Skip to content

Commit

Permalink
fix: adds missing flag tlsOn on helm chart
Browse files Browse the repository at this point in the history
  • Loading branch information
psanders committed Jun 21, 2023
1 parent 489b33c commit cac1a41
Show file tree
Hide file tree
Showing 5 changed files with 37 additions and 31 deletions.
15 changes: 8 additions & 7 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -28,13 +28,14 @@ FROM node:18-alpine as runner
ARG PKCS_PASSWORD=changeme

# TODO: Normalize GID and UID across all images
ENV PKCS_PASSWORD=$PKCS_PASSWORD
ENV PATH_TO_CERTS=/etc/routr/certs
ENV USER=fonoster
ENV GID=5000
ENV UID=5000
ENV JAVA_HOME=/service/jre
ENV EDGEPORT_RUNNER=/service/edgeport.sh
ENV PKCS_PASSWORD=$PKCS_PASSWORD \
PATH_TO_CERTS=/etc/routr/certs \
USER=fonoster \
GID=5000 \
UID=5000 \
JAVA_HOME=/service/jre \
EDGEPORT_RUNNER=/service/edgeport.sh \
TLS_ON=true

WORKDIR /service

Expand Down
4 changes: 2 additions & 2 deletions ops/charts/connect/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ apiVersion: v2
name: routr-connect
description: Routr Connect Helm Chart
type: application
version: 0.1.6
appVersion: 2.1.3
version: 0.1.7
appVersion: 2.1.5
dependencies:
- name: postgresql
version: 12.1.15
Expand Down
45 changes: 23 additions & 22 deletions ops/charts/connect/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -169,28 +169,29 @@ The [CHANGELOG](https://github.com/fonoster/routr/tree/gh-pages/charts/CHANGELOG

| Parameter | Description | Value |
| ------------------------------------------------------ | ----------------------------------------------------------- | ----------------------------------- |
| `apiserver.image.repository` | Image repository | ` fonoster/routr-pgdata` |
| `apiserver.image.tag` | Image tag | ` 2.0.8-alpha.35` |
| `apiserver.image.pullPolicy` | Image pull policy | ` IfNotPresent` |
| `apiserver.migrationsEnabled` | Enables database migrations | ` true` |
| `apiserver.migrationsImage.repository` | Image repository | ` fonoster/routr-pgdata-migrations` |
| `apiserver.migrationsImage.tag` | Image tag | ` 2.0.8-alpha.35` |
| `apiserver.migrationsImage.pullPolicy` | Image pull policy | ` IfNotPresent` |
| `apiserver.podAnnotations` | Pod annotations | ` {}` |
| `apiserver.serviceAnnotations` | Service annotations | ` {}` |
| `apiserver.resources` | Resource quotas | ` {}` |
| `apiserver.autoscaling.miniReplicas` | Minimum number of replicas | ` 1` |
| `apiserver.autoscaling.maxReplicas` | Maximum number of replicas | ` 10` |
| `apiserver.autoscaling.targetCPUUtilizationPercentage` | Target CPU utilization percentage | ` 50` |
| `apiserver.securityContext.runAsUser` | Running as a non-root user | ` 1000` |
| `apiserver.securityContext.runAsGroup` | Running as non-root group | ` 3000` |
| `apiserver.securityContext.fsGroup` | File system group | ` 2000` |
| `apiserver.securityContext.allowPrivilegeEscalation` | By default, no privilege escalation is allowed | ` false` |
| `apiserver.livenessProbe.initialDelaySeconds` | Initial delay in seconds before starting the liveness probe | ` 5` |
| `apiserver.livenessProbe.periodSeconds` | Period between liveness probes | ` 5` |
| `apiserver.livenessProbe.successThreshold` | Number of successes required to be considered healthy | ` 1` |
| `apiserver.livenessProbe.failureThreshold` | Number of failures required to be considered unhealthy | ` 2` |
| `apiserver.livenessProbe.timeoutSeconds` | Timeout in seconds for liveness probe | ` 1` |
| `apiserver.image.repository` | Image repository | `fonoster/routr-pgdata` |
| `apiserver.image.tag` | Image tag | `2.0.8-alpha.35` |
| `apiserver.image.pullPolicy` | Image pull policy | `IfNotPresent` |
| `apiserver.migrationsEnabled` | Enables database migrations | `true` |
| `apiserver.migrationsImage.repository` | Image repository | `fonoster/routr-pgdata-migrations` |
| `apiserver.migrationsImage.tag` | Image tag | `2.0.8-alpha.35` |
| `apiserver.migrationsImage.pullPolicy` | Image pull policy | `IfNotPresent` |
| `apiserver.tlsOn` | Enables TLS for the APIServer | `true` |
| `apiserver.podAnnotations` | Pod annotations | `{}` |
| `apiserver.serviceAnnotations` | Service annotations | `{}` |
| `apiserver.resources` | Resource quotas | `{}` |
| `apiserver.autoscaling.miniReplicas` | Minimum number of replicas | `1` |
| `apiserver.autoscaling.maxReplicas` | Maximum number of replicas | `10` |
| `apiserver.autoscaling.targetCPUUtilizationPercentage` | Target CPU utilization percentage | `50` |
| `apiserver.securityContext.runAsUser` | Running as a non-root user | `1000` |
| `apiserver.securityContext.runAsGroup` | Running as non-root group | `3000` |
| `apiserver.securityContext.fsGroup` | File system group | `2000` |
| `apiserver.securityContext.allowPrivilegeEscalation` | By default, no privilege escalation is allowed | `false` |
| `apiserver.livenessProbe.initialDelaySeconds` | Initial delay in seconds before starting the liveness probe | `5` |
| `apiserver.livenessProbe.periodSeconds` | Period between liveness probes | `5` |
| `apiserver.livenessProbe.successThreshold` | Number of successes required to be considered healthy | `1` |
| `apiserver.livenessProbe.failureThreshold` | Number of failures required to be considered unhealthy | `2` |
| `apiserver.livenessProbe.timeoutSeconds` | Timeout in seconds for liveness probe | `1` |

### Connect Processor parameters

Expand Down
2 changes: 2 additions & 0 deletions ops/charts/connect/templates/apiserver/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,8 @@ spec:
value: {{ .Values.global.logsLevel }}
- name: OTEL_EXPORTER_JAEGER_ENDPOINT
value: {{ .Values.global.otlExporter }}
- name: TLS_ON
value: "{{ .Values.apiserver.tlsOn }}"
ports:
- containerPort: 51907
# External port for the API server
Expand Down
2 changes: 2 additions & 0 deletions ops/charts/connect/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -227,6 +227,8 @@ apiserver:
# Uncomment the next line if you would like to point to an external postgresql db
# databaseUrl: postgresql://routr:changeme@dbserver:5432/routr?schema=public

# Set to false if you want to disable TLS for the APIServer (Not recommended)
tlsOn: true
# APIServer image configuration
image:
# APIServer image repository
Expand Down

0 comments on commit cac1a41

Please sign in to comment.