public/nplus
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Public Information

Browse Source
This commit is contained in:
Andreas Ahmann
2026-03-10 07:33:55 +01:00
commit 4c9519166e
499 changed files with 125937 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
charts/database/templates/component.tpl Normal file
View File

@@ -0,0 +1,2 @@
{{- include "nplus.init" $ -}}
{{- include "nplus.component" . -}}

16
charts/database/templates/config.tpl Normal file
View File

@@ -0,0 +1,16 @@
{{- include "nplus.init" $ -}}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .component.fullName }}-config
{{- if .this.utils.includeNamespace }}
namespace: {{ .Release.Namespace }}
{{- end }}
labels:
{{- include "nplus.instanceLabels" . | nindent 4 }}
annotations:
{{- include "nplus.argoWave" . | nindent 4 }}
{{- include "nplus.annotations" . | nindent 4 }}
{{- include "nplus.securityAnnotations" . | nindent 4 }}
data:
{{ (.Files.Glob "config/*").AsConfig | indent 2 }}

33
charts/database/templates/networkpolicy.tpl Normal file
View File

@@ -0,0 +1,33 @@
{{- include "nplus.init" $ -}}
{{- if ((.this.security).cni).createNetworkPolicy }}
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: {{ .component.fullName }}
{{- if .this.utils.includeNamespace }}
namespace: {{ .Release.Namespace }}
{{- end }}
labels:
{{- include "nplus.instanceLabels" . | nindent 4 }}
annotations:
{{- include "nplus.argoWave" . | nindent 4 }}
{{- include "nplus.annotations" . | nindent 4 }}
{{- include "nplus.securityAnnotations" . | nindent 4 }}
spec:
podSelector:
matchLabels:
{{- include "nplus.selectorLabels" . | nindent 6 }}
policyTypes:
- Ingress
ingress:
- from:
# Allow access from NAPPL Cores
- podSelector:
matchLabels:
nplus/group: {{ .instance.group }}
nplus/type: core
{{- if ((.this.security).cni).excludeUnusedPorts }}
ports:
{{- include "nplus.defaultPolicyPorts" . | nindent 4 }}
{{- end }}
{{- end }}{{/* if ((.this.security).cni).createNetworkPolicy */}}

2
charts/database/templates/pdb.tpl Normal file
View File

@@ -0,0 +1,2 @@
{{- include "nplus.init" $ -}}
{{- include "nplus.podDisruptionBudget" . -}}

2
charts/database/templates/priorityclass.tpl Normal file
View File

@@ -0,0 +1,2 @@
{{- include "nplus.init" $ -}}
{{- include "nplus.priorityClass" . }}

2
charts/database/templates/pvc.tpl Normal file
View File

@@ -0,0 +1,2 @@
{{- include "nplus.init" $ -}}
{{- include "nplus.pvc" . }}

27
charts/database/templates/service.tpl Normal file
View File

@@ -0,0 +1,27 @@
{{- include "nplus.init" $ -}}
apiVersion: v1
kind: Service
metadata:
name: {{ .component.fullName }}
{{- if .this.utils.includeNamespace }}
namespace: {{ .Release.Namespace }}
{{- end }}
labels:
{{- include "nplus.instanceLabels" . | nindent 4 }}
annotations:
{{- include "nplus.argoWave" . | nindent 4 }}
{{- include "nplus.annotations" . | nindent 4 }}
{{- include "nplus.securityAnnotations" . | nindent 4 }}
{{- include "nplus.serviceAnnotations" . | nindent 4 }}
spec:
ports:
{{- include "nplus.defaultServicePorts" . | nindent 4 }}
selector:
{{- if eq .this.service.selector "component" }}
{{- include "nplus.selectorLabels" . | nindent 4 }}
{{- else if eq .this.service.selector "type" }}{{/* if eq .this.service.selector "component" else if eq .this.service.selector "type" */}}
{{- include "nplus.selectorLabelsNc" . | nindent 4 }}
{{- else }}{{/* if eq .this.service.selector "component" */}}
{{- fail (printf "Unknown Service Selector Type: %s - must be component or type" .this.service.selector) }}
{{- end }}{{/* if eq .this.service.selector "component" else */}}

126
charts/database/templates/statefulset.tpl Normal file
View File

@@ -0,0 +1,126 @@
{{- include "nplus.init" $ -}}
# Component: {{ .component.chartName }}
#
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ .component.fullName }}
{{- if .this.utils.includeNamespace }}
namespace: {{ .Release.Namespace }}
{{- end }}
labels:
{{- include "nplus.instanceLabels" . | nindent 4 }}
annotations:
{{- include "nplus.argoWave" . | nindent 4 }}
{{- include "nplus.annotations" . | nindent 4 }}
{{- include "nplus.securityAnnotations" . | nindent 4 }}
spec:
serviceName: {{ .component.fullName }}
{{- include "nplus.replicas" . | nindent 2 }}
selector:
matchLabels:
{{- include "nplus.selectorLabels" . | nindent 6 }}
podManagementPolicy: OrderedReady
updateStrategy:
type: OnDelete
minReadySeconds: 10
template:
metadata:
labels:
{{- include "nplus.templateLabels" . | nindent 8 }}
annotations:
{{- include "nplus.templateAnnotations" . | nindent 8 }}
{{- include "nplus.securityAnnotations" . | nindent 8 }}
spec:
{{- include "nplus.priorityClassName" . | nindent 6 }}
{{- include "nplus.securityIllumioReadinessGates" . | nindent 6 }}
{{- include "nplus.podSecurityContext" . | nindent 6 }}
{{- include "nplus.templateAffinity" . | nindent 6 }}
{{- include "nplus.imagePullSecrets" . | nindent 6 }}
{{- include "nplus.terminationGracePeriodSeconds" . | nindent 6 }}
initContainers:
{{- include "nplus.copyConfig" . | nindent 6 }}
{{- include "nplus.initContainers" . | nindent 6 }}
containers:
- name: postgres
image: {{ include "nplus.image" (dict "global" .Values.global "image" .Values.image) }}
imagePullPolicy: {{ include "nplus.imagePullPolicy" .Values.image }}
{{- include "nplus.containerSecurityContext" . | nindent 8 }}
{{- include "nplus.resources" . | nindent 8 }}
env:
# -- POSTGRES Admin Credentials
{{- include "nplus.envCredentials" (list
"POSTGRES_USERNAME" ($.this.dbAdmin).account
"POSTGRES_PASSWORD" ($.this.dbAdmin).password
($.this.dbAdmin).secret
) | nindent 10 }}
# -- NAPPL Postgres Connection Credentials
{{- include "nplus.envCredentials" (list
"NSCALE_USERNAME" ($.this.database).account
"NSCALE_PASSWORD" ($.this.database).password
($.this.database).secret
) | nindent 10 }}
- name: NSCALE_DATABASE
value: {{ (.this.database).name }}
{{- include "nplus.environment" . | nindent 8 }}
ports:
{{- include "nplus.defaultContainerPorts" . | nindent 8 }}
{{- if .this.utils.maintenance }}
{{- include "nplus.idle" . | nindent 8 }}
{{- else }}{{/* if .this.utils.maintenance */}}
{{- if .Values.probes }}
# -- custom probes as defined in values
{{- toYaml .Values.probes | nindent 8 }}
{{- else }}{{/* if .Values.probes */}}
# -- default nplus probes, can be overridden by probes key in values
startupProbe:
initialDelaySeconds: 10
failureThreshold: 12
periodSeconds: 10
timeoutSeconds: 5
exec:
command:
- sh
- -c
- exec pg_isready -U "postgres" -h 127.0.0.1 -p {{ required "Postgres Port must be set" ((.this.meta).ports).tcp }}
livenessProbe:
exec:
command:
- sh
- -c
- exec pg_isready -U "postgres" -h 127.0.0.1 -p {{ required "Postgres Port must be set" ((.this.meta).ports).tcp }}
periodSeconds: 30
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 6
readinessProbe:
exec:
command:
- sh
- -c
- |
pg_isready -U "postgres" -h 127.0.0.1 -p 5432 -t 1
[ -f /opt/bitnami/postgresql/tmp/.initialized ]
{{- end }}{{/* .Values.probes else */}}
{{- end }}{{/* if .this.utils.maintenance else */}}
volumeMounts:
# Postgres requires this directory to be **completely** empty,
# so also no lost&found directory.
{{- include "nplus.defaultMounts" . | nindent 8 }}
- name: custom-init-scripts
mountPath: /docker-entrypoint-initdb.d/
volumes:
- name: custom-init-scripts
configMap:
name: {{ .component.fullName }}-config
{{- include "nplus.defaultVolumes" . | nindent 6 }}