Skip to content

Make ttl changeable in the values file #26

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
kbstocks wants to merge 6 commits into
base: release/1.18.1
Choose a base branch
from
Open

Make ttl changeable in the values file #26

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
0c459b5
Make ttl changeable in the values file
kbstocks Dec 11, 2025
5047ddf
Add ttl to the schema
kbstocks Dec 12, 2025
5754524
Adding custom cert support
kbstocks Jan 14, 2026
4ca06e1
make sure volumeMounts indented properly
kbstocks Jan 14, 2026
948923c
add sleep
kbstocks Jan 14, 2026
a057a3d
fix cmd syntax
kbstocks Jan 14, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 37 additions & 0 deletions charts/kasm/templates/api-deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ spec:
{{- with .Values.components.api.labels }}{{ toYaml . | nindent 8 }}{{- end }}
{{- with .Values.extraLabels.pod }}{{ toYaml . | nindent 8 }}{{- end }}
{{- with .Values.labels }}{{- toYaml . | nindent 8 }}{{- end }}
certs: trust-store
{{- if or .Values.components.api.annotations .Values.annotations.pod }}
annotations:
{{- with .Values.annotations.pod }}{{ toYaml . | nindent 8 }}{{- end }}
Expand All @@ -59,6 +60,15 @@ spec:
{{- with .Values.affinity }}
affinity: {{ toYaml . | nindent 8 }}
{{- end }}
volumes:
- name: uds-trust-bundle
configMap:
name: uds-trust-bundle
items:
- key: ca-bundle.pem
path: ca-bundle.pem
- name: combined-certs
emptyDir: {}
initContainers:
- name: db-is-ready
image: {{ $constants.api.image }}
Expand Down Expand Up @@ -94,6 +104,22 @@ spec:
- name: {{ $constants.api.name }}-container
image: {{ $constants.api.image }}
imagePullPolicy: {{ .Values.imagePullPolicy }}
command:
- "/bin/sh"
- "-c"
- |
echo "# Combined CA Bundle - System and UDS Certificates" > /opt/certs/combined-ca-bundle.pem
echo "" >> /opt/certs/combined-ca-bundle.pem
if [ -f /etc/ssl/certs/ca-certificates.crt ]; then
echo "# System CA Certificates" >> /opt/certs/combined-ca-bundle.pem
cat /etc/ssl/certs/ca-certificates.crt >> /opt/certs/combined-ca-bundle.pem
echo "" >> /opt/certs/combined-ca-bundle.pem
fi
if [ -f /etc/ssl/certs/uds-ca-bundle.pem ]; then
echo "# UDS Certificate Bundle" >> /opt/certs/combined-ca-bundle.pem
cat /etc/ssl/certs/uds-ca-bundle.pem >> /opt/certs/combined-ca-bundle.pem
fi
/usr/bin/startup.sh
env:
- name: START_SERVICES
value: "true"
Expand All @@ -116,6 +142,10 @@ spec:
name: {{ .Release.Name }}-secrets
key: "db-password"
{{- end }}
- name: SSL_CERT_FILE
value: /opt/certs/combined-ca-bundle.pem
- name: REQUESTS_CA_BUNDLE
value: /opt/certs/combined-ca-bundle.pem
ports:
- name: {{ $constants.api.portName }}
containerPort: {{ $constants.api.port }}
Expand All @@ -134,3 +164,10 @@ spec:
{{- if .Values.applyPodSecurity }}
{{- include "kasm.containerSecurity" . | indent 10 }}
{{- end }}
volumeMounts:
- name: uds-trust-bundle
mountPath: /etc/ssl/certs/uds-ca-bundle.pem
readOnly: true
subPath: ca-bundle.pem
- mountPath: /opt/certs
name: combined-certs
4 changes: 2 additions & 2 deletions charts/kasm/templates/db-init-job.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ metadata:
helm.sh/hook: pre-install
{{- end }}
spec:
ttlSecondsAfterFinished: 100
ttlSecondsAfterFinished: {{ .Values.components.api.ttlBeforeDelete }}
template:
metadata:
labels:
Expand Down Expand Up @@ -125,4 +125,4 @@ spec:
args:
- |
if [[ "$DB_AUTO_INITIALIZE" == "true" ]]; then /usr/bin/startup.sh; else echo "DB already initialized."; fi
{{- end }}
{{- end }}
9 changes: 8 additions & 1 deletion charts/kasm/values.schema.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -220,6 +220,12 @@
"title": "labels",
"type": "object"
},
"ttlBeforeDelete": {
"additionalProperties": true,
"description": "Time to live setting for the db-init-job",
"title": "ttlBeforeDelete",
"type": "integer"
},
"resources": {
"additionalProperties": true,
"description": "Manually configure the Kasm api Deployment resources. This overrides the pre-defined `deploymentSize` values.",
Expand All @@ -234,6 +240,7 @@
"image",
"resources",
"annotations",
"ttlBeforeDelete",
"labels"
]
},
Expand Down Expand Up @@ -1205,4 +1212,4 @@
}
},
"type": "object"
}
}
4 changes: 3 additions & 1 deletion charts/kasm/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -283,6 +283,8 @@ components:
annotations: {}
# components.api.resources -- Manually configure the Kasm api Deployment resources. This overrides the pre-defined `deploymentSize` values.
resources: {}
# components.api.ttlBeforeDelete -- Time to live setting for the db-init-job
ttlBeforeDelete: 100
# components.api.labels -- Custom labels to add to the Kasm api Deployment
labels: {}
# Configuration settings for the Kasm Manager service
Expand Down Expand Up @@ -485,4 +487,4 @@ extraLabels:
# extraObjects -- Deploy additional Kubernetes manifests.
# This field is expected to be either a multi-line string, a list of strings, or a list of objects.
#
extraObjects: []
extraObjects: []