From f2158c7bc1b194ba9a6ee2c4dfbbe83cc0e81510 Mon Sep 17 00:00:00 2001 From: "zhongjun.li" Date: Fri, 8 Mar 2024 15:23:41 +0800 Subject: [PATCH] move-storage-config-to-secret Signed-off-by: zhongjun.li --- charts/clusterpedia-core/README.md | 93 +++++++++++++++++++ charts/clusterpedia-mysql/README.md | 66 +++++++++++++ charts/clusterpedia/Chart.yaml | 2 +- charts/clusterpedia/templates/_helpers.tpl | 37 ++++++-- .../templates/apiserver-deployment.yaml | 23 +---- .../clustersynchro-manager-deployment.yaml | 23 +---- .../templates/internalstorage-configmap.yaml | 29 ------ .../templates/internalstorage-secret.yaml | 2 +- 8 files changed, 196 insertions(+), 79 deletions(-) create mode 100644 charts/clusterpedia-core/README.md create mode 100644 charts/clusterpedia-mysql/README.md delete mode 100644 charts/clusterpedia/templates/internalstorage-configmap.yaml diff --git a/charts/clusterpedia-core/README.md b/charts/clusterpedia-core/README.md new file mode 100644 index 0000000..6904517 --- /dev/null +++ b/charts/clusterpedia-core/README.md @@ -0,0 +1,93 @@ +# clusterpedia-core + +![Version: 0.1.1](https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.6.0](https://img.shields.io/badge/AppVersion-v0.6.0-informational?style=flat-square) + +A Helm chart for Clusterpedia + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| clusterpedia-io | | | + +## Source Code + +* + +## Requirements + +| Repository | Name | Version | +|------------|------|---------| +| https://charts.bitnami.com/bitnami | common | 1.x.x | + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| apiserver.affinity | object | `{}` | | +| apiserver.enableSHA1Cert | bool | `false` | | +| apiserver.featureGates.AllowRawSQLQuery | bool | `false` | | +| apiserver.featureGates.RemainingItemCount | bool | `false` | | +| apiserver.image.pullPolicy | string | `"IfNotPresent"` | | +| apiserver.image.pullSecrets | list | `[]` | | +| apiserver.image.registry | string | `"ghcr.io"` | | +| apiserver.image.repository | string | `"clusterpedia-io/clusterpedia/apiserver"` | | +| apiserver.image.tag | string | `"v0.6.0"` | | +| apiserver.labels | object | `{}` | | +| apiserver.nodeSelector | object | `{}` | | +| apiserver.podAnnotations | object | `{}` | | +| apiserver.podLabels | object | `{}` | | +| apiserver.replicaCount | int | `1` | | +| apiserver.resources | object | `{}` | | +| apiserver.tolerations | list | `[]` | | +| clustersynchroManager.affinity | object | `{}` | | +| clustersynchroManager.featureGates.AllowSyncAllCustomResources | bool | `false` | | +| clustersynchroManager.featureGates.AllowSyncAllResources | bool | `false` | | +| clustersynchroManager.featureGates.PruneLastAppliedConfiguration | bool | `true` | | +| clustersynchroManager.featureGates.PruneManagedFields | bool | `true` | | +| clustersynchroManager.image.pullPolicy | string | `"IfNotPresent"` | | +| clustersynchroManager.image.pullSecrets | list | `[]` | | +| clustersynchroManager.image.registry | string | `"ghcr.io"` | | +| clustersynchroManager.image.repository | string | `"clusterpedia-io/clusterpedia/clustersynchro-manager"` | | +| clustersynchroManager.image.tag | string | `"v0.6.0"` | | +| clustersynchroManager.labels | object | `{}` | | +| clustersynchroManager.nodeSelector | object | `{}` | | +| clustersynchroManager.podAnnotations | object | `{}` | | +| clustersynchroManager.podLabels | object | `{}` | | +| clustersynchroManager.replicaCount | int | `1` | | +| clustersynchroManager.resources | object | `{}` | | +| clustersynchroManager.tolerations | list | `[]` | | +| commonAnnotations | object | `{}` | | +| commonLabels | object | `{}` | | +| controllerManager.affinity | object | `{}` | | +| controllerManager.featureGates | object | `{}` | | +| controllerManager.image.pullPolicy | string | `"IfNotPresent"` | | +| controllerManager.image.pullSecrets | list | `[]` | | +| controllerManager.image.registry | string | `"ghcr.io"` | | +| controllerManager.image.repository | string | `"clusterpedia-io/clusterpedia/controller-manager"` | | +| controllerManager.image.tag | string | `"v0.6.0"` | | +| controllerManager.labels | object | `{}` | | +| controllerManager.nodeSelector | object | `{}` | | +| controllerManager.podAnnotations | object | `{}` | | +| controllerManager.podLabels | object | `{}` | | +| controllerManager.replicaCount | int | `1` | | +| controllerManager.resources | object | `{}` | | +| controllerManager.tolerations | list | `[]` | | +| global.imagePullSecrets | list | `[]` | | +| global.imageRegistry | string | `""` | | +| hookJob.image.pullPolicy | string | `"IfNotPresent"` | | +| hookJob.image.registry | string | `"ghcr.io"` | | +| hookJob.image.repository | string | `"cloudtty/cloudshell"` | | +| hookJob.image.tag | string | `"v0.4.0"` | | +| installCRDs | bool | `false` | | +| storage.componentEnv | list | `[]` | | +| storage.config | object | `{}` | | +| storage.configMap | string | `""` | | +| storage.image.pullPolicy | string | `"IfNotPresent"` | | +| storage.image.registry | string | `""` | | +| storage.image.repository | string | `""` | | +| storage.image.tag | string | `""` | | +| storage.name | string | `""` | | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.9.1](https://github.com/norwoodj/helm-docs/releases/v1.9.1) diff --git a/charts/clusterpedia-mysql/README.md b/charts/clusterpedia-mysql/README.md new file mode 100644 index 0000000..c8db195 --- /dev/null +++ b/charts/clusterpedia-mysql/README.md @@ -0,0 +1,66 @@ +# clusterpedia-mysql + +![Version: 0.1.1](https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.6.0](https://img.shields.io/badge/AppVersion-v0.6.0-informational?style=flat-square) + +A Helm chart for Clusterpedia + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| clusterpedia-io | | | + +## Source Code + +* + +## Requirements + +| Repository | Name | Version | +|------------|------|---------| +| https://charts.bitnami.com/bitnami | common | 1.x.x | +| https://charts.bitnami.com/bitnami | mysql | 9.x.x | +| https://clusterpedia-io.github.io/clusterpedia-helm/ | clusterpedia-core | 0.1.x | + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commonAnnotations | object | `{}` | | +| commonLabels | object | `{}` | | +| externalStorage.createDatabase | bool | `false` | | +| externalStorage.database | string | `""` | | +| externalStorage.host | string | `""` | | +| externalStorage.password | string | `""` | | +| externalStorage.port | string | `nil` | | +| externalStorage.user | string | `""` | | +| global.imagePullSecrets | list | `[]` | | +| global.imageRegistry | string | `""` | | +| installCRDs | bool | `false` | | +| mysql.auth.database | string | `"clusterpedia"` | | +| mysql.auth.password | string | `""` | | +| mysql.auth.rootPassword | string | `"dangerous0"` | | +| mysql.auth.username | string | `""` | | +| mysql.image.pullPolicy | string | `"IfNotPresent"` | | +| mysql.image.pullSecrets | list | `[]` | | +| mysql.image.registry | string | `"docker.io"` | | +| mysql.image.repository | string | `"bitnami/mysql"` | | +| mysql.image.tag | string | `"8.0.28-debian-10-r23"` | | +| mysql.primary.persistence.enabled | bool | `true` | | +| mysql.primary.persistence.size | string | `"10Gi"` | | +| persistenceMatchNode | string | `""` | | +| storageConfig.connPool.connMaxLifetime | string | `"60m"` | | +| storageConfig.connPool.maxIdleConns | int | `5` | | +| storageConfig.connPool.maxOpenConns | int | `40` | | +| storageConfig.log.enabled | bool | `false` | | +| storageConfig.log.ignoreRecordNotFoundError | bool | `false` | | +| storageConfig.log.level | string | `"Warn"` | | +| storageConfig.log.logger.filename | string | `"/var/log/clusterpedia/internalstorage.log"` | | +| storageConfig.log.logger.maxbackups | int | `0` | | +| storageConfig.log.logger.maxsize | int | `100` | | +| storageConfig.log.slowThreshold | string | `"100ms"` | | +| storageConfig.log.stdout | bool | `false` | | +| storageInstallMode | string | `"internal"` | | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.9.1](https://github.com/norwoodj/helm-docs/releases/v1.9.1) diff --git a/charts/clusterpedia/Chart.yaml b/charts/clusterpedia/Chart.yaml index bc101a6..993e700 100644 --- a/charts/clusterpedia/Chart.yaml +++ b/charts/clusterpedia/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 2.2.0 +version: 2.2.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/clusterpedia/templates/_helpers.tpl b/charts/clusterpedia/templates/_helpers.tpl index 40b0fed..c35a13d 100644 --- a/charts/clusterpedia/templates/_helpers.tpl +++ b/charts/clusterpedia/templates/_helpers.tpl @@ -171,22 +171,22 @@ Return the proper Docker Image Registry Secret Names {{- define "clusterpedia.storage.password" -}} {{- if eq .Values.storageInstallMode "external" }} {{- if empty (include "clusterpedia.storage.dsn" .) -}} - {{- required "Please set correct storage password!" .Values.externalStorage.password | toString | b64enc -}} + {{- required "Please set correct storage password!" .Values.externalStorage.password | toString }} {{- else -}} - {{- .Values.externalStorage.password | toString | b64enc -}} + {{- .Values.externalStorage.password | toString -}} {{- end -}} {{- else -}} {{- if eq (include "clusterpedia.storage.type" .) "postgres" }} {{- if not (empty .Values.global.postgresql.auth.username) -}} - {{- .Values.global.postgresql.auth.password | toString | b64enc -}} + {{- .Values.global.postgresql.auth.password | toString -}} {{- else -}} - {{- .Values.global.postgresql.auth.postgresPassword | toString | b64enc -}} + {{- .Values.global.postgresql.auth.postgresPassword | toString -}} {{- end -}} {{- else if eq (include "clusterpedia.storage.type" .) "mysql" -}} {{- if not (empty .Values.mysql.auth.username) -}} - {{- .Values.mysql.auth.password | toString | b64enc -}} + {{- .Values.mysql.auth.password | toString -}} {{- else -}} - {{- .Values.mysql.auth.rootPassword | toString | b64enc -}} + {{- .Values.mysql.auth.rootPassword | toString -}} {{- end -}} {{- end -}} {{- end -}} @@ -389,3 +389,28 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this value: 'k8s.namespace.name=$(OTEL_K8S_NAMESPACE),k8s.node.name=$(OTEL_RESOURCE_ATTRIBUTES_NODE_NAME),k8s.pod.name=$(OTEL_RESOURCE_ATTRIBUTES_POD_NAME)' {{- end -}} {{- end -}} + +{{- define "clusterpedia.storage.secret" -}} +type: {{ include "clusterpedia.storage.type" . | quote }} +dsn: {{ include "clusterpedia.storage.dsn" . | quote }} +host: {{ include "clusterpedia.storage.host" . | quote }} +port: {{ include "clusterpedia.storage.port" . }} +user: {{ include "clusterpedia.storage.user" . }} +password: {{ include "clusterpedia.storage.password" . }} +database: {{ include "clusterpedia.storage.database" . }} +{{ if .Values.storageConfig.log.enabled }} +log: + stdout: {{ .Values.storageConfig.log.stdout }} + level: {{ .Values.storageConfig.log.level | default "Warn" | quote }} + slowThreshold: {{ .Values.storageConfig.log.slowThreshold }} + ignoreRecordNotFoundError: {{ .Values.storageConfig.log.ignoreRecordNotFoundError }} + logger: + filename: {{ .Values.storageConfig.log.logger.filename }} + maxsize: {{ .Values.storageConfig.log.logger.maxsize }} + maxbackups: {{ .Values.storageConfig.log.logger.maxbackups }} +{{ end }} +connPool: + maxIdleConns: {{ .Values.storageConfig.connPool.maxIdleConns | int }} + maxOpenConns: {{ .Values.storageConfig.connPool.maxOpenConns | int }} + connMaxLifetime: {{ .Values.storageConfig.connPool.connMaxLifetime }} +{{- end -}} \ No newline at end of file diff --git a/charts/clusterpedia/templates/apiserver-deployment.yaml b/charts/clusterpedia/templates/apiserver-deployment.yaml index 062f881..b2a4afb 100644 --- a/charts/clusterpedia/templates/apiserver-deployment.yaml +++ b/charts/clusterpedia/templates/apiserver-deployment.yaml @@ -56,12 +56,6 @@ spec: done; echo 'DataBase OK ✓' {{- end }} - env: - - name: {{ include "clusterpedia.storage.password.envKey" . }} - valueFrom: - secretKeyRef: - name: {{ include "clusterpedia.internalstorage.fullname" . }} - key: password volumeMounts: - name: internalstorage-config mountPath: /etc/clusterpedia/storage @@ -95,14 +89,6 @@ spec: done; echo 'DataBase OK ✓' {{- end }} - {{- if eq (include "clusterpedia.storage.type" .) "mysql" }} - env: - - name: DB_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "clusterpedia.internalstorage.fullname" . }} - key: password - {{- end }} volumeMounts: - name: internalstorage-config mountPath: /etc/clusterpedia/storage @@ -130,11 +116,6 @@ spec: resources: {{- toYaml .Values.apiserver.resources | nindent 12 }} {{- end }} env: - - name: DB_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "clusterpedia.internalstorage.fullname" . }} - key: password {{- include "clusterpedia.apiserver.tracing.env" . | nindent 8 }} {{- if .Values.apiserver.enableSHA1Cert }} - name: GODEBUG @@ -164,8 +145,8 @@ spec: {{- end }} volumes: - name: internalstorage-config - configMap: - name: {{ include "clusterpedia.internalstorage.fullname" . }} + secret: + secretName: {{ include "clusterpedia.internalstorage.fullname" . }} - name: scripts configMap: name: {{ include "clusterpedia.scripts.fullname" . }} diff --git a/charts/clusterpedia/templates/clustersynchro-manager-deployment.yaml b/charts/clusterpedia/templates/clustersynchro-manager-deployment.yaml index 8a3c5a7..fc4f847 100644 --- a/charts/clusterpedia/templates/clustersynchro-manager-deployment.yaml +++ b/charts/clusterpedia/templates/clustersynchro-manager-deployment.yaml @@ -56,12 +56,6 @@ spec: done; echo 'DataBase OK ✓' {{- end }} - env: - - name: {{ include "clusterpedia.storage.password.envKey" . }} - valueFrom: - secretKeyRef: - name: {{ include "clusterpedia.internalstorage.fullname" . }} - key: password volumeMounts: - name: internalstorage-config mountPath: /etc/clusterpedia/storage @@ -95,14 +89,6 @@ spec: done; echo 'DataBase OK ✓' {{- end }} - {{- if eq (include "clusterpedia.storage.type" .) "mysql" }} - env: - - name: DB_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "clusterpedia.internalstorage.fullname" . }} - key: password - {{- end }} volumeMounts: - name: internalstorage-config mountPath: /etc/clusterpedia/storage @@ -134,11 +120,6 @@ spec: resources: {{- toYaml .Values.clustersynchroManager.resources | nindent 12 }} {{- end }} env: - - name: DB_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "clusterpedia.internalstorage.fullname" . }} - key: password - name: GODEBUG value: netdns=go volumeMounts: @@ -157,8 +138,8 @@ spec: {{- end }} volumes: - name: internalstorage-config - configMap: - name: {{ include "clusterpedia.internalstorage.fullname" . }} + secret: + secretName: {{ include "clusterpedia.internalstorage.fullname" . }} - name: scripts configMap: name: {{ include "clusterpedia.scripts.fullname" . }} diff --git a/charts/clusterpedia/templates/internalstorage-configmap.yaml b/charts/clusterpedia/templates/internalstorage-configmap.yaml deleted file mode 100644 index 3929be6..0000000 --- a/charts/clusterpedia/templates/internalstorage-configmap.yaml +++ /dev/null @@ -1,29 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "clusterpedia.internalstorage.fullname" . }} - namespace: {{ .Release.Namespace }} - labels: {{- include "common.labels.standard" . | nindent 4 }} -data: - internalstorage-config.yaml: |- - type: {{ include "clusterpedia.storage.type" . | quote }} - dsn: {{ include "clusterpedia.storage.dsn" . | quote }} - host: {{ include "clusterpedia.storage.host" . | quote }} - port: {{ include "clusterpedia.storage.port" . }} - user: {{ include "clusterpedia.storage.user" . }} - database: {{ include "clusterpedia.storage.database" . }} - {{ if .Values.storageConfig.log.enabled }} - log: - stdout: {{ .Values.storageConfig.log.stdout }} - level: {{ .Values.storageConfig.log.level | default "Warn" | quote }} - slowThreshold: {{ .Values.storageConfig.log.slowThreshold }} - ignoreRecordNotFoundError: {{ .Values.storageConfig.log.ignoreRecordNotFoundError }} - logger: - filename: {{ .Values.storageConfig.log.logger.filename }} - maxsize: {{ .Values.storageConfig.log.logger.maxsize }} - maxbackups: {{ .Values.storageConfig.log.logger.maxbackups }} - {{ end }} - connPool: - maxIdleConns: {{ .Values.storageConfig.connPool.maxIdleConns | int }} - maxOpenConns: {{ .Values.storageConfig.connPool.maxOpenConns | int }} - connMaxLifetime: {{ .Values.storageConfig.connPool.connMaxLifetime }} diff --git a/charts/clusterpedia/templates/internalstorage-secret.yaml b/charts/clusterpedia/templates/internalstorage-secret.yaml index 0a89e1c..98609b4 100644 --- a/charts/clusterpedia/templates/internalstorage-secret.yaml +++ b/charts/clusterpedia/templates/internalstorage-secret.yaml @@ -7,4 +7,4 @@ metadata: app: {{ include "clusterpedia.internalstorage.fullname" . }} internalstorage.clusterpedia.io/type: {{ include "clusterpedia.storage.type" . }} data: - password: {{ include "clusterpedia.storage.password" . }} + internalstorage-config.yaml: {{ include "clusterpedia.storage.secret" .| b64enc | quote }}