SonarSource · jCOTINEAU · Jan 8, 2025 · Jan 8, 2025 · Jan 8, 2025 · jCOTINEAU
diff --git a/charts/sonarqube-dce/CHANGELOG.md b/charts/sonarqube-dce/CHANGELOG.md
@@ -6,6 +6,7 @@ All changes to this chart will be documented in this file.
 * Update ingress-nginx subchart to 4.11.3
 * Support Kubernetes v1.32
 * Remove the default passcode provided with `monitoringPasscode`
+* Remove deprecated `ApplicationNodes.image.pullSecret`, `searchNodes.image.pullSecret` and `postgresql.postgresqlServer`
 
 ## [10.8.1]
 * Update Chart's version to 10.8.1

diff --git a/charts/sonarqube-dce/Chart.yaml b/charts/sonarqube-dce/Chart.yaml
@@ -33,6 +33,8 @@ annotations:
       description: "Support Kubernetes v1.32"
     - kind: changed
       description: "Remove the default passcode provided with 'monitoringPasscode'"
+    - kind: removed
+      description: "Remove deprecated `ApplicationNodes.image.pullSecret`, `searchNodes.image.pullSecret` and `postgresql.postgresqlServer`"
   artifacthub.io/links: |
     - name: support
       url: https://community.sonarsource.com/

diff --git a/charts/sonarqube-dce/README.md b/charts/sonarqube-dce/README.md
@@ -284,7 +284,6 @@ The following table lists the configurable parameters of the SonarQube chart and
 | `searchNodes.image.repository`                            | search image repository                                                                    | `sonarqube`                                                            |
 | `searchNodes.image.tag`                                   | search image tag                                                                           | `10.8.1-datacenter-search`                                             |
 | `searchNodes.image.pullPolicy`                            | search image pull policy                                                                   | `IfNotPresent`                                                         |
-| `searchNodes.image.pullSecret`                            | (DEPRECATED) search imagePullSecret to use for private repository                          | `nil`                                                                  |
 | `searchNodes.image.pullSecrets`                           | search imagePullSecrets to use for private repository                                      | `nil`                                                                  |
 | `searchNodes.annotations`                                 | Map of annotations to add to the search pods                                               | `{}`                                                                   |
 | `searchNodes.env`                                         | Environment variables to attach to the search pods                                         | `nil`                                                                  |
@@ -341,7 +340,6 @@ The following table lists the configurable parameters of the SonarQube chart and
 | `applicationNodes.image.repository`                              | app image repository                                                                                                                                                                                           | `sonarqube`                                                            |
 | `applicationNodes.image.tag`                                     | app image tag                                                                                                                                                                                                  | `10.8.1-datacenter-app`                                                |
 | `applicationNodes.image.pullPolicy`                              | app image pull policy                                                                                                                                                                                          | `IfNotPresent`                                                         |
-| `applicationNodes.image.pullSecret`                              | (DEPRECATED) app imagePullSecret to use for private repository                                                                                                                                                 | `nil`                                                                  |
 | `applicationNodes.image.pullSecrets`                             | app imagePullSecrets to use for private repository                                                                                                                                                             | `nil`                                                                  |
 | `applicationNodes.annotations`                                   | Map of annotations to add to the app pods                                                                                                                                                                      | `{}`                                                                   |
 | `applicationNodes.env`                                           | Environment variables to attach to the app pods                                                                                                                                                                | `nil`                                                                  |
@@ -683,7 +681,7 @@ Since SonarQube needs Elasticsearch, some [bootstrap checks](https://www.elastic
 
 This chart offers the option to use an initContainer in privilaged mode to automatically set certain kernel settings on the kube worker. While this can ensure proper functionality of Elasticsearch, modifying the underlying kernel settings on the Kubernetes node can impact other users. It may be best to work with your cluster administrator to either provide specific nodes with the proper kernel settings, or ensure they are set cluster wide.
 
-To enable auto-configuration of the kube worker node, set `elasticsearch.configureNode` to `true`. This is the default behavior, so you do not need to explicitly set this.
+To enable auto-configuration of the kube worker node, set `initSysctl.enabled` to `true`. This is the default behavior, so you do not need to explicitly set this.
 
 This will run `sysctl -w vm.max_map_count=262144` on the worker where the sonarqube pod(s) get scheduled. This needs to be set to `262144` but normally defaults to `65530`. Other kernel settings are recommended by the [docker image](https://hub.docker.com/_/sonarqube/#requirements), but the defaults work fine in most cases.
 

diff --git a/charts/sonarqube-dce/templates/_helpers.tpl b/charts/sonarqube-dce/templates/_helpers.tpl
@@ -106,8 +106,6 @@ Expand the Application Image name.
 {{- define "postgresql.hostname" -}}
 {{- if .Values.postgresql.enabled -}}
 {{- printf "%s-%s" .Release.Name "postgresql" | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- printf "%s" .Values.postgresql.postgresqlServer -}}
 {{- end -}}
 {{- end -}}
 

diff --git a/charts/sonarqube-dce/templates/change-admin-password-hook.yml b/charts/sonarqube-dce/templates/change-admin-password-hook.yml
@@ -35,14 +35,9 @@ spec:
       {{- end }}
     spec:
       restartPolicy: OnFailure
-      {{- if or .Values.ApplicationNodes.image.pullSecrets .Values.ApplicationNodes.image.pullSecret }}
+      {{- if .Values.ApplicationNodes.image.pullSecrets }}
       imagePullSecrets:
-        {{- if .Values.ApplicationNodes.image.pullSecret }}
-        - name: {{ .Values.ApplicationNodes.image.pullSecret }}
-        {{- end }}
-        {{- if .Values.ApplicationNodes.image.pullSecrets }}
 {{ toYaml .Values.ApplicationNodes.image.pullSecrets | indent 8 }}
-        {{- end }}
       {{- end }}
       serviceAccountName: {{ template "sonarqube.serviceAccountName" . }}
     {{- if .Values.tolerations }}

diff --git a/charts/sonarqube-dce/templates/sonarqube-application.yaml b/charts/sonarqube-dce/templates/sonarqube-application.yaml
@@ -55,14 +55,9 @@ spec:
 {{- end }}
     spec:
       automountServiceAccountToken: {{ .Values.serviceAccount.automountToken }}
-      {{- if or .Values.ApplicationNodes.image.pullSecrets .Values.ApplicationNodes.image.pullSecret }}
+      {{- if .Values.ApplicationNodes.image.pullSecrets }}
       imagePullSecrets:
-        {{- if .Values.ApplicationNodes.image.pullSecret }}
-        - name: {{ .Values.ApplicationNodes.image.pullSecret }}
-        {{- end }}
-        {{- if .Values.ApplicationNodes.image.pullSecrets }}
 {{ toYaml .Values.ApplicationNodes.image.pullSecrets | indent 8 }}
-        {{- end }}
       {{- end }}
       initContainers:
       {{- if .Values.ApplicationNodes.extraInitContainers }}

diff --git a/charts/sonarqube-dce/templates/sonarqube-search.yaml b/charts/sonarqube-dce/templates/sonarqube-search.yaml
@@ -79,14 +79,9 @@ spec:
 {{- end }}
     spec:
       automountServiceAccountToken: {{ .Values.serviceAccount.automountToken }}
-      {{- if or .Values.searchNodes.image.pullSecrets .Values.searchNodes.image.pullSecret }}
+      {{- if .Values.searchNodes.image.pullSecrets }}
       imagePullSecrets:
-        {{- if .Values.searchNodes.image.pullSecret }}
-        - name: {{ .Values.searchNodes.image.pullSecret }}
-        {{- end }}
-        {{- if .Values.searchNodes.image.pullSecrets }}
 {{ toYaml .Values.searchNodes.image.pullSecrets | indent 8 }}
-        {{- end }}
       {{- end }}
       initContainers:
       {{- if .Values.extraInitContainers }}

diff --git a/charts/sonarqube-dce/templates/tests/sonarqube-test.yaml b/charts/sonarqube-dce/templates/tests/sonarqube-test.yaml
@@ -14,14 +14,9 @@ metadata:
     heritage: {{ .Release.Service }}
 spec:
   automountServiceAccountToken: false
-  {{- if or .Values.ApplicationNodes.image.pullSecrets .Values.ApplicationNodes.image.pullSecret }}
+  {{- if .Values.ApplicationNodes.image.pullSecrets }}
   imagePullSecrets:
-    {{- if .Values.ApplicationNodes.image.pullSecret }}
-    - name: {{ .Values.ApplicationNodes.image.pullSecret }}
-    {{- end }}
-    {{- if .Values.ApplicationNodes.image.pullSecrets }}
 {{ toYaml .Values.ApplicationNodes.image.pullSecrets | indent 4 }}
-    {{- end }}
   {{- end }}
   containers:
     - name: {{ .Release.Name }}-ui-test

diff --git a/charts/sonarqube/CHANGELOG.md b/charts/sonarqube/CHANGELOG.md
@@ -6,6 +6,7 @@ All changes to this chart will be documented in this file.
 * Update ingress-nginx subchart to 4.11.3
 * Support Kubernetes v1.32
 * Remove the default passcode provided with `monitoringPasscode`
+* Remove deprecated `elasticsearch.configureNode`, `image.pullSecret` and `postgresql.postgresqlServer`
 
 ## [10.8.1]
 * Update Chart's version to 10.8.1

diff --git a/charts/sonarqube/Chart.yaml b/charts/sonarqube/Chart.yaml
@@ -38,6 +38,8 @@ annotations:
       description: "Support Kubernetes v1.32"
     - kind: changed
       description: "Remove the default passcode provided with 'monitoringPasscode'"
+    - kind: removed
+      description: "Remove deprecated `elasticsearch.configureNode`, `image.pullSecret` and `postgresql.postgresqlServer`"
   artifacthub.io/containsSecurityUpdates: "false"
   artifacthub.io/images: |
     - name: sonarqube

diff --git a/charts/sonarqube/README.md b/charts/sonarqube/README.md
@@ -294,7 +294,6 @@ The following table lists the configurable parameters of the SonarQube chart and
 | `image.repository`  | image repository                                                                                  | `sonarqube`                    |
 | `image.tag`         | `sonarqube` image tag. Please note that the default `10.8.1-{{ .Values.edition }}` is deprecated. | `10.8.1-{{ .Values.edition }}` |
 | `image.pullPolicy`  | Image pull policy                                                                                 | `IfNotPresent`                 |
-| `image.pullSecret`  | (DEPRECATED) imagePullSecret to use for private repository                                        | `None`                         |
 | `image.pullSecrets` | imagePullSecrets to use for private repository                                                    | `None`                         |
 
 ### Security
@@ -308,7 +307,6 @@ The following table lists the configurable parameters of the SonarQube chart and
 
 | Parameter                       | Description                                     | Default |
 | ------------------------------- | ----------------------------------------------- | ------- |
-| `elasticsearch.configureNode`   | [DEPRECATED] Use initSysctl.enabled instead.    | `false` |
 | `elasticsearch.bootstrapChecks` | Enables/disables Elasticsearch bootstrap checks | `true`  |
 
 ### Service
@@ -506,7 +504,6 @@ The bundled PostgreSQL Chart is deprecated. Please see <https://artifacthub.io/p
 | -------------------------------------------------------- | ---------------------------------------------------------------------- | --------------- |
 | `postgresql.enabled`                                     | Set to `false` to use external server                                  | `true`          |
 | `postgresql.existingSecret`                              | existingSecret Name of existing secret to use for PostgreSQL passwords | `nil`           |
-| `postgresql.postgresqlServer`                            | (DEPRECATED) Hostname of the external PostgreSQL server                | `nil`           |
 | `postgresql.postgresqlUsername`                          | PostgreSQL database user                                               | `sonarUser`     |
 | `postgresql.postgresqlPassword`                          | PostgreSQL database password                                           | `sonarPass`     |
 | `postgresql.postgresqlDatabase`                          | PostgreSQL database name                                               | `sonarDB`       |
@@ -624,11 +621,11 @@ Since SonarQube comes bundled with an Elasticsearch instance, some [bootstrap ch
 
 This chart offers the option to use an initContainer in privileged mode to automatically set certain kernel settings on the kube worker. While this can ensure proper functionality of Elasticsearch, modifying the underlying kernel settings on the Kubernetes node can impact other users. It may be best to work with your cluster administrator to either provide specific nodes with the proper kernel settings, or ensure they are set cluster wide.
 
-To enable auto-configuration of the kube worker node, set `elasticsearch.configureNode` to `true`. This is the default behavior, so you do not need to explicitly set this.
+To enable auto-configuration of the kube worker node, set `initSysctl.enabled` to `true`. This is the default behavior, so you do not need to explicitly set this.
 
 This will run `sysctl -w vm.max_map_count=262144` on the worker where the sonarqube pod(s) get scheduled. This needs to be set to `262144` but normally defaults to `65530`. Other kernel settings are recommended by the [docker image](https://hub.docker.com/_/sonarqube/#requirements), but the defaults work fine in most cases.
 
-To disable worker node configuration, set `elasticsearch.configureNode` to `false`. Note that if node configuration is not enabled, then you will likely need to also disable the Elasticsearch bootstrap checks. These can be explicitly disabled by setting `elasticsearch.bootstrapChecks` to `false`.
+To disable worker node configuration, set `initSysctl.enabled` to `false`. Note that if node configuration is not enabled, then you will likely need to also disable the Elasticsearch bootstrap checks. These can be explicitly disabled by setting `elasticsearch.bootstrapChecks` to `false`.
 
 ### Extra Config
 

diff --git a/charts/sonarqube/templates/_helpers.tpl b/charts/sonarqube/templates/_helpers.tpl
@@ -85,8 +85,6 @@ Expand the Application Image name.
 {{- define "postgresql.hostname" -}}
 {{- if .Values.postgresql.enabled -}}
 {{- printf "%s-%s" .Release.Name "postgresql" | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- printf "%s" .Values.postgresql.postgresqlServer -}}
 {{- end -}}
 {{- end -}}
 

diff --git a/charts/sonarqube/templates/_pod.tpl b/charts/sonarqube/templates/_pod.tpl
@@ -30,11 +30,8 @@ spec:
   {{- with (include "sonarqube.securityContext" .) }}
   securityContext: {{- . | nindent 4 }}
   {{- end }}
-  {{- if or .Values.image.pullSecrets .Values.image.pullSecret }}
+  {{- if .Values.image.pullSecrets }}
   imagePullSecrets:
-    {{- if .Values.image.pullSecret }}
-    - name: {{ .Values.image.pullSecret }}
-    {{- end }}
     {{- with .Values.image.pullSecrets }}
     {{- toYaml . | nindent 4 }}
     {{- end }}
@@ -77,7 +74,7 @@ spec:
       env:
         {{- (include "sonarqube.combined_env" . | fromJsonArray) | toYaml | trim | nindent 8 }}
     {{- end }}
-    {{- if and (or .Values.initSysctl.enabled .Values.elasticsearch.configureNode) (not .Values.OpenShift.enabled) }}
+    {{- if and .Values.initSysctl.enabled (not .Values.OpenShift.enabled) }}
     - name: init-sysctl
       image: {{ default (include "sonarqube.image" $) .Values.initSysctl.image }}
       imagePullPolicy: {{ .Values.image.pullPolicy  }}

diff --git a/charts/sonarqube/templates/change-admin-password-hook.yml b/charts/sonarqube/templates/change-admin-password-hook.yml
@@ -20,11 +20,8 @@ spec:
       labels: {{- include "sonarqube.labels" . | nindent 8 }}
     spec:
       restartPolicy: OnFailure
-      {{- if or .Values.image.pullSecrets .Values.image.pullSecret }}
+      {{- if .Values.image.pullSecrets }}
       imagePullSecrets:
-        {{- if .Values.image.pullSecret }}
-        - name: {{ .Values.image.pullSecret }}
-        {{- end }}
         {{- with .Values.image.pullSecrets }}
         {{- toYaml . | nindent 8 }}
         {{- end }}

diff --git a/charts/sonarqube/templates/tests/sonarqube-test.yaml b/charts/sonarqube/templates/tests/sonarqube-test.yaml
@@ -8,11 +8,8 @@ metadata:
   labels: {{- include "sonarqube.labels" . | nindent 4 }}
 spec:
   automountServiceAccountToken: false
-  {{- if or .Values.image.pullSecrets .Values.image.pullSecret }}
+  {{- if .Values.image.pullSecrets }}
   imagePullSecrets:
-    {{- if .Values.image.pullSecret }}
-    - name: {{ .Values.image.pullSecret }}
-    {{- end }}
     {{- with .Values.image.pullSecrets }}
     {{- toYaml . | nindent 4 }}
     {{- end }}

diff --git a/charts/sonarqube/values.yaml b/charts/sonarqube/values.yaml
@@ -88,8 +88,6 @@ containerSecurityContext:
 
 # Settings to configure elasticsearch host requirements
 elasticsearch:
-  # (DEPRECATED) Use initSysctl.enabled instead
-  configureNode: false
   bootstrapChecks: true
 
 service:

diff --git a/tests/unit-compatibility-test/fixtures/sonarqube-dce/custom-image-values.yaml b/tests/unit-compatibility-test/fixtures/sonarqube-dce/custom-image-values.yaml
@@ -405,6 +405,8 @@ spec:
         checksum/secret: c953abbc65dd935f1e5118b3efb1e082374ad203eba24a98829fead12e401630
     spec:
       automountServiceAccountToken: false
+      imagePullSecrets:
+        - name: mypullsecret
       initContainers:
         - name: "wait-for-db"
           image: sonarqube:lts-community@sha256:3596d14feb065a31ce84cef60cc3ecfb7b47233ef860fd85c0d4e465f676c9f7
@@ -774,6 +776,8 @@ spec:
         checksum/secret: c953abbc65dd935f1e5118b3efb1e082374ad203eba24a98829fead12e401630
     spec:
       automountServiceAccountToken: false
+      imagePullSecrets:
+        - name: mypullsecret
       initContainers:
         - name: init-sysctl
           image: sonarqube:lts-community@sha256:3596d14feb065a31ce84cef60cc3ecfb7b47233ef860fd85c0d4e465f676c9f7
@@ -972,6 +976,8 @@ metadata:
     heritage: Helm
 spec:
   automountServiceAccountToken: false
+  imagePullSecrets:
+    - name: mypullsecret
   containers:
     - name: custom-image-values.yaml-ui-test
       image: "sonarqube:lts-community@sha256:3596d14feb065a31ce84cef60cc3ecfb7b47233ef860fd85c0d4e465f676c9f7"

diff --git a/tests/unit-compatibility-test/fixtures/sonarqube-dce/secret-values.yaml b/tests/unit-compatibility-test/fixtures/sonarqube-dce/secret-values.yaml
@@ -223,7 +223,7 @@ metadata:
     heritage: Helm
 data:
   SONAR_JDBC_USERNAME: sonarUser
-  SONAR_JDBC_URL: "jdbc:postgresql://%!s(<nil>):5432/sonarDB"
+  SONAR_JDBC_URL: "jdbc:postgresql://:5432/sonarDB"
 ---
 # Source: sonarqube-dce/templates/service.yaml
 apiVersion: v1

diff --git a/tests/unit-compatibility-test/fixtures/sonarqube/custom-image-values.yaml b/tests/unit-compatibility-test/fixtures/sonarqube/custom-image-values.yaml
@@ -411,6 +411,8 @@ spec:
       automountServiceAccountToken: false
       securityContext:
         fsGroup: 0
+      imagePullSecrets:
+        - name: mypullsecret
       initContainers:
         - name: "wait-for-db"
           image: sonarqube:lts-community@sha256:3596d14feb065a31ce84cef60cc3ecfb7b47233ef860fd85c0d4e465f676c9f7
@@ -577,6 +579,8 @@ metadata:
     heritage: Helm
 spec:
   automountServiceAccountToken: false
+  imagePullSecrets:
+    - name: mypullsecret
   containers:
     - name: custom-image-values.yaml-ui-test
       image: "sonarqube:lts-community@sha256:3596d14feb065a31ce84cef60cc3ecfb7b47233ef860fd85c0d4e465f676c9f7"

diff --git a/tests/unit-compatibility-test/fixtures/sonarqube/secret-values.yaml b/tests/unit-compatibility-test/fixtures/sonarqube/secret-values.yaml
@@ -146,7 +146,7 @@ metadata:
     heritage: Helm
 data:
   SONAR_JDBC_USERNAME: sonarUser
-  SONAR_JDBC_URL: "jdbc:postgresql://%!s(<nil>):5432/sonarDB"
+  SONAR_JDBC_URL: "jdbc:postgresql://:5432/sonarDB"
 ---
 # Source: sonarqube/templates/service.yaml
 apiVersion: v1

diff --git a/tests/unit-compatibility-test/sonarqube-dce/custom-image-values.yaml b/tests/unit-compatibility-test/sonarqube-dce/custom-image-values.yaml
@@ -2,7 +2,11 @@ ApplicationNodes:
   image:
     #Value comming from the user issue
     tag: lts-community@sha256:3596d14feb065a31ce84cef60cc3ecfb7b47233ef860fd85c0d4e465f676c9f7
+    pullSecrets:
+      - name: mypullsecret
 searchNodes:
   image:
     #Value comming from the user issue
-    tag: lts-community@sha256:3596d14feb065a31ce84cef60cc3ecfb7b47233ef860fd85c0d4e465f676c9f7
+    tag: lts-community@sha256:3596d14feb065a31ce84cef60cc3ecfb7b47233ef860fd85c0d4e465f676c9f7
+    pullSecrets:
+      - name: mypullsecret
diff --git a/tests/unit-compatibility-test/sonarqube/custom-image-values.yaml b/tests/unit-compatibility-test/sonarqube/custom-image-values.yaml
@@ -1,3 +1,5 @@
 image:
   #Value comming from the user issue
-  tag: lts-community@sha256:3596d14feb065a31ce84cef60cc3ecfb7b47233ef860fd85c0d4e465f676c9f7
+  tag: lts-community@sha256:3596d14feb065a31ce84cef60cc3ecfb7b47233ef860fd85c0d4e465f676c9f7
+  pullSecrets:
+    - name: mypullsecret