From c3da28b07f4a5f064ed82838cb9da00750cee402 Mon Sep 17 00:00:00 2001 From: Samuel Paccoud - DINUM Date: Fri, 8 Nov 2024 19:25:09 +0100 Subject: [PATCH] =?UTF-8?q?=E2=8F=AA=EF=B8=8F(helm)=20bring=20back=20helm?= =?UTF-8?q?=20chart?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is a revert of 1da5a removing actual deployments and keeping only the dev environment in Tilt. The clean-up was a bit heavy handed. We should keep the Helm chart to the development repository and move away only the deployment configuration. --- .github/workflows/docker-hub.yml | 3 + .github/workflows/helmfile-linter.yaml | 22 + src/helm/env.d/dev/secrets.enc.yaml | 62 +++ src/helm/env.d/dev/values.impress.yaml.gotmpl | 120 +++++ src/helm/extra/Chart.yaml | 5 + src/helm/extra/templates/keydb.yaml | 7 + src/helm/extra/templates/postgresql.yaml | 7 + src/helm/extra/templates/s3.yaml | 8 + src/helm/helmfile.yaml | 67 +++ src/helm/impress/Chart.yaml | 4 + src/helm/impress/README.md | 128 ++++++ src/helm/impress/generate-readme.sh | 10 + src/helm/impress/templates/_helpers.tpl | 184 ++++++++ .../impress/templates/backend_deployment.yaml | 136 ++++++ src/helm/impress/templates/backend_job.yaml | 122 +++++ .../backend_job_createsuperuser.yaml | 122 +++++ src/helm/impress/templates/backend_svc.yaml | 21 + .../templates/frontend_deployment.yaml | 136 ++++++ src/helm/impress/templates/frontend_svc.yaml | 21 + src/helm/impress/templates/ingress.yaml | 118 +++++ src/helm/impress/templates/ingress_admin.yaml | 98 +++++ src/helm/impress/templates/ingress_media.yaml | 83 ++++ src/helm/impress/templates/ingress_ws.yaml | 72 +++ src/helm/impress/templates/media_svc.yaml | 14 + src/helm/impress/templates/secrets.yaml | 23 + .../templates/yprovider_deployment.yaml | 136 ++++++ src/helm/impress/templates/yprovider_svc.yaml | 21 + src/helm/impress/values.yaml | 415 ++++++++++++++++++ 28 files changed, 2165 insertions(+) create mode 100644 .github/workflows/helmfile-linter.yaml create mode 100644 src/helm/env.d/dev/secrets.enc.yaml create mode 100644 src/helm/env.d/dev/values.impress.yaml.gotmpl create mode 100644 src/helm/extra/Chart.yaml create mode 100644 src/helm/extra/templates/keydb.yaml create mode 100644 src/helm/extra/templates/postgresql.yaml create mode 100644 src/helm/extra/templates/s3.yaml create mode 100644 src/helm/helmfile.yaml create mode 100644 src/helm/impress/Chart.yaml create mode 100644 src/helm/impress/README.md create mode 100644 src/helm/impress/generate-readme.sh create mode 100644 src/helm/impress/templates/_helpers.tpl create mode 100644 src/helm/impress/templates/backend_deployment.yaml create mode 100644 src/helm/impress/templates/backend_job.yaml create mode 100644 src/helm/impress/templates/backend_job_createsuperuser.yaml create mode 100644 src/helm/impress/templates/backend_svc.yaml create mode 100644 src/helm/impress/templates/frontend_deployment.yaml create mode 100644 src/helm/impress/templates/frontend_svc.yaml create mode 100644 src/helm/impress/templates/ingress.yaml create mode 100644 src/helm/impress/templates/ingress_admin.yaml create mode 100644 src/helm/impress/templates/ingress_media.yaml create mode 100644 src/helm/impress/templates/ingress_ws.yaml create mode 100644 src/helm/impress/templates/media_svc.yaml create mode 100644 src/helm/impress/templates/secrets.yaml create mode 100644 src/helm/impress/templates/yprovider_deployment.yaml create mode 100644 src/helm/impress/templates/yprovider_svc.yaml create mode 100644 src/helm/impress/values.yaml diff --git a/.github/workflows/docker-hub.yml b/.github/workflows/docker-hub.yml index 7b07a3c4..6c9dbe72 100644 --- a/.github/workflows/docker-hub.yml +++ b/.github/workflows/docker-hub.yml @@ -8,6 +8,9 @@ on: - 'main' tags: - 'v*' + pull_request: + branches: + - 'main' env: DOCKER_USER: 1001:127 diff --git a/.github/workflows/helmfile-linter.yaml b/.github/workflows/helmfile-linter.yaml new file mode 100644 index 00000000..26b830b4 --- /dev/null +++ b/.github/workflows/helmfile-linter.yaml @@ -0,0 +1,22 @@ +name: Helmfile lint +run-name: Helmfile lint + +on: + pull_request: + branches: + - 'main' + +jobs: + helmfile-lint: + runs-on: ubuntu-latest + container: + image: ghcr.io/helmfile/helmfile:latest + steps: + - + uses: numerique-gouv/action-helmfile-lint@main + with: + app-id: ${{ secrets.APP_ID }} + age-key: ${{ secrets.SOPS_PRIVATE }} + private-key: ${{ secrets.PRIVATE_KEY }} + helmfile-src: "src/helm" + repositories: "impress,secrets" diff --git a/src/helm/env.d/dev/secrets.enc.yaml b/src/helm/env.d/dev/secrets.enc.yaml new file mode 100644 index 00000000..a420f334 --- /dev/null +++ b/src/helm/env.d/dev/secrets.enc.yaml @@ -0,0 +1,62 @@ +djangoSuperUserEmail: ENC[AES256_GCM,data:7b1xfYmr1g0RlBmsHBRA39ZPV/6+1DrtHQ==,iv:/GW7oLxPTZYmRWVPvyAQMoZl1owHM4Fo0XAOtyEh2rA=,tag:DaqoW+dglyAOXMm5+mrDfA==,type:str] +djangoSuperUserPass: ENC[AES256_GCM,data:RQgX,iv:q3CdfmwGfHSTjLXTimDk/1MyoFLviRuwmZa2E7GUzhY=,tag:HCtdtqgSxdJIHFhI8xpegQ==,type:str] +djangoSecretKey: ENC[AES256_GCM,data:9fr7VwwXN6+9+rdDtgeDuEbq6R2Gb0JhifUgxTPVbd4usFQv1AUVkxF40fu5nYBmM8vk,iv:X44837MB7NQZ1J0o0JPDK+2g5eqbCzo9mDPJTz/bKSk=,tag:Ju4l5Pi8ccNASdiwFVFKgg==,type:str] +oidc: + clientId: ENC[AES256_GCM,data:wndPCbysbWDybdHglcG+wkMWk1rrD40hKqFxct9T3TLEGOk/,iv:RH1OdBX1GYIT90sSq0AGz49fFi6dL0m49Pegs6Ko9tQ=,tag:/tKytQwoZkBX1Tf96gAjIA==,type:str] + clientSecret: ENC[AES256_GCM,data:MUJ0wsg+LC2QZ1jZ0Twd3FS3dQevmJq9/97qVI3ARHuJIVlQz0Qah4vE7/iR+sn7ME2o1s1AzV4c1Yx/F3nHBg==,iv:LvinICSzF/8EvrHZD4Jp6lt7g3yxSOEgVHPrc3SShjo=,tag:yvkyyBXmhEkmGL7jZevUCA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age15fyxdwmg5mvldtqqus87xspuws2u0cpvwheehrtvkexj4tnsqqysw6re2x + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMMjFCeWhkUmRWTnlIM1JM + dVFock1DWmtXQnpQZWZMWW1YdndhSS93MlVFCmxKVDUwOUt0NjJIZiswSm5aRi9U + VEllelBZVmFKdVFzcVJPUm50VHo5RTgKLS0tIDlkU3htTEdSREFOSUxlTGVtUm1n + RzJZbzhFcDNZKzdxMWFHTWx6Uy9GVFkKTw8LbhzAACp0NUHDfNcXpZyr2pJyNxxw + C7j/UB0cAejlSJHaUUiZ6TEcslXRpqnNagwUw4z/uzo7m4temay22A== + -----END AGE ENCRYPTED FILE----- + - recipient: age16hnlml8yv4ynwy0seer57g8qww075crd0g7nsundz3pj4wk7m3vqftszg7 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQQjBNMnVlNURQVWdjSyty + RGozcmN5eTUwRHJIWnhhc1E3U1NXQ3AwTWxBCnFjbmJNZnFiRVJ6VHhmQmt1Vk5n + OTVXWVh3RzhoMWNrbUl6OHphTjFLQVUKLS0tIGJjUlNhK0dHQ2R3SCtrbTRnaFJT + Q1pyRXhSVm8xQWk2NG1MK0srVU1pL2sKkoxGCM00UM2leTNCn5H8499uwJw1NIXs + PoRNgplehrHFptrAwGEpSYMXbxu88N7EWa/rtOp+sHWK5zpxscMkjA== + -----END AGE ENCRYPTED FILE----- + - recipient: age1plkp8td6zzfcavjusmsfrlk54t9vn8jjxm8zaz7cmnr7kzl2nfnsd54hwg + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzYnpkYnJnYnJjVFRHRzRa + N09JOXVnQkVrcVcwdk9kR1k1azNib2lkMVZFCmhvOHlpVnJ0RlRpYWZ1TkVoaklV + NmNzY3BEeWN1MUtKWmZFT2RaMUxBRW8KLS0tIG92ZmhsZ29LSkRSREhiaG9kWXhH + akREb0ttYVpNWTJHb1pjaWRFbWpxUjgKgZp3cN2rZw4ktbpb5cUnDEtsT/KWszGi + pmpJHgsMADigyUc+Pjw+1pwpn0FtXVEXGedbf8bBuJavvbS2PuJBsg== + -----END AGE ENCRYPTED FILE----- + - recipient: age12g6f5fse25tgrwweleh4jls3qs52hey2edh759smulwmk5lnzadslu2cp3 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxaHZJeStiVnBzTGNTNzdo + UDFVTU51ZWp0WWorUnBlSzVBSU9IU2JnbUNNCkpMZGdNV3FUYkZOcWNLK0JWci81 + WGNwYi9Jb0QrV0lkUzNJWTcrUjIzUmMKLS0tIHlTKzNsVzNsSGFuYjJ0RFp0Y1Nr + a1VOcDBPTTYvNjkxN092N1UrYk1CM2cKNifC3ZLOrFTFKA9iKg8nPpZb+3DxnTwq + grsrxQa40b/Vv/aPoiPBMeSENDcH48X/EhMFNKX7dvl+7HEaY+QPlA== + -----END AGE ENCRYPTED FILE----- + - recipient: age1hnhuzj96ktkhpyygvmz0x9h8mfvssz7ss6emmukags644mdhf4msajk93r + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoZ2ZlcllJeGlKUDNxUk1w + ekZ3TSttaXREV1FBRWwzNW54cjlYbHpLdWpRCnhSL2hEVVBEWEJKQWF0YTk1YzhJ + RTBGN25sT0hBM3V4QndiTVkveDBwQ2cKLS0tIEdoZGRLRXdCME1wcUJHQXhtSHBQ + UVEyNUVIanF6Z3ZSUjU1aTk0NFRBR0EKGuH5vzOV9lP/qRew0maECapKtLILaf/4 + XoSgPnjh8pIbJG7i9VKnFORlzkNJ6OPhZlX3ax15hd1qQv0PSCMBDA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-11-02T06:36:16Z" + mac: ENC[AES256_GCM,data:CFU67noumihiYd0zSQex6Bgs5e/w3v3a9Ywd2XX53mx6W16w8DGyMykjaBzwX+wKC9oTqEmBXmmixf8NpQRuG9owcf9GIsFy1cK+69y+ISQINxBqxMvYouaC7UQeywpC1b9gHw7sVU1GCAiY6Ha+lPHvEavelbGWn/MSVyaBB2k=,iv:m1ShIjNGFjcC0N5mjvhbgxnVN7PcpSkBxMquUlsROCk=,tag:XTNxFRMQslbpvbL9gzMxHA==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.0 diff --git a/src/helm/env.d/dev/values.impress.yaml.gotmpl b/src/helm/env.d/dev/values.impress.yaml.gotmpl new file mode 100644 index 00000000..8f34286c --- /dev/null +++ b/src/helm/env.d/dev/values.impress.yaml.gotmpl @@ -0,0 +1,120 @@ +image: + repository: localhost:5001/impress-backend + pullPolicy: Always + tag: "latest" + +backend: + replicas: 1 + envVars: + DJANGO_CSRF_TRUSTED_ORIGINS: https://impress.127.0.0.1.nip.io,http://impress.127.0.0.1.nip.io + DJANGO_CONFIGURATION: Production + DJANGO_ALLOWED_HOSTS: "*" + DJANGO_SECRET_KEY: {{ .Values.djangoSecretKey }} + DJANGO_SETTINGS_MODULE: impress.settings + DJANGO_SUPERUSER_PASSWORD: admin + DJANGO_EMAIL_HOST: "mailcatcher" + DJANGO_EMAIL_PORT: 1025 + DJANGO_EMAIL_USE_SSL: False + OIDC_OP_JWKS_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/jwks + OIDC_OP_AUTHORIZATION_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/authorize + OIDC_OP_TOKEN_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/token + OIDC_OP_USER_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/userinfo + OIDC_OP_LOGOUT_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/session/end + OIDC_RP_CLIENT_ID: {{ .Values.oidc.clientId }} + OIDC_RP_CLIENT_SECRET: {{ .Values.oidc.clientSecret }} + OIDC_RP_SIGN_ALGO: RS256 + OIDC_RP_SCOPES: "openid email" + OIDC_REDIRECT_ALLOWED_HOSTS: https://impress.127.0.0.1.nip.io + OIDC_AUTH_REQUEST_EXTRA_PARAMS: "{'acr_values': 'eidas1'}" + LOGIN_REDIRECT_URL: https://impress.127.0.0.1.nip.io + LOGIN_REDIRECT_URL_FAILURE: https://impress.127.0.0.1.nip.io + LOGOUT_REDIRECT_URL: https://impress.127.0.0.1.nip.io + DB_HOST: postgres-postgresql + DB_NAME: impress + DB_USER: dinum + DB_PASSWORD: pass + DB_PORT: 5432 + POSTGRES_DB: impress + POSTGRES_USER: dinum + POSTGRES_PASSWORD: pass + REDIS_URL: redis://default:pass@redis-master:6379/1 + AWS_S3_ENDPOINT_URL: http://minio.impress.svc.cluster.local:9000 + AWS_S3_ACCESS_KEY_ID: impress + AWS_S3_SECRET_ACCESS_KEY: password + AWS_STORAGE_BUCKET_NAME: impress-media-storage + STORAGES_STATICFILES_BACKEND: django.contrib.staticfiles.storage.StaticFilesStorage + + migrate: + command: + - "/bin/sh" + - "-c" + - | + python manage.py migrate --no-input && + python manage.py create_demo --force + restartPolicy: Never + + command: + - "gunicorn" + - "-c" + - "/usr/local/etc/gunicorn/impress.py" + - "impress.wsgi:application" + - "--reload" + + createsuperuser: + command: + - "/bin/sh" + - "-c" + - | + python manage.py createsuperuser --email admin@example.com --password admin + restartPolicy: Never + +frontend: + envVars: + PORT: 8080 + NEXT_PUBLIC_API_ORIGIN: https://impress.127.0.0.1.nip.io + NEXT_PUBLIC_Y_PROVIDER_URL: wss://impress.127.0.0.1.nip.io/ws + NEXT_PUBLIC_MEDIA_URL: https://impress.127.0.0.1.nip.io + + replicas: 1 + command: + - yarn + - dev + + image: + repository: localhost:5001/impress-frontend + pullPolicy: Always + tag: "latest" + +yProvider: + replicas: 1 + + image: + repository: localhost:5001/impress-y-provider + pullPolicy: Always + tag: "latest" + +ingress: + enabled: true + host: impress.127.0.0.1.nip.io + +ingressWS: + enabled: true + host: impress.127.0.0.1.nip.io + +ingressAdmin: + enabled: true + host: impress.127.0.0.1.nip.io + +ingressMedia: + enabled: true + host: impress.127.0.0.1.nip.io + + annotations: + nginx.ingress.kubernetes.io/auth-url: https://impress.127.0.0.1.nip.io/api/v1.0/documents/retrieve-auth/ + nginx.ingress.kubernetes.io/auth-response-headers: "Authorization, X-Amz-Date, X-Amz-Content-SHA256" + nginx.ingress.kubernetes.io/upstream-vhost: minio.impress.svc.cluster.local:9000 + nginx.ingress.kubernetes.io/rewrite-target: /impress-media-storage/$1 + +serviceMedia: + host: minio.impress.svc.cluster.local + port: 9000 diff --git a/src/helm/extra/Chart.yaml b/src/helm/extra/Chart.yaml new file mode 100644 index 00000000..f3a2b2fc --- /dev/null +++ b/src/helm/extra/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v2 +name: extra +description: A Helm chart to add some manifests to impress +type: application +version: 0.1.0 diff --git a/src/helm/extra/templates/keydb.yaml b/src/helm/extra/templates/keydb.yaml new file mode 100644 index 00000000..00898ae9 --- /dev/null +++ b/src/helm/extra/templates/keydb.yaml @@ -0,0 +1,7 @@ +apiVersion: core.libre.sh/v1alpha1 +kind: Redis +metadata: + name: redis + namespace: {{ .Release.Namespace | quote }} +spec: + disableAuth: false diff --git a/src/helm/extra/templates/postgresql.yaml b/src/helm/extra/templates/postgresql.yaml new file mode 100644 index 00000000..24d22c47 --- /dev/null +++ b/src/helm/extra/templates/postgresql.yaml @@ -0,0 +1,7 @@ +apiVersion: core.libre.sh/v1alpha1 +kind: Postgres +metadata: + name: postgresql + namespace: {{ .Release.Namespace | quote }} +spec: + database: impress diff --git a/src/helm/extra/templates/s3.yaml b/src/helm/extra/templates/s3.yaml new file mode 100644 index 00000000..6ba05f99 --- /dev/null +++ b/src/helm/extra/templates/s3.yaml @@ -0,0 +1,8 @@ +apiVersion: core.libre.sh/v1alpha1 +kind: Bucket +metadata: + name: impress-media-storage + namespace: {{ .Release.Namespace | quote }} +spec: + provider: data + versioned: true diff --git a/src/helm/helmfile.yaml b/src/helm/helmfile.yaml new file mode 100644 index 00000000..ecf18826 --- /dev/null +++ b/src/helm/helmfile.yaml @@ -0,0 +1,67 @@ +repositories: +- name: bitnami + url: registry-1.docker.io/bitnamicharts + oci: true + +releases: + - name: postgres + installed: {{ eq .Environment.Name "dev" | toYaml }} + namespace: {{ .Namespace }} + chart: bitnami/postgresql + version: 13.1.5 + values: + - auth: + username: dinum + password: pass + database: impress + - tls: + enabled: true + autoGenerated: true + + - name: minio + installed: {{ eq .Environment.Name "dev" | toYaml }} + namespace: {{ .Namespace }} + chart: bitnami/minio + version: 12.10.10 + values: + - auth: + rootUser: impress + rootPassword: password + - provisioning: + enabled: true + buckets: + - name: impress-media-storage + versioning: true + + - name: redis + installed: {{ eq .Environment.Name "dev" | toYaml }} + namespace: {{ .Namespace }} + chart: bitnami/redis + version: 18.19.2 + values: + - auth: + password: pass + architecture: standalone + + - name: extra + installed: {{ ne .Environment.Name "dev" | toYaml }} + namespace: {{ .Namespace }} + chart: ./extra + secrets: + - env.d/{{ .Environment.Name }}/secrets.enc.yaml + + - name: impress + version: {{ .Values.version }} + namespace: {{ .Namespace }} + chart: ./impress + values: + - env.d/{{ .Environment.Name }}/values.impress.yaml.gotmpl + secrets: + - env.d/{{ .Environment.Name }}/secrets.enc.yaml + +environments: + dev: + values: + - version: 0.0.1 + secrets: + - env.d/{{ .Environment.Name }}/secrets.enc.yaml diff --git a/src/helm/impress/Chart.yaml b/src/helm/impress/Chart.yaml new file mode 100644 index 00000000..a9f05c77 --- /dev/null +++ b/src/helm/impress/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v2 +type: application +name: impress +version: 0.0.1 diff --git a/src/helm/impress/README.md b/src/helm/impress/README.md new file mode 100644 index 00000000..2b16874e --- /dev/null +++ b/src/helm/impress/README.md @@ -0,0 +1,128 @@ +# Impress helm chart + +## Parameters + +### General configuration + +| Name | Description | Value | +| ------------------------------------------ | ---------------------------------------------------- | ------------------------ | +| `image.repository` | Repository to use to pull impress's container image | `lasuite/impress-backend` | +| `image.tag` | impress's container tag | `latest` | +| `image.pullPolicy` | Container image pull policy | `IfNotPresent` | +| `image.credentials.username` | Username for container registry authentication | | +| `image.credentials.password` | Password for container registry authentication | | +| `image.credentials.registry` | Registry url for which the credentials are specified | | +| `image.credentials.name` | Name of the generated secret for imagePullSecrets | | +| `nameOverride` | Override the chart name | `""` | +| `fullnameOverride` | Override the full application name | `""` | +| `ingress.enabled` | whether to enable the Ingress or not | `false` | +| `ingress.className` | IngressClass to use for the Ingress | `nil` | +| `ingress.host` | Host for the Ingress | `impress.example.com` | +| `ingress.path` | Path to use for the Ingress | `/` | +| `ingress.hosts` | Additional host to configure for the Ingress | `[]` | +| `ingress.tls.enabled` | Weather to enable TLS for the Ingress | `true` | +| `ingress.tls.additional[].secretName` | Secret name for additional TLS config | | +| `ingress.tls.additional[].hosts[]` | Hosts for additional TLS config | | +| `ingress.customBackends` | Add custom backends to ingress | `[]` | +| `ingressAdmin.enabled` | whether to enable the Ingress or not | `false` | +| `ingressAdmin.className` | IngressClass to use for the Ingress | `nil` | +| `ingressAdmin.host` | Host for the Ingress | `impress.example.com` | +| `ingressAdmin.path` | Path to use for the Ingress | `/admin` | +| `ingressAdmin.hosts` | Additional host to configure for the Ingress | `[]` | +| `ingressAdmin.tls.enabled` | Weather to enable TLS for the Ingress | `true` | +| `ingressAdmin.tls.additional[].secretName` | Secret name for additional TLS config | | +| `ingressAdmin.tls.additional[].hosts[]` | Hosts for additional TLS config | | + +### backend + +| Name | Description | Value | +| ----------------------------------------------------- | ---------------------------------------------------------------------------------- | ----------------------------------------------- | +| `backend.command` | Override the backend container command | `[]` | +| `backend.args` | Override the backend container args | `[]` | +| `backend.replicas` | Amount of backend replicas | `3` | +| `backend.shareProcessNamespace` | Enable share process namespace between containers | `false` | +| `backend.sidecars` | Add sidecars containers to backend deployment | `[]` | +| `backend.securityContext` | Configure backend Pod security context | `nil` | +| `backend.envVars` | Configure backend container environment variables | `undefined` | +| `backend.envVars.BY_VALUE` | Example environment variable by setting value directly | | +| `backend.envVars.FROM_CONFIGMAP.configMapKeyRef.name` | Name of a ConfigMap when configuring env vars from a ConfigMap | | +| `backend.envVars.FROM_CONFIGMAP.configMapKeyRef.key` | Key within a ConfigMap when configuring env vars from a ConfigMap | | +| `backend.envVars.FROM_SECRET.secretKeyRef.name` | Name of a Secret when configuring env vars from a Secret | | +| `backend.envVars.FROM_SECRET.secretKeyRef.key` | Key within a Secret when configuring env vars from a Secret | | +| `backend.podAnnotations` | Annotations to add to the backend Pod | `{}` | +| `backend.service.type` | backend Service type | `ClusterIP` | +| `backend.service.port` | backend Service listening port | `80` | +| `backend.service.targetPort` | backend container listening port | `8000` | +| `backend.service.annotations` | Annotations to add to the backend Service | `{}` | +| `backend.migrate.command` | backend migrate command | `["python","manage.py","migrate","--no-input"]` | +| `backend.migrate.restartPolicy` | backend migrate job restart policy | `Never` | +| `backend.probes.liveness.path` | Configure path for backend HTTP liveness probe | `/__heartbeat__` | +| `backend.probes.liveness.targetPort` | Configure port for backend HTTP liveness probe | `undefined` | +| `backend.probes.liveness.initialDelaySeconds` | Configure initial delay for backend liveness probe | `10` | +| `backend.probes.liveness.initialDelaySeconds` | Configure timeout for backend liveness probe | `10` | +| `backend.probes.startup.path` | Configure path for backend HTTP startup probe | `undefined` | +| `backend.probes.startup.targetPort` | Configure port for backend HTTP startup probe | `undefined` | +| `backend.probes.startup.initialDelaySeconds` | Configure initial delay for backend startup probe | `undefined` | +| `backend.probes.startup.initialDelaySeconds` | Configure timeout for backend startup probe | `undefined` | +| `backend.probes.readiness.path` | Configure path for backend HTTP readiness probe | `/__lbheartbeat__` | +| `backend.probes.readiness.targetPort` | Configure port for backend HTTP readiness probe | `undefined` | +| `backend.probes.readiness.initialDelaySeconds` | Configure initial delay for backend readiness probe | `10` | +| `backend.probes.readiness.initialDelaySeconds` | Configure timeout for backend readiness probe | `10` | +| `backend.resources` | Resource requirements for the backend container | `{}` | +| `backend.nodeSelector` | Node selector for the backend Pod | `{}` | +| `backend.tolerations` | Tolerations for the backend Pod | `[]` | +| `backend.affinity` | Affinity for the backend Pod | `{}` | +| `backend.persistence` | Additional volumes to create and mount on the backend. Used for debugging purposes | `{}` | +| `backend.persistence.volume-name.size` | Size of the additional volume | | +| `backend.persistence.volume-name.type` | Type of the additional volume, persistentVolumeClaim or emptyDir | | +| `backend.persistence.volume-name.mountPath` | Path where the volume should be mounted to | | +| `backend.extraVolumeMounts` | Additional volumes to mount on the backend. | `[]` | +| `backend.extraVolumes` | Additional volumes to mount on the backend. | `[]` | + +### frontend + +| Name | Description | Value | +| ------------------------------------------------------ | ----------------------------------------------------------------------------------- | ------------------------- | +| `frontend.image.repository` | Repository to use to pull impress's frontend container image | `lasuite/impress-frontend` | +| `frontend.image.tag` | impress's frontend container tag | `latest` | +| `frontend.image.pullPolicy` | frontend container image pull policy | `IfNotPresent` | +| `frontend.command` | Override the frontend container command | `[]` | +| `frontend.args` | Override the frontend container args | `[]` | +| `frontend.replicas` | Amount of frontend replicas | `3` | +| `frontend.shareProcessNamespace` | Enable share process namefrontend between containers | `false` | +| `frontend.sidecars` | Add sidecars containers to frontend deployment | `[]` | +| `frontend.securityContext` | Configure frontend Pod security context | `nil` | +| `frontend.envVars` | Configure frontend container environment variables | `undefined` | +| `frontend.envVars.BY_VALUE` | Example environment variable by setting value directly | | +| `frontend.envVars.FROM_CONFIGMAP.configMapKeyRef.name` | Name of a ConfigMap when configuring env vars from a ConfigMap | | +| `frontend.envVars.FROM_CONFIGMAP.configMapKeyRef.key` | Key within a ConfigMap when configuring env vars from a ConfigMap | | +| `frontend.envVars.FROM_SECRET.secretKeyRef.name` | Name of a Secret when configuring env vars from a Secret | | +| `frontend.envVars.FROM_SECRET.secretKeyRef.key` | Key within a Secret when configuring env vars from a Secret | | +| `frontend.podAnnotations` | Annotations to add to the frontend Pod | `{}` | +| `frontend.service.type` | frontend Service type | `ClusterIP` | +| `frontend.service.port` | frontend Service listening port | `80` | +| `frontend.service.targetPort` | frontend container listening port | `8080` | +| `frontend.service.annotations` | Annotations to add to the frontend Service | `{}` | +| `frontend.probes` | Configure probe for frontend | `{}` | +| `frontend.probes.liveness.path` | Configure path for frontend HTTP liveness probe | | +| `frontend.probes.liveness.targetPort` | Configure port for frontend HTTP liveness probe | | +| `frontend.probes.liveness.initialDelaySeconds` | Configure initial delay for frontend liveness probe | | +| `frontend.probes.liveness.initialDelaySeconds` | Configure timeout for frontend liveness probe | | +| `frontend.probes.startup.path` | Configure path for frontend HTTP startup probe | | +| `frontend.probes.startup.targetPort` | Configure port for frontend HTTP startup probe | | +| `frontend.probes.startup.initialDelaySeconds` | Configure initial delay for frontend startup probe | | +| `frontend.probes.startup.initialDelaySeconds` | Configure timeout for frontend startup probe | | +| `frontend.probes.readiness.path` | Configure path for frontend HTTP readiness probe | | +| `frontend.probes.readiness.targetPort` | Configure port for frontend HTTP readiness probe | | +| `frontend.probes.readiness.initialDelaySeconds` | Configure initial delay for frontend readiness probe | | +| `frontend.probes.readiness.initialDelaySeconds` | Configure timeout for frontend readiness probe | | +| `frontend.resources` | Resource requirements for the frontend container | `{}` | +| `frontend.nodeSelector` | Node selector for the frontend Pod | `{}` | +| `frontend.tolerations` | Tolerations for the frontend Pod | `[]` | +| `frontend.affinity` | Affinity for the frontend Pod | `{}` | +| `frontend.persistence` | Additional volumes to create and mount on the frontend. Used for debugging purposes | `{}` | +| `frontend.persistence.volume-name.size` | Size of the additional volume | | +| `frontend.persistence.volume-name.type` | Type of the additional volume, persistentVolumeClaim or emptyDir | | +| `frontend.persistence.volume-name.mountPath` | Path where the volume should be mounted to | | +| `frontend.extraVolumeMounts` | Additional volumes to mount on the frontend. | `[]` | +| `frontend.extraVolumes` | Additional volumes to mount on the frontend. | `[]` | diff --git a/src/helm/impress/generate-readme.sh b/src/helm/impress/generate-readme.sh new file mode 100644 index 00000000..edbd2806 --- /dev/null +++ b/src/helm/impress/generate-readme.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +docker image ls | grep readme-generator-for-helm +if [ "$?" -ne "0" ]; then + git clone https://github.com/bitnami/readme-generator-for-helm.git /tmp/readme-generator-for-helm + cd /tmp/readme-generator-for-helm + docker build -t readme-generator-for-helm:latest . + cd $(dirname -- "${BASH_SOURCE[0]}") +fi +docker run --rm -it -v ./values.yaml:/app/values.yaml -v ./README.md:/app/README.md readme-generator-for-helm:latest readme-generator -v values.yaml -r README.md diff --git a/src/helm/impress/templates/_helpers.tpl b/src/helm/impress/templates/_helpers.tpl new file mode 100644 index 00000000..63188f3b --- /dev/null +++ b/src/helm/impress/templates/_helpers.tpl @@ -0,0 +1,184 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "impress.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "impress.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "impress.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +impress.labels +*/}} +{{- define "impress.labels" -}} +helm.sh/chart: {{ include "impress.chart" . }} +{{ include "impress.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "impress.selectorLabels" -}} +app.kubernetes.io/name: {{ include "impress.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +transform dictionnary of environment variables +Usage : {{ include "impress.env.transformDict" .Values.envVars }} + +Example: +envVars: + # Using simple strings as env vars + ENV_VAR_NAME: "envVar value" + # Using a value from a configMap + ENV_VAR_FROM_CM: + configMapKeyRef: + name: cm-name + key: "key_in_cm" + # Using a value from a secret + ENV_VAR_FROM_SECRET: + secretKeyRef: + name: secret-name + key: "key_in_secret" +*/}} +{{- define "impress.env.transformDict" -}} +{{- range $key, $value := . }} +- name: {{ $key | quote }} +{{- if $value | kindIs "map" }} + valueFrom: {{ $value | toYaml | nindent 4 }} +{{- else }} + value: {{ $value | quote }} +{{- end }} +{{- end }} +{{- end }} + + +{{/* +impress env vars +*/}} +{{- define "impress.common.env" -}} +{{- $topLevelScope := index . 0 -}} +{{- $workerScope := index . 1 -}} +{{- include "impress.env.transformDict" $workerScope.envVars -}} +{{- end }} + +{{/* +Common labels + +Requires array with top level scope and component name +*/}} +{{- define "impress.common.labels" -}} +{{- $topLevelScope := index . 0 -}} +{{- $component := index . 1 -}} +{{- include "impress.labels" $topLevelScope }} +app.kubernetes.io/component: {{ $component }} +{{- end }} + +{{/* +Common selector labels + +Requires array with top level scope and component name +*/}} +{{- define "impress.common.selectorLabels" -}} +{{- $topLevelScope := index . 0 -}} +{{- $component := index . 1 -}} +{{- include "impress.selectorLabels" $topLevelScope }} +app.kubernetes.io/component: {{ $component }} +{{- end }} + +{{- define "impress.probes.abstract" -}} +{{- if .exec -}} +exec: +{{- toYaml .exec | nindent 2 }} +{{- else if .tcpSocket -}} +tcpSocket: +{{- toYaml .tcpSocket | nindent 2 }} +{{- else -}} +httpGet: + path: {{ .path }} + port: {{ .targetPort }} +{{- end }} +initialDelaySeconds: {{ .initialDelaySeconds | eq nil | ternary 0 .initialDelaySeconds }} +timeoutSeconds: {{ .timeoutSeconds | eq nil | ternary 1 .timeoutSeconds }} +{{- end }} + +{{/* +Full name for the backend + +Requires top level scope +*/}} +{{- define "impress.backend.fullname" -}} +{{ include "impress.fullname" . }}-backend +{{- end }} + +{{/* +Full name for the frontend + +Requires top level scope +*/}} +{{- define "impress.frontend.fullname" -}} +{{ include "impress.fullname" . }}-frontend +{{- end }} + +{{/* +Full name for the yProvider + +Requires top level scope +*/}} +{{- define "impress.yProvider.fullname" -}} +{{ include "impress.fullname" . }}-y-provider +{{- end }} + +{{/* +Usage : {{ include "impress.secret.dockerconfigjson.name" (dict "fullname" (include "impress.fullname" .) "imageCredentials" .Values.path.to.the.image1) }} +*/}} +{{- define "impress.secret.dockerconfigjson.name" }} +{{- if (default (dict) .imageCredentials).name }}{{ .imageCredentials.name }}{{ else }}{{ .fullname | trunc 63 | trimSuffix "-" }}-dockerconfig{{ end -}} +{{- end }} + +{{/* +Usage : {{ include "impress.secret.dockerconfigjson" (dict "fullname" (include "impress.fullname" .) "imageCredentials" .Values.path.to.the.image1) }} +*/}} +{{- define "impress.secret.dockerconfigjson" }} +{{- if .imageCredentials -}} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "impress.secret.dockerconfigjson.name" (dict "fullname" .fullname "imageCredentials" .imageCredentials) }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": before-hook-creation +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: {{ template "impress.secret.dockerconfigjson.data" .imageCredentials }} +{{- end -}} +{{- end }} diff --git a/src/helm/impress/templates/backend_deployment.yaml b/src/helm/impress/templates/backend_deployment.yaml new file mode 100644 index 00000000..d0c0f086 --- /dev/null +++ b/src/helm/impress/templates/backend_deployment.yaml @@ -0,0 +1,136 @@ +{{- $envVars := include "impress.common.env" (list . .Values.backend) -}} +{{- $fullName := include "impress.backend.fullname" . -}} +{{- $component := "backend" -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ $fullName }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "impress.common.labels" (list . $component) | nindent 4 }} +spec: + replicas: {{ .Values.backend.replicas }} + selector: + matchLabels: + {{- include "impress.common.selectorLabels" (list . $component) | nindent 6 }} + template: + metadata: + annotations: + {{- with .Values.backend.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "impress.common.selectorLabels" (list . $component) | nindent 8 }} + spec: + {{- if $.Values.image.credentials }} + imagePullSecrets: + - name: {{ include "impress.secret.dockerconfigjson.name" (dict "fullname" (include "impress.fullname" .) "imageCredentials" $.Values.image.credentials) }} + {{- end}} + shareProcessNamespace: {{ .Values.backend.shareProcessNamespace }} + containers: + {{- with .Values.backend.sidecars }} + {{- toYaml . | nindent 8 }} + {{- end }} + - name: {{ .Chart.Name }} + image: "{{ (.Values.backend.image | default dict).repository | default .Values.image.repository }}:{{ (.Values.backend.image | default dict).tag | default .Values.image.tag }}" + imagePullPolicy: {{ (.Values.backend.image | default dict).pullPolicy | default .Values.image.pullPolicy }} + {{- with .Values.backend.command }} + command: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.backend.args }} + args: + {{- toYaml . | nindent 12 }} + {{- end }} + env: + {{- if $envVars}} + {{- $envVars | indent 12 }} + {{- end }} + {{- with .Values.backend.securityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.backend.service.targetPort }} + protocol: TCP + {{- if .Values.backend.probes.liveness }} + livenessProbe: + {{- include "impress.probes.abstract" (merge .Values.backend.probes.liveness (dict "targetPort" .Values.backend.service.targetPort )) | nindent 12 }} + {{- end }} + {{- if .Values.backend.probes.readiness }} + readinessProbe: + {{- include "impress.probes.abstract" (merge .Values.backend.probes.readiness (dict "targetPort" .Values.backend.service.targetPort )) | nindent 12 }} + {{- end }} + {{- if .Values.backend.probes.startup }} + startupProbe: + {{- include "impress.probes.abstract" (merge .Values.backend.probes.startup (dict "targetPort" .Values.backend.service.targetPort )) | nindent 12 }} + {{- end }} + {{- with .Values.backend.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + {{- range $index, $value := .Values.mountFiles }} + - name: "files-{{ $index }}" + mountPath: {{ $value.path }} + subPath: content + {{- end }} + {{- range $name, $volume := .Values.backend.persistence }} + - name: "{{ $name }}" + mountPath: "{{ $volume.mountPath }}" + {{- end }} + {{- range .Values.backend.extraVolumeMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath | default "" }} + readOnly: {{ .readOnly }} + {{- end }} + {{- with .Values.backend.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.backend.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.backend.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + {{- range $index, $value := .Values.mountFiles }} + - name: "files-{{ $index }}" + configMap: + name: "{{ include "impress.fullname" $ }}-files-{{ $index }}" + {{- end }} + {{- range $name, $volume := .Values.backend.persistence }} + - name: "{{ $name }}" + {{- if eq $volume.type "emptyDir" }} + emptyDir: {} + {{- else }} + persistentVolumeClaim: + claimName: "{{ $fullName }}-{{ $name }}" + {{- end }} + {{- end }} + {{- range .Values.backend.extraVolumes }} + - name: {{ .name }} + {{- if .existingClaim }} + persistentVolumeClaim: + claimName: {{ .existingClaim }} + {{- else if .hostPath }} + hostPath: + {{ toYaml .hostPath | nindent 12 }} + {{- else if .csi }} + csi: + {{- toYaml .csi | nindent 12 }} + {{- else if .configMap }} + configMap: + {{- toYaml .configMap | nindent 12 }} + {{- else if .emptyDir }} + emptyDir: + {{- toYaml .emptyDir | nindent 12 }} + {{- else }} + emptyDir: {} + {{- end }} + {{- end }} diff --git a/src/helm/impress/templates/backend_job.yaml b/src/helm/impress/templates/backend_job.yaml new file mode 100644 index 00000000..9c81d7df --- /dev/null +++ b/src/helm/impress/templates/backend_job.yaml @@ -0,0 +1,122 @@ +{{- $envVars := include "impress.common.env" (list . .Values.backend) -}} +{{- $fullName := include "impress.backend.fullname" . -}} +{{- $component := "backend" -}} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ $fullName }}-migrate + namespace: {{ .Release.Namespace | quote }} + annotations: + argocd.argoproj.io/sync-options: Replace=true,Force=true + {{- with .Values.backend.migrateJobAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "impress.common.labels" (list . $component) | nindent 4 }} +spec: + template: + metadata: + annotations: + {{- with .Values.backend.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "impress.common.selectorLabels" (list . $component) | nindent 8 }} + spec: + {{- if $.Values.image.credentials }} + imagePullSecrets: + - name: {{ include "impress.secret.dockerconfigjson.name" (dict "fullname" (include "impress.fullname" .) "imageCredentials" $.Values.image.credentials) }} + {{- end}} + shareProcessNamespace: {{ .Values.backend.shareProcessNamespace }} + containers: + {{- with .Values.backend.sidecars }} + {{- toYaml . | nindent 8 }} + {{- end }} + - name: {{ .Chart.Name }} + image: "{{ (.Values.backend.image | default dict).repository | default .Values.image.repository }}:{{ (.Values.backend.image | default dict).tag | default .Values.image.tag }}" + imagePullPolicy: {{ (.Values.backend.image | default dict).pullPolicy | default .Values.image.pullPolicy }} + {{- with .Values.backend.migrate.command }} + command: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.backend.args }} + args: + {{- toYaml . | nindent 12 }} + {{- end }} + env: + {{- if $envVars}} + {{- $envVars | indent 12 }} + {{- end }} + {{- with .Values.backend.securityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.backend.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + {{- range $index, $value := .Values.mountFiles }} + - name: "files-{{ $index }}" + mountPath: {{ $value.path }} + subPath: content + {{- end }} + {{- range $name, $volume := .Values.backend.persistence }} + - name: "{{ $name }}" + mountPath: "{{ $volume.mountPath }}" + {{- end }} + {{- range .Values.backend.extraVolumeMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath | default "" }} + readOnly: {{ .readOnly }} + {{- end }} + {{- with .Values.backend.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.backend.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.backend.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + restartPolicy: {{ .Values.backend.migrate.restartPolicy }} + volumes: + {{- range $index, $value := .Values.mountFiles }} + - name: "files-{{ $index }}" + configMap: + name: "{{ include "impress.fullname" $ }}-files-{{ $index }}" + {{- end }} + {{- range $name, $volume := .Values.backend.persistence }} + - name: "{{ $name }}" + {{- if eq $volume.type "emptyDir" }} + emptyDir: {} + {{- else }} + persistentVolumeClaim: + claimName: "{{ $fullName }}-{{ $name }}" + {{- end }} + {{- end }} + {{- range .Values.backend.extraVolumes }} + - name: {{ .name }} + {{- if .existingClaim }} + persistentVolumeClaim: + claimName: {{ .existingClaim }} + {{- else if .hostPath }} + hostPath: + {{ toYaml .hostPath | nindent 12 }} + {{- else if .csi }} + csi: + {{- toYaml .csi | nindent 12 }} + {{- else if .configMap }} + configMap: + {{- toYaml .configMap | nindent 12 }} + {{- else if .emptyDir }} + emptyDir: + {{- toYaml .emptyDir | nindent 12 }} + {{- else }} + emptyDir: {} + {{- end }} + {{- end }} diff --git a/src/helm/impress/templates/backend_job_createsuperuser.yaml b/src/helm/impress/templates/backend_job_createsuperuser.yaml new file mode 100644 index 00000000..beb7d65e --- /dev/null +++ b/src/helm/impress/templates/backend_job_createsuperuser.yaml @@ -0,0 +1,122 @@ +{{- $envVars := include "impress.common.env" (list . .Values.backend) -}} +{{- $fullName := include "impress.backend.fullname" . -}} +{{- $component := "backend" -}} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ $fullName }}-createsuperuser + namespace: {{ .Release.Namespace | quote }} + annotations: + argocd.argoproj.io/sync-options: Replace=true,Force=true + {{- with .Values.backend.migrateJobAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "impress.common.labels" (list . $component) | nindent 4 }} +spec: + template: + metadata: + annotations: + {{- with .Values.backend.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "impress.common.selectorLabels" (list . $component) | nindent 8 }} + spec: + {{- if $.Values.image.credentials }} + imagePullSecrets: + - name: {{ include "impress.secret.dockerconfigjson.name" (dict "fullname" (include "impress.fullname" .) "imageCredentials" $.Values.image.credentials) }} + {{- end}} + shareProcessNamespace: {{ .Values.backend.shareProcessNamespace }} + containers: + {{- with .Values.backend.sidecars }} + {{- toYaml . | nindent 8 }} + {{- end }} + - name: {{ .Chart.Name }} + image: "{{ (.Values.backend.image | default dict).repository | default .Values.image.repository }}:{{ (.Values.backend.image | default dict).tag | default .Values.image.tag }}" + imagePullPolicy: {{ (.Values.backend.image | default dict).pullPolicy | default .Values.image.pullPolicy }} + {{- with .Values.backend.createsuperuser.command }} + command: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.backend.args }} + args: + {{- toYaml . | nindent 12 }} + {{- end }} + env: + {{- if $envVars}} + {{- $envVars | indent 12 }} + {{- end }} + {{- with .Values.backend.securityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.backend.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + {{- range $index, $value := .Values.mountFiles }} + - name: "files-{{ $index }}" + mountPath: {{ $value.path }} + subPath: content + {{- end }} + {{- range $name, $volume := .Values.backend.persistence }} + - name: "{{ $name }}" + mountPath: "{{ $volume.mountPath }}" + {{- end }} + {{- range .Values.backend.extraVolumeMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath | default "" }} + readOnly: {{ .readOnly }} + {{- end }} + {{- with .Values.backend.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.backend.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.backend.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + restartPolicy: {{ .Values.backend.createsuperuser.restartPolicy }} + volumes: + {{- range $index, $value := .Values.mountFiles }} + - name: "files-{{ $index }}" + configMap: + name: "{{ include "impress.fullname" $ }}-files-{{ $index }}" + {{- end }} + {{- range $name, $volume := .Values.backend.persistence }} + - name: "{{ $name }}" + {{- if eq $volume.type "emptyDir" }} + emptyDir: {} + {{- else }} + persistentVolumeClaim: + claimName: "{{ $fullName }}-{{ $name }}" + {{- end }} + {{- end }} + {{- range .Values.backend.extraVolumes }} + - name: {{ .name }} + {{- if .existingClaim }} + persistentVolumeClaim: + claimName: {{ .existingClaim }} + {{- else if .hostPath }} + hostPath: + {{ toYaml .hostPath | nindent 12 }} + {{- else if .csi }} + csi: + {{- toYaml .csi | nindent 12 }} + {{- else if .configMap }} + configMap: + {{- toYaml .configMap | nindent 12 }} + {{- else if .emptyDir }} + emptyDir: + {{- toYaml .emptyDir | nindent 12 }} + {{- else }} + emptyDir: {} + {{- end }} + {{- end }} diff --git a/src/helm/impress/templates/backend_svc.yaml b/src/helm/impress/templates/backend_svc.yaml new file mode 100644 index 00000000..579bdbf6 --- /dev/null +++ b/src/helm/impress/templates/backend_svc.yaml @@ -0,0 +1,21 @@ +{{- $envVars := include "impress.common.env" (list . .Values.backend) -}} +{{- $fullName := include "impress.backend.fullname" . -}} +{{- $component := "backend" -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ $fullName }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "impress.common.labels" (list . $component) | nindent 4 }} + annotations: + {{- toYaml $.Values.backend.service.annotations | nindent 4 }} +spec: + type: {{ .Values.backend.service.type }} + ports: + - port: {{ .Values.backend.service.port }} + targetPort: {{ .Values.backend.service.targetPort }} + protocol: TCP + name: http + selector: + {{- include "impress.common.selectorLabels" (list . $component) | nindent 4 }} diff --git a/src/helm/impress/templates/frontend_deployment.yaml b/src/helm/impress/templates/frontend_deployment.yaml new file mode 100644 index 00000000..959ab02a --- /dev/null +++ b/src/helm/impress/templates/frontend_deployment.yaml @@ -0,0 +1,136 @@ +{{- $envVars := include "impress.common.env" (list . .Values.frontend) -}} +{{- $fullName := include "impress.frontend.fullname" . -}} +{{- $component := "frontend" -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ $fullName }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "impress.common.labels" (list . $component) | nindent 4 }} +spec: + replicas: {{ .Values.frontend.replicas }} + selector: + matchLabels: + {{- include "impress.common.selectorLabels" (list . $component) | nindent 6 }} + template: + metadata: + annotations: + {{- with .Values.frontend.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "impress.common.selectorLabels" (list . $component) | nindent 8 }} + spec: + {{- if $.Values.image.credentials }} + imagePullSecrets: + - name: {{ include "impress.secret.dockerconfigjson.name" (dict "fullname" (include "impress.fullname" .) "imageCredentials" $.Values.image.credentials) }} + {{- end}} + shareProcessNamespace: {{ .Values.frontend.shareProcessNamespace }} + containers: + {{- with .Values.frontend.sidecars }} + {{- toYaml . | nindent 8 }} + {{- end }} + - name: {{ .Chart.Name }} + image: "{{ (.Values.frontend.image | default dict).repository | default .Values.image.repository }}:{{ (.Values.frontend.image | default dict).tag | default .Values.image.tag }}" + imagePullPolicy: {{ (.Values.frontend.image | default dict).pullPolicy | default .Values.image.pullPolicy }} + {{- with .Values.frontend.command }} + command: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.frontend.args }} + args: + {{- toYaml . | nindent 12 }} + {{- end }} + env: + {{- if $envVars}} + {{- $envVars | indent 12 }} + {{- end }} + {{- with .Values.frontend.securityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.frontend.service.targetPort }} + protocol: TCP + {{- if .Values.frontend.probes.liveness }} + livenessProbe: + {{- include "impress.probes.abstract" (merge .Values.frontend.probes.liveness (dict "targetPort" .Values.frontend.service.targetPort )) | nindent 12 }} + {{- end }} + {{- if .Values.frontend.probes.readiness }} + readinessProbe: + {{- include "impress.probes.abstract" (merge .Values.frontend.probes.readiness (dict "targetPort" .Values.frontend.service.targetPort )) | nindent 12 }} + {{- end }} + {{- if .Values.frontend.probes.startup }} + startupProbe: + {{- include "impress.probes.abstract" (merge .Values.frontend.probes.startup (dict "targetPort" .Values.frontend.service.targetPort )) | nindent 12 }} + {{- end }} + {{- with .Values.frontend.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + {{- range $index, $value := .Values.mountFiles }} + - name: "files-{{ $index }}" + mountPath: {{ $value.path }} + subPath: content + {{- end }} + {{- range $name, $volume := .Values.frontend.persistence }} + - name: "{{ $name }}" + mountPath: "{{ $volume.mountPath }}" + {{- end }} + {{- range .Values.frontend.extraVolumeMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath | default "" }} + readOnly: {{ .readOnly }} + {{- end }} + {{- with .Values.frontend.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.frontend.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.frontend.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + {{- range $index, $value := .Values.mountFiles }} + - name: "files-{{ $index }}" + configMap: + name: "{{ include "impress.fullname" $ }}-files-{{ $index }}" + {{- end }} + {{- range $name, $volume := .Values.frontend.persistence }} + - name: "{{ $name }}" + {{- if eq $volume.type "emptyDir" }} + emptyDir: {} + {{- else }} + persistentVolumeClaim: + claimName: "{{ $fullName }}-{{ $name }}" + {{- end }} + {{- end }} + {{- range .Values.frontend.extraVolumes }} + - name: {{ .name }} + {{- if .existingClaim }} + persistentVolumeClaim: + claimName: {{ .existingClaim }} + {{- else if .hostPath }} + hostPath: + {{ toYaml .hostPath | nindent 12 }} + {{- else if .csi }} + csi: + {{- toYaml .csi | nindent 12 }} + {{- else if .configMap }} + configMap: + {{- toYaml .configMap | nindent 12 }} + {{- else if .emptyDir }} + emptyDir: + {{- toYaml .emptyDir | nindent 12 }} + {{- else }} + emptyDir: {} + {{- end }} + {{- end }} diff --git a/src/helm/impress/templates/frontend_svc.yaml b/src/helm/impress/templates/frontend_svc.yaml new file mode 100644 index 00000000..ac42e4c6 --- /dev/null +++ b/src/helm/impress/templates/frontend_svc.yaml @@ -0,0 +1,21 @@ +{{- $envVars := include "impress.common.env" (list . .Values.frontend) -}} +{{- $fullName := include "impress.frontend.fullname" . -}} +{{- $component := "frontend" -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ $fullName }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "impress.common.labels" (list . $component) | nindent 4 }} + annotations: + {{- toYaml $.Values.frontend.service.annotations | nindent 4 }} +spec: + type: {{ .Values.frontend.service.type }} + ports: + - port: {{ .Values.frontend.service.port }} + targetPort: {{ .Values.frontend.service.targetPort }} + protocol: TCP + name: http + selector: + {{- include "impress.common.selectorLabels" (list . $component) | nindent 4 }} diff --git a/src/helm/impress/templates/ingress.yaml b/src/helm/impress/templates/ingress.yaml new file mode 100644 index 00000000..aecc5977 --- /dev/null +++ b/src/helm/impress/templates/ingress.yaml @@ -0,0 +1,118 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "impress.fullname" . -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "impress.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls.enabled }} + tls: + {{- if .Values.ingress.host }} + - secretName: {{ $fullName }}-tls + hosts: + - {{ .Values.ingress.host | quote }} + {{- end }} + {{- range .Values.ingress.tls.additional }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- if .Values.ingress.host }} + - host: {{ .Values.ingress.host | quote }} + http: + paths: + - path: {{ .Values.ingress.path | quote }} + {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} + pathType: Prefix + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ include "impress.frontend.fullname" . }} + port: + number: {{ .Values.frontend.service.port }} + {{- else }} + serviceName: {{ include "impress.frontend.fullname" . }} + servicePort: {{ .Values.frontend.service.port }} + {{- end }} + - path: /api + {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} + pathType: Prefix + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ include "impress.backend.fullname" . }} + port: + number: {{ .Values.backend.service.port }} + {{- else }} + serviceName: {{ include "impress.backend.fullname" . }} + servicePort: {{ .Values.backend.service.port }} + {{- end }} + {{- with .Values.ingress.customBackends }} + {{- toYaml . | nindent 10 }} + {{- end }} + {{- end }} + {{- range .Values.ingress.hosts }} + - host: {{ . | quote }} + http: + paths: + - path: {{ $.Values.ingress.path | quote }} + {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} + pathType: Prefix + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ include "impress.frontend.fullname" $ }} + port: + number: {{ $.Values.frontend.service.port }} + {{- else }} + serviceName: {{ include "impress.frontend.fullname" $ }} + servicePort: {{ $.Values.frontend.service.port }} + {{- end }} + - path: /api + {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} + pathType: Prefix + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ include "impress.backend.fullname" $ }} + port: + number: {{ $.Values.backend.service.port }} + {{- else }} + serviceName: {{ include "impress.backend.fullname" $ }} + servicePort: {{ $.Values.backend.service.port }} + {{- end }} + {{- with $.Values.ingress.customBackends }} + {{- toYaml . | nindent 10 }} + {{- end }} + {{- end }} +{{- end }} + diff --git a/src/helm/impress/templates/ingress_admin.yaml b/src/helm/impress/templates/ingress_admin.yaml new file mode 100644 index 00000000..64532389 --- /dev/null +++ b/src/helm/impress/templates/ingress_admin.yaml @@ -0,0 +1,98 @@ +{{- if .Values.ingressAdmin.enabled -}} +{{- $fullName := include "impress.fullname" . -}} +{{- if and .Values.ingressAdmin.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingressAdmin.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingressAdmin.annotations "kubernetes.io/ingress.class" .Values.ingressAdmin.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }}-admin + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "impress.labels" . | nindent 4 }} + {{- with .Values.ingressAdmin.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingressAdmin.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingressAdmin.className }} + {{- end }} + {{- if .Values.ingressAdmin.tls.enabled }} + tls: + {{- if .Values.ingressAdmin.host }} + - secretName: {{ $fullName }}-tls + hosts: + - {{ .Values.ingressAdmin.host | quote }} + {{- end }} + {{- range .Values.ingressAdmin.tls.additional }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- if .Values.ingressAdmin.host }} + - host: {{ .Values.ingressAdmin.host | quote }} + http: + paths: + - path: {{ .Values.ingressAdmin.path | quote }} + {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} + pathType: Prefix + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ include "impress.backend.fullname" . }} + port: + number: {{ .Values.backend.service.port }} + {{- else }} + serviceName: {{ include "impress.backend.fullname" . }} + servicePort: {{ .Values.backend.service.port }} + {{- end }} + - path: /static + {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} + pathType: Prefix + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ include "impress.backend.fullname" . }} + port: + number: {{ .Values.backend.service.port }} + {{- else }} + serviceName: {{ include "impress.backend.fullname" . }} + servicePort: {{ .Values.backend.service.port }} + {{- end }} + {{- end }} + {{- range .Values.ingressAdmin.hosts }} + - host: {{ . | quote }} + http: + paths: + - path: {{ $.Values.ingressAdmin.path | quote }} + {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} + pathType: Prefix + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ include "impress.backend.fullname" $ }} + port: + number: {{ $.Values.backend.service.port }} + {{- else }} + serviceName: {{ include "impress.backend.fullname" $ }} + servicePort: {{ $.Values.backend.service.port }} + {{- end }} + {{- end }} +{{- end }} + diff --git a/src/helm/impress/templates/ingress_media.yaml b/src/helm/impress/templates/ingress_media.yaml new file mode 100644 index 00000000..cc201ef3 --- /dev/null +++ b/src/helm/impress/templates/ingress_media.yaml @@ -0,0 +1,83 @@ +{{- if .Values.ingressMedia.enabled -}} +{{- $fullName := include "impress.fullname" . -}} +{{- if and .Values.ingressMedia.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingressMedia.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingressMedia.annotations "kubernetes.io/ingress.class" .Values.ingressMedia.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }}-media + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "impress.labels" . | nindent 4 }} + {{- with .Values.ingressMedia.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingressMedia.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingressMedia.className }} + {{- end }} + {{- if .Values.ingressMedia.tls.enabled }} + tls: + {{- if .Values.ingressMedia.host }} + - secretName: {{ $fullName }}-tls + hosts: + - {{ .Values.ingressMedia.host | quote }} + {{- end }} + {{- range .Values.ingressMedia.tls.additional }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- if .Values.ingressMedia.host }} + - host: {{ .Values.ingressMedia.host | quote }} + http: + paths: + - path: {{ .Values.ingressMedia.path | quote }} + {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} + pathType: ImplementationSpecific + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }}-media + port: + number: {{ .Values.serviceMedia.port }} + {{- else }} + serviceName: {{ $fullName }}-media + servicePort: {{ .Values.serviceMedia.port }} + {{- end }} + {{- end }} + {{- range .Values.ingressMedia.hosts }} + - host: {{ . | quote }} + http: + paths: + - path: {{ $.Values.ingressMedia.path | quote }} + {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} + pathType: ImplementationSpecific + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }}-media + port: + number: {{ .Values.serviceMedia.port }} + {{- else }} + serviceName: {{ $fullName }}-media + servicePort: {{ .Values.serviceMedia.port }} + {{- end }} + {{- end }} +{{- end }} diff --git a/src/helm/impress/templates/ingress_ws.yaml b/src/helm/impress/templates/ingress_ws.yaml new file mode 100644 index 00000000..363c9439 --- /dev/null +++ b/src/helm/impress/templates/ingress_ws.yaml @@ -0,0 +1,72 @@ +{{- if .Values.ingressWS.enabled -}} +{{- $fullName := include "impress.fullname" . -}} +{{- if and .Values.ingressWS.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingressWS.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingressWS.annotations "kubernetes.io/ingress.class" .Values.ingressWS.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }}-ws + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "impress.labels" . | nindent 4 }} + {{- with .Values.ingressWS.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingressWS.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingressWS.className }} + {{- end }} + {{- if .Values.ingressWS.tls.enabled }} + tls: + {{- if .Values.ingressWS.host }} + - secretName: {{ $fullName }}-tls + hosts: + - {{ .Values.ingressWS.host | quote }} + {{- end }} + {{- range .Values.ingressWS.tls.additional }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- if .Values.ingressWS.host }} + - host: {{ .Values.ingressWS.host | quote }} + http: + paths: + - path: {{ .Values.ingressWS.path | quote }} + {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} + pathType: ImplementationSpecific + {{- end }} + backend: + service: + name: {{ include "impress.yProvider.fullname" . }} + port: + number: {{ .Values.yProvider.service.port }} + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ include "impress.yProvider.fullname" . }} + port: + number: {{ .Values.yProvider.service.port }} + {{- else }} + serviceName: {{ include "impress.yProvider.fullname" . }} + servicePort: {{ .Values.yProvider.service.port }} + {{- end }} + {{- with .Values.ingressWS.customBackends }} + {{- toYaml . | nindent 10 }} + {{- end }} + {{- end }} +{{- end }} + diff --git a/src/helm/impress/templates/media_svc.yaml b/src/helm/impress/templates/media_svc.yaml new file mode 100644 index 00000000..dc7bf035 --- /dev/null +++ b/src/helm/impress/templates/media_svc.yaml @@ -0,0 +1,14 @@ +{{- $fullName := include "impress.fullname" . -}} +{{- $component := "media" -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ $fullName }}-media + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "impress.common.labels" (list . $component) | nindent 4 }} + annotations: + {{- toYaml $.Values.serviceMedia.annotations | nindent 4 }} +spec: + type: ExternalName + externalName: {{ $.Values.serviceMedia.host }} diff --git a/src/helm/impress/templates/secrets.yaml b/src/helm/impress/templates/secrets.yaml new file mode 100644 index 00000000..c308fca8 --- /dev/null +++ b/src/helm/impress/templates/secrets.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Secret +metadata: + name: backend + namespace: {{ .Release.Namespace | quote }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": before-hook-creation +stringData: + DJANGO_SUPERUSER_EMAIL: {{ .Values.djangoSuperUserEmail }} + DJANGO_SUPERUSER_PASSWORD: {{ .Values.djangoSuperUserPass }} + DJANGO_SECRET_KEY: {{ .Values.djangoSecretKey }} +{{- if .Values.djangoEmailHostUser }} + DJANGO_EMAIL_HOST_USER: {{ .Values.djangoEmailHostUser }} +{{- end }} +{{- if .Values.djangoEmailHostPassword }} + DJANGO_EMAIL_HOST_PASSWORD: {{ .Values.djangoEmailHostPassword }} +{{- end }} + OIDC_RP_CLIENT_ID: {{ .Values.oidc.clientId }} + OIDC_RP_CLIENT_SECRET: {{ .Values.oidc.clientSecret }} + AI_API_KEY: {{ .Values.aiApiKey }} + AI_BASE_URL: {{ .Values.aiBaseUrl }} diff --git a/src/helm/impress/templates/yprovider_deployment.yaml b/src/helm/impress/templates/yprovider_deployment.yaml new file mode 100644 index 00000000..f54c7f16 --- /dev/null +++ b/src/helm/impress/templates/yprovider_deployment.yaml @@ -0,0 +1,136 @@ +{{- $envVars := include "impress.common.env" (list . .Values.yProvider) -}} +{{- $fullName := include "impress.yProvider.fullname" . -}} +{{- $component := "yProvider" -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ $fullName }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "impress.common.labels" (list . $component) | nindent 4 }} +spec: + replicas: {{ .Values.yProvider.replicas }} + selector: + matchLabels: + {{- include "impress.common.selectorLabels" (list . $component) | nindent 6 }} + template: + metadata: + annotations: + {{- with .Values.yProvider.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "impress.common.selectorLabels" (list . $component) | nindent 8 }} + spec: + {{- if $.Values.image.credentials }} + imagePullSecrets: + - name: {{ include "impress.secret.dockerconfigjson.name" (dict "fullname" (include "impress.fullname" .) "imageCredentials" $.Values.image.credentials) }} + {{- end}} + shareProcessNamespace: {{ .Values.yProvider.shareProcessNamespace }} + containers: + {{- with .Values.yProvider.sidecars }} + {{- toYaml . | nindent 8 }} + {{- end }} + - name: {{ .Chart.Name }} + image: "{{ (.Values.yProvider.image | default dict).repository | default .Values.image.repository }}:{{ (.Values.yProvider.image | default dict).tag | default .Values.image.tag }}" + imagePullPolicy: {{ (.Values.yProvider.image | default dict).pullPolicy | default .Values.image.pullPolicy }} + {{- with .Values.yProvider.command }} + command: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.yProvider.args }} + args: + {{- toYaml . | nindent 12 }} + {{- end }} + env: + {{- if $envVars}} + {{- $envVars | indent 12 }} + {{- end }} + {{- with .Values.yProvider.securityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.yProvider.service.targetPort }} + protocol: TCP + {{- if .Values.yProvider.probes.liveness }} + livenessProbe: + {{- include "impress.probes.abstract" (merge .Values.yProvider.probes.liveness (dict "targetPort" .Values.yProvider.service.targetPort )) | nindent 12 }} + {{- end }} + {{- if .Values.yProvider.probes.readiness }} + readinessProbe: + {{- include "impress.probes.abstract" (merge .Values.yProvider.probes.readiness (dict "targetPort" .Values.yProvider.service.targetPort )) | nindent 12 }} + {{- end }} + {{- if .Values.yProvider.probes.startup }} + startupProbe: + {{- include "impress.probes.abstract" (merge .Values.yProvider.probes.startup (dict "targetPort" .Values.yProvider.service.targetPort )) | nindent 12 }} + {{- end }} + {{- with .Values.yProvider.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + {{- range $index, $value := .Values.mountFiles }} + - name: "files-{{ $index }}" + mountPath: {{ $value.path }} + subPath: content + {{- end }} + {{- range $name, $volume := .Values.yProvider.persistence }} + - name: "{{ $name }}" + mountPath: "{{ $volume.mountPath }}" + {{- end }} + {{- range .Values.yProvider.extraVolumeMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath | default "" }} + readOnly: {{ .readOnly }} + {{- end }} + {{- with .Values.yProvider.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.yProvider.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.yProvider.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + {{- range $index, $value := .Values.mountFiles }} + - name: "files-{{ $index }}" + configMap: + name: "{{ include "impress.fullname" $ }}-files-{{ $index }}" + {{- end }} + {{- range $name, $volume := .Values.yProvider.persistence }} + - name: "{{ $name }}" + {{- if eq $volume.type "emptyDir" }} + emptyDir: {} + {{- else }} + persistentVolumeClaim: + claimName: "{{ $fullName }}-{{ $name }}" + {{- end }} + {{- end }} + {{- range .Values.yProvider.extraVolumes }} + - name: {{ .name }} + {{- if .existingClaim }} + persistentVolumeClaim: + claimName: {{ .existingClaim }} + {{- else if .hostPath }} + hostPath: + {{ toYaml .hostPath | nindent 12 }} + {{- else if .csi }} + csi: + {{- toYaml .csi | nindent 12 }} + {{- else if .configMap }} + configMap: + {{- toYaml .configMap | nindent 12 }} + {{- else if .emptyDir }} + emptyDir: + {{- toYaml .emptyDir | nindent 12 }} + {{- else }} + emptyDir: {} + {{- end }} + {{- end }} diff --git a/src/helm/impress/templates/yprovider_svc.yaml b/src/helm/impress/templates/yprovider_svc.yaml new file mode 100644 index 00000000..4b2e7d6b --- /dev/null +++ b/src/helm/impress/templates/yprovider_svc.yaml @@ -0,0 +1,21 @@ +{{- $envVars := include "impress.common.env" (list . .Values.yProvider) -}} +{{- $fullName := include "impress.yProvider.fullname" . -}} +{{- $component := "yProvider" -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ $fullName }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "impress.common.labels" (list . $component) | nindent 4 }} + annotations: + {{- toYaml $.Values.yProvider.service.annotations | nindent 4 }} +spec: + type: {{ .Values.yProvider.service.type }} + ports: + - port: {{ .Values.yProvider.service.port }} + targetPort: {{ .Values.yProvider.service.targetPort }} + protocol: TCP + name: http + selector: + {{- include "impress.common.selectorLabels" (list . $component) | nindent 4 }} diff --git a/src/helm/impress/values.yaml b/src/helm/impress/values.yaml new file mode 100644 index 00000000..0a27ed26 --- /dev/null +++ b/src/helm/impress/values.yaml @@ -0,0 +1,415 @@ +# Default values for impress. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +## @section General configuration + +## @param image.repository Repository to use to pull impress's container image +## @param image.tag impress's container tag +## @param image.pullPolicy Container image pull policy +## @extra image.credentials.username Username for container registry authentication +## @extra image.credentials.password Password for container registry authentication +## @extra image.credentials.registry Registry url for which the credentials are specified +## @extra image.credentials.name Name of the generated secret for imagePullSecrets +image: + repository: lasuite/impress-backend + pullPolicy: IfNotPresent + tag: "latest" + +## @param nameOverride Override the chart name +## @param fullnameOverride Override the full application name +nameOverride: "" +fullnameOverride: "" + +## @skip commonEnvVars +commonEnvVars: &commonEnvVars + <<: [] + +## @param ingress.enabled whether to enable the Ingress or not +## @param ingress.className IngressClass to use for the Ingress +## @param ingress.host Host for the Ingress +## @param ingress.path Path to use for the Ingress +ingress: + enabled: false + className: null + host: impress.example.com + path: / + ## @param ingress.hosts Additional host to configure for the Ingress + hosts: [] + # - chart-example.local + ## @param ingress.tls.enabled Wether to enable TLS for the Ingress + ## @skip ingress.tls.additional + ## @extra ingress.tls.additional[].secretName Secret name for additional TLS config + ## @extra ingress.tls.additional[].hosts[] Hosts for additional TLS config + tls: + enabled: true + additional: [] + + ## @param ingress.customBackends Add custom backends to ingress + customBackends: [] + +## @param ingressWS.enabled whether to enable the Ingress or not +## @param ingressWS.className IngressClass to use for the Ingress +## @param ingressWS.host Host for the Ingress +## @param ingressWS.path Path to use for the Ingress +ingressWS: + enabled: false + className: null + host: impress.example.com + path: /ws + ## @param ingress.hosts Additional host to configure for the Ingress + hosts: [] + # - chart-example.local + ## @param ingressWS.tls.enabled Wether to enable TLS for the Ingress + ## @skip ingressWS.tls.additional + ## @extra ingressWS.tls.additional[].secretName Secret name for additional TLS config + ## @extra ingressWS.tls.additional[].hosts[] Hosts for additional TLS config + tls: + enabled: true + additional: [] + + ## @param ingressWS.customBackends Add custom backends to ingress + customBackends: [] + + annotations: + nginx.ingress.kubernetes.io/enable-websocket: "true" + nginx.ingress.kubernetes.io/upstream-hash-by: "$request_uri" + +## @param ingressAdmin.enabled whether to enable the Ingress or not +## @param ingressAdmin.className IngressClass to use for the Ingress +## @param ingressAdmin.host Host for the Ingress +## @param ingressAdmin.path Path to use for the Ingress +ingressAdmin: + enabled: false + className: null + host: impress.example.com + path: /admin + ## @param ingressAdmin.hosts Additional host to configure for the Ingress + hosts: [ ] + # - chart-example.local + ## @param ingressAdmin.tls.enabled Wether to enable TLS for the Ingress + ## @skip ingressAdmin.tls.additional + ## @extra ingressAdmin.tls.additional[].secretName Secret name for additional TLS config + ## @extra ingressAdmin.tls.additional[].hosts[] Hosts for additional TLS config + tls: + enabled: true + additional: [] + +## @param ingressMedia.enabled whether to enable the Ingress or not +## @param ingressMedia.className IngressClass to use for the Ingress +## @param ingressMedia.host Host for the Ingress +## @param ingressMedia.path Path to use for the Ingress +ingressMedia: + enabled: false + className: null + host: impress.example.com + path: /media/(.*) + ## @param ingressMedia.hosts Additional host to configure for the Ingress + hosts: [ ] + # - chart-example.local + ## @param ingressMedia.tls.enabled Wether to enable TLS for the Ingress + ## @skip ingressMedia.tls.additional + ## @extra ingressMedia.tls.additional[].secretName Secret name for additional TLS config + ## @extra ingressMedia.tls.additional[].hosts[] Hosts for additional TLS config + tls: + enabled: true + additional: [] + + annotations: + nginx.ingress.kubernetes.io/auth-url: https://impress.example.com/api/v1.0/documents/retrieve-auth/ + nginx.ingress.kubernetes.io/auth-response-headers: "Authorization, X-Amz-Date, X-Amz-Content-SHA256" + nginx.ingress.kubernetes.io/upstream-vhost: minio.impress.svc.cluster.local:9000 + +serviceMedia: + host: minio.impress.svc.cluster.local + port: 9000 + annotations: {} + + +## @section backend + +backend: + + ## @param backend.command Override the backend container command + command: [] + + ## @param backend.args Override the backend container args + args: [] + + ## @param backend.replicas Amount of backend replicas + replicas: 3 + + ## @param backend.shareProcessNamespace Enable share process namespace between containers + shareProcessNamespace: false + + ## @param backend.sidecars Add sidecars containers to backend deployment + sidecars: [] + + ## @param backend.migrateJobAnnotations Annotations for the migrate job + migrateJobAnnotations: {} + + ## @param backend.securityContext Configure backend Pod security context + securityContext: null + + ## @param backend.envVars Configure backend container environment variables + ## @extra backend.envVars.BY_VALUE Example environment variable by setting value directly + ## @extra backend.envVars.FROM_CONFIGMAP.configMapKeyRef.name Name of a ConfigMap when configuring env vars from a ConfigMap + ## @extra backend.envVars.FROM_CONFIGMAP.configMapKeyRef.key Key within a ConfigMap when configuring env vars from a ConfigMap + ## @extra backend.envVars.FROM_SECRET.secretKeyRef.name Name of a Secret when configuring env vars from a Secret + ## @extra backend.envVars.FROM_SECRET.secretKeyRef.key Key within a Secret when configuring env vars from a Secret + ## @skip backend.envVars + envVars: + <<: *commonEnvVars + + ## @param backend.podAnnotations Annotations to add to the backend Pod + podAnnotations: {} + + ## @param backend.service.type backend Service type + ## @param backend.service.port backend Service listening port + ## @param backend.service.targetPort backend container listening port + ## @param backend.service.annotations Annotations to add to the backend Service + service: + type: ClusterIP + port: 80 + targetPort: 8000 + annotations: {} + + ## @param backend.migrate.command backend migrate command + ## @param backend.migrate.restartPolicy backend migrate job restart policy + migrate: + command: + - "python" + - "manage.py" + - "migrate" + - "--no-input" + restartPolicy: Never + + ## @param backend.probes.liveness.path [nullable] Configure path for backend HTTP liveness probe + ## @param backend.probes.liveness.targetPort [nullable] Configure port for backend HTTP liveness probe + ## @param backend.probes.liveness.initialDelaySeconds [nullable] Configure initial delay for backend liveness probe + ## @param backend.probes.liveness.initialDelaySeconds [nullable] Configure timeout for backend liveness probe + ## @param backend.probes.startup.path [nullable] Configure path for backend HTTP startup probe + ## @param backend.probes.startup.targetPort [nullable] Configure port for backend HTTP startup probe + ## @param backend.probes.startup.initialDelaySeconds [nullable] Configure initial delay for backend startup probe + ## @param backend.probes.startup.initialDelaySeconds [nullable] Configure timeout for backend startup probe + ## @param backend.probes.readiness.path [nullable] Configure path for backend HTTP readiness probe + ## @param backend.probes.readiness.targetPort [nullable] Configure port for backend HTTP readiness probe + ## @param backend.probes.readiness.initialDelaySeconds [nullable] Configure initial delay for backend readiness probe + ## @param backend.probes.readiness.initialDelaySeconds [nullable] Configure timeout for backend readiness probe + probes: + liveness: + path: /__heartbeat__ + initialDelaySeconds: 10 + readiness: + path: /__lbheartbeat__ + initialDelaySeconds: 10 + + ## @param backend.resources Resource requirements for the backend container + resources: {} + + ## @param backend.nodeSelector Node selector for the backend Pod + nodeSelector: {} + + ## @param backend.tolerations Tolerations for the backend Pod + tolerations: [] + + ## @param backend.affinity Affinity for the backend Pod + affinity: {} + + ## @param backend.persistence Additional volumes to create and mount on the backend. Used for debugging purposes + ## @extra backend.persistence.volume-name.size Size of the additional volume + ## @extra backend.persistence.volume-name.type Type of the additional volume, persistentVolumeClaim or emptyDir + ## @extra backend.persistence.volume-name.mountPath Path where the volume should be mounted to + persistence: {} + + ## @param backend.extraVolumeMounts Additional volumes to mount on the backend. + extraVolumeMounts: [] + + ## @param backend.extraVolumes Additional volumes to mount on the backend. + extraVolumes: [] + + +## @section frontend + +frontend: + ## @param frontend.image.repository Repository to use to pull impress's frontend container image + ## @param frontend.image.tag impress's frontend container tag + ## @param frontend.image.pullPolicy frontend container image pull policy + image: + repository: lasuite/impress-frontend + pullPolicy: IfNotPresent + tag: "latest" + + ## @param frontend.command Override the frontend container command + command: [] + + ## @param frontend.args Override the frontend container args + args: [] + + ## @param frontend.replicas Amount of frontend replicas + replicas: 3 + + ## @param frontend.shareProcessNamespace Enable share process namefrontend between containers + shareProcessNamespace: false + + ## @param frontend.sidecars Add sidecars containers to frontend deployment + sidecars: [] + + ## @param frontend.securityContext Configure frontend Pod security context + securityContext: null + + ## @param frontend.envVars Configure frontend container environment variables + ## @extra frontend.envVars.BY_VALUE Example environment variable by setting value directly + ## @extra frontend.envVars.FROM_CONFIGMAP.configMapKeyRef.name Name of a ConfigMap when configuring env vars from a ConfigMap + ## @extra frontend.envVars.FROM_CONFIGMAP.configMapKeyRef.key Key within a ConfigMap when configuring env vars from a ConfigMap + ## @extra frontend.envVars.FROM_SECRET.secretKeyRef.name Name of a Secret when configuring env vars from a Secret + ## @extra frontend.envVars.FROM_SECRET.secretKeyRef.key Key within a Secret when configuring env vars from a Secret + ## @skip frontend.envVars + envVars: + <<: *commonEnvVars + + ## @param frontend.podAnnotations Annotations to add to the frontend Pod + podAnnotations: {} + + ## @param frontend.service.type frontend Service type + ## @param frontend.service.port frontend Service listening port + ## @param frontend.service.targetPort frontend container listening port + ## @param frontend.service.annotations Annotations to add to the frontend Service + service: + type: ClusterIP + port: 80 + targetPort: 8080 + annotations: {} + + ## @param frontend.probes Configure probe for frontend + ## @extra frontend.probes.liveness.path Configure path for frontend HTTP liveness probe + ## @extra frontend.probes.liveness.targetPort Configure port for frontend HTTP liveness probe + ## @extra frontend.probes.liveness.initialDelaySeconds Configure initial delay for frontend liveness probe + ## @extra frontend.probes.liveness.initialDelaySeconds Configure timeout for frontend liveness probe + ## @extra frontend.probes.startup.path Configure path for frontend HTTP startup probe + ## @extra frontend.probes.startup.targetPort Configure port for frontend HTTP startup probe + ## @extra frontend.probes.startup.initialDelaySeconds Configure initial delay for frontend startup probe + ## @extra frontend.probes.startup.initialDelaySeconds Configure timeout for frontend startup probe + ## @extra frontend.probes.readiness.path Configure path for frontend HTTP readiness probe + ## @extra frontend.probes.readiness.targetPort Configure port for frontend HTTP readiness probe + ## @extra frontend.probes.readiness.initialDelaySeconds Configure initial delay for frontend readiness probe + ## @extra frontend.probes.readiness.initialDelaySeconds Configure timeout for frontend readiness probe + probes: {} + + ## @param frontend.resources Resource requirements for the frontend container + resources: {} + + ## @param frontend.nodeSelector Node selector for the frontend Pod + nodeSelector: {} + + ## @param frontend.tolerations Tolerations for the frontend Pod + tolerations: [] + + ## @param frontend.affinity Affinity for the frontend Pod + affinity: {} + + ## @param frontend.persistence Additional volumes to create and mount on the frontend. Used for debugging purposes + ## @extra frontend.persistence.volume-name.size Size of the additional volume + ## @extra frontend.persistence.volume-name.type Type of the additional volume, persistentVolumeClaim or emptyDir + ## @extra frontend.persistence.volume-name.mountPath Path where the volume should be mounted to + persistence: {} + + ## @param frontend.extraVolumeMounts Additional volumes to mount on the frontend. + extraVolumeMounts: [] + + ## @param frontend.extraVolumes Additional volumes to mount on the frontend. + extraVolumes: [] + +## @section yProvider + +yProvider: + ## @param yProvider.image.repository Repository to use to pull impress's yProvider container image + ## @param yProvider.image.tag impress's yProvider container tag + ## @param yProvider.image.pullPolicy yProvider container image pull policy + image: + repository: lasuite/impress-y-provider + pullPolicy: IfNotPresent + tag: "latest" + + ## @param yProvider.command Override the yProvider container command + command: [] + + ## @param yProvider.args Override the yProvider container args + args: [] + + ## @param yProvider.replicas Amount of yProvider replicas + replicas: 3 + + ## @param yProvider.shareProcessNamespace Enable share process nameyProvider between containers + shareProcessNamespace: false + + ## @param yProvider.sidecars Add sidecars containers to yProvider deployment + sidecars: [] + + ## @param yProvider.securityContext Configure yProvider Pod security context + securityContext: null + + ## @param yProvider.envVars Configure yProvider container environment variables + ## @extra yProvider.envVars.BY_VALUE Example environment variable by setting value directly + ## @extra yProvider.envVars.FROM_CONFIGMAP.configMapKeyRef.name Name of a ConfigMap when configuring env vars from a ConfigMap + ## @extra yProvider.envVars.FROM_CONFIGMAP.configMapKeyRef.key Key within a ConfigMap when configuring env vars from a ConfigMap + ## @extra yProvider.envVars.FROM_SECRET.secretKeyRef.name Name of a Secret when configuring env vars from a Secret + ## @extra yProvider.envVars.FROM_SECRET.secretKeyRef.key Key within a Secret when configuring env vars from a Secret + ## @skip yProvider.envVars + envVars: + <<: *commonEnvVars + + ## @param yProvider.podAnnotations Annotations to add to the yProvider Pod + podAnnotations: {} + + ## @param yProvider.service.type yProvider Service type + ## @param yProvider.service.port yProvider Service listening port + ## @param yProvider.service.targetPort yProvider container listening port + ## @param yProvider.service.annotations Annotations to add to the yProvider Service + service: + type: ClusterIP + port: 443 + targetPort: 4444 + annotations: {} + + ## @param yProvider.probes Configure probe for yProvider + ## @extra yProvider.probes.liveness.path Configure path for yProvider HTTP liveness probe + ## @extra yProvider.probes.liveness.targetPort Configure port for yProvider HTTP liveness probe + ## @extra yProvider.probes.liveness.initialDelaySeconds Configure initial delay for yProvider liveness probe + ## @extra yProvider.probes.liveness.initialDelaySeconds Configure timeout for yProvider liveness probe + ## @extra yProvider.probes.startup.path Configure path for yProvider HTTP startup probe + ## @extra yProvider.probes.startup.targetPort Configure port for yProvider HTTP startup probe + ## @extra yProvider.probes.startup.initialDelaySeconds Configure initial delay for yProvider startup probe + ## @extra yProvider.probes.startup.initialDelaySeconds Configure timeout for yProvider startup probe + ## @extra yProvider.probes.readiness.path Configure path for yProvider HTTP readiness probe + ## @extra yProvider.probes.readiness.targetPort Configure port for yProvider HTTP readiness probe + ## @extra yProvider.probes.readiness.initialDelaySeconds Configure initial delay for yProvider readiness probe + ## @extra yProvider.probes.readiness.initialDelaySeconds Configure timeout for yProvider readiness probe + probes: + liveness: + path: /ping + initialDelaySeconds: 10 + + ## @param yProvider.resources Resource requirements for the yProvider container + resources: {} + + ## @param yProvider.nodeSelector Node selector for the yProvider Pod + nodeSelector: {} + + ## @param yProvider.tolerations Tolerations for the yProvider Pod + tolerations: [] + + ## @param yProvider.affinity Affinity for the yProvider Pod + affinity: {} + + ## @param yProvider.persistence Additional volumes to create and mount on the yProvider. Used for debugging purposes + ## @extra yProvider.persistence.volume-name.size Size of the additional volume + ## @extra yProvider.persistence.volume-name.type Type of the additional volume, persistentVolumeClaim or emptyDir + ## @extra yProvider.persistence.volume-name.mountPath Path where the volume should be mounted to + persistence: {} + + ## @param yProvider.extraVolumeMounts Additional volumes to mount on the yProvider. + extraVolumeMounts: [] + + ## @param yProvider.extraVolumes Additional volumes to mount on the yProvider. + extraVolumes: [] \ No newline at end of file