diff --git a/.ci/ct-config.yaml b/.ci/ct-config.yaml index 66e88627..dca383d5 100644 --- a/.ci/ct-config.yaml +++ b/.ci/ct-config.yaml @@ -1,4 +1,6 @@ # This file defines the config for "ct" (chart tester) used by the helm linting GitHub workflow lint-conf: .ci/lint-config.yaml -validate-maintainers: false \ No newline at end of file +target-branch: master +validate-maintainers: false +check-version-increment: false diff --git a/.github/workflows/on-push-lint-charts.yml b/.github/workflows/on-push-lint-charts.yml index 71dd7225..e68538f4 100644 --- a/.github/workflows/on-push-lint-charts.yml +++ b/.github/workflows/on-push-lint-charts.yml @@ -64,7 +64,7 @@ jobs: strategy: matrix: # Choose from https://hub.docker.com/r/kindest/node/tags - KubeVersion: [ 1.27.3, 1.28.0, 1.29.0 ] + KubeVersion: [ 1.30.10, 1.31.6, 1.32.2] steps: - name: Checkout @@ -78,7 +78,7 @@ jobs: python-version: 3.11 - name: Set up chart-testing - uses: helm/chart-testing-action@v2.6.0 + uses: helm/chart-testing-action@v2.7.0 - name: Run chart-testing (list-changed) id: list-changed diff --git a/.github/workflows/on-push-master-publish-chart.yml b/.github/workflows/on-push-master-publish-chart.yml index b33c61b3..734d4eef 100644 --- a/.github/workflows/on-push-master-publish-chart.yml +++ b/.github/workflows/on-push-master-publish-chart.yml @@ -27,7 +27,7 @@ jobs: git config user.email "$GITHUB_ACTOR@users.noreply.github.com" - name: Run chart-releaser - uses: helm/chart-releaser-action@v1.6.0 + uses: helm/chart-releaser-action@v1.7.0 env: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/charts/docker-mailserver/README.md b/charts/docker-mailserver/README.md index 23dfd890..65c0d511 100644 --- a/charts/docker-mailserver/README.md +++ b/charts/docker-mailserver/README.md @@ -179,7 +179,7 @@ If you do not enable the PROXY protocol and your mail server is not exposed usin ## Persistence -By default, the Chart creates four PersistentVolumeClaims. These are defined under the `persistence` key: +By default, the Chart assumes there are for Persistent volumes. Thus it requests four PersistentVolumeClaims which are defined using the `persistent_volume_claims` key. Each PVC can be set to an existing claim by settin the `persistent_volume_claims..existing_claim` key or a new cliams. To disable creation of a PVC, set `persistent_volume_claims..enabled` to false. The default PVCs have the following characteristics: | PVC Name | Default Size | Mount | Description | | ---------- | ------- | ----------------------- | -------------------------------------| @@ -188,6 +188,25 @@ By default, the Chart creates four PersistentVolumeClaims. These are defined und | mail-state | 1Gi | /var/mail-state | Stores [state](https://docker-mailserver.github.io/docker-mailserver/latest/faq/#what-about-the-docker-datadmsmail-state-directory) for mail services | | mail-log | 1Gi | /var/log/mail | Stores log files | +The PVCs are then mounted to `volumeMounts` via the `persistence` key. Each `volumeMount` must specify a volume name and mount path. It is also possbile to set a subpath via the `subPath` key. + +Extra volumes and volume mounts may be added using the `extraVolumes` and `extraVolumeMounts` keys. + +## Upgrading to Version 5 +Version 5.0 upgrades docker-mailserver to version 15. This version of the chart *does* include backwards incompatible changes + +### PersistentVolumeClaims + +Previously by default the Chart created four persistent volume claims and then mounted them to the container. This made it difficult for users that want to use just one Volume. Therefore the `persistence` key was spit into two keys: + +* `persistent_volume_claims` +* `persistence` + +This separate the creation of PVCs from mounting their associated volumes. If you previously overrode the creation of PVCs or their mount paths you will need to update your custom `values.yaml` file. + +## Upgrading to Version 4 +Version 4.0 upgrades docker-mailserver