Merge pull request #145 from owncloud/pepare-chart-3.0.0

adapt to ocis 3.0.0-alpha.1

.drone.star

@@ -4,7 +4,6 @@ config = {
     ],
     # if this changes, also the kubeVersion in the Chart.yaml needs to be changed
     "kubernetesVersions": [
-        "1.23.0",
         "1.24.0",
         "1.25.0",
         "1.26.0",

Makefile

@@ -25,19 +25,7 @@ lint: $(KUBE_LINTER)
 
 
 .PHONY: api
-api: api-1.23.0 api-1.24.0 api-1.25.0 api-1.26.0
-
-
-.PHONY: api-1.23.0
-api-1.23.0: api-1.23.0-template api-1.23.0-kubeconform
-
-.PHONY: api-1.23.0-template
-api-1.23.0-template:
-	helm template --kube-version 1.23.0 charts/ocis -f 'charts/ocis/ci/values_<1.25.0.yaml' > charts/ocis/ci/templated.yaml
-
-.PHONY: api-1.23.0-kubeconform
-api-1.23.0-kubeconform: $(KUBECONFORM)
-	$(KUBECONFORM) -kubernetes-version 1.23.0 -summary -strict charts/ocis/ci/templated.yaml
+api: api-1.24.0 api-1.25.0 api-1.26.0
 
 .PHONY: api-1.24.0
 api-1.24.0: api-1.24.0-template api-1.24.0-kubeconform

charts/ocis/Chart.yaml

@@ -10,11 +10,11 @@ maintainers:
     url: https://owncloud.com
 type: application
 version: 0.1.0
-appVersion: 2.0.0
+appVersion: 3.0.0-alpha.1
 # supported Kubernetes versions
 # should only contain non EOL versions from https://kubernetes.io/releases/patch-releases/#non-active-branch-history
 # if this changes, also kubernetesVersions in .drone.star needs to be changed
-kubeVersion: "~1.23.0 || ~1.24.0 || ~1.25.0 || ~1.26.0"
+kubeVersion: "~1.24.0 || ~1.25.0 || ~1.26.0"
 sources:
   - https://github.com/owncloud/ocis-charts
   - https://github.com/owncloud/ocis

charts/ocis/README.md

@@ -2,7 +2,7 @@
 [comment]: # (DONT EDIT THIS FILE, it is autogenerated. Instead you need to edit README.md.gotmpl)
 
 # ownCloud Infinite Scale (oCIS) Helm chart
-![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.0.0](https://img.shields.io/badge/AppVersion-2.0.0-informational?style=flat-square)
+![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 3.0.0-alpha.1](https://img.shields.io/badge/AppVersion-3.0.0--alpha.1-informational?style=flat-square)
 
 Installs [ownCloud Infinite Scale](https://doc.owncloud.com/ocis/next/).
 

charts/ocis/docs/kube-versions.adoc

@@ -9,6 +9,4 @@ a| [subs=-attributes]
 +~1.25.0+
 a| [subs=-attributes]
 +~1.24.0+
-a| [subs=-attributes]
-+~1.23.0+
 |===

charts/ocis/docs/values-desc-table.adoc

@@ -42,6 +42,12 @@ a| [subs=-attributes]
 a| [subs=-attributes]
 `"noop"`
 | Type of the cache to use. To disable the cache, set to "noop". Can be set to "redis", then the address of Redis nodes needs to be set to `cache.nodes`.
+| configRefs.graphConfigRef
+a| [subs=-attributes]
++string+
+a| [subs=-attributes]
+`"graph"`
+| Reference to an existing graph config.
 | configRefs.storageUsersConfigRef
 a| [subs=-attributes]
 +string+
@@ -678,6 +684,18 @@ a| [subs=-attributes]
 a| [subs=-attributes]
 `{}`
 | Per-service resources configuration. Overrides the default setting from `resources` if set.
+| services.eventhistory
+a| [subs=-attributes]
++object+
+a| [subs=-attributes]
+see detailed service configuration options below
+| EVENT HISTORY service.
+| services.eventhistory.resources
+a| [subs=-attributes]
++object+
+a| [subs=-attributes]
+`{}`
+| Per-service resources configuration. Overrides the default setting from `resources` if set.
 | services.frontend
 a| [subs=-attributes]
 +object+
@@ -906,6 +924,18 @@ a| [subs=-attributes]
 a| [subs=-attributes]
 `{}`
 | Per-service resources configuration. Overrides the default setting from `resources` if set.
+| services.postprocessing
+a| [subs=-attributes]
++object+
+a| [subs=-attributes]
+see detailed service configuration options below
+| POSTPROCESSING service.
+| services.postprocessing.resources
+a| [subs=-attributes]
++object+
+a| [subs=-attributes]
+`{}`
+| Per-service resources configuration. Overrides the default setting from `resources` if set.
 | services.proxy
 a| [subs=-attributes]
 +object+
@@ -1344,6 +1374,18 @@ a| [subs=-attributes]
 a| [subs=-attributes]
 `{}`
 | Per-service resources configuration. Overrides the default setting from `resources` if set.
+| services.userlog
+a| [subs=-attributes]
++object+
+a| [subs=-attributes]
+see detailed service configuration options below
+| USERLOG service.
+| services.userlog.resources
+a| [subs=-attributes]
++object+
+a| [subs=-attributes]
+`{}`
+| Per-service resources configuration. Overrides the default setting from `resources` if set.
 | services.users
 a| [subs=-attributes]
 +object+
@@ -1416,6 +1458,18 @@ a| [subs=-attributes]
 a| [subs=-attributes]
 `{}`
 | Per-service resources configuration. Overrides the default setting from `resources` if set.
+| services.webfinger
+a| [subs=-attributes]
++object+
+a| [subs=-attributes]
+see detailed service configuration options below
+| WEBFINGER service.
+| services.webfinger.resources
+a| [subs=-attributes]
++object+
+a| [subs=-attributes]
+`{}`
+| Per-service resources configuration. Overrides the default setting from `resources` if set.
 | topologySpreadConstraints
 a| [subs=-attributes]
 +string+

charts/ocis/docs/values.adoc.yaml

@@ -254,6 +254,9 @@ ingress:
 configRefs:
   # -- Reference to an existing storage-users config.
   storageUsersConfigRef: "storage-users"
+  # -- Reference to an existing graph config.
+  graphConfigRef: "graph"
+
 
 # References to secrets.
 # The secrets need to be manually created.
@@ -419,6 +422,12 @@ services:
     # -- Per-service resources configuration. Overrides the default setting from `resources` if set.
     resources: {}
 
+  # -- EVENT HISTORY service.
+  # @default -- see detailed service configuration options below
+  eventhistory:
+    # -- Per-service resources configuration. Overrides the default setting from `resources` if set.
+    resources: {}
+
   # -- FRONTEND service.
   # @default -- see detailed service configuration options below
   frontend:
@@ -534,6 +543,12 @@ services:
     # -- Per-service resources configuration. Overrides the default setting from `resources` if set.
     resources: {}
 
+  # -- POSTPROCESSING service.
+  # @default -- see detailed service configuration options below
+  postprocessing:
+    # -- Per-service resources configuration. Overrides the default setting from `resources` if set.
+    resources: {}
+
   # -- PROXY service.
   # @default -- see detailed service configuration options below
   proxy:
@@ -772,10 +787,16 @@ services:
     # -- Per-service resources configuration. Overrides the default setting from `resources` if set.
     resources: {}
 
+  # -- USERLOG service.
+  # @default -- see detailed service configuration options below
+  userlog:
+    # -- Per-service resources configuration. Overrides the default setting from `resources` if set.
+    resources: {}
+
   # -- USERS service.
   # @default -- see detailed service configuration options below
   users:
-      # -- Per-service resources configuration. Overrides the default setting from `resources` if set.
+    # -- Per-service resources configuration. Overrides the default setting from `resources` if set.
     resources: {}
 
   # -- ownCloud WEB service.
@@ -829,3 +850,9 @@ services:
     # -- Per-service resources configuration. Overrides the default setting from `resources` if set.
     resources: {}
 
+  # -- WEBFINGER service.
+  # @default -- see detailed service configuration options below
+  webfinger:
+    # -- Per-service resources configuration. Overrides the default setting from `resources` if set.
+    resources: {}
+

charts/ocis/templates/eventhistory/deployment.yaml

@@ -0,0 +1,118 @@
+{{- $_ := set . "appName" "eventhistory" -}}
+{{- $_ := set . "resources" (default (default (dict) .Values.resources) .Values.services.eventhistory.resources) -}}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .appName }}
+  namespace: {{ template "ocis.namespace" . }}
+  labels:
+    {{- include "ocis.labels" . | nindent 4 }}
+spec:
+  selector:
+    matchLabels:
+      app: {{ .appName }}
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: {{ .appName }}
+        {{- include "ocis.labels" . | nindent 8 }}
+    spec:
+      securityContext:
+          fsGroup: {{ .Values.securityContext.fsGroup }}
+          fsGroupChangePolicy: {{ .Values.securityContext.fsGroupChangePolicy }}
+      {{- with .Values.topologySpreadConstraints }}
+      topologySpreadConstraints:
+        {{- tpl . $ | nindent 8 }}
+      {{- end }}
+      containers:
+        - name: {{ .appName }}
+          image: {{ template "ocis.image" $ }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          command: ["ocis"]
+          args: ["eventhistory", "server"]
+          securityContext:
+            runAsNonRoot: true
+            runAsUser: {{ .Values.securityContext.runAsUser }}
+            runAsGroup: {{ .Values.securityContext.runAsGroup }}
+            readOnlyRootFilesystem: true
+          env:
+            - name: MICRO_REGISTRY
+              value: kubernetes
+
+            - name: EVENTHISTORY_LOG_COLOR
+              value: {{ .Values.logging.color | quote }}
+            - name: EVENTHISTORY_LOG_LEVEL
+              value: {{ .Values.logging.level | quote }}
+            - name: EVENTHISTORY_LOG_PRETTY
+              value: {{ .Values.logging.pretty | quote }}
+
+            - name: EVENTHISTORY_DEBUG_PPROF
+              value: {{ .Values.debug.profiling | quote }}
+
+            - name: EVENTHISTORY_GRPC_ADDR
+              value: 0.0.0.0:8080
+            # - name: EVENTHISTORY_DEBUG_ADDR
+            #   value: 0.0.0.0:8081
+
+            # - name: EVENTHISTORY_STORE_TYPE
+            #   value: "mem" # TODO
+            # - name: EVENTHISTORY_STORE_ADDRESSES
+            #   value: "nats:9233" # TODO
+
+            - name: EVENTHISTORY_EVENTS_ENDPOINT
+            {{- if not .Values.messagingSystem.external.enabled }}
+              value: nats:9233
+            {{- else }}
+              value: {{ .Values.messagingSystem.external.endpoint | quote }}
+            - name: EVENTHISTORY_EVENTS_CLUSTER
+              value: {{ .Values.messagingSystem.external.cluster | quote }}
+            - name: EVENTHISTORY_EVENTS_ENABLE_TLS
+              value: {{ .Values.messagingSystem.external.tls.enabled | quote }}
+            - name: EVENTHISTORY_EVENTS_TLS_INSECURE
+              value: {{ .Values.messagingSystem.external.tls.insecure | quote }}
+            - name: EVENTHISTORY_EVENTS_TLS_ROOT_CA_CERTIFICATE
+              {{- if not .Values.messagingSystem.external.tls.certTrusted }}
+              value: /etc/ocis/messaging-system-ca/messaging-system-ca.crt
+              {{- else }}
+              value: "" # no cert needed
+              {{- end }}
+            {{- end }}
+
+          # TODO: This service does not currently provide a debug port, re-enable this once that is implemented
+          # See: https://github.com/owncloud/ocis-charts/issues/111
+          # livenessProbe:
+          #   httpGet:
+          #     path: /healthz
+          #     port: metrics-debug
+          #   timeoutSeconds: 10
+          #   initialDelaySeconds: 60
+          #   periodSeconds: 20
+          #   failureThreshold: 3
+
+          resources: {{ toYaml .resources | nindent 12 }}
+
+          ports:
+            - name: grpc
+              containerPort: 8080
+            # TODO: This service does not currently provide a debug port, re-enable this once that is implemented
+            # - name: metrics-debug
+            #   containerPort: 8081
+
+          volumeMounts:
+            - name: ocis-config-tmp
+              mountPath: /etc/ocis # we mount that volume only to apply fsGroup to that path
+            - name: messaging-system-ca
+              mountPath: /etc/ocis/messaging-system-ca
+              readOnly: true
+
+      volumes:
+        - name: ocis-config-tmp
+          emptyDir: {}
+        - name: messaging-system-ca
+          {{ if and (.Values.messagingSystem.external.enabled) (not .Values.messagingSystem.external.tls.certTrusted) }}
+          secret:
+            secretName: {{ .Values.secretRefs.messagingSystemCaRef }}
+          {{ else }}
+          emptyDir: {}
+          {{ end }}

charts/ocis/templates/eventhistory/service.yaml

@@ -0,0 +1,20 @@
+{{- $_ := set . "appName" "eventhistory" -}}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .appName }}
+  namespace: {{ template "ocis.namespace" . }}
+  labels:
+    app: {{ .appName }}
+    ocis-metrics: enabled
+    {{- include "ocis.labels" . | nindent 4 }}
+spec:
+  selector:
+    app: {{ .appName }}
+  ports:
+    - name: grpc
+      port: 8080
+      protocol: TCP
+    # - name: metrics-debug
+    #   port: 8081
+    #   protocol: TCP

charts/ocis/templates/graph/deployment.yaml

@@ -157,6 +157,11 @@ spec:
               {{- end }}
             {{- end }}
 
+            - name: GRAPH_APPLICATION_ID
+              valueFrom:
+                configMapKeyRef:
+                  name: {{ .Values.configRefs.graphConfigRef }}
+                  key: application-id
 
             - name: GRAPH_JWT_SECRET
               valueFrom:

charts/ocis/templates/idp/service.yaml

@@ -19,5 +19,4 @@ spec:
     - name: metrics-debug
       port: 9134
       protocol: TCP
-
 {{- end }}