDatabase admin -u $MONGODB_ROOT_USER -p $MONGODB_ROOT_PASSWORD{{- end }}{{- if .Values.tls.enabled}} --tls {{ if .Values.tls.mTLS.enabled }}--tlsCertificateKeyFile=/certs/mongodb.pem {{ end }}--tlsCAFile=/certs/mongodb-ca-cert{{- end }} --eval 'db.runCommand("ismaster")' | awk -F\' '/primary:/ {print $2}')
        {{- end }}
        if ! is_empty_value "$current_primary"; then
          info "Detected existing primary: ${current_primary}"
@@ -159,7 +158,6 @@ data:
          export MONGODB_EXTRA_DATABASES_FILE=""
          export MONGODB_EXTRA_PASSWORDS_FILE=""
      fi
-
      exec /opt/bitnami/scripts/mongodb/entrypoint.sh /opt/bitnami/scripts/mongodb/run.sh
    setup-hidden.sh: |-
      #!/bin/bash
@@ -224,7 +222,7 @@ data:
  
      SLEEP_PERIOD=10
  
-    {{- if and .Values.auth.enabled .Values.auth.rootPassword }}
+    {{- if and .Values.auth.enabled (or .Values.auth.rootPassword .Values.auth.existingSecret)}}
      usernameAndPassword="{{- if .Values.tls.enabled}} --tls {{ if .Values.tls.mTLS.enabled }}--tlsCertificateKeyFile=/certs/mongodb.pem {{ end }}--tlsCAFile=/certs/mongodb-ca-cert{{- end }} -u ${MONGODB_ROOT_USER} -p ${MONGODB_ROOT_PASSWORD}"
      {{- else }}
      usernameAndPassword=""
@@ -256,28 +254,34 @@ data:
        # read rs.conf again and store it. settings format is '"<key>" : <value>,'
        currentRsConf=$(mongosh ${usernameAndPassword} --eval 'rs.conf()')
  
-      desiredEqualsactual=unknown
+      desiredEqualsActual=unknown
        settingsToConfigure=""
        for key in ${!desiredRsConf[@]}; do
          value=${desiredRsConf[$key]}
-        if ! $(echo "\"${currentRsConf}"\" | grep -q -e "${key}: ${value},"); then
-           if [[ $key =~ ^members\[[0-9]+\]\..+ ]]; then
-            memberIndex=$(echo $key | grep -o -E '[0-9]+')
-            nodeConfigKey=${key#*.}
-            settingsToConfigure="${settingsToConfigure}cfg.members[${memberIndex}].${nodeConfigKey} = ${value}; "
+        if [[ $key =~ ^members\[[0-9]+\]\..+ ]]; then
+          # Replica set member specific setting
+          if [[ "$(mongosh --eval "cfg=${currentRsConf}; cfg.${key}" 2>/dev/null)" != "${value}" ]]; then
+            desiredEqualsActual=false
+            logger "rs conf: ${key} needs to be updated to desired value: ${value}"
+            settingsToConfigure="${settingsToConfigure}cfg.${key} = ${value}; "
            else
-            # General rs settings
-            settingsToConfigure="${settingsToConfigure}cfg.settings.${key} = ${value}; "
+            logger "rs conf: ${key} is already at desired value: ${value}"
            fi
-           desiredEqualsactual=false
          else
-          logger "rs conf: ${key} is already at desired value: ${value}"
+          # General rs setting
+          if [[ "$(mongosh --eval "cfg=${currentRsConf}; cfg.settings.${key}" 2>/dev/null)" != "${value}" ]]; then
+            desiredEqualsActual=false
+            logger "rs conf: ${key} needs to be updated to desired value: ${value}"
+            settingsToConfigure="${settingsToConfigure}cfg.settings.${key} = ${value}; "
+          else
+            logger "rs conf: ${key} is already at desired value: ${value}"
+          fi
          fi
        done
  
-      if [[ "${desiredEqualsactual}" != "false" ]]; then
+      if [[ "${desiredEqualsActual}" != "false" ]]; then
          logger "replicaSetConfigurationSettings match the settings of the currently running rs"
-        desiredEqualsactual=true
+        desiredEqualsActual=true
          rs_conf_configured_ok=true
          logger "Current settings match desired settings (There have been ${rsConfWriteAttempts} attempts to write to mongoDB rs configuration)"
          exit
diff --git a/kubernetes/common/mongodb/templates/replicaset/statefulset.yaml b/kubernetes/common/mongodb/templates/replicaset/statefulset.yaml

index 7de00e7..592b38e 100644 (file)
--- a/kubernetes/common/mongodb/templates/replicaset/statefulset.yaml
+++ b/kubernetes/common/mongodb/templates/replicaset/statefulset.yaml
@@ -1,12 +1,13 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
  {{- if eq .Values.architecture "replicaset" }}
  {{- $replicaCount := int .Values.replicaCount }}
  {{- $loadBalancerIPListLength := len .Values.externalAccess.service.loadBalancerIPs }}
-{{- if not (and .Values.externalAccess.enabled (not .Values.externalAccess.autoDiscovery.enabled) (not (eq $replicaCount $loadBalancerIPListLength )) (eq .Values.externalAccess.service.type "LoadBalancer")) }}
+{{- $publicNamesLength := len .Values.externalAccess.service.publicNames }}
+{{- if not (and .Values.externalAccess.enabled (not .Values.externalAccess.autoDiscovery.enabled) (eq .Values.externalAccess.service.type "LoadBalancer") (not (eq $replicaCount $loadBalancerIPListLength)) (not (eq $replicaCount $publicNamesLength))) }}
  apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }}
  kind: StatefulSet
  metadata:
@@ -34,11 +35,14 @@ spec:
      metadata:
        labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }}
          app.kubernetes.io/component: mongodb
-      {{- if or (include "mongodb.createConfigmap" .) .Values.podAnnotations }}
+      {{- if or (include "mongodb.createConfigmap" .) .Values.podAnnotations .Values.passwordUpdateJob.enabled }}
        annotations:
          {{- if (include "mongodb.createConfigmap" .) }}
          checksum/configuration: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
          {{- end }}
+        {{- if .Values.passwordUpdateJob.enabled }}
+        charts.bitnami.com/password-last-update: {{ now | date "20060102150405" | quote }}
+        {{- end }}
          {{- if .Values.podAnnotations }}
          {{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }}
          {{- end }}
@@ -77,46 +81,26 @@ spec:
        runtimeClassName: {{ .Values.runtimeClassName }}
        {{- end }}
        {{- if .Values.podSecurityContext.enabled }}
-      securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }}
+      securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.podSecurityContext "context" $) | nindent 8 }}
        {{- end }}
        {{ if .Values.terminationGracePeriodSeconds }}
        terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
        {{- end }}
        enableServiceLinks: {{ .Values.enableServiceLinks }}
-      {{- if or .Values.initContainers (and .Values.volumePermissions.enabled .Values.persistence.enabled) (and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled) .Values.tls.enabled }}
        initContainers:
          {{- if .Values.initContainers }}
          {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }}
          {{- end }}
          {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }}
-        - name: volume-permissions
-          image: {{ include "mongodb.volumePermissions.image" . }}
-          imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
-          command:
-            - /bin/bash
-          args:
-            - -ec
-            - |
-              mkdir -p {{ printf "%s/%s" .Values.persistence.mountPath (default "" .Values.persistence.subPath) }}
-              chown {{ .Values.containerSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }} {{ printf "%s/%s" .Values.persistence.mountPath (default "" .Values.persistence.subPath) }}
-              find  {{ printf "%s/%s" .Values.persistence.mountPath (default "" .Values.persistence.subPath) }} -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R {{ .Values.containerSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }}
-          {{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }}
-          securityContext: {{- omit .Values.volumePermissions.securityContext "runAsUser" | toYaml | nindent 12 }}
-          {{- else }}
-          securityContext: {{- .Values.volumePermissions.securityContext | toYaml | nindent 12 }}
-          {{- end }}
-          {{- if .Values.volumePermissions.resources }}
-          resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
-          {{- else if ne .Values.volumePermissions.resourcesPreset "none" }}
-          resources: {{- include "common.resources.preset" (dict "type" .Values.volumePermissions.resourcesPreset) | nindent 12 }}
-          {{- end }}
-          volumeMounts:
-            - name: datadir
-              mountPath: {{ .Values.persistence.mountPath }}
-            - name: empty-dir
-              mountPath: /tmp
-              subPath: tmp-dir
+        {{- include "mongodb.initContainer.volumePermissions" . | nindent 8 }}
          {{- end }}
+        {{- if and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled (eq .Values.externalAccess.service.type "LoadBalancer") }}
+        {{- include "mongodb.initContainers.autoDiscovery" . | nindent 8 }}
+        {{- end }}
+        {{- if and .Values.externalAccess.enabled .Values.externalAccess.service.publicNames }}
+        {{- include "mongodb.initContainers.dnsCheck" . | nindent 8 }}
+        {{- end }}
+        {{- include "mongodb.initContainer.prepareLogDir" . | nindent 8 }}
          {{- if .Values.tls.enabled }}
          - name: generate-tls-certs
            image: {{ include "mongodb.tls.image" . }}
@@ -158,52 +142,24 @@ spec:
              {{- if .Values.externalAccess.service.loadBalancerIPs }}
              - -i {{ join "," .Values.externalAccess.service.loadBalancerIPs }}
              {{- end }}
-            {{- if .Values.tls.extraDnsNames }}
-            - -n {{ join "," .Values.tls.extraDnsNames }}
+            {{- if or .Values.tls.extraDnsNames .Values.externalAccess.service.publicNames }}
+            - -n {{ join "," ( concat .Values.tls.extraDnsNames .Values.externalAccess.service.publicNames ) }}
              {{- end }}
            {{- if .Values.tls.resources }}
-          resources: {{- toYaml .Values.tls.resources | nindent 12 }}
+          resources: {{- include "common.tplvalues.render" (dict "value" .Values.tls.resources "context" $) | nindent 12 }}
            {{- else if ne .Values.tls.resourcesPreset "none" }}
            resources: {{- include "common.resources.preset" (dict "type" .Values.tls.resourcesPreset) | nindent 12 }}
            {{- end }}
-        {{- end }}
-        {{- if and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled (eq .Values.externalAccess.service.type "LoadBalancer") }}
-        - name: auto-discovery
-          image: {{ include "mongodb.externalAccess.autoDiscovery.image" . }}
-          imagePullPolicy: {{ .Values.externalAccess.autoDiscovery.image.pullPolicy | quote }}
-          # We need the service account token for contacting the k8s API
-          automountServiceAccountToken: true
-          command:
-            - /scripts/auto-discovery.sh
-          env:
-            - name: MY_POD_NAME
-              valueFrom:
-                fieldRef:
-                  fieldPath: metadata.name
-            - name: SHARED_FILE
-              value: "/shared/info.txt"
-          {{- if .Values.externalAccess.autoDiscovery.resources }}
-          resources: {{- toYaml .Values.externalAccess.autoDiscovery.resources | nindent 12 }}
-          {{- else if ne .Values.externalAccess.autoDiscovery.resourcesPreset "none" }}
-          resources: {{- include "common.resources.preset" (dict "type" .Values.externalAccess.autoDiscovery.resourcesPreset) | nindent 12 }}
+          {{- if .Values.tls.securityContext }}
+          securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.tls.securityContext "context" $) | nindent 12 }}
            {{- end }}
-          volumeMounts:
-            - name: shared
-              mountPath: /shared
-            - name: scripts
-              mountPath: /scripts/auto-discovery.sh
-              subPath: auto-discovery.sh
-            - name: empty-dir
-              mountPath: /tmp
-              subPath: tmp-dir
          {{- end }}
-      {{- end }}
        containers:
          - name: mongodb
            image: {{ include "mongodb.image" . }}
            imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
            {{- if .Values.containerSecurityContext.enabled }}
-          securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
+          securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.containerSecurityContext "context" $) | nindent 12 }}
            {{- end }}
            {{- if .Values.diagnosticMode.enabled }}
            command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
@@ -240,15 +196,13 @@ spec:
                valueFrom:
                  fieldRef:
                    fieldPath: status.hostIP
-            - name: K8S_SERVICE_NAME
-              value: "{{ include "mongodb.service.nameOverride" . }}"
              - name: MONGODB_INITIAL_PRIMARY_HOST
-              value: {{ printf "%s-0.$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.%s" (include "mongodb.fullname" .) .Values.clusterDomain }}
+              value: {{ include "mongodb.initialPrimaryHost" . | quote }}
              - name: MONGODB_REPLICA_SET_NAME
                value: {{ .Values.replicaSetName | quote }}
              {{- if and .Values.replicaSetHostnames (not .Values.externalAccess.enabled) }}
              - name: MONGODB_ADVERTISED_HOSTNAME
-              value: "$(MY_POD_NAME).$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.{{ .Values.clusterDomain }}"
+              value: "$(MY_POD_NAME).{{ include "mongodb.service.nameOverride" . }}.$(MY_POD_NAMESPACE).svc.{{ .Values.clusterDomain }}"
              {{- end }}
              {{- $customUsers := include "mongodb.customUsers" . -}}
              {{- $customDatabases := include "mongodb.customDatabases" . -}}
@@ -262,14 +216,25 @@ spec:
              {{- end }}
              {{- if .Values.auth.enabled }}
              {{- if and (not (empty $customUsers)) (not (empty $customDatabases)) }}
+            {{- if .Values.usePasswordFiles }}
+            - name: MONGODB_EXTRA_PASSWORDS_FILE
+              value: "/opt/bitnami/mongodb/secrets/mongodb-passwords"
+            {{- else }}
              - name: MONGODB_EXTRA_PASSWORDS
                valueFrom:
                  secretKeyRef:
                    name: {{ include "mongodb.secretName" . }}
                    key: mongodb-passwords
              {{- end }}
+            {{- end }}
              - name: MONGODB_ROOT_USER
                value: {{ .Values.auth.rootUser | quote }}
+            {{- if .Values.usePasswordFiles }}
+            - name: MONGODB_ROOT_PASSWORD_FILE
+              value: "/opt/bitnami/mongodb/secrets/mongodb-root-password"
+            - name: MONGODB_REPLICA_SET_KEY_FILE
+              value: "/opt/bitnami/mongodb/secrets/mongodb-replica-set-key"
+            {{- else }}
              - name: MONGODB_ROOT_PASSWORD
                valueFrom:
                  secretKeyRef:
@@ -281,10 +246,15 @@ spec:
                    name: {{ include "mongodb.secretName" . }}
                    key: mongodb-replica-set-key
              {{- end }}
+            {{- end }}
              {{- if and .Values.metrics.enabled (not (empty .Values.metrics.username)) }}
              - name: MONGODB_METRICS_USERNAME
                value: {{ .Values.metrics.username | quote }}
              {{- if .Values.auth.enabled }}
+            {{- if .Values.usePasswordFiles }}
+            - name: MONGODB_METRICS_PASSWORD_FILE
+              value: "/opt/bitnami/mongodb/secrets/mongodb-metrics-password"
+            {{- else }}
              - name: MONGODB_METRICS_PASSWORD
                valueFrom:
                  secretKeyRef:
@@ -292,6 +262,7 @@ spec:
                    key: mongodb-metrics-password
              {{- end }}
              {{- end }}
+            {{- end }}
              - name: ALLOW_EMPTY_PASSWORD
                value: {{ ternary "no" "yes" .Values.auth.enabled | quote }}
              - name: MONGODB_SYSTEM_LOG_VERBOSITY
@@ -367,7 +338,7 @@ spec:
            {{- end }}
            {{- end }}
            {{- if .Values.resources }}
-          resources: {{- toYaml .Values.resources | nindent 12 }}
+          resources: {{- include "common.tplvalues.render" (dict "value" .Values.resources "context" $) | nindent 12 }}
            {{- else if ne .Values.resourcesPreset "none" }}
            resources: {{- include "common.resources.preset" (dict "type" .Values.resourcesPreset) | nindent 12 }}
            {{- end }}
@@ -384,7 +355,14 @@ spec:
              - name: empty-dir
                mountPath: /opt/bitnami/mongodb/logs
                subPath: app-logs-dir
-            - name: datadir
+            - name: empty-dir
+              mountPath: /.mongodb
+              subPath: mongosh-home
+            {{- if and .Values.usePasswordFiles .Values.auth.enabled }}
+            - name: mongodb-secrets
+              mountPath: /opt/bitnami/mongodb/secrets
+            {{- end }}
+            - name: {{ .Values.persistence.name | default "datadir" }}
                mountPath: {{ .Values.persistence.mountPath }}
                subPath: {{ .Values.persistence.subPath }}
              - name: common-scripts
@@ -422,7 +400,7 @@ spec:
            image: {{ template "mongodb.metrics.image" . }}
            imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
            {{- if .Values.containerSecurityContext.enabled }}
-          securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
+          securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.containerSecurityContext "context" $) | nindent 12 }}
            {{- end }}
            {{- if .Values.diagnosticMode.enabled }}
            command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
@@ -440,6 +418,13 @@ spec:
            {{- else }}
            args:
              - |
+              {{- if and .Values.usePasswordFiles .Values.auth.enabled }}
+              {{- if .Values.metrics.username }}
+              export MONGODB_METRICS_PASSWORD="$(< $MONGODB_METRICS_PASSWORD_FILE)"
+              {{- else }}
+              export MONGODB_ROOT_PASSWORD="$(< $MONGODB_ROOT_PASSWORD_FILE)"
+              {{- end }}
+              {{- end }}
                /bin/mongodb_exporter {{ include "mongodb.exporterArgs" $ }} --mongodb.direct-connect --mongodb.global-conn-pool --web.listen-address ":{{ .Values.metrics.containerPort }}" --mongodb.uri "{{ include "mongodb.mongodb_exporter.uri" . }}" {{ .Values.metrics.extraFlags }}
            {{- end }}
            env:
@@ -447,14 +432,23 @@ spec:
              {{- if not .Values.metrics.username }}
              - name: MONGODB_ROOT_USER
                value: {{ .Values.auth.rootUser | quote }}
+            {{- if .Values.usePasswordFiles }}
+            - name: MONGODB_ROOT_PASSWORD_FILE
+              value: "/opt/bitnami/mongodb/secrets/mongodb-root-password"
+            {{- else }}
              - name: MONGODB_ROOT_PASSWORD
                valueFrom:
                  secretKeyRef:
                    name: {{ include "mongodb.secretName" . }}
                    key: mongodb-root-password
+            {{- end }}
              {{- else }}
              - name: MONGODB_METRICS_USERNAME
                value: {{ .Values.metrics.username | quote }}
+            {{- if .Values.usePasswordFiles }}
+            - name: MONGODB_METRICS_PASSWORD_FILE
+              value: "/opt/bitnami/mongodb/secrets/mongodb-metrics-password"
+            {{- else }}
              - name: MONGODB_METRICS_PASSWORD
                valueFrom:
                  secretKeyRef:
@@ -462,10 +456,15 @@ spec:
                    key: mongodb-metrics-password
              {{- end }}
              {{- end }}
+            {{- end }}
            volumeMounts:
              - name: empty-dir
                mountPath: /tmp
                subPath: tmp-dir
+            {{- if and .Values.usePasswordFiles .Values.auth.enabled }}
+            - name: mongodb-secrets
+              mountPath: /opt/bitnami/mongodb/secrets
+            {{- end }}
              {{- if .Values.tls.enabled }}
              - name: certs
                mountPath: /certs
@@ -481,8 +480,7 @@ spec:
            livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customLivenessProbe "context" $) | nindent 12 }}
            {{- else if .Values.metrics.livenessProbe.enabled }}
            livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.livenessProbe "enabled") "context" $) | nindent 12 }}
-            httpGet:
-              path: /
+            tcpSocket:
                port: metrics
            {{- end }}
            {{- if .Values.metrics.customReadinessProbe }}
@@ -502,7 +500,7 @@ spec:
            {{- end }}
            {{- end }}
            {{- if .Values.metrics.resources }}
-          resources: {{- toYaml .Values.metrics.resources | nindent 12 }}
+          resources: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.resources "context" $) | nindent 12 }}
            {{- else if ne .Values.metrics.resourcesPreset "none" }}
            resources: {{- include "common.resources.preset" (dict "type" .Values.metrics.resourcesPreset) | nindent 12 }}
            {{- end }}
@@ -517,7 +515,12 @@ spec:
          - name: common-scripts
            configMap:
              name: {{ printf "%s-common-scripts" (include "mongodb.fullname" .) }}
-            defaultMode: 0550
+            defaultMode: 0o550
+        {{- if and .Values.usePasswordFiles .Values.auth.enabled }}
+        - name: mongodb-secrets
+          secret:
+            secretName: {{ include "mongodb.secretName" . }}
+        {{- end }}
          {{- if or .Values.initdbScriptsConfigMap .Values.initdbScripts }}
          - name: custom-init-scripts
            configMap:
@@ -536,7 +539,7 @@ spec:
          - name: scripts
            configMap:
              name: {{ printf "%s-scripts" (include "mongodb.fullname" .) }}
-            defaultMode: 0755
+            defaultMode: 0o755
          {{- if .Values.extraVolumes }}
          {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }}
          {{- end }}
@@ -551,10 +554,10 @@ spec:
              items:
              - key: mongodb-ca-cert
                path: mongodb-ca-cert
-              mode: 0600
+              mode: 0o600
              - key: mongodb-ca-key
                path: mongodb-ca-key
-              mode: 0600
+              mode: 0o600
          {{- else }}
          {{- range $index, $secret := .Values.tls.replicaset.existingSecrets }}
          - name: mongodb-certs-{{ $index }}
@@ -581,13 +584,14 @@ spec:
      whenScaled: {{ .Values.persistentVolumeClaimRetentionPolicy.whenScaled }}
    {{- end }}
    volumeClaimTemplates:
-    - apiVersion: v1
-      kind: PersistentVolumeClaim
-      metadata:
+    - metadata:
          name: datadir
          {{- if .Values.persistence.annotations }}
          annotations: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.annotations "context" $) | nindent 10 }}
          {{- end }}
+        {{- if .Values.persistence.labels }}
+        labels: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.labels "context" $) | nindent 10 }}
+        {{- end }}
        spec:
          accessModes:
          {{- range .Values.persistence.accessModes }}
diff --git a/kubernetes/common/mongodb/templates/replicaset/svc.yaml b/kubernetes/common/mongodb/templates/replicaset/svc.yaml

index d955043..7ada019 100644 (file)
--- a/kubernetes/common/mongodb/templates/replicaset/svc.yaml
+++ b/kubernetes/common/mongodb/templates/replicaset/svc.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -25,6 +25,7 @@ metadata:
    {{- end }}
  spec:
    type: ClusterIP
+  publishNotReadyAddresses: {{ $root.Values.service.publishNotReadyAddresses }}
    ports:
      - name: {{ $root.Values.service.portName | quote }}
        port: {{ $root.Values.service.ports.mongodb }}
diff --git a/kubernetes/common/mongodb/templates/role.yaml b/kubernetes/common/mongodb/templates/role.yaml

index b37d192..651b963 100644 (file)
--- a/kubernetes/common/mongodb/templates/role.yaml
+++ b/kubernetes/common/mongodb/templates/role.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -23,7 +23,7 @@ rules:
  {{- include "common.tplvalues.render" ( dict "value" .Values.rbac.rules "context" $ ) | nindent 2 }}
  {{- end -}}
  {{- if and (include "common.capabilities.psp.supported" .) .Values.podSecurityPolicy.create }}
-  - apiGroups: ['{{ template "podSecurityPolicy.apiGroup" . }}']
+  - apiGroups: ['policy']
      resources: ['podsecuritypolicies']
      verbs: ['use']
      resourceNames: [{{ include "mongodb.fullname" . }}]
diff --git a/kubernetes/common/mongodb/templates/rolebinding.yaml b/kubernetes/common/mongodb/templates/rolebinding.yaml

index c6a76e6..7ff6b18 100644 (file)
--- a/kubernetes/common/mongodb/templates/rolebinding.yaml
+++ b/kubernetes/common/mongodb/templates/rolebinding.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
diff --git a/kubernetes/common/mongodb/templates/secrets-ca.yaml b/kubernetes/common/mongodb/templates/secrets-ca.yaml

index e1387ae..932b0e6 100644 (file)
--- a/kubernetes/common/mongodb/templates/secrets-ca.yaml
+++ b/kubernetes/common/mongodb/templates/secrets-ca.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
diff --git a/kubernetes/common/mongodb/templates/secrets.yaml b/kubernetes/common/mongodb/templates/secrets.yaml

index 004f2f3..c7526ef 100644 (file)
--- a/kubernetes/common/mongodb/templates/secrets.yaml
+++ b/kubernetes/common/mongodb/templates/secrets.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -23,7 +23,7 @@ SPDX-License-Identifier: APACHE-2.0
  {{- end }}
  
