-
Notifications
You must be signed in to change notification settings - Fork 74
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Introduce new customization options and restricted config filesystems #92
Conversation
with some small and some large changes. A summary is: - Bump up from stable-8719 to stable-8960-1 - Add /config as emptyDir, to support readOnlyRootFilesystem - Make defaults config and cont-init scripts customize at deploy time - Add nodePorts for Prosody and Web for restricted Kubernetes deployments - Add example configurations, and Makefile, to test changes quickly
@spijet May you have a review please. |
Hello @at-platform24! Sorry for the huge delay. I've added some comments to the PR, please reply when you have time. Do I understand it right that if the custom defaults file value is empty or unset, the ConfigMap field gets populated with a stub comment, and there will be no record for that file in Also, can you please elaborate on the |
That is correct.
Our use case is where we can use the external prosody instance, however, having the full config available from the helm release make external prosody configuration teaks and validation mush simpler, as well as being able to quickly stop/ start different versions during upgrades, having a safe and fast rollback path where run in-cluster prosody. Thank you for the thoughtful review, and excellent work in maintaining this chart. |
Hmm, maybe we could add a new option that disables the provision of Prosody (the StatefulSet, Service and whatnot) while keeping all the ConfigMaps and Secrets intact? I think it might be easier than explaining that the |
Makes sense. fixed this, along with adding a comment. However, have not removed full manifest creation since it is useful to know what all is needed by prosody. PR title is no longer relevant, but I guess that should not be a problem 😄 |
Oh, I just realized that I forgot to actually submit the review. 🤦♂️ Sorry, I'll update the comments and submit the review in a moment. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please refer to the in-file comments for details.
One question about version. |
Let's do a minor version bump ( |
Also, since the Makefile and the custom configuration examples are not going to be rendered by Helm and applied to the k8s cluster during chart install, it makes sense to add the |
All changes applied. |
There are cases where we may prefer to create common secrets outside the chart and override values filled from configmaps or secrets created from this chart. Common usecases would be Hashicorp Vault/ 1Password operator integrations. This commits makes such overrides possible.
Sorry for the delay. :( |
Once again, sorry for the delay. The Christmas / New Year holidays are a busy period here. 😅 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall looking good, I hope this review is the last before merging. :D
I just merged #99, so keep an eye out for any possible conflicts and be ready to rebase if needed. 👀 |
luckily for me no conflicts occurred on merge. |
Let's do one final push with the "bundled vs external" Prosody knob and the ConfigMap permissions and I'll merge it right away. :) |
Yep, looking good to me! Merging. Thank you for your time and once again sorry for the delays! |
with some small and some large changes.
A summary is: