From 26d388ed9ef7273585b735ac8918fa71a7be654f Mon Sep 17 00:00:00 2001 From: Davi Koscianski Vidal Date: Tue, 26 Nov 2024 11:05:50 +0100 Subject: [PATCH] Addresses PR comments --- charts/sonarqube-dce/templates/_helpers.tpl | 8 +- .../templates/sonarqube-search.yaml | 3 - .../sonarqube-dce/deprecation-values.yaml | 998 ++++++++++++++++++ .../sonarqube-dce/duplicated-env-values.yaml | 4 +- .../sonarqube-dce/deprecation-values.yaml | 12 + 5 files changed, 1014 insertions(+), 11 deletions(-) create mode 100644 tests/unit-compatibility-test/fixtures/sonarqube-dce/deprecation-values.yaml create mode 100644 tests/unit-compatibility-test/sonarqube-dce/deprecation-values.yaml diff --git a/charts/sonarqube-dce/templates/_helpers.tpl b/charts/sonarqube-dce/templates/_helpers.tpl index 4afefd14d..2a8598869 100644 --- a/charts/sonarqube-dce/templates/_helpers.tpl +++ b/charts/sonarqube-dce/templates/_helpers.tpl @@ -235,10 +235,8 @@ Parameters: */}} {{- define "sonarqube.log.jsonoutput" -}} {{- $node := (get .ctx.Values .node) }} - {{- $tempJsonOutput := "false" -}} - {{- if and .ctx.Values.logging (hasKey .ctx.Values.logging "jsonOutput" ) -}} - {{- $tempJsonOutput = (get .ctx.Values.logging "jsonOutput") | toString -}} - {{- else if and $node.sonarProperties (hasKey $node.sonarProperties "sonar.log.jsonOutput") -}} + {{- $tempJsonOutput := default "false" (get .ctx.Values.logging "jsonOutput") -}} + {{- if and $node.sonarProperties (hasKey $node.sonarProperties "sonar.log.jsonOutput") -}} {{- $tempJsonOutput = (get $node.sonarProperties "sonar.log.jsonOutput") -}} {{- else if $node.env -}} {{- range $index, $val := $node.env -}} @@ -255,7 +253,7 @@ Parameters: {{- end -}} {{- end -}} {{- end -}} - {{- printf "%s" $tempJsonOutput -}} + {{- printf "%s" ($tempJsonOutput | toString) -}} {{- end -}} {{/* diff --git a/charts/sonarqube-dce/templates/sonarqube-search.yaml b/charts/sonarqube-dce/templates/sonarqube-search.yaml index 0a3cef94b..74eff1dda 100644 --- a/charts/sonarqube-dce/templates/sonarqube-search.yaml +++ b/charts/sonarqube-dce/templates/sonarqube-search.yaml @@ -269,9 +269,6 @@ spec: key: SONAR_CLUSTER_ES_HTTP_SSL_KEYSTOREPASSWORD {{- end }} {{- end }} - {{- with .Values.searchNodes.env }} - {{- . | toYaml | trim | nindent 12 }} - {{- end }} {{- if or .Values.extraConfig.secrets .Values.extraConfig.configmaps }} envFrom: {{- range .Values.extraConfig.secrets }} diff --git a/tests/unit-compatibility-test/fixtures/sonarqube-dce/deprecation-values.yaml b/tests/unit-compatibility-test/fixtures/sonarqube-dce/deprecation-values.yaml new file mode 100644 index 000000000..ef7814592 --- /dev/null +++ b/tests/unit-compatibility-test/fixtures/sonarqube-dce/deprecation-values.yaml @@ -0,0 +1,998 @@ +--- +# Source: sonarqube-dce/templates/pod-disruption-budget.yaml +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: deprecation-values.yaml-sonarqube-dce-search + labels: + app: sonarqube-dce + chart: sonarqube-dce-10.8.0 + release: deprecation-values.yaml + heritage: Helm +spec: + minAvailable: 2 + + selector: + matchLabels: + sonarqube.datacenter/type: "search" +--- +# Source: sonarqube-dce/templates/pod-disruption-budget.yaml +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: deprecation-values.yaml-sonarqube-dce-app + labels: + app: sonarqube-dce + chart: sonarqube-dce-10.8.0 + release: deprecation-values.yaml + heritage: Helm +spec: + minAvailable: 1 + + selector: + matchLabels: + sonarqube.datacenter/type: "app" +--- +# Source: sonarqube-dce/charts/postgresql/templates/secrets.yaml +apiVersion: v1 +kind: Secret +metadata: + name: deprecation-values.yaml-postgresql + labels: + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-10.15.0 + app.kubernetes.io/instance: deprecation-values.yaml + app.kubernetes.io/managed-by: Helm + namespace: default +type: Opaque +data: + postgresql-postgres-password: "dG90bw==" + postgresql-password: "c29uYXJQYXNz" +--- +# Source: sonarqube-dce/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + name: deprecation-values.yaml-sonarqube-dce-monitoring-passcode + labels: + app: sonarqube-dce + chart: sonarqube-dce-10.8.0 + release: deprecation-values.yaml + heritage: Helm +type: Opaque +data: + SONAR_WEB_SYSTEMPASSCODE: "ZGVmaW5lX2l0" +--- +# Source: sonarqube-dce/templates/secret.yaml +--- +apiVersion: v1 +kind: Secret +metadata: + name: deprecation-values.yaml-sonarqube-dce-jwt + labels: + app: sonarqube-dce + chart: sonarqube-dce-10.8.0 + release: deprecation-values.yaml + heritage: Helm +type: Opaque +data: + SONAR_AUTH_JWTBASE64HS256SECRET: "" +--- +# Source: sonarqube-dce/templates/secret.yaml +--- +apiVersion: v1 +kind: Secret +metadata: + name: deprecation-values.yaml-sonarqube-dce-http-proxies + labels: + app: sonarqube-dce + chart: sonarqube-dce-10.8.0 + release: deprecation-values.yaml + heritage: Helm +type: Opaque +stringData: + PLUGINS-HTTP-PROXY: "" + PLUGINS-HTTPS-PROXY: "" + PLUGINS-NO-PROXY: "" + PROMETHEUS-EXPORTER-HTTP-PROXY: "" + PROMETHEUS-EXPORTER-HTTPS-PROXY: "" + PROMETHEUS-EXPORTER-NO-PROXY: "" +--- +# Source: sonarqube-dce/templates/config.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: deprecation-values.yaml-sonarqube-dce-app-config + labels: + app: sonarqube-dce + chart: sonarqube-dce-10.8.0 + release: deprecation-values.yaml + heritage: Helm +data: + sonar.properties: | +--- +# Source: sonarqube-dce/templates/config.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: deprecation-values.yaml-sonarqube-dce-search-config + labels: + app: sonarqube-dce + chart: sonarqube-dce-10.8.0 + release: deprecation-values.yaml + heritage: Helm +data: + sonar.properties: | +--- +# Source: sonarqube-dce/templates/init-fs.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: deprecation-values.yaml-sonarqube-dce-init-fs + labels: + app: sonarqube-dce + chart: sonarqube-dce-10.8.0 + release: deprecation-values.yaml + heritage: Helm +data: + init_fs.sh: |- + chown -R 1000:0 /opt/sonarqube/data + chown -R 1000:0 /opt/sonarqube/temp + chown -R 1000:0 /opt/sonarqube/logs +--- +# Source: sonarqube-dce/templates/init-sysctl.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: deprecation-values.yaml-sonarqube-dce-init-sysctl + labels: + app: sonarqube-dce + chart: sonarqube-dce-10.8.0 + release: deprecation-values.yaml + heritage: Helm +data: + init_sysctl.sh: |- + set -o errexit + set -o xtrace + vmMaxMapCount=524288 + if [[ "$(sysctl -n vm.max_map_count)" -lt $vmMaxMapCount ]]; then + sysctl -w vm.max_map_count=$vmMaxMapCount + if [[ "$(sysctl -n vm.max_map_count)" -lt $vmMaxMapCount ]]; then + echo "Failed to set initSysctl.vmMaxMapCount"; exit 1 + fi + fi + fsFileMax=131072 + if [[ "$(sysctl -n fs.file-max)" -lt $fsFileMax ]]; then + sysctl -w fs.file-max=$fsFileMax + if [[ "$(sysctl -n fs.file-max)" -lt $fsFileMax ]]; then + echo "Failed to set initSysctl.fsFileMax"; exit 1 + fi + fi + nofile=131072 + if [[ "$(ulimit -n)" != "unlimited" ]]; then + if [[ "$(ulimit -n)" -lt $nofile ]]; then + ulimit -n $nofile + if [[ "$(ulimit -n)" -lt $nofile ]]; then + echo "Failed to set initSysctl.nofile"; exit 1 + fi + fi + fi + nproc=8192 + if [[ "$(ulimit -u)" != "unlimited" ]]; then + if [[ "$(ulimit -u)" -lt $nproc ]]; then + ulimit -u $nproc + if [[ "$(ulimit -u)" -lt $nproc ]]; then + echo "Failed to set initSysctl.nproc"; exit 1 + fi + fi + fi +--- +# Source: sonarqube-dce/templates/install-plugins.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: deprecation-values.yaml-sonarqube-dce-install-plugins + labels: + app: sonarqube-dce + chart: sonarqube-dce-10.8.0 + release: deprecation-values.yaml + heritage: Helm +data: + install_plugins.sh: |- +--- +# Source: sonarqube-dce/templates/jdbc-config.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: deprecation-values.yaml-sonarqube-dce-jdbc-config + labels: + app: sonarqube-dce + chart: sonarqube-dce-10.8.0 + release: deprecation-values.yaml + heritage: Helm +data: + SONAR_JDBC_USERNAME: "sonarUser" + SONAR_JDBC_URL: "jdbc:postgresql://deprecation-values.yaml-postgresql:5432/sonarDB" +--- +# Source: sonarqube-dce/charts/postgresql/templates/svc-headless.yaml +apiVersion: v1 +kind: Service +metadata: + name: deprecation-values.yaml-postgresql-headless + labels: + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-10.15.0 + app.kubernetes.io/instance: deprecation-values.yaml + app.kubernetes.io/managed-by: Helm + # Use this annotation in addition to the actual publishNotReadyAddresses + # field below because the annotation will stop being respected soon but the + # field is broken in some versions of Kubernetes: + # https://github.com/kubernetes/kubernetes/issues/58662 + service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" + namespace: default +spec: + type: ClusterIP + clusterIP: None + # We want all pods in the StatefulSet to have their addresses published for + # the sake of the other Postgresql pods even before they're ready, since they + # have to be able to talk to each other in order to become ready. + publishNotReadyAddresses: true + ports: + - name: tcp-postgresql + port: 5432 + targetPort: tcp-postgresql + selector: + app.kubernetes.io/name: postgresql + app.kubernetes.io/instance: deprecation-values.yaml +--- +# Source: sonarqube-dce/charts/postgresql/templates/svc.yaml +apiVersion: v1 +kind: Service +metadata: + name: deprecation-values.yaml-postgresql + labels: + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-10.15.0 + app.kubernetes.io/instance: deprecation-values.yaml + app.kubernetes.io/managed-by: Helm + annotations: + namespace: default +spec: + type: ClusterIP + ports: + - name: tcp-postgresql + port: 5432 + targetPort: tcp-postgresql + selector: + app.kubernetes.io/name: postgresql + app.kubernetes.io/instance: deprecation-values.yaml + role: primary +--- +# Source: sonarqube-dce/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: deprecation-values.yaml-sonarqube-dce + labels: + app: sonarqube-dce + chart: sonarqube-dce-10.8.0 + release: deprecation-values.yaml + heritage: Helm + +spec: + type: ClusterIP + ports: + - port: 9000 + targetPort: http + protocol: TCP + name: http + selector: + app: sonarqube-dce + release: deprecation-values.yaml +--- +# Source: sonarqube-dce/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: deprecation-values.yaml-sonarqube-dce-headless + labels: + app: sonarqube-dce + chart: sonarqube-dce-10.8.0 + release: deprecation-values.yaml + heritage: Helm + +spec: + type: ClusterIP + clusterIP: None + publishNotReadyAddresses: true + ports: + - port: 9003 + targetPort: hazelcast + protocol: TCP + name: hazelcast + selector: + app: sonarqube-dce + release: deprecation-values.yaml +--- +# Source: sonarqube-dce/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: deprecation-values.yaml-sonarqube-dce-search + labels: + app: sonarqube-dce + chart: sonarqube-dce-10.8.0 + release: deprecation-values.yaml + heritage: Helm + +spec: + type: ClusterIP + ports: + - port: 9001 + targetPort: search-port + protocol: TCP + name: search + - port: 9002 + targetPort: es-port + protocol: TCP + name: es + selector: + app: sonarqube-dce-search + release: deprecation-values.yaml +--- +# Source: sonarqube-dce/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: deprecation-values.yaml-sonarqube-dce-search-headless + labels: + app: sonarqube-dce + chart: sonarqube-dce-10.8.0 + release: deprecation-values.yaml + heritage: Helm + +spec: + clusterIP: None + publishNotReadyAddresses: true + ports: + - port: 9001 + targetPort: search-port + protocol: TCP + name: search + - port: 9002 + targetPort: es-port + protocol: TCP + name: es + selector: + app: sonarqube-dce-search + release: deprecation-values.yaml +--- +# Source: sonarqube-dce/templates/sonarqube-application.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: deprecation-values.yaml-sonarqube-dce-app + labels: + app: sonarqube-dce + chart: sonarqube-dce-10.8.0 + release: deprecation-values.yaml + heritage: Helm + app.kubernetes.io/name: deprecation-values.yaml + sonarqube.datacenter/type: "app" + app.kubernetes.io/instance: deprecation-values.yaml + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: sonarqube + app.kubernetes.io/component: deprecation-values.yaml-sonarqube-dce + app.kubernetes.io/version: "10.7.0-datacenter-app" +spec: + replicas: 2 + revisionHistoryLimit: + strategy: + type: Recreate + selector: + matchLabels: + app: sonarqube-dce + release: deprecation-values.yaml + template: + metadata: + labels: + app: sonarqube-dce + release: deprecation-values.yaml + sonarqube.datacenter/type: "app" + annotations: + checksum/plugins: 9f05dcd009ed98aad06b922843d1dabdec76e91ca2dd3355eb37a6b72b74cfad + checksum/config: cacc71d81d660f658ae5a83be98c1e276fa87e8ddcf336fdab9f66bb832076f9 + checksum/secret: cb8f2d4325c11d29e0c6b7ac58304cec95a1fc70b6114b8b0ae2cfa216bfdee0 + spec: + automountServiceAccountToken: false + initContainers: + - name: "wait-for-db" + image: sonarqube:10.7.0-datacenter-app + imagePullPolicy: IfNotPresent + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + resources: + {} + command: ["/bin/bash", "-c"] + args: ['set -o pipefail;for i in {1..200};do (echo > /dev/tcp/deprecation-values.yaml-postgresql/5432) && exit 0; sleep 2;done; exit 1'] + securityContext: + fsGroup: 0 + containers: + - name: sonarqube-dce + image: sonarqube:10.7.0-datacenter-app + imagePullPolicy: IfNotPresent + ports: + - name: http + containerPort: 9000 + protocol: TCP + - name: hazelcast + containerPort: 9003 + protocol: TCP + resources: + limits: + cpu: 800m + ephemeral-storage: 512000M + memory: 4096M + requests: + cpu: 400m + ephemeral-storage: 1536M + memory: 4096M + env: + - name: SONAR_WEB_CONTEXT + value: / + - name: SONAR_WEB_JAVAOPTS + value: "" + - name: SONAR_CE_JAVAOPTS + value: "" + - name: SONAR_LOG_JSONOUTPUT + value: "true" + - name: SONAR_HELM_CHART_VERSION + value: 10.8.0 + - name: SONAR_CLUSTER_SEARCH_HOSTS + value: "deprecation-values.yaml-sonarqube-dce-search" + - name: SONAR_CLUSTER_KUBERNETES + value: "true" + - name: SONAR_CLUSTER_NODE_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: SONAR_CLUSTER_HOSTS + value: "deprecation-values.yaml-sonarqube-dce-headless" + - name: SONAR_AUTH_JWTBASE64HS256SECRET + valueFrom: + secretKeyRef: + name: "deprecation-values.yaml-sonarqube-dce-jwt" + key: SONAR_AUTH_JWTBASE64HS256SECRET + - name: SONAR_JDBC_PASSWORD + valueFrom: + secretKeyRef: + name: deprecation-values.yaml-postgresql + key: postgresql-password + - name: SONAR_WEB_SYSTEMPASSCODE + valueFrom: + secretKeyRef: + name: deprecation-values.yaml-sonarqube-dce-monitoring-passcode + key: SONAR_WEB_SYSTEMPASSCODE + envFrom: + - configMapRef: + name: deprecation-values.yaml-sonarqube-dce-jdbc-config + livenessProbe: + exec: + command: + - sh + - -c + - |- + host="$(hostname -i || echo '127.0.0.1')" + wget --no-proxy --quiet -O /dev/null --timeout=1 --header="X-Sonar-Passcode: $SONAR_WEB_SYSTEMPASSCODE" "http://${host}:9000/api/system/liveness" + failureThreshold: 6 + initialDelaySeconds: 0 + periodSeconds: 30 + timeoutSeconds: 1 + readinessProbe: + exec: + command: + - sh + - -c + - |- + #!/bin/bash + # A Sonarqube container is considered ready if the status is UP, DB_MIGRATION_NEEDED or DB_MIGRATION_RUNNING + # status about migration are added to prevent the node to be kill while sonarqube is upgrading the database. + host="$(hostname -i || echo '127.0.0.1')" + if wget --no-proxy -qO- http://${host}:9000/api/system/status | grep -q -e '"status":"UP"' -e '"status":"DB_MIGRATION_NEEDED"' -e '"status":"DB_MIGRATION_RUNNING"'; then + exit 0 + fi + exit 1 + failureThreshold: 8 + initialDelaySeconds: 0 + periodSeconds: 30 + timeoutSeconds: 1 + startupProbe: + httpGet: + scheme: HTTP + path: /api/system/status + port: http + initialDelaySeconds: 45 + periodSeconds: 10 + failureThreshold: 32 + timeoutSeconds: 1 + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /opt/sonarqube/data + name: sonarqube + subPath: data + - mountPath: /opt/sonarqube/temp + name: sonarqube + subPath: temp + - mountPath: /opt/sonarqube/logs + name: sonarqube + subPath: logs + - mountPath: /tmp + name: tmp-dir + serviceAccountName: default + volumes: + + - name: install-plugins + configMap: + name: deprecation-values.yaml-sonarqube-dce-install-plugins + items: + - key: install_plugins.sh + path: install_plugins.sh + - name: sonarqube + emptyDir: + {} + - name : tmp-dir + emptyDir: + {} +--- +# Source: sonarqube-dce/charts/postgresql/templates/statefulset.yaml +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: deprecation-values.yaml-postgresql + labels: + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-10.15.0 + app.kubernetes.io/instance: deprecation-values.yaml + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: primary + annotations: + namespace: default +spec: + serviceName: deprecation-values.yaml-postgresql-headless + replicas: 1 + updateStrategy: + type: RollingUpdate + selector: + matchLabels: + app.kubernetes.io/name: postgresql + app.kubernetes.io/instance: deprecation-values.yaml + role: primary + template: + metadata: + name: deprecation-values.yaml-postgresql + labels: + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-10.15.0 + app.kubernetes.io/instance: deprecation-values.yaml + app.kubernetes.io/managed-by: Helm + role: primary + app.kubernetes.io/component: primary + spec: + affinity: + podAffinity: + + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: postgresql + app.kubernetes.io/instance: deprecation-values.yaml + app.kubernetes.io/component: primary + namespaces: + - "default" + topologyKey: kubernetes.io/hostname + weight: 1 + nodeAffinity: + + securityContext: + fsGroup: 1001 + automountServiceAccountToken: false + containers: + - name: deprecation-values.yaml-postgresql + image: docker.io/bitnami/postgresql:11.14.0-debian-10-r22 + imagePullPolicy: "IfNotPresent" + resources: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 100m + memory: 200Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsNonRoot: true + runAsUser: 1001 + seccompProfile: + type: RuntimeDefault + env: + - name: BITNAMI_DEBUG + value: "false" + - name: POSTGRESQL_PORT_NUMBER + value: "5432" + - name: POSTGRESQL_VOLUME_DIR + value: "/bitnami/postgresql" + - name: PGDATA + value: "/bitnami/postgresql/data" + - name: POSTGRES_POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: deprecation-values.yaml-postgresql + key: postgresql-postgres-password + - name: POSTGRES_USER + value: "sonarUser" + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: deprecation-values.yaml-postgresql + key: postgresql-password + - name: POSTGRES_DB + value: "sonarDB" + - name: POSTGRESQL_ENABLE_LDAP + value: "no" + - name: POSTGRESQL_ENABLE_TLS + value: "no" + - name: POSTGRESQL_LOG_HOSTNAME + value: "false" + - name: POSTGRESQL_LOG_CONNECTIONS + value: "false" + - name: POSTGRESQL_LOG_DISCONNECTIONS + value: "false" + - name: POSTGRESQL_PGAUDIT_LOG_CATALOG + value: "off" + - name: POSTGRESQL_CLIENT_MIN_MESSAGES + value: "error" + - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES + value: "pgaudit" + ports: + - name: tcp-postgresql + containerPort: 5432 + livenessProbe: + exec: + command: + - /bin/sh + - -c + - exec pg_isready -U "sonarUser" -d "dbname=sonarDB" -h 127.0.0.1 -p 5432 + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 6 + readinessProbe: + exec: + command: + - /bin/sh + - -c + - -e + - | + exec pg_isready -U "sonarUser" -d "dbname=sonarDB" -h 127.0.0.1 -p 5432 + [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 6 + volumeMounts: + - name: dshm + mountPath: /dev/shm + - name: data + mountPath: /bitnami/postgresql + subPath: + volumes: + - name: dshm + emptyDir: + medium: Memory + volumeClaimTemplates: + - metadata: + name: data + spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "20Gi" +--- +# Source: sonarqube-dce/templates/sonarqube-search.yaml +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: deprecation-values.yaml-sonarqube-dce-search + labels: + app: sonarqube-dce + chart: sonarqube-dce-10.8.0 + release: deprecation-values.yaml + heritage: Helm + app.kubernetes.io/name: "deprecation-values.yaml" + sonarqube.datacenter/type: "search" + app.kubernetes.io/instance: deprecation-values.yaml + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: sonarqube + app.kubernetes.io/component: deprecation-values.yaml-sonarqube-dce + app.kubernetes.io/version: "10.7.0-datacenter-search" +spec: + podManagementPolicy : Parallel + replicas: 3 + serviceName: deprecation-values.yaml-sonarqube-dce-search + selector: + matchLabels: + app: sonarqube-dce-search + release: deprecation-values.yaml + volumeClaimTemplates: + - metadata: + name: deprecation-values.yaml-sonarqube-dce + labels: + release: deprecation-values.yaml + chart: "sonarqube-dce" + app: "deprecation-values.yaml-sonarqube-dce" + spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "5Gi" + template: + metadata: + labels: + app: sonarqube-dce-search + release: deprecation-values.yaml + sonarqube.datacenter/type: "search" + annotations: + checksum/init-sysctl: a01476e26098910ccefab12ca329c574d3372d28a896d0dc9238145ae0b9dfd6 + checksum/init-fs: 46adae77e4daf0144d4f37e831074089257a20b30cb3234fe9238d6147aa8948 + checksum/config: cacc71d81d660f658ae5a83be98c1e276fa87e8ddcf336fdab9f66bb832076f9 + checksum/secret: cb8f2d4325c11d29e0c6b7ac58304cec95a1fc70b6114b8b0ae2cfa216bfdee0 + spec: + automountServiceAccountToken: false + initContainers: + - name: init-sysctl + image: sonarqube:10.7.0-datacenter-app + imagePullPolicy: IfNotPresent + securityContext: + privileged: true + readOnlyRootFilesystem: true + runAsUser: 0 + resources: + {} + command: ["/bin/bash", + "-e", + "/tmp/scripts/init_sysctl.sh"] + volumeMounts: + - name: init-sysctl + mountPath: /tmp/scripts/ + - name: init-fs + image: sonarqube:10.7.0-datacenter-app + imagePullPolicy: IfNotPresent + securityContext: + capabilities: + add: + - CHOWN + drop: + - ALL + privileged: false + readOnlyRootFilesystem: true + runAsGroup: 0 + runAsNonRoot: false + runAsUser: 0 + seccompProfile: + type: RuntimeDefault + resources: + {} + command: ["sh", + "-ex", + "/tmp/scripts/init_fs.sh"] + volumeMounts: + - name: init-fs + mountPath: /tmp/scripts/ + - mountPath: /opt/sonarqube/certs + name: "deprecation-values.yaml-sonarqube-dce" + subPath: certs + - mountPath: /opt/sonarqube/data + name: "deprecation-values.yaml-sonarqube-dce" + subPath: data + - mountPath: /opt/sonarqube/temp + name: "deprecation-values.yaml-sonarqube-dce" + subPath: temp + - mountPath: /opt/sonarqube/logs + name: "deprecation-values.yaml-sonarqube-dce" + subPath: logs + - mountPath: /tmp + name: tmp-dir + securityContext: + fsGroup: 0 + containers: + - name: sonarqube-dce-search + image: "sonarqube:10.7.0-datacenter-search" + imagePullPolicy: IfNotPresent + ports: + - name: search-port + containerPort: 9001 + protocol: TCP + - name: es-port + containerPort: 9002 + protocol: TCP + resources: + limits: + cpu: 800m + ephemeral-storage: 512000M + memory: 3072M + requests: + cpu: 400m + ephemeral-storage: 1536M + memory: 3072M + env: + - name: SONAR_LOG_JSONOUTPUT + value: "true" + - name: SONAR_CLUSTER_ES_HOSTS + value: "deprecation-values.yaml-sonarqube-dce-search-0,deprecation-values.yaml-sonarqube-dce-search-1,deprecation-values.yaml-sonarqube-dce-search-2," + - name: SONAR_CLUSTER_ES_DISCOVERY_SEED_HOSTS + value: "deprecation-values.yaml-sonarqube-dce-search-headless" + - name: SONAR_CLUSTER_NODE_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + livenessProbe: + exec: + command: + - sh + - -c + - | + #!/bin/bash + # A Sonarqube search node container is considered live if http call returns 200 + host="$(hostname -i || echo '127.0.0.1')" + if wget --auth-no-challenge --no-proxy -qO- "http://${host}:9001/_cluster/health?local=true" | grep -q -e '"status":"green"' -e '"status":"yellow"'; then + exit 0 + fi + exit 1 + initialDelaySeconds: 0 + periodSeconds: 30 + failureThreshold: 6 + timeoutSeconds: 1 + readinessProbe: + exec: + command: + - sh + - -c + - | + #!/bin/bash + # A Sonarqube search node container is considered ready if the status of embedded ES is green or yellow + host="$(hostname -i || echo '127.0.0.1')" + if wget --auth-no-challenge --no-proxy -qO- "http://${host}:9001/_cluster/health?wait_for_status=yellow&timeout=50s" | grep -q -e '"status":"green"' -e '"status":"yellow"'; then + exit 0 + fi + exit 1 + initialDelaySeconds: 0 + periodSeconds: 30 + failureThreshold: 6 + timeoutSeconds: 1 + startupProbe: + exec: + command: + - sh + - -c + - | + #!/bin/bash + # A Sonarqube search node container is considered started if http call returns 200 + host="$(hostname -i || echo '127.0.0.1')" + if wget --auth-no-challenge --no-proxy -qO- "http://${host}:9001/_cluster/health?local=true" | grep -q -e '"status":"green"' -e '"status":"yellow"'; then + exit 0 + fi + exit 1 + initialDelaySeconds: 20 + periodSeconds: 10 + failureThreshold: 24 + timeoutSeconds: 1 + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /opt/sonarqube/certs + name: "deprecation-values.yaml-sonarqube-dce" + subPath: certs + readOnly: true + - mountPath: /opt/sonarqube/data + name: "deprecation-values.yaml-sonarqube-dce" + subPath: data + - mountPath: /opt/sonarqube/temp + name: "deprecation-values.yaml-sonarqube-dce" + subPath: temp + - mountPath: /opt/sonarqube/logs + name: "deprecation-values.yaml-sonarqube-dce" + subPath: logs + - mountPath: /tmp + name: tmp-dir + serviceAccountName: default + volumes: + + - name: init-sysctl + configMap: + name: deprecation-values.yaml-sonarqube-dce-init-sysctl + items: + - key: init_sysctl.sh + path: init_sysctl.sh + - name: init-fs + configMap: + name: deprecation-values.yaml-sonarqube-dce-init-fs + items: + - key: init_fs.sh + path: init_fs.sh + - name: "deprecation-values.yaml-sonarqube-dce" + - name : tmp-dir + emptyDir: + {} +--- +# Source: sonarqube-dce/templates/tests/sonarqube-test.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "deprecation-values.yaml-ui-test" + annotations: + "helm.sh/hook": test-success + labels: + app: sonarqube-dce + chart: sonarqube-dce-10.8.0 + release: deprecation-values.yaml + heritage: Helm +spec: + automountServiceAccountToken: false + containers: + - name: deprecation-values.yaml-ui-test + image: "sonarqube:10.7.0-datacenter-app" + imagePullPolicy: IfNotPresent + command: ['wget'] + args: [ + '--retry-connrefused', + '--waitretry=1', + '--timeout=5', + '-t', + '1200', + '-qO-', + 'deprecation-values.yaml-sonarqube-dce:9000/api/system/status' + ] + resources: + limits: + cpu: 500m + ephemeral-storage: 1000M + memory: 200M + requests: + cpu: 500m + ephemeral-storage: 100M + memory: 200M + restartPolicy: Never diff --git a/tests/unit-compatibility-test/fixtures/sonarqube-dce/duplicated-env-values.yaml b/tests/unit-compatibility-test/fixtures/sonarqube-dce/duplicated-env-values.yaml index f3d728266..61fe97503 100644 --- a/tests/unit-compatibility-test/fixtures/sonarqube-dce/duplicated-env-values.yaml +++ b/tests/unit-compatibility-test/fixtures/sonarqube-dce/duplicated-env-values.yaml @@ -857,7 +857,7 @@ spec: memory: 3072M env: - name: SONAR_LOG_JSONOUTPUT - value: "false" + value: "true" - name: SONAR_CLUSTER_ES_HOSTS value: "duplicated-env-values.yaml-sonarqube-dce-search-0,duplicated-env-values.yaml-sonarqube-dce-search-1,duplicated-env-values.yaml-sonarqube-dce-search-2," - name: SONAR_CLUSTER_ES_DISCOVERY_SEED_HOSTS @@ -866,8 +866,6 @@ spec: valueFrom: fieldRef: fieldPath: metadata.name - - name: SONAR_LOG_JSONOUTPUT - value: "true" livenessProbe: exec: command: diff --git a/tests/unit-compatibility-test/sonarqube-dce/deprecation-values.yaml b/tests/unit-compatibility-test/sonarqube-dce/deprecation-values.yaml new file mode 100644 index 000000000..ebe21809e --- /dev/null +++ b/tests/unit-compatibility-test/sonarqube-dce/deprecation-values.yaml @@ -0,0 +1,12 @@ +ApplicationNodes: + env: + - name: SONAR_LOG_JSONOUTPUT + value: true + +searchNodes: + env: + - name: SONAR_LOG_JSONOUTPUT + value: true + +logging: + jsonOutput: false