From e5a8cd2bc4c727cdf3d35c9730a24c96e6a73452 Mon Sep 17 00:00:00 2001 From: andresanaya21 Date: Wed, 5 Jun 2024 16:57:42 +0200 Subject: [PATCH 01/10] access-control-policy --- helm/capif/Chart.yaml | 2 + .../charts/access-control-policy/.helmignore | 23 ++++ .../charts/access-control-policy/Chart.yaml | 24 ++++ .../access-control-policy/templates/NOTES.txt | 22 ++++ .../templates/_helpers.tpl | 62 ++++++++++ .../templates/deployment.yaml | 71 +++++++++++ .../access-control-policy/templates/hpa.yaml | 32 +++++ .../templates/ingress.yaml | 61 ++++++++++ .../templates/service.yaml | 15 +++ .../templates/serviceaccount.yaml | 13 ++ .../templates/tests/test-connection.yaml | 15 +++ .../charts/access-control-policy/values.yaml | 112 ++++++++++++++++++ .../templates/access-control-policy.yaml | 17 --- helm/capif/templates/deployment.yaml | 95 --------------- helm/capif/values.yaml | 25 ---- 15 files changed, 452 insertions(+), 137 deletions(-) create mode 100644 helm/capif/charts/access-control-policy/.helmignore create mode 100644 helm/capif/charts/access-control-policy/Chart.yaml create mode 100644 helm/capif/charts/access-control-policy/templates/NOTES.txt create mode 100644 helm/capif/charts/access-control-policy/templates/_helpers.tpl create mode 100644 helm/capif/charts/access-control-policy/templates/deployment.yaml create mode 100644 helm/capif/charts/access-control-policy/templates/hpa.yaml create mode 100644 helm/capif/charts/access-control-policy/templates/ingress.yaml create mode 100644 helm/capif/charts/access-control-policy/templates/service.yaml create mode 100644 helm/capif/charts/access-control-policy/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/access-control-policy/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/access-control-policy/values.yaml delete mode 100644 helm/capif/templates/access-control-policy.yaml diff --git a/helm/capif/Chart.yaml b/helm/capif/Chart.yaml index fc0c967..b76f468 100644 --- a/helm/capif/Chart.yaml +++ b/helm/capif/Chart.yaml @@ -20,6 +20,8 @@ version: v3.1.6 # It is recommended to use it with quotes. appVersion: "v3.1.6" dependencies: + - name: access-control-policy + version: "*" - name: helper version: "*" - name: "tempo" diff --git a/helm/capif/charts/access-control-policy/.helmignore b/helm/capif/charts/access-control-policy/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/capif/charts/access-control-policy/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/access-control-policy/Chart.yaml b/helm/capif/charts/access-control-policy/Chart.yaml new file mode 100644 index 0000000..b13bbf0 --- /dev/null +++ b/helm/capif/charts/access-control-policy/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: access-control-policy +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/access-control-policy/templates/NOTES.txt b/helm/capif/charts/access-control-policy/templates/NOTES.txt new file mode 100644 index 0000000..2c54f9d --- /dev/null +++ b/helm/capif/charts/access-control-policy/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "access-control-policy.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "access-control-policy.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "access-control-policy.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "access-control-policy.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/access-control-policy/templates/_helpers.tpl b/helm/capif/charts/access-control-policy/templates/_helpers.tpl new file mode 100644 index 0000000..4b87b90 --- /dev/null +++ b/helm/capif/charts/access-control-policy/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "access-control-policy.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "access-control-policy.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "access-control-policy.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "access-control-policy.labels" -}} +helm.sh/chart: {{ include "access-control-policy.chart" . }} +{{ include "access-control-policy.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "access-control-policy.selectorLabels" -}} +app.kubernetes.io/name: {{ include "access-control-policy.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "access-control-policy.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "access-control-policy.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/charts/access-control-policy/templates/deployment.yaml b/helm/capif/charts/access-control-policy/templates/deployment.yaml new file mode 100644 index 0000000..2e4d15f --- /dev/null +++ b/helm/capif/charts/access-control-policy/templates/deployment.yaml @@ -0,0 +1,71 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "access-control-policy.fullname" . }} + labels: + {{- include "access-control-policy.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "access-control-policy.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + labels: + {{- include "access-control-policy.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "access-control-policy.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: CAPIF_HOSTNAME + value: {{ quote .Values.env.capifHostname }} + - name: MONITORING + value: {{ quote .Values.env.monitoring }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/access-control-policy/templates/hpa.yaml b/helm/capif/charts/access-control-policy/templates/hpa.yaml new file mode 100644 index 0000000..67eb195 --- /dev/null +++ b/helm/capif/charts/access-control-policy/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "access-control-policy.fullname" . }} + labels: + {{- include "access-control-policy.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "access-control-policy.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/access-control-policy/templates/ingress.yaml b/helm/capif/charts/access-control-policy/templates/ingress.yaml new file mode 100644 index 0000000..dcafedb --- /dev/null +++ b/helm/capif/charts/access-control-policy/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "access-control-policy.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "access-control-policy.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/access-control-policy/templates/service.yaml b/helm/capif/charts/access-control-policy/templates/service.yaml new file mode 100644 index 0000000..c10293a --- /dev/null +++ b/helm/capif/charts/access-control-policy/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: access-control-policy + labels: + {{- include "access-control-policy.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "access-control-policy.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/access-control-policy/templates/serviceaccount.yaml b/helm/capif/charts/access-control-policy/templates/serviceaccount.yaml new file mode 100644 index 0000000..fc12b54 --- /dev/null +++ b/helm/capif/charts/access-control-policy/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "access-control-policy.serviceAccountName" . }} + labels: + {{- include "access-control-policy.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/access-control-policy/templates/tests/test-connection.yaml b/helm/capif/charts/access-control-policy/templates/tests/test-connection.yaml new file mode 100644 index 0000000..0e67abf --- /dev/null +++ b/helm/capif/charts/access-control-policy/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "access-control-policy.fullname" . }}-test-connection" + labels: + {{- include "access-control-policy.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "access-control-policy.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/access-control-policy/values.yaml b/helm/capif/charts/access-control-policy/values.yaml new file mode 100644 index 0000000..61aba34 --- /dev/null +++ b/helm/capif/charts/access-control-policy/values.yaml @@ -0,0 +1,112 @@ +# Default values for access-control-policy. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: access-control-policy + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + capifHostname: my-capif.apps.ocp-epg.hi.inet + monitoring: "true" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + initialDelaySeconds: 10 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: [] +# - name: foo +# secret: +# secretName: mysecret +# optional: false + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: [] +# - name: foo +# mountPath: "/etc/foo" +# readOnly: true + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/templates/access-control-policy.yaml b/helm/capif/templates/access-control-policy.yaml deleted file mode 100644 index 8b2b198..0000000 --- a/helm/capif/templates/access-control-policy.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: access-control-policy - labels: - io.kompose.service: access-control-policy - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.accessControlPolicy.type }} - selector: - io.kompose.service: access-control-policy - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.accessControlPolicy.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/deployment.yaml b/helm/capif/templates/deployment.yaml index ff5ffe2..4f58100 100644 --- a/helm/capif/templates/deployment.yaml +++ b/helm/capif/templates/deployment.yaml @@ -1,98 +1,3 @@ -{{- if eq .Values.CapifClient.enable "true" }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: capif-client - labels: - io.kompose.service: capif-client - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.CapifClient.replicas }} - selector: - matchLabels: - io.kompose.service: capif-client - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: capif-client - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: CAPIF_HOSTNAME - value: nginx.mon.svc.cluster.local - - name: VAULT_HOSTNAME - value: {{ quote .Values.parametersVault.env.vaultHostname }} - - name: VAULT_PORT - value: {{ quote .Values.parametersVault.env.vaultPort }} - - name: VAULT_ACCESS_TOKEN - value: {{ quote .Values.parametersVault.env.vaultAccessToken }} - image: {{ .Values.CapifClient.image.repository }}:{{ .Values.CapifClient.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.CapifClient.image.imagePullPolicy }} - name: capif-client - resources: - {{- toYaml .Values.CapifClient.resources | nindent 12 }} - restartPolicy: Always -{{- end }} ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: access-control-policy - labels: - io.kompose.service: access-control-policy - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.accessControlPolicy.replicas }} - selector: - matchLabels: - io.kompose.service: access-control-policy - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: access-control-policy - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: CAPIF_HOSTNAME - value: {{ quote .Values.nginx.nginx.env.capifHostname }} - - name: MONITORING - value: {{ quote .Values.accessControlPolicy.env.monitoring }} - image: {{ .Values.accessControlPolicy.image.repository }}:{{ .Values.accessControlPolicy.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.accessControlPolicy.image.imagePullPolicy }} - name: access-control-policy - ports: - - containerPort: 8080 - resources: - {{- toYaml .Values.accessControlPolicy.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 8080 - initialDelaySeconds: 10 - periodSeconds: 5 - restartPolicy: Always - --- apiVersion: apps/v1 kind: Deployment diff --git a/helm/capif/values.yaml b/helm/capif/values.yaml index f017ac0..0a50782 100644 --- a/helm/capif/values.yaml +++ b/helm/capif/values.yaml @@ -34,31 +34,6 @@ accessControlPolicy: replicas: 1 type: ClusterIP -CapifClient: - # -- If enable capif client. - enable: "" - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/client" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - replicas: 1 - type: ClusterIP - apiInvocationLogs: apiInvocationLogs: image: -- GitLab From baa05607efe3ced382cc266773b84ed0396121e8 Mon Sep 17 00:00:00 2001 From: andresanaya21 Date: Thu, 13 Jun 2024 17:48:36 +0200 Subject: [PATCH 02/10] refactoring ocf helm --- helm/capif/Chart.yaml | 38 +- .../templates/tests/test-connection.yaml | 15 - .../.helmignore | 0 .../Chart.yaml | 2 +- .../charts/mock-server/templates/NOTES.txt | 22 + .../charts/mock-server/templates/_helpers.tpl | 62 ++ .../mock-server/templates/deployment.yaml | 68 ++ .../templates/hpa.yaml | 6 +- .../charts/mock-server/templates/ingress.yaml | 61 ++ .../charts/mock-server/templates/service.yaml | 15 + .../mock-server/templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 6 +- helm/capif/charts/mock-server/values.yaml | 108 ++ .../{helper => mongo-express}/.helmignore | 0 helm/capif/charts/mongo-express/Chart.yaml | 24 + .../charts/mongo-express/templates/NOTES.txt | 22 + .../mongo-express/templates/_helpers.tpl | 62 ++ .../mongo-express/templates/deployment.yaml | 73 ++ .../charts/mongo-express/templates/hpa.yaml | 32 + .../templates/ingress.yaml | 4 +- .../mongo-express/templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + helm/capif/charts/mongo-express/values.yaml | 112 ++ .../charts/mongo-register-express/.helmignore | 23 + .../charts/mongo-register-express/Chart.yaml | 24 + .../templates/NOTES.txt | 22 + .../templates/_helpers.tpl | 62 ++ .../templates/deployment.yaml | 73 ++ .../mongo-register-express/templates/hpa.yaml | 32 + .../templates/ingress.yaml | 61 ++ .../templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + .../charts/mongo-register-express/values.yaml | 113 ++ helm/capif/charts/mongo-register/.helmignore | 23 + helm/capif/charts/mongo-register/Chart.yaml | 24 + .../charts/mongo-register/templates/NOTES.txt | 22 + .../mongo-register/templates/_helpers.tpl | 62 ++ .../mongo-register/templates/deployment.yaml | 73 ++ .../charts/mongo-register/templates/hpa.yaml | 32 + .../mongo-register/templates/ingress.yaml | 61 ++ .../charts/mongo-register/templates/pvc.yaml | 13 + .../mongo-register/templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + helm/capif/charts/mongo-register/values.yaml | 113 ++ helm/capif/charts/mongo/.helmignore | 23 + .../capif/charts/{helper => mongo}/Chart.yaml | 2 +- .../{helper => mongo}/templates/NOTES.txt | 8 +- .../{helper => mongo}/templates/_helpers.tpl | 20 +- .../charts/mongo/templates/deployment.yaml | 83 ++ .../{helper => mongo}/templates/hpa.yaml | 6 +- .../{helper => mongo}/templates/ingress.yaml | 4 +- helm/capif/charts/mongo/templates/pvc.yaml | 13 + .../capif/charts/mongo/templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 4 +- .../templates/tests/test-connection.yaml | 15 + helm/capif/charts/mongo/values.yaml | 116 +++ helm/capif/charts/nginx/.helmignore | 23 + helm/capif/charts/nginx/Chart.yaml | 24 + helm/capif/charts/nginx/templates/NOTES.txt | 22 + .../capif/charts/nginx/templates/_helpers.tpl | 62 ++ .../charts/nginx/templates/deployment.yaml | 76 ++ helm/capif/charts/nginx/templates/hpa.yaml | 32 + .../charts/nginx/templates/ingress-route.yaml | 25 + .../capif/charts/nginx/templates/ingress.yaml | 59 ++ .../capif/charts/nginx/templates/service.yaml | 16 + .../nginx/templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 17 + helm/capif/charts/nginx/values.yaml | 122 +++ .../ocf-access-control-policy/.helmignore | 23 + .../ocf-access-control-policy/Chart.yaml | 24 + .../templates/NOTES.txt | 22 + .../templates/_helpers.tpl | 62 ++ .../templates/deployment.yaml | 10 +- .../templates/hpa.yaml | 32 + .../templates/ingress.yaml | 61 ++ .../templates/service.yaml | 4 +- .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + .../values.yaml | 4 +- .../ocf-api-invocation-logs/.helmignore | 23 + .../charts/ocf-api-invocation-logs/Chart.yaml | 24 + .../templates/NOTES.txt | 22 + .../templates/_helpers.tpl | 62 ++ .../templates/configmap.yaml} | 4 +- .../templates/deployment.yaml | 78 ++ .../templates/hpa.yaml | 32 + .../templates/ingress.yaml | 61 ++ .../templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + .../ocf-api-invocation-logs/values.yaml | 119 +++ .../ocf-api-invoker-management/.helmignore | 23 + .../ocf-api-invoker-management/Chart.yaml | 24 + .../templates/NOTES.txt | 22 + .../templates/_helpers.tpl | 62 ++ .../templates/configmap.yaml} | 14 +- .../templates/deployment.yaml | 76 ++ .../templates/hpa.yaml | 32 + .../templates/ingress.yaml | 61 ++ .../templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + .../ocf-api-invoker-management/values.yaml | 119 +++ .../ocf-api-provider-management/.helmignore | 23 + .../ocf-api-provider-management/Chart.yaml | 24 + .../templates/NOTES.txt | 22 + .../templates/_helpers.tpl | 62 ++ .../templates/configmap.yaml} | 14 +- .../templates/deployment.yaml | 76 ++ .../templates/hpa.yaml | 32 + .../templates/ingress.yaml | 61 ++ .../templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + .../ocf-api-provider-management/values.yaml | 119 +++ .../charts/ocf-auditing-api-logs/.helmignore | 23 + .../charts/ocf-auditing-api-logs/Chart.yaml | 24 + .../ocf-auditing-api-logs/configmap.yaml} | 4 +- .../templates/NOTES.txt | 8 +- .../templates/_helpers.tpl | 20 +- .../templates/configmap.yaml | 27 + .../templates/deployment.yaml | 70 ++ .../ocf-auditing-api-logs/templates/hpa.yaml | 32 + .../templates/ingress.yaml | 61 ++ .../templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 4 +- .../templates/tests/test-connection.yaml | 15 + .../charts/ocf-auditing-api-logs/values.yaml | 115 +++ .../ocf-discover-service-api/.helmignore | 23 + .../ocf-discover-service-api/Chart.yaml | 24 + .../templates/NOTES.txt | 22 + .../templates/_helpers.tpl | 62 ++ .../templates/configmap.yaml} | 4 +- .../templates/deployment.yaml | 70 ++ .../templates/hpa.yaml | 32 + .../templates/ingress.yaml | 61 ++ .../templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + .../ocf-discover-service-api/values.yaml | 116 +++ helm/capif/charts/ocf-events/.helmignore | 23 + helm/capif/charts/ocf-events/Chart.yaml | 24 + .../charts/ocf-events/templates/NOTES.txt | 22 + .../charts/ocf-events/templates/_helpers.tpl | 62 ++ .../ocf-events/templates/configmap.yaml} | 6 +- .../ocf-events/templates/deployment.yaml | 70 ++ .../charts/ocf-events/templates/hpa.yaml | 32 + .../charts/ocf-events/templates/ingress.yaml | 61 ++ .../charts/ocf-events/templates/service.yaml | 15 + .../ocf-events/templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + helm/capif/charts/ocf-events/values.yaml | 115 +++ helm/capif/charts/ocf-helper/.helmignore | 23 + helm/capif/charts/ocf-helper/Chart.yaml | 24 + .../charts/ocf-helper/templates/NOTES.txt | 22 + .../charts/ocf-helper/templates/_helpers.tpl | 62 ++ .../templates/deployment.yaml | 10 +- .../charts/ocf-helper/templates/hpa.yaml | 32 + .../charts/ocf-helper/templates/ingress.yaml | 61 ++ .../templates/ocf-helper-configmap.yaml | 0 .../templates/service.yaml | 4 +- .../ocf-helper/templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + .../charts/{helper => ocf-helper}/values.yaml | 6 +- .../ocf-publish-service-api/.helmignore | 23 + .../charts/ocf-publish-service-api/Chart.yaml | 24 + .../templates/NOTES.txt | 22 + .../templates/_helpers.tpl | 62 ++ .../templates/configmap.yaml} | 4 +- .../templates/deployment.yaml | 70 ++ .../templates/hpa.yaml | 32 + .../templates/ingress.yaml | 61 ++ .../templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + .../ocf-publish-service-api/values.yaml | 115 +++ helm/capif/charts/ocf-register/.helmignore | 23 + helm/capif/charts/ocf-register/Chart.yaml | 24 + .../charts/ocf-register/templates/NOTES.txt | 22 + .../ocf-register/templates/_helpers.tpl | 62 ++ .../ocf-register/templates/configmap.yaml} | 12 +- .../ocf-register/templates/deployment.yaml | 74 ++ .../charts/ocf-register/templates/hpa.yaml | 32 + .../ocf-register/templates/ingress.yaml | 60 ++ .../ocf-register/templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + helm/capif/charts/ocf-register/values.yaml | 118 +++ .../capif/charts/ocf-routing-info/.helmignore | 23 + helm/capif/charts/ocf-routing-info/Chart.yaml | 24 + .../ocf-routing-info/templates/NOTES.txt | 22 + .../ocf-routing-info/templates/_helpers.tpl | 62 ++ .../templates/deployment.yaml | 69 ++ .../ocf-routing-info/templates/hpa.yaml | 32 + .../ocf-routing-info/templates/ingress.yaml | 61 ++ .../ocf-routing-info/templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + .../capif/charts/ocf-routing-info/values.yaml | 111 ++ helm/capif/charts/ocf-security/.helmignore | 23 + helm/capif/charts/ocf-security/Chart.yaml | 24 + .../charts/ocf-security/templates/NOTES.txt | 22 + .../ocf-security/templates/_helpers.tpl | 62 ++ .../ocf-security/templates/configmap.yaml} | 4 +- .../ocf-security/templates/deployment.yaml | 78 ++ .../charts/ocf-security/templates/hpa.yaml | 32 + .../ocf-security/templates/ingress.yaml | 61 ++ .../ocf-security/templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + helm/capif/charts/ocf-security/values.yaml | 118 +++ helm/capif/charts/redis/.helmignore | 23 + helm/capif/charts/redis/Chart.yaml | 24 + helm/capif/charts/redis/templates/NOTES.txt | 22 + .../capif/charts/redis/templates/_helpers.tpl | 62 ++ .../charts/redis/templates/deployment.yaml | 69 ++ helm/capif/charts/redis/templates/hpa.yaml | 32 + .../capif/charts/redis/templates/ingress.yaml | 61 ++ .../capif/charts/redis/templates/service.yaml | 15 + .../redis/templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + helm/capif/charts/redis/values.yaml | 111 ++ helm/capif/templates/api-invocation-logs.yaml | 17 - .../templates/api-invoker-management.yaml | 17 - .../templates/api-provider-management.yaml | 17 - helm/capif/templates/capif-events.yaml | 17 - helm/capif/templates/capif-routing-info.yaml | 17 - helm/capif/templates/capif-security.yaml | 17 - helm/capif/templates/deployment.yaml | 973 ------------------ helm/capif/templates/logs.yaml | 17 - helm/capif/templates/mongo-express.yaml | 17 - helm/capif/templates/mongo-pvc.yaml | 17 - .../templates/mongo-register-express.yaml | 17 - helm/capif/templates/mongo-register-pvc.yaml | 17 - helm/capif/templates/mongo-register.yaml | 17 - helm/capif/templates/mongo.yaml | 17 - helm/capif/templates/nginx-ingress-route.yaml | 17 - .../templates/nginx-ssl-ingress-route.yaml | 18 - helm/capif/templates/nginx-ssl-route.yaml | 22 - helm/capif/templates/nginx-ssl.yaml | 32 - helm/capif/templates/nginx.yaml | 48 - helm/capif/templates/published-apis.yaml | 17 - helm/capif/templates/redis.yaml | 17 - helm/capif/templates/register.yaml | 19 - helm/capif/templates/service-apis.yaml | 17 - helm/capif/values.yaml | 509 --------- 249 files changed, 7972 insertions(+), 2027 deletions(-) delete mode 100644 helm/capif/charts/access-control-policy/templates/tests/test-connection.yaml rename helm/capif/charts/{access-control-policy => mock-server}/.helmignore (100%) rename helm/capif/charts/{access-control-policy => mock-server}/Chart.yaml (97%) create mode 100644 helm/capif/charts/mock-server/templates/NOTES.txt create mode 100644 helm/capif/charts/mock-server/templates/_helpers.tpl create mode 100644 helm/capif/charts/mock-server/templates/deployment.yaml rename helm/capif/charts/{access-control-policy => mock-server}/templates/hpa.yaml (82%) create mode 100644 helm/capif/charts/mock-server/templates/ingress.yaml create mode 100644 helm/capif/charts/mock-server/templates/service.yaml create mode 100644 helm/capif/charts/mock-server/templates/serviceaccount.yaml rename helm/capif/charts/{helper => mock-server}/templates/tests/test-connection.yaml (50%) create mode 100644 helm/capif/charts/mock-server/values.yaml rename helm/capif/charts/{helper => mongo-express}/.helmignore (100%) create mode 100644 helm/capif/charts/mongo-express/Chart.yaml create mode 100644 helm/capif/charts/mongo-express/templates/NOTES.txt create mode 100644 helm/capif/charts/mongo-express/templates/_helpers.tpl create mode 100644 helm/capif/charts/mongo-express/templates/deployment.yaml create mode 100644 helm/capif/charts/mongo-express/templates/hpa.yaml rename helm/capif/charts/{access-control-policy => mongo-express}/templates/ingress.yaml (93%) create mode 100644 helm/capif/charts/mongo-express/templates/service.yaml create mode 100644 helm/capif/charts/mongo-express/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/mongo-express/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/mongo-express/values.yaml create mode 100644 helm/capif/charts/mongo-register-express/.helmignore create mode 100644 helm/capif/charts/mongo-register-express/Chart.yaml create mode 100644 helm/capif/charts/mongo-register-express/templates/NOTES.txt create mode 100644 helm/capif/charts/mongo-register-express/templates/_helpers.tpl create mode 100644 helm/capif/charts/mongo-register-express/templates/deployment.yaml create mode 100644 helm/capif/charts/mongo-register-express/templates/hpa.yaml create mode 100644 helm/capif/charts/mongo-register-express/templates/ingress.yaml create mode 100644 helm/capif/charts/mongo-register-express/templates/service.yaml create mode 100644 helm/capif/charts/mongo-register-express/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/mongo-register-express/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/mongo-register-express/values.yaml create mode 100644 helm/capif/charts/mongo-register/.helmignore create mode 100644 helm/capif/charts/mongo-register/Chart.yaml create mode 100644 helm/capif/charts/mongo-register/templates/NOTES.txt create mode 100644 helm/capif/charts/mongo-register/templates/_helpers.tpl create mode 100644 helm/capif/charts/mongo-register/templates/deployment.yaml create mode 100644 helm/capif/charts/mongo-register/templates/hpa.yaml create mode 100644 helm/capif/charts/mongo-register/templates/ingress.yaml create mode 100644 helm/capif/charts/mongo-register/templates/pvc.yaml create mode 100644 helm/capif/charts/mongo-register/templates/service.yaml create mode 100644 helm/capif/charts/mongo-register/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/mongo-register/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/mongo-register/values.yaml create mode 100644 helm/capif/charts/mongo/.helmignore rename helm/capif/charts/{helper => mongo}/Chart.yaml (98%) rename helm/capif/charts/{helper => mongo}/templates/NOTES.txt (77%) rename helm/capif/charts/{helper => mongo}/templates/_helpers.tpl (76%) create mode 100644 helm/capif/charts/mongo/templates/deployment.yaml rename helm/capif/charts/{helper => mongo}/templates/hpa.yaml (86%) rename helm/capif/charts/{helper => mongo}/templates/ingress.yaml (95%) create mode 100644 helm/capif/charts/mongo/templates/pvc.yaml create mode 100644 helm/capif/charts/mongo/templates/service.yaml rename helm/capif/charts/{helper => mongo}/templates/serviceaccount.yaml (73%) create mode 100644 helm/capif/charts/mongo/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/mongo/values.yaml create mode 100644 helm/capif/charts/nginx/.helmignore create mode 100644 helm/capif/charts/nginx/Chart.yaml create mode 100644 helm/capif/charts/nginx/templates/NOTES.txt create mode 100644 helm/capif/charts/nginx/templates/_helpers.tpl create mode 100644 helm/capif/charts/nginx/templates/deployment.yaml create mode 100644 helm/capif/charts/nginx/templates/hpa.yaml create mode 100644 helm/capif/charts/nginx/templates/ingress-route.yaml create mode 100644 helm/capif/charts/nginx/templates/ingress.yaml create mode 100644 helm/capif/charts/nginx/templates/service.yaml create mode 100644 helm/capif/charts/nginx/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/nginx/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/nginx/values.yaml create mode 100644 helm/capif/charts/ocf-access-control-policy/.helmignore create mode 100644 helm/capif/charts/ocf-access-control-policy/Chart.yaml create mode 100644 helm/capif/charts/ocf-access-control-policy/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-access-control-policy/templates/_helpers.tpl rename helm/capif/charts/{access-control-policy => ocf-access-control-policy}/templates/deployment.yaml (84%) create mode 100644 helm/capif/charts/ocf-access-control-policy/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-access-control-policy/templates/ingress.yaml rename helm/capif/charts/{access-control-policy => ocf-access-control-policy}/templates/service.yaml (62%) create mode 100644 helm/capif/charts/ocf-access-control-policy/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-access-control-policy/templates/tests/test-connection.yaml rename helm/capif/charts/{access-control-policy => ocf-access-control-policy}/values.yaml (96%) create mode 100644 helm/capif/charts/ocf-api-invocation-logs/.helmignore create mode 100644 helm/capif/charts/ocf-api-invocation-logs/Chart.yaml create mode 100644 helm/capif/charts/ocf-api-invocation-logs/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-api-invocation-logs/templates/_helpers.tpl rename helm/capif/{templates/capif-invocation-configmap.yaml => charts/ocf-api-invocation-logs/templates/configmap.yaml} (83%) create mode 100644 helm/capif/charts/ocf-api-invocation-logs/templates/deployment.yaml create mode 100644 helm/capif/charts/ocf-api-invocation-logs/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-api-invocation-logs/templates/ingress.yaml create mode 100644 helm/capif/charts/ocf-api-invocation-logs/templates/service.yaml create mode 100644 helm/capif/charts/ocf-api-invocation-logs/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-api-invocation-logs/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/ocf-api-invocation-logs/values.yaml create mode 100644 helm/capif/charts/ocf-api-invoker-management/.helmignore create mode 100644 helm/capif/charts/ocf-api-invoker-management/Chart.yaml create mode 100644 helm/capif/charts/ocf-api-invoker-management/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-api-invoker-management/templates/_helpers.tpl rename helm/capif/{templates/capif-invoker-configmap.yaml => charts/ocf-api-invoker-management/templates/configmap.yaml} (61%) create mode 100644 helm/capif/charts/ocf-api-invoker-management/templates/deployment.yaml create mode 100644 helm/capif/charts/ocf-api-invoker-management/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-api-invoker-management/templates/ingress.yaml create mode 100644 helm/capif/charts/ocf-api-invoker-management/templates/service.yaml create mode 100644 helm/capif/charts/ocf-api-invoker-management/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-api-invoker-management/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/ocf-api-invoker-management/values.yaml create mode 100644 helm/capif/charts/ocf-api-provider-management/.helmignore create mode 100644 helm/capif/charts/ocf-api-provider-management/Chart.yaml create mode 100644 helm/capif/charts/ocf-api-provider-management/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-api-provider-management/templates/_helpers.tpl rename helm/capif/{templates/capif-provider-configmap.yaml => charts/ocf-api-provider-management/templates/configmap.yaml} (60%) create mode 100644 helm/capif/charts/ocf-api-provider-management/templates/deployment.yaml create mode 100644 helm/capif/charts/ocf-api-provider-management/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-api-provider-management/templates/ingress.yaml create mode 100644 helm/capif/charts/ocf-api-provider-management/templates/service.yaml create mode 100644 helm/capif/charts/ocf-api-provider-management/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-api-provider-management/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/ocf-api-provider-management/values.yaml create mode 100644 helm/capif/charts/ocf-auditing-api-logs/.helmignore create mode 100644 helm/capif/charts/ocf-auditing-api-logs/Chart.yaml rename helm/capif/{templates/capif-logs-configmap.yaml => charts/ocf-auditing-api-logs/configmap.yaml} (80%) rename helm/capif/charts/{access-control-policy => ocf-auditing-api-logs}/templates/NOTES.txt (81%) rename helm/capif/charts/{access-control-policy => ocf-auditing-api-logs}/templates/_helpers.tpl (71%) create mode 100644 helm/capif/charts/ocf-auditing-api-logs/templates/configmap.yaml create mode 100644 helm/capif/charts/ocf-auditing-api-logs/templates/deployment.yaml create mode 100644 helm/capif/charts/ocf-auditing-api-logs/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-auditing-api-logs/templates/ingress.yaml create mode 100644 helm/capif/charts/ocf-auditing-api-logs/templates/service.yaml rename helm/capif/charts/{access-control-policy => ocf-auditing-api-logs}/templates/serviceaccount.yaml (69%) create mode 100644 helm/capif/charts/ocf-auditing-api-logs/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/ocf-auditing-api-logs/values.yaml create mode 100644 helm/capif/charts/ocf-discover-service-api/.helmignore create mode 100644 helm/capif/charts/ocf-discover-service-api/Chart.yaml create mode 100644 helm/capif/charts/ocf-discover-service-api/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-discover-service-api/templates/_helpers.tpl rename helm/capif/{templates/capif-service-configmap.yaml => charts/ocf-discover-service-api/templates/configmap.yaml} (81%) create mode 100644 helm/capif/charts/ocf-discover-service-api/templates/deployment.yaml create mode 100644 helm/capif/charts/ocf-discover-service-api/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-discover-service-api/templates/ingress.yaml create mode 100644 helm/capif/charts/ocf-discover-service-api/templates/service.yaml create mode 100644 helm/capif/charts/ocf-discover-service-api/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-discover-service-api/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/ocf-discover-service-api/values.yaml create mode 100644 helm/capif/charts/ocf-events/.helmignore create mode 100644 helm/capif/charts/ocf-events/Chart.yaml create mode 100644 helm/capif/charts/ocf-events/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-events/templates/_helpers.tpl rename helm/capif/{templates/capif-events-configmap.yaml => charts/ocf-events/templates/configmap.yaml} (82%) create mode 100644 helm/capif/charts/ocf-events/templates/deployment.yaml create mode 100644 helm/capif/charts/ocf-events/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-events/templates/ingress.yaml create mode 100644 helm/capif/charts/ocf-events/templates/service.yaml create mode 100644 helm/capif/charts/ocf-events/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-events/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/ocf-events/values.yaml create mode 100644 helm/capif/charts/ocf-helper/.helmignore create mode 100644 helm/capif/charts/ocf-helper/Chart.yaml create mode 100644 helm/capif/charts/ocf-helper/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-helper/templates/_helpers.tpl rename helm/capif/charts/{helper => ocf-helper}/templates/deployment.yaml (88%) create mode 100644 helm/capif/charts/ocf-helper/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-helper/templates/ingress.yaml rename helm/capif/charts/{helper => ocf-helper}/templates/ocf-helper-configmap.yaml (100%) rename helm/capif/charts/{helper => ocf-helper}/templates/service.yaml (66%) create mode 100644 helm/capif/charts/ocf-helper/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-helper/templates/tests/test-connection.yaml rename helm/capif/charts/{helper => ocf-helper}/values.yaml (96%) create mode 100644 helm/capif/charts/ocf-publish-service-api/.helmignore create mode 100644 helm/capif/charts/ocf-publish-service-api/Chart.yaml create mode 100644 helm/capif/charts/ocf-publish-service-api/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-publish-service-api/templates/_helpers.tpl rename helm/capif/{templates/capif-published-configmap.yaml => charts/ocf-publish-service-api/templates/configmap.yaml} (81%) create mode 100644 helm/capif/charts/ocf-publish-service-api/templates/deployment.yaml create mode 100644 helm/capif/charts/ocf-publish-service-api/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-publish-service-api/templates/ingress.yaml create mode 100644 helm/capif/charts/ocf-publish-service-api/templates/service.yaml create mode 100644 helm/capif/charts/ocf-publish-service-api/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-publish-service-api/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/ocf-publish-service-api/values.yaml create mode 100644 helm/capif/charts/ocf-register/.helmignore create mode 100644 helm/capif/charts/ocf-register/Chart.yaml create mode 100644 helm/capif/charts/ocf-register/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-register/templates/_helpers.tpl rename helm/capif/{templates/register-configmap.yaml => charts/ocf-register/templates/configmap.yaml} (52%) create mode 100644 helm/capif/charts/ocf-register/templates/deployment.yaml create mode 100644 helm/capif/charts/ocf-register/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-register/templates/ingress.yaml create mode 100644 helm/capif/charts/ocf-register/templates/service.yaml create mode 100644 helm/capif/charts/ocf-register/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-register/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/ocf-register/values.yaml create mode 100644 helm/capif/charts/ocf-routing-info/.helmignore create mode 100644 helm/capif/charts/ocf-routing-info/Chart.yaml create mode 100644 helm/capif/charts/ocf-routing-info/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-routing-info/templates/_helpers.tpl create mode 100644 helm/capif/charts/ocf-routing-info/templates/deployment.yaml create mode 100644 helm/capif/charts/ocf-routing-info/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-routing-info/templates/ingress.yaml create mode 100644 helm/capif/charts/ocf-routing-info/templates/service.yaml create mode 100644 helm/capif/charts/ocf-routing-info/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-routing-info/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/ocf-routing-info/values.yaml create mode 100644 helm/capif/charts/ocf-security/.helmignore create mode 100644 helm/capif/charts/ocf-security/Chart.yaml create mode 100644 helm/capif/charts/ocf-security/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-security/templates/_helpers.tpl rename helm/capif/{templates/capif-security-configmap.yaml => charts/ocf-security/templates/configmap.yaml} (82%) create mode 100644 helm/capif/charts/ocf-security/templates/deployment.yaml create mode 100644 helm/capif/charts/ocf-security/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-security/templates/ingress.yaml create mode 100644 helm/capif/charts/ocf-security/templates/service.yaml create mode 100644 helm/capif/charts/ocf-security/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-security/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/ocf-security/values.yaml create mode 100644 helm/capif/charts/redis/.helmignore create mode 100644 helm/capif/charts/redis/Chart.yaml create mode 100644 helm/capif/charts/redis/templates/NOTES.txt create mode 100644 helm/capif/charts/redis/templates/_helpers.tpl create mode 100644 helm/capif/charts/redis/templates/deployment.yaml create mode 100644 helm/capif/charts/redis/templates/hpa.yaml create mode 100644 helm/capif/charts/redis/templates/ingress.yaml create mode 100644 helm/capif/charts/redis/templates/service.yaml create mode 100644 helm/capif/charts/redis/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/redis/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/redis/values.yaml delete mode 100644 helm/capif/templates/api-invocation-logs.yaml delete mode 100644 helm/capif/templates/api-invoker-management.yaml delete mode 100644 helm/capif/templates/api-provider-management.yaml delete mode 100644 helm/capif/templates/capif-events.yaml delete mode 100644 helm/capif/templates/capif-routing-info.yaml delete mode 100644 helm/capif/templates/capif-security.yaml delete mode 100644 helm/capif/templates/logs.yaml delete mode 100644 helm/capif/templates/mongo-express.yaml delete mode 100644 helm/capif/templates/mongo-pvc.yaml delete mode 100644 helm/capif/templates/mongo-register-express.yaml delete mode 100644 helm/capif/templates/mongo-register-pvc.yaml delete mode 100644 helm/capif/templates/mongo-register.yaml delete mode 100644 helm/capif/templates/mongo.yaml delete mode 100644 helm/capif/templates/nginx-ingress-route.yaml delete mode 100644 helm/capif/templates/nginx-ssl-ingress-route.yaml delete mode 100644 helm/capif/templates/nginx-ssl-route.yaml delete mode 100644 helm/capif/templates/nginx-ssl.yaml delete mode 100644 helm/capif/templates/nginx.yaml delete mode 100644 helm/capif/templates/published-apis.yaml delete mode 100644 helm/capif/templates/redis.yaml delete mode 100644 helm/capif/templates/register.yaml delete mode 100644 helm/capif/templates/service-apis.yaml diff --git a/helm/capif/Chart.yaml b/helm/capif/Chart.yaml index b76f468..3cdcb3e 100644 --- a/helm/capif/Chart.yaml +++ b/helm/capif/Chart.yaml @@ -20,9 +20,43 @@ version: v3.1.6 # It is recommended to use it with quotes. appVersion: "v3.1.6" dependencies: - - name: access-control-policy + - name: ocf-access-control-policy version: "*" - - name: helper + - name: ocf-api-invoker-management + version: "*" + - name: ocf-api-provider-management + version: "*" + - name: ocf-api-invocation-logs + version: "*" + - name: ocf-events + version: "*" + - name: ocf-helper + version: "*" + - name: ocf-routing-info + version: "*" + - name: ocf-security + version: "*" + - name: ocf-register + version: "*" + - name: mongo-register + version: "*" + - name: ocf-auditing-api-logs + version: "*" + - name: ocf-publish-service-api + version: "*" + - name: ocf-discover-service-api + version: "*" + - name: mongo + version: "*" + - name: mongo-express + version: "*" + - name: mongo-register-express + version: "*" + - name: nginx + version: "*" + - name: mock-server + version: "*" + - name: redis version: "*" - name: "tempo" condition: tempo.enabled diff --git a/helm/capif/charts/access-control-policy/templates/tests/test-connection.yaml b/helm/capif/charts/access-control-policy/templates/tests/test-connection.yaml deleted file mode 100644 index 0e67abf..0000000 --- a/helm/capif/charts/access-control-policy/templates/tests/test-connection.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: "{{ include "access-control-policy.fullname" . }}-test-connection" - labels: - {{- include "access-control-policy.labels" . | nindent 4 }} - annotations: - "helm.sh/hook": test -spec: - containers: - - name: wget - image: busybox - command: ['wget'] - args: ['{{ include "access-control-policy.fullname" . }}:{{ .Values.service.port }}'] - restartPolicy: Never diff --git a/helm/capif/charts/access-control-policy/.helmignore b/helm/capif/charts/mock-server/.helmignore similarity index 100% rename from helm/capif/charts/access-control-policy/.helmignore rename to helm/capif/charts/mock-server/.helmignore diff --git a/helm/capif/charts/access-control-policy/Chart.yaml b/helm/capif/charts/mock-server/Chart.yaml similarity index 97% rename from helm/capif/charts/access-control-policy/Chart.yaml rename to helm/capif/charts/mock-server/Chart.yaml index b13bbf0..9ca2cda 100644 --- a/helm/capif/charts/access-control-policy/Chart.yaml +++ b/helm/capif/charts/mock-server/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -name: access-control-policy +name: mock-server description: A Helm chart for Kubernetes # A chart can be either an 'application' or a 'library' chart. diff --git a/helm/capif/charts/mock-server/templates/NOTES.txt b/helm/capif/charts/mock-server/templates/NOTES.txt new file mode 100644 index 0000000..4e3d056 --- /dev/null +++ b/helm/capif/charts/mock-server/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "mock-server.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "mock-server.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "mock-server.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "mock-server.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/mock-server/templates/_helpers.tpl b/helm/capif/charts/mock-server/templates/_helpers.tpl new file mode 100644 index 0000000..4c9fe56 --- /dev/null +++ b/helm/capif/charts/mock-server/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "mock-server.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "mock-server.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "mock-server.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "mock-server.labels" -}} +helm.sh/chart: {{ include "mock-server.chart" . }} +{{ include "mock-server.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "mock-server.selectorLabels" -}} +app.kubernetes.io/name: {{ include "mock-server.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "mock-server.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "mock-server.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/charts/mock-server/templates/deployment.yaml b/helm/capif/charts/mock-server/templates/deployment.yaml new file mode 100644 index 0000000..270411b --- /dev/null +++ b/helm/capif/charts/mock-server/templates/deployment.yaml @@ -0,0 +1,68 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "mock-server.fullname" . }} + labels: + {{- include "mock-server.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "mock-server.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "mock-server.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "mock-server.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/access-control-policy/templates/hpa.yaml b/helm/capif/charts/mock-server/templates/hpa.yaml similarity index 82% rename from helm/capif/charts/access-control-policy/templates/hpa.yaml rename to helm/capif/charts/mock-server/templates/hpa.yaml index 67eb195..fbdd9bc 100644 --- a/helm/capif/charts/access-control-policy/templates/hpa.yaml +++ b/helm/capif/charts/mock-server/templates/hpa.yaml @@ -2,14 +2,14 @@ apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: - name: {{ include "access-control-policy.fullname" . }} + name: {{ include "mock-server.fullname" . }} labels: - {{- include "access-control-policy.labels" . | nindent 4 }} + {{- include "mock-server.labels" . | nindent 4 }} spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment - name: {{ include "access-control-policy.fullname" . }} + name: {{ include "mock-server.fullname" . }} minReplicas: {{ .Values.autoscaling.minReplicas }} maxReplicas: {{ .Values.autoscaling.maxReplicas }} metrics: diff --git a/helm/capif/charts/mock-server/templates/ingress.yaml b/helm/capif/charts/mock-server/templates/ingress.yaml new file mode 100644 index 0000000..68406e7 --- /dev/null +++ b/helm/capif/charts/mock-server/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "mock-server.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "mock-server.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: mock-server + port: + number: {{ $svcPort }} + {{- else }} + serviceName: mock-server + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/mock-server/templates/service.yaml b/helm/capif/charts/mock-server/templates/service.yaml new file mode 100644 index 0000000..f160730 --- /dev/null +++ b/helm/capif/charts/mock-server/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: mock-server + labels: + {{- include "mock-server.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "mock-server.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/mock-server/templates/serviceaccount.yaml b/helm/capif/charts/mock-server/templates/serviceaccount.yaml new file mode 100644 index 0000000..004803d --- /dev/null +++ b/helm/capif/charts/mock-server/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "mock-server.serviceAccountName" . }} + labels: + {{- include "mock-server.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/helper/templates/tests/test-connection.yaml b/helm/capif/charts/mock-server/templates/tests/test-connection.yaml similarity index 50% rename from helm/capif/charts/helper/templates/tests/test-connection.yaml rename to helm/capif/charts/mock-server/templates/tests/test-connection.yaml index f3959cc..796d72b 100644 --- a/helm/capif/charts/helper/templates/tests/test-connection.yaml +++ b/helm/capif/charts/mock-server/templates/tests/test-connection.yaml @@ -1,9 +1,9 @@ apiVersion: v1 kind: Pod metadata: - name: "{{ include "helper.fullname" . }}-test-connection" + name: "{{ include "mock-server.fullname" . }}-test-connection" labels: - {{- include "helper.labels" . | nindent 4 }} + {{- include "mock-server.labels" . | nindent 4 }} annotations: "helm.sh/hook": test spec: @@ -11,5 +11,5 @@ spec: - name: wget image: busybox command: ['wget'] - args: ['{{ include "helper.fullname" . }}:{{ .Values.service.port }}'] + args: ['mock-server:{{ .Values.service.port }}'] restartPolicy: Never diff --git a/helm/capif/charts/mock-server/values.yaml b/helm/capif/charts/mock-server/values.yaml new file mode 100644 index 0000000..f005d9f --- /dev/null +++ b/helm/capif/charts/mock-server/values.yaml @@ -0,0 +1,108 @@ +# Default values for mock-server. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: mock-server + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 9090 + +ingress: + enabled: true + className: "nginx" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: mock-server.example.local + paths: + - path: / + pathType: Prefix + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +livenessProbe: + tcpSocket: + port: 9090 + initialDelaySeconds: 20 + periodSeconds: 5 +readinessProbe: +# httpGet: +# path: / +# port: http + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: [] +# - name: foo +# secret: +# secretName: mysecret +# optional: false + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: [] +# - name: foo +# mountPath: "/etc/foo" +# readOnly: true + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/helper/.helmignore b/helm/capif/charts/mongo-express/.helmignore similarity index 100% rename from helm/capif/charts/helper/.helmignore rename to helm/capif/charts/mongo-express/.helmignore diff --git a/helm/capif/charts/mongo-express/Chart.yaml b/helm/capif/charts/mongo-express/Chart.yaml new file mode 100644 index 0000000..7150bbc --- /dev/null +++ b/helm/capif/charts/mongo-express/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: mongo-express +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/mongo-express/templates/NOTES.txt b/helm/capif/charts/mongo-express/templates/NOTES.txt new file mode 100644 index 0000000..b93d9e5 --- /dev/null +++ b/helm/capif/charts/mongo-express/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "mongo-express.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "mongo-express.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "mongo-express.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "mongo-express.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/mongo-express/templates/_helpers.tpl b/helm/capif/charts/mongo-express/templates/_helpers.tpl new file mode 100644 index 0000000..15950b2 --- /dev/null +++ b/helm/capif/charts/mongo-express/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "mongo-express.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "mongo-express.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "mongo-express.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "mongo-express.labels" -}} +helm.sh/chart: {{ include "mongo-express.chart" . }} +{{ include "mongo-express.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "mongo-express.selectorLabels" -}} +app.kubernetes.io/name: {{ include "mongo-express.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "mongo-express.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "mongo-express.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/charts/mongo-express/templates/deployment.yaml b/helm/capif/charts/mongo-express/templates/deployment.yaml new file mode 100644 index 0000000..175a045 --- /dev/null +++ b/helm/capif/charts/mongo-express/templates/deployment.yaml @@ -0,0 +1,73 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "mongo-express.fullname" . }} + labels: + {{- include "mongo-express.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "mongo-express.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + labels: + {{- include "mongo-express.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "mongo-express.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.targetPort }} + protocol: TCP + env: + - name: ME_CONFIG_MONGODB_ADMINUSERNAME + value: {{ quote .Values.env.meConfigMongodbAdminusername }} + - name: ME_CONFIG_MONGODB_ADMINPASSWORD + value: {{ quote .Values.env.meConfigMongodbAdminpassword }} + - name: ME_CONFIG_MONGODB_URL + value: {{ quote .Values.env.meConfigMongodbUrl }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/mongo-express/templates/hpa.yaml b/helm/capif/charts/mongo-express/templates/hpa.yaml new file mode 100644 index 0000000..2b7ca92 --- /dev/null +++ b/helm/capif/charts/mongo-express/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "mongo-express.fullname" . }} + labels: + {{- include "mongo-express.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "mongo-express.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/access-control-policy/templates/ingress.yaml b/helm/capif/charts/mongo-express/templates/ingress.yaml similarity index 93% rename from helm/capif/charts/access-control-policy/templates/ingress.yaml rename to helm/capif/charts/mongo-express/templates/ingress.yaml index dcafedb..9a0f710 100644 --- a/helm/capif/charts/access-control-policy/templates/ingress.yaml +++ b/helm/capif/charts/mongo-express/templates/ingress.yaml @@ -1,5 +1,5 @@ {{- if .Values.ingress.enabled -}} -{{- $fullName := include "access-control-policy.fullname" . -}} +{{- $fullName := include "mongo-express.fullname" . -}} {{- $svcPort := .Values.service.port -}} {{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} @@ -17,7 +17,7 @@ kind: Ingress metadata: name: {{ $fullName }} labels: - {{- include "access-control-policy.labels" . | nindent 4 }} + {{- include "mongo-express.labels" . | nindent 4 }} {{- with .Values.ingress.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/helm/capif/charts/mongo-express/templates/service.yaml b/helm/capif/charts/mongo-express/templates/service.yaml new file mode 100644 index 0000000..888a03f --- /dev/null +++ b/helm/capif/charts/mongo-express/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: mongo-express + labels: + {{- include "mongo-express.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: {{ .Values.service.targetPort }} + protocol: TCP + name: http + selector: + {{- include "mongo-express.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/mongo-express/templates/serviceaccount.yaml b/helm/capif/charts/mongo-express/templates/serviceaccount.yaml new file mode 100644 index 0000000..4a6a666 --- /dev/null +++ b/helm/capif/charts/mongo-express/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "mongo-express.serviceAccountName" . }} + labels: + {{- include "mongo-express.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/mongo-express/templates/tests/test-connection.yaml b/helm/capif/charts/mongo-express/templates/tests/test-connection.yaml new file mode 100644 index 0000000..666e36f --- /dev/null +++ b/helm/capif/charts/mongo-express/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "mongo-express.fullname" . }}-test-connection" + labels: + {{- include "mongo-express.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['mongo-express:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/mongo-express/values.yaml b/helm/capif/charts/mongo-express/values.yaml new file mode 100644 index 0000000..447ec98 --- /dev/null +++ b/helm/capif/charts/mongo-express/values.yaml @@ -0,0 +1,112 @@ +# Default values for mongo-express. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: mongo-express + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "1.0.0-alpha.4" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + meConfigMongodbAdminusername: root + meConfigMongodbAdminpassword: example + meConfigMongodbUrl: mongodb://root:example@mongo:27017/ +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8082 + targetPort: 8081 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8081 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: [] +# - name: foo +# secret: +# secretName: mysecret +# optional: false + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: [] +# - name: foo +# mountPath: "/etc/foo" +# readOnly: true + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/mongo-register-express/.helmignore b/helm/capif/charts/mongo-register-express/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/capif/charts/mongo-register-express/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/mongo-register-express/Chart.yaml b/helm/capif/charts/mongo-register-express/Chart.yaml new file mode 100644 index 0000000..b4e246c --- /dev/null +++ b/helm/capif/charts/mongo-register-express/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: mongo-register-express +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/mongo-register-express/templates/NOTES.txt b/helm/capif/charts/mongo-register-express/templates/NOTES.txt new file mode 100644 index 0000000..60013f0 --- /dev/null +++ b/helm/capif/charts/mongo-register-express/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "mongo-register-express.