Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-02-10 20:27:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/superset] Set usePasswordFiles=true by default (#32778)

Browse Source 
* [bitnami/superset] Set `usePasswordFiles=true` by default

Signed-off-by: Miguel Ruiz <miguel.ruiz@broadcom.com>

* Add upgrading notes

Signed-off-by: Miguel Ruiz <miguel.ruiz@broadcom.com>

* Update CHANGELOG.md

Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com>

* Update README.md with readme-generator-for-helm

Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com>

* Update CHANGELOG.md

Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com>

* Fix init containers

Signed-off-by: Miguel Ruiz <miguel.ruiz@broadcom.com>

* Fix probes

Signed-off-by: Miguel Ruiz <miguel.ruiz@broadcom.com>

---------

Signed-off-by: Miguel Ruiz <miguel.ruiz@broadcom.com>
Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com>
Co-authored-by: Bitnami Bot <bitnami.bot@broadcom.com>
This commit is contained in:
Miguel Ruiz
2025-04-04 15:20:11 +02:00
committed by GitHub
parent d31ec15591
commit 89677d4091
11 changed files with 186 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
bitnami/superset/CHANGELOG.md
View File

@@ -1,8 +1,12 @@
# Changelog
## 1.1.3 (2025-04-02)
## 2.0.0 (2025-04-04)
* [bitnami/superset] Release 1.1.3 ([#32777](https://github.com/bitnami/charts/pull/32777))
* [bitnami/superset] Set `usePasswordFiles=true` by default ([#32778](https://github.com/bitnami/charts/pull/32778))
## <small>1.1.3 (2025-04-02)</small>
* [bitnami/superset] Release 1.1.3 (#32777) ([d856953](https://github.com/bitnami/charts/commit/d856953250bfdba841d438923045fdc67808d47c)), closes [#32777](https://github.com/bitnami/charts/issues/32777)
## <small>1.1.2 (2025-03-25)</small>

2
bitnami/superset/Chart.yaml
View File

@@ -38,4 +38,4 @@ sources:
- https://github.com/bitnami/charts/tree/main/bitnami/superset
- https://github.com/bitnami/containers/tree/main/bitnami/superset
- https://github.com/apache/superset
version: 1.1.3
version: 2.0.0

10
bitnami/superset/README.md
View File

@@ -172,6 +172,7 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| `commonAnnotations` | Annotations to add to all deployed objects | `{}` |
| `clusterDomain` | Kubernetes cluster domain name | `cluster.local` |
| `extraDeploy` | Array of extra objects to deploy with the release | `[]` |
| `usePasswordFiles` | Mount credentials as files instead of using an environment variable | `true` |
| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` |
| `diagnosticMode.command` | Command to override all containers in the chart release | `["sleep"]` |
| `diagnosticMode.args` | Args to override all containers in the chart release | `["infinity"]` |
@@ -516,7 +517,6 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| `flower.auth.enabled` | Enables Apache Celery flower HTTP basic authentication | `true` |
| `flower.auth.username` | Apache Celery flower username | `user` |
| `flower.auth.password` | Apache Celery flower password | `""` |
| `flower.auth.usePasswordFiles` | Mount credentials as files instead of using an environment variable | `true` |
| `flower.auth.existingSecret` | Name of existing secret to use for Superset Celery flower | `""` |
| `flower.livenessProbe.enabled` | Enable livenessProbe on Superset celery flower containers | `true` |
| `flower.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` |
@@ -740,6 +740,12 @@ helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/super
Find more information about how to deal with common errors related to Bitnami's Helm charts in [this troubleshooting guide](https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues).
## Upgrading
### To 2.0.0
This version replaces the value `flower.auth.usePasswordFiles` with the new value `usePasswordFiles`. When using `usePasswordFiles=true`, , all credentials will be mounted as files instead of using an environment variable.
## License
Copyright &copy; 2025 Broadcom. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries.
@@ -754,4 +760,4 @@ Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
limitations under the License.

45
bitnami/superset/templates/_helpers.tpl
View File

@@ -201,11 +201,16 @@ Add environment variables to configure database values
- name: SUPERSET_DATABASE_USER
value: {{ include "superset.database.user" . | quote }}
{{- if or (not .Values.postgresql.enabled) .Values.postgresql.auth.enablePostgresUser }}
{{- if .Values.usePasswordFiles }}
- name: SUPERSET_DATABASE_PASSWORD_FILE
value: {{ printf "/opt/bitnami/superset/secrets/%s" (include "superset.database.secretKey" .) }}
{{- else }}
- name: SUPERSET_DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "superset.postgresql.secretName" . }}
key: {{ include "superset.database.secretKey" . }}
{{- end }}
{{- else }}
- name: ALLOW_EMPTY_PASSWORD
value: "true"
@@ -222,22 +227,32 @@ Add environment variables to configure redis values
value: {{ include "superset.redis.port" . | quote }}
- name: REDIS_USER
value: {{ ternary "default" .Values.externalRedis.username .Values.redis.enabled | quote }}
{{- if .Values.usePasswordFiles }}
- name: REDIS_PASSWORD_FILE
value: {{ printf "/opt/bitnami/superset/secrets/%s" (include "superset.redis.secretKey" .) }}
{{- else }}
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "superset.redis.secretName" . }}
key: {{ include "superset.redis.secretKey" . }}
{{- end }}
{{- end -}}
{{/*
Add environment variables to configure superset common values
*/}}
{{- define "superset.configure.common" -}}
{{- if .Values.usePasswordFiles }}
- name: SUPERSET_SECRET_KEY_FILE
value: "/opt/bitnami/superset/secrets/superset-secret-key"
{{- else }}
- name: SUPERSET_SECRET_KEY
valueFrom:
secretKeyRef:
name: {{ include "superset.secretName" . }}
key: superset-secret-key
{{- end }}
{{- if or .Values.existingConfigmap .Values.config }}
- name: SUPERSET_CONF_FILE
value: "/bitnami/superset/conf/superset_config.py"
@@ -276,6 +291,10 @@ Init container definition to wait for PostgreSQL
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libpostgresql.sh
{{- if .Values.usePasswordFiles }}
export SUPERSET_DATABASE_PASSWORD="$(< $SUPERSET_DATABASE_PASSWORD_FILE)"
{{- end }}
check_postgresql_connection() {
echo "SELECT 1" | postgresql_remote_execute "$SUPERSET_DATABASE_HOST" "$SUPERSET_DATABASE_PORT_NUMBER" "$SUPERSET_DATABASE_NAME" "$SUPERSET_DATABASE_USER" "$SUPERSET_DATABASE_PASSWORD"
}
@@ -289,6 +308,12 @@ Init container definition to wait for PostgreSQL
fi
env:
{{- include "superset.configure.database" . | nindent 4 }}
{{- if .Values.usePasswordFiles }}
volumeMounts:
- name: superset-secrets
mountPath: /opt/bitnami/superset/secrets
readOnly: true
{{- end }}
{{- end -}}
{{/*
@@ -320,6 +345,10 @@ Init container definition to wait for Redis
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/liblog.sh
{{- if .Values.usePasswordFiles }}
export REDIS_PASSWORD="$(< $REDIS_PASSWORD_FILE)"
{{- end }}
check_redis_connection() {
local result="$(redis-cli -h ${REDIS_HOST} -p ${REDIS_PORT_NUMBER} -a ${REDIS_PASSWORD} --user ${REDIS_USER} PING)"
if [[ "$result" != "PONG" ]]; then
@@ -336,6 +365,12 @@ Init container definition to wait for Redis
fi
env:
{{- include "superset.configure.redis" . | nindent 4 }}
{{- if .Values.usePasswordFiles }}
volumeMounts:
- name: superset-secrets
mountPath: /opt/bitnami/superset/secrets
readOnly: true
{{- end }}
{{- end }}
{{- define "superset.initContainers.waitForExamples" -}}
@@ -365,6 +400,10 @@ Init container definition to wait for Redis
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libpostgresql.sh
{{- if .Values.usePasswordFiles }}
export SUPERSET_DATABASE_PASSWORD="$(< $SUPERSET_DATABASE_PASSWORD_FILE)"
{{- end }}
check_examples_database() {
echo "SELECT dashboard_title FROM dashboards" | postgresql_remote_execute_print_output "$SUPERSET_DATABASE_HOST" "$SUPERSET_DATABASE_PORT_NUMBER" "$SUPERSET_DATABASE_NAME" "$SUPERSET_DATABASE_USER" "$SUPERSET_DATABASE_PASSWORD" | grep "Dashboard"
}
@@ -378,6 +417,12 @@ Init container definition to wait for Redis
fi
env:
{{- include "superset.configure.database" . | nindent 4 }}
{{- if .Values.usePasswordFiles }}
volumeMounts:
- name: superset-secrets
mountPath: /opt/bitnami/superset/secrets
readOnly: true
{{- end }}
{{- end }}
{{/*

21
bitnami/superset/templates/beat/deployment.yaml
View File

@@ -161,6 +161,11 @@ spec:
- name: empty-dir
mountPath: /opt/bitnami/superset/tmp
subPath: app-tmp-dir
{{- if .Values.usePasswordFiles }}
- name: superset-secrets
mountPath: /opt/bitnami/superset/secrets
readOnly: true
{{- end }}
{{- if or .Values.existingConfigmap .Values.config }}
- name: superset-config
mountPath: /bitnami/superset/conf
@@ -174,6 +179,22 @@ spec:
volumes:
- name: empty-dir
emptyDir: {}
{{- if .Values.usePasswordFiles }}
- name: superset-secrets
projected:
sources:
- secret:
name: {{ include "superset.secretName" . }}
items:
- key: superset-secret-key
path: superset-secret-key
- secret:
name: {{ include "superset.redis.secretName" . }}
{{- if or (not .Values.postgresql.enabled) .Values.postgresql.auth.enablePostgresUser }}
- secret:
name: {{ include "superset.postgresql.secretName" . }}
{{- end }}
{{- end }}
{{- if or .Values.existingConfigmap .Values.config }}
- name: superset-config
configMap:

4
bitnami/superset/templates/externaldb-secrets.yaml
View File

@@ -3,7 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved.
SPDX-License-Identifier: APACHE-2.0
*/}}
{{- if and (not .Values.postgresql.enabled) (not .Values.externalDatabase.existingSecret) .Values.externalDatabase.password -}}
{{- if and (not .Values.postgresql.enabled) (not .Values.externalDatabase.existingSecret) .Values.externalDatabase.password }}
apiVersion: v1
kind: Secret
metadata:
@@ -17,7 +17,7 @@ type: Opaque
data:
{{ .Values.externalDatabase.existingSecretPasswordKey }}: {{ .Values.externalDatabase.password | b64enc | quote }}
{{- end }}
{{- if and (not .Values.redis.enabled) (not .Values.externalRedis.existingSecret) .Values.externalRedis.password -}}
{{- if and (not .Values.redis.enabled) (not .Values.externalRedis.existingSecret) .Values.externalRedis.password }}
---
apiVersion: v1
kind: Secret

30
bitnami/superset/templates/flower/deployment.yaml
View File

@@ -175,8 +175,8 @@ spec:
- name: empty-dir
mountPath: /opt/bitnami/superset/superset_home
subPath: superset-home
{{- if and .Values.flower.auth.enabled .Values.flower.auth.usePasswordFiles }}
- name: flower-basic-auth
{{- if .Values.usePasswordFiles }}
- name: superset-secrets
mountPath: /opt/bitnami/superset/secrets
readOnly: true
{{- end }}
@@ -193,13 +193,25 @@ spec:
volumes:
- name: empty-dir
emptyDir: {}
{{- if and .Values.flower.auth.enabled .Values.flower.auth.usePasswordFiles }}
- name: flower-basic-auth
secret:
secretName: {{ template "superset.flower.secretName" . }}
items:
- key: flower-basic-auth
path: flower-basic-auth
{{- if .Values.usePasswordFiles }}
- name: superset-secrets
projected:
sources:
- secret:
name: {{ include "superset.secretName" . }}
items:
- key: superset-secret-key
path: superset-secret-key
- secret:
name: {{ include "superset.redis.secretName" . }}
{{- if .Values.flower.auth.enabled }}
- secret:
name: {{ include "superset.flower.secretName" . }}
{{- end }}
{{- if or (not .Values.postgresql.enabled) .Values.postgresql.auth.enablePostgresUser }}
- secret:
name: {{ include "superset.postgresql.secretName" . }}
{{- end }}
{{- end }}
{{- if or .Values.existingConfigmap .Values.config }}
- name: superset-config

28
bitnami/superset/templates/init/init-job.yaml
View File

@@ -74,11 +74,16 @@ spec:
value: {{ .Values.auth.username | quote }}
- name: SUPERSET_EMAIL
value: {{ .Values.auth.email | quote }}
{{- if .Values.usePasswordFiles }}
- name: SUPERSET_PASSWORD_FILE
value: "/opt/bitnami/superset/secrets/superset-password"
{{- else }}
- name: SUPERSET_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "superset.secretName" . }}
key: superset-password
{{- end }}
- name: SUPERSET_LOAD_EXAMPLES
value: {{ ternary "true" "false" .Values.loadExamples | quote }}
{{- if .Values.init.extraEnvVars }}
@@ -105,6 +110,11 @@ spec:
- name: empty-dir
mountPath: /opt/bitnami/superset/superset_home
subPath: superset-home
{{- if .Values.usePasswordFiles }}
- name: superset-secrets
mountPath: /opt/bitnami/superset/secrets
readOnly: true
{{- end }}
{{- if or .Values.existingConfigmap .Values.config }}
- name: superset-config
mountPath: /bitnami/superset/conf
@@ -118,6 +128,24 @@ spec:
volumes:
- name: empty-dir
emptyDir: {}
{{- if .Values.usePasswordFiles }}
- name: superset-secrets
projected:
sources:
- secret:
name: {{ include "superset.secretName" . }}
items:
- key: superset-secret-key
path: superset-secret-key
- key: superset-password
path: superset-password
- secret:
name: {{ include "superset.redis.secretName" . }}
{{- if or (not .Values.postgresql.enabled) .Values.postgresql.auth.enablePostgresUser }}
- secret:
name: {{ include "superset.postgresql.secretName" . }}
{{- end }}
{{- end }}
{{- if or .Values.existingConfigmap .Values.config }}
- name: superset-config
configMap:

21
bitnami/superset/templates/web/deployment.yaml
View File

@@ -167,6 +167,11 @@ spec:
- name: empty-dir
mountPath: /opt/bitnami/superset/superset_home
subPath: superset-home
{{- if .Values.usePasswordFiles }}
- name: superset-secrets
mountPath: /opt/bitnami/superset/secrets
readOnly: true
{{- end }}
{{- if or .Values.existingConfigmap .Values.config }}
- name: superset-config
mountPath: /bitnami/superset/conf
@@ -180,6 +185,22 @@ spec:
volumes:
- name: empty-dir
emptyDir: {}
{{- if .Values.usePasswordFiles }}
- name: superset-secrets
projected:
sources:
- secret:
name: {{ include "superset.secretName" . }}
items:
- key: superset-secret-key
path: superset-secret-key
- secret:
name: {{ include "superset.redis.secretName" . }}
{{- if or (not .Values.postgresql.enabled) .Values.postgresql.auth.enablePostgresUser }}
- secret:
name: {{ include "superset.postgresql.secretName" . }}
{{- end }}
{{- end }}
{{- if or .Values.existingConfigmap .Values.config }}
- name: superset-config
configMap:

30
bitnami/superset/templates/worker/deployment.yaml
View File

@@ -131,6 +131,9 @@ spec:
- /bin/bash
- -ec
- |
{{- if .Values.usePasswordFiles }}
export SUPERSET_SECRET_KEY="$(< $SUPERSET_SECRET_KEY_FILE)"
{{- end }}
. /opt/bitnami/scripts/superset-env.sh && celery -A superset.tasks.celery_app:app inspect ping -d celery@$HOSTNAME
{{- end }}
{{- if .Values.worker.customReadinessProbe }}
@@ -142,6 +145,9 @@ spec:
- /bin/bash
- -ec
- |
{{- if .Values.usePasswordFiles }}
export SUPERSET_SECRET_KEY="$(< $SUPERSET_SECRET_KEY_FILE)"
{{- end }}
. /opt/bitnami/scripts/superset-env.sh && celery -A superset.tasks.celery_app:app inspect ping -d celery@$HOSTNAME
{{- end }}
{{- if .Values.worker.customStartupProbe }}
@@ -153,6 +159,9 @@ spec:
- /bin/bash
- -ec
- |
{{- if .Values.usePasswordFiles }}
export SUPERSET_SECRET_KEY="$(< $SUPERSET_SECRET_KEY_FILE)"
{{- end }}
. /opt/bitnami/scripts/superset-env.sh && celery -A superset.tasks.celery_app:app inspect ping -d celery@$HOSTNAME
{{- end }}
{{- end }}
@@ -166,6 +175,11 @@ spec:
- name: empty-dir
mountPath: /opt/bitnami/superset/superset_home
subPath: superset-home
{{- if .Values.usePasswordFiles }}
- name: superset-secrets
mountPath: /opt/bitnami/superset/secrets
readOnly: true
{{- end }}
{{- if or .Values.existingConfigmap .Values.config }}
- name: superset-config
mountPath: /bitnami/superset/conf
@@ -179,6 +193,22 @@ spec:
volumes:
- name: empty-dir
emptyDir: {}
{{- if .Values.usePasswordFiles }}
- name: superset-secrets
projected:
sources:
- secret:
name: {{ include "superset.secretName" . }}
items:
- key: superset-secret-key
path: superset-secret-key
- secret:
name: {{ include "superset.redis.secretName" . }}
{{- if or (not .Values.postgresql.enabled) .Values.postgresql.auth.enablePostgresUser }}
- secret:
name: {{ include "superset.postgresql.secretName" . }}
{{- end }}
{{- end }}
{{- if or .Values.existingConfigmap .Values.config }}
- name: superset-config
configMap:

6
bitnami/superset/values.yaml
View File

@@ -59,6 +59,9 @@ clusterDomain: cluster.local
## @param extraDeploy Array of extra objects to deploy with the release
##
extraDeploy: []
## @param usePasswordFiles Mount credentials as files instead of using an environment variable
##
usePasswordFiles: true
## Diagnostic mode
## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden)
## @param diagnosticMode.command Command to override all containers in the chart release
@@ -1488,9 +1491,6 @@ flower:
## If empty, a random password will be autogenerated
##
password: ""
## @param flower.auth.usePasswordFiles Mount credentials as files instead of using an environment variable
##
usePasswordFiles: true
## @param flower.auth.existingSecret Name of existing secret to use for Superset Celery flower
## The secret must contain the key 'flower-basic-auth' encoding the HTTP basic auth string
##