Skip to content

Commit

Permalink
Merge remote-tracking branch 'origin/master' into rel_6_9_tracking
Browse files Browse the repository at this point in the history
  • Loading branch information
dotasek committed Nov 8, 2023
2 parents 49c3db2 + 3640bd0 commit 5ae8349
Show file tree
Hide file tree
Showing 8 changed files with 86 additions and 23 deletions.
3 changes: 2 additions & 1 deletion .github/workflows/chart-test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:
- name: Install helm-docs
working-directory: /tmp
env:
HELM_DOCS_URL: https://github.com/norwoodj/helm-docs/releases/download/v1.11.0/helm-docs_1.11.0_Linux_x86_64.tar.gz
HELM_DOCS_URL: https://github.com/norwoodj/helm-docs/releases/download/v1.11.3/helm-docs_1.11.3_Linux_x86_64.tar.gz
run: |
curl -LSs $HELM_DOCS_URL | tar xz && \
mv ./helm-docs /usr/local/bin/helm-docs && \
Expand All @@ -30,6 +30,7 @@ jobs:
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
with:
fetch-depth: 0

- name: Check if documentation is up-to-date
run: helm-docs && git diff --exit-code HEAD

Expand Down
16 changes: 8 additions & 8 deletions charts/hapi-fhir-jpaserver/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,18 +10,18 @@ dependencies:
version: 12.5.6
repository: oci://registry-1.docker.io/bitnamicharts
condition: postgresql.enabled
appVersion: 6.6.0
version: 0.13.0
appVersion: 6.8.3
version: 0.14.0
annotations:
artifacthub.io/license: Apache-2.0
artifacthub.io/changes: |
# When using the list of objects option the valid supported kinds are
# added, changed, deprecated, removed, fixed, and security.
- kind: added
description: allow specifying application properties via yaml config
description: updated starter image to 6.8.3
- kind: fixed
description: incorrect handling of existing secret database config
- kind: added
description: allow setting resource limits and requests for the Helm test pods
- kind: changed
description: updated curl used by helm tests to version to v8.2.0
- kind: changed
description: allow disabling the liveness-, readiness-, and startup-probes entirely
description: support for using a non-admin user for the postgres database
- kind: added
description: ability to create a dedicated ServiceAccount
10 changes: 7 additions & 3 deletions charts/hapi-fhir-jpaserver/README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# HAPI FHIR JPA Server Starter Helm Chart

![Version: 0.13.0](https://img.shields.io/badge/Version-0.13.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 6.6.0](https://img.shields.io/badge/AppVersion-6.6.0-informational?style=flat-square)
![Version: 0.14.0](https://img.shields.io/badge/Version-0.14.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 6.8.3](https://img.shields.io/badge/AppVersion-6.8.3-informational?style=flat-square)

This helm chart will help you install the HAPI FHIR JPA Server in a Kubernetes environment.

Expand Down Expand Up @@ -36,7 +36,7 @@ helm install hapi-fhir-jpaserver hapifhir/hapi-fhir-jpaserver
| image.pullPolicy | string | `"IfNotPresent"` | image pullPolicy to use |
| image.registry | string | `"docker.io"` | registry where the HAPI FHIR server image is hosted |
| image.repository | string | `"hapiproject/hapi"` | the path inside the repository |
| image.tag | string | `"v6.6.0@sha256:c00367865ae5dad4e171cbb68bfc1c39818854079d1565bee4c86a45e78335d0"` | the image tag. As of v5.7.0, this is the `distroless` flavor by default, add `-tomcat` to use the Tomcat-based image. |
| image.tag | string | `"v6.8.3@sha256:6195f1116ebabfb0a608addde043b3e524c456c4d4f35b3d25025afd7dcd2e27"` | the image tag. As of v5.7.0, this is the `distroless` flavor by default, add `-tomcat` to use the Tomcat-based image. |
| imagePullSecrets | list | `[]` | image pull secrets to use when pulling the image |
| ingress.annotations | object | `{}` | provide any additional annotations which may be required. Evaluated as a template. |
| ingress.enabled | bool | `false` | whether to create an Ingress to expose the FHIR server HTTP endpoint |
Expand Down Expand Up @@ -73,6 +73,10 @@ helm install hapi-fhir-jpaserver hapifhir/hapi-fhir-jpaserver
| securityContext.seccompProfile.type | string | `"RuntimeDefault"` | |
| service.port | int | `8080` | port where the server will be exposed at |
| service.type | string | `"ClusterIP"` | service type |
| serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
| serviceAccount.automount | bool | `true` | Automatically mount a ServiceAccount's API credentials? |
| serviceAccount.create | bool | `false` | Specifies whether a service account should be created. |
| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
| tests.resources | object | `{}` | configure the test pods resource requests and limits |
| tolerations | list | `[]` | pod tolerations |
| topologySpreadConstraints | list | `[]` | pod topology spread configuration see: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#api |
Expand Down Expand Up @@ -139,4 +143,4 @@ kubectl port-forward -n observability service/simplest-query 16686:16686
and opening <http://localhost:16686/> in your browser.

