Skip to content

Commit b3b891a

Browse files
committed
feat: Add PostgreSQL support and enhance Helm chart annotations
- Implemented PostgreSQL support in backup cronjob, statefulsets, and other templates. - Added common annotations for better resource management and identification. - Introduced external database CIDR configuration for network policies. - Enhanced validation checks for external database usage and resource requests. - Created a new PVC template for backup storage. - Updated values.yaml and values.schema.json to accommodate new configurations.
1 parent aaf262b commit b3b891a

23 files changed

Lines changed: 261 additions & 185 deletions

charts/devlake/templates/_helpers.tpl

Lines changed: 12 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,15 @@ helm.sh/chart: {{ include "devlake.chart" . }}
4040
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
4141
{{- end }}
4242
app.kubernetes.io/managed-by: {{ .Release.Service }}
43+
app.kubernetes.io/part-of: devlake
44+
{{- end -}}
45+
46+
{{/*
47+
Common annotations
48+
*/}}
49+
{{- define "devlake.annotations" -}}
50+
meta.helm.sh/release-name: {{ .Release.Name }}
51+
meta.helm.sh/release-namespace: {{ .Release.Namespace }}
4352
{{- end -}}
4453

4554
{{/*
@@ -66,8 +75,10 @@ Create the name of the service account to use
6675
{{- define "devlake.serviceAccountName" -}}
6776
{{- if .Values.serviceAccount.name -}}
6877
{{- .Values.serviceAccount.name -}}
69-
{{- else -}}
78+
{{- else if .Values.serviceAccount.create -}}
7079
{{- include "devlake.fullname" . }}-sa
80+
{{- else -}}
81+
default
7182
{{- end -}}
7283
{{- end -}}
7384

charts/devlake/templates/backup-cronjob.yaml

Lines changed: 9 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,9 @@ metadata:
2121
name: {{ include "devlake.fullname" . }}-backup
2222
labels:
2323
{{- include "devlake.labels" . | nindent 4 }}
24+
app.kubernetes.io/component: backup
25+
annotations:
26+
{{- include "devlake.annotations" . | nindent 4 }}
2427
spec:
2528
schedule: "{{ .Values.backup.schedule }}"
2629
successfulJobsHistoryLimit: {{ .Values.backup.successfulJobsHistoryLimit }}
@@ -45,7 +48,11 @@ spec:
4548
type: RuntimeDefault
4649
containers:
4750
- name: backup
51+
{{- if eq .Values.database.type "mysql" }}
4852
image: "{{ .Values.backup.image.repository }}:{{ .Values.backup.image.tag }}"
53+
{{- else if eq .Values.database.type "postgresql" }}
54+
image: "postgres:{{ .Values.backup.image.postgresTag | default "14" }}"
55+
{{- end }}
4956
imagePullPolicy: {{ .Values.backup.image.pullPolicy }}
5057
securityContext:
5158
readOnlyRootFilesystem: true
@@ -69,10 +76,10 @@ spec:
6976
echo "Starting backup at ${TIMESTAMP}..."
7077
7178
{{- if eq .Values.database.type "mysql" }}
72-
mysqldump -h$(MYSQL_SERVER) -P$(MYSQL_PORT) -u$(MYSQL_USER) -p$(MYSQL_PASSWORD) $(MYSQL_DATABASE) \
79+
mysqldump -h"${MYSQL_SERVER}" -P"${MYSQL_PORT}" -u"${MYSQL_USER}" -p"${MYSQL_PASSWORD}" "${MYSQL_DATABASE}" \
7380
--single-transaction --quick --lock-tables=false | gzip > "${BACKUP_FILE}"
7481
{{- else if eq .Values.database.type "postgresql" }}
75-
PGPASSWORD=$(DB_PASSWORD) pg_dump -h $(DB_SERVER) -p $(DB_PORT) -U $(DB_USER) $(DB_DATABASE) \
82+
PGPASSWORD="${DB_PASSWORD}" pg_dump -h "${DB_SERVER}" -p "${DB_PORT}" -U "${DB_USER}" "${DB_DATABASE}" \
7683
--no-owner --no-acl | gzip > "${BACKUP_FILE}"
7784
{{- end }}
7885
Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
#
2+
# Licensed to the Apache Software Foundation (ASF) under one or more
3+
# contributor license agreements. See the NOTICE file distributed with
4+
# this work for additional information regarding copyright ownership.
5+
# The ASF licenses this file to You under the Apache License, Version 2.0
6+
# (the "License"); you may not use this file except in compliance with
7+
# the License. You may obtain a copy of the License at
8+
#
9+
# http://www.apache.org/licenses/LICENSE-2.0
10+
#
11+
# Unless required by applicable law or agreed to in writing, software
12+
# distributed under the License is distributed on an "AS IS" BASIS,
13+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14+
# See the License for the specific language governing permissions and
15+
# limitations under the License.
16+
#
17+
{{- if and .Values.backup.enabled (not .Values.backup.pvc.existingClaim) }}
18+
apiVersion: v1
19+
kind: PersistentVolumeClaim
20+
metadata:
21+
name: {{ include "devlake.fullname" . }}-backup
22+
labels:
23+
{{- include "devlake.labels" . | nindent 4 }}
24+
app.kubernetes.io/component: storage
25+
annotations:
26+
{{- include "devlake.annotations" . | nindent 4 }}
27+
spec:
28+
accessModes:
29+
- ReadWriteOnce
30+
{{- with .Values.backup.pvc.storageClassName }}
31+
storageClassName: "{{ . }}"
32+
{{- end }}
33+
resources:
34+
requests:
35+
storage: {{ .Values.backup.pvc.size | default "10Gi" }}
36+
{{- end }}

charts/devlake/templates/configmap.yaml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,8 +21,15 @@ metadata:
2121
name: {{ include "devlake.db.configmap" . }}
2222
labels:
2323
{{- include "devlake.labels" . | nindent 4 }}
24+
app.kubernetes.io/component: config
25+
annotations:
26+
{{- include "devlake.annotations" . | nindent 4 }}
2427
data:
2528
# Database connection configuration (non-sensitive)
29+
# Note: Environment variable naming differs by database type:
30+
# - MySQL: MYSQL_* prefix (standard MySQL client convention)
31+
# - PostgreSQL: DB_* prefix (PostgreSQL client convention)
32+
# This follows each database's standard naming to avoid conflicts
2633
{{- if eq .Values.database.type "mysql" }}
2734
MYSQL_USER: "{{ .Values.database.username }}"
2835
MYSQL_DATABASE: "{{ .Values.database.database }}"

charts/devlake/templates/deployments.yaml

Lines changed: 10 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -22,9 +22,12 @@ metadata:
2222
name: {{ include "devlake.fullname" . }}-ui
2323
labels:
2424
{{- include "devlake.labels" . | nindent 4 }}
25+
app.kubernetes.io/component: ui
2526
{{- with .Values.ui.deployment.extraLabels }}
2627
{{- toYaml . | nindent 4 }}
2728
{{- end }}
29+
annotations:
30+
{{- include "devlake.annotations" . | nindent 4 }}
2831
spec:
2932
replicas: {{ .Values.ui.replicaCount }}
3033
revisionHistoryLimit: {{ .Values.ui.revisionHistoryLimit }}
@@ -127,10 +130,13 @@ kind: Deployment
127130
metadata:
128131
name: {{ include "devlake.fullname" . }}-lake
129132
labels:
130-
{{- include "devlake.labels" . | nindent 4 }}
131-
{{- with .Values.lake.deployment.extraLabels }}
132-
{{- toYaml . | nindent 4 }}
133-
{{- end }}
133+
{{- include "devlake.labels" . | nindent 4 }}
134+
app.kubernetes.io/component: lake
135+
{{- with .Values.lake.deployment.extraLabels }}
136+
{{- toYaml . | nindent 4 }}
137+
{{- end }}
138+
annotations:
139+
{{- include "devlake.annotations" . | nindent 4 }}
134140
spec:
135141
replicas: {{ .Values.lake.replicaCount }}
136142
revisionHistoryLimit: {{ .Values.lake.revisionHistoryLimit }}
@@ -257,11 +263,6 @@ spec:
257263
- {{- $volume | toYaml | nindent 10 }}
258264
{{- end }}
259265
{{- end }}
260-
{{- if .Values.lake.hostNetwork }}
261-
# DEPRECATED in 2.1.0. Will be removed in 2.2.0.
262-
hostNetwork: true
263-
dnsPolicy: ClusterFirstWithHostNet
264-
{{- end }}
265266
{{- with .Values.lake.nodeSelector }}
266267
nodeSelector:
267268
{{- toYaml . | nindent 8 }}

charts/devlake/templates/external-secret.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,9 @@ metadata:
2222
name: {{ include "devlake.fullname" . }}-external-secret
2323
labels:
2424
{{- include "devlake.labels" . | nindent 4 }}
25+
app.kubernetes.io/component: secret
26+
annotations:
27+
{{- include "devlake.annotations" . | nindent 4 }}
2528
spec:
2629
secretStoreRef:
2730
name: {{ .Values.externalSecrets.secretStoreRef.name }}

charts/devlake/templates/hpa.yaml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,9 @@ metadata:
2222
name: {{ include "devlake.fullname" . }}-lake
2323
labels:
2424
{{- include "devlake.labels" . | nindent 4 }}
25+
app.kubernetes.io/component: lake
26+
annotations:
27+
{{- include "devlake.annotations" . | nindent 4 }}
2528
spec:
2629
scaleTargetRef:
2730
apiVersion: apps/v1
@@ -45,6 +48,9 @@ metadata:
4548
name: {{ include "devlake.fullname" . }}-ui
4649
labels:
4750
{{- include "devlake.labels" . | nindent 4 }}
51+
app.kubernetes.io/component: ui
52+
annotations:
53+
{{- include "devlake.annotations" . | nindent 4 }}
4854
spec:
4955
scaleTargetRef:
5056
apiVersion: apps/v1

charts/devlake/templates/ingresses.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,10 +35,12 @@ metadata:
3535
name: {{ $fullName }}
3636
labels:
3737
{{- include "devlake.labels" . | nindent 4 }}
38+
app.kubernetes.io/component: ingress
3839
{{- with .Values.ingress.extraLabels }}
3940
{{- toYaml . | nindent 4 }}
4041
{{- end }}
4142
annotations:
43+
{{- include "devlake.annotations" . | nindent 4 }}
4244
{{- if .Values.ingress.useDefaultNginx }}
4345
nginx.ingress.kubernetes.io/rate-limit: {{ .Values.ingress.rateLimit | quote }}
4446
{{- end }}

charts/devlake/templates/networkpolicy-database.yaml

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,9 @@ metadata:
2222
name: {{ include "devlake.fullname" . }}-database
2323
labels:
2424
{{- include "devlake.labels" . | nindent 4 }}
25+
app.kubernetes.io/component: network-policy
26+
annotations:
27+
{{- include "devlake.annotations" . | nindent 4 }}
2528
spec:
2629
podSelector:
2730
matchLabels:
@@ -37,14 +40,14 @@ spec:
3740
ports:
3841
- protocol: TCP
3942
port: {{ if eq .Values.database.type "mysql" }}3306{{ else }}5432{{ end }}
40-
{{- if .Values.grafana.enabled }}
41-
# Grafana dashboard access (when grafana.enabled=true)
43+
{{- if and .Values.grafana.enabled (eq .Values.database.type "mysql") }}
44+
# Grafana dashboard access (only for MySQL - Grafana dashboards don't support PostgreSQL datasources)
4245
- from:
4346
- podSelector:
4447
matchLabels:
4548
app.kubernetes.io/name: grafana
4649
ports:
4750
- protocol: TCP
48-
port: {{ if eq .Values.database.type "mysql" }}3306{{ else }}5432{{ end }}
51+
port: 3306
4952
{{- end }}
5053
{{- end }}

charts/devlake/templates/networkpolicy-lake.yaml

Lines changed: 23 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,9 @@ metadata:
2222
name: {{ include "devlake.fullname" . }}-lake
2323
labels:
2424
{{- include "devlake.labels" . | nindent 4 }}
25+
app.kubernetes.io/component: network-policy
26+
annotations:
27+
{{- include "devlake.annotations" . | nindent 4 }}
2528
spec:
2629
podSelector:
2730
matchLabels:
@@ -39,21 +42,37 @@ spec:
3942
port: 8080
4043
egress:
4144
# Database access
45+
{{- if .Values.database.useExternal }}
46+
# External database access
47+
- to:
48+
{{- if .Values.networkPolicy.externalDatabaseCIDRs }}
49+
{{- range .Values.networkPolicy.externalDatabaseCIDRs }}
50+
- ipBlock:
51+
cidr: {{ . }}
52+
{{- end }}
53+
{{- else }}
54+
- ipBlock:
55+
cidr: 0.0.0.0/0
56+
{{- end }}
57+
ports:
58+
- protocol: TCP
59+
port: {{ include "database.port" . }}
60+
{{- else }}
61+
# Internal database access
4262
- to:
4363
- podSelector:
4464
matchLabels:
4565
devlakeComponent: {{ if eq .Values.database.type "mysql" }}mysql{{ else }}postgresql{{ end }}
4666
ports:
4767
- protocol: TCP
4868
port: {{ if eq .Values.database.type "mysql" }}3306{{ else }}5432{{ end }}
49-
# DNS resolution (scoped to kube-dns pods in kube-system)
69+
{{- end }}
70+
# DNS resolution
71+
# Allow DNS to kube-system namespace (supports both kube-dns and CoreDNS)
5072
- to:
5173
- namespaceSelector:
5274
matchLabels:
5375
kubernetes.io/metadata.name: kube-system
54-
podSelector:
55-
matchLabels:
56-
k8s-app: kube-dns
5776
ports:
5877
- protocol: UDP
5978
port: 53

0 commit comments

Comments
 (0)