[bitnami/cloudnative-pg] feat: 🎉 Add chart (#31908)

* [bitnami/cloudnative-pg] feat: 🎉 Add chart Signed-off-by: Javier J. Salmerón García <[email protected]> * chore: ✏️ Rename workload Signed-off-by: Javier J. Salmerón García <[email protected]> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <[email protected]> * fix: 🐛 Update runtime-parameters Signed-off-by: Javier J. Salmerón García <[email protected]> * docs: 📝 Improve NOTES.txt Signed-off-by: Javier J. Salmerón García <[email protected]> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <[email protected]> * chore: 🔥 Remove ingress Signed-off-by: Javier J. Salmerón García <[email protected]> * chore: ♻️ Apply suggestions from code review Co-authored-by: Juan Ariza Toledano <[email protected]> Signed-off-by: Javier J. Salmerón García <[email protected]> * test: ✅ Update parameters Signed-off-by: Javier J. Salmerón García <[email protected]> * test: ✅ Allow insecure Signed-off-by: Javier J. Salmerón García <[email protected]> * chore: 🚨 Fix indentations Signed-off-by: Javier J. Salmerón García <[email protected]> * chore: 🔧 Allow insecure Signed-off-by: Javier J. Salmerón García <[email protected]> * chore: ♻️ Minor refactoring Signed-off-by: Javier J. Salmerón García <[email protected]> * fix: 🐛 remove $versionlabel Signed-off-by: Javier J. Salmerón García <[email protected]> * fix: 🐛 Apply suggestions from code review Signed-off-by: Javier J. Salmerón García <[email protected]> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <[email protected]> * chore: ⬆️ Bump common library Signed-off-by: Javier J. Salmerón García <[email protected]> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <[email protected]> * chore: 🔧 Update postgresql image Signed-off-by: Javier J. Salmerón García <[email protected]> --------- Signed-off-by: Javier J. Salmerón García <[email protected]> Signed-off-by: Bitnami Containers <[email protected]> Co-authored-by: Bitnami Containers <[email protected]> Co-authored-by: Juan Ariza Toledano <[email protected]>
bitnami · Feb 24, 2025 · deb16ef · deb16ef
1 parent 6af5812
commit deb16ef
Show file tree

Hide file tree

Showing 39 changed files with 19,592 additions and 0 deletions.
diff --git a/.vib/cloudnative-pg/goss/goss.yaml b/.vib/cloudnative-pg/goss/goss.yaml
@@ -0,0 +1,27 @@
+# Copyright Broadcom, Inc. All Rights Reserved.
+# SPDX-License-Identifier: APACHE-2.0
+
+http:
+  https://cnpg-webhook-service:{{ .Vars.service.ports.webhook }}/readyz:
+    status: 200
+    allow-insecure: true
+  http://cloudnative-pg-metrics:{{ .Vars.metrics.service.ports.metrics }}/metrics:
+    status: 200
+    body:
+      - /controller_runtime_reconcile_time_seconds_bucket/
+# Ports hardcoded in the operator
+addr:
+  tcp://vib-cluster-example-r:5432:
+    reachable: true
+  tcp://vib-cluster-example-rw:5432:
+    reachable: true
+  tcp://vib-cluster-example-ro:5432:
+    reachable: true
+{{- $username := (index .Vars.extraDeploy 0).stringData.username }}
+{{- $password := (index .Vars.extraDeploy 0).stringData.password }}
+command:
+  check-auth-and-cluster-status:
+    exec: PGPASSWORD={{ $password }} psql -U {{ $username }} -d postgres -h vib-cluster-example-rw -c "SELECT client_addr, state FROM pg_stat_replication;"
+    exit-status: 0
+    stdout:
+      - /2 rows/
diff --git a/.vib/cloudnative-pg/runtime-parameters.yaml b/.vib/cloudnative-pg/runtime-parameters.yaml
@@ -0,0 +1,118 @@
+extraDeploy:
+# Taken from https://cloudnative-pg.io/documentation/1.25/declarative_role_management/
+- apiVersion: v1
+  kind: Secret
+  metadata:
+    name: vib-cluster-example-user
+    labels:
+      cnpg.io/reload: "true"
+  type: kubernetes.io/basic-auth
+  stringData:
+    username: vib_user
+    password: bitnami1234
+- apiVersion: postgresql.cnpg.io/v1
+  kind: Cluster
+  metadata:
+    name: vib-cluster-example
+  spec:
+    instances: 3
+    storage:
+      size: 1Gi
+    managed:
+      roles:
+        - name: vib_user
+          ensure: present
+          comment: VIB User
+          login: true
+          superuser: true
+          passwordSecret:
+            name: vib-cluster-example-user
+# We cannot run goss tests in the actual instances because it's ReadOnlyRootFilesystem and it is not configurable
+# Instead we deploy a PostgreSQL client
+- apiVersion: apps/v1
+  kind: Deployment
+  metadata:
+    labels:
+      app: postgresql
+    name: vib-postgresql-test
+  spec:
+    replicas: 1
+    selector:
+      matchLabels:
+        app: postgresql
+    template:
+      metadata:
+        labels:
+          app: postgresql
+      spec:
+        containers:
+        - image: docker.io/bitnami/postgresql:latest
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              echo 0 > /tmp/ready
+              # Wait until the cluster is formed
+              while true; do
+                  if PGPASSWORD=$POSTGRES_PASSWORD psql -U $POSTGRES_USER -d postgres -h vib-cluster-example-rw -c "SELECT client_addr, state FROM pg_stat_replication;" | grep "2 rows"; then
+                      echo 1 > /tmp/ready
+                      echo "Connected to PostgreSQL"
+                      break
+                  else
+                      echo "Connection failed. Sleeping 10 seconds"
+                      sleep 10
+                  fi
+              done
+              sleep infinity
+          name: postgresql
+          env:
+            - name: POSTGRES_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: vib-cluster-example-user
+                  key: password
+            - name: POSTGRES_USER
+              valueFrom:
+                secretKeyRef:
+                  name: vib-cluster-example-user
+                  key: username
+          startupProbe:
+            exec:
+              command:
+                - sh
+                - -c
+                - |
+                  if [ $(cat /tmp/ready) = "1" ]; then
+                      exit 0
+                  else
+                      exit 1
+                  fi
+            initialDelaySeconds: 40
+            periodSeconds: 20
+            timeoutSeconds: 1
+            failureThreshold: 15
+            successThreshold: 1
+          securityContext:
+            runAsNonRoot: true
+            privileged: false
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop: ["ALL"]
+            seccompProfile:
+              type: "RuntimeDefault"
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /tmp
+        volumes:
+          - name: empty-dir
+            emptyDir: {}
+service:
+  ports:
+    webhook: 443
+  type: LoadBalancer
+metrics:
+  enabled: true
+  service:
+    ports:
+      metrics: 2311
diff --git a/.vib/cloudnative-pg/vib-publish.json b/.vib/cloudnative-pg/vib-publish.json
@@ -0,0 +1,47 @@
+{
+  "phases": {
+    "package": {
+      "context": {
+        "credentials": [
+          {
+            "url": "{VIB_ENV_CHARTS_REGISTRY}",
+            "authn": {
+              "username": "{VIB_ENV_CHARTS_REGISTRY_USERNAME}",
+              "password": "{VIB_ENV_CHARTS_REGISTRY_PASSWORD}"
+            }
+          }
+        ],
+        "resources": {
+          "url": "{SHA_ARCHIVE}",
+          "path": "/bitnami/cloudnative-pg"
+        }
+      },
+      "actions": [
+        {
+          "action_id": "helm-package"
+        },
+        {
+          "action_id": "helm-lint"
+        }
+      ]
+    },
+    "publish": {
+      "actions": [
+        {
+          "action_id": "helm-publish",
+          "params": {
+            "repository": {
+              "kind": "S3",
+              "url": "{VIB_ENV_S3_URL}",
+              "authn": {
+                "access_key_id": "{VIB_ENV_S3_ACCESS_KEY_ID}",
+                "secret_access_key": "{VIB_ENV_S3_SECRET_ACCESS_KEY}",
+                "role": "{VIB_ENV_S3_ROLE_ARN}"
+              }
+            }
+          }
+        }
+      ]
+    }
+  }
+}
diff --git a/.vib/cloudnative-pg/vib-verify.json b/.vib/cloudnative-pg/vib-verify.json
@@ -0,0 +1,66 @@
+{
+  "phases": {
+    "package": {
+      "context": {
+        "credentials": [
+          {
+            "url": "{VIB_ENV_CHARTS_REGISTRY}",
+            "authn": {
+              "username": "{VIB_ENV_CHARTS_REGISTRY_USERNAME}",
+              "password": "{VIB_ENV_CHARTS_REGISTRY_PASSWORD}"
+            }
+          }
+        ],
+        "resources": {
+          "url": "{SHA_ARCHIVE}",
+          "path": "/bitnami/cloudnative-pg"
+        }
+      },
+      "actions": [
+        {
+          "action_id": "helm-package"
+        },
+        {
+          "action_id": "helm-lint"
+        }
+      ]
+    },
+    "verify": {
+      "context": {
+        "resources": {
+          "url": "{SHA_ARCHIVE}",
+          "path": "/bitnami/cloudnative-pg"
+        },
+        "target_platform": {
+          "target_platform_id": "{VIB_ENV_ALTERNATIVE_TARGET_PLATFORM}",
+          "size": {
+            "name": "M4"
+          }
+        }
+      },
+      "actions": [
+        {
+          "action_id": "goss",
+          "params": {
+            "resources": {
+              "path": "/.vib"
+            },
+            "tests_file": "cloudnative-pg/goss/goss.yaml",
+            "vars_file": "cloudnative-pg/runtime-parameters.yaml",
+            "remote": {
+              "pod": {
+                "workload": "deploy-vib-postgresql-test"
+              }
+            }
+          }
+        },
+        {
+          "action_id": "kubescape",
+          "params": {
+            "threshold": {VIB_ENV_KUBESCAPE_SCORE_THRESHOLD}
+          }
+        }
+      ]
+    }
+  }
+}
diff --git a/bitnami/cloudnative-pg/.helmignore b/bitnami/cloudnative-pg/.helmignore
@@ -0,0 +1,25 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+# img folder
+img/
+# Changelog
+CHANGELOG.md
diff --git a/bitnami/cloudnative-pg/CHANGELOG.md b/bitnami/cloudnative-pg/CHANGELOG.md
@@ -0,0 +1,5 @@
+# Changelog
+
+## 0.1.0 (2025-02-24)
+
+* [bitnami/cloudnative-pg] feat: :tada: Add chart ([#31908](https://github.com/bitnami/charts/pull/31908))
diff --git a/bitnami/cloudnative-pg/Chart.lock b/bitnami/cloudnative-pg/Chart.lock
@@ -0,0 +1,6 @@
+dependencies:
+- name: common
+  repository: oci://registry-1.docker.io/bitnamicharts
+  version: 2.30.0
+digest: sha256:46afdf79eae69065904d430f03f7e5b79a148afed20aa45ee83ba88adc036169
+generated: "2025-02-20T12:53:55.537884667+01:00"
diff --git a/bitnami/cloudnative-pg/Chart.yaml b/bitnami/cloudnative-pg/Chart.yaml
@@ -0,0 +1,33 @@
+# Copyright Broadcom, Inc. All Rights Reserved.
+# SPDX-License-Identifier: APACHE-2.0
+
+annotations:
+  category: Infrastructure
+  licenses: Apache-2.0
+  images: |
+    - name: cloudnative-pg
+      image: docker.io/bitnami/cloudnative-pg:1.25.0-debian-12-r1
+    - name: postgresql
+      image: docker.io/bitnami/postgresql:17.4.0-debian-12-r2
+apiVersion: v2
+appVersion: 1.25.0
+dependencies:
+- name: common
+  repository: oci://registry-1.docker.io/bitnamicharts
+  tags:
+  - bitnami-common
+  version: 2.x.x
+description: CloudNativePG is an open-source tool for managing PostgreSQL databases on Kubernetes, from setup to ongoing upkeep
+home: https://bitnami.com
+icon: https://bitnami.com/assets/stacks/cloudnative-pg/img/cloudnative-pg-stack-220x234.png
+keywords:
+- cloudnative-pg
+- operator
+- postgresql
+maintainers:
+- name: Broadcom, Inc. All Rights Reserved.
+  url: https://github.com/bitnami/charts
+name: cloudnative-pg
+sources:
+- https://github.com/bitnami/charts/tree/main/bitnami/cloudnative-pg
+version: 0.1.0