From e5a8cd2bc4c727cdf3d35c9730a24c96e6a73452 Mon Sep 17 00:00:00 2001 From: andresanaya21 Date: Wed, 5 Jun 2024 16:57:42 +0200 Subject: [PATCH 01/10] access-control-policy --- helm/capif/Chart.yaml | 2 + .../charts/access-control-policy/.helmignore | 23 ++++ .../charts/access-control-policy/Chart.yaml | 24 ++++ .../access-control-policy/templates/NOTES.txt | 22 ++++ .../templates/_helpers.tpl | 62 ++++++++++ .../templates/deployment.yaml | 71 +++++++++++ .../access-control-policy/templates/hpa.yaml | 32 +++++ .../templates/ingress.yaml | 61 ++++++++++ .../templates/service.yaml | 15 +++ .../templates/serviceaccount.yaml | 13 ++ .../templates/tests/test-connection.yaml | 15 +++ .../charts/access-control-policy/values.yaml | 112 ++++++++++++++++++ .../templates/access-control-policy.yaml | 17 --- helm/capif/templates/deployment.yaml | 95 --------------- helm/capif/values.yaml | 25 ---- 15 files changed, 452 insertions(+), 137 deletions(-) create mode 100644 helm/capif/charts/access-control-policy/.helmignore create mode 100644 helm/capif/charts/access-control-policy/Chart.yaml create mode 100644 helm/capif/charts/access-control-policy/templates/NOTES.txt create mode 100644 helm/capif/charts/access-control-policy/templates/_helpers.tpl create mode 100644 helm/capif/charts/access-control-policy/templates/deployment.yaml create mode 100644 helm/capif/charts/access-control-policy/templates/hpa.yaml create mode 100644 helm/capif/charts/access-control-policy/templates/ingress.yaml create mode 100644 helm/capif/charts/access-control-policy/templates/service.yaml create mode 100644 helm/capif/charts/access-control-policy/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/access-control-policy/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/access-control-policy/values.yaml delete mode 100644 helm/capif/templates/access-control-policy.yaml diff --git a/helm/capif/Chart.yaml b/helm/capif/Chart.yaml index fc0c9676..b76f4683 100644 --- a/helm/capif/Chart.yaml +++ b/helm/capif/Chart.yaml @@ -20,6 +20,8 @@ version: v3.1.6 # It is recommended to use it with quotes. appVersion: "v3.1.6" dependencies: + - name: access-control-policy + version: "*" - name: helper version: "*" - name: "tempo" diff --git a/helm/capif/charts/access-control-policy/.helmignore b/helm/capif/charts/access-control-policy/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/helm/capif/charts/access-control-policy/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/access-control-policy/Chart.yaml b/helm/capif/charts/access-control-policy/Chart.yaml new file mode 100644 index 00000000..b13bbf0b --- /dev/null +++ b/helm/capif/charts/access-control-policy/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: access-control-policy +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/access-control-policy/templates/NOTES.txt b/helm/capif/charts/access-control-policy/templates/NOTES.txt new file mode 100644 index 00000000..2c54f9db --- /dev/null +++ b/helm/capif/charts/access-control-policy/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "access-control-policy.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "access-control-policy.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "access-control-policy.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "access-control-policy.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/access-control-policy/templates/_helpers.tpl b/helm/capif/charts/access-control-policy/templates/_helpers.tpl new file mode 100644 index 00000000..4b87b90e --- /dev/null +++ b/helm/capif/charts/access-control-policy/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "access-control-policy.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "access-control-policy.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "access-control-policy.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "access-control-policy.labels" -}} +helm.sh/chart: {{ include "access-control-policy.chart" . }} +{{ include "access-control-policy.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "access-control-policy.selectorLabels" -}} +app.kubernetes.io/name: {{ include "access-control-policy.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "access-control-policy.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "access-control-policy.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/charts/access-control-policy/templates/deployment.yaml b/helm/capif/charts/access-control-policy/templates/deployment.yaml new file mode 100644 index 00000000..2e4d15f1 --- /dev/null +++ b/helm/capif/charts/access-control-policy/templates/deployment.yaml @@ -0,0 +1,71 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "access-control-policy.fullname" . }} + labels: + {{- include "access-control-policy.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "access-control-policy.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + labels: + {{- include "access-control-policy.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "access-control-policy.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: CAPIF_HOSTNAME + value: {{ quote .Values.env.capifHostname }} + - name: MONITORING + value: {{ quote .Values.env.monitoring }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/access-control-policy/templates/hpa.yaml b/helm/capif/charts/access-control-policy/templates/hpa.yaml new file mode 100644 index 00000000..67eb1954 --- /dev/null +++ b/helm/capif/charts/access-control-policy/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "access-control-policy.fullname" . }} + labels: + {{- include "access-control-policy.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "access-control-policy.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/access-control-policy/templates/ingress.yaml b/helm/capif/charts/access-control-policy/templates/ingress.yaml new file mode 100644 index 00000000..dcafedb8 --- /dev/null +++ b/helm/capif/charts/access-control-policy/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "access-control-policy.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "access-control-policy.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/access-control-policy/templates/service.yaml b/helm/capif/charts/access-control-policy/templates/service.yaml new file mode 100644 index 00000000..c10293a0 --- /dev/null +++ b/helm/capif/charts/access-control-policy/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: access-control-policy + labels: + {{- include "access-control-policy.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "access-control-policy.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/access-control-policy/templates/serviceaccount.yaml b/helm/capif/charts/access-control-policy/templates/serviceaccount.yaml new file mode 100644 index 00000000..fc12b544 --- /dev/null +++ b/helm/capif/charts/access-control-policy/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "access-control-policy.serviceAccountName" . }} + labels: + {{- include "access-control-policy.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/access-control-policy/templates/tests/test-connection.yaml b/helm/capif/charts/access-control-policy/templates/tests/test-connection.yaml new file mode 100644 index 00000000..0e67abf1 --- /dev/null +++ b/helm/capif/charts/access-control-policy/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "access-control-policy.fullname" . }}-test-connection" + labels: + {{- include "access-control-policy.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "access-control-policy.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/access-control-policy/values.yaml b/helm/capif/charts/access-control-policy/values.yaml new file mode 100644 index 00000000..61aba34b --- /dev/null +++ b/helm/capif/charts/access-control-policy/values.yaml @@ -0,0 +1,112 @@ +# Default values for access-control-policy. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: access-control-policy + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + capifHostname: my-capif.apps.ocp-epg.hi.inet + monitoring: "true" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + initialDelaySeconds: 10 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: [] +# - name: foo +# secret: +# secretName: mysecret +# optional: false + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: [] +# - name: foo +# mountPath: "/etc/foo" +# readOnly: true + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/templates/access-control-policy.yaml b/helm/capif/templates/access-control-policy.yaml deleted file mode 100644 index 8b2b198b..00000000 --- a/helm/capif/templates/access-control-policy.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: access-control-policy - labels: - io.kompose.service: access-control-policy - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.accessControlPolicy.type }} - selector: - io.kompose.service: access-control-policy - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.accessControlPolicy.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/deployment.yaml b/helm/capif/templates/deployment.yaml index ff5ffe29..4f581002 100644 --- a/helm/capif/templates/deployment.yaml +++ b/helm/capif/templates/deployment.yaml @@ -1,98 +1,3 @@ -{{- if eq .Values.CapifClient.enable "true" }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: capif-client - labels: - io.kompose.service: capif-client - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.CapifClient.replicas }} - selector: - matchLabels: - io.kompose.service: capif-client - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: capif-client - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: CAPIF_HOSTNAME - value: nginx.mon.svc.cluster.local - - name: VAULT_HOSTNAME - value: {{ quote .Values.parametersVault.env.vaultHostname }} - - name: VAULT_PORT - value: {{ quote .Values.parametersVault.env.vaultPort }} - - name: VAULT_ACCESS_TOKEN - value: {{ quote .Values.parametersVault.env.vaultAccessToken }} - image: {{ .Values.CapifClient.image.repository }}:{{ .Values.CapifClient.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.CapifClient.image.imagePullPolicy }} - name: capif-client - resources: - {{- toYaml .Values.CapifClient.resources | nindent 12 }} - restartPolicy: Always -{{- end }} ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: access-control-policy - labels: - io.kompose.service: access-control-policy - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.accessControlPolicy.replicas }} - selector: - matchLabels: - io.kompose.service: access-control-policy - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: access-control-policy - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: CAPIF_HOSTNAME - value: {{ quote .Values.nginx.nginx.env.capifHostname }} - - name: MONITORING - value: {{ quote .Values.accessControlPolicy.env.monitoring }} - image: {{ .Values.accessControlPolicy.image.repository }}:{{ .Values.accessControlPolicy.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.accessControlPolicy.image.imagePullPolicy }} - name: access-control-policy - ports: - - containerPort: 8080 - resources: - {{- toYaml .Values.accessControlPolicy.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 8080 - initialDelaySeconds: 10 - periodSeconds: 5 - restartPolicy: Always - --- apiVersion: apps/v1 kind: Deployment diff --git a/helm/capif/values.yaml b/helm/capif/values.yaml index f017ac0f..0a507822 100644 --- a/helm/capif/values.yaml +++ b/helm/capif/values.yaml @@ -34,31 +34,6 @@ accessControlPolicy: replicas: 1 type: ClusterIP -CapifClient: - # -- If enable capif client. - enable: "" - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/client" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - replicas: 1 - type: ClusterIP - apiInvocationLogs: apiInvocationLogs: image: -- GitLab From baa05607efe3ced382cc266773b84ed0396121e8 Mon Sep 17 00:00:00 2001 From: andresanaya21 Date: Thu, 13 Jun 2024 17:48:36 +0200 Subject: [PATCH 02/10] refactoring ocf helm --- helm/capif/Chart.yaml | 38 +- .../templates/tests/test-connection.yaml | 15 - .../.helmignore | 0 .../Chart.yaml | 2 +- .../charts/mock-server/templates/NOTES.txt | 22 + .../charts/mock-server/templates/_helpers.tpl | 62 ++ .../mock-server/templates/deployment.yaml | 68 ++ .../templates/hpa.yaml | 6 +- .../charts/mock-server/templates/ingress.yaml | 61 ++ .../charts/mock-server/templates/service.yaml | 15 + .../mock-server/templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 6 +- helm/capif/charts/mock-server/values.yaml | 108 ++ .../{helper => mongo-express}/.helmignore | 0 helm/capif/charts/mongo-express/Chart.yaml | 24 + .../charts/mongo-express/templates/NOTES.txt | 22 + .../mongo-express/templates/_helpers.tpl | 62 ++ .../mongo-express/templates/deployment.yaml | 73 ++ .../charts/mongo-express/templates/hpa.yaml | 32 + .../templates/ingress.yaml | 4 +- .../mongo-express/templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + helm/capif/charts/mongo-express/values.yaml | 112 ++ .../charts/mongo-register-express/.helmignore | 23 + .../charts/mongo-register-express/Chart.yaml | 24 + .../templates/NOTES.txt | 22 + .../templates/_helpers.tpl | 62 ++ .../templates/deployment.yaml | 73 ++ .../mongo-register-express/templates/hpa.yaml | 32 + .../templates/ingress.yaml | 61 ++ .../templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + .../charts/mongo-register-express/values.yaml | 113 ++ helm/capif/charts/mongo-register/.helmignore | 23 + helm/capif/charts/mongo-register/Chart.yaml | 24 + .../charts/mongo-register/templates/NOTES.txt | 22 + .../mongo-register/templates/_helpers.tpl | 62 ++ .../mongo-register/templates/deployment.yaml | 73 ++ .../charts/mongo-register/templates/hpa.yaml | 32 + .../mongo-register/templates/ingress.yaml | 61 ++ .../charts/mongo-register/templates/pvc.yaml | 13 + .../mongo-register/templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + helm/capif/charts/mongo-register/values.yaml | 113 ++ helm/capif/charts/mongo/.helmignore | 23 + .../capif/charts/{helper => mongo}/Chart.yaml | 2 +- .../{helper => mongo}/templates/NOTES.txt | 8 +- .../{helper => mongo}/templates/_helpers.tpl | 20 +- .../charts/mongo/templates/deployment.yaml | 83 ++ .../{helper => mongo}/templates/hpa.yaml | 6 +- .../{helper => mongo}/templates/ingress.yaml | 4 +- helm/capif/charts/mongo/templates/pvc.yaml | 13 + .../capif/charts/mongo/templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 4 +- .../templates/tests/test-connection.yaml | 15 + helm/capif/charts/mongo/values.yaml | 116 +++ helm/capif/charts/nginx/.helmignore | 23 + helm/capif/charts/nginx/Chart.yaml | 24 + helm/capif/charts/nginx/templates/NOTES.txt | 22 + .../capif/charts/nginx/templates/_helpers.tpl | 62 ++ .../charts/nginx/templates/deployment.yaml | 76 ++ helm/capif/charts/nginx/templates/hpa.yaml | 32 + .../charts/nginx/templates/ingress-route.yaml | 25 + .../capif/charts/nginx/templates/ingress.yaml | 59 ++ .../capif/charts/nginx/templates/service.yaml | 16 + .../nginx/templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 17 + helm/capif/charts/nginx/values.yaml | 122 +++ .../ocf-access-control-policy/.helmignore | 23 + .../ocf-access-control-policy/Chart.yaml | 24 + .../templates/NOTES.txt | 22 + .../templates/_helpers.tpl | 62 ++ .../templates/deployment.yaml | 10 +- .../templates/hpa.yaml | 32 + .../templates/ingress.yaml | 61 ++ .../templates/service.yaml | 4 +- .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + .../values.yaml | 4 +- .../ocf-api-invocation-logs/.helmignore | 23 + .../charts/ocf-api-invocation-logs/Chart.yaml | 24 + .../templates/NOTES.txt | 22 + .../templates/_helpers.tpl | 62 ++ .../templates/configmap.yaml} | 4 +- .../templates/deployment.yaml | 78 ++ .../templates/hpa.yaml | 32 + .../templates/ingress.yaml | 61 ++ .../templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + .../ocf-api-invocation-logs/values.yaml | 119 +++ .../ocf-api-invoker-management/.helmignore | 23 + .../ocf-api-invoker-management/Chart.yaml | 24 + .../templates/NOTES.txt | 22 + .../templates/_helpers.tpl | 62 ++ .../templates/configmap.yaml} | 14 +- .../templates/deployment.yaml | 76 ++ .../templates/hpa.yaml | 32 + .../templates/ingress.yaml | 61 ++ .../templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + .../ocf-api-invoker-management/values.yaml | 119 +++ .../ocf-api-provider-management/.helmignore | 23 + .../ocf-api-provider-management/Chart.yaml | 24 + .../templates/NOTES.txt | 22 + .../templates/_helpers.tpl | 62 ++ .../templates/configmap.yaml} | 14 +- .../templates/deployment.yaml | 76 ++ .../templates/hpa.yaml | 32 + .../templates/ingress.yaml | 61 ++ .../templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + .../ocf-api-provider-management/values.yaml | 119 +++ .../charts/ocf-auditing-api-logs/.helmignore | 23 + .../charts/ocf-auditing-api-logs/Chart.yaml | 24 + .../ocf-auditing-api-logs/configmap.yaml} | 4 +- .../templates/NOTES.txt | 8 +- .../templates/_helpers.tpl | 20 +- .../templates/configmap.yaml | 27 + .../templates/deployment.yaml | 70 ++ .../ocf-auditing-api-logs/templates/hpa.yaml | 32 + .../templates/ingress.yaml | 61 ++ .../templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 4 +- .../templates/tests/test-connection.yaml | 15 + .../charts/ocf-auditing-api-logs/values.yaml | 115 +++ .../ocf-discover-service-api/.helmignore | 23 + .../ocf-discover-service-api/Chart.yaml | 24 + .../templates/NOTES.txt | 22 + .../templates/_helpers.tpl | 62 ++ .../templates/configmap.yaml} | 4 +- .../templates/deployment.yaml | 70 ++ .../templates/hpa.yaml | 32 + .../templates/ingress.yaml | 61 ++ .../templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + .../ocf-discover-service-api/values.yaml | 116 +++ helm/capif/charts/ocf-events/.helmignore | 23 + helm/capif/charts/ocf-events/Chart.yaml | 24 + .../charts/ocf-events/templates/NOTES.txt | 22 + .../charts/ocf-events/templates/_helpers.tpl | 62 ++ .../ocf-events/templates/configmap.yaml} | 6 +- .../ocf-events/templates/deployment.yaml | 70 ++ .../charts/ocf-events/templates/hpa.yaml | 32 + .../charts/ocf-events/templates/ingress.yaml | 61 ++ .../charts/ocf-events/templates/service.yaml | 15 + .../ocf-events/templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + helm/capif/charts/ocf-events/values.yaml | 115 +++ helm/capif/charts/ocf-helper/.helmignore | 23 + helm/capif/charts/ocf-helper/Chart.yaml | 24 + .../charts/ocf-helper/templates/NOTES.txt | 22 + .../charts/ocf-helper/templates/_helpers.tpl | 62 ++ .../templates/deployment.yaml | 10 +- .../charts/ocf-helper/templates/hpa.yaml | 32 + .../charts/ocf-helper/templates/ingress.yaml | 61 ++ .../templates/ocf-helper-configmap.yaml | 0 .../templates/service.yaml | 4 +- .../ocf-helper/templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + .../charts/{helper => ocf-helper}/values.yaml | 6 +- .../ocf-publish-service-api/.helmignore | 23 + .../charts/ocf-publish-service-api/Chart.yaml | 24 + .../templates/NOTES.txt | 22 + .../templates/_helpers.tpl | 62 ++ .../templates/configmap.yaml} | 4 +- .../templates/deployment.yaml | 70 ++ .../templates/hpa.yaml | 32 + .../templates/ingress.yaml | 61 ++ .../templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + .../ocf-publish-service-api/values.yaml | 115 +++ helm/capif/charts/ocf-register/.helmignore | 23 + helm/capif/charts/ocf-register/Chart.yaml | 24 + .../charts/ocf-register/templates/NOTES.txt | 22 + .../ocf-register/templates/_helpers.tpl | 62 ++ .../ocf-register/templates/configmap.yaml} | 12 +- .../ocf-register/templates/deployment.yaml | 74 ++ .../charts/ocf-register/templates/hpa.yaml | 32 + .../ocf-register/templates/ingress.yaml | 60 ++ .../ocf-register/templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + helm/capif/charts/ocf-register/values.yaml | 118 +++ .../capif/charts/ocf-routing-info/.helmignore | 23 + helm/capif/charts/ocf-routing-info/Chart.yaml | 24 + .../ocf-routing-info/templates/NOTES.txt | 22 + .../ocf-routing-info/templates/_helpers.tpl | 62 ++ .../templates/deployment.yaml | 69 ++ .../ocf-routing-info/templates/hpa.yaml | 32 + .../ocf-routing-info/templates/ingress.yaml | 61 ++ .../ocf-routing-info/templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + .../capif/charts/ocf-routing-info/values.yaml | 111 ++ helm/capif/charts/ocf-security/.helmignore | 23 + helm/capif/charts/ocf-security/Chart.yaml | 24 + .../charts/ocf-security/templates/NOTES.txt | 22 + .../ocf-security/templates/_helpers.tpl | 62 ++ .../ocf-security/templates/configmap.yaml} | 4 +- .../ocf-security/templates/deployment.yaml | 78 ++ .../charts/ocf-security/templates/hpa.yaml | 32 + .../ocf-security/templates/ingress.yaml | 61 ++ .../ocf-security/templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + helm/capif/charts/ocf-security/values.yaml | 118 +++ helm/capif/charts/redis/.helmignore | 23 + helm/capif/charts/redis/Chart.yaml | 24 + helm/capif/charts/redis/templates/NOTES.txt | 22 + .../capif/charts/redis/templates/_helpers.tpl | 62 ++ .../charts/redis/templates/deployment.yaml | 69 ++ helm/capif/charts/redis/templates/hpa.yaml | 32 + .../capif/charts/redis/templates/ingress.yaml | 61 ++ .../capif/charts/redis/templates/service.yaml | 15 + .../redis/templates/serviceaccount.yaml | 13 + .../templates/tests/test-connection.yaml | 15 + helm/capif/charts/redis/values.yaml | 111 ++ helm/capif/templates/api-invocation-logs.yaml | 17 - .../templates/api-invoker-management.yaml | 17 - .../templates/api-provider-management.yaml | 17 - helm/capif/templates/capif-events.yaml | 17 - helm/capif/templates/capif-routing-info.yaml | 17 - helm/capif/templates/capif-security.yaml | 17 - helm/capif/templates/deployment.yaml | 973 ------------------ helm/capif/templates/logs.yaml | 17 - helm/capif/templates/mongo-express.yaml | 17 - helm/capif/templates/mongo-pvc.yaml | 17 - .../templates/mongo-register-express.yaml | 17 - helm/capif/templates/mongo-register-pvc.yaml | 17 - helm/capif/templates/mongo-register.yaml | 17 - helm/capif/templates/mongo.yaml | 17 - helm/capif/templates/nginx-ingress-route.yaml | 17 - .../templates/nginx-ssl-ingress-route.yaml | 18 - helm/capif/templates/nginx-ssl-route.yaml | 22 - helm/capif/templates/nginx-ssl.yaml | 32 - helm/capif/templates/nginx.yaml | 48 - helm/capif/templates/published-apis.yaml | 17 - helm/capif/templates/redis.yaml | 17 - helm/capif/templates/register.yaml | 19 - helm/capif/templates/service-apis.yaml | 17 - helm/capif/values.yaml | 509 --------- 249 files changed, 7972 insertions(+), 2027 deletions(-) delete mode 100644 helm/capif/charts/access-control-policy/templates/tests/test-connection.yaml rename helm/capif/charts/{access-control-policy => mock-server}/.helmignore (100%) rename helm/capif/charts/{access-control-policy => mock-server}/Chart.yaml (97%) create mode 100644 helm/capif/charts/mock-server/templates/NOTES.txt create mode 100644 helm/capif/charts/mock-server/templates/_helpers.tpl create mode 100644 helm/capif/charts/mock-server/templates/deployment.yaml rename helm/capif/charts/{access-control-policy => mock-server}/templates/hpa.yaml (82%) create mode 100644 helm/capif/charts/mock-server/templates/ingress.yaml create mode 100644 helm/capif/charts/mock-server/templates/service.yaml create mode 100644 helm/capif/charts/mock-server/templates/serviceaccount.yaml rename helm/capif/charts/{helper => mock-server}/templates/tests/test-connection.yaml (50%) create mode 100644 helm/capif/charts/mock-server/values.yaml rename helm/capif/charts/{helper => mongo-express}/.helmignore (100%) create mode 100644 helm/capif/charts/mongo-express/Chart.yaml create mode 100644 helm/capif/charts/mongo-express/templates/NOTES.txt create mode 100644 helm/capif/charts/mongo-express/templates/_helpers.tpl create mode 100644 helm/capif/charts/mongo-express/templates/deployment.yaml create mode 100644 helm/capif/charts/mongo-express/templates/hpa.yaml rename helm/capif/charts/{access-control-policy => mongo-express}/templates/ingress.yaml (93%) create mode 100644 helm/capif/charts/mongo-express/templates/service.yaml create mode 100644 helm/capif/charts/mongo-express/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/mongo-express/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/mongo-express/values.yaml create mode 100644 helm/capif/charts/mongo-register-express/.helmignore create mode 100644 helm/capif/charts/mongo-register-express/Chart.yaml create mode 100644 helm/capif/charts/mongo-register-express/templates/NOTES.txt create mode 100644 helm/capif/charts/mongo-register-express/templates/_helpers.tpl create mode 100644 helm/capif/charts/mongo-register-express/templates/deployment.yaml create mode 100644 helm/capif/charts/mongo-register-express/templates/hpa.yaml create mode 100644 helm/capif/charts/mongo-register-express/templates/ingress.yaml create mode 100644 helm/capif/charts/mongo-register-express/templates/service.yaml create mode 100644 helm/capif/charts/mongo-register-express/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/mongo-register-express/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/mongo-register-express/values.yaml create mode 100644 helm/capif/charts/mongo-register/.helmignore create mode 100644 helm/capif/charts/mongo-register/Chart.yaml create mode 100644 helm/capif/charts/mongo-register/templates/NOTES.txt create mode 100644 helm/capif/charts/mongo-register/templates/_helpers.tpl create mode 100644 helm/capif/charts/mongo-register/templates/deployment.yaml create mode 100644 helm/capif/charts/mongo-register/templates/hpa.yaml create mode 100644 helm/capif/charts/mongo-register/templates/ingress.yaml create mode 100644 helm/capif/charts/mongo-register/templates/pvc.yaml create mode 100644 helm/capif/charts/mongo-register/templates/service.yaml create mode 100644 helm/capif/charts/mongo-register/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/mongo-register/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/mongo-register/values.yaml create mode 100644 helm/capif/charts/mongo/.helmignore rename helm/capif/charts/{helper => mongo}/Chart.yaml (98%) rename helm/capif/charts/{helper => mongo}/templates/NOTES.txt (77%) rename helm/capif/charts/{helper => mongo}/templates/_helpers.tpl (76%) create mode 100644 helm/capif/charts/mongo/templates/deployment.yaml rename helm/capif/charts/{helper => mongo}/templates/hpa.yaml (86%) rename helm/capif/charts/{helper => mongo}/templates/ingress.yaml (95%) create mode 100644 helm/capif/charts/mongo/templates/pvc.yaml create mode 100644 helm/capif/charts/mongo/templates/service.yaml rename helm/capif/charts/{helper => mongo}/templates/serviceaccount.yaml (73%) create mode 100644 helm/capif/charts/mongo/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/mongo/values.yaml create mode 100644 helm/capif/charts/nginx/.helmignore create mode 100644 helm/capif/charts/nginx/Chart.yaml create mode 100644 helm/capif/charts/nginx/templates/NOTES.txt create mode 100644 helm/capif/charts/nginx/templates/_helpers.tpl create mode 100644 helm/capif/charts/nginx/templates/deployment.yaml create mode 100644 helm/capif/charts/nginx/templates/hpa.yaml create mode 100644 helm/capif/charts/nginx/templates/ingress-route.yaml create mode 100644 helm/capif/charts/nginx/templates/ingress.yaml create mode 100644 helm/capif/charts/nginx/templates/service.yaml create mode 100644 helm/capif/charts/nginx/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/nginx/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/nginx/values.yaml create mode 100644 helm/capif/charts/ocf-access-control-policy/.helmignore create mode 100644 helm/capif/charts/ocf-access-control-policy/Chart.yaml create mode 100644 helm/capif/charts/ocf-access-control-policy/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-access-control-policy/templates/_helpers.tpl rename helm/capif/charts/{access-control-policy => ocf-access-control-policy}/templates/deployment.yaml (84%) create mode 100644 helm/capif/charts/ocf-access-control-policy/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-access-control-policy/templates/ingress.yaml rename helm/capif/charts/{access-control-policy => ocf-access-control-policy}/templates/service.yaml (62%) create mode 100644 helm/capif/charts/ocf-access-control-policy/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-access-control-policy/templates/tests/test-connection.yaml rename helm/capif/charts/{access-control-policy => ocf-access-control-policy}/values.yaml (96%) create mode 100644 helm/capif/charts/ocf-api-invocation-logs/.helmignore create mode 100644 helm/capif/charts/ocf-api-invocation-logs/Chart.yaml create mode 100644 helm/capif/charts/ocf-api-invocation-logs/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-api-invocation-logs/templates/_helpers.tpl rename helm/capif/{templates/capif-invocation-configmap.yaml => charts/ocf-api-invocation-logs/templates/configmap.yaml} (83%) create mode 100644 helm/capif/charts/ocf-api-invocation-logs/templates/deployment.yaml create mode 100644 helm/capif/charts/ocf-api-invocation-logs/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-api-invocation-logs/templates/ingress.yaml create mode 100644 helm/capif/charts/ocf-api-invocation-logs/templates/service.yaml create mode 100644 helm/capif/charts/ocf-api-invocation-logs/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-api-invocation-logs/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/ocf-api-invocation-logs/values.yaml create mode 100644 helm/capif/charts/ocf-api-invoker-management/.helmignore create mode 100644 helm/capif/charts/ocf-api-invoker-management/Chart.yaml create mode 100644 helm/capif/charts/ocf-api-invoker-management/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-api-invoker-management/templates/_helpers.tpl rename helm/capif/{templates/capif-invoker-configmap.yaml => charts/ocf-api-invoker-management/templates/configmap.yaml} (62%) create mode 100644 helm/capif/charts/ocf-api-invoker-management/templates/deployment.yaml create mode 100644 helm/capif/charts/ocf-api-invoker-management/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-api-invoker-management/templates/ingress.yaml create mode 100644 helm/capif/charts/ocf-api-invoker-management/templates/service.yaml create mode 100644 helm/capif/charts/ocf-api-invoker-management/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-api-invoker-management/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/ocf-api-invoker-management/values.yaml create mode 100644 helm/capif/charts/ocf-api-provider-management/.helmignore create mode 100644 helm/capif/charts/ocf-api-provider-management/Chart.yaml create mode 100644 helm/capif/charts/ocf-api-provider-management/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-api-provider-management/templates/_helpers.tpl rename helm/capif/{templates/capif-provider-configmap.yaml => charts/ocf-api-provider-management/templates/configmap.yaml} (61%) create mode 100644 helm/capif/charts/ocf-api-provider-management/templates/deployment.yaml create mode 100644 helm/capif/charts/ocf-api-provider-management/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-api-provider-management/templates/ingress.yaml create mode 100644 helm/capif/charts/ocf-api-provider-management/templates/service.yaml create mode 100644 helm/capif/charts/ocf-api-provider-management/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-api-provider-management/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/ocf-api-provider-management/values.yaml create mode 100644 helm/capif/charts/ocf-auditing-api-logs/.helmignore create mode 100644 helm/capif/charts/ocf-auditing-api-logs/Chart.yaml rename helm/capif/{templates/capif-logs-configmap.yaml => charts/ocf-auditing-api-logs/configmap.yaml} (80%) rename helm/capif/charts/{access-control-policy => ocf-auditing-api-logs}/templates/NOTES.txt (81%) rename helm/capif/charts/{access-control-policy => ocf-auditing-api-logs}/templates/_helpers.tpl (71%) create mode 100644 helm/capif/charts/ocf-auditing-api-logs/templates/configmap.yaml create mode 100644 helm/capif/charts/ocf-auditing-api-logs/templates/deployment.yaml create mode 100644 helm/capif/charts/ocf-auditing-api-logs/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-auditing-api-logs/templates/ingress.yaml create mode 100644 helm/capif/charts/ocf-auditing-api-logs/templates/service.yaml rename helm/capif/charts/{access-control-policy => ocf-auditing-api-logs}/templates/serviceaccount.yaml (69%) create mode 100644 helm/capif/charts/ocf-auditing-api-logs/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/ocf-auditing-api-logs/values.yaml create mode 100644 helm/capif/charts/ocf-discover-service-api/.helmignore create mode 100644 helm/capif/charts/ocf-discover-service-api/Chart.yaml create mode 100644 helm/capif/charts/ocf-discover-service-api/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-discover-service-api/templates/_helpers.tpl rename helm/capif/{templates/capif-service-configmap.yaml => charts/ocf-discover-service-api/templates/configmap.yaml} (82%) create mode 100644 helm/capif/charts/ocf-discover-service-api/templates/deployment.yaml create mode 100644 helm/capif/charts/ocf-discover-service-api/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-discover-service-api/templates/ingress.yaml create mode 100644 helm/capif/charts/ocf-discover-service-api/templates/service.yaml create mode 100644 helm/capif/charts/ocf-discover-service-api/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-discover-service-api/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/ocf-discover-service-api/values.yaml create mode 100644 helm/capif/charts/ocf-events/.helmignore create mode 100644 helm/capif/charts/ocf-events/Chart.yaml create mode 100644 helm/capif/charts/ocf-events/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-events/templates/_helpers.tpl rename helm/capif/{templates/capif-events-configmap.yaml => charts/ocf-events/templates/configmap.yaml} (82%) create mode 100644 helm/capif/charts/ocf-events/templates/deployment.yaml create mode 100644 helm/capif/charts/ocf-events/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-events/templates/ingress.yaml create mode 100644 helm/capif/charts/ocf-events/templates/service.yaml create mode 100644 helm/capif/charts/ocf-events/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-events/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/ocf-events/values.yaml create mode 100644 helm/capif/charts/ocf-helper/.helmignore create mode 100644 helm/capif/charts/ocf-helper/Chart.yaml create mode 100644 helm/capif/charts/ocf-helper/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-helper/templates/_helpers.tpl rename helm/capif/charts/{helper => ocf-helper}/templates/deployment.yaml (88%) create mode 100644 helm/capif/charts/ocf-helper/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-helper/templates/ingress.yaml rename helm/capif/charts/{helper => ocf-helper}/templates/ocf-helper-configmap.yaml (100%) rename helm/capif/charts/{helper => ocf-helper}/templates/service.yaml (66%) create mode 100644 helm/capif/charts/ocf-helper/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-helper/templates/tests/test-connection.yaml rename helm/capif/charts/{helper => ocf-helper}/values.yaml (96%) create mode 100644 helm/capif/charts/ocf-publish-service-api/.helmignore create mode 100644 helm/capif/charts/ocf-publish-service-api/Chart.yaml create mode 100644 helm/capif/charts/ocf-publish-service-api/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-publish-service-api/templates/_helpers.tpl rename helm/capif/{templates/capif-published-configmap.yaml => charts/ocf-publish-service-api/templates/configmap.yaml} (82%) create mode 100644 helm/capif/charts/ocf-publish-service-api/templates/deployment.yaml create mode 100644 helm/capif/charts/ocf-publish-service-api/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-publish-service-api/templates/ingress.yaml create mode 100644 helm/capif/charts/ocf-publish-service-api/templates/service.yaml create mode 100644 helm/capif/charts/ocf-publish-service-api/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-publish-service-api/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/ocf-publish-service-api/values.yaml create mode 100644 helm/capif/charts/ocf-register/.helmignore create mode 100644 helm/capif/charts/ocf-register/Chart.yaml create mode 100644 helm/capif/charts/ocf-register/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-register/templates/_helpers.tpl rename helm/capif/{templates/register-configmap.yaml => charts/ocf-register/templates/configmap.yaml} (53%) create mode 100644 helm/capif/charts/ocf-register/templates/deployment.yaml create mode 100644 helm/capif/charts/ocf-register/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-register/templates/ingress.yaml create mode 100644 helm/capif/charts/ocf-register/templates/service.yaml create mode 100644 helm/capif/charts/ocf-register/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-register/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/ocf-register/values.yaml create mode 100644 helm/capif/charts/ocf-routing-info/.helmignore create mode 100644 helm/capif/charts/ocf-routing-info/Chart.yaml create mode 100644 helm/capif/charts/ocf-routing-info/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-routing-info/templates/_helpers.tpl create mode 100644 helm/capif/charts/ocf-routing-info/templates/deployment.yaml create mode 100644 helm/capif/charts/ocf-routing-info/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-routing-info/templates/ingress.yaml create mode 100644 helm/capif/charts/ocf-routing-info/templates/service.yaml create mode 100644 helm/capif/charts/ocf-routing-info/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-routing-info/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/ocf-routing-info/values.yaml create mode 100644 helm/capif/charts/ocf-security/.helmignore create mode 100644 helm/capif/charts/ocf-security/Chart.yaml create mode 100644 helm/capif/charts/ocf-security/templates/NOTES.txt create mode 100644 helm/capif/charts/ocf-security/templates/_helpers.tpl rename helm/capif/{templates/capif-security-configmap.yaml => charts/ocf-security/templates/configmap.yaml} (82%) create mode 100644 helm/capif/charts/ocf-security/templates/deployment.yaml create mode 100644 helm/capif/charts/ocf-security/templates/hpa.yaml create mode 100644 helm/capif/charts/ocf-security/templates/ingress.yaml create mode 100644 helm/capif/charts/ocf-security/templates/service.yaml create mode 100644 helm/capif/charts/ocf-security/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/ocf-security/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/ocf-security/values.yaml create mode 100644 helm/capif/charts/redis/.helmignore create mode 100644 helm/capif/charts/redis/Chart.yaml create mode 100644 helm/capif/charts/redis/templates/NOTES.txt create mode 100644 helm/capif/charts/redis/templates/_helpers.tpl create mode 100644 helm/capif/charts/redis/templates/deployment.yaml create mode 100644 helm/capif/charts/redis/templates/hpa.yaml create mode 100644 helm/capif/charts/redis/templates/ingress.yaml create mode 100644 helm/capif/charts/redis/templates/service.yaml create mode 100644 helm/capif/charts/redis/templates/serviceaccount.yaml create mode 100644 helm/capif/charts/redis/templates/tests/test-connection.yaml create mode 100644 helm/capif/charts/redis/values.yaml delete mode 100644 helm/capif/templates/api-invocation-logs.yaml delete mode 100644 helm/capif/templates/api-invoker-management.yaml delete mode 100644 helm/capif/templates/api-provider-management.yaml delete mode 100644 helm/capif/templates/capif-events.yaml delete mode 100644 helm/capif/templates/capif-routing-info.yaml delete mode 100644 helm/capif/templates/capif-security.yaml delete mode 100644 helm/capif/templates/logs.yaml delete mode 100644 helm/capif/templates/mongo-express.yaml delete mode 100644 helm/capif/templates/mongo-pvc.yaml delete mode 100644 helm/capif/templates/mongo-register-express.yaml delete mode 100644 helm/capif/templates/mongo-register-pvc.yaml delete mode 100644 helm/capif/templates/mongo-register.yaml delete mode 100644 helm/capif/templates/mongo.yaml delete mode 100644 helm/capif/templates/nginx-ingress-route.yaml delete mode 100644 helm/capif/templates/nginx-ssl-ingress-route.yaml delete mode 100644 helm/capif/templates/nginx-ssl-route.yaml delete mode 100644 helm/capif/templates/nginx-ssl.yaml delete mode 100644 helm/capif/templates/nginx.yaml delete mode 100644 helm/capif/templates/published-apis.yaml delete mode 100644 helm/capif/templates/redis.yaml delete mode 100644 helm/capif/templates/register.yaml delete mode 100644 helm/capif/templates/service-apis.yaml diff --git a/helm/capif/Chart.yaml b/helm/capif/Chart.yaml index b76f4683..3cdcb3ef 100644 --- a/helm/capif/Chart.yaml +++ b/helm/capif/Chart.yaml @@ -20,9 +20,43 @@ version: v3.1.6 # It is recommended to use it with quotes. appVersion: "v3.1.6" dependencies: - - name: access-control-policy + - name: ocf-access-control-policy version: "*" - - name: helper + - name: ocf-api-invoker-management + version: "*" + - name: ocf-api-provider-management + version: "*" + - name: ocf-api-invocation-logs + version: "*" + - name: ocf-events + version: "*" + - name: ocf-helper + version: "*" + - name: ocf-routing-info + version: "*" + - name: ocf-security + version: "*" + - name: ocf-register + version: "*" + - name: mongo-register + version: "*" + - name: ocf-auditing-api-logs + version: "*" + - name: ocf-publish-service-api + version: "*" + - name: ocf-discover-service-api + version: "*" + - name: mongo + version: "*" + - name: mongo-express + version: "*" + - name: mongo-register-express + version: "*" + - name: nginx + version: "*" + - name: mock-server + version: "*" + - name: redis version: "*" - name: "tempo" condition: tempo.enabled diff --git a/helm/capif/charts/access-control-policy/templates/tests/test-connection.yaml b/helm/capif/charts/access-control-policy/templates/tests/test-connection.yaml deleted file mode 100644 index 0e67abf1..00000000 --- a/helm/capif/charts/access-control-policy/templates/tests/test-connection.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: "{{ include "access-control-policy.fullname" . }}-test-connection" - labels: - {{- include "access-control-policy.labels" . | nindent 4 }} - annotations: - "helm.sh/hook": test -spec: - containers: - - name: wget - image: busybox - command: ['wget'] - args: ['{{ include "access-control-policy.fullname" . }}:{{ .Values.service.port }}'] - restartPolicy: Never diff --git a/helm/capif/charts/access-control-policy/.helmignore b/helm/capif/charts/mock-server/.helmignore similarity index 100% rename from helm/capif/charts/access-control-policy/.helmignore rename to helm/capif/charts/mock-server/.helmignore diff --git a/helm/capif/charts/access-control-policy/Chart.yaml b/helm/capif/charts/mock-server/Chart.yaml similarity index 97% rename from helm/capif/charts/access-control-policy/Chart.yaml rename to helm/capif/charts/mock-server/Chart.yaml index b13bbf0b..9ca2cda3 100644 --- a/helm/capif/charts/access-control-policy/Chart.yaml +++ b/helm/capif/charts/mock-server/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -name: access-control-policy +name: mock-server description: A Helm chart for Kubernetes # A chart can be either an 'application' or a 'library' chart. diff --git a/helm/capif/charts/mock-server/templates/NOTES.txt b/helm/capif/charts/mock-server/templates/NOTES.txt new file mode 100644 index 00000000..4e3d0560 --- /dev/null +++ b/helm/capif/charts/mock-server/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "mock-server.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "mock-server.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "mock-server.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "mock-server.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/mock-server/templates/_helpers.tpl b/helm/capif/charts/mock-server/templates/_helpers.tpl new file mode 100644 index 00000000..4c9fe56f --- /dev/null +++ b/helm/capif/charts/mock-server/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "mock-server.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "mock-server.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "mock-server.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "mock-server.labels" -}} +helm.sh/chart: {{ include "mock-server.chart" . }} +{{ include "mock-server.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "mock-server.selectorLabels" -}} +app.kubernetes.io/name: {{ include "mock-server.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "mock-server.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "mock-server.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/charts/mock-server/templates/deployment.yaml b/helm/capif/charts/mock-server/templates/deployment.yaml new file mode 100644 index 00000000..270411b0 --- /dev/null +++ b/helm/capif/charts/mock-server/templates/deployment.yaml @@ -0,0 +1,68 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "mock-server.fullname" . }} + labels: + {{- include "mock-server.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "mock-server.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "mock-server.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "mock-server.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/access-control-policy/templates/hpa.yaml b/helm/capif/charts/mock-server/templates/hpa.yaml similarity index 82% rename from helm/capif/charts/access-control-policy/templates/hpa.yaml rename to helm/capif/charts/mock-server/templates/hpa.yaml index 67eb1954..fbdd9bcb 100644 --- a/helm/capif/charts/access-control-policy/templates/hpa.yaml +++ b/helm/capif/charts/mock-server/templates/hpa.yaml @@ -2,14 +2,14 @@ apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: - name: {{ include "access-control-policy.fullname" . }} + name: {{ include "mock-server.fullname" . }} labels: - {{- include "access-control-policy.labels" . | nindent 4 }} + {{- include "mock-server.labels" . | nindent 4 }} spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment - name: {{ include "access-control-policy.fullname" . }} + name: {{ include "mock-server.fullname" . }} minReplicas: {{ .Values.autoscaling.minReplicas }} maxReplicas: {{ .Values.autoscaling.maxReplicas }} metrics: diff --git a/helm/capif/charts/mock-server/templates/ingress.yaml b/helm/capif/charts/mock-server/templates/ingress.yaml new file mode 100644 index 00000000..68406e7f --- /dev/null +++ b/helm/capif/charts/mock-server/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "mock-server.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "mock-server.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: mock-server + port: + number: {{ $svcPort }} + {{- else }} + serviceName: mock-server + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/mock-server/templates/service.yaml b/helm/capif/charts/mock-server/templates/service.yaml new file mode 100644 index 00000000..f1607302 --- /dev/null +++ b/helm/capif/charts/mock-server/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: mock-server + labels: + {{- include "mock-server.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "mock-server.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/mock-server/templates/serviceaccount.yaml b/helm/capif/charts/mock-server/templates/serviceaccount.yaml new file mode 100644 index 00000000..004803d6 --- /dev/null +++ b/helm/capif/charts/mock-server/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "mock-server.serviceAccountName" . }} + labels: + {{- include "mock-server.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/helper/templates/tests/test-connection.yaml b/helm/capif/charts/mock-server/templates/tests/test-connection.yaml similarity index 50% rename from helm/capif/charts/helper/templates/tests/test-connection.yaml rename to helm/capif/charts/mock-server/templates/tests/test-connection.yaml index f3959cc0..796d72b9 100644 --- a/helm/capif/charts/helper/templates/tests/test-connection.yaml +++ b/helm/capif/charts/mock-server/templates/tests/test-connection.yaml @@ -1,9 +1,9 @@ apiVersion: v1 kind: Pod metadata: - name: "{{ include "helper.fullname" . }}-test-connection" + name: "{{ include "mock-server.fullname" . }}-test-connection" labels: - {{- include "helper.labels" . | nindent 4 }} + {{- include "mock-server.labels" . | nindent 4 }} annotations: "helm.sh/hook": test spec: @@ -11,5 +11,5 @@ spec: - name: wget image: busybox command: ['wget'] - args: ['{{ include "helper.fullname" . }}:{{ .Values.service.port }}'] + args: ['mock-server:{{ .Values.service.port }}'] restartPolicy: Never diff --git a/helm/capif/charts/mock-server/values.yaml b/helm/capif/charts/mock-server/values.yaml new file mode 100644 index 00000000..f005d9f7 --- /dev/null +++ b/helm/capif/charts/mock-server/values.yaml @@ -0,0 +1,108 @@ +# Default values for mock-server. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: mock-server + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 9090 + +ingress: + enabled: true + className: "nginx" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: mock-server.example.local + paths: + - path: / + pathType: Prefix + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +livenessProbe: + tcpSocket: + port: 9090 + initialDelaySeconds: 20 + periodSeconds: 5 +readinessProbe: +# httpGet: +# path: / +# port: http + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: [] +# - name: foo +# secret: +# secretName: mysecret +# optional: false + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: [] +# - name: foo +# mountPath: "/etc/foo" +# readOnly: true + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/helper/.helmignore b/helm/capif/charts/mongo-express/.helmignore similarity index 100% rename from helm/capif/charts/helper/.helmignore rename to helm/capif/charts/mongo-express/.helmignore diff --git a/helm/capif/charts/mongo-express/Chart.yaml b/helm/capif/charts/mongo-express/Chart.yaml new file mode 100644 index 00000000..7150bbcc --- /dev/null +++ b/helm/capif/charts/mongo-express/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: mongo-express +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/mongo-express/templates/NOTES.txt b/helm/capif/charts/mongo-express/templates/NOTES.txt new file mode 100644 index 00000000..b93d9e57 --- /dev/null +++ b/helm/capif/charts/mongo-express/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "mongo-express.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "mongo-express.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "mongo-express.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "mongo-express.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/mongo-express/templates/_helpers.tpl b/helm/capif/charts/mongo-express/templates/_helpers.tpl new file mode 100644 index 00000000..15950b20 --- /dev/null +++ b/helm/capif/charts/mongo-express/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "mongo-express.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "mongo-express.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "mongo-express.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "mongo-express.labels" -}} +helm.sh/chart: {{ include "mongo-express.chart" . }} +{{ include "mongo-express.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "mongo-express.selectorLabels" -}} +app.kubernetes.io/name: {{ include "mongo-express.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "mongo-express.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "mongo-express.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/charts/mongo-express/templates/deployment.yaml b/helm/capif/charts/mongo-express/templates/deployment.yaml new file mode 100644 index 00000000..175a045e --- /dev/null +++ b/helm/capif/charts/mongo-express/templates/deployment.yaml @@ -0,0 +1,73 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "mongo-express.fullname" . }} + labels: + {{- include "mongo-express.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "mongo-express.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + labels: + {{- include "mongo-express.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "mongo-express.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.targetPort }} + protocol: TCP + env: + - name: ME_CONFIG_MONGODB_ADMINUSERNAME + value: {{ quote .Values.env.meConfigMongodbAdminusername }} + - name: ME_CONFIG_MONGODB_ADMINPASSWORD + value: {{ quote .Values.env.meConfigMongodbAdminpassword }} + - name: ME_CONFIG_MONGODB_URL + value: {{ quote .Values.env.meConfigMongodbUrl }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/mongo-express/templates/hpa.yaml b/helm/capif/charts/mongo-express/templates/hpa.yaml new file mode 100644 index 00000000..2b7ca92d --- /dev/null +++ b/helm/capif/charts/mongo-express/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "mongo-express.fullname" . }} + labels: + {{- include "mongo-express.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "mongo-express.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/access-control-policy/templates/ingress.yaml b/helm/capif/charts/mongo-express/templates/ingress.yaml similarity index 93% rename from helm/capif/charts/access-control-policy/templates/ingress.yaml rename to helm/capif/charts/mongo-express/templates/ingress.yaml index dcafedb8..9a0f710d 100644 --- a/helm/capif/charts/access-control-policy/templates/ingress.yaml +++ b/helm/capif/charts/mongo-express/templates/ingress.yaml @@ -1,5 +1,5 @@ {{- if .Values.ingress.enabled -}} -{{- $fullName := include "access-control-policy.fullname" . -}} +{{- $fullName := include "mongo-express.fullname" . -}} {{- $svcPort := .Values.service.port -}} {{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} @@ -17,7 +17,7 @@ kind: Ingress metadata: name: {{ $fullName }} labels: - {{- include "access-control-policy.labels" . | nindent 4 }} + {{- include "mongo-express.labels" . | nindent 4 }} {{- with .Values.ingress.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/helm/capif/charts/mongo-express/templates/service.yaml b/helm/capif/charts/mongo-express/templates/service.yaml new file mode 100644 index 00000000..888a03f7 --- /dev/null +++ b/helm/capif/charts/mongo-express/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: mongo-express + labels: + {{- include "mongo-express.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: {{ .Values.service.targetPort }} + protocol: TCP + name: http + selector: + {{- include "mongo-express.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/mongo-express/templates/serviceaccount.yaml b/helm/capif/charts/mongo-express/templates/serviceaccount.yaml new file mode 100644 index 00000000..4a6a666e --- /dev/null +++ b/helm/capif/charts/mongo-express/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "mongo-express.serviceAccountName" . }} + labels: + {{- include "mongo-express.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/mongo-express/templates/tests/test-connection.yaml b/helm/capif/charts/mongo-express/templates/tests/test-connection.yaml new file mode 100644 index 00000000..666e36f4 --- /dev/null +++ b/helm/capif/charts/mongo-express/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "mongo-express.fullname" . }}-test-connection" + labels: + {{- include "mongo-express.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['mongo-express:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/mongo-express/values.yaml b/helm/capif/charts/mongo-express/values.yaml new file mode 100644 index 00000000..447ec98f --- /dev/null +++ b/helm/capif/charts/mongo-express/values.yaml @@ -0,0 +1,112 @@ +# Default values for mongo-express. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: mongo-express + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "1.0.0-alpha.4" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + meConfigMongodbAdminusername: root + meConfigMongodbAdminpassword: example + meConfigMongodbUrl: mongodb://root:example@mongo:27017/ +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8082 + targetPort: 8081 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8081 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: [] +# - name: foo +# secret: +# secretName: mysecret +# optional: false + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: [] +# - name: foo +# mountPath: "/etc/foo" +# readOnly: true + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/mongo-register-express/.helmignore b/helm/capif/charts/mongo-register-express/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/helm/capif/charts/mongo-register-express/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/mongo-register-express/Chart.yaml b/helm/capif/charts/mongo-register-express/Chart.yaml new file mode 100644 index 00000000..b4e246c5 --- /dev/null +++ b/helm/capif/charts/mongo-register-express/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: mongo-register-express +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/mongo-register-express/templates/NOTES.txt b/helm/capif/charts/mongo-register-express/templates/NOTES.txt new file mode 100644 index 00000000..60013f0e --- /dev/null +++ b/helm/capif/charts/mongo-register-express/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "mongo-register-express.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "mongo-register-express.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "mongo-register-express.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "mongo-register-express.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/mongo-register-express/templates/_helpers.tpl b/helm/capif/charts/mongo-register-express/templates/_helpers.tpl new file mode 100644 index 00000000..accb35f4 --- /dev/null +++ b/helm/capif/charts/mongo-register-express/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "mongo-register-express.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "mongo-register-express.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "mongo-register-express.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "mongo-register-express.labels" -}} +helm.sh/chart: {{ include "mongo-register-express.chart" . }} +{{ include "mongo-register-express.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "mongo-register-express.selectorLabels" -}} +app.kubernetes.io/name: {{ include "mongo-register-express.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "mongo-register-express.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "mongo-register-express.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/charts/mongo-register-express/templates/deployment.yaml b/helm/capif/charts/mongo-register-express/templates/deployment.yaml new file mode 100644 index 00000000..3e86c2d1 --- /dev/null +++ b/helm/capif/charts/mongo-register-express/templates/deployment.yaml @@ -0,0 +1,73 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "mongo-register-express.fullname" . }} + labels: + {{- include "mongo-register-express.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "mongo-register-express.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + labels: + {{- include "mongo-register-express.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "mongo-register-express.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.targetPort }} + protocol: TCP + env: + - name: ME_CONFIG_MONGODB_ADMINPASSWORD + value: {{ quote .Values.env.meConfigMongodbAdminpassword }} + - name: ME_CONFIG_MONGODB_ADMINUSERNAME + value: {{ quote .Values.env.meConfigMongodbAdminusername }} + - name: ME_CONFIG_MONGODB_URL + value: {{ quote .Values.env.meConfigMongodbUrl }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/mongo-register-express/templates/hpa.yaml b/helm/capif/charts/mongo-register-express/templates/hpa.yaml new file mode 100644 index 00000000..7f0a8353 --- /dev/null +++ b/helm/capif/charts/mongo-register-express/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "mongo-register-express.fullname" . }} + labels: + {{- include "mongo-register-express.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "mongo-register-express.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/mongo-register-express/templates/ingress.yaml b/helm/capif/charts/mongo-register-express/templates/ingress.yaml new file mode 100644 index 00000000..02c99e55 --- /dev/null +++ b/helm/capif/charts/mongo-register-express/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "mongo-register-express.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "mongo-register-express.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/mongo-register-express/templates/service.yaml b/helm/capif/charts/mongo-register-express/templates/service.yaml new file mode 100644 index 00000000..eed599c0 --- /dev/null +++ b/helm/capif/charts/mongo-register-express/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: mongo-register-express + labels: + {{- include "mongo-register-express.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: {{ .Values.service.targetPort }} + protocol: TCP + name: http + selector: + {{- include "mongo-register-express.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/mongo-register-express/templates/serviceaccount.yaml b/helm/capif/charts/mongo-register-express/templates/serviceaccount.yaml new file mode 100644 index 00000000..21c68624 --- /dev/null +++ b/helm/capif/charts/mongo-register-express/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "mongo-register-express.serviceAccountName" . }} + labels: + {{- include "mongo-register-express.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/mongo-register-express/templates/tests/test-connection.yaml b/helm/capif/charts/mongo-register-express/templates/tests/test-connection.yaml new file mode 100644 index 00000000..240abe39 --- /dev/null +++ b/helm/capif/charts/mongo-register-express/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "mongo-register-express.fullname" . }}-test-connection" + labels: + {{- include "mongo-register-express.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "mongo-register-express.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/mongo-register-express/values.yaml b/helm/capif/charts/mongo-register-express/values.yaml new file mode 100644 index 00000000..d36bf6c0 --- /dev/null +++ b/helm/capif/charts/mongo-register-express/values.yaml @@ -0,0 +1,113 @@ +# Default values for mongo-register-express. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: mongo-express + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "1.0.0-alpha.4" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + meConfigMongodbAdminusername: root + meConfigMongodbAdminpassword: example + meConfigMongodbUrl: mongodb://root:example@mongo-register:27017/ + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8082 + targetPort: 8081 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8081 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: [] +# - name: foo +# secret: +# secretName: mysecret +# optional: false + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: [] +# - name: foo +# mountPath: "/etc/foo" +# readOnly: true + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/mongo-register/.helmignore b/helm/capif/charts/mongo-register/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/helm/capif/charts/mongo-register/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/mongo-register/Chart.yaml b/helm/capif/charts/mongo-register/Chart.yaml new file mode 100644 index 00000000..08a42644 --- /dev/null +++ b/helm/capif/charts/mongo-register/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: mongo-register +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/mongo-register/templates/NOTES.txt b/helm/capif/charts/mongo-register/templates/NOTES.txt new file mode 100644 index 00000000..4cbdf598 --- /dev/null +++ b/helm/capif/charts/mongo-register/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "mongo-register.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "mongo-register.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "mongo-register.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "mongo-register.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/mongo-register/templates/_helpers.tpl b/helm/capif/charts/mongo-register/templates/_helpers.tpl new file mode 100644 index 00000000..8ade9442 --- /dev/null +++ b/helm/capif/charts/mongo-register/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "mongo-register.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "mongo-register.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "mongo-register.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "mongo-register.labels" -}} +helm.sh/chart: {{ include "mongo-register.chart" . }} +{{ include "mongo-register.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "mongo-register.selectorLabels" -}} +app.kubernetes.io/name: {{ include "mongo-register.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "mongo-register.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "mongo-register.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/charts/mongo-register/templates/deployment.yaml b/helm/capif/charts/mongo-register/templates/deployment.yaml new file mode 100644 index 00000000..442eee66 --- /dev/null +++ b/helm/capif/charts/mongo-register/templates/deployment.yaml @@ -0,0 +1,73 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "mongo-register.fullname" . }} + labels: + {{- include "mongo-register.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + strategy: + type: Recreate + selector: + matchLabels: + {{- include "mongo-register.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + labels: + {{- include "mongo-register.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "mongo-register.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: MONGO_INITDB_ROOT_PASSWORD + value: {{ quote .Values.env.mongoInitdbRootPassword }} + - name: MONGO_INITDB_ROOT_USERNAME + value: {{ quote .Values.env.mongoInitdbRootUsername }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/mongo-register/templates/hpa.yaml b/helm/capif/charts/mongo-register/templates/hpa.yaml new file mode 100644 index 00000000..7dd1b59c --- /dev/null +++ b/helm/capif/charts/mongo-register/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "mongo-register.fullname" . }} + labels: + {{- include "mongo-register.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "mongo-register.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/mongo-register/templates/ingress.yaml b/helm/capif/charts/mongo-register/templates/ingress.yaml new file mode 100644 index 00000000..d4897eca --- /dev/null +++ b/helm/capif/charts/mongo-register/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "mongo-register.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "mongo-register.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/mongo-register/templates/pvc.yaml b/helm/capif/charts/mongo-register/templates/pvc.yaml new file mode 100644 index 00000000..13f17337 --- /dev/null +++ b/helm/capif/charts/mongo-register/templates/pvc.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + {{- include "mongo-register.labels" . | nindent 8 }} + name: mongo-register-pvc +spec: + storageClassName: {{ .Values.persistence.storageClass }} + accessModes: + - ReadWriteMany + resources: + requests: + storage: {{ .Values.persistence.storage }} \ No newline at end of file diff --git a/helm/capif/charts/mongo-register/templates/service.yaml b/helm/capif/charts/mongo-register/templates/service.yaml new file mode 100644 index 00000000..46ea1106 --- /dev/null +++ b/helm/capif/charts/mongo-register/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: mongo-register + labels: + {{- include "mongo-register.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "mongo-register.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/mongo-register/templates/serviceaccount.yaml b/helm/capif/charts/mongo-register/templates/serviceaccount.yaml new file mode 100644 index 00000000..56e94e65 --- /dev/null +++ b/helm/capif/charts/mongo-register/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "mongo-register.serviceAccountName" . }} + labels: + {{- include "mongo-register.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/mongo-register/templates/tests/test-connection.yaml b/helm/capif/charts/mongo-register/templates/tests/test-connection.yaml new file mode 100644 index 00000000..4d0e00a9 --- /dev/null +++ b/helm/capif/charts/mongo-register/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "mongo-register.fullname" . }}-test-connection" + labels: + {{- include "mongo-register.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['mongo-register:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/mongo-register/values.yaml b/helm/capif/charts/mongo-register/values.yaml new file mode 100644 index 00000000..dcb783f1 --- /dev/null +++ b/helm/capif/charts/mongo-register/values.yaml @@ -0,0 +1,113 @@ +# Default values for mongo-register. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: mongo + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "6.0.2" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + mongoInitdbRootPassword: example + mongoInitdbRootUsername: root + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + runAsUser: 999 + +service: + type: ClusterIP + port: 27017 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 27017 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +persistence: + storage: 8Gi + storageClass: nfs-01 + +# Additional volumes on the output Deployment definition. +volumes: + - name: mongo-register-pvc + persistentVolumeClaim: + claimName: mongo-register-pvc + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: mongo-register-pvc + mountPath: /data/db + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/mongo/.helmignore b/helm/capif/charts/mongo/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/helm/capif/charts/mongo/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/helper/Chart.yaml b/helm/capif/charts/mongo/Chart.yaml similarity index 98% rename from helm/capif/charts/helper/Chart.yaml rename to helm/capif/charts/mongo/Chart.yaml index 4ddfbf39..638bb452 100644 --- a/helm/capif/charts/helper/Chart.yaml +++ b/helm/capif/charts/mongo/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -name: helper +name: mongo description: A Helm chart for Kubernetes # A chart can be either an 'application' or a 'library' chart. diff --git a/helm/capif/charts/helper/templates/NOTES.txt b/helm/capif/charts/mongo/templates/NOTES.txt similarity index 77% rename from helm/capif/charts/helper/templates/NOTES.txt rename to helm/capif/charts/mongo/templates/NOTES.txt index f8f6f774..1fcc5935 100644 --- a/helm/capif/charts/helper/templates/NOTES.txt +++ b/helm/capif/charts/mongo/templates/NOTES.txt @@ -6,16 +6,16 @@ {{- end }} {{- end }} {{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "helper.fullname" . }}) + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "mongo.fullname" . }}) export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") echo http://$NODE_IP:$NODE_PORT {{- else if contains "LoadBalancer" .Values.service.type }} NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "helper.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "helper.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "mongo.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "mongo.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") echo http://$SERVICE_IP:{{ .Values.service.port }} {{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "helper.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "mongo.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") echo "Visit http://127.0.0.1:8080 to use your application" kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT diff --git a/helm/capif/charts/helper/templates/_helpers.tpl b/helm/capif/charts/mongo/templates/_helpers.tpl similarity index 76% rename from helm/capif/charts/helper/templates/_helpers.tpl rename to helm/capif/charts/mongo/templates/_helpers.tpl index f4a197b2..cce4e1b2 100644 --- a/helm/capif/charts/helper/templates/_helpers.tpl +++ b/helm/capif/charts/mongo/templates/_helpers.tpl @@ -1,7 +1,7 @@ {{/* Expand the name of the chart. */}} -{{- define "helper.name" -}} +{{- define "mongo.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} {{- end }} @@ -10,7 +10,7 @@ Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). If release name contains chart name it will be used as a full name. */}} -{{- define "helper.fullname" -}} +{{- define "mongo.fullname" -}} {{- if .Values.fullnameOverride }} {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} {{- else }} @@ -26,16 +26,16 @@ If release name contains chart name it will be used as a full name. {{/* Create chart name and version as used by the chart label. */}} -{{- define "helper.chart" -}} +{{- define "mongo.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} {{- end }} {{/* Common labels */}} -{{- define "helper.labels" -}} -helm.sh/chart: {{ include "helper.chart" . }} -{{ include "helper.selectorLabels" . }} +{{- define "mongo.labels" -}} +helm.sh/chart: {{ include "mongo.chart" . }} +{{ include "mongo.selectorLabels" . }} {{- if .Chart.AppVersion }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end }} @@ -45,17 +45,17 @@ app.kubernetes.io/managed-by: {{ .Release.Service }} {{/* Selector labels */}} -{{- define "helper.selectorLabels" -}} -app.kubernetes.io/name: {{ include "helper.name" . }} +{{- define "mongo.selectorLabels" -}} +app.kubernetes.io/name: {{ include "mongo.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} {{/* Create the name of the service account to use */}} -{{- define "helper.serviceAccountName" -}} +{{- define "mongo.serviceAccountName" -}} {{- if .Values.serviceAccount.create }} -{{- default (include "helper.fullname" .) .Values.serviceAccount.name }} +{{- default (include "mongo.fullname" .) .Values.serviceAccount.name }} {{- else }} {{- default "default" .Values.serviceAccount.name }} {{- end }} diff --git a/helm/capif/charts/mongo/templates/deployment.yaml b/helm/capif/charts/mongo/templates/deployment.yaml new file mode 100644 index 00000000..80cedad5 --- /dev/null +++ b/helm/capif/charts/mongo/templates/deployment.yaml @@ -0,0 +1,83 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "mongo.fullname" . }} + labels: + {{- include "mongo.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + strategy: + type: Recreate + selector: + matchLabels: + {{- include "mongo.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + labels: + {{- include "mongo.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "mongo.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: MONGO_INITDB_ROOT_PASSWORD + value: {{ quote .Values.env.mongoInitdbRootPassword }} + - name: MONGO_INITDB_ROOT_USERNAME + value: {{ quote .Values.env.mongoInitdbRootUsername }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + - name: mongo-helper + image: busybox + command: + - sh + - -c + - while true ; do echo alive ; sleep 10 ; done + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/helper/templates/hpa.yaml b/helm/capif/charts/mongo/templates/hpa.yaml similarity index 86% rename from helm/capif/charts/helper/templates/hpa.yaml rename to helm/capif/charts/mongo/templates/hpa.yaml index 046148d3..ae64b40e 100644 --- a/helm/capif/charts/helper/templates/hpa.yaml +++ b/helm/capif/charts/mongo/templates/hpa.yaml @@ -2,14 +2,14 @@ apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: - name: {{ include "helper.fullname" . }} + name: {{ include "mongo.fullname" . }} labels: - {{- include "helper.labels" . | nindent 4 }} + {{- include "mongo.labels" . | nindent 4 }} spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment - name: {{ include "helper.fullname" . }} + name: {{ include "mongo.fullname" . }} minReplicas: {{ .Values.autoscaling.minReplicas }} maxReplicas: {{ .Values.autoscaling.maxReplicas }} metrics: diff --git a/helm/capif/charts/helper/templates/ingress.yaml b/helm/capif/charts/mongo/templates/ingress.yaml similarity index 95% rename from helm/capif/charts/helper/templates/ingress.yaml rename to helm/capif/charts/mongo/templates/ingress.yaml index b3817bf9..b173c907 100644 --- a/helm/capif/charts/helper/templates/ingress.yaml +++ b/helm/capif/charts/mongo/templates/ingress.yaml @@ -1,5 +1,5 @@ {{- if .Values.ingress.enabled -}} -{{- $fullName := include "helper.fullname" . -}} +{{- $fullName := include "mongo.fullname" . -}} {{- $svcPort := .Values.service.port -}} {{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} @@ -17,7 +17,7 @@ kind: Ingress metadata: name: {{ $fullName }} labels: - {{- include "helper.labels" . | nindent 4 }} + {{- include "mongo.labels" . | nindent 4 }} {{- with .Values.ingress.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/helm/capif/charts/mongo/templates/pvc.yaml b/helm/capif/charts/mongo/templates/pvc.yaml new file mode 100644 index 00000000..c0ceafd7 --- /dev/null +++ b/helm/capif/charts/mongo/templates/pvc.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + {{- include "mongo.labels" . | nindent 8 }} + name: mongo-pvc +spec: + storageClassName: {{ .Values.persistence.storageClass }} + accessModes: + - ReadWriteMany + resources: + requests: + storage: {{ .Values.persistence.storage }} \ No newline at end of file diff --git a/helm/capif/charts/mongo/templates/service.yaml b/helm/capif/charts/mongo/templates/service.yaml new file mode 100644 index 00000000..be5b5f42 --- /dev/null +++ b/helm/capif/charts/mongo/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: mongo + labels: + {{- include "mongo.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "mongo.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/helper/templates/serviceaccount.yaml b/helm/capif/charts/mongo/templates/serviceaccount.yaml similarity index 73% rename from helm/capif/charts/helper/templates/serviceaccount.yaml rename to helm/capif/charts/mongo/templates/serviceaccount.yaml index e0e6d793..95b67699 100644 --- a/helm/capif/charts/helper/templates/serviceaccount.yaml +++ b/helm/capif/charts/mongo/templates/serviceaccount.yaml @@ -2,9 +2,9 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ include "helper.serviceAccountName" . }} + name: {{ include "mongo.serviceAccountName" . }} labels: - {{- include "helper.labels" . | nindent 4 }} + {{- include "mongo.labels" . | nindent 4 }} {{- with .Values.serviceAccount.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/helm/capif/charts/mongo/templates/tests/test-connection.yaml b/helm/capif/charts/mongo/templates/tests/test-connection.yaml new file mode 100644 index 00000000..4cf0b7f6 --- /dev/null +++ b/helm/capif/charts/mongo/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "mongo.fullname" . }}-test-connection" + labels: + {{- include "mongo.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['mongo:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/mongo/values.yaml b/helm/capif/charts/mongo/values.yaml new file mode 100644 index 00000000..53b8cf5f --- /dev/null +++ b/helm/capif/charts/mongo/values.yaml @@ -0,0 +1,116 @@ +# Default values for mongo. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: mongo + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "6.0.2" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + mongoInitdbRootPassword: example + mongoInitdbRootUsername: root + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + runAsUser: 999 + +service: + type: ClusterIP + port: 27017 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +livenessProbe: + tcpSocket: + port: 27017 + initialDelaySeconds: 20 + periodSeconds: 5 + +readinessProbe: + tcpSocket: + port: 27017 +# initialDelaySeconds: 5 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +persistence: + storage: 8Gi + storageClass: nfs-01 + +# Additional volumes on the output Deployment definition. +volumes: + - name: mongo-pvc + persistentVolumeClaim: + claimName: mongo-pvc + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: mongo-pvc + mountPath: /data/db + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/nginx/.helmignore b/helm/capif/charts/nginx/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/helm/capif/charts/nginx/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/nginx/Chart.yaml b/helm/capif/charts/nginx/Chart.yaml new file mode 100644 index 00000000..3464a394 --- /dev/null +++ b/helm/capif/charts/nginx/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: nginx +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/nginx/templates/NOTES.txt b/helm/capif/charts/nginx/templates/NOTES.txt new file mode 100644 index 00000000..918bb642 --- /dev/null +++ b/helm/capif/charts/nginx/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "nginx.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "nginx.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "nginx.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "nginx.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/nginx/templates/_helpers.tpl b/helm/capif/charts/nginx/templates/_helpers.tpl new file mode 100644 index 00000000..ad9f4328 --- /dev/null +++ b/helm/capif/charts/nginx/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "nginx.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "nginx.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "nginx.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "nginx.labels" -}} +helm.sh/chart: {{ include "nginx.chart" . }} +{{ include "nginx.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "nginx.selectorLabels" -}} +app.kubernetes.io/name: {{ include "nginx.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "nginx.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "nginx.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/charts/nginx/templates/deployment.yaml b/helm/capif/charts/nginx/templates/deployment.yaml new file mode 100644 index 00000000..a5cd26c2 --- /dev/null +++ b/helm/capif/charts/nginx/templates/deployment.yaml @@ -0,0 +1,76 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "nginx.fullname" . }} + labels: + {{- include "nginx.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "nginx.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + labels: + {{- include "nginx.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "nginx.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + {{- range .Values.services }} + - name: {{ .name }} + containerPort: {{ .port }} + {{- end }} + env: + - name: CAPIF_HOSTNAME + value: {{ quote .Values.env.capifHostname }} + - name: VAULT_HOSTNAME + value: {{ quote .Values.env.vaultHostname }} + - name: VAULT_PORT + value: {{ quote .Values.env.vaultPort }} + - name: VAULT_ACCESS_TOKEN + value: {{ quote .Values.env.vaultAccessToken }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/nginx/templates/hpa.yaml b/helm/capif/charts/nginx/templates/hpa.yaml new file mode 100644 index 00000000..b664f71a --- /dev/null +++ b/helm/capif/charts/nginx/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "nginx.fullname" . }} + labels: + {{- include "nginx.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "nginx.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/nginx/templates/ingress-route.yaml b/helm/capif/charts/nginx/templates/ingress-route.yaml new file mode 100644 index 00000000..5fec0968 --- /dev/null +++ b/helm/capif/charts/nginx/templates/ingress-route.yaml @@ -0,0 +1,25 @@ +{{- if eq .Values.ingress.className "IngressRoute" }} +{{- $fullName := include "nginx.fullname" . -}} +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + name: {{ $fullName }}-route +spec: + entryPoints: [web] + routes: + - kind: Rule + {{- range .Values.ingress.hosts }} + match: Host(`{{ .host | quote }} && Path(`/ca-root`, `/sign-csr`, `/certdata`, `/register`, `/testdata`, `/getauth`, `/test`)`) + services: + - kind: Service + name: nginx + port: 8080 + scheme: http + - kind: Service + name: nginx + port: 443 + tls: + passthrough: true + {{- end }} +{{- end }} \ No newline at end of file diff --git a/helm/capif/charts/nginx/templates/ingress.yaml b/helm/capif/charts/nginx/templates/ingress.yaml new file mode 100644 index 00000000..82f373e3 --- /dev/null +++ b/helm/capif/charts/nginx/templates/ingress.yaml @@ -0,0 +1,59 @@ +{{- if .Values.ingress.enabled -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: nginx-ingress + labels: + {{- include "nginx.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: nginx + port: + number: 443 + {{- else }} + serviceName: nginx + servicePort: 443 + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/nginx/templates/service.yaml b/helm/capif/charts/nginx/templates/service.yaml new file mode 100644 index 00000000..64821616 --- /dev/null +++ b/helm/capif/charts/nginx/templates/service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + name: nginx + labels: + {{- include "nginx.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + {{- range .Values.service.ports }} + - name: {{ .name }} + port: {{ .port }} + targetPort: {{ .targetPort }} + {{- end }} + selector: + {{- include "nginx.selectorLabels" . | nindent 4 }} \ No newline at end of file diff --git a/helm/capif/charts/nginx/templates/serviceaccount.yaml b/helm/capif/charts/nginx/templates/serviceaccount.yaml new file mode 100644 index 00000000..02c08bb0 --- /dev/null +++ b/helm/capif/charts/nginx/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "nginx.serviceAccountName" . }} + labels: + {{- include "nginx.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/nginx/templates/tests/test-connection.yaml b/helm/capif/charts/nginx/templates/tests/test-connection.yaml new file mode 100644 index 00000000..bdbc141b --- /dev/null +++ b/helm/capif/charts/nginx/templates/tests/test-connection.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "test-connection" + labels: + {{- include "nginx.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + {{- range .Values.service.ports }} + - name: wget-{{ .name }} + image: busybox + command: ['wget'] + args: ['nginx:{{ .port }}'] + {{- end }} + restartPolicy: Never diff --git a/helm/capif/charts/nginx/values.yaml b/helm/capif/charts/nginx/values.yaml new file mode 100644 index 00000000..e3ba0017 --- /dev/null +++ b/helm/capif/charts/nginx/values.yaml @@ -0,0 +1,122 @@ +# Default values for nginx. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: nginx + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + capifHostname: my-capif.apps.ocp-epg.hi.inet + vaultHostname: vault-internal.mon.svc.cluster.local + vaultPort: 8200 + vaultAccessToken: dev-only-token + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + ports: + - name: "http" + port: 8080 + targetPort: 8080 + - name: "https" + port: 443 + targetPort: 443 + type: ClusterIP + + +ingress: + enabled: true + className: nginx + annotations: + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + nginx.ingress.kubernetes.io/ssl-passthrough: "true" + nginx.ingress.kubernetes.io/ssl-redirect: "true" + hosts: + - host: nginx-example.local + paths: + - path: / + pathType: Prefix + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: + tcpSocket: + port: 8080 + initialDelaySeconds: 20 + periodSeconds: 5 +readinessProbe: +# httpGet: +# path: / +# port: http + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: [] +# - name: foo +# secret: +# secretName: mysecret +# optional: false + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: [] +# - name: foo +# mountPath: "/etc/foo" +# readOnly: true + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/ocf-access-control-policy/.helmignore b/helm/capif/charts/ocf-access-control-policy/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/helm/capif/charts/ocf-access-control-policy/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-access-control-policy/Chart.yaml b/helm/capif/charts/ocf-access-control-policy/Chart.yaml new file mode 100644 index 00000000..bed94473 --- /dev/null +++ b/helm/capif/charts/ocf-access-control-policy/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-access-control-policy +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-access-control-policy/templates/NOTES.txt b/helm/capif/charts/ocf-access-control-policy/templates/NOTES.txt new file mode 100644 index 00000000..9928abe2 --- /dev/null +++ b/helm/capif/charts/ocf-access-control-policy/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-access-control-policy.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-access-control-policy.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-access-control-policy.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-access-control-policy.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-access-control-policy/templates/_helpers.tpl b/helm/capif/charts/ocf-access-control-policy/templates/_helpers.tpl new file mode 100644 index 00000000..d4463202 --- /dev/null +++ b/helm/capif/charts/ocf-access-control-policy/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-access-control-policy.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-access-control-policy.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-access-control-policy.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-access-control-policy.labels" -}} +helm.sh/chart: {{ include "ocf-access-control-policy.chart" . }} +{{ include "ocf-access-control-policy.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-access-control-policy.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-access-control-policy.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-access-control-policy.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-access-control-policy.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/charts/access-control-policy/templates/deployment.yaml b/helm/capif/charts/ocf-access-control-policy/templates/deployment.yaml similarity index 84% rename from helm/capif/charts/access-control-policy/templates/deployment.yaml rename to helm/capif/charts/ocf-access-control-policy/templates/deployment.yaml index 2e4d15f1..3a8000f6 100644 --- a/helm/capif/charts/access-control-policy/templates/deployment.yaml +++ b/helm/capif/charts/ocf-access-control-policy/templates/deployment.yaml @@ -1,22 +1,22 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ include "access-control-policy.fullname" . }} + name: {{ include "ocf-access-control-policy.fullname" . }} labels: - {{- include "access-control-policy.labels" . | nindent 4 }} + {{- include "ocf-access-control-policy.labels" . | nindent 4 }} spec: {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} {{- end }} selector: matchLabels: - {{- include "access-control-policy.selectorLabels" . | nindent 6 }} + {{- include "ocf-access-control-policy.selectorLabels" . | nindent 6 }} template: metadata: annotations: date: "{{ now | unixEpoch }}" labels: - {{- include "access-control-policy.labels" . | nindent 8 }} + {{- include "ocf-access-control-policy.labels" . | nindent 8 }} {{- with .Values.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} @@ -25,7 +25,7 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - serviceAccountName: {{ include "access-control-policy.serviceAccountName" . }} + serviceAccountName: {{ include "ocf-access-control-policy.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: diff --git a/helm/capif/charts/ocf-access-control-policy/templates/hpa.yaml b/helm/capif/charts/ocf-access-control-policy/templates/hpa.yaml new file mode 100644 index 00000000..3e5774e6 --- /dev/null +++ b/helm/capif/charts/ocf-access-control-policy/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-access-control-policy.fullname" . }} + labels: + {{- include "ocf-access-control-policy.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-access-control-policy.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-access-control-policy/templates/ingress.yaml b/helm/capif/charts/ocf-access-control-policy/templates/ingress.yaml new file mode 100644 index 00000000..7aa1dc7c --- /dev/null +++ b/helm/capif/charts/ocf-access-control-policy/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-access-control-policy.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-access-control-policy.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/access-control-policy/templates/service.yaml b/helm/capif/charts/ocf-access-control-policy/templates/service.yaml similarity index 62% rename from helm/capif/charts/access-control-policy/templates/service.yaml rename to helm/capif/charts/ocf-access-control-policy/templates/service.yaml index c10293a0..16616bdc 100644 --- a/helm/capif/charts/access-control-policy/templates/service.yaml +++ b/helm/capif/charts/ocf-access-control-policy/templates/service.yaml @@ -3,7 +3,7 @@ kind: Service metadata: name: access-control-policy labels: - {{- include "access-control-policy.labels" . | nindent 4 }} + {{- include "ocf-access-control-policy.labels" . | nindent 4 }} spec: type: {{ .Values.service.type }} ports: @@ -12,4 +12,4 @@ spec: protocol: TCP name: http selector: - {{- include "access-control-policy.selectorLabels" . | nindent 4 }} + {{- include "ocf-access-control-policy.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-access-control-policy/templates/serviceaccount.yaml b/helm/capif/charts/ocf-access-control-policy/templates/serviceaccount.yaml new file mode 100644 index 00000000..0f513f2d --- /dev/null +++ b/helm/capif/charts/ocf-access-control-policy/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-access-control-policy.serviceAccountName" . }} + labels: + {{- include "ocf-access-control-policy.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-access-control-policy/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-access-control-policy/templates/tests/test-connection.yaml new file mode 100644 index 00000000..b19566f6 --- /dev/null +++ b/helm/capif/charts/ocf-access-control-policy/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-access-control-policy.fullname" . }}-test-connection" + labels: + {{- include "ocf-access-control-policy.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['access-control-policy:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/access-control-policy/values.yaml b/helm/capif/charts/ocf-access-control-policy/values.yaml similarity index 96% rename from helm/capif/charts/access-control-policy/values.yaml rename to helm/capif/charts/ocf-access-control-policy/values.yaml index 61aba34b..2912e096 100644 --- a/helm/capif/charts/access-control-policy/values.yaml +++ b/helm/capif/charts/ocf-access-control-policy/values.yaml @@ -1,11 +1,11 @@ -# Default values for access-control-policy. +# Default values for ocf-access-control-policy. # This is a YAML-formatted file. # Declare variables to be passed into your templates. replicaCount: 1 image: - repository: access-control-policy + repository: ocf-access-control-policy pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. tag: "" diff --git a/helm/capif/charts/ocf-api-invocation-logs/.helmignore b/helm/capif/charts/ocf-api-invocation-logs/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-api-invocation-logs/Chart.yaml b/helm/capif/charts/ocf-api-invocation-logs/Chart.yaml new file mode 100644 index 00000000..d735b162 --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-api-invocation-logs +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-api-invocation-logs/templates/NOTES.txt b/helm/capif/charts/ocf-api-invocation-logs/templates/NOTES.txt new file mode 100644 index 00000000..8c7da808 --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-api-invocation-logs.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-api-invocation-logs.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-api-invocation-logs.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-api-invocation-logs.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-api-invocation-logs/templates/_helpers.tpl b/helm/capif/charts/ocf-api-invocation-logs/templates/_helpers.tpl new file mode 100644 index 00000000..f2a83cfe --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-api-invocation-logs.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-api-invocation-logs.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-api-invocation-logs.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-api-invocation-logs.labels" -}} +helm.sh/chart: {{ include "ocf-api-invocation-logs.chart" . }} +{{ include "ocf-api-invocation-logs.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-api-invocation-logs.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-api-invocation-logs.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-api-invocation-logs.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-api-invocation-logs.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/templates/capif-invocation-configmap.yaml b/helm/capif/charts/ocf-api-invocation-logs/templates/configmap.yaml similarity index 83% rename from helm/capif/templates/capif-invocation-configmap.yaml rename to helm/capif/charts/ocf-api-invocation-logs/templates/configmap.yaml index 68fc1f14..bd13f9f1 100644 --- a/helm/capif/templates/capif-invocation-configmap.yaml +++ b/helm/capif/charts/ocf-api-invocation-logs/templates/configmap.yaml @@ -5,8 +5,8 @@ metadata: data: config.yaml: | mongo: { - 'user': '{{ .Values.mongo.mongo.env.mongoInitdbRootUsername }}', - 'password': '{{ .Values.mongo.mongo.env.mongoInitdbRootPassword }}', + 'user': '{{ .Values.env.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoInitdbRootPassword }}', 'db': 'capif', 'logs_col': 'invocationlogs', 'invoker_col': 'invokerdetails', diff --git a/helm/capif/charts/ocf-api-invocation-logs/templates/deployment.yaml b/helm/capif/charts/ocf-api-invocation-logs/templates/deployment.yaml new file mode 100644 index 00000000..fc3ce110 --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/templates/deployment.yaml @@ -0,0 +1,78 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ocf-api-invocation-logs.fullname" . }} + labels: + {{- include "ocf-api-invocation-logs.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ocf-api-invocation-logs.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + {{- include "ocf-api-invocation-logs.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ocf-api-invocation-logs.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: CAPIF_HOSTNAME + value: {{ quote .Values.env.capifHostname }} + - name: MONITORING + value: {{ quote .Values.env.monitoring }} + - name: VAULT_HOSTNAME + value: {{ quote .Values.env.vaultHostname }} + - name: VAULT_PORT + value: {{ quote .Values.env.vaultPort }} + - name: VAULT_ACCESS_TOKEN + value: {{ quote .Values.env.vaultAccessToken }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/ocf-api-invocation-logs/templates/hpa.yaml b/helm/capif/charts/ocf-api-invocation-logs/templates/hpa.yaml new file mode 100644 index 00000000..71df2ef5 --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-api-invocation-logs.fullname" . }} + labels: + {{- include "ocf-api-invocation-logs.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-api-invocation-logs.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-api-invocation-logs/templates/ingress.yaml b/helm/capif/charts/ocf-api-invocation-logs/templates/ingress.yaml new file mode 100644 index 00000000..47f0f465 --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-api-invocation-logs.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-api-invocation-logs.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-api-invocation-logs/templates/service.yaml b/helm/capif/charts/ocf-api-invocation-logs/templates/service.yaml new file mode 100644 index 00000000..48614fd2 --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: api-invocation-logs + labels: + {{- include "ocf-api-invocation-logs.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ocf-api-invocation-logs.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-api-invocation-logs/templates/serviceaccount.yaml b/helm/capif/charts/ocf-api-invocation-logs/templates/serviceaccount.yaml new file mode 100644 index 00000000..c08cfed4 --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-api-invocation-logs.serviceAccountName" . }} + labels: + {{- include "ocf-api-invocation-logs.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-api-invocation-logs/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-api-invocation-logs/templates/tests/test-connection.yaml new file mode 100644 index 00000000..3c3098b4 --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-api-invocation-logs.fullname" . }}-test-connection" + labels: + {{- include "ocf-api-invocation-logs.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['api-invocation-logs:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/ocf-api-invocation-logs/values.yaml b/helm/capif/charts/ocf-api-invocation-logs/values.yaml new file mode 100644 index 00000000..4c4431b3 --- /dev/null +++ b/helm/capif/charts/ocf-api-invocation-logs/values.yaml @@ -0,0 +1,119 @@ +# Default values for ocf-api-invocation-logs. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: ocf-api-invocation-logs-api + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + monitoring: "true" + capifHostname: capif + vaultHostname: vault + vaultPort: 8200 + vaultAccessToken: dev-only-token + mongoInitdbRootUsername: root + mongoInitdbRootPassword: example + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + initialDelaySeconds: 10 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: + - name: capif-invocation-config + configMap: + name: capif-invocation-configmap + items: + - key: "config.yaml" + path: "config.yaml" + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: capif-invocation-config + mountPath: /usr/src/app/config.yaml + subPath: config.yaml + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/ocf-api-invoker-management/.helmignore b/helm/capif/charts/ocf-api-invoker-management/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-api-invoker-management/Chart.yaml b/helm/capif/charts/ocf-api-invoker-management/Chart.yaml new file mode 100644 index 00000000..2a9ef72f --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-api-invoker-management +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-api-invoker-management/templates/NOTES.txt b/helm/capif/charts/ocf-api-invoker-management/templates/NOTES.txt new file mode 100644 index 00000000..cfccd3a4 --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-api-invoker-management.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-api-invoker-management.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-api-invoker-management.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-api-invoker-management.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-api-invoker-management/templates/_helpers.tpl b/helm/capif/charts/ocf-api-invoker-management/templates/_helpers.tpl new file mode 100644 index 00000000..35e99945 --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-api-invoker-management.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-api-invoker-management.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-api-invoker-management.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-api-invoker-management.labels" -}} +helm.sh/chart: {{ include "ocf-api-invoker-management.chart" . }} +{{ include "ocf-api-invoker-management.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-api-invoker-management.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-api-invoker-management.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-api-invoker-management.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-api-invoker-management.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/templates/capif-invoker-configmap.yaml b/helm/capif/charts/ocf-api-invoker-management/templates/configmap.yaml similarity index 62% rename from helm/capif/templates/capif-invoker-configmap.yaml rename to helm/capif/charts/ocf-api-invoker-management/templates/configmap.yaml index 32bab3cb..4d83c986 100644 --- a/helm/capif/templates/capif-invoker-configmap.yaml +++ b/helm/capif/charts/ocf-api-invoker-management/templates/configmap.yaml @@ -5,8 +5,8 @@ metadata: data: config.yaml: | mongo: { - 'user': '{{ .Values.mongo.mongo.env.mongoInitdbRootUsername }}', - 'password': '{{ .Values.mongo.mongo.env.mongoInitdbRootPassword }}', + 'user': '{{ .Values.env.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoInitdbRootPassword }}', 'db': 'capif', 'col': 'invokerdetails', 'capif_users_col': "user", @@ -16,17 +16,17 @@ data: 'port': "27017" } mongo_register: { - 'user': '{{ .Values.mongoRegister.mongo.env.mongoInitdbRootUsername }}', - 'password': '{{ .Values.mongoRegister.mongo.env.mongoInitdbRootPassword }}', + 'user': '{{ .Values.env.mongoRegister.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoRegister.mongoInitdbRootPassword }}', 'db': 'capif_users', 'col': 'user', 'host': 'mongo-register', 'port': '27017' } ca_factory: { - "url": {{ quote .Values.parametersVault.env.vaultHostname }}, - "port": {{ quote .Values.parametersVault.env.vaultPort }}, - "token": {{ quote .Values.parametersVault.env.vaultAccessToken }} + "url": {{ quote .Values.env.vaultHostname }}, + "port": {{ quote .Values.env.vaultPort }}, + "token": {{ quote .Values.env.vaultAccessToken }} } monitoring: { diff --git a/helm/capif/charts/ocf-api-invoker-management/templates/deployment.yaml b/helm/capif/charts/ocf-api-invoker-management/templates/deployment.yaml new file mode 100644 index 00000000..c4fd0c90 --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/templates/deployment.yaml @@ -0,0 +1,76 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ocf-api-invoker-management.fullname" . }} + labels: + {{- include "ocf-api-invoker-management.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ocf-api-invoker-management.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + {{- include "ocf-api-invoker-management.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ocf-api-invoker-management.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: MONITORING + value: {{ quote .Values.env.monitoring }} + - name: VAULT_HOSTNAME + value: {{ quote .Values.env.vaultHostname }} + - name: VAULT_PORT + value: {{ quote .Values.env.vaultPort }} + - name: VAULT_ACCESS_TOKEN + value: {{ quote .Values.env.vaultAccessToken }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/ocf-api-invoker-management/templates/hpa.yaml b/helm/capif/charts/ocf-api-invoker-management/templates/hpa.yaml new file mode 100644 index 00000000..44d58a78 --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-api-invoker-management.fullname" . }} + labels: + {{- include "ocf-api-invoker-management.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-api-invoker-management.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-api-invoker-management/templates/ingress.yaml b/helm/capif/charts/ocf-api-invoker-management/templates/ingress.yaml new file mode 100644 index 00000000..aee54f4b --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-api-invoker-management.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-api-invoker-management.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-api-invoker-management/templates/service.yaml b/helm/capif/charts/ocf-api-invoker-management/templates/service.yaml new file mode 100644 index 00000000..f62fb9be --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: api-invoker-management + labels: + {{- include "ocf-api-invoker-management.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ocf-api-invoker-management.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-api-invoker-management/templates/serviceaccount.yaml b/helm/capif/charts/ocf-api-invoker-management/templates/serviceaccount.yaml new file mode 100644 index 00000000..c3285173 --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-api-invoker-management.serviceAccountName" . }} + labels: + {{- include "ocf-api-invoker-management.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-api-invoker-management/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-api-invoker-management/templates/tests/test-connection.yaml new file mode 100644 index 00000000..f194ec63 --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-api-invoker-management.fullname" . }}-test-connection" + labels: + {{- include "ocf-api-invoker-management.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['api-invoker-management:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/ocf-api-invoker-management/values.yaml b/helm/capif/charts/ocf-api-invoker-management/values.yaml new file mode 100644 index 00000000..a296a41e --- /dev/null +++ b/helm/capif/charts/ocf-api-invoker-management/values.yaml @@ -0,0 +1,119 @@ +# Default values for ocf-api-invoker-management. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: ocf-api-invoker-management-api + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + monitoring: "true" + vaultHostname: vault + vaultPort: 8200 + vaultAccessToken: dev-only-token + mongoInitdbRootUsername: root + mongoInitdbRootPassword: example + mongoRegister: + mongoInitdbRootUsername: root + mongoInitdbRootPassword: example + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: + - name: capif-invoker-config + configMap: + name: capif-invoker-configmap + items: + - key: "config.yaml" + path: "config.yaml" + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: capif-invoker-config + mountPath: /usr/src/app/config.yaml + subPath: config.yaml + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/ocf-api-provider-management/.helmignore b/helm/capif/charts/ocf-api-provider-management/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-api-provider-management/Chart.yaml b/helm/capif/charts/ocf-api-provider-management/Chart.yaml new file mode 100644 index 00000000..773f014c --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-api-provider-management +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-api-provider-management/templates/NOTES.txt b/helm/capif/charts/ocf-api-provider-management/templates/NOTES.txt new file mode 100644 index 00000000..d65d7c1a --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-api-provider-management.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-api-provider-management.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-api-provider-management.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-api-provider-management.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-api-provider-management/templates/_helpers.tpl b/helm/capif/charts/ocf-api-provider-management/templates/_helpers.tpl new file mode 100644 index 00000000..eb706b49 --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-api-provider-management.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-api-provider-management.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-api-provider-management.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-api-provider-management.labels" -}} +helm.sh/chart: {{ include "ocf-api-provider-management.chart" . }} +{{ include "ocf-api-provider-management.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-api-provider-management.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-api-provider-management.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-api-provider-management.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-api-provider-management.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/templates/capif-provider-configmap.yaml b/helm/capif/charts/ocf-api-provider-management/templates/configmap.yaml similarity index 61% rename from helm/capif/templates/capif-provider-configmap.yaml rename to helm/capif/charts/ocf-api-provider-management/templates/configmap.yaml index 28e530fd..e59cfe17 100644 --- a/helm/capif/templates/capif-provider-configmap.yaml +++ b/helm/capif/charts/ocf-api-provider-management/templates/configmap.yaml @@ -5,8 +5,8 @@ metadata: data: config.yaml: | mongo: { - 'user': '{{ .Values.mongo.mongo.env.mongoInitdbRootUsername }}', - 'password': '{{ .Values.mongo.mongo.env.mongoInitdbRootPassword }}', + 'user': '{{ .Values.env.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoInitdbRootPassword }}', 'db': 'capif', 'col': 'providerenrolmentdetails', 'certs_col': "certs", @@ -15,17 +15,17 @@ data: 'port': "27017" } mongo_register: { - 'user': '{{ .Values.mongoRegister.mongo.env.mongoInitdbRootUsername }}', - 'password': '{{ .Values.mongoRegister.mongo.env.mongoInitdbRootPassword }}', + 'user': '{{ .Values.env.mongoRegister.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoRegister.mongoInitdbRootPassword }}', 'db': 'capif_users', 'col': 'user', 'host': 'mongo-register', 'port': '27017' } ca_factory: { - "url": {{ quote .Values.parametersVault.env.vaultHostname }}, - "port": {{ quote .Values.parametersVault.env.vaultPort }}, - "token": {{ quote .Values.parametersVault.env.vaultAccessToken }} + "url": {{ quote .Values.env.vaultHostname }}, + "port": {{ quote .Values.env.vaultPort }}, + "token": {{ quote .Values.env.vaultAccessToken }} } diff --git a/helm/capif/charts/ocf-api-provider-management/templates/deployment.yaml b/helm/capif/charts/ocf-api-provider-management/templates/deployment.yaml new file mode 100644 index 00000000..c5ff2156 --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/templates/deployment.yaml @@ -0,0 +1,76 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ocf-api-provider-management.fullname" . }} + labels: + {{- include "ocf-api-provider-management.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ocf-api-provider-management.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + {{- include "ocf-api-provider-management.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ocf-api-provider-management.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: MONITORING + value: {{ quote .Values.env.monitoring }} + - name: VAULT_HOSTNAME + value: {{ quote .Values.env.vaultHostname }} + - name: VAULT_PORT + value: {{ quote .Values.env.vaultPort }} + - name: VAULT_ACCESS_TOKEN + value: {{ quote .Values.env.vaultAccessToken }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/ocf-api-provider-management/templates/hpa.yaml b/helm/capif/charts/ocf-api-provider-management/templates/hpa.yaml new file mode 100644 index 00000000..f3453cc6 --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-api-provider-management.fullname" . }} + labels: + {{- include "ocf-api-provider-management.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-api-provider-management.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-api-provider-management/templates/ingress.yaml b/helm/capif/charts/ocf-api-provider-management/templates/ingress.yaml new file mode 100644 index 00000000..2edad453 --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-api-provider-management.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-api-provider-management.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-api-provider-management/templates/service.yaml b/helm/capif/charts/ocf-api-provider-management/templates/service.yaml new file mode 100644 index 00000000..cf51d10b --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: api-provider-management + labels: + {{- include "ocf-api-provider-management.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ocf-api-provider-management.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-api-provider-management/templates/serviceaccount.yaml b/helm/capif/charts/ocf-api-provider-management/templates/serviceaccount.yaml new file mode 100644 index 00000000..39bbc5c6 --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-api-provider-management.serviceAccountName" . }} + labels: + {{- include "ocf-api-provider-management.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-api-provider-management/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-api-provider-management/templates/tests/test-connection.yaml new file mode 100644 index 00000000..c8ca5295 --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-api-provider-management.fullname" . }}-test-connection" + labels: + {{- include "ocf-api-provider-management.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['api-provider-management:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/ocf-api-provider-management/values.yaml b/helm/capif/charts/ocf-api-provider-management/values.yaml new file mode 100644 index 00000000..019b2147 --- /dev/null +++ b/helm/capif/charts/ocf-api-provider-management/values.yaml @@ -0,0 +1,119 @@ +# Default values for ocf-api-provider-management. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: ocf-api-provider-management-api + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + monitoring: "true" + vaultHostname: vault + vaultPort: 8200 + vaultAccessToken: dev-only-token + mongoInitdbRootUsername: root + mongoInitdbRootPassword: example + mongoRegister: + mongoInitdbRootUsername: root + mongoInitdbRootPassword: example + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: + - name: capif-provider-config + configMap: + name: capif-provider-configmap + items: + - key: "config.yaml" + path: "config.yaml" + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: capif-provider-config + mountPath: /usr/src/app/config.yaml + subPath: config.yaml + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/ocf-auditing-api-logs/.helmignore b/helm/capif/charts/ocf-auditing-api-logs/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/helm/capif/charts/ocf-auditing-api-logs/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-auditing-api-logs/Chart.yaml b/helm/capif/charts/ocf-auditing-api-logs/Chart.yaml new file mode 100644 index 00000000..dd3585c3 --- /dev/null +++ b/helm/capif/charts/ocf-auditing-api-logs/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-auditing-api-logs +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/templates/capif-logs-configmap.yaml b/helm/capif/charts/ocf-auditing-api-logs/configmap.yaml similarity index 80% rename from helm/capif/templates/capif-logs-configmap.yaml rename to helm/capif/charts/ocf-auditing-api-logs/configmap.yaml index 53cae6ea..729d751f 100644 --- a/helm/capif/templates/capif-logs-configmap.yaml +++ b/helm/capif/charts/ocf-auditing-api-logs/configmap.yaml @@ -5,8 +5,8 @@ metadata: data: config.yaml: | mongo: { - 'user': '{{ .Values.mongo.mongo.env.mongoInitdbRootUsername }}', - 'password': '{{ .Values.mongo.mongo.env.mongoInitdbRootPassword }}', + 'user': '{{ .Values.env.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoInitdbRootPassword }}', 'db': 'capif', 'logs_col': 'invocationlogs', 'capif_users_col': "user", diff --git a/helm/capif/charts/access-control-policy/templates/NOTES.txt b/helm/capif/charts/ocf-auditing-api-logs/templates/NOTES.txt similarity index 81% rename from helm/capif/charts/access-control-policy/templates/NOTES.txt rename to helm/capif/charts/ocf-auditing-api-logs/templates/NOTES.txt index 2c54f9db..639b6680 100644 --- a/helm/capif/charts/access-control-policy/templates/NOTES.txt +++ b/helm/capif/charts/ocf-auditing-api-logs/templates/NOTES.txt @@ -6,16 +6,16 @@ {{- end }} {{- end }} {{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "access-control-policy.fullname" . }}) + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-auditing-api-logs.fullname" . }}) export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") echo http://$NODE_IP:$NODE_PORT {{- else if contains "LoadBalancer" .Values.service.type }} NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "access-control-policy.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "access-control-policy.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-auditing-api-logs.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-auditing-api-logs.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") echo http://$SERVICE_IP:{{ .Values.service.port }} {{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "access-control-policy.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-auditing-api-logs.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") echo "Visit http://127.0.0.1:8080 to use your application" kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT diff --git a/helm/capif/charts/access-control-policy/templates/_helpers.tpl b/helm/capif/charts/ocf-auditing-api-logs/templates/_helpers.tpl similarity index 71% rename from helm/capif/charts/access-control-policy/templates/_helpers.tpl rename to helm/capif/charts/ocf-auditing-api-logs/templates/_helpers.tpl index 4b87b90e..6f69487b 100644 --- a/helm/capif/charts/access-control-policy/templates/_helpers.tpl +++ b/helm/capif/charts/ocf-auditing-api-logs/templates/_helpers.tpl @@ -1,7 +1,7 @@ {{/* Expand the name of the chart. */}} -{{- define "access-control-policy.name" -}} +{{- define "ocf-auditing-api-logs.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} {{- end }} @@ -10,7 +10,7 @@ Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). If release name contains chart name it will be used as a full name. */}} -{{- define "access-control-policy.fullname" -}} +{{- define "ocf-auditing-api-logs.fullname" -}} {{- if .Values.fullnameOverride }} {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} {{- else }} @@ -26,16 +26,16 @@ If release name contains chart name it will be used as a full name. {{/* Create chart name and version as used by the chart label. */}} -{{- define "access-control-policy.chart" -}} +{{- define "ocf-auditing-api-logs.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} {{- end }} {{/* Common labels */}} -{{- define "access-control-policy.labels" -}} -helm.sh/chart: {{ include "access-control-policy.chart" . }} -{{ include "access-control-policy.selectorLabels" . }} +{{- define "ocf-auditing-api-logs.labels" -}} +helm.sh/chart: {{ include "ocf-auditing-api-logs.chart" . }} +{{ include "ocf-auditing-api-logs.selectorLabels" . }} {{- if .Chart.AppVersion }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end }} @@ -45,17 +45,17 @@ app.kubernetes.io/managed-by: {{ .Release.Service }} {{/* Selector labels */}} -{{- define "access-control-policy.selectorLabels" -}} -app.kubernetes.io/name: {{ include "access-control-policy.name" . }} +{{- define "ocf-auditing-api-logs.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-auditing-api-logs.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} {{/* Create the name of the service account to use */}} -{{- define "access-control-policy.serviceAccountName" -}} +{{- define "ocf-auditing-api-logs.serviceAccountName" -}} {{- if .Values.serviceAccount.create }} -{{- default (include "access-control-policy.fullname" .) .Values.serviceAccount.name }} +{{- default (include "ocf-auditing-api-logs.fullname" .) .Values.serviceAccount.name }} {{- else }} {{- default "default" .Values.serviceAccount.name }} {{- end }} diff --git a/helm/capif/charts/ocf-auditing-api-logs/templates/configmap.yaml b/helm/capif/charts/ocf-auditing-api-logs/templates/configmap.yaml new file mode 100644 index 00000000..729d751f --- /dev/null +++ b/helm/capif/charts/ocf-auditing-api-logs/templates/configmap.yaml @@ -0,0 +1,27 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: capif-logs-configmap +data: + config.yaml: | + mongo: { + 'user': '{{ .Values.env.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoInitdbRootPassword }}', + 'db': 'capif', + 'logs_col': 'invocationlogs', + 'capif_users_col': "user", + 'host': 'mongo', + 'port': "27017" + } + + monitoring: { + "fluent_bit_host": fluent-bit, + "fluent_bit_port": 24224, + "opentelemetry_url": "otel-collector", + "opentelemetry_port": "55680", + "opentelemetry_max_queue_size": 8192, + "opentelemetry_schedule_delay_millis": 20000, + "opentelemetry_max_export_batch_size": 2048, + "opentelemetry_export_timeout_millis": 60000 + } + diff --git a/helm/capif/charts/ocf-auditing-api-logs/templates/deployment.yaml b/helm/capif/charts/ocf-auditing-api-logs/templates/deployment.yaml new file mode 100644 index 00000000..62cbf034 --- /dev/null +++ b/helm/capif/charts/ocf-auditing-api-logs/templates/deployment.yaml @@ -0,0 +1,70 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ocf-auditing-api-logs.fullname" . }} + labels: + {{- include "ocf-auditing-api-logs.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ocf-auditing-api-logs.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + {{- include "ocf-auditing-api-logs.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ocf-auditing-api-logs.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: MONITORING + value: {{ quote .Values.env.monitoring }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/ocf-auditing-api-logs/templates/hpa.yaml b/helm/capif/charts/ocf-auditing-api-logs/templates/hpa.yaml new file mode 100644 index 00000000..4133851d --- /dev/null +++ b/helm/capif/charts/ocf-auditing-api-logs/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-auditing-api-logs.fullname" . }} + labels: + {{- include "ocf-auditing-api-logs.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-auditing-api-logs.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-auditing-api-logs/templates/ingress.yaml b/helm/capif/charts/ocf-auditing-api-logs/templates/ingress.yaml new file mode 100644 index 00000000..1a63f2f1 --- /dev/null +++ b/helm/capif/charts/ocf-auditing-api-logs/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-auditing-api-logs.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-auditing-api-logs.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-auditing-api-logs/templates/service.yaml b/helm/capif/charts/ocf-auditing-api-logs/templates/service.yaml new file mode 100644 index 00000000..cc0a6858 --- /dev/null +++ b/helm/capif/charts/ocf-auditing-api-logs/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: logs + labels: + {{- include "ocf-auditing-api-logs.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ocf-auditing-api-logs.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/access-control-policy/templates/serviceaccount.yaml b/helm/capif/charts/ocf-auditing-api-logs/templates/serviceaccount.yaml similarity index 69% rename from helm/capif/charts/access-control-policy/templates/serviceaccount.yaml rename to helm/capif/charts/ocf-auditing-api-logs/templates/serviceaccount.yaml index fc12b544..7cc126f5 100644 --- a/helm/capif/charts/access-control-policy/templates/serviceaccount.yaml +++ b/helm/capif/charts/ocf-auditing-api-logs/templates/serviceaccount.yaml @@ -2,9 +2,9 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ include "access-control-policy.serviceAccountName" . }} + name: {{ include "ocf-auditing-api-logs.serviceAccountName" . }} labels: - {{- include "access-control-policy.labels" . | nindent 4 }} + {{- include "ocf-auditing-api-logs.labels" . | nindent 4 }} {{- with .Values.serviceAccount.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/helm/capif/charts/ocf-auditing-api-logs/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-auditing-api-logs/templates/tests/test-connection.yaml new file mode 100644 index 00000000..ddd02e7f --- /dev/null +++ b/helm/capif/charts/ocf-auditing-api-logs/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-auditing-api-logs.fullname" . }}-test-connection" + labels: + {{- include "ocf-auditing-api-logs.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['logs:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/ocf-auditing-api-logs/values.yaml b/helm/capif/charts/ocf-auditing-api-logs/values.yaml new file mode 100644 index 00000000..41e3d1f3 --- /dev/null +++ b/helm/capif/charts/ocf-auditing-api-logs/values.yaml @@ -0,0 +1,115 @@ +# Default values for ocf-auditing-api-logs. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: auditing-api + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + monitoring: "true" + mongoInitdbRootUsername: root + mongoInitdbRootPassword: example + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + initialDelaySeconds: 5 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: + - name: capif-logs-config + configMap: + name: capif-logs-configmap + items: + - key: "config.yaml" + path: "config.yaml" + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: capif-logs-config + mountPath: /usr/src/app/config.yaml + subPath: config.yaml + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/ocf-discover-service-api/.helmignore b/helm/capif/charts/ocf-discover-service-api/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-discover-service-api/Chart.yaml b/helm/capif/charts/ocf-discover-service-api/Chart.yaml new file mode 100644 index 00000000..3bffbb8a --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-discover-service-api +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-discover-service-api/templates/NOTES.txt b/helm/capif/charts/ocf-discover-service-api/templates/NOTES.txt new file mode 100644 index 00000000..64d22308 --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-discover-service-api.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-discover-service-api.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-discover-service-api.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-discover-service-api.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-discover-service-api/templates/_helpers.tpl b/helm/capif/charts/ocf-discover-service-api/templates/_helpers.tpl new file mode 100644 index 00000000..2c42280e --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-discover-service-api.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-discover-service-api.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-discover-service-api.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-discover-service-api.labels" -}} +helm.sh/chart: {{ include "ocf-discover-service-api.chart" . }} +{{ include "ocf-discover-service-api.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-discover-service-api.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-discover-service-api.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-discover-service-api.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-discover-service-api.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/templates/capif-service-configmap.yaml b/helm/capif/charts/ocf-discover-service-api/templates/configmap.yaml similarity index 82% rename from helm/capif/templates/capif-service-configmap.yaml rename to helm/capif/charts/ocf-discover-service-api/templates/configmap.yaml index 1cd3d661..96d0c367 100644 --- a/helm/capif/templates/capif-service-configmap.yaml +++ b/helm/capif/charts/ocf-discover-service-api/templates/configmap.yaml @@ -5,8 +5,8 @@ metadata: data: config.yaml: | mongo: { - 'user': '{{ .Values.mongo.mongo.env.mongoInitdbRootUsername }}', - 'password': '{{ .Values.mongo.mongo.env.mongoInitdbRootPassword }}', + 'user': '{{ .Values.env.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoInitdbRootPassword }}', 'db': 'capif', 'col': 'serviceapidescriptions', 'invokers_col': 'invokerdetails', diff --git a/helm/capif/charts/ocf-discover-service-api/templates/deployment.yaml b/helm/capif/charts/ocf-discover-service-api/templates/deployment.yaml new file mode 100644 index 00000000..438b986e --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/templates/deployment.yaml @@ -0,0 +1,70 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ocf-discover-service-api.fullname" . }} + labels: + {{- include "ocf-discover-service-api.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ocf-discover-service-api.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + {{- include "ocf-discover-service-api.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ocf-discover-service-api.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: MONITORING + value: {{ quote .Values.env.monitoring }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/ocf-discover-service-api/templates/hpa.yaml b/helm/capif/charts/ocf-discover-service-api/templates/hpa.yaml new file mode 100644 index 00000000..bb4c3010 --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-discover-service-api.fullname" . }} + labels: + {{- include "ocf-discover-service-api.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-discover-service-api.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-discover-service-api/templates/ingress.yaml b/helm/capif/charts/ocf-discover-service-api/templates/ingress.yaml new file mode 100644 index 00000000..b5187292 --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-discover-service-api.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-discover-service-api.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-discover-service-api/templates/service.yaml b/helm/capif/charts/ocf-discover-service-api/templates/service.yaml new file mode 100644 index 00000000..fda46c37 --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: service-apis + labels: + {{- include "ocf-discover-service-api.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ocf-discover-service-api.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-discover-service-api/templates/serviceaccount.yaml b/helm/capif/charts/ocf-discover-service-api/templates/serviceaccount.yaml new file mode 100644 index 00000000..be789193 --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-discover-service-api.serviceAccountName" . }} + labels: + {{- include "ocf-discover-service-api.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-discover-service-api/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-discover-service-api/templates/tests/test-connection.yaml new file mode 100644 index 00000000..3551457a --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-discover-service-api.fullname" . }}-test-connection" + labels: + {{- include "ocf-discover-service-api.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['service-apis:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/ocf-discover-service-api/values.yaml b/helm/capif/charts/ocf-discover-service-api/values.yaml new file mode 100644 index 00000000..b69232d4 --- /dev/null +++ b/helm/capif/charts/ocf-discover-service-api/values.yaml @@ -0,0 +1,116 @@ +# Default values for ocf-discover-service-api. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: discover-service-api + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + monitoring: "true" + mongoInitdbRootUsername: root + mongoInitdbRootPassword: example + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + initialDelaySeconds: 5 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: + - name: capif-service-config + configMap: + name: capif-service-configmap + items: + - key: "config.yaml" + path: "config.yaml" + + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: capif-service-config + mountPath: /usr/src/app/config.yaml + subPath: config.yaml + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/ocf-events/.helmignore b/helm/capif/charts/ocf-events/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/helm/capif/charts/ocf-events/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-events/Chart.yaml b/helm/capif/charts/ocf-events/Chart.yaml new file mode 100644 index 00000000..9e9667fd --- /dev/null +++ b/helm/capif/charts/ocf-events/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-events +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-events/templates/NOTES.txt b/helm/capif/charts/ocf-events/templates/NOTES.txt new file mode 100644 index 00000000..2fe07465 --- /dev/null +++ b/helm/capif/charts/ocf-events/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-events.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-events.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-events.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-events.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-events/templates/_helpers.tpl b/helm/capif/charts/ocf-events/templates/_helpers.tpl new file mode 100644 index 00000000..1c0caa66 --- /dev/null +++ b/helm/capif/charts/ocf-events/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-events.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-events.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-events.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-events.labels" -}} +helm.sh/chart: {{ include "ocf-events.chart" . }} +{{ include "ocf-events.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-events.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-events.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-events.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-events.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/templates/capif-events-configmap.yaml b/helm/capif/charts/ocf-events/templates/configmap.yaml similarity index 82% rename from helm/capif/templates/capif-events-configmap.yaml rename to helm/capif/charts/ocf-events/templates/configmap.yaml index ca31c23e..a928cac5 100644 --- a/helm/capif/templates/capif-events-configmap.yaml +++ b/helm/capif/charts/ocf-events/templates/configmap.yaml @@ -5,8 +5,8 @@ metadata: data: config.yaml: | mongo: { - 'user': '{{ .Values.mongo.mongo.env.mongoInitdbRootUsername }}', - 'password': '{{ .Values.mongo.mongo.env.mongoInitdbRootPassword }}', + 'user': '{{ .Values.env.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoInitdbRootPassword }}', 'db': 'capif', 'col': 'eventsdetails', 'certs_col': "certs", @@ -25,4 +25,4 @@ data: "opentelemetry_schedule_delay_millis": 20000, "opentelemetry_max_export_batch_size": 2048, "opentelemetry_export_timeout_millis": 60000 - } + } \ No newline at end of file diff --git a/helm/capif/charts/ocf-events/templates/deployment.yaml b/helm/capif/charts/ocf-events/templates/deployment.yaml new file mode 100644 index 00000000..f94cc7b3 --- /dev/null +++ b/helm/capif/charts/ocf-events/templates/deployment.yaml @@ -0,0 +1,70 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ocf-events.fullname" . }} + labels: + {{- include "ocf-events.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ocf-events.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + {{- include "ocf-events.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ocf-events.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: MONITORING + value: {{ quote .Values.env.monitoring }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/ocf-events/templates/hpa.yaml b/helm/capif/charts/ocf-events/templates/hpa.yaml new file mode 100644 index 00000000..f494b032 --- /dev/null +++ b/helm/capif/charts/ocf-events/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-events.fullname" . }} + labels: + {{- include "ocf-events.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-events.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-events/templates/ingress.yaml b/helm/capif/charts/ocf-events/templates/ingress.yaml new file mode 100644 index 00000000..9844a7f0 --- /dev/null +++ b/helm/capif/charts/ocf-events/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-events.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-events.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-events/templates/service.yaml b/helm/capif/charts/ocf-events/templates/service.yaml new file mode 100644 index 00000000..dd54acae --- /dev/null +++ b/helm/capif/charts/ocf-events/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: capif-events + labels: + {{- include "ocf-events.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ocf-events.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-events/templates/serviceaccount.yaml b/helm/capif/charts/ocf-events/templates/serviceaccount.yaml new file mode 100644 index 00000000..f29121ae --- /dev/null +++ b/helm/capif/charts/ocf-events/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-events.serviceAccountName" . }} + labels: + {{- include "ocf-events.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-events/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-events/templates/tests/test-connection.yaml new file mode 100644 index 00000000..fc224330 --- /dev/null +++ b/helm/capif/charts/ocf-events/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-events.fullname" . }}-test-connection" + labels: + {{- include "ocf-events.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['capif-events:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/ocf-events/values.yaml b/helm/capif/charts/ocf-events/values.yaml new file mode 100644 index 00000000..c600141f --- /dev/null +++ b/helm/capif/charts/ocf-events/values.yaml @@ -0,0 +1,115 @@ +# Default values for ocf-events. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: events-api + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + monitoring: "true" + mongoInitdbRootUsername: root + mongoInitdbRootPassword: example + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + initialDelaySeconds: 5 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: + - name: capif-events-config + configMap: + name: capif-events-configmap + items: + - key: "config.yaml" + path: "config.yaml" + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: capif-events-config + mountPath: /usr/src/app/config.yaml + subPath: config.yaml + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/ocf-helper/.helmignore b/helm/capif/charts/ocf-helper/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/helm/capif/charts/ocf-helper/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-helper/Chart.yaml b/helm/capif/charts/ocf-helper/Chart.yaml new file mode 100644 index 00000000..ac740bc6 --- /dev/null +++ b/helm/capif/charts/ocf-helper/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-helper +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-helper/templates/NOTES.txt b/helm/capif/charts/ocf-helper/templates/NOTES.txt new file mode 100644 index 00000000..abd13187 --- /dev/null +++ b/helm/capif/charts/ocf-helper/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-helper.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-helper.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-helper.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-helper.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-helper/templates/_helpers.tpl b/helm/capif/charts/ocf-helper/templates/_helpers.tpl new file mode 100644 index 00000000..df679e32 --- /dev/null +++ b/helm/capif/charts/ocf-helper/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-helper.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-helper.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-helper.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-helper.labels" -}} +helm.sh/chart: {{ include "ocf-helper.chart" . }} +{{ include "ocf-helper.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-helper.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-helper.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-helper.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-helper.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/charts/helper/templates/deployment.yaml b/helm/capif/charts/ocf-helper/templates/deployment.yaml similarity index 88% rename from helm/capif/charts/helper/templates/deployment.yaml rename to helm/capif/charts/ocf-helper/templates/deployment.yaml index a3f43d3e..7c55930f 100644 --- a/helm/capif/charts/helper/templates/deployment.yaml +++ b/helm/capif/charts/ocf-helper/templates/deployment.yaml @@ -1,23 +1,23 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ include "helper.fullname" . }} + name: {{ include "ocf-helper.fullname" . }} labels: - {{- include "helper.labels" . | nindent 4 }} + {{- include "ocf-helper.labels" . | nindent 4 }} spec: {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} {{- end }} selector: matchLabels: - {{- include "helper.selectorLabels" . | nindent 6 }} + {{- include "ocf-helper.selectorLabels" . | nindent 6 }} template: metadata: annotations: date: "{{ now | unixEpoch }}" checksum/config: {{ include (print $.Template.BasePath "/ocf-helper-configmap.yaml") . | sha256sum }} labels: - {{- include "helper.labels" . | nindent 8 }} + {{- include "ocf-helper.labels" . | nindent 8 }} {{- with .Values.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} @@ -26,7 +26,7 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - serviceAccountName: {{ include "helper.serviceAccountName" . }} + serviceAccountName: {{ include "ocf-helper.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: diff --git a/helm/capif/charts/ocf-helper/templates/hpa.yaml b/helm/capif/charts/ocf-helper/templates/hpa.yaml new file mode 100644 index 00000000..670686ab --- /dev/null +++ b/helm/capif/charts/ocf-helper/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-helper.fullname" . }} + labels: + {{- include "ocf-helper.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-helper.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-helper/templates/ingress.yaml b/helm/capif/charts/ocf-helper/templates/ingress.yaml new file mode 100644 index 00000000..76d37c85 --- /dev/null +++ b/helm/capif/charts/ocf-helper/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-helper.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-helper.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/helper/templates/ocf-helper-configmap.yaml b/helm/capif/charts/ocf-helper/templates/ocf-helper-configmap.yaml similarity index 100% rename from helm/capif/charts/helper/templates/ocf-helper-configmap.yaml rename to helm/capif/charts/ocf-helper/templates/ocf-helper-configmap.yaml diff --git a/helm/capif/charts/helper/templates/service.yaml b/helm/capif/charts/ocf-helper/templates/service.yaml similarity index 66% rename from helm/capif/charts/helper/templates/service.yaml rename to helm/capif/charts/ocf-helper/templates/service.yaml index 4a743709..87006eba 100644 --- a/helm/capif/charts/helper/templates/service.yaml +++ b/helm/capif/charts/ocf-helper/templates/service.yaml @@ -3,7 +3,7 @@ kind: Service metadata: name: helper labels: - {{- include "helper.labels" . | nindent 4 }} + {{- include "ocf-helper.labels" . | nindent 4 }} spec: type: {{ .Values.service.type }} ports: @@ -12,4 +12,4 @@ spec: protocol: TCP name: http selector: - {{- include "helper.selectorLabels" . | nindent 4 }} + {{- include "ocf-helper.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-helper/templates/serviceaccount.yaml b/helm/capif/charts/ocf-helper/templates/serviceaccount.yaml new file mode 100644 index 00000000..a3da0593 --- /dev/null +++ b/helm/capif/charts/ocf-helper/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-helper.serviceAccountName" . }} + labels: + {{- include "ocf-helper.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-helper/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-helper/templates/tests/test-connection.yaml new file mode 100644 index 00000000..57760421 --- /dev/null +++ b/helm/capif/charts/ocf-helper/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-helper.fullname" . }}-test-connection" + labels: + {{- include "ocf-helper.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['helper:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/helper/values.yaml b/helm/capif/charts/ocf-helper/values.yaml similarity index 96% rename from helm/capif/charts/helper/values.yaml rename to helm/capif/charts/ocf-helper/values.yaml index 147c003a..36e09890 100644 --- a/helm/capif/charts/helper/values.yaml +++ b/helm/capif/charts/ocf-helper/values.yaml @@ -1,11 +1,11 @@ -# Default values for helper. +# Default values for ocf-helper. # This is a YAML-formatted file. # Declare variables to be passed into your templates. replicaCount: 1 image: - repository: "helper" + repository: "ocf-helper" pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. tag: "" @@ -36,7 +36,7 @@ serviceAccount: name: "" podAnnotations: - app: ocf-helper + app: ocf-ocf-helper podLabels: {} diff --git a/helm/capif/charts/ocf-publish-service-api/.helmignore b/helm/capif/charts/ocf-publish-service-api/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-publish-service-api/Chart.yaml b/helm/capif/charts/ocf-publish-service-api/Chart.yaml new file mode 100644 index 00000000..166d2523 --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-publish-service-api +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-publish-service-api/templates/NOTES.txt b/helm/capif/charts/ocf-publish-service-api/templates/NOTES.txt new file mode 100644 index 00000000..deaaa588 --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-publish-service-api.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-publish-service-api.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-publish-service-api.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-publish-service-api.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-publish-service-api/templates/_helpers.tpl b/helm/capif/charts/ocf-publish-service-api/templates/_helpers.tpl new file mode 100644 index 00000000..9ca28fab --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-publish-service-api.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-publish-service-api.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-publish-service-api.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-publish-service-api.labels" -}} +helm.sh/chart: {{ include "ocf-publish-service-api.chart" . }} +{{ include "ocf-publish-service-api.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-publish-service-api.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-publish-service-api.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-publish-service-api.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-publish-service-api.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/templates/capif-published-configmap.yaml b/helm/capif/charts/ocf-publish-service-api/templates/configmap.yaml similarity index 82% rename from helm/capif/templates/capif-published-configmap.yaml rename to helm/capif/charts/ocf-publish-service-api/templates/configmap.yaml index 507afd4a..a76b2f2b 100644 --- a/helm/capif/templates/capif-published-configmap.yaml +++ b/helm/capif/charts/ocf-publish-service-api/templates/configmap.yaml @@ -5,8 +5,8 @@ metadata: data: config.yaml: | mongo: { - 'user': '{{ .Values.mongo.mongo.env.mongoInitdbRootUsername }}', - 'password': '{{ .Values.mongo.mongo.env.mongoInitdbRootPassword }}', + 'user': '{{ .Values.env.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoInitdbRootPassword }}', 'db': 'capif', 'col': 'serviceapidescriptions', 'certs_col': "certs", diff --git a/helm/capif/charts/ocf-publish-service-api/templates/deployment.yaml b/helm/capif/charts/ocf-publish-service-api/templates/deployment.yaml new file mode 100644 index 00000000..49d9b2ce --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/templates/deployment.yaml @@ -0,0 +1,70 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ocf-publish-service-api.fullname" . }} + labels: + {{- include "ocf-publish-service-api.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ocf-publish-service-api.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + {{- include "ocf-publish-service-api.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ocf-publish-service-api.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: MONITORING + value: {{ quote .Values.env.monitoring }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/ocf-publish-service-api/templates/hpa.yaml b/helm/capif/charts/ocf-publish-service-api/templates/hpa.yaml new file mode 100644 index 00000000..34c23685 --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-publish-service-api.fullname" . }} + labels: + {{- include "ocf-publish-service-api.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-publish-service-api.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-publish-service-api/templates/ingress.yaml b/helm/capif/charts/ocf-publish-service-api/templates/ingress.yaml new file mode 100644 index 00000000..22cd9f36 --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-publish-service-api.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-publish-service-api.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-publish-service-api/templates/service.yaml b/helm/capif/charts/ocf-publish-service-api/templates/service.yaml new file mode 100644 index 00000000..2412215a --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: published-apis + labels: + {{- include "ocf-publish-service-api.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ocf-publish-service-api.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-publish-service-api/templates/serviceaccount.yaml b/helm/capif/charts/ocf-publish-service-api/templates/serviceaccount.yaml new file mode 100644 index 00000000..22ca36f7 --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-publish-service-api.serviceAccountName" . }} + labels: + {{- include "ocf-publish-service-api.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-publish-service-api/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-publish-service-api/templates/tests/test-connection.yaml new file mode 100644 index 00000000..edbd061a --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-publish-service-api.fullname" . }}-test-connection" + labels: + {{- include "ocf-publish-service-api.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['published-apis:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/ocf-publish-service-api/values.yaml b/helm/capif/charts/ocf-publish-service-api/values.yaml new file mode 100644 index 00000000..4ab3c9cd --- /dev/null +++ b/helm/capif/charts/ocf-publish-service-api/values.yaml @@ -0,0 +1,115 @@ +# Default values for ocf-publish-service-api. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: publish-service-api + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + monitoring: "true" + mongoInitdbRootUsername: root + mongoInitdbRootPassword: example + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + initialDelaySeconds: 5 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: + - name: capif-published-config + configMap: + name: capif-published-configmap + items: + - key: "config.yaml" + path: "config.yaml" + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: capif-published-config + mountPath: /usr/src/app/config.yaml + subPath: config.yaml + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/ocf-register/.helmignore b/helm/capif/charts/ocf-register/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/helm/capif/charts/ocf-register/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-register/Chart.yaml b/helm/capif/charts/ocf-register/Chart.yaml new file mode 100644 index 00000000..06dee807 --- /dev/null +++ b/helm/capif/charts/ocf-register/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-register +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-register/templates/NOTES.txt b/helm/capif/charts/ocf-register/templates/NOTES.txt new file mode 100644 index 00000000..f323bac8 --- /dev/null +++ b/helm/capif/charts/ocf-register/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-register.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-register.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-register.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-register.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-register/templates/_helpers.tpl b/helm/capif/charts/ocf-register/templates/_helpers.tpl new file mode 100644 index 00000000..c1d5489e --- /dev/null +++ b/helm/capif/charts/ocf-register/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-register.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-register.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-register.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-register.labels" -}} +helm.sh/chart: {{ include "ocf-register.chart" . }} +{{ include "ocf-register.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-register.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-register.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-register.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-register.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/templates/register-configmap.yaml b/helm/capif/charts/ocf-register/templates/configmap.yaml similarity index 53% rename from helm/capif/templates/register-configmap.yaml rename to helm/capif/charts/ocf-register/templates/configmap.yaml index 7dcc3006..d927eba3 100644 --- a/helm/capif/templates/register-configmap.yaml +++ b/helm/capif/charts/ocf-register/templates/configmap.yaml @@ -2,8 +2,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: register-configmap - labels: - {{- include "capif.labels" . | nindent 4 }} data: config.yaml: |- mongo: { @@ -11,13 +9,13 @@ data: 'password': 'example', 'db': 'capif_users', 'col': 'user', - 'host': '{{ .Values.register.register.env.mongoHost }}', - 'port': '{{ .Values.register.register.env.mongoPort }}' + 'host': '{{ .Values.env.mongoHost }}', + 'port': '{{ .Values.env.mongoPort }}' } ca_factory: { - "url": "{{ .Values.parametersVault.env.vaultHostname }}", - "port": "{{ .Values.parametersVault.env.vaultPort }}", - "token": "{{ .Values.parametersVault.env.vaultAccessToken }}" + "url": "{{ .Values.env.vaultHostname }}", + "port": "{{ .Values.env.vaultPort }}", + "token": "{{ .Values.env.vaultAccessToken }}" } register: { register_uuid: '6ba7b810-9dad-11d1-80b4-00c04fd430c8', diff --git a/helm/capif/charts/ocf-register/templates/deployment.yaml b/helm/capif/charts/ocf-register/templates/deployment.yaml new file mode 100644 index 00000000..5437dfc8 --- /dev/null +++ b/helm/capif/charts/ocf-register/templates/deployment.yaml @@ -0,0 +1,74 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ocf-register.fullname" . }} + labels: + {{- include "ocf-register.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ocf-register.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + {{- include "ocf-register.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ocf-register.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: VAULT_HOSTNAME + value: {{ quote .Values.env.vaultHostname }} + - name: VAULT_PORT + value: {{ quote .Values.env.vaultPort }} + - name: VAULT_ACCESS_TOKEN + value: {{ quote .Values.env.vaultAccessToken }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/ocf-register/templates/hpa.yaml b/helm/capif/charts/ocf-register/templates/hpa.yaml new file mode 100644 index 00000000..936dbb44 --- /dev/null +++ b/helm/capif/charts/ocf-register/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-register.fullname" . }} + labels: + {{- include "ocf-register.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-register.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-register/templates/ingress.yaml b/helm/capif/charts/ocf-register/templates/ingress.yaml new file mode 100644 index 00000000..c5911eb2 --- /dev/null +++ b/helm/capif/charts/ocf-register/templates/ingress.yaml @@ -0,0 +1,60 @@ +{{- if .Values.ingress.enabled -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: nginx-register + labels: + {{- include "ocf-register.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: register + port: + number: {{ $svcPort }} + {{- else }} + serviceName: register + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-register/templates/service.yaml b/helm/capif/charts/ocf-register/templates/service.yaml new file mode 100644 index 00000000..ae6f7f61 --- /dev/null +++ b/helm/capif/charts/ocf-register/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: register + labels: + {{- include "ocf-register.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: 8080 + protocol: TCP + name: http + selector: + {{- include "ocf-register.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-register/templates/serviceaccount.yaml b/helm/capif/charts/ocf-register/templates/serviceaccount.yaml new file mode 100644 index 00000000..d2954561 --- /dev/null +++ b/helm/capif/charts/ocf-register/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-register.serviceAccountName" . }} + labels: + {{- include "ocf-register.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-register/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-register/templates/tests/test-connection.yaml new file mode 100644 index 00000000..40831f65 --- /dev/null +++ b/helm/capif/charts/ocf-register/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-register.fullname" . }}-test-connection" + labels: + {{- include "ocf-register.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['register:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/ocf-register/values.yaml b/helm/capif/charts/ocf-register/values.yaml new file mode 100644 index 00000000..b9e9e49c --- /dev/null +++ b/helm/capif/charts/ocf-register/values.yaml @@ -0,0 +1,118 @@ +# Default values for ocf-register. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: register + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + mongoHost: mongo-register + mongoPort: 27017 + vaultHostname: vault + vaultPort: 8200 + vaultAccessToken: dev-only-token + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8084 + +ingress: + enabled: true + className: "nginx" + annotations: + #cert-manager.io/issuer: letsencrypt-issuer + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + nginx.ingress.kubernetes.io/ssl-passthrough: "true" + nginx.ingress.kubernetes.io/ssl-redirect: "true" + hosts: + - host: register.app.ocp-epg.hi.inet + paths: + - path: / + pathType: Prefix + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: + - name: register-configmap + configMap: + name: register-configmap + items: + - key: "config.yaml" + path: "config.yaml" + + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: register-configmap + mountPath: /usr/src/app/config.yaml + subPath: config.yaml + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/ocf-routing-info/.helmignore b/helm/capif/charts/ocf-routing-info/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-routing-info/Chart.yaml b/helm/capif/charts/ocf-routing-info/Chart.yaml new file mode 100644 index 00000000..bf109e2a --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-routing-info +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-routing-info/templates/NOTES.txt b/helm/capif/charts/ocf-routing-info/templates/NOTES.txt new file mode 100644 index 00000000..f08d1a05 --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-routing-info.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-routing-info.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-routing-info.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-routing-info.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-routing-info/templates/_helpers.tpl b/helm/capif/charts/ocf-routing-info/templates/_helpers.tpl new file mode 100644 index 00000000..58bef4e6 --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-routing-info.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-routing-info.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-routing-info.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-routing-info.labels" -}} +helm.sh/chart: {{ include "ocf-routing-info.chart" . }} +{{ include "ocf-routing-info.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-routing-info.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-routing-info.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-routing-info.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-routing-info.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-routing-info/templates/deployment.yaml b/helm/capif/charts/ocf-routing-info/templates/deployment.yaml new file mode 100644 index 00000000..2e1abf12 --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/templates/deployment.yaml @@ -0,0 +1,69 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ocf-routing-info.fullname" . }} + labels: + {{- include "ocf-routing-info.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ocf-routing-info.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + labels: + {{- include "ocf-routing-info.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ocf-routing-info.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: MONITORING + value: {{ quote .Values.env.monitoring }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/ocf-routing-info/templates/hpa.yaml b/helm/capif/charts/ocf-routing-info/templates/hpa.yaml new file mode 100644 index 00000000..6172807b --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-routing-info.fullname" . }} + labels: + {{- include "ocf-routing-info.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-routing-info.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-routing-info/templates/ingress.yaml b/helm/capif/charts/ocf-routing-info/templates/ingress.yaml new file mode 100644 index 00000000..cf74fa94 --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-routing-info.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-routing-info.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-routing-info/templates/service.yaml b/helm/capif/charts/ocf-routing-info/templates/service.yaml new file mode 100644 index 00000000..125bf085 --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: capif-routing-info + labels: + {{- include "ocf-routing-info.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ocf-routing-info.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-routing-info/templates/serviceaccount.yaml b/helm/capif/charts/ocf-routing-info/templates/serviceaccount.yaml new file mode 100644 index 00000000..6d1721d3 --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-routing-info.serviceAccountName" . }} + labels: + {{- include "ocf-routing-info.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-routing-info/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-routing-info/templates/tests/test-connection.yaml new file mode 100644 index 00000000..26169c14 --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-routing-info.fullname" . }}-test-connection" + labels: + {{- include "ocf-routing-info.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['capif-routing-info:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/ocf-routing-info/values.yaml b/helm/capif/charts/ocf-routing-info/values.yaml new file mode 100644 index 00000000..8ba779c4 --- /dev/null +++ b/helm/capif/charts/ocf-routing-info/values.yaml @@ -0,0 +1,111 @@ +# Default values for ocf-routing-info. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: routing-info-api + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + monitoring: "true" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + initialDelaySeconds: 5 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: [] +# - name: foo +# secret: +# secretName: mysecret +# optional: false + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: [] +# - name: foo +# mountPath: "/etc/foo" +# readOnly: true + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/ocf-security/.helmignore b/helm/capif/charts/ocf-security/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/helm/capif/charts/ocf-security/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/ocf-security/Chart.yaml b/helm/capif/charts/ocf-security/Chart.yaml new file mode 100644 index 00000000..93606cd6 --- /dev/null +++ b/helm/capif/charts/ocf-security/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ocf-security +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/ocf-security/templates/NOTES.txt b/helm/capif/charts/ocf-security/templates/NOTES.txt new file mode 100644 index 00000000..3654878a --- /dev/null +++ b/helm/capif/charts/ocf-security/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ocf-security.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ocf-security.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ocf-security.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ocf-security.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/ocf-security/templates/_helpers.tpl b/helm/capif/charts/ocf-security/templates/_helpers.tpl new file mode 100644 index 00000000..11c7d3fa --- /dev/null +++ b/helm/capif/charts/ocf-security/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocf-security.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocf-security.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ocf-security.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocf-security.labels" -}} +helm.sh/chart: {{ include "ocf-security.chart" . }} +{{ include "ocf-security.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocf-security.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocf-security.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ocf-security.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ocf-security.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/templates/capif-security-configmap.yaml b/helm/capif/charts/ocf-security/templates/configmap.yaml similarity index 82% rename from helm/capif/templates/capif-security-configmap.yaml rename to helm/capif/charts/ocf-security/templates/configmap.yaml index ade6a592..5d099d19 100644 --- a/helm/capif/templates/capif-security-configmap.yaml +++ b/helm/capif/charts/ocf-security/templates/configmap.yaml @@ -5,8 +5,8 @@ metadata: data: config.yaml: | mongo: { - 'user': '{{ .Values.mongo.mongo.env.mongoInitdbRootUsername }}', - 'password': '{{ .Values.mongo.mongo.env.mongoInitdbRootPassword }}', + 'user': '{{ .Values.env.mongoInitdbRootUsername }}', + 'password': '{{ .Values.env.mongoInitdbRootPassword }}', 'db': 'capif', 'col': 'security', 'capif_service_col': 'serviceapidescriptions', diff --git a/helm/capif/charts/ocf-security/templates/deployment.yaml b/helm/capif/charts/ocf-security/templates/deployment.yaml new file mode 100644 index 00000000..44bd7fa9 --- /dev/null +++ b/helm/capif/charts/ocf-security/templates/deployment.yaml @@ -0,0 +1,78 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ocf-security.fullname" . }} + labels: + {{- include "ocf-security.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ocf-security.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + {{- include "ocf-security.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ocf-security.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: CAPIF_HOSTNAME + value: {{ quote .Values.env.capifHostname }} + - name: MONITORING + value: {{ quote .Values.env.monitoring }} + - name: VAULT_HOSTNAME + value: {{ quote .Values.env.vaultHostname }} + - name: VAULT_PORT + value: {{ quote .Values.env.vaultPort }} + - name: VAULT_ACCESS_TOKEN + value: {{ quote .Values.env.vaultAccessToken }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/ocf-security/templates/hpa.yaml b/helm/capif/charts/ocf-security/templates/hpa.yaml new file mode 100644 index 00000000..7b4759b3 --- /dev/null +++ b/helm/capif/charts/ocf-security/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ocf-security.fullname" . }} + labels: + {{- include "ocf-security.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ocf-security.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-security/templates/ingress.yaml b/helm/capif/charts/ocf-security/templates/ingress.yaml new file mode 100644 index 00000000..5656fea5 --- /dev/null +++ b/helm/capif/charts/ocf-security/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ocf-security.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ocf-security.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/ocf-security/templates/service.yaml b/helm/capif/charts/ocf-security/templates/service.yaml new file mode 100644 index 00000000..553dc57a --- /dev/null +++ b/helm/capif/charts/ocf-security/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: capif-security + labels: + {{- include "ocf-security.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ocf-security.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/ocf-security/templates/serviceaccount.yaml b/helm/capif/charts/ocf-security/templates/serviceaccount.yaml new file mode 100644 index 00000000..29faf430 --- /dev/null +++ b/helm/capif/charts/ocf-security/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ocf-security.serviceAccountName" . }} + labels: + {{- include "ocf-security.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/ocf-security/templates/tests/test-connection.yaml b/helm/capif/charts/ocf-security/templates/tests/test-connection.yaml new file mode 100644 index 00000000..08b37529 --- /dev/null +++ b/helm/capif/charts/ocf-security/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ocf-security.fullname" . }}-test-connection" + labels: + {{- include "ocf-security.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['capif-security:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/ocf-security/values.yaml b/helm/capif/charts/ocf-security/values.yaml new file mode 100644 index 00000000..37b57c71 --- /dev/null +++ b/helm/capif/charts/ocf-security/values.yaml @@ -0,0 +1,118 @@ +# Default values for ocf-security. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: security-api + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + monitoring: "true" + capifHostname: capif + vaultHostname: vault + vaultPort: 8200 + vaultAccessToken: dev-only-token + mongoInitdbRootUsername: root + mongoInitdbRootPassword: example + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: +# httpGet: +# path: / +# port: http +readinessProbe: + tcpSocket: + port: 8080 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: + - name: capif-security-config + configMap: + name: capif-security-configmap + items: + - key: "config.yaml" + path: "config.yaml" + + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: + - name: capif-security-config + mountPath: /usr/src/app/config.yaml + subPath: config.yaml + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/charts/redis/.helmignore b/helm/capif/charts/redis/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/helm/capif/charts/redis/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/capif/charts/redis/Chart.yaml b/helm/capif/charts/redis/Chart.yaml new file mode 100644 index 00000000..165c1969 --- /dev/null +++ b/helm/capif/charts/redis/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: redis +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/helm/capif/charts/redis/templates/NOTES.txt b/helm/capif/charts/redis/templates/NOTES.txt new file mode 100644 index 00000000..0735ad40 --- /dev/null +++ b/helm/capif/charts/redis/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "redis.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "redis.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "redis.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "redis.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/helm/capif/charts/redis/templates/_helpers.tpl b/helm/capif/charts/redis/templates/_helpers.tpl new file mode 100644 index 00000000..f6a718ba --- /dev/null +++ b/helm/capif/charts/redis/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "redis.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "redis.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "redis.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "redis.labels" -}} +helm.sh/chart: {{ include "redis.chart" . }} +{{ include "redis.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "redis.selectorLabels" -}} +app.kubernetes.io/name: {{ include "redis.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "redis.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "redis.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/capif/charts/redis/templates/deployment.yaml b/helm/capif/charts/redis/templates/deployment.yaml new file mode 100644 index 00000000..23504296 --- /dev/null +++ b/helm/capif/charts/redis/templates/deployment.yaml @@ -0,0 +1,69 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "redis.fullname" . }} + labels: + {{- include "redis.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "redis.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + date: "{{ now | unixEpoch }}" + labels: + {{- include "redis.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "redis.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + - name: REDIS_REPLICATION_MODE + value: {{ quote .Values.env.redisReplicationMode }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/capif/charts/redis/templates/hpa.yaml b/helm/capif/charts/redis/templates/hpa.yaml new file mode 100644 index 00000000..db46f1ba --- /dev/null +++ b/helm/capif/charts/redis/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "redis.fullname" . }} + labels: + {{- include "redis.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "redis.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/redis/templates/ingress.yaml b/helm/capif/charts/redis/templates/ingress.yaml new file mode 100644 index 00000000..f5674cbd --- /dev/null +++ b/helm/capif/charts/redis/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "redis.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "redis.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/capif/charts/redis/templates/service.yaml b/helm/capif/charts/redis/templates/service.yaml new file mode 100644 index 00000000..6482b835 --- /dev/null +++ b/helm/capif/charts/redis/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: redis + labels: + {{- include "redis.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "redis.selectorLabels" . | nindent 4 }} diff --git a/helm/capif/charts/redis/templates/serviceaccount.yaml b/helm/capif/charts/redis/templates/serviceaccount.yaml new file mode 100644 index 00000000..8f21aeb2 --- /dev/null +++ b/helm/capif/charts/redis/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "redis.serviceAccountName" . }} + labels: + {{- include "redis.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/helm/capif/charts/redis/templates/tests/test-connection.yaml b/helm/capif/charts/redis/templates/tests/test-connection.yaml new file mode 100644 index 00000000..998be8e4 --- /dev/null +++ b/helm/capif/charts/redis/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "redis.fullname" . }}-test-connection" + labels: + {{- include "redis.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "redis.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/helm/capif/charts/redis/values.yaml b/helm/capif/charts/redis/values.yaml new file mode 100644 index 00000000..4011e979 --- /dev/null +++ b/helm/capif/charts/redis/values.yaml @@ -0,0 +1,111 @@ +# Default values for redis. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: redis + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "alpine" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: + redisReplicationMode: master + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 6379 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +livenessProbe: + tcpSocket: + port: 6379 + initialDelaySeconds: 5 + periodSeconds: 5 +readinessProbe: + tcpSocket: + port: 6379 + periodSeconds: 5 + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: [] +# - name: foo +# secret: +# secretName: mysecret +# optional: false + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: [] +# - name: foo +# mountPath: "/etc/foo" +# readOnly: true + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/helm/capif/templates/api-invocation-logs.yaml b/helm/capif/templates/api-invocation-logs.yaml deleted file mode 100644 index a9b4d8fd..00000000 --- a/helm/capif/templates/api-invocation-logs.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: api-invocation-logs - labels: - io.kompose.service: api-invocation-logs - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.apiInvocationLogs.type }} - selector: - io.kompose.service: api-invocation-logs - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.apiInvocationLogs.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/api-invoker-management.yaml b/helm/capif/templates/api-invoker-management.yaml deleted file mode 100644 index 3eaeda40..00000000 --- a/helm/capif/templates/api-invoker-management.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: api-invoker-management - labels: - io.kompose.service: api-invoker-management - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.apiInvokerManagement.type }} - selector: - io.kompose.service: api-invoker-management - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.apiInvokerManagement.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/api-provider-management.yaml b/helm/capif/templates/api-provider-management.yaml deleted file mode 100644 index 42379862..00000000 --- a/helm/capif/templates/api-provider-management.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: api-provider-management - labels: - io.kompose.service: api-provider-management - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.apiProviderManagement.type }} - selector: - io.kompose.service: api-provider-management - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.apiProviderManagement.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/capif-events.yaml b/helm/capif/templates/capif-events.yaml deleted file mode 100644 index 40b3d7bd..00000000 --- a/helm/capif/templates/capif-events.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: capif-events - labels: - io.kompose.service: capif-events - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.capifEvents.type }} - selector: - io.kompose.service: capif-events - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.capifEvents.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/capif-routing-info.yaml b/helm/capif/templates/capif-routing-info.yaml deleted file mode 100644 index 6de48aa9..00000000 --- a/helm/capif/templates/capif-routing-info.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: capif-routing-info - labels: - io.kompose.service: capif-routing-info - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.capifRoutingInfo.type }} - selector: - io.kompose.service: capif-routing-info - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.capifRoutingInfo.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/capif-security.yaml b/helm/capif/templates/capif-security.yaml deleted file mode 100644 index e0bf7d88..00000000 --- a/helm/capif/templates/capif-security.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: capif-security - labels: - io.kompose.service: capif-security - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.capifSecurity.type }} - selector: - io.kompose.service: capif-security - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.capifSecurity.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/deployment.yaml b/helm/capif/templates/deployment.yaml index 4f581002..8b137891 100644 --- a/helm/capif/templates/deployment.yaml +++ b/helm/capif/templates/deployment.yaml @@ -1,974 +1 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: api-invocation-logs - labels: - io.kompose.service: api-invocation-logs - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.apiInvocationLogs.replicas }} - selector: - matchLabels: - io.kompose.service: api-invocation-logs - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: api-invocation-logs - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - checksum/config: {{ include (print $.Template.BasePath "/capif-invocation-configmap.yaml") . | sha256sum }} - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: CAPIF_HOSTNAME - value: {{ quote .Values.nginx.nginx.env.capifHostname }} - - name: MONITORING - value: {{ quote .Values.apiInvocationLogs.apiInvocationLogs.env.monitoring }} - - name: VAULT_HOSTNAME - value: {{ quote .Values.parametersVault.env.vaultHostname }} - - name: VAULT_PORT - value: {{ quote .Values.parametersVault.env.vaultPort }} - - name: VAULT_ACCESS_TOKEN - value: {{ quote .Values.parametersVault.env.vaultAccessToken }} - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - image: {{ .Values.apiInvocationLogs.apiInvocationLogs.image.repository }}:{{ .Values.apiInvocationLogs.apiInvocationLogs.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.apiInvocationLogs.apiInvocationLogs.image.imagePullPolicy }} - name: api-invocation-logs - ports: - - containerPort: 8080 - volumeMounts: - - name: capif-invocation-config - mountPath: /usr/src/app/config.yaml - subPath: config.yaml - resources: - {{- toYaml .Values.apiInvocationLogs.apiInvocationLogs.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 8080 - initialDelaySeconds: 10 - periodSeconds: 5 - volumes: - - name: capif-invocation-config - configMap: - name: capif-invocation-configmap - items: - - key: "config.yaml" - path: "config.yaml" - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: api-invoker-management - labels: - io.kompose.service: api-invoker-management - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.apiInvokerManagement.replicas }} - selector: - matchLabels: - io.kompose.service: api-invoker-management - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: api-invoker-management - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - checksum/config: {{ include (print $.Template.BasePath "/capif-invoker-configmap.yaml") . | sha256sum }} - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - - name: MONITORING - value: {{ quote .Values.apiInvokerManagement.apiInvokerManagement.env.monitoring }} - - name: VAULT_HOSTNAME - value: {{ quote .Values.parametersVault.env.vaultHostname }} - - name: VAULT_PORT - value: {{ quote .Values.parametersVault.env.vaultPort }} - - name: VAULT_ACCESS_TOKEN - value: {{ quote .Values.parametersVault.env.vaultAccessToken }} - image: {{ .Values.apiInvokerManagement.apiInvokerManagement.image.repository }}:{{ - .Values.apiInvokerManagement.apiInvokerManagement.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.apiInvokerManagement.apiInvokerManagement.image.imagePullPolicy }} - name: api-invoker-management - ports: - - containerPort: 8080 - volumeMounts: - - name: capif-invoker-config - mountPath: /usr/src/app/config.yaml - subPath: config.yaml - resources: - {{- toYaml .Values.apiInvokerManagement.apiInvokerManagement.resources | nindent 12 }} - volumes: - - name: capif-invoker-config - configMap: - name: capif-invoker-configmap - items: - - key: "config.yaml" - path: "config.yaml" - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: api-provider-management - labels: - io.kompose.service: api-provider-management - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.apiProviderManagement.replicas }} - selector: - matchLabels: - io.kompose.service: api-provider-management - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: api-provider-management - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - checksum/config: {{ include (print $.Template.BasePath "/capif-provider-configmap.yaml") . | sha256sum }} - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - - name: MONITORING - value: {{ quote .Values.apiProviderManagement.apiProviderManagement.env.monitoring }} - - name: VAULT_HOSTNAME - value: {{ quote .Values.parametersVault.env.vaultHostname }} - - name: VAULT_PORT - value: {{ quote .Values.parametersVault.env.vaultPort }} - - name: VAULT_ACCESS_TOKEN - value: {{ quote .Values.parametersVault.env.vaultAccessToken }} - image: {{ .Values.apiProviderManagement.apiProviderManagement.image.repository - }}:{{ .Values.apiProviderManagement.apiProviderManagement.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.apiProviderManagement.apiProviderManagement.image.imagePullPolicy }} - name: api-provider-management - ports: - - containerPort: 8080 - volumeMounts: - - name: capif-provider-config - mountPath: /usr/src/app/config.yaml - subPath: config.yaml - resources: - {{- toYaml .Values.apiProviderManagement.apiProviderManagement.resources | nindent 12 }} - volumes: - - name: capif-provider-config - configMap: - name: capif-provider-configmap - items: - - key: "config.yaml" - path: "config.yaml" - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: capif-events - labels: - io.kompose.service: capif-events - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.capifEvents.replicas }} - selector: - matchLabels: - io.kompose.service: capif-events - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: capif-events - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - checksum/config: {{ include (print $.Template.BasePath "/capif-events-configmap.yaml") . | sha256sum }} - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - - name: MONITORING - value: {{ quote .Values.capifEvents.capifEvents.env.monitoring }} - image: {{ .Values.capifEvents.capifEvents.image.repository }}:{{ .Values.capifEvents.capifEvents.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.capifEvents.capifEvents.image.imagePullPolicy }} - name: capif-events - ports: - - containerPort: 8080 - volumeMounts: - - name: capif-events-config - mountPath: /usr/src/app/config.yaml - subPath: config.yaml - resources: - {{- toYaml .Values.capifEvents.capifEvents.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 8080 - initialDelaySeconds: 5 - periodSeconds: 5 - volumes: - - name: capif-events-config - configMap: - name: capif-events-configmap - items: - - key: "config.yaml" - path: "config.yaml" - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: capif-routing-info - labels: - io.kompose.service: capif-routing-info - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.capifRoutingInfo.replicas }} - selector: - matchLabels: - io.kompose.service: capif-routing-info - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: capif-routing-info - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - - name: MONITORING - value: {{ quote .Values.capifRoutingInfo.capifRoutingInfo.env.monitoring }} - image: {{ .Values.capifRoutingInfo.capifRoutingInfo.image.repository }}:{{ .Values.capifRoutingInfo.capifRoutingInfo.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.capifRoutingInfo.capifRoutingInfo.image.imagePullPolicy }} - name: capif-routing-info - ports: - - containerPort: 8080 - resources: - {{- toYaml .Values.capifRoutingInfo.capifRoutingInfo.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 8080 - initialDelaySeconds: 5 - periodSeconds: 5 - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: capif-security - labels: - io.kompose.service: capif-security - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.capifSecurity.replicas }} - selector: - matchLabels: - io.kompose.service: capif-security - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: capif-security - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - checksum/config: {{ include (print $.Template.BasePath "/capif-security-configmap.yaml") . | sha256sum }} - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: CAPIF_HOSTNAME - value: {{ quote .Values.nginx.nginx.env.capifHostname }} - - name: MONITORING - value: {{ quote .Values.capifSecurity.capifSecurity.env.monitoring }} - - name: VAULT_HOSTNAME - value: {{ quote .Values.parametersVault.env.vaultHostname }} - - name: VAULT_PORT - value: {{ quote .Values.parametersVault.env.vaultPort }} - - name: VAULT_ACCESS_TOKEN - value: {{ quote .Values.parametersVault.env.vaultAccessToken }} - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - image: {{ .Values.capifSecurity.capifSecurity.image.repository }}:{{ .Values.capifSecurity.capifSecurity.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.capifSecurity.capifSecurity.image.imagePullPolicy }} - name: capif-security - ports: - - containerPort: 8080 - volumeMounts: - - name: capif-security-config - mountPath: /usr/src/app/config.yaml - subPath: config.yaml - resources: - {{- toYaml .Values.capifSecurity.capifSecurity.resources | nindent 12 }} - volumes: - - name: capif-security-config - configMap: - name: capif-security-configmap - items: - - key: "config.yaml" - path: "config.yaml" - restartPolicy: Always - restartPolicy: Always -{{- if eq .Values.register.enable "true" }} ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: register - labels: - io.kompose.service: register - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.register.replicas }} - selector: - matchLabels: - io.kompose.service: register - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: register - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - checksum/config: {{ include (print $.Template.BasePath "/register-configmap.yaml") . | sha256sum }} - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - - name: VAULT_HOSTNAME - value: {{ quote .Values.parametersVault.env.vaultHostname }} - - name: VAULT_PORT - value: {{ quote .Values.parametersVault.env.vaultPort }} - - name: VAULT_ACCESS_TOKEN - value: {{ quote .Values.parametersVault.env.vaultAccessToken }} - image: {{ .Values.register.register.image.repository }}:{{ .Values.register.register.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.register.register.image.imagePullPolicy }} - name: register - ports: - - containerPort: 8080 - resources: - {{- toYaml .Values.register.register.resources | nindent 12 }} - volumeMounts: - - name: register-configmap - mountPath: /usr/src/app/config.yaml - subPath: config.yaml - volumes: - - name: register-configmap - configMap: - name: register-configmap - items: - - key: "config.yaml" - path: "config.yaml" - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mongo-register - labels: - io.kompose.service: mongo-register - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.mongoRegister.replicas }} - selector: - matchLabels: - io.kompose.service: mongo-register - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: mongo-register - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: MONGO_INITDB_ROOT_PASSWORD - value: {{ quote .Values.mongoRegister.mongo.env.mongoInitdbRootPassword }} - - name: MONGO_INITDB_ROOT_USERNAME - value: {{ quote .Values.mongoRegister.mongo.env.mongoInitdbRootUsername }} - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - image: {{ .Values.mongoRegister.mongo.image.repository }}:{{ .Values.mongoRegister.mongo.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.mongoRegister.mongo.image.imagePullPolicy }} - name: mongo-register - {{- if .Values.mongoRegister.mongo.persistence.enable }} - volumeMounts: - - name: mongo-register-pvc - mountPath: /data/db - {{- end }} - ports: - - containerPort: 27017 - securityContext: - runAsUser: 999 - resources: - {{- toYaml .Values.mongoRegister.mongo.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 27017 -# initialDelaySeconds: 5 - periodSeconds: 5 - {{- if .Values.mongoRegister.mongo.persistence.enable }} - volumes: - - name: mongo-register-pvc - persistentVolumeClaim: - claimName: mongo-register-pvc - {{- end }} - restartPolicy: Always -{{- end }} ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: logs - labels: - io.kompose.service: logs - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.logs.replicas }} - selector: - matchLabels: - io.kompose.service: logs - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: logs - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - checksum/config: {{ include (print $.Template.BasePath "/capif-logs-configmap.yaml") . | sha256sum }} - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - - name: MONITORING - value: {{ quote .Values.logs.logs.env.monitoring }} - image: {{ .Values.logs.logs.image.repository }}:{{ .Values.logs.logs.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.logs.logs.image.imagePullPolicy }} - name: logs - ports: - - containerPort: 8080 - volumeMounts: - - name: capif-logs-config - mountPath: /usr/src/app/config.yaml - subPath: config.yaml - resources: - {{- toYaml .Values.logs.logs.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 8080 - initialDelaySeconds: 5 - periodSeconds: 5 - volumes: - - name: capif-logs-config - configMap: - name: capif-logs-configmap - items: - - key: "config.yaml" - path: "config.yaml" - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mongo - labels: - io.kompose.service: mongo - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.mongo.replicas }} - strategy: - type: Recreate - selector: - matchLabels: - io.kompose.service: mongo - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: mongo - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: MONGO_INITDB_ROOT_PASSWORD - value: {{ quote .Values.mongo.mongo.env.mongoInitdbRootPassword }} - - name: MONGO_INITDB_ROOT_USERNAME - value: {{ quote .Values.mongo.mongo.env.mongoInitdbRootUsername }} - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - image: {{ .Values.mongo.mongo.image.repository }}:{{ .Values.mongo.mongo.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.mongo.mongo.image.imagePullPolicy }} - name: mongo - ports: - - containerPort: 27017 - securityContext: - runAsUser: 999 - {{- if eq .Values.mongo.persistence.enable "true" }} - volumeMounts: - - name: mongo-pvc - mountPath: /data/db - {{- end }} - resources: - {{- toYaml .Values.mongo.mongo.resources | nindent 12 }} - livenessProbe: - tcpSocket: - port: 27017 - initialDelaySeconds: 20 - periodSeconds: 5 - readinessProbe: - tcpSocket: - port: 27017 -# initialDelaySeconds: 5 - periodSeconds: 5 - - name: mongo-helper - image: busybox - command: - - sh - - -c - - while true ; do echo alive ; sleep 10 ; done - {{- if eq .Values.mongo.persistence.enable "true" }} - volumeMounts: - - mountPath: /mongodata - name: mongo-pvc - {{- end }} - {{- if eq .Values.mongo.persistence.enable "true" }} - volumes: - - name: mongo-pvc - persistentVolumeClaim: - claimName: mongo-pvc - {{- end }} - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mongo-express - labels: - io.kompose.service: mongo-express - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.mongoExpress.replicas }} - selector: - matchLabels: - io.kompose.service: mongo-express - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: mongo-express - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: ME_CONFIG_MONGODB_ADMINPASSWORD - value: {{ quote .Values.mongoExpress.mongoExpress.env.meConfigMongodbAdminpassword - }} - - name: ME_CONFIG_MONGODB_ADMINUSERNAME - value: {{ quote .Values.mongoExpress.mongoExpress.env.meConfigMongodbAdminusername - }} - - name: ME_CONFIG_MONGODB_URL - value: {{ quote .Values.mongoExpress.mongoExpress.env.meConfigMongodbUrl }} - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - image: {{ .Values.mongoExpress.mongoExpress.image.repository }}:{{ .Values.mongoExpress.mongoExpress.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.mongoExpress.mongoExpress.image.imagePullPolicy }} - name: mongo-express - ports: - - containerPort: 8081 - resources: - {{- toYaml .Values.mongoExpress.mongoExpress.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 8081 -# initialDelaySeconds: 0 - periodSeconds: 5 - restartPolicy: Always ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mongo-register-express - labels: - io.kompose.service: mongo-register-express - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.mongoRegisterExpress.replicas }} - selector: - matchLabels: - io.kompose.service: mongo-register-express - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: mongo-register-express - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: ME_CONFIG_MONGODB_ADMINPASSWORD - value: {{ quote .Values.mongoRegisterExpress.mongoRegisterExpress.env.meConfigMongodbAdminpassword - }} - - name: ME_CONFIG_MONGODB_ADMINUSERNAME - value: {{ quote .Values.mongoRegisterExpress.mongoRegisterExpress.env.meConfigMongodbAdminusername - }} - - name: ME_CONFIG_MONGODB_URL - value: {{ quote .Values.mongoRegisterExpress.mongoRegisterExpress.env.meConfigMongodbUrl }} - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - image: {{ .Values.mongoRegisterExpress.mongoRegisterExpress.image.repository }}:{{ .Values.mongoRegisterExpress.mongoRegisterExpress.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.mongoRegisterExpress.mongoRegisterExpress.image.imagePullPolicy }} - name: mongo-register-express - ports: - - containerPort: 8081 - resources: - {{- toYaml .Values.mongoRegisterExpress.mongoRegisterExpress.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 8081 -# initialDelaySeconds: 0 - periodSeconds: 5 - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: nginx - labels: - io.kompose.service: nginx - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.nginx.replicas }} - selector: - matchLabels: - io.kompose.service: nginx - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: nginx - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: CAPIF_HOSTNAME - value: {{ quote .Values.nginx.nginx.env.capifHostname }} - - name: VAULT_HOSTNAME - value: {{ quote .Values.parametersVault.env.vaultHostname }} - - name: VAULT_PORT - value: {{ quote .Values.parametersVault.env.vaultPort }} - - name: VAULT_ACCESS_TOKEN - value: {{ quote .Values.parametersVault.env.vaultAccessToken }} - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - image: {{ .Values.nginx.nginx.image.repository }}:{{ .Values.nginx.nginx.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.nginx.nginx.image.imagePullPolicy }} - name: nginx - ports: - - containerPort: 8080 - - containerPort: 443 - livenessProbe: - tcpSocket: - port: 8080 - initialDelaySeconds: 20 - periodSeconds: 5 -# readinessProbe: -# tcpSocket: -# port: 8080 -# initialDelaySeconds: 60 -# periodSeconds: 5 - resources: - {{- toYaml .Values.nginx.nginx.resources | nindent 12 }} - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: published-apis - labels: - io.kompose.service: published-apis - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.publishedApis.replicas }} - selector: - matchLabels: - io.kompose.service: published-apis - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: published-apis - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - checksum/config: {{ include (print $.Template.BasePath "/capif-published-configmap.yaml") . | sha256sum }} - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - - name: MONITORING - value: {{ quote .Values.publishedApis.publishedApis.env.monitoring }} - image: {{ .Values.publishedApis.publishedApis.image.repository }}:{{ .Values.publishedApis.publishedApis.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.publishedApis.publishedApis.image.imagePullPolicy }} - name: published-apis - ports: - - containerPort: 8080 - volumeMounts: - - name: capif-published-config - mountPath: /usr/src/app/config.yaml - subPath: config.yaml - resources: - {{- toYaml .Values.publishedApis.publishedApis.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 8080 - initialDelaySeconds: 5 - periodSeconds: 5 - volumes: - - name: capif-published-config - configMap: - name: capif-published-configmap - items: - - key: "config.yaml" - path: "config.yaml" - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: redis - labels: - io.kompose.service: redis - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.redis.replicas }} - selector: - matchLabels: - io.kompose.service: redis - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: redis - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - args: - - redis-server - env: - - name: REDIS_REPLICATION_MODE - value: {{ quote .Values.redis.redis.env.redisReplicationMode }} - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - image: {{ .Values.redis.redis.image.repository }}:{{ .Values.redis.redis.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.redis.redis.image.imagePullPolicy }} - name: redis - ports: - - containerPort: 6379 - resources: - {{- toYaml .Values.redis.redis.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 6379 -# initialDelaySeconds: 5 - periodSeconds: 5 - livenessProbe: - tcpSocket: - port: 6379 - initialDelaySeconds: 5 - periodSeconds: 5 - restartPolicy: Always ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: service-apis - labels: - io.kompose.service: service-apis - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert -spec: - replicas: {{ .Values.serviceApis.replicas }} - selector: - matchLabels: - io.kompose.service: service-apis - {{- include "capif.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - io.kompose.network/services-default: "true" - io.kompose.service: service-apis - {{- include "capif.selectorLabels" . | nindent 8 }} - annotations: - date: "{{ now | unixEpoch }}" - checksum/config: {{ include (print $.Template.BasePath "/capif-service-configmap.yaml") . | sha256sum }} - spec: - hostAliases: - - ip: "{{ .Values.ingress.ip }}" - hostnames: - - "{{ .Values.nginx.nginx.env.capifHostname }}" - containers: - - env: - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - - name: MONITORING - value: {{ quote .Values.serviceApis.serviceApis.env.monitoring }} - image: {{ .Values.serviceApis.serviceApis.image.repository }}:{{ .Values.serviceApis.serviceApis.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.serviceApis.serviceApis.image.imagePullPolicy }} - name: service-apis - ports: - - containerPort: 8080 - volumeMounts: - - name: capif-service-config - mountPath: /usr/src/app/config.yaml - subPath: config.yaml - resources: - {{- toYaml .Values.serviceApis.serviceApis.resources | nindent 12 }} - readinessProbe: - tcpSocket: - port: 8080 - initialDelaySeconds: 5 - periodSeconds: 5 - volumes: - - name: capif-service-config - configMap: - name: capif-service-configmap - items: - - key: "config.yaml" - path: "config.yaml" - restartPolicy: Always diff --git a/helm/capif/templates/logs.yaml b/helm/capif/templates/logs.yaml deleted file mode 100644 index 7382eff2..00000000 --- a/helm/capif/templates/logs.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: logs - labels: - io.kompose.service: logs - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.logs.type }} - selector: - io.kompose.service: logs - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.logs.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/mongo-express.yaml b/helm/capif/templates/mongo-express.yaml deleted file mode 100644 index 28d553b2..00000000 --- a/helm/capif/templates/mongo-express.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: mongo-express - labels: - io.kompose.service: mongo-express - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.mongoExpress.type }} - selector: - io.kompose.service: mongo-express - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.mongoExpress.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/mongo-pvc.yaml b/helm/capif/templates/mongo-pvc.yaml deleted file mode 100644 index 3c80c148..00000000 --- a/helm/capif/templates/mongo-pvc.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if eq .Values.monitoring.enable "true" }} -{{- if eq .Values.mongo.persistence.enable "true" }} -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - labels: - io.kompose.service: mongo-pvc - name: mongo-pvc -spec: - storageClassName: {{ .Values.mongo.persistence.storageClass }} - accessModes: - - ReadWriteOnce - resources: - requests: - storage: {{ .Values.mongo.persistence.storage }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/helm/capif/templates/mongo-register-express.yaml b/helm/capif/templates/mongo-register-express.yaml deleted file mode 100644 index 5de4b224..00000000 --- a/helm/capif/templates/mongo-register-express.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: mongo-register-express - labels: - io.kompose.service: mongo-register-express - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.mongoRegisterExpress.type }} - selector: - io.kompose.service: mongo-register-express - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.mongoRegisterExpress.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/mongo-register-pvc.yaml b/helm/capif/templates/mongo-register-pvc.yaml deleted file mode 100644 index b5a11d66..00000000 --- a/helm/capif/templates/mongo-register-pvc.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if eq .Values.monitoring.enable "true" }} -{{- if .Values.mongoRegister.mongo.persistence.enable }} -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - labels: - io.kompose.service: mongo-register - name: mongo-register-pvc -spec: - storageClassName: {{ .Values.mongoRegister.mongo.persistence.storageClass }} - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.mongoRegister.mongo.persistence.storage }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/helm/capif/templates/mongo-register.yaml b/helm/capif/templates/mongo-register.yaml deleted file mode 100644 index 82b307f5..00000000 --- a/helm/capif/templates/mongo-register.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: mongo-register - labels: - io.kompose.service: mongo-register - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.mongoRegister.type }} - selector: - io.kompose.service: mongo-register - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.mongoRegister.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/mongo.yaml b/helm/capif/templates/mongo.yaml deleted file mode 100644 index 86427648..00000000 --- a/helm/capif/templates/mongo.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: mongo - labels: - io.kompose.service: mongo - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.mongo.type }} - selector: - io.kompose.service: mongo - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.mongo.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/nginx-ingress-route.yaml b/helm/capif/templates/nginx-ingress-route.yaml deleted file mode 100644 index 57ca0bed..00000000 --- a/helm/capif/templates/nginx-ingress-route.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if eq .Values.nginx.ingressType "IngressRoute" }} ---- -apiVersion: traefik.containo.us/v1alpha1 -kind: IngressRoute -metadata: - name: nginx-capif-ingress-route -spec: - entryPoints: [web] - routes: - - kind: Rule - match: Host(`{{ .Values.nginx.nginx.env.capifHostname }} && Path(`/ca-root`, `/sign-csr`, `/certdata`, `/register`, `/testdata`, `/getauth`, `/test`)`) - services: - - kind: Service - name: nginx - port: 8080 - scheme: http -{{- end }} \ No newline at end of file diff --git a/helm/capif/templates/nginx-ssl-ingress-route.yaml b/helm/capif/templates/nginx-ssl-ingress-route.yaml deleted file mode 100644 index 8c806b69..00000000 --- a/helm/capif/templates/nginx-ssl-ingress-route.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if eq .Values.nginx.ingressType "IngressRoute" }} ---- -apiVersion: traefik.containo.us/v1alpha1 -kind: IngressRoute -metadata: - name: nginx-ssl-capif-ingress-route -spec: - entryPoints: [web] - routes: - - kind: Rule - match: Host(`{{ .Values.nginx.nginx.env.capifHostname }}`) - services: - - kind: Service - name: nginx - port: 443 - tls: - passthrough: true -{{- end }} \ No newline at end of file diff --git a/helm/capif/templates/nginx-ssl-route.yaml b/helm/capif/templates/nginx-ssl-route.yaml deleted file mode 100644 index 3e24b721..00000000 --- a/helm/capif/templates/nginx-ssl-route.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{{- if eq .Values.env "openshift" }} -apiVersion: route.openshift.io/v1 -kind: Route -metadata: - labels: - name: nginx-ssl -spec: - host: {{ .Values.nginx.nginx.env.capifHostname }} - port: - targetPort: "443" - tls: - termination: passthrough - to: - kind: Service - name: nginx - weight: 100 -status: - ingress: - - conditions: - host: {{ .Values.nginx.nginx.env.capifHostname }} - routerCanonicalHostname: router-default.apps.ocp-epg.hi.inet -{{- end }} \ No newline at end of file diff --git a/helm/capif/templates/nginx-ssl.yaml b/helm/capif/templates/nginx-ssl.yaml deleted file mode 100644 index 39487d52..00000000 --- a/helm/capif/templates/nginx-ssl.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{- if eq .Values.nginx.ingressType "Ingress" }} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: nginx-register - labels: - {{- include "capif.labels" . | nindent 4 }} - {{- with .Values.nginx.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - cert-manager.io/issuer: letsencrypt-issuer - {{- end }} -spec: -{{- if .Values.nginx.ingressClassName }} - ingressClassName: {{ .Values.nginx.ingressClassName }} -{{- end }} - rules: - - host: "{{ .Values.nginx.nginx.env.registerHostname }}" - http: - paths: - - backend: - service: - name: 'register' - port: - number: 8084 - path: / - pathType: Prefix - tls: - - hosts: - - "{{ .Values.nginx.nginx.env.registerHostname }}" - secretName: letsencrypt-secret -{{- end }} \ No newline at end of file diff --git a/helm/capif/templates/nginx.yaml b/helm/capif/templates/nginx.yaml deleted file mode 100644 index 61856f56..00000000 --- a/helm/capif/templates/nginx.yaml +++ /dev/null @@ -1,48 +0,0 @@ -{{- if eq .Values.nginx.ingressType "Ingress" }} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: nginx - labels: - {{- include "capif.labels" . | nindent 4 }} - {{- with .Values.nginx.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - nginx.ingress.kubernetes.io/ssl-passthrough: "true" - nginx.ingress.kubernetes.io/ssl-redirect: "true" - {{- end }} -spec: -{{- if .Values.nginx.ingressClassName }} - ingressClassName: {{ .Values.nginx.ingressClassName }} -{{- end }} - rules: - - host: "{{ .Values.nginx.nginx.env.capifHostname }}" - http: - paths: - - backend: - service: - name: 'nginx' - port: - number: 443 - path: / - pathType: Prefix -{{- end }} ---- -apiVersion: v1 -kind: Service -metadata: - name: nginx - labels: - io.kompose.service: nginx - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.nginx.type }} - selector: - io.kompose.service: nginx - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.nginx.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/published-apis.yaml b/helm/capif/templates/published-apis.yaml deleted file mode 100644 index a5444f16..00000000 --- a/helm/capif/templates/published-apis.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: published-apis - labels: - io.kompose.service: published-apis - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.publishedApis.type }} - selector: - io.kompose.service: published-apis - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.publishedApis.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/redis.yaml b/helm/capif/templates/redis.yaml deleted file mode 100644 index 3254a95f..00000000 --- a/helm/capif/templates/redis.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: redis - labels: - io.kompose.service: redis - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.redis.type }} - selector: - io.kompose.service: redis - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.redis.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/templates/register.yaml b/helm/capif/templates/register.yaml deleted file mode 100644 index 2de1d642..00000000 --- a/helm/capif/templates/register.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if eq .Values.register.enable "true" }} -apiVersion: v1 -kind: Service -metadata: - name: register - labels: - io.kompose.service: register - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.register.type }} - selector: - io.kompose.service: register - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.register.ports | toYaml | nindent 2 -}} -{{- end }} \ No newline at end of file diff --git a/helm/capif/templates/service-apis.yaml b/helm/capif/templates/service-apis.yaml deleted file mode 100644 index bff1af59..00000000 --- a/helm/capif/templates/service-apis.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: service-apis - labels: - io.kompose.service: service-apis - {{- include "capif.labels" . | nindent 4 }} - annotations: - kompose.cmd: kompose -f ../services/docker-compose.yml convert - kompose.version: 1.28.0 (c4137012e) -spec: - type: {{ .Values.serviceApis.type }} - selector: - io.kompose.service: service-apis - {{- include "capif.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.serviceApis.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/helm/capif/values.yaml b/helm/capif/values.yaml index 0a507822..67c9e420 100644 --- a/helm/capif/values.yaml +++ b/helm/capif/values.yaml @@ -1,514 +1,5 @@ -# -- The Environment variable. Use openshift if you are deploying in Openshift cluster. anotherwise use the field empty -env: "" - -# Use the Ip address dude for the kubernetes to your Ingress Controller ej: kubectl -n NAMESPACE_CAPIF get ing -ingress: - ip: "10.17.173.127" - monitoring: enable: "true" - -accessControlPolicy: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/access-control-policy" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If env.monitoring: true. Setup monitoring.enable: true - env: - monitoring: "true" - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - replicas: 1 - type: ClusterIP - -apiInvocationLogs: - apiInvocationLogs: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/api-invocation-logs-api" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If env.monitoring: true. Setup monitoring.enable: true - env: - monitoring: "true" - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - replicas: 1 - type: ClusterIP -apiInvokerManagement: - apiInvokerManagement: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/api-invoker-management-api" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If env.monitoring: true. Setup monitoring.enable: true - env: - monitoring: "true" - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - replicas: 1 - type: ClusterIP -apiProviderManagement: - apiProviderManagement: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/api-provider-management-api" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If env.monitoring: true. Setup monitoring.enable: true - env: - monitoring: "true" - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - replicas: 1 - type: ClusterIP -capifEvents: - capifEvents: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/events-api" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If env.monitoring: true. Setup monitoring.enable: true - env: - monitoring: "true" - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - replicas: 1 - type: ClusterIP -capifRoutingInfo: - capifRoutingInfo: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/routing-info-api" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If env.monitoring: true. Setup monitoring.enable: true - env: - monitoring: "true" - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - replicas: 1 - type: ClusterIP -capifSecurity: - capifSecurity: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/security-api" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If env.monitoring: true. Setup monitoring.enable: true - env: - monitoring: "true" - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - replicas: 1 - type: ClusterIP -register: - # -- If register enabled. enable: true, enable: "" = not enabled - enable: "true" - register: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/register" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - env: - mongoHost: mongo-register - mongoPort: 27017 - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8084 - targetPort: 8080 - replicas: 1 - type: ClusterIP -mongoRegister: - mongo: - env: - # User's password MongoDB - mongoInitdbRootPassword: example - # Name of User's mongodb - mongoInitdbRootUsername: root - image: - # -- The docker image repository to use - repository: "mongo" - # -- The docker image tag to use - # @default Chart version - tag: "6.0.2" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If mongoRegister.mongo.persistence enabled. enable: true, enable: false is = not enabled - persistence: - enable: true - storage: 8Gi - storageClass: nfs-01 - resources: {} -# limits: -# cpu: 100m -# memory: 128Mi -# requests: -# cpu: 100m -# memory: 128Mi - ports: - - name: "27017" - port: 27017 - targetPort: 27017 - replicas: 1 - type: ClusterIP - -kubernetesClusterDomain: cluster.local -logs: - # -- If register enabled. enable: true, enable: "" = not enabled - enable: "true" - logs: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/auditing-api" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If env.monitoring: true. Setup monitoring.enable: true - env: - monitoring: "true" - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - replicas: 1 - type: ClusterIP -mongo: - mongo: - env: - # User's password MongoDB - mongoInitdbRootPassword: example - # Name of User's mongodb - mongoInitdbRootUsername: root - image: - # -- The docker image repository to use - repository: "mongo" - # -- The docker image tag to use - # @default Chart version - tag: "6.0.2" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - resources: {} -# limits: -# cpu: 100m -# memory: 128Mi -# requests: -# cpu: 100m -# memory: 128Mi - ports: - - name: "27017" - port: 27017 - targetPort: 27017 - replicas: 1 - type: ClusterIP - # -- If mongo.persistence enabled. enable: true, enable: "" = not enabled - persistence: - enable: "true" - storage: 8Gi - storageClass: nfs-01 -mongoExpress: - mongoExpress: - env: - # User's password MongoDB - meConfigMongodbAdminpassword: example - # Name of User's mongodb - meConfigMongodbAdminusername: root - # URI for connecting MongoDB - meConfigMongodbUrl: mongodb://root:example@mongo:27017/ - image: - # -- The docker image repository to use - repository: "mongo-express" - # -- The docker image tag to use - # @default Chart version - tag: "1.0.0-alpha.4" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8082" - port: 8082 - targetPort: 8081 - replicas: 1 - type: ClusterIP -mongoRegisterExpress: - mongoRegisterExpress: - env: - # User's password MongoDB - meConfigMongodbAdminpassword: example - # Name of User's mongodb - meConfigMongodbAdminusername: root - # URI for connecting MongoDB - meConfigMongodbUrl: mongodb://root:example@mongo-register:27017/ - image: - # -- The docker image repository to use - repository: "mongo-express" - # -- The docker image tag to use - # @default Chart version - tag: "1.0.0-alpha.4" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8082" - port: 8082 - targetPort: 8081 - replicas: 1 - type: ClusterIP -nginx: - # -- if nginx.ingressType: "Ingress". set up monitoring.prometheus.ingress: true - # and monitoring.grafana.ingress: true - # Use IngressRoute if you want to use Gateway API. ex traefix - ingressType: "Ingress" - ingressClassName: nginx - annotations: - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - nginx.ingress.kubernetes.io/ssl-passthrough: "true" - nginx.ingress.kubernetes.io/ssl-redirect: "true" - nginx: - env: - # -- Ingress's host to Capif - capifHostname: "my-capif.apps.ocp-epg.hi.inet" - registerHostname: "register.app.ocp-epg.hi.inet" - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/nginx" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - - name: "443" - port: 443 - targetPort: 443 - replicas: 1 - type: ClusterIP -publishedApis: - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - publishedApis: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/publish-service-api" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If env.monitoring: true. Setup monitoring.enable: true - env: - monitoring: "true" - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - replicas: 1 - type: ClusterIP -redis: - ports: - - name: "6379" - port: 6379 - targetPort: 6379 - redis: - env: - # Mode of replication - redisReplicationMode: master - image: - # -- The docker image repository to use - repository: "redis" - # -- The docker image tag to use - # @default Chart version - tag: "alpine" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - replicas: 1 - type: ClusterIP -serviceApis: - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - replicas: 1 - serviceApis: - image: - # -- The docker image repository to use - repository: "public.ecr.aws/o2v4a8t6/opencapif/discover-service-api" - # -- The docker image tag to use - # @default Chart version - tag: "" - # -- Image pull policy: Always, IfNotPresent - imagePullPolicy: Always - # -- If env.monitoring: true. Setup monitoring.enable: true - env: - monitoring: "true" - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - type: ClusterIP -parametersVault: - env: - vaultHostname: vault-internal.mon.svc.cluster.local - vaultPort: 8200 - vaultAccessToken: dev-only-token - -helper: - env: - vaultHostname: vault-internal.mon.svc.cluster.local - vaultPort: 8200 - vaultAccessToken: dev-only-token - mongoHost: mongo - mongoPort: 27017 - capifHostname: my-capif.apps.ocp-epg.hi.inet - mongoInitdbRootUsername: root - mongoInitdbRootPassword: example # -- With tempo.enabled: false. It won't be deployed # -- If monitoring.enable: "true". Also enable tempo.enabled: true -- GitLab From 16606cf85dbb4d26182e6232e5ff18429cd6522b Mon Sep 17 00:00:00 2001 From: andresanaya21 Date: Thu, 13 Jun 2024 18:01:35 +0200 Subject: [PATCH 03/10] mock_server --- helm/capif/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/capif/values.yaml b/helm/capif/values.yaml index 67c9e420..5fcf7f2c 100644 --- a/helm/capif/values.yaml +++ b/helm/capif/values.yaml @@ -1,6 +1,6 @@ monitoring: enable: "true" - + # -- With tempo.enabled: false. It won't be deployed # -- If monitoring.enable: "true". Also enable tempo.enabled: true tempo: -- GitLab From 7fd449ba7267d0fccefc34c572467847f28bb2c2 Mon Sep 17 00:00:00 2001 From: andresanaya21 Date: Thu, 13 Jun 2024 18:18:04 +0200 Subject: [PATCH 04/10] appVersion --- helm/capif/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/helm/capif/values.yaml b/helm/capif/values.yaml index 5fcf7f2c..16b1068f 100644 --- a/helm/capif/values.yaml +++ b/helm/capif/values.yaml @@ -1,5 +1,6 @@ monitoring: enable: "true" + # -- With tempo.enabled: false. It won't be deployed # -- If monitoring.enable: "true". Also enable tempo.enabled: true -- GitLab From 9609a2ffbc943ea3b107ad9db0ea0da71fcb38ff Mon Sep 17 00:00:00 2001 From: andresanaya21 Date: Thu, 13 Jun 2024 18:20:03 +0200 Subject: [PATCH 05/10] ocf-helper --- helm/capif/values.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/helm/capif/values.yaml b/helm/capif/values.yaml index 16b1068f..7d5802b8 100644 --- a/helm/capif/values.yaml +++ b/helm/capif/values.yaml @@ -1,7 +1,6 @@ monitoring: enable: "true" - # -- With tempo.enabled: false. It won't be deployed # -- If monitoring.enable: "true". Also enable tempo.enabled: true tempo: -- GitLab From 407ee3259add938b5977e717ead90c7a72a7e17d Mon Sep 17 00:00:00 2001 From: andresanaya21 Date: Thu, 13 Jun 2024 18:23:51 +0200 Subject: [PATCH 06/10] monitoring.grafana --- helm/capif/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/helm/capif/values.yaml b/helm/capif/values.yaml index 7d5802b8..9a986696 100644 --- a/helm/capif/values.yaml +++ b/helm/capif/values.yaml @@ -12,6 +12,7 @@ tempo: persistence: enabled: true size: 3Gi + monitoring: # -- If monitoring enabled. enable: true, enable: "" = not enabled enable: "true" -- GitLab From 02603ca5e049837477faa7f9280de539916c0eff Mon Sep 17 00:00:00 2001 From: andresanaya21 Date: Fri, 14 Jun 2024 10:21:28 +0200 Subject: [PATCH 07/10] helm upgrade --- helm/capif/values.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/helm/capif/values.yaml b/helm/capif/values.yaml index 9a986696..a2c73479 100644 --- a/helm/capif/values.yaml +++ b/helm/capif/values.yaml @@ -177,4 +177,3 @@ monitoring: ingressRoute: enable: "" host: grafana.5gnacar.int - -- GitLab From 58b38bde93d0e9827661594a48234d19211ef5c3 Mon Sep 17 00:00:00 2001 From: andresanaya21 Date: Fri, 14 Jun 2024 10:29:28 +0200 Subject: [PATCH 08/10] confimap.yaml ocf-register --- helm/capif/charts/ocf-register/templates/configmap.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/helm/capif/charts/ocf-register/templates/configmap.yaml b/helm/capif/charts/ocf-register/templates/configmap.yaml index d927eba3..cf801f40 100644 --- a/helm/capif/charts/ocf-register/templates/configmap.yaml +++ b/helm/capif/charts/ocf-register/templates/configmap.yaml @@ -9,6 +9,7 @@ data: 'password': 'example', 'db': 'capif_users', 'col': 'user', + 'admins': 'admins', 'host': '{{ .Values.env.mongoHost }}', 'port': '{{ .Values.env.mongoPort }}' } @@ -21,5 +22,6 @@ data: register_uuid: '6ba7b810-9dad-11d1-80b4-00c04fd430c8', refresh_expiration: 30, #days token_expiration: 10, #mins - admin_users: {admin: "password123"} + admin_users: {admin_user: "admin", + admin_pass: "password123"} } \ No newline at end of file -- GitLab From 2bb3356f0fe836ada2cc115b0c6d79e4c9f65cfa Mon Sep 17 00:00:00 2001 From: andresanaya21 Date: Fri, 14 Jun 2024 10:37:39 +0200 Subject: [PATCH 09/10] <<: *dev_common --- helm/capif/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/capif/values.yaml b/helm/capif/values.yaml index a2c73479..d9c8a804 100644 --- a/helm/capif/values.yaml +++ b/helm/capif/values.yaml @@ -176,4 +176,4 @@ monitoring: # -- If ingressRoute enable=true, use monitoring.grafana.ingress.enabled="" ingressRoute: enable: "" - host: grafana.5gnacar.int + host: grafana.5gnacar.int \ No newline at end of file -- GitLab From a383dbcbded9c418a3bffb133e760468851361d6 Mon Sep 17 00:00:00 2001 From: andresanaya21 Date: Fri, 14 Jun 2024 10:49:32 +0200 Subject: [PATCH 10/10] ocf-pre-staging --- helm/capif/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/capif/values.yaml b/helm/capif/values.yaml index d9c8a804..a2c73479 100644 --- a/helm/capif/values.yaml +++ b/helm/capif/values.yaml @@ -176,4 +176,4 @@ monitoring: # -- If ingressRoute enable=true, use monitoring.grafana.ingress.enabled="" ingressRoute: enable: "" - host: grafana.5gnacar.int \ No newline at end of file + host: grafana.5gnacar.int -- GitLab