devtron-labs · Shubham9t9 · Dec 12, 2022
diff --git a/charts/postgres/.helmignore b/charts/postgres/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/postgres/Chart.yaml b/charts/postgres/Chart.yaml
@@ -0,0 +1,12 @@
+apiVersion: v2
+name: postgres
+description: A Helm chart for PostgreSQL on Kubernetes
+
+type: application
+
+maintainers:
+  - name: Devtron
+
+version: 0.4.1
+
+appVersion: "15.1"
diff --git a/charts/postgres/README.md b/charts/postgres/README.md
@@ -0,0 +1,129 @@
+# PostgreSQL
+
+![Version: 0.4.1](https://img.shields.io/badge/Version-0.4.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 15.1](https://img.shields.io/badge/AppVersion-15.1-informational?style=flat-square)
+
+## Changelog
+
+see [RELEASENOTES.md](RELEASENOTES.md)
+
+A Helm chart for PostgreSQL on Kubernetes
+
+## ⚠️ Warning
+
+There is no automatic database upgrade from PostgreSQL 13.x (Chart version 0.2.x) to PostgreSQL 14.x (Chart version 0.3.x) or Postgres 14.x to Postgres 15.x (Chart version 0.4.x) and upgrade deployment will fail in case of a major version change.
+
+## TL;DR
+
+```bash
+helm repo add groundhog2k https://groundhog2k.github.io/helm-charts/
+helm install my-release groundhog2k/postgres
+```
+
+## Introduction
+
+This chart uses the original [PostgreSQL image from Docker Hub](https://hub.docker.com/_/postgres/) to deploy a stateful PostgreSQL instance in a Kubernetes cluster.
+
+It fully supports deployment of the multi-architecture docker image.
+
+## Prerequisites
+
+- Kubernetes 1.12+
+- Helm 3.x
+- PV provisioner support in the underlying infrastructure
+
+## Installing the Chart
+
+To install the chart with the release name `my-release`:
+
+```bash
+helm install my-release groundhog2k/postgres
+```
+
+## Uninstalling the Chart
+
+To uninstall/delete the `my-release` deployment:
+
+```bash
+helm uninstall my-release
+```
+
+## Common parameters
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| fullnameOverride | string | `""` | Fully override the deployment name |
+| nameOverride | string | `""` | Partially override the deployment name |
+
+## Deployment parameters
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| image.pullPolicy | string | `"IfNotPresent"` | Image pull policy |
+| image.registry | string | `"docker.io"` | Image registry |
+| image.repository | string | `"postgres"` | Image name |
+| image.tag | string | `""` | Image tag |
+| imagePullSecrets | list | `[]` | Image pull secrets |
+| extraInitContainers | list | `[]` | Extra init containers |
+| extaContainers | list | `[]` | Extra containers for usage as sidecars |
+| startupProbe | object | `see values.yaml` | Startup probe configuration |
+| livenessProbe | object | `see values.yaml` | Liveness probe configuration |
+| readinessProbe | object | `see values.yaml` | Readiness probe configuration |
+| customStartupProbe | object | `{}` | Custom startup probe (overwrites default startup probe configuration) |
+| customLivenessProbe | object | `{}` | Custom liveness probe (overwrites default liveness probe configuration) |
+| customReadinessProbe | object | `{}` | Custom readiness probe (overwrites default readiness probe configuration) |
+| resources | object | `{}` | Resource limits and requests |
+| nodeSelector | object | `{}` | Deployment node selector |
+| podAnnotations | object | `{}` | Additional pod annotations |
+| podSecurityContext | object | `see values.yaml` | Pod security context |
+| securityContext | object | `see values.yaml` | Container security context |
+| env | list | `[]` | Additional container environmment variables |
+| args | list | `[]` | Arguments for the container entrypoint process |
+| serviceAccount.annotations | object | `{}` | Additional service account annotations |
+| serviceAccount.create | bool | `false` | Enable service account creation |
+| serviceAccount.name | string | `""` | Name of the service account |
+| affinity | object | `{}` |  |
+| tolerations | list | `[]` |  |
+| podManagementPolicy | string | `"OrderedReady"` | Pod management policy |
+| updateStrategyType | string | `"RollingUpdate"` | Pod update strategy |
+| revisionHistoryLimit | int | `nil` | Maximum number of revisions maintained in revision history
+
+## Service paramters
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| service.type | string | `"ClusterIP"` | Service type |
+| service.port | int | `5432` | PostreSQL service port |
+| service.nodePort | int | `nil` | The node port (only relevant for type LoadBalancer or NodePort) |
