From f0b0dd3e36d4ed703521b705c263933523acdb40 Mon Sep 17 00:00:00 2001 From: Maarten de Waard Date: Thu, 30 Sep 2021 14:37:30 +0200 Subject: [PATCH 01/11] add bitnami/Discourse chart as a basis, edit Chart.yaml --- deployment/helmchart/.helmignore | 23 + deployment/helmchart/Chart.yaml | 24 + deployment/helmchart/templates/NOTES.txt | 165 ++++ deployment/helmchart/templates/_helpers.tpl | 249 +++++++ .../helmchart/templates/configmaps.yaml | 50 ++ .../helmchart/templates/deployment.yaml | 275 +++++++ deployment/helmchart/templates/ingress.yaml | 55 ++ deployment/helmchart/templates/pvc.yaml | 23 + .../helmchart/templates/secrets-database.yaml | 17 + .../templates/secrets-discourse.yaml | 23 + .../helmchart/templates/secrets-redis.yaml | 16 + deployment/helmchart/templates/service.yaml | 42 ++ .../helmchart/templates/serviceaccount.yaml | 19 + .../helmchart/templates/tls-secrets.yaml | 19 + deployment/helmchart/values.yaml | 702 ++++++++++++++++++ 15 files changed, 1702 insertions(+) create mode 100644 deployment/helmchart/.helmignore create mode 100644 deployment/helmchart/Chart.yaml create mode 100644 deployment/helmchart/templates/NOTES.txt create mode 100644 deployment/helmchart/templates/_helpers.tpl create mode 100644 deployment/helmchart/templates/configmaps.yaml create mode 100644 deployment/helmchart/templates/deployment.yaml create mode 100644 deployment/helmchart/templates/ingress.yaml create mode 100644 deployment/helmchart/templates/pvc.yaml create mode 100644 deployment/helmchart/templates/secrets-database.yaml create mode 100644 deployment/helmchart/templates/secrets-discourse.yaml create mode 100644 deployment/helmchart/templates/secrets-redis.yaml create mode 100644 deployment/helmchart/templates/service.yaml create mode 100644 deployment/helmchart/templates/serviceaccount.yaml create mode 100644 deployment/helmchart/templates/tls-secrets.yaml create mode 100644 deployment/helmchart/values.yaml diff --git a/deployment/helmchart/.helmignore b/deployment/helmchart/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/deployment/helmchart/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/deployment/helmchart/Chart.yaml b/deployment/helmchart/Chart.yaml new file mode 100644 index 0000000..74c365d --- /dev/null +++ b/deployment/helmchart/Chart.yaml @@ -0,0 +1,24 @@ +annotations: + category: Dashboard +apiVersion: v2 +appVersion: 0.1.0 +dependencies: + - name: common + repository: https://charts.bitnami.com/bitnami + tags: + - bitnami-common + version: 1.x.x +description: A Helm chart for deploying the Stackspin Dashboard to Kubernetes +engine: gotpl +home: https://open.greenhost.net/openappstack/admin-frontend/ +icon: https://open.greenhost.net/openappstack/admin-frontend/-/blob/master/public/assets/logo.svg +keywords: + - stackspin + - dashboard +maintainers: + - email: info@openappstack.net + name: Stackspin +name: admin-frontend +sources: + - https://open.greenhost.net/openappstack/admin-frontend/ +version: 0.1.0 diff --git a/deployment/helmchart/templates/NOTES.txt b/deployment/helmchart/templates/NOTES.txt new file mode 100644 index 0000000..8caea61 --- /dev/null +++ b/deployment/helmchart/templates/NOTES.txt @@ -0,0 +1,165 @@ +{{- $secretName := include "discourse.secretName" . -}} +{{- $postgresqlSecretName := include "discourse.postgresql.secretName" . -}} +{{- $redisSecretName := include "discourse.redis.secretName" . -}} + +{{- if or .Values.postgresql.enabled .Values.externalDatabase.host -}} + +{{- if empty (include "discourse.host" .) -}} +############################################################################### +### ERROR: You did not provide an external host in your 'helm install' call ### +############################################################################### + +This deployment will be incomplete until you configure Discourse with a resolvable host. To configure Discourse with the URL of your service: + +1. Get the discourse URL by running: + + {{- if contains "NodePort" .Values.service.type }} + export DISCOURSE_HOST=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}"):$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} -o jsonpath="{.spec.ports[0].nodePort}") + {{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "common.names.fullname" . }}' + + export DISCOURSE_HOST=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") + {{- end }} + {{ include "common.utils.secret.getvalue" (dict "secret" $secretName "field" "discourse-password" "context" $) }} + {{ include "common.utils.secret.getvalue" (dict "secret" $postgresqlSecretName "field" "postgresql-password" "context" $) }} + {{- if (include "discourse.redis.auth.enabled" .) }} + {{ include "common.utils.secret.getvalue" (dict "secret" $redisSecretName "field" "redis-password" "context" $) }} + {{- end }} + +2. Complete your Discourse deployment by running: + +{{- if .Values.postgresql.enabled }} + + helm upgrade --namespace {{ .Release.Namespace }} {{ .Release.Name }} bitnami/{{ .Chart.Name }} \ + --set discourse.host=$DISCOURSE_HOST \ + --set discourse.password=$DISCOURSE_PASSWORD \ + {{- if .Values.global }}{{- if .Values.global.imagePullSecrets }} + --set global.imagePullSecrets={{ .Values.global.imagePullSecrets }} \ + {{- end }}{{- end }} + {{- if and .Values.redis.enabled .Values.redis.auth.enabled (not .Values.redis.auth.existingSecret) (not .Values.redis.auth.password) }} + --set redis.auth.password=$REDIS_PASSWORD \ + {{- end }} + --set postgresql.postgresqlPassword=$POSTGRESQL_PASSWORD + +{{- else }} + + ## PLEASE UPDATE THE EXTERNAL DATABASE CONNECTION PARAMETERS IN THE FOLLOWING COMMAND AS NEEDED ## + + helm upgrade --namespace {{ .Release.Namespace }} {{ .Release.Name }} bitnami/{{ .Chart.Name }} \ + --set discourse.host=$DISCOURSE_HOST \ + --set discourse.password=$DISCOURSE_PASSWORD \ + --set service.type={{ .Values.service.type }} \ + --set externalDatabase.host={{ .Values.externalDatabase.host }} \ + --set externalDatabase.port={{ .Values.externalDatabase.port }} \ + --set externalDatabase.user={{ .Values.externalDatabase.user }} \ + --set externalDatabase.password=$POSTGRESQL_PASSWORD \ + --set externalDatabase.database={{ .Values.externalDatabase.database }} \ + {{- if .Values.global }}{{- if .Values.global.imagePullSecrets }} + --set global.imagePullSecrets={{ .Values.global.imagePullSecrets }} \ + {{- end }}{{- end }} + {{- if and .Values.redis.enabled .Values.redis.auth.enabled (not .Values.redis.auth.existingSecret) (not .Values.redis.auth.password) }} + --set redis.auth.password=$REDIS_PASSWORD \ + {{- end }} + --set postgresql.enabled=false +{{- end }} + +{{- else -}} + +1. Get the Discourse URL by running: + + Discourse URL : http://{{ include "discourse.host" . }}/ + +{{- if eq .Values.service.type "ClusterIP" }} + kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ template "common.names.fullname" . }} 80:{{ .Values.service.port }} +{{- end }} + +2. Get your Discourse login credentials by running: + + Username: {{ .Values.discourse.username }} + {{ include "common.utils.secret.getvalue" (dict "secret" $secretName "field" "discourse-password" "context" $) }} + {{ include "common.utils.secret.getvalue" (dict "secret" $postgresqlSecretName "field" "postgresql-password" "context" $) }} + {{- if (include "discourse.redis.auth.enabled" .) }} + {{ include "common.utils.secret.getvalue" (dict "secret" $redisSecretName "field" "redis-password" "context" $) }} + {{- end }} + +{{- end }} + +{{- else -}} + +######################################################################################## +### ERROR: You did not provide an external database host in your 'helm install' call ### +######################################################################################## + +This deployment will be incomplete until you configure Discourse with a resolvable database host. To configure Discourse to use and external database host: + +1. Complete your Discourse deployment by running: + +{{- if contains "NodePort" .Values.service.type }} + export DISCOURSE_HOST=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}"):$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} -o jsonpath="{.spec.ports[0].nodePort}") +{{- else if contains "LoadBalancer" .Values.service.type }} + + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "common.names.fullname" . }}' + + export DISCOURSE_HOST=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") +{{- else }} + + export DISCOURSE_HOST=127.0.0.1 +{{- end }} + {{ include "common.utils.secret.getvalue" (dict "secret" $secretName "field" "discourse-password" "context" $) }} + {{ include "common.utils.secret.getvalue" (dict "secret" $postgresqlSecretName "field" "postgresql-password" "context" $) }} + {{- if (include "discourse.redis.auth.enabled" .) }} + {{ include "common.utils.secret.getvalue" (dict "secret" $redisSecretName "field" "redis-password" "context" $) }} + {{- end }} + + + ## PLEASE UPDATE THE EXTERNAL DATABASE CONNECTION PARAMETERS IN THE FOLLOWING COMMAND AS NEEDED ## + + helm upgrade --namespace {{ .Release.Namespace }} {{ .Release.Name }} bitnami/{{ .Chart.Name }} \ + --set discourse.host=$DISCOURSE_HOST \ + --set discourse.password=$DISCOURSE_PASSWORD \ + --set postgresql.enabled=false \ + {{- if not (empty .Values.externalDatabase.user) }} + --set externalDatabase.user={{ .Values.externalDatabase.user }} \ + {{- end }} + {{- if not (empty .Values.externalDatabase.password) }} + --set externalDatabase.password=$POSTGRESQL_PASSWORD \ + {{- end }} + {{- if not (empty .Values.externalDatabase.database) }} + --set externalDatabase.database={{ .Values.externalDatabase.database }} + {{- end }} + --set externalDatabase.host=YOUR_EXTERNAL_DATABASE_HOST \ + {{- if .Values.global }}{{- if .Values.global.imagePullSecrets }} + --set global.imagePullSecrets={{ .Values.global.imagePullSecrets }} \ + {{- end }}{{- end }} + {{- if and .Values.redis.enabled .Values.redis.auth.enabled (not .Values.redis.auth.existingSecret) (not .Values.redis.auth.password) }} + --set redis.auth.password=$REDIS_PASSWORD \ + {{- end }} + --set service.type={{ .Values.service.type }} +{{- end }} + +{{ if and .Values.postgresql.enabled (not .Values.postgresql.existingSecret) (eq .Values.postgresql.postgresqlPostgresPassword "bitnami") -}} +##################################################################################### +### WARNING: You did not change the default password for the PostgreSQL root user ### +##################################################################################### +{{- end }} + +{{- include "common.warnings.rollingTag" .Values.image }} + +{{- $passwordValidationErrors := list -}} +{{- if not .Values.discourse.existingSecret -}} + {{- $requiredDiscoursePassword := dict "valueKey" "discourse.password" "secret" $secretName "field" "discourse-password" "context" $ -}} + {{- $requiredDiscoursePasswordError := include "common.validations.values.single.empty" $requiredDiscoursePassword -}} + {{- $passwordValidationErrors = append $passwordValidationErrors $requiredDiscoursePasswordError -}} +{{- end -}} + +{{- $postgresqlPasswordValidationErrors := include "common.validations.values.postgresql.passwords" (dict "secret" $postgresqlSecretName "subchart" true "context" $) -}} +{{- $passwordValidationErrors = append $passwordValidationErrors $postgresqlPasswordValidationErrors -}} + +{{- if (include "discourse.redis.auth.enabled" .) }} +{{- $redisPasswordValidationErrors := include "common.validations.values.redis.passwords" (dict "secret" $redisSecretName "subchart" true "context" $) -}} +{{- $passwordValidationErrors = append $passwordValidationErrors $redisPasswordValidationErrors -}} +{{- end }} + +{{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" $passwordValidationErrors "context" $) -}} diff --git a/deployment/helmchart/templates/_helpers.tpl b/deployment/helmchart/templates/_helpers.tpl new file mode 100644 index 0000000..9bc649d --- /dev/null +++ b/deployment/helmchart/templates/_helpers.tpl @@ -0,0 +1,249 @@ + +{{/* +Create a default fully qualified app name +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "postgresql.fullname" -}} +{{- printf "%s-%s" .Release.Name "postgresql" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "redis.fullname" -}} +{{- printf "%s-%s" .Release.Name "redis" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "discourse.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "common.names.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Return the proper Docker image registry secret names +*/}} +{{- define "discourse.imagePullSecrets" -}} +{{ include "common.images.pullSecrets" (dict "images" (list .Values.image) "global" .Values.global) }} +{{- end -}} + +{{/* +Return true if a secret object for Discourse should be created +*/}} +{{- define "discourse.createSecret" -}} +{{- if or (not .Values.discourse.existingSecret) (and (not .Values.discourse.smtp.existingSecret) .Values.discourse.smtp.password .Values.discourse.smtp.enabled) }} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Discourse secret name +*/}} +{{- define "discourse.secretName" -}} +{{- if .Values.discourse.existingSecret }} + {{- printf "%s" .Values.discourse.existingSecret -}} +{{- else -}} + {{- printf "%s-discourse" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Discourse SMTP secret name +*/}} +{{- define "discourse.smtp.secretName" -}} +{{- if .Values.discourse.smtp.existingSecret }} + {{- printf "%s" .Values.discourse.smtp.existingSecret -}} +{{- else -}} + {{- printf "%s-discourse" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if Discourse SMTP uses password authentication +*/}} +{{- define "discourse.smtp.password.enabled" -}} +{{- if and (or .Values.discourse.smtp.password .Values.discourse.smtp.existingSecret) .Values.discourse.smtp.enabled }} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Get the user defined LoadBalancerIP for this release +Note, returns 127.0.0.1 if using ClusterIP. +*/}} +{{- define "discourse.serviceIP" -}} +{{- if eq .Values.service.type "ClusterIP" -}} +127.0.0.1 +{{- else -}} +{{- .Values.service.loadBalancerIP | default "" -}} +{{- end -}} +{{- end -}} + +{{/* +Gets the host to be used for this application. +If not using ClusterIP, or if a host or LoadBalancerIP is not defined, the value will be empty +*/}} +{{- define "discourse.host" -}} +{{- $host := .Values.discourse.host | default "" -}} +{{- default (include "discourse.serviceIP" .) $host -}} +{{- end -}} + +{{/* +Return the proper Discourse image name +*/}} +{{- define "discourse.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }} +{{- end -}} + +{{/* +Return the proper Storage Class +*/}} +{{- define "discourse.storageClass" -}} +{{- include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) -}} +{{- end -}} + +{{/* +Return the Postgresql hostname +*/}} +{{- define "discourse.databaseHost" -}} +{{- if .Values.postgresql.enabled }} + {{- printf "%s" (include "postgresql.fullname" .) -}} +{{- else -}} + {{- printf "%s" .Values.externalDatabase.host -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Postgresql port +*/}} +{{- define "discourse.databasePort" -}} +{{- if .Values.postgresql.enabled }} + {{- printf "5432" | quote -}} +{{- else -}} + {{- .Values.externalDatabase.port | quote -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Postgresql database name +*/}} +{{- define "discourse.databaseName" -}} +{{- if .Values.postgresql.enabled }} + {{- printf "%s" .Values.postgresql.postgresqlDatabase -}} +{{- else -}} + {{- printf "%s" .Values.externalDatabase.database -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Postgresql user +*/}} +{{- define "discourse.databaseUser" -}} +{{- if .Values.postgresql.enabled }} + {{- printf "%s" .Values.postgresql.postgresqlUsername -}} +{{- else -}} + {{- printf "%s" .Values.externalDatabase.user -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if a secret object for Postgres should be created +*/}} +{{- define "discourse.postgresql.createSecret" -}} +{{- if and (not .Values.postgresql.enabled) (not .Values.externalDatabase.existingSecret) }} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Postgresql secret name +*/}} +{{- define "discourse.postgresql.secretName" -}} +{{- if .Values.postgresql.enabled }} + {{- if .Values.postgresql.existingSecret }} + {{- printf "%s" .Values.postgresql.existingSecret -}} + {{- else -}} + {{- printf "%s" (include "postgresql.fullname" .) -}} + {{- end -}} +{{- else if .Values.externalDatabase.existingSecret }} + {{- printf "%s" .Values.externalDatabase.existingSecret -}} +{{- else -}} + {{- printf "%s-database" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Redis™ hostname +*/}} +{{- define "discourse.redisHost" -}} +{{- if .Values.redis.enabled }} + {{- printf "%s-master" (include "redis.fullname" .) -}} +{{- else -}} + {{- printf "%s" .Values.externalRedis.host -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Redis™ port +*/}} +{{- define "discourse.redisPort" -}} +{{- if .Values.redis.enabled }} + {{- printf "6379" | quote -}} +{{- else -}} + {{- .Values.externalRedis.port | quote -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if a secret object for Redis™ should be created +*/}} +{{- define "discourse.redis.createSecret" -}} +{{- if and (not .Values.redis.enabled) (not .Values.externalRedis.existingSecret) .Values.externalRedis.password }} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Redis™ secret name +*/}} +{{- define "discourse.redis.secretName" -}} +{{- if .Values.redis.enabled }} + {{- if .Values.redis.auth.existingSecret }} + {{- printf "%s" .Values.redis.auth.existingSecret -}} + {{- else -}} + {{- printf "%s" (include "redis.fullname" .) -}} + {{- end -}} +{{- else if .Values.externalRedis.existingSecret }} + {{- printf "%s" .Values.externalRedis.existingSecret -}} +{{- else -}} + {{- printf "%s-redis" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Redis™ secret key +*/}} +{{- define "discourse.redis.secretPasswordKey" -}} +{{- if and .Values.redis.enabled .Values.redis.auth.existingSecret }} + {{- required "You need to provide existingSecretPasswordKey when an existingSecret is specified in redis" .Values.redis.auth.existingSecretPasswordKey | printf "%s" }} +{{- else if and (not .Values.redis.enabled) .Values.externalRedis.existingSecret }} + {{- required "You need to provide existingSecretPasswordKey when an existingSecret is specified in redis" .Values.externalRedis.existingSecretPasswordKey | printf "%s" }} +{{- else -}} + {{- printf "redis-password" -}} +{{- end -}} +{{- end -}} + +{{/* +Return whether Redis™ uses password authentication or not +*/}} +{{- define "discourse.redis.auth.enabled" -}} +{{- if or (and .Values.redis.enabled .Values.redis.auth.enabled) (and (not .Values.redis.enabled) (or .Values.externalRedis.password .Values.externalRedis.existingSecret)) }} + {{- true -}} +{{- end -}} +{{- end -}} diff --git a/deployment/helmchart/templates/configmaps.yaml b/deployment/helmchart/templates/configmaps.yaml new file mode 100644 index 0000000..cded68d --- /dev/null +++ b/deployment/helmchart/templates/configmaps.yaml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "common.names.fullname" . }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + {{- $port := .Values.service.port | toString }} + DISCOURSE_HOST: "{{ include "discourse.host" . }}" + DISCOURSE_SKIP_INSTALL: {{ ternary "yes" "no" .Values.discourse.skipInstall | quote }} + DISCOURSE_SITE_NAME: {{ .Values.discourse.siteName | quote }} + DISCOURSE_USERNAME: {{ .Values.discourse.username | quote }} + DISCOURSE_EMAIL: {{ .Values.discourse.email | quote }} + DISCOURSE_REDIS_HOST: {{ template "discourse.redisHost" . }} + DISCOURSE_REDIS_PORT_NUMBER: {{ template "discourse.redisPort" . }} + DISCOURSE_DATABASE_HOST: {{ template "discourse.databaseHost" . }} + DISCOURSE_DATABASE_PORT_NUMBER: {{ template "discourse.databasePort" . }} + DISCOURSE_DATABASE_NAME: {{ template "discourse.databaseName" . }} + DISCOURSE_DATABASE_USER: {{ template "discourse.databaseUser" . }} + {{- if .Values.discourse.smtp.enabled }} + DISCOURSE_SMTP_HOST: {{ .Values.discourse.smtp.host | quote }} + DISCOURSE_SMTP_PORT: {{ .Values.discourse.smtp.port | quote }} + {{- if .Values.discourse.smtp.user }} + DISCOURSE_SMTP_USER: {{ .Values.discourse.smtp.user | quote }} + {{- end }} + {{- if .Values.discourse.smtp.protocol }} + DISCOURSE_SMTP_PROTOCOL: {{ .Values.discourse.smtp.protocol | quote }} + {{- end }} + {{- if .Values.discourse.smtp.auth }} + DISCOURSE_SMTP_AUTH: {{ .Values.discourse.smtp.auth | quote }} + {{- end }} + {{- end }} + {{- if or .Values.postgresql.enabled .Values.externalDatabase.create }} + POSTGRESQL_CLIENT_DATABASE_HOST: {{ template "discourse.databaseHost" . }} + POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER: {{ template "discourse.databasePort" . }} + {{- if or .Values.postgresql.enabled (not .Values.externalDatabase.postgresqlPostgresUser) }} + POSTGRESQL_CLIENT_POSTGRES_USER: "postgres" + {{- else }} + POSTGRESQL_CLIENT_POSTGRES_USER: {{ .Values.externalDatabase.postgresqlPostgresUser | quote }} + POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME: {{ .Values.externalDatabase.user | quote }} + POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD: {{ .Values.externalDatabase.password | quote }} + {{- end }} + POSTGRESQL_CLIENT_CREATE_DATABASE_NAME: {{ template "discourse.databaseName" . }} + POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS: "hstore,pg_trgm" + {{- end }} diff --git a/deployment/helmchart/templates/deployment.yaml b/deployment/helmchart/templates/deployment.yaml new file mode 100644 index 0000000..7a94f21 --- /dev/null +++ b/deployment/helmchart/templates/deployment.yaml @@ -0,0 +1,275 @@ +{{- if and (include "discourse.host" .) (or .Values.postgresql.enabled .Values.externalDatabase.host) -}} +apiVersion: {{ template "common.capabilities.deployment.apiVersion" . }} +kind: Deployment +metadata: + name: {{ template "common.names.fullname" . }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + component: discourse + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }} + component: discourse + {{- if .Values.updateStrategy }} + strategy: {{- toYaml .Values.updateStrategy | nindent 4 }} + {{- end }} + template: + metadata: + annotations: + checksum/config: {{ include (print $.Template.BasePath "/configmaps.yaml") . | sha256sum }} + checksum/secrets-discourse: {{ include (print $.Template.BasePath "/secrets-discourse.yaml") . | sha256sum }} + checksum/secrets-database: {{ include (print $.Template.BasePath "/secrets-database.yaml") . | sha256sum }} + checksum/secrets-redis: {{ include (print $.Template.BasePath "/secrets-redis.yaml") . | sha256sum }} + labels: {{- include "common.labels.standard" . | nindent 8 }} + component: discourse + {{- if .Values.podLabels }} + {{- include "common.tplvalues.render" (dict "value" .Values.podLabels "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.podAnnotations }} + annotations: {{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }} + {{- end }} + spec: + {{- include "discourse.imagePullSecrets" . | nindent 6 }} + {{- if .Values.hostAliases }} + hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.affinity }} + affinity: {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }} + {{- end }} + {{- if .Values.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" $) | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "discourse.serviceAccountName" . }} + securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} + initContainers: + {{- if .Values.initContainers }} + {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }} + {{- end }} + {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }} + - name: volume-permissions + image: {{ include "discourse.image" . }} + imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} + command: + - sh + - -c + - | + mkdir -p "/bitnami/discourse" + chown -R "discourse:root" "/bitnami/discourse" + securityContext: + runAsUser: 0 + {{- if .Values.volumePermissions.resources }} + resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} + {{- end }} + volumeMounts: + - name: discourse-data + mountPath: /bitnami/discourse + {{- end }} + containers: + - name: discourse + securityContext: {{- toYaml .Values.discourse.containerSecurityContext | nindent 12 }} + image: {{ template "discourse.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + {{- if .Values.discourse.command }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.discourse.command "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.discourse.args }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.discourse.args "context" $) | nindent 12 }} + {{- end }} + env: + - name: BITNAMI_DEBUG + value: {{ ternary "true" "false" .Values.image.debug | quote }} + - name: DISCOURSE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "discourse.secretName" . }} + key: discourse-password + - name: DISCOURSE_DATABASE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "discourse.postgresql.secretName" . }} + key: postgresql-password + {{- if or .Values.postgresql.enabled .Values.externalDatabase.create }} + - name: POSTGRESQL_CLIENT_POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "discourse.postgresql.secretName" . }} + key: postgresql-postgres-password + {{- end }} + {{- if (include "discourse.redis.auth.enabled" .) }} + - name: DISCOURSE_REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "discourse.redis.secretName" . }} + key: {{ include "discourse.redis.secretPasswordKey" . }} + {{- end }} + {{- if (include "discourse.smtp.password.enabled" .) }} + - name: DISCOURSE_SMTP_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "discourse.smtp.secretName" . }} + key: smtp-password + {{- end }} + {{- if .Values.discourse.extraEnvVars }} + {{- include "common.tplvalues.render" (dict "value" .Values.discourse.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + envFrom: + - configMapRef: + name: {{ include "common.names.fullname" . }} + {{- if .Values.discourse.extraEnvVarsCM }} + - configMapRef: + name: {{ .Values.discourse.extraEnvVarsCM }} + {{- end }} + {{- if .Values.discourse.extraEnvVarsSecret }} + - secretRef: + name: {{ .Values.discourse.extraEnvVarsSecret }} + {{- end }} + ports: + - name: http + containerPort: 3000 + protocol: TCP + {{- if .Values.discourse.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: /srv/status + port: http + initialDelaySeconds: {{ .Values.discourse.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.discourse.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.discourse.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.discourse.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.discourse.livenessProbe.failureThreshold }} + {{- else if .Values.discourse.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.discourse.customLivenessProbe "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.discourse.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: /srv/status + port: http + initialDelaySeconds: {{ .Values.discourse.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.discourse.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.discourse.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.discourse.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.discourse.readinessProbe.failureThreshold }} + {{- else if .Values.discourse.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.discourse.customReadinessProbe "context" $) | nindent 12 }} + {{- end }} + volumeMounts: + - name: discourse-data + mountPath: /bitnami/discourse + subPath: discourse + {{- if .Values.discourse.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.discourse.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.discourse.resources }} + resources: {{- toYaml .Values.discourse.resources | nindent 12 }} + {{- end }} + - name: sidekiq + securityContext: {{- toYaml .Values.sidekiq.containerSecurityContext | nindent 12 }} + image: {{ template "discourse.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.command "context" $) | nindent 12 }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.args "context" $) | nindent 12 }} + env: + - name: BITNAMI_DEBUG + value: {{ ternary "true" "false" .Values.image.debug | quote }} + - name: DISCOURSE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "discourse.secretName" . }} + key: discourse-password + - name: DISCOURSE_POSTGRESQL_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "discourse.postgresql.secretName" . }} + key: postgresql-password + {{- if (include "discourse.redis.auth.enabled" .) }} + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "discourse.redis.secretName" . }} + key: {{ include "discourse.redis.secretPasswordKey" . }} + {{- end }} + {{- if (include "discourse.smtp.password.enabled" .) }} + - name: DISCOURSE_SMTP_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "discourse.smtp.secretName" . }} + key: smtp-password + {{- end }} + {{- if .Values.sidekiq.extraEnvVars }} + {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + envFrom: + - configMapRef: + name: {{ include "common.names.fullname" . }} + {{- if .Values.sidekiq.extraEnvVarsCM }} + - configMapRef: + name: {{ .Values.sidekiq.extraEnvVarsCM }} + {{- end }} + {{- if .Values.sidekiq.extraEnvVarsSecret }} + - secretRef: + name: {{ .Values.sidekiq.extraEnvVarsSecret }} + {{- end }} + {{- if .Values.sidekiq.livenessProbe.enabled }} + livenessProbe: + exec: + command: ["/bin/sh", "-c", "pgrep -f ^sidekiq"] + initialDelaySeconds: {{ .Values.sidekiq.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.sidekiq.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.sidekiq.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.sidekiq.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.sidekiq.livenessProbe.failureThreshold }} + {{- else if .Values.sidekiq.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.customLivenessProbe "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.sidekiq.readinessProbe.enabled }} + readinessProbe: + exec: + command: ["/bin/sh", "-c", "pgrep -f ^sidekiq"] + initialDelaySeconds: {{ .Values.sidekiq.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.sidekiq.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.sidekiq.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.sidekiq.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.sidekiq.readinessProbe.failureThreshold }} + {{- else if .Values.sidekiq.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.customReadinessProbe "context" $) | nindent 12 }} + {{- end }} + volumeMounts: + - name: discourse-data + mountPath: /bitnami/discourse + subPath: discourse + {{- if .Values.sidekiq.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.sidekiq.resources }} + resources: {{- toYaml .Values.sidekiq.resources | nindent 12 }} + {{- end }} + {{- if .Values.sidecars }} + {{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }} + {{- end }} + volumes: + - name: discourse-data + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Values.persistence.existingClaim | default (include "common.names.fullname" .) }} + {{- else }} + emptyDir: {} + {{ end }} + {{- if .Values.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }} + {{- end }} +{{- end }} diff --git a/deployment/helmchart/templates/ingress.yaml b/deployment/helmchart/templates/ingress.yaml new file mode 100644 index 0000000..f266f58 --- /dev/null +++ b/deployment/helmchart/templates/ingress.yaml @@ -0,0 +1,55 @@ +{{- if .Values.ingress.enabled -}} +apiVersion: {{ template "common.capabilities.ingress.apiVersion" . }} +kind: Ingress +metadata: + name: {{ template "common.names.fullname" . }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if or .Values.ingress.annotations .Values.ingress.certManager .Values.commonAnnotations }} + annotations: + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.ingress.annotations }} + {{- toYaml .Values.ingress.annotations | nindent 4 }} + {{- end }} + {{- if .Values.ingress.certManager }} + kubernetes.io/tls-acme: "true" + {{- end }} + {{- end }} +spec: + {{- if or .Values.ingress.tls .Values.ingress.extraTls }} + tls: + {{- if .Values.ingress.tls }} + - hosts: + - {{ .Values.ingress.hostname }} + secretName: {{ printf "%s-tls" .Values.ingress.hostname }} + {{- end }} + {{- if .Values.ingress.extraTls }} + {{- toYaml .Values.ingress.extraTls | nindent 4 }} + {{- end }} + {{- end }} + rules: + {{- if .Values.ingress.hostname }} + - host: {{ .Values.ingress.hostname }} + http: + paths: + - path: {{ .Values.ingress.path }} + {{- if eq "true" (include "common.ingress.supportsPathType" .) }} + pathType: {{ .Values.ingress.pathType }} + {{- end }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" .) "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + {{- range .Values.ingress.extraHosts }} + - host: {{ .name }} + http: + paths: + - path: {{ default "/" .path }} + {{- if eq "true" (include "common.ingress.supportsPathType" $) }} + pathType: {{ default "ImplementationSpecific" .pathType }} + {{- end }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" $) "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} +{{- end }} diff --git a/deployment/helmchart/templates/pvc.yaml b/deployment/helmchart/templates/pvc.yaml new file mode 100644 index 0000000..42e02c2 --- /dev/null +++ b/deployment/helmchart/templates/pvc.yaml @@ -0,0 +1,23 @@ +{{- if and (include "discourse.host" .) .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ template "common.names.fullname" . }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode | quote }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} + {{ include "discourse.storageClass" . }} + {{- if .Values.persistence.selector }} + selector: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.selector "context" $) | nindent 4 }} + {{- end -}} +{{- end }} diff --git a/deployment/helmchart/templates/secrets-database.yaml b/deployment/helmchart/templates/secrets-database.yaml new file mode 100644 index 0000000..d9f42f7 --- /dev/null +++ b/deployment/helmchart/templates/secrets-database.yaml @@ -0,0 +1,17 @@ +{{- if (include "discourse.postgresql.createSecret" .) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "common.names.fullname" . }}-database + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + postgresql-password: {{ .Values.externalDatabase.password | b64enc | quote }} + postgresql-postgres-password: {{ .Values.externalDatabase.postgresqlPostgresPassword | b64enc | quote }} +{{- end }} diff --git a/deployment/helmchart/templates/secrets-discourse.yaml b/deployment/helmchart/templates/secrets-discourse.yaml new file mode 100644 index 0000000..5f81810 --- /dev/null +++ b/deployment/helmchart/templates/secrets-discourse.yaml @@ -0,0 +1,23 @@ +{{- if (include "discourse.createSecret" .) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "common.names.fullname" . }}-discourse + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + {{- if and (.Values.discourse.password) (not .Values.discourse.existingSecret) }} + discourse-password: {{ .Values.discourse.password | b64enc | quote }} + {{- else if not .Values.discourse.existingSecret }} + discourse-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} + {{- if and (.Values.discourse.smtp.password) (.Values.discourse.smtp.enabled) (not .Values.discourse.smtp.existingSecret) }} + smtp-password: {{ .Values.discourse.smtp.password | b64enc | quote }} + {{- end }} +{{- end }} diff --git a/deployment/helmchart/templates/secrets-redis.yaml b/deployment/helmchart/templates/secrets-redis.yaml new file mode 100644 index 0000000..b854605 --- /dev/null +++ b/deployment/helmchart/templates/secrets-redis.yaml @@ -0,0 +1,16 @@ +{{- if (include "discourse.redis.createSecret" .) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "common.names.fullname" . }}-redis + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + redis-password: {{ .Values.externalRedis.password | b64enc | quote }} +{{- end }} diff --git a/deployment/helmchart/templates/service.yaml b/deployment/helmchart/templates/service.yaml new file mode 100644 index 0000000..b196f32 --- /dev/null +++ b/deployment/helmchart/templates/service.yaml @@ -0,0 +1,42 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.names.fullname" . }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if or .Values.service.annotations .Values.commonAnnotations}} + annotations: + {{- if .Values.service.annotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.service.annotations "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }} + {{- end }} + {{- end }} +spec: + type: {{ .Values.service.type }} + {{- if (or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort")) }} + externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | quote }} + {{- end }} + {{- if (and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP))) }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} + {{- end }} + {{- if (and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerSourceRanges) }} + loadBalancerSourceRanges: + {{ toYaml .Values.service.loadBalancerSourceRanges | nindent 4 }} + {{- end }} + ports: + - name: http + port: {{ .Values.service.port }} + targetPort: http + {{- if (and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.http))) }} + nodePort: {{ .Values.service.nodePorts.http }} + {{- else if eq .Values.service.type "ClusterIP" }} + nodePort: null + {{- end }} + {{- if .Values.service.extraPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.service.extraPorts "context" $) | nindent 4 }} + {{- end }} + selector: {{- include "common.labels.matchLabels" . | nindent 4 }} diff --git a/deployment/helmchart/templates/serviceaccount.yaml b/deployment/helmchart/templates/serviceaccount.yaml new file mode 100644 index 0000000..acbe841 --- /dev/null +++ b/deployment/helmchart/templates/serviceaccount.yaml @@ -0,0 +1,19 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "discourse.serviceAccountName" . }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if or .Values.serviceAccount.annotations .Values.commonAnnotations }} + annotations: + {{- if .Values.serviceAccount.annotations }} + {{- toYaml .Values.serviceAccount.annotations | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }} + {{- end }} + {{- end }} +{{- end -}} diff --git a/deployment/helmchart/templates/tls-secrets.yaml b/deployment/helmchart/templates/tls-secrets.yaml new file mode 100644 index 0000000..090ce7c --- /dev/null +++ b/deployment/helmchart/templates/tls-secrets.yaml @@ -0,0 +1,19 @@ +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.secrets }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .name }} + labels: {{- include "common.labels.standard" $ | nindent 4 }} + {{- if $.Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if $.Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: kubernetes.io/tls +data: + tls.crt: {{ .certificate | b64enc }} + tls.key: {{ .key | b64enc }} +{{- end }} +{{- end }} diff --git a/deployment/helmchart/values.yaml b/deployment/helmchart/values.yaml new file mode 100644 index 0000000..d5d25bd --- /dev/null +++ b/deployment/helmchart/values.yaml @@ -0,0 +1,702 @@ +## @section Global parameters +## Global Docker image parameters +## Please, note that this will override the image parameters, including dependencies, configured to use the global value +## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass + +## @param global.imageRegistry Global Docker image registry +## @param global.imagePullSecrets Global Docker registry secret names as an array +## @param global.storageClass Global StorageClass for Persistent Volume(s) +## +global: + imageRegistry: "" + ## E.g. + ## imagePullSecrets: + ## - myRegistryKeySecretName + ## + imagePullSecrets: [] + storageClass: "" + +## @section Common parameters + +## @param kubeVersion Force target Kubernetes version (using Helm capabilities if not set) +## +kubeVersion: "" +## @param nameOverride String to partially override discourse.fullname template (will maintain the release name) +## +nameOverride: "" +## @param fullnameOverride String to fully override discourse.fullname template +## +fullnameOverride: "" +## @param commonLabels Labels to be added to all deployed resources +## +commonLabels: {} +## @param commonAnnotations Annotations to be added to all deployed resources +## +commonAnnotations: {} + + +## @section Service parameters + +## Kubernetes service configuration. For minikube, set this to NodePort, elsewhere use LoadBalancer or ClusterIP +## +service: + ## @param service.type Kubernetes Service type + ## + type: LoadBalancer + ## @param service.port Service HTTP port + ## + port: 80 + ## @param service.nodePort Node Ports to expose + ## + nodePort: "" + ## @param service.loadBalancerIP Use loadBalancerIP to request a specific static IP + ## + loadBalancerIP: "" + ## @param service.externalTrafficPolicy Enable client source IP preservation + ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip + ## + externalTrafficPolicy: Cluster + ## @param service.annotations Service annotations + ## + annotations: {} + ## @param service.loadBalancerSourceRanges Limits which cidr blocks can connect to service's load balancer + ## Only valid if service.type: LoadBalancer + ## + loadBalancerSourceRanges: [] + ## @param service.extraPorts Extra ports to expose (normally used with the `sidecar` value) + ## + extraPorts: [] + ## @param service.nodePorts.http Kubernetes http node port + ## Example: + ## nodePorts: + ## http: + ## + nodePorts: + http: "" + +## @section Discourse parameters + +## Bitnami Discourse image version +## ref: https://hub.docker.com/r/bitnami/discourse/tags/ +## @param image.registry Discourse image registry +## @param image.repository Discourse image repository +## @param image.tag Discourse image tag +## @param image.pullPolicy Discourse image pull policy +## @param image.pullSecrets Discourse image pull secrets +## @param image.debug Specify if debug logs should be enabled +## +image: + registry: docker.io + repository: bitnami/discourse + tag: 2.7.8-debian-10-r22 + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## Set to true if you would like to see extra information on logs + ## + debug: false +## @param imagePullSecrets Specify docker-registry secret names as an array +## +imagePullSecrets: [] +## Discourse configuration parameters +## ref: https://github.com/bitnami/bitnami-docker-discourse#configuration +## +discourse: + ## @param discourse.host Discourse host to create application URLs (include the port if =/= 80) + ## + host: "" + ## @param discourse.siteName Discourse site name + ## + siteName: 'My Site!' + ## @param discourse.username Admin user of the application + ## + username: user + ## @param discourse.password password. WARNING: Minimum length of 10 characters + ## Defaults to a random 10-character alphanumeric string if not set + ## + password: "" + ## @param discourse.existingSecret Name of an existing secret containing the password (ignores previous password) + ## The secret should contain the following key: + ## discourse-password + ## + existingSecret: "" + ## @param discourse.email Admin user email of the application + ## + email: user@example.com + ## @param discourse.command Custom command to override image cmd + ## + command: [] + ## @param discourse.args Custom args for the custom command + ## + args: [] + ## @param discourse.containerSecurityContext Container security context specification + ## Example: + ## capabilities: + ## drop: + ## - ALL + ## readOnlyRootFilesystem: true + ## runAsNonRoot: true + ## runAsUser: 1000 + ## + containerSecurityContext: {} + ## Discourse container's resource requests and limits + ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## @param discourse.resources.limits The resources limits for the container + ## @param discourse.resources.requests The requested resources for the container + ## + resources: + ## Example: + ## limits: + ## cpu: 100m + ## memory: 128Mi + limits: {} + ## Examples: + ## requests: + ## cpu: 100m + ## memory: 128Mi + requests: {} + ## Discourse extra options for liveness probe + ## WARNING: Discourse installation process may take up some time and + ## setting inappropriate values here may lead to pods failure. + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes + ## @param discourse.livenessProbe.enabled Enable/disable livenessProbe + ## @param discourse.livenessProbe.initialDelaySeconds Delay before liveness probe is initiated + ## @param discourse.livenessProbe.periodSeconds How often to perform the probe + ## @param discourse.livenessProbe.timeoutSeconds When the probe times out + ## @param discourse.livenessProbe.failureThreshold Minimum consecutive failures for the probe + ## @param discourse.livenessProbe.successThreshold Minimum consecutive successes for the probe + ## + livenessProbe: + enabled: true + initialDelaySeconds: 500 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + ## Discourse extra options for readiness probe + ## WARNING: Discourse installation process may take up some time and + ## setting inappropriate values here may lead to pods failure. + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes + ## @param discourse.readinessProbe.enabled Enable/disable readinessProbe + ## @param discourse.readinessProbe.initialDelaySeconds Delay before readiness probe is initiated + ## @param discourse.readinessProbe.periodSeconds How often to perform the probe + ## @param discourse.readinessProbe.timeoutSeconds When the probe times out + ## @param discourse.readinessProbe.failureThreshold Minimum consecutive failures for the probe + ## @param discourse.readinessProbe.successThreshold Minimum consecutive successes for the probe + ## + readinessProbe: + enabled: true + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + ## @param discourse.customLivenessProbe Custom liveness probe to execute (when the main one is disabled) + ## + customLivenessProbe: {} + ## @param discourse.customReadinessProbe Custom readiness probe to execute (when the main one is disabled) + ## + customReadinessProbe: {} + ## Discourse SMTP settings + ## @param discourse.smtp.enabled Enable/disable SMTP + ## @param discourse.smtp.host SMTP host name + ## @param discourse.smtp.port SMTP port number + ## @param discourse.smtp.user SMTP account user name + ## @param discourse.smtp.password SMTP account password + ## @param discourse.smtp.protocol SMTP protocol (Allowed values: tls, ssl) + ## @param discourse.smtp.auth SMTP authentication method + ## @param discourse.smtp.existingSecret Name of an existing Kubernetes secret. The secret must have the following key configured: `smtp-password` + ## + smtp: + enabled: false + host: "" + port: "" + user: "" + password: "" + protocol: "" + auth: "" + existingSecret: "" + ## @param discourse.extraEnvVars An array to add extra env vars + ## For example: + ## extraEnvVars: + ## discourse: + ## - name: DISCOURSE_ELASTICSEARCH_URL + ## value: test + ## + extraEnvVars: [] + ## @param discourse.extraEnvVarsCM Array to add extra configmaps + ## + extraEnvVarsCM: [] + ## @param discourse.extraEnvVarsSecret Array to add extra environment variables from a secret + ## + extraEnvVarsSecret: "" + ## @param discourse.extraVolumeMounts Additional volume mounts (used along with `extraVolumes`) + ## Example: Mount CA file + ## extraVolumeMounts + ## - name: ca-cert + ## subPath: ca_cert + ## mountPath: /path/to/ca_cert + ## + extraVolumeMounts: [] + ## @param discourse.skipInstall Do not run the Discourse installation wizard + ## Use only in case you are importing an existing database. + ## + skipInstall: false +## @param replicaCount Number of Discourse & Sidekiq replicas +## (Note that you will need ReadWriteMany PVCs for this to work properly) +## +replicaCount: 1 +## @param extraVolumes Array of extra volumes to be added deployment. Requires setting `extraVolumeMounts` +## Example: Add secret volume +## extraVolumes: +## - name: ca-cert +## secret: +## secretName: ca-cert +## items: +## - key: ca-cert +## path: ca_cert +## +extraVolumes: [] +## @param sidecars Attach additional sidecar containers to the pod +## Example: +## sidecars: +## - name: your-image-name +## image: your-image +## imagePullPolicy: Always +## ports: +## - name: portname +## containerPort: 1234 +## +sidecars: [] +## @param initContainers Additional init containers to add to the pods +## +## e.g. +## initContainers: +## - name: your-image-name +## image: your-image +## imagePullPolicy: Always +## ports: +## - name: portname +## containerPort: 1234 +## +initContainers: [] +## @param serviceAccount.create Whether the service account should be created +## @param serviceAccount.annotations Annotations to add to the service account +## @param serviceAccount.name Name to be used for the service account +## +serviceAccount: + create: false + annotations: {} + ## If not set and create is true, a name is generated using the fullname template + ## + name: "" +## @param podSecurityContext Pod security context specification +## Example: +## fsGroup: 2000 +## +## +podSecurityContext: {} +## @param hostAliases Add deployment host aliases +## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ +## +hostAliases: [] +## Enable persistence using Persistent Volume Claims +## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ +## +persistence: + ## @param persistence.enabled Whether to enable persistence based on Persistent Volume Claims + ## + enabled: true + ## @param persistence.storageClass discourse & sidekiq data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + storageClass: "" + ## @param persistence.existingClaim Use a existing PVC which must be created manually before bound + ## + existingClaim: "" + ## @param persistence.accessMode PVC Access Mode (RWO, ROX, RWX) + ## + accessMode: ReadWriteOnce + ## @param persistence.size Size of the PVC to request + ## + size: 10Gi + ## @param persistence.selector Selector to match an existing Persistent Volume (this value is evaluated as a template) + ## selector: + ## matchLabels: + ## app: my-app + selector: {} +## @param updateStrategy.type Update strategy type. Only really applicable for deployments with RWO PVs attached +## If replicas = 1, an update can get "stuck", as the previous pod remains attached to the +## PV, and the "incoming" pod can never start. Changing the strategy to "Recreate" will +## terminate the single previous pod, so that the new, incoming pod can attach to the PV +## Example: +## updateStrategy: +## type: RollingUpdate +## rollingUpdate: +## maxSurge: 25% +## maxUnavailable: 25% +updateStrategy: + type: RollingUpdate +## @param podAnnotations Additional pod annotations +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +## +podAnnotations: {} +## @param podLabels Additional pod labels +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +## +podLabels: {} +## @param podAffinityPreset Pod affinity preset. Allowed values: soft, hard +## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity +## +podAffinityPreset: "" +## @param podAntiAffinityPreset Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity +## +podAntiAffinityPreset: soft +## Node affinity preset +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity +## @param nodeAffinityPreset.type Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` +## @param nodeAffinityPreset.key Node label key to match Ignored if `affinity` is set. +## @param nodeAffinityPreset.values Node label values to match. Ignored if `affinity` is set. +## +nodeAffinityPreset: + type: "" + ## E.g. + ## key: "kubernetes.io/e2e-az-name" + ## + key: "" + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] +## @param affinity Affinity for pod assignment +## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set +## +affinity: {} +## @param nodeSelector Node labels for pod assignment. +## Ref: https://kubernetes.io/docs/user-guide/node-selection/ +## +nodeSelector: {} +## @param tolerations Tolerations for pod assignment. +## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +## +tolerations: [] + +## @section Sidekiq parameters + +sidekiq: + ## @param sidekiq.containerSecurityContext Container security context specification + ## capabilities: + ## drop: + ## - ALL + ## readOnlyRootFilesystem: true + ## runAsNonRoot: true + ## runAsUser: 1000 + ## + containerSecurityContext: {} + ## @param sidekiq.command Custom command to override image cmd (evaluated as a template) + ## + command: ['/opt/bitnami/scripts/discourse/entrypoint.sh'] + ## @param sidekiq.args Custom args for the custom command (evaluated as a template) + ## + args: ['/opt/bitnami/scripts/discourse-sidekiq/run.sh'] + ## @param sidekiq.resources Sidekiq container resource requests and limits + ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## + resources: {} + ## Sidekiq extra options for liveness probe + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes + ## @param sidekiq.livenessProbe.enabled Enable/disable livenessProbe + ## @param sidekiq.livenessProbe.initialDelaySeconds Delay before liveness probe is initiated + ## @param sidekiq.livenessProbe.periodSeconds How often to perform the probe + ## @param sidekiq.livenessProbe.timeoutSeconds When the probe times out + ## @param sidekiq.livenessProbe.failureThreshold Minimum consecutive failures for the probe + ## @param sidekiq.livenessProbe.successThreshold Minimum consecutive successes for the probe + ## + livenessProbe: + enabled: true + initialDelaySeconds: 500 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + ## Sidekiq extra options for readiness probe + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes + ## @param sidekiq.readinessProbe.enabled Enable/disable readinessProbe + ## @param sidekiq.readinessProbe.initialDelaySeconds Delay before readiness probe is initiated + ## @param sidekiq.readinessProbe.periodSeconds How often to perform the probe + ## @param sidekiq.readinessProbe.timeoutSeconds When the probe times out + ## @param sidekiq.readinessProbe.failureThreshold Minimum consecutive failures for the probe + ## @param sidekiq.readinessProbe.successThreshold Minimum consecutive successes for the probe + ## + readinessProbe: + enabled: true + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + ## @param sidekiq.customLivenessProbe Custom liveness probe to execute (when the main one is disabled) + ## + customLivenessProbe: {} + ## @param sidekiq.customReadinessProbe Custom readiness probe to execute (when the main one is disabled) + ## + customReadinessProbe: {} + ## @param sidekiq.extraEnvVars An array to add extra env vars + ## For example: + ## extraEnvVars: + ## - name: DISCOURSE_ELASTICSEARCH_URL + ## value: test + ## + extraEnvVars: [] + ## @param sidekiq.extraEnvVarsCM Array to add extra configmaps + ## + extraEnvVarsCM: [] + ## @param sidekiq.extraEnvVarsSecret Name of the secret that holds extra env vars + ## + extraEnvVarsSecret: "" + ## @param sidekiq.extraVolumeMounts Additional volume mounts + ## Example: Mount CA file + ## extraVolumeMounts + ## - name: ca-cert + ## subPath: ca_cert + ## mountPath: /path/to/ca_cert + ## + extraVolumeMounts: [] + +## @section Volume Permissions parameters + +## Init containers parameters: +## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup +## values from the securityContext section. +## +volumePermissions: + ## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) + ## + enabled: false + ## Init containers' resource requests and limits + ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## @param volumePermissions.resources.limits The resources limits for the init container + ## @param volumePermissions.resources.requests The requested resources for the init container + ## + resources: + ## Example: + ## limits: + ## cpu: 100m + ## memory: 128Mi + limits: {} + ## Examples: + ## requests: + ## cpu: 100m + ## memory: 128Mi + requests: {} + +## @section Ingress parameters + +## Ingress parameters +## +ingress: + ## @param ingress.enabled Enable ingress controller resource + ## + enabled: false + ## @param ingress.certManager Add annotations for cert-manager + ## + certManager: false + ## @param ingress.hostname Default host for the ingress resource + ## + hostname: discourse.local + ## @param ingress.apiVersion Force Ingress API version (automatically detected if not set) + ## + apiVersion: "" + ## @param ingress.path Ingress path + ## + path: / + ## @param ingress.pathType Ingress path type + ## + pathType: ImplementationSpecific + ## @param ingress.annotations Ingress annotations done as key:value pairs + ## For a full list of possible ingress annotations, please see + ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md + ## + ## If certManager is set to true, annotation kubernetes.io/tls-acme: "true" will automatically be set + ## + annotations: {} + ## @param ingress.tls Enable TLS configuration for the hostname defined at ingress.hostname parameter + ## TLS certificates will be retrieved from a TLS secret with name: {{- printf "%s-tls" .Values.ingress.hostname }} + ## You can use the ingress.secrets parameter to create this TLS secret or relay on cert-manager to create it + ## + tls: false + ## @param ingress.extraHosts The list of additional hostnames to be covered with this ingress record. + ## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array + ## extraHosts: + ## - name: discourse.local + ## path: / + extraHosts: [] + ## @param ingress.extraTls The tls configuration for additional hostnames to be covered with this ingress record. + ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls + ## extraTls: + ## - hosts: + ## - discourse.local + ## secretName: discourse.local-tls + extraTls: [] + ## @param ingress.secrets If you're providing your own certificates, please use this to add the certificates as secrets + ## key and certificate should start with -----BEGIN CERTIFICATE----- or + ## -----BEGIN RSA PRIVATE KEY----- + ## + ## name should line up with a tlsSecret set further up + ## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set + ## + ## It is also possible to create and manage the certificates outside of this helm chart + ## Please see README.md for more information + ## Example: + ## - name: discourse.local-tls + ## key: + ## certificate: + secrets: [] + +## @section Database parameters + +## PostgreSQL chart configuration +## https://github.com/bitnami/charts/blob/master/bitnami/postgresql/values.yaml +## +postgresql: + ## @param postgresql.enabled Deploy PostgreSQL container(s) + ## + enabled: true + ## @param postgresql.postgresqlUsername PostgreSQL user to create (used by Discourse). Has superuser privileges if username is `postgres`. + ## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#setting-the-root-password-on-first-run + ## + postgresqlUsername: bn_discourse + ## @param postgresql.postgresqlPassword PostgreSQL password + ## Defaults to a random 10-character alphanumeric string if not set + ## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#setting-the-root-password-on-first-run + ## + postgresqlPassword: "" + ## @param postgresql.postgresqlPostgresPassword PostgreSQL admin password (used when `postgresqlUsername` is not `postgres`) + ## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#creating-a-database-user-on-first-run (see note!) + ## + postgresqlPostgresPassword: 'bitnami' + ## @param postgresql.existingSecret Name of existing secret object + ## The secret should contain the following keys: + ## postgresql-postgres-password (for root user) + ## postgresql-password (for the unprivileged user) + ## + existingSecret: "" + ## @param postgresql.postgresqlDatabase Name of the database to create + ## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#creating-a-database-on-first-run + ## + postgresqlDatabase: bitnami_application + ## @param postgresql.persistence.enabled Enable database persistence using PVC + ## + persistence: + enabled: true +## External database configuration +## +externalDatabase: + ## @param externalDatabase.host Host of the external database + ## + host: "" + ## @param externalDatabase.port Database port number (when using an external db) + ## + port: 5432 + ## @param externalDatabase.user Non-root PostgreSQL username (when using an external db) + ## + user: bn_discourse + ## @param externalDatabase.password Password for the above username (when using an external db) + ## + password: "" + ## @param externalDatabase.create PostgreSQL create user/database + ## If true it will add POSTGRESQL_CLIENT_* env vars to the deployment which will create the PostgreSQL user & database using the provided admin credentials + ## + create: true + ## @param externalDatabase.postgresqlPostgresUser PostgreSQL admin user, used during the installation stage (when using an external db) + ## + postgresqlPostgresUser: "" + ## @param externalDatabase.postgresqlPostgresPassword PostgreSQL admin password used in the installation stage (when using an external db) + ## + postgresqlPostgresPassword: "" + ## @param externalDatabase.existingSecret Name of existing secret object + ## The secret should contain the following keys: + ## postgresql-postgres-password (for root user) + ## postgresql-password (for the unprivileged user) + ## + existingSecret: "" + ## @param externalDatabase.database Name of the existing database (when using an external db) + ## + database: bitnami_application + +## @section Redis™ parameters + +## Redis™ chart configuration +## https://github.com/bitnami/charts/blob/master/bitnami/redis/values.yaml +## +redis: + ## @param redis.enabled Whether to deploy a redis server to satisfy the applications requirements. To use an external redis instance set this to false and configure the externalRedis parameters + ## + enabled: true + ## Use password authentication + ## @param redis.auth.enabled Use password authentication + ## @param redis.auth.password Redis™ password (both master and replica) + ## @param redis.auth.existingSecret Name of an existing Kubernetes secret object containing the password + ## @param redis.auth.existingSecretPasswordKey Name of the key pointing to the password in your Kubernetes secret + ## + auth: + enabled: false + ## Defaults to a random 10-character alphanumeric string if not set and auth.enabled is true. + ## It should always be set using the password value or in the existingSecret to avoid issues + ## with Discourse. + ## The password value is ignored if existingSecret is set + password: "" + existingSecret: "" + existingSecretPasswordKey: 'redis-password' + ## @param redis.architecture Cluster settings + ## + architecture: standalone + ## Redis™ Master parameters + ## @param redis.master.persistence.enabled Enable database persistence using PVC + ## + master: + persistence: + enabled: true +## External Redis™ +## @param externalRedis.host Host of the external database +## @param externalRedis.port Database port number +## @param externalRedis.password Password for the external Redis. Ignored if existingSecret is set +## @param externalRedis.existingSecret Name of an existing Kubernetes secret object containing the password +## @param externalRedis.existingSecretPasswordKey Name of the key pointing to the password in your Kubernetes secret +## +externalRedis: + host: "" + port: 6379 + password: "" + existingSecret: "" + existingSecretPasswordKey: 'redis-password' From 44c020e37fa1cbdb9dd70509ad353d24ebb1a53a Mon Sep 17 00:00:00 2001 From: Maarten de Waard Date: Thu, 30 Sep 2021 15:33:22 +0200 Subject: [PATCH 02/11] remove all postgres and redis, rename everything to adminFrontend, remove other things we do not need --- deployment/helmchart/templates/NOTES.txt | 165 ------------- deployment/helmchart/templates/_helpers.tpl | 206 ++-------------- .../helmchart/templates/configmaps.yaml | 56 ++--- .../helmchart/templates/deployment.yaml | 220 +++++------------- deployment/helmchart/templates/pvc.yaml | 5 +- .../helmchart/templates/secrets-database.yaml | 17 -- .../templates/secrets-discourse.yaml | 16 +- .../helmchart/templates/secrets-redis.yaml | 16 -- .../helmchart/templates/serviceaccount.yaml | 2 +- 9 files changed, 109 insertions(+), 594 deletions(-) delete mode 100644 deployment/helmchart/templates/NOTES.txt delete mode 100644 deployment/helmchart/templates/secrets-database.yaml delete mode 100644 deployment/helmchart/templates/secrets-redis.yaml diff --git a/deployment/helmchart/templates/NOTES.txt b/deployment/helmchart/templates/NOTES.txt deleted file mode 100644 index 8caea61..0000000 --- a/deployment/helmchart/templates/NOTES.txt +++ /dev/null @@ -1,165 +0,0 @@ -{{- $secretName := include "discourse.secretName" . -}} -{{- $postgresqlSecretName := include "discourse.postgresql.secretName" . -}} -{{- $redisSecretName := include "discourse.redis.secretName" . -}} - -{{- if or .Values.postgresql.enabled .Values.externalDatabase.host -}} - -{{- if empty (include "discourse.host" .) -}} -############################################################################### -### ERROR: You did not provide an external host in your 'helm install' call ### -############################################################################### - -This deployment will be incomplete until you configure Discourse with a resolvable host. To configure Discourse with the URL of your service: - -1. Get the discourse URL by running: - - {{- if contains "NodePort" .Values.service.type }} - export DISCOURSE_HOST=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}"):$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} -o jsonpath="{.spec.ports[0].nodePort}") - {{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "common.names.fullname" . }}' - - export DISCOURSE_HOST=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") - {{- end }} - {{ include "common.utils.secret.getvalue" (dict "secret" $secretName "field" "discourse-password" "context" $) }} - {{ include "common.utils.secret.getvalue" (dict "secret" $postgresqlSecretName "field" "postgresql-password" "context" $) }} - {{- if (include "discourse.redis.auth.enabled" .) }} - {{ include "common.utils.secret.getvalue" (dict "secret" $redisSecretName "field" "redis-password" "context" $) }} - {{- end }} - -2. Complete your Discourse deployment by running: - -{{- if .Values.postgresql.enabled }} - - helm upgrade --namespace {{ .Release.Namespace }} {{ .Release.Name }} bitnami/{{ .Chart.Name }} \ - --set discourse.host=$DISCOURSE_HOST \ - --set discourse.password=$DISCOURSE_PASSWORD \ - {{- if .Values.global }}{{- if .Values.global.imagePullSecrets }} - --set global.imagePullSecrets={{ .Values.global.imagePullSecrets }} \ - {{- end }}{{- end }} - {{- if and .Values.redis.enabled .Values.redis.auth.enabled (not .Values.redis.auth.existingSecret) (not .Values.redis.auth.password) }} - --set redis.auth.password=$REDIS_PASSWORD \ - {{- end }} - --set postgresql.postgresqlPassword=$POSTGRESQL_PASSWORD - -{{- else }} - - ## PLEASE UPDATE THE EXTERNAL DATABASE CONNECTION PARAMETERS IN THE FOLLOWING COMMAND AS NEEDED ## - - helm upgrade --namespace {{ .Release.Namespace }} {{ .Release.Name }} bitnami/{{ .Chart.Name }} \ - --set discourse.host=$DISCOURSE_HOST \ - --set discourse.password=$DISCOURSE_PASSWORD \ - --set service.type={{ .Values.service.type }} \ - --set externalDatabase.host={{ .Values.externalDatabase.host }} \ - --set externalDatabase.port={{ .Values.externalDatabase.port }} \ - --set externalDatabase.user={{ .Values.externalDatabase.user }} \ - --set externalDatabase.password=$POSTGRESQL_PASSWORD \ - --set externalDatabase.database={{ .Values.externalDatabase.database }} \ - {{- if .Values.global }}{{- if .Values.global.imagePullSecrets }} - --set global.imagePullSecrets={{ .Values.global.imagePullSecrets }} \ - {{- end }}{{- end }} - {{- if and .Values.redis.enabled .Values.redis.auth.enabled (not .Values.redis.auth.existingSecret) (not .Values.redis.auth.password) }} - --set redis.auth.password=$REDIS_PASSWORD \ - {{- end }} - --set postgresql.enabled=false -{{- end }} - -{{- else -}} - -1. Get the Discourse URL by running: - - Discourse URL : http://{{ include "discourse.host" . }}/ - -{{- if eq .Values.service.type "ClusterIP" }} - kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ template "common.names.fullname" . }} 80:{{ .Values.service.port }} -{{- end }} - -2. Get your Discourse login credentials by running: - - Username: {{ .Values.discourse.username }} - {{ include "common.utils.secret.getvalue" (dict "secret" $secretName "field" "discourse-password" "context" $) }} - {{ include "common.utils.secret.getvalue" (dict "secret" $postgresqlSecretName "field" "postgresql-password" "context" $) }} - {{- if (include "discourse.redis.auth.enabled" .) }} - {{ include "common.utils.secret.getvalue" (dict "secret" $redisSecretName "field" "redis-password" "context" $) }} - {{- end }} - -{{- end }} - -{{- else -}} - -######################################################################################## -### ERROR: You did not provide an external database host in your 'helm install' call ### -######################################################################################## - -This deployment will be incomplete until you configure Discourse with a resolvable database host. To configure Discourse to use and external database host: - -1. Complete your Discourse deployment by running: - -{{- if contains "NodePort" .Values.service.type }} - export DISCOURSE_HOST=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}"):$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} -o jsonpath="{.spec.ports[0].nodePort}") -{{- else if contains "LoadBalancer" .Values.service.type }} - - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "common.names.fullname" . }}' - - export DISCOURSE_HOST=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") -{{- else }} - - export DISCOURSE_HOST=127.0.0.1 -{{- end }} - {{ include "common.utils.secret.getvalue" (dict "secret" $secretName "field" "discourse-password" "context" $) }} - {{ include "common.utils.secret.getvalue" (dict "secret" $postgresqlSecretName "field" "postgresql-password" "context" $) }} - {{- if (include "discourse.redis.auth.enabled" .) }} - {{ include "common.utils.secret.getvalue" (dict "secret" $redisSecretName "field" "redis-password" "context" $) }} - {{- end }} - - - ## PLEASE UPDATE THE EXTERNAL DATABASE CONNECTION PARAMETERS IN THE FOLLOWING COMMAND AS NEEDED ## - - helm upgrade --namespace {{ .Release.Namespace }} {{ .Release.Name }} bitnami/{{ .Chart.Name }} \ - --set discourse.host=$DISCOURSE_HOST \ - --set discourse.password=$DISCOURSE_PASSWORD \ - --set postgresql.enabled=false \ - {{- if not (empty .Values.externalDatabase.user) }} - --set externalDatabase.user={{ .Values.externalDatabase.user }} \ - {{- end }} - {{- if not (empty .Values.externalDatabase.password) }} - --set externalDatabase.password=$POSTGRESQL_PASSWORD \ - {{- end }} - {{- if not (empty .Values.externalDatabase.database) }} - --set externalDatabase.database={{ .Values.externalDatabase.database }} - {{- end }} - --set externalDatabase.host=YOUR_EXTERNAL_DATABASE_HOST \ - {{- if .Values.global }}{{- if .Values.global.imagePullSecrets }} - --set global.imagePullSecrets={{ .Values.global.imagePullSecrets }} \ - {{- end }}{{- end }} - {{- if and .Values.redis.enabled .Values.redis.auth.enabled (not .Values.redis.auth.existingSecret) (not .Values.redis.auth.password) }} - --set redis.auth.password=$REDIS_PASSWORD \ - {{- end }} - --set service.type={{ .Values.service.type }} -{{- end }} - -{{ if and .Values.postgresql.enabled (not .Values.postgresql.existingSecret) (eq .Values.postgresql.postgresqlPostgresPassword "bitnami") -}} -##################################################################################### -### WARNING: You did not change the default password for the PostgreSQL root user ### -##################################################################################### -{{- end }} - -{{- include "common.warnings.rollingTag" .Values.image }} - -{{- $passwordValidationErrors := list -}} -{{- if not .Values.discourse.existingSecret -}} - {{- $requiredDiscoursePassword := dict "valueKey" "discourse.password" "secret" $secretName "field" "discourse-password" "context" $ -}} - {{- $requiredDiscoursePasswordError := include "common.validations.values.single.empty" $requiredDiscoursePassword -}} - {{- $passwordValidationErrors = append $passwordValidationErrors $requiredDiscoursePasswordError -}} -{{- end -}} - -{{- $postgresqlPasswordValidationErrors := include "common.validations.values.postgresql.passwords" (dict "secret" $postgresqlSecretName "subchart" true "context" $) -}} -{{- $passwordValidationErrors = append $passwordValidationErrors $postgresqlPasswordValidationErrors -}} - -{{- if (include "discourse.redis.auth.enabled" .) }} -{{- $redisPasswordValidationErrors := include "common.validations.values.redis.passwords" (dict "secret" $redisSecretName "subchart" true "context" $) -}} -{{- $passwordValidationErrors = append $passwordValidationErrors $redisPasswordValidationErrors -}} -{{- end }} - -{{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" $passwordValidationErrors "context" $) -}} diff --git a/deployment/helmchart/templates/_helpers.tpl b/deployment/helmchart/templates/_helpers.tpl index 9bc649d..f6dd8cd 100644 --- a/deployment/helmchart/templates/_helpers.tpl +++ b/deployment/helmchart/templates/_helpers.tpl @@ -1,24 +1,8 @@ -{{/* -Create a default fully qualified app name -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "postgresql.fullname" -}} -{{- printf "%s-%s" .Release.Name "postgresql" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "redis.fullname" -}} -{{- printf "%s-%s" .Release.Name "redis" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - {{/* Create the name of the service account to use */}} -{{- define "discourse.serviceAccountName" -}} +{{- define "adminFrontend.serviceAccountName" -}} {{- if .Values.serviceAccount.create -}} {{ default (include "common.names.fullname" .) .Values.serviceAccount.name }} {{- else -}} @@ -29,46 +13,46 @@ Create the name of the service account to use {{/* Return the proper Docker image registry secret names */}} -{{- define "discourse.imagePullSecrets" -}} +{{- define "adminFrontend.imagePullSecrets" -}} {{ include "common.images.pullSecrets" (dict "images" (list .Values.image) "global" .Values.global) }} {{- end -}} {{/* -Return true if a secret object for Discourse should be created +Return true if a secret object for Admin-frontend should be created */}} -{{- define "discourse.createSecret" -}} -{{- if or (not .Values.discourse.existingSecret) (and (not .Values.discourse.smtp.existingSecret) .Values.discourse.smtp.password .Values.discourse.smtp.enabled) }} +{{- define "adminFrontend.createSecret" -}} +{{- if or (not .Values.adminFrontend.existingSecret) (and (not .Values.adminFrontend.smtp.existingSecret) .Values.adminFrontend.smtp.password .Values.adminFrontend.smtp.enabled) }} {{- true -}} {{- end -}} {{- end -}} {{/* -Return the Discourse secret name +Return the Admin-frontend secret name */}} -{{- define "discourse.secretName" -}} -{{- if .Values.discourse.existingSecret }} - {{- printf "%s" .Values.discourse.existingSecret -}} +{{- define "adminFrontend.secretName" -}} +{{- if .Values.adminFrontend.existingSecret }} + {{- printf "%s" .Values.adminFrontend.existingSecret -}} {{- else -}} - {{- printf "%s-discourse" (include "common.names.fullname" .) -}} + {{- printf "%s-adminFrontend" (include "common.names.fullname" .) -}} {{- end -}} {{- end -}} {{/* -Return the Discourse SMTP secret name +Return the Admin-frontend SMTP secret name */}} -{{- define "discourse.smtp.secretName" -}} -{{- if .Values.discourse.smtp.existingSecret }} - {{- printf "%s" .Values.discourse.smtp.existingSecret -}} +{{- define "adminFrontend.smtp.secretName" -}} +{{- if .Values.adminFrontend.smtp.existingSecret }} + {{- printf "%s" .Values.adminFrontend.smtp.existingSecret -}} {{- else -}} - {{- printf "%s-discourse" (include "common.names.fullname" .) -}} + {{- printf "%s-adminFrontend" (include "common.names.fullname" .) -}} {{- end -}} {{- end -}} {{/* -Return true if Discourse SMTP uses password authentication +Return true if Admin-frontend SMTP uses password authentication */}} -{{- define "discourse.smtp.password.enabled" -}} -{{- if and (or .Values.discourse.smtp.password .Values.discourse.smtp.existingSecret) .Values.discourse.smtp.enabled }} +{{- define "adminFrontend.smtp.password.enabled" -}} +{{- if and (or .Values.adminFrontend.smtp.password .Values.adminFrontend.smtp.existingSecret) .Values.adminFrontend.smtp.enabled }} {{- true -}} {{- end -}} {{- end -}} @@ -77,7 +61,7 @@ Return true if Discourse SMTP uses password authentication Get the user defined LoadBalancerIP for this release Note, returns 127.0.0.1 if using ClusterIP. */}} -{{- define "discourse.serviceIP" -}} +{{- define "adminFrontend.serviceIP" -}} {{- if eq .Values.service.type "ClusterIP" -}} 127.0.0.1 {{- else -}} @@ -89,161 +73,21 @@ Note, returns 127.0.0.1 if using ClusterIP. Gets the host to be used for this application. If not using ClusterIP, or if a host or LoadBalancerIP is not defined, the value will be empty */}} -{{- define "discourse.host" -}} -{{- $host := .Values.discourse.host | default "" -}} -{{- default (include "discourse.serviceIP" .) $host -}} +{{- define "adminFrontend.host" -}} +{{- $host := .Values.adminFrontend.host | default "" -}} +{{- default (include "adminFrontend.serviceIP" .) $host -}} {{- end -}} {{/* -Return the proper Discourse image name +Return the proper Admin-frontend image name */}} -{{- define "discourse.image" -}} +{{- define "adminFrontend.image" -}} {{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }} {{- end -}} {{/* Return the proper Storage Class */}} -{{- define "discourse.storageClass" -}} +{{- define "adminFrontend.storageClass" -}} {{- include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) -}} {{- end -}} - -{{/* -Return the Postgresql hostname -*/}} -{{- define "discourse.databaseHost" -}} -{{- if .Values.postgresql.enabled }} - {{- printf "%s" (include "postgresql.fullname" .) -}} -{{- else -}} - {{- printf "%s" .Values.externalDatabase.host -}} -{{- end -}} -{{- end -}} - -{{/* -Return the Postgresql port -*/}} -{{- define "discourse.databasePort" -}} -{{- if .Values.postgresql.enabled }} - {{- printf "5432" | quote -}} -{{- else -}} - {{- .Values.externalDatabase.port | quote -}} -{{- end -}} -{{- end -}} - -{{/* -Return the Postgresql database name -*/}} -{{- define "discourse.databaseName" -}} -{{- if .Values.postgresql.enabled }} - {{- printf "%s" .Values.postgresql.postgresqlDatabase -}} -{{- else -}} - {{- printf "%s" .Values.externalDatabase.database -}} -{{- end -}} -{{- end -}} - -{{/* -Return the Postgresql user -*/}} -{{- define "discourse.databaseUser" -}} -{{- if .Values.postgresql.enabled }} - {{- printf "%s" .Values.postgresql.postgresqlUsername -}} -{{- else -}} - {{- printf "%s" .Values.externalDatabase.user -}} -{{- end -}} -{{- end -}} - -{{/* -Return true if a secret object for Postgres should be created -*/}} -{{- define "discourse.postgresql.createSecret" -}} -{{- if and (not .Values.postgresql.enabled) (not .Values.externalDatabase.existingSecret) }} - {{- true -}} -{{- end -}} -{{- end -}} - -{{/* -Return the Postgresql secret name -*/}} -{{- define "discourse.postgresql.secretName" -}} -{{- if .Values.postgresql.enabled }} - {{- if .Values.postgresql.existingSecret }} - {{- printf "%s" .Values.postgresql.existingSecret -}} - {{- else -}} - {{- printf "%s" (include "postgresql.fullname" .) -}} - {{- end -}} -{{- else if .Values.externalDatabase.existingSecret }} - {{- printf "%s" .Values.externalDatabase.existingSecret -}} -{{- else -}} - {{- printf "%s-database" (include "common.names.fullname" .) -}} -{{- end -}} -{{- end -}} - -{{/* -Return the Redis™ hostname -*/}} -{{- define "discourse.redisHost" -}} -{{- if .Values.redis.enabled }} - {{- printf "%s-master" (include "redis.fullname" .) -}} -{{- else -}} - {{- printf "%s" .Values.externalRedis.host -}} -{{- end -}} -{{- end -}} - -{{/* -Return the Redis™ port -*/}} -{{- define "discourse.redisPort" -}} -{{- if .Values.redis.enabled }} - {{- printf "6379" | quote -}} -{{- else -}} - {{- .Values.externalRedis.port | quote -}} -{{- end -}} -{{- end -}} - -{{/* -Return true if a secret object for Redis™ should be created -*/}} -{{- define "discourse.redis.createSecret" -}} -{{- if and (not .Values.redis.enabled) (not .Values.externalRedis.existingSecret) .Values.externalRedis.password }} - {{- true -}} -{{- end -}} -{{- end -}} - -{{/* -Return the Redis™ secret name -*/}} -{{- define "discourse.redis.secretName" -}} -{{- if .Values.redis.enabled }} - {{- if .Values.redis.auth.existingSecret }} - {{- printf "%s" .Values.redis.auth.existingSecret -}} - {{- else -}} - {{- printf "%s" (include "redis.fullname" .) -}} - {{- end -}} -{{- else if .Values.externalRedis.existingSecret }} - {{- printf "%s" .Values.externalRedis.existingSecret -}} -{{- else -}} - {{- printf "%s-redis" (include "common.names.fullname" .) -}} -{{- end -}} -{{- end -}} - -{{/* -Return the Redis™ secret key -*/}} -{{- define "discourse.redis.secretPasswordKey" -}} -{{- if and .Values.redis.enabled .Values.redis.auth.existingSecret }} - {{- required "You need to provide existingSecretPasswordKey when an existingSecret is specified in redis" .Values.redis.auth.existingSecretPasswordKey | printf "%s" }} -{{- else if and (not .Values.redis.enabled) .Values.externalRedis.existingSecret }} - {{- required "You need to provide existingSecretPasswordKey when an existingSecret is specified in redis" .Values.externalRedis.existingSecretPasswordKey | printf "%s" }} -{{- else -}} - {{- printf "redis-password" -}} -{{- end -}} -{{- end -}} - -{{/* -Return whether Redis™ uses password authentication or not -*/}} -{{- define "discourse.redis.auth.enabled" -}} -{{- if or (and .Values.redis.enabled .Values.redis.auth.enabled) (and (not .Values.redis.enabled) (or .Values.externalRedis.password .Values.externalRedis.existingSecret)) }} - {{- true -}} -{{- end -}} -{{- end -}} diff --git a/deployment/helmchart/templates/configmaps.yaml b/deployment/helmchart/templates/configmaps.yaml index cded68d..d854040 100644 --- a/deployment/helmchart/templates/configmaps.yaml +++ b/deployment/helmchart/templates/configmaps.yaml @@ -11,40 +11,22 @@ metadata: {{- end }} data: {{- $port := .Values.service.port | toString }} - DISCOURSE_HOST: "{{ include "discourse.host" . }}" - DISCOURSE_SKIP_INSTALL: {{ ternary "yes" "no" .Values.discourse.skipInstall | quote }} - DISCOURSE_SITE_NAME: {{ .Values.discourse.siteName | quote }} - DISCOURSE_USERNAME: {{ .Values.discourse.username | quote }} - DISCOURSE_EMAIL: {{ .Values.discourse.email | quote }} - DISCOURSE_REDIS_HOST: {{ template "discourse.redisHost" . }} - DISCOURSE_REDIS_PORT_NUMBER: {{ template "discourse.redisPort" . }} - DISCOURSE_DATABASE_HOST: {{ template "discourse.databaseHost" . }} - DISCOURSE_DATABASE_PORT_NUMBER: {{ template "discourse.databasePort" . }} - DISCOURSE_DATABASE_NAME: {{ template "discourse.databaseName" . }} - DISCOURSE_DATABASE_USER: {{ template "discourse.databaseUser" . }} - {{- if .Values.discourse.smtp.enabled }} - DISCOURSE_SMTP_HOST: {{ .Values.discourse.smtp.host | quote }} - DISCOURSE_SMTP_PORT: {{ .Values.discourse.smtp.port | quote }} - {{- if .Values.discourse.smtp.user }} - DISCOURSE_SMTP_USER: {{ .Values.discourse.smtp.user | quote }} - {{- end }} - {{- if .Values.discourse.smtp.protocol }} - DISCOURSE_SMTP_PROTOCOL: {{ .Values.discourse.smtp.protocol | quote }} - {{- end }} - {{- if .Values.discourse.smtp.auth }} - DISCOURSE_SMTP_AUTH: {{ .Values.discourse.smtp.auth | quote }} - {{- end }} - {{- end }} - {{- if or .Values.postgresql.enabled .Values.externalDatabase.create }} - POSTGRESQL_CLIENT_DATABASE_HOST: {{ template "discourse.databaseHost" . }} - POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER: {{ template "discourse.databasePort" . }} - {{- if or .Values.postgresql.enabled (not .Values.externalDatabase.postgresqlPostgresUser) }} - POSTGRESQL_CLIENT_POSTGRES_USER: "postgres" - {{- else }} - POSTGRESQL_CLIENT_POSTGRES_USER: {{ .Values.externalDatabase.postgresqlPostgresUser | quote }} - POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME: {{ .Values.externalDatabase.user | quote }} - POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD: {{ .Values.externalDatabase.password | quote }} - {{- end }} - POSTGRESQL_CLIENT_CREATE_DATABASE_NAME: {{ template "discourse.databaseName" . }} - POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS: "hstore,pg_trgm" - {{- end }} + REACT_APP_API_URL: {{ .Values.adminFrontend.reactAppApiUrl }} + EXTEND_ESLINT: {{ .Values.adminFrontend.extendEslint }} + ADMIN_FRONTEND_HOST: "{{ include "adminFrontend.host" . }}" + # Probably needed in the future: + # ADMIN_FRONTEND_USERNAME: {{ .Values.adminFrontend.username | quote }} + # ADMIN_FRONTEND_EMAIL: {{ .Values.adminFrontend.email | quote }} + # {{- if .Values.adminFrontend.smtp.enabled }} + # ADMIN_FRONTEND_SMTP_HOST: {{ .Values.adminFrontend.smtp.host | quote }} + # ADMIN_FRONTEND_SMTP_PORT: {{ .Values.adminFrontend.smtp.port | quote }} + # {{- if .Values.adminFrontend.smtp.user }} + # ADMIN_FRONTEND_SMTP_USER: {{ .Values.adminFrontend.smtp.user | quote }} + # {{- end }} + # {{- if .Values.adminFrontend.smtp.protocol }} + # ADMIN_FRONTEND_SMTP_PROTOCOL: {{ .Values.adminFrontend.smtp.protocol | quote }} + # {{- end }} + # {{- if .Values.adminFrontend.smtp.auth }} + # ADMIN_FRONTEND_SMTP_AUTH: {{ .Values.adminFrontend.smtp.auth | quote }} + # {{- end }} + # {{- end }} diff --git a/deployment/helmchart/templates/deployment.yaml b/deployment/helmchart/templates/deployment.yaml index 7a94f21..4f9d32e 100644 --- a/deployment/helmchart/templates/deployment.yaml +++ b/deployment/helmchart/templates/deployment.yaml @@ -1,10 +1,10 @@ -{{- if and (include "discourse.host" .) (or .Values.postgresql.enabled .Values.externalDatabase.host) -}} +{{- if (include "adminFrontend.host" .) -}} apiVersion: {{ template "common.capabilities.deployment.apiVersion" . }} kind: Deployment metadata: name: {{ template "common.names.fullname" . }} labels: {{- include "common.labels.standard" . | nindent 4 }} - component: discourse + component: adminFrontend {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} @@ -15,19 +15,14 @@ spec: replicas: {{ .Values.replicaCount }} selector: matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }} - component: discourse + component: adminFrontend {{- if .Values.updateStrategy }} strategy: {{- toYaml .Values.updateStrategy | nindent 4 }} {{- end }} template: metadata: - annotations: - checksum/config: {{ include (print $.Template.BasePath "/configmaps.yaml") . | sha256sum }} - checksum/secrets-discourse: {{ include (print $.Template.BasePath "/secrets-discourse.yaml") . | sha256sum }} - checksum/secrets-database: {{ include (print $.Template.BasePath "/secrets-database.yaml") . | sha256sum }} - checksum/secrets-redis: {{ include (print $.Template.BasePath "/secrets-redis.yaml") . | sha256sum }} labels: {{- include "common.labels.standard" . | nindent 8 }} - component: discourse + component: adminFrontend {{- if .Values.podLabels }} {{- include "common.tplvalues.render" (dict "value" .Values.podLabels "context" $) | nindent 8 }} {{- end }} @@ -35,7 +30,7 @@ spec: annotations: {{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }} {{- end }} spec: - {{- include "discourse.imagePullSecrets" . | nindent 6 }} + {{- include "adminFrontend.imagePullSecrets" . | nindent 6 }} {{- if .Values.hostAliases }} hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }} {{- end }} @@ -53,7 +48,7 @@ spec: {{- if .Values.tolerations }} tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" $) | nindent 8 }} {{- end }} - serviceAccountName: {{ include "discourse.serviceAccountName" . }} + serviceAccountName: {{ include "adminFrontend.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} initContainers: {{- if .Values.initContainers }} @@ -61,214 +56,105 @@ spec: {{- end }} {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }} - name: volume-permissions - image: {{ include "discourse.image" . }} + image: {{ include "adminFrontend.image" . }} imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} command: - sh - -c - | - mkdir -p "/bitnami/discourse" - chown -R "discourse:root" "/bitnami/discourse" + mkdir -p "/bitnami/adminFrontend" + chown -R "adminFrontend:root" "/bitnami/adminFrontend" securityContext: runAsUser: 0 {{- if .Values.volumePermissions.resources }} resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} {{- end }} volumeMounts: - - name: discourse-data - mountPath: /bitnami/discourse + - name: adminFrontend-data + mountPath: /bitnami/adminFrontend {{- end }} containers: - - name: discourse - securityContext: {{- toYaml .Values.discourse.containerSecurityContext | nindent 12 }} - image: {{ template "discourse.image" . }} + - name: adminFrontend + securityContext: {{- toYaml .Values.adminFrontend.containerSecurityContext | nindent 12 }} + image: {{ template "adminFrontend.image" . }} imagePullPolicy: {{ .Values.image.pullPolicy | quote }} - {{- if .Values.discourse.command }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.discourse.command "context" $) | nindent 12 }} + {{- if .Values.adminFrontend.command }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.command "context" $) | nindent 12 }} {{- end }} - {{- if .Values.discourse.args }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.discourse.args "context" $) | nindent 12 }} + {{- if .Values.adminFrontend.args }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.args "context" $) | nindent 12 }} {{- end }} env: - - name: BITNAMI_DEBUG - value: {{ ternary "true" "false" .Values.image.debug | quote }} - - name: DISCOURSE_PASSWORD + - name: ADMIN_FRONTEND_PASSWORD valueFrom: secretKeyRef: - name: {{ include "discourse.secretName" . }} - key: discourse-password - - name: DISCOURSE_DATABASE_PASSWORD + name: {{ include "adminFrontend.secretName" . }} + key: adminFrontend-password + {{- if (include "adminFrontend.smtp.password.enabled" .) }} + - name: ADMIN_FRONTEND_SMTP_PASSWORD valueFrom: secretKeyRef: - name: {{ include "discourse.postgresql.secretName" . }} - key: postgresql-password - {{- if or .Values.postgresql.enabled .Values.externalDatabase.create }} - - name: POSTGRESQL_CLIENT_POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "discourse.postgresql.secretName" . }} - key: postgresql-postgres-password - {{- end }} - {{- if (include "discourse.redis.auth.enabled" .) }} - - name: DISCOURSE_REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "discourse.redis.secretName" . }} - key: {{ include "discourse.redis.secretPasswordKey" . }} - {{- end }} - {{- if (include "discourse.smtp.password.enabled" .) }} - - name: DISCOURSE_SMTP_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "discourse.smtp.secretName" . }} + name: {{ include "adminFrontend.smtp.secretName" . }} key: smtp-password {{- end }} - {{- if .Values.discourse.extraEnvVars }} - {{- include "common.tplvalues.render" (dict "value" .Values.discourse.extraEnvVars "context" $) | nindent 12 }} + {{- if .Values.adminFrontend.extraEnvVars }} + {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.extraEnvVars "context" $) | nindent 12 }} {{- end }} envFrom: - configMapRef: name: {{ include "common.names.fullname" . }} - {{- if .Values.discourse.extraEnvVarsCM }} + {{- if .Values.adminFrontend.extraEnvVarsCM }} - configMapRef: - name: {{ .Values.discourse.extraEnvVarsCM }} + name: {{ .Values.adminFrontend.extraEnvVarsCM }} {{- end }} - {{- if .Values.discourse.extraEnvVarsSecret }} + {{- if .Values.adminFrontend.extraEnvVarsSecret }} - secretRef: - name: {{ .Values.discourse.extraEnvVarsSecret }} + name: {{ .Values.adminFrontend.extraEnvVarsSecret }} {{- end }} ports: - name: http containerPort: 3000 protocol: TCP - {{- if .Values.discourse.livenessProbe.enabled }} + {{- if .Values.adminFrontend.livenessProbe.enabled }} livenessProbe: httpGet: path: /srv/status port: http - initialDelaySeconds: {{ .Values.discourse.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.discourse.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.discourse.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.discourse.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.discourse.livenessProbe.failureThreshold }} - {{- else if .Values.discourse.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.discourse.customLivenessProbe "context" $) | nindent 12 }} + initialDelaySeconds: {{ .Values.adminFrontend.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.adminFrontend.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.adminFrontend.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.adminFrontend.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.adminFrontend.livenessProbe.failureThreshold }} + {{- else if .Values.adminFrontend.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.customLivenessProbe "context" $) | nindent 12 }} {{- end }} - {{- if .Values.discourse.readinessProbe.enabled }} + {{- if .Values.adminFrontend.readinessProbe.enabled }} readinessProbe: httpGet: path: /srv/status port: http - initialDelaySeconds: {{ .Values.discourse.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.discourse.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.discourse.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.discourse.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.discourse.readinessProbe.failureThreshold }} - {{- else if .Values.discourse.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.discourse.customReadinessProbe "context" $) | nindent 12 }} + initialDelaySeconds: {{ .Values.adminFrontend.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.adminFrontend.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.adminFrontend.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.adminFrontend.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.adminFrontend.readinessProbe.failureThreshold }} + {{- else if .Values.adminFrontend.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.customReadinessProbe "context" $) | nindent 12 }} {{- end }} volumeMounts: - - name: discourse-data - mountPath: /bitnami/discourse - subPath: discourse - {{- if .Values.discourse.extraVolumeMounts }} - {{- include "common.tplvalues.render" (dict "value" .Values.discourse.extraVolumeMounts "context" $) | nindent 12 }} + - name: adminFrontend-data + mountPath: /bitnami/adminFrontend + subPath: adminFrontend + {{- if .Values.adminFrontend.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.extraVolumeMounts "context" $) | nindent 12 }} {{- end }} - {{- if .Values.discourse.resources }} - resources: {{- toYaml .Values.discourse.resources | nindent 12 }} - {{- end }} - - name: sidekiq - securityContext: {{- toYaml .Values.sidekiq.containerSecurityContext | nindent 12 }} - image: {{ template "discourse.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy | quote }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.command "context" $) | nindent 12 }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.args "context" $) | nindent 12 }} - env: - - name: BITNAMI_DEBUG - value: {{ ternary "true" "false" .Values.image.debug | quote }} - - name: DISCOURSE_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "discourse.secretName" . }} - key: discourse-password - - name: DISCOURSE_POSTGRESQL_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "discourse.postgresql.secretName" . }} - key: postgresql-password - {{- if (include "discourse.redis.auth.enabled" .) }} - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "discourse.redis.secretName" . }} - key: {{ include "discourse.redis.secretPasswordKey" . }} - {{- end }} - {{- if (include "discourse.smtp.password.enabled" .) }} - - name: DISCOURSE_SMTP_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "discourse.smtp.secretName" . }} - key: smtp-password - {{- end }} - {{- if .Values.sidekiq.extraEnvVars }} - {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.extraEnvVars "context" $) | nindent 12 }} - {{- end }} - envFrom: - - configMapRef: - name: {{ include "common.names.fullname" . }} - {{- if .Values.sidekiq.extraEnvVarsCM }} - - configMapRef: - name: {{ .Values.sidekiq.extraEnvVarsCM }} - {{- end }} - {{- if .Values.sidekiq.extraEnvVarsSecret }} - - secretRef: - name: {{ .Values.sidekiq.extraEnvVarsSecret }} - {{- end }} - {{- if .Values.sidekiq.livenessProbe.enabled }} - livenessProbe: - exec: - command: ["/bin/sh", "-c", "pgrep -f ^sidekiq"] - initialDelaySeconds: {{ .Values.sidekiq.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.sidekiq.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.sidekiq.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.sidekiq.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.sidekiq.livenessProbe.failureThreshold }} - {{- else if .Values.sidekiq.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.customLivenessProbe "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.sidekiq.readinessProbe.enabled }} - readinessProbe: - exec: - command: ["/bin/sh", "-c", "pgrep -f ^sidekiq"] - initialDelaySeconds: {{ .Values.sidekiq.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.sidekiq.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.sidekiq.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.sidekiq.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.sidekiq.readinessProbe.failureThreshold }} - {{- else if .Values.sidekiq.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.customReadinessProbe "context" $) | nindent 12 }} - {{- end }} - volumeMounts: - - name: discourse-data - mountPath: /bitnami/discourse - subPath: discourse - {{- if .Values.sidekiq.extraVolumeMounts }} - {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.extraVolumeMounts "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.sidekiq.resources }} - resources: {{- toYaml .Values.sidekiq.resources | nindent 12 }} + {{- if .Values.adminFrontend.resources }} + resources: {{- toYaml .Values.adminFrontend.resources | nindent 12 }} {{- end }} {{- if .Values.sidecars }} {{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }} {{- end }} volumes: - - name: discourse-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ .Values.persistence.existingClaim | default (include "common.names.fullname" .) }} - {{- else }} - emptyDir: {} - {{ end }} {{- if .Values.extraVolumes }} {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }} {{- end }} diff --git a/deployment/helmchart/templates/pvc.yaml b/deployment/helmchart/templates/pvc.yaml index 42e02c2..cb508e9 100644 --- a/deployment/helmchart/templates/pvc.yaml +++ b/deployment/helmchart/templates/pvc.yaml @@ -1,4 +1,5 @@ -{{- if and (include "discourse.host" .) .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +# Disabled by default because the current admin panel does not need persistence +{{- if and (include "adminFrontend.host" .) .Values.persistence.enabled (not .Values.persistence.existingClaim) }} kind: PersistentVolumeClaim apiVersion: v1 metadata: @@ -16,7 +17,7 @@ spec: resources: requests: storage: {{ .Values.persistence.size | quote }} - {{ include "discourse.storageClass" . }} + {{ include "adminFrontend.storageClass" . }} {{- if .Values.persistence.selector }} selector: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.selector "context" $) | nindent 4 }} {{- end -}} diff --git a/deployment/helmchart/templates/secrets-database.yaml b/deployment/helmchart/templates/secrets-database.yaml deleted file mode 100644 index d9f42f7..0000000 --- a/deployment/helmchart/templates/secrets-database.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if (include "discourse.postgresql.createSecret" .) }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ template "common.names.fullname" . }}-database - labels: {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: Opaque -data: - postgresql-password: {{ .Values.externalDatabase.password | b64enc | quote }} - postgresql-postgres-password: {{ .Values.externalDatabase.postgresqlPostgresPassword | b64enc | quote }} -{{- end }} diff --git a/deployment/helmchart/templates/secrets-discourse.yaml b/deployment/helmchart/templates/secrets-discourse.yaml index 5f81810..e026b84 100644 --- a/deployment/helmchart/templates/secrets-discourse.yaml +++ b/deployment/helmchart/templates/secrets-discourse.yaml @@ -1,8 +1,8 @@ -{{- if (include "discourse.createSecret" .) }} +{{- if (include "adminFrontend.createSecret" .) }} apiVersion: v1 kind: Secret metadata: - name: {{ template "common.names.fullname" . }}-discourse + name: {{ template "common.names.fullname" . }}-adminFrontend labels: {{- include "common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} @@ -12,12 +12,12 @@ metadata: {{- end }} type: Opaque data: - {{- if and (.Values.discourse.password) (not .Values.discourse.existingSecret) }} - discourse-password: {{ .Values.discourse.password | b64enc | quote }} - {{- else if not .Values.discourse.existingSecret }} - discourse-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- if and (.Values.adminFrontend.password) (not .Values.adminFrontend.existingSecret) }} + adminFrontend-password: {{ .Values.adminFrontend.password | b64enc | quote }} + {{- else if not .Values.adminFrontend.existingSecret }} + adminFrontend-password: {{ randAlphaNum 10 | b64enc | quote }} {{- end }} - {{- if and (.Values.discourse.smtp.password) (.Values.discourse.smtp.enabled) (not .Values.discourse.smtp.existingSecret) }} - smtp-password: {{ .Values.discourse.smtp.password | b64enc | quote }} + {{- if and (.Values.adminFrontend.smtp.password) (.Values.adminFrontend.smtp.enabled) (not .Values.adminFrontend.smtp.existingSecret) }} + smtp-password: {{ .Values.adminFrontend.smtp.password | b64enc | quote }} {{- end }} {{- end }} diff --git a/deployment/helmchart/templates/secrets-redis.yaml b/deployment/helmchart/templates/secrets-redis.yaml deleted file mode 100644 index b854605..0000000 --- a/deployment/helmchart/templates/secrets-redis.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if (include "discourse.redis.createSecret" .) }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ template "common.names.fullname" . }}-redis - labels: {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: Opaque -data: - redis-password: {{ .Values.externalRedis.password | b64enc | quote }} -{{- end }} diff --git a/deployment/helmchart/templates/serviceaccount.yaml b/deployment/helmchart/templates/serviceaccount.yaml index acbe841..27a8838 100644 --- a/deployment/helmchart/templates/serviceaccount.yaml +++ b/deployment/helmchart/templates/serviceaccount.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ include "discourse.serviceAccountName" . }} + name: {{ include "adminFrontend.serviceAccountName" . }} labels: {{- include "common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} From d8e69fb731cda4a96d82fafe95e7159893b118db Mon Sep 17 00:00:00 2001 From: Maarten de Waard Date: Thu, 30 Sep 2021 15:38:38 +0200 Subject: [PATCH 03/11] include admin-frontend image URL --- deployment/helmchart/values.yaml | 238 ++++++++----------------------- 1 file changed, 62 insertions(+), 176 deletions(-) diff --git a/deployment/helmchart/values.yaml b/deployment/helmchart/values.yaml index d5d25bd..6323aa8 100644 --- a/deployment/helmchart/values.yaml +++ b/deployment/helmchart/values.yaml @@ -21,10 +21,10 @@ global: ## @param kubeVersion Force target Kubernetes version (using Helm capabilities if not set) ## kubeVersion: "" -## @param nameOverride String to partially override discourse.fullname template (will maintain the release name) +## @param nameOverride String to partially override adminFrontend.fullname template (will maintain the release name) ## nameOverride: "" -## @param fullnameOverride String to fully override discourse.fullname template +## @param fullnameOverride String to fully override adminFrontend.fullname template ## fullnameOverride: "" ## @param commonLabels Labels to be added to all deployed resources @@ -77,7 +77,7 @@ service: ## @section Discourse parameters ## Bitnami Discourse image version -## ref: https://hub.docker.com/r/bitnami/discourse/tags/ +## ref: https://hub.docker.com/r/bitnami/adminFrontend/tags/ ## @param image.registry Discourse image registry ## @param image.repository Discourse image repository ## @param image.tag Discourse image tag @@ -86,9 +86,9 @@ service: ## @param image.debug Specify if debug logs should be enabled ## image: - registry: docker.io - repository: bitnami/discourse - tag: 2.7.8-debian-10-r22 + registry: open.greenhost.net:4567 + repository: openappstack/admin-frontend/admin-frontend + tag: 0.1.0 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images @@ -108,38 +108,42 @@ image: ## @param imagePullSecrets Specify docker-registry secret names as an array ## imagePullSecrets: [] -## Discourse configuration parameters -## ref: https://github.com/bitnami/bitnami-docker-discourse#configuration +## Admin frontend configuration parameters +## ref: https://open.greenhost.net/openappstack/admin-frontend ## -discourse: - ## @param discourse.host Discourse host to create application URLs (include the port if =/= 80) +adminFrontend: + ## @param adminFrontend.reactAppApiUrl URL to the admin-backend API + reactAppApiUrl: "http://oas-api.initdevelopment.com/api/v1" + ## @param adminFrontend.extendEslint Whether to read .eslint.json rules + extendEslint: false + ## @param adminFrontend.host Discourse host to create application URLs (include the port if =/= 80) ## host: "" - ## @param discourse.siteName Discourse site name + ## @param adminFrontend.siteName Discourse site name ## siteName: 'My Site!' - ## @param discourse.username Admin user of the application + ## @param adminFrontend.username Admin user of the application ## username: user - ## @param discourse.password password. WARNING: Minimum length of 10 characters + ## @param adminFrontend.password password. WARNING: Minimum length of 10 characters ## Defaults to a random 10-character alphanumeric string if not set ## password: "" - ## @param discourse.existingSecret Name of an existing secret containing the password (ignores previous password) + ## @param adminFrontend.existingSecret Name of an existing secret containing the password (ignores previous password) ## The secret should contain the following key: - ## discourse-password + ## adminFrontend-password ## existingSecret: "" - ## @param discourse.email Admin user email of the application + ## @param adminFrontend.email Admin user email of the application ## email: user@example.com - ## @param discourse.command Custom command to override image cmd + ## @param adminFrontend.command Custom command to override image cmd ## command: [] - ## @param discourse.args Custom args for the custom command + ## @param adminFrontend.args Custom args for the custom command ## args: [] - ## @param discourse.containerSecurityContext Container security context specification + ## @param adminFrontend.containerSecurityContext Container security context specification ## Example: ## capabilities: ## drop: @@ -155,8 +159,8 @@ discourse: ## choice for the user. This also increases chances charts run on environments with little ## resources, such as Minikube. If you do want to specify resources, uncomment the following ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. - ## @param discourse.resources.limits The resources limits for the container - ## @param discourse.resources.requests The requested resources for the container + ## @param adminFrontend.resources.limits The resources limits for the container + ## @param adminFrontend.resources.requests The requested resources for the container ## resources: ## Example: @@ -173,12 +177,12 @@ discourse: ## WARNING: Discourse installation process may take up some time and ## setting inappropriate values here may lead to pods failure. ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes - ## @param discourse.livenessProbe.enabled Enable/disable livenessProbe - ## @param discourse.livenessProbe.initialDelaySeconds Delay before liveness probe is initiated - ## @param discourse.livenessProbe.periodSeconds How often to perform the probe - ## @param discourse.livenessProbe.timeoutSeconds When the probe times out - ## @param discourse.livenessProbe.failureThreshold Minimum consecutive failures for the probe - ## @param discourse.livenessProbe.successThreshold Minimum consecutive successes for the probe + ## @param adminFrontend.livenessProbe.enabled Enable/disable livenessProbe + ## @param adminFrontend.livenessProbe.initialDelaySeconds Delay before liveness probe is initiated + ## @param adminFrontend.livenessProbe.periodSeconds How often to perform the probe + ## @param adminFrontend.livenessProbe.timeoutSeconds When the probe times out + ## @param adminFrontend.livenessProbe.failureThreshold Minimum consecutive failures for the probe + ## @param adminFrontend.livenessProbe.successThreshold Minimum consecutive successes for the probe ## livenessProbe: enabled: true @@ -191,12 +195,12 @@ discourse: ## WARNING: Discourse installation process may take up some time and ## setting inappropriate values here may lead to pods failure. ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes - ## @param discourse.readinessProbe.enabled Enable/disable readinessProbe - ## @param discourse.readinessProbe.initialDelaySeconds Delay before readiness probe is initiated - ## @param discourse.readinessProbe.periodSeconds How often to perform the probe - ## @param discourse.readinessProbe.timeoutSeconds When the probe times out - ## @param discourse.readinessProbe.failureThreshold Minimum consecutive failures for the probe - ## @param discourse.readinessProbe.successThreshold Minimum consecutive successes for the probe + ## @param adminFrontend.readinessProbe.enabled Enable/disable readinessProbe + ## @param adminFrontend.readinessProbe.initialDelaySeconds Delay before readiness probe is initiated + ## @param adminFrontend.readinessProbe.periodSeconds How often to perform the probe + ## @param adminFrontend.readinessProbe.timeoutSeconds When the probe times out + ## @param adminFrontend.readinessProbe.failureThreshold Minimum consecutive failures for the probe + ## @param adminFrontend.readinessProbe.successThreshold Minimum consecutive successes for the probe ## readinessProbe: enabled: true @@ -205,21 +209,21 @@ discourse: timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 - ## @param discourse.customLivenessProbe Custom liveness probe to execute (when the main one is disabled) + ## @param adminFrontend.customLivenessProbe Custom liveness probe to execute (when the main one is disabled) ## customLivenessProbe: {} - ## @param discourse.customReadinessProbe Custom readiness probe to execute (when the main one is disabled) + ## @param adminFrontend.customReadinessProbe Custom readiness probe to execute (when the main one is disabled) ## customReadinessProbe: {} ## Discourse SMTP settings - ## @param discourse.smtp.enabled Enable/disable SMTP - ## @param discourse.smtp.host SMTP host name - ## @param discourse.smtp.port SMTP port number - ## @param discourse.smtp.user SMTP account user name - ## @param discourse.smtp.password SMTP account password - ## @param discourse.smtp.protocol SMTP protocol (Allowed values: tls, ssl) - ## @param discourse.smtp.auth SMTP authentication method - ## @param discourse.smtp.existingSecret Name of an existing Kubernetes secret. The secret must have the following key configured: `smtp-password` + ## @param adminFrontend.smtp.enabled Enable/disable SMTP + ## @param adminFrontend.smtp.host SMTP host name + ## @param adminFrontend.smtp.port SMTP port number + ## @param adminFrontend.smtp.user SMTP account user name + ## @param adminFrontend.smtp.password SMTP account password + ## @param adminFrontend.smtp.protocol SMTP protocol (Allowed values: tls, ssl) + ## @param adminFrontend.smtp.auth SMTP authentication method + ## @param adminFrontend.smtp.existingSecret Name of an existing Kubernetes secret. The secret must have the following key configured: `smtp-password` ## smtp: enabled: false @@ -230,21 +234,21 @@ discourse: protocol: "" auth: "" existingSecret: "" - ## @param discourse.extraEnvVars An array to add extra env vars + ## @param adminFrontend.extraEnvVars An array to add extra env vars ## For example: ## extraEnvVars: - ## discourse: + ## adminFrontend: ## - name: DISCOURSE_ELASTICSEARCH_URL ## value: test ## extraEnvVars: [] - ## @param discourse.extraEnvVarsCM Array to add extra configmaps + ## @param adminFrontend.extraEnvVarsCM Array to add extra configmaps ## extraEnvVarsCM: [] - ## @param discourse.extraEnvVarsSecret Array to add extra environment variables from a secret + ## @param adminFrontend.extraEnvVarsSecret Array to add extra environment variables from a secret ## extraEnvVarsSecret: "" - ## @param discourse.extraVolumeMounts Additional volume mounts (used along with `extraVolumes`) + ## @param adminFrontend.extraVolumeMounts Additional volume mounts (used along with `extraVolumes`) ## Example: Mount CA file ## extraVolumeMounts ## - name: ca-cert @@ -252,7 +256,7 @@ discourse: ## mountPath: /path/to/ca_cert ## extraVolumeMounts: [] - ## @param discourse.skipInstall Do not run the Discourse installation wizard + ## @param adminFrontend.skipInstall Do not run the Discourse installation wizard ## Use only in case you are importing an existing database. ## skipInstall: false @@ -320,8 +324,8 @@ hostAliases: [] persistence: ## @param persistence.enabled Whether to enable persistence based on Persistent Volume Claims ## - enabled: true - ## @param persistence.storageClass discourse & sidekiq data Persistent Volume Storage Class + enabled: false + ## @param persistence.storageClass adminFrontend & sidekiq data Persistent Volume Storage Class ## If defined, storageClassName: ## If set to "-", storageClassName: "", which disables dynamic provisioning ## If undefined (the default) or set to null, no storageClassName spec is @@ -417,10 +421,10 @@ sidekiq: containerSecurityContext: {} ## @param sidekiq.command Custom command to override image cmd (evaluated as a template) ## - command: ['/opt/bitnami/scripts/discourse/entrypoint.sh'] + command: ['/opt/bitnami/scripts/adminFrontend/entrypoint.sh'] ## @param sidekiq.args Custom args for the custom command (evaluated as a template) ## - args: ['/opt/bitnami/scripts/discourse-sidekiq/run.sh'] + args: ['/opt/bitnami/scripts/adminFrontend-sidekiq/run.sh'] ## @param sidekiq.resources Sidekiq container resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ ## We usually recommend not to specify default resources and to leave this as a conscious @@ -533,7 +537,7 @@ ingress: certManager: false ## @param ingress.hostname Default host for the ingress resource ## - hostname: discourse.local + hostname: adminFrontend.local ## @param ingress.apiVersion Force Ingress API version (automatically detected if not set) ## apiVersion: "" @@ -558,15 +562,15 @@ ingress: ## @param ingress.extraHosts The list of additional hostnames to be covered with this ingress record. ## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array ## extraHosts: - ## - name: discourse.local + ## - name: adminFrontend.local ## path: / extraHosts: [] ## @param ingress.extraTls The tls configuration for additional hostnames to be covered with this ingress record. ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls ## extraTls: ## - hosts: - ## - discourse.local - ## secretName: discourse.local-tls + ## - adminFrontend.local + ## secretName: adminFrontend.local-tls extraTls: [] ## @param ingress.secrets If you're providing your own certificates, please use this to add the certificates as secrets ## key and certificate should start with -----BEGIN CERTIFICATE----- or @@ -578,125 +582,7 @@ ingress: ## It is also possible to create and manage the certificates outside of this helm chart ## Please see README.md for more information ## Example: - ## - name: discourse.local-tls + ## - name: adminFrontend.local-tls ## key: ## certificate: secrets: [] - -## @section Database parameters - -## PostgreSQL chart configuration -## https://github.com/bitnami/charts/blob/master/bitnami/postgresql/values.yaml -## -postgresql: - ## @param postgresql.enabled Deploy PostgreSQL container(s) - ## - enabled: true - ## @param postgresql.postgresqlUsername PostgreSQL user to create (used by Discourse). Has superuser privileges if username is `postgres`. - ## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#setting-the-root-password-on-first-run - ## - postgresqlUsername: bn_discourse - ## @param postgresql.postgresqlPassword PostgreSQL password - ## Defaults to a random 10-character alphanumeric string if not set - ## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#setting-the-root-password-on-first-run - ## - postgresqlPassword: "" - ## @param postgresql.postgresqlPostgresPassword PostgreSQL admin password (used when `postgresqlUsername` is not `postgres`) - ## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#creating-a-database-user-on-first-run (see note!) - ## - postgresqlPostgresPassword: 'bitnami' - ## @param postgresql.existingSecret Name of existing secret object - ## The secret should contain the following keys: - ## postgresql-postgres-password (for root user) - ## postgresql-password (for the unprivileged user) - ## - existingSecret: "" - ## @param postgresql.postgresqlDatabase Name of the database to create - ## ref: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#creating-a-database-on-first-run - ## - postgresqlDatabase: bitnami_application - ## @param postgresql.persistence.enabled Enable database persistence using PVC - ## - persistence: - enabled: true -## External database configuration -## -externalDatabase: - ## @param externalDatabase.host Host of the external database - ## - host: "" - ## @param externalDatabase.port Database port number (when using an external db) - ## - port: 5432 - ## @param externalDatabase.user Non-root PostgreSQL username (when using an external db) - ## - user: bn_discourse - ## @param externalDatabase.password Password for the above username (when using an external db) - ## - password: "" - ## @param externalDatabase.create PostgreSQL create user/database - ## If true it will add POSTGRESQL_CLIENT_* env vars to the deployment which will create the PostgreSQL user & database using the provided admin credentials - ## - create: true - ## @param externalDatabase.postgresqlPostgresUser PostgreSQL admin user, used during the installation stage (when using an external db) - ## - postgresqlPostgresUser: "" - ## @param externalDatabase.postgresqlPostgresPassword PostgreSQL admin password used in the installation stage (when using an external db) - ## - postgresqlPostgresPassword: "" - ## @param externalDatabase.existingSecret Name of existing secret object - ## The secret should contain the following keys: - ## postgresql-postgres-password (for root user) - ## postgresql-password (for the unprivileged user) - ## - existingSecret: "" - ## @param externalDatabase.database Name of the existing database (when using an external db) - ## - database: bitnami_application - -## @section Redis™ parameters - -## Redis™ chart configuration -## https://github.com/bitnami/charts/blob/master/bitnami/redis/values.yaml -## -redis: - ## @param redis.enabled Whether to deploy a redis server to satisfy the applications requirements. To use an external redis instance set this to false and configure the externalRedis parameters - ## - enabled: true - ## Use password authentication - ## @param redis.auth.enabled Use password authentication - ## @param redis.auth.password Redis™ password (both master and replica) - ## @param redis.auth.existingSecret Name of an existing Kubernetes secret object containing the password - ## @param redis.auth.existingSecretPasswordKey Name of the key pointing to the password in your Kubernetes secret - ## - auth: - enabled: false - ## Defaults to a random 10-character alphanumeric string if not set and auth.enabled is true. - ## It should always be set using the password value or in the existingSecret to avoid issues - ## with Discourse. - ## The password value is ignored if existingSecret is set - password: "" - existingSecret: "" - existingSecretPasswordKey: 'redis-password' - ## @param redis.architecture Cluster settings - ## - architecture: standalone - ## Redis™ Master parameters - ## @param redis.master.persistence.enabled Enable database persistence using PVC - ## - master: - persistence: - enabled: true -## External Redis™ -## @param externalRedis.host Host of the external database -## @param externalRedis.port Database port number -## @param externalRedis.password Password for the external Redis. Ignored if existingSecret is set -## @param externalRedis.existingSecret Name of an existing Kubernetes secret object containing the password -## @param externalRedis.existingSecretPasswordKey Name of the key pointing to the password in your Kubernetes secret -## -externalRedis: - host: "" - port: 6379 - password: "" - existingSecret: "" - existingSecretPasswordKey: 'redis-password' From 82abc9b73d957c1210d8304681956c7e87ec33bb Mon Sep 17 00:00:00 2001 From: Maarten de Waard Date: Thu, 30 Sep 2021 16:03:54 +0200 Subject: [PATCH 04/11] add admin backend stuff --- deployment/helmchart/Chart.yaml | 3 +- deployment/helmchart/templates/_helpers.tpl | 46 ++- .../helmchart/templates/configmaps.yaml | 25 +- .../helmchart/templates/deployment.yaml | 118 ++++-- deployment/helmchart/templates/pvc.yaml | 4 +- .../templates/secrets-admin-panel.yaml | 23 ++ .../templates/secrets-discourse.yaml | 23 -- .../helmchart/templates/serviceaccount.yaml | 2 +- deployment/helmchart/values.yaml | 379 ++++++++++-------- 9 files changed, 362 insertions(+), 261 deletions(-) create mode 100644 deployment/helmchart/templates/secrets-admin-panel.yaml delete mode 100644 deployment/helmchart/templates/secrets-discourse.yaml diff --git a/deployment/helmchart/Chart.yaml b/deployment/helmchart/Chart.yaml index 74c365d..8fab06a 100644 --- a/deployment/helmchart/Chart.yaml +++ b/deployment/helmchart/Chart.yaml @@ -18,7 +18,8 @@ keywords: maintainers: - email: info@openappstack.net name: Stackspin -name: admin-frontend +name: admin-panel sources: - https://open.greenhost.net/openappstack/admin-frontend/ + - https://open.greenhost.net/openappstack/admin-backend/ version: 0.1.0 diff --git a/deployment/helmchart/templates/_helpers.tpl b/deployment/helmchart/templates/_helpers.tpl index f6dd8cd..8caf55a 100644 --- a/deployment/helmchart/templates/_helpers.tpl +++ b/deployment/helmchart/templates/_helpers.tpl @@ -2,7 +2,7 @@ {{/* Create the name of the service account to use */}} -{{- define "adminFrontend.serviceAccountName" -}} +{{- define "adminPanel.serviceAccountName" -}} {{- if .Values.serviceAccount.create -}} {{ default (include "common.names.fullname" .) .Values.serviceAccount.name }} {{- else -}} @@ -13,15 +13,15 @@ Create the name of the service account to use {{/* Return the proper Docker image registry secret names */}} -{{- define "adminFrontend.imagePullSecrets" -}} +{{- define "adminPanel.imagePullSecrets" -}} {{ include "common.images.pullSecrets" (dict "images" (list .Values.image) "global" .Values.global) }} {{- end -}} {{/* Return true if a secret object for Admin-frontend should be created */}} -{{- define "adminFrontend.createSecret" -}} -{{- if or (not .Values.adminFrontend.existingSecret) (and (not .Values.adminFrontend.smtp.existingSecret) .Values.adminFrontend.smtp.password .Values.adminFrontend.smtp.enabled) }} +{{- define "adminPanel.createSecret" -}} +{{- if or (not .Values.adminPanel.existingSecret) (and (not .Values.adminPanel.smtp.existingSecret) .Values.adminPanel.smtp.password .Values.adminPanel.smtp.enabled) }} {{- true -}} {{- end -}} {{- end -}} @@ -29,30 +29,30 @@ Return true if a secret object for Admin-frontend should be created {{/* Return the Admin-frontend secret name */}} -{{- define "adminFrontend.secretName" -}} -{{- if .Values.adminFrontend.existingSecret }} - {{- printf "%s" .Values.adminFrontend.existingSecret -}} +{{- define "adminPanel.secretName" -}} +{{- if .Values.adminPanel.existingSecret }} + {{- printf "%s" .Values.adminPanel.existingSecret -}} {{- else -}} - {{- printf "%s-adminFrontend" (include "common.names.fullname" .) -}} + {{- printf "%s-adminPanel" (include "common.names.fullname" .) -}} {{- end -}} {{- end -}} {{/* Return the Admin-frontend SMTP secret name */}} -{{- define "adminFrontend.smtp.secretName" -}} -{{- if .Values.adminFrontend.smtp.existingSecret }} - {{- printf "%s" .Values.adminFrontend.smtp.existingSecret -}} +{{- define "adminPanel.smtp.secretName" -}} +{{- if .Values.adminPanel.smtp.existingSecret }} + {{- printf "%s" .Values.adminPanel.smtp.existingSecret -}} {{- else -}} - {{- printf "%s-adminFrontend" (include "common.names.fullname" .) -}} + {{- printf "%s-adminPanel" (include "common.names.fullname" .) -}} {{- end -}} {{- end -}} {{/* Return true if Admin-frontend SMTP uses password authentication */}} -{{- define "adminFrontend.smtp.password.enabled" -}} -{{- if and (or .Values.adminFrontend.smtp.password .Values.adminFrontend.smtp.existingSecret) .Values.adminFrontend.smtp.enabled }} +{{- define "adminPanel.smtp.password.enabled" -}} +{{- if and (or .Values.adminPanel.smtp.password .Values.adminPanel.smtp.existingSecret) .Values.adminPanel.smtp.enabled }} {{- true -}} {{- end -}} {{- end -}} @@ -61,7 +61,7 @@ Return true if Admin-frontend SMTP uses password authentication Get the user defined LoadBalancerIP for this release Note, returns 127.0.0.1 if using ClusterIP. */}} -{{- define "adminFrontend.serviceIP" -}} +{{- define "adminPanel.serviceIP" -}} {{- if eq .Values.service.type "ClusterIP" -}} 127.0.0.1 {{- else -}} @@ -73,21 +73,27 @@ Note, returns 127.0.0.1 if using ClusterIP. Gets the host to be used for this application. If not using ClusterIP, or if a host or LoadBalancerIP is not defined, the value will be empty */}} -{{- define "adminFrontend.host" -}} -{{- $host := .Values.adminFrontend.host | default "" -}} -{{- default (include "adminFrontend.serviceIP" .) $host -}} +{{- define "adminPanel.host" -}} +{{- $host := .Values.adminPanel.host | default "" -}} +{{- default (include "adminPanel.serviceIP" .) $host -}} {{- end -}} {{/* Return the proper Admin-frontend image name */}} {{- define "adminFrontend.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }} +{{ include "common.images.image" (dict "imageRoot" .Values.adminFrontend.image "global" .Values.global) }} +{{- end -}} +{{/* +Return the proper Admin-backend image name +*/}} +{{- define "adminBackend.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.adminBackend.image "global" .Values.global) }} {{- end -}} {{/* Return the proper Storage Class */}} -{{- define "adminFrontend.storageClass" -}} +{{- define "adminPanel.storageClass" -}} {{- include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) -}} {{- end -}} diff --git a/deployment/helmchart/templates/configmaps.yaml b/deployment/helmchart/templates/configmaps.yaml index d854040..71fde30 100644 --- a/deployment/helmchart/templates/configmaps.yaml +++ b/deployment/helmchart/templates/configmaps.yaml @@ -11,22 +11,23 @@ metadata: {{- end }} data: {{- $port := .Values.service.port | toString }} - REACT_APP_API_URL: {{ .Values.adminFrontend.reactAppApiUrl }} + REACT_APP_API_URL: {{ .Values.adminBackend.host }}{{ .Values.adminBackend.ApiUrl }} EXTEND_ESLINT: {{ .Values.adminFrontend.extendEslint }} ADMIN_FRONTEND_HOST: "{{ include "adminFrontend.host" . }}" + ADMIN_BACKEND_HOST: "{{ include "adminBackend.host" . }}" # Probably needed in the future: - # ADMIN_FRONTEND_USERNAME: {{ .Values.adminFrontend.username | quote }} - # ADMIN_FRONTEND_EMAIL: {{ .Values.adminFrontend.email | quote }} - # {{- if .Values.adminFrontend.smtp.enabled }} - # ADMIN_FRONTEND_SMTP_HOST: {{ .Values.adminFrontend.smtp.host | quote }} - # ADMIN_FRONTEND_SMTP_PORT: {{ .Values.adminFrontend.smtp.port | quote }} - # {{- if .Values.adminFrontend.smtp.user }} - # ADMIN_FRONTEND_SMTP_USER: {{ .Values.adminFrontend.smtp.user | quote }} + # ADMIN_BACKEND_USERNAME: {{ .Values.adminBackend.username | quote }} + # ADMIN_BACKEND_EMAIL: {{ .Values.adminBackend.email | quote }} + # {{- if .Values.adminBackend.smtp.enabled }} + # ADMIN_BACKEND_SMTP_HOST: {{ .Values.adminBackend.smtp.host | quote }} + # ADMIN_BACKEND_SMTP_PORT: {{ .Values.adminBackend.smtp.port | quote }} + # {{- if .Values.adminBackend.smtp.user }} + # ADMIN_BACKEND_SMTP_USER: {{ .Values.adminBackend.smtp.user | quote }} # {{- end }} - # {{- if .Values.adminFrontend.smtp.protocol }} - # ADMIN_FRONTEND_SMTP_PROTOCOL: {{ .Values.adminFrontend.smtp.protocol | quote }} + # {{- if .Values.adminBackend.smtp.protocol }} + # ADMIN_BACKEND_SMTP_PROTOCOL: {{ .Values.adminBackend.smtp.protocol | quote }} # {{- end }} - # {{- if .Values.adminFrontend.smtp.auth }} - # ADMIN_FRONTEND_SMTP_AUTH: {{ .Values.adminFrontend.smtp.auth | quote }} + # {{- if .Values.adminBackend.smtp.auth }} + # ADMIN_BACKEND_SMTP_AUTH: {{ .Values.adminBackend.smtp.auth | quote }} # {{- end }} # {{- end }} diff --git a/deployment/helmchart/templates/deployment.yaml b/deployment/helmchart/templates/deployment.yaml index 4f9d32e..734e72e 100644 --- a/deployment/helmchart/templates/deployment.yaml +++ b/deployment/helmchart/templates/deployment.yaml @@ -1,10 +1,10 @@ -{{- if (include "adminFrontend.host" .) -}} +{{- if and (include "adminFrontend.host" .) (include "adminBackend.host" .) -}} apiVersion: {{ template "common.capabilities.deployment.apiVersion" . }} kind: Deployment metadata: name: {{ template "common.names.fullname" . }} labels: {{- include "common.labels.standard" . | nindent 4 }} - component: adminFrontend + component: adminPanel {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} @@ -15,14 +15,14 @@ spec: replicas: {{ .Values.replicaCount }} selector: matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }} - component: adminFrontend + component: adminPanel {{- if .Values.updateStrategy }} strategy: {{- toYaml .Values.updateStrategy | nindent 4 }} {{- end }} template: metadata: labels: {{- include "common.labels.standard" . | nindent 8 }} - component: adminFrontend + component: adminPanel {{- if .Values.podLabels }} {{- include "common.tplvalues.render" (dict "value" .Values.podLabels "context" $) | nindent 8 }} {{- end }} @@ -48,31 +48,12 @@ spec: {{- if .Values.tolerations }} tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" $) | nindent 8 }} {{- end }} - serviceAccountName: {{ include "adminFrontend.serviceAccountName" . }} + serviceAccountName: {{ include "adminPanel.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} initContainers: {{- if .Values.initContainers }} {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }} {{- end }} - {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }} - - name: volume-permissions - image: {{ include "adminFrontend.image" . }} - imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} - command: - - sh - - -c - - | - mkdir -p "/bitnami/adminFrontend" - chown -R "adminFrontend:root" "/bitnami/adminFrontend" - securityContext: - runAsUser: 0 - {{- if .Values.volumePermissions.resources }} - resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} - {{- end }} - volumeMounts: - - name: adminFrontend-data - mountPath: /bitnami/adminFrontend - {{- end }} containers: - name: adminFrontend securityContext: {{- toYaml .Values.adminFrontend.containerSecurityContext | nindent 12 }} @@ -85,18 +66,6 @@ spec: args: {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.args "context" $) | nindent 12 }} {{- end }} env: - - name: ADMIN_FRONTEND_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "adminFrontend.secretName" . }} - key: adminFrontend-password - {{- if (include "adminFrontend.smtp.password.enabled" .) }} - - name: ADMIN_FRONTEND_SMTP_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "adminFrontend.smtp.secretName" . }} - key: smtp-password - {{- end }} {{- if .Values.adminFrontend.extraEnvVars }} {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.extraEnvVars "context" $) | nindent 12 }} {{- end }} @@ -151,6 +120,83 @@ spec: {{- if .Values.adminFrontend.resources }} resources: {{- toYaml .Values.adminFrontend.resources | nindent 12 }} {{- end }} + - name: adminBackend + securityContext: {{- toYaml .Values.adminBackend.containerSecurityContext | nindent 12 }} + image: {{ template "adminBackend.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + {{- if .Values.adminBackend.command }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.command "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.adminBackend.args }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.args "context" $) | nindent 12 }} + {{- end }} + env: + - name: ADMIN_PANEL_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "adminBackend.secretName" . }} + key: adminBackend-password + {{- if (include "adminBackend.smtp.password.enabled" .) }} + - name: ADMIN_PANEL_SMTP_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "adminBackend.smtp.secretName" . }} + key: smtp-password + {{- end }} + {{- if .Values.adminBackend.extraEnvVars }} + {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + envFrom: + - configMapRef: + name: {{ include "common.names.fullname" . }} + {{- if .Values.adminBackend.extraEnvVarsCM }} + - configMapRef: + name: {{ .Values.adminBackend.extraEnvVarsCM }} + {{- end }} + {{- if .Values.adminBackend.extraEnvVarsSecret }} + - secretRef: + name: {{ .Values.adminBackend.extraEnvVarsSecret }} + {{- end }} + ports: + - name: http + containerPort: 3000 + protocol: TCP + {{- if .Values.adminBackend.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: /srv/status + port: http + initialDelaySeconds: {{ .Values.adminBackend.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.adminBackend.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.adminBackend.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.adminBackend.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.adminBackend.livenessProbe.failureThreshold }} + {{- else if .Values.adminBackend.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.customLivenessProbe "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.adminBackend.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: /srv/status + port: http + initialDelaySeconds: {{ .Values.adminBackend.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.adminBackend.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.adminBackend.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.adminBackend.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.adminBackend.readinessProbe.failureThreshold }} + {{- else if .Values.adminBackend.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.customReadinessProbe "context" $) | nindent 12 }} + {{- end }} + volumeMounts: + - name: adminBackend-data + mountPath: /bitnami/adminBackend + subPath: adminBackend + {{- if .Values.adminBackend.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.adminBackend.resources }} + resources: {{- toYaml .Values.adminBackend.resources | nindent 12 }} + {{- end }} {{- if .Values.sidecars }} {{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }} {{- end }} diff --git a/deployment/helmchart/templates/pvc.yaml b/deployment/helmchart/templates/pvc.yaml index cb508e9..87aedd2 100644 --- a/deployment/helmchart/templates/pvc.yaml +++ b/deployment/helmchart/templates/pvc.yaml @@ -1,5 +1,5 @@ # Disabled by default because the current admin panel does not need persistence -{{- if and (include "adminFrontend.host" .) .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +{{- if and (include "adminPanel.host" .) .Values.persistence.enabled (not .Values.persistence.existingClaim) }} kind: PersistentVolumeClaim apiVersion: v1 metadata: @@ -17,7 +17,7 @@ spec: resources: requests: storage: {{ .Values.persistence.size | quote }} - {{ include "adminFrontend.storageClass" . }} + {{ include "adminPanel.storageClass" . }} {{- if .Values.persistence.selector }} selector: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.selector "context" $) | nindent 4 }} {{- end -}} diff --git a/deployment/helmchart/templates/secrets-admin-panel.yaml b/deployment/helmchart/templates/secrets-admin-panel.yaml new file mode 100644 index 0000000..46a0dce --- /dev/null +++ b/deployment/helmchart/templates/secrets-admin-panel.yaml @@ -0,0 +1,23 @@ +{{- if (include "adminPanel.createSecret" .) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "common.names.fullname" . }}-adminPanel + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + {{- if and (.Values.adminBackend.password) (not .Values.adminBackend.existingSecret) }} + adminBackend-password: {{ .Values.adminBackend.password | b64enc | quote }} + {{- else if not .Values.adminBackend.existingSecret }} + adminBackend-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} + {{- if and (.Values.adminBackend.smtp.password) (.Values.adminBackend.smtp.enabled) (not .Values.adminBackend.smtp.existingSecret) }} + smtp-password: {{ .Values.adminBackend.smtp.password | b64enc | quote }} + {{- end }} +{{- end }} diff --git a/deployment/helmchart/templates/secrets-discourse.yaml b/deployment/helmchart/templates/secrets-discourse.yaml deleted file mode 100644 index e026b84..0000000 --- a/deployment/helmchart/templates/secrets-discourse.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{- if (include "adminFrontend.createSecret" .) }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ template "common.names.fullname" . }}-adminFrontend - labels: {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: Opaque -data: - {{- if and (.Values.adminFrontend.password) (not .Values.adminFrontend.existingSecret) }} - adminFrontend-password: {{ .Values.adminFrontend.password | b64enc | quote }} - {{- else if not .Values.adminFrontend.existingSecret }} - adminFrontend-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- if and (.Values.adminFrontend.smtp.password) (.Values.adminFrontend.smtp.enabled) (not .Values.adminFrontend.smtp.existingSecret) }} - smtp-password: {{ .Values.adminFrontend.smtp.password | b64enc | quote }} - {{- end }} -{{- end }} diff --git a/deployment/helmchart/templates/serviceaccount.yaml b/deployment/helmchart/templates/serviceaccount.yaml index 27a8838..ae11495 100644 --- a/deployment/helmchart/templates/serviceaccount.yaml +++ b/deployment/helmchart/templates/serviceaccount.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ include "adminFrontend.serviceAccountName" . }} + name: {{ include "adminPanel.serviceAccountName" . }} labels: {{- include "common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} diff --git a/deployment/helmchart/values.yaml b/deployment/helmchart/values.yaml index 6323aa8..8a79d21 100644 --- a/deployment/helmchart/values.yaml +++ b/deployment/helmchart/values.yaml @@ -21,10 +21,10 @@ global: ## @param kubeVersion Force target Kubernetes version (using Helm capabilities if not set) ## kubeVersion: "" -## @param nameOverride String to partially override adminFrontend.fullname template (will maintain the release name) +## @param nameOverride String to partially override adminPanel.fullname template (will maintain the release name) ## nameOverride: "" -## @param fullnameOverride String to fully override adminFrontend.fullname template +## @param fullnameOverride String to fully override adminPanel.fullname template ## fullnameOverride: "" ## @param commonLabels Labels to be added to all deployed resources @@ -76,35 +76,6 @@ service: ## @section Discourse parameters -## Bitnami Discourse image version -## ref: https://hub.docker.com/r/bitnami/adminFrontend/tags/ -## @param image.registry Discourse image registry -## @param image.repository Discourse image repository -## @param image.tag Discourse image tag -## @param image.pullPolicy Discourse image pull policy -## @param image.pullSecrets Discourse image pull secrets -## @param image.debug Specify if debug logs should be enabled -## -image: - registry: open.greenhost.net:4567 - repository: openappstack/admin-frontend/admin-frontend - tag: 0.1.0 - ## Specify a imagePullPolicy - ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## e.g: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## Set to true if you would like to see extra information on logs - ## - debug: false ## @param imagePullSecrets Specify docker-registry secret names as an array ## imagePullSecrets: [] @@ -112,31 +83,37 @@ imagePullSecrets: [] ## ref: https://open.greenhost.net/openappstack/admin-frontend ## adminFrontend: - ## @param adminFrontend.reactAppApiUrl URL to the admin-backend API - reactAppApiUrl: "http://oas-api.initdevelopment.com/api/v1" + ## Admin frontend image version + ## ref: https://hub.docker.com/r/bitnami/adminFrontend/tags/ + ## @param image.registry Discourse image registry + ## @param image.repository Discourse image repository + ## @param image.tag Discourse image tag + ## @param image.pullPolicy Discourse image pull policy + ## @param image.pullSecrets Discourse image pull secrets + ## @param image.debug Specify if debug logs should be enabled + ## + image: + registry: open.greenhost.net:4567 + repository: openappstack/admin-frontend/admin-frontend + tag: 0.1.0 + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] ## @param adminFrontend.extendEslint Whether to read .eslint.json rules extendEslint: false ## @param adminFrontend.host Discourse host to create application URLs (include the port if =/= 80) ## host: "" - ## @param adminFrontend.siteName Discourse site name - ## - siteName: 'My Site!' - ## @param adminFrontend.username Admin user of the application - ## - username: user - ## @param adminFrontend.password password. WARNING: Minimum length of 10 characters - ## Defaults to a random 10-character alphanumeric string if not set - ## - password: "" - ## @param adminFrontend.existingSecret Name of an existing secret containing the password (ignores previous password) - ## The secret should contain the following key: - ## adminFrontend-password - ## - existingSecret: "" - ## @param adminFrontend.email Admin user email of the application - ## - email: user@example.com ## @param adminFrontend.command Custom command to override image cmd ## command: [] @@ -215,30 +192,11 @@ adminFrontend: ## @param adminFrontend.customReadinessProbe Custom readiness probe to execute (when the main one is disabled) ## customReadinessProbe: {} - ## Discourse SMTP settings - ## @param adminFrontend.smtp.enabled Enable/disable SMTP - ## @param adminFrontend.smtp.host SMTP host name - ## @param adminFrontend.smtp.port SMTP port number - ## @param adminFrontend.smtp.user SMTP account user name - ## @param adminFrontend.smtp.password SMTP account password - ## @param adminFrontend.smtp.protocol SMTP protocol (Allowed values: tls, ssl) - ## @param adminFrontend.smtp.auth SMTP authentication method - ## @param adminFrontend.smtp.existingSecret Name of an existing Kubernetes secret. The secret must have the following key configured: `smtp-password` - ## - smtp: - enabled: false - host: "" - port: "" - user: "" - password: "" - protocol: "" - auth: "" - existingSecret: "" ## @param adminFrontend.extraEnvVars An array to add extra env vars ## For example: ## extraEnvVars: ## adminFrontend: - ## - name: DISCOURSE_ELASTICSEARCH_URL + ## - name: ADMIN_PANEL_ELASTICSEARCH_URL ## value: test ## extraEnvVars: [] @@ -256,10 +214,183 @@ adminFrontend: ## mountPath: /path/to/ca_cert ## extraVolumeMounts: [] - ## @param adminFrontend.skipInstall Do not run the Discourse installation wizard - ## Use only in case you are importing an existing database. +## Admin frontend configuration parameters +## ref: https://open.greenhost.net/openappstack/admin-frontend +## +adminBackend: + ## Admin frontend image version + ## ref: https://hub.docker.com/r/bitnami/adminFrontend/tags/ + ## @param image.registry Discourse image registry + ## @param image.repository Discourse image repository + ## @param image.tag Discourse image tag + ## @param image.pullPolicy Discourse image pull policy + ## @param image.pullSecrets Discourse image pull secrets + ## @param image.debug Specify if debug logs should be enabled ## - skipInstall: false + image: + registry: open.greenhost.net:4567 + repository: openappstack/admin-backend/admin-backend + tag: 0.1.0 + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## @param adminBackend.host API host (include the port if =/= 80) + ## + host: "" + ## @param adminBackend.reactAppApiUrl URL to the admin-backend API + apiUrl: "/api/v1" + + ## Variables for future use {{{ + + ## @param adminBackend.username Admin user of the application + ## + username: user + ## @param adminBackend.password password. WARNING: Minimum length of 10 characters + ## Defaults to a random 10-character alphanumeric string if not set + ## + password: "" + ## @param adminBackend.existingSecret Name of an existing secret containing the password (ignores previous password) + ## The secret should contain the following key: + ## adminBackend-password + ## + existingSecret: "" + ## @param adminBackend.email Admin user email of the application + ## + email: user@example.com + + ## Admin panel SMTP settings + ## @param adminBackend.smtp.enabled Enable/disable SMTP + ## @param adminBackend.smtp.host SMTP host name + ## @param adminBackend.smtp.port SMTP port number + ## @param adminBackend.smtp.user SMTP account user name + ## @param adminBackend.smtp.password SMTP account password + ## @param adminBackend.smtp.protocol SMTP protocol (Allowed values: tls, ssl) + ## @param adminBackend.smtp.auth SMTP authentication method + ## @param adminBackend.smtp.existingSecret Name of an existing Kubernetes secret. The secret must have the following key configured: `smtp-password` + ## + smtp: + enabled: false + host: "" + port: "" + user: "" + password: "" + protocol: "" + auth: "" + existingSecret: "" + + ## End variables for future use }}} + + ## @param adminBackend.command Custom command to override image cmd + ## + command: [] + ## @param adminBackend.args Custom args for the custom command + ## + args: [] + ## @param adminBackend.containerSecurityContext Container security context specification + ## Example: + ## capabilities: + ## drop: + ## - ALL + ## readOnlyRootFilesystem: true + ## runAsNonRoot: true + ## runAsUser: 1000 + ## + containerSecurityContext: {} + ## Discourse container's resource requests and limits + ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## @param adminBackend.resources.limits The resources limits for the container + ## @param adminBackend.resources.requests The requested resources for the container + ## + resources: + ## Example: + ## limits: + ## cpu: 100m + ## memory: 128Mi + limits: {} + ## Examples: + ## requests: + ## cpu: 100m + ## memory: 128Mi + requests: {} + ## Discourse extra options for liveness probe + ## WARNING: Discourse installation process may take up some time and + ## setting inappropriate values here may lead to pods failure. + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes + ## @param adminBackend.livenessProbe.enabled Enable/disable livenessProbe + ## @param adminBackend.livenessProbe.initialDelaySeconds Delay before liveness probe is initiated + ## @param adminBackend.livenessProbe.periodSeconds How often to perform the probe + ## @param adminBackend.livenessProbe.timeoutSeconds When the probe times out + ## @param adminBackend.livenessProbe.failureThreshold Minimum consecutive failures for the probe + ## @param adminBackend.livenessProbe.successThreshold Minimum consecutive successes for the probe + ## + livenessProbe: + enabled: true + initialDelaySeconds: 500 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + ## Discourse extra options for readiness probe + ## WARNING: Discourse installation process may take up some time and + ## setting inappropriate values here may lead to pods failure. + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes + ## @param adminBackend.readinessProbe.enabled Enable/disable readinessProbe + ## @param adminBackend.readinessProbe.initialDelaySeconds Delay before readiness probe is initiated + ## @param adminBackend.readinessProbe.periodSeconds How often to perform the probe + ## @param adminBackend.readinessProbe.timeoutSeconds When the probe times out + ## @param adminBackend.readinessProbe.failureThreshold Minimum consecutive failures for the probe + ## @param adminBackend.readinessProbe.successThreshold Minimum consecutive successes for the probe + ## + readinessProbe: + enabled: true + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + ## @param adminBackend.customLivenessProbe Custom liveness probe to execute (when the main one is disabled) + ## + customLivenessProbe: {} + ## @param adminBackend.customReadinessProbe Custom readiness probe to execute (when the main one is disabled) + ## + customReadinessProbe: {} + ## @param adminBackend.extraEnvVars An array to add extra env vars + ## For example: + ## extraEnvVars: + ## adminBackend: + ## - name: ADMIN_PANEL_ELASTICSEARCH_URL + ## value: test + ## + extraEnvVars: [] + ## @param adminBackend.extraEnvVarsCM Array to add extra configmaps + ## + extraEnvVarsCM: [] + ## @param adminBackend.extraEnvVarsSecret Array to add extra environment variables from a secret + ## + extraEnvVarsSecret: "" + ## @param adminBackend.extraVolumeMounts Additional volume mounts (used along with `extraVolumes`) + ## Example: Mount CA file + ## extraVolumeMounts + ## - name: ca-cert + ## subPath: ca_cert + ## mountPath: /path/to/ca_cert + ## + extraVolumeMounts: [] + ## @param replicaCount Number of Discourse & Sidekiq replicas ## (Note that you will need ReadWriteMany PVCs for this to work properly) ## @@ -325,7 +456,7 @@ persistence: ## @param persistence.enabled Whether to enable persistence based on Persistent Volume Claims ## enabled: false - ## @param persistence.storageClass adminFrontend & sidekiq data Persistent Volume Storage Class + ## @param persistence.storageClass adminPanel & sidekiq data Persistent Volume Storage Class ## If defined, storageClassName: ## If set to "-", storageClassName: "", which disables dynamic provisioning ## If undefined (the default) or set to null, no storageClassName spec is @@ -407,93 +538,9 @@ nodeSelector: {} ## tolerations: [] -## @section Sidekiq parameters -sidekiq: - ## @param sidekiq.containerSecurityContext Container security context specification - ## capabilities: - ## drop: - ## - ALL - ## readOnlyRootFilesystem: true - ## runAsNonRoot: true - ## runAsUser: 1000 - ## - containerSecurityContext: {} - ## @param sidekiq.command Custom command to override image cmd (evaluated as a template) - ## - command: ['/opt/bitnami/scripts/adminFrontend/entrypoint.sh'] - ## @param sidekiq.args Custom args for the custom command (evaluated as a template) - ## - args: ['/opt/bitnami/scripts/adminFrontend-sidekiq/run.sh'] - ## @param sidekiq.resources Sidekiq container resource requests and limits - ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ - ## We usually recommend not to specify default resources and to leave this as a conscious - ## choice for the user. This also increases chances charts run on environments with little - ## resources, such as Minikube. If you do want to specify resources, uncomment the following - ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. - ## - resources: {} - ## Sidekiq extra options for liveness probe - ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes - ## @param sidekiq.livenessProbe.enabled Enable/disable livenessProbe - ## @param sidekiq.livenessProbe.initialDelaySeconds Delay before liveness probe is initiated - ## @param sidekiq.livenessProbe.periodSeconds How often to perform the probe - ## @param sidekiq.livenessProbe.timeoutSeconds When the probe times out - ## @param sidekiq.livenessProbe.failureThreshold Minimum consecutive failures for the probe - ## @param sidekiq.livenessProbe.successThreshold Minimum consecutive successes for the probe - ## - livenessProbe: - enabled: true - initialDelaySeconds: 500 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - successThreshold: 1 - ## Sidekiq extra options for readiness probe - ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes - ## @param sidekiq.readinessProbe.enabled Enable/disable readinessProbe - ## @param sidekiq.readinessProbe.initialDelaySeconds Delay before readiness probe is initiated - ## @param sidekiq.readinessProbe.periodSeconds How often to perform the probe - ## @param sidekiq.readinessProbe.timeoutSeconds When the probe times out - ## @param sidekiq.readinessProbe.failureThreshold Minimum consecutive failures for the probe - ## @param sidekiq.readinessProbe.successThreshold Minimum consecutive successes for the probe - ## - readinessProbe: - enabled: true - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - successThreshold: 1 - ## @param sidekiq.customLivenessProbe Custom liveness probe to execute (when the main one is disabled) - ## - customLivenessProbe: {} - ## @param sidekiq.customReadinessProbe Custom readiness probe to execute (when the main one is disabled) - ## - customReadinessProbe: {} - ## @param sidekiq.extraEnvVars An array to add extra env vars - ## For example: - ## extraEnvVars: - ## - name: DISCOURSE_ELASTICSEARCH_URL - ## value: test - ## - extraEnvVars: [] - ## @param sidekiq.extraEnvVarsCM Array to add extra configmaps - ## - extraEnvVarsCM: [] - ## @param sidekiq.extraEnvVarsSecret Name of the secret that holds extra env vars - ## - extraEnvVarsSecret: "" - ## @param sidekiq.extraVolumeMounts Additional volume mounts - ## Example: Mount CA file - ## extraVolumeMounts - ## - name: ca-cert - ## subPath: ca_cert - ## mountPath: /path/to/ca_cert - ## - extraVolumeMounts: [] - -## @section Volume Permissions parameters +## @section Volume Permissions parameters (currently disabled because there is +## no persistence in the app) ## Init containers parameters: ## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup @@ -537,7 +584,7 @@ ingress: certManager: false ## @param ingress.hostname Default host for the ingress resource ## - hostname: adminFrontend.local + hostname: adminPanel.local ## @param ingress.apiVersion Force Ingress API version (automatically detected if not set) ## apiVersion: "" @@ -562,15 +609,15 @@ ingress: ## @param ingress.extraHosts The list of additional hostnames to be covered with this ingress record. ## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array ## extraHosts: - ## - name: adminFrontend.local + ## - name: adminPanel.local ## path: / extraHosts: [] ## @param ingress.extraTls The tls configuration for additional hostnames to be covered with this ingress record. ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls ## extraTls: ## - hosts: - ## - adminFrontend.local - ## secretName: adminFrontend.local-tls + ## - adminPanel.local + ## secretName: adminPanel.local-tls extraTls: [] ## @param ingress.secrets If you're providing your own certificates, please use this to add the certificates as secrets ## key and certificate should start with -----BEGIN CERTIFICATE----- or @@ -582,7 +629,7 @@ ingress: ## It is also possible to create and manage the certificates outside of this helm chart ## Please see README.md for more information ## Example: - ## - name: adminFrontend.local-tls + ## - name: adminPanel.local-tls ## key: ## certificate: secrets: [] From e15ac52be7bcf5ce2808bced99d575ee4df4aae9 Mon Sep 17 00:00:00 2001 From: Maarten de Waard Date: Mon, 4 Oct 2021 13:53:13 +0200 Subject: [PATCH 05/11] version with working front-end --- deployment/helmchart/Chart.lock | 6 + deployment/helmchart/templates/_helpers.tpl | 77 ++++++++--- .../helmchart/templates/backend-service.yaml | 42 ++++++ .../helmchart/templates/configmaps.yaml | 5 +- .../helmchart/templates/deployment.yaml | 30 ++-- .../helmchart/templates/frontend-service.yaml | 42 ++++++ deployment/helmchart/templates/ingress.yaml | 4 +- deployment/helmchart/templates/pvc.yaml | 2 +- .../templates/secrets-admin-panel.yaml | 4 +- deployment/helmchart/templates/service.yaml | 42 ------ deployment/helmchart/values-local.yaml | 17 +++ deployment/helmchart/values.yaml | 130 +++++++++++------- 12 files changed, 266 insertions(+), 135 deletions(-) create mode 100644 deployment/helmchart/Chart.lock create mode 100644 deployment/helmchart/templates/backend-service.yaml create mode 100644 deployment/helmchart/templates/frontend-service.yaml delete mode 100644 deployment/helmchart/templates/service.yaml create mode 100644 deployment/helmchart/values-local.yaml diff --git a/deployment/helmchart/Chart.lock b/deployment/helmchart/Chart.lock new file mode 100644 index 0000000..c76e835 --- /dev/null +++ b/deployment/helmchart/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: common + repository: https://charts.bitnami.com/bitnami + version: 1.10.0 +digest: sha256:d6f283322d34efda54721ddd67aec935f1bea501c7b45dfbe89814aed21ae5dc +generated: "2021-09-30T16:27:06.738339948+02:00" diff --git a/deployment/helmchart/templates/_helpers.tpl b/deployment/helmchart/templates/_helpers.tpl index 8caf55a..f1c5a3c 100644 --- a/deployment/helmchart/templates/_helpers.tpl +++ b/deployment/helmchart/templates/_helpers.tpl @@ -20,39 +20,39 @@ Return the proper Docker image registry secret names {{/* Return true if a secret object for Admin-frontend should be created */}} -{{- define "adminPanel.createSecret" -}} -{{- if or (not .Values.adminPanel.existingSecret) (and (not .Values.adminPanel.smtp.existingSecret) .Values.adminPanel.smtp.password .Values.adminPanel.smtp.enabled) }} +{{- define "adminBackend.createSecret" -}} +{{- if or (not .Values.adminBackend.existingSecret) (and (not .Values.adminBackend.smtp.existingSecret) .Values.adminBackend.smtp.password .Values.adminBackend.smtp.enabled) }} {{- true -}} {{- end -}} {{- end -}} {{/* -Return the Admin-frontend secret name +Return the Admin-backend secret name */}} -{{- define "adminPanel.secretName" -}} -{{- if .Values.adminPanel.existingSecret }} - {{- printf "%s" .Values.adminPanel.existingSecret -}} +{{- define "adminBackend.secretName" -}} +{{- if .Values.adminBackend.existingSecret }} + {{- printf "%s" .Values.adminBackend.existingSecret -}} {{- else -}} - {{- printf "%s-adminPanel" (include "common.names.fullname" .) -}} + {{- printf "%s-admin-backend" (include "common.names.fullname" .) -}} {{- end -}} {{- end -}} {{/* -Return the Admin-frontend SMTP secret name +Return the Admin-backend SMTP secret name */}} -{{- define "adminPanel.smtp.secretName" -}} -{{- if .Values.adminPanel.smtp.existingSecret }} - {{- printf "%s" .Values.adminPanel.smtp.existingSecret -}} +{{- define "adminBackend.smtp.secretName" -}} +{{- if .Values.adminBackend.smtp.existingSecret }} + {{- printf "%s" .Values.adminBackend.smtp.existingSecret -}} {{- else -}} - {{- printf "%s-adminPanel" (include "common.names.fullname" .) -}} + {{- printf "%s-admin-backend" (include "common.names.fullname" .) -}} {{- end -}} {{- end -}} {{/* -Return true if Admin-frontend SMTP uses password authentication +Return true if Admin-backend SMTP uses password authentication */}} -{{- define "adminPanel.smtp.password.enabled" -}} -{{- if and (or .Values.adminPanel.smtp.password .Values.adminPanel.smtp.existingSecret) .Values.adminPanel.smtp.enabled }} +{{- define "adminBackend.smtp.password.enabled" -}} +{{- if and (or .Values.adminBackend.smtp.password .Values.adminBackend.smtp.existingSecret) .Values.adminBackend.smtp.enabled }} {{- true -}} {{- end -}} {{- end -}} @@ -61,11 +61,11 @@ Return true if Admin-frontend SMTP uses password authentication Get the user defined LoadBalancerIP for this release Note, returns 127.0.0.1 if using ClusterIP. */}} -{{- define "adminPanel.serviceIP" -}} -{{- if eq .Values.service.type "ClusterIP" -}} +{{- define "adminFrontend.serviceIP" -}} +{{- if eq .Values.adminFrontend.service.type "ClusterIP" -}} 127.0.0.1 {{- else -}} -{{- .Values.service.loadBalancerIP | default "" -}} +{{- .Values.adminFrontend.service.loadBalancerIP | default "" -}} {{- end -}} {{- end -}} @@ -73,9 +73,44 @@ Note, returns 127.0.0.1 if using ClusterIP. Gets the host to be used for this application. If not using ClusterIP, or if a host or LoadBalancerIP is not defined, the value will be empty */}} -{{- define "adminPanel.host" -}} -{{- $host := .Values.adminPanel.host | default "" -}} -{{- default (include "adminPanel.serviceIP" .) $host -}} +{{- define "adminFrontend.host" -}} +{{- $host := .Values.adminFrontend.host | default "" -}} +{{- default (include "adminFrontend.serviceIP" .) $host -}} +{{- end -}} + +{{/* +Service name for the backend service +*/}} +{{- define "adminBackend.serviceName" -}} + {{ include "common.names.fullname" . }}-backend +{{- end -}} + +{{/* +Service name for the frontend service +*/}} +{{- define "adminFrontend.serviceName" -}} + {{ include "common.names.fullname" . }}-frontend +{{- end -}} + +{{/* +Get the user defined LoadBalancerIP for this release +Note, returns 127.0.0.1 if using ClusterIP. +*/}} +{{- define "adminBackend.serviceIP" -}} +{{- if eq .Values.adminBackend.service.type "ClusterIP" -}} +127.0.0.1 +{{- else -}} +{{- .Values.adminBackend.service.loadBalancerIP | default "" -}} +{{- end -}} +{{- end -}} + +{{/* +Gets the host to be used for this application. +If not using ClusterIP, or if a host or LoadBalancerIP is not defined, the value will be empty +*/}} +{{- define "adminBackend.host" -}} +{{- $host := .Values.adminBackend.host | default "" -}} +{{- default (include "adminBackend.serviceIP" .) $host -}} {{- end -}} {{/* diff --git a/deployment/helmchart/templates/backend-service.yaml b/deployment/helmchart/templates/backend-service.yaml new file mode 100644 index 0000000..7577b7d --- /dev/null +++ b/deployment/helmchart/templates/backend-service.yaml @@ -0,0 +1,42 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "adminBackend.serviceName" . }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if or .Values.adminBackend.service.annotations .Values.commonAnnotations}} + annotations: + {{- if .Values.adminBackend.service.annotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.service.annotations "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }} + {{- end }} + {{- end }} +spec: + type: {{ .Values.adminBackend.service.type }} + {{- if (or (eq .Values.adminBackend.service.type "LoadBalancer") (eq .Values.adminBackend.service.type "NodePort")) }} + externalTrafficPolicy: {{ .Values.adminBackend.service.externalTrafficPolicy | quote }} + {{- end }} + {{- if (and (eq .Values.adminBackend.service.type "LoadBalancer") (not (empty .Values.adminBackend.service.loadBalancerIP))) }} + loadBalancerIP: {{ .Values.adminBackend.service.loadBalancerIP }} + {{- end }} + {{- if (and (eq .Values.adminBackend.service.type "LoadBalancer") .Values.adminBackend.service.loadBalancerSourceRanges) }} + loadBalancerSourceRanges: + {{ toYaml .Values.adminBackend.service.loadBalancerSourceRanges | nindent 4 }} + {{- end }} + ports: + - name: http + port: {{ .Values.adminBackend.service.port }} + targetPort: backend-http + {{- if (and (or (eq .Values.adminBackend.service.type "NodePort") (eq .Values.adminBackend.service.type "LoadBalancer")) (not (empty .Values.adminBackend.service.nodePorts.http))) }} + nodePort: {{ .Values.adminBackend.service.nodePorts.http }} + {{- else if eq .Values.adminBackend.service.type "ClusterIP" }} + nodePort: null + {{- end }} + {{- if .Values.adminBackend.service.extraPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.service.extraPorts "context" $) | nindent 4 }} + {{- end }} + selector: {{- include "common.labels.matchLabels" . | nindent 4 }} diff --git a/deployment/helmchart/templates/configmaps.yaml b/deployment/helmchart/templates/configmaps.yaml index 71fde30..d893d75 100644 --- a/deployment/helmchart/templates/configmaps.yaml +++ b/deployment/helmchart/templates/configmaps.yaml @@ -10,9 +10,8 @@ metadata: annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} data: - {{- $port := .Values.service.port | toString }} - REACT_APP_API_URL: {{ .Values.adminBackend.host }}{{ .Values.adminBackend.ApiUrl }} - EXTEND_ESLINT: {{ .Values.adminFrontend.extendEslint }} + REACT_APP_API_URL: "{{ include "adminBackend.serviceName" .}}" + EXTEND_ESLINT: "{{ .Values.adminFrontend.extendEslint }}" ADMIN_FRONTEND_HOST: "{{ include "adminFrontend.host" . }}" ADMIN_BACKEND_HOST: "{{ include "adminBackend.host" . }}" # Probably needed in the future: diff --git a/deployment/helmchart/templates/deployment.yaml b/deployment/helmchart/templates/deployment.yaml index 734e72e..7dec374 100644 --- a/deployment/helmchart/templates/deployment.yaml +++ b/deployment/helmchart/templates/deployment.yaml @@ -1,4 +1,4 @@ -{{- if and (include "adminFrontend.host" .) (include "adminBackend.host" .) -}} +{{- if include "adminFrontend.host" . -}} apiVersion: {{ template "common.capabilities.deployment.apiVersion" . }} kind: Deployment metadata: @@ -30,7 +30,7 @@ spec: annotations: {{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }} {{- end }} spec: - {{- include "adminFrontend.imagePullSecrets" . | nindent 6 }} + {{- include "adminPanel.imagePullSecrets" . | nindent 6 }} {{- if .Values.hostAliases }} hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }} {{- end }} @@ -55,7 +55,7 @@ spec: {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }} {{- end }} containers: - - name: adminFrontend + - name: admin-frontend securityContext: {{- toYaml .Values.adminFrontend.containerSecurityContext | nindent 12 }} image: {{ template "adminFrontend.image" . }} imagePullPolicy: {{ .Values.image.pullPolicy | quote }} @@ -81,14 +81,14 @@ spec: name: {{ .Values.adminFrontend.extraEnvVarsSecret }} {{- end }} ports: - - name: http - containerPort: 3000 + - name: frontend-http + containerPort: 80 protocol: TCP {{- if .Values.adminFrontend.livenessProbe.enabled }} livenessProbe: httpGet: path: /srv/status - port: http + port: frontend-http initialDelaySeconds: {{ .Values.adminFrontend.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.adminFrontend.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.adminFrontend.livenessProbe.timeoutSeconds }} @@ -101,7 +101,7 @@ spec: readinessProbe: httpGet: path: /srv/status - port: http + port: frontend-http initialDelaySeconds: {{ .Values.adminFrontend.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.adminFrontend.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.adminFrontend.readinessProbe.timeoutSeconds }} @@ -111,16 +111,13 @@ spec: readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.customReadinessProbe "context" $) | nindent 12 }} {{- end }} volumeMounts: - - name: adminFrontend-data - mountPath: /bitnami/adminFrontend - subPath: adminFrontend {{- if .Values.adminFrontend.extraVolumeMounts }} {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.extraVolumeMounts "context" $) | nindent 12 }} {{- end }} {{- if .Values.adminFrontend.resources }} resources: {{- toYaml .Values.adminFrontend.resources | nindent 12 }} {{- end }} - - name: adminBackend + - name: admin-backend securityContext: {{- toYaml .Values.adminBackend.containerSecurityContext | nindent 12 }} image: {{ template "adminBackend.image" . }} imagePullPolicy: {{ .Values.image.pullPolicy | quote }} @@ -158,14 +155,14 @@ spec: name: {{ .Values.adminBackend.extraEnvVarsSecret }} {{- end }} ports: - - name: http - containerPort: 3000 + - name: backend-http + containerPort: 5000 protocol: TCP {{- if .Values.adminBackend.livenessProbe.enabled }} livenessProbe: httpGet: path: /srv/status - port: http + port: backend-http initialDelaySeconds: {{ .Values.adminBackend.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.adminBackend.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.adminBackend.livenessProbe.timeoutSeconds }} @@ -178,7 +175,7 @@ spec: readinessProbe: httpGet: path: /srv/status - port: http + port: backend-http initialDelaySeconds: {{ .Values.adminBackend.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.adminBackend.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.adminBackend.readinessProbe.timeoutSeconds }} @@ -188,9 +185,6 @@ spec: readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.customReadinessProbe "context" $) | nindent 12 }} {{- end }} volumeMounts: - - name: adminBackend-data - mountPath: /bitnami/adminBackend - subPath: adminBackend {{- if .Values.adminBackend.extraVolumeMounts }} {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.extraVolumeMounts "context" $) | nindent 12 }} {{- end }} diff --git a/deployment/helmchart/templates/frontend-service.yaml b/deployment/helmchart/templates/frontend-service.yaml new file mode 100644 index 0000000..cbf69c5 --- /dev/null +++ b/deployment/helmchart/templates/frontend-service.yaml @@ -0,0 +1,42 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "adminFrontend.serviceName" . }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if or .Values.adminFrontend.service.annotations .Values.commonAnnotations}} + annotations: + {{- if .Values.adminFrontend.service.annotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.service.annotations "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }} + {{- end }} + {{- end }} +spec: + type: {{ .Values.adminFrontend.service.type }} + {{- if (or (eq .Values.adminFrontend.service.type "LoadBalancer") (eq .Values.adminFrontend.service.type "NodePort")) }} + externalTrafficPolicy: {{ .Values.adminFrontend.service.externalTrafficPolicy | quote }} + {{- end }} + {{- if (and (eq .Values.adminFrontend.service.type "LoadBalancer") (not (empty .Values.adminFrontend.service.loadBalancerIP))) }} + loadBalancerIP: {{ .Values.adminFrontend.service.loadBalancerIP }} + {{- end }} + {{- if (and (eq .Values.adminFrontend.service.type "LoadBalancer") .Values.adminFrontend.service.loadBalancerSourceRanges) }} + loadBalancerSourceRanges: + {{ toYaml .Values.adminFrontend.service.loadBalancerSourceRanges | nindent 4 }} + {{- end }} + ports: + - name: http + port: {{ .Values.adminFrontend.service.port }} + targetPort: frontend-http + {{- if (and (or (eq .Values.adminFrontend.service.type "NodePort") (eq .Values.adminFrontend.service.type "LoadBalancer")) (not (empty .Values.adminFrontend.service.nodePorts.http))) }} + nodePort: {{ .Values.adminFrontend.service.nodePorts.http }} + {{- else if eq .Values.adminFrontend.service.type "ClusterIP" }} + nodePort: null + {{- end }} + {{- if .Values.adminFrontend.service.extraPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.service.extraPorts "context" $) | nindent 4 }} + {{- end }} + selector: {{- include "common.labels.matchLabels" . | nindent 4 }} diff --git a/deployment/helmchart/templates/ingress.yaml b/deployment/helmchart/templates/ingress.yaml index f266f58..e06ffa7 100644 --- a/deployment/helmchart/templates/ingress.yaml +++ b/deployment/helmchart/templates/ingress.yaml @@ -40,7 +40,7 @@ spec: {{- if eq "true" (include "common.ingress.supportsPathType" .) }} pathType: {{ .Values.ingress.pathType }} {{- end }} - backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" .) "servicePort" "http" "context" $) | nindent 14 }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "adminFrontend.serviceName" .) "servicePort" "frontend-http" "context" $) | nindent 14 }} {{- end }} {{- range .Values.ingress.extraHosts }} - host: {{ .name }} @@ -50,6 +50,6 @@ spec: {{- if eq "true" (include "common.ingress.supportsPathType" $) }} pathType: {{ default "ImplementationSpecific" .pathType }} {{- end }} - backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" $) "servicePort" "http" "context" $) | nindent 14 }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "adminFrontend.serviceName" $) "servicePort" "frontend-http" "context" $) | nindent 14 }} {{- end }} {{- end }} diff --git a/deployment/helmchart/templates/pvc.yaml b/deployment/helmchart/templates/pvc.yaml index 87aedd2..eced3e8 100644 --- a/deployment/helmchart/templates/pvc.yaml +++ b/deployment/helmchart/templates/pvc.yaml @@ -1,5 +1,5 @@ # Disabled by default because the current admin panel does not need persistence -{{- if and (include "adminPanel.host" .) .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +{{- if and (include "adminFrontend.host" .) .Values.persistence.enabled (not .Values.persistence.existingClaim) }} kind: PersistentVolumeClaim apiVersion: v1 metadata: diff --git a/deployment/helmchart/templates/secrets-admin-panel.yaml b/deployment/helmchart/templates/secrets-admin-panel.yaml index 46a0dce..9955232 100644 --- a/deployment/helmchart/templates/secrets-admin-panel.yaml +++ b/deployment/helmchart/templates/secrets-admin-panel.yaml @@ -1,8 +1,8 @@ -{{- if (include "adminPanel.createSecret" .) }} +{{- if (include "adminBackend.createSecret" .) }} apiVersion: v1 kind: Secret metadata: - name: {{ template "common.names.fullname" . }}-adminPanel + name: {{ include "adminBackend.secretName" . }} labels: {{- include "common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} diff --git a/deployment/helmchart/templates/service.yaml b/deployment/helmchart/templates/service.yaml deleted file mode 100644 index b196f32..0000000 --- a/deployment/helmchart/templates/service.yaml +++ /dev/null @@ -1,42 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.names.fullname" . }} - labels: {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if or .Values.service.annotations .Values.commonAnnotations}} - annotations: - {{- if .Values.service.annotations }} - {{- include "common.tplvalues.render" (dict "value" .Values.service.annotations "context" $) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }} - {{- end }} - {{- end }} -spec: - type: {{ .Values.service.type }} - {{- if (or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort")) }} - externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | quote }} - {{- end }} - {{- if (and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP))) }} - loadBalancerIP: {{ .Values.service.loadBalancerIP }} - {{- end }} - {{- if (and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerSourceRanges) }} - loadBalancerSourceRanges: - {{ toYaml .Values.service.loadBalancerSourceRanges | nindent 4 }} - {{- end }} - ports: - - name: http - port: {{ .Values.service.port }} - targetPort: http - {{- if (and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.http))) }} - nodePort: {{ .Values.service.nodePorts.http }} - {{- else if eq .Values.service.type "ClusterIP" }} - nodePort: null - {{- end }} - {{- if .Values.service.extraPorts }} - {{- include "common.tplvalues.render" (dict "value" .Values.service.extraPorts "context" $) | nindent 4 }} - {{- end }} - selector: {{- include "common.labels.matchLabels" . | nindent 4 }} diff --git a/deployment/helmchart/values-local.yaml b/deployment/helmchart/values-local.yaml new file mode 100644 index 0000000..d14982a --- /dev/null +++ b/deployment/helmchart/values-local.yaml @@ -0,0 +1,17 @@ +adminFrontend: + host: dashboard.oas-test2.maartendewaard.nl + livenessProbe: + enabled: false + readinessProbe: + enabled: false + +adminBackend: + livenessProbe: + enabled: false + readinessProbe: + enabled: false + +ingress: + enabled: true + certManager: true + hostname: dashboard.oas-test2.maartendewaard.nl diff --git a/deployment/helmchart/values.yaml b/deployment/helmchart/values.yaml index 8a79d21..4f155b4 100644 --- a/deployment/helmchart/values.yaml +++ b/deployment/helmchart/values.yaml @@ -35,50 +35,14 @@ commonLabels: {} commonAnnotations: {} -## @section Service parameters - -## Kubernetes service configuration. For minikube, set this to NodePort, elsewhere use LoadBalancer or ClusterIP -## -service: - ## @param service.type Kubernetes Service type - ## - type: LoadBalancer - ## @param service.port Service HTTP port - ## - port: 80 - ## @param service.nodePort Node Ports to expose - ## - nodePort: "" - ## @param service.loadBalancerIP Use loadBalancerIP to request a specific static IP - ## - loadBalancerIP: "" - ## @param service.externalTrafficPolicy Enable client source IP preservation - ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip - ## - externalTrafficPolicy: Cluster - ## @param service.annotations Service annotations - ## - annotations: {} - ## @param service.loadBalancerSourceRanges Limits which cidr blocks can connect to service's load balancer - ## Only valid if service.type: LoadBalancer - ## - loadBalancerSourceRanges: [] - ## @param service.extraPorts Extra ports to expose (normally used with the `sidecar` value) - ## - extraPorts: [] - ## @param service.nodePorts.http Kubernetes http node port - ## Example: - ## nodePorts: - ## http: - ## - nodePorts: - http: "" ## @section Discourse parameters ## @param imagePullSecrets Specify docker-registry secret names as an array ## -imagePullSecrets: [] +image: + imagePullSecrets: [] + ## Admin frontend configuration parameters ## ref: https://open.greenhost.net/openappstack/admin-frontend ## @@ -109,6 +73,44 @@ adminFrontend: ## - myRegistryKeySecretName ## pullSecrets: [] + ## @section Service parameters + + ## Kubernetes service configuration. For minikube, set this to NodePort, elsewhere use LoadBalancer or ClusterIP + ## + service: + ## @param service.type Kubernetes Service type + ## + type: ClusterIP + ## @param service.port Service HTTP port + ## + port: 80 + ## @param service.nodePort Node Ports to expose + ## + nodePort: "" + ## @param service.loadBalancerIP Use loadBalancerIP to request a specific static IP + ## + loadBalancerIP: "" + ## @param service.externalTrafficPolicy Enable client source IP preservation + ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip + ## + externalTrafficPolicy: Cluster + ## @param service.annotations Service annotations + ## + annotations: {} + ## @param service.loadBalancerSourceRanges Limits which cidr blocks can connect to service's load balancer + ## Only valid if service.type: LoadBalancer + ## + loadBalancerSourceRanges: [] + ## @param service.extraPorts Extra ports to expose (normally used with the `sidecar` value) + ## + extraPorts: [] + ## @param service.nodePorts.http Kubernetes http node port + ## Example: + ## nodePorts: + ## http: + ## + nodePorts: + http: "" ## @param adminFrontend.extendEslint Whether to read .eslint.json rules extendEslint: false ## @param adminFrontend.host Discourse host to create application URLs (include the port if =/= 80) @@ -244,9 +246,45 @@ adminBackend: ## - myRegistryKeySecretName ## pullSecrets: [] - ## @param adminBackend.host API host (include the port if =/= 80) + + ## Kubernetes service configuration. For minikube, set this to NodePort, elsewhere use LoadBalancer or ClusterIP ## - host: "" + service: + ## @param service.type Kubernetes Service type + ## + type: ClusterIP + ## @param service.port Service HTTP port + ## + port: 80 + ## @param service.nodePort Node Ports to expose + ## + nodePort: "" + ## @param service.loadBalancerIP Use loadBalancerIP to request a specific static IP + ## + loadBalancerIP: "" + ## @param service.externalTrafficPolicy Enable client source IP preservation + ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip + ## + externalTrafficPolicy: Cluster + ## @param service.annotations Service annotations + ## + annotations: {} + ## @param service.loadBalancerSourceRanges Limits which cidr blocks can connect to service's load balancer + ## Only valid if service.type: LoadBalancer + ## + loadBalancerSourceRanges: [] + ## @param service.extraPorts Extra ports to expose (normally used with the `sidecar` value) + ## + extraPorts: [] + ## @param service.nodePorts.http Kubernetes http node port + ## Example: + ## nodePorts: + ## http: + ## + nodePorts: + http: "" + + ## @param adminBackend.reactAppApiUrl URL to the admin-backend API apiUrl: "/api/v1" @@ -584,7 +622,7 @@ ingress: certManager: false ## @param ingress.hostname Default host for the ingress resource ## - hostname: adminPanel.local + hostname: adminpanel.local ## @param ingress.apiVersion Force Ingress API version (automatically detected if not set) ## apiVersion: "" @@ -609,15 +647,15 @@ ingress: ## @param ingress.extraHosts The list of additional hostnames to be covered with this ingress record. ## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array ## extraHosts: - ## - name: adminPanel.local + ## - name: adminpanel.local ## path: / extraHosts: [] ## @param ingress.extraTls The tls configuration for additional hostnames to be covered with this ingress record. ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls ## extraTls: ## - hosts: - ## - adminPanel.local - ## secretName: adminPanel.local-tls + ## - adminpanel.local + ## secretName: adminpanel.local-tls extraTls: [] ## @param ingress.secrets If you're providing your own certificates, please use this to add the certificates as secrets ## key and certificate should start with -----BEGIN CERTIFICATE----- or @@ -629,7 +667,7 @@ ingress: ## It is also possible to create and manage the certificates outside of this helm chart ## Please see README.md for more information ## Example: - ## - name: adminPanel.local-tls + ## - name: adminpanel.local-tls ## key: ## certificate: secrets: [] From 18276be75da9ab25a19cf4aaea79b0bc5b24bb34 Mon Sep 17 00:00:00 2001 From: Maarten de Waard Date: Tue, 5 Oct 2021 16:13:59 +0200 Subject: [PATCH 06/11] use relative path for backend URLs --- .env | 4 ++-- .gitignore | 3 +++ deployment/helmchart/templates/configmaps.yaml | 6 ++---- deployment/helmchart/templates/deployment.yaml | 8 ++++---- deployment/helmchart/templates/ingress.yaml | 11 +++++++++++ deployment/helmchart/values-local.yaml | 2 ++ deployment/helmchart/values.yaml | 8 ++++---- 7 files changed, 28 insertions(+), 14 deletions(-) diff --git a/.env b/.env index d2d7b10..1542add 100644 --- a/.env +++ b/.env @@ -1,2 +1,2 @@ -REACT_APP_API_URL=https://oas-api.initdevelopment.com/api/v1 -EXTEND_ESLINT=true \ No newline at end of file +REACT_APP_API_URL=/api/v1 +EXTEND_ESLINT=true diff --git a/.gitignore b/.gitignore index 9d70429..59d0f65 100644 --- a/.gitignore +++ b/.gitignore @@ -25,3 +25,6 @@ yarn-error.log* .eslintcache cypress/videos/ + +# Helm dependencies +deployment/helmchart/charts/ diff --git a/deployment/helmchart/templates/configmaps.yaml b/deployment/helmchart/templates/configmaps.yaml index d893d75..ff3878c 100644 --- a/deployment/helmchart/templates/configmaps.yaml +++ b/deployment/helmchart/templates/configmaps.yaml @@ -10,10 +10,8 @@ metadata: annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} data: - REACT_APP_API_URL: "{{ include "adminBackend.serviceName" .}}" - EXTEND_ESLINT: "{{ .Values.adminFrontend.extendEslint }}" - ADMIN_FRONTEND_HOST: "{{ include "adminFrontend.host" . }}" - ADMIN_BACKEND_HOST: "{{ include "adminBackend.host" . }}" + # ADMIN_FRONTEND_HOST: "{{ include "adminFrontend.host" . }}" + # ADMIN_BACKEND_HOST: "{{ include "adminBackend.host" . }}" # Probably needed in the future: # ADMIN_BACKEND_USERNAME: {{ .Values.adminBackend.username | quote }} # ADMIN_BACKEND_EMAIL: {{ .Values.adminBackend.email | quote }} diff --git a/deployment/helmchart/templates/deployment.yaml b/deployment/helmchart/templates/deployment.yaml index 7dec374..8383ead 100644 --- a/deployment/helmchart/templates/deployment.yaml +++ b/deployment/helmchart/templates/deployment.yaml @@ -87,7 +87,7 @@ spec: {{- if .Values.adminFrontend.livenessProbe.enabled }} livenessProbe: httpGet: - path: /srv/status + path: / port: frontend-http initialDelaySeconds: {{ .Values.adminFrontend.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.adminFrontend.livenessProbe.periodSeconds }} @@ -100,7 +100,7 @@ spec: {{- if .Values.adminFrontend.readinessProbe.enabled }} readinessProbe: httpGet: - path: /srv/status + path: / port: frontend-http initialDelaySeconds: {{ .Values.adminFrontend.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.adminFrontend.readinessProbe.periodSeconds }} @@ -161,7 +161,7 @@ spec: {{- if .Values.adminBackend.livenessProbe.enabled }} livenessProbe: httpGet: - path: /srv/status + path: / port: backend-http initialDelaySeconds: {{ .Values.adminBackend.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.adminBackend.livenessProbe.periodSeconds }} @@ -174,7 +174,7 @@ spec: {{- if .Values.adminBackend.readinessProbe.enabled }} readinessProbe: httpGet: - path: /srv/status + path: / port: backend-http initialDelaySeconds: {{ .Values.adminBackend.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.adminBackend.readinessProbe.periodSeconds }} diff --git a/deployment/helmchart/templates/ingress.yaml b/deployment/helmchart/templates/ingress.yaml index e06ffa7..e200ea1 100644 --- a/deployment/helmchart/templates/ingress.yaml +++ b/deployment/helmchart/templates/ingress.yaml @@ -41,6 +41,12 @@ spec: pathType: {{ .Values.ingress.pathType }} {{- end }} backend: {{- include "common.ingress.backend" (dict "serviceName" (include "adminFrontend.serviceName" .) "servicePort" "frontend-http" "context" $) | nindent 14 }} + # Forward API calls to the back-end container + - path: {{ .Values.ingress.path }}api/v1 + {{- if eq "true" (include "common.ingress.supportsPathType" .) }} + pathType: {{ .Values.ingress.pathType }} + {{- end }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "adminBackend.serviceName" .) "servicePort" "backend-http" "context" $) | nindent 14 }} {{- end }} {{- range .Values.ingress.extraHosts }} - host: {{ .name }} @@ -51,5 +57,10 @@ spec: pathType: {{ default "ImplementationSpecific" .pathType }} {{- end }} backend: {{- include "common.ingress.backend" (dict "serviceName" (include "adminFrontend.serviceName" $) "servicePort" "frontend-http" "context" $) | nindent 14 }} + - path: {{ default "/" .path }}api/v1 + {{- if eq "true" (include "common.ingress.supportsPathType" $) }} + pathType: {{ default "ImplementationSpecific" .pathType }} + {{- end }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "adminBackend.serviceName" .) "servicePort" "backend-http" "context" $) | nindent 14 }} {{- end }} {{- end }} diff --git a/deployment/helmchart/values-local.yaml b/deployment/helmchart/values-local.yaml index d14982a..a33145a 100644 --- a/deployment/helmchart/values-local.yaml +++ b/deployment/helmchart/values-local.yaml @@ -4,6 +4,8 @@ adminFrontend: enabled: false readinessProbe: enabled: false + image: + tag: 2-add-helm-chart adminBackend: livenessProbe: diff --git a/deployment/helmchart/values.yaml b/deployment/helmchart/values.yaml index 4f155b4..f63b3e9 100644 --- a/deployment/helmchart/values.yaml +++ b/deployment/helmchart/values.yaml @@ -165,7 +165,7 @@ adminFrontend: ## livenessProbe: enabled: true - initialDelaySeconds: 500 + initialDelaySeconds: 10 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 6 @@ -183,7 +183,7 @@ adminFrontend: ## readinessProbe: enabled: true - initialDelaySeconds: 30 + initialDelaySeconds: 10 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 6 @@ -377,7 +377,7 @@ adminBackend: ## livenessProbe: enabled: true - initialDelaySeconds: 500 + initialDelaySeconds: 10 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 6 @@ -395,7 +395,7 @@ adminBackend: ## readinessProbe: enabled: true - initialDelaySeconds: 30 + initialDelaySeconds: 10 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 6 From 80c2f776d352abec9322ef9bd010783c41eacbd2 Mon Sep 17 00:00:00 2001 From: Maarten de Waard Date: Tue, 5 Oct 2021 16:39:47 +0200 Subject: [PATCH 07/11] rename adminPanel to dashboard and adminFrontend and adminBackend to frontend and backend. Fix JWT secrets --- deployment/helmchart/Chart.yaml | 10 +- deployment/helmchart/templates/_helpers.tpl | 66 +++---- .../helmchart/templates/backend-service.yaml | 34 ++-- .../helmchart/templates/configmaps.yaml | 29 ++-- .../helmchart/templates/deployment.yaml | 152 ++++++++-------- .../helmchart/templates/frontend-service.yaml | 34 ++-- deployment/helmchart/templates/ingress.yaml | 8 +- deployment/helmchart/templates/pvc.yaml | 6 +- .../templates/secrets-admin-panel.yaml | 16 +- .../helmchart/templates/serviceaccount.yaml | 2 +- deployment/helmchart/values-local.yaml | 5 +- deployment/helmchart/values.yaml | 164 +++++++++--------- 12 files changed, 268 insertions(+), 258 deletions(-) diff --git a/deployment/helmchart/Chart.yaml b/deployment/helmchart/Chart.yaml index 8fab06a..f444ef0 100644 --- a/deployment/helmchart/Chart.yaml +++ b/deployment/helmchart/Chart.yaml @@ -10,16 +10,16 @@ dependencies: version: 1.x.x description: A Helm chart for deploying the Stackspin Dashboard to Kubernetes engine: gotpl -home: https://open.greenhost.net/openappstack/admin-frontend/ -icon: https://open.greenhost.net/openappstack/admin-frontend/-/blob/master/public/assets/logo.svg +home: https://open.greenhost.net/openappstack/dashboard-frontend/ +icon: https://open.greenhost.net/openappstack/dashboard-frontend/-/blob/master/public/assets/logo.svg keywords: - stackspin - dashboard maintainers: - email: info@openappstack.net name: Stackspin -name: admin-panel +name: dashboard sources: - - https://open.greenhost.net/openappstack/admin-frontend/ - - https://open.greenhost.net/openappstack/admin-backend/ + - https://open.greenhost.net/openappstack/dashboard-frontend/ + - https://open.greenhost.net/openappstack/dashboard-backend/ version: 0.1.0 diff --git a/deployment/helmchart/templates/_helpers.tpl b/deployment/helmchart/templates/_helpers.tpl index f1c5a3c..1731d23 100644 --- a/deployment/helmchart/templates/_helpers.tpl +++ b/deployment/helmchart/templates/_helpers.tpl @@ -2,7 +2,7 @@ {{/* Create the name of the service account to use */}} -{{- define "adminPanel.serviceAccountName" -}} +{{- define "dashboard.serviceAccountName" -}} {{- if .Values.serviceAccount.create -}} {{ default (include "common.names.fullname" .) .Values.serviceAccount.name }} {{- else -}} @@ -13,15 +13,15 @@ Create the name of the service account to use {{/* Return the proper Docker image registry secret names */}} -{{- define "adminPanel.imagePullSecrets" -}} +{{- define "dashboard.imagePullSecrets" -}} {{ include "common.images.pullSecrets" (dict "images" (list .Values.image) "global" .Values.global) }} {{- end -}} {{/* Return true if a secret object for Admin-frontend should be created */}} -{{- define "adminBackend.createSecret" -}} -{{- if or (not .Values.adminBackend.existingSecret) (and (not .Values.adminBackend.smtp.existingSecret) .Values.adminBackend.smtp.password .Values.adminBackend.smtp.enabled) }} +{{- define "backend.createSecret" -}} +{{- if or (not .Values.backend.existingSecret) (and (not .Values.backend.smtp.existingSecret) .Values.backend.smtp.password .Values.backend.smtp.enabled) }} {{- true -}} {{- end -}} {{- end -}} @@ -29,30 +29,30 @@ Return true if a secret object for Admin-frontend should be created {{/* Return the Admin-backend secret name */}} -{{- define "adminBackend.secretName" -}} -{{- if .Values.adminBackend.existingSecret }} - {{- printf "%s" .Values.adminBackend.existingSecret -}} +{{- define "backend.secretName" -}} +{{- if .Values.backend.existingSecret }} + {{- printf "%s" .Values.backend.existingSecret -}} {{- else -}} - {{- printf "%s-admin-backend" (include "common.names.fullname" .) -}} + {{- printf "%s-backend" (include "common.names.fullname" .) -}} {{- end -}} {{- end -}} {{/* Return the Admin-backend SMTP secret name */}} -{{- define "adminBackend.smtp.secretName" -}} -{{- if .Values.adminBackend.smtp.existingSecret }} - {{- printf "%s" .Values.adminBackend.smtp.existingSecret -}} +{{- define "backend.smtp.secretName" -}} +{{- if .Values.backend.smtp.existingSecret }} + {{- printf "%s" .Values.backend.smtp.existingSecret -}} {{- else -}} - {{- printf "%s-admin-backend" (include "common.names.fullname" .) -}} + {{- printf "%s-backend" (include "common.names.fullname" .) -}} {{- end -}} {{- end -}} {{/* Return true if Admin-backend SMTP uses password authentication */}} -{{- define "adminBackend.smtp.password.enabled" -}} -{{- if and (or .Values.adminBackend.smtp.password .Values.adminBackend.smtp.existingSecret) .Values.adminBackend.smtp.enabled }} +{{- define "backend.smtp.password.enabled" -}} +{{- if and (or .Values.backend.smtp.password .Values.backend.smtp.existingSecret) .Values.backend.smtp.enabled }} {{- true -}} {{- end -}} {{- end -}} @@ -61,11 +61,11 @@ Return true if Admin-backend SMTP uses password authentication Get the user defined LoadBalancerIP for this release Note, returns 127.0.0.1 if using ClusterIP. */}} -{{- define "adminFrontend.serviceIP" -}} -{{- if eq .Values.adminFrontend.service.type "ClusterIP" -}} +{{- define "frontend.serviceIP" -}} +{{- if eq .Values.frontend.service.type "ClusterIP" -}} 127.0.0.1 {{- else -}} -{{- .Values.adminFrontend.service.loadBalancerIP | default "" -}} +{{- .Values.frontend.service.loadBalancerIP | default "" -}} {{- end -}} {{- end -}} @@ -73,22 +73,22 @@ Note, returns 127.0.0.1 if using ClusterIP. Gets the host to be used for this application. If not using ClusterIP, or if a host or LoadBalancerIP is not defined, the value will be empty */}} -{{- define "adminFrontend.host" -}} -{{- $host := .Values.adminFrontend.host | default "" -}} -{{- default (include "adminFrontend.serviceIP" .) $host -}} +{{- define "frontend.host" -}} +{{- $host := .Values.frontend.host | default "" -}} +{{- default (include "frontend.serviceIP" .) $host -}} {{- end -}} {{/* Service name for the backend service */}} -{{- define "adminBackend.serviceName" -}} +{{- define "backend.serviceName" -}} {{ include "common.names.fullname" . }}-backend {{- end -}} {{/* Service name for the frontend service */}} -{{- define "adminFrontend.serviceName" -}} +{{- define "frontend.serviceName" -}} {{ include "common.names.fullname" . }}-frontend {{- end -}} @@ -96,11 +96,11 @@ Service name for the frontend service Get the user defined LoadBalancerIP for this release Note, returns 127.0.0.1 if using ClusterIP. */}} -{{- define "adminBackend.serviceIP" -}} -{{- if eq .Values.adminBackend.service.type "ClusterIP" -}} +{{- define "backend.serviceIP" -}} +{{- if eq .Values.backend.service.type "ClusterIP" -}} 127.0.0.1 {{- else -}} -{{- .Values.adminBackend.service.loadBalancerIP | default "" -}} +{{- .Values.backend.service.loadBalancerIP | default "" -}} {{- end -}} {{- end -}} @@ -108,27 +108,27 @@ Note, returns 127.0.0.1 if using ClusterIP. Gets the host to be used for this application. If not using ClusterIP, or if a host or LoadBalancerIP is not defined, the value will be empty */}} -{{- define "adminBackend.host" -}} -{{- $host := .Values.adminBackend.host | default "" -}} -{{- default (include "adminBackend.serviceIP" .) $host -}} +{{- define "backend.host" -}} +{{- $host := .Values.backend.host | default "" -}} +{{- default (include "backend.serviceIP" .) $host -}} {{- end -}} {{/* Return the proper Admin-frontend image name */}} -{{- define "adminFrontend.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.adminFrontend.image "global" .Values.global) }} +{{- define "frontend.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.frontend.image "global" .Values.global) }} {{- end -}} {{/* Return the proper Admin-backend image name */}} -{{- define "adminBackend.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.adminBackend.image "global" .Values.global) }} +{{- define "backend.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.backend.image "global" .Values.global) }} {{- end -}} {{/* Return the proper Storage Class */}} -{{- define "adminPanel.storageClass" -}} +{{- define "dashboard.storageClass" -}} {{- include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) -}} {{- end -}} diff --git a/deployment/helmchart/templates/backend-service.yaml b/deployment/helmchart/templates/backend-service.yaml index 7577b7d..fe6b59f 100644 --- a/deployment/helmchart/templates/backend-service.yaml +++ b/deployment/helmchart/templates/backend-service.yaml @@ -1,42 +1,42 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "adminBackend.serviceName" . }} + name: {{ include "backend.serviceName" . }} labels: {{- include "common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} - {{- if or .Values.adminBackend.service.annotations .Values.commonAnnotations}} + {{- if or .Values.backend.service.annotations .Values.commonAnnotations}} annotations: - {{- if .Values.adminBackend.service.annotations }} - {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.service.annotations "context" $) | nindent 4 }} + {{- if .Values.backend.service.annotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.backend.service.annotations "context" $) | nindent 4 }} {{- end }} {{- if .Values.commonAnnotations }} {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }} {{- end }} {{- end }} spec: - type: {{ .Values.adminBackend.service.type }} - {{- if (or (eq .Values.adminBackend.service.type "LoadBalancer") (eq .Values.adminBackend.service.type "NodePort")) }} - externalTrafficPolicy: {{ .Values.adminBackend.service.externalTrafficPolicy | quote }} + type: {{ .Values.backend.service.type }} + {{- if (or (eq .Values.backend.service.type "LoadBalancer") (eq .Values.backend.service.type "NodePort")) }} + externalTrafficPolicy: {{ .Values.backend.service.externalTrafficPolicy | quote }} {{- end }} - {{- if (and (eq .Values.adminBackend.service.type "LoadBalancer") (not (empty .Values.adminBackend.service.loadBalancerIP))) }} - loadBalancerIP: {{ .Values.adminBackend.service.loadBalancerIP }} + {{- if (and (eq .Values.backend.service.type "LoadBalancer") (not (empty .Values.backend.service.loadBalancerIP))) }} + loadBalancerIP: {{ .Values.backend.service.loadBalancerIP }} {{- end }} - {{- if (and (eq .Values.adminBackend.service.type "LoadBalancer") .Values.adminBackend.service.loadBalancerSourceRanges) }} + {{- if (and (eq .Values.backend.service.type "LoadBalancer") .Values.backend.service.loadBalancerSourceRanges) }} loadBalancerSourceRanges: - {{ toYaml .Values.adminBackend.service.loadBalancerSourceRanges | nindent 4 }} + {{ toYaml .Values.backend.service.loadBalancerSourceRanges | nindent 4 }} {{- end }} ports: - name: http - port: {{ .Values.adminBackend.service.port }} + port: {{ .Values.backend.service.port }} targetPort: backend-http - {{- if (and (or (eq .Values.adminBackend.service.type "NodePort") (eq .Values.adminBackend.service.type "LoadBalancer")) (not (empty .Values.adminBackend.service.nodePorts.http))) }} - nodePort: {{ .Values.adminBackend.service.nodePorts.http }} - {{- else if eq .Values.adminBackend.service.type "ClusterIP" }} + {{- if (and (or (eq .Values.backend.service.type "NodePort") (eq .Values.backend.service.type "LoadBalancer")) (not (empty .Values.backend.service.nodePorts.http))) }} + nodePort: {{ .Values.backend.service.nodePorts.http }} + {{- else if eq .Values.backend.service.type "ClusterIP" }} nodePort: null {{- end }} - {{- if .Values.adminBackend.service.extraPorts }} - {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.service.extraPorts "context" $) | nindent 4 }} + {{- if .Values.backend.service.extraPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.backend.service.extraPorts "context" $) | nindent 4 }} {{- end }} selector: {{- include "common.labels.matchLabels" . | nindent 4 }} diff --git a/deployment/helmchart/templates/configmaps.yaml b/deployment/helmchart/templates/configmaps.yaml index ff3878c..e056e32 100644 --- a/deployment/helmchart/templates/configmaps.yaml +++ b/deployment/helmchart/templates/configmaps.yaml @@ -10,21 +10,24 @@ metadata: annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} data: - # ADMIN_FRONTEND_HOST: "{{ include "adminFrontend.host" . }}" - # ADMIN_BACKEND_HOST: "{{ include "adminBackend.host" . }}" + SECRET_KEY: {{ .Values.backend.secretKey }} + FLASK_APP: app.py + FLASK_ENV: {{ .Values.backend.flaskEnv }} + # ADMIN_FRONTEND_HOST: "{{ include "frontend.host" . }}" + # ADMIN_BACKEND_HOST: "{{ include "backend.host" . }}" # Probably needed in the future: - # ADMIN_BACKEND_USERNAME: {{ .Values.adminBackend.username | quote }} - # ADMIN_BACKEND_EMAIL: {{ .Values.adminBackend.email | quote }} - # {{- if .Values.adminBackend.smtp.enabled }} - # ADMIN_BACKEND_SMTP_HOST: {{ .Values.adminBackend.smtp.host | quote }} - # ADMIN_BACKEND_SMTP_PORT: {{ .Values.adminBackend.smtp.port | quote }} - # {{- if .Values.adminBackend.smtp.user }} - # ADMIN_BACKEND_SMTP_USER: {{ .Values.adminBackend.smtp.user | quote }} + # ADMIN_BACKEND_USERNAME: {{ .Values.backend.username | quote }} + # ADMIN_BACKEND_EMAIL: {{ .Values.backend.email | quote }} + # {{- if .Values.backend.smtp.enabled }} + # ADMIN_BACKEND_SMTP_HOST: {{ .Values.backend.smtp.host | quote }} + # ADMIN_BACKEND_SMTP_PORT: {{ .Values.backend.smtp.port | quote }} + # {{- if .Values.backend.smtp.user }} + # ADMIN_BACKEND_SMTP_USER: {{ .Values.backend.smtp.user | quote }} # {{- end }} - # {{- if .Values.adminBackend.smtp.protocol }} - # ADMIN_BACKEND_SMTP_PROTOCOL: {{ .Values.adminBackend.smtp.protocol | quote }} + # {{- if .Values.backend.smtp.protocol }} + # ADMIN_BACKEND_SMTP_PROTOCOL: {{ .Values.backend.smtp.protocol | quote }} # {{- end }} - # {{- if .Values.adminBackend.smtp.auth }} - # ADMIN_BACKEND_SMTP_AUTH: {{ .Values.adminBackend.smtp.auth | quote }} + # {{- if .Values.backend.smtp.auth }} + # ADMIN_BACKEND_SMTP_AUTH: {{ .Values.backend.smtp.auth | quote }} # {{- end }} # {{- end }} diff --git a/deployment/helmchart/templates/deployment.yaml b/deployment/helmchart/templates/deployment.yaml index 8383ead..bb8ab94 100644 --- a/deployment/helmchart/templates/deployment.yaml +++ b/deployment/helmchart/templates/deployment.yaml @@ -1,10 +1,10 @@ -{{- if include "adminFrontend.host" . -}} +{{- if include "frontend.host" . -}} apiVersion: {{ template "common.capabilities.deployment.apiVersion" . }} kind: Deployment metadata: name: {{ template "common.names.fullname" . }} labels: {{- include "common.labels.standard" . | nindent 4 }} - component: adminPanel + component: dashboard {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} @@ -15,14 +15,14 @@ spec: replicas: {{ .Values.replicaCount }} selector: matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }} - component: adminPanel + component: dashboard {{- if .Values.updateStrategy }} strategy: {{- toYaml .Values.updateStrategy | nindent 4 }} {{- end }} template: metadata: labels: {{- include "common.labels.standard" . | nindent 8 }} - component: adminPanel + component: dashboard {{- if .Values.podLabels }} {{- include "common.tplvalues.render" (dict "value" .Values.podLabels "context" $) | nindent 8 }} {{- end }} @@ -30,7 +30,7 @@ spec: annotations: {{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }} {{- end }} spec: - {{- include "adminPanel.imagePullSecrets" . | nindent 6 }} + {{- include "dashboard.imagePullSecrets" . | nindent 6 }} {{- if .Values.hostAliases }} hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }} {{- end }} @@ -48,148 +48,148 @@ spec: {{- if .Values.tolerations }} tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" $) | nindent 8 }} {{- end }} - serviceAccountName: {{ include "adminPanel.serviceAccountName" . }} + serviceAccountName: {{ include "dashboard.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} initContainers: {{- if .Values.initContainers }} {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }} {{- end }} containers: - - name: admin-frontend - securityContext: {{- toYaml .Values.adminFrontend.containerSecurityContext | nindent 12 }} - image: {{ template "adminFrontend.image" . }} + - name: frontend + securityContext: {{- toYaml .Values.frontend.containerSecurityContext | nindent 12 }} + image: {{ template "frontend.image" . }} imagePullPolicy: {{ .Values.image.pullPolicy | quote }} - {{- if .Values.adminFrontend.command }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.command "context" $) | nindent 12 }} + {{- if .Values.frontend.command }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.frontend.command "context" $) | nindent 12 }} {{- end }} - {{- if .Values.adminFrontend.args }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.args "context" $) | nindent 12 }} + {{- if .Values.frontend.args }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.frontend.args "context" $) | nindent 12 }} {{- end }} env: - {{- if .Values.adminFrontend.extraEnvVars }} - {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.extraEnvVars "context" $) | nindent 12 }} + {{- if .Values.frontend.extraEnvVars }} + {{- include "common.tplvalues.render" (dict "value" .Values.frontend.extraEnvVars "context" $) | nindent 12 }} {{- end }} envFrom: - configMapRef: name: {{ include "common.names.fullname" . }} - {{- if .Values.adminFrontend.extraEnvVarsCM }} + {{- if .Values.frontend.extraEnvVarsCM }} - configMapRef: - name: {{ .Values.adminFrontend.extraEnvVarsCM }} + name: {{ .Values.frontend.extraEnvVarsCM }} {{- end }} - {{- if .Values.adminFrontend.extraEnvVarsSecret }} + {{- if .Values.frontend.extraEnvVarsSecret }} - secretRef: - name: {{ .Values.adminFrontend.extraEnvVarsSecret }} + name: {{ .Values.frontend.extraEnvVarsSecret }} {{- end }} ports: - name: frontend-http containerPort: 80 protocol: TCP - {{- if .Values.adminFrontend.livenessProbe.enabled }} + {{- if .Values.frontend.livenessProbe.enabled }} livenessProbe: httpGet: path: / port: frontend-http - initialDelaySeconds: {{ .Values.adminFrontend.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.adminFrontend.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.adminFrontend.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.adminFrontend.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.adminFrontend.livenessProbe.failureThreshold }} - {{- else if .Values.adminFrontend.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.customLivenessProbe "context" $) | nindent 12 }} + initialDelaySeconds: {{ .Values.frontend.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.frontend.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.frontend.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.frontend.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.frontend.livenessProbe.failureThreshold }} + {{- else if .Values.frontend.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.frontend.customLivenessProbe "context" $) | nindent 12 }} {{- end }} - {{- if .Values.adminFrontend.readinessProbe.enabled }} + {{- if .Values.frontend.readinessProbe.enabled }} readinessProbe: httpGet: path: / port: frontend-http - initialDelaySeconds: {{ .Values.adminFrontend.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.adminFrontend.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.adminFrontend.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.adminFrontend.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.adminFrontend.readinessProbe.failureThreshold }} - {{- else if .Values.adminFrontend.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.customReadinessProbe "context" $) | nindent 12 }} + initialDelaySeconds: {{ .Values.frontend.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.frontend.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.frontend.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.frontend.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.frontend.readinessProbe.failureThreshold }} + {{- else if .Values.frontend.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.frontend.customReadinessProbe "context" $) | nindent 12 }} {{- end }} volumeMounts: - {{- if .Values.adminFrontend.extraVolumeMounts }} - {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.extraVolumeMounts "context" $) | nindent 12 }} + {{- if .Values.frontend.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.frontend.extraVolumeMounts "context" $) | nindent 12 }} {{- end }} - {{- if .Values.adminFrontend.resources }} - resources: {{- toYaml .Values.adminFrontend.resources | nindent 12 }} + {{- if .Values.frontend.resources }} + resources: {{- toYaml .Values.frontend.resources | nindent 12 }} {{- end }} - - name: admin-backend - securityContext: {{- toYaml .Values.adminBackend.containerSecurityContext | nindent 12 }} - image: {{ template "adminBackend.image" . }} + - name: backend + securityContext: {{- toYaml .Values.backend.containerSecurityContext | nindent 12 }} + image: {{ template "backend.image" . }} imagePullPolicy: {{ .Values.image.pullPolicy | quote }} - {{- if .Values.adminBackend.command }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.command "context" $) | nindent 12 }} + {{- if .Values.backend.command }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.backend.command "context" $) | nindent 12 }} {{- end }} - {{- if .Values.adminBackend.args }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.args "context" $) | nindent 12 }} + {{- if .Values.backend.args }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.backend.args "context" $) | nindent 12 }} {{- end }} env: - name: ADMIN_PANEL_PASSWORD valueFrom: secretKeyRef: - name: {{ include "adminBackend.secretName" . }} - key: adminBackend-password - {{- if (include "adminBackend.smtp.password.enabled" .) }} + name: {{ include "backend.secretName" . }} + key: backend-password + {{- if (include "backend.smtp.password.enabled" .) }} - name: ADMIN_PANEL_SMTP_PASSWORD valueFrom: secretKeyRef: - name: {{ include "adminBackend.smtp.secretName" . }} + name: {{ include "backend.smtp.secretName" . }} key: smtp-password {{- end }} - {{- if .Values.adminBackend.extraEnvVars }} - {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.extraEnvVars "context" $) | nindent 12 }} + {{- if .Values.backend.extraEnvVars }} + {{- include "common.tplvalues.render" (dict "value" .Values.backend.extraEnvVars "context" $) | nindent 12 }} {{- end }} envFrom: - configMapRef: name: {{ include "common.names.fullname" . }} - {{- if .Values.adminBackend.extraEnvVarsCM }} + {{- if .Values.backend.extraEnvVarsCM }} - configMapRef: - name: {{ .Values.adminBackend.extraEnvVarsCM }} + name: {{ .Values.backend.extraEnvVarsCM }} {{- end }} - {{- if .Values.adminBackend.extraEnvVarsSecret }} + {{- if .Values.backend.extraEnvVarsSecret }} - secretRef: - name: {{ .Values.adminBackend.extraEnvVarsSecret }} + name: {{ .Values.backend.extraEnvVarsSecret }} {{- end }} ports: - name: backend-http containerPort: 5000 protocol: TCP - {{- if .Values.adminBackend.livenessProbe.enabled }} + {{- if .Values.backend.livenessProbe.enabled }} livenessProbe: httpGet: path: / port: backend-http - initialDelaySeconds: {{ .Values.adminBackend.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.adminBackend.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.adminBackend.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.adminBackend.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.adminBackend.livenessProbe.failureThreshold }} - {{- else if .Values.adminBackend.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.customLivenessProbe "context" $) | nindent 12 }} + initialDelaySeconds: {{ .Values.backend.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.backend.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.backend.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.backend.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.backend.livenessProbe.failureThreshold }} + {{- else if .Values.backend.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.backend.customLivenessProbe "context" $) | nindent 12 }} {{- end }} - {{- if .Values.adminBackend.readinessProbe.enabled }} + {{- if .Values.backend.readinessProbe.enabled }} readinessProbe: httpGet: path: / port: backend-http - initialDelaySeconds: {{ .Values.adminBackend.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.adminBackend.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.adminBackend.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.adminBackend.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.adminBackend.readinessProbe.failureThreshold }} - {{- else if .Values.adminBackend.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.customReadinessProbe "context" $) | nindent 12 }} + initialDelaySeconds: {{ .Values.backend.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.backend.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.backend.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.backend.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.backend.readinessProbe.failureThreshold }} + {{- else if .Values.backend.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.backend.customReadinessProbe "context" $) | nindent 12 }} {{- end }} volumeMounts: - {{- if .Values.adminBackend.extraVolumeMounts }} - {{- include "common.tplvalues.render" (dict "value" .Values.adminBackend.extraVolumeMounts "context" $) | nindent 12 }} + {{- if .Values.backend.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.backend.extraVolumeMounts "context" $) | nindent 12 }} {{- end }} - {{- if .Values.adminBackend.resources }} - resources: {{- toYaml .Values.adminBackend.resources | nindent 12 }} + {{- if .Values.backend.resources }} + resources: {{- toYaml .Values.backend.resources | nindent 12 }} {{- end }} {{- if .Values.sidecars }} {{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }} diff --git a/deployment/helmchart/templates/frontend-service.yaml b/deployment/helmchart/templates/frontend-service.yaml index cbf69c5..35d5860 100644 --- a/deployment/helmchart/templates/frontend-service.yaml +++ b/deployment/helmchart/templates/frontend-service.yaml @@ -1,42 +1,42 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "adminFrontend.serviceName" . }} + name: {{ include "frontend.serviceName" . }} labels: {{- include "common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} - {{- if or .Values.adminFrontend.service.annotations .Values.commonAnnotations}} + {{- if or .Values.frontend.service.annotations .Values.commonAnnotations}} annotations: - {{- if .Values.adminFrontend.service.annotations }} - {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.service.annotations "context" $) | nindent 4 }} + {{- if .Values.frontend.service.annotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.frontend.service.annotations "context" $) | nindent 4 }} {{- end }} {{- if .Values.commonAnnotations }} {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }} {{- end }} {{- end }} spec: - type: {{ .Values.adminFrontend.service.type }} - {{- if (or (eq .Values.adminFrontend.service.type "LoadBalancer") (eq .Values.adminFrontend.service.type "NodePort")) }} - externalTrafficPolicy: {{ .Values.adminFrontend.service.externalTrafficPolicy | quote }} + type: {{ .Values.frontend.service.type }} + {{- if (or (eq .Values.frontend.service.type "LoadBalancer") (eq .Values.frontend.service.type "NodePort")) }} + externalTrafficPolicy: {{ .Values.frontend.service.externalTrafficPolicy | quote }} {{- end }} - {{- if (and (eq .Values.adminFrontend.service.type "LoadBalancer") (not (empty .Values.adminFrontend.service.loadBalancerIP))) }} - loadBalancerIP: {{ .Values.adminFrontend.service.loadBalancerIP }} + {{- if (and (eq .Values.frontend.service.type "LoadBalancer") (not (empty .Values.frontend.service.loadBalancerIP))) }} + loadBalancerIP: {{ .Values.frontend.service.loadBalancerIP }} {{- end }} - {{- if (and (eq .Values.adminFrontend.service.type "LoadBalancer") .Values.adminFrontend.service.loadBalancerSourceRanges) }} + {{- if (and (eq .Values.frontend.service.type "LoadBalancer") .Values.frontend.service.loadBalancerSourceRanges) }} loadBalancerSourceRanges: - {{ toYaml .Values.adminFrontend.service.loadBalancerSourceRanges | nindent 4 }} + {{ toYaml .Values.frontend.service.loadBalancerSourceRanges | nindent 4 }} {{- end }} ports: - name: http - port: {{ .Values.adminFrontend.service.port }} + port: {{ .Values.frontend.service.port }} targetPort: frontend-http - {{- if (and (or (eq .Values.adminFrontend.service.type "NodePort") (eq .Values.adminFrontend.service.type "LoadBalancer")) (not (empty .Values.adminFrontend.service.nodePorts.http))) }} - nodePort: {{ .Values.adminFrontend.service.nodePorts.http }} - {{- else if eq .Values.adminFrontend.service.type "ClusterIP" }} + {{- if (and (or (eq .Values.frontend.service.type "NodePort") (eq .Values.frontend.service.type "LoadBalancer")) (not (empty .Values.frontend.service.nodePorts.http))) }} + nodePort: {{ .Values.frontend.service.nodePorts.http }} + {{- else if eq .Values.frontend.service.type "ClusterIP" }} nodePort: null {{- end }} - {{- if .Values.adminFrontend.service.extraPorts }} - {{- include "common.tplvalues.render" (dict "value" .Values.adminFrontend.service.extraPorts "context" $) | nindent 4 }} + {{- if .Values.frontend.service.extraPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.frontend.service.extraPorts "context" $) | nindent 4 }} {{- end }} selector: {{- include "common.labels.matchLabels" . | nindent 4 }} diff --git a/deployment/helmchart/templates/ingress.yaml b/deployment/helmchart/templates/ingress.yaml index e200ea1..d5e957c 100644 --- a/deployment/helmchart/templates/ingress.yaml +++ b/deployment/helmchart/templates/ingress.yaml @@ -40,13 +40,13 @@ spec: {{- if eq "true" (include "common.ingress.supportsPathType" .) }} pathType: {{ .Values.ingress.pathType }} {{- end }} - backend: {{- include "common.ingress.backend" (dict "serviceName" (include "adminFrontend.serviceName" .) "servicePort" "frontend-http" "context" $) | nindent 14 }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "frontend.serviceName" .) "servicePort" "frontend-http" "context" $) | nindent 14 }} # Forward API calls to the back-end container - path: {{ .Values.ingress.path }}api/v1 {{- if eq "true" (include "common.ingress.supportsPathType" .) }} pathType: {{ .Values.ingress.pathType }} {{- end }} - backend: {{- include "common.ingress.backend" (dict "serviceName" (include "adminBackend.serviceName" .) "servicePort" "backend-http" "context" $) | nindent 14 }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "backend.serviceName" .) "servicePort" "backend-http" "context" $) | nindent 14 }} {{- end }} {{- range .Values.ingress.extraHosts }} - host: {{ .name }} @@ -56,11 +56,11 @@ spec: {{- if eq "true" (include "common.ingress.supportsPathType" $) }} pathType: {{ default "ImplementationSpecific" .pathType }} {{- end }} - backend: {{- include "common.ingress.backend" (dict "serviceName" (include "adminFrontend.serviceName" $) "servicePort" "frontend-http" "context" $) | nindent 14 }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "frontend.serviceName" $) "servicePort" "frontend-http" "context" $) | nindent 14 }} - path: {{ default "/" .path }}api/v1 {{- if eq "true" (include "common.ingress.supportsPathType" $) }} pathType: {{ default "ImplementationSpecific" .pathType }} {{- end }} - backend: {{- include "common.ingress.backend" (dict "serviceName" (include "adminBackend.serviceName" .) "servicePort" "backend-http" "context" $) | nindent 14 }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "backend.serviceName" .) "servicePort" "backend-http" "context" $) | nindent 14 }} {{- end }} {{- end }} diff --git a/deployment/helmchart/templates/pvc.yaml b/deployment/helmchart/templates/pvc.yaml index eced3e8..2fc1a39 100644 --- a/deployment/helmchart/templates/pvc.yaml +++ b/deployment/helmchart/templates/pvc.yaml @@ -1,5 +1,5 @@ -# Disabled by default because the current admin panel does not need persistence -{{- if and (include "adminFrontend.host" .) .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +# Disabled by default because the current dashboard does not need persistence +{{- if and (include "frontend.host" .) .Values.persistence.enabled (not .Values.persistence.existingClaim) }} kind: PersistentVolumeClaim apiVersion: v1 metadata: @@ -17,7 +17,7 @@ spec: resources: requests: storage: {{ .Values.persistence.size | quote }} - {{ include "adminPanel.storageClass" . }} + {{ include "dashboard.storageClass" . }} {{- if .Values.persistence.selector }} selector: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.selector "context" $) | nindent 4 }} {{- end -}} diff --git a/deployment/helmchart/templates/secrets-admin-panel.yaml b/deployment/helmchart/templates/secrets-admin-panel.yaml index 9955232..969b210 100644 --- a/deployment/helmchart/templates/secrets-admin-panel.yaml +++ b/deployment/helmchart/templates/secrets-admin-panel.yaml @@ -1,8 +1,8 @@ -{{- if (include "adminBackend.createSecret" .) }} +{{- if (include "backend.createSecret" .) }} apiVersion: v1 kind: Secret metadata: - name: {{ include "adminBackend.secretName" . }} + name: {{ include "backend.secretName" . }} labels: {{- include "common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} @@ -12,12 +12,12 @@ metadata: {{- end }} type: Opaque data: - {{- if and (.Values.adminBackend.password) (not .Values.adminBackend.existingSecret) }} - adminBackend-password: {{ .Values.adminBackend.password | b64enc | quote }} - {{- else if not .Values.adminBackend.existingSecret }} - adminBackend-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- if and (.Values.backend.password) (not .Values.backend.existingSecret) }} + backend-password: {{ .Values.backend.password | b64enc | quote }} + {{- else if not .Values.backend.existingSecret }} + backend-password: {{ randAlphaNum 10 | b64enc | quote }} {{- end }} - {{- if and (.Values.adminBackend.smtp.password) (.Values.adminBackend.smtp.enabled) (not .Values.adminBackend.smtp.existingSecret) }} - smtp-password: {{ .Values.adminBackend.smtp.password | b64enc | quote }} + {{- if and (.Values.backend.smtp.password) (.Values.backend.smtp.enabled) (not .Values.backend.smtp.existingSecret) }} + smtp-password: {{ .Values.backend.smtp.password | b64enc | quote }} {{- end }} {{- end }} diff --git a/deployment/helmchart/templates/serviceaccount.yaml b/deployment/helmchart/templates/serviceaccount.yaml index ae11495..3efda4e 100644 --- a/deployment/helmchart/templates/serviceaccount.yaml +++ b/deployment/helmchart/templates/serviceaccount.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ include "adminPanel.serviceAccountName" . }} + name: {{ include "dashboard.serviceAccountName" . }} labels: {{- include "common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} diff --git a/deployment/helmchart/values-local.yaml b/deployment/helmchart/values-local.yaml index a33145a..d9d12f6 100644 --- a/deployment/helmchart/values-local.yaml +++ b/deployment/helmchart/values-local.yaml @@ -1,4 +1,4 @@ -adminFrontend: +frontend: host: dashboard.oas-test2.maartendewaard.nl livenessProbe: enabled: false @@ -7,7 +7,8 @@ adminFrontend: image: tag: 2-add-helm-chart -adminBackend: +backend: + secretKey: tnsreaiotnau48pl329aftnreisaed livenessProbe: enabled: false readinessProbe: diff --git a/deployment/helmchart/values.yaml b/deployment/helmchart/values.yaml index f63b3e9..9f8334d 100644 --- a/deployment/helmchart/values.yaml +++ b/deployment/helmchart/values.yaml @@ -21,10 +21,10 @@ global: ## @param kubeVersion Force target Kubernetes version (using Helm capabilities if not set) ## kubeVersion: "" -## @param nameOverride String to partially override adminPanel.fullname template (will maintain the release name) +## @param nameOverride String to partially override dashboard.fullname template (will maintain the release name) ## nameOverride: "" -## @param fullnameOverride String to fully override adminPanel.fullname template +## @param fullnameOverride String to fully override dashboard.fullname template ## fullnameOverride: "" ## @param commonLabels Labels to be added to all deployed resources @@ -44,11 +44,11 @@ image: imagePullSecrets: [] ## Admin frontend configuration parameters -## ref: https://open.greenhost.net/openappstack/admin-frontend +## ref: https://open.greenhost.net/openappstack/dashboard-frontend ## -adminFrontend: +frontend: ## Admin frontend image version - ## ref: https://hub.docker.com/r/bitnami/adminFrontend/tags/ + ## ref: https://hub.docker.com/r/bitnami/frontend/tags/ ## @param image.registry Discourse image registry ## @param image.repository Discourse image repository ## @param image.tag Discourse image tag @@ -111,18 +111,18 @@ adminFrontend: ## nodePorts: http: "" - ## @param adminFrontend.extendEslint Whether to read .eslint.json rules + ## @param frontend.extendEslint Whether to read .eslint.json rules extendEslint: false - ## @param adminFrontend.host Discourse host to create application URLs (include the port if =/= 80) + ## @param frontend.host Discourse host to create application URLs (include the port if =/= 80) ## host: "" - ## @param adminFrontend.command Custom command to override image cmd + ## @param frontend.command Custom command to override image cmd ## command: [] - ## @param adminFrontend.args Custom args for the custom command + ## @param frontend.args Custom args for the custom command ## args: [] - ## @param adminFrontend.containerSecurityContext Container security context specification + ## @param frontend.containerSecurityContext Container security context specification ## Example: ## capabilities: ## drop: @@ -138,8 +138,8 @@ adminFrontend: ## choice for the user. This also increases chances charts run on environments with little ## resources, such as Minikube. If you do want to specify resources, uncomment the following ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. - ## @param adminFrontend.resources.limits The resources limits for the container - ## @param adminFrontend.resources.requests The requested resources for the container + ## @param frontend.resources.limits The resources limits for the container + ## @param frontend.resources.requests The requested resources for the container ## resources: ## Example: @@ -156,12 +156,12 @@ adminFrontend: ## WARNING: Discourse installation process may take up some time and ## setting inappropriate values here may lead to pods failure. ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes - ## @param adminFrontend.livenessProbe.enabled Enable/disable livenessProbe - ## @param adminFrontend.livenessProbe.initialDelaySeconds Delay before liveness probe is initiated - ## @param adminFrontend.livenessProbe.periodSeconds How often to perform the probe - ## @param adminFrontend.livenessProbe.timeoutSeconds When the probe times out - ## @param adminFrontend.livenessProbe.failureThreshold Minimum consecutive failures for the probe - ## @param adminFrontend.livenessProbe.successThreshold Minimum consecutive successes for the probe + ## @param frontend.livenessProbe.enabled Enable/disable livenessProbe + ## @param frontend.livenessProbe.initialDelaySeconds Delay before liveness probe is initiated + ## @param frontend.livenessProbe.periodSeconds How often to perform the probe + ## @param frontend.livenessProbe.timeoutSeconds When the probe times out + ## @param frontend.livenessProbe.failureThreshold Minimum consecutive failures for the probe + ## @param frontend.livenessProbe.successThreshold Minimum consecutive successes for the probe ## livenessProbe: enabled: true @@ -174,12 +174,12 @@ adminFrontend: ## WARNING: Discourse installation process may take up some time and ## setting inappropriate values here may lead to pods failure. ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes - ## @param adminFrontend.readinessProbe.enabled Enable/disable readinessProbe - ## @param adminFrontend.readinessProbe.initialDelaySeconds Delay before readiness probe is initiated - ## @param adminFrontend.readinessProbe.periodSeconds How often to perform the probe - ## @param adminFrontend.readinessProbe.timeoutSeconds When the probe times out - ## @param adminFrontend.readinessProbe.failureThreshold Minimum consecutive failures for the probe - ## @param adminFrontend.readinessProbe.successThreshold Minimum consecutive successes for the probe + ## @param frontend.readinessProbe.enabled Enable/disable readinessProbe + ## @param frontend.readinessProbe.initialDelaySeconds Delay before readiness probe is initiated + ## @param frontend.readinessProbe.periodSeconds How often to perform the probe + ## @param frontend.readinessProbe.timeoutSeconds When the probe times out + ## @param frontend.readinessProbe.failureThreshold Minimum consecutive failures for the probe + ## @param frontend.readinessProbe.successThreshold Minimum consecutive successes for the probe ## readinessProbe: enabled: true @@ -188,27 +188,27 @@ adminFrontend: timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 - ## @param adminFrontend.customLivenessProbe Custom liveness probe to execute (when the main one is disabled) + ## @param frontend.customLivenessProbe Custom liveness probe to execute (when the main one is disabled) ## customLivenessProbe: {} - ## @param adminFrontend.customReadinessProbe Custom readiness probe to execute (when the main one is disabled) + ## @param frontend.customReadinessProbe Custom readiness probe to execute (when the main one is disabled) ## customReadinessProbe: {} - ## @param adminFrontend.extraEnvVars An array to add extra env vars + ## @param frontend.extraEnvVars An array to add extra env vars ## For example: ## extraEnvVars: - ## adminFrontend: + ## frontend: ## - name: ADMIN_PANEL_ELASTICSEARCH_URL ## value: test ## extraEnvVars: [] - ## @param adminFrontend.extraEnvVarsCM Array to add extra configmaps + ## @param frontend.extraEnvVarsCM Array to add extra configmaps ## extraEnvVarsCM: [] - ## @param adminFrontend.extraEnvVarsSecret Array to add extra environment variables from a secret + ## @param frontend.extraEnvVarsSecret Array to add extra environment variables from a secret ## extraEnvVarsSecret: "" - ## @param adminFrontend.extraVolumeMounts Additional volume mounts (used along with `extraVolumes`) + ## @param frontend.extraVolumeMounts Additional volume mounts (used along with `extraVolumes`) ## Example: Mount CA file ## extraVolumeMounts ## - name: ca-cert @@ -216,12 +216,12 @@ adminFrontend: ## mountPath: /path/to/ca_cert ## extraVolumeMounts: [] -## Admin frontend configuration parameters -## ref: https://open.greenhost.net/openappstack/admin-frontend +## Admin backend configuration parameters +## ref: https://open.greenhost.net/openappstack/dashboard-backend ## -adminBackend: +backend: ## Admin frontend image version - ## ref: https://hub.docker.com/r/bitnami/adminFrontend/tags/ + ## ref: https://hub.docker.com/r/bitnami/frontend/tags/ ## @param image.registry Discourse image registry ## @param image.repository Discourse image repository ## @param image.tag Discourse image tag @@ -285,36 +285,36 @@ adminBackend: http: "" - ## @param adminBackend.reactAppApiUrl URL to the admin-backend API + ## @param backend.reactAppApiUrl URL to the dashboard-backend API apiUrl: "/api/v1" ## Variables for future use {{{ - ## @param adminBackend.username Admin user of the application + ## @param backend.username Admin user of the application ## username: user - ## @param adminBackend.password password. WARNING: Minimum length of 10 characters + ## @param backend.password password. WARNING: Minimum length of 10 characters ## Defaults to a random 10-character alphanumeric string if not set ## password: "" - ## @param adminBackend.existingSecret Name of an existing secret containing the password (ignores previous password) + ## @param backend.existingSecret Name of an existing secret containing the password (ignores previous password) ## The secret should contain the following key: - ## adminBackend-password + ## backend-password ## existingSecret: "" - ## @param adminBackend.email Admin user email of the application + ## @param backend.email Admin user email of the application ## email: user@example.com ## Admin panel SMTP settings - ## @param adminBackend.smtp.enabled Enable/disable SMTP - ## @param adminBackend.smtp.host SMTP host name - ## @param adminBackend.smtp.port SMTP port number - ## @param adminBackend.smtp.user SMTP account user name - ## @param adminBackend.smtp.password SMTP account password - ## @param adminBackend.smtp.protocol SMTP protocol (Allowed values: tls, ssl) - ## @param adminBackend.smtp.auth SMTP authentication method - ## @param adminBackend.smtp.existingSecret Name of an existing Kubernetes secret. The secret must have the following key configured: `smtp-password` + ## @param backend.smtp.enabled Enable/disable SMTP + ## @param backend.smtp.host SMTP host name + ## @param backend.smtp.port SMTP port number + ## @param backend.smtp.user SMTP account user name + ## @param backend.smtp.password SMTP account password + ## @param backend.smtp.protocol SMTP protocol (Allowed values: tls, ssl) + ## @param backend.smtp.auth SMTP authentication method + ## @param backend.smtp.existingSecret Name of an existing Kubernetes secret. The secret must have the following key configured: `smtp-password` ## smtp: enabled: false @@ -328,13 +328,19 @@ adminBackend: ## End variables for future use }}} - ## @param adminBackend.command Custom command to override image cmd + ## @param backend.flaskEnv Overridable flask env for debugging + flaskEnv: production + + ## @param backend.secretKey Flask secret for generating JWT tokens + # secretKey: OVERRIDE_ME + + ## @param backend.command Custom command to override image cmd ## command: [] - ## @param adminBackend.args Custom args for the custom command + ## @param backend.args Custom args for the custom command ## args: [] - ## @param adminBackend.containerSecurityContext Container security context specification + ## @param backend.containerSecurityContext Container security context specification ## Example: ## capabilities: ## drop: @@ -350,8 +356,8 @@ adminBackend: ## choice for the user. This also increases chances charts run on environments with little ## resources, such as Minikube. If you do want to specify resources, uncomment the following ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. - ## @param adminBackend.resources.limits The resources limits for the container - ## @param adminBackend.resources.requests The requested resources for the container + ## @param backend.resources.limits The resources limits for the container + ## @param backend.resources.requests The requested resources for the container ## resources: ## Example: @@ -368,12 +374,12 @@ adminBackend: ## WARNING: Discourse installation process may take up some time and ## setting inappropriate values here may lead to pods failure. ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes - ## @param adminBackend.livenessProbe.enabled Enable/disable livenessProbe - ## @param adminBackend.livenessProbe.initialDelaySeconds Delay before liveness probe is initiated - ## @param adminBackend.livenessProbe.periodSeconds How often to perform the probe - ## @param adminBackend.livenessProbe.timeoutSeconds When the probe times out - ## @param adminBackend.livenessProbe.failureThreshold Minimum consecutive failures for the probe - ## @param adminBackend.livenessProbe.successThreshold Minimum consecutive successes for the probe + ## @param backend.livenessProbe.enabled Enable/disable livenessProbe + ## @param backend.livenessProbe.initialDelaySeconds Delay before liveness probe is initiated + ## @param backend.livenessProbe.periodSeconds How often to perform the probe + ## @param backend.livenessProbe.timeoutSeconds When the probe times out + ## @param backend.livenessProbe.failureThreshold Minimum consecutive failures for the probe + ## @param backend.livenessProbe.successThreshold Minimum consecutive successes for the probe ## livenessProbe: enabled: true @@ -386,12 +392,12 @@ adminBackend: ## WARNING: Discourse installation process may take up some time and ## setting inappropriate values here may lead to pods failure. ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes - ## @param adminBackend.readinessProbe.enabled Enable/disable readinessProbe - ## @param adminBackend.readinessProbe.initialDelaySeconds Delay before readiness probe is initiated - ## @param adminBackend.readinessProbe.periodSeconds How often to perform the probe - ## @param adminBackend.readinessProbe.timeoutSeconds When the probe times out - ## @param adminBackend.readinessProbe.failureThreshold Minimum consecutive failures for the probe - ## @param adminBackend.readinessProbe.successThreshold Minimum consecutive successes for the probe + ## @param backend.readinessProbe.enabled Enable/disable readinessProbe + ## @param backend.readinessProbe.initialDelaySeconds Delay before readiness probe is initiated + ## @param backend.readinessProbe.periodSeconds How often to perform the probe + ## @param backend.readinessProbe.timeoutSeconds When the probe times out + ## @param backend.readinessProbe.failureThreshold Minimum consecutive failures for the probe + ## @param backend.readinessProbe.successThreshold Minimum consecutive successes for the probe ## readinessProbe: enabled: true @@ -400,27 +406,27 @@ adminBackend: timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 - ## @param adminBackend.customLivenessProbe Custom liveness probe to execute (when the main one is disabled) + ## @param backend.customLivenessProbe Custom liveness probe to execute (when the main one is disabled) ## customLivenessProbe: {} - ## @param adminBackend.customReadinessProbe Custom readiness probe to execute (when the main one is disabled) + ## @param backend.customReadinessProbe Custom readiness probe to execute (when the main one is disabled) ## customReadinessProbe: {} - ## @param adminBackend.extraEnvVars An array to add extra env vars + ## @param backend.extraEnvVars An array to add extra env vars ## For example: ## extraEnvVars: - ## adminBackend: + ## backend: ## - name: ADMIN_PANEL_ELASTICSEARCH_URL ## value: test ## extraEnvVars: [] - ## @param adminBackend.extraEnvVarsCM Array to add extra configmaps + ## @param backend.extraEnvVarsCM Array to add extra configmaps ## extraEnvVarsCM: [] - ## @param adminBackend.extraEnvVarsSecret Array to add extra environment variables from a secret + ## @param backend.extraEnvVarsSecret Array to add extra environment variables from a secret ## extraEnvVarsSecret: "" - ## @param adminBackend.extraVolumeMounts Additional volume mounts (used along with `extraVolumes`) + ## @param backend.extraVolumeMounts Additional volume mounts (used along with `extraVolumes`) ## Example: Mount CA file ## extraVolumeMounts ## - name: ca-cert @@ -494,7 +500,7 @@ persistence: ## @param persistence.enabled Whether to enable persistence based on Persistent Volume Claims ## enabled: false - ## @param persistence.storageClass adminPanel & sidekiq data Persistent Volume Storage Class + ## @param persistence.storageClass dashboard & sidekiq data Persistent Volume Storage Class ## If defined, storageClassName: ## If set to "-", storageClassName: "", which disables dynamic provisioning ## If undefined (the default) or set to null, no storageClassName spec is @@ -622,7 +628,7 @@ ingress: certManager: false ## @param ingress.hostname Default host for the ingress resource ## - hostname: adminpanel.local + hostname: dashboard.local ## @param ingress.apiVersion Force Ingress API version (automatically detected if not set) ## apiVersion: "" @@ -647,15 +653,15 @@ ingress: ## @param ingress.extraHosts The list of additional hostnames to be covered with this ingress record. ## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array ## extraHosts: - ## - name: adminpanel.local + ## - name: dashboard.local ## path: / extraHosts: [] ## @param ingress.extraTls The tls configuration for additional hostnames to be covered with this ingress record. ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls ## extraTls: ## - hosts: - ## - adminpanel.local - ## secretName: adminpanel.local-tls + ## - dashboard.local + ## secretName: dashboard.local-tls extraTls: [] ## @param ingress.secrets If you're providing your own certificates, please use this to add the certificates as secrets ## key and certificate should start with -----BEGIN CERTIFICATE----- or @@ -667,7 +673,7 @@ ingress: ## It is also possible to create and manage the certificates outside of this helm chart ## Please see README.md for more information ## Example: - ## - name: adminpanel.local-tls + ## - name: dashboard.local-tls ## key: ## certificate: secrets: [] From 8269ab3900ab7ad7dcbcdd49efffafc3d067ad22 Mon Sep 17 00:00:00 2001 From: Maarten de Waard Date: Tue, 5 Oct 2021 16:41:56 +0200 Subject: [PATCH 08/11] move values-local.yaml to values-local.yaml.example and give it exarmple values --- .gitignore | 3 +++ deployment/helmchart/values-local.yaml | 20 ------------------- .../helmchart/values-local.yaml.example | 12 +++++++++++ 3 files changed, 15 insertions(+), 20 deletions(-) delete mode 100644 deployment/helmchart/values-local.yaml create mode 100644 deployment/helmchart/values-local.yaml.example diff --git a/.gitignore b/.gitignore index 59d0f65..0498d9c 100644 --- a/.gitignore +++ b/.gitignore @@ -28,3 +28,6 @@ cypress/videos/ # Helm dependencies deployment/helmchart/charts/ + +# Helm values +deployment/helmchart/values-local.yaml diff --git a/deployment/helmchart/values-local.yaml b/deployment/helmchart/values-local.yaml deleted file mode 100644 index d9d12f6..0000000 --- a/deployment/helmchart/values-local.yaml +++ /dev/null @@ -1,20 +0,0 @@ -frontend: - host: dashboard.oas-test2.maartendewaard.nl - livenessProbe: - enabled: false - readinessProbe: - enabled: false - image: - tag: 2-add-helm-chart - -backend: - secretKey: tnsreaiotnau48pl329aftnreisaed - livenessProbe: - enabled: false - readinessProbe: - enabled: false - -ingress: - enabled: true - certManager: true - hostname: dashboard.oas-test2.maartendewaard.nl diff --git a/deployment/helmchart/values-local.yaml.example b/deployment/helmchart/values-local.yaml.example new file mode 100644 index 0000000..d1e0bb7 --- /dev/null +++ b/deployment/helmchart/values-local.yaml.example @@ -0,0 +1,12 @@ +# Values you're likely to want to override. See values.yaml for their meanings + +frontend: + host: dashboard.oas.example.com + +backend: + secretKey: My random secret key + +ingress: + enabled: true + certManager: true + hostname: dashboard.oas.example.com From 4ca86ee28f1cfe96a7298ec1e5516d96c56b8929 Mon Sep 17 00:00:00 2001 From: Maarten de Waard Date: Tue, 5 Oct 2021 16:49:32 +0200 Subject: [PATCH 09/11] update name and version number in package.json --- deployment/helmchart/Chart.yaml | 2 +- deployment/helmchart/values.yaml | 2 +- package.json | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/deployment/helmchart/Chart.yaml b/deployment/helmchart/Chart.yaml index f444ef0..7d435c5 100644 --- a/deployment/helmchart/Chart.yaml +++ b/deployment/helmchart/Chart.yaml @@ -1,7 +1,7 @@ annotations: category: Dashboard apiVersion: v2 -appVersion: 0.1.0 +appVersion: 0.1.1 dependencies: - name: common repository: https://charts.bitnami.com/bitnami diff --git a/deployment/helmchart/values.yaml b/deployment/helmchart/values.yaml index 9f8334d..ea6828a 100644 --- a/deployment/helmchart/values.yaml +++ b/deployment/helmchart/values.yaml @@ -59,7 +59,7 @@ frontend: image: registry: open.greenhost.net:4567 repository: openappstack/admin-frontend/admin-frontend - tag: 0.1.0 + tag: 0.1.1 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images diff --git a/package.json b/package.json index bc82c95..9d03a86 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { - "name": "open-app-stack", - "version": "0.1.0", + "name": "stackspin-dashboard", + "version": "0.1.1", "private": true, "dependencies": { "@craco/craco": "^6.2.0", From 173f2d7bf14229b1b229d69680692e53cf8e5e6b Mon Sep 17 00:00:00 2001 From: Varac Date: Wed, 6 Oct 2021 12:33:05 +0000 Subject: [PATCH 10/11] Apply 3 suggestion(s) to 3 file(s) --- deployment/helmchart/Chart.yaml | 2 +- deployment/helmchart/templates/_helpers.tpl | 2 +- deployment/helmchart/values-local.yaml.example | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/deployment/helmchart/Chart.yaml b/deployment/helmchart/Chart.yaml index 7d435c5..3ffebdf 100644 --- a/deployment/helmchart/Chart.yaml +++ b/deployment/helmchart/Chart.yaml @@ -18,7 +18,7 @@ keywords: maintainers: - email: info@openappstack.net name: Stackspin -name: dashboard +name: stackspin-dashboard sources: - https://open.greenhost.net/openappstack/dashboard-frontend/ - https://open.greenhost.net/openappstack/dashboard-backend/ diff --git a/deployment/helmchart/templates/_helpers.tpl b/deployment/helmchart/templates/_helpers.tpl index 1731d23..06461ec 100644 --- a/deployment/helmchart/templates/_helpers.tpl +++ b/deployment/helmchart/templates/_helpers.tpl @@ -11,7 +11,7 @@ Create the name of the service account to use {{- end -}} {{/* -Return the proper Docker image registry secret names +Return the proper container image registry secret names */}} {{- define "dashboard.imagePullSecrets" -}} {{ include "common.images.pullSecrets" (dict "images" (list .Values.image) "global" .Values.global) }} diff --git a/deployment/helmchart/values-local.yaml.example b/deployment/helmchart/values-local.yaml.example index d1e0bb7..6be3f17 100644 --- a/deployment/helmchart/values-local.yaml.example +++ b/deployment/helmchart/values-local.yaml.example @@ -1,4 +1,4 @@ -# Values you're likely to want to override. See values.yaml for their meanings +# Values you will likely want to override. See values.yaml for their meanings frontend: host: dashboard.oas.example.com From 3b5662a0982c4b2c7da1abc78f3c8a751243b807 Mon Sep 17 00:00:00 2001 From: Maarten de Waard Date: Wed, 6 Oct 2021 14:38:20 +0200 Subject: [PATCH 11/11] process feedback --- .env | 2 - .gitignore | 1 + .gitlab-ci.yml | 4 +- deployment/helmchart/templates/_helpers.tpl | 12 ++--- .../helmchart/templates/configmaps.yaml | 2 - .../helmchart/templates/deployment.yaml | 2 - deployment/helmchart/values.yaml | 54 +++++++++---------- 7 files changed, 36 insertions(+), 41 deletions(-) delete mode 100644 .env diff --git a/.env b/.env deleted file mode 100644 index 1542add..0000000 --- a/.env +++ /dev/null @@ -1,2 +0,0 @@ -REACT_APP_API_URL=/api/v1 -EXTEND_ESLINT=true diff --git a/.gitignore b/.gitignore index 0498d9c..27f16a3 100644 --- a/.gitignore +++ b/.gitignore @@ -13,6 +13,7 @@ # misc .DS_Store +.env .env.local .env.development.local .env.test.local diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 93c1dda..a1ed1b8 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -13,8 +13,8 @@ build-project: script: - echo "Building app" - yarn install - # - echo "REACT_APP_API_URL=https://oas-api.initdevelopment.com/api/v1" > .env - # - echo "EXTEND_ESLINT=true" >> .env + - echo "REACT_APP_API_URL=/api/v1" > .env + - echo "EXTEND_ESLINT=true" >> .env - yarn build - mv build web-build - echo "Build successful" diff --git a/deployment/helmchart/templates/_helpers.tpl b/deployment/helmchart/templates/_helpers.tpl index 06461ec..c05dc41 100644 --- a/deployment/helmchart/templates/_helpers.tpl +++ b/deployment/helmchart/templates/_helpers.tpl @@ -18,7 +18,7 @@ Return the proper container image registry secret names {{- end -}} {{/* -Return true if a secret object for Admin-frontend should be created +Return true if a secret object for backend should be created */}} {{- define "backend.createSecret" -}} {{- if or (not .Values.backend.existingSecret) (and (not .Values.backend.smtp.existingSecret) .Values.backend.smtp.password .Values.backend.smtp.enabled) }} @@ -27,7 +27,7 @@ Return true if a secret object for Admin-frontend should be created {{- end -}} {{/* -Return the Admin-backend secret name +Return the backend secret name */}} {{- define "backend.secretName" -}} {{- if .Values.backend.existingSecret }} @@ -38,7 +38,7 @@ Return the Admin-backend secret name {{- end -}} {{/* -Return the Admin-backend SMTP secret name +Return the backend SMTP secret name */}} {{- define "backend.smtp.secretName" -}} {{- if .Values.backend.smtp.existingSecret }} @@ -49,7 +49,7 @@ Return the Admin-backend SMTP secret name {{- end -}} {{/* -Return true if Admin-backend SMTP uses password authentication +Return true if backend SMTP uses password authentication */}} {{- define "backend.smtp.password.enabled" -}} {{- if and (or .Values.backend.smtp.password .Values.backend.smtp.existingSecret) .Values.backend.smtp.enabled }} @@ -114,13 +114,13 @@ If not using ClusterIP, or if a host or LoadBalancerIP is not defined, the value {{- end -}} {{/* -Return the proper Admin-frontend image name +Return the proper frontend image name */}} {{- define "frontend.image" -}} {{ include "common.images.image" (dict "imageRoot" .Values.frontend.image "global" .Values.global) }} {{- end -}} {{/* -Return the proper Admin-backend image name +Return the proper backend image name */}} {{- define "backend.image" -}} {{ include "common.images.image" (dict "imageRoot" .Values.backend.image "global" .Values.global) }} diff --git a/deployment/helmchart/templates/configmaps.yaml b/deployment/helmchart/templates/configmaps.yaml index e056e32..2fa47b0 100644 --- a/deployment/helmchart/templates/configmaps.yaml +++ b/deployment/helmchart/templates/configmaps.yaml @@ -13,8 +13,6 @@ data: SECRET_KEY: {{ .Values.backend.secretKey }} FLASK_APP: app.py FLASK_ENV: {{ .Values.backend.flaskEnv }} - # ADMIN_FRONTEND_HOST: "{{ include "frontend.host" . }}" - # ADMIN_BACKEND_HOST: "{{ include "backend.host" . }}" # Probably needed in the future: # ADMIN_BACKEND_USERNAME: {{ .Values.backend.username | quote }} # ADMIN_BACKEND_EMAIL: {{ .Values.backend.email | quote }} diff --git a/deployment/helmchart/templates/deployment.yaml b/deployment/helmchart/templates/deployment.yaml index bb8ab94..d630bae 100644 --- a/deployment/helmchart/templates/deployment.yaml +++ b/deployment/helmchart/templates/deployment.yaml @@ -1,4 +1,3 @@ -{{- if include "frontend.host" . -}} apiVersion: {{ template "common.capabilities.deployment.apiVersion" . }} kind: Deployment metadata: @@ -198,4 +197,3 @@ spec: {{- if .Values.extraVolumes }} {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }} {{- end }} -{{- end }} diff --git a/deployment/helmchart/values.yaml b/deployment/helmchart/values.yaml index ea6828a..a9df735 100644 --- a/deployment/helmchart/values.yaml +++ b/deployment/helmchart/values.yaml @@ -1,10 +1,10 @@ ## @section Global parameters -## Global Docker image parameters +## Global container image parameters ## Please, note that this will override the image parameters, including dependencies, configured to use the global value -## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass +## Current available global container image parameters: imageRegistry, imagePullSecrets and storageClass -## @param global.imageRegistry Global Docker image registry -## @param global.imagePullSecrets Global Docker registry secret names as an array +## @param global.imageRegistry Global container image registry +## @param global.imagePullSecrets Global container registry secret names as an array ## @param global.storageClass Global StorageClass for Persistent Volume(s) ## global: @@ -36,7 +36,7 @@ commonAnnotations: {} -## @section Discourse parameters +## @section Stackspin parameters ## @param imagePullSecrets Specify docker-registry secret names as an array ## @@ -49,11 +49,11 @@ image: frontend: ## Admin frontend image version ## ref: https://hub.docker.com/r/bitnami/frontend/tags/ - ## @param image.registry Discourse image registry - ## @param image.repository Discourse image repository - ## @param image.tag Discourse image tag - ## @param image.pullPolicy Discourse image pull policy - ## @param image.pullSecrets Discourse image pull secrets + ## @param image.registry Stackspin image registry + ## @param image.repository Stackspin image repository + ## @param image.tag Stackspin image tag + ## @param image.pullPolicy Stackspin image pull policy + ## @param image.pullSecrets Stackspin image pull secrets ## @param image.debug Specify if debug logs should be enabled ## image: @@ -113,7 +113,7 @@ frontend: http: "" ## @param frontend.extendEslint Whether to read .eslint.json rules extendEslint: false - ## @param frontend.host Discourse host to create application URLs (include the port if =/= 80) + ## @param frontend.host Stackspin host to create application URLs (include the port if =/= 80) ## host: "" ## @param frontend.command Custom command to override image cmd @@ -132,7 +132,7 @@ frontend: ## runAsUser: 1000 ## containerSecurityContext: {} - ## Discourse container's resource requests and limits + ## Stackspin container's resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ ## We usually recommend not to specify default resources and to leave this as a conscious ## choice for the user. This also increases chances charts run on environments with little @@ -152,8 +152,8 @@ frontend: ## cpu: 100m ## memory: 128Mi requests: {} - ## Discourse extra options for liveness probe - ## WARNING: Discourse installation process may take up some time and + ## Stackspin extra options for liveness probe + ## WARNING: Stackspin installation process may take up some time and ## setting inappropriate values here may lead to pods failure. ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes ## @param frontend.livenessProbe.enabled Enable/disable livenessProbe @@ -170,8 +170,8 @@ frontend: timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 - ## Discourse extra options for readiness probe - ## WARNING: Discourse installation process may take up some time and + ## Stackspin extra options for readiness probe + ## WARNING: Stackspin installation process may take up some time and ## setting inappropriate values here may lead to pods failure. ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes ## @param frontend.readinessProbe.enabled Enable/disable readinessProbe @@ -222,11 +222,11 @@ frontend: backend: ## Admin frontend image version ## ref: https://hub.docker.com/r/bitnami/frontend/tags/ - ## @param image.registry Discourse image registry - ## @param image.repository Discourse image repository - ## @param image.tag Discourse image tag - ## @param image.pullPolicy Discourse image pull policy - ## @param image.pullSecrets Discourse image pull secrets + ## @param image.registry Stackspin image registry + ## @param image.repository Stackspin image repository + ## @param image.tag Stackspin image tag + ## @param image.pullPolicy Stackspin image pull policy + ## @param image.pullSecrets Stackspin image pull secrets ## @param image.debug Specify if debug logs should be enabled ## image: @@ -350,7 +350,7 @@ backend: ## runAsUser: 1000 ## containerSecurityContext: {} - ## Discourse container's resource requests and limits + ## Stackspin container's resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ ## We usually recommend not to specify default resources and to leave this as a conscious ## choice for the user. This also increases chances charts run on environments with little @@ -370,8 +370,8 @@ backend: ## cpu: 100m ## memory: 128Mi requests: {} - ## Discourse extra options for liveness probe - ## WARNING: Discourse installation process may take up some time and + ## Stackspin extra options for liveness probe + ## WARNING: Stackspin installation process may take up some time and ## setting inappropriate values here may lead to pods failure. ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes ## @param backend.livenessProbe.enabled Enable/disable livenessProbe @@ -388,8 +388,8 @@ backend: timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 - ## Discourse extra options for readiness probe - ## WARNING: Discourse installation process may take up some time and + ## Stackspin extra options for readiness probe + ## WARNING: Stackspin installation process may take up some time and ## setting inappropriate values here may lead to pods failure. ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes ## @param backend.readinessProbe.enabled Enable/disable readinessProbe @@ -435,7 +435,7 @@ backend: ## extraVolumeMounts: [] -## @param replicaCount Number of Discourse & Sidekiq replicas +## @param replicaCount Number of Stackspin & Sidekiq replicas ## (Note that you will need ReadWriteMany PVCs for this to work properly) ## replicaCount: 1