diff --git a/charts/stable/kitchenowl/Chart.yaml b/charts/stable/kitchenowl/Chart.yaml index 438fcf583be..7967cc49071 100644 --- a/charts/stable/kitchenowl/Chart.yaml +++ b/charts/stable/kitchenowl/Chart.yaml @@ -22,7 +22,7 @@ sources: - https://github.com/truecharts/charts/tree/master/charts/stable/kitchenowl - https://tombursch.github.io/kitchenowl type: application -version: 5.0.1 +version: 6.0.0 annotations: truecharts.org/catagories: | - utilities diff --git a/charts/stable/kitchenowl/templates/_configmap.tpl b/charts/stable/kitchenowl/templates/_configmap.tpl new file mode 100644 index 00000000000..619cf789f89 --- /dev/null +++ b/charts/stable/kitchenowl/templates/_configmap.tpl @@ -0,0 +1,10 @@ +{{/* Define the configmap */}} +{{- define "kitchenowl.configmap" -}} + +{{- $fullname := (include "tc.v1.common.lib.chart.names.fullname" $) -}} + +enabled: true +data: + BACK_URL: {{ printf "%v-backend:%v" $fullname .Values.service.backend.ports.backend.port }} + +{{- end -}} diff --git a/charts/stable/kitchenowl/templates/_secrets.tpl b/charts/stable/kitchenowl/templates/_secrets.tpl index 6b6c8897ec8..a006f45cdde 100644 --- a/charts/stable/kitchenowl/templates/_secrets.tpl +++ b/charts/stable/kitchenowl/templates/_secrets.tpl @@ -1,20 +1,15 @@ {{/* Define the secrets */}} {{- define "kitchenowl.secrets" -}} ---- +{{- $secretName := (printf "%s-secrets" (include "tc.v1.common.lib.chart.names.fullname" $)) }} +{{- $kitchenowlprevious := lookup "v1" "Secret" .Release.Namespace $secretName }} -apiVersion: v1 -kind: Secret -type: Opaque -metadata: - name: kitchenowl-secrets -{{- $kitchenowlprevious := lookup "v1" "Secret" .Release.Namespace "kitchenowl-secrets" }} -{{- $jwt_secret := "" }} +enabled: true data: - {{- if $kitchenowlprevious}} - JWT_SECRET_KEY: {{ index $kitchenowlprevious.data "JWT_SECRET_KEY" }} + {{- if $kitchenowlprevious }} + JWT_SECRET_KEY: {{ index $kitchenowlprevious.data "JWT_SECRET_KEY" | b64dec }} {{- else }} - {{- $jwt_secret := randAlphaNum 32 }} - JWT_SECRET_KEY: {{ $jwt_secret | b64enc }} + {{- $jwtsecret := randAlphaNum 50 }} + JWT_SECRET_KEY: {{ $jwtsecret }} {{- end }} {{- end -}} diff --git a/charts/stable/kitchenowl/templates/common.yaml b/charts/stable/kitchenowl/templates/common.yaml index 9f24493621b..e233b9249b7 100644 --- a/charts/stable/kitchenowl/templates/common.yaml +++ b/charts/stable/kitchenowl/templates/common.yaml @@ -1,5 +1,15 @@ {{- include "tc.v1.common.loader.init" . }} -{{ include "kitchenowl.secrets" . }} +{{/* Render secrets for Kitchenowl */}} +{{- $secrets := include "kitchenowl.secrets" . | fromYaml -}} +{{- if $secrets -}} + {{- $_ := set .Values.secret "kitchenowl-secrets" $secrets -}} +{{- end -}} + +{{/* Render configmap for Kitchenowl */}} +{{- $configmap := include "kitchenowl.configmap" . | fromYaml -}} +{{- if $configmap -}} + {{- $_ := set .Values.configmap "kitchenowl-config" $configmap -}} +{{- end -}} {{ include "tc.v1.common.loader.apply" . }} diff --git a/charts/stable/kitchenowl/values.yaml b/charts/stable/kitchenowl/values.yaml index 37f6b86fd49..69da274e274 100644 --- a/charts/stable/kitchenowl/values.yaml +++ b/charts/stable/kitchenowl/values.yaml @@ -6,51 +6,121 @@ backendImage: repository: tccr.io/truecharts/kitchenowl-backend pullPolicy: IfNotPresent tag: latest@sha256:ded34fe79a363d6a098f97f81a546bc991f7d1cb4cab0c4236ff170f49b58063 + service: main: + enabled: true + targetSelector: main ports: main: + enabled: true + targetSelector: main protocol: http targetPort: 80 port: 10246 -additionalContainers: backend: - name: backend - image: "{{ .Values.backendImage.repository }}:{{ .Values.backendImage.tag }}" - env: - - name: FRONT_URL - value: "{{ .Values.workload.main.podSpec.containers.main.env.FRONT_URL }}" - # Backend also listens on 80, but afaik there is no use as of now - # Changed port to 81 to avoid conflict with frontend - - name: HTTP_PORT - value: "81" - - name: JWT_SECRET_KEY - valueFrom: - secretKeyRef: - name: kitchenowl-secrets - key: JWT_SECRET_KEY - volumeMounts: - - name: data - mountPath: "/data" + enabled: true + targetSelector: backend + ports: + backend: + enabled: true + targetSelector: backend + protocol: http + targetPort: 5000 + port: 10247 + persistence: data: enabled: true - mountPath: "/data" + targetSelector: + backend: + backend: + mountPath: /data + portal: open: enabled: true + securityContext: container: readOnlyRootFilesystem: false runAsNonRoot: false runAsUser: 0 runAsGroup: 0 + workload: main: + type: Deployment + strategy: RollingUpdate + replicas: 1 podSpec: containers: main: + enabled: true + primary: true + envFrom: + - configMapRef: + name: kitchenowl-config env: - FRONT_URL: "http://localhost:10246" - # Backend listens on 5000 websockets. - BACK_URL: "localhost:5000" + FRONT_URL: "{{ .Values.workload.main.podSpec.containers.main.env.FRONT_URL }}" + probes: + liveness: + type: http + path: / + port: "{{ .Values.service.main.ports.main.targetPort }}" + readiness: + type: http + path: / + port: "{{ .Values.service.main.ports.main.targetPort }}" + startup: + type: http + path: / + port: "{{ .Values.service.main.ports.main.targetPort }}" + backend: + enabled: true + type: Deployment + podSpec: + containers: + backend: + enabled: true + primary: true + imageSelector: backendImage + env: + FRONT_URL: "{{ .Values.workload.main.podSpec.containers.main.env.FRONT_URL }}" + # Changed port to 10248 to avoid conflict with frontend + HTTP_PORT: "10248" + JWT_SECRET_KEY: + secretKeyRef: + name: kitchenowl-secrets + key: JWT_SECRET_KEY + DB_DRIVER: "postgresql" + DB_HOST: + secretKeyRef: + name: cnpg-main-urls + key: host + DB_NAME: "{{ .Values.cnpg.main.database }}" + DB_USER: "{{ .Values.cnpg.main.user }}" + DB_PASSWORD: + secretKeyRef: + name: cnpg-main-user + key: password + probes: + liveness: + enabled: true + type: tcp + port: "{{ .Values.service.backend.ports.backend.targetPort }}" + readiness: + enabled: true + type: tcp + port: "{{ .Values.service.backend.ports.backend.targetPort }}" + startup: + enabled: true + type: tcp + port: "{{ .Values.service.backend.ports.backend.targetPort }}" + +# Enabled postgres +cnpg: + main: + enabled: true + user: kitchenowl + database: kitchenowl