From ad4a293cac7a01aa0a93a59bd1e3047689326acc Mon Sep 17 00:00:00 2001
From: Felipe Cecagno <fcecagno@gmail.com>
Date: Wed, 3 Jul 2024 01:32:12 -0300
Subject: [PATCH] chore(helm): implement readinessProbe and startupProbe for
 uwsgi container

---
 .../templates/django-deployment.yaml          | 43 ++++++++++++++-----
 helm/defectdojo/values.yaml                   | 20 ++++++++-
 2 files changed, 50 insertions(+), 13 deletions(-)

diff --git a/helm/defectdojo/templates/django-deployment.yaml b/helm/defectdojo/templates/django-deployment.yaml
index 398aa767cb3..5f6081acfc8 100644
--- a/helm/defectdojo/templates/django-deployment.yaml
+++ b/helm/defectdojo/templates/django-deployment.yaml
@@ -27,7 +27,7 @@ spec:
         app.kubernetes.io/instance: {{ .Release.Name }}
         {{- if .Values.podLabels }}
         {{- toYaml .Values.podLabels | nindent 8 }}
-        {{- end }}        
+        {{- end }}
       annotations:
       {{- with .Values.django.annotations }}
         {{- toYaml . | nindent 8 }}
@@ -168,7 +168,7 @@ spec:
             secretKeyRef:
             {{- if eq .Values.celery.broker "rabbitmq" }}
               name: {{ .Values.rabbitmq.auth.existingPasswordSecret | default "defectdojo-rabbitmq-specific" }}
-              key: {{ .Values.rabbitmq.auth.secretPasswordKey | default "rabbitmq-password" }}  
+              key: {{ .Values.rabbitmq.auth.secretPasswordKey | default "rabbitmq-password" }}
             {{- else if eq .Values.celery.broker "redis" }}
               name: {{ .Values.redis.auth.existingSecret | default "defectdojo-redis-specific" }}
               key: {{ .Values.redis.auth.existingSecretPasswordKey | default "redis-password" }}
@@ -262,6 +262,7 @@ spec:
           value: '{{ .Values.django.nginx.tls.enabled }}'
         - name: GENERATE_TLS_CERTIFICATE
           value: '{{ .Values.django.nginx.tls.generateCertificate }}'
+        {{- if .Values.django.uwsgi.livenessProbe.enabled }}
         livenessProbe:
           httpGet:
             path: /nginx_health
@@ -272,10 +273,13 @@ spec:
             httpHeaders:
             - name: Host
               value: {{ .Values.host }}
-          initialDelaySeconds: 10
-          periodSeconds: 10
-          failureThreshold: 6
-        {{- if .Values.django.uwsgi.livenessProbe.enabled }}
+          failureThreshold: {{ .Values.django.uwsgi.livenessProbe.failureThreshold }}
+          initialDelaySeconds: {{ .Values.django.uwsgi.livenessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.django.uwsgi.livenessProbe.periodSeconds }}
+          successThreshold: {{ .Values.django.uwsgi.livenessProbe.successThreshold }}
+          timeoutSeconds: {{ .Values.django.uwsgi.livenessProbe.timeoutSeconds }}
+        {{- end }}
+        {{- if .Values.django.uwsgi.readinessProbe.enabled }}
         readinessProbe:
           httpGet:
             path: /uwsgi_health
@@ -286,11 +290,28 @@ spec:
             httpHeaders:
             - name: Host
               value: {{ .Values.host }}
-          failureThreshold: {{ .Values.django.uwsgi.livenessProbe.failureThreshold }}
-          initialDelaySeconds: {{ .Values.django.uwsgi.livenessProbe.initialDelaySeconds }}
-          periodSeconds: {{ .Values.django.uwsgi.livenessProbe.periodSeconds }}
-          successThreshold: {{ .Values.django.uwsgi.livenessProbe.successThreshold }}
-          timeoutSeconds: {{ .Values.django.uwsgi.livenessProbe.timeoutSeconds }}
+          failureThreshold: {{ .Values.django.uwsgi.readinessProbe.failureThreshold }}
+          initialDelaySeconds: {{ .Values.django.uwsgi.readinessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.django.uwsgi.readinessProbe.periodSeconds }}
+          successThreshold: {{ .Values.django.uwsgi.readinessProbe.successThreshold }}
+          timeoutSeconds: {{ .Values.django.uwsgi.readinessProbe.timeoutSeconds }}
+        {{- end }}
+        {{- if .Values.django.uwsgi.startupProbe.enabled }}
+        startupProbe:
+          httpGet:
+            path: /uwsgi_health
+            port: http
+            {{- if .Values.django.nginx.tls.enabled }}
+            scheme: HTTPS
+            {{- end }}
+            httpHeaders:
+            - name: Host
+              value: {{ .Values.host }}
+          failureThreshold: {{ .Values.django.uwsgi.startupProbe.failureThreshold }}
+          initialDelaySeconds: {{ .Values.django.uwsgi.startupProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.django.uwsgi.startupProbe.periodSeconds }}
+          successThreshold: {{ .Values.django.uwsgi.startupProbe.successThreshold }}
+          timeoutSeconds: {{ .Values.django.uwsgi.startupProbe.timeoutSeconds }}
         {{- end }}
         resources:
           {{- toYaml .Values.django.nginx.resources | nindent 10 }}
diff --git a/helm/defectdojo/values.yaml b/helm/defectdojo/values.yaml
index 1faba1520b3..96d799b8e23 100644
--- a/helm/defectdojo/values.yaml
+++ b/helm/defectdojo/values.yaml
@@ -217,13 +217,29 @@ django:
   tolerations: []
   uwsgi:
     livenessProbe:
-      # Enable liveness checks on uwsgi container. Those values are use on nginx readiness checks as well.
+      # Enable liveness checks on uwsgi container.
       enabled: true
       failureThreshold: 6
-      initialDelaySeconds: 120
+      initialDelaySeconds: 0
       periodSeconds: 10
       successThreshold: 1
       timeoutSeconds: 5
+    readinessProbe:
+      # Enable readiness checks on uwsgi container.
+      enabled: true
+      failureThreshold: 6
+      initialDelaySeconds: 0
+      periodSeconds: 10
+      successThreshold: 1
+      timeoutSeconds: 5
+    startupProbe:
+      # Enable startup checks on uwsgi container.
+      enabled: true
+      failureThreshold: 30
+      initialDelaySeconds: 0
+      periodSeconds: 5
+      successThreshold: 1
+      timeoutSeconds: 1
     resources:
       requests:
         cpu: 100m