diff --git a/README.md b/README.md index 3b41892d..79e23eaf 100644 --- a/README.md +++ b/README.md @@ -316,7 +316,8 @@ _See [helm rollback](https://helm.sh/docs/helm/helm_rollback/) for command docum | `connections.oauthRedirectURL` | Address of the oauth authorization server | `https://service.onlyoffice.com/oauth2.aspx` | | `namespaceOverride` | The name of the namespace in which DocSpace will be deployed. If not set, the name will be taken from `.Release.Namespace` | `""` | | `commonLabels` | Defines labels that will be additionally added to all the deployed resources. You can also use `tpl` as the value for the key | `{}` | -| `podAnnotations` | Map of annotations to add to the DocSpace pods | `rollme: "{{ randAlphaNum 5 \| quote }}"` | +| `commonAnnotations` | Defines annotations that will be additionally added to all the deployed resources. You can also use `tpl` as the value for the key. Some resources may override the values specified here with their own | `{}` | +| `podAnnotations` | Map of annotations to add to the DocSpace pods. Each Docspace application can override the values specified here with its own | `rollme: "{{ randAlphaNum 5 \| quote }}"` | | `serviceAccount.create` | Enable ServiceAccount creation | `false` | | `serviceAccount.name` | Name of the ServiceAccount to be used. If not set and `serviceAccount.create` is `true` the name will be taken from `.Release.Name` or `serviceAccount.create` is `false` the name will be "default" | `""` | | `serviceAccount.annotations` | Map of annotations to add to the ServiceAccount | `{}` | @@ -361,12 +362,16 @@ _See [helm rollback](https://helm.sh/docs/helm/helm_rollback/) for command docum | `initContainers.custom` | Defines custom containers that run before DocSpace containers in a Pods. For example, a container that changes the owner of the PersistentVolume. For the `Docs`, `Router`, `Opensearch` and `Proxy Frontend` services, the corresponding individual parameters are used | `[]` | | `persistence.storageClass` | PVC Storage Class for DocSpace data volume | `nfs` | | `persistence.docspaceData.existingClaim` | The name of the existing PVC for storing files common to all services. If not specified, a PVC named "docspace-data" will be created | `""` | +| `persistence.docspaceData.annotations` | Defines annotations that will be additionally added to common files PVC. If set to, it takes priority over the `commonAnnotations` | `{}` | | `persistence.docspaceData.size` | PVC Storage Request for common files volume | `8Gi` | | `persistence.filesData.existingClaim` | The name of the existing PVC for use in the Files service. If not specified, a PVC named "files-data" will be created | `""` | +| `persistence.filesData.annotations` | Defines annotations that will be additionally added to Files PVC. If set to, it takes priority over the `commonAnnotations` | `{}` | | `persistence.filesData.size` | PVC Storage Request for Files volume | `2Gi` | | `persistence.peopleData.existingClaim` | The name of the existing PVC for use in the People Server service. If not specified, a PVC named "people-data" will be created | `""` | +| `persistence.peopleData.annotations` | Defines annotations that will be additionally added to People Server PVC. If set to, it takes priority over the `commonAnnotations` | `{}` | | `persistence.peopleData.size` | PVC Storage Request for People Server volume | `2Gi` | | `persistence.routerLog.existingClaim` | The name of the existing PVC for storing Nginx logs of the Router service. If not specified, a PVC named "router-log" will be created | `""` | +| `persistence.routerLog.annotations` | Defines annotations that will be additionally added to Nginx logs PVC. If set to, it takes priority over the `commonAnnotations` | `{}` | | `persistence.routerLog.size` | PVC Storage Request for Nginx logs volume | `5Gi` | | `podAntiAffinity.type` | Types of Pod antiaffinity. Allowed values: `preferred` or `required` | `preferred` | | `podAntiAffinity.topologyKey` | Node label key to match | `kubernetes.io/hostname` | @@ -378,11 +383,13 @@ _See [helm rollback](https://helm.sh/docs/helm/helm_rollback/) for command docum |-----------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------|-------------------------------------------| | `Application.enabled` | Enables Application installation. Individual value for the `apiSystem` | `true` | | `Application.kind` | The controller used for deploy. Possible values are `Deployment` (default) or `StatefulSet`. Not used in `docs` and `opensearch` | `Deployment` | +| `Application.annotations` | Defines annotations that will be additionally added to Application deploy. If set to, it takes priority over the `commonAnnotations` | `{}` | | `Application.replicaCount` | Number of "Application" replicas to deploy | `1` | | `Application.updateStrategy.type` | "Application" update strategy type | `RollingUpdate` | | `Application.updateStrategy.rollingUpdate.maxUnavailable` | Maximum number of "Application" Pods unavailable during the update process | `25%` | | `Application.updateStrategy.rollingUpdate.maxSurge` | Maximum number of "Application" Pods created over the desired number of Pods | `25%` | | `Application.podManagementPolicy` | The Application Pods scaling operations policy. Used if `Application.kind` is set to `StatefulSet`. Not used in `docs` and `opensearch` | `OrderedReady` | +| `Application.podAnnotations` | Map of annotations to add to the Notify pods. If set to, it takes priority over the `podAnnotations` | `{}` | | `Application.podSecurityContext.enabled` | Enable security context for the "Application" pods. If set to, it takes priority over the `podSecurityContext` | `false` | | `Application.customPodAntiAffinity` | Prohibiting the scheduling of Api System Pods relative to other Pods containing the specified labels on the same node | `{}` | | `Application.podAffinity` | Defines [Pod affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity) rules for "Application" Pods scheduling by nodes relative to other Pods | `{}` | @@ -510,6 +517,8 @@ NOTE: It is recommended to use an installation made specifically for Kubernetes. | Parameter | Description | Default | |------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------| | `install.job.enabled` | Enable the execution of job pre-install before installing DocSpace | `true` | +| `install.job.annotations` | Defines annotations that will be additionally added to Install Job. If set to, it takes priority over the `commonAnnotations` | `{}` | +| `install.job.podAnnotations` | Map of annotations to add to the Install Job Pod. If set to, it takes priority over the `podAnnotations` | `{}` | | `install.job.podSecurityContext.enabled` | Enable security context for the Install Job pod | `false` | | `install.job.customPodAntiAffinity` | Prohibiting the scheduling of Install Job Pod relative to other Pods containing the specified labels on the same node | `{}` | | `install.job.podAffinity` | Defines [Pod affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity) rules for Install Job Pod scheduling by nodes relative to other Pods | `{}` | @@ -524,6 +533,8 @@ NOTE: It is recommended to use an installation made specifically for Kubernetes. | `install.job.initContainers.migrationRunner.resources.requests` | The requested resources for the Job pre-install Migration Runner container | `memory, cpu` | | `install.job.initContainers.migrationRunner.resources.limits` | The resources limits for the Job pre-install Migration Runner container | `memory, cpu` | | `upgrade.job.enabled` | Enable the execution of job pre-upgrade before upgrading DocSpace | `true` | +| `upgrade.job.annotations` | Defines annotations that will be additionally added to Upgrade Job. If set to, it takes priority over the `commonAnnotations` | `{}` | +| `upgrade.job.podAnnotations` | Map of annotations to add to the Upgrade Job Pod. If set to, it takes priority over the `podAnnotations` | `{}` | | `upgrade.job.podSecurityContext.enabled` | Enable security context for the Upgrade Job pod | `false` | | `upgrade.job.customPodAntiAffinity` | Prohibiting the scheduling of Upgrade Job Pod relative to other Pods containing the specified labels on the same node | `{}` | | `upgrade.job.podAffinity` | Defines [Pod affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity) rules for Upgrade Job Pod scheduling by nodes relative to other Pods | `{}` | @@ -539,7 +550,7 @@ NOTE: It is recommended to use an installation made specifically for Kubernetes. | `upgrade.job.initContainers.migrationRunner.resources.limits` | The resources limits for the Job pre-upgrade Migration Runner container | `memory, cpu` | | `elasticsearchClearIndexes.job.enabled` | Enable the execution of job elasticsearchClearIndexes before upgrading DocSpace. If you are using Opensearch or an external Elasticsearch, you can set it to `false` | `true` | | `elasticsearchClearIndexes.job.annotations` | Defines annotations that will be additionally added to elasticsearchClearIndexes Job. If set to, it takes priority over the `commonAnnotations` | `{}` | -| `elasticsearchClearIndexes.job.podAnnotations` | Map of annotations to add to the elasticsearchClearIndexes Pod | `{}` | +| `elasticsearchClearIndexes.job.podAnnotations` | Map of annotations to add to the elasticsearchClearIndexes Job Pod. If set to, it takes priority over the `podAnnotations` | `{}` | | `elasticsearchClearIndexes.job.podSecurityContext.enabled` | Enable security context for the elasticsearchClearIndexes Job pod | `false` | | `elasticsearchClearIndexes.job.customPodAntiAffinity` | Prohibiting the scheduling of elasticsearchClearIndexes Job Pod relative to other Pods containing the specified labels on the same node | `{}` | | `elasticsearchClearIndexes.job.podAffinity` | Defines [Pod affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity) rules for elasticsearchClearIndexes Job Pod scheduling by nodes relative to other Pods | `{}` | @@ -552,25 +563,26 @@ NOTE: It is recommended to use an installation made specifically for Kubernetes. ### DocSpace Opensearch parameters -| Parameter | Description | Default | -|----------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------|----------------------------| -| `opensearch.enabled` | Enables Opensearch installation | `true` | -| `opensearch.initContainers.securityContext.enabled` | Enable security context for Opensearch change-volume-owner initContainer container in pod | `false` | -| `opensearch.initContainers.resources.requests` | The requested resources for the Opensearch change-volume-owner initContainer | `memory, cpu` | -| `opensearch.initContainers.resources.limits` | The resources limits for the Opensearch change-volume-owner initContainer | `memory, cpu` | -| `opensearch.initContainers.custom` | Custom Opensearch initContainers parameters. Additional containers that run before Elasticsearch container in a Pod | `[]` | -| `opensearch.image.repository` | Opensearch container image repository | `onlyoffice/opensearch` | -| `opensearch.image.tag` | Opensearch container image tag | `7.16.3` | -| `opensearch.persistence.storageClass` | PVC Storage Class for Opensearch volume | `"nfs"` | -| `opensearch.persistence.accessModes` | Opensearch Persistent Volume access modes | `ReadWriteOnce` | -| `opensearch.persistence.size` | PVC Storage Request for Opensearch volume | `30Gi` | -| `opensearch.env.discoveryType` | Determines the cluster discovery type. Set to "single-node" for a single-node cluster | `single-node | -| `opensearch.env.disableSecurityPlugin` | disables the security plugin | `true` | -| `opensearch.env.disableInstallDemoConfig` | disables the installation of demo configuration | `true` | -| `opensearch.env.bootstrapMemoryLock` | determines whether JVM should lock memory | `true` | +| Parameter | Description | Default | +|-------------------------------------------------------|--------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------| +| `opensearch.enabled` | Enables Opensearch installation | `true` | +| `opensearch.initContainers.securityContext.enabled` | Enable security context for Opensearch change-volume-owner initContainer container in pod | `false` | +| `opensearch.initContainers.resources.requests` | The requested resources for the Opensearch change-volume-owner initContainer | `memory, cpu` | +| `opensearch.initContainers.resources.limits` | The resources limits for the Opensearch change-volume-owner initContainer | `memory, cpu` | +| `opensearch.initContainers.custom` | Custom Opensearch initContainers parameters. Additional containers that run before Elasticsearch container in a Pod | `[]` | +| `opensearch.image.repository` | Opensearch container image repository | `onlyoffice/opensearch` | +| `opensearch.image.tag` | Opensearch container image tag | `7.16.3` | +| `opensearch.persistence.annotations` | Defines annotations that will be additionally added to Opensearch PVC. If set to, it takes priority over the `commonAnnotations` | `{}` | +| `opensearch.persistence.storageClass` | PVC Storage Class for Opensearch volume | `"nfs"` | +| `opensearch.persistence.accessModes` | Opensearch Persistent Volume access modes | `ReadWriteOnce` | +| `opensearch.persistence.size` | PVC Storage Request for Opensearch volume | `30Gi` | +| `opensearch.env.discoveryType` | Determines the cluster discovery type. Set to "single-node" for a single-node cluster | `single-node | +| `opensearch.env.disableSecurityPlugin` | disables the security plugin | `true` | +| `opensearch.env.disableInstallDemoConfig` | disables the installation of demo configuration | `true` | +| `opensearch.env.bootstrapMemoryLock` | determines whether JVM should lock memory | `true` | | `opensearch.env.ESJAVAOPTS` | defines JVM options | `-Xms2g -Xmx2g -Dlog4j2.formatMsgNoLookups=true` | -| `opensearch.env.indicesFieldDataCacheSize` | sets the size of the index field data cache | `30%` | -| `opensearch.env.indicesMemoryIndexBufferSize` | sets the size of the in-memory index buffer | `30%` | +| `opensearch.env.indicesFieldDataCacheSize` | sets the size of the index field data cache | `30%` | +| `opensearch.env.indicesMemoryIndexBufferSize` | sets the size of the in-memory index buffer | `30%` | ### DocSpace Test parameters diff --git a/templates/configmaps/check-db.yaml b/templates/configmaps/check-db.yaml index 53b4d679..4e61be11 100644 --- a/templates/configmaps/check-db.yaml +++ b/templates/configmaps/check-db.yaml @@ -11,6 +11,9 @@ metadata: "helm.sh/hook": pre-install,pre-upgrade "helm.sh/hook-weight": "2" "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + {{- if .Values.commonAnnotations }} + {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} data: checkdb.sh: |- #!/bin/bash diff --git a/templates/configmaps/docspace-router.yaml b/templates/configmaps/docspace-router.yaml index 6d4b5f6f..eebb8b03 100644 --- a/templates/configmaps/docspace-router.yaml +++ b/templates/configmaps/docspace-router.yaml @@ -7,6 +7,9 @@ metadata: labels: {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} data: COUNT_WORKER_CONNECTIONS: {{ .Values.connections.countWorkerConnections | quote }} NGINX_ENVSUBST_TEMPLATE_SUFFIX: {{ .Values.connections.nginxSnvsubstTemplateSuffix }} diff --git a/templates/configmaps/docspace.yaml b/templates/configmaps/docspace.yaml index c3903478..dceec02d 100644 --- a/templates/configmaps/docspace.yaml +++ b/templates/configmaps/docspace.yaml @@ -10,6 +10,9 @@ metadata: annotations: "helm.sh/hook": pre-install,pre-upgrade "helm.sh/hook-weight": "1" + {{- if .Values.commonAnnotations }} + {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} data: ENV_EXTENSION: {{ .Values.connections.envExtension | quote }} DATABASE_MIGRATION: {{ .Values.connections.mysqlDatabaseMigration | quote }} diff --git a/templates/configmaps/healthchecks.yaml b/templates/configmaps/healthchecks.yaml index 9ff2fbf9..43988f69 100644 --- a/templates/configmaps/healthchecks.yaml +++ b/templates/configmaps/healthchecks.yaml @@ -8,6 +8,9 @@ metadata: labels: {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} data: API_HOST: {{ .Values.connections.apiHost }}:{{ .Values.api.containerPorts.app }} API_SYSTEM_HOST: {{ .Values.connections.apiSystemHost }}:{{ .Values.apiSystem.containerPorts.app }} diff --git a/templates/configmaps/proxy-frontend.yaml b/templates/configmaps/proxy-frontend.yaml index 5fb929f9..8583fbf6 100644 --- a/templates/configmaps/proxy-frontend.yaml +++ b/templates/configmaps/proxy-frontend.yaml @@ -8,6 +8,9 @@ metadata: labels: {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} data: default.conf: |- map $http_host $this_host { diff --git a/templates/configmaps/router-init-scripts.yaml b/templates/configmaps/router-init-scripts.yaml index 760007d8..02525993 100644 --- a/templates/configmaps/router-init-scripts.yaml +++ b/templates/configmaps/router-init-scripts.yaml @@ -7,6 +7,9 @@ metadata: labels: {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} data: 50-change-router-onlyoffice-conf.sh: |- #!/bin/sh diff --git a/templates/ingresses/docspace.yaml b/templates/ingresses/docspace.yaml index 70fbcc60..55b36192 100644 --- a/templates/ingresses/docspace.yaml +++ b/templates/ingresses/docspace.yaml @@ -8,11 +8,9 @@ metadata: labels: {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} - {{- if .Values.ingress.annotations }} - annotations: - {{- range $key, $value := .Values.ingress.annotations }} - {{ $key }}: {{ tpl $value $ }} - {{- end }} + {{- if or .Values.commonAnnotations .Values.ingress.annotations }} + {{- $dictValue := default .Values.commonAnnotations .Values.ingress.annotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" $dictValue "context" $ ) | nindent 4 }} {{- end }} spec: {{- if .Values.ingress.ingressClassName }} diff --git a/templates/pvc/docspace-data.yaml b/templates/pvc/docspace-data.yaml index 2ddf9fe0..5115e8d3 100644 --- a/templates/pvc/docspace-data.yaml +++ b/templates/pvc/docspace-data.yaml @@ -8,6 +8,10 @@ metadata: labels: {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if or .Values.commonAnnotations .Values.persistence.docspaceData.annotations }} + {{- $dictValue := default .Values.commonAnnotations .Values.persistence.docspaceData.annotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" $dictValue "context" $ ) | nindent 4 }} + {{- end }} spec: storageClassName: {{ .Values.persistence.storageClass }} accessModes: diff --git a/templates/pvc/files-data.yaml b/templates/pvc/files-data.yaml index f3a74cea..8c521f5c 100644 --- a/templates/pvc/files-data.yaml +++ b/templates/pvc/files-data.yaml @@ -11,6 +11,10 @@ metadata: annotations: "helm.sh/hook": pre-install "helm.sh/hook-weight": "2" + {{- if or .Values.commonAnnotations .Values.persistence.filesData.annotations }} + {{- $dictValue := default .Values.commonAnnotations .Values.persistence.filesData.annotations }} + {{- include "docspace.annotations" ( dict "keyName" $dictValue "context" $ ) | nindent 4 }} + {{- end }} spec: storageClassName: {{ .Values.persistence.storageClass }} accessModes: diff --git a/templates/pvc/opensearch.yaml b/templates/pvc/opensearch.yaml index 041b057f..85df1ee4 100644 --- a/templates/pvc/opensearch.yaml +++ b/templates/pvc/opensearch.yaml @@ -8,6 +8,10 @@ metadata: labels: {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if or .Values.commonAnnotations .Values.opensearch.persistence.annotations }} + {{- $dictValue := default .Values.commonAnnotations .Values.opensearch.persistence.annotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" $dictValue "context" $ ) | nindent 4 }} + {{- end }} spec: storageClassName: {{ .Values.opensearch.persistence.storageClass }} accessModes: diff --git a/templates/pvc/people-server-data.yaml b/templates/pvc/people-server-data.yaml index 6154f194..d5fdd5f6 100644 --- a/templates/pvc/people-server-data.yaml +++ b/templates/pvc/people-server-data.yaml @@ -11,6 +11,10 @@ metadata: annotations: "helm.sh/hook": pre-install "helm.sh/hook-weight": "2" + {{- if or .Values.commonAnnotations .Values.persistence.peopleData.annotations }} + {{- $dictValue := default .Values.commonAnnotations .Values.persistence.peopleData.annotations }} + {{- include "docspace.annotations" ( dict "keyName" $dictValue "context" $ ) | nindent 4 }} + {{- end }} spec: storageClassName: {{ .Values.persistence.storageClass }} accessModes: diff --git a/templates/pvc/router-log.yaml b/templates/pvc/router-log.yaml index e8b37857..13408a23 100644 --- a/templates/pvc/router-log.yaml +++ b/templates/pvc/router-log.yaml @@ -8,6 +8,10 @@ metadata: labels: {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if or .Values.commonAnnotations .Values.persistence.routerLog.annotations }} + {{- $dictValue := default .Values.commonAnnotations .Values.persistence.routerLog.annotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" $dictValue "context" $ ) | nindent 4 }} + {{- end }} spec: storageClassName: {{ .Values.persistence.storageClass }} accessModes: diff --git a/templates/secrets/broker-password.yaml b/templates/secrets/broker-password.yaml index 16343cff..7d958f9f 100644 --- a/templates/secrets/broker-password.yaml +++ b/templates/secrets/broker-password.yaml @@ -11,6 +11,9 @@ metadata: annotations: "helm.sh/hook": pre-install "helm.sh/hook-weight": "3" + {{- if .Values.commonAnnotations }} + {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} type: Opaque stringData: {{ .Values.connections.brokerSecretKeyName }}: {{ include "docspace.broker.password" . | quote }} diff --git a/templates/secrets/broker-uri.yaml b/templates/secrets/broker-uri.yaml index cb91a87e..b6400079 100644 --- a/templates/secrets/broker-uri.yaml +++ b/templates/secrets/broker-uri.yaml @@ -7,6 +7,9 @@ metadata: labels: {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} type: Opaque stringData: broker_uri: {{ include "docspace.broker.uri" . | quote }} diff --git a/templates/secrets/core-machine-key.yaml b/templates/secrets/core-machine-key.yaml index 6016de2d..b4078639 100644 --- a/templates/secrets/core-machine-key.yaml +++ b/templates/secrets/core-machine-key.yaml @@ -8,6 +8,9 @@ metadata: labels: {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} type: Opaque stringData: APP_CORE_MACHINEKEY: {{ include "docspace.secret.coreMachineKey" . | quote }} diff --git a/templates/secrets/db-password.yaml b/templates/secrets/db-password.yaml index 99e8f1ae..9ad23acb 100644 --- a/templates/secrets/db-password.yaml +++ b/templates/secrets/db-password.yaml @@ -11,6 +11,9 @@ metadata: annotations: "helm.sh/hook": pre-install "helm.sh/hook-weight": "1" + {{- if .Values.commonAnnotations }} + {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} type: Opaque stringData: {{ .Values.connections.mysqlSecretKeyPassword }}: {{ include "docspace.mysql.password" . | quote }} diff --git a/templates/secrets/jwt.yaml b/templates/secrets/jwt.yaml index 9461e50c..6e3fff31 100644 --- a/templates/secrets/jwt.yaml +++ b/templates/secrets/jwt.yaml @@ -8,6 +8,9 @@ metadata: labels: {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} type: Opaque stringData: {{- if typeIs "bool" .Values.jwt.enabled }} diff --git a/templates/secrets/redis-password.yaml b/templates/secrets/redis-password.yaml index f2cd32f8..5134af57 100644 --- a/templates/secrets/redis-password.yaml +++ b/templates/secrets/redis-password.yaml @@ -8,6 +8,9 @@ metadata: labels: {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} type: Opaque stringData: {{ .Values.connections.redisSecretKeyName }}: {{ include "docspace.redis.password" . | quote }} diff --git a/templates/serviceaccounts/docspace.yaml b/templates/serviceaccounts/docspace.yaml index aa9183f9..38e7208c 100644 --- a/templates/serviceaccounts/docspace.yaml +++ b/templates/serviceaccounts/docspace.yaml @@ -11,10 +11,9 @@ metadata: annotations: "helm.sh/hook": pre-install "helm.sh/hook-weight": "3" - {{- if .Values.serviceAccount.annotations }} - {{- range $key, $value := .Values.serviceAccount.annotations }} - {{ $key }}: {{ tpl $value $ }} - {{- end }} + {{- if or .Values.commonAnnotations .Values.serviceAccount.annotations }} + {{- $dictValue := default .Values.commonAnnotations .Values.serviceAccount.annotations }} + {{- include "docspace.annotations" ( dict "keyName" $dictValue "context" $ ) | nindent 4 }} {{- end }} automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} {{- end }} diff --git a/templates/services/api-system.yaml b/templates/services/api-system.yaml index dee3a3ec..c4d46542 100644 --- a/templates/services/api-system.yaml +++ b/templates/services/api-system.yaml @@ -8,6 +8,9 @@ metadata: {{- if .Values.commonLabels }} {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: ports: - port: {{ .Values.apiSystem.containerPorts.app }} diff --git a/templates/services/api.yaml b/templates/services/api.yaml index b398854d..1b2b0631 100644 --- a/templates/services/api.yaml +++ b/templates/services/api.yaml @@ -8,6 +8,9 @@ metadata: {{- if .Values.commonLabels }} {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: ports: - port: {{ .Values.api.containerPorts.app }} diff --git a/templates/services/backup-background-tasks.yaml b/templates/services/backup-background-tasks.yaml index fee1f227..080a4bfc 100644 --- a/templates/services/backup-background-tasks.yaml +++ b/templates/services/backup-background-tasks.yaml @@ -8,6 +8,9 @@ metadata: {{- if .Values.commonLabels }} {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: ports: - port: {{ .Values.backupBackgroundTasks.containerPorts.app }} diff --git a/templates/services/backup.yaml b/templates/services/backup.yaml index 7263b469..46dcf7c9 100644 --- a/templates/services/backup.yaml +++ b/templates/services/backup.yaml @@ -8,6 +8,9 @@ metadata: {{- if .Values.commonLabels }} {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: ports: - port: {{ .Values.backup.containerPorts.app }} diff --git a/templates/services/clear-events.yaml b/templates/services/clear-events.yaml index 143a6bd1..0c55e589 100644 --- a/templates/services/clear-events.yaml +++ b/templates/services/clear-events.yaml @@ -8,6 +8,9 @@ metadata: {{- if .Values.commonLabels }} {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: ports: - port: {{ .Values.clearEvents.containerPorts.app }} diff --git a/templates/services/doceditor.yaml b/templates/services/doceditor.yaml index 2d273d49..c8333dc7 100644 --- a/templates/services/doceditor.yaml +++ b/templates/services/doceditor.yaml @@ -8,6 +8,9 @@ metadata: {{- if .Values.commonLabels }} {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: ports: - port: {{ .Values.doceditor.containerPorts.app }} diff --git a/templates/services/document-server.yaml b/templates/services/document-server.yaml index 169f7a9c..f48cedf7 100644 --- a/templates/services/document-server.yaml +++ b/templates/services/document-server.yaml @@ -9,6 +9,9 @@ metadata: {{- if .Values.commonLabels }} {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: ports: - port: {{ .Values.docs.containerPorts.http }} diff --git a/templates/services/files-services.yaml b/templates/services/files-services.yaml index d6747d33..a8e359ee 100644 --- a/templates/services/files-services.yaml +++ b/templates/services/files-services.yaml @@ -8,6 +8,9 @@ metadata: {{- if .Values.commonLabels }} {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: ports: - port: {{ .Values.filesServices.containerPorts.app }} diff --git a/templates/services/files.yaml b/templates/services/files.yaml index b38af149..1fb66d35 100644 --- a/templates/services/files.yaml +++ b/templates/services/files.yaml @@ -8,6 +8,9 @@ metadata: {{- if .Values.commonLabels }} {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: ports: - port: {{ .Values.files.containerPorts.app }} diff --git a/templates/services/healthchecks.yaml b/templates/services/healthchecks.yaml index 5af05dc7..b91319bc 100644 --- a/templates/services/healthchecks.yaml +++ b/templates/services/healthchecks.yaml @@ -8,6 +8,9 @@ metadata: {{- if .Values.commonLabels }} {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: ports: - port: {{ .Values.healthchecks.containerPorts.healthcheck }} diff --git a/templates/services/login.yaml b/templates/services/login.yaml index 8c1fee65..90b23e96 100644 --- a/templates/services/login.yaml +++ b/templates/services/login.yaml @@ -8,6 +8,9 @@ metadata: {{- if .Values.commonLabels }} {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: ports: - port: {{ .Values.login.containerPorts.login }} diff --git a/templates/services/notify.yaml b/templates/services/notify.yaml index 89533d52..ae3193c8 100644 --- a/templates/services/notify.yaml +++ b/templates/services/notify.yaml @@ -8,6 +8,9 @@ metadata: {{- if .Values.commonLabels }} {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: ports: - port: {{ .Values.notify.containerPorts.app }} diff --git a/templates/services/opensearch.yaml b/templates/services/opensearch.yaml index 6cf6dd2f..90d7d25f 100644 --- a/templates/services/opensearch.yaml +++ b/templates/services/opensearch.yaml @@ -9,6 +9,9 @@ metadata: {{- if .Values.commonLabels }} {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: ports: - port: 9200 diff --git a/templates/services/people-server.yaml b/templates/services/people-server.yaml index 888f8407..eaaff9e0 100644 --- a/templates/services/people-server.yaml +++ b/templates/services/people-server.yaml @@ -8,6 +8,9 @@ metadata: {{- if .Values.commonLabels }} {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: ports: - port: {{ .Values.peopleServer.containerPorts.app }} diff --git a/templates/services/proxy-frontend.yaml b/templates/services/proxy-frontend.yaml index bc2f58bd..cd9004b7 100644 --- a/templates/services/proxy-frontend.yaml +++ b/templates/services/proxy-frontend.yaml @@ -9,11 +9,9 @@ metadata: {{- if .Values.commonLabels }} {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} - {{- if .Values.proxyFrontend.service.annotations }} - annotations: - {{- range $key, $value := .Values.proxyFrontend.service.annotations }} - {{ $key }}: {{ tpl $value $ }} - {{- end }} + {{- if or .Values.commonAnnotations .Values.proxyFrontend.service.annotations }} + {{- $dictValue := default .Values.commonAnnotations .Values.proxyFrontend.service.annotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" $dictValue "context" $ ) | nindent 4 }} {{- end }} spec: ports: diff --git a/templates/services/router.yaml b/templates/services/router.yaml index 48509670..73c2288b 100644 --- a/templates/services/router.yaml +++ b/templates/services/router.yaml @@ -9,11 +9,9 @@ metadata: {{- if .Values.commonLabels }} {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} - {{- if .Values.router.service.annotations }} - annotations: - {{- range $key, $value := .Values.router.service.annotations }} - {{ $key }}: {{ tpl $value $ }} - {{- end }} + {{- if or .Values.commonAnnotations .Values.router.service.annotations }} + {{- $dictValue := default .Values.commonAnnotations .Values.router.service.annotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" $dictValue "context" $ ) | nindent 4 }} {{- end }} spec: ports: diff --git a/templates/services/socket.yaml b/templates/services/socket.yaml index 4619c86d..2b6dee18 100644 --- a/templates/services/socket.yaml +++ b/templates/services/socket.yaml @@ -8,6 +8,9 @@ metadata: {{- if .Values.commonLabels }} {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: ports: - port: {{ .Values.socket.containerPorts.app }} diff --git a/templates/services/ssoauth.yaml b/templates/services/ssoauth.yaml index 600bced8..5a2bf5f8 100644 --- a/templates/services/ssoauth.yaml +++ b/templates/services/ssoauth.yaml @@ -8,6 +8,9 @@ metadata: {{- if .Values.commonLabels }} {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: ports: - port: {{ .Values.ssoauth.containerPorts.app }} diff --git a/templates/services/studio-notify.yaml b/templates/services/studio-notify.yaml index e61d9d52..f52281cb 100644 --- a/templates/services/studio-notify.yaml +++ b/templates/services/studio-notify.yaml @@ -8,6 +8,9 @@ metadata: {{- if .Values.commonLabels }} {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: ports: - port: {{ .Values.studioNotify.containerPorts.app }} diff --git a/templates/services/studio.yaml b/templates/services/studio.yaml index 1df2dcfd..b2c7a2c6 100644 --- a/templates/services/studio.yaml +++ b/templates/services/studio.yaml @@ -8,6 +8,9 @@ metadata: {{- if .Values.commonLabels }} {{- include "docspace.labels.commonLabels" . | trim | nindent 4 }} {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "docspace.annotations" ( dict "keyName" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} spec: ports: - port: {{ .Values.studio.containerPorts.app }} diff --git a/values.yaml b/values.yaml index 92d16b1f..6397c65e 100644 --- a/values.yaml +++ b/values.yaml @@ -354,24 +354,40 @@ persistence: # persistence.docspaceData.existingClaim The name of the existing PVC for storing files common to all services # If not specified, a PVC named "docspace-data" will be created existingClaim: "" + # persistence.docspaceData.annotations Defines annotations that will be additionally added to common files PVC + # If set to, it takes priority over the `commonAnnotations` + # You can also use `tpl` as the value for the key + annotations: {} # persistence.docspaceData.size PVC Storage Request for common files volume size: 8Gi filesData: # persistence.filesData.existingClaim The name of the existing PVC for use in the Files service # If not specified, a PVC named "files-data" will be created existingClaim: "" + # persistence.filesData.annotations Defines annotations that will be additionally added to Files PVC + # If set to, it takes priority over the `commonAnnotations` + # You can also use `tpl` as the value for the key + annotations: {} # persistence.filesData.size PVC Storage Request for Files volume size: 2Gi peopleData: # persistence.peopleData.existingClaim The name of the existing PVC for use in the People Server service # If not specified, a PVC named "people-data" will be created existingClaim: "" + # persistence.peopleData.annotations Defines annotations that will be additionally added to People Server PVC + # If set to, it takes priority over the `commonAnnotations` + # You can also use `tpl` as the value for the key + annotations: {} # persistence.peopleData.size PVC Storage Request for People Server volume size: 2Gi routerLog: # persistence.routerLog.existingClaim The name of the existing PVC for storing Nginx logs of the Router service # If not specified, a PVC named "router-log" will be created existingClaim: "" + # persistence.routerLog.annotations Defines annotations that will be additionally added to Nginx logs PVC + # If set to, it takes priority over the `commonAnnotations` + # You can also use `tpl` as the value for the key + annotations: {} # persistence.routerLog.size PVC Storage Request for Nginx logs volume size: 5Gi # Pod anti-affinity parameters @@ -3566,6 +3582,12 @@ install: job: # install.job.enabled Enable the execution of job pre-install before installing DocSpace enabled: true + # install.job.annotations Defines annotations that will be additionally added to Install Job + # If set to, it takes priority over the `commonAnnotations` + # You can also use `tpl` as the value for the key + annotations: {} + # install.job.podAnnotations Map of annotations to add to the Install Job Pod + podAnnotations: {} # Configure a Security Context for the Install Job Pod # If set to, it takes priority over the `podSecurityContext` podSecurityContext: @@ -3646,6 +3668,12 @@ upgrade: job: # upgrade.job.enabled Enable the execution of job pre-upgrade before upgrading DocSpace enabled: true + # upgrade.job.annotations Defines annotations that will be additionally added to Upgrade Job + # If set to, it takes priority over the `commonAnnotations` + # You can also use `tpl` as the value for the key + annotations: {} + # upgrade.job.podAnnotations Map of annotations to add to the Upgrade Job Pod + podAnnotations: {} # Configure a Security Context for the Upgrade Job Pod # If set to, it takes priority over the `podSecurityContext` podSecurityContext: @@ -3730,7 +3758,7 @@ elasticsearchClearIndexes: # If set to, it takes priority over the `commonAnnotations` # You can also use `tpl` as the value for the key annotations: {} - # elasticsearchClearIndexes.job.podAnnotations Map of annotations to add to the elasticsearchClearIndexes Pod + # elasticsearchClearIndexes.job.podAnnotations Map of annotations to add to the elasticsearchClearIndexes Job Pod podAnnotations: {} # Configure a Security Context for the elasticsearchClearIndexes Job Pod # If set to, it takes priority over the `podSecurityContext` @@ -3944,8 +3972,8 @@ opensearch: # opensearch.resources.limits The resources limits for the opensearch container resources: requests: - memory: "1Gi" - cpu: "1000m" + memory: "512Mi" + cpu: "500m" limits: memory: "4Gi" cpu: "4000m" @@ -3965,6 +3993,10 @@ opensearch: # opensearch.env.indicesMemoryIndexBufferSize sets the size of the in-memory index buffer indicesMemoryIndexBufferSize: "30%" persistence: + # opensearch.persistence.annotations Defines annotations that will be additionally added to Opensearch PVC + # If set to, it takes priority over the `commonAnnotations` + # You can also use `tpl` as the value for the key + annotations: {} # opensearch.persistence.storageClass PVC Storage Class for Opensearch volume storageClass: "nfs" # opensearch.persistence.accessModes Opensearch Persistent Volume access modes