From 4b7f0d041146e639d284cb8f52d7094ec37978c5 Mon Sep 17 00:00:00 2001 From: Mihail Radkov Date: Tue, 24 Feb 2026 18:33:22 +0200 Subject: [PATCH 1/2] Use the correct content type in the backups CronJob - Updated the backup CronJob to use form data instead of application/json as per the official GraphDB documentation. - Added a missing `if` in the GraphDB's StatefulSet template when rendering the ephemeral `/tmp` volume mount --- CHANGELOG.md | 193 +++++++++++++++------- Chart.yaml | 2 +- files/scripts/graphdb.sh | 3 +- templates/graphdb/statefulset.yaml | 2 + templates/jobs/secret-backup-options.yaml | 12 +- values.yaml | 4 +- 6 files changed, 141 insertions(+), 75 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a3ba29e2..dbd03337 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,13 @@ # GraphDB Helm chart release notes +## Version 12.3.1 + +### Fixed + +- Updated the backup CronJob to use form data instead of application/json as per the official GraphDB documentation. + See https://graphdb.ontotext.com/documentation/11.3/migrating-graphdb-configurations.html for more information. +- Added a missing `if` in the GraphDB's StatefulSet template when rendering the ephemeral `/tmp` volume mount + ## Version 12.3.0 ### New @@ -125,7 +133,8 @@ ### Fixed -- Removed `| quote` from rendering `configuration.properties` in properties ConfigMaps in order to allow configuring GraphDB with +- Removed `| quote` from rendering `configuration.properties` in properties ConfigMaps in order to allow configuring + GraphDB with non-string properties. ## Version 11.3.2 @@ -153,7 +162,8 @@ ### Updated - Removed any pre-install, pre-upgrade, pre-rollback Helm hooks annotations to allow seamless ArgoCD deployments. -- Changed the license directory to `/opt/graphdb/home/conf/license/` with `license.mountPath` in order to avoid using a `subPath` volume +- Changed the license directory to `/opt/graphdb/home/conf/license/` with `license.mountPath` in order to avoid using a + `subPath` volume mount. This allows kubelet to update the license when the Secret has been updated. - Changed the license volume mount as read-only by default with `license.readOnly` @@ -174,13 +184,18 @@ ### New - Added CronJob for scheduling GraphDB backups. The CronJob supports both local and cloud backups. - - Added new configurations under `backup`: `backup.enabled` for toggling the backup CronJob, `backup.type` for selecting between local and - cloud and more. - - Local backups support saving the GraphDB backup archives in volume from an existing persistent volume claim, configured - with `backup.local` - - Cloud backups support uploading the GraphDB backup archives in one of the supported cloud object storage services, configured with `backup.cloud` - - Added a new example under [examples/backup-local](examples/backup-local) showing how to use the local backup feature with `backup.local` -- Added a new property `security.provisioner.passwordHash` to define an initial password for the provisioner user as a bcrypt hash. + - Added new configurations under `backup`: `backup.enabled` for toggling the backup CronJob, `backup.type` for + selecting between local and + cloud and more. + - Local backups support saving the GraphDB backup archives in volume from an existing persistent volume claim, + configured + with `backup.local` + - Cloud backups support uploading the GraphDB backup archives in one of the supported cloud object storage services, + configured with `backup.cloud` + - Added a new example under [examples/backup-local](examples/backup-local) showing how to use the local backup feature + with `backup.local` +- Added a new property `security.provisioner.passwordHash` to define an initial password for the provisioner user as a + bcrypt hash. - Configured `graphdb.extra.plugins` to load plugins from `/opt/graphdb/home/extra-plugins` by default ### Fixed @@ -237,11 +252,11 @@ GraphDB proxy pods. The default values configure a "soft" podAntiAffinity that tries to schedule GraphDB pods across different Kubernetes hosts but does not enforce it. - Added new configuration options for the Jobs - - Added `job.schedulerName` for overriding the default Kubernetes scheduler - - Added `job.dnsConfig` and `job.dnsPolicy` for customizing the DNS resolution - - Added `job.priorityClassName` for defining the pods scheduling importance - - Added `job.nodeSelector`, `job.affinity`, `job.tolerations` and `job.topologySpreadConstraints` for customizing the - node scheduling + - Added `job.schedulerName` for overriding the default Kubernetes scheduler + - Added `job.dnsConfig` and `job.dnsPolicy` for customizing the DNS resolution + - Added `job.priorityClassName` for defining the pods scheduling importance + - Added `job.nodeSelector`, `job.affinity`, `job.tolerations` and `job.topologySpreadConstraints` for customizing the + node scheduling - Added `persistence.volumeClaimRetentionPolicy` and `proxy.persistence.volumeClaimRetentionPolicy` to control the retention policy of the PVCs when the StatefulSets are scaled and deleted. These configurations are used only for Kubernetes 1.27 and above. @@ -252,18 +267,22 @@ GraphDB Helm 11.0.1 is a patch release that includes bug fixes. ### Fixed -- Updated all cluster jobs to explicitly use `/tmp` as a working directory to avoid permission errors due to the default security +- Updated all cluster jobs to explicitly use `/tmp` as a working directory to avoid permission errors due to the default + security context's `readOnlyRootFilesystem` when the container has a starting folder different from `/tmp`. - Updated all utility scripts to use temporary files under `/tmp` for the same reason. ## Version 11.0.0 -Version 11 of the chart addresses a bunch of legacy issues and aims to provide much better user experience and reliability. +Version 11 of the chart addresses a bunch of legacy issues and aims to provide much better user experience and +reliability. ### Highlights -* Version - The Helm chart is no longer tied with the version of GraphDB and has a separate development and release cycle. -* Naming - Removed hardcoded resource names in favor of using the name templates from [_labels.tpl](templates/_labels.tpl) +* Version - The Helm chart is no longer tied with the version of GraphDB and has a separate development and release + cycle. +* Naming - Removed hardcoded resource names in favor of using the name templates + from [_labels.tpl](templates/_labels.tpl) * Labels - Added the possibility to provide custom labels and annotations to almost every single resource * Implementation Agnostic - Removed the dependency of particular ingress controllers and storage classes * Security - Enabled security context by default @@ -275,12 +294,16 @@ Version 11 of the chart addresses a bunch of legacy issues and aims to provide m - Enabled security context by default for all pods and containers - Updated the GraphDB deployment URL to be http://graphdb.127.0.0.1.nip.io/ by default, see `configuration.externalUrl` - Resource names are no longer hardcoded and are using the templates for `nameOverride` and `fullnameOverride` -- Updated the ingress to be agnostic to the ingress implementation. It will no longer assume that NGINX is the ingress controller in the - cluster and will no longer deploy NGINX specific annotations by default. Removed anything related to NGINX as configurations. -- Removed setting FQDN as hostnames in GraphDB and the proxy in favor of dynamically resolving and configuring the hostnames in the provisioning init +- Updated the ingress to be agnostic to the ingress implementation. It will no longer assume that NGINX is the ingress + controller in the + cluster and will no longer deploy NGINX specific annotations by default. Removed anything related to NGINX as + configurations. +- Removed setting FQDN as hostnames in GraphDB and the proxy in favor of dynamically resolving and configuring the + hostnames in the provisioning init containers - Removed the default value from `global.imageRegistry`, the chart now uses the value from `image.registry` -- Removed `global.storageClass` in favor of using by default the default storage class in the cluster. Templates will no longer +- Removed `global.storageClass` in favor of using by default the default storage class in the cluster. Templates will no + longer use `global.storageClass`. - Renamed `extraLabels` to just `labels` - Moved `images.graphdb` configurations to just `image` @@ -292,23 +315,28 @@ Version 11 of the chart addresses a bunch of legacy issues and aims to provide m - Moved all proxy configurations from `graphdb.clusterProxy` to just `proxy` - Renamed `proxy.persistence.enablePersistence` toggle to just `enabled` - Moved `proxy.serviceType` to `proxy.service.type` -- Configmaps from `graphdb.configs` are now under `configuration`, `repositories`, `cluster` and `security` with a different structure allowing +- Configmaps from `graphdb.configs` are now under `configuration`, `repositories`, `cluster` and `security` with a + different structure allowing better reuse of existing configmaps - Moved `graphdb.clusterConfig` configurations - Moved `graphdb.clusterConfig.nodesCount` to `replicas` - - Moved the rest of `graphdb.clusterConfig` configurations under `cluster`, `cluster.config` and `cluster.config.params` + - Moved the rest of `graphdb.clusterConfig` configurations under `cluster`, `cluster.config` and + `cluster.config.params` - Moved `graphdb.security` configurations to `security` - Moved `provisioningUsername` and `provisioningPassword` under `security.provisioner` - Moved job related configurations from `graphdb` (e.g. `graphdb.jobResources`) to a new root section `jobs` - Moved `graphdb.node.service` configurations to `headlessService` - Moved `graphdb.import_directory_mount` configurations to `import.volumeMount` -- Renamed `pdb` to `podDisruptionBudget` and renamed `podDisruptionBudget.create` to `podDisruptionBudget.enabled` for consistency +- Renamed `pdb` to `podDisruptionBudget` and renamed `podDisruptionBudget.create` to `podDisruptionBudget.enabled` for + consistency - Renamed `messageSize` to `messageSizeKB` in the cluster creation configuration in `cluster.config.params` -- Renamed `java_args` to `defaultJavaArguments` and added a separate `javaArguments` that can be used for additional configurations, +- Renamed `java_args` to `defaultJavaArguments` and added a separate `javaArguments` that can be used for additional + configurations, see `configuration` and `proxy.configuration` - Removed configuration overrides from the default `GDB_JAVA_OPTS`: `enable-context-index`, `entity-pool-implementation` and `health.max.query.time.seconds` -- Removed the default logback XML configuration and configmap in favor of an [example](examples/custom-logback) and a new configuration options +- Removed the default logback XML configuration and configmap in favor of an [example](examples/custom-logback) and a + new configuration options under `configuration.logback` and `proxy.configuration.logback` - Renamed GraphDB storage PVC template name prefix to `storage` and server import folder to `import` - Moved `persistence.volumeClaimTemplateSpec` to `persistence.volumeClaimTemplate.spec` @@ -334,57 +362,77 @@ Version 11 of the chart addresses a bunch of legacy issues and aims to provide m - Added `image.digest` to optionally provide an expected digest of the image - Added `annotations` for additional common annotations across all resources - Added separate `proxy.labels` and `proxy.annotations` configurations for the cluster proxy -- Added new `global.clusterDomain` for reconfiguring the default Kubernetes cluster domain suffix in case it is different than `cluster.local` -- Added `namespaceOverride` for overriding the deployment namespace for all resources in case of multi-namespace deployment +- Added new `global.clusterDomain` for reconfiguring the default Kubernetes cluster domain suffix in case it is + different than `cluster.local` +- Added `namespaceOverride` for overriding the deployment namespace for all resources in case of multi-namespace + deployment - Added new configuration options for the default ingress `ingress`: - Ability to override the `host` and `path` for GraphDB from `configuration.externalUrl` - Ability to change the Ingress path type with `ingress.pathType` - Inserting additional hosts and TLS configurations with `ingress.extraHosts` and `ingress.extraTLS` - Added `security.admin` for configuring the initial password of the administrator user - Added `security.initialUsers.users` for inserting additional users into the default initial user.js configuration -- Added `security.provisioner.existingSecret` and `security.provisioner.tokenKey` to provide an existing authentication token -- Added `cluster.token.existingSecret` and `cluster.token.secretKey` for using an existing Secret instead of providing the cluster secret +- Added `security.provisioner.existingSecret` and `security.provisioner.tokenKey` to provide an existing authentication + token +- Added `cluster.token.existingSecret` and `cluster.token.secretKey` for using an existing Secret instead of providing + the cluster secret token as plaintext in values.yaml - Added `cluster.config.existingConfigmap` to specify a custom configmap key if needed -- Added `configuration.properties` and `proxy.configuration.properties` for appending additional inline GraphDB configurations in their properties +- Added `configuration.properties` and `proxy.configuration.properties` for appending additional inline GraphDB + configurations in their properties configmaps -- Added `configuration.secretProperties` and `proxy.secretProperties` for appending additional inline sensitive GraphDB configurations if needed -- Added `configuration.extraProperties.existingConfigmap` and `proxy.configuration.extraProperties.existingConfigmap` for appending GraphDB properties +- Added `configuration.secretProperties` and `proxy.secretProperties` for appending additional inline sensitive GraphDB + configurations if needed +- Added `configuration.extraProperties.existingConfigmap` and `proxy.configuration.extraProperties.existingConfigmap` + for appending GraphDB properties from an existing ConfigMap resource -- Added `configuration.extraProperties.existingSecret` and `proxy.configuration.extraProperties.existingSecret` for appending GraphDB properties from +- Added `configuration.extraProperties.existingSecret` and `proxy.configuration.extraProperties.existingSecret` for + appending GraphDB properties from an existing Secret resource - Added a Service for single GraphDB deployments, configured with new configurations under `service` -- Added new configurations for the Service resources `service`, `headlessService`, `proxy.service` and `proxy.headlessService`: +- Added new configurations for the Service resources `service`, `headlessService`, `proxy.service` and + `proxy.headlessService`: - Added `labels` configurations for insertion of additional labels - Added `ports` mappings in each Service - Added `extraPorts` for mapping additional ports, use in combination with `extraContainerPorts` - Added `containerPorts` and `proxy.containerPorts` for mapping the ports on which GraphDB listens on - Added `extraContainerPorts` and `proxy.extraContainerPorts` to open additional container ports -- Added `service.externalTrafficPolicy` and `service.proxy.externalTrafficPolicy` to override the policy to Local if needed -- Added `service.healthCheckNodePort` and `service.proxy.healthCheckNodePort` to define a specific node port for LB health checks -- Added `service.loadBalancerClass` and `service.proxy.loadBalancerClass` to select a specific load balancer implementation -- Added `service.loadBalancerSourceRanges` and `service.proxy.loadBalancerSourceRanges` to restrict the external ingress traffic from the LB +- Added `service.externalTrafficPolicy` and `service.proxy.externalTrafficPolicy` to override the policy to Local if + needed +- Added `service.healthCheckNodePort` and `service.proxy.healthCheckNodePort` to define a specific node port for LB + health checks +- Added `service.loadBalancerClass` and `service.proxy.loadBalancerClass` to select a specific load balancer + implementation +- Added `service.loadBalancerSourceRanges` and `service.proxy.loadBalancerSourceRanges` to restrict the external ingress + traffic from the LB - Added `service.externalIPs` and `service.proxy.externalIPs` to use existing external IPs -- Added `persistence.emptyDir` and `proxy.persistence.emptyDir` configurations for an emptyDir volume that will be used when the persistence is +- Added `persistence.emptyDir` and `proxy.persistence.emptyDir` configurations for an emptyDir volume that will be used + when the persistence is disabled - Added `tempVolume` configurations for an emptyDir volume mapped to the /tmp folder in the GraphDB containers - Added configurations for extra `labels` and `annotations` for all persistent volume claim - templates: `persistence.volumeClaimTemplate`, `proxy.persistence.volumeClaimTemplate` and `import.volumeMount.volumeClaimTemplate` + templates: `persistence.volumeClaimTemplate`, `proxy.persistence.volumeClaimTemplate` and + `import.volumeMount.volumeClaimTemplate` - Added `imagePullPolicy` configuration to the Jobs containers - Added `jobs.backoffLimit` for configuring the retry count for all jobs - Added `jobs.ttlSecondsAfterFinished` for configuring the time in seconds for all jobs before deleting finished pods - Added `jobs.persistence.emptyDir` configurations for the default temporary storage for all jobs -- Added `proxy.command` and `proxy.args` that override the default container entrypoint and command, use for troubleshooting +- Added `proxy.command` and `proxy.args` that override the default container entrypoint and command, use for + troubleshooting - Added `proxy.pdb` for configuring a pod disruption budget for the GraphDB Proxy - Added `proxy.logback` configurations for providing the proxy with a custom Logback XML configuration -- Added `proxy.initContainerSecurityContext` and `proxy.initContainerResources` to avoid using the configurations from GraphDB -- Added `automountServiceAccountToken` with default value `false` effectively ejecting the service account token by default +- Added `proxy.initContainerSecurityContext` and `proxy.initContainerResources` to avoid using the configurations from + GraphDB +- Added `automountServiceAccountToken` with default value `false` effectively ejecting the service account token by + default - Added `updateStrategy` and `proxy.updateStrategy` for controlling the strategy when updating pods - Added `podManagementPolicy` and `proxy.podManagementPolicy` for configuring how the pods are created and scaled - Added `schedulerName` and `proxy.schedulerName` for overriding the default Kubernetes scheduler - Added `dnsConfig`, `dnsPolicy`, `proxy.dnsConfig` and `proxy.dnsPolicy` for customizing the DNS resolution if needed -- Added `extraContainers` and `proxy.extraContainers` for inserting additional containers into the pods of GraphDB and the GraphDB proxy -- Added `initContainerDataPermissions` and `proxy.initContainerDataPermissions` for changing permissions in the storage volumes if needed +- Added `extraContainers` and `proxy.extraContainers` for inserting additional containers into the pods of GraphDB and + the GraphDB proxy +- Added `initContainerDataPermissions` and `proxy.initContainerDataPermissions` for changing permissions in the storage + volumes if needed - Added `extraVolumeClaimTemplates` and `proxy.extraVolumeClaimTemplates` - Added `extraObjects` as a way to insert additional Kubernetes objects into the deployment - Added `priorityClassName` and `proxy.priorityClassName` configurations @@ -400,10 +448,12 @@ Version 11 of the chart addresses a bunch of legacy issues and aims to provide m - Service resources and probes now refer to the target ports by their nicknames instead of explicit port numbers - Added trimming when loading files in the configmaps and secrets - Cluster jobs now automatically resolve the cluster domain -- Removed `files/config/graphdb.properties` and `files/config/proxy/graphdb.properties` and moved any defined properties directly into the ConfigMap +- Removed `files/config/graphdb.properties` and `files/config/proxy/graphdb.properties` and moved any defined properties + directly into the ConfigMap declarations - Moved GraphDB specific properties from `GDB_JAVA_OPTS` into the properties ConfigMaps -- Added `-XX:-UseCompressedOops` in the default Java arguments to allow allocating heap sizes larger than 32GBs when the max heap size is based on +- Added `-XX:-UseCompressedOops` in the default Java arguments to allow allocating heap sizes larger than 32GBs when the + max heap size is based on the `-XX:MaxRAMPercentage` Java option - Ejected the default service account token in the GraphDB proxy pods - Overhauled NOTES.txt to be more helpful @@ -416,7 +466,8 @@ Version 11 of the chart addresses a bunch of legacy issues and aims to provide m ### New -- Added `graphdb.node.extraInitContainers` and `graphdb.clusterProxy.extraInitContainers` that allows for the insertion of custom init containers to +- Added `graphdb.node.extraInitContainers` and `graphdb.clusterProxy.extraInitContainers` that allows for the insertion + of custom init containers to both GraphDB and its proxy - Added `graphdb.clusterConfig.transactionLogMaximumSizeGB` configuration for the cluster creation JSON configuration. - Added `graphdb.clusterConfig.existingClusterConfig` for providing a custom cluster creation JSON configuration. @@ -424,7 +475,8 @@ Version 11 of the chart addresses a bunch of legacy issues and aims to provide m ### Fixed - Fixed URLs in the [README.md](README.md) that refer to the official GraphDB documentation. -- Fixed the cluster creation JSON configuration to use `messageSizeKB` instead of `messageSize`, see `graphdb.clusterConfig.messageSize`. +- Fixed the cluster creation JSON configuration to use `messageSizeKB` instead of `messageSize`, see + `graphdb.clusterConfig.messageSize`. ## Version 10.6.0 @@ -446,7 +498,8 @@ Version 11 of the chart addresses a bunch of legacy issues and aims to provide m ## Version 10.4.1 -- Added configurations for specifying resource values for all remaining containers, see `graphdb.node.initContainerResources` +- Added configurations for specifying resource values for all remaining containers, see + `graphdb.node.initContainerResources` and `graphdb.jobResources`. ## Version 10.3.1-R2 @@ -459,30 +512,35 @@ Version 11 of the chart addresses a bunch of legacy issues and aims to provide m ### New -- Added configurations for extra service annotations, see `graphdb.node.service.annotations`, `graphdb.clusterProxy.service.annotations` +- Added configurations for extra service annotations, see `graphdb.node.service.annotations`, + `graphdb.clusterProxy.service.annotations` and `graphdb.clusterProxy.headlessService.annotations` ## Version 10.2.3 ### New -- Added configurations for overriding graphdb-node's command and arguments, see `graphdb.node.command` and `graphdb.node.args` +- Added configurations for overriding graphdb-node's command and arguments, see `graphdb.node.command` and + `graphdb.node.args` - Added configurations for Pod Disruption Budget for the GraphDB nodes, see `graphdb.pdb` -- Added `graphdb-proxy-properties-configmap.yaml` to load graphdb.properties containing the cluster node addresses into the cluster-proxy +- Added `graphdb-proxy-properties-configmap.yaml` to load graphdb.properties containing the cluster node addresses into + the cluster-proxy ### Changed - Removed `versions` field as it is not really used nor needed - Removed the license provisioning init container in favor of directly mounting the license - Removed unused `graphdb-node-storage` volume mount -- Removed the node addresses from the `graphdb-cluster-proxy-configmap.yaml` to prevent cluster proxy restarting on cluster scale up/down +- Removed the node addresses from the `graphdb-cluster-proxy-configmap.yaml` to prevent cluster proxy restarting on + cluster scale up/down - Updated the resources to not set CPU limits in order to avoid CPU throttling, lowered the default CPU requirements ## Version 10.2.2 ### New -- Added configurations for extra env vars in the nodes and cluster proxies, see `graphdb.node.envFrom` and `graphdb.clusterProxy.extraEnv`. +- Added configurations for extra env vars in the nodes and cluster proxies, see `graphdb.node.envFrom` and + `graphdb.clusterProxy.extraEnv`. - Added configurations for changing the `revisionHistoryLimit` for nodes and cluster proxies. - Added configurations for adding extra `podLabels` and `podAnnotations` for both the nodes and cluster proxies. - Added configurations for `terminationGracePeriodSeconds` to both the nodes and cluster proxies. @@ -504,11 +562,14 @@ Version 11 of the chart addresses a bunch of legacy issues and aims to provide m - Changed the provision user credentials to be used through a secret instead of rendering inside the jobs - Changed the logback.xml and graphdb.properties provisioning to work even if such are already present - Changed the graphdb-cluster-config-configmap map to not render when there is no cluster -- Changed the default values of nodeSelector, affinity, tolerations and topologySpreadConstraints to be a part of the values.yaml file +- Changed the default values of nodeSelector, affinity, tolerations and topologySpreadConstraints to be a part of the + values.yaml file instead of inside the statefulsets -- Updated default clusterConfig.electionMinTimeout and clusterConfig.electionRangeTimeout to the current GraphDB defaults +- Updated default clusterConfig.electionMinTimeout and clusterConfig.electionRangeTimeout to the current GraphDB + defaults - Updated the cluster proxy probes settings, so it can become available sooner -- Updated the cluster and repositories jobs with simpler arguments removing the need to copy scripts and to make them executable +- Updated the cluster and repositories jobs with simpler arguments removing the need to copy scripts and to make them + executable - Added ephemeral volumes in the cluster and repositories jobs to avoid issues with readonly file systems ## Version 10.2.0-R2 @@ -540,7 +601,8 @@ Version 11 of the chart addresses a bunch of legacy issues and aims to provide m ### Breaking -- The graphdb-node service now is always headless. If you installed Version 10.0.0 with `graphdb.clusterConfig.nodesCount` set to `1` you +- The graphdb-node service now is always headless. If you installed Version 10.0.0 with + `graphdb.clusterConfig.nodesCount` set to `1` you will have to delete the service prior to an update ### New @@ -554,7 +616,8 @@ Version 11 of the chart addresses a bunch of legacy issues and aims to provide m ### Breaking -New major release that isn't compatible with the old chart, due to major breaking changes in Graphdb 10. Migration steps can be found +New major release that isn't compatible with the old chart, due to major breaking changes in Graphdb 10. Migration steps +can be found [here](README.md#cluster-migration-from-graphdb-9x-to-100). ### New @@ -574,10 +637,12 @@ New major release that isn't compatible with the old chart, due to major breakin ### New -- Added global variables support (global.deployment.host/global.ingressHost, global.storageClass, global.imagePullSecrets and +- Added global variables support (global.deployment.host/global.ingressHost, global.storageClass, + global.imagePullSecrets and global.imageRegistry) - Add ability to override logback.xml by setting `deplyment.logbackConfigFile` to the location of the file to use -- Set additional JMX attributes using `graphdb.masters.additionalJmxArrtibutes`. This is a map of attr_name=attr_value pairs +- Set additional JMX attributes using `graphdb.masters.additionalJmxArrtibutes`. This is a map of attr_name=attr_value + pairs - Fixed loadrdf tool path - Moved to dynamic volume provisioning by default (volumeClaimTemplates), old default pvc/pv's are still available - Added JDBC driver support for Ontop functionality diff --git a/Chart.yaml b/Chart.yaml index bb1209f3..7b81272b 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -5,7 +5,7 @@ apiVersion: v2 name: graphdb description: GraphDB is a highly efficient, scalable and robust graph database with RDF and SPARQL support. type: application -version: 12.3.0 +version: 12.3.1 appVersion: 11.3.0 kubeVersion: ^1.26.0-0 home: https://graphdb.ontotext.com/ diff --git a/files/scripts/graphdb.sh b/files/scripts/graphdb.sh index afd6eee6..cabe2e06 100755 --- a/files/scripts/graphdb.sh +++ b/files/scripts/graphdb.sh @@ -140,9 +140,8 @@ function cloudBackup { -o "${response}" \ -w "Status=%{response_code}" \ --header "Authorization: Basic ${GRAPHDB_AUTH_TOKEN}" \ - --header 'Content-Type: application/json' \ --header 'Accept: application/json' \ - --data-binary "${backup_options}" \ + --form-string "params=${backup_options}" \ --url "${GRAPHDB_PROTOCOL}://${GRAPHDB_SERVICE_NAME}:${GRAPHDB_SERVICE_PORT}/rest/recovery/cloud-backup") if ! echo "${response_status}" | grep -q 'Status=200' ; then diff --git a/templates/graphdb/statefulset.yaml b/templates/graphdb/statefulset.yaml index 7a94d12a..e4cdc05b 100644 --- a/templates/graphdb/statefulset.yaml +++ b/templates/graphdb/statefulset.yaml @@ -439,8 +439,10 @@ spec: volumeMounts: - name: {{ .Values.persistence.volumeClaimTemplate.name }} mountPath: /opt/graphdb/home + {{- if .Values.tempVolume.enabled }} - name: temp-dir mountPath: /tmp + {{- end }} {{- if .Values.license.existingSecret }} - name: graphdb-license mountPath: {{ .Values.license.mountPath }} diff --git a/templates/jobs/secret-backup-options.yaml b/templates/jobs/secret-backup-options.yaml index dbc635ff..299bcd0a 100644 --- a/templates/jobs/secret-backup-options.yaml +++ b/templates/jobs/secret-backup-options.yaml @@ -1,4 +1,9 @@ {{- if and .Values.backup.enabled (not .Values.backup.optionsSecret.existingSecret) }} +{{- $options := dict }} +{{- if eq .Values.backup.type "cloud" -}} + {{- $options = set $options "bucketUri" (required "backup.cloud.bucketUri is required" .Values.backup.cloud.bucketUri) -}} +{{- end -}} +{{- $options = merge (default dict .Values.backup.options) $options -}} apiVersion: v1 kind: Secret metadata: @@ -13,10 +18,5 @@ metadata: type: Opaque stringData: {{ .Values.backup.optionsSecret.secretKey }}: | - { - "backupOptions": {{- .Values.backup.options | toPrettyJson | nindent 8 }} - {{- if eq .Values.backup.type "cloud" }}, - "bucketUri": {{ required "backup.cloud.bucketUri is required" .Values.backup.cloud.bucketUri | quote }} - {{- end }} - } + {{- $options | toPrettyJson | nindent 4 }} {{- end }} diff --git a/values.yaml b/values.yaml index 79f43f6f..923a8774 100644 --- a/values.yaml +++ b/values.yaml @@ -768,8 +768,8 @@ backup: # Ref: https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/#time-zones timezone: "" - # Backup options that will be injected as JSON in the default backup options Secret. \ - # These configurations define the backup behaviour such as including or excluding repositories or system data. + # Backup options that will be injected as JSON in the default backup options Secret. + # These configurations define the backup behavior such as including or excluding repositories or system data. # # Ref: https://graphdb.ontotext.com/documentation/11.3/backup-and-restore.html#backup-options options: From 34df4eff90c338047a3efd14fd4afa050edd9593 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Wed, 25 Feb 2026 11:56:03 +0000 Subject: [PATCH 2/2] Updated the README --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 75efc3c3..7aa6362a 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # Helm Chart for GraphDB [![CI](https://github.com/Ontotext-AD/graphdb-helm/actions/workflows/ci.yml/badge.svg)](https://github.com/Ontotext-AD/graphdb-helm/actions/workflows/ci.yml) -![Version: 12.3.0](https://img.shields.io/badge/Version-12.3.0-informational?style=flat-square) +![Version: 12.3.1](https://img.shields.io/badge/Version-12.3.1-informational?style=flat-square) ![AppVersion: 11.3.0](https://img.shields.io/badge/AppVersion-11.3.0-informational?style=flat-square)