add changes requested

Author: carlosmt86

helm/defectdojo/README.md

@@ -529,7 +529,6 @@ A Helm chart for Kubernetes to install DefectDojo
 | celery.beat.affinity | object | `{}` |  |
 | celery.beat.annotations | object | `{}` | Annotations for the Celery beat deployment. |
 | celery.beat.automountServiceAccountToken | bool | `false` |  |
-| celery.beat.autoscaling | object | `{"autoscaleBehavior":{},"enabled":false,"maxReplicas":5,"minReplicas":2,"targetCPUUtilizationPercentage":80,"targetMemoryUtilizationPercentage":80}` | Autoscaling configuration for Celery beat deployment. |
 | celery.beat.containerSecurityContext | object | `{}` | Container security context for the Celery beat containers. |
 | celery.beat.extraEnv | list | `[]` | Additional environment variables injected to Celery beat containers. |
 | celery.beat.extraInitContainers | list | `[]` | A list of additional initContainers to run before celery beat containers. |
@@ -539,7 +538,6 @@ A Helm chart for Kubernetes to install DefectDojo
 | celery.beat.livenessProbe | object | `{}` | Enable liveness probe for Celery beat container. ``` exec:   command:     - bash     - -c     - celery -A dojo inspect ping -t 5 initialDelaySeconds: 30 periodSeconds: 60 timeoutSeconds: 10 ``` |
 | celery.beat.nodeSelector | object | `{}` |  |
 | celery.beat.podAnnotations | object | `{}` | Annotations for the Celery beat pods. |
-| celery.beat.podDisruptionBudget | object | `{"enabled":false,"minAvailable":"50%","unhealthyPodEvictionPolicy":"AlwaysAllow"}` | Configure pod disruption budgets for Celery beat ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget |
 | celery.beat.podSecurityContext | object | `{}` | Pod security context for the Celery beat pods. |
 | celery.beat.readinessProbe | object | `{}` | Enable readiness probe for Celery beat container. |
 | celery.beat.replicas | int | `1` |  |
@@ -564,7 +562,7 @@ A Helm chart for Kubernetes to install DefectDojo
 | celery.worker.image | object | `{"digest":"","registry":"","repository":"","tag":""}` | If empty, uses values from images.django.image |
 | celery.worker.livenessProbe | object | `{}` | Enable liveness probe for Celery worker containers. ``` exec:   command:     - bash     - -c     - celery -A dojo inspect ping -t 5 initialDelaySeconds: 30 periodSeconds: 60 timeoutSeconds: 10 ``` |
 | celery.worker.nodeSelector | object | `{}` |  |
-| celery.worker.podAnnotations | object | `{}` | Annotations for the Celery beat pods. |
+| celery.worker.podAnnotations | object | `{}` | Annotations for the Celery worker pods. |
 | celery.worker.podDisruptionBudget | object | `{"enabled":false,"minAvailable":"50%","unhealthyPodEvictionPolicy":"AlwaysAllow"}` | Configure pod disruption budgets for Celery worker ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget |
 | celery.worker.podSecurityContext | object | `{}` | Pod security context for the Celery worker pods. |
 | celery.worker.readinessProbe | object | `{}` | Enable readiness probe for Celery worker container. |
@@ -574,6 +572,7 @@ A Helm chart for Kubernetes to install DefectDojo
 | celery.worker.resources.requests.cpu | string | `"100m"` |  |
 | celery.worker.resources.requests.memory | string | `"128Mi"` |  |
 | celery.worker.startupProbe | object | `{}` | Enable startup probe for Celery worker container. |
+| celery.worker.terminationGracePeriodSeconds | int | `300` |  |
 | celery.worker.tolerations | list | `[]` |  |
 | cloudsql | object | `{"containerSecurityContext":{},"enable_iam_login":false,"enabled":false,"extraEnv":[],"extraVolumeMounts":[],"image":{"pullPolicy":"IfNotPresent","repository":"gcr.io/cloudsql-docker/gce-proxy","tag":"1.37.9"},"instance":"","resources":{},"use_private_ip":false,"verbose":true}` | Google CloudSQL support in GKE via gce-proxy |
 | cloudsql.containerSecurityContext | object | `{}` | Optional: security context for the CloudSQL proxy container. |
@@ -633,6 +632,7 @@ A Helm chart for Kubernetes to install DefectDojo
 | django.service.annotations | object | `{}` |  |
 | django.service.type | string | `""` |  |
 | django.strategy | object | `{}` |  |
+| django.terminationGracePeriodSeconds | int | `60` |  |
 | django.tolerations | list | `[]` |  |
 | django.uwsgi.appSettings.maxFd | int | `0` | Use this value to set the maximum number of file descriptors. If set to 0 will be detected by uwsgi e.g. 102400 |
 | django.uwsgi.appSettings.processes | int | `4` |  |

helm/defectdojo/templates/celery-beat-hpa.yaml

@@ -170,6 +170,10 @@ spec:
       affinity:
         {{- toYaml . | nindent 8 }}
     {{- end }}
+    {{- with .Values.celery.worker.terminationGracePeriodSeconds }}
+      terminationGracePeriodSeconds:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
     {{- with .Values.celery.worker.tolerations }}
       tolerations:
         {{- toYaml . | nindent 8 }}

helm/defectdojo/templates/celery-beat-pdb.yaml

@@ -1,4 +1,4 @@
-{{- if .Values.celery.worker.podDisruptionBudget.enabled }}
+{{- if and .Values.celery.worker.podDisruptionBudget.enabled (or (gt (int .Values.celery.worker.replicas) 1) .Values.celery.worker.autoscaling.enabled) }}
 {{- $fullName := include "defectdojo.fullname" . -}}
 apiVersion: policy/v1
 kind: PodDisruptionBudget
@@ -24,7 +24,7 @@ metadata:
 spec:
   selector:
     matchLabels:
-      app.kubernetes.io/name: {{ .Release.Name }}
+      app.kubernetes.io/name: {{ include "defectdojo.name" . }}
       defectdojo.org/component: celery
       defectdojo.org/subcomponent: worker
 {{ toYaml (omit .Values.celery.worker.podDisruptionBudget "enabled" ) | indent 2 }}

helm/defectdojo/templates/celery-worker-deployment.yaml

@@ -372,6 +372,10 @@ spec:
       affinity:
         {{- toYaml . | nindent 8 }}
     {{- end }}
+    {{- with .Values.django.terminationGracePeriodSeconds }}
+      terminationGracePeriodSeconds:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
     {{- with .Values.django.tolerations }}
       tolerations:
         {{- toYaml . | nindent 8 }}

helm/defectdojo/templates/celery-worker-pdb.yaml

@@ -3,14 +3,11 @@
 apiVersion: autoscaling/v2
 kind: HorizontalPodAutoscaler
 metadata:
-  {{- if or .Values.extraAnnotations .Values.django.autoscaling.annotations }}
+  {{- with mergeOverwrite dict .Values.extraAnnotations .Values.django.annotations }}
   annotations:
-  {{- range $key, $value := .Values.extraAnnotations }}
+    {{- range $key, $value := . }}
     {{ $key }}: {{ quote $value }}
-  {{- end }}
-  {{- range $key, $value := .Values.django.annotations }}
-    {{ $key }}: {{ quote $value }}
-  {{- end }}
+    {{- end }}
   {{- end }}
   name: {{ $fullName }}-django
   namespace: {{ .Release.Namespace }}

helm/defectdojo/templates/django-deployment.yaml

@@ -1,16 +1,13 @@
-{{- if .Values.django.podDisruptionBudget.enabled }}
+{{- if and .Values.django.podDisruptionBudget.enabled (or (gt (int .Values.django.replicaCount) 1) .Values.django.autoscaling.enabled) }}
 {{- $fullName := include "defectdojo.fullname" . -}}
 apiVersion: policy/v1
 kind: PodDisruptionBudget
 metadata:
-  {{- if or .Values.extraAnnotations .Values.django.podDisruptionBudget.annotations }}
+  {{- with mergeOverwrite dict .Values.extraAnnotations .Values.django.annotations }}
   annotations:
-  {{- range $key, $value := .Values.extraAnnotations }}
+    {{- range $key, $value := . }}
     {{ $key }}: {{ quote $value }}
-  {{- end }}
-  {{- range $key, $value := .Values.django.annotations }}
-    {{ $key }}: {{ quote $value }}
-  {{- end }}
+    {{- end }}
   {{- end }}
   labels:
     defectdojo.org/component: django
@@ -26,7 +23,7 @@ metadata:
 spec:
   selector:
     matchLabels:
-      app.kubernetes.io/name: {{ .Release.Name }}
+      app.kubernetes.io/name: {{ include "defectdojo.name" . }}
       defectdojo.org/component: django
 {{ toYaml (omit .Values.django.podDisruptionBudget "enabled" ) | indent 2 }}
 {{- end }}

helm/defectdojo/templates/django-hpa.yaml

@@ -55,30 +55,6 @@
                         "automountServiceAccountToken": {
                             "type": "boolean"
                         },
-                        "autoscaling": {
-                            "description": "Autoscaling configuration for Celery beat deployment.",
-                            "type": "object",
-                            "properties": {
-                                "autoscaleBehavior": {
-                                    "type": "object"
-                                },
-                                "enabled": {
-                                    "type": "boolean"
-                                },
-                                "maxReplicas": {
-                                    "type": "integer"
-                                },
-                                "minReplicas": {
-                                    "type": "integer"
-                                },
-                                "targetCPUUtilizationPercentage": {
-                                    "type": "integer"
-                                },
-                                "targetMemoryUtilizationPercentage": {
-                                    "type": "integer"
-                                }
-                            }
-                        },
                         "containerSecurityContext": {
                             "description": "Container security context for the Celery beat containers.",
                             "type": "object"
@@ -128,21 +104,6 @@
                             "description": "Annotations for the Celery beat pods.",
                             "type": "object"
                         },
-                        "podDisruptionBudget": {
-                            "description": "Configure pod disruption budgets for Celery beat ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget",
-                            "type": "object",
-                            "properties": {
-                                "enabled": {
-                                    "type": "boolean"
-                                },
-                                "minAvailable": {
-                                    "type": "string"
-                                },
-                                "unhealthyPodEvictionPolicy": {
-                                    "type": "string"
-                                }
-                            }
-                        },
                         "podSecurityContext": {
                             "description": "Pod security context for the Celery beat pods.",
                             "type": "object"
@@ -288,7 +249,7 @@
                             "type": "object"
                         },
                         "podAnnotations": {
-                            "description": "Annotations for the Celery beat pods.",
+                            "description": "Annotations for the Celery worker pods.",
                             "type": "object"
                         },
                         "podDisruptionBudget": {
@@ -348,6 +309,10 @@
                             "description": "Enable startup probe for Celery worker container.",
                             "type": "object"
                         },
+                        "terminationGracePeriodSeconds": {
+                            "description": "Termination grace period seconds for Celery worker pods.",
+                            "type": "integer"
+                        },
                         "tolerations": {
                             "type": "array"
                         }
@@ -737,6 +702,10 @@
                 "strategy": {
                     "type": "object"
                 },
+                "terminationGracePeriodSeconds": {
+                    "description": "Termination grace period seconds for django pods.",
+                    "type": "integer"
+                },
                 "tolerations": {
                     "type": "array"
                 },

helm/defectdojo/templates/django-pdb.yaml

@@ -221,14 +221,6 @@ celery:
       repository: ""
       tag: ""
       digest: ""
-    # -- Autoscaling configuration for Celery beat deployment.
-    autoscaling:
-      enabled: false
-      minReplicas: 2
-      maxReplicas: 5
-      targetCPUUtilizationPercentage: 80
-      targetMemoryUtilizationPercentage: 80
-      autoscaleBehavior: {}
     automountServiceAccountToken: false
     # -- Annotations for the Celery beat deployment.
     annotations: {}
@@ -259,11 +251,6 @@ celery:
     nodeSelector: {}
     # -- Annotations for the Celery beat pods.
     podAnnotations: {}
-    # -- Configure pod disruption budgets for Celery beat ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
-    podDisruptionBudget:
-      enabled: false
-      minAvailable: 50%
-      unhealthyPodEvictionPolicy: AlwaysAllow
     # -- Pod security context for the Celery beat pods.
     podSecurityContext: {}
     # -- Enable readiness probe for Celery beat container.
@@ -322,7 +309,7 @@ celery:
     # ```
     livenessProbe: {}
     nodeSelector: {}
-    # -- Annotations for the Celery beat pods.
+    # -- Annotations for the Celery worker pods.
     podAnnotations: {}
     # -- Configure pod disruption budgets for Celery worker ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
     podDisruptionBudget:
@@ -343,6 +330,8 @@ celery:
         memory: 512Mi
     # -- Enable startup probe for Celery worker container.
     startupProbe: {}
+    #  -- Termination grace period seconds for Celery worker pods.
+    terminationGracePeriodSeconds: 300
     tolerations: []
     appSettings:
       # -- Performance improved celery worker config when needing to deal with a lot of findings (e.g deduplication ops)
@@ -421,6 +410,8 @@ django:
     unhealthyPodEvictionPolicy: AlwaysAllow
   replicas: 1
   strategy: {}
+  #  -- Termination grace period seconds for django pods.
+  terminationGracePeriodSeconds: 60
   tolerations: []
   uwsgi:
     # -- If empty, uses values from images.django.image