From cf121064141073f1af76f4058480d2f36638c451 Mon Sep 17 00:00:00 2001 From: Tom Meadows Date: Mon, 14 Feb 2022 11:59:11 +0000 Subject: [PATCH] added support to plugin an external sql database Signed-off-by: Tom Meadows --- charts/dependency-track/Chart.yaml | 2 +- .../templates/backend/deployment.yaml | 140 ++++++++++-------- charts/dependency-track/values.yaml | 35 ++++- 3 files changed, 112 insertions(+), 65 deletions(-) diff --git a/charts/dependency-track/Chart.yaml b/charts/dependency-track/Chart.yaml index 9356dab..a1b0f70 100644 --- a/charts/dependency-track/Chart.yaml +++ b/charts/dependency-track/Chart.yaml @@ -24,7 +24,7 @@ dependencies: - name: postgresql version: ~10.10 repository: https://charts.bitnami.com/bitnami - condition: postgresql.enabled + condition: database.internal.enabled - name: common version: 1.9.x repository: https://charts.bitnami.com/bitnami diff --git a/charts/dependency-track/templates/backend/deployment.yaml b/charts/dependency-track/templates/backend/deployment.yaml index 1cc1750..05463bc 100644 --- a/charts/dependency-track/templates/backend/deployment.yaml +++ b/charts/dependency-track/templates/backend/deployment.yaml @@ -24,65 +24,89 @@ spec: initContainers: {{- toYaml . | nindent 6 }} {{- end }} containers: - - name: {{ .Chart.Name }}-apiserver - securityContext: {{- toYaml .Values.apiserver.securityContext | nindent 12 }} - image: {{ include "apiserver.image" . }} - imagePullPolicy: {{ .Values.apiserver.image.pullPolicy }} - {{- with .Values.apiserver.resources }} - resources: {{ . | toYaml | nindent 10 }} - {{- end }} - env: - - name: ALPINE_DATA_DIRECTORY - value: "/data" - {{- if .Values.postgresql.enabled }} - - name: ALPINE_DATABASE_MODE - value: "external" - - name: ALPINE_DATABASE_DRIVER - value: "org.postgresql.Driver" - - name: ALPINE_DATABASE_URL - value: jdbc:postgresql://{{ .Release.Name }}-postgresql/{{ .Values.postgresql.postgresqlDatabase }} - - name: ALPINE_DATABASE_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Release.Name }}-postgresql - key: postgresql-password - - name: ALPINE_DATABASE_USERNAME - value: {{ .Values.postgresql.postgresqlUsername }} - {{- end }} - {{- with .Values.apiserver.env }} - {{- toYaml . | nindent 8 }} - {{- end }} - volumeMounts: - - name: data - mountPath: /data - - name: tmp - mountPath: /tmp - ports: - - name: api - containerPort: 8080 - protocol: TCP - {{- if .Values.apiserver.livenessProbe.enabled }} - livenessProbe: - httpGet: - port: api - path: {{ .Values.apiserver.livenessProbe.path }} - initialDelaySeconds: {{ .Values.apiserver.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.apiserver.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.apiserver.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.apiserver.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.apiserver.livenessProbe.failureThreshold }} - {{- end }} - {{- if .Values.apiserver.livenessProbe.enabled }} - readinessProbe: - httpGet: - port: api - path: {{ .Values.apiserver.readinessProbe.path }} - initialDelaySeconds: {{ .Values.apiserver.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.apiserver.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.apiserver.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.apiserver.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.apiserver.readinessProbe.failureThreshold }} + - name: {{ .Chart.Name }}-apiserver + securityContext: {{- toYaml .Values.apiserver.securityContext | nindent 12 }} + image: {{ include "apiserver.image" . }} + imagePullPolicy: {{ .Values.apiserver.image.pullPolicy }} + {{- with .Values.apiserver.resources }} + resources: {{ . | toYaml | nindent 12 }} + {{- end }} + env: + - name: ALPINE_DATA_DIRECTORY + value: "/data" + {{- if eq .Values.database.internal.enabled true }} + - name: ALPINE_DATABASE_MODE + value: "external" + - name: ALPINE_DATABASE_DRIVER + value: "org.postgresql.Driver" + - name: ALPINE_DATABASE_URL + value: jdbc:postgresql://{{ .Release.Name }}-postgresql/{{ .Values.database.internal.postgresql.database }} + - name: ALPINE_DATABASE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name }}-postgresql + key: postgresql-password + - name: ALPINE_DATABASE_USERNAME + value: {{ .Values.database.internal.postgresql.username }} + {{- else if eq .Values.database.external.enabled true }} + - name: ALPINE_DATABASE_MODE + value: {{ .Values.database.external.databaseMode}} + - name: ALPINE_DATABASE_DRIVER + value: {{ .Values.database.external.databaseDriver}} + - name: ALPINE_DATABASE_URL + value: {{ .Values.database.external.databaseURL}} + - name: ALPINE_DATABASE_USERNAME + value: {{ .Values.database.external.databaseUsername }} + - name: ALPINE_DATABASE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.database.external.databaseUserPassword.secretName }} + key: {{ .Values.database.external.databaseUserPassword.secretKey }} + {{- end }} + {{- with .Values.apiserver.env }} + {{- toYaml . | nindent 8 }} + {{- end }} + volumeMounts: + - name: data + mountPath: /data + - name: tmp + mountPath: /tmp + ports: + - name: api + containerPort: 8080 + protocol: TCP + {{- if .Values.apiserver.livenessProbe.enabled }} + livenessProbe: + httpGet: + port: api + path: {{ .Values.apiserver.livenessProbe.path }} + initialDelaySeconds: {{ .Values.apiserver.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.apiserver.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.apiserver.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.apiserver.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.apiserver.livenessProbe.failureThreshold }} + {{- end }} + {{- if .Values.apiserver.livenessProbe.enabled }} + readinessProbe: + httpGet: + port: api + path: {{ .Values.apiserver.readinessProbe.path }} + initialDelaySeconds: {{ .Values.apiserver.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.apiserver.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.apiserver.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.apiserver.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.apiserver.readinessProbe.failureThreshold }} + {{- end }} + {{- if .Values.apiserver.sidecarContainers }} + {{- range $name, $spec := .Values.apiserver.sidecarContainers }} + - name: {{ $name }} + {{- if kindIs "string" $spec }} + {{- tpl $spec $ | nindent 10 }} + {{- else }} + {{- toYaml $spec | nindent 10 }} + {{- end }} {{- end }} + {{- end }} {{- with .Values.apiserver.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/dependency-track/values.yaml b/charts/dependency-track/values.yaml index ce27f5c..c128f84 100644 --- a/charts/dependency-track/values.yaml +++ b/charts/dependency-track/values.yaml @@ -89,6 +89,13 @@ frontend: # -- config of the apiserver apiserver: enabled: true + # sidecarContainers - add more containers to the api-server (e.g. Google Cloud SQL Proxy) + # Key/Value where Key is the sidecar `- name: ` + # Example: + # sidecarContainers: + # cloud-sql-proxy: + # image: gcr.io/cloudsql-docker/gce-proxy:1.23.0 + sidecarContainers: {} # Max: 1 - DT is not designed for HA replicaCount: 1 image: @@ -170,9 +177,25 @@ ingress: host: chart-example.local # ingressClassName: nginx -# -- configuration of postgres -postgresql: - enabled: true - postgresqlUsername: deptrack - postgresqlPassword: deptrack - postgresqlDatabase: deptrack + # "internal" currently only supports postgres + # -- configuration of SQL database setup as a Kubernetes deployment + internal: + enabled: false + postgresql: + username: deptrack + password: deptrack + database: deptrack + + # -- configuration of database + database: + external: + enabled: false + # Please see variable definitions here https://docs.dependencytrack.org/getting-started/configuration/ + databaseMode: "external" + databaseDriver: "org.postgresql.Driver" + databaseURL: "" + databaseUsername: "" + # Store the database user password in a Kubernetes Secret + databaseUserPassword: + secretName: "" + secretKey: ""