add activitypub migrations and db connection string and clean up white space in generated templates

charts/ghost/Chart.yaml

@@ -18,7 +18,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.5.2
+version: 1.6.0
 
 # renovate: image=docker.io/ghost
 appVersion: "6.0.10"

charts/ghost/README.md

@@ -1,6 +1,6 @@
 # ghost
 
-![Version: 1.5.2](https://img.shields.io/badge/Version-1.5.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 6.0.10](https://img.shields.io/badge/AppVersion-6.0.10-informational?style=flat-square)
+![Version: 1.6.0](https://img.shields.io/badge/Version-1.6.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 6.0.10](https://img.shields.io/badge/AppVersion-6.0.10-informational?style=flat-square)
 
 A Helm chart for deploying Ghost on Kubernetes
 
@@ -22,12 +22,13 @@ A Helm chart for deploying Ghost on Kubernetes
 | activity_pub.externalDatabase.password | string | `""` | database password. ignored if existingSecret not "" |
 | activity_pub.externalDatabase.port | string | `""` | database port. ignored if existingSecret not "" |
 | activity_pub.externalDatabase.root_password | string | `""` | database root password. ignored if existingSecret not "" |
-| activity_pub.externalDatabase.secretKeys.database | string | `""` | secret key in your existing k8s secret for the database name |
-| activity_pub.externalDatabase.secretKeys.hostname | string | `""` | secret key in your existing k8s secret for the database hostname |
-| activity_pub.externalDatabase.secretKeys.password | string | `""` | secret key in your existing k8s secret for the database password |
-| activity_pub.externalDatabase.secretKeys.port | string | `""` | secret key in your existing k8s secret for the database port |
-| activity_pub.externalDatabase.secretKeys.root_password | string | `""` | secret key in your existing k8s secret for the database root password |
-| activity_pub.externalDatabase.secretKeys.username | string | `""` | secret key in your existing k8s secret for the database username |
+| activity_pub.externalDatabase.secretKeys.connection_string | string | `""` | secret key in existing k8s secret for ActivityPub mysql connection string |
+| activity_pub.externalDatabase.secretKeys.database | string | `""` | secret key in existing k8s secret for ActivityPub database name |
+| activity_pub.externalDatabase.secretKeys.hostname | string | `""` | secret key in existing k8s secret for ActivityPub database hostname |
+| activity_pub.externalDatabase.secretKeys.password | string | `""` | secret key in existing k8s secret for ActivityPub database password |
+| activity_pub.externalDatabase.secretKeys.port | string | `""` | secret key in existing k8s secret for ActivityPub database port |
+| activity_pub.externalDatabase.secretKeys.root_password | string | `""` | secret key in existing k8s secret for ActivityPub database root password |
+| activity_pub.externalDatabase.secretKeys.username | string | `""` | secret key in existing k8s secret for ActivityPub database username |
 | activity_pub.externalDatabase.username | string | `""` | database username. ignored if existingSecret not "" |
 | activity_pub.podSecurityContext | object | `{}` | Configure Pods Security Context ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod |
 | activity_pub.resources | object | `{}` | pod resources: requested cpu/mem and limits for cpu/mem |

charts/ghost/templates/deployment-activity-pub.yaml

@@ -31,19 +31,36 @@ spec:
       securityContext:
         {{- toYaml . | nindent 8 }}
       {{- end }}
+      initContainers:
+        - name: activitypub-migrate
+          image: "ghcr.io/tryghost/activitypub-migrations:{{ .Values.activity_pub.version }}"
+          env:
+            - name: MYSQL_DB
+              valueFrom:
+                secretKeyRef:
+                  {{- if .Values.activity_pub.externalDatabase.existingSecret }}
+                  name: {{ .Values.activity_pub.externalDatabase.existingSecret }}
+                  key: {{ .Values.activity_pub.externalDatabase.secretKeys.connection_string }}
+                  {{- else }}
+                  name: {{ include "ghost.fullname" . }}-activitypub-db
+                  key: MYSQL_CONNECTION_STRING
+                  {{- end }}
       containers:
         - name: activitypub
           image: "ghcr.io/tryghost/activitypub:{{ .Values.activity_pub.version }}"
           imagePullPolicy: {{ .Values.image.pullPolicy }}
-          {{ if not .Values.activity_pub.externalDatabase.existingSecret }}
+
+          {{- if not .Values.activity_pub.externalDatabase.existingSecret }}
           envFrom:
             - secretRef:
                 name: {{ include "ghost.fullname" . }}-activitypub-db
           {{- end }}
+
           env:
             - name: PORT
               value: "8080"
-            {{ if .Values.activity_pub.externalDatabase.existingSecret }}
+
+            {{- if .Values.activity_pub.externalDatabase.existingSecret }}
             - name: MYSQL_HOST
               valueFrom:
                 secretKeyRef:

charts/ghost/templates/deployment.yaml

@@ -42,13 +42,15 @@ spec:
           {{- end }}
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
           imagePullPolicy: {{ .Values.image.pullPolicy }}
-          {{ if or (not .Values.externalDatabase.existingSecret) (not .Values.ghost.smtp.existingSecret) }}
+
+          {{- if or (not .Values.externalDatabase.existingSecret) (not .Values.ghost.smtp.existingSecret) }}
           envFrom:
             - secretRef:
                 name: {{ include "ghost.fullname" . }}-db
             - secretRef:
                 name: {{ include "ghost.fullname" . }}-smtp
           {{- end }}
+
           env:
             - name: url
               value: {{ .Values.ghost.url }}
@@ -65,7 +67,7 @@ spec:
             - name: ACTIVITYPUB_TARGET
               value: "{{ include "ghost.fullname" . }}-activitypub.{{ .Release.Namespace }}.svc:{{ .Values.activity_pub.service.port }}"
 
-            {{ if .Values.externalDatabase.existingSecret }}
+            {{- if .Values.externalDatabase.existingSecret }}
             - name: database__connection__host
               valueFrom:
                 secretKeyRef:
@@ -101,9 +103,9 @@ spec:
                 secretKeyRef:
                   name: {{ .Values.externalDatabase.existingSecret }}
                   key: {{ .Values.externalDatabase.secretKeys.root_password }}
-            {{ end }}
-            {{ if .Values.ghost.smtp.existingSecret }}
+            {{- end }}
 
+            {{- if .Values.ghost.smtp.existingSecret }}
             - name: mail__options__host
               valueFrom:
                 secretKeyRef:

charts/ghost/templates/secret-activitypub-db.yaml

@@ -14,4 +14,6 @@ data:
   MYSQL_USER: {{ .Values.activity_pub.externalDatabase.username | b64enc }}
   MYSQL_PASSWORD: {{ .Values.activity_pub.externalDatabase.password | b64enc }}
   DATABASE_ROOT_PASSWORD: {{ .Values.activity_pub.externalDatabase.root_password | b64enc }}
+  # mysql connection string.
+  MYSQL_CONNECTION_STRING: "mysql://{{ .Values.activity_pub.externalDatabase.username }}:{{ .Values.activity_pub.externalDatabase.password | urlquery }}@tcp({{ include "ghost.fullname" . }}-db:{{ .Values.activity_pub.externalDatabase.port }})/{{ .Values.activity_pub.externalDatabase.database }}"
 {{- end }}

charts/ghost/values.yaml

@@ -275,18 +275,20 @@ activity_pub:
     # -- existing kubernetes secret for your external Database
     existingSecret: ""
     secretKeys:
-      # -- secret key in your existing k8s secret for the database hostname
+      # -- secret key in existing k8s secret for ActivityPub database hostname
       hostname: ""
-      # -- secret key in your existing k8s secret for the database port
+      # -- secret key in existing k8s secret for ActivityPub database port
       port: ""
-      # -- secret key in your existing k8s secret for the database username
+      # -- secret key in existing k8s secret for ActivityPub database username
       username: ""
-      # -- secret key in your existing k8s secret for the database password
+      # -- secret key in existing k8s secret for ActivityPub database password
       password: ""
-      # -- secret key in your existing k8s secret for the database root password
+      # -- secret key in existing k8s secret for ActivityPub database root password
       root_password: ""
-      # -- secret key in your existing k8s secret for the database name
+      # -- secret key in existing k8s secret for ActivityPub database name
       database: ""
+      # -- secret key in existing k8s secret for ActivityPub mysql connection string
+      connection_string: ""
 
   service:
     # -- This sets the service type more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types