+| service.clusterIP | string | `nil` | The cluster ip address (only relevant for type LoadBalancer or NodePort) |
+| service.loadBalancerIP | string | `nil` | The load balancer ip address (only relevant for type LoadBalancer) |
+| service.annotations | object | `{}` | Additional service annotations |
+
+## Storage parameters
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| storage.accessModes[0] | string | `"ReadWriteOnce"` | Storage access mode |
+| storage.persistentVolumeClaimName | string | `nil` | PVC name when existing storage volume should be used |
+| storage.volumeName | string | `"postgres-data"` | Internal volume name and prefix of a created PVC |
+| storage.requestedSize | string | `nil` | Size for new PVC, when no existing PVC is used |
+| storage.className | string | `nil` | Storage class name |
+## PostgreSQL parameters
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| settings.authMethod | string | `nil` | Postgres database authentication method |
+| settings.initDbArgs | string | `nil` | Optional init database arguments |
+| settings.superuser | string | `nil` | Superuser name |
+| settings.superuserPassword | string | `nil` | Password of superuser |
+| userDatabase | object | `{}` | Optional PostgreSQL user database |
+| userDatabase.name | string | `nil` | Name of the user database |
+| userDatabase.user | string | `nil` | User name with full access to user database|
+| userDatabase.password | string | `nil` | Password of created user |
+| customConfig | string | `nil` | Optional custom configuration block that will be mounted as file in `/etc/postgresql/postgresql.conf` |
+| extraEnvSecrets | list | `[]` | A list of existing secrets that will be mounted into the container as environment variables |
+| extraSecretConfigs | string | `nil` | An existing secret with files that will be added to the postgres configuration in addition to `/etc/postgresql/postgresql.conf` |
+| customScripts | object | `nil` | Optional custom scripts that can be defined inline and will be mounted as files in `/docker-entrypoint-initdb.d` |
+| extraScripts | string | `nil` | An existing configMap with files that will be mounted into the container as script files (`*.sql`, `*.sh`) in `/docker-entrypoint-initdb.d` |
+| extraSecrets | list | `[]` | A list of additional existing secrets that will be mounted into the container |
+| extraSecrets[].name | string | `nil` | Name of the existing K8s secret |
+| extraSecrets[].mountPath | string | `nil` | Mount path where the secret should be mounted into the container (f.e. /mysecretfolder) |
diff --git a/charts/postgres/RELEASENOTES.md b/charts/postgres/RELEASENOTES.md
@@ -0,0 +1,26 @@
+# Changelog
+
+| Chart version | App version | Change description |
+| :------------ | :---------- | :----------------- |
+| 0.2.16 | 13.5 | Fixes bug with wrong mounted customConfig #811 |
+| 0.2.17 | 13.5 | Implemented support for extra secrets and advanced configuration capabilites |
+| 0.2.18 | 13.5 | Implemented support for extra containers |
+| 0.2.19 | 13.6 | Upgraded to Postgres 13.6 |
+| 0.2.20 | 13.7 | Upgraded to Postgres 13.7 |
+| 0.2.21 | 13.8 | Upgraded to Postgres 13.8 |
+| 0.2.22 | 13.8 | Implemented support for custom inline init scripts and image.registry option |
+| 0.2.23 | 13.9 | Upgraded to Postgres 13.9 |
+| 0.3.4 | 14.1 | Fixes bug with wrong mounted customConfig #811 |
+| 0.3.5 | 14.1 | Updated readme and release notes |
+| 0.3.6 | 14.1 | Implemented support for extra secrets and advanced configuration capabilites |
+| 0.3.7 | 14.1 | Implemented support for extra containers |
+| 0.3.8 | 14.2 | Upgraded to Postgres 14.2 |
+| 0.3.9 | 14.3 | Upgraded to Postgres 14.3 |
+| 0.3.10 | 14.4 | Upgraded to Postgres 14.4 |
+| 0.3.11 | 14.5 | Upgraded to Postgres 14.5 |
+| 0.3.12 | 14.5 | Implemented support for custom inline init scripts |
+| 0.3.13 | 14.5 | Implemented support for image.registry option |
+| 0.3.14 | 14.6 | Upgraded to Postgres 14.6 |
+| 0.4.0 | 15.0 | Upgraded to Postgres 15.0 |
+| 0.4.1 | 15.1 | Upgraded to Postgres 15.1 |
+| | | |
diff --git a/charts/postgres/templates/_helpers.tpl b/charts/postgres/templates/_helpers.tpl
@@ -0,0 +1,71 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "postgres.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "postgres.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "postgres.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "postgres.labels" -}}
+helm.sh/chart: {{ include "postgres.chart" . }}
+{{ include "postgres.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "postgres.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "postgres.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "postgres.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "postgres.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Generate secret with configuration
+*/}}
+{{- define "postgres.createSecureConfig" -}}
+  {{- if or (or (.Values.settings.superuserPassword) (.Values.settings.superuser)) (.Values.userDatabase) }}
+true
+  {{- end }}
+{{- end }}
diff --git a/charts/postgres/templates/customconfig.yaml b/charts/postgres/templates/customconfig.yaml
@@ -0,0 +1,11 @@
+{{- if .Values.customConfig }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "postgres.fullname" . }}-customconfig
+  labels:
+    {{- include "postgres.labels" . | nindent 4 }}
+data:
+  postgresql.conf: |
+    {{- .Values.customConfig | nindent 4 }}
+{{- end }}
diff --git a/charts/postgres/templates/customscripts.yaml b/charts/postgres/templates/customscripts.yaml
@@ -0,0 +1,13 @@
+{{- if .Values.customScripts }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "postgres.fullname" . }}-customscripts
+  labels:
+    {{- include "postgres.labels" . | nindent 4 }}
+data:
+  {{- range $name, $value := .Values.customScripts }}
+  {{- $name | nindent 2 }}: |
+    {{- $value | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/postgres/templates/scripts.yaml b/charts/postgres/templates/scripts.yaml
@@ -0,0 +1,42 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "postgres.fullname" . }}-scripts
+  labels:
+    {{- include "postgres.labels" . | nindent 4 }}
+data:
+  01-init-userdb.sh: |
+    #!/bin/sh
+    create_user()
+    {
+    psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" -v USERDBNAME="$POSTGRES_DB" -v USERDBUSER="$USERDB_USER" -v USERDBPASSWORD="'$USERDB_PASSWORD'" <<-EOSQL
+      CREATE USER :USERDBUSER WITH PASSWORD :USERDBPASSWORD;
+      GRANT ALL PRIVILEGES ON DATABASE :USERDBNAME TO :USERDBUSER;
+    EOSQL
+    }
+    set -e
+    if [ ! -z "$POSTGRES_DB" ] && [ ! -z "$USERDB_USER" ] && [ ! -z "$USERDB_PASSWORD" ]; then
+      create_user
+    fi
+  init.sh: |
+    #!/bin/sh
+    echo "Start initialization"
+    echo "Copy init-userdb script"
+    cp /initscripts/01-init-userdb.sh /scripts
+    if [ -d /extrascripts ]; then
+      echo "Copy extra scripts"
+      cp /extrascripts/* /scripts
+    fi
+    if [ -d /customscripts ]; then
+      echo "Copy custom scripts"
+      cp /customscripts/* /scripts
+    fi
+    if [ -d /customconfig ]; then
+      echo "Create postgres config"
+      cat /customconfig/* >>/configs/postgresql.conf
+    fi    
+    if [ -d /extraconfigs ]; then
+      echo "Add extra configs to postgres config"
+      cat /extraconfigs/* >>/configs/postgresql.conf
+    fi
+    echo "Initialization done."
diff --git a/charts/postgres/templates/secureconfig.yaml b/charts/postgres/templates/secureconfig.yaml
@@ -0,0 +1,25 @@
+{{- if include "postgres.createSecureConfig" . }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "postgres.fullname" . }}
+  labels:
+    {{- include "postgres.labels" . | nindent 4 }}
+type: Opaque
+data:
+{{- with .Values.settings }}
+  {{- if .superuser }}
+  POSTGRES_USER: {{ .superuser | b64enc }}
+  {{- end }}
+  {{- if .superuserPassword }}
+  POSTGRES_PASSWORD: {{ .superuserPassword | b64enc }}
+  {{- end }}
+{{- end }}
+{{- with .Values.userDatabase }}
+  POSTGRES_DB: {{ required "Values: userDatabase.name is mandatory if userDatabase is specified." .name | b64enc }}
+  {{- if .user }}
+  USERDB_USER: {{ .user | b64enc }}
+  USERDB_PASSWORD: {{ required "Values: userDatabase.password is mandatory if userDatabase.user is specified." .password | b64enc }}
+  {{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/postgres/templates/service.yaml b/charts/postgres/templates/service.yaml
@@ -0,0 +1,28 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "postgres.fullname" . }}
+  labels:
+    {{- include "postgres.labels" . | nindent 4 }}
+  {{- with .Values.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: postgres
+      protocol: TCP
+      name: postgres
+      {{- if and ( or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort") ) (.Values.service.nodePort) }}
+      nodePort: {{ .Values.service.nodePort }}
+      {{- end }}
+  {{- if and (eq .Values.service.type "LoadBalancer") (.Values.service.loadBalancerIP) }}
+  loadBalancerIP: {{ .Values.service.loadBalancerIP }}
+  {{- end }}
+  {{- if .Values.service.clusterIP }}
+  clusterIP: {{ .Values.service.clusterIP }}
+  {{- end }}
+  selector:
+    {{- include "postgres.selectorLabels" . | nindent 4 }}