diff --git a/helm/.helmignore b/helm/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/Chart.yaml b/helm/Chart.yaml new file mode 100644 index 0000000..8be3948 --- /dev/null +++ b/helm/Chart.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +name: playground +description: A Helm chart for developer-portal +type: application +version: 0.0.1 +appVersion: 0.0.1 diff --git a/helm/config/default.conf b/helm/config/default.conf new file mode 100644 index 0000000..05c483b --- /dev/null +++ b/helm/config/default.conf @@ -0,0 +1,46 @@ +server { + listen 8080; + server_name localhost; + port_in_redirect off; + + #charset koi8-r; + #access_log /var/log/nginx/host.access.log main; + + location / { + root /usr/share/nginx/html; + index index.html index.htm; + try_files $uri /index.html; + } + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + # proxy_pass http://127.0.0.1; + #} + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + #location ~ \.php$ { + # root html; + # fastcgi_pass 127.0.0.1:9000; + # fastcgi_index index.php; + # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; + # include fastcgi_params; + #} + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} +} \ No newline at end of file diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl new file mode 100644 index 0000000..da12d9c --- /dev/null +++ b/helm/templates/_helpers.tpl @@ -0,0 +1,115 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "developer-portal.name" -}} +{{- default .Chart.Name | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "developer-portal.fullname" -}} +{{- $name := default .Chart.Name }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "developer-portal.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "developer-portal.labels" -}} +helm.sh/chart: {{ include "developer-portal.chart" . }} +{{ include "developer-portal.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Returns the tag of the chart. +*/}} +{{- define "developer-portal.tag" -}} +{{- default (printf "v%s" .Chart.AppVersion) .Values.image.tag }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "developer-portal.selectorLabels" -}} +app.kubernetes.io/name: {{ include "developer-portal.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Returns the environment from global if exists or from the chart's values, defaults to development +*/}} +{{- define "developer-portal.environment" -}} +{{- if .Values.global.environment }} + {{- .Values.global.environment -}} +{{- else -}} + {{- .Values.environment | default "development" -}} +{{- end -}} +{{- end -}} + +{{/* +Returns the cloud provider name from global if exists or from the chart's values, defaults to minikube +*/}} +{{- define "developer-portal.cloudProviderFlavor" -}} +{{- if .Values.global.cloudProvider.flavor }} + {{- .Values.global.cloudProvider.flavor -}} +{{- else if .Values.cloudProvider -}} + {{- .Values.cloudProvider.flavor | default "minikube" -}} +{{- else -}} + {{ "minikube" }} +{{- end -}} +{{- end -}} + +{{/* +Returns the cloud provider docker registry url from global if exists or from the chart's values +*/}} +{{- define "developer-portal.cloudProviderDockerRegistryUrl" -}} +{{- if .Values.global.cloudProvider.dockerRegistryUrl }} + {{- printf "%s/" .Values.global.cloudProvider.dockerRegistryUrl -}} +{{- else if .Values.cloudProvider.dockerRegistryUrl -}} + {{- printf "%s/" .Values.cloudProvider.dockerRegistryUrl -}} +{{- else -}} +{{- end -}} +{{- end -}} + +{{/* +Returns the cloud provider image pull secret name from global if exists or from the chart's values +*/}} +{{- define "developer-portal.cloudProviderImagePullSecretName" -}} +{{- if .Values.global.cloudProvider.imagePullSecretName }} + {{- .Values.global.cloudProvider.imagePullSecretName -}} +{{- else if .Values.cloudProvider.imagePullSecretName -}} + {{- .Values.cloudProvider.imagePullSecretName -}} +{{- end -}} +{{- end -}} + +{{/* +Returns string array of namespace values (if we'll need to implement it) +*/}} +{{- define "developer-portal.getNSArray" -}} +{{- print "[" -}} +{{- range $namespace := .Values.kubernetes.namespaces }} + {{- if ne $namespace $.Release.Namespace}} + {{- printf "\"%s\"," $namespace -}} + {{- end }} +{{- end }} +{{- .Release.Namespace | quote }} +{{- print "]" -}} +{{- end -}} diff --git a/helm/templates/configmap.yaml b/helm/templates/configmap.yaml new file mode 100644 index 0000000..2c8ce02 --- /dev/null +++ b/helm/templates/configmap.yaml @@ -0,0 +1,22 @@ +{{- $chartName := include "developer-portal.name" . -}} +{{- if .Values.enabled -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-{{ $chartName }}-configmap +data: + # NODE_TLS_REJECT_UNAUTHORIZED: '0' + AWS_ENDPOINT_URL: {{ .Values.s3.url }} + AWS_BUCKET: {{ .Values.s3.bucket }} + AWS_ACCESS_KEY_ID: {{ .Values.s3.accessKeyId }} + AWS_SECRET_ACCESS_KEY: {{ .Values.s3.secretAccessKey }} + AWS_REGION: us-east-1 + INDEX_KEY: index.json + ITEMS_TIMEOUT: '600' + ITEMS_STALE: '600' + PUBLIC_CATALOG_HREF: 'http://catalog' + PUBLIC_DEVPORTAL_HREF: 'http://developer-portal' + PUBLIC_PUZZLE_HREF: '' + npm_config_cache: /tmp/ + # default.conf: {{ tpl (.Files.Get "config/default.conf") . | quote }} +{{- end }} diff --git a/helm/templates/deployment.yaml b/helm/templates/deployment.yaml new file mode 100644 index 0000000..b45d872 --- /dev/null +++ b/helm/templates/deployment.yaml @@ -0,0 +1,82 @@ +{{- $releaseName := .Release.Name -}} +{{- $chartName := include "developer-portal.name" . -}} +{{- $cloudProviderFlavor := include "developer-portal.cloudProviderFlavor" . -}} +{{- $cloudProviderDockerRegistryUrl := include "developer-portal.cloudProviderDockerRegistryUrl" . -}} +{{- $cloudProviderImagePullSecretName := include "developer-portal.cloudProviderImagePullSecretName" . -}} +{{- $imageTag := include "developer-portal.tag" . -}} +{{- if .Values.enabled -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ $releaseName }}-{{ $chartName }} + labels: + app: {{ $chartName }} + component: {{ $chartName }} + environment: {{ include "developer-portal.environment" . }} + release: {{ $releaseName }} + {{- include "developer-portal.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ $chartName }} + release: {{ $releaseName }} + run: {{ $releaseName }}-{{ $chartName }} + {{- include "developer-portal.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + app: {{ $chartName }} + release: {{ $releaseName }} + run: {{ $releaseName }}-{{ $chartName }} + {{- include "developer-portal.selectorLabels" . | nindent 8 }} + {{- if .Values.resetOnConfigChange }} + annotations: + checksum/configmap: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + {{- end }} + spec: + {{- if $cloudProviderImagePullSecretName }} + imagePullSecrets: + - name: {{ $cloudProviderImagePullSecretName | quote }} + {{- end }} + containers: + - name: {{ $releaseName }}-{{ $chartName }}-deployment + {{- with .Values.image }} + image: {{ .repository }}:{{ $imageTag }} + {{- end }} + imagePullPolicy: {{ .Values.image.imagePullPolicy }} + env: + # - name: SERVER_PORT + # value: {{ .Values.env.targetPort | quote }} + - name: NODE_OPTIONS + value: 'no-network-family-autoselection' + - name: NODE_TLS_REJECT_UNAUTHORIZED + value: '0' + envFrom: + - configMapRef: + name: {{ $releaseName }}-{{ $chartName }}-configmap + ports: + - name: http + containerPort: {{ .Values.env.targetPort }} + protocol: {{ .Values.env.protocol }} + livenessProbe: + initialDelaySeconds: {{ .Values.initialDelaySeconds }} + httpGet: + path: / + port: {{ .Values.env.targetPort }} + {{- if .Values.resources.enabled }} + resources: + {{- toYaml .Values.resources.value | nindent 12 }} + {{- end }} + # volumeMounts: + # - name: nginx-config + # mountPath: /etc/nginx/conf.d/default.conf + # subPath: default.conf + # volumes: + # - name: nginx-config + # configMap: + # name: {{ $releaseName }}-{{ $chartName }}-configmap + # items: + # - key: default.conf + # path: default.conf +{{- end -}} diff --git a/helm/templates/ingress.yaml b/helm/templates/ingress.yaml new file mode 100644 index 0000000..4224f7b --- /dev/null +++ b/helm/templates/ingress.yaml @@ -0,0 +1,35 @@ +{{- $releaseName := .Release.Name -}} +{{- $chartName := include "developer-portal.name" . -}} +{{- if and (.Values.enabled) (.Values.ingress.enabled) -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $releaseName }}-{{ $chartName }}-ingress + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/rewrite-target: /$2 + nginx.org/mergeable-ingress-type: "minion" + nginx.org/rewrites: 'serviceName={{ $releaseName }}-{{ $chartName }} rewrite=/' + nginx.org/location-snippets: | + if ($request_method = OPTIONS) { + return 204; + } + {{- if .Values.ingress.cors.enabled }} + add_header 'Access-Control-Allow-Origin' '{{- .Values.ingress.cors.origin -}}'; + add_header 'Access-Control-Max-Age' 3600; + add_header 'Access-Control-Expose-Headers' 'Content-Length'; + add_header 'Access-Control-Allow-Headers' '*'; + {{- end }} +spec: + rules: + - http: + paths: + - path: {{ .Values.ingress.path }}{{ $releaseName }}(/|$)(.*) + pathType: Prefix + backend: + service: + name: {{ $releaseName }}-{{ $chartName }} + port: + number: {{ .Values.env.port }} + host: {{ .Values.ingress.host | quote }} +{{- end -}} diff --git a/helm/templates/route.yaml b/helm/templates/route.yaml new file mode 100644 index 0000000..3b6f403 --- /dev/null +++ b/helm/templates/route.yaml @@ -0,0 +1,31 @@ +{{- $releaseName := .Release.Name -}} +{{- $chartName := include "developer-portal.name" . -}} +{{- $cloudProviderFlavor := include "developer-portal.cloudProviderFlavor" . -}} +{{- if and (and (.Values.enabled) (eq $cloudProviderFlavor "openshift")) (.Values.route.enabled) -}} +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + name: {{ $releaseName }}-{{ $chartName }}-route + annotations: + haproxy.router.openshift.io/rewrite-target: / + {{- if .Values.route.timeout.enabled }} + haproxy.router.openshift.io/timeout: {{ .Values.route.timeout.duration }} + {{- end }} +spec: + path: {{ .Values.route.path | default "/" }} + host: {{ .Values.route.host }} + to: + kind: Service + name: {{ $releaseName }}-{{ $chartName }} + weight: 100 + port: + targetPort: {{ .Values.route.port.targetPort }} + {{- if .Values.route.https }} + tls: + termination: {{ .Values.route.tls.termination }} + certificate: {{ .Values.route.tls.certificate | quote }} + key: {{ .Values.route.tls.key | quote }} + caCertificate: {{ .Values.route.tls.caCertificate | quote }} + insecureEdgeTerminationPolicy: {{ .Values.route.tls.insecureEdgeTerminationPolicy }} + {{- end -}} +{{- end -}} diff --git a/helm/templates/service.yaml b/helm/templates/service.yaml new file mode 100644 index 0000000..965dc4c --- /dev/null +++ b/helm/templates/service.yaml @@ -0,0 +1,32 @@ +{{- $releaseName := .Release.Name -}} +{{- $chartName := include "developer-portal.name" . -}} +{{- $cloudProviderFlavor := include "developer-portal.cloudProviderFlavor" . -}} +{{- if .Values.enabled -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ $releaseName }}-{{ $chartName }} + labels: + app: {{ $chartName }} + component: {{ $chartName }} + environment: {{ include "developer-portal.environment" . }} + release: {{ $releaseName }} + {{- include "developer-portal.labels" . | nindent 4 }} +spec: + {{- if eq $cloudProviderFlavor "minikube" }} + type: NodePort + {{- end }} + ports: + - port: {{ .Values.env.port }} + targetPort: {{ .Values.env.targetPort }} + protocol: {{ .Values.env.protocol }} + name: http + {{- if eq $cloudProviderFlavor "minikube" }} + nodePort: {{ .Values.nodePort }} + {{- end }} + selector: + app: {{ $chartName }} + release: {{ $releaseName }} + run: {{ $releaseName }}-{{ $chartName }} + {{- include "developer-portal.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/helm/values.yaml b/helm/values.yaml new file mode 100644 index 0000000..c10943b --- /dev/null +++ b/helm/values.yaml @@ -0,0 +1,63 @@ +global: + cloudProvider: {} + environment: {} +enabled: true +environment: production +replicaCount: 1 +initialDelaySeconds: 60 +nodePort: 30030 +resetOnConfigChange: true +cloudProvider: + imagePullSecretName: mapcolonies-pull-secret + flavor: openshift + +image: + repository: localhost/mapcolonies/common/maps-playground + tag: 0.0.1-4 + imagePullPolicy: IfNotPresent + +s3: + url: 'http://localhost:9000' + bucket: 'temp' + accessKeyId: 'user' + secretAccessKey: 'password' + +env: + port: 8080 + targetPort: 8080 + +resources: + enabled: true + value: + limits: + cpu: 200m + memory: 150Mi + requests: + cpu: 50m + memory: 150Mi + +route: + enabled: true + https: true + path: / + host: playground + wildcardPolicy: None + port: + targetPort: http + tls: + termination: edge + certificate: '' + key: '' + caCertificate: '' + insecureEdgeTerminationPolicy: Redirect # <- important + timeout: + enabled: false + duration: 60s + +ingress: + enabled: false + path: / + host: localhost + cors: + enabled: true + origin: '*'