Skip to content

feat(helm): Make probes more customizable #13779

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
kiblik wants to merge 1 commit into
base: dev
Choose a base branch
from
Draft

feat(helm): Make probes more customizable #13779

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 7 additions & 1 deletion helm/defectdojo/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -665,7 +665,10 @@ A Helm chart for Kubernetes to install DefectDojo
| django.uwsgi.image | object | `{"digest":"","registry":"","repository":"","tag":""}` | If empty, uses values from images.django.image |
| django.uwsgi.livenessProbe.enabled | bool | `true` | Enable liveness checks on uwsgi container. |
| django.uwsgi.livenessProbe.failureThreshold | int | `6` | |
| django.uwsgi.livenessProbe.initialDelaySeconds | int | `0` | |
| django.uwsgi.livenessProbe.httpGet.httpHeaders[0].name | string | `"Host"` | |
| django.uwsgi.livenessProbe.httpGet.httpHeaders[0].value | string | `"defectdojo.default.minikube.local"` | |
| django.uwsgi.livenessProbe.httpGet.path | string | `"/login?force_login_form&next=/"` | |
| django.uwsgi.livenessProbe.httpGet.port | string | `"http-uwsgi"` | |
| django.uwsgi.livenessProbe.periodSeconds | int | `10` | |
| django.uwsgi.livenessProbe.successThreshold | int | `1` | |
| django.uwsgi.livenessProbe.timeoutSeconds | int | `5` | |
Expand Down Expand Up @@ -736,7 +739,10 @@ A Helm chart for Kubernetes to install DefectDojo
| monitoring.prometheus.image.repository | string | `"nginx/nginx-prometheus-exporter"` | |
| monitoring.prometheus.image.tag | string | `"1.4.2"` | |
| monitoring.prometheus.imagePullPolicy | string | `"IfNotPresent"` | |
| monitoring.prometheus.livenessProbe | object | `{"httpGet":{"path":"/metrics","port":"http-metrics"},"initialDelaySeconds":15,"periodSeconds":20,"timeoutSeconds":5}` | Set liveness probe for Monitoring prometheus container. |
| monitoring.prometheus.readinessProbe | object | `{}` | |
| monitoring.prometheus.resources | object | `{}` | Optional: add resource requests/limits for the nginx prometheus exporter container |
| monitoring.prometheus.startupProbe | object | `{}` | |
| networkPolicy | object | `{"annotations":{},"egress":[],"enabled":false,"ingress":[],"ingressExtend":[]}` | Enables application network policy For more info follow https://kubernetes.io/docs/concepts/services-networking/network-policies/ |
| networkPolicy.egress | list | `[]` | ``` egress: - to: - ipBlock: cidr: 10.0.0.0/24 ports: - protocol: TCP port: 443 ``` |
| networkPolicy.ingress | list | `[]` | For more detailed configuration with ports and peers. It will ignore ingressExtend ``` ingress: - from: - podSelector: matchLabels: app.kubernetes.io/instance: defectdojo - podSelector: matchLabels: app.kubernetes.io/instance: defectdojo-prometheus ports: - protocol: TCP port: 8443 ``` |
Expand Down
41 changes: 20 additions & 21 deletions helm/defectdojo/templates/django-deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -129,13 +129,15 @@ spec:
- name: http-metrics
protocol: TCP
containerPort: 9113
livenessProbe:
httpGet:
path: /metrics
port: http-metrics
periodSeconds: 20
initialDelaySeconds: 15
timeoutSeconds: 5
{{- with .Values.monitoring.prometheus.livenessProbe }}
livenessProbe: {{ toYaml . | nindent 10 }}
{{- end }}
{{- with .Values.monitoring.prometheus.readinessProbe }}
readinessProbe: {{ toYaml . | nindent 10 }}
{{- end }}
{{- with .Values.monitoring.prometheus.startupProbe }}
startupProbe: {{ toYaml . | nindent 10 }}
{{- end }}
{{- with .Values.monitoring.prometheus.resources }}
resources: {{- . | toYaml | nindent 10 }}
{{- end }}
Expand Down Expand Up @@ -238,20 +240,17 @@ spec:
{{- . | toYaml | nindent 8 }}
{{- end }}
{{- if .Values.django.uwsgi.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /login?force_login_form&next=/
port: http-uwsgi
httpHeaders:
- name: Host
value: {{ .Values.host }}
failureThreshold: {{ .Values.django.uwsgi.livenessProbe.failureThreshold }}
{{- if .Values.django.uwsgi.livenessProbe.initialDelaySeconds }}
initialDelaySeconds: {{ .Values.django.uwsgi.livenessProbe.initialDelaySeconds }}
{{- end }}
periodSeconds: {{ .Values.django.uwsgi.livenessProbe.periodSeconds }}
successThreshold: {{ .Values.django.uwsgi.livenessProbe.successThreshold }}
timeoutSeconds: {{ .Values.django.uwsgi.livenessProbe.timeoutSeconds }}
{{- with .Values.django.uwsgi.livenessProbe }}
livenessProbe: {{ toYaml . | nindent 10 }}
{{- end }}
{{- end }}
{{- with .Values.django.uwsgi.readinessProbe }}
readinessProbe: {{ toYaml . | nindent 10 }}
{{- end }}
{{- with .Values.django.uwsgi.startupProbe }}
startupProbe: {{ toYaml . | nindent 10 }}
{{- end }}
{{- if .Values.django.uwsgi.livenessProbe.enabled }}
{{- end }}
resources:
{{- toYaml .Values.django.uwsgi.resources | nindent 10 }}
Expand Down
56 changes: 54 additions & 2 deletions helm/defectdojo/values.schema.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -796,8 +796,28 @@
"failureThreshold": {
"type": "integer"
},
"initialDelaySeconds": {
"type": "integer"
"httpGet": {
"type": "object",
"properties": {
"httpHeaders": {
"type": "array",
"items": {
"type": "object",
"properties": {
"name": {
"type": "string"
},
"value": {}
}
}
},
"path": {
"type": "string"
},
"port": {
"type": "string"
}
}
},
"periodSeconds": {
"type": "integer"
Expand Down Expand Up @@ -1145,9 +1165,41 @@
"imagePullPolicy": {
"type": "string"
},
"livenessProbe": {
"description": "Set liveness probe for Monitoring prometheus container.",
"type": "object",
"properties": {
"httpGet": {
"type": "object",
"properties": {
"path": {
"type": "string"
},
"port": {
"type": "string"
}
}
},
"initialDelaySeconds": {
"type": "integer"
},
"periodSeconds": {
"type": "integer"
},
"timeoutSeconds": {
"type": "integer"
}
}
},
"readinessProbe": {
"type": "object"
},
"resources": {
"description": "Optional: add resource requests/limits for the nginx prometheus exporter container",
"type": "object"
},
"startupProbe": {
"type": "object"
}
}
}
Expand Down
21 changes: 18 additions & 3 deletions helm/defectdojo/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ networkPolicy:
annotations: {}

# -- Primary hostname of instance
host: defectdojo.default.minikube.local
host: &host defectdojo.default.minikube.local

# -- The full URL to your defectdojo instance, depends on the domain where DD is deployed, it also affects links in Jira.
# Use syntax: `siteUrl: 'https://<yourdomain>'`
Expand Down Expand Up @@ -203,7 +203,16 @@ monitoring:
extraVolumeMounts: []
# -- Optional: add resource requests/limits for the nginx prometheus exporter container
resources: {}

# -- Set liveness probe for Monitoring prometheus container.
livenessProbe:
httpGet:
path: /metrics
port: http-metrics
periodSeconds: 20
initialDelaySeconds: 15
timeoutSeconds: 5
readinessProbe: {}
startupProbe: {}
secrets:
# -- Add annotations for secret resources
annotations: {}
Expand Down Expand Up @@ -439,8 +448,14 @@ django:
livenessProbe:
# -- Enable liveness checks on uwsgi container.
enabled: true
httpGet:
path: /login?force_login_form&next=/
port: http-uwsgi
httpHeaders:
- name: Host
value: *host
failureThreshold: 6
initialDelaySeconds: 0
# initialDelaySeconds: ~
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
Expand Down
Loading