Home Esplora Aiuto
Registrati Accedi
sxwl_DL
/
yili-docker-images
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Albero (Tree): b220c8811b
Rami (Branch) Tag
yili-docker-...
/
charts
/
test
/
airflow
/
templates
/
_helpers.yaml

_helpers.yaml 27 KB
Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763 
  1. # Licensed to the Apache Software Foundation (ASF) under one
    2. 

  2. # or more contributor license agreements.  See the NOTICE file
    3. 

  3. # distributed with this work for additional information
    4. 

  4. # regarding copyright ownership.  The ASF licenses this file
    5. 

  5. # to you under the Apache License, Version 2.0 (the
    6. 

  6. # "License"); you may not use this file except in compliance
    7. 

  7. # with the License.  You may obtain a copy of the License at
    8. 

  8. #
    9. 

  9. #   http://www.apache.org/licenses/LICENSE-2.0
    10. 

  10. #
    11. 

  11. # Unless required by applicable law or agreed to in writing,
    12. 

  12. # software distributed under the License is distributed on an
    13. 

  13. # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
    14. 

  14. # KIND, either express or implied.  See the License for the
    15. 

  15. # specific language governing permissions and limitations
    16. 

  16. # under the License.
    17. 

  17. 

  18. {{/*
    19. 

  19. Create a default fully qualified app name.
    20. 

  20. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
    21. 

  21. If release name contains chart name it will be used as a full name.
    22. 

  22. */}}
    23. 

  23. {{- define "airflow.fullname" -}}
    24. 

  24. {{- if .Values.fullnameOverride }}
    25. 

  25. {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
    26. 

  26. {{- else }}
    27. 

  27. {{- $name := default .Chart.Name .Values.nameOverride }}
    28. 

  28. {{- if contains $name .Release.Name }}
    29. 

  29. {{- .Release.Name | trunc 63 | trimSuffix "-" }}
    30. 

  30. {{- else }}
    31. 

  31. {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
    32. 

  32. {{- end }}
    33. 

  33. {{- end }}
    34. 

  34. {{- end }}
    35. 

  35. 

  36. 

  37. {{/* Standard Airflow environment variables */}}
    38. 

  38. {{- define "standard_airflow_environment" }}
    39. 

  39.   # Hard Coded Airflow Envs
    40. 

  40.   {{- if .Values.enableBuiltInSecretEnvVars.AIRFLOW__CORE__FERNET_KEY }}
    41. 

  41.   - name: AIRFLOW__CORE__FERNET_KEY
    42. 

  42.     valueFrom:
    43. 

  43.       secretKeyRef:
    44. 

  44.         name: {{ template "fernet_key_secret" . }}
    45. 

  45.         key: fernet-key
    46. 

  46.   {{- end }}
    47. 

  47.   # For Airflow <2.3, backward compatibility; moved to [database] in 2.3
    48. 

  48.   {{- if .Values.enableBuiltInSecretEnvVars.AIRFLOW__CORE__SQL_ALCHEMY_CONN }}
    49. 

  49.   - name: AIRFLOW__CORE__SQL_ALCHEMY_CONN
    50. 

  50.     valueFrom:
    51. 

  51.       secretKeyRef:
    52. 

  52.         name: {{ template "airflow_metadata_secret" . }}
    53. 

  53.         key: connection
    54. 

  54.   {{- end }}
    55. 

  55.   {{- if .Values.enableBuiltInSecretEnvVars.AIRFLOW__DATABASE__SQL_ALCHEMY_CONN }}
    56. 

  56.   - name: AIRFLOW__DATABASE__SQL_ALCHEMY_CONN
    57. 

  57.     valueFrom:
    58. 

  58.       secretKeyRef:
    59. 

  59.         name: {{ template "airflow_metadata_secret" . }}
    60. 

  60.         key: connection
    61. 

  61.   {{- end }}
    62. 

  62.   {{- if .Values.enableBuiltInSecretEnvVars.AIRFLOW_CONN_AIRFLOW_DB }}
    63. 

  63.   - name: AIRFLOW_CONN_AIRFLOW_DB
    64. 

  64.     valueFrom:
    65. 

  65.       secretKeyRef:
    66. 

  66.         name: {{ template "airflow_metadata_secret" . }}
    67. 

  67.         key: connection
    68. 

  68.   {{- end }}
    69. 

  69.   {{- if .Values.enableBuiltInSecretEnvVars.AIRFLOW__WEBSERVER__SECRET_KEY }}
    70. 

  70.   - name: AIRFLOW__WEBSERVER__SECRET_KEY
    71. 

  71.     valueFrom:
    72. 

  72.       secretKeyRef:
    73. 

  73.         name: {{ template "webserver_secret_key_secret" . }}
    74. 

  74.         key: webserver-secret-key
    75. 

  75.   {{- end }}
    76. 

  76.   {{- if or (eq .Values.executor "CeleryExecutor") (eq .Values.executor "CeleryKubernetesExecutor") }}
    77. 

  77.     {{- if .Values.enableBuiltInSecretEnvVars.AIRFLOW__CELERY__CELERY_RESULT_BACKEND }}
    78. 

  78.   # (Airflow 1.10.* variant)
    79. 

  79.   - name: AIRFLOW__CELERY__CELERY_RESULT_BACKEND
    80. 

  80.     valueFrom:
    81. 

  81.       secretKeyRef:
    82. 

  82.         name: {{ template "airflow_result_backend_secret" . }}
    83. 

  83.         key: connection
    84. 

  84.     {{- end }}
    85. 

  85.     {{- if .Values.enableBuiltInSecretEnvVars.AIRFLOW__CELERY__RESULT_BACKEND }}
    86. 

  86.   - name: AIRFLOW__CELERY__RESULT_BACKEND
    87. 

  87.     valueFrom:
    88. 

  88.       secretKeyRef:
    89. 

  89.         name: {{ template "airflow_result_backend_secret" . }}
    90. 

  90.         key: connection
    91. 

  91.     {{- end }}
    92. 

  92.     {{- if .Values.enableBuiltInSecretEnvVars.AIRFLOW__CELERY__BROKER_URL }}
    93. 

  93.   - name: AIRFLOW__CELERY__BROKER_URL
    94. 

  94.     valueFrom:
    95. 

  95.       secretKeyRef:
    96. 

  96.         name: {{ default (printf "%s-broker-url" .Release.Name) .Values.data.brokerUrlSecretName }}
    97. 

  97.         key: connection
    98. 

  98.     {{- end }}
    99. 

  99.   {{- end }}
    100. 

  100.   {{- if .Values.elasticsearch.enabled }}
    101. 

  101.   # The elasticsearch variables were updated to the shorter names in v1.10.4
    102. 

  102.     {{- if .Values.enableBuiltInSecretEnvVars.AIRFLOW__ELASTICSEARCH__HOST }}
    103. 

  103.   - name: AIRFLOW__ELASTICSEARCH__HOST
    104. 

  104.     valueFrom:
    105. 

  105.       secretKeyRef:
    106. 

  106.         name: {{ template "elasticsearch_secret" . }}
    107. 

  107.         key: connection
    108. 

  108.     {{- end }}
    109. 

  109.     {{- if .Values.enableBuiltInSecretEnvVars.AIRFLOW__ELASTICSEARCH__ELASTICSEARCH_HOST }}
    110. 

  110.   # This is the older format for these variable names, kept here for backward compatibility
    111. 

  111.   - name: AIRFLOW__ELASTICSEARCH__ELASTICSEARCH_HOST
    112. 

  112.     valueFrom:
    113. 

  113.       secretKeyRef:
    114. 

  114.         name: {{ template "elasticsearch_secret" . }}
    115. 

  115.         key: connection
    116. 

  116.     {{- end }}
    117. 

  117.   {{- end }}
    118. 

  118. {{- end }}
    119. 

  119. 

  120. {{/* User defined Airflow environment variables */}}
    121. 

  121. {{- define "custom_airflow_environment" }}
    122. 

  122.   # Dynamically created environment variables
    123. 

  123.   {{- range $i, $config := .Values.env }}
    124. 

  124.   - name: {{ $config.name }}
    125. 

  125.     value: {{ $config.value | quote }}
    126. 

  126.     {{- if or (eq $.Values.executor "KubernetesExecutor") (eq $.Values.executor "LocalKubernetesExecutor") (eq $.Values.executor "CeleryKubernetesExecutor") }}
    127. 

  127.   - name: AIRFLOW__KUBERNETES_ENVIRONMENT_VARIABLES__{{ $config.name }}
    128. 

  128.     value: {{ $config.value | quote }}
    129. 

  129.     {{- end }}
    130. 

  130.   {{- end }}
    131. 

  131.   # Dynamically created secret envs
    132. 

  132.   {{- range $i, $config := .Values.secret }}
    133. 

  133.   - name: {{ $config.envName }}
    134. 

  134.     valueFrom:
    135. 

  135.       secretKeyRef:
    136. 

  136.         name: {{ $config.secretName }}
    137. 

  137.         key: {{ default "value" $config.secretKey }}
    138. 

  138.   {{- end }}
    139. 

  139.   {{- if or (eq $.Values.executor "LocalKubernetesExecutor") (eq $.Values.executor "KubernetesExecutor") (eq $.Values.executor "CeleryKubernetesExecutor") }}
    140. 

  140.     {{- range $i, $config := .Values.secret }}
    141. 

  141.   - name: AIRFLOW__KUBERNETES_SECRETS__{{ $config.envName }}
    142. 

  142.     value: {{ printf "%s=%s" $config.secretName $config.secretKey }}
    143. 

  143.     {{- end }}
    144. 

  144.   {{ end }}
    145. 

  145.   # Extra env
    146. 

  146.   {{- $Global := . }}
    147. 

  147.   {{- with .Values.extraEnv }}
    148. 

  148.   {{- tpl . $Global | nindent 2 }}
    149. 

  149.   {{- end }}
    150. 

  150. {{- end }}
    151. 

  151. 

  152. {{/* User defined Airflow environment from */}}
    153. 

  153. {{- define "custom_airflow_environment_from" }}
    154. 

  154.   {{- $Global := . }}
    155. 

  155.   {{- with .Values.extraEnvFrom }}
    156. 

  156.   {{- tpl . $Global | nindent 2 }}
    157. 

  157.   {{- end }}
    158. 

  158. {{- end }}
    159. 

  159. 

  160. {{/*  Git ssh key volume */}}
    161. 

  161. {{- define "git_sync_ssh_key_volume"}}
    162. 

  162. - name: git-sync-ssh-key
    163. 

  163.   secret:
    164. 

  164.     secretName: {{ .Values.dags.gitSync.sshKeySecret }}
    165. 

  165.     defaultMode: 288
    166. 

  166. {{- end }}
    167. 

  167. 

  168. {{/*  Git sync container */}}
    169. 

  169. {{- define "git_sync_container"}}
    170. 

  170. - name: {{ .Values.dags.gitSync.containerName }}{{ if .is_init }}-init{{ end }}
    171. 

  171.   image: {{ template "git_sync_image" . }}
    172. 

  172.   imagePullPolicy: {{ .Values.images.gitSync.pullPolicy }}
    173. 

  173.   securityContext: {{ include "localSecurityContext" .Values.dags.gitSync | nindent 4 }}
    174. 

  174.   env:
    175. 

  175.     {{- if .Values.dags.gitSync.sshKeySecret }}
    176. 

  176.     - name: GIT_SSH_KEY_FILE
    177. 

  177.       value: "/etc/git-secret/ssh"
    178. 

  178.     - name: GIT_SYNC_SSH
    179. 

  179.       value: "true"
    180. 

  180.     {{- if .Values.dags.gitSync.knownHosts }}
    181. 

  181.     - name: GIT_KNOWN_HOSTS
    182. 

  182.       value: "true"
    183. 

  183.     - name: GIT_SSH_KNOWN_HOSTS_FILE
    184. 

  184.       value: "/etc/git-secret/known_hosts"
    185. 

  185.     {{- else }}
    186. 

  186.     - name: GIT_KNOWN_HOSTS
    187. 

  187.       value: "false"
    188. 

  188.     {{- end }}
    189. 

  189.     {{ else if .Values.dags.gitSync.credentialsSecret }}
    190. 

  190.     - name: GIT_SYNC_USERNAME
    191. 

  191.       valueFrom:
    192. 

  192.         secretKeyRef:
    193. 

  193.           name: {{ .Values.dags.gitSync.credentialsSecret | quote }}
    194. 

  194.           key: GIT_SYNC_USERNAME
    195. 

  195.     - name: GIT_SYNC_PASSWORD
    196. 

  196.       valueFrom:
    197. 

  197.         secretKeyRef:
    198. 

  198.           name: {{ .Values.dags.gitSync.credentialsSecret | quote }}
    199. 

  199.           key: GIT_SYNC_PASSWORD
    200. 

  200.     {{- end }}
    201. 

  201.     - name: GIT_SYNC_REV
    202. 

  202.       value: {{ .Values.dags.gitSync.rev | quote }}
    203. 

  203.     - name: GIT_SYNC_BRANCH
    204. 

  204.       value: {{ .Values.dags.gitSync.branch | quote }}
    205. 

  205.     - name: GIT_SYNC_REPO
    206. 

  206.       value: {{ .Values.dags.gitSync.repo | quote }}
    207. 

  207.     - name: GIT_SYNC_DEPTH
    208. 

  208.       value: {{ .Values.dags.gitSync.depth | quote }}
    209. 

  209.     - name: GIT_SYNC_ROOT
    210. 

  210.       value: "/git"
    211. 

  211.     - name: GIT_SYNC_DEST
    212. 

  212.       value: "repo"
    213. 

  213.     - name: GIT_SYNC_ADD_USER
    214. 

  214.       value: "true"
    215. 

  215.     - name: GIT_SYNC_WAIT
    216. 

  216.       value: {{ .Values.dags.gitSync.wait | quote }}
    217. 

  217.     - name: GIT_SYNC_MAX_SYNC_FAILURES
    218. 

  218.       value: {{ .Values.dags.gitSync.maxFailures | quote }}
    219. 

  219.     {{- if .is_init }}
    220. 

  220.     - name: GIT_SYNC_ONE_TIME
    221. 

  221.       value: "true"
    222. 

  222.     {{- end }}
    223. 

  223.     {{- range $i, $config := .Values.dags.gitSync.env }}
    224. 

  224.     - name: {{ $config.name }}
    225. 

  225.       value: {{ $config.value | quote }}
    226. 

  226.     {{- end }}
    227. 

  227.   resources: {{ toYaml .Values.dags.gitSync.resources | nindent 6 }}
    228. 

  228.   volumeMounts:
    229. 

  229.   - name: dags
    230. 

  230.     mountPath: /git
    231. 

  231.   {{- if .Values.dags.gitSync.sshKeySecret }}
    232. 

  232.   - name: git-sync-ssh-key
    233. 

  233.     mountPath: /etc/git-secret/ssh
    234. 

  234.     readOnly: true
    235. 

  235.     subPath: gitSshKey
    236. 

  236.   {{- if .Values.dags.gitSync.knownHosts }}
    237. 

  237.   - name: config
    238. 

  238.     mountPath: /etc/git-secret/known_hosts
    239. 

  239.     readOnly: true
    240. 

  240.     subPath: known_hosts
    241. 

  241.   {{- end }}
    242. 

  242.   {{- end }}
    243. 

  243. {{- if .Values.dags.gitSync.extraVolumeMounts }}
    244. 

  244. {{ toYaml .Values.dags.gitSync.extraVolumeMounts | indent 2 }}
    245. 

  245. {{- end }}
    246. 

  246. {{- end }}
    247. 

  247. 

  248. # This helper will change when customers deploy a new image.
    249. 

  249. {{ define "airflow_image" -}}
    250. 

  250. {{ printf "%s:%s" (.Values.images.airflow.repository | default .Values.defaultAirflowRepository) (.Values.images.airflow.tag | default .Values.defaultAirflowTag) }}
    251. 

  251. {{- end }}
    252. 

  252. 

  253. {{ define "pod_template_image" -}}
    254. 

  254. {{ printf "%s:%s" (.Values.images.pod_template.repository | default .Values.defaultAirflowRepository) (.Values.images.pod_template.tag | default .Values.defaultAirflowTag) }}
    255. 

  255. {{- end }}
    256. 

  256. 

  257. # This helper is used for airflow containers that do not need the users code.
    258. 

  258. {{ define "default_airflow_image" -}}
    259. 

  259. {{ printf "%s:%s" .Values.defaultAirflowRepository .Values.defaultAirflowTag }}
    260. 

  260. {{- end }}
    261. 

  261. 

  262. {{ define "airflow_image_for_migrations" -}}
    263. 

  263. {{- if .Values.images.useDefaultImageForMigration -}}
    264. 

  264. {{ template "default_airflow_image" . }}
    265. 

  265. {{- else -}}
    266. 

  266. {{ template "airflow_image" . }}
    267. 

  267. {{- end -}}
    268. 

  268. {{- end }}
    269. 

  269. 

  270. {{ define "flower_image" -}}
    271. 

  271. {{ printf "%s:%s" (.Values.images.flower.repository | default .Values.defaultAirflowRepository) (.Values.images.flower.tag | default .Values.defaultAirflowTag) }}
    272. 

  272. {{- end }}
    273. 

  273. 

  274. {{ define "statsd_image" -}}
    275. 

  275. {{ printf "%s:%s" .Values.images.statsd.repository .Values.images.statsd.tag }}
    276. 

  276. {{- end }}
    277. 

  277. 

  278. {{ define "redis_image" -}}
    279. 

  279. {{ printf "%s:%s" .Values.images.redis.repository .Values.images.redis.tag }}
    280. 

  280. {{- end }}
    281. 

  281. 

  282. {{ define "pgbouncer_image" -}}
    283. 

  283. {{ printf "%s:%s" .Values.images.pgbouncer.repository .Values.images.pgbouncer.tag }}
    284. 

  284. {{- end }}
    285. 

  285. 

  286. {{ define "pgbouncer_exporter_image" -}}
    287. 

  287. {{ printf "%s:%s" .Values.images.pgbouncerExporter.repository .Values.images.pgbouncerExporter.tag }}
    288. 

  288. {{- end }}
    289. 

  289. 

  290. {{ define "git_sync_image" -}}
    291. 

  291. {{ printf "%s:%s" .Values.images.gitSync.repository .Values.images.gitSync.tag }}
    292. 

  292. {{- end }}
    293. 

  293. 

  294. {{ define "fernet_key_secret" -}}
    295. 

  295. {{ default (printf "%s-fernet-key" .Release.Name) .Values.fernetKeySecretName }}
    296. 

  296. {{- end }}
    297. 

  297. 

  298. {{ define "webserver_secret_key_secret" -}}
    299. 

  299. {{ default (printf "%s-webserver-secret-key" .Release.Name) .Values.webserverSecretKeySecretName }}
    300. 

  300. {{- end }}
    301. 

  301. 

  302. {{ define "redis_password_secret" -}}
    303. 

  303. {{ default (printf "%s-redis-password" .Release.Name) .Values.redis.passwordSecretName }}
    304. 

  304. {{- end }}
    305. 

  305. 

  306. {{ define "airflow_metadata_secret" -}}
    307. 

  307. {{ default (printf "%s-airflow-metadata" .Release.Name) .Values.data.metadataSecretName }}
    308. 

  308. {{- end }}
    309. 

  309. 

  310. {{ define "airflow_result_backend_secret" -}}
    311. 

  311. {{ default (printf "%s-airflow-result-backend" .Release.Name) .Values.data.resultBackendSecretName }}
    312. 

  312. {{- end }}
    313. 

  313. 

  314. {{ define "airflow_pod_template_file" -}}
    315. 

  315. {{ (printf "%s/pod_templates" .Values.airflowHome) }}
    316. 

  316. {{- end }}
    317. 

  317. 

  318. {{ define "pgbouncer_config_secret" -}}
    319. 

  319. {{ default (printf "%s-pgbouncer-config" .Release.Name) .Values.pgbouncer.configSecretName }}
    320. 

  320. {{- end }}
    321. 

  321. 

  322. {{ define "pgbouncer_certificates_secret" -}}
    323. 

  323. {{ .Release.Name }}-pgbouncer-certificates
    324. 

  324. {{- end }}
    325. 

  325. 

  326. {{ define "pgbouncer_stats_secret" -}}
    327. 

  327. {{ .Release.Name }}-pgbouncer-stats
    328. 

  328. {{- end }}
    329. 

  329. 

  330. {{ define "registry_secret" -}}
    331. 

  331. {{ default (printf "%s-registry" .Release.Name) .Values.registry.secretName }}
    332. 

  332. {{- end }}
    333. 

  333. 

  334. {{ define "elasticsearch_secret" -}}
    335. 

  335. {{ default (printf "%s-elasticsearch" .Release.Name) .Values.elasticsearch.secretName }}
    336. 

  336. {{- end }}
    337. 

  337. 

  338. {{ define "flower_secret" -}}
    339. 

  339. {{ default (printf "%s-flower" .Release.Name) .Values.flower.secretName }}
    340. 

  340. {{- end }}
    341. 

  341. 

  342. {{ define "kerberos_keytab_secret" -}}
    343. 

  343. {{ .Release.Name }}-kerberos-keytab
    344. 

  344. {{- end }}
    345. 

  345. 

  346. {{ define "kerberos_ccache_path" -}}
    347. 

  347. {{ printf "%s/%s" .Values.kerberos.ccacheMountPath .Values.kerberos.ccacheFileName }}
    348. 

  348. {{- end }}
    349. 

  349. 

  350. {{ define "pgbouncer_config" }}
    351. 

  351. {{- $resultBackendConnection := .Values.data.resultBackendConnection | default .Values.data.metadataConnection }}
    352. 

  352. {{- $pgMetadataHost := .Values.data.metadataConnection.host | default (printf "%s-%s.%s" .Release.Name "postgresql" .Release.Namespace) }}
    353. 

  353. {{- $pgResultBackendHost := $resultBackendConnection.host | default (printf "%s-%s.%s" .Release.Name "postgresql" .Release.Namespace) }}
    354. 

  354. [databases]
    355. 

  355. {{ .Release.Name }}-metadata = host={{ $pgMetadataHost }} dbname={{ .Values.data.metadataConnection.db }} port={{ .Values.data.metadataConnection.port }} pool_size={{ .Values.pgbouncer.metadataPoolSize }} {{ .Values.pgbouncer.extraIniMetadata | default "" }}
    356. 

  356. {{ .Release.Name }}-result-backend = host={{ $pgResultBackendHost }} dbname={{ $resultBackendConnection.db }} port={{ $resultBackendConnection.port }} pool_size={{ .Values.pgbouncer.resultBackendPoolSize }} {{ .Values.pgbouncer.extraIniResultBackend | default "" }}
    357. 

  357. 

  358. [pgbouncer]
    359. 

  359. pool_mode = transaction
    360. 

  360. listen_port = {{ .Values.ports.pgbouncer }}
    361. 

  361. listen_addr = *
    362. 

  362. auth_type = {{ .Values.pgbouncer.auth_type }}
    363. 

  363. auth_file = {{ .Values.pgbouncer.auth_file }}
    364. 

  364. stats_users = {{ .Values.data.metadataConnection.user }}
    365. 

  365. ignore_startup_parameters = extra_float_digits
    366. 

  366. max_client_conn = {{ .Values.pgbouncer.maxClientConn }}
    367. 

  367. verbose = {{ .Values.pgbouncer.verbose }}
    368. 

  368. log_disconnections = {{ .Values.pgbouncer.logDisconnections }}
    369. 

  369. log_connections = {{ .Values.pgbouncer.logConnections }}
    370. 

  370. 

  371. server_tls_sslmode = {{ .Values.pgbouncer.sslmode }}
    372. 

  372. server_tls_ciphers = {{ .Values.pgbouncer.ciphers }}
    373. 

  373. 

  374. {{- if .Values.pgbouncer.ssl.ca }}
    375. 

  375. server_tls_ca_file = /etc/pgbouncer/root.crt
    376. 

  376. {{- end }}
    377. 

  377. {{- if .Values.pgbouncer.ssl.cert }}
    378. 

  378. server_tls_cert_file = /etc/pgbouncer/server.crt
    379. 

  379. {{- end }}
    380. 

  380. {{- if .Values.pgbouncer.ssl.key }}
    381. 

  381. server_tls_key_file = /etc/pgbouncer/server.key
    382. 

  382. {{- end }}
    383. 

  383. 

  384. {{- if .Values.pgbouncer.extraIni }}
    385. 

  385. {{ .Values.pgbouncer.extraIni }}
    386. 

  386. {{- end }}
    387. 

  387. {{- end }}
    388. 

  388. 

  389. {{ define "pgbouncer_users" }}
    390. 

  390. {{- $resultBackendConnection := .Values.data.resultBackendConnection | default .Values.data.metadataConnection }}
    391. 

  391. {{ .Values.data.metadataConnection.user | quote }} {{ .Values.data.metadataConnection.pass | quote }}
    392. 

  392. {{ $resultBackendConnection.user | quote }} {{ $resultBackendConnection.pass | quote }}
    393. 

  393. {{- end }}
    394. 

  394. 

  395. {{ define "airflow_logs" -}}
    396. 

  396. {{ (printf "%s/logs" .Values.airflowHome) | quote }}
    397. 

  397. {{- end }}
    398. 

  398. 

  399. {{ define "airflow_logs_no_quote" -}}
    400. 

  400. {{ (printf "%s/logs" .Values.airflowHome) }}
    401. 

  401. {{- end }}
    402. 

  402. 

  403. {{ define "airflow_logs_volume_claim" -}}
    404. 

  404. {{- if .Values.logs.persistence.existingClaim -}}
    405. 

  405. {{ .Values.logs.persistence.existingClaim }}
    406. 

  406. {{- else -}}
    407. 

  407. {{ .Release.Name }}-logs
    408. 

  408. {{- end -}}
    409. 

  409. {{- end -}}
    410. 

  410. 

  411. {{ define "airflow_dags" -}}
    412. 

  412. {{- if .Values.dags.gitSync.enabled -}}
    413. 

  413. {{ (printf "%s/dags/repo/%s" .Values.airflowHome .Values.dags.gitSync.subPath) }}
    414. 

  414. {{- else -}}
    415. 

  415. {{ (printf "%s/dags" .Values.airflowHome) }}
    416. 

  416. {{- end -}}
    417. 

  417. {{- end -}}
    418. 

  418. 

  419. {{ define "airflow_dags_volume_claim" -}}
    420. 

  420. {{- if .Values.dags.persistence.existingClaim -}}
    421. 

  421. {{ .Values.dags.persistence.existingClaim }}
    422. 

  422. {{- else -}}
    423. 

  423. {{ .Release.Name }}-dags
    424. 

  424. {{- end -}}
    425. 

  425. {{- end -}}
    426. 

  426. 

  427. {{ define "airflow_dags_mount" -}}
    428. 

  428. - name: dags
    429. 

  429.   mountPath: {{ (printf "%s/dags" .Values.airflowHome) }}
    430. 

  430.   {{ if .Values.dags.persistence.subPath -}}
    431. 

  431.   subPath: {{ .Values.dags.persistence.subPath }}
    432. 

  432.   {{- end }}
    433. 

  433.   readOnly: {{ .Values.dags.gitSync.enabled | ternary "True" "False" }}
    434. 

  434. {{- end -}}
    435. 

  435. 

  436. {{ define "airflow_config_path" -}}
    437. 

  437. {{ (printf "%s/airflow.cfg" .Values.airflowHome) | quote }}
    438. 

  438. {{- end }}
    439. 

  439. 

  440. {{ define "airflow_webserver_config_path" -}}
    441. 

  441. {{ (printf "%s/webserver_config.py" .Values.airflowHome) | quote }}
    442. 

  442. {{- end }}
    443. 

  443. 

  444. {{ define "airflow_local_setting_path" -}}
    445. 

  445. {{ (printf "%s/config/airflow_local_settings.py" .Values.airflowHome) | quote }}
    446. 

  446. {{- end }}
    447. 

  447. 

  448. {{ define "airflow_config" -}}
    449. 

  449. {{ (printf "%s-airflow-config" .Release.Name) }}
    450. 

  450. {{- end }}
    451. 

  451. 

  452. {{/*
    453. 

  453. Create the name of the webserver service account to use
    454. 

  454. */}}
    455. 

  455. {{- define "webserver.serviceAccountName" -}}
    456. 

  456. {{- if .Values.webserver.serviceAccount.create -}}
    457. 

  457.     {{ default (printf "%s-webserver" (include "airflow.fullname" .)) .Values.webserver.serviceAccount.name }}
    458. 

  458. {{- else -}}
    459. 

  459.     {{ default "default" .Values.webserver.serviceAccount.name }}
    460. 

  460. {{- end -}}
    461. 

  461. {{- end -}}
    462. 

  462. 

  463. {{/*
    464. 

  464. Create the name of the redis service account to use
    465. 

  465. */}}
    466. 

  466. {{- define "redis.serviceAccountName" -}}
    467. 

  467. {{- if .Values.redis.serviceAccount.create -}}
    468. 

  468.     {{ default (printf "%s-redis" (include "airflow.fullname" .)) .Values.redis.serviceAccount.name }}
    469. 

  469. {{- else -}}
    470. 

  470.     {{ default "default" .Values.redis.serviceAccount.name }}
    471. 

  471. {{- end -}}
    472. 

  472. {{- end -}}
    473. 

  473. 

  474. {{/*
    475. 

  475. Create the name of the flower service account to use
    476. 

  476. */}}
    477. 

  477. {{- define "flower.serviceAccountName" -}}
    478. 

  478. {{- if .Values.flower.serviceAccount.create -}}
    479. 

  479.     {{ default (printf "%s-flower" (include "airflow.fullname" .)) .Values.flower.serviceAccount.name }}
    480. 

  480. {{- else -}}
    481. 

  481.     {{ default "default" .Values.flower.serviceAccount.name }}
    482. 

  482. {{- end -}}
    483. 

  483. {{- end -}}
    484. 

  484. 

  485. {{/*
    486. 

  486. Create the name of the scheduler service account to use
    487. 

  487. */}}
    488. 

  488. {{- define "scheduler.serviceAccountName" -}}
    489. 

  489. {{- if .Values.scheduler.serviceAccount.create -}}
    490. 

  490.     {{ default (printf "%s-scheduler" (include "airflow.fullname" .)) .Values.scheduler.serviceAccount.name }}
    491. 

  491. {{- else -}}
    492. 

  492.     {{ default "default" .Values.scheduler.serviceAccount.name }}
    493. 

  493. {{- end -}}
    494. 

  494. {{- end -}}
    495. 

  495. 

  496. {{/*
    497. 

  497. Create the name of the StatsD service account to use
    498. 

  498. */}}
    499. 

  499. {{- define "statsd.serviceAccountName" -}}
    500. 

  500. {{- if .Values.statsd.serviceAccount.create -}}
    501. 

  501.     {{ default (printf "%s-statsd" (include "airflow.fullname" .)) .Values.statsd.serviceAccount.name }}
    502. 

  502. {{- else -}}
    503. 

  503.     {{ default "default" .Values.statsd.serviceAccount.name }}
    504. 

  504. {{- end -}}
    505. 

  505. {{- end -}}
    506. 

  506. 

  507. {{/*
    508. 

  508. Create the name of the create user job service account to use
    509. 

  509. */}}
    510. 

  510. {{- define "createUserJob.serviceAccountName" -}}
    511. 

  511. {{- if .Values.createUserJob.serviceAccount.create -}}
    512. 

  512.     {{ default (printf "%s-create-user-job" (include "airflow.fullname" .)) .Values.createUserJob.serviceAccount.name }}
    513. 

  513. {{- else -}}
    514. 

  514.     {{ default "default" .Values.createUserJob.serviceAccount.name }}
    515. 

  515. {{- end -}}
    516. 

  516. {{- end -}}
    517. 

  517. 

  518. {{/*
    519. 

  519. Create the name of the migrate database job service account to use
    520. 

  520. */}}
    521. 

  521. {{- define "migrateDatabaseJob.serviceAccountName" -}}
    522. 

  522. {{- if .Values.migrateDatabaseJob.serviceAccount.create -}}
    523. 

  523.     {{ default (printf "%s-migrate-database-job" (include "airflow.fullname" .)) .Values.migrateDatabaseJob.serviceAccount.name }}
    524. 

  524. {{- else -}}
    525. 

  525.     {{ default "default" .Values.migrateDatabaseJob.serviceAccount.name }}
    526. 

  526. {{- end -}}
    527. 

  527. {{- end -}}
    528. 

  528. 

  529. {{/*
    530. 

  530. Create the name of the worker service account to use
    531. 

  531. */}}
    532. 

  532. {{- define "worker.serviceAccountName" -}}
    533. 

  533. {{- if .Values.workers.serviceAccount.create -}}
    534. 

  534.     {{ default (printf "%s-worker" (include "airflow.fullname" .)) .Values.workers.serviceAccount.name }}
    535. 

  535. {{- else -}}
    536. 

  536.     {{ default "default" .Values.workers.serviceAccount.name }}
    537. 

  537. {{- end -}}
    538. 

  538. {{- end -}}
    539. 

  539. 

  540. {{/*
    541. 

  541. Create the name of the triggerer service account to use
    542. 

  542. */}}
    543. 

  543. {{- define "triggerer.serviceAccountName" -}}
    544. 

  544. {{- if .Values.triggerer.serviceAccount.create -}}
    545. 

  545.     {{ default (printf "%s-triggerer" (include "airflow.fullname" .)) .Values.triggerer.serviceAccount.name }}
    546. 

  546. {{- else -}}
    547. 

  547.     {{ default "default" .Values.triggerer.serviceAccount.name }}
    548. 

  548. {{- end -}}
    549. 

  549. {{- end -}}
    550. 

  550. 

  551. {{/*
    552. 

  552. Create the name of the pgbouncer service account to use
    553. 

  553. */}}
    554. 

  554. {{- define "pgbouncer.serviceAccountName" -}}
    555. 

  555. {{- if .Values.pgbouncer.serviceAccount.create -}}
    556. 

  556.     {{ default (printf "%s-pgbouncer" (include "airflow.fullname" .)) .Values.pgbouncer.serviceAccount.name }}
    557. 

  557. {{- else -}}
    558. 

  558.     {{ default "default" .Values.pgbouncer.serviceAccount.name }}
    559. 

  559. {{- end -}}
    560. 

  560. {{- end -}}
    561. 

  561. 

  562. {{/*
    563. 

  563. Create the name of the cleanup service account to use
    564. 

  564. */}}
    565. 

  565. {{- define "cleanup.serviceAccountName" -}}
    566. 

  566. {{- if .Values.cleanup.serviceAccount.create -}}
    567. 

  567.     {{ default (printf "%s-cleanup" (include "airflow.fullname" .)) .Values.cleanup.serviceAccount.name }}
    568. 

  568. {{- else -}}
    569. 

  569.     {{ default "default" .Values.cleanup.serviceAccount.name }}
    570. 

  570. {{- end -}}
    571. 

  571. {{- end -}}
    572. 

  572. 

  573. {{ define "wait-for-migrations-command" }}
    574. 

  574.   {{- if semverCompare ">=2.0.0" .Values.airflowVersion }}
    575. 

  575.   - airflow
    576. 

  576.   - db
    577. 

  577.   - check-migrations
    578. 

  578.   - --migration-wait-timeout={{ .Values.images.migrationsWaitTimeout }}
    579. 

  579.   {{- else }}
    580. 

  580.   - python
    581. 

  581.   - -c
    582. 

  582.   - |
    583. 

  583.         import airflow
    584. 

  584.         import logging
    585. 

  585.         import os
    586. 

  586.         import time
    587. 

  587. 

  588.         from alembic.config import Config
    589. 

  589.         from alembic.runtime.migration import MigrationContext
    590. 

  590.         from alembic.script import ScriptDirectory
    591. 

  591. 

  592.         from airflow import settings
    593. 

  593. 

  594.         package_dir = os.path.abspath(os.path.dirname(airflow.__file__))
    595. 

  595.         directory = os.path.join(package_dir, 'migrations')
    596. 

  596.         config = Config(os.path.join(package_dir, 'alembic.ini'))
    597. 

  597.         config.set_main_option('script_location', directory)
    598. 

  598.         config.set_main_option('sqlalchemy.url', settings.SQL_ALCHEMY_CONN.replace('%', '%%'))
    599. 

  599.         script_ = ScriptDirectory.from_config(config)
    600. 

  600. 

  601.         timeout=60
    602. 

  602. 

  603.         with settings.engine.connect() as connection:
    604. 

  604.             context = MigrationContext.configure(connection)
    605. 

  605.             ticker = 0
    606. 

  606.             while True:
    607. 

  607.                 source_heads = set(script_.get_heads())
    608. 

  608. 

  609.                 db_heads = set(context.get_current_heads())
    610. 

  610.                 if source_heads == db_heads:
    611. 

  611.                     break
    612. 

  612. 

  613.                 if ticker >= timeout:
    614. 

  614.                     raise TimeoutError("There are still unapplied migrations after {} seconds.".format(ticker))
    615. 

  615.                 ticker += 1
    616. 

  616.                 time.sleep(1)
    617. 

  617.                 logging.info('Waiting for migrations... %s second(s)', ticker)
    618. 

  618.   {{- end }}
    619. 

  619. {{- end }}
    620. 

  620. 

  621. {{define "scheduler_liveness_check_command"}}
    622. 

  622. 

  623.   {{- if semverCompare ">=2.0.0" .Values.airflowVersion }}
    624. 

  624.   - sh
    625. 

  625.   - -c
    626. 

  626.   - |
    627. 

  627.     CONNECTION_CHECK_MAX_COUNT=0 AIRFLOW__LOGGING__LOGGING_LEVEL=ERROR exec /entrypoint \
    628. 

  628.     airflow jobs check --job-type SchedulerJob --hostname $(hostname)
    629. 

  629.   {{- else }}
    630. 

  630.   - sh
    631. 

  631.   - -c
    632. 

  632.   - |
    633. 

  633.     CONNECTION_CHECK_MAX_COUNT=0 exec /entrypoint python -Wignore -c "
    634. 

  634.     import os
    635. 

  635.     os.environ['AIRFLOW__CORE__LOGGING_LEVEL'] = 'ERROR'
    636. 

  636.     os.environ['AIRFLOW__LOGGING__LOGGING_LEVEL'] = 'ERROR'
    637. 

  637.     from airflow.jobs.scheduler_job import SchedulerJob
    638. 

  638.     from airflow.utils.db import create_session
    639. 

  639.     from airflow.utils.net import get_hostname
    640. 

  640.     import sys
    641. 

  641.     with create_session() as session:
    642. 

  642.         job = session.query(SchedulerJob).filter_by(hostname=get_hostname()).order_by(
    643. 

  643.             SchedulerJob.latest_heartbeat.desc()).limit(1).first()
    644. 

  644.     sys.exit(0 if job.is_alive() else 1)"
    645. 

  645.   {{- end }}
    646. 

  646. {{- end }}
    647. 

  647. 

  648. {{define "triggerer_liveness_check_command"}}
    649. 

  649.   - sh
    650. 

  650.   - -c
    651. 

  651.   - |
    652. 

  652.     CONNECTION_CHECK_MAX_COUNT=0 AIRFLOW__LOGGING__LOGGING_LEVEL=ERROR exec /entrypoint \
    653. 

  653.     airflow jobs check --job-type TriggererJob --hostname $(hostname)
    654. 

  654. {{- end }}
    655. 

  655. 

  656. {{ define "registry_docker_config" -}}
    657. 

  657.   {{- $host := .Values.registry.connection.host }}
    658. 

  658.   {{- $email := .Values.registry.connection.email }}
    659. 

  659.   {{- $user := .Values.registry.connection.user -}}
    660. 

  660.   {{- $pass := .Values.registry.connection.pass -}}
    661. 

  661. 

  662.   {{- $config := dict "auths" -}}
    663. 

  663.   {{- $auth := dict -}}
    664. 

  664.   {{- $data := dict -}}
    665. 

  665.   {{- $_ := set $data "username" $user -}}
    666. 

  666.   {{- $_ := set $data "password" $pass -}}
    667. 

  667.   {{- $_ := set $data "email" $email -}}
    668. 

  668.   {{- $_ := set $data "auth" (printf "%v:%v" $user $pass | b64enc) -}}
    669. 

  669.   {{- $_ := set $auth $host $data -}}
    670. 

  670.   {{- $_ := set $config "auths" $auth -}}
    671. 

  671.   {{ $config | toJson | print }}
    672. 

  672. {{- end }}
    673. 

  673. 

  674. {{/* Allow Kubernetes Version to be overridden. Credit to https://github.com/prometheus-community/helm-charts for Regex. */}}
    675. 

  675. {{- define "kubeVersion" -}}
    676. 

  676.   {{- $kubeVersion := default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride -}}
    677. 

  677.   {{/* Special use case for Amazon EKS, Google GKE */}}
    678. 

  678.   {{- if and (regexMatch "\\d+\\.\\d+\\.\\d+-(?:eks|gke).+" $kubeVersion) (not .Values.kubeVersionOverride) -}}
    679. 

  679.     {{- $kubeVersion = regexFind "\\d+\\.\\d+\\.\\d+" $kubeVersion -}}
    680. 

  680.   {{- end -}}
    681. 

  681.   {{- $kubeVersion -}}
    682. 

  682. {{- end -}}
    683. 

  683. 

  684. {{/*
    685. 

  685. Set the default value for securityContext
    686. 

  686. If no value is passed for securityContext or <node>.securityContext, defaults to global uid and gid.
    687. 

  687. 

  688.     +------------------------+      +-----------------+      +-------------------------+
    689. 

  689.     | <node>.securityContext |  ->  | securityContext |  ->  | Values.uid + Values.gid |
    690. 

  690.     +------------------------+      +-----------------+      +-------------------------+
    691. 

  691. 

  692. Values are not accumulated meaning that if runAsUser is set to 10 in <node>.securityContext,
    693. 

  693. any extra values set to securityContext or uid+gid will be ignored.
    694. 

  694. 

  695. The template can be called like so:
    696. 

  696.    include "airflowSecurityContext" (list . .Values.webserver)
    697. 

  697. 

  698. Where `.` is the global variables scope and `.Values.webserver` the local variables scope for the webserver template.
    699. 

  699. */}}
    700. 

  700. {{- define "airflowSecurityContext" -}}
    701. 

  701.   {{- $ := index . 0 -}}
    702. 

  702.   {{- with index . 1 }}
    703. 

  703.     {{- if .securityContext -}}
    704. 

  704. {{ toYaml .securityContext | print }}
    705. 

  705.     {{- else if $.Values.securityContext -}}
    706. 

  706. {{ toYaml $.Values.securityContext | print }}
    707. 

  707.     {{- else -}}
    708. 

  708. runAsUser: {{ $.Values.uid }}
    709. 

  709. fsGroup: {{ $.Values.gid }}
    710. 

  710.     {{- end -}}
    711. 

  711.   {{- end -}}
    712. 

  712. {{- end -}}
    713. 

  713. 

  714. {{/*
    715. 

  715. Set the default value for securityContext
    716. 

  716. If no value is passed for securityContext or <node>.securityContext, defaults to UID in the local node.
    717. 

  717. 

  718.     +------------------------+     +-------------+
    719. 

  719.     | <node>.securityContext |  >  | <node>.uid  |
    720. 

  720.     +------------------------+     +-------------+
    721. 

  721. 

  722. The template can be called like so:
    723. 

  723.   include "localSecurityContext" .Values.statsd
    724. 

  724. 

  725. It is important to pass the local variables scope to this template as it is used to determine the local node value for uid.
    726. 

  726. */}}
    727. 

  727. {{- define "localSecurityContext" -}}
    728. 

  728.   {{- if .securityContext -}}
    729. 

  729. {{ toYaml .securityContext | print }}
    730. 

  730.   {{- else -}}
    731. 

  731. runAsUser: {{ .uid }}
    732. 

  732.   {{- end -}}
    733. 

  733. {{- end -}}
    734. 

  734. 

  735. {{/*
    736. 

  736. Set the default value for workers chown for persistent storage
    737. 

  737. If no value is passed for securityContext or <node>.securityContext, defaults to global uid and gid.
    738. 

  738. The template looks for `runAsUser` and `fsGroup` specifically, any other parameter will be ignored.
    739. 

  739. 

  740.     +------------------------+      +-----------------+      +-------------------------+
    741. 

  741.     | <node>.securityContext |  ->  | securityContext |  ->  | Values.uid + Values.gid |
    742. 

  742.     +------------------------+      +-----------------+      +-------------------------+
    743. 

  743. 

  744. Values are not accumulated meaning that if runAsUser is set to 10 in <node>.securityContext,
    745. 

  745. any extra values set to securityContext or uid+gid will be ignored.
    746. 

  746. 

  747. The template can be called like so:
    748. 

  748.    include "airflowSecurityContextIds" (list . .Values.workers)
    749. 

  749. 

  750. Where `.` is the global variables scope and `.Values.workers` the local variables scope for the workers template.
    751. 

  751. */}}
    752. 

  752. {{- define "airflowSecurityContextIds" -}}
    753. 

  753.   {{- $ := index . 0 -}}
    754. 

  754.   {{- with index . 1 }}
    755. 

  755.     {{- if .securityContext -}}
    756. 

  756. {{ pluck "runAsUser" .securityContext | first | default $.Values.uid }}:{{ pluck "fsGroup" .securityContext | first | default $.Values.gid }}
    757. 

  757.     {{- else if $.Values.securityContext -}}
    758. 

  758. {{ pluck "runAsUser" $.Values.securityContext | first | default $.Values.uid }}:{{ pluck "fsGroup" $.Values.securityContext | first | default $.Values.gid }}
    759. 

  759.     {{- else -}}
    760. 

  760. {{ $.Values.uid }}:{{ $.Values.gid }}
    761. 

  761.     {{- end -}}
    762. 

  762.   {{- end -}}
    763. 

  763. {{- end -}}
    764.