Available from JFrog Platform Chart version 10.14.1.
Set
global.rabbitmq.auth.tls.enabled
andrabbitmq.auth.tls.enabled
as true in thevalues.yaml
file.global: rabbitmq: auth: tls: enabled: true rabbitmq: auth: tls: enabled: true
Warning
Ensure that you both
global.rabbitmq.auth.tls.enabled
andrabbitmq.auth.tls.enabled
values as the same so that the settings are shared between Xray and Pipelines.Add
extraConfiguration: |-management.listener.ssl = {{ .Values.global.rabbitmq.auth.tls.enabled}}
to access the RabbitMQ Management Portal through the HTTPS mode.global: rabbitmq: auth: tls: enabled: true rabbitmq: auth: tls: enabled: true extraConfiguration: |-management.listener.ssl = {{ .Values.global.rabbitmq.auth.tls.enabled}}
Warning
If you use Pipelines, you can access the RabbitMQ Management Portal only through the HTTP mode since Pipelines does not support TLS in RabbitMQ.
Select whether you want RabbitMQ to generates certs or whether you wish to use your own certs.
Set
global.rabbitmq.auth.tls.autogenerated
andrabbitmq.auth.tls.autogenerated
as true in thevalues.yaml
file so that RabbitMQ generates the certs.global: rabbitmq: auth: tls: enabled: true autogenerated: true rabbitmq: auth: tls: enabled: true autogenerated: true extraConfiguration: |-management.listener.ssl = {{ .Values.global.rabbitmq.auth.tls.enabled}}
Set
rabbitmq.auth.tls.autogenerated
as false in thevalues.yaml
file so that you can use your own certs.global: rabbitmq: auth: tls: enabled: true autogenerated: false rabbitmq: auth: tls: enabled: true autogenerated: false extraConfiguration: |-management.listener.ssl = {{ .Values.global.rabbitmq.auth.tls.enabled}}
Warning
Ensure that you both
global.rabbitmq.auth.tls.autogenerated
andrabbitmq.auth.tls.autogenerated
values as the same so that the settings are shared between Xray and Pipelines.Currently, Pipelines does not support TLS mode and the Pipelines chart overrides
tls.enabled
value from the platform chart.If you want to use your own certs, you can pass the certs as a Kubernetes secret.
Pass Certs as a Kubernetes Secret
To pass your certs as a Kubernetes secret, set
rabbitmq.auth.tls.existingSecret
with the secret name.global: rabbitmq: auth: tls: enabled: true autogenerated: false existingSecret: <secret name> rabbitmq: auth: tls: enabled: true autogenerated: false existingSecret: <secret name> extraConfiguration: |-management.listener.ssl = {{ .Values.global.rabbitmq.auth.tls.enabled}}
If you want to install only Xray without other JFrog products along with Artifactory, make the following update in the
values.yaml
file.xray: enabled: true insight: enabled: false distribution: enabled: false pipelines: enabled: false
Run the following command to apply the
values.yaml
in the JFrog Platform installation.helm upgrade --install jfrog-platform --namespace jfrog-platform jfrog/jfrog-platform -f values.yaml
You can also run a fresh installation of Xray installation with this updated values.yaml along with the other requirements mentioned in Xray Single Node Helm Installation.