Personal-Twin/hapi-fhir-jpaserver-starter
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

updated helm chart to use latest v6.0.1 version of the image (#382)

Browse Source 
* updated helm chart to use latest v6.0.1 version of the image

* updated workflow to run against multiple k8s versions
This commit is contained in:
chgl
2022-06-04 14:24:28 +02:00
committed by GitHub
parent 2daf365bdf
commit 67caa88e06
9 changed files with 139 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
charts/hapi-fhir-jpaserver/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies:
- name: postgresql
repository: https://charts.bitnami.com/bitnami
version: 11.1.19
digest: sha256:5bb38230bfa62c63547851e6f46f66a61441a4a4f18e3689827546277e34d192
generated: "2022-04-08T21:55:34.6868891+02:00"
version: 11.6.2
digest: sha256:1b96efc47b5dbe28bf34bcb694697325f3d2755a39ce2f1c371b2c9de9fac9d3
generated: "2022-06-03T11:48:19.1684784+02:00"

30
charts/hapi-fhir-jpaserver/Chart.yaml
View File

@@ -7,9 +7,11 @@ sources:
- https://github.com/hapifhir/hapi-fhir-jpaserver-starter
dependencies:
- name: postgresql
version: 11.1.19
version: 11.6.2
repository: https://charts.bitnami.com/bitnami
condition: postgresql.enabled
appVersion: v6.0.1
version: 0.9.0
annotations:
artifacthub.io/license: Apache-2.0
artifacthub.io/changes: |
@@ -17,13 +19,27 @@ annotations:
# added, changed, deprecated, removed, fixed, and security.
- kind: changed
description: |
updated HAPI FHIR starter image to 5.7.0
BREAKING CHANGE: updated HAPI FHIR starter image to v6.0.1.
See <https://github.com/hapifhir/hapi-fhir/releases/tag/v6.0.0> for all application changes.
- kind: changed
description: |
BREAKING CHANGE: updated included PostgreSQL-subchart to v11
updated included PostgreSQL-subchart to v11.6.2
- kind: fixed
description: |
use a fixed image for the wait-for-database container (docker.io/bitnami/postgresql:14.3.0-debian-10-r20)
instead of relying on the PostgreSQL sub-chart values
- kind: changed
description: |
BREAKING CHANGE: removed ability to override the image flavor.
The one based on distroless is now the new default.
appVersion: v5.7.0
version: 0.8.0
expose actuator/metrics endpoint on a separate port (8081)
- kind: added
description: |
support for monitoring metrics using ServiceMonitor CRDs
- kind: changed
description: |
switched liveness and readiness probes to Spring Boot actuator endpoints
- kind: changed
description: |
BREAKING CHANGE: removed included `NetworkPolicy`, which is subject to more thorough rework
- kind: added
description: |
allow configuring `topologySpreadConstraints` for the deployment

16
charts/hapi-fhir-jpaserver/README.md
View File

@@ -1,6 +1,6 @@
# HAPI FHIR JPA Server Starter Helm Chart
![Version: 0.8.0](https://img.shields.io/badge/Version-0.8.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v5.7.0](https://img.shields.io/badge/AppVersion-v5.7.0-informational?style=flat-square)
![Version: 0.9.0](https://img.shields.io/badge/Version-0.9.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v6.0.1](https://img.shields.io/badge/AppVersion-v6.0.1-informational?style=flat-square)
This helm chart will help you install the HAPI FHIR JPA Server in a Kubernetes environment.
@@ -40,10 +40,15 @@ helm install --render-subchart-notes hapi-fhir-jpaserver hapifhir/hapi-fhir-jpas
| ingress.hosts[0].pathType | string | `"ImplementationSpecific"` | |
| ingress.hosts[0].paths[0] | string | `"/"` | |
| ingress.tls | list | `[]` | ingress TLS config |
| livenessProbe.failureThreshold | int | `5` | |
| livenessProbe.initialDelaySeconds | int | `30` | |
| livenessProbe.periodSeconds | int | `20` | |
| livenessProbe.successThreshold | int | `1` | |
| livenessProbe.timeoutSeconds | int | `30` | |
| metrics.service.port | int | `8081` | |
| metrics.serviceMonitor.additionalLabels | object | `{}` | additional labels to apply to the ServiceMonitor object, e.g. `release: prometheus` |
| metrics.serviceMonitor.enabled | bool | `false` | if enabled, creates a ServiceMonitor instance for Prometheus Operator-based monitoring |
| nameOverride | string | `""` | override the chart name |
| networkPolicy.allowedFrom | list | `[]` | Additional allowed NetworkPolicyPeer specs Evaluated as a template so you could do: Example: allowedFrom: - podSelector: matchLabels: app.kubernetes.io/name: {{ $.Release.Name }} |
| networkPolicy.enabled | bool | `false` | enable NetworkPolicy |
| networkPolicy.explicitNamespacesSelector | object | `{}` | a Kubernetes LabelSelector to explicitly select namespaces from which ingress traffic could be allowed |
| nodeSelector | object | `{}` | node selector for the pod |
| podAnnotations | object | `{}` | annotations applied to the server pod |
| podDisruptionBudget.enabled | bool | `false` | Enable PodDisruptionBudget for the server pods. uses policy/v1/PodDisruptionBudget thus requiring k8s 1.21+ |
@@ -75,6 +80,7 @@ helm install --render-subchart-notes hapi-fhir-jpaserver hapifhir/hapi-fhir-jpas
| startupProbe.successThreshold | int | `1` | |
| startupProbe.timeoutSeconds | int | `30` | |
| tolerations | list | `[]` | pod tolerations |
| topologySpreadConstraints | list | `[]` | pod topology spread configuration see: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#api |
## Development
@@ -89,4 +95,4 @@ INFO[2021-11-20T12:38:04Z] Generating README Documentation for chart /usr/src/ap
```
----------------------------------------------
Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/norwoodj/helm-docs/releases/v1.5.0)
Autogenerated from chart metadata using [helm-docs v1.9.1](https://github.com/norwoodj/helm-docs/releases/v1.9.1)

32
charts/hapi-fhir-jpaserver/templates/deployment.yaml
View File

@@ -30,7 +30,7 @@ spec:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
initContainers:
- name: wait-for-db-to-be-ready
image: "{{ .Values.postgresql.image.registry }}/{{ .Values.postgresql.image.repository }}:{{ .Values.postgresql.image.tag }}"
image: docker.io/bitnami/postgresql:14.3.0-debian-10-r20
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
@@ -66,9 +66,23 @@ spec:
- name: http
containerPort: 8080
protocol: TCP
- name: metrics
containerPort: 8081
protocol: TCP
startupProbe:
httpGet:
path: /readyz
port: http
{{- with .Values.startupProbe }}
initialDelaySeconds: {{ .initialDelaySeconds }}
periodSeconds: {{ .periodSeconds }}
timeoutSeconds: {{ .timeoutSeconds }}
successThreshold: {{ .successThreshold }}
failureThreshold: {{ .failureThreshold }}
{{- end }}
readinessProbe:
httpGet:
path: /
path: /readyz
port: http
{{- with .Values.readinessProbe }}
initialDelaySeconds: {{ .initialDelaySeconds }}
@@ -77,11 +91,11 @@ spec:
successThreshold: {{ .successThreshold }}
failureThreshold: {{ .failureThreshold }}
{{- end }}
startupProbe:
livenessProbe:
httpGet:
path: /fhir/metadata
path: /livez
port: http
{{- with .Values.startupProbe }}
{{- with .Values.livenessProbe }}
initialDelaySeconds: {{ .initialDelaySeconds }}
periodSeconds: {{ .periodSeconds }}
timeoutSeconds: {{ .timeoutSeconds }}
@@ -106,6 +120,10 @@ spec:
value: ca.uhn.fhir.jpa.model.dialect.HapiFhirPostgres94Dialect
- name: HAPI_FHIR_USE_APACHE_ADDRESS_STRATEGY
value: "true"
- name: MANAGEMENT_ENDPOINT_HEALTH_PROBES_ADD_ADDITIONAL_PATHS
value: "true"
- name: MANAGEMENT_SERVER_PORT
value: "8081"
{{- if .Values.extraEnv }}
{{ toYaml .Values.extraEnv | nindent 12 }}
{{- end }}
@@ -126,6 +144,10 @@ spec:
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.topologySpreadConstraints }}
topologySpreadConstraints:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
- name: tmp-volume
emptyDir: {}

27
charts/hapi-fhir-jpaserver/templates/networkpolicy.yaml
View File

@@ -1,27 +0,0 @@
{{- if .Values.networkPolicy.enabled }}
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
name: {{ include "hapi-fhir-jpaserver.fullname" . }}
labels:
{{- include "hapi-fhir-jpaserver.labels" . | nindent 4 }}
spec:
podSelector:
matchLabels:
{{- include "hapi-fhir-jpaserver.selectorLabels" . | nindent 6 }}
ingress:
# Allow inbound connections from pods with the "hapi-fhir-jpaserver-client: true" label
- ports:
- port: http
from:
- podSelector:
matchLabels:
{{ include "hapi-fhir-jpaserver.fullname" . }}-client: "true"
{{- with .Values.networkPolicy.explicitNamespacesSelector }}
namespaceSelector:
{{ toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.networkPolicy.allowedFrom }}
{{ tpl (toYaml .) $ | nindent 8 }}
{{- end }}
{{- end }}

4
charts/hapi-fhir-jpaserver/templates/service.yaml
View File

@@ -11,5 +11,9 @@ spec:
targetPort: http
protocol: TCP
name: http
- port: {{ .Values.metrics.service.port }}
targetPort: metrics
protocol: TCP
name: metrics
selector:
{{- include "hapi-fhir-jpaserver.selectorLabels" . | nindent 4 }}

30
charts/hapi-fhir-jpaserver/templates/servicemonitor.yaml Normal file
View File

@@ -0,0 +1,30 @@
{{- if .Values.metrics.serviceMonitor.enabled }}
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: {{ include "hapi-fhir-jpaserver.fullname" . }}
{{- if .Values.metrics.serviceMonitor.namespace }}
namespace: {{ .Values.metrics.serviceMonitor.namespace }}
{{- end }}
labels:
{{- include "hapi-fhir-jpaserver.labels" . | nindent 4 }}
{{- if .Values.metrics.serviceMonitor.additionalLabels }}
{{- toYaml .Values.metrics.serviceMonitor.additionalLabels | nindent 4 }}
{{- end }}
spec:
endpoints:
- port: metrics
path: /actuator/prometheus
{{- if .Values.metrics.serviceMonitor.interval }}
interval: {{ .Values.metrics.serviceMonitor.interval }}
{{- end }}
{{- if .Values.metrics.serviceMonitor.scrapeTimeout }}
scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }}
{{- end }}
namespaceSelector:
matchNames:
- {{ .Release.Namespace }}
selector:
matchLabels:
{{- include "hapi-fhir-jpaserver.selectorLabels" . | nindent 6 }}
{{- end }}

51
charts/hapi-fhir-jpaserver/values.yaml
View File

@@ -88,6 +88,18 @@ tolerations: []
# -- pod affinity
affinity: {}
# -- pod topology spread configuration
# see: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#api
topologySpreadConstraints:
[]
# - maxSkew: 1
# topologyKey: topology.kubernetes.io/zone
# whenUnsatisfiable: ScheduleAnyway
# labelSelector:
# matchLabels:
# app.kubernetes.io/instance: hapi-fhir-jpaserver
# app.kubernetes.io/name: hapi-fhir-jpaserver
postgresql:
# -- enable an included PostgreSQL DB.
# see <https://github.com/bitnami/charts/tree/master/bitnami/postgresql> for details
@@ -126,6 +138,13 @@ startupProbe:
successThreshold: 1
timeoutSeconds: 30
livenessProbe:
failureThreshold: 5
initialDelaySeconds: 30
periodSeconds: 20
successThreshold: 1
timeoutSeconds: 30
externalDatabase:
# -- external database host used with `postgresql.enabled=false`
host: localhost
@@ -142,26 +161,6 @@ externalDatabase:
# -- database name
database: fhir
networkPolicy:
# -- enable NetworkPolicy
enabled: false
# -- a Kubernetes LabelSelector to explicitly select namespaces from which ingress traffic could be allowed
explicitNamespacesSelector:
{}
# matchLabels:
# team: one
# test: foo
# -- Additional allowed NetworkPolicyPeer specs
# Evaluated as a template so you could do:
#
# Example:
# allowedFrom:
# - podSelector:
# matchLabels:
# app.kubernetes.io/name: {{ $.Release.Name }}
allowedFrom: []
# -- extra environment variables to set on the server container
extraEnv:
[]
@@ -176,3 +175,15 @@ podDisruptionBudget:
minAvailable: 1
# -- maximum unavailable instances
maxUnavailable: ""
metrics:
serviceMonitor:
# -- if enabled, creates a ServiceMonitor instance for Prometheus Operator-based monitoring
enabled: false
# -- additional labels to apply to the ServiceMonitor object, e.g. `release: prometheus`
additionalLabels: {}
# namespace: monitoring
# interval: 30s
# scrapeTimeout: 10s
service:
port: 8081