From 0fc837e08487876e9aaf844da85b76d2ec4eaf59 Mon Sep 17 00:00:00 2001 From: Juan Ariza Toledano Date: Fri, 11 Dec 2020 17:55:06 +0100 Subject: [PATCH] [bitnami/osclass] New major version (#4686) --- bitnami/osclass/Chart.lock | 7 +- bitnami/osclass/Chart.yaml | 9 +- bitnami/osclass/README.md | 245 ++++++-- bitnami/osclass/ci/ct-values.yaml | 7 + .../ci/values-with-host-and-ingress.yaml | 17 + bitnami/osclass/templates/NOTES.txt | 113 ++-- bitnami/osclass/templates/_helpers.tpl | 174 +----- bitnami/osclass/templates/deployment.yaml | 329 ++++++----- .../osclass/templates/externaldb-secrets.yaml | 16 +- bitnami/osclass/templates/extra-list.yaml | 4 + bitnami/osclass/templates/ingress.yaml | 70 ++- bitnami/osclass/templates/metrics-svc.yaml | 29 + bitnami/osclass/templates/osclass-pvc.yaml | 20 +- bitnami/osclass/templates/secrets.yaml | 26 +- bitnami/osclass/templates/svc.yaml | 34 +- bitnami/osclass/templates/tls-secrets.yaml | 43 ++ bitnami/osclass/values.yaml | 535 +++++++++++++----- 17 files changed, 1062 insertions(+), 616 deletions(-) create mode 100644 bitnami/osclass/ci/values-with-host-and-ingress.yaml create mode 100644 bitnami/osclass/templates/extra-list.yaml create mode 100644 bitnami/osclass/templates/metrics-svc.yaml create mode 100644 bitnami/osclass/templates/tls-secrets.yaml diff --git a/bitnami/osclass/Chart.lock b/bitnami/osclass/Chart.lock index 6c707997f8..9bf590a1bb 100644 --- a/bitnami/osclass/Chart.lock +++ b/bitnami/osclass/Chart.lock @@ -1,6 +1,9 @@ dependencies: +- name: common + repository: https://charts.bitnami.com/bitnami + version: 1.1.2 - name: mariadb repository: https://charts.bitnami.com/bitnami version: 9.1.2 -digest: sha256:22a4d46c77dd3ee00ec23268340f4c988c1f680c1bbb79c1f09c813b3de53e24 -generated: "2020-12-11T12:22:13.592722+01:00" +digest: sha256:6e712ac0cb7a107b37ff39952662b8332a488f1c2261c83c56ad30dc947081e8 +generated: "2020-12-11T14:18:20.149995+01:00" diff --git a/bitnami/osclass/Chart.yaml b/bitnami/osclass/Chart.yaml index a0880724ef..1656a8c229 100644 --- a/bitnami/osclass/Chart.yaml +++ b/bitnami/osclass/Chart.yaml @@ -3,9 +3,16 @@ annotations: apiVersion: v2 appVersion: 3.9.0 dependencies: + - name: common + repository: https://charts.bitnami.com/bitnami + tags: + - bitnami-common + version: 1.x.x - condition: mariadb.enabled name: mariadb repository: https://charts.bitnami.com/bitnami + tags: + - osclass-database version: 9.x.x description: Osclass is a php script that allows you to quickly create and manage your own free classifieds site. engine: gotpl @@ -24,4 +31,4 @@ name: osclass sources: - https://github.com/bitnami/bitnami-docker-osclass - https://osclass.org/ -version: 8.0.1 +version: 9.0.0 diff --git a/bitnami/osclass/README.md b/bitnami/osclass/README.md index 49a4864a8f..ef7db96d54 100644 --- a/bitnami/osclass/README.md +++ b/bitnami/osclass/README.md @@ -48,61 +48,113 @@ The command removes all the Kubernetes components associated with the chart and ## Parameters -The following table lists the configurable parameters of the Osclass chart and their default values. +The following table lists the configurable parameters of the Osclass chart and their default values per section/component: + +### Global parameters + +| Parameter | Description | Default | +|-----------------------------------------|------------------------------------------------------------|---------------------------------------------------------| +| `global.imageRegistry` | Global Docker image registry | `nil` | +| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | +| `global.storageClass` | Global storage class for dynamic provisioning | `nil` | + +### Common parameters + +| Parameter | Description | Default | +|-----------------------------------------|------------------------------------------------------------|---------------------------------------------------------| +| `nameOverride` | String to partially override common.names.fullname | `nil` | +| `fullnameOverride` | String to fully override common.names.fullname | `nil` | +| `commonLabels` | Labels to add to all deployed objects | `{}` | +| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | +| `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` | +| `extraDeploy` | Array of extra objects to deploy with the release | `[]` (evaluated as a template) | + +### Osclass parameters + +| Parameter | Description | Default | +|-----------------------------------------|------------------------------------------------------------------------------------------|---------------------------------------------------------| +| `image.registry` | Osclass image registry | `docker.io` | +| `image.repository` | Osclass image name | `bitnami/osclass` | +| `image.tag` | Osclass image tag | `{TAG_NAME}` | +| `image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | +| `osclassUsername` | User of the application | `user` | +| `osclassPassword` | Application password | `bitnami` | +| `osclassEmail` | Admin email | `user@example.com` | +| `osclassHost` | Osclass host to create application URLs | `nil` | +| `osclassWebTitle` | Application tittle | `Sample Web Page` | +| `osclassPingEngines` | Allow site to appear in search engines | `1` | +| `osclassSaveStats` | Send statistics and reports to Osclass | `1` | +| `smtpHost` | SMTP host | `nil` | +| `smtpPort` | SMTP port | `nil` | +| `smtpUser` | SMTP user | `nil` | +| `smtpPassword` | SMTP password | `nil` | +| `smtpProtocol` | SMTP protocol [`ssl`, `tls`] | `nil` | +| `command` | Override default container command (useful when using custom images) | `nil` | +| `args` | Override default container args (useful when using custom images) | `nil` | +| `extraEnvVars` | Extra environment variables to be set on Osclass container | `{}` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `nil` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `nil` | + +### Osclass deployment parameters + +| Parameter | Description | Default | +|-----------------------------------------|------------------------------------------------------------------------------------------|---------------------------------------------------------| +| `containerPorts.http` | HTTP port to expose at container level | `80` | +| `containerPorts.https` | HTTPS port to expose at container level | `84` | +| `podSecurityContext` | Osclass pods' Security Context | Check `values.yaml` file | +| `containerSecurityContext` | Osclass containers' Security Context | Check `values.yaml` file | +| `resources.limits` | The resources limits for the Osclass container | `{}` | +| `resources.requests` | The requested resources for the Osclass container | `{"memory": "512Mi", "cpu": "300m"}` | +| `leavinessProbe` | Leaviness probe configuration for Osclass | Check `values.yaml` file | +| `readinessProbe` | Readiness probe configuration for Osclass | Check `values.yaml` file | +| `customLivenessProbe` | Override default liveness probe | `nil` | +| `customReadinessProbe` | Override default readiness probe | `nil` | +| `updateStrategy` | Strategy to use to update Pods | Check `values.yaml` file | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`| `""` | +| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` (evaluated as a template) | +| `nodeSelector` | Node labels for pod assignment | `{}` (evaluated as a template) | +| `tolerations` | Tolerations for pod assignment | `[]` (evaluated as a template) | +| `podLabels` | Extra labels for Osclass pods | `{}` (evaluated as a template) | +| `podAnnotations` | Annotations for Osclass pods | `{}` (evaluated as a template) | +| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Osclass container(s) | `[]` | +| `extraVolumes` | Optionally specify extra list of additional volumes for Osclass pods | `[]` | +| `initContainers` | Add additional init containers to the Osclass pods | `{}` (evaluated as a template) | +| `sidecars` | Add additional sidecar containers to the Osclass pods | `{}` (evaluated as a template) | +| `persistence.enabled` | Enable persistence using PVC | `true` | +| `persistence.storageClass` | PVC Storage Class for Osclass volume | `nil` (uses alpha storage class annotation) | +| `persistence.existingClaim` | An Existing PVC name for Osclass volume | `nil` (uses alpha storage class annotation) | +| `persistence.accessMode` | PVC Access Mode for Osclass volume | `ReadWriteOnce` | +| `persistence.size` | PVC Storage Request for Osclass volume | `8Gi` | + +### Exposure parameters + +| Parameter | Description | Default | +|-----------------------------------------|------------------------------------------------------------------------------------------|---------------------------------------------------------| +| `service.type` | Kubernetes Service type | `LoadBalancer` | +| `service.loadBalancerIP` | Kubernetes LoadBalancerIP to request | `nil` | +| `service.port` | Service HTTP port | `80` | +| `service.httpsPort` | Service HTTPS port | `""` | +| `service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | +| `service.nodePorts.http` | Kubernetes http node port | `""` | +| `service.nodePorts.https` | Kubernetes https node port | `""` | +| `ingress.enabled` | Enable ingress controller resource | `false` | +| `ingress.certManager` | Add annotations for cert-manager | `false` | +| `ingress.hostname` | Default host for the ingress resource | `osclass.local` | +| `ingress.tls` | Enable TLS configuration for the hostname defined at `ingress.hostname` parameter | `false` | +| `ingress.annotations` | Ingress annotations | `{}` (evaluated as a template) | +| `ingress.extraHosts[0].name` | Additional hostnames to be covered | `nil` | +| `ingress.extraHosts[0].path` | Additional hostnames to be covered | `nil` | +| `ingress.extraTls[0].hosts[0]` | TLS configuration for additional hostnames to be covered | `nil` | +| `ingress.extraTls[0].secretName` | TLS configuration for additional hostnames to be covered | `nil` | +| `ingress.secrets[0].name` | TLS Secret Name | `nil` | +| `ingress.secrets[0].certificate` | TLS Secret Certificate | `nil` | +| `ingress.secrets[0].key` | TLS Secret Key | `nil` | -| Parameter | Description | Default | -|------------------------------------|------------------------------------------------------------------------------------------------------|--------------------------------------------------------------| -| `global.imageRegistry` | Global Docker image registry | `nil` | -| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | -| `global.storageClass` | Global storage class for dynamic provisioning | `nil` | -| `image.registry` | Osclass image registry | `docker.io` | -| `image.repository` | Osclass Image name | `bitnami/osclass` | -| `image.tag` | Osclass Image tag | `{TAG_NAME}` | -| `image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | -| `nameOverride` | String to partially override osclass.fullname template with a string (will prepend the release name) | `nil` | -| `fullnameOverride` | String to fully override osclass.fullname template with a string | `nil` | -| `osclassHost` | Osclass host to create application URLs | `nil` | -| `osclassLoadBalancerIP` | `loadBalancerIP` for the Osclass Service | `nil` | -| `osclassUsername` | User of the application | `user` | -| `osclassPassword` | Application password | `bitnami` | -| `osclassEmail` | Admin email | `user@example.com` | -| `osclassWebTitle` | Application tittle | `Sample Web Page` | -| `osclassPingEngines` | Allow site to appear in search engines | `1` | -| `osclassSaveStats` | Send statistics and reports to Osclass | `1` | -| `smtpHost` | SMTP host | `nil` | -| `smtpPort` | SMTP port | `nil` | -| `smtpUser` | SMTP user | `nil` | -| `smtpPassword` | SMTP password | `nil` | -| `smtpProtocol` | SMTP protocol [`ssl`, `tls`] | `nil` | -| `serviceType` | Kubernetes Service type | `LoadBalancer` | -| `resources` | CPU/Memory resource requests/limits | Memory: `512Mi`, CPU: `300m` | -| `persistence.enabled` | Enable persistence using PVC | `true` | -| `persistence.moodle.storageClass` | PVC Storage Class for OSClass volume | `nil` (uses alpha storage class annotation) | -| `persistence.moodle.accessMode` | PVC Access Mode for OSClass volume | `ReadWriteOnce` | -| `persistence.moodle.size` | PVC Storage Request for OSClass volume | `8Gi` | -| `allowEmptyPassword` | Allow DB blank passwords | `yes` | -| `ingress.enabled` | Enable ingress controller resource | `false` | -| `ingress.annotations` | Ingress annotations | `[]` | -| `ingress.certManager` | Add annotations for cert-manager | `false` | -| `ingress.hosts[0].name` | Hostname to your osclass installation | `osclass.local` | -| `ingress.hosts[0].path` | Path within the url structure | `/` | -| `ingress.hosts[0].tls` | Utilize TLS backend in ingress | `false` | -| `ingress.hosts[0].tlsHosts` | Array of TLS hosts for ingress record (defaults to `ingress.hosts[0].name` if `nil`) | `nil` | -| `ingress.hosts[0].tlsSecret` | TLS Secret (certificates) | `osclass.local-tls-secret` | -| `ingress.secrets[0].name` | TLS Secret Name | `nil` | -| `ingress.secrets[0].certificate` | TLS Secret Certificate | `nil` | -| `ingress.secrets[0].key` | TLS Secret Key | `nil` | -| `podAnnotations` | Pod annotations | `{}` | -| `affinity` | Map of node/pod affinities | `{}` | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | Apache exporter image registry | `docker.io` | -| `metrics.image.repository` | Apache exporter image name | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag | `{TAG_NAME}` | -| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | -| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | `{prometheus.io/scrape: "true", prometheus.io/port: "9117"}` | -| `metrics.resources` | Exporter resource requests/limit | {} | ### Database parameters | Parameter | Description | Default | @@ -126,13 +178,27 @@ The following table lists the configurable parameters of the Osclass chart and t | `externalDatabase.port` | Port of the existing database | `3306` | | `externalDatabase.existingSecret` | Name of the database existing Secret Object | `nil` | +### Metrics parameters + +| Parameter | Description | Default | +|-----------------------------------------|------------------------------------------------------------|--------------------------------------------------------------| +| `metrics.enabled` | Start a side-car prometheus exporter | `false` | +| `metrics.image.registry` | Apache exporter image registry | `docker.io` | +| `metrics.image.repository` | Apache exporter image name | `bitnami/apache-exporter` | +| `metrics.image.tag` | Apache exporter image tag | `{TAG_NAME}` | +| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | +| `metrics.service.port` | Service Metrics port | `9117` | +| `metrics.service.annotations` | Annotations for enabling prometheus scraping | `{prometheus.io/scrape: "true", prometheus.io/port: "9117"}` | +| `metrics.resources` | Exporter resource requests/limit | `{}` | + The above parameters map to the env variables defined in [bitnami/osclass](http://github.com/bitnami/bitnami-docker-osclass). For more information please refer to the [bitnami/osclass](http://github.com/bitnami/bitnami-docker-osclass) image documentation. > **Note**: > > For Osclass to function correctly, you should specify the `osclassHost` parameter to specify the FQDN (recommended) or the public IP address of the Osclass service. > -> Optionally, you can specify the `osclassLoadBalancerIP` parameter to assign a reserved IP address to the Osclass service of the chart. However please note that this feature is only available on a few cloud providers (f.e. GKE). +> Optionally, you can specify the `service.loadBalancerIP` parameter to assign a reserved IP address to the Osclass service of the chart. However please note that this feature is only available on a few cloud providers (f.e. GKE). > > To reserve a public IP address on GKE: > @@ -140,13 +206,13 @@ The above parameters map to the env variables defined in [bitnami/osclass](http: > $ gcloud compute addresses create osclass-public-ip > ``` > -> The reserved IP address can be associated to the Osclass service by specifying it as the value of the `osclassLoadBalancerIP` parameter while installing the chart. +> The reserved IP address can be associated to the Osclass service by specifying it as the value of the `service.loadBalancerIP` parameter while installing the chart. Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console $ helm install my-release \ - --set osclassUsername=admin,osclassPassword=password,mariadb.mariadbRootPassword=secretpassword \ + --set osclassUsername=admin,osclassPassword=password,mariadb.auth.rootPassword=secretpassword \ bitnami/osclass ``` @@ -172,8 +238,51 @@ Bitnami will release a new chart updating its containers if a new version of the The [Bitnami Osclass](https://github.com/bitnami/bitnami-docker-osclass) image stores the Osclass data and configurations at the `/bitnami/osclass` path of the container. -Persistent Volume Claims are used to keep the data across deployments. This is known to work in GCE, AWS, and minikube. -See the [Parameters](#parameters) section to configure the PVC or to disable persistence. +Persistent Volume Claims are used to keep the data across deployments. This is known to work in GCE, AWS, and minikube. See the [Parameters](#parameters) section to configure the PVC or to disable persistence. + +### Adding extra environment variables + +In case you want to add extra environment variables (useful for advanced operations like custom init scripts), you can use the `extraEnvVars` property. + +```yaml +extraEnvVars: + - name: LOG_LEVEL + value: DEBUG +``` + +Alternatively, you can use a ConfigMap or a Secret with the environment variables. To do so, use the `extraEnvVarsCM` or the `extraEnvVarsSecret` values. + +### Sidecars and Init Containers + +If you have a need for additional containers to run within the same pod as the Osclass app (e.g. an additional metrics or logging exporter), you can do so via the `sidecars` config parameter. Simply define your container according to the Kubernetes container spec. + +```yaml +sidecars: + - name: your-image-name + image: your-image + imagePullPolicy: Always + ports: + - name: portname + containerPort: 1234 +``` + +Similarly, you can add extra init containers using the `initContainers` parameter. + +```yaml +initContainers: + - name: your-image-name + image: your-image + imagePullPolicy: Always + ports: + - name: portname + containerPort: 1234 +``` + +### Setting Pod's affinity + +This chart allows you to set your custom affinity using the `affinity` paremeter. Find more infomation about Pod's affinity in the [kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). + +As an alternative, you can use of the preset configurations for pod affinity, pod anti-affinity, and node affinity available at the [bitnami/common](https://github.com/bitnami/charts/tree/master/bitnami/common#affinities) chart. To do so, set the `podAffinityPreset`, `podAntiAffinityPreset`, or `nodeAffinityPreset` parameters. ## Troubleshooting @@ -181,6 +290,24 @@ Find more information about how to deal with common errors related to Bitnami’ ## Upgrading +### To 9.0.0 + +- Chart labels were adapted to follow the [Helm charts standard labels](https://helm.sh/docs/chart_best_practices/labels/#standard-labels). +- This version also introduces `bitnami/common`, a [library chart](https://helm.sh/docs/topics/library_charts/#helm) as a dependency. More documentation about this new utility could be found [here](https://github.com/bitnami/charts/tree/master/bitnami/common#bitnami-common-library-chart). Please, make sure that you have updated the chart dependencies before executing any upgrade. + +Consequences: + +- Backwards compatibility is not guaranteed. However, you can easily workaround this issue by removing Osclass deployment before upgrading (the following example assumes that the release name is `osclass`): + +```console +$ export APP_HOST=$(kubectl get svc --namespace default osclass --template "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}") +$ export APP_PASSWORD=$(kubectl get secret --namespace default osclass -o jsonpath="{.data.osclass-password}" | base64 --decode) +$ export MARIADB_ROOT_PASSWORD=$(kubectl get secret --namespace default osclass-mariadb -o jsonpath="{.data.mariadb-root-password}" | base64 --decode) +$ export MARIADB_PASSWORD=$(kubectl get secret --namespace default osclass-mariadb -o jsonpath="{.data.mariadb-password}" | base64 --decode) +$ kubectl delete deployments.apps osclass +$ helm upgrade osclass bitnami/osclass --set osclassHost=$APP_HOST,osclassPassword=$APP_PASSWORD,mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD,mariadb.auth.password=$MARIADB_PASSWORD +``` + ### To 8.0.0 In this major there were two main changes introduced: diff --git a/bitnami/osclass/ci/ct-values.yaml b/bitnami/osclass/ci/ct-values.yaml index b738e2a57a..046ebf0e68 100644 --- a/bitnami/osclass/ci/ct-values.yaml +++ b/bitnami/osclass/ci/ct-values.yaml @@ -1,2 +1,9 @@ service: type: ClusterIP +# Avoids issues with yamllint +livenessProbe: + httpGet: + httpHeaders: [] +readinessProbe: + httpGet: + httpHeaders: [] diff --git a/bitnami/osclass/ci/values-with-host-and-ingress.yaml b/bitnami/osclass/ci/values-with-host-and-ingress.yaml new file mode 100644 index 0000000000..e738d4a839 --- /dev/null +++ b/bitnami/osclass/ci/values-with-host-and-ingress.yaml @@ -0,0 +1,17 @@ +osclassHost: osclass.local +service: + type: ClusterIP +ingress: + enabled: true + tls: true + hostname: osclass.local +metrics: + enabled: true +# Avoids issues with yamllint +livenessProbe: + httpGet: + httpHeaders: [] +readinessProbe: + httpGet: + httpHeaders: [] + diff --git a/bitnami/osclass/templates/NOTES.txt b/bitnami/osclass/templates/NOTES.txt index 2ca9ad278c..ccb2c0e63b 100644 --- a/bitnami/osclass/templates/NOTES.txt +++ b/bitnami/osclass/templates/NOTES.txt @@ -12,26 +12,29 @@ host. To configure Osclass with the URL of your service: {{- if contains "NodePort" .Values.service.type }} - export APP_PORT=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "osclass.fullname" . }} -o jsonpath="{.spec.ports[0].nodePort}") + export APP_PORT=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} -o jsonpath="{.spec.ports[0].nodePort}") export APP_HOST=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") {{- else if contains "LoadBalancer" .Values.service.type }} NOTE: It may take a few minutes for the LoadBalancer IP to be available. - Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "osclass.fullname" . }}' + Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "common.names.fullname" . }}' - export APP_HOST=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "osclass.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") - export APP_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "osclass.fullname" . }} -o jsonpath="{.data.osclass-password}" | base64 --decode) - export MARIADB_ROOT_PASSWORD=$(kubectl get secret --namespace default osclass-mariadb -o jsonpath="{.data.mariadb-root-password}" | base64 --decode) + export APP_HOST=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") {{- end }} + +2. Get Osclas and database credentials: + + export APP_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} -o jsonpath="{.data.osclass-password}" | base64 --decode) + export MARIADB_ROOT_PASSWORD=$(kubectl get secret --namespace default osclass-mariadb -o jsonpath="{.data.mariadb-root-password}" | base64 --decode) export MARIADB_PASSWORD=$(kubectl get secret --namespace default osclass-mariadb -o jsonpath="{.data.mariadb-password}" | base64 --decode) -2. Complete your Osclass deployment by running: +3. Complete your Osclass deployment by running: {{- if .Values.mariadb.enabled }} helm upgrade {{ .Release.Name }} bitnami/{{ .Chart.Name }} \ - --set osclassHost=$APP_HOST,osclassPassword=$APP_PASSWORD,mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD,mariadb.auth.password=$MARIADB_PASSWORD{{- if .Values.global }}{{- if .Values.global.imagePullSecrets }},global.imagePullSecrets={{ .Values.global.imagePullSecrets }}{{- end }}{{- end }} + --set osclassHost=$APP_HOST,osclassPassword=$APP_PASSWORD,service.type={{ .Values.service.type }},mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD,mariadb.auth.password=$MARIADB_PASSWORD{{- if .Values.global }}{{- if .Values.global.imagePullSecrets }},global.imagePullSecrets={{ .Values.global.imagePullSecrets }}{{- end }}{{- end }} {{- else }} ## PLEASE UPDATE THE EXTERNAL DATABASE CONNECTION PARAMETERS IN THE FOLLOWING COMMAND AS NEEDED ## @@ -41,27 +44,64 @@ host. To configure Osclass with the URL of your service: {{- end }} {{- else -}} -1. Get the Osclass URL by running: -{{- if eq .Values.service.type "ClusterIP" }} +{{- if .Values.ingress.enabled }} - echo URL : http://127.0.0.1:8080/ - echo Admin URL : http://127.0.0.1:8080/oc-admin/ - kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ template "osclass.fullname" . }} 8080:{{ .Values.service.port }} +1. Get the Osclass URL and associate its hostname to your cluster external IP: + + export CLUSTER_IP=$(minikube ip) # On Minikube. Use: `kubectl cluster-info` on others K8s clusters + echo "Osclass URL: http{{ if .Values.ingress.tls }}s{{ end }}://{{ .Values.ingress.hostname }}" + echo "Osclass Admin URL: http{{ if .Values.ingress.tls }}s{{ end }}://{{ .Values.ingress.hostname }}/oc-admin" + echo "$CLUSTER_IP {{ .Values.ingress.hostname }}" | sudo tee -a /etc/hosts {{- else }} -{{- $port:=.Values.service.port | toString }} +1. Get the Osclass URL by running: - echo URL : http://{{ include "osclass.host" . }}{{- if ne $port "80" }}:{{ .Values.service.port }}{{ end }}/ - echo Admin URL : http://{{ include "osclass.host" . }}{{- if ne $port "80" }}:{{ .Values.service.port }}{{ end }}/oc-admin/ +{{- if contains "NodePort" .Values.service.type }} + + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "common.names.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo "Osclass URL: http://$NODE_IP:$NODE_PORT/" + echo "Osclass Admin URL: http://$NODE_IP:$NODE_PORT/oc-admin" + +{{- else if contains "LoadBalancer" .Values.service.type }} + + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "common.names.fullname" . }}' + + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + + {{- $port:=.Values.service.port | toString }} + echo "Osclass URL: http://$SERVICE_IP{{- if ne $port "80" }}:{{ .Values.service.port }}{{ end }}/" + echo "Osclass Admin URL: http://$SERVICE_IP{{- if ne $port "80" }}:{{ .Values.service.port }}{{ end }}/oc-admin" + +{{- else if contains "ClusterIP" .Values.service.type }} + + echo "Osclass URL: http://127.0.0.1:8080/" + echo "Osclass Admin URL: http://127.0.0.1:8080/oc-admin" + kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ template "common.names.fullname" . }} 8080:{{ .Values.service.port }} {{- end }} +{{- end }} +{{- end }} -2. Get your Osclass login credentials by running: +2. Get your Osclass admin credentials by running: + + echo Username: {{ .Values.osclassUsername }} + echo Password: $(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} -o jsonpath="{.data.osclass-password}" | base64 --decode) + +{{- if .Values.metrics.enabled }} + +You can access Apache Prometheus metrics following the steps below: + +1. Get the Apache Prometheus metrics URL by running: + + kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ printf "%s-metrics" (include "common.names.fullname" .) }} {{ .Values.metrics.service.port }}:{{ .Values.metrics.service.port }} & + echo "Apache Prometheus metrics URL: http://127.0.0.1:{{ .Values.metrics.service.port }}/metrics" + +2. Open a browser and access Apache Prometheus metrics using the obtained URL. - echo Username : {{ .Values.osclassUsername }} - echo Password : $(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "osclass.fullname" . }} -o jsonpath="{.data.osclass-password}" | base64 --decode) {{- end }} {{- else -}} @@ -73,32 +113,19 @@ host. To configure Osclass with the URL of your service: This deployment will be incomplete until you configure Osclass with a resolvable database host. To configure Osclass to use and external database host: - 1. Complete your Osclass deployment by running: -{{- if contains "NodePort" .Values.service.type }} - export APP_HOST=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") -{{- else if contains "LoadBalancer" .Values.service.type }} - - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "osclass.fullname" . }}' - - export APP_HOST=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "osclass.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") -{{- else }} - - export APP_HOST=127.0.0.1 -{{- end }} - export APP_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "osclass.fullname" . }} -o jsonpath="{.data.osclass-password}" | base64 --decode) - - ## PLEASE UPDATE THE EXTERNAL DATABASE CONNECTION PARAMETERS IN THE FOLLOWING COMMAND AS NEEDED ## - - helm upgrade {{ .Release.Name }} bitnami/{{ .Chart.Name }} \ - --set osclassPassword=$APP_PASSWORD,osclassHost=$APP_HOST,service.type={{ .Values.service.type }},mariadb.enabled=false{{- if not (empty .Values.externalDatabase.user) }},externalDatabase.user={{ .Values.externalDatabase.user }}{{- end }}{{- if not (empty .Values.externalDatabase.password) }},externalDatabase.password={{ .Values.externalDatabase.password }}{{- end }}{{- if not (empty .Values.externalDatabase.database) }},externalDatabase.database={{ .Values.externalDatabase.database }}{{- end }},externalDatabase.host=YOUR_EXTERNAL_DATABASE_HOST{{- if .Values.global }}{{- if .Values.global.imagePullSecrets }},global.imagePullSecrets={{ .Values.global.imagePullSecrets }}{{- end }}{{- end }} -{{- end }} - -{{- if and (contains "bitnami/" .Values.image.repository) (not (.Values.image.tag | toString | regexFind "-r\\d+$|sha256:")) }} - -WARNING: Rolling tag detected ({{ .Values.image.repository }}:{{ .Values.image.tag }}), please note that it is strongly recommended to avoid using rolling tags in a production environment. -+info https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/ + helm upgrade {{ .Release.Name }} --set service.type={{ .Values.service.type }},mariadb.enabled=false,externalDatabase.host=YOUR_EXTERNAL_DATABASE_HOST bitnami/osclass {{- end }} + +{{- include "osclass.checkRollingTags" . }} +{{- $passwordValidationErrors := list -}} +{{- $secretName := include "common.names.fullname" . -}} +{{- $requiredOsclassPassword := dict "valueKey" "osclassPassword" "secret" $secretName "field" "osclass-password" "context" $ -}} +{{- $requiredOsclassPasswordError := include "common.validations.values.single.empty" $requiredOsclassPassword -}} +{{- $passwordValidationErrors = append $passwordValidationErrors $requiredOsclassPasswordError -}} +{{- $mariadbSecretName := include "osclass.databaseSecretName" . -}} +{{- $mariadbPasswordValidationErrors := include "common.validations.values.mariadb.passwords" (dict "secret" $mariadbSecretName "subchart" true "context" $) -}} +{{- $passwordValidationErrors = append $passwordValidationErrors $mariadbPasswordValidationErrors -}} +{{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" $passwordValidationErrors "context" $) -}} diff --git a/bitnami/osclass/templates/_helpers.tpl b/bitnami/osclass/templates/_helpers.tpl index 2f20fc82ec..c2745dd92a 100644 --- a/bitnami/osclass/templates/_helpers.tpl +++ b/bitnami/osclass/templates/_helpers.tpl @@ -1,42 +1,24 @@ {{/* vim: set filetype=mustache: */}} + {{/* -Expand the name of the chart. +Return the proper Osclass image name */}} -{{- define "osclass.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- define "osclass.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }} {{- end -}} {{/* -Create chart name and version as used by the chart label. +Return the proper image name (for the metrics image) */}} -{{- define "osclass.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- define "osclass.metrics.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.metrics.image "global" .Values.global) }} {{- end -}} {{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +Return the proper Docker Image Registry Secret Names */}} -{{- define "osclass.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "osclass.mariadb.fullname" -}} -{{- printf "%s-%s" .Release.Name "mariadb" | trunc 63 | trimSuffix "-" -}} +{{- define "osclass.imagePullSecrets" -}} +{{- include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.metrics.image) "global" .Values.global) -}} {{- end -}} {{/* @@ -61,130 +43,20 @@ If not using ClusterIP, or if a host or LoadBalancerIP is not defined, the value {{- end -}} {{/* -Return the proper Osclass image name +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). */}} -{{- define "osclass.image" -}} -{{- $registryName := .Values.image.registry -}} -{{- $repositoryName := .Values.image.repository -}} -{{- $tag := .Values.image.tag | toString -}} -{{/* -Helm 2.11 supports the assignment of a value to a variable defined in a different scope, -but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic. -Also, we can't use a single if because lazy evaluation is not an option -*/}} -{{- if .Values.global }} - {{- if .Values.global.imageRegistry }} - {{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}} - {{- else -}} - {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}} - {{- end -}} +{{- define "osclass.mariadb.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- printf "%s-mariadb" .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} {{- else -}} - {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}} -{{- end -}} -{{- end -}} - -{{/* -Return the proper image name (for the metrics image) -*/}} -{{- define "osclass.metrics.image" -}} -{{- $registryName := .Values.metrics.image.registry -}} -{{- $repositoryName := .Values.metrics.image.repository -}} -{{- $tag := .Values.metrics.image.tag | toString -}} -{{/* -Helm 2.11 supports the assignment of a value to a variable defined in a different scope, -but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic. -Also, we can't use a single if because lazy evaluation is not an option -*/}} -{{- if .Values.global }} - {{- if .Values.global.imageRegistry }} - {{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}} - {{- else -}} - {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}} - {{- end -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- printf "%s-mariadb" .Release.Name | trunc 63 | trimSuffix "-" -}} {{- else -}} - {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}} +{{- printf "%s-%s-mariadb" .Release.Name $name | trunc 63 | trimSuffix "-" -}} {{- end -}} {{- end -}} - -{{/* -Return the proper Docker Image Registry Secret Names -*/}} -{{- define "osclass.imagePullSecrets" -}} -{{/* -Helm 2.11 supports the assignment of a value to a variable defined in a different scope, -but Helm 2.9 and 2.10 does not support it, so we need to implement this if-else logic. -Also, we can not use a single if because lazy evaluation is not an option -*/}} -{{- if .Values.global }} -{{- if .Values.global.imagePullSecrets }} -imagePullSecrets: -{{- range .Values.global.imagePullSecrets }} - - name: {{ . }} -{{- end }} -{{- else if or .Values.image.pullSecrets .Values.metrics.image.pullSecrets }} -imagePullSecrets: -{{- range .Values.image.pullSecrets }} - - name: {{ . }} -{{- end }} -{{- range .Values.metrics.image.pullSecrets }} - - name: {{ . }} -{{- end }} -{{- end -}} -{{- else if or .Values.image.pullSecrets .Values.metrics.image.pullSecrets }} -imagePullSecrets: -{{- range .Values.image.pullSecrets }} - - name: {{ . }} -{{- end }} -{{- range .Values.metrics.image.pullSecrets }} - - name: {{ . }} -{{- end }} -{{- end -}} -{{- end -}} - -{{/* -Return the proper Storage Class -*/}} -{{- define "osclass.storageClass" -}} -{{/* -Helm 2.11 supports the assignment of a value to a variable defined in a different scope, -but Helm 2.9 and 2.10 does not support it, so we need to implement this if-else logic. -*/}} -{{- if .Values.global -}} - {{- if .Values.global.storageClass -}} - {{- if (eq "-" .Values.global.storageClass) -}} - {{- printf "storageClassName: \"\"" -}} - {{- else }} - {{- printf "storageClassName: %s" .Values.global.storageClass -}} - {{- end -}} - {{- else -}} - {{- if .Values.persistence.osclass.torageClass -}} - {{- if (eq "-" .Values.persistence.osclass.torageClass) -}} - {{- printf "storageClassName: \"\"" -}} - {{- else }} - {{- printf "storageClassName: %s" .Values.persistence.osclass.torageClass -}} - {{- end -}} - {{- end -}} - {{- end -}} -{{- else -}} - {{- if .Values.persistence.osclass.torageClass -}} - {{- if (eq "-" .Values.persistence.osclass.torageClass) -}} - {{- printf "storageClassName: \"\"" -}} - {{- else }} - {{- printf "storageClassName: %s" .Values.persistence.osclass.torageClass -}} - {{- end -}} - {{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for deployment. -*/}} -{{- define "osclass.deployment.apiVersion" -}} -{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}} -{{- print "extensions/v1beta1" -}} -{{- else -}} -{{- print "apps/v1" -}} -{{- end -}} {{- end -}} {{/* @@ -247,3 +119,11 @@ Return the MariaDB Secret Name {{- printf "%s-%s" .Release.Name "externaldb" -}} {{- end -}} {{- end -}} + +{{/* +Check if there are rolling tags in the images +*/}} +{{- define "osclass.checkRollingTags" -}} +{{- include "common.warnings.rollingTag" .Values.image }} +{{- include "common.warnings.rollingTag" .Values.metrics.image }} +{{- end -}} diff --git a/bitnami/osclass/templates/deployment.yaml b/bitnami/osclass/templates/deployment.yaml index cca9f4f338..002f360b20 100644 --- a/bitnami/osclass/templates/deployment.yaml +++ b/bitnami/osclass/templates/deployment.yaml @@ -1,153 +1,200 @@ -{{- if include "osclass.host" . -}} -apiVersion: {{ template "osclass.deployment.apiVersion" . }} +{{- if and (include "osclass.host" .) (or .Values.mariadb.enabled .Values.externalDatabase.host) -}} +apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} kind: Deployment metadata: - name: {{ template "osclass.fullname" . }} - labels: - app.kubernetes.io/name: {{ include "osclass.fullname" . }} - helm.sh/chart: {{ include "osclass.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} + name: {{ template "common.names.fullname" . }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: selector: - matchLabels: - app.kubernetes.io/name: {{ include "osclass.fullname" . }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} + matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }} + strategy: {{- include "common.tplvalues.render" (dict "value" .Values.updateStrategy "context" $ ) | nindent 4 }} template: metadata: - labels: - app.kubernetes.io/name: {{ include "osclass.fullname" . }} - helm.sh/chart: {{ include "osclass.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} -{{- if or .Values.podAnnotations .Values.metrics.enabled }} - annotations: - {{- if .Values.podAnnotations }} -{{ toYaml .Values.podAnnotations | indent 8 }} - {{- end }} - {{- if .Values.metrics.podAnnotations }} -{{ toYaml .Values.metrics.podAnnotations | indent 8 }} - {{- end }} -{{- end }} + labels: {{- include "common.labels.standard" . | nindent 8 }} + {{- if .Values.podLabels }} + {{- include "common.tplvalues.render" (dict "value" .Values.podLabels "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.podAnnotations }} + annotations: {{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }} + {{- end }} spec: -{{- include "osclass.imagePullSecrets" . | indent 6 }} + {{- include "osclass.imagePullSecrets" . | nindent 6 }} hostAliases: - - ip: "127.0.0.1" - hostnames: - - "status.localhost" - containers: - - name: {{ template "osclass.fullname" . }} - image: {{ template "osclass.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy | quote }} - env: - - name: ALLOW_EMPTY_PASSWORD - value: {{ .Values.allowEmptyPassword | quote }} - - name: MARIADB_HOST - value: {{ include "osclass.databaseHost" . | quote }} - - name: MARIADB_PORT_NUMBER - value: {{ include "osclass.databasePort" . | quote }} - - name: OSCLASS_DATABASE_NAME - value: {{ include "osclass.databaseName" . | quote }} - - name: OSCLASS_DATABASE_USER - value: {{ include "osclass.databaseUser" . | quote }} - - name: OSCLASS_DATABASE_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "osclass.databaseSecretName" . }} - key: mariadb-password - {{- $port:=.Values.service.port | toString }} - - name: OSCLASS_HOST - value: "{{ include "osclass.host" . }}{{- if ne $port "80" }}:{{ .Values.service.port }}{{ end }}" - - name: OSCLASS_USERNAME - value: {{ default "" .Values.osclassUsername | quote }} - - name: OSCLASS_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "osclass.fullname" . }} - key: osclass-password - - name: OSCLASS_EMAIL - value: {{ default "" .Values.osclassEmail | quote }} - - name: OSCLASS_WEB_TITLE - value: {{ default "" .Values.osclassWebTitle | quote }} - - name: OSCLASS_PING_ENGINES - value: {{ default "" .Values.osclassPingEngines | quote }} - - name: OSCLASS_SAVE_STATS - value: {{ default "" .Values.osclassSaveStats | quote }} - - name: SMTP_HOST - value: {{ default "" .Values.smtpHost | quote }} - - name: SMTP_PORT - value: {{ default "" .Values.smtpPort | quote }} - - name: SMTP_USER - value: {{ default "" .Values.smtpUser | quote }} - - name: SMTP_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "osclass.fullname" . }} - key: smtp-password - - name: SMTP_PROTOCOL - value: {{ default "" .Values.smtpProtocol | quote }} - ports: - - name: http - containerPort: 80 - - name: https - containerPort: 443 - livenessProbe: - httpGet: - path: /index.php - port: http - httpHeaders: - - name: Host - value: {{ include "osclass.host" . | quote }} - initialDelaySeconds: 120 - timeoutSeconds: 120 - failureThreshold: 6 - readinessProbe: - httpGet: - path: /index.php - port: http - httpHeaders: - - name: Host - value: {{ include "osclass.host" . | quote }} - initialDelaySeconds: 30 - timeoutSeconds: 120 - periodSeconds: 5 - resources: -{{ toYaml .Values.resources | indent 10 }} - volumeMounts: - - name: osclass-data - mountPath: /bitnami/osclass -{{- if .Values.metrics.enabled }} - - name: metrics - image: {{ template "osclass.metrics.image" . }} - imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }} - command: [ '/bin/apache_exporter', '--scrape_uri', 'http://status.localhost:80/server-status/?auto'] - ports: - - name: metrics - containerPort: 9117 - livenessProbe: - httpGet: - path: /metrics - port: metrics - initialDelaySeconds: 15 - timeoutSeconds: 5 - readinessProbe: - httpGet: - path: /metrics - port: metrics - initialDelaySeconds: 5 - timeoutSeconds: 1 - resources: - {{ toYaml .Values.metrics.resources | indent 10 }} -{{- end }} - volumes: - - name: osclass-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ template "osclass.fullname" . }}-osclass + - ip: "127.0.0.1" + hostnames: + - "status.localhost" + {{- if .Values.affinity }} + affinity: {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" $) | nindent 8 }} {{- else }} - emptyDir: {} - {{- end }} - {{- with .Values.affinity }} affinity: -{{ toYaml . | indent 8 }} + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }} {{- end }} + {{- if .Values.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" .) | nindent 8 }} + {{- end }} + {{- if .Values.podSecurityContext.enabled }} + securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.initContainers }} + initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }} + {{- end }} + containers: + - name: osclass + image: {{ template "osclass.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + {{- if .Values.containerSecurityContext.enabled }} + securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }} + {{- end }} + {{- if .Values.command }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.command "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.args }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.args "context" $) | nindent 12 }} + {{- end }} + env: + - name: ALLOW_EMPTY_PASSWORD + value: {{ .Values.allowEmptyPassword | quote }} + - name: MARIADB_HOST + value: {{ include "osclass.databaseHost" . | quote }} + - name: MARIADB_PORT_NUMBER + value: {{ include "osclass.databasePort" . | quote }} + - name: OSCLASS_DATABASE_NAME + value: {{ include "osclass.databaseName" . | quote }} + - name: OSCLASS_DATABASE_USER + value: {{ include "osclass.databaseUser" . | quote }} + - name: OSCLASS_DATABASE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "osclass.databaseSecretName" . }} + key: mariadb-password + {{- $port:=.Values.service.port | toString }} + - name: OSCLASS_HOST + value: "{{ include "osclass.host" . }}{{- if ne $port "80" }}:{{ .Values.service.port }}{{ end }}" + - name: OSCLASS_USERNAME + value: {{ .Values.osclassUsername | quote }} + - name: OSCLASS_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }} + key: osclass-password + - name: OSCLASS_EMAIL + value: {{ .Values.osclassEmail | quote }} + - name: OSCLASS_WEB_TITLE + value: {{ .Values.osclassWebTitle | quote }} + - name: OSCLASS_PING_ENGINES + value: {{ .Values.osclassPingEngines | quote }} + - name: OSCLASS_SAVE_STATS + value: {{ .Values.osclassSaveStats | quote }} + {{- if .Values.smtpProtocol }} + - name: SMTP_PROTOCOL + value: {{ .Values.smtpProtocol | quote }} + {{- end }} + {{- if .Values.smtpHost }} + - name: SMTP_HOST + value: {{ .Values.smtpHost | quote }} + {{- end }} + {{- if .Values.smtpPort }} + - name: SMTP_PORT + value: {{ .Values.smtpPort | quote }} + {{- end }} + {{- if .Values.smtpUser }} + - name: SMTP_USER + value: {{ .Values.smtpUser | quote }} + {{- end }} + {{- if .Values.smtpPassword }} + - name: SMTP_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.names.fullname" . }} + key: smtp-password + {{- end }} + {{- if .Values.extraEnvVars }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + {{- if or .Values.extraEnvVarsCM .Values.extraEnvVarsSecret }} + envFrom: + {{- if .Values.extraEnvVarsCM }} + - configMapRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsCM "context" $) }} + {{- end }} + {{- if .Values.extraEnvVarsSecret }} + - secretRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsSecret "context" $) }} + {{- end }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.containerPorts.http }} + {{- if .Values.service.httpsPort }} + - name: https + containerPort: {{ .Values.containerPorts.https }} + {{- end }} + {{- if .Values.livenessProbe.enabled }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.livenessProbe "enabled") "context" $) | nindent 12 }} + {{- else if .Values.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.readinessProbe.enabled }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.readinessProbe "enabled") "context" $) | nindent 12 }} + {{- else if .Values.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.resources }} + resources: {{- toYaml .Values.resources | nindent 12 }} + {{- end }} + volumeMounts: + - name: osclass-data + mountPath: /bitnami/osclass + {{- if .Values.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.metrics.enabled }} + - name: metrics + image: {{ template "osclass.metrics.image" . }} + imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }} + command: ['/bin/apache_exporter', '--scrape_uri', 'http://status.localhost:80/server-status/?auto'] + ports: + - name: metrics + containerPort: 9117 + livenessProbe: + httpGet: + path: /metrics + port: metrics + initialDelaySeconds: 15 + timeoutSeconds: 5 + readinessProbe: + httpGet: + path: /metrics + port: metrics + initialDelaySeconds: 5 + timeoutSeconds: 1 + {{- if .Values.metrics.resources }} + resources: {{- toYaml .Values.metrics.resources | nindent 12 }} + {{- end }} + {{- end }} + {{- if .Values.sidecars }} + {{- include "common.tplvalues.render" ( dict "value" .Values.sidecars "context" $) | nindent 8 }} + {{- end }} + volumes: + - name: osclass-data + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ template "common.names.fullname" . }}-osclass{{- end }} + {{- else }} + emptyDir: {} + {{- end }} + {{- if .Values.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }} + {{- end }} {{- end -}} diff --git a/bitnami/osclass/templates/externaldb-secrets.yaml b/bitnami/osclass/templates/externaldb-secrets.yaml index e0cb25f68e..b99fcd822e 100644 --- a/bitnami/osclass/templates/externaldb-secrets.yaml +++ b/bitnami/osclass/templates/externaldb-secrets.yaml @@ -1,13 +1,15 @@ -{{- if (not (or .Values.mariadb.enabled .Values.externalDatabase.existingSecret)) }} +{{- if not (or .Values.mariadb.enabled .Values.externalDatabase.existingSecret) }} apiVersion: v1 kind: Secret metadata: - name: {{ printf "%s-%s" .Release.Name "externaldb" }} - labels: - app.kubernetes.io/name: {{ include "osclass.fullname" . }} - helm.sh/chart: {{ include "osclass.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} + name: {{ printf "%s-externaldb" (include "common.names.fullname" .) }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} type: Opaque data: mariadb-password: {{ default "" .Values.externalDatabase.password | b64enc | quote }} diff --git a/bitnami/osclass/templates/extra-list.yaml b/bitnami/osclass/templates/extra-list.yaml new file mode 100644 index 0000000000..9ac65f9e16 --- /dev/null +++ b/bitnami/osclass/templates/extra-list.yaml @@ -0,0 +1,4 @@ +{{- range .Values.extraDeploy }} +--- +{{ include "common.tplvalues.render" (dict "value" . "context" $) }} +{{- end }} diff --git a/bitnami/osclass/templates/ingress.yaml b/bitnami/osclass/templates/ingress.yaml index d72b545141..604c35bb3e 100644 --- a/bitnami/osclass/templates/ingress.yaml +++ b/bitnami/osclass/templates/ingress.yaml @@ -1,43 +1,53 @@ {{- if .Values.ingress.enabled }} -apiVersion: extensions/v1beta1 +apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }} kind: Ingress metadata: - name: {{ template "osclass.fullname" . }} - labels: - app.kubernetes.io/name: {{ include "osclass.fullname" . }} - helm.sh/chart: {{ include "osclass.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} + name: {{ template "common.names.fullname" . }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if or .Values.ingress.annotations .Values.commonAnnotations .Values.ingress.certManager }} annotations: {{- if .Values.ingress.certManager }} kubernetes.io/tls-acme: "true" {{- end }} - {{- range $key, $value := .Values.ingress.annotations }} - {{ $key }}: {{ $value | quote }} + {{- if .Values.ingress.annotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.ingress.annotations "context" $ ) | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} + {{- end }} spec: rules: - {{- range .Values.ingress.hosts }} - - host: {{ .name }} - http: - paths: - - path: {{ default "/" .path }} - backend: - serviceName: {{ template "osclass.fullname" $ }} - servicePort: http - {{- end }} + {{- if .Values.ingress.hostname }} + - host: {{ .Values.ingress.hostname }} + http: + paths: + - path: / + backend: + serviceName: {{ include "common.names.fullname" . }} + servicePort: http + {{- end }} + {{- range .Values.ingress.extraHosts }} + - host: {{ .name }} + http: + paths: + - path: {{ default "/" .path }} + backend: + serviceName: {{ include "common.names.fullname" $ }} + servicePort: http + {{- end }} + {{- if or .Values.ingress.tls .Values.ingress.extraTls }} tls: - {{- range .Values.ingress.hosts }} - {{- if .tls }} - - hosts: - {{- if .tlsHosts }} - {{- range $host := .tlsHosts }} - - {{ $host }} - {{- end }} - {{- else }} - - {{ .name }} - {{- end }} - secretName: {{ .tlsSecret }} - {{- end }} + {{- if .Values.ingress.tls }} + - hosts: + - {{ .Values.ingress.hostname }} + secretName: {{ printf "%s-tls" .Values.ingress.hostname }} + {{- end }} + {{- if .Values.ingress.extraTls }} + {{- include "common.tplvalues.render" ( dict "value" .Values.ingress.extraTls "context" $ ) | nindent 4 }} + {{- end }} {{- end }} {{- end }} diff --git a/bitnami/osclass/templates/metrics-svc.yaml b/bitnami/osclass/templates/metrics-svc.yaml new file mode 100644 index 0000000000..f357bd57b3 --- /dev/null +++ b/bitnami/osclass/templates/metrics-svc.yaml @@ -0,0 +1,29 @@ +{{- if .Values.metrics.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ printf "%s-metrics" (include "common.names.fullname" .) }} + namespace: {{ .Release.Namespace }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: metrics + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if or .Values.metrics.service.annotations .Values.commonAnnotations }} + annotations: + {{- if .Values.metrics.service.annotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.service.annotations "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} + {{- end }} +spec: + type: ClusterIP + ports: + - name: metrics + port: {{ .Values.metrics.service.port }} + protocol: TCP + targetPort: metrics + selector: {{- include "common.labels.matchLabels" . | nindent 4 }} +{{- end }} diff --git a/bitnami/osclass/templates/osclass-pvc.yaml b/bitnami/osclass/templates/osclass-pvc.yaml index c79c2c8c92..1dcea2c19c 100644 --- a/bitnami/osclass/templates/osclass-pvc.yaml +++ b/bitnami/osclass/templates/osclass-pvc.yaml @@ -2,17 +2,19 @@ kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ template "osclass.fullname" . }}-osclass - labels: - app.kubernetes.io/name: {{ include "osclass.fullname" . }} - helm.sh/chart: {{ include "osclass.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} + name: {{ printf "%s-osclass" (include "common.names.fullname" .) }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: accessModes: - - {{ .Values.persistence.osclass.accessMode | quote }} + - {{ .Values.persistence.accessMode | quote }} resources: requests: - storage: {{ .Values.persistence.osclass.size | quote }} - {{ include "osclass.storageClass" . }} + storage: {{ .Values.persistence.size | quote }} + {{- include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) | nindent 2 }} {{- end -}} diff --git a/bitnami/osclass/templates/secrets.yaml b/bitnami/osclass/templates/secrets.yaml index 3ded2ba151..c7392ef566 100644 --- a/bitnami/osclass/templates/secrets.yaml +++ b/bitnami/osclass/templates/secrets.yaml @@ -1,17 +1,21 @@ apiVersion: v1 kind: Secret metadata: - name: {{ template "osclass.fullname" . }} - labels: - app.kubernetes.io/name: {{ include "osclass.fullname" . }} - helm.sh/chart: {{ include "osclass.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} + name: {{ template "common.names.fullname" . }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} type: Opaque data: - {{ if .Values.osclassPassword }} - osclass-password: {{ default "" .Values.osclassPassword | b64enc | quote }} - {{ else }} + {{- if .Values.osclassPassword }} + osclass-password: {{ .Values.osclassPassword | b64enc | quote }} + {{- else }} osclass-password: {{ randAlphaNum 10 | b64enc | quote }} - {{ end }} - smtp-password: {{ default "" .Values.smtpPassword | b64enc | quote }} + {{- end }} + {{- if .Values.smtpPassword }} + smtp-password: {{ .Values.smtpPassword | b64enc | quote }} + {{- end }} diff --git a/bitnami/osclass/templates/svc.yaml b/bitnami/osclass/templates/svc.yaml index 32c8ab4d39..a524b4d4d1 100644 --- a/bitnami/osclass/templates/svc.yaml +++ b/bitnami/osclass/templates/svc.yaml @@ -1,33 +1,39 @@ apiVersion: v1 kind: Service metadata: - name: {{ template "osclass.fullname" . }} - labels: - app.kubernetes.io/name: {{ include "osclass.fullname" . }} - helm.sh/chart: {{ include "osclass.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} + name: {{ template "common.names.fullname" . }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: type: {{ .Values.service.type }} + {{- if .Values.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} + {{- end }} {{- if (or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort")) }} externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | quote }} {{- end }} - {{- if eq .Values.service.type "LoadBalancer" }} - loadBalancerIP: {{ default "" .Values.service.loadBalancerIP }} - {{- end }} ports: - name: http port: {{ .Values.service.port }} targetPort: http - {{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePorts.http)))}} + {{- if (and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.http))) }} nodePort: {{ .Values.service.nodePorts.http }} + {{- else if eq .Values.service.type "ClusterIP" }} + nodePort: null {{- end }} + {{- if .Values.service.httpsPort }} - name: https port: {{ .Values.service.httpsPort }} targetPort: https - {{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePorts.https)))}} + {{- if (and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.https))) }} nodePort: {{ .Values.service.nodePorts.https }} + {{- else if eq .Values.service.type "ClusterIP" }} + nodePort: null {{- end }} - selector: - app.kubernetes.io/name: {{ include "osclass.fullname" . }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} + {{- end }} + selector: {{ include "common.labels.matchLabels" . | nindent 4 }} diff --git a/bitnami/osclass/templates/tls-secrets.yaml b/bitnami/osclass/templates/tls-secrets.yaml new file mode 100644 index 0000000000..e172873d33 --- /dev/null +++ b/bitnami/osclass/templates/tls-secrets.yaml @@ -0,0 +1,43 @@ +{{- if .Values.ingress.enabled }} +{{- if .Values.ingress.secrets }} +{{- range .Values.ingress.secrets }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .name }} + namespace: {{ $.Release.Namespace }} + labels: {{- include "common.labels.standard" $ | nindent 4 }} + {{- if $.Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" $.Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if $.Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $.Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: kubernetes.io/tls +data: + tls.crt: {{ .certificate | b64enc }} + tls.key: {{ .key | b64enc }} +--- +{{- end }} +{{- else if and .Values.ingress.tls (not .Values.ingress.certManager) }} +{{- $ca := genCA "osclass-ca" 365 }} +{{- $cert := genSignedCert .Values.ingress.hostname nil (list .Values.ingress.hostname) 365 $ca }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ printf "%s-tls" .Values.ingress.hostname }} + namespace: {{ .Release.Namespace }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: kubernetes.io/tls +data: + tls.crt: {{ $cert.Cert | b64enc | quote }} + tls.key: {{ $cert.Key | b64enc | quote }} + ca.crt: {{ $ca.Cert | b64enc | quote }} +{{- end }} +{{- end }} diff --git a/bitnami/osclass/values.yaml b/bitnami/osclass/values.yaml index a3fb720d9d..50501f74c5 100644 --- a/bitnami/osclass/values.yaml +++ b/bitnami/osclass/values.yaml @@ -23,22 +23,35 @@ image: ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## Example: + ## pullSecrets: + ## - myRegistryKeySecretName ## - # pullSecrets: - # - myRegistryKeySecretName + pullSecrets: [] -## String to partially override osclass.fullname template (will maintain the release name) +## String to partially override common.names.fullname template (will maintain the release name) ## # nameOverride: -## String to fully override osclass.fullname template +## String to fully override common.names.fullname template ## # fullnameOverride: -## Osclass host to create application URLs -## ref: https://github.com/bitnami/bitnami-docker-osclass#configuration +## Add labels to all the deployed resources ## -# osclassHost: +commonLabels: {} + +## Add annotations to all the deployed resources +## +commonAnnotations: {} + +## Kubernetes Cluster Domain +## +clusterDomain: cluster.local + +## Extra objects to deploy (value evaluated as a template) +## +extraDeploy: [] ## User of the application ## ref: https://github.com/bitnami/bitnami-docker-osclass#configuration @@ -56,12 +69,19 @@ osclassUsername: user ## osclassEmail: user@example.com +## Osclass host to create application URLs +## ref: https://github.com/bitnami/bitnami-docker-osclass#configuration +## +# osclassHost: + ## Application title ## ref: https://github.com/bitnami/bitnami-docker-osclass#configuration +## osclassWebTitle: 'Sample Web Page' ## Allow site to appear in search engines ## ref: https://github.com/bitnami/bitnami-docker-osclass#configuration +## osclassPingEngines: 1 ## Automatically send usage statistics and crash reports to Osclass @@ -73,6 +93,362 @@ osclassSaveStats: 1 ## ref: https://github.com/bitnami/bitnami-docker-osclass#environment-variables allowEmptyPassword: "yes" +## SMTP mail delivery configuration +## ref: https://github.com/bitnami/bitnami-docker-osclass/#smtp-configuration +## +# smtpHost: +# smtpPort: +# smtpUser: +# smtpPassword: +# smtpProtocol: + +## Command and args for running the container (set to default if not set). Use array form +## +command: [] +args: [] + +## An array to add extra env vars +## Example: +## extraEnvVars: +## - name: FOO +## value: "bar" +## +extraEnvVars: [] + +## ConfigMap with extra environment variables +## +extraEnvVarsCM: + +## Secret with extra environment variables +## +extraEnvVarsSecret: + +## Strategy to use to update Pods +## +updateStrategy: + ## StrategyType + ## Can be set to RollingUpdate or OnDelete + ## + type: RollingUpdate + +## Osclass container ports to open +## +containerPorts: + http: 80 + https: 443 + +## Osclass pods' Security Context +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container +## +podSecurityContext: + enabled: true + fsGroup: 0 + +## Osclass containers' SecurityContext +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod +## +containerSecurityContext: + enabled: true + runAsUser: 0 + +## Osclass resource requests and limits +## ref: http://kubernetes.io/docs/user-guide/compute-resources/ +## +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: {} + # cpu: 200m + # memory: 256Mi + requests: + memory: 512Mi + cpu: 300m + +## Osclass containers' liveness and readiness probes. +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes +## +livenessProbe: + enabled: true + httpGet: + path: /index.php + port: http + httpHeaders: + - name: Host + value: "{{ include \"osclass.host\" . }}" + initialDelaySeconds: 120 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 +readinessProbe: + enabled: true + httpGet: + path: /index.php + port: http + httpHeaders: + - name: Host + value: "{{ include \"osclass.host\" . }}" + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + +## Custom Liveness probes for Osclass +## +customLivenessProbe: {} + +## Custom Rediness probes Osclass +## +customReadinessProbe: {} + +## Pod extra labels +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +## +podLabels: {} + +## Annotations for server pods. +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +## +podAnnotations: {} + +## Pod affinity preset +## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity +## Allowed values: soft, hard +## +podAffinityPreset: "" + +## Pod anti-affinity preset +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity +## Allowed values: soft, hard +## +podAntiAffinityPreset: soft + +## Node affinity preset +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity +## Allowed values: soft, hard +## +nodeAffinityPreset: + ## Node affinity type + ## Allowed values: soft, hard + type: "" + ## Node label key to match + ## E.g. + ## key: "kubernetes.io/e2e-az-name" + ## + key: "" + ## Node label values to match + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] + +## Affinity for pod assignment. Evaluated as a template. +## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set +## +affinity: {} + +## Node labels for pod assignment. Evaluated as a template. +## ref: https://kubernetes.io/docs/user-guide/node-selection/ +## +nodeSelector: {} + +## Tolerations for pod assignment. Evaluated as a template. +## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +## +tolerations: [] + +## Extra volumes to add to the deployment +## +extraVolumes: [] + +## Extra volume mounts to add to the container +## +extraVolumeMounts: [] + +## Add init containers to the Magento pods. +## Example: +## initContainers: +## - name: your-image-name +## image: your-image +## imagePullPolicy: Always +## ports: +## - name: portname +## containerPort: 1234 +## +initContainers: {} + +## Add sidecars to the Magento pods. +## Example: +## sidecars: +## - name: your-image-name +## image: your-image +## imagePullPolicy: Always +## ports: +## - name: portname +## containerPort: 1234 +## +sidecars: {} + +## Enable persistence using Persistent Volume Claims +## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ +## +persistence: + enabled: true + ## Osclass data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + + accessMode: ReadWriteOnce + size: 8Gi + +## Kubernetes svc configuration +## For minikube, set this to NodePort, elsewhere use LoadBalancer +## +## Use serviceLoadBalancerIP to request a specific static IP, +## otherwise leave blank +## +service: + ## Kubernetes svc type + ## For minikube, set this to NodePort, elsewhere use LoadBalancer + ## + type: LoadBalancer + ## Use serviceLoadBalancerIP to request a specific static IP, + ## otherwise leave blank + ## + # loadBalancerIP: + # HTTP Port + port: 80 + # HTTPS Port + ## Set this to any value (recommended: 443) to enable the https service port + # httpsPort: 443 + ## Use nodePorts to requets some specific ports when usin NodePort + ## nodePorts: + ## http: + ## https: + ## + nodePorts: + http: "" + https: "" + ## Enable client source IP preservation + ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip + ## + externalTrafficPolicy: Cluster + +## Ingress configuratiom +## +ingress: + ## Set to true to enable ingress record generation + ## + enabled: false + + ## Set this to true in order to add the corresponding annotations for cert-manager + ## + certManager: false + + ## When the ingress is enabled, a host pointing to this will be created + ## + hostname: osclass.local + + ## Ingress annotations done as key:value pairs + ## For a full list of possible ingress annotations, please see + ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md + ## + ## If certManager is set to true, annotation kubernetes.io/tls-acme: "true" will automatically be set + ## + annotations: {} + + ## Enable TLS configuration for the hostname defined at ingress.hostname parameter + ## TLS certificates will be retrieved from a TLS secret with name: {{- printf "%s-tls" .Values.ingress.hostname }} + ## You can use the ingress.secrets parameter to create this TLS secret, relay on cert-manager to create it, or + ## let the chart create self-signed certificates for you + ## + tls: false + + ## The list of additional hostnames to be covered with this ingress record. + ## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array + ## Example: + ## extraHosts: + ## - name: osclass.local + ## path: / + ## + extraHosts: [] + + ## The tls configuration for additional hostnames to be covered with this ingress record. + ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls + ## Example: + ## extraTls: + ## - hosts: + ## - osclass.local + ## secretName: osclass.local-tls + ## + extraTls: [] + + ## If you're providing your own certificates, please use this to add the certificates as secrets + ## key and certificate should start with -----BEGIN CERTIFICATE----- or -----BEGIN RSA PRIVATE KEY----- + ## name should line up with a secretName set further up + ## + ## If it is not set and you're using cert-manager, this is unneeded, as it will create the secret for you + ## If it is not set and you're NOT using cert-manager either, self-signed certificates will be created + ## It is also possible to create and manage the certificates outside of this helm chart + ## Please see README.md for more information + ## + ## Example + ## secrets: + ## - name: osclass.local-tls + ## key: "" + ## certificate: "" + ## + secrets: [] + +## Prometheus Exporter / Metrics +## +metrics: + enabled: false + image: + registry: docker.io + repository: bitnami/apache-exporter + tag: 0.8.0-debian-10-r217 + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## + # pullSecrets: + # - myRegistryKeySecretName + + ## Metrics exporter resource requests and limits + ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## + resources: {} + + ## Prometheus expoter service parameters + ## + service: + ## Metrics port + ## + port: 9117 + ## Annotations for the Prometheus exporter service + ## + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "{{ .Values.metrics.service.port }}" + ## ## External database configuration ## @@ -97,16 +473,6 @@ externalDatabase: ## Database name database: bitnami_osclass - -## SMTP mail delivery configuration -## ref: https://github.com/bitnami/bitnami-docker-osclass/#smtp-configuration -## -# smtpHost: -# smtpPort: -# smtpUser: -# smtpPassword: -# smtpProtocol: - ## ## MariaDB chart configuration ## @@ -159,138 +525,3 @@ mariadb: ## Use an existing PVC ## existingClaim: - -## Kubernetes configuration -## For minikube, set this to NodePort, elsewhere use LoadBalancer -## -service: - type: LoadBalancer - # HTTP Port - port: 80 - # HTTPS Port - httpsPort: 443 - ## loadBalancerIP: - ## - ## nodePorts: - ## http: - ## https: - nodePorts: - http: "" - https: "" - ## Enable client source IP preservation - ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip - ## - externalTrafficPolicy: Cluster - -## Configure the ingress resource that allows you to access the -## osclass installation. Set up the URL -## ref: http://kubernetes.io/docs/user-guide/ingress/ -## -ingress: - ## Set to true to enable ingress record generation - enabled: false - - ## Set this to true in order to add the corresponding annotations for cert-manager - certManager: false - - ## Ingress annotations done as key:value pairs - ## For a full list of possible ingress annotations, please see - ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md - ## - ## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set - ## If certManager is set to true, annotation kubernetes.io/tls-acme: "true" will automatically be set - annotations: - # kubernetes.io/ingress.class: nginx - - ## The list of hostnames to be covered with this ingress record. - ## Most likely this will be just one host, but in the event more hosts are needed, this is an array - hosts: - - name: osclass.local - path: / - - ## Set this to true in order to enable TLS on the ingress record - tls: false - - ## Optionally specify the TLS hosts for the ingress record - ## Useful when the Ingress controller supports www-redirection - ## If not specified, the above host name will be used - # tlsHosts: - # - www.osclass.local - # - osclass.local - - ## If TLS is set to true, you must declare what secret will store the key/certificate for TLS - tlsSecret: osclass.local-tls - - secrets: - ## If you're providing your own certificates, please use this to add the certificates as secrets - ## key and certificate should start with -----BEGIN CERTIFICATE----- or - ## -----BEGIN RSA PRIVATE KEY----- - ## - ## name should line up with a tlsSecret set further up - ## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set - ## - ## It is also possible to create and manage the certificates outside of this helm chart - ## Please see README.md for more information - # - name: osclass.local-tls - # key: - # certificate: - - -## Enable persistence using Persistent Volume Claims -## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ -## -persistence: - enabled: true - osclass: - ## osclass data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - accessMode: ReadWriteOnce - size: 8Gi - -## Configure resource requests and limits -## ref: http://kubernetes.io/docs/user-guide/compute-resources/ -## -resources: - requests: - memory: 512Mi - cpu: 300m - -## Pod annotations -## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ -## -podAnnotations: {} - -## Affinity for pod assignment -## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -## -affinity: {} - -## Prometheus Exporter / Metrics -## -metrics: - enabled: false - image: - registry: docker.io - repository: bitnami/apache-exporter - tag: 0.8.0-debian-10-r217 - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistryKeySecretName - ## Metrics exporter pod Annotation and Labels - podAnnotations: - prometheus.io/scrape: "true" - prometheus.io/port: "9117" - ## Metrics exporter resource requests and limits - ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ - ## - # resources: {}