diff --git a/.ci/.yamllint b/.ci/.yamllint new file mode 100644 index 0000000..354f76b --- /dev/null +++ b/.ci/.yamllint @@ -0,0 +1,42 @@ +--- +yaml-files: + - '*.yaml' + - '*.yml' + - '.yamllint' + +rules: + braces: + ignore: | + **.ci** + brackets: enable + colons: enable + commas: enable + comments: + level: warning + comments-indentation: + level: warning + document-end: disable + document-start: + level: warning + ignore: | + **values.yaml** + **override-values.yaml** + empty-lines: enable + empty-values: disable + hyphens: enable + indentation: enable + key-duplicates: enable + key-ordering: disable + line-length: + max: 100 + level: warning + new-line-at-end-of-file: enable + new-lines: enable + octal-values: disable + quoted-strings: disable + trailing-spaces: enable + truthy: + level: warning + +ignore: | + **templates** diff --git a/.ci/CHANGELOG.tpl.md b/.ci/CHANGELOG.tpl.md new file mode 100755 index 0000000..c7d097a --- /dev/null +++ b/.ci/CHANGELOG.tpl.md @@ -0,0 +1,38 @@ +{{ range .Versions }} + +## {{ if .Tag.Previous }}[{{ .Tag.Name }}]({{ $.Info.RepositoryURL }}/compare/{{ .Tag.Previous.Name }}...{{ .Tag.Name }}){{ else }}{{ .Tag.Name }}{{ end }} ({{ datetime "2006-01-02" .Tag.Date }}) + +{{ range .CommitGroups -}} +### {{ .Title }} + +{{ range .Commits -}} +* {{ if .Scope }}**{{ .Scope }}:** {{ end }}{{ .Subject }} +{{ end }} +{{ end -}} + +{{- if .RevertCommits -}} +### Reverts + +{{ range .RevertCommits -}} +* {{ .Revert.Header }} +{{ end }} +{{ end -}} + +{{- if .MergeCommits -}} +### Pull Requests + +{{ range .MergeCommits -}} +* {{ .Header }} +{{ end }} +{{ end -}} + +{{- if .NoteGroups -}} +{{ range .NoteGroups -}} +### {{ .Title }} + +{{ range .Notes }} +{{ .Body }} +{{ end }} +{{ end -}} +{{ end -}} +{{ end -}} diff --git a/.ci/chart_schema.yaml b/.ci/chart_schema.yaml new file mode 100644 index 0000000..61fc3e1 --- /dev/null +++ b/.ci/chart_schema.yaml @@ -0,0 +1,37 @@ +name: str() +home: str(required=False) +version: str() +apiVersion: str() +appVersion: any(str(), num(), required=False) +description: str() +keywords: list(str(), required=False) +sources: list(str(), required=False) +maintainers: list(include('maintainer'), required=False) +dependencies: list(include('dependency'), required=False) +icon: str(required=False) +engine: str(required=False) +condition: str(required=False) +tags: str(required=False) +deprecated: bool(required=False) +kubeVersion: str(required=False) +annotations: map(str(), str(), required=False) +type: str(required=False) +--- +maintainer: + name: str() + email: str(required=False) + url: str(required=False) +--- +dependency: + name: str() + version: str() + repository: str() + condition: str(required=False) + tags: list(str(), required=False) + enabled: bool(required=False) + import-values: any(list(str()), list(include('import-value')), required=False) + alias: str(required=False) +--- +import-value: + child: str() + parent: str() diff --git a/.ci/git-chglog-config.yml b/.ci/git-chglog-config.yml new file mode 100644 index 0000000..96857b8 --- /dev/null +++ b/.ci/git-chglog-config.yml @@ -0,0 +1,34 @@ +style: github +template: CHANGELOG.tpl.md +info: + title: CHANGELOG + repository_url: n +options: + commits: + filters: + Type: + - feat + - fix + - perf + - refactor + - ci + commit_groups: + title_maps: + feat: Features + fix: Bug Fixes + perf: Performance Improvements + refactor: Code Refactoring + ci: CI + header: + pattern: "^(\\w*)(?:\\(([\\w\\$\\.\\-\\*\\s]*)\\))?\\:\\s(.*)$" + pattern_maps: + - Type + - Scope + - Subject + merges: + pattern: "^Merge branch '(\\w+)'$" + pattern_maps: + - Source + notes: + keywords: + - BREAKING CHANGE diff --git a/.ci/lintconf.yaml b/.ci/lintconf.yaml new file mode 100644 index 0000000..de2af7b --- /dev/null +++ b/.ci/lintconf.yaml @@ -0,0 +1,42 @@ +--- +rules: + braces: + min-spaces-inside: 0 + max-spaces-inside: 0 + min-spaces-inside-empty: -1 + max-spaces-inside-empty: -1 + brackets: + min-spaces-inside: 0 + max-spaces-inside: 0 + min-spaces-inside-empty: -1 + max-spaces-inside-empty: -1 + colons: + max-spaces-before: 0 + max-spaces-after: 1 + commas: + max-spaces-before: 0 + min-spaces-after: 1 + max-spaces-after: 1 + comments: + require-starting-space: false + min-spaces-from-content: 1 + document-end: disable + document-start: disable # No --- to start a file + empty-lines: + max: 2 + max-start: 0 + max-end: 0 + hyphens: + max-spaces-after: 1 + indentation: + spaces: consistent + indent-sequences: whatever # - list indentation will handle both indentation and without + check-multi-line-strings: false + key-duplicates: enable + line-length: disable # Lines can be any length + new-line-at-end-of-file: enable + new-lines: + type: unix + trailing-spaces: enable + truthy: + level: warning diff --git a/.ci/scripts/bump.sh b/.ci/scripts/bump.sh new file mode 100755 index 0000000..1579cf1 --- /dev/null +++ b/.ci/scripts/bump.sh @@ -0,0 +1,96 @@ +set -ex +TASK_ROOT=$(pwd) +cd repo +[[ $(ct list-changed --config ct.yaml --since $(head -n1 status) 2>/dev/null) == "" ]] && echo "#### no changes found ####" && exit 0 + +# function git_fetch() { +# if [[ $(git config --get remote.origin.url) == *"git@github.com"* ]]; then +# mkdir -p ~/.ssh +# touch ~/.ssh/id_rsa ~/.ssh/known_hosts +# echo $KEY | base64 -d >~/.ssh/id_rsa +# chmod 600 ~/.ssh/id_rsa +# ssh-keyscan github.com >>~/.ssh/known_hosts + +# git config remote.origin.fetch refs/heads/*:refs/remotes/origin/* +# git fetch --all +# git fetch $(git config --get remote.origin.url) 'refs/tags/*:refs/tags/*' +# else +# git config remote.origin.fetch refs/heads/*:refs/remotes/origin/* +# git fetch --all +# fi +# } +# git_fetch + +## Set git user email and name for commit +git config --global user.email concourse@github-noreply.com +git config --global user.name concourse + +## Insatll YQ +source <(curl -s https://raw.githubusercontent.com/pratikbalar/bash-functions/main/functions.sh) +tarr https://github.com/mikefarah/yq/releases/download/v4.9.3/yq_linux_386.tar.gz yq_linux_386 /usr/bin/yq + +# locked version at v3.2.0 +wget -nv -O /usr/bin/semvertool https://raw.githubusercontent.com/fsaintjacques/semver-tool/20028cb53f340a300b460b423e43f0eac13bcd9a/src/semver +chmod +x /usr/bin/semvertool + +BUMP_PATTERN='^(BREAKING[\-\ ]CHANGE|feat|fix|refactor|perf)(\(.+\))?(!)?' +MAJOR='(^.+!|.*BREAKING[\-\ ]CHANGE)' +MINOR='(^feat)' +PATCH='(^fix|^perf|^refactor)' + +bumpp() { + semvertool bump $1 $2 +} + +## Chart version bumping loop +for chart in $(ct list-changed --config ct.yaml --since $(head -n1 status) 2>/dev/null); do + CHART_NAME=$(yq e '.name' $chart/Chart.yaml) + CHARTS=() + CHARTS+=(${chart}) + echo "Checking version bump for ${CHART_NAME}" + COMMIT_MESSAGE=$(git log --format=%B -n 1 $chart/) + printf "last commit message: \"${COMMIT_MESSAGE}\" \n" + if [[ ${COMMIT_MESSAGE} =~ ${BUMP_PATTERN} ]]; then + OLD_VERSION=$(yq e '.version' $chart/Chart.yaml) + CHARTS+=(${OLD_VERSION}) + if [[ ${COMMIT_MESSAGE} =~ ${MAJOR} ]]; then + BUMP="major" + echo "Bumping ${BUMP}" + elif [[ ${COMMIT_MESSAGE} =~ ${MINOR} ]]; then + BUMP="minor" + echo "Bumping ${BUMP}" + elif [[ ${COMMIT_MESSAGE} =~ ${PATCH} ]]; then + BUMP="patch" + echo "Bumping ${BUMP}" + else + echo "${CHART_NAME}: skipping" + continue + fi + + ## mv bump chart and local commit + ## note: exported NEW_VERSION var so yq can use it with `env` operator + export NEW_VERSION=$(bumpp ${BUMP} ${OLD_VERSION}) + yq eval '.version = env(NEW_VERSION)' $chart/Chart.yaml >$chart/_Chart.yaml + mv $chart/_Chart.yaml $chart/Chart.yaml + + ## Commit new chart version + COMMIT_MSG="bump: ${CHART_NAME}:- ${OLD_VERSION} → ${NEW_VERSION} [ci skip]" + CHARTS+=(${NEW_VERSION}) + echo ${COMMIT_MSG} + git add $chart/Chart.yaml + git commit -m "${COMMIT_MSG}" + + ## add new SHA to array + COMMIT_SHA=$(git log --oneline -n 1 --format=%H) + CHARTS+=(${COMMIT_SHA}) + echo ${CHARTS[*]} >>status + unset CHARTS + else + echo "Not bumpable commits found, skipping" + continue + fi +done + +## Add and commit modified status +git add status +git commit -m "chore(status): modify status pointer [ci skip]" diff --git a/.ci/scripts/lint.sh b/.ci/scripts/lint.sh new file mode 100755 index 0000000..4f48065 --- /dev/null +++ b/.ci/scripts/lint.sh @@ -0,0 +1,8 @@ +set -ex +TASK_ROOT=$(pwd) +cd repo +[[ $(ct list-changed --config ct.yaml --since $(head -n1 status) 2>/dev/null) == "" ]] && echo "#### no changes found ####" && exit 0 + +## ct linting +export HELM_CONFIG_HOME=./ +ct lint --config ct.yaml --since $(head -n1 status) --debug diff --git a/.ci/scripts/package.sh b/.ci/scripts/package.sh new file mode 100755 index 0000000..6a3530c --- /dev/null +++ b/.ci/scripts/package.sh @@ -0,0 +1,24 @@ +set -ex +TASK_ROOT=$(pwd) +cd repo +[[ $(ct list-changed --config ct.yaml --since $(head -n1 status) 2>/dev/null) == "" ]] && echo "#### no changes found ####" && exit 0 + +## Set git user email and name for commiting +git config --global user.email concourse@github-noreply.com +git config --global user.name concourse + +export HELM_CONFIG_HOME=$(pwd)/ +tail -n+2 status >${TASK_ROOT}/bumping +## Package and index charts, taking input from bumping file +while read -r line; do + CHART=($line) + echo "########### Packaging ${CHART[0]} ###########" + helm package -u -d ${TASK_ROOT}/charts/charts ${CHART[0]} + + cd ${TASK_ROOT}/charts + helm repo index --url https://improwised.github.io/charts . + git add . + git commit -m "bump: ${CHART[0]/charts\//}:- ${CHART[1]} → ${CHART[2]}" + + cd ${TASK_ROOT}/repo +done <${TASK_ROOT}/bumping diff --git a/.ci/scripts/pr-lint.sh b/.ci/scripts/pr-lint.sh new file mode 100755 index 0000000..56b62c6 --- /dev/null +++ b/.ci/scripts/pr-lint.sh @@ -0,0 +1,6 @@ +set -ex +TASK_ROOT=$(pwd) +cd repo +## ct linting +export HELM_CONFIG_HOME=./ +ct lint --target-branch master --remote origin --config ct.yaml --debug diff --git a/.ci/scripts/release.sh b/.ci/scripts/release.sh new file mode 100755 index 0000000..693d64c --- /dev/null +++ b/.ci/scripts/release.sh @@ -0,0 +1,72 @@ +set -ex +TASK_ROOT=$(pwd) +cd repo +[[ $(ct list-changed --config ct.yaml --since $(head -n1 status) 2>/dev/null) == "" ]] && echo "#### no changes found ####" && exit 0 + +## Functioon for git feching in concoures for ssh or https based repos +# function git_fetch() { +# if [[ $(git config --get remote.origin.url) == *"git@github.com"* ]]; then +# mkdir -p ~/.ssh +# [[ -z $KEY ]] && echo "#### env var \$KEY not found" && exit 1 +# touch ~/.ssh/id_rsa ~/.ssh/known_hosts +# echo $KEY | base64 -d >~/.ssh/id_rsa +# chmod 700 ~/.ssh/id_rsa +# ssh-keyscan github.com >>~/.ssh/known_hosts + +# git config remote.origin.fetch refs/heads/*:refs/remotes/origin/* +# git fetch --all +# git fetch $(git config --get remote.origin.url) 'refs/tags/*:refs/tags/*' +# else +# git config remote.origin.fetch refs/heads/*:refs/remotes/origin/* +# git fetch --all +# fi +# } +# git_fetch + +## Set git user email and name for commit +git config --global user.email concourse@github-noreply.com +git config --global user.name concourse + +## install necessary tools and setup minio +source <(curl -s https://raw.githubusercontent.com/pratikbalar/bash-functions/main/functions.sh) +tarr https://github.com/tcnksm/ghr/releases/download/v0.13.0/ghr_v0.13.0_linux_amd64.tar.gz ghr_v0.13.0_linux_amd64/ghr /usr/bin/ghr +tarr https://github.com/git-chglog/git-chglog/releases/download/v0.14.2/git-chglog_0.14.2_linux_amd64.tar.gz git-chglog /usr/local/bin/git-chglog + +PROJECT_USERNAME=$(git config --get remote.origin.url | sed 's/git\@github\.com\:\|\.git\|https\:\/\/github\.com\///g' | awk -F\/ '{printf $1}') +PROJECT_REPONAME=$(git config --get remote.origin.url | sed 's/git\@github\.com\:\|\.git\|https\:\/\/github\.com\///g' | awk -F\/ '{printf $2}') +tail -n+2 status >${TASK_ROOT}/bumping + +while read -r line; do + ## Extract info from array + CHART=($line) + CHART_NAME=${CHART[0]/charts\//} + OLD_VERSION=${CHART[1]} + NEW_VERSION=${CHART[2]} + COMMIT_SHA=${CHART[3]} + + ## Create temporary tag for generating generating proper changelog + git tag ${CHART_NAME}-${NEW_VERSION} ${COMMIT_SHA} + git-chglog -o /tmp/${CHART_NAME}-${NEW_VERSION}.md \ + --config .ci/git-chglog-config.yml \ + --path ${CHART} \ + ${CHART_NAME}-${NEW_VERSION} + git tag -d ${CHART_NAME}-${NEW_VERSION} + + ## Github release chart + echo "########### Releasing ${CHART_NAME} chart ###########" + ghr -token "${GITHUB_TOKEN}" \ + -name "${CHART_NAME}-${NEW_VERSION}" \ + -body "$(cat /tmp/${CHART_NAME}-${NEW_VERSION}.md)" \ + -owner "${PROJECT_USERNAME}" \ + -repository "${PROJECT_REPONAME}" \ + -commitish "${COMMIT_SHA}" \ + -replace \ + ${CHART_NAME}-${NEW_VERSION} \ + ${TASK_ROOT}/charts/charts/${CHART_NAME}-${NEW_VERSION}.tgz + +done <${TASK_ROOT}/bumping + +## Move status pointer +git log --oneline -n 1 --format=%H >status +git add status +git commit -m "chore(status): move status pointer [ci skip]" diff --git a/.ci/scripts/test.sh b/.ci/scripts/test.sh new file mode 100755 index 0000000..4c2460c --- /dev/null +++ b/.ci/scripts/test.sh @@ -0,0 +1,67 @@ +set -ex +TASK_ROOT=$(pwd) + +apk add --no-progress --no-cache git + +## Install helm and ct same version +source <(curl -s https://raw.githubusercontent.com/pratikbalar/bash-functions/main/functions.sh) +tarr https://get.helm.sh/helm-${CT_VERSION}-linux-amd64.tar.gz linux-amd64/helm /usr/bin/helm +tarr https://github.com/helm/chart-testing/releases/download/${CT_VERSION}/chart-testing_${CT_VERSION/v/}_linux_amd64.tar.gz ct /usr/bin/ct + +## Check if there any changes +cd repo +[[ $(ct list-changed --config ct.yaml --since $(head -n1 status) 2>/dev/null) == "" ]] && echo "#### no changes found ####" && exit 0 + +## Start Docker +cd .. +source /docker-lib.sh +start_docker + +# Cleanup. +# Not sure if this is required. +# It's quite possible that Concourse is smart enough to clean up the Docker mess itself. +function cleanup() { + docker system prune --all --force --volumes +} +trap cleanup EXIT + +# Strictly speaking, preloading of Docker images is not required. +# However, you might want to do this for a couple of reasons: +# - If the image comes from a private repository, it is much easier to let Concourse pull it, +# and then pass it through to the task. +# - When the image is passed to th e task, Concourse can often get the image from its cache. +KIND_VERSION="${KIND_NODE_VERSION:-$(cat kind-img/tag)}" +docker_load() { + if [[ ! -f kind-img/tag ]]; then + docker pull kindest/node:${KIND_VERSION} + else + docker load -i kind-img/image + docker tag "$(cat kind-img/image-id)" "$(cat kind-img/repository):$(cat kind-img/tag)" + fi +} +docker_load & +wait_docker_load=$! +## installing kubectl +apk add --no-cache --no-progress -X http://dl-cdn.alpinelinux.org/alpine/edge/testing kubectl +curl -Lso /usr/bin/kind https://kind.sigs.k8s.io/dl/v0.10.0/kind-linux-amd64 +chmod a+x /usr/bin/kind + +## create cluster with verbose +wait ${wait_docker_load} +kind create cluster --image kindest/node:"${KIND_VERSION}" --name "${KIND_VERSION}" -v 5 + +## Wait for cluster to come up +kind get clusters +echo "Waiting for cluster to come up" +sleep 20 +while [[ $(kubectl get pods -A -o 'jsonpath={..status.conditions[?(@.type=="Ready")].status}') == *"False"* ]]; do + echo "#### Pods are not ready, waiting... ####" + kubectl get pods -A + sleep 5 +done +echo "#### Cluster is ready ####" +kubectl get all,sc,cs -A + +cd repo +export HELM_CONFIG_HOME=./ +ct install --config ct.yaml --since $(head -n1 status) --debug diff --git a/.ci/task-bump.yaml b/.ci/task-bump.yaml new file mode 100644 index 0000000..c0fc016 --- /dev/null +++ b/.ci/task-bump.yaml @@ -0,0 +1,13 @@ +--- +platform: linux + +inputs: + - name: repo + +outputs: + - name: repo + path: repo + +run: + path: bash + args: [repo/.ci/scripts/bump.sh] diff --git a/.ci/task-lint.yaml b/.ci/task-lint.yaml new file mode 100644 index 0000000..0649d2d --- /dev/null +++ b/.ci/task-lint.yaml @@ -0,0 +1,9 @@ +--- +platform: linux + +inputs: + - name: repo + +run: + path: bash + args: [repo/.ci/scripts/pr-lint.sh] diff --git a/.ci/task-package.yaml b/.ci/task-package.yaml new file mode 100644 index 0000000..dfb1c38 --- /dev/null +++ b/.ci/task-package.yaml @@ -0,0 +1,13 @@ +--- +platform: linux + +inputs: + - name: repo + - name: charts +outputs: + - name: charts + path: charts + +run: + path: bash + args: [repo/.ci/scripts/package.sh] diff --git a/.ci/task-pr-lint.yaml b/.ci/task-pr-lint.yaml new file mode 100644 index 0000000..2964dd8 --- /dev/null +++ b/.ci/task-pr-lint.yaml @@ -0,0 +1,9 @@ +--- +platform: linux + +inputs: + - name: repo + +run: + path: bash + args: [repo/.ci/scripts/lint.sh] diff --git a/.ci/task-release.yaml b/.ci/task-release.yaml new file mode 100644 index 0000000..dc0e3d0 --- /dev/null +++ b/.ci/task-release.yaml @@ -0,0 +1,15 @@ +--- +platform: linux +# image_resource: { type: docker-image, source: { repository: alpine } } + +inputs: + - name: repo + - name: charts + +outputs: + - name: repo + path: repo + +run: + path: bash + args: [repo/.ci/scripts/release.sh] diff --git a/.ci/task-test.yaml b/.ci/task-test.yaml new file mode 100644 index 0000000..99d0526 --- /dev/null +++ b/.ci/task-test.yaml @@ -0,0 +1,12 @@ +--- +platform: linux +image_resource: { type: docker-image, source: { repository: amidos/dcind } } + +inputs: + - name: kind-img + optional: true + - name: repo + +run: + path: bash + args: [repo/.ci/scripts/test.sh] diff --git a/.gitignore b/.gitignore index 66fd13c..4262c04 100644 --- a/.gitignore +++ b/.gitignore @@ -7,9 +7,10 @@ # Test binary, built with `go test -c` *.test - +*.tgz # Output of the go coverage tool, specifically when used with LiteIDE *.out # Dependency directories (remove the comment below to include it) # vendor/ +tmp-* diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..1e1924b --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,27 @@ +# See https://pre-commit.com for more information +# See https://pre-commit.com/hooks.html for more hooks +repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v3.2.0 + hooks: + - id: trailing-whitespace + - id: end-of-file-fixer + - id: check-added-large-files + - id: check-merge-conflict + - id: check-symlinks + - id: detect-private-key + - repo: https://github.com/Yelp/detect-secrets + rev: v1.1.0 + hooks: + - id: detect-secrets + - repo: https://github.com/alessandrojcm/commitlint-pre-commit-hook + rev: v2.2.0 + hooks: + - id: commitlint + stages: [commit-msg] + additional_dependencies: ["@commitlint/config-conventional"] + - repo: https://github.com/adrienverge/yamllint + rev: 85ccd62 + hooks: + - id: yamllint + args: [-c, ".ci/.yamllint"] diff --git a/README.md b/README.md index 41c9ba3..1370466 100644 --- a/README.md +++ b/README.md @@ -25,3 +25,9 @@ helm repo add improwised https://improwised.github.io/charts/ ``` 4. Add appropriate commit message and push it + +## Adding CI first time + +tag each chart with it's last chart version e.g. `-` to it's `sha` + +e.g. `git tag erpnext-1.0.0 asdasdasdasdasda` here assume that `sha` is pointing to that perticular erpnext chart version `1.0.0` diff --git a/charts/erpnext/.helmignore b/charts/erpnext/.helmignore index 50af031..5dad686 100644 --- a/charts/erpnext/.helmignore +++ b/charts/erpnext/.helmignore @@ -20,3 +20,4 @@ .idea/ *.tmproj .vscode/ +ci diff --git a/charts/erpnext/Chart.lock b/charts/erpnext/Chart.lock new file mode 100644 index 0000000..0965dc7 --- /dev/null +++ b/charts/erpnext/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: mariadb + repository: https://charts.bitnami.com/bitnami + version: 9.3.14 +digest: sha256:0815327ab67fe07509fc687ee448701acf9f7aab1927d737512ecc55b9dfb0ef +generated: "2021-06-11T13:53:12.782657536+05:30" diff --git a/charts/erpnext/Chart.yaml b/charts/erpnext/Chart.yaml index 7960e91..7ecc857 100644 --- a/charts/erpnext/Chart.yaml +++ b/charts/erpnext/Chart.yaml @@ -1,7 +1,14 @@ apiVersion: v2 -appVersion: v13.0.1 +appVersion: v13.4.1 description: Kubernetes Helm Chart for the lastest stable ERPNext branch icon: https://raw.githubusercontent.com/frappe/design/master/logos/logo-2018/erpnext-logo-blue.svg name: erpnext type: application -version: 3.0.3 +version: 3.2.5 +maintainers: + - name: improwised +dependencies: + - name: mariadb + version: 9.3.14 + repository: https://charts.bitnami.com/bitnami + condition: mariadb.enabled diff --git a/charts/erpnext/README.md b/charts/erpnext/README.md index 67a345c..50d498b 100644 --- a/charts/erpnext/README.md +++ b/charts/erpnext/README.md @@ -56,40 +56,56 @@ The command removes all the Kubernetes components associated with the chart and The following table lists the configurable parameters of the ERPNext chart and their default values. -| Parameter | Description | Default | -|----------------------------------|--------------------------------------------------------------|---------------------------------| -| `replicaCount` | Replica Count for App Deployments | `1` | -| `nginxImage.repository` | Frappe/ERPNext Nginx Docker image registry | `frappe/erpnext-nginx` | -| `nginxImage.tag` | Frappe/ERPNext Nginx Docker image tag | Latest Stable Release | -| `nginxImage.pullPolicy` | Frappe/ERPNext Nginx Docker image pullPolicy | `IfNotPresent` | -| `pythonImage.repository` | Frappe/ERPNext Python Docker image registry | `frappe/erpnext-worker` | -| `pythonImage.tag` | Frappe/ERPNext Python Docker image tag | Latest Stable Release | -| `pythonImage.pullPolicy` | Frappe/ERPNext Python Docker image pullPolicy | `IfNotPresent` | -| `socketIOImage.repository` | Frappe/ERPNext SocketIO Docker image registry | `frappe/frappe-socketio` | -| `socketIOImage.tag` | Frappe/ERPNext SocketIO Docker image tag | Latest Stable Release | -| `socketIOImage.pullPolicy` | Frappe/ERPNext SocketIO Docker image pullPolicy | `IfNotPresent` | -| `redis.image.repository` | Redis Docker image registry | `bitnami/redis` | -| `redis.image.tag` | Redis Docker image tag | Latest Stable Release | -| `redis.image.pullPolicy` | Redis Docker image pullPolicy | `IfNotPresent` | -| `redis.extraEnv` | Redis Extra Environment Variables | `ALLOW_EMPTY_PASSWORD=true` | -| `frappePyPort` | Frappe/ERPNext Python Gunicorn Worker Port | `8000` | -| `socketIOPort` | Frappe/ERPNext SocketIO Port | `9000` | -| `upstreamRealIPAddress` | Trusted address (or ip range) of upstream proxy servers | `127.0.0.1` | -| `upstreamRealIPRecursive` | Recursive look for upstream proxy server for real IP if `on` | `off` | -| `upstreamRealIPHeader` | Header name sent by your upstream proxy server | `X-Forwarded-For` | -| `mariadbHost` | MariaDB Host to connect (Required) | `nil` | -| `redisQueueHost` | Queue Redis Host to connect (Optional) | `nil` | -| `redisCacheHost` | Cache Redis Host to connect (Optional) | `nil` | -| `redisSocketIOHost` | Socket IO Redis Host to connect (Optional) | `nil` | -| `migrateJob.enable` | Run migrate sites Job after helm install / upgrade | `false` | -| `migrateJob.backup` | Backup before migrate sites Job | `true` | -| `persistence.worker.enable` | Creates PVC with helm release name | `true` | -| `persistence.worker.size` | Creates PVC with size | `8Gi` | -| `persistence.worker.storageClass`| StorageClass with RWX, Required if PVC is created | `nil` | -| `persistence.logs.enable` | Creates PVC for logs volume with helm release name | `true` | -| `persistence.logs.size` | Creates PVC for logs volume with size | `8Gi` | -| `persistence.logs.storageClass` | StorageClass with RWX, Required if PVC is created | `nil` | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` +| Parameter | Description | Default | +|---------------------------------------|--------------------------------------------------------------|---------------------------------| +| `replicaCount` | Replica Count for App Deployments | `1` | +| `nginxImage.repository` | Frappe/ERPNext Nginx Docker image registry | `frappe/erpnext-nginx` | +| `nginxImage.tag` | Frappe/ERPNext Nginx Docker image tag | Latest Stable Release | +| `nginxImage.pullPolicy` | Frappe/ERPNext Nginx Docker image pullPolicy | `IfNotPresent` | +| `nginxImage.nginxConfig` | Frappe/ERPNext Nginx Docker image custom default.conf | `nil` | +| `pythonImage.repository` | Frappe/ERPNext Python Docker image registry | `frappe/erpnext-worker` | +| `pythonImage.tag` | Frappe/ERPNext Python Docker image tag | Latest Stable Release | +| `pythonImage.pullPolicy` | Frappe/ERPNext Python Docker image pullPolicy | `IfNotPresent` | +| `socketIOImage.repository` | Frappe/ERPNext SocketIO Docker image registry | `frappe/frappe-socketio` | +| `socketIOImage.tag` | Frappe/ERPNext SocketIO Docker image tag | Latest Stable Release | +| `socketIOImage.pullPolicy` | Frappe/ERPNext SocketIO Docker image pullPolicy | `IfNotPresent` | +| `redis.image.repository` | Redis Docker image registry | `bitnami/redis` | +| `redis.image.tag` | Redis Docker image tag | Latest Stable Release | +| `redis.image.pullPolicy` | Redis Docker image pullPolicy | `IfNotPresent` | +| `redis.extraEnv` | Redis Extra Environment Variables | `ALLOW_EMPTY_PASSWORD=true` | +| `frappePyPort` | Frappe/ERPNext Python Gunicorn Worker Port | `8000` | +| `socketIOPort` | Frappe/ERPNext SocketIO Port | `9000` | +| `upstreamRealIPAddress` | Trusted address (or ip range) of upstream proxy servers | `127.0.0.1` | +| `upstreamRealIPRecursive` | Recursive look for upstream proxy server for real IP if `on` | `off` | +| `upstreamRealIPHeader` | Header name sent by your upstream proxy server | `X-Forwarded-For` | +| `mariadbHost` | MariaDB Host to connect (Required) | `nil` | +| `redisQueueHost` | Queue Redis Host to connect (Optional) | `nil` | +| `redisCacheHost` | Cache Redis Host to connect (Optional) | `nil` | +| `redisSocketIOHost` | Socket IO Redis Host to connect (Optional) | `nil` | +| `postgresHost` | Postgres Host (Optional) | `nil` | +| `postgresPort` | Postgres Port (Optional) | `nil` | +| `dbRootPassword` | MariaDB Root Password to create first site (Optional) | `nil` | +| `createSite.enabled` | Create First site | `false` | +| `createSite.siteName` | Site name to create the site | `erp.cluster.local` | +| `createSite.dbRootUser` | DB root user to create first site | `root` | +| `createSite.adminPassword` | DB root password to create first site | `admin` | +| `createSite.installApps` | Apps to be installed on site separated by comma (`,`) | `erpnext` | +| `createSite.dropSiteOnUninstall` | Drop created site on uninstall of helm release | `false` | +| `ingress.enabled` | Enable ingress for first site | `false` | +| `ingress.annotations` | Annotation object to be used with ingress | `{}` | +| `ingress.hosts[0].host` | Hostname for the site | `erp.cluster.local` | +| `ingress.hosts[0].paths[0].path` | Ingress Path | `/` | +| `ingress.hosts[0].paths[0].pathType` | Ingress Path Type | `ImplementationSpecific` | +| `ingress.tls` | Ingress TLS array | `[]` | +| `migrateJob.enable` | Run migrate sites Job after helm install / upgrade | `false` | +| `migrateJob.backup` | Backup before migrate sites Job | `true` | +| `persistence.worker.enable` | Creates PVC with helm release name | `true` | +| `persistence.worker.size` | Creates PVC with size | `8Gi` | +| `persistence.worker.storageClass` | StorageClass with RWX, Required if PVC is created | `nil` | +| `persistence.logs.enable` | Creates PVC for logs volume with helm release name | `true` | +| `persistence.logs.size` | Creates PVC for logs volume with size | `8Gi` | +| `persistence.logs.storageClass` | StorageClass with RWX, Required if PVC is created | `nil` | +| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | The above parameters map to the env variables defined in [frappe_docker](http://github.com/frappe/frappe_docker). For more information please refer to the [frappe_docker](http://github.com/frappe/frappe_docker) images documentation. diff --git a/charts/erpnext/ci/override-values.yaml b/charts/erpnext/ci/override-values.yaml new file mode 100644 index 0000000..7b105ec --- /dev/null +++ b/charts/erpnext/ci/override-values.yaml @@ -0,0 +1,194 @@ +# Default values for erpnext. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +nginxImage: + repository: docker.io/improwised/erpnext-nginx + tag: v13.4.1 + pullPolicy: IfNotPresent + # nginxConfig: | + # # custom /etc/nginx/conf.d/default.conf + +pythonImage: + repository: docker.io/improwised/erpnext-worker + tag: v13.4.1 + pullPolicy: IfNotPresent + +socketIOImage: + repository: frappe/frappe-socketio + tag: v13.4.1 + pullPolicy: IfNotPresent + +redis: + image: + repository: bitnami/redis + tag: 5.0.10-debian-10-r105 + pullPolicy: IfNotPresent + extraEnv: + - name: ALLOW_EMPTY_PASSWORD + value: "yes" + +# Asset Image Env Variables +frappePyPort: "8000" +socketIOPort: "9000" + +# upstreamRealIPAddress: "127.0.0.1" +# upstreamRealIPRecursive: "off" +# upstreamRealIPHeader: "X-Forwarded-For" + +mariadb: + enabled: true + auth: + rootPassword: mariadb # pragma: allowlist secret + primary: + persistence: + enabled: false + ## Below, there are some override configs for supporting barracuda engine for Erpnext + configuration: |- + [mysql] # override configuration + default-character-set=utf8mb4 # override configuration + + [mysqld] + innodb-file-format=barracuda # override configuration + innodb-file-per-table=1 # override configuration + innodb-large-prefix=1 # override configuration + character-set-client-handshake=FALSE # override configuration + skip-name-resolve + explicit_defaults_for_timestamp + basedir=/opt/bitnami/mariadb + plugin_dir=/opt/bitnami/mariadb/plugin + port=3306 + socket=/opt/bitnami/mariadb/tmp/mysql.sock + tmpdir=/opt/bitnami/mariadb/tmp + max_allowed_packet=16M + bind-address=0.0.0.0 + pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid + log-error=/opt/bitnami/mariadb/logs/mysqld.log + character-set-server=utf8mb4 # override from UTF8 + collation-server=utf8mb4_unicode_ci # override utf8_general_ci UTF8 + + [client] + port=3306 + socket=/opt/bitnami/mariadb/tmp/mysql.sock + default-character-set=UTF8 + plugin_dir=/opt/bitnami/mariadb/plugin + + [manager] + port=3306 + socket=/opt/bitnami/mariadb/tmp/mysql.sock + pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid + +# Python Image Env Variables +# mariadbHost: "mariadb.mariadb.svc.cluster.local" + +redisQueueHost: "" +redisCacheHost: "" +redisSocketIOHost: "" + +# PostgreSQL related variables +postgresHost: "" +postgresPort: "" + +# Create secrets +# dbRootPassword: mariadb + +# Create first site +createSite: + enabled: false + siteName: "erp.cluster.local" + dbRootUser: "root" + adminPassword: "admin" # pragma: allowlist secret + installApps: "erpnext" + dropSiteOnUninstall: false + +# Ingress +ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + # cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: erp.cluster.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: auth-server-tls + # hosts: + # - auth-server.local + +migrateJob: + # Set this to true to run migrate as part of helm install/upgrade + enable: true + backup: true + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + +podSecurityContext: + supplementalGroups: [1000] + +securityContext: + capabilities: + add: + - all + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 80 + +# Additional Services +socketIOService: + type: ClusterIP + port: 9000 + +redisSocketIOService: + type: ClusterIP + port: 11000 + +redisQueueService: + type: ClusterIP + port: 12000 + +redisCacheService: + type: ClusterIP + port: 13000 + +persistence: + worker: + enabled: true + # existingClaim: "" + size: 5Gi + # storageClass: "local-path" + logs: + enabled: true + # existingClaim: "" + size: 5Gi + # storageClass: "local-path" + +volumePermissions: + enabled: true + +resources: {} + # If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # requests: + # cpu: 100m + # memory: 128Mi + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/charts/erpnext/templates/_helpers.tpl b/charts/erpnext/templates/_helpers.tpl index 88715ae..97ad6b3 100644 --- a/charts/erpnext/templates/_helpers.tpl +++ b/charts/erpnext/templates/_helpers.tpl @@ -95,4 +95,4 @@ Gets the redis cache host name */}} {{- define "erpnext.redisCacheHost" -}} {{ .Values.redisCacheHost }} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/charts/erpnext/templates/configmap-nginx-config.yaml b/charts/erpnext/templates/configmap-nginx-config.yaml new file mode 100644 index 0000000..d64682c --- /dev/null +++ b/charts/erpnext/templates/configmap-nginx-config.yaml @@ -0,0 +1,10 @@ +{{- if .Values.nginxImage.nginxConfig }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "erpnext.fullname" . }}-nginx-config + labels: + {{- include "erpnext.labels" . | nindent 4 }} +data: + default.conf: {{ .Values.nginxImage.nginxConfig | quote }} +{{- end }} diff --git a/charts/erpnext/templates/deployment-erpnext.yaml b/charts/erpnext/templates/deployment-erpnext.yaml index 94e0e52..6264a79 100644 --- a/charts/erpnext/templates/deployment-erpnext.yaml +++ b/charts/erpnext/templates/deployment-erpnext.yaml @@ -23,7 +23,7 @@ spec: serviceAccountName: {{ include "erpnext.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} - {{- if .Values.volumePermissions.enabled }} + {{- if and .Values.volumePermissions.enabled .Values.persistence.worker.enabled }} initContainers: - name: frappe-bench-ownership image: quay.io/libpod/alpine:3.2 @@ -52,6 +52,10 @@ spec: mountPath: /assets - name: sites-dir mountPath: /var/www/html/sites + {{- if .Values.nginxImage.nginxConfig }} + - name: nginx-config + mountPath: /etc/nginx/conf.d + {{- end }} imagePullPolicy: {{ .Values.nginxImage.pullPolicy }} env: - name: "FRAPPE_PY" @@ -74,6 +78,10 @@ spec: - name: "UPSTREAM_REAL_IP_HEADER" value: {{ .Values.upstreamRealIPHeader }} {{- end }} + {{- if .Values.nginxImage.nginxConfig }} + - name: "SKIP_NGINX_TEMPLATE_GENERATION" + value: "1" + {{- end }} ports: - name: http containerPort: 80 @@ -94,7 +102,11 @@ spec: imagePullPolicy: {{ .Values.pythonImage.pullPolicy }} env: - name: "MARIADB_HOST" + {{- if .Values.mariadb.enabled }} + value: {{ .Release.Name }}-mariadb.{{ .Release.Namespace }}.svc + {{- else }} value: {{ required "A valid .Values.mariadbHost entry required!" (include "erpnext.mariadbHost" .) }} + {{- end }} - name: "REDIS_QUEUE" {{- if eq (include "erpnext.redisQueueHost" .) "" }} value: {{ include "erpnext.fullname" . }}-redis-queue:{{ .Values.redisQueueService.port }} @@ -115,16 +127,18 @@ spec: {{- end }} - name: "SOCKETIO_PORT" value: {{ .Values.socketIOPort | quote }} + {{- if .Values.enableProbs }} livenessProbe: tcpSocket: port: {{ .Values.frappePyPort }} - initialDelaySeconds: 5 + initialDelaySeconds: 100 periodSeconds: 10 readinessProbe: tcpSocket: port: {{ .Values.frappePyPort }} - initialDelaySeconds: 5 + initialDelaySeconds: 20 periodSeconds: 10 + {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} volumes: @@ -154,6 +168,11 @@ spec: {{- else }} emptyDir: {} {{- end }} + {{- if .Values.nginxImage.nginxConfig }} + - name: nginx-config + configMap: + name: {{ include "erpnext.fullname" . }}-nginx-config + {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/erpnext/templates/deployment-redis-cache.yaml b/charts/erpnext/templates/deployment-redis-cache.yaml index c284041..145beaf 100644 --- a/charts/erpnext/templates/deployment-redis-cache.yaml +++ b/charts/erpnext/templates/deployment-redis-cache.yaml @@ -48,4 +48,4 @@ spec: port: 6379 initialDelaySeconds: 5 periodSeconds: 10 -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/erpnext/templates/deployment-redis-queue.yaml b/charts/erpnext/templates/deployment-redis-queue.yaml index 812a960..84c5b94 100644 --- a/charts/erpnext/templates/deployment-redis-queue.yaml +++ b/charts/erpnext/templates/deployment-redis-queue.yaml @@ -43,4 +43,4 @@ spec: port: 6379 initialDelaySeconds: 5 periodSeconds: 10 -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/erpnext/templates/deployment-redis-socketio.yaml b/charts/erpnext/templates/deployment-redis-socketio.yaml index 4afc4d0..84f1c17 100644 --- a/charts/erpnext/templates/deployment-redis-socketio.yaml +++ b/charts/erpnext/templates/deployment-redis-socketio.yaml @@ -43,4 +43,4 @@ spec: port: 6379 initialDelaySeconds: 5 periodSeconds: 10 -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/erpnext/templates/deployment-worker-default.yaml b/charts/erpnext/templates/deployment-worker-default.yaml index dff46e3..4fc34fa 100644 --- a/charts/erpnext/templates/deployment-worker-default.yaml +++ b/charts/erpnext/templates/deployment-worker-default.yaml @@ -38,6 +38,7 @@ spec: env: - name: "WORKER_TYPE" value: "default" + {{- if .Values.enableProbs }} livenessProbe: exec: command: @@ -46,7 +47,7 @@ spec: - "-p" - "{{ .Values.postgresHost }}:{{ .Values.postgresPort }}" {{- end }} - initialDelaySeconds: 15 + initialDelaySeconds: 100 periodSeconds: 5 readinessProbe: exec: @@ -56,8 +57,9 @@ spec: - "-p" - "{{ .Values.postgresHost }}:{{ .Values.postgresPort }}" {{- end }} - initialDelaySeconds: 15 + initialDelaySeconds: 20 periodSeconds: 5 + {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} volumes: diff --git a/charts/erpnext/templates/deployment-worker-long.yaml b/charts/erpnext/templates/deployment-worker-long.yaml index 65b1e42..fd51227 100644 --- a/charts/erpnext/templates/deployment-worker-long.yaml +++ b/charts/erpnext/templates/deployment-worker-long.yaml @@ -38,6 +38,7 @@ spec: env: - name: "WORKER_TYPE" value: "long" + {{- if .Values.enableProbs }} livenessProbe: exec: command: @@ -46,7 +47,7 @@ spec: - "-p" - "{{ .Values.postgresHost }}:{{ .Values.postgresPort }}" {{- end }} - initialDelaySeconds: 15 + initialDelaySeconds: 100 periodSeconds: 5 readinessProbe: exec: @@ -56,8 +57,9 @@ spec: - "-p" - "{{ .Values.postgresHost }}:{{ .Values.postgresPort }}" {{- end }} - initialDelaySeconds: 15 + initialDelaySeconds: 20 periodSeconds: 5 + {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} volumes: diff --git a/charts/erpnext/templates/deployment-worker-short.yaml b/charts/erpnext/templates/deployment-worker-short.yaml index 4ab0331..7db7f41 100644 --- a/charts/erpnext/templates/deployment-worker-short.yaml +++ b/charts/erpnext/templates/deployment-worker-short.yaml @@ -38,6 +38,7 @@ spec: env: - name: "WORKER_TYPE" value: "short" + {{- if .Values.enableProbs }} livenessProbe: exec: command: @@ -46,7 +47,7 @@ spec: - "-p" - "{{ .Values.postgresHost }}:{{ .Values.postgresPort }}" {{- end }} - initialDelaySeconds: 15 + initialDelaySeconds: 100 periodSeconds: 5 readinessProbe: exec: @@ -56,8 +57,9 @@ spec: - "-p" - "{{ .Values.postgresHost }}:{{ .Values.postgresPort }}" {{- end }} - initialDelaySeconds: 15 + initialDelaySeconds: 20 periodSeconds: 5 + {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} volumes: diff --git a/charts/erpnext/templates/drop-site-job.yaml b/charts/erpnext/templates/drop-site-job.yaml new file mode 100644 index 0000000..227b130 --- /dev/null +++ b/charts/erpnext/templates/drop-site-job.yaml @@ -0,0 +1,83 @@ +{{- if and (.Values.createSite.dropSiteOnUninstall) (.Values.dbRootPassword) }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "erpnext.fullname" . }}-drop-site + labels: + {{- include "erpnext.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded +spec: + backoffLimit: 1 + template: + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "erpnext.serviceAccountName" $ }} + securityContext: + {{- toYaml $.Values.podSecurityContext | nindent 8 }} + containers: + - name: drop-site + image: "{{ .Values.pythonImage.repository }}:{{ .Values.pythonImage.tag }}" + args: ["drop"] + env: + - name: "SITE_NAME" + value: "{{ .Values.createSite.siteName }}" + - name: "DB_ROOT_USER" + value: "{{ .Values.createSite.dbRootUser }}" + - name: "MYSQL_ROOT_PASSWORD" + valueFrom: + secretKeyRef: + key: dbRootPassword + name: {{ .Release.Name }}-secrets + securityContext: + {{- toYaml $.Values.securityContext | nindent 12 }} + imagePullPolicy: {{ .Values.pythonImage.pullPolicy }} + volumeMounts: + - name: sites-dir + mountPath: /home/frappe/frappe-bench/sites + - name: logs + mountPath: /home/frappe/frappe-bench/logs + restartPolicy: Never + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: sites-dir + {{- if .Values.persistence.worker.enabled }} + persistentVolumeClaim: + {{- if .Values.persistence.worker.existingClaim }} + claimName: {{ .Values.persistence.worker.existingClaim }} + {{- else }} + claimName: {{ template "erpnext.fullname" . }} + {{- end }} + readOnly: false + {{- else }} + emptyDir: {} + {{- end }} + - name: logs + {{- if .Values.persistence.logs.enabled }} + persistentVolumeClaim: + {{- if .Values.persistence.logs.existingClaim }} + claimName: {{ .Values.persistence.logs.existingClaim }} + {{- else }} + claimName: {{ template "erpnext.fullname" . }}-logs + {{- end }} + readOnly: false + {{- else }} + emptyDir: {} + {{- end }} +{{- end }} diff --git a/charts/erpnext/templates/ingress.yaml b/charts/erpnext/templates/ingress.yaml new file mode 100644 index 0000000..b134404 --- /dev/null +++ b/charts/erpnext/templates/ingress.yaml @@ -0,0 +1,40 @@ +{{- if and (.Values.ingress.enabled) (semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion) (.Values.createSite.enabled) -}} +{{- $fullName := include "erpnext.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }}-ingress + labels: + {{- include "erpnext.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: +{{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + pathType: {{ .pathType }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/erpnext/templates/job-backup-sites.yaml b/charts/erpnext/templates/job-backup-sites.yaml new file mode 100644 index 0000000..ee5eaf0 --- /dev/null +++ b/charts/erpnext/templates/job-backup-sites.yaml @@ -0,0 +1,62 @@ +{{- if .Values.migrateJob.backup }} +apiVersion: batch/v1 +kind: Job +metadata: + name: backup-sites-{{ template "erpnext.fullname" . }}-{{ date "20060102150405" .Release.Now }} + labels: + {{- include "erpnext.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": pre-upgrade + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded +spec: + backoffLimit: 1 + template: + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "erpnext.serviceAccountName" $ }} + securityContext: + {{- toYaml $.Values.podSecurityContext | nindent 8 }} + containers: + - name: backup + image: "{{ .Values.pythonImage.repository }}:{{ .Values.pythonImage.tag }}" + args: ["backup"] + imagePullPolicy: {{ .Values.pythonImage.pullPolicy }} + env: + - name: "WITH_FILES" + value: "1" + securityContext: + {{- toYaml $.Values.securityContext | nindent 12 }} + volumeMounts: + - name: sites-dir + mountPath: /home/frappe/frappe-bench/sites + restartPolicy: Never + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: sites-dir + {{- if .Values.persistence.worker.enabled }} + persistentVolumeClaim: + {{- if .Values.persistence.worker.existingClaim }} + claimName: {{ .Values.persistence.worker.existingClaim }} + {{- else }} + claimName: {{ template "erpnext.fullname" . }} + {{- end }} + readOnly: false + {{- else }} + emptyDir: {} + {{- end }} +{{- end }} diff --git a/charts/erpnext/templates/job-create-site.yaml b/charts/erpnext/templates/job-create-site.yaml new file mode 100644 index 0000000..598e2cb --- /dev/null +++ b/charts/erpnext/templates/job-create-site.yaml @@ -0,0 +1,96 @@ +{{- if and (.Values.createSite.enabled) (.Values.dbRootPassword) }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ template "erpnext.fullname" . }}-create-site + labels: + {{- include "erpnext.labels" . | nindent 4 }} +spec: + backoffLimit: 1 + template: + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "erpnext.serviceAccountName" $ }} + securityContext: + {{- toYaml $.Values.podSecurityContext | nindent 8 }} + initContainers: + - name: populate-assets + image: "{{ .Values.nginxImage.repository }}:{{ .Values.nginxImage.tag }}" + command: ["/bin/bash", "-c"] + args: + - "rsync -a --delete /var/www/html/assets/frappe /assets" + volumeMounts: + - name: assets-cache + mountPath: /assets + containers: + - name: create-site + image: "{{ .Values.pythonImage.repository }}:{{ .Values.pythonImage.tag }}" + args: ["new"] + env: + - name: "SITE_NAME" + value: "{{ .Values.createSite.siteName }}" + - name: "DB_ROOT_USER" + value: "{{ .Values.createSite.dbRootUser }}" + - name: "MYSQL_ROOT_PASSWORD" + valueFrom: + secretKeyRef: + key: dbRootPassword + name: {{ .Release.Name }}-secrets + - name: "ADMIN_PASSWORD" + value: "{{ .Values.createSite.adminPassword }}" + - name: "INSTALL_APPS" + value: "{{ .Values.createSite.installApps }}" + securityContext: + {{- toYaml $.Values.securityContext | nindent 12 }} + imagePullPolicy: {{ .Values.pythonImage.pullPolicy }} + volumeMounts: + - name: sites-dir + mountPath: /home/frappe/frappe-bench/sites + - name: assets-cache + mountPath: /home/frappe/frappe-bench/sites/assets + - name: logs + mountPath: /home/frappe/frappe-bench/logs + restartPolicy: Never + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: assets-cache + emptyDir: {} + - name: sites-dir + {{- if .Values.persistence.worker.enabled }} + persistentVolumeClaim: + {{- if .Values.persistence.worker.existingClaim }} + claimName: {{ .Values.persistence.worker.existingClaim }} + {{- else }} + claimName: {{ template "erpnext.fullname" . }} + {{- end }} + readOnly: false + {{- else }} + emptyDir: {} + {{- end }} + - name: logs + {{- if .Values.persistence.logs.enabled }} + persistentVolumeClaim: + {{- if .Values.persistence.logs.existingClaim }} + claimName: {{ .Values.persistence.logs.existingClaim }} + {{- else }} + claimName: {{ template "erpnext.fullname" . }}-logs + {{- end }} + readOnly: false + {{- else }} + emptyDir: {} + {{- end }} +{{- end }} diff --git a/charts/erpnext/templates/job-migrate-sites.yaml b/charts/erpnext/templates/job-migrate-sites.yaml index e5f5e45..ca04e00 100644 --- a/charts/erpnext/templates/job-migrate-sites.yaml +++ b/charts/erpnext/templates/job-migrate-sites.yaml @@ -3,10 +3,20 @@ apiVersion: batch/v1 kind: Job metadata: name: migrate-sites-{{ template "erpnext.fullname" . }}-{{ date "20060102150405" .Release.Now }} + labels: + {{- include "erpnext.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": post-upgrade + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded spec: backoffLimit: 1 template: spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} serviceAccountName: {{ template "erpnext.serviceAccountName" $ }} securityContext: {{- toYaml $.Values.podSecurityContext | nindent 8 }} @@ -32,17 +42,6 @@ spec: volumeMounts: - name: assets-cache mountPath: /assets - {{- if .Values.migrateJob.backup }} - - name: backup - image: "{{ .Values.pythonImage.repository }}:{{ .Values.pythonImage.tag }}" - args: ["backup"] - imagePullPolicy: {{ .Values.pythonImage.pullPolicy }} - securityContext: - {{- toYaml $.Values.securityContext | nindent 12 }} - volumeMounts: - - name: sites-dir - mountPath: /home/frappe/frappe-bench/sites - {{- end }} containers: - name: migrate image: "{{ .Values.pythonImage.repository }}:{{ .Values.pythonImage.tag }}" @@ -61,6 +60,18 @@ spec: - name: logs mountPath: /home/frappe/frappe-bench/logs restartPolicy: Never + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} volumes: - name: assets-cache emptyDir: {} diff --git a/charts/erpnext/templates/pvc.yaml b/charts/erpnext/templates/pvc.yaml index 52b12b7..5926995 100644 --- a/charts/erpnext/templates/pvc.yaml +++ b/charts/erpnext/templates/pvc.yaml @@ -14,5 +14,7 @@ spec: resources: requests: storage: {{ .Values.persistence.worker.size | quote }} - storageClassName: {{ required "A valid .Values.persistence.worker.storageClass entry required!" .Values.persistence.worker.storageClass }} + {{- if .Values.persistence.worker.storageClass }} + storageClassName: {{ .Values.persistence.worker.storageClass }} + {{- end }} {{- end }} diff --git a/charts/erpnext/templates/pvc_logs.yaml b/charts/erpnext/templates/pvc_logs.yaml index d76c235..2c76349 100644 --- a/charts/erpnext/templates/pvc_logs.yaml +++ b/charts/erpnext/templates/pvc_logs.yaml @@ -14,5 +14,7 @@ spec: resources: requests: storage: {{ .Values.persistence.logs.size | quote }} - storageClassName: {{ required "A valid .Values.persistence.logs.storageClass entry required!" .Values.persistence.logs.storageClass }} + {{- if .Values.persistence.logs.storageClass }} + storageClassName: {{ .Values.persistence.logs.storageClass }} + {{- end }} {{- end }} diff --git a/charts/erpnext/templates/redis-queue-service.yaml b/charts/erpnext/templates/redis-queue-service.yaml index 34c002a..5f52dab 100644 --- a/charts/erpnext/templates/redis-queue-service.yaml +++ b/charts/erpnext/templates/redis-queue-service.yaml @@ -13,4 +13,4 @@ spec: selector: app.kubernetes.io/name: {{ include "erpnext.name" . }}-redis-queue app.kubernetes.io/instance: {{ .Release.Name }}-redis-queue -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/erpnext/templates/secret.yaml b/charts/erpnext/templates/secret.yaml new file mode 100644 index 0000000..04ffcee --- /dev/null +++ b/charts/erpnext/templates/secret.yaml @@ -0,0 +1,9 @@ +{{- if .Values.dbRootPassword }} +apiVersion: v1 +data: + dbRootPassword: {{ .Values.dbRootPassword | b64enc | quote }} +kind: Secret +metadata: + name: {{ .Release.Name }}-secrets +type: Opaque +{{- end }} diff --git a/charts/erpnext/templates/tests/test-connection.yaml b/charts/erpnext/templates/tests/test-connection.yaml deleted file mode 100644 index 4c7799f..0000000 --- a/charts/erpnext/templates/tests/test-connection.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: "{{ include "erpnext.fullname" . }}-test-connection" - labels: -{{ include "erpnext.labels" . | nindent 4 }} - annotations: - "helm.sh/hook": test-success -spec: - containers: - - name: wget - image: busybox - command: ['wget'] - args: ['{{ include "erpnext.fullname" . }}:{{ .Values.service.port }}'] - restartPolicy: Never diff --git a/charts/erpnext/values.yaml b/charts/erpnext/values.yaml index e4d08b5..5b6b973 100644 --- a/charts/erpnext/values.yaml +++ b/charts/erpnext/values.yaml @@ -5,18 +5,20 @@ replicaCount: 1 nginxImage: - repository: frappe/erpnext-nginx - tag: v13.0.1 + repository: docker.io/improwised/erpnext-nginx + tag: v13.4.1 pullPolicy: IfNotPresent + # nginxConfig: | + # # custom /etc/nginx/conf.d/default.conf pythonImage: - repository: frappe/erpnext-worker - tag: v13.0.1 + repository: docker.io/improwised/erpnext-worker + tag: v13.4.1 pullPolicy: IfNotPresent socketIOImage: repository: frappe/frappe-socketio - tag: v13.0.2 + tag: v13.4.1 pullPolicy: IfNotPresent redis: @@ -25,8 +27,8 @@ redis: tag: 5.0.10-debian-10-r105 pullPolicy: IfNotPresent extraEnv: - - name: ALLOW_EMPTY_PASSWORD - value: "yes" + - name: ALLOW_EMPTY_PASSWORD + value: "yes" # Asset Image Env Variables frappePyPort: "8000" @@ -36,6 +38,46 @@ socketIOPort: "9000" # upstreamRealIPRecursive: "off" # upstreamRealIPHeader: "X-Forwarded-For" +mariadb: + enabled: false + auth: + rootPassword: mariadb # pragma: allowlist secret + primary: + ## Below, there are some override configs for supporting barracuda engine for Erpnext + configuration: |- + [mysql] # override configuration + default-character-set=utf8mb4 # override configuration + + [mysqld] + innodb-file-format=barracuda # override configuration + innodb-file-per-table=1 # override configuration + innodb-large-prefix=1 # override configuration + character-set-client-handshake=FALSE # override configuration + skip-name-resolve + explicit_defaults_for_timestamp + basedir=/opt/bitnami/mariadb + plugin_dir=/opt/bitnami/mariadb/plugin + port=3306 + socket=/opt/bitnami/mariadb/tmp/mysql.sock + tmpdir=/opt/bitnami/mariadb/tmp + max_allowed_packet=16M + bind-address=0.0.0.0 + pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid + log-error=/opt/bitnami/mariadb/logs/mysqld.log + character-set-server=utf8mb4 # override from UTF8 + collation-server=utf8mb4_unicode_ci # override utf8_general_ci UTF8 + + [client] + port=3306 + socket=/opt/bitnami/mariadb/tmp/mysql.sock + default-character-set=UTF8 + plugin_dir=/opt/bitnami/mariadb/plugin + + [manager] + port=3306 + socket=/opt/bitnami/mariadb/tmp/mysql.sock + pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid + # Python Image Env Variables # mariadbHost: "mariadb.mariadb.svc.cluster.local" @@ -47,6 +89,36 @@ redisSocketIOHost: "" postgresHost: "" postgresPort: "" +# Create secrets +# dbRootPassword: admin + +# Create first site +createSite: + enabled: false + siteName: "erp.cluster.local" + dbRootUser: "root" + adminPassword: "admin" # pragma: allowlist secret + installApps: "erpnext" + dropSiteOnUninstall: false + +# Ingress +ingress: + enabled: false + annotations: + {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + # cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: erp.cluster.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: auth-server-tls + # hosts: + # - auth-server.local + migrateJob: # Set this to true to run migrate as part of helm install/upgrade enable: false @@ -63,10 +135,10 @@ serviceAccount: podSecurityContext: supplementalGroups: [1000] -securityContext: {} - # capabilities: - # drop: - # - ALL +securityContext: + capabilities: + add: + - CAP_CHOWN # readOnlyRootFilesystem: true # runAsNonRoot: true # runAsUser: 1000 @@ -97,15 +169,17 @@ persistence: enabled: true # existingClaim: "" size: 8Gi - # storageClass: "nfs" + # storageClass: "local-path" logs: enabled: true # existingClaim: "" size: 8Gi - # storageClass: "nfs" + # storageClass: "local-path" volumePermissions: - enabled: false + enabled: true + +enableProbs: true resources: {} # If you do want to specify resources, uncomment the following diff --git a/charts/freeipa/.helmignore b/charts/freeipa/.helmignore index 0e8a0eb..c97e2bc 100644 --- a/charts/freeipa/.helmignore +++ b/charts/freeipa/.helmignore @@ -21,3 +21,4 @@ .idea/ *.tmproj .vscode/ +ci diff --git a/charts/freeipa/Chart.yaml b/charts/freeipa/Chart.yaml index 4992b75..3164e68 100644 --- a/charts/freeipa/Chart.yaml +++ b/charts/freeipa/Chart.yaml @@ -1,7 +1,8 @@ apiVersion: v2 name: freeipa description: A Helm chart for Kubernetes - +maintainers: + - name: improwised # A chart can be either an 'application' or a 'library' chart. # # Application charts are a collection of templates that can be packaged into versioned archives @@ -11,12 +12,10 @@ description: A Helm chart for Kubernetes # a dependency of application charts to inject those utilities and functions into the rendering # pipeline. Library charts do not define any templates and therefore cannot be deployed. type: application - # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.0 - +version: 0.2.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. diff --git a/charts/freeipa/ci/override-values.yaml b/charts/freeipa/ci/override-values.yaml new file mode 100644 index 0000000..21b296c --- /dev/null +++ b/charts/freeipa/ci/override-values.yaml @@ -0,0 +1,96 @@ +# Default values for freeipa. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +hostname: freeipa.example.testy + +image: + repository: freeipa/freeipa-server + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "centos-8" + +# args: +# realm: EXAMPLE.TESTY +# domain: example.testy +# dspassword: ASDF1poiu2QWER3mnbv4 +# adminpassword: ASDF1poiu2QWER3mnbv4 +# nohostdns: true +# nontp: true +# setupdns: false +# autoforwarders: true # if setup dns is true thiw will be applicable +# allowzoneoverlap: true # if setup dns is true thiw will be applicable +# sshtrustdns: false + +volumestorage: 1Gi + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + #clusterIP: 10.43.201.201 + port: 80 + +ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: [] + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/charts/freeipa/templates/deployment.yaml b/charts/freeipa/templates/deployment.yaml index 0566f69..be52411 100644 --- a/charts/freeipa/templates/deployment.yaml +++ b/charts/freeipa/templates/deployment.yaml @@ -42,10 +42,10 @@ spec: imagePullPolicy: {{ .Values.image.pullPolicy }} args: - -U - - --realm={{ .Values.args.realm }} - - --domain={{ .Values.args.domain }} - - --ds-password={{ .Values.args.dspassword }} - - --admin-password={{ .Values.args.adminpassword }} + - --realm={{ default "localhost.com" .Values.args.realm }} + - --domain={{ default "localhost" .Values.args.domain }} + - --ds-password={{ default "freeipa" .Values.args.dspassword }} + - --admin-password={{ default "freeipa" .Values.args.adminpassword }} - --unattended {{- if .Values.args.nohostdns }} - --no-host-dns @@ -92,7 +92,7 @@ spec: readOnly: true env: - name: IPA_SERVER_HOSTNAME - value: {{ .Values.hostname }} + value: {{ default "localhost" .Values.hostname }} readinessProbe: exec: command: [ "/usr/bin/systemctl", "status", "ipa" ] diff --git a/charts/freeipa/values.yaml b/charts/freeipa/values.yaml index 1a8e788..4573a96 100644 --- a/charts/freeipa/values.yaml +++ b/charts/freeipa/values.yaml @@ -15,8 +15,8 @@ image: args: realm: EXAMPLE.TESTY domain: example.testy - dspassword: ASDF1poiu2QWER3mnbv4 - adminpassword: ASDF1poiu2QWER3mnbv4 + dspassword: ASDF1poiu2QWER3mnbv4 #pragma: allowlist secret + adminpassword: ASDF1poiu2QWER3mnbv4 #pragma: allowlist secret nohostdns: true nontp: true setupdns: false diff --git a/charts/healthchecks/.helmignore b/charts/healthchecks/.helmignore index a891de4..86a9c55 100644 --- a/charts/healthchecks/.helmignore +++ b/charts/healthchecks/.helmignore @@ -23,4 +23,5 @@ .vscode/ *values-override* *healthchecks-secret* -*fleet* \ No newline at end of file +*fleet* +ci diff --git a/charts/healthchecks/Chart.lock b/charts/healthchecks/Chart.lock new file mode 100644 index 0000000..26bb568 --- /dev/null +++ b/charts/healthchecks/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: postgresql + repository: https://charts.bitnami.com/bitnami + version: 9.1.1 +digest: sha256:4949a7dab1ae4d5ba4f6ecf12667c6b720d385d66d97f14af018e864da292cd7 +generated: "2021-05-14T10:33:25.768505088+05:30" diff --git a/charts/healthchecks/Chart.yaml b/charts/healthchecks/Chart.yaml index 69442cf..337d47a 100644 --- a/charts/healthchecks/Chart.yaml +++ b/charts/healthchecks/Chart.yaml @@ -1,11 +1,10 @@ -version: 1.0.3 +version: 1.0.5 apiVersion: v2 name: healthchecks description: A Helm chart for Kubernetes maintainers: -- email: pratik@improeised.com - name: praitk - + - email: pratik@improeised.com + name: praitk # A chart can be either an 'application' or a 'library' chart. # # Application charts are a collection of templates that can be packaged into versioned archives @@ -15,7 +14,6 @@ maintainers: # a dependency of application charts to inject those utilities and functions into the rendering # pipeline. Library charts do not define any templates and therefore cannot be deployed. type: application - # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) @@ -24,9 +22,8 @@ type: application # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. appVersion: 1.16.0 - sources: -- https://github.com/healthchecks/healthchecks + - https://github.com/healthchecks/healthchecks dependencies: - name: postgresql version: 9.1.1 diff --git a/charts/healthchecks/ci/override-values.yaml b/charts/healthchecks/ci/override-values.yaml new file mode 100644 index 0000000..5bf44a3 --- /dev/null +++ b/charts/healthchecks/ci/override-values.yaml @@ -0,0 +1,111 @@ +# Default values for healthchecks. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: linuxserver/healthchecks + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "amd64-version-v1.16.0" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +# override site root url (SITE_ROOT env) see below for more details +# https://github.com/healthchecks/healthchecks +siterootOverride: "" +# override site name (SITE_NAME env) see below for more details +sitenameOverride: "" + +# for postgres password, email host password, superuser email, superuser password +existingSecret: false + +#configure SMTP host +# email: +# host: +# port: 1025 +# user: test + +# pass more environment variables, more details below +#https://github.com/healthchecks/healthchecks#configuration +# extraenvs: +# EMAIL_USE_TLS: "False" + +probs: + livenessProbe: + httpGet: + path: / + port: http + initialDelaySeconds: 50 + + readinessProbe: + httpGet: + path: / + port: http + initialDelaySeconds: 50 + +service: + type: ClusterIP + port: 8000 + +ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: [] + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +postgresql: + enabled: false + persistence: + enabled: true + postgresqlDatabase: healthchecks + postgresqlUsername: healthchecks + postgresqlPassword: healthchecks #pragma: allowlist secret +# existingSecret: healthchecks-secret + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +podAnnotations: {} +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/charts/healthchecks/templates/_helpers.tpl b/charts/healthchecks/templates/_helpers.tpl index 411dfeb..2949b96 100644 --- a/charts/healthchecks/templates/_helpers.tpl +++ b/charts/healthchecks/templates/_helpers.tpl @@ -50,4 +50,3 @@ Selector labels app.kubernetes.io/name: {{ include "healthchecks.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} - diff --git a/charts/healthchecks/templates/configmap.yaml b/charts/healthchecks/templates/configmap.yaml index f10b489..518b8a1 100644 --- a/charts/healthchecks/templates/configmap.yaml +++ b/charts/healthchecks/templates/configmap.yaml @@ -14,9 +14,11 @@ data: DB_NAME: {{ default "healthckecks" .Values.postgresql.postgresqlDatabase | quote }} DB_USER: {{ default "healthckecks" .Values.postgresql.postgresqlUsername | quote }} {{- end }} + {{- if .Values.email.host }} EMAIL_HOST: {{ .Values.email.host | quote }} EMAIL_PORT: {{ .Values.email.port | quote }} EMAIL_HOST_USER: {{ .Values.email.user | quote }} + {{- end }} {{- if .Values.siterootOverride }} SITE_ROOT: {{ .Values.siterootOverride | quote }} {{- else if .Values.ingress.enabled }} @@ -32,7 +34,7 @@ data: SITE_NAME: {{ .Values.sitenameOverride | quote }} {{- else }} SITE_NAME: "localhost" - {{- end}} + {{- end }} {{- range $key, $val := .Values.extraenvs }} {{ $key }}: {{ $val | quote }} {{- end }} diff --git a/charts/healthchecks/templates/deployment.yaml b/charts/healthchecks/templates/deployment.yaml index 0984d03..f9b6619 100644 --- a/charts/healthchecks/templates/deployment.yaml +++ b/charts/healthchecks/templates/deployment.yaml @@ -35,8 +35,9 @@ spec: envFrom: - configMapRef: name: {{ include "healthchecks.fullname" . }} + optional: true env: - {{- if or .Values.existingSecret }} + {{- if .Values.existingSecret }} - name: DB_PASSWORD valueFrom: secretKeyRef: diff --git a/charts/healthchecks/values.yaml b/charts/healthchecks/values.yaml index ae59d96..5a7b61b 100644 --- a/charts/healthchecks/values.yaml +++ b/charts/healthchecks/values.yaml @@ -21,11 +21,11 @@ siterootOverride: "" sitenameOverride: "" # for postgres password, email host password, superuser email, superuser password -existingSecret: healthchecks-secret +existingSecret: healthchecks-secret #pragma: allowlist secret #configure SMTP host email: - host: + host: port: 1025 user: test @@ -39,10 +39,12 @@ probs: httpGet: path: / port: http + initialDelaySeconds: 50 readinessProbe: httpGet: path: / - port: http + port: http + initialDelaySeconds: 50 service: type: ClusterIP @@ -67,7 +69,7 @@ postgresql: enabled: true postgresqlDatabase: healthchecks postgresqlUsername: healthchecks - postgresqlPassword: healthchecks + postgresqlPassword: healthchecks #pragma: allowlist secret # existingSecret: healthchecks-secret resources: {} diff --git a/charts/n8n-helm/.helmignore b/charts/n8n-helm/.helmignore deleted file mode 100644 index 73df330..0000000 --- a/charts/n8n-helm/.helmignore +++ /dev/null @@ -1,24 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ -./ \ No newline at end of file diff --git a/charts/n8n-helm/Chart.yaml b/charts/n8n-helm/Chart.yaml deleted file mode 100644 index f8de27b..0000000 --- a/charts/n8n-helm/Chart.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: v2 -name: n8n-helm -description: A Helm chart for n8n on Kubernetes -type: application -metadata: - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -# Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.3 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. Versions are not expected to -# follow Semantic Versioning. They should reflect the version the application is using. -appVersion: 0.18.0 -icon: https://n8n.io/n8n-logo.png -keywords: -- n8n -- automation -- nodemation -- workflow-automatio -maintainers: -- email: pratik@improwised.com - name: pratik-{{ .Release.Name }} -sources: -- https://github.com/n8n-io/n8n -- https://hub.docker.com/_/postgres -dependencies: -- condition: postgres.enabled - name: postgresql - repository: "@bitnami" - version: 9.1.1 diff --git a/charts/n8n-helm/README.md b/charts/n8n-helm/README.md deleted file mode 100644 index 4f00cc8..0000000 --- a/charts/n8n-helm/README.md +++ /dev/null @@ -1,111 +0,0 @@ -# n8n-helm chart:chart_with_upwards_trend: ----- - -![n8n.io - Workflow Automation](https://raw.githubusercontent.com/n8n-io/n8n/master/assets/n8n-logo.png) - -[n8n](https://n8n.io/) is an extendable workflow automation tool. With a fair-code distribution model, n8n will always have visible source code, be available to self-host, and allow you to add your own custom functions, logic and apps. n8n's node-based approach makes it highly versatile, enabling you to connect anything to everything. this is unofficial helm chart of n8n - ----- -## Prerequisites -- Kubernetes 1.12+ -- Helm 3.0+ -- PV provisioner support in the underlying infrastructure -- ---- -## Installing the Chart - -To install the chart with the release name `myn8n`: -```sh -$ git clone https://github.com/n8n-helm/n8n-helm.git -$ helm install myn8n ./n8n-helm -# to test chart -$ helm test myn8n -``` - -These commands deploy n8n on the Kubernetes cluster in the default configuration. - -> **Tip**: List all releases using `helm list` ----- -## Uninstalling the Chart - -To uninstall/delete the `myn8n` deployment: - -```bash -$ helm delete myn8n -``` - -The command removes all the Kubernetes components associated with the chart and deletes the release. - -> **note**: Deleting the release will delete attached PVC containing n8n encryption key. Please be cautious before doing it. - ----- -## Parameters - -The following tables lists the configurable parameters of the NGINX Open Source chart and their default values. - -| Parameter| Description| Default| -|--------------------------------------------|----------------------------------------------------------------------------------------------|-----------------------------------------------------------| -| `global.imageRegistry` | Global Docker image registry | haha | -| `image.repository` | n8n Image | `n8nio/n8n` | -| `image.restartPolicy` | n8n Image restart policy | `Always` | -| `image.pullPolicy` | n8n Image pull policy | `IfNotPresent` | -| `image.tag` | tag of Image | `latest` | -| `nameOverride` | String to partially override n8n.fullname template with a string (will prepend the release name) | `nil` | -| `fullnameOverride` | String to fully override postgresql.fullname template with a string | `nil` | -| `commonannotations` | Annotations that will added to all the Kubernetes objects | `{}`(evaluated as a template) | -| `atuh.enabled` | Enbale basic authentication | `false` | -| `atuh.n8nAuthUsername`| Basuc Auth username | `nil` | -| `atuh.n8nAuthPass`| Basuc Auth password | `nil` | -| `existingSecret`| Name of an existing secrets | `nil` | -| `networkPolicy.enabled`| creation of NetworkPolicy | `false` | -| `networkPolicy.explicitNamespacesSelector`| Explicitly Namespaces for Network policy | `{}`(evaluated as a template) | -| `service.type` | Kubernetes Service type | `ClusterIP` | -| `service.port` | n8n port | `5678` | -| `service.annotations` | Annotations for n8n service | `{}`(evaluated as a template) | -| `testFramework.enabled` | enable n8n connection test | `true` | -| `persistence.enabled` | Enable persistence using PVC | `true` | -| `persistence.mountPath` | Path to mount the volume at | `/mnt/n8n/.n8n` | -| `persistence.accessModes` | PVC Access Mode for n8n volume | `[ReadWriteOnce]` | -| `persistence.size` | PVC Storage Request for n8n volume | `2Gi` | -| `ingress.enabled` | Switch to create ingress for n8n deployment | `true` | -| `ingress.hostname` | hostname for ingress | `nil` | -| `ingress.tls` | TLS for ingress | `[]`(evaluated as a template) | -| `ingress.tls.hosts[]` | Array of TLS hosts for ingress record | `[]` | -| `ingress.tls.secretName` | TLS secret name | `n8n.local-tls` | -| `ingress.annotations` | Ingress annotations | `{}`(evaluated as a template) | -| `ingress.certManager` | Annotations for cert-manager | `true` | -| `ingress.secrets[]` | Provide own certificates | `nil` | -| `ingress.secrets[].name` | TLS Secret Name | `nil` | -| `ingress.secrets[].key` | TLS Secret Key | `nil` | -| `ingress.secrets[].certificate` | TLS Secret Name Certificate | `nil` | -| `resources` | 'CPU/Memory resource requests/limits' | Memory: `500Mi`, CPU: `500Mi`(evaluated as a template) | -| `schedulerName` | Name of the k8s scheduler (other than default) | `nil` | -| `nodeSelector` | Node labels for pod assignment for n8n deployment | `{}`(evaluated as a template) | -| `affinity` | Affinity labels for pod assignment for n8n deployment | `{}`(evaluated as a template) | -| `tolerations` | Toleration labels for pod assignment for n8n deployment | `[]` (evaluated as a template) | -| `livenessProbe` | livenessProbe for n8n deployment | `{}`(evaluated as a template) | -| `readinessProbe` | readinessProbe for n8n deployment | `{}`(evaluated as a template) | -| `postgresql.testFramework.enabled` | enable postgres connection test | `true` | -| `postgresql.enabled` | (override) enable or disable postgress | `true` | -| `postgresql.postgresqlUsername` | (override) Postgresql default username | `nodemation` | -| `postgresql.postgresqlDatabase` | (override) Postgresql default database | `nodemation` | -| `postgresql.postgresqlPassword` | (override) Postgresql default password for username | `nodemation` | - - -Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, - -```bash -$ helm install myn8n \ - --set imagePullPolicy=Always \ - ./n8n-helm -``` - -The above command sets the `imagePullPolicy` to `Always`. - -Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, - -```bash -$ helm install myn8n -f values.yaml ./n8n-helm -``` - -> **Tip**: You can use the default [values.yaml](values.yaml) or override your own values.yaml ----- \ No newline at end of file diff --git a/charts/n8n-helm/templates/NOTES.txt b/charts/n8n-helm/templates/NOTES.txt deleted file mode 100644 index ff7016c..0000000 --- a/charts/n8n-helm/templates/NOTES.txt +++ /dev/null @@ -1,4 +0,0 @@ - -1. Wait for 5 second in order to n8n discover and connect to postgress - -2. n8n dashboard URL is http://localhost:5678 diff --git a/charts/n8n-helm/templates/_helpers.tpl b/charts/n8n-helm/templates/_helpers.tpl deleted file mode 100644 index 348c058..0000000 --- a/charts/n8n-helm/templates/_helpers.tpl +++ /dev/null @@ -1,115 +0,0 @@ -{{- define "n8n-helm.common.labels.standard" -}} -app.kubernetes.io/name: {{ default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -helm.sh/chart: {{ printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -app.kubernetes.io/instance: {{ .Release.Name }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -{{- end -}} - -{{/* -Labels to use on deploy.spec.selector.matchLabels and svc.spec.selector -*/}} -{{- define "n8n-helm.common.labels.matchLabels" -}} -app.kubernetes.io/name: {{ default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end -}} - - -{{/* -Expand the name of the chart. -*/}} -{{- define "n8n-helm.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "n8n-helm.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "n8n-helm.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - - -{{/* -Namespace -*/}} -{{- define "n8n-helm.namespace" -}} -{{- default "default" .Values.namespace }} -{{- end }} - - -{{/* -DB Hostname -*/}} -{{- define "n8n-helm.dbhost" -}} -{{ .Release.Name }}-postgresql.{{ .Release.Namespace }}.svc.cluster.local -{{- end }} - - -{{/* -Return the proper Storage Class -*/}} -{{- define "n8n-helm.storageClass" -}} -{{- if .Values.persistence.storageClass -}} - {{- if (eq "-" .Values.persistence.storageClass) -}} -{{- printf "storageClassName: \"\"" -}} - {{- else }} -{{- printf "storageClassName: %s" .Values.persistence.storageClass -}} - {{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Get the password secret. -*/}} -{{- define "n8n-helm.secretName" -}} -{{- if .Values.existingSecret }} -{{- printf "%s" (tpl .Values.existingSecret $) -}} -{{- else -}} -{{- printf "%s-secrets" (include "n8n-helm.fullname" .) -}} -{{- end -}} -{{- end -}} - -{{/* -Renders a value that contains template. -Usage: -{{ include "n8n-hem.tplValue" (dict "value" .Values.path.to.the.Value "context" $) }} -*/}} -{{- define "n8n-hem.tplValue" -}} - {{- if typeIs "string" .value }} - {{- tpl .value .context }} - {{- else }} - {{- tpl (.value | toYaml) .context }} - {{- end }} -{{- end -}} - -{{/* -Return the appropriate apiVersion for networkpolicy. -*/}} -{{- define "n8n-helm.networkPolicy.apiVersion" -}} -{{- if semverCompare ">=1.4-0, <1.7-0" .Capabilities.KubeVersion.GitVersion -}} -"extensions/v1beta1" -{{- else if semverCompare "^1.7-0" .Capabilities.KubeVersion.GitVersion -}} -"networking.k8s.io/v1" -{{- end -}} -{{- end -}} \ No newline at end of file diff --git a/charts/n8n-helm/templates/configs.yaml b/charts/n8n-helm/templates/configs.yaml deleted file mode 100644 index 213e4fa..0000000 --- a/charts/n8n-helm/templates/configs.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "n8n-helm.fullname" . }}-config - labels: - {{- include "n8n-helm.common.labels.standard" . | nindent 4 }} - app: {{ template "n8n-helm.fullname" . }} -data: - DB_TYPE: postgresdb - DB_POSTGRESDB_DATABASE: {{ default "postgres" .Values.postgresql.postgresqlDatabase | quote }} - DB_POSTGRESDB_HOST: {{ template "n8n-helm.dbhost" . }} - DB_POSTGRESDB_PORT: {{ .Values.postgresql.service.port | quote }} - DB_POSTGRESDB_USER: {{ default "postgres" .Values.postgresql.postgresqlUsername | quote }} - {{- if .Values.auth.enable }} - N8N_BASIC_AUTH_ACTIVE: "true" - N8N_BASIC_AUTH_USER: {{ default "nodemation" .Values.auth.n8nAuthUsername | quote }} - {{- end }} \ No newline at end of file diff --git a/charts/n8n-helm/templates/deployment.yaml b/charts/n8n-helm/templates/deployment.yaml deleted file mode 100644 index 034ca91..0000000 --- a/charts/n8n-helm/templates/deployment.yaml +++ /dev/null @@ -1,87 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "n8n-helm.fullname" . }}-deployment - labels: - {{- include "n8n-helm.common.labels.standard" . | nindent 4 }} - app: {{ template "n8n-helm.fullname" . }} -spec: - replicas: {{ default "1" .Values.replicaCount }} - selector: - matchLabels: {{- include "n8n-helm.common.labels.matchLabels" . | nindent 6 }} - app: {{ template "n8n-helm.fullname" . }} - template: - metadata: - labels: - {{- include "n8n-helm.common.labels.standard" . | nindent 8 }} - app: {{ template "n8n-helm.fullname" . }} - annotations: - {{- if .Values.commonannotations }} - {{- range $key, $value := .Values.commonannotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} - spec: - {{- if .Values.schedulerName }} - schedulerName: "{{ .Values.schedulerName }}" - {{- end }} - {{- if .Values.nodeSelector }} - nodeSelector: {{- toYaml .Values.nodeSelector | nindent 8 }} - {{- end }} - {{- if .Values.affinity }} - affinity: {{- toYaml .Values.affinity | nindent 8 }} - {{- end }} - {{- if .Values.tolerations }} - tolerations: {{- toYaml .Values.tolerations | nindent 8 }} - {{- end }} - restartPolicy: {{ .Values.image.restartPolicy }} - containers: - - name: {{ template "n8n-helm.fullname" . }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- if .Values.resources }} - resources: {{- toYaml .Values.resources | nindent 12 }} - {{- end }} - {{- if or .Values.livenessProbe .Values.readinessProbe }} - ports: - - name: http - containerPort: 5678 - {{- end }} - {{- if .Values.livenessProbe }} - livenessProbe: {{- toYaml .Values.livenessProbe | nindent 12 }} - {{- end }} - {{- if .Values.readinessProbe }} - readinessProbe: {{- toYaml .Values.readinessProbe | nindent 12 }} - {{- end }} - command: ["/bin/sh"] - args: ["-c", "sleep 20; n8n start"] - env: - {{- if .Values.auth.enable }} - - name: N8N_BASIC_AUTH_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "n8n-helm.secretName" . }} - key: n8nAuthPass - {{- end }} - {{- if .Values.postgresql.enabled }} - - name: DB_POSTGRESDB_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "n8n-helm.secretName" . }} - key: postgresqlDbPass - {{- end }} - envFrom: - - configMapRef: - name: {{ template "n8n-helm.fullname" . }}-config - ports: - - name: {{ template "n8n-helm.fullname" . }} - containerPort: {{ .Values.service.port }} -{{- if .Values.persistence.enabled }} - volumeMounts: - - name: {{ include "n8n-helm.fullname" . }}-data - mountPath: /root/.n8n - volumes: - - name: {{ include "n8n-helm.fullname" . }}-data - persistentVolumeClaim: - claimName: {{ include "n8n-helm.fullname" . }}-data -{{- end }} \ No newline at end of file diff --git a/charts/n8n-helm/templates/ingress.yaml b/charts/n8n-helm/templates/ingress.yaml deleted file mode 100644 index f9aa260..0000000 --- a/charts/n8n-helm/templates/ingress.yaml +++ /dev/null @@ -1,54 +0,0 @@ -{{- if .Values.ingress.enabled }} -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: {{ template "n8n-helm.fullname" . }}-ingress - labels: - {{- include "n8n-helm.common.labels.standard" . | nindent 4 }} - annotations: - {{- if .Values.ingress.tls }} - ingress.kubernetes.io/secure-backends: "true" - {{- if .Values.ingress.certManager }} - kubernetes.io/tls-acme: "true" - {{- end }} - {{- end }} - {{- range $key, $value := .Values.ingress.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- if .Values.commonannotations }} - {{- range $key, $value := .Values.commonannotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} -spec: - rules: - {{- if .Values.ingress.hostname }} - - host: {{ .Values.ingress.hostname }} - http: - paths: - - path: / - backend: - serviceName: "{{ template "n8n-helm.fullname" . }}-service" - servicePort: {{ .Values.service.port }} - {{- else }} - - http: - paths: - - path: / - backend: - serviceName: "{{ template "n8n-helm.fullname" . }}-service" - servicePort: {{ .Values.service.port }} - {{- end }} - {{- range .Values.ingress.hosts }} - - host: {{ .name }} - http: - paths: - - path: {{ default "/" .path }} - backend: - serviceName: "{{ template "n8n-helm.fullname" . }}-service" - servicePort: {{ $.Values.service.port }} - {{- end }} - {{- if .Values.ingress.tls }} - tls: -{{ toYaml .Values.ingress.tls | indent 4 }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/charts/n8n-helm/templates/networkpolicy.yaml b/charts/n8n-helm/templates/networkpolicy.yaml deleted file mode 100644 index 8b85eee..0000000 --- a/charts/n8n-helm/templates/networkpolicy.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{- if .Values.networkPolicy.enabled }} -kind: NetworkPolicy -apiVersion: {{ template "n8n-helm.networkPolicy.apiVersion" . }} -metadata: - name: {{ template "n8n-helm.fullname" . }} - labels: - {{- include "n8n-helm.common.labels.standard" . | nindent 4 }} - annotations: - {{- if .Values.commonannotations }} - {{- range $key, $value := .Values.commonannotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} -spec: - podSelector: - matchLabels: - {{- include "n8n-helm.common.labels.matchLabels" . | nindent 6 }} - ingress: - - ports: - - port: 5678 - {{- if not .Values.networkPolicy.allowExternal }} - from: - - podSelector: - matchLabels: - {{- include "n8n-helm.common.labels.matchLabels" . | nindent 12 }} - {{- if .Values.networkPolicy.explicitNamespacesSelector }} - namespaceSelector: -{{ toYaml .Values.networkPolicy.explicitNamespacesSelector | indent 12 }} - {{- end }} - {{- end }} - egress: - - ports: - - port: 5678 - {{- if not .Values.networkPolicy.allowExternal }} - to: - - podSelector: - matchLabels: - {{- include "n8n-helm.common.labels.matchLabels" . | nindent 12 }} - {{- if .Values.networkPolicy.explicitNamespacesSelector }} - namespaceSelector: -{{ toYaml .Values.networkPolicy.explicitNamespacesSelector | indent 12 }} - {{- end }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/charts/n8n-helm/templates/pvc.yaml b/charts/n8n-helm/templates/pvc.yaml deleted file mode 100644 index 1d3374d..0000000 --- a/charts/n8n-helm/templates/pvc.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if .Values.persistence.enabled }} -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ include "n8n-helm.fullname" . }}-data - labels: - {{- include "n8n-helm.common.labels.standard" . | nindent 4 }} -spec: - {{ include "n8n-helm.storageClass" . }} - accessModes: - {{- range .Values.persistence.accessModes }} - - {{ . | quote }} - {{- end }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} -{{- end }} \ No newline at end of file diff --git a/charts/n8n-helm/templates/secrets.yaml b/charts/n8n-helm/templates/secrets.yaml deleted file mode 100644 index 6e5e928..0000000 --- a/charts/n8n-helm/templates/secrets.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if not .Values.existingSecret }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ template "n8n-helm.fullname" . }}-secrets - labels: - {{- include "n8n-helm.common.labels.standard" . | nindent 4 }} - app: {{ template "n8n-helm.fullname" . }} -type: Opaque -data: - #DB_POSTGRESDB_PASSWORD - postgresqlDbPass: {{ .Values.postgresql.postgresqlPassword | b64enc | quote }} - - {{- if .Values.auth.enabled }} - #N8N_BASIC_AUTH_PASSWORD - n8nAuthPass: {{ default "nodemation" .Values.auth.n8nAuthPass | b64enc | quote }} - {{- end -}} -{{- end }} \ No newline at end of file diff --git a/charts/n8n-helm/templates/service.yaml b/charts/n8n-helm/templates/service.yaml deleted file mode 100644 index 023878f..0000000 --- a/charts/n8n-helm/templates/service.yaml +++ /dev/null @@ -1,23 +0,0 @@ -kind: Service -apiVersion: v1 -metadata: - name: {{ template "n8n-helm.fullname" . }}-service - labels: - {{- include "n8n-helm.common.labels.standard" . | nindent 4 }} - app: {{ template "n8n-helm.fullname" . }} - annotations: - {{- if .Values.service.annotations }} - {{- include "n8n-hem.tplValue" ( dict "value" .Values.service.annotations "context" $) | nindent 4 }} - {{- end }} - {{- if .Values.commonannotations }} - {{- range $key, $value := .Values.commonannotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} -spec: - selector: {{- include "n8n-helm.common.labels.matchLabels" . | nindent 4 }} - app: {{ template "n8n-helm.fullname" . }} - ports: - - name: {{ template "n8n-helm.fullname" . }} - port: {{ default "5678" .Values.service.port }} - targetPort: {{ default "5678" .Values.service.port }} \ No newline at end of file diff --git a/charts/n8n-helm/templates/tests/test-n8n.yaml b/charts/n8n-helm/templates/tests/test-n8n.yaml deleted file mode 100644 index 7d69fcd..0000000 --- a/charts/n8n-helm/templates/tests/test-n8n.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if .Values.testFramework.enabled }} -apiVersion: v1 -kind: Pod -metadata: - name: n8n-working-test - annotations: - "helm.sh/hook": test-success -spec: - containers: - - name: n8n-working-test - image: "alpine" - imagePullPolicy: {{ .Values.image.pullPolicy }} - env: - - name: N8N_HOST - value: {{ template "n8n-helm.fullname" . }}-service.default.svc.cluster.local:{{ .Values.service.port }} - command: - - /bin/sh - - -ec - - sleep 10; apk update; apk add curl; curl -m 10 -s -o /dev/null -I -w "%{http_code}" $N8N_HOST - restartPolicy: Never -{{- end }} \ No newline at end of file diff --git a/charts/n8n-helm/templates/tests/test-postgres-connection.yaml b/charts/n8n-helm/templates/tests/test-postgres-connection.yaml deleted file mode 100644 index dee278d..0000000 --- a/charts/n8n-helm/templates/tests/test-postgres-connection.yaml +++ /dev/null @@ -1,29 +0,0 @@ -{{- if .Values.postgresql.testFramework.enabled }} -apiVersion: v1 -kind: Pod -metadata: - name: {{ template "postgresql.fullname" . }}-connection-test - annotations: - "helm.sh/hook": test-success -spec: - containers: - - name: {{ template "postgresql.fullname" . }}-connection-test - image: "{{ .Values.postgresql.image.repository }}:{{ .Values.postgresql.image.tag }}" - imagePullPolicy: {{ .Values.postgresql.image.pullPolicy }} - env: - - name: POSTGRES_DB - value: {{ .Values.postgresql.postgresqlDatabase | quote }} - - name: POSTGRES_USER - value: {{ .Values.postgresql.postgresqlUsername | quote }} - - name: POSTGRES_PASS - value: {{ .Values.postgresql.postgresqlPassword | quote }} - - name: POSTGRES_PORT - value: {{ .Values.postgresql.service.port | quote }} - - name: POSTGRES_HOST - value: {{ template "n8n-helm.dbhost" . }} - command: - - /bin/bash - - -ec - - PGPASSWORD=$POSTGRES_PASS psql -h $POSTGRES_HOST -p $POSTGRES_PORT -U $POSTGRES_USER -d $POSTGRES_DB - restartPolicy: Never -{{- end }} diff --git a/charts/n8n-helm/templates/tls-secrets.yaml b/charts/n8n-helm/templates/tls-secrets.yaml deleted file mode 100644 index 24617b2..0000000 --- a/charts/n8n-helm/templates/tls-secrets.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.secrets }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ .name }} - labels: - {{- include "n8n-helm.common.labels.standard" . | nindent 4 }} -type: kubernetes.io/tls -data: - tls.crt: {{ .certificate | b64enc }} - tls.key: {{ .key | b64enc }} ---- -{{- end }} -{{- end }} diff --git a/charts/n8n-helm/values.yaml b/charts/n8n-helm/values.yaml deleted file mode 100644 index 6eec94a..0000000 --- a/charts/n8n-helm/values.yaml +++ /dev/null @@ -1,193 +0,0 @@ -# Default values for n8n-helm. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -replicaCount: 1 - -## String to partially override n8n-helm.fullname template (will maintain the release name) -## -nameOverride: "" - -## common annotations -commonannotations: {} - -## String to fully override n8n-helm.fullname template -## -fullnameOverride: "" - -image: - repository: n8nio/n8n - restartPolicy: Always - tag: "latest" - ## Specify a imagePullPolicy - ## Defaults set to 'IfNotPresent' - ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images - ## - pullPolicy: IfNotPresent - - -auth: - # enable the n8n basic auth - enabled: false - - ## Basic Auth username - ## Defaults to 'nodemation' if not set - #n8nAuthUsername: nodemation - - ## Basic Auth password - ## Defaults to 'nodemation' if not set - #n8nAuthPass: nodemation - -## n8n password using existing secret. which includes n8nAuthPass and -## postgresqlDbPass as key for the respective value -#existingSecret: myn8n-secrets - -networkPolicy: - ## Enable creation of NetworkPolicy resources. Only Ingress traffic is filtered for now. - ## - enabled: false - - ## if explicitNamespacesSelector is missing or set to {}, only client Pods that are in the networkPolicy's namespace - ## and that match other criteria, the ones that have the good label, can reach the DB. - ## But sometimes, we want the DB to be accessible to clients from other namespaces, in this case, we can use this - ## LabelSelector to select these namespaces, note that the networkPolicy's namespace should also be explicitly added. - ## - ## Example: - ## explicitNamespacesSelector: - ## matchLabels: - ## role: frontend - ## matchExpressions: - ## - {key: role, operator: In, values: [frontend]} - explicitNamespacesSelector: {} - -service: - ## Kubernetes service type - type: ClusterIP - ## n8n port - port: 5678 - ## add extra annotation for service - annotations: {} - -testFramework: - ## Set to true to enable testing of n8n - enabled: true - -persistence: - enabled: true - ## A manually managed Persistent Volume and Claim - ## The path the volume will be mounted at, useful when using different - ## - mountPath: /mnt/n8n/.n8n - - ##Storage class as per your provider - #storageClass: "-" - accessModes: - - ReadWriteOnce - size: 2Gi - - -ingress: - ## Set to true to enable ingress - enabled: true - - ## When the ingress is enabled, a host pointing to this will be created if hostname is set. Default it will point to localhost:80 - #hostname: n8n.local.com - - # If tls is set, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set - ## The tls configuration for the ingress - ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls - ## Uncomment below to enable tls / https for let's encrypt / cert-manager - ## Set this to true in order to enable TLS on the ingress record - ## A side effect of this will be that the backend n8n service will be connected at port 443 - #tls: - #- hosts: - # - n8n.local - # secretName: n8n.local-tls - - ## Ingress annotations done as key:value pairs - ## For a full list of possible ingress annotations, please see - ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md - - annotations: {} - - ## Set this to true in order to add the corresponding annotations for cert-manager. validate that tls is set - #certManager: true - - secrets: - ## If you're providing your own certificates, please use this to add the certificates as secrets - ## key and certificate should start with -----BEGIN CERTIFICATE----- or - ## -----BEGIN RSA PRIVATE KEY----- - ## - ## name should line up with a tlsSecret set further up - ## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set - ## - ## It is also possible to create and manage the certificates outside of this helm chart - ## Please see README.md for more information - # - name: n8n.local-tls - # key: - # certificate: - -## Configure resource requests and limits -## ref: http://kubernetes.io/docs/user-guide/compute-resources/ -## -resources: - requests: - memory: "500Mi" - cpu: "500m" - limits: - memory: "500Mi" - cpu: "500m" - -## Use an alternate scheduler, e.g. "stork". -## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ -## -# schedulerName: -## -## n8n parameters -## -## Node, affinity, tolerations, and priorityclass settings for pod assignment -## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector -## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature -## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption -nodeSelector: {} -affinity: {} -tolerations: [] - -## Configure extra options for liveness and readiness probes -## This is http get liveness and readiness probes -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes) - -#livenessProbe: -# httpGet: -# path: / -# port: 5678 -# initialDelaySeconds: 20 -# timeoutSeconds: 10 -# periodSeconds: 5 -# failureThreshold: 2 -# -#readinessProbe: -# httpGet: -# path: / -# port: 5678 -# initialDelaySeconds: 20 -# timeoutSeconds: 10 -# periodSeconds: 5 -# failureThreshold: 2 - -postgresql: - ## enable for testing postgresql connection - testFramework: - enabled: true - ## by default postgress is enable, Whether to deploy a postgress server to use database to store workflows set enables as per your requirements. - enabled: true - #Below are overriden values for postgres db - ## PostgreSQL admin password (used when `postgresqlUsername` is not `postgres`) - #postgresqlPostgresPassword: nodemation - #n8n will connect to postgres using below username if not set then default 'postgres' - postgresqlUsername: postgres - #n8n will connect to below postgres databse if not set then default 'postgres' - postgresqlDatabase: nodemation - #n8n will connect to postgres using below password if not set then default 'postgres' - postgresqlPassword: nodemation \ No newline at end of file diff --git a/commitlint.config.js b/commitlint.config.js new file mode 100644 index 0000000..1d1340f --- /dev/null +++ b/commitlint.config.js @@ -0,0 +1,129 @@ +// https://github.com/conventional-changelog/commitlint/tree/master/@commitlint/config-conventional +module.exports = { + parserPreset: 'conventional-changelog-conventionalcommits', + rules: { + 'body-leading-blank': [1, 'always'], + 'body-max-line-length': [2, 'always', 100], + 'footer-leading-blank': [1, 'always'], + 'footer-max-line-length': [2, 'always', 100], + 'header-max-length': [2, 'always', 100], + 'subject-case': [ + 2, + 'never', + ['sentence-case', 'start-case', 'pascal-case', 'upper-case'], + ], + 'subject-empty': [2, 'never'], + 'subject-full-stop': [2, 'never', '.'], + 'type-case': [2, 'always', 'lower-case'], + 'type-empty': [2, 'never'], + 'type-enum': [ + 2, + 'always', + [ + 'chore', + 'ci', + 'docs', + 'feat', + 'fix', + 'perf', + 'refactor', + 'revert', + 'style', + 'test', + ], + ], + }, + prompt: { + questions: { + type: { + description: "Select the type of change that you're committing:", + enum: { + feat: { + description: 'A new feature', + title: 'Features', + emoji: '✨', + }, + fix: { + description: 'A bug fix', + title: 'Bug Fixes', + emoji: '🐛', + }, + docs: { + description: 'Documentation only changes', + title: 'Documentation', + emoji: '📚', + }, + style: { + description: + 'Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc)', + title: 'Styles', + emoji: '💎', + }, + refactor: { + description: + 'A code change that neither fixes a bug nor adds a feature', + title: 'Code Refactoring', + emoji: '📦', + }, + perf: { + description: 'A code change that improves performance', + title: 'Performance Improvements', + emoji: '🚀', + }, + test: { + description: 'Adding missing tests or correcting existing tests', + title: 'Tests', + emoji: '🚨', + }, + ci: { + description: + 'Changes to our CI configuration files and scripts (example scopes: Travis, Circle, BrowserStack, SauceLabs)', + title: 'Continuous Integrations', + emoji: '⚙️', + }, + chore: { + description: "Other changes that don't modify src or test files", + title: 'Chores', + emoji: '♻️', + }, + revert: { + description: 'Reverts a previous commit', + title: 'Reverts', + emoji: '🗑', + }, + }, + }, + scope: { + description: + 'What is the scope of this change (e.g. component or file name)', + }, + subject: { + description: + 'Write a short, imperative tense description of the change', + }, + body: { + description: 'Provide a longer description of the change', + }, + isBreaking: { + description: 'Are there any breaking changes?', + }, + breakingBody: { + description: + 'A BREAKING CHANGE commit requires a body. Please enter a longer description of the commit itself', + }, + breaking: { + description: 'Describe the breaking changes', + }, + isIssueAffected: { + description: 'Does this change affect any open issues?', + }, + issuesBody: { + description: + 'If issues are closed, the commit requires a body. Please enter a longer description of the commit itself', + }, + issues: { + description: 'Add issue references (e.g. "fix #123", "re #123".)', + }, + }, + }, +}; diff --git a/ct.yaml b/ct.yaml new file mode 100644 index 0000000..8bb9f9c --- /dev/null +++ b/ct.yaml @@ -0,0 +1,13 @@ +remote: origin +target-branch: introduce-chart-testing +lint-conf: .ci/lintconf.yaml +chart-yaml-schema: .ci/chart_schema.yaml +check-version-increment: false +chart-dirs: + - charts +chart-repos: + - bitnami=https://charts.bitnami.com/bitnami + - stable=https://charts.helm.sh/stable +helm-extra-args: --timeout 500s +excluded-charts: + - freeipa diff --git a/repositories.yaml b/repositories.yaml new file mode 100644 index 0000000..f63794c --- /dev/null +++ b/repositories.yaml @@ -0,0 +1,19 @@ +apiVersion: "" +generated: "0001-01-01T00:00:00Z" +repositories: + - caFile: "" + certFile: "" + insecure_skip_tls_verify: false + keyFile: "" + name: bitnami + password: "" + url: https://charts.bitnami.com/bitnami + username: "" + - caFile: "" + certFile: "" + insecure_skip_tls_verify: false + keyFile: "" + name: stable + password: "" + url: https://charts.helm.sh/stable + username: "" diff --git a/status b/status new file mode 100644 index 0000000..95d498a --- /dev/null +++ b/status @@ -0,0 +1 @@ +b6a1fa5d23969f1d25927bbcbfa87c61abcbd92c