diff --git a/kubernetes/README.md b/kubernetes/README.md index b3dfcf9d..bc6894ca 100644 --- a/kubernetes/README.md +++ b/kubernetes/README.md @@ -1,64 +1,64 @@ -# Running GrimoireLab with Kubernetes - -In this folder are configuration manifests for deploying GrimoireLab using [Kubernetes](https://kubernetes.io). You will need a functional Kubernetes cluster, and you should be able to deploy both versions on k8s, kind, or minikube. There are certainly other options out there as well. - -# Requirements - -* [Git](https://git-scm.com/) client -* Kubernetes 1.17+ (managed or local, including kind, minikube, or k3s) -* [kubectl client](https://kubernetes.io/docs/tasks/tools/install-kubectl/) and admin credentials to aforementioned Kubernetes cluster - -# Getting Started - -1. Clone this project: -```console -git clone https://github.com/chaoss/grimoirelab -``` - -2. Since it's impossible to reference external files from within yaml, the configuration templates provided in [`default-grimoirelab-settings`](../default-grimoirelab-settings) are copied to various config/secret maps. - -* [`30-hatstall-config.yml`] - Contains [`apache-hatstall.conf`](../default-grimoirelab-settings/apache-hatstall.conf) -* [`31-hatstall-secret.yml`] - Contains [`shdb.cfg`](../default-grimoirelab-settings/shdb.cfg) -* [`50-mordred-config.yml`] - Contains [`projects.json`](../default-grimoirelab-settings/projects.json) and [`identities.yml`](../default-grimoirelab-settings/identities.yml) -* [`51-mordred-config-aliases.yml`] - Contains [`aliases.json`](../default-grimoirelab-settings/aliases.json) -* [`52-mordred-config-identities.yml`] - Contains [`identities.yml`](../default-grimoirelab-settings/identities.yml) -* [`53-mordred-secret.yml`] - Contains [`setup.cfg`](../default-grimoirelab-settings/setup.cfg) - -The two files you'll likely want to modify at first are `50-mordred-config.yml`, which includes the relevant project locations in `projects.json` in addition to `53-mordred-secret.yml`, which contains all the configuration settings for collecting the data for your projects. This includes api keys, passwords, and other important artifacts. - -See [below](#more-information) more information about these files format. - -3. Launch the project and use `port-forward` as shown in this example to access the dashboard. - -```console -cd grimoirelab/kubernetes/secure -kubectl apply -f . -kubectl port-forward service/kibiter 5601 -n grimoire -``` - -Launch your browser and navigate to `http://localhost:5601`, and login with the user name `admin` and password `admin`. - -To manage the contributors identities, you may port-forward the [Hatstall](https://github.com/chaoss/grimoirelab-hatstall) application as well. - -```console -kubectl port-forward service/hatstall 8000:80 -n grimoire -``` - -Once forwarded, access your browser at `http://localhost:8000`, and login using the user name `admin`, and password `admin` - ---- - -## Using an insecure environment - -Follow the same steps as above, but use the manifests in the `insecure` folder. - - -# More information - -* [The `projects.json` file format](https://github.com/chaoss/grimoirelab-sirmordred#projectsjson) -* [The `setup.cfg` file format](https://github.com/chaoss/grimoirelab-sirmordred#setupcfg) -* Getting API tokens for different services: - * [GitHub](https://help.github.com/en/articles/creating-a-personal-access-token-for-the-command-line) - * [GitLab](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html) - * [Meetup](https://secure.meetup.com/es-ES/meetup_api/oauth_consumers/) - * [Slack](https://get.slack.help/hc/en-us/articles/215770388-Create-and-regenerate-API-tokens) \ No newline at end of file +# Running GrimoireLab with Kubernetes + +In this folder are configuration manifests for deploying GrimoireLab using [Kubernetes](https://kubernetes.io). You will need a functional Kubernetes cluster, and you should be able to deploy both versions on k8s, kind, or minikube. There are certainly other options out there as well. + +# Requirements + +* [Git](https://git-scm.com/) client +* Kubernetes 1.17+ (managed or local, including kind, minikube, or k3s) +* [kubectl client](https://kubernetes.io/docs/tasks/tools/install-kubectl/) and admin credentials to aforementioned Kubernetes cluster + +# Getting Started + +1. Clone this project: +```console +git clone https://github.com/chaoss/grimoirelab +``` + +2. Since it's impossible to reference external files from within yaml, the configuration templates provided in [`default-grimoirelab-settings`](../default-grimoirelab-settings) are copied to various config/secret maps. + +* [`30-hatstall-config.yml`] - Contains [`apache-hatstall.conf`](../default-grimoirelab-settings/apache-hatstall.conf) +* [`31-hatstall-secret.yml`] - Contains [`shdb.cfg`](../default-grimoirelab-settings/shdb.cfg) +* [`50-mordred-config.yml`] - Contains [`projects.json`](../default-grimoirelab-settings/projects.json) and [`identities.yml`](../default-grimoirelab-settings/identities.yml) +* [`51-mordred-config-aliases.yml`] - Contains [`aliases.json`](../default-grimoirelab-settings/aliases.json) +* [`52-mordred-config-identities.yml`] - Contains [`identities.yml`](../default-grimoirelab-settings/identities.yml) +* [`53-mordred-secret.yml`] - Contains [`setup.cfg`](../default-grimoirelab-settings/setup.cfg) + +The two files you'll likely want to modify at first are `50-mordred-config.yml`, which includes the relevant project locations in `projects.json` in addition to `53-mordred-secret.yml`, which contains all the configuration settings for collecting the data for your projects. This includes api keys, passwords, and other important artifacts. + +See [below](#more-information) more information about these files format. + +3. Launch the project and use `port-forward` as shown in this example to access the dashboard. + +```console +cd grimoirelab/kubernetes/secure +kubectl apply -f . +kubectl port-forward service/kibiter 5601 -n grimoire +``` + +Launch your browser and navigate to `http://localhost:5601`, and login with the user name `admin` and password `admin`. + +To manage the contributors identities, you may port-forward the [Hatstall](https://github.com/chaoss/grimoirelab-hatstall) application as well. + +```console +kubectl port-forward service/hatstall 8000:80 -n grimoire +``` + +Once forwarded, access your browser at `http://localhost:8000`, and login using the user name `admin`, and password `admin` + +--- + +## Using an insecure environment + +Follow the same steps as above, but use the manifests in the `insecure` folder. + + +# More information + +* [The `projects.json` file format](https://github.com/chaoss/grimoirelab-sirmordred#projectsjson) +* [The `setup.cfg` file format](https://github.com/chaoss/grimoirelab-sirmordred#setupcfg) +* Getting API tokens for different services: + * [GitHub](https://help.github.com/en/articles/creating-a-personal-access-token-for-the-command-line) + * [GitLab](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html) + * [Meetup](https://secure.meetup.com/es-ES/meetup_api/oauth_consumers/) + * [Slack](https://get.slack.help/hc/en-us/articles/215770388-Create-and-regenerate-API-tokens) diff --git a/kubernetes/helm-chart/Chart.yaml b/kubernetes/helm-chart/Chart.yaml new file mode 100644 index 00000000..a0b7b8c8 --- /dev/null +++ b/kubernetes/helm-chart/Chart.yaml @@ -0,0 +1,43 @@ +apiVersion: v2 +name: grimoirelab +type: application +description: Nested Chart collection for all grimorelab services. +home: https://github.com/chaoss/grimoirelab +icon: https://www.gravatar.com/avatar/4154acefea56ed23bddaaa47a4850400 +maintainers: +- name: Arie + url: https://github.com/Eroyi +version: 1.7.0 #Based on the "Github Release" version (which is the docker image tag referring from), not the actual application version. +appVersion: 1.0 +dependencies: +- name: mordred + repository: file://charts/mordred + version: 1.7.0 +- name: nginx + repository: file://charts/nginx + versio: 1.27.2 +- name: sortinghat + repository: file://charts/sortinghat + version: 1.7.0 +- name: sortinghat-worker + repository: file://charts/sortinghat-worker + version: 1.7.0 + alias: sortinghatWorker +# External Dependencies +- name: opensearch-dashboard + version: 2.11.1 + repository: file://charts/opensearch-dashboard + alias: opensearchDashboard + condition: opensearchDashboard.install +- name: opensearch-node + repository: file://charts/opensearch-node + version: 2.11.1 + alias: opensearchNode + condition: opensearchNode.install +# - name: mariadb +# version: 19.1.0 +# condition: mariadb.install +# - name: redis +# version: 20.2.1 +# condition: redis.install + diff --git a/kubernetes/helm-chart/NOTES.txt b/kubernetes/helm-chart/NOTES.txt new file mode 100644 index 00000000..05bd1ffe --- /dev/null +++ b/kubernetes/helm-chart/NOTES.txt @@ -0,0 +1,13 @@ +Thank you for installing {{ .Chart.Name }}. + +To visualise data, you need to import dashboards into opensearch-dashboard. + + 1. Visit https://github.com/chaoss/grimoirelab-sigils/tree/master/panels/json/opensearch_dashboards + 2. Download the dashboard you are interested + 3. Open opensearch-dashboard console in your browser, login. + 4. [If its the first install] Click "Explore on my own". + 5. Click "Menu" on the top left corner, then go to "Management" - "Dashboard Management" + 6. [If its the first install] Click "Index patterns" on the left to create the index patterns. + 7. Click "Saved objects" on the left to import "ndjson" dashboard file you downloaded. + 8. Drag or browser the dashboard file, select, then click "Import" - "Done" to import the dashboard. + diff --git a/kubernetes/helm-chart/README.md b/kubernetes/helm-chart/README.md new file mode 100644 index 00000000..210de4ff --- /dev/null +++ b/kubernetes/helm-chart/README.md @@ -0,0 +1,199 @@ +# Introduction +This chart launches a grimoirelab deployment on a Kubernetes cluster using the helm package manager. + + +# Prerequisites Component +- Mariadb +- Redis +- Opensearch **(!)** +- Opensearch Dashboard **(!)** + + +**(!)**: A component with this mark means this chart is already integrated with that component. + +You can deploy and configure the **(!)** component within this chart via `Values.yaml`. + +If you like to bring your own components, you can disable the installation of the built-in chart, with `install: false` option *(see detail below)*. + + + +# Installing the Chart + +To install the chart with the release name `grimoirelab`: +```console +helm install grimoirelab /path/to/chart --values /path/to/chart/values.yaml -n grimoirelab +``` +`-n`: The namespace you would like to put this release in. + +After installation, visit grimoirelab (opensearch-dashboard) homepage with: +`http://`opensearch_dashboard_ip`:5601` + +To visualise data, you need to import dashboards into opensearch-dashboard. + + 1. Visit https://github.com/chaoss/grimoirelab-sigils/tree/master/panels/json/opensearch_dashboards + 2. Download the dashboard you are interested + 3. Open opensearch-dashboard console in your browser, login. + 4. [If its the first install] Click "Explore on my own". + 5. Click "Menu" on the top left corner, then go to "Management" - "Dashboard Management" + 6. [If its the first install] Click "Index patterns" on the left to create the index patterns. + 7. Click "Saved objects" on the left to import "ndjson" dashboard file you downloaded. + 8. Drag or browser the dashboard file, select, then click "Import" - "Done" to import the dashboard. + + +# Configure the chart + +Tips: Use `Ctrl+F / Command+F` search the keywords in `Values.yaml` for quick navigation. + + + + +## Global + +Global values are meant to override the specific values across all sub-charts. +| Name | Description | Type | Default value | +| ---- | ----------- | ---- | ------------- | +| `topologyConfig` | The topology configuration for this chart, affect all components | map | {} | +| `imagePullSecrets` | Only required when you are pulling image from private registry | list | [] | +| `appName` | Name of this chart | string | "" | +| `credentials.database.username` | Plaintext. Username for database connection | string | "root" | +| `credentials.database.password` | Plaintext. Password for the database connection | string | "mar1adb4Gr1m0ir3Lab" | +| `credentials.opensearchNode.password` | Plaintext. Password for the opensearch connection | string | "admin" | +| `credentials.redis.password` | Plaintext. Password for the redis connection | string | "grimoirelab" | + + +## Component + +### Grimoirelab components + +> 1. Components' names will be omitted. +> 2. Resource value has been set to a minimum running quota. +> 3. You can disable these components: `opensearch-node`, `opensearch-dashboard`, `mariadb`, `redis`. + +| Name | Description | Type | Default value | +| ---- | ----------- | ---- | ------------- | +| `install` | Installation toggle for this component. | boolean | true / false | +| `appConfig.replicas` | Replica count for this deployment | int | 1 | +| `appConfig.image` | Image for this deployment | string | --- | +| `appConfig.labels` | Labels for this deployment | map | {} | +| `appConfig.annotations` | Annotations for this deployment | map | {} | +| `appConfig.resources` | Resources quota for this deployment | map | --- | + + + + +## Dependencies + +### Storage + +| Name | Description | Type | Default value | +| ---- | ----------- | ---- | ------------- | +| `enabled` | Enable or disable persistent storage. | boolean | true / false | +| `volumes.name` | Name of this volumes when referencing in yaml | string | --- | +| `volumes.mountPath` | Path of this volumes to be mount into container | string | --- | +| `volumes.type` | Type of this volumes. `pvc`, `configmap` or `emptyDir` | string | --- | +| `volumes.storageClass` | The storage class that will be used when creating PVC | string | gp3 | +| `volumes.size` | Size of this volume | string | --- | +| `volumes.subPath` | Declare the `subPath` while mounting in `configmap` type | string | --- | + + + `volumes` have 3 types of schemas, here are the example: + +#### 1. Persistent Volume +```yaml +- name: "volume-name" + mountPath: "/path/to/mount/in/container" + type: pvc + storageClass: your-storageClass + size: 1Gi +``` +This will result: +- A Persistence Volume Claim + - With 1 Gigabyte storage + - with the storageClass you assigned +- Mounted as Volumes with the name "volume-name" + - in /path/to/mount/in/container + + + +```yaml +- name: "volume-name" + mountPath: "/path/to/mount/in/container" + type: pvc +``` +This will result: +- Mounted as Volumes with the name "volume-name". If these volumes are not created, the mounting attempt will fail. + - in /path/to/mount/in/container +> If you did NOT declare the size, PVC will not be created. If these volumes have not been created, the mounting attempt will fail. + + + +### 2. Configmap as file +```yaml +- name: "config-name" + mountPath: "/path/to/file/in/container/file-name.txt" + type: configmap + subPath: "configmap-key-name" +``` + +This will result: +- Mounting file from Configmap with name "config-name". + - in /path/to/mount/in/container +> If the configmap has NOT been created, or the key declared in "subPath" is not found in the configmap, the mounting attempt will fail. + + + +### 3. Empty directory +```yaml +- name: "volume-name" + mountPath: "path/to/mount/in/container" + type: emptyDir +``` + +This will result: +- Mounted as an empty directory with the name "volume-name" + - in /path/to/mount/in/container +> Data in this volume type will be lost when the pod is restarted. + + + + +## Service + +| Name | Description | Type | Default value | +| ---- | ----------- | ---- | ------------- | +| `targetPort` | The port to expose for this deployment | int | --- | +| `schema` | The method when proxy the `targetPort`. `passthrough` will remain the original port, `http` will use 80 and `https` as 443 | string | passthrough | +| `type` | The type of the services for this deployment, default (empty) is `ClusterIP` | string | "" | + +**Attention:** If you would like to change the service port in here, please make sure you have changed them in `templates/_ports.tpl` as well. + + + +## Extra environments + +You can put an extra environments list in here to inject into the container. +```yaml +- name: key + value: "value" +- name: foo + value: "bar" +``` + + +# If you would like to bring your own databases and more... +Here are the strings you need to replace. + +## Database +| Name | Description | Type | Default value | +| ---- | ----------- | ---- | ------------- | +| `SORTINGHAT_DB_HOST` | Database connection address, IP address or URL, without HTTP header | string | "mariadb" | +| `SORTINGHAT_DB_PORT` | Database connection port | string | "3306" | +| `SORTINGHAT_REDIS_HOST` | Redis connection address, IP address or URL, without HTTP header | string | "redis-master" | + +## Opensearch and Dashboard +| Location | Key | Description | Type | Default value | +| -------- | --- | ----------- | ---- | ------------- | +| `templates/_envs.tpl` | `KIBANA_HOST` | Opensearch dashboard url | string | http://opensearch-dashboard: | +| `templates/_envs.tpl` | `OPENSEARCH_HOSTS` | Opensearch node url | string | https://opensearch-node: | +| `charts/mordred/templates/_mordred_config.tpl` | `es_collection.url` | Opensearch node url | string | @opensearch-node | +| `charts/mordred/templates/_mordred_config.tpl` | `es_enrichment.url` | Opensearch node url | string | @opensearch-node | diff --git a/kubernetes/helm-chart/charts/mordred/Chart.yaml b/kubernetes/helm-chart/charts/mordred/Chart.yaml new file mode 100644 index 00000000..d8650cc9 --- /dev/null +++ b/kubernetes/helm-chart/charts/mordred/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v2 +name: mordred +description: Mordred service for GrimoireLab. +home: https://github.com/chaoss/grimoirelab +icon: https://www.gravatar.com/avatar/4154acefea56ed23bddaaa47a4850400 +maintainers: +- name: Arie + url: https://github.com/Eroyi +appVersion: 1.7.0 #Based on the "Github Release" version (which is the docker image tag referring from), not the actual application version. +version: 1.0 + diff --git a/kubernetes/helm-chart/charts/mordred/templates/_helper.tpl b/kubernetes/helm-chart/charts/mordred/templates/_helper.tpl new file mode 100644 index 00000000..6da95b03 --- /dev/null +++ b/kubernetes/helm-chart/charts/mordred/templates/_helper.tpl @@ -0,0 +1,37 @@ +{{/* +Mordred labels +*/}} +{{- define "metadata.mordred.pod.labels" -}} +{{- range $name, $value := .Values.appConfig.labels }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + +{{/* +Mordred annotations +*/}} +{{- define "metadata.mordred.pod.annotations" -}} +{{- range $name, $value := .Values.appConfig.annotations }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + + +{{/* +Mordred Service labels +*/}} +{{- define "metadata.mordred.service.labels" -}} +{{- range $name, $value := .Values.service.labels }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + +{{/* +Mordred Service annotations +*/}} +{{- define "metadata.mordred.service.annotations" -}} +{{- range $name, $value := .Values.service.annotations }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + diff --git a/kubernetes/helm-chart/charts/mordred/templates/_mordred_config.tpl b/kubernetes/helm-chart/charts/mordred/templates/_mordred_config.tpl new file mode 100644 index 00000000..55e64bac --- /dev/null +++ b/kubernetes/helm-chart/charts/mordred/templates/_mordred_config.tpl @@ -0,0 +1,157 @@ +{{/* + Mordred setup config +*/}} +{{- define "config.mordredSetup" -}} +[general] +short_name = GrimoireLab +update = true +min_update_delay = 60 +debug = false +logs_dir = /home/grimoire/logs +bulk_size = 100 +scroll_size = 100 +aliases_file = /home/grimoire/aliases.json + +[projects] +projects_file = /home/grimoire/conf/projects.json + +[es_collection] +url = https://admin:{{ include "cred.opensearchNode.password" . }}@opensearch-node:{{ include "port.opensearchNode" . }} + +[es_enrichment] +url = https://admin:{{ include "cred.opensearchNode.password" . }}@opensearch-node:{{ include "port.opensearchNode" . }} +autorefresh = true + +[sortinghat] +host = nginx +user = root +password = root +port = {{ include "port.nginxListen" . }} +path = /identities/api/ +ssl = false +database = sortinghat_db +autoprofile = [github, git] +matching = [email,name,username] +sleep_for = 100 +unaffiliated_group = Unknown +affiliate = true + +[panels] +kibiter_time_from = +kibiter_default_index = +kibiter_url = +kibiter_version = + +[phases] +collection = true +identities = true +enrichment = true +panels = false + +#[bugzillarest] +#raw_index = bugzillarest_demo_raw +#enriched_index = bugzillarest_demo_enriched +#no-archive = true + +#[confluence] +#no-archive = true +#raw_index = confluence_demo_raw +#enriched_index = confluence_demo_enriched + +#[discourse] +#raw_index = discourse_demo_raw +#enriched_index = discourse_demo_enriched +#no-archive = true + +[git] +raw_index = git_demo_raw +enriched_index = git_demo_enriched +latest-items = true +studies = [enrich_demography:git, enrich_areas_of_code:git, enrich_onion:git] + +#[github] +#api-token = +#enterprise-url = +#raw_index = github_demo_raw +#sleep-for-rate = true +#sleep-time = "300" +#enriched_index = github_demo_enriched + +#[gitlab:issues] +#api-token = +#raw_index = gitlab_issues_demo_raw +#enriched_index = gitlab_issues_demo_enriched +#no-archive = true +#enterprise-url = +#sleep-for-rate = true + +#[gitlab:merge] +#api-token = +#raw_index = gitlab_merges_demo_raw +#enriched_index = gitlab_merges_demo_enriched +#no-archive = true +#enterprise-url = +#category = merge_request +#sleep-for-rate = true + +#[jira] +#raw_index = jira_demo_raw +#enriched_index = jira_demo_enriched +#no-archive = true + +#[pipermail] +#raw_index = pipermail_demo_raw +#enriched_index = pipermail_demo_enriched +#no-verify = true + +#[mediawiki] +#raw_index = mediawiki_demo_raw +#enriched_index = mediawiki_demo_enriched +#no-archive = true + +#[meetup] +#raw_index = meetup_demo_raw +#enriched_index = meetup_demo_enriched +#api-token = +#no-archive = true +#sleep-for-rate = true +#sleep-time = "300" + +#[stackexchange] +#raw_index = stackexchange_demo_raw +#enriched_index = stackexchange_demo_enriched +#api-token = +#no-archive = true + +#[slack] +#raw_index = slack_demo_raw +#enriched_index = slack_demo_enriched +#api-token = +#no-archive = true + +#[supybot] +#raw_index = supybot_demo_raw +#enriched_index = supybot_demo_enriched + +#[twitter] +#raw_index = twitter_demo_raw +#enriched_index = twitter_demo_enriched +#api-token = +#no-archive = true +#sleep-for-rate = true +#sleep-time = 300 + +## studies based on enriched indexes + +[enrich_demography:git] + +[enrich_areas_of_code:git] +in_index = git_demo_raw +out_index = git-aoc_demo_enriched + +[enrich_onion:git] +in_index = git +out_index = git-onion_demo_enriched +contribs_field = hash +{{- end }} + diff --git a/kubernetes/helm-chart/charts/mordred/templates/_mordred_projects.tpl b/kubernetes/helm-chart/charts/mordred/templates/_mordred_projects.tpl new file mode 100644 index 00000000..4d0406e9 --- /dev/null +++ b/kubernetes/helm-chart/charts/mordred/templates/_mordred_projects.tpl @@ -0,0 +1,16 @@ +{{/* + Mordred project config +*/}} +{{- define "config.mordredProject" -}} +{ + "grimoireLab": { + "meta": { + "title": "GrimoireLab" + }, + "git": [ + "https://github.com/chaoss/grimoirelab.git" + ] + } + } +{{- end }} + diff --git a/kubernetes/helm-chart/charts/mordred/templates/deployment.yaml b/kubernetes/helm-chart/charts/mordred/templates/deployment.yaml new file mode 100644 index 00000000..dc31e4b2 --- /dev/null +++ b/kubernetes/helm-chart/charts/mordred/templates/deployment.yaml @@ -0,0 +1,60 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: "{{ .Values.appConfig.name }}" + labels: + app: "{{ .Values.appConfig.name }}" + {{- include "metadata.mordred.pod.labels" . | nindent 4 }} + annotations: + {{- include "metadata.mordred.pod.annotations" . | nindent 4 }} + +spec: + replicas: {{ .Values.appConfig.replicas }} + selector: + matchLabels: + app: "{{ .Values.appConfig.name }}" + template: + metadata: + labels: + app: "{{ .Values.appConfig.name }}" + {{- include "metadata.mordred.pod.labels" . | nindent 8 }} + annotations: + {{- include "metadata.mordred.pod.annotations" . | nindent 8 }} + spec: + {{- with .Values.global.topologyConfig }} + {{- toYaml . | nindent 6 }} + {{- end }} + terminationGracePeriodSeconds: 10 + {{- with .Values.global.imagePullSecrets}} + imagePullSecrets: + {{- toYaml . | nindent 8}} + {{- end}} + containers: + - name: mordred + image: {{ .Values.appConfig.image }} + ports: + - containerPort: {{ .Values.service.targetPort }} + # v ---- Volume mount define ---- + {{- if .Values.dependencies.storage.enabled }} + volumeMounts: + {{- include "template.volumeMount" . | nindent 12 }} + {{- end }} + # ^ ---- Volume mount define ---- + # v ---- Resources define ---- + resources: + {{- include "template.resQuota" . | nindent 12 }} + # ^ ---- Resources define ---- + env: + {{- include "nativeEnv.mordred" . | nindent 12 }} + {{- with .Values.extraEnvs }} + {{- toYaml . | nindent 12 }} + {{- end }} + # v ---- Volumes define ---- + {{- if .Values.dependencies.storage.enabled }} + volumes: + {{- range .Values.dependencies.storage.volumes }} + {{- include "template.volumes" (dict "item" . "root" $ ) | nindent 8 }} + {{- end }} + {{- end }} + # ^ ---- Volumes define ---- + diff --git a/kubernetes/helm-chart/charts/mordred/templates/pvc.yaml b/kubernetes/helm-chart/charts/mordred/templates/pvc.yaml new file mode 100644 index 00000000..a88c8d9d --- /dev/null +++ b/kubernetes/helm-chart/charts/mordred/templates/pvc.yaml @@ -0,0 +1,4 @@ +{{- range .Values.dependencies.storage.volumes }} +{{- include "template.pvc" ( dict "item" . "root" $ ) }} +{{- end }} + diff --git a/kubernetes/helm-chart/charts/mordred/templates/service.yaml b/kubernetes/helm-chart/charts/mordred/templates/service.yaml new file mode 100644 index 00000000..f288452c --- /dev/null +++ b/kubernetes/helm-chart/charts/mordred/templates/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: "{{ .Values.appConfig.name }}" + labels: + app: "{{ .Values.appConfig.name }}" + {{- include "metadata.mordred.service.labels" . | nindent 4 }} + annotations: + {{- include "metadata.mordred.service.annotations" . | nindent 4 }} +spec: + {{- include "template.service" . | nindent 2 }} + diff --git a/kubernetes/helm-chart/charts/mordred/values.yaml b/kubernetes/helm-chart/charts/mordred/values.yaml new file mode 100644 index 00000000..4149033d --- /dev/null +++ b/kubernetes/helm-chart/charts/mordred/values.yaml @@ -0,0 +1,37 @@ +global: + topologyConfig: {} + imagePullSecrets: [] + imageRegistry: "" + appName: "" + +install: true + +appConfig: + name: "mordred" + replicas: 1 + image: docker.io/grimoirelab/grimoirelab:latest + pullPolicy: "IfNotPresent" + labels: {} + annotations: {} + resources: + cpu: + limits: "" + requests: "" + memory: + limits: "" + requests: "" + +dependencies: + storage: + enabled: false + volumes: [] + +service: + labels: {} + annotations: {} + targetPort: 8000 + scheme: "http" + type: "" # Default to "ClusterIP" + +extraEnvs: [] + diff --git a/kubernetes/helm-chart/charts/nginx/Chart.yaml b/kubernetes/helm-chart/charts/nginx/Chart.yaml new file mode 100644 index 00000000..a3bd6ac8 --- /dev/null +++ b/kubernetes/helm-chart/charts/nginx/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v2 +name: nginx +description: Official Nginx build. +home: https://github.com/nginxinc/docker-nginx +icon: https://hub.docker.com/api/media/repos_logo/v1/library%2Fnginx +maintainers: +- name: Arie + url: https://github.com/Eroyi +appVersion: 1.27.2 +version: 1.0 + diff --git a/kubernetes/helm-chart/charts/nginx/templates/_helper.tpl b/kubernetes/helm-chart/charts/nginx/templates/_helper.tpl new file mode 100644 index 00000000..3001022a --- /dev/null +++ b/kubernetes/helm-chart/charts/nginx/templates/_helper.tpl @@ -0,0 +1,37 @@ +{/* +Mordred labels +*/}} +{{- define "metadata.nginx.pod.labels" -}} +{{- range $name, $value := .Values.appConfig.labels }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + +{{/* +Mordred annotations +*/}} +{{- define "metadata.nginx.pod.annotations" -}} +{{- range $name, $value := .Values.appConfig.annotations }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + + +{{/* +Mordred Service labels +*/}} +{{- define "metadata.nginx.service.labels" -}} +{{- range $name, $value := .Values.service.labels }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + +{{/* +Mordred Service annotations +*/}} +{{- define "metadata.nginx.service.annotations" -}} +{{- range $name, $value := .Values.service.annotations }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + diff --git a/kubernetes/helm-chart/charts/nginx/templates/_nginx-config.tpl b/kubernetes/helm-chart/charts/nginx/templates/_nginx-config.tpl new file mode 100644 index 00000000..14a8fbbf --- /dev/null +++ b/kubernetes/helm-chart/charts/nginx/templates/_nginx-config.tpl @@ -0,0 +1,62 @@ +{{/* +uwsgi params config for nginx +*/}} +{{- define "config.uwsgiParams" -}} +uwsgi_param QUERY_STRING $query_string; +uwsgi_param REQUEST_METHOD $request_method; +uwsgi_param CONTENT_TYPE $content_type; +uwsgi_param CONTENT_LENGTH $content_length; +uwsgi_param REQUEST_URI $request_uri; +uwsgi_param PATH_INFO $document_uri; +uwsgi_param DOCUMENT_ROOT $document_root; +uwsgi_param SERVER_PROTOCOL $server_protocol; +uwsgi_param HTTPS $https if_not_empty; +uwsgi_param REMOTE_ADDR $remote_addr; +uwsgi_param REMOTE_PORT $remote_port; +uwsgi_param SERVER_PORT $server_port; +uwsgi_param SERVER_NAME $server_name; +{{- end }} + +{{/* +nginx config +*/}} +{{- define "config.nginxConf" -}} +upstream sortinghat { + server sortinghat:{{ include "port.sortinghat" . }}; +} +server { + include mime.types; + sendfile on; + listen {{ include "port.nginxListen" . }}; + + server_name localhost nginx; + + location / { + proxy_pass ${KIBANA_HOST}; + proxy_redirect ${KIBANA_HOST} /; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + } + + location /identities { + rewrite ^/identities/(.*) /$1 break; + + include /etc/nginx/uwsgi_params; + uwsgi_pass sortinghat; + uwsgi_param Host $host; + uwsgi_param X-Real-IP $remote_addr; + uwsgi_param X-Forwarded-For $proxy_add_x_forwarded_for; + uwsgi_param X-Forwarded-Proto $http_x_forwarded_proto; + } + + location ~ ^/identities/(css|js|fonts)/ { + rewrite ^/identities/(.*) /$1 break; + + root /sortinghat; + } +} +{{- end }} + diff --git a/kubernetes/helm-chart/charts/nginx/templates/deployment.yaml b/kubernetes/helm-chart/charts/nginx/templates/deployment.yaml new file mode 100644 index 00000000..84c8be9e --- /dev/null +++ b/kubernetes/helm-chart/charts/nginx/templates/deployment.yaml @@ -0,0 +1,60 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: "{{ .Values.appConfig.name }}" + labels: + app: "{{ .Values.appConfig.name }}" + {{- include "metadata.nginx.pod.labels" . | nindent 4 }} + annotations: + {{- include "metadata.nginx.pod.annotations" . | nindent 4 }} + +spec: + replicas: {{ .Values.appConfig.replicas }} + selector: + matchLabels: + app: "{{ .Values.appConfig.name }}" + template: + metadata: + labels: + app: "{{ .Values.appConfig.name }}" + {{- include "metadata.nginx.pod.labels" . | nindent 8 }} + annotations: + {{- include "metadata.nginx.pod.annotations" . | nindent 8 }} + spec: + {{- with .Values.global.topologyConfig }} + {{- toYaml . | nindent 6 }} + {{- end }} + terminationGracePeriodSeconds: 10 + {{- with .Values.global.imagePullSecrets}} + imagePullSecrets: + {{- toYaml . | nindent 8}} + {{- end}} + containers: + - name: nginx + image: {{ .Values.appConfig.image }} + ports: + - containerPort: {{ .Values.service.targetPort }} + # v ---- Volume mount define ---- + {{- if .Values.dependencies.storage.enabled }} + volumeMounts: + {{- include "template.volumeMount" . | nindent 12 }} + {{- end }} + # ^ ---- Volume mount define ---- + # v ---- Resources define ---- + resources: + {{- include "template.resQuota" . | nindent 12 }} + # ^ ---- Resources define ---- + env: + {{- include "nativeEnv.nginx" . | nindent 12 }} + {{- with .Values.extraEnvs }} + {{- toYaml . | nindent 12 }} + {{- end }} + # v ---- Volumes define ---- + {{- if .Values.dependencies.storage.enabled }} + volumes: + {{- range .Values.dependencies.storage.volumes }} + {{- include "template.volumes" (dict "item" . "root" $ ) | nindent 8 }} + {{- end }} + {{- end }} + # ^ ---- Volumes define ---- + diff --git a/kubernetes/helm-chart/charts/nginx/templates/pvc.yaml b/kubernetes/helm-chart/charts/nginx/templates/pvc.yaml new file mode 100644 index 00000000..a88c8d9d --- /dev/null +++ b/kubernetes/helm-chart/charts/nginx/templates/pvc.yaml @@ -0,0 +1,4 @@ +{{- range .Values.dependencies.storage.volumes }} +{{- include "template.pvc" ( dict "item" . "root" $ ) }} +{{- end }} + diff --git a/kubernetes/helm-chart/charts/nginx/templates/service.yaml b/kubernetes/helm-chart/charts/nginx/templates/service.yaml new file mode 100644 index 00000000..34af8ad5 --- /dev/null +++ b/kubernetes/helm-chart/charts/nginx/templates/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: "{{ .Values.appConfig.name }}" + labels: + app: "{{ .Values.appConfig.name }}" + {{- include "metadata.nginx.service.labels" . | nindent 4 }} + annotations: + {{- include "metadata.nginx.service.annotations" . | nindent 4 }} +spec: + {{- include "template.service" . | nindent 2 }} + diff --git a/kubernetes/helm-chart/charts/nginx/values.yaml b/kubernetes/helm-chart/charts/nginx/values.yaml new file mode 100644 index 00000000..395827a2 --- /dev/null +++ b/kubernetes/helm-chart/charts/nginx/values.yaml @@ -0,0 +1,48 @@ +global: + topologyConfig: {} + imagePullSecrets: [] + imageRegistry: "" + appName: "" + +install: true + +appConfig: + name: "nginx" + replicas: 1 + image: docker.io/nginx:1.27.2 + pullPolicy: IfNotPresent + + labels: {} + annotations: {} + resources: + cpu: + limits: "" + requests: "" + memory: + limits: "" + requests: "" + +dependencies: + storage: + enabled: true + volumes: + - name: "nginx-conf-template" + mountPath: "/etc/nginx/templates/default.conf.template" + type: configmap + subPath: "nginx-conf-template" + - name: "uwsgi-params" + mountPath: "/etc/nginx/uwsgi_params" + type: configmap + subPath: "uwsgi-params" + - name: "sortinghat-static" + mountPath: "/sortinghat" + type: pvc +service: + labels: {} + annotations: {} + targetPort: 8000 + scheme: "http" + type: "" # Default to "ClusterIP" + +extraEnvs: [] + diff --git a/kubernetes/helm-chart/charts/opensearch-dashboard/Chart.yaml b/kubernetes/helm-chart/charts/opensearch-dashboard/Chart.yaml new file mode 100644 index 00000000..f445eddd --- /dev/null +++ b/kubernetes/helm-chart/charts/opensearch-dashboard/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v2 +name: opensearch-dashboard +description: OpenSearch is a scalable, flexible, and extensible open-source software suite for search, analytics, and observability applications derived from Elasticsearch 7.10.2 and Kibana 7.10.2 and licensed under Apache 2.0. +home: https://opensearch.org/ +icon: https://www.gravatar.com/avatar/28cb77e720377dcf01e9fee30967c128 +maintainers: +- name: Arie + url: https://github.com/Eroyi +appVersion: 2.11.1 +version: 1.0 + diff --git a/kubernetes/helm-chart/charts/opensearch-dashboard/templates/_helper.tpl b/kubernetes/helm-chart/charts/opensearch-dashboard/templates/_helper.tpl new file mode 100644 index 00000000..1d177dbb --- /dev/null +++ b/kubernetes/helm-chart/charts/opensearch-dashboard/templates/_helper.tpl @@ -0,0 +1,37 @@ +{{/* +Opensearch Dashboard labels +*/}} +{{- define "metadata.opensearchDashboard.pod.labels" -}} +{{- range $name, $value := .Values.appConfig.labels }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + +{{/* +Opensearch Dashboard annotations +*/}} +{{- define "metadata.opensearchDashboard.pod.annotations" -}} +{{- range $name, $value := .Values.appConfig.annotations }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + + +{{/* +Opensearch Dashboard Service labels +*/}} +{{- define "metadata.opensearchDashboard.service.labels" -}} +{{- range $name, $value := .Values.service.labels }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + +{{/* +Opensearch Dashboard Service annotations +*/}} +{{- define "metadata.opensearchDashboard.service.annotations" -}} +{{- range $name, $value := .Values.service.annotations }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + diff --git a/kubernetes/helm-chart/charts/opensearch-dashboard/templates/deployment.yaml b/kubernetes/helm-chart/charts/opensearch-dashboard/templates/deployment.yaml new file mode 100644 index 00000000..05f89cfc --- /dev/null +++ b/kubernetes/helm-chart/charts/opensearch-dashboard/templates/deployment.yaml @@ -0,0 +1,60 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: "{{ .Values.appConfig.name }}" + labels: + app: "{{ .Values.appConfig.name }}" + {{- include "metadata.opensearchDashboard.pod.labels" . | nindent 4 }} + annotations: + {{- include "metadata.opensearchDashboard.pod.annotations" . | nindent 4 }} + +spec: + replicas: {{ .Values.appConfig.replicas }} + selector: + matchLabels: + app: "{{ .Values.appConfig.name }}" + template: + metadata: + labels: + app: "{{ .Values.appConfig.name }}" + {{- include "metadata.opensearchDashboard.pod.labels" . | nindent 8 }} + annotations: + {{- include "metadata.opensearchDashboard.pod.annotations" . | nindent 8 }} + spec: + {{- with .Values.global.topologyConfig }} + {{- toYaml . | nindent 6 }} + {{- end }} + terminationGracePeriodSeconds: 10 + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end}} + containers: + - name: opensearch-dashboard + image: {{ .Values.appConfig.image }} + ports: + - containerPort: {{ .Values.service.targetPort }} + # v ---- Volume mount define ---- + {{- if .Values.dependencies.storage.enabled }} + volumeMounts: + {{- include "template.volumeMount" . | nindent 12 }} + {{- end }} + # ^ ---- Volume mount define ---- + # v ---- Resources define ---- + resources: + {{- include "template.resQuota" . | nindent 12 }} + # ^ ---- Resources define ---- + env: + {{- include "nativeEnv.opensearchDashboard" . | nindent 12 }} + {{- with .Values.extraEnvs }} + {{- toYaml . | nindent 12 }} + {{- end }} + # v ---- Volumes define ---- + {{- if .Values.dependencies.storage.enabled }} + volumes: + {{- range .Values.dependencies.storage.volumes }} + {{- include "template.volumes" (dict "item" . "root" $ ) | nindent 8 }} + {{- end }} + {{- end }} + # ^ ---- Volumes define ---- + diff --git a/kubernetes/helm-chart/charts/opensearch-dashboard/templates/pvc.yaml b/kubernetes/helm-chart/charts/opensearch-dashboard/templates/pvc.yaml new file mode 100644 index 00000000..a88c8d9d --- /dev/null +++ b/kubernetes/helm-chart/charts/opensearch-dashboard/templates/pvc.yaml @@ -0,0 +1,4 @@ +{{- range .Values.dependencies.storage.volumes }} +{{- include "template.pvc" ( dict "item" . "root" $ ) }} +{{- end }} + diff --git a/kubernetes/helm-chart/charts/opensearch-dashboard/templates/service.yaml b/kubernetes/helm-chart/charts/opensearch-dashboard/templates/service.yaml new file mode 100644 index 00000000..28f66dba --- /dev/null +++ b/kubernetes/helm-chart/charts/opensearch-dashboard/templates/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: "{{ .Values.appConfig.name }}" + labels: + app: "{{ .Values.appConfig.name }}" + {{- include "metadata.opensearchDashboard.service.labels" . | nindent 4 }} + annotations: + {{- include "metadata.opensearchDashboard.service.annotations" . | nindent 4 }} +spec: + {{- include "template.service" . | nindent 2 }} + diff --git a/kubernetes/helm-chart/charts/opensearch-dashboard/values.yaml b/kubernetes/helm-chart/charts/opensearch-dashboard/values.yaml new file mode 100644 index 00000000..a79983f3 --- /dev/null +++ b/kubernetes/helm-chart/charts/opensearch-dashboard/values.yaml @@ -0,0 +1,38 @@ +global: + topologyConfig: {} + imagePullSecrets: [] + imageRegistry: "" + appName: "" + +install: true + +appConfig: + name: "opensearch-dashboard" + replicas: 1 + image: docker.io/opensearchproject/opensearch-dashboards:2.11.1 + pullPolicy: IfNotPresent + + labels: {} + annotations: {} + resources: + cpu: + limits: "" + requests: "" + memory: + limits: "" + requests: "" + +dependencies: + storage: + enabled: false + volumes: [] + +service: + labels: {} + annotations: {} + targetPort: 5601 + scheme: "http" + type: "" # Default to "ClusterIP" + +extraEnvs: [] + diff --git a/kubernetes/helm-chart/charts/opensearch-node/Chart.yaml b/kubernetes/helm-chart/charts/opensearch-node/Chart.yaml new file mode 100644 index 00000000..143e919c --- /dev/null +++ b/kubernetes/helm-chart/charts/opensearch-node/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v2 +name: opensearch-node +description: OpenSearch is a scalable, flexible, and extensible open-source software suite for search, analytics, and observability applications derived from Elasticsearch 7.10.2 and Kibana 7.10.2 and licensed under Apache 2.0. +home: https://opensearch.org/ +icon: https://www.gravatar.com/avatar/28cb77e720377dcf01e9fee30967c128 +maintainers: +- name: Arie + url: https://github.com/Eroyi +appVersion: 2.11.1 +version: 1.0 + diff --git a/kubernetes/helm-chart/charts/opensearch-node/templates/_helper.tpl b/kubernetes/helm-chart/charts/opensearch-node/templates/_helper.tpl new file mode 100644 index 00000000..cc0cbaa3 --- /dev/null +++ b/kubernetes/helm-chart/charts/opensearch-node/templates/_helper.tpl @@ -0,0 +1,37 @@ +{{/* +Opensearch labels +*/}} +{{- define "metadata.opensearchNode.pod.labels" -}} +{{- range $name, $value := .Values.appConfig.labels }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + +{{/* +Opensearch annotations +*/}} +{{- define "metadata.opensearchNode.pod.annotations" -}} +{{- range $name, $value := .Values.appConfig.annotations }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + + +{{/* +Opensearch Service labels +*/}} +{{- define "metadata.opensearchNode.service.labels" -}} +{{- range $name, $value := .Values.service.labels }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + +{{/* +Opensearch Service annotations +*/}} +{{- define "metadata.opensearchNode.service.annotations" -}} +{{- range $name, $value := .Values.service.annotations }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + diff --git a/kubernetes/helm-chart/charts/opensearch-node/templates/deployment.yaml b/kubernetes/helm-chart/charts/opensearch-node/templates/deployment.yaml new file mode 100644 index 00000000..4f91b862 --- /dev/null +++ b/kubernetes/helm-chart/charts/opensearch-node/templates/deployment.yaml @@ -0,0 +1,65 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: "{{ .Values.appConfig.name }}" + labels: + app: "{{ .Values.appConfig.name }}" + {{- include "metadata.opensearchNode.pod.labels" . | nindent 4 }} + annotations: + {{- include "metadata.opensearchNode.pod.annotations" . | nindent 4 }} + +spec: + replicas: {{ .Values.appConfig.replicas }} + selector: + matchLabels: + app: "{{ .Values.appConfig.name }}" + template: + metadata: + labels: + app: "{{ .Values.appConfig.name }}" + {{- include "metadata.opensearchNode.pod.labels" . | nindent 8 }} + annotations: + {{- include "metadata.opensearchNode.pod.annotations" . | nindent 8 }} + spec: + {{- with .Values.global.topologyConfig }} + {{- toYaml . | nindent 6 }} + {{- end }} + {{- if hasKey .Values.appConfig "security" }} + securityContext: + runAsUser: {{ .Values.appConfig.security.userID }} + runAsGroup: {{ .Values.appConfig.security.groupID }} + {{- end }} + terminationGracePeriodSeconds: 10 + {{- with .Values.global.imagePullSecrets}} + imagePullSecrets: + {{- toYaml . | nindent 8}} + {{- end}} + containers: + - name: opensearch-node + image: {{ .Values.appConfig.image }} + ports: + - containerPort: {{ .Values.service.targetPort }} + # v ---- Volume mount define ---- + {{- if .Values.dependencies.storage.enabled }} + volumeMounts: + {{- include "template.volumeMount" . | nindent 12 }} + {{- end }} + # ^ ---- Volume mount define ---- + # v ---- Resources define ---- + resources: + {{- include "template.resQuota" . | nindent 12 }} + # ^ ---- Resources define ---- + env: + {{- include "nativeEnv.opensearchNode" . | nindent 12 }} + {{- with .Values.extraEnvs }} + {{- toYaml . | nindent 12 }} + {{- end }} + # v ---- Volumes define ---- + {{- if .Values.dependencies.storage.enabled }} + volumes: + {{- range .Values.dependencies.storage.volumes }} + {{- include "template.volumes" (dict "item" . "root" $ ) | nindent 8 }} + {{- end }} + {{- end }} + # ^ ---- Volumes define ---- + diff --git a/kubernetes/helm-chart/charts/opensearch-node/templates/pvc.yaml b/kubernetes/helm-chart/charts/opensearch-node/templates/pvc.yaml new file mode 100644 index 00000000..a88c8d9d --- /dev/null +++ b/kubernetes/helm-chart/charts/opensearch-node/templates/pvc.yaml @@ -0,0 +1,4 @@ +{{- range .Values.dependencies.storage.volumes }} +{{- include "template.pvc" ( dict "item" . "root" $ ) }} +{{- end }} + diff --git a/kubernetes/helm-chart/charts/opensearch-node/templates/service.yaml b/kubernetes/helm-chart/charts/opensearch-node/templates/service.yaml new file mode 100644 index 00000000..f4a67bb5 --- /dev/null +++ b/kubernetes/helm-chart/charts/opensearch-node/templates/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: "{{ .Values.appConfig.name }}" + labels: + app: "{{ .Values.appConfig.name }}" + {{- include "metadata.opensearchNode.service.labels" . | nindent 4 }} + annotations: + {{- include "metadata.opensearchNode.service.annotations" . | nindent 4 }} +spec: + {{- include "template.service" . | nindent 2 }} + diff --git a/kubernetes/helm-chart/charts/opensearch-node/values.yaml b/kubernetes/helm-chart/charts/opensearch-node/values.yaml new file mode 100644 index 00000000..eb7d816e --- /dev/null +++ b/kubernetes/helm-chart/charts/opensearch-node/values.yaml @@ -0,0 +1,46 @@ +global: + topologyConfig: {} + imagePullSecrets: [] + imageRegistry: "" + appName: "" + +install: true + +appConfig: + name: "opensearch-node" + replicas: 1 + image: docker.io/opensearchproject/opensearch:2.11.1 + pullPolicy: IfNotPresent + + labels: {} + annotations: {} + resources: + cpu: + limits: "" + requests: "" + memory: + limits: "" + requests: "" + security: + userID: 1000 + groupID: 1000 + +dependencies: + storage: + enabled: true + volumes: + - name: "opensearch-data" + mountPath: "/usr/share/opensearch/data" + type: pvc + storageClass: gp3 + size: 1Gi + +service: + labels: {} + annotations: {} + targetPort: 9200 + scheme: "http" + type: "" # Default to "ClusterIP" + +extraEnvs: [] + diff --git a/kubernetes/helm-chart/charts/sortinghat-worker/Chart.yaml b/kubernetes/helm-chart/charts/sortinghat-worker/Chart.yaml new file mode 100644 index 00000000..0b6d4ac4 --- /dev/null +++ b/kubernetes/helm-chart/charts/sortinghat-worker/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v2 +name: sortinghat-worker +description: Sortinghat worker for GrimoireLab. +home: https://github.com/chaoss/grimoirelab +icon: https://www.gravatar.com/avatar/4154acefea56ed23bddaaa47a4850400 +maintainers: +- name: Arie + url: https://github.com/Eroyi +appVersion: 1.7.0 #Based on the "Github Release" version (which is the docker image tag referring from), not the actual application version. +version: 1.0 + diff --git a/kubernetes/helm-chart/charts/sortinghat-worker/templates/_helper.tpl b/kubernetes/helm-chart/charts/sortinghat-worker/templates/_helper.tpl new file mode 100644 index 00000000..82433a06 --- /dev/null +++ b/kubernetes/helm-chart/charts/sortinghat-worker/templates/_helper.tpl @@ -0,0 +1,37 @@ +{{/* +Sortinghat labels +*/}} +{{- define "metadata.sortinghatWorker.pod.labels" -}} +{{- range $name, $value := .Values.appConfig.labels }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + +{{/* +Sortinghat annotations +*/}} +{{- define "metadata.sortinghatWorker.pod.annotations" -}} +{{- range $name, $value := .Values.appConfig.annotations }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + + +{{/* +Sortinghat Service labels +*/}} +{{- define "metadata.sortinghatWorker.service.labels" -}} +{{- range $name, $value := .Values.service.labels }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + +{{/* +Sortinghat Service annotations +*/}} +{{- define "metadata.sortinghatWorker.service.annotations" -}} +{{- range $name, $value := .Values.service.annotations }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + diff --git a/kubernetes/helm-chart/charts/sortinghat-worker/templates/deployment.yaml b/kubernetes/helm-chart/charts/sortinghat-worker/templates/deployment.yaml new file mode 100644 index 00000000..3da001f6 --- /dev/null +++ b/kubernetes/helm-chart/charts/sortinghat-worker/templates/deployment.yaml @@ -0,0 +1,60 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: "{{ .Values.appConfig.name }}" + labels: + app: "{{ .Values.appConfig.name }}" + {{- include "metadata.sortinghatWorker.pod.labels" . | nindent 4 }} + annotations: + {{- include "metadata.sortinghatWorker.pod.annotations" . | nindent 4 }} + +spec: + replicas: {{ .Values.appConfig.replicas }} + selector: + matchLabels: + app: "{{ .Values.appConfig.name }}" + template: + metadata: + labels: + app: "{{ .Values.appConfig.name }}" + {{- include "metadata.sortinghatWorker.pod.labels" . | nindent 8 }} + annotations: + {{- include "metadata.sortinghatWorker.pod.annotations" . | nindent 8 }} + spec: + {{- with .Values.global.topologyConfig }} + {{- toYaml . | nindent 6 }} + {{- end }} + terminationGracePeriodSeconds: 10 + {{- with .Values.global.imagePullSecrets}} + imagePullSecrets: + {{- toYaml . | nindent 8}} + {{- end}} + containers: + - name: sortinghat + image: {{ .Values.appConfig.image }} + ports: + - containerPort: {{ .Values.service.targetPort }} + # v ---- Volume mount define ---- + {{- if .Values.dependencies.storage.enabled }} + volumeMounts: + {{- include "template.volumeMount" . | nindent 12 }} + {{- end }} + # ^ ---- Volume mount define ---- + # v ---- Resources define ---- + resources: + {{- include "template.resQuota" . | nindent 12 }} + # ^ ---- Resources define ---- + env: + {{- include "nativeEnv.sortinghatWorker" . | nindent 12 }} + {{- with .Values.extraEnvs }} + {{- toYaml . | nindent 12 }} + {{- end }} + # v ---- Volumes define ---- + {{- if .Values.dependencies.storage.enabled }} + volumes: + {{- range .Values.dependencies.storage.volumes }} + {{- include "template.volumes" (dict "item" . "root" $ ) | nindent 8 }} + {{- end }} + {{- end }} + # ^ ---- Volumes define ---- + diff --git a/kubernetes/helm-chart/charts/sortinghat-worker/templates/pvc.yaml b/kubernetes/helm-chart/charts/sortinghat-worker/templates/pvc.yaml new file mode 100644 index 00000000..a88c8d9d --- /dev/null +++ b/kubernetes/helm-chart/charts/sortinghat-worker/templates/pvc.yaml @@ -0,0 +1,4 @@ +{{- range .Values.dependencies.storage.volumes }} +{{- include "template.pvc" ( dict "item" . "root" $ ) }} +{{- end }} + diff --git a/kubernetes/helm-chart/charts/sortinghat-worker/templates/service.yaml b/kubernetes/helm-chart/charts/sortinghat-worker/templates/service.yaml new file mode 100644 index 00000000..d791fa0a --- /dev/null +++ b/kubernetes/helm-chart/charts/sortinghat-worker/templates/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: "{{ .Values.appConfig.name }}" + labels: + app: "{{ .Values.appConfig.name }}" + {{- include "metadata.sortinghatWorker.service.labels" . | nindent 4 }} + annotations: + {{- include "metadata.sortinghatWorker.service.annotations" . | nindent 4 }} +spec: + {{- include "template.service" . | nindent 2 }} + diff --git a/kubernetes/helm-chart/charts/sortinghat-worker/values.yaml b/kubernetes/helm-chart/charts/sortinghat-worker/values.yaml new file mode 100644 index 00000000..1cc82f1c --- /dev/null +++ b/kubernetes/helm-chart/charts/sortinghat-worker/values.yaml @@ -0,0 +1,38 @@ +global: + topologyConfig: {} + imagePullSecrets: [] + imageRegistry: "" + appName: "" + +install: true + +appConfig: + name: sortinghat-worker + replicas: 1 + image: docker.io/grimoirelab/sortinghat-worker:latest + pullPolicy: IfNotPresent + + labels: {} + annotations: {} + resources: + cpu: + limits: "" + requests: "" + memory: + limits: "" + requests: "" + +dependencies: + storage: + enabled: false + volumes: [] + +service: + labels: {} + annotations: {} + targetPort: 9314 + scheme: "http" + type: "" # Default to "ClusterIP" + +extraEnvs: [] + diff --git a/kubernetes/helm-chart/charts/sortinghat/Chart.yaml b/kubernetes/helm-chart/charts/sortinghat/Chart.yaml new file mode 100644 index 00000000..b11d7074 --- /dev/null +++ b/kubernetes/helm-chart/charts/sortinghat/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v2 +name: sortinghat +description: Sortinghat service for GrimoireLab, a tool to manage identities. +home: https://github.com/chaoss/grimoirelab +icon: https://www.gravatar.com/avatar/4154acefea56ed23bddaaa47a4850400 +maintainers: +- name: Arie + url: https://github.com/Eroyi +appVersion: 1.7.0 #Based on the "Github Release" version (which is the docker image tag referring from), not the actual application version. +version: 1.0 + diff --git a/kubernetes/helm-chart/charts/sortinghat/templates/_helper.tpl b/kubernetes/helm-chart/charts/sortinghat/templates/_helper.tpl new file mode 100644 index 00000000..2c81aba2 --- /dev/null +++ b/kubernetes/helm-chart/charts/sortinghat/templates/_helper.tpl @@ -0,0 +1,37 @@ +{{/* +Sortinghat labels +*/}} +{{- define "metadata.sortinghat.pod.labels" -}} +{{- range $name, $value := .Values.appConfig.labels }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + +{{/* +Sortinghat annotations +*/}} +{{- define "metadata.sortinghat.pod.annotations" -}} +{{- range $name, $value := .Values.appConfig.annotations }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + + +{{/* +Sortinghat Service labels +*/}} +{{- define "metadata.sortinghat.service.labels" -}} +{{- range $name, $value := .Values.service.labels }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + +{{/* +Sortinghat Service annotations +*/}} +{{- define "metadata.sortinghat.service.annotations" -}} +{{- range $name, $value := .Values.service.annotations }} +{{ $name }}: {{ $value | quote }} +{{- end -}} +{{- end -}} + diff --git a/kubernetes/helm-chart/charts/sortinghat/templates/deployment.yaml b/kubernetes/helm-chart/charts/sortinghat/templates/deployment.yaml new file mode 100644 index 00000000..16136e18 --- /dev/null +++ b/kubernetes/helm-chart/charts/sortinghat/templates/deployment.yaml @@ -0,0 +1,60 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.appConfig.name }} + labels: + app: "{{ .Values.appConfig.name }}" + {{- include "metadata.sortinghat.pod.labels" . | nindent 4 }} + annotations: + {{- include "metadata.sortinghat.pod.annotations" . | nindent 4 }} + +spec: + replicas: {{ .Values.appConfig.replicas }} + selector: + matchLabels: + app: "{{ .Values.appConfig.name }}" + template: + metadata: + labels: + app: "{{ .Values.appConfig.name }}" + {{- include "metadata.sortinghat.pod.labels" . | nindent 8 }} + annotations: + {{- include "metadata.sortinghat.pod.annotations" . | nindent 8 }} + spec: + {{- with .Values.global.topologyConfig }} + {{- toYaml . | nindent 6 }} + {{- end }} + terminationGracePeriodSeconds: 10 + {{- with .Values.global.imagePullSecrets}} + imagePullSecrets: + {{- toYaml . | nindent 8}} + {{- end}} + containers: + - name: sortinghat + image: {{ .Values.appConfig.image }} + ports: + - containerPort: {{ .Values.service.targetPort }} + # v ---- Volume mount define ---- + {{- if .Values.dependencies.storage.enabled }} + volumeMounts: + {{- include "template.volumeMount" . | nindent 12 }} + {{- end }} + # ^ ---- Volume mount define ---- + # v ---- Resources define ---- + resources: + {{- include "template.resQuota" . | nindent 12 }} + # ^ ---- Resources define ---- + env: + {{- include "nativeEnv.sortinghat" . | nindent 12 }} + {{- with .Values.extraEnvs }} + {{- toYaml . | nindent 12 }} + {{- end }} + # v ---- Volumes define ---- + {{- if .Values.dependencies.storage.enabled }} + volumes: + {{- range .Values.dependencies.storage.volumes }} + {{- include "template.volumes" (dict "item" . "root" $ ) | nindent 8 }} + {{- end }} + {{- end }} + # ^ ---- Volumes define ---- + diff --git a/kubernetes/helm-chart/charts/sortinghat/templates/pvc.yaml b/kubernetes/helm-chart/charts/sortinghat/templates/pvc.yaml new file mode 100644 index 00000000..a88c8d9d --- /dev/null +++ b/kubernetes/helm-chart/charts/sortinghat/templates/pvc.yaml @@ -0,0 +1,4 @@ +{{- range .Values.dependencies.storage.volumes }} +{{- include "template.pvc" ( dict "item" . "root" $ ) }} +{{- end }} + diff --git a/kubernetes/helm-chart/charts/sortinghat/templates/service.yaml b/kubernetes/helm-chart/charts/sortinghat/templates/service.yaml new file mode 100644 index 00000000..bed49568 --- /dev/null +++ b/kubernetes/helm-chart/charts/sortinghat/templates/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: "{{ .Values.appConfig.name }}" + labels: + app: "{{ .Values.appConfig.name }}" + {{- include "metadata.sortinghat.service.labels" . | nindent 4 }} + annotations: + {{- include "metadata.sortinghat.service.annotations" . | nindent 4 }} +spec: + {{- include "template.service" . | nindent 2 }} + diff --git a/kubernetes/helm-chart/charts/sortinghat/values.yaml b/kubernetes/helm-chart/charts/sortinghat/values.yaml new file mode 100644 index 00000000..74c8df0c --- /dev/null +++ b/kubernetes/helm-chart/charts/sortinghat/values.yaml @@ -0,0 +1,42 @@ +global: + topologyConfig: {} + imagePullSecrets: [] + imageRegistry: "" + appName: "" + +install: true + +appConfig: + name: "sortinghat" + replicas: 1 + image: docker.io/grimoirelab/sortinghat:latest + pullPolicy: IfNotPresent + labels: {} + annotations: {} + resources: + cpu: + limits: "" + requests: "" + memory: + limits: "" + requests: "" + +dependencies: + storage: + enabled: true + volumes: + - name: "sortinghat-static" + mountPath: "/opt/venv/lib/python3.9/site-packages/sortinghat/static" + type: pvc + storageClass: gp3 + size: 1Gi + +service: + labels: {} + annotations: {} + targetPort: 9314 + scheme: "http" + type: "" # Default to "ClusterIP" + +extraEnvs: [] + diff --git a/kubernetes/helm-chart/templates/_credentials.tpl b/kubernetes/helm-chart/templates/_credentials.tpl new file mode 100644 index 00000000..1cb6b334 --- /dev/null +++ b/kubernetes/helm-chart/templates/_credentials.tpl @@ -0,0 +1,23 @@ +{{/* +Define various credentials recources +*/}} +{{- define "cred.database.username" -}} + {{- $username := default "root" .Values.global.credentials.database.username -}} + {{- $username -}} +{{- end }} + +{{- define "cred.database.password" -}} + {{- $password := default "mar1adb4Grim0ir3Lab" .Values.global.credentials.database.password -}} + {{- $password -}} +{{- end }} + +{{- define "cred.opensearchNode.password" -}} + {{- $password := default "O54Grim0ir3Lab" .Values.global.credentials.opensearchNode.password -}} + {{- $password -}} +{{- end }} + +{{- define "cred.redis.password" -}} + {{- $password := default "red1s4Grim0ir3Lab" .Values.global.credentials.redis.password -}} + {{- $password -}} +{{- end }} + diff --git a/kubernetes/helm-chart/templates/_envs.tpl b/kubernetes/helm-chart/templates/_envs.tpl new file mode 100644 index 00000000..beec7151 --- /dev/null +++ b/kubernetes/helm-chart/templates/_envs.tpl @@ -0,0 +1,41 @@ +{{/* +Define various environment that referring from other values +*/}} +{{- define "nativeEnv.nginx" -}} +- name: KIBANA_HOST + value: "http://opensearch-dashboard:{{ include "port.opensearchDashboard" . }}/" +{{- end }} + +{{- define "nativeEnv.sortinghat" -}} +- name: SORTINGHAT_DB_USER + value: "{{ include "cred.database.username" . }}" +- name: SORTINGHAT_DB_PASSWORD + value: "{{ include "cred.database.password" . }}" +- name: SORTINGHAT_REDIS_PASSWORD + value: "{{ include "cred.redis.password" . }}" +- name: SORTINGHAT_CORS_ALLOWED_ORIGINS + value: "http://localhost:{{ include "port.nginxListen" . }},http://127.0.0.1:{{ include "port.nginxListen" . }},http://0.0.0.0:{{ include "port.nginxListen" . }}" +{{- end }} + +{{- define "nativeEnv.sortinghatWorker" -}} +- name: SORTINGHAT_DB_USER + value: "{{ include "cred.database.username" . }}" +- name: SORTINGHAT_DB_PASSWORD + value: "{{ include "cred.database.password" . }}" +- name: SORTINGHAT_REDIS_PASSWORD + value: "{{ include "cred.redis.password" . }}" +{{- end }} + +{{- define "nativeEnv.opensearchDashboard" -}} +- name: OPENSEARCH_HOSTS + value: "[\"https://opensearch-node:{{ include "port.opensearchNode" . }}\"]" +{{- end }} + +{{- define "nativeEnv.opensearchNode" -}} +- name: OPENSEARCH_INITIAL_ADMIN_PASSWORD + value: "{{ include "cred.opensearchNode.password" . }}" +{{- end }} + +{{- define "nativeEnv.mordred" }} +{{- end }} + diff --git a/kubernetes/helm-chart/templates/_ports.tpl b/kubernetes/helm-chart/templates/_ports.tpl new file mode 100644 index 00000000..803e6136 --- /dev/null +++ b/kubernetes/helm-chart/templates/_ports.tpl @@ -0,0 +1,49 @@ +{{/* +Port catalogs for all services + +{{- define "port.sortinghat" -}} +{{- printf .Values.sortinghat.service.targetPort | default "9314" }} +{{- end }} + +{{- define "port.sortinghatWorker" -}} +{{- printf .Values.sortinghatWorker.service.targetPort | default "9314" }} +{{- end }} + +{{- define "port.nginxListen" -}} +{{- printf .Values.nginx.service.targetPort | default "8000" }} +{{- end }} + +{{- define "port.opensearchNode" -}} +{{- printf .Values.opensearchNode.service.targetPort | default "9200" }} +{{- end }} + +{{- define "port.opensearchDashboard" -}} +{{- printf .Values.opensearchDashboard.service.targetPort | default "5601" }} +{{- end }} +*/}} + +{{- define "port.sortinghat" -}} + {{- $sortinghat := default 9314 -}} + {{- $sortinghat -}} +{{- end }} + +{{- define "port.sortinghatWorker" -}} + {{- $sortinghatWorker := default 9314 -}} + {{- $sortinghatWorker -}} +{{- end }} + +{{- define "port.nginxListen" -}} + {{- $nginxListen := default 8000 -}} + {{- $nginxListen -}} +{{- end }} + +{{- define "port.opensearchNode" -}} + {{- $opensearchNode := default 9200 -}} + {{- $opensearchNode -}} +{{- end }} + +{{- define "port.opensearchDashboard" -}} + {{- $opensearchDashboard := default 5601 -}} + {{- $opensearchDashboard -}} +{{- end }} + diff --git a/kubernetes/helm-chart/templates/_templates.tpl b/kubernetes/helm-chart/templates/_templates.tpl new file mode 100644 index 00000000..c747a596 --- /dev/null +++ b/kubernetes/helm-chart/templates/_templates.tpl @@ -0,0 +1,90 @@ +{{/* +Common Helm chart templates abstract +*/}} + + +{{- define "template.volumeMount" -}} +{{- range .Values.dependencies.storage.volumes }} +- name: {{ .name }} + mountPath: {{ .mountPath }} + {{- if and (eq .type "configmap") (hasKey . "subPath") .subPath }} + subPath: {{ .subPath }} + {{- end }} +{{- end }} +{{- end }} + + +{{- define "template.volumes" -}} +- name: {{ .item.name }} + {{- if eq .item.type "pvc" }} + persistentVolumeClaim: + claimName: {{ .item.name }}-pvc + {{- else if eq .item.type "configmap" }} + configMap: + name: {{ .root.Release.Name }}-configmap + {{- if and (hasKey .item "configmapKey") (hasKey .item "asFile") }} + items: + - key: {{ .item.configmapKey }} + path: {{ .item.asFile }} + {{- end }} + {{- else if eq .item.type "secret" }} + secret: + secretName: {{ .item.name }}-secret + {{- else }} + emptyDir: + sizeLimit: 100Mi + {{- end }} +{{- end }} + + +{{- define "template.resQuota" -}} +limits: + cpu: {{ .Values.appConfig.resources.cpu.limits | quote }} + memory: {{ .Values.appConfig.resources.memory.limits | quote }} +requests: + cpu: {{ .Values.appConfig.resources.cpu.requests | quote }} + memory: {{ .Values.appConfig.resources.memory.requests | quote }} +{{- end }} + + +{{- define "template.pvc" -}} + {{- if and (eq .item.type "pvc") (hasKey .item "size" ) }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ .item.name }}-pvc + labels: + app: "{{ .root.Release.Name }}" +spec: + storageClassName: "{{ .item.storageClass }}" + accessModes: + - ReadWriteMany + resources: + requests: + storage: {{ .item.size }} + {{- end }} +{{- end }} + + +{{- define "template.service" -}} +ports: + - protocol: TCP + name: "{{ .Values.appConfig.name }}-service" + {{- if eq .Values.service.scheme "http" }} + port: 80 + targetPort: {{ .Values.service.targetPort }} + {{- end }} + {{- if eq .Values.service.scheme "https" }} + port: 443 + targetPort: {{ .Values.service.targetPort }} + {{- end }} + {{- if eq .Values.service.scheme "passthrough" }} + port: {{ .Values.service.targetPort }} + targetPort: {{ .Values.service.targetPort }} + {{- end }} +type: {{ .Values.service.type | default "ClusterIP" | quote }} +sessionAffinity: None +selector: + app: "{{ .Values.appConfig.name }}" +{{- end }} + diff --git a/kubernetes/helm-chart/templates/configmap.yaml b/kubernetes/helm-chart/templates/configmap.yaml new file mode 100644 index 00000000..d9653e09 --- /dev/null +++ b/kubernetes/helm-chart/templates/configmap.yaml @@ -0,0 +1,17 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: "{{ $.Release.Name }}-configmap" + labels: + app: "{{ $.Release.Name }}" + +data: + mordred-setup: |- + {{- include "config.mordredSetup" . | nindent 4 }} + mordred-projects: |- + {{- include "config.mordredProject" . | nindent 4 }} + uwsgi-params: |- + {{- include "config.uwsgiParams" . | nindent 4 }} + nginx-conf-template: |- + {{- include "config.nginxConf" . | nindent 4 }} + diff --git a/kubernetes/helm-chart/values.yaml b/kubernetes/helm-chart/values.yaml new file mode 100644 index 00000000..d02cf4d2 --- /dev/null +++ b/kubernetes/helm-chart/values.yaml @@ -0,0 +1,229 @@ +global: + topologyConfig: {} + imagePullSecrets: [] + imageRegistry: "" + appName: grimoirelab + credentials: + database: + username: "root" + password: "mar1adb4Gr1m0ir3Lab" + opensearchNode: + password: "admin" + redis: + password: "grimoirelab" + +opensearch-node: + install: true + appConfig: + replicas: 1 + image: docker.io/opensearchproject/opensearch:2.11.1 + labels: {} + annotations: {} + resources: + cpu: + limits: "500m" + requests: "300m" + memory: + limits: "3000Mi" + requests: "2000Mi" + dependencies: + storage: + enabled: true + volumes: + - name: "opensearch-data" + mountPath: "/usr/share/opensearch/data" + type: pvc + storageClass: gp3 + size: 10Gi + service: + targetPort: 9200 + scheme: passthrough + type: "" + extraEnvs: + - name: cluster.name + value: "opensearch-cluster" + - name: node.name + value: "opensearch-node1" + - name: discovery.type + value: "single-node" + - name: bootstrap.memory_lock + value: "true" + - name: OPENSEARCH_JAVA_OPTS + value: "-Xms2g -Xmx2g" + +opensearch-dashboard: + install: true + appConfig: + replicas: 1 + image: docker.io/opensearchproject/opensearch-dashboards:2.11.1 + labels: {} + annotations: {} + resources: + cpu: + limits: "200m" + requests: "100m" + memory: + limits: "512Mi" + requests: "256Mi" + dependencies: + storage: + enabled: false + service: + targetPort: 5601 + scheme: passthrough + type: "" + extraEnvs: [] + +mordred: + install: true + appConfig: + replicas: 1 + image: docker.io/grimoirelab/grimoirelab:1.7.0 + labels: {} + annotations: {} + resources: + cpu: + limits: "200m" + requests: "100m" + memory: + limits: "512Mi" + requests: "256Mi" + dependencies: + storage: + enabled: true + volumes: + - name: "mordred-setup" + mountPath: "/home/grimoire/conf/setup.cfg" + type: configmap + subPath: "mordred-setup" + - name: "mordred-projects" + mountPath: "/home/grimoire/conf/projects.json" + type: configmap + subPath: "mordred-projects" + - name: "mordred-log" + mountPath: "/home/grimoire/logs" + type: emptyDir + service: + targetPort: 8000 + scheme: passthrough + type: "" + extraEnvs: [] + +nginx: + install: true + appConfig: + replicas: 1 + image: docker.io/nginx:1.27.2 + labels: {} + annotations: {} + resources: + cpu: + limits: "50m" + requests: "20m" + memory: + limits: "128Mi" + requests: "64Mi" + dependencies: + storage: + enabled: true + volumes: + - name: "nginx-conf-template" + mountPath: "/etc/nginx/templates/default.conf.template" + type: configmap + subPath: "nginx-conf-template" + - name: "uwsgi-params" + mountPath: "/etc/nginx/uwsgi_params" + type: configmap + subPath: "uwsgi-params" + - name: "sortinghat-static" + mountPath: "/sortinghat" + type: pvc + service: + targetPort: 8000 + scheme: passthrough + type: "" + extraEnvs: [] + +sortinghat: + install: true + appConfig: + replicas: 1 + image: docker.io/grimoirelab/sortinghat:1.7.0 + labels: {} + annotations: {} + resources: + cpu: + limits: "50m" + requests: "20m" + memory: + limits: "512Mi" + requests: "256Mi" + dependencies: + storage: + enabled: true + volumes: + - name: "sortinghat-static" + mountPath: "/opt/venv/lib/python3.9/site-packages/sortinghat/static" + type: pvc + storageClass: gp3 + size: 1Gi + service: + targetPort: 9314 + scheme: passthrough + type: "" + extraEnvs: + - name: SORTINGHAT_SECRET_KEY + value: "secret" + - name: SORTINGHAT_DB_HOST + value: "mariadb" + - name: SORTINGHAT_DB_PORT + value: "3306" + - name: SORTINGHAT_DB_DATABASE + value: "sortinghat_db" + - name: SORTINGHAT_REDIS_HOST + value: "redis-master" + - name: SORTINGHAT_SUPERUSER_USERNAME + value: "root" + - name: SORTINGHAT_SUPERUSER_PASSWORD + value: "root" + - name: SORTINGHAT_ALLOWED_HOST + value: "sortinghat,nginx,localhost,127.0.0.1,0.0.0.0,[::1]" + +sortinghat-worker: + install: true + appConfig: + replicas: 1 + image: docker.io/grimoirelab/sortinghat-worker:1.7.0 + labels: {} + annotations: {} + resources: + cpu: + limits: "1000m" + requests: "50m" + memory: + limits: "256Mi" + requests: "128Mi" + dependencies: + storage: + enabled: false + service: + scheme: passthrough + type: "" + extraEnvs: + - name: SORTINGHAT_SECRET_KEY + value: "secret" + - name: SORTINGHAT_DB_HOST + value: "mariadb" + - name: SORTINGHAT_DB_PORT + value: "3306" + - name: SORTINGHAT_DB_DATABASE + value: "sortinghat_db" + - name: SORTINGHAT_REDIS_HOST + value: "redis-master" + +mariadb: + install: false + +redis: + install: false + diff --git a/templates/_credentials.tpl b/templates/_credentials.tpl new file mode 100644 index 00000000..ac24affa --- /dev/null +++ b/templates/_credentials.tpl @@ -0,0 +1,22 @@ +{{/* +Define various credentials recources +*/}} +{{- define "cred.database.username" -}} + {{- $username := default "root" .Values.global.credentials.database.username -}} + {{- $username -}} +{{- end }} + +{{- define "cred.database.password" -}} + {{- $password := default "mar1adb4Grim0ir3Lab" .Values.global.credentials.database.password -}} + {{- $password -}} +{{- end }} + +{{- define "cred.opensearchNode.password" -}} + {{- $password := default "O54Grim0ir3Lab" .Values.global.credentials.opensearchNode.password -}} + {{- $password -}} +{{- end }} + +{{- define "cred.redis.password" -}} + {{- $password := default "red1s4Grim0ir3Lab" .Values.global.credentials.redis.password -}} + {{- $password -}} +{{- end }} diff --git a/templates/_env.tpl b/templates/_env.tpl new file mode 100644 index 00000000..696388ec --- /dev/null +++ b/templates/_env.tpl @@ -0,0 +1,40 @@ +{{/* +Define various environment that referring from other values +*/}} +{{- define "nginx-extraEnvs.env" -}} +- name: KIBANA_HOST + value: http://opensearch-dashboard:{{ include "opensearch-dashboard.port" . }}/ +{{- end }} + +{{- define "sortinghat-extraEnvs.env" -}} +- name: SORTINGHAT_DB_USER + value: "{{ include "database-username.cred" . }}" +- name: SORTINGHAT_DB_PASSWORD + value: "{{ include "database-password.cred" . }}" +- name: SORTINGHAT_REDIS_PASSWORD + value: "{{ include "redis-password.cred" . }}" +- name: SORTINGHAT_CORS_ALLOWED_ORIGINS + value: "http://localhost:{{ include "nginx-listen.port" . }},http://127.0.0.1:{{ include "nginx-listen.port" . }},http://0.0.0.0:{{ include "nginx-listen.port" . }} +{{- end }} + +{{- define "sortinghat-worker-extraEnvs.env" -}} +- name: SORTINGHAT_DB_USER + value: "{{ include "database-username.cred" . }}" +- name: SORTINGHAT_DB_PASSWORD + value: "{{ include "database-password.cred" . }}" +- name: SORTINGHAT_REDIS_PASSWORD + value: "{{ include "redis-password.cred" . }}" +{{- end }} + +{{- define "opensearch-dashboard-extraEnvs.env" -}} +- name: OPENSEARCH_HOSTS + value: "[\"https://opensearch-node:{{ include "opensearch-node.port" . }}\"]" +{{- end }} + +{{- define "opensearch-node-extraEnvs.env" -}} +- name: OPENSEARCH_INITIAL_ADMIN_PASSWORD + value: "{{ include "opensearch-node-password.cred" . }}" +{{- end }} + +{{- define "mordred-extraEnvs.env" }} +{{- end }} \ No newline at end of file diff --git a/templates/_envs.tpl b/templates/_envs.tpl new file mode 100644 index 00000000..71cf245d --- /dev/null +++ b/templates/_envs.tpl @@ -0,0 +1,40 @@ +{{/* +Define various environment that referring from other values +*/}} +{{- define "nativeEnv.nginx" -}} +- name: KIBANA_HOST + value: "http://opensearch-dashboard:{{ include "port.opensearchDashboard" . }}/" +{{- end }} + +{{- define "nativeEnv.sortinghat" -}} +- name: SORTINGHAT_DB_USER + value: "{{ include "cred.database.username" . }}" +- name: SORTINGHAT_DB_PASSWORD + value: "{{ include "cred.database.password" . }}" +- name: SORTINGHAT_REDIS_PASSWORD + value: "{{ include "cred.redis.password" . }}" +- name: SORTINGHAT_CORS_ALLOWED_ORIGINS + value: "http://localhost:{{ include "port.nginxListen" . }},http://127.0.0.1:{{ include "port.nginxListen" . }},http://0.0.0.0:{{ include "port.nginxListen" . }}" +{{- end }} + +{{- define "nativeEnv.sortinghatWorker" -}} +- name: SORTINGHAT_DB_USER + value: "{{ include "cred.database.username" . }}" +- name: SORTINGHAT_DB_PASSWORD + value: "{{ include "cred.database.password" . }}" +- name: SORTINGHAT_REDIS_PASSWORD + value: "{{ include "cred.redis.password" . }}" +{{- end }} + +{{- define "nativeEnv.opensearchDashboard" -}} +- name: OPENSEARCH_HOSTS + value: "[\"https://opensearch-node:{{ include "port.opensearchNode" . }}\"]" +{{- end }} + +{{- define "nativeEnv.opensearchNode" -}} +- name: OPENSEARCH_INITIAL_ADMIN_PASSWORD + value: "{{ include "cred.opensearchNode.password" . }}" +{{- end }} + +{{- define "nativeEnv.mordred" }} +{{- end }} diff --git a/templates/_ports.tpl b/templates/_ports.tpl new file mode 100644 index 00000000..24c88e01 --- /dev/null +++ b/templates/_ports.tpl @@ -0,0 +1,49 @@ +{{/* +Port catalogs for all services + +{{- define "port.sortinghat" -}} +{{- printf .Values.sortinghat.service.targetPort | default "9314" }} +{{- end }} + +{{- define "port.sortinghatWorker" -}} +{{- printf .Values.sortinghatWorker.service.targetPort | default "9314" }} +{{- end }} + +{{- define "port.nginxListen" -}} +{{- printf .Values.nginx.service.targetPort | default "8000" }} +{{- end }} + +{{- define "port.opensearchNode" -}} +{{- printf .Values.opensearchNode.service.targetPort | default "9200" }} +{{- end }} + +{{- define "port.opensearchDashboard" -}} +{{- printf .Values.opensearchDashboard.service.targetPort | default "5601" }} +{{- end }} +*/}} + +{{- define "port.sortinghat" -}} + {{- $sortinghat := default 9314 -}} + {{- $sortinghat -}} +{{- end }} + +{{- define "port.sortinghatWorker" -}} + {{- $sortinghatWorker := default 9314 -}} + {{- $sortinghatWorker -}} +{{- end }} + +{{- define "port.nginxListen" -}} + {{- $nginxListen := default 8000 -}} + {{- $nginxListen -}} +{{- end }} + +{{- define "port.opensearchNode" -}} + {{- $opensearchNode := default 9200 -}} + {{- $opensearchNode -}} +{{- end }} + +{{- define "port.opensearchDashboard" -}} + {{- $opensearchDashboard := default 5601 -}} + {{- $opensearchDashboard -}} +{{- end }} + diff --git a/templates/_template.tpl b/templates/_template.tpl new file mode 100644 index 00000000..f02742f5 --- /dev/null +++ b/templates/_template.tpl @@ -0,0 +1,85 @@ +{{/* +Helm chart templates +*/}} +{{- define "volume-mount.template" -}} +{{- range .Values.dependencies.storage.volumes }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + {{- if and (eq .type "configmap") (hasKey . "subPath") .subPath }} + subPath: {{ .subPath }} + {{- end }} +{{- end }} +{{- end }} + +{{- define "volumes.template" -}} +- name: {{ .name }} + {{- if eq .type "pvc" }} + persistentVolumeClaim: + claimName: {{ .name }}-pvc + {{- else if eq .type "configmap" }} + configMap: + name: {{ $.Release.Name }}-configmap + {{- if and (hasKey . "configmapKey") (hasKey . "asFile") .configmapKey .asFile }} + items: + - key: {{ .configmapKey }} + path: {{ .asFile }} + {{- end }} + {{- else if eq .type "secret" }} + secret: + secretName: {{ .name }}-secret + {{- else }} + emptyDir: + sizeLimit: 100Mi + {{- end }} +{{- end }} + +{{- define "resources.template" -}} +limits: + cpu: {{ .Values.appConfig.resources.cpu.limits | quote }} + memory: {{ .Values.appConfig.resources.memory.limits | quote }} +requests: + cpu: {{ .Values.appConfig.resources.cpu.requests | quote }} + memory: {{ .Values.appConfig.resources.memory.requests | quote }} +{{- end }} + +{{- define "pvc.template" -}} +{{- range .Values.dependencies.storage.volumes }} + {{- if eq .type "pvc" }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ .name }}-pvc + labels: + app: "{{ $.Release.Name }}" +spec: + storageClassName: "{{ .storageClass }}" + accessModes: + - ReadWriteMany + resources: + requests: + storage: {{ .size }} + {{- end }} +{{- end }} +{{- end }} + +{{- define "service.template" -}} +ports: + - protocol: TCP + name: "{{ .Values.appConfig.name }}-service" + {{- if eq .Values.service.scheme "http" }} + port: 80 + targetPort: {{ .Values.service.targetPort }} + {{- end }} + {{- if eq .Values.service.scheme "https" }} + port: 443 + targetPort: {{ .Values.service.targetPort }} + {{- end }} + {{- if eq .Values.service.scheme "passthrough" }} + port: {{ .Values.service.targetPort }} + targetPort: {{ .Values.service.targetPort }} + {{- end }} +type: {{ .Values.service.type | default "ClusterIP" | quote }} +sessionAffinity: None +selector: + app: "{{ .Values.appConfig.name }}" +{{- end }} diff --git a/templates/_templates.tpl b/templates/_templates.tpl new file mode 100644 index 00000000..605652cb --- /dev/null +++ b/templates/_templates.tpl @@ -0,0 +1,89 @@ +{{/* +Common Helm chart templates abstract +*/}} + + +{{- define "template.volumeMount" -}} +{{- range .Values.dependencies.storage.volumes }} +- name: {{ .name }} + mountPath: {{ .mountPath }} + {{- if and (eq .type "configmap") (hasKey . "subPath") .subPath }} + subPath: {{ .subPath }} + {{- end }} +{{- end }} +{{- end }} + + +{{- define "template.volumes" -}} +- name: {{ .item.name }} + {{- if eq .item.type "pvc" }} + persistentVolumeClaim: + claimName: {{ .item.name }}-pvc + {{- else if eq .item.type "configmap" }} + configMap: + name: {{ .root.Release.Name }}-configmap + {{- if and (hasKey .item "configmapKey") (hasKey .item "asFile") }} + items: + - key: {{ .item.configmapKey }} + path: {{ .item.asFile }} + {{- end }} + {{- else if eq .item.type "secret" }} + secret: + secretName: {{ .item.name }}-secret + {{- else }} + emptyDir: + sizeLimit: 100Mi + {{- end }} +{{- end }} + + +{{- define "template.resQuota" -}} +limits: + cpu: {{ .Values.appConfig.resources.cpu.limits | quote }} + memory: {{ .Values.appConfig.resources.memory.limits | quote }} +requests: + cpu: {{ .Values.appConfig.resources.cpu.requests | quote }} + memory: {{ .Values.appConfig.resources.memory.requests | quote }} +{{- end }} + + +{{- define "template.pvc" -}} + {{- if and (eq .item.type "pvc") (hasKey .item "size" ) }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ .item.name }}-pvc + labels: + app: "{{ .root.Release.Name }}" +spec: + storageClassName: "{{ .item.storageClass }}" + accessModes: + - ReadWriteMany + resources: + requests: + storage: {{ .item.size }} + {{- end }} +{{- end }} + + +{{- define "template.service" -}} +ports: + - protocol: TCP + name: "{{ .Values.appConfig.name }}-service" + {{- if eq .Values.service.scheme "http" }} + port: 80 + targetPort: {{ .Values.service.targetPort }} + {{- end }} + {{- if eq .Values.service.scheme "https" }} + port: 443 + targetPort: {{ .Values.service.targetPort }} + {{- end }} + {{- if eq .Values.service.scheme "passthrough" }} + port: {{ .Values.service.targetPort }} + targetPort: {{ .Values.service.targetPort }} + {{- end }} +type: {{ .Values.service.type | default "ClusterIP" | quote }} +sessionAffinity: None +selector: + app: "{{ .Values.appConfig.name }}" +{{- end }} diff --git a/templates/configmap.yaml b/templates/configmap.yaml new file mode 100644 index 00000000..1892752b --- /dev/null +++ b/templates/configmap.yaml @@ -0,0 +1,16 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: "{{ $.Release.Name }}-configmap" + labels: + app: "{{ $.Release.Name }}" + +data: + mordred-setup: |- + {{- include "config.mordredSetup" . | nindent 4 }} + mordred-projects: |- + {{- include "config.mordredProject" . | nindent 4 }} + uwsgi-params: |- + {{- include "config.uwsgiParams" . | nindent 4 }} + nginx-conf-template: |- + {{- include "config.nginxConf" . | nindent 4 }}