✨(helm) allow to load custom theme file in a configMap
In order to load a custom theme file with our helm chart, we allow to load the content of a file into a config map and then use this configmap as a volume in the backend deployment
This commit is contained in:
Manuel Raynaud
@@ -87,10 +87,6 @@ RUN wget https://svn.apache.org/repos/asf/httpd/httpd/trunk/docs/conf/mime.types
|
||||
# Copy entrypoint
|
||||
COPY ./docker/files/usr/local/bin/entrypoint /usr/local/bin/entrypoint
|
||||
|
||||
# Copy configuration
|
||||
VOLUME [ "/configuration" ]
|
||||
COPY ./configuration /configuration
|
||||
|
||||
# Give the "root" group the same permissions as the "root" user on /etc/passwd
|
||||
# to allow a user belonging to the root group to add new users; typically the
|
||||
# docker user (see entrypoint).
|
||||
|
||||
@@ -87,6 +87,10 @@ backend:
|
||||
python manage.py createsuperuser --email admin@example.com --password admin
|
||||
restartPolicy: Never
|
||||
|
||||
themeCustomization:
|
||||
enabled: true
|
||||
file_content: {{ readFile "./configuration/theme/demo.json" }}
|
||||
|
||||
# Extra volume mounts to manage our local custom CA and avoid to set ssl_verify: false
|
||||
extraVolumeMounts:
|
||||
- name: certs
|
||||
@@ -101,7 +105,6 @@ backend:
|
||||
items:
|
||||
- key: cacert.pem
|
||||
path: cacert.pem
|
||||
|
||||
frontend:
|
||||
envVars:
|
||||
PORT: 8080
|
||||
|
||||
@@ -4,78 +4,78 @@
|
||||
|
||||
### General configuration
|
||||
|
||||
| Name | Description | Value |
|
||||
| -------------------------------------------------------------------------------------- | ---------------------------------------------------- | -------------------------------------------------------------------- |
|
||||
| `image.repository` | Repository to use to pull impress's container image | `lasuite/impress-backend` |
|
||||
| `image.tag` | impress's container tag | `latest` |
|
||||
| `image.pullPolicy` | Container image pull policy | `IfNotPresent` |
|
||||
| `image.credentials.username` | Username for container registry authentication | |
|
||||
| `image.credentials.password` | Password for container registry authentication | |
|
||||
| `image.credentials.registry` | Registry url for which the credentials are specified | |
|
||||
| `image.credentials.name` | Name of the generated secret for imagePullSecrets | |
|
||||
| `nameOverride` | Override the chart name | `""` |
|
||||
| `fullnameOverride` | Override the full application name | `""` |
|
||||
| `ingress.enabled` | whether to enable the Ingress or not | `false` |
|
||||
| `ingress.className` | IngressClass to use for the Ingress | `nil` |
|
||||
| `ingress.host` | Host for the Ingress | `impress.example.com` |
|
||||
| `ingress.path` | Path to use for the Ingress | `/` |
|
||||
| `ingress.hosts` | Additional host to configure for the Ingress | `[]` |
|
||||
| `ingress.tls.enabled` | Weather to enable TLS for the Ingress | `true` |
|
||||
| `ingress.tls.secretName` | Secret name for TLS config | `nil` |
|
||||
| `ingress.tls.additional[].secretName` | Secret name for additional TLS config | |
|
||||
| `ingress.tls.additional[].hosts[]` | Hosts for additional TLS config | |
|
||||
| `ingress.customBackends` | Add custom backends to ingress | `[]` |
|
||||
| `ingressCollaborationWS.enabled` | whether to enable the Ingress or not | `false` |
|
||||
| `ingressCollaborationWS.className` | IngressClass to use for the Ingress | `nil` |
|
||||
| `ingressCollaborationWS.host` | Host for the Ingress | `impress.example.com` |
|
||||
| `ingressCollaborationWS.path` | Path to use for the Ingress | `/collaboration/ws/` |
|
||||
| `ingressCollaborationWS.hosts` | Additional host to configure for the Ingress | `[]` |
|
||||
| `ingressCollaborationWS.tls.enabled` | Weather to enable TLS for the Ingress | `true` |
|
||||
| `ingressCollaborationWS.tls.secretName` | Secret name for TLS config | `nil` |
|
||||
| `ingressCollaborationWS.tls.additional[].secretName` | Secret name for additional TLS config | |
|
||||
| `ingressCollaborationWS.tls.additional[].hosts[]` | Hosts for additional TLS config | |
|
||||
| `ingressCollaborationWS.customBackends` | Add custom backends to ingress | `[]` |
|
||||
| `ingressCollaborationWS.annotations.nginx.ingress.kubernetes.io/auth-response-headers` | | `Authorization, X-Can-Edit, X-User-Id` |
|
||||
| `ingressCollaborationWS.annotations.nginx.ingress.kubernetes.io/auth-url` | | `https://impress.example.com/api/v1.0/documents/collaboration-auth/` |
|
||||
| `ingressCollaborationWS.annotations.nginx.ingress.kubernetes.io/enable-websocket` | | `true` |
|
||||
| `ingressCollaborationWS.annotations.nginx.ingress.kubernetes.io/proxy-read-timeout` | | `86400` |
|
||||
| `ingressCollaborationWS.annotations.nginx.ingress.kubernetes.io/proxy-send-timeout` | | `86400` |
|
||||
| `ingressCollaborationWS.annotations.nginx.ingress.kubernetes.io/upstream-hash-by` | | `$arg_room` |
|
||||
| `ingressCollaborationApi.enabled` | whether to enable the Ingress or not | `false` |
|
||||
| `ingressCollaborationApi.className` | IngressClass to use for the Ingress | `nil` |
|
||||
| `ingressCollaborationApi.host` | Host for the Ingress | `impress.example.com` |
|
||||
| `ingressCollaborationApi.path` | Path to use for the Ingress | `/collaboration/api/` |
|
||||
| `ingressCollaborationApi.hosts` | Additional host to configure for the Ingress | `[]` |
|
||||
| `ingressCollaborationApi.tls.enabled` | Weather to enable TLS for the Ingress | `true` |
|
||||
| `ingressCollaborationApi.tls.secretName` | Secret name for TLS config | `nil` |
|
||||
| `ingressCollaborationApi.tls.additional[].secretName` | Secret name for additional TLS config | |
|
||||
| `ingressCollaborationApi.tls.additional[].hosts[]` | Hosts for additional TLS config | |
|
||||
| `ingressCollaborationApi.customBackends` | Add custom backends to ingress | `[]` |
|
||||
| `ingressCollaborationApi.annotations.nginx.ingress.kubernetes.io/upstream-hash-by` | | `$arg_room` |
|
||||
| `ingressAdmin.enabled` | whether to enable the Ingress or not | `false` |
|
||||
| `ingressAdmin.className` | IngressClass to use for the Ingress | `nil` |
|
||||
| `ingressAdmin.host` | Host for the Ingress | `impress.example.com` |
|
||||
| `ingressAdmin.path` | Path to use for the Ingress | `/admin` |
|
||||
| `ingressAdmin.hosts` | Additional host to configure for the Ingress | `[]` |
|
||||
| `ingressAdmin.tls.enabled` | Weather to enable TLS for the Ingress | `true` |
|
||||
| `ingressAdmin.tls.secretName` | Secret name for TLS config | `nil` |
|
||||
| `ingressAdmin.tls.additional[].secretName` | Secret name for additional TLS config | |
|
||||
| `ingressAdmin.tls.additional[].hosts[]` | Hosts for additional TLS config | |
|
||||
| `ingressMedia.enabled` | whether to enable the Ingress or not | `false` |
|
||||
| `ingressMedia.className` | IngressClass to use for the Ingress | `nil` |
|
||||
| `ingressMedia.host` | Host for the Ingress | `impress.example.com` |
|
||||
| `ingressMedia.path` | Path to use for the Ingress | `/media/(.*)` |
|
||||
| `ingressMedia.hosts` | Additional host to configure for the Ingress | `[]` |
|
||||
| `ingressMedia.tls.enabled` | Weather to enable TLS for the Ingress | `true` |
|
||||
| `ingressMedia.tls.secretName` | Secret name for TLS config | `nil` |
|
||||
| `ingressMedia.tls.additional[].secretName` | Secret name for additional TLS config | |
|
||||
| `ingressMedia.tls.additional[].hosts[]` | Hosts for additional TLS config | |
|
||||
| `ingressMedia.annotations.nginx.ingress.kubernetes.io/auth-url` | | `https://impress.example.com/api/v1.0/documents/media-auth/` |
|
||||
| `ingressMedia.annotations.nginx.ingress.kubernetes.io/auth-response-headers` | | `Authorization, X-Amz-Date, X-Amz-Content-SHA256` |
|
||||
| `ingressMedia.annotations.nginx.ingress.kubernetes.io/upstream-vhost` | | `minio.impress.svc.cluster.local:9000` |
|
||||
| `serviceMedia.host` | | `minio.impress.svc.cluster.local` |
|
||||
| `serviceMedia.port` | | `9000` |
|
||||
| `serviceMedia.annotations` | | `{}` |
|
||||
| Name | Description | Value |
|
||||
| ----------------------------------------------------------------------------------- | ---------------------------------------------------- | ------------------------------------------------------------------ |
|
||||
| `image.repository` | Repository to use to pull impress's container image | `lasuite/impress-backend` |
|
||||
| `image.tag` | impress's container tag | `latest` |
|
||||
| `image.pullPolicy` | Container image pull policy | `IfNotPresent` |
|
||||
| `image.credentials.username` | Username for container registry authentication | |
|
||||
| `image.credentials.password` | Password for container registry authentication | |
|
||||
| `image.credentials.registry` | Registry url for which the credentials are specified | |
|
||||
| `image.credentials.name` | Name of the generated secret for imagePullSecrets | |
|
||||
| `nameOverride` | Override the chart name | `""` |
|
||||
| `fullnameOverride` | Override the full application name | `""` |
|
||||
| `ingress.enabled` | whether to enable the Ingress or not | `false` |
|
||||
| `ingress.className` | IngressClass to use for the Ingress | `nil` |
|
||||
| `ingress.host` | Host for the Ingress | `impress.example.com` |
|
||||
| `ingress.path` | Path to use for the Ingress | `/` |
|
||||
| `ingress.hosts` | Additional host to configure for the Ingress | `[]` |
|
||||
| `ingress.tls.enabled` | Weather to enable TLS for the Ingress | `true` |
|
||||
| `ingress.tls.secretName` | Secret name for TLS config | `nil` |
|
||||
| `ingress.tls.additional[].secretName` | Secret name for additional TLS config | |
|
||||
| `ingress.tls.additional[].hosts[]` | Hosts for additional TLS config | |
|
||||
| `ingress.customBackends` | Add custom backends to ingress | `[]` |
|
||||
| `ingressCollaborationWS.enabled` | whether to enable the Ingress or not | `false` |
|
||||
| `ingressCollaborationWS.className` | IngressClass to use for the Ingress | `nil` |
|
||||
| `ingressCollaborationWS.host` | Host for the Ingress | `impress.example.com` |
|
||||
| `ingressCollaborationWS.path` | Path to use for the Ingress | `/collaboration/ws/` |
|
||||
| `ingressCollaborationWS.hosts` | Additional host to configure for the Ingress | `[]` |
|
||||
| `ingressCollaborationWS.tls.enabled` | Weather to enable TLS for the Ingress | `true` |
|
||||
| `ingressCollaborationWS.tls.secretName` | Secret name for TLS config | `nil` |
|
||||
| `ingressCollaborationWS.tls.additional[].secretName` | Secret name for additional TLS config | |
|
||||
| `ingressCollaborationWS.tls.additional[].hosts[]` | Hosts for additional TLS config | |
|
||||
| `ingressCollaborationWS.customBackends` | Add custom backends to ingress | `[]` |
|
||||
| `ingressCollaborationWS.annotations.nginx.ingress.kubernetes.io/enable-websocket` | | `true` |
|
||||
| `ingressCollaborationWS.annotations.nginx.ingress.kubernetes.io/proxy-read-timeout` | | `86400` |
|
||||
| `ingressCollaborationWS.annotations.nginx.ingress.kubernetes.io/proxy-send-timeout` | | `86400` |
|
||||
| `ingressCollaborationWS.annotations.nginx.ingress.kubernetes.io/upstream-hash-by` | | `$arg_room` |
|
||||
| `ingressCollaborationApi.enabled` | whether to enable the Ingress or not | `false` |
|
||||
| `ingressCollaborationApi.className` | IngressClass to use for the Ingress | `nil` |
|
||||
| `ingressCollaborationApi.host` | Host for the Ingress | `impress.example.com` |
|
||||
| `ingressCollaborationApi.path` | Path to use for the Ingress | `/collaboration/api/` |
|
||||
| `ingressCollaborationApi.hosts` | Additional host to configure for the Ingress | `[]` |
|
||||
| `ingressCollaborationApi.tls.enabled` | Weather to enable TLS for the Ingress | `true` |
|
||||
| `ingressCollaborationApi.tls.secretName` | Secret name for TLS config | `nil` |
|
||||
| `ingressCollaborationApi.tls.additional[].secretName` | Secret name for additional TLS config | |
|
||||
| `ingressCollaborationApi.tls.additional[].hosts[]` | Hosts for additional TLS config | |
|
||||
| `ingressCollaborationApi.customBackends` | Add custom backends to ingress | `[]` |
|
||||
| `ingressCollaborationApi.annotations.nginx.ingress.kubernetes.io/upstream-hash-by` | | `$arg_room` |
|
||||
| `ingressAdmin.enabled` | whether to enable the Ingress or not | `false` |
|
||||
| `ingressAdmin.className` | IngressClass to use for the Ingress | `nil` |
|
||||
| `ingressAdmin.host` | Host for the Ingress | `impress.example.com` |
|
||||
| `ingressAdmin.path` | Path to use for the Ingress | `/admin` |
|
||||
| `ingressAdmin.hosts` | Additional host to configure for the Ingress | `[]` |
|
||||
| `ingressAdmin.tls.enabled` | Weather to enable TLS for the Ingress | `true` |
|
||||
| `ingressAdmin.tls.secretName` | Secret name for TLS config | `nil` |
|
||||
| `ingressAdmin.tls.additional[].secretName` | Secret name for additional TLS config | |
|
||||
| `ingressAdmin.tls.additional[].hosts[]` | Hosts for additional TLS config | |
|
||||
| `ingressMedia.enabled` | whether to enable the Ingress or not | `false` |
|
||||
| `ingressMedia.className` | IngressClass to use for the Ingress | `nil` |
|
||||
| `ingressMedia.host` | Host for the Ingress | `impress.example.com` |
|
||||
| `ingressMedia.path` | Path to use for the Ingress | `/media/(.*)` |
|
||||
| `ingressMedia.hosts` | Additional host to configure for the Ingress | `[]` |
|
||||
| `ingressMedia.tls.enabled` | Weather to enable TLS for the Ingress | `true` |
|
||||
| `ingressMedia.tls.secretName` | Secret name for TLS config | `nil` |
|
||||
| `ingressMedia.tls.additional[].secretName` | Secret name for additional TLS config | |
|
||||
| `ingressMedia.tls.additional[].hosts[]` | Hosts for additional TLS config | |
|
||||
| `ingressMedia.annotations.nginx.ingress.kubernetes.io/auth-url` | | `https://impress.example.com/api/v1.0/documents/media-auth/` |
|
||||
| `ingressMedia.annotations.nginx.ingress.kubernetes.io/auth-response-headers` | | `Authorization, X-Amz-Date, X-Amz-Content-SHA256` |
|
||||
| `ingressMedia.annotations.nginx.ingress.kubernetes.io/upstream-vhost` | | `minio.impress.svc.cluster.local:9000` |
|
||||
| `ingressMedia.annotations.nginx.ingress.kubernetes.io/configuration-snippet` | | `add_header Content-Security-Policy "default-src 'none'" always;
|
||||
` |
|
||||
| `serviceMedia.host` | | `minio.impress.svc.cluster.local` |
|
||||
| `serviceMedia.port` | | `9000` |
|
||||
| `serviceMedia.annotations` | | `{}` |
|
||||
|
||||
### backend
|
||||
|
||||
@@ -132,6 +132,8 @@
|
||||
| `backend.extraVolumeMounts` | Additional volumes to mount on the backend. | `[]` |
|
||||
| `backend.extraVolumes` | Additional volumes to mount on the backend. | `[]` |
|
||||
| `backend.pdb.enabled` | Enable pdb on backend | `true` |
|
||||
| `backend.themeCustomization.enabled` | Enable theme customization | `false` |
|
||||
| `backend.themeCustomization.file_content` | Content of the theme customization file. Must be a json object. | `""` |
|
||||
|
||||
### frontend
|
||||
|
||||
|
||||
@@ -90,6 +90,11 @@ spec:
|
||||
subPath: {{ .subPath | default "" }}
|
||||
readOnly: {{ .readOnly }}
|
||||
{{- end }}
|
||||
{{- if .Values.backend.themeCustomization.enabled }}
|
||||
- name: theme-customization
|
||||
mountPath: {{ .Values.backend.themeCustomization.mount_path }}
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- with .Values.backend.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
@@ -117,6 +122,11 @@ spec:
|
||||
claimName: "{{ $fullName }}-{{ $name }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.backend.themeCustomization.enabled }}
|
||||
- name: theme-customization
|
||||
configMap:
|
||||
name: docs-theme-customization
|
||||
{{- end }}
|
||||
{{- range .Values.backend.extraVolumes }}
|
||||
- name: {{ .name }}
|
||||
{{- if .existingClaim }}
|
||||
|
||||
10
src/helm/impress/templates/theme_customization_file_cm.yaml
Normal file
10
src/helm/impress/templates/theme_customization_file_cm.yaml
Normal file
@@ -0,0 +1,10 @@
|
||||
{{- if .Values.backend.themeCustomization.enabled }}
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: docs-theme-customization
|
||||
namespace: {{ .Release.Namespace }}
|
||||
data:
|
||||
default.json: |
|
||||
{{ .Values.backend.themeCustomization.file_content | toJson | indent 4 }}
|
||||
{{- end }}
|
||||
@@ -162,6 +162,7 @@ ingressMedia:
|
||||
## @param ingressMedia.annotations.nginx.ingress.kubernetes.io/auth-url
|
||||
## @param ingressMedia.annotations.nginx.ingress.kubernetes.io/auth-response-headers
|
||||
## @param ingressMedia.annotations.nginx.ingress.kubernetes.io/upstream-vhost
|
||||
## @param ingressMedia.annotations.nginx.ingress.kubernetes.io/configuration-snippet
|
||||
annotations:
|
||||
nginx.ingress.kubernetes.io/auth-url: https://impress.example.com/api/v1.0/documents/media-auth/
|
||||
nginx.ingress.kubernetes.io/auth-response-headers: "Authorization, X-Amz-Date, X-Amz-Content-SHA256"
|
||||
@@ -310,6 +311,16 @@ backend:
|
||||
pdb:
|
||||
enabled: true
|
||||
|
||||
## @param backend.themeCustomization.enabled Enable theme customization
|
||||
## @param backend.themeCustomization.file_content Content of the theme customization file. Must be a json object.
|
||||
## @param backend.themeCustomization.mount_path Path where the customization file will be mounted in the backend deployment.
|
||||
themeCustomization:
|
||||
enabled: false
|
||||
file_content: ""
|
||||
mount_path: /app/configuration/theme/
|
||||
|
||||
|
||||
|
||||
## @section frontend
|
||||
|
||||
frontend:
|
||||
|
||||
Reference in New Issue
Block a user