  {{/* Root user section.  */}}
-{{- $rootPassword := include "common.secrets.passwords.manage" (dict "secret" (include "mongodb.secretName" .) "key" "mongodb-root-password" "providedValues" (list "auth.rootPassword" ) "context" $) | trimAll "\"" | b64dec }}
+{{- $rootPassword := include "common.secrets.passwords.manage" (dict "secret" (include "mongodb.secretName" .) "key" "mongodb-root-password" "providedValues" (list "auth.rootPassword" ) "honorProvidedValues" true "context" $) | trimAll "\"" | b64dec }}
  
  {{/* Custom user section. This chart allows creating multiple users */}}
  {{- $customUsers := include "mongodb.customUsers" . }}
@@ -46,7 +46,7 @@ SPDX-License-Identifier: APACHE-2.0
  {{- end -}}
  {{- $passwordList = (join "," $customPasswordsList) }}
  {{- end }}
-{{- $passwords = include "common.secrets.passwords.manage" (dict "secret" (include "mongodb.secretName" .) "key" "mongodb-passwords" "providedValues" (list "mongodbPasswords") "context" (set (deepCopy $) "Values" (dict "mongodbPasswords" $passwordList))) | trimAll "\"" | b64dec }}
+{{- $passwords = include "common.secrets.passwords.manage" (dict "secret" (include "mongodb.secretName" .) "key" "mongodb-passwords" "providedValues" (list "mongodbPasswords") "honorProvidedValues" true "context" (set (deepCopy $) "Values" (dict "mongodbPasswords" $passwordList))) | trimAll "\"" | b64dec }}
  {{- end }}
  
  {{- if (include "mongodb.createSecret" .) }}
@@ -67,10 +67,10 @@ data:
    mongodb-passwords: {{ print $passwords | b64enc | quote }}
    {{- end }}
    {{- if .Values.metrics.username }}
-  mongodb-metrics-password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "mongodb.fullname" .) "key" "mongodb-metrics-password" "providedValues" (list "metrics.password" ) "context" $) }}
+  mongodb-metrics-password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "mongodb.fullname" .) "key" "mongodb-metrics-password" "providedValues" (list "metrics.password" ) "honorProvidedValues" true "context" $) }}
    {{- end }}
    {{- if eq .Values.architecture "replicaset" }}
-  mongodb-replica-set-key: {{ include "common.secrets.passwords.manage" (dict "secret" (include "mongodb.fullname" .) "key" "mongodb-replica-set-key" "providedValues" (list "auth.replicaSetKey" ) "context" $) }}
+  mongodb-replica-set-key: {{ include "common.secrets.passwords.manage" (dict "secret" (include "mongodb.fullname" .) "key" "mongodb-replica-set-key" "providedValues" (list "auth.replicaSetKey" ) "honorProvidedValues" true "context" $) }}
    {{- end }}
  {{- end }}
  {{- if .Values.serviceBindings.enabled }}
diff --git a/kubernetes/common/mongodb/templates/serviceaccount.yaml b/kubernetes/common/mongodb/templates/serviceaccount.yaml

index 6dd53ab..b54e8a0 100644 (file)
--- a/kubernetes/common/mongodb/templates/serviceaccount.yaml
+++ b/kubernetes/common/mongodb/templates/serviceaccount.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -15,6 +15,6 @@ metadata:
    annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }}
    {{- end }}
  secrets:
-  - name: {{ template "mongodb.fullname" . }}
+  - name: {{ include "mongodb.secretName" . }}
  automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }}
  {{- end }}
diff --git a/kubernetes/common/mongodb/templates/servicemonitor.yaml b/kubernetes/common/mongodb/templates/servicemonitor.yaml

index 8273e4b..7849d46 100644 (file)
--- a/kubernetes/common/mongodb/templates/servicemonitor.yaml
+++ b/kubernetes/common/mongodb/templates/servicemonitor.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
diff --git a/kubernetes/common/mongodb/templates/standalone/dep-sts.yaml b/kubernetes/common/mongodb/templates/standalone/dep-sts.yaml

index 817698b..3f02aeb 100644 (file)
--- a/kubernetes/common/mongodb/templates/standalone/dep-sts.yaml
+++ b/kubernetes/common/mongodb/templates/standalone/dep-sts.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -37,11 +37,14 @@ spec:
      metadata:
        labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }}
          app.kubernetes.io/component: mongodb
-      {{- if or (include "mongodb.createConfigmap" .) .Values.podAnnotations }}
+      {{- if or (include "mongodb.createConfigmap" .) .Values.podAnnotations .Values.passwordUpdateJob.enabled }}
        annotations:
          {{- if (include "mongodb.createConfigmap" .) }}
          checksum/configuration: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
          {{- end }}
+        {{- if .Values.passwordUpdateJob.enabled }}
+        charts.bitnami.com/password-last-update: {{ now | date "20060102150405" | quote }}
+        {{- end }}
          {{- if .Values.podAnnotations }}
          {{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }}
          {{- end }}
@@ -77,46 +80,20 @@ spec:
        runtimeClassName: {{ .Values.runtimeClassName }}
        {{- end }}
        {{- if .Values.podSecurityContext.enabled }}
-      securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }}
+      securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.podSecurityContext "context" $) | nindent 8 }}
        {{- end }}
        {{ if .Values.terminationGracePeriodSeconds }}
        terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
        {{- end }}
        enableServiceLinks: {{ .Values.enableServiceLinks }}
-      {{- if or .Values.initContainers (and .Values.volumePermissions.enabled .Values.persistence.enabled) .Values.tls.enabled }}
        initContainers:
          {{- if .Values.initContainers }}
          {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }}
          {{- end }}
          {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }}
-        - name: volume-permissions
-          image: {{ include "mongodb.volumePermissions.image" . }}
-          imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
-          command:
-            - /bin/bash
-          args:
-            - -ec
-            - |
-              mkdir -p {{ printf "%s/%s" .Values.persistence.mountPath (default "" .Values.persistence.subPath) }}
-              chown {{ .Values.containerSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }} {{ printf "%s/%s" .Values.persistence.mountPath (default "" .Values.persistence.subPath) }}
-              find  {{ printf "%s/%s" .Values.persistence.mountPath (default "" .Values.persistence.subPath) }} -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R {{ .Values.containerSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }}
-          {{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }}
-          securityContext: {{- omit .Values.volumePermissions.securityContext "runAsUser" | toYaml | nindent 12 }}
-          {{- else }}
-          securityContext: {{- .Values.volumePermissions.securityContext | toYaml | nindent 12 }}
-          {{- end }}
-          {{- if .Values.volumePermissions.resources }}
-          resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
-          {{- else if ne .Values.volumePermissions.resourcesPreset "none" }}
-          resources: {{- include "common.resources.preset" (dict "type" .Values.volumePermissions.resourcesPreset) | nindent 12 }}
-          {{- end }}
-          volumeMounts:
-            - name: empty-dir
-              mountPath: /tmp
-              subPath: tmp-dir
-            - name: {{ .Values.persistence.name | default "datadir" }}
-              mountPath: {{ .Values.persistence.mountPath }}
+        {{- include "mongodb.initContainer.volumePermissions" . | indent 8 }}
          {{- end }}
+        {{- include "mongodb.initContainer.prepareLogDir" . | nindent 8 }}
          {{- if .Values.tls.enabled }}
          - name: generate-tls-certs
            image: {{ include "mongodb.tls.image" . }}
@@ -152,25 +129,24 @@ spec:
              {{- if .Values.externalAccess.service.loadBalancerIPs }}
              - -i {{ join "," .Values.externalAccess.service.loadBalancerIPs }}
              {{- end }}
-            {{- if .Values.tls.extraDnsNames }}
-            - -n {{ join "," .Values.tls.extraDnsNames }}
+            {{- if or .Values.tls.extraDnsNames .Values.externalAccess.service.publicNames }}
+            - -n {{ join "," ( concat .Values.tls.extraDnsNames .Values.externalAccess.service.publicNames ) }}
              {{- end }}
            {{- if .Values.tls.resources }}
-          resources: {{- toYaml .Values.tls.resources | nindent 12 }}
+          resources: {{- include "common.tplvalues.render" (dict "value" .Values.tls.resources "context" $) | nindent 12 }}
            {{- else if ne .Values.tls.resourcesPreset "none" }}
            resources: {{- include "common.resources.preset" (dict "type" .Values.tls.resourcesPreset) | nindent 12 }}
            {{- end }}
            {{- if .Values.tls.securityContext }}
-          securityContext: {{- toYaml .Values.tls.securityContext | nindent 12 }}
+          securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.tls.securityContext "context" $) | nindent 12 }}
            {{- end }}
          {{- end }}
-      {{- end }}
        containers:
          - name: mongodb
            image: {{ include "mongodb.image" . }}
            imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
            {{- if .Values.containerSecurityContext.enabled }}
-          securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
+          securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.containerSecurityContext "context" $) | nindent 12 }}
            {{- end }}
            {{- if .Values.diagnosticMode.enabled }}
            command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
@@ -200,24 +176,38 @@ spec:
              {{- end }}
              {{- if .Values.auth.enabled }}
              {{- if and (not (empty $customUsers)) (not (empty $customDatabases)) }}
+            {{- if .Values.usePasswordFiles }}
+            - name: MONGODB_EXTRA_PASSWORDS_FILE
+              value: "/opt/bitnami/mongodb/secrets/mongodb-passwords"
+            {{- else }}
              - name: MONGODB_EXTRA_PASSWORDS
                valueFrom:
                  secretKeyRef:
                    name: {{ include "mongodb.secretName" . }}
                    key: mongodb-passwords
              {{- end }}
+            {{- end }}
              - name: MONGODB_ROOT_USER
                value: {{ .Values.auth.rootUser | quote }}
+            {{- if .Values.usePasswordFiles }}
+            - name: MONGODB_ROOT_PASSWORD_FILE
+              value: "/opt/bitnami/mongodb/secrets/mongodb-root-password"
+            {{- else }}
              - name: MONGODB_ROOT_PASSWORD
                valueFrom:
                  secretKeyRef:
                    name: {{ include "mongodb.secretName" . }}
                    key: mongodb-root-password
              {{- end }}
+            {{- end }}
              {{- if and .Values.metrics.enabled (not (empty .Values.metrics.username)) }}
              - name: MONGODB_METRICS_USERNAME
                value: {{ .Values.metrics.username | quote }}
              {{- if .Values.auth.enabled }}
+            {{- if .Values.usePasswordFiles }}
+            - name: MONGODB_METRICS_PASSWORD_FILE
+              value: "/opt/bitnami/mongodb/secrets/mongodb-metrics-password"
+            {{- else }}
              - name: MONGODB_METRICS_PASSWORD
                valueFrom:
                  secretKeyRef:
@@ -225,6 +215,7 @@ spec:
                    key: mongodb-metrics-password
              {{- end }}
              {{- end }}
+            {{- end }}
              - name: ALLOW_EMPTY_PASSWORD
                value: {{ ternary "no" "yes" .Values.auth.enabled | quote }}
              - name: MONGODB_SYSTEM_LOG_VERBOSITY
@@ -304,7 +295,7 @@ spec:
            {{- end }}
            {{- end }}
            {{- if .Values.resources }}
-          resources: {{- toYaml .Values.resources | nindent 12 }}
+          resources: {{- include "common.tplvalues.render" (dict "value" .Values.resources "context" $) | nindent 12 }}
            {{- else if ne .Values.resourcesPreset "none" }}
            resources: {{- include "common.resources.preset" (dict "type" .Values.resourcesPreset) | nindent 12 }}
            {{- end }}
@@ -321,11 +312,18 @@ spec:
              - name: empty-dir
                mountPath: /opt/bitnami/mongodb/logs
                subPath: app-logs-dir
+            - name: empty-dir
+              mountPath: /.mongodb
+              subPath: mongosh-home
              - name: {{ .Values.persistence.name | default "datadir" }}
                mountPath: {{ .Values.persistence.mountPath }}
                subPath: {{ .Values.persistence.subPath }}
              - name: common-scripts
                mountPath: /bitnami/scripts
+            {{- if and .Values.usePasswordFiles .Values.auth.enabled }}
+            - name: mongodb-secrets
+              mountPath: /opt/bitnami/mongodb/secrets
+            {{- end }}
              {{- if or .Values.initdbScriptsConfigMap .Values.initdbScripts }}
              - name: custom-init-scripts
                mountPath: /docker-entrypoint-initdb.d
@@ -347,7 +345,7 @@ spec:
            image: {{ template "mongodb.metrics.image" . }}
            imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
            {{- if .Values.containerSecurityContext.enabled }}
-          securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
+          securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.containerSecurityContext "context" $) | nindent 12 }}
            {{- end }}
            {{- if .Values.diagnosticMode.enabled }}
            command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
@@ -365,6 +363,13 @@ spec:
            {{- else }}
            args:
              - |
+              {{- if and .Values.usePasswordFiles .Values.auth.enabled }}
+              {{- if .Values.metrics.username }}
+              export MONGODB_METRICS_PASSWORD="$(< $MONGODB_METRICS_PASSWORD_FILE)"
+              {{- else }}
+              export MONGODB_ROOT_PASSWORD="$(< $MONGODB_ROOT_PASSWORD_FILE)"
+              {{- end }}
+              {{- end }}
                /bin/mongodb_exporter {{ include "mongodb.exporterArgs" $ }} --mongodb.direct-connect --mongodb.global-conn-pool --web.listen-address ":{{ .Values.metrics.containerPort }}" --mongodb.uri "{{ include "mongodb.mongodb_exporter.uri" . }}" {{ .Values.metrics.extraFlags }}
            {{- end }}
            env:
@@ -372,14 +377,23 @@ spec:
              {{- if not .Values.metrics.username }}
              - name: MONGODB_ROOT_USER
                value: {{ .Values.auth.rootUser | quote }}
+            {{- if .Values.usePasswordFiles }}
+            - name: MONGODB_ROOT_PASSWORD_FILE
+              value: "/opt/bitnami/mongodb/secrets/mongodb-root-password"
+            {{- else }}
              - name: MONGODB_ROOT_PASSWORD
                valueFrom:
                  secretKeyRef:
                    name: {{ include "mongodb.secretName" . }}
                    key: mongodb-root-password
+            {{- end }}
              {{- else }}
              - name: MONGODB_METRICS_USERNAME
                value: {{ .Values.metrics.username | quote }}
+            {{- if .Values.usePasswordFiles }}
+            - name: MONGODB_METRICS_PASSWORD_FILE
+              value: "/opt/bitnami/mongodb/secrets/mongodb-metrics-password"
+            {{- else }}
              - name: MONGODB_METRICS_PASSWORD
                valueFrom:
                  secretKeyRef:
@@ -387,10 +401,15 @@ spec:
                    key: mongodb-metrics-password
              {{- end }}
              {{- end }}
+            {{- end }}
            volumeMounts:
              - name: empty-dir
                mountPath: /tmp
                subPath: tmp-dir
+            {{- if and .Values.usePasswordFiles .Values.auth.enabled }}
+            - name: mongodb-secrets
+              mountPath: /opt/bitnami/mongodb/secrets
+            {{- end }}
              {{- if .Values.tls.enabled }}
              - name: certs
                mountPath: /certs
@@ -406,8 +425,7 @@ spec:
            livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customLivenessProbe "context" $) | nindent 12 }}
            {{- else if .Values.metrics.livenessProbe.enabled }}
            livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.livenessProbe "enabled") "context" $) | nindent 12 }}
-            httpGet:
-              path: /
+            tcpSocket:
                port: metrics
            {{- end }}
            {{- if .Values.metrics.customReadinessProbe }}
@@ -427,7 +445,7 @@ spec:
            {{- end }}
            {{- end }}
            {{- if .Values.metrics.resources }}
-          resources: {{- toYaml .Values.metrics.resources | nindent 12 }}
+          resources: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.resources "context" $) | nindent 12 }}
            {{- else if ne .Values.metrics.resourcesPreset "none" }}
            resources: {{- include "common.resources.preset" (dict "type" .Values.metrics.resourcesPreset) | nindent 12 }}
            {{- end }}
@@ -442,7 +460,12 @@ spec:
          - name: common-scripts
            configMap:
              name: {{ printf "%s-common-scripts" (include "mongodb.fullname" .) }}
-            defaultMode: 0550
+            defaultMode: 0o550
+        {{- if and .Values.usePasswordFiles .Values.auth.enabled }}
+        - name: mongodb-secrets
+          secret:
+            secretName: {{ include "mongodb.secretName" . }}
+        {{- end }}
          {{- if or .Values.initdbScriptsConfigMap .Values.initdbScripts }}
          - name: custom-init-scripts
            configMap:
@@ -467,10 +490,10 @@ spec:
              items:
              - key: mongodb-ca-cert
                path: mongodb-ca-cert
-              mode: 0600
+              mode: 0o600
              - key: mongodb-ca-key
                path: mongodb-ca-key
-              mode: 0600
+              mode: 0o600
          {{- else }}
          - name: mongodb-certs-0
            secret:
@@ -508,6 +531,9 @@ spec:
          {{- if .Values.persistence.annotations }}
          annotations: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.annotations "context" $) | nindent 10 }}
          {{- end }}
+        {{- if .Values.persistence.labels }}
+        labels: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.labels "context" $) | nindent 10 }}
+        {{- end }}
        spec:
          accessModes:
          {{- range .Values.persistence.accessModes }}
diff --git a/kubernetes/common/mongodb/templates/standalone/pdb.yaml b/kubernetes/common/mongodb/templates/standalone/pdb.yaml

new file mode 100644 (file)

index 0000000..d11b39a
--- /dev/null
+++ b/kubernetes/common/mongodb/templates/standalone/pdb.yaml
@@ -0,0 +1,28 @@
+{{- /*
+Copyright Broadcom, Inc. All Rights Reserved.
+SPDX-License-Identifier: APACHE-2.0
+*/}}
+
+{{- if and (not (eq .Values.architecture "replicaset")) .Values.pdb.create }}
+apiVersion: {{ include "common.capabilities.policy.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+  name: {{ include "mongodb.fullname" . }}
+  namespace: {{ include "mongodb.namespace" . | quote }}
+  labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
+    app.kubernetes.io/component: mongodb
+  {{- if .Values.commonAnnotations }}
+  annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if .Values.pdb.minAvailable }}
+  minAvailable: {{ .Values.pdb.minAvailable }}
+  {{- end }}
+  {{- if or .Values.pdb.maxUnavailable (not .Values.pdb.minAvailable) }}
+  maxUnavailable: {{ .Values.pdb.maxUnavailable | default 1 }}
+  {{- end }}
+  {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }}
+  selector:
+    matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }}
+      app.kubernetes.io/component: mongodb
+{{- end }}
diff --git a/kubernetes/common/mongodb/templates/standalone/pvc.yaml b/kubernetes/common/mongodb/templates/standalone/pvc.yaml

index d59bad9..1609858 100644 (file)
--- a/kubernetes/common/mongodb/templates/standalone/pvc.yaml
+++ b/kubernetes/common/mongodb/templates/standalone/pvc.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
diff --git a/kubernetes/common/mongodb/templates/standalone/svc.yaml b/kubernetes/common/mongodb/templates/standalone/svc.yaml

index 5d0d03f..772c8cf 100644 (file)
--- a/kubernetes/common/mongodb/templates/standalone/svc.yaml
+++ b/kubernetes/common/mongodb/templates/standalone/svc.yaml
@@ -1,5 +1,5 @@
  {{- /*
-Copyright VMware, Inc.
+Copyright Broadcom, Inc. All Rights Reserved.
  SPDX-License-Identifier: APACHE-2.0
  */}}
  
@@ -44,6 +44,7 @@ spec:
    {{- if (or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort")) }}
    externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | quote }}
    {{- end }}
+  publishNotReadyAddresses: {{ .Values.service.publishNotReadyAddresses }}
    ports:
      - name: {{ .Values.service.portName | quote }}
        port: {{ .Values.service.ports.mongodb }}
diff --git a/kubernetes/common/mongodb/templates/update-password/job.yaml b/kubernetes/common/mongodb/templates/update-password/job.yaml

new file mode 100644 (file)

index 0000000..587f816
--- /dev/null
+++ b/kubernetes/common/mongodb/templates/update-password/job.yaml
@@ -0,0 +1,245 @@
+{{- /*
+Copyright Broadcom, Inc. All Rights Reserved.
+SPDX-License-Identifier: APACHE-2.0
+*/}}
+
+{{- if .Values.passwordUpdateJob.enabled }}
+{{- $customUsers := include "mongodb.customUsers" . }}
+{{- $customDatabases := include "mongodb.customDatabases" . }}
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ printf "%s-password-update" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }}
+  namespace: {{ include "common.names.namespace" . | quote }}
+  labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
+    app.kubernetes.io/part-of: mongodb
+    app.kubernetes.io/component: update-job
+  {{- $defaultAnnotations := dict "helm.sh/hook" "pre-upgrade" "helm.sh/hook-delete-policy" "hook-succeeded" }}
+  {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.commonAnnotations $defaultAnnotations .Values.passwordUpdateJob.annotations ) "context" . ) }}
+  annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }}
+spec:
+  backoffLimit: {{ .Values.passwordUpdateJob.backoffLimit }}
+  template:
+    metadata:
+      {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.passwordUpdateJob.podLabels .Values.commonLabels ) "context" . ) }}
+      labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }}
+        app.kubernetes.io/part-of: mongodb
+        app.kubernetes.io/component: update-job
+      {{- if .Values.passwordUpdateJob.podAnnotations }}
+      annotations: {{- include "common.tplvalues.render" (dict "value" .Values.passwordUpdateJob.podAnnotations "context" $) | nindent 8 }}
+      {{- end }}
+    spec:
+      {{- include "mongodb.imagePullSecrets" . | nindent 6 }}
+      restartPolicy: OnFailure
+      {{- if .Values.passwordUpdateJob.podSecurityContext.enabled }}
+      securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.passwordUpdateJob.podSecurityContext "context" $) | nindent 8 }}
+      {{- end }}
+      automountServiceAccountToken: {{ .Values.passwordUpdateJob.automountServiceAccountToken }}
+      {{- if .Values.passwordUpdateJob.hostAliases }}
+      hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.passwordUpdateJob.hostAliases "context" $) | nindent 8 }}
+      {{- end }}
+      initContainers:
+        {{- if .Values.passwordUpdateJob.initContainers }}
+        {{- include "common.tplvalues.render" (dict "value" .Values.passwordUpdateJob.initContainers "context" $) | nindent 8 }}
+        {{- end }}
+      containers:
+        - name: update-credentials
+          image: {{ template "mongodb.image" . }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          {{- if .Values.passwordUpdateJob.command }}
+          command: {{- include "common.tplvalues.render" (dict "value" .Values.passwordUpdateJob.command "context" $) | nindent 12 }}
+          {{- else }}
+          command:
+            - /bin/bash
+            - -ec
+          {{- end }}
+          {{- if .Values.passwordUpdateJob.args }}
+          args: {{- include "common.tplvalues.render" (dict "value" .Values.passwordUpdateJob.args "context" $) | nindent 12 }}
+          {{- else }}
+          args:
+            - |
+              {{- if .Values.usePasswordFiles }}
+              # We need to load all the secret env vars to the system
+              for file in $(find /bitnami/mongodb/secrets -type f); do
+                  env_var_name="$(basename $file)"
+                  echo "Exporting $env_var_name"
+                  export $env_var_name="$(< $file)"
+              done
+              {{- end }}
+
+              . /opt/bitnami/scripts/mongodb-env.sh
+              . /opt/bitnami/scripts/libmongodb.sh
+              . /opt/bitnami/scripts/liblog.sh
+
+              protocol=mongodb
+              {{- if eq .Values.architecture "replicaset" }}
+              replicaset={{- range $i, $_ := until (int .Values.replicaCount) }}{{- if ne $i 0 }},{{- end }}{{ include "common.names.fullname" $ }}-{{ $i }}.{{ include "mongodb.service.nameOverride" $ }}:{{ $.Values.containerPorts.mongodb }}{{- end }}
+              {{- else }}
+              replicaset={{ include "common.names.fullname" . }}:{{ .Values.service.ports.mongodb }}
+              {{- end }}
+
+              info "Starting password update job"
+              if [[ -f /job-status/root-password-changed ]]; then
+                  info "Root password already updated. Skipping"
+              else
+                  info "Updating root password"
+                  mongosh "${protocol}://$MONGODB_ROOT_USER:$MONGODB_PREVIOUS_ROOT_PASSWORD@$replicaset/admin" --eval "db.changeUserPassword('$MONGODB_ROOT_USER', '$MONGODB_NEW_ROOT_PASSWORD')"
+                  touch /job-status/root-password-changed
+                  info "Root password successfully updated"
+              fi
+              {{- if and (not (empty $customUsers)) (not (empty $customDatabases)) }}
+
+              databases_extra=()
+              usernames_extra=()
+              IFS="$(mongodb_field_separator "$MONGODB_EXTRA_DATABASES")" read -r -a databases_extra <<<"$MONGODB_EXTRA_DATABASES"
+              IFS="$(mongodb_field_separator "$MONGODB_EXTRA_USERNAMES")" read -r -a usernames_extra <<<"$MONGODB_EXTRA_USERNAMES"
+              new_passwords_extra=()
+              IFS="$(mongodb_field_separator "$MONGODB_NEW_EXTRA_PASSWORDS")" read -r -a new_passwords_extra <<<"$MONGODB_NEW_EXTRA_PASSWORDS"
+
+              for ((i = 0; i < ${#usernames_extra[@]}; i++)); do
+                  if [[ -f /job-status/password-${usernames_extra[i]}-changed ]]; then
+                      info "User ${usernames_extra[i]} password already updated. Skipping"
+                  else
+                      info "Updating user ${usernames_extra[i]} password"
+                      mongosh "${protocol}://$MONGODB_ROOT_USER:$MONGODB_NEW_ROOT_PASSWORD@$replicaset/${databases_extra[i]}?authSource=admin" --eval "db.changeUserPassword('${usernames_extra[i]}', '${new_passwords_extra[i]}');"
+                      touch /job-status/password-${usernames_extra[i]}-changed
+                      info "User ${usernames_extra[i]} password successfully updated"
+                  fi
+              done
+
+              {{- end }}
+
+              {{- if .Values.metrics.username }}
+              if [[ -f /job-status/metrics-password-changed ]]; then
+                  info "Metrics password already updated. Skipping"
+              else
+                  info "Updating metrics password"
+                  mongosh "${protocol}://$MONGODB_ROOT_USER:$MONGODB_NEW_ROOT_PASSWORD@$replicaset/admin" --eval "db.changeUserPassword('$MONGODB_METRICS_USER', '$MONGODB_NEW_METRICS_PASSWORD')"
+                  touch /job-status/root-password-changed
+                  info "Metrics password successfully updated"
+              fi
+              {{- end }}
+
+              {{- if .Values.passwordUpdateJob.extraCommands }}
+              info "Running extra commmands"
+              {{- include "common.tplvalues.render" (dict "value" .Values.passwordUpdateJob.extraCommands "context" $) | nindent 14 }}
+              {{- end }}
+              info "Password update job finished successfully"
+          {{- end }}
+          env:
+            - name: BITNAMI_DEBUG
+              value: {{ ternary "true" "false" .Values.image.debug | quote }}
+            {{- if not .Values.usePasswordFiles }}
+            - name: MONGODB_PREVIOUS_ROOT_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ template "mongodb.update-job.previousSecretName" . }}
+                  key: mongodb-root-password
+            - name: MONGODB_NEW_ROOT_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ template "mongodb.update-job.newSecretName" . }}
+                  key: mongodb-root-password
+            {{- end }}
+            {{- if and (not (empty $customUsers)) (not (empty $customDatabases)) }}
+            - name: MONGODB_EXTRA_USERNAMES
+              value: {{ $customUsers | quote }}
+            - name: MONGODB_EXTRA_DATABASES
+              value: {{ $customDatabases | quote }}
+            {{- if not .Values.usePasswordFiles }}
+            - name: MONGODB_NEW_EXTRA_PASSWORDS
+              valueFrom:
+                secretKeyRef:
+                  name: {{ template "mongodb.update-job.newSecretName" . }}
+                  key: mongodb-passwords
+            {{- end }}
+            {{- end }}
+            {{- if .Values.metrics.username }}
+            - name: MONGODB_METRICS_USER
+              value: {{ .Values.metrics.username | quote }}
+            {{- if not .Values.usePasswordFiles }}
+            - name: MONGODB_PREVIOUS_METRICS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ template "mongodb.update-job.previousSecretName" . }}
+                  key: mongodb-metrics-password
+            - name: MONGODB_NEW_METRICS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ template "mongodb.update-job.newSecretName" . }}
+                  key: mongodb-metrics-password
+            {{- end }}
+            {{- end }}
+            {{- if .Values.passwordUpdateJob.extraEnvVars }}
+            {{- include "common.tplvalues.render" (dict "value" .Values.passwordUpdateJob.extraEnvVars "context" $) | nindent 12 }}
+            {{- end }}
+          {{- if or .Values.passwordUpdateJob.extraEnvVarsCM .Values.passwordUpdateJob.extraEnvVarsSecret }}
+          envFrom:
+            {{- if .Values.passwordUpdateJob.extraEnvVarsCM }}
+            - configMapRef:
+                name: {{ .Values.passwordUpdateJob.extraEnvVarsCM }}
+            {{- end }}
+            {{- if .Values.passwordUpdateJob.extraEnvVarsSecret }}
+            - secretRef:
+                name: {{ .Values.passwordUpdateJob.extraEnvVarsSecret }}
+            {{- end }}
+          {{- end }}
+          {{- if .Values.passwordUpdateJob.containerSecurityContext.enabled }}
+          securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.passwordUpdateJob.containerSecurityContext "context" $) | nindent 12 }}
+          {{- end }}
+          {{- if .Values.passwordUpdateJob.customLivenessProbe }}
+          livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.passwordUpdateJob.customLivenessProbe "context" $) | nindent 12 }}
+          {{- end }}
+          {{- if .Values.passwordUpdateJob.customReadinessProbe }}
+          readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.passwordUpdateJob.customReadinessProbe "context" $) | nindent 12 }}
+          {{- end }}
+          {{- if .Values.passwordUpdateJob.customStartupProbe }}
+          startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.passwordUpdateJob.customStartupProbe "context" $) | nindent 12 }}
+          {{- end }}
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /job-status
+              subPath: job-dir
+            {{- if .Values.usePasswordFiles }}
+            - name: mongodb-previous-credentials
+              mountPath: /bitnami/mongodb/secrets/previous
+            - name: mongodb-new-credentials
+              mountPath: /bitnami/mongodb/secrets/new
+            {{- end }}
+          {{- if .Values.passwordUpdateJob.extraVolumeMounts }}
+            {{- include "common.tplvalues.render" (dict "value" .Values.passwordUpdateJob.extraVolumeMounts "context" $) | nindent 12 }}
+          {{- end }}
+          {{- if .Values.passwordUpdateJob.resources }}
+          resources: {{- toYaml .Values.passwordUpdateJob.resources | nindent 12 }}
+          {{- else if ne .Values.passwordUpdateJob.resourcesPreset "none" }}
+          resources: {{- include "common.resources.preset" (dict "type" .Values.passwordUpdateJob.resourcesPreset) | nindent 12 }}
+          {{- end }}
+      volumes:
+        - name: empty-dir
+          emptyDir: {}
+        {{- if and .Values.usePasswordFiles }}
+        - name: mongodb-previous-credentials
+          secret:
+            secretName: {{ template "mongodb.update-job.previousSecretName" . }}
+            items:
+              - key: mongodb-root-password
+                path: MONGODB_PREVIOUS_ROOT_PASSWORD
+        - name: mongodb-new-credentials
+          secret:
+            secretName: {{ template "mongodb.update-job.newSecretName" . }}
+            items:
+              - key: mongodb-root-password
+                path: MONGODB_NEW_ROOT_PASSWORD
+              {{- if and (not (empty $customUsers)) (not (empty $customDatabases)) }}
+              - key: mongodb-passwords
+                path: MONGODB_NEW_EXTRA_PASSWORDS
+              {{- end }}
+              {{- if .Values.metrics.username }}
+              - key: mongodb-metrics-password
+                path: MONGODB_NEW_METRICS_PASSWORD
+              {{- end }}
+        {{- end }}
+      {{- if .Values.passwordUpdateJob.extraVolumes }}
+      {{- include "common.tplvalues.render" (dict "value" .Values.passwordUpdateJob.extraVolumes "context" $) | nindent 8 }}
+      {{- end }}
+{{- end }}
diff --git a/kubernetes/common/mongodb/templates/update-password/new-secret.yaml b/kubernetes/common/mongodb/templates/update-password/new-secret.yaml

new file mode 100644 (file)

index 0000000..0e0386a
--- /dev/null
+++ b/kubernetes/common/mongodb/templates/update-password/new-secret.yaml
@@ -0,0 +1,32 @@
+{{- /*
+Copyright Broadcom, Inc. All Rights Reserved.
+SPDX-License-Identifier: APACHE-2.0
+*/}}
+
+{{- if and .Values.passwordUpdateJob.enabled (include "mongodb.createSecret" .) (not ( include "mongodb.createPreviousSecret" . )) (not .Values.passwordUpdateJob.previousPasswords.existingSecret) }}
+{{- $rootPassword := .Values.auth.rootPassword }}
+{{- $metricsPassword := .Values.metrics.password }}
+{{- $customUsers := include "mongodb.customUsers" . }}
+{{- $customPasswords := join "," (include "mongodb.customPasswords" .) }}
+{{- $customDatabases := include "mongodb.customDatabases" . }}
+{{- $replicationPassword := .Values.auth.replicationPassword }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ printf "%s-new-secret" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }}
+  namespace: {{ include "common.names.namespace" . | quote }}
+  labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
+    app.kubernetes.io/part-of: mongodb
+  {{- $defaultAnnotations := dict "helm.sh/hook" "pre-upgrade" "helm.sh/hook-delete-policy" "hook-succeeded" }}
+  {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.commonAnnotations $defaultAnnotations ) "context" . ) }}
+  annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }}
+type: Opaque
+data:
+  mongodb-root-password: {{ required "The new root password is required!" $rootPassword | b64enc | quote }}
+  {{- if and (not (empty $customUsers)) (not (empty $customDatabases)) }}
+  mongodb-passwords: {{ required "The new custom passwords are required!" $customPasswords | b64enc | quote }}
+  {{- end }}
+  {{- if .Values.metrics.username }}
+  mongodb-metrics-password: {{ required "The new metrics password is required!" $metricsPassword | b64enc | quote }}
+  {{- end }}
+{{- end }}
diff --git a/kubernetes/common/mongodb/templates/update-password/previous-secret.yaml b/kubernetes/common/mongodb/templates/update-password/previous-secret.yaml

new file mode 100644 (file)

index 0000000..a1db9f8
--- /dev/null
+++ b/kubernetes/common/mongodb/templates/update-password/previous-secret.yaml
@@ -0,0 +1,21 @@
+{{- /*
+Copyright Broadcom, Inc. All Rights Reserved.
+SPDX-License-Identifier: APACHE-2.0
+*/}}
+
+{{- if and .Values.passwordUpdateJob.enabled (eq ( include "mongodb.createPreviousSecret" . ) "true") }}
+{{- $rootPassword := .Values.passwordUpdateJob.previousPasswords.rootPassword }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ printf "%s-previous-secret" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }}
+  namespace: {{ include "common.names.namespace" . | quote }}
+  labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
+    app.kubernetes.io/part-of: mongodb
+  {{- $defaultAnnotations := dict "helm.sh/hook" "pre-upgrade" "helm.sh/hook-delete-policy" "hook-succeeded" }}
+  {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.commonAnnotations $defaultAnnotations ) "context" . ) }}
+  annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }}
+type: Opaque
+data:
+  mongodb-root-password: {{ required "The previous root password is required!" $rootPassword | b64enc | quote }}
+{{- end }}
diff --git a/kubernetes/common/mongodb/values.yaml b/kubernetes/common/mongodb/values.yaml

index 7628846..cbea26c 100644 (file)
--- a/kubernetes/common/mongodb/values.yaml
+++ b/kubernetes/common/mongodb/values.yaml
@@ -1,4 +1,4 @@
-# Copyright VMware, Inc.
+# Copyright Broadcom, Inc. All Rights Reserved.
  # SPDX-License-Identifier: APACHE-2.0
  
  ## @section Global parameters
@@ -9,7 +9,8 @@
  
  ## @param global.imageRegistry Global Docker image registry
  ## @param global.imagePullSecrets Global Docker registry secret names as an array
-## @param global.storageClass Global StorageClass for Persistent Volume(s)
+## @param global.defaultStorageClass Global default StorageClass for Persistent Volume(s)
+## @param global.storageClass DEPRECATED: use global.defaultStorageClass instead
  ## @param global.namespaceOverride Override the namespace for resource deployed by the chart, but can itself be overridden by the local namespaceOverride
  ##
  global:
@@ -19,8 +20,23 @@ global:
    ##   - myRegistryKeySecretName
    ##
    imagePullSecrets: []
+  defaultStorageClass: ""
    storageClass: ""
+  ## Security parameters
+  ##
+  security:
+    ## @param global.security.allowInsecureImages Allows skipping image verification
+    allowInsecureImages: false
    namespaceOverride: ""
+  ## Compatibility adaptations for Kubernetes platforms
+  ##
+  compatibility:
+    ## Compatibility adaptations for Openshift
+    ##
+    openshift:
+      ## @param global.compatibility.openshift.adaptSecurityContext Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation)
+      ##
+      adaptSecurityContext: auto
  ## @section Common parameters
  ##
  
@@ -90,6 +106,9 @@ serviceBindings:
  ## If you experience slow pod startups or slow running of the scripts you probably want to set this to `false`.
  ##
  enableServiceLinks: true
+## @param usePasswordFiles Mount credentials as files instead of using environment variables
+##
+usePasswordFiles: true
  ## Enable diagnostic mode in the deployment
  ##
  diagnosticMode:
@@ -120,7 +139,7 @@ diagnosticMode:
  image:
    registry: docker.io
    repository: bitnami/mongodb
-  tag: 7.0.8-debian-12-r2
+  tag: 8.0.9-debian-12-r0
    digest: ""
    ## Specify a imagePullPolicy
    ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
@@ -246,7 +265,7 @@ tls:
    image:
      registry: docker.io
      repository: bitnami/nginx
-    tag: 1.25.4-debian-12-r7
+    tag: 1.28.0-debian-12-r0
      digest: ""
      pullPolicy: IfNotPresent
      ## Optionally specify an array of imagePullSecrets.
@@ -272,10 +291,10 @@ tls:
    ## choice for the user. This also increases chances charts run on environments with little
    ## resources, such as Minikube. If you do want to specify resources, uncomment the following
    ## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-  ## @param tls.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if tls.resources is set (tls.resources is recommended for production).
+  ## @param tls.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if tls.resources is set (tls.resources is recommended for production).
    ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
    ##
-  resourcesPreset: "none"
+  resourcesPreset: "nano"
    ## @param tls.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
    ## Example:
    ## resources:
@@ -598,10 +617,10 @@ containerSecurityContext:
  ## choice for the user. This also increases chances charts run on environments with little
  ## resources, such as Minikube. If you do want to specify resources, uncomment the following
  ## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-## @param resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).
+## @param resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).
  ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
  ##
-resourcesPreset: "none"
+resourcesPreset: "small"
  ## @param resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
  ## Example:
  ## resources:
@@ -736,11 +755,11 @@ extraVolumes: []
  pdb:
    ## @param pdb.create Enable/disable a Pod Disruption Budget creation for MongoDB(&reg;) pod(s)
    ##
-  create: false
+  create: true
    ## @param pdb.minAvailable Minimum number/percentage of MongoDB(&reg;) pods that must still be available after the eviction
    ##
-  minAvailable: 1
-  ## @param pdb.maxUnavailable Maximum number/percentage of MongoDB(&reg;) pods that may be made unavailable after the eviction
+  minAvailable: ""
+  ## @param pdb.maxUnavailable Maximum number/percentage of MongoDB(&reg;) pods that may be made unavailable after the eviction. Defaults to `1` if both `pdb.minAvailable` and `pdb.maxUnavailable` are empty.
    ##
    maxUnavailable: ""
  ## @section Traffic exposure parameters
@@ -818,6 +837,10 @@ service:
      ## @param service.headless.annotations Annotations for the headless service.
      ##
      annotations: {}
+  ## @param service.publishNotReadyAddresses Indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready
+  ## ref: https://kubernetes.io/docs/reference/kubernetes-api/service-resources/service-v1/
+  ##
+  publishNotReadyAddresses: false
  ## External Access to MongoDB(&reg;) nodes configuration
  ##
  externalAccess:
@@ -844,10 +867,9 @@ externalAccess:
      image:
        registry: docker.io
        repository: bitnami/kubectl
-      tag: 1.29.3-debian-12-r3
+      tag: 1.33.0-debian-12-r1
        digest: ""
        ## Specify a imagePullPolicy
-      ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
        ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
        ##
        pullPolicy: IfNotPresent
@@ -864,10 +886,10 @@ externalAccess:
      ## choice for the user. This also increases chances charts run on environments with little
      ## resources, such as Minikube. If you do want to specify resources, uncomment the following
      ## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-    ## @param externalAccess.autoDiscovery.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if externalAccess.autoDiscovery.resources is set (externalAccess.autoDiscovery.resources is recommended for production).
+    ## @param externalAccess.autoDiscovery.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if externalAccess.autoDiscovery.resources is set (externalAccess.autoDiscovery.resources is recommended for production).
      ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
      ##
-    resourcesPreset: "none"
+    resourcesPreset: "nano"
      ## @param externalAccess.autoDiscovery.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
      ## Example:
      ## resources:
@@ -879,6 +901,55 @@ externalAccess:
      ##     memory: 1024Mi
      ##
      resources: {}
+  ## Init container what mission is ensure public names can be resolved.
+  ##
+  dnsCheck:
+    ## Bitnami os-shell image
+    ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/
+    ## @param externalAccess.dnsCheck.image.registry [default: REGISTRY_NAME] Init container dns-check image registry
+    ## @param externalAccess.dnsCheck.image.repository [default: REPOSITORY_NAME/kubectl] Init container dns-check image repository
+    ## @skip externalAccess.dnsCheck.image.tag Init container dns-check image tag (immutable tags are recommended)
+    ## @param externalAccess.dnsCheck.image.digest Init container dns-check image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
+    ## @param externalAccess.dnsCheck.image.pullPolicy Init container dns-check image pull policy
+    ## @param externalAccess.dnsCheck.image.pullSecrets Init container dns-check image pull secrets
+    ##
+    image:
+      registry: docker.io
+      repository: bitnami/os-shell
+      tag: 12-debian-12-r43
+      digest: ""
+      ## Specify a imagePullPolicy
+      ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
+      ##
+      pullPolicy: IfNotPresent
+      ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
+      ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+      ## Example:
+      ## pullSecrets:
+      ##   - myRegistryKeySecretName
+      ##
+      pullSecrets: []
+    ## Init Container resource requests and limits
+    ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
+    ## We usually recommend not to specify default resources and to leave this as a conscious
+    ## choice for the user. This also increases chances charts run on environments with little
+    ## resources, such as Minikube. If you do want to specify resources, uncomment the following
+    ## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+    ## @param externalAccess.dnsCheck.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if externalAccess.autoDiscovery.resources is set (externalAccess.autoDiscovery.resources is recommended for production).
+    ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
+    ##
+    resourcesPreset: "nano"
+    ## @param externalAccess.dnsCheck.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
+    ## Example:
+    ## resources:
+    ##   requests:
+    ##     cpu: 2
+    ##     memory: 512Mi
+    ##   limits:
+    ##     cpu: 3
+    ##     memory: 1024Mi
+    ##
+    resources: {}
    ## Parameters to configure a set of Pods that connect to an existing MongoDB(&reg;) deployment that lies outside of Kubernetes.
    ## @param externalAccess.externalMaster.enabled Use external master for bootstrapping
    ## @param externalAccess.externalMaster.host External master host to bootstrap from
@@ -909,6 +980,9 @@ externalAccess:
      ##   - Y.Y.Y.Y
      ##
      loadBalancerIPs: []
+    ## @param externalAccess.service.publicNames Array of public names. The size should be equal to the number of replicas.
+    ##
+    publicNames: []
      ## @param externalAccess.service.loadBalancerClass loadBalancerClass when service type is LoadBalancer
      # ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-class
      loadBalancerClass: ""
@@ -919,7 +993,7 @@ externalAccess:
      ## - 10.10.10.0/24
      ##
      loadBalancerSourceRanges: []
-    ## @param externalAccess.service.allocateLoadBalancerNodePorts Wheter to allocate node ports when service type is LoadBalancer
+    ## @param externalAccess.service.allocateLoadBalancerNodePorts Whether to allocate node ports when service type is LoadBalancer
      ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-nodeport-allocation
      ##
      allocateLoadBalancerNodePorts: true
@@ -943,9 +1017,16 @@ externalAccess:
      ## @param externalAccess.service.extraPorts Extra ports to expose (normally used with the `sidecar` value)
      ##
      extraPorts: []
-    ## @param externalAccess.service.annotations Service annotations for external access
+    ## @param externalAccess.service.annotations Service annotations for external access. These annotations are common for all services created.
      ##
      annotations: {}
+    ## @param externalAccess.service.annotationsList Service annotations for eache external service. This value contains a list allowing different annotations per each external service.
+    ## Eg:
+    ##   annotationsList:
+    ##     - external-dns.alpha.kubernetes.io/hostname: mongodb-0.example.com
+    ##     - external-dns.alpha.kubernetes.io/hostname: mongodb-1.example.com
+    ##
+    annotationsList: []
      ## @param externalAccess.service.sessionAffinity Control where client requests go, to the same pod or round-robin
      ## Values: ClientIP or None
      ## ref: https://kubernetes.io/docs/concepts/services-networking/service/
@@ -1032,6 +1113,137 @@ externalAccess:
        ##     timeoutSeconds: 300
        ##
        sessionAffinityConfig: {}
+## @section Password update job
+##
+passwordUpdateJob:
+  ## @param passwordUpdateJob.enabled Enable password update job
+  ##
+  enabled: false
+  ## @param passwordUpdateJob.backoffLimit set backoff limit of the job
+  ##
+  backoffLimit: 10
+  ## @param passwordUpdateJob.command Override default container command on mysql Primary container(s) (useful when using custom images)
+  ##
+  command: []
+  ## @param passwordUpdateJob.args Override default container args on mysql Primary container(s) (useful when using custom images)
+  ##
+  args: []
+  ## @param passwordUpdateJob.extraCommands Extra commands to pass to the generation job
+  ##
+  extraCommands: ""
+  ## @param passwordUpdateJob.previousPasswords.rootPassword Previous root password (set if the password secret was already changed)
+  ## @param passwordUpdateJob.previousPasswords.existingSecret Name of a secret containing the previous passwords (set if the password secret was already changed)
+  previousPasswords:
+    rootPassword: ""
+    existingSecret: ""
+  ## Configure Container Security Context
+  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
+  ## @param passwordUpdateJob.containerSecurityContext.enabled Enabled containers' Security Context
+  ## @param passwordUpdateJob.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
+  ## @param passwordUpdateJob.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
+  ## @param passwordUpdateJob.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
+  ## @param passwordUpdateJob.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
+  ## @param passwordUpdateJob.containerSecurityContext.privileged Set container's Security Context privileged
+  ## @param passwordUpdateJob.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
+  ## @param passwordUpdateJob.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
+  ## @param passwordUpdateJob.containerSecurityContext.capabilities.drop List of capabilities to be dropped
+  ## @param passwordUpdateJob.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
+  ##
+  containerSecurityContext:
+    enabled: true
+    seLinuxOptions: {}
+    runAsUser: 1001
+    runAsGroup: 1001
+    runAsNonRoot: true
+    privileged: false
+    readOnlyRootFilesystem: true
+    allowPrivilegeEscalation: false
+    capabilities:
+      drop: ["ALL"]
+    seccompProfile:
+      type: "RuntimeDefault"
+  ## Configure Pods Security Context
+  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
+  ## @param passwordUpdateJob.podSecurityContext.enabled Enabled credential init job pods' Security Context
+  ## @param passwordUpdateJob.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
+  ## @param passwordUpdateJob.podSecurityContext.sysctls Set kernel settings using the sysctl interface
+  ## @param passwordUpdateJob.podSecurityContext.supplementalGroups Set filesystem extra groups
+  ## @param passwordUpdateJob.podSecurityContext.fsGroup Set credential init job pod's Security Context fsGroup
+  ##
+  podSecurityContext:
+    enabled: true
+    fsGroupChangePolicy: Always
+    sysctls: []
+    supplementalGroups: []
+    fsGroup: 1001
+  ## @param passwordUpdateJob.extraEnvVars Array containing extra env vars to configure the credential init job
+  ## For example:
+  ## extraEnvVars:
+  ##  - name: GF_DEFAULT_INSTANCE_NAME
+  ##    value: my-instance
+  ##
+  extraEnvVars: []
+  ## @param passwordUpdateJob.extraEnvVarsCM ConfigMap containing extra env vars to configure the credential init job
+  ##
+  extraEnvVarsCM: ""
+  ## @param passwordUpdateJob.extraEnvVarsSecret Secret containing extra env vars to configure the credential init job (in case of sensitive data)
+  ##
+  extraEnvVarsSecret: ""
+  ## @param passwordUpdateJob.extraVolumes Optionally specify extra list of additional volumes for the credential init job
+  ##
+  extraVolumes: []
+  ## @param passwordUpdateJob.extraVolumeMounts Array of extra volume mounts to be added to the jwt Container (evaluated as template). Normally used with `extraVolumes`.
+  ##
+  extraVolumeMounts: []
+  ## @param passwordUpdateJob.initContainers Add additional init containers for the mysql Primary pod(s)
+  ##
+  initContainers: []
+  ## Container resource requests and limits
+  ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
+  ## @param passwordUpdateJob.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if passwordUpdateJob.resources is set (passwordUpdateJob.resources is recommended for production).
+  ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
+  ##
+  resourcesPreset: "micro"
+  ## @param passwordUpdateJob.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
+  ## Example:
+  ## resources:
+  ##   requests:
+  ##     cpu: 2
+  ##     memory: 512Mi
+  ##   limits:
+  ##     cpu: 3
+  ##     memory: 1024Mi
+  ##
+  resources: {}
+  ## @param passwordUpdateJob.customLivenessProbe Custom livenessProbe that overrides the default one
+  ##
+  customLivenessProbe: {}
+  ## @param passwordUpdateJob.customReadinessProbe Custom readinessProbe that overrides the default one
+  ##
+  customReadinessProbe: {}
+  ## @param passwordUpdateJob.customStartupProbe Custom startupProbe that overrides the default one
+  ##
+  customStartupProbe: {}
+  ## @param passwordUpdateJob.automountServiceAccountToken Mount Service Account token in pod
+  ##
+  automountServiceAccountToken: false
+  ## @param passwordUpdateJob.hostAliases Add deployment host aliases
+  ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
+  ##
+  hostAliases: []
+  ## @param passwordUpdateJob.annotations [object] Add annotations to the job
+  ##
+  annotations: {}
+  ## @param passwordUpdateJob.podLabels Additional pod labels
+  ## Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
+  ##
+  podLabels: {}
+  ## @param passwordUpdateJob.podAnnotations Additional pod annotations
+  ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+  ##
+  podAnnotations: {}
+
+
  ## @section Network policy parameters
  ##
  
@@ -1052,7 +1264,10 @@ networkPolicy:
    ## @param networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations.
    ##
    allowExternalEgress: true
-  ## @param networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolice
+  ## @param networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `networkPolicy.allowExternal` is true.
+  ##
+  addExternalClientAccess: true
+  ## @param networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy
    ## e.g:
    ## extraIngress:
    ##   - ports:
@@ -1085,8 +1300,14 @@ networkPolicy:
    ##                   - frontend
    ##
    extraEgress: []
-  ## @param networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces
-  ## @param networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces
+  ## @param networkPolicy.ingressPodMatchLabels [object] Labels to match to allow traffic from other pods. Ignored if `networkPolicy.allowExternal` is true.
+  ## e.g:
+  ## ingressPodMatchLabels:
+  ##   my-client: "true"
+  #
+  ingressPodMatchLabels: {}
+  ## @param networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces. Ignored if `networkPolicy.allowExternal` is true.
+  ## @param networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces. Ignored if `networkPolicy.allowExternal` is true.
    ##
    ingressNSMatchLabels: {}
    ingressNSPodMatchLabels: {}
@@ -1127,6 +1348,9 @@ persistence:
    ## @param persistence.annotations PVC annotations
    ##
    annotations: {}
+  ## @param persistence.labels PVC labels
+  ##
+  labels: {}
    ## @param persistence.mountPath Path to mount the volume at
    ## MongoDB(&reg;) images.
    ##
@@ -1182,6 +1406,9 @@ backup:
      ## @param backup.cronjob.schedule Set the cronjob parameter schedule
      ##
      schedule: "@daily"
+    ## @param backup.cronjob.timeZone Set the cronjob parameter timeZone
+    ##
+    timeZone: ""
      ## @param backup.cronjob.concurrencyPolicy Set the cronjob parameter concurrencyPolicy
      ##
      concurrencyPolicy: Allow
@@ -1200,6 +1427,8 @@ backup:
      ## @param backup.cronjob.restartPolicy Set the cronjob parameter restartPolicy
      ##
      restartPolicy: OnFailure
+    ## @param backup.cronjob.backoffLimit Set the cronjob parameter backoffLimit
+    backoffLimit: 6
      ## backup container's Security Context
      ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
      ## @param backup.cronjob.containerSecurityContext.enabled Enabled containers' Security Context
@@ -1228,6 +1457,27 @@ backup:
          - CAP_NET_RAW
        seccompProfile:
          type: "RuntimeDefault"
+    ## backup container's resource requests and limits.
+    ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
+    ## We usually recommend not to specify default resources and to leave this as a conscious
+    ## choice for the user. This also increases chances charts run on environments with little
+    ## resources, such as Minikube. If you do want to specify resources, uncomment the following
+    ## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+    ## @param backup.cronjob.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).
+    ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
+    ##
+    resourcesPreset: "none"
+    ## @param backup.cronjob.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
+    ## Example:
+    ## resources:
+    ##   requests:
+    ##     cpu: 2
+    ##     memory: 512Mi
+    ##   limits:
+    ##     cpu: 3
+    ##     memory: 1024Mi
+    ##
+    resources: {}
      ## @param backup.cronjob.command Set backup container's command to run
      ##
      command: []
@@ -1355,7 +1605,7 @@ podSecurityPolicy:
    ##    hostNetwork: false
    ##    hostPID: false
    ##    privileged: false
-  ##    readOnlyRootFilesystem: false
+  ##    readOnlyRootFilesystem: true
    ##    requiredDropCapabilities:
    ##      - ALL
    ##    runAsUser:
@@ -1396,10 +1646,9 @@ volumePermissions:
    image:
      registry: docker.io
      repository: bitnami/os-shell
-    tag: 12-debian-12-r18
+    tag: 12-debian-12-r43
      digest: ""
      ## Specify a imagePullPolicy
-    ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
      ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
      ##
      pullPolicy: IfNotPresent
@@ -1416,10 +1665,10 @@ volumePermissions:
    ## choice for the user. This also increases chances charts run on environments with little
    ## resources, such as Minikube. If you do want to specify resources, uncomment the following
    ## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-  ## @param volumePermissions.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production).
+  ## @param volumePermissions.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production).
    ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
    ##
-  resourcesPreset: "none"
+  resourcesPreset: "nano"
    ## @param volumePermissions.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
    ## Example:
    ## resources:
@@ -1759,11 +2008,11 @@ arbiter:
    pdb:
      ## @param arbiter.pdb.create Enable/disable a Pod Disruption Budget creation for Arbiter pod(s)
      ##
-    create: false
+    create: true
      ## @param arbiter.pdb.minAvailable Minimum number/percentage of Arbiter pods that should remain scheduled
      ##
-    minAvailable: 1
-    ## @param arbiter.pdb.maxUnavailable Maximum number/percentage of Arbiter pods that may be made unavailable
+    minAvailable: ""
+    ## @param arbiter.pdb.maxUnavailable Maximum number/percentage of Arbiter pods that may be made unavailable. Defaults to `1` if both `arbiter.pdb.minAvailable` and `arbiter.pdb.maxUnavailable` are empty.
      ##
      maxUnavailable: ""
    ## MongoDB(&reg;) Arbiter service parameters
@@ -1986,7 +2235,7 @@ hidden:
    ## @param hidden.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if hidden.resources is set (hidden.resources is recommended for production).
    ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
    ##
-  resourcesPreset: "none"
+  resourcesPreset: "micro"
    ## @param hidden.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
    ## Example:
    ## resources:
@@ -2105,11 +2354,11 @@ hidden:
    pdb:
      ## @param hidden.pdb.create Enable/disable a Pod Disruption Budget creation for hidden node pod(s)
      ##
-    create: false
+    create: true
      ## @param hidden.pdb.minAvailable Minimum number/percentage of hidden node pods that should remain scheduled
      ##
-    minAvailable: 1
-    ## @param hidden.pdb.maxUnavailable Maximum number/percentage of hidden node pods that may be made unavailable
+    minAvailable: ""
+    ## @param hidden.pdb.maxUnavailable Maximum number/percentage of hidden node pods that may be made unavailable. Defaults to `1` if both `hidden.pdb.minAvailable` and `hidden.pdb.maxUnavailable` are empty.
      ##
      maxUnavailable: ""
    ## Enable persistence using Persistent Volume Claims
@@ -2163,6 +2412,9 @@ hidden:
        ##
        dataSource: {}
    service:
+    ## @param hidden.service.nameOverride The hidden service name
+    ##
+    nameOverride: ""
      ## @param hidden.service.portName MongoDB(&reg;) service port name
      ##
      portName: "mongodb"
@@ -2200,7 +2452,7 @@ metrics:
    image:
      registry: docker.io
      repository: bitnami/mongodb-exporter
-    tag: 0.40.0-debian-12-r15
+    tag: 0.44.0-debian-12-r5
      digest: ""
      pullPolicy: IfNotPresent
      ## Optionally specify an array of imagePullSecrets.
@@ -2259,10 +2511,10 @@ metrics:
    ## choice for the user. This also increases chances charts run on environments with little
    ## resources, such as Minikube. If you do want to specify resources, uncomment the following
    ## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-  ## @param metrics.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production).
+  ## @param metrics.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production).
    ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
    ##
-  resourcesPreset: "none"
+  resourcesPreset: "nano"
    ## @param metrics.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
    ## Example:
    ## resources:
diff --git a/kubernetes/multicloud/Chart.yaml b/kubernetes/multicloud/Chart.yaml

index fd028a7..89bdbe7 100644 (file)
--- a/kubernetes/multicloud/Chart.yaml
+++ b/kubernetes/multicloud/Chart.yaml
@@ -19,7 +19,7 @@
  apiVersion: v2
  description: ONAP multicloud broker
  name: multicloud
-version: 15.0.2
+version: 15.0.3
  
  dependencies:
    - name: common
diff --git a/kubernetes/multicloud/components/multicloud-k8s/Chart.yaml b/kubernetes/multicloud/components/multicloud-k8s/Chart.yaml

index 046f940..9e56446 100644 (file)
--- a/kubernetes/multicloud/components/multicloud-k8s/Chart.yaml
+++ b/kubernetes/multicloud/components/multicloud-k8s/Chart.yaml
@@ -18,7 +18,7 @@
  apiVersion: v2
  description: ONAP Multicloud Kubernetes Plugin
  name: multicloud-k8s
-version: 13.1.2
+version: 13.1.3
  
  dependencies:
    - name: common
@@ -28,7 +28,7 @@ dependencies:
      # be published independently to a repo (at this point)
      repository: '@local'
    - name: mongodb
-    version: ~14.12.x-0
+    version: ~16.5.x-0
      repository: '@local'
    - name: etcd
      version: ~13.x-0
diff --git a/kubernetes/onap/Chart.yaml b/kubernetes/onap/Chart.yaml

index c0f1a77..2bae04b 100644 (file)
--- a/kubernetes/onap/Chart.yaml
+++ b/kubernetes/onap/Chart.yaml
@@ -15,8 +15,8 @@
  
  apiVersion: v2
  name: onap
-version: 15.0.0
-appVersion: Oslo
+version: 16.0.0
+appVersion: Paris
  description: Open Network Automation Platform (ONAP)
  home: https://www.onap.org/
  sources:
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml

index 6b70dc5..206cec8 100755 (executable)
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -82,7 +82,7 @@ global:
    curlImage: curlimages/curl:7.80.0
  
    # env substitution image
-  envsubstImage: dibi/envsubst:1
+  envsubstImage: dibi/envsubst:latest
  
    # generate htpasswd files image
    # there's only latest image for htpasswd
@@ -98,7 +98,7 @@ global:
    mariadbImage: bitnami/mariadb:10.5.8
  
    # mongodb server image
-  mongodbImage: percona/percona-server-mongodb:7.0.5-3
+  mongodbImage: percona/percona-server-mongodb:7.0.16-10
  
    # nginx server image
    nginxImage: bitnami/nginx:1.21.4
@@ -107,7 +107,7 @@ global:
    postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1
  
    # readiness check image
-  readinessImage: onap/oom/readiness:6.1.2
+  readinessImage: onap/oom/readiness:6.2.0
  
    # image pull policy
    pullPolicy: Always
diff --git a/kubernetes/portal-ng/Chart.yaml b/kubernetes/portal-ng/Chart.yaml

index 7019d47..796e98d 100644 (file)
--- a/kubernetes/portal-ng/Chart.yaml
+++ b/kubernetes/portal-ng/Chart.yaml
@@ -15,7 +15,7 @@
  apiVersion: v2
  description: ONAP Next Generation Portal
  name: portal-ng
-version: 13.0.2
+version: 13.0.3
  
  dependencies:
    - name: common
diff --git a/kubernetes/portal-ng/components/portal-ng-history/Chart.yaml b/kubernetes/portal-ng/components/portal-ng-history/Chart.yaml

index 9f55e31..6d16ff9 100644 (file)
--- a/kubernetes/portal-ng/components/portal-ng-history/Chart.yaml
+++ b/kubernetes/portal-ng/components/portal-ng-history/Chart.yaml
@@ -29,7 +29,7 @@ type: application
  # This is the chart version. This version number should be incremented each time you make changes
  # to the chart and its templates, including the app version.
  # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 13.0.1
+version: 13.0.2
  
  # This is the version number of the application being deployed. This version number should be
  # incremented each time you make changes to the application. Versions are not expected to
@@ -47,5 +47,5 @@ dependencies:
      version: ~13.x-0
      repository: '@local'
    - name: mongodb
-    version: ~14.12.x-0
+    version: ~16.5.x-0
      repository: '@local'
diff --git a/kubernetes/portal-ng/components/portal-ng-preferences/Chart.yaml b/kubernetes/portal-ng/components/portal-ng-preferences/Chart.yaml

index 622ee90..778afc1 100644 (file)
--- a/kubernetes/portal-ng/components/portal-ng-preferences/Chart.yaml
+++ b/kubernetes/portal-ng/components/portal-ng-preferences/Chart.yaml
@@ -29,7 +29,7 @@ type: application
  # This is the chart version. This version number should be incremented each time you make changes
  # to the chart and its templates, including the app version.
  # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 13.0.1
+version: 13.0.2
  
  # This is the version number of the application being deployed. This version number should be
  # incremented each time you make changes to the application. Versions are not expected to
@@ -47,5 +47,5 @@ dependencies:
      version: ~13.x-0
      repository: '@local'
    - name: mongodb
-    version: ~14.12.x-0
+    version: ~16.5.x-0
      repository: '@local'
author	Andreas Geissler <andreas-geissler@telekom.de>
	Wed, 14 May 2025 10:30:23 +0000 (12:30 +0200)
committer	Andreas Geissler <andreas-geissler@telekom.de>
	Wed, 14 May 2025 14:45:09 +0000 (16:45 +0200)
kubernetes/common/mongodb/.helmignore		patch \| blob \| history
kubernetes/common/mongodb/CHANGELOG.md	[new file with mode: 0644]	patch \| blob
kubernetes/common/mongodb/Chart.yaml		patch \| blob \| history
kubernetes/common/mongodb/README.md		patch \| blob \| history
kubernetes/common/mongodb/common/.helmignore		patch \| blob \| history
kubernetes/common/mongodb/common/CHANGELOG.md	[new file with mode: 0644]	patch \| blob
kubernetes/common/mongodb/common/Chart.yaml		patch \| blob \| history
kubernetes/common/mongodb/common/README.md		patch \| blob \| history
kubernetes/common/mongodb/common/templates/_affinities.tpl		patch \| blob \| history
kubernetes/common/mongodb/common/templates/_capabilities.tpl		patch \| blob \| history
kubernetes/common/mongodb/common/templates/_compatibility.tpl	[new file with mode: 0644]	patch \| blob
kubernetes/common/mongodb/common/templates/_errors.tpl		patch \| blob \| history
kubernetes/common/mongodb/common/templates/_images.tpl		patch \| blob \| history
kubernetes/common/mongodb/common/templates/_ingress.tpl		patch \| blob \| history
kubernetes/common/mongodb/common/templates/_labels.tpl		patch \| blob \| history
kubernetes/common/mongodb/common/templates/_names.tpl		patch \| blob \| history
kubernetes/common/mongodb/common/templates/_resources.tpl		patch \| blob \| history
kubernetes/common/mongodb/common/templates/_secrets.tpl		patch \| blob \| history
kubernetes/common/mongodb/common/templates/_storage.tpl		patch \| blob \| history
kubernetes/common/mongodb/common/templates/_tplvalues.tpl		patch \| blob \| history
kubernetes/common/mongodb/common/templates/_utils.tpl		patch \| blob \| history
kubernetes/common/mongodb/common/templates/_warnings.tpl		patch \| blob \| history
kubernetes/common/mongodb/common/templates/validations/_cassandra.tpl		patch \| blob \| history
kubernetes/common/mongodb/common/templates/validations/_mariadb.tpl		patch \| blob \| history
kubernetes/common/mongodb/common/templates/validations/_mongodb.tpl		patch \| blob \| history
kubernetes/common/mongodb/common/templates/validations/_mysql.tpl		patch \| blob \| history
kubernetes/common/mongodb/common/templates/validations/_postgresql.tpl		patch \| blob \| history
kubernetes/common/mongodb/common/templates/validations/_redis.tpl		patch \| blob \| history
kubernetes/common/mongodb/common/templates/validations/_validations.tpl		patch \| blob \| history
kubernetes/common/mongodb/common/values.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/NOTES.txt		patch \| blob \| history
kubernetes/common/mongodb/templates/_helpers.tpl		patch \| blob \| history
kubernetes/common/mongodb/templates/arbiter/configmap.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/arbiter/headless-svc.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/arbiter/pdb.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/arbiter/statefulset.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/backup/cronjob.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/backup/pvc.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/common-scripts-cm.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/configmap.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/extra-list.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/hidden/configmap.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/hidden/external-access-svc.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/hidden/headless-svc.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/hidden/pdb.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/hidden/statefulset.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/initialization-configmap.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/metrics-svc.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/networkpolicy.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/prometheusrule.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/psp.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/replicaset/external-access-svc.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/replicaset/headless-svc.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/replicaset/pdb.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/replicaset/scripts-configmap.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/replicaset/statefulset.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/replicaset/svc.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/role.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/rolebinding.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/secrets-ca.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/secrets.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/serviceaccount.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/servicemonitor.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/standalone/dep-sts.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/standalone/pdb.yaml	[new file with mode: 0644]	patch \| blob
kubernetes/common/mongodb/templates/standalone/pvc.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/standalone/svc.yaml		patch \| blob \| history
kubernetes/common/mongodb/templates/update-password/job.yaml	[new file with mode: 0644]	patch \| blob
kubernetes/common/mongodb/templates/update-password/new-secret.yaml	[new file with mode: 0644]	patch \| blob
kubernetes/common/mongodb/templates/update-password/previous-secret.yaml	[new file with mode: 0644]	patch \| blob
kubernetes/common/mongodb/values.yaml		patch \| blob \| history
kubernetes/multicloud/Chart.yaml		patch \| blob \| history
kubernetes/multicloud/components/multicloud-k8s/Chart.yaml		patch \| blob \| history
kubernetes/onap/Chart.yaml		patch \| blob \| history
kubernetes/onap/values.yaml		patch \| blob \| history
kubernetes/portal-ng/Chart.yaml		patch \| blob \| history
kubernetes/portal-ng/components/portal-ng-history/Chart.yaml		patch \| blob \| history
kubernetes/portal-ng/components/portal-ng-preferences/Chart.yaml		patch \| blob \| history