feat(etesync): Move to new common (#9095)

**Description**

Attempting to move a complicated app, let's see how it goes

⚒️ Fixes  # <!--(issue)-->

**⚙️ Type of change**

- [ ] ⚙️ Feature/App addition
- [ ] 🪛 Bugfix
- [ ] ⚠️ Breaking change (fix or feature that would cause existing
functionality to not work as expected)
- [ ] 🔃 Refactor of current code

**🧪 How Has This Been Tested?**
<!--
Please describe the tests that you ran to verify your changes. Provide
instructions so we can reproduce. Please also list any relevant details
for your test configuration
-->

**📃 Notes:**
<!-- Please enter any other relevant information here -->

**✔️ Checklist:**

- [ ] ⚖️ My code follows the style guidelines of this project
- [ ] 👀 I have performed a self-review of my own code
- [ ] #️⃣ I have commented my code, particularly in hard-to-understand
areas
- [ ] 📄 I have made corresponding changes to the documentation
- [ ] ⚠️ My changes generate no new warnings
- [ ] 🧪 I have added tests to this description that prove my fix is
effective or that my feature works
- [ ] ⬆️ I increased versions for any altered app according to semantic
versioning

** App addition**

If this PR is an app addition please make sure you have done the
following.

- [ ] 🪞 I have opened a PR on
[truecharts/containers](https://github.com/truecharts/containers) adding
the container to TrueCharts mirror repo.
- [ ] 🖼️ I have added an icon in the Chart's root directory called
`icon.png`

---

_Please don't blindly check all the boxes. Read them and only check
those that apply.
Those checkboxes are there for the reviewer to see what is this all
about and
the status of this PR with a quick glance._

---------

Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
Signed-off-by: StevenMcElligott <89483932+StevenMcElligott@users.noreply.github.com>
Co-authored-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
Co-authored-by: Stavros kois <s.kois@outlook.com>
This commit is contained in:
StevenMcElligott 2023-05-25 13:46:40 -04:00 committed by GitHub
parent d8abbbaeb3
commit eeb7a6acca
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 160 additions and 163 deletions

View File

@ -51,7 +51,7 @@ jobs:
if [[ $(echo ${OUTPUT_JSON} | jq --compact-output '. | length') -gt 0 ]]; then
echo "detected=true" >> "$GITHUB_OUTPUT"
fi
- name: Test and Fix Pre-Commit Issues
shell: bash
if: inputs.chartChangesDetected == 'true'
@ -92,6 +92,7 @@ jobs:
filePath: /tmp/lint_result.txt
comment_tag: lint_results
mode: recreate
GITHUB_TOKEN: ${{ github.token }}
- name: Lint Result
if: steps.list-changed.outputs.detected == 'true'

View File

@ -3,15 +3,11 @@ appVersion: "0.11.0"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 11.1.2
- condition: postgresql.enabled
name: postgresql
repository: https://deps.truecharts.org/
version: 11.0.31
version: 12.9.2
- condition: redis.enabled
name: redis
repository: https://deps.truecharts.org
version: 5.0.33
version: 6.0.43
deprecated: false
description: Secure, end-to-end encrypted, and privacy respecting sync for your contacts, calendars, tasks and notes.
home: https://truecharts.org/charts/incubator/etesync
@ -35,7 +31,7 @@ sources:
- https://github.com/etesync
- https://github.com/victor-rds/docker-etebase
type: application
version: 3.0.25
version: 4.0.0
annotations:
truecharts.org/catagories: |
- productivity

View File

@ -13,79 +13,73 @@ questions:
# Include{containerBasic}
# Include{containerAdvanced}
- variable: env
group: "App Configuration"
label: "Image Environment"
schema:
additional_attrs: true
type: dict
attrs:
- variable: ALLOWED_HOSTS
label: "ALLOWED_HOSTS"
description: "Must be a valid domain or * (* is not recommended for production)"
schema:
type: string
default: "localhost"
required: true
- variable: AUTO_SIGNUP
label: "AUTO_SIGNUP"
description: "Enable automatic signup"
schema:
type: boolean
default: false
- variable: LANGUAGE_CODE
label: "LANGUAGE_CODE"
description: "Django language code"
schema:
type: string
default: "en-us"
required: true
- variable: DEBUG
label: "DEBUG"
description: "Output additional messages from `/entrypoint.sh`. It doesn't change the output of the Etebase server."
schema:
type: boolean
default: false
- variable: SHELL_DEBUG
label: "SHELL_DEBUG"
description: "Run `/entrypoint.sh` with `set -x`"
schema:
type: boolean
default: false
- variable: DEBUG_DJANGO
label: "DEBUG_DJANGO"
description: "Enable Django debug mode (not recommended for production)"
schema:
type: boolean
default: false
- variable: secretEnv
group: "App Configuration"
label: "Image Secrets"
schema:
additional_attrs: true
type: dict
attrs:
- variable: SUPER_USER
label: "SUPER_USER"
description: "Username of the Django superuser (First Install Only)"
schema:
type: string
default: "admin"
required: true
- variable: SUPER_PASS
label: "SUPER_PASS"
description: "Password of the Django superuser (First Install Only). Will be generated if left unset."
schema:
type: string
default: ""
private: true
- variable: SUPER_EMAIL
label: "SUPER_EMAIL"
description: "Email of the Django superuser (First Install Only)"
schema:
type: string
default: ""
- variable: env
group: "App Configuration"
label: "Image Environment"
schema:
additional_attrs: true
type: dict
attrs:
- variable: ALLOWED_HOSTS
label: "ALLOWED_HOSTS"
description: "Must be a valid domain or * (* is not recommended for production)"
schema:
type: string
default: "localhost"
required: true
- variable: AUTO_SIGNUP
label: "AUTO_SIGNUP"
description: "Enable automatic signup"
schema:
type: boolean
default: false
- variable: LANGUAGE_CODE
label: "LANGUAGE_CODE"
description: "Django language code"
schema:
type: string
default: "en-us"
required: true
- variable: DEBUG
label: "DEBUG"
description: "Output additional messages from `/entrypoint.sh`. It doesn't change the output of the Etebase server."
schema:
type: boolean
default: false
- variable: SHELL_DEBUG
label: "SHELL_DEBUG"
description: "Run `/entrypoint.sh` with `set -x`"
schema:
type: boolean
default: false
- variable: DEBUG_DJANGO
label: "DEBUG_DJANGO"
description: "Enable Django debug mode (not recommended for production)"
schema:
type: boolean
default: false
- variable: SUPER_USER
label: "SUPER_USER"
description: "Username of the Django superuser (First Install Only)"
schema:
type: string
default: "admin"
required: true
- variable: SUPER_PASS
label: "SUPER_PASS"
description: "Password of the Django superuser (First Install Only). Will be generated if left unset."
schema:
type: string
default: ""
private: true
- variable: SUPER_EMAIL
label: "SUPER_EMAIL"
description: "Email of the Django superuser (First Install Only)"
schema:
type: string
default: ""
# Include{containerConfig}
# Include{podOptions}
# Include{serviceRoot}
- variable: main
label: "Main Service"
@ -134,28 +128,27 @@ questions:
# Include{ingressTraefik}
# Include{ingressList}
# Include{securityContextRoot}
- variable: runAsUser
label: "runAsUser"
description: "The UserID of the user running the application"
schema:
type: int
default: 373
- variable: runAsGroup
label: "runAsGroup"
description: "The groupID this App of the user running the application"
schema:
type: int
default: 373
- variable: runAsGroup
label: "runAsGroup"
description: "The groupID this App of the user running the application"
schema:
type: int
default: 373
# Include{securityContextContainer}
# Include{securityContextAdvanced}
# Include{securityContextPod}
- variable: fsGroup
label: "fsGroup"
description: "The group that should own ALL storage."
schema:
type: int
default: 373
- variable: fsGroup
label: "fsGroup"
description: "The group that should own ALL storage."
schema:
type: int
default: 373
# Include{resources}
# Include{advanced}

View File

@ -1,18 +1,10 @@
{{/* EteSync superuser credentials and Django SECRET_KEY */}}
{{- define "etesync.secret" -}}
---
{{- $secretName := "etesync-secret" }}
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
labels:
{{- include "tc.common.labels" . | nindent 4 }}
enabled: true
data:
{{- with (lookup "v1" "Secret" .Release.Namespace $secretName) }}
secret.txt: {{ index .data "secret.txt" }}
{{- with (lookup "v1" "Secret" .Release.Namespace "etesync-secret") }}
secret.txt: {{ index .data "secret.txt" | b64dec }}
{{- else }}
secret.txt: {{ randAlphaNum 32 | b64enc }}
secret.txt: {{ randAlphaNum 32 }}
{{- end }}
{{- end }}
{{- end -}}

View File

@ -1,8 +1,11 @@
{{/* Make sure all variables are set properly */}}
{{- include "tc.common.loader.init" . }}
{{- include "tc.v1.common.loader.init" . }}
{{/* Render secret for etesync */}}
{{- include "etesync.secret" . }}
{{/* Render secrets for etesync */}}
{{- $secret := include "etesync.secret" . | fromYaml -}}
{{- if $secret -}}
{{- $_ := set .Values.secret "etesync-secret" $secret -}}
{{- end -}}
{{/* Render the templates */}}
{{ include "tc.common.loader.apply" . }}
{{ include "tc.v1.common.loader.apply" . }}

View File

@ -3,10 +3,13 @@ image:
pullPolicy: IfNotPresent
tag: 0.11.0@sha256:47478da0d1b3ab18d5bfbcd4537fa80305ace94746b01c32e609c7e9e663d860
podSecurityContext:
runAsUser: 373
runAsGroup: 373
fsGroup: 373
securityContext:
container:
runAsUser: 373
runAsGroup: 373
readOnlyRootFilesystem: false
pod:
fsGroup: 373
# Docker image configuration docs:
# https://github.com/victor-rds/docker-etebase#settings-and-customization
@ -14,50 +17,60 @@ podSecurityContext:
# EteSync configuration docs:
# https://github.com/etesync/server#configuration
env:
# App
SERVER: http
AUTO_UPDATE: true
ALLOWED_HOSTS: "localhost"
AUTO_SIGNUP: false
LANGUAGE_CODE: "en-us"
TIME_ZONE: "{{ .Values.TZ }}"
workload:
main:
podSpec:
containers:
main:
probes:
liveness:
type: tcp
readiness:
type: tcp
startup:
type: tcp
env:
PORT: "{{ .Values.service.main.ports.main.port }}"
# App
SERVER: http
AUTO_UPDATE: true
ALLOWED_HOSTS: "localhost"
AUTO_SIGNUP: false
LANGUAGE_CODE: "en-us"
TIME_ZONE: "{{ .Values.TZ }}"
# Debugging
DEBUG: false
SHELL_DEBUG: false
DEBUG_DJANGO: false
# Postgres
DB_ENGINE: postgres
DATABASE_NAME: "{{ .Values.postgresql.postgresqlDatabase }}"
DATABASE_USER: "{{ .Values.postgresql.postgresqlUsername }}"
DATABASE_PASSWORD:
secretKeyRef:
name: dbcreds
key: postgresql-password
DATABASE_HOST:
secretKeyRef:
name: dbcreds
key: plainhost
DATABASE_PORT: 5432
REDIS_URI:
secretKeyRef:
name: rediscreds
key: url
secretEnv:
# Superuser
SUPER_USER: "admin"
SUPER_PASS: ""
SUPER_EMAIL: ""
# Debugging
DEBUG: false
SHELL_DEBUG: false
DEBUG_DJANGO: false
# Postgres
DB_ENGINE: postgres
DATABASE_NAME: "{{ .Values.cnpg.main.database }}"
DATABASE_USER: "{{ .Values.cnpg.main.user }}"
DATABASE_PASSWORD:
secretKeyRef:
name: cnpg-main-user
key: password
DATABASE_HOST:
secretKeyRef:
name: cnpg-main-urls
key: host
DATABASE_PORT: 5432
REDIS_URI:
secretKeyRef:
expandObjectName: false
name: '{{ printf "%s-%s" .Release.Name "rediscreds" }}'
key: url
# Superuser
SUPER_USER: "admin"
SUPER_PASS: ""
SUPER_EMAIL: ""
service:
main:
ports:
main:
protocol: HTTP
targetPort: 3735
protocol: http
port: 10254
persistence:
@ -66,23 +79,22 @@ persistence:
mountPath: "/data"
secret:
enabled: true
type: "custom"
type: secret
readOnly: true
mountPath: "/data/secret.txt"
subPath: "secret.txt"
volumeSpec:
secret:
secretName: "etesync-secret"
objectName: "etesync-secret"
postgresql:
enabled: true
existingSecret: "dbcreds"
postgresqlUsername: etesync
postgresqlDatabase: etesync
# Enabled postgres
cnpg:
main:
enabled: true
user: etesync
database: etesync
redis:
enabled: true
existingSecret: rediscreds
portal:
enabled: true
open:
enabled: true