From b615a80b3028f44ae2d662e48592de481ebecc2a Mon Sep 17 00:00:00 2001 From: Giovanni Toraldo Date: Thu, 9 Feb 2023 10:48:38 +0100 Subject: [PATCH 01/26] OPSEXP-1958 Improve release README (#881) [actions skip] --- README.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 23cb908bf..16759f01e 100644 --- a/README.md +++ b/README.md @@ -99,6 +99,7 @@ Please use [this guide](CONTRIBUTING.md) to make a contribution to the project a Open a PR that will: +* Update the [versioning table](#versioning) * In [alfresco-common](helm/alfresco-common/Chart.yaml), bump chart version to the next stable release (usually by removing the `-SNAPSHOT` suffix) * In [alfresco-content-services](helm/alfresco-content-services/Chart.yaml), @@ -109,6 +110,8 @@ Open a PR that will: every [subchart](/helm/alfresco-content-services/charts/)) which has it as a dependency: * Bump version to the new `alfresco-common` stable version * Switch `repository` to `https://kubernetes-charts.alfresco.com/stable` +* Bump each subchart version to the next stable release (usually by removing the + `-SNAPSHOT` suffix) * Run `pre-commit run --all-files helm-docs` to update docs Once the PR has been merged, create and push the signed tag with: @@ -120,7 +123,10 @@ git push origin vx.x.x where `vx.x.x` is the `alfresco-content-services` version. -Once the tagged workflow is successful, open a PR to move back to development version: +Once the tagged workflow is successful, publish the [new release on +GitHub](https://github.com/Alfresco/acs-deployment/releases/new). + +Now proceed and open a PR to move back to development version: * In [alfresco-common](helm/alfresco-common/Chart.yaml), bump chart version to the next development release (usually by increasing the minor version and adding @@ -133,6 +139,8 @@ Once the tagged workflow is successful, open a PR to move back to development ve every [subchart](/helm/alfresco-content-services/charts/)) which has it as a dependency: * Bump version to the new `alfresco-common` development version * Switch `repository` back to `https://kubernetes-charts.alfresco.com/incubator` +* Bump each subchart version to the next development release (usually by + increasing the minor version and adding the `-SNAPSHOT` suffix) * Run `pre-commit run --all-files helm-docs` to update docs Once the PR has been merged, overwrite and push the signed mutable tag with: From 1ceb0fa57dcd3bf1acf9cb90f0ceb0ab89c9d48a Mon Sep 17 00:00:00 2001 From: Giovanni Toraldo Date: Thu, 9 Feb 2023 10:48:52 +0100 Subject: [PATCH 02/26] OPSEXP-1958 prepare for next iteration (#883) --- helm/alfresco-common/Chart.yaml | 2 +- helm/alfresco-content-services/Chart.yaml | 14 +++++++------- helm/alfresco-content-services/README.md | 12 ++++++------ .../charts/activemq/Chart.yaml | 6 +++--- .../charts/activemq/README.md | 4 ++-- .../alfresco-elasticsearch-connector/Chart.yaml | 6 +++--- .../alfresco-elasticsearch-connector/README.md | 4 ++-- .../charts/alfresco-search/Chart.yaml | 8 ++++---- .../charts/alfresco-search/README.md | 6 +++--- .../charts/alfresco-insight-zeppelin/Chart.yaml | 6 +++--- .../charts/alfresco-insight-zeppelin/README.md | 4 ++-- .../charts/alfresco-sync-service/Chart.yaml | 6 +++--- .../charts/alfresco-sync-service/README.md | 4 ++-- 13 files changed, 41 insertions(+), 41 deletions(-) diff --git a/helm/alfresco-common/Chart.yaml b/helm/alfresco-common/Chart.yaml index 448f20722..5a8a4dca9 100644 --- a/helm/alfresco-common/Chart.yaml +++ b/helm/alfresco-common/Chart.yaml @@ -5,7 +5,7 @@ description: | A helper subchart to avoid duplication in alfresco charts and set common external dependencies type: library -version: 0.3.0 +version: 0.4.0-SNAPSHOT dependencies: - name: common repository: >- diff --git a/helm/alfresco-content-services/Chart.yaml b/helm/alfresco-content-services/Chart.yaml index 8b2b34aec..2827abfaa 100644 --- a/helm/alfresco-content-services/Chart.yaml +++ b/helm/alfresco-content-services/Chart.yaml @@ -5,7 +5,7 @@ --- apiVersion: v2 name: alfresco-content-services -version: 5.4.0-M2 +version: 5.4.0-SNAPSHOT appVersion: 7.4.0-M2 description: A Helm chart for deploying Alfresco Content Services keywords: @@ -18,8 +18,8 @@ sources: - https://github.com/Alfresco/acs-deployment dependencies: - name: alfresco-common - version: 0.3.0 - repository: https://kubernetes-charts.alfresco.com/stable + version: 0.4.0-SNAPSHOT + repository: https://kubernetes-charts.alfresco.com/incubator - name: postgresql version: 10.16.2 repository: >- @@ -44,16 +44,16 @@ dependencies: condition: >- alfresco-digital-workspace.enabled - name: activemq - version: 2.2.0 + version: 2.3.0-SNAPSHOT condition: activemq.enabled - name: alfresco-search - version: 1.1.0 + version: 1.2.0-SNAPSHOT condition: alfresco-search.enabled - name: alfresco-elasticsearch-connector - version: 0.2.0 + version: 0.3.0-SNAPSHOT condition: alfresco-elasticsearch-connector.enabled - name: alfresco-sync-service - version: 3.1.0 + version: 3.2.0-SNAPSHOT - name: elasticsearch alias: elasticsearch repository: https://helm.elastic.co diff --git a/helm/alfresco-content-services/README.md b/helm/alfresco-content-services/README.md index 023b0b728..ff3c96cac 100644 --- a/helm/alfresco-content-services/README.md +++ b/helm/alfresco-content-services/README.md @@ -1,6 +1,6 @@ # alfresco-content-services -![Version: 5.4.0-M2](https://img.shields.io/badge/Version-5.4.0--M2-informational?style=flat-square) ![AppVersion: 7.4.0-M2](https://img.shields.io/badge/AppVersion-7.4.0--M2-informational?style=flat-square) +![Version: 5.4.0-SNAPSHOT](https://img.shields.io/badge/Version-5.4.0--SNAPSHOT-informational?style=flat-square) ![AppVersion: 7.4.0-M2](https://img.shields.io/badge/AppVersion-7.4.0--M2-informational?style=flat-square) A Helm chart for deploying Alfresco Content Services @@ -16,14 +16,14 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | Repository | Name | Version | |------------|------|---------| -| | activemq | 2.2.0 | -| | alfresco-elasticsearch-connector | 0.2.0 | -| | alfresco-search | 1.1.0 | -| | alfresco-sync-service | 3.1.0 | +| | activemq | 2.3.0-SNAPSHOT | +| | alfresco-elasticsearch-connector | 0.3.0-SNAPSHOT | +| | alfresco-search | 1.2.0-SNAPSHOT | +| | alfresco-sync-service | 3.2.0-SNAPSHOT | | https://activiti.github.io/activiti-cloud-helm-charts | alfresco-admin-app(common) | 7.7.0 | | https://activiti.github.io/activiti-cloud-helm-charts | alfresco-digital-workspace(common) | 7.7.0 | | https://helm.elastic.co | elasticsearch(elasticsearch) | 7.10.1 | -| https://kubernetes-charts.alfresco.com/stable | alfresco-common | 0.3.0 | +| https://kubernetes-charts.alfresco.com/incubator | alfresco-common | 0.4.0-SNAPSHOT | | https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami/ | postgresql | 10.16.2 | | https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami/ | postgresql-syncservice(postgresql) | 10.16.2 | diff --git a/helm/alfresco-content-services/charts/activemq/Chart.yaml b/helm/alfresco-content-services/charts/activemq/Chart.yaml index 7def99bb5..ee5f18447 100644 --- a/helm/alfresco-content-services/charts/activemq/Chart.yaml +++ b/helm/alfresco-content-services/charts/activemq/Chart.yaml @@ -8,9 +8,9 @@ keywords: name: activemq sources: - https://github.com/Alfresco/acs-deployment -version: 2.2.0 +version: 2.3.0-SNAPSHOT dependencies: - name: alfresco-common - version: 0.3.0 - repository: https://kubernetes-charts.alfresco.com/stable + version: 0.4.0-SNAPSHOT + repository: https://kubernetes-charts.alfresco.com/incubator icon: https://avatars0.githubusercontent.com/u/391127?s=200&v=4 diff --git a/helm/alfresco-content-services/charts/activemq/README.md b/helm/alfresco-content-services/charts/activemq/README.md index caa7548fe..7d8d5c2ff 100644 --- a/helm/alfresco-content-services/charts/activemq/README.md +++ b/helm/alfresco-content-services/charts/activemq/README.md @@ -1,6 +1,6 @@ # activemq -![Version: 2.2.0](https://img.shields.io/badge/Version-2.2.0-informational?style=flat-square) ![AppVersion: 5.17.1](https://img.shields.io/badge/AppVersion-5.17.1-informational?style=flat-square) +![Version: 2.3.0-SNAPSHOT](https://img.shields.io/badge/Version-2.3.0--SNAPSHOT-informational?style=flat-square) ![AppVersion: 5.17.1](https://img.shields.io/badge/AppVersion-5.17.1-informational?style=flat-square) A Helm chart providing a basic Apache ActiveMQ deployment required to evaluate ACS (do not use in production). @@ -19,7 +19,7 @@ Credentials get injected by the [main chart](../../README.md) and by default are | Repository | Name | Version | |------------|------|---------| -| https://kubernetes-charts.alfresco.com/stable | alfresco-common | 0.3.0 | +| https://kubernetes-charts.alfresco.com/incubator | alfresco-common | 0.4.0-SNAPSHOT | ## Values diff --git a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/Chart.yaml b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/Chart.yaml index 8204df023..e6dfb2de9 100644 --- a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/Chart.yaml +++ b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/Chart.yaml @@ -3,9 +3,9 @@ apiVersion: v2 name: alfresco-elasticsearch-connector description: A Helm chart for deploying Alfresco Elasticsearch connector type: application -version: 0.2.0 +version: 0.3.0-SNAPSHOT appVersion: 3.3.0-A9 dependencies: - name: alfresco-common - version: 0.3.0 - repository: https://kubernetes-charts.alfresco.com/stable + version: 0.4.0-SNAPSHOT + repository: https://kubernetes-charts.alfresco.com/incubator diff --git a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/README.md b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/README.md index c015d5602..79940eef8 100644 --- a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/README.md +++ b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/README.md @@ -1,6 +1,6 @@ # alfresco-elasticsearch-connector -![Version: 0.2.0](https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 3.3.0-A9](https://img.shields.io/badge/AppVersion-3.3.0--A9-informational?style=flat-square) +![Version: 0.3.0-SNAPSHOT](https://img.shields.io/badge/Version-0.3.0--SNAPSHOT-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 3.3.0-A9](https://img.shields.io/badge/AppVersion-3.3.0--A9-informational?style=flat-square) A Helm chart for deploying Alfresco Elasticsearch connector @@ -10,7 +10,7 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | Repository | Name | Version | |------------|------|---------| -| https://kubernetes-charts.alfresco.com/stable | alfresco-common | 0.3.0 | +| https://kubernetes-charts.alfresco.com/incubator | alfresco-common | 0.4.0-SNAPSHOT | ## Values diff --git a/helm/alfresco-content-services/charts/alfresco-search/Chart.yaml b/helm/alfresco-content-services/charts/alfresco-search/Chart.yaml index dc1e2112c..ac0a1a1f8 100644 --- a/helm/alfresco-content-services/charts/alfresco-search/Chart.yaml +++ b/helm/alfresco-content-services/charts/alfresco-search/Chart.yaml @@ -13,11 +13,11 @@ keywords: name: alfresco-search sources: - https://github.com/Alfresco/acs-deployment -version: 1.1.0 +version: 1.2.0-SNAPSHOT appVersion: 2.0.6 dependencies: - name: alfresco-insight-zeppelin - version: 1.1.0 + version: 1.2.0-SNAPSHOT - name: alfresco-common - version: 0.3.0 - repository: https://kubernetes-charts.alfresco.com/stable + version: 0.4.0-SNAPSHOT + repository: https://kubernetes-charts.alfresco.com/incubator diff --git a/helm/alfresco-content-services/charts/alfresco-search/README.md b/helm/alfresco-content-services/charts/alfresco-search/README.md index ede847ff2..6cff18aea 100644 --- a/helm/alfresco-content-services/charts/alfresco-search/README.md +++ b/helm/alfresco-content-services/charts/alfresco-search/README.md @@ -1,6 +1,6 @@ # alfresco-search -![Version: 1.1.0](https://img.shields.io/badge/Version-1.1.0-informational?style=flat-square) ![AppVersion: 2.0.6](https://img.shields.io/badge/AppVersion-2.0.6-informational?style=flat-square) +![Version: 1.2.0-SNAPSHOT](https://img.shields.io/badge/Version-1.2.0--SNAPSHOT-informational?style=flat-square) ![AppVersion: 2.0.6](https://img.shields.io/badge/AppVersion-2.0.6-informational?style=flat-square) A Helm chart for deploying Alfresco Search @@ -16,8 +16,8 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | Repository | Name | Version | |------------|------|---------| -| | alfresco-insight-zeppelin | 1.1.0 | -| https://kubernetes-charts.alfresco.com/stable | alfresco-common | 0.3.0 | +| | alfresco-insight-zeppelin | 1.2.0-SNAPSHOT | +| https://kubernetes-charts.alfresco.com/incubator | alfresco-common | 0.4.0-SNAPSHOT | ## Values diff --git a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/Chart.yaml b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/Chart.yaml index 42938bb82..ead166e50 100755 --- a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/Chart.yaml +++ b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/Chart.yaml @@ -10,9 +10,9 @@ keywords: name: alfresco-insight-zeppelin sources: - https://github.com/Alfresco/acs-deployment -version: 1.1.0 +version: 1.2.0-SNAPSHOT appVersion: 2.0.6 dependencies: - name: alfresco-common - version: 0.3.0 - repository: https://kubernetes-charts.alfresco.com/stable + version: 0.4.0-SNAPSHOT + repository: https://kubernetes-charts.alfresco.com/incubator diff --git a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/README.md b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/README.md index 9b23435b4..f0b3c36aa 100644 --- a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/README.md +++ b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/README.md @@ -1,6 +1,6 @@ # alfresco-insight-zeppelin -![Version: 1.1.0](https://img.shields.io/badge/Version-1.1.0-informational?style=flat-square) ![AppVersion: 2.0.6](https://img.shields.io/badge/AppVersion-2.0.6-informational?style=flat-square) +![Version: 1.2.0-SNAPSHOT](https://img.shields.io/badge/Version-1.2.0--SNAPSHOT-informational?style=flat-square) ![AppVersion: 2.0.6](https://img.shields.io/badge/AppVersion-2.0.6-informational?style=flat-square) A Helm chart for deploying Alfresco Insight Zeppelin @@ -16,7 +16,7 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | Repository | Name | Version | |------------|------|---------| -| https://kubernetes-charts.alfresco.com/stable | alfresco-common | 0.3.0 | +| https://kubernetes-charts.alfresco.com/incubator | alfresco-common | 0.4.0-SNAPSHOT | ## Values diff --git a/helm/alfresco-content-services/charts/alfresco-sync-service/Chart.yaml b/helm/alfresco-content-services/charts/alfresco-sync-service/Chart.yaml index bcbf60fb1..b8534bd6a 100644 --- a/helm/alfresco-content-services/charts/alfresco-sync-service/Chart.yaml +++ b/helm/alfresco-content-services/charts/alfresco-sync-service/Chart.yaml @@ -8,7 +8,7 @@ keywords: name: alfresco-sync-service sources: - https://github.com/Alfresco/acs-deployment -version: 3.1.0 +version: 3.2.0-SNAPSHOT appVersion: 4.0.0-M6 icon: https://avatars0.githubusercontent.com/u/391127?s=200&v=4 dependencies: @@ -17,5 +17,5 @@ dependencies: https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami/ version: 1.x.x - name: alfresco-common - version: 0.3.0 - repository: https://kubernetes-charts.alfresco.com/stable + version: 0.4.0-SNAPSHOT + repository: https://kubernetes-charts.alfresco.com/incubator diff --git a/helm/alfresco-content-services/charts/alfresco-sync-service/README.md b/helm/alfresco-content-services/charts/alfresco-sync-service/README.md index 8b99a4edd..e6234f4ea 100644 --- a/helm/alfresco-content-services/charts/alfresco-sync-service/README.md +++ b/helm/alfresco-content-services/charts/alfresco-sync-service/README.md @@ -1,6 +1,6 @@ # alfresco-sync-service -![Version: 3.1.0](https://img.shields.io/badge/Version-3.1.0-informational?style=flat-square) ![AppVersion: 4.0.0-M6](https://img.shields.io/badge/AppVersion-4.0.0--M6-informational?style=flat-square) +![Version: 3.2.0-SNAPSHOT](https://img.shields.io/badge/Version-3.2.0--SNAPSHOT-informational?style=flat-square) ![AppVersion: 4.0.0-M6](https://img.shields.io/badge/AppVersion-4.0.0--M6-informational?style=flat-square) Alfresco Sync Service @@ -12,7 +12,7 @@ Alfresco Sync Service | Repository | Name | Version | |------------|------|---------| -| https://kubernetes-charts.alfresco.com/stable | alfresco-common | 0.3.0 | +| https://kubernetes-charts.alfresco.com/incubator | alfresco-common | 0.4.0-SNAPSHOT | | https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami/ | common | 1.x.x | ## Values From 72ff78dda92dc8fbeb05f6158b86ac83e25ce529 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Feb 2023 09:24:06 +0100 Subject: [PATCH 03/26] Bump Alfresco/alfresco-build-tools from 1.33.0 to 1.35.0 (#887) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/docker-compose-community.yml | 2 +- .github/workflows/docker-compose-enterprise.yml | 2 +- .github/workflows/helm-community.yml | 2 +- .github/workflows/helm-enterprise.yml | 2 +- .github/workflows/helm-release.yml | 2 +- .github/workflows/helm-static-checks.yml | 8 ++++---- .github/workflows/pre-commit-compose.yml | 2 +- .github/workflows/pre-commit-helm-docs.yml | 2 +- 8 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/docker-compose-community.yml b/.github/workflows/docker-compose-community.yml index 642165e34..7be2d2c4d 100644 --- a/.github/workflows/docker-compose-community.yml +++ b/.github/workflows/docker-compose-community.yml @@ -17,6 +17,6 @@ jobs: runs-on: ubuntu-latest steps: - uses: >- - Alfresco/alfresco-build-tools/.github/actions/dbp-charts/verify-compose@v1.33.0 + Alfresco/alfresco-build-tools/.github/actions/dbp-charts/verify-compose@v1.35.0 with: compose_file_path: docker-compose/community-docker-compose.yml diff --git a/.github/workflows/docker-compose-enterprise.yml b/.github/workflows/docker-compose-enterprise.yml index 8056f7eab..c94f8f23f 100644 --- a/.github/workflows/docker-compose-enterprise.yml +++ b/.github/workflows/docker-compose-enterprise.yml @@ -32,7 +32,7 @@ jobs: ) steps: - uses: >- - Alfresco/alfresco-build-tools/.github/actions/dbp-charts/verify-compose@v1.33.0 + Alfresco/alfresco-build-tools/.github/actions/dbp-charts/verify-compose@v1.35.0 with: compose_file_path: docker-compose/${{ matrix.compose_file }} quay_username: ${{ secrets.QUAY_USERNAME }} diff --git a/.github/workflows/helm-community.yml b/.github/workflows/helm-community.yml index 4ffb49656..24824e0c3 100644 --- a/.github/workflows/helm-community.yml +++ b/.github/workflows/helm-community.yml @@ -17,7 +17,7 @@ jobs: steps: - uses: actions/checkout@v3 - name: Setup cluster - uses: Alfresco/alfresco-build-tools/.github/actions/setup-kind@v1.33.0 + uses: Alfresco/alfresco-build-tools/.github/actions/setup-kind@v1.35.0 - name: Use local dependencies uses: ./.github/actions/use-local-deps with: diff --git a/.github/workflows/helm-enterprise.yml b/.github/workflows/helm-enterprise.yml index c79d369e7..4031fd98d 100644 --- a/.github/workflows/helm-enterprise.yml +++ b/.github/workflows/helm-enterprise.yml @@ -86,7 +86,7 @@ jobs: charts-root: helm chart-name: ${{ matrix.name }} - uses: >- - Alfresco/alfresco-build-tools/.github/actions/dbp-charts/verify-helm@v1.33.0 + Alfresco/alfresco-build-tools/.github/actions/dbp-charts/verify-helm@v1.35.0 with: skip_checkout: 'true' test_newman: 'true' diff --git a/.github/workflows/helm-release.yml b/.github/workflows/helm-release.yml index 140cc8831..c16086a56 100644 --- a/.github/workflows/helm-release.yml +++ b/.github/workflows/helm-release.yml @@ -42,7 +42,7 @@ jobs: fetch-depth: 0 - name: Publish chart uses: >- - Alfresco/alfresco-build-tools/.github/actions/dbp-charts/publish-chart@v1.33.0 + Alfresco/alfresco-build-tools/.github/actions/dbp-charts/publish-chart@v1.35.0 with: chart_name: ${{ matrix.charts }} github_token: ${{ secrets.BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/helm-static-checks.yml b/.github/workflows/helm-static-checks.yml index 6723fa3a3..39ffe5f47 100644 --- a/.github/workflows/helm-static-checks.yml +++ b/.github/workflows/helm-static-checks.yml @@ -41,11 +41,11 @@ jobs: charts-root: helm chart-name: alfresco-content-services - uses: >- - Alfresco/alfresco-build-tools/.github/actions/helm-build-chart@v1.33.0 + Alfresco/alfresco-build-tools/.github/actions/helm-build-chart@v1.35.0 with: chart-dir: helm/${{ matrix.charts.name }} - uses: >- - Alfresco/alfresco-build-tools/.github/actions/helm-unit-tests@v1.33.0 + Alfresco/alfresco-build-tools/.github/actions/helm-unit-tests@v1.35.0 with: chart-dir: helm/${{ matrix.charts.name }} chart-type: ${{ matrix.charts.type }} @@ -64,11 +64,11 @@ jobs: charts-root: helm chart-name: alfresco-content-services - uses: >- - Alfresco/alfresco-build-tools/.github/actions/helm-build-chart@v1.33.0 + Alfresco/alfresco-build-tools/.github/actions/helm-build-chart@v1.35.0 with: chart-dir: helm/${{ matrix.charts.name }} - uses: >- - Alfresco/alfresco-build-tools/.github/actions/helm-template-yamllint@v1.33.0 + Alfresco/alfresco-build-tools/.github/actions/helm-template-yamllint@v1.35.0 with: chart-dir: helm/${{ matrix.charts.name }} helm-options: --values tests/values/test_values.yaml diff --git a/.github/workflows/pre-commit-compose.yml b/.github/workflows/pre-commit-compose.yml index 889fede10..481b65635 100644 --- a/.github/workflows/pre-commit-compose.yml +++ b/.github/workflows/pre-commit-compose.yml @@ -21,4 +21,4 @@ jobs: name: Run pre-commit runs-on: ubuntu-latest steps: - - uses: Alfresco/alfresco-build-tools/.github/actions/pre-commit@v1.33.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/pre-commit@v1.35.0 diff --git a/.github/workflows/pre-commit-helm-docs.yml b/.github/workflows/pre-commit-helm-docs.yml index 75f6eab4b..607095a4c 100644 --- a/.github/workflows/pre-commit-helm-docs.yml +++ b/.github/workflows/pre-commit-helm-docs.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@v1.33.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@v1.35.0 - uses: pre-commit/action@v3.0.0 with: extra_args: helm-docs --all-files From 1a5bd546de91e1adaf68cb92fd6d3b5a7d8c1f57 Mon Sep 17 00:00:00 2001 From: Saurabh Lohe <105858985+slohe1@users.noreply.github.com> Date: Mon, 13 Feb 2023 14:26:29 +0530 Subject: [PATCH 04/26] OPSEXP-1880 Test and document log4jv2 configuration in helm charts (#886) Co-authored-by: Alex Chapellon --- docs/helm/README.md | 3 +- .../config-dev-log4j-properties.yaml | 13 ++++--- .../templates/deployment-repository.yaml | 20 ++++++----- .../tests/deployment-repository_test.yaml | 34 +++++++++++++++++++ 4 files changed, 56 insertions(+), 14 deletions(-) diff --git a/docs/helm/README.md b/docs/helm/README.md index 3cd1fc50d..d080cf6eb 100644 --- a/docs/helm/README.md +++ b/docs/helm/README.md @@ -173,8 +173,7 @@ To add additional repository log statements across the whole cluster use the `ex repository: ... extraLogStatements: - org.alfresco.repo.content.transform.TransformerDebug: debug - org.alfresco.repo.security.authentication.identityservice: debug + org.alfresco.repo.security.sync: debug ``` **NOTE:** ACS deployment does not include any log aggregation tools. The logs generated by pods will be lost once the pods are terminated. diff --git a/helm/alfresco-content-services/templates/config-dev-log4j-properties.yaml b/helm/alfresco-content-services/templates/config-dev-log4j-properties.yaml index 8b16ec2d0..aa7da0058 100644 --- a/helm/alfresco-content-services/templates/config-dev-log4j-properties.yaml +++ b/helm/alfresco-content-services/templates/config-dev-log4j-properties.yaml @@ -1,14 +1,19 @@ {{- if .Values.repository.extraLogStatements }} -# Defines log4j propeties +# Defines log4j properties apiVersion: v1 kind: ConfigMap metadata: - name: {{ template "alfresco.shortname" . }}-dev-log4j-properties-configmap + name: {{ template "alfresco.shortname" . }}-custom-log4j-properties-configmap labels: {{- include "repository.labels" . | nindent 4 }} data: - dev-log4j.properties: |- + custom-log4j.properties: |- {{- range $key, $val := .Values.repository.extraLogStatements }} - log4j.logger.{{ $key }}={{ tpl $val $ }} + log4j.logger.{{ $key }}={{ $val }} + {{- end }} + custom-log4j2.properties: |- + {{- range $key, $val := .Values.repository.extraLogStatements }} + logger.{{ $key | replace "." "-" }}.name={{ $key }} + logger.{{ $key | replace "." "-" }}.level={{ $val }} {{- end }} {{- end }} diff --git a/helm/alfresco-content-services/templates/deployment-repository.yaml b/helm/alfresco-content-services/templates/deployment-repository.yaml index 844abfe4c..23b9dc143 100644 --- a/helm/alfresco-content-services/templates/deployment-repository.yaml +++ b/helm/alfresco-content-services/templates/deployment-repository.yaml @@ -24,7 +24,6 @@ spec: checksum/config: {{ include (print $.Template.BasePath "/config-repository.yaml") . | sha256sum }} checksum/secretDatabase: {{ include (print $.Template.BasePath "/secret-database.yaml") . | sha256sum }} checksum/secretS3: {{ include (print $.Template.BasePath "/secret-s3.yaml") . | sha256sum }} - checksum/config-log4j: {{ include (print $.Template.BasePath "/config-dev-log4j-properties.yaml") . | sha256sum }} labels: {{- include "repository.selectorLabels" . | nindent 8 }} spec: @@ -89,9 +88,12 @@ spec: name: acs-license {{- end }} {{- if .Values.repository.extraLogStatements }} - - name: dev-log4j-properties-volume - mountPath: /usr/local/tomcat/shared/classes/alfresco/extension/dev-log4j.properties - subPath: dev-log4j.properties + - name: repository-logging-properties-volume + mountPath: /usr/local/tomcat/shared/classes/alfresco/extension/custom-log4j.properties + subPath: custom-log4j.properties + - name: repository-logging-properties-volume + mountPath: /usr/local/tomcat/shared/classes/alfresco/extension/custom-log4j2.properties + subPath: custom-log4j2.properties {{- end }} startupProbe: httpGet: @@ -204,12 +206,14 @@ spec: defaultMode: 0400 {{- end }} {{- if .Values.repository.extraLogStatements }} - - name : dev-log4j-properties-volume + - name : repository-logging-properties-volume configMap: - name: {{ template "alfresco.shortname" . }}-dev-log4j-properties-configmap + name: {{ template "alfresco.shortname" . }}-custom-log4j-properties-configmap items: - - key: dev-log4j.properties - path: dev-log4j.properties + - key: custom-log4j.properties + path: custom-log4j.properties + - key: custom-log4j2.properties + path: custom-log4j2.properties {{- end }} - name: custom-pipeline-config-volume configMap: diff --git a/helm/alfresco-content-services/tests/deployment-repository_test.yaml b/helm/alfresco-content-services/tests/deployment-repository_test.yaml index 89c429dea..34065d41f 100644 --- a/helm/alfresco-content-services/tests/deployment-repository_test.yaml +++ b/helm/alfresco-content-services/tests/deployment-repository_test.yaml @@ -17,6 +17,40 @@ tests: value: RELEASE-NAME-alfresco-cs-repository template: deployment-repository.yaml + - it: Log4j & Log4j2 test + values: *testvalues + set: + repository: + extraLogStatements: + org.alfresco.repo.content.transform.TransformerDebug: debug + asserts: + - contains: + path: spec.template.spec.volumes + content: + name: repository-logging-properties-volume + configMap: + name: RELEASE-NAME-alfresco-custom-log4j-properties-configmap + items: + - key: custom-log4j.properties + path: custom-log4j.properties + - key: custom-log4j2.properties + path: custom-log4j2.properties + template: deployment-repository.yaml + - contains: + path: spec.template.spec.containers[0].volumeMounts + content: + name: repository-logging-properties-volume + mountPath: /usr/local/tomcat/shared/classes/alfresco/extension/custom-log4j.properties + subPath: custom-log4j.properties + template: deployment-repository.yaml + - contains: + path: spec.template.spec.containers[0].volumeMounts + content: + name: repository-logging-properties-volume + mountPath: /usr/local/tomcat/shared/classes/alfresco/extension/custom-log4j2.properties + subPath: custom-log4j2.properties + template: deployment-repository.yaml + - it: should have default mail secret in env when email server is enabled values: *testvalues set: From 6343b9cc961d9a40156ecd63e5879a354b49f2f6 Mon Sep 17 00:00:00 2001 From: Giovanni Toraldo Date: Tue, 14 Feb 2023 14:13:49 +0100 Subject: [PATCH 05/26] OPSEXP-1851 migrate alfresco-common to new repository (#888) --- .github/actions/use-local-deps/action.yml | 23 ---------- .github/actions/use-local-deps/local-deps.sh | 22 --------- .github/workflows/helm-community.yml | 5 -- .github/workflows/helm-enterprise.yml | 5 -- .github/workflows/helm-static-checks.yml | 10 ---- .github/workflows/pre-commit-helm.yml | 5 -- helm/alfresco-common/.helmignore | 25 ---------- helm/alfresco-common/Chart.yaml | 14 ------ helm/alfresco-common/README.md | 15 ------ helm/alfresco-common/README.md.gotmpl | 18 -------- .../templates/_helpers-activemq.tpl | 25 ---------- .../templates/_helpers-image-pull-secrets.tpl | 6 --- .../templates/_helpers-persistence.tpl | 41 ----------------- .../templates/_helpers-search.tpl | 46 ------------------- .../templates/_helpers-security.yaml | 32 ------------- helm/alfresco-common/templates/_helpers.tpl | 9 ---- helm/alfresco-content-services/Chart.yaml | 4 +- helm/alfresco-content-services/README.md | 2 +- .../charts/activemq/Chart.yaml | 4 +- .../charts/activemq/README.md | 2 +- .../Chart.yaml | 4 +- .../README.md | 2 +- .../charts/alfresco-search/Chart.yaml | 4 +- .../charts/alfresco-search/README.md | 2 +- .../alfresco-insight-zeppelin/Chart.yaml | 4 +- .../alfresco-insight-zeppelin/README.md | 2 +- .../charts/alfresco-sync-service/Chart.yaml | 4 +- .../charts/alfresco-sync-service/README.md | 2 +- 28 files changed, 18 insertions(+), 319 deletions(-) delete mode 100644 .github/actions/use-local-deps/action.yml delete mode 100755 .github/actions/use-local-deps/local-deps.sh delete mode 100644 helm/alfresco-common/.helmignore delete mode 100644 helm/alfresco-common/Chart.yaml delete mode 100644 helm/alfresco-common/README.md delete mode 100644 helm/alfresco-common/README.md.gotmpl delete mode 100644 helm/alfresco-common/templates/_helpers-activemq.tpl delete mode 100644 helm/alfresco-common/templates/_helpers-image-pull-secrets.tpl delete mode 100644 helm/alfresco-common/templates/_helpers-persistence.tpl delete mode 100644 helm/alfresco-common/templates/_helpers-search.tpl delete mode 100644 helm/alfresco-common/templates/_helpers-security.yaml delete mode 100644 helm/alfresco-common/templates/_helpers.tpl diff --git a/.github/actions/use-local-deps/action.yml b/.github/actions/use-local-deps/action.yml deleted file mode 100644 index f336a69de..000000000 --- a/.github/actions/use-local-deps/action.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -name: use_local_dep -inputs: - charts-root: - required: false - description: root directory containing the charts - type: string - default: helm - chart-name: - required: true - description: Name of the chart to compute local dependencies for - type: string -description: | - Package and extract local dependencies. - This action MUST be run BEFORE any helm dep command -runs: - using: composite - steps: - - name: iterate over chart to find dependencies - run: >- - ${{ github.action_path }}/local-deps.sh - ${{ inputs.charts-root }}/${{ inputs.chart-name }} - shell: bash diff --git a/.github/actions/use-local-deps/local-deps.sh b/.github/actions/use-local-deps/local-deps.sh deleted file mode 100755 index 3a65e3b45..000000000 --- a/.github/actions/use-local-deps/local-deps.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash -e -# Compute charts dependencies and force local dependencies resolution -CHARTS_ROOT=$(dirname "$1") -CHART_NAME=$(basename "$1") - -# Get every charts we MAY depend on -for DEP_ROOT in $(ls -d "${CHARTS_ROOT}"/* | grep -v "${CHART_NAME}") -do export DEP=$(basename "$DEP_ROOT") - DEP_VER=$(yq e '.version' "${CHARTS_ROOT}"/"${DEP}"/Chart.yaml) - # Get every charts descriptor including subcharts - for CHART_NSUBS in $(find "${CHARTS_ROOT}/${CHART_NAME}" -type f ! -regex "${CHARTS_ROOT}/.*$DEP/Chart.yaml" -name Chart.yaml) - do echo "Looking for $DEP as a dependency in $CHART_NSUBS" - CHART_WORKDIR=$(dirname "$CHART_NSUBS")/charts - # Check charts r subchart ACTUALLY depends on the local dependency - if yq e -i 'del(.dependencies[] | select(.name==strenv(DEP)).repository)' "${CHART_NSUBS}" > /dev/null 2>&1; then - helm package --dependency-update --destination "${CHART_WORKDIR}" "${CHARTS_ROOT}/${DEP}" - tar zxf "${CHART_WORKDIR}/${DEP}-${DEP_VER}.tgz" -C "${CHART_WORKDIR}" - rm "${CHART_WORKDIR}/${DEP}-${DEP_VER}.tgz" - else echo "no dependency to $DEP found in ${CHART_NSUBS}, skipping" - fi - done -done diff --git a/.github/workflows/helm-community.yml b/.github/workflows/helm-community.yml index 24824e0c3..c5d622022 100644 --- a/.github/workflows/helm-community.yml +++ b/.github/workflows/helm-community.yml @@ -18,11 +18,6 @@ jobs: - uses: actions/checkout@v3 - name: Setup cluster uses: Alfresco/alfresco-build-tools/.github/actions/setup-kind@v1.35.0 - - name: Use local dependencies - uses: ./.github/actions/use-local-deps - with: - charts-root: helm - chart-name: alfresco-content-services - name: Community local deployment run: | helm dep up ./helm/alfresco-content-services diff --git a/.github/workflows/helm-enterprise.yml b/.github/workflows/helm-enterprise.yml index 4031fd98d..1e8f4b107 100644 --- a/.github/workflows/helm-enterprise.yml +++ b/.github/workflows/helm-enterprise.yml @@ -80,11 +80,6 @@ jobs: echo "Release prefix to $SANITIZED_V" echo "app_version=$V" >> $GITHUB_OUTPUT echo "app_prefix=${SANITIZED_V}" >> $GITHUB_OUTPUT - - name: Use local dependencies - uses: ./.github/actions/use-local-deps - with: - charts-root: helm - chart-name: ${{ matrix.name }} - uses: >- Alfresco/alfresco-build-tools/.github/actions/dbp-charts/verify-helm@v1.35.0 with: diff --git a/.github/workflows/helm-static-checks.yml b/.github/workflows/helm-static-checks.yml index 39ffe5f47..62a2d7ac9 100644 --- a/.github/workflows/helm-static-checks.yml +++ b/.github/workflows/helm-static-checks.yml @@ -35,11 +35,6 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - - name: Use local dependencies - uses: ./.github/actions/use-local-deps - with: - charts-root: helm - chart-name: alfresco-content-services - uses: >- Alfresco/alfresco-build-tools/.github/actions/helm-build-chart@v1.35.0 with: @@ -58,11 +53,6 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 - - name: Use local dependencies - uses: ./.github/actions/use-local-deps - with: - charts-root: helm - chart-name: alfresco-content-services - uses: >- Alfresco/alfresco-build-tools/.github/actions/helm-build-chart@v1.35.0 with: diff --git a/.github/workflows/pre-commit-helm.yml b/.github/workflows/pre-commit-helm.yml index b06326f97..492b0da16 100644 --- a/.github/workflows/pre-commit-helm.yml +++ b/.github/workflows/pre-commit-helm.yml @@ -25,9 +25,4 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - name: Use local dependencies - uses: ./.github/actions/use-local-deps - with: - charts-root: helm - chart-name: alfresco-content-services - uses: pre-commit/action@v3.0.0 diff --git a/helm/alfresco-common/.helmignore b/helm/alfresco-common/.helmignore deleted file mode 100644 index 721fe6abd..000000000 --- a/helm/alfresco-common/.helmignore +++ /dev/null @@ -1,25 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Helm unit tests -tests -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/helm/alfresco-common/Chart.yaml b/helm/alfresco-common/Chart.yaml deleted file mode 100644 index 5a8a4dca9..000000000 --- a/helm/alfresco-common/Chart.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -apiVersion: v2 -name: alfresco-common -description: | - A helper subchart to avoid duplication in alfresco charts and set common - external dependencies -type: library -version: 0.4.0-SNAPSHOT -dependencies: - - name: common - repository: >- - https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami/ - version: 1.x.x -icon: https://avatars0.githubusercontent.com/u/391127?s=200&v=4 diff --git a/helm/alfresco-common/README.md b/helm/alfresco-common/README.md deleted file mode 100644 index a2ca3c548..000000000 --- a/helm/alfresco-common/README.md +++ /dev/null @@ -1,15 +0,0 @@ -# alfresco-common - -![Version: 0.2.0-SNAPSHOT](https://img.shields.io/badge/Version-0.2.0--SNAPSHOT-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square) - -A helper subchart to avoid duplication in alfresco charts and set common -external dependencies - -Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/blob/master/docs/helm/README.md) for information on the Helm charts and deployment instructions. - -## Requirements - -| Repository | Name | Version | -|------------|------|---------| -| https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami/ | common | 1.x.x | - diff --git a/helm/alfresco-common/README.md.gotmpl b/helm/alfresco-common/README.md.gotmpl deleted file mode 100644 index b301f3932..000000000 --- a/helm/alfresco-common/README.md.gotmpl +++ /dev/null @@ -1,18 +0,0 @@ -{{ template "chart.header" . }} -{{ template "chart.deprecationWarning" . }} - -{{ template "chart.badgesSection" . }} - -{{ template "chart.description" . }} - -Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/blob/master/docs/helm/README.md) for information on the Helm charts and deployment instructions. - -{{ template "chart.homepageLine" . }} - -{{ template "chart.maintainersSection" . }} - -{{ template "chart.sourcesSection" . }} - -{{ template "chart.requirementsSection" . }} - -{{ template "chart.valuesSection" . }} diff --git a/helm/alfresco-common/templates/_helpers-activemq.tpl b/helm/alfresco-common/templates/_helpers-activemq.tpl deleted file mode 100644 index 518e8cda9..000000000 --- a/helm/alfresco-common/templates/_helpers-activemq.tpl +++ /dev/null @@ -1,25 +0,0 @@ -{{/* -Create a default fully qualified name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "activemq.fullname" -}} -{{- printf "%s-activemq" .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{- define "activemq.env" -}} -- name: ACTIVEMQ_URL - value: $(BROKER_URL) -- name: ACTIVEMQ_USER - value: $(BROKER_USERNAME) -- name: ACTIVEMQ_PASSWORD - value: $(BROKER_PASSWORD) -{{- end -}} - -{{- define "spring.activemq.env" -}} -- name: SPRING_ACTIVEMQ_BROKERURL - value: $(BROKER_URL) -- name: SPRING_ACTIVEMQ_USER - value: $(BROKER_USERNAME) -- name: SPRING_ACTIVEMQ_PASSWORD - value: $(BROKER_PASSWORD) -{{- end -}} diff --git a/helm/alfresco-common/templates/_helpers-image-pull-secrets.tpl b/helm/alfresco-common/templates/_helpers-image-pull-secrets.tpl deleted file mode 100644 index 12605363a..000000000 --- a/helm/alfresco-common/templates/_helpers-image-pull-secrets.tpl +++ /dev/null @@ -1,6 +0,0 @@ -{{- define "alfresco-content-services.imagePullSecrets" }} -{{- if .Values.global.alfrescoRegistryPullSecrets }} -imagePullSecrets: - - name: {{ .Values.global.alfrescoRegistryPullSecrets }} -{{- end }} -{{- end }} diff --git a/helm/alfresco-common/templates/_helpers-persistence.tpl b/helm/alfresco-common/templates/_helpers-persistence.tpl deleted file mode 100644 index d473d0577..000000000 --- a/helm/alfresco-common/templates/_helpers-persistence.tpl +++ /dev/null @@ -1,41 +0,0 @@ -{{- define "data_volume" -}} -- name: data -{{- $svc_name := .service.name }} -{{- with .persistence }} -{{- if .enabled }} -{{- $sc_name := .storageClass | default "default" }} - persistentVolumeClaim: - claimName: >- - {{ .existingClaim | default (printf "%s-%s-pvc" $svc_name $sc_name ) }} -{{- else }} - emptyDir: - sizeLimit: {{ .baseSize | default "20Gi" | quote }} -{{- end }} -{{- end }} -{{- end -}} - -{{- define "component_pvc" -}} -{{ $svc_name := .service.name }} -{{- with .persistence }} -{{- $sc_name := .storageClass | default "default" -}} ---- -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ printf "%s-%s-pvc" $svc_name $sc_name }} -spec: - {{- if .storageClass }} - storageClassName: {{ .storageClass | quote }} - {{- end }} - {{- if .accessModes }} - accessModes: - {{- range .accessModes }} - - {{ . }} - {{- end }} - {{- end }} - volumeMode: {{ .volumeMode | default "Filesystem" }} - resources: - requests: - storage: {{ .baseSize | default "20Gi" | quote }} -{{- end }} -{{- end -}} diff --git a/helm/alfresco-common/templates/_helpers-search.tpl b/helm/alfresco-common/templates/_helpers-search.tpl deleted file mode 100644 index 873676991..000000000 --- a/helm/alfresco-common/templates/_helpers-search.tpl +++ /dev/null @@ -1,46 +0,0 @@ -{{/* -Create a default fully qualified name. -*/}} -{{- define "alfresco-search.fullName" -}} -{{- printf "%s-alfresco-search" .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Alfresco Search2 Host -*/}} -{{- define "alfresco-search.host" -}} -{{- if index $.Values "alfresco-search" "enabled" -}} - {{ printf "%s-solr" (include "alfresco-search.fullName" .) -}} -{{- else -}} - {{ index $.Values "alfresco-search" "external" "host" | default "localhost" -}} -{{- end -}} -{{- end -}} - -{{/* -Get Alfresco Search Port -*/}} -{{- define "alfresco-search.port" -}} -{{- if index $.Values "alfresco-search" "enabled" -}} - {{ print (index .Values "alfresco-search" "service" "externalPort") -}} -{{- else -}} - {{ index $.Values "alfresco-search" "external" "port" | default "8983" -}} -{{- end -}} -{{- end -}} - -{{/* -Get Alfresco Solr context -*/}} -{{- define "alfresco-search.baseurl" -}} -{{- if index $.Values "alfresco-search" "enabled" -}} - /solr -{{- else -}} - {{ index $.Values "alfresco-search" "external" "context" | default "/solr" -}} -{{- end -}} -{{- end -}} - -{{/* -Required Solr secret -*/}} -{{- define "tracking-shared-secret" -}} - {{- required "You need to provide a shared secret for Solr/repo authentication , see https://github.com/Alfresco/acs-deployment/tree/master/docs/helm" .Values.global.tracking.sharedsecret -}} -{{- end }} diff --git a/helm/alfresco-common/templates/_helpers-security.yaml b/helm/alfresco-common/templates/_helpers-security.yaml deleted file mode 100644 index 8829e4e77..000000000 --- a/helm/alfresco-common/templates/_helpers-security.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{- define "default-pod-security-context" }} - runAsNonRoot: true - runAsUser: 33099 - fsGroupChangePolicy: OnRootMismatch -{{- end }} - -{{- define "default-security-context" }} - runAsNonRoot: true - allowPrivilegeEscalation: false - capabilities: - drop: - - NET_RAW - - ALL -{{- end }} - -{{- define "component-pod-security-context" }} - securityContext: -{{- if .podSecurityContext }} - {{- .podSecurityContext | toYaml | nindent 4 }} -{{- else }} -{{- include "default-pod-security-context" . }} -{{- end }} -{{- end }} - -{{- define "component-security-context" }} - securityContext: -{{- if .securityContext }} - {{- .securityContext | toYaml | nindent 4 }} -{{- else }} -{{- include "default-security-context" . }} -{{- end }} -{{- end }} diff --git a/helm/alfresco-common/templates/_helpers.tpl b/helm/alfresco-common/templates/_helpers.tpl deleted file mode 100644 index 7ae7d584b..000000000 --- a/helm/alfresco-common/templates/_helpers.tpl +++ /dev/null @@ -1,9 +0,0 @@ -{{- define "content-services.shortname" -}} -{{- $name := (.Values.NameOverride | default "alfresco-cs") -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{- define "alfresco.shortname" -}} -{{- $name := (.Values.NameOverride | default "alfresco-") -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} diff --git a/helm/alfresco-content-services/Chart.yaml b/helm/alfresco-content-services/Chart.yaml index 2827abfaa..f6628051f 100644 --- a/helm/alfresco-content-services/Chart.yaml +++ b/helm/alfresco-content-services/Chart.yaml @@ -18,8 +18,8 @@ sources: - https://github.com/Alfresco/acs-deployment dependencies: - name: alfresco-common - version: 0.4.0-SNAPSHOT - repository: https://kubernetes-charts.alfresco.com/incubator + version: 1.0.0 + repository: https://alfresco.github.io/alfresco-helm-charts/ - name: postgresql version: 10.16.2 repository: >- diff --git a/helm/alfresco-content-services/README.md b/helm/alfresco-content-services/README.md index ff3c96cac..a2f3ee23f 100644 --- a/helm/alfresco-content-services/README.md +++ b/helm/alfresco-content-services/README.md @@ -22,8 +22,8 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | | alfresco-sync-service | 3.2.0-SNAPSHOT | | https://activiti.github.io/activiti-cloud-helm-charts | alfresco-admin-app(common) | 7.7.0 | | https://activiti.github.io/activiti-cloud-helm-charts | alfresco-digital-workspace(common) | 7.7.0 | +| https://alfresco.github.io/alfresco-helm-charts/ | alfresco-common | 1.0.0 | | https://helm.elastic.co | elasticsearch(elasticsearch) | 7.10.1 | -| https://kubernetes-charts.alfresco.com/incubator | alfresco-common | 0.4.0-SNAPSHOT | | https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami/ | postgresql | 10.16.2 | | https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami/ | postgresql-syncservice(postgresql) | 10.16.2 | diff --git a/helm/alfresco-content-services/charts/activemq/Chart.yaml b/helm/alfresco-content-services/charts/activemq/Chart.yaml index ee5f18447..179c09c34 100644 --- a/helm/alfresco-content-services/charts/activemq/Chart.yaml +++ b/helm/alfresco-content-services/charts/activemq/Chart.yaml @@ -11,6 +11,6 @@ sources: version: 2.3.0-SNAPSHOT dependencies: - name: alfresco-common - version: 0.4.0-SNAPSHOT - repository: https://kubernetes-charts.alfresco.com/incubator + version: 1.0.0 + repository: https://alfresco.github.io/alfresco-helm-charts/ icon: https://avatars0.githubusercontent.com/u/391127?s=200&v=4 diff --git a/helm/alfresco-content-services/charts/activemq/README.md b/helm/alfresco-content-services/charts/activemq/README.md index 7d8d5c2ff..fc41f135c 100644 --- a/helm/alfresco-content-services/charts/activemq/README.md +++ b/helm/alfresco-content-services/charts/activemq/README.md @@ -19,7 +19,7 @@ Credentials get injected by the [main chart](../../README.md) and by default are | Repository | Name | Version | |------------|------|---------| -| https://kubernetes-charts.alfresco.com/incubator | alfresco-common | 0.4.0-SNAPSHOT | +| https://alfresco.github.io/alfresco-helm-charts/ | alfresco-common | 1.0.0 | ## Values diff --git a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/Chart.yaml b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/Chart.yaml index e6dfb2de9..4ea8ebdb4 100644 --- a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/Chart.yaml +++ b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/Chart.yaml @@ -7,5 +7,5 @@ version: 0.3.0-SNAPSHOT appVersion: 3.3.0-A9 dependencies: - name: alfresco-common - version: 0.4.0-SNAPSHOT - repository: https://kubernetes-charts.alfresco.com/incubator + version: 1.0.0 + repository: https://alfresco.github.io/alfresco-helm-charts/ diff --git a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/README.md b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/README.md index 79940eef8..c8945944b 100644 --- a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/README.md +++ b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/README.md @@ -10,7 +10,7 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | Repository | Name | Version | |------------|------|---------| -| https://kubernetes-charts.alfresco.com/incubator | alfresco-common | 0.4.0-SNAPSHOT | +| https://alfresco.github.io/alfresco-helm-charts/ | alfresco-common | 1.0.0 | ## Values diff --git a/helm/alfresco-content-services/charts/alfresco-search/Chart.yaml b/helm/alfresco-content-services/charts/alfresco-search/Chart.yaml index ac0a1a1f8..97fa0a979 100644 --- a/helm/alfresco-content-services/charts/alfresco-search/Chart.yaml +++ b/helm/alfresco-content-services/charts/alfresco-search/Chart.yaml @@ -19,5 +19,5 @@ dependencies: - name: alfresco-insight-zeppelin version: 1.2.0-SNAPSHOT - name: alfresco-common - version: 0.4.0-SNAPSHOT - repository: https://kubernetes-charts.alfresco.com/incubator + version: 1.0.0 + repository: https://alfresco.github.io/alfresco-helm-charts/ diff --git a/helm/alfresco-content-services/charts/alfresco-search/README.md b/helm/alfresco-content-services/charts/alfresco-search/README.md index 6cff18aea..e9a793144 100644 --- a/helm/alfresco-content-services/charts/alfresco-search/README.md +++ b/helm/alfresco-content-services/charts/alfresco-search/README.md @@ -17,7 +17,7 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | Repository | Name | Version | |------------|------|---------| | | alfresco-insight-zeppelin | 1.2.0-SNAPSHOT | -| https://kubernetes-charts.alfresco.com/incubator | alfresco-common | 0.4.0-SNAPSHOT | +| https://alfresco.github.io/alfresco-helm-charts/ | alfresco-common | 1.0.0 | ## Values diff --git a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/Chart.yaml b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/Chart.yaml index ead166e50..9965f8fef 100755 --- a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/Chart.yaml +++ b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/Chart.yaml @@ -14,5 +14,5 @@ version: 1.2.0-SNAPSHOT appVersion: 2.0.6 dependencies: - name: alfresco-common - version: 0.4.0-SNAPSHOT - repository: https://kubernetes-charts.alfresco.com/incubator + version: 1.0.0 + repository: https://alfresco.github.io/alfresco-helm-charts/ diff --git a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/README.md b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/README.md index f0b3c36aa..0d753bfe9 100644 --- a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/README.md +++ b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/README.md @@ -16,7 +16,7 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | Repository | Name | Version | |------------|------|---------| -| https://kubernetes-charts.alfresco.com/incubator | alfresco-common | 0.4.0-SNAPSHOT | +| https://alfresco.github.io/alfresco-helm-charts/ | alfresco-common | 1.0.0 | ## Values diff --git a/helm/alfresco-content-services/charts/alfresco-sync-service/Chart.yaml b/helm/alfresco-content-services/charts/alfresco-sync-service/Chart.yaml index b8534bd6a..51f9b38e7 100644 --- a/helm/alfresco-content-services/charts/alfresco-sync-service/Chart.yaml +++ b/helm/alfresco-content-services/charts/alfresco-sync-service/Chart.yaml @@ -17,5 +17,5 @@ dependencies: https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami/ version: 1.x.x - name: alfresco-common - version: 0.4.0-SNAPSHOT - repository: https://kubernetes-charts.alfresco.com/incubator + version: 1.0.0 + repository: https://alfresco.github.io/alfresco-helm-charts/ diff --git a/helm/alfresco-content-services/charts/alfresco-sync-service/README.md b/helm/alfresco-content-services/charts/alfresco-sync-service/README.md index e6234f4ea..d46616ced 100644 --- a/helm/alfresco-content-services/charts/alfresco-sync-service/README.md +++ b/helm/alfresco-content-services/charts/alfresco-sync-service/README.md @@ -12,7 +12,7 @@ Alfresco Sync Service | Repository | Name | Version | |------------|------|---------| -| https://kubernetes-charts.alfresco.com/incubator | alfresco-common | 0.4.0-SNAPSHOT | +| https://alfresco.github.io/alfresco-helm-charts/ | alfresco-common | 1.0.0 | | https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami/ | common | 1.x.x | ## Values From 0883a52f47df3f0e0c9175c19383c670c9eca090 Mon Sep 17 00:00:00 2001 From: Giovanni Toraldo Date: Wed, 15 Feb 2023 14:00:58 +0100 Subject: [PATCH 06/26] OPSEXP-1851 Merge pre-commit helm workflows (#891) --- .github/workflows/pre-commit-helm-docs.yml | 27 ---------------------- .github/workflows/pre-commit-helm.yml | 5 ++-- 2 files changed, 3 insertions(+), 29 deletions(-) delete mode 100644 .github/workflows/pre-commit-helm-docs.yml diff --git a/.github/workflows/pre-commit-helm-docs.yml b/.github/workflows/pre-commit-helm-docs.yml deleted file mode 100644 index 607095a4c..000000000 --- a/.github/workflows/pre-commit-helm-docs.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -name: Pre-commit (Helm Docs) - -on: - pull_request: - branches: - - "master" - paths: - - "helm/**" - - "test/postman/helm/**" - - ".github/workflows/helm*" - - "**.md" - - ".pre-commit-config.yaml" - push: - branches: - - "master" - -jobs: - pre_commit: - name: Run pre-commit - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@v1.35.0 - - uses: pre-commit/action@v3.0.0 - with: - extra_args: helm-docs --all-files diff --git a/.github/workflows/pre-commit-helm.yml b/.github/workflows/pre-commit-helm.yml index 492b0da16..c15947926 100644 --- a/.github/workflows/pre-commit-helm.yml +++ b/.github/workflows/pre-commit-helm.yml @@ -8,7 +8,7 @@ on: paths: - "helm/**" - "test/postman/helm/**" - - ".github/workflows/helm*" + - ".github/workflows/pre-commit-helm.yml" - "**.md" - ".pre-commit-config.yaml" push: @@ -17,7 +17,7 @@ on: env: # https://pre-commit.com/#temporarily-disabling-hooks - SKIP: docker-compose-check,helm-docs + SKIP: docker-compose-check jobs: pre_commit: @@ -25,4 +25,5 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@v1.35.0 - uses: pre-commit/action@v3.0.0 From 65e9e7e87db35e94ec3dbb2d3f0410f6ad538c4f Mon Sep 17 00:00:00 2001 From: Giovanni Toraldo Date: Wed, 15 Feb 2023 14:01:25 +0100 Subject: [PATCH 07/26] Add missing tracking secret in community docker desktop helm docs (#892) --- docs/helm/docker-desktop-deployment.md | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/docs/helm/docker-desktop-deployment.md b/docs/helm/docker-desktop-deployment.md index 084cae61e..4efb6f718 100644 --- a/docs/helm/docker-desktop-deployment.md +++ b/docs/helm/docker-desktop-deployment.md @@ -105,13 +105,14 @@ To install the latest version of Community we need to use the [community_values. ```bash helm install acs alfresco/alfresco-content-services \ ---values=community_values.yaml \ ---set externalPort="80" \ ---set externalProtocol="http" \ ---set externalHost="localhost" \ ---atomic \ ---timeout 10m0s \ ---namespace=alfresco + --values=community_values.yaml \ + --set externalPort="80" \ + --set externalProtocol="http" \ + --set externalHost="localhost" \ + --set global.tracking.sharedsecret=$(openssl rand -hex 24) \ + --atomic \ + --timeout 10m0s \ + --namespace=alfresco ``` > NOTE: The command will wait until the deployment is ready so please be patient. From 99c02f34d235bcd246d4cd781f4c0624b803a046 Mon Sep 17 00:00:00 2001 From: Giovanni Toraldo Date: Wed, 22 Feb 2023 09:05:58 +0100 Subject: [PATCH 08/26] OPSEXP-1855 bump activemq chart (#893) --- helm/alfresco-content-services/Chart.yaml | 3 +- helm/alfresco-content-services/README.md | 2 +- .../charts/activemq/Chart.yaml | 16 ---- .../charts/activemq/README.md | 64 --------------- .../charts/activemq/README.md.gotmpl | 23 ------ .../templates/deployment-activemq.yaml | 79 ------------------- .../activemq/templates/pvc-activemq.yaml | 3 - .../templates/svc-activemq-broker.yaml | 29 ------- .../templates/svc-activemq-web-console.yaml | 21 ----- .../tests/deployment-activemq_test.yaml | 41 ---------- .../activemq/tests/pv_activemq_test.yaml | 66 ---------------- .../charts/activemq/values.yaml | 67 ---------------- .../templates/_helpers.tpl | 5 ++ .../templates/secret-message-broker.yaml | 2 +- 14 files changed, 9 insertions(+), 412 deletions(-) delete mode 100644 helm/alfresco-content-services/charts/activemq/Chart.yaml delete mode 100644 helm/alfresco-content-services/charts/activemq/README.md delete mode 100644 helm/alfresco-content-services/charts/activemq/README.md.gotmpl delete mode 100755 helm/alfresco-content-services/charts/activemq/templates/deployment-activemq.yaml delete mode 100644 helm/alfresco-content-services/charts/activemq/templates/pvc-activemq.yaml delete mode 100755 helm/alfresco-content-services/charts/activemq/templates/svc-activemq-broker.yaml delete mode 100755 helm/alfresco-content-services/charts/activemq/templates/svc-activemq-web-console.yaml delete mode 100644 helm/alfresco-content-services/charts/activemq/tests/deployment-activemq_test.yaml delete mode 100644 helm/alfresco-content-services/charts/activemq/tests/pv_activemq_test.yaml delete mode 100644 helm/alfresco-content-services/charts/activemq/values.yaml diff --git a/helm/alfresco-content-services/Chart.yaml b/helm/alfresco-content-services/Chart.yaml index f6628051f..a74435551 100644 --- a/helm/alfresco-content-services/Chart.yaml +++ b/helm/alfresco-content-services/Chart.yaml @@ -44,7 +44,8 @@ dependencies: condition: >- alfresco-digital-workspace.enabled - name: activemq - version: 2.3.0-SNAPSHOT + version: 3.0.1 + repository: https://alfresco.github.io/alfresco-helm-charts/ condition: activemq.enabled - name: alfresco-search version: 1.2.0-SNAPSHOT diff --git a/helm/alfresco-content-services/README.md b/helm/alfresco-content-services/README.md index a2f3ee23f..74cf667c4 100644 --- a/helm/alfresco-content-services/README.md +++ b/helm/alfresco-content-services/README.md @@ -16,12 +16,12 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | Repository | Name | Version | |------------|------|---------| -| | activemq | 2.3.0-SNAPSHOT | | | alfresco-elasticsearch-connector | 0.3.0-SNAPSHOT | | | alfresco-search | 1.2.0-SNAPSHOT | | | alfresco-sync-service | 3.2.0-SNAPSHOT | | https://activiti.github.io/activiti-cloud-helm-charts | alfresco-admin-app(common) | 7.7.0 | | https://activiti.github.io/activiti-cloud-helm-charts | alfresco-digital-workspace(common) | 7.7.0 | +| https://alfresco.github.io/alfresco-helm-charts/ | activemq | 3.0.1 | | https://alfresco.github.io/alfresco-helm-charts/ | alfresco-common | 1.0.0 | | https://helm.elastic.co | elasticsearch(elasticsearch) | 7.10.1 | | https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami/ | postgresql | 10.16.2 | diff --git a/helm/alfresco-content-services/charts/activemq/Chart.yaml b/helm/alfresco-content-services/charts/activemq/Chart.yaml deleted file mode 100644 index 179c09c34..000000000 --- a/helm/alfresco-content-services/charts/activemq/Chart.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -apiVersion: v2 -appVersion: 5.17.1 -description: A Helm chart providing a basic Apache ActiveMQ deployment required to evaluate ACS (do not use in production). -keywords: - - activemq - - message broker -name: activemq -sources: - - https://github.com/Alfresco/acs-deployment -version: 2.3.0-SNAPSHOT -dependencies: - - name: alfresco-common - version: 1.0.0 - repository: https://alfresco.github.io/alfresco-helm-charts/ -icon: https://avatars0.githubusercontent.com/u/391127?s=200&v=4 diff --git a/helm/alfresco-content-services/charts/activemq/README.md b/helm/alfresco-content-services/charts/activemq/README.md deleted file mode 100644 index fc41f135c..000000000 --- a/helm/alfresco-content-services/charts/activemq/README.md +++ /dev/null @@ -1,64 +0,0 @@ -# activemq - -![Version: 2.3.0-SNAPSHOT](https://img.shields.io/badge/Version-2.3.0--SNAPSHOT-informational?style=flat-square) ![AppVersion: 5.17.1](https://img.shields.io/badge/AppVersion-5.17.1-informational?style=flat-square) - -A Helm chart providing a basic Apache ActiveMQ deployment required to evaluate ACS (do not use in production). - -Please refer to the [documentation](../../../../docs/helm/README.md) for information on the Helm charts and deployment instructions. - -Credentials get injected by the [main chart](../../README.md) and by default are: - -* username: admin -* password: admin - -## Source Code - -* - -## Requirements - -| Repository | Name | Version | -|------------|------|---------| -| https://alfresco.github.io/alfresco-helm-charts/ | alfresco-common | 1.0.0 | - -## Values - -| Key | Type | Default | Description | -|-----|------|---------|-------------| -| adminUser.existingSecretName | string | `nil` | An existing kubernetes secret that contains BROKER_USERNAME and BROKER_PASSWORD keys | -| enabled | bool | `true` | | -| image.pullPolicy | string | `"IfNotPresent"` | | -| image.repository | string | `"alfresco/alfresco-activemq"` | | -| image.tag | string | `"5.17.1-jre11-rockylinux8"` | | -| livenessProbe.failureThreshold | int | `1` | | -| livenessProbe.initialDelaySeconds | int | `130` | | -| livenessProbe.periodSeconds | int | `20` | | -| livenessProbe.timeoutSeconds | int | `10` | | -| nodeSelector | object | `{}` | | -| persistence.accessModes | list | `["ReadWriteOnce"]` | defines type of access required by the persistent volume [Access_Modes] (https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) | -| persistence.baseSize | string | `"20Gi"` | | -| persistence.data.mountPath | string | `"/opt/activemq/data"` | | -| persistence.data.subPath | string | `"alfresco-infrastructure/activemq-data"` | | -| persistence.enabled | bool | `true` | | -| persistence.existingClaim | string | `nil` | | -| persistence.storageClass | string | `nil` | | -| podSecurityContext.fsGroup | int | `1000` | | -| podSecurityContext.runAsGroup | int | `1000` | | -| podSecurityContext.runAsUser | int | `33031` | | -| readinessProbe | object | `{"failureThreshold":6,"initialDelaySeconds":60,"periodSeconds":20,"timeoutSeconds":10}` | The ActiveMQ readiness probe is used to check startup only as a failure of the liveness probe later will result in the pod being restarted. | -| replicaCount | int | `1` | | -| resources.limits.cpu | string | `"2"` | | -| resources.limits.memory | string | `"2048Mi"` | | -| resources.requests.cpu | string | `"0.25"` | | -| resources.requests.memory | string | `"512Mi"` | | -| service.name | string | `"activemq"` | | -| services.broker.ports.external.amqp | int | `5672` | | -| services.broker.ports.external.openwire | int | `61616` | | -| services.broker.ports.external.stomp | int | `61613` | | -| services.broker.ports.internal.amqp | int | `5672` | | -| services.broker.ports.internal.openwire | int | `61616` | | -| services.broker.ports.internal.stomp | int | `61613` | | -| services.broker.type | string | `"ClusterIP"` | | -| services.webConsole.ports.external.webConsole | int | `8161` | | -| services.webConsole.ports.internal.webConsole | int | `8161` | | -| services.webConsole.type | string | `"NodePort"` | | diff --git a/helm/alfresco-content-services/charts/activemq/README.md.gotmpl b/helm/alfresco-content-services/charts/activemq/README.md.gotmpl deleted file mode 100644 index 86f810d90..000000000 --- a/helm/alfresco-content-services/charts/activemq/README.md.gotmpl +++ /dev/null @@ -1,23 +0,0 @@ -{{ template "chart.header" . }} -{{ template "chart.deprecationWarning" . }} - -{{ template "chart.badgesSection" . }} - -{{ template "chart.description" . }} - -Please refer to the [documentation](../../../../docs/helm/README.md) for information on the Helm charts and deployment instructions. - -Credentials get injected by the [main chart](../../README.md) and by default are: - -* username: admin -* password: admin - -{{ template "chart.homepageLine" . }} - -{{ template "chart.maintainersSection" . }} - -{{ template "chart.sourcesSection" . }} - -{{ template "chart.requirementsSection" . }} - -{{ template "chart.valuesSection" . }} diff --git a/helm/alfresco-content-services/charts/activemq/templates/deployment-activemq.yaml b/helm/alfresco-content-services/charts/activemq/templates/deployment-activemq.yaml deleted file mode 100755 index 0e5f8f2df..000000000 --- a/helm/alfresco-content-services/charts/activemq/templates/deployment-activemq.yaml +++ /dev/null @@ -1,79 +0,0 @@ -{{- if .Values.enabled }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "activemq.fullname" . }} - labels: - app: {{ template "activemq.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ template "activemq.fullname" . }} - release: {{ .Release.Name }} - template: - metadata: - labels: - app: {{ template "activemq.fullname" . }} - release: {{ .Release.Name }} - spec: - {{- include "component-pod-security-context" .Values | indent 4 }} - {{- if .Values.nodeSelector }} - nodeSelector: {{- .Values.nodeSelector | toYaml | nindent 8 }} - {{- end }} - containers: - - name: activemq - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- include "component-security-context" .Values | indent 6 }} - env: - - name: ACTIVEMQ_CONFIG_MINMEMORY - value: "{{ .Values.resources.requests.memory | replace "Mi" "" }}" - - name: ACTIVEMQ_CONFIG_MAXMEMORY - value: "{{ .Values.resources.limits.memory | replace "Mi" "" }}" - - name: ACTIVEMQ_BROKER_NAME - value: "{{ template "activemq.fullname" . }}" - - name: ACTIVEMQ_ADMIN_LOGIN - valueFrom: - secretKeyRef: - name: {{ default (printf "%s-brokersecret" (include "content-services.shortname" $)) $.Values.adminUser.existingSecretName }} - key: BROKER_USERNAME - - name: ACTIVEMQ_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - name: {{ default (printf "%s-brokersecret" (include "content-services.shortname" $)) $.Values.adminUser.existingSecretName }} - key: BROKER_PASSWORD - ports: - - name: stomp - containerPort: {{ .Values.services.broker.ports.internal.stomp | default 61613 }} - - name: openwire - containerPort: {{ .Values.services.broker.ports.internal.openwire | default 61616 }} - - name: amqp - containerPort: {{ .Values.services.broker.ports.internal.amqp | default 5672 }} - - name: web-console - containerPort: {{ .Values.services.webConsole.ports.internal.webConsole | default 8161 }} - readinessProbe: - tcpSocket: - port: {{ .Values.services.broker.ports.internal.openwire | default 61616 }} - initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - failureThreshold: {{ .Values.readinessProbe.failureThreshold }} - timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} - livenessProbe: - tcpSocket: - port: {{ .Values.services.broker.ports.internal.openwire | default 61616 }} - initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - failureThreshold: {{ .Values.livenessProbe.failureThreshold }} - timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} - resources: {{- toYaml .Values.resources | nindent 12 }} - volumeMounts: - - name: data - mountPath: {{ .Values.persistence.data.mountPath }} - subPath: {{ .Values.persistence.data.subPath }} - volumes: - {{- include "data_volume" .Values | nindent 8 }} -{{- end }} diff --git a/helm/alfresco-content-services/charts/activemq/templates/pvc-activemq.yaml b/helm/alfresco-content-services/charts/activemq/templates/pvc-activemq.yaml deleted file mode 100644 index 6183cd046..000000000 --- a/helm/alfresco-content-services/charts/activemq/templates/pvc-activemq.yaml +++ /dev/null @@ -1,3 +0,0 @@ -{{- if and (not .Values.persistence.existingClaim) .Values.persistence.enabled }} -{{ include "component_pvc" .Values }} -{{- end }} diff --git a/helm/alfresco-content-services/charts/activemq/templates/svc-activemq-broker.yaml b/helm/alfresco-content-services/charts/activemq/templates/svc-activemq-broker.yaml deleted file mode 100755 index 387fec6db..000000000 --- a/helm/alfresco-content-services/charts/activemq/templates/svc-activemq-broker.yaml +++ /dev/null @@ -1,29 +0,0 @@ -{{- if .Values.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "activemq.fullname" . }}-broker - labels: - app: {{ template "activemq.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.services.broker.type }} - ports: - - port: {{ .Values.services.broker.ports.external.stomp | default 61613 }} - targetPort: {{ .Values.services.broker.ports.internal.stomp | default 61613 }} - name: stomp - protocol: TCP - - port: {{ .Values.services.broker.ports.external.openwire | default 61616 }} - targetPort: {{ .Values.services.broker.ports.internal.openwire | default 61616 }} - name: openwire - protocol: TCP - - port: {{ .Values.services.broker.ports.external.amqp | default 5672 }} - targetPort: {{ .Values.services.broker.ports.internal.amqp | default 5672 }} - name: amqp - protocol: TCP - selector: - app: {{ template "activemq.fullname" . }} - release: {{ .Release.Name }} -{{- end }} diff --git a/helm/alfresco-content-services/charts/activemq/templates/svc-activemq-web-console.yaml b/helm/alfresco-content-services/charts/activemq/templates/svc-activemq-web-console.yaml deleted file mode 100755 index b5809e88f..000000000 --- a/helm/alfresco-content-services/charts/activemq/templates/svc-activemq-web-console.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if .Values.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "activemq.fullname" . }}-web-console - labels: - app: {{ template "activemq.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.services.webConsole.type }} - ports: - - port: {{ .Values.services.webConsole.ports.external.webConsole | default 8161 }} - targetPort: {{ .Values.services.webConsole.ports.internal.webConsole | default 8161 }} - name: web-console - protocol: TCP - selector: - app: {{ template "activemq.fullname" . }} - release: {{ .Release.Name }} -{{- end }} diff --git a/helm/alfresco-content-services/charts/activemq/tests/deployment-activemq_test.yaml b/helm/alfresco-content-services/charts/activemq/tests/deployment-activemq_test.yaml deleted file mode 100644 index e051e03af..000000000 --- a/helm/alfresco-content-services/charts/activemq/tests/deployment-activemq_test.yaml +++ /dev/null @@ -1,41 +0,0 @@ ---- -suite: test activemq persistence -templates: - - deployment-activemq.yaml -tests: - - it: should reference default secret containing broker default credentials - values: &testvalues - - ../../../tests/values/test_values.yaml - asserts: - - equal: - path: spec.template.spec.containers[0].env[3].name - value: ACTIVEMQ_ADMIN_LOGIN - template: deployment-activemq.yaml - - equal: - path: spec.template.spec.containers[0].env[3].valueFrom.secretKeyRef.name - value: RELEASE-NAME-alfresco-cs-brokersecret - template: deployment-activemq.yaml - - - it: should reference overridden secret when setting existingSecretName - values: *testvalues - set: - adminUser.existingSecretName: existing-secret - asserts: - - equal: - path: spec.template.spec.containers[0].env[3].valueFrom.secretKeyRef.name - value: existing-secret - template: deployment-activemq.yaml - - - it: should render cpu and memory limits - values: *testvalues - asserts: - - equal: - path: spec.template.spec.containers[0].resources - value: - requests: - cpu: "0.25" - memory: "512Mi" - limits: - cpu: "2" - memory: "2048Mi" - template: deployment-activemq.yaml diff --git a/helm/alfresco-content-services/charts/activemq/tests/pv_activemq_test.yaml b/helm/alfresco-content-services/charts/activemq/tests/pv_activemq_test.yaml deleted file mode 100644 index b9d17f945..000000000 --- a/helm/alfresco-content-services/charts/activemq/tests/pv_activemq_test.yaml +++ /dev/null @@ -1,66 +0,0 @@ ---- -suite: test activemq persistence -templates: - - deployment-activemq.yaml - - pvc-activemq.yaml -tests: - - it: should render an ephemeral volume - values: &testvalues - - ../../../tests/values/test_values.yaml - set: - persistence: - enabled: false - asserts: - - contains: - path: spec.template.spec.volumes - content: - emptyDir: - sizeLimit: 20Gi - name: data - template: deployment-activemq.yaml - - it: should render a deployment with set claim - values: *testvalues - set: - persistence: - enabled: true - existingClaim: mysfsvolume - asserts: - - equal: - path: >- - spec.template.spec.volumes[0].persistentVolumeClaim.claimName - value: mysfsvolume - template: deployment-activemq.yaml - - it: should render a deployment with dynamic claim name - values: *testvalues - set: - persistence: - enabled: true - volumeMode: Block - accessModes: - - ReadWriteMany - - ReadOnlyMany - asserts: - - equal: - path: >- - spec.template.spec.volumes[0].persistentVolumeClaim.claimName - value: activemq-default-pvc - template: deployment-activemq.yaml - - isNull: - path: spec.storageClassName - template: pvc-activemq.yaml - - it: should render a deployment with provided storage class - values: *testvalues - set: - persistence: - enabled: true - storageClass: cheap - asserts: - - equal: - path: >- - spec.template.spec.volumes[0].persistentVolumeClaim.claimName - value: activemq-cheap-pvc - template: deployment-activemq.yaml - - equal: - path: spec.storageClassName - value: cheap - template: pvc-activemq.yaml diff --git a/helm/alfresco-content-services/charts/activemq/values.yaml b/helm/alfresco-content-services/charts/activemq/values.yaml deleted file mode 100644 index 7c19f715c..000000000 --- a/helm/alfresco-content-services/charts/activemq/values.yaml +++ /dev/null @@ -1,67 +0,0 @@ -# Leave this to true to deploy the chart -enabled: true -replicaCount: 1 -nodeSelector: {} -image: - repository: alfresco/alfresco-activemq - tag: 5.17.1-jre11-rockylinux8 - pullPolicy: IfNotPresent -adminUser: - # -- An existing kubernetes secret that contains BROKER_USERNAME and BROKER_PASSWORD keys - existingSecretName: -podSecurityContext: - runAsUser: 33031 - runAsGroup: 1000 - fsGroup: 1000 -resources: - requests: - cpu: "0.25" - memory: "512Mi" - limits: - cpu: "2" - memory: "2048Mi" -service: - name: activemq -services: - broker: - ports: - internal: - stomp: 61613 - amqp: 5672 - openwire: 61616 - external: - stomp: 61613 - amqp: 5672 - openwire: 61616 - type: ClusterIP - webConsole: - ports: - internal: - webConsole: 8161 - external: - webConsole: 8161 - type: NodePort -# -- The ActiveMQ readiness probe is used to check startup only as a failure -# of the liveness probe later will result in the pod being restarted. -readinessProbe: - initialDelaySeconds: 60 - periodSeconds: 20 - timeoutSeconds: 10 - failureThreshold: 6 -livenessProbe: - initialDelaySeconds: 130 - periodSeconds: 20 - timeoutSeconds: 10 - failureThreshold: 1 -persistence: - enabled: true - baseSize: 20Gi - storageClass: - # -- defines type of access required by the persistent volume - # [Access_Modes] (https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) - accessModes: - - ReadWriteOnce - existingClaim: - data: - mountPath: "/opt/activemq/data" - subPath: "alfresco-infrastructure/activemq-data" diff --git a/helm/alfresco-content-services/templates/_helpers.tpl b/helm/alfresco-content-services/templates/_helpers.tpl index 078ba945d..1ece8d3ed 100644 --- a/helm/alfresco-content-services/templates/_helpers.tpl +++ b/helm/alfresco-content-services/templates/_helpers.tpl @@ -10,3 +10,8 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this {{- define "content-services.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" -}} {{- end }} + +{{- define "content-services.activemq.fullname" -}} +{{- $data := dict "Release" .Release "Values" .Values.activemq "Chart" (dict "Name" "activemq") }} +{{- include "activemq.fullname" $data }} +{{- end }} diff --git a/helm/alfresco-content-services/templates/secret-message-broker.yaml b/helm/alfresco-content-services/templates/secret-message-broker.yaml index ffde38f95..fc9e80c1a 100644 --- a/helm/alfresco-content-services/templates/secret-message-broker.yaml +++ b/helm/alfresco-content-services/templates/secret-message-broker.yaml @@ -8,7 +8,7 @@ metadata: type: Opaque data: {{- if .Values.activemq.enabled }} - BROKER_URL: {{ printf "failover:(nio://%s-broker:61616)?timeout=3000&jms.useCompression=true" (include "activemq.fullname" .) | b64enc | quote }} + BROKER_URL: {{ printf "failover:(nio://%s-broker:61616)?timeout=3000&jms.useCompression=true" (include "content-services.activemq.fullname" .) | b64enc | quote }} BROKER_USERNAME: {{ .Values.activemq.adminUser.user | b64enc | quote }} BROKER_PASSWORD: {{ .Values.activemq.adminUser.password | b64enc | quote }} {{- else }} From a889c885f457d12b900b271bb30da8541e9313bc Mon Sep 17 00:00:00 2001 From: Giovanni Toraldo Date: Wed, 1 Mar 2023 08:54:35 +0100 Subject: [PATCH 09/26] OPSEXP-1852 Migrate to new independent search enterprise chart (#897) --- .checkov/helm_vars.yaml | 6 +- docs/helm/examples/with-aws-services.md | 4 +- docs/helm/security.md | 4 +- docs/helm/upgrades.md | 21 +++- .../7.1.N_values.yaml | 2 +- .../7.2.N_values.yaml | 2 +- .../7.3.N_values.yaml | 2 +- helm/alfresco-content-services/Chart.yaml | 12 +- helm/alfresco-content-services/README.md | 33 +++--- .../Chart.yaml | 11 -- .../README.md | 79 ------------- .../README.md.gotmpl | 18 --- .../templates/_helpers-elasticsearch.tpl | 16 --- .../templates/_helpers.tpl | 51 -------- .../templates/liveindexing-config.yaml | 22 ---- .../templates/liveindexing-deployment.yaml | 73 ------------ .../templates/reindexing-config.yaml | 25 ---- .../templates/reindexing-job.yaml | 58 ---------- .../templates/secret-elasticsearch.yaml | 15 --- .../tests/liveindexing-deployment_test.yaml | 67 ----------- .../tests/reindexing_test.yaml | 57 --------- .../tests/secret-elasticsearch_test.yaml | 52 --------- .../tests/values/external.yaml | 15 --- .../values.yaml | 109 ------------------ .../templates/deployment-syncservice.yaml | 4 +- .../templates/_helpers-elasticsearch.tpl | 12 +- .../templates/config-repository.yaml | 4 +- .../templates/deployment-ai-transformer.yaml | 2 +- .../templates/deployment-imagemagick.yaml | 2 +- .../templates/deployment-libreoffice.yaml | 2 +- .../templates/deployment-pdfrenderer.yaml | 2 +- .../templates/deployment-repository.yaml | 8 +- .../templates/deployment-tika.yaml | 2 +- .../templates/deployment-transform-misc.yaml | 2 +- .../deployment-transform-router.yaml | 2 +- .../templates/secret-database.yaml | 2 +- .../templates/secret-message-broker.yaml | 2 +- .../tests/activemq_test.yaml | 2 +- .../tests/search_test.yaml | 2 +- helm/alfresco-content-services/values.yaml | 58 +++++----- updatecli.d/supported-matrix.yaml | 32 ++--- 41 files changed, 119 insertions(+), 775 deletions(-) delete mode 100644 helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/Chart.yaml delete mode 100644 helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/README.md delete mode 100644 helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/README.md.gotmpl delete mode 100644 helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/_helpers-elasticsearch.tpl delete mode 100644 helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/_helpers.tpl delete mode 100644 helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/liveindexing-config.yaml delete mode 100644 helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/liveindexing-deployment.yaml delete mode 100644 helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/reindexing-config.yaml delete mode 100644 helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/reindexing-job.yaml delete mode 100644 helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/secret-elasticsearch.yaml delete mode 100644 helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/tests/liveindexing-deployment_test.yaml delete mode 100644 helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/tests/reindexing_test.yaml delete mode 100644 helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/tests/secret-elasticsearch_test.yaml delete mode 100644 helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/tests/values/external.yaml delete mode 100644 helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/values.yaml diff --git a/.checkov/helm_vars.yaml b/.checkov/helm_vars.yaml index c5400afda..20cb7ef4e 100644 --- a/.checkov/helm_vars.yaml +++ b/.checkov/helm_vars.yaml @@ -1,4 +1,5 @@ --- +# General rule here is to skip charts dependencies for checkov analysis alfresco-search: alfresco-insight-zeppelin: insightzeppelin: @@ -6,9 +7,10 @@ alfresco-search: global: tracking: sharedsecret: dummy -alfresco-elasticsearch-connector: +alfresco-search-enterprise: enabled: true -# Do not render dependency charts for static analysis + elasticsearch: + enabled: false alfresco-digital-workspace: enabled: false alfresco-admin-app: diff --git a/docs/helm/examples/with-aws-services.md b/docs/helm/examples/with-aws-services.md index 4dd8fbbf0..bddbfe1bd 100644 --- a/docs/helm/examples/with-aws-services.md +++ b/docs/helm/examples/with-aws-services.md @@ -262,7 +262,7 @@ messageBroker: &acs_messageBroker password: YOUR-MQ-PASSWORD alfresco-search: enabled: false -alfresco-elasticsearch-connector: +alfresco-search-enterprise: enabled: true alfresco-sync-service: messageBroker: *acs_messageBroker @@ -326,7 +326,7 @@ helm -n alfresco install acs \ --set alfresco-sync-service.messageBroker.user="alfresco" \ --set alfresco-sync-service.messageBroker.password="YOUR-MQ-PASSWORD" \ --set alfresco-search.enabled=false \ - --set alfresco-elasticsearch-connector.enabled=true + --set alfresco-search-enterprise.enabled=true ``` > NOTE: Alternatively, Aurora MySQL can be used instead of PostgreSQL by diff --git a/docs/helm/security.md b/docs/helm/security.md index 95638169a..dad0f9509 100644 --- a/docs/helm/security.md +++ b/docs/helm/security.md @@ -48,7 +48,7 @@ Reference the autogenerated README.md in each chart to understand which secrets can be provided using existing Kubernetes Secrets: * [alfresco-content-services](../../helm/alfresco-content-services/README.md) -* [activemq](../../helm/alfresco-content-services/charts/activemq/README.md) -* [alfresco-elasticsearch-connector](../../helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/README.md) +* [activemq](https://github.com/Alfresco/alfresco-helm-charts/blob/main/charts/activemq/README.md) +* [alfresco-search-enterprise](https://github.com/Alfresco/alfresco-helm-charts/blob/main/charts/alfresco-search-enterprise/README.md) * [alfresco-search](../../helm/alfresco-content-services/charts/alfresco-search/README.md) * [alfresco-sync-service](../../helm/alfresco-content-services/charts/alfresco-sync-service/README.md) diff --git a/docs/helm/upgrades.md b/docs/helm/upgrades.md index d5b82f50c..4c060c70d 100644 --- a/docs/helm/upgrades.md +++ b/docs/helm/upgrades.md @@ -5,7 +5,26 @@ Our helm charts are continuously improved and sometimes arise the need to introd To get an overview of the changes in each release, first take a look at the release notes that are available via [GitHub Releases](https://github.com/Alfresco/acs-deployment/releases). -Here follows a more detailed explaination of any breaking change grouped by version in which they have been released. +Here follows a more detailed explanation of any breaking change grouped by version in which they have been released. + +## unreleased + +### Search Enterprise chart rename + +The previous `alfresco-elasticsearch-connector` subchart has been renamed to +`alfresco-search-enterprise` to better reflect the product name during the +migration to the new +[alfresco-helm-charts](https://github.com/Alfresco/alfresco-helm-charts) +repository. + +Accordingly to this chart rename, also the related values has been moved from +`.Values.alfresco-elasticsearch-connector` to +`.Values.alfresco-search-enterprise`. + +The elasticsearch dependency (from elastic.co) has been moved from the main +chart to the new alfresco-search-enterprise, thus the Values has been moved +from `.Values.elasticsearch` to +`.Values.alfresco-search-enterprise.elasticsearch` ## 5.4.0-M2 diff --git a/helm/alfresco-content-services/7.1.N_values.yaml b/helm/alfresco-content-services/7.1.N_values.yaml index a25f376fc..7ea77c9ea 100644 --- a/helm/alfresco-content-services/7.1.N_values.yaml +++ b/helm/alfresco-content-services/7.1.N_values.yaml @@ -32,7 +32,7 @@ share: alfresco-search: searchServicesImage: tag: 2.0.2.2 -alfresco-elasticsearch-connector: +alfresco-search-enterprise: liveIndexing: mediation: image: diff --git a/helm/alfresco-content-services/7.2.N_values.yaml b/helm/alfresco-content-services/7.2.N_values.yaml index afe158e39..121bf23cd 100644 --- a/helm/alfresco-content-services/7.2.N_values.yaml +++ b/helm/alfresco-content-services/7.2.N_values.yaml @@ -38,7 +38,7 @@ share: alfresco-search: searchServicesImage: tag: 2.0.4 -alfresco-elasticsearch-connector: +alfresco-search-enterprise: liveIndexing: mediation: image: diff --git a/helm/alfresco-content-services/7.3.N_values.yaml b/helm/alfresco-content-services/7.3.N_values.yaml index 2fcdf5d14..e49500a91 100644 --- a/helm/alfresco-content-services/7.3.N_values.yaml +++ b/helm/alfresco-content-services/7.3.N_values.yaml @@ -43,7 +43,7 @@ activemq: alfresco-search: searchServicesImage: tag: 2.0.5 -alfresco-elasticsearch-connector: +alfresco-search-enterprise: enabled: false liveIndexing: mediation: diff --git a/helm/alfresco-content-services/Chart.yaml b/helm/alfresco-content-services/Chart.yaml index a74435551..6fbf92985 100644 --- a/helm/alfresco-content-services/Chart.yaml +++ b/helm/alfresco-content-services/Chart.yaml @@ -50,14 +50,10 @@ dependencies: - name: alfresco-search version: 1.2.0-SNAPSHOT condition: alfresco-search.enabled - - name: alfresco-elasticsearch-connector - version: 0.3.0-SNAPSHOT - condition: alfresco-elasticsearch-connector.enabled + - name: alfresco-search-enterprise + version: 1.0.0 + repository: https://alfresco.github.io/alfresco-helm-charts/ + condition: alfresco-search-enterprise.enabled - name: alfresco-sync-service version: 3.2.0-SNAPSHOT - - name: elasticsearch - alias: elasticsearch - repository: https://helm.elastic.co - version: 7.10.1 - condition: elasticsearch.enabled icon: https://avatars0.githubusercontent.com/u/391127?s=200&v=4 diff --git a/helm/alfresco-content-services/README.md b/helm/alfresco-content-services/README.md index 74cf667c4..e7ab81098 100644 --- a/helm/alfresco-content-services/README.md +++ b/helm/alfresco-content-services/README.md @@ -16,14 +16,13 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | Repository | Name | Version | |------------|------|---------| -| | alfresco-elasticsearch-connector | 0.3.0-SNAPSHOT | | | alfresco-search | 1.2.0-SNAPSHOT | | | alfresco-sync-service | 3.2.0-SNAPSHOT | | https://activiti.github.io/activiti-cloud-helm-charts | alfresco-admin-app(common) | 7.7.0 | | https://activiti.github.io/activiti-cloud-helm-charts | alfresco-digital-workspace(common) | 7.7.0 | | https://alfresco.github.io/alfresco-helm-charts/ | activemq | 3.0.1 | | https://alfresco.github.io/alfresco-helm-charts/ | alfresco-common | 1.0.0 | -| https://helm.elastic.co | elasticsearch(elasticsearch) | 7.10.1 | +| https://alfresco.github.io/alfresco-helm-charts/ | alfresco-search-enterprise | 1.0.0 | | https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami/ | postgresql | 10.16.2 | | https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami/ | postgresql-syncservice(postgresql) | 10.16.2 | @@ -103,16 +102,14 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | alfresco-digital-workspace.securityContext.runAsNonRoot | bool | `true` | | | alfresco-digital-workspace.securityContext.runAsUser | int | `101` | | | alfresco-digital-workspace.service.envType | string | `"frontend"` | | -| alfresco-elasticsearch-connector.elasticsearch | object | `{"host":null,"password":null,"port":null,"protocol":null,"user":null}` | Overrides .Values.global.elasticsearch | -| alfresco-elasticsearch-connector.enabled | bool | `false` | | -| alfresco-elasticsearch-connector.messageBroker.existingSecretName | string | `nil` | | -| alfresco-elasticsearch-connector.messageBroker.password | string | `nil` | | -| alfresco-elasticsearch-connector.messageBroker.url | string | `nil` | | -| alfresco-elasticsearch-connector.messageBroker.user | string | `nil` | | -| alfresco-elasticsearch-connector.reindexing.enabled | bool | `true` | | -| alfresco-elasticsearch-connector.reindexing.postgresql.database | string | `"alfresco"` | | -| alfresco-elasticsearch-connector.reindexing.postgresql.hostname | string | `"postgresql-acs"` | | -| alfresco-elasticsearch-connector.reindexing.postgresql.url | string | `nil` | | +| alfresco-search-enterprise.elasticsearch.enabled | bool | `true` | Enables the embedded elasticsearch cluster | +| alfresco-search-enterprise.enabled | bool | `false` | | +| alfresco-search-enterprise.messageBroker.existingSecretName | string | `"acs-alfresco-cs-brokersecret"` | | +| alfresco-search-enterprise.reindexing.enabled | bool | `true` | | +| alfresco-search-enterprise.reindexing.postgresql.database | string | `"alfresco"` | | +| alfresco-search-enterprise.reindexing.postgresql.existingSecretName | string | `"acs-alfresco-cs-dbsecret"` | | +| alfresco-search-enterprise.reindexing.postgresql.hostname | string | `"postgresql-acs"` | | +| alfresco-search-enterprise.reindexing.postgresql.url | string | `nil` | | | alfresco-search.alfresco-insight-zeppelin.insightzeppelin.enabled | bool | `false` | | | alfresco-search.alfresco-insight-zeppelin.repository.host | string | `"alfresco-cs"` | | | alfresco-search.alfresco-insight-zeppelin.repository.port | int | `80` | | @@ -128,8 +125,9 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | alfresco-search.type | string | `"search-services"` | | | alfresco-sync-service.image.repository | string | `"quay.io/alfresco/service-sync"` | | | alfresco-sync-service.image.tag | string | `"3.8.0"` | | -| alfresco-sync-service.messageBroker.existingSecretName | string | `nil` | | +| alfresco-sync-service.messageBroker.existingSecretName | string | `nil` | Alternatively, provide credentials via an existing secret that contains BROKER_URL, BROKER_USERNAME and BROKER_PASSWORD keys | | alfresco-sync-service.messageBroker.password | string | `nil` | | +| alfresco-sync-service.messageBroker.secretName | string | `"acs-alfresco-cs-brokersecret"` | Name of the secret managed by this chart | | alfresco-sync-service.messageBroker.url | string | `nil` | | | alfresco-sync-service.messageBroker.user | string | `nil` | | | alfresco-sync-service.nodeSelector | object | `{}` | | @@ -139,10 +137,9 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | database.existingSecretName | string | `nil` | An existing secret that contains DATABASE_USERNAME and DATABASE_PASSWORD keys. When using embedded postgres you need to also set `postgresql.existingSecret`. | | database.external | bool | `false` | Enable using an external database for Alfresco Content Services. Must disable `postgresql.enabled` when true. | | database.password | string | `nil` | External Postgresql database password | +| database.secretName | string | `"acs-alfresco-cs-dbsecret"` | Name of the secret managed by this chart | | database.url | string | `nil` | External Postgresql jdbc url ex: `jdbc:postgresql://oldfashioned-mule-postgresql-acs:5432/alfresco` | | database.user | string | `nil` | External Postgresql database user | -| elasticsearch | object | `{"clusterHealthCheckParams":"wait_for_status=yellow&timeout=1s","enabled":false,"image":"docker.elastic.co/elasticsearch/elasticsearch-oss","replicas":1}` | Embedded ElasticSearch cluster powered by Bitnami charts | -| elasticsearch.enabled | bool | `false` | Enable the embedded ElasticSearch cluster | | email | object | `{"handler":{"folder":{"overwriteDuplicates":true}},"inbound":{"emailContributorsAuthority":"EMAIL_CONTRIBUTORS","enabled":false,"unknownUser":"anonymous"},"initContainers":{"pemToKeystore":{"image":{"pullPolicy":"IfNotPresent","repository":"registry.access.redhat.com/redhat-sso-7/sso71-openshift","tag":"1.1-16"}},"pemToTruststore":{"image":{"pullPolicy":"IfNotPresent","repository":"registry.access.redhat.com/redhat-sso-7/sso71-openshift","tag":"1.1-16"}},"setPerms":{"image":{"pullPolicy":"IfNotPresent","repository":"busybox","tag":"1.35.0"}}},"server":{"allowed":{"senders":".*"},"auth":{"enabled":true},"blocked":{"senders":null},"connections":{"max":3},"domain":null,"enableTLS":true,"enabled":false,"hideTLS":false,"port":1125,"requireTLS":false},"ssl":{"secretName":null}}` | For a full information of configuring the inbound email system, see https://docs.alfresco.com/content-services/latest/config/email/#manage-inbound-emails | | filestore | object | `{"environment":{"JAVA_OPTS":"-XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80","scheduler.cleanup.interval":"86400000","scheduler.content.age.millis":"86400000"},"image":{"internalPort":8099,"pullPolicy":"IfNotPresent","repository":"quay.io/alfresco/alfresco-shared-file-store","tag":"2.0.0"},"initContainer":{"image":{"pullPolicy":"IfNotPresent","repository":"busybox","tag":"1.35.0"},"resources":{"limits":{"cpu":"0.50","memory":"10Mi"}}},"livenessProbe":{"initialDelaySeconds":10,"livenessPercent":150,"livenessSavePeriodSeconds":600,"periodSeconds":20,"timeoutSeconds":10},"nodeSelector":{},"persistence":{"accessModes":["ReadWriteOnce"],"data":{"mountPath":"/tmp/Alfresco","subPath":"alfresco-content-services/filestore-data"},"enabled":true,"existingClaim":null,"storageClass":null},"podSecurityContext":{"fsGroup":1000,"runAsGroup":1000,"runAsUser":33030},"readinessProbe":{"initialDelaySeconds":20,"periodSeconds":60,"timeoutSeconds":10},"replicaCount":1,"resources":{"limits":{"cpu":"2","memory":"1000Mi"},"requests":{"cpu":"0.25","memory":"200Mi"}},"service":{"externalPort":80,"name":"filestore","type":"ClusterIP"}}` | Declares the alfresco-shared-file-store used by the content repository and transform service | | filestore.persistence.accessModes | list | `["ReadWriteOnce"]` | Specify a storageClass for dynamic provisioning | @@ -151,7 +148,7 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | filestore.persistence.storageClass | string | `nil` | Bind PVC based on storageClass (e.g. dynamic provisionning) | | global.ai | object | `{"enabled":false}` | Choose if you want AI capabilities (globally - including ADW AI plugin) | | global.alfrescoRegistryPullSecrets | string | `nil` | If a private image registry a secret can be defined and passed to kubernetes, see: https://github.com/Alfresco/acs-deployment/blob/a924ad6670911f64f1bba680682d266dd4ea27fb/docs/helm/eks-deployment.md#docker-registry-secret | -| global.elasticsearch | object | `{"host":"elasticsearch-master","password":null,"port":9200,"protocol":"http","user":null}` | Shared connections details for Elasticsearch/Opensearch, required when alfresco-elasticsearch-connector.enabled is true | +| global.elasticsearch | object | `{"host":"elasticsearch-master","password":null,"port":9200,"protocol":"http","user":null}` | Shared connections details for Elasticsearch/Opensearch, required when alfresco-search-enterprise.enabled is true | | global.elasticsearch.host | string | `"elasticsearch-master"` | The host where service is available. The provided default is for when elasticsearch.enabled is true | | global.elasticsearch.password | string | `nil` | The password required to access the service, if any | | global.elasticsearch.port | int | `9200` | The port where service is available | @@ -169,7 +166,9 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | mail.existingSecretName | string | `nil` | An existing kubernetes secret that contains MAIL_PASSWORD as per `mail.password` value | | mail.from.default | string | `nil` | Specifies the email address from which email notifications are sent | | mail.host | string | `nil` | SMTP(S) host server to enable delivery of site invitations, activity notifications and workflow tasks by email | -| messageBroker | object | `{"existingSecretName":null,"password":null,"url":null,"user":null}` | external activemq connection setting when activemq.enabled=false | +| messageBroker | object | `{"existingSecretName":null,"password":null,"secretName":"acs-alfresco-cs-brokersecret","url":null,"user":null}` | external activemq connection setting when activemq.enabled=false | +| messageBroker.existingSecretName | string | `nil` | Alternatively, provide credentials via an existing secret that contains BROKER_URL, BROKER_USERNAME and BROKER_PASSWORD keys | +| messageBroker.secretName | string | `"acs-alfresco-cs-brokersecret"` | Name of the secret managed by this chart | | metadataKeystore.defaultKeyPassword | string | `"oKIWzVdEdA"` | | | metadataKeystore.defaultKeystorePassword | string | `"mp6yc0UD9e"` | | | msTeams | object | `{"enabled":false}` | Enable/Disable Alfresco Content Connector for Microsoft Teams | diff --git a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/Chart.yaml b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/Chart.yaml deleted file mode 100644 index 4ea8ebdb4..000000000 --- a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/Chart.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -apiVersion: v2 -name: alfresco-elasticsearch-connector -description: A Helm chart for deploying Alfresco Elasticsearch connector -type: application -version: 0.3.0-SNAPSHOT -appVersion: 3.3.0-A9 -dependencies: - - name: alfresco-common - version: 1.0.0 - repository: https://alfresco.github.io/alfresco-helm-charts/ diff --git a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/README.md b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/README.md deleted file mode 100644 index c8945944b..000000000 --- a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/README.md +++ /dev/null @@ -1,79 +0,0 @@ -# alfresco-elasticsearch-connector - -![Version: 0.3.0-SNAPSHOT](https://img.shields.io/badge/Version-0.3.0--SNAPSHOT-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 3.3.0-A9](https://img.shields.io/badge/AppVersion-3.3.0--A9-informational?style=flat-square) - -A Helm chart for deploying Alfresco Elasticsearch connector - -Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/blob/master/docs/helm/README.md) for information on the Helm charts and deployment instructions. - -## Requirements - -| Repository | Name | Version | -|------------|------|---------| -| https://alfresco.github.io/alfresco-helm-charts/ | alfresco-common | 1.0.0 | - -## Values - -| Key | Type | Default | Description | -|-----|------|---------|-------------| -| affinity | object | `{}` | | -| contentMediaTypeCache.enabled | bool | `true` | | -| contentMediaTypeCache.refreshTime | string | `"0 0 * * * *"` | | -| elasticsearch | object | `{"existingSecretName":null,"host":null,"password":null,"port":null,"protocol":null,"user":null}` | Overrides .Values.global.elasticsearch | -| fullnameOverride | string | `""` | | -| global.alfrescoRegistryPullSecrets | string | `"quay-registry-secret"` | | -| global.elasticsearch | object | `{"existingSecretName":null,"host":null,"password":null,"port":null,"protocol":null,"user":null}` | Shared connections details for Elasticsearch/Opensearch | -| global.elasticsearch.existingSecretName | string | `nil` | An existing secret that contains ELASTICSEARCH_USERNAME and ELASTICSEARCH_PASSWORD keys | -| global.elasticsearch.host | string | `nil` | The host where service is available | -| global.elasticsearch.password | string | `nil` | The password required to access the service, if any | -| global.elasticsearch.port | string | `nil` | The port where service is available | -| global.elasticsearch.protocol | string | `nil` | Valid values are http or https | -| global.elasticsearch.user | string | `nil` | The username required to access the service, if any | -| imagePullSecrets | list | `[]` | | -| indexName | string | `"alfresco"` | | -| liveIndexing.content.image.pullPolicy | string | `"IfNotPresent"` | | -| liveIndexing.content.image.repository | string | `"quay.io/alfresco/alfresco-elasticsearch-live-indexing-content"` | | -| liveIndexing.content.image.tag | string | `"3.3.0-A9"` | | -| liveIndexing.content.replicaCount | int | `1` | | -| liveIndexing.mediation.image.pullPolicy | string | `"IfNotPresent"` | | -| liveIndexing.mediation.image.repository | string | `"quay.io/alfresco/alfresco-elasticsearch-live-indexing-mediation"` | | -| liveIndexing.mediation.image.tag | string | `"3.3.0-A9"` | | -| liveIndexing.metadata.image.pullPolicy | string | `"IfNotPresent"` | | -| liveIndexing.metadata.image.repository | string | `"quay.io/alfresco/alfresco-elasticsearch-live-indexing-metadata"` | | -| liveIndexing.metadata.image.tag | string | `"3.3.0-A9"` | | -| liveIndexing.metadata.replicaCount | int | `1` | | -| liveIndexing.path.image.pullPolicy | string | `"IfNotPresent"` | | -| liveIndexing.path.image.repository | string | `"quay.io/alfresco/alfresco-elasticsearch-live-indexing-path"` | | -| liveIndexing.path.image.tag | string | `"3.3.0-A9"` | | -| liveIndexing.path.replicaCount | int | `1` | | -| messageBroker.password | string | `nil` | Broker password | -| messageBroker.url | string | `nil` | Broker URL formatted as per: https://activemq.apache.org/failover-transport-reference | -| messageBroker.user | string | `nil` | Broker username | -| nameOverride | string | `""` | | -| nodeSelector | object | `{}` | | -| parentNameOverride | string | `""` | | -| pathIndexingComponent.enabled | bool | `true` | | -| podAnnotations | object | `{}` | | -| podSecurityContext | object | `{}` | | -| reindexing.enabled | bool | `true` | | -| reindexing.image.pullPolicy | string | `"IfNotPresent"` | | -| reindexing.image.repository | string | `"quay.io/alfresco/alfresco-elasticsearch-reindexing"` | | -| reindexing.image.tag | string | `"3.3.0-A9"` | | -| reindexing.initcontainers.waitForRepository.resources.limits.cpu | string | `"0.25"` | | -| reindexing.initcontainers.waitForRepository.resources.limits.memory | string | `"10Mi"` | | -| reindexing.pathIndexingEnabled | bool | `true` | | -| reindexing.postgresql.database | string | `"alfresco"` | | -| reindexing.postgresql.existingSecretName | string | `nil` | An existing secret that contains DATABASE_USERNAME and DATABASE_PASSWORD keys | -| reindexing.postgresql.hostname | string | `"postgresql-acs"` | | -| reindexing.postgresql.port | int | `5432` | | -| reindexing.postgresql.url | string | `nil` | | -| reindexing.resources.limits.cpu | string | `"2"` | | -| reindexing.resources.limits.memory | string | `"512Mi"` | | -| reindexing.resources.requests.cpu | string | `"0.5"` | | -| reindexing.resources.requests.memory | string | `"128Mi"` | | -| resources.limits.cpu | string | `"2"` | | -| resources.limits.memory | string | `"2048Mi"` | | -| resources.requests.cpu | string | `"0.5"` | | -| resources.requests.memory | string | `"256Mi"` | | -| securityContext | object | `{}` | | -| tolerations | list | `[]` | | diff --git a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/README.md.gotmpl b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/README.md.gotmpl deleted file mode 100644 index b301f3932..000000000 --- a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/README.md.gotmpl +++ /dev/null @@ -1,18 +0,0 @@ -{{ template "chart.header" . }} -{{ template "chart.deprecationWarning" . }} - -{{ template "chart.badgesSection" . }} - -{{ template "chart.description" . }} - -Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/blob/master/docs/helm/README.md) for information on the Helm charts and deployment instructions. - -{{ template "chart.homepageLine" . }} - -{{ template "chart.maintainersSection" . }} - -{{ template "chart.sourcesSection" . }} - -{{ template "chart.requirementsSection" . }} - -{{ template "chart.valuesSection" . }} diff --git a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/_helpers-elasticsearch.tpl b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/_helpers-elasticsearch.tpl deleted file mode 100644 index fb0d15744..000000000 --- a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/_helpers-elasticsearch.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{- define "spring.elasticsearch.config" -}} - SPRING_ELASTICSEARCH_REST_URIS: "{{ .Values.elasticsearch.protocol | default .Values.global.elasticsearch.protocol }}://{{ .Values.elasticsearch.host | default .Values.global.elasticsearch.host }}:{{ .Values.elasticsearch.port | default .Values.global.elasticsearch.port }}" -{{- end -}} - -{{- define "spring.elasticsearch.env.credentials" -}} -- name: SPRING_ELASTICSEARCH_REST_USERNAME - valueFrom: - secretKeyRef: - name: {{ default (printf "%s-elasticsearch-secret" (include "alfresco-elasticsearch-connector.fullName" $)) $.Values.global.elasticsearch.existingSecretName }} - key: ELASTICSEARCH_USERNAME -- name: SPRING_ELASTICSEARCH_REST_PASSWORD - valueFrom: - secretKeyRef: - name: {{ default (printf "%s-elasticsearch-secret" (include "alfresco-elasticsearch-connector.fullName" $)) $.Values.global.elasticsearch.existingSecretName }} - key: ELASTICSEARCH_PASSWORD -{{- end -}} diff --git a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/_helpers.tpl b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/_helpers.tpl deleted file mode 100644 index af11d3f00..000000000 --- a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/_helpers.tpl +++ /dev/null @@ -1,51 +0,0 @@ -{{/* -Expand the name of the chart. -*/}} -{{- define "alfresco-elasticsearch-connector.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "alfresco-elasticsearch-connector.fullName" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "alfresco-elasticsearch-connector.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "alfresco-elasticsearch-connector.labels" -}} -helm.sh/chart: {{ include "alfresco-elasticsearch-connector.chart" . }} -{{ include "alfresco-elasticsearch-connector.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "alfresco-elasticsearch-connector.selectorLabels" -}} -app.kubernetes.io/name: {{ include "alfresco-elasticsearch-connector.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} diff --git a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/liveindexing-config.yaml b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/liveindexing-config.yaml deleted file mode 100644 index e157481c7..000000000 --- a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/liveindexing-config.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "alfresco-elasticsearch-connector.fullName" . }}-configmap - labels: - heritage: {{ .Release.Service }} - release: {{ .Release.Name }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - component: search -data: - ELASTICSEARCH_INDEXNAME: "{{ .Values.indexName }}" - {{ template "spring.elasticsearch.config" . }} - ALFRESCO_SHAREDFILESTORE_BASEURL: http://{{ template "alfresco.shortname" . }}-filestore:80/alfresco/api/-default-/private/sfs/versions/1/file/ - ALFRESCO_ACCEPTEDCONTENTMEDIATYPESCACHE_BASEURL: http://{{ template "alfresco.shortname" . }}-router/transform/config - ALFRESCO_ACCEPTEDCONTENTMEDIATYPESCACHE_REFRESHTIME: "{{ .Values.contentMediaTypeCache.refreshTime }}" - ALFRESCO_ACCEPTEDCONTENTMEDIATYPESCACHE_ENABLED: "{{ .Values.contentMediaTypeCache.enabled }}" - ALFRESCO_PATHINDEXINGCOMPONENT_ENABLED: "{{ .Values.pathIndexingComponent.enabled }}" - {{- if .Values.liveIndexing.environment }} - {{- range $key, $val := .Values.liveIndexing.environment }} - {{ $key }}: {{ $val | quote }} - {{- end }} - {{- end }} diff --git a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/liveindexing-deployment.yaml b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/liveindexing-deployment.yaml deleted file mode 100644 index 585e51366..000000000 --- a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/liveindexing-deployment.yaml +++ /dev/null @@ -1,73 +0,0 @@ -{{- range $serviceName, $service := .Values.liveIndexing }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "alfresco-elasticsearch-connector.fullName" $ }}-{{ $serviceName }} - labels: - {{- include "alfresco-elasticsearch-connector.labels" $ | nindent 4 }} -spec: - {{- if eq $serviceName "mediation"}} - replicas: 1 - {{- else }} - replicas: {{ $service.replicaCount | default 1 }} - {{- end }} - selector: - matchLabels: - {{- include "alfresco-elasticsearch-connector.selectorLabels" $ | nindent 6 }} - template: - metadata: - annotations: - checksum/secret-elasticsearch: {{ include (print $.Template.BasePath "/secret-elasticsearch.yaml") $ | sha256sum }} - {{- with $.Values.podAnnotations }} - {{- toYaml $ | nindent 8 }} - {{- end }} - labels: - {{- include "alfresco-elasticsearch-connector.selectorLabels" $ | nindent 8 }} - spec: - {{- include "component-pod-security-context" .Values | indent 4 }} - {{- include "alfresco-content-services.imagePullSecrets" $ | indent 6 }} - containers: - - name: {{ $.Chart.Name }}-{{ $serviceName }} - image: "{{ index $.Values "liveIndexing" (printf "%s" $serviceName) "image" "repository" }}:\ - {{ index $.Values "liveIndexing" (printf "%s" $serviceName) "image" "tag" }}" - imagePullPolicy: {{ index $.Values "liveIndexing" (printf "%s" $serviceName) "image" "pullPolicy" }} - {{- include "component-security-context" .Values | indent 8 }} - envFrom: - - configMapRef: - name: {{ template "alfresco-elasticsearch-connector.fullName" $ }}-configmap - - secretRef: - name: {{ default (printf "%s-brokersecret" (include "content-services.shortname" $)) $.Values.messageBroker.existingSecretName }} - env: - {{- include "spring.activemq.env" . | nindent 12 }} - {{- include "spring.elasticsearch.env.credentials" $ | nindent 12 }} - ports: - - name: http - containerPort: 8080 - protocol: TCP - livenessProbe: - initialDelaySeconds: 300 - timeoutSeconds: 60 - httpGet: - path: /actuator/health - port: http - readinessProbe: - initialDelaySeconds: 60 - timeoutSeconds: 60 - httpGet: - path: /actuator/health - port: http - resources: {{- toYaml $.Values.resources | nindent 12 }} - {{- with $.Values.nodeSelector }} - nodeSelector: - {{- toYaml $ | nindent 8 }} - {{- end }} - {{- with $.Values.affinity }} - affinity: - {{- toYaml $ | nindent 8 }} - {{- end }} - {{- with $.Values.tolerations }} - tolerations: - {{- toYaml $ | nindent 8 }} - {{- end }} ---- -{{- end }} diff --git a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/reindexing-config.yaml b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/reindexing-config.yaml deleted file mode 100644 index 439cd9853..000000000 --- a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/reindexing-config.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "alfresco-elasticsearch-connector.fullName" . }}-reindexing-configmap - labels: - heritage: {{ .Release.Service }} - release: {{ .Release.Name }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - component: search -data: - ELASTICSEARCH_INDEXNAME: "{{ .Values.indexName }}" - {{ template "spring.elasticsearch.config" . }} - ALFRESCO_SHAREDFILESTORE_BASEURL: http://{{ template "alfresco.shortname" . }}-filestore:80/alfresco/api/-default-/private/sfs/versions/1/file/ - ALFRESCO_ACCEPTEDCONTENTMEDIATYPESCACHE_BASEURL: http://{{ template "alfresco.shortname" . }}-router/transform/config - ALFRESCO_REINDEX_PATHINDEXINGENABLED: {{ .Values.reindexing.pathIndexingEnabled | quote }} - {{- if .Values.reindexing.postgresql.url }} - SPRING_DATASOURCE_URL: {{ .Values.reindexing.postgresql.url }} - {{- else }} - SPRING_DATASOURCE_URL: jdbc:postgresql://{{ .Release.Name }}-{{ .Values.reindexing.postgresql.hostname }}:{{ .Values.reindexing.postgresql.port | default 5432 }}/{{ .Values.reindexing.postgresql.database }} - {{- end }} - {{- if .Values.reindexing.environment }} - {{- range $key, $val := .Values.reindexing.environment }} - {{ $key }}: {{ $val | quote }} - {{- end }} - {{- end }} diff --git a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/reindexing-job.yaml b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/reindexing-job.yaml deleted file mode 100644 index 6c71df393..000000000 --- a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/reindexing-job.yaml +++ /dev/null @@ -1,58 +0,0 @@ -{{- if .Values.reindexing.enabled }} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "alfresco-elasticsearch-connector.fullName" . }}-reindexing -spec: - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "alfresco-elasticsearch-connector.selectorLabels" . | nindent 8 }} - spec: - {{- include "component-pod-security-context" .Values | indent 4 }} - {{- include "alfresco-content-services.imagePullSecrets" . | indent 6 }} - restartPolicy: Never - containers: - - name: {{ .Chart.Name }}-reindexing - image: "{{ .Values.reindexing.image.repository }}:{{ .Values.reindexing.image.tag }}" - imagePullPolicy: {{ .Values.reindexing.image.pullPolicy }} - {{- include "component-security-context" .Values | indent 8 }} - resources: {{- toYaml .Values.reindexing.resources | nindent 12 }} - envFrom: - - configMapRef: - name: {{ template "alfresco-elasticsearch-connector.fullName" . }}-reindexing-configmap - - secretRef: - name: {{ default (printf "%s-brokersecret" (include "content-services.shortname" .)) .Values.messageBroker.existingSecretName }} - env: - - name: SPRING_DATASOURCE_PASSWORD - valueFrom: - secretKeyRef: - name: {{ default (printf "%s-dbsecret" (include "content-services.shortname" $)) $.Values.reindexing.postgresql.existingSecretName }} - key: DATABASE_PASSWORD - - name: SPRING_DATASOURCE_USERNAME - valueFrom: - secretKeyRef: - name: {{ default (printf "%s-dbsecret" (include "content-services.shortname" $)) $.Values.reindexing.postgresql.existingSecretName }} - key: DATABASE_USERNAME - {{- include "spring.activemq.env" . | nindent 12 }} - {{- include "spring.elasticsearch.env.credentials" $ | nindent 12 }} - ports: - - name: http - containerPort: 8080 - protocol: TCP - initContainers: - - name: wait-for-repository - image: curlimages/curl:7.79.1 - {{- include "component-security-context" .Values | indent 8 }} - resources: {{- toYaml .Values.reindexing.initcontainers.waitForRepository.resources | nindent 12 }} - env: - - name: ALFRESCO_REPOSITORY_URL - value: http://{{ template "content-services.shortname" . }}-repository/alfresco/api/-default-/public/alfresco/versions/1/probes/-ready- - command: [ "/bin/sh","-c" ] - # Delay running the reindexing to give Alfresco Repository a chance to fully initialise - args: [ "while [ $(curl -sw '%{http_code}' $ALFRESCO_REPOSITORY_URL -o /dev/null) -ne 200 ]; do sleep 5; echo 'Waiting for the Alfresco Repository...'; done; echo 'Alfresco is ready, delay reindexing to give a chance to fully initialise.'; sleep 30; echo 'Reindexing started!'" ] -{{ end }} diff --git a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/secret-elasticsearch.yaml b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/secret-elasticsearch.yaml deleted file mode 100644 index 5e9ec6185..000000000 --- a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/templates/secret-elasticsearch.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if and (not .Values.global.elasticsearch.existingSecretName) (not .Values.elasticsearch.existingSecretName) }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ template "alfresco-elasticsearch-connector.fullName" . }}-elasticsearch-secret - labels: - heritage: {{ .Release.Service }} - release: {{ .Release.Name }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - component: search -type: Opaque -data: - ELASTICSEARCH_USERNAME: {{ .Values.elasticsearch.user | default .Values.global.elasticsearch.user | default "" | b64enc | quote }} - ELASTICSEARCH_PASSWORD: {{ .Values.elasticsearch.password | default .Values.global.elasticsearch.password | default "" | b64enc | quote }} -{{- end }} diff --git a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/tests/liveindexing-deployment_test.yaml b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/tests/liveindexing-deployment_test.yaml deleted file mode 100644 index 4e6786714..000000000 --- a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/tests/liveindexing-deployment_test.yaml +++ /dev/null @@ -1,67 +0,0 @@ ---- -suite: test liveindexing template rendering -templates: - - liveindexing-config.yaml - - liveindexing-deployment.yaml -tests: - - it: | - Render elasticsearch Liveindexing configmap, - using global config to ensure it overrides default values. - values: &testvalues - - ../../../tests/values/test_values.yaml - set: - global: - elasticsearch: - host: someglobally.used.host - user: admin - protocol: https - port: 1443 - asserts: - - equal: - path: data.SPRING_ELASTICSEARCH_REST_URIS - value: https://someglobally.used.host:1443 - template: liveindexing-config.yaml - - - it: | - Render elasticsearch Liveindexing configmap, - using config provided in elasticsearch context to ensure it takes - precedence over any global parameter. - values: - - ../../../tests/values/test_values.yaml - - values/external.yaml - set: - global: - elasticsearch: - host: someglobally.used.host - user: wronguser - asserts: - - equal: - path: data.SPRING_ELASTICSEARCH_REST_URIS - value: https://some.es.instance.somwhere.on.the.cloud:443 - template: liveindexing-config.yaml - - - it: should have env vars for elasticsearch credentials - values: *testvalues - asserts: - - equal: - path: spec.template.spec.containers[0].env[3].name - value: SPRING_ELASTICSEARCH_REST_USERNAME - template: liveindexing-deployment.yaml - - equal: - path: spec.template.spec.containers[0].env[4].name - value: SPRING_ELASTICSEARCH_REST_PASSWORD - template: liveindexing-deployment.yaml - - - it: should render cpu and memory limits - values: *testvalues - asserts: - - equal: - path: spec.template.spec.containers[0].resources - value: - requests: - cpu: "0.5" - memory: "256Mi" - limits: - cpu: "2" - memory: "2048Mi" - template: liveindexing-deployment.yaml diff --git a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/tests/reindexing_test.yaml b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/tests/reindexing_test.yaml deleted file mode 100644 index 6aa04ff32..000000000 --- a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/tests/reindexing_test.yaml +++ /dev/null @@ -1,57 +0,0 @@ ---- -suite: test reindexing job manifest -templates: - - reindexing-job.yaml -tests: - - it: should have env vars for spring database credentials referencing the main chart secret - values: &testvalues - - ../../../tests/values/test_values.yaml - asserts: - - equal: - path: spec.template.spec.containers[0].env[0].name - value: SPRING_DATASOURCE_PASSWORD - - equal: - path: spec.template.spec.containers[0].env[1].name - value: SPRING_DATASOURCE_USERNAME - - equal: - path: spec.template.spec.containers[0].env[0].valueFrom.secretKeyRef.name - value: RELEASE-NAME-alfresco-cs-dbsecret - - equal: - path: spec.template.spec.containers[0].env[1].valueFrom.secretKeyRef.name - value: RELEASE-NAME-alfresco-cs-dbsecret - - - it: should have overridden secret for spring database credentials when existingSecretName is set - values: *testvalues - set: - reindexing.postgresql.existingSecretName: my-custom-secret - asserts: - - equal: - path: spec.template.spec.containers[0].env[0].valueFrom.secretKeyRef.name - value: my-custom-secret - - equal: - path: spec.template.spec.containers[0].env[1].valueFrom.secretKeyRef.name - value: my-custom-secret - - - it: should have env vars for elasticsearch credentials - values: *testvalues - asserts: - - equal: - path: spec.template.spec.containers[0].env[5].name - value: SPRING_ELASTICSEARCH_REST_USERNAME - - equal: - path: spec.template.spec.containers[0].env[5].valueFrom.secretKeyRef.name - value: RELEASE-NAME-alfresco-elasticsearch-connector-elasticsearch-secret - - equal: - path: spec.template.spec.containers[0].env[6].name - value: SPRING_ELASTICSEARCH_REST_PASSWORD - - equal: - path: spec.template.spec.containers[0].env[6].valueFrom.secretKeyRef.name - value: RELEASE-NAME-alfresco-elasticsearch-connector-elasticsearch-secret - - - it: should not be present when disabled - values: *testvalues - set: - reindexing.enabled: false - asserts: - - hasDocuments: - count: 0 diff --git a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/tests/secret-elasticsearch_test.yaml b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/tests/secret-elasticsearch_test.yaml deleted file mode 100644 index 0215fb063..000000000 --- a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/tests/secret-elasticsearch_test.yaml +++ /dev/null @@ -1,52 +0,0 @@ ---- -suite: test es credentials secret manifest -templates: - - secret-elasticsearch.yaml -tests: - - it: should have empty credentials as default - values: &testvalues - - ../../../tests/values/test_values.yaml - set: - global: - elasticsearch: - user: null - password: null - asserts: - - isEmpty: - path: data.ELASTICSEARCH_USERNAME - - isEmpty: - path: data.ELASTICSEARCH_PASSWORD - - - it: should have credentials populated when global credentials are set - values: *testvalues - set: - global: - elasticsearch: - user: admin - password: letmein - asserts: - - equal: - path: data.ELASTICSEARCH_USERNAME - value: YWRtaW4= - - equal: - path: data.ELASTICSEARCH_PASSWORD - value: bGV0bWVpbg== - - - it: should not have a secret when global existingSecretName is set - values: *testvalues - set: - global: - elasticsearch: - existingSecretName: whatever - asserts: - - hasDocuments: - count: 0 - - - it: should not have a secret when override existingSecretName is set - values: *testvalues - set: - elasticsearch: - existingSecretName: whatever - asserts: - - hasDocuments: - count: 0 diff --git a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/tests/values/external.yaml b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/tests/values/external.yaml deleted file mode 100644 index 3e9376fbd..000000000 --- a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/tests/values/external.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -elasticsearch: - host: some.es.instance.somwhere.on.the.cloud - port: 443 - protocol: https - user: alfresco - password: dummy -messageBroker: - url: >- - failover:(ssl://somebroker.somewhere.on.the.cloud:61617) - user: alfresco - password: dummy - postgresql: - url: >- - jdbc:postgresql://somepg.somewhere.on.the.cloud/postgres diff --git a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/values.yaml b/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/values.yaml deleted file mode 100644 index 9f4cfffa4..000000000 --- a/helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/values.yaml +++ /dev/null @@ -1,109 +0,0 @@ -imagePullSecrets: [] -nameOverride: "" -fullnameOverride: "" -parentNameOverride: "" -# Common deployment values -podAnnotations: {} -podSecurityContext: {} -securityContext: {} -nodeSelector: {} -tolerations: [] -affinity: {} -resources: - requests: - cpu: "0.5" - memory: "256Mi" - limits: - cpu: "2" - memory: "2048Mi" -# Connector properties -indexName: alfresco -pathIndexingComponent: - enabled: true -contentMediaTypeCache: - enabled: true - refreshTime: 0 0 * * * * -liveIndexing: - mediation: - image: - repository: >- - quay.io/alfresco/alfresco-elasticsearch-live-indexing-mediation - tag: 3.3.0-A9 - pullPolicy: IfNotPresent - content: - image: - repository: quay.io/alfresco/alfresco-elasticsearch-live-indexing-content - tag: 3.3.0-A9 - pullPolicy: IfNotPresent - replicaCount: 1 - metadata: - image: - repository: quay.io/alfresco/alfresco-elasticsearch-live-indexing-metadata - tag: 3.3.0-A9 - pullPolicy: IfNotPresent - replicaCount: 1 - path: - image: - repository: quay.io/alfresco/alfresco-elasticsearch-live-indexing-path - tag: 3.3.0-A9 - pullPolicy: IfNotPresent - replicaCount: 1 -reindexing: - enabled: true - image: - repository: quay.io/alfresco/alfresco-elasticsearch-reindexing - tag: 3.3.0-A9 - pullPolicy: IfNotPresent - pathIndexingEnabled: true - postgresql: - url: - hostname: postgresql-acs - database: alfresco - port: 5432 - # -- An existing secret that contains DATABASE_USERNAME and DATABASE_PASSWORD keys - existingSecretName: - resources: - requests: - cpu: "0.5" - memory: "128Mi" - limits: - cpu: "2" - memory: "512Mi" - initcontainers: - waitForRepository: - resources: - limits: - cpu: "0.25" - memory: "10Mi" -# -- Overrides .Values.global.elasticsearch -elasticsearch: - host: null - port: null - protocol: null - user: null - password: null - existingSecretName: -messageBroker: - # -- Broker URL formatted as per: - # https://activemq.apache.org/failover-transport-reference - url: null - # -- Broker username - user: null - # -- Broker password - password: null -global: - alfrescoRegistryPullSecrets: quay-registry-secret - # -- Shared connections details for Elasticsearch/Opensearch - elasticsearch: - # -- The host where service is available - host: null - # -- The port where service is available - port: null - # -- Valid values are http or https - protocol: null - # -- The username required to access the service, if any - user: null - # -- The password required to access the service, if any - password: null - # -- An existing secret that contains ELASTICSEARCH_USERNAME and ELASTICSEARCH_PASSWORD keys - existingSecretName: diff --git a/helm/alfresco-content-services/charts/alfresco-sync-service/templates/deployment-syncservice.yaml b/helm/alfresco-content-services/charts/alfresco-sync-service/templates/deployment-syncservice.yaml index 99170deb2..e1e686bd0 100755 --- a/helm/alfresco-content-services/charts/alfresco-sync-service/templates/deployment-syncservice.yaml +++ b/helm/alfresco-content-services/charts/alfresco-sync-service/templates/deployment-syncservice.yaml @@ -45,7 +45,7 @@ spec: - configMapRef: name: {{ template "syncservice.fullname" . }}-configmap - secretRef: - name: {{ default (printf "%s-brokersecret" (include "content-services.shortname" .)) .Values.messageBroker.existingSecretName }} + name: {{ .Values.messageBroker.existingSecretName | default .Values.messageBroker.secretName }} args: - -c - echo "Checking for ActiveMQ broker availability"; @@ -83,7 +83,7 @@ spec: - configMapRef: name: {{ template "syncservice.fullname" . }}-configmap - secretRef: - name: {{ default (printf "%s-brokersecret" (include "content-services.shortname" .)) .Values.messageBroker.existingSecretName }} + name: {{ .Values.messageBroker.existingSecretName | default .Values.messageBroker.secretName }} ports: - name: serviceport containerPort: 9090 diff --git a/helm/alfresco-content-services/templates/_helpers-elasticsearch.tpl b/helm/alfresco-content-services/templates/_helpers-elasticsearch.tpl index 24487698f..8e6009a2e 100644 --- a/helm/alfresco-content-services/templates/_helpers-elasticsearch.tpl +++ b/helm/alfresco-content-services/templates/_helpers-elasticsearch.tpl @@ -1,12 +1,12 @@ {{- define "repo.elasticsearch.config" -}} -Dindex.subsystem.name=elasticsearch -{{- if eq (index .Values "alfresco-elasticsearch-connector" "elasticsearch" "protocol" | default .Values.global.elasticsearch.protocol) "https" }} +{{- if eq (index .Values "alfresco-search-enterprise" "elasticsearch" "protocol" | default .Values.global.elasticsearch.protocol) "https" }} -Delasticsearch.secureComms=https {{- end }} --Delasticsearch.host={{ index .Values "alfresco-elasticsearch-connector" "elasticsearch" "host" | default .Values.global.elasticsearch.host }} --Delasticsearch.port={{ index .Values "alfresco-elasticsearch-connector" "elasticsearch" "port" | default .Values.global.elasticsearch.port }} --Delasticsearch.user={{ index .Values "alfresco-elasticsearch-connector" "elasticsearch" "user" | default .Values.global.elasticsearch.user }} --Delasticsearch.password={{ index .Values "alfresco-elasticsearch-connector" "elasticsearch" "password" | default .Values.global.elasticsearch.password }} +-Delasticsearch.host={{ index .Values "alfresco-search-enterprise" "elasticsearch" "host" | default .Values.global.elasticsearch.host }} +-Delasticsearch.port={{ index .Values "alfresco-search-enterprise" "elasticsearch" "port" | default .Values.global.elasticsearch.port }} +-Delasticsearch.user={{ index .Values "alfresco-search-enterprise" "elasticsearch" "user" | default .Values.global.elasticsearch.user }} +-Delasticsearch.password={{ index .Values "alfresco-search-enterprise" "elasticsearch" "password" | default .Values.global.elasticsearch.password }} -Delasticsearch.createIndexIfNotExists=true --Delasticsearch.indexName={{ index .Values "alfresco-elasticsearch-connector" "indexName" }} +-Delasticsearch.indexName={{ index .Values "alfresco-search-enterprise" "indexName" }} {{- end -}} diff --git a/helm/alfresco-content-services/templates/config-repository.yaml b/helm/alfresco-content-services/templates/config-repository.yaml index 135ced8db..31b1333db 100644 --- a/helm/alfresco-content-services/templates/config-repository.yaml +++ b/helm/alfresco-content-services/templates/config-repository.yaml @@ -30,7 +30,7 @@ data: -Dshare.protocol={{ tpl (.Values.externalProtocol | default "http") $ }} -Dshare.host={{ tpl (.Values.externalHost | default (printf "%s-share" (include "content-services.shortname" .))) $ }} -Dshare.port={{ tpl (.Values.externalPort | default .Values.share.service.externalPort | toString) $ }} - {{- if and (not (index .Values "alfresco-search" "enabled")) (not (index .Values "alfresco-elasticsearch-connector" "enabled")) (not (index .Values "alfresco-search" "external" "host")) }} + {{- if and (not (index .Values "alfresco-search" "enabled")) (not (index .Values "alfresco-search-enterprise" "enabled")) (not (index .Values "alfresco-search" "external" "host")) }} -Dindex.subsystem.name=none {{- else if or (index .Values "alfresco-search" "enabled") (index .Values "alfresco-search" "external" "host") }} -Dindex.subsystem.name=solr6 @@ -38,7 +38,7 @@ data: -Dsolr.host={{ template "alfresco-search.host" . }} -Dsolr.port={{ template "alfresco-search.port" . }} -Dsolr.secureComms={{ .Values.global.tracking.auth | default "secret" }} - {{- else if index .Values "alfresco-elasticsearch-connector" "enabled" }} + {{- else if index .Values "alfresco-search-enterprise" "enabled" }} {{- include "repo.elasticsearch.config" . | nindent 6 }} {{- end }} {{- if eq .Values.repository.edition "Enterprise" }} diff --git a/helm/alfresco-content-services/templates/deployment-ai-transformer.yaml b/helm/alfresco-content-services/templates/deployment-ai-transformer.yaml index 3467cb9c3..fa947f4c3 100644 --- a/helm/alfresco-content-services/templates/deployment-ai-transformer.yaml +++ b/helm/alfresco-content-services/templates/deployment-ai-transformer.yaml @@ -59,7 +59,7 @@ spec: # config map to use, defined in config-ai-transformer.yaml name: {{ template "content-services.shortname" . }}-ai-transformer-configmap - secretRef: - name: {{ default (printf "%s-brokersecret" (include "content-services.shortname" .)) .Values.messageBroker.existingSecretName }} + name: {{ .Values.messageBroker.existingSecretName | default .Values.messageBroker.secretName }} env: {{- include "activemq.env" . | nindent 12 }} ports: diff --git a/helm/alfresco-content-services/templates/deployment-imagemagick.yaml b/helm/alfresco-content-services/templates/deployment-imagemagick.yaml index 0d4cc820e..68045ed71 100644 --- a/helm/alfresco-content-services/templates/deployment-imagemagick.yaml +++ b/helm/alfresco-content-services/templates/deployment-imagemagick.yaml @@ -58,7 +58,7 @@ spec: # config map to use, defined in config-imagemagick.yaml name: {{ template "content-services.shortname" . }}-imagemagick-configmap - secretRef: - name: {{ default (printf "%s-brokersecret" (include "content-services.shortname" .)) .Values.messageBroker.existingSecretName }} + name: {{ .Values.messageBroker.existingSecretName | default .Values.messageBroker.secretName }} env: {{- include "activemq.env" . | nindent 12 }} ports: diff --git a/helm/alfresco-content-services/templates/deployment-libreoffice.yaml b/helm/alfresco-content-services/templates/deployment-libreoffice.yaml index df8ee6c70..da15581d3 100644 --- a/helm/alfresco-content-services/templates/deployment-libreoffice.yaml +++ b/helm/alfresco-content-services/templates/deployment-libreoffice.yaml @@ -59,7 +59,7 @@ spec: # config map to use, defined in config-libreoffice.yaml name: {{ template "content-services.shortname" . }}-libreoffice-configmap - secretRef: - name: {{ default (printf "%s-brokersecret" (include "content-services.shortname" .)) .Values.messageBroker.existingSecretName }} + name: {{ .Values.messageBroker.existingSecretName | default .Values.messageBroker.secretName }} env: {{- include "activemq.env" . | nindent 12 }} ports: diff --git a/helm/alfresco-content-services/templates/deployment-pdfrenderer.yaml b/helm/alfresco-content-services/templates/deployment-pdfrenderer.yaml index d6bc5f869..d36a0936b 100644 --- a/helm/alfresco-content-services/templates/deployment-pdfrenderer.yaml +++ b/helm/alfresco-content-services/templates/deployment-pdfrenderer.yaml @@ -58,7 +58,7 @@ spec: # config map to use, defined in config-pdfrenderer.yaml name: {{ template "content-services.shortname" . }}-pdfrenderer-configmap - secretRef: - name: {{ default (printf "%s-brokersecret" (include "content-services.shortname" .)) .Values.messageBroker.existingSecretName }} + name: {{ .Values.messageBroker.existingSecretName | default .Values.messageBroker.secretName }} env: {{- include "activemq.env" . | nindent 12 }} ports: diff --git a/helm/alfresco-content-services/templates/deployment-repository.yaml b/helm/alfresco-content-services/templates/deployment-repository.yaml index 23b9dc143..d95be2706 100644 --- a/helm/alfresco-content-services/templates/deployment-repository.yaml +++ b/helm/alfresco-content-services/templates/deployment-repository.yaml @@ -46,7 +46,7 @@ spec: {{- include "component-security-context" .Values.repository | indent 8 }} envFrom: - secretRef: - name: {{ default (printf "%s-dbsecret" (include "content-services.shortname" $)) $.Values.postgresql.existingSecretName }} + name: {{ .Values.database.existingSecretName | default .Values.database.secretName }} {{- if .Values.s3connector.enabled }} - secretRef: name: {{ default (printf "%s-s3secret" (include "content-services.shortname" .)) .Values.s3connector.existingSecretName }} @@ -58,7 +58,7 @@ spec: - secretRef: name: {{ template "content-services.shortname" . }}-metadata-keystore-secret - secretRef: - name: {{ default (printf "%s-brokersecret" (include "content-services.shortname" .)) .Values.messageBroker.existingSecretName }} + name: {{ .Values.messageBroker.existingSecretName | default .Values.messageBroker.secretName }} - secretRef: name: {{ default (printf "%s-repository-secret" (include "content-services.shortname" .)) .Values.repository.existingSecretName }} - configMapRef: @@ -75,7 +75,7 @@ spec: {{- end }} resources: {{- toYaml .Values.repository.resources | nindent 12 }} volumeMounts: - {{- if eq .Values.global.tracking.auth "secret" }} + {{- if and (index .Values "alfresco-search" "enabled") (eq .Values.global.tracking.auth "secret") }} - name: repository-properties mountPath: /usr/local/tomcat/shared/classes/alfresco-global.properties subPath: alfresco-global.properties @@ -190,7 +190,7 @@ spec: {{- end }} volumes: {{- include "data_volume" .Values.repository | nindent 8 }} - {{- if eq .Values.global.tracking.auth "secret" }} + {{- if and (index .Values "alfresco-search" "enabled") (eq .Values.global.tracking.auth "secret") }} - name: repository-properties secret: secretName: {{ template "alfresco.shortname" . }}-repository-properties-secret diff --git a/helm/alfresco-content-services/templates/deployment-tika.yaml b/helm/alfresco-content-services/templates/deployment-tika.yaml index 5cc030b23..d396fbc01 100644 --- a/helm/alfresco-content-services/templates/deployment-tika.yaml +++ b/helm/alfresco-content-services/templates/deployment-tika.yaml @@ -58,7 +58,7 @@ spec: # config map to use, defined in config-tika.yaml name: {{ template "content-services.shortname" . }}-tika-configmap - secretRef: - name: {{ default (printf "%s-brokersecret" (include "content-services.shortname" .)) .Values.messageBroker.existingSecretName }} + name: {{ .Values.messageBroker.existingSecretName | default .Values.messageBroker.secretName }} env: {{- include "activemq.env" . | nindent 12 }} ports: diff --git a/helm/alfresco-content-services/templates/deployment-transform-misc.yaml b/helm/alfresco-content-services/templates/deployment-transform-misc.yaml index 82e17794d..5b8bb9698 100644 --- a/helm/alfresco-content-services/templates/deployment-transform-misc.yaml +++ b/helm/alfresco-content-services/templates/deployment-transform-misc.yaml @@ -59,7 +59,7 @@ spec: # config map to use, defined in config-transformmisc.yaml name: {{ template "content-services.shortname" . }}-transform-misc-configmap - secretRef: - name: {{ default (printf "%s-brokersecret" (include "content-services.shortname" .)) .Values.messageBroker.existingSecretName }} + name: {{ .Values.messageBroker.existingSecretName | default .Values.messageBroker.secretName }} env: {{- include "activemq.env" . | nindent 12 }} ports: diff --git a/helm/alfresco-content-services/templates/deployment-transform-router.yaml b/helm/alfresco-content-services/templates/deployment-transform-router.yaml index 2c3ef8814..2d694b978 100644 --- a/helm/alfresco-content-services/templates/deployment-transform-router.yaml +++ b/helm/alfresco-content-services/templates/deployment-transform-router.yaml @@ -58,7 +58,7 @@ spec: # config map to use, defined in config-transform-router.yaml name: {{ template "alfresco.shortname" . }}-router-configmap - secretRef: - name: {{ default (printf "%s-brokersecret" (include "content-services.shortname" .)) .Values.messageBroker.existingSecretName }} + name: {{ .Values.messageBroker.existingSecretName | default .Values.messageBroker.secretName }} env: {{- include "activemq.env" . | nindent 12 }} ports: diff --git a/helm/alfresco-content-services/templates/secret-database.yaml b/helm/alfresco-content-services/templates/secret-database.yaml index 3dcd4bf66..ca8ec8262 100644 --- a/helm/alfresco-content-services/templates/secret-database.yaml +++ b/helm/alfresco-content-services/templates/secret-database.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ template "content-services.shortname" . }}-dbsecret + name: {{ .Values.database.secretName }} labels: {{- include "repository.labels" . | nindent 4 }} type: Opaque diff --git a/helm/alfresco-content-services/templates/secret-message-broker.yaml b/helm/alfresco-content-services/templates/secret-message-broker.yaml index fc9e80c1a..ef50aa119 100644 --- a/helm/alfresco-content-services/templates/secret-message-broker.yaml +++ b/helm/alfresco-content-services/templates/secret-message-broker.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ template "content-services.shortname" . }}-brokersecret + name: {{ .Values.messageBroker.secretName }} labels: {{- include "repository.labels" . | nindent 4 }} type: Opaque diff --git a/helm/alfresco-content-services/tests/activemq_test.yaml b/helm/alfresco-content-services/tests/activemq_test.yaml index 5437891b8..7ced676fe 100644 --- a/helm/alfresco-content-services/tests/activemq_test.yaml +++ b/helm/alfresco-content-services/tests/activemq_test.yaml @@ -20,7 +20,7 @@ tests: path: spec.template.spec.containers[0].envFrom content: secretRef: - name: RELEASE-NAME-alfresco-cs-brokersecret + name: acs-alfresco-cs-brokersecret template: deployment-repository.yaml - equal: path: data.BROKER_URL diff --git a/helm/alfresco-content-services/tests/search_test.yaml b/helm/alfresco-content-services/tests/search_test.yaml index 2b9ce4f8c..971a9e5d7 100644 --- a/helm/alfresco-content-services/tests/search_test.yaml +++ b/helm/alfresco-content-services/tests/search_test.yaml @@ -44,7 +44,7 @@ tests: set: alfresco-search: enabled: false - alfresco-elasticsearch-connector: + alfresco-search-enterprise: enabled: true elasticsearch: host: some.opensearch.endpoint diff --git a/helm/alfresco-content-services/values.yaml b/helm/alfresco-content-services/values.yaml index aee8e2544..d89aff15d 100644 --- a/helm/alfresco-content-services/values.yaml +++ b/helm/alfresco-content-services/values.yaml @@ -617,6 +617,9 @@ messageBroker: &acs_messageBroker url: null user: null password: null + # -- Name of the secret managed by this chart + secretName: &acs_messageBroker_secretName acs-alfresco-cs-brokersecret + # -- Alternatively, provide credentials via an existing secret that contains BROKER_URL, BROKER_USERNAME and BROKER_PASSWORD keys existingSecretName: null alfresco-search: nodeSelector: {} @@ -649,22 +652,36 @@ alfresco-search: # - secretName: chart-example-tls # hosts: # - chart-example.local -alfresco-elasticsearch-connector: +database: + # -- Enable using an external database for Alfresco Content Services. Must disable `postgresql.enabled` when true. + external: false + # -- Postgresql jdbc driver name ex: org.postgresql.Driver. It should be available in the container image. + driver: + # -- External Postgresql database user + user: + # -- External Postgresql database password + password: + # -- External Postgresql jdbc url ex: `jdbc:postgresql://oldfashioned-mule-postgresql-acs:5432/alfresco` + url: + # -- Name of the secret managed by this chart + secretName: &acs_database_secretName acs-alfresco-cs-dbsecret + # -- An existing secret that contains DATABASE_USERNAME and DATABASE_PASSWORD keys. + # When using embedded postgres you need to also set `postgresql.existingSecret`. + existingSecretName: +alfresco-search-enterprise: enabled: false - messageBroker: *acs_messageBroker + elasticsearch: + # -- Enables the embedded elasticsearch cluster + enabled: true + messageBroker: + existingSecretName: *acs_messageBroker_secretName reindexing: enabled: true postgresql: url: hostname: postgresql-acs database: alfresco - # -- Overrides .Values.global.elasticsearch - elasticsearch: - host: null - port: null - protocol: null - user: null - password: null + existingSecretName: *acs_database_secretName alfresco-digital-workspace: nodeSelector: {} enabled: true @@ -750,20 +767,6 @@ alfresco-admin-app: # -- Enable/Disable Alfresco Collaboration Connector for Microsoft 365 ooi: enabled: false -database: - # -- Enable using an external database for Alfresco Content Services. Must disable `postgresql.enabled` when true. - external: false - # -- Postgresql jdbc driver name ex: org.postgresql.Driver. It should be available in the container image. - driver: - # -- External Postgresql database user - user: - # -- External Postgresql database password - password: - # -- External Postgresql jdbc url ex: `jdbc:postgresql://oldfashioned-mule-postgresql-acs:5432/alfresco` - url: - # -- An existing secret that contains DATABASE_USERNAME and DATABASE_PASSWORD keys. - # When using embedded postgres you need to also set `postgresql.existingSecret`. - existingSecretName: postgresql: # -- Enable embedded postgres for Alfresco Content Services leveraging the postgresql Bitnami chart enabled: true @@ -833,13 +836,6 @@ postgresql-syncservice: limits: cpu: "4" memory: "1500Mi" -# -- Embedded ElasticSearch cluster powered by Bitnami charts -elasticsearch: - # -- Enable the embedded ElasticSearch cluster - enabled: false - image: "docker.elastic.co/elasticsearch/elasticsearch-oss" - replicas: 1 - clusterHealthCheckParams: "wait_for_status=yellow&timeout=1s" s3connector: # -- Enable the S3 Connector # For a full list of properties on the S3 connector see: @@ -987,7 +983,7 @@ global: # s3Bucket: # comprehendRoleARN: # -- Shared connections details for Elasticsearch/Opensearch, required when - # alfresco-elasticsearch-connector.enabled is true + # alfresco-search-enterprise.enabled is true elasticsearch: # -- The host where service is available. The provided default is for when # elasticsearch.enabled is true diff --git a/updatecli.d/supported-matrix.yaml b/updatecli.d/supported-matrix.yaml index 956c678d3..96f2dc8d9 100644 --- a/updatecli.d/supported-matrix.yaml +++ b/updatecli.d/supported-matrix.yaml @@ -40,7 +40,7 @@ matrix: docker-compose/elasticsearch-override-docker-compose.yml compose_key: services.search.image helm_target: >- - helm/alfresco-content-services/charts/alfresco-elasticsearch-connector/values.yaml + helm/alfresco-content-services/charts/alfresco-search-enterprise/values.yaml helm_keys: Reindexing: reindexing.image.tag Liveindexing: @@ -94,16 +94,16 @@ matrix: version: "3.2" helm_target: *helmvalues73 helm_keys: - Reindexing: alfresco-elasticsearch-connector.reindexing.image.tag + Reindexing: alfresco-search-enterprise.reindexing.image.tag Liveindexing: Mediation: >- - alfresco-elasticsearch-connector.liveIndexing.mediation.image.tag + alfresco-search-enterprise.liveIndexing.mediation.image.tag Content: >- - alfresco-elasticsearch-connector.liveIndexing.content.image.tag + alfresco-search-enterprise.liveIndexing.content.image.tag Metadata: >- - alfresco-elasticsearch-connector.liveIndexing.metadata.image.tag + alfresco-search-enterprise.liveIndexing.metadata.image.tag Path: >- - alfresco-elasticsearch-connector.liveIndexing.path.image.tag + alfresco-search-enterprise.liveIndexing.path.image.tag pattern: *ga_hotfixes_pattern sync: version: "3.8" @@ -149,16 +149,16 @@ matrix: version: "3.1" helm_target: *helmvalues72 helm_keys: - Reindexing: alfresco-elasticsearch-connector.reindexing.image.tag + Reindexing: alfresco-search-enterprise.reindexing.image.tag Liveindexing: Mediation: >- - alfresco-elasticsearch-connector.liveIndexing.mediation.image.tag + alfresco-search-enterprise.liveIndexing.mediation.image.tag Content: >- - alfresco-elasticsearch-connector.liveIndexing.content.image.tag + alfresco-search-enterprise.liveIndexing.content.image.tag Metadata: >- - alfresco-elasticsearch-connector.liveIndexing.metadata.image.tag + alfresco-search-enterprise.liveIndexing.metadata.image.tag Path: >- - alfresco-elasticsearch-connector.liveIndexing.path.image.tag + alfresco-search-enterprise.liveIndexing.path.image.tag pattern: *ga_hotfixes_pattern sync: version: "3.7" @@ -204,16 +204,16 @@ matrix: version: "3.1" helm_target: *helmvalues71 helm_keys: - Reindexing: alfresco-elasticsearch-connector.reindexing.image.tag + Reindexing: alfresco-search-enterprise.reindexing.image.tag Liveindexing: Mediation: >- - alfresco-elasticsearch-connector.liveIndexing.mediation.image.tag + alfresco-search-enterprise.liveIndexing.mediation.image.tag Content: >- - alfresco-elasticsearch-connector.liveIndexing.content.image.tag + alfresco-search-enterprise.liveIndexing.content.image.tag Metadata: >- - alfresco-elasticsearch-connector.liveIndexing.metadata.image.tag + alfresco-search-enterprise.liveIndexing.metadata.image.tag Path: >- - alfresco-elasticsearch-connector.liveIndexing.path.image.tag + alfresco-search-enterprise.liveIndexing.path.image.tag pattern: *ga_hotfixes_pattern sync: version: "3.7" From 869376e0a0d0f8e612ac3cbb5259025c6b4b628a Mon Sep 17 00:00:00 2001 From: Alex Chapellon Date: Wed, 1 Mar 2023 11:00:08 +0100 Subject: [PATCH 10/26] OPSEXP-1852: fix updatecli after moving search enterprise chart (#899) --- updatecli.d/supported-matrix.yaml | 9 --------- updatecli.d/uber-manifest.tpl | 2 ++ 2 files changed, 2 insertions(+), 9 deletions(-) diff --git a/updatecli.d/supported-matrix.yaml b/updatecli.d/supported-matrix.yaml index 96f2dc8d9..f277729a6 100644 --- a/updatecli.d/supported-matrix.yaml +++ b/updatecli.d/supported-matrix.yaml @@ -39,15 +39,6 @@ matrix: compose_target: >- docker-compose/elasticsearch-override-docker-compose.yml compose_key: services.search.image - helm_target: >- - helm/alfresco-content-services/charts/alfresco-search-enterprise/values.yaml - helm_keys: - Reindexing: reindexing.image.tag - Liveindexing: - Mediation: liveIndexing.mediation.image.tag - Content: liveIndexing.content.image.tag - Metadata: liveIndexing.metadata.image.tag - Path: liveIndexing.path.image.tag pattern: *development_pattern sync: version: "4" diff --git a/updatecli.d/uber-manifest.tpl b/updatecli.d/uber-manifest.tpl index ad8b61024..b92b1be41 100644 --- a/updatecli.d/uber-manifest.tpl +++ b/updatecli.d/uber-manifest.tpl @@ -231,6 +231,7 @@ targets: key: >- {{ index . "search-enterprise" "compose_key" }} {{- end }} + {{- if index . "search-enterprise" "helm_target" }} {{- $target_searchEnt := index . "search-enterprise" "helm_target" }} searchEnterpriseReindexingValues: name: Search Enterprise image tag @@ -251,6 +252,7 @@ targets: key: {{ $value }} {{- end }} {{- end }} + {{- end }} shareCompose: name: Share image tag kind: yaml From a31082861d0718b0ecf03f684e40528eae593958 Mon Sep 17 00:00:00 2001 From: Alex Chapellon Date: Wed, 1 Mar 2023 14:43:29 +0100 Subject: [PATCH 11/26] OPSEXP-1951: refactor zepellin chart inclusion (#898) --- helm/alfresco-content-services/README.md | 31 ++++++++++++++----- .../README.md.gotmpl | 31 ++++++++++++++----- .../charts/alfresco-search/Chart.yaml | 1 + .../charts/alfresco-search/README.md | 4 +-- .../alfresco-insight-zeppelin/README.md | 1 - .../templates/NOTES.txt | 12 ------- .../templates/config.yaml | 3 +- .../templates/deployment.yaml | 3 +- .../templates/ingress.yaml | 2 -- .../templates/service.yaml | 3 +- .../tests/deployment_test.yaml | 1 - .../tests/values/test.yaml | 2 -- .../alfresco-insight-zeppelin/values.yaml | 2 -- .../charts/alfresco-search/values.yaml | 6 +--- .../templates/NOTES.txt | 25 +++++++++++++-- helm/alfresco-content-services/values.yaml | 3 +- 16 files changed, 76 insertions(+), 54 deletions(-) delete mode 100755 helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/templates/NOTES.txt delete mode 100644 helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/tests/values/test.yaml diff --git a/helm/alfresco-content-services/README.md b/helm/alfresco-content-services/README.md index e7ab81098..ed0b6223a 100644 --- a/helm/alfresco-content-services/README.md +++ b/helm/alfresco-content-services/README.md @@ -110,7 +110,7 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | alfresco-search-enterprise.reindexing.postgresql.existingSecretName | string | `"acs-alfresco-cs-dbsecret"` | | | alfresco-search-enterprise.reindexing.postgresql.hostname | string | `"postgresql-acs"` | | | alfresco-search-enterprise.reindexing.postgresql.url | string | `nil` | | -| alfresco-search.alfresco-insight-zeppelin.insightzeppelin.enabled | bool | `false` | | +| alfresco-search.alfresco-insight-zeppelin.enabled | bool | `false` | | | alfresco-search.alfresco-insight-zeppelin.repository.host | string | `"alfresco-cs"` | | | alfresco-search.alfresco-insight-zeppelin.repository.port | int | `80` | | | alfresco-search.enabled | bool | `true` | | @@ -355,11 +355,26 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | transformrouter.service.name | string | `"transform-router"` | | | transformrouter.service.type | string | `"ClusterIP"` | | -ACS will be created in a k8s cluster with a minimum of 16GB memory to split among below nodes: -2 x repository, 1 x share, 1 x transformers (pdfrenderer, imagemagick, libreoffice, tika, misc) and 1 x postgresql +Alfresco Content Service will be deployed in a Kubernetes cluster. This cluster +needs a at least 32GB memory to split among below pods: -Limit container memory and assign X percentage to JVM. There are couple of ways to allocate JVM Memory for ACS Containers -For example: 'JAVA_OPTS: "$JAVA_OPTS -XX:+PrintFlagsFinal -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap"' -But, as per Oracle docs (https://docs.oracle.com/javase/9/gctuning/parallel-collector1.htm#JSGCT-GUID-CAB83393-3438-44ED-98F0-D15641B43C7D) -If container memory is not explicitly set, then the above flags will default max heap to 1/4th of container's memory which may not be ideal. -Hence, setting up explicit Container memory and then assigning a percentage of it to the JVM for performance tuning. +* 2 x repository +* 1 x share +* 1 x search +* 2 x pdfrenderer +* 2 x imagemagick +* 2 libreoffice +* 2 tika +* 2 misc +* 1 x postgresql +* 1 activemq + +> Note: this is the default settings but requirements can be lowered by +dropping the `replicaCount` value to 1 for each service. + +Default CPU and memory requirements for each pods are set as low as e think is +reasonable. If you need to teak the resource allocation you can use the +`resources.limits.cpu` & `resources.limits.memory` for each component of the +platform. Remember that most of them are running in JAVA VM so you might want +to also raise the JVM memory settings (-Xmx) which is possible using pods' +environment variables. diff --git a/helm/alfresco-content-services/README.md.gotmpl b/helm/alfresco-content-services/README.md.gotmpl index 51971a74d..82698597d 100644 --- a/helm/alfresco-content-services/README.md.gotmpl +++ b/helm/alfresco-content-services/README.md.gotmpl @@ -17,11 +17,26 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b {{ template "chart.valuesSection" . }} -ACS will be created in a k8s cluster with a minimum of 16GB memory to split among below nodes: -2 x repository, 1 x share, 1 x transformers (pdfrenderer, imagemagick, libreoffice, tika, misc) and 1 x postgresql - -Limit container memory and assign X percentage to JVM. There are couple of ways to allocate JVM Memory for ACS Containers -For example: 'JAVA_OPTS: "$JAVA_OPTS -XX:+PrintFlagsFinal -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap"' -But, as per Oracle docs (https://docs.oracle.com/javase/9/gctuning/parallel-collector1.htm#JSGCT-GUID-CAB83393-3438-44ED-98F0-D15641B43C7D) -If container memory is not explicitly set, then the above flags will default max heap to 1/4th of container's memory which may not be ideal. -Hence, setting up explicit Container memory and then assigning a percentage of it to the JVM for performance tuning. +Alfresco Content Service will be deployed in a Kubernetes cluster. This cluster +needs a at least 32GB memory to split among below pods: + +* 2 x repository +* 1 x share +* 1 x search +* 2 x pdfrenderer +* 2 x imagemagick +* 2 libreoffice +* 2 tika +* 2 misc +* 1 x postgresql +* 1 activemq + +> Note: this is the default settings but requirements can be lowered by +dropping the `replicaCount` value to 1 for each service. + +Default CPU and memory requirements for each pods are set as low as e think is +reasonable. If you need to teak the resource allocation you can use the +`resources.limits.cpu` & `resources.limits.memory` for each component of the +platform. Remember that most of them are running in JAVA VM so you might want +to also raise the JVM memory settings (-Xmx) which is possible using pods' +environment variables. diff --git a/helm/alfresco-content-services/charts/alfresco-search/Chart.yaml b/helm/alfresco-content-services/charts/alfresco-search/Chart.yaml index 97fa0a979..3e0c04ea5 100644 --- a/helm/alfresco-content-services/charts/alfresco-search/Chart.yaml +++ b/helm/alfresco-content-services/charts/alfresco-search/Chart.yaml @@ -18,6 +18,7 @@ appVersion: 2.0.6 dependencies: - name: alfresco-insight-zeppelin version: 1.2.0-SNAPSHOT + condition: alfresco-insight-zeppelin.enabled - name: alfresco-common version: 1.0.0 repository: https://alfresco.github.io/alfresco-helm-charts/ diff --git a/helm/alfresco-content-services/charts/alfresco-search/README.md b/helm/alfresco-content-services/charts/alfresco-search/README.md index e9a793144..f8a1c6435 100644 --- a/helm/alfresco-content-services/charts/alfresco-search/README.md +++ b/helm/alfresco-content-services/charts/alfresco-search/README.md @@ -23,7 +23,7 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | Key | Type | Default | Description | |-----|------|---------|-------------| -| alfresco-insight-zeppelin.insightzeppelin.enabled | bool | `false` | | +| alfresco-insight-zeppelin.enabled | bool | `false` | | | environment.SOLR_CREATE_ALFRESCO_DEFAULTS | string | `"alfresco,archive"` | | | global | object | `{"alfrescoRegistryPullSecrets":"quay-registry-secret","tracking":{"auth":"secret","sharedsecret":null}}` | Apply your secret file in k8s environment to access quay.io images (Example: https://github.com/Alfresco/alfresco-anaxes-shipyard/blob/master/SECRETS.md) Global definition of Docker registry pull secret which can be overridden from parent ACS Helm chart(s) | | global.tracking.auth | string | `"secret"` | Select how solr and repo authenticate to each other none: work only prior to acs 7.2 (and was the default) secret: use a shared secret (to specify using `tracking.sharedsecret`) https: to use mTLS auth (require appropriate certificate configuration) | @@ -47,7 +47,7 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | livenessProbe.periodSeconds | int | `20` | | | livenessProbe.timeoutSeconds | int | `10` | | | nodeSelector | object | `{}` | Define the alfresco-search properties to use in the k8s cluster This is the search provider used by alfresco-content-repository | -| persistence | object | `{"EbsPvConfiguration":{"fsType":"ext4"},"VolumeSizeRequest":"10Gi","chownWithDynamicProvisioning":false,"enabled":true,"search":{"data":{"mountPath":"/opt/alfresco-search-services/data","subPath":"alfresco-content-services/solr-data"}}}` | Defines the mounting points for the persistence required by the apps in the cluster the solr data folder containing the indexes for the alfresco-search-services is mapped to alfresco-content-services/solr-data | +| persistence | object | `{"EbsPvConfiguration":{"fsType":"ext4"},"VolumeSizeRequest":"10Gi","enabled":true,"search":{"data":{"mountPath":"/opt/alfresco-search-services/data","subPath":"alfresco-content-services/solr-data"}}}` | Defines the mounting points for the persistence required by the apps in the cluster the solr data folder containing the indexes for the alfresco-search-services is mapped to alfresco-content-services/solr-data | | persistence.VolumeSizeRequest | string | `"10Gi"` | Only define if you have a specific claim already created existingClaim: "search-master-claim" | | podSecurityContext.fsGroup | int | `33007` | | | podSecurityContext.runAsGroup | int | `33007` | | diff --git a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/README.md b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/README.md index 0d753bfe9..fd89035f1 100644 --- a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/README.md +++ b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/README.md @@ -28,7 +28,6 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | image.repository | string | `"quay.io/alfresco/insight-zeppelin"` | | | image.tag | string | `"2.0.6"` | | | ingress.path | string | `"/zeppelin"` | | -| insightzeppelin.enabled | bool | `false` | | | livenessProbe.initialDelaySeconds | int | `130` | | | livenessProbe.periodSeconds | int | `20` | | | livenessProbe.timeoutSeconds | int | `10` | | diff --git a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/templates/NOTES.txt b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/templates/NOTES.txt deleted file mode 100755 index 0805c5a84..000000000 --- a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/templates/NOTES.txt +++ /dev/null @@ -1,12 +0,0 @@ -{{ if and .Values.externalHost }} -{{- if .Values.insightzeppelin.enabled }} -You can access Alfresco Insight Zeppelin using: - - Zeppelin: {{ .Values.externalProtocol | default "http" }}://{{ .Values.externalHost }}:{{ .Values.externalPort | default .Values.service.externalPort }}/zeppelin - -{{ else }} -If you have a specific DNS address for the cluster please run the following commands to get the application paths and configure ACS: - -helm upgrade --reuse-values {{ .Release.Name }} --set externalProtocol="http" --set externalHost="domain.com" --set externalPort="80" alfresco/alfresco-content-services -{{ end }} -{{- end }} diff --git a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/templates/config.yaml b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/templates/config.yaml index 38fb78ffe..291fb9fca 100755 --- a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/templates/config.yaml +++ b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/templates/config.yaml @@ -1,5 +1,5 @@ +--- # Defines the config for the Alfresco Insight Zeppelin App -{{- if .Values.insightzeppelin.enabled }} apiVersion: v1 kind: ConfigMap metadata: @@ -12,4 +12,3 @@ metadata: data: REPO_HOST: "{{ template "alfresco-repo-host" . }}" REPO_PORT: "{{ .Values.repository.port }}" -{{- end }} diff --git a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/templates/deployment.yaml b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/templates/deployment.yaml index 541ceec01..952811c74 100755 --- a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/templates/deployment.yaml +++ b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/templates/deployment.yaml @@ -1,5 +1,5 @@ +--- # Defines the deployment for the Alfresco Insight Zeppelin App -{{- if .Values.insightzeppelin.enabled }} apiVersion: apps/v1 kind: Deployment metadata: @@ -56,4 +56,3 @@ spec: port: {{ .Values.image.internalPort }} initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.livenessProbe.periodSeconds }} -{{- end }} diff --git a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/templates/ingress.yaml b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/templates/ingress.yaml index 85d44c477..48a7d6ac2 100755 --- a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/templates/ingress.yaml +++ b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/templates/ingress.yaml @@ -1,4 +1,3 @@ -{{- if .Values.insightzeppelin.enabled }} {{- $serviceName := (include "alfresco-insight-zeppelin.fullName" .) -}} {{- $servicePort := .Values.service.externalPort -}} apiVersion: {{ template "common.capabilities.ingress.apiVersion" . }} @@ -16,4 +15,3 @@ spec: pathType: Prefix {{- end }} backend: {{- include "common.ingress.backend" (dict "serviceName" $serviceName "servicePort" $servicePort "context" $) | nindent 10 }} -{{- end }} diff --git a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/templates/service.yaml b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/templates/service.yaml index ed3e1a5a5..f69bc5b1d 100755 --- a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/templates/service.yaml +++ b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/templates/service.yaml @@ -1,5 +1,5 @@ +--- # Defines the service for the Alfresco Insight Zeppelin App -{{- if .Values.insightzeppelin.enabled }} apiVersion: v1 kind: Service metadata: @@ -18,4 +18,3 @@ spec: selector: app: {{ template "alfresco-insight-zeppelin.fullName" . }} release: {{ .Release.Name }} -{{- end }} diff --git a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/tests/deployment_test.yaml b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/tests/deployment_test.yaml index 3a119fcbf..7770ee9ae 100644 --- a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/tests/deployment_test.yaml +++ b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/tests/deployment_test.yaml @@ -6,7 +6,6 @@ tests: - it: should have basic metadata in place values: &testvalues - ../../../../../tests/values/test_values.yaml - - values/test.yaml asserts: - equal: path: metadata.name diff --git a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/tests/values/test.yaml b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/tests/values/test.yaml deleted file mode 100644 index 081d74fb5..000000000 --- a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/tests/values/test.yaml +++ /dev/null @@ -1,2 +0,0 @@ -insightzeppelin: - enabled: true diff --git a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/values.yaml b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/values.yaml index 38e9d68b3..c18ce5737 100755 --- a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/values.yaml +++ b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/values.yaml @@ -6,8 +6,6 @@ # This is chart will be installed as part of Alfresco Insight Engine replicaCount: 1 nodeSelector: {} -insightzeppelin: - enabled: false image: repository: quay.io/alfresco/insight-zeppelin tag: 2.0.6 diff --git a/helm/alfresco-content-services/charts/alfresco-search/values.yaml b/helm/alfresco-content-services/charts/alfresco-search/values.yaml index 371713274..f905f7da1 100755 --- a/helm/alfresco-content-services/charts/alfresco-search/values.yaml +++ b/helm/alfresco-content-services/charts/alfresco-search/values.yaml @@ -62,9 +62,6 @@ resources: # the solr data folder containing the indexes for the alfresco-search-services is mapped to alfresco-content-services/solr-data persistence: enabled: true - #chown doesn't work with dynamic provisioning so far - #issue on github: https://github.com/kubernetes-sigs/aws-efs-csi-driver/issues/300 - chownWithDynamicProvisioning: false # -- Only define if you have a specific claim already created # existingClaim: "search-master-claim" VolumeSizeRequest: 10Gi @@ -75,8 +72,7 @@ persistence: EbsPvConfiguration: fsType: ext4 alfresco-insight-zeppelin: - insightzeppelin: - enabled: false + enabled: false readinessProbe: initialDelaySeconds: 60 periodSeconds: 20 diff --git a/helm/alfresco-content-services/templates/NOTES.txt b/helm/alfresco-content-services/templates/NOTES.txt index 6c5cbc0b2..7c35af52c 100644 --- a/helm/alfresco-content-services/templates/NOTES.txt +++ b/helm/alfresco-content-services/templates/NOTES.txt @@ -5,6 +5,25 @@ {{ $alfport := tpl (.Values.externalPort | default .Values.repository.service.externalPort | toString ) $ }} {{ $alfurl := printf "%s://%s:%s" $alfprotocol $alfhost $alfport }} + _,,,,_ + .@B@@@@@@EW_ + _;@BBB@m,`T@@@@@@@@W UUh-_ + _0@@@@@@BBBBm`0@@@BBBB ]LLLLU + B@@@@@@@BBBBBW @0BBBBB ]LLLLLL + !R""""P0N0BBBBB @BBBBB",LLLLLLL + _;@BBBBBWw`TBBBB @BBBM_+L"`^^^`` _ + #@@@0BBBBBBBW_TB0 @B^_=^^``````- {@b + [@@@@@@B0BBBBBBW_T " ="=====-``_;B@@@b + 0@@@@@BM"",,,,,,,_ +pppppp@@N@@@@@@E + '@@@P_mBNNNNNNBN",@ Ew`TNNNNNNB@@@@@@" + `0"/BNNNNNNBP`,0N@ 0B@p_TBNNNNNN@@R` + BBBBBBBE`,BNNN@ 0NNB@b,`"MMM^" + !@@@@@@@ ANNNNB@ 0NNNNN@@@BBBN@L + T@@@@@E NNNNNN@L'BNNNNb@@@@@@P + '0@@@@ 0NNBN@@@p_TBNBN@@@@B" + `"" 0@@@@@@@@b,_`"""` + `T0@@@@BP` + You can access all components of Alfresco Content Services using the same root address, but different paths as follows: Content: {{ $alfurl }}/alfresco @@ -12,10 +31,10 @@ You can access all components of Alfresco Content Services using the same root a API-Explorer: {{ $alfurl }}/api-explorer {{ if eq .Values.repository.edition "Enterprise" }} Alfresco Digital Workspace: {{ $alfurl }}/workspace/ {{ end }} {{ if index .Values "alfresco-search" "ingress" "enabled" }} Solr: {{ $alfurl }}/solr {{ end }} -{{ if (index .Values "alfresco-search" "alfresco-insight-zeppelin" "insightzeppelin") }}{{ if (index .Values "alfresco-search" "alfresco-insight-zeppelin" "insightzeppelin" "enabled") }} Zeppelin: {{ $alfurl }}/zeppelin {{ end }}{{ end }} +{{ if (index .Values "alfresco-search" "alfresco-insight-zeppelin" "enabled") }} Zeppelin: {{ $alfurl }}/zeppelin {{ end }} {{- if index .Values "alfresco-sync-service" "syncservice" "enabled" }} - {{ $alfportdsync := tpl (.Values.externalPort | toString ) $ }} - {{ $alfurldsync := printf "%s://%s:%s" $alfprotocol $alfhost $alfportdsync }} + {{- $alfportdsync := tpl (.Values.externalPort | toString ) $ }} + {{- $alfurldsync := printf "%s://%s:%s" $alfprotocol $alfhost $alfportdsync }} Sync service: {{ $alfurldsync }}/syncservice/healthcheck {{ end }} {{ else }} diff --git a/helm/alfresco-content-services/values.yaml b/helm/alfresco-content-services/values.yaml index d89aff15d..1b4185a84 100644 --- a/helm/alfresco-content-services/values.yaml +++ b/helm/alfresco-content-services/values.yaml @@ -637,8 +637,7 @@ alfresco-search: host: alfresco-cs port: *repositoryExternalPort alfresco-insight-zeppelin: - insightzeppelin: - enabled: false + enabled: false repository: *repositoryHostPort ingress: # -- Alfresco Search services endpoint ('/solr') From d7a32995a0745c01dc2bd242a4f9ec1cce6cdaf5 Mon Sep 17 00:00:00 2001 From: Alex Chapellon Date: Tue, 7 Mar 2023 15:18:22 +0100 Subject: [PATCH 12/26] OPSEXP-1853: change unittest plugin and disable breaking ones (#904) --- .github/workflows/docker-compose-community.yml | 2 +- .github/workflows/docker-compose-enterprise.yml | 2 +- .github/workflows/helm-community.yml | 2 +- .github/workflows/helm-enterprise.yml | 2 +- .github/workflows/helm-release.yml | 2 +- .github/workflows/helm-static-checks.yml | 13 +++++++------ .github/workflows/pre-commit-compose.yml | 2 +- .github/workflows/pre-commit-helm.yml | 2 +- ...eployment_test.yaml => deployment_disabled.yaml} | 1 + .../{config_test.yaml => config_disabled.yaml} | 0 ...eployment_test.yaml => deployment_disabled.yaml} | 1 + .../{ingress_test.yaml => ingress_disabled.yaml} | 0 ...gress_test.yaml => secret-ingress_disabled.yaml} | 0 ...test.yaml => secret-solr-jtoolopt_disabled.yaml} | 0 ...st.yaml => deployment-syncservice_disabled.yaml} | 3 +++ .../tests/deployment-repository_test.yaml | 4 ++-- .../tests/secret-repository-properties_test.yaml | 2 +- 17 files changed, 22 insertions(+), 16 deletions(-) rename helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/tests/{deployment_test.yaml => deployment_disabled.yaml} (97%) rename helm/alfresco-content-services/charts/alfresco-search/tests/{config_test.yaml => config_disabled.yaml} (100%) rename helm/alfresco-content-services/charts/alfresco-search/tests/{deployment_test.yaml => deployment_disabled.yaml} (97%) rename helm/alfresco-content-services/charts/alfresco-search/tests/{ingress_test.yaml => ingress_disabled.yaml} (100%) rename helm/alfresco-content-services/charts/alfresco-search/tests/{secret-ingress_test.yaml => secret-ingress_disabled.yaml} (100%) rename helm/alfresco-content-services/charts/alfresco-search/tests/{secret-solr-jtoolopt_test.yaml => secret-solr-jtoolopt_disabled.yaml} (100%) rename helm/alfresco-content-services/charts/alfresco-sync-service/tests/{deployment-syncservice_test.yaml => deployment-syncservice_disabled.yaml} (87%) diff --git a/.github/workflows/docker-compose-community.yml b/.github/workflows/docker-compose-community.yml index 7be2d2c4d..533de4adc 100644 --- a/.github/workflows/docker-compose-community.yml +++ b/.github/workflows/docker-compose-community.yml @@ -17,6 +17,6 @@ jobs: runs-on: ubuntu-latest steps: - uses: >- - Alfresco/alfresco-build-tools/.github/actions/dbp-charts/verify-compose@v1.35.0 + Alfresco/alfresco-build-tools/.github/actions/dbp-charts/verify-compose@v1.36.0 with: compose_file_path: docker-compose/community-docker-compose.yml diff --git a/.github/workflows/docker-compose-enterprise.yml b/.github/workflows/docker-compose-enterprise.yml index c94f8f23f..52e7851e4 100644 --- a/.github/workflows/docker-compose-enterprise.yml +++ b/.github/workflows/docker-compose-enterprise.yml @@ -32,7 +32,7 @@ jobs: ) steps: - uses: >- - Alfresco/alfresco-build-tools/.github/actions/dbp-charts/verify-compose@v1.35.0 + Alfresco/alfresco-build-tools/.github/actions/dbp-charts/verify-compose@v1.36.0 with: compose_file_path: docker-compose/${{ matrix.compose_file }} quay_username: ${{ secrets.QUAY_USERNAME }} diff --git a/.github/workflows/helm-community.yml b/.github/workflows/helm-community.yml index c5d622022..fa846aea3 100644 --- a/.github/workflows/helm-community.yml +++ b/.github/workflows/helm-community.yml @@ -17,7 +17,7 @@ jobs: steps: - uses: actions/checkout@v3 - name: Setup cluster - uses: Alfresco/alfresco-build-tools/.github/actions/setup-kind@v1.35.0 + uses: Alfresco/alfresco-build-tools/.github/actions/setup-kind@v1.36.0 - name: Community local deployment run: | helm dep up ./helm/alfresco-content-services diff --git a/.github/workflows/helm-enterprise.yml b/.github/workflows/helm-enterprise.yml index 1e8f4b107..7a07683e5 100644 --- a/.github/workflows/helm-enterprise.yml +++ b/.github/workflows/helm-enterprise.yml @@ -81,7 +81,7 @@ jobs: echo "app_version=$V" >> $GITHUB_OUTPUT echo "app_prefix=${SANITIZED_V}" >> $GITHUB_OUTPUT - uses: >- - Alfresco/alfresco-build-tools/.github/actions/dbp-charts/verify-helm@v1.35.0 + Alfresco/alfresco-build-tools/.github/actions/dbp-charts/verify-helm@v1.36.0 with: skip_checkout: 'true' test_newman: 'true' diff --git a/.github/workflows/helm-release.yml b/.github/workflows/helm-release.yml index c16086a56..940910d4b 100644 --- a/.github/workflows/helm-release.yml +++ b/.github/workflows/helm-release.yml @@ -42,7 +42,7 @@ jobs: fetch-depth: 0 - name: Publish chart uses: >- - Alfresco/alfresco-build-tools/.github/actions/dbp-charts/publish-chart@v1.35.0 + Alfresco/alfresco-build-tools/.github/actions/dbp-charts/publish-chart@v1.36.0 with: chart_name: ${{ matrix.charts }} github_token: ${{ secrets.BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/helm-static-checks.yml b/.github/workflows/helm-static-checks.yml index 62a2d7ac9..b539873ba 100644 --- a/.github/workflows/helm-static-checks.yml +++ b/.github/workflows/helm-static-checks.yml @@ -36,14 +36,15 @@ jobs: - name: Checkout uses: actions/checkout@v3 - uses: >- - Alfresco/alfresco-build-tools/.github/actions/helm-build-chart@v1.35.0 + Alfresco/alfresco-build-tools/.github/actions/helm-build-chart@v1.36.0 with: chart-dir: helm/${{ matrix.charts.name }} - uses: >- - Alfresco/alfresco-build-tools/.github/actions/helm-unit-tests@v1.35.0 + Alfresco/alfresco-build-tools/.github/actions/helm-plugin@v1.36.0 with: - chart-dir: helm/${{ matrix.charts.name }} - chart-type: ${{ matrix.charts.type }} + plugin_url: https://github.com/helm-unittest/helm-unittest + - run: | + helm unittest helm/${{ matrix.charts.name }} helm_yaml_lint: needs: - build_vars @@ -54,11 +55,11 @@ jobs: - name: Checkout uses: actions/checkout@v3 - uses: >- - Alfresco/alfresco-build-tools/.github/actions/helm-build-chart@v1.35.0 + Alfresco/alfresco-build-tools/.github/actions/helm-build-chart@v1.36.0 with: chart-dir: helm/${{ matrix.charts.name }} - uses: >- - Alfresco/alfresco-build-tools/.github/actions/helm-template-yamllint@v1.35.0 + Alfresco/alfresco-build-tools/.github/actions/helm-template-yamllint@v1.36.0 with: chart-dir: helm/${{ matrix.charts.name }} helm-options: --values tests/values/test_values.yaml diff --git a/.github/workflows/pre-commit-compose.yml b/.github/workflows/pre-commit-compose.yml index 481b65635..f40ca9291 100644 --- a/.github/workflows/pre-commit-compose.yml +++ b/.github/workflows/pre-commit-compose.yml @@ -21,4 +21,4 @@ jobs: name: Run pre-commit runs-on: ubuntu-latest steps: - - uses: Alfresco/alfresco-build-tools/.github/actions/pre-commit@v1.35.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/pre-commit@v1.36.0 diff --git a/.github/workflows/pre-commit-helm.yml b/.github/workflows/pre-commit-helm.yml index c15947926..e35c31580 100644 --- a/.github/workflows/pre-commit-helm.yml +++ b/.github/workflows/pre-commit-helm.yml @@ -25,5 +25,5 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@v1.35.0 + - uses: Alfresco/alfresco-build-tools/.github/actions/setup-helm-docs@v1.36.0 - uses: pre-commit/action@v3.0.0 diff --git a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/tests/deployment_test.yaml b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/tests/deployment_disabled.yaml similarity index 97% rename from helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/tests/deployment_test.yaml rename to helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/tests/deployment_disabled.yaml index 7770ee9ae..5c54a777c 100644 --- a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/tests/deployment_test.yaml +++ b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/tests/deployment_disabled.yaml @@ -2,6 +2,7 @@ suite: test deployment templates: - deployment.yaml + - config.yaml tests: - it: should have basic metadata in place values: &testvalues diff --git a/helm/alfresco-content-services/charts/alfresco-search/tests/config_test.yaml b/helm/alfresco-content-services/charts/alfresco-search/tests/config_disabled.yaml similarity index 100% rename from helm/alfresco-content-services/charts/alfresco-search/tests/config_test.yaml rename to helm/alfresco-content-services/charts/alfresco-search/tests/config_disabled.yaml diff --git a/helm/alfresco-content-services/charts/alfresco-search/tests/deployment_test.yaml b/helm/alfresco-content-services/charts/alfresco-search/tests/deployment_disabled.yaml similarity index 97% rename from helm/alfresco-content-services/charts/alfresco-search/tests/deployment_test.yaml rename to helm/alfresco-content-services/charts/alfresco-search/tests/deployment_disabled.yaml index e0f9638b5..b35781ad9 100644 --- a/helm/alfresco-content-services/charts/alfresco-search/tests/deployment_test.yaml +++ b/helm/alfresco-content-services/charts/alfresco-search/tests/deployment_disabled.yaml @@ -2,6 +2,7 @@ suite: test solr deployment templates: - deployment.yaml + - config.yaml tests: - it: should have basic metadata in place values: &testvalues diff --git a/helm/alfresco-content-services/charts/alfresco-search/tests/ingress_test.yaml b/helm/alfresco-content-services/charts/alfresco-search/tests/ingress_disabled.yaml similarity index 100% rename from helm/alfresco-content-services/charts/alfresco-search/tests/ingress_test.yaml rename to helm/alfresco-content-services/charts/alfresco-search/tests/ingress_disabled.yaml diff --git a/helm/alfresco-content-services/charts/alfresco-search/tests/secret-ingress_test.yaml b/helm/alfresco-content-services/charts/alfresco-search/tests/secret-ingress_disabled.yaml similarity index 100% rename from helm/alfresco-content-services/charts/alfresco-search/tests/secret-ingress_test.yaml rename to helm/alfresco-content-services/charts/alfresco-search/tests/secret-ingress_disabled.yaml diff --git a/helm/alfresco-content-services/charts/alfresco-search/tests/secret-solr-jtoolopt_test.yaml b/helm/alfresco-content-services/charts/alfresco-search/tests/secret-solr-jtoolopt_disabled.yaml similarity index 100% rename from helm/alfresco-content-services/charts/alfresco-search/tests/secret-solr-jtoolopt_test.yaml rename to helm/alfresco-content-services/charts/alfresco-search/tests/secret-solr-jtoolopt_disabled.yaml diff --git a/helm/alfresco-content-services/charts/alfresco-sync-service/tests/deployment-syncservice_test.yaml b/helm/alfresco-content-services/charts/alfresco-sync-service/tests/deployment-syncservice_disabled.yaml similarity index 87% rename from helm/alfresco-content-services/charts/alfresco-sync-service/tests/deployment-syncservice_test.yaml rename to helm/alfresco-content-services/charts/alfresco-sync-service/tests/deployment-syncservice_disabled.yaml index 0cea7f70f..b9b24455a 100644 --- a/helm/alfresco-content-services/charts/alfresco-sync-service/tests/deployment-syncservice_test.yaml +++ b/helm/alfresco-content-services/charts/alfresco-sync-service/tests/deployment-syncservice_disabled.yaml @@ -2,6 +2,9 @@ suite: test deployment templates: - deployment-syncservice.yaml + - config-syncservice.yaml + - secret-database.yaml + - ../../../templates/secret-repository.yaml tests: - it: should have basic metadata in place values: &testvalues diff --git a/helm/alfresco-content-services/tests/deployment-repository_test.yaml b/helm/alfresco-content-services/tests/deployment-repository_test.yaml index 34065d41f..c1fed0df1 100644 --- a/helm/alfresco-content-services/tests/deployment-repository_test.yaml +++ b/helm/alfresco-content-services/tests/deployment-repository_test.yaml @@ -158,7 +158,7 @@ tests: mountPath: >- /usr/local/tomcat/shared/classes/alfresco/extension/license/ name: acs-license - template: deployment-repository.yaml + template: deployment-repository.yaml - it: should have a volume and a volumeMount for alfresco-global.properties values: *testvalues @@ -180,7 +180,7 @@ tests: name: repository-properties mountPath: /usr/local/tomcat/shared/classes/alfresco-global.properties subPath: alfresco-global.properties - template: deployment-repository.yaml + template: deployment-repository.yaml - it: should render cpu and memory limits values: *testvalues diff --git a/helm/alfresco-content-services/tests/secret-repository-properties_test.yaml b/helm/alfresco-content-services/tests/secret-repository-properties_test.yaml index b82436f07..b71e11f0a 100644 --- a/helm/alfresco-content-services/tests/secret-repository-properties_test.yaml +++ b/helm/alfresco-content-services/tests/secret-repository-properties_test.yaml @@ -8,6 +8,6 @@ tests: - values/test_values.yaml asserts: - equal: - path: data.alfresco-global\.properties + path: data['alfresco-global.properties'] value: c29sci5zaGFyZWRTZWNyZXQ9ZHVtbXk= template: secret-repository-properties.yaml From 82e71a3b5c3451852c2a0ff2931f6d99238cd241 Mon Sep 17 00:00:00 2001 From: Giovanni Toraldo Date: Thu, 9 Mar 2023 14:19:24 +0100 Subject: [PATCH 13/26] OPSEXP-1881 Bump setup-kind action (#903) --- .github/workflows/helm-community.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/helm-community.yml b/.github/workflows/helm-community.yml index fa846aea3..f46875fed 100644 --- a/.github/workflows/helm-community.yml +++ b/.github/workflows/helm-community.yml @@ -17,7 +17,7 @@ jobs: steps: - uses: actions/checkout@v3 - name: Setup cluster - uses: Alfresco/alfresco-build-tools/.github/actions/setup-kind@v1.36.0 + uses: Alfresco/alfresco-build-tools/.github/actions/setup-kind@b93f01d21bfdf630dc850aedfdb17fdd43221fd8 - name: Community local deployment run: | helm dep up ./helm/alfresco-content-services From 349274bd7eda47cffe24b8918598d592c4ed2f21 Mon Sep 17 00:00:00 2001 From: Giovanni Toraldo Date: Tue, 14 Mar 2023 11:31:37 +0100 Subject: [PATCH 14/26] OPSEXP-2002 Fixup volume handling when using external database (#908) Co-authored-by: Alex Chapellon --- .../templates/deployment-repository.yaml | 11 ++-- .../tests/deployment-repository_test.yaml | 56 +++++++++++++++++++ 2 files changed, 60 insertions(+), 7 deletions(-) diff --git a/helm/alfresco-content-services/templates/deployment-repository.yaml b/helm/alfresco-content-services/templates/deployment-repository.yaml index d95be2706..cd457b9b6 100644 --- a/helm/alfresco-content-services/templates/deployment-repository.yaml +++ b/helm/alfresco-content-services/templates/deployment-repository.yaml @@ -121,14 +121,12 @@ spec: preStop: exec: command: ["/bin/bash", "-c", "sleep 20"] - {{- if eq .Values.database.external false }} initContainers: {{- if .Values.repository.extraInitContainers }} -{{ tpl .Values.repository.extraInitContainers . | indent 8 }} + {{- toYaml .Values.repository.extraInitContainers | nindent 8 }} {{- end }} - {{- if eq .Values.database.external false }} - # wait for the DB to startup before this deployment can start - - name: init-db + {{- if not .Values.database.external }} + - name: wait-db-ready image: "{{ .Values.repository.initContainers.db.image.repository }}:{{ .Values.repository.initContainers.db.image.tag }}" imagePullPolicy: {{ .Values.repository.initContainers.db.image.pullPolicy }} {{- include "component-security-context" .Values.repository.initContainers.db | indent 8 }} @@ -245,6 +243,5 @@ spec: path: ca.crt {{- end }} {{- if .Values.repository.extraVolumes }} -{{ toYaml .Values.repository.extraVolumes | indent 6 }} - {{- end }} + {{- toYaml .Values.repository.extraVolumes | nindent 8 }} {{- end }} diff --git a/helm/alfresco-content-services/tests/deployment-repository_test.yaml b/helm/alfresco-content-services/tests/deployment-repository_test.yaml index c1fed0df1..08f667d06 100644 --- a/helm/alfresco-content-services/tests/deployment-repository_test.yaml +++ b/helm/alfresco-content-services/tests/deployment-repository_test.yaml @@ -195,3 +195,59 @@ tests: cpu: "4" memory: "3000Mi" template: deployment-repository.yaml + + - it: should have wait-db-ready initcontainer with in-cluster db + values: *testvalues + set: + database.external: false + asserts: + - equal: + path: spec.template.spec.initContainers[0].name + value: wait-db-ready + template: deployment-repository.yaml + + - it: should not have wait-db-ready initcontainer with external database + values: *testvalues + set: + database.external: true + asserts: + - isEmpty: + path: spec.template.spec.initContainers + template: deployment-repository.yaml + - isNotEmpty: + path: spec.template.spec.volumes + template: deployment-repository.yaml + + - it: should have custom init containers when defined + values: *testvalues + set: + repository.extraInitContainers: + - name: dummy-init-container + image: busybox:1.28 + command: ['sh', '-c', 'echo The app is running! && sleep 3600'] + asserts: + - contains: + path: spec.template.spec.initContainers + content: + name: dummy-init-container + image: busybox:1.28 + command: ['sh', '-c', 'echo The app is running! && sleep 3600'] + template: deployment-repository.yaml + + - it: should have custom extra volumes when defined + values: *testvalues + set: + repository.extraVolumes: + - name: test-volume + awsElasticBlockStore: + volumeID: "whatever" + fsType: ext4 + asserts: + - contains: + path: spec.template.spec.volumes + content: + name: test-volume + awsElasticBlockStore: + volumeID: "whatever" + fsType: ext4 + template: deployment-repository.yaml From 620e46994cc97c918b9f737aad96e9e1497168cc Mon Sep 17 00:00:00 2001 From: Saurabh Lohe <105858985+slohe1@users.noreply.github.com> Date: Wed, 15 Mar 2023 20:22:59 +0530 Subject: [PATCH 15/26] OPSEXP-2028 Release acs-deployment v5.4.0-M3 (#911) Co-authored-by: Alexandre Chapellon --- README.md | 1 + updatecli.d/supported-matrix.yaml | 29 +++++++++++++++++++++++++++-- updatecli.d/uber-manifest.tpl | 25 ++++++++++++++++++++++++- 3 files changed, 52 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 16759f01e..99dd04567 100644 --- a/README.md +++ b/README.md @@ -46,6 +46,7 @@ The table below shows the exact version of ACS deployed with each chart version/ | 5.3.0 | 7.3.0 | | 7.2.1 | 7.1.1.5 | 7.0.1.3 | 7.3.0 | | 5.4.0-M1 | 7.4.0-M1 | 7.3.0.1 | 7.2.1.5 | 7.1.1.7 | 7.0.1.9 | 7.4.0-M1 | | 5.4.0-M2 | 7.4.0-M2 | 7.3.1 | 7.2.1.7 | 7.1.1.8 | 7.0.1.10 | 7.4.0-M2 | +| 5.4.0-M3 | 7.4.0-M3 | 7.3.1 | 7.2.1.7 | 7.1.1.8 | 7.0.1.10 | 7.4.0-M3 | ### End of Life'ed versions diff --git a/updatecli.d/supported-matrix.yaml b/updatecli.d/supported-matrix.yaml index f277729a6..896b2790e 100644 --- a/updatecli.d/supported-matrix.yaml +++ b/updatecli.d/supported-matrix.yaml @@ -62,6 +62,11 @@ matrix: helm_target: *helmvalues helm_key: alfresco-admin-app.image.tag pattern: *development_pattern + ondrive: + version: "1" + helm_target: *helmvalues + helm_key: ooiService.image.tag + pattern: *development_pattern 7.3.N: acs: version: "7.3" @@ -111,12 +116,17 @@ matrix: helm_key: alfresco-digital-workspace.image.tag pattern: *ga_pattern adminApp: - version: "7.6" + version: "7" compose_target: *compose73 compose_key: services.control-center.image helm_target: *helmvalues73 helm_key: alfresco-admin-app.image.tag pattern: *ga_pattern + ondrive: + version: "1.1" + helm_target: *helmvalues + helm_key: ooiService.image.tag + pattern: *ga_hotfixes_pattern 7.2.N: acs: version: "7.2" @@ -166,12 +176,17 @@ matrix: helm_key: alfresco-digital-workspace.image.tag pattern: *ga_pattern adminApp: - version: "7.6" + version: "7" compose_target: *compose72 compose_key: services.control-center.image helm_target: *helmvalues72 helm_key: alfresco-admin-app.image.tag pattern: *ga_pattern + ondrive: + version: "1.1" + helm_target: *helmvalues + helm_key: ooiService.image.tag + pattern: *ga_hotfixes_pattern 7.1.N: acs: version: "7.1" @@ -220,6 +235,11 @@ matrix: helm_target: *helmvalues71 helm_key: alfresco-digital-workspace.image.tag pattern: *ga_pattern + ondrive: + version: "1.1" + helm_target: *helmvalues + helm_key: ooiService.image.tag + pattern: *ga_hotfixes_pattern 7.0.N: acs: version: "7.0" @@ -280,3 +300,8 @@ matrix: helm_key: alfresco-search.searchServicesImage.tag pattern: *development_pattern image: docker.io/alfresco/alfresco-search-services + ondrive: + version: "1.1" + helm_target: *helmvalues + helm_key: ooiService.image.tag + pattern: *ga_hotfixes_pattern diff --git a/updatecli.d/uber-manifest.tpl b/updatecli.d/uber-manifest.tpl index b92b1be41..168c9674c 100644 --- a/updatecli.d/uber-manifest.tpl +++ b/updatecli.d/uber-manifest.tpl @@ -44,7 +44,7 @@ sources: name: Alfresco admin application tag kind: dockerimage spec: - image: quay.io/alfresco/alfresco-admin-app + image: quay.io/alfresco/alfresco-control-center {{ template "quay_auth" }} versionFilter: kind: regex @@ -127,6 +127,18 @@ sources: pattern: >- ^{{ index . "sync" "version" }}{{ index . "sync" "pattern" }}$ {{- end }} + {{- if index . "onedrive" }} + onedriveTag: + name: Onedrive (OOI) Service image tag + kind: dockerimage + spec: + image: quay.io/alfresco/alfresco-ooi-service + {{ template "quay_auth" }} + versionFilter: + kind: regex + pattern: >- + ^{{ index . "onedrive" "version" }}{{ index . "onedrive" "pattern" }}$ + {{- end }} @@ -273,6 +285,17 @@ targets: file: {{ .share.helm_target }} key: >- {{ .share.helm_key }} + {{- if index . "onedrive" }} + onedriveValues: + name: Onedrive image tag + kind: yaml + scmid: ourRepo + sourceid: onedriveTag + spec: + file: {{ .onedrive.helm_target }} + key: >- + {{ .onedrive.helm_key }} + {{- end }} {{- if index . "sync" }} syncCompose: name: Sync image tag From 0fa7990f0b4d2b4d1900dc5267df420537c37034 Mon Sep 17 00:00:00 2001 From: Giovanni Toraldo Date: Thu, 16 Mar 2023 08:59:41 +0100 Subject: [PATCH 16/26] OPSEXP-1881 Update docs for the new EBS CSI driver (#905) --- docs/helm/eks-deployment.md | 121 +++++++++++++++++++++--- docs/helm/examples/with-aws-services.md | 75 ++++++++------- 2 files changed, 152 insertions(+), 44 deletions(-) diff --git a/docs/helm/eks-deployment.md b/docs/helm/eks-deployment.md index 2c29e5d61..e22caf0eb 100644 --- a/docs/helm/eks-deployment.md +++ b/docs/helm/eks-deployment.md @@ -1,8 +1,12 @@ # Alfresco Content Services Helm Deployment with AWS EKS -This page describes how to deploy Alfresco Content Services (ACS) Enterprise or Community using [Helm](https://helm.sh) onto [EKS](https://aws.amazon.com/eks). +This page describes how to deploy Alfresco Content Services (ACS) Enterprise or +Community using [Helm](https://helm.sh) onto [EKS](https://aws.amazon.com/eks). -Amazon's EKS (Elastic Container Service for Kubernetes) makes it easy to deploy, manage, and scale containerized applications using Kubernetes on AWS. EKS runs the Kubernetes management infrastructure for you across multiple AWS availability zones to eliminate a single point of failure. +Amazon's EKS (Elastic Container Service for Kubernetes) makes it easy to deploy, +manage, and scale containerized applications using Kubernetes on AWS. EKS runs +the Kubernetes management infrastructure for you across multiple AWS +availability zones to eliminate a single point of failure. The Enterprise configuration will deploy the following system: @@ -18,21 +22,58 @@ The Community configuration will deploy the following system: * You've read the [main Helm README](./README.md) page * You are proficient in AWS and Kubernetes +Make sure to have installed: + +* [kubectl](https://docs.aws.amazon.com/eks/latest/userguide/install-kubectl.html) +* [eksctl](https://docs.aws.amazon.com/eks/latest/userguide/eksctl.html) +* [helm](https://docs.aws.amazon.com/eks/latest/userguide/helm.html) + +To better troubleshoot any issue, you may want to install applications such as: + +* [lens](https://k8slens.dev/) (GUI) +* [k9s](https://k9scli.io/) (CLI) + ## Setup An EKS Cluster -Follow the [AWS EKS Getting Started -Guide](https://docs.aws.amazon.com/eks/latest/userguide/getting-started-eksctl.html) -to create a cluster and prepare your local machine to connect to the cluster. -Use the "Managed nodes - Linux" option and specify a `--node-type`. Most common -choices are `m5.xlarge` and `t3.xlarge`. +There are multiple ways to setup an EKS cluster, but one of the most simple is +by using `eksctl`. This section will guide you in creating a new EKS cluster +that satisfy the minimum requirements to have a basic ACS installation up and +running. + +Set the default region you want to work on, to avoid having to add `--region` to +every command: + +```sh +export AWS_DEFAULT_REGION=eu-west-1 +``` + +Set the cluster name in an environment variable that can be reused later: + +```sh +EKS_CLUSTER_NAME=my-alfresco-eks +``` + +Create the cluster using a supported version (we are currently testing against +1.24). Most common choices for instance types are `m5.xlarge` and `t3.xlarge`: -As we'll be using Helm to deploy the ACS chart follow the [Using Helm with EKS](https://docs.aws.amazon.com/eks/latest/userguide/helm.html) instructions to setup helm on your local machine. +```sh +eksctl create cluster --name $EKS_CLUSTER_NAME --version 1.24 --instance-types t3.xlarge +``` -Optionally, to help troubleshoot issues with your cluster either follow the tutorial to [deploy the Kubernetes Dashboard](https://docs.aws.amazon.com/eks/latest/userguide/dashboard-tutorial.html) to your cluster or download and use the [Lens application](https://k8slens.dev) from your local machine. +Enable the OIDC provider that is necessary to install further EKS addons later: + +```sh +eksctl utils associate-iam-oidc-provider --cluster=$EKS_CLUSTER_NAME —approve +``` + +For further information please refer to the [Getting started with Amazon EKS – +eksctl](https://docs.aws.amazon.com/eks/latest/userguide/getting-started-eksctl.html) +guide. ## Prepare The Cluster For ACS -Now we have an EKS cluster up and running there are a few one time steps we need to perform to prepare the cluster for ACS to be installed. +Now that we have an EKS cluster up and running, there are a few one time steps +that we need to perform to prepare the cluster for ACS to be installed. ### DNS @@ -128,7 +169,30 @@ Now we have an EKS cluster up and running there are a few one time steps we need ![Attach Policy](./diagrams/eks-attach-policy.png) -### File System +### Storage + +There are multiple storage options available when deploying on AWS. + +For the main [content-store](https://docs.alfresco.com/content-services/latest/admin/content-stores/), you can alternatively: + +* Use an Elastic File System, installing the ([EFS CSI driver](#efs-csi-driver)) + (the default we suggest, see `storageClass="nfs-client"` values in [helm + install section](#latest-enterprise-version)) +* Use an EBS block-storage, enabling [EBS CSI driver](#ebs-csi-driver) (not + possible with Enterprise in clustered mode) +* Use a bucket on [S3](examples/with-aws-services.md#s3) + +For the [database](https://docs.alfresco.com/content-services/latest/config/databases/), you can alternatively: + +* Use the embedded postgres instance provided by the helm chart by default, enabling [EBS CSI driver](#ebs-csi-driver) +* Use [RDS](examples/with-aws-services.md#rds) + +For the [messaging broker](https://docs.alfresco.com/content-services/latest/config/activemq/), you can alternatively: + +* Use the embedded activemq provided by the helm chart by default, enabling [EBS CSI driver](#ebs-csi-driver) +* Use [Amazon MQ](examples/with-aws-services.md#amazon-mq) + +#### EFS CSI Driver 1. Create an Elastic File System in the VPC created by EKS using [these steps](https://docs.aws.amazon.com/efs/latest/ug/creating-using-create-fs.html) ensuring a mount target is created in each subnet. Make a note of the File System ID (circled in the screenshot below). @@ -177,6 +241,41 @@ Now we have an EKS cluster up and running there are a few one time steps we need > Note: the `storageClass` is set to `Retain` for obvious safety reasons. That however means kubernetes administrator need to take care of volume cleanup. +#### EBS CSI Driver + +> Since EKS 1.24 it is mandatory to install EBS CSI Driver for the dynamic +> provisioning via the default `gp2` storage class. Upgrading from 1.23 without +> it will break any existing PVC. + +Set the aws account id in an environment variable that can be reused later: + +```sh +AWS_ACCOUNT_ID=$(aws sts get-caller-identity --query Account --output text) +``` + +Create the IAM Service Account with access to EBS that will be used by the driver: + +```sh +eksctl create iamserviceaccount \ + --name ebs-csi-controller-sa \ + --namespace kube-system \ + --cluster $EKS_CLUSTER_NAME \ + --attach-policy-arn arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy \ + --approve \ + --role-only \ + --role-name AmazonEKS_EBS_CSI_DriverRole +``` + +Enable the addon referencing the IAM role created previously: + +```sh +eksctl create addon --name aws-ebs-csi-driver --cluster $EKS_CLUSTER_NAME --service-account-role-arn arn:aws:iam::$AWS_ACCOUNT_ID:role/AmazonEKS_EBS_CSI_DriverRole --force +``` + +At this point the provisioning of EBS volumes using the default GP2 storageClass will be handled by this driver. + +For further information please refer to the official [Amazon EBS CSI driver](https://docs.aws.amazon.com/eks/latest/userguide/ebs-csi.html) guide. + ## Deploy Now the EKS cluster is setup we can deploy ACS. diff --git a/docs/helm/examples/with-aws-services.md b/docs/helm/examples/with-aws-services.md index bddbfe1bd..f936ef112 100644 --- a/docs/helm/examples/with-aws-services.md +++ b/docs/helm/examples/with-aws-services.md @@ -1,5 +1,14 @@ # Alfresco Content Services Helm Deployment with AWS Services +- [Alfresco Content Services Helm Deployment with AWS Services](#alfresco-content-services-helm-deployment-with-aws-services) + - [Prerequisites](#prerequisites) + - [Setup Services](#setup-services) + - [S3](#s3) + - [RDS](#rds) + - [Amazon MQ](#amazon-mq) + - [Amazon Opensearch](#amazon-opensearch) + - [Deploy](#deploy) + This example describes how to deploy ACS onto [EKS](https://aws.amazon.com/eks) and use [S3](https://aws.amazon.com/s3) for content storage, [RDS](https://aws.amazon.com/rds) as an external database and @@ -22,11 +31,11 @@ EFS volume is only used by the SFS service. Persistence for SFS can actually be withdrawn so no EFS volume is needed anymore. Please make sure you understand the implications below: -* Renditions performed for "in-flight" documents may be lost. By "in-flight" we +- Renditions performed for "in-flight" documents may be lost. By "in-flight" we mean documents that are currently being uploaded to the repository. Generation of these renditions can be retried, and this retry will happen when using Alfresco UI and trying to access the content again. -* Without a truly persistent volume you can only have one single SFS pod. A +- Without a truly persistent volume you can only have one single SFS pod. A single pod is the default configuration as we do not anticipate high load for this component and we rely on Kubernetes orchestration to in case the pod crashes. Though if your use-case requires higher availability standards, you @@ -111,17 +120,17 @@ the information required to deploy ACS. 1. Create an Aurora cluster using the "Create database" wizard in the [RDS Console](https://console.aws.amazon.com/rds/home). - * Select the "Standard Create" option so you can choose the VPC later - * Select the "Amazon Aurora with PostgreSQL compatibility" Edition - * Select "14.3" for the Version - * Provide a "DB cluster identifier" of your choosing - * Change the "Master username" to `alfresco` - * In the "Connectivity" section select the VPC created by eksctl that + - Select the "Standard Create" option so you can choose the VPC later + - Select the "Amazon Aurora with PostgreSQL compatibility" Edition + - Select "14.3" for the Version + - Provide a "DB cluster identifier" of your choosing + - Change the "Master username" to `alfresco` + - In the "Connectivity" section select the VPC created by eksctl that contains your EKS cluster - * Expand the "Additional configuration" section and provide a "Initial + - Expand the "Additional configuration" section and provide a "Initial database name" of `alfresco` - * Leave all other options set to the default - * Press the orange "Create database" button + - Leave all other options set to the default + - Press the orange "Create database" button 2. Once the cluster has been created (it can take a few minutes) make a note of the generated master password using the "View credentials details" button in @@ -144,20 +153,20 @@ the information required to deploy ACS. 1. Create an Amazon MQ broker using the "Create brokers" wizard in the [MQ Console](https://console.aws.amazon.com/amazon-mq/home). - * In "Broker engine types", select "Apache ActiveMQ" - * In "Deployment Mode", select "Single-instance broker" if you are just + - In "Broker engine types", select "Apache ActiveMQ" + - In "Deployment Mode", select "Single-instance broker" if you are just testing or "Active/standby broker" option for production environments - * Provide a "Broker name" of your choosing - * In "Broker instance type", avoid any `mq.*.micro` type that has + - Provide a "Broker name" of your choosing + - In "Broker instance type", avoid any `mq.-.micro` type that has [limited_max_connections](https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/amazon-mq-limits.html#broker-limits) and won't work with default Alfresco settings - * In "ActiveMQ Access", specify an username and a password of your choice - * In "Additional settings", choose the "Select existing VPC and subnet(s)" option - * Select the VPC created by eksctl that contains your EKS cluster - * Choose the "Select existing security groups" option and select the VPC's + - In "ActiveMQ Access", specify an username and a password of your choice + - In "Additional settings", choose the "Select existing VPC and subnet(s)" option + - Select the VPC created by eksctl that contains your EKS cluster + - Choose the "Select existing security groups" option and select the VPC's default security group from the list - * Leave all other options set to the default - * Proceed with "Create broker" button + - Leave all other options set to the default + - Proceed with "Create broker" button 2. Once the broker has been created (it takes 20 minutes on average) view the broker details and click on the link to the security group. @@ -177,21 +186,21 @@ the information required to deploy ACS. 1. Create an Elasticsearch domain using AWS web console. - * Hit the "Create domain" button - * In "Deployment type", choose between "Production" or "Development and + - Hit the "Create domain" button + - In "Deployment type", choose between "Production" or "Development and testing" depending on your use case - * In "Version", select "Elasticsearch 7.10" - * Adjust "Data nodes" settings as you prefer, T3 instance types are the most + - In "Version", select "Elasticsearch 7.10" + - Adjust "Data nodes" settings as you prefer, T3 instance types are the most affordable options for small clusters. - * In "Network", select the EKS VPC or "Public access" if Alfresco will run + - In "Network", select the EKS VPC or "Public access" if Alfresco will run outside AWS. - * If required, select a security group with an inbound access for 443/tcp + - If required, select a security group with an inbound access for 443/tcp port - * In "Fine-grained access control", select "Create master user" and specify + - In "Fine-grained access control", select "Create master user" and specify your preferred username and password credentials - * In "Access policy", select "Only use fine-grained access control". - * Unfold the "Advanced cluster settings" and set "Max clause count" to `10240` - * Hit "Create" button. + - In "Access policy", select "Only use fine-grained access control". + - Unfold the "Advanced cluster settings" and set "Max clause count" to `10240` + - Hit "Create" button. 2. Once the domain has been created, take note of the "Domain endpoint" 3. If not already allowed, add 443/tcp access to the security group associated @@ -278,9 +287,9 @@ helm -n alfresco install acs ./alfresco/alfresco-content-services \ If you're deploying from the registry of charts you can't update the `values.yml` file. Instead you either: -* use a local copy of the `values.yml` file amended as shown above (and use the +- use a local copy of the `values.yml` file amended as shown above (and use the ```helm install -f my-values.yml ...``` -* use ```--set``` options to pass individual values. +- use ```--set``` options to pass individual values. Note however that the main `values.yml` file uses [YAML_anchors_and_aliases](https://yaml.org/spec/1.2.2/#3222-anchors-and-aliases) From 6a68cbc7ab2acff1606f5aaf48257609056f1609 Mon Sep 17 00:00:00 2001 From: Saurabh Lohe <105858985+slohe1@users.noreply.github.com> Date: Fri, 17 Mar 2023 16:13:18 +0530 Subject: [PATCH 17/26] OPSEXP-2013 New values file for desktop deployment and update doc (#909) --- docs/helm/docker-desktop-deployment.md | 62 ++++--------- docs/helm/values/local-dev-values.yaml | 120 +++++++++++++++++++++++++ 2 files changed, 136 insertions(+), 46 deletions(-) create mode 100644 docs/helm/values/local-dev-values.yaml diff --git a/docs/helm/docker-desktop-deployment.md b/docs/helm/docker-desktop-deployment.md index 4efb6f718..270269cc4 100644 --- a/docs/helm/docker-desktop-deployment.md +++ b/docs/helm/docker-desktop-deployment.md @@ -117,7 +117,7 @@ helm install acs alfresco/alfresco-content-services \ > NOTE: The command will wait until the deployment is ready so please be patient. -#### Enterprise +#### Enterprise localhost deployment See the [registry authentication](registry-authentication.md) page to configure credentials to access the Alfresco Enterprise registry. @@ -127,32 +127,18 @@ and therefore requires a large amount of resources out-of-the-box. To reduce the size of the deployment so it can run on a single machine we'll need to reduce the number of pods deployed and the memory requirements for several others. -Fortunately this can all be achieved with one, albeit large, command as shown below: +To install the Enterprise on localhost we need to use the local-dev-values.yaml + +```bash +curl -fO https://raw.githubusercontent.com/Alfresco/acs-deployment/master/docs/helm/values/local-dev-values.yaml +``` + +Once downloaded execute the command below to deploy. ```bash helm install acs alfresco/alfresco-content-services \ - --set externalPort="80" \ - --set externalProtocol="http" \ - --set externalHost="localhost" \ + --values local-dev-values.yaml \ --set global.tracking.sharedsecret=$(openssl rand -hex 24) \ - --set global.alfrescoRegistryPullSecrets=quay-registry-secret \ - --set repository.replicaCount=1 \ - --set transformrouter.replicaCount=1 \ - --set pdfrenderer.replicaCount=1 \ - --set imagemagick.replicaCount=1 \ - --set libreoffice.replicaCount=1 \ - --set tika.replicaCount=1 \ - --set transformmisc.replicaCount=1 \ - --set postgresql-syncservice.resources.requests.memory="500Mi" \ - --set postgresql-syncservice.resources.limits.memory="500Mi" \ - --set postgresql.resources.requests.memory="500Mi" \ - --set postgresql.resources.limits.memory="500Mi" \ - --set alfresco-search.resources.requests.memory="1000Mi" \ - --set alfresco-search.resources.limits.memory="1000Mi" \ - --set share.resources.limits.memory="1500Mi" \ - --set share.resources.requests.memory="1500Mi" \ - --set repository.resources.limits.memory="2500Mi" \ - --set repository.resources.requests.memory="2500Mi" \ --atomic \ --timeout 10m0s \ --namespace alfresco @@ -160,35 +146,19 @@ helm install acs alfresco/alfresco-content-services \ > NOTE: The command will wait until the deployment is ready so please be patient. See below for [troubleshooting](./docker-desktop-deployment.md#troubleshooting) tips. -The command above installs the latest version of ACS Enterprise. To deploy a previous version of ACS Enterprise follow the steps below. +The command above installs the latest version of ACS Enterprise. + +#### Enterprise deployment for previous versions + +To deploy a previous version of ACS Enterprise follow the steps below. 1. Download the version specific values file you require from [this folder](../../helm/alfresco-content-services) 2. Deploy the specific version of ACS by running the following command: ```bash helm install acs alfresco/alfresco-content-services \ - --values=MAJOR.MINOR.N_values.yaml \ - --set externalPort="80" \ - --set externalProtocol="http" \ - --set externalHost="localhost" \ - --set global.alfrescoRegistryPullSecrets=quay-registry-secret \ - --set repository.replicaCount=1 \ - --set transformrouter.replicaCount=1 \ - --set pdfrenderer.replicaCount=1 \ - --set imagemagick.replicaCount=1 \ - --set libreoffice.replicaCount=1 \ - --set tika.replicaCount=1 \ - --set transformmisc.replicaCount=1 \ - --set postgresql-syncservice.resources.requests.memory="500Mi" \ - --set postgresql-syncservice.resources.limits.memory="500Mi" \ - --set postgresql.resources.requests.memory="500Mi" \ - --set postgresql.resources.limits.memory="500Mi" \ - --set alfresco-search.resources.requests.memory="1000Mi" \ - --set alfresco-search.resources.limits.memory="1000Mi" \ - --set share.resources.limits.memory="1500Mi" \ - --set share.resources.requests.memory="1500Mi" \ - --set repository.resources.limits.memory="2500Mi" \ - --set repository.resources.requests.memory="2500Mi" \ + --values MAJOR.MINOR.N_values.yaml \ + --values local-dev-values.yaml \ --atomic \ --timeout 10m0s \ --namespace alfresco diff --git a/docs/helm/values/local-dev-values.yaml b/docs/helm/values/local-dev-values.yaml new file mode 100644 index 000000000..80600cbf3 --- /dev/null +++ b/docs/helm/values/local-dev-values.yaml @@ -0,0 +1,120 @@ +externalPort: "80" +externalProtocol: http +externalHost: localhost +activemq: + resources: + requests: + cpu: "100m" + memory: "512Mi" + limits: + cpu: "1000m" + memory: "1Gi" +repository: + replicaCount: 1 + persistence: + accessModes: + - ReadWriteOnce + resources: + requests: + cpu: "0.01" + memory: "1024Mi" + limits: + memory: "1560Mi" +transformrouter: + replicaCount: 1 +pdfrenderer: + resources: + requests: + cpu: "0.01" + memory: "256Mi" + limits: + memory: "512Mi" + replicaCount: 1 +imagemagick: + resources: + requests: + cpu: "0.01" + memory: "256Mi" + limits: + memory: "512Mi" + replicaCount: 1 +libreoffice: + resources: + requests: + cpu: "0.01" + memory: "512Mi" + limits: + memory: "1024Mi" + replicaCount: 1 +tika: + resources: + requests: + cpu: "0.01" + memory: "256Mi" + limits: + memory: "512Mi" + replicaCount: 1 +transformmisc: + resources: + requests: + cpu: "0.01" + memory: "256Mi" + limits: + memory: "512Mi" + replicaCount: 1 +postgresql: + resources: + requests: + cpu: "0.1" + memory: "500Mi" + limits: + cpu: "0.1" + memory: "500Mi" +alfresco-search: + resources: + requests: + cpu: 0.1 + memory: "1000Mi" + limits: + cpu: 0.1 + memory: "1500Mi" +alfresco-search-enterprise: + resources: + requests: + cpu: "100m" + memory: "128Mi" + limits: + cpu: "1" + memory: "1Gi" + elasticsearch: + esJavaOpts: "-Xmx512m -Xms512m" + resources: + requests: + cpu: "100m" + memory: "512Mi" + limits: + cpu: "1000m" + memory: "1Gi" +filestore: + resources: + requests: + cpu: "0.01" + memory: "128Mi" + limits: + cpu: 0.1 + memory: "512Mi" + replicaCount: 1 +share: + resources: + requests: + cpu: "0.01" + memory: "256Mi" + limits: + memory: "512Mi" +alfresco-sync-service: + syncservice: + enabled: false +postgresql-syncservice: + enabled: false +global: + alfrescoRegistryPullSecrets: quay-registry-secret From 18ef2a03f9b6a06634efb2fdbcb96262ae47e562 Mon Sep 17 00:00:00 2001 From: Alex Chapellon Date: Mon, 20 Mar 2023 09:16:10 +0100 Subject: [PATCH 18/26] OPSEXP-1854: integrate with independent sync chart (#912) --- .checkov/helm_vars.yaml | 5 +- docs/helm/docker-desktop-deployment.md | 2 +- docs/helm/examples/with-aws-services.md | 13 ++ docs/helm/security.md | 2 +- .../7.0.N_values.yaml | 13 +- .../7.1.N_values.yaml | 13 +- .../7.2.N_values.yaml | 13 +- helm/alfresco-content-services/Chart.yaml | 17 +-- helm/alfresco-content-services/README.md | 76 +++++------ .../charts/alfresco-sync-service/Chart.yaml | 21 --- .../charts/alfresco-sync-service/README.md | 85 ------------ .../alfresco-sync-service/README.md.gotmpl | 18 --- .../templates/_helpers.tpl | 12 -- .../templates/config-syncservice.yaml | 31 ----- .../templates/deployment-syncservice.yaml | 108 --------------- .../templates/ingress.yaml | 42 ------ .../templates/secret-database.yaml | 13 -- .../templates/svc-syncservice.yaml | 20 --- .../deployment-syncservice_disabled.yaml | 30 ----- .../charts/alfresco-sync-service/values.yaml | 125 ------------------ .../community_values.yaml | 4 +- .../templates/NOTES.txt | 2 +- .../templates/config-repository.yaml | 4 +- .../templates/deployment-repository.yaml | 2 +- .../templates/secret-database.yaml | 4 +- helm/alfresco-content-services/values.yaml | 123 ++++++++--------- test/community-integration-test-values.yaml | 14 +- 27 files changed, 145 insertions(+), 667 deletions(-) delete mode 100644 helm/alfresco-content-services/charts/alfresco-sync-service/Chart.yaml delete mode 100644 helm/alfresco-content-services/charts/alfresco-sync-service/README.md delete mode 100644 helm/alfresco-content-services/charts/alfresco-sync-service/README.md.gotmpl delete mode 100755 helm/alfresco-content-services/charts/alfresco-sync-service/templates/_helpers.tpl delete mode 100755 helm/alfresco-content-services/charts/alfresco-sync-service/templates/config-syncservice.yaml delete mode 100755 helm/alfresco-content-services/charts/alfresco-sync-service/templates/deployment-syncservice.yaml delete mode 100755 helm/alfresco-content-services/charts/alfresco-sync-service/templates/ingress.yaml delete mode 100755 helm/alfresco-content-services/charts/alfresco-sync-service/templates/secret-database.yaml delete mode 100755 helm/alfresco-content-services/charts/alfresco-sync-service/templates/svc-syncservice.yaml delete mode 100644 helm/alfresco-content-services/charts/alfresco-sync-service/tests/deployment-syncservice_disabled.yaml delete mode 100755 helm/alfresco-content-services/charts/alfresco-sync-service/values.yaml diff --git a/.checkov/helm_vars.yaml b/.checkov/helm_vars.yaml index 20cb7ef4e..b57c9153d 100644 --- a/.checkov/helm_vars.yaml +++ b/.checkov/helm_vars.yaml @@ -17,7 +17,8 @@ alfresco-admin-app: enabled: false postgresql: enabled: false -postgresql-syncservice: - enabled: false +alfresco-sync-service: + postgresql: + enabled: false database: external: true diff --git a/docs/helm/docker-desktop-deployment.md b/docs/helm/docker-desktop-deployment.md index 270269cc4..a3dccf380 100644 --- a/docs/helm/docker-desktop-deployment.md +++ b/docs/helm/docker-desktop-deployment.md @@ -204,7 +204,7 @@ The most common reason for deployment failures with Docker for Desktop is lack o To save the deployment of two more pods you can also try disabling the Sync Service, to do that provide the additional `--set` option below with your helm install command: ```bash ---set alfresco-sync-service.syncservice.enabled=false +--set alfresco-sync-service.enabled=false ``` If you need to reduce the memory footprint further the JVM memory settings in most pods use the `MaxRAMPercentage` option so lowering the various `limits.memory` and `requests.memory` values will also reduce the JVM memory allocation. diff --git a/docs/helm/examples/with-aws-services.md b/docs/helm/examples/with-aws-services.md index f936ef112..b8f6069bb 100644 --- a/docs/helm/examples/with-aws-services.md +++ b/docs/helm/examples/with-aws-services.md @@ -148,6 +148,12 @@ the information required to deploy ACS. 5. Finally, take a note of the database Endpoint (shown in the screenshot in step 3) +> Note: Alfresco Sync Service also needs to have its own schema. Either you'll +> want to create a second schema on the same RDS instance (and then use the +> same JDBC connection parameter but changeing the database name part), or you +> can repeat the same RDS instance creation and repository and syncservice will +> use different RDS instances. + ### Amazon MQ 1. Create an Amazon MQ broker using the "Create brokers" wizard in the @@ -275,6 +281,10 @@ alfresco-search-enterprise: enabled: true alfresco-sync-service: messageBroker: *acs_messageBroker + database: + url: jdbc:postgresql://SYNC-SERVICE-DATABASE-ENDPOINT:5432/ + user: alfresco + password: YOUR-SYNCDB-PASSWORD ``` Then you can deploy using: @@ -331,6 +341,9 @@ helm -n alfresco install acs \ --set messageBroker.url="YOUR-MQ-ENDPOINT" \ --set messageBroker.user="alfresco" \ --set messageBroker.password="YOUR-MQ-PASSWORD" \ + --set alfresco-sync-service.database.url="jdbc:postgresql://SYNC-SERVICE-DATABASE-ENDPOINT:5432/" \ + --set alfresco-sync-service.database.user="alfresco" \ + --set alfresco-sync-service.database.password="YOUR-SYNCDB-PASSWORD" \ --set alfresco-sync-service.messageBroker.url="YOUR-MQ-ENDPOINT" \ --set alfresco-sync-service.messageBroker.user="alfresco" \ --set alfresco-sync-service.messageBroker.password="YOUR-MQ-PASSWORD" \ diff --git a/docs/helm/security.md b/docs/helm/security.md index dad0f9509..bbc4f65b2 100644 --- a/docs/helm/security.md +++ b/docs/helm/security.md @@ -51,4 +51,4 @@ can be provided using existing Kubernetes Secrets: * [activemq](https://github.com/Alfresco/alfresco-helm-charts/blob/main/charts/activemq/README.md) * [alfresco-search-enterprise](https://github.com/Alfresco/alfresco-helm-charts/blob/main/charts/alfresco-search-enterprise/README.md) * [alfresco-search](../../helm/alfresco-content-services/charts/alfresco-search/README.md) -* [alfresco-sync-service](../../helm/alfresco-content-services/charts/alfresco-sync-service/README.md) +* [alfresco-sync-service](https://github.com/Alfresco/alfresco-helm-charts/blob/main/charts/alfresco-sync-service/README.md) diff --git a/helm/alfresco-content-services/7.0.N_values.yaml b/helm/alfresco-content-services/7.0.N_values.yaml index 224b61fa4..5fc3c8e7f 100644 --- a/helm/alfresco-content-services/7.0.N_values.yaml +++ b/helm/alfresco-content-services/7.0.N_values.yaml @@ -1,3 +1,4 @@ +--- # ACS 7.0.N values repository: image: @@ -38,13 +39,13 @@ alfresco-digital-workspace: postgresql: image: tag: 13.1.0 -postgresql-syncservice: - image: - tag: 13.1.0 alfresco-sync-service: - syncservice: - image: - tag: 3.7.2 + image: + tag: 3.7.2 + postgresql: + primary: + image: + tag: 13.1.0 global: tracking: auth: none diff --git a/helm/alfresco-content-services/7.1.N_values.yaml b/helm/alfresco-content-services/7.1.N_values.yaml index 7ea77c9ea..77ccdf40b 100644 --- a/helm/alfresco-content-services/7.1.N_values.yaml +++ b/helm/alfresco-content-services/7.1.N_values.yaml @@ -1,3 +1,4 @@ +--- # ACS 7.1.N values repository: image: @@ -52,16 +53,16 @@ alfresco-search-enterprise: postgresql: image: tag: 13.3.0 -postgresql-syncservice: - image: - tag: 13.3.0 alfresco-digital-workspace: image: tag: 2.6.2 alfresco-sync-service: - syncservice: - image: - tag: 3.7.2 + image: + tag: 3.7.2 + postgresql: + primary: + image: + tag: 13.3.0 global: tracking: auth: none diff --git a/helm/alfresco-content-services/7.2.N_values.yaml b/helm/alfresco-content-services/7.2.N_values.yaml index 121bf23cd..10dda214e 100644 --- a/helm/alfresco-content-services/7.2.N_values.yaml +++ b/helm/alfresco-content-services/7.2.N_values.yaml @@ -1,3 +1,4 @@ +--- # ACS 7.2.N values repository: image: @@ -64,10 +65,10 @@ alfresco-admin-app: postgresql: image: tag: 13.3.0 -postgresql-syncservice: - image: - tag: 13.3.0 alfresco-sync-service: - syncservice: - image: - tag: 3.7.2 + image: + tag: 3.7.2 + postgresql: + primary: + image: + tag: 13.3.0 diff --git a/helm/alfresco-content-services/Chart.yaml b/helm/alfresco-content-services/Chart.yaml index 6fbf92985..c5e1b2ebd 100644 --- a/helm/alfresco-content-services/Chart.yaml +++ b/helm/alfresco-content-services/Chart.yaml @@ -21,16 +21,9 @@ dependencies: version: 1.0.0 repository: https://alfresco.github.io/alfresco-helm-charts/ - name: postgresql - version: 10.16.2 - repository: >- - https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami/ + version: 12.x.x + repository: oci://registry-1.docker.io/bitnamicharts condition: postgresql.enabled - - name: postgresql - version: 10.16.2 - repository: >- - https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami/ - alias: postgresql-syncservice - condition: postgresql-syncservice.enabled - name: common alias: alfresco-admin-app repository: https://activiti.github.io/activiti-cloud-helm-charts @@ -50,10 +43,12 @@ dependencies: - name: alfresco-search version: 1.2.0-SNAPSHOT condition: alfresco-search.enabled + - name: alfresco-sync-service + repository: https://alfresco.github.io/alfresco-helm-charts/ + version: 4.0.4 + condition: alfresco-sync-service.enabled - name: alfresco-search-enterprise version: 1.0.0 repository: https://alfresco.github.io/alfresco-helm-charts/ condition: alfresco-search-enterprise.enabled - - name: alfresco-sync-service - version: 3.2.0-SNAPSHOT icon: https://avatars0.githubusercontent.com/u/391127?s=200&v=4 diff --git a/helm/alfresco-content-services/README.md b/helm/alfresco-content-services/README.md index ed0b6223a..0c6c6097b 100644 --- a/helm/alfresco-content-services/README.md +++ b/helm/alfresco-content-services/README.md @@ -17,14 +17,13 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | Repository | Name | Version | |------------|------|---------| | | alfresco-search | 1.2.0-SNAPSHOT | -| | alfresco-sync-service | 3.2.0-SNAPSHOT | | https://activiti.github.io/activiti-cloud-helm-charts | alfresco-admin-app(common) | 7.7.0 | | https://activiti.github.io/activiti-cloud-helm-charts | alfresco-digital-workspace(common) | 7.7.0 | | https://alfresco.github.io/alfresco-helm-charts/ | activemq | 3.0.1 | | https://alfresco.github.io/alfresco-helm-charts/ | alfresco-common | 1.0.0 | | https://alfresco.github.io/alfresco-helm-charts/ | alfresco-search-enterprise | 1.0.0 | -| https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami/ | postgresql | 10.16.2 | -| https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami/ | postgresql-syncservice(postgresql) | 10.16.2 | +| https://alfresco.github.io/alfresco-helm-charts/ | alfresco-sync-service | 4.0.4 | +| oci://registry-1.docker.io/bitnamicharts | postgresql | 12.x.x | ## Values @@ -33,6 +32,7 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | activemq.adminUser.password | string | `"admin"` | Default password for the embedded broker admin user | | activemq.adminUser.user | string | `"admin"` | Default username for the embedded broker admin user | | activemq.enabled | bool | `true` | | +| activemq.nameOverride | string | `"activemq"` | | | activemq.nodeSelector | object | `{}` | Possibility to choose Node for pod, with a key-value pair label e.g {"kubernetes.io/hostname": multinode-demo-m02} | | aiTransformer.environment.JAVA_OPTS | string | `"-XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80"` | | | aiTransformer.image.internalPort | int | `8090` | | @@ -123,15 +123,20 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | alfresco-search.repository.host | string | `"alfresco-cs"` | | | alfresco-search.repository.port | int | `80` | | | alfresco-search.type | string | `"search-services"` | | -| alfresco-sync-service.image.repository | string | `"quay.io/alfresco/service-sync"` | | -| alfresco-sync-service.image.tag | string | `"3.8.0"` | | -| alfresco-sync-service.messageBroker.existingSecretName | string | `nil` | Alternatively, provide credentials via an existing secret that contains BROKER_URL, BROKER_USERNAME and BROKER_PASSWORD keys | -| alfresco-sync-service.messageBroker.password | string | `nil` | | -| alfresco-sync-service.messageBroker.secretName | string | `"acs-alfresco-cs-brokersecret"` | Name of the secret managed by this chart | -| alfresco-sync-service.messageBroker.url | string | `nil` | | -| alfresco-sync-service.messageBroker.user | string | `nil` | | -| alfresco-sync-service.nodeSelector | object | `{}` | | -| alfresco-sync-service.syncservice.enabled | bool | `true` | | +| alfresco-sync-service.enabled | bool | `true` | Toggle deployment of Alfresco Sync Service (Desktop-Sync) Check [Alfresco Sync Service Documentation](https://github.com/Alfresco/alfresco-helm-charts/tree/main/charts/alfresco-sync-service) | +| alfresco-sync-service.messageBroker.existingSecretName | string | `"acs-alfresco-cs-brokersecret"` | | +| alfresco-sync-service.postgresql.auth.database | string | `"syncservice-postgresql"` | | +| alfresco-sync-service.postgresql.auth.enablePostgresUser | bool | `false` | | +| alfresco-sync-service.postgresql.auth.password | string | `"admin"` | | +| alfresco-sync-service.postgresql.auth.username | string | `"alfresco"` | | +| alfresco-sync-service.postgresql.enabled | bool | `true` | | +| alfresco-sync-service.postgresql.image.tag | string | `"14.4.0"` | | +| alfresco-sync-service.postgresql.primary.resources.limits.cpu | string | `"4"` | | +| alfresco-sync-service.postgresql.primary.resources.limits.memory | string | `"1500Mi"` | | +| alfresco-sync-service.postgresql.primary.resources.requests.cpu | string | `"0.5"` | | +| alfresco-sync-service.postgresql.primary.resources.requests.memory | string | `"1500Mi"` | | +| alfresco-sync-service.repository.nameOverride | string | `"alfresco-cs-repository"` | | +| alfresco-sync-service.repository.port | int | `80` | | | apiexplorer | object | `{"ingress":{"path":"/api-explorer"}}` | Declares the api-explorer service used by the content repository | | database.driver | string | `nil` | Postgresql jdbc driver name ex: org.postgresql.Driver. It should be available in the container image. | | database.existingSecretName | string | `nil` | An existing secret that contains DATABASE_USERNAME and DATABASE_PASSWORD keys. When using embedded postgres you need to also set `postgresql.existingSecret`. | @@ -229,44 +234,23 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | ooiService.service.name | string | `"ooi-service"` | | | ooiService.service.type | string | `"ClusterIP"` | | | pdfrenderer | object | `{"environment":{"JAVA_OPTS":"-XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80"},"image":{"internalPort":8090,"pullPolicy":"IfNotPresent","repository":"alfresco/alfresco-pdf-renderer","tag":"3.0.0"},"livenessProbe":{"initialDelaySeconds":10,"livenessPercent":150,"livenessTransformPeriodSeconds":600,"maxTransformSeconds":1200,"maxTransforms":10000,"periodSeconds":20,"timeoutSeconds":10},"nodeSelector":{},"podSecurityContext":{"runAsNonRoot":true,"runAsUser":33001},"readinessProbe":{"initialDelaySeconds":20,"periodSeconds":60,"timeoutSeconds":10},"replicaCount":2,"resources":{"limits":{"cpu":"2","memory":"1000Mi"},"requests":{"cpu":"0.25","memory":"300Mi"}},"service":{"externalPort":80,"name":"pdfrenderer","type":"ClusterIP"}}` | Declares the alfresco-pdf-renderer service used by the content repository to transform pdf files | -| postgresql-syncservice.commonAnnotations.application | string | `"alfresco-content-services"` | | -| postgresql-syncservice.enabled | bool | `true` | Enable embedded postgres for Alfresco Sync service leveraging the postgresql Bitnami chart | -| postgresql-syncservice.image.pullPolicy | string | `"IfNotPresent"` | | -| postgresql-syncservice.image.tag | string | `"14.4.0"` | | -| postgresql-syncservice.name | string | `"postgresql-syncservice"` | | -| postgresql-syncservice.nameOverride | string | `"postgresql-syncservice"` | | -| postgresql-syncservice.postgresqlDatabase | string | `"syncservice-postgresql"` | | -| postgresql-syncservice.postgresqlExtendedConf.log_min_messages | string | `"LOG"` | | -| postgresql-syncservice.postgresqlExtendedConf.max_connections | int | `450` | | -| postgresql-syncservice.postgresqlPassword | string | `"admin"` | | -| postgresql-syncservice.postgresqlUsername | string | `"alfresco"` | | -| postgresql-syncservice.primary.nodeSelector | object | `{}` | | -| postgresql-syncservice.replicaCount | int | `1` | | -| postgresql-syncservice.resources.limits.cpu | string | `"4"` | | -| postgresql-syncservice.resources.limits.memory | string | `"1500Mi"` | | -| postgresql-syncservice.resources.requests.cpu | string | `"0.5"` | | -| postgresql-syncservice.resources.requests.memory | string | `"1500Mi"` | | -| postgresql-syncservice.service.port | int | `5432` | | +| postgresql.auth.database | string | `"alfresco"` | | +| postgresql.auth.existingSecret | string | `nil` | | +| postgresql.auth.password | string | `"alfresco"` | | +| postgresql.auth.username | string | `"alfresco"` | | | postgresql.commonAnnotations.application | string | `"alfresco-content-services"` | | -| postgresql.enabled | bool | `true` | Enable embedded postgres for Alfresco Content Services leveraging the postgresql Bitnami chart | -| postgresql.existingSecret | string | `nil` | Name of existing secret to use for PostgreSQL passwords The secret has to contain the keys postgresql-password which is the password for postgresqlUsername when it is different of postgres, postgresql-postgres-password which will override postgresqlPassword. The same secret must be set also as `database.existingSecretName` to provide the credentials to ACS. | +| postgresql.enabled | bool | `true` | Toggle embedded postgres for Alfresco Content Services repository Check [PostgreSQL Bitnami chart Documentation](https://github.com/bitnami/charts/tree/main/bitnami/postgresql) | | postgresql.image.pullPolicy | string | `"IfNotPresent"` | | | postgresql.image.tag | string | `"14.4.0"` | | | postgresql.nameOverride | string | `"postgresql-acs"` | | -| postgresql.persistence.existingClaim | string | `nil` | provide an existing persistent volume claim name to persist SQL data Make sure the root folder has the appropriate permissions/ownhership set. | -| postgresql.persistence.storageClass | string | `nil` | set the storageClass to use for dynamic provisioning. setting it to null means "default storageClass". | -| postgresql.persistence.subPath | string | `"alfresco-content-services/database-data"` | | -| postgresql.postgresqlDatabase | string | `"alfresco"` | Postgresql database name | -| postgresql.postgresqlExtendedConf.log_min_messages | string | `"LOG"` | | -| postgresql.postgresqlExtendedConf.max_connections | int | `300` | | -| postgresql.postgresqlPassword | string | `"alfresco"` | Postgresql database password | -| postgresql.postgresqlUsername | string | `"alfresco"` | Postgresql database user | -| postgresql.primary.nodeSelector | object | `{}` | | -| postgresql.replicaCount | int | `1` | | -| postgresql.resources.limits.cpu | string | `"4"` | | -| postgresql.resources.limits.memory | string | `"1500Mi"` | | -| postgresql.resources.requests.cpu | string | `"0.5"` | | -| postgresql.resources.requests.memory | string | `"1500Mi"` | | +| postgresql.primary.extendedConfiguration | string | `"max_connections = 250\nshared_buffers = 512MB\neffective_cache_size = 2GB\nwal_level = minimal\nmax_wal_senders = 0\nmax_replication_slots = 0\nlog_min_messages = LOG\n"` | | +| postgresql.primary.persistence.existingClaim | string | `nil` | provide an existing persistent volume claim name to persist SQL data Make sure the root folder has the appropriate permissions/ownhership set. | +| postgresql.primary.persistence.storageClass | string | `nil` | set the storageClass to use for dynamic provisioning. setting it to null means "default storageClass". | +| postgresql.primary.persistence.subPath | string | `"alfresco-content-services/database-data"` | | +| postgresql.primary.resources.limits.cpu | string | `"8"` | | +| postgresql.primary.resources.limits.memory | string | `"8192Mi"` | | +| postgresql.primary.resources.requests.cpu | string | `"0.5"` | | +| postgresql.primary.resources.requests.memory | string | `"1500Mi"` | | | repository.adminPassword | string | `"209c6174da490caeb422f3fa5a7ae634"` | Administrator password for ACS in NTLM hash format to set at bootstrap time | | repository.command | list | `[]` | | | repository.edition | string | `"Enterprise"` | | diff --git a/helm/alfresco-content-services/charts/alfresco-sync-service/Chart.yaml b/helm/alfresco-content-services/charts/alfresco-sync-service/Chart.yaml deleted file mode 100644 index 51f9b38e7..000000000 --- a/helm/alfresco-content-services/charts/alfresco-sync-service/Chart.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -apiVersion: v2 -description: Alfresco Sync Service -keywords: - - syncservice - - alfresco - - application -name: alfresco-sync-service -sources: - - https://github.com/Alfresco/acs-deployment -version: 3.2.0-SNAPSHOT -appVersion: 4.0.0-M6 -icon: https://avatars0.githubusercontent.com/u/391127?s=200&v=4 -dependencies: - - name: common - repository: >- - https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami/ - version: 1.x.x - - name: alfresco-common - version: 1.0.0 - repository: https://alfresco.github.io/alfresco-helm-charts/ diff --git a/helm/alfresco-content-services/charts/alfresco-sync-service/README.md b/helm/alfresco-content-services/charts/alfresco-sync-service/README.md deleted file mode 100644 index d46616ced..000000000 --- a/helm/alfresco-content-services/charts/alfresco-sync-service/README.md +++ /dev/null @@ -1,85 +0,0 @@ -# alfresco-sync-service - -![Version: 3.2.0-SNAPSHOT](https://img.shields.io/badge/Version-3.2.0--SNAPSHOT-informational?style=flat-square) ![AppVersion: 4.0.0-M6](https://img.shields.io/badge/AppVersion-4.0.0--M6-informational?style=flat-square) - -Alfresco Sync Service - -## Source Code - -* - -## Requirements - -| Repository | Name | Version | -|------------|------|---------| -| https://alfresco.github.io/alfresco-helm-charts/ | alfresco-common | 1.0.0 | -| https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami/ | common | 1.x.x | - -## Values - -| Key | Type | Default | Description | -|-----|------|---------|-------------| -| contentServices.installationName | string | `nil` | Specify when installing as a standalone chart, not as a subchart of ACS. must match the release name of the ACS release | -| database | object | `{"external":false}` | Defines properties required by sync service for connecting to the database If you set database.external to true you will have to setup the JDBC driver, user, password and JdbcUrl as `driver`, `user`, `password` & `url` subelements of `database`. Also make sure that the container has the db driver | -| global | object | `{"alfrescoRegistryPullSecrets":"quay-registry-secret","strategy":{"rollingUpdate":{"maxSurge":1,"maxUnavailable":0}}}` | Global definition of Docker registry pull secret which can be overridden from parent ACS Helm chart(s) | -| ingress.extraAnnotations | string | `nil` | useful when running Sync service without SSL termination done by a load balancer, e.g. when ran on Minikube for testing purposes nginx.ingress.kubernetes.io/ssl-redirect: "false" | -| ingress.tls | list | `[]` | | -| initContainers.activemq.image.pullPolicy | string | `"IfNotPresent"` | | -| initContainers.activemq.image.repository | string | `"bash"` | | -| initContainers.activemq.image.tag | string | `"5.1.16"` | | -| initContainers.activemq.resources.limits.cpu | string | `"0.25"` | | -| initContainers.activemq.resources.limits.memory | string | `"10Mi"` | | -| initContainers.postgres.image.pullPolicy | string | `"IfNotPresent"` | | -| initContainers.postgres.image.repository | string | `"busybox"` | | -| initContainers.postgres.image.tag | string | `"1.35.0"` | | -| initContainers.postgres.resources.limits.cpu | string | `"0.25"` | | -| initContainers.postgres.resources.limits.memory | string | `"10Mi"` | | -| messageBroker | object | `{"existingSecretName":null,"url":null}` | messageBroker object allow to pass ActiveMQ connection details. url: provides URI formatted string, see: https://activemq.apache.org/failover-transport-reference user: username to authenticate as. password: credential to use to authenticate to the broker. | -| nodeSelector | object | `{}` | | -| podSecurityContext.fsGroup | int | `1000` | | -| podSecurityContext.runAsGroup | int | `1000` | | -| podSecurityContext.runAsNonRoot | bool | `true` | | -| podSecurityContext.runAsUser | int | `33020` | | -| postgresql-syncservice.enabled | bool | `true` | If true, install the postgresql chart alongside Alfresco Sync service. Note: Set this to false if you use an external database. | -| postgresql-syncservice.image.pullPolicy | string | `"IfNotPresent"` | | -| postgresql-syncservice.image.tag | string | `"11.7.0"` | | -| postgresql-syncservice.name | string | `"postgresql-syncservice"` | | -| postgresql-syncservice.nameOverride | string | `"postgresql-syncservice"` | | -| postgresql-syncservice.postgresConfig.log_min_messages | string | `"LOG"` | | -| postgresql-syncservice.postgresConfig.max_connections | int | `450` | | -| postgresql-syncservice.postgresqlDatabase | string | `"syncservice-postgresql"` | | -| postgresql-syncservice.postgresqlPassword | string | `"admin"` | | -| postgresql-syncservice.postgresqlUsername | string | `"alfresco"` | | -| postgresql-syncservice.replicaCount | int | `1` | | -| postgresql-syncservice.resources.limits.cpu | string | `"2"` | | -| postgresql-syncservice.resources.limits.memory | string | `"1500Mi"` | | -| postgresql-syncservice.resources.requests.cpu | string | `"0.5"` | | -| postgresql-syncservice.resources.requests.memory | string | `"600Mi"` | | -| postgresql-syncservice.service.port | int | `5432` | | -| replicaCount | int | `1` | | -| repository.host | string | `"alfresco-cs-repository"` | | -| repository.port | int | `80` | | -| syncservice.enabled | bool | `true` | | -| syncservice.environment.EXTRA_JAVA_OPTS | string | `""` | | -| syncservice.environment.JAVA_OPTS | string | `"-Dsync.metrics.reporter.graphite.enabled=false -Dsync.metrics.reporter.graphite.address=127.0.0.1 -Dsync.metrics.reporter.graphite.port=2003 -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80"` | | -| syncservice.image.internalPort | int | `9090` | | -| syncservice.image.pullPolicy | string | `"IfNotPresent"` | | -| syncservice.image.repository | string | `"quay.io/alfresco/service-sync"` | | -| syncservice.image.tag | string | `"4.0.0-M6"` | | -| syncservice.ingress.path | string | `"/syncservice"` | | -| syncservice.livenessProbe.initialDelaySeconds | int | `150` | | -| syncservice.livenessProbe.periodSeconds | int | `30` | | -| syncservice.livenessProbe.timeoutSeconds | int | `10` | | -| syncservice.readinessProbe.failureThreshold | int | `12` | | -| syncservice.readinessProbe.initialDelaySeconds | int | `20` | | -| syncservice.readinessProbe.periodSeconds | int | `10` | | -| syncservice.readinessProbe.timeoutSeconds | int | `10` | | -| syncservice.resources.limits.cpu | string | `"2"` | | -| syncservice.resources.limits.memory | string | `"2000Mi"` | | -| syncservice.resources.requests.cpu | string | `"0.5"` | | -| syncservice.resources.requests.memory | string | `"800Mi"` | | -| syncservice.service.externalPort | int | `80` | | -| syncservice.service.name | string | `"syncservice"` | | -| syncservice.service.type | string | `"NodePort"` | | - -Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/blob/master/docs/helm/README.md) for information on the Helm charts and deployment instructions. diff --git a/helm/alfresco-content-services/charts/alfresco-sync-service/README.md.gotmpl b/helm/alfresco-content-services/charts/alfresco-sync-service/README.md.gotmpl deleted file mode 100644 index 1fdf7d32f..000000000 --- a/helm/alfresco-content-services/charts/alfresco-sync-service/README.md.gotmpl +++ /dev/null @@ -1,18 +0,0 @@ -{{ template "chart.header" . }} -{{ template "chart.deprecationWarning" . }} - -{{ template "chart.badgesSection" . }} - -{{ template "chart.description" . }} - -{{ template "chart.homepageLine" . }} - -{{ template "chart.maintainersSection" . }} - -{{ template "chart.sourcesSection" . }} - -{{ template "chart.requirementsSection" . }} - -{{ template "chart.valuesSection" . }} - -Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/blob/master/docs/helm/README.md) for information on the Helm charts and deployment instructions. diff --git a/helm/alfresco-content-services/charts/alfresco-sync-service/templates/_helpers.tpl b/helm/alfresco-content-services/charts/alfresco-sync-service/templates/_helpers.tpl deleted file mode 100755 index 04adececc..000000000 --- a/helm/alfresco-content-services/charts/alfresco-sync-service/templates/_helpers.tpl +++ /dev/null @@ -1,12 +0,0 @@ -{{/* -Create a default fully qualified name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "syncservice.fullname" -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{- define "acs.release.name" -}} -{{- printf (.Values.contentServices.installationName | default .Release.Name) -}} -{{- end -}} diff --git a/helm/alfresco-content-services/charts/alfresco-sync-service/templates/config-syncservice.yaml b/helm/alfresco-content-services/charts/alfresco-sync-service/templates/config-syncservice.yaml deleted file mode 100755 index 9b93e4170..000000000 --- a/helm/alfresco-content-services/charts/alfresco-sync-service/templates/config-syncservice.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# Defines the properties required by the sync-service app -{{- if .Values.syncservice.enabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "syncservice.fullname" . }}-configmap - labels: - heritage: {{ .Release.Service }} - release: {{ .Release.Name }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - component: syncservice -data: - JAVA_OPTS: >- - {{- if eq .Values.database.external false }} - -Dsql.db.driver="org.postgresql.Driver" - -Dsql.db.url=jdbc:postgresql://{{ printf "%s-%s" .Release.Name (index .Values "postgresql-syncservice" "nameOverride") }}:{{ index .Values "postgresql-syncservice" "service" "port" }}/{{ index .Values "postgresql-syncservice" "postgresqlDatabase" }} - {{- else }} - -Dsql.db.driver={{ .Values.database.driver}} - -Dsql.db.url={{ .Values.database.url}} - {{- end }} - -Dsql.db.username=$DATABASE_USERNAME - -Dsql.db.password=$DATABASE_PASSWORD - -Drepo.hostname={{ printf "%s-%s" (include "acs.release.name" .) .Values.repository.host }} - -Drepo.port={{ .Values.repository.port }} - -Ddw.server.applicationConnectors[0].type=http - -Dmessaging.broker.url=$BROKER_URL - -Dmessaging.username=$BROKER_USERNAME - -Dmessaging.password=$BROKER_PASSWORD - {{ .Values.syncservice.environment.JAVA_OPTS }} - {{ .Values.syncservice.environment.EXTRA_JAVA_OPTS }} -{{- end }} diff --git a/helm/alfresco-content-services/charts/alfresco-sync-service/templates/deployment-syncservice.yaml b/helm/alfresco-content-services/charts/alfresco-sync-service/templates/deployment-syncservice.yaml deleted file mode 100755 index e1e686bd0..000000000 --- a/helm/alfresco-content-services/charts/alfresco-sync-service/templates/deployment-syncservice.yaml +++ /dev/null @@ -1,108 +0,0 @@ -{{- if .Values.syncservice.enabled }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "syncservice.fullname" . }} - labels: - app: {{ template "syncservice.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ template "syncservice.fullname" . }} - release: {{ .Release.Name }} - strategy: - type: RollingUpdate - rollingUpdate: -{{ toYaml .Values.global.strategy.rollingUpdate | indent 6 }} - template: - metadata: - labels: - app: {{ template "syncservice.fullname" . }} - release: {{ .Release.Name }} - annotations: - checksum/config: {{ include (print $.Template.BasePath "/config-syncservice.yaml") . | sha256sum }} - checksum/secret: {{ include (print $.Template.BasePath "/secret-database.yaml") . | sha256sum }} - spec: - {{- include "component-pod-security-context" .Values | indent 4 }} - {{- if .Values.nodeSelector }} - nodeSelector: {{- .Values.nodeSelector | toYaml | nindent 8 }} - {{- end }} - {{- include "alfresco-content-services.imagePullSecrets" . | indent 6 }} - initContainers: - {{- if .Values.activemq }} - {{ fail "Using activemq.[host|port|user|password|external] in subcharts is not supported anymore. Use messageBroker.* instead" }} - {{- end }} - - name: init-activemq - image: "{{ .Values.initContainers.activemq.image.repository }}:{{ .Values.initContainers.activemq.image.tag }}" - imagePullPolicy: {{ .Values.initContainers.activemq.image.pullPolicy }} - {{- include "component-security-context" .Values.initContainers.activemq | indent 6 }} - resources: {{- toYaml .Values.initContainers.activemq.resources | nindent 12 }} - envFrom: - - configMapRef: - name: {{ template "syncservice.fullname" . }}-configmap - - secretRef: - name: {{ .Values.messageBroker.existingSecretName | default .Values.messageBroker.secretName }} - args: - - -c - - echo "Checking for ActiveMQ broker availability"; - IFS=, read -r -a array < <(echo "${BROKER_URL}" | sed -r 's/([a-z]+:\()*([^\)]*)(\)?.*)*/\2/'); - while [ -z $MQREADY ]; do - for broker in "${array[@]}"; do broker_socket=${broker%%\?*}; - [[ "${broker_socket#*://}" == *":"* ]] || NCPORT=61616; - echo "Trying ${broker_socket#*://} $NCPORT"; - nc -w1 ${broker_socket#*://} $NCPORT; - if [ $? -eq 0 ]; then echo "ok"; - MQREADY=1; - break; - else echo "not ok"; - sleep 5; - fi; - done; - done - {{- if eq .Values.database.external false }} - - name: init-postgres - image: "{{ .Values.initContainers.postgres.image.repository }}:{{ .Values.initContainers.postgres.image.tag }}" - imagePullPolicy: {{ .Values.initContainers.postgres.image.pullPolicy }} - {{- include "component-security-context" .Values.initContainers.postgres | indent 6 }} - resources: {{- toYaml .Values.initContainers.postgres.resources | nindent 12 }} - command: ['sh', '-c', 'until nc -w1 {{ .Release.Name }}-postgresql-syncservice 5432; do echo "waiting for postgresql"; sleep 2; done;'] - {{- end }} - terminationGracePeriodSeconds: 60 - containers: - - name: syncservice - image: "{{ .Values.syncservice.image.repository }}:{{ .Values.syncservice.image.tag }}" - imagePullPolicy: {{ .Values.syncservice.image.pullPolicy }} - {{- include "component-security-context" .Values | indent 6 }} - envFrom: - - secretRef: - name: {{ template "syncservice.fullname" . }}-dbsecret - - configMapRef: - name: {{ template "syncservice.fullname" . }}-configmap - - secretRef: - name: {{ .Values.messageBroker.existingSecretName | default .Values.messageBroker.secretName }} - ports: - - name: serviceport - containerPort: 9090 - resources: {{- toYaml .Values.syncservice.resources | nindent 12 }} - readinessProbe: - httpGet: - path: /alfresco/healthcheck - port: serviceport - initialDelaySeconds: {{ .Values.syncservice.readinessProbe.initialDelaySeconds }} - failureThreshold: {{ .Values.syncservice.readinessProbe.failureThreshold }} - periodSeconds: {{ .Values.syncservice.readinessProbe.periodSeconds }} - livenessProbe: - httpGet: - path: /alfresco/healthcheck - port: serviceport - initialDelaySeconds: {{ .Values.syncservice.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.syncservice.livenessProbe.periodSeconds }} - lifecycle: - preStop: - exec: - command: ["/opt/alfresco-sync-service/sync_service_entrypoint.sh", "stop"] -{{- end }} diff --git a/helm/alfresco-content-services/charts/alfresco-sync-service/templates/ingress.yaml b/helm/alfresco-content-services/charts/alfresco-sync-service/templates/ingress.yaml deleted file mode 100755 index 99ef22f39..000000000 --- a/helm/alfresco-content-services/charts/alfresco-sync-service/templates/ingress.yaml +++ /dev/null @@ -1,42 +0,0 @@ -{{- if .Values.syncservice.enabled }} -{{- $serviceName := (include "syncservice.fullname" .) -}} -{{- $servicePort := .Values.syncservice.service.externalPort -}} -apiVersion: {{ template "common.capabilities.ingress.apiVersion" . }} -kind: Ingress -metadata: - name: {{ template "syncservice.fullname" . }}-ingress - annotations: - kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/rewrite-target: /alfresco/$2 - nginx.ingress.kubernetes.io/affinity: "cookie" - nginx.ingress.kubernetes.io/session-cookie-name: "sync_affinity_route" - nginx.ingress.kubernetes.io/session-cookie-hash: "sha1" -{{- if .Values.ingress.extraAnnotations }} -{{ toYaml .Values.ingress.extraAnnotations | indent 4 }} -{{- end }} - -spec: - {{- if .Values.ingress.tls }} - tls: - {{- range .Values.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} - {{- end }} - rules: - {{- if .Values.ingress.hostName }} - - host: {{ tpl .Values.ingress.hostName $ }} - http: - {{- else }} - - http: - {{- end }} - paths: - - path: {{ .Values.syncservice.ingress.path }}(/|$)(.*) - {{- if eq "true" (include "common.ingress.supportsPathType" .) }} - pathType: Prefix - {{- end }} - backend: {{- include "common.ingress.backend" (dict "serviceName" $serviceName "servicePort" $servicePort "context" $) | nindent 10 }} -{{- end }} diff --git a/helm/alfresco-content-services/charts/alfresco-sync-service/templates/secret-database.yaml b/helm/alfresco-content-services/charts/alfresco-sync-service/templates/secret-database.yaml deleted file mode 100755 index 5ec4ebcd7..000000000 --- a/helm/alfresco-content-services/charts/alfresco-sync-service/templates/secret-database.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: {{ template "syncservice.fullname" . }}-dbsecret - labels: - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - component: syncservice -type: Opaque -data: - DATABASE_USERNAME: {{ .Values.database.user | default (index .Values "postgresql-syncservice" "postgresqlUsername") | b64enc | quote }} - DATABASE_PASSWORD: {{ .Values.database.password | default (index .Values "postgresql-syncservice" "postgresqlPassword") | b64enc | quote }} diff --git a/helm/alfresco-content-services/charts/alfresco-sync-service/templates/svc-syncservice.yaml b/helm/alfresco-content-services/charts/alfresco-sync-service/templates/svc-syncservice.yaml deleted file mode 100755 index 0f9e83c70..000000000 --- a/helm/alfresco-content-services/charts/alfresco-sync-service/templates/svc-syncservice.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if .Values.syncservice.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "syncservice.fullname" . }} - labels: - app: {{ template "syncservice.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.syncservice.service.type }} - ports: - - port: {{ .Values.syncservice.service.externalPort }} - targetPort: {{ .Values.syncservice.image.internalPort }} - name: {{ .Values.syncservice.service.name }} - selector: - app: {{ template "syncservice.fullname" . }} - release: {{ .Release.Name }} -{{- end }} diff --git a/helm/alfresco-content-services/charts/alfresco-sync-service/tests/deployment-syncservice_disabled.yaml b/helm/alfresco-content-services/charts/alfresco-sync-service/tests/deployment-syncservice_disabled.yaml deleted file mode 100644 index b9b24455a..000000000 --- a/helm/alfresco-content-services/charts/alfresco-sync-service/tests/deployment-syncservice_disabled.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -suite: test deployment -templates: - - deployment-syncservice.yaml - - config-syncservice.yaml - - secret-database.yaml - - ../../../templates/secret-repository.yaml -tests: - - it: should have basic metadata in place - values: &testvalues - - ../../../tests/values/test_values.yaml - asserts: - - equal: - path: metadata.name - value: RELEASE-NAME-alfresco-sync-service - template: deployment-syncservice.yaml - - - it: should render cpu and memory limits - values: *testvalues - asserts: - - equal: - path: spec.template.spec.containers[0].resources - value: - requests: - cpu: "0.5" - memory: "800Mi" - limits: - cpu: "2" - memory: "2000Mi" - template: deployment-syncservice.yaml diff --git a/helm/alfresco-content-services/charts/alfresco-sync-service/values.yaml b/helm/alfresco-content-services/charts/alfresco-sync-service/values.yaml deleted file mode 100755 index bdd00b1ae..000000000 --- a/helm/alfresco-content-services/charts/alfresco-sync-service/values.yaml +++ /dev/null @@ -1,125 +0,0 @@ -replicaCount: 1 -nodeSelector: {} -# -- Global definition of Docker registry pull secret which can be overridden -# from parent ACS Helm chart(s) -global: - alfrescoRegistryPullSecrets: quay-registry-secret - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 -podSecurityContext: - runAsUser: 33020 - runAsGroup: 1000 - runAsNonRoot: true - fsGroup: 1000 -syncservice: - enabled: true - image: - repository: quay.io/alfresco/service-sync - tag: 4.0.0-M6 - pullPolicy: IfNotPresent - internalPort: 9090 - environment: - JAVA_OPTS: >- - -Dsync.metrics.reporter.graphite.enabled=false - -Dsync.metrics.reporter.graphite.address=127.0.0.1 - -Dsync.metrics.reporter.graphite.port=2003 - -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80 - EXTRA_JAVA_OPTS: "" - service: - name: syncservice - type: NodePort - externalPort: 80 - ingress: - path: /syncservice - resources: - requests: - cpu: "0.5" - memory: "800Mi" - limits: - cpu: "2" - memory: "2000Mi" - livenessProbe: - initialDelaySeconds: 150 - periodSeconds: 30 - timeoutSeconds: 10 - readinessProbe: - initialDelaySeconds: 20 - periodSeconds: 10 - failureThreshold: 12 - timeoutSeconds: 10 -repository: - host: alfresco-cs-repository - port: 80 -# -- messageBroker object allow to pass ActiveMQ connection details. -# url: provides URI formatted string, see: -# https://activemq.apache.org/failover-transport-reference -# user: username to authenticate as. -# password: credential to use to authenticate to the broker. -messageBroker: - url: null - existingSecretName: null -contentServices: - # -- Specify when installing as a standalone chart, not as a subchart of ACS. - # must match the release name of the ACS release - installationName: -# -- Defines properties required by sync service for connecting to the database -# If you set database.external to true you will have to setup the JDBC driver, -# user, password and JdbcUrl as `driver`, `user`, `password` & `url` subelements -# of `database`. Also make sure that the container has the db driver -database: - external: false -postgresql-syncservice: - name: postgresql-syncservice - # -- If true, install the postgresql chart alongside Alfresco Sync service. - # Note: Set this to false if you use an external database. - enabled: true - replicaCount: 1 - nameOverride: postgresql-syncservice - image: - tag: 11.7.0 - pullPolicy: IfNotPresent - postgresqlUsername: alfresco - postgresqlPassword: admin - postgresqlDatabase: syncservice-postgresql - postgresConfig: - max_connections: 450 - log_min_messages: LOG - service: - port: 5432 - resources: - requests: - cpu: "0.5" - memory: "600Mi" - limits: - cpu: "2" - memory: "1500Mi" -initContainers: - activemq: - image: - repository: bash - tag: 5.1.16 - pullPolicy: IfNotPresent - resources: - limits: - cpu: "0.25" - memory: "10Mi" - postgres: - image: - repository: busybox - tag: 1.35.0 - pullPolicy: IfNotPresent - resources: - limits: - cpu: "0.25" - memory: "10Mi" -ingress: - # -- useful when running Sync service without SSL termination done by a load - # balancer, e.g. when ran on Minikube for testing purposes - # nginx.ingress.kubernetes.io/ssl-redirect: "false" - extraAnnotations: - # - secretName: chart-example-tls - # hosts: - # - chart-example.local - tls: [] diff --git a/helm/alfresco-content-services/community_values.yaml b/helm/alfresco-content-services/community_values.yaml index 18b63f61d..e651c740c 100644 --- a/helm/alfresco-content-services/community_values.yaml +++ b/helm/alfresco-content-services/community_values.yaml @@ -1,3 +1,4 @@ +--- # ACS Community values repository: edition: Community @@ -31,9 +32,6 @@ alfresco-search: alfresco-digital-workspace: enabled: false alfresco-sync-service: - syncservice: - enabled: false -postgresql-syncservice: enabled: false ai: enabled: false diff --git a/helm/alfresco-content-services/templates/NOTES.txt b/helm/alfresco-content-services/templates/NOTES.txt index 7c35af52c..cd89b9002 100644 --- a/helm/alfresco-content-services/templates/NOTES.txt +++ b/helm/alfresco-content-services/templates/NOTES.txt @@ -32,7 +32,7 @@ You can access all components of Alfresco Content Services using the same root a {{ if eq .Values.repository.edition "Enterprise" }} Alfresco Digital Workspace: {{ $alfurl }}/workspace/ {{ end }} {{ if index .Values "alfresco-search" "ingress" "enabled" }} Solr: {{ $alfurl }}/solr {{ end }} {{ if (index .Values "alfresco-search" "alfresco-insight-zeppelin" "enabled") }} Zeppelin: {{ $alfurl }}/zeppelin {{ end }} -{{- if index .Values "alfresco-sync-service" "syncservice" "enabled" }} +{{- if index .Values "alfresco-sync-service" "enabled" }} {{- $alfportdsync := tpl (.Values.externalPort | toString ) $ }} {{- $alfurldsync := printf "%s://%s:%s" $alfprotocol $alfhost $alfportdsync }} Sync service: {{ $alfurldsync }}/syncservice/healthcheck diff --git a/helm/alfresco-content-services/templates/config-repository.yaml b/helm/alfresco-content-services/templates/config-repository.yaml index 31b1333db..81d341c86 100644 --- a/helm/alfresco-content-services/templates/config-repository.yaml +++ b/helm/alfresco-content-services/templates/config-repository.yaml @@ -109,7 +109,7 @@ data: -Dmail.smtps.auth={{ .Values.mail.smtps.auth }} -Dmail.smtps.starttls.enable={{ .Values.mail.smtps.starttls.enable }} {{- end }} - {{- if index .Values "alfresco-sync-service" "syncservice" "enabled" }} + {{- if index .Values "alfresco-sync-service" "enabled" }} -Ddsync.service.uris={{ $alfUrl }}/syncservice {{- else }} -Devents.subsystem.autoStart=false @@ -118,7 +118,7 @@ data: $ALFRESCO_OPTS -Ddb.driver={{ .Values.database.driver | default "org.postgresql.Driver" }} {{- if eq .Values.database.external false }} - -Ddb.url=jdbc:postgresql://{{ printf "%s-%s" .Release.Name .Values.postgresql.nameOverride }}:{{ .Values.postgresql.service.port }}/{{ .Values.postgresql.postgresDatabase }} + -Ddb.url=jdbc:postgresql://{{ printf "%s-%s" .Release.Name .Values.postgresql.nameOverride }}:{{ .Values.postgresql.primary.service.ports.postgresql }}/{{ .Values.postgresql.auth.database }} {{- else }} -Ddb.url={{ .Values.database.url }} {{- end }} diff --git a/helm/alfresco-content-services/templates/deployment-repository.yaml b/helm/alfresco-content-services/templates/deployment-repository.yaml index cd457b9b6..df8ec8b0a 100644 --- a/helm/alfresco-content-services/templates/deployment-repository.yaml +++ b/helm/alfresco-content-services/templates/deployment-repository.yaml @@ -131,7 +131,7 @@ spec: imagePullPolicy: {{ .Values.repository.initContainers.db.image.pullPolicy }} {{- include "component-security-context" .Values.repository.initContainers.db | indent 8 }} resources: {{- toYaml .Values.repository.initContainers.db.resources | nindent 12 }} - command: ['sh', '-c', 'until nc -w1 {{ printf "%s-%s" .Release.Name .Values.postgresql.nameOverride }} {{ .Values.postgresql.service.port }}; do echo "waiting for {{ printf "%s-%s" .Release.Name .Values.postgresql.nameOverride }}"; sleep 2; done;'] + command: ['sh', '-c', 'until nc -w1 {{ printf "%s-%s" .Release.Name .Values.postgresql.nameOverride }} {{ .Values.postgresql.primary.service.ports.postgresql }}; do echo "waiting for {{ printf "%s-%s" .Release.Name .Values.postgresql.nameOverride }}"; sleep 2; done;'] {{- end }} {{- if and .Values.email.server.enabled .Values.email.inbound.enabled .Values.email.server.enableTLS }} - name: pem-to-keystore diff --git a/helm/alfresco-content-services/templates/secret-database.yaml b/helm/alfresco-content-services/templates/secret-database.yaml index ca8ec8262..3661c7d00 100644 --- a/helm/alfresco-content-services/templates/secret-database.yaml +++ b/helm/alfresco-content-services/templates/secret-database.yaml @@ -7,6 +7,6 @@ metadata: {{- include "repository.labels" . | nindent 4 }} type: Opaque data: - DATABASE_USERNAME: {{ .Values.database.user | default .Values.postgresql.postgresqlUsername | b64enc | quote }} - DATABASE_PASSWORD: {{ .Values.database.password | default .Values.postgresql.postgresqlPassword | b64enc | quote }} + DATABASE_USERNAME: {{ .Values.database.user | default .Values.postgresql.auth.username | b64enc | quote }} + DATABASE_PASSWORD: {{ .Values.database.password | default .Values.postgresql.auth.password | b64enc | quote }} {{- end }} diff --git a/helm/alfresco-content-services/values.yaml b/helm/alfresco-content-services/values.yaml index 1b4185a84..0c5a3775d 100644 --- a/helm/alfresco-content-services/values.yaml +++ b/helm/alfresco-content-services/values.yaml @@ -603,6 +603,7 @@ share: extraInitContainers: [] command: [] activemq: + nameOverride: activemq enabled: true # -- Possibility to choose Node for pod, with a key-value pair label # e.g {"kubernetes.io/hostname": multinode-demo-m02} @@ -767,74 +768,45 @@ alfresco-admin-app: ooi: enabled: false postgresql: - # -- Enable embedded postgres for Alfresco Content Services leveraging the postgresql Bitnami chart + # -- Toggle embedded postgres for Alfresco Content Services repository + # Check [PostgreSQL Bitnami chart + # Documentation](https://github.com/bitnami/charts/tree/main/bitnami/postgresql) enabled: true - replicaCount: 1 nameOverride: postgresql-acs image: tag: 14.4.0 pullPolicy: IfNotPresent commonAnnotations: application: alfresco-content-services - # -- Name of existing secret to use for PostgreSQL passwords - # The secret has to contain the keys postgresql-password which is the password for postgresqlUsername when it is - # different of postgres, postgresql-postgres-password which will override postgresqlPassword. - # The same secret must be set also as `database.existingSecretName` to provide the credentials to ACS. - existingSecret: - # -- Postgresql database user - postgresqlUsername: alfresco - # -- Postgresql database password - postgresqlPassword: alfresco - # -- Postgresql database name - postgresqlDatabase: alfresco - postgresqlExtendedConf: - max_connections: 300 - log_min_messages: LOG - primary: - nodeSelector: {} - persistence: - # -- set the storageClass to use for dynamic provisioning. - # setting it to null means "default storageClass". - storageClass: null - # -- provide an existing persistent volume claim name to persist SQL data - # Make sure the root folder has the appropriate permissions/ownhership set. - existingClaim: null - subPath: "alfresco-content-services/database-data" - resources: - requests: - cpu: "0.5" - memory: "1500Mi" - limits: - cpu: "4" - memory: "1500Mi" -postgresql-syncservice: - name: postgresql-syncservice - # -- Enable embedded postgres for Alfresco Sync service leveraging the postgresql Bitnami chart - enabled: true - replicaCount: 1 - nameOverride: postgresql-syncservice - image: - tag: 14.4.0 - pullPolicy: IfNotPresent - commonAnnotations: - application: alfresco-content-services - postgresqlUsername: alfresco - postgresqlPassword: admin - postgresqlDatabase: syncservice-postgresql - postgresqlExtendedConf: - max_connections: 450 - log_min_messages: LOG - service: - port: 5432 + auth: + existingSecret: + username: alfresco + password: alfresco + database: alfresco primary: - nodeSelector: {} - resources: - requests: - cpu: "0.5" - memory: "1500Mi" - limits: - cpu: "4" - memory: "1500Mi" + extendedConfiguration: | + max_connections = 250 + shared_buffers = 512MB + effective_cache_size = 2GB + wal_level = minimal + max_wal_senders = 0 + max_replication_slots = 0 + log_min_messages = LOG + resources: + requests: + cpu: "0.5" + memory: "1500Mi" + limits: + cpu: "8" + memory: "8192Mi" + persistence: + # -- set the storageClass to use for dynamic provisioning. + # setting it to null means "default storageClass". + storageClass: null + # -- provide an existing persistent volume claim name to persist SQL data + # Make sure the root folder has the appropriate permissions/ownhership set. + existingClaim: null + subPath: "alfresco-content-services/database-data" s3connector: # -- Enable the S3 Connector # For a full list of properties on the S3 connector see: @@ -942,13 +914,32 @@ metadataKeystore: defaultKeystorePassword: "mp6yc0UD9e" defaultKeyPassword: "oKIWzVdEdA" alfresco-sync-service: - messageBroker: *acs_messageBroker - nodeSelector: {} - syncservice: + # -- Toggle deployment of Alfresco Sync Service (Desktop-Sync) + # Check [Alfresco Sync Service + # Documentation](https://github.com/Alfresco/alfresco-helm-charts/tree/main/charts/alfresco-sync-service) + enabled: true + postgresql: enabled: true - image: - repository: quay.io/alfresco/service-sync - tag: 3.8.0 + image: + tag: 14.4.0 + auth: + enablePostgresUser: false + username: alfresco + password: admin + database: syncservice-postgresql + primary: + resources: + requests: + cpu: "0.5" + memory: "1500Mi" + limits: + cpu: "4" + memory: "1500Mi" + messageBroker: + existingSecretName: *acs_messageBroker_secretName + repository: + nameOverride: alfresco-cs-repository + port: *repositoryExternalPort global: # A shared secret is now required in order to authenticate connections between # solr and repo (typically: tracking) diff --git a/test/community-integration-test-values.yaml b/test/community-integration-test-values.yaml index 5bcebedee..d8cc26e18 100644 --- a/test/community-integration-test-values.yaml +++ b/test/community-integration-test-values.yaml @@ -69,21 +69,19 @@ alfresco-search: cpu: "0.01" memory: "512Mi" limits: - memory: "1024Mi" + memory: "1280Mi" searchServicesImage: repository: alfresco/alfresco-search-services # Disable features alfresco-digital-workspace: enabled: false alfresco-sync-service: - syncservice: - enabled: false -postgresql: - resources: - requests: - cpu: "0.01" -postgresql-syncservice: enabled: false +postgresql: + primary: + resources: + requests: + cpu: "0.01" ai: enabled: false s3connector: From c517ce516bfb36e19aadada382309bdb3a27edad Mon Sep 17 00:00:00 2001 From: Alfresco Build <8039454+alfresco-build@users.noreply.github.com> Date: Tue, 21 Mar 2023 16:47:26 +0100 Subject: [PATCH 19/26] [updatecli] Images updates for all versions of Helm charts and Docker compose (#910) Co-authored-by: slohe1 --- README.md | 5 ++- docker-compose/7.2.N-docker-compose.yml | 9 ++-- docker-compose/7.3.N-docker-compose.yml | 2 +- docker-compose/community-docker-compose.yml | 41 ++++++++++++------- docker-compose/docker-compose.yml | 10 ++--- docs/helm/upgrades.md | 2 +- .../7.2.N_values.yaml | 6 +-- .../7.3.N_values.yaml | 2 +- helm/alfresco-content-services/Chart.yaml | 6 +-- helm/alfresco-content-services/README.md | 10 ++--- .../charts/alfresco-search/Chart.yaml | 4 +- .../charts/alfresco-search/README.md | 4 +- .../alfresco-insight-zeppelin/Chart.yaml | 2 +- .../alfresco-insight-zeppelin/README.md | 2 +- .../community_values.yaml | 6 +-- helm/alfresco-content-services/values.yaml | 6 +-- 16 files changed, 65 insertions(+), 52 deletions(-) diff --git a/README.md b/README.md index 99dd04567..1c8ef5a76 100644 --- a/README.md +++ b/README.md @@ -101,8 +101,9 @@ Please use [this guide](CONTRIBUTING.md) to make a contribution to the project a Open a PR that will: * Update the [versioning table](#versioning) -* In [alfresco-common](helm/alfresco-common/Chart.yaml), bump chart version to - the next stable release (usually by removing the `-SNAPSHOT` suffix) +* If any updates to the updatecli pipelines is required then make the changes and raise the PR. +* Once the PR merge then run the manually [updatecli-workflow](https://github.com/Alfresco/acs-deployment/actions/workflows/bumpVersions.yml) +* That will create the bump version PR automatically. * In [alfresco-content-services](helm/alfresco-content-services/Chart.yaml), bump chart version to the next stable release (usually by removing the `-SNAPSHOT` suffix and adding `-Mx` suffix if it's a prerelease) diff --git a/docker-compose/7.2.N-docker-compose.yml b/docker-compose/7.2.N-docker-compose.yml index 1cc486f9f..5b2d27e75 100644 --- a/docker-compose/7.2.N-docker-compose.yml +++ b/docker-compose/7.2.N-docker-compose.yml @@ -19,7 +19,7 @@ version: "2" services: alfresco: - image: quay.io/alfresco/alfresco-content-repository:7.2.1.7 + image: quay.io/alfresco/alfresco-content-repository:7.2.1.10 mem_limit: 1900m environment: JAVA_TOOL_OPTIONS: >- @@ -36,8 +36,7 @@ services: -Ddb.username=alfresco -Ddb.password=alfresco -Ddb.url=jdbc:postgresql://postgres:5432/alfresco - -Dsolr.host=solr6 - -Dsolr.port=8983 + -Dsolr.host=solr6 -Dsolr.port=8983 -Dsolr.secureComms=secret -Dsolr.sharedSecret=secret -Dsolr.base.url=/solr @@ -100,7 +99,7 @@ services: volumes: - shared-file-store-volume:/tmp/Alfresco/sfs share: - image: quay.io/alfresco/alfresco-share:7.2.1.7 + image: quay.io/alfresco/alfresco-share:7.2.1.10 mem_limit: 1g environment: REPO_HOST: "alfresco" @@ -157,7 +156,7 @@ services: BASE_PATH: ./ APP_BASE_SHARE_URL: "http://localhost:8080/workspace/#/preview/s" control-center: - image: quay.io/alfresco/alfresco-admin-app:7.6.1 + image: quay.io/alfresco/alfresco-admin-app:7.8.1 mem_limit: 128m environment: APP_CONFIG_PROVIDER: "ECM" diff --git a/docker-compose/7.3.N-docker-compose.yml b/docker-compose/7.3.N-docker-compose.yml index 36791ed08..dc45d0d91 100644 --- a/docker-compose/7.3.N-docker-compose.yml +++ b/docker-compose/7.3.N-docker-compose.yml @@ -157,7 +157,7 @@ services: BASE_PATH: ./ APP_BASE_SHARE_URL: "http://localhost:8080/workspace/#/preview/s" control-center: - image: quay.io/alfresco/alfresco-admin-app:7.6.1 + image: quay.io/alfresco/alfresco-admin-app:7.8.1 mem_limit: 128m environment: APP_CONFIG_PROVIDER: "ECM" diff --git a/docker-compose/community-docker-compose.yml b/docker-compose/community-docker-compose.yml index 8212da45f..4e26bb20e 100644 --- a/docker-compose/community-docker-compose.yml +++ b/docker-compose/community-docker-compose.yml @@ -19,7 +19,7 @@ version: "2" services: alfresco: - image: docker.io/alfresco/alfresco-content-repository-community:7.4.0-M2 + image: docker.io/alfresco/alfresco-content-repository-community:7.4.0-M3 mem_limit: 1900m environment: JAVA_TOOL_OPTIONS: >- @@ -32,18 +32,28 @@ services: -Dmetadata-keystore.metadata.password=oKIWzVdEdA -Dmetadata-keystore.metadata.algorithm=DESede JAVA_OPTS: >- - -Ddb.driver=org.postgresql.Driver -Ddb.username=alfresco - -Ddb.password=alfresco -Ddb.url=jdbc:postgresql://postgres:5432/alfresco - -Dsolr.host=solr6 -Dsolr.port=8983 -Dsolr.http.connection.timeout=1000 - -Dsolr.secureComms=secret -Dsolr.sharedSecret=secret - -Dsolr.base.url=/solr -Dindex.subsystem.name=solr6 - -Dshare.host=127.0.0.1 -Dshare.port=8080 -Dalfresco.host=localhost - -Dalfresco.port=8080 -Dcsrf.filter.enabled=false + -Ddb.driver=org.postgresql.Driver + -Ddb.username=alfresco + -Ddb.password=alfresco + -Ddb.url=jdbc:postgresql://postgres:5432/alfresco + -Dsolr.host=solr6 + -Dsolr.port=8983 + -Dsolr.http.connection.timeout=1000 + -Dsolr.secureComms=secret + -Dsolr.sharedSecret=secret + -Dsolr.base.url=/solr + -Dindex.subsystem.name=solr6 + -Dshare.host=127.0.0.1 + -Dshare.port=8080 + -Dalfresco.host=localhost + -Dalfresco.port=8080 + -Dcsrf.filter.enabled=false -Daos.baseUrlOverwrite=http://localhost:8080/alfresco/aos -Dmessaging.broker.url="failover:(nio://activemq:61616)?timeout=3000&jms.useCompression=true" -Ddeployment.method=DOCKER_COMPOSE -DlocalTransform.core-aio.url=http://transform-core-aio:8090/ - -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80 + -XX:MinRAMPercentage=50 + -XX:MaxRAMPercentage=80 transform-core-aio: image: alfresco/alfresco-transform-core-aio:3.0.0 mem_limit: 1536m @@ -52,15 +62,18 @@ services: ports: - "8090:8090" share: - image: docker.io/alfresco/alfresco-share:7.4.0-M2 + image: docker.io/alfresco/alfresco-share:7.4.0-M3 mem_limit: 1g environment: REPO_HOST: "alfresco" REPO_PORT: "8080" JAVA_OPTS: >- - -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80 - -Dalfresco.host=localhost -Dalfresco.port=8080 - -Dalfresco.context=alfresco -Dalfresco.protocol=http + -XX:MinRAMPercentage=50 + -XX:MaxRAMPercentage=80 + -Dalfresco.host=localhost + -Dalfresco.port=8080 + -Dalfresco.context=alfresco + -Dalfresco.protocol=http postgres: image: postgres:14.4 mem_limit: 512m @@ -72,7 +85,7 @@ services: ports: - "5432:5432" solr6: - image: alfresco/alfresco-search-services:2.0.5 + image: docker.io/alfresco/alfresco-search-services:2.0.6 mem_limit: 2g environment: # Solr needs to know how to register itself with Alfresco diff --git a/docker-compose/docker-compose.yml b/docker-compose/docker-compose.yml index 94d041ea4..4503a5aa1 100644 --- a/docker-compose/docker-compose.yml +++ b/docker-compose/docker-compose.yml @@ -19,7 +19,7 @@ version: "2" services: alfresco: - image: quay.io/alfresco/alfresco-content-repository:7.4.0-M2 + image: quay.io/alfresco/alfresco-content-repository:7.4.0-M3 mem_limit: 1900m environment: JAVA_TOOL_OPTIONS: >- @@ -100,7 +100,7 @@ services: volumes: - shared-file-store-volume:/tmp/Alfresco/sfs share: - image: quay.io/alfresco/alfresco-share:7.4.0-M2 + image: quay.io/alfresco/alfresco-share:7.4.0-M3 mem_limit: 1g environment: REPO_HOST: "alfresco" @@ -123,7 +123,7 @@ services: ports: - "5432:5432" solr6: - image: alfresco/alfresco-search-services:2.0.5 + image: quay.io/alfresco/search-services:2.0.6 mem_limit: 2g environment: # Solr needs to know how to register itself with Alfresco @@ -150,7 +150,7 @@ services: - "61616:61616" # OpenWire - "61613:61613" # STOMP digital-workspace: - image: quay.io/alfresco/alfresco-digital-workspace:4.0.0-A.2 + image: quay.io/alfresco/alfresco-digital-workspace:4.0.0-A.3 mem_limit: 128m environment: APP_CONFIG_AUTH_TYPE: "BASIC" @@ -178,7 +178,7 @@ services: - share - control-center sync-service: - image: quay.io/alfresco/service-sync:4.0.0-M6 + image: quay.io/alfresco/service-sync:4.0.0-M7 mem_limit: 1g environment: JAVA_OPTS: >- diff --git a/docs/helm/upgrades.md b/docs/helm/upgrades.md index 4c060c70d..6b91d02f8 100644 --- a/docs/helm/upgrades.md +++ b/docs/helm/upgrades.md @@ -7,7 +7,7 @@ release notes that are available via [GitHub Releases](https://github.com/Alfres Here follows a more detailed explanation of any breaking change grouped by version in which they have been released. -## unreleased +## 5.4.0-M3 ### Search Enterprise chart rename diff --git a/helm/alfresco-content-services/7.2.N_values.yaml b/helm/alfresco-content-services/7.2.N_values.yaml index 10dda214e..232daece3 100644 --- a/helm/alfresco-content-services/7.2.N_values.yaml +++ b/helm/alfresco-content-services/7.2.N_values.yaml @@ -2,7 +2,7 @@ # ACS 7.2.N values repository: image: - tag: 7.2.1.7 + tag: 7.2.1.10 ooiService: image: tag: 1.1.3 @@ -35,7 +35,7 @@ filestore: tag: 0.16.1 share: image: - tag: 7.2.1.7 + tag: 7.2.1.10 alfresco-search: searchServicesImage: tag: 2.0.4 @@ -61,7 +61,7 @@ alfresco-digital-workspace: tag: 3.0.1 alfresco-admin-app: image: - tag: 7.6.1 + tag: 7.8.1 postgresql: image: tag: 13.3.0 diff --git a/helm/alfresco-content-services/7.3.N_values.yaml b/helm/alfresco-content-services/7.3.N_values.yaml index e49500a91..ab27e8dfb 100644 --- a/helm/alfresco-content-services/7.3.N_values.yaml +++ b/helm/alfresco-content-services/7.3.N_values.yaml @@ -66,7 +66,7 @@ alfresco-digital-workspace: tag: 3.1.1 alfresco-admin-app: image: - tag: 7.6.1 + tag: 7.8.1 ooi: enabled: false postgresql: diff --git a/helm/alfresco-content-services/Chart.yaml b/helm/alfresco-content-services/Chart.yaml index c5e1b2ebd..4abb5f878 100644 --- a/helm/alfresco-content-services/Chart.yaml +++ b/helm/alfresco-content-services/Chart.yaml @@ -5,8 +5,8 @@ --- apiVersion: v2 name: alfresco-content-services -version: 5.4.0-SNAPSHOT -appVersion: 7.4.0-M2 +version: 5.4.0-M3 +appVersion: 7.4.0-M3 description: A Helm chart for deploying Alfresco Content Services keywords: - content @@ -41,7 +41,7 @@ dependencies: repository: https://alfresco.github.io/alfresco-helm-charts/ condition: activemq.enabled - name: alfresco-search - version: 1.2.0-SNAPSHOT + version: 1.2.0 condition: alfresco-search.enabled - name: alfresco-sync-service repository: https://alfresco.github.io/alfresco-helm-charts/ diff --git a/helm/alfresco-content-services/README.md b/helm/alfresco-content-services/README.md index 0c6c6097b..f4ee5bae2 100644 --- a/helm/alfresco-content-services/README.md +++ b/helm/alfresco-content-services/README.md @@ -1,6 +1,6 @@ # alfresco-content-services -![Version: 5.4.0-SNAPSHOT](https://img.shields.io/badge/Version-5.4.0--SNAPSHOT-informational?style=flat-square) ![AppVersion: 7.4.0-M2](https://img.shields.io/badge/AppVersion-7.4.0--M2-informational?style=flat-square) +![Version: 5.4.0-M3](https://img.shields.io/badge/Version-5.4.0--M3-informational?style=flat-square) ![AppVersion: 7.4.0-M3](https://img.shields.io/badge/AppVersion-7.4.0--M3-informational?style=flat-square) A Helm chart for deploying Alfresco Content Services @@ -16,7 +16,7 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | Repository | Name | Version | |------------|------|---------| -| | alfresco-search | 1.2.0-SNAPSHOT | +| | alfresco-search | 1.2.0 | | https://activiti.github.io/activiti-cloud-helm-charts | alfresco-admin-app(common) | 7.7.0 | | https://activiti.github.io/activiti-cloud-helm-charts | alfresco-digital-workspace(common) | 7.7.0 | | https://alfresco.github.io/alfresco-helm-charts/ | activemq | 3.0.1 | @@ -86,7 +86,7 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | alfresco-digital-workspace.extraEnv | string | `"{{- if .Values.global.ai.enabled }}\n- name: APP_CONFIG_PLUGIN_AI_SERVICE\n value: '{{ .Values.global.ai.enabled }}'\n{{- end }}"` | | | alfresco-digital-workspace.image.pullPolicy | string | `"IfNotPresent"` | | | alfresco-digital-workspace.image.repository | string | `"quay.io/alfresco/alfresco-digital-workspace"` | | -| alfresco-digital-workspace.image.tag | string | `"4.0.0-A.2"` | | +| alfresco-digital-workspace.image.tag | string | `"4.0.0-A.3"` | | | alfresco-digital-workspace.ingress.annotations."kubernetes.io/ingress.class" | string | `"nginx"` | | | alfresco-digital-workspace.ingress.annotations."nginx.ingress.kubernetes.io/proxy-body-size" | string | `"5g"` | | | alfresco-digital-workspace.ingress.path | string | `"/workspace"` | | @@ -265,7 +265,7 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | repository.image.internalPort | int | `8080` | | | repository.image.pullPolicy | string | `"IfNotPresent"` | | | repository.image.repository | string | `"quay.io/alfresco/alfresco-content-repository"` | | -| repository.image.tag | string | `"7.4.0-M2"` | | +| repository.image.tag | string | `"7.4.0-M3"` | | | repository.ingress.annotations | object | `{}` | | | repository.ingress.maxUploadSize | string | `"5g"` | | | repository.ingress.path | string | `"/"` | | @@ -313,7 +313,7 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | s3connector.secrets.awsKmsKeyId | string | `nil` | | | s3connector.secrets.encryption | string | `nil` | | | s3connector.secrets.secretKey | string | `nil` | | -| share | object | `{"command":[],"environment":{"CATALINA_OPTS":"-XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80"},"extraInitContainers":[],"extraSideContainers":[],"extraVolumeMounts":[],"extraVolumes":[],"image":{"internalPort":8080,"pullPolicy":"IfNotPresent","repository":"quay.io/alfresco/alfresco-share","tag":"7.4.0-M2"},"ingress":{"annotations":{},"path":"/share","tls":[]},"livenessProbe":{"initialDelaySeconds":200,"periodSeconds":20,"timeoutSeconds":10},"nodeSelector":{},"podSecurityContext":{"runAsNonRoot":true},"readinessProbe":{"initialDelaySeconds":60,"periodSeconds":20,"timeoutSeconds":15},"replicaCount":1,"resources":{"limits":{"cpu":"4","memory":"2000Mi"},"requests":{"cpu":"1","memory":"512Mi"}},"securityContext":{"capabilities":{"drop":["NET_RAW","ALL"]},"runAsNonRoot":false},"service":{"externalPort":80,"name":"share","type":"ClusterIP"}}` | Define the alfresco-share properties to use in the k8s cluster This is the default presentation layer(UI) of Alfresco Content Services | +| share | object | `{"command":[],"environment":{"CATALINA_OPTS":"-XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80"},"extraInitContainers":[],"extraSideContainers":[],"extraVolumeMounts":[],"extraVolumes":[],"image":{"internalPort":8080,"pullPolicy":"IfNotPresent","repository":"quay.io/alfresco/alfresco-share","tag":"7.4.0-M3"},"ingress":{"annotations":{},"path":"/share","tls":[]},"livenessProbe":{"initialDelaySeconds":200,"periodSeconds":20,"timeoutSeconds":10},"nodeSelector":{},"podSecurityContext":{"runAsNonRoot":true},"readinessProbe":{"initialDelaySeconds":60,"periodSeconds":20,"timeoutSeconds":15},"replicaCount":1,"resources":{"limits":{"cpu":"4","memory":"2000Mi"},"requests":{"cpu":"1","memory":"512Mi"}},"securityContext":{"capabilities":{"drop":["NET_RAW","ALL"]},"runAsNonRoot":false},"service":{"externalPort":80,"name":"share","type":"ClusterIP"}}` | Define the alfresco-share properties to use in the k8s cluster This is the default presentation layer(UI) of Alfresco Content Services | | tika | object | `{"environment":{"JAVA_OPTS":"-XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80"},"image":{"internalPort":8090,"pullPolicy":"IfNotPresent","repository":"alfresco/alfresco-tika","tag":"3.0.0"},"livenessProbe":{"initialDelaySeconds":60,"livenessPercent":400,"livenessTransformPeriodSeconds":600,"maxTransformSeconds":1800,"maxTransforms":10000,"periodSeconds":20,"timeoutSeconds":10},"nodeSelector":{},"podSecurityContext":{"runAsNonRoot":true,"runAsUser":33004},"readinessProbe":{"initialDelaySeconds":60,"periodSeconds":60,"timeoutSeconds":10},"replicaCount":2,"resources":{"limits":{"cpu":"2","memory":"1000Mi"},"requests":{"cpu":"0.25","memory":"600Mi"}},"service":{"externalPort":80,"name":"tika","type":"ClusterIP"}}` | Declares the alfresco-tika service used by the content repository to transform office files | | transformmisc | object | `{"enabled":true,"environment":{"JAVA_OPTS":"-XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80"},"image":{"internalPort":8090,"pullPolicy":"IfNotPresent","repository":"alfresco/alfresco-transform-misc","tag":"3.0.0"},"livenessProbe":{"initialDelaySeconds":10,"livenessPercent":400,"livenessTransformPeriodSeconds":600,"maxTransformSeconds":1800,"maxTransforms":10000,"periodSeconds":20,"timeoutSeconds":10},"nodeSelector":{},"podSecurityContext":{"runAsNonRoot":true,"runAsUser":33006},"readinessProbe":{"initialDelaySeconds":20,"periodSeconds":60,"timeoutSeconds":10},"replicaCount":2,"resources":{"limits":{"cpu":"2","memory":"1000Mi"},"requests":{"cpu":"0.25","memory":"300Mi"}},"service":{"externalPort":80,"name":"transformmisc","type":"ClusterIP"}}` | Declares the alfresco-tika service used by the content repository to transform office files | | transformrouter.environment.JAVA_OPTS | string | `"-XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80"` | | diff --git a/helm/alfresco-content-services/charts/alfresco-search/Chart.yaml b/helm/alfresco-content-services/charts/alfresco-search/Chart.yaml index 3e0c04ea5..ed06cc2c4 100644 --- a/helm/alfresco-content-services/charts/alfresco-search/Chart.yaml +++ b/helm/alfresco-content-services/charts/alfresco-search/Chart.yaml @@ -13,11 +13,11 @@ keywords: name: alfresco-search sources: - https://github.com/Alfresco/acs-deployment -version: 1.2.0-SNAPSHOT +version: 1.2.0 appVersion: 2.0.6 dependencies: - name: alfresco-insight-zeppelin - version: 1.2.0-SNAPSHOT + version: 1.2.0 condition: alfresco-insight-zeppelin.enabled - name: alfresco-common version: 1.0.0 diff --git a/helm/alfresco-content-services/charts/alfresco-search/README.md b/helm/alfresco-content-services/charts/alfresco-search/README.md index f8a1c6435..ca3c20f1a 100644 --- a/helm/alfresco-content-services/charts/alfresco-search/README.md +++ b/helm/alfresco-content-services/charts/alfresco-search/README.md @@ -1,6 +1,6 @@ # alfresco-search -![Version: 1.2.0-SNAPSHOT](https://img.shields.io/badge/Version-1.2.0--SNAPSHOT-informational?style=flat-square) ![AppVersion: 2.0.6](https://img.shields.io/badge/AppVersion-2.0.6-informational?style=flat-square) +![Version: 1.2.0](https://img.shields.io/badge/Version-1.2.0-informational?style=flat-square) ![AppVersion: 2.0.6](https://img.shields.io/badge/AppVersion-2.0.6-informational?style=flat-square) A Helm chart for deploying Alfresco Search @@ -16,7 +16,7 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b | Repository | Name | Version | |------------|------|---------| -| | alfresco-insight-zeppelin | 1.2.0-SNAPSHOT | +| | alfresco-insight-zeppelin | 1.2.0 | | https://alfresco.github.io/alfresco-helm-charts/ | alfresco-common | 1.0.0 | ## Values diff --git a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/Chart.yaml b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/Chart.yaml index 9965f8fef..d082e30a7 100755 --- a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/Chart.yaml +++ b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/Chart.yaml @@ -10,7 +10,7 @@ keywords: name: alfresco-insight-zeppelin sources: - https://github.com/Alfresco/acs-deployment -version: 1.2.0-SNAPSHOT +version: 1.2.0 appVersion: 2.0.6 dependencies: - name: alfresco-common diff --git a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/README.md b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/README.md index fd89035f1..b8e1aa98a 100644 --- a/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/README.md +++ b/helm/alfresco-content-services/charts/alfresco-search/charts/alfresco-insight-zeppelin/README.md @@ -1,6 +1,6 @@ # alfresco-insight-zeppelin -![Version: 1.2.0-SNAPSHOT](https://img.shields.io/badge/Version-1.2.0--SNAPSHOT-informational?style=flat-square) ![AppVersion: 2.0.6](https://img.shields.io/badge/AppVersion-2.0.6-informational?style=flat-square) +![Version: 1.2.0](https://img.shields.io/badge/Version-1.2.0-informational?style=flat-square) ![AppVersion: 2.0.6](https://img.shields.io/badge/AppVersion-2.0.6-informational?style=flat-square) A Helm chart for deploying Alfresco Insight Zeppelin diff --git a/helm/alfresco-content-services/community_values.yaml b/helm/alfresco-content-services/community_values.yaml index e651c740c..91811c4b4 100644 --- a/helm/alfresco-content-services/community_values.yaml +++ b/helm/alfresco-content-services/community_values.yaml @@ -5,7 +5,7 @@ repository: replicaCount: 1 image: repository: alfresco/alfresco-content-repository-community - tag: 7.4.0-M2 + tag: 7.4.0-M3 persistence: accessModes: - ReadWriteOnce @@ -23,11 +23,11 @@ share: replicaCount: 1 image: repository: alfresco/alfresco-share - tag: 7.4.0-M2 + tag: 7.4.0-M3 alfresco-search: searchServicesImage: repository: alfresco/alfresco-search-services - tag: 2.0.6-A4 + tag: 2.0.6 # Disable Enterprise only features alfresco-digital-workspace: enabled: false diff --git a/helm/alfresco-content-services/values.yaml b/helm/alfresco-content-services/values.yaml index 0c5a3775d..96c3f41fa 100644 --- a/helm/alfresco-content-services/values.yaml +++ b/helm/alfresco-content-services/values.yaml @@ -29,7 +29,7 @@ repository: type: Recreate image: repository: quay.io/alfresco/alfresco-content-repository - tag: 7.4.0-M2 + tag: 7.4.0-M3 pullPolicy: IfNotPresent internalPort: 8080 hazelcastPort: 5701 @@ -556,7 +556,7 @@ share: nodeSelector: {} image: repository: quay.io/alfresco/alfresco-share - tag: 7.4.0-M2 + tag: 7.4.0-M3 pullPolicy: IfNotPresent internalPort: 8080 service: @@ -699,7 +699,7 @@ alfresco-digital-workspace: # - chart-example.local image: repository: quay.io/alfresco/alfresco-digital-workspace - tag: 4.0.0-A.2 + tag: 4.0.0-A.3 pullPolicy: IfNotPresent env: APP_CONFIG_AUTH_TYPE: "BASIC" From f4af4f79e1521c9d65234cfaf165fc0ae149a096 Mon Sep 17 00:00:00 2001 From: Tahir Malik Date: Fri, 5 May 2023 10:32:02 +0200 Subject: [PATCH 20/26] testing files --- .vscode/tasks.json | 17 +++- .../cntz_values.yaml | 94 +++++++++++++++++++ .../local_values.yaml | 5 + 3 files changed, 114 insertions(+), 2 deletions(-) create mode 100644 helm/alfresco-content-services/cntz_values.yaml create mode 100644 helm/alfresco-content-services/local_values.yaml diff --git a/.vscode/tasks.json b/.vscode/tasks.json index ff2551c56..ad6e00b2e 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -11,8 +11,21 @@ "isDefault": true }, "options": { - "cwd": "helm/alfresco-content-services" + "cwd": "helm/alfresco-content-services" + } + }, + { + "label": "helm install Default chart Local", + "type": "shell", + "command": "helm upgrade --install acs -f values.yaml -f 7.2.N_values.yaml -f local_values.yaml .", + "problemMatcher": [], + "group": { + "kind": "test", + "isDefault": true + }, + "options": { + "cwd": "helm/alfresco-content-services" } } ] -} +} \ No newline at end of file diff --git a/helm/alfresco-content-services/cntz_values.yaml b/helm/alfresco-content-services/cntz_values.yaml new file mode 100644 index 000000000..d352f6e3a --- /dev/null +++ b/helm/alfresco-content-services/cntz_values.yaml @@ -0,0 +1,94 @@ +alfresco-content-services: + global: + alfrescoRegistryPullSecrets: regcred + + persistence: + storageClass: + enabled: true + accessModes: + - ReadWriteMany + + repository: + replicaCount: 1 + image: + repository: harbor.contezza.nl/quay.io/alfresco/alfresco-content-repository + + share: + replicaCount: 1 + image: + repository: harbor.contezza.nl/quay.io/alfresco/alfresco-share + + alfresco-admin-app: + enabled: false + + transformrouter: + replicaCount: 1 + image: + repository: harbor.contezza.nl/quay.io/alfresco/alfresco-transform-router + + pdfrenderer: + replicaCount: 1 + image: + repository: harbor.contezza.nl/quay.io/alfresco/alfresco-pdf-renderer + + imagemagick: + replicaCount: 1 + image: + repository: harbor.contezza.nl/quay.io/alfresco/alfresco-imagemagick + + libreoffice: + replicaCount: 1 + image: + repository: harbor.contezza.nl/quay.io/alfresco/alfresco-libreoffice + + tika: + replicaCount: 1 + image: + repository: harbor.contezza.nl/quay.io/alfresco/alfresco-tika + + filestore: + image: + repository: harbor.contezza.nl/quay.io/alfresco/alfresco-shared-file-store + + transformmisc: + enabled: false + + alfresco-digital-workspace: + enabled: false + alfresco-sync-service: + syncservice: + enabled: false + postgresql-syncservice: + enabled: false + ai: + enabled: false + s3connector: + enabled: false + email: + server: + enabled: false + inbound: + enabled: false + imap: + server: + enabled: false + # alfresco-search: + # searchServicesImage: + # repository: alfresco/alfresco-search-services + # replication: + # enabled: true + # persistence: + # volumeSizeRequest: 25Gi + # storageClassName: "default" +# For search dependency chart +global: + alfrescoRegistryPullSecrets: regcred + +alfresco-search: + enabled: true + searchServicesImage: + repository: alfresco/alfresco-search-services + repository: + # The value for "host" is the name of this chart + host: alfresco-cs + port: 80 diff --git a/helm/alfresco-content-services/local_values.yaml b/helm/alfresco-content-services/local_values.yaml new file mode 100644 index 000000000..335438250 --- /dev/null +++ b/helm/alfresco-content-services/local_values.yaml @@ -0,0 +1,5 @@ +global: + alfrescoRegistryPullSecrets: regcred + tracking: + auth: secret + sharedsecret: secret From ed263311ce81c618530dc59ddce91c38bde47847 Mon Sep 17 00:00:00 2001 From: Tahir Malik Date: Wed, 31 May 2023 14:45:23 +0200 Subject: [PATCH 21/26] added serviceAccount --- .../templates/deployment-repository.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/helm/alfresco-content-services/templates/deployment-repository.yaml b/helm/alfresco-content-services/templates/deployment-repository.yaml index df8ec8b0a..dcda4fd78 100644 --- a/helm/alfresco-content-services/templates/deployment-repository.yaml +++ b/helm/alfresco-content-services/templates/deployment-repository.yaml @@ -95,6 +95,8 @@ spec: mountPath: /usr/local/tomcat/shared/classes/alfresco/extension/custom-log4j2.properties subPath: custom-log4j2.properties {{- end }} +{{ toYaml .Values.repository.extraVolumeMounts | indent 10 }} + {{- end }} startupProbe: httpGet: path: /alfresco/api/-default-/public/alfresco/versions/1/probes/-ready- @@ -186,6 +188,7 @@ spec: - name: email-keystore-volume mountPath: /var/run/secrets/java.io/keystores {{- end }} + serviceAccountName: {{ .Values.repository.serviceAccountName }} volumes: {{- include "data_volume" .Values.repository | nindent 8 }} {{- if and (index .Values "alfresco-search" "enabled") (eq .Values.global.tracking.auth "secret") }} From 0037a81067370d321a9abeda6109f8d5bdfe1ba9 Mon Sep 17 00:00:00 2001 From: Tahir Malik Date: Wed, 31 May 2023 16:51:47 +0200 Subject: [PATCH 22/26] type if volumeMounts --- .../templates/deployment-repository.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/helm/alfresco-content-services/templates/deployment-repository.yaml b/helm/alfresco-content-services/templates/deployment-repository.yaml index dcda4fd78..4643e07d4 100644 --- a/helm/alfresco-content-services/templates/deployment-repository.yaml +++ b/helm/alfresco-content-services/templates/deployment-repository.yaml @@ -95,6 +95,7 @@ spec: mountPath: /usr/local/tomcat/shared/classes/alfresco/extension/custom-log4j2.properties subPath: custom-log4j2.properties {{- end }} + {{- if .Values.repository.extraVolumeMounts }} {{ toYaml .Values.repository.extraVolumeMounts | indent 10 }} {{- end }} startupProbe: From f03a7a59496de85b585d07160a47fd4ad01bcfa2 Mon Sep 17 00:00:00 2001 From: Tahir Malik Date: Wed, 31 May 2023 17:24:19 +0200 Subject: [PATCH 23/26] disable data volume when serviceaccount --- .../templates/deployment-repository.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/helm/alfresco-content-services/templates/deployment-repository.yaml b/helm/alfresco-content-services/templates/deployment-repository.yaml index 4643e07d4..8517f5d2a 100644 --- a/helm/alfresco-content-services/templates/deployment-repository.yaml +++ b/helm/alfresco-content-services/templates/deployment-repository.yaml @@ -189,9 +189,13 @@ spec: - name: email-keystore-volume mountPath: /var/run/secrets/java.io/keystores {{- end }} + {{- if .Values.repository.serviceAccountName }} serviceAccountName: {{ .Values.repository.serviceAccountName }} + {{- end }} volumes: + {{- if not .Values.repository.serviceAccountName }} {{- include "data_volume" .Values.repository | nindent 8 }} + {{- end }} {{- if and (index .Values "alfresco-search" "enabled") (eq .Values.global.tracking.auth "secret") }} - name: repository-properties secret: From cb799663e189b5ff2d14fab28fe886685e29470d Mon Sep 17 00:00:00 2001 From: Tahir Malik Date: Mon, 17 Jul 2023 15:56:13 +0200 Subject: [PATCH 24/26] Removed default fsgroup value --- helm/alfresco-content-services/values.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/helm/alfresco-content-services/values.yaml b/helm/alfresco-content-services/values.yaml index 96c3f41fa..3e85ad081 100644 --- a/helm/alfresco-content-services/values.yaml +++ b/helm/alfresco-content-services/values.yaml @@ -71,7 +71,6 @@ repository: runAsNonRoot: true runAsUser: 33000 runAsGroup: 1000 - fsGroup: 1000 resources: requests: cpu: "1" From 2ff762d4f4293ee4d5843298dffa37af274e6dff Mon Sep 17 00:00:00 2001 From: John van Hienen Date: Thu, 2 Mar 2023 15:27:33 +0100 Subject: [PATCH 25/26] feat: podAnnotations for repository --- .../templates/deployment-repository.yaml | 3 +++ helm/alfresco-content-services/values.yaml | 1 + 2 files changed, 4 insertions(+) diff --git a/helm/alfresco-content-services/templates/deployment-repository.yaml b/helm/alfresco-content-services/templates/deployment-repository.yaml index 8517f5d2a..11a6be98f 100644 --- a/helm/alfresco-content-services/templates/deployment-repository.yaml +++ b/helm/alfresco-content-services/templates/deployment-repository.yaml @@ -24,6 +24,9 @@ spec: checksum/config: {{ include (print $.Template.BasePath "/config-repository.yaml") . | sha256sum }} checksum/secretDatabase: {{ include (print $.Template.BasePath "/secret-database.yaml") . | sha256sum }} checksum/secretS3: {{ include (print $.Template.BasePath "/secret-s3.yaml") . | sha256sum }} + {{- with .Values.repository.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} labels: {{- include "repository.selectorLabels" . | nindent 8 }} spec: diff --git a/helm/alfresco-content-services/values.yaml b/helm/alfresco-content-services/values.yaml index 3e85ad081..5ba52cacf 100644 --- a/helm/alfresco-content-services/values.yaml +++ b/helm/alfresco-content-services/values.yaml @@ -67,6 +67,7 @@ repository: -Dencryption.keystore.location=/usr/local/tomcat/shared/classes/alfresco/extension/keystore/keystore -Dmetadata-keystore.aliases=metadata -Dmetadata-keystore.metadata.algorithm=DESede + podAnnotations: {} podSecurityContext: runAsNonRoot: true runAsUser: 33000 From f8a3b957c239911ae5d8015db118b92f9721aa59 Mon Sep 17 00:00:00 2001 From: Tahir Malik Date: Wed, 26 Jul 2023 17:19:54 +0200 Subject: [PATCH 26/26] added podAnnotations --- .../templates/deployment-ai-transformer.yaml | 3 +++ .../templates/deployment-filestore.yaml | 3 +++ .../templates/deployment-imagemagick.yaml | 3 +++ .../templates/deployment-libreoffice.yaml | 3 +++ .../templates/deployment-ms-teams-service.yaml | 3 +++ .../templates/deployment-ooi-service.yaml | 3 +++ .../templates/deployment-pdfrenderer.yaml | 3 +++ .../templates/deployment-share.yaml | 3 +++ .../templates/deployment-tika.yaml | 3 +++ .../templates/deployment-transform-misc.yaml | 3 +++ .../templates/deployment-transform-router.yaml | 3 +++ helm/alfresco-content-services/values.yaml | 11 +++++++++++ 12 files changed, 44 insertions(+) diff --git a/helm/alfresco-content-services/templates/deployment-ai-transformer.yaml b/helm/alfresco-content-services/templates/deployment-ai-transformer.yaml index fa947f4c3..2b633f587 100644 --- a/helm/alfresco-content-services/templates/deployment-ai-transformer.yaml +++ b/helm/alfresco-content-services/templates/deployment-ai-transformer.yaml @@ -20,6 +20,9 @@ spec: metadata: annotations: checksum/config: {{ include (print $.Template.BasePath "/config-ai-transformer.yaml") . | sha256sum }} + {{- with .Values.aiTransformer.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} labels: {{- include "ai-transformer.selectorLabels" . | nindent 8 }} spec: diff --git a/helm/alfresco-content-services/templates/deployment-filestore.yaml b/helm/alfresco-content-services/templates/deployment-filestore.yaml index 541f5c8e3..f5f711470 100644 --- a/helm/alfresco-content-services/templates/deployment-filestore.yaml +++ b/helm/alfresco-content-services/templates/deployment-filestore.yaml @@ -20,6 +20,9 @@ spec: metadata: annotations: checksum/config: {{ include (print $.Template.BasePath "/config-filestore.yaml") . | sha256sum }} + {{- with .Values.filestore.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} labels: {{- include "filestore.selectorLabels" . | nindent 8 }} spec: diff --git a/helm/alfresco-content-services/templates/deployment-imagemagick.yaml b/helm/alfresco-content-services/templates/deployment-imagemagick.yaml index 68045ed71..d24e4568a 100644 --- a/helm/alfresco-content-services/templates/deployment-imagemagick.yaml +++ b/helm/alfresco-content-services/templates/deployment-imagemagick.yaml @@ -19,6 +19,9 @@ spec: metadata: annotations: checksum/config: {{ include (print $.Template.BasePath "/config-imagemagick.yaml") . | sha256sum }} + {{- with .Values.imagemagick.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} labels: {{- include "imagemagick.selectorLabels" . | nindent 8 }} spec: diff --git a/helm/alfresco-content-services/templates/deployment-libreoffice.yaml b/helm/alfresco-content-services/templates/deployment-libreoffice.yaml index da15581d3..7a33e2b16 100644 --- a/helm/alfresco-content-services/templates/deployment-libreoffice.yaml +++ b/helm/alfresco-content-services/templates/deployment-libreoffice.yaml @@ -20,6 +20,9 @@ spec: metadata: annotations: checksum/config: {{ include (print $.Template.BasePath "/config-libreoffice.yaml") . | sha256sum }} + {{- with .Values.libreoffice.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} labels: {{- include "libreoffice.selectorLabels" . | nindent 8 }} spec: diff --git a/helm/alfresco-content-services/templates/deployment-ms-teams-service.yaml b/helm/alfresco-content-services/templates/deployment-ms-teams-service.yaml index b3bb2f758..f4b8412e2 100644 --- a/helm/alfresco-content-services/templates/deployment-ms-teams-service.yaml +++ b/helm/alfresco-content-services/templates/deployment-ms-teams-service.yaml @@ -20,6 +20,9 @@ spec: metadata: annotations: checksum/config: {{ include (print $.Template.BasePath "/config-ms-teams-service.yaml") . | sha256sum }} + {{- with .Values.msTeamsService.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} labels: {{- include "ms-teams-service.selectorLabels" . | nindent 8 }} spec: diff --git a/helm/alfresco-content-services/templates/deployment-ooi-service.yaml b/helm/alfresco-content-services/templates/deployment-ooi-service.yaml index db60ab861..e4b3921e3 100644 --- a/helm/alfresco-content-services/templates/deployment-ooi-service.yaml +++ b/helm/alfresco-content-services/templates/deployment-ooi-service.yaml @@ -21,6 +21,9 @@ spec: metadata: annotations: checksum/config: {{ include (print $.Template.BasePath "/config-ooi-service.yaml") . | sha256sum }} + {{- with .Values.ooiService.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} labels: {{- include "ooi-service.selectorLabels" . | nindent 8 }} spec: diff --git a/helm/alfresco-content-services/templates/deployment-pdfrenderer.yaml b/helm/alfresco-content-services/templates/deployment-pdfrenderer.yaml index d36a0936b..ae02a53d3 100644 --- a/helm/alfresco-content-services/templates/deployment-pdfrenderer.yaml +++ b/helm/alfresco-content-services/templates/deployment-pdfrenderer.yaml @@ -19,6 +19,9 @@ spec: metadata: annotations: checksum/config: {{ include (print $.Template.BasePath "/config-pdfrenderer.yaml") . | sha256sum }} + {{- with .Values.pdfrenderer.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} labels: {{- include "pdfrenderer.selectorLabels" . | nindent 8 }} spec: diff --git a/helm/alfresco-content-services/templates/deployment-share.yaml b/helm/alfresco-content-services/templates/deployment-share.yaml index 9d7f384ed..f1cccd7de 100644 --- a/helm/alfresco-content-services/templates/deployment-share.yaml +++ b/helm/alfresco-content-services/templates/deployment-share.yaml @@ -21,6 +21,9 @@ spec: metadata: annotations: checksum/config: {{ include (print $.Template.BasePath "/config-share.yaml") . | sha256sum }} + {{- with .Values.share.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} labels: {{- include "share.selectorLabels" . | nindent 8 }} spec: diff --git a/helm/alfresco-content-services/templates/deployment-tika.yaml b/helm/alfresco-content-services/templates/deployment-tika.yaml index d396fbc01..351fccd7d 100644 --- a/helm/alfresco-content-services/templates/deployment-tika.yaml +++ b/helm/alfresco-content-services/templates/deployment-tika.yaml @@ -19,6 +19,9 @@ spec: metadata: annotations: checksum/config: {{ include (print $.Template.BasePath "/config-tika.yaml") . | sha256sum }} + {{- with .Values.tika.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} labels: {{- include "tika.selectorLabels" . | nindent 8 }} spec: diff --git a/helm/alfresco-content-services/templates/deployment-transform-misc.yaml b/helm/alfresco-content-services/templates/deployment-transform-misc.yaml index 5b8bb9698..9d1b1fa77 100644 --- a/helm/alfresco-content-services/templates/deployment-transform-misc.yaml +++ b/helm/alfresco-content-services/templates/deployment-transform-misc.yaml @@ -20,6 +20,9 @@ spec: metadata: annotations: checksum/config: {{ include (print $.Template.BasePath "/config-transform-misc.yaml") . | sha256sum }} + {{- with .Values.transformmisc.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} labels: {{- include "transform-misc.selectorLabels" . | nindent 8 }} spec: diff --git a/helm/alfresco-content-services/templates/deployment-transform-router.yaml b/helm/alfresco-content-services/templates/deployment-transform-router.yaml index 2d694b978..a3150b920 100644 --- a/helm/alfresco-content-services/templates/deployment-transform-router.yaml +++ b/helm/alfresco-content-services/templates/deployment-transform-router.yaml @@ -19,6 +19,9 @@ spec: annotations: checksum/config: {{ include (print $.Template.BasePath "/config-transform-router.yaml") . | sha256sum }} checksum/config-routes: {{ include (print $.Template.BasePath "/config-transformer-routes.yaml") . | sha256sum }} + {{- with .Values.transformrouter.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} labels: {{- include "transform-router.selectorLabels" . | nindent 8 }} spec: diff --git a/helm/alfresco-content-services/values.yaml b/helm/alfresco-content-services/values.yaml index 5ba52cacf..4a69c39f9 100644 --- a/helm/alfresco-content-services/values.yaml +++ b/helm/alfresco-content-services/values.yaml @@ -140,6 +140,7 @@ ooiService: # - secretName: chart-example-tls # hosts: # - chart-example.local + podAnnotations: {} podSecurityContext: runAsNonRoot: true runAsUser: 33006 @@ -181,6 +182,7 @@ msTeamsService: # - secretName: chart-example-tls # hosts: # - chart-example.local + podAnnotations: {} podSecurityContext: runAsNonRoot: true runAsUser: 33041 @@ -238,6 +240,7 @@ transformrouter: initialDelaySeconds: 140 periodSeconds: 120 timeoutSeconds: 60 + podAnnotations: {} podSecurityContext: runAsNonRoot: true runAsUser: 33016 @@ -262,6 +265,7 @@ pdfrenderer: name: pdfrenderer type: ClusterIP externalPort: 80 + podAnnotations: {} podSecurityContext: runAsNonRoot: true runAsUser: 33001 @@ -302,6 +306,7 @@ imagemagick: name: imagemagick type: ClusterIP externalPort: 80 + podAnnotations: {} podSecurityContext: runAsNonRoot: true runAsUser: 33002 @@ -349,6 +354,7 @@ libreoffice: limits: cpu: "4" memory: "1000Mi" + podAnnotations: {} podSecurityContext: runAsNonRoot: true runAsUser: 33003 @@ -382,6 +388,7 @@ tika: name: tika type: ClusterIP externalPort: 80 + podAnnotations: {} podSecurityContext: runAsNonRoot: true runAsUser: 33004 @@ -423,6 +430,7 @@ transformmisc: name: transformmisc type: ClusterIP externalPort: 80 + podAnnotations: {} podSecurityContext: runAsNonRoot: true runAsUser: 33006 @@ -461,6 +469,7 @@ aiTransformer: name: ai-transformer type: ClusterIP externalPort: 80 + podAnnotations: {} podSecurityContext: runAsUser: 33015 resources: @@ -509,6 +518,7 @@ filestore: name: filestore type: ClusterIP externalPort: 80 + podAnnotations: {} podSecurityContext: runAsUser: 33030 runAsGroup: 1000 @@ -576,6 +586,7 @@ share: drop: - NET_RAW - ALL + podAnnotations: {} podSecurityContext: runAsNonRoot: true resources: