🚚(helm) add posthog proxy

To contourn ads blocker, we add a proxy to the
posthog service. This way, we can access the
service from the same domain as the frontend.

CHANGELOG.md

@@ -12,6 +12,8 @@ and this project adheres to
 ## Added
 
 - github actions to managed Crowdin workflow
+- 📈Integrate Posthog #540
+
 
 ## Changed
 

docs/examples/impress.values.yaml

@@ -40,6 +40,7 @@ backend:
     LOGIN_REDIRECT_URL: https://impress.127.0.0.1.nip.io
     LOGIN_REDIRECT_URL_FAILURE: https://impress.127.0.0.1.nip.io
     LOGOUT_REDIRECT_URL: https://impress.127.0.0.1.nip.io
+    POSTHOG_KEY: "{'id': 'posthog_key', 'host': 'https://product.impress.127.0.0.1.nip.io'}"
     DB_HOST: postgresql
     DB_NAME: impress
     DB_USER: dinum
@@ -121,6 +122,12 @@ yProvider:
     COLLABORATION_SERVER_SECRET: my-secret
     Y_PROVIDER_API_KEY: my-secret
 
+posthog:
+  ingress:
+    enabled: false
+  ingressAssets:
+    enabled: false
+
 ingress:
   enabled: true
   host: impress.127.0.0.1.nip.io

src/helm/env.d/dev/values.impress.yaml.gotmpl

@@ -148,6 +148,13 @@ ingressAdmin:
   enabled: true
   host: impress.127.0.0.1.nip.io
 
+posthog:
+  ingress:
+    enabled: false
+
+  ingressAssets:
+    enabled: false
+
 ingressMedia:
   enabled: true
   host: impress.127.0.0.1.nip.io

src/helm/impress/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v2
 type: application
 name: docs
-version: 0.0.2
+version: 2.0.1-beta.7
 appVersion: latest

src/helm/impress/README.md

@@ -176,6 +176,37 @@
 | `frontend.extraVolumeMounts`                           | Additional volumes to mount on the frontend.                                        | `[]`                       |
 | `frontend.extraVolumes`                                | Additional volumes to mount on the frontend.                                        | `[]`                       |
 
+### posthog
+
+| Name                                   | Description                                                 | Value                     |
+| -------------------------------------- | ----------------------------------------------------------- | ------------------------- |
+| `posthog.ingress.enabled`              | Enable or disable the ingress resource creation             | `false`                   |
+| `posthog.ingress.className`            | Kubernetes ingress class name to use (e.g., nginx, traefik) | `nil`                     |
+| `posthog.ingress.host`                 | Primary hostname for the ingress resource                   | `impress.example.com`     |
+| `posthog.ingress.path`                 | URL path prefix for the ingress routes (e.g., /)            | `/`                       |
+| `posthog.ingress.hosts`                | Additional hostnames array to be included in the ingress    | `[]`                      |
+| `posthog.ingress.tls.enabled`          | Enable or disable TLS/HTTPS for the ingress                 | `true`                    |
+| `posthog.ingress.tls.additional`       | Additional TLS configurations for extra hosts/certificates  | `[]`                      |
+| `posthog.ingress.customBackends`       | Custom backend service configurations for the ingress       | `[]`                      |
+| `posthog.ingress.annotations`          | Additional Kubernetes annotations to apply to the ingress   | `{}`                      |
+| `posthog.ingressAssets.enabled`        | Enable or disable the ingress resource creation             | `false`                   |
+| `posthog.ingressAssets.className`      | Kubernetes ingress class name to use (e.g., nginx, traefik) | `nil`                     |
+| `posthog.ingressAssets.host`           | Primary hostname for the ingress resource                   | `impress.example.com`     |
+| `posthog.ingressAssets.paths`          | URL paths prefix for the ingress routes (e.g., /static)     | `["/static","/array"]`    |
+| `posthog.ingressAssets.hosts`          | Additional hostnames array to be included in the ingress    | `[]`                      |
+| `posthog.ingressAssets.tls.enabled`    | Enable or disable TLS/HTTPS for the ingress                 | `true`                    |
+| `posthog.ingressAssets.tls.additional` | Additional TLS configurations for extra hosts/certificates  | `[]`                      |
+| `posthog.ingressAssets.customBackends` | Custom backend service configurations for the ingress       | `[]`                      |
+| `posthog.ingressAssets.annotations`    | Additional Kubernetes annotations to apply to the ingress   | `{}`                      |
+| `posthog.service.type`                 | Service type (e.g. ExternalName, ClusterIP, LoadBalancer)   | `ExternalName`            |
+| `posthog.service.externalName`         | External service hostname when type is ExternalName         | `eu.i.posthog.com`        |
+| `posthog.service.port`                 | Port number for the service                                 | `443`                     |
+| `posthog.service.annotations`          | Additional annotations to apply to the service              | `{}`                      |
+| `posthog.assetsService.type`           | Service type (e.g. ExternalName, ClusterIP, LoadBalancer)   | `ExternalName`            |
+| `posthog.assetsService.externalName`   | External service hostname when type is ExternalName         | `eu-assets.i.posthog.com` |
+| `posthog.assetsService.port`           | Port number for the service                                 | `443`                     |
+| `posthog.assetsService.annotations`    | Additional annotations to apply to the service              | `{}`                      |
+
 ### yProvider
 
 | Name                                                    | Description                                                                          | Value                        |

src/helm/impress/templates/_helpers.tpl

@@ -148,6 +148,15 @@ Requires top level scope
 {{ include "impress.fullname" . }}-frontend
 {{- end }}
 
+{{/*
+Full name for the Posthog
+
+Requires top level scope
+*/}}
+{{- define "impress.posthog.fullname" -}}
+{{ include "impress.fullname" . }}-posthog
+{{- end }}
+
 {{/*
 Full name for the yProvider
 

src/helm/impress/templates/ingress_posthog.yaml

@@ -0,0 +1,86 @@
+{{- if .Values.posthog.ingress.enabled -}}
+{{- $fullName := include "impress.fullname" . -}}
+{{- if and .Values.posthog.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
+  {{- if not (hasKey .Values.posthog.ingress.annotations "kubernetes.io/ingress.class") }}
+  {{- $_ := set .Values.posthog.ingress.annotations "kubernetes.io/ingress.class" .Values.posthog.ingress.className}}
+  {{- end }}
+{{- end }}
+{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1
+{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1beta1
+{{- else -}}
+apiVersion: extensions/v1beta1
+{{- end }}
+kind: Ingress
+metadata:
+  name: {{ $fullName }}-posthog
+  namespace: {{ .Release.Namespace | quote }}
+  labels:
+    {{- include "impress.labels" . | nindent 4 }}
+  {{- with .Values.posthog.ingress.annotations }}
+  annotations:
+  {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if and .Values.posthog.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
+  ingressClassName: {{ .Values.posthog.ingress.className }}
+  {{- end }}
+  {{- if .Values.posthog.ingress.tls.enabled }}
+  tls:
+    {{- if .Values.posthog.ingress.host }}
+    - secretName: {{ $fullName }}-posthog-tls
+      hosts:
+        - {{ .Values.posthog.ingress.host | quote }}
+    {{- end }}
+    {{- range .Values.posthog.ingress.tls.additional }}
+    - hosts:
+        {{- range .hosts }}
+        - {{ . | quote }}
+        {{- end }}
+      secretName: {{ .secretName }}
+    {{- end }}
+  {{- end }}
+  rules:
+    {{- if .Values.posthog.ingress.host }}
+    - host: {{ .Values.posthog.ingress.host | quote }}
+      http:
+        paths:
+          - path: {{ .Values.posthog.ingress.path }}
+            {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
+            pathType: Prefix
+            {{- end }}
+            backend:
+              {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
+              service:
+                name: {{ include "impress.posthog.fullname" . }}-proxy
+                port:
+                  number: {{ .Values.posthog.service.port }}
+              {{- else }}
+              serviceName: {{ include "impress.posthog.fullname" . }}-proxy
+              servicePort: {{ .Values.posthog.service.port }}
+            {{- end }}
+    {{- end }}
+    {{- range .Values.posthog.ingress.hosts }}
+    - host: {{ . | quote }}
+      http:
+        paths:
+          - path: {{ $.Values.posthog.ingress.path | quote }}
+          {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
+            pathType: Prefix
+          {{- end }}
+            backend:
+            {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
+              service:
+                name: {{ include "impress.posthog.fullname" . }}-proxy
+                port:
+                  number: {{ $.Values.posthog.service.port }}
+            {{- else }}
+              serviceName: {{ include "impress.posthog.fullname" . }}-proxy
+              servicePort: {{ $.Values.posthog.service.port }}
+          {{- end }}
+        {{- with $.Values.posthog.service.customBackends }}
+          {{- toYaml . | nindent 10 }}
+        {{- end }}
+  {{- end }}
+{{- end }}

src/helm/impress/templates/ingress_posthog_assets.yaml

@@ -0,0 +1,66 @@
+{{- if .Values.posthog.ingressAssets.enabled -}}
+{{- $fullName := include "impress.fullname" . -}}
+{{- if and .Values.posthog.ingressAssets.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
+  {{- if not (hasKey .Values.posthog.ingressAssets.annotations "kubernetes.io/ingress.class") }}
+  {{- $_ := set .Values.posthog.ingressAssets.annotations "kubernetes.io/ingress.class" .Values.posthog.ingressAssets.className}}
+  {{- end }}
+{{- end }}
+{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1
+{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1beta1
+{{- else -}}
+apiVersion: extensions/v1beta1
+{{- end }}
+kind: Ingress
+metadata:
+  name: {{ $fullName }}-posthog-assets
+  namespace: {{ .Release.Namespace | quote }}
+  labels:
+    {{- include "impress.labels" . | nindent 4 }}
+  {{- with .Values.posthog.ingressAssets.annotations }}
+  annotations:
+  {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if and .Values.posthog.ingressAssets.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
+  ingressClassName: {{ .Values.posthog.ingressAssets.className }}
+  {{- end }}
+  {{- if .Values.posthog.ingressAssets.tls.enabled }}
+  tls:
+    {{- if .Values.posthog.ingressAssets.host }}
+    - secretName: {{ $fullName }}-posthog-tls
+      hosts:
+        - {{ .Values.posthog.ingressAssets.host | quote }}
+    {{- end }}
+    {{- range .Values.posthog.ingressAssets.tls.additional }}
+    - hosts:
+        {{- range .hosts }}
+        - {{ . | quote }}
+        {{- end }}
+      secretName: {{ .secretName }}
+    {{- end }}
+  {{- end }}
+  rules:
+    {{- if .Values.posthog.ingressAssets.host }}
+    - host: {{ .Values.posthog.ingressAssets.host | quote }}
+      http:
+        paths:
+          {{- range .Values.posthog.ingressAssets.paths }}
+          - path: {{ . | quote }}
+            {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
+            pathType: Prefix
+            {{- end }}
+            backend:
+              {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
+              service:
+                name: {{ include "impress.posthog.fullname" $ }}-assets-proxy
+                port:
+                  number: {{ $.Values.posthog.assetsService.port }}
+              {{- else }}
+              serviceName: {{ include "impress.posthog.fullname" $ }}-assets-proxy
+              servicePort: {{ $.Values.posthog.assetsService.port }}
+              {{- end }}
+          {{- end }}
+    {{- end }}
+{{- end }}

src/helm/impress/templates/posthog_assets_svc.yaml

@@ -0,0 +1,24 @@
+{{- if .Values.posthog.ingressAssets.enabled -}}
+{{- $envVars := include "impress.common.env" (list . .Values.posthog) -}}
+{{- $fullName := include "impress.posthog.fullname" . -}}
+{{- $component := "posthog" -}}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ $fullName }}-assets-proxy
+  namespace: {{ .Release.Namespace | quote }}
+  labels:
+    {{- include "impress.common.labels" (list . $component) | nindent 4 }}
+  annotations:
+    {{- toYaml $.Values.posthog.assetsService.annotations | nindent 4 }}
+spec:
+  type: {{ .Values.posthog.assetsService.type }}
+  externalName: {{ .Values.posthog.assetsService.externalName }}
+  ports:
+    - port: {{ .Values.posthog.assetsService.port }}
+      targetPort: {{ .Values.posthog.assetsService.targetPort }}
+      protocol: TCP
+      name: https
+  selector:
+    {{- include "impress.common.selectorLabels" (list . $component) | nindent 4 }}
+{{- end }}

src/helm/impress/templates/posthog_svc.yaml

@@ -0,0 +1,24 @@
+{{- if .Values.posthog.ingress.enabled -}}
+{{- $envVars := include "impress.common.env" (list . .Values.posthog) -}}
+{{- $fullName := include "impress.posthog.fullname" . -}}
+{{- $component := "posthog" -}}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ $fullName }}-proxy
+  namespace: {{ .Release.Namespace | quote }}
+  labels:
+    {{- include "impress.common.labels" (list . $component) | nindent 4 }}
+  annotations:
+    {{- toYaml $.Values.posthog.service.annotations | nindent 4 }}
+spec:
+  type: {{ .Values.posthog.service.type }}
+  externalName: {{ .Values.posthog.service.externalName }}
+  ports:
+    - port: {{ .Values.posthog.service.port }}
+      targetPort: {{ .Values.posthog.service.targetPort }}
+      protocol: TCP
+      name: https
+  selector:
+    {{- include "impress.common.selectorLabels" (list . $component) | nindent 4 }}
+{{- end }}

src/helm/impress/values.yaml

@@ -390,6 +390,77 @@ frontend:
   ## @param frontend.extraVolumes Additional volumes to mount on the frontend.
   extraVolumes: []
 
+## @section posthog
+
+posthog:
+
+  ## @param posthog.ingress.enabled Enable or disable the ingress resource creation
+  ## @param posthog.ingress.className Kubernetes ingress class name to use (e.g., nginx, traefik)
+  ## @param posthog.ingress.host Primary hostname for the ingress resource
+  ## @param posthog.ingress.path URL path prefix for the ingress routes (e.g., /)
+  ## @param posthog.ingress.hosts Additional hostnames array to be included in the ingress
+  ## @param posthog.ingress.tls.enabled Enable or disable TLS/HTTPS for the ingress
+  ## @param posthog.ingress.tls.additional Additional TLS configurations for extra hosts/certificates
+  ## @param posthog.ingress.customBackends Custom backend service configurations for the ingress
+  ## @param posthog.ingress.annotations Additional Kubernetes annotations to apply to the ingress
+  ingress:
+    enabled: false
+    className: null
+    host: impress.example.com
+    path: /
+    hosts: [ ]
+    tls:
+      enabled: true
+      additional: [ ]
+
+    customBackends: [ ]
+    annotations: {}
+
+  ## @param posthog.ingressAssets.enabled Enable or disable the ingress resource creation
+  ## @param posthog.ingressAssets.className Kubernetes ingress class name to use (e.g., nginx, traefik)
+  ## @param posthog.ingressAssets.host Primary hostname for the ingress resource
+  ## @param posthog.ingressAssets.paths URL paths prefix for the ingress routes (e.g., /static)
+  ## @param posthog.ingressAssets.hosts Additional hostnames array to be included in the ingress
+  ## @param posthog.ingressAssets.tls.enabled Enable or disable TLS/HTTPS for the ingress
+  ## @param posthog.ingressAssets.tls.additional Additional TLS configurations for extra hosts/certificates
+  ## @param posthog.ingressAssets.customBackends Custom backend service configurations for the ingress
+  ## @param posthog.ingressAssets.annotations Additional Kubernetes annotations to apply to the ingress
+  ingressAssets:
+    enabled: false
+    className: null
+    host: impress.example.com
+    paths:
+    - /static
+    - /array
+    hosts: [ ]
+    tls:
+      enabled: true
+      additional: [ ]
+
+    customBackends: [ ]
+    annotations: {}
+
+  ## @param posthog.service.type Service type (e.g. ExternalName, ClusterIP, LoadBalancer)
+  ## @param posthog.service.externalName External service hostname when type is ExternalName
+  ## @param posthog.service.port Port number for the service
+  ## @param posthog.service.annotations Additional annotations to apply to the service
+  service:
+    type: ExternalName
+    externalName: eu.i.posthog.com
+    port: 443
+    annotations: {}
+
+  ## @param posthog.assetsService.type Service type (e.g. ExternalName, ClusterIP, LoadBalancer)
+  ## @param posthog.assetsService.externalName External service hostname when type is ExternalName
+  ## @param posthog.assetsService.port Port number for the service
+  ## @param posthog.assetsService.annotations Additional annotations to apply to the service
+  assetsService:
+    type: ExternalName
+    externalName: eu-assets.i.posthog.com
+    port: 443
+    annotations: {}
+
+
 ## @section yProvider
 
 yProvider: