stable/redmine/README.md
Redmine is a free and open source, web-based project management and issue tracking tool.
Given the stable deprecation timeline, the Bitnami maintained Redmine Helm chart is now located at bitnami/charts.
The Bitnami repository is already included in the Hubs and we will continue providing the same cadence of updates, support, etc that we've been keeping here these years. Installation instructions are very similar, just adding the bitnami repo and using it during the installation (bitnami/<chart> instead of stable/<chart>)
$ helm repo add bitnami https://charts.bitnami.com/bitnami
$ helm install my-release bitnami/<chart> # Helm 3
$ helm install --name my-release bitnami/<chart> # Helm 2
To update an exisiting stable deployment with a chart hosted in the bitnami repository you can execute
$ helm repo add bitnami https://charts.bitnami.com/bitnami
$ helm upgrade my-release bitnami/<chart>
Issues and PRs related to the chart itself will be redirected to bitnami/charts GitHub repository. In the same way, we'll be happy to answer questions related to this migration process in this issue created as a common place for discussion.
$ helm install my-release stable/redmine
This chart bootstraps a Redmine deployment on a Kubernetes cluster using the Helm package manager.
It also packages the Bitnami MariaDB chart and the PostgreSQL chart which are required for bootstrapping a MariaDB/PostgreSQL deployment for the database requirements of the Redmine application.
Bitnami charts can be used with Kubeapps for deployment and management of Helm Charts in clusters. This chart has been tested to work with NGINX Ingress, cert-manager, fluentd and Prometheus on top of the BKPR.
To install the chart with the release name my-release:
$ helm install my-release stable/redmine
The command deploys Redmine on the Kubernetes cluster in the default configuration. The Parameters section lists the parameters that can be configured during installation.
Tip: List all releases using
helm list
To uninstall/delete the my-release deployment:
$ helm delete my-release
The command removes all the Kubernetes components associated with the chart and deletes the release.
This chart includes the option to use a PostgreSQL database for Redmine instead of MariaDB. To use this, set the databaseType parameter to postgresql:
helm install my-release stable/redmine --set databaseType=postgresql
The following table lists the configurable parameters of the Redmine chart and their default values.
| Parameter | Description | Default |
|---|---|---|
global.imageRegistry | Global Docker image registr y | nil |
global.imagePullSecrets | Global Docker registry secret names as an array | [] (does not add image pull secrets to deployed pods) |
global.storageClass | Global storage class for dynamic provisioning | nil |
image.registry | Redmine image registry | docker.io |
image.repository | Redmine image name | bitnami/redmine |
image.tag | Redmine image tag | {TAG_NAME} |
image.pullPolicy | Image pull policy | IfNotPresent |
image.pullSecrets | Specify docker-registry secret names as an array | [] (does not add image pull secrets to deployed pods) |
nameOverride | String to partially override redmine.fullname template | nil |
fullnameOverride | String to fully override redmine.fullname template | nil |
redmineUsername | User of the application | user |
redminePassword | Application password | random 10 character long alphanumeric string |
redmineEmail | Admin email | [email protected] |
redmineLanguage | Redmine default data language | en |
extraVars | Environment variables, passed to redmine | nil |
smtpHost | SMTP host | nil |
smtpPort | SMTP port | nil |
smtpUser | SMTP user | nil |
smtpPassword | SMTP password | nil |
smtpTls | Use TLS encryption with SMTP | nil |
existingSecret | Use existing secret for password details (redminePassword, smtpPassword and externalDatabase.password will be ignored and picked up from this secret). It must contain the keys redmine-password and smtp-password when postgresql.enabled=true or mariadb.enabled=true. In case postgresql.enabled=false and mariadb.enabled=false it must contain the key external-db-password | nil |
databaseType | Select database type | mariadb (allowed values: "mariadb" and "postgresql") |
mariadb.enabled | Whether to deploy a MariaDB server to satisfy the database requirements | true |
mariadb.rootUser.password | MariaDB admin password | nil |
postgresql.enabled | Whether to deploy a PostgreSQL server to satisfy the database requirements | false |
