From 45256a96e2461c61c02b49f348ba26bf780e5fc5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Bauer?= Date: Tue, 18 Feb 2020 23:22:50 +0100 Subject: [PATCH] WIP - updates zammad, dependency charts & ci pipline (#30) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * updates zammad, dependency charts & ci piline Signed-off-by: André Bauer * cleanup readme Signed-off-by: André Bauer * removed set Signed-off-by: André Bauer * some readme fixes Signed-off-by: André Bauer * change es image * modified es healtcheck as workaround for helm test * fixed clusterHealthCheckParams --- .circleci/chart_schema.yaml | 20 -- .circleci/config.yml | 99 -------- .circleci/ct.yaml | 2 - .circleci/deploy-chart.sh | 67 ------ .circleci/install-chart.sh | 128 ----------- .circleci/kind-config.yaml | 6 - .circleci/lint-chart.sh | 16 -- .circleci/lintconf.yaml | 42 ---- .github/check-for-chart-changes.sh | 21 ++ .github/ct.yaml | 7 + .github/deploy-chart.sh | 84 +++++++ .github/kind-config.yaml | 8 + {.circleci => .github}/lint-scripts.sh | 3 +- .github/workflows/ci.yaml | 62 +++++ .github/workflows/deploy.yaml | 26 +++ .gitignore | 4 + zammad/Chart.yaml | 6 +- zammad/README.md | 70 +++--- zammad/requirements.yaml | 18 +- zammad/templates/NOTES.txt | 12 +- zammad/templates/_helpers.tpl | 31 +++ zammad/templates/configmap-nginx.yaml | 11 +- zammad/templates/ingress.yaml | 27 ++- zammad/templates/pvc.yaml | 24 -- zammad/templates/secrets.yaml | 10 +- zammad/templates/service.yaml | 10 +- zammad/templates/statefulset.yaml | 307 ++++++++++++------------- zammad/values.yaml | 121 ++++------ 28 files changed, 530 insertions(+), 712 deletions(-) delete mode 100644 .circleci/chart_schema.yaml delete mode 100644 .circleci/config.yml delete mode 100644 .circleci/ct.yaml delete mode 100755 .circleci/deploy-chart.sh delete mode 100755 .circleci/install-chart.sh delete mode 100644 .circleci/kind-config.yaml delete mode 100755 .circleci/lint-chart.sh delete mode 100644 .circleci/lintconf.yaml create mode 100755 .github/check-for-chart-changes.sh create mode 100644 .github/ct.yaml create mode 100755 .github/deploy-chart.sh create mode 100644 .github/kind-config.yaml rename {.circleci => .github}/lint-scripts.sh (90%) create mode 100644 .github/workflows/ci.yaml create mode 100644 .github/workflows/deploy.yaml delete mode 100644 zammad/templates/pvc.yaml diff --git a/.circleci/chart_schema.yaml b/.circleci/chart_schema.yaml deleted file mode 100644 index e7502236..00000000 --- a/.circleci/chart_schema.yaml +++ /dev/null @@ -1,20 +0,0 @@ -name: str() -home: str() -version: str() -appVersion: any(str(), num()) -description: str() -keywords: list(str(), required=False) -sources: list(str(), required=False) -maintainers: list(include('maintainer'), required=False) -icon: str(required=False) -engine: str(required=False) -condition: str(required=False) -tags: str(required=False) -deprecated: bool(required=False) -kubeVersion: str(required=False) -annotations: map(str(), str(), required=False) ---- -maintainer: - name: str() - email: str(required=False) - url: str(required=False) diff --git a/.circleci/config.yml b/.circleci/config.yml deleted file mode 100644 index faaa376a..00000000 --- a/.circleci/config.yml +++ /dev/null @@ -1,99 +0,0 @@ -version: 2.1 -jobs: - lint-scripts: - docker: - - image: koalaman/shellcheck-alpine - steps: - - checkout - - run: - name: lint-scripts - command: .circleci/lint-scripts.sh - - lint-chart: - docker: - - image: quay.io/helmpack/chart-testing:v2.2.0 - steps: - - checkout - - run: - name: lint-chart - command: .circleci/lint-chart.sh - - install-chart-k8s-1-11-3: - machine: true - environment: - CHART_TESTING_IMAGE: quay.io/helmpack/chart-testing - CHART_TESTING_TAG: v2.2.0 - CHARTS_REPO: https://github.com/kiwigrid/helm-charts - KIND_VERSION: 0.1.0 - K8S_VERSION: v1.11.3 - steps: - - checkout - - run: - name: install-chart-k8s-1-11-3 - command: .circleci/install-chart.sh - no_output_timeout: 3600 - - install-chart-k8s-1-12-3: - machine: true - environment: - CHART_TESTING_IMAGE: quay.io/helmpack/chart-testing - CHART_TESTING_TAG: v2.2.0 - CHARTS_REPO: https://github.com/kiwigrid/helm-charts - KIND_VERSION: 0.1.0 - K8S_VERSION: v1.12.3 - steps: - - checkout - - run: - name: install-chart-k8s-1-12-3 - command: .circleci/install-chart.sh - no_output_timeout: 3600 - - install-chart-k8s-1-13-2: - machine: true - environment: - CHART_TESTING_IMAGE: quay.io/helmpack/chart-testing - CHART_TESTING_TAG: v2.2.0 - CHARTS_REPO: https://github.com/kiwigrid/helm-charts - KIND_VERSION: 0.1.0 - K8S_VERSION: v1.13.2 - steps: - - checkout - - run: - name: install-chart-k8s-1-13-2 - command: .circleci/install-chart.sh - no_output_timeout: 3600 - - deploy-chart: - docker: - - image: kiwigrid/gcloud-kubectl-helm:2.14.1-249.0.0-148 - steps: - - add_ssh_keys: - fingerprints: - - "81:19:ad:15:3c:a5:a4:83:8f:41:68:a5:2c:be:f5:05" - - checkout - - run: - name: deploy - command: .circleci/deploy-chart.sh - -workflows: - version: 2 - lint_install_deploy: - jobs: - - lint-scripts - - lint-chart: - requires: - - lint-scripts - - install-chart-k8s-1-11-3: - requires: - - lint-chart - - install-chart-k8s-1-12-3: - requires: - - lint-chart - - install-chart-k8s-1-13-2: - requires: - - lint-chart - - deploy-chart: - requires: - - install-chart-k8s-1-11-3 - - install-chart-k8s-1-12-3 - - install-chart-k8s-1-13-2 diff --git a/.circleci/ct.yaml b/.circleci/ct.yaml deleted file mode 100644 index da05f12b..00000000 --- a/.circleci/ct.yaml +++ /dev/null @@ -1,2 +0,0 @@ -chart-dirs: . -helm-extra-args: --timeout 3600 diff --git a/.circleci/deploy-chart.sh b/.circleci/deploy-chart.sh deleted file mode 100755 index 517c8282..00000000 --- a/.circleci/deploy-chart.sh +++ /dev/null @@ -1,67 +0,0 @@ -#!/usr/bin/env bash -# -# deploy zammad chart to zammad.github.io -# - -set -o errexit -set -o pipefail - -CHART_DIR="zammad" -CHART_REPO="git@github.com:zammad/zammad.github.io.git" -REPO_DIR="zammad.github.io" -REPO_ROOT="$(git rev-parse --show-toplevel)" - -if [ -z "${CIRCLE_PULL_REQUEST}" ]; then - - if ! git diff --name-only HEAD~1 | grep -q 'zammad/Chart.yaml'; then - echo "no chart changes... so no chart build and upload needed... exiting..." - exit 0 - fi - - # get zammad.github.io - test -d "${REPO_ROOT}"/"${REPO_DIR}" && rm -rf "${REPO_ROOT:=?}"/"${REPO_DIR:=?}" - git clone "${CHART_REPO}" "${REPO_ROOT}"/"${REPO_DIR}" - - # get chart version - CHART_VERSION="$(grep version: "${REPO_ROOT}"/"${CHART_DIR}"/Chart.yaml | sed 's/version: //')" - - # set original file dates of cloned repo - ( - cd "${REPO_ROOT}"/"${REPO_DIR}" || exit - while read -r FILE; do - ORG_FILE_TIME=$(git log --pretty=format:%cd --date=format:'%y%m%d%H%M' "${FILE}" | tail -n 1) - echo "set original time ${ORG_FILE_TIME} to ${FILE}" - touch -c -t "${ORG_FILE_TIME}" "${FILE}" - done < <(git ls-files) - ) - - # preserve dates in index.yaml by moving old charts and index out of the repo before packaging the new version - mkdir -p "${REPO_ROOT}"/"${TMP_DIR}" - mv "${REPO_ROOT}"/"${REPO_DIR}"/index.yaml "${REPO_ROOT}"/"${TMP_DIR}" - mv "${REPO_ROOT}"/"${REPO_DIR}"/*.tgz "${REPO_ROOT}"/"${TMP_DIR}" - - # build helm dependencies in subshell - ( - cd "${REPO_ROOT}"/"${CHART_DIR}" || exit - helm dependency build - ) - - # build chart - helm package "${REPO_ROOT}"/"${CHART_DIR}" --destination "${REPO_ROOT}"/"${REPO_DIR}" - - # build new index.yaml and merge with old one - helm repo index --merge "${REPO_ROOT}"/"${TMP_DIR}"/index.yaml --url https://"${REPO_DIR}" "${REPO_ROOT}"/"${REPO_DIR}" - - # move old charts back into git repo - mv "${REPO_ROOT}"/"${TMP_DIR}"/*.tgz "${REPO_ROOT}"/"${REPO_DIR}" - - # push changes to github - cd "${REPO_ROOT}"/"${REPO_DIR}" - git config --global user.email "info@zammad.org" - git config --global user.name "zammad-sync" - git add --all . - git commit -m "push zammad chart version ${CHART_VERSION} via circleci build nr: ${CIRCLE_BUILD_NUM}" - git push --set-upstream origin master -else - echo "skipped deploy as only merged pr in master is deployed..." -fi diff --git a/.circleci/install-chart.sh b/.circleci/install-chart.sh deleted file mode 100755 index 8485984c..00000000 --- a/.circleci/install-chart.sh +++ /dev/null @@ -1,128 +0,0 @@ -#!/usr/bin/env bash -# -# install zammad in kubernetes kind -# - -set -o errexit -set -o pipefail - -REPO_ROOT="$(git rev-parse --show-toplevel)" -WORKDIR="/workdir" -CLUSTER_NAME="chart-testing" -DOCKER_NAME="ct" - -if [ -n "${CIRCLE_PULL_REQUEST}" ]; then - echo -e "\\nTesting in Kubernetes ${K8S_VERSION}\\n" - - run_ct_container() { - echo "Running ${DOCKER_NAME} container..." - - docker container run --rm --interactive --detach --network host --name "${DOCKER_NAME}" \ - --volume "${REPO_ROOT}/.circleci/ct.yaml:/etc/ct/ct.yaml" \ - --volume "${REPO_ROOT}:${WORKDIR}" \ - --workdir ${WORKDIR} \ - "${CHART_TESTING_IMAGE}:${CHART_TESTING_TAG}" \ - cat - echo - } - - cleanup() { - echo "Removing ${DOCKER_NAME} container..." - - docker container kill "${DOCKER_NAME}" > /dev/null 2>&1 - - echo 'Done!' - } - - docker_exec() { - docker container exec --interactive ct "$@" - } - - create_kind_cluster() { - echo 'Installing kind...' - - curl -sSLo kind "https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-linux-amd64" - chmod +x kind - sudo mv kind /usr/local/bin/kind - - kind create cluster --name "${CLUSTER_NAME}" --config "${REPO_ROOT}"/.circleci/kind-config.yaml --image "kindest/node:${K8S_VERSION}" - - docker_exec mkdir -p /root/.kube - - echo 'Copying kubeconfig to container...' - local KUBECONFIG - KUBECONFIG="$(kind get kubeconfig-path --name "${CLUSTER_NAME}")" - docker cp "${KUBECONFIG}" "${DOCKER_NAME}":/root/.kube/config - - docker_exec kubectl cluster-info - echo - - echo -n 'Waiting for cluster to be ready...' - until ! grep --quiet 'NotReady' <(docker_exec kubectl get nodes --no-headers); do - printf '.' - sleep 1 - done - - echo '✔︎' - echo - - docker_exec kubectl get nodes - echo - - echo 'Cluster ready!' - echo - } - - install_tiller() { - echo 'Installing Tiller...' - docker_exec kubectl --namespace kube-system create sa tiller - docker_exec kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller - docker_exec helm init --service-account tiller --upgrade --wait - echo - } - - install_hostpath-provisioner() { - # kind doesn't support Dynamic PVC provisioning yet, this is one way to get it working - # https://github.com/rimusz/charts/tree/master/stable/hostpath-provisioner - - echo 'Installing hostpath-provisioner...' - - # Remove default storage class. Will be recreated by hostpath -provisioner - docker_exec kubectl delete storageclass standard - - docker_exec helm repo add rimusz https://charts.rimusz.net - docker_exec helm repo update - docker_exec helm install rimusz/hostpath-provisioner --name hostpath-provisioner --namespace kube-system --wait - echo - } - - install_charts() { - docker_exec "${DOCKER_NAME}" install --config=${WORKDIR}/.circleci/ct.yaml - echo - } - - cleanup_cluster() { - if [ -n "$(command -v kind)" ]; then - for CLUSTER in $(kind get clusters); do - echo "delete old cluster ${CLUSTER}" - kind delete cluster --name "${CLUSTER}" - done - fi - } - - main() { - cleanup_cluster - create_kind_cluster - install_tiller - install_hostpath-provisioner - install_charts - } - - run_ct_container - trap cleanup EXIT - - main - -else - echo "skipped chart install as its not a pull request..." -fi diff --git a/.circleci/kind-config.yaml b/.circleci/kind-config.yaml deleted file mode 100644 index b6a4d5db..00000000 --- a/.circleci/kind-config.yaml +++ /dev/null @@ -1,6 +0,0 @@ -kind: Config -apiVersion: kind.sigs.k8s.io/v1alpha2 -nodes: - - role: control-plane - - role: worker - replicas: 3 diff --git a/.circleci/lint-chart.sh b/.circleci/lint-chart.sh deleted file mode 100755 index 3d574743..00000000 --- a/.circleci/lint-chart.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh -# -# lint chart -# - -set -o errexit - -CONFIG_DIR=".circleci" -GIT_REPO="https://github.com/zammad/helm" -REPO_ROOT="$(git rev-parse --show-toplevel)" - -git remote add k8s "${GIT_REPO}" -git fetch k8s master -ct lint --config="${REPO_ROOT}/${CONFIG_DIR}"/ct.yaml \ - --lint-conf="${REPO_ROOT}/${CONFIG_DIR}"/lintconf.yaml \ - --chart-yaml-schema="${REPO_ROOT}/${CONFIG_DIR}"/chart_schema.yaml diff --git a/.circleci/lintconf.yaml b/.circleci/lintconf.yaml deleted file mode 100644 index 90f48c88..00000000 --- a/.circleci/lintconf.yaml +++ /dev/null @@ -1,42 +0,0 @@ ---- -rules: - braces: - min-spaces-inside: 0 - max-spaces-inside: 0 - min-spaces-inside-empty: -1 - max-spaces-inside-empty: -1 - brackets: - min-spaces-inside: 0 - max-spaces-inside: 0 - min-spaces-inside-empty: -1 - max-spaces-inside-empty: -1 - colons: - max-spaces-before: 0 - max-spaces-after: 1 - commas: - max-spaces-before: 0 - min-spaces-after: 1 - max-spaces-after: 1 - comments: - require-starting-space: true - min-spaces-from-content: 2 - document-end: disable - document-start: disable # No --- to start a file - empty-lines: - max: 2 - max-start: 0 - max-end: 0 - hyphens: - max-spaces-after: 1 - indentation: - spaces: consistent - indent-sequences: whatever # - list indentation will handle both indentation and without - check-multi-line-strings: false - key-duplicates: enable - line-length: disable # Lines can be any length - new-line-at-end-of-file: enable - new-lines: - type: unix - trailing-spaces: enable - truthy: - level: warning diff --git a/.github/check-for-chart-changes.sh b/.github/check-for-chart-changes.sh new file mode 100755 index 00000000..83389b24 --- /dev/null +++ b/.github/check-for-chart-changes.sh @@ -0,0 +1,21 @@ +#!/bin/bash +# +# check for chart changes to speedup ci +# + +set -o errexit +set -o pipefail + +CHART_REPO="https://github.com/zammad/zammad-helm.git" + +echo "Check for chart changes to speedup ci..." + +git remote add chart-changes "${CHART_REPO}" +git fetch chart-changes master + +if [ -z "$(git diff --find-renames --name-only "$(git rev-parse --abbrev-ref HEAD)" remotes/chart-changes/master -- zammad)" ]; then + echo -e "\n\n Error! No chart changes detected! Exiting... \n" + exit 1 +else + echo -e "\n Changes found... Continue with next job... \n" +fi diff --git a/.github/ct.yaml b/.github/ct.yaml new file mode 100644 index 00000000..7aeeab3c --- /dev/null +++ b/.github/ct.yaml @@ -0,0 +1,7 @@ +chart-dirs: . +helm-extra-args: --timeout 1200 +check-version-increment: true +debug: true +chart-repos: + - bitnami=https://charts.bitnami.com + - elastic=https://helm.elastic.co diff --git a/.github/deploy-chart.sh b/.github/deploy-chart.sh new file mode 100755 index 00000000..db5c6ac2 --- /dev/null +++ b/.github/deploy-chart.sh @@ -0,0 +1,84 @@ +#!/bin/bash +# +# deploy zammad charts to zammad.github.io +# + +set -o errexit +set -o pipefail + +CHART_DIR="charts" +CHART_REPO="git@github.com:zammad/zammad.github.io.git" +REPO_DIR="zammad.github.io" +REPO_ROOT="$(git rev-parse --show-toplevel)" +TMP_DIR="tmp" +# needed for github actions as home dir would be /github/home/ otherwise +HOME="/home/gkh" + +# ssh config +mkdir -p /home/gkh/.ssh +echo "${SSH_PRIVATE_KEY}" > /home/gkh/.ssh/id_rsa +chmod 600 /home/gkh/.ssh/id_rsa +ssh-keyscan github.com >> /home/gkh/.ssh/known_hosts + +# get zammad.github.io +test -d "${REPO_ROOT}"/"${REPO_DIR}" && rm -rf "${REPO_ROOT:=?}"/"${REPO_DIR:=?}" +git clone "${CHART_REPO}" "${REPO_ROOT}"/"${REPO_DIR}" + +# get not builded charts +while read -r FILE; do + echo "check file ${FILE}" + if [ ! -f "${REPO_ROOT}/${REPO_DIR}/$(yq r - name < "${FILE}")-$(yq r - version < "${FILE}").tgz" ]; then + echo "append chart ${FILE}" + CHARTS="${CHARTS} $(yq r - name < "${FILE}")" + fi +done < <(find "${REPO_ROOT}/${CHART_DIR}" -maxdepth 2 -mindepth 2 -type f -name "[Cc]hart.yaml") + +if [ -z "${CHARTS}" ]; then + echo "no chart changes... so no chart build and upload needed... exiting..." + exit 0 +fi + +# set original file dates +( +cd "${REPO_ROOT}"/"${REPO_DIR}" || exit +while read -r FILE; do + ORG_FILE_TIME=$(git log --pretty=format:%cd --date=format:'%y%m%d%H%M' "${FILE}" | tail -n 1) + echo "set original time ${ORG_FILE_TIME} to ${FILE}" + touch -c -t "${ORG_FILE_TIME}" "${FILE}" +done < <(git ls-files charts) +) + +# preserve dates in index.yaml by moving old charts and index out of the repo before packaging the new version +mkdir -p "${REPO_ROOT}"/"${TMP_DIR}" +mv "${REPO_ROOT}"/"${REPO_DIR}"/index.yaml "${REPO_ROOT}"/"${TMP_DIR}" || true +mv "${REPO_ROOT}"/"${REPO_DIR}"/*.tgz "${REPO_ROOT}"/"${TMP_DIR}" + +#add helm repos +if ! helm repo list | grep -q "^stable"; then + helm repo add stable https://kubernetes-charts.storage.googleapis.com +fi +helm repo add zammad https://zammad.github.io +helm repo update + +# build helm dependencies for all charts +find "${REPO_ROOT}"/"${CHART_DIR}" -mindepth 1 -maxdepth 1 -type d -exec helm dependency build {} \; + +# package only changed charts +for CHART in ${CHARTS}; do + echo "building ${CHART} chart..." + helm package "${REPO_ROOT}"/"${CHART_DIR}"/"${CHART}" --destination "${REPO_ROOT}"/"${REPO_DIR}" +done + +# Create index and merge with previous index which contains the non-changed charts +helm repo index --merge "${REPO_ROOT}"/"${TMP_DIR}"/index.yaml --url https://"${REPO_DIR}" "${REPO_ROOT}"/"${REPO_DIR}" + +# move old charts back into git repo +mv "${REPO_ROOT}"/"${TMP_DIR}"/*.tgz "${REPO_ROOT}"/"${REPO_DIR}" + +# push changes to github +cd "${REPO_ROOT}"/"${REPO_DIR}" +git config --global user.email "ci@zammad-robot.com" +git config --global user.name "zammad-ci-bot" +git add --all . +git commit -m "Push zammad charts via Github actions" +git push --set-upstream origin master diff --git a/.github/kind-config.yaml b/.github/kind-config.yaml new file mode 100644 index 00000000..e00d9637 --- /dev/null +++ b/.github/kind-config.yaml @@ -0,0 +1,8 @@ +kind: Cluster +apiVersion: kind.sigs.k8s.io/v1alpha3 +nodes: +# the control plane node config +- role: control-plane +# the 2 workers +- role: worker +- role: worker diff --git a/.circleci/lint-scripts.sh b/.github/lint-scripts.sh similarity index 90% rename from .circleci/lint-scripts.sh rename to .github/lint-scripts.sh index da44ac63..00552a50 100755 --- a/.circleci/lint-scripts.sh +++ b/.github/lint-scripts.sh @@ -5,7 +5,8 @@ set -o errexit -CONFIG_DIR="./.circleci" +CONFIG_DIR=".github" + TMP_FILE="$(mktemp)" find "${CONFIG_DIR}" -type f -name "*.sh" > "${TMP_FILE}" diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml new file mode 100644 index 00000000..484d7199 --- /dev/null +++ b/.github/workflows/ci.yaml @@ -0,0 +1,62 @@ +name: ci + +on: + pull_request: + +jobs: + lint-bash-scripts: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v1 + - name: Lint Bash scripts + uses: docker://koalaman/shellcheck-alpine:v0.7.0 + with: + args: .github/lint-scripts.sh + + check-for-chart-changes: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v1 + - name: Check for chart changes + run: .github/check-for-chart-changes.sh + + lint-chart: + runs-on: ubuntu-latest + needs: check-for-chart-changes + steps: + - name: Checkout + uses: actions/checkout@v1 + - name: Run chart-testing (lint) + uses: helm/chart-testing-action@master + with: + command: lint + config: .github/ct.yaml + + install-chart: + name: install-chart + runs-on: ubuntu-latest + needs: lint-chart + strategy: + matrix: + k8s: + - v1.12.10 + - v1.13.12 + - v1.14.10 + - v1.15.7 + - v1.16.4 + - v1.17.2 + steps: + - name: Checkout + uses: actions/checkout@v1 + - name: Create kind ${{ matrix.k8s }} cluster + uses: helm/kind-action@master + with: + config: .github/kind-config.yaml + node_image: kindest/node:${{ matrix.k8s }} + - name: Run chart-testing (install) + uses: helm/chart-testing-action@master + with: + command: install + config: .github/ct.yaml diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml new file mode 100644 index 00000000..cd9e39e6 --- /dev/null +++ b/.github/workflows/deploy.yaml @@ -0,0 +1,26 @@ +name: deploy + +on: + push: + branches: [master] + +jobs: + deploy-chart: + name: deploy-chart + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@master + - name: Lint Bash scripts + uses: docker://koalaman/shellcheck-alpine:v0.7.0 + with: + args: .github/lint-scripts.sh + - name: Set user permissions + run: chmod -R 777 /home/runner/work + - name: Deploy Helm chart + env: + SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY_ZAMMAD_GITHUB_IO }} + uses: docker://kiwigrid/gcloud-kubectl-helm:2.16.1-272.0.0-184 + with: + args: .github/deploy-chart.sh + diff --git a/.gitignore b/.gitignore index 1cf5f55c..2dfb5986 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,7 @@ zammad.github.io zammad/charts zammad/index.yaml zammad/requirements.lock +charts/zammad.github.io +charts/zammad/charts +charts/zammad/index.yaml +charts/zammad/requirements.lock diff --git a/zammad/Chart.yaml b/zammad/Chart.yaml index 5f2bf8da..9a1fd3d9 100644 --- a/zammad/Chart.yaml +++ b/zammad/Chart.yaml @@ -1,7 +1,8 @@ apiVersion: v1 name: zammad -version: 1.2.1 -appVersion: 3.1.0 +version: 2.0.0 +appVersion: 3.2.0 +type: application description: Zammad is a web based open source helpdesk/customer support system with many features to manage customer communication via several channels like telephone, facebook, twitter, chat and e-mails. home: https://zammad.org icon: https://raw.githubusercontent.com/zammad/zammad-documentation/master/images/zammad_logo_600x520.png @@ -9,7 +10,6 @@ sources: - https://github.com/zammad/zammad - https://github.com/zammad/zammad-docker-compose - https://github.com/zammad/zammad-helm - - https://docs.zammad.org/en/latest/install-kubernetes.html maintainers: - name: monotek email: monotek23@gmail.com diff --git a/zammad/README.md b/zammad/README.md index e8e623fb..e5be932f 100644 --- a/zammad/README.md +++ b/zammad/README.md @@ -4,60 +4,59 @@ This directory contains a Kubernetes chart to deploy [Zammad](https://zammad.org ## Prerequisites Details -- Kubernetes 1.8+ -- Cluster with at least 4GB of free RAM +- Kubernetes 1.8+ +- Cluster with at least 4GB of free RAM ## Chart Details This chart will do the following: -- Install Zammad statefulset -- Install Elasticsearch, Memcached & PostgreSQL as requirements - +- Install Zammad statefulset +- Install Elasticsearch, Memcached & PostgreSQL as requirements ## Installing the Chart To install the chart use the following: ```console -$ helm repo add zammad https://zammad.github.io -$ helm upgrade --install zammad zammad/zammad --namespace zammad +helm repo add zammad https://zammad.github.io +helm upgrade --install zammad zammad/zammad --namespace zammad ``` ## Configuration The following table lists the configurable parameters of the zammad chart and their default values. - -| Parameter | Description | Default | +| Description | Default | | -------------------------------------------------- | ------------------------------------------------ | ------------------------------- | -| `useElasticsearch` | Use Elasticsearch dependency | `true` | -| `useMemcached` | Use Memcached dependency | `true` | -| `usePostgresql` | Use PostgreSQL dependency | `true` | | `image.repository` | Container image to use | `zammad/zammad-docker-compose` | -| `image.tag` | Container image tag to deploy | `3.1.0-10` | +| `image.tag` | Container image tag to deploy | `3.2.0-12` | | `image.pullPolicy` | Container pull policy | `IfNotPresent` | | `service.type` | Service type | `ClusterIP` | -| `service.port` | Service port | `80` | +| `service.port` | Service port | `8080` | | `ingress.enabled` | Enable Ingress | `false` | -| `ingress.annotations` | Additional ingress annotations | `` | -| `ingress.path` | Ingress path | `` | -| `ingress.hosts` | Ingress hosts | `` | +| `ingress.annotations` | Additional ingress annotations | `""` | +| `ingress.path` | Ingress path | `""` | +| `ingress.hosts` | Ingress hosts | `""` | | `ingress.tls` | Ingress TLS | `[]` | -| `envConfig.elasticsearch.host` | Elasticsearch host | `zammad-elasticsearch-client` | +| `envConfig.elasticsearch.schema` | Elasticsearch schema | `http` | +| `envConfig.elasticsearch.host` | Elasticsearch host | `zammad-master` | | `envConfig.elasticsearch.port` | Elasticsearch port | `9200` | +| `envConfig.elasticsearch.user` | Elasticsearch user | `""` | +| `envConfig.elasticsearch.pass` | Elasticsearch pass | `""` | | `envConfig.memcached.host` | Memcached host | `zammad-memcached` | | `envConfig.memcached.port` | Memcached port | `11211` | | `envConfig.postgresql.host` | PostgreSql host | `zammad-postgresql` | | `envConfig.postgresql.port` | PostgreSql port | `5432` | -| `envConfig.postgreql.pass` | PostgreSql pass | `` | +| `envConfig.postgresql.pass` | PostgreSql pass | `""` | | `envConfig.postgresql.user` | PostgreSql user | `zammad` | | `envConfig.postgresql.db` | PostgreSql database | `zammad_production` | -| `envConfig.postgresql.dbCreate` | Create PostgreSql database | `false` | | `autoWizard.enabled` | enable autowizard | `false` | | `autoWizard.config` | autowizard json config | `""` | | `persistence.enabled` | Enable persistence | `true` | -| `persistence.accessMode` | Access mode | `ReadWriteOnce` | +| `persistence.accessModes` | Access modes | `["ReadWriteOnce"]` | | `persistence.size` | Volume size | `15Gi` | +| `persistence.storageClass` | storage class | `""` | +| `persistence.annotations` | annotations | `{}` | | `resources.nginx` | Resource usage of Zammad's nginx container | `{}` | | `resources.railsserver` | Resource usage of Zammad's railsserver container | `{}` | | `resources.scheduler` | Resource usage of Zammad's scheduler container | `{}` | @@ -65,20 +64,18 @@ The following table lists the configurable parameters of the zammad chart and th | `nodeSelector` | Node Selector | `{}` | | `tolerations` | Tolerations | `[]` | | `affinity` | Affinity | `{}` | -| `elasticsearch.image.repository` | Elasticsearch image repo | `zammad/zammad-docker-compose` | -| `elasticsearch.image.tag` | Elasticsearch image tag | `zammad-elasticsearch-3.1.0-10` | -| `elasticsearch.cluster.xpackEnable` | Enable Elasticsearch Xpack option | `false` | -| `elasticsearch.cluster.env` | Elasticsearch environment variables | `` | -| `elasticsearch.client.replicas` | Elasticsearch client replicas | `1` | -| `elasticsearch.data.terminationGracePeriodSeconds` | Elasticsearch termination Grace Period | `60` | -| `elasticsearch.data.replicas` | Elasticsearch data replicas | `1` | -| `elasticsearch.master.replicas` | Elasticsearch master replicas | `1` | +| `elasticsearch.enabled` | Use Elasticsearch dependency | `true` | +| `elasticsearch.image` | Elasticsearch docker image | `zammad/zammad-docker-compose` | +| `elasticsearch.imageTag` | Elasticsearch docker image tag | `zammad-elasticsearch-3.2.0-12` | +| `elasticsearch.clusterName` | Elasticsearch cluster name | `zammad` | +| `elasticsearch.replicas` | Elasticsearch replicas | `1` | +| `memcached.enabled` | Use Memcached dependency | `true` | | `memcached.replicaCount` | Memcached replicas | `1` | +| `postgresql.enabled` | Use PostgreSQL dependency | `true` | | `postgresql.postgresqlUsername` | PostgreSQL user | `zammad` | | `postgresql.postgresqlPassword` | PostgreSQL password | `zammad` | | `postgresql.postgresqlDatabase` | PostgreSQL DB | `zammad_production` | - Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. ### Properly configuring Elasticsearch @@ -113,5 +110,16 @@ This is relevant to **EFS** for AWS users, as well. Once the zammad pod is ready, it can be accessed using the ingress or port forwarding: ```console -$ kubectl port-forward service/zammad 8080:80 +kubectl port-forward service/zammad 8080:80 ``` + +## Upgrading + +### From chart version 1.x + +- the Elasticsearch Docker image is changed to stable/elasticsearch + - reindexing will be done automatically +- all requirement charts has been updated to the latest versions + - Postgres version has changed + - There is no upgrade path + - You have to import a backup manually diff --git a/zammad/requirements.yaml b/zammad/requirements.yaml index 851072eb..701b5d74 100644 --- a/zammad/requirements.yaml +++ b/zammad/requirements.yaml @@ -1,13 +1,13 @@ dependencies: - name: elasticsearch - repository: https://kubernetes-charts.storage.googleapis.com/ - version: 1.18.0 - condition: useElasticsearch + repository: https://helm.elastic.co + version: 7.6.0 + condition: elasticsearch.enabled - name: memcached - version: 2.5.0 - repository: https://kubernetes-charts.storage.googleapis.com/ - condition: useMemcached + version: 4.2.6 + repository: https://charts.bitnami.com + condition: memcached.enabled - name: postgresql - version: 3.9.5 - repository: https://kubernetes-charts.storage.googleapis.com/ - condition: usePostgresql + version: 8.3.4 + repository: https://charts.bitnami.com + condition: postgresql.enabled diff --git a/zammad/templates/NOTES.txt b/zammad/templates/NOTES.txt index 92df01e3..3a017220 100644 --- a/zammad/templates/NOTES.txt +++ b/zammad/templates/NOTES.txt @@ -1,7 +1,9 @@ 1. Get the application URL by running these commands: {{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} + {{- end }} {{- end }} {{- else if contains "NodePort" .Values.service.type }} export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "zammad.fullname" . }}) @@ -9,11 +11,11 @@ echo http://$NODE_IP:$NODE_PORT {{- else if contains "LoadBalancer" .Values.service.type }} NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "zammad.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "zammad.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "zammad.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "zammad.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") echo http://$SERVICE_IP:{{ .Values.service.port }} {{- else if contains "ClusterIP" .Values.service.type }} export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "zammad.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:80 + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:8080 {{- end }} diff --git a/zammad/templates/_helpers.tpl b/zammad/templates/_helpers.tpl index bfa45589..96dbeaf9 100644 --- a/zammad/templates/_helpers.tpl +++ b/zammad/templates/_helpers.tpl @@ -30,3 +30,34 @@ Create chart name and version as used by the chart label. {{- define "zammad.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} + +{{/* +Common labels +*/}} +{{- define "zammad.labels" -}} +helm.sh/chart: {{ include "zammad.chart" . }} +{{ include "zammad.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + +{{/* +Selector labels +*/}} +{{- define "zammad.selectorLabels" -}} +app.kubernetes.io/name: {{ include "zammad.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "zammad.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "zammad.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} diff --git a/zammad/templates/configmap-nginx.yaml b/zammad/templates/configmap-nginx.yaml index b9a9f6c9..592b2a00 100644 --- a/zammad/templates/configmap-nginx.yaml +++ b/zammad/templates/configmap-nginx.yaml @@ -3,10 +3,7 @@ kind: ConfigMap metadata: name: {{ template "zammad.fullname" . }}-nginx labels: - app.kubernetes.io/name: {{ include "zammad.name" . }} - helm.sh/chart: {{ include "zammad.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} + {{- include "zammad.labels" . | nindent 4 }} data: config: |- # @@ -24,7 +21,7 @@ data: } server { - listen 80; + listen 8080; server_name _; @@ -39,6 +36,10 @@ data: expires max; } + location ^~ auto_wizard.json { + return 500; + } + location /ws { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; diff --git a/zammad/templates/ingress.yaml b/zammad/templates/ingress.yaml index de9c085c..acbeafe0 100644 --- a/zammad/templates/ingress.yaml +++ b/zammad/templates/ingress.yaml @@ -1,38 +1,41 @@ {{- if .Values.ingress.enabled -}} {{- $fullName := include "zammad.fullname" . -}} -{{- $ingressPath := .Values.ingress.path -}} +{{- $svcPort := .Values.service.port -}} +{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} apiVersion: extensions/v1beta1 +{{- end }} kind: Ingress metadata: name: {{ $fullName }} labels: - app.kubernetes.io/name: {{ include "zammad.name" . }} - helm.sh/chart: {{ include "zammad.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- with .Values.ingress.annotations }} + {{- include "zammad.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} annotations: -{{ toYaml . | indent 4 }} -{{- end }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: {{- if .Values.ingress.tls }} tls: {{- range .Values.ingress.tls }} - hosts: {{- range .hosts }} - - {{ . }} + - {{ . | quote }} {{- end }} secretName: {{ .secretName }} {{- end }} {{- end }} rules: {{- range .Values.ingress.hosts }} - - host: {{ . }} + - host: {{ .host | quote }} http: paths: - - path: {{ $ingressPath }} + {{- range .paths }} + - path: {{ . }} backend: serviceName: {{ $fullName }} - servicePort: http + servicePort: {{ $svcPort }} + {{- end }} {{- end }} {{- end }} diff --git a/zammad/templates/pvc.yaml b/zammad/templates/pvc.yaml deleted file mode 100644 index 7c34bc6c..00000000 --- a/zammad/templates/pvc.yaml +++ /dev/null @@ -1,24 +0,0 @@ -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ template "zammad.fullname" . }} - labels: - app.kubernetes.io/name: {{ include "zammad.name" . }} - helm.sh/chart: {{ include "zammad.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -spec: - accessModes: - - {{ .Values.persistence.accessMode | quote }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end }} diff --git a/zammad/templates/secrets.yaml b/zammad/templates/secrets.yaml index 33803e63..9483bdd0 100644 --- a/zammad/templates/secrets.yaml +++ b/zammad/templates/secrets.yaml @@ -3,10 +3,7 @@ kind: Secret metadata: name: {{ template "zammad.fullname" . }}-postgresql-pass labels: - app.kubernetes.io/name: {{ include "zammad.name" . }} - helm.sh/chart: {{ include "zammad.