Consolidate security context handling across the web, worker, and migration jobs.#182
Open
ggualerz wants to merge 111 commits into
Open
Consolidate security context handling across the web, worker, and migration jobs.#182ggualerz wants to merge 111 commits into
ggualerz wants to merge 111 commits into
Conversation
Merge develop to main
…rs (chatwoot#13) * Allows annotations for services to enable cloud provided load balancers
* fix: redis auth issue * chore: increment chart version * fix: format comments
…hatwoot#26) * adds resource templates in web and worker deployment for autoscaling * updated chart version to 0.5.4 Signed-off-by: thundersparkf <devagastya0@gmail.com>
* feat: add docs * feat: init parameter section * doc: configuration variables for chatwoot * doc: improve wording * doc: fix typos
* chore: refactor installation_env variable naming * chore: remove unused env var
* fix: selector issues when upgrading * fix: labels for all k8s objects * doc: update readme to add upgrade notes
…igMap (chatwoot#33) * feat: remove redis/postgres hardcoding and switch to ConfigMap * fix: helm lint failures * fix: configmap issue * fix: helm test suite * doc: update readme * feat: add separate values.yaml for github ci * Update README * Update NOTES.txt * add REDIS_TLS env var to handle TLS requirement for external redis * increment version to 0.6.3
nslookup of DB hostname was used as DB init check for migration job. This was causing the migration job container to fail multiple times. NSLOOKUP being successful does not equate to DB is ready to accept connections. This PR changed that to use the pg_ready tool which is a much more reliable metric to assess DB ready status.
- update charts to version 0.6.5 - update chatwoot to v1.20.0
…oot#37) * fix helm yaml template parsing issues when using external dbs * Refactor postgres helper function * Refactor env vars in values.yaml * add a helper func for redis.password * Rename env var POSTGRES_DB to POSTGRES_DATABASE Rails is looking for POSTGRES_DATABASE env variable. This was causing failures if a different db name other than chatwoot_production was used.
feat: upgrade charts to chatwoot v3.3.1 (chatwoot#114) https://github.com/chatwoot/chatwoot/releases/tag/v3.3.1 Signed-off-by: Vishnu Narayanan <vishnu@chatwoot.com>
…twoot#122) * fix: use imagepullsecret in web-deployment and worker-deployment
Linting gh action for charts repo was broken due to the old Python version. Update it to 3.13
Chatwoot v4 and above requires PostgreSQL with pgvector support. Replace the default Bitnami PostgreSQL image with a custom image that has pgvector installed. This only affects users relying on postgres installed via charts. ref: https://chwt.app/v4/migration
This upgrade will switch to first v4 stable release. This updates the charts to chatwoot v4.1.0 This includes breaking changes. Please read the migration guide before upgrading to v4 from 3.x.x. 1. https://chwt.app/v4/migration 2. https://github.com/chatwoot/chatwoot/releases/tag/v4.1.0
* feat: upgrade charts to chatwoot v4.5.0 https://github.com/chatwoot/chatwoot/releases/tag/v4.5.0
* feat: upgrade charts to chatwoot v4.7.0 * fix: switch to bitnamilegacy repo for redis bitnami/charts#35164 https://github.com/chatwoot/chatwoot/releases/tag/v4.7.0
…ration jobs. - add pod/container security context rendering with safe fallbacks, including init containers - expose hooks.migrate security context values and document them in README - update PSA examples to UID/GID 1000 for rootless images
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
15 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Consolidate security context handling across the web, worker, and migration jobs.
add pod/container security context rendering with safe fallbacks, including init containers
expose hooks.migrate security context values and document them in README
update PSA examples to UID/GID 1000 for rootless images
Chatwoot official image isn't rootless, I made my own here, you can test it
https://hub.docker.com/r/ggualerz/chatwoot
it use user/group 1001