Skip to content

Feature/ch 199 200 elasticsearch and env confs#813

Merged
filippomc merged 6 commits intodevelopfrom
feature/CH-199-200-elasticsearch-and-env-confs
Jun 19, 2025
Merged

Feature/ch 199 200 elasticsearch and env confs#813
filippomc merged 6 commits intodevelopfrom
feature/CH-199-200-elasticsearch-and-env-confs

Conversation

@filippomc
Copy link
Copy Markdown
Collaborator

@filippomc filippomc commented Jun 18, 2025
edited
Loading

Closes CH-199
Closes CH-200

Implemented solution

CH-199

added helm chart from https://github.com/elastic/helm-charts/tree/main/elasticsearch
Main tweaks:

  • remove security, replaced by gatekeeper security. This required to change the readiness probe too
  • changed replicas and requests configuration

CH-200

now can add [FILE]-[ENV].(yaml|json) anywhere in configurations, including templates and charts. The ENV version will override anything within [FILE].(yaml|json)

How to test this PR

...

Sanity checks:

  • The pull request is explicitly linked to the relevant issue(s)
  • The issue is well described: clearly states the problem and the general proposed solution(s)
  • In this PR it is explicitly stated how to test the current change
  • The labels in the issue set the scope and the type of issue (bug, feature, etc.)
  • The relevant components are indicated in the issue (if any)
  • All the automated test checks are passing
  • All the linked issues are included in one Sprint
  • All the linked issues are in the Review state
  • All the linked issues are assigned

Breaking changes (select one):

  • The present changes do not change the preexisting api in any way
  • This PR and the issue are tagged as a breaking-change and the migration procedure is well described above

Possible deployment updates issues (select one):

  • There is no reason why deployments based on CloudHarness may break after the current update
  • This PR and the issue are tagged as alert:deployment

Test coverage (select one):

  • Tests for the relevant cases are included in this pr
  • The changes included in this pr are out of the current test coverage scope

Documentation (select one):

  • The documentation has been updated to match the current changes
  • The changes included in this PR are out of the current documentation scope

Nice to have (if relevant):

  • Screenshots of the changes
  • Explanatory video/animated gif

Copilot AI reviewed Jun 18, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR integrates the official Elastic helm chart for Elasticsearch with custom tweaks, including removal of the built-in security in favor of Gatekeeper and support for environment-specific configuration overrides.

  • Integrated the official Elastic helm chart and made necessary adjustments to resources and security probes.
  • Added support for override configuration files ([FILE]-[ENV].yaml/json) and enabled testing through Helm test hooks.

Reviewed Changes

Copilot reviewed 20 out of 34 changed files in this pull request and generated no comments.

Show a summary per file
File Description
applications/elasticsearch/deploy/charts/values-dev.yaml Added resource and storage configuration for the development environment.
applications/elasticsearch/deploy/charts/templates/test/test-elasticsearch-health.yaml Introduced a test pod for Elasticsearch health checks using a Helm hook.
applications/elasticsearch/deploy/charts/templates/statefulset.yaml Configured the StatefulSet with updated templates including security contexts, affinity rules, and readiness probes.
applications/elasticsearch/deploy/charts/templates/serviceaccount.yaml Created a ServiceAccount resource when RBAC creation is enabled.
applications/elasticsearch/deploy/charts/templates/service.yaml Defined both standard and headless services for the Elasticsearch pods.
applications/elasticsearch/deploy/charts/templates/secret*.yaml Set up secrets for credentials and TLS certificates with dynamic generation as needed.
applications/elasticsearch/deploy/charts/templates/role*.yaml and podsecuritypolicy.yaml Configured RBAC resources; note the PodSecurityPolicy implementation.
applications/elasticsearch/deploy/charts/templates/networkpolicy.yaml and ingress.yaml Established network rules and ingress for HTTP and transport traffic.
applications/elasticsearch/deploy/charts/templates/configmap.yaml and _helpers.tpl Provided configuration templates and helper functions for naming and certificate generation.
applications/elasticsearch/deploy/charts/Chart.yaml, .helmignore, Makefile, and README.md Updated chart metadata, build helpers, and documentation.
Comments suppressed due to low confidence (1)

applications/elasticsearch/deploy/charts/templates/podsecuritypolicy.yaml:3

  • The PodSecurityPolicy resource is defined using apiVersion 'policy/v1beta1', which is deprecated in newer Kubernetes versions (>=1.25). Consider updating this resource to a supported alternative or providing a migration plan.
apiVersion: policy/v1beta1

@filippomc filippomc merged commit 0e102d4 into develop Jun 19, 2025
5 of 7 checks passed
@filippomc filippomc deleted the feature/CH-199-200-elasticsearch-and-env-confs branch June 19, 2025 16:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@D-GopalKrishna D-GopalKrishna Awaiting requested review from D-GopalKrishna

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@filippomc