chore: unify strategy options (#626)

helm/charts/example-idp/Chart.yaml

@@ -1,6 +1,8 @@
 apiVersion: v2
 appVersion: "1.4.6"
-description: A Helm chart for deploying the reference implementation for the User Login and Consent Flow in Kubernetes
+description:
+  A Helm chart for deploying the reference implementation for the User Login and
+  Consent Flow in Kubernetes
 name: example-idp
 version: 0.33.5
 type: application

helm/charts/hydra/README.md

@@ -79,7 +79,8 @@ A Helm chart for deploying ORY Hydra in Kubernetes
 | deployment.serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
 | deployment.serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
 | deployment.startupProbe | object | `{"failureThreshold":60,"periodSeconds":1,"successThreshold":1,"timeoutSeconds":1}` | Default probe timers |
-| deployment.strategy.rollingUpdate | object | `{}` |  |
+| deployment.strategy.rollingUpdate.maxSurge | string | `"25%"` |  |
+| deployment.strategy.rollingUpdate.maxUnavailable | string | `"25%"` |  |
 | deployment.strategy.type | string | `"RollingUpdate"` |  |
 | deployment.tolerations | list | `[]` | Configure node tolerations. |
 | deployment.topologySpreadConstraints | list | `[]` | Configure pod topologySpreadConstraints. |

helm/charts/hydra/values.yaml

@@ -178,7 +178,9 @@ hydra:
 deployment:
   strategy:
     type: RollingUpdate
-    rollingUpdate: {}
+    rollingUpdate:
+      maxSurge: "25%"
+      maxUnavailable: "25%"
 
   # -- We usually recommend not to specify default resources and to leave this as a conscious choice for the user.
   #  This also increases chances charts run on environments with little

helm/charts/keto/README.md

@@ -22,7 +22,7 @@ Access Control Policies as a Server
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
 | configmap.hashSumEnabled | bool | `true` | switch to false to prevent checksum annotations being maintained and propogated to the pods |
-| deployment | object | `{"affinity":{},"annotations":{},"automigration":{"extraEnv":[]},"automountServiceAccountToken":true,"autoscaling":{"enabled":false,"maxReplicas":100,"minReplicas":1,"targetCPU":{},"targetMemory":{}},"customLivenessProbe":{},"customReadinessProbe":{},"customStartupProbe":{},"dnsConfig":{},"extraContainers":"","extraEnv":[],"extraInitContainers":{},"extraLabels":{},"extraPorts":[],"extraVolumeMounts":[],"extraVolumes":[],"lifecycle":{},"livenessProbe":{"failureThreshold":5,"initialDelaySeconds":5,"periodSeconds":10},"nodeSelector":{},"podAnnotations":{},"podMetadata":{"annotations":{},"labels":{}},"podSecurityContext":{},"readinessProbe":{"failureThreshold":5,"initialDelaySeconds":5,"periodSeconds":10},"resources":{},"startupProbe":{"failureThreshold":60,"periodSeconds":1,"successThreshold":1,"timeoutSeconds":1},"tolerations":[],"topologySpreadConstraints":[]}` | Configure the probes for when the deployment is considered ready and ongoing health check |
+| deployment | object | `{"affinity":{},"annotations":{},"automigration":{"extraEnv":[]},"automountServiceAccountToken":true,"autoscaling":{"enabled":false,"maxReplicas":100,"minReplicas":1,"targetCPU":{},"targetMemory":{}},"customLivenessProbe":{},"customReadinessProbe":{},"customStartupProbe":{},"dnsConfig":{},"extraContainers":"","extraEnv":[],"extraInitContainers":{},"extraLabels":{},"extraPorts":[],"extraVolumeMounts":[],"extraVolumes":[],"lifecycle":{},"livenessProbe":{"failureThreshold":5,"initialDelaySeconds":5,"periodSeconds":10},"nodeSelector":{},"podAnnotations":{},"podMetadata":{"annotations":{},"labels":{}},"podSecurityContext":{},"readinessProbe":{"failureThreshold":5,"initialDelaySeconds":5,"periodSeconds":10},"resources":{},"startupProbe":{"failureThreshold":60,"periodSeconds":1,"successThreshold":1,"timeoutSeconds":1},"strategy":{"rollingUpdate":{"maxSurge":"25%","maxUnavailable":"25%"},"type":"RollingUpdate"},"tolerations":[],"topologySpreadConstraints":[]}` | Configure the probes for when the deployment is considered ready and ongoing health check |
 | deployment.annotations | object | `{}` | Add custom annotations to the deployment |
 | deployment.automigration | object | `{"extraEnv":[]}` | Parameters for the automigration initContainer |
 | deployment.automigration.extraEnv | list | `[]` | Array of extra envs to be passed to the initContainer. Kubernetes format is expected - name: FOO   value: BAR |
@@ -46,6 +46,7 @@ Access Control Policies as a Server
 | deployment.podSecurityContext | object | `{}` | Set custom security context for pods |
 | deployment.readinessProbe | object | `{"failureThreshold":5,"initialDelaySeconds":5,"periodSeconds":10}` | Default probe timers |
 | deployment.startupProbe | object | `{"failureThreshold":60,"periodSeconds":1,"successThreshold":1,"timeoutSeconds":1}` | Default probe timers |
+| deployment.strategy | object | `{"rollingUpdate":{"maxSurge":"25%","maxUnavailable":"25%"},"type":"RollingUpdate"}` | Specify pod deployment strategy |
 | deployment.topologySpreadConstraints | list | `[]` | Configure pod topologySpreadConstraints. |
 | extraServices | object | `{}` | Extra services to be deployed |
 | fullnameOverride | string | `""` |  |

helm/charts/keto/templates/deployment.yaml

@@ -38,6 +38,8 @@ spec:
 {{- if not $autoscaling.enabled }}
   replicas: {{ .Values.replicaCount }}
 {{- end }}
+  strategy:
+    {{- toYaml .Values.strategy | nindent 4 }}
   selector:
     matchLabels:
       {{- include "keto.selectorLabels" . | nindent 6 }}

helm/charts/keto/values.yaml

@@ -238,6 +238,12 @@ keto:
 
 # -- Configure the probes for when the deployment is considered ready and ongoing health check
 deployment:
+  # -- Specify pod deployment strategy
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxSurge: "25%"
+      maxUnavailable: "25%"
   # -- DEPRECATED Set custom pod annotations
   podAnnotations: {}
 

helm/charts/kratos/README.md

@@ -161,7 +161,7 @@ A ORY Kratos Helm chart for Kubernetes
 | statefulSet.resources | object | `{}` |  |
 | statefulSet.tolerations | list | `[]` | Configure node tolerations. |
 | statefulSet.topologySpreadConstraints | list | `[]` | Configure pod topologySpreadConstraints. |
-| strategy | object | `{"rollingUpdate":{"maxSurge":"30%","maxUnavailable":0},"type":"RollingUpdate"}` | Deployment update strategy |
+| strategy | object | `{"rollingUpdate":{"maxSurge":"25%","maxUnavailable":"25%"},"type":"RollingUpdate"}` | Deployment update strategy |
 | test.busybox | object | `{"repository":"busybox","tag":1}` | use a busybox image from another repository |
 | watcher | object | `{"enabled":false,"image":"oryd/k8s-toolbox:0.0.5","mountFile":"","podMetadata":{"annotations":{},"labels":{}},"watchLabelKey":"ory.sh/watcher"}` | Configuration of the watcher sidecar |
 | watcher.mountFile | string | `""` | Path to mounted file, which wil be monitored for changes. eg: /etc/secrets/my-secret/foo |

helm/charts/kratos/values.yaml

@@ -7,8 +7,8 @@ replicaCount: 1
 strategy:
   type: RollingUpdate
   rollingUpdate:
-    maxSurge: 30%
-    maxUnavailable: 0
+    maxSurge: "25%"
+    maxUnavailable: "25%"
 
 image:
   # -- ORY KRATOS image

helm/charts/oathkeeper-maester/Chart.yaml

@@ -1,6 +1,7 @@
 apiVersion: v1
 appVersion: "v0.1.8"
-description: A Helm chart for deploying ORY Oathkeeper Rule Controller in Kubernetes
+description:
+  A Helm chart for deploying ORY Oathkeeper Rule Controller in Kubernetes
 name: oathkeeper-maester
 icon: https://raw.githubusercontent.com/ory/docs/master/docs/static/img/logo-oathkeeper.svg
 version: 0.33.5