diff --git a/.github/ct-lint.yaml b/.github/ct-lint.yaml index ffdb97a..4c8c68d 100644 --- a/.github/ct-lint.yaml +++ b/.github/ct-lint.yaml @@ -2,10 +2,11 @@ chart-dirs: - charts/ chart-repos: - bitnami=https://charts.bitnami.com/bitnami + - meilisearch=https://meilisearch.github.io/meilisearch-kubernetes check-version-increment: true debug: true remote: origin target-branch: main validate-chart-schema: true -validate-maintainers: true +validate-maintainers: false validate-yaml: true diff --git a/.gitignore b/.gitignore index 7481956..9fd4341 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ values-dev.yaml values-prod.yaml -nmrxiv-app*.tgz \ No newline at end of file +nmrxiv-app*.tgz +vibspecdb*.tgz \ No newline at end of file diff --git a/charts/vibspecdb/.helmignore b/charts/vibspecdb/.helmignore new file mode 100644 index 0000000..3950538 --- /dev/null +++ b/charts/vibspecdb/.helmignore @@ -0,0 +1,24 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ +vibspecdb*.tgz diff --git a/charts/vibspecdb/Chart.lock b/charts/vibspecdb/Chart.lock new file mode 100644 index 0000000..ffa65c5 --- /dev/null +++ b/charts/vibspecdb/Chart.lock @@ -0,0 +1,15 @@ +dependencies: +- name: postgresql + repository: https://charts.bitnami.com/bitnami + version: 10.13.11 +- name: redis + repository: https://charts.bitnami.com/bitnami + version: 15.6.3 +- name: rabbitmq + repository: https://charts.bitnami.com/bitnami + version: 8.24.12 +- name: meilisearch + repository: https://meilisearch.github.io/meilisearch-kubernetes + version: 0.1.22 +digest: sha256:9db237d706687d61b988168ade3b46ff4527fe9e93ecdc83e18b125d918a3375 +generated: "2021-12-22T14:39:56.8233639+01:00" diff --git a/charts/vibspecdb/Chart.yaml b/charts/vibspecdb/Chart.yaml new file mode 100644 index 0000000..150c204 --- /dev/null +++ b/charts/vibspecdb/Chart.yaml @@ -0,0 +1,47 @@ +apiVersion: v2 +name: vibspecdb +description: A Helm chart of Vibspec-Laravel Application for K8S +home: https://vibspecdb.k8s.photonicdata.science +maintainers: + - name: Nazar Stefaniuk + email: nazar.stefaniuk@uni-jena.de +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.2.13 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "0.1.0" + +# icon: A URL to an SVG or PNG image to be used as an icon (optional). + +dependencies: +- name: postgresql + version: "10.13.11" + repository: "https://charts.bitnami.com/bitnami" + condition: postgresql.enabled +- name: redis + version: "15.6.3" + repository: https://charts.bitnami.com/bitnami + condition: redis.enabled +- name: rabbitmq + version: "8.24.12" + repository: https://charts.bitnami.com/bitnami + condition: rabbitmq.enabled +- name: meilisearch + version: "0.1.22" + repository: https://meilisearch.github.io/meilisearch-kubernetes + condition: meilisearch.enabled diff --git a/charts/vibspecdb/README.md b/charts/vibspecdb/README.md new file mode 100644 index 0000000..bdc23f5 --- /dev/null +++ b/charts/vibspecdb/README.md @@ -0,0 +1 @@ +vibspecdb diff --git a/charts/vibspecdb/charts/meilisearch-0.1.22.tgz b/charts/vibspecdb/charts/meilisearch-0.1.22.tgz new file mode 100644 index 0000000..06f6d11 Binary files /dev/null and b/charts/vibspecdb/charts/meilisearch-0.1.22.tgz differ diff --git a/charts/vibspecdb/charts/postgresql-10.13.11.tgz b/charts/vibspecdb/charts/postgresql-10.13.11.tgz new file mode 100644 index 0000000..9fbc81b Binary files /dev/null and b/charts/vibspecdb/charts/postgresql-10.13.11.tgz differ diff --git a/charts/vibspecdb/charts/rabbitmq-8.24.12.tgz b/charts/vibspecdb/charts/rabbitmq-8.24.12.tgz new file mode 100644 index 0000000..860ece6 Binary files /dev/null and b/charts/vibspecdb/charts/rabbitmq-8.24.12.tgz differ diff --git a/charts/vibspecdb/charts/redis-15.6.3.tgz b/charts/vibspecdb/charts/redis-15.6.3.tgz new file mode 100644 index 0000000..0c22bc0 Binary files /dev/null and b/charts/vibspecdb/charts/redis-15.6.3.tgz differ diff --git a/charts/vibspecdb/templates/NOTES.txt b/charts/vibspecdb/templates/NOTES.txt new file mode 100644 index 0000000..9876810 --- /dev/null +++ b/charts/vibspecdb/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "vibspecdb.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "vibspecdb.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "vibspecdb.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "vibspecdb.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/charts/vibspecdb/templates/_helpers.tpl b/charts/vibspecdb/templates/_helpers.tpl new file mode 100644 index 0000000..36d77d7 --- /dev/null +++ b/charts/vibspecdb/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "vibspecdb.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "vibspecdb.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "vibspecdb.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "vibspecdb.labels" -}} +helm.sh/chart: {{ include "vibspecdb.chart" . }} +{{ include "vibspecdb.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "vibspecdb.selectorLabels" -}} +app.kubernetes.io/name: {{ include "vibspecdb.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "vibspecdb.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "vibspecdb.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/vibspecdb/templates/configmap.yaml b/charts/vibspecdb/templates/configmap.yaml new file mode 100644 index 0000000..af82a63 --- /dev/null +++ b/charts/vibspecdb/templates/configmap.yaml @@ -0,0 +1,54 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.EnvConfigMapRef.name }} + namespace: {{ .Release.Namespace }} +data: + APP_NAME: {{ .Values.name }} + APP_ENV: "production" + APP_DEBUG: "true" + APP_PORT: "80" + APP_URL: "https://vibspecdb.k8s.photonicdata.science/" + ASSET_URL: "https://vibspecdb.k8s.photonicdata.science/" + LOG_CHANNEL: "stdout" + DB_USERNAME: {{ .Values.postgresql.postgresqlUsername }} + DB_CONNECTION: "pgsql" + DB_HOST: {{ .Values.postgresql.host }} + DB_PORT: "{{ .Values.postgresql.port }}" + DB_DATABASE: {{ .Values.postgresql.postgresqlDatabase }} + BROADCAST_DRIVER: "log" + FILESYSTEM_DRIVER: "local" + QUEUE_CONNECTION: "rabbitmq" + RABBITMQ_HOST: {{ .Values.rabbitmq.host }} + RABBITMQ_PORT: "{{ .Values.rabbitmq.port }}" + RABBITMQ_USER: {{ .Values.rabbitmq.auth.username }} + RABBITMQ_QUEUE: jobs + SCOUT_DRIVER: meilisearch + MEILISEARCH_HOST: {{ .Values.meilisearch.host }} + SESSION_DRIVER: "redis" + CACHE_DRIVER: "redis" + REDIS_CLIENT: "predis" + SESSION_LIFETIME: "120" + MEMCACHED_HOST: "memcached" + REDIS_HOST: {{ .Values.redis.host }} + REDIS_PORT: "{{ .Values.redis.port }}" + PUSHER_APP_ID: "null" + PUSHER_APP_CLUSTER: "mt1" + MIX_PUSHER_APP_KEY: "${PUSHER_APP_KEY}" + MAIL_MAILER: "smtp" + MAIL_HOST: {{ .Values.smtp.host }} + MAIL_PORT: "{{ .Values.smtp.port }}" + MAIL_ENCRYPTION: "null" + MAIL_FROM_ADDRESS: {{ .Values.smtp.from }} + MAIL_FROM_NAME: "VibspecDB" + AWS_DEFAULT_REGION: "us-east-1" + AWS_BUCKET: "null" + AWS_ENDPOINT: {{ .Values.minio.endpoint }} + AWS_URL: {{ .Values.minio.baseUrl }} + AWS_USE_PATH_STYLE_ENDPOINT: "false" + GITLAB_REDIRECT_URI: {{ .Values.gitlab.redirectUrl }} + GITLAB_BASE_URL: {{ .Values.gitlab.baseUrl }} + KEYCLOAK_REDIRECT_URI: {{ .Values.keycloak.redirectUrl }} + KEYCLOAK_BASE_URL: {{ .Values.keycloak.baseUrl }} + KEYCLOAK_REALM: {{ .Values.keycloak.realm }} + APP_KEY: {{ .Values.app.key }} diff --git a/charts/vibspecdb/templates/deployment.yaml b/charts/vibspecdb/templates/deployment.yaml new file mode 100644 index 0000000..5eaf707 --- /dev/null +++ b/charts/vibspecdb/templates/deployment.yaml @@ -0,0 +1,90 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "vibspecdb.fullname" . }} + labels: + {{- include "vibspecdb.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "vibspecdb.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "vibspecdb.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "vibspecdb.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- if .Values.persistence.enabled }} + initContainers: + - name: storage-permissions + image: busybox + command: ["sh", "-c", "chmod 777 /storage"] + volumeMounts: + - name: storage + mountPath: /storage + {{- end }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + volumeMounts: + {{- if .Values.persistence.enabled }} + - mountPath: {{ .Values.directory }}/{{ .Values.persistence.path }} + name: storage + {{- end }} + envFrom: + - configMapRef: + name: {{ .Values.EnvConfigMapRef.name }} + - secretRef: + name: {{ .Values.EnvSecretRef.name }} + - secretRef: + name: {{ .Values.EnvSecretRefServices.name }} + ports: + - name: http + containerPort: 80 + protocol: TCP + {{- if not .Values.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http + {{- end }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumes: + {{- if .Values.persistence.enabled }} + - name: storage + persistentVolumeClaim: + claimName: {{ .Values.persistence.existingClaim | default (printf "%s-storage" (include "vibspecdb.fullname" .)) }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/vibspecdb/templates/hpa.yaml b/charts/vibspecdb/templates/hpa.yaml new file mode 100644 index 0000000..fb2d521 --- /dev/null +++ b/charts/vibspecdb/templates/hpa.yaml @@ -0,0 +1,28 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "vibspecdb.fullname" . }} + labels: + {{- include "vibspecdb.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "vibspecdb.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/charts/vibspecdb/templates/ingress.yaml b/charts/vibspecdb/templates/ingress.yaml new file mode 100644 index 0000000..0f86325 --- /dev/null +++ b/charts/vibspecdb/templates/ingress.yaml @@ -0,0 +1,14 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ include "vibspecdb.fullname" . }}-app-ingress + annotations: + kubernetes.io/ingress.global-static-ip-name: vibspec-app-ip-address + networking.gke.io/managed-certificates: vibspec-app-dev-certificate + kubernetes.io/ingress.class: "gce" +spec: + defaultBackend: + service: + name: {{ include "vibspecdb.fullname" . }} + port: + number: {{ .Values.service.port }} \ No newline at end of file diff --git a/charts/vibspecdb/templates/migration.yaml b/charts/vibspecdb/templates/migration.yaml new file mode 100644 index 0000000..0aa5e3d --- /dev/null +++ b/charts/vibspecdb/templates/migration.yaml @@ -0,0 +1,27 @@ +{{- if .Values.migrate.enabled }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ template "vibspecdb.fullname" . }}-migrate + annotations: + "helm.sh/hook": post-install, pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation +spec: + activeDeadlineSeconds: {{ .Values.migrate.timeout }} + template: + spec: + containers: + - name: {{ template "vibspecdb.fullname" . }}-db-migrate + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + command: + - sh + - -c + - {{ .Values.migrate.cmd }} + envFrom: + - configMapRef: + name: {{ .Values.EnvConfigMapRef.name }} + - secretRef: + name: {{ .Values.EnvSecretRef.name }} + restartPolicy: Never + backoffLimit: 4 +{{- end }} diff --git a/charts/vibspecdb/templates/pvc.yaml b/charts/vibspecdb/templates/pvc.yaml new file mode 100644 index 0000000..af1fe2a --- /dev/null +++ b/charts/vibspecdb/templates/pvc.yaml @@ -0,0 +1,19 @@ +{{- if and .Values.storage.pvc.enabled (not .Values.storage.pvc.existingClaim) -}} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ include "vibspecdb.fullname" . }}-storage + {{- with .Values.storage.pvc.annotations }} + annotations: + {{- . | toYaml | nindent 4 }} + {{- end }} +spec: + {{- if typeIs "string" .Values.storage.pvc.storageClassName }} + storageClassName: {{ .Values.storage.pvc.storageClassName | quote }} + {{- end }} + accessModes: + {{- .Values.storage.pvc.accessModes | toYaml | nindent 4 }} + resources: + requests: + storage: {{ .Values.storage.pvc.storage | quote }} +{{- end }} \ No newline at end of file diff --git a/charts/vibspecdb/templates/secret-services.yaml b/charts/vibspecdb/templates/secret-services.yaml new file mode 100644 index 0000000..f688664 --- /dev/null +++ b/charts/vibspecdb/templates/secret-services.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Values.EnvSecretRefServices.name }} + labels: + {{- include "vibspecdb.labels" . | nindent 4 }} +type: Opaque +data: + {{- if .Values.minio.enabled }} + AWS_BUCKET: {{ .Values.minio.bucket |b64enc | quote }} + AWS_ACCESS_KEY_ID: {{ .Values.minio.accessKey |b64enc | quote }} + AWS_SECRET_ACCESS_KEY: {{ .Values.minio.secretAccessKey |b64enc | quote }} + {{- end -}} + {{- if .Values.gitlab.enabled }} + GITLAB_KEY: {{ .Values.gitlab.accessKey |b64enc | quote }} + GITLAB_SECRET: {{ .Values.gitlab.secretAccessKey |b64enc | quote }} + {{- end -}} + {{- if .Values.keycloak.enabled }} + KEYCLOAK_CLIENT_ID: {{ .Values.keycloak.clientId |b64enc | quote }} + KEYCLOAK_CLIENT_SECRET: {{ .Values.keycloak.clientSecret |b64enc | quote }} + {{- end -}} + {{- if .Values.meilisearch.enabled }} + MEILI_MASTER_KEY: {{ .Values.meilisearch.secretKey |b64enc | quote }} + {{- end -}} diff --git a/charts/vibspecdb/templates/secret.yaml b/charts/vibspecdb/templates/secret.yaml new file mode 100644 index 0000000..2b60c28 --- /dev/null +++ b/charts/vibspecdb/templates/secret.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Values.EnvSecretRef.name }} + labels: + {{- include "vibspecdb.labels" . | nindent 4 }} +type: Opaque +data: + {{- if .Values.smtp.enabled }} + MAIL_PASSWORD: {{ .Values.smtp.password |b64enc | quote }} + {{- end -}} + {{- if .Values.postgresql.enabled }} + DB_PASSWORD: {{ .Values.postgresql.postgresqlPassword |b64enc | quote }} + {{- else if .Values.mysql.enabled }} + DB_PASSWORD: {{ .Values.postgresql.postgresqlPassword |b64enc | quote }} + {{- end -}} + {{- if .Values.redis.enabled }} + REDIS_PASSWORD: {{ .Values.redis.auth.password |b64enc | quote }} + {{- end -}} + {{- if .Values.rabbitmq.enabled }} + RABBITMQ_PASSWORD: {{ .Values.rabbitmq.auth.password |b64enc | quote }} + {{- end -}} diff --git a/charts/vibspecdb/templates/service.yaml b/charts/vibspecdb/templates/service.yaml new file mode 100644 index 0000000..5bc1fb1 --- /dev/null +++ b/charts/vibspecdb/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "vibspecdb.fullname" . }} + labels: + {{- include "vibspecdb.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "vibspecdb.selectorLabels" . | nindent 4 }} diff --git a/charts/vibspecdb/templates/serviceaccount.yaml b/charts/vibspecdb/templates/serviceaccount.yaml new file mode 100644 index 0000000..76d8d56 --- /dev/null +++ b/charts/vibspecdb/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "vibspecdb.serviceAccountName" . }} + labels: + {{- include "vibspecdb.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/vibspecdb/templates/tests/test-connection.yaml b/charts/vibspecdb/templates/tests/test-connection.yaml new file mode 100644 index 0000000..601ce47 --- /dev/null +++ b/charts/vibspecdb/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "vibspecdb.fullname" . }}-test-connection" + labels: + {{- include "vibspecdb.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "vibspecdb.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/charts/vibspecdb/values.yaml b/charts/vibspecdb/values.yaml new file mode 100644 index 0000000..78aedcf --- /dev/null +++ b/charts/vibspecdb/values.yaml @@ -0,0 +1,189 @@ +# Default values for fpm-laravel. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +nameOverride: "" +fullnameOverride: "" + +replicaCount: 1 + +app: + key: base64:r3qmKktGeBi6Z/5Ax= + +directory: /app +name: 'Vibspecdb' +persistence: + enabled: true + existingClaim: "" + path: storage/app + storage: 2Gi + +image: + repository: privated.docker.registry/vibspecdb_laravel_backend + pullPolicy: Always + tag: v0.1.0 + +imagePullSecrets: + - name: registrypullsecret + +EnvConfigMapRef: + name: "laravel-in-kubernetes" + enabled: true +EnvSecretRef: + enabled: true + name: "laravel-in-kubernetes" +EnvSecretRefServices: + enabled: true + name: "laravel-in-kubernetes-services" + +serviceAccount: + create: true + annotations: {} + name: "" + +podAnnotations: {} + +podSecurityContext: {} + +securityContext: {} +service: + type: ClusterIP + port: 80 + +ingress: + enabled: true + className: "" + annotations: {} + hosts: + - host: vibspecdb.k8s.photonicdata.science + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + +resources: {} + +storage: + pvc: + enabled: true + existingClaim: "" + annotations: {} + storageClassName: "longhorn" + accessModes: + - ReadWriteOnce + storage: 2Gi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 10 + targetCPUUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +livenessProbe: + enabled: true + +migrate: + enabled: false + timeout: 180 + cmd: "php artisan migrate --force" + +postgresql: + enabled: true + image: + tag: 11.14.0-debian-10-r17 + postgresqlUsername: "psguser" + postgresqlPassword: "secret" + postgresqlDatabase: "vibspecdb" + port: "5432" + host: "postgresql" + global: + storageClass: 'longhorn' + persistence: + enabled: false + existingClaim: "" + size: 1Gi + resources: + requests: + memory: 100Mi + cpu: 20m + limits: + memory: 150Mi + cpu: 200m + +rabbitmq: + enabled: true + port: "5672" + host: "rabbitmq" + auth: + username: 'rabbitmq_user' + password: 'password' + global: + storageClass: 'longhorn' + metrics: + enabled: false + ingress: + enabled: false + path: '/' + hostname: hostnamehere.com + +meilisearch: + enabled: true + host: 'meilisearch:7700' + secretKey: meilikeyhere + +redis: + enabled: true + port: "6379" + host: "redis-master" + auth: + password: 'redispasshere' + global: + storageClass: 'longhorn' + replica: + replicaCount: 1 + persistence: + enabled: false + size: 1Gi + resources: + requests: + memory: 30Mi + cpu: 10m + limits: + memory: 30Mi + cpu: 50m + +minio: + enabled: false + accessKey: 'MINIO_ROOT_USER' + secretAccessKey: 'MINIO_ROOT_PASSWORD' + bucket: 'local' + endpoint: 'MINIO_ENDPOINT_URL' + baseUrl: 'MINIO_ENDPOINT_URL' + +gitlab: + enabled: false + accessKey: 'GITLAB_KEY' + secretAccessKey: 'GITLAB_SECRET' + redirectUrl: https://pageurl/auth/login/gitlab/callback + baseUrl: https://private.gitlab.repo/ + +keycloak: + enabled: false + clientId: 'KEYCLOAK_CLIENT_ID' + clientSecret: 'KEYCLOAK_CLIENT_SECRET' + redirectUrl: 'https://pageurl/auth/login/keycloak/callback' + baseUrl: 'https://pageurl/auth/' + realm: 'RealmName' + +smtp: + enabled: false + host: 'smtp.mailgun.org' + port: 587 + from: 'from@company.de' + user: 'postmaster@dev.com' + password: "secret"