studio/docs
Archived
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

(CI) copy helm config from people

Browse Source 
Naive copy of helm config from people repository
to impress repository.
This commit is contained in:
Anthony LC
2024-04-04 11:52:17 +02:00
committed by Anthony LC
parent 409691d466
commit 17729e231b
20 changed files with 1580 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
src/helm/env.d/dev/secrets.enc.yaml Normal file
View File

@@ -0,0 +1,69 @@
djangoSecretKey: ENC[AES256_GCM,data:XKgM2zd1+/bxvdUzBp3zK0XUPDPjDwsfDa6WPVUULqxZ0RcuPsKRMjBgFvE9hLd4AvY=,iv:0Uk4QXWiAW6HW/7kmx2hbwU3sEdjIsTxm3T5U0wlbws=,tag:9I+fEYxkLClZ39x1eNP7sQ==,type:str]
oidc:
clientId: ENC[AES256_GCM,data:KlkyIG8tNj6Nj3G4nIN+QGt9FPtMIkoitC8jxx5n4hHq71mF,iv:AKrdqPnBFLNxtRB1cphRKtH9ccwx7V4ApspjIQxtWmY=,tag:8Upvn77PKsJ0ktQh/orXqQ==,type:str]
clientSecret: ENC[AES256_GCM,data:O6RwyuiaXGO3afc4sRQz5nHW62Dkx2/I4jVqGgkms/fsDHpCMs0I3iTfGPUgI4uER60Yml16yc6n/7LWbqoy+A==,iv:1wJhrsNOZcgduy4N5WNuUPNX2R5fwyMJTpjV8IPm7Hc=,tag:Q42WTMFIPSdEtllHyLZwbQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age15fyxdwmg5mvldtqqus87xspuws2u0cpvwheehrtvkexj4tnsqqysw6re2x
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyTjRhME5rSXU4bGlzVXBu
ZS9WanpqRU1zUVJxM01Ld0NiYVR1ak5OZ2dJClRSSTJNSTdoTEQ2UzRVSlhRbDRx
NWxId2tsbUhFd0lOUUY4dTJTOG5tMW8KLS0tIDRpcThPaTkyQ005aXhqSnVTYkN2
LzhKU1FUeklTd1RuUk1lSVYwK3VLTEEKcKHaluWQ+Wgs9qI0qvyfnx+goSymL9wc
bJ0lxptRr0PGHdKhBRRlSe6HCMfshIoTktooUT6vNv4AsPmZuJZhJg==
-----END AGE ENCRYPTED FILE-----
- recipient: age16hnlml8yv4ynwy0seer57g8qww075crd0g7nsundz3pj4wk7m3vqftszg7
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5bEFSaS9TWmJ6MkRWd09J
TVdGTGN4SS9kVE5yMlRTUHBWK09pYVZpUTFVClJmZ1pVSm1XZFIxeXkrb2gxbTYy
eDVvT2RUNHBOWDRSa1Y1MkpxMGhzbDAKLS0tIEl2ZE1Bb0U4NGZ3QVg2ZUpRQ0o5
YUFNOS8xUnlKOXZSZ0M2ai8yNmNxTGsKHhwRXY18pGLitckX5vxFRJyqVL4VgWbw
+Gy+IwB7fJXoYlKHJXFfLOfhifCvrgouTcqV0ckPx/WYWSUKNDO89A==
-----END AGE ENCRYPTED FILE-----
- recipient: age1g5keveae6zhn059e7cxkjqdz4v3u47ypejv9ujld65nwh6d5pd9qfm0ecv
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwQnNWTC9TUHZZZ3JoUnBL
Vmh4OEwvNzVzUS9HVVpaT3lBWlllbFZsSzJnCmhCR0NDT0Q5ekFCSDdoclB4Sml3
ZjVnV1BpTkhmS0FUSDZmWGk4WGRrVGMKLS0tIGFCTUk1dzBaV1VBR0pLUGJtWDJh
RVd4K2Q0b2Vqc2F6b1hmQng1RHRheWcKOHUOZm+GjvHOKI3VRlgPeH3IKojGB9F4
YhkW83lF1Wl0XYnHEUya25bMSYLzQHOPiy2I7n4K45uk8hKQmrKE5w==
-----END AGE ENCRYPTED FILE-----
- recipient: age12g6f5fse25tgrwweleh4jls3qs52hey2edh759smulwmk5lnzadslu2cp3
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQbTAxQnJzc2xVZUh0VFBh
RUZiN3l6eHNLYzUyVVdqUVl5WjFBRW9uamhVCkRJM1hGWndXclNoVlMvcjQvZTlm
K3RxL2xrb0txZk1XaGlHTGRZbVFQemMKLS0tIFZaRkFQWURzcnRaV1lqTGhMTFp0
TTVNU2NnLzhlR0dTLzBkdThpeURWL28KHxERu5qGbXlZnTw9bHHe7AgCOZ3PI99R
91bVqvche0QPiESnu0Od4sIHID5g5F5+EBw53lQgjEx0c4Q1GFQfFQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1tl80n23wq6zxegupwn70ew0yp225ua5v4dk800x7g2w6pvlxz46qk592pa
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnQXlGVEJDTDlvTDI1RXAy
ZkZSN2NzVHNmb3U3N2xRQ3EyWmtaYmZyMEM0Cjh0QWh2ZUZycFVjbEJmdDNEK0pZ
MGFSTW13TkRmU1RkZzVvVTZpQkMvaW8KLS0tIE5JRUtOSHErSmtnN1krZFVEd2hs
OXNMaEc4ZUw0RW9qaHhiUVdIZVZrVlEKMBG7NyFXqT6zxwxIq30Nj+uWz/zhjbhU
y4JqomFHxzwySEQD/1rfnTIJpmgpJNbyvRo4ToLDsM3B8TWk6D7/MQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1qy04neuzwpasmvljqrcvhwnf0kz5cpyteze38c8avp0czewskasszv9pyw
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArMnFJMXR3SFBuTGt2TWdL
bUZMQkU3dTlYS0xqbW9xN3JrY28rWEtIcHpFCmUxbFBQYWgyM1dPOUtLVmEwWDJj
N1RtUkVVSHFmUWkyZFBndmhGeFgwc1kKLS0tIHNMSjVYemQyTUlqVGVtVlBHU2cx
eEh1MmhQRFNyNE1NSDdwWk5BRCtDMFUKZByCL2Wj0X+lwUo06PHwOiaJhzqOMVVt
Rj/pvynxLV4d0RBzwpgdL9uV8VzTED4GW9wotODbhEUtdlpSS1YOGg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-03-26T22:31:10Z"
mac: ENC[AES256_GCM,data:OujhtajsuAQrC5KNFPxqjMlHAS9tpjvvsu8LRZf8XKrMui3ZBAHO2TdF7z/sAEB9OPlPJZGZU4jMDNXZkIi1zv3mUDNJXPs0oitgIEXSYCDHcZQea093hSMd4tX1yLQM3M5GH1aFZDXfIpKT7UvLjiVv+8aXp7BLQNNilbFKV1g=,iv:1OD4SuMUSD3fcuO4QiZpjij49JHwKqDJvXOT0wyJ0zs=,tag:VW4KiInBhIpbaaAS18eNUQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

52
src/helm/env.d/dev/values.desk.yaml.gotmpl Normal file
View File

@@ -0,0 +1,52 @@
image:
repository: localhost:5001/people-backend
pullPolicy: Always
tag: "latest"
backend:
envVars:
DJANGO_CSRF_TRUSTED_ORIGINS: https://desk.127.0.0.1.nip.io,http://desk.127.0.0.1.nip.io
DJANGO_CONFIGURATION: Production
DJANGO_ALLOWED_HOSTS: "*"
DJANGO_SECRET_KEY: {{ .Values.djangoSecretKey }}
DJANGO_SETTINGS_MODULE: people.settings
DJANGO_SUPERUSER_PASSWORD: admin
DJANGO_EMAIL_HOST: "mailcatcher"
DJANGO_EMAIL_PORT: 1025
DJANGO_EMAIL_USE_SSL: False
OIDC_OP_JWKS_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/jwks
OIDC_OP_AUTHORIZATION_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/authorize
OIDC_OP_TOKEN_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/token
OIDC_OP_USER_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/userinfo
OIDC_RP_CLIENT_ID: {{ .Values.oidc.clientId }}
OIDC_RP_CLIENT_SECRET: {{ .Values.oidc.clientSecret }}
OIDC_RP_SIGN_ALGO: RS256
OIDC_RP_SCOPES: "openid email"
OIDC_REDIRECT_ALLOWED_HOSTS: https://desk.127.0.0.1.nip.io
OIDC_AUTH_REQUEST_EXTRA_PARAMS: "{'acr_values': 'eidas1'}"
LOGIN_REDIRECT_URL: https://desk.127.0.0.1.nip.io
LOGIN_REDIRECT_URL_FAILURE: https://desk.127.0.0.1.nip.io
LOGOUT_REDIRECT_URL: https://desk.127.0.0.1.nip.io/login
DB_HOST: postgres-postgresql
DB_NAME: people
DB_USER: dinum
DB_PASSWORD: pass
DB_PORT: 5432
POSTGRES_DB: people
POSTGRES_USER: dinum
POSTGRES_PASSWORD: pass
REDIS_URL: redis://default:pass@redis-master:6379/1
frontend:
image:
repository: localhost:5001/people-frontend
pullPolicy: Always
tag: "latest"
ingress:
enabled: true
host: desk.127.0.0.1.nip.io
ingressAdmin:
enabled: true
host: desk.127.0.0.1.nip.io

69
src/helm/env.d/staging/secrets.enc.yaml Normal file
View File

@@ -0,0 +1,69 @@
djangoSecretKey: ENC[AES256_GCM,data:trxlec0na+q/9kh7kkZpuyp1Zjx9uXyL3fS+UEsGsN612X5tVLtAUuSx8aGYr/f6uYs=,iv:+gjpSUBq9TEmeLYC18vT2HOi869W9xgzxC5QchI1iUg=,tag:zvKVaqwY43bRWOhhr3dFcg==,type:str]
oidc:
clientId: ENC[AES256_GCM,data:3A6nchWO8pVLIlWLRL3TBXCuwoo4dyrvtrfqrBqStLJRUl2A,iv:WZwTDGphAJ2KRN6cpj4HpZM5AsLywsjdI9m9tuhjigg=,tag:7GDMJhF0jrZghPENdQF9xw==,type:str]
clientSecret: ENC[AES256_GCM,data:X2pWXOrxlt+Sbf6Wq7g4Rz65AOXsAB/U35sJDFXHfZpT556xKekDmW/isD1R3kP8OTtigVi0gSrOvMePC9tgmg==,iv:sTD3nXIx2Z52pzO8A8VNpcQJ9Or9KMAxTG5/fYL0oTI=,tag:CCKemFbgJNDCY2bwNpqJiA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age15fyxdwmg5mvldtqqus87xspuws2u0cpvwheehrtvkexj4tnsqqysw6re2x
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1SzRHcERkUUdLVk9XOG9M
MDdjSGZDam9wbUNwMFZaZ0I0bXJZSDRhTUJVClh3YkRXR3lSRGNrditwejZaeWVD
MVIxNG0yMjNzNlVNVFc2N0Y0dXlaSkkKLS0tIHpWcGZNRkoxZDJJcDg0Y1hJOWM4
YTdVVC8xU0p1RTZMTmFSQ20rdGFydGsKb/iZA5lO/QdPnNIuC3irxT2Ajh4C5SES
p74VU20kUNFt7WsHMUBlkxbC2p4Mw+qacjIGqpezC+69UlSwTXawMA==
-----END AGE ENCRYPTED FILE-----
- recipient: age16hnlml8yv4ynwy0seer57g8qww075crd0g7nsundz3pj4wk7m3vqftszg7
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzVjZTdENzQllqayt4L1RE
aWFTaHQ0MXpCWFIxN1ZySmFIRXlzSEZrM0c0CmpSUXFISGF1S3IyMjNIdEdSTEJs
MW0rQmdRRWxVREU0c1dUWnpNQW9kbHMKLS0tIE9SVUFERk9CT2RDSmdjYjlzUnNm
MTJGQTRZTzQzeEVrVnFxZVErdWpKMVkKMZzombPphRq0mEKxQotJfLBdBQz+PDJU
YbiTe9jLLWeNDdoqMKNmcAtW0tBL0r3KWtGIZRWDV+IXXXbkVRubnA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1g5keveae6zhn059e7cxkjqdz4v3u47ypejv9ujld65nwh6d5pd9qfm0ecv
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzSnJrUTFiZm0vRldkS2hr
cUl6bmpHbDBtTmJRWnp1YTR1SzZFMmZmc3dnClVra25QNnBURkZySGRuZlFHNWk2
dUhvNVhqaWU1bVZVQlpyeDh4eXo3M0EKLS0tIFJHbXU3eG5velpZSTdESysvcVFr
MzBjM0plTnZGakhqckJ4L0NVVGVBSEkK3FI3omG4PXTmBxnnUVAwyRA2B99rzbtx
GqqSqCFYfn4aSFz6kz4+hxzv9rEgMBWhqpA6dpfBbz3SxmbDTW8V6Q==
-----END AGE ENCRYPTED FILE-----
- recipient: age12g6f5fse25tgrwweleh4jls3qs52hey2edh759smulwmk5lnzadslu2cp3
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5SEZlcnNDRlNSTWRrdG1S
KzRMZ2RBdzVEQVBwTFNXRVk2dG5DUnc0MjJnCnVoeVZ2WnRVaWFMMjBESTZUeHQ0
RllWdnNXRTRkbWZXbldVVHc0QldhQkkKLS0tIDhuSU1sNXU5R2p5LzI1YXp2VEVo
M3JqeGd2MnQ0QnNNM0cyWHpUYmlHc1EKnZazjekMiytOi1jLktn9DoaRHT0lQP2s
GYvHZ4+xM3LwobmnVJCq1bXnl8fBuVKZbTOG+WeJbxNJq9fSk2I6rw==
-----END AGE ENCRYPTED FILE-----
- recipient: age1tl80n23wq6zxegupwn70ew0yp225ua5v4dk800x7g2w6pvlxz46qk592pa
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRSDRQRlc2dUVPWjN4Tlpw
cGpXeGtxc1JWOVdSc0s1WGRrTUl0UmcyVmhrCmNqWkZuZDJYLzM5YlhuVFc0bEln
aExWZ0F6bnBzYkd4V0xKeFZudHplL1UKLS0tIHUvSUtadlRCeC8yNUVEVjZEVm1L
RXVINFI5bHdDWGNjUjNsRU8xbTd0T0UKYL3phOso3YNi6tTWbpHdXW/Pae6uzz17
AmLjdjD4KUVTlu6bhzSrazP+3EDtO5X3S57nladHcvxQPdqgAJQ99A==
-----END AGE ENCRYPTED FILE-----
- recipient: age1qy04neuzwpasmvljqrcvhwnf0kz5cpyteze38c8avp0czewskasszv9pyw
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtV3JvKzZnaGN4WTBsTnc2
TDNNYk10ZWhOWHAyZjlWWGRsMDJuSHI3cXg0CllVL1VIVitSLzNieEc2ZWppdVFi
RmlZMjE2cWdEcVhBenl2UG5McUZUK0UKLS0tIE1XMlN0YzZWVVVOdlJsZVZ1VTVC
bnBRVTJYUzYzNEM1eU8vQzlqdk9lY3MKM9g8opHNjlm2cAkVzc9LXt2TM+Jmq8Of
DbVFbegKV8lgnLKdmWVeKDtLFHiZj4dQclvwxbNuIk2QvEj9Wam7uQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-03-26T22:31:45Z"
mac: ENC[AES256_GCM,data:jC6rd1YvDrDZxY4gfPGYY6rwygTgeL0w95a81aGAElthOl+r9eaNsqDvkOYaEuoZctdIP4MmaGfC8ZjBGrK+WbTacxHNmv9OaB43STrEqBmZWVDRUJZEgYhdQGMOW0jpDc08WaV67J1ViEuH4bcaUCwHrT//HQUf3e+25ZsO4R8=,iv:tf6xbLvxzURT0FcV0ZZYaT0b6v6GnIO854NLZZvCS8Q=,tag:5lz71fju3WHwQKTyW+lkAw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

91
src/helm/env.d/staging/values.desk.yaml.gotmpl Normal file
View File

@@ -0,0 +1,91 @@
image:
repository: lasuite/people-backend
pullPolicy: Always
tag: "main"
backend:
migrateJobAnnotations:
argocd.argoproj.io/hook: PreSync
argocd.argoproj.io/hook-delete-policy: HookSucceeded
envVars:
DJANGO_CSRF_TRUSTED_ORIGINS: http://desk-staging.beta.numerique.gouv.fr,https://desk-staging.beta.numerique.gouv.fr
DJANGO_CONFIGURATION: Production
DJANGO_ALLOWED_HOSTS: "*"
DJANGO_SECRET_KEY: {{ .Values.djangoSecretKey }}
DJANGO_SETTINGS_MODULE: people.settings
DJANGO_SUPERUSER_PASSWORD: admin
DJANGO_EMAIL_HOST: "snap-mail.numerique.gouv.fr"
DJANGO_EMAIL_PORT: 465
DJANGO_EMAIL_USE_SSL: True
DJANGO_SILENCED_SYSTEM_CHECKS: security.W008,security.W004
OIDC_OP_JWKS_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/jwks
OIDC_OP_AUTHORIZATION_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/authorize
OIDC_OP_TOKEN_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/token
OIDC_OP_USER_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/userinfo
OIDC_RP_CLIENT_ID: {{ .Values.oidc.clientId }}
OIDC_RP_CLIENT_SECRET: {{ .Values.oidc.clientSecret }}
OIDC_RP_SIGN_ALGO: RS256
OIDC_RP_SCOPES: "openid email"
OIDC_REDIRECT_ALLOWED_HOSTS: https://desk-staging.beta.numerique.gouv.fr
OIDC_AUTH_REQUEST_EXTRA_PARAMS: "{'acr_values': 'eidas1'}"
LOGIN_REDIRECT_URL: https://desk-staging.beta.numerique.gouv.fr
LOGIN_REDIRECT_URL_FAILURE: https://desk-staging.beta.numerique.gouv.fr
LOGOUT_REDIRECT_URL: https://desk-staging.beta.numerique.gouv.fr/login
DB_HOST:
secretKeyRef:
name: postgresql.postgres.libre.sh
key: host
DB_NAME:
secretKeyRef:
name: postgresql.postgres.libre.sh
key: database
DB_USER:
secretKeyRef:
name: postgresql.postgres.libre.sh
key: username
DB_PASSWORD:
secretKeyRef:
name: postgresql.postgres.libre.sh
key: password
DB_PORT:
secretKeyRef:
name: postgresql.postgres.libre.sh
key: port
POSTGRES_USER:
secretKeyRef:
name: postgresql.postgres.libre.sh
key: username
POSTGRES_DB:
secretKeyRef:
name: postgresql.postgres.libre.sh
key: database
POSTGRES_PASSWORD:
secretKeyRef:
name: postgresql.postgres.libre.sh
key: password
REDIS_URL:
secretKeyRef:
name: redis.redis.libre.sh
key: url
frontend:
image:
repository: lasuite/people-frontend
pullPolicy: Always
tag: "main"
ingress:
enabled: true
host: desk-staging.beta.numerique.gouv.fr
className: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
ingressAdmin:
enabled: true
host: desk-staging.beta.numerique.gouv.fr
className: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/auth-signin: https://oauth2-proxy-preprod.beta.numerique.gouv.fr/oauth2/start
nginx.ingress.kubernetes.io/auth-url: https://oauth2-proxy-preprod.beta.numerique.gouv.fr/oauth2/auth

5
src/helm/extra/Chart.yaml Normal file
View File

@@ -0,0 +1,5 @@
apiVersion: v2
name: extra
description: A Helm chart to add some manifests to desk
type: application
version: 0.1.0

7
src/helm/extra/templates/keydb.yaml Normal file
View File

@@ -0,0 +1,7 @@
apiVersion: core.libre.sh/v1alpha1
kind: Redis
metadata:
name: redis
namespace: {{ .Release.Namespace | quote }}
spec:
disableAuth: false

7
src/helm/extra/templates/postgresql.yaml Normal file
View File

@@ -0,0 +1,7 @@
apiVersion: core.libre.sh/v1alpha1
kind: Postgres
metadata:
name: postgresql
namespace: {{ .Release.Namespace | quote }}
spec:
database: desk

55
src/helm/helmfile.yaml Normal file
View File

@@ -0,0 +1,55 @@
repositories:
- name: bitnami
url: registry-1.docker.io/bitnamicharts
oci: true
releases:
- name: postgres
installed: {{ eq .Environment.Name "dev" | toYaml }}
namespace: {{ .Namespace }}
chart: bitnami/postgresql
version: 13.1.5
values:
- auth:
username: dinum
password: pass
database: people
- tls:
enabled: true
autoGenerated: true
- name: redis
installed: {{ eq .Environment.Name "dev" | toYaml }}
namespace: {{ .Namespace }}
chart: bitnami/redis
version: 18.19.2
values:
- auth:
password: pass
- name: extra
installed: {{ ne .Environment.Name "dev" | toYaml }}
namespace: {{ .Namespace }}
chart: ./extra
- name: desk
version: {{ .Values.version }}
namespace: {{ .Namespace }}
chart: ./desk
values:
- env.d/{{ .Environment.Name }}/values.desk.yaml.gotmpl
secrets:
- env.d/{{ .Environment.Name }}/secrets.enc.yaml
environments:
dev:
values:
- version: 0.0.1
secrets:
- env.d/{{ .Environment.Name }}/secrets.enc.yaml
staging:
values:
- version: 0.0.1
secrets:
- env.d/{{ .Environment.Name }}/secrets.enc.yaml

4
src/helm/impress/Chart.yaml Normal file
View File

@@ -0,0 +1,4 @@
apiVersion: v2
type: application
name: desk
version: 0.0.1

128
src/helm/impress/README.md Normal file
View File

@@ -0,0 +1,128 @@
# Desk helm chart
## Parameters
### General configuration
| Name | Description | Value |
| ------------------------------------------ | ---------------------------------------------------- | ------------------------ |
| `image.repository` | Repository to use to pull desk's container image | `lasuite/people-backend` |
| `image.tag` | desk's container tag | `latest` |
| `image.pullPolicy` | Container image pull policy | `IfNotPresent` |
| `image.credentials.username` | Username for container registry authentication | |
| `image.credentials.password` | Password for container registry authentication | |
| `image.credentials.registry` | Registry url for which the credentials are specified | |
| `image.credentials.name` | Name of the generated secret for imagePullSecrets | |
| `nameOverride` | Override the chart name | `""` |
| `fullnameOverride` | Override the full application name | `""` |
| `ingress.enabled` | whether to enable the Ingress or not | `false` |
| `ingress.className` | IngressClass to use for the Ingress | `nil` |
| `ingress.host` | Host for the Ingress | `desk.example.com` |
| `ingress.path` | Path to use for the Ingress | `/` |
| `ingress.hosts` | Additional host to configure for the Ingress | `[]` |
| `ingress.tls.enabled` | Weather to enable TLS for the Ingress | `true` |
| `ingress.tls.additional[].secretName` | Secret name for additional TLS config | |
| `ingress.tls.additional[].hosts[]` | Hosts for additional TLS config | |
| `ingress.customBackends` | Add custom backends to ingress | `[]` |
| `ingressAdmin.enabled` | whether to enable the Ingress or not | `false` |
| `ingressAdmin.className` | IngressClass to use for the Ingress | `nil` |
| `ingressAdmin.host` | Host for the Ingress | `desk.example.com` |
| `ingressAdmin.path` | Path to use for the Ingress | `/admin` |
| `ingressAdmin.hosts` | Additional host to configure for the Ingress | `[]` |
| `ingressAdmin.tls.enabled` | Weather to enable TLS for the Ingress | `true` |
| `ingressAdmin.tls.additional[].secretName` | Secret name for additional TLS config | |
| `ingressAdmin.tls.additional[].hosts[]` | Hosts for additional TLS config | |
### backend
| Name | Description | Value |
| ----------------------------------------------------- | ---------------------------------------------------------------------------------- | ----------------------------------------------- |
| `backend.command` | Override the backend container command | `[]` |
| `backend.args` | Override the backend container args | `[]` |
| `backend.replicas` | Amount of backend replicas | `3` |
| `backend.shareProcessNamespace` | Enable share process namespace between containers | `false` |
| `backend.sidecars` | Add sidecars containers to backend deployment | `[]` |
| `backend.securityContext` | Configure backend Pod security context | `nil` |
| `backend.envVars` | Configure backend container environment variables | `undefined` |
| `backend.envVars.BY_VALUE` | Example environment variable by setting value directly | |
| `backend.envVars.FROM_CONFIGMAP.configMapKeyRef.name` | Name of a ConfigMap when configuring env vars from a ConfigMap | |
| `backend.envVars.FROM_CONFIGMAP.configMapKeyRef.key` | Key within a ConfigMap when configuring env vars from a ConfigMap | |
| `backend.envVars.FROM_SECRET.secretKeyRef.name` | Name of a Secret when configuring env vars from a Secret | |
| `backend.envVars.FROM_SECRET.secretKeyRef.key` | Key within a Secret when configuring env vars from a Secret | |
| `backend.podAnnotations` | Annotations to add to the backend Pod | `{}` |
| `backend.service.type` | backend Service type | `ClusterIP` |
| `backend.service.port` | backend Service listening port | `80` |
| `backend.service.targetPort` | backend container listening port | `8000` |
| `backend.service.annotations` | Annotations to add to the backend Service | `{}` |
| `backend.migrate.command` | backend migrate command | `["python","manage.py","migrate","--no-input"]` |
| `backend.migrate.restartPolicy` | backend migrate job restart policy | `Never` |
| `backend.probes.liveness.path` | Configure path for backend HTTP liveness probe | `/__heartbeat__` |
| `backend.probes.liveness.targetPort` | Configure port for backend HTTP liveness probe | `undefined` |
| `backend.probes.liveness.initialDelaySeconds` | Configure initial delay for backend liveness probe | `10` |
| `backend.probes.liveness.initialDelaySeconds` | Configure timeout for backend liveness probe | `10` |
| `backend.probes.startup.path` | Configure path for backend HTTP startup probe | `undefined` |
| `backend.probes.startup.targetPort` | Configure port for backend HTTP startup probe | `undefined` |
| `backend.probes.startup.initialDelaySeconds` | Configure initial delay for backend startup probe | `undefined` |
| `backend.probes.startup.initialDelaySeconds` | Configure timeout for backend startup probe | `undefined` |
| `backend.probes.readiness.path` | Configure path for backend HTTP readiness probe | `/__lbheartbeat__` |
| `backend.probes.readiness.targetPort` | Configure port for backend HTTP readiness probe | `undefined` |
| `backend.probes.readiness.initialDelaySeconds` | Configure initial delay for backend readiness probe | `10` |
| `backend.probes.readiness.initialDelaySeconds` | Configure timeout for backend readiness probe | `10` |
| `backend.resources` | Resource requirements for the backend container | `{}` |
| `backend.nodeSelector` | Node selector for the backend Pod | `{}` |
| `backend.tolerations` | Tolerations for the backend Pod | `[]` |
| `backend.affinity` | Affinity for the backend Pod | `{}` |
| `backend.persistence` | Additional volumes to create and mount on the backend. Used for debugging purposes | `{}` |
| `backend.persistence.volume-name.size` | Size of the additional volume | |
| `backend.persistence.volume-name.type` | Type of the additional volume, persistentVolumeClaim or emptyDir | |
| `backend.persistence.volume-name.mountPath` | Path where the volume should be mounted to | |
| `backend.extraVolumeMounts` | Additional volumes to mount on the backend. | `[]` |
| `backend.extraVolumes` | Additional volumes to mount on the backend. | `[]` |
### frontend
| Name | Description | Value |
| ------------------------------------------------------ | ----------------------------------------------------------------------------------- | ------------------------- |
| `frontend.image.repository` | Repository to use to pull desk's frontend container image | `lasuite/people-frontend` |
| `frontend.image.tag` | desk's frontend container tag | `latest` |
| `frontend.image.pullPolicy` | frontend container image pull policy | `IfNotPresent` |
| `frontend.command` | Override the frontend container command | `[]` |
| `frontend.args` | Override the frontend container args | `[]` |
| `frontend.replicas` | Amount of frontend replicas | `3` |
| `frontend.shareProcessNamespace` | Enable share process namefrontend between containers | `false` |
| `frontend.sidecars` | Add sidecars containers to frontend deployment | `[]` |
| `frontend.securityContext` | Configure frontend Pod security context | `nil` |
| `frontend.envVars` | Configure frontend container environment variables | `undefined` |
| `frontend.envVars.BY_VALUE` | Example environment variable by setting value directly | |
| `frontend.envVars.FROM_CONFIGMAP.configMapKeyRef.name` | Name of a ConfigMap when configuring env vars from a ConfigMap | |
| `frontend.envVars.FROM_CONFIGMAP.configMapKeyRef.key` | Key within a ConfigMap when configuring env vars from a ConfigMap | |
| `frontend.envVars.FROM_SECRET.secretKeyRef.name` | Name of a Secret when configuring env vars from a Secret | |
| `frontend.envVars.FROM_SECRET.secretKeyRef.key` | Key within a Secret when configuring env vars from a Secret | |
| `frontend.podAnnotations` | Annotations to add to the frontend Pod | `{}` |
| `frontend.service.type` | frontend Service type | `ClusterIP` |
| `frontend.service.port` | frontend Service listening port | `80` |
| `frontend.service.targetPort` | frontend container listening port | `8080` |
| `frontend.service.annotations` | Annotations to add to the frontend Service | `{}` |
| `frontend.probes` | Configure probe for frontend | `{}` |
| `frontend.probes.liveness.path` | Configure path for frontend HTTP liveness probe | |
| `frontend.probes.liveness.targetPort` | Configure port for frontend HTTP liveness probe | |
| `frontend.probes.liveness.initialDelaySeconds` | Configure initial delay for frontend liveness probe | |
| `frontend.probes.liveness.initialDelaySeconds` | Configure timeout for frontend liveness probe | |
| `frontend.probes.startup.path` | Configure path for frontend HTTP startup probe | |
| `frontend.probes.startup.targetPort` | Configure port for frontend HTTP startup probe | |
| `frontend.probes.startup.initialDelaySeconds` | Configure initial delay for frontend startup probe | |
| `frontend.probes.startup.initialDelaySeconds` | Configure timeout for frontend startup probe | |
| `frontend.probes.readiness.path` | Configure path for frontend HTTP readiness probe | |
| `frontend.probes.readiness.targetPort` | Configure port for frontend HTTP readiness probe | |
| `frontend.probes.readiness.initialDelaySeconds` | Configure initial delay for frontend readiness probe | |
| `frontend.probes.readiness.initialDelaySeconds` | Configure timeout for frontend readiness probe | |
| `frontend.resources` | Resource requirements for the frontend container | `{}` |
| `frontend.nodeSelector` | Node selector for the frontend Pod | `{}` |
| `frontend.tolerations` | Tolerations for the frontend Pod | `[]` |
| `frontend.affinity` | Affinity for the frontend Pod | `{}` |
| `frontend.persistence` | Additional volumes to create and mount on the frontend. Used for debugging purposes | `{}` |
| `frontend.persistence.volume-name.size` | Size of the additional volume | |
| `frontend.persistence.volume-name.type` | Type of the additional volume, persistentVolumeClaim or emptyDir | |
| `frontend.persistence.volume-name.mountPath` | Path where the volume should be mounted to | |
| `frontend.extraVolumeMounts` | Additional volumes to mount on the frontend. | `[]` |
| `frontend.extraVolumes` | Additional volumes to mount on the frontend. | `[]` |

10
src/helm/impress/generate-readme.sh Normal file
View File

@@ -0,0 +1,10 @@
#!/bin/bash
docker image ls | grep readme-generator-for-helm
if [ "$?" -ne "0" ]; then
git clone https://github.com/bitnami/readme-generator-for-helm.git /tmp/readme-generator-for-helm
cd /tmp/readme-generator-for-helm
docker build -t readme-generator-for-helm:latest .
cd $(dirname -- "${BASH_SOURCE[0]}")
fi
docker run --rm -it -v ./values.yaml:/app/values.yaml -v ./README.md:/app/README.md readme-generator-for-helm:latest readme-generator -v values.yaml -r README.md

175
src/helm/impress/templates/_helpers.tpl Normal file
View File

@@ -0,0 +1,175 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "desk.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "desk.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "desk.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
desk.labels
*/}}
{{- define "desk.labels" -}}
helm.sh/chart: {{ include "desk.chart" . }}
{{ include "desk.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "desk.selectorLabels" -}}
app.kubernetes.io/name: {{ include "desk.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
transform dictionnary of environment variables
Usage : {{ include "desk.env.transformDict" .Values.envVars }}
Example:
envVars:
# Using simple strings as env vars
ENV_VAR_NAME: "envVar value"
# Using a value from a configMap
ENV_VAR_FROM_CM:
configMapKeyRef:
name: cm-name
key: "key_in_cm"
# Using a value from a secret
ENV_VAR_FROM_SECRET:
secretKeyRef:
name: secret-name
key: "key_in_secret"
*/}}
{{- define "desk.env.transformDict" -}}
{{- range $key, $value := . }}
- name: {{ $key | quote }}
{{- if $value | kindIs "map" }}
valueFrom: {{ $value | toYaml | nindent 4 }}
{{- else }}
value: {{ $value | quote }}
{{- end }}
{{- end }}
{{- end }}
{{/*
desk env vars
*/}}
{{- define "desk.common.env" -}}
{{- $topLevelScope := index . 0 -}}
{{- $workerScope := index . 1 -}}
{{- include "desk.env.transformDict" $workerScope.envVars -}}
{{- end }}
{{/*
Common labels
Requires array with top level scope and component name
*/}}
{{- define "desk.common.labels" -}}
{{- $topLevelScope := index . 0 -}}
{{- $component := index . 1 -}}
{{- include "desk.labels" $topLevelScope }}
app.kubernetes.io/component: {{ $component }}
{{- end }}
{{/*
Common selector labels
Requires array with top level scope and component name
*/}}
{{- define "desk.common.selectorLabels" -}}
{{- $topLevelScope := index . 0 -}}
{{- $component := index . 1 -}}
{{- include "desk.selectorLabels" $topLevelScope }}
app.kubernetes.io/component: {{ $component }}
{{- end }}
{{- define "desk.probes.abstract" -}}
{{- if .exec -}}
exec:
{{- toYaml .exec | nindent 2 }}
{{- else if .tcpSocket -}}
tcpSocket:
{{- toYaml .tcpSocket | nindent 2 }}
{{- else -}}
httpGet:
path: {{ .path }}
port: {{ .targetPort }}
{{- end }}
initialDelaySeconds: {{ .initialDelaySeconds | eq nil | ternary 0 .initialDelaySeconds }}
timeoutSeconds: {{ .timeoutSeconds | eq nil | ternary 1 .timeoutSeconds }}
{{- end }}
{{/*
Full name for the backend
Requires top level scope
*/}}
{{- define "desk.backend.fullname" -}}
{{ include "desk.fullname" . }}-backend
{{- end }}
{{/*
Full name for the frontend
Requires top level scope
*/}}
{{- define "desk.frontend.fullname" -}}
{{ include "desk.fullname" . }}-frontend
{{- end }}
{{/*
Usage : {{ include "desk.secret.dockerconfigjson.name" (dict "fullname" (include "desk.fullname" .) "imageCredentials" .Values.path.to.the.image1) }}
*/}}
{{- define "desk.secret.dockerconfigjson.name" }}
{{- if (default (dict) .imageCredentials).name }}{{ .imageCredentials.name }}{{ else }}{{ .fullname | trunc 63 | trimSuffix "-" }}-dockerconfig{{ end -}}
{{- end }}
{{/*
Usage : {{ include "desk.secret.dockerconfigjson" (dict "fullname" (include "desk.fullname" .) "imageCredentials" .Values.path.to.the.image1) }}
*/}}
{{- define "desk.secret.dockerconfigjson" }}
{{- if .imageCredentials -}}
apiVersion: v1
kind: Secret
metadata:
name: {{ template "desk.secret.dockerconfigjson.name" (dict "fullname" .fullname "imageCredentials" .imageCredentials) }}
annotations:
"helm.sh/hook": pre-install,pre-upgrade
"helm.sh/hook-weight": "-5"
"helm.sh/hook-delete-policy": before-hook-creation
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: {{ template "desk.secret.dockerconfigjson.data" .imageCredentials }}
{{- end -}}
{{- end }}

135
src/helm/impress/templates/backend_deployment.yaml Normal file
View File

@@ -0,0 +1,135 @@
{{- $envVars := include "desk.common.env" (list . .Values.backend) -}}
{{- $fullName := include "desk.backend.fullname" . -}}
{{- $component := "backend" -}}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ $fullName }}
labels:
{{- include "desk.common.labels" (list . $component) | nindent 4 }}
spec:
replicas: {{ .Values.backend.replicas }}
selector:
matchLabels:
{{- include "desk.common.selectorLabels" (list . $component) | nindent 6 }}
template:
metadata:
annotations:
{{- with .Values.backend.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "desk.common.selectorLabels" (list . $component) | nindent 8 }}
spec:
{{- if $.Values.image.credentials }}
imagePullSecrets:
- name: {{ include "desk.secret.dockerconfigjson.name" (dict "fullname" (include "desk.fullname" .) "imageCredentials" $.Values.image.credentials) }}
{{- end}}
shareProcessNamespace: {{ .Values.backend.shareProcessNamespace }}
containers:
{{- with .Values.backend.sidecars }}
{{- toYaml . | nindent 8 }}
{{- end }}
- name: {{ .Chart.Name }}
image: "{{ (.Values.backend.image | default dict).repository | default .Values.image.repository }}:{{ (.Values.backend.image | default dict).tag | default .Values.image.tag }}"
imagePullPolicy: {{ (.Values.backend.image | default dict).pullPolicy | default .Values.image.pullPolicy }}
{{- with .Values.backend.command }}
command:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.backend.args }}
args:
{{- toYaml . | nindent 12 }}
{{- end }}
env:
{{- if $envVars}}
{{- $envVars | indent 12 }}
{{- end }}
{{- with .Values.backend.securityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
ports:
- name: http
containerPort: {{ .Values.backend.service.targetPort }}
protocol: TCP
{{- if .Values.backend.probes.liveness }}
livenessProbe:
{{- include "desk.probes.abstract" (merge .Values.backend.probes.liveness (dict "targetPort" .Values.backend.service.targetPort )) | nindent 12 }}
{{- end }}
{{- if .Values.backend.probes.readiness }}
readinessProbe:
{{- include "desk.probes.abstract" (merge .Values.backend.probes.readiness (dict "targetPort" .Values.backend.service.targetPort )) | nindent 12 }}
{{- end }}
{{- if .Values.backend.probes.startup }}
startupProbe:
{{- include "desk.probes.abstract" (merge .Values.backend.probes.startup (dict "targetPort" .Values.backend.service.targetPort )) | nindent 12 }}
{{- end }}
{{- with .Values.backend.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
volumeMounts:
{{- range $index, $value := .Values.mountFiles }}
- name: "files-{{ $index }}"
mountPath: {{ $value.path }}
subPath: content
{{- end }}
{{- range $name, $volume := .Values.backend.persistence }}
- name: "{{ $name }}"
mountPath: "{{ $volume.mountPath }}"
{{- end }}
{{- range .Values.backend.extraVolumeMounts }}
- name: {{ .name }}
mountPath: {{ .mountPath }}
subPath: {{ .subPath | default "" }}
readOnly: {{ .readOnly }}
{{- end }}
{{- with .Values.backend.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.backend.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.backend.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
{{- range $index, $value := .Values.mountFiles }}
- name: "files-{{ $index }}"
configMap:
name: "{{ include "desk.fullname" $ }}-files-{{ $index }}"
{{- end }}
{{- range $name, $volume := .Values.backend.persistence }}
- name: "{{ $name }}"
{{- if eq $volume.type "emptyDir" }}
emptyDir: {}
{{- else }}
persistentVolumeClaim:
claimName: "{{ $fullName }}-{{ $name }}"
{{- end }}
{{- end }}
{{- range .Values.backend.extraVolumes }}
- name: {{ .name }}
{{- if .existingClaim }}
persistentVolumeClaim:
claimName: {{ .existingClaim }}
{{- else if .hostPath }}
hostPath:
{{ toYaml .hostPath | nindent 12 }}
{{- else if .csi }}
csi:
{{- toYaml .csi | nindent 12 }}
{{- else if .configMap }}
configMap:
{{- toYaml .configMap | nindent 12 }}
{{- else if .emptyDir }}
emptyDir:
{{- toYaml .emptyDir | nindent 12 }}
{{- else }}
emptyDir: {}
{{- end }}
{{- end }}

120
src/helm/impress/templates/backend_job.yaml Normal file
View File

@@ -0,0 +1,120 @@
{{- $envVars := include "desk.common.env" (list . .Values.backend) -}}
{{- $fullName := include "desk.backend.fullname" . -}}
{{- $component := "backend" -}}
apiVersion: batch/v1
kind: Job
metadata:
name: {{ $fullName }}-migrate
{{- with .Values.backend.migrateJobAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
labels:
{{- include "desk.common.labels" (list . $component) | nindent 4 }}
spec:
template:
metadata:
annotations:
{{- with .Values.backend.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "desk.common.selectorLabels" (list . $component) | nindent 8 }}
spec:
{{- if $.Values.image.credentials }}
imagePullSecrets:
- name: {{ include "desk.secret.dockerconfigjson.name" (dict "fullname" (include "desk.fullname" .) "imageCredentials" $.Values.image.credentials) }}
{{- end}}
shareProcessNamespace: {{ .Values.backend.shareProcessNamespace }}
containers:
{{- with .Values.backend.sidecars }}
{{- toYaml . | nindent 8 }}
{{- end }}
- name: {{ .Chart.Name }}
image: "{{ (.Values.backend.image | default dict).repository | default .Values.image.repository }}:{{ (.Values.backend.image | default dict).tag | default .Values.image.tag }}"
imagePullPolicy: {{ (.Values.backend.image | default dict).pullPolicy | default .Values.image.pullPolicy }}
{{- with .Values.backend.migrate.command }}
command:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.backend.args }}
args:
{{- toYaml . | nindent 12 }}
{{- end }}
env:
{{- if $envVars}}
{{- $envVars | indent 12 }}
{{- end }}
{{- with .Values.backend.securityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.backend.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
volumeMounts:
{{- range $index, $value := .Values.mountFiles }}
- name: "files-{{ $index }}"
mountPath: {{ $value.path }}
subPath: content
{{- end }}
{{- range $name, $volume := .Values.backend.persistence }}
- name: "{{ $name }}"
mountPath: "{{ $volume.mountPath }}"
{{- end }}
{{- range .Values.backend.extraVolumeMounts }}
- name: {{ .name }}
mountPath: {{ .mountPath }}
subPath: {{ .subPath | default "" }}
readOnly: {{ .readOnly }}
{{- end }}
{{- with .Values.backend.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.backend.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.backend.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
restartPolicy: {{ .Values.backend.migrate.restartPolicy }}
volumes:
{{- range $index, $value := .Values.mountFiles }}
- name: "files-{{ $index }}"
configMap:
name: "{{ include "desk.fullname" $ }}-files-{{ $index }}"
{{- end }}
{{- range $name, $volume := .Values.backend.persistence }}
- name: "{{ $name }}"
{{- if eq $volume.type "emptyDir" }}
emptyDir: {}
{{- else }}
persistentVolumeClaim:
claimName: "{{ $fullName }}-{{ $name }}"
{{- end }}
{{- end }}
{{- range .Values.backend.extraVolumes }}
- name: {{ .name }}
{{- if .existingClaim }}
persistentVolumeClaim:
claimName: {{ .existingClaim }}
{{- else if .hostPath }}
hostPath:
{{ toYaml .hostPath | nindent 12 }}
{{- else if .csi }}
csi:
{{- toYaml .csi | nindent 12 }}
{{- else if .configMap }}
configMap:
{{- toYaml .configMap | nindent 12 }}
{{- else if .emptyDir }}
emptyDir:
{{- toYaml .emptyDir | nindent 12 }}
{{- else }}
emptyDir: {}
{{- end }}
{{- end }}

20
src/helm/impress/templates/backend_svc.yaml Normal file
View File

@@ -0,0 +1,20 @@
{{- $envVars := include "desk.common.env" (list . .Values.backend) -}}
{{- $fullName := include "desk.backend.fullname" . -}}
{{- $component := "backend" -}}
apiVersion: v1
kind: Service
metadata:
name: {{ $fullName }}
labels:
{{- include "desk.common.labels" (list . $component) | nindent 4 }}
annotations:
{{- toYaml $.Values.backend.service.annotations | nindent 4 }}
spec:
type: {{ .Values.backend.service.type }}
ports:
- port: {{ .Values.backend.service.port }}
targetPort: {{ .Values.backend.service.targetPort }}
protocol: TCP
name: http
selector:
{{- include "desk.common.selectorLabels" (list . $component) | nindent 4 }}

135
src/helm/impress/templates/frontend_deployment.yaml Normal file
View File

@@ -0,0 +1,135 @@
{{- $envVars := include "desk.common.env" (list . .Values.frontend) -}}
{{- $fullName := include "desk.frontend.fullname" . -}}
{{- $component := "frontend" -}}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ $fullName }}
labels:
{{- include "desk.common.labels" (list . $component) | nindent 4 }}
spec:
replicas: {{ .Values.frontend.replicas }}
selector:
matchLabels:
{{- include "desk.common.selectorLabels" (list . $component) | nindent 6 }}
template:
metadata:
annotations:
{{- with .Values.frontend.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "desk.common.selectorLabels" (list . $component) | nindent 8 }}
spec:
{{- if $.Values.image.credentials }}
imagePullSecrets:
- name: {{ include "desk.secret.dockerconfigjson.name" (dict "fullname" (include "desk.fullname" .) "imageCredentials" $.Values.image.credentials) }}
{{- end}}
shareProcessNamespace: {{ .Values.frontend.shareProcessNamespace }}
containers:
{{- with .Values.frontend.sidecars }}
{{- toYaml . | nindent 8 }}
{{- end }}
- name: {{ .Chart.Name }}
image: "{{ (.Values.frontend.image | default dict).repository | default .Values.image.repository }}:{{ (.Values.frontend.image | default dict).tag | default .Values.image.tag }}"
imagePullPolicy: {{ (.Values.frontend.image | default dict).pullPolicy | default .Values.image.pullPolicy }}
{{- with .Values.frontend.command }}
command:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.frontend.args }}
args:
{{- toYaml . | nindent 12 }}
{{- end }}
env:
{{- if $envVars}}
{{- $envVars | indent 12 }}
{{- end }}
{{- with .Values.frontend.securityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
ports:
- name: http
containerPort: {{ .Values.frontend.service.targetPort }}
protocol: TCP
{{- if .Values.frontend.probes.liveness }}
livenessProbe:
{{- include "desk.probes.abstract" (merge .Values.frontend.probes.liveness (dict "targetPort" .Values.frontend.service.targetPort )) | nindent 12 }}
{{- end }}
{{- if .Values.frontend.probes.readiness }}
readinessProbe:
{{- include "desk.probes.abstract" (merge .Values.frontend.probes.readiness (dict "targetPort" .Values.frontend.service.targetPort )) | nindent 12 }}
{{- end }}
{{- if .Values.frontend.probes.startup }}
startupProbe:
{{- include "desk.probes.abstract" (merge .Values.frontend.probes.startup (dict "targetPort" .Values.frontend.service.targetPort )) | nindent 12 }}
{{- end }}
{{- with .Values.frontend.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
volumeMounts:
{{- range $index, $value := .Values.mountFiles }}
- name: "files-{{ $index }}"
mountPath: {{ $value.path }}
subPath: content
{{- end }}
{{- range $name, $volume := .Values.frontend.persistence }}
- name: "{{ $name }}"
mountPath: "{{ $volume.mountPath }}"
{{- end }}
{{- range .Values.frontend.extraVolumeMounts }}
- name: {{ .name }}
mountPath: {{ .mountPath }}
subPath: {{ .subPath | default "" }}
readOnly: {{ .readOnly }}
{{- end }}
{{- with .Values.frontend.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.frontend.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.frontend.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
{{- range $index, $value := .Values.mountFiles }}
- name: "files-{{ $index }}"
configMap:
name: "{{ include "desk.fullname" $ }}-files-{{ $index }}"
{{- end }}
{{- range $name, $volume := .Values.frontend.persistence }}
- name: "{{ $name }}"
{{- if eq $volume.type "emptyDir" }}
emptyDir: {}
{{- else }}
persistentVolumeClaim:
claimName: "{{ $fullName }}-{{ $name }}"
{{- end }}
{{- end }}
{{- range .Values.frontend.extraVolumes }}
- name: {{ .name }}
{{- if .existingClaim }}
persistentVolumeClaim:
claimName: {{ .existingClaim }}
{{- else if .hostPath }}
hostPath:
{{ toYaml .hostPath | nindent 12 }}
{{- else if .csi }}
csi:
{{- toYaml .csi | nindent 12 }}
{{- else if .configMap }}
configMap:
{{- toYaml .configMap | nindent 12 }}
{{- else if .emptyDir }}
emptyDir:
{{- toYaml .emptyDir | nindent 12 }}
{{- else }}
emptyDir: {}
{{- end }}
{{- end }}

20
src/helm/impress/templates/frontend_svc.yaml Normal file
View File

@@ -0,0 +1,20 @@
{{- $envVars := include "desk.common.env" (list . .Values.frontend) -}}
{{- $fullName := include "desk.frontend.fullname" . -}}
{{- $component := "frontend" -}}
apiVersion: v1
kind: Service
metadata:
name: {{ $fullName }}
labels:
{{- include "desk.common.labels" (list . $component) | nindent 4 }}
annotations:
{{- toYaml $.Values.frontend.service.annotations | nindent 4 }}
spec:
type: {{ .Values.frontend.service.type }}
ports:
- port: {{ .Values.frontend.service.port }}
targetPort: {{ .Values.frontend.service.targetPort }}
protocol: TCP
name: http
selector:
{{- include "desk.common.selectorLabels" (list . $component) | nindent 4 }}

117
src/helm/impress/templates/ingress.yaml Normal file
View File

@@ -0,0 +1,117 @@
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "desk.fullname" . -}}
{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
{{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
{{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
{{- end }}
{{- end }}
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
{{- include "desk.labels" . | nindent 4 }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
ingressClassName: {{ .Values.ingress.className }}
{{- end }}
{{- if .Values.ingress.tls.enabled }}
tls:
{{- if .Values.ingress.host }}
- secretName: {{ $fullName }}-tls
hosts:
- {{ .Values.ingress.host | quote }}
{{- end }}
{{- range .Values.ingress.tls.additional }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- if .Values.ingress.host }}
- host: {{ .Values.ingress.host | quote }}
http:
paths:
- path: {{ .Values.ingress.path | quote }}
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
{{- end }}
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ include "desk.frontend.fullname" . }}
port:
number: {{ .Values.frontend.service.port }}
{{- else }}
serviceName: {{ include "desk.frontend.fullname" . }}
servicePort: {{ .Values.frontend.service.port }}
{{- end }}
- path: /api
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
{{- end }}
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ include "desk.backend.fullname" . }}
port:
number: {{ .Values.backend.service.port }}
{{- else }}
serviceName: {{ include "desk.backend.fullname" . }}
servicePort: {{ .Values.backend.service.port }}
{{- end }}
{{- with .Values.ingress.customBackends }}
{{- toYaml . | nindent 10 }}
{{- end }}
{{- end }}
{{- range .Values.ingress.hosts }}
- host: {{ . | quote }}
http:
paths:
- path: {{ $.Values.ingress.path | quote }}
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
{{- end }}
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ include "desk.frontend.fullname" $ }}
port:
number: {{ $.Values.frontend.service.port }}
{{- else }}
serviceName: {{ include "desk.frontend.fullname" $ }}
servicePort: {{ $.Values.frontend.service.port }}
{{- end }}
- path: /api
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
{{- end }}
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ include "desk.backend.fullname" $ }}
port:
number: {{ $.Values.backend.service.port }}
{{- else }}
serviceName: {{ include "desk.backend.fullname" $ }}
servicePort: {{ $.Values.backend.service.port }}
{{- end }}
{{- with $.Values.ingress.customBackends }}
{{- toYaml . | nindent 10 }}
{{- end }}
{{- end }}
{{- end }}

97
src/helm/impress/templates/ingress_admin.yaml Normal file
View File

@@ -0,0 +1,97 @@
{{- if .Values.ingressAdmin.enabled -}}
{{- $fullName := include "desk.fullname" . -}}
{{- if and .Values.ingressAdmin.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
{{- if not (hasKey .Values.ingressAdmin.annotations "kubernetes.io/ingress.class") }}
{{- $_ := set .Values.ingressAdmin.annotations "kubernetes.io/ingress.class" .Values.ingressAdmin.className}}
{{- end }}
{{- end }}
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ $fullName }}-admin
labels:
{{- include "desk.labels" . | nindent 4 }}
{{- with .Values.ingressAdmin.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if and .Values.ingressAdmin.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
ingressClassName: {{ .Values.ingressAdmin.className }}
{{- end }}
{{- if .Values.ingressAdmin.tls.enabled }}
tls:
{{- if .Values.ingressAdmin.host }}
- secretName: {{ $fullName }}-tls
hosts:
- {{ .Values.ingressAdmin.host | quote }}
{{- end }}
{{- range .Values.ingressAdmin.tls.additional }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- if .Values.ingressAdmin.host }}
- host: {{ .Values.ingressAdmin.host | quote }}
http:
paths:
- path: {{ .Values.ingressAdmin.path | quote }}
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
{{- end }}
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ include "desk.backend.fullname" . }}
port:
number: {{ .Values.backend.service.port }}
{{- else }}
serviceName: {{ include "desk.backend.fullname" . }}
servicePort: {{ .Values.backend.service.port }}
{{- end }}
- path: /static
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
{{- end }}
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ include "desk.backend.fullname" . }}
port:
number: {{ .Values.backend.service.port }}
{{- else }}
serviceName: {{ include "desk.backend.fullname" . }}
servicePort: {{ .Values.backend.service.port }}
{{- end }}
{{- end }}
{{- range .Values.ingressAdmin.hosts }}
- host: {{ . | quote }}
http:
paths:
- path: {{ $.Values.ingressAdmin.path | quote }}
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
{{- end }}
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ include "desk.backend.fullname" $ }}
port:
number: {{ $.Values.backend.service.port }}
{{- else }}
serviceName: {{ include "desk.backend.fullname" $ }}
servicePort: {{ $.Values.backend.service.port }}
{{- end }}
{{- end }}
{{- end }}

