diff --git a/.github/workflows/helm.yml b/.github/workflows/helm.yml index d4772e106..10eb7c020 100644 --- a/.github/workflows/helm.yml +++ b/.github/workflows/helm.yml @@ -32,7 +32,7 @@ jobs: version: v3.10.0 - name: Run chart-releaser - uses: helm/chart-releaser-action@ed43eb303604cbc0eeec8390544f7748dc6c790d # specific commit, since `mark_as_latest` is not yet in a release + uses: helm/chart-releaser-action@v1.6.0 env: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" with: diff --git a/build/docker/Dockerfile.demo-pinecone b/build/docker/Dockerfile.demo-pinecone index f295044fc..dc6b22d7d 100644 --- a/build/docker/Dockerfile.demo-pinecone +++ b/build/docker/Dockerfile.demo-pinecone @@ -1,4 +1,4 @@ -FROM docker.io/golang:1.22 AS base +FROM docker.io/golang:1.22-alpine AS base # # Needs to be separate from the main Dockerfile for OpenShift, diff --git a/helm/ct.yaml b/helm/ct.yaml index af706fa3d..8b5aaa875 100644 --- a/helm/ct.yaml +++ b/helm/ct.yaml @@ -4,4 +4,6 @@ chart-repos: - bitnami=https://charts.bitnami.com/bitnami chart-dirs: - helm -validate-maintainers: false \ No newline at end of file +validate-maintainers: false +# this should ensure the tarballs are in the appropriate location for GH pages, rather than repo root +package-path: docs/ \ No newline at end of file diff --git a/helm/dendrite/Chart.yaml b/helm/dendrite/Chart.yaml index 80c618822..9613b5045 100644 --- a/helm/dendrite/Chart.yaml +++ b/helm/dendrite/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: dendrite -version: "0.14.2" +version: "0.14.6" appVersion: "0.13.8" description: Dendrite Matrix Homeserver type: application diff --git a/helm/dendrite/README.md b/helm/dendrite/README.md index 6595a11fc..a5b03aa85 100644 --- a/helm/dendrite/README.md +++ b/helm/dendrite/README.md @@ -1,7 +1,7 @@ # dendrite -![Version: 0.14.2](https://img.shields.io/badge/Version-0.14.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.13.8](https://img.shields.io/badge/AppVersion-0.13.8-informational?style=flat-square) +![Version: 0.14.4](https://img.shields.io/badge/Version-0.14.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.13.8](https://img.shields.io/badge/AppVersion-0.13.8-informational?style=flat-square) Dendrite Matrix Homeserver Status: **NOT PRODUCTION READY** @@ -45,6 +45,7 @@ Create a folder `appservices` and place your configurations in there. The confi | image.repository | string | `"ghcr.io/matrix-org/dendrite-monolith"` | Docker repository/image to use | | image.pullPolicy | string | `"IfNotPresent"` | Kubernetes pullPolicy | | image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | +| imagePullSecrets | list | `[]` | Configure image pull secrets to use private container registry https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret | | signing_key.create | bool | `true` | Create a new signing key, if not exists | | signing_key.existingSecret | string | `""` | Use an existing secret | | resources | object | sets some sane default values | Default resource requests/limits. | @@ -189,3 +190,5 @@ grafana: ``` PS: The label `release=kube-prometheus-stack` is setup with the helmchart of the Prometheus Operator. For Grafana Dashboards it may be necessary to enable scanning in the correct namespaces (or ALL), enabled by `sidecar.dashboards.searchNamespace` in [Helmchart of grafana](https://artifacthub.io/packages/helm/grafana/grafana) (which is part of PrometheusOperator, so `grafana.sidecar.dashboards.searchNamespace`) +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) \ No newline at end of file diff --git a/helm/dendrite/templates/deployment.yaml b/helm/dendrite/templates/deployment.yaml index e3f84cdae..3952f4a7c 100644 --- a/helm/dendrite/templates/deployment.yaml +++ b/helm/dendrite/templates/deployment.yaml @@ -56,6 +56,9 @@ spec: args: - '--config' - '/etc/dendrite/dendrite.yaml' + {{- with .Values.extraArgs }} + {{- toYaml . | nindent 10 }} + {{- end }} ports: - name: http containerPort: 8008 @@ -110,3 +113,19 @@ spec: httpGet: path: /_dendrite/monitor/up port: http + imagePullSecrets: + {{- with .Values.imagePullSecrets }} + {{ . | toYaml | nindent 6 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} \ No newline at end of file diff --git a/helm/dendrite/templates/jobs.yaml b/helm/dendrite/templates/jobs.yaml index c10f358b0..7f96f2695 100644 --- a/helm/dendrite/templates/jobs.yaml +++ b/helm/dendrite/templates/jobs.yaml @@ -54,6 +54,10 @@ metadata: spec: template: spec: + imagePullSecrets: + {{- with .Values.imagePullSecrets }} + {{ . | toYaml | nindent 6 }} + {{- end }} restartPolicy: "Never" serviceAccount: {{ $name }} containers: @@ -94,6 +98,18 @@ spec: volumes: - name: signing-key emptyDir: {} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} parallelism: 1 completions: 1 backoffLimit: 1 diff --git a/helm/dendrite/values.yaml b/helm/dendrite/values.yaml index 6c5abc90e..02cd1aa13 100644 --- a/helm/dendrite/values.yaml +++ b/helm/dendrite/values.yaml @@ -6,6 +6,10 @@ image: # -- Overrides the image tag whose default is the chart appVersion. tag: "" +# -- Configure image pull secrets to use private container registry +# https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret +imagePullSecrets: [] +# - name: your-pull-secret-name # signing key to use signing_key: @@ -73,6 +77,9 @@ persistence: # GKE, AWS & OpenStack) storageClass: +# -- Add additional arguments to the dendrite command +extraArgs: [] + # -- Add additional volumes to the Dendrite Pod extraVolumes: [] # ex. @@ -96,6 +103,15 @@ strategy: # -- Maximum number of pods that can be scheduled above the desired number of pods maxSurge: 25% +# -- Node selector configuration +nodeSelector: {} + +# -- Tolerations configuration +tolerations: {} + +# -- Affinity configuration +affinity: {} + dendrite_config: version: 2 global: diff --git a/internal/httputil/httpapi.go b/internal/httputil/httpapi.go index 0559fbb72..034f19f1f 100644 --- a/internal/httputil/httpapi.go +++ b/internal/httputil/httpapi.go @@ -210,6 +210,12 @@ func MakeExternalAPI(metricsName string, f func(*http.Request) util.JSONResponse // This is used to serve HTML alongside JSON error messages func MakeHTTPAPI(metricsName string, userAPI userapi.QueryAcccessTokenAPI, enableMetrics bool, f func(http.ResponseWriter, *http.Request), checks ...AuthAPIOption) http.Handler { withSpan := func(w http.ResponseWriter, req *http.Request) { + if req.Method == http.MethodOptions { + util.SetCORSHeaders(w) + w.WriteHeader(http.StatusOK) // Maybe http.StatusNoContent? + return + } + trace, ctx := internal.StartTask(req.Context(), metricsName) defer trace.EndTask() req = req.WithContext(ctx)