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} + {{- include "zammad.labels" . | nindent 4 }} type: Opaque data: postgresql-pass: {{ .Values.envConfig.postgresql.pass | b64enc | quote }} @@ -17,10 +14,7 @@ kind: Secret metadata: name: "{{ template "zammad.fullname" . }}-autowizard" labels: - app.kubernetes.io/name: {{ include "zammad.name" . }} - helm.sh/chart: {{ include "zammad.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} + {{- include "zammad.labels" . | nindent 4 }} type: Opaque data: autowizard: {{ .Values.autoWizard.config | b64enc | b64enc | quote }} diff --git a/zammad/templates/service.yaml b/zammad/templates/service.yaml index f89609f1..c1fdc79d 100644 --- a/zammad/templates/service.yaml +++ b/zammad/templates/service.yaml @@ -1,12 +1,9 @@ apiVersion: v1 kind: Service metadata: - name: {{ template "zammad.fullname" . }} + name: {{ include "zammad.fullname" . }} labels: - app.kubernetes.io/name: {{ include "zammad.name" . }} - helm.sh/chart: {{ include "zammad.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} + {{- include "zammad.labels" . | nindent 4 }} spec: type: {{ .Values.service.type }} ports: @@ -15,5 +12,4 @@ spec: protocol: TCP name: http selector: - app.kubernetes.io/name: {{ include "zammad.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} + {{- include "zammad.selectorLabels" . | nindent 4 }} diff --git a/zammad/templates/statefulset.yaml b/zammad/templates/statefulset.yaml index c9e2e7cc..590e7f3e 100644 --- a/zammad/templates/statefulset.yaml +++ b/zammad/templates/statefulset.yaml @@ -3,51 +3,35 @@ kind: StatefulSet metadata: name: {{ template "zammad.fullname" . }} labels: - app.kubernetes.io/name: {{ include "zammad.name" . }} - helm.sh/chart: {{ include "zammad.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} + {{- include "zammad.labels" . | nindent 4 }} spec: replicas: 1 + serviceName: {{ include "zammad.name" . }} selector: matchLabels: - app.kubernetes.io/name: {{ include "zammad.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - serviceName: {{ include "zammad.name" . }} + {{- include "zammad.selectorLabels" . | nindent 6 }} template: metadata: labels: - app.kubernetes.io/name: {{ include "zammad.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} + {{- include "zammad.labels" . | nindent 8 }} spec: initContainers: - - name: {{ .Chart.Name }}-init + - name: zammad-init image: {{ .Values.image.repository }}:{{if eq .Values.image.repository "zammad/zammad-docker-compose"}}zammad-{{ end }}{{ .Values.image.tag }} - args: [ "zammad-init" ] + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: + - /bin/bash + - -cx + - | + set -e + rsync -a --delete --exclude 'config/database.yml' --exclude 'public/assets/images/*' --exclude 'storage/fs/*' "${ZAMMAD_TMP_DIR}/" "${ZAMMAD_DIR}" + rsync -a "${ZAMMAD_TMP_DIR}"/public/assets/images/ "${ZAMMAD_DIR}"/public/assets/images + sed -i -e "s/.*config.cache_store.*file_store.*cache_file_store.*/ config.cache_store = :dalli_store, '{{ if .Values.memcached.enabled }}{{ .Release.Name }}-memcached{{ else }}{{ .Values.envConfig.memcached.host }}{{ end }}:{{ .Values.envConfig.memcached.port }}'\\n config.session_store = :dalli_store, '{{ if .Values.memcached.enabled }}{{ .Release.Name }}-memcached{{ else }}{{ .Values.envConfig.memcached.host }}{{ end }}:{{ .Values.envConfig.memcached.port }}'/" config/application.rb + if [ -n "${AUTOWIZARD_JSON}" ]; then + echo "${AUTOWIZARD_JSON}" | base64 -d > auto_wizard.json + fi + chown -R "${ZAMMAD_USER}":"${ZAMMAD_USER}" "${ZAMMAD_DIR}" env: - - name: "ELASTICSEARCH_HOST" - value: "{{ if .Values.useElasticsearch }}{{ .Release.Name }}-elasticsearch-client{{ else }}{{ .Values.envConfig.elasticsearch.host }}{{ end }}" - - name: "ELASTICSEARCH_PORT" - value: "{{ .Values.envConfig.elasticsearch.port }}" - - name: "MEMCACHED_HOST" - value: "{{ if .Values.useMemcached }}{{ .Release.Name }}-memcached{{ else }}{{ .Values.envConfig.memcached.host }}{{ end }}" - - name: "MEMCACHED_PORT" - value: "{{ .Values.envConfig.memcached.port }}" - - name: "POSTGRESQL_HOST" - value: "{{ if .Values.usePostgresql }}{{ .Release.Name }}-postgresql{{ else }}{{ .Values.envConfig.postgresql.host }}{{ end }}" - - name: "POSTGRESQL_PORT" - value: "{{ .Values.envConfig.postgresql.port }}" - - name: "POSTGRESQL_USER" - value: "{{ .Values.envConfig.postgresql.user }}" - - name: "POSTGRESQL_PASS" - valueFrom: - secretKeyRef: - name: "{{ template "zammad.fullname" . }}-postgresql-pass" - key: "postgresql-pass" - - name: "POSTGRESQL_DB" - value: "{{ .Values.envConfig.postgresql.db }}" - - name: "POSTGRESQL_DB_CREATE" - value: "{{ .Values.envConfig.postgresql.dbCreate }}" {{ if .Values.autoWizard.enabled }} - name: "AUTOWIZARD_JSON" valueFrom: @@ -55,85 +39,119 @@ spec: name: "{{ template "zammad.fullname" . }}-autowizard" key: "autowizard" {{ end }} + volumeMounts: + - name: {{ template "zammad.fullname" . }} + mountPath: /opt/zammad + - name: postgresql-init + image: {{ .Values.image.repository }}:{{if eq .Values.image.repository "zammad/zammad-docker-compose"}}zammad-{{ end }}{{ .Values.image.tag }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + fsGroup: 1000 + command: + - /bin/bash + - -cx + - | + set -e + sed -e "s#.*adapter:.*# adapter: postgresql#g" -e "s#.*database:.*# database: {{ .Values.envConfig.postgresql.db }}#g" -e "s#.*username:.*# username: {{ .Values.envConfig.postgresql.user }}#g" -e "s#.*password:.*# password: ${POSTGRESQL_PASS}\\n host: {{ if .Values.postgresql.enabled }}{{ .Release.Name }}-postgresql{{ else }}{{ .Values.envConfig.postgresql.host }}{{ end }}\\n port: {{ .Values.envConfig.postgresql.port }}#g" < contrib/packager.io/database.yml.pkgr > config/database.yml + bundle exec rake db:migrate + bundle exec rake db:seed + bundle exec rake db:migrate + env: + - name: "POSTGRESQL_PASS" + valueFrom: + secretKeyRef: + name: "{{ template "zammad.fullname" . }}-postgresql-pass" + key: "postgresql-pass" + volumeMounts: + - name: {{ template "zammad.fullname" . }} + mountPath: /opt/zammad + - name: elasticsearch-init + image: {{ .Values.image.repository }}:{{if eq .Values.image.repository "zammad/zammad-docker-compose"}}zammad-{{ end }}{{ .Values.image.tag }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + fsGroup: 1000 + command: + - /bin/bash + - -cx + - | + set -e + bundle exec rails r 'Setting.set("es_url", "{{ .Values.envConfig.elasticsearch.schema }}://{{ if .Values.elasticsearch.enabled }}zammad-master{{ else }}{{ .Values.envConfig.elasticsearch.host }}{{ end }}:{{ .Values.envConfig.elasticsearch.port }}")' + {{- if and .Values.elasticsearch.user .Values.elasticsearch.pass }} + bundle exec rails r 'Setting.set("es_user", "{{ .Values.envConfig.elasticsearch.user }}")' + bundle exec rails r 'Setting.set("es_password", "{{ .Values.envConfig.elasticsearch.pass }}")' + {{ end }} + bundle exec rake searchindex:rebuild + env: {{- range $key, $value := .Values.extraEnv }} - name: "{{ $key }}" value: "{{ $value }}" {{- end }} - imagePullPolicy: {{ .Values.image.pullPolicy }} volumeMounts: - - name: {{ template "zammad.fullname" . }} - mountPath: /opt/zammad + - name: {{ template "zammad.fullname" . }} + mountPath: /opt/zammad containers: - name: {{ .Chart.Name }}-nginx image: {{ .Values.image.repository }}:{{if eq .Values.image.repository "zammad/zammad-docker-compose"}}zammad-{{ end }}{{ .Values.image.tag }} - args: [ "zammad-nginx" ] + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: + - /usr/sbin/nginx + - -g + - 'daemon off;' env: - - name: "ELASTICSEARCH_HOST" - value: "{{ if .Values.useElasticsearch }}{{ .Release.Name }}-elasticsearch-client{{ else }}{{ .Values.envConfig.elasticsearch.host }}{{ end }}" - - name: "ELASTICSEARCH_PORT" - value: "{{ .Values.envConfig.elasticsearch.port }}" - - name: "MEMCACHED_HOST" - value: "{{ if .Values.useMemcached }}{{ .Release.Name }}-memcached{{ else }}{{ .Values.envConfig.memcached.host }}{{ end }}" - - name: "MEMCACHED_PORT" - value: "{{ .Values.envConfig.memcached.port }}" - - name: "POSTGRESQL_HOST" - value: "{{ if .Values.usePostgresql }}{{ .Release.Name }}-postgresql{{ else }}{{ .Values.envConfig.postgresql.host }}{{ end }}" - - name: "POSTGRESQL_PORT" - value: "{{ .Values.envConfig.postgresql.port }}" - - name: "POSTGRESQL_USER" - value: "{{ .Values.envConfig.postgresql.user }}" - - name: "POSTGRESQL_PASS" - valueFrom: - secretKeyRef: - name: "{{ template "zammad.fullname" . }}-postgresql-pass" - key: "postgresql-pass" - - name: "POSTGRESQL_DB" - value: "{{ .Values.envConfig.postgresql.db }}" - - name: "POSTGRESQL_DB_CREATE" - value: "{{ .Values.envConfig.postgresql.dbCreate }}" - {{ if .Values.autoWizard.enabled }} - - name: "AUTOWIZARD_JSON" - valueFrom: - secretKeyRef: - name: "{{ template "zammad.fullname" . }}-autowizard" - key: "autowizard" - {{ end }} {{- range $key, $value := .Values.extraEnv }} - name: "{{ $key }}" value: "{{ $value }}" {{- end }} ports: - - containerPort: 80 - name: http - imagePullPolicy: {{ .Values.image.pullPolicy }} + - name: http + containerPort: 8080 volumeMounts: - - name: {{ template "zammad.fullname" . }} - mountPath: /opt/zammad - - name: {{ template "zammad.fullname" . }}-nginx - mountPath: /etc/nginx/sites-enabled + - name: {{ template "zammad.fullname" . }} + mountPath: /opt/zammad + - name: {{ template "zammad.fullname" . }}-nginx + mountPath: /etc/nginx/sites-enabled readinessProbe: httpGet: path: / - port: 80 - initialDelaySeconds: 60 + port: 8080 + initialDelaySeconds: 10 periodSeconds: 10 livenessProbe: httpGet: path: / - port: 80 - initialDelaySeconds: 60 + port: 8080 + initialDelaySeconds: 10 periodSeconds: 10 resources: {{ toYaml .Values.resources.nginx | indent 10 }} - name: {{ .Chart.Name }}-railsserver image: {{ .Values.image.repository }}:{{if eq .Values.image.repository "zammad/zammad-docker-compose"}}zammad-{{ end }}{{ .Values.image.tag }} - args: ["zammad-railsserver"] + imagePullPolicy: {{ .Values.image.pullPolicy }} + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + fsGroup: 1000 + command: + - "bundle" + - "exec" + - "rails" + - "server" + - "puma" + - "-b" + - "[::]" + - "-p" + - "3000" + - "-e" + - "production" env: {{- range $key, $value := .Values.env }} - name: "{{ $key }}" value: "{{ $value }}" {{- end }} - imagePullPolicy: {{ .Values.image.pullPolicy }} ports: - name: railsserver containerPort: 3000 @@ -144,55 +162,33 @@ spec: httpGet: path: / port: 3000 - initialDelaySeconds: 90 + initialDelaySeconds: 10 periodSeconds: 10 livenessProbe: httpGet: path: / port: 3000 - initialDelaySeconds: 90 + initialDelaySeconds: 10 periodSeconds: 10 resources: {{ toYaml .Values.resources.railsserver | indent 10 }} - name: {{ .Chart.Name }}-scheduler image: {{ .Values.image.repository }}:{{if eq .Values.image.repository "zammad/zammad-docker-compose"}}zammad-{{ end }}{{ .Values.image.tag }} - args: [ "zammad-scheduler" ] + imagePullPolicy: {{ .Values.image.pullPolicy }} + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + fsGroup: 1000 + command: + - "bundle" + - "exec" + - "script/scheduler.rb" + - "run" env: - - name: "ELASTICSEARCH_HOST" - value: "{{ if .Values.useElasticsearch }}{{ .Release.Name }}-elasticsearch-client{{ else }}{{ .Values.envConfig.elasticsearch.host }}{{ end }}" - - name: "ELASTICSEARCH_PORT" - value: "{{ .Values.envConfig.elasticsearch.port }}" - - name: "MEMCACHED_HOST" - value: "{{ if .Values.useMemcached }}{{ .Release.Name }}-memcached{{ else }}{{ .Values.envConfig.memcached.host }}{{ end }}" - - name: "MEMCACHED_PORT" - value: "{{ .Values.envConfig.memcached.port }}" - - name: "POSTGRESQL_HOST" - value: "{{ if .Values.usePostgresql }}{{ .Release.Name }}-postgresql{{ else }}{{ .Values.envConfig.postgresql.host }}{{ end }}" - - name: "POSTGRESQL_PORT" - value: "{{ .Values.envConfig.postgresql.port }}" - - name: "POSTGRESQL_USER" - value: "{{ .Values.envConfig.postgresql.user }}" - - name: "POSTGRESQL_PASS" - valueFrom: - secretKeyRef: - name: "{{ template "zammad.fullname" . }}-postgresql-pass" - key: "postgresql-pass" - - name: "POSTGRESQL_DB" - value: "{{ .Values.envConfig.postgresql.db }}" - - name: "POSTGRESQL_DB_CREATE" - value: "{{ .Values.envConfig.postgresql.dbCreate }}" - {{ if .Values.autoWizard.enabled }} - - name: "AUTOWIZARD_JSON" - valueFrom: - secretKeyRef: - name: "{{ template "zammad.fullname" . }}-autowizard" - key: "autowizard" - {{ end }} {{- range $key, $value := .Values.extraEnv }} - name: "{{ $key }}" value: "{{ $value }}" {{- end }} - imagePullPolicy: {{ .Values.image.pullPolicy }} volumeMounts: - name: {{ template "zammad.fullname" . }} mountPath: /opt/zammad @@ -200,58 +196,40 @@ spec: {{ toYaml .Values.resources.scheduler | indent 10 }} - name: {{ .Chart.Name }}-websocket image: {{ .Values.image.repository }}:{{if eq .Values.image.repository "zammad/zammad-docker-compose"}}zammad-{{ end }}{{ .Values.image.tag }} - args: [ "zammad-websocket" ] + imagePullPolicy: {{ .Values.image.pullPolicy }} + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + fsGroup: 1000 + command: + - "bundle" + - "exec" + - "script/websocket-server.rb" + - "-b" + - "0.0.0.0" + - "-p" + - "6042" + - "start" env: - - name: "ELASTICSEARCH_HOST" - value: "{{ if .Values.useElasticsearch }}{{ .Release.Name }}-elasticsearch-client{{ else }}{{ .Values.envConfig.elasticsearch.host }}{{ end }}" - - name: "ELASTICSEARCH_PORT" - value: "{{ .Values.envConfig.elasticsearch.port }}" - - name: "MEMCACHED_HOST" - value: "{{ if .Values.useMemcached }}{{ .Release.Name }}-memcached{{ else }}{{ .Values.envConfig.memcached.host }}{{ end }}" - - name: "MEMCACHED_PORT" - value: "{{ .Values.envConfig.memcached.port }}" - - name: "POSTGRESQL_HOST" - value: "{{ if .Values.usePostgresql }}{{ .Release.Name }}-postgresql{{ else }}{{ .Values.envConfig.postgresql.host }}{{ end }}" - - name: "POSTGRESQL_PORT" - value: "{{ .Values.envConfig.postgresql.port }}" - - name: "POSTGRESQL_USER" - value: "{{ .Values.envConfig.postgresql.user }}" - - name: "POSTGRESQL_PASS" - valueFrom: - secretKeyRef: - name: "{{ template "zammad.fullname" . }}-postgresql-pass" - key: "postgresql-pass" - - name: "POSTGRESQL_DB" - value: "{{ .Values.envConfig.postgresql.db }}" - - name: "POSTGRESQL_DB_CREATE" - value: "{{ .Values.envConfig.postgresql.dbCreate }}" - {{ if .Values.autoWizard.enabled }} - - name: "AUTOWIZARD_JSON" - valueFrom: - secretKeyRef: - name: "{{ template "zammad.fullname" . }}-autowizard" - key: "autowizard" - {{ end }} {{- range $key, $value := .Values.extraEnv }} - name: "{{ $key }}" value: "{{ $value }}" {{- end }} - imagePullPolicy: Always ports: - name: websocket containerPort: 6042 volumeMounts: - - name: {{ template "zammad.fullname" . }} - mountPath: /opt/zammad + - name: {{ template "zammad.fullname" . }} + mountPath: /opt/zammad readinessProbe: tcpSocket: port: 6042 - initialDelaySeconds: 60 + initialDelaySeconds: 10 periodSeconds: 10 livenessProbe: tcpSocket: port: 6042 - initialDelaySeconds: 60 + initialDelaySeconds: 10 periodSeconds: 10 resources: {{ toYaml .Values.resources.websocket | indent 10 }} @@ -271,10 +249,29 @@ spec: - name: {{ template "zammad.fullname" . }}-nginx configMap: name: {{ template "zammad.fullname" . }}-nginx - - name: {{ template "zammad.fullname" . }} - {{- if .Values.persistence.enabled }} +{{- if and .Values.persistence.enabled .Values.persistence.existingClaim }} + - name: {{ template "zammad.fullname" . }} persistentVolumeClaim: +{{- with .Values.persistence.existingClaim }} claimName: {{ .Values.persistence.existingClaim | default (include "zammad.fullname" .) }} - {{- else }} +{{- end }} +{{- else if not .Values.persistence.enabled }} + - name: {{ template "zammad.fullname" . }} emptyDir: {} - {{- end -}} +{{- else if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} + volumeClaimTemplates: + - metadata: + name: {{ template "zammad.fullname" . }} + spec: + accessModes: + {{- range .Values.persistence.accessModes }} + - {{ . | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} + {{- with .Values.persistence.storageClass }} + storageClassName: "{{ .Values.persistence.storageClass }}" + {{- end }} +{{- end }} + diff --git a/zammad/values.yaml b/zammad/values.yaml index 4c6fde6c..025a5543 100644 --- a/zammad/values.yaml +++ b/zammad/values.yaml @@ -1,43 +1,40 @@ -# use dependency charts -useElasticsearch: true -useMemcached: true -usePostgresql: true - image: repository: zammad/zammad-docker-compose - tag: 3.1.0-10 + tag: 3.2.0-12 pullPolicy: IfNotPresent service: type: ClusterIP - port: 80 + port: 8080 ingress: enabled: false - annotations: - ingress.kubernetes.io/proxy-body-size: 50m + annotations: {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" - path: / hosts: - - chart-example.local + - host: example.local + paths: ["/"] tls: [] # - secretName: zammad-tls # hosts: - # - chart-example.local + # - example.local # zammad container config envConfig: elasticsearch: - # host env var is only used when useElasticsearch is false - host: zammad-elasticsearch-client + # host env var is only used when elasticsearch.enabled is false + schema: http + host: zammad-master port: 9200 + user: + pass: memcached: - # host env var is only used when useMemcached is false + # host env var is only used when memcached.enabled is false host: zammad-memcached port: 11211 postgresql: - # host env var is only used when usePostgresql is false + # host env var is only used when postgresql.enabled is false host: zammad-postgresql port: 5432 # needs to be the same as the postgresql.postgresqlUsername @@ -46,7 +43,6 @@ envConfig: pass: "zammad" # needs to be the same as the postgresql.postgresqlDatabase db: zammad_production - dbCreate: false # additional environemnt vars extraEnv: {} @@ -69,7 +65,7 @@ autoWizard: # "lastname": "Admin", # "email": "email@example.org", # "organization": "ZammadTest", - # "password": "test1234" + # "password": "YourPassword" # } # ], # "Settings": [ @@ -89,24 +85,18 @@ autoWizard: # ] # } - persistence: enabled: true ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - - ## Zammad data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) + ## The value is evaluated as a template, so, for example, the name can depend on .Release or .Chart ## - # storageClass: "-" - accessMode: ReadWriteOnce + # existingClaim: + accessModes: + - ReadWriteOnce + storageClass: "" size: 15Gi + annotations: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little @@ -150,49 +140,36 @@ affinity: {} elasticsearch: - image: - repository: "zammad/zammad-docker-compose" - tag: "zammad-elasticsearch-3.1.0-10" - cluster: - name: zammad - xpackEnable: false - # See README for proper configuration - env: - EXPECTED_MASTER_NODES: "1" - MINIMUM_MASTER_NODES: "1" - RECOVER_AFTER_MASTER_NODES: "1" - XPACK_MONITORING_ENABLED: false - client: - replicas: 1 - # resources: - # requests: - # cpu: "25m" - # memory: "512Mi" - # limits: - # cpu: "300m" - # memory: "1024Mi" - data: - terminationGracePeriodSeconds: 60 - replicas: 1 - # resources: - # requests: - # cpu: "175m" - # memory: "1536Mi" - # limits: - # cpu: "350m" - # memory: "2048Mi" - master: - replicas: 1 - # resources: - # requests: - # cpu: "25m" - # memory: "512Mi" - # limits: - # cpu: "300m" - # memory: "1024Mi" - + enabled: true + image: "zammad/zammad-docker-compose" + imageTag: "zammad-elasticsearch" + clusterName: zammad + replicas: 1 + clusterHealthCheckParams: "timeout=1s" + resources: {} + # requests: + # cpu: "100m" + # memory: "2Gi" + # limits: + # cpu: "1000m" + # memory: "2Gi" + initResources: {} + # limits: + # cpu: "25m" + # # memory: "128Mi" + # requests: + # cpu: "25m" + # memory: "128Mi" + sidecarResources: {} + # limits: + # cpu: "25m" + # # memory: "128Mi" + # requests: + # cpu: "25m" + # memory: "128Mi" memcached: + enabled: true replicaCount: 1 # resources: # requests: @@ -202,8 +179,8 @@ memcached: # cpu: 100m # memory: 128Mi - postgresql: + enabled: true postgresqlUsername: zammad postgresqlPassword: zammad postgresqlDatabase: zammad_production