diff --git a/chart/.helmignore b/chart/.helmignore index 0e8a0eb36f..64aea69c92 100644 --- a/chart/.helmignore +++ b/chart/.helmignore @@ -21,3 +21,5 @@ .idea/ *.tmproj .vscode/ +# Helm envs +env diff --git a/chart/env/prod.yaml b/chart/env/prod.yaml index 3877f00ba7..c5b0a92ca7 100644 --- a/chart/env/prod.yaml +++ b/chart/env/prod.yaml @@ -101,6 +101,8 @@ reverseProxy: operator: Equal ingress: + tls: + hosts: "datasets-server.huggingface.co" annotations: alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:707930574880:certificate/971187a3-2baa-40e5-bcae-94d6ec55cd24 alb.ingress.kubernetes.io/load-balancer-name: "hub-datasets-server-prod" diff --git a/chart/templates/_envCommon.tpl b/chart/templates/_envCommon.tpl index 65c2e7f4bc..0a04e281cb 100644 --- a/chart/templates/_envCommon.tpl +++ b/chart/templates/_envCommon.tpl @@ -10,7 +10,11 @@ {{- if .Values.secrets.token.fromSecret }} valueFrom: secretKeyRef: + {{- if eq .Values.secrets.token.secretName "" }} + name: {{ .Release.Name }}-datasets-server-app-token + {{- else }} name: {{ .Values.secrets.token.secretName | quote }} + {{- end }} key: HF_TOKEN optional: false {{- else }} diff --git a/chart/templates/ingress.yaml b/chart/templates/ingress.yaml index 8b3e9f1ca0..3154776085 100644 --- a/chart/templates/ingress.yaml +++ b/chart/templates/ingress.yaml @@ -6,12 +6,7 @@ metadata: name: {{ include "release" . }} namespace: {{ .Release.Namespace }} spec: - {{- if .Values.ingress.tls.enabled }} - tls: - - hosts: - - {{ .Values.hostname }} - secretName: {{ .Values.ingress.tls.secretName }} - {{- end}} + tls: {{ toYaml .Values.ingress.tls | nindent 4 }} rules: - host: {{ .Values.hostname }} http: diff --git a/chart/templates/jobs/mongodb-migration/job.yaml b/chart/templates/jobs/mongodb-migration/job.yaml index e11dbb25b6..24264705d3 100644 --- a/chart/templates/jobs/mongodb-migration/job.yaml +++ b/chart/templates/jobs/mongodb-migration/job.yaml @@ -1,6 +1,7 @@ # SPDX-License-Identifier: Apache-2.0 # Copyright 2022 The HuggingFace Authors. +{{- if .Values.dockerImage.jobs.mongodbMigration }} apiVersion: batch/v1 kind: Job metadata: @@ -25,3 +26,4 @@ spec: volumes: {{ include "volumeData" . | nindent 8 }} securityContext: {{ include "securityContext" . | nindent 8 }} backoffLimit: 0 +{{- end}} diff --git a/chart/templates/worker/splits/_container.tpl b/chart/templates/worker/splits/_container.tpl index f9d155d08c..a26d602252 100644 --- a/chart/templates/worker/splits/_container.tpl +++ b/chart/templates/worker/splits/_container.tpl @@ -4,7 +4,7 @@ {{- define "containerWorkerSplits" -}} - name: "{{ include "name" . }}-worker-splits" image: {{ .Values.dockerImage.workers.splits }} - imagePullPolicy: IfNotPresent + imagePullPolicy: {{ .Values.dockerImage.pullPolicy }} env: {{ include "envCache" . | nindent 2 }} {{ include "envQueue" . | nindent 2 }} diff --git a/chart/values.yaml b/chart/values.yaml index f517e80f91..cae1edc2c5 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -9,8 +9,8 @@ secrets: value: mongo:// token: fromSecret: false - secretName: "datasets-server-hf-token" - value: hf_app + secretName: "" + value: "hf_app" uid: 1000 gid: 3000 @@ -35,6 +35,7 @@ imagePullSecrets: [] # overridden by docker-images.yaml (which must be in JSON format!) dockerImage: + pullPolicy: IfNotPresent reverseProxy: "" jobs: mongodb_migration: "" @@ -115,15 +116,8 @@ reverseProxy: tolerations: [] ingress: - tls: - enabled: false - secretName: "" - annotations: - alb.ingress.kubernetes.io/healthcheck-path: "/healthcheck" - alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80, "HTTPS": 443}]' - alb.ingress.kubernetes.io/scheme: "internet-facing" - alb.ingress.kubernetes.io/group.name: "datasets-server" - kubernetes.io/ingress.class: "alb" + tls: [] + annotations: {} # --- services ---