From 49871c45b123fc3c2450f58384d016be228a1a47 Mon Sep 17 00:00:00 2001 From: Manuel Raynaud Date: Fri, 13 Feb 2026 09:51:41 +0100 Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B(helm)=20reverse=20liveness=20and?= =?UTF-8?q?=20readiness=20for=20backend=20deployment?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The liveness and readiness are reversed. The liveness was using the heartbeat process that is cheking all django checks and the database connection. --- CHANGELOG.md | 1 + src/helm/impress/values.yaml | 66 +++++++++++++++++++++--------------- 2 files changed, 40 insertions(+), 27 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index af5474aa..9e371d78 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -24,6 +24,7 @@ and this project adheres to - 🐛(frontend) fix broadcast store sync #1846 - 🐛(helm) use celery resources instead of backend resources +- 🐛(helm) reverse liveness and readiness for backend deployment ## [v4.5.0] - 2026-01-28 diff --git a/src/helm/impress/values.yaml b/src/helm/impress/values.yaml index 5019ecff..f818c217 100644 --- a/src/helm/impress/values.yaml +++ b/src/helm/impress/values.yaml @@ -133,7 +133,6 @@ ingressCollaborationApi: annotations: nginx.ingress.kubernetes.io/upstream-hash-by: $arg_room - ## @param ingressAdmin.enabled whether to enable the Ingress or not ## @param ingressAdmin.className IngressClass to use for the Ingress ## @param ingressAdmin.host Host for the Ingress @@ -144,7 +143,7 @@ ingressAdmin: host: impress.example.com path: /admin ## @param ingressAdmin.hosts Additional host to configure for the Ingress - hosts: [ ] + hosts: [] # - chart-example.local ## @param ingressAdmin.tls.enabled Weather to enable TLS for the Ingress ## @param ingressAdmin.tls.secretName Secret name for TLS config @@ -166,7 +165,7 @@ ingressMedia: host: impress.example.com path: /media/(.*) ## @param ingressMedia.hosts Additional host to configure for the Ingress - hosts: [ ] + hosts: [] # - chart-example.local ## @param ingressMedia.tls.enabled Weather to enable TLS for the Ingress ## @param ingressMedia.tls.secretName Secret name for TLS config @@ -197,11 +196,9 @@ serviceMedia: port: 9000 annotations: {} - ## @section backend backend: - ## @param backend.command Override the backend container command command: [] @@ -231,7 +228,7 @@ backend: allowPrivilegeEscalation: false capabilities: drop: - - "ALL" + - "ALL" runAsNonRoot: true seccompProfile: type: RuntimeDefault @@ -336,10 +333,10 @@ backend: ## @param backend.probes.readiness.initialDelaySeconds [nullable] Configure timeout for backend readiness probe probes: liveness: - path: /__heartbeat__ + path: /__lbheartbeat__ initialDelaySeconds: 10 readiness: - path: /__lbheartbeat__ + path: /__heartbeat__ initialDelaySeconds: 10 ## @param backend.resources Resource requirements for the backend container @@ -381,7 +378,6 @@ backend: file_content: "" mount_path: /app/impress/configuration/theme - ## @param backend.celery.replicas Amount of celery replicas ## @param backend.celery.command Override the celery container command ## @param backend.celery.args Override the celery container args @@ -395,22 +391,40 @@ backend: celery: replicas: 1 command: [] - args: ["celery", "-A", "impress.celery_app", "worker", "-l", "INFO", "-n", "impress@%h"] + args: + [ + "celery", + "-A", + "impress.celery_app", + "worker", + "-l", + "INFO", + "-n", + "impress@%h", + ] resources: {} probes: liveness: exec: - command: ["/bin/sh", "-c", "celery -A impress.celery_app inspect ping -d impress@$HOSTNAME"] + command: + [ + "/bin/sh", + "-c", + "celery -A impress.celery_app inspect ping -d impress@$HOSTNAME", + ] initialDelaySeconds: 60 timeoutSeconds: 5 readiness: exec: - command: ["/bin/sh", "-c", "celery -A impress.celery_app inspect ping -d impress@$HOSTNAME"] + command: + [ + "/bin/sh", + "-c", + "celery -A impress.celery_app inspect ping -d impress@$HOSTNAME", + ] initialDelaySeconds: 15 timeoutSeconds: 5 - - ## @section frontend frontend: @@ -442,7 +456,7 @@ frontend: allowPrivilegeEscalation: false capabilities: drop: - - "ALL" + - "ALL" runAsNonRoot: true seccompProfile: type: RuntimeDefault @@ -522,7 +536,6 @@ frontend: ## @section posthog posthog: - ## @param posthog.ingress.enabled Enable or disable the ingress resource creation ## @param posthog.ingress.className Kubernetes ingress class name to use (e.g., nginx, traefik) ## @param posthog.ingress.host Primary hostname for the ingress resource @@ -537,12 +550,12 @@ posthog: className: null host: impress.example.com path: / - hosts: [ ] + hosts: [] tls: enabled: true - additional: [ ] + additional: [] - customBackends: [ ] + customBackends: [] annotations: {} ## @param posthog.ingressAssets.enabled Enable or disable the ingress resource creation @@ -559,14 +572,14 @@ posthog: className: null host: impress.example.com paths: - - /static - - /array - hosts: [ ] + - /static + - /array + hosts: [] tls: enabled: true - additional: [ ] + additional: [] - customBackends: [ ] + customBackends: [] annotations: {} ## @param posthog.service.type Service type (e.g. ExternalName, ClusterIP, LoadBalancer) @@ -589,7 +602,6 @@ posthog: port: 443 annotations: {} - ## @section yProvider yProvider: @@ -621,7 +633,7 @@ yProvider: allowPrivilegeEscalation: false capabilities: drop: - - "ALL" + - "ALL" runAsNonRoot: true seccompProfile: type: RuntimeDefault @@ -729,7 +741,7 @@ docSpec: allowPrivilegeEscalation: false capabilities: drop: - - "ALL" + - "ALL" runAsNonRoot: true seccompProfile: type: RuntimeDefault