billisdead/postiz-helmchart
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(helm): address CodeRabbit review findings

Browse Source 
NOTES.txt:
- Detect ingress scheme dynamically (http/https based on .Values.ingress.tls)
- Include first path in ingress URL output
- Use .Values.service.port in port-forward example instead of hardcoded 80
- Add -n {{ .Release.Namespace }} to all kubectl commands

postiz-config.yaml:
- Merge temporal enabled/external branches: external address now also emits
  TEMPORAL_NAMESPACE and TEMPORAL_TLS, not just TEMPORAL_ADDRESS

temporal-init-job.yaml:
- Use .Values.temporal.postgresql.seeds as PGHOST source (with fallback to
  bitnami sub-chart service name) so init job and runtime use the same host
- Switch to quoted heredoc (<<-'SQL') + psql --set to pass credentials as
  psql variables, preventing shell expansion from breaking on special chars

temporal-secret.yaml:
- Add required validation: temporal.postgresql.password must be set explicitly
  when temporal.enabled=true

values.yaml:
- Remove hardcoded default passwords (postgresPassword, temporal.postgresql.password)
  replaced with empty strings to avoid predictable default credentials

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
billisdead
2026-06-17 08:37:05 +02:00
parent 98231d5eaf
commit 92ceb76f23
5 changed files with 22 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files
charts/postiz/templates/NOTES.txt
+6 -6
View File
@@ -2,11 +2,11 @@ Postiz has been deployed!
Access URL:
{{- if .Values.ingress.enabled }}
https://{{ (first .Values.ingress.hosts).host }}
{{ if .Values.ingress.tls }}https{{ else }}http{{ end }}://{{ (first .Values.ingress.hosts).host }}{{ (first (first .Values.ingress.hosts).paths).path }}
{{- else if eq .Values.service.type "NodePort" }}
http://<node-ip>:{{ .Values.service.nodePort }}
{{- else }}
kubectl port-forward svc/{{ include "postiz.fullname" . }} 5000:80
kubectl port-forward svc/{{ include "postiz.fullname" . }} 5000:{{ .Values.service.port }}
http://localhost:5000
{{- end }}
@@ -14,11 +14,11 @@ Access URL:
Temporal:
Internal address : {{ include "postiz.fullname" . }}-temporal:7233
Status : kubectl get pods -l app.kubernetes.io/component=temporal
Init job logs : kubectl logs job/{{ include "postiz.fullname" . }}-temporal-init
Status : kubectl -n {{ .Release.Namespace }} get pods -l app.kubernetes.io/component=temporal
Init job logs : kubectl -n {{ .Release.Namespace }} logs job/{{ include "postiz.fullname" . }}-temporal-init
After first deploy, create Temporal search attributes:
kubectl exec deploy/{{ include "postiz.fullname" . }}-temporal -- \
kubectl -n {{ .Release.Namespace }} exec deploy/{{ include "postiz.fullname" . }}-temporal -- \
temporal operator search-attribute create \
--namespace {{ .Values.temporal.namespace | default "default" }} \
--name organizationId --type Keyword \
@@ -41,6 +41,6 @@ WARNING: replicaCount={{ .Values.replicaCount }} with STORAGE_PROVIDER=local is
Upgrade reminder:
Always back up the PostgreSQL database before upgrading Postiz:
kubectl exec -n <namespace> <postgresql-pod> -- \
kubectl exec -n {{ .Release.Namespace }} <postgresql-pod> -- \
pg_dump -U {{ .Values.postgresql.auth.username }} {{ .Values.postgresql.auth.database }} \
> postiz-backup-$(date +%Y%m%d).sql