diff --git a/charts/featbit/Chart.lock b/charts/featbit/Chart.lock index 7ba488b..597f3df 100644 --- a/charts/featbit/Chart.lock +++ b/charts/featbit/Chart.lock @@ -1,15 +1,15 @@ dependencies: - name: mongodb repository: https://groundhog2k.github.io/helm-charts/ - version: 0.6.2 + version: 0.6.3 - name: redis repository: https://charts.bitnami.com/bitnami - version: 17.0.1 + version: 18.12.1 - name: kafka repository: https://charts.bitnami.com/bitnami - version: 23.0.7 + version: 26.8.5 - name: clickhouse repository: https://charts.bitnami.com/bitnami - version: 3.6.8 -digest: sha256:53402193e59d5eeadc35e1066896671269bea829e0e969ac372befcabf740620 -generated: "2024-01-15T22:12:19.83632+01:00" + version: 4.5.4 +digest: sha256:083f6794b528c3fad94381b561346dd8468f1e7b0c3be3acde9d1502d6e179cf +generated: "2024-02-06T10:46:01.488044+01:00" diff --git a/charts/featbit/Chart.yaml b/charts/featbit/Chart.yaml index 7f981b9..5f72448 100644 --- a/charts/featbit/Chart.yaml +++ b/charts/featbit/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.2.1 +version: 0.3.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -32,20 +32,20 @@ sources: dependencies: - name: mongodb - version: 0.6.2 + version: 0.6.3 repository: https://groundhog2k.github.io/helm-charts/ condition: mongodb.enabled - name: redis - version: 17.0.1 + version: 18.12.1 repository: https://charts.bitnami.com/bitnami condition: redis.enabled - name: kafka repository: https://charts.bitnami.com/bitnami - version: 23.0.7 + version: 26.8.5 condition: kafka.enabled - name: clickhouse repository: https://charts.bitnami.com/bitnami - version: 3.6.8 + version: 4.5.4 condition: clickhouse.enabled maintainers: diff --git a/charts/featbit/templates/_helpers.tpl b/charts/featbit/templates/_helpers.tpl index 19edb84..544cbbc 100644 --- a/charts/featbit/templates/_helpers.tpl +++ b/charts/featbit/templates/_helpers.tpl @@ -368,7 +368,11 @@ Return whether Redis uses password authentication or not {{- end }} {{- define "featbit.kafka.producer.auth.enabled" -}} -{{- if and (not .Values.kafka.enabled) (or .Values.externalKafka.brokers.producer.password .Values.externalKafka.brokers.producer.existingSecret) -}} +{{- if .Values.kafka.enabled -}} +{{- if ne "PLAINTEXT" (upper .Values.kafka.listeners.client.protocol) -}} + {{- true -}} +{{- end -}} +{{- else if and (not .Values.kafka.enabled) (or .Values.externalKafka.brokers.producer.password .Values.externalKafka.brokers.producer.existingSecret) -}} {{- true -}} {{- end -}} {{- end -}} @@ -380,7 +384,13 @@ Return whether Redis uses password authentication or not {{- end -}} {{- define "featbit.kafka.producer.secretName" -}} -{{- if .Values.externalKafka.brokers.producer.existingSecret }} +{{- if .Values.kafka.enabled -}} +{{- if .Values.kafka.sasl.existingSecret -}} + {{- printf "%s" .Values.kafka.sasl.existingSecret -}} +{{- else -}} + {{- printf "%s-user-passwords" (include "featbit.kafka.fullname" .) -}} +{{- end -}} +{{- else if .Values.externalKafka.brokers.producer.existingSecret }} {{- printf "%s" .Values.externalKafka.brokers.producer.existingSecret -}} {{- else -}} {{- printf "%s-external-producer" (include "featbit.kafka.fullname" .) -}} @@ -388,7 +398,9 @@ Return whether Redis uses password authentication or not {{- end -}} {{- define "featbit.kafka.producer.secretPasswordKey" -}} -{{- if and (not .Values.kafka.enabled) .Values.externalKafka.brokers.producer.existingSecret -}} +{{- if .Values.kafka.enabled -}} + {{- printf "client-passwords" -}} +{{- else if and (not .Values.kafka.enabled) .Values.externalKafka.brokers.producer.existingSecret -}} {{- required "You need to provide existingSecretPasswordKey when an existingSecret is specified in external kafka producer" .Values.externalKafka.brokers.producer.existingSecretPasswordKey | printf "%s" -}} {{- else -}} {{- printf "kafka-external-producer-password" -}} @@ -396,7 +408,11 @@ Return whether Redis uses