Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Flowise: Add ability to connect to PostgreSQL using SSL #592

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Flowise: Add ability to connect to PostgreSQL using SSL #592

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions charts/flowise/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -202,6 +202,7 @@ The command deletes the release named `my-release` and frees all the kubernetes
| `externalPostgresql.existingSecret` | Name of existing Secret to use | `""` |
| `externalPostgresql.existingSecretKeyPassword` | Key in existing Secret that contains PostgreSQL password | `password` |
| `externalPostgresql.database` | External PostgreSQL database | `flowise` |
| `externalPostgresql.ssl` | Whether to connect using SSL | `false` |

### Wait parameters

Expand Down
6 changes: 5 additions & 1 deletion charts/flowise/templates/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ spec:
- /bin/sh
- -ec
- |
wait4x postgresql "postgres://${POSTGRESQL_USERNAME}:${POSTGRESQL_PASSWORD}@${POSTGRESQL_HOST}:${POSTGRESQL_PORT}/${POSTGRESQL_DATABASE}?sslmode=disable" --timeout 0
wait4x postgresql "postgres://${POSTGRESQL_USERNAME}:${POSTGRESQL_PASSWORD}@${POSTGRESQL_HOST}:${POSTGRESQL_PORT}/${POSTGRESQL_DATABASE}?sslmode=${POSTGRESQL_SSL}" --timeout 0
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As per https://www.postgresql.org/docs/current/libpq-ssl.html I'm not sure a simple true/false will work here?

env:
- name: POSTGRESQL_HOST
value: {{ include "flowise.postgresql.host" . | quote }}
Expand All @@ -101,6 +101,8 @@ spec:
key: {{ include "flowise.postgresql.secretKeyPassword" . }}
- name: POSTGRESQL_DATABASE
value: {{ include "flowise.postgresql.database" . | quote }}
- name: POSTGRESQL_SSL
value: {{ include "flowise.postgresql.ssl" . | lower }}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you need to add to _helpers.tpl:

{{/*
PostgreSQL ssl
*/}}
{{- define "flowise.postgresql.ssl" -}}
{{- if .Values.postgresql.enabled -}}
    false
{{- else -}}
    {{ .Values.externalPostgresql.ssl }}
{{- end -}}
{{- end -}}

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the "enabled = false" value should actually be disable. Or more likely the actual default value in values.yaml should be set to disable instead of false so it's more in line with the actual values postgres expects.

only "require" (default), "verify-full", "verify-ca", and "disable" supported

resources:
{{- toYaml .Values.wait.resources | nindent 12 }}
{{- end }}
Expand Down Expand Up @@ -177,6 +179,8 @@ spec:
key: {{ include "flowise.postgresql.secretKeyPassword" . }}
- name: DATABASE_NAME
value: {{ include "flowise.postgresql.database" . | quote }}
- name: POSTGRESQL_SSL
value: {{ include "flowise.postgresql.ssl" . | lower }}
{{- end }}
{{- if .Values.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }}
Expand Down
3 changes: 3 additions & 0 deletions charts/flowise/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -401,6 +401,9 @@ externalPostgresql:
## @param externalPostgresql.database External PostgreSQL database
database: flowise

## @param externalPostgresql.ssl Whether to connect using SSL
ssl: false

## @section Wait parameters

wait:
Expand Down