to version 14. There are no backwards incompatible changes in the chart. + ## Upgrading to Version 3 Version 3.0 is not backwards compatible with previous versions. The biggest changes include: diff --git a/charts/docker-mailserver/templates/deployment.yaml b/charts/docker-mailserver/templates/deployment.yaml index d8e1ace3..a32c7622 100644 --- a/charts/docker-mailserver/templates/deployment.yaml +++ b/charts/docker-mailserver/templates/deployment.yaml @@ -71,12 +71,12 @@ spec: {{- end }} # PVCs - {{- range $name, $persistence := .Values.persistence }} - {{- if $persistence.enabled }} + {{- range $name, $pvc := .Values.persistent_volume_claims }} + {{- if $pvc.enabled }} - name: {{ $name }} persistentVolumeClaim: - {{- if $persistence.existingClaim}} - claimName: {{ $persistence.existingClaim }} + {{- if $pvc.existingClaim}} + claimName: {{ $pvc.existingClaim }} {{ else }} claimName: {{ template "dockermailserver.fullname" $ }}-{{ $name }} {{ end }} @@ -168,13 +168,11 @@ spec: # Mount Volumes {{- range $name, $persistence := .Values.persistence }} - {{- if $persistence.enabled }} - - name: {{ $name }} + - name: {{ $persistence.volumeName }} mountPath: {{ $persistence.mountPath }} {{- if $persistence.subPath }} subPath: {{ $persistence.subPath }} {{- end }} - {{- end }} {{- end }} # Mount Extra Volumes diff --git a/charts/docker-mailserver/templates/pvc.yaml b/charts/docker-mailserver/templates/pvc.yaml index 14b82d3f..c8c59101 100644 --- a/charts/docker-mailserver/templates/pvc.yaml +++ b/charts/docker-mailserver/templates/pvc.yaml @@ -1,26 +1,26 @@ -{{- range $name, $persistence := .Values.persistence -}} -{{- if and (not $persistence.existingClaim) ($persistence.enabled) }} +{{- range $name, $pvc := .Values.persistent_volume_claims -}} +{{- if and (not $pvc.existingClaim) ($pvc.enabled) }} kind: PersistentVolumeClaim apiVersion: v1 metadata: name: {{ template "dockermailserver.fullname" $ }}-{{ $name }} - {{- if $persistence.annotations }} + {{- if $pvc.annotations }} annotations: - {{ toYaml $persistence.annotations | indent 2 }} + {{ toYaml $pvc.annotations }} {{ end }} spec: accessModes: - {{ toYaml $persistence.accessModes | indent 2 }} + {{ toYaml $pvc.accessModes | indent 2 }} - {{- if $persistence.storageClass }} - storageClassName: {{ $persistence.storageClass | quote }} + {{- if $pvc.storageClass }} + storageClassName: {{ $pvc.storageClass | quote }} {{- end }} resources: requests: - storage: {{ $persistence.size | quote }} - {{- if $persistence.selector }} + storage: {{ $pvc.size | quote }} + {{- if $pvc.selector }} selector: -{{ toYaml $persistence.selector | indent 4 }} +{{ toYaml $pvc.selector | indent 4 }} {{ end }} --- {{- end }} diff --git a/charts/docker-mailserver/tests/__snapshot__/pvc_test.yaml.snap b/charts/docker-mailserver/tests/__snapshot__/pvc_test.yaml.snap index 7b5f41e6..9ec0edf4 100644 --- a/charts/docker-mailserver/tests/__snapshot__/pvc_test.yaml.snap +++ b/charts/docker-mailserver/tests/__snapshot__/pvc_test.yaml.snap @@ -43,7 +43,7 @@ manifest should match snapshot: resources: requests: storage: 1Gi -should apply annotations from persistence.annotations: +should apply annotations from persistent_volume_claims.annotations: 1: | apiVersion: v1 kind: PersistentVolumeClaim diff --git a/charts/docker-mailserver/tests/pvc_test.yaml b/charts/docker-mailserver/tests/pvc_test.yaml index f02d70d9..6fbd9e91 100644 --- a/charts/docker-mailserver/tests/pvc_test.yaml +++ b/charts/docker-mailserver/tests/pvc_test.yaml @@ -7,9 +7,9 @@ chart: version: 0.1.0 appVersion: 0.1.0 tests: - - it: should apply annotations from persistence.annotations + - it: should apply annotations from persistent_volume_claims.annotations set: - persistence: + persistent_volume_claims: mail-config: annotations: backup.banana.io/deltas: pancakes @@ -18,7 +18,7 @@ tests: - it: should create pvc of specified size set: - persistence: + persistent_volume_claims: mail-data: size: 1Pb documentIndex: 1 diff --git a/charts/docker-mailserver/values.yaml b/charts/docker-mailserver/values.yaml index a2ea32c8..c61f2356 100644 --- a/charts/docker-mailserver/values.yaml +++ b/charts/docker-mailserver/values.yaml @@ -329,14 +329,12 @@ service: labels: {} # Note this is a dictionary and not a list so individual keys can be overridden by --set or --value helm parameters -persistence: +persistent_volume_claims: # Stores generated configuration files # https://docker-mailserver.github.io/docker-mailserver/edge/faq/#what-about-the-docker-datadmsconfig-directory mail-config: enabled: true existingClaim: "" - mountPath: /tmp/docker-mailserver - subPath: "" size: "1Mi" annotations: {} accessModes: @@ -348,9 +346,7 @@ persistence: mail-data: enabled: true existingClaim: "" - subPath: "" size: 10Gi - mountPath: /var/mail annotations: {} accessModes: - ReadWriteOnce @@ -362,8 +358,6 @@ persistence: mail-state: enabled: true existingClaim: "" - mountPath: /var/mail-state - subPath: "" size: "1Gi" annotations: {} accessModes: @@ -375,8 +369,6 @@ persistence: mail-log: enabled: true existingClaim: "" - mountPath: /var/log/mail - subPath: "" size: "1Gi" annotations: {} accessModes: @@ -384,6 +376,33 @@ persistence: storageClass: selector: {} +persistence: + # Stores generated configuration files + # https://docker-mailserver.github.io/docker-mailserver/edge/faq/#what-about-the-docker-datadmsconfig-directory + mail-config: + volumeName: mail-config + mountPath: /tmp/docker-mailserver + subPath: + + # Stores emails + mail-data: + volumeName: mail-data + mountPath: /var/mail + subPath: + + # Stores state for Postfix, Dovecot, Fail2Ban, Amavis, PostGrey, ClamAV, SpamAssassin, Rspamd & Redis + # https://docker-mailserver.github.io/docker-mailserver/edge/faq/#what-about-the-docker-datadmsmail-state-directory + mail-state: + volumeName: mail-state + mountPath: /var/mail-state + subPath: + + # Store mail logs + mail-log: + volumeName: mail-log + mountPath: /var/log/mail + subPath: + ## Monitoring adds the prometheus.io annotations to pods and services, so that the Prometheus Kubernetes SD mechanism ## as configured in the examples will automatically discover both the pods and the services to query. ## diff --git a/helm.yaml b/helm.yaml new file mode 100644 index 00000000..5e2e2d93 --- /dev/null +++ b/helm.yaml @@ -0,0 +1,259 @@ +--- +# Source: immich/templates/machine-learning.yaml +apiVersion: v1 +kind: Service +metadata: + name: release-name-machine-learning + labels: + app.kubernetes.io/service: release-name-machine-learning + app.kubernetes.io/instance: release-name + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: machine-learning + app.kubernetes.io/version: v1.119.0 + helm.sh/chart: immich-0.9.0 + annotations: +spec: + type: ClusterIP + ports: + - port: 3003 + targetPort: http + protocol: TCP + name: http + selector: + app.kubernetes.io/instance: release-name + app.kubernetes.io/name: machine-learning +--- +# Source: immich/templates/server.yaml +apiVersion: v1 +kind: Service +metadata: + name: release-name-server + labels: + app.kubernetes.io/service: release-name-server + app.kubernetes.io/instance: release-name + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: server + app.kubernetes.io/version: v1.119.0 + helm.sh/chart: immich-0.9.0 + annotations: +spec: + type: ClusterIP + ports: + - port: 2283 + targetPort: http + protocol: TCP + name: http + selector: + app.kubernetes.io/instance: release-name + app.kubernetes.io/name: server +--- +# Source: immich/templates/machine-learning.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: release-name-machine-learning + labels: + app.kubernetes.io/instance: release-name + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: machine-learning + app.kubernetes.io/version: v1.119.0 + helm.sh/chart: immich-0.9.0 +spec: + revisionHistoryLimit: 3 + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app.kubernetes.io/name: machine-learning + app.kubernetes.io/instance: release-name + template: + metadata: + labels: + app.kubernetes.io/name: machine-learning + app.kubernetes.io/instance: release-name + spec: + + serviceAccountName: default + automountServiceAccountToken: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + containers: + - name: release-name-machine-learning + image: ghcr.io/immich-app/immich-machine-learning:v1.119.0 + imagePullPolicy: IfNotPresent + env: + - name: DB_DATABASE_NAME + value: immich + - name: DB_HOSTNAME + value: postgresql.data + - name: DB_PASSWORD + value: immich + - name: DB_USERNAME + value: immich + - name: DB_VECTOR_EXTENSION + value: pgvector + - name: IMMICH_MACHINE_LEARNING_URL + value: http://release-name-machine-learning:3003 + - name: IMMICH_TELEMETRY_INCLUDE + value: all + - name: REDIS_HOSTNAME + value: redis-master.data + - name: TRANSFORMERS_CACHE + value: /cache + ports: + - name: http + containerPort: 3003 + protocol: TCP + volumeMounts: + - name: cache + mountPath: /cache + livenessProbe: + failureThreshold: 3 + httpGet: + path: /ping + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + readinessProbe: + failureThreshold: 3 + httpGet: + path: /ping + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + startupProbe: + failureThreshold: 60 + httpGet: + path: /ping + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + volumes: + - name: cache + emptyDir: + {} +--- +# Source: immich/templates/server.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: release-name-server + labels: + app.kubernetes.io/instance: release-name + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: server + app.kubernetes.io/version: v1.119.0 + helm.sh/chart: immich-0.9.0 +spec: + revisionHistoryLimit: 3 + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app.kubernetes.io/name: server + app.kubernetes.io/instance: release-name + template: + metadata: + labels: + app.kubernetes.io/name: server + app.kubernetes.io/instance: release-name + spec: + + serviceAccountName: default + automountServiceAccountToken: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + containers: + - name: release-name-server + image: ghcr.io/immich-app/immich-server:v1.119.0 + imagePullPolicy: IfNotPresent + env: + - name: DB_DATABASE_NAME + value: immich + - name: DB_HOSTNAME + value: postgresql.data + - name: DB_PASSWORD + value: immich + - name: DB_USERNAME + value: immich + - name: DB_VECTOR_EXTENSION + value: pgvector + - name: IMMICH_MACHINE_LEARNING_URL + value: http://release-name-machine-learning:3003 + - name: IMMICH_TELEMETRY_INCLUDE + value: all + - name: REDIS_HOSTNAME + value: redis-master.data + ports: + - name: http + containerPort: 2283 + protocol: TCP + volumeMounts: + - name: library + mountPath: /usr/src/app/upload + - name: pictures + mountPath: /pictures + subPath: cfis + livenessProbe: + failureThreshold: 3 + httpGet: + path: /api/server/ping + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + readinessProbe: + failureThreshold: 3 + httpGet: + path: /api/server/ping + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + startupProbe: + failureThreshold: 30 + httpGet: + path: /api/server/ping + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + volumes: + - name: library + persistentVolumeClaim: + claimName: immich-library + - name: pictures + persistentVolumeClaim: + claimName: pictures-cfis +--- +# Source: immich/templates/server.yaml +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: release-name-server + labels: + app.kubernetes.io/instance: release-name + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: server + app.kubernetes.io/version: v1.119.0 + helm.sh/chart: immich-0.9.0 + annotations: + nginx.ingress.kubernetes.io/proxy-body-size: "0" +spec: + ingressClassName: nginx + rules: + - host: "immich.savagexi.com" + http: + paths: + - path: "/" + pathType: Prefix + backend: + service: + name: release-name-server + port: + number: 2283