Add helm chart

.gitignore

@@ -268,3 +268,8 @@ __pycache__/
 
 # all-contributors-cli
 node_modules
+
+### Helm
+helm/*/myvalues.yaml
+# Dependencies
+helm/*/charts

Dockerfile

@@ -5,6 +5,7 @@ WORKDIR /anem-per-feina/
 
 RUN apt-get update \
     && apt-get install --no-install-recommends -qy wait-for-it \
+     build-essential \
     && rm -rf /var/lib/apt/list/*
 
 COPY requirements.txt ./

Dockerfile.test

@@ -5,6 +5,7 @@ WORKDIR /anem-per-feina/
 
 RUN apt-get update \
     && apt-get install --no-install-recommends -qy wait-for-it \
+     build-essential \
     && rm -rf /var/lib/apt/list/*
 
 COPY requirements.txt ./

helm/apf/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

helm/apf/Chart.lock

@@ -0,0 +1,9 @@
+dependencies:
+- name: redis
+  repository: https://charts.bitnami.com/bitnami
+  version: 11.0.6
+- name: postgresql
+  repository: https://charts.bitnami.com/bitnami
+  version: 9.8.1
+digest: sha256:7ffea47877067e199faa37e7cd087d175e79657220cc27ad70b560448a1ea34d
+generated: "2020-10-30T13:02:10.028763072+01:00"

helm/apf/Chart.yaml

@@ -0,0 +1,22 @@
+apiVersion: v2
+name: apf
+description: A Helm chart for Kubernetes
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+appVersion: 1.16.0
+
+dependencies:
+    - name: redis
+      version: 11.0.6
+      repository: https://charts.bitnami.com/bitnami
+    - name: postgresql
+      version: 9.8.1
+      repository: https://charts.bitnami.com/bitnami

helm/apf/templates/_helpers.tpl

@@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "apf.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "apf.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "apf.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "apf.labels" -}}
+helm.sh/chart: {{ include "apf.chart" . }}
+{{ include "apf.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "apf.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "apf.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "apf.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "apf.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}

helm/apf/templates/certificate.yaml

@@ -0,0 +1,12 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: {{ include "apf.fullname" . }}-cert
+spec:
+  secretName: {{ include "apf.fullname" . }}-cert
+  issuerRef:
+    kind: ClusterIssuer
+    name: {{ .Values.certificate.issuername }}
+  commonName: {{ .Values.certificate.hostname }}
+  dnsNames:
+    - {{ .Values.certificate.hostname }}

helm/apf/templates/deployments/app.yaml

@@ -0,0 +1,58 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "apf.fullname" . }}
+  labels:
+    {{- include "apf.labels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.app.replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "apf.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        {{- include "apf.selectorLabels" . | nindent 8 }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "apf.serviceAccountName" . }}
+      containers:
+        - name: {{ .Chart.Name }}-celery
+          image: "{{ .Values.app.image }}:{{ .Values.app.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.app.pullPolicy }}
+          command:
+            - invoke
+            - migrate
+            - uwsgi
+            - --port
+            - {{ .Values.app.container.port | quote }}
+            - -w
+            - {{ .Values.app.workers | quote }}
+            - -t
+            - {{ .Values.app.threads | quote }}
+          envFrom:
+          - secretRef:
+              name: {{ include "apf.fullname" . }}
+          ports:
+            - name: http
+              containerPort: {{ .Values.app.container.port }}
+              protocol: TCP
+          livenessProbe:
+            httpGet:
+              path: /
+              port: http
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 4
+          readinessProbe:
+            httpGet:
+              path: /
+              port: http
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 4
+          resources:
+            {{- toYaml .Values.app.resources | nindent 12 }}

helm/apf/templates/deployments/celery.yaml

@@ -0,0 +1,33 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "apf.fullname" . }}-celery
+  labels:
+    {{- include "apf.labels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.celery.replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "apf.selectorLabels" . | nindent 6 }}-celery
+  template:
+    metadata:
+      labels:
+        {{- include "apf.selectorLabels" . | nindent 8 }}-celery
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "apf.serviceAccountName" . }}
+      containers:
+        - name: {{ .Chart.Name }}
+          image: "{{ .Values.app.image }}:{{ .Values.app.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.celery.pullPolicy }}
+          command:
+            - invoke
+            - celery-queues
+          envFrom:
+          - secretRef:
+              name: {{ include "apf.fullname" . }}
+          resources:
+            {{- toYaml .Values.celery.resources | nindent 12 }}

helm/apf/templates/ingress.yaml

@@ -0,0 +1,32 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "apf.fullname" . -}}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  labels:
+    {{- include "apf.labels" . | nindent 4 }}
+  annotations:
+    traefik.ingress.kubernetes.io/router.entrypoints: web, websecure
+    cert-manager.io/cluster-issuer: {{ .Values.certificate.issuername | quote }}
+spec:
+  {{- if .Values.ingress.tls }}
+  tls:
+    - secretName: {{ $fullName }}-cert
+  {{- end }}
+  rules:
+    {{- range .Values.ingress.hosts }}
+    - host: {{ .host | quote }}
+      http:
+        paths:
+        {{- range .paths }}
+        - path: {{ .path }}
+          pathType: Prefix
+          backend:
+            service:
+              name: {{ $fullName }}
+              port:
+                number: {{ .servicePort }}
+        {{- end }}
+    {{- end }}
+  {{- end }}

helm/apf/templates/secrets.yaml

@@ -0,0 +1,30 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "apf.fullname" . }}
+  labels:
+    app: {{ template "apf.name" . }}
+    chart: {{ template "apf.chart" . }}
+    release: {{ .Release.Name | quote }}
+    heritage: {{ .Release.Service | quote }}
+data:
+    BASE_URL: {{ .Values.baseurl | b64enc | quote }}
+    DEBUG: {{ .Values.app.debug | b64enc | quote }}
+    LOG_LEVEL: {{ .Values.app.log_level | b64enc | quote }}
+    SECRET_KEY: {{ required "secret key is needed" .Values.app.secretKey | b64enc | quote }}
+    # Postgres
+    POSTGRES_DB: {{ .Values.postgresql.postgresqlDatabase | b64enc | quote }}
+    POSTGRES_USER: {{ .Values.postgresql.postgresqlUsername | b64enc | quote }}
+    POSTGRES_HOST: {{ printf "%s-postgresql" (include "apf.name" .) | b64enc | quote }}
+    POSTGRES_PORT: {{ .Values.postgresql.service.port | b64enc | quote }}
+    POSTGRES_PASSWORD: {{ required "postgres password is needed" .Values.postgresql.postgresqlPassword | b64enc | quote }}
+    # Celery
+    CELERY_BROKER_PROTOCOL: {{ .Values.celery.broker.protocol | b64enc | quote }}
+    CELERY_BROKER_HOST: {{ printf "%s-redis-master" (include "apf.name" .) | b64enc | quote }}
+    CELERY_BROKER_PORT: {{ .Values.redis.redisPort | b64enc | quote }}
+    CELERY_BROKER_DB: {{ .Values.redis.db | b64enc | quote }}
+    CELERY_REDIRECT_STDOUTS_LEVEL: {{ .Values.celery.stdouts_level | b64enc | quote }}
+    # Telegram
+    TELEGRAM_TOKEN: {{ .Values.notifications.telegram.token | b64enc | quote }}
+    NOTIF_TELEGRAM_ENABLED: {{ .Values.notifications.telegram.enabled | b64enc | quote }}
+    TELEGRAM_CHAT_IDS: {{ .Values.notifications.telegram.chatIds | b64enc | quote }}

helm/apf/templates/serviceaccount.yaml

@@ -0,0 +1,12 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "apf.serviceAccountName" . }}
+  labels:
+    {{- include "apf.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}

helm/apf/templates/services/app.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "apf.fullname" . }}
+  labels:
+    {{- include "apf.labels" . | nindent 4 }}
+spec:
+  ports:
+    - port: {{ .Values.app.service.port }}
+      targetPort: {{ .Values.app.service.port }}
+      protocol: TCP
+      name: http
+  selector:
+    {{- include "apf.selectorLabels" . | nindent 4 }}

helm/apf/templates/services/celery.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "apf.fullname" . }}-celery
+  labels:
+    {{- include "apf.labels" . | nindent 4 }}-celery
+spec:
+  ports:
+    - port: {{ .Values.celery.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+  selector:
+    {{- include "apf.selectorLabels" . | nindent 4 }}-celery