diff --git a/deploy/helm-preview/.helmignore b/deploy/helm-preview/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/deploy/helm-preview/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/deploy/helm-preview/Chart.yaml b/deploy/helm-preview/Chart.yaml new file mode 100644 index 0000000000..10cb54eb75 --- /dev/null +++ b/deploy/helm-preview/Chart.yaml @@ -0,0 +1,30 @@ +apiVersion: v2 +name: helm +description: A Helm chart for ballerine + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.0.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "0.4.14" +dependencies: + - condition: postgresql.enabled + name: postgresql + version: 12.0.0 + appVersion: 15.0.0 + repository: https://charts.bitnami.com/bitnami \ No newline at end of file diff --git a/deploy/helm-preview/README.md b/deploy/helm-preview/README.md new file mode 100644 index 0000000000..f25588c9ca --- /dev/null +++ b/deploy/helm-preview/README.md @@ -0,0 +1,102 @@ +# Install ballerine using helm chart for Preview Environment + +Ballerine is a collection of services like workflow-service, backoffice. +In values.yaml we have sections to enable/disable them based on the necessity like below + +```bash +workflowService: + enabled: true +. +. + +backoffice: + enabled: true +. +. +headlessexample: + enabled: true +. +. +``` + +## Prerequisites + +- kubernetes cluster +- [helm](https://helm.sh/docs/intro/install/) +- [kubectl](https://storage.googleapis.com/kubernetes-release/release/v1.23.6/bin/linux/amd64/kubectl) preferably 1.24 or less upto 1.23 + +### How to install + +Move to deploy directory + +```bash +cd deploy/helm +``` + +### Setup Postgresql + +#### Install postgresql along with ballerine + +- edit values.yaml + +```bash +## Postgres params +postgresql: + enabled: true + auth: + username: admin + password: admin + postgresPassword: admin + database: postgres +# Local dev purpose +# persistence: +# existingClaim: postgresql-pv-claim +# volumePermissions: +# enabled: true +``` + +#### How to use managed postgresql along with ballerine + +- edit values.yaml + +```bash +## Postgres params +postgresql: + enabled: false +. +. +. +. + applicationConfig: + BCRYPT_SALT: "10" + SESSION_EXPIRATION_IN_MINUTES: "60" + DB_URL: "" + DB_USER: "" + DB_PASSWORD: "" + DB_PORT: "5432" +``` + +### Installing Ballerine helm chart + +```bash +helm dep build +helm install ballerine . -n ballerine --create-namespace -f example.values.yaml +``` + +### Troubleshooting + +```bash +kubectl get pods -n ballerine +``` + +- Note the pod name of service you wish to trouble shoot + +```bash +kubectl logs -n ballerine +``` + +- Accessing the application + +```bash +kubectl port-forward svc/ -n ballerine 3000:3000 +``` diff --git a/deploy/helm-preview/example.values.yaml b/deploy/helm-preview/example.values.yaml new file mode 100644 index 0000000000..558c092fa5 --- /dev/null +++ b/deploy/helm-preview/example.values.yaml @@ -0,0 +1,328 @@ +## Postgres params +postgresql: + image: + repository: sibedge/postgres-plv8 + tag: 15.3-3.1.7 + enabled: true + auth: + username: admin + password: admin + postgresPassword: admin + database: postgres + # Local dev purpose + persistence: + existingClaim: postgresql-pv-claim + volumePermissions: + enabled: true + +backoffice: + enabled: true + replicas: 1 + strategyType: RollingUpdate + updateStrategy: + maxSurge: 1 + maxUnavailable: '0' + nameOverride: backoffice + service: + port: 80 + type: ClusterIP + protocol: TCP + image: + registry: ghcr.io + repository: 'ballerine-io/backoffice' + command: ["nginx", "-g", "daemon off;"] + pullPolicy: Always + pullSecrets: "" + tag: "dev" + livenessProbe: {} + readinessProbe: {} + startupProbe: {} + envFrom: + - configMapRef: + name: backoffice # Change according to the corresponding nameOverride. + ingress: + enabled: true + className: "nginx" + pathtype: Prefix + annotations: + kubernetes.io/ingress.class: nginx + ingress.annotations.service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "" + # acme.cert-manager.io/http01-edit-in-place: "true" + # cert-manager.io/common-name: backoffice.ballerine.io + # cert-manager.io/cluster-issuer: letsencrypt-staging + # nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + nginx.ingress.kubernetes.io/limit-rps: "15" + hosts: + - host: backoffice.dev.eu.ballerine.app + paths: + - path: / + tls: false + # - secretName: letsencrypt-staging + # hosts: + # - backoffice.ballerine.io + +headlessexample: + enabled: true + replicas: 1 + strategyType: RollingUpdate + updateStrategy: + maxSurge: 1 + maxUnavailable: '0' + nameOverride: headlessexample + service: + port: 80 + type: ClusterIP + protocol: TCP + image: + registry: ghcr.io + repository: 'ballerine-io/headless-example' + command: ["nginx", "-g", "daemon off;"] + pullPolicy: Always + pullSecrets: "" + tag: "dev" + envFrom: + - configMapRef: + name: headlessexample # Change according to the corresponding nameOverride. + livenessProbe: {} + readinessProbe: {} + startupProbe: {} + ingress: + enabled: true + className: "nginx" + pathtype: Prefix + annotations: + kubernetes.io/ingress.class: nginx + ingress.annotations.service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "" + # acme.cert-manager.io/http01-edit-in-place: "true" + # cert-manager.io/cluster-issuer: letsencrypt-staging + # cert-manager.io/common-name: headlessexample.ballerine.io + # nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + nginx.ingress.kubernetes.io/limit-rps: "15" + hosts: + - host: headlessexample.dev.eu.ballerine.app + paths: + - path: / + tls: {} + # - secretName: letsencrypt-staging + # hosts: + # - headlessexample.ballerine.io + +kybapp: + enabled: true + replicas: 1 + strategyType: RollingUpdate + updateStrategy: + maxSurge: 1 + maxUnavailable: "0" + nameOverride: kybapp + service: + port: 80 + type: ClusterIP + protocol: TCP + image: + registry: ghcr.io + repository: "ballerine-io/kyb-app" + command: ["nginx", "-g", "daemon off;"] + pullPolicy: Always + pullSecrets: "" + tag: "dev" + livenessProbe: {} + readinessProbe: {} + startupProbe: {} + envFrom: + - configMapRef: + name: kybapp # Change according to the corresponding nameOverride. + ingress: + enabled: true + className: "nginx" + pathtype: Prefix + annotations: + kubernetes.io/ingress.class: nginx + ingress.annotations.service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "" + # acme.cert-manager.io/http01-edit-in-place: "true" + # cert-manager.io/cluster-issuer: letsencrypt-staging + # cert-manager.io/common-name: workflowdashboard.ballerine.io + # nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + nginx.ingress.kubernetes.io/limit-rps: "15" + hosts: + - host: kyb.dev.eu.ballerine.app + paths: + - path: / + tls: {} + # - secretName: letsencrypt-staging + # hosts: + # - headlessexample.ballerine.io + +workflowsdashboard: + enabled: true + replicas: 1 + strategyType: RollingUpdate + updateStrategy: + maxSurge: 1 + maxUnavailable: '0' + nameOverride: workflowsdashboard + service: + port: 80 + type: ClusterIP + protocol: TCP + image: + registry: ghcr.io + repository: 'ballerine-io/workflows-dashboard' + command: ["nginx", "-g", "daemon off;"] + pullPolicy: Always + pullSecrets: "" + tag: "dev" + envFrom: + - configMapRef: + name: workflowsdashboard # Change according to the corresponding nameOverride. + livenessProbe: {} + readinessProbe: {} + startupProbe: {} + ingress: + enabled: true + className: "nginx" + pathtype: Prefix + annotations: + kubernetes.io/ingress.class: nginx + ingress.annotations.service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "" + # acme.cert-manager.io/http01-edit-in-place: "true" + # cert-manager.io/cluster-issuer: letsencrypt-staging + # cert-manager.io/common-name: workflowdashboard.ballerine.io + # nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + nginx.ingress.kubernetes.io/limit-rps: "15" + hosts: + - host: workflowdashboard.dev.eu.ballerine.app + paths: + - path: / + tls: {} + # - secretName: letsencrypt-staging + # hosts: + # - workflowdashboard.ballerine.io + +workflowService: + enabled: true + replicas: 1 + strategyType: RollingUpdate + updateStrategy: + maxSurge: 1 + maxUnavailable: '0' + nameOverride: workflowservice + migration: true + additionalInitContainers: [] + prismaMigrate: + envFrom: [] + enabled: false + image: + repository: "" + args: [] + pullPolicy: "" + tag: "" + command: [] + dbMigrate: + envFrom: [] + enabled: false + image: + tag: "" + command: [] + dataSync: + envFrom: [] + enabled: false + image: + tag: "" + command: [] + # prismaMigrate: + # enabled: true + # image: + # command: + # - dumb-init + # - npm + # - run + # - db:migrate-up + # tag: dev + # envFrom: + # - secretRef: + # name: wf-dev-secret-manager + # dbMigrate: + # enabled: true + # image: + # command: + # - dumb-init + # - npm + # - run + # - db:data-migration:migrate + # tag: dev + # envFrom: + # - secretRef: + # name: wf-dev-secret-manager + # dataSync: + # enabled: true + # image: + # command: + # - dumb-init + # - npm + # - run + # - db:data-sync + # tag: dev + # envFrom: + # - secretRef: + # name: wf-dev-secret-manager + serviceAccount: + create: true + automount: true + annotations: + eks.amazonaws.com/role-arn: "" + name: "workflowservice" + service: + port: 3000 + type: ClusterIP + protocol: TCP + image: + registry: ghcr.io + repository: 'ballerine-io/workflows-service' + command: ['dumb-init', 'npm', 'run', 'prod'] + pullPolicy: Always + pullSecrets: "" + tag: "dev" + envFrom: + - configMapRef: + name: workflowservice # Change according to the corresponding nameOverride. + ingress: + enabled: true + className: "nginx" + pathtype: Prefix + annotations: + kubernetes.io/ingress.class: nginx + ingress.annotations.service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "" + # acme.cert-manager.io/http01-edit-in-place: "true" + # cert-manager.io/cluster-issuer: letsencrypt-staging + # cert-manager.io/common-name: workflowsvc.ballerine.io + # nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + nginx.ingress.kubernetes.io/limit-rps: "15" + hosts: + - host: workflowsvc.dev.eu.ballerine.app + paths: + - path: / + tls: {} + # - secretName: letsencrypt-staging + # hosts: + # - workflowsvc.ballerine.io + applicationConfig: + BCRYPT_SALT: "10" + DB_URL: "" + DB_USER: "" + DB_PASSWORD: "" + DB_PORT: "5432" + PORT: "3000" + COMPOSE_PROJECT_NAME: "ballerine-x" + SESSION_SECRET: "iGdnj4A0YOhj8dHJK7IWSvQKEZsG7P70FFehuddhFPjtg/bSkzFejYILk4Xue6Ilx9y3IAwzR8pV1gb4" + SESSION_EXPIRATION_IN_MINUTES: '60' + BACKOFFICE_CORS_ORIGIN: "http://localhost:5137" + HEADLESS_EXAMPLE_CORS_ORIGIN: "http://localhost:5173" + API_KEY: "secret" + NODE_ENV: "development" + SENTRY_DSN: "" + WEBHOOK_URL: "" + WORKFLOW_DASHBOARD_CORS_ORIGIN: "http://localhost:5200" + KYB_EXAMPLE_CORS_ORIGIN: "http://localhost:5201" + APP_API_URL: https://alon.ballerine.dev + UNIFIED_API_URL: "https://unified-api-test.eu.ballerine.app" diff --git a/deploy/helm-preview/services/backoffice-v2/templates/configmap.yaml b/deploy/helm-preview/services/backoffice-v2/templates/configmap.yaml new file mode 100644 index 0000000000..a3fdd74991 --- /dev/null +++ b/deploy/helm-preview/services/backoffice-v2/templates/configmap.yaml @@ -0,0 +1,17 @@ +{{- $name := .Release.Name }} +{{- $namespace:= .Release.Namespace }} +{{- if .Values.backoffice.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.backoffice.nameOverride }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ .Values.backoffice.nameOverride }} +data: + {{- range $key, $value := .Values.backoffice.applicationConfig }} + {{- if $value }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/deploy/helm-preview/services/backoffice-v2/templates/deployment.yaml b/deploy/helm-preview/services/backoffice-v2/templates/deployment.yaml new file mode 100644 index 0000000000..278e116878 --- /dev/null +++ b/deploy/helm-preview/services/backoffice-v2/templates/deployment.yaml @@ -0,0 +1,55 @@ +{{- if .Values.backoffice.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.backoffice.nameOverride }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ .Values.backoffice.nameOverride }} +spec: + replicas: {{ .Values.backoffice.replicas }} + {{- if .Values.backoffice.strategyType }} + strategy: + type: {{ .Values.backoffice.strategyType }} + {{- end }} + {{- if .Values.backoffice.updateStrategy }} + rollingUpdate: + {{- if .Values.backoffice.updateStrategy.maxSurge }} + maxSurge: {{ .Values.backoffice.updateStrategy.maxSurge}} + {{- end }} + {{- if .Values.backoffice.updateStrategy.maxUnavailable }} + maxUnavailable: {{ .Values.backoffice.updateStrategy.maxUnavailable }} + {{- end }} + {{- end }} + selector: + matchLabels: + app: {{ .Values.backoffice.nameOverride }} + template: + metadata: + labels: + app: {{ .Values.backoffice.nameOverride }} + spec: + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: {{ .Values.backoffice.nameOverride }} + image: "{{ .Values.backoffice.image.registry }}/{{ .Values.backoffice.image.repository }}:{{ .Values.backoffice.image.tag }}" + imagePullPolicy: {{ .Values.backoffice.image.pullPolicy }} + command: {{ .Values.backoffice.image.command | toYaml | nindent 14 }} + {{- with .Values.backoffice.envFrom }} + envFrom: + {{- toYaml . | nindent 14 }} + {{- end }} + livenessProbe: + {{- toYaml .Values.backoffice.livenessProbe | nindent 16 }} + readinessProbe: + {{- toYaml .Values.backoffice.readinessProbe | nindent 16 }} + startupProbe: + {{- toYaml .Values.backoffice.startupProbe | nindent 16 }} + {{- if .Values.backoffice.image.pullSecrets}} + imagePullSecrets: + - name: {{ .Values.backoffice.image.pullSecrets }} + {{- end }} +{{- end }} diff --git a/deploy/helm-preview/services/backoffice-v2/templates/ingress.yaml b/deploy/helm-preview/services/backoffice-v2/templates/ingress.yaml new file mode 100644 index 0000000000..dd01a6f769 --- /dev/null +++ b/deploy/helm-preview/services/backoffice-v2/templates/ingress.yaml @@ -0,0 +1,63 @@ +{{- if .Values.backoffice.ingress.enabled -}} +{{- $fullName := .Values.backoffice.nameOverride -}} +{{- $svcPort := .Values.backoffice.service.port -}} +{{- $pathtype := .Values.backoffice.ingress.pathtype -}} +{{- $ingressPath := .Values.backoffice.ingress.path }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ .Values.backoffice.nameOverride }} +{{- with .Values.backoffice.ingress.annotations }} + annotations: +{{- toYaml . | nindent 4 }} +{{ end }} +spec: + {{- if .Values.backoffice.ingress.className }} + ingressClassName: {{ .Values.backoffice.ingress.className | quote }} + {{- end }} +{{- if .Values.backoffice.ingress.tls }} + tls: + {{- if .ingressPath }} + {{- range .Values.backoffice.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . }} + {{ end }} + secretName: {{ .secretName }} + {{ end }} +{{- else }} +{{ toYaml .Values.backoffice.ingress.tls | indent 4 }} + {{ end }} +{{ end }} + rules: + {{- range .Values.backoffice.ingress.hosts }} + {{- if $ingressPath }} + - host: {{ . }} + http: + paths: + - path: {{ $ingressPath }} + pathType: {{ $pathtype }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + - host: {{ .host }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + pathType: {{ $pathtype }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{ end }} + {{ end }} +{{ end }} +{{ end }} diff --git a/deploy/helm-preview/services/backoffice-v2/templates/service.yaml b/deploy/helm-preview/services/backoffice-v2/templates/service.yaml new file mode 100644 index 0000000000..d42bcfd7c0 --- /dev/null +++ b/deploy/helm-preview/services/backoffice-v2/templates/service.yaml @@ -0,0 +1,18 @@ +{{- if .Values.backoffice.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.backoffice.nameOverride }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ .Values.backoffice.nameOverride }} +spec: + ports: + - name: {{ .Values.backoffice.nameOverride }} + port: {{ .Values.backoffice.service.port }} + protocol: {{ .Values.backoffice.service.protocol }} + targetPort: {{ .Values.backoffice.service.port }} + selector: + app: {{ .Values.backoffice.nameOverride }} + type: {{ .Values.backoffice.service.type }} +{{- end }} diff --git a/deploy/helm-preview/services/headless-example/templates/configmap.yaml b/deploy/helm-preview/services/headless-example/templates/configmap.yaml new file mode 100644 index 0000000000..146237879c --- /dev/null +++ b/deploy/helm-preview/services/headless-example/templates/configmap.yaml @@ -0,0 +1,17 @@ +{{- $name := .Release.Name }} +{{- $namespace:= .Release.Namespace }} +{{- if .Values.headlessexample.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.headlessexample.nameOverride }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ .Values.headlessexample.nameOverride }} +data: + {{- range $key, $value := .Values.headlessexample.applicationConfig }} + {{- if $value }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/deploy/helm-preview/services/headless-example/templates/deployment.yaml b/deploy/helm-preview/services/headless-example/templates/deployment.yaml new file mode 100644 index 0000000000..1dab162e33 --- /dev/null +++ b/deploy/helm-preview/services/headless-example/templates/deployment.yaml @@ -0,0 +1,55 @@ +{{- if .Values.headlessexample.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.headlessexample.nameOverride }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ .Values.headlessexample.nameOverride }} +spec: + replicas: {{ .Values.headlessexample.replicas }} + {{- if .Values.headlessexample.strategyType }} + strategy: + type: {{ .Values.headlessexample.strategyType }} + {{- end }} + {{- if .Values.headlessexample.updateStrategy }} + rollingUpdate: + {{- if .Values.headlessexample.updateStrategy.maxSurge }} + maxSurge: {{ .Values.headlessexample.updateStrategy.maxSurge}} + {{- end }} + {{- if .Values.headlessexample.updateStrategy.maxUnavailable }} + maxUnavailable: {{ .Values.headlessexample.updateStrategy.maxUnavailable }} + {{- end }} + {{- end }} + selector: + matchLabels: + app: {{ .Values.headlessexample.nameOverride }} + template: + metadata: + labels: + app: {{ .Values.headlessexample.nameOverride }} + spec: + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: {{ .Values.headlessexample.nameOverride }} + image: "{{ .Values.headlessexample.image.registry }}/{{ .Values.headlessexample.image.repository }}:{{ .Values.headlessexample.image.tag }}" + imagePullPolicy: {{ .Values.headlessexample.image.pullPolicy }} + command: {{ .Values.headlessexample.image.command | toYaml | nindent 14 }} + {{- with .Values.headlessexample.envFrom }} + envFrom: + {{- toYaml . | nindent 14 }} + {{- end }} + livenessProbe: + {{- toYaml .Values.backoffice.livenessProbe | nindent 16 }} + readinessProbe: + {{- toYaml .Values.backoffice.readinessProbe | nindent 16 }} + startupProbe: + {{- toYaml .Values.backoffice.startupProbe | nindent 16 }} + {{- if .Values.headlessexample.image.pullSecrets}} + imagePullSecrets: + - name: {{ .Values.headlessexample.image.pullSecrets }} + {{- end }} +{{- end }} diff --git a/deploy/helm-preview/services/headless-example/templates/ingress.yaml b/deploy/helm-preview/services/headless-example/templates/ingress.yaml new file mode 100644 index 0000000000..7cf5010ddc --- /dev/null +++ b/deploy/helm-preview/services/headless-example/templates/ingress.yaml @@ -0,0 +1,63 @@ +{{- if .Values.headlessexample.ingress.enabled -}} +{{- $fullName := .Values.headlessexample.nameOverride -}} +{{- $svcPort := .Values.headlessexample.service.port -}} +{{- $pathtype := .Values.headlessexample.ingress.pathtype -}} +{{- $ingressPath := .Values.headlessexample.ingress.path }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ .Values.headlessexample.nameOverride }} +{{- with .Values.headlessexample.ingress.annotations }} + annotations: +{{- toYaml . | nindent 4 }} +{{ end }} +spec: + {{- if .Values.headlessexample.ingress.className }} + ingressClassName: {{ .Values.headlessexample.ingress.className | quote }} + {{- end }} +{{- if .Values.headlessexample.ingress.tls }} + tls: + {{- if .ingressPath }} + {{- range .Values.headlessexample.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . }} + {{ end }} + secretName: {{ .secretName }} + {{ end }} +{{- else }} +{{ toYaml .Values.headlessexample.ingress.tls | indent 4 }} + {{ end }} +{{ end }} + rules: + {{- range .Values.headlessexample.ingress.hosts }} + {{- if $ingressPath }} + - host: {{ . }} + http: + paths: + - path: {{ $ingressPath }} + pathType: {{ $pathtype }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + - host: {{ .host }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + pathType: {{ $pathtype }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{ end }} + {{ end }} +{{ end }} +{{ end }} diff --git a/deploy/helm-preview/services/headless-example/templates/service.yaml b/deploy/helm-preview/services/headless-example/templates/service.yaml new file mode 100644 index 0000000000..9bb78370ed --- /dev/null +++ b/deploy/helm-preview/services/headless-example/templates/service.yaml @@ -0,0 +1,18 @@ +{{- if .Values.headlessexample.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.headlessexample.nameOverride }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ .Values.headlessexample.nameOverride }} +spec: + ports: + - name: {{ .Values.headlessexample.nameOverride }} + port: {{ .Values.headlessexample.service.port }} + protocol: {{ .Values.headlessexample.service.protocol }} + targetPort: {{ .Values.headlessexample.service.port }} + selector: + app: {{ .Values.headlessexample.nameOverride }} + type: {{ .Values.headlessexample.service.type }} +{{- end }} \ No newline at end of file diff --git a/deploy/helm-preview/services/kyb-app/templates/configmap.yaml b/deploy/helm-preview/services/kyb-app/templates/configmap.yaml new file mode 100644 index 0000000000..e82f7043a1 --- /dev/null +++ b/deploy/helm-preview/services/kyb-app/templates/configmap.yaml @@ -0,0 +1,17 @@ +{{- $name := .Release.Name }} +{{- $namespace:= .Release.Namespace }} +{{- if .Values.kybapp.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.kybapp.nameOverride }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ .Values.kybapp.nameOverride }} +data: + {{- range $key, $value := .Values.kybapp.applicationConfig }} + {{- if $value }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +{{- end }} diff --git a/deploy/helm-preview/services/kyb-app/templates/deployment.yaml b/deploy/helm-preview/services/kyb-app/templates/deployment.yaml new file mode 100644 index 0000000000..b08568b7c1 --- /dev/null +++ b/deploy/helm-preview/services/kyb-app/templates/deployment.yaml @@ -0,0 +1,55 @@ +{{- if .Values.kybapp.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.kybapp.nameOverride }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ .Values.kybapp.nameOverride }} +spec: + replicas: {{ .Values.kybapp.replicas }} + {{- if .Values.kybapp.strategyType }} + strategy: + type: {{ .Values.kybapp.strategyType }} + {{- end }} + {{- if .Values.kybapp.updateStrategy }} + rollingUpdate: + {{- if .Values.kybapp.updateStrategy.maxSurge }} + maxSurge: {{ .Values.kybapp.updateStrategy.maxSurge}} + {{- end }} + {{- if .Values.kybapp.updateStrategy.maxUnavailable }} + maxUnavailable: {{ .Values.kybapp.updateStrategy.maxUnavailable }} + {{- end }} + {{- end }} + selector: + matchLabels: + app: {{ .Values.kybapp.nameOverride }} + template: + metadata: + labels: + app: {{ .Values.kybapp.nameOverride }} + spec: + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: {{ .Values.kybapp.nameOverride }} + image: "{{ .Values.kybapp.image.registry }}/{{ .Values.kybapp.image.repository }}:{{ .Values.kybapp.image.tag }}" + imagePullPolicy: {{ .Values.kybapp.image.pullPolicy }} + command: {{ .Values.kybapp.image.command | toYaml | nindent 14 }} + {{- with .Values.kybapp.envFrom }} + envFrom: + {{- toYaml . | nindent 14 }} + {{- end }} + livenessProbe: + {{- toYaml .Values.kybapp.livenessProbe | nindent 16 }} + readinessProbe: + {{- toYaml .Values.kybapp.readinessProbe | nindent 16 }} + startupProbe: + {{- toYaml .Values.kybapp.startupProbe | nindent 16 }} + {{- if .Values.kybapp.image.pullSecrets}} + imagePullSecrets: + - name: {{ .Values.kybapp.image.pullSecrets }} + {{- end }} +{{- end }} diff --git a/deploy/helm-preview/services/kyb-app/templates/ingress.yaml b/deploy/helm-preview/services/kyb-app/templates/ingress.yaml new file mode 100644 index 0000000000..48e9aa99a2 --- /dev/null +++ b/deploy/helm-preview/services/kyb-app/templates/ingress.yaml @@ -0,0 +1,63 @@ +{{- if .Values.kybapp.ingress.enabled -}} +{{- $fullName := .Values.kybapp.nameOverride -}} +{{- $svcPort := .Values.kybapp.service.port -}} +{{- $pathtype := .Values.kybapp.ingress.pathtype -}} +{{- $ingressPath := .Values.kybapp.ingress.path }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ .Values.kybapp.nameOverride }} +{{- with .Values.kybapp.ingress.annotations }} + annotations: +{{- toYaml . | nindent 4 }} +{{ end }} +spec: + {{- if .Values.kybapp.ingress.className }} + ingressClassName: {{ .Values.kybapp.ingress.className | quote }} + {{- end }} +{{- if .Values.kybapp.ingress.tls }} + tls: + {{- if .ingressPath }} + {{- range .Values.kybapp.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . }} + {{ end }} + secretName: {{ .secretName }} + {{ end }} +{{- else }} +{{ toYaml .Values.kybapp.ingress.tls | indent 4 }} + {{ end }} +{{ end }} + rules: + {{- range .Values.kybapp.ingress.hosts }} + {{- if $ingressPath }} + - host: {{ . }} + http: + paths: + - path: {{ $ingressPath }} + pathType: {{ $pathtype }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + - host: {{ .host }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + pathType: {{ $pathtype }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{ end }} + {{ end }} +{{ end }} +{{ end }} diff --git a/deploy/helm-preview/services/kyb-app/templates/service.yaml b/deploy/helm-preview/services/kyb-app/templates/service.yaml new file mode 100644 index 0000000000..8603582f0d --- /dev/null +++ b/deploy/helm-preview/services/kyb-app/templates/service.yaml @@ -0,0 +1,18 @@ +{{- if .Values.kybapp.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.kybapp.nameOverride }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ .Values.kybapp.nameOverride }} +spec: + ports: + - name: {{ .Values.kybapp.nameOverride }} + port: {{ .Values.kybapp.service.port }} + protocol: {{ .Values.kybapp.service.protocol }} + targetPort: {{ .Values.kybapp.service.port }} + selector: + app: {{ .Values.kybapp.nameOverride }} + type: {{ .Values.kybapp.service.type }} +{{- end }} diff --git a/deploy/helm-preview/services/workflow-dashboard/templates/configmap.yaml b/deploy/helm-preview/services/workflow-dashboard/templates/configmap.yaml new file mode 100644 index 0000000000..b5d12a8642 --- /dev/null +++ b/deploy/helm-preview/services/workflow-dashboard/templates/configmap.yaml @@ -0,0 +1,17 @@ +{{- $name := .Release.Name }} +{{- $namespace:= .Release.Namespace }} +{{- if .Values.workflowsdashboard.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.workflowsdashboard.nameOverride }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ .Values.workflowsdashboard.nameOverride }} +data: + {{- range $key, $value := .Values.workflowsdashboard.applicationConfig }} + {{- if $value }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/deploy/helm-preview/services/workflow-dashboard/templates/deployment.yaml b/deploy/helm-preview/services/workflow-dashboard/templates/deployment.yaml new file mode 100644 index 0000000000..8d0c81829c --- /dev/null +++ b/deploy/helm-preview/services/workflow-dashboard/templates/deployment.yaml @@ -0,0 +1,55 @@ +{{- if .Values.workflowsdashboard.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.workflowsdashboard.nameOverride }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ .Values.workflowsdashboard.nameOverride }} +spec: + replicas: {{ .Values.workflowsdashboard.replicas }} + {{- if .Values.workflowsdashboard.strategyType }} + strategy: + type: {{ .Values.workflowsdashboard.strategyType }} + {{- end }} + {{- if .Values.workflowsdashboard.updateStrategy }} + rollingUpdate: + {{- if .Values.workflowsdashboard.updateStrategy.maxSurge }} + maxSurge: {{ .Values.workflowsdashboard.updateStrategy.maxSurge}} + {{- end }} + {{- if .Values.workflowsdashboard.updateStrategy.maxUnavailable }} + maxUnavailable: {{ .Values.workflowsdashboard.updateStrategy.maxUnavailable }} + {{- end }} + {{- end }} + selector: + matchLabels: + app: {{ .Values.workflowsdashboard.nameOverride }} + template: + metadata: + labels: + app: {{ .Values.workflowsdashboard.nameOverride }} + spec: + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: {{ .Values.workflowsdashboard.nameOverride }} + image: "{{ .Values.workflowsdashboard.image.registry }}/{{ .Values.workflowsdashboard.image.repository }}:{{ .Values.workflowsdashboard.image.tag }}" + imagePullPolicy: {{ .Values.workflowsdashboard.image.pullPolicy }} + command: {{ .Values.workflowsdashboard.image.command | toYaml | nindent 14 }} + {{- with .Values.workflowsdashboard.envFrom }} + envFrom: + {{- toYaml . | nindent 14 }} + {{- end }} + livenessProbe: + {{- toYaml .Values.workflowsdashboard.livenessProbe | nindent 16 }} + readinessProbe: + {{- toYaml .Values.workflowsdashboard.readinessProbe | nindent 16 }} + startupProbe: + {{- toYaml .Values.workflowsdashboard.startupProbe | nindent 16 }} + {{- if .Values.workflowsdashboard.image.pullSecrets}} + imagePullSecrets: + - name: {{ .Values.workflowsdashboard.image.pullSecrets }} + {{- end }} +{{- end }} diff --git a/deploy/helm-preview/services/workflow-dashboard/templates/ingress.yaml b/deploy/helm-preview/services/workflow-dashboard/templates/ingress.yaml new file mode 100644 index 0000000000..6ae796b6ce --- /dev/null +++ b/deploy/helm-preview/services/workflow-dashboard/templates/ingress.yaml @@ -0,0 +1,63 @@ +{{- if .Values.workflowsdashboard.ingress.enabled -}} +{{- $fullName := .Values.workflowsdashboard.nameOverride -}} +{{- $svcPort := .Values.workflowsdashboard.service.port -}} +{{- $pathtype := .Values.workflowsdashboard.ingress.pathtype -}} +{{- $ingressPath := .Values.workflowsdashboard.ingress.path }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ .Values.workflowsdashboard.nameOverride }} +{{- with .Values.workflowsdashboard.ingress.annotations }} + annotations: +{{- toYaml . | nindent 4 }} +{{ end }} +spec: + {{- if .Values.workflowsdashboard.ingress.className }} + ingressClassName: {{ .Values.workflowsdashboard.ingress.className | quote }} + {{- end }} +{{- if .Values.workflowsdashboard.ingress.tls }} + tls: + {{- if .ingressPath }} + {{- range .Values.workflowsdashboard.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . }} + {{ end }} + secretName: {{ .secretName }} + {{ end }} +{{- else }} +{{ toYaml .Values.workflowsdashboard.ingress.tls | indent 4 }} + {{ end }} +{{ end }} + rules: + {{- range .Values.workflowsdashboard.ingress.hosts }} + {{- if $ingressPath }} + - host: {{ . }} + http: + paths: + - path: {{ $ingressPath }} + pathType: {{ $pathtype }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + - host: {{ .host }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + pathType: {{ $pathtype }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{ end }} + {{ end }} +{{ end }} +{{ end }} diff --git a/deploy/helm-preview/services/workflow-dashboard/templates/service.yaml b/deploy/helm-preview/services/workflow-dashboard/templates/service.yaml new file mode 100644 index 0000000000..6f33032b7b --- /dev/null +++ b/deploy/helm-preview/services/workflow-dashboard/templates/service.yaml @@ -0,0 +1,18 @@ +{{- if .Values.workflowsdashboard.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.workflowsdashboard.nameOverride }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ .Values.workflowsdashboard.nameOverride }} +spec: + ports: + - name: {{ .Values.workflowsdashboard.nameOverride }} + port: {{ .Values.workflowsdashboard.service.port }} + protocol: {{ .Values.workflowsdashboard.service.protocol }} + targetPort: {{ .Values.workflowsdashboard.service.port }} + selector: + app: {{ .Values.workflowsdashboard.nameOverride }} + type: {{ .Values.workflowsdashboard.service.type }} +{{- end }} \ No newline at end of file diff --git a/deploy/helm-preview/services/workflows-service/templates/Job-data-migration.yaml b/deploy/helm-preview/services/workflows-service/templates/Job-data-migration.yaml new file mode 100644 index 0000000000..6d1e2f43ea --- /dev/null +++ b/deploy/helm-preview/services/workflows-service/templates/Job-data-migration.yaml @@ -0,0 +1,47 @@ +{{- if and .Values.workflowService.dbMigrate.enabled (not .Values.workflowService.migration) -}} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ .Values.workflowService.nameOverride }}-db-data-migrations + labels: + app: {{ .Values.workflowService.nameOverride }}-db-data-migrations + annotations: + argocd.argoproj.io/hook: PostSync + helm.sh/hook: post-install,post-upgrade + argocd.argoproj.io/sync-wave: "100" + helm.sh/hook-weight: "100" + # helm.sh/hook-delete-policy: post-delete +spec: + template: + spec: + {{- if .Values.workflowService.image.pullSecrets }} + imagePullSecrets: + - name: {{ .Values.workflowService.image.pullSecrets }} + {{- end }} + serviceAccountName: {{ .Values.workflowService.nameOverride }} + restartPolicy: Never + initContainers: + - name: wait-for-migration + image: pegasystems/k8s-wait-for:latest + imagePullPolicy: IfNotPresent + args: + - "pod" + - "-lapp={{ .Values.workflowService.nameOverride }}" + containers: + - name: {{ .Values.workflowService.nameOverride }}-db-data-migrations + securityContext: + {{- toYaml .Values.workflowService.securityContext | nindent 12 }} + image: "{{ .Values.workflowService.dbMigrate.image.repository }}:{{ .Values.workflowService.dbMigrate.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.workflowService.image.pullPolicy }} + command: {{ .Values.workflowService.dbMigrate.image.command | toYaml | nindent 12 }} + args: {{ .Values.workflowService.image.args | toYaml | nindent 12 }} + {{- with .Values.workflowService.image.env }} + env: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.workflowService.dbMigrate.envFrom }} + envFrom: + {{- toYaml . | nindent 12 }} + {{- end }} + backoffLimit: {{ .Values.workflowService.backoffLimit }} +{{- end }} \ No newline at end of file diff --git a/deploy/helm-preview/services/workflows-service/templates/Job-data-sync.yaml b/deploy/helm-preview/services/workflows-service/templates/Job-data-sync.yaml new file mode 100644 index 0000000000..cb86323376 --- /dev/null +++ b/deploy/helm-preview/services/workflows-service/templates/Job-data-sync.yaml @@ -0,0 +1,70 @@ +{{- if and .Values.workflowService.dataSync.enabled (not .Values.workflowService.migration) -}} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ .Values.workflowService.nameOverride }}-db-data-sync + labels: + app: {{ .Values.workflowService.nameOverride }}-db-data-sync + annotations: + argocd.argoproj.io/hook: PostSync + helm.sh/hook: post-install,post-upgrade + argocd.argoproj.io/sync-wave: "200" + helm.sh/hook-weight: "200" +spec: + template: + spec: + {{- with .Values.workflowService.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ .Values.workflowService.serviceAccount.name }} + restartPolicy: Never + {{- if .Values.workflowService.dbMigrate.enabled }} + initContainers: + - name: wait-for-migration + image: pegasystems/k8s-wait-for:latest + imagePullPolicy: IfNotPresent + args: + - "job" + - "{{ .Values.workflowService.nameOverride }}-db-data-migrations" + {{- end }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.workflowService.securityContext | nindent 12 }} + image: "{{ .Values.workflowService.dataSync.image.repository }}:{{ .Values.workflowService.dataSync.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.workflowService.image.pullPolicy }} + command: {{ .Values.workflowService.dataSync.image.command | toYaml | nindent 12 }} + args: {{ .Values.workflowService.image.args | toYaml | nindent 12 }} + {{- with .Values.workflowService.image.env }} + env: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.workflowService.dataSync.envFrom }} + envFrom: + {{- toYaml . | nindent 12 }} + {{- end }} + resources: + {{- toYaml .Values.workflowService.resources | nindent 12 }} + {{- with .Values.workflowService.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.workflowService.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.workflowService.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.workflowService.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.workflowService.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + backoffLimit: {{ .Values.workflowService.backoffLimit }} +{{- end }} \ No newline at end of file diff --git a/deploy/helm-preview/services/workflows-service/templates/Job-prisma-migration.yaml b/deploy/helm-preview/services/workflows-service/templates/Job-prisma-migration.yaml new file mode 100644 index 0000000000..bf39b0fac2 --- /dev/null +++ b/deploy/helm-preview/services/workflows-service/templates/Job-prisma-migration.yaml @@ -0,0 +1,61 @@ +{{- if and .Values.workflowService.prismaMigrate.enabled (not .Values.workflowService.migration) -}} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ .Values.workflowService.nameOverride }}-prisma-migrate + labels: + app: {{ .Values.workflowService.nameOverride }}-prisma-migrate + annotations: + argocd.argoproj.io/hook: PreSync + helm.sh/hook: post-install,post-upgrade + argocd.argoproj.io/sync-wave: "-100" + helm.sh/hook-weight: "-100" +spec: + template: + spec: + {{- with .Values.workflowService.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ .Values.workflowService.nameOverride }} + restartPolicy: Never + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.workflowService.securityContext | nindent 12 }} + image: "{{ .Values.workflowService.prismaMigrate.image.repository }}:{{ .Values.workflowService.prismaMigrate.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.workflowService.image.pullPolicy }} + command: {{ .Values.workflowService.prismaMigrate.image.command | toYaml | nindent 12 }} + args: {{ .Values.workflowService.prismaMigrate.image.args | toYaml | nindent 12 }} + {{- with .Values.workflowService.image.env }} + env: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.workflowService.prismaMigrate.envFrom }} + envFrom: + {{- toYaml . | nindent 12 }} + {{- end }} + resources: + {{- toYaml .Values.workflowService.resources | nindent 12 }} + {{- with .Values.workflowService.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.workflowService.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.workflowService.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.workflowService.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.workflowService.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + backoffLimit: {{ .Values.workflowService.backoffLimit }} +{{- end }} \ No newline at end of file diff --git a/deploy/helm-preview/services/workflows-service/templates/clusterrole.yaml b/deploy/helm-preview/services/workflows-service/templates/clusterrole.yaml new file mode 100644 index 0000000000..e884d0d6db --- /dev/null +++ b/deploy/helm-preview/services/workflows-service/templates/clusterrole.yaml @@ -0,0 +1,20 @@ +# clusterrole.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ .Values.workflowService.nameOverride }} + annotations: + argocd.argoproj.io/hook: PreSync + helm.sh/hook: post-install,post-upgrade + argocd.argoproj.io/sync-wave: "-150" + helm.sh/hook-weight: "-150" +rules: + - apiGroups: ["apps"] + resources: ["deployments", "deployments/scale", "statefulsets", "statefulsets/scale"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["get", "list", "watch", "update", "patch"] \ No newline at end of file diff --git a/deploy/helm-preview/services/workflows-service/templates/clusterrolebinding.yaml b/deploy/helm-preview/services/workflows-service/templates/clusterrolebinding.yaml new file mode 100644 index 0000000000..995bc487b1 --- /dev/null +++ b/deploy/helm-preview/services/workflows-service/templates/clusterrolebinding.yaml @@ -0,0 +1,18 @@ +# clusterrolebinding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ .Values.workflowService.nameOverride }} + annotations: + argocd.argoproj.io/hook: PreSync + helm.sh/hook: post-install,post-upgrade + argocd.argoproj.io/sync-wave: "-150" + helm.sh/hook-weight: "-150" +subjects: + - kind: ServiceAccount + name: {{ .Values.workflowService.serviceAccount.name }} + namespace: {{ .Release.Namespace | quote }} +roleRef: + kind: ClusterRole + name: {{ .Values.workflowService.nameOverride }} + apiGroup: rbac.authorization.k8s.io \ No newline at end of file diff --git a/deploy/helm-preview/services/workflows-service/templates/configmap.yaml b/deploy/helm-preview/services/workflows-service/templates/configmap.yaml new file mode 100644 index 0000000000..6eac694e1f --- /dev/null +++ b/deploy/helm-preview/services/workflows-service/templates/configmap.yaml @@ -0,0 +1,37 @@ +{{- $name := .Release.Name }} +{{- $namespace:= .Release.Namespace }} +{{- $postgresqlUser := .Values.postgresql.auth.username -}} +{{- $postgresqlPassword := .Values.postgresql.auth.password -}} +{{- $postgresqlDatabase := .Values.postgresql.auth.database -}} +{{- if .Values.workflowService.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.workflowService.nameOverride }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ .Values.workflowService.nameOverride }} +data: + {{- range $key, $value := .Values.workflowService.applicationConfig }} + {{- if (eq "BACKOFFICE_CORS_ORIGIN" $key) }} + {{ $key }} : backoffice.{{ $namespace }}.svc.cluster.local:80 + {{- end }} + {{- if (eq "WORKFLOW_DASHBOARD_CORS_ORIGIN" $key) }} + {{ $key }} : workflows-dashboard.{{ $namespace }}.svc.cluster.local:80 + {{- end }} + {{- if $.Values.postgresql.enabled }} + {{- if (eq "DB_URL" $key) }} + {{ $key }}: postgres://{{ $postgresqlUser }}:{{ $postgresqlPassword }}@{{ $name }}-postgresql.{{ $namespace }}.svc.cluster.local:5432/{{ $postgresqlDatabase }} + {{- end }} + {{- if (eq "DB_USER" $key) }} + {{ $key }}: {{ $postgresqlUser }} + {{- end }} + {{- if (eq "DB_PASSWORD" $key) }} + {{ $key }}: {{ $postgresqlPassword }} + {{- end }} + {{- end }} + {{- if $value }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +{{- end }} diff --git a/deploy/helm-preview/services/workflows-service/templates/deployment.yaml b/deploy/helm-preview/services/workflows-service/templates/deployment.yaml new file mode 100644 index 0000000000..4408f6af0f --- /dev/null +++ b/deploy/helm-preview/services/workflows-service/templates/deployment.yaml @@ -0,0 +1,77 @@ +{{- if .Values.workflowService.