From 31e968fa5ba572575bf2677aa5bfe15f48680922 Mon Sep 17 00:00:00 2001 From: Ben Rometsch Date: Thu, 6 Jun 2024 23:18:39 +0900 Subject: [PATCH 1/6] Flagsmith docker image version bump (#233) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- charts/flagsmith/Chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/flagsmith/Chart.yaml b/charts/flagsmith/Chart.yaml index 7011f64..ca4c947 100644 --- a/charts/flagsmith/Chart.yaml +++ b/charts/flagsmith/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: flagsmith description: Flagsmith type: application -version: 0.42.0 -appVersion: 2.118.1 +version: 0.43.0 +appVersion: 2.119.1 dependencies: - name: postgresql repository: https://charts.bitnami.com/bitnami From 20786ca9223c16d6aca50d7def282d42b9806302 Mon Sep 17 00:00:00 2001 From: Ben Rometsch Date: Wed, 12 Jun 2024 11:29:11 +0900 Subject: [PATCH 2/6] Flagsmith docker image version bump (#234) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- charts/flagsmith/Chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/flagsmith/Chart.yaml b/charts/flagsmith/Chart.yaml index ca4c947..e7ca141 100644 --- a/charts/flagsmith/Chart.yaml +++ b/charts/flagsmith/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: flagsmith description: Flagsmith type: application -version: 0.43.0 -appVersion: 2.119.1 +version: 0.44.0 +appVersion: 2.120.0 dependencies: - name: postgresql repository: https://charts.bitnami.com/bitnami From 241fe8c5d733bfecfe117872fa6e9e4259844bb9 Mon Sep 17 00:00:00 2001 From: Kim Gustyr Date: Thu, 13 Jun 2024 12:57:38 +0100 Subject: [PATCH 3/6] feat: Add default user/organisation/project bootstrapping (#232) --- charts/flagsmith/Chart.yaml | 2 +- charts/flagsmith/templates/NOTES.txt | 15 +++++++++++--- .../flagsmith/templates/deployment-api.yaml | 20 +++++++++++++++++++ charts/flagsmith/values.yaml | 8 ++++++++ 4 files changed, 41 insertions(+), 4 deletions(-) diff --git a/charts/flagsmith/Chart.yaml b/charts/flagsmith/Chart.yaml index e7ca141..79b8775 100644 --- a/charts/flagsmith/Chart.yaml +++ b/charts/flagsmith/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: flagsmith description: Flagsmith type: application -version: 0.44.0 +version: 0.45.0 appVersion: 2.120.0 dependencies: - name: postgresql diff --git a/charts/flagsmith/templates/NOTES.txt b/charts/flagsmith/templates/NOTES.txt index 35f58f1..a7712b4 100644 --- a/charts/flagsmith/templates/NOTES.txt +++ b/charts/flagsmith/templates/NOTES.txt @@ -9,6 +9,12 @@ kubectl -n {{ .Release.Namespace }} port-forward svc/{{ include "flagsmith.fulln Then access http://localhost:8080 in a browser. +{{- if .Values.api.bootstrap.enabled }} +To see the password reset link for pre-created admin user, run: + +kubectl -n {{ .Release.Namespace }} logs pods/{{ include "flagsmith.fullname" . }}-api -c bootstrap +{{- end }} + {{ if not (and .Values.ingress.frontend.enabled .Values.ingress.api.enabled) }} {{- $noIngressFor := (list) -}} @@ -24,7 +30,7 @@ for information about how to gain web access to the application. {{- end }} -{{- if not .Values.api.secretKey }} +{{- if or (not .Values.api.secretKeyFromExistingSecret.enabled) (not .Values.api.secretKey) }} ###################################### ##### Warning: no secret key set ##### @@ -32,8 +38,11 @@ for information about how to gain web access to the application. No secret key is set, a new one will be randomly generated at each deployment. For production systems, it is strongly recommended to -generate a large random value and set it at `api.secretKey`. It must -be kept secret. +generate a large random value, store it in a secret, and set the following values: + +`api.secretKeyFromExistingSecret.enabled` to `true` +`api.secretKeyFromExistingSecret.name` to secret name +`api.secretKeyFromExistingSecret.key` to secret key See https://docs.flagsmith.com/deployment/locally-api#creating-a-secret-key {{- end }} diff --git a/charts/flagsmith/templates/deployment-api.yaml b/charts/flagsmith/templates/deployment-api.yaml index f12c96e..72f3489 100644 --- a/charts/flagsmith/templates/deployment-api.yaml +++ b/charts/flagsmith/templates/deployment-api.yaml @@ -78,6 +78,26 @@ spec: args: ["migrate"] env: {{ include (print $.Template.BasePath "/_api_environment.yaml") . | nindent 8 }} {{- end }} +{{- if .Values.api.bootstrap.enabled }} + - name: bootstrap + image: {{ .Values.api.image.repository }}:{{ .Values.api.image.tag | default (printf "%s" .Chart.AppVersion) }} + imagePullPolicy: {{ .Values.api.image.imagePullPolicy }} + command: ["/bin/sh", "-c"] + args: ["python manage.py waitfordb && python manage.py bootstrap"] + env: {{ include (print $.Template.BasePath "/_api_environment.yaml") . | nindent 8 }} + {{- if .Values.api.bootstrap.adminEmail }} + - name: ADMIN_EMAIL + value: {{ .Values.api.bootstrap.adminEmail }} + {{- end }} + {{- if .Values.api.bootstrap.organisationName }} + - name: ORGANISATION_NAME + value: {{ .Values.api.bootstrap.organisationName }} + {{- end }} + {{- if .Values.api.bootstrap.projectName }} + - name: PROJECT_NAME + value: {{ .Values.api.bootstrap.projectName }} + {{- end }} +{{- end }} {{- if .Values.api.influxdbSetup.enabled }} - name: influxdb-setup image: {{ .Values.api.image.repository }}:{{ .Values.api.image.tag | default (printf "%s" .Chart.AppVersion) }} diff --git a/charts/flagsmith/values.yaml b/charts/flagsmith/values.yaml index da4f3fc..c14b647 100644 --- a/charts/flagsmith/values.yaml +++ b/charts/flagsmith/values.yaml @@ -79,6 +79,14 @@ api: logging: format: generic # options are generic or json. enableMigrateDbInitContainer: true + bootstrap: + # Set to `true` to create initial superuser, organisation, and project. + # If `adminEmail`, `organisationName` or `projectName` not set, defaults are used. + # Bootstrapping does nothing if app database is not empty. + enabled: false + adminEmail: null + organisationName: null + projectName: null frontend: # Set this to `false` to switch off the frontend (deployment, From 85565b8525d4129e90a54655c47328da526169eb Mon Sep 17 00:00:00 2001 From: Kim Gustyr Date: Wed, 19 Jun 2024 15:08:39 +0100 Subject: [PATCH 4/6] feat: Ability to specify `serviceAccountName` (#240) --- charts/flagsmith/Chart.yaml | 2 +- charts/flagsmith/templates/deployment-api.yaml | 3 +++ charts/flagsmith/templates/deployment-frontend.yaml | 3 +++ charts/flagsmith/templates/deployment-pgbouncer.yaml | 3 +++ charts/flagsmith/templates/deployment-task-processor.yaml | 3 +++ 5 files changed, 13 insertions(+), 1 deletion(-) diff --git a/charts/flagsmith/Chart.yaml b/charts/flagsmith/Chart.yaml index 79b8775..20d01b0 100644 --- a/charts/flagsmith/Chart.yaml +++ b/charts/flagsmith/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: flagsmith description: Flagsmith type: application -version: 0.45.0 +version: 0.46.0 appVersion: 2.120.0 dependencies: - name: postgresql diff --git a/charts/flagsmith/templates/deployment-api.yaml b/charts/flagsmith/templates/deployment-api.yaml index 72f3489..dc7da9d 100644 --- a/charts/flagsmith/templates/deployment-api.yaml +++ b/charts/flagsmith/templates/deployment-api.yaml @@ -70,6 +70,9 @@ spec: {{- $securityContext = $securityContext | merge (omit .Values.api.defaultPodSecurityContext "enabled") }} {{- end }} {{- toYaml $securityContext | nindent 8 }} + {{- if .Values.api.serviceAccountName }} + serviceAccountName: {{ .Values.api.serviceAccountName }} + {{- end }} initContainers: {{- if .Values.api.enableMigrateDbInitContainer }} - name: migrate-db diff --git a/charts/flagsmith/templates/deployment-frontend.yaml b/charts/flagsmith/templates/deployment-frontend.yaml index a0e1797..3f87187 100644 --- a/charts/flagsmith/templates/deployment-frontend.yaml +++ b/charts/flagsmith/templates/deployment-frontend.yaml @@ -64,6 +64,9 @@ spec: {{- $securityContext = $securityContext | merge (omit .Values.frontend.defaultPodSecurityContext "enabled") }} {{- end }} {{- toYaml $securityContext | nindent 8 }} + {{- if .Values.frontend.serviceAccountName }} + serviceAccountName: {{ .Values.api.serviceAccountName }} + {{- end }} {{- with .Values.frontend.extraInitContainers }} initContainers: {{- toYaml . | nindent 6 }} diff --git a/charts/flagsmith/templates/deployment-pgbouncer.yaml b/charts/flagsmith/templates/deployment-pgbouncer.yaml index 64a04c3..9c5b1b3 100644 --- a/charts/flagsmith/templates/deployment-pgbouncer.yaml +++ b/charts/flagsmith/templates/deployment-pgbouncer.yaml @@ -65,6 +65,9 @@ spec: {{- $securityContext = $securityContext | merge (omit .Values.pgbouncer.defaultPodSecurityContext "enabled") }} {{- end }} {{- toYaml $securityContext | nindent 8 }} + {{- if .Values.pgbouncer.serviceAccountName }} + serviceAccountName: {{ .Values.api.serviceAccountName }} + {{- end }} {{- with .Values.pgbouncer.extraInitContainers }} initContainers: {{- toYaml . | nindent 6 }} diff --git a/charts/flagsmith/templates/deployment-task-processor.yaml b/charts/flagsmith/templates/deployment-task-processor.yaml index 390ca32..9a3b72c 100644 --- a/charts/flagsmith/templates/deployment-task-processor.yaml +++ b/charts/flagsmith/templates/deployment-task-processor.yaml @@ -68,6 +68,9 @@ spec: {{- $securityContext = $securityContext | merge (omit .Values.taskProcessor.defaultPodSecurityContext "enabled") }} {{- end }} {{- toYaml $securityContext | nindent 8 }} + {{- if .Values.taskProcessor.serviceAccountName }} + serviceAccountName: {{ .Values.api.serviceAccountName }} + {{- end }} {{- with .Values.taskProcessor.extraInitContainers }} initContainers: {{- toYaml . | nindent 6 }} From c757de271429702ed02a78ae8472a01ba21748db Mon Sep 17 00:00:00 2001 From: Kim Gustyr Date: Wed, 19 Jun 2024 17:03:14 +0100 Subject: [PATCH 5/6] fix: Incorrect `serviceAccountName` values (#241) * fix: Incorrect serviceAccountName values used --- charts/flagsmith/Chart.yaml | 2 +- charts/flagsmith/templates/deployment-frontend.yaml | 2 +- charts/flagsmith/templates/deployment-pgbouncer.yaml | 2 +- charts/flagsmith/templates/deployment-task-processor.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/flagsmith/Chart.yaml b/charts/flagsmith/Chart.yaml index 20d01b0..d59529e 100644 --- a/charts/flagsmith/Chart.yaml +++ b/charts/flagsmith/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: flagsmith description: Flagsmith type: application -version: 0.46.0 +version: 0.47.0 appVersion: 2.120.0 dependencies: - name: postgresql diff --git a/charts/flagsmith/templates/deployment-frontend.yaml b/charts/flagsmith/templates/deployment-frontend.yaml index 3f87187..bae5f54 100644 --- a/charts/flagsmith/templates/deployment-frontend.yaml +++ b/charts/flagsmith/templates/deployment-frontend.yaml @@ -65,7 +65,7 @@ spec: {{- end }} {{- toYaml $securityContext | nindent 8 }} {{- if .Values.frontend.serviceAccountName }} - serviceAccountName: {{ .Values.api.serviceAccountName }} + serviceAccountName: {{ .Values.frontend.serviceAccountName }} {{- end }} {{- with .Values.frontend.extraInitContainers }} initContainers: diff --git a/charts/flagsmith/templates/deployment-pgbouncer.yaml b/charts/flagsmith/templates/deployment-pgbouncer.yaml index 9c5b1b3..ad7770b 100644 --- a/charts/flagsmith/templates/deployment-pgbouncer.yaml +++ b/charts/flagsmith/templates/deployment-pgbouncer.yaml @@ -66,7 +66,7 @@ spec: {{- end }} {{- toYaml $securityContext | nindent 8 }} {{- if .Values.pgbouncer.serviceAccountName }} - serviceAccountName: {{ .Values.api.serviceAccountName }} + serviceAccountName: {{ .Values.pgbouncer.serviceAccountName }} {{- end }} {{- with .Values.pgbouncer.extraInitContainers }} initContainers: diff --git a/charts/flagsmith/templates/deployment-task-processor.yaml b/charts/flagsmith/templates/deployment-task-processor.yaml index 9a3b72c..913ec1f 100644 --- a/charts/flagsmith/templates/deployment-task-processor.yaml +++ b/charts/flagsmith/templates/deployment-task-processor.yaml @@ -69,7 +69,7 @@ spec: {{- end }} {{- toYaml $securityContext | nindent 8 }} {{- if .Values.taskProcessor.serviceAccountName }} - serviceAccountName: {{ .Values.api.serviceAccountName }} + serviceAccountName: {{ .Values.taskProcessor.serviceAccountName }} {{- end }} {{- with .Values.taskProcessor.extraInitContainers }} initContainers: From c7c6558a14aa77588b18dfe9cb41323cdd642698 Mon Sep 17 00:00:00 2001 From: Kim Gustyr Date: Thu, 20 Jun 2024 20:31:56 +0100 Subject: [PATCH 6/6] feat: `serviceAccountName` for migrate job, expose `migrate-and-serve` entrypoint (#243) --- charts/flagsmith/Chart.yaml | 2 +- charts/flagsmith/templates/deployment-api.yaml | 5 ++++- charts/flagsmith/templates/jobs-migrate-db.yaml | 3 +++ 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/flagsmith/Chart.yaml b/charts/flagsmith/Chart.yaml index d59529e..d6f0b6b 100644 --- a/charts/flagsmith/Chart.yaml +++ b/charts/flagsmith/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: flagsmith description: Flagsmith type: application -version: 0.47.0 +version: 0.48.0 appVersion: 2.120.0 dependencies: - name: postgresql diff --git a/charts/flagsmith/templates/deployment-api.yaml b/charts/flagsmith/templates/deployment-api.yaml index dc7da9d..d60fc41 100644 --- a/charts/flagsmith/templates/deployment-api.yaml +++ b/charts/flagsmith/templates/deployment-api.yaml @@ -120,8 +120,11 @@ spec: - name: {{ .Chart.Name }}-api image: {{ .Values.api.image.repository }}:{{ .Values.api.image.tag | default (printf "%s" .Chart.AppVersion) }} imagePullPolicy: {{ .Values.api.image.imagePullPolicy }} - # command: ["sleep", "3600"] + {{- if .Values.api.enableMigrateAndServe }} + args: ["migrate-and-serve"] + {{- else }} args: ["serve"] + {{- end }} ports: - containerPort: {{ .Values.service.api.port }} env: {{ include (print $.Template.BasePath "/_api_environment.yaml") . | nindent 8 }} diff --git a/charts/flagsmith/templates/jobs-migrate-db.yaml b/charts/flagsmith/templates/jobs-migrate-db.yaml index 4dcaf53..010136f 100644 --- a/charts/flagsmith/templates/jobs-migrate-db.yaml +++ b/charts/flagsmith/templates/jobs-migrate-db.yaml @@ -52,6 +52,9 @@ spec: {{- $securityContext = $securityContext | merge (omit .Values.jobs.migrateDb.defaultPodSecurityContext "enabled") }} {{- end }} {{- toYaml $securityContext | nindent 8 }} + {{- if .Values.jobs.migrateDb.serviceAccountName }} + serviceAccountName: {{ .Values.jobs.migrateDb.serviceAccountName }} + {{- end }} {{- if .Values.jobs.migrateDb.shareProcessNamespace }} shareProcessNamespace: true {{- end }}