diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml deleted file mode 100644 index 287db564..00000000 --- a/.github/workflows/deploy.yml +++ /dev/null @@ -1,52 +0,0 @@ -name: Deploy - -on: - push: - tags: - - 'preprod' - - 'production' - - -jobs: - notify-argocd: - runs-on: ubuntu-latest - steps: - - - uses: actions/create-github-app-token@v1 - id: app-token - with: - app-id: ${{ secrets.APP_ID }} - private-key: ${{ secrets.PRIVATE_KEY }} - owner: ${{ github.repository_owner }} - repositories: "impress,secrets" - - - name: Checkout repository - uses: actions/checkout@v2 - with: - submodules: recursive - token: ${{ steps.app-token.outputs.token }} - - - name: Load sops secrets - uses: rouja/actions-sops@main - with: - secret-file: secrets/numerique-gouv/impress/secrets.enc.env - age-key: ${{ secrets.SOPS_PRIVATE }} - - - name: Call argocd github webhook - run: | - data='{"ref": "'$GITHUB_REF'","repository": {"html_url":"'$GITHUB_SERVER_URL'/'$GITHUB_REPOSITORY'"}}' - sig=$(echo -n ${data} | openssl dgst -sha1 -hmac ''${ARGOCD_WEBHOOK_SECRET}'' | awk '{print "X-Hub-Signature: sha1="$2}') - curl -X POST -H 'X-GitHub-Event:push' -H "Content-Type: application/json" -H "${sig}" --data "${data}" $ARGOCD_WEBHOOK_URL - sig=$(echo -n ${data} | openssl dgst -sha1 -hmac ''${ARGOCD_PRODUCTION_WEBHOOK_SECRET}'' | awk '{print "X-Hub-Signature: sha1="$2}') - curl -X POST -H 'X-GitHub-Event:push' -H "Content-Type: application/json" -H "${sig}" --data "${data}" $ARGOCD_PRODUCTION_WEBHOOK_URL - - start-test-on-preprod: - needs: - - notify-argocd - runs-on: ubuntu-latest - if: startsWith(github.event.ref, 'refs/tags/preprod') - steps: - - - name: Debug - run: | - echo "Start test when preprod is ready" diff --git a/.github/workflows/docker-hub.yml b/.github/workflows/docker-hub.yml index 6c9dbe72..7b07a3c4 100644 --- a/.github/workflows/docker-hub.yml +++ b/.github/workflows/docker-hub.yml @@ -8,9 +8,6 @@ on: - 'main' tags: - 'v*' - pull_request: - branches: - - 'main' env: DOCKER_USER: 1001:127 diff --git a/.github/workflows/helmfile-linter.yaml b/.github/workflows/helmfile-linter.yaml deleted file mode 100644 index 26b830b4..00000000 --- a/.github/workflows/helmfile-linter.yaml +++ /dev/null @@ -1,22 +0,0 @@ -name: Helmfile lint -run-name: Helmfile lint - -on: - pull_request: - branches: - - 'main' - -jobs: - helmfile-lint: - runs-on: ubuntu-latest - container: - image: ghcr.io/helmfile/helmfile:latest - steps: - - - uses: numerique-gouv/action-helmfile-lint@main - with: - app-id: ${{ secrets.APP_ID }} - age-key: ${{ secrets.SOPS_PRIVATE }} - private-key: ${{ secrets.PRIVATE_KEY }} - helmfile-src: "src/helm" - repositories: "impress,secrets" diff --git a/CHANGELOG.md b/CHANGELOG.md index e2867cd4..641829d0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -22,6 +22,10 @@ and this project adheres to - 🐛(frontend) add default toolbar buttons #355 - 🐛(frontend) throttle error correctly display #378 +## Removed + +- 🔥(helm) remove infra related codes #366 + ## [1.6.0] - 2024-10-17 diff --git a/src/helm/env.d/dev/secrets.enc.yaml b/src/helm/env.d/dev/secrets.enc.yaml deleted file mode 100644 index 83ad7de4..00000000 --- a/src/helm/env.d/dev/secrets.enc.yaml +++ /dev/null @@ -1,62 +0,0 @@ -djangoSuperUserEmail: ENC[AES256_GCM,data:7b1xfYmr1g0RlBmsHBRA39ZPV/6+1DrtHQ==,iv:/GW7oLxPTZYmRWVPvyAQMoZl1owHM4Fo0XAOtyEh2rA=,tag:DaqoW+dglyAOXMm5+mrDfA==,type:str] -djangoSuperUserPass: ENC[AES256_GCM,data:RQgX,iv:q3CdfmwGfHSTjLXTimDk/1MyoFLviRuwmZa2E7GUzhY=,tag:HCtdtqgSxdJIHFhI8xpegQ==,type:str] -djangoSecretKey: ENC[AES256_GCM,data:mtJCf6mKfj/fJkg4wmfIvvU1vkUEF77BI8TUFikp/M3nPveDXhKmy3Cw3cXFpOYiFZ0=,iv:qwPRKsPS1Jhylj5asbmknXm1xOX3nfp9iccuorUrcj0=,tag:ENVfAt4i3PttoqD8+Kc4wQ==,type:str] -oidc: - clientId: ENC[AES256_GCM,data:wndPCbysbWDybdHglcG+wkMWk1rrD40hKqFxct9T3TLEGOk/,iv:RH1OdBX1GYIT90sSq0AGz49fFi6dL0m49Pegs6Ko9tQ=,tag:/tKytQwoZkBX1Tf96gAjIA==,type:str] - clientSecret: ENC[AES256_GCM,data:MUJ0wsg+LC2QZ1jZ0Twd3FS3dQevmJq9/97qVI3ARHuJIVlQz0Qah4vE7/iR+sn7ME2o1s1AzV4c1Yx/F3nHBg==,iv:LvinICSzF/8EvrHZD4Jp6lt7g3yxSOEgVHPrc3SShjo=,tag:yvkyyBXmhEkmGL7jZevUCA==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age15fyxdwmg5mvldtqqus87xspuws2u0cpvwheehrtvkexj4tnsqqysw6re2x - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMMjFCeWhkUmRWTnlIM1JM - dVFock1DWmtXQnpQZWZMWW1YdndhSS93MlVFCmxKVDUwOUt0NjJIZiswSm5aRi9U - VEllelBZVmFKdVFzcVJPUm50VHo5RTgKLS0tIDlkU3htTEdSREFOSUxlTGVtUm1n - RzJZbzhFcDNZKzdxMWFHTWx6Uy9GVFkKTw8LbhzAACp0NUHDfNcXpZyr2pJyNxxw - C7j/UB0cAejlSJHaUUiZ6TEcslXRpqnNagwUw4z/uzo7m4temay22A== - -----END AGE ENCRYPTED FILE----- - - recipient: age16hnlml8yv4ynwy0seer57g8qww075crd0g7nsundz3pj4wk7m3vqftszg7 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQQjBNMnVlNURQVWdjSyty - RGozcmN5eTUwRHJIWnhhc1E3U1NXQ3AwTWxBCnFjbmJNZnFiRVJ6VHhmQmt1Vk5n - OTVXWVh3RzhoMWNrbUl6OHphTjFLQVUKLS0tIGJjUlNhK0dHQ2R3SCtrbTRnaFJT - Q1pyRXhSVm8xQWk2NG1MK0srVU1pL2sKkoxGCM00UM2leTNCn5H8499uwJw1NIXs - PoRNgplehrHFptrAwGEpSYMXbxu88N7EWa/rtOp+sHWK5zpxscMkjA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1plkp8td6zzfcavjusmsfrlk54t9vn8jjxm8zaz7cmnr7kzl2nfnsd54hwg - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzYnpkYnJnYnJjVFRHRzRa - N09JOXVnQkVrcVcwdk9kR1k1azNib2lkMVZFCmhvOHlpVnJ0RlRpYWZ1TkVoaklV - NmNzY3BEeWN1MUtKWmZFT2RaMUxBRW8KLS0tIG92ZmhsZ29LSkRSREhiaG9kWXhH - akREb0ttYVpNWTJHb1pjaWRFbWpxUjgKgZp3cN2rZw4ktbpb5cUnDEtsT/KWszGi - pmpJHgsMADigyUc+Pjw+1pwpn0FtXVEXGedbf8bBuJavvbS2PuJBsg== - -----END AGE ENCRYPTED FILE----- - - recipient: age12g6f5fse25tgrwweleh4jls3qs52hey2edh759smulwmk5lnzadslu2cp3 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxaHZJeStiVnBzTGNTNzdo - UDFVTU51ZWp0WWorUnBlSzVBSU9IU2JnbUNNCkpMZGdNV3FUYkZOcWNLK0JWci81 - WGNwYi9Jb0QrV0lkUzNJWTcrUjIzUmMKLS0tIHlTKzNsVzNsSGFuYjJ0RFp0Y1Nr - a1VOcDBPTTYvNjkxN092N1UrYk1CM2cKNifC3ZLOrFTFKA9iKg8nPpZb+3DxnTwq - grsrxQa40b/Vv/aPoiPBMeSENDcH48X/EhMFNKX7dvl+7HEaY+QPlA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1hnhuzj96ktkhpyygvmz0x9h8mfvssz7ss6emmukags644mdhf4msajk93r - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoZ2ZlcllJeGlKUDNxUk1w - ekZ3TSttaXREV1FBRWwzNW54cjlYbHpLdWpRCnhSL2hEVVBEWEJKQWF0YTk1YzhJ - RTBGN25sT0hBM3V4QndiTVkveDBwQ2cKLS0tIEdoZGRLRXdCME1wcUJHQXhtSHBQ - UVEyNUVIanF6Z3ZSUjU1aTk0NFRBR0EKGuH5vzOV9lP/qRew0maECapKtLILaf/4 - XoSgPnjh8pIbJG7i9VKnFORlzkNJ6OPhZlX3ax15hd1qQv0PSCMBDA== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-07-02T10:03:17Z" - mac: ENC[AES256_GCM,data:qx236E1cFtBmbYyUf6B95/Fwu2hoi9ZAhUcYiY/tsG9h1+kwXntfkvbH3ekyI7A5ZrpJXMeQZ7gLc+ohci4m5Ju+/G39MjMt+ww0Y6gBMqe59YlHfeFD2mYsnn9j1pqtbrIJ6+8fLDmhaXtGtXP3qRmFTc9LwL6Rm+5gn8cjcnA=,iv:TC7zBnQ0hRz0JSytrYVnyJiI1eMWRTBqctLajZYUhvU=,tag:wCBeo2xD5UpdRqGjkZxbXA==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.8.1 diff --git a/src/helm/env.d/dev/values.impress.yaml.gotmpl b/src/helm/env.d/dev/values.impress.yaml.gotmpl deleted file mode 100644 index 8f34286c..00000000 --- a/src/helm/env.d/dev/values.impress.yaml.gotmpl +++ /dev/null @@ -1,120 +0,0 @@ -image: - repository: localhost:5001/impress-backend - pullPolicy: Always - tag: "latest" - -backend: - replicas: 1 - envVars: - DJANGO_CSRF_TRUSTED_ORIGINS: https://impress.127.0.0.1.nip.io,http://impress.127.0.0.1.nip.io - DJANGO_CONFIGURATION: Production - DJANGO_ALLOWED_HOSTS: "*" - DJANGO_SECRET_KEY: {{ .Values.djangoSecretKey }} - DJANGO_SETTINGS_MODULE: impress.settings - DJANGO_SUPERUSER_PASSWORD: admin - DJANGO_EMAIL_HOST: "mailcatcher" - DJANGO_EMAIL_PORT: 1025 - DJANGO_EMAIL_USE_SSL: False - OIDC_OP_JWKS_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/jwks - OIDC_OP_AUTHORIZATION_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/authorize - OIDC_OP_TOKEN_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/token - OIDC_OP_USER_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/userinfo - OIDC_OP_LOGOUT_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/session/end - OIDC_RP_CLIENT_ID: {{ .Values.oidc.clientId }} - OIDC_RP_CLIENT_SECRET: {{ .Values.oidc.clientSecret }} - OIDC_RP_SIGN_ALGO: RS256 - OIDC_RP_SCOPES: "openid email" - OIDC_REDIRECT_ALLOWED_HOSTS: https://impress.127.0.0.1.nip.io - OIDC_AUTH_REQUEST_EXTRA_PARAMS: "{'acr_values': 'eidas1'}" - LOGIN_REDIRECT_URL: https://impress.127.0.0.1.nip.io - LOGIN_REDIRECT_URL_FAILURE: https://impress.127.0.0.1.nip.io - LOGOUT_REDIRECT_URL: https://impress.127.0.0.1.nip.io - DB_HOST: postgres-postgresql - DB_NAME: impress - DB_USER: dinum - DB_PASSWORD: pass - DB_PORT: 5432 - POSTGRES_DB: impress - POSTGRES_USER: dinum - POSTGRES_PASSWORD: pass - REDIS_URL: redis://default:pass@redis-master:6379/1 - AWS_S3_ENDPOINT_URL: http://minio.impress.svc.cluster.local:9000 - AWS_S3_ACCESS_KEY_ID: impress - AWS_S3_SECRET_ACCESS_KEY: password - AWS_STORAGE_BUCKET_NAME: impress-media-storage - STORAGES_STATICFILES_BACKEND: django.contrib.staticfiles.storage.StaticFilesStorage - - migrate: - command: - - "/bin/sh" - - "-c" - - | - python manage.py migrate --no-input && - python manage.py create_demo --force - restartPolicy: Never - - command: - - "gunicorn" - - "-c" - - "/usr/local/etc/gunicorn/impress.py" - - "impress.wsgi:application" - - "--reload" - - createsuperuser: - command: - - "/bin/sh" - - "-c" - - | - python manage.py createsuperuser --email admin@example.com --password admin - restartPolicy: Never - -frontend: - envVars: - PORT: 8080 - NEXT_PUBLIC_API_ORIGIN: https://impress.127.0.0.1.nip.io - NEXT_PUBLIC_Y_PROVIDER_URL: wss://impress.127.0.0.1.nip.io/ws - NEXT_PUBLIC_MEDIA_URL: https://impress.127.0.0.1.nip.io - - replicas: 1 - command: - - yarn - - dev - - image: - repository: localhost:5001/impress-frontend - pullPolicy: Always - tag: "latest" - -yProvider: - replicas: 1 - - image: - repository: localhost:5001/impress-y-provider - pullPolicy: Always - tag: "latest" - -ingress: - enabled: true - host: impress.127.0.0.1.nip.io - -ingressWS: - enabled: true - host: impress.127.0.0.1.nip.io - -ingressAdmin: - enabled: true - host: impress.127.0.0.1.nip.io - -ingressMedia: - enabled: true - host: impress.127.0.0.1.nip.io - - annotations: - nginx.ingress.kubernetes.io/auth-url: https://impress.127.0.0.1.nip.io/api/v1.0/documents/retrieve-auth/ - nginx.ingress.kubernetes.io/auth-response-headers: "Authorization, X-Amz-Date, X-Amz-Content-SHA256" - nginx.ingress.kubernetes.io/upstream-vhost: minio.impress.svc.cluster.local:9000 - nginx.ingress.kubernetes.io/rewrite-target: /impress-media-storage/$1 - -serviceMedia: - host: minio.impress.svc.cluster.local - port: 9000 diff --git a/src/helm/env.d/preprod/secrets.enc.yaml b/src/helm/env.d/preprod/secrets.enc.yaml deleted file mode 120000 index 25e608e4..00000000 --- a/src/helm/env.d/preprod/secrets.enc.yaml +++ /dev/null @@ -1 +0,0 @@ -../../../../secrets/numerique-gouv/impress/env/preprod/secrets.enc.yaml \ No newline at end of file diff --git a/src/helm/env.d/preprod/values.impress.yaml.gotmpl b/src/helm/env.d/preprod/values.impress.yaml.gotmpl deleted file mode 100644 index 10c97d37..00000000 --- a/src/helm/env.d/preprod/values.impress.yaml.gotmpl +++ /dev/null @@ -1,183 +0,0 @@ -image: - repository: lasuite/impress-backend - pullPolicy: Always - tag: "v1.6.0-preprod" - -backend: - migrateJobAnnotations: - argocd.argoproj.io/hook: PreSync - argocd.argoproj.io/hook-delete-policy: HookSucceeded - envVars: - AI_API_KEY: - secretKeyRef: - name: backend - key: AI_API_KEY - AI_BASE_URL: - secretKeyRef: - name: backend - key: AI_BASE_URL - AI_MODEL: meta-llama/Meta-Llama-3.1-70B-Instruct - DJANGO_CSRF_TRUSTED_ORIGINS: http://impress-preprod.beta.numerique.gouv.fr,https://impress-preprod.beta.numerique.gouv.fr - DJANGO_CONFIGURATION: Production - DJANGO_ALLOWED_HOSTS: "*" - DJANGO_SUPERUSER_EMAIL: - secretKeyRef: - name: backend - key: DJANGO_SUPERUSER_EMAIL - DJANGO_SECRET_KEY: - secretKeyRef: - name: backend - key: DJANGO_SECRET_KEY - DJANGO_SETTINGS_MODULE: impress.settings - DJANGO_SUPERUSER_PASSWORD: - secretKeyRef: - name: backend - key: DJANGO_SUPERUSER_PASSWORD - DJANGO_EMAIL_HOST: "smtp.tem.scw.cloud" - DJANGO_EMAIL_PORT: 587 - DJANGO_EMAIL_USE_TLS: True - DJANGO_EMAIL_FROM: "noreply@docs.beta.numerique.gouv.fr" - DJANGO_EMAIL_HOST_USER: - secretKeyRef: - name: backend - key: DJANGO_EMAIL_HOST_USER - DJANGO_EMAIL_HOST_PASSWORD: - secretKeyRef: - name: backend - key: DJANGO_EMAIL_HOST_PASSWORD - DJANGO_SILENCED_SYSTEM_CHECKS: security.W008,security.W004 - OIDC_OP_JWKS_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/jwks - OIDC_OP_AUTHORIZATION_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/authorize - OIDC_OP_TOKEN_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/token - OIDC_OP_USER_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/userinfo - OIDC_OP_LOGOUT_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/session/end - OIDC_RP_CLIENT_ID: - secretKeyRef: - name: backend - key: OIDC_RP_CLIENT_ID - OIDC_RP_CLIENT_SECRET: - secretKeyRef: - name: backend - key: OIDC_RP_CLIENT_SECRET - OIDC_RP_SIGN_ALGO: RS256 - OIDC_RP_SCOPES: "openid email" - OIDC_REDIRECT_ALLOWED_HOSTS: https://impress-preprod.beta.numerique.gouv.fr - OIDC_AUTH_REQUEST_EXTRA_PARAMS: "{'acr_values': 'eidas1'}" - LOGIN_REDIRECT_URL: https://impress-preprod.beta.numerique.gouv.fr - LOGIN_REDIRECT_URL_FAILURE: https://impress-preprod.beta.numerique.gouv.fr - LOGOUT_REDIRECT_URL: https://impress-preprod.beta.numerique.gouv.fr - DB_HOST: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: host - DB_NAME: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: database - DB_USER: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: username - DB_PASSWORD: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: password - DB_PORT: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: port - POSTGRES_USER: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: username - POSTGRES_DB: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: database - POSTGRES_PASSWORD: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: password - REDIS_URL: - secretKeyRef: - name: redis.redis.libre.sh - key: url - AWS_S3_ENDPOINT_URL: - secretKeyRef: - name: impress-media-storage.bucket.libre.sh - key: url - AWS_S3_ACCESS_KEY_ID: - secretKeyRef: - name: impress-media-storage.bucket.libre.sh - key: accessKey - AWS_S3_SECRET_ACCESS_KEY: - secretKeyRef: - name: impress-media-storage.bucket.libre.sh - key: secretKey - AWS_STORAGE_BUCKET_NAME: - secretKeyRef: - name: impress-media-storage.bucket.libre.sh - key: bucket - AWS_S3_REGION_NAME: local - STORAGES_STATICFILES_BACKEND: django.contrib.staticfiles.storage.StaticFilesStorage - - createsuperuser: - command: - - "/bin/sh" - - "-c" - - | - python manage.py createsuperuser --email $DJANGO_SUPERUSER_EMAIL --password $DJANGO_SUPERUSER_PASSWORD - restartPolicy: Never - -frontend: - image: - repository: lasuite/impress-frontend - pullPolicy: Always - tag: "v1.6.0-preprod" - -yProvider: - image: - repository: lasuite/impress-y-provider - pullPolicy: Always - tag: "v1.6.0-preprod" - -ingress: - enabled: true - host: impress-preprod.beta.numerique.gouv.fr - className: nginx - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod - -ingressWS: - enabled: true - host: impress-preprod.beta.numerique.gouv.fr - className: nginx - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod - -ingressAdmin: - enabled: true - host: impress-preprod.beta.numerique.gouv.fr - className: nginx - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod - nginx.ingress.kubernetes.io/auth-signin: https://oauth2-proxy-preprod.beta.numerique.gouv.fr/oauth2/start - nginx.ingress.kubernetes.io/auth-url: https://oauth2-proxy-preprod.beta.numerique.gouv.fr/oauth2/auth - -ingressMedia: - enabled: true - host: impress-preprod.beta.numerique.gouv.fr - - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod - nginx.ingress.kubernetes.io/auth-response-headers: "Authorization, X-Amz-Date, X-Amz-Content-SHA256" - nginx.ingress.kubernetes.io/auth-url: https://impress-preprod.beta.numerique.gouv.fr/api/v1.0/documents/retrieve-auth/ - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - nginx.ingress.kubernetes.io/force-ssl-redirect: "true" - nginx.ingress.kubernetes.io/rewrite-target: /impress-preprod-impress-media-storage/$1 - nginx.ingress.kubernetes.io/ssl-redirect: "true" - nginx.ingress.kubernetes.io/upstream-vhost: s3.margaret-hamilton.indiehosters.net - -serviceMedia: - host: s3.margaret-hamilton.indiehosters.net - port: 443 diff --git a/src/helm/env.d/production/secrets.enc.yaml b/src/helm/env.d/production/secrets.enc.yaml deleted file mode 120000 index 1efef50d..00000000 --- a/src/helm/env.d/production/secrets.enc.yaml +++ /dev/null @@ -1 +0,0 @@ -../../../../secrets/numerique-gouv/impress/env/production/secrets.enc.yaml \ No newline at end of file diff --git a/src/helm/env.d/production/values.impress.yaml.gotmpl b/src/helm/env.d/production/values.impress.yaml.gotmpl deleted file mode 100644 index 0bb80a10..00000000 --- a/src/helm/env.d/production/values.impress.yaml.gotmpl +++ /dev/null @@ -1,183 +0,0 @@ -image: - repository: lasuite/impress-backend - pullPolicy: Always - tag: "v1.6.0" - -backend: - migrateJobAnnotations: - argocd.argoproj.io/hook: PostSync - argocd.argoproj.io/hook-delete-policy: HookSucceeded - envVars: - AI_API_KEY: - secretKeyRef: - name: backend - key: AI_API_KEY - AI_BASE_URL: - secretKeyRef: - name: backend - key: AI_BASE_URL - AI_MODEL: meta-llama/Meta-Llama-3.1-70B-Instruct - DJANGO_CSRF_TRUSTED_ORIGINS: https://docs.numerique.gouv.fr - DJANGO_CONFIGURATION: Production - DJANGO_ALLOWED_HOSTS: "*" - DJANGO_SECRET_KEY: - secretKeyRef: - name: backend - key: DJANGO_SECRET_KEY - DJANGO_SETTINGS_MODULE: impress.settings - DJANGO_SUPERUSER_EMAIL: - secretKeyRef: - name: backend - key: DJANGO_SUPERUSER_EMAIL - DJANGO_SUPERUSER_PASSWORD: - secretKeyRef: - name: backend - key: DJANGO_SUPERUSER_PASSWORD - DJANGO_EMAIL_HOST: "smtp.tem.scw.cloud" - DJANGO_EMAIL_PORT: 587 - DJANGO_EMAIL_USE_TLS: True - DJANGO_EMAIL_FROM: "noreply@docs.beta.numerique.gouv.fr" - DJANGO_EMAIL_HOST_USER: - secretKeyRef: - name: backend - key: DJANGO_EMAIL_HOST_USER - DJANGO_EMAIL_HOST_PASSWORD: - secretKeyRef: - name: backend - key: DJANGO_EMAIL_HOST_PASSWORD - DJANGO_SILENCED_SYSTEM_CHECKS: security.W008,security.W004 - OIDC_OP_JWKS_ENDPOINT: https://auth.agentconnect.gouv.fr/api/v2/jwks - OIDC_OP_AUTHORIZATION_ENDPOINT: https://auth.agentconnect.gouv.fr/api/v2/authorize - OIDC_OP_TOKEN_ENDPOINT: https://auth.agentconnect.gouv.fr/api/v2/token - OIDC_OP_USER_ENDPOINT: https://auth.agentconnect.gouv.fr/api/v2/userinfo - OIDC_OP_LOGOUT_ENDPOINT: https://auth.agentconnect.gouv.fr/api/v2/session/end - OIDC_RP_CLIENT_ID: - secretKeyRef: - name: backend - key: OIDC_RP_CLIENT_ID - OIDC_RP_CLIENT_SECRET: - secretKeyRef: - name: backend - key: OIDC_RP_CLIENT_SECRET - OIDC_RP_SIGN_ALGO: RS256 - OIDC_RP_SCOPES: "openid email" - OIDC_REDIRECT_ALLOWED_HOSTS: https://docs.numerique.gouv.fr - OIDC_AUTH_REQUEST_EXTRA_PARAMS: "{'acr_values': 'eidas1'}" - LOGIN_REDIRECT_URL: https://docs.numerique.gouv.fr - LOGIN_REDIRECT_URL_FAILURE: https://docs.numerique.gouv.fr - LOGOUT_REDIRECT_URL: https://docs.numerique.gouv.fr - DB_HOST: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: host - DB_NAME: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: database - DB_USER: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: username - DB_PASSWORD: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: password - DB_PORT: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: port - POSTGRES_USER: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: username - POSTGRES_DB: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: database - POSTGRES_PASSWORD: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: password - REDIS_URL: - secretKeyRef: - name: redis.redis.libre.sh - key: url - AWS_S3_ENDPOINT_URL: - secretKeyRef: - name: impress-media-storage.bucket.libre.sh - key: url - AWS_S3_ACCESS_KEY_ID: - secretKeyRef: - name: impress-media-storage.bucket.libre.sh - key: accessKey - AWS_S3_SECRET_ACCESS_KEY: - secretKeyRef: - name: impress-media-storage.bucket.libre.sh - key: secretKey - AWS_STORAGE_BUCKET_NAME: - secretKeyRef: - name: impress-media-storage.bucket.libre.sh - key: bucket - AWS_S3_REGION_NAME: local - STORAGES_STATICFILES_BACKEND: django.contrib.staticfiles.storage.StaticFilesStorage - - createsuperuser: - command: - - "/bin/sh" - - "-c" - - | - python manage.py createsuperuser --email $DJANGO_SUPERUSER_EMAIL --password $DJANGO_SUPERUSER_PASSWORD - restartPolicy: Never - -frontend: - image: - repository: lasuite/impress-frontend - pullPolicy: Always - tag: "v1.6.0" - -yProvider: - image: - repository: lasuite/impress-y-provider - pullPolicy: Always - tag: "v1.6.0" - -ingress: - enabled: true - host: docs.numerique.gouv.fr - className: nginx - annotations: - cert-manager.io/cluster-issuer: letsencrypt - -ingressWS: - enabled: true - host: docs.numerique.gouv.fr - className: nginx - annotations: - cert-manager.io/cluster-issuer: letsencrypt - -ingressAdmin: - enabled: true - host: docs.numerique.gouv.fr - className: nginx - annotations: - cert-manager.io/cluster-issuer: letsencrypt - nginx.ingress.kubernetes.io/auth-signin: https://oauth2-proxy.beta.numerique.gouv.fr/oauth2/start - nginx.ingress.kubernetes.io/auth-url: https://oauth2-proxy.beta.numerique.gouv.fr/oauth2/auth - -ingressMedia: - enabled: true - host: docs.numerique.gouv.fr - - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod - nginx.ingress.kubernetes.io/auth-response-headers: "Authorization, X-Amz-Date, X-Amz-Content-SHA256" - nginx.ingress.kubernetes.io/auth-url: https://docs.numerique.gouv.fr/api/v1.0/documents/retrieve-auth/ - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - nginx.ingress.kubernetes.io/force-ssl-redirect: "true" - nginx.ingress.kubernetes.io/rewrite-target: /impress-impress-media-storage/$1 - nginx.ingress.kubernetes.io/ssl-redirect: "true" - nginx.ingress.kubernetes.io/upstream-vhost: s3.hedy-lamarr.indiehosters.net - -serviceMedia: - host: s3.hedy-lamarr.indiehosters.net - port: 443 diff --git a/src/helm/env.d/staging/secrets.enc.yaml b/src/helm/env.d/staging/secrets.enc.yaml deleted file mode 120000 index ca63795d..00000000 --- a/src/helm/env.d/staging/secrets.enc.yaml +++ /dev/null @@ -1 +0,0 @@ -../../../../secrets/numerique-gouv/impress/env/staging/secrets.enc.yaml \ No newline at end of file diff --git a/src/helm/env.d/staging/values.impress.yaml.gotmpl b/src/helm/env.d/staging/values.impress.yaml.gotmpl deleted file mode 100644 index 5eb0464d..00000000 --- a/src/helm/env.d/staging/values.impress.yaml.gotmpl +++ /dev/null @@ -1,183 +0,0 @@ -image: - repository: lasuite/impress-backend - pullPolicy: Always - tag: "main" - -backend: - migrateJobAnnotations: - argocd.argoproj.io/hook: PreSync - argocd.argoproj.io/hook-delete-policy: HookSucceeded - envVars: - AI_API_KEY: - secretKeyRef: - name: backend - key: AI_API_KEY - AI_BASE_URL: - secretKeyRef: - name: backend - key: AI_BASE_URL - AI_MODEL: meta-llama/Meta-Llama-3.1-70B-Instruct - DJANGO_CSRF_TRUSTED_ORIGINS: http://impress-staging.beta.numerique.gouv.fr,https://impress-staging.beta.numerique.gouv.fr - DJANGO_CONFIGURATION: Production - DJANGO_ALLOWED_HOSTS: "*" - DJANGO_SECRET_KEY: - secretKeyRef: - name: backend - key: DJANGO_SECRET_KEY - DJANGO_SETTINGS_MODULE: impress.settings - DJANGO_SUPERUSER_EMAIL: - secretKeyRef: - name: backend - key: DJANGO_SUPERUSER_EMAIL - DJANGO_SUPERUSER_PASSWORD: - secretKeyRef: - name: backend - key: DJANGO_SUPERUSER_PASSWORD - DJANGO_EMAIL_HOST: "smtp.tem.scw.cloud" - DJANGO_EMAIL_PORT: 587 - DJANGO_EMAIL_USE_TLS: True - DJANGO_EMAIL_FROM: "noreply@docs.beta.numerique.gouv.fr" - DJANGO_EMAIL_HOST_USER: - secretKeyRef: - name: backend - key: DJANGO_EMAIL_HOST_USER - DJANGO_EMAIL_HOST_PASSWORD: - secretKeyRef: - name: backend - key: DJANGO_EMAIL_HOST_PASSWORD - DJANGO_SILENCED_SYSTEM_CHECKS: security.W008,security.W004 - OIDC_OP_JWKS_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/jwks - OIDC_OP_AUTHORIZATION_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/authorize - OIDC_OP_TOKEN_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/token - OIDC_OP_USER_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/userinfo - OIDC_OP_LOGOUT_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/session/end - OIDC_RP_CLIENT_ID: - secretKeyRef: - name: backend - key: OIDC_RP_CLIENT_ID - OIDC_RP_CLIENT_SECRET: - secretKeyRef: - name: backend - key: OIDC_RP_CLIENT_SECRET - OIDC_RP_SIGN_ALGO: RS256 - OIDC_RP_SCOPES: "openid email" - OIDC_REDIRECT_ALLOWED_HOSTS: https://impress-staging.beta.numerique.gouv.fr - OIDC_AUTH_REQUEST_EXTRA_PARAMS: "{'acr_values': 'eidas1'}" - LOGIN_REDIRECT_URL: https://impress-staging.beta.numerique.gouv.fr - LOGIN_REDIRECT_URL_FAILURE: https://impress-staging.beta.numerique.gouv.fr - LOGOUT_REDIRECT_URL: https://impress-staging.beta.numerique.gouv.fr - DB_HOST: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: host - DB_NAME: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: database - DB_USER: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: username - DB_PASSWORD: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: password - DB_PORT: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: port - POSTGRES_USER: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: username - POSTGRES_DB: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: database - POSTGRES_PASSWORD: - secretKeyRef: - name: postgresql.postgres.libre.sh - key: password - REDIS_URL: - secretKeyRef: - name: redis.redis.libre.sh - key: url - AWS_S3_ENDPOINT_URL: - secretKeyRef: - name: impress-media-storage.bucket.libre.sh - key: url - AWS_S3_ACCESS_KEY_ID: - secretKeyRef: - name: impress-media-storage.bucket.libre.sh - key: accessKey - AWS_S3_SECRET_ACCESS_KEY: - secretKeyRef: - name: impress-media-storage.bucket.libre.sh - key: secretKey - AWS_STORAGE_BUCKET_NAME: - secretKeyRef: - name: impress-media-storage.bucket.libre.sh - key: bucket - AWS_S3_REGION_NAME: local - STORAGES_STATICFILES_BACKEND: django.contrib.staticfiles.storage.StaticFilesStorage - - createsuperuser: - command: - - "/bin/sh" - - "-c" - - | - python manage.py createsuperuser --email $DJANGO_SUPERUSER_EMAIL --password $DJANGO_SUPERUSER_PASSWORD - restartPolicy: Never - -frontend: - image: - repository: lasuite/impress-frontend - pullPolicy: Always - tag: "main" - -yProvider: - image: - repository: lasuite/impress-y-provider - pullPolicy: Always - tag: "main" - -ingress: - enabled: true - host: impress-staging.beta.numerique.gouv.fr - className: nginx - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod - -ingressWS: - enabled: true - host: impress-staging.beta.numerique.gouv.fr - className: nginx - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod - -ingressAdmin: - enabled: true - host: impress-staging.beta.numerique.gouv.fr - className: nginx - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod - nginx.ingress.kubernetes.io/auth-signin: https://oauth2-proxy-preprod.beta.numerique.gouv.fr/oauth2/start - nginx.ingress.kubernetes.io/auth-url: https://oauth2-proxy-preprod.beta.numerique.gouv.fr/oauth2/auth - -ingressMedia: - enabled: true - host: impress-staging.beta.numerique.gouv.fr - - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod - nginx.ingress.kubernetes.io/auth-response-headers: "Authorization, X-Amz-Date, X-Amz-Content-SHA256" - nginx.ingress.kubernetes.io/auth-url: https://impress-staging.beta.numerique.gouv.fr/api/v1.0/documents/retrieve-auth/ - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - nginx.ingress.kubernetes.io/force-ssl-redirect: "true" - nginx.ingress.kubernetes.io/rewrite-target: /impress-staging-impress-media-storage/$1 - nginx.ingress.kubernetes.io/ssl-redirect: "true" - nginx.ingress.kubernetes.io/upstream-vhost: s3.margaret-hamilton.indiehosters.net - -serviceMedia: - host: s3.margaret-hamilton.indiehosters.net - port: 443 diff --git a/src/helm/extra/Chart.yaml b/src/helm/extra/Chart.yaml deleted file mode 100644 index f3a2b2fc..00000000 --- a/src/helm/extra/Chart.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v2 -name: extra -description: A Helm chart to add some manifests to impress -type: application -version: 0.1.0 diff --git a/src/helm/extra/templates/keydb.yaml b/src/helm/extra/templates/keydb.yaml deleted file mode 100644 index 00898ae9..00000000 --- a/src/helm/extra/templates/keydb.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: core.libre.sh/v1alpha1 -kind: Redis -metadata: - name: redis - namespace: {{ .Release.Namespace | quote }} -spec: - disableAuth: false diff --git a/src/helm/extra/templates/postgresql.yaml b/src/helm/extra/templates/postgresql.yaml deleted file mode 100644 index 24d22c47..00000000 --- a/src/helm/extra/templates/postgresql.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: core.libre.sh/v1alpha1 -kind: Postgres -metadata: - name: postgresql - namespace: {{ .Release.Namespace | quote }} -spec: - database: impress diff --git a/src/helm/extra/templates/s3.yaml b/src/helm/extra/templates/s3.yaml deleted file mode 100644 index 6ba05f99..00000000 --- a/src/helm/extra/templates/s3.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: core.libre.sh/v1alpha1 -kind: Bucket -metadata: - name: impress-media-storage - namespace: {{ .Release.Namespace | quote }} -spec: - provider: data - versioned: true diff --git a/src/helm/helmfile.yaml b/src/helm/helmfile.yaml deleted file mode 100644 index 434a0241..00000000 --- a/src/helm/helmfile.yaml +++ /dev/null @@ -1,82 +0,0 @@ -repositories: -- name: bitnami - url: registry-1.docker.io/bitnamicharts - oci: true - -releases: - - name: postgres - installed: {{ eq .Environment.Name "dev" | toYaml }} - namespace: {{ .Namespace }} - chart: bitnami/postgresql - version: 13.1.5 - values: - - auth: - username: dinum - password: pass - database: impress - - tls: - enabled: true - autoGenerated: true - - - name: minio - installed: {{ eq .Environment.Name "dev" | toYaml }} - namespace: {{ .Namespace }} - chart: bitnami/minio - version: 12.10.10 - values: - - auth: - rootUser: impress - rootPassword: password - - provisioning: - enabled: true - buckets: - - name: impress-media-storage - versioning: true - - - name: redis - installed: {{ eq .Environment.Name "dev" | toYaml }} - namespace: {{ .Namespace }} - chart: bitnami/redis - version: 18.19.2 - values: - - auth: - password: pass - architecture: standalone - - - name: extra - installed: {{ ne .Environment.Name "dev" | toYaml }} - namespace: {{ .Namespace }} - chart: ./extra - secrets: - - env.d/{{ .Environment.Name }}/secrets.enc.yaml - - - name: impress - version: {{ .Values.version }} - namespace: {{ .Namespace }} - chart: ./impress - values: - - env.d/{{ .Environment.Name }}/values.impress.yaml.gotmpl - secrets: - - env.d/{{ .Environment.Name }}/secrets.enc.yaml - -environments: - dev: - values: - - version: 0.0.1 - secrets: - - env.d/{{ .Environment.Name }}/secrets.enc.yaml - staging: - values: - - version: 0.0.1 - secrets: - - env.d/{{ .Environment.Name }}/secrets.enc.yaml - preprod: - values: - - version: 0.0.1 - secrets: - - env.d/{{ .Environment.Name }}/secrets.enc.yaml - production: - values: - - version: 0.0.1 - secrets: - - env.d/{{ .Environment.Name }}/secrets.enc.yaml diff --git a/src/helm/impress/Chart.yaml b/src/helm/impress/Chart.yaml deleted file mode 100644 index a9f05c77..00000000 --- a/src/helm/impress/Chart.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v2 -type: application -name: impress -version: 0.0.1 diff --git a/src/helm/impress/README.md b/src/helm/impress/README.md deleted file mode 100644 index 2b16874e..00000000 --- a/src/helm/impress/README.md +++ /dev/null @@ -1,128 +0,0 @@ -# Impress helm chart - -## Parameters - -### General configuration - -| Name | Description | Value | -| ------------------------------------------ | ---------------------------------------------------- | ------------------------ | -| `image.repository` | Repository to use to pull impress's container image | `lasuite/impress-backend` | -| `image.tag` | impress's container tag | `latest` | -| `image.pullPolicy` | Container image pull policy | `IfNotPresent` | -| `image.credentials.username` | Username for container registry authentication | | -| `image.credentials.password` | Password for container registry authentication | | -| `image.credentials.registry` | Registry url for which the credentials are specified | | -| `image.credentials.name` | Name of the generated secret for imagePullSecrets | | -| `nameOverride` | Override the chart name | `""` | -| `fullnameOverride` | Override the full application name | `""` | -| `ingress.enabled` | whether to enable the Ingress or not | `false` | -| `ingress.className` | IngressClass to use for the Ingress | `nil` | -| `ingress.host` | Host for the Ingress | `impress.example.com` | -| `ingress.path` | Path to use for the Ingress | `/` | -| `ingress.hosts` | Additional host to configure for the Ingress | `[]` | -| `ingress.tls.enabled` | Weather to enable TLS for the Ingress | `true` | -| `ingress.tls.additional[].secretName` | Secret name for additional TLS config | | -| `ingress.tls.additional[].hosts[]` | Hosts for additional TLS config | | -| `ingress.customBackends` | Add custom backends to ingress | `[]` | -| `ingressAdmin.enabled` | whether to enable the Ingress or not | `false` | -| `ingressAdmin.className` | IngressClass to use for the Ingress | `nil` | -| `ingressAdmin.host` | Host for the Ingress | `impress.example.com` | -| `ingressAdmin.path` | Path to use for the Ingress | `/admin` | -| `ingressAdmin.hosts` | Additional host to configure for the Ingress | `[]` | -| `ingressAdmin.tls.enabled` | Weather to enable TLS for the Ingress | `true` | -| `ingressAdmin.tls.additional[].secretName` | Secret name for additional TLS config | | -| `ingressAdmin.tls.additional[].hosts[]` | Hosts for additional TLS config | | - -### backend - -| Name | Description | Value | -| ----------------------------------------------------- | ---------------------------------------------------------------------------------- | ----------------------------------------------- | -| `backend.command` | Override the backend container command | `[]` | -| `backend.args` | Override the backend container args | `[]` | -| `backend.replicas` | Amount of backend replicas | `3` | -| `backend.shareProcessNamespace` | Enable share process namespace between containers | `false` | -| `backend.sidecars` | Add sidecars containers to backend deployment | `[]` | -| `backend.securityContext` | Configure backend Pod security context | `nil` | -| `backend.envVars` | Configure backend container environment variables | `undefined` | -| `backend.envVars.BY_VALUE` | Example environment variable by setting value directly | | -| `backend.envVars.FROM_CONFIGMAP.configMapKeyRef.name` | Name of a ConfigMap when configuring env vars from a ConfigMap | | -| `backend.envVars.FROM_CONFIGMAP.configMapKeyRef.key` | Key within a ConfigMap when configuring env vars from a ConfigMap | | -| `backend.envVars.FROM_SECRET.secretKeyRef.name` | Name of a Secret when configuring env vars from a Secret | | -| `backend.envVars.FROM_SECRET.secretKeyRef.key` | Key within a Secret when configuring env vars from a Secret | | -| `backend.podAnnotations` | Annotations to add to the backend Pod | `{}` | -| `backend.service.type` | backend Service type | `ClusterIP` | -| `backend.service.port` | backend Service listening port | `80` | -| `backend.service.targetPort` | backend container listening port | `8000` | -| `backend.service.annotations` | Annotations to add to the backend Service | `{}` | -| `backend.migrate.command` | backend migrate command | `["python","manage.py","migrate","--no-input"]` | -| `backend.migrate.restartPolicy` | backend migrate job restart policy | `Never` | -| `backend.probes.liveness.path` | Configure path for backend HTTP liveness probe | `/__heartbeat__` | -| `backend.probes.liveness.targetPort` | Configure port for backend HTTP liveness probe | `undefined` | -| `backend.probes.liveness.initialDelaySeconds` | Configure initial delay for backend liveness probe | `10` | -| `backend.probes.liveness.initialDelaySeconds` | Configure timeout for backend liveness probe | `10` | -| `backend.probes.startup.path` | Configure path for backend HTTP startup probe | `undefined` | -| `backend.probes.startup.targetPort` | Configure port for backend HTTP startup probe | `undefined` | -| `backend.probes.startup.initialDelaySeconds` | Configure initial delay for backend startup probe | `undefined` | -| `backend.probes.startup.initialDelaySeconds` | Configure timeout for backend startup probe | `undefined` | -| `backend.probes.readiness.path` | Configure path for backend HTTP readiness probe | `/__lbheartbeat__` | -| `backend.probes.readiness.targetPort` | Configure port for backend HTTP readiness probe | `undefined` | -| `backend.probes.readiness.initialDelaySeconds` | Configure initial delay for backend readiness probe | `10` | -| `backend.probes.readiness.initialDelaySeconds` | Configure timeout for backend readiness probe | `10` | -| `backend.resources` | Resource requirements for the backend container | `{}` | -| `backend.nodeSelector` | Node selector for the backend Pod | `{}` | -| `backend.tolerations` | Tolerations for the backend Pod | `[]` | -| `backend.affinity` | Affinity for the backend Pod | `{}` | -| `backend.persistence` | Additional volumes to create and mount on the backend. Used for debugging purposes | `{}` | -| `backend.persistence.volume-name.size` | Size of the additional volume | | -| `backend.persistence.volume-name.type` | Type of the additional volume, persistentVolumeClaim or emptyDir | | -| `backend.persistence.volume-name.mountPath` | Path where the volume should be mounted to | | -| `backend.extraVolumeMounts` | Additional volumes to mount on the backend. | `[]` | -| `backend.extraVolumes` | Additional volumes to mount on the backend. | `[]` | - -### frontend - -| Name | Description | Value | -| ------------------------------------------------------ | ----------------------------------------------------------------------------------- | ------------------------- | -| `frontend.image.repository` | Repository to use to pull impress's frontend container image | `lasuite/impress-frontend` | -| `frontend.image.tag` | impress's frontend container tag | `latest` | -| `frontend.image.pullPolicy` | frontend container image pull policy | `IfNotPresent` | -| `frontend.command` | Override the frontend container command | `[]` | -| `frontend.args` | Override the frontend container args | `[]` | -| `frontend.replicas` | Amount of frontend replicas | `3` | -| `frontend.shareProcessNamespace` | Enable share process namefrontend between containers | `false` | -| `frontend.sidecars` | Add sidecars containers to frontend deployment | `[]` | -| `frontend.securityContext` | Configure frontend Pod security context | `nil` | -| `frontend.envVars` | Configure frontend container environment variables | `undefined` | -| `frontend.envVars.BY_VALUE` | Example environment variable by setting value directly | | -| `frontend.envVars.FROM_CONFIGMAP.configMapKeyRef.name` | Name of a ConfigMap when configuring env vars from a ConfigMap | | -| `frontend.envVars.FROM_CONFIGMAP.configMapKeyRef.key` | Key within a ConfigMap when configuring env vars from a ConfigMap | | -| `frontend.envVars.FROM_SECRET.secretKeyRef.name` | Name of a Secret when configuring env vars from a Secret | | -| `frontend.envVars.FROM_SECRET.secretKeyRef.key` | Key within a Secret when configuring env vars from a Secret | | -| `frontend.podAnnotations` | Annotations to add to the frontend Pod | `{}` | -| `frontend.service.type` | frontend Service type | `ClusterIP` | -| `frontend.service.port` | frontend Service listening port | `80` | -| `frontend.service.targetPort` | frontend container listening port | `8080` | -| `frontend.service.annotations` | Annotations to add to the frontend Service | `{}` | -| `frontend.probes` | Configure probe for frontend | `{}` | -| `frontend.probes.liveness.path` | Configure path for frontend HTTP liveness probe | | -| `frontend.probes.liveness.targetPort` | Configure port for frontend HTTP liveness probe | | -| `frontend.probes.liveness.initialDelaySeconds` | Configure initial delay for frontend liveness probe | | -| `frontend.probes.liveness.initialDelaySeconds` | Configure timeout for frontend liveness probe | | -| `frontend.probes.startup.path` | Configure path for frontend HTTP startup probe | | -| `frontend.probes.startup.targetPort` | Configure port for frontend HTTP startup probe | | -| `frontend.probes.startup.initialDelaySeconds` | Configure initial delay for frontend startup probe | | -| `frontend.probes.startup.initialDelaySeconds` | Configure timeout for frontend startup probe | | -| `frontend.probes.readiness.path` | Configure path for frontend HTTP readiness probe | | -| `frontend.probes.readiness.targetPort` | Configure port for frontend HTTP readiness probe | | -| `frontend.probes.readiness.initialDelaySeconds` | Configure initial delay for frontend readiness probe | | -| `frontend.probes.readiness.initialDelaySeconds` | Configure timeout for frontend readiness probe | | -| `frontend.resources` | Resource requirements for the frontend container | `{}` | -| `frontend.nodeSelector` | Node selector for the frontend Pod | `{}` | -| `frontend.tolerations` | Tolerations for the frontend Pod | `[]` | -| `frontend.affinity` | Affinity for the frontend Pod | `{}` | -| `frontend.persistence` | Additional volumes to create and mount on the frontend. Used for debugging purposes | `{}` | -| `frontend.persistence.volume-name.size` | Size of the additional volume | | -| `frontend.persistence.volume-name.type` | Type of the additional volume, persistentVolumeClaim or emptyDir | | -| `frontend.persistence.volume-name.mountPath` | Path where the volume should be mounted to | | -| `frontend.extraVolumeMounts` | Additional volumes to mount on the frontend. | `[]` | -| `frontend.extraVolumes` | Additional volumes to mount on the frontend. | `[]` | diff --git a/src/helm/impress/generate-readme.sh b/src/helm/impress/generate-readme.sh deleted file mode 100644 index edbd2806..00000000 --- a/src/helm/impress/generate-readme.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash - -docker image ls | grep readme-generator-for-helm -if [ "$?" -ne "0" ]; then - git clone https://github.com/bitnami/readme-generator-for-helm.git /tmp/readme-generator-for-helm - cd /tmp/readme-generator-for-helm - docker build -t readme-generator-for-helm:latest . - cd $(dirname -- "${BASH_SOURCE[0]}") -fi -docker run --rm -it -v ./values.yaml:/app/values.yaml -v ./README.md:/app/README.md readme-generator-for-helm:latest readme-generator -v values.yaml -r README.md diff --git a/src/helm/impress/templates/_helpers.tpl b/src/helm/impress/templates/_helpers.tpl deleted file mode 100644 index 63188f3b..00000000 --- a/src/helm/impress/templates/_helpers.tpl +++ /dev/null @@ -1,184 +0,0 @@ -{{/* -Expand the name of the chart. -*/}} -{{- define "impress.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "impress.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "impress.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -impress.labels -*/}} -{{- define "impress.labels" -}} -helm.sh/chart: {{ include "impress.chart" . }} -{{ include "impress.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "impress.selectorLabels" -}} -app.kubernetes.io/name: {{ include "impress.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -transform dictionnary of environment variables -Usage : {{ include "impress.env.transformDict" .Values.envVars }} - -Example: -envVars: - # Using simple strings as env vars - ENV_VAR_NAME: "envVar value" - # Using a value from a configMap - ENV_VAR_FROM_CM: - configMapKeyRef: - name: cm-name - key: "key_in_cm" - # Using a value from a secret - ENV_VAR_FROM_SECRET: - secretKeyRef: - name: secret-name - key: "key_in_secret" -*/}} -{{- define "impress.env.transformDict" -}} -{{- range $key, $value := . }} -- name: {{ $key | quote }} -{{- if $value | kindIs "map" }} - valueFrom: {{ $value | toYaml | nindent 4 }} -{{- else }} - value: {{ $value | quote }} -{{- end }} -{{- end }} -{{- end }} - - -{{/* -impress env vars -*/}} -{{- define "impress.common.env" -}} -{{- $topLevelScope := index . 0 -}} -{{- $workerScope := index . 1 -}} -{{- include "impress.env.transformDict" $workerScope.envVars -}} -{{- end }} - -{{/* -Common labels - -Requires array with top level scope and component name -*/}} -{{- define "impress.common.labels" -}} -{{- $topLevelScope := index . 0 -}} -{{- $component := index . 1 -}} -{{- include "impress.labels" $topLevelScope }} -app.kubernetes.io/component: {{ $component }} -{{- end }} - -{{/* -Common selector labels - -Requires array with top level scope and component name -*/}} -{{- define "impress.common.selectorLabels" -}} -{{- $topLevelScope := index . 0 -}} -{{- $component := index . 1 -}} -{{- include "impress.selectorLabels" $topLevelScope }} -app.kubernetes.io/component: {{ $component }} -{{- end }} - -{{- define "impress.probes.abstract" -}} -{{- if .exec -}} -exec: -{{- toYaml .exec | nindent 2 }} -{{- else if .tcpSocket -}} -tcpSocket: -{{- toYaml .tcpSocket | nindent 2 }} -{{- else -}} -httpGet: - path: {{ .path }} - port: {{ .targetPort }} -{{- end }} -initialDelaySeconds: {{ .initialDelaySeconds | eq nil | ternary 0 .initialDelaySeconds }} -timeoutSeconds: {{ .timeoutSeconds | eq nil | ternary 1 .timeoutSeconds }} -{{- end }} - -{{/* -Full name for the backend - -Requires top level scope -*/}} -{{- define "impress.backend.fullname" -}} -{{ include "impress.fullname" . }}-backend -{{- end }} - -{{/* -Full name for the frontend - -Requires top level scope -*/}} -{{- define "impress.frontend.fullname" -}} -{{ include "impress.fullname" . }}-frontend -{{- end }} - -{{/* -Full name for the yProvider - -Requires top level scope -*/}} -{{- define "impress.yProvider.fullname" -}} -{{ include "impress.fullname" . }}-y-provider -{{- end }} - -{{/* -Usage : {{ include "impress.secret.dockerconfigjson.name" (dict "fullname" (include "impress.fullname" .) "imageCredentials" .Values.path.to.the.image1) }} -*/}} -{{- define "impress.secret.dockerconfigjson.name" }} -{{- if (default (dict) .imageCredentials).name }}{{ .imageCredentials.name }}{{ else }}{{ .fullname | trunc 63 | trimSuffix "-" }}-dockerconfig{{ end -}} -{{- end }} - -{{/* -Usage : {{ include "impress.secret.dockerconfigjson" (dict "fullname" (include "impress.fullname" .) "imageCredentials" .Values.path.to.the.image1) }} -*/}} -{{- define "impress.secret.dockerconfigjson" }} -{{- if .imageCredentials -}} -apiVersion: v1 -kind: Secret -metadata: - name: {{ template "impress.secret.dockerconfigjson.name" (dict "fullname" .fullname "imageCredentials" .imageCredentials) }} - annotations: - "helm.sh/hook": pre-install,pre-upgrade - "helm.sh/hook-weight": "-5" - "helm.sh/hook-delete-policy": before-hook-creation -type: kubernetes.io/dockerconfigjson -data: - .dockerconfigjson: {{ template "impress.secret.dockerconfigjson.data" .imageCredentials }} -{{- end -}} -{{- end }} diff --git a/src/helm/impress/templates/backend_deployment.yaml b/src/helm/impress/templates/backend_deployment.yaml deleted file mode 100644 index d0c0f086..00000000 --- a/src/helm/impress/templates/backend_deployment.yaml +++ /dev/null @@ -1,136 +0,0 @@ -{{- $envVars := include "impress.common.env" (list . .Values.backend) -}} -{{- $fullName := include "impress.backend.fullname" . -}} -{{- $component := "backend" -}} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ $fullName }} - namespace: {{ .Release.Namespace | quote }} - labels: - {{- include "impress.common.labels" (list . $component) | nindent 4 }} -spec: - replicas: {{ .Values.backend.replicas }} - selector: - matchLabels: - {{- include "impress.common.selectorLabels" (list . $component) | nindent 6 }} - template: - metadata: - annotations: - {{- with .Values.backend.podAnnotations }} - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "impress.common.selectorLabels" (list . $component) | nindent 8 }} - spec: - {{- if $.Values.image.credentials }} - imagePullSecrets: - - name: {{ include "impress.secret.dockerconfigjson.name" (dict "fullname" (include "impress.fullname" .) "imageCredentials" $.Values.image.credentials) }} - {{- end}} - shareProcessNamespace: {{ .Values.backend.shareProcessNamespace }} - containers: - {{- with .Values.backend.sidecars }} - {{- toYaml . | nindent 8 }} - {{- end }} - - name: {{ .Chart.Name }} - image: "{{ (.Values.backend.image | default dict).repository | default .Values.image.repository }}:{{ (.Values.backend.image | default dict).tag | default .Values.image.tag }}" - imagePullPolicy: {{ (.Values.backend.image | default dict).pullPolicy | default .Values.image.pullPolicy }} - {{- with .Values.backend.command }} - command: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.backend.args }} - args: - {{- toYaml . | nindent 12 }} - {{- end }} - env: - {{- if $envVars}} - {{- $envVars | indent 12 }} - {{- end }} - {{- with .Values.backend.securityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - ports: - - name: http - containerPort: {{ .Values.backend.service.targetPort }} - protocol: TCP - {{- if .Values.backend.probes.liveness }} - livenessProbe: - {{- include "impress.probes.abstract" (merge .Values.backend.probes.liveness (dict "targetPort" .Values.backend.service.targetPort )) | nindent 12 }} - {{- end }} - {{- if .Values.backend.probes.readiness }} - readinessProbe: - {{- include "impress.probes.abstract" (merge .Values.backend.probes.readiness (dict "targetPort" .Values.backend.service.targetPort )) | nindent 12 }} - {{- end }} - {{- if .Values.backend.probes.startup }} - startupProbe: - {{- include "impress.probes.abstract" (merge .Values.backend.probes.startup (dict "targetPort" .Values.backend.service.targetPort )) | nindent 12 }} - {{- end }} - {{- with .Values.backend.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - volumeMounts: - {{- range $index, $value := .Values.mountFiles }} - - name: "files-{{ $index }}" - mountPath: {{ $value.path }} - subPath: content - {{- end }} - {{- range $name, $volume := .Values.backend.persistence }} - - name: "{{ $name }}" - mountPath: "{{ $volume.mountPath }}" - {{- end }} - {{- range .Values.backend.extraVolumeMounts }} - - name: {{ .name }} - mountPath: {{ .mountPath }} - subPath: {{ .subPath | default "" }} - readOnly: {{ .readOnly }} - {{- end }} - {{- with .Values.backend.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.backend.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.backend.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - volumes: - {{- range $index, $value := .Values.mountFiles }} - - name: "files-{{ $index }}" - configMap: - name: "{{ include "impress.fullname" $ }}-files-{{ $index }}" - {{- end }} - {{- range $name, $volume := .Values.backend.persistence }} - - name: "{{ $name }}" - {{- if eq $volume.type "emptyDir" }} - emptyDir: {} - {{- else }} - persistentVolumeClaim: - claimName: "{{ $fullName }}-{{ $name }}" - {{- end }} - {{- end }} - {{- range .Values.backend.extraVolumes }} - - name: {{ .name }} - {{- if .existingClaim }} - persistentVolumeClaim: - claimName: {{ .existingClaim }} - {{- else if .hostPath }} - hostPath: - {{ toYaml .hostPath | nindent 12 }} - {{- else if .csi }} - csi: - {{- toYaml .csi | nindent 12 }} - {{- else if .configMap }} - configMap: - {{- toYaml .configMap | nindent 12 }} - {{- else if .emptyDir }} - emptyDir: - {{- toYaml .emptyDir | nindent 12 }} - {{- else }} - emptyDir: {} - {{- end }} - {{- end }} diff --git a/src/helm/impress/templates/backend_job.yaml b/src/helm/impress/templates/backend_job.yaml deleted file mode 100644 index 9c81d7df..00000000 --- a/src/helm/impress/templates/backend_job.yaml +++ /dev/null @@ -1,122 +0,0 @@ -{{- $envVars := include "impress.common.env" (list . .Values.backend) -}} -{{- $fullName := include "impress.backend.fullname" . -}} -{{- $component := "backend" -}} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ $fullName }}-migrate - namespace: {{ .Release.Namespace | quote }} - annotations: - argocd.argoproj.io/sync-options: Replace=true,Force=true - {{- with .Values.backend.migrateJobAnnotations }} - {{- toYaml . | nindent 4 }} - {{- end }} - labels: - {{- include "impress.common.labels" (list . $component) | nindent 4 }} -spec: - template: - metadata: - annotations: - {{- with .Values.backend.podAnnotations }} - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "impress.common.selectorLabels" (list . $component) | nindent 8 }} - spec: - {{- if $.Values.image.credentials }} - imagePullSecrets: - - name: {{ include "impress.secret.dockerconfigjson.name" (dict "fullname" (include "impress.fullname" .) "imageCredentials" $.Values.image.credentials) }} - {{- end}} - shareProcessNamespace: {{ .Values.backend.shareProcessNamespace }} - containers: - {{- with .Values.backend.sidecars }} - {{- toYaml . | nindent 8 }} - {{- end }} - - name: {{ .Chart.Name }} - image: "{{ (.Values.backend.image | default dict).repository | default .Values.image.repository }}:{{ (.Values.backend.image | default dict).tag | default .Values.image.tag }}" - imagePullPolicy: {{ (.Values.backend.image | default dict).pullPolicy | default .Values.image.pullPolicy }} - {{- with .Values.backend.migrate.command }} - command: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.backend.args }} - args: - {{- toYaml . | nindent 12 }} - {{- end }} - env: - {{- if $envVars}} - {{- $envVars | indent 12 }} - {{- end }} - {{- with .Values.backend.securityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.backend.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - volumeMounts: - {{- range $index, $value := .Values.mountFiles }} - - name: "files-{{ $index }}" - mountPath: {{ $value.path }} - subPath: content - {{- end }} - {{- range $name, $volume := .Values.backend.persistence }} - - name: "{{ $name }}" - mountPath: "{{ $volume.mountPath }}" - {{- end }} - {{- range .Values.backend.extraVolumeMounts }} - - name: {{ .name }} - mountPath: {{ .mountPath }} - subPath: {{ .subPath | default "" }} - readOnly: {{ .readOnly }} - {{- end }} - {{- with .Values.backend.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.backend.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.backend.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - restartPolicy: {{ .Values.backend.migrate.restartPolicy }} - volumes: - {{- range $index, $value := .Values.mountFiles }} - - name: "files-{{ $index }}" - configMap: - name: "{{ include "impress.fullname" $ }}-files-{{ $index }}" - {{- end }} - {{- range $name, $volume := .Values.backend.persistence }} - - name: "{{ $name }}" - {{- if eq $volume.type "emptyDir" }} - emptyDir: {} - {{- else }} - persistentVolumeClaim: - claimName: "{{ $fullName }}-{{ $name }}" - {{- end }} - {{- end }} - {{- range .Values.backend.extraVolumes }} - - name: {{ .name }} - {{- if .existingClaim }} - persistentVolumeClaim: - claimName: {{ .existingClaim }} - {{- else if .hostPath }} - hostPath: - {{ toYaml .hostPath | nindent 12 }} - {{- else if .csi }} - csi: - {{- toYaml .csi | nindent 12 }} - {{- else if .configMap }} - configMap: - {{- toYaml .configMap | nindent 12 }} - {{- else if .emptyDir }} - emptyDir: - {{- toYaml .emptyDir | nindent 12 }} - {{- else }} - emptyDir: {} - {{- end }} - {{- end }} diff --git a/src/helm/impress/templates/backend_job_createsuperuser.yaml b/src/helm/impress/templates/backend_job_createsuperuser.yaml deleted file mode 100644 index beb7d65e..00000000 --- a/src/helm/impress/templates/backend_job_createsuperuser.yaml +++ /dev/null @@ -1,122 +0,0 @@ -{{- $envVars := include "impress.common.env" (list . .Values.backend) -}} -{{- $fullName := include "impress.backend.fullname" . -}} -{{- $component := "backend" -}} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ $fullName }}-createsuperuser - namespace: {{ .Release.Namespace | quote }} - annotations: - argocd.argoproj.io/sync-options: Replace=true,Force=true - {{- with .Values.backend.migrateJobAnnotations }} - {{- toYaml . | nindent 4 }} - {{- end }} - labels: - {{- include "impress.common.labels" (list . $component) | nindent 4 }} -spec: - template: - metadata: - annotations: - {{- with .Values.backend.podAnnotations }} - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "impress.common.selectorLabels" (list . $component) | nindent 8 }} - spec: - {{- if $.Values.image.credentials }} - imagePullSecrets: - - name: {{ include "impress.secret.dockerconfigjson.name" (dict "fullname" (include "impress.fullname" .) "imageCredentials" $.Values.image.credentials) }} - {{- end}} - shareProcessNamespace: {{ .Values.backend.shareProcessNamespace }} - containers: - {{- with .Values.backend.sidecars }} - {{- toYaml . | nindent 8 }} - {{- end }} - - name: {{ .Chart.Name }} - image: "{{ (.Values.backend.image | default dict).repository | default .Values.image.repository }}:{{ (.Values.backend.image | default dict).tag | default .Values.image.tag }}" - imagePullPolicy: {{ (.Values.backend.image | default dict).pullPolicy | default .Values.image.pullPolicy }} - {{- with .Values.backend.createsuperuser.command }} - command: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.backend.args }} - args: - {{- toYaml . | nindent 12 }} - {{- end }} - env: - {{- if $envVars}} - {{- $envVars | indent 12 }} - {{- end }} - {{- with .Values.backend.securityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.backend.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - volumeMounts: - {{- range $index, $value := .Values.mountFiles }} - - name: "files-{{ $index }}" - mountPath: {{ $value.path }} - subPath: content - {{- end }} - {{- range $name, $volume := .Values.backend.persistence }} - - name: "{{ $name }}" - mountPath: "{{ $volume.mountPath }}" - {{- end }} - {{- range .Values.backend.extraVolumeMounts }} - - name: {{ .name }} - mountPath: {{ .mountPath }} - subPath: {{ .subPath | default "" }} - readOnly: {{ .readOnly }} - {{- end }} - {{- with .Values.backend.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.backend.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.backend.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - restartPolicy: {{ .Values.backend.createsuperuser.restartPolicy }} - volumes: - {{- range $index, $value := .Values.mountFiles }} - - name: "files-{{ $index }}" - configMap: - name: "{{ include "impress.fullname" $ }}-files-{{ $index }}" - {{- end }} - {{- range $name, $volume := .Values.backend.persistence }} - - name: "{{ $name }}" - {{- if eq $volume.type "emptyDir" }} - emptyDir: {} - {{- else }} - persistentVolumeClaim: - claimName: "{{ $fullName }}-{{ $name }}" - {{- end }} - {{- end }} - {{- range .Values.backend.extraVolumes }} - - name: {{ .name }} - {{- if .existingClaim }} - persistentVolumeClaim: - claimName: {{ .existingClaim }} - {{- else if .hostPath }} - hostPath: - {{ toYaml .hostPath | nindent 12 }} - {{- else if .csi }} - csi: - {{- toYaml .csi | nindent 12 }} - {{- else if .configMap }} - configMap: - {{- toYaml .configMap | nindent 12 }} - {{- else if .emptyDir }} - emptyDir: - {{- toYaml .emptyDir | nindent 12 }} - {{- else }} - emptyDir: {} - {{- end }} - {{- end }} diff --git a/src/helm/impress/templates/backend_svc.yaml b/src/helm/impress/templates/backend_svc.yaml deleted file mode 100644 index 579bdbf6..00000000 --- a/src/helm/impress/templates/backend_svc.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- $envVars := include "impress.common.env" (list . .Values.backend) -}} -{{- $fullName := include "impress.backend.fullname" . -}} -{{- $component := "backend" -}} -apiVersion: v1 -kind: Service -metadata: - name: {{ $fullName }} - namespace: {{ .Release.Namespace | quote }} - labels: - {{- include "impress.common.labels" (list . $component) | nindent 4 }} - annotations: - {{- toYaml $.Values.backend.service.annotations | nindent 4 }} -spec: - type: {{ .Values.backend.service.type }} - ports: - - port: {{ .Values.backend.service.port }} - targetPort: {{ .Values.backend.service.targetPort }} - protocol: TCP - name: http - selector: - {{- include "impress.common.selectorLabels" (list . $component) | nindent 4 }} diff --git a/src/helm/impress/templates/frontend_deployment.yaml b/src/helm/impress/templates/frontend_deployment.yaml deleted file mode 100644 index 959ab02a..00000000 --- a/src/helm/impress/templates/frontend_deployment.yaml +++ /dev/null @@ -1,136 +0,0 @@ -{{- $envVars := include "impress.common.env" (list . .Values.frontend) -}} -{{- $fullName := include "impress.frontend.fullname" . -}} -{{- $component := "frontend" -}} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ $fullName }} - namespace: {{ .Release.Namespace | quote }} - labels: - {{- include "impress.common.labels" (list . $component) | nindent 4 }} -spec: - replicas: {{ .Values.frontend.replicas }} - selector: - matchLabels: - {{- include "impress.common.selectorLabels" (list . $component) | nindent 6 }} - template: - metadata: - annotations: - {{- with .Values.frontend.podAnnotations }} - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "impress.common.selectorLabels" (list . $component) | nindent 8 }} - spec: - {{- if $.Values.image.credentials }} - imagePullSecrets: - - name: {{ include "impress.secret.dockerconfigjson.name" (dict "fullname" (include "impress.fullname" .) "imageCredentials" $.Values.image.credentials) }} - {{- end}} - shareProcessNamespace: {{ .Values.frontend.shareProcessNamespace }} - containers: - {{- with .Values.frontend.sidecars }} - {{- toYaml . | nindent 8 }} - {{- end }} - - name: {{ .Chart.Name }} - image: "{{ (.Values.frontend.image | default dict).repository | default .Values.image.repository }}:{{ (.Values.frontend.image | default dict).tag | default .Values.image.tag }}" - imagePullPolicy: {{ (.Values.frontend.image | default dict).pullPolicy | default .Values.image.pullPolicy }} - {{- with .Values.frontend.command }} - command: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.frontend.args }} - args: - {{- toYaml . | nindent 12 }} - {{- end }} - env: - {{- if $envVars}} - {{- $envVars | indent 12 }} - {{- end }} - {{- with .Values.frontend.securityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - ports: - - name: http - containerPort: {{ .Values.frontend.service.targetPort }} - protocol: TCP - {{- if .Values.frontend.probes.liveness }} - livenessProbe: - {{- include "impress.probes.abstract" (merge .Values.frontend.probes.liveness (dict "targetPort" .Values.frontend.service.targetPort )) | nindent 12 }} - {{- end }} - {{- if .Values.frontend.probes.readiness }} - readinessProbe: - {{- include "impress.probes.abstract" (merge .Values.frontend.probes.readiness (dict "targetPort" .Values.frontend.service.targetPort )) | nindent 12 }} - {{- end }} - {{- if .Values.frontend.probes.startup }} - startupProbe: - {{- include "impress.probes.abstract" (merge .Values.frontend.probes.startup (dict "targetPort" .Values.frontend.service.targetPort )) | nindent 12 }} - {{- end }} - {{- with .Values.frontend.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - volumeMounts: - {{- range $index, $value := .Values.mountFiles }} - - name: "files-{{ $index }}" - mountPath: {{ $value.path }} - subPath: content - {{- end }} - {{- range $name, $volume := .Values.frontend.persistence }} - - name: "{{ $name }}" - mountPath: "{{ $volume.mountPath }}" - {{- end }} - {{- range .Values.frontend.extraVolumeMounts }} - - name: {{ .name }} - mountPath: {{ .mountPath }} - subPath: {{ .subPath | default "" }} - readOnly: {{ .readOnly }} - {{- end }} - {{- with .Values.frontend.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.frontend.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.frontend.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - volumes: - {{- range $index, $value := .Values.mountFiles }} - - name: "files-{{ $index }}" - configMap: - name: "{{ include "impress.fullname" $ }}-files-{{ $index }}" - {{- end }} - {{- range $name, $volume := .Values.frontend.persistence }} - - name: "{{ $name }}" - {{- if eq $volume.type "emptyDir" }} - emptyDir: {} - {{- else }} - persistentVolumeClaim: - claimName: "{{ $fullName }}-{{ $name }}" - {{- end }} - {{- end }} - {{- range .Values.frontend.extraVolumes }} - - name: {{ .name }} - {{- if .existingClaim }} - persistentVolumeClaim: - claimName: {{ .existingClaim }} - {{- else if .hostPath }} - hostPath: - {{ toYaml .hostPath | nindent 12 }} - {{- else if .csi }} - csi: - {{- toYaml .csi | nindent 12 }} - {{- else if .configMap }} - configMap: - {{- toYaml .configMap | nindent 12 }} - {{- else if .emptyDir }} - emptyDir: - {{- toYaml .emptyDir | nindent 12 }} - {{- else }} - emptyDir: {} - {{- end }} - {{- end }} diff --git a/src/helm/impress/templates/frontend_svc.yaml b/src/helm/impress/templates/frontend_svc.yaml deleted file mode 100644 index ac42e4c6..00000000 --- a/src/helm/impress/templates/frontend_svc.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- $envVars := include "impress.common.env" (list . .Values.frontend) -}} -{{- $fullName := include "impress.frontend.fullname" . -}} -{{- $component := "frontend" -}} -apiVersion: v1 -kind: Service -metadata: - name: {{ $fullName }} - namespace: {{ .Release.Namespace | quote }} - labels: - {{- include "impress.common.labels" (list . $component) | nindent 4 }} - annotations: - {{- toYaml $.Values.frontend.service.annotations | nindent 4 }} -spec: - type: {{ .Values.frontend.service.type }} - ports: - - port: {{ .Values.frontend.service.port }} - targetPort: {{ .Values.frontend.service.targetPort }} - protocol: TCP - name: http - selector: - {{- include "impress.common.selectorLabels" (list . $component) | nindent 4 }} diff --git a/src/helm/impress/templates/ingress.yaml b/src/helm/impress/templates/ingress.yaml deleted file mode 100644 index aecc5977..00000000 --- a/src/helm/impress/templates/ingress.yaml +++ /dev/null @@ -1,118 +0,0 @@ -{{- if .Values.ingress.enabled -}} -{{- $fullName := include "impress.fullname" . -}} -{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} - {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} - {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} - {{- end }} -{{- end }} -{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1 -{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1beta1 -{{- else -}} -apiVersion: extensions/v1beta1 -{{- end }} -kind: Ingress -metadata: - name: {{ $fullName }} - namespace: {{ .Release.Namespace | quote }} - labels: - {{- include "impress.labels" . | nindent 4 }} - {{- with .Values.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} - ingressClassName: {{ .Values.ingress.className }} - {{- end }} - {{- if .Values.ingress.tls.enabled }} - tls: - {{- if .Values.ingress.host }} - - secretName: {{ $fullName }}-tls - hosts: - - {{ .Values.ingress.host | quote }} - {{- end }} - {{- range .Values.ingress.tls.additional }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} - {{- end }} - rules: - {{- if .Values.ingress.host }} - - host: {{ .Values.ingress.host | quote }} - http: - paths: - - path: {{ .Values.ingress.path | quote }} - {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} - pathType: Prefix - {{- end }} - backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ include "impress.frontend.fullname" . }} - port: - number: {{ .Values.frontend.service.port }} - {{- else }} - serviceName: {{ include "impress.frontend.fullname" . }} - servicePort: {{ .Values.frontend.service.port }} - {{- end }} - - path: /api - {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} - pathType: Prefix - {{- end }} - backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ include "impress.backend.fullname" . }} - port: - number: {{ .Values.backend.service.port }} - {{- else }} - serviceName: {{ include "impress.backend.fullname" . }} - servicePort: {{ .Values.backend.service.port }} - {{- end }} - {{- with .Values.ingress.customBackends }} - {{- toYaml . | nindent 10 }} - {{- end }} - {{- end }} - {{- range .Values.ingress.hosts }} - - host: {{ . | quote }} - http: - paths: - - path: {{ $.Values.ingress.path | quote }} - {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} - pathType: Prefix - {{- end }} - backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ include "impress.frontend.fullname" $ }} - port: - number: {{ $.Values.frontend.service.port }} - {{- else }} - serviceName: {{ include "impress.frontend.fullname" $ }} - servicePort: {{ $.Values.frontend.service.port }} - {{- end }} - - path: /api - {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} - pathType: Prefix - {{- end }} - backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ include "impress.backend.fullname" $ }} - port: - number: {{ $.Values.backend.service.port }} - {{- else }} - serviceName: {{ include "impress.backend.fullname" $ }} - servicePort: {{ $.Values.backend.service.port }} - {{- end }} - {{- with $.Values.ingress.customBackends }} - {{- toYaml . | nindent 10 }} - {{- end }} - {{- end }} -{{- end }} - diff --git a/src/helm/impress/templates/ingress_admin.yaml b/src/helm/impress/templates/ingress_admin.yaml deleted file mode 100644 index 64532389..00000000 --- a/src/helm/impress/templates/ingress_admin.yaml +++ /dev/null @@ -1,98 +0,0 @@ -{{- if .Values.ingressAdmin.enabled -}} -{{- $fullName := include "impress.fullname" . -}} -{{- if and .Values.ingressAdmin.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} - {{- if not (hasKey .Values.ingressAdmin.annotations "kubernetes.io/ingress.class") }} - {{- $_ := set .Values.ingressAdmin.annotations "kubernetes.io/ingress.class" .Values.ingressAdmin.className}} - {{- end }} -{{- end }} -{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1 -{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1beta1 -{{- else -}} -apiVersion: extensions/v1beta1 -{{- end }} -kind: Ingress -metadata: - name: {{ $fullName }}-admin - namespace: {{ .Release.Namespace | quote }} - labels: - {{- include "impress.labels" . | nindent 4 }} - {{- with .Values.ingressAdmin.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - {{- if and .Values.ingressAdmin.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} - ingressClassName: {{ .Values.ingressAdmin.className }} - {{- end }} - {{- if .Values.ingressAdmin.tls.enabled }} - tls: - {{- if .Values.ingressAdmin.host }} - - secretName: {{ $fullName }}-tls - hosts: - - {{ .Values.ingressAdmin.host | quote }} - {{- end }} - {{- range .Values.ingressAdmin.tls.additional }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} - {{- end }} - rules: - {{- if .Values.ingressAdmin.host }} - - host: {{ .Values.ingressAdmin.host | quote }} - http: - paths: - - path: {{ .Values.ingressAdmin.path | quote }} - {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} - pathType: Prefix - {{- end }} - backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ include "impress.backend.fullname" . }} - port: - number: {{ .Values.backend.service.port }} - {{- else }} - serviceName: {{ include "impress.backend.fullname" . }} - servicePort: {{ .Values.backend.service.port }} - {{- end }} - - path: /static - {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} - pathType: Prefix - {{- end }} - backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ include "impress.backend.fullname" . }} - port: - number: {{ .Values.backend.service.port }} - {{- else }} - serviceName: {{ include "impress.backend.fullname" . }} - servicePort: {{ .Values.backend.service.port }} - {{- end }} - {{- end }} - {{- range .Values.ingressAdmin.hosts }} - - host: {{ . | quote }} - http: - paths: - - path: {{ $.Values.ingressAdmin.path | quote }} - {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} - pathType: Prefix - {{- end }} - backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ include "impress.backend.fullname" $ }} - port: - number: {{ $.Values.backend.service.port }} - {{- else }} - serviceName: {{ include "impress.backend.fullname" $ }} - servicePort: {{ $.Values.backend.service.port }} - {{- end }} - {{- end }} -{{- end }} - diff --git a/src/helm/impress/templates/ingress_media.yaml b/src/helm/impress/templates/ingress_media.yaml deleted file mode 100644 index 331753a8..00000000 --- a/src/helm/impress/templates/ingress_media.yaml +++ /dev/null @@ -1,83 +0,0 @@ -{{- if .Values.ingressMedia.enabled -}} -{{- $fullName := include "impress.fullname" . -}} -{{- if and .Values.ingressMedia.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} - {{- if not (hasKey .Values.ingressMedia.annotations "kubernetes.io/ingress.class") }} - {{- $_ := set .Values.ingressMedia.annotations "kubernetes.io/ingress.class" .Values.ingressMedia.className}} - {{- end }} -{{- end }} -{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1 -{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1beta1 -{{- else -}} -apiVersion: extensions/v1beta1 -{{- end }} -kind: Ingress -metadata: - name: {{ $fullName }}-media - namespace: {{ .Release.Namespace | quote }} - labels: - {{- include "impress.labels" . | nindent 4 }} - {{- with .Values.ingressMedia.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - {{- if and .Values.ingressMedia.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} - ingressClassName: {{ .Values.ingressMedia.className }} - {{- end }} - {{- if .Values.ingressMedia.tls.enabled }} - tls: - {{- if .Values.ingressMedia.host }} - - secretName: {{ $fullName }}-tls - hosts: - - {{ .Values.ingressMedia.host | quote }} - {{- end }} - {{- range .Values.ingressMedia.tls.additional }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} - {{- end }} - rules: - {{- if .Values.ingressMedia.host }} - - host: {{ .Values.ingressMedia.host | quote }} - http: - paths: - - path: {{ .Values.ingressMedia.path | quote }} - {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} - pathType: Prefix - {{- end }} - backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ $fullName }}-media - port: - number: {{ .Values.serviceMedia.port }} - {{- else }} - serviceName: {{ $fullName }}-media - servicePort: {{ .Values.serviceMedia.port }} - {{- end }} - {{- end }} - {{- range .Values.ingressMedia.hosts }} - - host: {{ . | quote }} - http: - paths: - - path: {{ $.Values.ingressMedia.path | quote }} - {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} - pathType: Prefix - {{- end }} - backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ $fullName }}-media - port: - number: {{ .Values.serviceMedia.port }} - {{- else }} - serviceName: {{ $fullName }}-media - servicePort: {{ .Values.serviceMedia.port }} - {{- end }} - {{- end }} -{{- end }} diff --git a/src/helm/impress/templates/ingress_ws.yaml b/src/helm/impress/templates/ingress_ws.yaml deleted file mode 100644 index 363c9439..00000000 --- a/src/helm/impress/templates/ingress_ws.yaml +++ /dev/null @@ -1,72 +0,0 @@ -{{- if .Values.ingressWS.enabled -}} -{{- $fullName := include "impress.fullname" . -}} -{{- if and .Values.ingressWS.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} - {{- if not (hasKey .Values.ingressWS.annotations "kubernetes.io/ingress.class") }} - {{- $_ := set .Values.ingressWS.annotations "kubernetes.io/ingress.class" .Values.ingressWS.className}} - {{- end }} -{{- end }} -{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1 -{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1beta1 -{{- else -}} -apiVersion: extensions/v1beta1 -{{- end }} -kind: Ingress -metadata: - name: {{ $fullName }}-ws - namespace: {{ .Release.Namespace | quote }} - labels: - {{- include "impress.labels" . | nindent 4 }} - {{- with .Values.ingressWS.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - {{- if and .Values.ingressWS.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} - ingressClassName: {{ .Values.ingressWS.className }} - {{- end }} - {{- if .Values.ingressWS.tls.enabled }} - tls: - {{- if .Values.ingressWS.host }} - - secretName: {{ $fullName }}-tls - hosts: - - {{ .Values.ingressWS.host | quote }} - {{- end }} - {{- range .Values.ingressWS.tls.additional }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} - {{- end }} - rules: - {{- if .Values.ingressWS.host }} - - host: {{ .Values.ingressWS.host | quote }} - http: - paths: - - path: {{ .Values.ingressWS.path | quote }} - {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} - pathType: ImplementationSpecific - {{- end }} - backend: - service: - name: {{ include "impress.yProvider.fullname" . }} - port: - number: {{ .Values.yProvider.service.port }} - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ include "impress.yProvider.fullname" . }} - port: - number: {{ .Values.yProvider.service.port }} - {{- else }} - serviceName: {{ include "impress.yProvider.fullname" . }} - servicePort: {{ .Values.yProvider.service.port }} - {{- end }} - {{- with .Values.ingressWS.customBackends }} - {{- toYaml . | nindent 10 }} - {{- end }} - {{- end }} -{{- end }} - diff --git a/src/helm/impress/templates/media_svc.yaml b/src/helm/impress/templates/media_svc.yaml deleted file mode 100644 index dc7bf035..00000000 --- a/src/helm/impress/templates/media_svc.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{- $fullName := include "impress.fullname" . -}} -{{- $component := "media" -}} -apiVersion: v1 -kind: Service -metadata: - name: {{ $fullName }}-media - namespace: {{ .Release.Namespace | quote }} - labels: - {{- include "impress.common.labels" (list . $component) | nindent 4 }} - annotations: - {{- toYaml $.Values.serviceMedia.annotations | nindent 4 }} -spec: - type: ExternalName - externalName: {{ $.Values.serviceMedia.host }} diff --git a/src/helm/impress/templates/secrets.yaml b/src/helm/impress/templates/secrets.yaml deleted file mode 100644 index c308fca8..00000000 --- a/src/helm/impress/templates/secrets.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: backend - namespace: {{ .Release.Namespace | quote }} - annotations: - "helm.sh/hook": pre-install,pre-upgrade - "helm.sh/hook-weight": "-5" - "helm.sh/hook-delete-policy": before-hook-creation -stringData: - DJANGO_SUPERUSER_EMAIL: {{ .Values.djangoSuperUserEmail }} - DJANGO_SUPERUSER_PASSWORD: {{ .Values.djangoSuperUserPass }} - DJANGO_SECRET_KEY: {{ .Values.djangoSecretKey }} -{{- if .Values.djangoEmailHostUser }} - DJANGO_EMAIL_HOST_USER: {{ .Values.djangoEmailHostUser }} -{{- end }} -{{- if .Values.djangoEmailHostPassword }} - DJANGO_EMAIL_HOST_PASSWORD: {{ .Values.djangoEmailHostPassword }} -{{- end }} - OIDC_RP_CLIENT_ID: {{ .Values.oidc.clientId }} - OIDC_RP_CLIENT_SECRET: {{ .Values.oidc.clientSecret }} - AI_API_KEY: {{ .Values.aiApiKey }} - AI_BASE_URL: {{ .Values.aiBaseUrl }} diff --git a/src/helm/impress/templates/yprovider_deployment.yaml b/src/helm/impress/templates/yprovider_deployment.yaml deleted file mode 100644 index f54c7f16..00000000 --- a/src/helm/impress/templates/yprovider_deployment.yaml +++ /dev/null @@ -1,136 +0,0 @@ -{{- $envVars := include "impress.common.env" (list . .Values.yProvider) -}} -{{- $fullName := include "impress.yProvider.fullname" . -}} -{{- $component := "yProvider" -}} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ $fullName }} - namespace: {{ .Release.Namespace | quote }} - labels: - {{- include "impress.common.labels" (list . $component) | nindent 4 }} -spec: - replicas: {{ .Values.yProvider.replicas }} - selector: - matchLabels: - {{- include "impress.common.selectorLabels" (list . $component) | nindent 6 }} - template: - metadata: - annotations: - {{- with .Values.yProvider.podAnnotations }} - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "impress.common.selectorLabels" (list . $component) | nindent 8 }} - spec: - {{- if $.Values.image.credentials }} - imagePullSecrets: - - name: {{ include "impress.secret.dockerconfigjson.name" (dict "fullname" (include "impress.fullname" .) "imageCredentials" $.Values.image.credentials) }} - {{- end}} - shareProcessNamespace: {{ .Values.yProvider.shareProcessNamespace }} - containers: - {{- with .Values.yProvider.sidecars }} - {{- toYaml . | nindent 8 }} - {{- end }} - - name: {{ .Chart.Name }} - image: "{{ (.Values.yProvider.image | default dict).repository | default .Values.image.repository }}:{{ (.Values.yProvider.image | default dict).tag | default .Values.image.tag }}" - imagePullPolicy: {{ (.Values.yProvider.image | default dict).pullPolicy | default .Values.image.pullPolicy }} - {{- with .Values.yProvider.command }} - command: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.yProvider.args }} - args: - {{- toYaml . | nindent 12 }} - {{- end }} - env: - {{- if $envVars}} - {{- $envVars | indent 12 }} - {{- end }} - {{- with .Values.yProvider.securityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - ports: - - name: http - containerPort: {{ .Values.yProvider.service.targetPort }} - protocol: TCP - {{- if .Values.yProvider.probes.liveness }} - livenessProbe: - {{- include "impress.probes.abstract" (merge .Values.yProvider.probes.liveness (dict "targetPort" .Values.yProvider.service.targetPort )) | nindent 12 }} - {{- end }} - {{- if .Values.yProvider.probes.readiness }} - readinessProbe: - {{- include "impress.probes.abstract" (merge .Values.yProvider.probes.readiness (dict "targetPort" .Values.yProvider.service.targetPort )) | nindent 12 }} - {{- end }} - {{- if .Values.yProvider.probes.startup }} - startupProbe: - {{- include "impress.probes.abstract" (merge .Values.yProvider.probes.startup (dict "targetPort" .Values.yProvider.service.targetPort )) | nindent 12 }} - {{- end }} - {{- with .Values.yProvider.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - volumeMounts: - {{- range $index, $value := .Values.mountFiles }} - - name: "files-{{ $index }}" - mountPath: {{ $value.path }} - subPath: content - {{- end }} - {{- range $name, $volume := .Values.yProvider.persistence }} - - name: "{{ $name }}" - mountPath: "{{ $volume.mountPath }}" - {{- end }} - {{- range .Values.yProvider.extraVolumeMounts }} - - name: {{ .name }} - mountPath: {{ .mountPath }} - subPath: {{ .subPath | default "" }} - readOnly: {{ .readOnly }} - {{- end }} - {{- with .Values.yProvider.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.yProvider.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.yProvider.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - volumes: - {{- range $index, $value := .Values.mountFiles }} - - name: "files-{{ $index }}" - configMap: - name: "{{ include "impress.fullname" $ }}-files-{{ $index }}" - {{- end }} - {{- range $name, $volume := .Values.yProvider.persistence }} - - name: "{{ $name }}" - {{- if eq $volume.type "emptyDir" }} - emptyDir: {} - {{- else }} - persistentVolumeClaim: - claimName: "{{ $fullName }}-{{ $name }}" - {{- end }} - {{- end }} - {{- range .Values.yProvider.extraVolumes }} - - name: {{ .name }} - {{- if .existingClaim }} - persistentVolumeClaim: - claimName: {{ .existingClaim }} - {{- else if .hostPath }} - hostPath: - {{ toYaml .hostPath | nindent 12 }} - {{- else if .csi }} - csi: - {{- toYaml .csi | nindent 12 }} - {{- else if .configMap }} - configMap: - {{- toYaml .configMap | nindent 12 }} - {{- else if .emptyDir }} - emptyDir: - {{- toYaml .emptyDir | nindent 12 }} - {{- else }} - emptyDir: {} - {{- end }} - {{- end }} diff --git a/src/helm/impress/templates/yprovider_svc.yaml b/src/helm/impress/templates/yprovider_svc.yaml deleted file mode 100644 index 4b2e7d6b..00000000 --- a/src/helm/impress/templates/yprovider_svc.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- $envVars := include "impress.common.env" (list . .Values.yProvider) -}} -{{- $fullName := include "impress.yProvider.fullname" . -}} -{{- $component := "yProvider" -}} -apiVersion: v1 -kind: Service -metadata: - name: {{ $fullName }} - namespace: {{ .Release.Namespace | quote }} - labels: - {{- include "impress.common.labels" (list . $component) | nindent 4 }} - annotations: - {{- toYaml $.Values.yProvider.service.annotations | nindent 4 }} -spec: - type: {{ .Values.yProvider.service.type }} - ports: - - port: {{ .Values.yProvider.service.port }} - targetPort: {{ .Values.yProvider.service.targetPort }} - protocol: TCP - name: http - selector: - {{- include "impress.common.selectorLabels" (list . $component) | nindent 4 }} diff --git a/src/helm/impress/values.yaml b/src/helm/impress/values.yaml deleted file mode 100644 index 0a27ed26..00000000 --- a/src/helm/impress/values.yaml +++ /dev/null @@ -1,415 +0,0 @@ -# Default values for impress. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -## @section General configuration - -## @param image.repository Repository to use to pull impress's container image -## @param image.tag impress's container tag -## @param image.pullPolicy Container image pull policy -## @extra image.credentials.username Username for container registry authentication -## @extra image.credentials.password Password for container registry authentication -## @extra image.credentials.registry Registry url for which the credentials are specified -## @extra image.credentials.name Name of the generated secret for imagePullSecrets -image: - repository: lasuite/impress-backend - pullPolicy: IfNotPresent - tag: "latest" - -## @param nameOverride Override the chart name -## @param fullnameOverride Override the full application name -nameOverride: "" -fullnameOverride: "" - -## @skip commonEnvVars -commonEnvVars: &commonEnvVars - <<: [] - -## @param ingress.enabled whether to enable the Ingress or not -## @param ingress.className IngressClass to use for the Ingress -## @param ingress.host Host for the Ingress -## @param ingress.path Path to use for the Ingress -ingress: - enabled: false - className: null - host: impress.example.com - path: / - ## @param ingress.hosts Additional host to configure for the Ingress - hosts: [] - # - chart-example.local - ## @param ingress.tls.enabled Wether to enable TLS for the Ingress - ## @skip ingress.tls.additional - ## @extra ingress.tls.additional[].secretName Secret name for additional TLS config - ## @extra ingress.tls.additional[].hosts[] Hosts for additional TLS config - tls: - enabled: true - additional: [] - - ## @param ingress.customBackends Add custom backends to ingress - customBackends: [] - -## @param ingressWS.enabled whether to enable the Ingress or not -## @param ingressWS.className IngressClass to use for the Ingress -## @param ingressWS.host Host for the Ingress -## @param ingressWS.path Path to use for the Ingress -ingressWS: - enabled: false - className: null - host: impress.example.com - path: /ws - ## @param ingress.hosts Additional host to configure for the Ingress - hosts: [] - # - chart-example.local - ## @param ingressWS.tls.enabled Wether to enable TLS for the Ingress - ## @skip ingressWS.tls.additional - ## @extra ingressWS.tls.additional[].secretName Secret name for additional TLS config - ## @extra ingressWS.tls.additional[].hosts[] Hosts for additional TLS config - tls: - enabled: true - additional: [] - - ## @param ingressWS.customBackends Add custom backends to ingress - customBackends: [] - - annotations: - nginx.ingress.kubernetes.io/enable-websocket: "true" - nginx.ingress.kubernetes.io/upstream-hash-by: "$request_uri" - -## @param ingressAdmin.enabled whether to enable the Ingress or not -## @param ingressAdmin.className IngressClass to use for the Ingress -## @param ingressAdmin.host Host for the Ingress -## @param ingressAdmin.path Path to use for the Ingress -ingressAdmin: - enabled: false - className: null - host: impress.example.com - path: /admin - ## @param ingressAdmin.hosts Additional host to configure for the Ingress - hosts: [ ] - # - chart-example.local - ## @param ingressAdmin.tls.enabled Wether to enable TLS for the Ingress - ## @skip ingressAdmin.tls.additional - ## @extra ingressAdmin.tls.additional[].secretName Secret name for additional TLS config - ## @extra ingressAdmin.tls.additional[].hosts[] Hosts for additional TLS config - tls: - enabled: true - additional: [] - -## @param ingressMedia.enabled whether to enable the Ingress or not -## @param ingressMedia.className IngressClass to use for the Ingress -## @param ingressMedia.host Host for the Ingress -## @param ingressMedia.path Path to use for the Ingress -ingressMedia: - enabled: false - className: null - host: impress.example.com - path: /media/(.*) - ## @param ingressMedia.hosts Additional host to configure for the Ingress - hosts: [ ] - # - chart-example.local - ## @param ingressMedia.tls.enabled Wether to enable TLS for the Ingress - ## @skip ingressMedia.tls.additional - ## @extra ingressMedia.tls.additional[].secretName Secret name for additional TLS config - ## @extra ingressMedia.tls.additional[].hosts[] Hosts for additional TLS config - tls: - enabled: true - additional: [] - - annotations: - nginx.ingress.kubernetes.io/auth-url: https://impress.example.com/api/v1.0/documents/retrieve-auth/ - nginx.ingress.kubernetes.io/auth-response-headers: "Authorization, X-Amz-Date, X-Amz-Content-SHA256" - nginx.ingress.kubernetes.io/upstream-vhost: minio.impress.svc.cluster.local:9000 - -serviceMedia: - host: minio.impress.svc.cluster.local - port: 9000 - annotations: {} - - -## @section backend - -backend: - - ## @param backend.command Override the backend container command - command: [] - - ## @param backend.args Override the backend container args - args: [] - - ## @param backend.replicas Amount of backend replicas - replicas: 3 - - ## @param backend.shareProcessNamespace Enable share process namespace between containers - shareProcessNamespace: false - - ## @param backend.sidecars Add sidecars containers to backend deployment - sidecars: [] - - ## @param backend.migrateJobAnnotations Annotations for the migrate job - migrateJobAnnotations: {} - - ## @param backend.securityContext Configure backend Pod security context - securityContext: null - - ## @param backend.envVars Configure backend container environment variables - ## @extra backend.envVars.BY_VALUE Example environment variable by setting value directly - ## @extra backend.envVars.FROM_CONFIGMAP.configMapKeyRef.name Name of a ConfigMap when configuring env vars from a ConfigMap - ## @extra backend.envVars.FROM_CONFIGMAP.configMapKeyRef.key Key within a ConfigMap when configuring env vars from a ConfigMap - ## @extra backend.envVars.FROM_SECRET.secretKeyRef.name Name of a Secret when configuring env vars from a Secret - ## @extra backend.envVars.FROM_SECRET.secretKeyRef.key Key within a Secret when configuring env vars from a Secret - ## @skip backend.envVars - envVars: - <<: *commonEnvVars - - ## @param backend.podAnnotations Annotations to add to the backend Pod - podAnnotations: {} - - ## @param backend.service.type backend Service type - ## @param backend.service.port backend Service listening port - ## @param backend.service.targetPort backend container listening port - ## @param backend.service.annotations Annotations to add to the backend Service - service: - type: ClusterIP - port: 80 - targetPort: 8000 - annotations: {} - - ## @param backend.migrate.command backend migrate command - ## @param backend.migrate.restartPolicy backend migrate job restart policy - migrate: - command: - - "python" - - "manage.py" - - "migrate" - - "--no-input" - restartPolicy: Never - - ## @param backend.probes.liveness.path [nullable] Configure path for backend HTTP liveness probe - ## @param backend.probes.liveness.targetPort [nullable] Configure port for backend HTTP liveness probe - ## @param backend.probes.liveness.initialDelaySeconds [nullable] Configure initial delay for backend liveness probe - ## @param backend.probes.liveness.initialDelaySeconds [nullable] Configure timeout for backend liveness probe - ## @param backend.probes.startup.path [nullable] Configure path for backend HTTP startup probe - ## @param backend.probes.startup.targetPort [nullable] Configure port for backend HTTP startup probe - ## @param backend.probes.startup.initialDelaySeconds [nullable] Configure initial delay for backend startup probe - ## @param backend.probes.startup.initialDelaySeconds [nullable] Configure timeout for backend startup probe - ## @param backend.probes.readiness.path [nullable] Configure path for backend HTTP readiness probe - ## @param backend.probes.readiness.targetPort [nullable] Configure port for backend HTTP readiness probe - ## @param backend.probes.readiness.initialDelaySeconds [nullable] Configure initial delay for backend readiness probe - ## @param backend.probes.readiness.initialDelaySeconds [nullable] Configure timeout for backend readiness probe - probes: - liveness: - path: /__heartbeat__ - initialDelaySeconds: 10 - readiness: - path: /__lbheartbeat__ - initialDelaySeconds: 10 - - ## @param backend.resources Resource requirements for the backend container - resources: {} - - ## @param backend.nodeSelector Node selector for the backend Pod - nodeSelector: {} - - ## @param backend.tolerations Tolerations for the backend Pod - tolerations: [] - - ## @param backend.affinity Affinity for the backend Pod - affinity: {} - - ## @param backend.persistence Additional volumes to create and mount on the backend. Used for debugging purposes - ## @extra backend.persistence.volume-name.size Size of the additional volume - ## @extra backend.persistence.volume-name.type Type of the additional volume, persistentVolumeClaim or emptyDir - ## @extra backend.persistence.volume-name.mountPath Path where the volume should be mounted to - persistence: {} - - ## @param backend.extraVolumeMounts Additional volumes to mount on the backend. - extraVolumeMounts: [] - - ## @param backend.extraVolumes Additional volumes to mount on the backend. - extraVolumes: [] - - -## @section frontend - -frontend: - ## @param frontend.image.repository Repository to use to pull impress's frontend container image - ## @param frontend.image.tag impress's frontend container tag - ## @param frontend.image.pullPolicy frontend container image pull policy - image: - repository: lasuite/impress-frontend - pullPolicy: IfNotPresent - tag: "latest" - - ## @param frontend.command Override the frontend container command - command: [] - - ## @param frontend.args Override the frontend container args - args: [] - - ## @param frontend.replicas Amount of frontend replicas - replicas: 3 - - ## @param frontend.shareProcessNamespace Enable share process namefrontend between containers - shareProcessNamespace: false - - ## @param frontend.sidecars Add sidecars containers to frontend deployment - sidecars: [] - - ## @param frontend.securityContext Configure frontend Pod security context - securityContext: null - - ## @param frontend.envVars Configure frontend container environment variables - ## @extra frontend.envVars.BY_VALUE Example environment variable by setting value directly - ## @extra frontend.envVars.FROM_CONFIGMAP.configMapKeyRef.name Name of a ConfigMap when configuring env vars from a ConfigMap - ## @extra frontend.envVars.FROM_CONFIGMAP.configMapKeyRef.key Key within a ConfigMap when configuring env vars from a ConfigMap - ## @extra frontend.envVars.FROM_SECRET.secretKeyRef.name Name of a Secret when configuring env vars from a Secret - ## @extra frontend.envVars.FROM_SECRET.secretKeyRef.key Key within a Secret when configuring env vars from a Secret - ## @skip frontend.envVars - envVars: - <<: *commonEnvVars - - ## @param frontend.podAnnotations Annotations to add to the frontend Pod - podAnnotations: {} - - ## @param frontend.service.type frontend Service type - ## @param frontend.service.port frontend Service listening port - ## @param frontend.service.targetPort frontend container listening port - ## @param frontend.service.annotations Annotations to add to the frontend Service - service: - type: ClusterIP - port: 80 - targetPort: 8080 - annotations: {} - - ## @param frontend.probes Configure probe for frontend - ## @extra frontend.probes.liveness.path Configure path for frontend HTTP liveness probe - ## @extra frontend.probes.liveness.targetPort Configure port for frontend HTTP liveness probe - ## @extra frontend.probes.liveness.initialDelaySeconds Configure initial delay for frontend liveness probe - ## @extra frontend.probes.liveness.initialDelaySeconds Configure timeout for frontend liveness probe - ## @extra frontend.probes.startup.path Configure path for frontend HTTP startup probe - ## @extra frontend.probes.startup.targetPort Configure port for frontend HTTP startup probe - ## @extra frontend.probes.startup.initialDelaySeconds Configure initial delay for frontend startup probe - ## @extra frontend.probes.startup.initialDelaySeconds Configure timeout for frontend startup probe - ## @extra frontend.probes.readiness.path Configure path for frontend HTTP readiness probe - ## @extra frontend.probes.readiness.targetPort Configure port for frontend HTTP readiness probe - ## @extra frontend.probes.readiness.initialDelaySeconds Configure initial delay for frontend readiness probe - ## @extra frontend.probes.readiness.initialDelaySeconds Configure timeout for frontend readiness probe - probes: {} - - ## @param frontend.resources Resource requirements for the frontend container - resources: {} - - ## @param frontend.nodeSelector Node selector for the frontend Pod - nodeSelector: {} - - ## @param frontend.tolerations Tolerations for the frontend Pod - tolerations: [] - - ## @param frontend.affinity Affinity for the frontend Pod - affinity: {} - - ## @param frontend.persistence Additional volumes to create and mount on the frontend. Used for debugging purposes - ## @extra frontend.persistence.volume-name.size Size of the additional volume - ## @extra frontend.persistence.volume-name.type Type of the additional volume, persistentVolumeClaim or emptyDir - ## @extra frontend.persistence.volume-name.mountPath Path where the volume should be mounted to - persistence: {} - - ## @param frontend.extraVolumeMounts Additional volumes to mount on the frontend. - extraVolumeMounts: [] - - ## @param frontend.extraVolumes Additional volumes to mount on the frontend. - extraVolumes: [] - -## @section yProvider - -yProvider: - ## @param yProvider.image.repository Repository to use to pull impress's yProvider container image - ## @param yProvider.image.tag impress's yProvider container tag - ## @param yProvider.image.pullPolicy yProvider container image pull policy - image: - repository: lasuite/impress-y-provider - pullPolicy: IfNotPresent - tag: "latest" - - ## @param yProvider.command Override the yProvider container command - command: [] - - ## @param yProvider.args Override the yProvider container args - args: [] - - ## @param yProvider.replicas Amount of yProvider replicas - replicas: 3 - - ## @param yProvider.shareProcessNamespace Enable share process nameyProvider between containers - shareProcessNamespace: false - - ## @param yProvider.sidecars Add sidecars containers to yProvider deployment - sidecars: [] - - ## @param yProvider.securityContext Configure yProvider Pod security context - securityContext: null - - ## @param yProvider.envVars Configure yProvider container environment variables - ## @extra yProvider.envVars.BY_VALUE Example environment variable by setting value directly - ## @extra yProvider.envVars.FROM_CONFIGMAP.configMapKeyRef.name Name of a ConfigMap when configuring env vars from a ConfigMap - ## @extra yProvider.envVars.FROM_CONFIGMAP.configMapKeyRef.key Key within a ConfigMap when configuring env vars from a ConfigMap - ## @extra yProvider.envVars.FROM_SECRET.secretKeyRef.name Name of a Secret when configuring env vars from a Secret - ## @extra yProvider.envVars.FROM_SECRET.secretKeyRef.key Key within a Secret when configuring env vars from a Secret - ## @skip yProvider.envVars - envVars: - <<: *commonEnvVars - - ## @param yProvider.podAnnotations Annotations to add to the yProvider Pod - podAnnotations: {} - - ## @param yProvider.service.type yProvider Service type - ## @param yProvider.service.port yProvider Service listening port - ## @param yProvider.service.targetPort yProvider container listening port - ## @param yProvider.service.annotations Annotations to add to the yProvider Service - service: - type: ClusterIP - port: 443 - targetPort: 4444 - annotations: {} - - ## @param yProvider.probes Configure probe for yProvider - ## @extra yProvider.probes.liveness.path Configure path for yProvider HTTP liveness probe - ## @extra yProvider.probes.liveness.targetPort Configure port for yProvider HTTP liveness probe - ## @extra yProvider.probes.liveness.initialDelaySeconds Configure initial delay for yProvider liveness probe - ## @extra yProvider.probes.liveness.initialDelaySeconds Configure timeout for yProvider liveness probe - ## @extra yProvider.probes.startup.path Configure path for yProvider HTTP startup probe - ## @extra yProvider.probes.startup.targetPort Configure port for yProvider HTTP startup probe - ## @extra yProvider.probes.startup.initialDelaySeconds Configure initial delay for yProvider startup probe - ## @extra yProvider.probes.startup.initialDelaySeconds Configure timeout for yProvider startup probe - ## @extra yProvider.probes.readiness.path Configure path for yProvider HTTP readiness probe - ## @extra yProvider.probes.readiness.targetPort Configure port for yProvider HTTP readiness probe - ## @extra yProvider.probes.readiness.initialDelaySeconds Configure initial delay for yProvider readiness probe - ## @extra yProvider.probes.readiness.initialDelaySeconds Configure timeout for yProvider readiness probe - probes: - liveness: - path: /ping - initialDelaySeconds: 10 - - ## @param yProvider.resources Resource requirements for the yProvider container - resources: {} - - ## @param yProvider.nodeSelector Node selector for the yProvider Pod - nodeSelector: {} - - ## @param yProvider.tolerations Tolerations for the yProvider Pod - tolerations: [] - - ## @param yProvider.affinity Affinity for the yProvider Pod - affinity: {} - - ## @param yProvider.persistence Additional volumes to create and mount on the yProvider. Used for debugging purposes - ## @extra yProvider.persistence.volume-name.size Size of the additional volume - ## @extra yProvider.persistence.volume-name.type Type of the additional volume, persistentVolumeClaim or emptyDir - ## @extra yProvider.persistence.volume-name.mountPath Path where the volume should be mounted to - persistence: {} - - ## @param yProvider.extraVolumeMounts Additional volumes to mount on the yProvider. - extraVolumeMounts: [] - - ## @param yProvider.extraVolumes Additional volumes to mount on the yProvider. - extraVolumes: [] \ No newline at end of file