upgrade base image to 17

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

.github/renovate-update-notification/Dockerfile

@@ -1,2 +1,2 @@
 # This file is processed by Renovate bot so that it creates a PR on new major Renovate versions
-FROM renovate/renovate:37
+FROM renovate/renovate:39

.github/renovate.json

@@ -6,14 +6,11 @@
         ":rebaseStalePrs"
     ],
     "timezone": "US/Central",
-    "schedule": [
-        "every weekday"
-    ],
     "labels": [],
     "packageRules": [
         {
             "description": "Disables for non major Renovate version",
-            "matchPaths": [
+            "matchFileNames": [
                 ".github/renovate-update-notification/Dockerfile"
             ],
             "matchUpdateTypes": [
@@ -27,7 +24,7 @@
         },
         {
             "description": "Generate for major Renovate version",
-            "matchPaths": [
+            "matchFileNames": [
                 ".github/renovate-update-notification/Dockerfile"
             ],
             "matchUpdateTypes": [

.github/workflows/lint-test.yaml

@@ -14,11 +14,11 @@ jobs:
       - name: Set up Helm
         uses: azure/setup-helm@v4
         with:
-          version: v3.13.3
+          version: latest
 
       - uses: actions/setup-python@v5
         with:
-          python-version: "3.10"
+          python-version: "3.13"
           check-latest: true
 
       - name: Set up chart-testing

charts/cloudflared/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v2
 name: cloudflared
-version: 1.4.1
+version: 1.12.0
 description: Cloudflared Tunnel
 keywords:
   - cloudflare
@@ -13,6 +13,6 @@ maintainers:
 dependencies:
   - name: common
     repository: https://bjw-s.github.io/helm-charts/
-    version: 3.2.1
+    version: 3.5.1
 icon: https://avatars.githubusercontent.com/u/314135?s=48&v=4
-appVersion: "2024.6.1"
+appVersion: "2024.12.2"

charts/cloudflared/values.yaml

@@ -3,7 +3,7 @@ existingSecretName: cloudflared-secret
 existingSecretKey: cf-tunnel-token
 image:
   repository: cloudflare/cloudflared
-  tag: "2024.6.1"
+  tag: "2024.12.2"
   pullPolicy: IfNotPresent
 resources:
   requests:

charts/generic-device-plugin/Chart.yaml

@@ -0,0 +1,18 @@
+apiVersion: v2
+name: generic-device-plugin
+version: 0.1.2
+description: Generic Device Plugin
+keywords:
+  - generic-device-plugin
+  - device
+  - plugin
+sources:
+  - https://github.com/squat/generic-device-plugin
+  - https://github.com/bjw-s/helm-charts/tree/main/charts/library/common
+maintainers:
+  - name: alexlebens
+dependencies:
+  - name: common
+    repository: https://bjw-s.github.io/helm-charts/
+    version: 3.5.1
+appVersion: 0.1.2

charts/generic-device-plugin/README.md

@@ -0,0 +1,16 @@
+## Introduction
+
+[Generic Device Plugin](https://github.com/squat/generic-device-plugin)
+
+The generic-device-plugin enables allocating generic Linux devices, such as serial devices, the FUSE device, or video cameras, to Kubernetes Pods.
+
+This chart bootstraps a [Generic Device Plugin](https://github.com/squat/generic-device-plugin) daemonset on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
+
+## Prerequisites
+
+- Kubernetes
+- Helm
+
+## Parameters
+
+See the [values files](values.yaml).

charts/generic-device-plugin/templates/common.yaml

@@ -0,0 +1,82 @@
+{{- include "bjw-s.common.loader.init" . }}
+
+{{- define "genericDevicePlugin.hardcodedValues" -}}
+{{ if not .Values.global.nameOverride }}
+global:
+  nameOverride: {{ .Values.name }}
+{{ end }}
+controllers:
+  main:
+    type: daemonset
+    pod:
+      priorityClassName: system-node-critical
+      tolerations:
+        - operator: "Exists"
+          effect: "NoExecute"
+        - operator: "Exists"
+          effect: "NoSchedule"
+    containers:
+      main:
+        image:
+          repository: {{ .Values.image.repository }}
+          tag: {{ .Values.image.tag }}
+          pullPolicy: {{ .Values.image.pullPolicy }}
+        args:
+          - --config=/config/config.yaml
+        env:
+          - name: LISTEN
+            value: :{{ .Values.service.listenPort }}
+          - name: PLUGIN_DIRECTORY
+            value: /var/lib/kubelet/device-plugins
+          - name: DOMAIN
+            value: {{ .Values.deviceDomain }}
+        probes:
+          liveness:
+            type: HTTP
+            path: /health
+          readiness:
+            type: HTTP
+            path: /health
+          startup:
+            type: HTTP
+            path: /health
+        securityContext:
+          privileged: True
+configMaps:
+  config:
+    enabled: {{ .Values.config.enabled }}
+    data:
+      config.yaml: {{ toYaml .Values.config.data | nindent 8 }}
+service:
+  main:
+    controller: main
+    ports:
+      http:
+        port: {{ .Values.service.listenPort }}
+persistence:
+  config:
+    enabled: true
+    type: configMap
+    name: {{ .Values.name }}-config
+  device-plugins:
+    enabled: true
+    type: hostPath
+    hostPath: /var/lib/kubelet/device-plugins
+  dev:
+    enabled: true
+    type: hostPath
+    hostPath: /dev
+serviceMonitor:
+  main:
+    serviceName: generic-device-plugin
+    endpoints:
+      - port: http
+        scheme: http
+        path: /metrics
+        interval: 30s
+        scrapeTimeout: 10s
+{{- end -}}
+{{- $_ := mergeOverwrite .Values (include "genericDevicePlugin.hardcodedValues" . | fromYaml) -}}
+
+{{/* Render the templates */}}
+{{ include "bjw-s.common.loader.generate" . }}

charts/generic-device-plugin/values.yaml

@@ -0,0 +1,74 @@
+name: generic-device-plugin
+
+image:
+  repository: ghcr.io/squat/generic-device-plugin
+  pullPolicy: Always
+  tag: latest
+
+deviceDomain: squat.ai
+
+service:
+  listenPort: 8080
+
+resources:
+  limit:
+    cpu: 100m
+    memory: 20Mi
+  requests:
+    cpu: 50m
+    memory: 10Mi
+
+config:
+  enabled: true
+  # -- generic-device-plugin config file [[ref]](https://github.com/squat/generic-device-plugin#usage)
+  # @default -- See [values.yaml](./values.yaml)
+  data: |
+    devices:
+      - name: serial
+        groups:
+          - paths:
+              - path: /dev/ttyUSB*
+          - paths:
+              - path: /dev/ttyACM*
+          - paths:
+              - path: /dev/tty.usb*
+          - paths:
+              - path: /dev/cu.*
+          - paths:
+              - path: /dev/cuaU*
+          - paths:
+              - path: /dev/rfcomm*
+      - name: video
+        groups:
+          - paths:
+              - path: /dev/video0
+      - name: fuse
+        groups:
+          - count: 10
+            paths:
+              - path: /dev/fuse
+      - name: audio
+        groups:
+          - count: 10
+            paths:
+              - path: /dev/snd
+      - name: capture
+        groups:
+          - paths:
+              - path: /dev/snd/controlC0
+              - path: /dev/snd/pcmC0D0c
+          - paths:
+              - path: /dev/snd/controlC1
+                mountPath: /dev/snd/controlC0
+              - path: /dev/snd/pcmC1D0c
+                mountPath: /dev/snd/pcmC0D0c
+          - paths:
+              - path: /dev/snd/controlC2
+                mountPath: /dev/snd/controlC0
+              - path: /dev/snd/pcmC2D0c
+                mountPath: /dev/snd/pcmC0D0c
+          - paths:
+              - path: /dev/snd/controlC3
+                mountPath: /dev/snd/controlC0
+              - path: /dev/snd/pcmC3D0c
+                mountPath: /dev/snd/pcmC0D0c

charts/mysql-cluster/Chart.yaml

@@ -1,15 +0,0 @@
-apiVersion: v2
-name: mysql-cluster
-version: 0.2.4
-description: Chart for a mysql cluster
-keywords:
-  - database
-  - mysql
-sources:
-  - https://dev.mysql.com/
-  - https://github.com/mysql/mysql-operator
-  - https://github.com/mysql/mysql-operator/tree/trunk/helm/mysql-innodbcluster
-maintainers:
-  - name: alexlebens
-icon: https://avatars.githubusercontent.com/u/2452804?s=48&v=4
-appVersion: 8.4.0

charts/mysql-cluster/README.md

@@ -1,17 +0,0 @@
-## Introduction
-
-[MySQL Operator](https://dev.mysql.com/doc/mysql-operator/en/)
-
-MySQL Operator for Kubernetes manages MySQL InnoDB Cluster setups inside a Kubernetes Cluster. MySQL Operator for Kubernetes manages the full lifecycle with setup and maintenance including automating upgrades and backups.
-
-This chart bootstraps a [MySQL InnoDB](https://dev.mysql.com/doc/mysql-operator/en/mysql-operator-innodbcluster.html) cluster on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
-
-## Prerequisites
-
-- Kubernetes
-- Helm
-- MySQL Operator
-
-## Parameters
-
-See the [values files](values.yaml).

charts/mysql-cluster/templates/_backup.tpl

@@ -1,72 +0,0 @@
-{{- define "cluster.backup" -}}
-
-{{- if and .Values.backup.enabled .Values.backup.profiles }}
-backupProfiles:
-{{- $isDumpInstance := false }}
-{{- $isSnapshot := false }}
-{{- range $_, $profile := .Values.backup.profiles }}
-  - name: {{ $profile.name | quote }}
-      {{- if hasKey $profile "podAnnotations" }}
-    podAnnotations:
-      {{ toYaml $profile.podAnnotations | nindent 6 }}
-      {{- end }}
-      {{- if hasKey $profile "podLabels" }}
-    podLabels:
-      {{ toYaml $profile.podLabels | nindent 6 }}
-      {{- end }}
-
-    {{- $isDumpInstance = hasKey $profile "dumpInstance" }}
-    {{- $isSnapshot = hasKey $profile "snapshot" }}
-    {{- if or $isDumpInstance $isSnapshot }}
-
-      {{- $backupProfile := ternary $profile.dumpInstance $profile.snapshot $isDumpInstance }}
-      {{- if $isDumpInstance }}
-    dumpInstance:
-      {{- else if $isSnapshot }}
-    snapshot:
-      {{- else }}
-      {{- fail "Unsupported or unspecified backup type, must be either snapshot or dumpInstance" }}
-      {{ end }}
-
-      {{- if not (hasKey $backupProfile "storage") }}
-      {{- fail "backup profile $profile.name has no storage section" }}
-      {{- else if hasKey $backupProfile.storage "s3" }}
-      storage:
-        s3:
-            {{- if $backupProfile.storage.s3.prefix }}
-          prefix: {{ $backupProfile.storage.s3.prefix }}
-            {{- end }}
-          bucketName: {{ required "bucketName is required" $backupProfile.storage.s3.bucketName }}
-          config: {{ required "config is required" $backupProfile.storage.s3.config }}
-            {{- if $backupProfile.storage.s3.profile }}
-          profile: {{ $backupProfile.storage.s3.profile }}
-            {{- end }}
-            {{- if $backupProfile.storage.s3.endpoint }}
-          endpoint: {{ $backupProfile.storage.s3.endpoint }}
-            {{- end }}
-      {{- else if hasKey $backupProfile.storage "persistentVolumeClaim" }}
-      storage:
-        persistentVolumeClaim: {{ toYaml $backupProfile.storage.persistentVolumeClaim | nindent 12}}
-      {{- else -}}
-      {{- fail "Backup profile $profile.name has empty storage section - neither s3 nor persistentVolumeClaim defined" }}
-      {{- end -}}
-
-    {{- end }}
-{{- end }}
-{{- end }}
-
-{{- if .Values.backup.schedules }}
-backupSchedules:
-{{- range $_, $schedule := .Values.backup.schedules }}
-  - name: {{ $schedule.name | quote }}
-    enabled: {{ $schedule.enabled }}
-    schedule: {{ quote $schedule.schedule }}
-      {{- if ($schedule).timeZone }}
-    timeZone: {{ quote $schedule.timeZone }}
-      {{- end }}
-    deleteBackupData: {{ $schedule.deleteBackupData }}
-    backupProfileName: {{ $schedule.backupProfileName }}
-{{- end }}
-{{- end }}
-
-{{- end }}

charts/mysql-cluster/templates/_helpers.tpl

@@ -1,64 +0,0 @@
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "cluster.name" -}}
-  {{- if .Values.global.nameOverride }}
-    {{- .Values.global.nameOverride | trunc 63 | trimSuffix "-" }}
-  {{- else }}
-    {{- printf "%s-mysql-%s" .Release.Name ((semver .Values.cluster.image.version).Major | toString) | trunc 63 | trimSuffix "-" -}}
-  {{- end }}
-{{- end }}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "cluster.chart" -}}
-  {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Check for invalid versions
-*/}}
-{{- $minimalVersion := "8.0.27" }}
-{{- $forbiddenVersions := list "8.0.29" }}
-{{- $serverVersion := .Values.serverVersion | default .Chart.AppVersion }}
-{{- if lt $serverVersion $minimalVersion }}
-  {{- $err := printf "It is not possible to use MySQL version %s . Please, use %s or above" $serverVersion $minimalVersion }}
-  {{- fail $err }}
-{{- end }}
-{{- if has $serverVersion $forbiddenVersions }}
-  {{- $err := printf "It is not possible to use MySQL version %s . Please, use %s or above except %v" $serverVersion $minimalVersion $forbiddenVersions }}
-  {{- fail $err }}
-{{- end }}
-
-{{/*
-Common labels
-*/}}
-{{- define "cluster.labels" -}}
-helm.sh/chart: {{ include "cluster.chart" . }}
-{{ include "cluster.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "cluster.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "cluster.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-app.kubernetes.io/part-of: cloudnative-pg
-{{- end }}
-
-{{/*
-Create the name of the service account to use.
-*/}}
-{{- define "mysql.serviceAccountName" -}}
-{{- if .Values.serviceAccount.enabled -}}
-    {{ default (include "cluster.name" .) .Values.serviceAccount.name }}
-{{- else -}}
-    {{ default "default" .Values.serviceAccount.name }}
-{{- end -}}
-{{- end -}}

charts/mysql-cluster/templates/_init.tpl

@@ -1,47 +0,0 @@
-{{- define "cluster.init" -}}
-
-{{- if eq .Values.mode "clone" }}
-{{- with .Values.clone }}
-initDB:
-  clone:
-    donorUrl: {{ required "clone donorUrl is required" .donorUrl }}
-    rootUser: {{ .rootUser | default "root" }}
-    secretKeyRef:
-      name: {{ required "clone credentials is required" .exisitingCredentialsSecret }}
-{{- end }}
-{{- end }}
-
-{{- if eq .Values.mode "recovery" }}
-{{- with .Values.recovery }}
-initDB:
-  dump:
-      {{- if .name }}
-    name: {{ .name | quote }}
-      {{- end }}
-      {{- if .path }}
-    path: {{ .path | quote }}
-      {{- end }}
-      {{- if .options }}
-    options: {{ toYaml .options | nindent 8 }}
-      {{- end }}
-    storage:
-      {{- if eq .type "s3" }}
-      s3:
-        prefix: {{ required "s3 prefix is required" .s3.prefix }}
-        bucketName: {{ required "s3 bucketName is required" .s3.bucketName }}
-        config: {{ required "s3 config is required" .s3.config }}
-          {{- if .s3.profile }}
-        profile: {{ .s3.profile }}
-          {{- end }}
-          {{- if .s3.endpoint }}
-        endpoint: {{ .s3.endpoint }}
-          {{- end }}
-      {{- end }}
-      {{- if eq .type "pvc" }}
-      persistentVolumeClaim:
-        {{ toYaml .persistentVolumeClaim | nindent 10}}
-      {{- end }}
-{{- end }}
-{{- end }}
-
-{{- end }}

charts/mysql-cluster/templates/deployment.yaml

@@ -1,75 +0,0 @@
-apiVersion: mysql.oracle.com/v2
-kind: InnoDBCluster
-metadata:
-  name: {{ include "cluster.name" . }}-cluster
-  namespace: {{ .Release.Namespace }}
-  annotations:
-    {{- with .Values.global.annotations }}
-    {{- toYaml . | nindent 4 }}
-    {{- end }}
-  labels:
-    {{- include "cluster.labels" . | nindent 4 }}
-    {{- include "cluster.selectorLabels" . | nindent 4 }}
-    {{- with .Values.global.labels }}
-    {{ toYaml . | nindent 4 }}
-    {{- end }}
-spec:
-  instances: {{ required "serverInstances is required" .Values.cluster.serverInstances }}
-  baseServerId: {{ required "baseServerId is required" .Values.cluster.baseServerId }}
-  serviceAccountName: {{ include "mysql.serviceAccountName" . }}
-  imagePullPolicy : {{ .Values.cluster.image.pullPolicy }}
-  version: {{ .Values.cluster.image.version }}
-  tlsUseSelfSigned: true
-  secretName: {{ .Values.cluster.exisitingCredentialsSecret }}
-  {{- if .Values.cluster.podSpec }}
-  podSpec:
-    {{ toYaml .Values.cluster.podSpec | nindent 4 }}
-  {{- end }}
-  {{- if .Values.cluster.podAnnotations }}
-  podAnnotations:
-    {{ toYaml .Values.cluster.podAnnotations | nindent 4 }}
-  {{- end }}
-  {{- if .Values.cluster.podLabels }}
-  podLabels:
-    {{ toYaml .Values.cluster.podLabels | nindent 4 }}
-  {{- end }}
-  router:
-    instances: {{ required "router.instances is required" .Values.cluster.router.instances }}
-    {{- if .Values.cluster.router.podSpec }}
-    podSpec:
-      {{- toYaml .Values.cluster.router.podSpec | nindent 6 }}
-    {{- end }}
-    {{- if .Values.cluster.router.podAnnotations }}
-    podAnnotations:
-      {{- toYaml .Values.cluster.router.podAnnotations | nindent 6 }}
-    {{- end }}
-    {{- if .Values.cluster.router.podLabels }}
-    podLabels:
-      {{- toYaml .Values.cluster.router.podLabels | nindent 6 }}
-    {{- end }}
-    tlsSecretName: {{ include "cluster.name" . }}-router-tls
-  logs:
-    {{- with .Values.cluster.logs }}
-    {{ toYaml . | nindent 4 }}
-    {{- end }}
-  mycnf: |
-{{ .Values.cluster.serverConfig.mycnf | indent 4 }}
-  {{- if .Values.cluster.datadirVolumeClaimTemplate }}
-  {{- with .Values.cluster.datadirVolumeClaimTemplate }}
-  datadirVolumeClaimTemplate:
-    {{- if .storageClassName }}
-    storageClassName: {{ .storageClassName | quote }}
-    {{- end}}
-    {{- if .accessModes }}
-    accessModes: [ "{{ .accessModes }}" ]
-    {{- end }}
-    {{- if .size }}
-    resources:
-      requests:
-        storage: "{{ .size }}"
-    {{- end }}
-  {{- end }}
-  {{- end }}
-
-  {{ include "cluster.init" . | nindent 2 }}
-  {{ include "cluster.backup" . | nindent 2 }}

charts/mysql-cluster/templates/service-account.yaml

@@ -1,21 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: {{ include "mysql.serviceAccountName" . }}
-  namespace: {{ .Release.Namespace }}
-  labels:
-    {{- include "cluster.labels" . | nindent 4 }}
-    {{- include "cluster.selectorLabels" . | nindent 4 }}    
-    {{- with .Values.global.labels }}
-    {{- toYaml . | nindent 4 }}
-    {{- end }}
-    {{- with .Values.serviceAccount.labels }}
-    {{- toYaml . | nindent 4 }}
-    {{- end }}    
-  annotations:
-    {{- with .Values.global.annotations }}
-    {{- toYaml . | nindent 4 }}
-    {{- end }}
-    {{- with .Values.serviceAccount.annotations }}
-    {{- toYaml . | nindent 4 }}
-    {{- end }}

charts/mysql-cluster/values.yaml

@@ -1,147 +0,0 @@
-global:
-  nameOverride:
-  labels: {}
-  annotations: {}
-
-serviceAccount:
-  enabled: true
-  labels: {}
-  annotations: {}
-  name: ""
-
-###
-# Cluster mode of operation. Available modes:
-# * `standalone` - Default mode. Creates new or updates an existing cluster.
-# * `recovery` - Same as standalone but creates a cluster from a backup
-# * `clone` - Create database as a replica from another cluster
-mode: standalone
-
-##
-# Cluster spec
-#
-# Reference: https://dev.mysql.com/doc/mysql-operator/en/mysql-operator-properties.html#mysql-operator-spec-innodbclusterspecinitdbdumpstorages3
-#
-cluster:
-  serverInstances: 1
-  baseServerId: 1000
-
-  # Existing secret that contains the keys "rootUser", "rootHost", and "rootPassword"
-  exisitingCredentialsSecret: ""
-
-  image:
-    version: 8.4.0
-    pullPolicy: IfNotPresent
-
-  router:
-    instances: 1
-    podSpec: {}
-    podAnnotations: {}
-    podLabels: {}
-
-  logs:
-    error:
-      collect: false
-    general:
-      enabled: false
-      collect: false
-    slowQuery:
-      enabled: false
-      longQueryTime: 2.5
-
-  serverConfig:
-    mycnf: |
-      [mysqld]
-      core_file
-      local_infile=off
-      mysql_native_password=ON
-
-  datadirVolumeClaimTemplate:
-    storageClassName: ""
-    accessModes: ""
-    size: ""
-
-  podSpec:
-    containers:
-      - name: mysql
-        resources:
-          limits:
-            memory: 1024Mi
-            cpu: 1000m
-          requests:
-            memory: 512Mi
-            cpu: 100m
-  podAnnotations: {}
-  podLabels: {}
-
-##
-# Recovery database from storage
-#
-recovery:
-
-  # * `s3` - Restores from s3 object store
-  # * `pvc` - Restores from persistent volume claim
-  type:
-
-  # -- Name of the dump. Not used by the operator, but a descriptive hint for the cluster administrator
-  name: ""
-  # -- Path to the dump in the PVC. Use when specifying persistentVolumeClaim. Omit for ociObjectStorage, S3, or azure.
-  path: ""
-  # -- A dictionary of key-value pairs passed directly to MySQL Shell's loadDump()
-  options: {}
-
-  s3:
-    # -- Path in the bucket where the dump files are stored
-    prefix: ""
-    # -- Name of a Secret with S3 configuration and credentials as contained in ~/.aws/config
-    config: ""
-    # -- Name of the S3 bucket where the dump is stored
-    bucketName: ""
-    # -- Override endpoint URL
-    endpoint: ""
-
-  persistentVolumeClaim: {}
-
-##
-# Clone database from another instance
-#
-clone:
-  donorUrl: ""
-  rootUser: root
-  exisitingCredentialsSecret: ""
-
-##
-# Backup database to pvc or s3
-#
-backup:
-  enabled: false
-  profiles:
-
-## -- Example profile that back ups to local pvc
-
-#    - name: pvc-backup
-#      dumpInstance:
-#        storage:
-#          persistentVolumeClaim:
-#            claimName: backup-volume-claim
-
-## -- Example profile that back ups to s3 endpoint
-
-#    - name: s3-backup
-#      snapshot:
-#        storage:
-#          s3:
-#            prefix: ""
-#            config: ""
-#            bucketName: ""
-#            endpoint: ""
-
-  schedules:
-
-## -- Example schedule that backups daily
-
-#    - name: schedule-daily
-#      enabled: true
-#      schedule: "0 0 0 * * *"
-#      timeZone: "US/Central"
-#      deleteBackupData: false
-#      backupProfileName:

charts/postgres-cluster/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v2
 name: postgres-cluster
-version: 3.8.0
+version: 4.0.0
 description: Chart for cloudnative-pg cluster
 keywords:
   - database
@@ -10,4 +10,4 @@ sources:
 maintainers:
   - name: alexlebens
 icon: https://avatars.githubusercontent.com/u/100373852?s=48&v=4
-appVersion: v1.23.1
+appVersion: v1.25.0

charts/postgres-cluster/templates/_backup.tpl

@@ -11,6 +11,14 @@ backup:
       key: ca-bundle.crt
     {{- end }}
     serverName: "{{ include "cluster.name" . }}-backup-{{ .Values.backup.backupIndex }}"
+    tags:
+      {{- with .Values.backup.tags }}
+      {{- . | toYaml | nindent 6 }}
+      {{- end }}
+    historyTags:
+      {{- with .Values.backup.historyTags }}
+      {{- . | toYaml | nindent 6 }}
+      {{- end }}
     s3Credentials:
       accessKeyId:
         name: {{ include "cluster.backupCredentials" . }}
@@ -35,8 +43,8 @@ backup:
       {{- if .Values.backup.data.encryption }}
       encryption: {{ .Values.backup.data.encryption }}
       {{- end }}
-      {{- if .Values.backup.data.maxParallel }}
-      maxParallel: {{ .Values.backup.data.maxParallel }}
+      {{- if .Values.backup.data.jobs }}
+      jobs: {{ .Values.backup.data.jobs }}
       {{- end }}
 {{- end }}
 {{- end }}

charts/postgres-cluster/templates/_bootstrap.tpl

@@ -2,11 +2,15 @@
 bootstrap:
 {{- if eq .Values.mode "standalone" }}
   initdb:
-    {{- with .Values.cluster.initdb }}
+    {{- with .Values.bootstrap.initdb }}
     {{- with (omit . "postInitApplicationSQL") }}
     {{- . | toYaml | nindent 4 }}
     {{- end }}
     {{- end }}
+    {{- if eq .Values.type "tensorchord" }}
+    dataChecksums: true
+    {{- end }}
+    {{- if or (eq .Values.type "postgis") (eq .Values.type "timescaledb") (eq .Values.type "tensorchord") (.Values.bootstrap.initdb.postInitApplicationSQL) }}
     postInitApplicationSQL:
       {{- if eq .Values.type "postgis" }}
       - CREATE EXTENSION IF NOT EXISTS postgis;
@@ -15,12 +19,22 @@ bootstrap:
       - CREATE EXTENSION IF NOT EXISTS postgis_tiger_geocoder;
       {{- else if eq .Values.type "timescaledb" }}
       - CREATE EXTENSION IF NOT EXISTS timescaledb;
+      {{- else if eq .Values.type "tensorchord" }}
+      - ALTER SYSTEM SET search_path TO "$user", public, vectors;
+      - SET search_path TO "$user", public, vectors;
+      - CREATE EXTENSION IF NOT EXISTS "vectors";
+      - CREATE EXTENSION IF NOT EXISTS "cube";
+      - CREATE EXTENSION IF NOT EXISTS "earthdistance";
+      - ALTER SCHEMA vectors OWNER TO "app";
+      - GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA vectors TO "app";
+      - GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "app";
       {{- end }}
-      {{- with .Values.cluster.initdb }}
+      {{- with .Values.bootstrap.initdb }}
       {{- range .postInitApplicationSQL }}
       {{- printf "- %s" . | nindent 6 }}
       {{- end }}
       {{- end }}
+    {{- end }}
 {{- else if eq .Values.mode "replica" }}
   initdb:
     import:
@@ -47,6 +61,11 @@ bootstrap:
       {{- end }}
       source:
         externalCluster: "{{ include "cluster.name" . }}-cluster"
+    {{- with .Values.bootstrap.initdb }}
+    {{- with (omit . "postInitApplicationSQL") }}
+    {{- . | toYaml | nindent 4 }}
+    {{- end }}
+    {{- end }}        
 externalClusters:
   - name: "{{ include "cluster.name" . }}-cluster"
     {{- with .Values.replica.externalCluster }}
@@ -94,8 +113,8 @@ externalClusters:
         {{- if .Values.recovery.data.encryption }}
         encryption: {{ .Values.recovery.data.encryption }}
         {{- end }}
-        {{- if .Values.recovery.data.maxParallel }}
-        maxParallel: {{ .Values.recovery.data.maxParallel }}
+        {{- if .Values.recovery.data.jobs }}
+        jobs: {{ .Values.recovery.data.jobs }}
         {{- end }}
 {{- else }}
   {{ fail "Invalid cluster mode!" }}

charts/postgres-cluster/templates/cluster.yaml

@@ -18,6 +18,7 @@ spec:
   imagePullPolicy: {{ .Values.cluster.image.pullPolicy }}
   postgresUID: {{ .Values.cluster.postgresUID }}
   postgresGID: {{ .Values.cluster.postgresGID }}
+  enableSuperuserAccess: {{ .Values.cluster.enableSuperuserAccess }}
   walStorage:
     size: {{ .Values.cluster.walStorage.size }}
     storageClass: {{ .Values.cluster.walStorage.storageClass }}
@@ -43,6 +44,15 @@ spec:
     shared_preload_libraries:
       - timescaledb
     {{- end }}
+    {{- if eq .Values.type "tensorchord" }}
+    shared_preload_libraries:
+      - vectors.so
+    enableAlterSystem: true
+    {{- end }}
+    {{- with .Values.cluster.postgresql.shared_preload_libraries }}
+    shared_preload_libraries:
+      {{- toYaml . | nindent 6 }}
+    {{ end }}
     {{- with .Values.cluster.postgresql.parameters }}
     parameters:
       {{- toYaml . | nindent 6 }}
@@ -51,4 +61,5 @@ spec:
     enablePodMonitor: {{ and .Values.cluster.monitoring.enabled .Values.cluster.monitoring.podMonitor.enabled }}
 
   {{ include "cluster.bootstrap" . | nindent 2 }}
+
   {{ include "cluster.backup" . | nindent 2 }}

charts/postgres-cluster/values.yaml

@@ -6,6 +6,7 @@ nameOverride: ""
 # * `postgresql`
 # * `postgis`
 # * `timescaledb`
+# * `tensorchord`
 type: postgresql
 
 ###
@@ -20,13 +21,15 @@ cluster:
 
   image:
     repository: ghcr.io/cloudnative-pg/postgresql
-    tag: "16.3"
+    tag: "17.2-22"
     pullPolicy: IfNotPresent
 
   # The UID and GID of the postgres user inside the image
   postgresUID: 26
   postgresGID: 26
 
+  enableSuperuserAccess: false
+
   walStorage:
     size: 2Gi
     storageClass: ""
@@ -77,7 +80,9 @@ cluster:
       shared_buffers: 128MB
       max_slot_wal_keep_size: 2000MB
       hot_standby_feedback: "on"
+    shared_preload_libraries: []
 
+bootstrap:
   # BootstrapInitDB is the configuration of the bootstrap process when initdb is used.
   # See: https://cloudnative-pg.io/documentation/current/bootstrap/
   # See: https://cloudnative-pg.io/documentation/current/cloudnative-pg.v1/#postgresql-cnpg-io-v1-bootstrapinitdb
@@ -125,7 +130,7 @@ recovery:
     # Whether to instruct the storage provider to encrypt data files. One of `` (use the storage container default), `AES256` or `aws:kms`.
     encryption: ""
     # Number of data files to be archived or restored in parallel.
-    maxParallel: 2
+    jobs: 2
 
 replica:
   # See https://cloudnative-pg.io/documentation/current/database_import/
@@ -174,6 +179,13 @@ backup:
   # Name of the backup cluster in the object store, defaults to "cluster.name"
   backupName: ""
 
+  # Tags to add to backups. Add in key value beneath the type.
+  tags:
+    backupRetentionPolicy: ""
+  historyTags:
+    backupRetentionPolicy: ""
+
+  # Configuration for the WAL and data files.
   wal:
     # WAL compression method. One of `` (for no compression), `gzip`, `bzip2` or `snappy`.
     compression: snappy
@@ -187,10 +199,10 @@ backup:
     # Whether to instruct the storage provider to encrypt data files. One of `` (use the storage container default), `AES256` or `aws:kms`.
     encryption: ""
     # Number of data files to be archived or restored in parallel.
-    maxParallel: 2
+    jobs: 2
 
   # Retention policy for backups
-  retentionPolicy: "30d"
+  retentionPolicy: "14d"
 
   # Scheduled backup in cron format
   schedule: "0 0 0 * * *"