Skip to content

Commit

Permalink
SONAR 23712 deprecate unused parameters in dce charts
Browse files Browse the repository at this point in the history
  • Loading branch information
@jCOTINEAU
jCOTINEAU authored Nov 22, 2024
1 parent 3e07665 commit 7c453fb
Show file tree
Hide file tree
Showing 6 changed files with 52 additions and 30 deletions.
1 change: 1 addition & 0 deletions charts/sonarqube-dce/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ All changes to this chart will be documented in this file.
* Make the `automountServiceAccountToken` configurable with `serviceAccount.automountToken` in PodSpec
* Deprecate `ApplicationNodes` in favor of `applicationNodes`, fixing naming convention typo
* Replace helm top level '$' by '.' when not necessary
* Deprecate `elasticsearch.bootstrapchecks`, `sonarqubeFolder`, `jdbcOverwrite.jdbcPassword` and `terminationGracePeriodSeconds`

## [10.7.0]
* Update Chart's version to 10.7.0
Expand Down
2 changes: 2 additions & 0 deletions charts/sonarqube-dce/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,8 @@ annotations:
description: "Deprecate `ApplicationNodes` in favor of `applicationNodes`, fixing naming convention typo"
- kind: changed
description: "Replace helm top level '$' by '.' when not necessary"
- kind: deprecated
description: "Deprecate elasticsearch.bootstrapcheck, `sonarqubeFolder`, `jdbcOverwrite.jdbcPassword` and `terminationGracePeriodSeconds`"
artifacthub.io/links: |
- name: support
url: https://community.sonarsource.com/
Expand Down
46 changes: 19 additions & 27 deletions charts/sonarqube-dce/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -473,12 +473,6 @@ The following table lists the configurable parameters of the SonarQube chart and
| `httproute.labels` | (Optional) List of extra labels to add to the HttpRoute | `None` |
| `httproute.rules` | (Optional) Extra Rules block of the HttpRoute. A default one is created with SonarWebContext and service port | `None` |
### Elasticsearch
| Parameter | Description | Default |
| ------------------------------- | ----------------------------------------------- | ------- |
| `elasticsearch.bootstrapChecks` | Enables/disables Elasticsearch bootstrap checks | `true` |
### Service
| Parameter | Description | Default |
Expand Down Expand Up @@ -534,27 +528,27 @@ The following table lists the configurable parameters of the SonarQube chart and
### SonarQube Specific
| Parameter | Description | Default |
| ------------------------------ | --------------------------------------------------------------------------------------- | ---------------- |
| `sonarqubeFolder` | Directory name of SonarQube | `/opt/sonarqube` |
| `monitoringPasscode` | Value for sonar.web.systemPasscode needed for LivenessProbes (encoded to Base64 format) | `define_it` |
| `monitoringPasscodeSecretName` | Name of the secret where to load `monitoringPasscode` | `None` |
| `monitoringPasscodeSecretKey` | Key of an existing secret containing `monitoringPasscode` | `None` |
| `extraContainers` | Array of extra containers to run alongside the `sonarqube` container (aka. Sidecars) | `[]` |
| Parameter | Description | Default |
| ------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------- | ---------------- |
| `sonarqubeFolder` | (DEPRECATED) Directory name of SonarQube, Due to 1-1 mapping between helm version and docker version, there is no need for configuration | `/opt/sonarqube` |
| `monitoringPasscode` | Value for sonar.web.systemPasscode needed for LivenessProbes (encoded to Base64 format) | `define_it` |
| `monitoringPasscodeSecretName` | Name of the secret where to load `monitoringPasscode` | `None` |
| `monitoringPasscodeSecretKey` | Key of an existing secret containing `monitoringPasscode` | `None` |
| `extraContainers` | Array of extra containers to run alongside the `sonarqube` container (aka. Sidecars) | `[]` |
### JDBC Overwrite
| Parameter | Description | Default |
| ------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------ |
| `jdbcOverwrite.enable` | (DEPRECATED) Enable JDBC overwrites for external Databases (disables `postgresql.enabled`) ,Please use jdbcOverwrite.enabled instead | `false` |
| `jdbcOverwrite.enabled` | Enable JDBC overwrites for external Databases (disable `postgresql.enabled`) | `false` |
| `jdbcOverwrite.jdbcUrl` | The JDBC url to connect the external DB | `jdbc:postgresql://myPostgress/myDatabase` |
| `jdbcOverwrite.jdbcUsername` | The DB user that should be used for the JDBC connection | `sonarUser` |
| `jdbcOverwrite.jdbcPassword` | The DB password that should be used for the JDBC connection (Use this if you don't mind the DB password getting stored in plain text within the values file) | `sonarPass` |
| `jdbcOverwrite.jdbcSecretName` | Alternatively, use a pre-existing k8s secret containing the DB password | `None` |
| `jdbcOverwrite.jdbcSecretPasswordKey` | If the pre-existing k8s secret is used this allows the user to overwrite the 'key' of the password property in the secret | `None` |
| `jdbcOverwrite.oracleJdbcDriver.url` | The URL of the Oracle JDBC driver to be downloaded | `None` |
| `jdbcOverwrite.oracleJdbcDriver.netrcCreds` | Name of the secret containing .netrc file to use creds when downloading the Oracle JDBC driver | `None` |
| Parameter | Description | Default |
| ------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------ |
| `jdbcOverwrite.enable` | (DEPRECATED) Enable JDBC overwrites for external Databases (disables `postgresql.enabled`) ,Please use jdbcOverwrite.enabled instead | `false` |
| `jdbcOverwrite.enabled` | Enable JDBC overwrites for external Databases (disable `postgresql.enabled`) | `false` |
| `jdbcOverwrite.jdbcUrl` | The JDBC url to connect the external DB | `jdbc:postgresql://myPostgress/myDatabase` |
| `jdbcOverwrite.jdbcUsername` | The DB user that should be used for the JDBC connection | `sonarUser` |
| `jdbcOverwrite.jdbcPassword` | (DEPRECATED) The DB password that should be used for the JDBC connection, please use `jdbcOverwrite.jdbcSecretName` and `jdbcOverwrite.jdbcSecretPasswordKey` | `sonarPass` |
| `jdbcOverwrite.jdbcSecretName` | Alternatively, use a pre-existing k8s secret containing the DB password | `None` |
| `jdbcOverwrite.jdbcSecretPasswordKey` | If the pre-existing k8s secret is used this allows the user to overwrite the 'key' of the password property in the secret | `None` |
| `jdbcOverwrite.oracleJdbcDriver.url` | The URL of the Oracle JDBC driver to be downloaded | `None` |
| `jdbcOverwrite.oracleJdbcDriver.netrcCreds` | Name of the secret containing .netrc file to use creds when downloading the Oracle JDBC driver | `None` |
### Bundled PostgreSQL Chart (DEPRECATED)
Expand Down Expand Up @@ -626,7 +620,7 @@ The bundled PostgreSQL Chart is deprecated. Please see <https://artifacthub.io/p
| `account.sonarWebContext` | (DEPRECATED) SonarQube web context for Admin hook. please use sonarWebContext at the value top level instead | `nil` |
| `account.securityContext` | Security context for downloading the prometheus exporter | see `values.yaml` |
| `adminJobAnnotations` | Custom annotations for admin hook Job | `{}` |
| `terminationGracePeriodSeconds` | Configuration of `terminationGracePeriodSeconds` | `60` |
| `terminationGracePeriodSeconds` | (DEPRECATED) this field is not used in the templates | `60` |
You can also configure values for the PostgreSQL database via the PostgreSQL [Chart](https://hub.helm.sh/charts/bitnami/postgresql)
Expand Down Expand Up @@ -672,8 +666,6 @@ To enable auto-configuration of the kube worker node, set `elasticsearch.configu

This will run `sysctl -w vm.max_map_count=262144` on the worker where the sonarqube pod(s) get scheduled. This needs to be set to `262144` but normally defaults to `65530`. Other kernel settings are recommended by the [docker image](https://hub.docker.com/_/sonarqube/#requirements), but the defaults work fine in most cases.

To disable worker node configuration, set `elasticsearch.configureNode` to `false`. Note that if node configuration is not enabled, then you will likely need to also disable the Elasticsearch bootstrap checks. These can be explicitly disabled by setting `elasticsearch.bootstrapChecks` to `false`.

### Extra Config

For environments where another tool, such as terraform or ansible, is used to provision infrastructure or passwords then setting databases addresses and credentials via helm becomes less than ideal. Ditto for environments where this config may be visible.
Expand Down
26 changes: 26 additions & 0 deletions charts/sonarqube-dce/values.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,11 @@
"type": "boolean",
"deprecated": true,
"$comment": "(DEPRECATED) Please use `jdbcOverwrite.enabled` instead"
},
"jdbcPassword": {
"type": "string",
"deprecated": true,
"$comment": "(DEPRECATED) Please use `jdbcOverwrite.jdbcSecretName` along with `jdbcOverwrite.jdbcSecretPasswordKey` instead"
}
}
},
Expand Down Expand Up @@ -144,6 +149,27 @@
"$comment": "(DEPRECATED) Please use SearchNodes.podDisruptionBudget"
}
}
},
"sonarqubeFolder":
{
"type": "string",
"deprecated": true,
"$comment": "(DEPRECATED) This value will is no longer required and will be droped in future releases"
},
"terminationGracePeriodSeconds": {
"type": "integer",
"deprecated": true,
"$comment": "(DEPRECATED) This value is not used in the templates"
},
"elasticsearch": {
"type": "object",
"properties": {
"bootstrapChecks": {
"type": "boolean",
"deprecated": true,
"$comment": "(DEPRECATED) This value is not used in the templates"
}
}
}
}
}
6 changes: 3 additions & 3 deletions charts/sonarqube-dce/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -679,7 +679,7 @@ jdbcOverwrite:
jdbcUrl: "jdbc:postgresql://myPostgress/myDatabase"
# The DB user that should be used for the JDBC connection
jdbcUsername: "sonarUser"
# Use this if you don't mind the DB password getting stored in plain text within the values file
# (DEPRECATED) Please use `jdbcOverwrite.jdbcSecretName` along with `jdbcOverwrite.jdbcSecretPasswordKey` instead
jdbcPassword: "sonarPass"
## Alternatively, use a pre-existing k8s secret containing the DB password
# jdbcSecretName: "sonarqube-jdbc"
Expand Down Expand Up @@ -769,8 +769,7 @@ postgresql:
# podLabels:
# key: value
podLabels: {}
# For compatibility with 8.0 replace by "/opt/sq"
# For compatibility with 8.2, leave the default.
# (DEPRECATED) this field will be removed, as it needs to match the SonarQube image folder structure, considering we have one chart version per docker image version this field is not needed anymore.
sonarqubeFolder: /opt/sonarqube

# Enable/Disable logging in JSON format
Expand Down Expand Up @@ -841,4 +840,5 @@ extraConfig:
# Reuse default initcontainers.securityContext that match restricted pod security standard
# securityContext: {}

# (DEPRECATED) This value is not used in the templates.
terminationGracePeriodSeconds: 60
1 change: 1 addition & 0 deletions charts/sonarqube/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -522,6 +522,7 @@ jdbcOverwrite:
# The DB user that should be used for the JDBC connection
jdbcUsername: "sonarUser"
# Use this if you don't mind the DB password getting stored in plain text within the values file
# (DEPRECATED) Please use `jdbcOverwrite.jdbcSecretName` along with `jdbcOverwrite.jdbcSecretPasswordKey` instead
jdbcPassword: "sonarPass"
## Alternatively, use a pre-existing k8s secret containing the DB password
# jdbcSecretName: "sonarqube-jdbc"
Expand Down

0 comments on commit 7c453fb

Please sign in to comment.