From 3505ba19fca7d9ba72af642b3f13d095a0a0ca28 Mon Sep 17 00:00:00 2001
From: Mihail Radkov <mihail.radkov@ontotext.com>
Date: Sun, 26 Jan 2025 10:11:58 +0200
Subject: [PATCH 1/3] Bump the chart to version 11.4.0

Fixed the changelog for version 11.4.0 as some entries
were for 11.3.0 which is already released.
---
 CHANGELOG.md | 35 ++++++++++++++++++++---------------
 Chart.yaml   |  2 +-
 2 files changed, 21 insertions(+), 16 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2aefd9f..ba4dfb0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,25 @@
 # GraphDB Helm chart release notes
 
+## Version 11.4.0
+
+### New
+
+- Added new configuration properties for GraphDB Tomcat connector SSL/TLS
+  - Added `configuration.tls.keystore` to configure a keystore with its properties
+  - Added `configuration.tls.truststore` to configure a truststore with its properties
+  - Added `configuration.tls.certificateRevocationList` to configure a certificate revocation list
+- Added new configuration properties for configuring GraphDB cluster security (SSL/TLS)
+  - Added `cluster.tls.mode` to configure cluster security mode
+  - Added `cluster.tls.keystore` to configure a keystore with its properties
+  - Added `cluster.tls.truststore` to configure a truststore with its properties
+  - Added `cluster.tls.certificate` to configure a certificate
+  - Added `cluster.tls.certificateChain` to configure a certificate chain
+  - Added `cluster.tls.certificateKey` to configure a private key with its properties
+  - Added `cluster.tls.rootCerts` to configure root certificates to be trusted
+  - Added `cluster.tls.certificateRevocationList` to configure a certificate revocation list
+- Updated jobs and scripts to use `https` or `http` depending on whether the Tomcat connector security is configured
+- Added `indices` configuration enabling a job for initial preloading of indices and other SPARQL updates
+
 ## Version 11.3.3
 
 ### Fixed
@@ -27,21 +47,6 @@
   - Added `license.mountPath` to configure where the license volume is mounted
   - Added `license.optional` to configure the license volume as optional if needed
   - Added `license.readOnly` to configure the read/write mode of the license volume mount
-- Added new configuration properties for GraphDB Tomcat connector SSL/TLS
-  - Added `configuration.tls.keystore` to configure a keystore with its properties
-  - Added `configuration.tls.truststore` to configure a truststore with its properties
-  - Added `configuration.tls.certificateRevocationList` to configure a certificate revocation list
-- Added new configuration properties for configuring GraphDB cluster security (SSL/TLS)
-  - Added `cluster.tls.mode` to configure cluster security mode
-  - Added `cluster.tls.keystore` to configure a keystore with its properties
-  - Added `cluster.tls.truststore` to configure a truststore with its properties
-  - Added `cluster.tls.certificate` to configure a certificate
-  - Added `cluster.tls.certificateChain` to configure a certificate chain
-  - Added `cluster.tls.certificateKey` to configure a private key with its properties
-  - Added `cluster.tls.rootCerts` to configure root certificates to be trusted
-  - Added `cluster.tls.certificateRevocationList` to configure a certificate revocation list
-- Updated jobs and scripts to use `https` or `http` depending on whether the Tomcat connector security is configured
-
 - Updated to GraphDB [10.8.0](https://graphdb.ontotext.com/documentation/10.8/release-notes.html#graphdb-10-8-0)
 
 ### Updated
diff --git a/Chart.yaml b/Chart.yaml
index 1dd089f..a04394f 100644
--- a/Chart.yaml
+++ b/Chart.yaml
@@ -5,7 +5,7 @@ apiVersion: v2
 name: graphdb
 description: GraphDB is a highly efficient, scalable and robust graph database with RDF and SPARQL support.
 type: application
-version: 11.3.3
+version: 11.4.0
 appVersion: 10.8.2
 kubeVersion: ^1.26.0-0
 home: https://graphdb.ontotext.com/

From 49c492035c8eb930e8784962facd8f5856478fa7 Mon Sep 17 00:00:00 2001
From: Mihail Radkov <mihail.radkov@ontotext.com>
Date: Sun, 26 Jan 2025 10:11:11 +0200
Subject: [PATCH 2/3] GDB-11193: Time zone configurations for the backup cron
 job

Added a new configuration that allows to override the default timezone
which usually is the local timezone.
---
 CHANGELOG.md                       | 1 +
 templates/jobs/cronjob-backup.yaml | 3 +++
 values.yaml                        | 6 ++++++
 3 files changed, 10 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index ba4dfb0..36ea2f8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -19,6 +19,7 @@
   - Added `cluster.tls.certificateRevocationList` to configure a certificate revocation list
 - Updated jobs and scripts to use `https` or `http` depending on whether the Tomcat connector security is configured
 - Added `indices` configuration enabling a job for initial preloading of indices and other SPARQL updates
+- Added `backup.timezone` configuration for overriding the default timezone with a specific one
 
 ## Version 11.3.3
 
diff --git a/templates/jobs/cronjob-backup.yaml b/templates/jobs/cronjob-backup.yaml
index acb9c7f..a20afb3 100644
--- a/templates/jobs/cronjob-backup.yaml
+++ b/templates/jobs/cronjob-backup.yaml
@@ -12,6 +12,9 @@ metadata:
   {{- end }}
 spec:
   schedule: {{ .Values.backup.schedule | quote }}
+  {{- if and .Values.backup.timezone (semverCompare ">=1.27-0" .Capabilities.KubeVersion.Version) }}
+  timeZone: {{ .Values.backup.timezone }}
+  {{- end }}
   successfulJobsHistoryLimit: {{ .Values.backup.successfulJobsHistoryLimit }}
   failedJobsHistoryLimit: {{ .Values.backup.failedJobsHistoryLimit }}
   concurrencyPolicy: Forbid
diff --git a/values.yaml b/values.yaml
index 31b8fba..e52a32d 100644
--- a/values.yaml
+++ b/values.yaml
@@ -756,6 +756,12 @@ backup:
   # Ref: https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/#schedule-syntax
   schedule: "@midnight"
 
+  # Specifies the time zone for the cron job. If not specified, Kubernetes will use the local time zone by default.
+  # This requires Kubernetes v1.27 or greater.
+  #
+  # Ref: https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/#time-zones
+  timezone: ""
+
   # Backup options that will be injected as JSON in the default backup options Secret. \
   # These configurations define the backup behaviour such as including or excluding repositories or system data.
   #

From 05f3dd2e32dd7236796572bd53fe1ca98ac279f5 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Sun, 26 Jan 2025 08:18:08 +0000
Subject: [PATCH 3/3] Updated the README

---
 README.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 27b11a4..7374a2e 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
 # Helm Chart for GraphDB
 
 [![CI](https://github.com/Ontotext-AD/graphdb-helm/actions/workflows/ci.yml/badge.svg)](https://github.com/Ontotext-AD/graphdb-helm/actions/workflows/ci.yml)
-![Version: 11.3.3](https://img.shields.io/badge/Version-11.3.3-informational?style=flat-square)
+![Version: 11.4.0](https://img.shields.io/badge/Version-11.4.0-informational?style=flat-square)
 ![AppVersion: 10.8.2](https://img.shields.io/badge/AppVersion-10.8.2-informational?style=flat-square)
 
 <!--
@@ -322,6 +322,7 @@ IMPORTANT: This is generated by helm-docs, do not attempt modifying it on hand a
 | backup.optionsSecret.secretKey | string | `"backup_options.json"` |  |
 | backup.schedule | string | `"@midnight"` |  |
 | backup.successfulJobsHistoryLimit | int | `3` |  |
+| backup.timezone | string | `""` |  |
 | backup.type | string | `"cloud"` |  |
 | cluster.clusterCreationTimeout | int | `60` |  |
 | cluster.config.configmapKey | string | `"cluster-config.json"` |  |