* Mark job pods not to use Istio's envoy sidecar
Istio injects sidecars into pods to implement mTLS between pods. Jobs
usually don't know about this, so they don't signal the Envoy process
to stop when the job finishes. Since at least one process is running
in the pod, Kubernetes doesn't consider the job to be completed, so it
lingers.
By adding the `sidecar.istio.io/inject` annotation set to `"false"`,
we let Istio know that it should not inject the sidecar. If Istio is
not installed, then this has no impact.
* Support arbitrary job annotations in the Helm chart
Rather than focus on Istio, this allows arbitrary annotations for job pods.
* Add in-line documentation for pod/job annotations
* Add ability to specify an existing Secret (#18139)
Closes#18139
* Allow using secrets with external postgres
* Upgrade CronJob to batch/v1
* Allow using redis.auth.existingSecret
* Helmignore mastodon-*.tgz for easy local development
* Upgrade helm dependencies
* Upgrade postgresql to 11
* Allow putting SMTP password into a secret
* Add optional login to SMTP secret
This to allow setting LOGIN either in values.yaml or
in the secret.
* Switch to bitnami charts full archive
This prevents older versions from disappearing, see
https://github.com/bitnami/charts/issues/10539 for
full context.
Co-authored-by: Ted Tramonte <ted.tramonte@gmail.com>
- move application variables under `mastodon` namespace
- restore standard yaml structure for ingress configuration
- move values.yaml.template to values.yaml
The cronjob tries to get key from `mastodon` secret instead of
`mastodon-postgresql` - so the cronjob fails with this error:
Error: couldn't find key postgresql-password in Secret [NS]/mastodon
Another solution is to save the postgres password in mastodon secret,
but that means that the password is placed in two places.
Postgresql use <fullname>-postgresql name as secret name.
Erik Sundell