From 548073391ecadec4d53fdfa7722b6df7fb155f6f Mon Sep 17 00:00:00 2001 From: Artis Krumins Date: Tue, 31 Mar 2026 13:01:37 +0300 Subject: [PATCH] Drupal: Pre-release hook, _installing file improvements --- drupal/Chart.yaml | 2 +- drupal/templates/_helpers.tpl | 25 +++++++++- drupal/templates/backup-volume.yaml | 2 +- drupal/templates/drupal-configmap.yaml | 4 ++ drupal/templates/pre-release-cleanup.yaml | 27 ++++++++++ drupal/templates/pre-release.yaml | 60 +++++++++++++++++++++++ drupal/templates/shell-deployment.yaml | 4 +- drupal/values.schema.json | 31 +++++++++++- drupal/values.yaml | 11 +++++ 9 files changed, 160 insertions(+), 6 deletions(-) create mode 100644 drupal/templates/pre-release-cleanup.yaml create mode 100644 drupal/templates/pre-release.yaml diff --git a/drupal/Chart.yaml b/drupal/Chart.yaml index b9dad8cd..97a94582 100644 --- a/drupal/Chart.yaml +++ b/drupal/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: drupal -version: 1.30.0 +version: 1.31.0 dependencies: - name: mariadb version: 7.5.x diff --git a/drupal/templates/_helpers.tpl b/drupal/templates/_helpers.tpl index 9d5abcdb..975152a3 100644 --- a/drupal/templates/_helpers.tpl +++ b/drupal/templates/_helpers.tpl @@ -428,9 +428,10 @@ wait set -e INSTALLING_FILE="{{ include "drupal.installing-file" . }}" - rm -f "$INSTALLING_FILE" || true + trap 'rm -f "$INSTALLING_FILE" || true' EXIT + {{ if and .Release.IsInstall .Values.referenceData.enabled -}} {{ include "drupal.import-reference-files" . }} {{- end }} @@ -708,6 +709,10 @@ fi ls -lh /backups/* {{- end }} +{{- define "drupal.cleanup-job" }} +rm -f "{{ include "drupal.installing-file" . }}" || true +{{- end }} + {{- define "mariadb.db-validation" -}} set -e @@ -739,6 +744,24 @@ fi {{- end }} +{{- define "drupal.pre-release-command" -}} + set -e + + {{- include "drupal.wait-for-db-command" . }} + + {{- if .Values.elasticsearch.enabled }} + {{ include "drupal.wait-for-elasticsearch-command" . }} + {{ end }} + + {{- if .Values.php.preupgrade.backup }} + {{- include "drupal.backup-command" . }} + {{- end }} + + {{- if .Values.php.preupgrade.command }} + {{- .Values.php.preupgrade.command }} + {{- end }} +{{- end }} + {{- define "cert-manager.api-version" }} {{- if ( .Capabilities.APIVersions.Has "cert-manager.io/v1" ) }} cert-manager.io/v1 diff --git a/drupal/templates/backup-volume.yaml b/drupal/templates/backup-volume.yaml index 7e72d723..201a9158 100644 --- a/drupal/templates/backup-volume.yaml +++ b/drupal/templates/backup-volume.yaml @@ -1,4 +1,4 @@ -{{- if .Values.backup.enabled }} +{{- if or .Values.backup.enabled ( or (ne .Values.php.preupgrade.command "") .Values.php.preupgrade.backup ) }} {{- if eq .Values.backup.storageClassName "silta-shared" }} {{- if eq ( include "silta-cluster.rclone.has-provisioner" $ ) "false" }} apiVersion: v1 diff --git a/drupal/templates/drupal-configmap.yaml b/drupal/templates/drupal-configmap.yaml index 56e6b558..946851b1 100644 --- a/drupal/templates/drupal-configmap.yaml +++ b/drupal/templates/drupal-configmap.yaml @@ -834,6 +834,10 @@ data: # Prevent requests during the site installation process. if [ {{ include "drupal.installation-in-progress-test" $ }} ]; then + PID=$(pgrep -o php-fpm || true) + if [ -n "$PID" ]; then + echo "Installation in progress, failing health check." > /proc/$PID/fd/2; + fi exit 1; fi diff --git a/drupal/templates/pre-release-cleanup.yaml b/drupal/templates/pre-release-cleanup.yaml new file mode 100644 index 00000000..3f72b5a1 --- /dev/null +++ b/drupal/templates/pre-release-cleanup.yaml @@ -0,0 +1,27 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: "{{ .Release.Name }}-cleanup" + labels: + {{- include "drupal.release_labels" . | nindent 4 }} +spec: + ttlSecondsAfterFinished: 0 + template: + metadata: + labels: + {{- include "drupal.release_labels" . | nindent 8 }} + spec: + enableServiceLinks: false + restartPolicy: Never + containers: + - name: cleanup + {{- include "drupal.php-container" . | nindent 8 }} + command: ["/bin/bash", "-c"] + args: + - | + {{- include "drupal.cleanup-job" . | nindent 12 }} + volumeMounts: + {{- include "drupal.volumeMounts" . | nindent 12 }} + serviceAccountName: {{ include "drupal.serviceAccountName" . }} + volumes: + {{- include "drupal.volumes" . | nindent 8 }} diff --git a/drupal/templates/pre-release.yaml b/drupal/templates/pre-release.yaml new file mode 100644 index 00000000..e3244de1 --- /dev/null +++ b/drupal/templates/pre-release.yaml @@ -0,0 +1,60 @@ +{{- if or (ne .Values.php.preupgrade.command "") .Values.php.preupgrade.backup }} +{{- $claimName := printf "%s-backup" .Release.Name }} +{{- if and ( eq $.Values.backup.storageClassName "silta-shared" ) ( eq ( include "silta-cluster.rclone.has-provisioner" $ ) "true" ) }} +{{- $claimName = printf "%s-backup2" .Release.Name }} +{{- end }} +{{- if lookup "v1" "PersistentVolumeClaim" .Release.Namespace $claimName }} +apiVersion: batch/v1 +kind: Job +metadata: + name: "{{ .Release.Name }}-pre-release" + labels: + {{- include "drupal.release_labels" . | nindent 4 }} + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + "helm.sh/hook": "pre-upgrade" + "helm.sh/hook-delete-policy": "before-hook-creation" +spec: + completions: 1 + backoffLimit: 0 + template: + metadata: + labels: + {{- include "drupal.release_labels" . | nindent 8 }} + spec: + restartPolicy: Never + enableServiceLinks: false + containers: + - name: pre-release + {{- include "drupal.php-container" . | nindent 8 }} + command: ["/bin/bash", "-c"] + args: + - | + {{- include "drupal.pre-release-command" . | nindent 12 }} + volumeMounts: + {{- include "drupal.volumeMounts" . | nindent 10 }} + {{- if .Values.php.preupgrade.backup }} + - name: {{ .Release.Name }}-backup + mountPath: /backups + {{- end }} + resources: + {{- .Values.php.preupgrade.resources | toYaml | nindent 10 }} + nodeSelector: + {{- .Values.php.preupgrade.nodeSelector | toYaml | nindent 8 }} + tolerations: + {{- include "drupal.tolerations" .Values.php.preupgrade.nodeSelector | nindent 8 }} + serviceAccountName: {{ include "drupal.serviceAccountName" . }} + volumes: + {{- include "drupal.volumes" . | nindent 8 }} + {{- if .Values.php.preupgrade.backup }} + - name: {{ .Release.Name }}-backup + persistentVolumeClaim: + {{- if and ( eq $.Values.backup.storageClassName "silta-shared" ) ( eq ( include "silta-cluster.rclone.has-provisioner" $ ) "true" ) }} + claimName: {{ .Release.Name }}-backup2 + {{- else }} + claimName: {{ .Release.Name }}-backup + {{- end }} + {{- end }} +{{- end }} +{{- end }} diff --git a/drupal/templates/shell-deployment.yaml b/drupal/templates/shell-deployment.yaml index 9debdc32..064733d1 100644 --- a/drupal/templates/shell-deployment.yaml +++ b/drupal/templates/shell-deployment.yaml @@ -61,7 +61,7 @@ spec: mountPath: /etc/ssh/authorized_keys subPath: authorizedKeys readOnly: true - {{- if .Values.backup.enabled }} + {{- if or .Values.backup.enabled ( or (ne .Values.php.preupgrade.command "") .Values.php.preupgrade.backup ) }} - name: {{ .Release.Name }}-backup mountPath: /backups readOnly: true @@ -119,7 +119,7 @@ spec: - name: shell-configmap configMap: name: {{ .Release.Name }}-shell - {{- if .Values.backup.enabled }} + {{- if or .Values.backup.enabled ( or (ne .Values.php.preupgrade.command "") .Values.php.preupgrade.backup ) }} - name: {{ .Release.Name }}-backup persistentVolumeClaim: {{- if and ( eq $.Values.backup.storageClassName "silta-shared" ) ( eq ( include "silta-cluster.rclone.has-provisioner" $ ) "true" ) }} diff --git a/drupal/values.schema.json b/drupal/values.schema.json index c8073afd..b58ef322 100644 --- a/drupal/values.schema.json +++ b/drupal/values.schema.json @@ -366,6 +366,35 @@ } } }, + "preupgrade": { + "type": "object", + "additionalProperties": false, + "properties": { + "backup": { "type": "boolean" }, + "command": { "type": "string" }, + "nodeSelector": { "type": "object" }, + "resources": { + "type": "object", + "additionalProperties": false, + "properties": { + "requests": { + "type": "object", + "properties": { + "cpu": { "type": ["integer", "string"] }, + "memory": { "type": "string" } + } + }, + "limits": { + "type": "object", + "properties": { + "cpu": { "type": ["integer", "string"] }, + "memory": { "type": "string" } + } + } + } + } + } + }, "postupgrade": { "type": "object", "additionalProperties": false, @@ -582,7 +611,7 @@ } } } - }, + }, "mariadb": { "type": "object", "properties": { diff --git a/drupal/values.yaml b/drupal/values.yaml index 34da8b0b..73672f3f 100644 --- a/drupal/values.yaml +++ b/drupal/values.yaml @@ -363,6 +363,17 @@ php: afterCommand: | + # Executes before the environment is installed. Could be useful for backups before environment is upgraded. + preupgrade: + backup: false + command: "" + resources: + requests: + cpu: 500m + memory: 488Mi + limits: + memory: 488Mi + # Pass additional environment variables to all php containers as key-value pairs. env: {}