From ad26130d797c8278601271c024c373f6d7c16ac1 Mon Sep 17 00:00:00 2001
From: Alexander Olofsson <ace@haxalot.com>
Date: Thu, 9 Mar 2023 18:57:14 +0100
Subject: [PATCH] matrix-synapse: Improve first install experience

Now runs the signing key generation job as a pre-install hook, to avoid
creating an initial matrix-synapse pod that can't run due to missing the
signing key.
---
 charts/matrix-synapse/templates/NOTES.txt           |  3 +++
 .../templates/configuration-scripts.yaml            |  2 ++
 charts/matrix-synapse/templates/secrets.yaml        |  1 +
 .../matrix-synapse/templates/signing-key-job.yaml   | 13 ++++++++++++-
 4 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/charts/matrix-synapse/templates/NOTES.txt b/charts/matrix-synapse/templates/NOTES.txt
index 1a7dfb8..5d8ce00 100644
--- a/charts/matrix-synapse/templates/NOTES.txt
+++ b/charts/matrix-synapse/templates/NOTES.txt
@@ -1,4 +1,7 @@
 ** Note, this chart may take a while to finish setup, please be patient **
+{{- if .Values.signingkey.job.enabled }}
+** Also, remember to disable the signingkey job (signingkey.job.enabled=false) **
+{{- end }}
 {{- if not .Values.ingress.enabled }}
 
 Synapse has been installed without an ingress, you will need to manage
diff --git a/charts/matrix-synapse/templates/configuration-scripts.yaml b/charts/matrix-synapse/templates/configuration-scripts.yaml
index a4e79fa..8f090a4 100644
--- a/charts/matrix-synapse/templates/configuration-scripts.yaml
+++ b/charts/matrix-synapse/templates/configuration-scripts.yaml
@@ -5,5 +5,7 @@ metadata:
   name: {{ include "matrix-synapse.fullname" . }}-scripts
   labels:
     {{- include "matrix-synapse.labels" . | nindent 4 }}
+  annotations:
+    helm.sh/hook: pre-install
 data:
 {{ (.Files.Glob "scripts/*.sh").AsConfig | indent 2 }}
diff --git a/charts/matrix-synapse/templates/secrets.yaml b/charts/matrix-synapse/templates/secrets.yaml
index c8c3ec3..acf22bb 100644
--- a/charts/matrix-synapse/templates/secrets.yaml
+++ b/charts/matrix-synapse/templates/secrets.yaml
@@ -95,6 +95,7 @@ apiVersion: v1
 kind: Secret
 metadata:
   annotations:
+    helm.sh/hook: pre-install
     helm.sh/resource-policy: keep
   name: {{ $name }}
   labels:
diff --git a/charts/matrix-synapse/templates/signing-key-job.yaml b/charts/matrix-synapse/templates/signing-key-job.yaml
index 85417c0..ebd5191 100644
--- a/charts/matrix-synapse/templates/signing-key-job.yaml
+++ b/charts/matrix-synapse/templates/signing-key-job.yaml
@@ -12,6 +12,9 @@ metadata:
   labels:
     {{- include "matrix-synapse.labels" . | nindent 4 }}
     app.kubernetes.io/component: signingkey-job
+  annotations:
+    helm.sh/hook: pre-install
+    helm.sh/hook-delete-policy: hook-succeeded
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
@@ -20,6 +23,9 @@ metadata:
   labels:
     {{- include "matrix-synapse.labels" . | nindent 4 }}
     app.kubernetes.io/component: signingkey-job
+  annotations:
+    helm.sh/hook: pre-install
+    helm.sh/hook-delete-policy: hook-succeeded
 rules:
   - apiGroups:
       - ""
@@ -39,6 +45,9 @@ metadata:
   labels:
     {{- include "matrix-synapse.labels" . | nindent 4 }}
     app.kubernetes.io/component: signingkey-job
+  annotations:
+    helm.sh/hook: pre-install
+    helm.sh/hook-delete-policy: hook-succeeded
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
@@ -55,8 +64,10 @@ metadata:
   labels:
     {{- include "matrix-synapse.labels" . | nindent 4 }}
     app.kubernetes.io/component: signingkey-job
-  {{- with .Values.signingkey.job.annotations }}
   annotations:
+    helm.sh/hook: pre-install
+    helm.sh/hook-delete-policy: hook-succeeded
+  {{- with .Values.signingkey.job.annotations }}
     {{- toYaml . | nindent 4 }}
   {{- end }}
 spec: