Refactor paperless-ai Helm chart for improved configuration
Some checks failed
Build Helm Chart / helm-package (push) Failing after 3s
Some checks failed
Build Helm Chart / helm-package (push) Failing after 3s
This update substantially refactors the paperless-ai Helm chart. Key changes include: - Complete removal of outdated files: `.helmignore`, `LICENSE`, `README.adoc`, and several template files like `configfileConfigmap.yaml`, `configmap.yaml`, `dataPvc.yaml`, `envfileSecret.yaml`, `openAiApiSecret.yaml`, `paperlessApiSecret.yaml`, and others. - Introduction of a new Persistent Volume Claim configuration in `pvc.yaml` to simplify storage management. - Significant updates to `Chart.yaml` for better metadata, including a new maintainer and project description in German. - Enhancements to the main deployment template in `deployment.yaml`, focusing on clarity and proper utilization of Kubernetes security contexts, environment variables, and container properties. - Updated service definitions in `service.yaml` with better labels and service properties. - Refined the `ingress.yaml` to improve external service access management, including annotations for potential customization. These changes were implemented to modernize the Helm chart based on the current best practices, improve user experience, and set a foundation for future enhancements. There are no breaking changes to the existing user configurations.
This commit is contained in:
@ -1,99 +1,76 @@
|
||||
# deployment.yaml
|
||||
# Definiert das Kubernetes Deployment für die Paperless AI Anwendung.
|
||||
# Ein Deployment verwaltet die Erstellung und Skalierung von Pods.
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ include "paperless-ai.fullname" . }}
|
||||
name: {{ include "paperless-ai.fullname" . }} # Der Name des Deployments, generiert mit dem fullname-Template.
|
||||
labels:
|
||||
{{- include "paperless-ai.labels" . | nindent 4 }}
|
||||
{{- include "paperless-ai.labels" . | nindent 4 }} # Allgemeine Labels für das Deployment.
|
||||
spec:
|
||||
replicas: {{ .Values.replicaCount }}
|
||||
{{- if not .Values.autoscaling.enabled }}
|
||||
replicas: {{ .Values.replicaCount }} # Anzahl der gewünschten Pod-Replikate, wenn Autoscaling deaktiviert ist.
|
||||
{{- end }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "paperless-ai.selectorLabels" . | nindent 6 }}
|
||||
{{- include "paperless-ai.selectorLabels" . | nindent 6 }} # Selector, um die Pods zu finden, die zu diesem Deployment gehören.
|
||||
template:
|
||||
metadata:
|
||||
{{- with .Values.podAnnotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- toYaml . | nindent 8 }} # Zusätzliche Anmerkungen für den Pod.
|
||||
{{- end }}
|
||||
labels:
|
||||
{{- include "paperless-ai.labels" . | nindent 8 }}
|
||||
{{- with .Values.podLabels }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- include "paperless-ai.selectorLabels" . | nindent 8 }} # Labels für den Pod.
|
||||
spec:
|
||||
{{- with .Values.imagePullSecrets }}
|
||||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- toYaml . | nindent 8 }} # Secrets für den Image-Pull, falls private Registries verwendet werden.
|
||||
{{- end }}
|
||||
serviceAccountName: {{ include "paperless-ai.serviceAccountName" . }} # Der zu verwendende Service Account.
|
||||
{{- if .Values.securityContext.enabled }}
|
||||
securityContext:
|
||||
{{- toYaml .Values.podSecurityContext | nindent 8 }}
|
||||
{{- toYaml .Values.securityContext.pod | nindent 8 }} # Sicherheitskontext-Einstellungen für den gesamten Pod.
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: {{ .Chart.Name }}
|
||||
- name: {{ .Chart.Name }} # Name des Containers.
|
||||
{{- if .Values.securityContext.enabled }}
|
||||
securityContext:
|
||||
{{- toYaml .Values.securityContext | nindent 12 }}
|
||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
{{- toYaml .Values.securityContext.container | nindent 12 }} # Sicherheitskontext-Einstellungen für diesen Container.
|
||||
{{- end }}
|
||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" # Das zu verwendende Image.
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }} # Die Image-Pull-Policy.
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: {{ .Values.service.port }}
|
||||
protocol: TCP
|
||||
livenessProbe:
|
||||
{{- toYaml .Values.livenessProbe | nindent 12 }}
|
||||
readinessProbe:
|
||||
{{- toYaml .Values.readinessProbe | nindent 12 }}
|
||||
resources:
|
||||
{{- toYaml .Values.resources | nindent 12 }}
|
||||
{{- with .Values.envs }}
|
||||
envs:
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
envFrom:
|
||||
# - configMapRef:
|
||||
# name: {{ include "paperless-ai.fullname" . }}-config
|
||||
{{- if .Values.openAi.apiKey }}
|
||||
- secretRef:
|
||||
name: {{ include "paperless-ai.fullname" . }}-open-ai-api
|
||||
{{- end }}
|
||||
{{- if .Values.paperless.apiToken }}
|
||||
- secretRef:
|
||||
name: {{ include "paperless-ai.fullname" . }}-paperless-api
|
||||
{{- end }}
|
||||
{{- if or .Values.persistence.config.enabled .Values.persistence.data.enabled }}
|
||||
- name: http # Name des Ports.
|
||||
containerPort: {{ .Values.service.targetPort }} # Der Port, der im Container geöffnet ist.
|
||||
protocol: TCP # Das Protokoll des Ports.
|
||||
env:
|
||||
{{- range $key, $value := .Values.env }}
|
||||
- name: {{ $key }} # Name der Umgebungsvariable.
|
||||
value: {{ $value | quote }} # Wert der Umgebungsvariable.
|
||||
{{- end }}
|
||||
{{- if .Values.persistence.enabled }}
|
||||
volumeMounts:
|
||||
- name: {{ include "paperless-ai.fullname" . }}-volume-config
|
||||
mountPath: {{ .Values.persistence.config.mountPath }}
|
||||
subPath: {{ .Values.persistence.config.subPath }}
|
||||
- name: {{ include "paperless-ai.fullname" . }}-volume-envfile
|
||||
mountPath: {{ .Values.persistence.envfile.mountPath }}
|
||||
subPath: {{ .Values.persistence.envfile.subPath }}
|
||||
{{- if .Values.persistence.data.enabled }}
|
||||
- name: {{ include "paperless-ai.fullname" . }}-volume-data
|
||||
mountPath: {{ .Values.persistence.data.mountPath }}
|
||||
- name: paperless-ai-data # Name des Volumes, das gemountet werden soll.
|
||||
mountPath: /app/data # Der Pfad im Container, an dem das Volume gemountet wird.
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if or .Values.persistence.config.enabled .Values.persistence.data.enabled }}
|
||||
volumes:
|
||||
- name: {{ include "paperless-ai.fullname" . }}-volume-config
|
||||
configMap:
|
||||
name: {{ include "paperless-ai.fullname" . }}-config-file
|
||||
- name: {{ include "paperless-ai.fullname" . }}-volume-envfile
|
||||
secret:
|
||||
secretName: {{ include "paperless-ai.fullname" . }}-env-file
|
||||
{{- if .Values.persistence.data.enabled }}
|
||||
- name: {{ include "paperless-ai.fullname" . }}-volume-data
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ include "paperless-ai.fullname" . }}-pvc-data
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
resources:
|
||||
{{- toYaml .Values.resources | nindent 12 }} # Ressourcenanforderungen und -limits für den Container.
|
||||
{{- with .Values.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- toYaml . | nindent 8 }} # Node-Selector-Regeln für die Pod-Platzierung.
|
||||
{{- end }}
|
||||
{{- with .Values.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- toYaml . | nindent 8 }} # Affinitätsregeln für die Pod-Platzierung.
|
||||
{{- end }}
|
||||
{{- with .Values.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- toYaml . | nindent 8 }} # Toleranzen für die Pod-Platzierung auf Tainted Nodes.
|
||||
{{- end }}
|
||||
{{- if .Values.persistence.enabled }}
|
||||
volumes:
|
||||
- name: paperless-ai-data # Definiert ein Volume mit dem Namen 'paperless-ai-data'.
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ include "paperless-ai.fullname" . }}-data # Verweist auf den Persistent Volume Claim.
|
||||
{{- end }}
|
||||
|
Reference in New Issue
Block a user