Skip to content

Commit

Permalink
OPSEXP-1954: need an acs-deployment friendly fallback url (#22)
Browse files Browse the repository at this point in the history
  • Loading branch information
alxgomz authored Mar 15, 2023
1 parent e349266 commit 8319ce7
Show file tree
Hide file tree
Showing 10 changed files with 153 additions and 105 deletions.
4 changes: 2 additions & 2 deletions charts/alfresco-sync-service/Chart.lock
Original file line number Diff line number Diff line change
Expand Up @@ -11,5 +11,5 @@ dependencies:
- name: postgresql
repository: oci://registry-1.docker.io/bitnamicharts
version: 12.2.3
digest: sha256:7c7c05639d6d3dba74e8197081a87b6df8b551f0e666ef813d257dd77ac1b927
generated: "2023-03-14T13:00:59.770465+01:00"
digest: sha256:ecc70fe7948a2c3d1cff1392ac229ab7172054037177840dd2c4115f8f2cfc7f
generated: "2023-03-14T20:19:21.928703+01:00"
8 changes: 3 additions & 5 deletions charts/alfresco-sync-service/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ keywords:
name: alfresco-sync-service
sources:
- https://github.com/Alfresco/acs-deployment
version: 4.0.0
version: 4.0.1
appVersion: 4.0.0-M7
icon: https://avatars0.githubusercontent.com/u/391127?s=200&v=4
dependencies:
Expand All @@ -19,12 +19,10 @@ dependencies:
version: 2.0.0
repository: https://alfresco.github.io/alfresco-helm-charts/
- name: activemq
alias: messageBroker
version: 3.0.1
repository: https://alfresco.github.io/alfresco-helm-charts/
condition: messageBroker.enabled
condition: activemq.enabled
- name: postgresql
alias: database
version: 12.x.x
repository: oci://registry-1.docker.io/bitnamicharts
condition: database.enabled
condition: postgresql.enabled
39 changes: 24 additions & 15 deletions charts/alfresco-sync-service/README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# alfresco-sync-service

![Version: 4.0.0](https://img.shields.io/badge/Version-4.0.0-informational?style=flat-square) ![AppVersion: 4.0.0-M7](https://img.shields.io/badge/AppVersion-4.0.0--M7-informational?style=flat-square)
![Version: 4.0.1](https://img.shields.io/badge/Version-4.0.1-informational?style=flat-square) ![AppVersion: 4.0.0-M7](https://img.shields.io/badge/AppVersion-4.0.0--M7-informational?style=flat-square)

Alfresco Sync Service

Expand All @@ -12,25 +12,31 @@ Alfresco Sync Service

| Repository | Name | Version |
|------------|------|---------|
| https://alfresco.github.io/alfresco-helm-charts/ | messageBroker(activemq) | 3.0.1 |
| https://alfresco.github.io/alfresco-helm-charts/ | activemq | 3.0.1 |
| https://alfresco.github.io/alfresco-helm-charts/ | alfresco-common | 2.0.0 |
| oci://registry-1.docker.io/bitnamicharts | common | 2.x.x |
| oci://registry-1.docker.io/bitnamicharts | database(postgresql) | 12.x.x |
| oci://registry-1.docker.io/bitnamicharts | postgresql | 12.x.x |

## Values

| Key | Type | Default | Description |
|-----|------|---------|-------------|
| database | object | `{"auth":{"database":"alfrescosync","enablePostgresUser":false,"password":"admin","username":"alfresco"},"enabled":false,"external":{"driver":"org.postgresql.Driver","existingSecretName":null,"password":"admin","url":null,"user":"alfresco"},"nameOverride":"postgresql-syncservice","primary":{"extendedConfiguration":"shared_buffers = 256MB\nmax_connections = 80\neffective_cache_size = 1024GB\nlog_min_messages = LOG\n"},"resources":{"limits":{"cpu":"2","memory":"2Gi"}}}` | Defines properties required by sync service for connecting to the database If you set database.external to true you will have to setup the JDBC driver, user, password and JdbcUrl as `driver`, `user`, `password` & `url` subelements of `database`. Also make sure that the container has the db driver |
| database.enabled | bool | `false` | If set to `true` a dedicated postgres instance will be deployed in the cluster for sync-service to use it. When set to `false` the chart expects you provide DB configuration details. |
| database.external.driver | string | `"org.postgresql.Driver"` | The JDBC Driver to connect to the DB. If different from the default make sure your container image ships it. |
| database.external.existingSecretName | string | `nil` | An existing kubernetes secret with DB info (prefered over using values) |
| database.external.password | string | `"admin"` | JDBC password to use to connect to the DB |
| database.external.url | string | `nil` | JDBC url to connect to the external DB. Required if `.database.enabled` is set to `true` |
| database.external.user | string | `"alfresco"` | JDBC username to use to connect to the DB |
| activemq.adminUser.password | string | `"admin"` | Password to use to set as the connection user for ActiveMQ |
| activemq.adminUser.user | string | `"admin"` | User to use to set as the connection user for ActiveMQ |
| activemq.enabled | bool | `false` | Toggle ActiveMQ chart dependency see [Alfresco ActiveMQ chart documentation](https://github.com/Alfresco/alfresco-helm-charts/tree/main/charts/activemq)) |
| activemq.nameOverride | string | `"activemq"` | |
| activemq.services.broker.ports.external.openwire | int | `61616` | |
| database.driver | string | `"org.postgresql.Driver"` | The JDBC Driver to connect to the DB. If different from the default make sure your container image ships it. |
| database.existingSecretName | string | `nil` | An existing kubernetes secret with DB info (prefered over using values) |
| database.password | string | `"admin"` | JDBC password to use to connect to the DB |
| database.url | string | `nil` | JDBC url to connect to the external DB |
| database.user | string | `"alfresco"` | JDBC username to use to connect to the DB |
| environment.EXTRA_JAVA_OPTS | string | `""` | |
| environment.JAVA_OPTS | string | `"-Dsync.metrics.reporter.graphite.enabled=false -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80"` | |
| global | object | `{"alfrescoRegistryPullSecrets":"quay-registry-secret","strategy":{"rollingUpdate":{"maxSurge":1,"maxUnavailable":0}}}` | Global definition of Docker registry pull secret which can be overridden from parent ACS Helm chart(s) |
| global | object | `{"alfrescoRegistryPullSecrets":"quay-registry-secret","messageBroker":{"password":null,"url":null,"user":null},"strategy":{"rollingUpdate":{"maxSurge":1,"maxUnavailable":0}}}` | Global definition of Docker registry pull secret which can be overridden from parent ACS Helm chart(s) |
| global.messageBroker.password | string | `nil` | Credential to use to authenticate to the broker. |
| global.messageBroker.url | string | `nil` | A failover URI formatted string, see: https://activemq.apache.org/failover-transport-reference |
| global.messageBroker.user | string | `nil` | Username to authenticate as. |
| image.internalPort | int | `9090` | |
| image.pullPolicy | string | `"IfNotPresent"` | |
| image.repository | string | `"quay.io/alfresco/service-sync"` | |
Expand All @@ -41,15 +47,18 @@ Alfresco Sync Service
| livenessProbe.initialDelaySeconds | int | `30` | |
| livenessProbe.periodSeconds | int | `30` | |
| livenessProbe.timeoutSeconds | int | `10` | |
| messageBroker | object | `{"adminUser":{"password":null,"user":null},"enabled":false,"external":{"existingSecretName":null,"password":"admin","url":null,"user":"alfresco"},"nameOverride":"activemq","services":{"broker":{"ports":{"external":{"openwire":61616}}}}}` | messageBroker object allow to pass ActiveMQ connection details. url: provides URI formatted string, see: https://activemq.apache.org/failover-transport-reference user: username to authenticate as. password: credential to use to authenticate to the broker. |
| messageBroker.adminUser.password | string | `nil` | Password to use to set as the connection user for ActiveMQ |
| messageBroker.adminUser.user | string | `nil` | User to use to set as the connection user for ActiveMQ |
| messageBroker.external.existingSecretName | string | `nil` | An existing kubernetes secret with MQ info (prefered over using values) |
| messageBroker.existingSecretName | string | `nil` | An existing k8s secret with broker details (prefered over using values) |
| messageBroker.nameOverride | string | `"activemq"` | A name that will be used as a base to get broker conenction details |
| messageBroker.password | string | `nil` | Credential to use to authenticate to the broker. |
| messageBroker.url | string | `nil` | A failover URI formatted string, see: https://activemq.apache.org/failover-transport-reference |
| messageBroker.user | string | `nil` | Username to authenticate as. |
| nodeSelector | object | `{}` | |
| podSecurityContext.fsGroup | int | `1000` | |
| podSecurityContext.runAsGroup | int | `1000` | |
| podSecurityContext.runAsNonRoot | bool | `true` | |
| podSecurityContext.runAsUser | int | `33020` | |
| postgresql | object | `{"auth":{"database":"alfrescosync","enablePostgresUser":false,"password":"admin","username":"alfresco"},"enabled":false,"nameOverride":"postgresql-syncservice","primary":{"extendedConfiguration":"shared_buffers = 256MB\nmax_connections = 80\neffective_cache_size = 1024GB\nlog_min_messages = LOG\n"},"resources":{"limits":{"cpu":"2","memory":"2Gi"}}}` | Defines properties required by sync service for connecting to the database If you set database.external to true you will have to setup the JDBC driver, user, password and JdbcUrl as `driver`, `user`, `password` & `url` subelements of `database`. Also make sure that the container has the db driver |
| postgresql.enabled | bool | `false` | Toggle PostgreSQL chart dependency see [PostgreSQL Bitnami charts documentation](https://github.com/bitnami/charts/tree/main/bitnami/postgresql)) |
| readinessProbe.failureThreshold | int | `12` | |
| readinessProbe.initialDelaySeconds | int | `20` | |
| readinessProbe.periodSeconds | int | `10` | |
Expand Down
5 changes: 3 additions & 2 deletions charts/alfresco-sync-service/ci/default-values.yaml
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
---
repository:
host: dummy-repo
messageBroker:
activemq:
enabled: true
messageBroker:
nameOverride: mqsync
database:
postgresql:
enabled: true
nameOverride: pgsync
28 changes: 14 additions & 14 deletions charts/alfresco-sync-service/templates/_helpers-db.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,10 @@ Get Database Username
*/}}
{{- define "syncservice.dbUser" -}}
{{- $defaultUser := "alfresco" }}
{{- if .Values.database.enabled }}
{{- coalesce .Values.database.auth.username $defaultUser }}
{{- if .Values.postgresql.enabled }}
{{- coalesce .Values.postgresql.auth.username $defaultUser }}
{{- else }}
{{- coalesce .Values.database.external.user $defaultUser }}
{{- coalesce .Values.database.user $defaultUser }}
{{- end }}
{{- end -}}

Expand All @@ -15,10 +15,10 @@ Get Database Password
*/}}
{{- define "syncservice.dbPass" -}}
{{- $defaultPass := "admin" }}
{{- if .Values.database.enabled }}
{{- coalesce .Values.database.auth.password $defaultPass }}
{{- if .Values.postgresql.enabled }}
{{- coalesce .Values.postgresql.auth.password $defaultPass }}
{{- else }}
{{- coalesce .Values.database.external.password $defaultPass }}
{{- coalesce .Values.database.password $defaultPass }}
{{- end }}
{{- end -}}

Expand All @@ -27,25 +27,25 @@ Get Database Driver
*/}}
{{- define "syncservice.dbDriver" -}}
{{- $defaultDriver := "org.postgresql.Driver" }}
{{- if .Values.database.enabled }}
{{- if .Values.postgresql.enabled }}
{{- $defaultDriver }}
{{- else }}
{{- coalesce .Values.database.external.driver $defaultDriver }}
{{- coalesce .Values.database.driver $defaultDriver }}
{{- end }}
{{- end -}}

{{/*
Get Database URL
*/}}
{{- define "syncservice.dbUrl" -}}
{{- if .Values.database.enabled }}
{{- $pgsvcname := printf "%s-%s" .Release.Name .Values.database.nameOverride }}
{{- if .Values.postgresql.enabled }}
{{- $pgsvcname := printf "%s-%s" .Release.Name .Values.postgresql.nameOverride }}
{{- $pgsvcport := "" }}
{{- if hasKey .Values.database.primary "service" }}
{{- $pgsvcport := printf ":%s" (.Values.database.primary.service.port | default 5432) }}
{{- if hasKey .Values.postgresql.primary "service" }}
{{- $pgsvcport := printf ":%s" (.Values.postgresql.primary.service.port | default 5432) }}
{{- end }}
{{- printf "jdbc:postgresql://%s%s/%s" $pgsvcname $pgsvcport .Values.database.auth.database }}
{{- printf "jdbc:postgresql://%s%s/%s" $pgsvcname $pgsvcport .Values.postgresql.auth.database }}
{{- else }}
{{- required "To enable SyncService external database please provide .database.external.url" .Values.database.external.url }}
{{- required "To enable SyncService external database please provide .database.url" .Values.database.url }}
{{- end }}
{{- end -}}
28 changes: 14 additions & 14 deletions charts/alfresco-sync-service/templates/_helpers-mq.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -2,45 +2,45 @@
Get ActiveMQ URL
*/}}
{{- define "syncservice.brokerUrl" -}}
{{- if .Values.messageBroker.enabled }}
{{- $brokerOptions := "?timeout=3000&jms.useCompression=true" }}
{{- $brokerPort := .Values.messageBroker.services.broker.ports.external.openwire | int }}
{{- $brokerHostname := include "activemq.fullname" (dict "Values" .Values.messageBroker "Chart" .Chart "Release" .Release) }}
{{- coalesce .Values.messageBroker.url (printf "failover:(nio://%s-broker:%d)%s" $brokerHostname $brokerPort $brokerOptions) }}
{{- $brokerPort := .Values.activemq.services.broker.ports.external.openwire | int }}
{{- if .Values.activemq.enabled }}
{{- $brokerHostname := include "activemq.fullname" (dict "Values" .Values.activemq "Chart" .Chart "Release" .Release) }}
{{- printf "failover:(nio://%s-broker:%d)%s" $brokerHostname $brokerPort $brokerOptions }}
{{- else }}
{{- required "Please provide a failover URL when using external message broker" .Values.messageBroker.external.url -}}
{{- coalesce .Values.messageBroker.url .Values.global.messageBroker.url (printf "failover:(nio://%s-%s-broker:%d)%s" .Release.Name .Values.messageBroker.nameOverride $brokerPort $brokerOptions) -}}
{{- end }}
{{- end -}}

{{/*
Get ActiveMQ Username
*/}}
{{- define "syncservice.brokerUser" -}}
{{- if .Values.messageBroker.enabled }}
{{- .Values.messageBroker.adminUser.user | default "admin" -}}
{{- if .Values.activemq.enabled }}
{{- .Values.activemq.adminUser.user -}}
{{- else }}
{{- .Values.messageBroker.external.user -}}
{{- coalesce .Values.messageBroker.user .Values.global.messageBroker.user "alfresco" -}}
{{- end }}
{{- end -}}

{{/*
Get ActiveMQ Password
*/}}
{{- define "syncservice.brokerPass" -}}
{{- if .Values.messageBroker.enabled }}
{{- .Values.messageBroker.adminUser.pass | default "admin" -}}
{{- if .Values.activemq.enabled }}
{{- .Values.activemq.adminUser.password -}}
{{- else }}
{{- .Values.messageBroker.external.password -}}
{{- coalesce .Values.messageBroker.password .Values.global.messageBroker.password "admin" -}}
{{- end }}
{{- end -}}

{{/*
Get ActiveMQ secret
*/}}
{{- define "syncservice.brokerSecret" -}}
{{- if .Values.messageBroker.enabled }}
{{- coalesce .Values.messageBroker.existingSecretName (printf "%s-messagebroker-secret" (include "syncservice.fullname" . )) -}}
{{- if .Values.activemq.enabled }}
{{- coalesce .Values.activemq.existingSecretName (printf "%s-messagebroker-secret" (include "syncservice.fullname" . )) -}}
{{- else }}
{{- .Values.messageBroker.external.existingSecretName -}}
{{- coalesce .Values.messageBroker.existingSecretName .Values.global.messageBroker.existingSecretName -}}
{{- end }}
{{- end -}}
15 changes: 7 additions & 8 deletions charts/alfresco-sync-service/tests/database_test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,9 @@ templates:
- config-syncservice.yaml
- secret-database.yaml
tests:
- it: should render default JDBC varlues
- it: should render default JDBC values
set:
database:
postgresql:
enabled: true
asserts:
- matchRegex:
Expand All @@ -27,14 +27,13 @@ tests:
path: data.DATABASE_PASSWORD
value: YWRtaW4=
template: secret-database.yaml
- it: should default JDBC varlues
- it: should render provided JDBC varlues
set:
database:
external:
url: jdbc:mysql://mysqldb:1234/somedb
user: scott
password: tiger
driver: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://mysqldb:1234/somedb
user: scott
password: tiger
driver: com.mysql.cj.jdbc.Driver
asserts:
- matchRegex:
path: data.JAVA_OPTS
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ templates:
tests:
- it: should have basic metadata in place
set: &values
database:
postgresql:
enabled: true
asserts:
- equal:
Expand Down
49 changes: 42 additions & 7 deletions charts/alfresco-sync-service/tests/mq_test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ templates:
tests:
- it: should render default ActiveMQ details
set:
messageBroker:
activemq:
enabled: true
asserts:
- equal:
Expand All @@ -21,14 +21,29 @@ tests:
path: data.BROKER_PASSWORD
value: YWRtaW4=
template: secret-message-broker.yaml
- it: should render custom MQ config
- it: should render broker URL based on sole nameOverride
set:
messageBroker:
url:
nameOverride: aKnownBrokerName
asserts:
- equal:
path: data.BROKER_URL
value: >-
ZmFpbG92ZXI6KG5pbzovL1JFTEVBU0UtTkFNRS1hS25vd25Ccm9rZXJOYW1lLWJyb2tlcjo2MTYxNik/dGltZW91dD0zMDAwJmptcy51c2VDb21wcmVzc2lvbj10cnVl
template: secret-message-broker.yaml
- it: should render custom MQ config from dedicated Values context
set:
global:
messageBroker:
url: failover:(ssl://globalmq-1:61617)
user: globaluser
password: globalpass
messageBroker:
external:
url: >-
failover:(ssl://somemoresecuremq-1:61617,ssl://somemoresecuremq-2:61617)
user: scott
password: tiger
url: >-
failover:(ssl://somemoresecuremq-1:61617,ssl://somemoresecuremq-2:61617)
user: scott
password: tiger
asserts:
- equal:
path: data.BROKER_URL
Expand All @@ -43,3 +58,23 @@ tests:
path: data.BROKER_PASSWORD
value: dGlnZXI=
template: secret-message-broker.yaml
- it: should render custom MQ config from global context
set:
global:
messageBroker:
url: failover:(ssl://globalmq-1:61617)
user: globaluser
password: globalpass
asserts:
- equal:
path: data.BROKER_URL
value: ZmFpbG92ZXI6KHNzbDovL2dsb2JhbG1xLTE6NjE2MTcp
template: secret-message-broker.yaml
- equal:
path: data.BROKER_USERNAME
value: Z2xvYmFsdXNlcg==
template: secret-message-broker.yaml
- equal:
path: data.BROKER_PASSWORD
value: Z2xvYmFscGFzcw==
template: secret-message-broker.yaml
Loading

0 comments on commit 8319ce7

Please sign in to comment.