X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=blobdiff_plain;f=helm%2Finfrastructure%2Fsubcharts%2Fkong%2Ftemplates%2Fmigrations.yaml;h=e1a85fb90c189fab9d94556b53551dfbcc6383f6;hb=refs%2Fchanges%2F69%2F12969%2F1;hp=76c9b2975dfaee7bb96247b3a586d7939fdb06ac;hpb=38dc857062b14145f5b9db89d10eba0ae5b90d11;p=ric-plt%2Fric-dep.git

diff --git a/helm/infrastructure/subcharts/kong/templates/migrations.yaml b/helm/infrastructure/subcharts/kong/templates/migrations.yaml
old mode 100755
new mode 100644
index 76c9b29..e1a85fb
--- a/helm/infrastructure/subcharts/kong/templates/migrations.yaml
+++ b/helm/infrastructure/subcharts/kong/templates/migrations.yaml
@@ -1,71 +1,108 @@
-{{- if (and (.Values.runMigrations) (not (eq .Values.env.database "off"))) }}
+{{- if .Values.deployment.kong.enabled }}
+{{- if .Release.IsInstall -}}
+{{/* .migrations.init isn't normally exposed in values.yaml, since it should
+     generally always run on install--there should never be any reason to
+     disable it, and at worst it's a no-op. However, https://github.com/helm/helm/issues/3308
+     means we cannot use the default function to create a hidden value, hence
+     the workaround with this $runInit variable.
+ */}}
+{{- $runInit := true -}}
+{{- if (hasKey .Values.migrations "init") -}}
+  {{- $runInit = .Values.migrations.init -}}
+{{- end -}}
+
+{{- if (and ($runInit) (not (eq .Values.env.database "off"))) }}
 apiVersion: batch/v1
 kind: Job
 metadata:
   name: {{ template "kong.fullname" . }}-init-migrations
+  namespace: {{ template "kong.namespace" . }}
   labels:
-    app: {{ template "kong.name" . }}
-    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
-    release: "{{ .Release.Name }}"
-    heritage: "{{ .Release.Service }}"
-    component: init-migrations
+    {{- include "kong.metaLabels" . | nindent 4 }}
+    app.kubernetes.io/component: init-migrations
+  annotations:
+    argocd.argoproj.io/hook: Sync
+    argocd.argoproj.io/hook-delete-policy: BeforeHookCreation
+  {{- range $key, $value := .Values.migrations.jobAnnotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
 spec:
+  backoffLimit: {{ .Values.migrations.backoffLimit }}
   template:
     metadata:
       name: {{ template "kong.name" . }}-init-migrations
       labels:
-        app: {{ template "kong.name" . }}
-        release: "{{ .Release.Name }}"
-        component: init-migrations
+        {{- include "kong.metaLabels" . | nindent 8 }}
+        app.kubernetes.io/component: init-migrations
+      {{- if .Values.migrations.annotations }}
+      annotations:
+      {{- range $key, $value := .Values.migrations.annotations }}
+        {{ $key }}: {{ $value | quote }}
+      {{- end }}
+      {{- if (and (not .Values.deployment.serviceAccount.automountServiceAccountToken) (or .Values.deployment.serviceAccount.create .Values.deployment.serviceAccount.name)) }}
+        kuma.io/service-account-token-volume: {{ template "kong.serviceAccountTokenName" . }}
+      {{- end }}
+      {{- end }}
     spec:
+      {{- if or .Values.deployment.serviceAccount.create .Values.deployment.serviceAccount.name }}
+      serviceAccountName: {{ template "kong.serviceAccountName" . }}
+      {{- end }}
+      {{- if (and (or .Values.deployment.serviceAccount.create .Values.deployment.serviceAccount.name) .Values.deployment.serviceAccount.automountServiceAccountToken) }}
+      automountServiceAccountToken: true
+      {{- else }}
+      automountServiceAccountToken: false
+      {{ end }}
       {{- if .Values.image.pullSecrets }}
       imagePullSecrets:
       {{- range .Values.image.pullSecrets }}
         - name: {{ . }}
       {{- end }}
       {{- end }}
-      {{- if .Values.postgresql.enabled }}
+      {{- if (or (and (.Values.postgresql.enabled) .Values.waitImage.enabled) .Values.deployment.initContainers) }}
       initContainers:
-      - name: wait-for-postgres
-        image: "{{ .Values.waitImage.repository }}:{{ .Values.waitImage.tag }}"
-        env:
-        - name: KONG_PG_HOST
-          value: {{ template "kong.postgresql.fullname" . }}
-        - name: KONG_PG_PORT
-          value: "{{ .Values.postgresql.service.port }}"
-        - name: KONG_PG_PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: {{ template "kong.postgresql.fullname" . }}
-              key: postgresql-password
-        command: [ "/bin/sh", "-c", "until nc -zv $KONG_PG_HOST $KONG_PG_PORT -w1; do echo 'waiting for db'; sleep 1; done" ]
+      {{- if .Values.deployment.initContainers }}
+      {{- toYaml .Values.deployment.initContainers | nindent 6 }}
+      {{- end }}
+      {{- if (and (.Values.postgresql.enabled) .Values.waitImage.enabled) }}
+      {{- include "kong.wait-for-postgres" . | nindent 6 }}
+      {{- end }}
       {{- end }}
       containers:
+      {{- if .Values.migrations.sidecarContainers }}
+      {{- toYaml .Values.migrations.sidecarContainers | nindent 6 }}
+      {{- end }}
       - name: {{ template "kong.name" . }}-migrations
-        image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+        image: {{ include "kong.getRepoTag" .Values.image }}
         imagePullPolicy: {{ .Values.image.pullPolicy }}
+        securityContext:
+        {{ toYaml .Values.containerSecurityContext | nindent 10 }} 
         env:
-        - name: KONG_NGINX_DAEMON
-          value: "off"
-        {{- if .Values.enterprise.enabled }}
-        {{- include "kong.license" . | nindent 8 }}
-        {{- end }}
-        {{- if .Values.postgresql.enabled }}
-        - name: KONG_PG_HOST
-          value: {{ template "kong.postgresql.fullname" . }}
-        - name: KONG_PG_PORT
-          value: "{{ .Values.postgresql.service.port }}"
-        - name: KONG_PG_PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: {{ template "kong.postgresql.fullname" . }}
-              key: postgresql-password
-        {{- end }}
-        {{- if .Values.cassandra.enabled }}
-        - name: KONG_CASSANDRA_CONTACT_POINTS
-          value: {{ template "kong.cassandra.fullname" . }}
-        {{- end }}
-        {{- include "kong.env" .  | indent 8 }}
-        command: [ "/bin/sh", "-c", "kong migrations bootstrap" ]
+        {{- include "kong.no_daemon_env" . | nindent 8 }}
+        {{- include "kong.envFrom" .Values.envFrom | nindent 8 }}
+        args: [ "kong", "migrations", "bootstrap" ]
+        volumeMounts:
+        {{- include "kong.volumeMounts" . | nindent 8 }}
+        {{- include "kong.userDefinedVolumeMounts" .Values.deployment | nindent 8 }}
+        resources:
+        {{- toYaml .Values.migrations.resources | nindent 10 }}
+      securityContext:
+      {{- include "kong.podsecuritycontext" . | nindent 8 }}
+      {{- if .Values.affinity }}
+      affinity:
+      {{- toYaml .Values.affinity | nindent 8 }}
+      {{- end }}
+      {{- if .Values.nodeSelector }}
+      nodeSelector:
+      {{- toYaml .Values.nodeSelector | nindent 8 }}
+      {{- end }}
+      {{- if .Values.tolerations }}
+      tolerations:
+      {{- toYaml .Values.tolerations | nindent 8 }}
+      {{- end }}
       restartPolicy: OnFailure
+      volumes:
+      {{- include "kong.volumes" . | nindent 6 -}}
+      {{- include "kong.userDefinedVolumes" . | nindent 6 -}}
+{{- end }}
+{{- end }}
 {{- end }}