From 4d34f184897cb3c11625b97ac8cc6c15388bedb2 Mon Sep 17 00:00:00 2001 From: Terry Sigle Date: Tue, 9 Feb 2021 09:17:10 -0600 Subject: [PATCH] Release 0.4.2 (#81) * Issue #78 - Adding affinity support to workload * Issue #79 - Adding pingdatagovernancepap * Adding release notes for release 0.4.2 * Issue #79 - setting EXTERNAL_HOST to proper hostname if ingress is being used * final clenaup * removed future license secret change * Add additional comment to affinity example * Remove empty line due to lint error * Trying to resolve ct lint error * Fix lint error --- charts/ping-devops/Chart.yaml | 29 +-------- charts/ping-devops/templates/NOTES.txt | 2 +- .../pingdatagovernance/configmap.yaml | 4 -- .../pingdatagovernancepap/configmap.yaml | 18 ++++++ .../pingdatagovernancepap/ingress.yaml | 8 +++ .../pingdatagovernancepap/service.yaml | 6 ++ .../pingdatagovernancepap/workload.yaml | 6 ++ .../templates/pinglib/_workload.tpl | 1 + charts/ping-devops/values.yaml | 59 ++++++++++++++++++- docs/config/container.md | 1 + docs/release-notes.md | 33 +++++++++++ 11 files changed, 134 insertions(+), 33 deletions(-) create mode 100644 charts/ping-devops/templates/pingdatagovernancepap/configmap.yaml create mode 100644 charts/ping-devops/templates/pingdatagovernancepap/ingress.yaml create mode 100644 charts/ping-devops/templates/pingdatagovernancepap/service.yaml create mode 100644 charts/ping-devops/templates/pingdatagovernancepap/workload.yaml diff --git a/charts/ping-devops/Chart.yaml b/charts/ping-devops/Chart.yaml index c452ea10..d35d3599 100644 --- a/charts/ping-devops/Chart.yaml +++ b/charts/ping-devops/Chart.yaml @@ -4,36 +4,11 @@ apiVersion: v2 name: ping-devops ######################################################################## -# 0.2.0 - Initial ping devops charts (using sprint 2009) -# 0.2.1 - Removed default storage class on directory pvc. Blank is default -# 0.2.2 - Added service-cluster to pingdatasync and pingdatagoverance for -# pingdataconsole access. -# - Appended '-cluster' to hostname for pingdataconsole. -# 0.2.3 - Resolved PD_ENGINE_PRIVATE_HOSTNAME issue on pingdataconsole configmap -# 0.2.4 - Turn off vault for ldap-sdk-tools -# 0.2.5 - Add ability to use external images (GDO-590, helm-charts/issues/10) -# 0.2.6 - Fix a regression with the clusterIdentifier on depoyments/statefulsets -# 0.2.7 - Changing default pullPolicy to Always. Helps when using changing edge tag -# Increasing liveness/readiness probe timeoutSeconds to 5 as 1 is often to short -# 0.2.8 - Cleanup _ingress template -# 0.2.9 - Create release env-vars congigmap. Provides each products PRIVATE_HOSTNAME -# 0.3.0 - Consolidate deployment/statefulset templates to a workload template -# consolidated deployment values into a workload.deployment and -# workload.statefulSet values. -# 0.3.1 - Add back {release}-env-vars configmap ref back as well as supporting -# container.envFrom values -# 0.3.2 - Refer to http://helm.pingidentity.com/release-notes/#release-032 -# 0.3.3 - Refer to http://helm.pingidentity.com/release-notes/#release-033 -# 0.3.4 - Refer to http://helm.pingidentity.com/release-notes/#release-034 -# 0.3.5 - Refer to http://helm.pingidentity.com/release-notes/#release-035 -# 0.3.6 - Refer to http://helm.pingidentity.com/release-notes/#release-036 -# 0.3.7 - Refer to http://helm.pingidentity.com/release-notes/#release-037 -# 0.3.8 - Refer to http://helm.pingidentity.com/release-notes/#release-038 -# 0.3.9 - Refer to http://helm.pingidentity.com/release-notes/#release-039 # 0.4.0 - Refer to http://helm.pingidentity.com/release-notes/#release-040 # 0.4.1 - Refer to http://helm.pingidentity.com/release-notes/#release-041 +# 0.4.2 - Refer to http://helm.pingidentity.com/release-notes/#release-042 ######################################################################## -version: 0.4.1 +version: 0.4.2 description: All Ping Identity product images with integration type: application home: https://devops.pingidentity.com/ diff --git a/charts/ping-devops/templates/NOTES.txt b/charts/ping-devops/templates/NOTES.txt index 2e9cd7e4..7198387b 100644 --- a/charts/ping-devops/templates/NOTES.txt +++ b/charts/ping-devops/templates/NOTES.txt @@ -3,7 +3,7 @@ # # {{ printf $format " " " Product " " Workload " " Ing "}} # {{ printf $format " " "---------------------" "-----------" "-----"}} -{{- $products := list "pingaccess-admin" "pingaccess-engine" "pingdataconsole" "pingdatagovernance" "pingdatasync" "pingdelegator" "pingdirectory" "pingfederate-admin" "pingfederate-engine" "---" "ldap-sdk-tools" "pd-replication-timing" }} +{{- $products := list "pingaccess-admin" "pingaccess-engine" "pingdataconsole" "pingdatagovernance" "pingdatagovernancepap" "pingdatasync" "pingdelegator" "pingdirectory" "pingfederate-admin" "pingfederate-engine" "---" "ldap-sdk-tools" "pd-replication-timing" }} {{- range $prodName := $products }} {{- if eq $prodName "---" }} # diff --git a/charts/ping-devops/templates/pingdatagovernance/configmap.yaml b/charts/ping-devops/templates/pingdatagovernance/configmap.yaml index 8a028ed6..83853005 100644 --- a/charts/ping-devops/templates/pingdatagovernance/configmap.yaml +++ b/charts/ping-devops/templates/pingdatagovernance/configmap.yaml @@ -3,8 +3,4 @@ {{- define "pingdatagovernance.configmap" -}} -{{- $top := index . 0 -}} -{{- $v := index . 1 -}} -data: - PD_ENGINE_PRIVATE_HOSTNAME: {{ include "pinglib.addreleasename" (append . $top.Values.pingdirectory.name) | quote }} {{- end -}} \ No newline at end of file diff --git a/charts/ping-devops/templates/pingdatagovernancepap/configmap.yaml b/charts/ping-devops/templates/pingdatagovernancepap/configmap.yaml new file mode 100644 index 00000000..3e29a8a3 --- /dev/null +++ b/charts/ping-devops/templates/pingdatagovernancepap/configmap.yaml @@ -0,0 +1,18 @@ +{{- include "pinglib.configmap" (list . "pingdatagovernancepap") -}} + + + +{{- define "pingdatagovernancepap.configmap" -}} +{{- $top := index . 0 -}} +{{- $v := index . 1 -}} +data: + {{- if $v.ingress.enabled }} + PING_EXTERNAL_BASE_URL: {{ printf "%s:%s" (include "pinglib.ingress.hostname" (list $top $v (index $v.ingress.hosts 0).host)) (toString $v.services.https.ingressPort) }} + {{- else }} + PING_EXTERNAL_BASE_URL: localhost:8443 + {{- end -}} +{{- end -}} + + +{{- define "pingdatagovernancepap.configmap" -}} +{{- end -}} \ No newline at end of file diff --git a/charts/ping-devops/templates/pingdatagovernancepap/ingress.yaml b/charts/ping-devops/templates/pingdatagovernancepap/ingress.yaml new file mode 100644 index 00000000..07bc42d9 --- /dev/null +++ b/charts/ping-devops/templates/pingdatagovernancepap/ingress.yaml @@ -0,0 +1,8 @@ +{{- if (merge (index .Values "pingdatagovernancepap") .Values.global).ingress.enabled }} +{{- include "pinglib.ingress" (list . "pingdatagovernancepap") -}} +{{- end -}} + + + +{{- define "pingdatagovernancepap.ingress" -}} +{{- end -}} \ No newline at end of file diff --git a/charts/ping-devops/templates/pingdatagovernancepap/service.yaml b/charts/ping-devops/templates/pingdatagovernancepap/service.yaml new file mode 100644 index 00000000..80cbc333 --- /dev/null +++ b/charts/ping-devops/templates/pingdatagovernancepap/service.yaml @@ -0,0 +1,6 @@ +{{- include "pinglib.service" (list . "pingdatagovernancepap") -}} + + + +{{- define "pingdatagovernancepap.service" -}} +{{- end -}} \ No newline at end of file diff --git a/charts/ping-devops/templates/pingdatagovernancepap/workload.yaml b/charts/ping-devops/templates/pingdatagovernancepap/workload.yaml new file mode 100644 index 00000000..e756b706 --- /dev/null +++ b/charts/ping-devops/templates/pingdatagovernancepap/workload.yaml @@ -0,0 +1,6 @@ +{{- include "pinglib.workload" (list . "pingdatagovernancepap") -}} + + + +{{- define "pingdatagovernancepap.workload" -}} +{{- end -}} \ No newline at end of file diff --git a/charts/ping-devops/templates/pinglib/_workload.tpl b/charts/ping-devops/templates/pinglib/_workload.tpl index 8563342d..a101dddd 100644 --- a/charts/ping-devops/templates/pinglib/_workload.tpl +++ b/charts/ping-devops/templates/pinglib/_workload.tpl @@ -48,6 +48,7 @@ spec: {{- end }} nodeSelector: {{ toYaml $v.container.nodeSelector | nindent 8 }} tolerations: {{ toYaml $v.container.tolerations | nindent 8 }} + affinity: {{ toYaml $v.container.affinity | nindent 8 }} initContainers: {{ include "pinglib.workload.init.waitfor" (append . $v.container.waitFor) | nindent 6 }} {{ include "pinglib.workload.init.genPrivateCert" . | nindent 6 }} diff --git a/charts/ping-devops/values.yaml b/charts/ping-devops/values.yaml index 1775e552..fff8805d 100644 --- a/charts/ping-devops/values.yaml +++ b/charts/ping-devops/values.yaml @@ -217,6 +217,7 @@ global: memory: 8Gi nodeSelector: {} tolerations: [] + affinity: {} terminationGracePeriodSeconds: 30 envFrom: [] @@ -432,7 +433,31 @@ pingdirectory: cpu: 8000m memory: 8Gi terminationGracePeriodSeconds: 300 - + # Example affinity for typical directory installation + # + # affinity: + # podAntiAffinity: + # # Add a hard requirement for each PD pod to be deployed to a different node + # requiredDuringSchedulingIgnoredDuringExecution: + # - labelSelector: + # matchExpressions: + # - key: app.kubernetes.io/name + # operator: In + # values: + # - pingdirectory + # topologyKey: "kubernetes.io/hostname" + # # Add a soft requirement for each PD pod to be deployed to a different AZ + # preferredDuringSchedulingIgnoredDuringExecution: + # - weight: 1 + # podAffinityTerm: + # labelSelector: + # matchExpressions: + # - key: app.kubernetes.io/name + # operator: In + # values: + # - pingdirectory + # topologyKey: "failure-domain.beta.kubernetes.io/zone" <--- kubernetes prior to 1.17 + # topologyKey: "topology.kubernetes.io/region" <--- kubernetes 1.17+ workload: type: StatefulSet @@ -585,6 +610,38 @@ pingdatagovernance: hosts: - pingdatagovernance._defaultDomain_ +############################################################# +# pingdatagovernancepap values +############################################################# +pingdatagovernancepap: + enabled: false + name: pingdatagovernancepap + image: + name: pingdatagovernancepap + + envs: + SERVER_PROFILE_URL: https://www.github.com/pingidentity/pingidentity-server-profiles.git + SERVER_PROFILE_PATH: pdg-pap-integration/pingdatagovernancepap + HTTPS_PORT: "8443" + services: + https: + servicePort: 8443 + containerPort: 8443 + ingressPort: 443 + dataService: true + + ingress: + hosts: + - host: pingdatagovernancepap._defaultDomain_ + paths: + - path: / + backend: + serviceName: https + tls: + - secretName: _defaultTlsSecret_ + hosts: + - pingdatagovernancepap._defaultDomain_ + ############################################################# # pingaccess-admin values ############################################################# diff --git a/docs/config/container.md b/docs/config/container.md index 286dda00..7dc12957 100644 --- a/docs/config/container.md +++ b/docs/config/container.md @@ -24,6 +24,7 @@ global: memory: 8Gi nodeSelector: {} tolerations: [] + affinity: {} terminationGracePeriodSeconds: 30 securityContext: {} ``` diff --git a/docs/release-notes.md b/docs/release-notes.md index 35e25327..ab7f9586 100644 --- a/docs/release-notes.md +++ b/docs/release-notes.md @@ -1,6 +1,39 @@ # Release Notes +## Release 0.4.2 + +* [Issue #79](https://github.com/pingidentity/helm-charts/issues/79) - Adding support for product PingDataGovernance PAP +* [Issue #78](https://github.com/pingidentity/helm-charts/issues/78) - Adding support to provide affinity definition to the workload of a product. + + !!! note "Example values.yaml to add podAntiAffinity to pingdirectory" + ```yaml + pingdirectory: + container: + affinity: + podAntiAffinity: + # Add a hard requirement for each PD pod to be deployed to a different node + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - pingdirectory + topologyKey: "kubernetes.io/hostname" + # Add a soft requirement for each PD pod to be deployed to a different AZ + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 1 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - pingdirectory + topologyKey: "failure-domain.beta.kubernetes.io/zone" + ``` + ## Release 0.4.1 * Change default image tag to `2101` (January 2021).