From 604ef774becaed3c14bc1ba668980ea6a41bcf7c Mon Sep 17 00:00:00 2001
From: Rory Z <rory-z@outlook.com>
Date: Wed, 15 Mar 2023 10:29:14 +0800
Subject: [PATCH] feat(helm): helm chart support extraVolumeMounts and
 extraVolumes

Done of https://github.com/emqx/emqx/issues/10116
---
 changes/ce/feat-10139.en.md                           |  3 +++
 changes/ce/feat-10139.zh.md                           |  3 +++
 deploy/charts/emqx-enterprise/README.md               |  2 ++
 .../charts/emqx-enterprise/templates/StatefulSet.yaml |  8 +++++++-
 deploy/charts/emqx-enterprise/values.yaml             | 11 +++++++++++
 deploy/charts/emqx/README.md                          |  2 ++
 deploy/charts/emqx/templates/StatefulSet.yaml         |  8 +++++++-
 deploy/charts/emqx/values.yaml                        | 11 +++++++++++
 8 files changed, 46 insertions(+), 2 deletions(-)
 create mode 100644 changes/ce/feat-10139.en.md
 create mode 100644 changes/ce/feat-10139.zh.md

diff --git a/changes/ce/feat-10139.en.md b/changes/ce/feat-10139.en.md
new file mode 100644
index 000000000..3c49ceac3
--- /dev/null
+++ b/changes/ce/feat-10139.en.md
@@ -0,0 +1,3 @@
+Add `extraVolumeMounts` to EMQX Helm Chart, it will have the ability to mount the user-own files into the EMQX instance, for example, ACL rule files as mentioned in [#9052](https://github.com/emqx/emqx/issues/9052)
+
+Done of [#10116](https://github.com/emqx/emqx/issues/10116)
diff --git a/changes/ce/feat-10139.zh.md b/changes/ce/feat-10139.zh.md
new file mode 100644
index 000000000..f7920a127
--- /dev/null
+++ b/changes/ce/feat-10139.zh.md
@@ -0,0 +1,3 @@
+将 `extraVolumeMounts` 添加到 EMQX Helm Chart 中，它将能够挂载用户自己的文件到 EMQX 实例中，例如在 [#9052](https://github.com/emqx/emqx/issues/9052) 中提到的 ACL 规则文件。
+
+完成了 [#10116](https://github.com/emqx/emqx/issues/10116)
diff --git a/deploy/charts/emqx-enterprise/README.md b/deploy/charts/emqx-enterprise/README.md
index 258c9c075..df3be6766 100644
--- a/deploy/charts/emqx-enterprise/README.md
+++ b/deploy/charts/emqx-enterprise/README.md
@@ -57,6 +57,8 @@ The following table lists the configurable parameters of the emqx chart and thei
 | `persistence.size` | PVC Storage Request for EMQX volume | 20Mi |
 | `initContainers` | Containers that run before the creation of EMQX containers. They can contain utilities or setup scripts. | `{}` |
 | `resources` | CPU/Memory resource requests/limits | {} |
+| `extraVolumeMounts` | Additional volumeMounts to the default backend container. | [] |
+| `extraVolumes` | Additional volumes to the default backend pod.| [] |
 | `nodeSelector` | Node labels for pod assignment | `{}` |
 | `tolerations` | Toleration labels for pod assignment | `[]` |
 | `affinity` | Map of node/pod affinities | `{}` |
diff --git a/deploy/charts/emqx-enterprise/templates/StatefulSet.yaml b/deploy/charts/emqx-enterprise/templates/StatefulSet.yaml
index 91b6b1cb2..00751aceb 100644
--- a/deploy/charts/emqx-enterprise/templates/StatefulSet.yaml
+++ b/deploy/charts/emqx-enterprise/templates/StatefulSet.yaml
@@ -74,12 +74,15 @@ spec:
         secret:
           secretName: {{ .Values.emqxLicenseSecretName }}
       {{- end }}
+      {{- if .Values.extraVolumes }}
+        {{- toYaml .Values.extraVolumes | nindent 8 }}
+      {{- end }}
       {{- if .Values.podSecurityContext.enabled }}
       securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }}
       {{- end }}
       {{- if .Values.initContainers }}
       initContainers:
-{{ toYaml .Values.initContainers | indent 8 }}
+        {{- toYaml .Values.initContainers | nindent 8 }}
       {{- end }}
       {{- if .Values.image.pullSecrets }}
       imagePullSecrets:
@@ -138,6 +141,9 @@ spec:
             subPath: "emqx.lic"
             readOnly: true
           {{- end }}
+          {{- if .Values.extraVolumeMounts }}
+            {{- toYaml .Values.extraVolumeMounts | nindent 12 }}
+          {{- end }}
           readinessProbe:
             httpGet:
               path: /status
diff --git a/deploy/charts/emqx-enterprise/values.yaml b/deploy/charts/emqx-enterprise/values.yaml
index 9ae863219..71569b9a3 100644
--- a/deploy/charts/emqx-enterprise/values.yaml
+++ b/deploy/charts/emqx-enterprise/values.yaml
@@ -62,6 +62,17 @@ resources: {}
   #   cpu: 500m
   #   memory: 512Mi
 
+extraVolumeMounts: []
+## Additional volumeMounts to the default backend container.
+#  - name: my-owner-acl
+#    mountPath: /opt/emqx/etc/acl.conf
+#    subPath: acl.conf
+
+extraVolumes: []
+## Additional volumes to the default backend pod.
+#  - name: my-owner-acl
+#    secret:  fake-acl-conf
+
 # Containers that run before the creation of EMQX containers. They can contain utilities or setup scripts.
 initContainers: {}
   # - name: sysctl
diff --git a/deploy/charts/emqx/README.md b/deploy/charts/emqx/README.md
index e28a44199..47ae89245 100644
--- a/deploy/charts/emqx/README.md
+++ b/deploy/charts/emqx/README.md
@@ -57,6 +57,8 @@ The following table lists the configurable parameters of the emqx chart and thei
 | `persistence.size` | PVC Storage Request for EMQX volume | 20Mi |
 | `initContainers` | Containers that run before the creation of EMQX containers. They can contain utilities or setup scripts. | `{}` |
 | `resources` | CPU/Memory resource requests/limits | {} |
+| `extraVolumeMounts` | Additional volumeMounts to the default backend container. | [] |
+| `extraVolumes` | Additional volumes to the default backend pod.| [] |
 | `nodeSelector` | Node labels for pod assignment | `{}` |
 | `tolerations` | Toleration labels for pod assignment | `[]` |
 | `affinity` | Map of node/pod affinities | `{}` |
diff --git a/deploy/charts/emqx/templates/StatefulSet.yaml b/deploy/charts/emqx/templates/StatefulSet.yaml
index 91b6b1cb2..00751aceb 100644
--- a/deploy/charts/emqx/templates/StatefulSet.yaml
+++ b/deploy/charts/emqx/templates/StatefulSet.yaml
@@ -74,12 +74,15 @@ spec:
         secret:
           secretName: {{ .Values.emqxLicenseSecretName }}
       {{- end }}
+      {{- if .Values.extraVolumes }}
+        {{- toYaml .Values.extraVolumes | nindent 8 }}
+      {{- end }}
       {{- if .Values.podSecurityContext.enabled }}
       securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }}
       {{- end }}
       {{- if .Values.initContainers }}
       initContainers:
-{{ toYaml .Values.initContainers | indent 8 }}
+        {{- toYaml .Values.initContainers | nindent 8 }}
       {{- end }}
       {{- if .Values.image.pullSecrets }}
       imagePullSecrets:
@@ -138,6 +141,9 @@ spec:
             subPath: "emqx.lic"
             readOnly: true
           {{- end }}
+          {{- if .Values.extraVolumeMounts }}
+            {{- toYaml .Values.extraVolumeMounts | nindent 12 }}
+          {{- end }}
           readinessProbe:
             httpGet:
               path: /status
diff --git a/deploy/charts/emqx/values.yaml b/deploy/charts/emqx/values.yaml
index 5f14fb17b..f4649cc15 100644
--- a/deploy/charts/emqx/values.yaml
+++ b/deploy/charts/emqx/values.yaml
@@ -62,6 +62,17 @@ resources: {}
   #   cpu: 500m
   #   memory: 512Mi
 
+extraVolumeMounts: []
+## Additional volumeMounts to the default backend container.
+#  - name: my-owner-acl
+#    mountPath: /opt/emqx/etc/acl.conf
+#    subPath: acl.conf
+
+extraVolumes: []
+## Additional volumes to the default backend pod.
+#  - name: my-owner-acl
+#    secret:  fake-acl-conf
+
 # Containers that run before the creation of EMQX containers. They can contain utilities or setup scripts.
 initContainers: {}
   # - name: sysctl