diff --git a/.github/upstream-projects.yaml b/.github/upstream-projects.yaml index 11468899..1ae52fe2 100644 --- a/.github/upstream-projects.yaml +++ b/.github/upstream-projects.yaml @@ -29,7 +29,7 @@ projects: - id: toolhive-registry-server repo: stacklok/toolhive-registry-server - version: v1.4.10 + version: v1.4.11 docs_paths: - docs/toolhive/guides-registry - docs/toolhive/concepts/registry-criteria.mdx diff --git a/docs/platform/enterprise-platform/deployment.mdx b/docs/platform/enterprise-platform/deployment.mdx index 8cc7ee46..711d4673 100644 --- a/docs/platform/enterprise-platform/deployment.mdx +++ b/docs/platform/enterprise-platform/deployment.mdx @@ -289,6 +289,32 @@ override. When set, it takes precedence over `global.redis.host` and ::: +#### Global PostgreSQL defaults + +The Registry Server reads its database host, port, and SSL mode from +`global.postgres` when its own +`toolhive-registry-server.upstream.config.database.host` is empty. This is the +same pattern as `global.redis` above, intended for umbrella deployments that +share a PostgreSQL instance across several backing services. The block is +optional: when `global.postgres.host` is empty, the default is inactive and each +subchart uses its own `config.database` block. + +```yaml title="values.yaml (global PostgreSQL addition)" +global: + postgres: + # When empty, the global default is inactive. + host: 'postgres.example.com' + port: 5432 + sslMode: 'require' +``` + +Only `host`, `port`, and `sslMode` are inherited from the global block. The +database user, database name, and credentials still go under the subchart's own +`config.database` block (and `extraEnv` for the password Secret reference, as +the example above shows). A locally set +`toolhive-registry-server.upstream.config.database.host` always wins over +`global.postgres.host`. + ### 4. Install the chart Install the chart into the `stacklok-system` namespace you created earlier. diff --git a/docs/toolhive/guides-registry/deploy-helm.mdx b/docs/toolhive/guides-registry/deploy-helm.mdx index e6fe0ea4..8d79f452 100644 --- a/docs/toolhive/guides-registry/deploy-helm.mdx +++ b/docs/toolhive/guides-registry/deploy-helm.mdx @@ -73,6 +73,39 @@ config: sslMode: require ``` +### Share a database host across subcharts + +When the Registry Server chart runs as a subchart of an umbrella chart whose +bundled services share a single PostgreSQL instance, you can set the database +host once at the umbrella level under `global.postgres` instead of repeating it +per subchart. This is a standard Helm `global.*` mechanism, so any umbrella +chart can use it: + +```yaml title="values.yaml (umbrella excerpt)" +global: + postgres: + host: 'postgres.example.com' + port: 5432 + sslMode: 'require' +``` + +When `config.database.host` on the Registry Server subchart is empty, the chart +falls back to `global.postgres.{host,port,sslMode}` (port defaults to `5432`). A +locally set `config.database.host` always wins, so per-subchart overrides keep +working. Only `host`, `port`, and `sslMode` are inherited. The `user`, +`database`, and credentials still go in the subchart's own `config.database` +block. + +:::enterprise + +If you run the full Stacklok Enterprise platform, its canonical umbrella chart +already wires up `global.postgres`, so you set the shared database host once at +the umbrella level rather than per subchart. See the +[platform-wide PostgreSQL defaults](../../platform/enterprise-platform/deployment.mdx#global-postgresql-defaults) +for the credential Secrets and the other components that read `global.postgres`. + +::: + ## Provide database credentials Database credentials use the pgpass file pattern. Create a Kubernetes Secret