mirror of
https://github.com/bitnami/charts.git
synced 2026-03-29 16:27:11 +08:00
[bitnami/airflow] Move venv to emptydir volume (#34560)
* [bitnami/airflow] Move venv to emptydir volume Signed-off-by: Jota Martos <jota.martos@broadcom.com> * Update CHANGELOG.md Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com> * [bitnami/airflow] Mount entire venv folder and remove the tmp volume Signed-off-by: Jota Martos <jota.martos@broadcom.com> * Update CHANGELOG.md Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com> --------- Signed-off-by: Jota Martos <jota.martos@broadcom.com> Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com> Signed-off-by: Juan José Martos <jota.martos@broadcom.com> Co-authored-by: Bitnami Bot <bitnami.bot@broadcom.com>
This commit is contained in:
Juan José Martos
@@ -1,8 +1,12 @@
|
||||
# Changelog
|
||||
|
||||
## 24.1.5 (2025-06-23)
|
||||
## 24.2.0 (2025-06-24)
|
||||
|
||||
* [bitnami/airflow] Configure correct section for api/web secret_key ([#34581](https://github.com/bitnami/charts/pull/34581))
|
||||
* [bitnami/airflow] Move venv to emptydir volume ([#34560](https://github.com/bitnami/charts/pull/34560))
|
||||
|
||||
## <small>24.1.5 (2025-06-23)</small>
|
||||
|
||||
* [bitnami/airflow] Configure correct section for api/web secret_key (#34581) ([fe92d1b](https://github.com/bitnami/charts/commit/fe92d1b2ed3277e8c8549f5732544253ea1178ba)), closes [#34581](https://github.com/bitnami/charts/issues/34581)
|
||||
|
||||
## <small>24.1.4 (2025-06-19)</small>
|
||||
|
||||
|
||||
@@ -1,12 +1,12 @@
|
||||
dependencies:
|
||||
- name: redis
|
||||
repository: oci://registry-1.docker.io/bitnamicharts
|
||||
version: 21.0.0
|
||||
version: 21.2.5
|
||||
- name: postgresql
|
||||
repository: oci://registry-1.docker.io/bitnamicharts
|
||||
version: 16.6.7
|
||||
version: 16.7.12
|
||||
- name: common
|
||||
repository: oci://registry-1.docker.io/bitnamicharts
|
||||
version: 2.31.0
|
||||
digest: sha256:d023829727da5c3e903ce8395aac7b71e772dffdccda5adbd3a7814b95fd6466
|
||||
generated: "2025-05-07T13:42:16.588126828+02:00"
|
||||
version: 2.31.3
|
||||
digest: sha256:23cc711ec8a39f61ee0c3c0fcb0d7aed5b4f50984a129f87e1e72bf06a79637a
|
||||
generated: "2025-06-19T12:31:27.435641+02:00"
|
||||
|
||||
@@ -42,4 +42,4 @@ maintainers:
|
||||
name: airflow
|
||||
sources:
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/airflow
|
||||
version: 24.1.5
|
||||
version: 24.2.0
|
||||
|
||||
@@ -459,6 +459,19 @@ The Bitnami Airflow chart relies on the PostgreSQL chart persistence. This means
|
||||
| `defaultInitContainers.waitForDBMigrations.containerSecurityContext.seccompProfile.type` | Set seccomp profile in "wait-for-db-migrations" init-containers | `RuntimeDefault` |
|
||||
| `defaultInitContainers.waitForDBMigrations.resourcesPreset` | Set Airflow "wait-for-db-migrations" init container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if defaultInitContainers.waitForDBMigrations.resources is set (defaultInitContainers.waitForDBMigrations.resources is recommended for production). | `micro` |
|
||||
| `defaultInitContainers.waitForDBMigrations.resources` | Set Airflow "wait-for-db-migrations" init container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
|
||||
| `defaultInitContainers.prepareVenv.containerSecurityContext.enabled` | Enabled "prepare-venv" init-containers' Security Context | `true` |
|
||||
| `defaultInitContainers.prepareVenv.containerSecurityContext.seLinuxOptions` | Set SELinux options in "prepare-venv" init-containers | `{}` |
|
||||
| `defaultInitContainers.prepareVenv.containerSecurityContext.runAsUser` | Set runAsUser in "prepare-venv" init-containers' Security Context | `1001` |
|
||||
| `defaultInitContainers.prepareVenv.containerSecurityContext.runAsGroup` | Set runAsUser in "prepare-venv" init-containers' Security Context | `1001` |
|
||||
| `defaultInitContainers.prepareVenv.containerSecurityContext.runAsNonRoot` | Set runAsNonRoot in "prepare-venv" init-containers' Security Context | `true` |
|
||||
| `defaultInitContainers.prepareVenv.containerSecurityContext.readOnlyRootFilesystem` | Set readOnlyRootFilesystem in "prepare-venv" init-containers' Security Context | `true` |
|
||||
| `defaultInitContainers.prepareVenv.containerSecurityContext.privileged` | Set privileged in "prepare-venv" init-containers' Security Context | `false` |
|
||||
| `defaultInitContainers.prepareVenv.containerSecurityContext.allowPrivilegeEscalation` | Set allowPrivilegeEscalation in "prepare-venv" init-containers' Security Context | `false` |
|
||||
| `defaultInitContainers.prepareVenv.containerSecurityContext.capabilities.add` | List of capabilities to be added in "prepare-venv" init-containers | `[]` |
|
||||
| `defaultInitContainers.prepareVenv.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped in "prepare-venv" init-containers | `["ALL"]` |
|
||||
| `defaultInitContainers.prepareVenv.containerSecurityContext.seccompProfile.type` | Set seccomp profile in "prepare-venv" init-containers | `RuntimeDefault` |
|
||||
| `defaultInitContainers.prepareVenv.resourcesPreset` | Set Airflow "prepare-venv" init container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if defaultInitContainers.prepareVenv.resources is set (defaultInitContainers.prepareVenv.resources is recommended for production). | `nano` |
|
||||
| `defaultInitContainers.prepareVenv.resources` | Set Airflow "prepare-venv" init container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
|
||||
| `defaultInitContainers.loadDAGsPlugins.command` | Override cmd | `[]` |
|
||||
| `defaultInitContainers.loadDAGsPlugins.args` | Override args | `[]` |
|
||||
| `defaultInitContainers.loadDAGsPlugins.extraVolumeMounts` | Add extra volume mounts | `[]` |
|
||||
|
||||
@@ -274,6 +274,40 @@ create folders or volume names
|
||||
{{- .name | default $defaultName | kebabcase -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Returns an init-container that prepares the venv directory
|
||||
*/}}
|
||||
{{- define "airflow.defaultInitContainers.prepareVenv" -}}
|
||||
- name: prepare-venv
|
||||
image: {{ include "airflow.image" . }}
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
{{- if .Values.defaultInitContainers.prepareVenv.containerSecurityContext.enabled }}
|
||||
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.defaultInitContainers.prepareVenv.containerSecurityContext "context" .) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.defaultInitContainers.prepareVenv.resources }}
|
||||
resources: {{- toYaml .Values.defaultInitContainers.prepareVenv.resources | nindent 4 }}
|
||||
{{- else if ne .Values.defaultInitContainers.prepareVenv.resourcesPreset "none" }}
|
||||
resources: {{- include "common.resources.preset" (dict "type" .Values.defaultInitContainers.prepareVenv.resourcesPreset) | nindent 4 }}
|
||||
{{- end }}
|
||||
command:
|
||||
- /bin/bash
|
||||
args:
|
||||
- -ec
|
||||
- |
|
||||
. /opt/bitnami/scripts/libairflow.sh
|
||||
|
||||
# Copy the configuration files to the writable directory
|
||||
cp -r --preserve=mode /opt/bitnami/airflow/venv /emptydir/venv-base-dir
|
||||
|
||||
info "Copy operation completed"
|
||||
env:
|
||||
- name: BITNAMI_DEBUG
|
||||
value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
|
||||
volumeMounts:
|
||||
- name: empty-dir
|
||||
mountPath: /emptydir
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Returns shared structure between load-dags and load-plugins init containers
|
||||
*/}}
|
||||
|
||||
@@ -69,6 +69,7 @@ data:
|
||||
initContainers:
|
||||
{{- include "airflow.defaultInitContainers.prepareConfig" . | nindent 8 }}
|
||||
{{- include "airflow.defaultInitContainers.prepareWebConfig" . | nindent 8 }}
|
||||
{{- include "airflow.defaultInitContainers.prepareVenv" . | nindent 8 }}
|
||||
{{- if .Values.dags.enabled }}
|
||||
{{- include "airflow.defaultInitContainers.loadDAGs" . | nindent 8 }}
|
||||
{{- end }}
|
||||
@@ -202,6 +203,9 @@ data:
|
||||
- name: empty-dir
|
||||
mountPath: /opt/bitnami/airflow/webserver_config.py
|
||||
subPath: app-base-dir/webserver_config.py
|
||||
- name: empty-dir
|
||||
mountPath: /opt/bitnami/airflow/venv
|
||||
subPath: venv-base-dir
|
||||
{{- if .Values.usePasswordFiles }}
|
||||
- name: airflow-secrets
|
||||
mountPath: /opt/bitnami/airflow/secrets
|
||||
|
||||
@@ -72,6 +72,7 @@ spec:
|
||||
{{- end }}
|
||||
initContainers:
|
||||
{{- include "airflow.defaultInitContainers.prepareConfig" . | nindent 8 }}
|
||||
{{- include "airflow.defaultInitContainers.prepareVenv" . | nindent 8 }}
|
||||
{{- if .Values.dags.enabled }}
|
||||
{{- include "airflow.defaultInitContainers.loadDAGs" . | nindent 8 }}
|
||||
{{- end }}
|
||||
@@ -209,11 +210,9 @@ spec:
|
||||
- name: empty-dir
|
||||
mountPath: /opt/bitnami/airflow/config/airflow_local_settings.py
|
||||
subPath: app-conf-dir/airflow_local_settings.py
|
||||
{{- if and .Values.web.containerSecurityContext.enabled .Values.web.containerSecurityContext.readOnlyRootFilesystem }}
|
||||
- name: empty-dir
|
||||
mountPath: /opt/bitnami/airflow/venv/tmp
|
||||
subPath: app-pyc-cache-dir
|
||||
{{- end }}
|
||||
mountPath: /opt/bitnami/airflow/venv
|
||||
subPath: venv-base-dir
|
||||
{{- if .Values.usePasswordFiles }}
|
||||
- name: airflow-secrets
|
||||
mountPath: /opt/bitnami/airflow/secrets
|
||||
|
||||
@@ -76,6 +76,7 @@ spec:
|
||||
{{- end }}
|
||||
initContainers:
|
||||
{{- include "airflow.defaultInitContainers.prepareConfig" . | nindent 8 }}
|
||||
{{- include "airflow.defaultInitContainers.prepareVenv" . | nindent 8 }}
|
||||
{{- if and .Values.dags.enabled }}
|
||||
{{- include "airflow.defaultInitContainers.loadDAGs" . | nindent 8 }}
|
||||
{{- end }}
|
||||
@@ -225,11 +226,9 @@ spec:
|
||||
- name: empty-dir
|
||||
mountPath: /opt/bitnami/airflow/config/airflow_local_settings.py
|
||||
subPath: app-conf-dir/airflow_local_settings.py
|
||||
{{- if and .Values.web.containerSecurityContext.enabled .Values.web.containerSecurityContext.readOnlyRootFilesystem }}
|
||||
- name: empty-dir
|
||||
mountPath: /opt/bitnami/airflow/venv/tmp
|
||||
subPath: app-pyc-cache-dir
|
||||
{{- end }}
|
||||
mountPath: /opt/bitnami/airflow/venv
|
||||
subPath: venv-base-dir
|
||||
{{- if .Values.usePasswordFiles }}
|
||||
- name: airflow-secrets
|
||||
mountPath: /opt/bitnami/airflow/secrets
|
||||
|
||||
@@ -76,6 +76,7 @@ spec:
|
||||
{{- end }}
|
||||
initContainers:
|
||||
{{- include "airflow.defaultInitContainers.prepareConfig" . | nindent 8 }}
|
||||
{{- include "airflow.defaultInitContainers.prepareVenv" . | nindent 8 }}
|
||||
{{- if .Values.dags.enabled }}
|
||||
{{- include "airflow.defaultInitContainers.loadDAGs" . | nindent 8 }}
|
||||
{{- end }}
|
||||
@@ -213,11 +214,9 @@ spec:
|
||||
- name: empty-dir
|
||||
mountPath: /opt/bitnami/airflow/config/airflow_local_settings.py
|
||||
subPath: app-conf-dir/airflow_local_settings.py
|
||||
{{- if and .Values.web.containerSecurityContext.enabled .Values.web.containerSecurityContext.readOnlyRootFilesystem }}
|
||||
- name: empty-dir
|
||||
mountPath: /opt/bitnami/airflow/venv/tmp
|
||||
subPath: app-pyc-cache-dir
|
||||
{{- end }}
|
||||
mountPath: /opt/bitnami/airflow/venv
|
||||
subPath: venv-base-dir
|
||||
{{- if .Values.usePasswordFiles }}
|
||||
- name: airflow-secrets
|
||||
mountPath: /opt/bitnami/airflow/secrets
|
||||
|
||||
@@ -73,6 +73,7 @@ spec:
|
||||
initContainers:
|
||||
{{- include "airflow.defaultInitContainers.prepareConfig" . | nindent 8 }}
|
||||
{{- include "airflow.defaultInitContainers.prepareWebConfig" . | nindent 8 }}
|
||||
{{- include "airflow.defaultInitContainers.prepareVenv" . | nindent 8 }}
|
||||
{{- if .Values.dags.enabled }}
|
||||
{{- include "airflow.defaultInitContainers.loadDAGs" . | nindent 8 }}
|
||||
{{- end }}
|
||||
@@ -239,11 +240,9 @@ spec:
|
||||
- name: empty-dir
|
||||
mountPath: /opt/bitnami/airflow/webserver_config.py
|
||||
subPath: app-base-dir/webserver_config.py
|
||||
{{- if and .Values.web.containerSecurityContext.enabled .Values.web.containerSecurityContext.readOnlyRootFilesystem }}
|
||||
- name: empty-dir
|
||||
mountPath: /opt/bitnami/airflow/venv/tmp
|
||||
subPath: app-pyc-cache-dir
|
||||
{{- end }}
|
||||
mountPath: /opt/bitnami/airflow/venv
|
||||
subPath: venv-base-dir
|
||||
{{- if .Values.usePasswordFiles }}
|
||||
- name: airflow-secrets
|
||||
mountPath: /opt/bitnami/airflow/secrets
|
||||
|
||||
@@ -78,6 +78,7 @@ spec:
|
||||
initContainers:
|
||||
{{- include "airflow.defaultInitContainers.prepareConfig" . | nindent 8 }}
|
||||
{{- include "airflow.defaultInitContainers.prepareWebConfig" . | nindent 8 }}
|
||||
{{- include "airflow.defaultInitContainers.prepareVenv" . | nindent 8 }}
|
||||
{{- if .Values.dags.enabled }}
|
||||
{{- include "airflow.defaultInitContainers.loadDAGs" . | nindent 8 }}
|
||||
{{- end }}
|
||||
@@ -223,11 +224,9 @@ spec:
|
||||
- name: empty-dir
|
||||
mountPath: /opt/bitnami/airflow/webserver_config.py
|
||||
subPath: app-base-dir/webserver_config.py
|
||||
{{- if and .Values.web.containerSecurityContext.enabled .Values.web.containerSecurityContext.readOnlyRootFilesystem }}
|
||||
- name: empty-dir
|
||||
mountPath: /opt/bitnami/airflow/venv/tmp
|
||||
subPath: app-pyc-cache-dir
|
||||
{{- end }}
|
||||
mountPath: /opt/bitnami/airflow/venv
|
||||
subPath: venv-base-dir
|
||||
{{- if .Values.usePasswordFiles }}
|
||||
- name: airflow-secrets
|
||||
mountPath: /opt/bitnami/airflow/secrets
|
||||
|
||||
@@ -322,6 +322,52 @@ defaultInitContainers:
|
||||
## memory: 1024Mi
|
||||
##
|
||||
resources: {}
|
||||
prepareVenv:
|
||||
## Configure "prepare-venv" init-container Security Context
|
||||
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
|
||||
## @param defaultInitContainers.prepareVenv.containerSecurityContext.enabled Enabled "prepare-venv" init-containers' Security Context
|
||||
## @param defaultInitContainers.prepareVenv.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in "prepare-venv" init-containers
|
||||
## @param defaultInitContainers.prepareVenv.containerSecurityContext.runAsUser Set runAsUser in "prepare-venv" init-containers' Security Context
|
||||
## @param defaultInitContainers.prepareVenv.containerSecurityContext.runAsGroup Set runAsUser in "prepare-venv" init-containers' Security Context
|
||||
## @param defaultInitContainers.prepareVenv.containerSecurityContext.runAsNonRoot Set runAsNonRoot in "prepare-venv" init-containers' Security Context
|
||||
## @param defaultInitContainers.prepareVenv.containerSecurityContext.readOnlyRootFilesystem Set readOnlyRootFilesystem in "prepare-venv" init-containers' Security Context
|
||||
## @param defaultInitContainers.prepareVenv.containerSecurityContext.privileged Set privileged in "prepare-venv" init-containers' Security Context
|
||||
## @param defaultInitContainers.prepareVenv.containerSecurityContext.allowPrivilegeEscalation Set allowPrivilegeEscalation in "prepare-venv" init-containers' Security Context
|
||||
## @param defaultInitContainers.prepareVenv.containerSecurityContext.capabilities.add List of capabilities to be added in "prepare-venv" init-containers
|
||||
## @param defaultInitContainers.prepareVenv.containerSecurityContext.capabilities.drop List of capabilities to be dropped in "prepare-venv" init-containers
|
||||
## @param defaultInitContainers.prepareVenv.containerSecurityContext.seccompProfile.type Set seccomp profile in "prepare-venv" init-containers
|
||||
##
|
||||
containerSecurityContext:
|
||||
enabled: true
|
||||
seLinuxOptions: {}
|
||||
runAsUser: 1001
|
||||
runAsGroup: 1001
|
||||
runAsNonRoot: true
|
||||
readOnlyRootFilesystem: true
|
||||
privileged: false
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
add: []
|
||||
drop: ["ALL"]
|
||||
seccompProfile:
|
||||
type: "RuntimeDefault"
|
||||
## Airflow "prepare-venv" init container resource requests and limits
|
||||
## ref: http://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
||||
## @param defaultInitContainers.prepareVenv.resourcesPreset Set Airflow "prepare-venv" init container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if defaultInitContainers.prepareVenv.resources is set (defaultInitContainers.prepareVenv.resources is recommended for production).
|
||||
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
||||
##
|
||||
resourcesPreset: "nano"
|
||||
## @param defaultInitContainers.prepareVenv.resources Set Airflow "prepare-venv" init container requests and limits for different resources like CPU or memory (essential for production workloads)
|
||||
## E.g:
|
||||
## resources:
|
||||
## requests:
|
||||
## cpu: 2
|
||||
## memory: 512Mi
|
||||
## limits:
|
||||
## cpu: 3
|
||||
## memory: 1024Mi
|
||||
##
|
||||
resources: {}
|
||||
## Airflow "load-dags-plugins" init container
|
||||
## Used to load DAGs and/or plugins from a ConfigMap or Git repositories
|
||||
##
|
||||
|
||||
Reference in New Issue
Block a user