diff --git a/charts/sourcegraph/README.md b/charts/sourcegraph/README.md index d51916c3d..6d7cc78a6 100644 --- a/charts/sourcegraph/README.md +++ b/charts/sourcegraph/README.md @@ -40,7 +40,9 @@ In addition to the documented values, all services also support the following va | blobstore.resources | object | `{"limits":{"cpu":"1","memory":"500M"},"requests":{"cpu":"1","memory":"500M"}}` | Resource requests & limits for the `blobstore` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | blobstore.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `blobstore` | | blobstore.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | +| blobstore.storageAnnotations | object | `{}` | Optional annotations to add to the `blobstore` PVC | | blobstore.storageSize | string | `"100Gi"` | PVC Storage Request for `blobstore` data volume | +| blobstore.storageSubPath | string | `""` | Optional subPath for the `blobstore` primary data volume mount | | cadvisor.containerSecurityContext | object | `{"privileged":true}` | Security context for the `cadvisor` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | cadvisor.enabled | bool | `true` | Enable `cadvisor` | | cadvisor.image.defaultTag | string | `"6.0.0@sha256:48082a2822a727e22c556ae2c3bae5f5bf4528c7b462efc3c085271ee5145be8"` | Docker image tag for the `cadvisor` image | @@ -71,7 +73,9 @@ In addition to the documented values, all services also support the following va | codeInsightsDB.resources | object | `{"limits":{"cpu":"4","memory":"2Gi"},"requests":{"cpu":"4","memory":"2Gi"}}` | Resource requests & limits for the `codeinsights-db` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | codeInsightsDB.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `codeinsights-db` | | codeInsightsDB.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | +| codeInsightsDB.storageAnnotations | object | `{}` | Optional annotations to add to the `codeinsights-db` PVC | | codeInsightsDB.storageSize | string | `"200Gi"` | PVC Storage Request for `codeinsights-db` data volume | +| codeInsightsDB.storageSubPath | string | `""` | Optional subPath for the `codeinsights-db` primary data volume mount | | codeIntelDB.additionalConfig | string | `""` | Additional PostgreSQL configuration. This will override or extend our default configuration. Notes: This is expecting a multiline string. Learn more from our [recommended PostgreSQL configuration](https://docs.sourcegraph.com/admin/config/postgres-conf) and [PostgreSQL documentation](https://www.postgresql.org/docs/12/config-setting.html) | | codeIntelDB.auth.database | string | `"sg"` | Sets codeintel-db database name | | codeIntelDB.auth.existingSecret | string | `""` | Name of existing secret to use for CodeIntel credentials The secret must contain the keys `user`, `password`, `database`, `host` and `port`. `auth.user`, `auth.password`, etc. are ignored if this is enabled | @@ -91,7 +95,9 @@ In addition to the documented values, all services also support the following va | codeIntelDB.resources | object | `{"limits":{"cpu":"4","memory":"4Gi"},"requests":{"cpu":"4","memory":"4Gi"}}` | Resource requests & limits for the `codeintel-db` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | codeIntelDB.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `codeintel-db` | | codeIntelDB.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | +| codeIntelDB.storageAnnotations | object | `{}` | Optional annotations to add to the `codeintel-db` PVC | | codeIntelDB.storageSize | string | `"200Gi"` | PVC Storage Request for `codeintel-db` data volume | +| codeIntelDB.storageSubPath | string | `""` | Optional subPath for the `codeintel-db` primary data volume mount | | extraResources | list | `[]` | Additional resources to include in the rendered manifest. Templates are supported. | | frontend.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `frontend` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | frontend.createRoleBinding | bool | `true` | Disable the roleBinding resource for deployment environments blocking RBAC, ex. OpenShift's default "secure" SCC | @@ -123,7 +129,9 @@ In addition to the documented values, all services also support the following va | gitserver.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `gitserver` | | gitserver.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | | gitserver.sshSecret | string | `""` | Name of existing Secret that contains SSH credentials to clone repositories. It usually contains keys, such as `id_rsa` (private key) and `known_hosts`. Learn more from [documentation](https://docs.sourcegraph.com/admin/install/kubernetes/helm#using-ssh-to-clone-repositories) | +| gitserver.storageAnnotations | object | `{}` | Optional annotations to add to the `gitserver` PVC | | gitserver.storageSize | string | `"200Gi"` | PVC Storage Request for `gitserver` data volume | +| gitserver.storageSubPath | string | `""` | Optional subPath for the `gitserver` primary data volume mount | | grafana.auth | object | `{"database":"","existingSecret":"","host":"","password":"","port":"","sslmode":"","user":""}` | NOTE: Create a separate user in the pgsql database with read-only perms on the minimum set of tables | | grafana.auth.database | string | `""` | Sets postgres database name | | grafana.auth.existingSecret | string | `""` | Name of existing secret to for Grafana to use to connect to the pgsql database The secret must contain the keys `user`, `password`, `database`, `host` and `port`. `auth.user`, `auth.password`, etc. are ignored if this is enabled | @@ -142,7 +150,9 @@ In addition to the documented values, all services also support the following va | grafana.resources | object | `{"limits":{"cpu":"1","memory":"512Mi"},"requests":{"cpu":"100m","memory":"512Mi"}}` | Resource requests & limits for the `grafana` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | grafana.serviceAccount.create | bool | `true` | Enable creation of ServiceAccount for `grafana` | | grafana.serviceAccount.name | string | `"grafana"` | Name of the ServiceAccount to be created or an existing ServiceAccount | +| grafana.storageAnnotations | object | `{}` | Optional annotations to add to the `grafana` PVC | | grafana.storageSize | string | `"2Gi"` | PVC Storage Request for `grafana` data volume | +| grafana.storageSubPath | string | `""` | Optional subPath for the `grafana` primary data volume mount | | indexedSearch.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `zoekt-webserver` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | indexedSearch.image.defaultTag | string | `"6.0.0@sha256:99038e0ec9bef930030c118d774fcdcd67d7fe57ad4c80d216703a4d29d64323"` | Docker image tag for the `zoekt-webserver` image | | indexedSearch.image.name | string | `"indexed-searcher"` | Docker image name for the `zoekt-webserver` image | @@ -152,7 +162,9 @@ In addition to the documented values, all services also support the following va | indexedSearch.resources | object | `{"limits":{"cpu":"2","memory":"4G"},"requests":{"cpu":"500m","memory":"2G"}}` | Resource requests & limits for the `zoekt-webserver` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | indexedSearch.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `indexed-search` | | indexedSearch.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | +| indexedSearch.storageAnnotations | object | `{}` | Optional annotations to add to the `indexed-search` PVC | | indexedSearch.storageSize | string | `"200Gi"` | PVC Storage Request for `indexed-search` data volume The size of disk to used for search indexes. This should typically be gitserver disk size multipled by the number of gitserver shards. | +| indexedSearch.storageSubPath | string | `""` | Optional subPath for the `indexed-search` primary data volume mount | | indexedSearchIndexer.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `zoekt-indexserver` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | indexedSearchIndexer.image.defaultTag | string | `"6.0.0@sha256:11539e07040b85045a9aa07f970aa310066e240dc28e6c9627653ee2bc6e0b91"` | Docker image tag for the `zoekt-indexserver` image | | indexedSearchIndexer.image.name | string | `"search-indexer"` | Docker image name for the `zoekt-indexserver` image | @@ -243,7 +255,9 @@ In addition to the documented values, all services also support the following va | pgsql.resources | object | `{"limits":{"cpu":"4","memory":"4Gi"},"requests":{"cpu":"4","memory":"4Gi"}}` | Resource requests & limits for the `pgsql` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | pgsql.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `pgsql` | | pgsql.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | +| pgsql.storageAnnotations | object | `{}` | Optional annotations to add to the `pgsql` PVC | | pgsql.storageSize | string | `"200Gi"` | PVC Storage Request for `pgsql` data volume | +| pgsql.storageSubPath | string | `""` | Optional subPath for the `pgsql` primary data volume mount | | postgresExporter.image.defaultTag | string | `"6.0.0@sha256:685a18f482e4a71a54e15814ffd6b8cd62844f6af056a81f7ec0ba5cf23fce27"` | Docker image tag for the `pgsql-exporter` image | | postgresExporter.image.name | string | `"postgres_exporter"` | Docker image name for the `pgsql-exporter` image | | postgresExporter.resources | object | `{"limits":{"cpu":"10m","memory":"50Mi"},"requests":{"cpu":"10m","memory":"50Mi"}}` | Resource requests & limits for the `pgsql-exporter` sidecar container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | @@ -270,7 +284,9 @@ In addition to the documented values, all services also support the following va | prometheus.resources | object | `{"limits":{"cpu":"2","memory":"6G"},"requests":{"cpu":"500m","memory":"6G"}}` | Resource requests & limits for the `prometheus` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) Prometheus is relied upon to monitor services for sending alerts to site admins when something is wrong with Sourcegraph, thus its memory requests and limits are the same to guarantee it has enough memory to perform its job reliably and prevent conflicts with other pods on the same host node. The limit chosen here is based on what works reliably on Sourcegraph.com with lots of traffic. | | prometheus.serviceAccount.create | bool | `true` | Enable creation of ServiceAccount | | prometheus.serviceAccount.name | string | `"prometheus"` | Name of the ServiceAccount to be created or an existing ServiceAccount | +| prometheus.storageAnnotations | object | `{}` | Optional annotations to add to the `prometheus` PVC | | prometheus.storageSize | string | `"200Gi"` | PVC Storage Request for `prometheus` data volume | +| prometheus.storageSubPath | string | `""` | Optional subPath for the `prometheus` primary data volume mount | | redisCache.connection.endpoint | string | `"redis-cache:6379"` | Endpoint to use for redis-cache. Supports either host:port or IANA specification | | redisCache.connection.existingSecret | string | `""` | Name of existing secret to use for Redis endpoint The secret must contain the key `endpoint` and should follow IANA specification learn more from the [Helm docs](https://docs.sourcegraph.com/admin/install/kubernetes/helm#using-external-redis-instances) | | redisCache.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":1000,"runAsUser":999}` | Security context for the `redis-cache` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | @@ -282,7 +298,9 @@ In addition to the documented values, all services also support the following va | redisCache.resources | object | `{"limits":{"cpu":"1","memory":"7Gi"},"requests":{"cpu":"1","memory":"7Gi"}}` | Resource requests & limits for the `redis-cache` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | redisCache.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `redis-cache` | | redisCache.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | +| redisCache.storageAnnotations | object | `{}` | Optional annotations to add to the `redis-cache` PVC | | redisCache.storageSize | string | `"100Gi"` | PVC Storage Request for `redis-cache` data volume | +| redisCache.storageSubPath | string | `""` | Optional subPath for the `redis-cache` primary data volume mount | | redisExporter.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":1000,"runAsUser":999}` | Security context for the `redis-exporter` sidecar container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | redisExporter.image.defaultTag | string | `"6.0.0@sha256:b2ec48fc6adef31f36d525170138dec303c1c0c20c530d659f1fb7c6c54698af"` | Docker image tag for the `redis-exporter` image | | redisExporter.image.name | string | `"redis_exporter"` | Docker image name for the `redis-exporter` image | @@ -298,7 +316,9 @@ In addition to the documented values, all services also support the following va | redisStore.resources | object | `{"limits":{"cpu":"1","memory":"7Gi"},"requests":{"cpu":"1","memory":"7Gi"}}` | Resource requests & limits for the `redis-store` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | redisStore.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `redis-store` | | redisStore.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | +| redisStore.storageAnnotations | object | `{}` | Optional annotations to add to the `redis-store` PVC | | redisStore.storageSize | string | `"100Gi"` | PVC Storage Request for `redis-store` data volume | +| redisStore.storageSubPath | string | `""` | Optional subPath for the `redis-store` primary data volume mount | | searcher.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `searcher` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | searcher.image.defaultTag | string | `"6.0.0@sha256:c7508abda2202d4a33400ce23a95dd8d59fe6220d85d7fbee6fb186c55931336"` | Docker image tag for the `searcher` image | | searcher.image.name | string | `"searcher"` | Docker image name for the `searcher` image | @@ -308,7 +328,9 @@ In addition to the documented values, all services also support the following va | searcher.resources | object | `{"limits":{"cpu":"2","memory":"2G"},"requests":{"cpu":"500m","memory":"500M"}}` | Resource requests & limits for the `searcher` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | searcher.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `searcher` | | searcher.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | +| searcher.storageAnnotations | object | `{}` | Optional annotations to add to the `searcher` PVC | | searcher.storageSize | string | `"26Gi"` | Size of the PVC for searcher pods to store cache data | +| searcher.storageSubPath | string | `""` | Optional subPath for the `searcher` primary data volume mount | | sgTestConnection | object | `{"enabled":true}` | Enable the busybox connection test after deployment | | sourcegraph.affinity | object | `{}` | Global Affinity, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) | | sourcegraph.disableKubernetesSecrets | bool | `false` | Disable the creation of Kubernetes secrets objects | diff --git a/charts/sourcegraph/templates/blobstore/blobstore.Deployment.yaml b/charts/sourcegraph/templates/blobstore/blobstore.Deployment.yaml index 8f02c7d45..2a330d383 100644 --- a/charts/sourcegraph/templates/blobstore/blobstore.Deployment.yaml +++ b/charts/sourcegraph/templates/blobstore/blobstore.Deployment.yaml @@ -80,6 +80,9 @@ spec: volumeMounts: - name: blobstore-data mountPath: /data + {{- if .Values.blobstore.storageSubPath }} + subPath: {{ .Values.blobstore.storageSubPath }} + {{- end }} - name: blobstore mountPath: /blobstore {{- if .Values.blobstore.extraVolumeMounts }} diff --git a/charts/sourcegraph/templates/blobstore/blobstore.PersistentVolumeClaim.yaml b/charts/sourcegraph/templates/blobstore/blobstore.PersistentVolumeClaim.yaml index 3f88d96ef..4b241dc3a 100644 --- a/charts/sourcegraph/templates/blobstore/blobstore.PersistentVolumeClaim.yaml +++ b/charts/sourcegraph/templates/blobstore/blobstore.PersistentVolumeClaim.yaml @@ -5,6 +5,10 @@ metadata: labels: deploy: sourcegraph app.kubernetes.io/component: blobstore + {{- if .Values.blobstore.storageAnnotations }} + annotations: + {{- toYaml .Values.blobstore.storageAnnotations | nindent 4 }} + {{- end }} name: blobstore spec: accessModes: diff --git a/charts/sourcegraph/templates/codeinsights-db/codeinsights-db.PersistentVolumeClaim.yaml b/charts/sourcegraph/templates/codeinsights-db/codeinsights-db.PersistentVolumeClaim.yaml index 45bbc0c0d..566c8140a 100644 --- a/charts/sourcegraph/templates/codeinsights-db/codeinsights-db.PersistentVolumeClaim.yaml +++ b/charts/sourcegraph/templates/codeinsights-db/codeinsights-db.PersistentVolumeClaim.yaml @@ -5,6 +5,10 @@ metadata: labels: app.kubernetes.io/component: codeinsights-db deploy: sourcegraph + {{- if .Values.codeInsightsDB.storageAnnotations }} + annotations: + {{- toYaml .Values.codeInsightsDB.storageAnnotations | nindent 4 }} + {{- end }} name: codeinsights-db spec: accessModes: diff --git a/charts/sourcegraph/templates/codeinsights-db/codeinsights-db.StatefulSet.yaml b/charts/sourcegraph/templates/codeinsights-db/codeinsights-db.StatefulSet.yaml index 99c78fd33..d0585e3fa 100644 --- a/charts/sourcegraph/templates/codeinsights-db/codeinsights-db.StatefulSet.yaml +++ b/charts/sourcegraph/templates/codeinsights-db/codeinsights-db.StatefulSet.yaml @@ -51,6 +51,9 @@ spec: volumeMounts: - mountPath: /var/lib/postgresql/data/ name: disk + {{- if .Values.codeInsightsDB.storageSubPath }} + subPath: {{ .Values.codeInsightsDB.storageSubPath }} + {{- end }} securityContext: {{- toYaml .Values.codeInsightsDB.init.containerSecurityContext | nindent 10 }} {{- if not .Values.sourcegraph.localDevMode }} @@ -90,6 +93,9 @@ spec: volumeMounts: - mountPath: /var/lib/postgresql/data/ name: disk + {{- if .Values.codeInsightsDB.storageSubPath }} + subPath: {{ .Values.codeInsightsDB.storageSubPath }} + {{- end }} - mountPath: /conf name: codeinsights-conf - mountPath: /var/run/postgresql diff --git a/charts/sourcegraph/templates/codeintel-db/codeintel-db.PersistentVolumeClaim.yaml b/charts/sourcegraph/templates/codeintel-db/codeintel-db.PersistentVolumeClaim.yaml index cfea67e8a..391e5700b 100644 --- a/charts/sourcegraph/templates/codeintel-db/codeintel-db.PersistentVolumeClaim.yaml +++ b/charts/sourcegraph/templates/codeintel-db/codeintel-db.PersistentVolumeClaim.yaml @@ -5,6 +5,10 @@ metadata: labels: app.kubernetes.io/component: codeintel-db deploy: sourcegraph + {{- if .Values.codeIntelDB.storageAnnotations }} + annotations: + {{- toYaml .Values.codeIntelDB.storageAnnotations | nindent 4 }} + {{- end }} name: {{ default "codeintel-db" .Values.codeIntelDB.name }} spec: accessModes: diff --git a/charts/sourcegraph/templates/codeintel-db/codeintel-db.StatefulSet.yaml b/charts/sourcegraph/templates/codeintel-db/codeintel-db.StatefulSet.yaml index d95649a3f..eff5c7275 100644 --- a/charts/sourcegraph/templates/codeintel-db/codeintel-db.StatefulSet.yaml +++ b/charts/sourcegraph/templates/codeintel-db/codeintel-db.StatefulSet.yaml @@ -51,6 +51,9 @@ spec: volumeMounts: - mountPath: /data name: disk + {{- if .Values.codeIntelDB.storageSubPath }} + subPath: {{ .Values.codeIntelDB.storageSubPath }} + {{- end }} securityContext: {{- toYaml .Values.alpine.containerSecurityContext | nindent 10 }} {{- if not .Values.sourcegraph.localDevMode }} @@ -101,6 +104,9 @@ spec: volumeMounts: - mountPath: /data name: disk + {{- if .Values.codeIntelDB.storageSubPath }} + subPath: {{ .Values.codeIntelDB.storageSubPath }} + {{- end }} - mountPath: /conf name: pgsql-conf - mountPath: /var/run/postgresql diff --git a/charts/sourcegraph/templates/gitserver/gitserver.StatefulSet.yaml b/charts/sourcegraph/templates/gitserver/gitserver.StatefulSet.yaml index 833b9799a..99d1eca77 100644 --- a/charts/sourcegraph/templates/gitserver/gitserver.StatefulSet.yaml +++ b/charts/sourcegraph/templates/gitserver/gitserver.StatefulSet.yaml @@ -85,6 +85,9 @@ spec: name: tmpdir - mountPath: /data/repos name: repos + {{- if .Values.gitserver.storageSubPath }} + subPath: {{ .Values.gitserver.storageSubPath }} + {{- end }} {{- if .Values.gitserver.sshSecret }} - mountPath: /home/sourcegraph/.ssh name: ssh @@ -124,6 +127,10 @@ spec: volumeClaimTemplates: - metadata: name: repos + {{- if .Values.gitserver.storageAnnotations }} + annotations: + {{- toYaml .Values.gitserver.storageAnnotations | nindent 8 }} + {{- end }} spec: accessModes: - ReadWriteOnce diff --git a/charts/sourcegraph/templates/grafana/grafana.StatefulSet.yaml b/charts/sourcegraph/templates/grafana/grafana.StatefulSet.yaml index 66e569430..b97c7db7e 100644 --- a/charts/sourcegraph/templates/grafana/grafana.StatefulSet.yaml +++ b/charts/sourcegraph/templates/grafana/grafana.StatefulSet.yaml @@ -65,6 +65,9 @@ spec: volumeMounts: - mountPath: /var/lib/grafana name: grafana-data + {{- if .Values.grafana.storageSubPath }} + subPath: {{ .Values.grafana.storageSubPath }} + {{- end }} - mountPath: /sg_config_grafana/provisioning/datasources name: config # Grafana is relied upon to send alerts to site admins when something is wrong with @@ -105,6 +108,10 @@ spec: volumeClaimTemplates: - metadata: name: grafana-data + {{- if .Values.grafana.storageAnnotations }} + annotations: + {{- toYaml .Values.grafana.storageAnnotations | nindent 8 }} + {{- end }} spec: accessModes: [ "ReadWriteOnce"] resources: diff --git a/charts/sourcegraph/templates/indexed-search/indexed-search.StatefulSet.yaml b/charts/sourcegraph/templates/indexed-search/indexed-search.StatefulSet.yaml index 7f89d7560..561afe8c5 100644 --- a/charts/sourcegraph/templates/indexed-search/indexed-search.StatefulSet.yaml +++ b/charts/sourcegraph/templates/indexed-search/indexed-search.StatefulSet.yaml @@ -89,6 +89,9 @@ spec: volumeMounts: - mountPath: /data name: data + {{- if .Values.indexedSearch.storageSubPath }} + subPath: {{ .Values.indexedSearch.storageSubPath }} + {{- end }} {{- if .Values.indexedSearch.extraVolumeMounts }} {{- toYaml .Values.indexedSearch.extraVolumeMounts | nindent 8 }} {{- end }} @@ -118,6 +121,9 @@ spec: volumeMounts: - mountPath: /data name: data + {{- if .Values.indexedSearch.storageSubPath }} + subPath: {{ .Values.indexedSearch.storageSubPath }} + {{- end }} {{- if .Values.indexedSearchIndexer.extraVolumeMounts }} {{- toYaml .Values.indexedSearchIndexer.extraVolumeMounts | nindent 8 }} {{- end }} @@ -147,6 +153,10 @@ spec: labels: deploy: sourcegraph name: data + {{- if .Values.indexedSearch.storageAnnotations }} + annotations: + {{- toYaml .Values.indexedSearch.storageAnnotations | nindent 8 }} + {{- end }} spec: accessModes: - ReadWriteOnce diff --git a/charts/sourcegraph/templates/pgsql/pgsql.PersistentVolumeClaim.yaml b/charts/sourcegraph/templates/pgsql/pgsql.PersistentVolumeClaim.yaml index 340da7e59..9e4db93aa 100644 --- a/charts/sourcegraph/templates/pgsql/pgsql.PersistentVolumeClaim.yaml +++ b/charts/sourcegraph/templates/pgsql/pgsql.PersistentVolumeClaim.yaml @@ -5,6 +5,10 @@ metadata: labels: deploy: sourcegraph app.kubernetes.io/component: pgsql + {{- if .Values.pgsql.storageAnnotations }} + annotations: + {{- toYaml .Values.pgsql.storageAnnotations | nindent 4 }} + {{- end }} name: pgsql spec: accessModes: diff --git a/charts/sourcegraph/templates/pgsql/pgsql.StatefulSet.yaml b/charts/sourcegraph/templates/pgsql/pgsql.StatefulSet.yaml index 26047eaf8..adccd43fb 100644 --- a/charts/sourcegraph/templates/pgsql/pgsql.StatefulSet.yaml +++ b/charts/sourcegraph/templates/pgsql/pgsql.StatefulSet.yaml @@ -51,6 +51,9 @@ spec: volumeMounts: - mountPath: /data name: disk + {{- if .Values.pgsql.storageSubPath }} + subPath: {{ .Values.pgsql.storageSubPath }} + {{- end }} securityContext: {{- toYaml .Values.alpine.containerSecurityContext | nindent 10 }} {{- if not .Values.sourcegraph.localDevMode }} @@ -101,6 +104,9 @@ spec: volumeMounts: - mountPath: /data name: disk + {{- if .Values.pgsql.storageSubPath }} + subPath: {{ .Values.pgsql.storageSubPath }} + {{- end }} - mountPath: /conf name: pgsql-conf - mountPath: /dev/shm diff --git a/charts/sourcegraph/templates/prometheus/prometheus.Deployment.yaml b/charts/sourcegraph/templates/prometheus/prometheus.Deployment.yaml index cee8cc9e5..608379c47 100644 --- a/charts/sourcegraph/templates/prometheus/prometheus.Deployment.yaml +++ b/charts/sourcegraph/templates/prometheus/prometheus.Deployment.yaml @@ -70,6 +70,9 @@ spec: volumeMounts: - mountPath: /prometheus name: data + {{- if .Values.prometheus.storageSubPath }} + subPath: {{ .Values.prometheus.storageSubPath }} + {{- end }} - mountPath: /sg_prometheus_add_ons name: config {{- if .Values.prometheus.extraVolumeMounts }} diff --git a/charts/sourcegraph/templates/prometheus/prometheus.PersistentVolumeClaim.yaml b/charts/sourcegraph/templates/prometheus/prometheus.PersistentVolumeClaim.yaml index 1e303b61b..d79efa8b3 100644 --- a/charts/sourcegraph/templates/prometheus/prometheus.PersistentVolumeClaim.yaml +++ b/charts/sourcegraph/templates/prometheus/prometheus.PersistentVolumeClaim.yaml @@ -5,6 +5,10 @@ metadata: labels: deploy: sourcegraph app.kubernetes.io/component: prometheus + {{- if .Values.prometheus.storageAnnotations }} + annotations: + {{- toYaml .Values.prometheus.storageAnnotations | nindent 4 }} + {{- end }} name: prometheus spec: accessModes: diff --git a/charts/sourcegraph/templates/redis/redis-cache.Deployment.yaml b/charts/sourcegraph/templates/redis/redis-cache.Deployment.yaml index 41eb3042b..bb5982328 100644 --- a/charts/sourcegraph/templates/redis/redis-cache.Deployment.yaml +++ b/charts/sourcegraph/templates/redis/redis-cache.Deployment.yaml @@ -97,6 +97,9 @@ spec: volumeMounts: - mountPath: /redis-data name: redis-data + {{- if .Values.redisCache.storageSubPath }} + subPath: {{ .Values.redisCache.storageSubPath }} + {{- end }} {{- if .Values.redisCache.extraVolumeMounts }} {{- toYaml .Values.redisCache.extraVolumeMounts | nindent 8 }} {{- end }} diff --git a/charts/sourcegraph/templates/redis/redis-cache.PersistentVolumeClaim.yaml b/charts/sourcegraph/templates/redis/redis-cache.PersistentVolumeClaim.yaml index 0c6ca7c06..bac546ffa 100644 --- a/charts/sourcegraph/templates/redis/redis-cache.PersistentVolumeClaim.yaml +++ b/charts/sourcegraph/templates/redis/redis-cache.PersistentVolumeClaim.yaml @@ -5,6 +5,10 @@ metadata: labels: deploy: sourcegraph app.kubernetes.io/component: redis + {{- if .Values.redisCache.storageAnnotations }} + annotations: + {{- toYaml .Values.redisCache.storageAnnotations | nindent 4 }} + {{- end }} name: redis-cache spec: accessModes: diff --git a/charts/sourcegraph/templates/redis/redis-store.Deployment.yaml b/charts/sourcegraph/templates/redis/redis-store.Deployment.yaml index 64c2710ca..59806df90 100644 --- a/charts/sourcegraph/templates/redis/redis-store.Deployment.yaml +++ b/charts/sourcegraph/templates/redis/redis-store.Deployment.yaml @@ -96,6 +96,9 @@ spec: volumeMounts: - mountPath: /redis-data name: redis-data + {{- if .Values.redisStore.storageSubPath }} + subPath: {{ .Values.redisStore.storageSubPath }} + {{- end }} {{- if .Values.redisStore.extraVolumeMounts }} {{- toYaml .Values.redisStore.extraVolumeMounts | nindent 8 }} {{- end }} diff --git a/charts/sourcegraph/templates/redis/redis-store.PersistentVolumeClaim.yaml b/charts/sourcegraph/templates/redis/redis-store.PersistentVolumeClaim.yaml index 5fff29f99..41cb911ac 100644 --- a/charts/sourcegraph/templates/redis/redis-store.PersistentVolumeClaim.yaml +++ b/charts/sourcegraph/templates/redis/redis-store.PersistentVolumeClaim.yaml @@ -5,6 +5,10 @@ metadata: labels: deploy: sourcegraph app.kubernetes.io/component: redis + {{- if .Values.redisStore.storageAnnotations }} + annotations: + {{- toYaml .Values.redisStore.storageAnnotations | nindent 4 }} + {{- end }} name: redis-store spec: accessModes: diff --git a/charts/sourcegraph/templates/searcher/searcher.StatefulSet.yaml b/charts/sourcegraph/templates/searcher/searcher.StatefulSet.yaml index 7c73b48b8..54badeaff 100644 --- a/charts/sourcegraph/templates/searcher/searcher.StatefulSet.yaml +++ b/charts/sourcegraph/templates/searcher/searcher.StatefulSet.yaml @@ -99,6 +99,9 @@ spec: volumeMounts: - mountPath: /mnt/cache name: cache + {{- if .Values.searcher.storageSubPath }} + subPath: {{ .Values.searcher.storageSubPath }} + {{- end }} - mountPath: /tmp name: tmpdir {{- if .Values.searcher.extraVolumeMounts }} @@ -135,6 +138,10 @@ spec: volumeClaimTemplates: - metadata: name: cache + {{- if .Values.searcher.storageAnnotations }} + annotations: + {{- toYaml .Values.searcher.storageAnnotations | nindent 8 }} + {{- end }} spec: accessModes: - ReadWriteOnce diff --git a/charts/sourcegraph/values.yaml b/charts/sourcegraph/values.yaml index 632d4fdd2..aa3a04c46 100644 --- a/charts/sourcegraph/values.yaml +++ b/charts/sourcegraph/values.yaml @@ -225,6 +225,10 @@ codeInsightsDB: name: "" # -- PVC Storage Request for `codeinsights-db` data volume storageSize: 200Gi + # -- Optional subPath for the `codeinsights-db` primary data volume mount + storageSubPath: "" + # -- Optional annotations to add to the `codeinsights-db` PVC + storageAnnotations: {} codeIntelDB: # -- Enable `codeintel-db` PostgreSQL server @@ -290,6 +294,10 @@ codeIntelDB: name: "" # -- PVC Storage Request for `codeintel-db` data volume storageSize: 200Gi + # -- Optional subPath for the `codeintel-db` primary data volume mount + storageSubPath: "" + # -- Optional annotations to add to the `codeintel-db` PVC + storageAnnotations: {} frontend: # -- Environment variables for the `frontend` container @@ -446,6 +454,10 @@ gitserver: name: "" # -- PVC Storage Request for `gitserver` data volume storageSize: 200Gi + # -- Optional subPath for the `gitserver` primary data volume mount + storageSubPath: "" + # -- Optional annotations to add to the `gitserver` PVC + storageAnnotations: {} grafana: # -- Enable `grafana` dashboard (recommended) @@ -508,6 +520,10 @@ grafana: name: grafana # -- PVC Storage Request for `grafana` data volume storageSize: 2Gi + # -- Optional subPath for the `grafana` primary data volume mount + storageSubPath: "" + # -- Optional annotations to add to the `grafana` PVC + storageAnnotations: {} indexedSearch: image: @@ -549,6 +565,10 @@ indexedSearch: # The size of disk to used for search indexes. # This should typically be gitserver disk size multipled by the number of gitserver shards. storageSize: 200Gi + # -- Optional subPath for the `indexed-search` primary data volume mount + storageSubPath: "" + # -- Optional annotations to add to the `indexed-search` PVC + storageAnnotations: {} indexedSearchIndexer: image: @@ -614,6 +634,10 @@ blobstore: name: "" # -- PVC Storage Request for `blobstore` data volume storageSize: 100Gi + # -- Optional subPath for the `blobstore` primary data volume mount + storageSubPath: "" + # -- Optional annotations to add to the `blobstore` PVC + storageAnnotations: {} openTelemetry: enabled: true @@ -800,6 +824,10 @@ pgsql: name: "" # -- PVC Storage Request for `pgsql` data volume storageSize: 200Gi + # -- Optional subPath for the `pgsql` primary data volume mount + storageSubPath: "" + # -- Optional annotations to add to the `pgsql` PVC + storageAnnotations: {} postgresExporter: image: @@ -948,6 +976,10 @@ prometheus: name: prometheus # -- PVC Storage Request for `prometheus` data volume storageSize: 200Gi + # -- Optional subPath for the `prometheus` primary data volume mount + storageSubPath: "" + # -- Optional annotations to add to the `prometheus` PVC + storageAnnotations: {} redisCache: # -- Enable `redis-cache` Redis server @@ -994,6 +1026,10 @@ redisCache: name: "" # -- PVC Storage Request for `redis-cache` data volume storageSize: 100Gi + # -- Optional subPath for the `redis-cache` primary data volume mount + storageSubPath: "" + # -- Optional annotations to add to the `redis-cache` PVC + storageAnnotations: {} redisExporter: image: @@ -1063,6 +1099,10 @@ redisStore: name: "" # -- PVC Storage Request for `redis-store` data volume storageSize: 100Gi + # -- Optional subPath for the `redis-store` primary data volume mount + storageSubPath: "" + # -- Optional annotations to add to the `redis-store` PVC + storageAnnotations: {} searcher: image: @@ -1103,6 +1143,10 @@ searcher: name: "" # -- Size of the PVC for searcher pods to store cache data storageSize: 26Gi + # -- Optional subPath for the `searcher` primary data volume mount + storageSubPath: "" + # -- Optional annotations to add to the `searcher` PVC + storageAnnotations: {} storageClass: # -- Enable creation of storageClass.