helm-charts/ntfy/templates/setup/job.yaml

{{- if .Values.ntfy.webPush.keys.create }}
---
{{- $fullname := (include "ntfy.fullname" .) }}
apiVersion: batch/v1
kind: Job
metadata:
  name: {{ $fullname }}-setup
  labels:
    {{- include "ntfy.labels" . | nindent 4 }}
    app.kubernetes.io/component: setup-job
spec:
  template:
    metadata:
      labels:
        {{- include "ntfy.labels" . | nindent 8 }}
        app.kubernetes.io/component: setup-job
    spec:
      restartPolicy: "Never"
      serviceAccount: {{ $fullname }}-setup
      containers:
        - name: upload-config
          image: "{{ .Values.kubectl.image.registry }}/{{ .Values.kubectl.image.repository }}:{{ .Values.kubectl.image.tag }}"
          command:
            - sh
            - -c
            - |
              # check if key already exists
              key=$(kubectl get secret {{ $fullname }}-env -o jsonpath="{.data['NTFY_WEB_PUSH_PRIVATE_KEY']}" 2> /dev/null)
              [ $? -ne 0 ] && echo "Failed to get existing secret" && exit 1
              [ -n "$key" ] && echo "Config already created, exiting." && exit 0
              # wait for config
              while [ ! -f /data/output ]; do
                echo "Waiting for config.."
                sleep 5;
              done
              # update secret
              public=$(grep -Po 'web-push-public-key: \K[^$]*' /data/output)
              private=$(grep -Po 'web-push-private-key: \K[^$]*' /data/output)
              kubectl patch secret {{ $fullname }}-env -p '{"data":{"NTFY_WEB_PUSH_PRIVATE_KEY":"'$(echo -n "$private" | base64 -w 0)'","NTFY_WEB_PUSH_PUBLIC_KEY":"'$(echo -n "$public" | base64 -w 0)'"}}'
              [ $? -ne 0 ] && echo "Failed to update secret." && exit 1
              echo "VAPID/WebPush successfully setup with public-key: ${public}"
          volumeMounts:
            - mountPath: /data/
              name: data
              readOnly: true
        - name: generate-config
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default (printf "v%s" .Chart.AppVersion) }}"
          command:
            - sh 
            - -c
            - ntfy webpush keys 2> /data/output
          volumeMounts:
            - mountPath: /data/
              name: data
      volumes:
        - name: data
          emptyDir: {}
  parallelism: 1
  completions: 1
  backoffLimit: 1
{{- end }}
feat(ntfy): add web push support 2024-07-26 02:21:20 +02:00			`{{- if .Values.ntfy.webPush.keys.create }}`
			`---`
			`{{- $fullname := (include "ntfy.fullname" .) }}`
			`apiVersion: batch/v1`
			`kind: Job`
			`metadata:`
			`name: {{ $fullname }}-setup`
			`labels:`
			`{{- include "ntfy.labels" . \| nindent 4 }}`
			`app.kubernetes.io/component: setup-job`
			`spec:`
			`template:`
			`metadata:`
			`labels:`
			`{{- include "ntfy.labels" . \| nindent 8 }}`
			`app.kubernetes.io/component: setup-job`
			`spec:`
			`restartPolicy: "Never"`
			`serviceAccount: {{ $fullname }}-setup`
			`containers:`
			`- name: upload-config`
			`image: "{{ .Values.kubectl.image.registry }}/{{ .Values.kubectl.image.repository }}:{{ .Values.kubectl.image.tag }}"`
			`command:`
			`- sh`
			`- -c`
			`- \|`
			`# check if key already exists`
			`key=$(kubectl get secret {{ $fullname }}-env -o jsonpath="{.data['NTFY_WEB_PUSH_PRIVATE_KEY']}" 2> /dev/null)`
			`[ $? -ne 0 ] && echo "Failed to get existing secret" && exit 1`
			`[ -n "$key" ] && echo "Config already created, exiting." && exit 0`
			`# wait for config`
			`while [ ! -f /data/output ]; do`
			`echo "Waiting for config.."`
			`sleep 5;`
			`done`
			`# update secret`
			`public=$(grep -Po 'web-push-public-key: \K[^$]*' /data/output)`
			`private=$(grep -Po 'web-push-private-key: \K[^$]*' /data/output)`
			`kubectl patch secret {{ $fullname }}-env -p '{"data":{"NTFY_WEB_PUSH_PRIVATE_KEY":"'$(echo -n "$private" \| base64 -w 0)'","NTFY_WEB_PUSH_PUBLIC_KEY":"'$(echo -n "$public" \| base64 -w 0)'"}}'`
			`[ $? -ne 0 ] && echo "Failed to update secret." && exit 1`
			`echo "VAPID/WebPush successfully setup with public-key: ${public}"`
			`volumeMounts:`
			`- mountPath: /data/`
			`name: data`
			`readOnly: true`
			`- name: generate-config`
			`image: "{{ .Values.image.repository }}:{{ .Values.image.tag \| default (printf "v%s" .Chart.AppVersion) }}"`
			`command:`
			`- sh`
			`- -c`
			`- ntfy webpush keys 2> /data/output`
			`volumeMounts:`
			`- mountPath: /data/`
			`name: data`
			`volumes:`
			`- name: data`
			`emptyDir: {}`
			`parallelism: 1`
			`completions: 1`
			`backoffLimit: 1`
			`{{- end }}`