password authentication or not {{- end -}} {{- define "featbit.kafka.consumer.auth.enabled" -}} -{{- if and (not .Values.kafka.enabled) (or .Values.externalKafka.brokers.consumer.password .Values.externalKafka.brokers.consumer.existingSecret) -}} +{{- if .Values.kafka.enabled -}} +{{- if ne "PLAINTEXT" (upper .Values.kafka.listeners.client.protocol) -}} + {{- true -}} +{{- end -}} +{{- else if and (not .Values.kafka.enabled) (or .Values.externalKafka.brokers.consumer.password .Values.externalKafka.brokers.consumer.existingSecret) -}} {{- true -}} {{- end -}} {{- end -}} @@ -408,7 +424,13 @@ Return whether Redis uses password authentication or not {{- end -}} {{- define "featbit.kafka.consumer.secretName" -}} -{{- if .Values.externalKafka.brokers.consumer.existingSecret }} +{{- if .Values.kafka.enabled -}} +{{- if .Values.kafka.sasl.existingSecret -}} + {{- printf "%s" .Values.kafka.sasl.existingSecret -}} +{{- else -}} + {{- printf "%s-user-passwords" (include "featbit.kafka.fullname" .) -}} +{{- end -}} +{{- else if .Values.externalKafka.brokers.consumer.existingSecret }} {{- printf "%s" .Values.externalKafka.brokers.consumer.existingSecret -}} {{- else -}} {{- printf "%s-external-consumer" (include "featbit.kafka.fullname" .) -}} @@ -416,13 +438,63 @@ Return whether Redis uses password authentication or not {{- end -}} {{- define "featbit.kafka.consumer.secretPasswordKey" -}} -{{- if and (not .Values.kafka.enabled) .Values.externalKafka.brokers.consumer.existingSecret -}} +{{- if .Values.kafka.enabled -}} + {{- printf "client-passwords" -}} +{{- else if and (not .Values.kafka.enabled) .Values.externalKafka.brokers.consumer.existingSecret -}} {{- required "You need to provide existingSecretPasswordKey when an existingSecret is specified in external kafka consumer" .Values.externalKafka.brokers.consumer.existingSecretPasswordKey | printf "%s" -}} {{- else -}} {{- printf "kafka-external-consumer-password" -}} {{- end -}} {{- end -}} +{{- define "featbit.kafka.producer.user" -}} +{{- if .Values.kafka.enabled -}} + {{- printf "%s" (first .Values.kafka.sasl.client.users) -}} +{{- else -}} + {{- printf "%s" .Values.externalKafka.brokers.producer.user -}} +{{- end -}} +{{- end -}} + +{{- define "featbit.kafka.consumer.user" -}} +{{- if .Values.kafka.enabled -}} + {{- printf "%s" (first .Values.kafka.sasl.client.users) -}} +{{- else -}} + {{- printf "%s" .Values.externalKafka.brokers.consumer.user -}} +{{- end -}} +{{- end -}} + +{{- define "featbit.kafka.producer.protocol" -}} +{{- if .Values.kafka.enabled -}} + {{- printf "%s" (.Values.kafka.listeners.client.protocol) -}} +{{- else -}} + {{- printf "%s" .Values.externalKafka.brokers.producer.protocol -}} +{{- end -}} +{{- end -}} + +{{- define "featbit.kafka.consumer.protocol" -}} +{{- if .Values.kafka.enabled -}} + {{- printf "%s" (.Values.kafka.listeners.client.protocol) -}} +{{- else -}} + {{- printf "%s" .Values.externalKafka.brokers.consumer.protocol -}} +{{- end -}} +{{- end -}} + +{{- define "featbit.kafka.producer.mechanism" -}} +{{- if .Values.kafka.enabled -}} + {{- printf "PLAIN" -}} +{{- else -}} + {{- printf "%s" .Values.externalKafka.brokers.producer.mechanism -}} +{{- end -}} +{{- end -}} + +{{- define "featbit.kafka.consumer.mechanism" -}} +{{- if .Values.kafka.enabled -}} + {{- printf "PLAIN" -}} +{{- else -}} + {{- printf "%s" .Values.externalKafka.brokers.consumer.mechanism -}} +{{- end -}} +{{- end -}} + {* ------ CLICKHOUSE ------ *} diff --git a/charts/featbit/templates/_pro-env.tpl b/charts/featbit/templates/_pro-env.tpl index 4c1da84..1d8b479 100644 --- a/charts/featbit/templates/_pro-env.tpl +++ b/charts/featbit/templates/_pro-env.tpl @@ -40,11 +40,11 @@ {{- end }} {{- if (include "featbit.kafka.producer.auth.enabled" .) }} - name: KAFKA_SECURITY_PROTOCOL - value: {{ .Values.externalKafka.brokers.producer.protocol }} + value: {{ include "featbit.kafka.producer.protocol" . }} - name: KAFKA_SASL_MECHANISM - value: {{ .Values.externalKafka.brokers.producer.mechanism }} + value: {{ include "featbit.kafka.producer.mechanism" . }} - name: KAFKA_SASL_USER - value: {{ .Values.externalKafka.brokers.producer.user }} + value: {{ include "featbit.kafka.producer.user" . }} - name: KAFKA_SASL_PASSWORD valueFrom: secretKeyRef: @@ -65,30 +65,30 @@ {{- if (include "featbit.kafka.producer.auth.enabled" .) }} - name: Kafka__Producer__sasl.username - value: {{ .Values.externalKafka.brokers.producer.user }} + value: {{ include "featbit.kafka.producer.user" . }} - name: Kafka__Producer__sasl.password valueFrom: secretKeyRef: name: {{ include "featbit.kafka.producer.secretName" . }} key: {{ include "featbit.kafka.producer.secretPasswordKey" . }} - name: Kafka__Producer__sasl.mechanism - value: {{ .Values.externalKafka.brokers.producer.mechanism }} + value: {{ include "featbit.kafka.producer.mechanism" . }} - name: Kafka__Producer__security.protocol - value: {{ .Values.externalKafka.brokers.producer.protocol }} + value: {{ include "featbit.kafka.producer.protocol" . }} {{- end }} {{- if (include "featbit.kafka.consumer.auth.enabled" .) }} - name: Kafka__Consumer__sasl.username - value: {{ .Values.externalKafka.brokers.consumer.user }} + value: {{ include "featbit.kafka.consumer.user" . }} - name: Kafka__Consumer__sasl.password valueFrom: secretKeyRef: name: {{ include "featbit.kafka.consumer.secretName" . }} key: {{ include "featbit.kafka.consumer.secretPasswordKey" . }} - name: Kafka__Consumer__sasl.mechanism - value: {{ .Values.externalKafka.brokers.consumer.mechanism }} + value: {{ include "featbit.kafka.consumer.mechanism" . }} - name: Kafka__Consumer__security.protocol - value: {{ .Values.externalKafka.brokers.consumer.protocol }} + value: {{ include "featbit.kafka.consumer.protocol" . }} {{- end }} {{- end }} {{- end -}} diff --git a/charts/featbit/templates/api-deployment.yaml b/charts/featbit/templates/api-deployment.yaml index 162a5aa..405d952 100644 --- a/charts/featbit/templates/api-deployment.yaml +++ b/charts/featbit/templates/api-deployment.yaml @@ -69,6 +69,8 @@ spec: env: - name: OLAP__ServiceHost value: {{ printf "http://%s:%s" (include "das.svc.name" .) (include "das.svc.port" .) }} + - name: SSOEnabled + value: {{ .Values.api.ssoEnabled | quote }} {{- include "redis-env" . | indent 12 }} {{- include "mongodb-env" . | indent 12 }} {{- include "kafka-bootstrapservers" . | indent 12 -}} diff --git a/charts/featbit/values.yaml b/charts/featbit/values.yaml index 6a59b5f..f865c40 100644 --- a/charts/featbit/values.yaml +++ b/charts/featbit/values.yaml @@ -111,6 +111,8 @@ ui: api: replicaCount: 1 + ssoEnabled: false + image: registry: docker.io repository: featbit/featbit-api-server @@ -468,14 +470,18 @@ kubectl: isPro: false kafka: - enabled: true + enabled: false nameOverride: featbit-kafka - - replicaCount: 1 - # -- The amount of data to retain in the log for each topic partition: 2Gi - logRetentionBytes: _2_000_000_000 - # -- The minimum age of a log file to be eligible for deletion due to age: 24H - logRetentionHours: 24 + extraConfig: "logRetentionHours=24;logRetentionBytes=_2_000_000_000" + listeners: + client: + protocol: "PLAINTEXT" + controller: + protocol: "PLAINTEXT" + interbroker: + protocol: "PLAINTEXT" + external: + protocol: "PLAINTEXT" provisioning: enabled: true @@ -485,11 +491,10 @@ kafka: - name: "featbit-endusers" - name: "featbit-insights" - persistence: - # - Enable data persistence using PVC. - enabled: true - # -- PVC Storage Request for Kafka data volume. - size: 8Gi + controller: + persistence: + enabled: true + size: 8Gi externalKafka: # - External Kafka brokers. Ignored if `kafka.enabled` is set to `true`. Multiple brokers can be provided as array/list. @@ -519,7 +524,7 @@ clickhouse: replicaCount: 1 auth: username: "default" - password: "supersecret" + password: "featbit" existingSecret: "" existingSecretKey: "" keeper: