centralcloud/oncall-engine
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'dev' into slack-wrongworkspace-warning

Browse source
This commit is contained in:
Yulia Shanyrova 2022-11-02 10:31:16 +01:00
commit c1c8507ed2
19 changed files with 355 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
CHANGELOG.md
View file

@ -1,5 +1,10 @@
# Change Log
## v1.0.49 (2022-11-01)
- Enable SMTP email backend by default
- Fix Grafana sidebar frontend bug
## v1.0.48 (2022-11-01)
- verify_number management command

47
docker-compose-developer-pg.yml
View file

@ -15,6 +15,11 @@ services:
limits:
memory: 500m
cpus: '0.5'
healthcheck:
test: ["CMD", "pg_isready", "-U", "postgres"]
interval: 10s
timeout: 5s
retries: 5
redis:
image: redis
@ -42,37 +47,27 @@ services:
- "15672:15672"
- "5672:5672"
mysql-to-create-grafana-db:
image: mysql:5.7
platform: linux/x86_64
command: --default-authentication-plugin=mysql_native_password --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
restart: always
ports:
- "3306:3306"
environment:
MYSQL_ROOT_PASSWORD: empty
MYSQL_DATABASE: grafana
deploy:
resources:
limits:
memory: 500m
cpus: '0.5'
healthcheck:
test: [ "CMD", "mysqladmin" ,"ping", "-h", "localhost" ]
timeout: 20s
retries: 10
postgres_to_create_grafana_db:
image: postgres:14.4
command: bash -c "PGPASSWORD=empty psql -U postgres -h postgres -tc \"SELECT 1 FROM pg_database WHERE datname = 'grafana'\" | grep -q 1 || PGPASSWORD=empty psql -U postgres -h postgres -c \"CREATE DATABASE grafana\""
depends_on:
postgres:
condition: service_healthy
grafana:
image: "grafana/grafana:main"
restart: always
environment:
GF_DATABASE_TYPE: mysql
GF_DATABASE_HOST: mysql
GF_DATABASE_USER: root
GF_DATABASE_TYPE: postgres
GF_DATABASE_HOST: postgres:5432
GF_DATABASE_NAME: grafana
GF_DATABASE_USER: postgres
GF_DATABASE_PASSWORD: empty
GF_SECURITY_ADMIN_USER: oncall
GF_SECURITY_ADMIN_PASSWORD: oncall
GF_DATABASE_SSL_MODE: disable
GF_SECURITY_ADMIN_USER: ${GRAFANA_USER:-admin}
GF_SECURITY_ADMIN_PASSWORD: ${GRAFANA_PASSWORD:-admin}
GF_PLUGINS_ALLOW_LOADING_UNSIGNED_PLUGINS: grafana-oncall-app
GF_INSTALL_PLUGINS: grafana-oncall-app
deploy:
resources:
limits:
@ -83,5 +78,7 @@ services:
ports:
- "3000:3000"
depends_on:
mysql-to-create-grafana-db:
postgres_to_create_grafana_db:
condition: service_completed_successfully
postgres:
condition: service_healthy

14
engine/apps/email/tasks.py
View file

@ -39,6 +39,20 @@ def notify_user_async(user_pk, alert_group_pk, notification_policy_pk):
logger.warning(f"User notification policy {notification_policy_pk} does not exist")
return
# create an error log in case EMAIL_HOST is not specified
if not live_settings.EMAIL_HOST:
UserNotificationPolicyLogRecord.objects.create(
author=user,
type=UserNotificationPolicyLogRecord.TYPE_PERSONAL_NOTIFICATION_FAILED,
notification_policy=notification_policy,
alert_group=alert_group,
reason="Error while sending email",
notification_step=notification_policy.step,
notification_channel=notification_policy.notify_by,
)
logger.error(f"Error while sending email: empty EMAIL_HOST env variable")
return
emails_left = user.organization.emails_left(user)
if emails_left <= 0:
UserNotificationPolicyLogRecord.objects.create(

39
engine/apps/email/tests/test_notify_user.py
View file

@ -24,6 +24,7 @@ def test_notify_user(
make_user_notification_policy,
):
settings.EMAIL_BACKEND = "django.core.mail.backends.locmem.EmailBackend"
settings.EMAIL_HOST = "test"
organization = make_organization()
user = make_user_for_organization(organization)
@ -44,6 +45,42 @@ def test_notify_user(
assert len(mail.outbox) == 1
@pytest.mark.django_db
def test_notify_empty_email_host(
settings,
make_organization,
make_user_for_organization,
make_token_for_organization,
make_alert_receive_channel,
make_alert_group,
make_alert,
make_user_notification_policy,
):
settings.EMAIL_BACKEND = "django.core.mail.backends.locmem.EmailBackend"
settings.EMAIL_HOST = None
organization = make_organization()
user = make_user_for_organization(organization)
alert_receive_channel = make_alert_receive_channel(organization)
alert_group = make_alert_group(alert_receive_channel)
make_alert(alert_group=alert_group, raw_request_data=alert_receive_channel.config.example_payload)
notification_policy = make_user_notification_policy(
user,
UserNotificationPolicy.Step.NOTIFY,
notify_by=8,
important=False,
)
notify_user_async(user.pk, alert_group.pk, notification_policy.pk)
assert len(mail.outbox) == 0
log_record = notification_policy.personal_log_records.last()
assert log_record.type == UserNotificationPolicyLogRecord.TYPE_PERSONAL_NOTIFICATION_FAILED
@pytest.mark.django_db
def test_notify_user_bad_smtp_host(
settings,
@ -56,6 +93,7 @@ def test_notify_user_bad_smtp_host(
make_user_notification_policy,
):
settings.EMAIL_BACKEND = "django.core.mail.backends.locmem.EmailBackend"
settings.EMAIL_HOST = "test"
organization = make_organization()
user = make_user_for_organization(organization)
@ -93,6 +131,7 @@ def test_notify_user_no_emails_left(
make_user_notification_policy,
):
settings.EMAIL_BACKEND = "django.core.mail.backends.locmem.EmailBackend"
settings.EMAIL_HOST = "test"
organization = make_organization()
user = make_user_for_organization(organization)

2
engine/settings/base.py
View file

@ -50,7 +50,7 @@ BASE_URL = os.environ.get("BASE_URL") # Root URL of OnCall backend
# Feature toggles
FEATURE_LIVE_SETTINGS_ENABLED = getenv_boolean("FEATURE_LIVE_SETTINGS_ENABLED", default=True)
FEATURE_TELEGRAM_INTEGRATION_ENABLED = getenv_boolean("FEATURE_TELEGRAM_INTEGRATION_ENABLED", default=True)
FEATURE_EMAIL_INTEGRATION_ENABLED = getenv_boolean("FEATURE_EMAIL_INTEGRATION_ENABLED", default=False)
FEATURE_EMAIL_INTEGRATION_ENABLED = getenv_boolean("FEATURE_EMAIL_INTEGRATION_ENABLED", default=True)
FEATURE_SLACK_INTEGRATION_ENABLED = getenv_boolean("FEATURE_SLACK_INTEGRATION_ENABLED", default=True)
FEATURE_WEB_SCHEDULES_ENABLED = getenv_boolean("FEATURE_WEB_SCHEDULES_ENABLED", default=False)
GRAFANA_CLOUD_ONCALL_HEARTBEAT_ENABLED = getenv_boolean("GRAFANA_CLOUD_ONCALL_HEARTBEAT_ENABLED", default=True)

2
grafana-plugin/src/pages/chat-ops/parts/tabs/TelegramSettings/TelegramSettings.module.css
View file

@ -12,7 +12,7 @@
width: 725px;
}
ul {
.features-list > ul {
margin: 20px 30px;
}

12
grafana-plugin/src/pages/chat-ops/parts/tabs/TelegramSettings/TelegramSettings.tsx
View file

@ -102,11 +102,13 @@ class TelegramSettings extends Component<TelegramProps, TelegramState> {
</Block>
<Text>
<Text.Title level={4}>Features</Text.Title>
<ul>
<li>perform actions (acknowledge, resolve, silence)</li>
<li>discuss alerts in comments</li>
<li>notifications to users accounts will be served as links to the main channel</li>
</ul>
<div className={cx('features-list')}>
<ul>
<li>perform actions (acknowledge, resolve, silence)</li>
<li>discuss alerts in comments</li>
<li>notifications to users accounts will be served as links to the main channel</li>
</ul>
</div>
Make sure your team connects Telegram in their OnCall user profiles too or they cannot manage alert groups.
</Text>
<HorizontalGroup>

24
helm/oncall/Chart.lock Normal file
View file

@ -0,0 +1,24 @@
dependencies:
- name: cert-manager
repository: https://charts.jetstack.io
version: v1.8.0
- name: mariadb
repository: https://charts.bitnami.com/bitnami
version: 11.0.10
- name: postgresql
repository: https://charts.bitnami.com/bitnami
version: 11.9.10
- name: rabbitmq
repository: https://charts.bitnami.com/bitnami
version: 10.1.1
- name: redis
repository: https://charts.bitnami.com/bitnami
version: 16.10.1
- name: grafana
repository: https://grafana.github.io/helm-charts
version: 6.29.6
- name: ingress-nginx
repository: https://kubernetes.github.io/ingress-nginx
version: 4.1.4
digest: sha256:8e17f2f6a087b6db52670458fc0e1cb39b0a3f7962ff7ebbc7be4c982a4e1720
generated: "2022-10-18T11:22:39.061819+02:00"

4
helm/oncall/Chart.yaml
View file

@ -25,6 +25,10 @@ dependencies:
version: 11.0.10
repository: https://charts.bitnami.com/bitnami
condition: mariadb.enabled
- name: postgresql
version: 11.9.10
repository: https://charts.bitnami.com/bitnami
condition: postgresql.enabled
- name: rabbitmq
version: 10.1.1
repository: https://charts.bitnami.com/bitnami

92
helm/oncall/README.md
View file

@ -6,23 +6,27 @@ It will also deploy cert manager and nginx ingress controller, as Grafana OnCall
to receive alerts from other monitoring systems. Grafana OnCall engine acts as a backend and can be connected to the Grafana frontend plugin named Grafana OnCall.
Architecture diagram can be found [here](https://raw.githubusercontent.com/grafana/oncall/dev/docs/img/architecture_diagram.png)
## Production usage
### Production usage
**Default helm chart configuration is not intended for production.** The helm chart includes all the services into a single release, which is not recommended for production usage. It is recommended to run stateful services such as MySQL and RabbitMQ separately from this release or use managed PaaS solutions. It will significantly reduce the overhead of managing them. Here are the instructions on how to set up your own [ingress](#set-up-external-access), [MySQL](#connect-external-mysql), [RabbitMQ](#connect-external-rabbitmq), [Redis](#connect-external-redis)
### Cluster requirements
* ensure you can run x86-64/amd64 workloads. arm64 architecture is currently not supported
* kubernetes version 1.25+ is not supported, if cert-manager is enabled
## Install
### Prepare the repo
```
```bash
# Add the repository
helm repo add grafana https://grafana.github.io/helm-charts
helm repo update
```
### Installing the helm chart
```bash
# Install the chart
helm install \
@ -34,7 +38,8 @@ helm install \
```
Follow the `helm install` output to finish setting up Grafana OnCall backend and Grafana OnCall frontend plugin e.g.
```
```bash
👋 Your Grafana OnCall instance has been successfully deployed
❗ Set up a DNS record for your domain (use A Record and "@" to point a root domain to the IP address)
@ -73,6 +78,7 @@ Follow the `helm install` output to finish setting up Grafana OnCall backend and
## Configuration
You can edit values.yml to make changes to the helm chart configuration and re-deploy the release with the following command:
```bash
helm upgrade \
--install \
@ -87,7 +93,7 @@ helm upgrade \
You can set up Slack connection via following variables:
```
```yaml
oncall:
slack:
enabled: true
@ -103,7 +109,7 @@ oncall:
To set up Telegram tokem and webhook url use:
```
```yaml
oncall:
telegram:
enabled: true
@ -112,13 +118,14 @@ oncall:
```
### Set up external access
Grafana OnCall can be connected to the external monitoring systems or grafana deployed to the other cluster.
Nginx Ingress Controller and Cert Manager charts are included in the helm chart with the default configuration.
If you set the DNS A Record pointing to the external IP address of the installation with the Hostname matching base_url parameter, https will be automatically set up. If grafana is enabled in the chart values, it will also be available on https://<base_url>/grafana/. See the details in `helm install` output.
If you set the DNS A Record pointing to the external IP address of the installation with the Hostname matching base_url parameter, https will be automatically set up. If grafana is enabled in the chart values, it will also be available on `https://<base_url>/grafana/`. See the details in `helm install` output.
To use a different ingress controller or tls certificate management system, set the following values to false and edit ingress settings
```
```yaml
ingress-nginx:
enabled: false
@ -132,18 +139,36 @@ ingress:
cert-manager.io/issuer: "letsencrypt-prod"
```
### Use PostgreSQL instead of MySQL
It is possible to use PostgreSQL instead of MySQL. To do so, set mariadb.enabled to `false`,
postgresql.enabled to `true` and database.type to `postgresql`.
```yaml
mariadb:
enabled: false
postgresql:
enabled: true
database:
type: postgresql
```
### Connect external MySQL
It is recommended to use the managed MySQL 5.7 database provided by your cloud provider
Make sure to create the database with the following parameters before installing this chart
```
```sql
CREATE DATABASE oncall CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
```
To use an external MySQL instance set mysql.enabled to `false` and configure the `externalMysql` parameters.
```
To use an external MySQL instance set mariadb.enabled to `false` and configure the `externalMysql` parameters.
```yaml
mariadb:
enabled: true
enabled: false
# Make sure to create the database with the following parameters:
# CREATE DATABASE oncall CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
@ -155,13 +180,42 @@ externalMysql:
password:
```
### Connect external PostgreSQL
To use an external PostgreSQL instance set mariadb.enabled to `false`,
postgresql.enabled to `false`, database.type to `postgresql` and configure
the `externalPostgresql` parameters.
```yaml
mariadb:
enabled: false
postgresql:
enabled: false
database:
type: postgresql
# Make sure to create the database with the following parameters:
# CREATE DATABASE oncall CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
externalPostgresql:
host:
port:
db_name:
user:
password:
existingSecret: ""
passwordKey: password
```
### Connect external RabbitMQ
Option 1. Install RabbitMQ separately into the cluster using the [official documentation](https://www.rabbitmq.com/kubernetes/operator/operator-overview.html)
Option 2. Use managed solution such as [CloudAMPQ](https://www.cloudamqp.com/)
To use an external RabbitMQ instance set rabbitmq.enabled to `false` and configure the `externalRabbitmq` parameters.
```
```yaml
rabbitmq:
enabled: false # Disable the RabbitMQ dependency from the release
@ -175,7 +229,8 @@ externalRabbitmq:
### Connect external Redis
To use an external Redis instance set redis.enabled to `false` and configure the `externalRedis` parameters.
```
```yaml
redis:
enabled: false # Disable the Redis dependency from the release
@ -185,7 +240,8 @@ externalRedis:
```
## Update
```shell
```bash
# Add & upgrade the repository
helm repo add grafana https://grafana.github.io/helm-charts
helm repo update
@ -203,19 +259,23 @@ helm upgrade \
After re-deploying, please also update the Grafana OnCall plugin on the plugin version page. See [Grafana docs](https://grafana.com/docs/grafana/latest/administration/plugin-management/#update-a-plugin) for more info on updating Grafana plugins.
## Uninstall
### Uninstalling the helm chart
```bash
helm delete release-oncall
```
### Clean up PVC's
```bash
kubectl delete pvc data-release-oncall-mariadb-0 data-release-oncall-rabbitmq-0 \
redis-data-release-oncall-redis-master-0 redis-data-release-oncall-redis-replicas-0 \
redis-data-release-oncall-redis-replicas-1 redis-data-release-oncall-redis-replicas-2
```
### Clean up secrets
```bash
kubectl delete secrets certificate-tls release-oncall-cert-manager-webhook-ca release-oncall-ingress-nginx-admission
```

BIN
helm/oncall/charts/postgresql-11.9.10.tgz Normal file
View file

Binary file not shown.

2
helm/oncall/templates/NOTES.txt
View file

@ -37,7 +37,7 @@
Issue the one-time token to connect Grafana OnCall backend and Grafana OnCall plugin by running these commands:
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "oncall.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=engine" -o jsonpath="{.items[0].metadata.name}")
kubectl exec -it $POD_NAME -- bash -c "python manage.py issue_invite_for_the_frontend --override"
kubectl exec -it $POD_NAME --namespace {{ .Release.Namespace }} -- bash -c "python manage.py issue_invite_for_the_frontend --override"
Fill the Grafana OnCall Backend URL:

68
helm/oncall/templates/_env.tpl
View file

@ -136,6 +136,74 @@
{{- end -}}
{{- end -}}
{{- define "snippet.postgresql.env" -}}
- name: DATABASE_TYPE
value: {{ .Values.database.type }}
- name: DATABASE_HOST
value: {{ include "snippet.postgresql.host" . }}
- name: DATABASE_PORT
value: {{ include "snippet.postgresql.port" . }}
- name: DATABASE_NAME
value: {{ include "snippet.postgresql.db" . }}
- name: DATABASE_USER
value: {{ include "snippet.postgresql.user" . }}
- name: DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "snippet.postgresql.password.secret.name" . }}
key: {{ include "snippet.postgresql.password.secret.key" . }}
{{- end }}
{{- define "snippet.postgresql.password.secret.name" -}}
{{- if and (not .Values.postgresql.enabled) .Values.externalPostgresql.password -}}
{{ include "oncall.fullname" . }}-postgresql-external
{{- else if and (not .Values.postgresql.enabled) .Values.externalPostgresql.existingSecret -}}
{{ .Values.externalPostgresql.existingSecret }}
{{- else -}}
{{ include "oncall.postgresql.fullname" . }}
{{- end -}}
{{- end -}}
{{- define "snippet.postgresql.password.secret.key" -}}
{{- if and (not .Values.postgresql.enabled) .Values.externalPostgresql.passwordKey -}}
{{ .Values.externalPostgresql.passwordKey }}
{{- else -}}
"postgres-password"
{{- end -}}
{{- end -}}
{{- define "snippet.postgresql.host" -}}
{{- if and (not .Values.postgresql.enabled) .Values.externalPostgresql.host -}}
{{- required "externalPostgresql.host is required if not postgresql.enabled" .Values.externalPostgresql.host | quote }}
{{- else -}}
{{ include "oncall.postgresql.fullname" . }}
{{- end -}}
{{- end -}}
{{- define "snippet.postgresql.port" -}}
{{- if and (not .Values.mariadb.enabled) .Values.externalPostgresql.port -}}
{{- required "externalPostgresql.port is required if not postgresql.enabled" .Values.externalPostgresql.port | quote }}
{{- else -}}
"5432"
{{- end -}}
{{- end -}}
{{- define "snippet.postgresql.db" -}}
{{- if and (not .Values.postgresql.enabled) .Values.externalPostgresql.db -}}
{{- required "externalPostgresql.db is required if not postgresql.enabled" .Values.externalPostgresql.db | quote}}
{{- else -}}
"oncall"
{{- end -}}
{{- end -}}
{{- define "snippet.postgresql.user" -}}
{{- if and (not .Values.postgresql.enabled) .Values.externalPostgresql.user -}}
{{- .Values.externalPostgresql.user | quote}}
{{- else -}}
"postgres"
{{- end -}}
{{- end -}}
{{- define "snippet.rabbitmq.env" -}}
- name: RABBITMQ_USERNAME
value: {{ include "snippet.rabbitmq.user" . }}

22
helm/oncall/templates/_helpers.tpl
View file

@ -66,6 +66,11 @@ Create the name of the service account to use
{{- printf "%s-%s" .Release.Name "mariadb" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/* Generate the fullname of postgresql subchart */}}
{{- define "oncall.postgresql.fullname" -}}
{{- printf "%s-%s" .Release.Name "postgresql" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- define "oncall.grafana.fullname" -}}
{{- printf "%s-%s" .Release.Name "grafana" | trunc 63 | trimSuffix "-" }}
{{- end }}
@ -96,3 +101,20 @@ Create the name of the service account to use
{{- toYaml .Values.env | nindent 12 }}
{{- end }}
{{- end }}
{{- define "oncall.postgresql.wait-for-db" }}
- name: wait-for-db
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
command: ['sh', '-c', "until (python manage.py migrate --check); do echo Waiting for database migrations; sleep 2; done"]
securityContext:
{{ toYaml .Values.init.securityContext| nindent 4}}
env:
{{- include "snippet.oncall.env" . | nindent 12 }}
{{- include "snippet.postgresql.env" . | nindent 12 }}
{{- include "snippet.rabbitmq.env" . | nindent 12 }}
{{- include "snippet.redis.env" . | nindent 12 }}
{{- if .Values.env }}
{{- toYaml .Values.env | nindent 12 }}
{{- end }}
{{- end }}

10
helm/oncall/templates/celery/_deployment.tpl
View file

@ -28,7 +28,12 @@ spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
initContainers:
{{- if eq .Values.database.type "mysql" }}
{{- include "oncall.mariadb.wait-for-db" . | indent 8 }}
{{- end }}
{{- if eq .Values.database.type "postgresql" }}
{{- include "oncall.postgresql.wait-for-db" . | indent 8 }}
{{- end }}
containers:
- name: {{ .Chart.Name }}
securityContext:
@ -42,7 +47,12 @@ spec:
{{- include "snippet.oncall.slack.env" . | nindent 12 }}
{{- include "snippet.oncall.telegram.env" . | nindent 12 }}
{{- include "snippet.oncall.smtp.env" . | nindent 12 }}
{{- if eq .Values.database.type "mysql" }}
{{- include "snippet.mysql.env" . | nindent 12 }}
{{- end }}
{{- if eq .Values.database.type "postgresql" }}
{{- include "snippet.postgresql.env" . | nindent 12 }}
{{- end }}
{{- include "snippet.rabbitmq.env" . | nindent 12 }}
{{- include "snippet.redis.env" . | nindent 12 }}
{{- if .Values.env }}

10
helm/oncall/templates/engine/deployment.yaml
View file

@ -32,7 +32,12 @@ spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
initContainers:
{{- if eq .Values.database.type "mysql" }}
{{- include "oncall.mariadb.wait-for-db" . | indent 8 }}
{{- end }}
{{- if eq .Values.database.type "postgresql" }}
{{- include "oncall.postgresql.wait-for-db" . | indent 8 }}
{{- end }}
containers:
- name: {{ .Chart.Name }}
securityContext:
@ -48,7 +53,12 @@ spec:
{{- include "snippet.oncall.slack.env" . | nindent 12 }}
{{- include "snippet.oncall.telegram.env" . | nindent 12 }}
{{- include "snippet.oncall.smtp.env" . | nindent 12 }}
{{- if eq .Values.database.type "mysql" }}
{{- include "snippet.mysql.env" . | nindent 12 }}
{{- end }}
{{- if eq .Values.database.type "postgresql" }}
{{- include "snippet.postgresql.env" . | nindent 12 }}
{{- end }}
{{- include "snippet.rabbitmq.env" . | nindent 12 }}
{{- include "snippet.redis.env" . | nindent 12 }}
{{- if .Values.env }}

14
helm/oncall/templates/engine/job-migrate.yaml
View file

@ -35,16 +35,30 @@ spec:
command:
- /bin/sh
- -c
{{- if eq .Values.database.type "mysql" }}
- |
until (nc -vz $MYSQL_HOST $MYSQL_PORT);
do
echo "waiting for MySQL"; sleep 1;
done
python manage.py migrate
{{- else if eq .Values.database.type "postgresql" }}
- |
until (nc -vz $DATABASE_HOST $DATABASE_PORT);
do
echo "waiting for PostgreSQL"; sleep 1;
done
python manage.py migrate
{{- end }}
env:
{{- include "snippet.oncall.env" . | nindent 12 }}
{{- include "snippet.oncall.smtp.env" . | nindent 12 }}
{{- if eq .Values.database.type "mysql" }}
{{- include "snippet.mysql.env" . | nindent 12 }}
{{- end }}
{{- if eq .Values.database.type "postgresql" }}
{{- include "snippet.postgresql.env" . | nindent 12 }}
{{- end }}
{{- include "snippet.rabbitmq.env" . | nindent 12 }}
{{- include "snippet.redis.env" . | nindent 12 }}
{{- if .Values.env }}

12
helm/oncall/templates/secrets.yaml
View file

@ -11,7 +11,7 @@ data:
MIRAGE_CIPHER_IV: {{ randAlphaNum 40 | b64enc | quote }}
---
{{ if not .Values.mariadb.enabled -}}
{{ if and (not .Values.mariadb.enabled) (eq .Values.database.type "mysql") -}}
apiVersion: v1
kind: Secret
metadata:
@ -50,3 +50,13 @@ type: Opaque
data:
smtp-password: {{ required "oncall.smtp.password is required if oncall.smtp.enabled" .Values.oncall.smtp.password | b64enc | quote }}
{{- end }}
---
{{ if and (not .Values.postgresql.enabled) (eq .Values.database.type "postgresql") (not .Values.externalPostgresql.existingSecret) -}}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "oncall.fullname" . }}-postgresql-external
type: Opaque
data:
postgres-password: {{ required "externalPostgresql.password is required if not postgresql.enabled and not externalPostgresql.existingSecret" .Values.externalPostgresql.password | b64enc | quote }}
{{- end }}

27
helm/oncall/values.yaml
View file

@ -111,7 +111,7 @@ ingress:
annotations:
kubernetes.io/ingress.class: "nginx"
cert-manager.io/issuer: "letsencrypt-prod"
tls:
tls:
- hosts:
- "{{ .Values.base_url }}"
secretName: certificate-tls
@ -153,6 +153,10 @@ cert-manager:
- 8.8.8.8
- 1.1.1.1
database:
# can be either mysql or postgresql
type: mysql
# MySQL is included into this release for the convenience.
# It is recommended to host it separately from this release
# Set mariadb.enabled = false and configure externalMysql
@ -182,6 +186,27 @@ externalMysql:
user:
password:
# PostgreSQL is included into this release for the convenience.
# It is recommended to host it separately from this release
# Set postgresql.enabled = false and configure externalPostgresql
postgresql:
enabled: false
auth:
database: oncall
# Make sure to create the database with the following parameters:
# CREATE DATABASE oncall CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
externalPostgresql:
host:
port:
db_name:
user:
password:
# use an existing secret for the database password
existingSecret: ""
# the key in the secret containing the database password
passwordKey: password
# RabbitMQ is included into this release for the convenience.
# It is recommended to host it separately from this release
# Set rabbitmq.enabled = false and configure externalRabbitmq