fix(helm): Medcat trainer helm chart to support preset auth for postgres (#36)

alhendrickson · web-flow · commit bbbf5d2d744b · 2026-01-14T19:41:32.000Z
* fix(helm): Set postgres user/pass in value to fix restart issue

* fix(helm): Set Trainer ingress service to nginx

* feat(helm): Make medcat-service ingress support the standard template pattern
diff --git a/deployment/kubernetes/charts/medcat-service-helm/templates/ingress.yaml b/deployment/kubernetes/charts/medcat-service-helm/templates/ingress.yaml
@@ -24,6 +24,25 @@ spec:
     {{- end }}
   {{- end }}
   rules:
+    {{- if not .Values.ingress.http }}
+    {{- range .Values.ingress.hosts }}
+    - host: {{ .host | quote }}
+      http:
+        paths:
+          {{- range .paths }}
+          - path: {{ .path }}
+            {{- with .pathType }}
+            pathType: {{ . }}
+            {{- end }}
+            backend:
+              service:
+                name: {{ include "medcat-service.fullname" $ }}
+                port:
+                  number: {{ $.Values.service.port }}
+          {{- end }}
+    {{- end }}
+    {{- end }}
+    {{- if not .Values.ingress.hosts }}
     {{- range .Values.ingress.http }}
     - {{- if .host }}
       host: {{ .host | quote }}
@@ -42,4 +61,5 @@ spec:
                   number: {{ $.Values.service.port }}
           {{- end }}
     {{- end }}
+    {{- end }}
 {{- end }}
diff --git a/deployment/kubernetes/charts/medcat-service-helm/values.yaml b/deployment/kubernetes/charts/medcat-service-helm/values.yaml
@@ -144,15 +144,16 @@ ingress:
   annotations: {}
     # kubernetes.io/ingress.class: nginx
     # kubernetes.io/tls-acme: "true"
-  http:
+  hosts:
     - host: chart-example.local
       paths:
         - path: /
           pathType: ImplementationSpecific
-  # Allows global ingress without hostname, matching all calls to the host.
-    - paths:
-        - path: /medcat-service
-          pathType: ImplementationSpecific
+  # - Optional alternative to hosts: allows for global ingress without hostname. Overrides hosts if both are set. 
+  # http:
+  #   - paths:
+  #       - path: /medcat-service
+  #         pathType: ImplementationSpecific
   tls: []
   #  - secretName: chart-example-tls
   #    hosts:
diff --git a/deployment/kubernetes/charts/medcat-trainer-helm/templates/_helpers.tpl b/deployment/kubernetes/charts/medcat-trainer-helm/templates/_helpers.tpl
@@ -62,6 +62,9 @@ Create the name of the service account to use
 {{- end }}
 {{- end }}
 
+{{/* =========================================================================
+   Dependencies
+=========================================================================== */}}
 
 {{- /*
 Return Solr host: either user-supplied or constructed from release name
@@ -92,4 +95,12 @@ Return full Solr URL: combines host and port
 */ -}}
 {{- define "medcat-trainer-helm.solrURL" -}}
 http://{{ include "medcat-trainer-helm.solrHost" . }}:{{ include "medcat-trainer-helm.solrPort" . }}
-{{- end }}
+{{- end }}
+
+{{- define "postgres.service-name" -}}
+{{ include "postgresql.v1.primary.fullname" (dict "Values" .Values.postgresql "Chart" (dict "Name" "postgresql") "Release" .Release) }}
+{{- end -}}
+
+{{- define "postgres.port" -}}
+{{ include "postgresql.v1.service.port" (dict "Values" .Values.postgresql) }}
+{{- end -}}
diff --git a/deployment/kubernetes/charts/medcat-trainer-helm/templates/ingress.yaml b/deployment/kubernetes/charts/medcat-trainer-helm/templates/ingress.yaml
@@ -35,7 +35,7 @@ spec:
             {{- end }}
             backend:
               service:
-                name: {{ include "medcat-trainer-helm.fullname" $ }}
+                name: {{ include "medcat-trainer-helm.fullname" $ }}-nginx
                 port:
                   number: {{ $.Values.service.port }}
           {{- end }}
diff --git a/deployment/kubernetes/charts/medcat-trainer-helm/templates/medcat-trainer-deployment.yaml b/deployment/kubernetes/charts/medcat-trainer-helm/templates/medcat-trainer-deployment.yaml
@@ -55,16 +55,8 @@ spec:
           envFrom:
             - configMapRef:
                 name: {{ include "medcat-trainer-helm.fullname" . }}-medcat-trainer-env
-          {{- if .Values.postgresql.enabled }}
-          env:
-            - name: DB_HOST
-              value: {{ .Release.Name }}-postgresql
-            - name: DB_PASSWORD
-              valueFrom:
-                secretKeyRef:
-                  name: {{ .Release.Name }}-postgresql
-                  key: postgres-password
-          {{- end }}
+            - secretRef:
+                name: {{ include "medcat-trainer-helm.fullname" . }}-secret
           {{- with .Values.livenessProbe }}
           livenessProbe:
             {{- toYaml . | nindent 12 }}
diff --git a/deployment/kubernetes/charts/medcat-trainer-helm/templates/medcat-trainer-secret.yaml b/deployment/kubernetes/charts/medcat-trainer-helm/templates/medcat-trainer-secret.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name:  {{ include "medcat-trainer-helm.fullname" . }}-secret
+  labels:
+    {{- include "medcat-trainer-helm.labels" . | nindent 4 }}
+stringData:
+  DB_NAME: {{ .Values.postgresql.auth.database }}
+  DB_USER: "{{ .Values.postgresql.auth.username }}"
+  DB_PASSWORD: "{{  .Values.postgresql.auth.password }}"
+  DB_HOST: "{{ include "postgresql.v1.primary.fullname" (dict "Values" .Values.postgresql "Chart" (dict "Name" "postgresql") "Release" .Release) }}"
+  DB_PORT: "{{ include "postgresql.v1.service.port" (dict "Values" .Values.postgresql) }}"
+  
diff --git a/deployment/kubernetes/charts/medcat-trainer-helm/values.yaml b/deployment/kubernetes/charts/medcat-trainer-helm/values.yaml
@@ -4,13 +4,12 @@
 
 # This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/
 replicaCount: 1
-nginxReplicaCount: 1
 
 # This sets the container image more information can be found here: https://kubernetes.io/docs/concepts/containers/images/
 image:
   repository: cogstacksystems/medcat-trainer
   # This sets the pull policy for images.
-  pullPolicy: Always
+  pullPolicy: IfNotPresent
   # Overrides the image tag whose default is the chart appVersion.
   tag: "latest"
 nginxImage:
@@ -38,20 +37,15 @@ env:
   # TODO: Support custom DB overrides#
   # DB_ENGINE: "sqlite3"
   DB_ENGINE: "postgresql"
-  DB_NAME: "postgres"
-  DB_USER: "postgres"
   DB_PORT: "5432"
-  # DB_PASSWORD: ""
-  # DB_HOST: "" 
 
 postgresql:
   enabled: true
   # TODO: Support custom DB overrides
-  # auth:
-  #  - name for a custom database
-  #   database: "my_trainer_db"
-  #   username: "trainer_admin"
-  #   password: "changeme_changeme"
+  auth:
+    database: "postgres"
+    username: "postgres"
+    password: "postgres"
   primary:
     persistence:
       # Size of the PVC for the postgres database
@@ -96,10 +90,7 @@ solr:
   replicaCount: 1
   collectionShards: 1
   collectionReplicas: 1
-  zookeeper:
-    replicaCount: 1
-    persistence:
-      size: 1Gi
+
   persistence:
     size: 1Gi
   auth:
@@ -117,7 +108,9 @@ solr:
     image:
       repository: bitnamilegacy/zookeeper
       tag: 3.9.3-debian-12-r22
-
+    replicaCount: 1 #
+    persistence:
+      size: 1Gi   # Default is 8Gi
 
 
 # This is for the secrets for pulling an image from a private repository more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
