Merge branch '1107-restart-nextcloud-on-change-in-setup-apps' into 'main'

Resolve "Restart nextcloud on change in setup-apps" Closes #1107 See merge request !579

Merge branch '1107-restart-nextcloud-on-change-in-setup-apps' into 'main'
Resolve "Restart nextcloud on change in setup-apps" Closes #1107 See merge request !579
2f7fbdb0 · Arie Peterson · fe6f4831 · 8f9bc73a · 2f7fbdb0 · 2f7fbdb0
Commit 2f7fbdb0 authored 8 months ago by Arie Peterson
--- a/templates/job-setup-apps.yaml
+++ b/templates/job-setup-apps.yaml
@@ -21,5 +21,25 @@ spec:
      serviceAccountName: {{ .Release.Name }}-setup-apps-job
      containers:
      - name: setup-apps-job
-        image: docker.io/bitnami/kubectl:1.25
-        command: ["kubectl", "exec", "deploy/{{ .Release.Name }}-nextcloud", "-n", {{ .Release.Namespace }}, "--", "/bin/bash", "/var/local/setup-apps.sh"]
+        image: docker.io/bitnami/kubectl:1.28
+        command:
+        - /bin/bash
+        - -c
+        - >
+          pod=$(kubectl get pod -n {{ .Release.Namespace }} -l app.kubernetes.io/name=nextcloud --no-headers -o custom-columns=":metadata.name" | head -n 1)
+          && cp -L /scripts/setup-apps.sh /tmp/setup-apps.sh
+          && kubectl cp
+          -n {{ .Release.Namespace }}
+          /tmp/setup-apps.sh
+          $pod:/tmp/setup-apps.sh
+          && kubectl exec
+          -n {{ .Release.Namespace }}
+          deploy/{{ .Release.Name }}-nextcloud
+          -- /bin/bash /tmp/setup-apps.sh
+        volumeMounts:
+        - mountPath: /scripts
+          name: setup-apps
+      volumes:
+      - name: setup-apps
+        configMap:
+          name: "{{ .Release.Name }}-setup-apps"
--- a/templates/nextcloud-onlyoffice-config.yaml
+++ b/templates/nextcloud-onlyoffice-config.yaml
@@ -10,172 +10,6 @@ metadata:
    app.kubernetes.io/instance: {{ .Release.Name | quote }}
    helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
 data:
-  setup-apps.sh: |
-    #!/bin/bash
-
-    set -o errexit
-
-    # This script gets executed by the Kubernetes Job `{{ .Release.Name }}-setup-apps`,
-    # which gets created by Helm after every chart install and upgrade.
-    #
-    # The script:
-    #
-    #   * Installs all apps declared in the `apps` helm values array
-    #     * Installs all apps
-    #     * Updates pinned apps if their pinned version has changed
-    #     * Always updates unpinned apps to their newest version
-    #   * Runs upgrade routines after installation of a new release or new
-    #     pinned apps.
-    #   * Configures single-sign-on
-    #   * Loads Nextcloud config from the config.json
-    #   * Updates database indices, columns, keys, etc needed after NC upgrade
-
-    # Copied from the NC docker entrypoint to run OCC commands
-    run_as() {
-        if [ "$(id -u)" = 0 ]; then
-            su -p "www-data" -s /bin/sh -c "$1"
-        else
-            sh -c "$1"
-        fi
-    }
-
-    echo "STARTING SETUP-APPS.SH"
-
-    # Starting in version 0.15.18 of this chart (Stackspin 2.10), we no longer
-    # copy config.json from /var/local to the web root. We remove the copied
-    # file if we think we can safely do so.
-    if [ -f /var/www/html/config.json ]
-    then
-        echo "Found copy of config.json in web root."
-        if diff -q /var/www/html/config.json /var/local/config.json >/dev/null
-        then
-            echo "It's identical to the current config from the configmap."
-            echo "Deleting it from the web root."
-            rm /var/www/html/config.json
-        else
-            echo "It's different from the current config from the configmap."
-            echo "Keeping it around for manual reconciliation."
-        fi
-    fi
-
-    occ="/var/www/html/occ"
-    count=0
-    limit=10
-
-    # There's a nextcloud setup process. First, wait for `occ` to exist
-    until [ -f "$occ" ] || [ "$count" -gt "$limit" ]
-    do
-        count=$((count+1))
-        wait=$((count*10))
-        echo "$occ doesn't exist yet, waiting $wait seconds"
-        sleep $wait
-    done
-
-    echo "$occ now exists!"
-
-    count=0
-
-    # As soon as the $occ command exist, we know that we can run occ, but
-    # Nextcloud might still be initializing, we use `occ` to find out whether
-    # the installation process has finished, and then we continue.
-    until [[ $(run_as "php occ status --output json") =~ '"installed":true' ]] || [ "$count" -gt "$limit" ]
-    do
-        count=$((count+1))
-        wait=$((count*10))
-        echo "Nextcloud is not installed yet. Waiting $wait seconds..."
-        sleep $wait
-    done
-
-    echo "Nextcloud is now installed, we can do our thing!"
-
-    app_versions=$(run_as "php $occ app:list --output json")
-
-    echo "app versions found"
-
-    # Install all apps declared in the `apps` helm values array
-    {{- range $apps_type, $apps := .Values.apps }}
-    {{- range $apps }}  
-    {{- if not .name }}
-      echo "Skipping app {{ . }} without name variable set"
-    {{- else if .version }}
-    # Apps with a pinned version number are downloaded from GitHub so we can
-    # update the pin with Renovatebot
-
-    desired_version=$(echo "{{ .version }}" | sed 's/^v//')
-
-    if [[ $app_versions =~ '"{{ .name }}":"'"$desired_version"'"' ]]
-    then
-      echo "Pinned app {{ .name }} is up-to-date at version {{ .version }}"
-    else
-      echo "No match in ${app_versions} for \"{{ .name }}\":\"$desired_version\","
-      echo "Installing app {{ .github_repository }} version '{{ .version }}'"
-      # Where to install the app
-      target_directory="/var/www/html/custom_apps"
-      # We need to edit $ to be able to use `tpl` inside a `range`,
-      # see https://github.com/helm/helm/issues/5979#issuecomment-518231758 .
-      # This allows us to use version variable in the `release_filename` or
-      # `raw_url`.
-      {{- $_ := set $ "version" .version}}
-      {{- if .raw_url }}
-      url="{{ tpl .raw_url $ }}"
-      {{- else }}
-      url="https://github.com/{{ .github_repository }}/releases/download/{{ .version }}/{{ tpl .release_filename $ }}"
-      {{- end }} # end if .raw_url
-      curl "$url" -Lo "{{ .name }}.tar.gz"
-      # If the above url results in a 404, curl will not complain and store the
-      # body of the 404 in the file :/. So we check here whether we actually
-      # got a valid archive; `tar` will fail if not.
-      tar -tf "{{ .name }}.tar.gz" >/dev/null
-      # Remove old version of the app
-      if [[ -d "$target_directory/{{ .name }}" ]]
-      then
-        rm -r "$target_directory/{{ .name }}"
-      fi
-      # Extract app into target directory. The app tars usually contain a folder
-      # named after the app name
-      tar -xf "{{ .name }}.tar.gz" -C "$target_directory"
-      # Ownership in the archive can be anything. Nextcloud wants it to be
-      # www-data.
-      chown -R 33:33 "$target_directory"
-      rm "{{ .name }}.tar.gz"
-    fi
-    {{- else }}
-    # Unpinned app
-    if [[ "$app_versions" =~ '"{{ .name }}"' ]]
-    then
-        # Update the app to its latest version
-        echo "Updating unpinned app {{ .name }}"
-        run_as "php $occ app:update {{ .name }} --no-interaction"
-    else
-        echo "Installing app {{ .name }}"
-        run_as "php $occ app:install {{ .name }} --keep-disabled --no-interaction"
-    fi
-    {{ end }} # end if and .github_repository .version
-    {{- if .enabled }}
-    # Enable {{ .name }} app
-    run_as "php $occ app:enable {{ .name }}"
-    {{- end }} # end if .enabled
-    {{- end }} # end range $apps
-    {{- end }} # end range .Values.apps
-
-    # Some of the manually installed apps might need to run upgrade scripts, run
-    # them now
-    run_as "php $occ upgrade"
-
-    # Config settings from the configmap above
-    run_as "php $occ config:import /var/local/config.json"
-
-    echo "Updating database indices, columns, keys, etc."
-    run_as "php $occ db:add-missing-indices --no-interaction"
-    run_as "php $occ db:add-missing-columns --no-interaction"
-    run_as "php $occ db:add-missing-primary-keys --no-interaction"
-    run_as "php $occ db:convert-filecache-bigint --no-interaction"
-
-    {{- if .Values.scim.token }}
-    set -x
-    run_as "php $occ config:app:set scimserviceprovider jwt-secret --value="'"{{ .Values.scim.token }}"'
-    {{- end }}
-  #
  # All values in config.json are applied by the nextcloud occ command
  #   config:import.
  # system.trusted_proxies contains a list of proxies that are considered
@@ -200,7 +34,6 @@ data:
  # apps.core.backgroundjobs_mode set to cron disables the unreliable ajax
  #   scheduling that is enabled by default. Ajax scheduling is not needed
  #   because cronjobs are regularly executed by a kubernetes resource.
-  #
  config.json: |
    {
        "system":{

--- a/templates/setup-apps-configmap.yaml
+++ b/templates/setup-apps-configmap.yaml
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: "{{ .Release.Name }}-setup-apps"
+  labels:
+    app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
+    app.kubernetes.io/instance: {{ .Release.Name | quote }}
+    helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+data:
+  setup-apps.sh: |
+    #!/bin/bash
+
+    set -o errexit
+
+    # This script gets executed by the Kubernetes Job `{{ .Release.Name }}-setup-apps`,
+    # which gets created by Helm after every chart install and upgrade.
+    #
+    # The script:
+    #
+    #   * Installs all apps declared in the `apps` helm values array
+    #     * Installs all apps
+    #     * Updates pinned apps if their pinned version has changed
+    #     * Always updates unpinned apps to their newest version
+    #   * Runs upgrade routines after installation of a new release or new
+    #     pinned apps.
+    #   * Configures single-sign-on
+    #   * Loads Nextcloud config from the config.json
+    #   * Updates database indices, columns, keys, etc needed after NC upgrade
+
+    # Copied from the NC docker entrypoint to run OCC commands
+    run_as() {
+        if [ "$(id -u)" = 0 ]; then
+            su -p "www-data" -s /bin/sh -c "$1"
+        else
+            sh -c "$1"
+        fi
+    }
+
+    echo "STARTING SETUP-APPS.SH"
+
+    # Starting in version 0.15.18 of this chart (Stackspin 2.10), we no longer
+    # copy config.json from /var/local to the web root. We remove the copied
+    # file if we think we can safely do so.
+    if [ -f /var/www/html/config.json ]
+    then
+        echo "Found copy of config.json in web root."
+        if diff -q /var/www/html/config.json /var/local/config.json >/dev/null
+        then
+            echo "It's identical to the current config from the configmap."
+            echo "Deleting it from the web root."
+            rm /var/www/html/config.json
+        else
+            echo "It's different from the current config from the configmap."
+            echo "Keeping it around for manual reconciliation."
+        fi
+    fi
+
+    occ="/var/www/html/occ"
+    count=0
+    limit=10
+
+    # There's a nextcloud setup process. First, wait for `occ` to exist
+    until [ -f "$occ" ] || [ "$count" -gt "$limit" ]
+    do
+        count=$((count+1))
+        wait=$((count*10))
+        echo "$occ doesn't exist yet, waiting $wait seconds"
+        sleep $wait
+    done
+
+    echo "$occ now exists!"
+
+    count=0
+
+    # As soon as the $occ command exist, we know that we can run occ, but
+    # Nextcloud might still be initializing, we use `occ` to find out whether
+    # the installation process has finished, and then we continue.
+    until [[ $(run_as "php occ status --output json") =~ '"installed":true' ]] || [ "$count" -gt "$limit" ]
+    do
+        count=$((count+1))
+        wait=$((count*10))
+        echo "Nextcloud is not installed yet. Waiting $wait seconds..."
+        sleep $wait
+    done
+
+    echo "Nextcloud is now installed, we can do our thing!"
+
+    app_versions=$(run_as "php $occ app:list --output json")
+
+    echo "app versions found"
+
+    # Install all apps declared in the `apps` helm values array
+    {{- range $apps_type, $apps := .Values.apps }}
+    {{- range $apps }}  
+    {{- if not .name }}
+      echo "Skipping app {{ . }} without name variable set"
+    {{- else if .version }}
+    # Apps with a pinned version number are downloaded from GitHub so we can
+    # update the pin with Renovatebot
+
+    desired_version=$(echo "{{ .version }}" | sed 's/^v//')
+
+    if [[ $app_versions =~ '"{{ .name }}":"'"$desired_version"'"' ]]
+    then
+      echo "Pinned app {{ .name }} is up-to-date at version {{ .version }}"
+    else
+      echo "No match in ${app_versions} for \"{{ .name }}\":\"$desired_version\","
+      echo "Installing app {{ .github_repository }} version '{{ .version }}'"
+      # Where to install the app
+      target_directory="/var/www/html/custom_apps"
+      # We need to edit $ to be able to use `tpl` inside a `range`,
+      # see https://github.com/helm/helm/issues/5979#issuecomment-518231758 .
+      # This allows us to use version variable in the `release_filename` or
+      # `raw_url`.
+      {{- $_ := set $ "version" .version}}
+      {{- if .raw_url }}
+      url="{{ tpl .raw_url $ }}"
+      {{- else }}
+      url="https://github.com/{{ .github_repository }}/releases/download/{{ .version }}/{{ tpl .release_filename $ }}"
+      {{- end }} # end if .raw_url
+      curl "$url" -Lo "{{ .name }}.tar.gz"
+      # If the above url results in a 404, curl will not complain and store the
+      # body of the 404 in the file :/. So we check here whether we actually
+      # got a valid archive; `tar` will fail if not.
+      tar -tf "{{ .name }}.tar.gz" >/dev/null
+      # Remove old version of the app
+      if [[ -d "$target_directory/{{ .name }}" ]]
+      then
+        rm -r "$target_directory/{{ .name }}"
+      fi
+      # Extract app into target directory. The app tars usually contain a folder
+      # named after the app name
+      tar -xf "{{ .name }}.tar.gz" -C "$target_directory"
+      # Ownership in the archive can be anything. Nextcloud wants it to be
+      # www-data.
+      chown -R 33:33 "$target_directory"
+      rm "{{ .name }}.tar.gz"
+    fi
+    {{- else }}
+    # Unpinned app
+    if [[ "$app_versions" =~ '"{{ .name }}"' ]]
+    then
+        # Update the app to its latest version
+        echo "Updating unpinned app {{ .name }}"
+        run_as "php $occ app:update {{ .name }} --no-interaction"
+    else
+        echo "Installing app {{ .name }}"
+        run_as "php $occ app:install {{ .name }} --keep-disabled --no-interaction"
+    fi
+    {{ end }} # end if and .github_repository .version
+    {{- if .enabled }}
+    # Enable {{ .name }} app
+    run_as "php $occ app:enable {{ .name }}"
+    {{- end }} # end if .enabled
+    {{- end }} # end range $apps
+    {{- end }} # end range .Values.apps
+
+    # Some of the manually installed apps might need to run upgrade scripts, run
+    # them now
+    run_as "php $occ upgrade"
+
+    # Config settings from the configmap above
+    run_as "php $occ config:import /var/local/config.json"
+
+    echo "Updating database indices, columns, keys, etc."
+    run_as "php $occ db:add-missing-indices --no-interaction"
+    run_as "php $occ db:add-missing-columns --no-interaction"
+    run_as "php $occ db:add-missing-primary-keys --no-interaction"
+    run_as "php $occ db:convert-filecache-bigint --no-interaction"
+
+    {{- if .Values.scim.token }}
+    set -x
+    run_as "php $occ config:app:set scimserviceprovider jwt-secret --value="'"{{ .Values.scim.token }}"'
+    {{- end }}