* added support for inter-cluster tls and changing the inter-cluster port number
* renamed helper variables for extra clarity
* Fix tls test, and add p2p tls test
* Fix test
* Fix test
---------
Co-authored-by: Nathan Savage <nathan.savage@kaimai.co.uk>
Like `affinity`, `topologySpreadConstraints` also need tpl function to rendering its value. for example:
```yaml
topologySpreadConstraints:
- maxSkew: 1
topologyKey: "topology.kubernetes.io/zone"
whenUnsatisfiable: ScheduleAnyway
labelSelector:
matchLabels:
app.kubernetes.io/name: '{{ include "qdrant.name" . }}'
```
* added support for reading apiKey and readOnlyApiKey from external secrets. Also added support for valueFrom convention in container secrets
* flattened _helpers.tpl to maintain existing convention
* fixed logic issue with apiKey and readOnlyApiKey primitive values introduced in last commit
* changed helper if from a typeOf check to a kindOf check and added a BATS test for new functionality
* fixed test config error
* Allow ports to be configured as `NodePort'
* PR fix: Do not update chart version
* PR fix: Remove setting null `nodePort` in case of `ClusterIP` service
* PR fix: Remove unreleased changelog entry
* Support read_only_api_key in Qdrant config, similar to the api_key config value
* Fix updates of secret
* Fix updates of secret
* Fix updates of secret
* Fix updates of secret
* Use / for probes instead of /readyz
The new implementation of /readyz does not work well together with how StatefulSets do roll outs and restarts
* Fix test
* Fix probes when Qdrant is served over TLS
This also improves the integration test runtime and reliability by not installing a fresh cluster for every test but upgrading it with the new config.
Fixes https://github.com/qdrant/qdrant-helm/issues/77
* Deactivate liveness and startup probes by default
Since these probes restart the pod on failure, they can disrupt the health of the Qdrant cluster unnecessarily and cause more problems then actually help. Having a readinessProbe is usually enough.
* Fix tests
* Try to fix connection issues
* Release 0.5.1
This also adds an integration test which actually hits the API and experimental support for unprivileged container images
* Add debug statement
* Add debug statement
* Bump Qdrant to 1.5.1
* Try to fix tests
* Add comment and remove duplicated test
* Make the qdrant api key easily configurable
This adds a new `apiKey` value.
If `true` it generates a random apiKey, stores it in a secret and ensures that it stays the same during upgrades.
If a string is passed, this string is used as the api key.
The secret is mounted as a `local.yaml` config into the container. See also https://qdrant.tech/documentation/guides/configuration/#order-and-priority.
Alternatively, there are two new values `additionalVolumes` and `additionalVolumeMounts` which allow to mount additional existing volumes, such as pre-existing secrets into the qdrant container.
This also adds bats-core based integration tests to test the correct api key handling
Signed-off-by: Bastian Hofmann <mail@bastianhofmann.de>
* Fix bats integration tests
Signed-off-by: Bastian Hofmann <mail@bastianhofmann.de>
* Fix bats integration tests
Signed-off-by: Bastian Hofmann <mail@bastianhofmann.de>
* Fix bats integration tests
Signed-off-by: Bastian Hofmann <mail@bastianhofmann.de>
* Fix bats integration tests
Signed-off-by: Bastian Hofmann <mail@bastianhofmann.de>
* Fix statefulset
* doc: fix typo
---------
Signed-off-by: Bastian Hofmann <mail@bastianhofmann.de>
Co-authored-by: Tim Eggert <tim@elbart.com>
* Support configuring additional labels on resources and add ServiceAccount
Fixes https://github.com/qdrant/qdrant-helm/issues/55
This adds a ServiceAccount for the Statefulset. This errors if a namespace has no default ServiceAccount and prevents accidentally using a default namespace ServiceAccount with elevated permissions.
This also introduces terratest as a way to do unit tests on the rendered helm chart.
* Fix setup-go cache-dependency-path for faster executions
Signed-off-by: Bastian Hofmann <mail@bastianhofmann.de>
---------
Signed-off-by: Bastian Hofmann <mail@bastianhofmann.de>
