diff --git a/helm/Chart.yaml b/helm/Chart.yaml index 47a9e82b8a..6af05512b5 100644 --- a/helm/Chart.yaml +++ b/helm/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.0 +version: 0.2.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/helm/templates/configmap.uwsgi.yaml b/helm/templates/configmap.uwsgi.yaml new file mode 100644 index 0000000000..29ff7c4793 --- /dev/null +++ b/helm/templates/configmap.uwsgi.yaml @@ -0,0 +1,11 @@ +{{- if and .Values.uwsgi.override (not .Values.uwsgi.existingConfigMap) }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "kiwi.fullname" . }}-uwsgi + labels: + {{- include "kiwi.labels" . | nindent 4 }} +data: + uwsgi.override: | + {{- .Values.uwsgi.override | nindent 4 }} +{{- end }} diff --git a/helm/templates/secret.smtp.yaml b/helm/templates/secret.smtp.yaml new file mode 100644 index 0000000000..b811a3e6c4 --- /dev/null +++ b/helm/templates/secret.smtp.yaml @@ -0,0 +1,12 @@ +{{- if and .Values.email.smtp.enabled (not .Values.email.smtp.existingSecret) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "kiwi.fullname" . }}-smtp + labels: + {{- include "kiwi.labels" . | nindent 4 }} +type: Opaque +stringData: + smtp-user: {{ .Values.email.smtp.user | quote }} + smtp-password: {{ .Values.email.smtp.password | quote }} +{{- end }} diff --git a/helm/templates/statefulset.yaml b/helm/templates/statefulset.yaml index f6a60e5c1c..31504ddcaf 100644 --- a/helm/templates/statefulset.yaml +++ b/helm/templates/statefulset.yaml @@ -30,6 +30,14 @@ spec: {{- else -}} emptyDir: {} {{- end }} + {{- if or .Values.uwsgi.override .Values.uwsgi.existingConfigMap }} + - name: uwsgi-override + configMap: + name: {{ .Values.uwsgi.existingConfigMap | default (printf "%s-uwsgi" (include "kiwi.fullname" .)) }} + items: + - key: uwsgi.override + path: uwsgi.override + {{- end }} initContainers: - name: migrations @@ -70,14 +78,18 @@ spec: - name: https containerPort: {{ .Values.service.port.https }} protocol: TCP + {{- with .Values.livenessProbe }} livenessProbe: - httpGet: - path: /accounts/login/ - port: http + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.readinessProbe }} readinessProbe: - httpGet: - path: /accounts/login/ - port: http + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.startupProbe }} + startupProbe: + {{- toYaml . | nindent 12 }} + {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} env: @@ -104,8 +116,31 @@ spec: value: {{ .Values.database.db_name }} - name: SERVER_EMAIL value: {{ .Values.email.from }} + - name: DEFAULT_FROM_EMAIL + value: {{ .Values.email.from }} - name: EMAIL_SUBJECT_PREFIX value: {{ .Values.email.subject | quote }} + {{- if .Values.email.smtp.enabled }} + {{- $smtpSecret := .Values.email.smtp.existingSecret | default (printf "%s-smtp" (include "kiwi.fullname" .)) }} + - name: EMAIL_HOST + value: {{ .Values.email.smtp.host | quote }} + - name: EMAIL_PORT + value: {{ .Values.email.smtp.port | quote }} + - name: EMAIL_USE_TLS + value: {{ .Values.email.smtp.useTLS | quote }} + - name: EMAIL_USE_SSL + value: {{ .Values.email.smtp.useSSL | quote }} + - name: EMAIL_HOST_USER + valueFrom: + secretKeyRef: + name: {{ $smtpSecret }} + key: smtp-user + - name: EMAIL_HOST_PASSWORD + valueFrom: + secretKeyRef: + name: {{ $smtpSecret }} + key: smtp-password + {{- end }} - name: MEDIA_ROOT value: {{ .Values.media.root }} - name: MEDIA_URL @@ -114,3 +149,9 @@ spec: volumeMounts: - name: media mountPath: {{ .Values.media.root }} + {{- if or .Values.uwsgi.override .Values.uwsgi.existingConfigMap }} + - name: uwsgi-override + mountPath: /Kiwi/etc/uwsgi.override + subPath: uwsgi.override + readOnly: true + {{- end }} diff --git a/helm/values.yaml b/helm/values.yaml index 26f7e555d3..3df9221890 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -49,9 +49,72 @@ media: url: "/uploads/" email: + # SERVER_EMAIL + DEFAULT_FROM_EMAIL Django settings from: "kiwi@example.com" subject: "[Kiwi-TCMS] " + # SMTP backend — corresponds to Django EMAIL_HOST / EMAIL_PORT / EMAIL_USE_TLS / EMAIL_USE_SSL. + # When enabled is false, no SMTP env vars are injected and Django falls back + # to its default email backend. + smtp: + enabled: false + + host: "" + port: 25 + useTLS: false + useSSL: false + + # Inline credentials (used only when existingSecret is empty). + user: "" + # Set via --set email.smtp.password=... on install + password: "" + + # Use an existing Secret with keys 'smtp-user' and 'smtp-password'. + # Takes precedence over inline user/password. + existingSecret: "" + +# Liveness probe — full spec is rendered with toYaml so any field is overridable. +livenessProbe: + httpGet: + path: /accounts/login/ + port: http + +# Readiness probe — full spec, same defaults as before. +readinessProbe: + httpGet: + path: /accounts/login/ + port: http + +# Startup probe — disabled by default (empty map). +# Recommended for slow first-time DB migrations, e.g.: +# startupProbe: +# httpGet: +# path: /accounts/login/ +# port: http +# failureThreshold: 30 +# periodSeconds: 10 +startupProbe: {} + +# uwsgi override configuration. +# The Kiwi image natively supports loading additional uwsgi config from +# /Kiwi/etc/uwsgi.override (see etc/uwsgi.conf in upstream). +uwsgi: + # Inline override content. When set (and existingConfigMap is empty), + # the chart creates a ConfigMap and mounts it as /Kiwi/etc/uwsgi.override. + # Example: + # override: | + # [uwsgi] + # processes = 8 + # threads = 2 + # harakiri = 60 + # max-requests = 2048 + # buffer-size = 32768 + override: "" + + # Name of an existing ConfigMap that contains a key "uwsgi.override". + # When set, this takes precedence over the inline `override` field. + existingConfigMap: "" + database: type: mariadb