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.workflowService.nameOverride }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ .Values.workflowService.nameOverride }} +spec: + replicas: {{ .Values.workflowService.replicas }} + {{- if .Values.workflowService.strategyType }} + strategy: + type: {{ .Values.workflowService.strategyType }} + {{- end }} + {{- if .Values.workflowService.updateStrategy }} + rollingUpdate: + {{- if .Values.workflowService.updateStrategy.maxSurge }} + maxSurge: {{ .Values.workflowService.updateStrategy.maxSurge}} + {{- end }} + {{- if .Values.workflowService.updateStrategy.maxUnavailable }} + maxUnavailable: {{ .Values.workflowService.updateStrategy.maxUnavailable }} + {{- end }} + {{- end }} + selector: + matchLabels: + app: {{ .Values.workflowService.nameOverride }} + template: + metadata: + labels: + app: {{ .Values.workflowService.nameOverride }} + spec: + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ .Values.workflowService.nameOverride }} + initContainers: + {{- if .Values.postgresql.enabled }} + - name: psql-init-container + image: alpine:latest + command: ['sh', '-c', "apk add postgresql-client; until pg_isready -h {{ .Release.Name }}-postgresql.{{.Release.Namespace}}.svc.cluster.local; do echo waiting for postgresql; sleep 2; done"] + {{- end }} + {{- if and .Values.workflowService.migration (not .Values.workflowService.dbMigrate.enabled) }} + - name: migration-init-container + image: {{ .Values.workflowService.image.registry }}/{{ .Values.workflowService.image.repository }}:{{ .Values.workflowService.image.tag }} + command: ['npm','run','db:init'] + {{- with .Values.workflowService.envFrom }} + envFrom: + {{- toYaml . | nindent 14 }} + {{- end }} + {{- end }} + {{- with .Values.workflowService.additionalInitContainers }} + {{- toYaml . | nindent 12}} + {{- end }} + {{- if .Values.workflowService.prismaMigrate.enabled }} + initContainers: + - name: wait-for-migration + image: pegasystems/k8s-wait-for:latest + imagePullPolicy: IfNotPresent + args: + - "job" + - "{{ .Values.workflowService.nameOverride }}-prisma-migrate" + {{- end }} + containers: + - name: {{ .Values.workflowService.nameOverride }} + image: "{{ .Values.workflowService.image.registry }}/{{ .Values.workflowService.image.repository }}:{{ .Values.workflowService.image.tag }}" + imagePullPolicy: {{ .Values.workflowService.image.pullPolicy }} + command: {{ .Values.workflowService.image.command | toYaml | nindent 14 }} + {{- with .Values.workflowService.envFrom }} + envFrom: + {{- toYaml . | nindent 14 }} + {{- end }} + {{- if .Values.workflowService.image.pullSecrets}} + imagePullSecrets: + - name: {{ .Values.workflowService.image.pullSecrets }} + {{- end }} +{{- end }} diff --git a/deploy/helm-preview/services/workflows-service/templates/ingress.yaml b/deploy/helm-preview/services/workflows-service/templates/ingress.yaml new file mode 100644 index 0000000000..ed95555691 --- /dev/null +++ b/deploy/helm-preview/services/workflows-service/templates/ingress.yaml @@ -0,0 +1,63 @@ +{{- if .Values.workflowService.ingress.enabled -}} +{{- $fullName := .Values.workflowService.nameOverride -}} +{{- $svcPort := .Values.workflowService.service.port -}} +{{- $pathtype := .Values.workflowService.ingress.pathtype -}} +{{- $ingressPath := .Values.workflowService.ingress.path }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ .Values.workflowService.nameOverride }} +{{- with .Values.workflowService.ingress.annotations }} + annotations: +{{- toYaml . | nindent 4 }} +{{ end }} +spec: + {{- if .Values.workflowService.ingress.className }} + ingressClassName: {{ .Values.workflowService.ingress.className | quote }} + {{- end }} +{{- if .Values.workflowService.ingress.tls }} + tls: + {{- if .ingressPath }} + {{- range .Values.workflowService.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . }} + {{ end }} + secretName: {{ .secretName }} + {{ end }} +{{- else }} +{{ toYaml .Values.workflowService.ingress.tls | indent 4 }} + {{ end }} +{{ end }} + rules: + {{- range .Values.workflowService.ingress.hosts }} + {{- if $ingressPath }} + - host: {{ . }} + http: + paths: + - path: {{ $ingressPath }} + pathType: {{ $pathtype }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + - host: {{ .host }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + pathType: {{ $pathtype }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{ end }} + {{ end }} +{{ end }} +{{ end }} diff --git a/deploy/helm-preview/services/workflows-service/templates/service.yaml b/deploy/helm-preview/services/workflows-service/templates/service.yaml new file mode 100644 index 0000000000..20c609d3c8 --- /dev/null +++ b/deploy/helm-preview/services/workflows-service/templates/service.yaml @@ -0,0 +1,18 @@ +{{- if .Values.workflowService.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.workflowService.nameOverride }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ .Values.workflowService.nameOverride }} +spec: + ports: + - name: {{ .Values.workflowService.nameOverride }} + port: {{ .Values.workflowService.service.port }} + protocol: {{ .Values.workflowService.service.protocol }} + targetPort: {{ .Values.workflowService.service.port }} + selector: + app: {{ .Values.workflowService.nameOverride }} + type: {{ .Values.workflowService.service.type }} +{{- end }} \ No newline at end of file diff --git a/deploy/helm-preview/services/workflows-service/templates/serviceaccount.yaml b/deploy/helm-preview/services/workflows-service/templates/serviceaccount.yaml new file mode 100644 index 0000000000..6077d0c7ec --- /dev/null +++ b/deploy/helm-preview/services/workflows-service/templates/serviceaccount.yaml @@ -0,0 +1,18 @@ + {{- if .Values.workflowService.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.workflowService.serviceAccount.name }} + labels: + app: {{ .Values.workflowService.nameOverride }} + {{- with .Values.workflowService.serviceAccount.annotations }} + annotations: + annotations: + argocd.argoproj.io/hook: PreSync + helm.sh/hook: post-install,post-upgrade + argocd.argoproj.io/sync-wave: "-150" + helm.sh/hook-weight: "-150" + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.workflowService.serviceAccount.automount }} +{{- end }} diff --git a/deploy/helm-preview/templates/import.yaml b/deploy/helm-preview/templates/import.yaml new file mode 100644 index 0000000000..72a2f978e5 --- /dev/null +++ b/deploy/helm-preview/templates/import.yaml @@ -0,0 +1,5 @@ +{{- /* Import all "templates/*.yaml" files found in the repo */ -}} +{{ range $path, $_ := .Files.Glob "services/**/templates/*.yaml" }} +{{ tpl (print "# -> " $path "\n" ((print "--- \n # -> " $path "\n") | regexReplaceAll "---" ($.Files.Get $path))) $ }} +--- +{{ end }}