blob: 24b6afdc56b51616a2afabfcf82e37608ebb9f0c [file] [log] [blame]
{{- $root := . -}}
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ .Release.Name }}-gerrit-stateful-set
labels:
app: gerrit
chart: {{ template "gerrit.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
spec:
serviceName: {{ .Release.Name }}-gerrit-service
replicas: {{ .Values.gerrit.replicas }}
updateStrategy:
rollingUpdate:
partition: {{ .Values.gerrit.updatePartition }}
selector:
matchLabels:
app: gerrit
template:
metadata:
labels:
app: gerrit
chart: {{ template "gerrit.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
annotations:
chartRevision: "{{ .Release.Revision }}"
spec:
{{- with .Values.gerrit.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
terminationGracePeriodSeconds: {{ .Values.gerrit.gracefulStopTimeout }}
securityContext:
fsGroup: 100
{{ if .Values.images.registry.ImagePullSecret.name -}}
imagePullSecrets:
- name: {{ .Values.images.registry.ImagePullSecret.name }}
{{- range .Values.images.additionalImagePullSecrets }}
- name: {{ . }}
{{- end }}
{{- end }}
initContainers:
- name: site-cleanup
image: {{ .Values.images.busybox.registry -}}/busybox:{{- .Values.images.busybox.tag }}
securityContext:
runAsUser: 1000
runAsGroup: 100
command:
- sh
- -c
args:
- |
# Remove directories that should be mounted rather than exist with the
# rest of the site
for dir in git {{ if eq .Values.gerrit.index.type "elasticsearch" }}index{{ end }}; do
[ ! -L /var/gerrit/$dir ] && rm -rf /var/gerrit/$dir
done
rm -f /var/gerrit/logs/gerrit.pid
if [ -d /var/gerrit/data ]; then
for link in $(find /var/gerrit/data -type l); do
if [[ $(readlink -f $link) == /var/mnt/data/* ]]; then
unlink $link
fi
done
fi
volumeMounts:
- name: gerrit-site
mountPath: "/var/gerrit"
- name: gerrit-init
image: {{ template "registry" . }}{{ .Values.gerrit.images.gerritInit }}:{{ .Values.images.version }}
imagePullPolicy: {{ .Values.images.imagePullPolicy }}
command:
- /bin/ash
- -ce
args:
- |
symlink_config_to_site(){
for file in /var/mnt/etc/config/* /var/mnt/etc/secret/*; do
ln -sf $file /var/gerrit/etc/$(basename $file)
done
}
mkdir -p /var/gerrit/etc
symlink_config_to_site
mkdir -p /var/gerrit/data
{{- range .Values.gerrit.additionalConfigMaps }}
if [ -d /var/mnt/data ]; then
for file in $(find /var/mnt/data/{{ .subDir }} -type f); do
mkdir -p /var/gerrit/data/{{ .subDir }}
ln -sf $file /var/gerrit/data/{{ .subDir }}/$(basename $file)
done
fi
{{- end }}
for dir in git {{ if eq .Values.gerrit.index.type "elasticsearch" }}index{{ end }}; do
if [ ! -d /var/gerrit/$dir ]; then
ln -sf /var/mnt/$dir /var/gerrit/
fi
done
python3 /var/tools/gerrit-initializer \
-c /var/config/gerrit-init.yaml \
-s /var/gerrit \
init
symlink_config_to_site
{{ if not .Values.gerrit.persistence.enabled -}}
FLAGS="$FLAGS --force"
{{- end }}
# TODO (Thomas): Do not enforce offline-reindexing, when online-reindexing
# is configured.
python3 /var/tools/gerrit-initializer \
-c /var/config/gerrit-init.yaml \
-s /var/gerrit \
reindex \
$FLAGS
volumeMounts:
- name: gerrit-site
mountPath: "/var/gerrit"
- name: git-repositories
mountPath: "/var/mnt/git"
- name: gerrit-init-config
mountPath: "/var/config/gerrit-init.yaml"
subPath: gerrit-init.yaml
{{- if and .Values.gerrit.plugins.cache.enabled .Values.gerrit.plugins.downloaded }}
- name: gerrit-plugin-cache
mountPath: "/var/mnt/plugins"
{{- end }}
{{ if eq .Values.gerrit.index.type "elasticsearch" -}}
- name: gerrit-index-config
mountPath: "/var/mnt/index"
{{- end }}
- name: gerrit-config
mountPath: "/var/mnt/etc/config"
- name: gerrit-secure-config
mountPath: "/var/mnt/etc/secret"
{{ if .Values.caCert -}}
- name: tls-ca
subPath: ca.crt
mountPath: "/var/config/ca.crt"
{{- end }}
{{- range .Values.gerrit.additionalConfigMaps }}
- name: {{ .name }}
mountPath: "/var/mnt/data/{{ .subDir }}"
{{- end }}
containers:
- name: gerrit
image: {{ template "registry" . }}{{ .Values.gerrit.images.gerrit }}:{{ .Values.images.version }}
imagePullPolicy: {{ .Values.images.imagePullPolicy }}
lifecycle:
preStop:
exec:
command:
- "/bin/ash"
- "-c"
- "kill -2 $(pidof java) && tail --pid=$(pidof java) -f /dev/null"
ports:
- name: gerrit-port
containerPort: 8080
{{- if .Values.gerrit.service.ssh.enabled }}
- name: gerrit-ssh
containerPort: 29418
{{- end }}
volumeMounts:
- name: gerrit-site
mountPath: "/var/gerrit"
- name: git-repositories
mountPath: "/var/mnt/git"
{{ if eq .Values.gerrit.index.type "elasticsearch" -}}
- name: gerrit-index-config
mountPath: "/var/mnt/index"
{{- end }}
- name: gerrit-config
mountPath: "/var/mnt/etc/config"
- name: gerrit-secure-config
mountPath: "/var/mnt/etc/secret"
{{- range .Values.gerrit.additionalConfigMaps }}
- name: {{ .name }}
mountPath: "/var/mnt/data/{{ .subDir }}"
{{- end }}
resources:
{{ toYaml .Values.gerrit.resources | indent 10 }}
livenessProbe:
httpGet:
path: /config/server/healthcheck~status
port: gerrit-port
{{ toYaml .Values.gerrit.livenessProbe | indent 10 }}
readinessProbe:
httpGet:
path: /config/server/healthcheck~status
port: gerrit-port
{{ toYaml .Values.gerrit.readinessProbe | indent 10 }}
startupProbe:
httpGet:
path: /config/server/healthcheck~status
port: gerrit-port
{{ toYaml .Values.gerrit.startupProbe | indent 10 }}
volumes:
{{ if not .Values.gerrit.persistence.enabled -}}
- name: gerrit-site
emptyDir: {}
{{- end }}
{{- if and .Values.gerrit.plugins.cache.enabled .Values.gerrit.plugins.downloaded }}
- name: gerrit-plugin-cache
persistentVolumeClaim:
claimName: {{ .Release.Name }}-plugin-cache-pvc
{{- end }}
- name: git-repositories
persistentVolumeClaim:
{{- if .Values.gitRepositoryStorage.externalPVC.use }}
claimName: {{ .Values.gitRepositoryStorage.externalPVC.name }}
{{- else }}
claimName: {{ .Release.Name }}-git-repositories-pvc
{{- end }}
- name: gerrit-init-config
configMap:
name: {{ .Release.Name }}-gerrit-init-configmap
{{ if eq .Values.gerrit.index.type "elasticsearch" -}}
- name: gerrit-index-config
persistentVolumeClaim:
claimName: {{ .Release.Name }}-gerrit-index-config-pvc
{{- end }}
- name: gerrit-config
configMap:
name: {{ .Release.Name }}-gerrit-configmap
- name: gerrit-secure-config
secret:
secretName: {{ .Release.Name }}-gerrit-secure-config
{{ if .Values.caCert -}}
- name: tls-ca
secret:
secretName: {{ .Release.Name }}-tls-ca
{{- end }}
{{- range .Values.gerrit.additionalConfigMaps }}
- name: {{ .name }}
configMap:
name: {{ if .data }}{{ $root.Release.Name }}-{{ .name }}{{ else }}{{ .name }}{{ end }}
{{- end }}
volumeClaimTemplates:
{{ if .Values.gerrit.persistence.enabled -}}
- metadata:
name: gerrit-site
labels:
app: gerrit
chart: {{ template "gerrit.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ .Values.gerrit.persistence.size }}
storageClassName: {{ .Values.storageClasses.default.name }}
{{- end }}