diff --git a/components/operator/.gardenignore b/components/operator/.gardenignore deleted file mode 100644 index 8a00277839..0000000000 --- a/components/operator/.gardenignore +++ /dev/null @@ -1,90 +0,0 @@ -# Temporary Build Files -build/_output -build/_test -bin -bin/* -testbin -# Created by https://www.gitignore.io/api/go,vim,emacs,visualstudiocode -### Emacs ### -# -*- mode: gitignore; -*- -*~ -\#*\# -/.emacs.desktop -/.emacs.desktop.lock -*.elc -auto-save-list -tramp -.\#* -# Org-mode -.org-id-locations -*_archive -# flymake-mode -*_flymake.* -# eshell files -/eshell/history -/eshell/lastdir -# elpa packages -/elpa/ -# reftex files -*.rel -# AUCTeX auto folder -/auto/ -# cask packages -.cask/ -dist/ -# Flycheck -flycheck_*.el -# server auth directory -/server/ -# projectiles files -.projectile -projectile-bookmarks.eld -# directory configuration -.dir-locals.el -# saveplace -places -# url cache -url/cache/ -# cedet -ede-projects.el -# smex -smex-items -# company-statistics -company-statistics-cache.el -# anaconda-mode -anaconda-mode/ -### Go ### -# Binaries for programs and plugins -*.exe -*.exe~ -*.dll -*.so -*.dylib -# Test binary, build with 'go test -c' -*.test -# Output of the go coverage tool, specifically when used with LiteIDE -*.out -### Vim ### -# swap -.sw[a-p] -.*.sw[a-p] -# session -Session.vim -# temporary -.netrwhist -# auto-generated tag files -tags -### VisualStudioCode ### -.vscode/* -.history -# End of https://www.gitignore.io/api/go,vim,emacs,visualstudiocode -.idea -operator-sdk-* -tmp -./bin/manager -vendor - -example-staging.yaml -demo.yml -local-registries.yaml -.env diff --git a/components/operator/README.md b/components/operator/README.md index 05d0f6da12..b309579db7 100644 --- a/components/operator/README.md +++ b/components/operator/README.md @@ -3,122 +3,3 @@ This operator is in charge of deploying a full or partial Formance OSS Stack. It aims to simplify deployment and releases management of different parts of the Formance ecosystem. -## Getting Started - -You'll need a Kubernetes cluster to run against. -Scripts of this repository are using [K3D](https://k3d.io/v5.4.6/). You have to install it. -Also, we use [Garden](https://docs.garden.io/) for management. - -### Running on the cluster - -1. Create the cluster: - -```sh -garden create-cluster -``` - -2. Build the operator image yourself or skip and deploy: - -> Add an entry for `k3d-registry.host.k3d.internal` inside /etc/hosts file, pointing to 127.0.0.1. - -```sh - 1. BUILD: `make docker-build` - 2. PUSH: `make docker-push - 3. BUILD Helm: `make helm-update` -``` - -3. Deploy: - -```sh -garden deploy -``` - -4. Create a stack - -```sh -kubectl apply -f garden/example-v1beta3.yaml -``` - -5. Stop the cluster - -```sh -garden stop -``` - -6. Start the cluster - -```sh -garden start -``` - -Add an entry for `host.k3d.internal` inside /etc/hosts file, pointing to 127.0.0.1. -Go to http://host.k3d.internal. -Login with admin@formance.com / password - -### Push to local registry - -In order to be able to pull and push the image in the internal-registry named `k3d-registry.host.k3d.internal` -on fixed port `12345` defined in `garden/k3d.yaml` - - -Add an entry for `k3d-registry.host.k3d.internal` inside /etc/hosts file, pointing to 127.0.0.1. - -Then in order to build and publish your image - 1. BUILD: `make docker-build` - 2. PUSH: `make docker-push` - 3. BUILD CRD: `make kustomize` - 4. DEPLOY HELM:`make helm-local-install` - 5. REDEPLOY HELM: `make helm-local-upgrade` - - - -### Push to local registry - -In order to be able to pull and push the image in the internal-registry named `k3d-registry.host.k3d.internal` -on fixed port `12345` defined in `garden/k3d.yaml` - - -Add an entry for `k3d-registry.host.k3d.internal` inside /etc/hosts file, pointing to 127.0.0.1. - -Then in order to build and publish your image - 1. BUILD: `make docker-build` - 2. PUSH: `make docker-push` - 3. BUILD Helm: `make helm-update` -At this step you can use `garden deploy` - 1. DEPLOY Helm:`make helm-local-install` - 2. REDEPLOY Helm: `make helm-local-upgrade` - - -### How it works -This project aims to follow the Kubernetes [Operator pattern](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/) - -It uses [Controllers](https://kubernetes.io/docs/concepts/architecture/controller/) -which provides a reconcile function responsible for synchronizing resources until the desired state is reached on the cluster - - -#### Create a stack - -```sh -kubectl apply -f garden/example-v1beta3.yaml -### Tests - -Run command : -```sh -make test -``` - -## License - -Copyright 2022. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. \ No newline at end of file diff --git a/components/operator/commands.garden.yaml b/components/operator/commands.garden.yaml deleted file mode 100644 index b5daa940df..0000000000 --- a/components/operator/commands.garden.yaml +++ /dev/null @@ -1,75 +0,0 @@ ---- -kind: Command -name: create-cluster -description: - short: Create K3D cluster -exec: - command: - - sh - - -c - - > - k3d cluster create ${variables.cluster-name} - --config garden/k3d.yaml - ${variables contains "registries" ? "--registry-config " + variables.registries : ""} - ${variables contains "network" ? "--network " + variables.network : ""} - --k3s-arg "--disable=traefik@server:0" && garden plugins kubernetes cluster-init --env=default --force-refresh ---- -kind: Command -name: delete-cluster -description: - short: Delete K3D cluster -exec: - command: - - sh - - -c - - k3d cluster delete ${variables.cluster-name} ---- -kind: Command -name: stop -description: - short: Stop K3D cluster -exec: - command: - - sh - - -c - - k3d cluster stop ${variables.cluster-name} ---- -kind: Command -name: start -description: - short: Start K3D cluster -exec: - command: - - sh - - -c - - k3d cluster start ${variables.cluster-name} ---- -kind: Command -name: manifests -description: - short: Generate manifests -exec: - command: - - sh - - -c - - make manifests ---- -kind: Command -name: generate -description: - short: Generate deepcopy functions -exec: - command: - - sh - - -c - - make generate ---- -kind: Command -name: kb-tests -description: - short: Start KubeBuilder tests -exec: - command: - - sh - - -c - - make tests diff --git a/components/operator/garden.yml b/components/operator/garden.yml deleted file mode 100644 index d1d5f5b074..0000000000 --- a/components/operator/garden.yml +++ /dev/null @@ -1,61 +0,0 @@ ---- -apiVersion: garden.io/v0 -kind: Deploy -description: operator pre-deploy build -type: exec -name: operator-build -spec: - deployCommand: - - sh - - -c - - make docker-build ---- -apiVersion: garden.io/v0 -kind: Deploy -description: operator pre-deploy push -type: exec -name: operator-push -dependencies: - - deploy.operator-build -spec: - deployCommand: - - sh - - -c - - make docker-push -# --- -# apiVersion: garden.io/v0 -# kind: Deploy -# description: operator pre-deploy helm update -# type: exec -# name: operator-helm-build -# dependencies: -# - deploy.operator-push -# spec: -# deployCommand: -# - sh -# - -c -# - make helm-update ---- -apiVersion: garden.io/v0 -kind: Deploy -type: helm -description: Operator Helm deploy -name: formance-operator -dependencies: - - deploy.operator-build - - deploy.operator-push - # - deploy.operator-helm-build - - deploy.cert-manager -spec: - namespace: formance-system - chart: - path: ./helm - values: - image: - repository: k3d-registry.host.k3d.internal:12345/operator - tag: dev-latest - pullPolicy: Always - operator: - enableStackFinalizer: true - - diff --git a/components/operator/garden/cert-manager/garden.yaml b/components/operator/garden/cert-manager/garden.yaml deleted file mode 100644 index 96c0faca5b..0000000000 --- a/components/operator/garden/cert-manager/garden.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -apiVersion: garden.io/v0 -kind: Deploy -description: cert-manager -type: helm -name: cert-manager -timeout: 3600 -spec: - namespace: default - chart: - repo: https://charts.jetstack.io - name: cert-manager - values: - fullnameOverride: cert-manager - installCRDs: true diff --git a/components/operator/garden/dex/garden.yaml b/components/operator/garden/dex/garden.yaml deleted file mode 100644 index 8d3ea84da3..0000000000 --- a/components/operator/garden/dex/garden.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -apiVersion: garden.io/v0 -kind: Deploy -description: Dex -type: helm -name: dex -timeout: 3600 -dependencies: -- deploy.postgres -spec: - namespace: default - chart: - repo: https://charts.dexidp.io - name: dex - values: - config: - issuer: http://host.k3d.internal/api/dex - storage: - type: postgres - config: - host: postgres-postgresql - port: 5432 - database: formance - user: formance - password: formance - ssl: - mode: disable - enablePasswordDB: true - staticPasswords: - - email: admin@formance.com - # https://github.com/dexidp/dex/blob/576f990d257d9dd63e283cf379960e50506e8bcc/examples/config-dev.yaml#L145 - hash: "$2a$10$2b2cU8CPhOTaGrs1HRQuAueS7JTT5ZHsHSzYiFPm1leZck7Mc8T4W" # password - username: admin - userID: 08a8684b-db88-4b73-90a9-3cd1661f5466 - staticClients: - - id: dexclient - secret: dexclient - name: dexclient - redirectURIs: - - http://host.k3d.internal/api/auth/authorize/callback - ingress: - enabled: true - hosts: - - host: host.k3d.internal - paths: - - path: /api/dex - pathType: Prefix diff --git a/components/operator/garden/elasticsearch/garden.yaml b/components/operator/garden/elasticsearch/garden.yaml deleted file mode 100644 index 927875e4f0..0000000000 --- a/components/operator/garden/elasticsearch/garden.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -apiVersion: garden.io/v0 -kind: Deploy -description: Zinc -type: helm -name: elasticsearch -timeout: 3600 -spec: - namespace: default - chart: - repo: https://helm.elastic.co - name: elasticsearch - version: 7.17.3 - values: - replicas: 1 - esJavaOpts: "-Xmx512m -Xms512m" - clusterHealthCheckParams: wait_for_status=yellow&timeout=1s - resources: - requests: - cpu: 200m - memory: 512M - limits: - cpu: 200m - memory: 1024M diff --git a/components/operator/garden/example-v1beta1.yaml b/components/operator/garden/example-v1beta1.yaml deleted file mode 100644 index 113fac3544..0000000000 --- a/components/operator/garden/example-v1beta1.yaml +++ /dev/null @@ -1,113 +0,0 @@ ---- -apiVersion: traefik.containo.us/v1alpha1 -kind: Middleware -metadata: - name: cors-all -spec: - headers: - accessControlAllowOriginList: - - "*" - accessControlAllowHeaders: - - "Authorization" - - "content-type" - accessControlAllowMethods: - - "*" - accessControlAllowCredentials: true - accessControlMaxAge: 100 - addVaryHeader: true ---- -apiVersion: traefik.containo.us/v1alpha1 -kind: Middleware -metadata: - name: stripprefix -spec: - stripPrefix: - prefixes: - - /api/auth - - /api/dex - - /api/jaeger - - /api/ledger - - /api/webhooks ---- -apiVersion: stack.formance.com/v1beta1 -kind: Configuration -metadata: - name: stacks -spec: - # Define global ingress configuration - ingress: - enabled: true - annotations: - traefik.ingress.kubernetes.io/router.middlewares: default-stripprefix@kubernetescrd, default-cors-all@kubernetescrd - auth: - image: ghcr.io/formancehq/auth:latest - host: host.k3d.internal - scheme: http - delegatedOIDCServer: - issuer: http://host.k3d.internal/api/dex - clientID: dexclient - clientSecret: dexclient - postgres: - host: postgres-postgresql.default.svc.cluster.local - port: 5432 - username: formance - password: formance - staticClients: - - id: foo - public: true - secrets: - - bar - monitoring: - traces: - otlp: - endpoint: otel-collector-opentelemetry-collector.default.svc.cluster.local - insecure: true - mode: grpc - port: 4317 - kafka: - brokers: - - redpanda.default.svc.cluster.local:9092 - services: - ledger: - postgres: - host: postgres-postgresql.default.svc.cluster.local - port: 5432 - username: formance - password: formance - locking: - strategy: redis - redis: - uri: redis://redis-headless.default.svc.cluster.local:6379 - payments: - mongoDB: - host: mongodb-svc.default.svc.cluster.local - port: 27017 - username: root - password: very-secured-password - search: - elasticSearch: - host: elasticsearch-master.default.svc.cluster.local - port: 9200 - scheme: http - basicAuth: - username: admin - password: admin - control: - image: ghcr.io/formancehq/control:01a892128c2709241539554a9523b403c825541d - webhooks: - mongoDB: - host: mongodb-svc.default.svc.cluster.local - password: very-secured-password - port: 27017 - username: root ---- -apiVersion: stack.formance.com/v1beta1 -kind: Stack -metadata: - name: stack1 -spec: - namespace: stack1 - debug: true - scheme: http - host: host.k3d.internal - seed: stacks diff --git a/components/operator/garden/example-v1beta2.yaml b/components/operator/garden/example-v1beta2.yaml deleted file mode 100644 index 9d273a187c..0000000000 --- a/components/operator/garden/example-v1beta2.yaml +++ /dev/null @@ -1,199 +0,0 @@ ---- -apiVersion: traefik.containo.us/v1alpha1 -kind: Middleware -metadata: - name: cors-all -spec: - headers: - accessControlAllowOriginList: - - "*" - accessControlAllowHeaders: - - "Authorization" - - "content-type" - accessControlAllowMethods: - - "*" - accessControlAllowCredentials: true - accessControlMaxAge: 100 - addVaryHeader: true ---- -apiVersion: traefik.containo.us/v1alpha1 -kind: Middleware -metadata: - name: stripprefix -spec: - stripPrefix: - prefixes: - - /api/auth - - /api/dex - - /api/jaeger - - /api/ledger - - /api/webhooks ---- -apiVersion: stack.formance.com/v1beta2 -kind: Configuration -metadata: - name: stacks -spec: - # Define global ingress configuration - ingress: - annotations: - traefik.ingress.kubernetes.io/router.middlewares: default-stripprefix@kubernetescrd, default-cors-all@kubernetescrd - monitoring: - traces: - otlp: - endpoint: otel-collector-opentelemetry-collector.default.svc.cluster.local - insecure: true - mode: grpc - port: 4317 - resourceAttributes: "foo=bar" - temporal: - address: "local-operator.sihc8.tmprl.cloud:7233" - namespace: "local-operator.sihc8" - tls: - crt: | - -----BEGIN CERTIFICATE----- - MIIDvDCCAqSgAwIBAgIUTQMMmzxFv5yUcH6H3l3AI+o01CswDQYJKoZIhvcNAQEL - BQAwFzEVMBMGA1UEAxMMZm9ybWFuY2UuY29tMB4XDTIzMDEyMDEwMTExNVoXDTMz - MDExNzA5MTE0NVowGTEXMBUGA1UEAwwOKi5mb3JtYW5jZS5jb20wggEiMA0GCSqG - SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7NlrS6MuTXIEdUIs4FKaQY3krG4w7KKpr - /ztQXYJ/4kyit+xnP6uuIiEs5qwfWJnS3V5a5ZGHF6x2GdZAKRMlHt3xxL7K39xu - sY06kwCcNP7eNDKdz4fbaRQ109vM6ANY6h1VgZ7A/e49swV5gpJ+YfPqRykood6H - afGSL0jLzFqTujjbNV6ZwIRD7ZMIa/NOYlb6oxlfZZXtMKwPY7An5fpDyEVJCRrP - G2dShu0WHZlctzCjR3WFNfNPIN44yaPdF9q/WweWwcei8pcoz+d5m9sjUeviIhfb - dXODDWbwJu1i1COOGz0suWchPQJCYGc9xOigCDWrH5A2BSu3C2gzAgMBAAGjgf0w - gfowDgYDVR0PAQH/BAQDAgOoMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD - AjAdBgNVHQ4EFgQU564vj1K2ZEtgkcLtl5JurExg6AcwHwYDVR0jBBgwFoAU9JfZ - psQJOHGZ+vYuZzZLPQRLYmwwOwYIKwYBBQUHAQEELzAtMCsGCCsGAQUFBzAChh9o - dHRwOi8vMTI3LjAuMC4xOjgyMDAvdjEvcGtpL2NhMBkGA1UdEQQSMBCCDiouZm9y - bWFuY2UuY29tMDEGA1UdHwQqMCgwJqAkoCKGIGh0dHA6Ly8xMjcuMC4wLjE6ODIw - MC92MS9wa2kvY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQAW9ispaeU9UnoTUihFf+cx - RzNQ+JbxGoAihvri25YbxnXifjd/v9D9GnP50dkhfPcBQZnFtspsg9gAMla/Hhl8 - 3g4liINIIMYy1wHak9K22a3+k5yKspbFovtvsOoac5jt0fIl+2MiBY3G1V7lKiZL - LQiOlDdmBlzkldGD3ubunuh1NTMUbnBF8JTKquSqZv1i7Js6UbelJg89g9gh4N+R - gK3El3m5jc2sLFQbuWiDx8gZtNWAd5wihs9ban87Dc9YOZ6695Dd/woifhMRuIWG - YIezLQgPPPiyvTcTARipcA68eVu5GpFG8L3BKR9Mz5TThasRnsFwfa/ylbZkSWun - -----END CERTIFICATE----- - key: | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEAuzZa0ujLk1yBHVCLOBSmkGN5KxuMOyiqa/87UF2Cf+JMorfs - Zz+rriIhLOasH1iZ0t1eWuWRhxesdhnWQCkTJR7d8cS+yt/cbrGNOpMAnDT+3jQy - nc+H22kUNdPbzOgDWOodVYGewP3uPbMFeYKSfmHz6kcpKKHeh2nxki9Iy8xak7o4 - 2zVemcCEQ+2TCGvzTmJW+qMZX2WV7TCsD2OwJ+X6Q8hFSQkazxtnUobtFh2ZXLcw - o0d1hTXzTyDeOMmj3Rfav1sHlsHHovKXKM/neZvbI1Hr4iIX23Vzgw1m8CbtYtQj - jhs9LLlnIT0CQmBnPcTooAg1qx+QNgUrtwtoMwIDAQABAoIBADEmhhXVVI0tviAq - I0Ln+Qrzcr5kjx6BAK015yakRjy49xHJY+F/j905zKfzL8FTC5+WyszmdJyZFIg1 - JFDX99TJE9ADrWup9j+BkeiM654XM8q2vYs9DxgFsG6pXo2fZDGV1Xm7fCiDAmdk - ds1+AGP554XchOvMA5ZdtDSDAYOvgiTnhR+ic881U+L4DkHt+HRHv8ZFcuuUa5z/ - IVSoAR/yIUcQZeimp2l/SZoYk50pfzFNksAfnye6OS0PFhwNT/MX1+3u3ytm34Yj - fcXG/c1uKwfIR9GA/VseRDah0k+8fhsgECGeqtEJwUOqAzAmVWfyaCy6Ud/whAQP - qtl9aTECgYEA3/QJQO9MhlKCpxyOuTm/vAb/Tx0hO6Erd+jWwv8P2GMpM1n4kZd8 - O5/PPzPQKDlHu2gqNqwfqL77+RWw8xHQ25mUtfLVCiIPF4SVsNLD66E9KzU4yYpS - p40QckRHdaOO5gJmubkWV3UQczq2rPZyPs/Msy0r/8ilq4smMIjYpW8CgYEA1gBo - H2v14v7x4LhgpdJrMOg4gc80qJyFpxYxw2T/CdmyjVhsVCDGF/0d3j4Lo/SJB2y6 - YolJb6T3orCUnxOE8CHUktgHB7Auheh1Ls4xyA/HKExRvO8kh/YkBn+z3bIki0QB - w29yRx3d8hBu9hJT52f9veXN6wqzrp68H0Iw730CgYEA3nB/eHW25nuxtdZRlHxd - ip7Qm33tclLE4BbuqUO6M01asNyeXc2+4WH78WS/ThSGwQfXVfJkh7EaiO8YkHWT - o2rKIGaPX78wikVwgO73FmVSYkY8n0G6kx0zxqs25wuLdb3Q1ouWO0vVCP66TtWB - 6A1x3k3xs99RXi+ZwP9LYBUCgYAej3pPGmzH2N6T1+C9bXovRspjB0Me3RNdFBdR - LwgY0QTlmH4H2ZJQdK4iQbwJ0u8Kp2VKkw5wqh9PFWZz/Sab4EjqG32NhIRwTQ0G - /R0w08f+Ij/9+iy+WdE1OGFoRHthg/m4fh7Utxgt7FjcPSvMPRaIWtv4N9QHGNYG - pL42RQKBgCRDE6abLoeUN38GIfQ09YeWoaRgQ0WYzeNwzu1Yl2VwLifWjrbukKZX - p+3B/M7FaeXhjJ3qSVDXBXqI94B7NLjH32CxKsuil2ry7p+lLzdBDquUtMoL17lg - xpAA8tqK3W+E8gj01vKhbcGP28373jREU016/HCbEHRsNxW/BGDj - -----END RSA PRIVATE KEY----- - kafka: - brokers: - - redpanda.default.svc.cluster.local:9092 - services: - auth: - postgres: - host: postgres-postgresql.default.svc.cluster.local - port: 5432 - username: formance - password: formance - staticClients: - - id: foo - public: true - secrets: - - bar - ledger: - postgres: - host: postgres-postgresql.default.svc.cluster.local - port: 5432 - username: formance - password: formance - disableSSLMode: true - locking: - strategy: redis - redis: - uri: redis://redis-headless.default.svc.cluster.local:6379 - payments: - postgres: - host: postgres-postgresql.default.svc.cluster.local - port: 5432 - username: formance - password: formance - disableSSLMode: true - orchestration: - postgres: - host: postgres-postgresql.default.svc.cluster.local - port: 5432 - username: formance - password: formance - disableSSLMode: true - search: - elasticSearch: - host: zinc.default.svc.cluster.local - port: 4080 - scheme: http - pathPrefix: /api - useZinc: true - basicAuth: - username: admin - password: "Complexpass#123" - webhooks: - postgres: - host: postgres-postgresql.default.svc.cluster.local - port: 5432 - username: formance - password: formance - disableSSLMode: true - counterparties: - postgres: - host: postgres-postgresql.default.svc.cluster.local - port: 5432 - username: formance - password: formance - disableSSLMode: true ---- -apiVersion: stack.formance.com/v1beta2 -kind: Versions -metadata: - name: default -spec: - control: 59e871d64514ec01c84ea18b34cf0788d17d7f63 - search: eb3c033d6f5b9c16188f31785051856c75a6e446 - orchestration: 6d3e981b6d05224caca139f3920373a8cee0ba3c - ledger: 29e4e9d7af4779437a9e1e81b1dbae4fd65bf52a - payments: 29e4e9d7af4779437a9e1e81b1dbae4fd65bf52a - webhooks: 29e4e9d7af4779437a9e1e81b1dbae4fd65bf52a ---- -apiVersion: stack.formance.com/v1beta2 -kind: Stack -metadata: - name: stack1 -spec: - debug: true - dev: true - scheme: http - host: host.k3d.internal - seed: stacks - auth: - delegatedOIDCServer: - issuer: http://host.k3d.internal/api/dex - clientID: dexclient - clientSecret: dexclient - staticClients: - - id: foo2 - secrets: - - bar2 diff --git a/components/operator/garden/example-v1beta3.yaml b/components/operator/garden/example-v1beta3.yaml deleted file mode 100644 index b9e033bdf4..0000000000 --- a/components/operator/garden/example-v1beta3.yaml +++ /dev/null @@ -1,163 +0,0 @@ ---- -apiVersion: stack.formance.com/v1beta3 -kind: Configuration -metadata: - name: stacks -spec: - monitoring: - traces: - otlp: - endpoint: otel-collector-opentelemetry-collector.default.svc.cluster.local - insecure: true - mode: grpc - port: 4317 - resourceAttributes: "foo=bar" - temporal: - address: "local-operator.sihc8.tmprl.cloud:7233" - namespace: "local-operator.sihc8" - tls: - crt: | - -----BEGIN CERTIFICATE----- - MIIDvDCCAqSgAwIBAgIUTQMMmzxFv5yUcH6H3l3AI+o01CswDQYJKoZIhvcNAQEL - BQAwFzEVMBMGA1UEAxMMZm9ybWFuY2UuY29tMB4XDTIzMDEyMDEwMTExNVoXDTMz - MDExNzA5MTE0NVowGTEXMBUGA1UEAwwOKi5mb3JtYW5jZS5jb20wggEiMA0GCSqG - SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7NlrS6MuTXIEdUIs4FKaQY3krG4w7KKpr - /ztQXYJ/4kyit+xnP6uuIiEs5qwfWJnS3V5a5ZGHF6x2GdZAKRMlHt3xxL7K39xu - sY06kwCcNP7eNDKdz4fbaRQ109vM6ANY6h1VgZ7A/e49swV5gpJ+YfPqRykood6H - afGSL0jLzFqTujjbNV6ZwIRD7ZMIa/NOYlb6oxlfZZXtMKwPY7An5fpDyEVJCRrP - G2dShu0WHZlctzCjR3WFNfNPIN44yaPdF9q/WweWwcei8pcoz+d5m9sjUeviIhfb - dXODDWbwJu1i1COOGz0suWchPQJCYGc9xOigCDWrH5A2BSu3C2gzAgMBAAGjgf0w - gfowDgYDVR0PAQH/BAQDAgOoMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD - AjAdBgNVHQ4EFgQU564vj1K2ZEtgkcLtl5JurExg6AcwHwYDVR0jBBgwFoAU9JfZ - psQJOHGZ+vYuZzZLPQRLYmwwOwYIKwYBBQUHAQEELzAtMCsGCCsGAQUFBzAChh9o - dHRwOi8vMTI3LjAuMC4xOjgyMDAvdjEvcGtpL2NhMBkGA1UdEQQSMBCCDiouZm9y - bWFuY2UuY29tMDEGA1UdHwQqMCgwJqAkoCKGIGh0dHA6Ly8xMjcuMC4wLjE6ODIw - MC92MS9wa2kvY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQAW9ispaeU9UnoTUihFf+cx - RzNQ+JbxGoAihvri25YbxnXifjd/v9D9GnP50dkhfPcBQZnFtspsg9gAMla/Hhl8 - 3g4liINIIMYy1wHak9K22a3+k5yKspbFovtvsOoac5jt0fIl+2MiBY3G1V7lKiZL - LQiOlDdmBlzkldGD3ubunuh1NTMUbnBF8JTKquSqZv1i7Js6UbelJg89g9gh4N+R - gK3El3m5jc2sLFQbuWiDx8gZtNWAd5wihs9ban87Dc9YOZ6695Dd/woifhMRuIWG - YIezLQgPPPiyvTcTARipcA68eVu5GpFG8L3BKR9Mz5TThasRnsFwfa/ylbZkSWun - -----END CERTIFICATE----- - key: | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEAuzZa0ujLk1yBHVCLOBSmkGN5KxuMOyiqa/87UF2Cf+JMorfs - Zz+rriIhLOasH1iZ0t1eWuWRhxesdhnWQCkTJR7d8cS+yt/cbrGNOpMAnDT+3jQy - nc+H22kUNdPbzOgDWOodVYGewP3uPbMFeYKSfmHz6kcpKKHeh2nxki9Iy8xak7o4 - 2zVemcCEQ+2TCGvzTmJW+qMZX2WV7TCsD2OwJ+X6Q8hFSQkazxtnUobtFh2ZXLcw - o0d1hTXzTyDeOMmj3Rfav1sHlsHHovKXKM/neZvbI1Hr4iIX23Vzgw1m8CbtYtQj - jhs9LLlnIT0CQmBnPcTooAg1qx+QNgUrtwtoMwIDAQABAoIBADEmhhXVVI0tviAq - I0Ln+Qrzcr5kjx6BAK015yakRjy49xHJY+F/j905zKfzL8FTC5+WyszmdJyZFIg1 - JFDX99TJE9ADrWup9j+BkeiM654XM8q2vYs9DxgFsG6pXo2fZDGV1Xm7fCiDAmdk - ds1+AGP554XchOvMA5ZdtDSDAYOvgiTnhR+ic881U+L4DkHt+HRHv8ZFcuuUa5z/ - IVSoAR/yIUcQZeimp2l/SZoYk50pfzFNksAfnye6OS0PFhwNT/MX1+3u3ytm34Yj - fcXG/c1uKwfIR9GA/VseRDah0k+8fhsgECGeqtEJwUOqAzAmVWfyaCy6Ud/whAQP - qtl9aTECgYEA3/QJQO9MhlKCpxyOuTm/vAb/Tx0hO6Erd+jWwv8P2GMpM1n4kZd8 - O5/PPzPQKDlHu2gqNqwfqL77+RWw8xHQ25mUtfLVCiIPF4SVsNLD66E9KzU4yYpS - p40QckRHdaOO5gJmubkWV3UQczq2rPZyPs/Msy0r/8ilq4smMIjYpW8CgYEA1gBo - H2v14v7x4LhgpdJrMOg4gc80qJyFpxYxw2T/CdmyjVhsVCDGF/0d3j4Lo/SJB2y6 - YolJb6T3orCUnxOE8CHUktgHB7Auheh1Ls4xyA/HKExRvO8kh/YkBn+z3bIki0QB - w29yRx3d8hBu9hJT52f9veXN6wqzrp68H0Iw730CgYEA3nB/eHW25nuxtdZRlHxd - ip7Qm33tclLE4BbuqUO6M01asNyeXc2+4WH78WS/ThSGwQfXVfJkh7EaiO8YkHWT - o2rKIGaPX78wikVwgO73FmVSYkY8n0G6kx0zxqs25wuLdb3Q1ouWO0vVCP66TtWB - 6A1x3k3xs99RXi+ZwP9LYBUCgYAej3pPGmzH2N6T1+C9bXovRspjB0Me3RNdFBdR - LwgY0QTlmH4H2ZJQdK4iQbwJ0u8Kp2VKkw5wqh9PFWZz/Sab4EjqG32NhIRwTQ0G - /R0w08f+Ij/9+iy+WdE1OGFoRHthg/m4fh7Utxgt7FjcPSvMPRaIWtv4N9QHGNYG - pL42RQKBgCRDE6abLoeUN38GIfQ09YeWoaRgQ0WYzeNwzu1Yl2VwLifWjrbukKZX - p+3B/M7FaeXhjJ3qSVDXBXqI94B7NLjH32CxKsuil2ry7p+lLzdBDquUtMoL17lg - xpAA8tqK3W+E8gj01vKhbcGP28373jREU016/HCbEHRsNxW/BGDj - -----END RSA PRIVATE KEY----- - broker: - nats: - url: nats.default.svc.cluster.local:4222 - services: - auth: - postgres: - host: host.k3d.internal - port: 30000 - username: formance - password: formance - staticClients: - - id: foo - public: true - secrets: - - bar - ledger: - postgres: - host: host.k3d.internal - port: 30000 - username: formance - password: formance - disableSSLMode: true - payments: - postgres: - host: host.k3d.internal - port: 30000 - username: formance - password: formance - disableSSLMode: true - encryptionKey: ClaptonIsGod - orchestration: - postgres: - host: host.k3d.internal - port: 30000 - username: formance - password: formance - disableSSLMode: true - search: - elasticSearch: - host: elasticsearch-master.default.svc.cluster.local - port: 9200 - scheme: http - basicAuth: - username: admin - password: "Complexpass#123" - webhooks: - postgres: - host: host.k3d.internal - port: 30000 - username: formance - password: formance - disableSSLMode: true ---- -apiVersion: stack.formance.com/v1beta3 -kind: Versions -metadata: - name: default -spec: - auth: v0.4.4 - control: v1.7.0 - gateway: v0.1.7 - ledger: v1.10.9 - orchestration: v0.1.6 - payments: v1.0.0-alpha.3 - search: v0.7.0 - wallets: v0.4.6 - webhooks: v0.7.1 - stargate: v0.1.10 ---- -apiVersion: stack.formance.com/v1beta3 -kind: Stack -metadata: - name: stack1 -spec: - debug: true - dev: true - scheme: http - host: host.k3d.internal - seed: stacks - versions: default - services: - ledger: - disabled: true - orchestration: - disabled: true - auth: - delegatedOIDCServer: - issuer: http://host.k3d.internal/api/dex - clientID: dexclient - clientSecret: dexclient - staticClients: - - id: foo2 - secrets: - - bar2 diff --git a/components/operator/garden/garden.Dockerfile b/components/operator/garden/garden.Dockerfile deleted file mode 100644 index c745ed7d02..0000000000 --- a/components/operator/garden/garden.Dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -# Build the manager binary -FROM golang:1.19-alpine as builder -WORKDIR /workspace -ENV CGO_ENABLED=0 -ENV GOOS=linux -COPY go.mod . -COPY go.sum . -RUN go mod download -RUN go install -v -installsuffix cgo -a std -COPY . . -RUN go mod vendor -RUN go build -v -a -o manager main.go - -FROM golang:1.19-alpine as reloader -RUN go install github.com/cosmtrek/air@latest - -# Use distroless as minimal base image to package the manager binary -# Refer to https://github.com/GoogleContainerTools/distroless for more details -FROM gcr.io/distroless/static:nonroot as release -LABEL org.opencontainers.image.source=https://github.com/formancehq/operator -WORKDIR / -COPY --from=builder /workspace/manager /usr/bin/operator -USER 65532:65532 -ENTRYPOINT ["/usr/bin/operator"] diff --git a/components/operator/garden/jaeger/garden.yaml b/components/operator/garden/jaeger/garden.yaml deleted file mode 100644 index c679c2e506..0000000000 --- a/components/operator/garden/jaeger/garden.yaml +++ /dev/null @@ -1,75 +0,0 @@ ---- -apiVersion: garden.io/v0 -kind: Deploy -description: Jaeger -type: kubernetes -name: jaeger -timeout: 3600 -spec: - namespace: default - manifests: - - - apiVersion: apps/v1 - kind: Deployment - metadata: - name: jaeger - labels: - app: jaeger - spec: - replicas: 1 - selector: - matchLabels: - app: jaeger - template: - metadata: - labels: - app: jaeger - spec: - containers: - - name: jaeger - image: jaegertracing/all-in-one:1.29 - command: - - /go/bin/all-in-one-linux - - --query.base-path=/jaeger - ports: - - containerPort: 16686 - - containerPort: 14250 - - containerPort: 14268 - - - apiVersion: v1 - kind: Service - metadata: - name: jaeger - spec: - selector: - app: jaeger - ports: - - name: http - protocol: TCP - port: 16686 - targetPort: 16686 - - name: collector - protocol: TCP - port: 14250 - targetPort: 14250 - - name: collector-thrift - protocol: TCP - port: 14268 - targetPort: 14268 - - - apiVersion: networking.k8s.io/v1 - kind: Ingress - metadata: - name: jaeger - spec: - rules: - - host: host.k3d.internal - http: - paths: - - path: /jaeger - pathType: Prefix - backend: - service: - name: jaeger - port: - number: 16686 diff --git a/components/operator/garden/k3d.yaml b/components/operator/garden/k3d.yaml deleted file mode 100644 index 2e9cbfa06d..0000000000 --- a/components/operator/garden/k3d.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: k3d.io/v1alpha5 -kind: Simple -metadata: - name: formance -servers: 1 -ports: -- port: 80:30080 - nodeFilters: - - loadbalancer -- port: 443:30443 - nodeFilters: - - loadbalancer -- port: 9090:30090 - nodeFilters: - - loadbalancer -- port: 30000:30000 -registries: - create: - name: "k3d-registry.host.k3d.internal" - hostPort: "12345" - - diff --git a/components/operator/garden/minio/garden.yaml b/components/operator/garden/minio/garden.yaml deleted file mode 100644 index c67ca7b330..0000000000 --- a/components/operator/garden/minio/garden.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -apiVersion: garden.io/v0 -kind: Deploy -description: Minio -type: helm -name: minio -timeout: 3600 -spec: - namespace: default - chart: - repo: https://charts.bitnami.com/bitnami - name: minio - values: - defaultBuckets: backups - auth: - rootUser: formance - rootPassword: formance diff --git a/components/operator/garden/nats/garden.yaml b/components/operator/garden/nats/garden.yaml deleted file mode 100644 index c2c3595b85..0000000000 --- a/components/operator/garden/nats/garden.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -apiVersion: garden.io/v0 -kind: Deploy -description: Nats -type: helm -name: nats -timeout: 3600 -spec: - namespace: default - chart: - repo: https://nats-io.github.io/k8s/helm/charts/ - name: nats - values: - config: - jetstream: - enabled: true - memoryStore: - enabled: true diff --git a/components/operator/garden/otel-collector/garden.yaml b/components/operator/garden/otel-collector/garden.yaml deleted file mode 100644 index fbd0ae00ad..0000000000 --- a/components/operator/garden/otel-collector/garden.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- -apiVersion: garden.io/v0 -kind: Deploy -description: OTEL collector -# Use exec as the chart as a values.schema.yaml and garden inject a .garden keyn inside values -type: exec -name: otel-collector -spec: - deployCommand: - - sh - - -c - - > - helm repo add open-telemetry https://open-telemetry.github.io/opentelemetry-helm-charts && - helm upgrade --install --create-namespace otel-collector open-telemetry/opentelemetry-collector --version 0.67.0 - --set mode=deployment - --set config.exporters.jaeger.endpoint=jaeger:14250 - --set config.service.pipelines.traces.exporters[0]=jaeger - --set config.exporters.jaeger.tls.insecure=true - cleanupCommand: - - sh - - -c - - > - helm uninstall --namespace formance-system otel-collector diff --git a/components/operator/garden/postgres/garden.yaml b/components/operator/garden/postgres/garden.yaml deleted file mode 100644 index 58e2ef5f45..0000000000 --- a/components/operator/garden/postgres/garden.yaml +++ /dev/null @@ -1,27 +0,0 @@ ---- -apiVersion: garden.io/v0 -kind: Deploy -description: Postgres -type: helm -name: postgres -timeout: 3600 -spec: - namespace: default - chart: - repo: https://charts.bitnami.com/bitnami - name: postgresql - version: 12.1.2 - values: - architecture: standalone - primary: - service: - type: NodePort - nodePorts: - postgresql: 30000 - global: - postgresql: - auth: - postgresPassword: formance - username: formance - password: formance - database: formance diff --git a/components/operator/garden/reloader/garden.yaml b/components/operator/garden/reloader/garden.yaml deleted file mode 100644 index 8345dee799..0000000000 --- a/components/operator/garden/reloader/garden.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -apiVersion: garden.io/v0 -kind: Deploy -description: Reloader -type: helm -name: reloader -timeout: 3600 -spec: - namespace: default - chart: - name: reloader - repo: https://stakater.github.io/stakater-charts diff --git a/components/operator/garden/traefik/garden.yaml b/components/operator/garden/traefik/garden.yaml deleted file mode 100644 index 5431a33f96..0000000000 --- a/components/operator/garden/traefik/garden.yaml +++ /dev/null @@ -1,37 +0,0 @@ ---- -apiVersion: garden.io/v0 -kind: Deploy -description: Traefik -type: helm -name: traefik -timeout: 3600 -spec: - namespace: default - chart: - repo: https://helm.traefik.io/traefik - name: traefik - version: "20.4.1" - values: - service: - type: NodePort - ports: - web: - nodePort: 30080 - websecure: - nodePort: 30443 - traefik: - nodePort: 30090 - expose: true - ingressClass: - enabled: true - tracing: - jaeger: - samplingServerURL: http://jaeger:5778/sampling - samplingType: const - samplingParam: 1.0 - localAgentHostPort: 127.0.0.1:6831 - propagation: b3 - traceContextHeaderName: uber-trace-id - disableAttemptReconnecting: true - collector: - endpoint: "http://jaeger:14268/api/traces" diff --git a/components/operator/project.garden.yaml b/components/operator/project.garden.yaml deleted file mode 100644 index 513c849423..0000000000 --- a/components/operator/project.garden.yaml +++ /dev/null @@ -1,28 +0,0 @@ ---- -apiVersion: garden.io/v1 -kind: Project -name: operator - -variables: - cluster-name: formance - -environments: - - name: default - -providers: - - name: kubernetes - environments: ["default"] - setupIngressController: false - context: k3d-formance - buildMode: kaniko - kaniko: - extraFlags: # TODO: Make optional registries flag - - --registry-mirror=registry-docker-io:5000 - - --insecure-registry=registry-docker-io:5000 - - --force - - --snapshotMode=redo - - --use-new-run - deploymentRegistry: # This need to point to the registry created by k3d - hostname: k3d-registry.host.k3d.internal - insecure: true - port: 5000 diff --git a/components/operator/workflows.garden.yaml b/components/operator/workflows.garden.yaml deleted file mode 100644 index 8b3b6bbbda..0000000000 --- a/components/operator/workflows.garden.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -kind: Workflow -name: create-cluster -steps: -- command: - - create-cluster -- command: - - plugins - - kubernetes - - cluster-init ---- -kind: Workflow -name: deploy -steps: -- script: | - make generate - make manifests -- command: - - deploy ---- -kind: Workflow -name: update -steps: -- script: | - make generate - make manifests -- command: - - deploy - - operator - - --nodeps