264
src/helm/impress/values.yaml Normal file
View File

@@ -0,0 +1,264 @@
# Default values for desk.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
## @section General configuration
## @param image.repository Repository to use to pull desk's container image
## @param image.tag desk's container tag
## @param image.pullPolicy Container image pull policy
## @extra image.credentials.username Username for container registry authentication
## @extra image.credentials.password Password for container registry authentication
## @extra image.credentials.registry Registry url for which the credentials are specified
## @extra image.credentials.name Name of the generated secret for imagePullSecrets
image:
repository: lasuite/people-backend
pullPolicy: IfNotPresent
tag: "latest"
## @param nameOverride Override the chart name
## @param fullnameOverride Override the full application name
nameOverride: ""
fullnameOverride: ""
## @skip commonEnvVars
commonEnvVars: &commonEnvVars
<<: []
## @param ingress.enabled whether to enable the Ingress or not
## @param ingress.className IngressClass to use for the Ingress
## @param ingress.host Host for the Ingress
## @param ingress.path Path to use for the Ingress
ingress:
enabled: false
className: null
host: desk.example.com
path: /
## @param ingress.hosts Additional host to configure for the Ingress
hosts: []
# - chart-example.local
## @param ingress.tls.enabled Weather to enable TLS for the Ingress
## @skip ingress.tls.additional
## @extra ingress.tls.additional[].secretName Secret name for additional TLS config
## @extra ingress.tls.additional[].hosts[] Hosts for additional TLS config
tls:
enabled: true
additional: []
## @param ingress.customBackends Add custom backends to ingress
customBackends: []
## @param ingressAdmin.enabled whether to enable the Ingress or not
## @param ingressAdmin.className IngressClass to use for the Ingress
## @param ingressAdmin.host Host for the Ingress
## @param ingressAdmin.path Path to use for the Ingress
ingressAdmin:
enabled: false
className: null
host: desk.example.com
path: /admin
## @param ingressAdmin.hosts Additional host to configure for the Ingress
hosts: [ ]
# - chart-example.local
## @param ingressAdmin.tls.enabled Weather to enable TLS for the Ingress
## @skip ingressAdmin.tls.additional
## @extra ingressAdmin.tls.additional[].secretName Secret name for additional TLS config
## @extra ingressAdmin.tls.additional[].hosts[] Hosts for additional TLS config
tls:
enabled: true
additional: []
## @section backend
backend:
## @param backend.command Override the backend container command
command: []
## @param backend.args Override the backend container args
args: []
## @param backend.replicas Amount of backend replicas
replicas: 3
## @param backend.shareProcessNamespace Enable share process namespace between containers
shareProcessNamespace: false
## @param backend.sidecars Add sidecars containers to backend deployment
sidecars: []
## @param backend.migrateJobAnnotations Annotations for the migrate job
migrateJobAnnotations: {}
## @param backend.securityContext Configure backend Pod security context
securityContext: null
## @param backend.envVars Configure backend container environment variables
## @extra backend.envVars.BY_VALUE Example environment variable by setting value directly
## @extra backend.envVars.FROM_CONFIGMAP.configMapKeyRef.name Name of a ConfigMap when configuring env vars from a ConfigMap
## @extra backend.envVars.FROM_CONFIGMAP.configMapKeyRef.key Key within a ConfigMap when configuring env vars from a ConfigMap
## @extra backend.envVars.FROM_SECRET.secretKeyRef.name Name of a Secret when configuring env vars from a Secret
## @extra backend.envVars.FROM_SECRET.secretKeyRef.key Key within a Secret when configuring env vars from a Secret
## @skip backend.envVars
envVars:
<<: *commonEnvVars
## @param backend.podAnnotations Annotations to add to the backend Pod
podAnnotations: {}
## @param backend.service.type backend Service type
## @param backend.service.port backend Service listening port
## @param backend.service.targetPort backend container listening port
## @param backend.service.annotations Annotations to add to the backend Service
service:
type: ClusterIP
port: 80
targetPort: 8000
annotations: {}
## @param backend.migrate.command backend migrate command
## @param backend.migrate.restartPolicy backend migrate job restart policy
migrate:
command:
- "python"
- "manage.py"
- "migrate"
- "--no-input"
restartPolicy: Never
## @param backend.probes.liveness.path [nullable] Configure path for backend HTTP liveness probe
## @param backend.probes.liveness.targetPort [nullable] Configure port for backend HTTP liveness probe
## @param backend.probes.liveness.initialDelaySeconds [nullable] Configure initial delay for backend liveness probe
## @param backend.probes.liveness.initialDelaySeconds [nullable] Configure timeout for backend liveness probe
## @param backend.probes.startup.path [nullable] Configure path for backend HTTP startup probe
## @param backend.probes.startup.targetPort [nullable] Configure port for backend HTTP startup probe
## @param backend.probes.startup.initialDelaySeconds [nullable] Configure initial delay for backend startup probe
## @param backend.probes.startup.initialDelaySeconds [nullable] Configure timeout for backend startup probe
## @param backend.probes.readiness.path [nullable] Configure path for backend HTTP readiness probe
## @param backend.probes.readiness.targetPort [nullable] Configure port for backend HTTP readiness probe
## @param backend.probes.readiness.initialDelaySeconds [nullable] Configure initial delay for backend readiness probe
## @param backend.probes.readiness.initialDelaySeconds [nullable] Configure timeout for backend readiness probe
probes:
liveness:
path: /__heartbeat__
initialDelaySeconds: 10
readiness:
path: /__lbheartbeat__
initialDelaySeconds: 10
## @param backend.resources Resource requirements for the backend container
resources: {}
## @param backend.nodeSelector Node selector for the backend Pod
nodeSelector: {}
## @param backend.tolerations Tolerations for the backend Pod
tolerations: []
## @param backend.affinity Affinity for the backend Pod
affinity: {}
## @param backend.persistence Additional volumes to create and mount on the backend. Used for debugging purposes
## @extra backend.persistence.volume-name.size Size of the additional volume
## @extra backend.persistence.volume-name.type Type of the additional volume, persistentVolumeClaim or emptyDir
## @extra backend.persistence.volume-name.mountPath Path where the volume should be mounted to
persistence: {}
## @param backend.extraVolumeMounts Additional volumes to mount on the backend.
extraVolumeMounts: []
## @param backend.extraVolumes Additional volumes to mount on the backend.
extraVolumes: []
## @section frontend
frontend:
## @param frontend.image.repository Repository to use to pull desk's frontend container image
## @param frontend.image.tag desk's frontend container tag
## @param frontend.image.pullPolicy frontend container image pull policy
image:
repository: lasuite/people-frontend
pullPolicy: IfNotPresent
tag: "latest"
## @param frontend.command Override the frontend container command
command: []
## @param frontend.args Override the frontend container args
args: []
## @param frontend.replicas Amount of frontend replicas
replicas: 3
## @param frontend.shareProcessNamespace Enable share process namefrontend between containers
shareProcessNamespace: false
## @param frontend.sidecars Add sidecars containers to frontend deployment
sidecars: []
## @param frontend.securityContext Configure frontend Pod security context
securityContext: null
## @param frontend.envVars Configure frontend container environment variables
## @extra frontend.envVars.BY_VALUE Example environment variable by setting value directly
## @extra frontend.envVars.FROM_CONFIGMAP.configMapKeyRef.name Name of a ConfigMap when configuring env vars from a ConfigMap
## @extra frontend.envVars.FROM_CONFIGMAP.configMapKeyRef.key Key within a ConfigMap when configuring env vars from a ConfigMap
## @extra frontend.envVars.FROM_SECRET.secretKeyRef.name Name of a Secret when configuring env vars from a Secret
## @extra frontend.envVars.FROM_SECRET.secretKeyRef.key Key within a Secret when configuring env vars from a Secret
## @skip frontend.envVars
envVars:
<<: *commonEnvVars
## @param frontend.podAnnotations Annotations to add to the frontend Pod
podAnnotations: {}
## @param frontend.service.type frontend Service type
## @param frontend.service.port frontend Service listening port
## @param frontend.service.targetPort frontend container listening port
## @param frontend.service.annotations Annotations to add to the frontend Service
service:
type: ClusterIP
port: 80
targetPort: 8080
annotations: {}
## @param frontend.probes Configure probe for frontend
## @extra frontend.probes.liveness.path Configure path for frontend HTTP liveness probe
## @extra frontend.probes.liveness.targetPort Configure port for frontend HTTP liveness probe
## @extra frontend.probes.liveness.initialDelaySeconds Configure initial delay for frontend liveness probe
## @extra frontend.probes.liveness.initialDelaySeconds Configure timeout for frontend liveness probe
## @extra frontend.probes.startup.path Configure path for frontend HTTP startup probe
## @extra frontend.probes.startup.targetPort Configure port for frontend HTTP startup probe
## @extra frontend.probes.startup.initialDelaySeconds Configure initial delay for frontend startup probe
## @extra frontend.probes.startup.initialDelaySeconds Configure timeout for frontend startup probe
## @extra frontend.probes.readiness.path Configure path for frontend HTTP readiness probe
## @extra frontend.probes.readiness.targetPort Configure port for frontend HTTP readiness probe
## @extra frontend.probes.readiness.initialDelaySeconds Configure initial delay for frontend readiness probe
## @extra frontend.probes.readiness.initialDelaySeconds Configure timeout for frontend readiness probe
probes: {}
## @param frontend.resources Resource requirements for the frontend container
resources: {}
## @param frontend.nodeSelector Node selector for the frontend Pod
nodeSelector: {}
## @param frontend.tolerations Tolerations for the frontend Pod
tolerations: []
## @param frontend.affinity Affinity for the frontend Pod
affinity: {}
## @param frontend.persistence Additional volumes to create and mount on the frontend. Used for debugging purposes
## @extra frontend.persistence.volume-name.size Size of the additional volume
## @extra frontend.persistence.volume-name.type Type of the additional volume, persistentVolumeClaim or emptyDir
## @extra frontend.persistence.volume-name.mountPath Path where the volume should be mounted to
persistence: {}
## @param frontend.extraVolumeMounts Additional volumes to mount on the frontend.
extraVolumeMounts: []
## @param frontend.extraVolumes Additional volumes to mount on the frontend.
extraVolumes: []