diff --git a/chart/templates/configmap.yaml b/chart/templates/configmap.yaml new file mode 100644 index 000000000..0c3e2cebb --- /dev/null +++ b/chart/templates/configmap.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "canary-checker.name" . }} + labels: + {{- include "canary-checker.labels" . | nindent 4 }} +data: + canary-checker.properties: | + {{- range $k, $v := .Values.disableChecks }} + check.disabled.{{ $k }}={{ $v }} + {{- end }} diff --git a/chart/templates/deployment.yaml b/chart/templates/deployment.yaml index a5a358b20..6f8aa38f4 100644 --- a/chart/templates/deployment.yaml +++ b/chart/templates/deployment.yaml @@ -52,6 +52,9 @@ spec: - path: "labels" fieldRef: fieldPath: metadata.labels + - name: config + configMap: + name: {{ include "canary-checker.name" . }} securityContext: fsGroup: 1000 containers: @@ -74,11 +77,16 @@ spec: {{- if eq .Values.db.external.enabled true }} valueFrom: secretKeyRef: - name: {{ .Values.db.external.secretKeyRef.name }} + name: {{ .Values.db.external.secretKeyRef.name }} key: {{ .Values.db.external.secretKeyRef.key }} {{- else }} value: "embedded:///opt/database/" {{- end }} + {{- if .Values.upstream.enabled }} + envFrom: + - secretRef: + name: {{ include "canary-checker.name" . }} + {{- end }} volumeMounts: {{- if eq .Values.dockerSocket true }} - name: dockersock @@ -96,6 +104,9 @@ spec: {{- end }} - mountPath: /etc/podinfo name: podinfo + - mountPath: /app/canary-checker.properties + name: config + subpath: canary-checker.properties command: - /app/canary-checker args: @@ -105,6 +116,23 @@ spec: - "8080" - --disable-postgrest={{ .Values.disablePostgrest }} - --db-migrations={{ .Values.db.runMigrations }} + - --cache-timeout={{ .Values.data.cacheTimeoutDays }} + - --default-window={{ .Values.data.defaultSearchWindow }} + - --check-status-retention-period={{ .Values.data.checkStatusRetentionDays }} + - --check-retention-period={{ .Values.data.checkRetentionDays }} + - --canary-retention-period={{ .Values.data.canaryRetentionDays }} + {{- if ne .Values.canaryNamespace "" }} + - --namespace={{ .Values.canaryNamespace }} + {{- end }} + {{- if gt (int .Values.replicas) 1 }} + - --enable-leader-election=true + {{- end }} + {{- if .Values.upstream.enabled }} + - --agent-name={{ .Values.upstream.agentName }} + - --upstream-host={{ .Values.upstream.host }} + - --upstream-user=$UPSTREAM_USER + - --upstream-password=$UPSTREAM_PASSWORD + {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} livenessProbe: diff --git a/chart/templates/secret.yaml b/chart/templates/secret.yaml new file mode 100644 index 000000000..eaa352544 --- /dev/null +++ b/chart/templates/secret.yaml @@ -0,0 +1,9 @@ +{{- if .Values.upstream.enabled }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "canary-checker.name" . }} +data: + UPSTREAM_USERNAME: {{ .Values.upstream.username | b64enc }} + UPSTREAM_PASSWORD: {{ .Values.upstream.password | b64enc }} +{{- end }} diff --git a/chart/values.yaml b/chart/values.yaml index 8b0e0f58d..1474340b1 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -27,6 +27,9 @@ grafanaDashboards: false debug: false logLevel: "-v" +# restrict canary-checker to monitor single namespace for canaries. Leave blank to monitor all namespaces +canaryNamespace: "" + db: runMigrations: true embedded: @@ -58,6 +61,20 @@ nameOverride: "" allowPrivilegeEscalation: true +data: + defaultSearchWindow: 1h + cacheTimeoutDays: 90 + checkStatusRetentionDays: 180 + checkRetentionDays: 7 + canaryRetentionDays: 7 + +upstream: + enabled: false + host: "" + agentName: "" + username: "" + password: "" + ingress: enabled: false className: "" @@ -95,13 +112,16 @@ resources: cpu: 200m memory: 200Mi limits: - memory: 1512Mi + cpu: 500m + memory: 512Mi serviceAccount: {} # Configures extra annotations on the service account # annotations: # some: annotation +disableChecks: {} + extra: # nodeSelector: # key: value