neo4j persistence

charts/neo4j/Chart.yaml

@@ -15,7 +15,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.7
+version: 0.2.1
 
 
 # This is the version number of the application being deployed. This version number should be

charts/neo4j/templates/deployment.yaml

@@ -1,5 +1,4 @@
 {{- $fullName := include "neo4j.fullname" . -}}
-{{- $volumeName := printf "%s-%s" $fullName "data" | trunc 63 | trimSuffix "-" -}}
 {{- $initContainerName := printf "%s-%s" $fullName "init-data" | trunc 63 | trimSuffix "-" -}}
 apiVersion: apps/v1
 kind: Deployment
@@ -24,8 +23,13 @@ spec:
         {{- include "neo4j.selectorLabels" . | nindent 8 }}
     spec:
       volumes:
-        - name: {{$volumeName}}
+        - name: data
+        {{- if .Values.persistence.enabled }}
+          persistentVolumeClaim:
+            claimName: {{ .Values.persistence.existingClaim | default (include "neo4j.fullname" .) }}
+        {{- else }}
           emptyDir: {}
+        {{- end }}
       {{- with .Values.imagePullSecrets }}
       imagePullSecrets:
         {{- toYaml . | nindent 8 }}
@@ -41,7 +45,7 @@ spec:
           imagePullPolicy: {{ .Values.service.image.pullPolicy }}
           env:
             - name: NEO4J_AUTH
-              value: neo4j/{{ .Values.service.password }}
+              value: neo4j/{{ .Values.security.password }}
             - name: NEO4J_dbms_connector_bolt_advertised__address
               value: {{ .Values.ingress.hostnameBolt }}:443  
           ports:
@@ -63,7 +67,7 @@ spec:
             {{- toYaml .Values.resources | nindent 12 }}
           volumeMounts:
             - mountPath: /data
-              name: {{$volumeName}}       
+              name: data      
       {{- with .Values.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}

charts/neo4j/templates/networkpolicy.yaml

@@ -2,11 +2,11 @@
 kind: NetworkPolicy
 apiVersion: networking.k8s.io/v1
 metadata:
-  name: {{ include "ubuntu.fullname" . }}
+  name: {{ include "neo4j.fullname" . }}
 spec:
   podSelector:
     matchLabels:
-      {{- include "ubuntu.selectorLabels" . | nindent 6 }}
+      {{- include "neo4j.selectorLabels" . | nindent 6 }}
   ingress:
   - from:
     - podSelector: {}

charts/neo4j/templates/pvc.yaml

@@ -0,0 +1,21 @@
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ include "neo4j.fullname" . }}
+  labels:
+    {{- include "neo4j.labels" . | nindent 4 }}
+spec:
+  accessModes:
+    - {{ .Values.persistence.accessMode | quote }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.size | quote }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+  storageClassName: ""
+{{- else }}
+  storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end }}

charts/neo4j/values.schema.json

@@ -24,17 +24,65 @@
                 }
             }
         },
-        "service": {
-            "description": "neo4j specific configuration",
+        "security": {
+            "description": "security specific configuration",
             "type": "object",
-            "properties": {
+            "properties": {  
                 "password": {
                     "type": "string",
                     "description": "Password",
                     "default": "changeme",
                     "x-form": {
                         "value": "{{user.password}}"
                     }
+                },
+                "whitelist": {
+                    "type": "object",
+                    "description": "IP protection",
+                    "properties": {
+                      "enable": {
+                        "type": "boolean",
+                        "title": "Enable IP protection",
+                        "description": "Only the configured set of IPs will be able to reach the service",
+                        "default": true
+                      },
+                      "ip": {
+                        "type": "string",
+                        "description": "the white list of IP is whitespace",
+                        "title": "Whitelist of IP",
+                        "x-form": {
+                          "value": "{{user.ip}}"
+                        }
+                      }
+                    }
+                },
+                "networkPolicy": {
+                    "type": "object",
+                    "description": "Define access policy to the service",
+                    "properties": {
+                      "enable": {
+                        "type": "boolean",
+                        "title": "Enable network policy",
+                        "description": "Only pod from the same namespace will be allowed",
+                        "default": true
+                      }
+                    }
+                }
+            }
+        },
+        "persistence": {
+            "description": "Configuration for persistence",
+            "type": "object",
+            "properties": {
+                "enabled": {
+                    "type": "boolean",
+                    "description": "Create a persistent volume",
+                    "default": true
+                },
+                "size": {
+                    "type": "string",
+                    "description": "Size of the persistent volume",
+                    "default": "10Gi"
                 }
             }
         },

charts/neo4j/values.yaml

@@ -1,7 +1,19 @@
 # Default values for neo4j.
 
+security:
+  password: password
+  networkPolicy: 
+    enable: false
+    from: 
+    - ipBlock:
+        cidr: 10.233.103.0/32
+    - ipBlock:
+        cidr: 10.233.111.0/32
+  whitelist:
+    enable: true
+    ip: "0.0.0.0/0"
+
 service:
-  password: "changeme"
   image:
     repository: "neo4j"
     pullPolicy: IfNotPresent
@@ -39,6 +51,7 @@ securityContext: {}
   # runAsNonRoot: true
   # runAsUser: 1000
 
+
 networking:
   type: ClusterIP
   neo4jUI:
@@ -57,6 +70,20 @@ ingress:
   #    hosts:
   #      - chart-example.local
 
+persistence:
+  enabled: true
+  ## database data Persistent Volume Storage Class
+  ## If defined, storageClassName: <storageClass>
+  ## If set to "-", storageClassName: "", which disables dynamic provisioning
+  ## If undefined (the default) or set to null, no storageClassName spec is
+  ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
+  ##   GKE, AWS & OpenStack)
+  ##
+  # storageClass: "-"
+  accessMode: ReadWriteOnce
+  size: 10Gi
+  # existingClaim: ""
+
 resources: {}
   # We usually recommend not to specify default resources and to leave this as a conscious
   # choice for the user. This also increases chances charts run on environments with little

charts/pgadmin/Chart.yaml

@@ -15,7 +15,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.2
+version: 0.2.3
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

charts/pgadmin/templates/configmap.yaml

@@ -1,3 +1,4 @@
+{{- if .Values.discovery.postgres -}}
 apiVersion: v1
 kind: ConfigMap
 metadata: