PCT: Change the Connect default to use OHE#672
Conversation
tnederlof
requested review from
aronatkins,
christierney,
dbkegley and
zackverham
as code owners
|
It looks like the install in CI is failing because there is no PVC. I am not familiar with the testing infrastructure. Is there a way to mock up storage in these tests? It seems this error is reasonable if a customer is trying to setup without sharedStorage. |
|
@jforest In the comment above, is this the part of the testing infra you worked on? |
This is the install testing, yes. This is triggered because the chart requires a pvc when https://github.com/rstudio/helm/blob/main/ci/rstudio-connect/install/license-file-values.yaml is the only set of install testing configs. Each file in that directory will be used for a different install test. These tests are run by the chart testing tool. The lint tests are also run by that tool. Would you like to set up a time to talk through how all the testing is set up? |
|
@jforest gave me a walkthrough of the testing and was able to adjust the CI run so it creates a PVC so tests pass now. This should be ready for review. |
* main: (59 commits) By, by, by Update helm-docs and README.md Add product docs link Add product docs link Update helm-docs and README.md Reword Workbench API key section Trigger CI Update helm-docs and README.md Improvements and fixes to the README agent sections Update helm-docs and README.md Improvements and fixes to values and documentation Trigger CI Update helm-docs and README.md Add `chronicleAgent.agentEnvironment` value and set `CHRONICLE_AGENT_ENVIRONMENT` if it is defined Trigger CI Update helm-docs and README.md Add securityContext for Chronicle agent container with expectation of non-root and unprivileged execution Trigger CI Trigger CI Change `chart` to `release` when refering to existing install ...
bschwedler
force-pushed
the
tn-change-connect-default
branch
from
baa9969 to
2677ba2
Compare
bschwedler
force-pushed
the
tn-change-connect-default
branch
2 times, most recently
from
60b623f to
fd9a2c0
Compare
* main: Bump Workbench to 2025.05.1 Use latest chart-releaser action and cr.yaml config Bump Package Manager version to 2025.04.2 NEWS and versions remove CA enrollment simpler certification copying; remove unused variables Specify major version for Actions Update helm/kind-action to latest Add .helmignore to .helmignore so chart-testing ignores changes Use helmignore for chart-testing and unittest Move test files into chart directories Update .helmignore to skip test directories. Add launcher project to what can be tagged trigger ci Update helm-docs and README.md Bump Connect to version 2025.05.0
bschwedler
force-pushed
the
tn-change-connect-default
branch
from
fd9a2c0 to
dcf9a1b
Compare
|
@aronatkins @dbkegley @zackverham |
|
I don't see any issues besides the obvious one where customers will accidentally enable off-host after this upgrade. That said, I'm happy to see us finally changing the chart default. |
Yes, hopefully it doesn't happen to often but I will give support a heads up. Glad to see it happen! |
6 participants
This PR changes the Connect chart to run in OHE mode by default instead of the current default (service and content runs in the same pod(s)). I think this default makes more sense as its the way we at Posit advise customers to run Connect in Kubernetes and it is the only Kubernetes configuration documented in the admin guide.
This is also important for customers who have Pod Security Standards or other mechanisms set to disallow privileged execution. The current chart runs with
securityContext.privileged: true, which causes issues for these customers until they know to switch this setting. This PR will eliminate that need.Bumped the minor version and added a section to the README template to make it more prominent the potentially breaking change (for customers who are not running in OHE).
Once this merges, the documentation here can be simplified (don't need to explicitly have folks add
launcher.enabled: true. https://docs.posit.co/connect/admin/getting-started/off-host-install/configure-helm-chart/Closes: #436