add precommit hooks

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

.github/renovate-update-notification/Dockerfile

@@ -1,2 +1,2 @@
 # This file is processed by Renovate bot so that it creates a PR on new major Renovate versions
-FROM renovate/renovate:38
+FROM renovate/renovate:39

.github/renovate.json

@@ -6,14 +6,11 @@
         ":rebaseStalePrs"
     ],
     "timezone": "US/Central",
-    "schedule": [
-        "every weekday"
-    ],
     "labels": [],
     "packageRules": [
         {
             "description": "Disables for non major Renovate version",
-            "matchPaths": [
+            "matchFileNames": [
                 ".github/renovate-update-notification/Dockerfile"
             ],
             "matchUpdateTypes": [
@@ -27,7 +24,7 @@
         },
         {
             "description": "Generate for major Renovate version",
-            "matchPaths": [
+            "matchFileNames": [
                 ".github/renovate-update-notification/Dockerfile"
             ],
             "matchUpdateTypes": [

.github/workflows/lint-test.yaml

@@ -14,11 +14,11 @@ jobs:
       - name: Set up Helm
         uses: azure/setup-helm@v4
         with:
-          version: v3.13.3
+          version: latest
 
       - uses: actions/setup-python@v5
         with:
-          python-version: "3.10"
+          python-version: "3.13"
           check-latest: true
 
       - name: Set up chart-testing

.gitignore

@@ -9,4 +9,4 @@ charts/**/charts/
 __snapshot__/
 
 # Docs
-_site/
+_site/

.pre-commit-config.yaml

@@ -0,0 +1,19 @@
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v2.3.0
+    hooks:
+      - id: end-of-file-fixer
+      - id: trailing-whitespace
+      - id: check-added-large-files
+      - id: check-yaml
+        exclude: 'charts/'
+        args:
+          - --multi
+  - repo: https://github.com/norwoodj/helm-docs
+    rev: v1.14.2
+    hooks:
+      - id: helm-docs
+        args:
+          - --chart-search-root=charts
+          - --template-files=./_templates.gotmpl
+          - --template-files=README.md.gotmpl

charts/cloudflared/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v2
 name: cloudflared
-version: 1.8.1
+version: 1.12.1
 description: Cloudflared Tunnel
 keywords:
   - cloudflare
@@ -15,4 +15,4 @@ dependencies:
     repository: https://bjw-s.github.io/helm-charts/
     version: 3.5.1
 icon: https://avatars.githubusercontent.com/u/314135?s=48&v=4
-appVersion: "2024.9.1"
+appVersion: "2024.12.2"

charts/cloudflared/README.md

@@ -1,16 +1,38 @@
-## Introduction
+# cloudflared
 
-[Cloudflared](https://github.com/cloudflare/cloudflared)
+![Version: 1.12.1](https://img.shields.io/badge/Version-1.12.1-informational?style=flat-square) ![AppVersion: 2024.12.2](https://img.shields.io/badge/AppVersion-2024.12.2-informational?style=flat-square)
 
-Contains the command-line client for Cloudflare Tunnel, a tunneling daemon that proxies traffic from the Cloudflare network to your origins.
+Cloudflared Tunnel
 
-This chart bootstraps a [Cloudflared](https://github.com/cloudflare/cloudflared) tunnel on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
+## Maintainers
 
-## Prerequisites
+| Name | Email | Url |
+| ---- | ------ | --- |
+| alexlebens |  |  |
 
-- Kubernetes
-- Helm
+## Source Code
 
-## Parameters
+* <https://github.com/cloudflare/cloudflared>
+* <https://github.com/bjw-s/helm-charts/tree/main/charts/library/common>
 
-See the [values files](values.yaml).
+## Requirements
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://bjw-s.github.io/helm-charts/ | common | 3.5.1 |
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| existingSecretKey | string | `"cf-tunnel-token"` |  |
+| existingSecretName | string | `"cloudflared-secret"` |  |
+| image.pullPolicy | string | `"IfNotPresent"` |  |
+| image.repository | string | `"cloudflare/cloudflared"` |  |
+| image.tag | string | `"2024.12.2"` |  |
+| name | string | `"cloudflared"` |  |
+| resources.requests.cpu | string | `"100m"` |  |
+| resources.requests.memory | string | `"128Mi"` |  |
+
+----------------------------------------------
+Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)

charts/cloudflared/templates/common.yaml

@@ -4,7 +4,7 @@
 {{ if not .Values.global.nameOverride }}
 global:
   nameOverride: {{ .Values.name }}
-{{ end }}  
+{{ end }}
 controllers:
   main:
     type: deployment
@@ -38,4 +38,4 @@ controllers:
 {{- $_ := mergeOverwrite .Values (include "cloudflared.hardcodedValues" . | fromYaml) -}}
 
 {{/* Render the templates */}}
-{{ include "bjw-s.common.loader.generate" . }}
+{{ include "bjw-s.common.loader.generate" . }}

charts/cloudflared/values.yaml

@@ -3,7 +3,7 @@ existingSecretName: cloudflared-secret
 existingSecretKey: cf-tunnel-token
 image:
   repository: cloudflare/cloudflared
-  tag: "2024.9.1"
+  tag: "2024.12.2"
   pullPolicy: IfNotPresent
 resources:
   requests:

charts/generic-device-plugin/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v2
 name: generic-device-plugin
-version: 0.1.1
+version: 0.1.3
 description: Generic Device Plugin
 keywords:
   - generic-device-plugin
@@ -15,4 +15,4 @@ dependencies:
   - name: common
     repository: https://bjw-s.github.io/helm-charts/
     version: 3.5.1
-appVersion: 0.1.1
+appVersion: 0.1.3

charts/generic-device-plugin/README.md

@@ -1,16 +1,42 @@
-## Introduction
+# generic-device-plugin
 
-[Generic Device Plugin](https://github.com/squat/generic-device-plugin)
+![Version: 0.1.3](https://img.shields.io/badge/Version-0.1.3-informational?style=flat-square) ![AppVersion: 0.1.3](https://img.shields.io/badge/AppVersion-0.1.3-informational?style=flat-square)
 
-The generic-device-plugin enables allocating generic Linux devices, such as serial devices, the FUSE device, or video cameras, to Kubernetes Pods.
+Generic Device Plugin
 
-This chart bootstraps a [Generic Device Plugin](https://github.com/squat/generic-device-plugin) daemonset on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
+## Maintainers
 
-## Prerequisites
+| Name | Email | Url |
+| ---- | ------ | --- |
+| alexlebens |  |  |
 
-- Kubernetes
-- Helm
+## Source Code
 
-## Parameters
+* <https://github.com/squat/generic-device-plugin>
+* <https://github.com/bjw-s/helm-charts/tree/main/charts/library/common>
 
-See the [values files](values.yaml).
+## Requirements
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://bjw-s.github.io/helm-charts/ | common | 3.5.1 |
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| config.data | string | See [values.yaml](./values.yaml) | generic-device-plugin config file [[ref]](https://github.com/squat/generic-device-plugin#usage) |
+| config.enabled | bool | `true` |  |
+| deviceDomain | string | `"squat.ai"` |  |
+| image.pullPolicy | string | `"Always"` |  |
+| image.repository | string | `"ghcr.io/squat/generic-device-plugin"` |  |
+| image.tag | string | `"latest"` |  |
+| name | string | `"generic-device-plugin"` |  |
+| resources.limit.cpu | string | `"100m"` |  |
+| resources.limit.memory | string | `"20Mi"` |  |
+| resources.requests.cpu | string | `"50m"` |  |
+| resources.requests.memory | string | `"10Mi"` |  |
+| service.listenPort | int | `8080` |  |
+
+----------------------------------------------
+Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)

charts/generic-device-plugin/templates/common.yaml

@@ -1,6 +1,6 @@
-{{- include "bjw-s.common.loader.init" . }}
+{{ include "bjw-s.common.loader.init" . }}
 
-{{- define "genericDevicePlugin.hardcodedValues" -}}
+{{ define "genericDevicePlugin.hardcodedValues" }}
 {{ if not .Values.global.nameOverride }}
 global:
   nameOverride: {{ .Values.name }}
@@ -8,7 +8,13 @@ global:
 controllers:
   main:
     type: daemonset
-    strategy: RollingUpdate
+    pod:
+      priorityClassName: system-node-critical
+      tolerations:
+        - operator: "Exists"
+          effect: "NoExecute"
+        - operator: "Exists"
+          effect: "NoSchedule"
     containers:
       main:
         image:
@@ -33,7 +39,7 @@ controllers:
             path: /health
           startup:
             type: HTTP
-            path: /health            
+            path: /health
         securityContext:
           privileged: True
 configMaps:
@@ -62,15 +68,15 @@ persistence:
     hostPath: /dev
 serviceMonitor:
   main:
-    serviceName: generic-device-plugin  
+    serviceName: generic-device-plugin
     endpoints:
       - port: http
         scheme: http
         path: /metrics
         interval: 30s
         scrapeTimeout: 10s
-{{- end -}}
-{{- $_ := mergeOverwrite .Values (include "genericDevicePlugin.hardcodedValues" . | fromYaml) -}}
+{{ end }}
+{{ $_ := mergeOverwrite .Values (include "genericDevicePlugin.hardcodedValues" . | fromYaml) }}
 
 {{/* Render the templates */}}
 {{ include "bjw-s.common.loader.generate" . }}

charts/postgres-cluster/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v2
 name: postgres-cluster
-version: 3.12.1
+version: 4.0.1
 description: Chart for cloudnative-pg cluster
 keywords:
   - database
@@ -10,4 +10,4 @@ sources:
 maintainers:
   - name: alexlebens
 icon: https://avatars.githubusercontent.com/u/100373852?s=48&v=4
-appVersion: v1.24.0
+appVersion: v1.25.0

charts/postgres-cluster/README.md

@@ -1,17 +1,99 @@
-## Introduction
+# postgres-cluster
 
-[CloudNative PG](https://github.com/cloudnative-pg/cloudnative-pg)
+![Version: 4.0.1](https://img.shields.io/badge/Version-4.0.1-informational?style=flat-square) ![AppVersion: v1.25.0](https://img.shields.io/badge/AppVersion-v1.25.0-informational?style=flat-square)
 
-CloudNativePG is the Kubernetes operator that covers the full lifecycle of a highly available PostgreSQL database cluster with a primary/standby architecture, using native streaming replication.
+Chart for cloudnative-pg cluster
 
-This chart bootstraps a [CNPG](https://github.com/cloudnative-pg/cloudnative-pg) cluster on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
+## Maintainers
 
-## Prerequisites
+| Name | Email | Url |
+| ---- | ------ | --- |
+| alexlebens |  |  |
 
-- Kubernetes
-- Helm
-- CloudNative PG Operator
+## Source Code
 
-## Parameters
+* <https://github.com/cloudnative-pg/cloudnative-pg>
 
-See the [values files](values.yaml).
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| backup.backupIndex | int | `1` |  |
+| backup.backupName | string | `""` |  |
+| backup.data.compression | string | `"snappy"` |  |
+| backup.data.encryption | string | `""` |  |
+| backup.data.jobs | int | `2` |  |
+| backup.destinationPath | string | `""` |  |
+| backup.enabled | bool | `false` |  |
+| backup.endpointCA | string | `""` |  |
+| backup.endpointCredentials | string | `""` |  |
+| backup.endpointURL | string | `""` |  |
+| backup.historyTags.backupRetentionPolicy | string | `""` |  |
+| backup.retentionPolicy | string | `"14d"` |  |
+| backup.schedule | string | `"0 0 0 * * *"` |  |
+| backup.tags.backupRetentionPolicy | string | `""` |  |
+| backup.wal.compression | string | `"snappy"` |  |
+| backup.wal.encryption | string | `""` |  |
+| backup.wal.maxParallel | int | `2` |  |
+| bootstrap.initdb | object | `{}` |  |
+| cluster.additionalLabels | object | `{}` |  |
+| cluster.affinity.enablePodAntiAffinity | bool | `true` |  |
+| cluster.affinity.topologyKey | string | `"kubernetes.io/hostname"` |  |
+| cluster.annotations | object | `{}` |  |
+| cluster.enableSuperuserAccess | bool | `false` |  |
+| cluster.image.pullPolicy | string | `"IfNotPresent"` |  |
+| cluster.image.repository | string | `"ghcr.io/cloudnative-pg/postgresql"` |  |
+| cluster.image.tag | string | `"17.2-22"` |  |
+| cluster.instances | int | `3` |  |
+| cluster.logLevel | string | `"info"` |  |
+| cluster.monitoring.enabled | bool | `false` |  |
+| cluster.monitoring.podMonitor.enabled | bool | `true` |  |
+| cluster.monitoring.prometheusRule.enabled | bool | `false` |  |
+| cluster.monitoring.prometheusRule.excludeRules | list | `[]` |  |
+| cluster.postgresGID | int | `26` |  |
+| cluster.postgresUID | int | `26` |  |
+| cluster.postgresql.parameters.hot_standby_feedback | string | `"on"` |  |
+| cluster.postgresql.parameters.max_slot_wal_keep_size | string | `"2000MB"` |  |
+| cluster.postgresql.parameters.shared_buffers | string | `"128MB"` |  |
+| cluster.postgresql.shared_preload_libraries | list | `[]` |  |
+| cluster.primaryUpdateMethod | string | `"switchover"` |  |
+| cluster.primaryUpdateStrategy | string | `"unsupervised"` |  |
+| cluster.priorityClassName | string | `""` |  |
+| cluster.resources.limits.cpu | string | `"800m"` |  |
+| cluster.resources.limits.hugepages-2Mi | string | `"256Mi"` |  |
+| cluster.resources.limits.memory | string | `"1Gi"` |  |
+| cluster.resources.requests.cpu | string | `"10m"` |  |
+| cluster.resources.requests.memory | string | `"256Mi"` |  |
+| cluster.storage.size | string | `"10Gi"` |  |
+| cluster.storage.storageClass | string | `""` |  |
+| cluster.walStorage.size | string | `"2Gi"` |  |
+| cluster.walStorage.storageClass | string | `""` |  |
+| mode | string | `"standalone"` |  |
+| nameOverride | string | `""` | Override the name of the cluster |
+| recovery.data.compression | string | `"snappy"` |  |
+| recovery.data.encryption | string | `""` |  |
+| recovery.data.jobs | int | `2` |  |
+| recovery.destinationPath | string | `""` |  |
+| recovery.endpointCA | string | `""` |  |
+| recovery.endpointCredentials | string | `""` |  |
+| recovery.endpointURL | string | `""` |  |
+| recovery.pitrTarget.time | string | `""` |  |
+| recovery.recoveryIndex | int | `1` |  |
+| recovery.recoveryInstanceName | string | `""` |  |
+| recovery.recoveryServerName | string | `""` |  |
+| recovery.wal.compression | string | `"snappy"` |  |
+| recovery.wal.encryption | string | `""` |  |
+| recovery.wal.maxParallel | int | `2` |  |
+| replica.externalCluster.connectionParameters.dbname | string | `"app"` |  |
+| replica.externalCluster.connectionParameters.host | string | `"postgresql"` |  |
+| replica.externalCluster.connectionParameters.user | string | `"app"` |  |
+| replica.externalCluster.password.key | string | `"password"` |  |
+| replica.externalCluster.password.name | string | `"postgresql"` |  |
+| replica.importDatabases[0] | string | `"app"` |  |
+| replica.importRoles | list | `[]` |  |
+| replica.importType | string | `"microservice"` |  |
+| replica.postImportApplicationSQL | list | `[]` |  |
+| type | string | `"postgresql"` | Type of the CNPG database. Available types: * `postgresql` * `postgis` * `timescaledb` * `tensorchord` |
+
+----------------------------------------------
+Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)

charts/postgres-cluster/templates/_bootstrap.tpl

@@ -2,7 +2,7 @@
 bootstrap:
 {{- if eq .Values.mode "standalone" }}
   initdb:
-    {{- with .Values.cluster.initdb }}
+    {{- with .Values.bootstrap.initdb }}
     {{- with (omit . "postInitApplicationSQL") }}
     {{- . | toYaml | nindent 4 }}
     {{- end }}
@@ -10,7 +10,7 @@ bootstrap:
     {{- if eq .Values.type "tensorchord" }}
     dataChecksums: true
     {{- end }}
-    {{- if or (eq .Values.type "postgis") (eq .Values.type "timescaledb") (eq .Values.type "tensorchord") (.Values.cluster.initdb.postInitApplicationSQL) }}
+    {{- if or (eq .Values.type "postgis") (eq .Values.type "timescaledb") (eq .Values.type "tensorchord") (.Values.bootstrap.initdb.postInitApplicationSQL) }}
     postInitApplicationSQL:
       {{- if eq .Values.type "postgis" }}
       - CREATE EXTENSION IF NOT EXISTS postgis;
@@ -29,7 +29,7 @@ bootstrap:
       - GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA vectors TO "app";
       - GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "app";
       {{- end }}
-      {{- with .Values.cluster.initdb }}
+      {{- with .Values.bootstrap.initdb }}
       {{- range .postInitApplicationSQL }}
       {{- printf "- %s" . | nindent 6 }}
       {{- end }}
@@ -61,6 +61,11 @@ bootstrap:
       {{- end }}
       source:
         externalCluster: "{{ include "cluster.name" . }}-cluster"
+    {{- with .Values.bootstrap.initdb }}
+    {{- with (omit . "postInitApplicationSQL") }}
+    {{- . | toYaml | nindent 4 }}
+    {{- end }}
+    {{- end }}
 externalClusters:
   - name: "{{ include "cluster.name" . }}-cluster"
     {{- with .Values.replica.externalCluster }}

charts/postgres-cluster/templates/cluster.yaml

@@ -18,6 +18,7 @@ spec:
   imagePullPolicy: {{ .Values.cluster.image.pullPolicy }}
   postgresUID: {{ .Values.cluster.postgresUID }}
   postgresGID: {{ .Values.cluster.postgresGID }}
+  enableSuperuserAccess: {{ .Values.cluster.enableSuperuserAccess }}
   walStorage:
     size: {{ .Values.cluster.walStorage.size }}
     storageClass: {{ .Values.cluster.walStorage.storageClass }}
@@ -60,4 +61,5 @@ spec:
     enablePodMonitor: {{ and .Values.cluster.monitoring.enabled .Values.cluster.monitoring.podMonitor.enabled }}
 
   {{ include "cluster.bootstrap" . | nindent 2 }}
+
   {{ include "cluster.backup" . | nindent 2 }}

charts/postgres-cluster/values.yaml

@@ -21,13 +21,15 @@ cluster:
 
   image:
     repository: ghcr.io/cloudnative-pg/postgresql
-    tag: "16.4-26"
+    tag: "17.2-22"
     pullPolicy: IfNotPresent
 
   # The UID and GID of the postgres user inside the image
   postgresUID: 26
   postgresGID: 26
 
+  enableSuperuserAccess: false
+
   walStorage:
     size: 2Gi
     storageClass: ""
@@ -80,6 +82,7 @@ cluster:
       hot_standby_feedback: "on"
     shared_preload_libraries: []
 
+bootstrap:
   # BootstrapInitDB is the configuration of the bootstrap process when initdb is used.
   # See: https://cloudnative-pg.io/documentation/current/bootstrap/
   # See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-bootstrapinitdb
@@ -178,9 +181,9 @@ backup:
 
   # Tags to add to backups. Add in key value beneath the type.
   tags:
-    backupRetentionPolicy: "expire"
+    backupRetentionPolicy: ""
   historyTags:
-    backupRetentionPolicy: "keep"
+    backupRetentionPolicy: ""
 
   # Configuration for the WAL and data files.
   wal:
@@ -199,7 +202,7 @@ backup:
     jobs: 2
 
   # Retention policy for backups
-  retentionPolicy: "60d"
+  retentionPolicy: "14d"
 
   # Scheduled backup in cron format
-  schedule: "0 0 */3 * *"
+  schedule: "0 0 0 * * *"