----------------------------------------------
Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0)
Autogenerated from chart metadata using [helm-docs v1.11.3](https://github.com/norwoodj/helm-docs/releases/v1.11.3)
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
postgresql:
enabled: true
auth:
username: hapi_fhir_jpaserver_starter_user
database: hapi_fhir_jpaserver_starter
password: secret_user_password
postgresPassword: secret_postgres_password
41 changes: 33 additions & 8 deletions charts/hapi-fhir-jpaserver/templates/_helpers.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,17 @@ app.kubernetes.io/name: {{ include "hapi-fhir-jpaserver.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

{{/*
Create the name of the service account to use
*/}}
{{- define "hapi-fhir-jpaserver.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "hapi-fhir-jpaserver.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

{{/*
Create a default fully qualified postgresql name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
Expand All @@ -63,10 +74,12 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this
Get the Postgresql credentials secret name.
*/}}
{{- define "hapi-fhir-jpaserver.postgresql.secretName" -}}
{{- if and (.Values.postgresql.enabled) (not .Values.postgresql.auth.existingSecret) -}}
{{- printf "%s" (include "hapi-fhir-jpaserver.postgresql.fullname" .) -}}
{{- else if and (.Values.postgresql.enabled) (.Values.postgresql.auth.existingSecret) -}}
{{- printf "%s" .Values.postgresql.auth.existingSecret -}}
{{- if .Values.postgresql.enabled -}}
{{- if .Values.postgresql.auth.existingSecret -}}
{{- printf "%s" .Values.postgresql.auth.existingSecret -}}
{{- else -}}
{{- printf "%s" (include "hapi-fhir-jpaserver.postgresql.fullname" .) -}}
{{- end -}}
{{- else }}
{{- if .Values.externalDatabase.existingSecret -}}
{{- printf "%s" .Values.externalDatabase.existingSecret -}}
Expand All @@ -80,10 +93,18 @@ Get the Postgresql credentials secret name.
Get the Postgresql credentials secret key.
*/}}
{{- define "hapi-fhir-jpaserver.postgresql.secretKey" -}}
{{- if (.Values.externalDatabase.existingSecret) -}}
{{- printf "%s" .Values.externalDatabase.existingSecretKey -}}
{{- if .Values.postgresql.enabled -}}
{{- if .Values.postgresql.auth.username -}}
{{- printf "%s" .Values.postgresql.auth.secretKeys.userPasswordKey -}}
{{- else -}}
{{- printf "%s" .Values.postgresql.auth.secretKeys.adminPasswordKey -}}
{{- end -}}
{{- else }}
{{- printf "postgres-password" -}}
{{- if .Values.externalDatabase.existingSecret -}}
{{- printf "%s" .Values.externalDatabase.existingSecretKey -}}
{{- else -}}
{{- printf "postgres-password" -}}
{{- end -}}
{{- end -}}
{{- end -}}

Expand All @@ -98,7 +119,11 @@ Add environment variables to configure database values
Add environment variables to configure database values
*/}}
{{- define "hapi-fhir-jpaserver.database.user" -}}
{{- ternary "postgres" .Values.externalDatabase.user .Values.postgresql.enabled -}}
{{- if .Values.postgresql.enabled -}}
{{- printf "%s" .Values.postgresql.auth.username | default "postgres" -}}
{{- else -}}
{{- printf "%s" .Values.externalDatabase.user -}}
{{- end -}}
{{- end -}}

{{/*
Expand Down
1 change: 1 addition & 0 deletions charts/hapi-fhir-jpaserver/templates/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ spec:
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "hapi-fhir-jpaserver.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
initContainers:
Expand Down
13 changes: 13 additions & 0 deletions charts/hapi-fhir-jpaserver/templates/serviceaccount.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
{{- if .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "hapi-fhir-jpaserver.serviceAccountName" . }}
labels:
{{- include "hapi-fhir-jpaserver.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
automountServiceAccountToken: {{ .Values.serviceAccount.automount }}
{{- end }}
18 changes: 15 additions & 3 deletions charts/hapi-fhir-jpaserver/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ image:
# -- the path inside the repository
repository: hapiproject/hapi
# -- the image tag. As of v5.7.0, this is the `distroless` flavor by default, add `-tomcat` to use the Tomcat-based image.
tag: "v6.6.0@sha256:c00367865ae5dad4e171cbb68bfc1c39818854079d1565bee4c86a45e78335d0"
tag: "v6.8.3@sha256:6195f1116ebabfb0a608addde043b3e524c456c4d4f35b3d25025afd7dcd2e27"
# -- image pullPolicy to use
pullPolicy: IfNotPresent

Expand Down Expand Up @@ -198,6 +198,17 @@ podDisruptionBudget:
# -- maximum unavailable instances
maxUnavailable: ""

serviceAccount:
# -- Specifies whether a service account should be created.
create: false
# -- Annotations to add to the service account
annotations: {}
# -- The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
# -- Automatically mount a ServiceAccount's API credentials?
automount: true

metrics:
serviceMonitor:
# -- if enabled, creates a ServiceMonitor instance for Prometheus Operator-based monitoring
Expand Down Expand Up @@ -229,7 +240,7 @@ curl:
image:
registry: docker.io
repository: curlimages/curl
tag: 8.2.0@sha256:daf3f46a2639c1613b25e85c9ee4193af8a1d538f92483d67f9a3d7f21721827
tag: 8.4.0@sha256:4a3396ae573c44932d06ba33f8696db4429c419da87cbdc82965ee96a37dd0af

tests:
# -- configure the test pods resource requests and limits
Expand All @@ -242,7 +253,8 @@ tests:
# memory: 128Mi

# -- additional Spring Boot application config. Mounted as a file and automatically loaded by the application.
extraConfig: ""
extraConfig:
""
# # For example:
# |
# hapi:
Expand Down

0 comments on commit 5ae8349

Please sign in to comment.