Personal-Twin/hapi-fhir-jpaserver-starter
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

simplified helm chart

Browse Source
This commit is contained in:
chgl
2021-10-07 00:38:42 +02:00
committed by Jens Kristian Villadsen
parent 79fddf8309
commit eaffce0d42
18 changed files with 285 additions and 305 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
charts/hapi-fhir-jpaserver/templates/_helpers.tpl
View File

@@ -30,6 +30,18 @@ Create chart name and version as used by the chart label.
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create image tag
*/}}
{{- define "hapi-fhir-jpaserver.imageTag" -}}
{{- $version := default .Chart.AppVersion .Values.image.tag -}}
{{- if .Values.image.flavor }}
{{- printf "%s-%s" $version .Values.image.flavor }}
{{- else }}
{{- printf "%s" $version }}
{{- end }}
{{- end }}
{{/*
Common labels
*/}}
@@ -60,7 +72,7 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this
{{- end -}}
{{/*
Get the Postgresql credentials secret.
Get the Postgresql credentials secret name.
*/}}
{{- define "hapi-fhir-jpaserver.postgresql.secretName" -}}
{{- if and (.Values.postgresql.enabled) (not .Values.postgresql.existingSecret) -}}
@@ -71,11 +83,22 @@ Get the Postgresql credentials secret.
{{- if .Values.externalDatabase.existingSecret -}}
{{- printf "%s" .Values.externalDatabase.existingSecret -}}
{{- else -}}
{{ printf "%s-%s" .Release.Name "externaldb" }}
{{ printf "%s-%s" (include "hapi-fhir-jpaserver.fullname" .) "external-db" }}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Get the Postgresql credentials secret key.
*/}}
{{- define "hapi-fhir-jpaserver.postgresql.secretKey" -}}
{{- if (.Values.externalDatabase.existingSecret) -}}
{{- printf "%s" .Values.externalDatabase.existingSecretKey -}}
{{- else }}
{{- printf "postgresql-password" -}}
{{- end -}}
{{- end -}}
{{/*
Add environment variables to configure database values
*/}}
@@ -87,7 +110,7 @@ Add environment variables to configure database values
Add environment variables to configure database values
*/}}
{{- define "hapi-fhir-jpaserver.database.user" -}}
{{- ternary .Values.postgresql.postgresqlUsername .Values.externalDatabase.user .Values.postgresql.enabled | quote -}}
{{- ternary .Values.postgresql.postgresqlUsername .Values.externalDatabase.user .Values.postgresql.enabled -}}
{{- end -}}
{{/*
@@ -111,5 +134,6 @@ Create the JDBC URL from the host, port and database name.
{{- $host := (include "hapi-fhir-jpaserver.database.host" .) -}}
{{- $port := (include "hapi-fhir-jpaserver.database.port" .) -}}
{{- $name := (include "hapi-fhir-jpaserver.database.name" .) -}}
{{ printf "jdbc:postgresql://%s:%d/%s" $host (int $port) $name }}
{{- $appName := .Release.Name -}}
{{ printf "jdbc:postgresql://%s:%d/%s?ApplicationName=%s" $host (int $port) $name $appName }}
{{- end -}}

31
charts/hapi-fhir-jpaserver/templates/deployment.yaml
View File

@@ -28,10 +28,9 @@ spec:
{{- end }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
{{- if .Values.postgresql.enabled }}
initContainers:
- name: wait-for-db
image: busybox:1.32
- name: wait-for-db-to-be-ready
image: "{{ .Values.postgresql.image.registry }}/{{ .Values.postgresql.image.repository }}:{{ .Values.postgresql.image.tag }}"
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
@@ -41,15 +40,27 @@ spec:
drop:
- ALL
runAsNonRoot: true
runAsUser: 11111
runAsGroup: 11111
command: ["sh", "-c", "while ! nc -z {{ .Release.Name }}-postgresql 5432 -w 5; do echo $(date) waiting for database; sleep 5; done;"]
{{- end }}
runAsUser: 1001
runAsGroup: 1001
env:
- name: PGHOST
value: "{{ include "hapi-fhir-jpaserver.database.host" . }}"
- name: PGPORT
value: "{{ include "hapi-fhir-jpaserver.database.port" . }}"
- name: PGUSER
value: "{{ include "hapi-fhir-jpaserver.database.user" . }}"
command: ["/bin/sh", "-c"]
args:
- |
until pg_isready; do
echo "Waiting for DB ${PGUSER}@${PGHOST}:${PGPORT} to be up";
sleep 15;
done;
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}"
image: {{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ include "hapi-fhir-jpaserver.imageTag" . }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- name: http
@@ -68,7 +79,7 @@ spec:
{{- end }}
startupProbe:
httpGet:
path: /fhir/Patient?_count=1
path: /fhir/metadata
port: http
{{- with .Values.startupProbe }}
initialDelaySeconds: {{ .initialDelaySeconds }}
@@ -88,7 +99,7 @@ spec:
valueFrom:
secretKeyRef:
name: {{ include "hapi-fhir-jpaserver.postgresql.secretName" . }}
key: postgresql-password
key: {{ include "hapi-fhir-jpaserver.postgresql.secretKey" . }}
- name: SPRING_DATASOURCE_DRIVERCLASSNAME
value: org.postgresql.Driver
- name: SPRING_JPA_PROPERTIES_HIBERNATE_DIALECT

4
charts/hapi-fhir-jpaserver/templates/externaldb-secret.yaml
View File

@@ -1,8 +1,8 @@
{{- if and (not .Values.postgresql.enabled) (not .Values.externalDatabase.existingSecret) (not .Values.postgresql.existingSecret)}}
{{- if and (not .Values.postgresql.enabled) (not .Values.externalDatabase.existingSecret) (not .Values.postgresql.existingSecret) }}
apiVersion: v1
kind: Secret
metadata:
name: {{ printf "%s-%s" .Release.Name "externaldb" }}
name: {{ include "hapi-fhir-jpaserver.fullname" . }}-external-db
labels:
{{- include "hapi-fhir-jpaserver.labels" . | nindent 4 }}
type: Opaque

5
charts/hapi-fhir-jpaserver/templates/ingress.yaml
View File

@@ -1,6 +1,5 @@
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "hapi-fhir-jpaserver.fullname" . -}}
{{- $svcPort := .Values.service.port -}}
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion }}
@@ -44,10 +43,10 @@ spec:
service:
name: {{ $fullName }}
port:
number: {{ $svcPort }}
name: http
{{ else }}
serviceName: {{ $fullName }}
servicePort: {{ $svcPort }}
servicePort: http
{{- end }}
{{- end }}
{{- end }}

27
charts/hapi-fhir-jpaserver/templates/networkpolicy.yaml Normal file
View File

@@ -0,0 +1,27 @@
{{- if .Values.networkPolicy.enabled }}
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
name: {{ include "hapi-fhir-jpaserver.fullname" . }}
labels:
{{- include "hapi-fhir-jpaserver.labels" . | nindent 4 }}
spec:
podSelector:
matchLabels:
{{- include "hapi-fhir-jpaserver.selectorLabels" . | nindent 6 }}
ingress:
# Allow inbound connections from pods with the "hapi-fhir-jpaserver-client: true" label
- ports:
- port: http
from:
- podSelector:
matchLabels:
{{ include "hapi-fhir-jpaserver.fullname" . }}-client: "true"
{{- with .Values.networkPolicy.explicitNamespacesSelector }}
namespaceSelector:
{{ toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.networkPolicy.allowedFrom }}
{{ tpl (toYaml .) $ | nindent 8 }}
{{- end }}
{{- end }}

2
charts/hapi-fhir-jpaserver/templates/tests/test-connection.yaml
View File

@@ -4,6 +4,7 @@ metadata:
name: "{{ include "hapi-fhir-jpaserver.fullname" . }}-test-connection"
labels:
{{- include "hapi-fhir-jpaserver.labels" . | nindent 4 }}
{{ include "hapi-fhir-jpaserver.fullname" . }}-client: "true"
annotations:
"helm.sh/hook": test
spec:
@@ -11,7 +12,6 @@ spec:
containers:
- name: wget
image: busybox:1
imagePullPolicy: Always
command: ['wget', '-O', '-']
args: ['http://{{ include "hapi-fhir-jpaserver.fullname" . }}:{{ .Values.service.port }}/fhir/Patient?_count=1']
securityContext: