core/oc-k8s
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Running all stack

Browse Source
This commit is contained in:
mr
2026-01-06 08:23:16 +01:00
parent 5a0651106d
commit 3d416169e3
56 changed files with 1974 additions and 435 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
opencloud/charts/mongodb/templates/hidden/statefulset.yaml
View File

@@ -96,7 +96,7 @@ spec:
{{- if and .Values.externalAccess.hidden.enabled .Values.externalAccess.autoDiscovery.enabled (eq .Values.externalAccess.hidden.service.type "LoadBalancer") }}
{{- include "mongodb.initContainers.autoDiscovery" . | indent 8 }}
{{- end }}
{{- if and .Values.externalAccess.enabled ( or .Values.externalAccess.service.publicNames .Values.externalAccess.service.domain ) }}
{{- if and .Values.externalAccess.enabled .Values.externalAccess.service.publicNames }}
{{- include "mongodb.initContainers.dnsCheck" . | indent 8 }}
{{- end }}
{{- include "mongodb.initContainer.prepareLogDir" . | nindent 8 }}
@@ -117,6 +117,10 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.name
{{- if include "common.fips.enabled" . }}
- name: OPENSSL_FIPS
value: {{ include "common.fips.config" (dict "tech" "openssl" "fips" .Values.tls.fips "global" .Values.global) | quote }}
{{- end }}
volumeMounts:
{{- if (include "mongodb.autoGenerateCerts" .) }}
- name: certs-volume
@@ -149,6 +153,9 @@ spec:
{{- else if ne .Values.tls.resourcesPreset "none" }}
resources: {{- include "common.resources.preset" (dict "type" .Values.tls.resourcesPreset) | nindent 12 }}
{{- end }}
{{- if .Values.tls.securityContext }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.tls.securityContext "context" $) | nindent 12 }}
{{- end }}
{{- end }}
containers:
- name: mongodb
@@ -196,6 +203,10 @@ spec:
value: "hidden"
- name: MONGODB_INITIAL_PRIMARY_HOST
value: {{ include "mongodb.initialPrimaryHost" . | quote }}
{{- if include "common.fips.enabled" . }}
- name: OPENSSL_FIPS
value: {{ include "common.fips.config" (dict "tech" "openssl" "fips" .Values.hidden.fips "global" .Values.global) | quote }}
{{- end }}
- name: MONGODB_REPLICA_SET_NAME
value: {{ .Values.replicaSetName | quote }}
{{- if and .Values.replicaSetHostnames (not .Values.externalAccess.hidden.enabled) }}
@@ -214,14 +225,25 @@ spec:
{{- end }}
{{- if .Values.auth.enabled }}
{{- if and (not (empty $customUsers)) (not (empty $customDatabases)) }}
{{- if .Values.usePasswordFiles }}
- name: MONGODB_EXTRA_PASSWORDS_FILE
value: "/opt/bitnami/mongodb/secrets/mongodb-passwords"
{{- else }}
- name: MONGODB_EXTRA_PASSWORDS
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-passwords
{{- end }}
{{- end }}
- name: MONGODB_ROOT_USER
value: {{ .Values.auth.rootUser | quote }}
{{- if .Values.usePasswordFiles }}
- name: MONGODB_ROOT_PASSWORD_FILE
value: "/opt/bitnami/mongodb/secrets/mongodb-root-password"
- name: MONGODB_REPLICA_SET_KEY_FILE
value: "/opt/bitnami/mongodb/secrets/mongodb-replica-set-key"
{{- else }}
- name: MONGODB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
@@ -233,10 +255,15 @@ spec:
name: {{ include "mongodb.secretName" . }}
key: mongodb-replica-set-key
{{- end }}
{{- end }}
{{- if and .Values.metrics.enabled (not (empty .Values.metrics.username)) }}
- name: MONGODB_METRICS_USERNAME
value: {{ .Values.metrics.username | quote }}
{{- if .Values.auth.enabled }}
{{- if .Values.usePasswordFiles }}
- name: MONGODB_METRICS_PASSWORD_FILE
value: "/opt/bitnami/mongodb/secrets/mongodb-metrics-password"
{{- else }}
- name: MONGODB_METRICS_PASSWORD
valueFrom:
secretKeyRef:
@@ -244,6 +271,7 @@ spec:
key: mongodb-metrics-password
{{- end }}
{{- end }}
{{- end }}
- name: ALLOW_EMPTY_PASSWORD
value: {{ ternary "no" "yes" .Values.auth.enabled | quote }}
- name: MONGODB_SYSTEM_LOG_VERBOSITY
@@ -329,6 +357,10 @@ spec:
subPath: {{ .Values.hidden.persistence.subPath }}
- name: common-scripts
mountPath: /bitnami/scripts
{{- if and .Values.usePasswordFiles .Values.auth.enabled }}
- name: mongodb-secrets
mountPath: /opt/bitnami/mongodb/secrets
{{- end }}
{{- if or .Values.initdbScriptsConfigMap .Values.initdbScripts }}
- name: custom-init-scripts
mountPath: /docker-entrypoint-initdb.d
@@ -390,6 +422,13 @@ spec:
{{- else }}
args:
- |
{{- if and .Values.usePasswordFiles .Values.auth.enabled }}
{{- if .Values.metrics.username }}
export MONGODB_METRICS_PASSWORD="$(< $MONGODB_METRICS_PASSWORD_FILE)"
{{- else }}
export MONGODB_ROOT_PASSWORD="$(< $MONGODB_ROOT_PASSWORD_FILE)"
{{- end }}
{{- end }}
/bin/mongodb_exporter {{ include "mongodb.exporterArgs" $ }} --mongodb.direct-connect --mongodb.global-conn-pool --mongodb.uri "{{ include "mongodb.mongodb_exporter.uri" . }}" {{ .Values.metrics.extraFlags }}
{{- end }}
env:
@@ -397,14 +436,23 @@ spec:
{{- if not .Values.metrics.username }}
- name: MONGODB_ROOT_USER
value: {{ .Values.auth.rootUser | quote }}
{{- if .Values.usePasswordFiles }}
- name: MONGODB_ROOT_PASSWORD_FILE
value: "/opt/bitnami/mongodb/secrets/mongodb-root-password"
{{- else }}
- name: MONGODB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-root-password
{{- end }}
{{- else }}
- name: MONGODB_METRICS_USERNAME
value: {{ .Values.metrics.username | quote }}
{{- if .Values.usePasswordFiles }}
- name: MONGODB_METRICS_PASSWORD_FILE
value: "/opt/bitnami/mongodb/secrets/mongodb-metrics-password"
{{- else }}
- name: MONGODB_METRICS_PASSWORD
valueFrom:
secretKeyRef:
@@ -412,10 +460,21 @@ spec:
key: mongodb-metrics-password
{{- end }}
{{- end }}
{{- end }}
{{- if include "common.fips.enabled" . }}
- name: OPENSSL_FIPS
value: {{ include "common.fips.config" (dict "tech" "openssl" "fips" .Values.metrics.fips "global" .Values.global) | quote }}
- name: GODEBUG
value: {{ include "common.fips.config" (dict "tech" "golang" "fips" .Values.metrics.fips "global" .Values.global) | quote }}
{{- end }}
volumeMounts:
- name: empty-dir
mountPath: /tmp
subPath: tmp-dir
{{- if and .Values.usePasswordFiles .Values.auth.enabled }}
- name: mongodb-secrets
mountPath: /opt/bitnami/mongodb/secrets
{{- end }}
{{- if .Values.tls.enabled }}
- name: certs
mountPath: /certs
@@ -468,7 +527,12 @@ spec:
- name: common-scripts
configMap:
name: {{ printf "%s-common-scripts" (include "mongodb.fullname" .) }}
defaultMode: 0o555
defaultMode: 0555
{{- if and .Values.usePasswordFiles .Values.auth.enabled }}
- name: mongodb-secrets
secret:
secretName: {{ include "mongodb.secretName" . }}
{{- end }}
{{- if or .Values.initdbScriptsConfigMap .Values.initdbScripts }}
- name: custom-init-scripts
configMap:
@@ -486,7 +550,7 @@ spec:
- name: scripts
configMap:
name: {{ printf "%s-scripts" (include "mongodb.fullname" .) }}
defaultMode: 0o755
defaultMode: 0755
{{- if .Values.hidden.extraVolumes }}
{{- include "common.tplvalues.render" (dict "value" .Values.hidden.extraVolumes "context" $) | nindent 8 }}
{{- end }}
@@ -500,10 +564,10 @@ spec:
items:
- key: mongodb-ca-cert
path: mongodb-ca-cert
mode: 0o600
mode: 0600
- key: mongodb-ca-key
path: mongodb-ca-key
mode: 0o600
mode: 0600
{{- else }}
{{- range $index, $secret := .Values.tls.hidden.existingSecrets }}
- name: mongodb-certs-{{ $index }}