chore: add web helm chart

ZEISS · Jul 3, 2024 · a1f8637 · a1f8637
1 parent 71bf35a
commit a1f8637
Show file tree

Hide file tree

Showing 14 changed files with 574 additions and 53 deletions.
diff --git a/cmd/web/cmd/cfg.go b/cmd/web/cmd/cfg.go
@@ -1,56 +1,37 @@
 package cmd
 
 import (
-	"fmt"
 	"os"
 )
 
 var cfg = New()
 
 // DB ...
 type DB struct {
-	Addr     string `envconfig:"TYPHOON_DB_ADDR" default:"host.docker.internal"`
-	Username string `envconfig:"TYPHOON_DB_USERNAME" default:"root"`
-	Password string `envconfig:"TYPHOON_DB_PASSWORD" default:""`
-	Database string `envconfig:"TYPHOON_DB_DATABASE" default:"defaultdb"`
-	Port     int    `envconfig:"TYPHOON_DB_PORT" default:"26257"`
-	Prefix   string `envconfig:"TYPHOON_DB_PREFIX" default:"typhoon_"`
+	Addr     string
+	Database string
+	Password string
+	Port     int
+	Username string
+	Prefix   string
 }
 
 // Flags contains the command line flags.
 type Flags struct {
-	Addr string `envconfig:"TYPHOON_ADDR" default:":3000"`
-	FGA  *FGA
-	DB   *DB
-}
-
-// FGA contains the OpenFGA configuration.
-type FGA struct {
-	// ApiUrl ...
-	ApiUrl string `envconfig:"TYPHOON_FGA_API_URL" default:"http://host.docker.internal:8080"`
-	// StoreId ...
-	StoreID string `envconfig:"TYPHOON_FGA_STORE_ID" default:""`
-	// AuthorizationModelId ...
-	AuthorizationModelID string `envconfig:"TYPHOON_FGA_AUTHORIZATION_MODEL_ID" default:""`
-}
-
-// DSN for PostgreSQL.
-func (c *Config) DSN() string {
-	return fmt.Sprintf("host=%s user=%s password=%s dbname=%s port=%d sslmode=disable", c.Flags.DB.Addr, c.Flags.DB.Username, c.Flags.DB.Password, c.Flags.DB.Database, c.Flags.DB.Port)
+	Addr                    string `envconfig:"TYPHOON_WEB_ADDR" default:":8080"`
+	DatabaseURI             string `envconfig:"TYPHOON_WEB_DATABASE_URI" default:""`
+	DatabaseTablePrefix     string `envconfig:"TYPHOON_WEB_DATABASE_TABLE_PREFIX" default:"typhoon_"`
+	FGAApiUrl               string `envconfig:"TYPHOON_WEB_FGA_API_URL" default:"http://host.docker.internal:8080"`
+	FGAStoreID              string `envconfig:"TYPHOON_WEB_FGA_STORE_ID" default:""`
+	FGAAuthorizationModelID string `envconfig:"TYPHOON_WEB_FGA_AUTHORIZATION_MODEL_ID" default:""`
 }
 
 // NewFlags ...
 func NewFlags() *Flags {
 	return &Flags{
-		FGA: &FGA{},
-		DB: &DB{
-			Addr:     "host.docker.internal",
-			Database: "defaultdb",
-			Password: "",
-			Port:     26257,
-			Username: "root",
-			Prefix:   "typhoon_",
-		},
+		Addr:                ":8080",
+		DatabaseURI:         "host=host.docker.internal user=example password=example dbname=example port=5432 sslmode=disable",
+		DatabaseTablePrefix: "typhoon_",
 	}
 }
 
@@ -66,11 +47,6 @@ type Config struct {
 	Flags *Flags
 }
 
-// Prefix ...
-func (c *Config) Prefix() string {
-	return c.Flags.DB.Prefix
-}
-
 // Cwd returns the current working directory.
 func (c *Config) Cwd() (string, error) {
 	return os.Getwd()

diff --git a/cmd/web/cmd/migrate.go b/cmd/web/cmd/migrate.go
@@ -13,9 +13,9 @@ var Migrate = &cobra.Command{
 	Use:   "migrate",
 	Short: "Migrate the database",
 	RunE: func(cmd *cobra.Command, args []string) error {
-		conn, err := gorm.Open(postgres.Open(cfg.DSN()), &gorm.Config{
+		conn, err := gorm.Open(postgres.Open(cfg.Flags.DatabaseURI), &gorm.Config{
 			NamingStrategy: schema.NamingStrategy{
-				TablePrefix: cfg.Prefix(),
+				TablePrefix: cfg.Flags.DatabaseTablePrefix,
 			},
 		})
 		if err != nil {

diff --git a/cmd/web/cmd/root.go b/cmd/web/cmd/root.go
@@ -2,6 +2,7 @@ package cmd
 
 import (
 	"context"
+	"log"
 	"net/http"
 	"os"
 
@@ -28,15 +29,19 @@ import (
 )
 
 func init() {
+	err := envconfig.Process("", cfg.Flags)
+	if err != nil {
+		log.Fatal(err)
+	}
+
 	Root.AddCommand(Migrate)
 
-	Root.PersistentFlags().StringVar(&cfg.Flags.Addr, "addr", ":3000", "addr")
-	Root.PersistentFlags().StringVar(&cfg.Flags.DB.Database, "db-database", cfg.Flags.DB.Database, "Database name")
-	Root.PersistentFlags().StringVar(&cfg.Flags.DB.Username, "db-username", cfg.Flags.DB.Username, "Database user")
-	Root.PersistentFlags().StringVar(&cfg.Flags.DB.Password, "db-password", cfg.Flags.DB.Password, "Database password")
-	Root.PersistentFlags().IntVar(&cfg.Flags.DB.Port, "db-port", cfg.Flags.DB.Port, "Database port")
-	Root.PersistentFlags().StringVar(&cfg.Flags.DB.Addr, "db-host", cfg.Flags.DB.Addr, "Database host")
-	Root.PersistentFlags().StringVar(&cfg.Flags.FGA.ApiUrl, "fga-api-url", cfg.Flags.FGA.ApiUrl, "FGA API URL")
+	Root.PersistentFlags().StringVar(&cfg.Flags.Addr, "addr", cfg.Flags.Addr, "addr")
+	Root.PersistentFlags().StringVar(&cfg.Flags.DatabaseURI, "db-uri", cfg.Flags.DatabaseURI, "Database URI")
+	Root.PersistentFlags().StringVar(&cfg.Flags.DatabaseTablePrefix, "db-table-prefix", cfg.Flags.DatabaseTablePrefix, "Database table prefix")
+	Root.PersistentFlags().StringVar(&cfg.Flags.FGAApiUrl, "fga-api-url", cfg.Flags.FGAApiUrl, "FGA API URL")
+	Root.PersistentFlags().StringVar(&cfg.Flags.FGAStoreID, "fga-store-id", cfg.Flags.FGAStoreID, "FGA Store ID")
+	Root.PersistentFlags().StringVar(&cfg.Flags.FGAAuthorizationModelID, "fga-authorization-model-id", cfg.Flags.FGAAuthorizationModelID, "FGA Authorization Model ID")
 
 	Root.SilenceUsage = true
 }
@@ -77,9 +82,9 @@ func (s *WebSrv) Start(ctx context.Context, ready server.ReadyFunc, run server.R
 	return func() error {
 		providers.RegisterProvider(github.New(os.Getenv("GITHUB_KEY"), os.Getenv("GITHUB_SECRET"), "http://localhost:3000/auth/github/callback"))
 
-		conn, err := gorm.Open(postgres.Open(cfg.DSN()), &gorm.Config{
+		conn, err := gorm.Open(postgres.Open(cfg.Flags.DatabaseURI), &gorm.Config{
 			NamingStrategy: schema.NamingStrategy{
-				TablePrefix: "typhoon_",
+				TablePrefix: cfg.Flags.DatabaseTablePrefix,
 			},
 		})
 		if err != nil {
@@ -88,9 +93,9 @@ func (s *WebSrv) Start(ctx context.Context, ready server.ReadyFunc, run server.R
 
 		fga, err := openfga.NewSdkClient(
 			&openfga.ClientConfiguration{
-				ApiUrl:               cfg.Flags.FGA.ApiUrl,
-				StoreId:              cfg.Flags.FGA.StoreID,
-				AuthorizationModelId: cfg.Flags.FGA.AuthorizationModelID,
+				ApiUrl:               cfg.Flags.FGAApiUrl,
+				StoreId:              cfg.Flags.FGAStoreID,
+				AuthorizationModelId: cfg.Flags.FGAAuthorizationModelID,
 			},
 		)
 		if err != nil {

diff --git a/helm/charts/typhoon-web/.helmignore b/helm/charts/typhoon-web/.helmignore
@@ -0,0 +1,24 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+
+# Chart specific files
+README.md
diff --git a/helm/charts/typhoon-web/Chart.yaml b/helm/charts/typhoon-web/Chart.yaml
@@ -0,0 +1,12 @@
+apiVersion: v2
+appVersion: 0.1.29
+description: A Helm chart for the Typhoon Web application
+name: typhoon-web
+keywords:
+- messaging
+- jwt
+- auth
+version: 0.1.29
+sources:
+- https://github.com/zeiss/typhoon
+home: http://github.com/zeiss/typhoon
diff --git a/helm/charts/typhoon-web/README.md b/helm/charts/typhoon-web/README.md
@@ -0,0 +1,8 @@
+# Typhoon Web
+
+## TL;DR
+
+```console
+helm repo add nats https://nats-io.github.io/k8s/helm/charts/
+helm install my-typhoon-web typhoon/typhoon-web
+```
diff --git a/helm/charts/typhoon-web/templates/_helpers.tpl b/helm/charts/typhoon-web/templates/_helpers.tpl
@@ -0,0 +1,70 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "typhoon.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "typhoon.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Expand the namespace of the release.
+Allows overriding it for multi-namespace deployments in combined charts.
+*/}}
+{{- define "typhoon.namespace" -}}
+{{- default .Release.Namespace .Values.namespaceOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "typhoon.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "typhoon.labels" -}}
+helm.sh/chart: {{ include "typhoon.chart" . }}
+{{ include "typhoon.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "typhoon.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "typhoon.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "typhoon.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "typhoon.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}