Merge pull request #32 from tum-gis/feature/customVol-Mnt-Init

Generalized support for overwriting/extending `initContainers`, `volumes`, `volumeMounts`
tum-gis · Feb 27, 2024 · 3c80f59 · 3c80f59
2 parents c4b9ce1 + 4570519
commit 3c80f59
Show file tree

Hide file tree

Showing 12 changed files with 141 additions and 104 deletions.
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
 repos:
   - repo: https://github.com/norwoodj/helm-docs
-    rev: v1.11.0
+    rev: v1.13.0
     hooks:
       - id: helm-docs
         args:

diff --git a/charts/sddi-ckan/Chart.yaml b/charts/sddi-ckan/Chart.yaml
@@ -48,3 +48,8 @@ dependencies:
     condition: cert-manager.enabled
     version: "^1"
     repository: https://charts.jetstack.io
+  - name: common
+    repository: oci://registry-1.docker.io/bitnamicharts
+    tags:
+    - bitnami-common
+    version: 2.x.x
diff --git a/charts/sddi-ckan/README.md b/charts/sddi-ckan/README.md
@@ -32,6 +32,7 @@ Kubernetes: `>= 1.23.0-0`
 |  | solr | * |
 | https://charts.jetstack.io | cert-manager(cert-manager) | ^1 |
 | https://kubernetes.github.io/ingress-nginx | ingress-nginx(ingress-nginx) | ^4 |
+| oci://registry-1.docker.io/bitnamicharts | common | 2.x.x |
 
 ## Values
 
@@ -74,5 +75,3 @@ Kubernetes: `>= 1.23.0-0`
 | redis.enabled | bool | `true` | Enable/disable Redis instance. Disable, if an external Redis instance is used. |
 | solr.enabled | bool | `true` | Enable/disable Apache Solr instance. Disable, if an external Solr instance is used. |
 
-----------------------------------------------
-Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0)
diff --git a/charts/sddi-ckan/charts/certIssuer/README.md b/charts/sddi-ckan/charts/certIssuer/README.md
@@ -12,5 +12,3 @@ Namespace Issuers for CertManager.
 | enabled | bool | `true` | Enable/disable namespace [Issuers](https://cert-manager.io/docs/concepts/issuer/) for CertManager. |
 | issuerEmail | string | `"example@email.com"` | eMail address for registration with Let's Encrypt account. Note: This is overwritten by `global.ingress.certManager.issuerEmail`, if set. |
 
-----------------------------------------------
-Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0)
diff --git a/charts/sddi-ckan/charts/ckan/README.md b/charts/sddi-ckan/charts/ckan/README.md
@@ -66,9 +66,12 @@ A Helm chart for SDDI enabled CKAN.
 | db.dbname | string | `"ckan_default"` | CKAN database database name, used to build `sqlalchemy.url` see [CKAN database settings](https://docs.ckan.org/en/latest/maintaining/configuration.html#database-settings) |
 | db.host | string | `"postgis"` | CKAN database host, used to build `sqlalchemy.url` see [CKAN database settings](https://docs.ckan.org/en/latest/maintaining/configuration.html#database-settings) |
 | db.port | int | `5432` | CKAN database port, used to build `sqlalchemy.url` see [CKAN database settings](https://docs.ckan.org/en/latest/maintaining/configuration.html#database-settings) |
-| defaultViews | string | `"image_view recline_view text_view geo_view geojson_view wmts_view shp_view"` | [CKAN config dafault_views](https://docs.ckan.org/en/latest/maintaining/configuration.html#ckan-views-default-views): **Note**: Make sure the required view plugins are loaded! |
+| defaultViews | string | See [`values.yml`](values.yml) for the default values. | [CKAN config dafault_views](https://docs.ckan.org/en/latest/maintaining/configuration.html#ckan-views-default-views): **Note**: Make sure the required view plugins are loaded! |
 | enabled | bool | `true` | Enable/disable CKAN |
 | extraEnv | object | `{}` | Extra environment variables. Values need to be quoted. This can be used to overwrite or extend [CKAN settings](https://docs.ckan.org/en/latest/maintaining/configuration.html#ckan-configuration-file). See [ckanext-envvars](https://github.com/okfn/ckanext-envvars) for variable naming conventions. |
+| extraInitContainers | list | `[]` | Sets additional [`initContainers`](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/). The initContainers specified here, are appended to the ones specified in `initContainers`. |
+| extraVolumeMounts | list | `[]` | Sets additional [`volumeMounts`](https://kubernetes.io/docs/concepts/storage/volumes). The volumeMounts specified here, are appended to the ones specified in `volumeMounts`. |
+| extraVolumes | list | `[]` | Sets additional [`volumes`](https://kubernetes.io/docs/concepts/storage/volumes). The volumes specified here, are appended to the ones specified in `volumes`. |
 | favicon | string | `"/base/images/ckan.ico"` | Path to CKAN favicon. Custom logos will be located in e.g. `/webassets/`. See `webassets.path` setting. [CKAN config site_id](https://docs.ckan.org/en/latest/maintaining/configuration.html#ckan-site-logo) |
 | featured.groups | string | `"dataset online-application online-service project software method device geoobject"` | [CKAN featured groups settings](https://docs.ckan.org/en/latest/maintaining/configuration.html#ckan-featured-groups) |
 | featured.orgs | string | `"bayerische-vermessungsverwaltung lehrstuhl-fur-geoinformatik bayern-innovativ"` | [CKAN featured orgs settings](https://docs.ckan.org/en/latest/maintaining/configuration.html#ckan-featured-orgs) |
@@ -79,7 +82,7 @@ A Helm chart for SDDI enabled CKAN.
 | image.tag | string | `""` | Overrides the image tag whose default is the chart `appVersion`. |
 | imagePullSecrets | list | `[]` | [Image pull secrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/) |
 | ingress.annotations | string | `nil` | Additional Ingress annotations |
-| ingress.certManager | object | `{"issuerEmail":"me@example.com","issuerName":"letsencrypt-staging","issuerType":"namespace"}` | Additional Ingress annotation for e.g. CORS, timeouts, SSL settings. See [nginx-ingress annotations docs](https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md) for more. |
+| ingress.certManager | object | See [`values.yml`](values.yml) for the default values. | Additional Ingress annotation for e.g. CORS, timeouts, SSL settings. See [nginx-ingress annotations docs](https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md) for more. |
 | ingress.certManager.issuerEmail | string | `"me@example.com"` | eMail address for ACME registration with Let's Encrypt. Only used for issuerType = namespace. |
 | ingress.certManager.issuerName | string | `"letsencrypt-staging"` | Name of the Issuer to use. For certManager.type = namespace `letsencrypt-staging`, `letsencrypt-prod` and `self-signed` are available. |
 | ingress.certManager.issuerType | string | `"namespace"` | Type of [cert-manager](https://cert-manager.io/docs/) Issuer: Use either "namespace" or "cluster". |
@@ -95,17 +98,16 @@ A Helm chart for SDDI enabled CKAN.
 | ingress.stickySessions.sessionCookie.path | string | `"/"` | [Nginx Ingress Controller Sticky sessions](https://kubernetes.github.io/ingress-nginx/examples/affinity/cookie/) |
 | ingress.stickySessions.sessionCookie.secure | string | `"false"` | [Nginx Ingress Controller Sticky sessions](https://kubernetes.github.io/ingress-nginx/examples/affinity/cookie/) |
 | ingress.tls.secretName | string | `nil` | Specify a custom tls secret name. This overwrites `global.ingress.tls.secretName`. |
-| initContainers.initdata.image | object | `{"repository":"busybox","tag":"latest"}` | Image used to initialize `persistence.storagePath`. |
-| initContainers.pgready.image | object | `{"repository":"bwibo/k8s-init-container","tag":"latest"}` | Image used for testing PostgresSQL database readiness. |
-| licensesGroupUrl | string | `"https://raw.githubusercontent.com/tum-gis/ckanext-grouphierarchy-sddi/main/ckanext/grouphierarchy/licenses_SDDI.json"` | [CKAN licences group url](https://docs.ckan.org/en/latest/maintaining/configuration.html#licenses-group-url): A URL pointing to a JSON file containing a list of license objects. |
+| initContainers | list | See `values.yml` for the list of default initContainers. | Sets [`initContainers`](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/). Set to `[]` to disable the default initContainers. Set to any list of initContainer definitions to overwrite the default initContainers. Use `extraInitContainers` to extend the default initContainers. |
+| licensesGroupUrl | string | See [`values.yml`](values.yml) for the default values. | [CKAN licences group url](https://docs.ckan.org/en/latest/maintaining/configuration.html#licenses-group-url): A URL pointing to a JSON file containing a list of license objects. |
 | liveness.failureThreshold | int | `6` | Failure threshold for the liveness probe |
 | liveness.initialDelaySeconds | int | `20` | Initial delay for the liveness probe |
 | liveness.periodSeconds | int | `10` | Check interval for the liveness probe |
 | liveness.timeoutSeconds | int | `10` | Timeout interval for the liveness probe |
 | locale.default | string | `"de"` | CKAN default locale, see [CKAN internationalization settings](https://docs.ckan.org/en/latest/maintaining/configuration.html#internationalisation-settings) |
 | locale.filtered_out | string | `"en_GB"` | CKAN locales filtered out, see [CKAN internationalization settings](https://docs.ckan.org/en/latest/maintaining/configuration.html#internationalisation-settings) |
 | locale.offered | string | `"de en"` | CKAN locales offered, see [CKAN internationalization settings](https://docs.ckan.org/en/latest/maintaining/configuration.html#internationalisation-settings) |
-| locale.order | string | `"de en pt_BR ja it cs_CZ ca es fr el sv sr sr@latin no sk fi ru de pl nl bg ko_KR hu sa sl lv"` | CKAN locale order, see [CKAN internationalization settings](https://docs.ckan.org/en/latest/maintaining/configuration.html#internationalisation-settings) |
+| locale.order | string | See [`values.yml`](values.yml) for the default values. | CKAN locale order, see [CKAN internationalization settings](https://docs.ckan.org/en/latest/maintaining/configuration.html#internationalisation-settings) |
 | maxUploadSizeMB | int | `250` | Max file upload size in MB. Note: This setting is mapped to the `nginx.ingress.kubernetes.io/proxy-body-size: "600m"` and `nginx.org/client-max-body-size: "600m"` CKAN Ingress annotations too. |
 | nameOverride | string | `""` | Override name |
 | nodeSelector | object | `{}` | [k8s: Assign pods to nodes](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/) |
@@ -173,7 +175,7 @@ A Helm chart for SDDI enabled CKAN.
 | sysadmin.password | string | `"changeMe"` | CKAN admin password: Note: Min. password length = 8 chars! |
 | sysadmin.user | string | `"admin"` | CKAN admin username |
 | tolerations | list | `[]` | [k8S: Taints and tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) |
+| volumeMounts | list | See [`values.yml`](values.yml) for the list of default volumeMounts. | Sets [`volumeMounts`](https://kubernetes.io/docs/concepts/storage/volumes). Set to `[]` to disable the default volumeMounts. Set to any list of volumeMount definitions to overwrite the default volumeMounts. Use `extraVolumeMounts` to extend the default volumeMounts. |
+| volumes | list | See [`values.yml`](values.yml) for the list of default volumes. | Sets [`volumes`](https://kubernetes.io/docs/concepts/storage/volumes). Set to `[]` to disable the default volumes. Set to any list of volume definitions to overwrite the default volumes. Use `extraVolumes` to extend the default volumes. |
 | webassets.path | string | `nil` | Webassets storage path, see [CKAN webassets settings](https://docs.ckan.org/en/latest/maintaining/configuration.html#webassets-settings) This should point to the location of webassets in the CKAN image. The path may vary depending on the CKAN Docker image used. |
 
-----------------------------------------------
-Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0)
diff --git a/charts/sddi-ckan/charts/ckan/templates/ckan-depl.yml b/charts/sddi-ckan/charts/ckan/templates/ckan-depl.yml
@@ -42,37 +42,22 @@ spec:
         {{- toYaml .Values.podSecurityContext | nindent 8 }}
 
       volumes:
-        - name: data
-          emptyDir: {}
+      {{- if .Values.volumes }}
+      {{- include "common.tplvalues.render" ( dict "value" .Values.volumes  "context" $ ) | nindent 8 }}
+      {{- end }}
 
-      initContainers:
-      - name: init-data
-        image: "{{ .Values.initContainers.initdata.image.repository }}:{{ .Values.initContainers.initdata.image.tag }}"
-        command: ["sh", "-c", "chown -Rv 92:92 {{ .Values.persistence.storagePath }}"]
-        # securityContext:
-        #   runAsUser: 0
-        #   runAsGroup: 0
+      {{- if .Values.extraVolumes }}
+      {{- include "common.tplvalues.render" ( dict "value" .Values.extraVolumes  "context" $ ) | nindent 8 }}
+      {{- end }}
 
-        volumeMounts:
-        - name: data
-          mountPath: {{ .Values.persistence.storagePath }}
-          readOnly: false
+      initContainers:
+      {{- if .Values.initContainers }}
+      {{- include "common.tplvalues.render" ( dict "value" .Values.initContainers  "context" $ ) | nindent 8 }}
+      {{- end }}
 
-      - name: pg-ready
-        image: "{{ .Values.initContainers.pgready.image.repository }}:{{ .Values.initContainers.pgready.image.tag }}"
-        command:
-          - pg_isready
-        env:
-          - name: PGHOST
-            value: {{ .Values.global.db.host | default .Values.db.host | quote }}
-          - name: PGPORT
-            value: {{ .Values.global.db.port | default .Values.db.port | quote }}
-          - name: PGDATABASE
-            value: {{ .Values.global.db.dbname | default .Values.db.dbname | quote }}
-          - name: PGUSER
-            value: {{ .Values.global.db.auth.username | default .Values.db.auth.username | quote }}
-          - name: PGPASSWORD
-            value: {{ .Values.global.db.auth.password | default .Values.db.auth.password | quote }}
+      {{- if .Values.extraInitContainers }}
+      {{- include "common.tplvalues.render" ( dict "value" .Values.extraInitContainers  "context" $ ) | nindent 8 }}
+      {{- end }}
 
       containers:
         - name: {{ .Chart.Name }}
@@ -86,9 +71,13 @@ spec:
               protocol: TCP
 
           volumeMounts:
-          - name: data
-            mountPath: {{ .Values.persistence.storagePath }}
-            readOnly: false
+          {{- if .Values.volumeMounts }}
+          {{- include "common.tplvalues.render" ( dict "value" .Values.volumeMounts  "context" $ ) | nindent 10 }}
+          {{- end }}
+
+          {{- if .Values.extraVolumeMounts }}
+          {{- include "common.tplvalues.render" ( dict "value" .Values.extraVolumeMounts  "context" $ ) | nindent 10 }}
+          {{- end }}
 
           envFrom:
             - configMapRef:

diff --git a/charts/sddi-ckan/charts/ckan/templates/ckan-statefulset.yml b/charts/sddi-ckan/charts/ckan/templates/ckan-statefulset.yml
@@ -41,35 +41,22 @@ spec:
         {{- toYaml .Values.podSecurityContext | nindent 8 }}
 
       volumes:
-        - name: data
-          persistentVolumeClaim:
-            claimName: {{ include "ckan.fullname" . }}
+      {{- if .Values.volumes }}
+      {{- include "common.tplvalues.render" ( dict "value" .Values.volumes  "context" $ ) | nindent 8 }}
+      {{- end }}
 
-      initContainers:
-      - name: init-data
-        image: "{{ .Values.initContainers.initdata.image.repository }}:{{ .Values.initContainers.initdata.image.tag }}"
-        command: ["sh", "-c", "chown -Rv 92:92 {{ .Values.persistence.storagePath }}"]
-        volumeMounts:
-        - name: data
-          mountPath: {{ .Values.persistence.storagePath }}
-          readOnly: false
+      {{- if .Values.extraVolumes }}
+      {{- include "common.tplvalues.render" ( dict "value" .Values.extraVolumes  "context" $ ) | nindent 8 }}
+      {{- end }}
 
-      - name: pg-ready
-        image: "{{ .Values.initContainers.pgready.image.repository }}:{{ .Values.initContainers.pgready.image.tag }}"
-        command:
-          - pg_isready
-        env:
-          - name: PGHOST
-            value: {{ .Values.global.db.host | default .Values.db.host | quote }}
-          - name: PGPORT
-            value: {{ .Values.global.db.port | default .Values.db.port | quote }}
-          - name: PGDATABASE
-            value: {{ .Values.global.db.dbname | default .Values.db.dbname | quote }}
-          - name: PGUSER
-            value: {{ .Values.global.db.auth.username | default .Values.db.auth.username | quote }}
-          - name: PGPASSWORD
-            value: {{ .Values.global.db.auth.password | default .Values.db.auth.password | quote }}
+      initContainers:
+      {{- if .Values.initContainers }}
+      {{- include "common.tplvalues.render" ( dict "value" .Values.initContainers  "context" $ ) | nindent 8 }}
+      {{- end }}
 
+      {{- if .Values.extraInitContainers }}
+      {{- include "common.tplvalues.render" ( dict "value" .Values.extraInitContainers  "context" $ ) | nindent 8 }}
+      {{- end }}
 
       containers:
         - name: {{ .Chart.Name }}
@@ -101,8 +88,13 @@ spec:
             {{ end }}
 
           volumeMounts:
-            - name: data
-              mountPath: {{ .Values.persistence.storagePath }}
+          {{- if .Values.volumeMounts }}
+          {{- include "common.tplvalues.render" ( dict "value" .Values.volumeMounts  "context" $ ) | nindent 10 }}
+          {{- end }}
+
+          {{- if .Values.extraVolumeMounts }}
+          {{- include "common.tplvalues.render" ( dict "value" .Values.extraVolumeMounts  "context" $ ) | nindent 10 }}
+          {{- end }}
 
           startupProbe:
             httpGet: