Skip to content

Commit 7868a72

Browse files
Franck-SorelFranck-Sorel
committed
feat: simplify values.yaml by removing unnecessary comments and restructuring backup configurations
1 parent f1b0bed commit 7868a72

File tree

1 file changed

+38
-99
lines changed

1 file changed

+38
-99
lines changed

charts/cnpg-pgdump-backup/values.yaml

Lines changed: 38 additions & 99 deletions
Original file line numberDiff line numberDiff line change
@@ -1,71 +1,52 @@
1-
## @section App Template Chart Values
21
app-template:
3-
## @section Global Configuration
4-
global:
5-
# -- Full name override
6-
fullnameOverride: ""
7-
# -- Name override
8-
nameOverride: ""
9-
# -- Global labels applied to all resources
10-
labels: {}
11-
# app.kubernetes.io/part-of: cnpg-pgdump-backup
12-
# -- Global annotations applied to all resources
13-
annotations: {}
14-
# description: "PostgreSQL backup and restore for CloudNativePG"
15-
16-
## @section CNPG Cluster Configuration
172
cnpg:
18-
# -- Secret name containing CNPG connection details (must contain: host, port, username, password, dbname)
19-
secretName: "litellm-pg-app"
3+
secretName: litellm-pg-app
204

21-
## @section S3 Storage Configuration
225
s3:
23-
# -- REQUIRED: Secret name containing S3 credentials (created by Terraform with S3_* keys)
24-
secretName: "open-web-ui-s3"
6+
secretName: open-web-ui-s3
257

26-
## @section Restore Configuration
278
restore:
28-
# -- Enable restore Job (also set restore.object)
299
enabled: false
30-
# -- S3 object key to restore (empty = manual trigger required via --set)
3110
object: ""
3211

33-
## @section Backup Controller (CronJob)
12+
defaultPodOptions:
13+
securityContext:
14+
runAsNonRoot: true
15+
runAsUser: 999
16+
runAsGroup: 999
17+
fsGroup: 999
18+
terminationGracePeriodSeconds: 30
19+
3420
controllers:
3521
backup:
36-
# -- Enable scheduled backup CronJob
37-
enabled: true
38-
# -- Controller type
3922
type: cronjob
40-
# -- CronJob specific settings
23+
pod:
24+
restartPolicy: OnFailure
4125
cronjob:
42-
# -- CronJob schedule (default: daily at 1:35 PM)
4326
schedule: "35 13 * * *"
44-
# -- Concurrency policy (Forbid, Replace, Allow)
4527
concurrencyPolicy: Forbid
46-
# -- Number of successful jobs to keep
4728
successfulJobsHistory: 3
48-
# -- Number of failed jobs to keep
4929
failedJobsHistory: 3
50-
# -- Starting deadline seconds
5130
startingDeadlineSeconds: 30
52-
pod:
53-
# -- Pod security context
54-
securityContext:
55-
runAsNonRoot: true
56-
runAsUser: 999
57-
runAsGroup: 999
58-
fsGroup: 999
59-
# -- Restart policy
60-
restartPolicy: OnFailure
61-
# -- Termination grace period seconds
62-
terminationGracePeriodSeconds: 30
6331
containers:
6432
backup:
6533
image:
6634
repository: ghcr.io/itbm/postgresql-backup-s3
6735
tag: latest
6836
pullPolicy: IfNotPresent
37+
securityContext:
38+
allowPrivilegeEscalation: false
39+
readOnlyRootFilesystem: true
40+
capabilities:
41+
drop:
42+
- ALL
43+
resources:
44+
requests:
45+
cpu: 100m
46+
memory: 256Mi
47+
limits:
48+
cpu: 500m
49+
memory: 512Mi
6950
env:
7051
- name: POSTGRES_HOST
7152
valueFrom:
@@ -107,66 +88,44 @@ app-template:
10788
secretKeyRef:
10889
name: "{{ .Values.s3.secretName }}"
10990
key: S3_SECRET_ACCESS_KEY
110-
# - name: AWS_SESSION_TOKEN
111-
# valueFrom:
112-
# secretKeyRef:
113-
# name: "{{ .Values.s3.secretName }}"
114-
# key: AWS_SESSION_TOKEN
11591
- name: S3_REGION
11692
valueFrom:
11793
secretKeyRef:
11894
name: "{{ .Values.s3.secretName }}"
11995
key: S3_REGION_NAME
120-
# -- Container security context
121-
securityContext:
122-
allowPrivilegeEscalation: false
123-
readOnlyRootFilesystem: true
124-
capabilities:
125-
drop:
126-
- ALL
127-
# -- Resources
128-
resources:
129-
requests:
130-
cpu: "100m"
131-
memory: "256Mi"
132-
limits:
133-
cpu: "500m"
134-
memory: "512Mi"
13596

136-
## @section Restore Controller (Job)
13797
restore:
138-
# -- Enable restore Job (also set restore.object)
13998
enabled: false
140-
# -- Controller type
14199
type: job
142-
# -- Job annotations
143100
annotations:
144101
helm.sh/hook: post-install
145102
helm.sh/hook-delete-policy: hook-succeeded,before-hook-creation
146103
job:
147-
# -- TTL seconds after job finishes
148104
ttlSecondsAfterFinished: 300
149-
# -- Backoff limit for job retries
150105
backoffLimit: 4
151106
pod:
152-
# -- Pod security context
153-
securityContext:
154-
runAsNonRoot: true
155-
runAsUser: 999
156-
runAsGroup: 999
157-
fsGroup: 999
158-
# -- Restart policy
159107
restartPolicy: Never
160-
# -- Termination grace period seconds
161-
terminationGracePeriodSeconds: 30
162108
containers:
163109
restore:
164110
image:
165111
repository: ghcr.io/itbm/postgresql-backup-s3
166112
tag: latest
167113
pullPolicy: IfNotPresent
114+
securityContext:
115+
allowPrivilegeEscalation: false
116+
readOnlyRootFilesystem: true
117+
capabilities:
118+
drop:
119+
- ALL
168120
command:
169121
- /restore.sh
122+
resources:
123+
requests:
124+
cpu: 100m
125+
memory: 256Mi
126+
limits:
127+
cpu: 500m
128+
memory: 1Gi
170129
env:
171130
- name: POSTGRES_HOST
172131
valueFrom:
@@ -208,30 +167,10 @@ app-template:
208167
secretKeyRef:
209168
name: "{{ .Values.s3.secretName }}"
210169
key: S3_SECRET_ACCESS_KEY
211-
# - name: AWS_SESSION_TOKEN
212-
# valueFrom:
213-
# secretKeyRef:
214-
# name: "{{ .Values.s3.secretName }}"
215-
# key: AWS_SESSION_TOKEN
216170
- name: S3_REGION
217171
valueFrom:
218172
secretKeyRef:
219173
name: "{{ .Values.s3.secretName }}"
220174
key: S3_REGION_NAME
221175
- name: BACKUP_FILE
222176
value: "{{ .Values.restore.object }}"
223-
# -- Container security context
224-
securityContext:
225-
allowPrivilegeEscalation: false
226-
readOnlyRootFilesystem: true
227-
capabilities:
228-
drop:
229-
- ALL
230-
# -- Resources
231-
resources:
232-
requests:
233-
cpu: "100m"
234-
memory: "256Mi"
235-
limits:
236-
cpu: "500m"
237-
memory: "1Gi"

0 commit comments

Comments
 (0)