Skip to content

Commit

Permalink
feat(teutoportal-worker): initial implementation
Browse files Browse the repository at this point in the history
  • Loading branch information
tasches committed Nov 10, 2023
1 parent c6b6942 commit f61e34e
Show file tree
Hide file tree
Showing 9 changed files with 422 additions and 0 deletions.
6 changes: 6 additions & 0 deletions charts/teutoportal-worker/Chart.lock
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
dependencies:
- name: common
repository: https://charts.bitnami.com/bitnami
version: 2.11.1
digest: sha256:a49deb9114cec3a3aa67de5f3183afc07e63eda9d3fdd12c42822c509d84e3c2
generated: "2023-09-18T16:19:04.662258662+02:00"
19 changes: 19 additions & 0 deletions charts/teutoportal-worker/Chart.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
apiVersion: v2
name: teutoportal-worker
description: A Helm chart for deploying the portal worker application to k8s
type: application
version: 0.1.0
appVersion: "1.0.0"

maintainers:
- name: Chris Werner Rau
email: [email protected]
- name: Marvin Wolf
email: [email protected]
- name: Sven Tasche
email: [email protected]

dependencies:
- name: common
version: 2.11.1
repository: https://charts.bitnami.com/bitnami
8 changes: 8 additions & 0 deletions charts/teutoportal-worker/templates/_helpers.tpl
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
{{- define "portalworker.image" -}}
{{ include "common.images.image" (dict "imageRoot" .Values.worker.image "global" .Values.global) }}
{{- end -}}

{{- define "portalworker.jdbc" -}}
{{- $portString := .Values.worker.database.port | int -}}
{{ printf "jdbc:postgresql://%s:%d/teuto_domain?currentSchema=app_public" .Values.worker.database.host $portString }}
{{- end -}}
68 changes: 68 additions & 0 deletions charts/teutoportal-worker/templates/deployment.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "common.names.fullname" . }}
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" $ | nindent 4 }}
spec:
replicas: 1
selector:
matchLabels: {{- include "common.labels.matchLabels" $ | nindent 6 }}
template:
metadata:
labels: {{- include "common.labels.standard" $ | nindent 8 }}
spec:
{{- include "common.images.renderPullSecrets" ( dict "images" (list .Values.worker.image) "context" $) | indent 6 }}
securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }}
containers:
- name: {{ .Chart.Name }}
securityContext: {{- toYaml .Values.global.podSecurityContext | nindent 12 }}
image: {{ template "portalworker.image". }}
{{- if .Values.worker.image.digest }}
imagePullPolicy: IfNotPresent
{{- else }}
imagePullPolicy: Always
{{- end }}
env:
- name: JDBC_URL
value: {{ include "portalworker.jdbc" . | quote }}
- name: DB_PORT
value: {{ .Values.worker.database.port | quote }}
- name: DB_USERNAME
valueFrom:
secretKeyRef:
name: {{ include "common.secrets.name" (dict "existingSecret" .Values.worker.existingSecret "defaultNameSuffix" "db-credentials" "context" $) }}
key: username
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "common.secrets.name" (dict "existingSecret" .Values.worker.existingSecret "defaultNameSuffix" "db-credentials" "context" $) }}
key: password

{{- range $k, $v := .Values.worker.config }}
{{- if or (typeIs "bool" $v) ($v) }}
- name: {{ regexReplaceAll `_(\d+)` ($k | snakecase | upper) "$1" }}
value: {{ $v | quote }}
{{- end -}}
{{- end }}
ports:
- name: metrics
containerPort: 9090
protocol: TCP
livenessProbe:
httpGet:
path: /-/healthy
port: metrics
resources: {{- toYaml .Values.worker.resources | nindent 12 }}
volumeMounts:
- mountPath: /kubeconfig
name: clusterconfig
readOnly: true
- mountPath: /tmp
name: tmp
volumes:
- name: tmp
emptyDir: {}
- name: clusterconfig
secret:
secretName: {{ required "k8s access token for the management cluster must be provided" .Values.worker.kubeconfig.secret.name }}
12 changes: 12 additions & 0 deletions charts/teutoportal-worker/templates/secret.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
{{- if not .Values.worker.existingSecret }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.secrets.name" (dict "existingSecret" .Values.worker.existingSecret "defaultNameSuffix" "db-credentials" "context" $) }}
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" $ | nindent 4}}
type: Opaque
data:
username: {{ .Values.worker.database.user | b64enc }}
password: {{ required "You have to specify a password for the database user" .Values.worker.database.password | b64enc }}
{{- end -}}
14 changes: 14 additions & 0 deletions charts/teutoportal-worker/templates/service.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "common.names.fullname" . }}-service
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" $ | nindent 4 }}
spec:
selector: {{- include "common.labels.matchLabels" $ | nindent 4 }}
ports:
- name: metrics
protocol: TCP
port: 9090
targetPort: metrics
type: ClusterIP
15 changes: 15 additions & 0 deletions charts/teutoportal-worker/templates/servicemonitor.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
labels: {{- include "common.labels.standard" $ | nindent 4 }}
name: "{{ include "common.names.fullname" . }}-service"
namespace: {{ .Release.Namespace }}
spec:
endpoints:
- path: /metrics
port: metrics
namespaceSelector:
matchNames:
- {{ .Release.Namespace | quote }}
selector:
matchLabels: {{- include "common.labels.matchLabels" $ | nindent 6 }}
230 changes: 230 additions & 0 deletions charts/teutoportal-worker/values.schema.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,230 @@
{
"$schema": "https://json-schema.org/draft-07/schema",
"type": "object",
"title": "portal worker helmchart",
"properties": {
"global": {
"imageRegistry": {
"type": "string"
},
"imagePullSecrets": {
"type": "array",
"items": {
"type": "object",
"properties": {
"name": {
"type": "string"
}
},
"additionalProperties": false
}
},
"podSecurityContext": {
"type": "object",
"properties": {
"runAsNonRoot": {
"type": "boolean"
},
"readOnlyRootFilesystem": {
"type": "boolean"
},
"allowPrivilegeEscalation": {
"type": "boolean"
},
"privileged": {
"type": "boolean"
},
"capabilities": {
"type": "object",
"properties": {
"drop": {
"type": "array",
"items": {
"type": "string"
}
},
"runAsGroup": {
"type": "integer"
},
"runAsUser": {
"type": "integer"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
},
"securityContext": {
"type": "object",
"properties": {
"fsGroup": {
"type": "integer"
},
"runAsUser": {
"type": "integer"
},
"runAsGroup": {
"type": "integer"
},
"runAsNonRoot": {
"type": "boolean"
},
"fsGroupChangePolicy": {
"type": "string",
"enum": [
"Always",
"OnRootMismatch"
]
}
},
"additionalProperties": false
}
},
"worker": {
"type": "object",
"properties": {
"image": {
"type": "object",
"properties": {
"registry": {
"type": "string",
"description": "The host of the registry",
"examples": [
"docker.io"
]
},
"repository": {
"type": "string",
"description": "The image path in the registry",
"examples": [
"bitnami/kubectl"
]
},
"tag": {
"type": "string"
},
"digest": {
"type": "string"
}
},
"additionalProperties": false
},
"database": {
"type": "object",
"properties": {
"user": {
"type": "string"
},
"password": {
"type": "string"
},
"host": {
"type": "string"
},
"port": {
"type": "integer",
"minimum": 1,
"maximum": 65535
}
},
"additionalProperties": false,
"required": [
"user",
"password",
"host"
]
},
"kubeconfig": {
"type": "object",
"properties": {
"secret": {
"type": "object",
"properties": {
"name": {
"type": "string"
}
},
"additionalProperties": false,
"required": [
"name"
]
},
"additionalProperties": false
},
"additionalProperties": false
},
"config": {
"type": "object",
"properties": {
"dryRun": {
"type": "boolean"
},
"singleRun": {
"type": "boolean"
},
"otelExporterTracesEndpoint": {
"type": "string"
},
"syncInterval": {
"type": "string",
"pattern": "(^(\\d+[h,m,s] *){1,3}$)"
},
"watchK8sEvents": {
"type": "boolean"
},
"minimumCPUFlavour": {
"type": "integer",
"minimum": 1
},
"flavourPrefixFilter": {
"type": "string"
},
"clusterNamespace": {
"type": "string"
},
"k8sVersion": {
"type": "string",
"pattern": "^(\\d+.*){1,3}$"
},
"loggingFormat": {
"type": "string"
}
},
"additionalProperties": false
},
"resources": {
"type": "object",
"properties": {
"limits": {
"type": "object",
"properties": {
"cpu": {
"type": "string"
},
"memory": {
"type": "string"
}
},
"additionalProperties": false
},
"request": {
"type": "object",
"properties": {
"cpu": {
"type": "string"
},
"memory": {
"type": "string"
}
},
"additionalProperties": false
}
},
"additionalProperties": false
}
},
"additionalProperties": false
}
}
}
Loading

0 comments on commit f61e34e

Please sign in to comment.