Topaz: use volumeClaimTemplates in StatefulSet

aserto-dev · Dec 3, 2024 · 14a37e1 · 14a37e1
1 parent a15344a
commit 14a37e1
Show file tree

Hide file tree

Showing 7 changed files with 61 additions and 95 deletions.
diff --git a/charts/topaz/Chart.yaml b/charts/topaz/Chart.yaml
@@ -21,7 +21,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.1
+version: 0.2.2
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

diff --git a/charts/topaz/templates/_helpers.tpl b/charts/topaz/templates/_helpers.tpl
@@ -61,17 +61,6 @@ Create the name of the service account to use
 {{- end }}
 {{- end }}
 
-
-{{- define "topaz.appKind" -}}
-{{- if (((.Values.directory).edge).persistence).enabled |
-    or ((.Values.decisionLogs).persistence).enabled |
-    or ((.Values.opa).persistence).enabled -}}
-StatefulSet
-{{- else -}}
-Deployment
-{{- end }}
-{{- end }}
-
 {{/*
 Remote directory configuration
 */}}
@@ -430,3 +419,18 @@ aserto_decision_log:
   enabled: true
 {{- end }}
 {{- end }}
+
+{{- define "topaz.volumeClaimTemplateSpec" -}}
+accessModes:
+  - ReadWriteOnce
+resources:
+  requests:
+    storage: {{ .storage | required "persistence.storage cannot be empty" }}
+{{- if .storageClassName }}
+storageClassName: {{ .storageClassName }}
+{{- end }}
+{{- if .selector }}
+selector:
+  {{- .selector | toYaml | nindent 4 }}
+{{- end }}
+{{- end }}
diff --git a/charts/topaz/templates/deployment.yaml b/charts/topaz/templates/deployment.yaml
@@ -1,6 +1,14 @@
+{{- $persistDB := empty (.Values.directory).remote | and (((.Values.directory).edge).persistence).enabled -}}
+{{- $persistOPA :=((.Values.opa).persistence).enabled -}}
+{{- $persistLogs := (.Values.decisionLogs).enabled | and ((.Values.decisionLogs).persistence).enabled -}}
+{{- $persistence := $persistDB | or $persistOPA | or $persistLogs -}}
 ---
 apiVersion: apps/v1
-kind: {{ include "topaz.appKind" . }}
+{{- if $persistence }}
+kind: StatefulSet
+{{- else }}
+kind: Deployment
+{{- end }}
 metadata:
   name: {{ include "topaz.fullname" . }}
   labels:
@@ -140,27 +148,18 @@ spec:
       {{- if ((.Values.directory).remote).address -}}
         {{ include "topaz.remoteDirectoryCertVolume" . | nindent 8 }}
       {{- end }}
+      {{- if not $persistDB }}
         - name: db
-        {{- if empty (.Values.directory).remote | and (((.Values.directory).edge).persistence).enabled }}
-          persistentVolumeClaim:
-            claimName: {{ include "topaz.fullname" . }}-pvc-db
-        {{- else }}
           emptyDir: {}
-        {{- end }}
+      {{- end }}
+      {{- if not $persistOPA }}
         - name: opa
-        {{- if ((.Values.opa).persistence).enabled }}
-          persistentVolumeClaim:
-            claimName: {{ include "topaz.fullname" . }}-pvc-policy
-        {{- else }}
           emptyDir: {}
-        {{- end }}
+      {{- end }}
+      {{- if not $persistLogs }}
         - name: decisions
-        {{- if (.Values.decisionLogs).enabled | and ((.Values.decisionLogs).persistence).enabled }}
-          persistentVolumeClaim:
-            claimName: {{ include "topaz.fullname" . }}-pvc-decisions
-        {{- else }}
           emptyDir: {}
-        {{- end }}
+      {{- end }}
       {{- if (.Values.decisionLogs).remote -}}
         {{- include "topaz.scribeCertVolume" . | nindent 8 }}
       {{- end -}}
@@ -182,3 +181,31 @@ spec:
       tolerations:
         {{- toYaml . | nindent 8 }}
       {{- end }}
+{{- if $persistence }}
+  volumeClaimTemplates:
+  {{- if $persistDB }}
+  {{- with ((.Values.directory).edge).persistence }}
+    - metadata:
+        name: db
+      spec:
+        {{- include "topaz.volumeClaimTemplateSpec" . | nindent 8 }}
+  {{- end }}
+  {{- end }}
+  {{- if $persistOPA }}
+  {{- with (.Values.opa).persistence }}
+    - metadata:
+        name: opa
+      spec:
+        {{- include "topaz.volumeClaimTemplateSpec" . | nindent 8 }}
+  {{- end }}
+  {{- end }}
+  {{- if $persistLogs }}
+  {{- with (.Values.decisionLogs).persistence }}
+    - metadata:
+        name: decisions
+      spec:
+        {{- include "topaz.volumeClaimTemplateSpec" . | nindent 8 }}
+  {{- end }}
+  {{- end }}
+{{- end }}
+
diff --git a/charts/topaz/templates/pvc-db.yaml b/charts/topaz/templates/pvc-db.yaml
diff --git a/charts/topaz/templates/pvc-decisions.yaml b/charts/topaz/templates/pvc-decisions.yaml
diff --git a/charts/topaz/templates/pvc-policy.yaml b/charts/topaz/templates/pvc-policy.yaml
diff --git a/charts/topaz/values.yaml b/charts/topaz/values.yaml
@@ -173,7 +173,7 @@ decisionLogs:
     enabled: true
     # PersistentVolumeClaim options.
     # See https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims
-    # storage: 100Mi
+    storage: 100Mi
     # storageClassName: ""
     # selector:
     #   matchLabels:
@@ -274,7 +274,7 @@ opa:
   maxPluginWaitTimeSeconds: 30
   # Persistent volume for bundles and discovery results.
   persistence:
-    enabled: false
+    enabled: true
     # PersistentVolumeClaim options.
     # See https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims
     storage: 10Mi