CSTF/wild-cloud
1
1
Fork 0
Code Issues 12 Pull Requests Actions Packages Projects 1 Releases 1 Wiki Activity

Updates mysql app to follow new wild-app patterns.

Browse Source
This commit is contained in:
Paul Payne
2025-08-03 12:23:55 -07:00
parent 39b174e857
commit 800f6da0d9
13 changed files with 111 additions and 254 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
apps/mysql/config/example.env
View File

@@ -1,11 +0,0 @@
MARIADB_NAMESPACE=mariadb
MARIADB_RELEASE_NAME=mariadb
MARIADB_USER=app
MARIADB_DATABASE=app_database
MARIADB_STORAGE=8Gi
MARIADB_TAG=11.4.5
MARIADB_PORT=3306
# Secrets
MARIADB_PASSWORD=
MARIADB_ROOT_PASSWORD=

22
apps/mysql/primary/configmap.yaml → apps/mysql/configmap.yaml
View File

@@ -1,27 +1,17 @@
---
# Source: ghost/charts/mysql/templates/primary/configmap.yaml
apiVersion: v1 apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:
name: ghost-mysql name: mysql
namespace: "default" namespace: mysql
labels:
app.kubernetes.io/instance: ghost
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mysql
app.kubernetes.io/version: 8.4.5
helm.sh/chart: mysql-12.3.4
app.kubernetes.io/part-of: mysql
app.kubernetes.io/component: primary
data: data:
my.cnf: |- my.cnf: |
[mysqld] [mysqld]
authentication_policy='* ,,' authentication_policy='* ,,'
skip-name-resolve skip-name-resolve
explicit_defaults_for_timestamp explicit_defaults_for_timestamp
basedir=/opt/bitnami/mysql basedir=/opt/bitnami/mysql
plugin_dir=/opt/bitnami/mysql/lib/plugin plugin_dir=/opt/bitnami/mysql/lib/plugin
port=3306 port={{ .apps.mysql.port }}
mysqlx=0 mysqlx=0
mysqlx_port=33060 mysqlx_port=33060
socket=/opt/bitnami/mysql/tmp/mysql.sock socket=/opt/bitnami/mysql/tmp/mysql.sock
@@ -36,12 +26,12 @@ data:
long_query_time=10.0 long_query_time=10.0
[client] [client]
port=3306 port={{ .apps.mysql.port }}
socket=/opt/bitnami/mysql/tmp/mysql.sock socket=/opt/bitnami/mysql/tmp/mysql.sock
default-character-set=UTF8 default-character-set=UTF8
plugin_dir=/opt/bitnami/mysql/lib/plugin plugin_dir=/opt/bitnami/mysql/lib/plugin
[manager] [manager]
port=3306 port={{ .apps.mysql.port }}
socket=/opt/bitnami/mysql/tmp/mysql.sock socket=/opt/bitnami/mysql/tmp/mysql.sock
pid-file=/opt/bitnami/mysql/tmp/mysqld.pid pid-file=/opt/bitnami/mysql/tmp/mysqld.pid

15
apps/mysql/kustomization.yaml Normal file
View File

@@ -0,0 +1,15 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: mysql
labels:
- includeSelectors: true
pairs:
app: mysql
managedBy: kustomize
partOf: wild-cloud
resources:
- namespace.yaml
- statefulset.yaml
- service.yaml
- service-headless.yaml
- configmap.yaml

17
apps/mysql/manifest.yaml Normal file
View File

@@ -0,0 +1,17 @@
name: mysql
description: MySQL is an open-source relational database management system
version: 8.4.5
icon: https://www.mysql.com/common/logos/logo-mysql-170x115.png
requires: []
defaultConfig:
image: docker.io/bitnami/mysql:8.4.5-debian-12-r0
port: 3306
storage: 20Gi
dbName: mysql
rootUser: root
user: mysql
timezone: UTC
enableSSL: false
requiredSecrets:
- apps.mysql.rootPassword
- apps.mysql.password

4
apps/mysql/namespace.yaml Normal file
View File

@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: mysql

31
apps/mysql/networkpolicy.yaml
View File

@@ -1,31 +0,0 @@
---
# Source: ghost/charts/mysql/templates/networkpolicy.yaml
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
name: ghost-mysql
namespace: "default"
labels:
app.kubernetes.io/instance: ghost
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mysql
app.kubernetes.io/version: 8.4.5
helm.sh/chart: mysql-12.3.4
app.kubernetes.io/part-of: mysql
spec:
podSelector:
matchLabels:
app.kubernetes.io/instance: ghost
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mysql
app.kubernetes.io/version: 8.4.5
helm.sh/chart: mysql-12.3.4
policyTypes:
- Ingress
- Egress
egress:
- {}
ingress:
# Allow connection from other cluster pods
- ports:
- port: 3306

23
apps/mysql/primary/pdb.yaml
View File

@@ -1,23 +0,0 @@
---
# Source: ghost/charts/mysql/templates/primary/pdb.yaml
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: ghost-mysql
namespace: "default"
labels:
app.kubernetes.io/instance: ghost
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mysql
app.kubernetes.io/version: 8.4.5
helm.sh/chart: mysql-12.3.4
app.kubernetes.io/part-of: mysql
app.kubernetes.io/component: primary
spec:
maxUnavailable: 1
selector:
matchLabels:
app.kubernetes.io/instance: ghost
app.kubernetes.io/name: mysql
app.kubernetes.io/part-of: mysql
app.kubernetes.io/component: primary

27
apps/mysql/primary/svc-headless.yaml
View File

@@ -1,27 +0,0 @@
---
# Source: ghost/charts/mysql/templates/primary/svc-headless.yaml
apiVersion: v1
kind: Service
metadata:
name: ghost-mysql-headless
namespace: "default"
labels:
app.kubernetes.io/instance: ghost
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mysql
app.kubernetes.io/version: 8.4.5
helm.sh/chart: mysql-12.3.4
app.kubernetes.io/part-of: mysql
app.kubernetes.io/component: primary
spec:
type: ClusterIP
clusterIP: None
publishNotReadyAddresses: true
ports:
- name: mysql
port: 3306
targetPort: mysql
selector:
app.kubernetes.io/instance: ghost
app.kubernetes.io/name: mysql
app.kubernetes.io/component: primary

29
apps/mysql/primary/svc.yaml
View File

@@ -1,29 +0,0 @@
---
# Source: ghost/charts/mysql/templates/primary/svc.yaml
apiVersion: v1
kind: Service
metadata:
name: ghost-mysql
namespace: "default"
labels:
app.kubernetes.io/instance: ghost
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mysql
app.kubernetes.io/version: 8.4.5
helm.sh/chart: mysql-12.3.4
app.kubernetes.io/part-of: mysql
app.kubernetes.io/component: primary
spec:
type: ClusterIP
sessionAffinity: None
ports:
- name: mysql
port: 3306
protocol: TCP
targetPort: mysql
nodePort: null
selector:
app.kubernetes.io/instance: ghost
app.kubernetes.io/name: mysql
app.kubernetes.io/part-of: mysql
app.kubernetes.io/component: primary

16
apps/mysql/service-headless.yaml Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: v1
kind: Service
metadata:
name: mysql-headless
namespace: mysql
spec:
type: ClusterIP
clusterIP: None
publishNotReadyAddresses: true
ports:
- name: mysql
port: {{ .apps.mysql.port }}
protocol: TCP
targetPort: mysql
selector:
component: primary

14
apps/mysql/service.yaml Normal file
View File

@@ -0,0 +1,14 @@
apiVersion: v1
kind: Service
metadata:
name: mysql
namespace: mysql
spec:
type: ClusterIP
ports:
- name: mysql
port: {{ .apps.mysql.port }}
protocol: TCP
targetPort: mysql
selector:
component: primary

17
apps/mysql/serviceaccount.yaml
View File

@@ -1,17 +0,0 @@
---
# Source: ghost/charts/mysql/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: ghost-mysql
namespace: "default"
labels:
app.kubernetes.io/instance: ghost
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mysql
app.kubernetes.io/version: 8.4.5
helm.sh/chart: mysql-12.3.4
app.kubernetes.io/part-of: mysql
automountServiceAccountToken: false
secrets:
- name: ghost-mysql

137
apps/mysql/primary/statefulset.yaml → apps/mysql/statefulset.yaml
View File

@@ -1,97 +1,57 @@
---
# Source: ghost/charts/mysql/templates/primary/statefulset.yaml
apiVersion: apps/v1 apiVersion: apps/v1
kind: StatefulSet kind: StatefulSet
metadata: metadata:
name: ghost-mysql name: mysql
namespace: "default" namespace: mysql
labels:
app.kubernetes.io/instance: ghost
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mysql
app.kubernetes.io/version: 8.4.5
helm.sh/chart: mysql-12.3.4
app.kubernetes.io/part-of: mysql
app.kubernetes.io/component: primary
spec: spec:
replicas: 1 replicas: 1
podManagementPolicy: "" podManagementPolicy: Parallel
selector: serviceName: mysql-headless
matchLabels:
app.kubernetes.io/instance: ghost
app.kubernetes.io/name: mysql
app.kubernetes.io/part-of: mysql
app.kubernetes.io/component: primary
serviceName: ghost-mysql-headless
updateStrategy: updateStrategy:
type: RollingUpdate type: RollingUpdate
selector:
matchLabels:
component: primary
template: template:
metadata: metadata:
annotations:
checksum/configuration: 959b0f76ba7e6be0aaaabf97932398c31b17bc9f86d3839a26a3bbbc48673cd9
labels: labels:
app.kubernetes.io/instance: ghost component: primary
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mysql
app.kubernetes.io/version: 8.4.5
helm.sh/chart: mysql-12.3.4
app.kubernetes.io/part-of: mysql
app.kubernetes.io/component: primary
spec: spec:
serviceAccountName: ghost-mysql serviceAccountName: default
automountServiceAccountToken: false automountServiceAccountToken: false
affinity:
podAffinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/instance: ghost
app.kubernetes.io/name: mysql
topologyKey: kubernetes.io/hostname
weight: 1
nodeAffinity:
securityContext: securityContext:
fsGroup: 1001 fsGroup: 1001
fsGroupChangePolicy: Always fsGroupChangePolicy: Always
supplementalGroups: []
sysctls: []
initContainers: initContainers:
- name: preserve-logs-symlinks - name: preserve-logs-symlinks
image: docker.io/bitnami/mysql:8.4.5-debian-12-r0 image: {{ .apps.mysql.image }}
imagePullPolicy: "IfNotPresent" imagePullPolicy: IfNotPresent
securityContext: securityContext:
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
capabilities: capabilities:
drop: drop:
- ALL - ALL
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
runAsGroup: 1001 runAsGroup: 1001
runAsNonRoot: true runAsNonRoot: true
runAsUser: 1001 runAsUser: 1001
seLinuxOptions: {}
seccompProfile: seccompProfile:
type: RuntimeDefault type: RuntimeDefault
resources: resources:
limits: limits:
cpu: 750m cpu: 250m
ephemeral-storage: 2Gi ephemeral-storage: 1Gi
memory: 768Mi memory: 256Mi
requests: requests:
cpu: 500m cpu: 100m
ephemeral-storage: 50Mi ephemeral-storage: 50Mi
memory: 512Mi memory: 128Mi
command: command:
- /bin/bash - /bin/bash
args: args:
- -ec - -ec
- | - |
#!/bin/bash #!/bin/bash
. /opt/bitnami/scripts/libfs.sh . /opt/bitnami/scripts/libfs.sh
# We copy the logs folder because it has symlinks to stdout and stderr # We copy the logs folder because it has symlinks to stdout and stderr
if ! is_dir_empty /opt/bitnami/mysql/logs; then if ! is_dir_empty /opt/bitnami/mysql/logs; then
@@ -102,39 +62,41 @@ spec:
mountPath: /emptydir mountPath: /emptydir
containers: containers:
- name: mysql - name: mysql
image: docker.io/bitnami/mysql:8.4.5-debian-12-r0 image: {{ .apps.mysql.image }}
imagePullPolicy: "IfNotPresent" imagePullPolicy: IfNotPresent
securityContext: securityContext:
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
capabilities: capabilities:
drop: drop:
- ALL - ALL
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
runAsGroup: 1001 runAsGroup: 1001
runAsNonRoot: true runAsNonRoot: true
runAsUser: 1001 runAsUser: 1001
seLinuxOptions: {}
seccompProfile: seccompProfile:
type: RuntimeDefault type: RuntimeDefault
env: env:
- name: BITNAMI_DEBUG - name: BITNAMI_DEBUG
value: "false" value: "false"
- name: MYSQL_ROOT_PASSWORD_FILE - name: MYSQL_ROOT_PASSWORD
value: /opt/bitnami/mysql/secrets/mysql-root-password valueFrom:
- name: MYSQL_ENABLE_SSL secretKeyRef:
value: "no" name: mysql-secrets
key: rootPassword
- name: MYSQL_USER - name: MYSQL_USER
value: "bn_ghost" value: {{ .apps.mysql.user }}
- name: MYSQL_PASSWORD_FILE - name: MYSQL_PASSWORD
value: /opt/bitnami/mysql/secrets/mysql-password valueFrom:
- name: MYSQL_PORT secretKeyRef:
value: "3306" name: mysql-secrets
key: password
- name: MYSQL_DATABASE - name: MYSQL_DATABASE
value: "bitnami_ghost" value: {{ .apps.mysql.dbName }}
envFrom: - name: MYSQL_PORT
value: "{{ .apps.mysql.port }}"
ports: ports:
- name: mysql - name: mysql
containerPort: 3306 containerPort: {{ .apps.mysql.port }}
livenessProbe: livenessProbe:
failureThreshold: 3 failureThreshold: 3
initialDelaySeconds: 5 initialDelaySeconds: 5
@@ -147,9 +109,6 @@ spec:
- -ec - -ec
- | - |
password_aux="${MYSQL_ROOT_PASSWORD:-}" password_aux="${MYSQL_ROOT_PASSWORD:-}"
if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
fi
mysqladmin status -uroot -p"${password_aux}" mysqladmin status -uroot -p"${password_aux}"
readinessProbe: readinessProbe:
failureThreshold: 3 failureThreshold: 3
@@ -163,9 +122,6 @@ spec:
- -ec - -ec
- | - |
password_aux="${MYSQL_ROOT_PASSWORD:-}" password_aux="${MYSQL_ROOT_PASSWORD:-}"
if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
fi
mysqladmin ping -uroot -p"${password_aux}" | grep "mysqld is alive" mysqladmin ping -uroot -p"${password_aux}" | grep "mysqld is alive"
startupProbe: startupProbe:
failureThreshold: 10 failureThreshold: 10
@@ -179,9 +135,6 @@ spec:
- -ec - -ec
- | - |
password_aux="${MYSQL_ROOT_PASSWORD:-}" password_aux="${MYSQL_ROOT_PASSWORD:-}"
if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
fi
mysqladmin ping -uroot -p"${password_aux}" | grep "mysqld is alive" mysqladmin ping -uroot -p"${password_aux}" | grep "mysqld is alive"
resources: resources:
limits: limits:
@@ -210,32 +163,18 @@ spec:
- name: config - name: config
mountPath: /opt/bitnami/mysql/conf/my.cnf mountPath: /opt/bitnami/mysql/conf/my.cnf
subPath: my.cnf subPath: my.cnf
- name: mysql-credentials
mountPath: /opt/bitnami/mysql/secrets/
volumes: volumes:
- name: config - name: config
configMap: configMap:
name: ghost-mysql name: mysql
- name: mysql-credentials
secret:
secretName: ghost-mysql
items:
- key: mysql-root-password
path: mysql-root-password
- key: mysql-password
path: mysql-password
- name: empty-dir - name: empty-dir
emptyDir: {} emptyDir: {}
volumeClaimTemplates: volumeClaimTemplates:
- metadata: - metadata:
name: data name: data
labels:
app.kubernetes.io/instance: ghost
app.kubernetes.io/name: mysql
app.kubernetes.io/component: primary
spec: spec:
accessModes: accessModes:
- "ReadWriteOnce" - ReadWriteOnce
resources: resources:
requests: requests:
storage: "8Gi" storage: {{ .apps.mysql.storage }}