diff --git a/charts/port-ocean/Chart.yaml b/charts/port-ocean/Chart.yaml
index 53c52af..a4f1644 100644
--- a/charts/port-ocean/Chart.yaml
+++ b/charts/port-ocean/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
name: port-ocean
description: A Helm chart for Port Ocean integrations
type: application
-version: 0.1.26
+version: 0.2.0
appVersion: "0.1.0"
home: https://getport.io/
sources:
diff --git a/charts/port-ocean/README.md b/charts/port-ocean/README.md
index d2f5bf1..ba4dbf3 100644
--- a/charts/port-ocean/README.md
+++ b/charts/port-ocean/README.md
@@ -53,10 +53,15 @@ The following table lists the configuration parameters of the `port-ocean` chart
| `port.clientSecret` | Client secret for Port API authentication (irrelevant if secret.useExistingSecret=true). | |
| `port.baseUrl` | Base URL for the Port API. | `https://api.getport.io/v1` |
| `initializePortResources` | When set to true, creates a default JQ mapping and the relevant blueprints | `true` |
-| `scheduledResyncInterval` | The number in minutes to reschedule and poll data from the 3rd party system | `null` |
-| `sendRawDataExamples` | Enable sending raw data examples from the third party API to port for testing and managing the integration mapping | `true` |
+| `scheduledResyncInterval` | The number in minutes to reschedule and poll data from the 3rd party system. When workload.kind is set to CronJob this parameter is required and should be in a format of a cron string | `null` |
+| `sendRawDataExamples` | Enable sending raw data examples from the third party API to port for testing and managing the integration mapping | `true` |
| `podAnnotations` | Annotations to be added to the pod. | `{}` |
| `podSecurityContext` | Security context applied to the pod. | `{}` |
+| `containerSecurityContext` | Security context applied to the container. | `{}` |
+| `extraInitContainers` | Additional init containers to be added to the pod. | `[]` |
+| `workload.kind` | Kind of the workload. Can be either Deployment or CronJob | `Deployment` |
+| `workload.deployment.rolloutStrategy` | Deployment rollout strategy. | `Recreate` |
+| `workload.cron.resyncTimeoutMinutes` | Timeout in minutes for the resync cron job. When set to 0 or null, the cron job will not have a timeout. | `60` |
| `securityContext` | Security context applied to the container. | `{}` |
| `resources` | Container resource requests and limits. | `{}` |
| `nodeSelector` | NodeSelector applied to the pod. | `{}` |
@@ -64,7 +69,7 @@ The following table lists the configuration parameters of the `port-ocean` chart
| `affinity` | Affinity applied to the pod. | `{}` |
| `imageRegistry` | Image registry override. | `""` |
| `imagePullSecrets` | Image pull secrets | `[]` |
-| `secret.name` | Secret object name. Can also be a list of strings when useExistingSecret is set to true, allowing the deployment to pull multiple secrets into the environment variables | `""` |
+| `secret.name` | Secret object name. Can also be a list of strings when useExistingSecret is set to true, allowing the deployment to pull multiple secrets into the environment variables | `""` |
| `secret.useExistingSecret` | Enable this if you wish to create your own secret with credentials.
You must provide the following secrets:
`OCEAN__PORT__CLIENT_ID`
`OCEAN__PORT__CLIENT_SECRET`
Moreover, you need to provide sensitive configurations (required ones are **MUST**) for the selected integration:
Secret key format:`OCEAN__INTEGRATION__CONFIG__{{ $configName \| snakecase \| upper }}`
Example (if config name is `clusterConfMapping`): `OCEAN__INTEGRATION__CONFIG__CLUSTER_CONF_MAPPING` | `false` |
| `service.enabled` | Specifies whether the service is enabled or not. | `true` |
| `service.type` | Service type for the Port application. | `ClusterIP` |
diff --git a/charts/port-ocean/templates/_helpers.tpl b/charts/port-ocean/templates/_helpers.tpl
index 65ff0a2..5e06881 100644
--- a/charts/port-ocean/templates/_helpers.tpl
+++ b/charts/port-ocean/templates/_helpers.tpl
@@ -35,7 +35,7 @@ Common labels
*/}}
{{- define "port-ocean.labels" -}}
helm.sh/chart: {{ include "port-ocean.chart" . }}
-{{ include "port-ocean.selectorLabels" . }}
+{{- include "port-ocean.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
@@ -48,7 +48,7 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
{{/*
Selector labels
*/}}
-{{- define "port-ocean.selectorLabels" -}}
+{{- define "port-ocean.selectorLabels" }}
app.kubernetes.io/name: {{ include "port-ocean.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
@@ -61,7 +61,7 @@ Get prefix of ocean resource metadata.name
{{- end }}
{{/*
-Get config map name per integration
+Get config map name
*/}}
{{- define "port-ocean.configMapName" -}}
{{ $prefix:= include "port-ocean.metadataNamePrefix" . }}
@@ -69,7 +69,7 @@ Get config map name per integration
{{- end }}
{{/*
-Get secret name per integration
+Get secret name
*/}}
{{- define "port-ocean.secretName" -}}
{{ $prefix:= include "port-ocean.metadataNamePrefix" . }}
@@ -77,7 +77,7 @@ Get secret name per integration
{{- end }}
{{/*
-Get ingress name per integration
+Get ingress name
*/}}
{{- define "port-ocean.ingressName" -}}
{{ $prefix:= include "port-ocean.metadataNamePrefix" . }}
@@ -85,7 +85,7 @@ Get ingress name per integration
{{- end }}
{{/*
-Get service name per integration
+Get service name
*/}}
{{- define "port-ocean.serviceName" -}}
{{ $prefix:= include "port-ocean.metadataNamePrefix" . }}
@@ -93,7 +93,7 @@ Get service name per integration
{{- end }}
{{/*
-Get container name per integration
+Get container name
*/}}
{{- define "port-ocean.containerName" -}}
{{ $prefix:= include "port-ocean.metadataNamePrefix" . }}
@@ -101,17 +101,37 @@ Get container name per integration
{{- end }}
{{/*
-Get deployment name per integration
+Get deployment name
*/}}
{{- define "port-ocean.deploymentName" -}}
{{ $prefix:= include "port-ocean.metadataNamePrefix" . }}
{{- printf "%s-deployment" $prefix }}
{{- end }}
+{{/*
+Get cron job name
+*/}}
+{{- define "port-ocean.cronJobName" -}}
+{{ $prefix:= include "port-ocean.metadataNamePrefix" . }}
+{{- printf "%s-cron-job" $prefix }}
+{{- end }}
+
{{/*
Get self signed cert secret name
*/}}
{{- define "port-ocean.selfSignedCertName" -}}
{{ $prefix:= include "port-ocean.metadataNamePrefix" . }}
{{- printf "%s-cert" $prefix }}
+{{- end }}
+
+{{- define "port-ocean.additionalSecrets" }}
+{{- $secretsArray := list (include "port-ocean.secretName" .) }}
+{{- /* If the secretName is already an array we don't wrap it in an array */}}
+{{- if kindIs "slice" .Values.secret.name }}
+ {{- $secretsArray = .Values.secret.name }}
+{{- end }}
+{{- range $secretsArray }}
+- secretRef:
+ name: {{ . }}
+{{- end }}
{{- end }}
\ No newline at end of file
diff --git a/charts/port-ocean/templates/configmap.yaml b/charts/port-ocean/templates/configmap.yaml
index 0b1189c..0e15fe1 100644
--- a/charts/port-ocean/templates/configmap.yaml
+++ b/charts/port-ocean/templates/configmap.yaml
@@ -1,3 +1,7 @@
+{{- $eventListener := .Values.integration.eventListener }}
+{{- if eq .Values.workload.kind "CronJob" }}
+ {{- $eventListener = dict "type" "ONCE" }}
+{{- end}}
apiVersion: v1
kind: ConfigMap
metadata:
@@ -5,20 +9,17 @@ metadata:
data:
OCEAN__PORT__BASE_URL: {{ .Values.port.baseUrl | quote }}
OCEAN__INITIALIZE_PORT_RESOURCES: "{{ .Values.initializePortResources | default false }}"
- {{- if .Values.scheduledResyncInterval }}
+ {{- if and .Values.scheduledResyncInterval (not (eq .Values.workload.kind "CronJob")) }}
OCEAN__SCHEDULED_RESYNC_INTERVAL: "{{ .Values.scheduledResyncInterval }}"
{{- end }}
{{- if .Values.clientTimeout }}
OCEAN__CLIENT_TIMEOUT: "{{ .Values.clientTimeout }}"
{{- end }}
OCEAN__SEND_RAW_DATA_EXAMPLES: "{{ .Values.sendRawDataExamples | default true }}"
- OCEAN__EVENT_LISTENER: {{ .Values.integration.eventListener | toJson | quote }}
+ OCEAN__EVENT_LISTENER: {{ $eventListener | toJson | quote }}
{{- if .Values.integration.identifier }}
OCEAN__INTEGRATION__IDENTIFIER: "{{ .Values.integration.identifier }}"
{{- end }}
- {{- if .Values.integration.type }}
- OCEAN__INTEGRATION__TYPE: "{{ .Values.integration.type }}"
- {{- end }}
{{- if .Values.integration.config }}
{{- range $key, $value := .Values.integration.config }}
OCEAN__INTEGRATION__CONFIG__{{ $key | snakecase | upper }}: {{ $value | quote }}
diff --git a/charts/port-ocean/templates/cron-job/_helpers.yml b/charts/port-ocean/templates/cron-job/_helpers.yml
new file mode 100644
index 0000000..2d62edd
--- /dev/null
+++ b/charts/port-ocean/templates/cron-job/_helpers.yml
@@ -0,0 +1 @@
+{{ define "port-ocean.cron.job-query-rbac-prefix" }}{{.Release.Name}}-job-query{{ end }}
diff --git a/charts/port-ocean/templates/cron-job/cron-jobs-init-container-sa.yml b/charts/port-ocean/templates/cron-job/cron-jobs-init-container-sa.yml
new file mode 100644
index 0000000..c866af7
--- /dev/null
+++ b/charts/port-ocean/templates/cron-job/cron-jobs-init-container-sa.yml
@@ -0,0 +1,46 @@
+{{- if eq .Values.workload.kind "CronJob" }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: {{ include "port-ocean.cron.job-query-rbac-prefix" . }}-sa
+ namespace: {{ .Release.Namespace }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ namespace: {{ .Release.Namespace }}
+ name: {{ include "port-ocean.cron.job-query-rbac-prefix" . }}-role
+rules:
+ - apiGroups: [ "batch" ]
+ resources: [ "cronjobs" ]
+ verbs: [ "get" ]
+ - apiGroups: [ "batch" ]
+ resources: [ "jobs" ]
+ verbs: [ "list", "get", "patch", "create" ]
+ - apiGroups: [ "" ]
+ resources: [ "pods" ]
+ verbs: [ "get", "list" ]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ name: {{ include "port-ocean.cron.job-query-rbac-prefix" . }}-rolebinding
+ namespace: {{ .Release.Namespace }}
+subjects:
+ - kind: ServiceAccount
+ name: {{ include "port-ocean.cron.job-query-rbac-prefix" . }}-sa
+ namespace: {{ .Release.Namespace }}
+roleRef:
+ kind: Role
+ name: {{ include "port-ocean.cron.job-query-rbac-prefix" . }}-role
+ apiGroup: rbac.authorization.k8s.io
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "port-ocean.cron.job-query-rbac-prefix" . }}-sa-token
+ namespace: {{ .Release.Namespace }}
+ annotations:
+ kubernetes.io/service-account.name: {{ include "port-ocean.cron.job-query-rbac-prefix" . }}-sa
+type: kubernetes.io/service-account-token
+{{- end }}
\ No newline at end of file
diff --git a/charts/port-ocean/templates/cron-job/cron.yaml b/charts/port-ocean/templates/cron-job/cron.yaml
new file mode 100644
index 0000000..b897d21
--- /dev/null
+++ b/charts/port-ocean/templates/cron-job/cron.yaml
@@ -0,0 +1,193 @@
+{{- if eq .Values.workload.kind "CronJob" }}
+{{- $maxRunTimeSeconds := "" }}
+{{- if (.Values.workload.cron).resyncTimeout }}
+{{- $minute := 60 }}
+{{- $maxRunTimeSeconds = (mul (.Values.workload.cron).resyncTimeout $minute )}}
+{{- end }}
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+ name: {{ include "port-ocean.cronJobName" . }}
+ labels:
+ {{- include "port-ocean.labels" . | nindent 4 }}
+spec:
+ failedJobsHistoryLimit: 5
+ successfulJobsHistoryLimit: 1
+ schedule: {{ required "scheduledResyncInterval is required when using CronJob workload kind" .Values.scheduledResyncInterval | quote }}
+ concurrencyPolicy: Replace
+ jobTemplate:
+ metadata:
+ generateName: {{ include "port-ocean.cronJobName" . }}-
+ namespace: {{ .Release.Namespace }}
+ labels:
+ app: {{ include "port-ocean.cronJobName" . }}
+ integrationUniqueCronKey: {{ .Release.Name }}
+ {{- include "port-ocean.selectorLabels" . | indent 8 }}
+ spec:
+ backoffLimit: 1
+ {{- if $maxRunTimeSeconds }}
+ activeDeadlineSeconds: {{ $maxRunTimeSeconds }}
+ {{- end }}
+ template:
+ metadata:
+ {{- with .Values.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ labels:
+ app: {{ include "port-ocean.cronJobName" . }}
+ {{- include "port-ocean.labels" . | nindent 12 }}
+ spec:
+ restartPolicy: Never
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ securityContext:
+ {{- if .Values.podSecurityContext }}
+ {{- toYaml .Values.podSecurityContext | nindent 12 }}
+ {{- end }}
+ initContainers:
+ {{- with .Values.extraInitContainers }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ - name: terminate-old-resync-jobs
+ image: bitnami/kubectl:latest
+ env:
+ - name: JOB_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.labels['job-name']
+ - name: TOKEN
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "port-ocean.cron.job-query-rbac-prefix" . }}-sa-token
+ key: token
+ command:
+ - /bin/bash
+ - -c
+ - |
+ #!/bin/bash
+ echo "Starting init container"
+ LABEL_SELECTOR="integrationUniqueCronKey={{ .Release.Name }}"
+ NAMESPACE="{{ .Release.Namespace }}"
+ CURRENT_JOB_NAME=$(JOB_NAME)
+ DEADLINE=0 # 30 seconds deadline for the jobs to terminate
+ echo "kubectl get job $CURRENT_JOB_NAME -o=json | jq -r '.metadata.creationTimestamp'"
+ echo "kubectl get jobs -l ${LABEL_SELECTOR} -o=json | jq -r '.items[] | select(.metadata.creationTimestamp < '$CURRENT_JOB_CREATION_TIMESTAMP') | .metadata.name'"
+ CURRENT_JOB_CREATION_TIMESTAMP=$(kubectl get job $CURRENT_JOB_NAME -o=json --token=$TOKEN | jq -r '.metadata.creationTimestamp')
+
+ check_for_jobs() {
+ kubectl get jobs -l ${LABEL_SELECTOR} -o=json --token=$TOKEN | jq -r '.items[] | select(.metadata.creationTimestamp < "'$CURRENT_JOB_CREATION_TIMESTAMP'") | .metadata.name'
+ }
+
+ set_deadline_for_jobs() {
+ JOBS=$(check_for_jobs)
+ echo "Found jobs: $JOBS"
+ if [ -n "$JOBS" ]; then
+ for JOB in $JOBS; do
+ if [ "$JOB" != "$CURRENT_JOB_NAME" ]; then
+ echo "Setting deadline for job: $JOB"
+ kubectl patch job $JOB -n ${NAMESPACE} -p "{\"spec\":{\"activeDeadlineSeconds\":$DEADLINE}, \"metadata\":{\"labels\":{\"canceled\": \"$CURRENT_JOB_NAME\"}}}" --token=$TOKEN
+ echo "Waiting for job $JOB to terminate"
+ timeout 60s kubectl wait --for=delete pod --selector=job-name=$JOB -n ${NAMESPACE} --token=$TOKEN || (echo "Job $JOB did not terminate in time. Cannot start new job: $CURRENT_JOB_NAME" && exit 1)
+ else
+ echo "No running resync jobs found. Starting new job: $CURRENT_JOB_NAME"
+ fi
+ done
+ fi
+ }
+
+ set_deadline_for_jobs
+ echo "Exiting init container"
+ containers:
+ - name: {{ include "port-ocean.containerName" . }}
+ imagePullPolicy: {{ .Values.imagePullPolicy }}
+ image: '{{ .Values.imageRegistry }}/port-ocean-{{ .Values.integration.type }}:{{ .Values.integration.version | default "latest" }}'
+ {{- if .Values.service.enabled }}
+ securityContext:
+ {{- if .Values.containerSecurityContext }}
+ {{- toYaml .Values.containerSecurityContext | nindent 14 }}
+ {{- end }}
+ resources:
+ {{- if .Values.resources }}
+ {{- toYaml .Values.resources | nindent 14 }}
+ {{- end }}
+ ports:
+ - containerPort: {{.Values.service.port}}
+ protocol: TCP
+ {{- end }}
+ env:
+ {{- if .Values.selfSignedCertificate.enabled }}
+ - name: SSL_CERT_FILE
+ value: /etc/ssl/certs/ca-certificates.crt
+ {{- end }}
+ {{- with .Values.extraEnv }}
+ {{- toYaml . | nindent 14 }}
+ {{- end }}
+ envFrom:
+ - configMapRef:
+ name: {{ include "port-ocean.configMapName" . }}
+ {{- include "port-ocean.additionalSecrets" . | nindent 14 }}
+ volumeMounts:
+ {{- if .Values.selfSignedCertificate.enabled }}
+ - name: certificates
+ mountPath: /usr/local/share/ca-certificates/cert.crt
+ subPath: cert.crt
+ readOnly: true
+ {{- end }}
+ {{- if (.Values.livenessProbe).enabled}}
+ livenessProbe:
+ httpGet:
+ path: /docs
+ port: {{.Values.service.port}}
+ initialDelaySeconds: {{ default 10 .Values.livenessProbe.initialDelaySeconds }}
+ periodSeconds: {{ default 10 .Values.livenessProbe.periodSeconds }}
+ timeoutSeconds: {{ default 5 .Values.livenessProbe.timeoutSeconds }}
+ successThreshold: 1
+ failureThreshold: {{ default 3 .Values.livenessProbe.failureThreshold }}
+ {{- end }}
+ {{- if (.Values.readinessProbe).enabled}}
+ readinessProbe:
+ httpGet:
+ path: /docs
+ port: {{.Values.service.port}}
+ initialDelaySeconds: {{ default 10 .Values.readinessProbe.initialDelaySeconds }}
+ periodSeconds: {{ default 10 .Values.readinessProbe.periodSeconds }}
+ timeoutSeconds: {{ default 5 .Values.readinessProbe.timeoutSeconds }}
+ successThreshold: {{ default 1 .Values.readinessProbe.successThreshold }}
+ failureThreshold: {{ default 3 .Values.readinessProbe.failureThreshold }}
+ {{- end }}
+ volumes:
+ {{- if and .Values.selfSignedCertificate.enabled .Values.selfSignedCertificate.secret.useExistingSecret }}
+ - name: certificates
+ projected:
+ sources:
+ - secret:
+ name: {{ .Values.selfSignedCertificate.secret.name }}
+ items:
+ - key: {{ .Values.selfSignedCertificate.secret.key }}
+ path: cert.crt
+ {{- else if .Values.selfSignedCertificate.enabled }}
+ - name: certificates
+ projected:
+ sources:
+ - secret:
+ name: {{ include "port-ocean.selfSignedCertName" . }}
+ items:
+ - key: crt
+ path: cert.crt
+ {{- end }}
+ {{- with .Values.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.affinity }}
+ affinity:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+{{- end }}
diff --git a/charts/port-ocean/templates/cron-job/installation-resync-job.yml b/charts/port-ocean/templates/cron-job/installation-resync-job.yml
new file mode 100644
index 0000000..ab7fe65
--- /dev/null
+++ b/charts/port-ocean/templates/cron-job/installation-resync-job.yml
@@ -0,0 +1,30 @@
+{{- if and (eq .Values.workload.kind "CronJob") }}
+{{- $jobName := .Release.Revision }}
+apiVersion: batch/v1
+kind: Job
+metadata:
+ annotations:
+ helm.sh/hook: post-install, post-upgrade
+ helm.sh/hook-delete-policy: hook-succeeded, hook-failed
+ name: {{ include "port-ocean.cronJobName" . }}-init-resync-{{ .Release.Name }}-{{ $jobName }}
+spec:
+ ttlSecondsAfterFinished: 600
+ activeDeadlineSeconds: 30
+ backoffLimit: 1
+ template:
+ spec:
+ activeDeadlineSeconds: 30
+ containers:
+ - name: kubectl
+ image: bitnami/kubectl:latest
+ command: [ "sh", "-c" ]
+ env:
+ - name: TOKEN
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "port-ocean.cron.job-query-rbac-prefix" . }}-sa-token
+ key: token
+ args:
+ - kubectl create job --from=cronjob/{{ include "port-ocean.cronJobName" . }} init-resync-{{ .Release.Name }}-{{ $jobName }} --token=$TOKEN
+ restartPolicy: Never
+{{- end }}
\ No newline at end of file
diff --git a/charts/port-ocean/templates/deployment.yaml b/charts/port-ocean/templates/deployment.yaml
index 944e2a9..f496ab2 100644
--- a/charts/port-ocean/templates/deployment.yaml
+++ b/charts/port-ocean/templates/deployment.yaml
@@ -1,22 +1,18 @@
-{{- $secretsArray := list (include "port-ocean.secretName" .) }}
-{{/* If the secretName is already an array we don't wrap it in an array */}}
-{{- if kindIs "slice" .Values.secret.name }}
- {{- $secretsArray = .Values.secret.name }}
-{{- end }}
+{{- if eq .Values.workload.kind "Deployment" }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "port-ocean.deploymentName" . }}
labels:
- {{- include "port-ocean.labels" . | nindent 8 }}
+ {{- include "port-ocean.labels" . | nindent 4 }}
spec:
strategy:
- type: {{ .Values.rolloutStrategy | default "Recreate" }}
+ type: {{ .Values.workload.deployment.rolloutStrategy | default "Recreate" }}
replicas: 1
selector:
matchLabels:
app: {{ include "port-ocean.deploymentName" . }}
- {{- include "port-ocean.selectorLabels" . | nindent 6 }}
+ {{- include "port-ocean.selectorLabels" . | indent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
@@ -24,30 +20,34 @@ spec:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
- app: {{ include "port-ocean.deploymentName" .}}
+ app: {{ include "port-ocean.deploymentName" . }}
{{- include "port-ocean.labels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
- {{- toYaml . | nindent 10 }}
+ {{- toYaml . | nindent 8 }}
{{- end }}
securityContext:
{{- if .Values.podSecurityContext }}
- {{- toYaml .Values.podSecurityContext | nindent 10 }}
+ {{- toYaml .Values.podSecurityContext | nindent 8 }}
+ {{- end }}
+ initContainers:
+ {{- with .Values.extraInitContainers }}
+ {{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: {{ include "port-ocean.containerName" . }}
imagePullPolicy: {{ .Values.imagePullPolicy }}
- image: {{ .Values.imageRegistry }}/port-ocean-{{ .Values.integration.type }}:{{ .Values.integration.version | default "latest" }}
+ image: '{{ .Values.imageRegistry }}/port-ocean-{{ .Values.integration.type }}:{{ .Values.integration.version | default "latest" }}'
{{- if .Values.service.enabled }}
securityContext:
- {{- if .Values.containerSecurityContext }}
+ {{- if .Values.containerSecurityContext }}
{{- toYaml .Values.containerSecurityContext | nindent 10 }}
- {{- end }}
+ {{- end }}
resources:
- {{- if .Values.resources }}
+ {{- if .Values.resources }}
{{- toYaml .Values.resources | nindent 10 }}
- {{- end }}
+ {{- end }}
ports:
- containerPort: {{.Values.service.port}}
protocol: TCP
@@ -63,10 +63,7 @@ spec:
envFrom:
- configMapRef:
name: {{ include "port-ocean.configMapName" . }}
- {{- range $secretsArray }}
- - secretRef:
- name: {{ . }}
- {{- end }}
+ {{- include "port-ocean.additionalSecrets" . | nindent 10 }}
volumeMounts:
{{- if .Values.selfSignedCertificate.enabled }}
- name: certificates
@@ -118,7 +115,7 @@ spec:
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
- {{- toYaml . | nindent 8 }}
+ {{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
@@ -128,3 +125,4 @@ spec:
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/port-ocean/values.yaml b/charts/port-ocean/values.yaml
index 9cd9666..958686e 100644
--- a/charts/port-ocean/values.yaml
+++ b/charts/port-ocean/values.yaml
@@ -26,7 +26,16 @@ containerSecurityContext: { }
# runAsUser: 1001
# allowPrivilegeEscalation: false
-rolloutStrategy: "Recreate"
+extraInitContainers: [ ]
+
+workload:
+ kind: "Deployment" # Deployment, CronJob
+
+ deployment:
+ rolloutStrategy: "Recreate"
+
+# cron:
+# resyncTimeout: 60
resources:
requests:
@@ -53,6 +62,10 @@ imagePullSecrets: [ ]
initializePortResources: true
scheduledResyncInterval: null
+# Example
+# scheduledResyncInterval: 60 # minutes - Used for Deployment workload.kind
+# scheduledResyncInterval: "*/60 * * * *" # cron expression - Used for CronJob workload.kind
+
clientTimeout: null
@@ -106,15 +119,15 @@ selfSignedCertificate:
livenessProbe:
enabled: true
- initialDelaySeconds: 30
- periodSeconds: 10
- timeoutSeconds: 5
- failureThreshold: 3
+# initialDelaySeconds: 30
+# periodSeconds: 10
+# timeoutSeconds: 5
+# failureThreshold: 3
readinessProbe:
enabled: true
- initialDelaySeconds: 30
- periodSeconds: 10
- timeoutSeconds: 5
- failureThreshold: 3
- successThreshold: 2
\ No newline at end of file
+# initialDelaySeconds: 30
+# periodSeconds: 10
+# timeoutSeconds: 5
+# failureThreshold: 3
+# successThreshold: 2
\ No newline at end of file