Merge branch 'main' of github.com:devops-ia/helm-charts

devops-ia · Dec 11, 2023 · 229f6a0 · 229f6a0
2 parents 3894b16 + 293b65a
commit 229f6a0
Show file tree

Hide file tree

Showing 4 changed files with 101 additions and 21 deletions.
diff --git a/charts/opencti/Chart.yaml b/charts/opencti/Chart.yaml
@@ -8,7 +8,7 @@ maintainers:
     url: https://ialejandro.rocks
 sources:
   - https://github.com/OpenCTI-Platform/opencti
-version: 1.1.1
+version: 1.1.2
 appVersion: "5.11.13"
 home: https://www.filigran.io/en/solutions/products/opencti/
 keywords:
@@ -34,4 +34,3 @@ dependencies:
     version: 18.2.*
     repository: https://charts.bitnami.com/bitnami
     condition: redis.enabled
-
diff --git a/charts/opencti/README.md b/charts/opencti/README.md
@@ -94,6 +94,8 @@ helm show values devops-ia/opencti
 | image | object | `{"pullPolicy":"IfNotPresent","repository":"opencti/platform","tag":""}` | Image registry |
 | imagePullSecrets | list | `[]` | Global Docker registry secret names as an array |
 | ingress | object | `{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"chart-example.local","paths":[{"path":"/","pathType":"ImplementationSpecific"}]}],"tls":[]}` | Ingress configuration to expose app |
+| livenessProbe | object | `{"enabled":true,"failureThreshold":3,"initialDelaySeconds":180,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":5}` | Configure liveness checker ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes |
+| livenessProbeCustom | object | `{}` | Custom livenessProbe |
 | minio | object | `{"auth":{"rootPassword":"ChangeMe","rootUser":"ChangeMe"},"enabled":true,"mode":"standalone","persistence":{"enabled":false}}` | MinIO subchart deployment ref: https://github.com/bitnami/charts/blob/main/bitnami/minio/values.yaml  |
 | minio.auth.rootPassword | string | `"ChangeMe"` | Password for Minio root user |
 | minio.auth.rootUser | string | `"ChangeMe"` | Minio root username |
@@ -118,6 +120,8 @@ helm show values devops-ia/opencti
 | rabbitmq.persistence | object | `{"enabled":false}` | Persistence parameters |
 | rabbitmq.persistence.enabled | bool | `false` | Enable RabbitMQ data persistence using PVC |
 | rabbitmq.replicaCount | int | `1` | Number of RabbitMQ replicas to deploy |
+| readinessProbe | object | `{"enabled":true,"failureThreshold":3,"initialDelaySeconds":10,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":1}` | Configure readinessProbe checker ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes |
+| readinessProbeCustom | object | `{}` | Custom readinessProbe |
 | readyChecker | object | `{"enabled":true,"retries":30,"services":[{"name":"elasticsearch","port":9200},{"name":"minio","port":9000},{"name":"rabbitmq","port":5672},{"name":"redis-master","port":6379}],"timeout":5}` | Enable or disable ready-checker |
 | readyChecker.retries | int | `30` | Number of retries before giving up |
 | readyChecker.services | list | `[{"name":"elasticsearch","port":9200},{"name":"minio","port":9000},{"name":"rabbitmq","port":5672},{"name":"redis-master","port":6379}]` | List services |
@@ -143,7 +147,8 @@ helm show values devops-ia/opencti
 | service.targetPort | int | `4000` | Pod expose port |
 | service.type | string | `"ClusterIP"` | Kubernetes Service type. Allowed values: NodePort, LoadBalancer or ClusterIP |
 | serviceAccount | object | `{"annotations":{},"automountServiceAccountToken":false,"create":true,"name":""}` | Enable creation of ServiceAccount |
-| testConnection | bool | `true` | Enable livenessProbe, readinessProbe and startupProbe |
+| startupProbe | object | `{"enabled":true,"failureThreshold":30,"initialDelaySeconds":180,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":5}` | Configure startupProbe checker ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes |
+| startupProbeCustom | object | `{}` | Custom startupProbe |
 | tolerations | list | `[]` | Tolerations for pod assignment |
 | worker | object | `{"affinity":{},"autoscaling":{"enabled":false,"maxReplicas":100,"minReplicas":1,"targetCPUUtilizationPercentage":80},"enabled":true,"env":{"WORKER_LOG_LEVEL":"info"},"envFromSecrets":{},"image":{"pullPolicy":"IfNotPresent","repository":"opencti/worker","tag":""},"nodeSelector":{},"readyChecker":{"enabled":true,"retries":30,"timeout":5},"replicaCount":1,"resources":{},"tolerations":[]}` | OpenCTI worker deployment configuration |
 | worker.affinity | object | `{}` | Affinity for pod assignment |

diff --git a/charts/opencti/templates/server/deployment.yaml b/charts/opencti/templates/server/deployment.yaml
@@ -67,34 +67,50 @@ spec:
               containerPort: {{ $port.targetPort }}
               protocol: TCP
             {{- end }}
-          {{- if .Values.testConnection }}
+          {{- if .Values.livenessProbe.enabled }}
           livenessProbe:
+            {{- if .Values.livenessProbeCustom }}
+            {{- toYaml .Values.livenessProbeCustom | nindent 12 }}
+            {{- else }}
             httpGet:
               path: {{ .Values.service.healthPath | default "/dashboard" }}
               port: {{ .Values.service.targetPort | default .Values.service.port }}
-            failureThreshold: 3
-            initialDelaySeconds: 90
-            periodSeconds: 30
-            successThreshold: 1
-            timeoutSeconds: 5
+            failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
+            initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
+            successThreshold: {{ .Values.livenessProbe.successThreshold }}
+            timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
+            {{- end }}
+          {{- end }}
+          {{- if .Values.readinessProbe.enabled }}
           readinessProbe:
+            {{- if .Values.readinessProbeCustom }}
+            {{- toYaml .Values.readinessProbeCustom | nindent 12 }}
+            {{- else }}
             httpGet:
               path: {{ .Values.service.healthPath | default "/dashboard" }}
               port: {{ .Values.service.targetPort | default .Values.service.port }}
-            failureThreshold: 3
-            initialDelaySeconds: 90
-            periodSeconds: 30
-            successThreshold: 1
-            timeoutSeconds: 5
+            failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
+            initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
+            successThreshold: {{ .Values.readinessProbe.successThreshold }}
+            timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
+            {{- end }}
+          {{- end }}
+          {{- if .Values.startupProbe.enabled }}
           startupProbe:
+            {{- if .Values.startupProbeCustom }}
+            {{- toYaml .Values.startupProbeCustom | nindent 12 }}
+            {{- else }}
             httpGet:
               path: {{ .Values.service.healthPath | default "/dashboard" }}
               port: {{ .Values.service.targetPort | default .Values.service.port }}
-            failureThreshold: 3
-            initialDelaySeconds: 90
-            periodSeconds: 30
-            successThreshold: 1
-            timeoutSeconds: 5
+            failureThreshold: {{ .Values.startupProbe.failureThreshold }}
+            initialDelaySeconds: {{ .Values.startupProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.startupProbe.periodSeconds }}
+            successThreshold: {{ .Values.startupProbe.successThreshold }}
+            timeoutSeconds: {{ .Values.startupProbe.timeoutSeconds }}
+            {{- end }}
           {{- end }}
           env:
           - name: NODE_OPTIONS

diff --git a/charts/opencti/values.yaml b/charts/opencti/values.yaml
@@ -91,8 +91,68 @@ service:
   #   port: 9080
   #   targetPort: 9080
 
-# -- Enable livenessProbe, readinessProbe and startupProbe
-testConnection: true
+# -- Configure liveness checker
+# ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes
+livenessProbe:
+  enabled: true
+  failureThreshold: 3
+  initialDelaySeconds: 180
+  periodSeconds: 10
+  successThreshold: 1
+  timeoutSeconds: 5
+
+# -- Custom livenessProbe
+livenessProbeCustom: {}
+  # httpGet:
+  #   path: /dashboard
+  #   port: 4000
+  # failureThreshold: 3
+  # initialDelaySeconds: 200
+  # periodSeconds: 30
+  # successThreshold: 1
+  # timeoutSeconds: 5
+
+# -- Configure readinessProbe checker
+# ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes
+readinessProbe:
+  enabled: true
+  failureThreshold: 3
+  initialDelaySeconds: 10
+  periodSeconds: 10
+  successThreshold: 1
+  timeoutSeconds: 1
+
+# -- Custom readinessProbe
+readinessProbeCustom: {}
+  # httpGet:
+  #   path: /dashboard
+  #   port: 4000
+  # failureThreshold: 3
+  # initialDelaySeconds: 200
+  # periodSeconds: 30
+  # successThreshold: 1
+  # timeoutSeconds: 5
+
+# -- Configure startupProbe checker
+# ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes
+startupProbe:
+  enabled: true
+  failureThreshold: 30
+  initialDelaySeconds: 180
+  periodSeconds: 10
+  successThreshold: 1
+  timeoutSeconds: 5
+
+# -- Custom startupProbe
+startupProbeCustom: {}
+  # httpGet:
+  #   path: /dashboard
+  #   port: 4000
+  # failureThreshold: 3
+  # initialDelaySeconds: 200
+  # periodSeconds: 30
+  # successThreshold: 1
+  # timeoutSeconds: 5
 
 # -- Enable or disable ready-checker
 readyChecker: