marklogic
diff --git a/‎README.md
Lines changed: 7 additions & 4 deletions b/‎README.md
Lines changed: 7 additions & 4 deletions
diff --git a/‎charts/Chart.yaml
Lines changed: 2 additions & 2 deletions b/‎charts/Chart.yaml
Lines changed: 2 additions & 2 deletions
diff --git a/‎charts/templates/NOTES.txt
Lines changed: 1 addition & 2 deletions b/‎charts/templates/NOTES.txt
Lines changed: 1 addition & 2 deletions
diff --git a/‎charts/templates/_helpers.tpl
Lines changed: 95 additions & 7 deletions b/‎charts/templates/_helpers.tpl
Lines changed: 95 additions & 7 deletions
diff --git a/‎charts/templates/configmap-haproxy.yaml
Lines changed: 5 additions & 4 deletions b/‎charts/templates/configmap-haproxy.yaml
Lines changed: 5 additions & 4 deletions
diff --git a/‎charts/templates/configmap-scripts.yaml
Lines changed: 1 addition & 1 deletion b/‎charts/templates/configmap-scripts.yaml
Lines changed: 1 addition & 1 deletion
diff --git a/‎charts/templates/service.yaml
Lines changed: 1 addition & 1 deletion b/‎charts/templates/service.yaml
Lines changed: 1 addition & 1 deletion
@@ -107,11 +107,13 @@ Following table lists all the parameters supported by the latest MarkLogic Helm
 | `updateStrategy.type`                               | Update strategy for MarkLogic pods                                                                                                                                                     | `OnDelete`                 |
 | `terminationGracePeriod`                            | Seconds the MarkLogic Pod terminate gracefully                                                                                                                                         | `120`                      |
 | `clusterDomain`                                     | Domain for the Kubernetes cluster                                                                                                                                                      | `cluster.local`            |
+| `allowLongHostnames`                                | Allow deployment with hostname over 64 characters                                                    | `false` |
+| `useLegacyHostnames`                                | Use the lagecy hostnames that is used before 1.1.0 version.                                          | `false` |
 | `group.name`                                        | Group name for joining MarkLogic cluster                                                                                                                                               | `Default`                  |
 | `group.enableXdqpSsl`                               | SSL encryption for XDQP                                                                                                                                                                | `true`                     |
 | `bootstrapHostName`                                 | Host name of MarkLogic bootstrap host (to join a cluster)                                                                                                                              | `""`                       |
 | `image.repository`                                  | Repository for MarkLogic image                                                                                                                                                         | `marklogicdb/marklogic-db` |
-| `image.tag`                                         | Image tag for MarkLogic image                                                                                                                                                          | `11.1.0-centos-1.1.2`      |
+| `image.tag`                                         | Image tag for MarkLogic image                                                                                                                                                          | `11.2.0-centos-1.1.2`      |
 | `image.pullPolicy`                                  | Image pull policy for MarkLogic image                                                                                                                                                  | `IfNotPresent`             |
 | `initContainers.configureGroup.image`               | Image for configureGroup InitContainer                                                                                                                                                 | `curlimages/curl:8.6.0`    |
 | `initContainers.configureGroup.pullPolicy`          | Pull policy for configureGroup InitContainer                                                                                                                                           | `IfNotPresent`             |
@@ -226,7 +228,8 @@ Following table lists all the parameters supported by the latest MarkLogic Helm
 2. The MarkLogic Docker image must be run in privileged mode. At the moment if the image isn't run as privileged many calls that use sudo during the startup script will fail due to lack of required permissions as the image will not be able to create a user with the required permissions.
 3. The latest released version of CentOS 7 has known security vulnerabilities with respect to glib2 CVE-2016-3191, CVE-2015-8385, CVE-2015-8387, CVE-2015-8390, CVE-2015-8394, CVE-2016-3191, glibc CVE-2019-1010022, pcre CVE-2015-8380, CVE-2015-8387, CVE-2015-8390, CVE-2015-8393, CVE-2015-8394, SQLite CVE-2019-5827. These libraries are included in the CentOS base image but, to-date, no fixes have been made available. Even though these libraries may be present in the base image that is used by MarkLogic Server, they are not used by MarkLogic Server itself, hence there is no impact or mitigation required.
 4. The latest released version of fluent/fluent-bit:2.2.2 has known security vulnerabilities with respect to libcom-err2 CVE-2022-1304, libgcrypt20 CVE-2021-33560, libgnutls30 CVE-2024-0567, libldap-2.4-2 CVE-2023-2953, libzstd1 CVE-2022-4899, zlib1g CVE-2023-45853. These libraries are included in the Debian base image but, to-date, no fixes have been made available. For libpq5 CVE-2024-0985, we wait for a future upgrade of the fluent-bit image to include the fix. We will provide updates and mitigation strategies as soon as more information becomes available.
-5. The latest released version of redhat/ubi9:9.3 has known security vulnerabilities with respect to setuptools GHSA-r9hx-vwmv-q579, we wait for a future upgrade of the redhad ubi image to include the fix.
+5. The latest released version of redhat/ubi9:9.3 has known security vulnerabilities with respect to setuptools GHSA-r9hx-vwmv-q579. We wait for a future upgrade of the redhad ubi image to include the fix.
 6. The security context “allowPrivilegeEscalation” is set to TRUE by default in values.yaml file and cannot be changed to run the current MarkLogic container. Work is in progress to run MarkLogic container in "rootless" mode.
-7. The Readiness and Startup Probe are not compatible with HA deployment. At the moment these probes may fail in the case of Security database failover. As of the 1.0.2 helm chart release, the startup and readiness probes are disabled by default.
-8. Path based routing and Ingress features are only supported with MarkLogic 11.1 and higher.
+7. Known Issues and Limitations for the MarkLogic Server Docker image can be viewed using the link: https://github.com/marklogic/marklogic-docker?tab=readme-ov-file#Known-Issues-and-Limitations
+8. The Readiness and Startup Probe are not compatible with HA deployment. At the moment these probes may fail in the case of Security database failover. As of the 1.0.2 helm chart release, the startup and readiness probes are disabled by default.
+9. Path based routing and Ingress features are only supported with MarkLogic 11.1 and higher.
@@ -8,7 +8,7 @@ dependencies:
     version: "1.18.0"
 name: marklogic
 description: MarkLogic Server is a multi-model database that has both NoSQL and trusted enterprise data management capabilities.
-appVersion: "11.1.0"
+appVersion: "11.2.0"
 type: application
 keywords:
   - marklogic
@@ -17,4 +17,4 @@ keywords:
 sources:
   - https://github.com/marklogic/marklogic-kubernetes
   - https://www.marklogic.com/
-version: 1.1.0
+version: 1.1.2
@@ -36,8 +36,7 @@ WARNING
 FQDN is {{ include "marklogic.fqdn" . }}
 {{- if gt (len (include "marklogic.fqdn" .)) 64 }}
 WARNING:    The hostname is greater than 64 characters
-            There may be issues with certificates
-            The certificates may shorten the name or use SANs for hostnames in the certificates
+            There may be issues with certificates in MarkLogic App Server
 {{- end }}
 
 Group {{ .Values.group.name }} is created on the MarkLogic cluster.
 
@@ -5,16 +5,84 @@ Expand the name of the chart.
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
 {{- end }}
 
+{{/* 
+newFullname is the name used after 1.1.x release, in an effort to make the release name shorter.
+*/}}
+{{- define "marklogic.newFullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+
+
+{{/* 
+oldFullname is the name used before 1.1.x release
+*/}}
+{{- define "marklogic.oldFullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{- define "marklogic.shouldUseNewName" -}}
+{{- if .Release.IsInstall -}}
+{{- true }}
+{{- else }}
+{{- if eq .Values.useLegacyHostnames true -}}
+{{- false }}
+{{- else }}
+{{- true }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{- define "marklogic.checkUpgradeError" -}}
+{{- if and .Release.IsUpgrade (ne .Values.useLegacyHostnames true) -}}
+{{- $stsName := trim (include "marklogic.oldFullname" .) -}}
+{{- if .Values.fullnameOverride  -}}
+{{- $stsName := trim .Values.fullnameOverride -}}
+{{- end }}
+{{- $sts := lookup "apps/v1" "StatefulSet" .Release.Namespace $stsName }}
+{{- if $sts }}
+{{- $labels := $sts.metadata.labels }}
+{{- $chartVersionFull := get $labels "helm.sh/chart" }}
+{{- if $chartVersionFull }}
+{{- $chartVersionWithDot := trimPrefix "marklogic-" $chartVersionFull }}
+{{- $chartVersionString := $chartVersionWithDot | replace "." "" }}
+{{- $chartVersionDigit := int $chartVersionString }}
+{{- if lt $chartVersionDigit 110 -}}
+{{- $errorMessage := printf "A new algorithm for generating hostnames was introduced in version 1.1.0. When upgrading from version %s to version %s, the \"useLegacyHostnames\" setting must be set to true to prevent the StatefulSet from being recreated. Please add the following to the values file and attempt the upgrade again: \n\nuseLegacyHostnames: true\n" $chartVersionWithDot .Chart.Version }}
+{{- fail $errorMessage }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+{{- end }}
+{{- end }}
+
 {{/*
 Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-The release name will be used as full name
+To surrport the upgrade from 1.0.x to 1.1.x, we keep the old name when doing upgrade from 1.0.x.
+For the new install, we use the new name, which is the release name.
 */}}
 {{- define "marklogic.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- if eq (include "marklogic.shouldUseNewName" .) "true" -}}
+{{- include "marklogic.newFullname" . }}
 {{- else }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- include "marklogic.oldFullname" . }}
 {{- end }}
 {{- end }}
 
@@ -29,7 +97,27 @@ Create chart name and version as used by the chart label.
 Create headless service name for statefulset
 */}}
 {{- define "marklogic.headlessServiceName" -}}
-{{- include "marklogic.fullname" . }}
+{{- if eq (include "marklogic.shouldUseNewName" .) "true" -}}
+{{- include "marklogic.newFullname" . }}
+{{- else }}
+{{- printf "%s-headless" (include "marklogic.oldFullname" .) }}
+{{- end }}
+{{- end }}
+{{/*
+{{- end}}
+
+
+{{/*
+Create cluster service name for statefulset
+*/}}
+{{- define "marklogic.clusterServiceName" -}}
+{{- if eq (include "marklogic.shouldUseNewName" .) "true" -}}
+{{- include "marklogic.newFullname" . }}-cluster
+{{- else }}
+{{- include "marklogic.oldFullname" . }}
+{{- end }}
+{{- end }}
+{{/*
 {{- end}}
 
 
@@ -102,8 +190,8 @@ Validate values file
 */}}
 {{- define "marklogic.checkInputError" -}}
 {{- $fqdn := include "marklogic.fqdn" . }}
-{{- if gt (len $fqdn) 64}}
-{{- $errorMessage := printf "%s%s%s" "The FQDN: " $fqdn " is longer than 64. Please use a shorter release name and try again."  }}
+{{- if and (gt (len $fqdn) 64) (not .Values.allowLongHostnames) }}
+{{- $errorMessage := printf "%s%s%s" "The FQDN: " $fqdn " is longer than 64. Please use a shorter release name and try again. MarkLogic App Server does not support turning on SSL with FQDN over 64 characters. If you still want to install with an FQDN longer than 64 characters, you can override this restriction by setting allowLongHostnames: true in your Helm values file." }}
 {{- fail $errorMessage }}
 {{- end }}
 {{- end }}
 
@@ -1,6 +1,7 @@
 {{- if .Values.haproxy.enabled }}
 {{- $replicas := int .Values.replicaCount }}
 {{- $releaseName := include "marklogic.fullname" . }}
+{{- $headlessServiceName := include "marklogic.headlessServiceName" . }}
 {{- $namespace := .Release.Namespace }}
 {{- $clusterDomain := .Values.clusterDomain }}
 {{- $haproxyTlsEnabled := .Values.haproxy.tls.enabled }}
@@ -76,12 +77,12 @@ data:
     {{- if .Values.haproxy.tcpports.enabled }}
       {{- range $_, $v := .Values.haproxy.tcpports.ports }}
       {{ $portNumber := printf "%v" (default $v.port $v.targetPort) }}
-      listen odbc
+      listen marklogic-TCP-{{$portNumber}}
         bind :{{ $portNumber }}
         mode tcp
         balance leastconn
         {{- range $i := until $replicas }}
-        server {{ printf "ml-%s-%s-%v" $releaseName $portNumber $i }} {{ $releaseName }}-{{ $i }}.{{ $releaseName }}.{{ $namespace }}.svc.{{ $clusterDomain }}:{{ $portNumber }} check resolvers dns init-addr none
+        server {{ printf "ml-%s-%s-%v" $releaseName $portNumber $i }} {{ $releaseName }}-{{ $i }}.{{ $headlessServiceName }}.{{ $namespace }}.svc.{{ $clusterDomain }}:{{ $portNumber }} check resolvers dns init-addr none
         {{- end }}
       {{- end }}
     {{- end }}
@@ -308,9 +309,9 @@ data:
       default-server check
       {{- range $i := until $replicas }}
       {{- if $appServerTlsEnabled }}
-      server {{ printf "%s-%s-%v" $releaseName $portNumber $i }} {{ $releaseName }}-{{ $i }}.{{ $releaseName }}.{{ $namespace }}.svc.{{ $clusterDomain }}:{{ $portNumber }} resolvers dns init-addr none cookie {{ $releaseName }}-{{ $portNumber }}-{{ $i }} ssl verify none
+      server {{ printf "ml-%s-%s-%v" $releaseName $portNumber $i }} {{ $releaseName }}-{{ $i }}.{{ $headlessServiceName }}.{{ $namespace }}.svc.{{ $clusterDomain }}:{{ $portNumber }} resolvers dns init-addr none cookie {{ $releaseName }}-{{ $portNumber }}-{{ $i }} ssl verify none
       {{- else }}
-      server {{ printf "%s-%s-%v" $releaseName $portNumber $i }} {{ $releaseName }}-{{ $i }}.{{ $releaseName }}.{{ $namespace }}.svc.{{ $clusterDomain }}:{{ $portNumber }} resolvers dns init-addr none cookie {{ $releaseName }}-{{ $portNumber }}-{{ $i }}
+      server {{ printf "ml-%s-%s-%v" $releaseName $portNumber $i }} {{ $releaseName }}-{{ $i }}.{{ $headlessServiceName }}.{{ $namespace }}.svc.{{ $clusterDomain }}:{{ $portNumber }} resolvers dns init-addr none cookie {{ $releaseName }}-{{ $portNumber }}-{{ $i }}
       {{- end }}
       {{- end }}
     {{- end }}
 
@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: {{ .Release.Name }}-scripts
+  name: {{ include "marklogic.fullname" . }}-scripts
 data:
   liveness-probe.sh: |
     #!/bin/bash
 
@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ include "marklogic.fullname" . }}-cluster
+  name: {{ include "marklogic.clusterServiceName" . }}
   namespace: {{ .Values.namespace}}
   labels:
     {{- include "marklogic.labels" . | nindent 4 }}