Skip to content

Commit

Permalink
update helm chart
Browse files Browse the repository at this point in the history 
Signed-off-by: Bailin He <[email protected]>
  • Loading branch information
@bailinhe
bailinhe committed Dec 18, 2024
1 parent 43e4abe commit 0da05dd
Show file tree
Hide file tree
Showing 6 changed files with 69 additions and 6 deletions.
2 changes: 1 addition & 1 deletion chart/permissions-api/templates/config-server.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,4 +10,4 @@ metadata:
service: server
data:
config.yaml: |
{{- pick .Values.config "server" "oidc" "crdb" "spicedb" "tracing" "events" | toYaml | nindent 4 }}
{{- pick .Values.config "server" "oidc" "db" "psql" "crdb" "spicedb" "tracing" "events" | toYaml | nindent 4 }}
2 changes: 1 addition & 1 deletion chart/permissions-api/templates/config-worker.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,4 +10,4 @@ metadata:
service: worker
data:
config.yaml: |
{{- pick .Values.config "server" "events" "oidc" "crdb" "spicedb" "tracing" | toYaml | nindent 4 }}
{{- pick .Values.config "server" "events" "oidc" "db" "psql" "crdb" "spicedb" "tracing" | toYaml | nindent 4 }}
13 changes: 12 additions & 1 deletion chart/permissions-api/templates/deployment-server.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ spec:
securityContext:
{{- toYaml .Values.deployment.podSecurityContext | nindent 8 }}
{{- end }}
{{- if eq .Values.config.crdb.migrateHook "init" }}
{{- if eq .Values.config.db.migrateHook "init" }}
initContainers:
- name: {{ include "common.names.name" . }}-migrate-database-init
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
Expand All @@ -54,6 +54,16 @@ spec:
- up
- --config
- /config/config.yaml
{{- if eq .Values.config.db.driver "postgres"}}
{{- with .Values.config.psql.uriSecretName }}
env:
- name: PERMISSIONSAPI_PSQL_URI
valueFrom:
secretKeyRef:
name: {{ . }}
key: uri
{{- end }}
{{- else }}
{{- with .Values.config.crdb.uriSecretName }}
env:
- name: PERMISSIONSAPI_CRDB_URI
Expand All @@ -62,6 +72,7 @@ spec:
name: {{ . }}
key: uri
{{- end }}
{{- end }}
{{- with .Values.deployment.resources }}
resources:
{{- toYaml . | nindent 12 }}
Expand Down
11 changes: 11 additions & 0 deletions chart/permissions-api/templates/deployment-worker.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,13 +55,24 @@ spec:
env:
- name: PERMISSIONSAPI_SERVER_LISTEN
value: ":{{ include "permapi.listenPort" . }}"
{{- if eq .Values.config.db.driver "postgres"}}
{{- with .Values.config.psql.uriSecretName }}
env:
- name: PERMISSIONSAPI_PSQL_URI
valueFrom:
secretKeyRef:
name: {{ . }}
key: uri
{{- end }}
{{- else }}
{{- with .Values.config.crdb.uriSecretName }}
- name: PERMISSIONSAPI_CRDB_URI
valueFrom:
secretKeyRef:
name: {{ . }}
key: uri
{{- end }}
{{- end }}
{{- if .Values.config.events.nats.tokenSecretName }}
- name: PERMISSIONSAPI_EVENTS_NATS_TOKEN
valueFrom:
Expand Down
15 changes: 13 additions & 2 deletions chart/permissions-api/templates/job-migrate-database.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
{{- if has .Values.config.crdb.migrateHook (list "pre-sync" "manual") }}
{{- if has .Values.config.db.migrateHook (list "pre-sync" "manual") }}
---
apiVersion: batch/v1
kind: Job
metadata:
{{- if eq .Values.config.crdb.migrateHook "manual" }}
{{- if eq .Values.config.db.migrateHook "manual" }}
name: {{ include "common.names.name" . }}-migrate-database
{{- else }}
generateName: migrate-database-
Expand Down Expand Up @@ -41,6 +41,16 @@ spec:
- up
- --config
- /config/config.yaml
{{- if eq .Values.config.db.driver "postgres"}}
{{- with .Values.config.psql.uriSecretName }}
env:
- name: PERMISSIONSAPI_PSQL_URI
valueFrom:
secretKeyRef:
name: {{ . }}
key: uri
{{- end }}
{{- else }}
{{- with .Values.config.crdb.uriSecretName }}
env:
- name: PERMISSIONSAPI_CRDB_URI
Expand All @@ -49,6 +59,7 @@ spec:
name: {{ . }}
key: uri
{{- end }}
{{- end }}
{{- with .Values.deployment.resources }}
resources:
{{- toYaml . | nindent 12 }}
Expand Down
32 changes: 31 additions & 1 deletion chart/permissions-api/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,12 +45,42 @@ config:
pskSecretName: ""
# policyConfigMapName is the name of the Config Map containing the policy file configuration
policyConfigMapName: ""
crdb:
db:
# db engine to use for the permissions-api, cockroach or postgres, defaults to be cockroach
engine: "cockroach"
# migrateHook sets when to run database migrations. one of: pre-sync, init, manual
# - pre-sync: hook runs as a job before any other changes are synced.
# - init: is run as an init container to the server deployment and may run multiple times if replica count is high.
# - manual: a migrate-database job will be available to triggered manually
migrateHook: "init"
psql:
# name is the database name
name: ""
# host is the database host
host: ""
# user is the auth username to the database
user: ""
# password is the auth password to the database
password: ""
# params is the connection parameters to the database
params: ""
# uri is the raw uri connection string
uri: ""
# uriSecretName if set retrieves the `uri` from the provided secret name
uriSecretName: ""
# caSecretName if defined mounts database certificates from the provided secret
# secrets are mounted at `caMountPath`
caSecretName: ""
# caMountPath is the path the caSecretName is mounted at
caMountPath: /etc/ssl/crdb/
connections:
# max_open is the maximum number of open connections to the database
max_open: 0
# max_idle is the maximum number of connections in the idle connection
max_idle: 0
# max_lifetime is the maximum amount of time a connection may be idle
max_lifetime: 0
crdb:
# name is the database name
name: ""
# host is the database host
Expand Down

0 comments on commit 0da05dd

Please sign in to comment.