From 5b1058a8b1ec6d805a7a601f37b65c5907b63336 Mon Sep 17 00:00:00 2001 From: Michael Schnerring <3743342+schnerring@users.noreply.github.com> Date: Sat, 12 Aug 2023 10:05:18 +0000 Subject: [PATCH] fix(plausible): migrate to new common chart and upgrade to v2 (#11186) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit **Description** * cherry-picked changes from my PR that were never merged into from `port/incubator` into `master`: https://github.com/truecharts/charts/pull/7810 * Added config options for Plausible v2.0.0 * Migrated to new common chart TODO: - [x] upgrade questions.yaml to new common chart - [x] migrate common.yaml / _env.tpl to new common chart format ⚒️ Fixes # **⚙️ Type of change** - [ ] ⚙️ Feature/App addition - [X] 🪛 Bugfix - [X] ⚠️ Breaking change (fix or feature that would cause existing functionality to not work as expected) - [X] 🔃 Refactor of current code **🧪 How Has This Been Tested?** **📃 Notes:** **✔️ Checklist:** - [X] ⚖️ My code follows the style guidelines of this project - [X] 👀 I have performed a self-review of my own code - [X] #️⃣ I have commented my code, particularly in hard-to-understand areas - [ ] 📄 I have made corresponding changes to the documentation - [ ] ⚠️ My changes generate no new warnings - [ ] 🧪 I have added tests to this description that prove my fix is effective or that my feature works - [X] ⬆️ I increased versions for any altered app according to semantic versioning **➕ App addition** If this PR is an app addition please make sure you have done the following. - [ ] 🪞 I have opened a PR on [truecharts/containers](https://github.com/truecharts/containers) adding the container to TrueCharts mirror repo. - [ ] 🖼️ I have added an icon in the Chart's root directory called `icon.png` --- _Please don't blindly check all the boxes. Read them and only check those that apply. Those checkboxes are there for the reviewer to see what is this all about and the status of this PR with a quick glance._ --------- Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com> Co-authored-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com> --- charts/incubator/plausible/Chart.yaml | 12 +- charts/incubator/plausible/questions.yaml | 139 +++++++++++----- .../plausible/templates/_configmap.tpl | 21 +++ charts/incubator/plausible/templates/_env.tpl | 56 ------- .../incubator/plausible/templates/_secret.tpl | 28 ++++ .../incubator/plausible/templates/common.yaml | 17 +- charts/incubator/plausible/values.yaml | 150 ++++++++++-------- tools/gen-cat.sh | 1 + 8 files changed, 244 insertions(+), 180 deletions(-) create mode 100644 charts/incubator/plausible/templates/_configmap.tpl delete mode 100644 charts/incubator/plausible/templates/_env.tpl create mode 100644 charts/incubator/plausible/templates/_secret.tpl diff --git a/charts/incubator/plausible/Chart.yaml b/charts/incubator/plausible/Chart.yaml index 4b01f36e4834..a6e954f8373e 100644 --- a/charts/incubator/plausible/Chart.yaml +++ b/charts/incubator/plausible/Chart.yaml @@ -1,17 +1,13 @@ apiVersion: v2 -appVersion: "1.5.1" +appVersion: "2.0.0" dependencies: - name: common repository: https://library-charts.truecharts.org - version: 11.1.2 - - condition: postgresql.enabled - name: postgresql - repository: https://deps.truecharts.org/ - version: 11.0.31 + version: 14.0.2 - condition: clickhouse.enabled name: clickhouse repository: https://deps.truecharts.org/ - version: 3.0.21 + version: 7.0.1 deprecated: false description: Plausible is lightweight and open source web analytics. No cookies and fully compliant with GDPR, CCPA and PECR. home: https://truecharts.org/charts/incubator/plausible @@ -32,7 +28,7 @@ sources: - https://github.com/plausible/analytics - https://github.com/plausible/hosting type: application -version: 4.0.25 +version: 5.0.0 annotations: truecharts.org/catagories: | - analytics diff --git a/charts/incubator/plausible/questions.yaml b/charts/incubator/plausible/questions.yaml index d70ea2ae8c98..45026cb380fc 100644 --- a/charts/incubator/plausible/questions.yaml +++ b/charts/incubator/plausible/questions.yaml @@ -27,43 +27,29 @@ questions: type: string default: http://localhost required: true - - variable: DISABLE_AUTH - label: DISABLE_AUTH - description: Disables authentication completely, no registration, login will be shown. - schema: - type: boolean - default: false - variable: DISABLE_REGISTRATION label: DISABLE_REGISTRATION - description: Disables registration of new users, keep your admin credentials handy ;) - schema: - type: boolean - default: false - - variable: ADMIN_USER_NAME - label: ADMIN_USER_NAME - description: Admin user's name (First Install Only) - schema: - type: string - default: admin - required: true - - variable: ADMIN_USER_EMAIL - label: ADMIN_USER_EMAIL - description: The default ("admin") user email (First Install Only) + description: Restricts registration of new users. schema: type: string - default: admin@example.com required: true - - variable: ADMIN_USER_PWD - label: ADMIN_USER_PWD - description: The default ("admin") user password (First Install Only) + default: "true" + enum: + - value: "true" + description: Full restriction + - value: "false" + description: No restriction + - value: invite_only + description: Only invited users can register + - variable: LOG_FAILED_LOGIN_ATTEMPTS + label: LOG_FAILED_LOGIN_ATTEMPTS + description: Controls whether to log warnings about failed login attempts. schema: - type: string - default: "" - required: true - private: true + type: boolean + default: false - variable: CLICKHOUSE_FLUSH_INTERVAL_MS label: CLICKHOUSE_FLUSH_INTERVAL_MS - description: nterval (in milliseconds) between flushing events and sessions data to Clickhouse. Consult Clickhouse docs before changing it. + description: Interval (in milliseconds) between flushing events and sessions data to Clickhouse. Consult Clickhouse docs before changing it. schema: type: int default: 5000 @@ -82,6 +68,12 @@ questions: type: string default: hello@plausible.local required: true + - variable: MAILER_NAME + label: MAILER_NAME + description: The display name for the sender (from). + schema: + type: string + default: "" - variable: SMTP_HOST_ADDR label: SMTP_HOST_ADDR description: The host address of your smtp server. @@ -134,13 +126,78 @@ questions: description: Bamboo.SMTPAdapter - value: Bamboo.PostmarkAdapter description: Bamboo.PostmarkAdapter + - value: Bamboo.MailgunAdapter + description: Bamboo.MailgunAdapter + - value: Bamboo.MandrillAdapter + description: Bamboo.MandrillAdapter + - value: Bamboo.SendGridAdapter + description: Bamboo.SendGridAdapter - variable: POSTMARK_API_KEY label: POSTMARK_API_KEY - description: Enter your API key. + description: Required. Enter your API key. + schema: + show_if: [["MAILER_ADAPTER", "=", "Bamboo.PostmarkAdapter"]] + type: string + default: "" + private: true + - variable: MAILGUN_API_KEY + label: MAILGUN_API_KEY + description: Required. Enter your API key. + schema: + show_if: [["MAILER_ADAPTER", "=", "Bamboo.MailgunAdapter"]] + type: string + default: "" + private: true + - variable: MAILGUN_DOMAIN + label: MAILGUN_DOMAIN + description: Required. Enter your Mailgun domain. + schema: + show_if: [["MAILER_ADAPTER", "=", "Bamboo.MailgunAdapter"]] + type: string + default: "" + - variable: MAILGUN_BASE_URI + label: MAILGUN_BASE_URI + description: This is optional. Mailgun makes a difference in the API base URL between sender domains from within the EU and outside. By default, the base URL is set to https://api.mailgun.net/v3. To override this you can pass https://api.eu.mailgun.net/v3 if you are using an EU domain. + schema: + show_if: [["MAILER_ADAPTER", "=", "Bamboo.MailgunAdapter"]] + type: string + default: "" + - variable: MANDRILL_API_KEY + label: MANDRILL_API_KEY + description: Required. Enter your API key. + schema: + show_if: [["MAILER_ADAPTER", "=", "Bamboo.MandrillAdapter"]] + type: string + default: "" + private: true + - variable: SENDGRID_API_KEY + label: SENDGRID_API_KEY + description: Required. Enter your API key. schema: + show_if: [["MAILER_ADAPTER", "=", "Bamboo.SendGridAdapter"]] type: string default: "" private: true + - variable: MAXMIND_LICENSE_KEY + label: MAXMIND_LICENSE_KEY + description: MaxMind license key to automatically download and update the database + schema: + type: string + default: "" + private: true + - variable: MAXMIND_EDITION + label: MAXMIND_EDITION + description: MaxMind database edition to use (only if MAXMIND_LICENSE_KEY is set) + schema: + show_if: [["MAXMIND_LICENSE_KEY", "!=", ""]] + type: string + required: true + default: GeoLite2-City + enum: + - value: GeoLite2-City + description: GeoLite2-City + - value: GeoLite2-Country + description: GeoLite2-Country - variable: GOOGLE_CLIENT_ID label: GOOGLE_CLIENT_ID description: The Client ID from the Google API Console for your Plausible Analytics project @@ -170,15 +227,11 @@ questions: description: warn - value: error description: error + # Include{containerConfig} +# Include{podOptions} # Include{serviceRoot} - - variable: main - label: "Main Service" - description: "The Primary service on which the healthcheck runs, often the webUI" - schema: - additional_attrs: true - type: dict - attrs: +# Include{serviceMain} # Include{serviceSelectorLoadBalancer} # Include{serviceSelectorExtras} - variable: main @@ -218,12 +271,12 @@ questions: schema: type: int default: 1000 - - variable: runAsGroup - label: "runAsGroup" - description: "The groupID this App of the user running the application" - schema: - type: int - default: 1000 + - variable: runAsGroup + label: "runAsGroup" + description: "The groupID this App of the user running the application" + schema: + type: int + default: 1000 # Include{securityContextContainer} # Include{securityContextAdvanced} # Include{securityContextPod} diff --git a/charts/incubator/plausible/templates/_configmap.tpl b/charts/incubator/plausible/templates/_configmap.tpl new file mode 100644 index 000000000000..743160042fb1 --- /dev/null +++ b/charts/incubator/plausible/templates/_configmap.tpl @@ -0,0 +1,21 @@ +{{- define "plausible.configmap" -}} +enabled: true +data: + BASE_URL: {{ .Values.plausible.BASE_URL | quote }} + DISABLE_REGISTRATION: {{ .Values.plausible.DISABLE_REGISTRATION | quote }} + LOG_FAILED_LOGIN_ATTEMPTS: {{ .Values.plausible.LOG_FAILED_LOGIN_ATTEMPTS | quote }} + + CLICKHOUSE_FLUSH_INTERVAL_MS: {{ .Values.plausible.CLICKHOUSE_FLUSH_INTERVAL_MS | quote }} + CLICKHOUSE_MAX_BUFFER_SIZE: {{ .Values.plausible.CLICKHOUSE_MAX_BUFFER_SIZE | quote }} + + SMTP_HOST_ADDR: {{ .Values.plausible.SMTP_HOST_ADDR | quote }} + SMTP_HOST_PORT: {{ .Values.plausible.SMTP_HOST_PORT | quote }} + SMTP_HOST_SSL_ENABLED: {{ .Values.plausible.SMTP_HOST_SSL_ENABLED | quote }} + SMTP_RETRIES: {{ .Values.plausible.SMTP_RETRIES | quote }} + MAILER_ADAPTER: {{ .Values.plausible.MAILER_ADAPTER | quote }} + MAILGUN_BASE_URI: {{ .Values.plausible.MAILGUN_BASE_URI | quote }} + + MAXMIND_EDITION: {{ .Values.plausible.MAXMIND_EDITION | quote }} + + LOG_LEVEL: {{ .Values.plausible.LOG_LEVEL | quote }} +{{- end }} diff --git a/charts/incubator/plausible/templates/_env.tpl b/charts/incubator/plausible/templates/_env.tpl deleted file mode 100644 index a8fe6ae1c44b..000000000000 --- a/charts/incubator/plausible/templates/_env.tpl +++ /dev/null @@ -1,56 +0,0 @@ -{{/* Plausible environment variables */}} -{{- define "plausible.env" -}} -{{- $configName := printf "%s-env-config" (include "tc.common.names.fullname" .) }} -{{- $secretName := printf "%s-env-secret" (include "tc.common.names.fullname" .) }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ $configName }} - labels: - {{- include "tc.common.labels" . | nindent 4 }} -data: - BASE_URL: {{ .Values.plausible.BASE_URL | quote }} - DISABLE_AUTH: {{ .Values.plausible.DISABLE_AUTH | quote }} - DISABLE_REGISTRATION: {{ .Values.plausible.DISABLE_REGISTRATION | quote }} - - CLICKHOUSE_FLUSH_INTERVAL_MS: {{ .Values.plausible.CLICKHOUSE_FLUSH_INTERVAL_MS | quote }} - CLICKHOUSE_MAX_BUFFER_SIZE: {{ .Values.plausible.CLICKHOUSE_MAX_BUFFER_SIZE | quote }} - - SMTP_HOST_ADDR: {{ .Values.plausible.SMTP_HOST_ADDR | quote }} - SMTP_HOST_PORT: {{ .Values.plausible.SMTP_HOST_PORT | quote }} - SMTP_HOST_SSL_ENABLED: {{ .Values.plausible.SMTP_HOST_SSL_ENABLED | quote }} - SMTP_RETRIES: {{ .Values.plausible.SMTP_RETRIES | quote }} - MAILER_ADAPTER: {{ .Values.plausible.MAILER_ADAPTER | quote }} - - LOG_LEVEL: {{ .Values.plausible.LOG_LEVEL | quote }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ $secretName }} - labels: - {{- include "tc.common.labels" . | nindent 4 }} -stringData: - {{- with (lookup "v1" "Secret" .Release.Namespace $secretName) }} - SECRET_KEY_BASE: {{ index .data "SECRET_KEY_BASE" | b64dec }} - {{- else }} - {{- /* The plain value of SECRET_KEY_BASE is also base64 encoded */}} - SECRET_KEY_BASE: {{ randAlphaNum 65 | b64enc }} - {{- end }} - - ADMIN_USER_NAME: {{ .Values.plausible.ADMIN_USER_NAME | quote }} - ADMIN_USER_EMAIL: {{ .Values.plausible.ADMIN_USER_EMAIL | quote }} - ADMIN_USER_PWD: {{ .Values.plausible.ADMIN_USER_PWD | quote }} - - DATABASE_URL: {{ get .Values.postgresql.url "complete-noql" }} - CLICKHOUSE_DATABASE_URL: {{ .Values.clickhouse.url.complete }} - - MAILER_EMAIL: {{ .Values.plausible.MAILER_EMAIL | quote }} - SMTP_USER_NAME: {{ .Values.plausible.SMTP_USER_NAME | quote }} - SMTP_USER_PWD: {{ .Values.plausible.SMTP_USER_PWD | quote }} - POSTMARK_API_KEY: {{ .Values.plausible.POSTMARK_API_KEY | quote }} - - GOOGLE_CLIENT_ID: {{ .Values.plausible.GOOGLE_CLIENT_ID | quote }} - GOOGLE_CLIENT_SECRET: {{ .Values.plausible.GOOGLE_CLIENT_SECRET | quote }} -{{- end }} diff --git a/charts/incubator/plausible/templates/_secret.tpl b/charts/incubator/plausible/templates/_secret.tpl new file mode 100644 index 000000000000..89fb003e0943 --- /dev/null +++ b/charts/incubator/plausible/templates/_secret.tpl @@ -0,0 +1,28 @@ +{{- define "plausible.secret" -}} +enabled: true +data: + {{- with (lookup "v1" "Secret" .Release.Namespace "plausible-secret") }} + SECRET_KEY_BASE: {{ index .data "SECRET_KEY_BASE" | b64dec }} + {{- else }} + {{- /* The plain value of SECRET_KEY_BASE is also base64 encoded */}} + SECRET_KEY_BASE: {{ randAlphaNum 86 | b64enc }} + {{- end }} + + DATABASE_URL: {{ .Values.cnpg.main.creds.std }} + CLICKHOUSE_DATABASE_URL: {{ .Values.clickhouse.creds.complete }} + + MAILER_EMAIL: {{ .Values.plausible.MAILER_EMAIL | quote }} + MAILER_NAME: {{ .Values.plausible.MAILER_NAME | quote }} + SMTP_USER_NAME: {{ .Values.plausible.SMTP_USER_NAME | quote }} + SMTP_USER_PWD: {{ .Values.plausible.SMTP_USER_PWD | quote }} + POSTMARK_API_KEY: {{ .Values.plausible.POSTMARK_API_KEY | quote }} + MAILGUN_API_KEY: {{ .Values.plausible.MAILGUN_API_KEY | quote }} + MAILGUN_DOMAIN: {{ .Values.plausible.MAILGUN_DOMAIN | quote }} + MANDRILL_API_KEY: {{ .Values.plausible.MANDRILL_API_KEY | quote }} + SENDGRID_API_KEY: {{ .Values.plausible.SENDGRID_API_KEY | quote }} + + MAXMIND_LICENSE_KEY: {{ .Values.plausible.MAXMIND_LICENSE_KEY | quote }} + + GOOGLE_CLIENT_ID: {{ .Values.plausible.GOOGLE_CLIENT_ID | quote }} + GOOGLE_CLIENT_SECRET: {{ .Values.plausible.GOOGLE_CLIENT_SECRET | quote }} +{{- end }} diff --git a/charts/incubator/plausible/templates/common.yaml b/charts/incubator/plausible/templates/common.yaml index 21d4eeef6459..9b96a04dd5e7 100644 --- a/charts/incubator/plausible/templates/common.yaml +++ b/charts/incubator/plausible/templates/common.yaml @@ -1,8 +1,17 @@ {{/* Make sure all variables are set properly */}} -{{- include "tc.common.loader.init" . }} +{{- include "tc.v1.common.loader.init" . }} -{{/* Plausible environment variables */}} -{{- include "plausible.env" . }} +{{/* Render Plausible configmap */}} +{{- $config := include "plausible.configmap" . | fromYaml -}} +{{- if $config -}} + {{- $_ := set .Values.configmap "plausible-config" $config -}} +{{- end -}} + +{{/* Render Plausible secret */}} +{{- $secret := include "plausible.secret" . | fromYaml -}} +{{- if $secret -}} + {{- $_ := set .Values.secret "plausible-secret" $secret -}} +{{- end -}} {{/* Render the templates */}} -{{ include "tc.common.loader.apply" . }} +{{ include "tc.v1.common.loader.apply" . }} diff --git a/charts/incubator/plausible/values.yaml b/charts/incubator/plausible/values.yaml index 5d251cf336df..55806d280f3c 100644 --- a/charts/incubator/plausible/values.yaml +++ b/charts/incubator/plausible/values.yaml @@ -1,7 +1,7 @@ image: - repository: plausible/analytics + repository: tccr.io/truecharts/plausible pullPolicy: IfNotPresent - tag: v1.5.1@sha256:3fbdcfac56ffa79e778e9e4bc1ca8c4dca0d7deb330ed5694f59eaa1125cc0a8 + tag: v2.0.0@sha256:1ef59e863cfdcddc308d4ec743091bc8eda4f62e16b269cf4d778c89b8c02a68 # Plausible self-hosting documentation # https://plausible.io/docs/self-hosting @@ -9,13 +9,8 @@ image: plausible: # Server BASE_URL: http://localhost - DISABLE_AUTH: false - DISABLE_REGISTRATION: false - - # Default User - ADMIN_USER_NAME: admin - ADMIN_USER_EMAIL: admin@example.com - ADMIN_USER_PWD: P@ssw0rd + DISABLE_REGISTRATION: "true" + LOG_FAILED_LOGIN_ATTEMPTS: false # Database CLICKHOUSE_FLUSH_INTERVAL_MS: 5000 @@ -23,6 +18,7 @@ plausible: # Mailer/SMTP Setup MAILER_EMAIL: hello@plausible.local + MAILER_NAME: "" SMTP_HOST_ADDR: localhost SMTP_HOST_PORT: 25 SMTP_USER_NAME: "" @@ -31,6 +27,16 @@ plausible: SMTP_RETRIES: 2 MAILER_ADAPTER: Bamboo.SMTPAdapter POSTMARK_API_KEY: "" + MAILGUN_API_KEY: "" + MAILGUN_DOMAIN: "" + MAILGUN_BASE_URI: "" + MANDRILL_API_KEY: "" + SENDGRID_API_KEY: "" + + # IP Geolocation + # todo(investigate where automatic updates are stored and configure storage accordingly) + MAXMIND_LICENSE_KEY: "" + MAXMIND_EDITION: GeoLite2-City # Google Search Integration GOOGLE_CLIENT_ID: "" @@ -39,78 +45,84 @@ plausible: # Logging LOG_LEVEL: warn -securityContext: - readOnlyRootFilesystem: false - -podSecurityContext: - runAsUser: 1000 - runAsGroup: 1000 - -envFrom: - - configMapRef: - name: '{{ include "tc.common.names.fullname" . }}-env-config' - - secretRef: - name: '{{ include "tc.common.names.fullname" . }}-env-secret' - -installContainers: - plausible-install: - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - envFrom: - - configMapRef: - name: '{{ include "tc.common.names.fullname" . }}-env-config' - - secretRef: - name: '{{ include "tc.common.names.fullname" . }}-env-secret' - command: [sh] - args: - - -c - - >- - /entrypoint.sh db createdb && - /entrypoint.sh db migrate && - /entrypoint.sh db init-admin - -upgradeContainers: - plausible-upgrade: - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - envFrom: - - configMapRef: - name: '{{ include "tc.common.names.fullname" . }}-env-config' - - secretRef: - name: '{{ include "tc.common.names.fullname" . }}-env-secret' - command: [sh] - args: - - -c - - /entrypoint.sh db migrate +workload: + main: + podSpec: + initContainers: + db-create: + type: install + enabled: true + imageSelector: image + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + readOnlyRootFilesystem: false + envFrom: + - configMapRef: + name: plausible-config + - secretRef: + name: plausible-secret + command: sh + args: + - -c + - /entrypoint.sh db createdb && /entrypoint.sh db migrate + db-migrate: + type: upgrade + enabled: true + imageSelector: image + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + readOnlyRootFilesystem: false + envFrom: + - configMapRef: + name: plausible-config + - secretRef: + name: plausible-secret + command: sh + args: + - -c + - /entrypoint.sh db migrate + containers: + main: + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + readOnlyRootFilesystem: false + envFrom: + - configMapRef: + name: plausible-config + - secretRef: + name: plausible-secret + probes: + liveness: + type: http + path: /api/health + readiness: + type: http + path: /api/health + startup: + type: http + path: /api/health service: main: ports: main: targetPort: 8000 - protocol: HTTP port: 10277 -probes: - liveness: - type: HTTP - path: /api/health - readiness: - type: HTTP - path: /api/health - startup: - type: HTTP - path: /api/health - -postgresql: - enabled: true - existingSecret: dbcreds - postgresqlUsername: plausible - postgresqlDatabase: plausible +cnpg: + main: + enabled: true + user: plausible + database: plausible clickhouse: enabled: true - existingSecret: clickhousecreds clickhouseUsername: plausible clickhouseDatabase: plausible portal: - enabled: true + open: + enabled: true diff --git a/tools/gen-cat.sh b/tools/gen-cat.sh index 68618bb829e5..66e71e8d5f1b 100755 --- a/tools/gen-cat.sh +++ b/tools/gen-cat.sh @@ -194,6 +194,7 @@ copy_docs() { prep_helm() { if [[ -z "$standalone" ]]; then helm repo add truecharts https://charts.truecharts.org + helm repo add truecharts-deps https://deps.truecharts.org helm repo add truecharts-library https://library-charts.truecharts.org helm repo update fi