release gel chart

Author: Lur1an

charts/edgedb/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+name: gel
+description: A Helm chart for self hosting Gel
+type: application
+version: 0.1.0
+appVersion: "6.2"

charts/edgedb/templates/password.yaml

@@ -1,12 +1,12 @@
-# EdgeDB Helm Chart
+# Gel Helm Chart
 
-This Helm chart deploys EdgeDB on Kubernetes with support for both local storage and PostgreSQL backends.
+This Helm chart deploys [Gel](https://www.geldata.com/) on Kubernetes with support for both local storage and PostgreSQL backends.
 
 ## Installation
 
 ```bash
 helm repo add luk8s https://lur1an.github.io/luk8s
-helm install edgedb luk8s/edgedb
+helm install gel luk8s/gel
 ```
 
 ## Configuration
@@ -74,17 +74,17 @@ security:
 ```
 The schema for the `cert` field is the same as the [cert-manager Certificate](https://cert-manager.io/docs/usage/certificate/) with the omission of `secretName` and `secretTemplate` which are then filled in by the chart.
 ### Additional configuration
-You can provide additional [environment variables](https://docs.edgedb.com/database/reference/environment) to the EdgeDB container to modify your deployment:
+You can provide additional [environment variables](https://docs.geldata.com/database/reference/environment) to the Gel container to modify your deployment:
 ```yaml
 env:
 # enables the admin UI
-- name: EDGEDB_SERVER_ADMIN_UI
+- name: GEL_SERVER_ADMIN_UI
   value: enabled
 # allow non TLS connections for HTTP clients, useful if all your TLS is over your reverse proxy or cloud LB
-- name: EDGEDB_SERVER_ALLOW_INSECURE_HTTP_CLIENTS
+- name: GEL_SERVER_ALLOW_INSECURE_HTTP_CLIENTS
   value: "1"
 ```
-> **_Note_**: Some environment variables are set automatically by the chart, such as `EDGEDB_SERVER_TLS_*`, `EDGEDB_SERVER_PASSWORD` and `EDGEDB_PORT`.
+> **_Note_**: Some environment variables are set automatically by the chart, such as `GEL_SERVER_TLS_*`, `GEL_SERVER_PASSWORD` and `GEL_PORT`.
 
 ## Examples
 ### High-availability setup with [CloudnativePG](https://cloudnative-pg.io/):
@@ -93,15 +93,15 @@ Set up a Postgres cluster with CloudnativePG:
 apiVersion: postgresql.cnpg.io/v1
 kind: Cluster
 metadata:
-  name: edgedb-postgres
+  name: gel-postgres
 spec:
   instances: 2
   storage:
     size: 30Gi
     storageClass: local-path
   managed:
     roles:
-    - name: edgedb
+    - name: gel
       superuser: true
       createdb: true
       createrole: true
@@ -110,35 +110,35 @@ spec:
       - postgres
   bootstrap:
     initdb:
-      owner: edgedb
-      database: edgedb
+      owner: gel
+      database: gel
 ```
-It seems EdgeDB needs to run on a user that has all privileges, that's why we give it the postgres role.
+It seems Gel needs to run on a user that has all privileges, that's why we give it the postgres role.
 ```yaml
-replicas: 2 # Multiple instances of EdgeDB seem to be working fine
+replicas: 2 # Multiple instances of Gel seem to be working fine
 storage:
   enabled: false
 postgres:
   enabled: true
   dsn:
     valueFrom:
       secretKeyRef:
-        name: edgedb-postgres-app
+        name: gel-postgres-app
         key: uri
 ```
 To connect to the database from your application set up your environment variables:
 ```yaml
 env:
-- name: EDGEDB_PASSWORD
+- name: GEL_PASSWORD
   valueFrom:
     secretKeyRef:
-      name: edgedb-server-password
+      name: gel-server-password
       key: password
-- name: EDGEDB_DSN
-  value: edgedb://edgedb:${EDGEDB_PASSWORD}@edgedb:5656/main
-- name: EDGEDB_CLIENT_TLS_SECURITY
+- name: GEL_DSN
+  value: gel://gel:${GEL_PASSWORD}@gel:5656/main
+- name: GEL_CLIENT_TLS_SECURITY
   value: insecure
-- name: EDGEDB_CLIENT_SECURITY
+- name: GEL_CLIENT_SECURITY
   value: insecure_dev_mode
 ```
-> **_Note_**: The `EDGEDB_CLIENT_TLS_SECURITY` and `EDGEDB_CLIENT_SECURITY` environment variables are required to connect to the database if you don't use a trusted source for your tls certificates. EdgeDB creates and signs its own TLS certificates if none are provided.
+> **_Note_**: The `GEL_CLIENT_TLS_SECURITY` and `GEL_CLIENT_SECURITY` environment variables are required to connect to the database if you don't use a trusted source for your tls certificates. Gel creates and signs its own TLS certificates if none are provided.

charts/edgedb/.helmignore charts/gel/.helmignorecharts/edgedb/.helmignore renamed to charts/gel/.helmignore

@@ -1,7 +1,7 @@
 {{/*
 Expand the name of the chart.
 */}}
-{{- define "edgedb.name" -}}
+{{- define "gel.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
 {{- end }}
 
@@ -10,7 +10,7 @@ Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 If release name contains chart name it will be used as a full name.
 */}}
-{{- define "edgedb.fullname" -}}
+{{- define "gel.fullname" -}}
 {{- if .Values.fullnameOverride }}
 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
 {{- else }}
@@ -26,16 +26,16 @@ If release name contains chart name it will be used as a full name.
 {{/*
 Create chart name and version as used by the chart label.
 */}}
-{{- define "edgedb.chart" -}}
+{{- define "gel.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
 {{- end }}
 
 {{/*
 Common labels
 */}}
-{{- define "edgedb.labels" -}}
-helm.sh/chart: {{ include "edgedb.chart" . }}
-{{ include "edgedb.selectorLabels" . }}
+{{- define "gel.labels" -}}
+helm.sh/chart: {{ include "gel.chart" . }}
+{{ include "gel.selectorLabels" . }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
@@ -45,30 +45,30 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{/*
 Selector labels
 */}}
-{{- define "edgedb.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "edgedb.name" . }}
+{{- define "gel.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "gel.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
 
 
 {{/*
 Generate or lookup password
 */}}
-{{- define "edgedb.password" -}}
-{{- $secret := lookup "v1" "Secret" .Release.Namespace (printf "%s-server-password" (include "edgedb.fullname" .)) }}
+{{- define "gel.password" -}}
+{{- $secret := lookup "v1" "Secret" .Release.Namespace (printf "%s-server-password" (include "gel.fullname" .)) }}
 {{- if $secret }}
 {{- $secret.data.password | b64dec }}
 {{- else }}
 {{- randAlphaNum 32 }}
 {{- end }}
 {{- end }}
 
-{{- define "edgedb.tlsSecretName"}}
+{{- define "gel.tlsSecretName"}}
 {{- if .Values.security.tls.enabled }}
   {{- if .Values.security.tls.secret }}
   {{- .Values.security.tls.secret }}
   {{- else if .Values.security.tls.cert }}
-  {{- include "edgedb.fullname" . }}-tls
+  {{- include "gel.fullname" . }}-tls
   {{- else }}
   {{- fail "You must provide either a secret or cert for TLS configuration" }}
   {{- end }}

charts/gel/Chart.yaml

@@ -7,14 +7,14 @@
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
-  name: {{ include "edgedb.fullname" . }}-cert
+  name: {{ include "gel.fullname" . }}-cert
   labels:
-    {{- include "edgedb.labels" . | nindent 4 }}
+    {{- include "gel.labels" . | nindent 4 }}
 spec:
-  secretName: {{ include "edgedb.tlsSecretName" . }}
+  secretName: {{ include "gel.tlsSecretName" . }}
   secretTemplate:
     labels:
-      {{- include "edgedb.labels" . | nindent 6 }}
+      {{- include "gel.labels" . | nindent 6 }}
   {{ toYaml .Values.security.tls.cert | nindent 2 }}
 {{- end }}
 

charts/edgedb/README.md charts/gel/README.mdcharts/edgedb/README.md renamed to charts/gel/README.md

@@ -1,22 +1,22 @@
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
-  name: {{ include "edgedb.fullname" . }}
+  name: {{ include "gel.fullname" . }}
   labels:
-    {{- include "edgedb.labels" . | nindent 4 }}
+    {{- include "gel.labels" . | nindent 4 }}
 spec:
   replicas: {{ .Values.replicas }}
   selector:
     matchLabels:
-      {{- include "edgedb.selectorLabels" . | nindent 6 }}
+      {{- include "gel.selectorLabels" . | nindent 6 }}
   template:
     metadata:
       {{- with .Values.podAnnotations }}
       annotations:
         {{- toYaml . | nindent 8 }}
       {{- end }}
       labels:
-        {{- include "edgedb.labels" . | nindent 8 }}
+        {{- include "gel.labels" . | nindent 8 }}
         {{- with .Values.podLabels }}
         {{- toYaml . | nindent 8 }}
         {{- end }}
@@ -32,7 +32,7 @@ spec:
       - name: wait-for-postgres
         image: postgres:16-alpine  # Using postgres image for pg_isready tool
         env:
-        - name: EDGEDB_SERVER_BACKEND_DSN
+        - name: GEL_SERVER_BACKEND_DSN
           {{- if kindIs "string" .Values.postgres.dsn }}
           value: {{ .Values.postgres.dsn }}
           {{- else }}
@@ -41,7 +41,7 @@ spec:
         command: ['sh', '-c']
         args:
           - |
-            until pg_isready -d "$EDGEDB_SERVER_BACKEND_DSN"; do
+            until pg_isready -d "$GEL_SERVER_BACKEND_DSN"; do
               echo "Waiting for postgres..."
               sleep 2
             done
@@ -70,36 +70,36 @@ spec:
         {{- if not .Values.postgres.dsn }}
         {{- fail "You must provide a postgres dsn value if postgres is enabled" }}
         {{- end }}
-        - name: EDGEDB_SERVER_BACKEND_DSN
+        - name: GEL_SERVER_BACKEND_DSN
           {{- if kindIs "string" .Values.postgres.dsn }}
           value: {{ .Values.postgres.dsn }}
           {{- else }}
           {{ toYaml .Values.postgres.dsn | nindent 10 }}
           {{- end }}
         {{- end }}
         {{- if .Values.security.tls.enabled }}
-        - name: EDGEDB_SERVER_TLS_CERT_FILE
-          value: /etc/edgedb/tls/tls.crt
-        - name: EDGEDB_SERVER_TLS_KEY_FILE
-          value: /etc/edgedb/tls/tls.key
+        - name: GEL_SERVER_TLS_CERT_FILE
+          value: /etc/gel/tls/tls.crt
+        - name: GEL_SERVER_TLS_KEY_FILE
+          value: /etc/gel/tls/tls.key
         {{- else }}
-        - name: EDGEDB_SERVER_TLS_CERT_MODE
+        - name: GEL_SERVER_TLS_CERT_MODE
           value: generate_self_signed
         {{- end }}
-        - name: EDGEDB_SERVER_PASSWORD
+        - name: GEL_SERVER_PASSWORD
           valueFrom:
             secretKeyRef:
               {{- if .Values.security.password }}
               name: {{ .Values.security.password.secret }}
               key: {{ .Values.security.password.key }}
               {{- else }}
-              name: {{ include "edgedb.fullname" . }}-server-password
+              name: {{ include "gel.fullname" . }}-server-password
               key: password
               {{- end }}
         {{- with .Values.env }}
         {{- toYaml . | nindent 8 }}
         {{- end }}
-        - name: EDGEDB_PORT
+        - name: GEL_PORT
           value: "5656"
         volumeMounts:
           {{- if .Values.storage.enabled }}
@@ -110,11 +110,11 @@ spec:
           {{- fail "You cannot use storage with more than one replica, use postgres instead" }}
           {{- end }}
           - name: data
-            mountPath: /var/lib/edgedb/data
+            mountPath: /var/lib/gel/data
           {{- end }}
           {{- if .Values.security.tls.enabled }}
           - name: tls-cert
-            mountPath: /etc/edgedb/tls
+            mountPath: /etc/gel/tls
             readOnly: true
           {{- end }}
           {{- with .Values.volumeMounts }}
@@ -124,12 +124,12 @@ spec:
       {{- if .Values.storage.enabled }}
       - name: data
         persistentVolumeClaim:
-          claimName: {{ include "edgedb.fullname" . }}-data
+          claimName: {{ include "gel.fullname" . }}-data
       {{- end }}
       {{- if .Values.security.tls.enabled }}
       - name: tls-cert
         secret:
-          secretName: {{ include "edgedb.tlsSecretName" . }}
+          secretName: {{ include "gel.tlsSecretName" . }}
       {{- end }}
       {{- with .Values.volumes }}
       {{- toYaml . | nindent 8 }}

charts/edgedb/templates/_helpers.tpl charts/gel/templates/_helpers.tplcharts/edgedb/templates/_helpers.tpl renamed to charts/gel/templates/_helpers.tpl

@@ -0,0 +1,12 @@
+{{- if not .Values.security.password }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "gel.fullname" . }}-server-password
+  labels:
+    {{- include "gel.labels" . | nindent 4 }}
+type: Opaque
+data:
+  password: {{ $password := include "gel.password" . }}{{ $password | b64enc | quote }}
+  gelBackendDsn: {{ printf "gel://gel:%s@%s.%s.svc.cluster.local:5656" $password (include "gel.fullname" .) .Release.Namespace | b64enc | quote }}
+{{- end }}

charts/edgedb/templates/cert.yaml charts/gel/templates/cert.yamlcharts/edgedb/templates/cert.yaml renamed to charts/gel/templates/cert.yaml

@@ -5,9 +5,9 @@
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
-  name: {{ include "edgedb.fullname" . }}-data
+  name: {{ include "gel.fullname" . }}-data
   labels:
-    {{- include "edgedb.labels" . | nindent 4 }}
+    {{- include "gel.labels" . | nindent 4 }}
 spec:
   accessModes:
     - ReadWriteOnce