rstudio · tnederlof · Mar 4, 2024 · Feb 23, 2024 · Feb 23, 2024 · Mar 1, 2024
@@ -1,6 +1,6 @@
 name: rstudio-workbench
 description: Official Helm chart for RStudio Workbench
-version: 0.6.15
+version: 0.6.16
 apiVersion: v2
 appVersion: 2023.12.1
 icon: https://rstudio.com/wp-content/uploads/2018/10/RStudio-Logo-Flat.png

@@ -1,6 +1,15 @@
+# 0.6.16
+
+- Update default package manager repo in `config.session.repos.conf`
+- Remove `--verbose` from args in `config.server.vscode.conf`
+- Add instructions for configuring R and Python repos in the README
+- Add empty JSON to `rstudio-prefs.json` default
+- Add documentation for `databricks.conf`
+- Increase `readinessProbe.initialDelaySeconds` to `10`
+
 # 0.6.15
 
-- Added `ttlSecondsAfterFinished` to `job.tpl` for session jobs.
+- Add `ttlSecondsAfterFinished` to `job.tpl` for session jobs.
 
 # 0.6.14
 

@@ -1,6 +1,6 @@
 # RStudio Workbench
 
-![Version: 0.6.15](https://img.shields.io/badge/Version-0.6.15-informational?style=flat-square) ![AppVersion: 2023.12.1](https://img.shields.io/badge/AppVersion-2023.12.1-informational?style=flat-square)
+![Version: 0.6.16](https://img.shields.io/badge/Version-0.6.16-informational?style=flat-square) ![AppVersion: 2023.12.1](https://img.shields.io/badge/AppVersion-2023.12.1-informational?style=flat-square)
 
 #### _Official Helm chart for RStudio Workbench_
 
@@ -27,11 +27,11 @@ To ensure a stable production deployment, please:
 
 ## Installing the Chart
 
-To install the chart with the release name `my-release` at version 0.6.15:
+To install the chart with the release name `my-release` at version 0.6.16:
 
 ```bash
 helm repo add rstudio https://helm.rstudio.com
-helm upgrade --install my-release rstudio/rstudio-workbench --version=0.6.15
+helm upgrade --install my-release rstudio/rstudio-workbench --version=0.6.16
 ```
 
 To explore other chart versions, take a look at:
@@ -173,7 +173,7 @@ the `XDG_CONFIG_DIRS` environment variable
   - mounted at `/mnt/session-secret/`
 - Secret Configuration
   - These configuration files are mounted into the server with more restrictive permissions (0600)
-  - `database.conf`, `openid-client-secret`, etc.
+  - `database.conf`, `openid-client-secret`, `databricks.conf`
   - They are located in the `config.secret.<< name of file >>` helm values
   - mounted at `/mnt/secret-configmap/rstudio/`
 - Server Configuration
@@ -218,6 +218,37 @@ config:
   - Located at `config.pam.<< name of file >>` helm values
   - Will be mounted verbatim as individual files (using `subPath` mounts) at `/etc/pam.d/<< name of file >>`
 
+### Configuring R and Python repositories
+
+#### R repositories
+
+R package repositories can be configured with `config.session.repos.conf`.
+
+```
+config:
+  session:
+    repos.conf:
+      CRAN: https://packagemanager.posit.co/cran/__linux__/jammy/latest
+```
+
+For more information about configuring CRAN repositories in Workbench refer to the [Admin Guide](https://docs.posit.co/ide/server-pro/rstudio_pro_sessions/package_installation.html#cran-repositories).
+
+#### Python repositories
+
+pip can be configured with `config.session.pip.conf`. To ensure `pip.conf` is mounted into the session pods it is important that `launcher.useTemplates: true` is set and `pip.conf` settings are listed under `config.session` like in the example below for adding Posit Public Package Manager's PyPI.
+
+```
+launcher:
+  useTemplates: true
+
+config:
+  session:
+    pip.conf:
+      "global":
+        index-url: https://packagemanager.posit.co/pypi/latest/simple
+        trusted-host: packagemanager.posit.co
+```
+
 ## User Provisioning
 
 Provisioning users in RStudio Workbench containers is challenging. Session images have users created automatically (with
@@ -407,14 +438,14 @@ Use of [Sealed Secrets](https://github.com/bitnami-labs/sealed-secrets) disables
 | config.defaultMode.userProvisioning | int | 0600 | default mode for userProvisioning config |
 | config.pam | object | `{}` | a map of pam config files. Will be mounted into the container directly / per file, in order to avoid overwriting system pam files |
 | config.profiles | object | `{}` | a map of server-scoped config files (akin to `config.server`), but with specific behavior that supports profiles. See README for more information. |
-| config.secret | string | `nil` | a map of secret, server-scoped config files. Mounted to `/mnt/secret-configmap/rstudio/` with 0600 permissions |
+| config.secret | string | `nil` | a map of secret, server-scoped config files (database.conf, databricks.conf, openid-client-secret). Mounted to `/mnt/secret-configmap/rstudio/` with 0600 permissions |
 | config.server | object | [RStudio Workbench Configuration Reference](https://docs.rstudio.com/ide/server-pro/rstudio_server_configuration/rstudio_server_configuration.html). See defaults with `helm show values` | a map of server config files. Mounted to `/mnt/configmap/rstudio/` |
 | config.serverDcf | object | `{"launcher-mounts":[]}` | a map of server-scoped config files (akin to `config.server`), but with .dcf file formatting (i.e. `launcher-mounts`, `launcher-env`, etc.) |
-| config.session | object | `{"notifications.conf":{},"repos.conf":{"RSPM":"https://packagemanager.rstudio.com/cran/__linux__/jammy/latest"},"rsession.conf":{},"rstudio-prefs.json":{}}` | a map of session-scoped config files. Mounted to `/mnt/session-configmap/rstudio/` on both server and session, by default. |
+| config.session | object | `{"notifications.conf":{},"repos.conf":{"CRAN":"https://packagemanager.posit.co/cran/__linux__/jammy/latest"},"rsession.conf":{},"rstudio-prefs.json":"{}\n"}` | a map of session-scoped config files. Mounted to `/mnt/session-configmap/rstudio/` on both server and session, by default. |
 | config.sessionSecret | object | `{}` | a map of secret, session-scoped config files (odbc.ini, etc.). Mounted to `/mnt/session-secret/` on both server and session, by default |
 | config.startupCustom | object | `{}` | a map of supervisord .conf files to define custom services. Mounted into the container at /startup/custom/ |
 | config.startupUserProvisioning | object | `{"sssd.conf":"[program:sssd]\ncommand=/usr/sbin/sssd -i -c /etc/sssd/sssd.conf --logger=stderr\nautorestart=false\nnumprocs=1\nstdout_logfile=/dev/stdout\nstdout_logfile_maxbytes=0\nstdout_logfile_backups=0\nstderr_logfile=/dev/stderr\nstderr_logfile_maxbytes=0\nstderr_logfile_backups=0\n"}` | a map of supervisord .conf files to define user provisioning services. Mounted into the container at /startup/user-provisioning/ |
-| config.userProvisioning | object | `{}` |  |
+| config.userProvisioning | object | `{}` | a map of sssd config files, used for user provisioning. Mounted to `/etc/sssd/conf.d/` with 0600 permissions |
 | dangerRegenerateAutomatedValues | bool | `false` |  |
 | diagnostics | object | `{"directory":"/var/log/rstudio","enabled":false}` | Settings for enabling server diagnostics |
 | extraObjects | list | `[]` | Extra objects to deploy (value evaluated as a template) |
@@ -487,7 +518,7 @@ Use of [Sealed Secrets](https://github.com/bitnami-labs/sealed-secrets) disables
 | rbac.clusterRoleCreate | bool | `false` | Whether to create the ClusterRole that grants access to the Kubernetes nodes API. This is used by the Launcher to get all of the IP addresses associated with the node that is running a particular job. In most cases, this can be disabled as the node's internal address is sufficient to allow proper functionality. |
 | rbac.create | bool | `true` | Whether to create rbac. (also depends on launcher.enabled = true) |
 | rbac.serviceAccount | object | `{"annotations":{},"create":true,"labels":{},"name":""}` | The serviceAccount to be associated with rbac (also depends on launcher.enabled = true) |
-| readinessProbe | object | `{"enabled":true,"failureThreshold":3,"httpGet":{"path":"/health-check","port":8787},"initialDelaySeconds":3,"periodSeconds":3,"successThreshold":1,"timeoutSeconds":1}` | readinessProbe is used to configure the container's readinessProbe |
+| readinessProbe | object | `{"enabled":true,"failureThreshold":3,"httpGet":{"path":"/health-check","port":8787},"initialDelaySeconds":10,"periodSeconds":3,"successThreshold":1,"timeoutSeconds":1}` | readinessProbe is used to configure the container's readinessProbe |
 | replicas | int | `1` | replicas is the number of replica pods to maintain for this service. Use 2 or more to enable HA |
 | resources | object | `{"limits":{"cpu":"2000m","enabled":false,"ephemeralStorage":"200Mi","memory":"4Gi"},"requests":{"cpu":"100m","enabled":false,"ephemeralStorage":"100Mi","memory":"2Gi"}}` | resources define requests and limits for the rstudio-server pod |
 | revisionHistoryLimit | int | `10` | The revisionHistoryLimit to use for the pod deployment. Do not set to 0 |

@@ -117,7 +117,7 @@ the `XDG_CONFIG_DIRS` environment variable
   - mounted at `/mnt/session-secret/`
 - Secret Configuration
   - These configuration files are mounted into the server with more restrictive permissions (0600)
-  - `database.conf`, `openid-client-secret`, etc.
+  - `database.conf`, `openid-client-secret`, `databricks.conf`
   - They are located in the `config.secret.<< name of file >>` helm values
   - mounted at `/mnt/secret-configmap/rstudio/`
 - Server Configuration
@@ -162,6 +162,37 @@ config:
   - Located at `config.pam.<< name of file >>` helm values
   - Will be mounted verbatim as individual files (using `subPath` mounts) at `/etc/pam.d/<< name of file >>`
 
+### Configuring R and Python repositories
+
+#### R repositories
+
+R package repositories can be configured with `config.session.repos.conf`.
+
+```
+config:
+  session:
+    repos.conf:
+      CRAN: https://packagemanager.posit.co/cran/__linux__/jammy/latest
+```
+
+For more information about configuring CRAN repositories in Workbench refer to the [Admin Guide](https://docs.posit.co/ide/server-pro/rstudio_pro_sessions/package_installation.html#cran-repositories).
+
+#### Python repositories
+
+pip can be configured with `config.session.pip.conf`. To ensure `pip.conf` is mounted into the session pods it is important that `launcher.useTemplates: true` is set and `pip.conf` settings are listed under `config.session` like in the example below for adding Posit Public Package Manager's PyPI.
+
+```
+launcher:
+  useTemplates: true
+
+config:
+  session:
+    pip.conf:
+      "global":
+        index-url: https://packagemanager.posit.co/pypi/latest/simple
+        trusted-host: packagemanager.posit.co
+```
+
 ## User Provisioning
 
 Provisioning users in RStudio Workbench containers is challenging. Session images have users created automatically (with

@@ -222,7 +222,7 @@ readinessProbe:
   httpGet:
     path: /health-check
     port: 8787
-  initialDelaySeconds: 3
+  initialDelaySeconds: 10
   periodSeconds: 3
   timeoutSeconds: 1
   successThreshold: 1
@@ -404,15 +404,15 @@ config:
   # -- a map of session-scoped config files. Mounted to `/mnt/session-configmap/rstudio/` on both server and session, by default.
   session:
     repos.conf:
-      RSPM: https://packagemanager.rstudio.com/cran/__linux__/jammy/latest
+      CRAN: https://packagemanager.posit.co/cran/__linux__/jammy/latest
     rsession.conf: {}
     notifications.conf: {}
-    rstudio-prefs.json: {}
+    rstudio-prefs.json: |
+      {}
   # -- a map of secret, session-scoped config files (odbc.ini, etc.). Mounted to `/mnt/session-secret/` on both server and session, by default
   sessionSecret: {}
-  # -- a map of secret, server-scoped config files. Mounted to `/mnt/secret-configmap/rstudio/` with 0600 permissions
+  # -- a map of secret, server-scoped config files (database.conf, databricks.conf, openid-client-secret). Mounted to `/mnt/secret-configmap/rstudio/` with 0600 permissions
   secret:
-    # "database.conf": {}
   # -- a map of sssd config files, used for user provisioning. Mounted to `/etc/sssd/conf.d/` with 0600 permissions
   userProvisioning: {}
   # -- a map of server config files. Mounted to `/mnt/configmap/rstudio/`
@@ -452,7 +452,7 @@ config:
     vscode.conf:
       enabled: 1
       exe: /opt/code-server/bin/code-server
-      args: --verbose --host=0.0.0.0
+      args: --host=0.0.0.0
     vscode-user-settings.json: |
       {
             "terminal.integrated.shell.linux": "/bin/bash",