From 4d99ea41f90608818373e93bcb9d05d85b61bc47 Mon Sep 17 00:00:00 2001 From: Alexander Olofsson Date: Mon, 8 May 2023 11:19:26 +0200 Subject: [PATCH 1/2] netbox: Improve secrets handling, default probes --- charts/netbox/Chart.yaml | 2 +- .../templates/deployment-housekeeping.yaml | 11 ++++++---- .../netbox/templates/deployment-worker.yaml | 11 ++++++---- charts/netbox/templates/deployment.yaml | 11 ++++++---- charts/netbox/templates/secrets.yaml | 3 +++ charts/netbox/values.yaml | 21 +++++++++++++++++++ 6 files changed, 46 insertions(+), 13 deletions(-) diff --git a/charts/netbox/Chart.yaml b/charts/netbox/Chart.yaml index 6bc3232..48d78c6 100644 --- a/charts/netbox/Chart.yaml +++ b/charts/netbox/Chart.yaml @@ -10,7 +10,7 @@ icon: https://raw.githubusercontent.com/digitalocean/netbox/develop/netbox/proje appVersion: 3.5.1 type: application -version: 5.2.2 +version: 5.3.0 maintainers: - name: Alexander Olofsson email: ace@haxalot.com diff --git a/charts/netbox/templates/deployment-housekeeping.yaml b/charts/netbox/templates/deployment-housekeeping.yaml index 4a121c5..ff9a331 100644 --- a/charts/netbox/templates/deployment-housekeeping.yaml +++ b/charts/netbox/templates/deployment-housekeeping.yaml @@ -40,13 +40,13 @@ spec: name: {{ .Values.redis.auth.existingSecret | default (include "netbox.redis.fullname" .) }} key: {{ .Values.redis.auth.existingSecretPasswordKey | default "redis-password" }} {{- end }} - {{- if .Values.postgresql.enabled }} + {{- if (or .Values.postgresql.auth.existingSecret .Values.postgresql.enabled) }} - name: DB_PASSWORD valueFrom: secretKeyRef: - {{- if .Values.postgresql.existingSecret }} - name: {{ .Values.postgresql.existingSecret }} - key: password + {{- if .Values.postgresql.auth.existingSecret }} + name: {{ .Values.postgresql.auth.existingSecret }} + key: {{ .Values.postgresql.auth.existingSecretKey | default "password" }} {{- else }} name: {{ include "netbox.postgresql.fullname" . }} key: password @@ -57,6 +57,9 @@ spec: name: {{ include "netbox.fullname" . }} - secretRef: name: {{ include "netbox.fullname" . }} + {{- with .Values.extraEnvFrom -}} + {{ . | toYaml | nindent 12 }} + {{- end }} resources: {{- toYaml .Values.housekeeping.resources | nindent 12 }} {{- if or .Values.extraConfiguration .Values.extraPlugins }} diff --git a/charts/netbox/templates/deployment-worker.yaml b/charts/netbox/templates/deployment-worker.yaml index bde1e58..c147a21 100644 --- a/charts/netbox/templates/deployment-worker.yaml +++ b/charts/netbox/templates/deployment-worker.yaml @@ -42,13 +42,13 @@ spec: name: {{ .Values.redis.auth.existingSecret | default (include "netbox.redis.fullname" .) }} key: {{ .Values.redis.auth.existingSecretPasswordKey | default "redis-password" }} {{- end }} - {{- if .Values.postgresql.enabled }} + {{- if (or .Values.postgresql.auth.existingSecret .Values.postgresql.enabled) }} - name: DB_PASSWORD valueFrom: secretKeyRef: - {{- if .Values.postgresql.existingSecret }} - name: {{ .Values.postgresql.existingSecret }} - key: password + {{- if .Values.postgresql.auth.existingSecret }} + name: {{ .Values.postgresql.auth.existingSecret }} + key: {{ .Values.postgresql.auth.existingSecretKey | default "password" }} {{- else }} name: {{ include "netbox.postgresql.fullname" . }} key: password @@ -59,6 +59,9 @@ spec: name: {{ include "netbox.fullname" . }} - secretRef: name: {{ include "netbox.fullname" . }} + {{- with .Values.extraEnvFrom -}} + {{ . | toYaml | nindent 12 }} + {{- end }} resources: {{- toYaml .Values.worker.resources | nindent 12 }} {{- if or .Values.extraConfiguration .Values.extraPlugins }} diff --git a/charts/netbox/templates/deployment.yaml b/charts/netbox/templates/deployment.yaml index 23626f3..91f393c 100644 --- a/charts/netbox/templates/deployment.yaml +++ b/charts/netbox/templates/deployment.yaml @@ -53,13 +53,13 @@ spec: name: {{ .Values.existingDjangoSecret }} key: {{ .Values.existingDjangoSecretKey }} {{- end }} - {{- if .Values.postgresql.enabled }} + {{- if (or .Values.postgresql.auth.existingSecret .Values.postgresql.enabled) }} - name: DB_PASSWORD valueFrom: secretKeyRef: - {{- if .Values.postgresql.existingSecret }} - name: {{ .Values.postgresql.existingSecret }} - key: {{ .Values.postgresql.existingSecretKey }} + {{- if .Values.postgresql.auth.existingSecret }} + name: {{ .Values.postgresql.auth.existingSecret }} + key: {{ .Values.postgresql.auth.existingSecretKey | default "password" }} {{- else }} name: {{ include "netbox.postgresql.fullname" . }} key: password @@ -70,6 +70,9 @@ spec: name: {{ include "netbox.fullname" . }} - secretRef: name: {{ include "netbox.fullname" . }} + {{- with .Values.extraEnvFrom -}} + {{ . | toYaml | nindent 12 }} + {{- end }} ports: - name: http containerPort: 8080 diff --git a/charts/netbox/templates/secrets.yaml b/charts/netbox/templates/secrets.yaml index 687bc90..b5ab076 100644 --- a/charts/netbox/templates/secrets.yaml +++ b/charts/netbox/templates/secrets.yaml @@ -1,3 +1,4 @@ +{{ $secret := (lookup "v1" "Secret" .Release.Namespace (include "netbox.fullname" .)) -}} --- apiVersion: v1 kind: Secret @@ -17,6 +18,8 @@ data: {{- end }} {{- if .Values.djangoSecret }} SECRET_KEY: {{ .Values.djangoSecret | b64enc }} +{{- else if and $secret $secret.data.SECRET_KEY }} + SECRET_KEY: {{ $secret.data.SECRET_KEY }} {{- else if not .Values.existingDjangoSecret }} SECRET_KEY: {{ randAlphaNum 50 | b64enc }} {{- end }} diff --git a/charts/netbox/values.yaml b/charts/netbox/values.yaml index f5709dc..2c7d995 100644 --- a/charts/netbox/values.yaml +++ b/charts/netbox/values.yaml @@ -90,6 +90,12 @@ extraEnv: {} # MAX_PAGE_SIZE: 1000 # WEBHOOKS_ENABLED: true +extraEnvFrom: [] + # - configMapRef: + # name: custom-config + # - secretRef: + # name: custom-secrets + extraSecrets: {} # EMAIL_PASSWORD: netbox @@ -134,6 +140,21 @@ extraVolumes: [] extraVolumeMounts: [] +readinessProbe: + httpGet: + port: http + path: / + +livenessProbe: + httpGet: + port: http + path: / + +startupProbe: + tcpSocket: + port: http + failureThreshold: 12 + persistence: enabled: false # existingClaim: netbox-data From 5c3f524a221923fd3ddb87d546b247fbd35a4e6f Mon Sep 17 00:00:00 2001 From: Alexander Olofsson Date: Mon, 8 May 2023 12:45:51 +0200 Subject: [PATCH 2/2] netbox: Support new report/script handling --- charts/netbox/Chart.yaml | 2 +- charts/netbox/templates/deployment.yaml | 9 ++++++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/charts/netbox/Chart.yaml b/charts/netbox/Chart.yaml index 48d78c6..399d600 100644 --- a/charts/netbox/Chart.yaml +++ b/charts/netbox/Chart.yaml @@ -10,7 +10,7 @@ icon: https://raw.githubusercontent.com/digitalocean/netbox/develop/netbox/proje appVersion: 3.5.1 type: application -version: 5.3.0 +version: 5.4.0 maintainers: - name: Alexander Olofsson email: ace@haxalot.com diff --git a/charts/netbox/templates/deployment.yaml b/charts/netbox/templates/deployment.yaml index 91f393c..0e60818 100644 --- a/charts/netbox/templates/deployment.yaml +++ b/charts/netbox/templates/deployment.yaml @@ -93,7 +93,14 @@ spec: {{- toYaml .Values.resources | nindent 12 }} volumeMounts: - name: data - mountPath: /etc/netbox/media + mountPath: /opt/netbox/netbox/media + subPath: media + - name: data + mountPath: /opt/netbox/netbox/reports + subPath: reports + - name: data + mountPath: /opt/netbox/netbox/scripts + subPath: scripts {{- if .Values.extraConfiguration }} - name: netbox-extra-config mountPath: /etc/netbox/config/extra.py