diff --git a/.github/workflows/packaging.yml b/.github/workflows/packaging.yml index 7436a068..9fe495e6 100644 --- a/.github/workflows/packaging.yml +++ b/.github/workflows/packaging.yml @@ -20,7 +20,7 @@ jobs: name: Package and push from PR runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 with: persist-credentials: false - uses: cloudve/helm-ci@master @@ -36,7 +36,7 @@ jobs: name: Package and push manual invocation runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 with: persist-credentials: false - uses: cloudve/helm-ci@master @@ -51,13 +51,20 @@ jobs: needs: [ package-from-pr, package-from-manual ] name: Create a tag and GitHub release for this version. runs-on: ubuntu-latest + env: + GH_TOKEN: ${{ github.token }} if: | always() && contains(needs.*.result, 'success') && !contains(needs.*.result, 'failure') steps: + - uses: actions/checkout@v4 + with: + ref: ${{ github.ref }} - name: Tag and release run: | + git config user.name "GitHub Actions Bot" + git config user.email "<>" version=v$(cat galaxy/Chart.yaml | grep ^version: | awk '{print $2}') git tag -a $version -m "Automatic release of $version" git push origin $version diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index bbde0299..324e7ae7 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -34,7 +34,7 @@ jobs: - name: Start k8s locally uses: jupyterhub/action-k3s-helm@v3 with: - k3s-version: v1.25.15+k3s2 # releases: https://github.com/k3s-io/k3s/tags + k3s-version: v1.28.7+k3s1 # releases: https://github.com/k3s-io/k3s/tags metrics-enabled: false traefik-enabled: false - name: Verify function of k8s, kubectl, and helm diff --git a/README.md b/README.md index f7684f85..3eef49ff 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Galaxy Helm Chart (v4) +# Galaxy Helm Chart (v5) [Galaxy](https://galaxyproject.org/) is a data analysis platform focusing on accessibility, reproducibility, and transparency of primarily bioinformatics @@ -8,7 +8,7 @@ updates, upgrades, and rollbacks. ## Supported software versions -- Kubernetes 1.22+ +- Kubernetes 1.27+ - Helm 3.5+ ## Kubernetes cluster @@ -272,6 +272,8 @@ jobHandlers: failureThreshhold: 3 ``` +# Additional Configurations + ## Extra File Mappings The `extraFileMappings` field can be used to inject files to arbitrary paths in the `nginx` deployment, as well as any of the `job`, `web`, or `workflow` handlers, and the `init` jobs. @@ -420,28 +422,76 @@ The Galaxy application can be horizontally scaled for the web, job, or workflow by setting the desired values of the `webHandlers.replicaCount`, `jobHandlers.replicaCount`, and `workflowHandlers.replicaCount` configuration options. -## Galaxy versions +## Cron jobs + +Two Cron jobs are defined by default. One to clean up Galaxy's database and one to clean up the `tmp` directory. By default, these +jobs run at 02:05 (the database maintenance script) and 02:15 (`tmp` directyory cleanup). Users can +change the times the cron jobs are run by changing the `schedule` field in the `values.yaml` file: + +```yaml +cronJobs: + maintenance: + schedule: "30 6 * * *" # Execute the cron job at 6:30 UTC +``` +or by specifying the `schedule` on the command line when instaling Galaxy: +```bash +# Schedule the maintenance job to run at 06:30 on the first day of each month +helm install galaxy -n galaxy galaxy/galaxy --set cronJobs.maintenance.schedule="30 6 1 * *" +``` +To disable a cron job after Galaxy has been deployed simply set the enabled flag for that job to false: + + +```bash +helm upgrade galaxy -n galaxy galaxy/galaxy --reuse-values --set cronJobs.maintenance.enabled=false +``` + +### Run a CronJob manually + +Cron jobs can be invoked manually with tools such as [OpenLens](https://github.com/MuhammedKalkan/OpenLens) +or from the command line with `kubectl` +```bash +kubectl create job --namespace --from cronjob/galaxy-cron-maintenance +``` +This will run the cron job regardless of the `schedule` that has been set. + +**Note:** the name of the cron job will be `{{ .Release.Name }}-cron-` where the `` +is the name (key) used in the `values.yaml` file. + +### CronJob configuration -Some changes introduced in the chart sometimes rely on changes in the Galaxy -container image, especially in relation to the Kubernetes runner. This table -keeps track of recommended Chart versions for particular Galaxy versions as -breaking changes are introduced. Otherwise, the Galaxy image and chart should be -independently upgrade-able. In other words, upgrading the Galaxy image from -`21.05` to `21.09` should be a matter of `helm upgrade my-galaxy cloudve/galaxy ---reuse-values --set image.tag=21.09`. +The following fields can be specified when defining cron jobs. + +| Name | Definition | Required | +|---|-------------------------------------------------------------------------------------------------------------------------------------------|----------| +| enabled | `true` or `false`. If `false` the cron job will not be run. Default is `true` | **Yes** | +| schedule | When the job will be run. Use tools such as [crontab.guru](https://crontab.guru) for assistance determining the proper schedule string | **Yes** | +| defaultEnv | `true` or `false`. See the `galaxy.podEnvVars` macro in `_helpers.tpl` for the list of variables that will be defined. Default is `false` | No | +| extraEnv | Define extra environment variables that will be available to the job | No | +| securityContext | Specifies a `securityContext` for the job. Typically used to set `runAsUser` | No | +| image | Specify the Docker container used to run the job | No | +| command | The command to run | **Yes** | +| args | Any command line arguments that should be passed to the `command` | No | +| extraFileMappings | Allow arbitrary files to be mounted from config maps | No | + +### Notes + +If specifying the Docker `image` both the `resposity` and `tag` MUST be specified. +```yaml + image: + repository: quay.io/my-organization/my-image + tag: "1.0" +``` +The `extraFileMappings` block is similar to the global `extraFileMappings` except the file will only be mounted for that cron job. +The following fields can be specified for each file. -| Chart version | Galaxy version | Description | -| :------------------ | :--------------- | :-------------- | -| `5.0` | `22.05` | Needs at least container image 22.05 as Galaxy switched from uwsgi to gunicorn | -| `4.0` | `21.05` | Needs [Galaxy PR#11899](https://github.com/galaxyproject/galaxy/pull/11899) for eliminating the CVMFS. If running chart 4.0+ with Galaxy image `21.01` or below, use the CVMFS instead with `--set setupJob.downloadToolConfs.enabled=false --set cvmfs.repositories.cvmfs-gxy-cloud=cloud.galaxyproject.org --set cvmfs.galaxyPersistentVolumeClaims.cloud.storage=1Gi --set cvmfs.galaxyPersistentVolumeClaims.cloud.storageClassName=cvmfs-gxy-cloud --set cvmfs.galaxyPersistentVolumeClaims.cloud.mountPath=/cvmfs/cloud.galaxyproject.org` | +| Name | Definition | Required | +|---|---|----------| +| mode | The file mode (permissions) assigned to the file | No | +| tpl | If set to `true` the file contents will be run through Helm's templating engine. Defaults to `false` | No | +| content | The contents of the file | **Yes** | -## Funding -- _Version 3+_: Galaxy Project, Genomics Virtual Laboratory (GVL) +See the `example` cron job included in the `values.yaml` file for a full example. -- _Version 2_: Genomics Virtual Laboratory (GVL), Galaxy Project, and European - Commission (EC) H2020 Project PhenoMeNal, grant agreement number 654241. -- _Version 1_: European Commission (EC) H2020 Project PhenoMeNal, grant - agreement number 654241. diff --git a/galaxy/disabled/configmap-galaxy.yaml b/galaxy/disabled/configmap-galaxy.yaml new file mode 100644 index 00000000..6f49a14c --- /dev/null +++ b/galaxy/disabled/configmap-galaxy.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-galaxy-config + labels: + {{- include "galaxy.labels" $ | nindent 4 }} +kind: ConfigMap +data: + galaxy.yml: | + {{- .Values.galaxy | toYaml | nindent 4 }} diff --git a/galaxy/templates/_helpers.tpl b/galaxy/templates/_helpers.tpl index 7e0df8f6..3472705d 100644 --- a/galaxy/templates/_helpers.tpl +++ b/galaxy/templates/_helpers.tpl @@ -83,6 +83,13 @@ postgresql.fullname string and then prepend the release name to form the service {{- end -}} {{- end -}} +{{/* +Generate the connection string needed to connect to a Postres database +*/}} +{{- define "galaxy-postgresql.connection-string" -}} +{{- printf "postgresql://%s:%s@%s/galaxy%s" .Values.postgresql.galaxyDatabaseUser (include "galaxy.galaxyDbPassword" .) (include "galaxy-postgresql.fullname" .) .Values.postgresql.galaxyConnectionParams -}} +{{- end -}} + {{/* Return the rabbitmq cluster to use */}} diff --git a/galaxy/templates/configmap-cvmfs-fix.yaml b/galaxy/templates/configmap-cvmfs-fix.yaml index d5d4c129..f680f119 100644 --- a/galaxy/templates/configmap-cvmfs-fix.yaml +++ b/galaxy/templates/configmap-cvmfs-fix.yaml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: ConfigMap metadata: diff --git a/galaxy/templates/configmap-extra-files.yaml b/galaxy/templates/configmap-extra-files.yaml index b0e60f60..53dc516c 100644 --- a/galaxy/templates/configmap-extra-files.yaml +++ b/galaxy/templates/configmap-extra-files.yaml @@ -1,5 +1,6 @@ {{- range $key, $entry := .Values.extraFileMappings -}} {{- if $entry }} +--- apiVersion: v1 metadata: # Extract the filename portion only @@ -20,9 +21,9 @@ data: {{- else }} {{- $entry.content | nindent 4 }} {{- end }} ---- {{- end }} {{- end }} +--- apiVersion: v1 metadata: name: {{ include "galaxy.fullname" $ }}-probedb-py @@ -32,5 +33,3 @@ kind: ConfigMap data: probedb.py: | {{- (.Files.Get "scripts/probedb.py") | nindent 4 }} - ---- diff --git a/galaxy/templates/configmap-galaxy-rules.yaml b/galaxy/templates/configmap-galaxy-rules.yaml index aaa5101c..ed09bb95 100644 --- a/galaxy/templates/configmap-galaxy-rules.yaml +++ b/galaxy/templates/configmap-galaxy-rules.yaml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: ConfigMap metadata: diff --git a/galaxy/templates/configmap-grafana-dashboard.yaml b/galaxy/templates/configmap-grafana-dashboard.yaml index 58d573aa..1ced09bb 100644 --- a/galaxy/templates/configmap-grafana-dashboard.yaml +++ b/galaxy/templates/configmap-grafana-dashboard.yaml @@ -1,4 +1,5 @@ {{- if .Values.influxdb.enabled }} +--- apiVersion: v1 kind: ConfigMap metadata: diff --git a/galaxy/templates/configmap-nginx.yaml b/galaxy/templates/configmap-nginx.yaml index d1166b32..a74409cd 100644 --- a/galaxy/templates/configmap-nginx.yaml +++ b/galaxy/templates/configmap-nginx.yaml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: ConfigMap metadata: diff --git a/galaxy/templates/configs-galaxy.yaml b/galaxy/templates/configs-galaxy.yaml index f1b0e229..4fa8a7ec 100644 --- a/galaxy/templates/configs-galaxy.yaml +++ b/galaxy/templates/configs-galaxy.yaml @@ -1,3 +1,4 @@ +--- apiVersion: v1 metadata: name: {{ include "galaxy.fullname" . }}-configs diff --git a/galaxy/templates/cronjob-maintenance.yaml b/galaxy/templates/cronjob-maintenance.yaml index 17b0219a..d020b4f7 100644 --- a/galaxy/templates/cronjob-maintenance.yaml +++ b/galaxy/templates/cronjob-maintenance.yaml @@ -1,47 +1,118 @@ +{{ range $key, $cronjob := .Values.cronJobs }} +--- apiVersion: batch/v1 kind: CronJob metadata: - name: {{ include "galaxy.fullname" . }}-maintenance + name: {{ include "galaxy.fullname" $ }}-cron-{{ $key }} labels: - {{- include "galaxy.labels" . | nindent 4 }} + {{- include "galaxy.labels" $ | nindent 4 }} spec: - schedule: "0 2 * * *" + {{- if $cronjob.enabled }} + schedule: {{ $cronjob.schedule | quote }} + {{- else }} + # Set an impossible date so that the cronjob is still defined, but effectively disabled. + # This will allow the cronjob to be run manually if needed. + schedule: "0 0 30 2 *" + {{- end }} jobTemplate: spec: template: spec: + {{- if $cronjob.securityContext }} securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - {{- with .Values.nodeSelector }} + {{- toYaml $cronjob.securityContext | nindent 12 }} + {{- end}} + {{- if $cronjob.nodeSelector }} nodeSelector: - {{- toYaml . | nindent 16 }} + {{- toYaml $cronjob.nodeSelector | nindent 12 }} + {{- else if $.Values.nodeSelector }} + nodeSelector: + {{- toYaml $.Values.nodeSelector | nindent 12 }} {{- end }} containers: - - name: galaxy-maintenance - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - # delete all tmp files older than walltime limit + - name: galaxy-cron-{{ $key }} + {{- if $cronjob.image }} + image: {{ $cronjob.image.repository }}:{{ $cronjob.image.tag }} + {{- else }} + image: "{{ $.Values.image.repository }}:{{ $.Values.image.tag }}" + {{- end }} + imagePullPolicy: {{ $.Values.image.pullPolicy }} + {{- if or $cronjob.defaultEnv $cronjob.extraEnv }} + env: + {{- if $cronjob.defaultEnv }} + {{- include "galaxy.podEnvVars" $}} + {{- end }} + {{- if $cronjob.extraEnv }} + {{- range $env := $cronjob.extraEnv }} + - name: {{ $env.name }} + value: {{ tpl $env.value $ | quote }} + {{- end }} + {{- end }} + {{- end }} command: - - find - - {{ .Values.persistence.mountPath }}/tmp - - '!' - - -newermt - - -{{ (index .Values "configs" "job_conf.yml" "runners" "k8s" "k8s_walltime_limit" | default 604800) }} seconds - - -type - - f - - -exec - - rm - - '{}' - - ; + {{- range $cmd := $cronjob.command }} + - {{ tpl $cmd $ | quote }} + {{- end}} + {{- if $cronjob.args }} + args: + {{- range $arg := $cronjob.args }} + - {{ tpl $arg $ | quote }} + {{- end }} + {{- end }} volumeMounts: - name: galaxy-data - mountPath: {{ .Values.persistence.mountPath }} + mountPath: {{ $.Values.persistence.mountPath }} + {{- range $key, $entry := $cronjob.extraFileMappings }} + - name: {{ include "galaxy.getExtraFilesUniqueName" $key }} + mountPath: {{ $key }} + subPath: {{ include "galaxy.getFilenameFromPath" $key }} + {{- end }} volumes: - name: galaxy-data - {{- if .Values.persistence.enabled }} + {{- if $.Values.persistence.enabled }} persistentVolumeClaim: - claimName: {{ template "galaxy.pvcname" . }} + claimName: {{ template "galaxy.pvcname" $ }} {{- else }} emptyDir: {} {{- end }} + {{- range $key, $entry := $cronjob.extraFileMappings }} + - name: {{ include "galaxy.getExtraFilesUniqueName" $key }} + {{- if $entry.useSecret }} + secret: + secretName: {{ printf "%s-%s" (include "galaxy.fullname" $) (include "galaxy.getExtraFilesUniqueName" $key) }} + {{- else }} + configMap: + name: {{ printf "%s-%s" (include "galaxy.fullname" $) (include "galaxy.getExtraFilesUniqueName" $key) }} + {{- end }} + {{- if $entry.mode }} + defaultMode: {{ $entry.mode }} + {{- end }} + {{- end }} restartPolicy: OnFailure +{{- if $cronjob.extraFileMappings }} +{{- range $name, $entry := $cronjob.extraFileMappings }} +--- +apiVersion: v1 +metadata: + # Extract the filename portion only + name: {{ printf "%s-%s" (include "galaxy.fullname" $) (include "galaxy.getExtraFilesUniqueName" $name) }} + labels: + {{- include "galaxy.labels" $ | nindent 4 }} +{{- if $entry.useSecret }} +kind: Secret +type: Opaque +stringData: +{{- else }} +kind: ConfigMap +data: +{{- end }} + {{- include "galaxy.getFilenameFromPath" $name | nindent 2 }}: | + {{- if $entry.tpl }} + {{- tpl (tpl $entry.content $) $ | nindent 4 }} + {{- else }} + {{- $entry.content | nindent 4 }} + {{- end }} +{{- end }} +{{- end }} + +{{- end }} diff --git a/galaxy/templates/deployment-celery-beat.yaml b/galaxy/templates/deployment-celery-beat.yaml index e50a9622..0f46248d 100644 --- a/galaxy/templates/deployment-celery-beat.yaml +++ b/galaxy/templates/deployment-celery-beat.yaml @@ -1,3 +1,4 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/galaxy/templates/deployment-celery.yaml b/galaxy/templates/deployment-celery.yaml index c21660f4..100b4ac6 100644 --- a/galaxy/templates/deployment-celery.yaml +++ b/galaxy/templates/deployment-celery.yaml @@ -1,3 +1,4 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/galaxy/templates/deployment-job.yaml b/galaxy/templates/deployment-job.yaml index 28e12dc3..29988bd1 100644 --- a/galaxy/templates/deployment-job.yaml +++ b/galaxy/templates/deployment-job.yaml @@ -1,4 +1,5 @@ {{- range $handler_num, $e := until (int $.Values.jobHandlers.replicaCount) }} +--- apiVersion: apps/v1 kind: Deployment metadata: @@ -210,5 +211,4 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} ---- {{- end }} diff --git a/galaxy/templates/deployment-metrics.yaml b/galaxy/templates/deployment-metrics.yaml index c3237716..87fa9dee 100644 --- a/galaxy/templates/deployment-metrics.yaml +++ b/galaxy/templates/deployment-metrics.yaml @@ -1,4 +1,5 @@ {{- if .Values.metrics.enabled }} +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/galaxy/templates/deployment-nginx.yaml b/galaxy/templates/deployment-nginx.yaml index 34020fcb..36d0bb6d 100644 --- a/galaxy/templates/deployment-nginx.yaml +++ b/galaxy/templates/deployment-nginx.yaml @@ -1,3 +1,4 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/galaxy/templates/deployment-tusd.yaml b/galaxy/templates/deployment-tusd.yaml index 45813ab9..0d7d2fb7 100644 --- a/galaxy/templates/deployment-tusd.yaml +++ b/galaxy/templates/deployment-tusd.yaml @@ -1,4 +1,5 @@ {{ if .Values.tusd.enabled -}} +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/galaxy/templates/deployment-web.yaml b/galaxy/templates/deployment-web.yaml index 0a1f8c49..783d1a52 100644 --- a/galaxy/templates/deployment-web.yaml +++ b/galaxy/templates/deployment-web.yaml @@ -1,3 +1,4 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/galaxy/templates/deployment-workflow.yaml b/galaxy/templates/deployment-workflow.yaml index ee094f58..b994fbc9 100644 --- a/galaxy/templates/deployment-workflow.yaml +++ b/galaxy/templates/deployment-workflow.yaml @@ -1,3 +1,4 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/galaxy/templates/hook-cvmfs-fix.yaml b/galaxy/templates/hook-cvmfs-fix.yaml index 1caa21ba..7e88b036 100644 --- a/galaxy/templates/hook-cvmfs-fix.yaml +++ b/galaxy/templates/hook-cvmfs-fix.yaml @@ -1,5 +1,6 @@ {{- if and .Values.refdata.enabled (eq .Values.refdata.type "cvmfs") }} - # Include the code you want to run when both conditions are met +--- +# Include the code you want to run when both conditions are met apiVersion: batch/v1 kind: Job metadata: diff --git a/galaxy/templates/ingress-activity-canary.yaml b/galaxy/templates/ingress-activity-canary.yaml index 09c467e1..4cee4b9e 100644 --- a/galaxy/templates/ingress-activity-canary.yaml +++ b/galaxy/templates/ingress-activity-canary.yaml @@ -6,6 +6,7 @@ {{- $fullName := include "galaxy.fullname" . -}} {{- $ingressPath := .Values.ingress.path -}} {{- $servicePort := .Values.service.port -}} +--- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: @@ -42,4 +43,4 @@ spec: number: {{ $servicePort }} {{- end }} {{- end }} ---- + diff --git a/galaxy/templates/ingress-tusd.yaml b/galaxy/templates/ingress-tusd.yaml index ebb836a9..36180356 100644 --- a/galaxy/templates/ingress-tusd.yaml +++ b/galaxy/templates/ingress-tusd.yaml @@ -1,5 +1,6 @@ {{- if and .Values.tusd.enabled .Values.tusd.ingress.enabled -}} {{- $fullName := include "galaxy.fullname" . -}} +--- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: @@ -38,4 +39,4 @@ spec: {{- end }} {{- end }} {{- end }} ---- + diff --git a/galaxy/templates/ingress.yaml b/galaxy/templates/ingress.yaml index 9b2458e6..a77b9a2d 100644 --- a/galaxy/templates/ingress.yaml +++ b/galaxy/templates/ingress.yaml @@ -1,6 +1,7 @@ {{- if .Values.ingress.enabled -}} {{- $fullName := include "galaxy.fullname" . -}} {{- $servicePort := .Values.service.port -}} +--- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: @@ -39,4 +40,3 @@ spec: {{- end }} {{- end }} {{- end }} ---- diff --git a/galaxy/templates/jobs-init.yaml b/galaxy/templates/jobs-init.yaml index d72244da..92079e07 100644 --- a/galaxy/templates/jobs-init.yaml +++ b/galaxy/templates/jobs-init.yaml @@ -1,3 +1,4 @@ +--- apiVersion: batch/v1 kind: Job metadata: diff --git a/galaxy/templates/priorityclass-job.yaml b/galaxy/templates/priorityclass-job.yaml index df518387..da4f9b59 100644 --- a/galaxy/templates/priorityclass-job.yaml +++ b/galaxy/templates/priorityclass-job.yaml @@ -1,4 +1,5 @@ {{- if and .Values.jobs.priorityClass.enabled (not .Values.jobs.priorityClass.existingClass) }} +--- apiVersion: scheduling.k8s.io/v1 kind: PriorityClass metadata: diff --git a/galaxy/templates/pv-s3fs.yaml b/galaxy/templates/pv-s3fs.yaml index 2948960c..4b0fb2fd 100644 --- a/galaxy/templates/pv-s3fs.yaml +++ b/galaxy/templates/pv-s3fs.yaml @@ -1,4 +1,5 @@ {{- if and .Values.refdata.enabled (eq .Values.refdata.type "s3csi") }} +--- apiVersion: v1 kind: PersistentVolume metadata: diff --git a/galaxy/templates/pvc-galaxy.yaml b/galaxy/templates/pvc-galaxy.yaml index c6426020..975f5c53 100644 --- a/galaxy/templates/pvc-galaxy.yaml +++ b/galaxy/templates/pvc-galaxy.yaml @@ -1,4 +1,5 @@ {{ if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +--- apiVersion: v1 kind: PersistentVolumeClaim metadata: @@ -23,4 +24,3 @@ spec: requests: storage: {{ .Values.persistence.size | quote }} {{ end }} ---- diff --git a/galaxy/templates/pvc-refdata.yaml b/galaxy/templates/pvc-refdata.yaml index a537eb03..a258f92b 100644 --- a/galaxy/templates/pvc-refdata.yaml +++ b/galaxy/templates/pvc-refdata.yaml @@ -1,4 +1,5 @@ {{- if .Values.refdata.enabled }} +--- apiVersion: v1 kind: PersistentVolumeClaim metadata: @@ -18,5 +19,4 @@ spec: {{- if eq $.Values.refdata.type "cvmfs" }} storageClassName: {{ tpl .Values.cvmfs.storageClassName . }} {{- end }} ---- {{- end }} diff --git a/galaxy/templates/rabbitmqcluster.yaml b/galaxy/templates/rabbitmqcluster.yaml index f215fc3b..1b100004 100644 --- a/galaxy/templates/rabbitmqcluster.yaml +++ b/galaxy/templates/rabbitmqcluster.yaml @@ -1,4 +1,5 @@ {{- if and .Values.rabbitmq.enabled (not .Values.rabbitmq.existingCluster) }} +--- apiVersion: rabbitmq.com/v1beta1 kind: RabbitmqCluster metadata: diff --git a/galaxy/templates/rbac-job.yaml b/galaxy/templates/rbac-job.yaml index f1180267..f80b5e1a 100644 --- a/galaxy/templates/rbac-job.yaml +++ b/galaxy/templates/rbac-job.yaml @@ -1,4 +1,5 @@ {{ if .Values.rbac.enabled }} +--- kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: diff --git a/galaxy/templates/secret-galaxy.yaml b/galaxy/templates/secret-galaxy.yaml index bc0ffe52..6020642d 100644 --- a/galaxy/templates/secret-galaxy.yaml +++ b/galaxy/templates/secret-galaxy.yaml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret type: Opaque diff --git a/galaxy/templates/service-galaxy.yaml b/galaxy/templates/service-galaxy.yaml index 35fd5a1f..666dc20c 100644 --- a/galaxy/templates/service-galaxy.yaml +++ b/galaxy/templates/service-galaxy.yaml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/galaxy/templates/service-nginx.yaml b/galaxy/templates/service-nginx.yaml index 1b1e9f04..c2cef838 100644 --- a/galaxy/templates/service-nginx.yaml +++ b/galaxy/templates/service-nginx.yaml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/galaxy/templates/service-tusd.yaml b/galaxy/templates/service-tusd.yaml index 0f4a7454..572848eb 100644 --- a/galaxy/templates/service-tusd.yaml +++ b/galaxy/templates/service-tusd.yaml @@ -1,4 +1,5 @@ {{ if .Values.tusd.enabled -}} +--- apiVersion: v1 kind: Service metadata: diff --git a/galaxy/templates/serviceaccount.yaml b/galaxy/templates/serviceaccount.yaml index 8560763e..435da946 100644 --- a/galaxy/templates/serviceaccount.yaml +++ b/galaxy/templates/serviceaccount.yaml @@ -1,4 +1,5 @@ {{- if .Values.serviceAccount.create -}} +--- apiVersion: v1 kind: ServiceAccount metadata: diff --git a/galaxy/values.yaml b/galaxy/values.yaml index 09d50603..36869661 100644 --- a/galaxy/values.yaml +++ b/galaxy/values.yaml @@ -267,10 +267,93 @@ extraEnv: [] # - name: EXAMPLE_ENV # value: MY_VALUE +#- CronJobs to perform periodic maintenance tasks +cronJobs: + #- Runs the maintenance.sh script to purge items in the Galaxy database that + #- have been flagged as deleted. + maintenance: + enabled: true + schedule: "5 2 * * *" + extraSettings: + #- Purge items older than this. + days: '7' + securityContext: + runAsUser: 0 + defaultEnv: true + command: + - "/galaxy/server/scripts/maintenance.sh" + args: + - "--no-dry-run" + - "--days" + - "{{ tpl .Values.cronJobs.maintenance.extraSettings.days $ }}" + #- Remove files from the tmp directory that are older than the allowable wall time for a job + tmpdir: + enabled: true + schedule: "15 2 * * *" + extraSettings: + lastModified: '{{ index .Values "configs" "job_conf.yml" "runners" "k8s" "k8s_walltime_limit" | default 604800 }}' + securityContext: + runAsUser: 0 + command: + - /usr/bin/find + args: + - "{{ .Values.persistence.mountPath }}/tmp" + - "!" + - "-newermt" + - "{{ tpl .Values.cronJobs.tmpdir.extraSettings.lastModified $ }} seconds ago" + - "-type" + - "f" + - "-exec" + - "rm" + - "{}" + - ";" +# #- An example cron job that showcases all available features. +# example: +# #- Disable the job by scheduling it for a date that never occurs, I.E. Feb 30th +# #- The job can still be triggered manually. +# schedule: "0 0 30 2 *" +# #- Include the set of default environment variables. See galaxy.podEnvVars +# #- in the Helm chart's _helpers.tpl for the variables that will be defined. +# defaultEnv: true +# #- Define extra environment variables that will be available to the job +# extraEnv: +# - name: LOGFILE +# value: /galaxy/server/database/example.log +# #- Run the job as root (uid 0) +# securityContext: +# runAsUser: 0 +# #- Specify an alternate Docker image for the CronJob container +# image: +# repository: ksuderman/galaxy-maintenance +# tag: "0.7" +# #- The command to be run +# command: +# - /usr/local/bin/example.sh +# #- Command line arguments to be passed to the command, one per line. +# args: +# - "--option" +# - "value" +# #- Define extra files that will be mounted into the image. In this case we +# #- mount a simple Bash script that will write the current environment +# #- variables to persistent storage. +# extraFileMappings: +# #- Path were the file will be mounted +# /usr/local/bin/example.sh: +# #- Default permission on the file. In this case 'rwxr-xr-x' +# mode: "0755" +# #- Run the contents through the Helm `tpl` command +# tpl: true +# #- The contents of the file to be mounted. Can contain Helm template values +# #- if `tpl` is set to true. +# content: |- +# #!/usr/bin/bash +# echo {{ .Release.Name }} >> $LOGFILE +# echo "$@" >> $LOGFILE +# env >> $LOGFILE + ingress: #- Should ingress be enabled. Defaults to `true` enabled: true - #- ingressClassName: nginx canary: enabled: true @@ -391,13 +474,20 @@ configs: k8s: load: galaxy.jobs.runners.kubernetes:KubernetesJobRunner k8s_use_service_account: true - k8s_persistent_volume_claims: |- + k8s_data_volume_claim: |- + {{ template "galaxy.pvcname" . -}}:{{ .Values.persistence.mountPath -}}:r + k8s_working_volume_claim: |- {{ template "galaxy.pvcname" . -}}:{{ .Values.persistence.mountPath -}} + k8s_persistent_volume_claims: |- + {{ template "galaxy.pvcname" . -}}/config:{{ .Values.persistence.mountPath -}}/config:r, + {{- template "galaxy.pvcname" . -}}/tmp:{{ .Values.persistence.mountPath -}}/tmp:rw, + {{- template "galaxy.pvcname" . -}}/tool-data:{{ .Values.persistence.mountPath -}}/tool-data:r, + {{- template "galaxy.pvcname" . -}}/tools:{{ .Values.persistence.mountPath -}}/tools:r {{- if .Values.refdata.enabled -}} - ,{{- template "galaxy.fullname" $ -}}-refdata-gxy-pvc/data.galaxyproject.org:/cvmfs/data.galaxyproject.org + ,{{- template "galaxy.fullname" $ -}}-refdata-gxy-pvc/data.galaxyproject.org:/cvmfs/data.galaxyproject.org:r {{- end -}} {{- if .Values.setupJob.downloadToolConfs.enabled -}} - ,{{ template "galaxy.pvcname" . -}}/{{ .Values.setupJob.downloadToolConfs.volume.subPath }}:{{ .Values.setupJob.downloadToolConfs.volume.mountPath -}} + ,{{ template "galaxy.pvcname" . -}}/{{ .Values.setupJob.downloadToolConfs.volume.subPath }}:{{ .Values.setupJob.downloadToolConfs.volume.mountPath -}}:r {{- end -}} {{- if .Values.extraVolumes -}} {{- template "galaxy.extra_pvc_mounts" . -}} @@ -451,7 +541,8 @@ configs: interactivetools_base_path: "{{$host := index .Values.ingress.hosts 0}}{{$path := index $host.paths 0}}{{$path.path}}" id_secret: mulled_resolution_cache_lock_dir: "/galaxy/server/local/mulled_cache_lock" - database_connection: postgresql://unused:because@overridden_by_envvar + database_connection: |- + {{ include "galaxy-postgresql.connection-string" .}} integrated_tool_panel_config: "/galaxy/server/config/mutable/integrated_tool_panel.xml" sanitize_allowlist_file: "/galaxy/server/config/mutable/sanitize_allowlist.txt" tool_config_file: "/galaxy/server/config/tool_conf.xml{{if .Values.setupJob.downloadToolConfs.enabled}},{{ .Values.setupJob.downloadToolConfs.volume.mountPath }}/config/shed_tool_conf.xml{{end}}" @@ -506,22 +597,35 @@ configs: toolshed.g2.bx.psu.edu/repos/bgruening/diff/diff/3.7+galaxy0 toolshed.g2.bx.psu.edu/repos/bgruening/pharmcat/pharmcat/1.3.1+galaxy0 toolshed.g2.bx.psu.edu/repos/crs4/taxonomy_krona_chart/taxonomy_krona_chart/2.7.1+galaxy0 - toolshed.g2.bx.psu.edu/repos/devteam/fastqc/fastqc/0.72+galaxy1 + toolshed.g2.bx.psu.edu/repos/devteam/fastqc/fastqc/0.74+galaxy0 toolshed.g2.bx.psu.edu/repos/devteam/fastqc/fastqc/0.73+galaxy0 + toolshed.g2.bx.psu.edu/repos/devteam/fastqc/fastqc/0.72+galaxy1 + toolshed.g2.bx.psu.edu/repos/devteam/fastqc/fastqc/0.72 + toolshed.g2.bx.psu.edu/repos/iuc/dexseq/dexseq/1.44+galaxy0 toolshed.g2.bx.psu.edu/repos/iuc/dexseq/dexseq/1.28.1+galaxy2 + toolshed.g2.bx.psu.edu/repos/iuc/fastp/fastp/0.23.2+galaxy0 toolshed.g2.bx.psu.edu/repos/iuc/fastp/fastp/0.20.1+galaxy0 toolshed.g2.bx.psu.edu/repos/iuc/jbrowse/jbrowse_to_standalone/1.16.11+galaxy0 toolshed.g2.bx.psu.edu/repos/iuc/jbrowse/jbrowse_to_standalone/1.16.11+galaxy1 - toolshed.g2.bx.psu.edu/repos/iuc/jbrowse/jbrowse/1.16.11+galaxy0 toolshed.g2.bx.psu.edu/repos/iuc/jbrowse/jbrowse/1.16.11+galaxy1 + toolshed.g2.bx.psu.edu/repos/iuc/jbrowse/jbrowse/1.16.11+galaxy0 toolshed.g2.bx.psu.edu/repos/iuc/macs2/macs2_callpeak/2.1.1.20160309.6 toolshed.g2.bx.psu.edu/repos/iuc/meme_meme/meme_meme/5.0.5.0 + toolshed.g2.bx.psu.edu/repos/iuc/multiqc/multiqc/1.11+galaxy1 toolshed.g2.bx.psu.edu/repos/iuc/multiqc/multiqc/1.11+galaxy0 toolshed.g2.bx.psu.edu/repos/iuc/multiqc/multiqc/1.9+galaxy1 + toolshed.g2.bx.psu.edu/repos/iuc/multiqc/multiqc/1.8+galaxy1 + toolshed.g2.bx.psu.edu/repos/iuc/multiqc/multiqc/1.6 + toolshed.g2.bx.psu.edu/repos/iuc/multiqc/multiqc/1.5.0 toolshed.g2.bx.psu.edu/repos/iuc/prestor_abseq3/prestor_abseq3/0.6.2+galaxy0 toolshed.g2.bx.psu.edu/repos/iuc/quast/quast/5.0.2+galaxy3 toolshed.g2.bx.psu.edu/repos/iuc/seurat/seurat/4.1.0+galaxy0 + toolshed.g2.bx.psu.edu/repos/iuc/snpeff/snpEff/4.3r.1 + toolshed.g2.bx.psu.edu/repos/iuc/snpeff/snpEff/4.3+T.galaxy2 toolshed.g2.bx.psu.edu/repos/iuc/snpeff/snpEff/4.3+T.galaxy1 + toolshed.g2.bx.psu.edu/repos/bgruening/plotly_regression_performance_plots/plotly_regression_performance_plots/0.1 + toolshed.g2.bx.psu.edu/repos/bgruening/plotly_parallel_coordinates_plot/plotly_parallel_coordinates_plot/0.2 + toolshed.g2.bx.psu.edu/repos/bgruening/plotly_parallel_coordinates_plot/plotly_parallel_coordinates_plot/0.1 build_sites.yml: - type: ucsc file: "{{if .Values.refdata.enabled}}/cvmfs/data.galaxyproject.org/managed/location/ucsc_build_sites.txt{{else}}/galaxy/server/tool-data/shared/ucsc/ucsc_build_sites.txt.sample{{end}}"