diff --git a/Makefile b/Makefile index 5e1bf62..0178bec 100644 --- a/Makefile +++ b/Makefile @@ -354,10 +354,18 @@ start-kind: ## Create the kubernetes cluster ./bin/start-kind.sh .PHONY: start-kind +install-external-secrets: ## install the kubernetes secrets from Vaultwarden + ./bin/install-external-secrets.sh +.PHONY: build-k8s-cluster + tilt-up: ## start tilt - k8s local development tilt up -f ./bin/Tiltfile .PHONY: tilt-up +start-tilt-keycloak: ## start the kubernetes cluster using kind, without Pro Connect for authentication, use keycloak + DEV_ENV=dev-keycloak tilt up -f ./bin/Tiltfile +.PHONY: build-k8s-cluster + release: ## helper for release and deployment python scripts/release.py .PHONY: release diff --git a/bin/Tiltfile b/bin/Tiltfile index abef0b9..ce03263 100644 --- a/bin/Tiltfile +++ b/bin/Tiltfile @@ -29,7 +29,9 @@ docker_build( ] ) -k8s_yaml(local('cd ../src/helm && helmfile -n desk -e ${DEV_ENV:-dev} template .')) +# helmfile in docker mount the current working directory and the helmfile.yaml +# requires the keycloak config in another directory +k8s_yaml(local('cd .. && helmfile -n desk -e ${DEV_ENV:-dev} template --file ./src/helm/helmfile.yaml')) migration = ''' set -eu diff --git a/docs/local_development_kube.md b/docs/local_development_kube.md index c5b8f99..c728604 100644 --- a/docs/local_development_kube.md +++ b/docs/local_development_kube.md @@ -89,6 +89,14 @@ Run the following command to create a kubernetes cluster using kind: make start-kind ``` +### [Optional] Install the secret + +You don't need to do this if you are running the stack with keycloak. + +```bash +make install-external-secrets +``` + ### Deploy the application ```bash @@ -102,7 +110,11 @@ DEV_ENV=dev-keycloak tilt up -f ./bin/Tiltfile **or** run the equivalent using the makefile ```bash +# Pro Connect environment make tilt-up + +# Standalone environment with keycloak +make tilt-up-keycloak ``` That's it! You should now have a local development environment for Kubernetes. diff --git a/src/helm/dimail/Chart.yaml b/src/helm/dimail/Chart.yaml new file mode 100644 index 0000000..7413cd1 --- /dev/null +++ b/src/helm/dimail/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v2 +name: dimail +description: A Helm chart for deploying dimail +type: application +version: 0.1.0 diff --git a/src/helm/dimail/templates/deployment.yaml b/src/helm/dimail/templates/deployment.yaml new file mode 100644 index 0000000..74f0011 --- /dev/null +++ b/src/helm/dimail/templates/deployment.yaml @@ -0,0 +1,27 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dimail + labels: + app: dimail +spec: + replicas: 1 + selector: + matchLabels: + app: dimail + template: + metadata: + labels: + app: dimail + spec: + containers: + - name: dimail + command: ["/bin/sh", "-c", "/opt/dimail-api/start-dev.sh"] + image: {{ .Values.image.repository }}:{{ .Values.image.tag }} + ports: + - containerPort: 8000 + env: + - name: DIMAIL_MODE + value: FAKE + - name: DIMAIL_JWT_SECRET + value: fake_jwt_secret diff --git a/src/helm/dimail/templates/ingress.yaml b/src/helm/dimail/templates/ingress.yaml new file mode 100644 index 0000000..7b07edc --- /dev/null +++ b/src/helm/dimail/templates/ingress.yaml @@ -0,0 +1,20 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: dimail + labels: + app: dimail + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / +spec: + rules: + - host: dimail.127.0.0.1.nip.io + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: dimail + port: + number: 8000 diff --git a/src/helm/dimail/templates/service.yaml b/src/helm/dimail/templates/service.yaml new file mode 100644 index 0000000..14b371b --- /dev/null +++ b/src/helm/dimail/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: dimail + labels: + app: dimail +spec: + type: ClusterIP + ports: + - port: 8000 + targetPort: 8000 + protocol: TCP + name: http + selector: + app: dimail diff --git a/src/helm/dimail/values.yaml b/src/helm/dimail/values.yaml new file mode 100644 index 0000000..44ec749 --- /dev/null +++ b/src/helm/dimail/values.yaml @@ -0,0 +1,18 @@ +replicaCount: 1 + +image: + repository: registry.mim-libre.fr/dimail/dimail-api + tag: v0.0.13 + pullPolicy: Always + +service: + type: ClusterIP + port: 8000 + +ingress: + enabled: true + hostname: dimail.127.0.0.1.nip.io + +env: + DIMAIL_MODE: FAKE + DIMAIL_JWT_SECRET: fake_jwt_secret diff --git a/src/helm/env.d/dev/values.desk.yaml.gotmpl b/src/helm/env.d/dev/values.desk.yaml.gotmpl index c14fdbd..0f6a56c 100644 --- a/src/helm/env.d/dev/values.desk.yaml.gotmpl +++ b/src/helm/env.d/dev/values.desk.yaml.gotmpl @@ -65,7 +65,7 @@ backend: POSTGRES_PASSWORD: pass REDIS_URL: redis://default:pass@redis-master:6379/1 WEBMAIL_URL: "https://onestendev.yapasdewebmail.fr" - MAIL_PROVISIONING_API_URL: "http://dimail:8000" + MAIL_PROVISIONING_API_URL: "http://dimail.127.0.0.1.nip.io" MAIL_PROVISIONING_API_CREDENTIALS: secretKeyRef: name: backend diff --git a/src/helm/helmfile.yaml b/src/helm/helmfile.yaml index 3e04b9a..4a7b313 100644 --- a/src/helm/helmfile.yaml +++ b/src/helm/helmfile.yaml @@ -49,7 +49,7 @@ releases: metadata: name: desk-keycloak data: - meet.json: | + desk.json: | {{ readFile "../../docker/auth/realm.json" | replace "http://localhost:3200" "https://desk.127.0.0.1.nip.io" | indent 14 }} - name: postgres @@ -78,6 +78,12 @@ releases: password: pass architecture: standalone + - name: dimail + installed: {{ eq .Environment.Name "dev" | toYaml }} + missingFileHandler: Warn + namespace: {{ .Namespace }} + chart: ./dimail + - name: desk installed: {{ regexMatch "^dev.*" .Environment.Name | toYaml }} missingFileHandler: Warn