chore: cleanup pgboss-worker and ws-server deployments

Author: gytis-ivaskevicius

nix/cardano-services/deployments/ci.nix

@@ -1,5 +1,9 @@
-{ lib, modules, config, ...}: {
-
+{
+  lib,
+  modules,
+  config,
+  ...
+}: {
   imports = [
     modules.githubAction
   ];

nix/cardano-services/deployments/pg-boss-worker-deployment.nix

@@ -5,9 +5,7 @@
   config,
   ...
 }: {
-  templates.pgboss-deployment = lib.mkIf values.pg-boss-worker.enabled {
-    apiVersion = "apps/v1";
-    kind = "Deployment";
+  resources.deployments.pgboss = lib.mkIf values.pg-boss-worker.enabled {
     metadata = {
       name = "${config.name}-pg-boss-worker";
       labels = utils.appLabels "pg-boss-worker";
@@ -17,108 +15,91 @@
       template = {
         metadata.labels = utils.appLabels "pg-boss-worker";
         spec = {
-          imagePullSecrets = [
-            {
-              name = "dockerconfigjson";
-            }
-          ];
-          containers = [
-            {
-              inherit (values.cardano-services) image;
-              inherit (values.pg-boss-worker) resources;
-              name = "pg-boss-worker";
-              ports = [
-                {
-                  containerPort = 3000;
-                  name = "http";
-                }
-              ];
-              startupProbe = {
-                httpGet = {
-                  path = "${values.cardano-services.httpPrefix}/ready";
-                  port = 3000;
-                };
-                initialDelaySeconds = 80;
-                periodSeconds = 5;
-              };
-              livenessProbe = {
-                httpGet = {
-                  path = "${values.cardano-services.httpPrefix}/health";
-                  port = 3000;
-                };
+          imagePullSecrets.dockerconfigjson = {};
+          containers.pg-boss-worker = {
+            inherit (values.cardano-services) image;
+            inherit (values.pg-boss-worker) resources;
+            ports.http.containerPort = 3000;
+            startupProbe = {
+              httpGet = {
+                path = "${values.cardano-services.httpPrefix}/ready";
+                port = 3000;
               };
-              securityContext = {
-                runAsUser = 0;
-                runAsGroup = 0;
+              initialDelaySeconds = 80;
+              periodSeconds = 5;
+            };
+            livenessProbe = {
+              httpGet = {
+                path = "${values.cardano-services.httpPrefix}/health";
+                port = 3000;
               };
-              args = ["start-pg-boss-worker"];
-              env = utils.mkPodEnv ({
-                  NETWORK = config.network;
-                  LOGGER_MIN_SEVERITY = values.cardano-services.loggingLevel;
-                  QUEUES = values.pg-boss-worker.queues;
-                  NODE_ENV = values.cardano-services.nodeEnv;
+            };
+            securityContext = {
+              runAsUser = 0;
+              runAsGroup = 0;
+            };
+            args = ["start-pg-boss-worker"];
+            env = utils.mkPodEnv ({
+                NETWORK = config.network;
+                LOGGER_MIN_SEVERITY = values.cardano-services.loggingLevel;
+                QUEUES = values.pg-boss-worker.queues;
+                NODE_ENV = values.cardano-services.nodeEnv;
 
-                  METADATA_FETCH_MODE = values.pg-boss-worker.metadata-fetch-mode;
+                METADATA_FETCH_MODE = values.pg-boss-worker.metadata-fetch-mode;
 
-                  STAKE_POOL_PROVIDER_URL = "http://${config.name}-backend.${config.namespace}.svc.cluster.local";
-                  NETWORK_INFO_PROVIDER_URL = "http://${config.name}-backend.${config.namespace}.svc.cluster.local";
+                STAKE_POOL_PROVIDER_URL = "http://${config.name}-backend.${config.namespace}.svc.cluster.local";
+                NETWORK_INFO_PROVIDER_URL = "http://${config.name}-backend.${config.namespace}.svc.cluster.local";
 
-                  POSTGRES_POOL_MAX_STAKE_POOL = "5";
-                  POSTGRES_HOST_STAKE_POOL = values.postgresName;
-                  POSTGRES_PORT_STAKE_POOL = "5432";
-                  POSTGRES_DB_STAKE_POOL = values.stakepool.databaseName;
-                  POSTGRES_PASSWORD_STAKE_POOL = {
-                    valueFrom.secretKeyRef = {
-                      name = "${values.stakepool.databaseName}-owner-user.${values.postgresName}.credentials.postgresql.acid.zalan.do";
-                      key = "password";
-                    };
+                POSTGRES_POOL_MAX_STAKE_POOL = "5";
+                POSTGRES_HOST_STAKE_POOL = values.postgresName;
+                POSTGRES_PORT_STAKE_POOL = "5432";
+                POSTGRES_DB_STAKE_POOL = values.stakepool.databaseName;
+                POSTGRES_PASSWORD_STAKE_POOL = {
+                  valueFrom.secretKeyRef = {
+                    name = "${values.stakepool.databaseName}-owner-user.${values.postgresName}.credentials.postgresql.acid.zalan.do";
+                    key = "password";
                   };
-                  POSTGRES_USER_STAKE_POOL = {
-                    valueFrom.secretKeyRef = {
-                      name = "${values.stakepool.databaseName}-owner-user.${values.postgresName}.credentials.postgresql.acid.zalan.do";
-                      key = "username";
-                    };
+                };
+                POSTGRES_USER_STAKE_POOL = {
+                  valueFrom.secretKeyRef = {
+                    name = "${values.stakepool.databaseName}-owner-user.${values.postgresName}.credentials.postgresql.acid.zalan.do";
+                    key = "username";
                   };
-                  POSTGRES_SSL_STAKE_POOL = "true";
-                  POSTGRES_SSL_CA_FILE_STAKE_POOL = "/tls/ca.crt";
+                };
+                POSTGRES_SSL_STAKE_POOL = "true";
+                POSTGRES_SSL_CA_FILE_STAKE_POOL = "/tls/ca.crt";
 
-                  POSTGRES_POOL_MAX_DB_SYNC = "5";
-                  POSTGRES_HOST_DB_SYNC = values.postgresName;
-                  POSTGRES_PORT_DB_SYNC = "5432";
-                  POSTGRES_DB_DB_SYNC = "cardano";
-                  POSTGRES_PASSWORD_DB_SYNC = {
-                    valueFrom.secretKeyRef = {
-                      name = "cardano-owner-user.${values.postgresName}.credentials.postgresql.acid.zalan.do";
-                      key = "password";
-                    };
+                POSTGRES_POOL_MAX_DB_SYNC = "5";
+                POSTGRES_HOST_DB_SYNC = values.postgresName;
+                POSTGRES_PORT_DB_SYNC = "5432";
+                POSTGRES_DB_DB_SYNC = "cardano";
+                POSTGRES_PASSWORD_DB_SYNC = {
+                  valueFrom.secretKeyRef = {
+                    name = "cardano-owner-user.${values.postgresName}.credentials.postgresql.acid.zalan.do";
+                    key = "password";
                   };
-                  POSTGRES_USER_DB_SYNC = {
-                    valueFrom.secretKeyRef = {
-                      name = "cardano-owner-user.${values.postgresName}.credentials.postgresql.acid.zalan.do";
-                      key = "username";
-                    };
+                };
+                POSTGRES_USER_DB_SYNC = {
+                  valueFrom.secretKeyRef = {
+                    name = "cardano-owner-user.${values.postgresName}.credentials.postgresql.acid.zalan.do";
+                    key = "username";
                   };
-                  POSTGRES_SSL_DB_SYNC = "true";
-                  POSTGRES_SSL_CA_FILE_DB_SYNC = "/tls/ca.crt";
-                }
-                // lib.optionalAttrs (values.pg-boss-worker ? env) values.pg-boss-worker.env
-                // lib.optionalAttrs (values.pg-boss-worker.metadata-fetch-mode == "smash") {
-                  SMASH_URL = values.pg-boss-worker.smash-url;
-                });
-              volumeMounts = [
-                {
-                  mountPath = "/tls";
-                  name = "tls";
-                }
-              ];
-            }
-          ];
-          volumes = [
-            {
-              name = "tls";
-              secret.secretName = "postgresql-server-cert";
-            }
-          ];
+                };
+                POSTGRES_SSL_DB_SYNC = "true";
+                POSTGRES_SSL_CA_FILE_DB_SYNC = "/tls/ca.crt";
+              }
+              // lib.optionalAttrs (values.pg-boss-worker ? env) values.pg-boss-worker.env
+              // lib.optionalAttrs (values.pg-boss-worker.metadata-fetch-mode == "smash") {
+                SMASH_URL = values.pg-boss-worker.smash-url;
+              });
+            volumeMounts = [
+              {
+                mountPath = "/tls";
+                name = "tls";
+              }
+            ];
+          };
+          volumes.tls.secret.secretName = "postgresql-server-cert";
         };
       };
     };

nix/cardano-services/deployments/ws-server.deployment.nix

@@ -5,29 +5,22 @@
   config,
   ...
 }: {
-  templates.ws-server-service = lib.mkIf values.ws-server.enabled {
-    apiVersion = "v1";
-    kind = "Service";
+  resources.services.ws-server = lib.mkIf values.ws-server.enabled {
     metadata = {
       name = "${config.name}-ws-server";
       labels = utils.appLabels "ws-server";
     };
     spec = {
-      ports = [
-        {
-          name = "http";
-          protocol = "TCP";
-          port = 3000;
-          targetPort = 3000;
-        }
-      ];
+      ports.http = {
+        protocol = "TCP";
+        port = 3000;
+        targetPort = 3000;
+      };
       selector = utils.appLabels "ws-server";
     };
   };
 
-  templates.ws-server-deployment = lib.mkIf values.ws-server.enabled {
-    apiVersion = "apps/v1";
-    kind = "Deployment";
+  resources.deployments.ws-server = lib.mkIf values.ws-server.enabled {
     metadata = {
       name = "${config.name}-ws-server";
       labels = utils.appLabels "ws-server";
@@ -37,71 +30,54 @@
       template = {
         metadata.labels = utils.appLabels "ws-server";
         spec = {
-          imagePullSecrets = [
-            {
-              name = "dockerconfigjson";
-            }
-          ];
-          containers = [
-            {
-              inherit (values.cardano-services) image;
-              inherit (values.ws-server) resources;
-              name = "ws-server";
-              ports = [
-                {
-                  containerPort = 3000;
-                  name = "http";
-                }
-              ];
-              livenessProbe = {
-                httpGet = {
-                  path = "/health";
-                  port = 3000;
-                };
+          imagePullSecrets.dockerconfigjson = {};
+          containers.ws-server = {
+            inherit (values.cardano-services) image;
+            inherit (values.ws-server) resources;
+            ports.http.containerPort = 3000;
+            livenessProbe = {
+              httpGet = {
+                path = "/health";
+                port = 3000;
               };
-              securityContext = {
-                runAsUser = 0;
-                runAsGroup = 0;
-              };
-              args = ["start-ws-server"];
-              env = utils.mkPodEnv {
-                NETWORK = config.network;
-                DB_CACHE_TTL = "7200";
-                OGMIOS_URL = "ws://${config.namespace}-cardano-core.${config.namespace}.svc.cluster.local:1337";
+            };
+            securityContext = {
+              runAsUser = 0;
+              runAsGroup = 0;
+            };
+            args = ["start-ws-server"];
+            env = utils.mkPodEnv {
+              NETWORK = config.network;
+              DB_CACHE_TTL = "7200";
+              OGMIOS_URL = "ws://${config.namespace}-cardano-core.${config.namespace}.svc.cluster.local:1337";
 
-                POSTGRES_POOL_MAX_DB_SYNC = "2";
-                POSTGRES_HOST_DB_SYNC = values.postgresName;
-                POSTGRES_PORT_DB_SYNC = "5432";
-                POSTGRES_DB_DB_SYNC = "cardano";
-                POSTGRES_PASSWORD_DB_SYNC = {
-                  valueFrom.secretKeyRef = {
-                    name = "cardano-owner-user.${values.postgresName}.credentials.postgresql.acid.zalan.do";
-                    key = "password";
-                  };
+              POSTGRES_POOL_MAX_DB_SYNC = "2";
+              POSTGRES_HOST_DB_SYNC = values.postgresName;
+              POSTGRES_PORT_DB_SYNC = "5432";
+              POSTGRES_DB_DB_SYNC = "cardano";
+              POSTGRES_PASSWORD_DB_SYNC = {
+                valueFrom.secretKeyRef = {
+                  name = "cardano-owner-user.${values.postgresName}.credentials.postgresql.acid.zalan.do";
+                  key = "password";
                 };
-                POSTGRES_USER_DB_SYNC = {
-                  valueFrom.secretKeyRef = {
-                    name = "cardano-owner-user.${values.postgresName}.credentials.postgresql.acid.zalan.do";
-                    key = "username";
-                  };
+              };
+              POSTGRES_USER_DB_SYNC = {
+                valueFrom.secretKeyRef = {
+                  name = "cardano-owner-user.${values.postgresName}.credentials.postgresql.acid.zalan.do";
+                  key = "username";
                 };
-                POSTGRES_SSL_DB_SYNC = "true";
-                POSTGRES_SSL_CA_FILE_DB_SYNC = "/tls/ca.crt";
               };
-              volumeMounts = [
-                {
-                  mountPath = "/tls";
-                  name = "tls";
-                }
-              ];
-            }
-          ];
-          volumes = [
-            {
-              name = "tls";
-              secret.secretName = "postgresql-server-cert";
-            }
-          ];
+              POSTGRES_SSL_DB_SYNC = "true";
+              POSTGRES_SSL_CA_FILE_DB_SYNC = "/tls/ca.crt";
+            };
+            volumeMounts = [
+              {
+                mountPath = "/tls";
+                name = "tls";
+              }
+            ];
+          };
+          volumes.tls.secret.secretName = "postgresql-server-cert";
         };
       };
     };