Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Helm Chart Enhancements #283

Open
wants to merge 9 commits into
base: master
Choose a base branch
from
Open

Helm Chart Enhancements #283

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
f100d45
Helm enhancement: bring your own secret
jordi-t Mar 4, 2022
4d750c0
Helm enhancement: set additional labels on the objects pods
jordi-t Mar 4, 2022
04f904a
Helm enhancement: added support for Redis subchart
jordi-t Mar 4, 2022
d7f6ba2
Helm enhancement: support more configuration parameters and set sane …
jordi-t Mar 4, 2022
c90b245
Helm enhancement: automatically roll deployment when configmap/secret…
jordi-t Mar 6, 2022
f68e5c8
Helm enhancement: added support for the PGSSLMODE environment variable
jordi-t Mar 8, 2022
2720504
Helm enhancement: add chart-releaser action
jordi-t Mar 8, 2022
9c4d19f
bump chart
jordi-t Mar 8, 2022
aedd476
Helm fix: send Host header in healthcheck
jordi-t Mar 9, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 37 additions & 0 deletions .github/workflows/release-charts.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
name: Release Charts

on:
push:
branches:
- master

jobs:
release:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0

- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "[email protected]"

- name: Install Helm
uses: azure/setup-helm@v1
with:
version: v3.7.1

- name: Add dependency chart repos
run: |
helm repo add bitnami https://charts.bitnami.com/bitnami

- name: Run chart-releaser
uses: helm/[email protected]
with:
charts_dir: deployment/kubernetes
config: cr.yaml
env:
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
4 changes: 4 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,3 +48,7 @@ openapitools.json
# Auto generated files
src/resources.md
src/swagger2.0.json

# Helm
**/charts/*.tgz
**/Chart.lock
1 change: 1 addition & 0 deletions cr.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
release-name-template: "{{ .Name }}-chart-{{ .Version }}"
9 changes: 6 additions & 3 deletions deployment/kubernetes/objects/Chart.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
dependencies:
- name: postgresql
repository: https://charts.bitnami.com/bitnami
version: 10.10.1
digest: sha256:6286ac74b5e31a1fb03518c8147a24a02d26788ed75d01d8064a068dbda06f03
generated: "2021-09-20T18:26:08.467099231+02:00"
version: 10.10.3
- name: redis
repository: https://charts.bitnami.com/bitnami
version: 13.0.1
digest: sha256:f16504851e29407f8998b80327744f6339647167e7be8aac378816b245fd612a
generated: "2022-03-04T21:20:41.190441+01:00"
7 changes: 6 additions & 1 deletion deployment/kubernetes/objects/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ name: objects
description: A Helm chart for Objects API

type: application
version: 0.1.1
version: 0.2.0
appVersion: "1.16.0"

dependencies:
Expand All @@ -12,3 +12,8 @@ dependencies:
repository: https://charts.bitnami.com/bitnami
tags:
- postgresql
- name: redis
version: ~13.0.0
repository: https://charts.bitnami.com/bitnami
tags:
- redis
Binary file removed deployment/kubernetes/objects/charts/postgresql-10.10.1.tgz
View file
Open in desktop
Binary file not shown.
17 changes: 17 additions & 0 deletions deployment/kubernetes/objects/templates/configmap.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,3 +11,20 @@ data:
DB_PORT: {{ .Values.settings.database.port | toString | quote }}
DB_USER: {{ .Values.settings.database.username | toString | quote }}
DB_NAME: {{ .Values.settings.database.name | toString | quote }}
PGSSLMODE: {{ .Values.settings.database.sslmode | toString | quote }}
CACHE_DEFAULT: {{ .Values.settings.cache.default | toString | quote }}
CACHE_AXES: {{ .Values.settings.cache.axes | toString | quote }}
DEBUG: {{ .Values.settings.debug | toString | quote }}
IS_HTTPS: {{ .Values.settings.isHttps | toString | quote }}
NOTIFICATIONS_DISABLED: {{ .Values.settings.notificationsDisabled | toString | quote }}
TWO_FACTOR_FORCE_OTP_ADMIN: {{ .Values.settings.twoFactorForceOtpAdmin | toString | quote }}
TWO_FACTOR_PATCH_ADMIN: {{ .Values.settings.twoFactorPatchAdmin | toString | quote }}
{{- if .Values.settings.admins }}
ADMINS: {{ .Values.settings.admins | toString | quote }}
{{- end }}
{{- if .Values.settings.subPath }}
SUBPATH: {{ .Values.settings.subPath | toString | quote }}
{{- end }}
{{- if .Values.settings.siteId }}
SITE_ID: {{ .Values.settings.siteId | toString | quote }}
{{- end }}
19 changes: 15 additions & 4 deletions deployment/kubernetes/objects/templates/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,12 +13,17 @@ spec:
{{- include "objects.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
checksum/configmap: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
{{- with .Values.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "objects.selectorLabels" . | nindent 8 }}
{{- with .Values.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
Expand All @@ -35,7 +40,7 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
envFrom:
- secretRef:
name: {{ include "objects.fullname" . }}
name: {{ .Values.existingSecret | default (include "objects.fullname" .) }}
- configMapRef:
name: {{ include "objects.fullname" . }}
ports:
Expand All @@ -46,10 +51,16 @@ spec:
httpGet:
path: /
port: http
httpHeaders:
- name: Host
value: {{ include "objects.fullname" . | quote }}
readinessProbe:
httpGet:
path: /
port: http
httpHeaders:
- name: Host
value: {{ include "objects.fullname" . | quote }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
{{- with .Values.nodeSelector }}
Expand Down
6 changes: 5 additions & 1 deletion deployment/kubernetes/objects/templates/secret.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
{{- if not .Values.existingSecret }}
apiVersion: v1
kind: Secret
metadata:
Expand All @@ -8,4 +9,7 @@ type: Opaque
data:
DB_PASSWORD: {{ .Values.settings.database.password | toString | b64enc | quote }}
SECRET_KEY: {{ .Values.settings.secretKey | toString | b64enc | quote }}

{{- if .Values.settings.sentry.dsn }}
SENTRY_DSN: {{ .Values.settings.sentry.dsn | toString | b64enc | quote }}
{{- end }}
{{- end }}
41 changes: 40 additions & 1 deletion deployment/kubernetes/objects/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
tags:
postgresql: true
redis: true

replicaCount: 1

Expand All @@ -12,13 +13,17 @@ imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""

existingSecret: null

serviceAccount:
create: true
annotations: {}
name: ""

podAnnotations: {}

podLabels: {}

podSecurityContext: {}
# fsGroup: 2000

Expand Down Expand Up @@ -74,15 +79,30 @@ affinity: {}

settings:
secretKey: NOT-SO-SECRET
allowedHosts: "*"
allowedHosts: "objects"
admins: ""
siteId: ""
debug: "False"
isHttps: "True"
subPath: ""
notificationsDisabled: "False"
twoFactorForceOtpAdmin: "True"
twoFactorPatchAdmin: "True"

database:
host: objects-postgresql
port: 5432
username: postgres
password: objects
name: postgres
sslmode: prefer

cache:
default: open-zaak-redis-master:6379/0
axes: open-zaak-redis-master:6379/0

sentry:
dsn: ""

#########################
## PostgreSQL subchart ##
Expand All @@ -91,3 +111,22 @@ postgresql:
postgresqlPassword: objects
postgresqlPostgresPassword: objects
image.tag: 12.8.0


##################
# Redis subchart #
##################

redis:
usePassword: false

cluster:
enabled: false

persistence:
existingClaim: null

master:
persistence:
enabled: false
size: 1Gi