postgresql.postgresqlDatabase | PostgreSQL database | bitnami_redmine |
postgresql.postgresqlUsername | PostgreSQL user | bn_redmine |
postgresql.postgresqlPassword | PostgreSQL password | nil |
externalDatabase.host | Host of the external database | localhost |
externalDatabase.name | Name of the external database | localhost |
externalDatabase.user | External db user | user |
externalDatabase.password | Password for the db user | "" |
externalDatabase.port | Database port number | 3306 |
service.type | Kubernetes Service type | LoadBalancer |
service.port | Service HTTP port | 80 |
service.nodePorts.http | Kubernetes http node port | "" |
service.externalTrafficPolicy | Enable client source IP preservation | Cluster |
service.loadBalancerIP | LoadBalancer service IP address | "" |
service.loadBalancerSourceRanges | An array of load balancer sources | 0.0.0.0/0 |
serviceAccount.create | Specifies whether a ServiceAccount should be created | false |
serviceAccount.name | The name of the ServiceAccount to create | Generated using the redmine.fullname macro |
ingress.enabled | Enable ingress controller resource | false |
ingress.certManager | Add annotations for cert-manager | false |
ingress.hostname | Default host for the ingress resource | redmine.local |
ingress.tls | Enable TLS configuration | false |
ingress.annotations | Ingress annotations | {} |
ingress.extraHosts[0].name | Extra hosts for your Redmine installation | nil |
ingress.extraHosts[0].path | Path within the url structure | nil |
ingress.extraTls[0].hosts[0] | Extra TLS hosts | nil |
ingress.extraTls[0].secretName | TLS Secret (certificates) for extra TLS hosts | nil |
ingress.secrets[0].name | TLS Secret Name | nil |
ingress.secrets[0].certificate | TLS Secret Certificate | nil |
ingress.secrets[0].key | TLS Secret Key | nil |
nodeSelector | Node labels for pod assignment | {} (The value is evaluated as a template) |
tolerations | List of node taints to tolerate | [] (The value is evaluated as a template) |
affinity | Map of node/pod affinities | {} (The value is evaluated as a template) |
podAnnotations | Pod annotations | {} |
persistence.enabled | Enable persistence using PVC | true |
persistence.existingClaim | The name of an existing PVC | nil |
persistence.storageClass | PVC Storage Class | nil (uses alpha storage class annotation) |
persistence.accessMode | PVC Access Mode | ReadWriteOnce |
persistence.size | PVC Storage Request | 8Gi |
podDisruptionBudget.enabled | Pod Disruption Budget toggle | false |
podDisruptionBudget.minAvailable | Minimum available pods | nil |
podDisruptionBudget.maxUnavailable | Maximum unavailable pods | nil |
replicas | The number of pod replicas | 1 |
resources | Resources allocation (Requests and Limits) | {} |
securityContext | SecurityContext | {} |
livenessProbe.enabled | would you like a livenessProbe to be enabled | true |
livenessProbe.initialDelaySeconds | Delay before liveness probe is initiated | 300 |
livenessProbe.periodSeconds | How often to perform the probe | 10 |
livenessProbe.timeoutSeconds | When the probe times out | 5 |
livenessProbe.successThreshold | Minimum consecutive successes for the probe | 1 |
livenessProbe.failureThreshold | Minimum consecutive failures for the probe | 3 |
readinessProbe.enabled | would you like a readinessProbe to be enabled | true |
readinessProbe.initialDelaySeconds | Delay before readiness probe is initiated | 5 |
readinessProbe.periodSeconds | How often to perform the probe | 10 |
readinessProbe.timeoutSeconds | When the probe times out | 1 |
readinessProbe.successThreshold | Minimum consecutive successes for the probe | 1 |
readinessProbe.failureThreshold | Minimum consecutive failures for the probe | 3 |
mailReceiver.enabled | Whether to enable scheduled mail-to-task CronJob | false |
mailReceiver.schedule | Kubernetes CronJob schedule | */5 * * * * |
mailReceiver.suspend | Whether to create suspended CronJob | true |
mailReceiver.image.registry | Mail to Task image registry | docker.io |
mailReceiver.image.repository | Mail to Task image repository | bitnami/redmine |
mailReceiver.image.tag | Mail to Task image tag | {TAG_NAME} |
mailReceiver.image.pullPolicy | Mail to Task image pull policy | IfNotPresent |
mailReceiver.mailProtocol | Mail protocol to use for reading emails: IMAP or POP3 | IMAP |
mailReceiver.host | Server to receive emails from | "" |
mailReceiver.port | TCP port on the host | 143 |
mailReceiver.username | Login to authenticate on the host | "" |
mailReceiver.password | Password to authenticate on the host | "" |
mailReceiver.ssl | Whether use SSL/TLS to connect to the host | true |
mailReceiver.startTLS | Whether use StartTLS to connect to the host | false |
mailReceiver.imapFolder | IMAP only. Folder to read emails from | INBOX |
mailReceiver.moveOnsuccess | IMAP only. Folder to move processed emails to | "" |
mailReceiver.moveOnFailure | IMAP only. Folder to move emails with processing errors to | "" |
mailReceiver.unknownUserAction | Action to perform is an email received from unregistered user | ignore |
mailReceiver.noPermissionCheck | Whether skip permission check during creating a new task | 0 |
mailReceiver.noAccountNotice | Whether send an email to an unregistered user created during a new task creation | 1 |
mailReceiver.defaultGroup | Defines a group list to add created user to | "" |
mailReceiver.project | Defines identifier of the target project for a new task | "" |
mailReceiver.projectFromSubaddress | Defines email address to select project from subaddress | "" |
mailReceiver.status | Defines a new task status | "" |
mailReceiver.tracker | Defines a new task tracker | "" |
mailReceiver.category | Defines a new task category | "" |
mailReceiver.priority | Defines a new task priority | "" |
mailReceiver.assignedTo | Defines a new task priority | "" |
mailReceiver.allowOverride | Defines if email content is allowed to set attributes values. Values is a comma separated list of attributes or all to alllow all attributes | "" |
The above parameters map to the env variables defined in bitnami/redmine. For more information please refer to the bitnami/redmine image documentation.
Specify each parameter using the --set key=value[,key=value] argument to helm install. For example,
$ helm install my-release \
--set redmineUsername=admin,redminePassword=password,mariadb.mariadbRootPassword=secretpassword \
stable/redmine
The above command sets the Redmine administrator account username and password to admin and password respectively. Additionally, it sets the MariaDB root user password to secretpassword.
Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example,
$ helm install my-release -f values.yaml stable/redmine
Tip: You can use the default values.yaml
It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image.
Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist.
Redmine writes uploaded files to a persistent volume. By default that volume cannot be shared between pods (RWO). In such a configuration the replicas option must be set to 1. If the persistent volume supports more than one writer (RWX), ie NFS, replicas can be greater than 1.
The Bitnami Redmine image stores the Redmine data and configurations at the /bitnami/redmine path of the container.
Persistent Volume Claims are used to keep the data across deployments. This is known to work in GCE, AWS, and minikube. The volume is created using dynamic volume provisioning. Clusters configured with NFS mounts require manually managed volumes and claims.
See the Parameters section to configure the PVC or to disable persistence.
The following example includes two PVCs, one for Redmine and another for MariaDB.
$ helm install test --set persistence.existingClaim=PVC_REDMINE,mariadb.persistence.existingClaim=PVC_MARIADB stable/redmine
databaseType parameters is no longer an object but a string. Allowed values are "mariadb" and "postgresql".Helm performs a lookup for the object based on its group (apps), version (v1), and kind (Deployment). Also known as its GroupVersionKind, or GVK. Changing the GVK is considered a compatibility breaker from Kubernetes' point of view, so you cannot "upgrade" those objects to the new GVK in-place. Earlier versions of Helm 3 did not perform the lookup correctly which has since been fixed to match the spec.
In https://github.com/helm/charts/pull/17309 the apiVersion of the deployment resources was updated to apps/v1 in tune with the api's deprecated, resulting in compatibility breakage.
This major version signifies this change.
Backwards compatibility is not guaranteed unless you modify the labels used on the chart's deployments. Use the workaround below to upgrade from versions previous to 5.0.0. The following example assumes that the release name is redmine:
$ kubectl patch deployment redmine-redmine --type=json -p='[{"op": "remove", "path": "/spec/selector/matchLabels/chart"}]'
# If using postgresql as database
$ kubectl patch deployment redmine-postgresql --type=json -p='[{"op": "remove", "path": "/spec/selector/matchLabels/chart"}]'
# If using mariadb as database
$ kubectl delete statefulset redmine-mariadb --cascade=false