Make environment of migrate job identical to the regular web container deployment, as it should be.

Added the declaration of resources in pre-install-job.yaml

See merge request burke-software/django-helm-chart!10

CHANGELOG.md

@@ -0,0 +1,9 @@
+No release is stable. Do not use in production.
+
+# Unreleased
+
+# 1.0.0
+
+- Add volume mounts
+- Latest major postgres/redis versions
+- Rename preInstall to migrateJob

Chart.lock

@@ -1,9 +1,9 @@
 dependencies:
 - name: postgresql
   repository: https://charts.bitnami.com/bitnami
-  version: 12.1.15
+  version: 15.5.16
 - name: redis
   repository: https://charts.bitnami.com/bitnami
-  version: 17.3.18
-digest: sha256:51da30e025c538b229b1cfaba062c53dea8bf3f520fca460c6afc294c58bdc76
-generated: "2023-02-22T20:26:38.305910383-05:00"
+  version: 19.6.1
+digest: sha256:5e21575062cdcef4e947b4f89741e95138d93207f91d5074d53397d9c414f0a1
+generated: "2024-07-15T13:58:06.767935373-04:00"

Chart.yaml

@@ -14,7 +14,7 @@ type: application
 
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
-version: 0.3.1
+version: 1.0.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application.
@@ -22,10 +22,10 @@ appVersion: 1.0.0
 
 dependencies:
   - name: postgresql
-    version: ~12.1.2
+    version: ^15.5.16
     repository: https://charts.bitnami.com/bitnami
     condition: postgresql.enabled
   - name: redis
-    version: ~17.3.11
+    version: ^19.6.1
     repository: https://charts.bitnami.com/bitnami
     condition: redis.enabled

README.md

@@ -1,8 +1,8 @@
 # Django Helm Chart
 
-A generic Django (plus Celery) Helm chart.
+A generic Django (plus Celery) Helm chart demonstration. Do not use directly in production.
 
-Contributions are welcome as merge requests. Please only open issues that you'd like to implement yourself or fund. Do not open support or feature requests. This chart is **not** intended to cover every use case with Django and Helm. It's a personal project that you are welcome to view and fork. Breaking changes to your workflow may happen at any time and without warning. 
+Contributions may be accepted as merge requests. Be respectful of my time. I will not review if I do not have time. Fork the project instead. Please only open issues that you'd like to implement yourself or fund. Do not open support or feature requests. This chart is **not** intended to cover every use case with Django and Helm. It's a personal project that you are welcome to view and fork. Breaking changes to your workflow may happen at any time and without warning.
 
 # Preparing your Django app
 
@@ -39,6 +39,8 @@ Remember that Kubernetes "args" are Docker's CMD (or command). Pretty confusing!
 
 # Usage
 
+Use only for demonstration purposes. Fork the repo for production.
+
 1. Add our Helm chart repo `helm repo add django https://gitlab.com/api/v4/projects/26807467/packages/helm/stable`
 2. Review our values.yaml. At a minimum you'll need to set env.secret.SECRET_KEY and env.secret.DATABASE_URL.
 3. Install the chart `helm install your-app django/django -f your-values.yml`
@@ -56,6 +58,7 @@ I suggest either
 - Keep them in a values.yml file in a private repo
 - Make use of --reuse-values and --set
 - Keep them in a non helm chart managed service
+- Use the opentofu helm provider, with a secure state backend or encrypted state.
 
 ## Deploying in CI
 
@@ -69,3 +72,5 @@ Maintaining this chart takes time. Considering supporting it by
 - Check out [GlitchTip](https://glitchtip.com) error tracking, which is where this project started
 
 Commercial support is available - email info@burkesoftware.com
+
+If you want the scope of this project to include more, such as better merge request review or stable releases. You should consider forking it, talk to me about being a maintainer, or fund it.

templates/beat/deployment.yaml

@@ -62,6 +62,10 @@ spec:
             {{- end }}
             - configMapRef:
                 name: {{ include "django.fullname" . }}
+          {{- with .Values.extraVolumeMounts }}
+          volumeMounts:
+            {{- toYaml . | nindent 10 }}
+          {{- end }}
       {{- with .Values.beat.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}
@@ -74,5 +78,9 @@ spec:
       tolerations:
         {{- toYaml . | nindent 8 }}
       {{- end }}
+      {{- with .Values.extraVolumes }}
+      volumes:
+        {{- toYaml . | nindent 6 }}
+      {{- end }}
 {{- end }}
 {{- end }}

templates/flower/deployment.yaml

@@ -17,7 +17,6 @@ spec:
       annotations:
         checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }}
         checksum/configmap: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
-        tag: "{{ .Values.image.tag }}"
         {{- if .Values.flower.podAnnotations }}
         {{- include "common.tplvalues.render" ( dict "value" .Values.flower.podAnnotations "context" $ ) | nindent 8 }}
         {{- end }}
@@ -25,7 +24,7 @@ spec:
         {{- include "django.selectorLabels" . | nindent 8 }}
         app.kubernetes.io/component: flower
     spec:
-    {{- with .Values.imagePullSecrets }}
+    {{- with .Values.flower.imagePullSecrets }}
       imagePullSecrets:
         {{- toYaml . | nindent 8 }}
     {{- end }}
@@ -38,8 +37,8 @@ spec:
           {{- end }}
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
-          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          image: "{{ .Values.flower.image.repository }}:{{ .Values.flower.image.tag }}"
+          imagePullPolicy: {{ .Values.flower.image.pullPolicy }}
           ports:
           - containerPort: 5555
             name: http

templates/migrate-job.yaml

@@ -0,0 +1,66 @@
+{{- if .Values.migrationJob.enabled -}}
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ include "django.fullname" . }}-migrate
+  labels:
+    {{- include "django.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": post-install,pre-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+    "helm.sh/hook-weight": "0"
+    checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }}
+    checksum/configmap: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+    tag: "{{ .Values.image.tag }}"
+spec:
+  activeDeadlineSeconds: {{ default 900 .Values.migrationJob.activeDeadlineSeconds }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/component: migrate-job
+        {{- include "django.selectorLabels" . | nindent 8 }}
+    spec:
+    {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+      serviceAccountName: {{ include "django.serviceAccountName" . }}
+      restartPolicy: Never
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      containers:
+      - name: migrate-job
+        securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+        image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        {{- if .Values.migrationJob.resources }}        
+        resources: {{ toYaml .Values.migrationJob.resources | nindent 12 }}
+        {{- end }}
+        command: {{ .Values.migrationJob.command | default (list "./manage.py" "migrate") | toJson }}
+        env:
+{{- if .Values.postgresql.enabled }}
+          - name: DATABASE_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: {{ default (include "django.postgresql.fullname" .) .Values.postgresql.auth.existingSecret }}
+                key: postgres-password
+{{- end }}
+        envFrom:
+          - secretRef:
+              name: {{ include "django.fullname" . }}
+          {{- if .Values.existingSecret }}
+          - secretRef:
+              name: {{ .Values.existingSecret }}
+          {{- end }}
+          - configMapRef:
+              name: {{ include "django.fullname" . }}
+        {{- with .Values.extraVolumeMounts }}
+        volumeMounts:
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- with .Values.extraVolumes }}
+      volumes:
+        {{- toYaml . | nindent 6 }}
+      {{- end }}
+{{- end }}

templates/pre-install-job.yaml

@@ -1,52 +0,0 @@
-{{- if .Values.preInstall.enabled -}}
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: {{ include "django.fullname" . }}
-  labels:
-    {{- include "django.labels" . | nindent 4 }}
-  annotations:
-    "helm.sh/hook": post-install,pre-upgrade
-    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
-    "helm.sh/hook-weight": "0"
-    checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }}
-    checksum/configmap: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
-    tag: "{{ .Values.image.tag }}"
-spec:
-  activeDeadlineSeconds: {{ default 900 .Values.preInstall.activeDeadlineSeconds }}
-  template:
-    spec:
-    {{- with .Values.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-    {{- end }}
-      restartPolicy: Never
-      containers:
-      - name: pre-install-job
-        image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
-        imagePullPolicy: {{ .Values.image.pullPolicy }}
-        command: ["./manage.py","migrate"]
-        env:
-          - name: DEBUG
-            value: "False"
-{{- if .Values.env.secret.DATABASE_URL }}
-          - name: DATABASE_URL
-            value: {{ .Values.env.secret.DATABASE_URL }}
-{{- end }}
-{{- if .Values.postgresql.enabled }}
-          - name: DATABASE_PASSWORD
-            valueFrom:
-              secretKeyRef:
-                name: {{ include "django.postgresql.fullname" . }}
-                key: postgres-password
-{{- end }}
-          - name: SECRET_KEY
-            value: {{ required "env.secret.SECRET_KEY is a required value." .Values.env.secret.SECRET_KEY }}
-        {{- range $k, $v := .Values.env.normal }}
-          - name: {{ $k }}
-            value: {{ $v | quote }}
-        {{- end }}
-        envFrom:
-          - configMapRef:
-              name: {{ include "django.fullname" . }}
-{{- end }}

templates/web/deployment.yaml

@@ -83,6 +83,10 @@ spec:
             {{- end }}
             - configMapRef:
                 name: {{ include "django.fullname" . }}
+          {{- with .Values.extraVolumeMounts }}
+          volumeMounts:
+            {{- toYaml . | nindent 10 }}
+          {{- end }}
       {{- with .Values.web.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}
@@ -95,3 +99,7 @@ spec:
       tolerations:
         {{- toYaml . | nindent 8 }}
     {{- end }}
+      {{- with .Values.extraVolumes }}
+      volumes:
+        {{- toYaml . | nindent 6 }}
+      {{- end }}

templates/worker/deployment.yaml

@@ -41,6 +41,10 @@ spec:
             {{- toYaml .Values.securityContext | nindent 12 }}
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
           imagePullPolicy: {{ .Values.image.pullPolicy }}
+          {{- if .Values.worker.livenessProbe }}
+          livenessProbe:
+            {{- .Values.worker.livenessProbe | toYaml | nindent 12 }}
+          {{- end }}
           resources:
             {{- toYaml .Values.worker.resources | nindent 12 }}
           env:
@@ -62,6 +66,10 @@ spec:
             {{- end }}
             - configMapRef:
                 name: {{ include "django.fullname" . }}
+          {{- with .Values.extraVolumeMounts }}
+          volumeMounts:
+            {{- toYaml . | nindent 10 }}
+          {{- end }}
       {{- with .Values.worker.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}
@@ -74,4 +82,8 @@ spec:
       tolerations:
         {{- toYaml . | nindent 8 }}
     {{- end }}
+      {{- with .Values.extraVolumes }}
+      volumes:
+        {{- toYaml . | nindent 6 }}
+      {{- end }}
 {{- end }}

values.yaml

@@ -11,9 +11,13 @@ imagePullSecrets: []
 nameOverride: ""
 fullnameOverride: ""
 
-preInstall:
+migrationJob:
   enabled: true
+  command: []  # Default ./manage.py migrate
   activeDeadlineSeconds: 900
+  resources:
+    limits: {}
+    requests: {}
 
 env:
   normal: {}
@@ -23,6 +27,8 @@ env:
     # REDIS_URL:
 
 existingSecret: ""
+extraVolumeMounts: []
+extraVolumes: []
 
 web:
   replicaCount: 2
@@ -97,6 +103,15 @@ worker:
     maxReplicas: 100
     targetCPUUtilizationPercentage: 90
     # targetMemoryUtilizationPercentage: 80
+  livenessProbe: {}
+    # initialDelaySeconds: 10
+    # periodSeconds: 60
+    # timeoutSeconds: 30
+    # exec:
+    #   command:
+    #     - "bash"
+    #     - "-c"
+    #     - "celery -A django inspect ping -d celery@$HOSTNAME | grep -q OK"
   resources:
     limits:
       cpu: 900m
@@ -125,6 +140,10 @@ beat:
 
 flower:
   enabled: false
+  image:
+    repository: mher/flower
+    tag: latest
+    pullPolicy: IfNotPresent
   resources:
     limits:
       cpu: 500m
@@ -177,3 +196,4 @@ postgresql:
   enabled: false
   #auth:
   #  postgresqlPassword: # Must be set
+