From 82abc9b73d957c1210d8304681956c7e87ec33bb Mon Sep 17 00:00:00 2001 From: Maarten de Waard Date: Thu, 30 Sep 2021 16:03:54 +0200 Subject: [PATCH] add admin backend stuff --- deployment/helmchart/Chart.yaml | 3 +- deployment/helmchart/templates/_helpers.tpl | 46 ++- .../helmchart/templates/configmaps.yaml | 25 +- .../helmchart/templates/deployment.yaml | 118 ++++-- deployment/helmchart/templates/pvc.yaml | 4 +- .../templates/secrets-admin-panel.yaml | 23 ++ .../templates/secrets-discourse.yaml | 23 -- .../helmchart/templates/serviceaccount.yaml | 2 +- deployment/helmchart/values.yaml | 379 ++++++++++-------- 9 files changed, 362 insertions(+), 261 deletions(-) create mode 100644 deployment/helmchart/templates/secrets-admin-panel.yaml delete mode 100644 deployment/helmchart/templates/secrets-discourse.yaml diff --git a/deployment/helmchart/Chart.yaml b/deployment/helmchart/Chart.yaml index 74c365d..8fab06a 100644 --- a/deployment/helmchart/Chart.yaml +++ b/deployment/helmchart/Chart.yaml @@ -18,7 +18,8 @@ keywords: maintainers: - email: info@openappstack.net name: Stackspin -name: admin-frontend +name: admin-panel sources: - https://open.greenhost.net/openappstack/admin-frontend/ + - https://open.greenhost.net/openappstack/admin-backend/ version: 0.1.0 diff --git a/deployment/helmchart/templates/_helpers.tpl b/deployment/helmchart/templates/_helpers.tpl index f6dd8cd..8caf55a 100644 --- a/deployment/helmchart/templates/_helpers.tpl +++ b/deployment/helmchart/templates/_helpers.tpl @@ -2,7 +2,7 @@ {{/* Create the name of the service account to use */}} -{{- define "adminFrontend.serviceAccountName" -}} +{{- define "adminPanel.serviceAccountName" -}} {{- if .Values.serviceAccount.create -}} {{ default (include "common.names.fullname" .) .Values.serviceAccount.name }} {{- else -}} @@ -13,15 +13,15 @@ Create the name of the service account to use {{/* Return the proper Docker image registry secret names */}} -{{- define "adminFrontend.imagePullSecrets" -}} +{{- define "adminPanel.imagePullSecrets" -}} {{ include "common.images.pullSecrets" (dict "images" (list .Values.image) "global" .Values.global) }} {{- end -}} {{/* Return true if a secret object for Admin-frontend should be created */}} -{{- define "adminFrontend.createSecret" -}} -{{- if or (not .Values.adminFrontend.existingSecret) (and (not .Values.adminFrontend.smtp.existingSecret) .Values.adminFrontend.smtp.password .Values.adminFrontend.smtp.enabled) }} +{{- define "adminPanel.createSecret" -}} +{{- if or (not .Values.adminPanel.existingSecret) (and (not .Values.adminPanel.smtp.existingSecret) .Values.adminPanel.smtp.password .Values.adminPanel.smtp.enabled) }} {{- true -}} {{- end -}} {{- end -}} @@ -29,30 +29,30 @@ Return true if a secret object for Admin-frontend should be created {{/* Return the Admin-frontend secret name */}} -{{- define "adminFrontend.secretName" -}} -{{- if .Values.adminFrontend.existingSecret }} - {{- printf "%s" .Values.adminFrontend.existingSecret -}} +{{- define "adminPanel.secretName" -}} +{{- if .Values.adminPanel.existingSecret }} + {{- printf "%s" .Values.adminPanel.existingSecret -}} {{- else -}} - {{- printf "%s-adminFrontend" (include "common.names.fullname" .) -}} + {{- printf "%s-adminPanel" (include "common.names.fullname" .) -}} {{- end -}} {{- end -}} {{/* Return the Admin-frontend SMTP secret name */}} -{{- define "adminFrontend.smtp.secretName" -}} -{{- if .Values.adminFrontend.smtp.existingSecret }} - {{- printf "%s" .Values.adminFrontend.smtp.existingSecret -}} +{{- define "adminPanel.smtp.secretName" -}} +{{- if .Values.adminPanel.smtp.existingSecret }} + {{- printf "%s" .Values.adminPanel.smtp.existingSecret -}} {{- else -}} - {{- printf "%s-adminFrontend" (include "common.names.fullname" .) -}} + {{- printf "%s-adminPanel" (include "common.names.fullname" .) -}} {{- end -}} {{- end -}} {{/* Return true if Admin-frontend SMTP uses password authentication */}} -{{- define "adminFrontend.smtp.password.enabled" -}} -{{- if and (or .Values.adminFrontend.smtp.password .Values.adminFrontend.smtp.existingSecret) .Values.adminFrontend.smtp.enabled }} +{{- define "adminPanel.smtp.password.enabled" -}} +{{- if and (or .Values.adminPanel.smtp.password .Values.adminPanel.smtp.existingSecret) .Values.adminPanel.smtp.enabled }} {{- true -}} {{- end -}} {{- end -}} @@ -61,7 +61,7 @@ Return true if Admin-frontend SMTP uses password authentication Get the user defined LoadBalancerIP for this release Note, returns 127.0.0.1 if using ClusterIP. */}} -{{- define "adminFrontend.serviceIP" -}} +{{- define "adminPanel.serviceIP" -}} {{- if eq .Values.service.type "ClusterIP" -}} 127.0.0.1 {{- else -}} @@ -73,21 +73,27 @@ Note, returns 127.0.0.1 if using ClusterIP. Gets the host to be used for this application. If not using ClusterIP, or if a host or LoadBalancerIP is not defined, the value will be empty */}} -{{- define "adminFrontend.host" -}} -{{- $host := .Values.adminFrontend.host | default "" -}} -{{- default (include "adminFrontend.serviceIP" .) $host -}} +{{- define "adminPanel.host" -}} +{{- $host := .Values.adminPanel.host | default "" -}} +{{- default (include "adminPanel.serviceIP" .) $host -}} {{- end -}} {{/* Return the proper Admin-frontend image name */}} {{- define "adminFrontend.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }} +{{ include "common.images.image" (dict "imageRoot" .Values.adminFrontend.image "global" .Values.global) }} +{{- end -}} +{{/* +Return the proper Admin-backend image name +*/}} +{{- define "adminBackend.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.adminBackend.image "global" .Values.global) }} {{- end -}} {{/* Return the proper Storage Class */}} -{{- define "adminFrontend.storageClass" -}} +{{- define "adminPanel.storageClass" -}} {{- include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) -}} {{- end -}} diff --git a/deployment/helmchart/templates/configmaps.yaml b/deployment/helmchart/templates/configmaps.yaml index d854040..71fde30 100644 --- a/deployment/helmchart/templates/configmaps.yaml +++ b/deployment/helmchart/templates/configmaps.yaml @@ -11,22 +11,23 @@ metadata: {{- end }} data: {{- $port := .Values.service.port | toString }} - REACT_APP_API_URL: {{ .Values.adminFrontend.reactAppApiUrl }} + REACT_APP_API_URL: {{ .Values.adminBackend.host }}{{ .Values.adminBackend.ApiUrl }} EXTEND_ESLINT: {{ .Values.adminFrontend.extendEslint }} ADMIN_FRONTEND_HOST: "{{ include "adminFrontend.host" . }}" + ADMIN_BACKEND_HOST: "{{ include "adminBackend.host" . }}" # Probably needed in the future: - # ADMIN_FRONTEND_USERNAME: {{ .Values.adminFrontend.username | quote }} - # ADMIN_FRONTEND_EMAIL: {{ .Values.adminFrontend.email | quote }} - # {{- if .Values.adminFrontend.smtp.enabled }} - # ADMIN_FRONTEND_SMTP_HOST: {{ .Values.adminFrontend.smtp.host | quote }} - # ADMIN_FRONTEND_SMTP_PORT: {{ .Values.adminFrontend.smtp.port | quote }} - # {{- if .Values.adminFrontend.smtp.user }} - # ADMIN_FRONTEND_SMTP_USER: {{ .Values.adminFrontend.smtp.user | quote }} + # ADMIN_BACKEND_USERNAME: {{ .Values.adminBackend.username | quote }} + # ADMIN_BACKEND_EMAIL: {{ .Values.adminBackend.email | quote }} + # {{- if .Values.adminBackend.smtp.enabled }} + # ADMIN_BACKEND_SMTP_HOST: {{ .Values.adminBackend.smtp.host | quote }} + # ADMIN_BACKEND_SMTP_PORT: {{ .Values.adminBackend.smtp.port | quote }} + # {{- if .Values.adminBackend.smtp.user }} + # ADMIN_BACKEND_SMTP_USER: {{ .Values.adminBackend.smtp.user | quote }} # {{- end }} - # {{- if .Values.adminFrontend.smtp.protocol }} - # ADMIN_FRONTEND_SMTP_PROTOCOL: {{ .Values.adminFrontend.smtp.protocol | quote }} + # {{- if .Values.adminBackend.smtp.protocol }} + # ADMIN_BACKEND_SMTP_PROTOCOL: {{ .Values.adminBackend.smtp.protocol | quote }} # {{- end }} - # {{- if .Values.adminFrontend.smtp.auth }} - # ADMIN_FRONTEND_SMTP_AUTH: {{ .Values.adminFrontend.smtp.auth | quote }} + # {{- if .Values.adminBackend.smtp.auth }} + # ADMIN_BACKEND_SMTP_AUTH: {{ .Values.adminBackend.smtp.auth | quote }} # {{- end }} # {{- end }} diff --git a/deployment/helmchart/templates/deployment.yaml b/deployment/helmchart/templates/deployment.yaml index 4f9d32e..734e72e 100644 --- a/deployment/helmchart/templates/deployment.yaml +++ b/deployment/helmchart/templates/deployment.yaml @@ -1,10 +1,10 @@ -{{- if (include "adminFrontend.host" .) -}} +{{- if and (include "adminFrontend.host" .) (include "adminBackend.host" .) -}} apiVersion: {{ template "common.capabilities.deployment.apiVersion" . }} kind: Deployment metadata: name: {{ template "common.names.fullname" . }} labels: {{- include "common.labels.standard" . | nindent 4 }} - component: adminFrontend + component: adminPanel {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} @@ -15,14 +15,14 @@ spec: replicas: {{ .Values.replicaCount }} selector: matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }} - component: adminFrontend + component: adminPanel {{- if .Values.updateStrategy }} strategy: {{- toYaml .Values.updateStrategy | nindent 4 }} {{- end }} template: metadata: labels: {{- include "common.labels.standard" . | nindent 8 }} - component: adminFrontend + component: adminPanel {{- if .Values.podLabels }} {{- include "common.tplvalues.render" (dict "value" .Values.podLabels "context" $) | nindent 8 }} {{- end }} @@ -48,31 +48,12 @@ spec: {{- if .Values.tolerations }} tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" $) | nindent 8 }} {{- end }} - serviceAccountName: {{ include "adminFrontend.serviceAccountName" . }} + serviceAccountName: {{ include "adminPanel.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} initContainers: {{- if .Values.initContainers }} {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }} {{- end }} - {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }} - - name: volume-permissions - image: {{ include "adminFrontend.image" . }} - imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} - command: - - sh - - -c - - | - mkdir -p "/bitnami/adminFrontend" - chown -R "adminFrontend:root" "/bitnami/adminFrontend" - securityContext: - runAsUser: 0 - {{- if .Values.volumePermissions.resources }} - resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} - {{- end }} - volumeMounts: - - name: adminFrontend-data - mountPath: /bitnami/adminFrontend - {{- end }} containers: - name: adminFrontend securityContext: {{- toYaml .Values.adminFrontend.containerSecurityContext | nindent 12 }} @@ -85,18 +66,6 @@ spec: args: {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.args "context" $) | nindent 12 }} {{- end }} env: - - name: ADMIN_FRONTEND_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "adminFrontend.secretName" . }} - key: adminFrontend-password - {{- if (include "adminFrontend.smtp.password.enabled" .) }} - - name: ADMIN_FRONTEND_SMTP_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "adminFrontend.smtp.secretName" . }} - key: smtp-password - {{- end }} {{- if .Values.adminFrontend.extraEnvVars }} {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.extraEnvVars "context" $) | nindent 12 }} {{- end }} @@ -151,6 +120,83 @@ spec: {{- if .Values.adminFrontend.resources }} resources: {{- toYaml .Values.adminFrontend.resources | nindent 12 }} {{- end }} + - name: adminBackend + securityContext: {{- toYaml .Values.adminBackend.containerSecurityContext | nindent 12 }} + image: {{ template "adminBackend.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + {{- if .Values.adminBackend.command }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.command "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.adminBackend.args }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.args "context" $) | nindent 12 }} + {{- end }} + env: + - name: ADMIN_PANEL_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "adminBackend.secretName" . }} + key: adminBackend-password + {{- if (include "adminBackend.smtp.password.enabled" .) }} + - name: ADMIN_PANEL_SMTP_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "adminBackend.smtp.secretName" . }} + key: smtp-password + {{- end }} + {{- if .Values.adminBackend.extraEnvVars }} + {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + envFrom: + - configMapRef: + name: {{ include "common.names.fullname" . }} + {{- if .Values.adminBackend.extraEnvVarsCM }} + - configMapRef: + name: {{ .Values.adminBackend.extraEnvVarsCM }} + {{- end }} + {{- if .Values.adminBackend.extraEnvVarsSecret }} + - secretRef: + name: {{ .Values.adminBackend.extraEnvVarsSecret }} + {{- end }} + ports: + - name: http + containerPort: 3000 + protocol: TCP + {{- if .Values.adminBackend.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: /srv/status + port: http + initialDelaySeconds: {{ .Values.adminBackend.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.adminBackend.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.adminBackend.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.adminBackend.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.adminBackend.livenessProbe.failureThreshold }} + {{- else if .Values.adminBackend.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.customLivenessProbe "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.adminBackend.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: /srv/status + port: http + initialDelaySeconds: {{ .Values.adminBackend.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.adminBackend.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.adminBackend.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.adminBackend.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.adminBackend.readinessProbe.failureThreshold }} + {{- else if .Values.adminBackend.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.customReadinessProbe "context" $) | nindent 12 }} + {{- end }} + volumeMounts: + - name: adminBackend-data + mountPath: /bitnami/adminBackend + subPath: adminBackend + {{- if .Values.adminBackend.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.adminBackend.resources }} + resources: {{- toYaml .Values.adminBackend.resources | nindent 12 }} + {{- end }} {{- if .Values.sidecars }} {{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }} {{- end }} diff --git a/deployment/helmchart/templates/pvc.yaml b/deployment/helmchart/templates/pvc.yaml index cb508e9..87aedd2 100644 --- a/deployment/helmchart/templates/pvc.yaml +++ b/deployment/helmchart/templates/pvc.yaml @@ -1,5 +1,5 @@ # Disabled by default because the current admin panel does not need persistence -{{- if and (include "adminFrontend.host" .) .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +{{- if and (include "adminPanel.host" .) .Values.persistence.enabled (not .Values.persistence.existingClaim) }} kind: PersistentVolumeClaim apiVersion: v1 metadata: @@ -17,7 +17,7 @@ spec: resources: requests: storage: {{ .Values.persistence.size | quote }} - {{ include "adminFrontend.storageClass" . }} + {{ include "adminPanel.storageClass" . }} {{- if .Values.persistence.selector }} selector: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.selector "context" $) | nindent 4 }} {{- end -}} diff --git a/deployment/helmchart/templates/secrets-admin-panel.yaml b/deployment/helmchart/templates/secrets-admin-panel.yaml new file mode 100644 index 0000000..46a0dce --- /dev/null +++ b/deployment/helmchart/templates/secrets-admin-panel.yaml @@ -0,0 +1,23 @@ +{{- if (include "adminPanel.createSecret" .) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "common.names.fullname" . }}-adminPanel + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + {{- if and (.Values.adminBackend.password) (not .Values.adminBackend.existingSecret) }} + adminBackend-password: {{ .Values.adminBackend.password | b64enc | quote }} + {{- else if not .Values.adminBackend.existingSecret }} + adminBackend-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} + {{- if and (.Values.adminBackend.smtp.password) (.Values.adminBackend.smtp.enabled) (not .Values.adminBackend.smtp.existingSecret) }} + smtp-password: {{ .Values.adminBackend.smtp.password | b64enc | quote }} + {{- end }} +{{- end }} diff --git a/deployment/helmchart/templates/secrets-discourse.yaml b/deployment/helmchart/templates/secrets-discourse.yaml deleted file mode 100644 index e026b84..0000000 --- a/deployment/helmchart/templates/secrets-discourse.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{- if (include "adminFrontend.createSecret" .) }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ template "common.names.fullname" . }}-adminFrontend - labels: {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: Opaque -data: - {{- if and (.Values.adminFrontend.password) (not .Values.adminFrontend.existingSecret) }} - adminFrontend-password: {{ .Values.adminFrontend.password | b64enc | quote }} - {{- else if not .Values.adminFrontend.existingSecret }} - adminFrontend-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- if and (.Values.adminFrontend.smtp.password) (.Values.adminFrontend.smtp.enabled) (not .Values.adminFrontend.smtp.existingSecret) }} - smtp-password: {{ .Values.adminFrontend.smtp.password | b64enc | quote }} - {{- end }} -{{- end }} diff --git a/deployment/helmchart/templates/serviceaccount.yaml b/deployment/helmchart/templates/serviceaccount.yaml index 27a8838..ae11495 100644 --- a/deployment/helmchart/templates/serviceaccount.yaml +++ b/deployment/helmchart/templates/serviceaccount.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ include "adminFrontend.serviceAccountName" . }} + name: {{ include "adminPanel.serviceAccountName" . }} labels: {{- include "common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} diff --git a/deployment/helmchart/values.yaml b/deployment/helmchart/values.yaml index 6323aa8..8a79d21 100644 --- a/deployment/helmchart/values.yaml +++ b/deployment/helmchart/values.yaml @@ -21,10 +21,10 @@ global: ## @param kubeVersion Force target Kubernetes version (using Helm capabilities if not set) ## kubeVersion: "" -## @param nameOverride String to partially override adminFrontend.fullname template (will maintain the release name) +## @param nameOverride String to partially override adminPanel.fullname template (will maintain the release name) ## nameOverride: "" -## @param fullnameOverride String to fully override adminFrontend.fullname template +## @param fullnameOverride String to fully override adminPanel.fullname template ## fullnameOverride: "" ## @param commonLabels Labels to be added to all deployed resources @@ -76,35 +76,6 @@ service: ## @section Discourse parameters -## Bitnami Discourse image version -## ref: https://hub.docker.com/r/bitnami/adminFrontend/tags/ -## @param image.registry Discourse image registry -## @param image.repository Discourse image repository -## @param image.tag Discourse image tag -## @param image.pullPolicy Discourse image pull policy -## @param image.pullSecrets Discourse image pull secrets -## @param image.debug Specify if debug logs should be enabled -## -image: - registry: open.greenhost.net:4567 - repository: openappstack/admin-frontend/admin-frontend - tag: 0.1.0 - ## Specify a imagePullPolicy - ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## e.g: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## Set to true if you would like to see extra information on logs - ## - debug: false ## @param imagePullSecrets Specify docker-registry secret names as an array ## imagePullSecrets: [] @@ -112,31 +83,37 @@ imagePullSecrets: [] ## ref: https://open.greenhost.net/openappstack/admin-frontend ## adminFrontend: - ## @param adminFrontend.reactAppApiUrl URL to the admin-backend API - reactAppApiUrl: "http://oas-api.initdevelopment.com/api/v1" + ## Admin frontend image version + ## ref: https://hub.docker.com/r/bitnami/adminFrontend/tags/ + ## @param image.registry Discourse image registry + ## @param image.repository Discourse image repository + ## @param image.tag Discourse image tag + ## @param image.pullPolicy Discourse image pull policy + ## @param image.pullSecrets Discourse image pull secrets + ## @param image.debug Specify if debug logs should be enabled + ## + image: + registry: open.greenhost.net:4567 + repository: openappstack/admin-frontend/admin-frontend + tag: 0.1.0 + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] ## @param adminFrontend.extendEslint Whether to read .eslint.json rules extendEslint: false ## @param adminFrontend.host Discourse host to create application URLs (include the port if =/= 80) ## host: "" - ## @param adminFrontend.siteName Discourse site name - ## - siteName: 'My Site!' - ## @param adminFrontend.username Admin user of the application - ## - username: user - ## @param adminFrontend.password password. WARNING: Minimum length of 10 characters - ## Defaults to a random 10-character alphanumeric string if not set - ## - password: "" - ## @param adminFrontend.existingSecret Name of an existing secret containing the password (ignores previous password) - ## The secret should contain the following key: - ## adminFrontend-password - ## - existingSecret: "" - ## @param adminFrontend.email Admin user email of the application - ## - email: user@example.com ## @param adminFrontend.command Custom command to override image cmd ## command: [] @@ -215,30 +192,11 @@ adminFrontend: ## @param adminFrontend.customReadinessProbe Custom readiness probe to execute (when the main one is disabled) ## customReadinessProbe: {} - ## Discourse SMTP settings - ## @param adminFrontend.smtp.enabled Enable/disable SMTP - ## @param adminFrontend.smtp.host SMTP host name - ## @param adminFrontend.smtp.port SMTP port number - ## @param adminFrontend.smtp.user SMTP account user name - ## @param adminFrontend.smtp.password SMTP account password - ## @param adminFrontend.smtp.protocol SMTP protocol (Allowed values: tls, ssl) - ## @param adminFrontend.smtp.auth SMTP authentication method - ## @param adminFrontend.smtp.existingSecret Name of an existing Kubernetes secret. The secret must have the following key configured: `smtp-password` - ## - smtp: - enabled: false - host: "" - port: "" - user: "" - password: "" - protocol: "" - auth: "" - existingSecret: "" ## @param adminFrontend.extraEnvVars An array to add extra env vars ## For example: ## extraEnvVars: ## adminFrontend: - ## - name: DISCOURSE_ELASTICSEARCH_URL + ## - name: ADMIN_PANEL_ELASTICSEARCH_URL ## value: test ## extraEnvVars: [] @@ -256,10 +214,183 @@ adminFrontend: ## mountPath: /path/to/ca_cert ## extraVolumeMounts: [] - ## @param adminFrontend.skipInstall Do not run the Discourse installation wizard - ## Use only in case you are importing an existing database. +## Admin frontend configuration parameters +## ref: https://open.greenhost.net/openappstack/admin-frontend +## +adminBackend: + ## Admin frontend image version + ## ref: https://hub.docker.com/r/bitnami/adminFrontend/tags/ + ## @param image.registry Discourse image registry + ## @param image.repository Discourse image repository + ## @param image.tag Discourse image tag + ## @param image.pullPolicy Discourse image pull policy + ## @param image.pullSecrets Discourse image pull secrets + ## @param image.debug Specify if debug logs should be enabled ## - skipInstall: false + image: + registry: open.greenhost.net:4567 + repository: openappstack/admin-backend/admin-backend + tag: 0.1.0 + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## @param adminBackend.host API host (include the port if =/= 80) + ## + host: "" + ## @param adminBackend.reactAppApiUrl URL to the admin-backend API + apiUrl: "/api/v1" + + ## Variables for future use {{{ + + ## @param adminBackend.username Admin user of the application + ## + username: user + ## @param adminBackend.password password. WARNING: Minimum length of 10 characters + ## Defaults to a random 10-character alphanumeric string if not set + ## + password: "" + ## @param adminBackend.existingSecret Name of an existing secret containing the password (ignores previous password) + ## The secret should contain the following key: + ## adminBackend-password + ## + existingSecret: "" + ## @param adminBackend.email Admin user email of the application + ## + email: user@example.com + + ## Admin panel SMTP settings + ## @param adminBackend.smtp.enabled Enable/disable SMTP + ## @param adminBackend.smtp.host SMTP host name + ## @param adminBackend.smtp.port SMTP port number + ## @param adminBackend.smtp.user SMTP account user name + ## @param adminBackend.smtp.password SMTP account password + ## @param adminBackend.smtp.protocol SMTP protocol (Allowed values: tls, ssl) + ## @param adminBackend.smtp.auth SMTP authentication method + ## @param adminBackend.smtp.existingSecret Name of an existing Kubernetes secret. The secret must have the following key configured: `smtp-password` + ## + smtp: + enabled: false + host: "" + port: "" + user: "" + password: "" + protocol: "" + auth: "" + existingSecret: "" + + ## End variables for future use }}} + + ## @param adminBackend.command Custom command to override image cmd + ## + command: [] + ## @param adminBackend.args Custom args for the custom command + ## + args: [] + ## @param adminBackend.containerSecurityContext Container security context specification + ## Example: + ## capabilities: + ## drop: + ## - ALL + ## readOnlyRootFilesystem: true + ## runAsNonRoot: true + ## runAsUser: 1000 + ## + containerSecurityContext: {} + ## Discourse container's resource requests and limits + ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## @param adminBackend.resources.limits The resources limits for the container + ## @param adminBackend.resources.requests The requested resources for the container + ## + resources: + ## Example: + ## limits: + ## cpu: 100m + ## memory: 128Mi + limits: {} + ## Examples: + ## requests: + ## cpu: 100m + ## memory: 128Mi + requests: {} + ## Discourse extra options for liveness probe + ## WARNING: Discourse installation process may take up some time and + ## setting inappropriate values here may lead to pods failure. + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes + ## @param adminBackend.livenessProbe.enabled Enable/disable livenessProbe + ## @param adminBackend.livenessProbe.initialDelaySeconds Delay before liveness probe is initiated + ## @param adminBackend.livenessProbe.periodSeconds How often to perform the probe + ## @param adminBackend.livenessProbe.timeoutSeconds When the probe times out + ## @param adminBackend.livenessProbe.failureThreshold Minimum consecutive failures for the probe + ## @param adminBackend.livenessProbe.successThreshold Minimum consecutive successes for the probe + ## + livenessProbe: + enabled: true + initialDelaySeconds: 500 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + ## Discourse extra options for readiness probe + ## WARNING: Discourse installation process may take up some time and + ## setting inappropriate values here may lead to pods failure. + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes + ## @param adminBackend.readinessProbe.enabled Enable/disable readinessProbe + ## @param adminBackend.readinessProbe.initialDelaySeconds Delay before readiness probe is initiated + ## @param adminBackend.readinessProbe.periodSeconds How often to perform the probe + ## @param adminBackend.readinessProbe.timeoutSeconds When the probe times out + ## @param adminBackend.readinessProbe.failureThreshold Minimum consecutive failures for the probe + ## @param adminBackend.readinessProbe.successThreshold Minimum consecutive successes for the probe + ## + readinessProbe: + enabled: true + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + ## @param adminBackend.customLivenessProbe Custom liveness probe to execute (when the main one is disabled) + ## + customLivenessProbe: {} + ## @param adminBackend.customReadinessProbe Custom readiness probe to execute (when the main one is disabled) + ## + customReadinessProbe: {} + ## @param adminBackend.extraEnvVars An array to add extra env vars + ## For example: + ## extraEnvVars: + ## adminBackend: + ## - name: ADMIN_PANEL_ELASTICSEARCH_URL + ## value: test + ## + extraEnvVars: [] + ## @param adminBackend.extraEnvVarsCM Array to add extra configmaps + ## + extraEnvVarsCM: [] + ## @param adminBackend.extraEnvVarsSecret Array to add extra environment variables from a secret + ## + extraEnvVarsSecret: "" + ## @param adminBackend.extraVolumeMounts Additional volume mounts (used along with `extraVolumes`) + ## Example: Mount CA file + ## extraVolumeMounts + ## - name: ca-cert + ## subPath: ca_cert + ## mountPath: /path/to/ca_cert + ## + extraVolumeMounts: [] + ## @param replicaCount Number of Discourse & Sidekiq replicas ## (Note that you will need ReadWriteMany PVCs for this to work properly) ## @@ -325,7 +456,7 @@ persistence: ## @param persistence.enabled Whether to enable persistence based on Persistent Volume Claims ## enabled: false - ## @param persistence.storageClass adminFrontend & sidekiq data Persistent Volume Storage Class + ## @param persistence.storageClass adminPanel & sidekiq data Persistent Volume Storage Class ## If defined, storageClassName: ## If set to "-", storageClassName: "", which disables dynamic provisioning ## If undefined (the default) or set to null, no storageClassName spec is @@ -407,93 +538,9 @@ nodeSelector: {} ## tolerations: [] -## @section Sidekiq parameters -sidekiq: - ## @param sidekiq.containerSecurityContext Container security context specification - ## capabilities: - ## drop: - ## - ALL - ## readOnlyRootFilesystem: true - ## runAsNonRoot: true - ## runAsUser: 1000 - ## - containerSecurityContext: {} - ## @param sidekiq.command Custom command to override image cmd (evaluated as a template) - ## - command: ['/opt/bitnami/scripts/adminFrontend/entrypoint.sh'] - ## @param sidekiq.args Custom args for the custom command (evaluated as a template) - ## - args: ['/opt/bitnami/scripts/adminFrontend-sidekiq/run.sh'] - ## @param sidekiq.resources Sidekiq container resource requests and limits - ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ - ## We usually recommend not to specify default resources and to leave this as a conscious - ## choice for the user. This also increases chances charts run on environments with little - ## resources, such as Minikube. If you do want to specify resources, uncomment the following - ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. - ## - resources: {} - ## Sidekiq extra options for liveness probe - ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes - ## @param sidekiq.livenessProbe.enabled Enable/disable livenessProbe - ## @param sidekiq.livenessProbe.initialDelaySeconds Delay before liveness probe is initiated - ## @param sidekiq.livenessProbe.periodSeconds How often to perform the probe - ## @param sidekiq.livenessProbe.timeoutSeconds When the probe times out - ## @param sidekiq.livenessProbe.failureThreshold Minimum consecutive failures for the probe - ## @param sidekiq.livenessProbe.successThreshold Minimum consecutive successes for the probe - ## - livenessProbe: - enabled: true - initialDelaySeconds: 500 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - successThreshold: 1 - ## Sidekiq extra options for readiness probe - ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes - ## @param sidekiq.readinessProbe.enabled Enable/disable readinessProbe - ## @param sidekiq.readinessProbe.initialDelaySeconds Delay before readiness probe is initiated - ## @param sidekiq.readinessProbe.periodSeconds How often to perform the probe - ## @param sidekiq.readinessProbe.timeoutSeconds When the probe times out - ## @param sidekiq.readinessProbe.failureThreshold Minimum consecutive failures for the probe - ## @param sidekiq.readinessProbe.successThreshold Minimum consecutive successes for the probe - ## - readinessProbe: - enabled: true - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - successThreshold: 1 - ## @param sidekiq.customLivenessProbe Custom liveness probe to execute (when the main one is disabled) - ## - customLivenessProbe: {} - ## @param sidekiq.customReadinessProbe Custom readiness probe to execute (when the main one is disabled) - ## - customReadinessProbe: {} - ## @param sidekiq.extraEnvVars An array to add extra env vars - ## For example: - ## extraEnvVars: - ## - name: DISCOURSE_ELASTICSEARCH_URL - ## value: test - ## - extraEnvVars: [] - ## @param sidekiq.extraEnvVarsCM Array to add extra configmaps - ## - extraEnvVarsCM: [] - ## @param sidekiq.extraEnvVarsSecret Name of the secret that holds extra env vars - ## - extraEnvVarsSecret: "" - ## @param sidekiq.extraVolumeMounts Additional volume mounts - ## Example: Mount CA file - ## extraVolumeMounts - ## - name: ca-cert - ## subPath: ca_cert - ## mountPath: /path/to/ca_cert - ## - extraVolumeMounts: [] - -## @section Volume Permissions parameters +## @section Volume Permissions parameters (currently disabled because there is +## no persistence in the app) ## Init containers parameters: ## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup @@ -537,7 +584,7 @@ ingress: certManager: false ## @param ingress.hostname Default host for the ingress resource ## - hostname: adminFrontend.local + hostname: adminPanel.local ## @param ingress.apiVersion Force Ingress API version (automatically detected if not set) ## apiVersion: "" @@ -562,15 +609,15 @@ ingress: ## @param ingress.extraHosts The list of additional hostnames to be covered with this ingress record. ## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array ## extraHosts: - ## - name: adminFrontend.local + ## - name: adminPanel.local ## path: / extraHosts: [] ## @param ingress.extraTls The tls configuration for additional hostnames to be covered with this ingress record. ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls ## extraTls: ## - hosts: - ## - adminFrontend.local - ## secretName: adminFrontend.local-tls + ## - adminPanel.local + ## secretName: adminPanel.local-tls extraTls: [] ## @param ingress.secrets If you're providing your own certificates, please use this to add the certificates as secrets ## key and certificate should start with -----BEGIN CERTIFICATE----- or @@ -582,7 +629,7 @@ ingress: ## It is also possible to create and manage the certificates outside of this helm chart ## Please see README.md for more information ## Example: - ## - name: adminFrontend.local-tls + ## - name: adminPanel.local-tls ## key: ## certificate: secrets: []