Merge pull request #14 from small-hack/update-values-docs

Update values.yaml, remove robots.txt, and add cert-manager and cnpg operator to dependencies installed for testing

.github/workflows/ci-helm-lint-test.yml

@@ -21,10 +21,6 @@ jobs:
       - name: Install Helm
         uses: azure/[email protected]
 
-      - name: Add dependency chart repos
-        run: |
-          helm repo add cnpg https://cloudnative-pg.github.io/charts
-
       - name: Set up chart-testing
         uses: helm/[email protected]
 
@@ -45,6 +41,14 @@ jobs:
         uses: helm/[email protected]
         if: steps.list-changed.outputs.changed == 'true'
 
+      - name: Add dependency helm chart repos and install
+        run: |
+          helm repo add cnpg https://cloudnative-pg.github.io/charts
+          helm repo add jetstack https://charts.jetstack.io
+          helm repo update
+          helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --set installCRDs=true --set prometheus.enabled=false
+          helm install cnpg --namespace cnpg-system --create-namespace cnpg/cloudnative-pg
+
       - name: Run chart-testing (install)
         id: install
         if: steps.list-changed.outputs.changed == 'true'

README.md

@@ -1,6 +1,6 @@
 # CloudNativePG Tenant Chart
 
-This [chart](https://small-hack.github.io/cloudnative-pg-tenant-chart/) is the tenant component to the operator component [here](https://github.com/cloudnative-pg/charts). Docs autogeneratated from the values.yaml are slowly being put togethere in the chart [README.md](https://github.com/small-hack/cloudnative-pg-tenant-chart/tree/main/charts/cloudnative-pg-tenant#readme).
+This [helm chart](https://small-hack.github.io/cloudnative-pg-tenant-chart/) is the tenant component to the [CloudNativePG operator helm chart](https://github.com/cloudnative-pg/charts). Docs autogeneratated from the values.yaml are slowly being put togethere in the chart directory's [README.md](https://github.com/small-hack/cloudnative-pg-tenant-chart/tree/main/charts/cloudnative-pg-tenant#readme).
 
 ## TLDR
 

charts/cloudnative-pg-tenant/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: cnpg-tenant
 description: Create postgres tenant clusters managed by the CNPG Operator
 type: application
-version: 0.0.8
+version: 0.0.9
 
 maintainers:
   - name: "cloudymax"

charts/cloudnative-pg-tenant/README.md

@@ -1,6 +1,6 @@
 # cnpg-tenant
 
-![Version: 0.0.8](https://img.shields.io/badge/Version-0.0.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
+![Version: 0.0.9](https://img.shields.io/badge/Version-0.0.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
 
 Create postgres tenant clusters managed by the CNPG Operator
 
@@ -15,26 +15,28 @@ Create postgres tenant clusters managed by the CNPG Operator
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
 | backup.barmanObjectStore.destinationPath | string | `"backups"` |  |
-| backup.barmanObjectStore.s3Credentials | object | `{"accessKeyId":{"key":"ACCESS_KEY_ID","name":"aws-creds"},"secretAccessKey":{"key":"ACCESS_SECRET_KEY","name":"aws-creds"}}` | how long to keep backups for |
-| backup.retentionPolicy | string | `"30d"` |  |
+| backup.barmanObjectStore.s3Credentials.accessKeyId.key | string | `"ACCESS_KEY_ID"` | key in Kubernetes Secret to use for S3 access key ID |
+| backup.barmanObjectStore.s3Credentials.accessKeyId.name | string | `"aws-creds"` | existing Kubernetes Secret to use for S3 access key ID |
+| backup.barmanObjectStore.s3Credentials.secretAccessKey.key | string | `"ACCESS_SECRET_KEY"` | key in Kubernetes Secret to use for S3 secret key |
+| backup.barmanObjectStore.s3Credentials.secretAccessKey.name | string | `"aws-creds"` | existing Kubernetes Secret to use for S3 secret key |
+| backup.retentionPolicy | string | `"30d"` | how long to keep backups for |
 | bootstrap.initdb.database | string | `"app"` | initial database to create |
 | bootstrap.initdb.owner | string | `"app"` | owner of the initial database that is created above |
 | bootstrap.initdb.postInitSQL | list | `["CREATE ROLE friend"]` | list of SQL commands to run as part of the init scripts |
 | bootstrap.initdb.secret.name | string | `"app-secret"` |  |
-| certificates.clientCASecret | string | `"my-postgres-client-cert"` |  |
-| certificates.replicationTLSSecret | string | `"my-postgres-client-cert"` |  |
-| certificates.serverCASecret | string | `"my-postgres-server-cert"` |  |
-| certificates.serverTLSSecret | string | `"my-postgres-server-cert"` |  |
+| certificates.clientCASecret | string | `"my-postgres-client-cert"` | name of existing Kubernetes Secret for the postgresql client Certificate Authority cert |
+| certificates.replicationTLSSecret | string | `"my-postgres-client-cert"` | name of existing Kubernetes Secret for the postgresql client TLS cert |
+| certificates.serverCASecret | string | `"my-postgres-server-cert"` | name of existing Kubernetes Secret for the postgresql server Certificate Authority cert |
+| certificates.serverTLSSecret | string | `"my-postgres-server-cert"` | name of existing Kubernetes Secret for the postgresql server TLS cert |
 | instances | int | `3` |  |
-| monitoring.enablePodMonitor | bool | `true` |  |
+| monitoring.enablePodMonitor | bool | `true` | enable monitoring via Prometheus |
 | name | string | `"cnpg"` |  |
-| postgresql.pg_hba[0] | string | `"hostnossl all all 0.0.0.0/0 reject"` |  |
-| postgresql.pg_hba[1] | string | `"hostssl all all 0.0.0.0/0 cert clientcert=verify-full"` |  |
-| scheduledBackup.name | string | `"example-backup"` |  |
+| postgresql.pg_hba | list | `["hostnossl all all 0.0.0.0/0 reject","hostssl all all 0.0.0.0/0 cert clientcert=verify-full"]` | records for the pg_hba.conf file. ref: https://www.postgresql.org/docs/current/auth-pg-hba-conf.html |
+| scheduledBackup.name | string | `"example-backup"` | name to use for your scheduled backup job |
 | scheduledBackup.spec.backupOwnerReference | string | `"self"` |  |
 | scheduledBackup.spec.cluster.name | string | `"pg-backup"` |  |
-| scheduledBackup.spec.schedule | string | `"0 0 0 * * *"` |  |
-| storage.size | string | `"1Gi"` |  |
+| scheduledBackup.spec.schedule | string | `"0 0 0 * * *"` | crontab style schedule to run the backups |
+| storage.size | string | `"1Gi"` | how much storage to allocate to the postgresql cluster |
 | superuserSecret.name | string | `"superuser-secret"` |  |
 
 ----------------------------------------------

charts/cloudnative-pg-tenant/values.yaml

@@ -18,39 +18,52 @@ bootstrap:
       - CREATE ROLE friend
 
 backup:
+  # -- how long to keep backups for
   retentionPolicy: "30d"
   barmanObjectStore:
     destinationPath: "backups"
-    # -- how long to keep backups for
     s3Credentials:
       accessKeyId:
+        # -- existing Kubernetes Secret to use for S3 access key ID
         name: "aws-creds"
+        # -- key in Kubernetes Secret to use for S3 access key ID
         key: "ACCESS_KEY_ID"
       secretAccessKey:
+        # -- existing Kubernetes Secret to use for S3 secret key
         name: "aws-creds"
+        # -- key in Kubernetes Secret to use for S3 secret key
         key: "ACCESS_SECRET_KEY"
 
 scheduledBackup:
+  # -- name to use for your scheduled backup job
   name: example-backup
   spec:
+    # -- crontab style schedule to run the backups
     schedule: "0 0 0 * * *"
     backupOwnerReference: self
     cluster:
       name: pg-backup
 
 certificates:
+  # -- name of existing Kubernetes Secret for the postgresql server TLS cert
   serverTLSSecret: my-postgres-server-cert
+  # -- name of existing Kubernetes Secret for the postgresql server Certificate Authority cert
   serverCASecret: my-postgres-server-cert
+  # -- name of existing Kubernetes Secret for the postgresql client Certificate Authority cert
   clientCASecret: my-postgres-client-cert
+  # -- name of existing Kubernetes Secret for the postgresql client TLS cert
   replicationTLSSecret: my-postgres-client-cert
 
 monitoring:
+  # -- enable monitoring via Prometheus
   enablePodMonitor: true
 
 postgresql:
+  # -- records for the pg_hba.conf file. ref: https://www.postgresql.org/docs/current/auth-pg-hba-conf.html
   pg_hba:
     - hostnossl all all 0.0.0.0/0 reject
     - hostssl all all 0.0.0.0/0 cert clientcert=verify-full
 
 storage:
+  # -- how much storage to allocate to the postgresql cluster
   size: 1Gi