diff --git a/charts/openarchiefbeheer/Chart.yaml b/charts/openarchiefbeheer/Chart.yaml index 186bd85..2854098 100644 --- a/charts/openarchiefbeheer/Chart.yaml +++ b/charts/openarchiefbeheer/Chart.yaml @@ -3,8 +3,8 @@ name: openarchiefbeheer description: Opstellen, beheren en uitvoeren van vernietigingslijsten, voor gebruik met Zaakgericht werken type: application -version: 1.0.2 -appVersion: 0.1.0-beta.12 +version: 1.1.0-beta.1 +appVersion: latest dependencies: - name: redis diff --git a/charts/openarchiefbeheer/README.md b/charts/openarchiefbeheer/README.md index 7726636..31ec7bd 100644 --- a/charts/openarchiefbeheer/README.md +++ b/charts/openarchiefbeheer/README.md @@ -1,16 +1,9 @@ # openarchiefbeheer -![Version: 1.0.2](https://img.shields.io/badge/Version-1.0.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.0-beta.12](https://img.shields.io/badge/AppVersion-0.1.0--beta.12-informational?style=flat-square) +![Version: 1.1.0-beta.1](https://img.shields.io/badge/Version-1.1.0--beta.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: latest](https://img.shields.io/badge/AppVersion-latest-informational?style=flat-square) Opstellen, beheren en uitvoeren van vernietigingslijsten, voor gebruik met Zaakgericht werken -## TL;DR - -```console -helm repo add my-repo https://maykinmedia.github.io/charts/ -helm install my-release my-repo/openarchiefbeheer -``` - ## Requirements | Repository | Name | Version | @@ -37,6 +30,15 @@ helm install my-release my-repo/openarchiefbeheer | beat.readinessProbe | object | `{}` | | | beat.replicaCount | int | `1` | | | beat.resources | object | `{}` | | +| configuration.data | string | `""` | | +| configuration.enabled | bool | `false` | | +| configuration.initContainer.enabled | bool | `false` | Run the setup configuration command in a init container | +| configuration.job.backoffLimit | int | `6` | | +| configuration.job.enabled | bool | `true` | Run the setup configuration command as a job | +| configuration.job.resources | object | `{}` | | +| configuration.job.restartPolicy | string | `"OnFailure"` | | +| configuration.job.ttlSecondsAfterFinished | int | `0` | 0 Will clean the job after it is finished | +| configuration.secrets | object | `{}` | | | existingSecret | string | `nil` | | | extraEnvVars | list | `[]` | | | extraIngress | list | `[]` | | @@ -51,6 +53,8 @@ helm install my-release my-repo/openarchiefbeheer | flower.service.port | int | `80` | | | flower.service.type | string | `"ClusterIP"` | | | fullnameOverride | string | `""` | | +| global.configuration.enabled | bool | `false` | | +| global.configuration.secrets | object | `{}` | | | image.pullPolicy | string | `"IfNotPresent"` | | | image.repository | string | `"maykinmedia/open-archiefbeheer"` | | | image.tag | string | `""` | | diff --git a/charts/openarchiefbeheer/templates/_helpers.tpl b/charts/openarchiefbeheer/templates/_helpers.tpl index e712da4..4b9d83c 100644 --- a/charts/openarchiefbeheer/templates/_helpers.tpl +++ b/charts/openarchiefbeheer/templates/_helpers.tpl @@ -67,6 +67,37 @@ Create the name of the service account to use {{- end }} {{- end }} +{{/* +Create a name for Config cronjob +We truncate at 56 chars in order to provide space for the "-config" suffix +*/}} +{{- define "openarchiefbeheer.configName" -}} +{{ include "openarchiefbeheer.name" . | trunc 56 | trimSuffix "-" }}-config +{{- end }} + +{{/* +Create a default fully qualified name for config. +We truncate at 56 chars in order to provide space for the "-config" suffix +*/}} +{{- define "openarchiefbeheer.configFullname" -}} +{{ include "openarchiefbeheer.fullname" . | trunc 56 | trimSuffix "-" }}-config +{{- end }} + +{{/* +config labels +*/}} +{{- define "openarchiefbeheer.configLabels" -}} +{{ include "openarchiefbeheer.commonLabels" . }} +{{ include "openarchiefbeheer.configSelectorLabels" . }} +{{- end }} + +{{/* +config selector labels +*/}} +{{- define "openarchiefbeheer.configSelectorLabels" -}} +app.kubernetes.io/name: {{ include "openarchiefbeheer.configName" . }} +{{- end }} + {{/* Create a name for NGINX We truncate at 57 chars in order to provide space for the "-nginx" suffix diff --git a/charts/openarchiefbeheer/templates/configuration-secrets.yaml b/charts/openarchiefbeheer/templates/configuration-secrets.yaml new file mode 100644 index 0000000..1fd4c13 --- /dev/null +++ b/charts/openarchiefbeheer/templates/configuration-secrets.yaml @@ -0,0 +1,14 @@ +{{- if and .Values.global.configuration.enabled .Values.configuration.enabled}} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "openarchiefbeheer.fullname" . }}-config-secrets + labels: + {{- include "openarchiefbeheer.labels" . | nindent 4 }} +stringData: + {{- if .Values.global.configuration.secrets }} + {{- include "openarchiefbeheer.tplvalues.render" ( dict "value" .Values.global.configuration.secrets "context" $ ) | nindent 4 }} + {{ else }} + {{- include "openarchiefbeheer.tplvalues.render" ( dict "value" .Values.configuration.secrets "context" $ ) | nindent 4 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/openarchiefbeheer/templates/deployment.yaml b/charts/openarchiefbeheer/templates/deployment.yaml index e18b446..00c949d 100644 --- a/charts/openarchiefbeheer/templates/deployment.yaml +++ b/charts/openarchiefbeheer/templates/deployment.yaml @@ -43,6 +43,8 @@ spec: envFrom: - secretRef: name: {{ .Values.existingSecret | default (include "openarchiefbeheer.fullname" .) }} + - secretRef: + name: {{ include "openarchiefbeheer.fullname" . }}-config-secrets - configMapRef: name: {{ include "openarchiefbeheer.fullname" . }} env: diff --git a/charts/openarchiefbeheer/templates/job-config.yaml b/charts/openarchiefbeheer/templates/job-config.yaml new file mode 100644 index 0000000..a2c124c --- /dev/null +++ b/charts/openarchiefbeheer/templates/job-config.yaml @@ -0,0 +1,97 @@ +{{ if and .Values.global.configuration.enabled .Values.configuration.enabled .Values.configuration.job.enabled -}} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "openarchiefbeheer.configName" . }} + labels: + {{- include "openarchiefbeheer.configLabels" . | nindent 4 }} +spec: + backoffLimit: {{ .Values.configuration.job.backoffLimit }} + ttlSecondsAfterFinished: {{ .Values.configuration.job.ttlSecondsAfterFinished }} + template: + metadata: + annotations: + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "openarchiefbeheer.configLabels" . | nindent 8 }} + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "openarchiefbeheer.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + restartPolicy: {{ .Values.configuration.job.restartPolicy }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + envFrom: + - secretRef: + name: {{ .Values.existingSecret | default (include "openarchiefbeheer.fullname" .) }} + - secretRef: + name: {{ include "openarchiefbeheer.fullname" . }}-config-secrets + - configMapRef: + name: {{ include "openarchiefbeheer.fullname" . }} + env: + {{- if .Values.extraEnvVars }} + {{- include "openarchiefbeheer.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + resources: + {{- toYaml .Values.configuration.job.resources | nindent 12 }} + command: + - "/bin/bash" + - "-c" + args: + - | + /usr/bin/envsubst < /app/configuration/configuration.yaml > /tmp/configuration.yaml && + /app/src/manage.py setup_configuration --yaml-file /tmp/configuration.yaml + volumeMounts: + - name: media + mountPath: /app/private-media + subPath: {{ .Values.persistence.privateMediaMountSubpath | default "openarchiefbeheer/private_media" }} + - name: media + mountPath: /app/media + subPath: {{ .Values.persistence.mediaMountSubpath | default "openarchiefbeheer/media" }} + - name: configuration + mountPath: /app/configuration/ + readOnly: true + {{- if .Values.extraVolumeMounts }} + {{- include "openarchiefbeheer.tplvalues.render" ( dict "value" .Values.extraVolumeMounts "context" $ ) | nindent 16 }} + {{- end }} + volumes: + - name: media + persistentVolumeClaim: + {{- if .Values.persistence.enabled }} + claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ include "openarchiefbeheer.fullname" . }}{{- end }} + {{- else }} + emptyDir: { } + {{- end }} + - name: configuration + configMap: + name: {{ include "openarchiefbeheer.fullname" . }}-configuration + defaultMode: 0755 + {{- if .Values.extraVolumes }} + {{- include "openarchiefbeheer.tplvalues.render" ( dict "value" .Values.extraVolumes "context" $ ) | nindent 12 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/openarchiefbeheer/values.yaml b/charts/openarchiefbeheer/values.yaml index a55dcae..f418a91 100644 --- a/charts/openarchiefbeheer/values.yaml +++ b/charts/openarchiefbeheer/values.yaml @@ -1,3 +1,31 @@ +global: + configuration: + enabled: false + secrets: {} + +configuration: + enabled: false + initContainer: + # -- Run the setup configuration command in a init container + enabled: false + job: + # -- Run the setup configuration command as a job + enabled: true + backoffLimit: 6 + # -- 0 Will clean the job after it is finished + ttlSecondsAfterFinished: 0 + restartPolicy: OnFailure + # Note, this field is immutable + resources: {} + # limits: + # cpu: 200m + # memory: 256Mi + # requests: + # cpu: 100m + # memory: 128Mi + secrets: {} + data: "" + tags: redis: true