Skip to content

Commit 7692916

Browse files
solomonopesolomonope
committed
feat: update helm chart to accomodate gcs service account secret
1 parent c59fa80 commit 7692916

File tree

4 files changed

+139
-83
lines changed

4 files changed

+139
-83
lines changed

helm/templates/ingestor-statefulset.yaml

Lines changed: 32 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -66,6 +66,12 @@ spec:
6666
tolerations:
6767
{{- toYaml . | nindent 8 }}
6868
{{- end }}
69+
{{- if and .Values.parseable.gcsModeSecret .Values.parseable.gcsModeSecret.enabled }}
70+
volumes:
71+
- name: {{ .Values.parseable.gcsModeSecret.auth.secret_name }}
72+
secret:
73+
secretName: {{ .Values.parseable.gcsModeSecret.auth.secret_name }}
74+
{{- end }}
6975
containers:
7076
- name: {{ .Chart.Name }}
7177
securityContext:
@@ -74,19 +80,19 @@ spec:
7480
imagePullPolicy: {{ .Values.parseable.image.pullPolicy }}
7581
args:
7682
- /usr/bin/parseable
77-
- {{ if eq .Values.parseable.store "gcs-store" }}"s3-store"{{ else }}{{ .Values.parseable.store | quote }}{{ end }}
83+
- {{ .Values.parseable.store | quote }}
7884
- --ingestor-endpoint=$(HOSTNAME).{{ include "parseable.fullname" . }}-ingestor-headless.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.parseable.highAvailability.ingestor.port }}
7985
env:
80-
{{- range $key, $value := .Values.parseable.highAvailability.ingestor.env }}
81-
- name: {{ $key }}
82-
value: {{ tpl $value $ | quote }}
8386
- name: HOSTNAME
8487
valueFrom:
8588
fieldRef:
8689
apiVersion: v1
8790
fieldPath: metadata.name
91+
{{- range $key, $value := .Values.parseable.highAvailability.ingestor.env }}
92+
- name: {{ $key }}
93+
value: {{ tpl $value $ | quote }}
8894
{{- end }}
89-
95+
9096
{{- if .Values.parseable.auditLogging.enabled }}
9197
- name: P_AUDIT_LOGGER
9298
value: {{ .Values.parseable.auditLogging.p_server | quote }}
@@ -111,11 +117,13 @@ spec:
111117
{{- end }}
112118

113119
{{- if and .Values.parseable.gcsModeSecret .Values.parseable.gcsModeSecret.enabled }}
120+
- name: GOOGLE_APPLICATION_CREDENTIALS
121+
value: {{ .Values.parseable.gcsModeSecret.auth.mount_path }}
114122
{{- range $secret := .Values.parseable.gcsModeSecret.secrets }}
115123
{{- range $key := $secret.keys }}
116124
{{- $envPrefix := $secret.prefix | default "" | upper }}
117125
{{- $envKey := $key | upper | replace "." "_" | replace "-" "_" }}
118-
- name: {{ $envPrefix }}{{ $envKey | replace "GCS" "S3"}}
126+
- name: {{ $envPrefix }}{{ $envKey }}
119127
valueFrom:
120128
secretKeyRef:
121129
name: {{ $secret.name }}
@@ -137,30 +145,39 @@ spec:
137145
{{- end }}
138146
{{- end }}
139147
{{- end }}
148+
140149
- name: P_MODE
141150
value: "ingest"
151+
142152
{{- if .Values.parseable.kafkaConnector.enabled }}
143-
{{- range $key, $value := .Values.parseable.kafkaConnector.env }}
153+
{{- range $key, $value := .Values.parseable.kafkaConnector.env }}
144154
- name: {{ $key }}
145155
value: {{ tpl $value $ | quote }}
146-
{{- end }}
156+
{{- end }}
147157
{{- end }}
148158

149159
ports:
150160
- containerPort: {{ .Values.parseable.highAvailability.ingestor.port }}
151-
{{- with .Values.readinessProbe }}
161+
{{- with .Values.readinessProbe }}
152162
readinessProbe:
153-
{{ toYaml . | nindent 12 }}
154-
{{- end }}
163+
{{- toYaml . | nindent 10 }}
164+
{{- end }}
155165
resources:
156-
{{- toYaml .Values.parseable.highAvailability.ingestor.resources | nindent 12 }}
157-
{{- if .Values.parseable.persistence.ingestor.enabled }}
166+
{{- toYaml .Values.parseable.highAvailability.ingestor.resources | nindent 10 }}
167+
{{- if or .Values.parseable.persistence.ingestor.enabled (and .Values.parseable.gcsModeSecret .Values.parseable.gcsModeSecret.enabled) }}
158168
volumeMounts:
169+
{{- if .Values.parseable.persistence.ingestor.enabled }}
159170
- mountPath: "/parseable/staging"
160171
name: stage-volume
161172
{{- end }}
162-
volumeClaimTemplates:
173+
{{- if and .Values.parseable.gcsModeSecret .Values.parseable.gcsModeSecret.enabled }}
174+
- mountPath: {{ .Values.parseable.gcsModeSecret.auth.mount_path }}
175+
name: {{ .Values.parseable.gcsModeSecret.auth.secret_name }}
176+
readOnly: true
177+
{{- end }}
178+
{{- end }}
163179
{{- if .Values.parseable.persistence.ingestor.enabled }}
180+
volumeClaimTemplates:
164181
- metadata:
165182
name: stage-volume
166183
spec:
@@ -171,4 +188,4 @@ spec:
171188
requests:
172189
storage: {{ .Values.parseable.persistence.ingestor.size | quote }}
173190
{{- end }}
174-
{{- end }}
191+
{{- end }}

helm/templates/querier-statefulset.yaml

Lines changed: 47 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -29,8 +29,10 @@ spec:
2929
minReadySeconds: 2
3030
template:
3131
metadata:
32+
{{- with .Values.parseable.podAnnotations }}
3233
annotations:
33-
{{- .Values.parseable.podAnnotations | toYaml | nindent 8 }}
34+
{{- toYaml . | nindent 8 }}
35+
{{- end }}
3436
labels:
3537
{{- .Values.parseable.podLabels | toYaml | nindent 8 }}
3638
{{- include "parseable.querierLabelsSelector" . | nindent 8 }}
@@ -39,19 +41,33 @@ spec:
3941
serviceAccountName: {{ include "parseable.serviceAccountName" . }}
4042
{{- with .Values.parseable.toleration }}
4143
tolerations:
42-
{{ toYaml . | nindent 8 }}
44+
{{- toYaml . | nindent 8 }}
4345
{{- end }}
4446
{{- with .Values.parseable.nodeSelector }}
4547
nodeSelector:
4648
{{- toYaml . | nindent 8 }}
4749
{{- end }}
50+
{{- if and .Values.parseable.gcsModeSecret .Values.parseable.gcsModeSecret.enabled }}
51+
volumes:
52+
- name: {{ .Values.parseable.gcsModeSecret.auth.secret_name }}
53+
secret:
54+
secretName: {{ .Values.parseable.gcsModeSecret.auth.secret_name }}
55+
- name: stage-volume
56+
emptyDir: {}
57+
{{- else }}
58+
volumes:
59+
- name: stage-volume
60+
emptyDir: {}
61+
{{- end }}
4862
containers:
4963
- name: {{ .Chart.Name }}
5064
securityContext:
5165
{{- toYaml .Values.parseable.securityContext | nindent 10 }}
5266
image: {{ .Values.parseable.image.repository }}:{{ .Values.parseable.image.tag | default .Chart.AppVersion }}
5367
imagePullPolicy: {{ .Values.parseable.image.pullPolicy }}
54-
args: ["/usr/bin/parseable", {{ if eq .Values.parseable.store "gcs-store" }}"s3-store"{{ else }}{{ .Values.parseable.store | quote }}{{ end }}]
68+
args:
69+
- "/usr/bin/parseable"
70+
- {{ .Values.parseable.store | quote }}
5571
env:
5672
- name: HOSTNAME
5773
valueFrom:
@@ -66,7 +82,7 @@ spec:
6682
- name: P_MAX_DISK_USAGE_PERCENT
6783
value: "95.0"
6884
{{- end }}
69-
{{- range $key, $value := .Values.parseable.env }}
85+
{{- range $key, $value := .Values.parseable.env }}
7086
- name: {{ $key }}
7187
value: {{ tpl $value $ | quote }}
7288
{{- end }}
@@ -95,19 +111,21 @@ spec:
95111
{{- end }}
96112

97113
{{- if and .Values.parseable.gcsModeSecret .Values.parseable.gcsModeSecret.enabled }}
114+
- name: GOOGLE_APPLICATION_CREDENTIALS
115+
value: {{ .Values.parseable.gcsModeSecret.auth.mount_path }}/{{ .Values.parseable.gcsModeSecret.auth.secret_key }}
98116
{{- range $secret := .Values.parseable.gcsModeSecret.secrets }}
99117
{{- range $key := $secret.keys }}
100118
{{- $envPrefix := $secret.prefix | default "" | upper }}
101119
{{- $envKey := $key | upper | replace "." "_" | replace "-" "_" }}
102-
- name: {{ $envPrefix }}{{ $envKey | replace "GCS" "S3"}}
120+
- name: {{ $envPrefix }}{{ $envKey }}
103121
valueFrom:
104122
secretKeyRef:
105123
name: {{ $secret.name }}
106124
key: {{ $key }}
107125
{{- end }}
108126
{{- end }}
109127
{{- end }}
110-
128+
111129
{{- if and .Values.parseable.blobModeSecret .Values.parseable.blobModeSecret.enabled }}
112130
{{- range $secret := .Values.parseable.blobModeSecret.secrets }}
113131
{{- range $key := $secret.keys }}
@@ -121,45 +139,49 @@ spec:
121139
{{- end }}
122140
{{- end }}
123141
{{- end }}
142+
124143
ports:
125144
- containerPort: 8000
126145
{{- with .Values.parseable.readinessProbe }}
127146
readinessProbe:
128-
{{ toYaml . | nindent 12 }}
147+
{{- toYaml . | nindent 10 }}
129148
{{- end }}
130149
resources:
131-
{{- toYaml .Values.parseable.resources | nindent 12 }}
150+
{{- toYaml .Values.parseable.resources | nindent 10 }}
132151
volumeMounts:
133152
- mountPath: "/parseable/staging"
134153
name: stage-volume
135154
{{- if .Values.parseable.persistence.querier.enabled }}
136155
- mountPath: "/parseable/hot-tier"
137156
name: hot-tier-volume
138157
{{- end }}
139-
volumes:
140-
- emptyDir: {}
141-
name: stage-volume
142-
{{- if .Values.parseable.sidecar.enabled}}
158+
{{- if and .Values.parseable.gcsModeSecret .Values.parseable.gcsModeSecret.enabled }}
159+
- mountPath: {{ .Values.parseable.gcsModeSecret.auth.mount_path }}
160+
name: {{ .Values.parseable.gcsModeSecret.auth.secret_name }}
161+
readOnly: true
162+
{{- end }}
163+
{{- if .Values.parseable.sidecar.enabled }}
143164
- name: {{ .Chart.Name }}-sidecar
144165
securityContext:
145-
{{- toYaml .Values.parseable.securityContext | nindent 8 }}
166+
{{- toYaml .Values.parseable.securityContext | nindent 10 }}
146167
image: {{ .Values.parseable.sidecar.image.repository }}:{{ .Values.parseable.sidecar.image.tag }}
147168
imagePullPolicy: {{ .Values.parseable.sidecar.image.pullPolicy }}
148-
command: {{ .Values.parseable.sidecar.command }}
149-
args: {{ .Values.parseable.sidecar.args }}
169+
command: {{ .Values.parseable.sidecar.command }}
170+
args: {{ .Values.parseable.sidecar.args }}
150171
env:
151-
{{- range $key, $value := .Values.parseable.sidecar.env }}
172+
{{- range $key, $value := .Values.parseable.sidecar.env }}
152173
- name: {{ $key }}
153174
value: {{ tpl $value $ | quote }}
154175
{{- end }}
155176
ports:
156177
- containerPort: {{ .Values.parseable.sidecar.ports }}
157178
resources:
158179
{{- toYaml .Values.parseable.sidecar.resources | nindent 10 }}
159-
volumeMounts: {{ .Values.parseable.sidecar.volumeMounts | toYaml | nindent 10 }}
180+
volumeMounts:
181+
{{- .Values.parseable.sidecar.volumeMounts | toYaml | nindent 10 }}
160182
{{- end }}
161-
volumeClaimTemplates:
162183
{{- if .Values.parseable.persistence.querier.enabled }}
184+
volumeClaimTemplates:
163185
- metadata:
164186
name: hot-tier-volume
165187
spec:
@@ -178,8 +200,13 @@ spec:
178200
resources:
179201
requests:
180202
storage: 5Gi
203+
{{- if .Values.parseable.sidecar.enabled }}
204+
{{- .Values.parseable.sidecar.volumeClaimTemplates | toYaml | nindent 2 }}
205+
{{- end }}
206+
{{- else }}
207+
{{- if .Values.parseable.sidecar.enabled }}
208+
volumeClaimTemplates:
209+
{{- .Values.parseable.sidecar.volumeClaimTemplates | toYaml | nindent 2 }}
181210
{{- end }}
182-
{{- if .Values.parseable.sidecar.enabled}}
183-
{{- .Values.parseable.sidecar.volumeClaimTemplates | toYaml | nindent 4 }}
184211
{{- end }}
185212
{{- end }}

helm/templates/standalone-deployment.yaml

Lines changed: 17 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -36,14 +36,14 @@ spec:
3636
imagePullPolicy: {{ .Values.parseable.image.pullPolicy }}
3737
# Uncomment to debug
3838
# command: [ "/bin/sh", "-c", "sleep 1000000" ]
39-
args: [ "/usr/bin/parseable", {{ if eq .Values.parseable.store "gcs-store" }}"s3-store"{{ else }}{{ .Values.parseable.store | quote }}{{ end }}]
39+
args: [ "/usr/bin/parseable", {{ .Values.parseable.store | quote }}]
4040
env:
4141
- name: HOSTNAME
4242
valueFrom:
4343
fieldRef:
4444
apiVersion: v1
4545
fieldPath: metadata.name
46-
{{- range $key, $value := .Values.parseable.env }}
46+
{{- range $key, $value := .Values.parseable.env }}
4747
- name: {{ $key }}
4848
value: {{ tpl $value $ | quote }}
4949
{{- end }}
@@ -92,11 +92,13 @@ spec:
9292
{{- end }}
9393

9494
{{- if and .Values.parseable.gcsModeSecret .Values.parseable.gcsModeSecret.enabled }}
95+
- name: GOOGLE_APPLICATION_CREDENTIALS
96+
value: {{ .Values.parseable.gcsModeSecret.auth.mount_path }}
9597
{{- range $secret := .Values.parseable.gcsModeSecret.secrets }}
9698
{{- range $key := $secret.keys }}
9799
{{- $envPrefix := $secret.prefix | default "" | upper }}
98100
{{- $envKey := $key | upper | replace "." "_" | replace "-" "_" }}
99-
- name: {{ $envPrefix }}{{ $envKey | replace "GCS" "S3"}}
101+
- name: {{ $envPrefix }}{{ $envKey }}
100102
valueFrom:
101103
secretKeyRef:
102104
name: {{ $secret.name }}
@@ -119,21 +121,30 @@ spec:
119121
{{- end }}
120122
{{- end }}
121123

122-
123124
ports:
124125
- containerPort: 8000
125126
{{- with .Values.readinessProbe }}
126127
readinessProbe:
127-
{{ toYaml . | nindent 12 }}
128+
{{- toYaml . | nindent 12 }}
128129
{{- end }}
129130
resources:
130131
{{- toYaml .Values.parseable.resources | nindent 12 }}
131132
volumeMounts:
133+
{{- if and .Values.parseable.gcsModeSecret .Values.parseable.gcsModeSecret.enabled }}
134+
- mountPath: {{ .Values.parseable.gcsModeSecret.auth.mount_path }}
135+
name: {{ .Values.parseable.gcsModeSecret.auth.secret_name }}
136+
readOnly: true
137+
{{- end }}
132138
- mountPath: "/parseable/data"
133139
name: data-volume
134140
- mountPath: "/parseable/staging"
135141
name: stage-volume
136142
volumes:
143+
{{- if and .Values.parseable.gcsModeSecret .Values.parseable.gcsModeSecret.enabled }}
144+
- name: {{ .Values.parseable.gcsModeSecret.auth.secret_name }}
145+
secret:
146+
secretName: {{ .Values.parseable.gcsModeSecret.auth.secret_name }}
147+
{{- end }}
137148
{{- if .Values.parseable.persistence.staging.enabled }}
138149
- name: stage-volume
139150
persistentVolumeClaim:
@@ -158,4 +169,4 @@ spec:
158169
tolerations:
159170
{{- toYaml . | nindent 8 }}
160171
{{- end }}
161-
{{- end }} # Closing for "if eq .Values.parseable.highAvailability.enabled false"
172+
{{- end }}

0 commit comments

Comments
 (0)