search

jfrog / charts

JFrog official Helm Charts
https://jfrog.com/integration/helm-repository/
Apache License 2.0
257 stars 447 forks source link

.Values.nginx.customVolumeMounts does not appear to be respected #1689

Closed tomgeorge closed 2 years ago

tomgeorge commented 2 years ago

Is this a request for help?: YES

Is this a BUG REPORT or FEATURE REQUEST? (choose one): BUG REPORT

Version of Helm and Kubernetes:

helm v3.8.1+g5cb9af4 Kubernetes 1.20

Which chart:

stable/artifactory

Which product license (Enterprise/Pro/oss): Enterprise

What happened:

We have a chart that uses artifactory as a subchart. We are trying to include a custom volume mount for nginx. nginx.customVolumes appear to work fine, nginx.customVolumeMounts, however, do not. Some relevant sections of the chart:

global: # these are custom keys that we use to configure artifactory
  signalSciences:
    enabled: true
artifactory:
  ...
  artifactory:
   ...
  nginx:
    customVolumeMounts: | # neither of these work
      - name: some-volume
        mountPath: /some/volume
      {{- if .Values.global.signalSciences.enabled }}
      - name: sigsci-tmp
        mountPath: /sigsci/tmp
      {{- end }} 
    uid: 100
    gid: 101
    image:
      registry: developer-tooling
      repository: nginx
    customInitContainers: |
      {{- if .Values.global.fluentd.enabled }}
      - name: "prepare-fluentd-conf"
        image: releases-docker.jfrog.io/alpine:3.14.0
        imagePullPolicy: IfNotPresent
        env:
        - name: DATADOG_API_KEY
          valueFrom:
            secretKeyRef:
              name: datadog-api-key
              key: api-key
        command:
          - 'sh'
          - '-c'
          - >
            mkdir -p {{ .Values.nginx.persistence.mountPath }}/etc/fluentd/;
            sed "s/API_KEY/$DATADOG_API_KEY/" /config/fluentd/fluentd.conf > {{ .Values.nginx.persistence.mountPath }}/etc/fluentd/fluentd.conf
        volumeMounts:
          - mountPath: "{{ .Values.nginx.persistence.mountPath }}"
            name: nginx-volume
          - mountPath: /config/fluentd
            name: fluentd-configuration
      {{- end }}
    customSidecarContainers: |
      {{- if .Values.global.fluentd.enabled }}
      - name: "nginx-fluentd-sidecar"
        image: "partnership-public-images.jfrog.io/fluentd/fluentd:1.13.2"
        imagePullPolicy: "IfNotPresent"
        volumeMounts:
          - mountPath: "{{ .Values.nginx.persistence.mountPath }}"
            name: nginx-volume
        env:
          - name: JF_PRODUCT_DATA_INTERNAL
            value: {{ .Values.nginx.persistence.mountPath }}
          - name: FLUENTD_CONF
            value: ../../../../{{ .Values.nginx.persistence.mountPath }}/etc/fluentd/fluentd.conf
      {{- end }}
      {{- if .Values.global.signalSciences.enabled }}
      - name: sigsci-agent
        image: signalsciences/sigsci-agent:4.34.0
        imagePullPolicy: Always
        env:
        - name: SIGSCI_ACCESSKEYID
          valueFrom:
            secretKeyRef:
              name: signal-sciences-credentials
              key: access-key-id
        - name: SIGSCI_SECRETACCESSKEY
          valueFrom:
            secretKeyRef:
              name: signal-sciences-credentials
              key: secret-access-key
        securityContext:
          readOnlyRootFilesystem: true
        lifecycle:
          preStop:
            exec:
              command:
                - sleep
                - "30"
        volumeMounts:
          - name: sigsci-tmp
            mountPath: /sigsci/tmp
      {{- end }}
    customVolumes: |
      {{- if .Values.global.fluentd.enabled }}
      - name: fluentd-configuration
        configMap:
          name: {{ .Release.Name }}-nginx-fluentd-configuration
      {{- end }}
      {{- if .Values.global.signalSciences.enabled }}
      - name: sigsci-tmp
        emptyDir: {}
      {{- end }}
    enabled: true
    loggers:
      - access.log
      - error.log
    mainConf: |
      ...
    artifactoryConf: |
      ...
   ...

What you expected to happen:

I expect the rendered deployment template to have two additional volume mounts, one for some-volume and one for sigsci-tmp

How to reproduce it (as minimally and precisely as possible):

Add a customVolumeMount to the nginx key.

Anything else we need to know:

shahiinn commented 2 years ago

@tomgeorge : We were not able to reproduce the issue on our end. In order to replicate the scenario we have tried the helm install with below values file .

helm upgrade --install artifactory jfrog/artifactory --version 107.46.6 -f ~/art-values.yaml

databaseUpgradeReady: true
artifactory:
  joinKey: EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE
  masterKey: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
postgresql:
  postgresqlPassword: password

global: # these are custom keys that we use to configure artifactory
  signalSciences:
    enabled: true

nginx:
  customVolumeMounts: | # neither of these work
    {{- if .Values.global.signalSciences.enabled }}
    - name: sigsci-tmp
      mountPath: /sigsci/tmp
    {{- end }} 
  customVolumes: |
    {{- if .Values.global.signalSciences.enabled }}
    - name: sigsci-tmp
      emptyDir: {}
    {{- end }}

We were able to find the customMount also to be part of the describe.

Mounts:
   /etc/nginx/nginx.conf from nginx-conf (rw,path="nginx.conf")
   /sigsci/tmp from sigsci-tmp (rw)
   /var/opt/jfrog/nginx from nginx-volume (rw)
   /var/opt/jfrog/nginx/conf.d/ from nginx-artifactory-conf (rw)
   /var/opt/jfrog/nginx/ssl from ssl-certificates (rw)
   /var/run/secrets/kubernetes.io/serviceaccount from default-token-xr7sj (ro)

Further we have tried with the platform chart which uses artifactory as its subchart with the below yaml file.

helm upgrade --install jp jfrog/jfrog-platform -f values.yaml

# Default values for jfrog-platform.
GAUpgradeReady: true

global: # these are custom keys that we use to configure artifactory
  signalSciences:
    enabled: true

artifactory:
  artifactory:
    persistence:
    enabled: false
  nginx:
    customVolumeMounts: | # neither of these work
      {{- if .Values.global.signalSciences.enabled }}
      - name: sigsci-tmp
        mountPath: /sigsci/tmp
      {{- end }} 
    customVolumes: |
      {{- if .Values.global.signalSciences.enabled }}
      - name: sigsci-tmp
        emptyDir: {}
      {{- end }}
    enabled: true
    loggers:
      - access.log
      - error.log

rabbitmq:
  enabled: false
redis:
  enabled: false

xray:
  enabled: false

distribution:
  enabled: false

insight:
  enabled: false

pipelines:
  enabled: false

Mounts were showing correctly in these case as well. If you are using an older version of the chart, kindly try it with the latest. Kindly let us know if you need any further help.

tomgeorge commented 2 years ago

The issue seems to resolve itself on the latest. We were using a 7.41.x release