From 1fe68f0b142cdb7395741e00b1bf567d28e92a2b Mon Sep 17 00:00:00 2001 From: Till Faelligen <2353100+S7evinK@users.noreply.github.com> Date: Tue, 6 Dec 2022 11:54:33 +0100 Subject: [PATCH] A few fixes --- .github/workflows/k8s.yml | 5 ++- helm/dendrite/ci/ct-gen-key.yaml | 6 --- helm/dendrite/ci/ct-postgres.yaml | 2 - helm/dendrite/templates/deployment.yaml | 36 ++++++++--------- helm/dendrite/templates/jobs.yaml | 6 +-- helm/dendrite/templates/pvc.yaml | 54 ++----------------------- helm/dendrite/templates/secrets.yaml | 7 ++-- helm/dendrite/values.yaml | 8 ++-- 8 files changed, 35 insertions(+), 89 deletions(-) delete mode 100644 helm/dendrite/ci/ct-gen-key.yaml delete mode 100644 helm/dendrite/ci/ct-postgres.yaml diff --git a/.github/workflows/k8s.yml b/.github/workflows/k8s.yml index 3ab9806e2..8b505bf02 100644 --- a/.github/workflows/k8s.yml +++ b/.github/workflows/k8s.yml @@ -12,6 +12,7 @@ on: jobs: lint: + name: Lint Helm chart runs-on: ubuntu-latest outputs: changed: ${{ steps.list-changed.outputs.changed }} @@ -36,14 +37,14 @@ jobs: fi - name: Run lint - run: ct lint --config helm/ct.yaml --target-branch ${{ github.event.repository.default_branch }} + run: ct lint --config helm/ct.yaml # only bother to run if lint step reports a change to the helm chart install: needs: - lint if: ${{ needs.lint.outputs.changed == 'true' }} - name: Install charts + name: Install Helm charts runs-on: ubuntu-latest steps: - name: Checkout diff --git a/helm/dendrite/ci/ct-gen-key.yaml b/helm/dendrite/ci/ct-gen-key.yaml deleted file mode 100644 index 9aec71669..000000000 --- a/helm/dendrite/ci/ct-gen-key.yaml +++ /dev/null @@ -1,6 +0,0 @@ -postgresql: - enabled: true - -configuration: - signing_key: - create: true \ No newline at end of file diff --git a/helm/dendrite/ci/ct-postgres.yaml b/helm/dendrite/ci/ct-postgres.yaml deleted file mode 100644 index e1a98cd30..000000000 --- a/helm/dendrite/ci/ct-postgres.yaml +++ /dev/null @@ -1,2 +0,0 @@ -postgresql: - enabled: true \ No newline at end of file diff --git a/helm/dendrite/templates/deployment.yaml b/helm/dendrite/templates/deployment.yaml index c1d458b2f..33b856924 100644 --- a/helm/dendrite/templates/deployment.yaml +++ b/helm/dendrite/templates/deployment.yaml @@ -18,26 +18,26 @@ spec: app: {{ $.Chart.Name }} spec: volumes: - - name: {{ $.Chart.Name }}-conf-vol + - name: {{ .Release.Name }}-conf-vol secret: - secretName: {{ $.Chart.Name }}-conf - - name: {{ $.Chart.Name }}-signing-key + secretName: {{ .Release.Name }}-conf + - name: {{ .Release.Name }}-signing-key secret: - secretName: {{ default "dendrite-signing-key" $.Values.configuration.signing_key.existingSecret | quote }} + secretName: {{ default (print .Release.Name "-signing-key") $.Values.configuration.signing_key.existingSecret | quote }} {{- if (gt (len ($.Files.Glob "appservices/*")) 0) }} - - name: {{ $.Chart.Name }}-appservices + - name:{{ .Release.Name }}-appservices secret: - secretName: {{ $.Chart.Name }}-appservices-conf + secretName: {{ .Release.Name }}-appservices-conf {{- end }} - - name: dendrite-jetstream + - name: {{ .Release.Name }}-jetstream persistentVolumeClaim: - claimName: {{ default "dendrite-jetstream-pvc" $.Values.persistence.jetstream.existingClaim | quote }} - - name: dendrite-media + claimName: {{ default (print .Release.Name "-jetstream-pvc") $.Values.persistence.jetstream.existingClaim | quote }} + - name: {{ .Release.Name }}-media persistentVolumeClaim: - claimName: {{ default "dendrite-media-pvc" $.Values.persistence.media.existingClaim | quote }} - - name: dendrite-search + claimName: {{ default (print .Release.Name "-media-pvc") $.Values.persistence.media.existingClaim | quote }} + - name: {{ .Release.Name }}-search persistentVolumeClaim: - claimName: {{ default "dendrite-serach-pvc" $.Values.persistence.search.existingClaim | quote }} + claimName: {{ default (print .Release.Name "-search-pvc") $.Values.persistence.search.existingClaim | quote }} containers: - name: {{ $.Chart.Name }} {{- include "image.name" $.Values.image | nindent 8 }} @@ -48,17 +48,17 @@ spec: {{- toYaml $.Values.resources | nindent 10 }} volumeMounts: - mountPath: /etc/dendrite/ - name: {{ $.Chart.Name }}-conf-vol + name: {{ .Release.Name }}-conf-vol - mountPath: /etc/dendrite/secrets/ - name: {{ $.Chart.Name }}-signing-key + name: {{ .Release.Name }}-signing-key {{- if (gt (len ($.Files.Glob "appservices/*")) 0) }} - mountPath: /etc/dendrite/appservices - name: {{ $.Chart.Name }}-appservices + name: {{ .Release.Name }}-appservices readOnly: true {{ end }} - mountPath: /data/media_store - name: dendrite-media + name: {{ .Release.Name }}-media - mountPath: /data/jetstream - name: dendrite-jetstream + name: {{ .Release.Name }}-jetstream - mountPath: /data/search - name: dendrite-search \ No newline at end of file + name: {{ .Release.Name }}-search \ No newline at end of file diff --git a/helm/dendrite/templates/jobs.yaml b/helm/dendrite/templates/jobs.yaml index 61f447d5c..af84cafde 100644 --- a/helm/dendrite/templates/jobs.yaml +++ b/helm/dendrite/templates/jobs.yaml @@ -1,6 +1,6 @@ {{ if and .Values.configuration.signing_key.create (not .Values.configuration.signing_key.existingSecret ) }} -{{ $name := "dendrite-signing-key" }} -{{ $secretName := "dendrite-signing-key" }} +{{ $name := (print .Release.Name "-signing-key") }} +{{ $secretName := (print .Release.Name "-signing-key") }} --- apiVersion: v1 kind: ServiceAccount @@ -50,7 +50,7 @@ spec: template: spec: restartPolicy: "Never" - serviceAccount: dendrite-signing-key + serviceAccount: {{ $name }} containers: - name: upload-key image: bitnami/kubectl diff --git a/helm/dendrite/templates/pvc.yaml b/helm/dendrite/templates/pvc.yaml index df73a4f83..1ec11f31b 100644 --- a/helm/dendrite/templates/pvc.yaml +++ b/helm/dendrite/templates/pvc.yaml @@ -1,27 +1,11 @@ {{ if not .Values.persistence.media.existingClaim }} --- apiVersion: v1 -kind: PersistentVolume -metadata: - annotations: - helm.sh/resource-policy: keep - name: dendrite-media -spec: - capacity: - storage: {{ .Values.persistence.media.capacity }} - volumeMode: Filesystem - accessModes: - - ReadWriteOnce - storageClassName: {{ .Values.persistence.storageClass }} ---- -apiVersion: v1 kind: PersistentVolumeClaim metadata: annotations: helm.sh/resource-policy: keep - name: dendrite-media-pvc - labels: - app: dendrite + name: {{ .Release.Name }}-media-pvc spec: accessModes: - ReadWriteOnce @@ -33,27 +17,11 @@ spec: {{ if not .Values.persistence.jetstream.existingClaim }} --- apiVersion: v1 -kind: PersistentVolume -metadata: - annotations: - helm.sh/resource-policy: keep - name: dendrite-jetstream -spec: - capacity: - storage: {{ .Values.persistence.jetstream.capacity }} - volumeMode: Filesystem - accessModes: - - ReadWriteOnce - storageClassName: {{ .Values.persistence.storageClass }} ---- -apiVersion: v1 kind: PersistentVolumeClaim metadata: annotations: helm.sh/resource-policy: keep - name: dendrite-jetstream-pvc - labels: - app: dendrite + name: {{ .Release.Name }}-jetstream-pvc spec: accessModes: - ReadWriteOnce @@ -65,27 +33,11 @@ spec: {{ if not .Values.persistence.search.existingClaim }} --- apiVersion: v1 -kind: PersistentVolume -metadata: - annotations: - helm.sh/resource-policy: keep - name: dendrite-search -spec: - capacity: - storage: {{ .Values.persistence.search.capacity }} - volumeMode: Filesystem - accessModes: - - ReadWriteOnce - storageClassName: {{ .Values.persistence.storageClass }} ---- -apiVersion: v1 kind: PersistentVolumeClaim metadata: annotations: helm.sh/resource-policy: keep - name: dendrite-search-pvc - labels: - app: dendrite + name: {{ .Release.Name }}-search-pvc spec: accessModes: - ReadWriteOnce diff --git a/helm/dendrite/templates/secrets.yaml b/helm/dendrite/templates/secrets.yaml index db4f0f5a0..071a2fc38 100644 --- a/helm/dendrite/templates/secrets.yaml +++ b/helm/dendrite/templates/secrets.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ .Chart.Name }}-appservices-conf + name: {{ .Release.Name }}-appservices-conf namespace: {{ .Release.Namespace }} type: Opaque data: @@ -16,7 +16,7 @@ kind: Secret metadata: annotations: helm.sh/resource-policy: keep - name: {{ .Chart.Name }}-signing-key + name: {{ .Release.Name }}-signing-key namespace: {{ .Release.Namespace }} type: Opaque {{ end }} @@ -30,12 +30,13 @@ apiVersion: v1 kind: Secret type: Opaque metadata: - name: {{ .Chart.Name }}-conf + name: {{ .Release.Name }}-conf namespace: {{ .Release.Namespace }} stringData: dendrite.yaml: | version: 2 global: + server_name: {{ .Values.configuration.server_name }} private_key: /etc/dendrite/secrets/signing.key key_id: ed25519:auto key_validity_period: {{ .Values.configuration.key_validity_period | quote }} diff --git a/helm/dendrite/values.yaml b/helm/dendrite/values.yaml index b2fc6e1ab..01b464900 100644 --- a/helm/dendrite/values.yaml +++ b/helm/dendrite/values.yaml @@ -6,7 +6,7 @@ image: configuration: # -- Servername for this Dendrite deployment - servername: "" + server_name: "" # -- The server name to delegate server-server communications to, with optional port # e.g. localhost:443 @@ -151,13 +151,13 @@ persistence: storageClass: local-path jetstream: existingClaim: "" - capacity: "5Gi" + capacity: "1Gi" media: existingClaim: "" - capacity: "10Gi" + capacity: "1Gi" search: existingClaim: "" - capacity: "5Gi" + capacity: "1Gi" clientapi: registration: