From 6e2cf1ab502c36f0ad8e8f57204043fe1fc74a86 Mon Sep 17 00:00:00 2001 From: Tim Campbell Date: Mon, 23 Sep 2024 10:40:09 +0200 Subject: [PATCH 01/10] Create job for uploading web assets to S3 --- templates/job-assets-copy.yaml | 81 ++++++++++++++++++++++++++++++++++ values.yaml | 10 +++++ 2 files changed, 91 insertions(+) create mode 100644 templates/job-assets-copy.yaml diff --git a/templates/job-assets-copy.yaml b/templates/job-assets-copy.yaml new file mode 100644 index 00000000..3286349e --- /dev/null +++ b/templates/job-assets-copy.yaml @@ -0,0 +1,81 @@ +{{- if .Values.mastodon.hooks.s3Upload.enabled -}} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "mastodon.fullname" . }}-assets-upload + labels: + {{- include "mastodon.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation + "helm.sh/hook-weight": "-1" +spec: + template: + metadata: + name: {{ include "mastodon.fullname" . }}-assets-upload + {{- with .Values.jobAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} volumes: + restartPolicy: Never + initContainers: + - name: extract-assets + image: "{{ coalesce .Values.mastodon.web.image.repository .Values.image.repository }}:{{ coalesce .Values.mastodon.web.image.tag .Values.image.tag .Chart.AppVersion }}" + imagePullPolicy: Always + command: + - cp + args: + - -rv + - public + - /assets + volumeMounts: + - mountPath: /assets + name: assets + containers: + - name: upload-assets + image: rclone/rclone:1 + imagePullPolicy: Always + env: + - name: RCLONE_S3_NO_CHECK_BUCKET + value: "true" + - name: RCLONE_CONFIG_REMOTE_TYPE + value: s3 + - name: RCLONE_CONFIG_REMOTE_PROVIDER + value: AWS + - name: RCLONE_CONFIG_REMOTE_ENDPOINT + value: {{ .Values.mastodon.hooks.s3Upload.endpoint }} + - name: RCLONE_CONFIG_REMOTE_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: {{ .Values.mastodon.hooks.s3Upload.secretRef.name }} + key: {{ .Values.mastodon.hooks.s3Upload.secretRef.keys.accesKeyId }} + - name: RCLONE_CONFIG_REMOTE_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: {{ .Values.mastodon.hooks.s3Upload.secretRef.name }} + key: {{ .Values.mastodon.hooks.s3Upload.secretRef.keys.secretAccessKey }} + command: + - rclone + args: + - copy + - /assets/public + - exo # defined in the env variable name above + - --progress + - -vv + volumeMounts: + - mountPath: /assets + name: assets + resources: + requests: + cpu: 100m + memory: 256Mi + limits: + memory: 500Mi + - name: assets + emptyDir: {} +{{- end -}} diff --git a/values.yaml b/values.yaml index 5117a6dc..df8f1cfb 100644 --- a/values.yaml +++ b/values.yaml @@ -28,6 +28,16 @@ mastodon: enabled: true assetsPrecompile: enabled: true + # Upload website assets to S3 before deploying + s3Upload: + enabled: false + endpoint: + bucket: + secretRef: + name: + keys: + accesKeyId: acces-key-id + secretAccessKey: secret-access-key # Custom labels to add to kubernetes resources #labels: cron: From 65936002dbf96f09a1368718f7b733887b6af892 Mon Sep 17 00:00:00 2001 From: Tim Campbell Date: Mon, 23 Sep 2024 10:56:13 +0200 Subject: [PATCH 02/10] Various fixes --- templates/job-assets-copy.yaml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/templates/job-assets-copy.yaml b/templates/job-assets-copy.yaml index 3286349e..c187796f 100644 --- a/templates/job-assets-copy.yaml +++ b/templates/job-assets-copy.yaml @@ -21,7 +21,8 @@ spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} - {{- end }} volumes: + {{- end }} + volumes: restartPolicy: Never initContainers: - name: extract-assets @@ -48,23 +49,23 @@ spec: - name: RCLONE_CONFIG_REMOTE_PROVIDER value: AWS - name: RCLONE_CONFIG_REMOTE_ENDPOINT - value: {{ .Values.mastodon.hooks.s3Upload.endpoint }} + value: {{ required "Please specify an endpoint for S3 asset uploads" .Values.mastodon.hooks.s3Upload.endpoint }} - name: RCLONE_CONFIG_REMOTE_ACCESS_KEY_ID valueFrom: secretKeyRef: - name: {{ .Values.mastodon.hooks.s3Upload.secretRef.name }} + name: {{ required "Please specify a secret with S3 credentials for S3 asset uploads" .Values.mastodon.hooks.s3Upload.secretRef.name }} key: {{ .Values.mastodon.hooks.s3Upload.secretRef.keys.accesKeyId }} - name: RCLONE_CONFIG_REMOTE_SECRET_ACCESS_KEY valueFrom: secretKeyRef: - name: {{ .Values.mastodon.hooks.s3Upload.secretRef.name }} + name: {{ required "Please specify a secret with S3 credentials for S3 asset uploads" .Values.mastodon.hooks.s3Upload.secretRef.name }} key: {{ .Values.mastodon.hooks.s3Upload.secretRef.keys.secretAccessKey }} command: - rclone args: - copy - /assets/public - - exo # defined in the env variable name above + - "remote:{{ required "Please specify a bucket for S3 asset uploads" .Values.mastodon.hooks.s3Upload.bucket }}" - --progress - -vv volumeMounts: @@ -76,6 +77,7 @@ spec: memory: 256Mi limits: memory: 500Mi + volumes: - name: assets emptyDir: {} {{- end -}} From 9e950fdaa1588f2d28b809af0ea8202f01637e3a Mon Sep 17 00:00:00 2001 From: Tim Campbell Date: Mon, 23 Sep 2024 14:09:26 +0200 Subject: [PATCH 03/10] Adjust copy parameters --- templates/job-assets-copy.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/templates/job-assets-copy.yaml b/templates/job-assets-copy.yaml index c187796f..17e52de7 100644 --- a/templates/job-assets-copy.yaml +++ b/templates/job-assets-copy.yaml @@ -66,6 +66,10 @@ spec: - copy - /assets/public - "remote:{{ required "Please specify a bucket for S3 asset uploads" .Values.mastodon.hooks.s3Upload.bucket }}" + - --fast-list + - --transfers=32 + - --include + - "{assets,packs}/**" - --progress - -vv volumeMounts: From 60cb8b54cc642710136e18a22850b30651e9e81c Mon Sep 17 00:00:00 2001 From: Tim Campbell Date: Mon, 23 Sep 2024 14:09:40 +0200 Subject: [PATCH 04/10] Bump chart version --- Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Chart.yaml b/Chart.yaml index 8d078ca8..e6155e9f 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time # you make changes to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 5.4.0 +version: 5.5.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to From d82305bf23d2c76e5305b9f24134dd3a323d8997 Mon Sep 17 00:00:00 2001 From: Tim Campbell Date: Mon, 30 Sep 2024 16:34:23 +0200 Subject: [PATCH 05/10] Add description of what issue these options fix --- values.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/values.yaml b/values.yaml index 073336b6..35c4bc65 100644 --- a/values.yaml +++ b/values.yaml @@ -28,7 +28,12 @@ mastodon: enabled: true assetsPrecompile: enabled: true - # Upload website assets to S3 before deploying + # Upload website assets to S3 before deploying. + # Whenever there is an update to Mastodon, sometimes there are assets files + # that are renamed. As the pods are getting redeployed, and old/new pods are + # present simultaneously, that old asset files are requested from pods that + # don't have them anymore. Uploading asset files to S3 in this manner solves + # this potential conflict. s3Upload: enabled: false endpoint: From 747b6810be238e70c95fec40e2fe867a6634fcd4 Mon Sep 17 00:00:00 2001 From: Tim Campbell Date: Mon, 30 Sep 2024 16:35:39 +0200 Subject: [PATCH 06/10] Wording fix --- values.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/values.yaml b/values.yaml index 35c4bc65..3eaa342a 100644 --- a/values.yaml +++ b/values.yaml @@ -31,9 +31,9 @@ mastodon: # Upload website assets to S3 before deploying. # Whenever there is an update to Mastodon, sometimes there are assets files # that are renamed. As the pods are getting redeployed, and old/new pods are - # present simultaneously, that old asset files are requested from pods that - # don't have them anymore. Uploading asset files to S3 in this manner solves - # this potential conflict. + # present simultaneously, there is a change that old asset files are + # requested from pods that don't have them anymore. Uploading asset files to + # S3 in this manner solves this potential conflict. s3Upload: enabled: false endpoint: From 66f9d76ac1eaf80d56c5d79a1fc3f5cc152a82cc Mon Sep 17 00:00:00 2001 From: Tim Campbell Date: Mon, 30 Sep 2024 11:57:36 -0700 Subject: [PATCH 07/10] Update values.yaml Co-authored-by: Renaud Chaput --- values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/values.yaml b/values.yaml index 3eaa342a..193c59d1 100644 --- a/values.yaml +++ b/values.yaml @@ -31,7 +31,7 @@ mastodon: # Upload website assets to S3 before deploying. # Whenever there is an update to Mastodon, sometimes there are assets files # that are renamed. As the pods are getting redeployed, and old/new pods are - # present simultaneously, there is a change that old asset files are + # present simultaneously, there is a chance that old asset files are # requested from pods that don't have them anymore. Uploading asset files to # S3 in this manner solves this potential conflict. s3Upload: From a9e4cfc515a50056260a42af7e409b30f106879e Mon Sep 17 00:00:00 2001 From: Tim Campbell Date: Mon, 30 Sep 2024 11:57:43 -0700 Subject: [PATCH 08/10] Update values.yaml Co-authored-by: Renaud Chaput --- values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/values.yaml b/values.yaml index 193c59d1..ec2a8935 100644 --- a/values.yaml +++ b/values.yaml @@ -32,7 +32,7 @@ mastodon: # Whenever there is an update to Mastodon, sometimes there are assets files # that are renamed. As the pods are getting redeployed, and old/new pods are # present simultaneously, there is a chance that old asset files are - # requested from pods that don't have them anymore. Uploading asset files to + # requested from pods that don't have them anymore, or new asset files are requested from old pods. Uploading asset files to # S3 in this manner solves this potential conflict. s3Upload: enabled: false From 3f4ae51dbf1ae196803648fa9c097509f5b67b0a Mon Sep 17 00:00:00 2001 From: Tim Campbell Date: Tue, 1 Oct 2024 08:51:41 +0200 Subject: [PATCH 09/10] Add comments about routing --- values.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/values.yaml b/values.yaml index ec2a8935..c18df07a 100644 --- a/values.yaml +++ b/values.yaml @@ -32,8 +32,11 @@ mastodon: # Whenever there is an update to Mastodon, sometimes there are assets files # that are renamed. As the pods are getting redeployed, and old/new pods are # present simultaneously, there is a chance that old asset files are - # requested from pods that don't have them anymore, or new asset files are requested from old pods. Uploading asset files to - # S3 in this manner solves this potential conflict. + # requested from pods that don't have them anymore, or new asset files are + # requested from old pods. Uploading asset files to S3 in this manner solves + # this potential conflict. + # Note that you will need to CDN/proxy to send all requests to /assets and + # /packs to this bucket. s3Upload: enabled: false endpoint: From 720c05f2e621a1909a4f1c6d20b95f3dcb9febee Mon Sep 17 00:00:00 2001 From: Tim Campbell Date: Tue, 1 Oct 2024 11:27:19 +0200 Subject: [PATCH 10/10] Added ability to specify env variables --- templates/job-assets-copy.yaml | 3 +++ values.yaml | 5 ++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/templates/job-assets-copy.yaml b/templates/job-assets-copy.yaml index 17e52de7..f4ec87fe 100644 --- a/templates/job-assets-copy.yaml +++ b/templates/job-assets-copy.yaml @@ -60,6 +60,9 @@ spec: secretKeyRef: name: {{ required "Please specify a secret with S3 credentials for S3 asset uploads" .Values.mastodon.hooks.s3Upload.secretRef.name }} key: {{ .Values.mastodon.hooks.s3Upload.secretRef.keys.secretAccessKey }} + {{- with .Values.mastodon.hooks.s3Upload.rclone.env }} + {{- toYaml . | nindent 12 }} + {{- end }} command: - rclone args: diff --git a/values.yaml b/values.yaml index c18df07a..e6ab46d1 100644 --- a/values.yaml +++ b/values.yaml @@ -28,7 +28,7 @@ mastodon: enabled: true assetsPrecompile: enabled: true - # Upload website assets to S3 before deploying. + # Upload website assets to S3 before deploying using rclone. # Whenever there is an update to Mastodon, sometimes there are assets files # that are renamed. As the pods are getting redeployed, and old/new pods are # present simultaneously, there is a chance that old asset files are @@ -46,6 +46,9 @@ mastodon: keys: accesKeyId: acces-key-id secretAccessKey: secret-access-key + rclone: + # Any additional environment variables to pass to rclone. + env: {} # Custom labels to add to kubernetes resources #labels: cron: