🧑‍💻(tilt) add dimail

This adds dimail to the tilt kube deployment

Makefile

@@ -354,10 +354,18 @@ start-kind: ## Create the kubernetes cluster
 	./bin/start-kind.sh
 .PHONY: start-kind
 
+install-external-secrets: ## install the kubernetes secrets from Vaultwarden
+	./bin/install-external-secrets.sh
+.PHONY: build-k8s-cluster
+
 tilt-up: ## start tilt - k8s local development
 	tilt up -f ./bin/Tiltfile
 .PHONY: tilt-up
 
+start-tilt-keycloak: ## start the kubernetes cluster using kind, without Pro Connect for authentication, use keycloak
+	DEV_ENV=dev-keycloak tilt up -f ./bin/Tiltfile
+.PHONY: build-k8s-cluster
+
 release:  ## helper for release and deployment
 	python scripts/release.py
 .PHONY: release

bin/Tiltfile

@@ -29,7 +29,9 @@ docker_build(
     ]
 )
 
-k8s_yaml(local('cd ../src/helm && helmfile -n desk -e ${DEV_ENV:-dev} template .'))
+# helmfile in docker mount the current working directory and the helmfile.yaml
+# requires the keycloak config in another directory
+k8s_yaml(local('cd .. && helmfile -n desk -e ${DEV_ENV:-dev} template --file ./src/helm/helmfile.yaml'))
 
 migration = '''
 set -eu

docs/local_development_kube.md

@@ -89,6 +89,14 @@ Run the following command to create a kubernetes cluster using kind:
 make start-kind
 ```
 
+### [Optional] Install the secret
+
+You don't need to do this if you are running the stack with keycloak.
+
+```bash
+make install-external-secrets
+```
+
 ### Deploy the application
 
 ```bash
@@ -102,7 +110,11 @@ DEV_ENV=dev-keycloak tilt up -f ./bin/Tiltfile
 **or** run the equivalent using the makefile
 
 ```bash
+# Pro Connect environment
 make tilt-up
+
+# Standalone environment with keycloak
+make tilt-up-keycloak
 ```
 
 That's it! You should now have a local development environment for Kubernetes.

src/helm/dimail/Chart.yaml

@@ -0,0 +1,5 @@
+apiVersion: v2
+name: dimail
+description: A Helm chart for deploying dimail
+type: application
+version: 0.1.0

src/helm/dimail/templates/deployment.yaml

@@ -0,0 +1,27 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: dimail
+  labels:
+    app: dimail
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: dimail
+  template:
+    metadata:
+      labels:
+        app: dimail
+    spec:
+      containers:
+        - name: dimail
+          command: ["/bin/sh", "-c", "/opt/dimail-api/start-dev.sh"]
+          image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
+          ports:
+            - containerPort: 8000
+          env:
+            - name: DIMAIL_MODE
+              value: FAKE
+            - name: DIMAIL_JWT_SECRET
+              value: fake_jwt_secret

src/helm/dimail/templates/ingress.yaml

@@ -0,0 +1,20 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: dimail
+  labels:
+    app: dimail
+  annotations:
+    nginx.ingress.kubernetes.io/rewrite-target: /
+spec:
+  rules:
+    - host: dimail.127.0.0.1.nip.io
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: dimail
+                port:
+                  number: 8000

src/helm/dimail/templates/service.yaml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: dimail
+  labels:
+    app: dimail
+spec:
+  type: ClusterIP
+  ports:
+    - port: 8000
+      targetPort: 8000
+      protocol: TCP
+      name: http
+  selector:
+    app: dimail

src/helm/dimail/values.yaml

@@ -0,0 +1,18 @@
+replicaCount: 1
+
+image:
+  repository: registry.mim-libre.fr/dimail/dimail-api
+  tag: v0.0.13
+  pullPolicy: Always
+
+service:
+  type: ClusterIP
+  port: 8000
+
+ingress:
+  enabled: true
+  hostname: dimail.127.0.0.1.nip.io
+
+env:
+  DIMAIL_MODE: FAKE
+  DIMAIL_JWT_SECRET: fake_jwt_secret

src/helm/env.d/dev/values.desk.yaml.gotmpl

@@ -65,7 +65,7 @@ backend:
     POSTGRES_PASSWORD: pass
     REDIS_URL: redis://default:pass@redis-master:6379/1
     WEBMAIL_URL: "https://onestendev.yapasdewebmail.fr"
-    MAIL_PROVISIONING_API_URL: "http://dimail:8000"
+    MAIL_PROVISIONING_API_URL: "http://dimail.127.0.0.1.nip.io"
     MAIL_PROVISIONING_API_CREDENTIALS:
       secretKeyRef:
         name: backend

src/helm/helmfile.yaml

@@ -49,7 +49,7 @@ releases:
           metadata:
             name: desk-keycloak
           data:
-            meet.json: |
+            desk.json: |
 {{ readFile "../../docker/auth/realm.json" | replace "http://localhost:3200" "https://desk.127.0.0.1.nip.io" | indent 14 }}
 
   - name: postgres
@@ -78,6 +78,12 @@ releases:
           password: pass
         architecture: standalone
 
+  - name: dimail
+    installed: {{ eq .Environment.Name "dev" | toYaml }}
+    missingFileHandler: Warn
+    namespace: {{ .Namespace }}
+    chart: ./dimail
+
   - name: desk
     installed: {{ regexMatch "^dev.*" .Environment.Name | toYaml }}
     missingFileHandler: Warn