From 11ebd136a5d0e8eb20ea64a6eab5bfeea2d2a346 Mon Sep 17 00:00:00 2001 From: Your Name Date: Wed, 16 Apr 2025 09:32:42 +0200 Subject: [PATCH 1/5] fix with secrets jwt --- templates/collaboration/deployment.yaml | 36 ++++++++++--------------- templates/opencloud/deployment.yaml | 12 +++++++++ templates/opencloud/secrets.yaml | 15 +++++++++++ values.yaml | 5 +++- 4 files changed, 45 insertions(+), 23 deletions(-) create mode 100644 templates/opencloud/secrets.yaml diff --git a/templates/collaboration/deployment.yaml b/templates/collaboration/deployment.yaml index c0ad91d..9eeb7e5 100644 --- a/templates/collaboration/deployment.yaml +++ b/templates/collaboration/deployment.yaml @@ -7,6 +7,8 @@ metadata: labels: {{- include "opencloud.labels" . | nindent 4 }} app.kubernetes.io/component: collaboration + annotations: + helm.sh/hook-weight: "10" spec: replicas: 1 selector: @@ -25,18 +27,7 @@ spec: # Wait for OpenCloud to be ready - name: wait-for-opencloud image: busybox - command: ['sh', '-c', 'until wget -q -O- http://{{ include "opencloud.opencloud.fullname" . }}:9200/health; do echo waiting for opencloud; sleep 5; done;'] - - {{- if not .Values.opencloud.persistence.enabled }} - # Copy config from OpenCloud API if persistence is disabled - - name: copy-config - image: busybox - command: ['sh', '-c', 'mkdir -p /etc/opencloud && wget -q -O /etc/opencloud/config.json http://{{ include "opencloud.opencloud.fullname" . }}:9200/api/v1/config/secrets || echo "Failed to get config from OpenCloud"'] - volumeMounts: - - name: etc-opencloud - mountPath: /etc/opencloud - {{- end }} - + command: ['sh', '-c', 'until wget -q -O- http://{{ include "opencloud.opencloud.fullname" . }}:9200/health; do echo waiting for opencloud; sleep 5; done;'] # Wait for OnlyOffice to be ready - name: wait-for-onlyoffice image: busybox @@ -76,6 +67,16 @@ spec: value: "{{ .Values.opencloud.logLevel }}" - name: OC_URL value: "https://{{ include "opencloud.domain" . }}" + - name: OC_JWT_SECRET + valueFrom: + secretKeyRef: + name: {{ include "opencloud.fullname" . }}-oc-secrets + key: jwt-secret + - name: COLLABORATION_WOPI_SECRET + valueFrom: + secretKeyRef: + name: {{ include "opencloud.fullname" . }}-oc-secrets + key: wopi-secret ports: - name: http containerPort: 9300 @@ -96,19 +97,10 @@ spec: initialDelaySeconds: 200 periodSeconds: 5 failureThreshold: 1 - volumeMounts: - - name: etc-opencloud - mountPath: /etc/opencloud resources: {{- toYaml .Values.onlyoffice.collaboration.resources | nindent 12 }} volumes: - name: etc-opencloud - {{- if .Values.opencloud.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "opencloud.opencloud.fullname" . }}-config - readOnly: true - {{- else }} - # If persistence is disabled, use an init container to copy the config + # Use emptyDir instead of mounting the PVC to avoid conflicts emptyDir: {} - {{- end }} {{- end }} diff --git a/templates/opencloud/deployment.yaml b/templates/opencloud/deployment.yaml index 90f6752..42e1341 100644 --- a/templates/opencloud/deployment.yaml +++ b/templates/opencloud/deployment.yaml @@ -245,6 +245,18 @@ spec: - name: STORAGE_SYSTEM_DRIVER value: "decomposed" + # Collaboration secrets + - name: OC_JWT_SECRET + valueFrom: + secretKeyRef: + name: {{ include "opencloud.fullname" . }}-oc-secrets + key: jwt-secret + - name: OC_WOPI_SECRET + valueFrom: + secretKeyRef: + name: {{ include "opencloud.fullname" . }}-oc-secrets + key: wopi-secret + # S3 storage configuration - name: STORAGE_USERS_DECOMPOSEDS3_ENDPOINT value: {{ if .Values.opencloud.storage.s3.external.enabled }}{{ .Values.opencloud.storage.s3.external.endpoint | quote }}{{ else }}"http://{{ include "opencloud.minio.fullname" . }}:9000"{{ end }} diff --git a/templates/opencloud/secrets.yaml b/templates/opencloud/secrets.yaml new file mode 100644 index 0000000..f80b01f --- /dev/null +++ b/templates/opencloud/secrets.yaml @@ -0,0 +1,15 @@ +{{- if and .Values.onlyoffice.collaboration.enabled .Values.onlyoffice.enabled }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "opencloud.fullname" . }}-oc-secrets + namespace: {{ .Values.namespace }} + labels: + {{- include "opencloud.labels" . | nindent 4 }} + app.kubernetes.io/component: collaboration +data: + # Generate a random JWT secret if not provided + jwt-secret: {{ .Values.opencloud.jwtSecret | default (randAlphaNum 32) | b64enc }} + # Generate a random WOPI secret if not provided + wopi-secret: {{ .Values.opencloud.wopiSecret | default (randAlphaNum 32) | b64enc }} +{{- end }} diff --git a/values.yaml b/values.yaml index ce4b0c1..ad47eb7 100644 --- a/values.yaml +++ b/values.yaml @@ -16,7 +16,6 @@ # 5. OnlyOffice Secret Keys: secret.inbox/outbox/session.string: B8LjkNqGxn6gf8bkuBUiMwyuCFwFddnu # 6. RabbitMQ: url: amqp://guest:guest@localhost - # ===================================================================== # GLOBAL SETTINGS # ===================================================================== @@ -364,6 +363,10 @@ image: opencloud: # Enable OpenCloud enabled: true + # JWT secret for collaboration (will be auto-generated if not provided) + jwtSecret: "" + # WOPI secret for collaboration (will be auto-generated if not provided) + wopiSecret: "" # Number of replicas (Note: When using multiple replicas, persistence should be disabled # or use a storage class that supports ReadWriteMany access mode) replicas: 1 From 9ac77ad56d5750c59ed60ebf3647962faf06678f Mon Sep 17 00:00:00 2001 From: Your Name Date: Wed, 16 Apr 2025 15:44:29 +0200 Subject: [PATCH 2/5] fix added secrets as ENV for collaboration --- README.md | 127 ++---------------------- templates/collaboration/deployment.yaml | 36 +++---- templates/opencloud/deployment.yaml | 14 +++ templates/opencloud/secrets.yaml | 15 +++ values.yaml | 5 +- 5 files changed, 55 insertions(+), 142 deletions(-) create mode 100644 templates/opencloud/secrets.yaml diff --git a/README.md b/README.md index fec6fc3..e76b034 100644 --- a/README.md +++ b/README.md @@ -4,55 +4,13 @@ Welcome to the **OpenCloud Helm Charts** repository! This repository is intended as a community-driven space for developing and maintaining Helm charts for deploying OpenCloud on Kubernetes. -## πŸ“‘ Table of Contents - -- [About](#-about) -- [Community](#-community) -- [Contributing](#-contributing) -- [Prerequisites](#prerequisites) -- [Installing the Helm Charts](#-installing-the-helm-charts) -- [Architecture](#architecture) - - [Component Interaction Diagram](#component-interaction-diagram) -- [Configuration](#configuration) - - [Global Settings](#global-settings) - - [Image Settings](#image-settings) - - [OpenCloud Settings](#opencloud-settings) - - [Keycloak Settings](#keycloak-settings) - - [PostgreSQL Settings](#postgresql-settings) - - [OnlyOffice Settings](#onlyoffice-settings) - - [Collabora Settings](#collabora-settings) - - [Collaboration Service Settings](#collaboration-service-settings) -- [Cilium Gateway API Configuration](#cilium-gateway-api-configuration) - - [Cilium HTTPRoute Settings](#cilium-httproute-settings) -- [Setting Up Gateway API with Talos, Cilium, and cert-manager](#setting-up-gateway-api-with-talos-cilium-and-cert-manager) -- [Installing the DEV Helm Charts](#-installing-the-dev-helm-charts) -- [License](#-license) -- [Community Maintained](#community-maintained) - ## πŸš€ About This repository is created to **welcome contributions from the community**. It does not contain official charts from OpenCloud GmbH and is **not officially supported by OpenCloud GmbH**. Instead, these charts are maintained by the open-source community. -OpenCloud is a cloud collaboration platform that provides file sync and share, document collaboration, and more. This Helm chart deploys OpenCloud with Keycloak for authentication, MinIO for object storage, and multiple options for document editing including Collabora and OnlyOffice. - -## πŸ’¬ Community - -Join our Matrix chat for discussions about OpenCloud Helm Charts: -- [OpenCloud Helm on Matrix](https://matrix.to/#/%23opencloud-helm:matrix.org) - -For general OpenCloud discussions: -- [OpenCloud on Matrix](https://matrix.to/#/%23opencloud:matrix.org) -- [OpenCloud on Mastodon](https://social.opencloud.eu/@OpenCloud) -- [GitHub Discussions](https://github.com/orgs/opencloud-eu/discussions) - -## πŸ’‘ Contributing +## Introduction -We encourage contributions from the community! If you'd like to contribute: -- Fork this repository -- Submit a Pull Request -- Discuss and collaborate on issues - -Please ensure that your PR follows best practices and includes necessary documentation. +OpenCloud is a cloud collaboration platform that provides file sync and share, document collaboration, and more. This Helm chart deploys OpenCloud with Keycloak for authentication, MinIO for object storage, and multiple options for document editing including Collabora and OnlyOffice. ## Prerequisites @@ -661,83 +619,14 @@ kubectl get pods -n opencloud -l app.kubernetes.io/component=onlyoffice-redis kubectl get pods -n opencloud -l app.kubernetes.io/component=onlyoffice-rabbitmq ``` -## πŸ“¦ Installing the DEV Helm Charts - -Spin up a temporary local instance of OpenCloud using a single Docker image. - -**Note:** This chart is primarily intended for Kubernetes deployment development and testing environments, -not for production use. It provides a simplified setup with minimal configuration. - -This version deploys opencloud as a single Docker image as described here: -https://docs.opencloud.eu/docs/admin/getting-started/docker/docker - -Deployment from the file system: - -``` -$ helm install opencloud -n opencloud --create-namespace ./opencloud-dev --set=adminPassword="" --set=url="" -``` - -It is important that the public-url is reachable, and forwarded to the backend-service opencloud-service:443, -otherwise login will not be possible or the message "missing or invalid config" is shown. - -For testing with the default settings port-forwarding from localhost can be used: - -``` -$ helm install opencloud -n opencloud --create-namespace ./opencloud-dev - - Release "opencloud" does not exist. Installing it now. - NAME: opencloud - LAST DEPLOYED: Wed Apr 2 01:16:19 2025 - NAMESPACE: opencloud - STATUS: deployed - REVISION: 1 - TEST SUITE: None -``` - -Establish a port-forwarding from localhost - -``` -$ kubectl port-forward -n opencloud svc/opencloud-service 9200:443 - - Forwarding from 127.0.0.1:9200 -> 9200 - Forwarding from [::1]:9200 -> 9200 - ... -``` - -Now open in a browser the url: [https://localhost:9200](https://localhost:9200) while -the port forwarding is active. - -You need to accept the risc of a self signed certificate. -(see [Common Issues & Help](https://docs.opencloud.eu/docs/admin/getting-started/docker/#troubleshooting)) in -the getting started with Docker documentation. - -Now you can login with the default admin / admin - -If you want to change the public URL you can upgrade the deployment with the following command: - -``` -$ helm upgrade opencloud -n opencloud ./charts/opencloud-dev --set=url="" - - Release "opencloud" has been upgraded. Happy Helming! - NAME: opencloud - LAST DEPLOYED: Wed Apr 2 01:42:51 2025 - NAMESPACE: opencloud - STATUS: deployed - REVISION: 2 - TEST SUITE: None -``` - -The opencloud deployment will be restarted and is availble after a few seconds configured for the new url. - -If you want to uninstall opencloud this can be done with - -``` -$ helm uninstall -n opencloud opencloud +## πŸ’‘ Contributing - release "opencloud" uninstalled -``` +We encourage contributions from the community! If you'd like to contribute: +- Fork this repository +- Submit a Pull Request +- Discuss and collaborate on issues -The data PVC is configured to be kept, so it will survive uninstall and install of opencloud-dev +Please ensure that your PR follows best practices and includes necessary documentation. ## πŸ“œ License diff --git a/templates/collaboration/deployment.yaml b/templates/collaboration/deployment.yaml index c0ad91d..9eeb7e5 100644 --- a/templates/collaboration/deployment.yaml +++ b/templates/collaboration/deployment.yaml @@ -7,6 +7,8 @@ metadata: labels: {{- include "opencloud.labels" . | nindent 4 }} app.kubernetes.io/component: collaboration + annotations: + helm.sh/hook-weight: "10" spec: replicas: 1 selector: @@ -25,18 +27,7 @@ spec: # Wait for OpenCloud to be ready - name: wait-for-opencloud image: busybox - command: ['sh', '-c', 'until wget -q -O- http://{{ include "opencloud.opencloud.fullname" . }}:9200/health; do echo waiting for opencloud; sleep 5; done;'] - - {{- if not .Values.opencloud.persistence.enabled }} - # Copy config from OpenCloud API if persistence is disabled - - name: copy-config - image: busybox - command: ['sh', '-c', 'mkdir -p /etc/opencloud && wget -q -O /etc/opencloud/config.json http://{{ include "opencloud.opencloud.fullname" . }}:9200/api/v1/config/secrets || echo "Failed to get config from OpenCloud"'] - volumeMounts: - - name: etc-opencloud - mountPath: /etc/opencloud - {{- end }} - + command: ['sh', '-c', 'until wget -q -O- http://{{ include "opencloud.opencloud.fullname" . }}:9200/health; do echo waiting for opencloud; sleep 5; done;'] # Wait for OnlyOffice to be ready - name: wait-for-onlyoffice image: busybox @@ -76,6 +67,16 @@ spec: value: "{{ .Values.opencloud.logLevel }}" - name: OC_URL value: "https://{{ include "opencloud.domain" . }}" + - name: OC_JWT_SECRET + valueFrom: + secretKeyRef: + name: {{ include "opencloud.fullname" . }}-oc-secrets + key: jwt-secret + - name: COLLABORATION_WOPI_SECRET + valueFrom: + secretKeyRef: + name: {{ include "opencloud.fullname" . }}-oc-secrets + key: wopi-secret ports: - name: http containerPort: 9300 @@ -96,19 +97,10 @@ spec: initialDelaySeconds: 200 periodSeconds: 5 failureThreshold: 1 - volumeMounts: - - name: etc-opencloud - mountPath: /etc/opencloud resources: {{- toYaml .Values.onlyoffice.collaboration.resources | nindent 12 }} volumes: - name: etc-opencloud - {{- if .Values.opencloud.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "opencloud.opencloud.fullname" . }}-config - readOnly: true - {{- else }} - # If persistence is disabled, use an init container to copy the config + # Use emptyDir instead of mounting the PVC to avoid conflicts emptyDir: {} - {{- end }} {{- end }} diff --git a/templates/opencloud/deployment.yaml b/templates/opencloud/deployment.yaml index 61c11a2..42e1341 100644 --- a/templates/opencloud/deployment.yaml +++ b/templates/opencloud/deployment.yaml @@ -156,6 +156,8 @@ spec: value: "{{ .Values.global.domain.onlyoffice }}" - name: COMPANION_DOMAIN value: "{{ .Values.global.domain.companion }}" + - name: SEARCH_EXTRACTOR_TIKA_TIKA_URL + value: "http://{{ include "opencloud.tika.fullname" . }}:9998" # Sharing settings - name: OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD value: "false" @@ -243,6 +245,18 @@ spec: - name: STORAGE_SYSTEM_DRIVER value: "decomposed" + # Collaboration secrets + - name: OC_JWT_SECRET + valueFrom: + secretKeyRef: + name: {{ include "opencloud.fullname" . }}-oc-secrets + key: jwt-secret + - name: OC_WOPI_SECRET + valueFrom: + secretKeyRef: + name: {{ include "opencloud.fullname" . }}-oc-secrets + key: wopi-secret + # S3 storage configuration - name: STORAGE_USERS_DECOMPOSEDS3_ENDPOINT value: {{ if .Values.opencloud.storage.s3.external.enabled }}{{ .Values.opencloud.storage.s3.external.endpoint | quote }}{{ else }}"http://{{ include "opencloud.minio.fullname" . }}:9000"{{ end }} diff --git a/templates/opencloud/secrets.yaml b/templates/opencloud/secrets.yaml new file mode 100644 index 0000000..f80b01f --- /dev/null +++ b/templates/opencloud/secrets.yaml @@ -0,0 +1,15 @@ +{{- if and .Values.onlyoffice.collaboration.enabled .Values.onlyoffice.enabled }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "opencloud.fullname" . }}-oc-secrets + namespace: {{ .Values.namespace }} + labels: + {{- include "opencloud.labels" . | nindent 4 }} + app.kubernetes.io/component: collaboration +data: + # Generate a random JWT secret if not provided + jwt-secret: {{ .Values.opencloud.jwtSecret | default (randAlphaNum 32) | b64enc }} + # Generate a random WOPI secret if not provided + wopi-secret: {{ .Values.opencloud.wopiSecret | default (randAlphaNum 32) | b64enc }} +{{- end }} diff --git a/values.yaml b/values.yaml index ce4b0c1..ad47eb7 100644 --- a/values.yaml +++ b/values.yaml @@ -16,7 +16,6 @@ # 5. OnlyOffice Secret Keys: secret.inbox/outbox/session.string: B8LjkNqGxn6gf8bkuBUiMwyuCFwFddnu # 6. RabbitMQ: url: amqp://guest:guest@localhost - # ===================================================================== # GLOBAL SETTINGS # ===================================================================== @@ -364,6 +363,10 @@ image: opencloud: # Enable OpenCloud enabled: true + # JWT secret for collaboration (will be auto-generated if not provided) + jwtSecret: "" + # WOPI secret for collaboration (will be auto-generated if not provided) + wopiSecret: "" # Number of replicas (Note: When using multiple replicas, persistence should be disabled # or use a storage class that supports ReadWriteMany access mode) replicas: 1 From 7d55c6d395797083ade5f1887e32271839d21430 Mon Sep 17 00:00:00 2001 From: Your Name Date: Wed, 16 Apr 2025 15:48:18 +0200 Subject: [PATCH 3/5] update --- README.md | 129 ++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 120 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index e76b034..29beaea 100644 --- a/README.md +++ b/README.md @@ -4,14 +4,56 @@ Welcome to the **OpenCloud Helm Charts** repository! This repository is intended as a community-driven space for developing and maintaining Helm charts for deploying OpenCloud on Kubernetes. +## πŸ“‘ Table of Contents + +- [About](#-about) +- [Community](#-community) +- [Contributing](#-contributing) +- [Prerequisites](#prerequisites) +- [Installing the Helm Charts](#-installing-the-helm-charts) +- [Architecture](#architecture) + - [Component Interaction Diagram](#component-interaction-diagram) +- [Configuration](#configuration) + - [Global Settings](#global-settings) + - [Image Settings](#image-settings) + - [OpenCloud Settings](#opencloud-settings) + - [Keycloak Settings](#keycloak-settings) + - [PostgreSQL Settings](#postgresql-settings) + - [OnlyOffice Settings](#onlyoffice-settings) + - [Collabora Settings](#collabora-settings) + - [Collaboration Service Settings](#collaboration-service-settings) +- [Cilium Gateway API Configuration](#cilium-gateway-api-configuration) + - [Cilium HTTPRoute Settings](#cilium-httproute-settings) +- [Setting Up Gateway API with Talos, Cilium, and cert-manager](#setting-up-gateway-api-with-talos-cilium-and-cert-manager) +- [Installing the DEV Helm Charts](#-installing-the-dev-helm-charts) +- [License](#-license) +- [Community Maintained](#community-maintained) + ## πŸš€ About This repository is created to **welcome contributions from the community**. It does not contain official charts from OpenCloud GmbH and is **not officially supported by OpenCloud GmbH**. Instead, these charts are maintained by the open-source community. -## Introduction - OpenCloud is a cloud collaboration platform that provides file sync and share, document collaboration, and more. This Helm chart deploys OpenCloud with Keycloak for authentication, MinIO for object storage, and multiple options for document editing including Collabora and OnlyOffice. +## πŸ’¬ Community + +Join our Matrix chat for discussions about OpenCloud Helm Charts: +- [OpenCloud Helm on Matrix](https://matrix.to/#/%23opencloud-helm:matrix.org) + +For general OpenCloud discussions: +- [OpenCloud on Matrix](https://matrix.to/#/%23opencloud:matrix.org) +- [OpenCloud on Mastodon](https://social.opencloud.eu/@OpenCloud) +- [GitHub Discussions](https://github.com/orgs/opencloud-eu/discussions) + +## πŸ’‘ Contributing + +We encourage contributions from the community! If you'd like to contribute: +- Fork this repository +- Submit a Pull Request +- Discuss and collaborate on issues + +Please ensure that your PR follows best practices and includes necessary documentation. + ## Prerequisites - Kubernetes 1.19+ @@ -619,14 +661,83 @@ kubectl get pods -n opencloud -l app.kubernetes.io/component=onlyoffice-redis kubectl get pods -n opencloud -l app.kubernetes.io/component=onlyoffice-rabbitmq ``` -## πŸ’‘ Contributing +## πŸ“¦ Installing the DEV Helm Charts -We encourage contributions from the community! If you'd like to contribute: -- Fork this repository -- Submit a Pull Request -- Discuss and collaborate on issues +Spin up a temporary local instance of OpenCloud using a single Docker image. -Please ensure that your PR follows best practices and includes necessary documentation. +**Note:** This chart is primarily intended for Kubernetes deployment development and testing environments, +not for production use. It provides a simplified setup with minimal configuration. + +This version deploys opencloud as a single Docker image as described here: +https://docs.opencloud.eu/docs/admin/getting-started/docker/docker + +Deployment from the file system: + +``` +$ helm install opencloud -n opencloud --create-namespace ./opencloud-dev --set=adminPassword="" --set=url="" +``` + +It is important that the public-url is reachable, and forwarded to the backend-service opencloud-service:443, +otherwise login will not be possible or the message "missing or invalid config" is shown. + +For testing with the default settings port-forwarding from localhost can be used: + +``` +$ helm install opencloud -n opencloud --create-namespace ./opencloud-dev + + Release "opencloud" does not exist. Installing it now. + NAME: opencloud + LAST DEPLOYED: Wed Apr 2 01:16:19 2025 + NAMESPACE: opencloud + STATUS: deployed + REVISION: 1 + TEST SUITE: None +``` + +Establish a port-forwarding from localhost + +``` +$ kubectl port-forward -n opencloud svc/opencloud-service 9200:443 + + Forwarding from 127.0.0.1:9200 -> 9200 + Forwarding from [::1]:9200 -> 9200 + ... +``` + +Now open in a browser the url: [https://localhost:9200](https://localhost:9200) while +the port forwarding is active. + +You need to accept the risc of a self signed certificate. +(see [Common Issues & Help](https://docs.opencloud.eu/docs/admin/getting-started/docker/#troubleshooting)) in +the getting started with Docker documentation. + +Now you can login with the default admin / admin + +If you want to change the public URL you can upgrade the deployment with the following command: + +``` +$ helm upgrade opencloud -n opencloud ./charts/opencloud-dev --set=url="" + + Release "opencloud" has been upgraded. Happy Helming! + NAME: opencloud + LAST DEPLOYED: Wed Apr 2 01:42:51 2025 + NAMESPACE: opencloud + STATUS: deployed + REVISION: 2 + TEST SUITE: None +``` + +The opencloud deployment will be restarted and is availble after a few seconds configured for the new url. + +If you want to uninstall opencloud this can be done with + +``` +$ helm uninstall -n opencloud opencloud + + release "opencloud" uninstalled +``` + +The data PVC is configured to be kept, so it will survive uninstall and install of opencloud-dev ## πŸ“œ License @@ -634,4 +745,4 @@ This project is licensed under the **AGPLv3** licence. See the [LICENSE](LICENSE ## Community Maintained -This repository is **community-maintained** and **not officially supported by OpenCloud GmbH**. Use at your own risk, and feel free to contribute to improve the project! +This repository is **community-maintained** and **not officially supported by OpenCloud GmbH**. Use at your own risk, and feel free to contribute to improve the project! \ No newline at end of file From 12d7b064a0735650e6cddffbbd23a98f10835fb1 Mon Sep 17 00:00:00 2001 From: suse-coder Date: Wed, 16 Apr 2025 17:39:37 +0200 Subject: [PATCH 4/5] Update templates/opencloud/deployment.yaml MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: JΓΆrn Friedrich Dreyer --- templates/opencloud/deployment.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/templates/opencloud/deployment.yaml b/templates/opencloud/deployment.yaml index 42e1341..2f42b57 100644 --- a/templates/opencloud/deployment.yaml +++ b/templates/opencloud/deployment.yaml @@ -156,8 +156,6 @@ spec: value: "{{ .Values.global.domain.onlyoffice }}" - name: COMPANION_DOMAIN value: "{{ .Values.global.domain.companion }}" - - name: SEARCH_EXTRACTOR_TIKA_TIKA_URL - value: "http://{{ include "opencloud.tika.fullname" . }}:9998" # Sharing settings - name: OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD value: "false" From 97d852134901795d267958ea9a93363ea9219a45 Mon Sep 17 00:00:00 2001 From: Your Name Date: Mon, 21 Apr 2025 19:33:44 +0200 Subject: [PATCH 5/5] add ghcr oci image workflow --- .github/workflows/releasing.yaml | 46 ++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 .github/workflows/releasing.yaml diff --git a/.github/workflows/releasing.yaml b/.github/workflows/releasing.yaml new file mode 100644 index 0000000..e4016f8 --- /dev/null +++ b/.github/workflows/releasing.yaml @@ -0,0 +1,46 @@ +# File: .github/workflows/publish-helm.yaml +name: Publish Helm Chart to GHCR + +on: + push: + branches: + - main + +permissions: + contents: read + packages: write + +jobs: + publish: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up Helm + uses: azure/setup-helm@v3 + with: + version: v3.14.0 + + - name: Install yq + uses: mikefarah/yq-action@v1.1.0 + + - name: Read chart version + id: chart + run: | + echo "version=$(yq -r '.version' Chart.yaml)" >> $GITHUB_OUTPUT + + - name: Log in to GitHub Container Registry + run: | + echo "${{ secrets.GITHUB_TOKEN }}" | helm registry login ghcr.io \ + --username "${{ github.actor }}" --password-stdin + + - name: Package & Push chart + run: | + # Package the chart from repo root (where Chart.yaml lives) + helm package . --destination . + + # Push to GHCR under oc-community + TARBALL="oc-community-${{ steps.chart.outputs.version }}.tgz" + helm push "$TARBALL" oci://ghcr.io/${{ github.repository }}/oc-community