docker-mailserver · cfis · Jan 29, 2024 · May 5, 2022 · May 5, 2022 · May 5, 2022
@@ -12,8 +12,8 @@ on:
   workflow_dispatch:
 
 env:
-  KUBE_SCORE_VERSION: 1.12.0
-  HELM_VERSION: v3.4.1
+  KUBE_SCORE_VERSION: 1.17.0
+  HELM_VERSION: v3.13.2
 
 concurrency: 
   group: ${{ github.head_ref }}
@@ -24,12 +24,12 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
       - name: Set up Helm
-        uses: azure/setup-helm@v1
+        uses: azure/setup-helm@v3
         with:
           version: ${{ env.HELM_VERSION }}
 
@@ -49,21 +49,21 @@ jobs:
     strategy:
       matrix:
         # Choose from https://hub.docker.com/r/kindest/node/tags
-        KubeVersion: [1.24.15,1.25.11,1.26.6,1.27.3,1.28.0]
+        KubeVersion: [1.27.3, 1.28.0, 1.29.0]
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
       # python is a requirement for the chart-testing action below (supports yamllint among other tests)
-      - uses: actions/setup-python@v2
+      - uses: actions/setup-python@v5
         with:
-          python-version: 3.7
+          python-version: 3.11
 
       - name: Set up chart-testing
-        uses: helm/chart-testing-action@v2.1.0
+        uses: helm/chart-testing-action@v2.6.0
 
       - name: Run chart-testing (list-changed)
         id: list-changed
@@ -77,7 +77,7 @@ jobs:
         run: ct lint --config .ci/ct-config.yaml
 
       - name: Create ${{matrix.KubeVersion}} kind cluster
-        uses: helm/kind-action@v1.2.0
+        uses: helm/kind-action@v1.5.0
         with:
           node_image: kindest/node:v${{matrix.KubeVersion}}
           cluster_name: kubernetes-${{matrix.KubeVersion}}

@@ -17,7 +17,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
@@ -32,7 +32,7 @@ jobs:
           helm repo add haprox https://haproxytech.github.io/helm-charts --force-update
 
       - name: Run chart-releaser
-        uses: helm/chart-releaser-action@v1.1.0
+        uses: helm/chart-releaser-action@v1.6.0
         env:
           CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
 
@@ -1,8 +1,8 @@
 apiVersion: v2
-appVersion: "12.1.0"
+appVersion: "13.2.0"
 description: A fullstack but simple mailserver (smtp, imap, antispam, antivirus, ssl...) using Docker.
 name: docker-mailserver
-version: 2.1.1
+version: 2.2.2
 sources:
 - https://github.com/docker-mailserver/docker-mailserver-helm
 maintainers:

@@ -12,14 +12,17 @@ metadata:
   name: {{ template "dockermailserver.fullname" . }}-configs
 data:
   {{/* Use sample data if user is running in demo mode */}}
-  {{- if .Values.demoMode.enabled -}}  
+  {{- if .Values.demoMode.enabled -}}
   ### We are in demo mode, so add in some sample data for quick testing
   postfix-accounts.cf: |
     # A sample user - the password is "password"
     [email protected]|{SHA512-CRYPT}$6$l4023rZnQEy/l0Rg$JeNjAAICB43VAX7GTJ9jeE7DR0LeyR5nU.ftq3c42T5E1IZSuRBqwM8erRh6t0CyIT6aYpBIAopzcQHNUvMV00
-  postfix-virtual.cf: "# Intentionally left empty"
-  SigningTable: "*@example.com mail._domainkey.example.com"
-  KeyTable: "mail._domainkey.example.com example.com:mail:/etc/opendkim/keys/example.com/mail.private"
+  postfix-virtual.cf: |
+    # Intentionally left empty
+  SigningTable: |
+    *@example.com mail._domainkey.example.com
+  KeyTable: |
+    mail._domainkey.example.com example.com:mail:/etc/opendkim/keys/example.com/mail.private
   TrustedHosts: |
     127.0.0.1
     localhost

@@ -46,17 +46,13 @@ spec:
         - name: "opendkim-keys"
           secret:
             secretName: {{ template "dockermailserver.fullname" . }}-secrets
-{{ if .Values.pod.dockermailserver.ssl_type }}
+{{- if and .Values.pod.dockermailserver.env.SSL_TYPE .Values.ssl.useExisting }}
         - name: "ssl-cert"
           secret:
-{{ if .Values.ssl.useExisting }}
             secretName: {{ .Values.ssl.existingName }}
-{{- else }}
-            secretName: {{ template "dockermailserver.fullname" . }}-tls
 {{- end }}
-{{- end }}
-{{ if .Values.additionalVolumes }}
-{{- toYaml .Values.additionalVolumes | indent 8 }}
+{{- if .Values.additionalVolumes }}
+{{ toYaml .Values.additionalVolumes | indent 8 }}
 {{- end }}
         - name: tmp
           emptyDir: {}
@@ -76,25 +72,27 @@ spec:
           securityContext:
 {{ toYaml .Values.initContainer.containerSecurityContext | indent 12 }}
       containers:
-
-        - name: dockermailserver
+        - name: docker-mailserver
           env:
-{{- include "dockermailserver.upstream-env-variables" . | nindent 10 }}
+          {{- range $pkey, $pval := .Values.pod.dockermailserver.env }}
+          - name: {{ $pkey }}
+            value: {{ quote $pval }}
+          {{- end }}          
           image: {{ .Values.image.name }}:{{ .Values.image.tag }}
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           resources:
 {{ toYaml .Values.resources | indent 12 }}
-            {{- if eq .Values.pod.dockermailserver.enable_fail2ban 1.0 }}
+          securityContext:
+            {{- if eq .Values.pod.dockermailserver.env.ENABLE_FAIL2BAN 1.0 }}
             capabilities:
               add:
                 - "NET_ADMIN"
             {{ end }}
-          securityContext:
 {{ toYaml .Values.pod.dockermailserver.containerSecurityContext | indent 12 }}
           volumeMounts:
             - name: config
               mountPath: /tmp/docker-mailserver
-{{ if .Values.pod.dockermailserver.ssl_type }}
+{{- if and .Values.pod.dockermailserver.env.SSL_TYPE .Values.ssl.useExisting }}
             - name: ssl-cert
               mountPath: /tmp/ssl
               readOnly: true
@@ -141,8 +139,8 @@ spec:
               subPath: 91-override-sieve.conf
               mountPath: /etc/dovecot/conf.d/91-override-sieve.conf
               readOnly: true
-            {{ end }}
-              {{- if .Values.demoMode.enabled }}
+            {{- end }}
+            {{- if .Values.demoMode.enabled }}
             - name: opendkim-keys
               mountPath: "/tmp/docker-mailserver/opendkim/keys/example.com/mail.private"
               subPath: "example.com-mail.private"
@@ -158,7 +156,7 @@ spec:
               readOnly: true
               {{- end }}
               {{- end }}
-{{ if .Values.additionalVolumeMounts }}
+{{- if .Values.additionalVolumeMounts }}
 {{ toYaml .Values.additionalVolumeMounts | indent 12 }}
 {{- end }}
           livenessProbe:
@@ -168,7 +166,7 @@ spec:
                  - -c
                  - supervisorctl status | grep -E "amavis|clamav|cron|dovecot|mailserver|opendkim|opendmarc|postfix|rsyslog" | grep RUNNING
             initialDelaySeconds: 10
-            timeoutSeconds: 1
+            timeoutSeconds: 5
             failureThreshold: 3
           readinessProbe:
             exec:
@@ -177,7 +175,7 @@ spec:
                  - -c
                  - supervisorctl status | grep -E "mailserver|postfix" | grep RUNNING
             initialDelaySeconds: 10
-            timeoutSeconds: 1
+            timeoutSeconds: 5
             failureThreshold: 3
 
 {{ if .Values.metrics.enabled }}

@@ -4,18 +4,16 @@ kind: "PersistentVolumeClaim"
 apiVersion: "v1"
 metadata:
   name: {{ template "dockermailserver.fullname" . }}
-  annotations:
-  {{- if .Values.persistence.storageClass }}
-    volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass | quote }}
-  {{- else }}
-    volume.alpha.kubernetes.io/storage-class: "generic"
-  {{- end }}
   {{- if .Values.persistence.annotations }}
+  annotations:
   {{ toYaml .Values.persistence.annotations | indent 2 }}  
   {{ end }}
 spec:
   accessModes:
     - {{ default "ReadWriteOnce" .Values.persistence.accessMode | quote }}
+  {{- if .Values.persistence.storageClass }}
+  storageClassName: {{ .Values.persistence.storageClass | quote }}
+  {{- end }}    
   resources:
     requests:
       storage: {{ .Values.persistence.size | quote }}