diff --git a/charts/postgres/Chart.yaml b/charts/postgres/Chart.yaml
index 6647b6a229bc12f3ea29209fc9e6b900335b12af..3dc08313391339bd21460a92c34d9fc5614d03c5 100644
--- a/charts/postgres/Chart.yaml
+++ b/charts/postgres/Chart.yaml
@@ -7,6 +7,6 @@ type: application
maintainers:
- name: groundhog2k
-version: 0.2.5
+version: 0.2.6
appVersion: "13.1"
diff --git a/charts/postgres/README.md b/charts/postgres/README.md
index d5e99e834fb0283e6acff81be24e992ec36a7c72..56bf286f24473c6f40f28be848829430b68dc230 100644
--- a/charts/postgres/README.md
+++ b/charts/postgres/README.md
@@ -1,6 +1,6 @@
# PostgreSQL
-  
+  
A Helm chart for PostgreSQL on Kubernetes
@@ -57,6 +57,8 @@ $ helm uninstall my-release
| imagePullSecrets | list | `[]` | Image pull secrets |
| livenessProbe | object | `see values.yaml` | Liveness probe configuration |
| readinessProbe | object | `see values.yaml` | Readiness probe configuration |
+| customLivenessProbe | object | `{}` | Custom liveness probe (overwrites default liveness probe configuration) |
+| customReadinessProbe | object | `{}` | Custom readiness probe (overwrites default readiness probe configuration) |
| resources | object | `{}` | Resource limits and requests |
| nodeSelector | object | `{}` | Deployment node selector |
| podAnnotations | object | `{}` | Additional pod annotations |
diff --git a/charts/postgres/templates/customconfig.yaml b/charts/postgres/templates/customconfig.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..2b12c0abff9303c754933e3d8bbf13542c1f5688
--- /dev/null
+++ b/charts/postgres/templates/customconfig.yaml
@@ -0,0 +1,11 @@
+{{- if .Values.customConfig }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "postgres.fullname" . }}-customconfig
+ labels:
+ {{- include "postgres.labels" . | nindent 4 }}
+data:
+ custom.cnf: |-
+ {{- .Values.customConfig | nindent 4 }}
+{{- end }}
diff --git a/charts/postgres/templates/initdbconfig.yaml b/charts/postgres/templates/inituserdb.yaml
similarity index 71%
rename from charts/postgres/templates/initdbconfig.yaml
rename to charts/postgres/templates/inituserdb.yaml
index cd8ffc770cf60016ba93e9dc5bef81c41540b18f..eabd0c64da87467d10a272da77517f80becbab50 100644
--- a/charts/postgres/templates/initdbconfig.yaml
+++ b/charts/postgres/templates/inituserdb.yaml
@@ -1,15 +1,11 @@
-{{- if or (.Values.customConfig) (.Values.userDatabase) }}
-kind: ConfigMap
+{{- if .Values.userDatabase }}
apiVersion: v1
+kind: ConfigMap
metadata:
- name: {{ include "postgres.fullname" . }}
+ name: {{ include "postgres.fullname" . }}-inituserdb
labels:
{{- include "postgres.labels" . | nindent 4 }}
data:
-{{- if .Values.customConfig }}
- custom.cnf: |-
- {{- .Values.database.customConfig | nindent 4 }}
-{{- end }}
{{- with .Values.userDatabase }}
init-user-db.sh: |-
#!/bin/bash
@@ -20,4 +16,4 @@ data:
GRANT ALL PRIVILEGES ON DATABASE :USERDBNAME TO :USERDBUSER;
EOSQL
{{- end }}
-{{- end }}
\ No newline at end of file
+{{- end }}
diff --git a/charts/postgres/templates/secureconfig.yaml b/charts/postgres/templates/secureconfig.yaml
index 8ed3b8dcfb504f0cc4436696831266ad88b1a90f..895b90e0b11d938e27b0d0e1b1fb069f7ee8e078 100644
--- a/charts/postgres/templates/secureconfig.yaml
+++ b/charts/postgres/templates/secureconfig.yaml
@@ -1,17 +1,30 @@
+{{- $existingSuperuserPassword := "" }}
+{{- $existingUserDbName := "" }}
+{{- $existingUserDbUser := "" }}
+{{- $existingUserDbPassword := "" }}
+{{- $secret := (lookup "v1" "Secret" .Release.Namespace (include "postgres.fullname" .) ) }}
+{{- if $secret }}
+{{- $existingSuperuserPassword = index $secret.data "POSTGRES_PASSWORD" }}
+{{- $existingUserDbName = index $secret.data "USERDB_NAME" }}
+{{- $existingUserDbUser = index $secret.data "USERDB_USER" }}
+{{- $existingUserDbPassword = index $secret.data "USERDB_PASSWORD" }}
+{{- end -}}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "postgres.fullname" . }}
labels:
{{- include "postgres.labels" . | nindent 4 }}
-stringData:
+type: Opaque
+data:
{{- with .Values.settings }}
- POSTGRES_PASSWORD: {{ .superuserPassword | default (randAlphaNum 10) }}
- POSTGRES_USER: "postgres"
- POSTGRES_HOST_AUTH_METHOD: {{ .authMethod }}
+ POSTGRES_PASSWORD: {{ coalesce (.superuserPassword | default "" | b64enc) $existingSuperuserPassword (randAlphaNum 10 | b64enc) }}
+ POSTGRES_USER: {{ "postgres" | b64enc }}
{{- end }}
{{- with .Values.userDatabase }}
- USERDB_PASSWORD: {{ .password | default (randAlphaNum 10) }}
- USERDB_USER: {{ .user }}
- USERDB_NAME: {{ .name }}
+ {{- $userDbName := coalesce (.name | default "" | b64enc) $existingUserDbName }}
+ {{- $userDbUser := coalesce (.user | default "" | b64enc) $existingUserDbUser }}
+ USERDB_NAME: {{ required "Values: userDatabase.name is mandatory if userDatabase is specified." $userDbName }}
+ USERDB_USER: {{ required "Values: userDatabase.user is mandatory if userDatabase is specified." $userDbUser }}
+ USERDB_PASSWORD: {{ coalesce (.password | default "" | b64enc) $existingUserDbPassword (randAlphaNum 10 | b64enc) }}
{{- end }}
diff --git a/charts/postgres/templates/statefulset.yaml b/charts/postgres/templates/statefulset.yaml
index 3bd25ab72e7d2d02a07530b728b22d14eabe8cd5..3a0054426014f2327925de54e44a3e2ab85e07cc 100644
--- a/charts/postgres/templates/statefulset.yaml
+++ b/charts/postgres/templates/statefulset.yaml
@@ -12,10 +12,11 @@ spec:
{{- include "postgres.selectorLabels" . | nindent 6 }}
template:
metadata:
- {{- with .Values.podAnnotations }}
annotations:
+ checksum/customconfig: {{ include (print $.Template.BasePath "/customconfig.yaml") . | sha256sum }}
+ {{- with .Values.podAnnotations }}
{{- toYaml . | nindent 8 }}
- {{- end }}
+ {{- end }}
labels:
{{- include "postgres.selectorLabels" . | nindent 8 }}
spec:
@@ -43,6 +44,10 @@ spec:
env:
- name: PGDATA
value: /var/lib/postgresql/data/pg
+ {{- if .Values.settings.authMethod }}
+ - name: POSTGRES_HOST_AUTH_METHOD
+ value: {{ .Values.settings.authMethod }}
+ {{- end }}
{{- if .Values.settings.initDbArgs }}
- name: POSTGRES_INITDB_ARGS
value: {{ .Values.settings.initDbArgs }}
@@ -53,6 +58,10 @@ spec:
envFrom:
- secretRef:
name: {{ include "postgres.fullname" . }}
+ {{- if .Values.customLivenessProbe }}
+ livenessProbe:
+ {{- toYaml .Values.customLivenessProbe | nindent 12 }}
+ {{- else }}
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
exec:
@@ -68,6 +77,11 @@ spec:
periodSeconds: {{ .periodSeconds }}
{{- end }}
{{- end }}
+ {{- end }}
+ {{- if .Values.customReadinessProbe }}
+ readinessProbe:
+ {{- toYaml .Values.customReadinessProbe | nindent 12 }}
+ {{- else }}
{{- if .Values.readinessProbe.enabled }}
readinessProbe:
exec:
@@ -83,6 +97,7 @@ spec:
periodSeconds: {{ .periodSeconds }}
{{- end }}
{{- end }}
+ {{- end }}
{{- with .Values.resources }}
resources:
{{- toYaml . | nindent 12 }}
@@ -103,12 +118,12 @@ spec:
{{- if .Values.customConfig }}
- mountPath: /etc/postgresql/postgresql.conf
subPath: postgresql.conf
- name: initdbconfig
+ name: customconfig
{{- end }}
{{- if .Values.userDatabase }}
- mountPath: /docker-entrypoint-initdb.d/init-user-db.sh
subPath: init-user-db.sh
- name: initdbconfig
+ name: inituserdb
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
@@ -127,10 +142,15 @@ spec:
emptyDir: {}
- name: tmp
emptyDir: {}
- {{- if or (.Values.customConfig) (.Values.userDatabase) }}
- - name: initdbconfig
+ {{- if .Values.customConfig }}
+ - name: customconfig
+ configMap:
+ name: {{ include "postgres.fullname" . }}-customconfig
+ {{- end }}
+ {{- if .Values.userDatabase }}
+ - name: inituserdb
configMap:
- name: {{ include "postgres.fullname" . }}
+ name: {{ include "postgres.fullname" . }}-inituserdb
defaultMode: 0555
{{- end }}
{{- with .Values.storage }}
diff --git a/charts/postgres/values.yaml b/charts/postgres/values.yaml
index 654bba752b1d1e3eacdc40a845db971786480fad..35e2b93109e3922c8f54c715e4998e4c6d178ec7 100644
--- a/charts/postgres/values.yaml
+++ b/charts/postgres/values.yaml
@@ -64,6 +64,9 @@ tolerations: []
affinity: {}
+## Custom liveness probe (overwrites default liveness probe)
+customLivenessProbe: {}
+
## Default health check
livenessProbe:
enabled: true
@@ -73,6 +76,9 @@ livenessProbe:
successThreshold: 1
periodSeconds: 10
+## Custom readiness probe (overwrites default readiness probe)
+customReadinessProbe: {}
+
## Default readiness probe
readinessProbe:
enabled: true
@@ -94,7 +100,7 @@ settings:
superuserPassword:
## Postgres database authentication method (default: md5)
- authMethod: md5
+ authMethod: "md5"
## Optional init database arguments
initDbArgs: