From 41e9f859448dc6eb803d1f9976130d65a50226b1 Mon Sep 17 00:00:00 2001 From: Alex Chapellon Date: Thu, 19 Oct 2023 09:59:12 +0200 Subject: [PATCH] OPSEXP-2298: refactor enterprise search deployments and jobs (#132) --- charts/alfresco-repository/Chart.lock | 6 +- charts/alfresco-repository/Chart.yaml | 4 +- charts/alfresco-repository/README.md | 4 +- .../templates/_helpers-message-broker.tpl | 23 ---- .../templates/configmap-mq.yaml | 2 +- charts/alfresco-search-enterprise/Chart.lock | 6 +- charts/alfresco-search-enterprise/Chart.yaml | 4 +- charts/alfresco-search-enterprise/README.md | 12 +- .../ci/default-values.yaml | 2 + .../templates/_helpers-activemq.tpl | 30 +++++ .../templates/_helpers.tpl | 11 ++ .../{config-ats.yaml => configmap-ats.yaml} | 5 +- ...arch.yaml => configmap-elasticsearch.yaml} | 0 .../templates/configmap-mq.yaml | 12 ++ .../templates/configmap-repository.yaml | 16 +++ .../templates/liveindexing-deployment.yaml | 26 +++-- .../templates/reindexing-job.yaml | 31 ++++-- .../templates/secret-messagebroker.yaml | 10 +- .../templates/service-headless-mediation.yaml | 16 +++ .../templates/serviceaccount.yaml | 12 ++ .../templates/statefulset-mediation.yaml | 62 +++++++++++ .../tests/configmap-database_test.yaml | 34 ------ .../tests/configmaps_test.yaml | 103 ++++++++++++++++++ .../tests/liveindexing-deployment_test.yaml | 34 +++++- .../tests/reindexing-job_test.yaml | 28 ++++- .../tests/secret-messagebroker_test.yaml | 4 - charts/alfresco-search-enterprise/values.yaml | 36 +++++- 27 files changed, 419 insertions(+), 114 deletions(-) delete mode 100644 charts/alfresco-repository/templates/_helpers-message-broker.tpl create mode 100644 charts/alfresco-search-enterprise/templates/_helpers-activemq.tpl rename charts/alfresco-search-enterprise/templates/{config-ats.yaml => configmap-ats.yaml} (62%) rename charts/alfresco-search-enterprise/templates/{config-elasticsearch.yaml => configmap-elasticsearch.yaml} (100%) create mode 100644 charts/alfresco-search-enterprise/templates/configmap-mq.yaml create mode 100644 charts/alfresco-search-enterprise/templates/configmap-repository.yaml create mode 100644 charts/alfresco-search-enterprise/templates/service-headless-mediation.yaml create mode 100644 charts/alfresco-search-enterprise/templates/serviceaccount.yaml create mode 100644 charts/alfresco-search-enterprise/templates/statefulset-mediation.yaml delete mode 100644 charts/alfresco-search-enterprise/tests/configmap-database_test.yaml create mode 100644 charts/alfresco-search-enterprise/tests/configmaps_test.yaml diff --git a/charts/alfresco-repository/Chart.lock b/charts/alfresco-repository/Chart.lock index 99a8846a..fb98242b 100644 --- a/charts/alfresco-repository/Chart.lock +++ b/charts/alfresco-repository/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: alfresco-common repository: https://alfresco.github.io/alfresco-helm-charts/ - version: 3.0.0-alpha.2 + version: 3.0.0-alpha.3 - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts version: 12.5.6 -digest: sha256:8b29bc4958ca18fce2e9b0fe2d8d21b4628cb3e1c13f90226378fe6ac3fbd9ff -generated: "2023-09-25T15:51:04.023194318Z" +digest: sha256:fc5f240540fd10560dca1e88b13601b18128e2fbf0ed0b52ab9294ad58dff037 +generated: "2023-10-18T14:43:10.28712+02:00" diff --git a/charts/alfresco-repository/Chart.yaml b/charts/alfresco-repository/Chart.yaml index 74fffc3d..b941fb19 100644 --- a/charts/alfresco-repository/Chart.yaml +++ b/charts/alfresco-repository/Chart.yaml @@ -2,11 +2,11 @@ apiVersion: v2 name: alfresco-repository description: Alfresco content repository Helm chart type: application -version: 0.1.0-alpha.18 +version: 0.1.0-alpha.19 appVersion: 23.1.0-A21 dependencies: - name: alfresco-common - version: 3.0.0-alpha.2 + version: 3.0.0-alpha.3 repository: https://alfresco.github.io/alfresco-helm-charts/ - name: postgresql version: 12.5.6 diff --git a/charts/alfresco-repository/README.md b/charts/alfresco-repository/README.md index 9c6467f7..dd00a424 100644 --- a/charts/alfresco-repository/README.md +++ b/charts/alfresco-repository/README.md @@ -1,6 +1,6 @@ # alfresco-repository -![Version: 0.1.0-alpha.18](https://img.shields.io/badge/Version-0.1.0--alpha.18-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 23.1.0-A21](https://img.shields.io/badge/AppVersion-23.1.0--A21-informational?style=flat-square) +![Version: 0.1.0-alpha.19](https://img.shields.io/badge/Version-0.1.0--alpha.19-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 23.1.0-A21](https://img.shields.io/badge/AppVersion-23.1.0--A21-informational?style=flat-square) Alfresco content repository Helm chart @@ -8,7 +8,7 @@ Alfresco content repository Helm chart | Repository | Name | Version | |------------|------|---------| -| https://alfresco.github.io/alfresco-helm-charts/ | alfresco-common | 3.0.0-alpha.2 | +| https://alfresco.github.io/alfresco-helm-charts/ | alfresco-common | 3.0.0-alpha.3 | | oci://registry-1.docker.io/bitnamicharts | postgresql | 12.5.6 | ## Values diff --git a/charts/alfresco-repository/templates/_helpers-message-broker.tpl b/charts/alfresco-repository/templates/_helpers-message-broker.tpl deleted file mode 100644 index bbae0bcf..00000000 --- a/charts/alfresco-repository/templates/_helpers-message-broker.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{/* -Validate ActiveMQ is a failover transport URL - -Usage: include "alfresco-repository.mq.url.valid" "URL" - -*/}} -{{- define "alfresco-repository.mq.url.valid" -}} -{{- if hasPrefix "failover:(" . }} - {{- . }} -{{- else -}} - {{- printf "failover:(%s)" . }} -{{- end }} -{{- end -}} - -{{/* -Render message broker configmap - -Usage: include "alfresco-repository.mq.cm" "URL" - -*/}} -{{- define "alfresco-repository.mq.cm" -}} - BROKER_URL: {{ template "alfresco-repository.mq.url.valid" . }} -{{- end -}} diff --git a/charts/alfresco-repository/templates/configmap-mq.yaml b/charts/alfresco-repository/templates/configmap-mq.yaml index 177dc0e7..0708ffc9 100644 --- a/charts/alfresco-repository/templates/configmap-mq.yaml +++ b/charts/alfresco-repository/templates/configmap-mq.yaml @@ -9,6 +9,6 @@ metadata: {{- include "alfresco-repository.labels" . | nindent 4 }} data: {{- with .Values.configuration.messageBroker }} - {{ template "alfresco-repository.mq.cm" .url }} + {{ template "alfresco-common.activemq.cm" .url }} {{- end }} {{- end }} diff --git a/charts/alfresco-search-enterprise/Chart.lock b/charts/alfresco-search-enterprise/Chart.lock index 32d2d9fd..35d9210f 100644 --- a/charts/alfresco-search-enterprise/Chart.lock +++ b/charts/alfresco-search-enterprise/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: alfresco-common repository: https://alfresco.github.io/alfresco-helm-charts/ - version: 3.0.0-alpha.1 + version: 3.0.0-alpha.3 - name: activemq repository: https://alfresco.github.io/alfresco-helm-charts/ version: 3.3.0 - name: elasticsearch repository: https://helm.elastic.co version: 7.17.3 -digest: sha256:3217395d08bca2dca3ada26c8045f92409e4173deb0e881dd0d020c975b6217c -generated: "2023-09-21T19:55:50.962494+02:00" +digest: sha256:32410a9edb8cebdc613c15998ebbb9f38d1e13c815bf5270ff03b709ed6524fc +generated: "2023-10-18T14:38:30.777957+02:00" diff --git a/charts/alfresco-search-enterprise/Chart.yaml b/charts/alfresco-search-enterprise/Chart.yaml index 98180a07..aebc20b1 100644 --- a/charts/alfresco-search-enterprise/Chart.yaml +++ b/charts/alfresco-search-enterprise/Chart.yaml @@ -3,11 +3,11 @@ apiVersion: v2 name: alfresco-search-enterprise description: A Helm chart for deploying Alfresco Elasticsearch connector type: application -version: 3.0.0-alpha.1 +version: 3.0.0-alpha.2 appVersion: 3.3.1 dependencies: - name: alfresco-common - version: 3.0.0-alpha.1 + version: 3.0.0-alpha.3 repository: https://alfresco.github.io/alfresco-helm-charts/ - name: activemq version: 3.3.0 diff --git a/charts/alfresco-search-enterprise/README.md b/charts/alfresco-search-enterprise/README.md index ae3e1fa8..486ef1ba 100644 --- a/charts/alfresco-search-enterprise/README.md +++ b/charts/alfresco-search-enterprise/README.md @@ -1,6 +1,6 @@ # alfresco-search-enterprise -![Version: 3.0.0-alpha.1](https://img.shields.io/badge/Version-3.0.0--alpha.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 3.3.1](https://img.shields.io/badge/AppVersion-3.3.1-informational?style=flat-square) +![Version: 3.0.0-alpha.2](https://img.shields.io/badge/Version-3.0.0--alpha.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 3.3.1](https://img.shields.io/badge/AppVersion-3.3.1-informational?style=flat-square) A Helm chart for deploying Alfresco Elasticsearch connector @@ -11,7 +11,7 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | Repository | Name | Version | |------------|------|---------| | https://alfresco.github.io/alfresco-helm-charts/ | activemq | 3.3.0 | -| https://alfresco.github.io/alfresco-helm-charts/ | alfresco-common | 3.0.0-alpha.1 | +| https://alfresco.github.io/alfresco-helm-charts/ | alfresco-common | 3.0.0-alpha.3 | | https://helm.elastic.co | elasticsearch | 7.17.3 | ## Values @@ -56,6 +56,8 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | liveIndexing.path.image.repository | string | `"quay.io/alfresco/alfresco-elasticsearch-live-indexing-path"` | | | liveIndexing.path.image.tag | string | `"3.3.1"` | | | liveIndexing.path.replicaCount | int | `1` | | +| messageBroker.existingConfigMap | object | `{"keys":{"url":"BROKER_URL"},"name":null}` | Alternatively, provide message broker connection details via an existing configmap | +| messageBroker.existingConfigMap.keys.url | string | `"BROKER_URL"` | Key within the configmap holding the URL of the message broker | | messageBroker.existingSecretName | string | `nil` | Provide connection details alternatively via an existing secret that contains BROKER_URL, BROKER_USERNAME and BROKER_PASSWORD keys | | messageBroker.password | string | `nil` | Broker password | | messageBroker.url | string | `nil` | Broker URL formatted as per: https://activemq.apache.org/failover-transport-reference | @@ -80,6 +82,9 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | reindexing.initcontainers.waitForRepository.resources.limits.cpu | string | `"0.25"` | | | reindexing.initcontainers.waitForRepository.resources.limits.memory | string | `"10Mi"` | | | reindexing.pathIndexingEnabled | bool | `true` | | +| reindexing.repository.existingConfigMap.keys.url | string | `"REPOSITORY_URL"` | Key within the configmap holding the full url to connect to the alfresco repository | +| reindexing.repository.existingConfigMap.name | string | `nil` | Alternatively, provide repository connection details via an existing configmap | +| reindexing.repository.url | string | `nil` | URL of the Alfresco repository | | reindexing.resources.limits.cpu | string | `"2"` | | | reindexing.resources.limits.memory | string | `"512Mi"` | | | reindexing.resources.requests.cpu | string | `"0.5"` | | @@ -96,4 +101,7 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | searchIndex.protocol | string | `nil` | Valid values are http or https | | searchIndex.user | string | `nil` | The username required to access the service, if any | | securityContext | object | `{}` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `"alfresco-search-enterprise-sa"` | | | tolerations | list | `[]` | | diff --git a/charts/alfresco-search-enterprise/ci/default-values.yaml b/charts/alfresco-search-enterprise/ci/default-values.yaml index bf056ed0..0c026a7a 100644 --- a/charts/alfresco-search-enterprise/ci/default-values.yaml +++ b/charts/alfresco-search-enterprise/ci/default-values.yaml @@ -1,3 +1,5 @@ +# avoid too long resource names being truncated and conflicting +nameOverride: aesc reindexing: # requires postgres database at startup enabled: false diff --git a/charts/alfresco-search-enterprise/templates/_helpers-activemq.tpl b/charts/alfresco-search-enterprise/templates/_helpers-activemq.tpl new file mode 100644 index 00000000..627134df --- /dev/null +++ b/charts/alfresco-search-enterprise/templates/_helpers-activemq.tpl @@ -0,0 +1,30 @@ +{{/* + +Usage: include "alfresco-search-enterprise.activemq.url" $ + +*/}} +{{- define "alfresco-search-enterprise.activemq.url" -}} +{{- with .Values.activemq }} +{{- if .enabled }} +{{- $mqCtx := dict "Values" (dict "nameOverride" (.nameOverride | default "")) "Chart" (dict "Name" "activemq") "Release" $.Release }} +{{- printf "failover:(nio://%s-broker:61616)?timeout=3000&jms.useCompression=true" (include "activemq.fullname" $mqCtx) }} +{{- else }} +{{- required "Disabling in-cluster ActiveMQ requires passing (at least) messageBroker.url" $.Values.messageBroker.url }} +{{- end }} +{{- end }} +{{- end -}} + +{{/* + +Usage: include "alfresco-search-enterprise.activemq.cm.env" $ + +*/}} +{{- define "alfresco-search-enterprise.activemq.cm.env" -}} +{{- $mqCtx := dict "Values" (dict "nameOverride" (printf "%s-%s" ($.Values.nameOverride | default $.Chart.Name) "mq")) "Chart" $.Chart "Release" $.Release }} +{{- $mqCm := coalesce $.Values.messageBroker.existingConfigMap.name (include "alfresco-search-enterprise.fullname" $mqCtx) }} +- name: BROKER_URL + valueFrom: + configMapKeyRef: + name: {{ $mqCm }} + key: {{ $.Values.messageBroker.existingConfigMap.keys.url }} +{{- end -}} diff --git a/charts/alfresco-search-enterprise/templates/_helpers.tpl b/charts/alfresco-search-enterprise/templates/_helpers.tpl index 93078b59..ce479595 100644 --- a/charts/alfresco-search-enterprise/templates/_helpers.tpl +++ b/charts/alfresco-search-enterprise/templates/_helpers.tpl @@ -49,3 +49,14 @@ Selector labels app.kubernetes.io/name: {{ include "alfresco-search-enterprise.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "alfresco-search-enterprise.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "alfresco-search-enterprise.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/alfresco-search-enterprise/templates/config-ats.yaml b/charts/alfresco-search-enterprise/templates/configmap-ats.yaml similarity index 62% rename from charts/alfresco-search-enterprise/templates/config-ats.yaml rename to charts/alfresco-search-enterprise/templates/configmap-ats.yaml index 4af93372..46b148f6 100644 --- a/charts/alfresco-search-enterprise/templates/config-ats.yaml +++ b/charts/alfresco-search-enterprise/templates/configmap-ats.yaml @@ -2,9 +2,10 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ template "alfresco-search-enterprise.fullname" . }}-ats + {{- $ctx := dict "Values" (dict "nameOverride" (printf "%s-%s" ($.Values.nameOverride | default $.Chart.Name) "ats")) "Chart" $.Chart "Release" $.Release }} + name: {{ template "alfresco-search-enterprise.fullname" $ctx }} labels: - {{- include "alfresco-search-enterprise.labels" $ | nindent 4 }} + {{- include "alfresco-search-enterprise.labels" . | nindent 4 }} data: {{ template "alfresco-search-enterprise.ats.fullurl" (required "You need to provide the ATS URL using either ats.transform_url value or a configmap" .Values.ats.transform_url) }} {{ template "alfresco-search-enterprise.sfs.fullurl" (required "You need to provide the SFS URL using either ats.sfs_url value or a configmap" .Values.ats.sfs_url) }} diff --git a/charts/alfresco-search-enterprise/templates/config-elasticsearch.yaml b/charts/alfresco-search-enterprise/templates/configmap-elasticsearch.yaml similarity index 100% rename from charts/alfresco-search-enterprise/templates/config-elasticsearch.yaml rename to charts/alfresco-search-enterprise/templates/configmap-elasticsearch.yaml diff --git a/charts/alfresco-search-enterprise/templates/configmap-mq.yaml b/charts/alfresco-search-enterprise/templates/configmap-mq.yaml new file mode 100644 index 00000000..e7de2228 --- /dev/null +++ b/charts/alfresco-search-enterprise/templates/configmap-mq.yaml @@ -0,0 +1,12 @@ +{{- if not .Values.messageBroker.existingConfigMap.name -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: >- + {{- $ctx := dict "Values" (dict "nameOverride" (printf "%s-%s" (.Values.nameOverride | default .Chart.Name) "mq")) "Chart" .Chart "Release" .Release }} + {{ template "alfresco-search-enterprise.fullname" $ctx }} + labels: + {{- include "alfresco-search-enterprise.labels" . | nindent 4 }} +data: + {{ template "alfresco-common.activemq.cm" (include "alfresco-search-enterprise.activemq.url" .) }} +{{- end -}} diff --git a/charts/alfresco-search-enterprise/templates/configmap-repository.yaml b/charts/alfresco-search-enterprise/templates/configmap-repository.yaml new file mode 100644 index 00000000..1da70522 --- /dev/null +++ b/charts/alfresco-search-enterprise/templates/configmap-repository.yaml @@ -0,0 +1,16 @@ +{{- with .Values.reindexing }} +{{- if and .enabled (not .repository.existingConfigMap.name) -}} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: >- + {{- $ctx := dict "Values" (dict "nameOverride" (printf "%s-%s" ($.Values.nameOverride | default $.Chart.Name) "repository")) "Chart" $.Chart "Release" $.Release }} + {{ template "alfresco-search-enterprise.fullname" $ctx }} + labels: + {{- include "alfresco-search-enterprise.labels" $ | nindent 4 }} +data: + {{- $failmsg := ".reindexing.repository.url is mandatory when not using existingConfigMap" }} + REPOSITORY_URL: {{ required $failmsg .repository.url | quote }} +{{- end -}} +{{- end -}} diff --git a/charts/alfresco-search-enterprise/templates/liveindexing-deployment.yaml b/charts/alfresco-search-enterprise/templates/liveindexing-deployment.yaml index d2d574ef..15db827b 100644 --- a/charts/alfresco-search-enterprise/templates/liveindexing-deployment.yaml +++ b/charts/alfresco-search-enterprise/templates/liveindexing-deployment.yaml @@ -1,19 +1,18 @@ -{{- range $serviceName, $service := .Values.liveIndexing }} +{{- range $serviceName, $service := omit .Values.liveIndexing "mediation" }} +--- apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "alfresco-search-enterprise.fullname" $ }}-{{ $serviceName }} labels: {{- include "alfresco-search-enterprise.labels" $ | nindent 4 }} -spec: - {{- if eq $serviceName "mediation"}} - replicas: 1 - {{- else }} + app.kubernetes.io/component: {{ printf "%s-indexing" $serviceName }} +spec : replicas: {{ $service.replicaCount | default 1 }} - {{- end }} selector: matchLabels: {{- include "alfresco-search-enterprise.selectorLabels" $ | nindent 6 }} + app.kubernetes.io/component: {{ printf "%s-indexing" $serviceName }} template: metadata: annotations: @@ -25,22 +24,26 @@ spec: {{- end }} labels: {{- include "alfresco-search-enterprise.selectorLabels" $ | nindent 8 }} + app.kubernetes.io/component: {{ printf "%s-indexing" $serviceName }} spec: - {{- include "component-pod-security-context" .Values | indent 4 }} - {{- include "alfresco-content-services.imagePullSecrets" $ | indent 6 }} + serviceAccountName: {{ include "alfresco-search-enterprise.serviceAccountName" $ }} + {{- include "alfresco-common.component-pod-security-context" .Values | indent 4 }} + {{- include "alfresco-common.imagePullSecrets" $ | indent 6 }} containers: - name: {{ $.Chart.Name }}-{{ $serviceName }} image: "{{ index $.Values "liveIndexing" (printf "%s" $serviceName) "image" "repository" }}:\ {{ index $.Values "liveIndexing" (printf "%s" $serviceName) "image" "tag" }}" imagePullPolicy: {{ index $.Values "liveIndexing" (printf "%s" $serviceName) "image" "pullPolicy" }} - {{- include "component-security-context" .Values | indent 8 }} + {{- include "alfresco-common.component-security-context" .Values | indent 8 }} envFrom: - secretRef: name: {{ default (printf "%s-messagebroker-secret" (include "alfresco-search-enterprise.fullname" $)) $.Values.messageBroker.existingSecretName }} - configMapRef: name: {{ template "alfresco-search-enterprise.fullname" $ }}-es env: - {{- $ats_cm := $.Values.ats.existingConfigMap.name | default (printf "%s-ats" (include "alfresco-search-enterprise.fullname" $)) }} + {{- include "alfresco-search-enterprise.activemq.cm.env" $ | nindent 12 }} + {{- $atsCtx := dict "Values" (dict "nameOverride" (printf "%s-%s" ($.Values.nameOverride | default $.Chart.Name) "ats")) "Chart" $.Chart "Release" $.Release }} + {{- $ats_cm := coalesce $.Values.ats.existingConfigMap.name (include "alfresco-search-enterprise.fullname" $atsCtx) }} - name: ALFRESCO_ACCEPTEDCONTENTMEDIATYPESCACHE_BASEURL valueFrom: configMapKeyRef: @@ -51,7 +54,7 @@ spec: configMapKeyRef: name: {{ $ats_cm }} key: {{ $.Values.ats.existingConfigMap.keys.sfs_url }} - {{- include "spring.activemq.env" . | nindent 12 }} + {{- include "alfresco-common.spring.activemq.env" . | nindent 12 }} {{- include "alfresco-search-enterprise.config.spring.envCredentials" $ | nindent 12 }} {{- include "alfresco-search-enterprise.env" $ | nindent 12 }} {{- range $key, $val := $.Values.liveIndexing.environment }} @@ -87,5 +90,4 @@ spec: tolerations: {{- toYaml $ | nindent 8 }} {{- end }} ---- {{- end }} diff --git a/charts/alfresco-search-enterprise/templates/reindexing-job.yaml b/charts/alfresco-search-enterprise/templates/reindexing-job.yaml index 34f0e389..77824dbb 100644 --- a/charts/alfresco-search-enterprise/templates/reindexing-job.yaml +++ b/charts/alfresco-search-enterprise/templates/reindexing-job.yaml @@ -15,14 +15,15 @@ spec: labels: {{- include "alfresco-search-enterprise.selectorLabels" . | nindent 8 }} spec: - {{- include "component-pod-security-context" .Values | indent 4 }} - {{- include "alfresco-content-services.imagePullSecrets" . | indent 6 }} + serviceAccountName: {{ include "alfresco-search-enterprise.serviceAccountName" . }} + {{- include "alfresco-common.component-pod-security-context" .Values | indent 4 }} + {{- include "alfresco-common.imagePullSecrets" . | indent 6 }} restartPolicy: Never containers: - name: {{ .Chart.Name }}-reindexing image: "{{ .Values.reindexing.image.repository }}:{{ .Values.reindexing.image.tag }}" imagePullPolicy: {{ .Values.reindexing.image.pullPolicy }} - {{- include "component-security-context" .Values | indent 8 }} + {{- include "alfresco-common.component-security-context" .Values | indent 8 }} resources: {{- toYaml .Values.reindexing.resources | nindent 12 }} envFrom: - configMapRef: @@ -65,7 +66,8 @@ spec: configMapKeyRef: name: {{ .Values.reindexing.db.existingConfigMap.name | default $dbFullName }} key: {{ .Values.reindexing.db.existingConfigMap.keys.url }} - {{- include "spring.activemq.env" . | nindent 12 }} + {{- include "alfresco-search-enterprise.activemq.cm.env" $ | nindent 12 }} + {{- include "alfresco-common.spring.activemq.env" . | nindent 12 }} {{- include "alfresco-search-enterprise.config.spring.envCredentials" $ | nindent 12 }} ports: - name: http @@ -74,12 +76,25 @@ spec: initContainers: - name: wait-for-repository image: curlimages/curl:7.79.1 - {{- include "component-security-context" .Values | indent 8 }} + {{- include "alfresco-common.component-security-context" .Values | indent 8 }} resources: {{- toYaml .Values.reindexing.initcontainers.waitForRepository.resources | nindent 12 }} env: - - name: ALFRESCO_REPOSITORY_URL - value: http://{{ template "content-services.shortname" . }}-repository/alfresco/api/-default-/public/alfresco/versions/1/probes/-ready- + {{- $repoCtx := dict "Values" (dict "nameOverride" (printf "%s-%s" ($.Values.nameOverride | default $.Chart.Name) "repository")) "Chart" $.Chart "Release" $.Release }} + {{- $repoCm := coalesce .Values.reindexing.repository.existingConfigMap.name (include "alfresco-search-enterprise.fullname" $repoCtx) }} + - name: REPOSITORY_URL + valueFrom: + configMapKeyRef: + name: {{ $repoCm }} + key: {{ .Values.reindexing.repository.existingConfigMap.keys.url }} command: [ "/bin/sh","-c" ] # Delay running the reindexing to give Alfresco Repository a chance to fully initialise - args: [ "while [ $(curl -sw '%{http_code}' $ALFRESCO_REPOSITORY_URL -o /dev/null) -ne 200 ]; do sleep 5; echo 'Waiting for the Alfresco Repository...'; done; echo 'Alfresco is ready, delay reindexing to give a chance to fully initialise.'; sleep 30; echo 'Reindexing started!'" ] + args: + - | + while [ $(curl -sw '%{http_code}' $(ALFRESCO_REPOSITORY_URL)/api/-default-/public/alfresco/versions/1/probes/-ready- -o /dev/null) -ne 200 ] + do echo 'Waiting for the Alfresco Repository...' + sleep 5 + done + echo 'Alfresco is ready, delay reindexing to give a chance to fully initialise.' + sleep 30 + echo 'Reindexing started!' {{ end }} diff --git a/charts/alfresco-search-enterprise/templates/secret-messagebroker.yaml b/charts/alfresco-search-enterprise/templates/secret-messagebroker.yaml index a9979548..b0a044cd 100644 --- a/charts/alfresco-search-enterprise/templates/secret-messagebroker.yaml +++ b/charts/alfresco-search-enterprise/templates/secret-messagebroker.yaml @@ -8,12 +8,10 @@ metadata: type: Opaque data: {{- if .Values.activemq.enabled }} - BROKER_URL: {{ printf "failover:(nio://%s-activemq-broker:61616)?timeout=3000&jms.useCompression=true" (include "alfresco-search-enterprise.fullname" .) | b64enc | quote }} - BROKER_USERNAME: {{ .Values.activemq.adminUser.user | b64enc | quote }} - BROKER_PASSWORD: {{ .Values.activemq.adminUser.password | b64enc | quote }} + BROKER_USERNAME: {{ .Values.activemq.adminUser.user | default "admin" | b64enc | quote }} + BROKER_PASSWORD: {{ .Values.activemq.adminUser.password | default "admin" | b64enc | quote }} {{- else }} - BROKER_URL: {{ required "Disabling in-cluster ActiveMQ requires passing (at least) messageBroker.url" .Values.messageBroker.url | b64enc | quote }} - BROKER_USERNAME: {{ .Values.messageBroker.user | b64enc | quote }} - BROKER_PASSWORD: {{ .Values.messageBroker.password | b64enc | quote }} + BROKER_USERNAME: {{ .Values.messageBroker.user | default "" | b64enc | quote }} + BROKER_PASSWORD: {{ .Values.messageBroker.password | default "" | b64enc | quote }} {{- end }} {{- end }} diff --git a/charts/alfresco-search-enterprise/templates/service-headless-mediation.yaml b/charts/alfresco-search-enterprise/templates/service-headless-mediation.yaml new file mode 100644 index 00000000..ebae4403 --- /dev/null +++ b/charts/alfresco-search-enterprise/templates/service-headless-mediation.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + {{- $ctx := dict "Values" (dict "nameOverride" (printf "%s-%s" (.Values.nameOverride | default .Chart.Name) "mediation-headless")) "Chart" .Chart "Release" .Release }} + name: {{ template "alfresco-search-enterprise.name" $ctx }} + labels: + {{- include "alfresco-search-enterprise.labels" . | nindent 4 }} + app.kubernetes.io/component: indexing-mediation +spec: + ports: + - port: 8080 + name: http + clusterIP: None + selector: + {{- include "alfresco-search-enterprise.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: indexing-mediation diff --git a/charts/alfresco-search-enterprise/templates/serviceaccount.yaml b/charts/alfresco-search-enterprise/templates/serviceaccount.yaml new file mode 100644 index 00000000..c4d56f3d --- /dev/null +++ b/charts/alfresco-search-enterprise/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "alfresco-search-enterprise.serviceAccountName" . }} + labels: + {{- include "alfresco-search-enterprise.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/alfresco-search-enterprise/templates/statefulset-mediation.yaml b/charts/alfresco-search-enterprise/templates/statefulset-mediation.yaml new file mode 100644 index 00000000..7af2f2cd --- /dev/null +++ b/charts/alfresco-search-enterprise/templates/statefulset-mediation.yaml @@ -0,0 +1,62 @@ +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + {{- $ctx := dict "Values" (dict "nameOverride" (printf "%s-%s" (.Values.nameOverride | default .Chart.Name) "mediation")) "Chart" .Chart "Release" .Release }} + name: {{ template "alfresco-search-enterprise.name" $ctx }} +spec: + serviceName: {{ template "alfresco-search-enterprise.name" $ctx }} + selector: + matchLabels: + {{- include "alfresco-search-enterprise.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: indexing-mediation + template: + metadata: + labels: + {{- include "alfresco-search-enterprise.labels" . | nindent 8 }} + app.kubernetes.io/component: indexing-mediation + spec: + {{- include "alfresco-common.imagePullSecrets" . | indent 6 }} + {{- include "alfresco-common.component-pod-security-context" .Values | indent 4 }} + containers: + {{- with .Values.liveIndexing.mediation }} + - name: {{ template "alfresco-search-enterprise.name" $ctx }} + image: {{ .image.repository }}:{{ .image.tag }} + imagePullPolicy: {{ .image.pullPolicy }} + {{- end }} + {{- include "alfresco-common.component-security-context" .Values | indent 8 }} + envFrom: + - secretRef: + name: {{ default (printf "%s-messagebroker-secret" (include "alfresco-search-enterprise.fullname" .)) .Values.messageBroker.existingSecretName }} + env: + {{- include "alfresco-search-enterprise.activemq.cm.env" $ | nindent 12 }} + {{- $atsCtx := dict "Values" (dict "nameOverride" (printf "%s-%s" ($.Values.nameOverride | default $.Chart.Name) "ats")) "Chart" $.Chart "Release" $.Release }} + {{- $ats_cm := coalesce .Values.ats.existingConfigMap.name (include "alfresco-search-enterprise.fullname" $atsCtx) }} + - name: ALFRESCO_ACCEPTEDCONTENTMEDIATYPESCACHE_BASEURL + valueFrom: + configMapKeyRef: + name: {{ $ats_cm }} + key: {{ .Values.ats.existingConfigMap.keys.transform_url }} + {{- include "alfresco-common.spring.activemq.env" . | nindent 12 }} + {{- include "alfresco-search-enterprise.env" . | nindent 12 }} + {{- range $key, $val := .Values.liveIndexing.environment }} + - name: {{ $key }} + value: {{ $val | quote }} + {{- end }} + ports: + - name: http + containerPort: 8080 + protocol: TCP + livenessProbe: + initialDelaySeconds: 300 + timeoutSeconds: 60 + httpGet: + path: /actuator/health + port: http + readinessProbe: + initialDelaySeconds: 60 + timeoutSeconds: 60 + httpGet: + path: /actuator/health + port: http + resources: {{- toYaml .Values.resources | nindent 12 }} diff --git a/charts/alfresco-search-enterprise/tests/configmap-database_test.yaml b/charts/alfresco-search-enterprise/tests/configmap-database_test.yaml deleted file mode 100644 index 09904b58..00000000 --- a/charts/alfresco-search-enterprise/tests/configmap-database_test.yaml +++ /dev/null @@ -1,34 +0,0 @@ ---- -suite: test database configmap -templates: - - configmap-database.yaml -tests: - - it: should have empty url as default - asserts: - - failedTemplate: - errorMessage: .reindexing.db.url is mandatory when not using existingConfigMap - - - it: should have url populated when url value is set - set: - reindexing: - db: - url: jdbc:postgresql://hostname:5432/ - asserts: - - equal: - path: data.DATABASE_URL - value: jdbc:postgresql://hostname:5432/ - - - it: should not render cm when existingConfigMap is set - set: - reindexing.db.existingConfigMap: - name: external-database-configmap - asserts: - - hasDocuments: - count: 0 - - - it: should not render cm when reindexing is disabled - set: - reindexing.enabled: false - asserts: - - hasDocuments: - count: 0 diff --git a/charts/alfresco-search-enterprise/tests/configmaps_test.yaml b/charts/alfresco-search-enterprise/tests/configmaps_test.yaml new file mode 100644 index 00000000..cd606278 --- /dev/null +++ b/charts/alfresco-search-enterprise/tests/configmaps_test.yaml @@ -0,0 +1,103 @@ +--- +suite: test configmaps +templates: + - configmap-mq.yaml + - configmap-database.yaml + - configmap-repository.yaml +tests: + - it: should fail rendering manifest without required Alfresco repository values + values: &testvalues + - values/embedded-charts-values.yaml + asserts: + - failedTemplate: + errorMessage: .reindexing.repository.url is mandatory when not using existingConfigMap + template: configmap-repository.yaml + + - it: should fail rendering manifest without required ActiveMQ values + set: + reindexing.enabled: false + asserts: + - failedTemplate: + errorMessage: Disabling in-cluster ActiveMQ requires passing (at least) messageBroker.url + template: configmap-mq.yaml + + - it: should fail rendering manifest without required Alfresco repository values + values: *testvalues + set: + reindexing.enabled: false + asserts: + - equal: + path: data.BROKER_URL + value: failover:(nio://RELEASE-NAME-activemq-broker:61616)?timeout=3000&jms.useCompression=true + template: configmap-mq.yaml + + - it: should fail rendering manifest without required values + values: *testvalues + set: + reindexing.repository.url: http://acs/alfresco + asserts: + - failedTemplate: + errorMessage: .reindexing.db.url is mandatory when not using existingConfigMap + template: configmap-database.yaml + + - it: should have url populated when url value is set + values: *testvalues + set: + reindexing: + repository: + url: https://mycm.domain.tld/alfresco + db: + url: jdbc:postgresql://hostname:5432/ + asserts: + - equal: + path: data.DATABASE_URL + value: jdbc:postgresql://hostname:5432/ + template: configmap-database.yaml + - equal: + path: data.REPOSITORY_URL + value: https://mycm.domain.tld/alfresco + template: configmap-repository.yaml + + - it: should have mq configmap render from values + set: + reindexing: + enabled: false + messageBroker: + url: ssl://some.broker.domain.tld:61617 + asserts: + - equal: + path: data.BROKER_URL + value: failover:(ssl://some.broker.domain.tld:61617) + template: configmap-mq.yaml + + - it: should not render cm when existingConfigMap is set + values: *testvalues + set: + messageBroker.existingConfigMap: + name: external-mq-configmap + reindexing.repository.existingConfigMap: + name: external-repository-configmap + reindexing.db.existingConfigMap: + name: external-database-configmap + asserts: + - hasDocuments: + count: 0 + template: configmap-database.yaml + - hasDocuments: + count: 0 + template: configmap-mq.yaml + - hasDocuments: + count: 0 + template: configmap-repository.yaml + + - it: should not render cm when reindexing is disabled + values: *testvalues + set: + reindexing.enabled: false + asserts: + - hasDocuments: + count: 0 + template: configmap-database.yaml + - hasDocuments: + count: 0 + template: configmap-repository.yaml diff --git a/charts/alfresco-search-enterprise/tests/liveindexing-deployment_test.yaml b/charts/alfresco-search-enterprise/tests/liveindexing-deployment_test.yaml index 19829caf..605b8f5b 100644 --- a/charts/alfresco-search-enterprise/tests/liveindexing-deployment_test.yaml +++ b/charts/alfresco-search-enterprise/tests/liveindexing-deployment_test.yaml @@ -1,8 +1,8 @@ --- suite: test liveindexing template rendering templates: - - config-ats.yaml - - config-elasticsearch.yaml + - configmap-ats.yaml + - configmap-elasticsearch.yaml - liveindexing-deployment.yaml - secret-elasticsearch.yaml - secret-database.yaml @@ -20,11 +20,20 @@ tests: user: admin protocol: https port: 1443 + template: liveindexing-deployment.yaml asserts: - equal: path: data.SPRING_ELASTICSEARCH_REST_URIS value: https://someglobally.used.host:1443 - template: config-elasticsearch.yaml + template: configmap-elasticsearch.yaml + - contains: + path: spec.template.spec.containers[0].env + content: + name: BROKER_URL + valueFrom: + configMapKeyRef: + name: RELEASE-NAME-alfresco-search-enterprise-mq + key: BROKER_URL - it: | Render default mainfest with embedded elasticsearch