Skip to content

Commit

Permalink
✨ chore: bump chart version to 1.6.2-rc.1
Browse files Browse the repository at this point in the history 
Updates the chart version to 1.6.2-rc.1 to reflect recent changes. 
Adds annotations for production run mode in both frontend and 
backend specifications. Introduces initContainers for 
flexibility in container initialization. Adds a new 
dorisManager template for MySQL user management, enhancing 
database integration capabilities.
  • Loading branch information
@buu-nguyen
buu-nguyen committed Dec 16, 2024
1 parent b69d0b6 commit 5833f9e
Show file tree
Hide file tree
Showing 6 changed files with 318 additions and 14 deletions.
2 changes: 1 addition & 1 deletion helm-charts/doris/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ maintainers:
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 1.6.1
version: 1.6.2-rc.1

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
Expand Down
90 changes: 89 additions & 1 deletion helm-charts/doris/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -264,4 +264,92 @@ doris cluster broker PVC
- configMapName: {{ .configMapName }}
mountPath: {{ .mountPath }}
{{- end }}
{{- end }}
{{- end }}

{{/* Determine if cloud_sql is present */}}
{{- define "auth_proxy.has_cloud_sql" -}}
{{- $has_cloud_sql := false -}}
{{- range .Values.datasources -}}
{{- if and .auth_proxy (eq .auth_proxy "cloud_sql") -}}
{{- $has_cloud_sql = true -}}
{{- end -}}
{{- end -}}
{{- $has_cloud_sql -}}
{{- end -}}

{{/* Determine if alloydb is present */}}
{{- define "auth_proxy.has_alloydb" -}}
{{- $has_alloydb := false -}}
{{- range .Values.datasources -}}
{{- if and .auth_proxy (eq .auth_proxy "alloydb") -}}
{{- $has_alloydb = true -}}
{{- end -}}
{{- end -}}
{{- $has_alloydb -}}
{{- end -}}

{{/* cloud-sql-auth-proxy configuration */}}
{{- define "auth_proxy.cloud_sql" -}}
- name: cloud-sql-auth-proxy
image: asia.gcr.io/cloud-sql-connectors/cloud-sql-proxy:2
args:
{{- if eq .Values.authProxy.publicDB false }}
- --private-ip
{{- end }}
{{- if eq .Values.authProxy.autoIAMAuthn true }}
- --auto-iam-authn
{{- end }}
{{- range $index, $element := .Values.datasources }}
{{- if and .auth_proxy (eq .auth_proxy "cloud_sql") }}
- {{ .instance_uri -}}?port={{- 10000 | add $index | add1 }}
{{- end }}
{{- end }}
restartPolicy: Always
securityContext:
runAsNonRoot: true
allowPrivilegeEscalation: false
runAsUser: 65534
runAsGroup: 65534
capabilities:
drop:
- ALL
seccompProfile:
type: RuntimeDefault
{{ if .Values.authProxy.resources }}
resources:
{{- toYaml .Values.authProxy.resources | nindent 4 }}
{{- end }}
{{- end -}}

{{/* alloydb-auth-proxy configuration */}}
{{- define "auth_proxy.alloydb" -}}
- name: alloydb-auth-proxy
image: asia.gcr.io/alloydb-connectors/alloydb-auth-proxy:1
args:
{{- if eq .Values.authProxy.publicDB true }}
- --public-ip
{{- end }}
{{- if eq .Values.authProxy.autoIAMAuthn true }}
- --auto-iam-authn
{{- end }}
{{- range $index, $element := .Values.datasources }}
{{- if and .auth_proxy (eq .auth_proxy "alloydb") }}
- {{ .instance_uri -}}?port={{- 10000 | add $index | add1 }}
{{- end }}
{{- end }}
restartPolicy: Always
securityContext:
runAsNonRoot: true
allowPrivilegeEscalation: false
runAsUser: 65534
runAsGroup: 65534
capabilities:
drop:
- ALL
seccompProfile:
type: RuntimeDefault
{{ if .Values.authProxy.resources }}
resources:
{{- toYaml .Values.authProxy.resources | nindent 4 }}
{{- end }}
{{- end -}}
55 changes: 55 additions & 0 deletions helm-charts/doris/templates/doriscluster.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,11 +46,18 @@ spec:
podLabels:
{{- toYaml .Values.feSpec.labels | nindent 6 }}
{{- end }}
{{- if .Values.feSpec.annotations }}
annotations:
{{- toYaml .Values.feSpec.annotations | nindent 6 }}
{{- end }}
image: {{ .Values.feSpec.image.repository }}:{{ .Values.feSpec.image.tag }}
{{- if .Values.feSpec.image.imagePullSecrets }}
imagePullSecrets:
{{- toYaml .Values.feSpec.image.imagePullSecrets | nindent 4 }}
{{- end }}
{{- if .Values.feSpec.serviceAccount }}
serviceAccount: {{ .Values.feSpec.serviceAccount }}
{{- end }}

{{- if .Values.feSpec.service }}
service:
Expand Down Expand Up @@ -122,17 +129,33 @@ spec:
command: {{ .Values.feSpec.systemInitialization.command }}
{{- end }}
{{- end }}
{{- if or (eq (include "auth_proxy.has_cloud_sql" .) "true") (eq (include "auth_proxy.has_alloydb" .) "true") }}
initContainers:
{{- if eq (include "auth_proxy.has_cloud_sql" .) "true" }}
{{- include "auth_proxy.cloud_sql" . | nindent 6 }}
{{- end }}
{{- if eq (include "auth_proxy.has_alloydb" .) "true" }}
{{- include "auth_proxy.alloydb" . | nindent 6 }}
{{- end }}
{{- end }}
beSpec:
replicas: {{ .Values.beSpec.replicas }}
{{- if .Values.beSpec.labels }}
podLabels:
{{- toYaml .Values.beSpec.labels | nindent 6 }}
{{- end }}
{{- if .Values.beSpec.annotations }}
annotations:
{{- toYaml .Values.beSpec.annotations | nindent 6 }}
{{- end }}
image: {{ .Values.beSpec.image.repository }}:{{ .Values.beSpec.image.tag }}
{{- if .Values.beSpec.image.imagePullSecrets }}
imagePullSecrets:
{{- toYaml .Values.beSpec.image.imagePullSecrets | nindent 4 }}
{{- end }}
{{- if .Values.beSpec.serviceAccount }}
serviceAccount: {{ .Values.beSpec.serviceAccount }}
{{- end }}

{{- if .Values.beSpec.service }}
service:
Expand Down Expand Up @@ -204,6 +227,15 @@ spec:
command: {{ .Values.beSpec.systemInitialization.command }}
{{- end }}
{{- end }}
{{- if or (eq (include "auth_proxy.has_cloud_sql" .) "true") (eq (include "auth_proxy.has_alloydb" .) "true") }}
initContainers:
{{- if eq (include "auth_proxy.has_cloud_sql" .) "true" }}
{{- include "auth_proxy.cloud_sql" . | nindent 6 }}
{{- end }}
{{- if eq (include "auth_proxy.has_alloydb" .) "true" }}
{{- include "auth_proxy.alloydb" . | nindent 6 }}
{{- end }}
{{- end }}
{{- if .Values.dorisCluster.enabledCn }}
cnSpec:
replicas: {{ .Values.cnSpec.replicas }}
Expand All @@ -212,11 +244,18 @@ spec:
podLabels:
{{- toYaml .Values.cnSpec.labels | nindent 6 }}
{{- end }}
{{- if .Values.cnSpec.annotations }}
annotations:
{{- toYaml .Values.cnSpec.annotations | nindent 6 }}
{{- end }}
image: {{ .Values.cnSpec.image.repository }}:{{ .Values.cnSpec.image.tag }}
{{- if .Values.cnSpec.image.imagePullSecrets }}
imagePullSecrets:
{{- toYaml .Values.cnSpec.image.imagePullSecrets | nindent 4 }}
{{- end }}
{{- if .Values.cnSpec.serviceAccount }}
serviceAccount: {{ .Values.cnSpec.serviceAccount }}
{{- end }}

{{- if .Values.cnSpec.service }}
service:
Expand Down Expand Up @@ -288,6 +327,15 @@ spec:
command: {{ .Values.cnSpec.systemInitialization.command }}
{{- end }}
{{- end }}
{{- if or (eq (include "auth_proxy.has_cloud_sql" .) "true") (eq (include "auth_proxy.has_alloydb" .) "true") }}
initContainers:
{{- if eq (include "auth_proxy.has_cloud_sql" .) "true" }}
{{- include "auth_proxy.cloud_sql" . | nindent 6 }}
{{- end }}
{{- if eq (include "auth_proxy.has_alloydb" .) "true" }}
{{- include "auth_proxy.alloydb" . | nindent 6 }}
{{- end }}
{{- end }}
{{- if .Values.cnSpec.autoScalingPolicy.enable }}
autoScalingPolicy:
version: {{default ( include "doriscluster.default.autoScalerVersion" . ) .Values.cnSpec.autoScalingPolicy.version }}
Expand All @@ -306,11 +354,18 @@ spec:
podLabels:
{{- toYaml .Values.brokerSpec.labels | nindent 6 }}
{{- end }}
{{- if .Values.brokerSpec.annotations }}
annotations:
{{- toYaml .Values.brokerSpec.annotations | nindent 6 }}
{{- end }}
image: {{ .Values.brokerSpec.image.repository }}:{{ .Values.brokerSpec.image.tag }}
{{- if .Values.brokerSpec.image.imagePullSecrets }}
imagePullSecrets:
{{- toYaml .Values.brokerSpec.image.imagePullSecrets | nindent 4 }}
{{- end }}
{{- if .Values.brokerSpec.serviceAccount }}
serviceAccount: {{ .Values.brokerSpec.serviceAccount }}
{{- end }}

{{- if .Values.brokerSpec.configMap }}
configMapInfo:
Expand Down
34 changes: 34 additions & 0 deletions helm-charts/doris/templates/dorismanager.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
{{- if and .Values.dorisManager.enabled .Values.dorisCluster.authSecret }}
apiVersion: mysql.nakamasato.com/v1alpha1
kind: MySQL
metadata:
name: {{ template "doriscluster.name" . }}
namespace: {{ template "doriscluster.namespace" . }}
spec:
host: {{ template "doriscluster.name" . }}-fe-service
port: {{ .Values.dorisManager.port }}
adminUser:
name: {{ template "doriscluster.name" . }}-admin-user
type: k8s
adminPassword:
name: {{ template "doriscluster.name" . }}-admin-password
type: k8s
{{- range .Values.dorisManager.users }}
---
apiVersion: mysql.nakamasato.com/v1alpha1
kind: MySQLUser
metadata:
name: {{ .username | replace "_" "-" }}
namespace: {{ template "doriscluster.namespace" $ }}
spec:
clusterName: {{ template "doriscluster.name" $ }}
username: {{ .username }}
secretRef:
name: {{ template "doriscluster.name" $ }}-user-credentials
key: {{ .username }}
{{- if .grants }}
grants:
{{- toYaml .grants | nindent 4 }}
{{- end }}
{{- end }}
{{- end }}
79 changes: 75 additions & 4 deletions helm-charts/doris/templates/secret.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,78 @@ metadata:
app.kubernetes.io/name: doriscluster
app.kubernetes.io/instance: {{ template "doriscluster.name" . }}
app.kubernetes.io/part-of: {{ template "kube-control.name" . }}
type: kubernetes.io/basic-auth
data:
{{- toYaml .Values.dorisCluster.authSecret | nindent 2}}
{{- end }}
{{- if .Values.secretLabels }}
{{- toYaml .Values.secretLabels | nindent 4}}
{{- end }}
annotations:
{{- if .Values.secretAnnotations }}
{{- toYaml .Values.secretAnnotations | nindent 4}}
{{- end }}
type: Opaque
stringData:
{{- toYaml .Values.dorisCluster.authSecret | nindent 2 }}
{{- end }}

{{- if and .Values.dorisManager.enabled .Values.dorisCluster.authSecret }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ template "doriscluster.name" . }}-admin-user
namespace: {{ template "doriscluster.namespace" . }}
labels:
app.kubernetes.io/name: doriscluster
app.kubernetes.io/instance: {{ template "doriscluster.name" . }}
app.kubernetes.io/part-of: {{ template "kube-control.name" . }}
{{- if .Values.secretLabels }}
{{- toYaml .Values.secretLabels | nindent 4}}
{{- end }}
{{- if .Values.secretAnnotations }}
annotations: {{- toYaml .Values.secretAnnotations | nindent 4}}
{{- end }}
type: Opaque
stringData:
key: {{ .Values.dorisCluster.authSecret.username | quote }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ template "doriscluster.name" . }}-admin-password
namespace: {{ template "doriscluster.namespace" . }}
labels:
app.kubernetes.io/name: doriscluster
app.kubernetes.io/instance: {{ template "doriscluster.name" . }}
app.kubernetes.io/part-of: {{ template "kube-control.name" . }}
{{- if .Values.secretLabels }}
{{- toYaml .Values.secretLabels | nindent 4}}
{{- end }}
{{- if .Values.secretAnnotations }}
annotations: {{- toYaml .Values.secretAnnotations | nindent 4}}
{{- end }}
type: Opaque
stringData:
key: {{ .Values.dorisCluster.authSecret.password | quote }}
{{- if .Values.dorisManager.users }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ template "doriscluster.name" . }}-user-credentials
namespace: {{ template "doriscluster.namespace" . }}
labels:
app.kubernetes.io/name: doriscluster
app.kubernetes.io/instance: {{ template "doriscluster.name" . }}
app.kubernetes.io/part-of: {{ template "kube-control.name" . }}
{{- if .Values.secretLabels }}
{{- toYaml .Values.secretLabels | nindent 4}}
{{- end }}
{{- if .Values.secretAnnotations }}
annotations: {{- toYaml .Values.secretAnnotations | nindent 4}}
{{- end }}
type: Opaque
stringData:
{{- range .Values.dorisManager.users }}
{{ .username | quote }}: {{ .password | quote }}
{{- end }}
{{- end }}
{{- end }}
Loading

0 comments on commit 5833f9e

Please sign in to comment.