From 14b954e3cc91409acf8c1363db6a770c51a367ad Mon Sep 17 00:00:00 2001 From: Sjoerd Schipper Date: Wed, 3 Jul 2024 15:41:22 +0200 Subject: [PATCH] Tweak setup_configuration --- charts/opennotificaties/Chart.yaml | 2 +- .../opennotificaties/templates/configmap.yaml | 1 + .../templates/cronjob-config.yaml | 87 ----------------- .../templates/deployment.yaml | 9 +- .../templates/job-config.yaml | 88 +++++++++++++++++ charts/opennotificaties/values.yaml | 15 ++- charts/openzaak/Chart.yaml | 2 +- charts/openzaak/templates/configmap.yaml | 1 + charts/openzaak/templates/cronjob-config.yaml | 94 ------------------- charts/openzaak/templates/deployment.yaml | 7 +- charts/openzaak/templates/job-config.yaml | 91 ++++++++++++++++++ charts/openzaak/values.yaml | 14 ++- 12 files changed, 209 insertions(+), 202 deletions(-) delete mode 100644 charts/opennotificaties/templates/cronjob-config.yaml create mode 100644 charts/opennotificaties/templates/job-config.yaml delete mode 100644 charts/openzaak/templates/cronjob-config.yaml create mode 100644 charts/openzaak/templates/job-config.yaml diff --git a/charts/opennotificaties/Chart.yaml b/charts/opennotificaties/Chart.yaml index 85b31fc..f493983 100644 --- a/charts/opennotificaties/Chart.yaml +++ b/charts/opennotificaties/Chart.yaml @@ -3,7 +3,7 @@ name: opennotificaties description: API voor het routeren van notificaties type: application -version: 1.3.2 +version: 1.3.3 appVersion: 1.5.2 dependencies: diff --git a/charts/opennotificaties/templates/configmap.yaml b/charts/opennotificaties/templates/configmap.yaml index e6e235d..834c4d3 100644 --- a/charts/opennotificaties/templates/configmap.yaml +++ b/charts/opennotificaties/templates/configmap.yaml @@ -80,6 +80,7 @@ data: UWSGI_HARAKIRI: {{ .Values.settings.uwsgi.harakiri | toString | quote }} {{- end }} {{ if and .Values.global.configuration.enabled .Values.configuration.enabled -}} + DEMO_CONFIG_ENABLE: "False" SITES_CONFIG_ENABLE: {{ .Values.configuration.sites.enabled | toString | quote }} OPENNOTIFICATIES_DOMAIN: {{ .Values.global.configuration.notificatiesDomain | default .Values.configuration.sites.notificatiesDomain | toString | quote }} OPENNOTIFICATIES_ORGANIZATION: {{ .Values.global.configuration.organization | default .Values.configuration.sites.organization | toString | quote }} diff --git a/charts/opennotificaties/templates/cronjob-config.yaml b/charts/opennotificaties/templates/cronjob-config.yaml deleted file mode 100644 index ec642a0..0000000 --- a/charts/opennotificaties/templates/cronjob-config.yaml +++ /dev/null @@ -1,87 +0,0 @@ -{{ if and .Values.global.configuration.enabled .Values.configuration.enabled .Values.configuration.cronjob.enabled -}} -apiVersion: batch/v1 -kind: CronJob -metadata: - name: {{ include "opennotificaties.configName" . }} - labels: - {{- include "opennotificaties.configLabels" . | nindent 4 }} -spec: - schedule: {{ .Values.configuration.cronjob.schedule | quote }} - concurrencyPolicy: Forbid - successfulJobsHistoryLimit: {{ .Values.configuration.cronjob.historyLimit }} - failedJobsHistoryLimit: {{ .Values.configuration.cronjob.historyLimit }} - jobTemplate: - spec: - template: - metadata: - annotations: - {{- with .Values.podAnnotations }} - {{- toYaml . | nindent 12 }} - {{- end }} - labels: - {{- include "opennotificaties.configLabels" . | nindent 12 }} - {{- with .Values.podAnnotations }} - {{- toYaml . | nindent 12 }} - {{- end }} - spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 12 }} - {{- end }} - serviceAccountName: {{ include "opennotificaties.serviceAccountName" . }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 12 }} - restartPolicy: OnFailure - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 16 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - envFrom: - - secretRef: - name: {{ .Values.existingSecret | default (include "opennotificaties.fullname" .) }} - - configMapRef: - name: {{ include "opennotificaties.fullname" . }} - env: - {{- if .Values.extraEnvVars }} - {{- include "opennotificaties.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 16 }} - {{- end }} - resources: - {{- toYaml .Values.configuration.cronjob.resources | nindent 16 }} - command: - - /setup_configuration.sh - volumeMounts: - - name: media - mountPath: /app/private-media - subPath: {{ .Values.persistence.privateMediaMountSubpath | default "opennotificaties/private_media" }} - - name: media - mountPath: /app/media - subPath: {{ .Values.persistence.mediaMountSubpath | default "opennotificaties/media" }} - {{- if .Values.extraVolumeMounts }} - {{- include "opennotificaties.tplvalues.render" ( dict "value" .Values.extraVolumeMounts "context" $ ) | nindent 16 }} - {{- end }} - volumes: - - name: media - persistentVolumeClaim: - {{- if .Values.persistence.enabled }} - claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ include "opennotificaties.fullname" . }}{{- end }} - {{- else }} - emptyDir: { } - {{- end }} - {{- if .Values.extraVolumes }} - {{- include "opennotificaties.tplvalues.render" ( dict "value" .Values.extraVolumes "context" $ ) | nindent 12 }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 12 }} - {{- end }} -{{- end }} diff --git a/charts/opennotificaties/templates/deployment.yaml b/charts/opennotificaties/templates/deployment.yaml index 8901eb9..4ac3717 100644 --- a/charts/opennotificaties/templates/deployment.yaml +++ b/charts/opennotificaties/templates/deployment.yaml @@ -49,7 +49,14 @@ spec: {{- include "opennotificaties.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 16 }} {{- end }} command: - - /setup_configuration.sh + - /usr/local/bin/python + args: + - /app/src/manage.py + - setup_configuration + - --no-selftest + {{- if or .Values.global.configuration.overwrite .Values.configuration.overwrite }} + - --overwrite + {{- end }} {{- end }} containers: - name: {{ .Chart.Name }} diff --git a/charts/opennotificaties/templates/job-config.yaml b/charts/opennotificaties/templates/job-config.yaml new file mode 100644 index 0000000..2a9c407 --- /dev/null +++ b/charts/opennotificaties/templates/job-config.yaml @@ -0,0 +1,88 @@ +{{ if and .Values.global.configuration.enabled .Values.configuration.enabled .Values.configuration.job.enabled -}} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "opennotificaties.configName" . }} + labels: + {{- include "opennotificaties.configLabels" . | nindent 4 }} +spec: + backoffLimit: {{ .Values.configuration.job.backoffLimit }} + template: + metadata: + annotations: + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "opennotificaties.configLabels" . | nindent 8 }} + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "opennotificaties.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + restartPolicy: {{ .Values.configuration.job.restartPolicy }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + envFrom: + - secretRef: + name: {{ .Values.existingSecret | default (include "opennotificaties.fullname" .) }} + - configMapRef: + name: {{ include "opennotificaties.fullname" . }} + env: + {{- if .Values.extraEnvVars }} + {{- include "opennotificaties.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + resources: + {{- toYaml .Values.configuration.cronjob.resources | nindent 12 }} + command: + - "/bin/bash" + - "-c" + args: + - | + /wait_for_db.sh + /app/src/manage.py migrate + /app/src/manage.py setup_configuration --no-selftest {{- if or .Values.global.configuration.overwrite .Values.configuration.overwrite }} --overwrite{{- end }} + volumeMounts: + - name: media + mountPath: /app/private-media + subPath: {{ .Values.persistence.privateMediaMountSubpath | default "opennotificaties/private_media" }} + - name: media + mountPath: /app/media + subPath: {{ .Values.persistence.mediaMountSubpath | default "opennotificaties/media" }} + {{- if .Values.extraVolumeMounts }} + {{- include "opennotificaties.tplvalues.render" ( dict "value" .Values.extraVolumeMounts "context" $ ) | nindent 16 }} + {{- end }} + volumes: + - name: media + persistentVolumeClaim: + {{- if .Values.persistence.enabled }} + claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ include "opennotificaties.fullname" . }}{{- end }} + {{- else }} + emptyDir: { } + {{- end }} + {{- if .Values.extraVolumes }} + {{- include "opennotificaties.tplvalues.render" ( dict "value" .Values.extraVolumes "context" $ ) | nindent 12 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/opennotificaties/values.yaml b/charts/opennotificaties/values.yaml index f682e44..4aff897 100644 --- a/charts/opennotificaties/values.yaml +++ b/charts/opennotificaties/values.yaml @@ -1,10 +1,9 @@ global: configuration: enabled: true + overwrite: true organization: Gemeente Example - openzaakDomain: openzaak.example.com openzaakAutorisatiesApi: https://openzaak.example.nl/autorisaties/api/v1/ - notificatiesDomain: notificaties.example.nl notificatiesApi: http://opennotificaties.example.nl/api/v1/ notificatiesOpenzaakClientId: notif-client-id notificatiesOpenzaakSecret: notif-secret @@ -13,6 +12,7 @@ global: configuration: enabled: true + overwrite: true sites: enabled: true notificatiesDomain: "" @@ -33,14 +33,11 @@ configuration: initContainer: # -- Run the setup configuration command in a init container enabled: false - cronjob: - # -- Run the setup configuration command as a cronjob + job: + # -- Run the setup configuration command as a job enabled: true - # -- Schedule to run the configuration command - schedule: "0 0 * * *" - historyLimit: 1 - resources: {} - + backoffLimit: 6 + restartPolicy: OnFailure tags: redis: true rabbitmq: true diff --git a/charts/openzaak/Chart.yaml b/charts/openzaak/Chart.yaml index 49f3555..046de00 100644 --- a/charts/openzaak/Chart.yaml +++ b/charts/openzaak/Chart.yaml @@ -3,7 +3,7 @@ name: openzaak description: Productiewaardige API's voor Zaakgericht Werken type: application -version: 1.3.2 +version: 1.3.3 appVersion: 1.12.1 dependencies: diff --git a/charts/openzaak/templates/configmap.yaml b/charts/openzaak/templates/configmap.yaml index aab7a9d..1e6401d 100644 --- a/charts/openzaak/templates/configmap.yaml +++ b/charts/openzaak/templates/configmap.yaml @@ -82,6 +82,7 @@ data: NOTIFICATIONS_DISABLED: "True" {{- end }} {{ if and .Values.global.configuration.enabled .Values.configuration.enabled -}} + DEMO_CONFIG_ENABLE: "False" SITES_CONFIG_ENABLE: {{ if .Values.configuration.sites.enabled }}"True"{{ else }}"False"{{ end }} {{- if .Values.configuration.sites.enabled }} OPENZAAK_DOMAIN: {{ .Values.global.configuration.openzaakDomain | default .Values.configuration.sites.openzaakDomain | toString | quote }} diff --git a/charts/openzaak/templates/cronjob-config.yaml b/charts/openzaak/templates/cronjob-config.yaml deleted file mode 100644 index 06ea643..0000000 --- a/charts/openzaak/templates/cronjob-config.yaml +++ /dev/null @@ -1,94 +0,0 @@ -{{ if and .Values.global.configuration.enabled .Values.configuration.enabled .Values.configuration.cronjob.enabled -}} -apiVersion: batch/v1 -kind: CronJob -metadata: - name: {{ include "openzaak.configName" . }} - labels: - {{- include "openzaak.configLabels" . | nindent 4 }} -spec: - schedule: {{ .Values.configuration.cronjob.schedule | quote }} - concurrencyPolicy: Forbid - successfulJobsHistoryLimit: {{ .Values.configuration.cronjob.historyLimit }} - failedJobsHistoryLimit: {{ .Values.configuration.cronjob.historyLimit }} - jobTemplate: - spec: - template: - metadata: - annotations: - {{- with .Values.podAnnotations }} - {{- toYaml . | nindent 12 }} - {{- end }} - labels: - {{- include "openzaak.configLabels" . | nindent 12 }} - {{- with .Values.podAnnotations }} - {{- toYaml . | nindent 12 }} - {{- end }} - spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 12 }} - {{- end }} - serviceAccountName: {{ include "openzaak.serviceAccountName" . }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 12 }} - restartPolicy: OnFailure - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 16 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - envFrom: - - secretRef: - name: {{ .Values.existingSecret | default (include "openzaak.fullname" .) }} - - configMapRef: - name: {{ include "openzaak.fullname" . }} - env: - {{- if .Values.extraEnvVars }} - {{- include "openzaak.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 16 }} - {{- end }} - resources: - {{- toYaml .Values.configuration.cronjob.resources | nindent 16 }} - command: - - "/bin/bash" - - "-c" - args: - - | - /setup_configuration.sh - {{- if .Values.configuration.notificaties.registerKanalen }} - /app/src/manage.py register_kanalen - {{- end }} - volumeMounts: - - name: media - mountPath: /app/private-media - subPath: {{ .Values.persistence.privateMediaMountSubpath | default "openzaak/private_media" }} - - name: media - mountPath: /app/media - subPath: {{ .Values.persistence.mediaMountSubpath | default "openzaak/media" }} - {{- if .Values.extraVolumeMounts }} - {{- include "openzaak.tplvalues.render" ( dict "value" .Values.extraVolumeMounts "context" $ ) | nindent 16 }} - {{- end }} - volumes: - - name: media - persistentVolumeClaim: - {{- if .Values.persistence.enabled }} - claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ include "openzaak.fullname" . }}{{- end }} - {{- else }} - emptyDir: { } - {{- end }} - {{- if .Values.extraVolumes }} - {{- include "openzaak.tplvalues.render" ( dict "value" .Values.extraVolumes "context" $ ) | nindent 12 }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 12 }} - {{- end }} -{{- end }} diff --git a/charts/openzaak/templates/deployment.yaml b/charts/openzaak/templates/deployment.yaml index 5b1c2b4..ca19fdb 100644 --- a/charts/openzaak/templates/deployment.yaml +++ b/charts/openzaak/templates/deployment.yaml @@ -49,7 +49,12 @@ spec: {{- include "openzaak.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 16 }} {{- end }} command: - - /setup_configuration.sh + - "/bin/bash" + - "-c" + args: + /wait_for_db.sh + /app/src/manage.py migrate + /app/src/manage.py setup_configuration --no-selftest {{- if or .Values.global.configuration.overwrite .Values.configuration.overwrite }} --overwrite{{- end }} volumeMounts: - name: media mountPath: /app/private-media diff --git a/charts/openzaak/templates/job-config.yaml b/charts/openzaak/templates/job-config.yaml new file mode 100644 index 0000000..599e27a --- /dev/null +++ b/charts/openzaak/templates/job-config.yaml @@ -0,0 +1,91 @@ +{{ if and .Values.global.configuration.enabled .Values.configuration.enabled .Values.configuration.job.enabled -}} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "openzaak.configName" . }} + labels: + {{- include "openzaak.configLabels" . | nindent 4 }} +spec: + backoffLimit: {{ .Values.configuration.job.backoffLimit }} + template: + metadata: + annotations: + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "openzaak.configLabels" . | nindent 8 }} + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "openzaak.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + restartPolicy: {{ .Values.configuration.job.restartPolicy }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + envFrom: + - secretRef: + name: {{ .Values.existingSecret | default (include "openzaak.fullname" .) }} + - configMapRef: + name: {{ include "openzaak.fullname" . }} + env: + {{- if .Values.extraEnvVars }} + {{- include "openzaak.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + resources: + {{- toYaml .Values.configuration.cronjob.resources | nindent 12 }} + command: + - "/bin/bash" + - "-c" + args: + - | + /wait_for_db.sh + /app/src/manage.py migrate + /app/src/manage.py setup_configuration --no-selftest {{- if or .Values.global.configuration.overwrite .Values.configuration.overwrite }} --overwrite{{- end }} + {{- if .Values.configuration.notificaties.registerKanalen }} + /app/src/manage.py register_kanalen + {{- end }} + volumeMounts: + - name: media + mountPath: /app/private-media + subPath: {{ .Values.persistence.privateMediaMountSubpath | default "openzaak/private_media" }} + - name: media + mountPath: /app/media + subPath: {{ .Values.persistence.mediaMountSubpath | default "openzaak/media" }} + {{- if .Values.extraVolumeMounts }} + {{- include "openzaak.tplvalues.render" ( dict "value" .Values.extraVolumeMounts "context" $ ) | nindent 16 }} + {{- end }} + volumes: + - name: media + persistentVolumeClaim: + {{- if .Values.persistence.enabled }} + claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ include "openzaak.fullname" . }}{{- end }} + {{- else }} + emptyDir: { } + {{- end }} + {{- if .Values.extraVolumes }} + {{- include "openzaak.tplvalues.render" ( dict "value" .Values.extraVolumes "context" $ ) | nindent 12 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/openzaak/values.yaml b/charts/openzaak/values.yaml index ab7ef10..d1d3ad8 100644 --- a/charts/openzaak/values.yaml +++ b/charts/openzaak/values.yaml @@ -1,10 +1,9 @@ global: configuration: enabled: true + overwrite: true organization: Gemeente Example - openzaakDomain: openzaak.example.com openzaakAutorisatiesApi: https://openzaak.example.nl/autorisaties/api/v1/ - notificatiesDomain: notificaties.example.nl notificatiesApi: http://opennotificaties.example.nl/api/v1/ notificatiesOpenzaakClientId: notif-client-id notificatiesOpenzaakSecret: notif-secret @@ -13,6 +12,7 @@ global: configuration: enabled: true + overwrite: true sites: enabled: true openzaakDomain: "" @@ -41,13 +41,11 @@ configuration: initContainer: # -- Run the setup configuration command in a init container enabled: false - cronjob: - # -- Run the setup configuration command as a cronjob + job: + # -- Run the setup configuration command as a job enabled: true - # -- Schedule to run the configuration command - schedule: "0 0 * * *" - historyLimit: 1 - resources: {} + backoffLimit: 6 + restartPolicy: OnFailure tags: redis: true