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "mongo-register-express.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "mongo-register-express.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "mongo-register-express.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/mongo-register-express/templates/_helpers.tpl b/helm/capif/charts/mongo-register-express/templates/_helpers.tpl new file mode 100644 index 0000000..accb35f --- /dev/null +++ b/helm/capif/charts/mongo-register-express/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "mongo-register-express.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "mongo-register-express.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "mongo-register-express.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "mongo-register-express.labels" -}} +helm.sh/chart: {{ include "mongo-register-express.chart" . }} +{{ include "mongo-register-express.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "mongo-register-express.selectorLabels" -}} +app.kubernetes.io/name: {{ include "mongo-register-express.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "mongo-register-express.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "mongo-register-express.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/charts/mongo-register-express/templates/deployment.yaml b/helm/capif/charts/mongo-register-express/templates/deployment.yaml new file mode 100644 index 0000000..3e86c2d --- /dev/null +++ b/helm/capif/charts/mongo-register-express/templates/deployment.yaml @@ -0,0 +1,73 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "mongo-register-express.fullname" . }} + labels: + {{- include "mongo-register-express.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "mongo-register-express.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + labels: + {{- include "mongo-register-express.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "mongo-register-express.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.targetPort }} + protocol: TCP + env: + - name: ME_CONFIG_MONGODB_ADMINPASSWORD + value: {{ quote .Values.env.meConfigMongodbAdminpassword }} + - name: ME_CONFIG_MONGODB_ADMINUSERNAME + value: {{ quote .Values.env.meConfigMongodbAdminusername }} + - name: ME_CONFIG_MONGODB_URL + value: {{ quote .Values.env.meConfigMongodbUrl }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/mongo-register-express/templates/hpa.yaml b/helm/capif/charts/mongo-register-express/templates/hpa.yaml new file mode 100644 index 0000000..7f0a835 --- /dev/null +++ b/helm/capif/charts/mongo-register-express/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "mongo-register-express.fullname" . }} + labels: + {{- include "mongo-register-express.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "mongo-register-express.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/mongo-register-express/templates/ingress.yaml b/helm/capif/charts/mongo-register-express/templates/ingress.yaml new file mode 100644 index 0000000..02c99e5 --- /dev/null +++ b/helm/capif/charts/mongo-register-express/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "mongo-register-express.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "mongo-register-express.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/mongo-register-express/templates/service.yaml b/helm/capif/charts/mongo-register-express/templates/service.yaml new file mode 100644 index 0000000..eed599c --- /dev/null +++ b/helm/capif/charts/mongo-register-express/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: mongo-register-express + labels: + {{- include "mongo-register-express.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: {{ .Values.service.targetPort }} + protocol: TCP + name: http + selector: + {{- include "mongo-register-express.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/mongo-register-express/templates/serviceaccount.yaml b/helm/capif/charts/mongo-register-express/templates/serviceaccount.yaml new file mode 100644 index 0000000..21c6862 --- /dev/null +++ b/helm/capif/charts/mongo-register-express/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "mongo-register-express.serviceAccountName" . }} + labels: + {{- include "mongo-register-express.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/mongo-register-express/templates/tests/test-connection.yaml b/helm/capif/charts/mongo-register-express/templates/tests/test-connection.yaml new file mode 100644 index 0000000..240abe3 --- /dev/null +++ b/helm/capif/charts/mongo-register-express/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "mongo-register-express.fullname" . }}-test-connection" + labels: + {{- include "mongo-register-express.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "mongo-register-express.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/mongo-register-express/values.yaml b/helm/capif/charts/mongo-register-express/values.yaml new file mode 100644 index 0000000..d36bf6c --- /dev/null +++ b/helm/capif/charts/mongo-register-express/values.yaml @@ -0,0 +1,113 @@ +# Default values for mongo-register-express. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: mongo-express + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "1.0.0-alpha.4" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + meConfigMongodbAdminusername: root + meConfigMongodbAdminpassword: example + meConfigMongodbUrl: mongodb://root:example@mongo-register:27017/ + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8082 + targetPort: 8081 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8081 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: [] +# - name: foo +# secret: +# secretName: mysecret +# optional: false + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: [] +# - name: foo +# mountPath: "/etc/foo" +# readOnly: true + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/mongo-register/.helmignore b/helm/capif/charts/mongo-register/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/capif/charts/mongo-register/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/mongo-register/Chart.yaml b/helm/capif/charts/mongo-register/Chart.yaml new file mode 100644 index 0000000..08a4264 --- /dev/null +++ b/helm/capif/charts/mongo-register/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: mongo-register +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/mongo-register/templates/NOTES.txt b/helm/capif/charts/mongo-register/templates/NOTES.txt new file mode 100644 index 0000000..4cbdf59 --- /dev/null +++ b/helm/capif/charts/mongo-register/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "mongo-register.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "mongo-register.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "mongo-register.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "mongo-register.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/mongo-register/templates/_helpers.tpl b/helm/capif/charts/mongo-register/templates/_helpers.tpl new file mode 100644 index 0000000..8ade944 --- /dev/null +++ b/helm/capif/charts/mongo-register/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "mongo-register.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "mongo-register.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "mongo-register.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "mongo-register.labels" -}} +helm.sh/chart: {{ include "mongo-register.chart" . }} +{{ include "mongo-register.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "mongo-register.selectorLabels" -}} +app.kubernetes.io/name: {{ include "mongo-register.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "mongo-register.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "mongo-register.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/charts/mongo-register/templates/deployment.yaml b/helm/capif/charts/mongo-register/templates/deployment.yaml new file mode 100644 index 0000000..442eee6 --- /dev/null +++ b/helm/capif/charts/mongo-register/templates/deployment.yaml @@ -0,0 +1,73 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "mongo-register.fullname" . }} + labels: + {{- include "mongo-register.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + strategy: + type: Recreate + selector: + matchLabels: + {{- include "mongo-register.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + labels: + {{- include "mongo-register.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "mongo-register.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: MONGO_INITDB_ROOT_PASSWORD + value: {{ quote .Values.env.mongoInitdbRootPassword }} + - name: MONGO_INITDB_ROOT_USERNAME + value: {{ quote .Values.env.mongoInitdbRootUsername }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/mongo-register/templates/hpa.yaml b/helm/capif/charts/mongo-register/templates/hpa.yaml new file mode 100644 index 0000000..7dd1b59 --- /dev/null +++ b/helm/capif/charts/mongo-register/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "mongo-register.fullname" . }} + labels: + {{- include "mongo-register.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "mongo-register.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/mongo-register/templates/ingress.yaml b/helm/capif/charts/mongo-register/templates/ingress.yaml new file mode 100644 index 0000000..d4897ec --- /dev/null +++ b/helm/capif/charts/mongo-register/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "mongo-register.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "mongo-register.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/mongo-register/templates/pvc.yaml b/helm/capif/charts/mongo-register/templates/pvc.yaml new file mode 100644 index 0000000..13f1733 --- /dev/null +++ b/helm/capif/charts/mongo-register/templates/pvc.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + {{- include "mongo-register.labels" . | nindent 8 }} + name: mongo-register-pvc +spec: + storageClassName: {{ .Values.persistence.storageClass }} + accessModes: + - ReadWriteMany + resources: + requests: + storage: {{ .Values.persistence.storage }} \ No newline at end of file diff --git a/helm/capif/charts/mongo-register/templates/service.yaml b/helm/capif/charts/mongo-register/templates/service.yaml new file mode 100644 index 0000000..46ea110 --- /dev/null +++ b/helm/capif/charts/mongo-register/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: mongo-register + labels: + {{- include "mongo-register.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "mongo-register.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/mongo-register/templates/serviceaccount.yaml b/helm/capif/charts/mongo-register/templates/serviceaccount.yaml new file mode 100644 index 0000000..56e94e6 --- /dev/null +++ b/helm/capif/charts/mongo-register/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "mongo-register.serviceAccountName" . }} + labels: + {{- include "mongo-register.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/mongo-register/templates/tests/test-connection.yaml b/helm/capif/charts/mongo-register/templates/tests/test-connection.yaml new file mode 100644 index 0000000..4d0e00a --- /dev/null +++ b/helm/capif/charts/mongo-register/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "mongo-register.fullname" . }}-test-connection" + labels: + {{- include "mongo-register.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['mongo-register:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/mongo-register/values.yaml b/helm/capif/charts/mongo-register/values.yaml new file mode 100644 index 0000000..dcb783f --- /dev/null +++ b/helm/capif/charts/mongo-register/values.yaml @@ -0,0 +1,113 @@ +# Default values for mongo-register. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: mongo + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "6.0.2" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + mongoInitdbRootPassword: example + mongoInitdbRootUsername: root + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + runAsUser: 999 + +service: + type: ClusterIP + port: 27017 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 27017 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +persistence: + storage: 8Gi + storageClass: nfs-01 + +# Additional volumes on the output Deployment definition. +volumes: + - name: mongo-register-pvc + persistentVolumeClaim: + claimName: mongo-register-pvc + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: mongo-register-pvc + mountPath: /data/db + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/mongo/.helmignore b/helm/capif/charts/mongo/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/capif/charts/mongo/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/helper/Chart.yaml b/helm/capif/charts/mongo/Chart.yaml similarity index 98% rename from helm/capif/charts/helper/Chart.yaml rename to helm/capif/charts/mongo/Chart.yaml index 4ddfbf3..638bb45 100644 --- a/helm/capif/charts/helper/Chart.yaml +++ b/helm/capif/charts/mongo/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -name: helper +name: mongo description: A Helm chart for Kubernetes # A chart can be either an 'application' or a 'library' chart. diff --git a/helm/capif/charts/helper/templates/NOTES.txt b/helm/capif/charts/mongo/templates/NOTES.txt similarity index 77% rename from helm/capif/charts/helper/templates/NOTES.txt rename to helm/capif/charts/mongo/templates/NOTES.txt index f8f6f77..1fcc593 100644 --- a/helm/capif/charts/helper/templates/NOTES.txt +++ b/helm/capif/charts/mongo/templates/NOTES.txt @@ -6,16 +6,16 @@ {{- end }} {{- end }} {{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "helper.fullname" . }}) + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "mongo.fullname" . }}) export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") echo http://$NODE_IP:$NODE_PORT {{- else if contains "LoadBalancer" .Values.service.type }} NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "helper.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "helper.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "mongo.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "mongo.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") echo http://$SERVICE_IP:{{ .Values.service.port }} {{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "helper.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "mongo.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") echo "Visit http://127.0.0.1:8080 to use your application" kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT diff --git a/helm/capif/charts/helper/templates/_helpers.tpl b/helm/capif/charts/mongo/templates/_helpers.tpl similarity index 76% rename from helm/capif/charts/helper/templates/_helpers.tpl rename to helm/capif/charts/mongo/templates/_helpers.tpl index f4a197b..cce4e1b 100644 --- a/helm/capif/charts/helper/templates/_helpers.tpl +++ b/helm/capif/charts/mongo/templates/_helpers.tpl @@ -1,7 +1,7 @@ {{/* Expand the name of the chart. */}} -{{- define "helper.name" -}} +{{- define "mongo.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} {{- end }} @@ -10,7 +10,7 @@ Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). If release name contains chart name it will be used as a full name. */}} -{{- define "helper.fullname" -}} +{{- define "mongo.fullname" -}} {{- if .Values.fullnameOverride }} {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} {{- else }} @@ -26,16 +26,16 @@ If release name contains chart name it will be used as a full name. {{/* Create chart name and version as used by the chart label. */}} -{{- define "helper.chart" -}} +{{- define "mongo.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} {{- end }} {{/* Common labels */}} -{{- define "helper.labels" -}} -helm.sh/chart: {{ include "helper.chart" . }} -{{ include "helper.selectorLabels" . }} +{{- define "mongo.labels" -}} +helm.sh/chart: {{ include "mongo.chart" . }} +{{ include "mongo.selectorLabels" . }} {{- if .Chart.AppVersion }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end }} @@ -45,17 +45,17 @@ app.kubernetes.io/managed-by: {{ .Release.Service }} {{/* Selector labels */}} -{{- define "helper.selectorLabels" -}} -app.kubernetes.io/name: {{ include "helper.name" . }} +{{- define "mongo.selectorLabels" -}} +app.kubernetes.io/name: {{ include "mongo.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} {{/* Create the name of the service account to use */}} -{{- define "helper.serviceAccountName" -}} +{{- define "mongo.serviceAccountName" -}} {{- if .Values.serviceAccount.create }} -{{- default (include "helper.fullname" .) .Values.serviceAccount.name }} +{{- default (include "mongo.fullname" .) .Values.serviceAccount.name }} {{- else }} {{- default "default" .Values.serviceAccount.name }} {{- end }} diff --git a/helm/capif/charts/mongo/templates/deployment.yaml b/helm/capif/charts/mongo/templates/deployment.yaml new file mode 100644 index 0000000..80cedad --- /dev/null +++ b/helm/capif/charts/mongo/templates/deployment.yaml @@ -0,0 +1,83 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "mongo.fullname" . }} + labels: + {{- include "mongo.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + strategy: + type: Recreate + selector: + matchLabels: + {{- include "mongo.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + labels: + {{- include "mongo.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "mongo.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: MONGO_INITDB_ROOT_PASSWORD + value: {{ quote .Values.env.mongoInitdbRootPassword }} + - name: MONGO_INITDB_ROOT_USERNAME + value: {{ quote .Values.env.mongoInitdbRootUsername }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + - name: mongo-helper + image: busybox + command: + - sh + - -c + - while true ; do echo alive ; sleep 10 ; done + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/helper/templates/hpa.yaml b/helm/capif/charts/mongo/templates/hpa.yaml similarity index 86% rename from helm/capif/charts/helper/templates/hpa.yaml rename to helm/capif/charts/mongo/templates/hpa.yaml index 046148d..ae64b40 100644 --- a/helm/capif/charts/helper/templates/hpa.yaml +++ b/helm/capif/charts/mongo/templates/hpa.yaml @@ -2,14 +2,14 @@ apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: - name: {{ include "helper.fullname" . }} + name: {{ include "mongo.fullname" . }} labels: - {{- include "helper.labels" . | nindent 4 }} + {{- include "mongo.labels" . | nindent 4 }} spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment - name: {{ include "helper.fullname" . }} + name: {{ include "mongo.fullname" . }} minReplicas: {{ .Values.autoscaling.minReplicas }} maxReplicas: {{ .Values.autoscaling.maxReplicas }} metrics: diff --git a/helm/capif/charts/helper/templates/ingress.yaml b/helm/capif/charts/mongo/templates/ingress.yaml similarity index 95% rename from helm/capif/charts/helper/templates/ingress.yaml rename to helm/capif/charts/mongo/templates/ingress.yaml index b3817bf..b173c90 100644 --- a/helm/capif/charts/helper/templates/ingress.yaml +++ b/helm/capif/charts/mongo/templates/ingress.yaml @@ -1,5 +1,5 @@ {{- if .Values.ingress.enabled -}} -{{- $fullName := include "helper.fullname" . -}} +{{- $fullName := include "mongo.fullname" . -}} {{- $svcPort := .Values.service.port -}} {{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} @@ -17,7 +17,7 @@ kind: Ingress metadata: name: {{ $fullName }} labels: - {{- include "helper.labels" . | nindent 4 }} + {{- include "mongo.labels" . | nindent 4 }} {{- with .Values.ingress.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/helm/capif/charts/mongo/templates/pvc.yaml b/helm/capif/charts/mongo/templates/pvc.yaml new file mode 100644 index 0000000..c0ceafd --- /dev/null +++ b/helm/capif/charts/mongo/templates/pvc.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + {{- include "mongo.labels" . | nindent 8 }} + name: mongo-pvc +spec: + storageClassName: {{ .Values.persistence.storageClass }} + accessModes: + - ReadWriteMany + resources: + requests: + storage: {{ .Values.persistence.storage }} \ No newline at end of file diff --git a/helm/capif/charts/mongo/templates/service.yaml b/helm/capif/charts/mongo/templates/service.yaml new file mode 100644 index 0000000..be5b5f4 --- /dev/null +++ b/helm/capif/charts/mongo/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: mongo + labels: + {{- include "mongo.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "mongo.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/helper/templates/serviceaccount.yaml b/helm/capif/charts/mongo/templates/serviceaccount.yaml similarity index 73% rename from helm/capif/charts/helper/templates/serviceaccount.yaml rename to helm/capif/charts/mongo/templates/serviceaccount.yaml index e0e6d79..95b6769 100644 --- a/helm/capif/charts/helper/templates/serviceaccount.yaml +++ b/helm/capif/charts/mongo/templates/serviceaccount.yaml @@ -2,9 +2,9 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ include "helper.serviceAccountName" . }} + name: {{ include "mongo.serviceAccountName" . }} labels: - {{- include "helper.labels" . | nindent 4 }} + {{- include "mongo.labels" . | nindent 4 }} {{- with .Values.serviceAccount.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/helm/capif/charts/mongo/templates/tests/test-connection.yaml b/helm/capif/charts/mongo/templates/tests/test-connection.yaml new file mode 100644 index 0000000..4cf0b7f --- /dev/null +++ b/helm/capif/charts/mongo/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "mongo.fullname" . }}-test-connection" + labels: + {{- include "mongo.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['mongo:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/mongo/values.yaml b/helm/capif/charts/mongo/values.yaml new file mode 100644 index 0000000..53b8cf5 --- /dev/null +++ b/helm/capif/charts/mongo/values.yaml @@ -0,0 +1,116 @@ +# Default values for mongo. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: mongo + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "6.0.2" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + mongoInitdbRootPassword: example + mongoInitdbRootUsername: root + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + runAsUser: 999 + +service: + type: ClusterIP + port: 27017 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +livenessProbe: + tcpSocket: + port: 27017 + initialDelaySeconds: 20 + periodSeconds: 5 + +readinessProbe: + tcpSocket: + port: 27017 +# initialDelaySeconds: 5 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +persistence: + storage: 8Gi + storageClass: nfs-01 + +# Additional volumes on the output Deployment definition. +volumes: + - name: mongo-pvc + persistentVolumeClaim: + claimName: mongo-pvc + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: mongo-pvc + mountPath: /data/db + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/nginx/.helmignore b/helm/capif/charts/nginx/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/capif/charts/nginx/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/nginx/Chart.yaml b/helm/capif/charts/nginx/Chart.yaml new file mode 100644 index 0000000..3464a39 --- /dev/null +++ b/helm/capif/charts/nginx/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: nginx +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/nginx/templates/NOTES.txt b/helm/capif/charts/nginx/templates/NOTES.txt new file mode 100644 index 0000000..918bb64 --- /dev/null +++ b/helm/capif/charts/nginx/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "nginx.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "nginx.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "nginx.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "nginx.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/nginx/templates/_helpers.tpl b/helm/capif/charts/nginx/templates/_helpers.tpl new file mode 100644 index 0000000..ad9f432 --- /dev/null +++ b/helm/capif/charts/nginx/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "nginx.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "nginx.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "nginx.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "nginx.labels" -}} +helm.sh/chart: {{ include "nginx.chart" . }} +{{ include "nginx.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "nginx.selectorLabels" -}} +app.kubernetes.io/name: {{ include "nginx.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "nginx.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "nginx.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/charts/nginx/templates/deployment.yaml b/helm/capif/charts/nginx/templates/deployment.yaml new file mode 100644 index 0000000..a5cd26c --- /dev/null +++ b/helm/capif/charts/nginx/templates/deployment.yaml @@ -0,0 +1,76 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "nginx.fullname" . }} + labels: + {{- include "nginx.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "nginx.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + labels: + {{- include "nginx.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "nginx.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + {{- range .Values.services }} + - name: {{ .name }} + containerPort: {{ .port }} + {{- end }} + env: + - name: CAPIF_HOSTNAME + value: {{ quote .Values.env.capifHostname }} + - name: VAULT_HOSTNAME + value: {{ quote .Values.env.vaultHostname }} + - name: VAULT_PORT + value: {{ quote .Values.env.vaultPort }} + - name: VAULT_ACCESS_TOKEN + value: {{ quote .Values.env.vaultAccessToken }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/nginx/templates/hpa.yaml b/helm/capif/charts/nginx/templates/hpa.yaml new file mode 100644 index 0000000..b664f71 --- /dev/null +++ b/helm/capif/charts/nginx/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "nginx.fullname" . }} + labels: + {{- include "nginx.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "nginx.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/nginx/templates/ingress-route.yaml b/helm/capif/charts/nginx/templates/ingress-route.yaml new file mode 100644 index 0000000..5fec096 --- /dev/null +++ b/helm/capif/charts/nginx/templates/ingress-route.yaml @@ -0,0 +1,25 @@ +{{- if eq .Values.ingress.className "IngressRoute" }} +{{- $fullName := include "nginx.fullname" . -}} +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + name: {{ $fullName }}-route +spec: + entryPoints: [web] + routes: + - kind: Rule + {{- range .Values.ingress.hosts }} + match: Host(`{{ .host | quote }} && Path(`/ca-root`, `/sign-csr`, `/certdata`, `/register`, `/testdata`, `/getauth`, `/test`)`) + services: + - kind: Service + name: nginx + port: 8080 + scheme: http + - kind: Service + name: nginx + port: 443 + tls: + passthrough: true + {{- end }} +{{- end }} \ No newline at end of file diff --git a/helm/capif/charts/nginx/templates/ingress.yaml b/helm/capif/charts/nginx/templates/ingress.yaml new file mode 100644 index 0000000..82f373e --- /dev/null +++ b/helm/capif/charts/nginx/templates/ingress.yaml @@ -0,0 +1,59 @@ +{{- if .Values.ingress.enabled -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: nginx-ingress + labels: + {{- include "nginx.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: nginx + port: + number: 443 + {{- else }} + serviceName: nginx + servicePort: 443 + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/nginx/templates/service.yaml b/helm/capif/charts/nginx/templates/service.yaml new file mode 100644 index 0000000..6482161 --- /dev/null +++ b/helm/capif/charts/nginx/templates/service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + name: nginx + labels: + {{- include "nginx.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + {{- range .Values.service.ports }} + - name: {{ .name }} + port: {{ .port }} + targetPort: {{ .targetPort }} + {{- end }} + selector: + {{- include "nginx.selectorLabels" . | nindent 4 }} \ No newline at end of file diff --git a/helm/capif/charts/nginx/templates/serviceaccount.yaml b/helm/capif/charts/nginx/templates/serviceaccount.yaml new file mode 100644 index 0000000..02c08bb --- /dev/null +++ b/helm/capif/charts/nginx/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "nginx.serviceAccountName" . }} + labels: + {{- include "nginx.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/nginx/templates/tests/test-connection.yaml b/helm/capif/charts/nginx/templates/tests/test-connection.yaml new file mode 100644 index 0000000..bdbc141 --- /dev/null +++ b/helm/capif/charts/nginx/templates/tests/test-connection.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "test-connection" + labels: + {{- include "nginx.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + {{- range .Values.service.ports }} + - name: wget-{{ .name }} + image: busybox + command: ['wget'] + args: ['nginx:{{ .port }}'] + {{- end }} + restartPolicy: Never diff --git a/helm/capif/charts/nginx/values.yaml b/helm/capif/charts/nginx/values.yaml new file mode 100644 index 0000000..e3ba001 --- /dev/null +++ b/helm/capif/charts/nginx/values.yaml @@ -0,0 +1,122 @@ +# Default values for nginx. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: nginx + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + capifHostname: my-capif.apps.ocp-epg.hi.inet + vaultHostname: vault-internal.mon.svc.cluster.local + vaultPort: 8200 + vaultAccessToken: dev-only-token + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + ports: + - name: "http" + port: 8080 + targetPort: 8080 + - name: "https" + port: 443 + targetPort: 443 + type: ClusterIP + + +ingress: + enabled: true + className: nginx + annotations: + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + nginx.ingress.kubernetes.io/ssl-passthrough: "true" + nginx.ingress.kubernetes.io/ssl-redirect: "true" + hosts: + - host: nginx-example.local + paths: + - path: / + pathType: Prefix + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: + tcpSocket: + port: 8080 + initialDelaySeconds: 20 + periodSeconds: 5 +readinessProbe: +# httpGet: +# path: / +# port: http + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: [] +# - name: foo +# secret: +# secretName: mysecret +# optional: false + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: [] +# - name: foo +# mountPath: "/etc/foo" +# readOnly: true + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/ocf-access-control-policy/.helmignore b/helm/capif/charts/ocf-access-control-policy/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/capif/charts/ocf-access-control-policy/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-access-control-policy/Chart.yaml b/helm/capif/charts/ocf-access-control-policy/Chart.yaml new file mode 100644 index 0000000..bed9447 --- /dev/null +++ b/helm/capif/charts/ocf-access-control-policy/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-access-control-policy +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-access-control-policy/templates/NOTES.txt b/helm/capif/charts/ocf-access-control-policy/templates/NOTES.txt new file mode 100644 index 0000000..9928abe --- /dev/null +++ b/helm/capif/charts/ocf-access-control-policy/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-access-control-policy.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-access-control-policy.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-access-control-policy.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-access-control-policy.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-access-control-policy/templates/_helpers.tpl b/helm/capif/charts/ocf-access-control-policy/templates/_helpers.tpl new file mode 100644 index 0000000..d446320 --- /dev/null +++ b/helm/capif/charts/ocf-access-control-policy/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-access-control-policy.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-access-control-policy.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-access-control-policy.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-access-control-policy.labels" -}} +helm.sh/chart: {{ include "ocf-access-control-policy.chart" . }} +{{ include "ocf-access-control-policy.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-access-control-policy.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-access-control-policy.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-access-control-policy.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-access-control-policy.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/charts/access-control-policy/templates/deployment.yaml b/helm/capif/charts/ocf-access-control-policy/templates/deployment.yaml similarity index 84% rename from helm/capif/charts/access-control-policy/templates/deployment.yaml rename to helm/capif/charts/ocf-access-control-policy/templates/deployment.yaml index 2e4d15f..3a8000f 100644 --- a/helm/capif/charts/access-control-policy/templates/deployment.yaml +++ b/helm/capif/charts/ocf-access-control-policy/templates/deployment.yaml @@ -1,22 +1,22 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ include "access-control-policy.fullname" . }} + name: {{ include "ocf-access-control-policy.fullname" . }} labels: - {{- include "access-control-policy.labels" . | nindent 4 }} + {{- include "ocf-access-control-policy.labels" . | nindent 4 }} spec: {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} {{- end }} selector: matchLabels: - {{- include "access-control-policy.selectorLabels" . | nindent 6 }} + {{- include "ocf-access-control-policy.selectorLabels" . | nindent 6 }} template: metadata: annotations: date: "{{ now | unixEpoch }}" labels: - {{- include "access-control-policy.labels" . | nindent 8 }} + {{- include "ocf-access-control-policy.labels" . | nindent 8 }} {{- with .Values.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} @@ -25,7 +25,7 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - serviceAccountName: {{ include "access-control-policy.serviceAccountName" . }} + serviceAccountName: {{ include "ocf-access-control-policy.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: diff --git a/helm/capif/charts/ocf-access-control-policy/templates/hpa.yaml b/helm/capif/charts/ocf-access-control-policy/templates/hpa.yaml new file mode 100644 index 0000000..3e5774e --- /dev/null +++ b/helm/capif/charts/ocf-access-control-policy/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-access-control-policy.fullname" . }} + labels: + {{- include "ocf-access-control-policy.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-access-control-policy.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-access-control-policy/templates/ingress.yaml b/helm/capif/charts/ocf-access-control-policy/templates/ingress.yaml new file mode 100644 index 0000000..7aa1dc7 --- /dev/null +++ b/helm/capif/charts/ocf-access-control-policy/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-access-control-policy.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-access-control-policy.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/access-control-policy/templates/service.yaml b/helm/capif/charts/ocf-access-control-policy/templates/service.yaml similarity index 62% rename from helm/capif/charts/access-control-policy/templates/service.yaml rename to helm/capif/charts/ocf-access-control-policy/templates/service.yaml index c10293a..16616bd 100644 --- a/helm/capif/charts/access-control-policy/templates/service.yaml +++ b/helm/capif/charts/ocf-access-control-policy/templates/service.yaml @@ -3,7 +3,7 @@ kind: Service metadata: name: access-control-policy labels: - {{- include "access-control-policy.labels" . | nindent 4 }} + {{- include "ocf-access-control-policy.labels" . | nindent 4 }} spec: type: {{ .Values.service.type }} ports: @@ -12,4 +12,4 @@ spec: protocol: TCP name: http selector: - {{- include "access-control-policy.selectorLabels" . | nindent 4 }} + {{- include "ocf-access-control-policy.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-access-control-policy/templates/serviceaccount.yaml b/helm/capif/charts/ocf-access-control-policy/templates/serviceaccount.yaml new file mode 100644 index 0000000..0f513f2 --- /dev/null +++ b/helm/capif/charts/ocf-access-control-policy/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-access-control-policy.serviceAccountName" . }} + labels: + {{- include "ocf-access-control-policy.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-access-control-policy/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-access-control-policy/templates/tests/test-connection.yaml new file mode 100644 index 0000000..b19566f --- /dev/null +++ b/helm/capif/charts/ocf-access-control-policy/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-access-control-policy.fullname" . }}-test-connection" + labels: + {{- include "ocf-access-control-policy.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['access-control-policy:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/access-control-policy/values.yaml b/helm/capif/charts/ocf-access-control-policy/values.yaml similarity index 96% rename from helm/capif/charts/access-control-policy/values.yaml rename to helm/capif/charts/ocf-access-control-policy/values.yaml index 61aba34..2912e09 100644 --- a/helm/capif/charts/access-control-policy/values.yaml +++ b/helm/capif/charts/ocf-access-control-policy/values.yaml @@ -1,11 +1,11 @@ -# Default values for access-control-policy. +# Default values for ocf-access-control-policy. # This is a YAML-formatted file. # Declare variables to be passed into your templates. replicaCount: 1 image: - repository: access-control-policy + repository: ocf-access-control-policy pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. tag: "" diff --git a/helm/capif/charts/ocf-api-invocation-logs/.helmignore b/helm/capif/charts/ocf-api-invocation-logs/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-api-invocation-logs/Chart.yaml b/helm/capif/charts/ocf-api-invocation-logs/Chart.yaml new file mode 100644 index 0000000..d735b16 --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-api-invocation-logs +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-api-invocation-logs/templates/NOTES.txt b/helm/capif/charts/ocf-api-invocation-logs/templates/NOTES.txt new file mode 100644 index 0000000..8c7da80 --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-api-invocation-logs.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-api-invocation-logs.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-api-invocation-logs.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-api-invocation-logs.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-api-invocation-logs/templates/_helpers.tpl b/helm/capif/charts/ocf-api-invocation-logs/templates/_helpers.tpl new file mode 100644 index 0000000..f2a83cf --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-api-invocation-logs.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-api-invocation-logs.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-api-invocation-logs.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-api-invocation-logs.labels" -}} +helm.sh/chart: {{ include "ocf-api-invocation-logs.chart" . }} +{{ include "ocf-api-invocation-logs.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-api-invocation-logs.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-api-invocation-logs.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-api-invocation-logs.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-api-invocation-logs.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/templates/capif-invocation-configmap.yaml b/helm/capif/charts/ocf-api-invocation-logs/templates/configmap.yaml similarity index 83% rename from helm/capif/templates/capif-invocation-configmap.yaml rename to helm/capif/charts/ocf-api-invocation-logs/templates/configmap.yaml index 68fc1f1..bd13f9f 100644 --- a/helm/capif/templates/capif-invocation-configmap.yaml +++ b/helm/capif/charts/ocf-api-invocation-logs/templates/configmap.yaml @@ -5,8 +5,8 @@ metadata: data: config.yaml: | mongo: { - 'user': '{{ .Values.mongo.mongo.env.mongoInitdbRootUsername }}', - 'password': '{{ .Values.mongo.mongo.env.mongoInitdbRootPassword }}', + 'user': '{{ .Values.env.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoInitdbRootPassword }}', 'db': 'capif', 'logs_col': 'invocationlogs', 'invoker_col': 'invokerdetails', diff --git a/helm/capif/charts/ocf-api-invocation-logs/templates/deployment.yaml b/helm/capif/charts/ocf-api-invocation-logs/templates/deployment.yaml new file mode 100644 index 0000000..fc3ce11 --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/templates/deployment.yaml @@ -0,0 +1,78 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ocf-api-invocation-logs.fullname" . }} + labels: + {{- include "ocf-api-invocation-logs.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ocf-api-invocation-logs.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + {{- include "ocf-api-invocation-logs.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ocf-api-invocation-logs.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: CAPIF_HOSTNAME + value: {{ quote .Values.env.capifHostname }} + - name: MONITORING + value: {{ quote .Values.env.monitoring }} + - name: VAULT_HOSTNAME + value: {{ quote .Values.env.vaultHostname }} + - name: VAULT_PORT + value: {{ quote .Values.env.vaultPort }} + - name: VAULT_ACCESS_TOKEN + value: {{ quote .Values.env.vaultAccessToken }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/ocf-api-invocation-logs/templates/hpa.yaml b/helm/capif/charts/ocf-api-invocation-logs/templates/hpa.yaml new file mode 100644 index 0000000..71df2ef --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-api-invocation-logs.fullname" . }} + labels: + {{- include "ocf-api-invocation-logs.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-api-invocation-logs.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-api-invocation-logs/templates/ingress.yaml b/helm/capif/charts/ocf-api-invocation-logs/templates/ingress.yaml new file mode 100644 index 0000000..47f0f46 --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-api-invocation-logs.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-api-invocation-logs.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-api-invocation-logs/templates/service.yaml b/helm/capif/charts/ocf-api-invocation-logs/templates/service.yaml new file mode 100644 index 0000000..48614fd --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: api-invocation-logs + labels: + {{- include "ocf-api-invocation-logs.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ocf-api-invocation-logs.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-api-invocation-logs/templates/serviceaccount.yaml b/helm/capif/charts/ocf-api-invocation-logs/templates/serviceaccount.yaml new file mode 100644 index 0000000..c08cfed --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-api-invocation-logs.serviceAccountName" . }} + labels: + {{- include "ocf-api-invocation-logs.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-api-invocation-logs/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-api-invocation-logs/templates/tests/test-connection.yaml new file mode 100644 index 0000000..3c3098b --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-api-invocation-logs.fullname" . }}-test-connection" + labels: + {{- include "ocf-api-invocation-logs.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['api-invocation-logs:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/ocf-api-invocation-logs/values.yaml b/helm/capif/charts/ocf-api-invocation-logs/values.yaml new file mode 100644 index 0000000..4c4431b --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/values.yaml @@ -0,0 +1,119 @@ +# Default values for ocf-api-invocation-logs. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: ocf-api-invocation-logs-api + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + monitoring: "true" + capifHostname: capif + vaultHostname: vault + vaultPort: 8200 + vaultAccessToken: dev-only-token + mongoInitdbRootUsername: root + mongoInitdbRootPassword: example + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + initialDelaySeconds: 10 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: + - name: capif-invocation-config + configMap: + name: capif-invocation-configmap + items: + - key: "config.yaml" + path: "config.yaml" + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: capif-invocation-config + mountPath: /usr/src/app/config.yaml + subPath: config.yaml + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/ocf-api-invoker-management/.helmignore b/helm/capif/charts/ocf-api-invoker-management/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-api-invoker-management/Chart.yaml b/helm/capif/charts/ocf-api-invoker-management/Chart.yaml new file mode 100644 index 0000000..2a9ef72 --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-api-invoker-management +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-api-invoker-management/templates/NOTES.txt b/helm/capif/charts/ocf-api-invoker-management/templates/NOTES.txt new file mode 100644 index 0000000..cfccd3a --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-api-invoker-management.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-api-invoker-management.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-api-invoker-management.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-api-invoker-management.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-api-invoker-management/templates/_helpers.tpl b/helm/capif/charts/ocf-api-invoker-management/templates/_helpers.tpl new file mode 100644 index 0000000..35e9994 --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-api-invoker-management.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-api-invoker-management.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-api-invoker-management.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-api-invoker-management.labels" -}} +helm.sh/chart: {{ include "ocf-api-invoker-management.chart" . }} +{{ include "ocf-api-invoker-management.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-api-invoker-management.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-api-invoker-management.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-api-invoker-management.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-api-invoker-management.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/templates/capif-invoker-configmap.yaml b/helm/capif/charts/ocf-api-invoker-management/templates/configmap.yaml similarity index 61% rename from helm/capif/templates/capif-invoker-configmap.yaml rename to helm/capif/charts/ocf-api-invoker-management/templates/configmap.yaml index 32bab3c..4d83c98 100644 --- a/helm/capif/templates/capif-invoker-configmap.yaml +++ b/helm/capif/charts/ocf-api-invoker-management/templates/configmap.yaml @@ -5,8 +5,8 @@ metadata: data: config.yaml: | mongo: { - 'user': '{{ .Values.mongo.mongo.env.mongoInitdbRootUsername }}', - 'password': '{{ .Values.mongo.mongo.env.mongoInitdbRootPassword }}', + 'user': '{{ .Values.env.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoInitdbRootPassword }}', 'db': 'capif', 'col': 'invokerdetails', 'capif_users_col': "user", @@ -16,17 +16,17 @@ data: 'port': "27017" } mongo_register: { - 'user': '{{ .Values.mongoRegister.mongo.env.mongoInitdbRootUsername }}', - 'password': '{{ .Values.mongoRegister.mongo.env.mongoInitdbRootPassword }}', + 'user': '{{ .Values.env.mongoRegister.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoRegister.mongoInitdbRootPassword }}', 'db': 'capif_users', 'col': 'user', 'host': 'mongo-register', 'port': '27017' } ca_factory: { - "url": {{ quote .Values.parametersVault.env.vaultHostname }}, - "port": {{ quote .Values.parametersVault.env.vaultPort }}, - "token": {{ quote .Values.parametersVault.env.vaultAccessToken }} + "url": {{ quote .Values.env.vaultHostname }}, + "port": {{ quote .Values.env.vaultPort }}, + "token": {{ quote .Values.env.vaultAccessToken }} } monitoring: { diff --git a/helm/capif/charts/ocf-api-invoker-management/templates/deployment.yaml b/helm/capif/charts/ocf-api-invoker-management/templates/deployment.yaml new file mode 100644 index 0000000..c4fd0c9 --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/templates/deployment.yaml @@ -0,0 +1,76 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ocf-api-invoker-management.fullname" . }} + labels: + {{- include "ocf-api-invoker-management.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ocf-api-invoker-management.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + {{- include "ocf-api-invoker-management.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ocf-api-invoker-management.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: MONITORING + value: {{ quote .Values.env.monitoring }} + - name: VAULT_HOSTNAME + value: {{ quote .Values.env.vaultHostname }} + - name: VAULT_PORT + value: {{ quote .Values.env.vaultPort }} + - name: VAULT_ACCESS_TOKEN + value: {{ quote .Values.env.vaultAccessToken }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/ocf-api-invoker-management/templates/hpa.yaml b/helm/capif/charts/ocf-api-invoker-management/templates/hpa.yaml new file mode 100644 index 0000000..44d58a7 --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-api-invoker-management.fullname" . }} + labels: + {{- include "ocf-api-invoker-management.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-api-invoker-management.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-api-invoker-management/templates/ingress.yaml b/helm/capif/charts/ocf-api-invoker-management/templates/ingress.yaml new file mode 100644 index 0000000..aee54f4 --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-api-invoker-management.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-api-invoker-management.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-api-invoker-management/templates/service.yaml b/helm/capif/charts/ocf-api-invoker-management/templates/service.yaml new file mode 100644 index 0000000..f62fb9b --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: api-invoker-management + labels: + {{- include "ocf-api-invoker-management.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ocf-api-invoker-management.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-api-invoker-management/templates/serviceaccount.yaml b/helm/capif/charts/ocf-api-invoker-management/templates/serviceaccount.yaml new file mode 100644 index 0000000..c328517 --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-api-invoker-management.serviceAccountName" . }} + labels: + {{- include "ocf-api-invoker-management.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-api-invoker-management/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-api-invoker-management/templates/tests/test-connection.yaml new file mode 100644 index 0000000..f194ec6 --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-api-invoker-management.fullname" . }}-test-connection" + labels: + {{- include "ocf-api-invoker-management.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['api-invoker-management:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/ocf-api-invoker-management/values.yaml b/helm/capif/charts/ocf-api-invoker-management/values.yaml new file mode 100644 index 0000000..a296a41 --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/values.yaml @@ -0,0 +1,119 @@ +# Default values for ocf-api-invoker-management. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: ocf-api-invoker-management-api + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + monitoring: "true" + vaultHostname: vault + vaultPort: 8200 + vaultAccessToken: dev-only-token + mongoInitdbRootUsername: root + mongoInitdbRootPassword: example + mongoRegister: + mongoInitdbRootUsername: root + mongoInitdbRootPassword: example + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: + - name: capif-invoker-config + configMap: + name: capif-invoker-configmap + items: + - key: "config.yaml" + path: "config.yaml" + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: capif-invoker-config + mountPath: /usr/src/app/config.yaml + subPath: config.yaml + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/ocf-api-provider-management/.helmignore b/helm/capif/charts/ocf-api-provider-management/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-api-provider-management/Chart.yaml b/helm/capif/charts/ocf-api-provider-management/Chart.yaml new file mode 100644 index 0000000..773f014 --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-api-provider-management +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-api-provider-management/templates/NOTES.txt b/helm/capif/charts/ocf-api-provider-management/templates/NOTES.txt new file mode 100644 index 0000000..d65d7c1 --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-api-provider-management.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-api-provider-management.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-api-provider-management.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-api-provider-management.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-api-provider-management/templates/_helpers.tpl b/helm/capif/charts/ocf-api-provider-management/templates/_helpers.tpl new file mode 100644 index 0000000..eb706b4 --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-api-provider-management.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-api-provider-management.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-api-provider-management.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-api-provider-management.labels" -}} +helm.sh/chart: {{ include "ocf-api-provider-management.chart" . }} +{{ include "ocf-api-provider-management.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-api-provider-management.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-api-provider-management.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-api-provider-management.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-api-provider-management.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/templates/capif-provider-configmap.yaml b/helm/capif/charts/ocf-api-provider-management/templates/configmap.yaml similarity index 60% rename from helm/capif/templates/capif-provider-configmap.yaml rename to helm/capif/charts/ocf-api-provider-management/templates/configmap.yaml index 28e530f..e59cfe1 100644 --- a/helm/capif/templates/capif-provider-configmap.yaml +++ b/helm/capif/charts/ocf-api-provider-management/templates/configmap.yaml @@ -5,8 +5,8 @@ metadata: data: config.yaml: | mongo: { - 'user': '{{ .Values.mongo.mongo.env.mongoInitdbRootUsername }}', - 'password': '{{ .Values.mongo.mongo.env.mongoInitdbRootPassword }}', + 'user': '{{ .Values.env.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoInitdbRootPassword }}', 'db': 'capif', 'col': 'providerenrolmentdetails', 'certs_col': "certs", @@ -15,17 +15,17 @@ data: 'port': "27017" } mongo_register: { - 'user': '{{ .Values.mongoRegister.mongo.env.mongoInitdbRootUsername }}', - 'password': '{{ .Values.mongoRegister.mongo.env.mongoInitdbRootPassword }}', + 'user': '{{ .Values.env.mongoRegister.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoRegister.mongoInitdbRootPassword }}', 'db': 'capif_users', 'col': 'user', 'host': 'mongo-register', 'port': '27017' } ca_factory: { - "url": {{ quote .Values.parametersVault.env.vaultHostname }}, - "port": {{ quote .Values.parametersVault.env.vaultPort }}, - "token": {{ quote .Values.parametersVault.env.vaultAccessToken }} + "url": {{ quote .Values.env.vaultHostname }}, + "port": {{ quote .Values.env.vaultPort }}, + "token": {{ quote .Values.env.vaultAccessToken }} } diff --git a/helm/capif/charts/ocf-api-provider-management/templates/deployment.yaml b/helm/capif/charts/ocf-api-provider-management/templates/deployment.yaml new file mode 100644 index 0000000..c5ff215 --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/templates/deployment.yaml @@ -0,0 +1,76 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ocf-api-provider-management.fullname" . }} + labels: + {{- include "ocf-api-provider-management.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ocf-api-provider-management.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + {{- include "ocf-api-provider-management.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ocf-api-provider-management.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: MONITORING + value: {{ quote .Values.env.monitoring }} + - name: VAULT_HOSTNAME + value: {{ quote .Values.env.vaultHostname }} + - name: VAULT_PORT + value: {{ quote .Values.env.vaultPort }} + - name: VAULT_ACCESS_TOKEN + value: {{ quote .Values.env.vaultAccessToken }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/ocf-api-provider-management/templates/hpa.yaml b/helm/capif/charts/ocf-api-provider-management/templates/hpa.yaml new file mode 100644 index 0000000..f3453cc --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-api-provider-management.fullname" . }} + labels: + {{- include "ocf-api-provider-management.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-api-provider-management.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-api-provider-management/templates/ingress.yaml b/helm/capif/charts/ocf-api-provider-management/templates/ingress.yaml new file mode 100644 index 0000000..2edad45 --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-api-provider-management.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-api-provider-management.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-api-provider-management/templates/service.yaml b/helm/capif/charts/ocf-api-provider-management/templates/service.yaml new file mode 100644 index 0000000..cf51d10 --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: api-provider-management + labels: + {{- include "ocf-api-provider-management.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ocf-api-provider-management.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-api-provider-management/templates/serviceaccount.yaml b/helm/capif/charts/ocf-api-provider-management/templates/serviceaccount.yaml new file mode 100644 index 0000000..39bbc5c --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-api-provider-management.serviceAccountName" . }} + labels: + {{- include "ocf-api-provider-management.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-api-provider-management/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-api-provider-management/templates/tests/test-connection.yaml new file mode 100644 index 0000000..c8ca529 --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-api-provider-management.fullname" . }}-test-connection" + labels: + {{- include "ocf-api-provider-management.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['api-provider-management:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/ocf-api-provider-management/values.yaml b/helm/capif/charts/ocf-api-provider-management/values.yaml new file mode 100644 index 0000000..019b214 --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/values.yaml @@ -0,0 +1,119 @@ +# Default values for ocf-api-provider-management. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: ocf-api-provider-management-api + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + monitoring: "true" + vaultHostname: vault + vaultPort: 8200 + vaultAccessToken: dev-only-token + mongoInitdbRootUsername: root + mongoInitdbRootPassword: example + mongoRegister: + mongoInitdbRootUsername: root + mongoInitdbRootPassword: example + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: + - name: capif-provider-config + configMap: + name: capif-provider-configmap + items: + - key: "config.yaml" + path: "config.yaml" + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: capif-provider-config + mountPath: /usr/src/app/config.yaml + subPath: config.yaml + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/ocf-auditing-api-logs/.helmignore b/helm/capif/charts/ocf-auditing-api-logs/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/capif/charts/ocf-auditing-api-logs/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-auditing-api-logs/Chart.yaml b/helm/capif/charts/ocf-auditing-api-logs/Chart.yaml new file mode 100644 index 0000000..dd3585c --- /dev/null +++ b/helm/capif/charts/ocf-auditing-api-logs/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-auditing-api-logs +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/templates/capif-logs-configmap.yaml b/helm/capif/charts/ocf-auditing-api-logs/configmap.yaml similarity index 80% rename from helm/capif/templates/capif-logs-configmap.yaml rename to helm/capif/charts/ocf-auditing-api-logs/configmap.yaml index 53cae6e..729d751 100644 --- a/helm/capif/templates/capif-logs-configmap.yaml +++ b/helm/capif/charts/ocf-auditing-api-logs/configmap.yaml @@ -5,8 +5,8 @@ metadata: data: config.yaml: | mongo: { - 'user': '{{ .Values.mongo.mongo.env.mongoInitdbRootUsername }}', - 'password': '{{ .Values.mongo.mongo.env.mongoInitdbRootPassword }}', + 'user': '{{ .Values.env.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoInitdbRootPassword }}', 'db': 'capif', 'logs_col': 'invocationlogs', 'capif_users_col': "user", diff --git a/helm/capif/charts/access-control-policy/templates/NOTES.txt b/helm/capif/charts/ocf-auditing-api-logs/templates/NOTES.txt similarity index 81% rename from helm/capif/charts/access-control-policy/templates/NOTES.txt rename to helm/capif/charts/ocf-auditing-api-logs/templates/NOTES.txt index 2c54f9d..639b668 100644 --- a/helm/capif/charts/access-control-policy/templates/NOTES.txt +++ b/helm/capif/charts/ocf-auditing-api-logs/templates/NOTES.txt @@ -6,16 +6,16 @@ {{- end }} {{- end }} {{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "access-control-policy.fullname" . }}) + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-auditing-api-logs.fullname" . }}) export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") echo http://$NODE_IP:$NODE_PORT {{- else if contains "LoadBalancer" .Values.service.type }} NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "access-control-policy.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "access-control-policy.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-auditing-api-logs.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-auditing-api-logs.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") echo http://$SERVICE_IP:{{ .Values.service.port }} {{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "access-control-policy.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-auditing-api-logs.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") echo "Visit http://127.0.0.1:8080 to use your application" kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT diff --git a/helm/capif/charts/access-control-policy/templates/_helpers.tpl b/helm/capif/charts/ocf-auditing-api-logs/templates/_helpers.tpl similarity index 71% rename from helm/capif/charts/access-control-policy/templates/_helpers.tpl rename to helm/capif/charts/ocf-auditing-api-logs/templates/_helpers.tpl index 4b87b90..6f69487 100644 --- a/helm/capif/charts/access-control-policy/templates/_helpers.tpl +++ b/helm/capif/charts/ocf-auditing-api-logs/templates/_helpers.tpl @@ -1,7 +1,7 @@ {{/* Expand the name of the chart. */}} -{{- define "access-control-policy.name" -}} +{{- define "ocf-auditing-api-logs.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} {{- end }} @@ -10,7 +10,7 @@ Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). If release name contains chart name it will be used as a full name. */}} -{{- define "access-control-policy.fullname" -}} +{{- define "ocf-auditing-api-logs.fullname" -}} {{- if .Values.fullnameOverride }} {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} {{- else }} @@ -26,16 +26,16 @@ If release name contains chart name it will be used as a full name. {{/* Create chart name and version as used by the chart label. */}} -{{- define "access-control-policy.chart" -}} +{{- define "ocf-auditing-api-logs.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} {{- end }} {{/* Common labels */}} -{{- define "access-control-policy.labels" -}} -helm.sh/chart: {{ include "access-control-policy.chart" . }} -{{ include "access-control-policy.selectorLabels" . }} +{{- define "ocf-auditing-api-logs.labels" -}} +helm.sh/chart: {{ include "ocf-auditing-api-logs.chart" . }} +{{ include "ocf-auditing-api-logs.selectorLabels" . }} {{- if .Chart.AppVersion }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end }} @@ -45,17 +45,17 @@ app.kubernetes.io/managed-by: {{ .Release.Service }} {{/* Selector labels */}} -{{- define "access-control-policy.selectorLabels" -}} -app.kubernetes.io/name: {{ include "access-control-policy.name" . }} +{{- define "ocf-auditing-api-logs.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-auditing-api-logs.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} {{/* Create the name of the service account to use */}} -{{- define "access-control-policy.serviceAccountName" -}} +{{- define "ocf-auditing-api-logs.serviceAccountName" -}} {{- if .Values.serviceAccount.create }} -{{- default (include "access-control-policy.fullname" .) .Values.serviceAccount.name }} +{{- default (include "ocf-auditing-api-logs.fullname" .) .Values.serviceAccount.name }} {{- else }} {{- default "default" .Values.serviceAccount.name }} {{- end }} diff --git a/helm/capif/charts/ocf-auditing-api-logs/templates/configmap.yaml b/helm/capif/charts/ocf-auditing-api-logs/templates/configmap.yaml new file mode 100644 index 0000000..729d751 --- /dev/null +++ b/helm/capif/charts/ocf-auditing-api-logs/templates/configmap.yaml @@ -0,0 +1,27 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: capif-logs-configmap +data: + config.yaml: | + mongo: { + 'user': '{{ .Values.env.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoInitdbRootPassword }}', + 'db': 'capif', + 'logs_col': 'invocationlogs', + 'capif_users_col': "user", + 'host': 'mongo', + 'port': "27017" + } + + monitoring: { + "fluent_bit_host": fluent-bit, + "fluent_bit_port": 24224, + "opentelemetry_url": "otel-collector", + "opentelemetry_port": "55680", + "opentelemetry_max_queue_size": 8192, + "opentelemetry_schedule_delay_millis": 20000, + "opentelemetry_max_export_batch_size": 2048, + "opentelemetry_export_timeout_millis": 60000 + } + diff --git a/helm/capif/charts/ocf-auditing-api-logs/templates/deployment.yaml b/helm/capif/charts/ocf-auditing-api-logs/templates/deployment.yaml new file mode 100644 index 0000000..62cbf03 --- /dev/null +++ b/helm/capif/charts/ocf-auditing-api-logs/templates/deployment.yaml @@ -0,0 +1,70 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ocf-auditing-api-logs.fullname" . }} + labels: + {{- include "ocf-auditing-api-logs.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ocf-auditing-api-logs.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + {{- include "ocf-auditing-api-logs.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ocf-auditing-api-logs.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: MONITORING + value: {{ quote .Values.env.monitoring }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/ocf-auditing-api-logs/templates/hpa.yaml b/helm/capif/charts/ocf-auditing-api-logs/templates/hpa.yaml new file mode 100644 index 0000000..4133851 --- /dev/null +++ b/helm/capif/charts/ocf-auditing-api-logs/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-auditing-api-logs.fullname" . }} + labels: + {{- include "ocf-auditing-api-logs.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-auditing-api-logs.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-auditing-api-logs/templates/ingress.yaml b/helm/capif/charts/ocf-auditing-api-logs/templates/ingress.yaml new file mode 100644 index 0000000..1a63f2f --- /dev/null +++ b/helm/capif/charts/ocf-auditing-api-logs/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-auditing-api-logs.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-auditing-api-logs.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-auditing-api-logs/templates/service.yaml b/helm/capif/charts/ocf-auditing-api-logs/templates/service.yaml new file mode 100644 index 0000000..cc0a685 --- /dev/null +++ b/helm/capif/charts/ocf-auditing-api-logs/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: logs + labels: + {{- include "ocf-auditing-api-logs.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ocf-auditing-api-logs.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/access-control-policy/templates/serviceaccount.yaml b/helm/capif/charts/ocf-auditing-api-logs/templates/serviceaccount.yaml similarity index 69% rename from helm/capif/charts/access-control-policy/templates/serviceaccount.yaml rename to helm/capif/charts/ocf-auditing-api-logs/templates/serviceaccount.yaml index fc12b54..7cc126f 100644 --- a/helm/capif/charts/access-control-policy/templates/serviceaccount.yaml +++ b/helm/capif/charts/ocf-auditing-api-logs/templates/serviceaccount.yaml @@ -2,9 +2,9 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ include "access-control-policy.serviceAccountName" . }} + name: {{ include "ocf-auditing-api-logs.serviceAccountName" . }} labels: - {{- include "access-control-policy.labels" . | nindent 4 }} + {{- include "ocf-auditing-api-logs.labels" . | nindent 4 }} {{- with .Values.serviceAccount.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/helm/capif/charts/ocf-auditing-api-logs/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-auditing-api-logs/templates/tests/test-connection.yaml new file mode 100644 index 0000000..ddd02e7 --- /dev/null +++ b/helm/capif/charts/ocf-auditing-api-logs/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-auditing-api-logs.fullname" . }}-test-connection" + labels: + {{- include "ocf-auditing-api-logs.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['logs:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/ocf-auditing-api-logs/values.yaml b/helm/capif/charts/ocf-auditing-api-logs/values.yaml new file mode 100644 index 0000000..41e3d1f --- /dev/null +++ b/helm/capif/charts/ocf-auditing-api-logs/values.yaml @@ -0,0 +1,115 @@ +# Default values for ocf-auditing-api-logs. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: auditing-api + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + monitoring: "true" + mongoInitdbRootUsername: root + mongoInitdbRootPassword: example + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + initialDelaySeconds: 5 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: + - name: capif-logs-config + configMap: + name: capif-logs-configmap + items: + - key: "config.yaml" + path: "config.yaml" + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: capif-logs-config + mountPath: /usr/src/app/config.yaml + subPath: config.yaml + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/ocf-discover-service-api/.helmignore b/helm/capif/charts/ocf-discover-service-api/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-discover-service-api/Chart.yaml b/helm/capif/charts/ocf-discover-service-api/Chart.yaml new file mode 100644 index 0000000..3bffbb8 --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-discover-service-api +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-discover-service-api/templates/NOTES.txt b/helm/capif/charts/ocf-discover-service-api/templates/NOTES.txt new file mode 100644 index 0000000..64d2230 --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-discover-service-api.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-discover-service-api.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-discover-service-api.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-discover-service-api.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-discover-service-api/templates/_helpers.tpl b/helm/capif/charts/ocf-discover-service-api/templates/_helpers.tpl new file mode 100644 index 0000000..2c42280 --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-discover-service-api.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-discover-service-api.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-discover-service-api.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-discover-service-api.labels" -}} +helm.sh/chart: {{ include "ocf-discover-service-api.chart" . }} +{{ include "ocf-discover-service-api.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-discover-service-api.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-discover-service-api.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-discover-service-api.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-discover-service-api.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/templates/capif-service-configmap.yaml b/helm/capif/charts/ocf-discover-service-api/templates/configmap.yaml similarity index 81% rename from helm/capif/templates/capif-service-configmap.yaml rename to helm/capif/charts/ocf-discover-service-api/templates/configmap.yaml index 1cd3d66..96d0c36 100644 --- a/helm/capif/templates/capif-service-configmap.yaml +++ b/helm/capif/charts/ocf-discover-service-api/templates/configmap.yaml @@ -5,8 +5,8 @@ metadata: data: config.yaml: | mongo: { - 'user': '{{ .Values.mongo.mongo.env.mongoInitdbRootUsername }}', - 'password': '{{ .Values.mongo.mongo.env.mongoInitdbRootPassword }}', + 'user': '{{ .Values.env.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoInitdbRootPassword }}', 'db': 'capif', 'col': 'serviceapidescriptions', 'invokers_col': 'invokerdetails', diff --git a/helm/capif/charts/ocf-discover-service-api/templates/deployment.yaml b/helm/capif/charts/ocf-discover-service-api/templates/deployment.yaml new file mode 100644 index 0000000..438b986 --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/templates/deployment.yaml @@ -0,0 +1,70 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ocf-discover-service-api.fullname" . }} + labels: + {{- include "ocf-discover-service-api.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ocf-discover-service-api.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + {{- include "ocf-discover-service-api.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ocf-discover-service-api.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: MONITORING + value: {{ quote .Values.env.monitoring }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/ocf-discover-service-api/templates/hpa.yaml b/helm/capif/charts/ocf-discover-service-api/templates/hpa.yaml new file mode 100644 index 0000000..bb4c301 --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-discover-service-api.fullname" . }} + labels: + {{- include "ocf-discover-service-api.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-discover-service-api.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-discover-service-api/templates/ingress.yaml b/helm/capif/charts/ocf-discover-service-api/templates/ingress.yaml new file mode 100644 index 0000000..b518729 --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-discover-service-api.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-discover-service-api.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-discover-service-api/templates/service.yaml b/helm/capif/charts/ocf-discover-service-api/templates/service.yaml new file mode 100644 index 0000000..fda46c3 --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: service-apis + labels: + {{- include "ocf-discover-service-api.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ocf-discover-service-api.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-discover-service-api/templates/serviceaccount.yaml b/helm/capif/charts/ocf-discover-service-api/templates/serviceaccount.yaml new file mode 100644 index 0000000..be78919 --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-discover-service-api.serviceAccountName" . }} + labels: + {{- include "ocf-discover-service-api.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-discover-service-api/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-discover-service-api/templates/tests/test-connection.yaml new file mode 100644 index 0000000..3551457 --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-discover-service-api.fullname" . }}-test-connection" + labels: + {{- include "ocf-discover-service-api.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['service-apis:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/ocf-discover-service-api/values.yaml b/helm/capif/charts/ocf-discover-service-api/values.yaml new file mode 100644 index 0000000..b69232d --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/values.yaml @@ -0,0 +1,116 @@ +# Default values for ocf-discover-service-api. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: discover-service-api + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + monitoring: "true" + mongoInitdbRootUsername: root + mongoInitdbRootPassword: example + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + initialDelaySeconds: 5 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: + - name: capif-service-config + configMap: + name: capif-service-configmap + items: + - key: "config.yaml" + path: "config.yaml" + + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: capif-service-config + mountPath: /usr/src/app/config.yaml + subPath: config.yaml + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/ocf-events/.helmignore b/helm/capif/charts/ocf-events/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/capif/charts/ocf-events/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-events/Chart.yaml b/helm/capif/charts/ocf-events/Chart.yaml new file mode 100644 index 0000000..9e9667f --- /dev/null +++ b/helm/capif/charts/ocf-events/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-events +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-events/templates/NOTES.txt b/helm/capif/charts/ocf-events/templates/NOTES.txt new file mode 100644 index 0000000..2fe0746 --- /dev/null +++ b/helm/capif/charts/ocf-events/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-events.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-events.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-events.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-events.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-events/templates/_helpers.tpl b/helm/capif/charts/ocf-events/templates/_helpers.tpl new file mode 100644 index 0000000..1c0caa6 --- /dev/null +++ b/helm/capif/charts/ocf-events/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-events.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-events.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-events.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-events.labels" -}} +helm.sh/chart: {{ include "ocf-events.chart" . }} +{{ include "ocf-events.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-events.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-events.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-events.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-events.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/templates/capif-events-configmap.yaml b/helm/capif/charts/ocf-events/templates/configmap.yaml similarity index 82% rename from helm/capif/templates/capif-events-configmap.yaml rename to helm/capif/charts/ocf-events/templates/configmap.yaml index ca31c23..a928cac 100644 --- a/helm/capif/templates/capif-events-configmap.yaml +++ b/helm/capif/charts/ocf-events/templates/configmap.yaml @@ -5,8 +5,8 @@ metadata: data: config.yaml: | mongo: { - 'user': '{{ .Values.mongo.mongo.env.mongoInitdbRootUsername }}', - 'password': '{{ .Values.mongo.mongo.env.mongoInitdbRootPassword }}', + 'user': '{{ .Values.env.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoInitdbRootPassword }}', 'db': 'capif', 'col': 'eventsdetails', 'certs_col': "certs", @@ -25,4 +25,4 @@ data: "opentelemetry_schedule_delay_millis": 20000, "opentelemetry_max_export_batch_size": 2048, "opentelemetry_export_timeout_millis": 60000 - } + } \ No newline at end of file diff --git a/helm/capif/charts/ocf-events/templates/deployment.yaml b/helm/capif/charts/ocf-events/templates/deployment.yaml new file mode 100644 index 0000000..f94cc7b --- /dev/null +++ b/helm/capif/charts/ocf-events/templates/deployment.yaml @@ -0,0 +1,70 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ocf-events.fullname" . }} + labels: + {{- include "ocf-events.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ocf-events.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + {{- include "ocf-events.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ocf-events.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: MONITORING + value: {{ quote .Values.env.monitoring }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/ocf-events/templates/hpa.yaml b/helm/capif/charts/ocf-events/templates/hpa.yaml new file mode 100644 index 0000000..f494b03 --- /dev/null +++ b/helm/capif/charts/ocf-events/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-events.fullname" . }} + labels: + {{- include "ocf-events.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-events.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-events/templates/ingress.yaml b/helm/capif/charts/ocf-events/templates/ingress.yaml new file mode 100644 index 0000000..9844a7f --- /dev/null +++ b/helm/capif/charts/ocf-events/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-events.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-events.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-events/templates/service.yaml b/helm/capif/charts/ocf-events/templates/service.yaml new file mode 100644 index 0000000..dd54aca --- /dev/null +++ b/helm/capif/charts/ocf-events/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: capif-events + labels: + {{- include "ocf-events.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ocf-events.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-events/templates/serviceaccount.yaml b/helm/capif/charts/ocf-events/templates/serviceaccount.yaml new file mode 100644 index 0000000..f29121a --- /dev/null +++ b/helm/capif/charts/ocf-events/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-events.serviceAccountName" . }} + labels: + {{- include "ocf-events.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-events/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-events/templates/tests/test-connection.yaml new file mode 100644 index 0000000..fc22433 --- /dev/null +++ b/helm/capif/charts/ocf-events/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-events.fullname" . }}-test-connection" + labels: + {{- include "ocf-events.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['capif-events:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/ocf-events/values.yaml b/helm/capif/charts/ocf-events/values.yaml new file mode 100644 index 0000000..c600141 --- /dev/null +++ b/helm/capif/charts/ocf-events/values.yaml @@ -0,0 +1,115 @@ +# Default values for ocf-events. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: events-api + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + monitoring: "true" + mongoInitdbRootUsername: root + mongoInitdbRootPassword: example + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + initialDelaySeconds: 5 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: + - name: capif-events-config + configMap: + name: capif-events-configmap + items: + - key: "config.yaml" + path: "config.yaml" + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: capif-events-config + mountPath: /usr/src/app/config.yaml + subPath: config.yaml + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/ocf-helper/.helmignore b/helm/capif/charts/ocf-helper/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/capif/charts/ocf-helper/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-helper/Chart.yaml b/helm/capif/charts/ocf-helper/Chart.yaml new file mode 100644 index 0000000..ac740bc --- /dev/null +++ b/helm/capif/charts/ocf-helper/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-helper +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-helper/templates/NOTES.txt b/helm/capif/charts/ocf-helper/templates/NOTES.txt new file mode 100644 index 0000000..abd1318 --- /dev/null +++ b/helm/capif/charts/ocf-helper/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-helper.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-helper.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-helper.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-helper.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-helper/templates/_helpers.tpl b/helm/capif/charts/ocf-helper/templates/_helpers.tpl new file mode 100644 index 0000000..df679e3 --- /dev/null +++ b/helm/capif/charts/ocf-helper/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-helper.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-helper.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-helper.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-helper.labels" -}} +helm.sh/chart: {{ include "ocf-helper.chart" . }} +{{ include "ocf-helper.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-helper.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-helper.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-helper.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-helper.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/charts/helper/templates/deployment.yaml b/helm/capif/charts/ocf-helper/templates/deployment.yaml similarity index 88% rename from helm/capif/charts/helper/templates/deployment.yaml rename to helm/capif/charts/ocf-helper/templates/deployment.yaml index a3f43d3..7c55930 100644 --- a/helm/capif/charts/helper/templates/deployment.yaml +++ b/helm/capif/charts/ocf-helper/templates/deployment.yaml @@ -1,23 +1,23 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ include "helper.fullname" . }} + name: {{ include "ocf-helper.fullname" . }} labels: - {{- include "helper.labels" . | nindent 4 }} + {{- include "ocf-helper.labels" . | nindent 4 }} spec: {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} {{- end }} selector: matchLabels: - {{- include "helper.selectorLabels" . | nindent 6 }} + {{- include "ocf-helper.selectorLabels" . | nindent 6 }} template: metadata: annotations: date: "{{ now | unixEpoch }}" checksum/config: {{ include (print $.Template.BasePath "/ocf-helper-configmap.yaml") . | sha256sum }} labels: - {{- include "helper.labels" . | nindent 8 }} + {{- include "ocf-helper.labels" . | nindent 8 }} {{- with .Values.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} @@ -26,7 +26,7 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - serviceAccountName: {{ include "helper.serviceAccountName" . }} + serviceAccountName: {{ include "ocf-helper.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: diff --git a/helm/capif/charts/ocf-helper/templates/hpa.yaml b/helm/capif/charts/ocf-helper/templates/hpa.yaml new file mode 100644 index 0000000..670686a --- /dev/null +++ b/helm/capif/charts/ocf-helper/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-helper.fullname" . }} + labels: + {{- include "ocf-helper.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-helper.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-helper/templates/ingress.yaml b/helm/capif/charts/ocf-helper/templates/ingress.yaml new file mode 100644 index 0000000..76d37c8 --- /dev/null +++ b/helm/capif/charts/ocf-helper/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-helper.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-helper.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/helper/templates/ocf-helper-configmap.yaml b/helm/capif/charts/ocf-helper/templates/ocf-helper-configmap.yaml similarity index 100% rename from helm/capif/charts/helper/templates/ocf-helper-configmap.yaml rename to helm/capif/charts/ocf-helper/templates/ocf-helper-configmap.yaml diff --git a/helm/capif/charts/helper/templates/service.yaml b/helm/capif/charts/ocf-helper/templates/service.yaml similarity index 66% rename from helm/capif/charts/helper/templates/service.yaml rename to helm/capif/charts/ocf-helper/templates/service.yaml index 4a74370..87006eb 100644 --- a/helm/capif/charts/helper/templates/service.yaml +++ b/helm/capif/charts/ocf-helper/templates/service.yaml @@ -3,7 +3,7 @@ kind: Service metadata: name: helper labels: - {{- include "helper.labels" . | nindent 4 }} + {{- include "ocf-helper.labels" . | nindent 4 }} spec: type: {{ .Values.service.type }} ports: @@ -12,4 +12,4 @@ spec: protocol: TCP name: http selector: - {{- include "helper.selectorLabels" . | nindent 4 }} + {{- include "ocf-helper.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-helper/templates/serviceaccount.yaml b/helm/capif/charts/ocf-helper/templates/serviceaccount.yaml new file mode 100644 index 0000000..a3da059 --- /dev/null +++ b/helm/capif/charts/ocf-helper/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-helper.serviceAccountName" . }} + labels: + {{- include "ocf-helper.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-helper/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-helper/templates/tests/test-connection.yaml new file mode 100644 index 0000000..5776042 --- /dev/null +++ b/helm/capif/charts/ocf-helper/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-helper.fullname" . }}-test-connection" + labels: + {{- include "ocf-helper.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['helper:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/helper/values.yaml b/helm/capif/charts/ocf-helper/values.yaml similarity index 96% rename from helm/capif/charts/helper/values.yaml rename to helm/capif/charts/ocf-helper/values.yaml index 147c003..36e0989 100644 --- a/helm/capif/charts/helper/values.yaml +++ b/helm/capif/charts/ocf-helper/values.yaml @@ -1,11 +1,11 @@ -# Default values for helper. +# Default values for ocf-helper. # This is a YAML-formatted file. # Declare variables to be passed into your templates. replicaCount: 1 image: - repository: "helper" + repository: "ocf-helper" pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. tag: "" @@ -36,7 +36,7 @@ serviceAccount: name: "" podAnnotations: - app: ocf-helper + app: ocf-ocf-helper podLabels: {} diff --git a/helm/capif/charts/ocf-publish-service-api/.helmignore b/helm/capif/charts/ocf-publish-service-api/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-publish-service-api/Chart.yaml b/helm/capif/charts/ocf-publish-service-api/Chart.yaml new file mode 100644 index 0000000..166d252 --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-publish-service-api +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-publish-service-api/templates/NOTES.txt b/helm/capif/charts/ocf-publish-service-api/templates/NOTES.txt new file mode 100644 index 0000000..deaaa58 --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-publish-service-api.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-publish-service-api.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-publish-service-api.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-publish-service-api.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-publish-service-api/templates/_helpers.tpl b/helm/capif/charts/ocf-publish-service-api/templates/_helpers.tpl new file mode 100644 index 0000000..9ca28fa --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-publish-service-api.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-publish-service-api.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-publish-service-api.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-publish-service-api.labels" -}} +helm.sh/chart: {{ include "ocf-publish-service-api.chart" . }} +{{ include "ocf-publish-service-api.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-publish-service-api.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-publish-service-api.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-publish-service-api.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-publish-service-api.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/templates/capif-published-configmap.yaml b/helm/capif/charts/ocf-publish-service-api/templates/configmap.yaml similarity index 81% rename from helm/capif/templates/capif-published-configmap.yaml rename to helm/capif/charts/ocf-publish-service-api/templates/configmap.yaml index 507afd4..a76b2f2 100644 --- a/helm/capif/templates/capif-published-configmap.yaml +++ b/helm/capif/charts/ocf-publish-service-api/templates/configmap.yaml @@ -5,8 +5,8 @@ metadata: data: config.yaml: | mongo: { - 'user': '{{ .Values.mongo.mongo.env.mongoInitdbRootUsername }}', - 'password': '{{ .Values.mongo.mongo.env.mongoInitdbRootPassword }}', + 'user': '{{ .Values.env.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoInitdbRootPassword }}', 'db': 'capif', 'col': 'serviceapidescriptions', 'certs_col': "certs", diff --git a/helm/capif/charts/ocf-publish-service-api/templates/deployment.yaml b/helm/capif/charts/ocf-publish-service-api/templates/deployment.yaml new file mode 100644 index 0000000..49d9b2c --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/templates/deployment.yaml @@ -0,0 +1,70 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ocf-publish-service-api.fullname" . }} + labels: + {{- include "ocf-publish-service-api.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ocf-publish-service-api.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + {{- include "ocf-publish-service-api.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ocf-publish-service-api.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: MONITORING + value: {{ quote .Values.env.monitoring }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/ocf-publish-service-api/templates/hpa.yaml b/helm/capif/charts/ocf-publish-service-api/templates/hpa.yaml new file mode 100644 index 0000000..34c2368 --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-publish-service-api.fullname" . }} + labels: + {{- include "ocf-publish-service-api.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-publish-service-api.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-publish-service-api/templates/ingress.yaml b/helm/capif/charts/ocf-publish-service-api/templates/ingress.yaml new file mode 100644 index 0000000..22cd9f3 --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-publish-service-api.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-publish-service-api.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-publish-service-api/templates/service.yaml b/helm/capif/charts/ocf-publish-service-api/templates/service.yaml new file mode 100644 index 0000000..2412215 --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: published-apis + labels: + {{- include "ocf-publish-service-api.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ocf-publish-service-api.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-publish-service-api/templates/serviceaccount.yaml b/helm/capif/charts/ocf-publish-service-api/templates/serviceaccount.yaml new file mode 100644 index 0000000..22ca36f --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-publish-service-api.serviceAccountName" . }} + labels: + {{- include "ocf-publish-service-api.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-publish-service-api/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-publish-service-api/templates/tests/test-connection.yaml new file mode 100644 index 0000000..edbd061 --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-publish-service-api.fullname" . }}-test-connection" + labels: + {{- include "ocf-publish-service-api.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['published-apis:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/ocf-publish-service-api/values.yaml b/helm/capif/charts/ocf-publish-service-api/values.yaml new file mode 100644 index 0000000..4ab3c9c --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/values.yaml @@ -0,0 +1,115 @@ +# Default values for ocf-publish-service-api. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: publish-service-api + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + monitoring: "true" + mongoInitdbRootUsername: root + mongoInitdbRootPassword: example + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + initialDelaySeconds: 5 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: + - name: capif-published-config + configMap: + name: capif-published-configmap + items: + - key: "config.yaml" + path: "config.yaml" + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: capif-published-config + mountPath: /usr/src/app/config.yaml + subPath: config.yaml + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/ocf-register/.helmignore b/helm/capif/charts/ocf-register/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/capif/charts/ocf-register/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-register/Chart.yaml b/helm/capif/charts/ocf-register/Chart.yaml new file mode 100644 index 0000000..06dee80 --- /dev/null +++ b/helm/capif/charts/ocf-register/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-register +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-register/templates/NOTES.txt b/helm/capif/charts/ocf-register/templates/NOTES.txt new file mode 100644 index 0000000..f323bac --- /dev/null +++ b/helm/capif/charts/ocf-register/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-register.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-register.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-register.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-register.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-register/templates/_helpers.tpl b/helm/capif/charts/ocf-register/templates/_helpers.tpl new file mode 100644 index 0000000..c1d5489 --- /dev/null +++ b/helm/capif/charts/ocf-register/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-register.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-register.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-register.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-register.labels" -}} +helm.sh/chart: {{ include "ocf-register.chart" . }} +{{ include "ocf-register.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-register.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-register.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-register.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-register.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/templates/register-configmap.yaml b/helm/capif/charts/ocf-register/templates/configmap.yaml similarity index 52% rename from helm/capif/templates/register-configmap.yaml rename to helm/capif/charts/ocf-register/templates/configmap.yaml index 7dcc300..d927eba 100644 --- a/helm/capif/templates/register-configmap.yaml +++ b/helm/capif/charts/ocf-register/templates/configmap.yaml @@ -2,8 +2,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: register-configmap - labels: - {{- include "capif.labels" . | nindent 4 }} data: config.yaml: |- mongo: { @@ -11,13 +9,13 @@ data: 'password': 'example', 'db': 'capif_users', 'col': 'user', - 'host': '{{ .Values.register.register.env.mongoHost }}', - 'port': '{{ .Values.register.register.env.mongoPort }}' + 'host': '{{ .Values.env.mongoHost }}', + 'port': '{{ .Values.env.mongoPort }}' } ca_factory: { - "url": "{{ .Values.parametersVault.env.vaultHostname }}", - "port": "{{ .Values.parametersVault.env.vaultPort }}", - "token": "{{ .Values.parametersVault.env.vaultAccessToken }}" + "url": "{{ .Values.env.vaultHostname }}", + "port": "{{ .Values.env.vaultPort }}", + "token": "{{ .Values.env.vaultAccessToken }}" } register: { register_uuid: '6ba7b810-9dad-11d1-80b4-00c04fd430c8', diff --git a/helm/capif/charts/ocf-register/templates/deployment.yaml b/helm/capif/charts/ocf-register/templates/deployment.yaml new file mode 100644 index 0000000..5437dfc --- /dev/null +++ b/helm/capif/charts/ocf-register/templates/deployment.yaml @@ -0,0 +1,74 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ocf-register.fullname" . }} + labels: + {{- include "ocf-register.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ocf-register.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + {{- include "ocf-register.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ocf-register.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: VAULT_HOSTNAME + value: {{ quote .Values.env.vaultHostname }} + - name: VAULT_PORT + value: {{ quote .Values.env.vaultPort }} + - name: VAULT_ACCESS_TOKEN + value: {{ quote .Values.env.vaultAccessToken }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/ocf-register/templates/hpa.yaml b/helm/capif/charts/ocf-register/templates/hpa.yaml new file mode 100644 index 0000000..936dbb4 --- /dev/null +++ b/helm/capif/charts/ocf-register/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-register.fullname" . }} + labels: + {{- include "ocf-register.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-register.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-register/templates/ingress.yaml b/helm/capif/charts/ocf-register/templates/ingress.yaml new file mode 100644 index 0000000..c5911eb --- /dev/null +++ b/helm/capif/charts/ocf-register/templates/ingress.yaml @@ -0,0 +1,60 @@ +{{- if .Values.ingress.enabled -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: nginx-register + labels: + {{- include "ocf-register.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: register + port: + number: {{ $svcPort }} + {{- else }} + serviceName: register + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-register/templates/service.yaml b/helm/capif/charts/ocf-register/templates/service.yaml new file mode 100644 index 0000000..ae6f7f6 --- /dev/null +++ b/helm/capif/charts/ocf-register/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: register + labels: + {{- include "ocf-register.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: 8080 + protocol: TCP + name: http + selector: + {{- include "ocf-register.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-register/templates/serviceaccount.yaml b/helm/capif/charts/ocf-register/templates/serviceaccount.yaml new file mode 100644 index 0000000..d295456 --- /dev/null +++ b/helm/capif/charts/ocf-register/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-register.serviceAccountName" . }} + labels: + {{- include "ocf-register.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-register/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-register/templates/tests/test-connection.yaml new file mode 100644 index 0000000..40831f6 --- /dev/null +++ b/helm/capif/charts/ocf-register/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-register.fullname" . }}-test-connection" + labels: + {{- include "ocf-register.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['register:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/ocf-register/values.yaml b/helm/capif/charts/ocf-register/values.yaml new file mode 100644 index 0000000..b9e9e49 --- /dev/null +++ b/helm/capif/charts/ocf-register/values.yaml @@ -0,0 +1,118 @@ +# Default values for ocf-register. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: register + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + mongoHost: mongo-register + mongoPort: 27017 + vaultHostname: vault + vaultPort: 8200 + vaultAccessToken: dev-only-token + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8084 + +ingress: + enabled: true + className: "nginx" + annotations: + #cert-manager.io/issuer: letsencrypt-issuer + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + nginx.ingress.kubernetes.io/ssl-passthrough: "true" + nginx.ingress.kubernetes.io/ssl-redirect: "true" + hosts: + - host: register.app.ocp-epg.hi.inet + paths: + - path: / + pathType: Prefix + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: + - name: register-configmap + configMap: + name: register-configmap + items: + - key: "config.yaml" + path: "config.yaml" + + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: register-configmap + mountPath: /usr/src/app/config.yaml + subPath: config.yaml + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/ocf-routing-info/.helmignore b/helm/capif/charts/ocf-routing-info/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-routing-info/Chart.yaml b/helm/capif/charts/ocf-routing-info/Chart.yaml new file mode 100644 index 0000000..bf109e2 --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-routing-info +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-routing-info/templates/NOTES.txt b/helm/capif/charts/ocf-routing-info/templates/NOTES.txt new file mode 100644 index 0000000..f08d1a0 --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-routing-info.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-routing-info.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-routing-info.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-routing-info.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-routing-info/templates/_helpers.tpl b/helm/capif/charts/ocf-routing-info/templates/_helpers.tpl new file mode 100644 index 0000000..58bef4e --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-routing-info.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-routing-info.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-routing-info.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-routing-info.labels" -}} +helm.sh/chart: {{ include "ocf-routing-info.chart" . }} +{{ include "ocf-routing-info.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-routing-info.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-routing-info.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-routing-info.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-routing-info.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-routing-info/templates/deployment.yaml b/helm/capif/charts/ocf-routing-info/templates/deployment.yaml new file mode 100644 index 0000000..2e1abf1 --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/templates/deployment.yaml @@ -0,0 +1,69 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ocf-routing-info.fullname" . }} + labels: + {{- include "ocf-routing-info.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ocf-routing-info.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + labels: + {{- include "ocf-routing-info.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ocf-routing-info.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: MONITORING + value: {{ quote .Values.env.monitoring }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/ocf-routing-info/templates/hpa.yaml b/helm/capif/charts/ocf-routing-info/templates/hpa.yaml new file mode 100644 index 0000000..6172807 --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-routing-info.fullname" . }} + labels: + {{- include "ocf-routing-info.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-routing-info.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-routing-info/templates/ingress.yaml b/helm/capif/charts/ocf-routing-info/templates/ingress.yaml new file mode 100644 index 0000000..cf74fa9 --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-routing-info.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-routing-info.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-routing-info/templates/service.yaml b/helm/capif/charts/ocf-routing-info/templates/service.yaml new file mode 100644 index 0000000..125bf08 --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: capif-routing-info + labels: + {{- include "ocf-routing-info.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ocf-routing-info.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-routing-info/templates/serviceaccount.yaml b/helm/capif/charts/ocf-routing-info/templates/serviceaccount.yaml new file mode 100644 index 0000000..6d1721d --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-routing-info.serviceAccountName" . }} + labels: + {{- include "ocf-routing-info.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-routing-info/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-routing-info/templates/tests/test-connection.yaml new file mode 100644 index 0000000..26169c1 --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-routing-info.fullname" . }}-test-connection" + labels: + {{- include "ocf-routing-info.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['capif-routing-info:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/ocf-routing-info/values.yaml b/helm/capif/charts/ocf-routing-info/values.yaml new file mode 100644 index 0000000..8ba779c --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/values.yaml @@ -0,0 +1,111 @@ +# Default values for ocf-routing-info. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: routing-info-api + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + monitoring: "true" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + initialDelaySeconds: 5 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: [] +# - name: foo +# secret: +# secretName: mysecret +# optional: false + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: [] +# - name: foo +# mountPath: "/etc/foo" +# readOnly: true + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/ocf-security/.helmignore b/helm/capif/charts/ocf-security/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/capif/charts/ocf-security/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-security/Chart.yaml b/helm/capif/charts/ocf-security/Chart.yaml new file mode 100644 index 0000000..93606cd --- /dev/null +++ b/helm/capif/charts/ocf-security/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-security +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-security/templates/NOTES.txt b/helm/capif/charts/ocf-security/templates/NOTES.txt new file mode 100644 index 0000000..3654878 --- /dev/null +++ b/helm/capif/charts/ocf-security/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-security.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-security.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-security.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-security.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-security/templates/_helpers.tpl b/helm/capif/charts/ocf-security/templates/_helpers.tpl new file mode 100644 index 0000000..11c7d3f --- /dev/null +++ b/helm/capif/charts/ocf-security/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-security.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-security.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-security.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-security.labels" -}} +helm.sh/chart: {{ include "ocf-security.chart" . }} +{{ include "ocf-security.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-security.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-security.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-security.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-security.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/templates/capif-security-configmap.yaml b/helm/capif/charts/ocf-security/templates/configmap.yaml similarity index 82% rename from helm/capif/templates/capif-security-configmap.yaml rename to helm/capif/charts/ocf-security/templates/configmap.yaml index ade6a59..5d099d1 100644 --- a/helm/capif/templates/capif-security-configmap.yaml +++ b/helm/capif/charts/ocf-security/templates/configmap.yaml @@ -5,8 +5,8 @@ metadata: data: config.yaml: | mongo: { - 'user': '{{ .Values.mongo.mongo.env.mongoInitdbRootUsername }}', - 'password': '{{ .Values.mongo.mongo.env.mongoInitdbRootPassword }}', + 'user': '{{ .Values.env.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoInitdbRootPassword }}', 'db': 'capif', 'col': 'security', 'capif_service_col': 'serviceapidescriptions', diff --git a/helm/capif/charts/ocf-security/templates/deployment.yaml b/helm/capif/charts/ocf-security/templates/deployment.yaml new file mode 100644 index 0000000..44bd7fa --- /dev/null +++ b/helm/capif/charts/ocf-security/templates/deployment.yaml @@ -0,0 +1,78 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ocf-security.fullname" . }} + labels: + {{- include "ocf-security.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ocf-security.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + {{- include "ocf-security.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ocf-security.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: CAPIF_HOSTNAME + value: {{ quote .Values.env.capifHostname }} + - name: MONITORING + value: {{ quote .Values.env.monitoring }} + - name: VAULT_HOSTNAME + value: {{ quote .Values.env.vaultHostname }} + - name: VAULT_PORT + value: {{ quote .Values.env.vaultPort }} + - name: VAULT_ACCESS_TOKEN + value: {{ quote .Values.env.vaultAccessToken }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/ocf-security/templates/hpa.yaml b/helm/capif/charts/ocf-security/templates/hpa.yaml new file mode 100644 index 0000000..7b4759b --- /dev/null +++ b/helm/capif/charts/ocf-security/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-security.fullname" . }} + labels: + {{- include "ocf-security.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-security.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-security/templates/ingress.yaml b/helm/capif/charts/ocf-security/templates/ingress.yaml new file mode 100644 index 0000000..5656fea --- /dev/null +++ b/helm/capif/charts/ocf-security/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-security.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-security.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-security/templates/service.yaml b/helm/capif/charts/ocf-security/templates/service.yaml new file mode 100644 index 0000000..553dc57 --- /dev/null +++ b/helm/capif/charts/ocf-security/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: capif-security + labels: + {{- include "ocf-security.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ocf-security.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-security/templates/serviceaccount.yaml b/helm/capif/charts/ocf-security/templates/serviceaccount.yaml new file mode 100644 index 0000000..29faf43 --- /dev/null +++ b/helm/capif/charts/ocf-security/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-security.serviceAccountName" . }} + labels: + {{- include "ocf-security.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-security/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-security/templates/tests/test-connection.yaml new file mode 100644 index 0000000..08b3752 --- /dev/null +++ b/helm/capif/charts/ocf-security/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-security.fullname" . }}-test-connection" + labels: + {{- include "ocf-security.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['capif-security:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/ocf-security/values.yaml b/helm/capif/charts/ocf-security/values.yaml new file mode 100644 index 0000000..37b57c7 --- /dev/null +++ b/helm/capif/charts/ocf-security/values.yaml @@ -0,0 +1,118 @@ +# Default values for ocf-security. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: security-api + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + monitoring: "true" + capifHostname: capif + vaultHostname: vault + vaultPort: 8200 + vaultAccessToken: dev-only-token + mongoInitdbRootUsername: root + mongoInitdbRootPassword: example + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: + - name: capif-security-config + configMap: + name: capif-security-configmap + items: + - key: "config.yaml" + path: "config.yaml" + + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: capif-security-config + mountPath: /usr/src/app/config.yaml + subPath: config.yaml + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/redis/.helmignore b/helm/capif/charts/redis/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/capif/charts/redis/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/redis/Chart.yaml b/helm/capif/charts/redis/Chart.yaml new file mode 100644 index 0000000..165c196 --- /dev/null +++ b/helm/capif/charts/redis/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: redis +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/redis/templates/NOTES.txt b/helm/capif/charts/redis/templates/NOTES.txt new file mode 100644 index 0000000..0735ad4 --- /dev/null +++ b/helm/capif/charts/redis/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "redis.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "redis.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "redis.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "redis.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/redis/templates/_helpers.tpl b/helm/capif/charts/redis/templates/_helpers.tpl new file mode 100644 index 0000000..f6a718b --- /dev/null +++ b/helm/capif/charts/redis/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "redis.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "redis.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "redis.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "redis.labels" -}} +helm.sh/chart: {{ include "redis.chart" . }} +{{ include "redis.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "redis.selectorLabels" -}} +app.kubernetes.io/name: {{ include "redis.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "redis.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "redis.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/charts/redis/templates/deployment.yaml b/helm/capif/charts/redis/templates/deployment.yaml new file mode 100644 index 0000000..2350429 --- /dev/null +++ b/helm/capif/charts/redis/templates/deployment.yaml @@ -0,0 +1,69 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "redis.fullname" . }} + labels: + {{- include "redis.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "redis.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + labels: + {{- include "redis.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "redis.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: REDIS_REPLICATION_MODE + value: {{ quote .Values.env.redisReplicationMode }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/redis/templates/hpa.yaml b/helm/capif/charts/redis/templates/hpa.yaml new file mode 100644 index 0000000..db46f1b --- /dev/null +++ b/helm/capif/charts/redis/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "redis.fullname" . }} + labels: + {{- include "redis.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "redis.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/redis/templates/ingress.yaml b/helm/capif/charts/redis/templates/ingress.yaml new file mode 100644 index 0000000..f5674cb --- /dev/null +++ b/helm/capif/charts/redis/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "redis.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "redis.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/redis/templates/service.yaml b/helm/capif/charts/redis/templates/service.yaml new file mode 100644 index 0000000..6482b83 --- /dev/null +++ b/helm/capif/charts/redis/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: redis + labels: + {{- include "redis.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "redis.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/redis/templates/serviceaccount.yaml b/helm/capif/charts/redis/templates/serviceaccount.yaml new file mode 100644 index 0000000..8f21aeb --- /dev/null +++ b/helm/capif/charts/redis/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "redis.serviceAccountName" . }} + labels: + {{- include "redis.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/redis/templates/tests/test-connection.yaml b/helm/capif/charts/redis/templates/tests/test-connection.yaml new file mode 100644 index 0000000..998be8e --- /dev/null +++ b/helm/capif/charts/redis/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "redis.fullname" . }}-test-connection" + labels: + {{- include "redis.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "redis.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/redis/values.yaml b/helm/capif/charts/redis/values.yaml new file mode 100644 index 0000000..4011e97 --- /dev/null +++ b/helm/capif/charts/redis/values.yaml @@ -0,0 +1,111 @@ +# Default values for redis. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: redis + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "alpine" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + redisReplicationMode: master + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 6379 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: + tcpSocket: + port: 6379 + initialDelaySeconds: 5 + periodSeconds: 5 +readinessProbe: + tcpSocket: + port: 6379 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: [] +# - name: foo +# secret: +# secretName: mysecret +# optional: false + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: [] +# - name: foo +# mountPath: "/etc/foo" +# readOnly: true + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/templates/api-invocation-logs.yaml b/helm/capif/templates/api-invocation-logs.yaml deleted file mode 100644 index a9b4d8f..0000000 --- a/helm/capif/templates/api-invocation-logs.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: api-invocation-logs - labels: - io.kompose.service: api-invocation-logs - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.apiInvocationLogs.type }} - selector: - io.kompose.service: api-invocation-logs - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.apiInvocationLogs.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/api-invoker-management.yaml b/helm/capif/templates/api-invoker-management.yaml deleted file mode 100644 index 3eaeda4..0000000 --- a/helm/capif/templates/api-invoker-management.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: api-invoker-management - labels: - io.kompose.service: api-invoker-management - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.apiInvokerManagement.type }} - selector: - io.kompose.service: api-invoker-management - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.apiInvokerManagement.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/api-provider-management.yaml b/helm/capif/templates/api-provider-management.yaml deleted file mode 100644 index 4237986..0000000 --- a/helm/capif/templates/api-provider-management.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: api-provider-management - labels: - io.kompose.service: api-provider-management - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.apiProviderManagement.type }} - selector: - io.kompose.service: api-provider-management - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.apiProviderManagement.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/capif-events.yaml b/helm/capif/templates/capif-events.yaml deleted file mode 100644 index 40b3d7b..0000000 --- a/helm/capif/templates/capif-events.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: capif-events - labels: - io.kompose.service: capif-events - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.capifEvents.type }} - selector: - io.kompose.service: capif-events - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.capifEvents.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/capif-routing-info.yaml b/helm/capif/templates/capif-routing-info.yaml deleted file mode 100644 index 6de48aa..0000000 --- a/helm/capif/templates/capif-routing-info.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: capif-routing-info - labels: - io.kompose.service: capif-routing-info - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.capifRoutingInfo.type }} - selector: - io.kompose.service: capif-routing-info - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.capifRoutingInfo.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/capif-security.yaml b/helm/capif/templates/capif-security.yaml deleted file mode 100644 index e0bf7d8..0000000 --- a/helm/capif/templates/capif-security.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: capif-security - labels: - io.kompose.service: capif-security - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.capifSecurity.type }} - selector: - io.kompose.service: capif-security - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.capifSecurity.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/deployment.yaml b/helm/capif/templates/deployment.yaml index 4f58100..8b13789 100644 --- a/helm/capif/templates/deployment.yaml +++ b/helm/capif/templates/deployment.yaml @@ -1,974 +1 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: api-invocation-logs - labels: - io.kompose.service: api-invocation-logs - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.apiInvocationLogs.replicas }} - selector: - matchLabels: - io.kompose.service: api-invocation-logs - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: api-invocation-logs - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - checksum/config: {{ include (print $.Template.BasePath "/capif-invocation-configmap.yaml") . | sha256sum }} - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: CAPIF_HOSTNAME - value: {{ quote .Values.nginx.nginx.env.capifHostname }} - - name: MONITORING - value: {{ quote .Values.apiInvocationLogs.apiInvocationLogs.env.monitoring }} - - name: VAULT_HOSTNAME - value: {{ quote .Values.parametersVault.env.vaultHostname }} - - name: VAULT_PORT - value: {{ quote .Values.parametersVault.env.vaultPort }} - - name: VAULT_ACCESS_TOKEN - value: {{ quote .Values.parametersVault.env.vaultAccessToken }} - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - image: {{ .Values.apiInvocationLogs.apiInvocationLogs.image.repository }}:{{ .Values.apiInvocationLogs.apiInvocationLogs.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.apiInvocationLogs.apiInvocationLogs.image.imagePullPolicy }} - name: api-invocation-logs - ports: - - containerPort: 8080 - volumeMounts: - - name: capif-invocation-config - mountPath: /usr/src/app/config.yaml - subPath: config.yaml - resources: - {{- toYaml .Values.apiInvocationLogs.apiInvocationLogs.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 8080 - initialDelaySeconds: 10 - periodSeconds: 5 - volumes: - - name: capif-invocation-config - configMap: - name: capif-invocation-configmap - items: - - key: "config.yaml" - path: "config.yaml" - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: api-invoker-management - labels: - io.kompose.service: api-invoker-management - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.apiInvokerManagement.replicas }} - selector: - matchLabels: - io.kompose.service: api-invoker-management - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: api-invoker-management - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - checksum/config: {{ include (print $.Template.BasePath "/capif-invoker-configmap.yaml") . | sha256sum }} - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - - name: MONITORING - value: {{ quote .Values.apiInvokerManagement.apiInvokerManagement.env.monitoring }} - - name: VAULT_HOSTNAME - value: {{ quote .Values.parametersVault.env.vaultHostname }} - - name: VAULT_PORT - value: {{ quote .Values.parametersVault.env.vaultPort }} - - name: VAULT_ACCESS_TOKEN - value: {{ quote .Values.parametersVault.env.vaultAccessToken }} - image: {{ .Values.apiInvokerManagement.apiInvokerManagement.image.repository }}:{{ - .Values.apiInvokerManagement.apiInvokerManagement.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.apiInvokerManagement.apiInvokerManagement.image.imagePullPolicy }} - name: api-invoker-management - ports: - - containerPort: 8080 - volumeMounts: - - name: capif-invoker-config - mountPath: /usr/src/app/config.yaml - subPath: config.yaml - resources: - {{- toYaml .Values.apiInvokerManagement.apiInvokerManagement.resources | nindent 12 }} - volumes: - - name: capif-invoker-config - configMap: - name: capif-invoker-configmap - items: - - key: "config.yaml" - path: "config.yaml" - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: api-provider-management - labels: - io.kompose.service: api-provider-management - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.apiProviderManagement.replicas }} - selector: - matchLabels: - io.kompose.service: api-provider-management - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: api-provider-management - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - checksum/config: {{ include (print $.Template.BasePath "/capif-provider-configmap.yaml") . | sha256sum }} - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - - name: MONITORING - value: {{ quote .Values.apiProviderManagement.apiProviderManagement.env.monitoring }} - - name: VAULT_HOSTNAME - value: {{ quote .Values.parametersVault.env.vaultHostname }} - - name: VAULT_PORT - value: {{ quote .Values.parametersVault.env.vaultPort }} - - name: VAULT_ACCESS_TOKEN - value: {{ quote .Values.parametersVault.env.vaultAccessToken }} - image: {{ .Values.apiProviderManagement.apiProviderManagement.image.repository - }}:{{ .Values.apiProviderManagement.apiProviderManagement.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.apiProviderManagement.apiProviderManagement.image.imagePullPolicy }} - name: api-provider-management - ports: - - containerPort: 8080 - volumeMounts: - - name: capif-provider-config - mountPath: /usr/src/app/config.yaml - subPath: config.yaml - resources: - {{- toYaml .Values.apiProviderManagement.apiProviderManagement.resources | nindent 12 }} - volumes: - - name: capif-provider-config - configMap: - name: capif-provider-configmap - items: - - key: "config.yaml" - path: "config.yaml" - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: capif-events - labels: - io.kompose.service: capif-events - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.capifEvents.replicas }} - selector: - matchLabels: - io.kompose.service: capif-events - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: capif-events - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - checksum/config: {{ include (print $.Template.BasePath "/capif-events-configmap.yaml") . | sha256sum }} - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - - name: MONITORING - value: {{ quote .Values.capifEvents.capifEvents.env.monitoring }} - image: {{ .Values.capifEvents.capifEvents.image.repository }}:{{ .Values.capifEvents.capifEvents.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.capifEvents.capifEvents.image.imagePullPolicy }} - name: capif-events - ports: - - containerPort: 8080 - volumeMounts: - - name: capif-events-config - mountPath: /usr/src/app/config.yaml - subPath: config.yaml - resources: - {{- toYaml .Values.capifEvents.capifEvents.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 8080 - initialDelaySeconds: 5 - periodSeconds: 5 - volumes: - - name: capif-events-config - configMap: - name: capif-events-configmap - items: - - key: "config.yaml" - path: "config.yaml" - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: capif-routing-info - labels: - io.kompose.service: capif-routing-info - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.capifRoutingInfo.replicas }} - selector: - matchLabels: - io.kompose.service: capif-routing-info - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: capif-routing-info - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - - name: MONITORING - value: {{ quote .Values.capifRoutingInfo.capifRoutingInfo.env.monitoring }} - image: {{ .Values.capifRoutingInfo.capifRoutingInfo.image.repository }}:{{ .Values.capifRoutingInfo.capifRoutingInfo.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.capifRoutingInfo.capifRoutingInfo.image.imagePullPolicy }} - name: capif-routing-info - ports: - - containerPort: 8080 - resources: - {{- toYaml .Values.capifRoutingInfo.capifRoutingInfo.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 8080 - initialDelaySeconds: 5 - periodSeconds: 5 - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: capif-security - labels: - io.kompose.service: capif-security - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.capifSecurity.replicas }} - selector: - matchLabels: - io.kompose.service: capif-security - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: capif-security - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - checksum/config: {{ include (print $.Template.BasePath "/capif-security-configmap.yaml") . | sha256sum }} - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: CAPIF_HOSTNAME - value: {{ quote .Values.nginx.nginx.env.capifHostname }} - - name: MONITORING - value: {{ quote .Values.capifSecurity.capifSecurity.env.monitoring }} - - name: VAULT_HOSTNAME - value: {{ quote .Values.parametersVault.env.vaultHostname }} - - name: VAULT_PORT - value: {{ quote .Values.parametersVault.env.vaultPort }} - - name: VAULT_ACCESS_TOKEN - value: {{ quote .Values.parametersVault.env.vaultAccessToken }} - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - image: {{ .Values.capifSecurity.capifSecurity.image.repository }}:{{ .Values.capifSecurity.capifSecurity.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.capifSecurity.capifSecurity.image.imagePullPolicy }} - name: capif-security - ports: - - containerPort: 8080 - volumeMounts: - - name: capif-security-config - mountPath: /usr/src/app/config.yaml - subPath: config.yaml - resources: - {{- toYaml .Values.capifSecurity.capifSecurity.resources | nindent 12 }} - volumes: - - name: capif-security-config - configMap: - name: capif-security-configmap - items: - - key: "config.yaml" - path: "config.yaml" - restartPolicy: Always - restartPolicy: Always -{{- if eq .Values.register.enable "true" }} ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: register - labels: - io.kompose.service: register - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.register.replicas }} - selector: - matchLabels: - io.kompose.service: register - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: register - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - checksum/config: {{ include (print $.Template.BasePath "/register-configmap.yaml") . | sha256sum }} - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - - name: VAULT_HOSTNAME - value: {{ quote .Values.parametersVault.env.vaultHostname }} - - name: VAULT_PORT - value: {{ quote .Values.parametersVault.env.vaultPort }} - - name: VAULT_ACCESS_TOKEN - value: {{ quote .Values.parametersVault.env.vaultAccessToken }} - image: {{ .Values.register.register.image.repository }}:{{ .Values.register.register.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.register.register.image.imagePullPolicy }} - name: register - ports: - - containerPort: 8080 - resources: - {{- toYaml .Values.register.register.resources | nindent 12 }} - volumeMounts: - - name: register-configmap - mountPath: /usr/src/app/config.yaml - subPath: config.yaml - volumes: - - name: register-configmap - configMap: - name: register-configmap - items: - - key: "config.yaml" - path: "config.yaml" - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mongo-register - labels: - io.kompose.service: mongo-register - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.mongoRegister.replicas }} - selector: - matchLabels: - io.kompose.service: mongo-register - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: mongo-register - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: MONGO_INITDB_ROOT_PASSWORD - value: {{ quote .Values.mongoRegister.mongo.env.mongoInitdbRootPassword }} - - name: MONGO_INITDB_ROOT_USERNAME - value: {{ quote .Values.mongoRegister.mongo.env.mongoInitdbRootUsername }} - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - image: {{ .Values.mongoRegister.mongo.image.repository }}:{{ .Values.mongoRegister.mongo.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.mongoRegister.mongo.image.imagePullPolicy }} - name: mongo-register - {{- if .Values.mongoRegister.mongo.persistence.enable }} - volumeMounts: - - name: mongo-register-pvc - mountPath: /data/db - {{- end }} - ports: - - containerPort: 27017 - securityContext: - runAsUser: 999 - resources: - {{- toYaml .Values.mongoRegister.mongo.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 27017 -# initialDelaySeconds: 5 - periodSeconds: 5 - {{- if .Values.mongoRegister.mongo.persistence.enable }} - volumes: - - name: mongo-register-pvc - persistentVolumeClaim: - claimName: mongo-register-pvc - {{- end }} - restartPolicy: Always -{{- end }} ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: logs - labels: - io.kompose.service: logs - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.logs.replicas }} - selector: - matchLabels: - io.kompose.service: logs - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: logs - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - checksum/config: {{ include (print $.Template.BasePath "/capif-logs-configmap.yaml") . | sha256sum }} - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - - name: MONITORING - value: {{ quote .Values.logs.logs.env.monitoring }} - image: {{ .Values.logs.logs.image.repository }}:{{ .Values.logs.logs.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.logs.logs.image.imagePullPolicy }} - name: logs - ports: - - containerPort: 8080 - volumeMounts: - - name: capif-logs-config - mountPath: /usr/src/app/config.yaml - subPath: config.yaml - resources: - {{- toYaml .Values.logs.logs.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 8080 - initialDelaySeconds: 5 - periodSeconds: 5 - volumes: - - name: capif-logs-config - configMap: - name: capif-logs-configmap - items: - - key: "config.yaml" - path: "config.yaml" - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mongo - labels: - io.kompose.service: mongo - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.mongo.replicas }} - strategy: - type: Recreate - selector: - matchLabels: - io.kompose.service: mongo - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: mongo - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: MONGO_INITDB_ROOT_PASSWORD - value: {{ quote .Values.mongo.mongo.env.mongoInitdbRootPassword }} - - name: MONGO_INITDB_ROOT_USERNAME - value: {{ quote .Values.mongo.mongo.env.mongoInitdbRootUsername }} - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - image: {{ .Values.mongo.mongo.image.repository }}:{{ .Values.mongo.mongo.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.mongo.mongo.image.imagePullPolicy }} - name: mongo - ports: - - containerPort: 27017 - securityContext: - runAsUser: 999 - {{- if eq .Values.mongo.persistence.enable "true" }} - volumeMounts: - - name: mongo-pvc - mountPath: /data/db - {{- end }} - resources: - {{- toYaml .Values.mongo.mongo.resources | nindent 12 }} - livenessProbe: - tcpSocket: - port: 27017 - initialDelaySeconds: 20 - periodSeconds: 5 - readinessProbe: - tcpSocket: - port: 27017 -# initialDelaySeconds: 5 - periodSeconds: 5 - - name: mongo-helper - image: busybox - command: - - sh - - -c - - while true ; do echo alive ; sleep 10 ; done - {{- if eq .Values.mongo.persistence.enable "true" }} - volumeMounts: - - mountPath: /mongodata - name: mongo-pvc - {{- end }} - {{- if eq .Values.mongo.persistence.enable "true" }} - volumes: - - name: mongo-pvc - persistentVolumeClaim: - claimName: mongo-pvc - {{- end }} - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mongo-express - labels: - io.kompose.service: mongo-express - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.mongoExpress.replicas }} - selector: - matchLabels: - io.kompose.service: mongo-express - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: mongo-express - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: ME_CONFIG_MONGODB_ADMINPASSWORD - value: {{ quote .Values.mongoExpress.mongoExpress.env.meConfigMongodbAdminpassword - }} - - name: ME_CONFIG_MONGODB_ADMINUSERNAME - value: {{ quote .Values.mongoExpress.mongoExpress.env.meConfigMongodbAdminusername - }} - - name: ME_CONFIG_MONGODB_URL - value: {{ quote .Values.mongoExpress.mongoExpress.env.meConfigMongodbUrl }} - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - image: {{ .Values.mongoExpress.mongoExpress.image.repository }}:{{ .Values.mongoExpress.mongoExpress.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.mongoExpress.mongoExpress.image.imagePullPolicy }} - name: mongo-express - ports: - - containerPort: 8081 - resources: - {{- toYaml .Values.mongoExpress.mongoExpress.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 8081 -# initialDelaySeconds: 0 - periodSeconds: 5 - restartPolicy: Always ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mongo-register-express - labels: - io.kompose.service: mongo-register-express - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.mongoRegisterExpress.replicas }} - selector: - matchLabels: - io.kompose.service: mongo-register-express - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: mongo-register-express - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: ME_CONFIG_MONGODB_ADMINPASSWORD - value: {{ quote .Values.mongoRegisterExpress.mongoRegisterExpress.env.meConfigMongodbAdminpassword - }} - - name: ME_CONFIG_MONGODB_ADMINUSERNAME - value: {{ quote .Values.mongoRegisterExpress.mongoRegisterExpress.env.meConfigMongodbAdminusername - }} - - name: ME_CONFIG_MONGODB_URL - value: {{ quote .Values.mongoRegisterExpress.mongoRegisterExpress.env.meConfigMongodbUrl }} - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - image: {{ .Values.mongoRegisterExpress.mongoRegisterExpress.image.repository }}:{{ .Values.mongoRegisterExpress.mongoRegisterExpress.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.mongoRegisterExpress.mongoRegisterExpress.image.imagePullPolicy }} - name: mongo-register-express - ports: - - containerPort: 8081 - resources: - {{- toYaml .Values.mongoRegisterExpress.mongoRegisterExpress.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 8081 -# initialDelaySeconds: 0 - periodSeconds: 5 - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: nginx - labels: - io.kompose.service: nginx - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.nginx.replicas }} - selector: - matchLabels: - io.kompose.service: nginx - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: nginx - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: CAPIF_HOSTNAME - value: {{ quote .Values.nginx.nginx.env.capifHostname }} - - name: VAULT_HOSTNAME - value: {{ quote .Values.parametersVault.env.vaultHostname }} - - name: VAULT_PORT - value: {{ quote .Values.parametersVault.env.vaultPort }} - - name: VAULT_ACCESS_TOKEN - value: {{ quote .Values.parametersVault.env.vaultAccessToken }} - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - image: {{ .Values.nginx.nginx.image.repository }}:{{ .Values.nginx.nginx.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.nginx.nginx.image.imagePullPolicy }} - name: nginx - ports: - - containerPort: 8080 - - containerPort: 443 - livenessProbe: - tcpSocket: - port: 8080 - initialDelaySeconds: 20 - periodSeconds: 5 -# readinessProbe: -# tcpSocket: -# port: 8080 -# initialDelaySeconds: 60 -# periodSeconds: 5 - resources: - {{- toYaml .Values.nginx.nginx.resources | nindent 12 }} - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: published-apis - labels: - io.kompose.service: published-apis - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.publishedApis.replicas }} - selector: - matchLabels: - io.kompose.service: published-apis - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: published-apis - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - checksum/config: {{ include (print $.Template.BasePath "/capif-published-configmap.yaml") . | sha256sum }} - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - - name: MONITORING - value: {{ quote .Values.publishedApis.publishedApis.env.monitoring }} - image: {{ .Values.publishedApis.publishedApis.image.repository }}:{{ .Values.publishedApis.publishedApis.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.publishedApis.publishedApis.image.imagePullPolicy }} - name: published-apis - ports: - - containerPort: 8080 - volumeMounts: - - name: capif-published-config - mountPath: /usr/src/app/config.yaml - subPath: config.yaml - resources: - {{- toYaml .Values.publishedApis.publishedApis.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 8080 - initialDelaySeconds: 5 - periodSeconds: 5 - volumes: - - name: capif-published-config - configMap: - name: capif-published-configmap - items: - - key: "config.yaml" - path: "config.yaml" - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: redis - labels: - io.kompose.service: redis - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.redis.replicas }} - selector: - matchLabels: - io.kompose.service: redis - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: redis - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - args: - - redis-server - env: - - name: REDIS_REPLICATION_MODE - value: {{ quote .Values.redis.redis.env.redisReplicationMode }} - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - image: {{ .Values.redis.redis.image.repository }}:{{ .Values.redis.redis.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.redis.redis.image.imagePullPolicy }} - name: redis - ports: - - containerPort: 6379 - resources: - {{- toYaml .Values.redis.redis.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 6379 -# initialDelaySeconds: 5 - periodSeconds: 5 - livenessProbe: - tcpSocket: - port: 6379 - initialDelaySeconds: 5 - periodSeconds: 5 - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: service-apis - labels: - io.kompose.service: service-apis - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.serviceApis.replicas }} - selector: - matchLabels: - io.kompose.service: service-apis - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: service-apis - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - checksum/config: {{ include (print $.Template.BasePath "/capif-service-configmap.yaml") . | sha256sum }} - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - - name: MONITORING - value: {{ quote .Values.serviceApis.serviceApis.env.monitoring }} - image: {{ .Values.serviceApis.serviceApis.image.repository }}:{{ .Values.serviceApis.serviceApis.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.serviceApis.serviceApis.image.imagePullPolicy }} - name: service-apis - ports: - - containerPort: 8080 - volumeMounts: - - name: capif-service-config - mountPath: /usr/src/app/config.yaml - subPath: config.yaml - resources: - {{- toYaml .Values.serviceApis.serviceApis.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 8080 - initialDelaySeconds: 5 - periodSeconds: 5 - volumes: - - name: capif-service-config - configMap: - name: capif-service-configmap - items: - - key: "config.yaml" - path: "config.yaml" - restartPolicy: Always diff --git a/helm/capif/templates/logs.yaml b/helm/capif/templates/logs.yaml deleted file mode 100644 index 7382eff..0000000 --- a/helm/capif/templates/logs.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: logs - labels: - io.kompose.service: logs - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.logs.type }} - selector: - io.kompose.service: logs - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.logs.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/mongo-express.yaml b/helm/capif/templates/mongo-express.yaml deleted file mode 100644 index 28d553b..0000000 --- a/helm/capif/templates/mongo-express.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: mongo-express - labels: - io.kompose.service: mongo-express - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.mongoExpress.type }} - selector: - io.kompose.service: mongo-express - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.mongoExpress.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/mongo-pvc.yaml b/helm/capif/templates/mongo-pvc.yaml deleted file mode 100644 index 3c80c14..0000000 --- a/helm/capif/templates/mongo-pvc.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if eq .Values.monitoring.enable "true" }} -{{- if eq .Values.mongo.persistence.enable "true" }} -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - labels: - io.kompose.service: mongo-pvc - name: mongo-pvc -spec: - storageClassName: {{ .Values.mongo.persistence.storageClass }} - accessModes: - - ReadWriteOnce - resources: - requests: - storage: {{ .Values.mongo.persistence.storage }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/helm/capif/templates/mongo-register-express.yaml b/helm/capif/templates/mongo-register-express.yaml deleted file mode 100644 index 5de4b22..0000000 --- a/helm/capif/templates/mongo-register-express.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: mongo-register-express - labels: - io.kompose.service: mongo-register-express - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.mongoRegisterExpress.type }} - selector: - io.kompose.service: mongo-register-express - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.mongoRegisterExpress.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/mongo-register-pvc.yaml b/helm/capif/templates/mongo-register-pvc.yaml deleted file mode 100644 index b5a11d6..0000000 --- a/helm/capif/templates/mongo-register-pvc.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if eq .Values.monitoring.enable "true" }} -{{- if .Values.mongoRegister.mongo.persistence.enable }} -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - labels: - io.kompose.service: mongo-register - name: mongo-register-pvc -spec: - storageClassName: {{ .Values.mongoRegister.mongo.persistence.storageClass }} - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.mongoRegister.mongo.persistence.storage }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/helm/capif/templates/mongo-register.yaml b/helm/capif/templates/mongo-register.yaml deleted file mode 100644 index 82b307f..0000000 --- a/helm/capif/templates/mongo-register.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: mongo-register - labels: - io.kompose.service: mongo-register - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.mongoRegister.type }} - selector: - io.kompose.service: mongo-register - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.mongoRegister.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/mongo.yaml b/helm/capif/templates/mongo.yaml deleted file mode 100644 index 8642764..0000000 --- a/helm/capif/templates/mongo.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: mongo - labels: - io.kompose.service: mongo - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.mongo.type }} - selector: - io.kompose.service: mongo - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.mongo.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/nginx-ingress-route.yaml b/helm/capif/templates/nginx-ingress-route.yaml deleted file mode 100644 index 57ca0be..0000000 --- a/helm/capif/templates/nginx-ingress-route.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if eq .Values.nginx.ingressType "IngressRoute" }} ---- -apiVersion: traefik.containo.us/v1alpha1 -kind: IngressRoute -metadata: - name: nginx-capif-ingress-route -spec: - entryPoints: [web] - routes: - - kind: Rule - match: Host(`{{ .Values.nginx.nginx.env.capifHostname }} && Path(`/ca-root`, `/sign-csr`, `/certdata`, `/register`, `/testdata`, `/getauth`, `/test`)`) - services: - - kind: Service - name: nginx - port: 8080 - scheme: http -{{- end }} \ No newline at end of file diff --git a/helm/capif/templates/nginx-ssl-ingress-route.yaml b/helm/capif/templates/nginx-ssl-ingress-route.yaml deleted file mode 100644 index 8c806b6..0000000 --- a/helm/capif/templates/nginx-ssl-ingress-route.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if eq .Values.nginx.ingressType "IngressRoute" }} ---- -apiVersion: traefik.containo.us/v1alpha1 -kind: IngressRoute -metadata: - name: nginx-ssl-capif-ingress-route -spec: - entryPoints: [web] - routes: - - kind: Rule - match: Host(`{{ .Values.nginx.nginx.env.capifHostname }}`) - services: - - kind: Service - name: nginx - port: 443 - tls: - passthrough: true -{{- end }} \ No newline at end of file diff --git a/helm/capif/templates/nginx-ssl-route.yaml b/helm/capif/templates/nginx-ssl-route.yaml deleted file mode 100644 index 3e24b72..0000000 --- a/helm/capif/templates/nginx-ssl-route.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{{- if eq .Values.env "openshift" }} -apiVersion: route.openshift.io/v1 -kind: Route -metadata: - labels: - name: nginx-ssl -spec: - host: {{ .Values.nginx.nginx.env.capifHostname }} - port: - targetPort: "443" - tls: - termination: passthrough - to: - kind: Service - name: nginx - weight: 100 -status: - ingress: - - conditions: - host: {{ .Values.nginx.nginx.env.capifHostname }} - routerCanonicalHostname: router-default.apps.ocp-epg.hi.inet -{{- end }} \ No newline at end of file diff --git a/helm/capif/templates/nginx-ssl.yaml b/helm/capif/templates/nginx-ssl.yaml deleted file mode 100644 index 39487d5..0000000 --- a/helm/capif/templates/nginx-ssl.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{- if eq .Values.nginx.ingressType "Ingress" }} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: nginx-register - labels: - {{- include "capif.labels" . | nindent 4 }} - {{- with .Values.nginx.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - cert-manager.io/issuer: letsencrypt-issuer - {{- end }} -spec: -{{- if .Values.nginx.ingressClassName }} - ingressClassName: {{ .Values.nginx.ingressClassName }} -{{- end }} - rules: - - host: "{{ .Values.nginx.nginx.env.registerHostname }}" - http: - paths: - - backend: - service: - name: 'register' - port: - number: 8084 - path: / - pathType: Prefix - tls: - - hosts: - - "{{ .Values.nginx.nginx.env.registerHostname }}" - secretName: letsencrypt-secret -{{- end }} \ No newline at end of file diff --git a/helm/capif/templates/nginx.yaml b/helm/capif/templates/nginx.yaml deleted file mode 100644 index 61856f5..0000000 --- a/helm/capif/templates/nginx.yaml +++ /dev/null @@ -1,48 +0,0 @@ -{{- if eq .Values.nginx.ingressType "Ingress" }} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: nginx - labels: - {{- include "capif.labels" . | nindent 4 }} - {{- with .Values.nginx.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - nginx.ingress.kubernetes.io/ssl-passthrough: "true" - nginx.ingress.kubernetes.io/ssl-redirect: "true" - {{- end }} -spec: -{{- if .Values.nginx.ingressClassName }} - ingressClassName: {{ .Values.nginx.ingressClassName }} -{{- end }} - rules: - - host: "{{ .Values.nginx.nginx.env.capifHostname }}" - http: - paths: - - backend: - service: - name: 'nginx' - port: - number: 443 - path: / - pathType: Prefix -{{- end }} ---- -apiVersion: v1 -kind: Service -metadata: - name: nginx - labels: - io.kompose.service: nginx - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.nginx.type }} - selector: - io.kompose.service: nginx - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.nginx.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/published-apis.yaml b/helm/capif/templates/published-apis.yaml deleted file mode 100644 index a5444f1..0000000 --- a/helm/capif/templates/published-apis.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: published-apis - labels: - io.kompose.service: published-apis - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.publishedApis.type }} - selector: - io.kompose.service: published-apis - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.publishedApis.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/redis.yaml b/helm/capif/templates/redis.yaml deleted file mode 100644 index 3254a95..0000000 --- a/helm/capif/templates/redis.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: redis - labels: - io.kompose.service: redis - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.redis.type }} - selector: - io.kompose.service: redis - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.redis.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/register.yaml b/helm/capif/templates/register.yaml deleted file mode 100644 index 2de1d64..0000000 --- a/helm/capif/templates/register.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if eq .Values.register.enable "true" }} -apiVersion: v1 -kind: Service -metadata: - name: register - labels: - io.kompose.service: register - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.register.type }} - selector: - io.kompose.service: register - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.register.ports | toYaml | nindent 2 -}} -{{- end }} \ No newline at end of file diff --git a/helm/capif/templates/service-apis.yaml b/helm/capif/templates/service-apis.yaml deleted file mode 100644 index bff1af5..0000000 --- a/helm/capif/templates/service-apis.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: service-apis - labels: - io.kompose.service: service-apis - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.serviceApis.type }} - selector: - io.kompose.service: service-apis - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.serviceApis.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/values.yaml b/helm/capif/values.yaml index 0a50782..67c9e42 100644 --- a/helm/capif/values.yaml +++ b/helm/capif/values.yaml @@ -1,514 +1,5 @@ -# -- The Environment variable. Use openshift if you are deploying in Openshift cluster. anotherwise use the field empty -env: "" - -# Use the Ip address dude for the kubernetes to your Ingress Controller ej: kubectl -n NAMESPACE_CAPIF get ing -ingress: - ip: "10.17.173.127" - monitoring: enable: "true" - -accessControlPolicy: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/access-control-policy" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If env.monitoring: true. Setup monitoring.enable: true - env: - monitoring: "true" - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - replicas: 1 - type: ClusterIP - -apiInvocationLogs: - apiInvocationLogs: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/api-invocation-logs-api" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If env.monitoring: true. Setup monitoring.enable: true - env: - monitoring: "true" - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - replicas: 1 - type: ClusterIP -apiInvokerManagement: - apiInvokerManagement: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/api-invoker-management-api" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If env.monitoring: true. Setup monitoring.enable: true - env: - monitoring: "true" - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - replicas: 1 - type: ClusterIP -apiProviderManagement: - apiProviderManagement: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/api-provider-management-api" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If env.monitoring: true. Setup monitoring.enable: true - env: - monitoring: "true" - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - replicas: 1 - type: ClusterIP -capifEvents: - capifEvents: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/events-api" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If env.monitoring: true. Setup monitoring.enable: true - env: - monitoring: "true" - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - replicas: 1 - type: ClusterIP -capifRoutingInfo: - capifRoutingInfo: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/routing-info-api" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If env.monitoring: true. Setup monitoring.enable: true - env: - monitoring: "true" - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - replicas: 1 - type: ClusterIP -capifSecurity: - capifSecurity: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/security-api" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If env.monitoring: true. Setup monitoring.enable: true - env: - monitoring: "true" - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - replicas: 1 - type: ClusterIP -register: - # -- If register enabled. enable: true, enable: "" = not enabled - enable: "true" - register: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/register" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - env: - mongoHost: mongo-register - mongoPort: 27017 - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8084 - targetPort: 8080 - replicas: 1 - type: ClusterIP -mongoRegister: - mongo: - env: - # User's password MongoDB - mongoInitdbRootPassword: example - # Name of User's mongodb - mongoInitdbRootUsername: root - image: - # -- The docker image repository to use - repository: "mongo" - # -- The docker image tag to use - # @default Chart version - tag: "6.0.2" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If mongoRegister.mongo.persistence enabled. enable: true, enable: false is = not enabled - persistence: - enable: true - storage: 8Gi - storageClass: nfs-01 - resources: {} -# limits: -# cpu: 100m -# memory: 128Mi -# requests: -# cpu: 100m -# memory: 128Mi - ports: - - name: "27017" - port: 27017 - targetPort: 27017 - replicas: 1 - type: ClusterIP - -kubernetesClusterDomain: cluster.local -logs: - # -- If register enabled. enable: true, enable: "" = not enabled - enable: "true" - logs: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/auditing-api" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If env.monitoring: true. Setup monitoring.enable: true - env: - monitoring: "true" - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - replicas: 1 - type: ClusterIP -mongo: - mongo: - env: - # User's password MongoDB - mongoInitdbRootPassword: example - # Name of User's mongodb - mongoInitdbRootUsername: root - image: - # -- The docker image repository to use - repository: "mongo" - # -- The docker image tag to use - # @default Chart version - tag: "6.0.2" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - resources: {} -# limits: -# cpu: 100m -# memory: 128Mi -# requests: -# cpu: 100m -# memory: 128Mi - ports: - - name: "27017" - port: 27017 - targetPort: 27017 - replicas: 1 - type: ClusterIP - # -- If mongo.persistence enabled. enable: true, enable: "" = not enabled - persistence: - enable: "true" - storage: 8Gi - storageClass: nfs-01 -mongoExpress: - mongoExpress: - env: - # User's password MongoDB - meConfigMongodbAdminpassword: example - # Name of User's mongodb - meConfigMongodbAdminusername: root - # URI for connecting MongoDB - meConfigMongodbUrl: mongodb://root:example@mongo:27017/ - image: - # -- The docker image repository to use - repository: "mongo-express" - # -- The docker image tag to use - # @default Chart version - tag: "1.0.0-alpha.4" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8082" - port: 8082 - targetPort: 8081 - replicas: 1 - type: ClusterIP -mongoRegisterExpress: - mongoRegisterExpress: - env: - # User's password MongoDB - meConfigMongodbAdminpassword: example - # Name of User's mongodb - meConfigMongodbAdminusername: root - # URI for connecting MongoDB - meConfigMongodbUrl: mongodb://root:example@mongo-register:27017/ - image: - # -- The docker image repository to use - repository: "mongo-express" - # -- The docker image tag to use - # @default Chart version - tag: "1.0.0-alpha.4" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8082" - port: 8082 - targetPort: 8081 - replicas: 1 - type: ClusterIP -nginx: - # -- if nginx.ingressType: "Ingress". set up monitoring.prometheus.ingress: true - # and monitoring.grafana.ingress: true - # Use IngressRoute if you want to use Gateway API. ex traefix - ingressType: "Ingress" - ingressClassName: nginx - annotations: - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - nginx.ingress.kubernetes.io/ssl-passthrough: "true" - nginx.ingress.kubernetes.io/ssl-redirect: "true" - nginx: - env: - # -- Ingress's host to Capif - capifHostname: "my-capif.apps.ocp-epg.hi.inet" - registerHostname: "register.app.ocp-epg.hi.inet" - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/nginx" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - - name: "443" - port: 443 - targetPort: 443 - replicas: 1 - type: ClusterIP -publishedApis: - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - publishedApis: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/publish-service-api" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If env.monitoring: true. Setup monitoring.enable: true - env: - monitoring: "true" - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - replicas: 1 - type: ClusterIP -redis: - ports: - - name: "6379" - port: 6379 - targetPort: 6379 - redis: - env: - # Mode of replication - redisReplicationMode: master - image: - # -- The docker image repository to use - repository: "redis" - # -- The docker image tag to use - # @default Chart version - tag: "alpine" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - replicas: 1 - type: ClusterIP -serviceApis: - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - replicas: 1 - serviceApis: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/discover-service-api" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If env.monitoring: true. Setup monitoring.enable: true - env: - monitoring: "true" - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - type: ClusterIP -parametersVault: - env: - vaultHostname: vault-internal.mon.svc.cluster.local - vaultPort: 8200 - vaultAccessToken: dev-only-token - -helper: - env: - vaultHostname: vault-internal.mon.svc.cluster.local - vaultPort: 8200 - vaultAccessToken: dev-only-token - mongoHost: mongo - mongoPort: 27017 - capifHostname: my-capif.apps.ocp-epg.hi.inet - mongoInitdbRootUsername: root - mongoInitdbRootPassword: example # -- With tempo.enabled: false. It won't be deployed # -- If monitoring.enable: "true". Also enable tempo.enabled: true -- GitLab From 16606cf85dbb4d26182e6232e5ff18429cd6522b Mon Sep 17 00:00:00 2001 From: andresanaya21 Date: Thu, 13 Jun 2024 18:01:35 +0200 Subject: [PATCH 03/10] mock_server --- helm/capif/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/capif/values.yaml b/helm/capif/values.yaml index 67c9e42..5fcf7f2 100644 --- a/helm/capif/values.yaml +++ b/helm/capif/values.yaml @@ -1,6 +1,6 @@ monitoring: enable: "true" - + # -- With tempo.enabled: false. It won't be deployed # -- If monitoring.enable: "true". Also enable tempo.enabled: true tempo: -- GitLab From 7fd449ba7267d0fccefc34c572467847f28bb2c2 Mon Sep 17 00:00:00 2001 From: andresanaya21 Date: Thu, 13 Jun 2024 18:18:04 +0200 Subject: [PATCH 04/10] appVersion --- helm/capif/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/helm/capif/values.yaml b/helm/capif/values.yaml index 5fcf7f2..16b1068 100644 --- a/helm/capif/values.yaml +++ b/helm/capif/values.yaml @@ -1,5 +1,6 @@ monitoring: enable: "true" + # -- With tempo.enabled: false. It won't be deployed # -- If monitoring.enable: "true". Also enable tempo.enabled: true -- GitLab From 9609a2ffbc943ea3b107ad9db0ea0da71fcb38ff Mon Sep 17 00:00:00 2001 From: andresanaya21 Date: Thu, 13 Jun 2024 18:20:03 +0200 Subject: [PATCH 05/10] ocf-helper --- helm/capif/values.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/helm/capif/values.yaml b/helm/capif/values.yaml index 16b1068..7d5802b 100644 --- a/helm/capif/values.yaml +++ b/helm/capif/values.yaml @@ -1,7 +1,6 @@ monitoring: enable: "true" - # -- With tempo.enabled: false. It won't be deployed # -- If monitoring.enable: "true". Also enable tempo.enabled: true tempo: -- GitLab From 407ee3259add938b5977e717ead90c7a72a7e17d Mon Sep 17 00:00:00 2001 From: andresanaya21 Date: Thu, 13 Jun 2024 18:23:51 +0200 Subject: [PATCH 06/10] monitoring.grafana --- helm/capif/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/helm/capif/values.yaml b/helm/capif/values.yaml index 7d5802b..9a98669 100644 --- a/helm/capif/values.yaml +++ b/helm/capif/values.yaml @@ -12,6 +12,7 @@ tempo: persistence: enabled: true size: 3Gi + monitoring: # -- If monitoring enabled. enable: true, enable: "" = not enabled enable: "true" -- GitLab From 02603ca5e049837477faa7f9280de539916c0eff Mon Sep 17 00:00:00 2001 From: andresanaya21 Date: Fri, 14 Jun 2024 10:21:28 +0200 Subject: [PATCH 07/10] helm upgrade --- helm/capif/values.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/helm/capif/values.yaml b/helm/capif/values.yaml index 9a98669..a2c7347 100644 --- a/helm/capif/values.yaml +++ b/helm/capif/values.yaml @@ -177,4 +177,3 @@ monitoring: ingressRoute: enable: "" host: grafana.5gnacar.int - -- GitLab From 58b38bde93d0e9827661594a48234d19211ef5c3 Mon Sep 17 00:00:00 2001 From: andresanaya21 Date: Fri, 14 Jun 2024 10:29:28 +0200 Subject: [PATCH 08/10] confimap.yaml ocf-register --- helm/capif/charts/ocf-register/templates/configmap.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/helm/capif/charts/ocf-register/templates/configmap.yaml b/helm/capif/charts/ocf-register/templates/configmap.yaml index d927eba..cf801f4 100644 --- a/helm/capif/charts/ocf-register/templates/configmap.yaml +++ b/helm/capif/charts/ocf-register/templates/configmap.yaml @@ -9,6 +9,7 @@ data: 'password': 'example', 'db': 'capif_users', 'col': 'user', + 'admins': 'admins', 'host': '{{ .Values.env.mongoHost }}', 'port': '{{ .Values.env.mongoPort }}' } @@ -21,5 +22,6 @@ data: register_uuid: '6ba7b810-9dad-11d1-80b4-00c04fd430c8', refresh_expiration: 30, #days token_expiration: 10, #mins - admin_users: {admin: "password123"} + admin_users: {admin_user: "admin", + admin_pass: "password123"} } \ No newline at end of file -- GitLab From 2bb3356f0fe836ada2cc115b0c6d79e4c9f65cfa Mon Sep 17 00:00:00 2001 From: andresanaya21 Date: Fri, 14 Jun 2024 10:37:39 +0200 Subject: [PATCH 09/10] <<: *dev_common --- helm/capif/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/capif/values.yaml b/helm/capif/values.yaml index a2c7347..d9c8a80 100644 --- a/helm/capif/values.yaml +++ b/helm/capif/values.yaml @@ -176,4 +176,4 @@ monitoring: # -- If ingressRoute enable=true, use monitoring.grafana.ingress.enabled="" ingressRoute: enable: "" - host: grafana.5gnacar.int + host: grafana.5gnacar.int \ No newline at end of file -- GitLab From a383dbcbded9c418a3bffb133e760468851361d6 Mon Sep 17 00:00:00 2001 From: andresanaya21 Date: Fri, 14 Jun 2024 10:49:32 +0200 Subject: [PATCH 10/10] ocf-pre-staging --- helm/capif/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/capif/values.yaml b/helm/capif/values.yaml index d9c8a80..a2c7347 100644 --- a/helm/capif/values.yaml +++ b/helm/capif/values.yaml @@ -176,4 +176,4 @@ monitoring: # -- If ingressRoute enable=true, use monitoring.grafana.ingress.enabled="" ingressRoute: enable: "" - host: grafana.5gnacar.int \ No newline at end of file + host: grafana.5gnacar.int -- GitLab