and pre-existing secret @@ -35,19 +44,32 @@ tests: enabled: true searchIndex: existingSecretName: nooneknows + messageBroker: + existingConfigMap: + name: mymqcm + keys: + url: MQ_URL asserts: + - contains: + path: spec.template.spec.containers[0].env + content: + name: BROKER_URL + valueFrom: + configMapKeyRef: + name: mymqcm + key: MQ_URL - equal: path: data.ATS_URL value: http://transform/transform/config - template: config-ats.yaml + template: configmap-ats.yaml - equal: path: data.SFS_URL value: http://sfs/alfresco/api/-default-/private/sfs/versions/1/file/ - template: config-ats.yaml + template: configmap-ats.yaml - equal: path: data.SPRING_ELASTICSEARCH_REST_URIS value: http://elasticsearch-master:9200 - template: config-elasticsearch.yaml + template: configmap-elasticsearch.yaml - contains: path: spec.template.spec.containers[0].env content: diff --git a/charts/alfresco-search-enterprise/tests/reindexing-job_test.yaml b/charts/alfresco-search-enterprise/tests/reindexing-job_test.yaml index e8e72ae2..fb7ad33b 100644 --- a/charts/alfresco-search-enterprise/tests/reindexing-job_test.yaml +++ b/charts/alfresco-search-enterprise/tests/reindexing-job_test.yaml @@ -3,8 +3,16 @@ suite: test reindexing job manifest templates: - reindexing-job.yaml tests: - - it: should have env vars for spring database credentials referencing the main chart secret + - it: should have default env vars asserts: + - contains: + path: spec.template.spec.initContainers[0].env + content: + name: REPOSITORY_URL + valueFrom: + configMapKeyRef: + name: RELEASE-NAME-alfresco-search-enterprise-repository + key: REPOSITORY_URL - contains: path: spec.template.spec.containers[0].env content: @@ -93,3 +101,21 @@ tests: asserts: - hasDocuments: count: 0 + + - it: render the initContainer with given configmap details + set: + reindexing: + repository: + existingConfigMap: + name: mycm + keys: + url: REPO_URL + asserts: + - contains: + path: spec.template.spec.initContainers[0].env + content: + name: REPOSITORY_URL + valueFrom: + configMapKeyRef: + name: mycm + key: REPO_URL diff --git a/charts/alfresco-search-enterprise/tests/secret-messagebroker_test.yaml b/charts/alfresco-search-enterprise/tests/secret-messagebroker_test.yaml index 0ad9058e..3e938b94 100644 --- a/charts/alfresco-search-enterprise/tests/secret-messagebroker_test.yaml +++ b/charts/alfresco-search-enterprise/tests/secret-messagebroker_test.yaml @@ -13,8 +13,6 @@ tests: - equal: path: data.BROKER_PASSWORD value: YWRtaW4= - - isNotEmpty: - path: data.BROKER_URL - it: should have credentials populated when messagebroker values are set set: @@ -30,8 +28,6 @@ tests: - equal: path: data.BROKER_PASSWORD value: ZXh0LXBhc3M= - - isNotEmpty: - path: data.BROKER_URL - it: should not have a secret when existingSecretName is set set: diff --git a/charts/alfresco-search-enterprise/values.yaml b/charts/alfresco-search-enterprise/values.yaml index 491adfcf..ea00cb5b 100644 --- a/charts/alfresco-search-enterprise/values.yaml +++ b/charts/alfresco-search-enterprise/values.yaml @@ -54,8 +54,20 @@ reindexing: tag: 3.3.1 pullPolicy: IfNotPresent pathIndexingEnabled: true + repository: + # -- URL of the Alfresco repository + url: null + existingConfigMap: + # -- Alternatively, provide repository connection details via an existing + # configmap + name: null + keys: + # -- Key within the configmap holding the full url to connect to the + # alfresco repository + url: REPOSITORY_URL db: - # -- Provide the full JDBC url to connect to database service e.g.: `jdbc:postgresql://hostname:5432/database` + # -- Provide the full JDBC url to connect to database service e.g.: + # `jdbc:postgresql://hostname:5432/database` url: null # -- The username required to access the service username: null @@ -70,10 +82,12 @@ reindexing: # -- Key within the secret holding the database password password: DATABASE_PASSWORD existingConfigMap: - # -- Alternatively, provide database connection details via an existing configmap + # -- Alternatively, provide database connection details via an existing + # configmap name: null keys: - # -- Key within the configmap holding the full JDBC url to connect to database service + # -- Key within the configmap holding the full JDBC url to connect to + # database service url: DATABASE_URL resources: requests: @@ -88,6 +102,15 @@ reindexing: limits: cpu: "0.25" memory: "10Mi" +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "alfresco-search-enterprise-sa" + ats: # -- URL of the alfresco transform (trouter or tengine-aio) transform_url: null @@ -109,6 +132,13 @@ messageBroker: user: null # -- Broker password password: null + # -- Alternatively, provide message broker connection details via an existing + # configmap + existingConfigMap: + name: null + keys: + # -- Key within the configmap holding the URL of the message broker + url: BROKER_URL # -- Provide connection details alternatively via an existing secret that # contains BROKER_URL, BROKER_USERNAME and BROKER_PASSWORD keys existingSecretName: null