From 890042fed803979227ff7ee92ce4e12752955af7 Mon Sep 17 00:00:00 2001 From: Roberto Santalla Date: Fri, 27 Jan 2023 21:57:49 +0100 Subject: [PATCH 01/15] allow to opt-out from `rollme` annotation --- templates/_helpers.tpl | 2 ++ values.yaml | 6 +++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index 0e1804f..016dfb3 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -55,7 +55,9 @@ app.kubernetes.io/instance: {{ .Release.Name }} Rolling pod annotations */}} {{- define "mastodon.rollingPodAnnotations" -}} +{{- if .Values.revisionPodAnnotation }} rollme: {{ .Release.Revision | quote }} +{{- end }} checksum/config-secrets: {{ include ( print $.Template.BasePath "/secrets.yaml" ) . | sha256sum | quote }} checksum/config-configmap: {{ include ( print $.Template.BasePath "/configmap-env.yaml" ) . | sha256sum | quote }} {{- end }} diff --git a/values.yaml b/values.yaml index 0b926b8..63eec7b 100644 --- a/values.yaml +++ b/values.yaml @@ -399,7 +399,11 @@ serviceAccount: # set with podAnnotations will be added to all deployment-managed pods. podAnnotations: {} -# -- The annotations set with jobAnnotations will be added to all job pods. +# If set to true, an annotation with the current chart release number will be added to all mastodon pods. This will +# cause all pods to be recreated every `helm upgrade` regardless of whether their config or spec changes. +revisionPodAnnotation: true + +# The annotations set with jobAnnotations will be added to all job pods. jobAnnotations: {} # -- Default resources for all Deployments and jobs unless overwritten From aa4cd09550a21ec3c7f0cb7a29ba75f92b76f146 Mon Sep 17 00:00:00 2001 From: Roberto Santalla Date: Fri, 27 Jan 2023 21:56:23 +0100 Subject: [PATCH 02/15] fix location of redis password placeholder --- values.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/values.yaml b/values.yaml index 63eec7b..7bdcd61 100644 --- a/values.yaml +++ b/values.yaml @@ -261,12 +261,12 @@ redis: enabled: true hostname: "" port: 6379 - # -- you must set a password; the password generated by the redis chart will be - # rotated on each upgrade: - password: "" - # you can also specify the name of an existing Secret - # with a key of redis-password set to the password you want - # auth: + auth: + # -- you must set a password; the password generated by the redis chart will be + # rotated on each upgrade: + password: "" + # you can also specify the name of an existing Secret + # with a key of redis-password set to the password you want # existingSecret: "" # @ignored From a227f91a7f4018b584c68616024ad6c80fab4c38 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Radim=20Dost=C3=A1l?= Date: Thu, 29 Dec 2022 08:56:11 +0100 Subject: [PATCH 03/15] limited federation mode support --- templates/configmap-env.yaml | 3 +++ values.yaml | 2 ++ 2 files changed, 5 insertions(+) diff --git a/templates/configmap-env.yaml b/templates/configmap-env.yaml index 60efedd..2651403 100644 --- a/templates/configmap-env.yaml +++ b/templates/configmap-env.yaml @@ -31,6 +31,9 @@ data: {{- with .Values.mastodon.authorizedFetch }} AUTHORIZED_FETCH: {{ . | quote }} {{- end }} + {{- with .Values.mastodon.limitedFederationMode }} + LIMITED_FEDERATION_MODE: {{ . | quote }} + {{- end }} # https://devcenter.heroku.com/articles/tuning-glibc-memory-behavior MALLOC_ARENA_MAX: "2" NODE_ENV: "production" diff --git a/values.yaml b/values.yaml index 7bdcd61..9e7c283 100644 --- a/values.yaml +++ b/values.yaml @@ -38,6 +38,8 @@ mastodon: singleUserMode: false # -- Enables "Secure Mode" for more details see: https://docs.joinmastodon.org/admin/config/#authorized_fetch authorizedFetch: false + # -- Enables "Limited Federation Mode" for more detauls see: https://docs.joinmastodon.org/admin/config/#limited_federation_mode + limitedFederationMode: false persistence: assets: # -- ReadWriteOnce is more widely supported than ReadWriteMany, but limits From 61194296afa8dac0047071bfccedde309ecf7f03 Mon Sep 17 00:00:00 2001 From: Effy Elden Date: Fri, 9 Dec 2022 17:12:31 +1100 Subject: [PATCH 04/15] allow custom S3_PERMISSION env --- templates/configmap-env.yaml | 3 +++ values.yaml | 1 + 2 files changed, 4 insertions(+) diff --git a/templates/configmap-env.yaml b/templates/configmap-env.yaml index 2651403..804d453 100644 --- a/templates/configmap-env.yaml +++ b/templates/configmap-env.yaml @@ -50,6 +50,9 @@ data: S3_ENDPOINT: {{ .Values.mastodon.s3.endpoint }} S3_HOSTNAME: {{ .Values.mastodon.s3.hostname }} S3_PROTOCOL: "https" + {{- if .Values.mastodon.s3.permission }} + S3_PERMISSION: {{ .Values.mastodon.s3.permission }} + {{- end }} {{- with .Values.mastodon.s3.region }} S3_REGION: {{ . }} {{- end }} diff --git a/values.yaml b/values.yaml index 9e7c283..a1785fa 100644 --- a/values.yaml +++ b/values.yaml @@ -65,6 +65,7 @@ mastodon: endpoint: "" hostname: "" region: "" + permission: "" # -- If you have a caching proxy, enter its base URL here. alias_host: "" # these must be set manually; autogenerated keys are rotated on each upgrade From f5e3c27ab6ab1c92136a3c64f1bbdc1ea40ec595 Mon Sep 17 00:00:00 2001 From: Jim Myhrberg Date: Mon, 5 Dec 2022 20:49:56 +0000 Subject: [PATCH 05/15] feat(helm-chart): add values for various Puma related settings --- templates/deployment-web.yaml | 16 ++++++++++++++++ values.yaml | 6 ++++++ 2 files changed, 22 insertions(+) diff --git a/templates/deployment-web.yaml b/templates/deployment-web.yaml index c1ec232..30308e2 100644 --- a/templates/deployment-web.yaml +++ b/templates/deployment-web.yaml @@ -74,6 +74,22 @@ spec: key: redis-password - name: "PORT" value: {{ .Values.mastodon.web.port | quote }} + {{- if .Values.mastodon.web.minThreads }} + - name: "MIN_THREADS" + value: {{ .Values.mastodon.web.minThreads | quote }} + {{- end }} + {{- if .Values.mastodon.web.maxThreads }} + - name: "MAX_THREADS" + value: {{ .Values.mastodon.web.maxThreads | quote }} + {{- end }} + {{- if .Values.mastodon.web.workers }} + - name: "WEB_CONCURRENCY" + value: {{ .Values.mastodon.web.workers | quote }} + {{- end }} + {{- if .Values.mastodon.web.persistentTimeout }} + - name: "PERSISTENT_TIMEOUT" + value: {{ .Values.mastodon.web.persistentTimeout | quote }} + {{- end }} {{- if (and .Values.mastodon.s3.enabled .Values.mastodon.s3.existingSecret) }} - name: "AWS_SECRET_ACCESS_KEY" valueFrom: diff --git a/values.yaml b/values.yaml index a1785fa..16dfadf 100644 --- a/values.yaml +++ b/values.yaml @@ -190,6 +190,12 @@ mastodon: # requests: # cpu: 250m # memory: 768Mi + # -- Puma-specific options. Below values are based on default behavior in + # config/puma.rb when no custom values are provided. + minThreads: "5" + maxThreads: "5" + workers: "2" + persistentTimeout: "20" metrics: statsd: From 41152e0ed3f3248d0b77bb0d297016932f22d276 Mon Sep 17 00:00:00 2001 From: David Sanftenberg Date: Thu, 29 Dec 2022 21:47:07 +0000 Subject: [PATCH 06/15] Fix alias_host break on bad var reference (#34) --- templates/configmap-env.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/configmap-env.yaml b/templates/configmap-env.yaml index 804d453..e1b1896 100644 --- a/templates/configmap-env.yaml +++ b/templates/configmap-env.yaml @@ -57,7 +57,7 @@ data: S3_REGION: {{ . }} {{- end }} {{- with .Values.mastodon.s3.alias_host }} - S3_ALIAS_HOST: {{ .Values.mastodon.s3.alias_host}} + S3_ALIAS_HOST: {{ . }} {{- end }} {{- end }} {{- with .Values.mastodon.smtp.auth_method }} From b4302e04e6d89819da8bd7d5c9c4b30b1420b842 Mon Sep 17 00:00:00 2001 From: Roberto Santalla Date: Fri, 27 Jan 2023 22:05:37 +0100 Subject: [PATCH 07/15] store smtp credentials on a secret --- templates/_helpers.tpl | 11 +++++++++++ templates/configmap-env.yaml | 6 ------ templates/deployment-sidekiq.yaml | 24 +++++++++++------------- templates/secret-smtp.yaml | 16 ++++++++++++++++ values.yaml | 4 ++-- 5 files changed, 40 insertions(+), 21 deletions(-) create mode 100644 templates/secret-smtp.yaml diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index 016dfb3..6331a26 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -100,6 +100,17 @@ Get the mastodon secret. {{- end -}} {{- end -}} +{{/* +Get the smtp secret. +*/}} +{{- define "mastodon.smtp.secretName" -}} +{{- if .Values.mastodon.smtp.existingSecret }} + {{- printf "%s" (tpl .Values.mastodon.smtp.existingSecret $) -}} +{{- else -}} + {{- printf "%s-smtp" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + {{/* Get the postgresql secret. */}} diff --git a/templates/configmap-env.yaml b/templates/configmap-env.yaml index e1b1896..54e3874 100644 --- a/templates/configmap-env.yaml +++ b/templates/configmap-env.yaml @@ -81,15 +81,9 @@ data: {{- with .Values.mastodon.smtp.from_address }} SMTP_FROM_ADDRESS: {{ . }} {{- end }} - {{- with .Values.mastodon.smtp.login }} - SMTP_LOGIN: {{ . }} - {{- end }} {{- with .Values.mastodon.smtp.openssl_verify_mode }} SMTP_OPENSSL_VERIFY_MODE: {{ . }} {{- end }} - {{- with .Values.mastodon.smtp.password }} - SMTP_PASSWORD: {{ . }} - {{- end }} {{- with .Values.mastodon.smtp.port }} SMTP_PORT: {{ . | quote }} {{- end }} diff --git a/templates/deployment-sidekiq.yaml b/templates/deployment-sidekiq.yaml index a03019e..0736ad6 100644 --- a/templates/deployment-sidekiq.yaml +++ b/templates/deployment-sidekiq.yaml @@ -90,6 +90,17 @@ spec: secretKeyRef: name: {{ template "mastodon.redis.secretName" $context }} key: redis-password + - name: "SMTP_LOGIN" + valueFrom: + secretKeyRef: + name: {{ include "mastodon.smtp.secretName" $context }} + key: login + optional: true + - name: "SMTP_PASSWORD" + valueFrom: + secretKeyRef: + name: {{ include "mastodon.smtp.secretName" $context }} + key: password {{- if (and $context.Values.mastodon.s3.enabled $context.Values.mastodon.s3.existingSecret) }} - name: "AWS_SECRET_ACCESS_KEY" valueFrom: @@ -102,19 +113,6 @@ spec: name: {{ $context.Values.mastodon.s3.existingSecret }} key: AWS_ACCESS_KEY_ID {{- end }} - {{- if $context.Values.mastodon.smtp.existingSecret }} - - name: "SMTP_LOGIN" - valueFrom: - secretKeyRef: - name: {{ $context.Values.mastodon.smtp.existingSecret }} - key: login - optional: true - - name: "SMTP_PASSWORD" - valueFrom: - secretKeyRef: - name: {{ $context.Values.mastodon.smtp.existingSecret }} - key: password - {{- end }} {{- if (not $context.Values.mastodon.s3.enabled) }} volumeMounts: - name: assets diff --git a/templates/secret-smtp.yaml b/templates/secret-smtp.yaml new file mode 100644 index 0000000..98b15f3 --- /dev/null +++ b/templates/secret-smtp.yaml @@ -0,0 +1,16 @@ +{{- if not .Values.mastodon.smtp.existingSecret -}} +apiVersion: v1 +kind: Secret +metadata: + name: {{ printf "%s-smtp" (include "common.names.fullname" .) }} + labels: + {{- include "mastodon.labels" . | nindent 4 }} +type: Opaque +data: + {{- with .Values.mastodon.smtp.login }} + login: {{ . | b64enc }} + {{- end }} + {{- with .Values.mastodon.smtp.password }} + password: {{ . | b64enc }} + {{- end }} +{{- end }} diff --git a/values.yaml b/values.yaml index 16dfadf..3f65ddf 100644 --- a/values.yaml +++ b/values.yaml @@ -144,8 +144,8 @@ mastodon: tls: false login: password: - # -- you can also specify the name of an existing Secret - # with the keys login and password + # -- Instead of defining login/password above, you can specify the name of an existing secret here. Login and + # password must be located in keys named `login` and `password` respectively. existingSecret: streaming: port: 4000 From 9806bbc8b1bb270e0f1d5cc951c5ce4f1077802d Mon Sep 17 00:00:00 2001 From: Roberto Santalla Date: Fri, 27 Jan 2023 22:33:49 +0100 Subject: [PATCH 08/15] add checksum for smtp secret to sidekiq deployments --- templates/deployment-sidekiq.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/templates/deployment-sidekiq.yaml b/templates/deployment-sidekiq.yaml index 0736ad6..8a0e9e8 100644 --- a/templates/deployment-sidekiq.yaml +++ b/templates/deployment-sidekiq.yaml @@ -31,6 +31,7 @@ spec: {{- end }} # roll the pods to pick up any db migrations or other changes {{- include "mastodon.rollingPodAnnotations" $context | nindent 8 }} + checksum/config-secrets: {{ include ( print $.Template.BasePath "/secret-smtp.yaml" ) $context | sha256sum | quote }} labels: {{- include "mastodon.selectorLabels" $context | nindent 8 }} app.kubernetes.io/component: sidekiq-{{ .name }} From 4fda7eea971e7dc09cbd01015444a3897551d3fe Mon Sep 17 00:00:00 2001 From: "Alexander \"Ananace\" Olofsson" Date: Fri, 17 Feb 2023 22:13:19 +0100 Subject: [PATCH 09/15] Fix and improve LDAP configuration (#3) Co-authored-by: Renaud Chaput --- templates/configmap-env.yaml | 13 ++++++++----- values.yaml | 5 +++-- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/templates/configmap-env.yaml b/templates/configmap-env.yaml index 54e3874..5c400db 100644 --- a/templates/configmap-env.yaml +++ b/templates/configmap-env.yaml @@ -288,13 +288,16 @@ data: {{- if .Values.externalAuth.ldap.enabled }} LDAP_ENABLED: {{ .Values.externalAuth.ldap.enabled | quote }} LDAP_HOST: {{ .Values.externalAuth.ldap.host }} - LDAP_PORT: {{ .Values.externalAuth.ldap.port }} + LDAP_PORT: {{ .Values.externalAuth.ldap.port | quote }} LDAP_METHOD: {{ .Values.externalAuth.ldap.method }} - {{- with .Values.externalAuth.ldap.base }} - LDAP_BASE: {{ . }} + {{- if .Values.externalAuth.ldap.tls_no_verify }} + LDAP_TLS_NO_VERIFY: {{ .Values.externalAuth.ldap.tls_no_verify | quote }} {{- end }} - {{- with .Values.externalAuth.ldap.bind_on }} - LDAP_BIND_ON: {{ . }} + {{- if .Values.externalAuth.ldap.base }} + LDAP_BASE: {{ .Values.externalAuth.ldap.base }} + {{- end }} + {{- if .Values.externalAuth.ldap.bind_dn }} + LDAP_BIND_DN: {{ .Values.externalAuth.ldap.bind_dn }} {{- end }} {{- with .Values.externalAuth.ldap.password }} LDAP_PASSWORD: {{ . }} diff --git a/values.yaml b/values.yaml index 3f65ddf..10c7785 100644 --- a/values.yaml +++ b/values.yaml @@ -369,10 +369,11 @@ externalAuth: ldap: enabled: false # host: myservice.namespace.svc - # port: 389 + # port: 636 # method: simple_tls + # tls_no_verify: true # base: - # bind_on: + # bind_dn: # password: # uid: cn # mail: mail From 6e6f8a36d10c374bb042b13cc416e906f2d2b636 Mon Sep 17 00:00:00 2001 From: Varac Date: Fri, 17 Feb 2023 17:26:34 +0100 Subject: [PATCH 10/15] Fix streaming route Until now, only /api/v1/streaming/ was routed to the streaming pod, while /api/v1/streaming/* was falsely routed to the web pod, which returned 404 for each request. Now everything below /api/v1/streaming will reach the streaming pod. Fixes: #36 --- .gitignore | 1 + templates/ingress.yaml | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..ee3892e --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +charts/ diff --git a/templates/ingress.yaml b/templates/ingress.yaml index e5c5e1d..5a3409a 100644 --- a/templates/ingress.yaml +++ b/templates/ingress.yaml @@ -52,7 +52,7 @@ spec: {{- if or ($.Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress") (not ($.Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/Ingress")) }} pathType: Prefix {{- end }} - - path: {{ .path }}api/v1/streaming/ + - path: {{ .path }}api/v1/streaming backend: {{- if or ($.Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress") (not ($.Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/Ingress")) }} service: @@ -64,7 +64,7 @@ spec: servicePort: {{ $streamingPort }} {{- end }} {{- if or ($.Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress") (not ($.Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/Ingress")) }} - pathType: Exact + pathType: Prefix {{- end }} {{- end }} {{- end }} From 3934da1d2185b5526798e7dd946a4ded5a0b2c4e Mon Sep 17 00:00:00 2001 From: Cees-Jan Kiewiet Date: Mon, 28 Nov 2022 14:52:41 +0100 Subject: [PATCH 11/15] Add the PREPARED_STATEMENTS environment variable and set it to its default value Being able to control it can be useful in situations where prepared statements don't work as expected. Once such case can be pgbouncer as provided by DigitalOcean for connection pooling. --- templates/configmap-env.yaml | 1 + values.yaml | 3 +++ 2 files changed, 4 insertions(+) diff --git a/templates/configmap-env.yaml b/templates/configmap-env.yaml index 5c400db..265bd41 100644 --- a/templates/configmap-env.yaml +++ b/templates/configmap-env.yaml @@ -15,6 +15,7 @@ data: DB_NAME: {{ .Values.postgresql.auth.database }} DB_POOL: {{ include "mastodon.maxDbPool" . }} DB_USER: {{ .Values.postgresql.auth.username }} + PREPARED_STATEMENTS: {{ .Values.mastodon.preparedStatements | quote }} DEFAULT_LOCALE: {{ .Values.mastodon.locale }} {{- if .Values.elasticsearch.enabled }} ES_ENABLED: "true" diff --git a/values.yaml b/values.yaml index 10c7785..711f000 100644 --- a/values.yaml +++ b/values.yaml @@ -202,6 +202,9 @@ mastodon: # -- Enable statsd publishing via STATSD_ADDR environment variable address: "" + # Sets the PREPARED_STATEMENTS environment variable: https://docs.joinmastodon.org/admin/config/#prepared_statements + preparedStatements: true + ingress: enabled: true annotations: From 94ffdc8f83307460106845db0fbd5e58fb7d4f5c Mon Sep 17 00:00:00 2001 From: Renaud Chaput Date: Tue, 14 Mar 2023 22:06:30 +0100 Subject: [PATCH 12/15] Update image repository to GHCR (#53) --- values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/values.yaml b/values.yaml index 711f000..930a5b3 100644 --- a/values.yaml +++ b/values.yaml @@ -1,6 +1,6 @@ image: - repository: tootsuite/mastodon - # https://hub.docker.com/r/tootsuite/mastodon/tags + repository: ghcr.io/mastodon/mastodon + # https://github.com/mastodon/mastodon/pkgs/container/mastodon # # alternatively, use `latest` for the latest release or `edge` for the image # built from the most recent commit From 1b503bb6b379b4e602c16357a17f97d0c2d0e08a Mon Sep 17 00:00:00 2001 From: Tim Campbell Date: Wed, 12 Apr 2023 08:18:09 -0700 Subject: [PATCH 13/15] Added SMTP_RETURN_PATH option --- templates/configmap-env.yaml | 3 +++ values.yaml | 1 + 2 files changed, 4 insertions(+) diff --git a/templates/configmap-env.yaml b/templates/configmap-env.yaml index 265bd41..fbb8788 100644 --- a/templates/configmap-env.yaml +++ b/templates/configmap-env.yaml @@ -82,6 +82,9 @@ data: {{- with .Values.mastodon.smtp.from_address }} SMTP_FROM_ADDRESS: {{ . }} {{- end }} + {{- with .Values.mastodon.smtp.return_path }} + SMTP_RETURN_PATH: {{ . }} + {{- end }} {{- with .Values.mastodon.smtp.openssl_verify_mode }} SMTP_OPENSSL_VERIFY_MODE: {{ . }} {{- end }} diff --git a/values.yaml b/values.yaml index 930a5b3..ea9848b 100644 --- a/values.yaml +++ b/values.yaml @@ -137,6 +137,7 @@ mastodon: domain: enable_starttls: 'auto' from_address: notifications@example.com + return_path: openssl_verify_mode: peer port: 587 reply_to: From 8f612abc721bffbf7fe9f5aeb730bc93cf5eb45e Mon Sep 17 00:00:00 2001 From: Tim Campbell Date: Wed, 19 Apr 2023 15:31:36 -0700 Subject: [PATCH 14/15] Added deployment annotations to chart --- templates/deployment-sidekiq.yaml | 4 ++++ templates/deployment-streaming.yaml | 4 ++++ templates/deployment-web.yaml | 4 ++++ values.yaml | 4 ++++ 4 files changed, 16 insertions(+) diff --git a/templates/deployment-sidekiq.yaml b/templates/deployment-sidekiq.yaml index 8a0e9e8..6aac6e8 100644 --- a/templates/deployment-sidekiq.yaml +++ b/templates/deployment-sidekiq.yaml @@ -9,6 +9,10 @@ metadata: {{- include "mastodon.labels" $context | nindent 4 }} app.kubernetes.io/component: sidekiq-{{ .name }} app.kubernetes.io/part-of: rails + annotations: + {{- with $context.Values.deployAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: {{- if (has "scheduler" .queues) }} {{- if (gt (int .replicas) 1) }} diff --git a/templates/deployment-streaming.yaml b/templates/deployment-streaming.yaml index dd80404..1e690ac 100644 --- a/templates/deployment-streaming.yaml +++ b/templates/deployment-streaming.yaml @@ -4,6 +4,10 @@ metadata: name: {{ include "mastodon.fullname" . }}-streaming labels: {{- include "mastodon.labels" . | nindent 4 }} + annotations: + {{- with .Values.deployAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: replicas: {{ .Values.mastodon.streaming.replicas }} selector: diff --git a/templates/deployment-web.yaml b/templates/deployment-web.yaml index 30308e2..e707b3c 100644 --- a/templates/deployment-web.yaml +++ b/templates/deployment-web.yaml @@ -4,6 +4,10 @@ metadata: name: {{ include "mastodon.fullname" . }}-web labels: {{- include "mastodon.labels" . | nindent 4 }} + annotations: + {{- with .Values.deployAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: replicas: {{ .Values.mastodon.web.replicas }} selector: diff --git a/values.yaml b/values.yaml index ea9848b..c8c5d96 100644 --- a/values.yaml +++ b/values.yaml @@ -408,6 +408,10 @@ serviceAccount: # If not set and create is true, a name is generated using the fullname template name: "" +# Custom annotations to apply to all created deployment objects. These can be +# used to help mastodon interact with other services in the cluster. +deployAnnotations: {} + # -- Kubernetes manages pods for jobs and pods for deployments differently, so you might # need to apply different annotations to the two different sets of pods. The annotations # set with podAnnotations will be added to all deployment-managed pods. From 4b6fd9f7e6273cb2708e5f8e16b87b1d07114eb8 Mon Sep 17 00:00:00 2001 From: Tim Campbell Date: Thu, 20 Apr 2023 08:15:48 -0700 Subject: [PATCH 15/15] Rename deployment annotations var, allow deploy-specific annotations --- templates/deployment-sidekiq.yaml | 2 +- templates/deployment-streaming.yaml | 2 +- templates/deployment-web.yaml | 2 +- values.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/templates/deployment-sidekiq.yaml b/templates/deployment-sidekiq.yaml index 6aac6e8..5dc9244 100644 --- a/templates/deployment-sidekiq.yaml +++ b/templates/deployment-sidekiq.yaml @@ -10,7 +10,7 @@ metadata: app.kubernetes.io/component: sidekiq-{{ .name }} app.kubernetes.io/part-of: rails annotations: - {{- with $context.Values.deployAnnotations }} + {{- with $context.Values.deploymentAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} spec: diff --git a/templates/deployment-streaming.yaml b/templates/deployment-streaming.yaml index 1e690ac..ea08b1b 100644 --- a/templates/deployment-streaming.yaml +++ b/templates/deployment-streaming.yaml @@ -5,7 +5,7 @@ metadata: labels: {{- include "mastodon.labels" . | nindent 4 }} annotations: - {{- with .Values.deployAnnotations }} + {{- with (default .Values.deploymentAnnotations .Values.mastodon.streaming.deploymentAnnotations) }} {{- toYaml . | nindent 4 }} {{- end }} spec: diff --git a/templates/deployment-web.yaml b/templates/deployment-web.yaml index e707b3c..420c277 100644 --- a/templates/deployment-web.yaml +++ b/templates/deployment-web.yaml @@ -5,7 +5,7 @@ metadata: labels: {{- include "mastodon.labels" . | nindent 4 }} annotations: - {{- with .Values.deployAnnotations }} + {{- with (default .Values.deploymentAnnotations .Values.mastodon.web.deploymentAnnotations) }} {{- toYaml . | nindent 4 }} {{- end }} spec: diff --git a/values.yaml b/values.yaml index c8c5d96..a4660e2 100644 --- a/values.yaml +++ b/values.yaml @@ -410,7 +410,7 @@ serviceAccount: # Custom annotations to apply to all created deployment objects. These can be # used to help mastodon interact with other services in the cluster. -deployAnnotations: {} +deploymentAnnotations: {} # -- Kubernetes manages pods for jobs and pods for deployments differently, so you might # need to apply different annotations to the two different sets of pods. The annotations