diff --git a/README.md b/README.md new file mode 100644 index 0000000..54aa4f0 --- /dev/null +++ b/README.md @@ -0,0 +1,5 @@ +Not done yet + + + +helm upgrade keksaccounthelm ./ --namespace=keksaccounthelm diff --git a/templates/NOTES.txt b/templates/NOTES.txt index 4e8645e..0e5488f 100644 --- a/templates/NOTES.txt +++ b/templates/NOTES.txt @@ -1,21 +1 @@ -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range $host := .Values.ingress.hosts }} - {{- range .paths }} - http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} - {{- end }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "keksAccountHelm.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "keksAccountHelm.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "keksAccountHelm.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") - echo http://$SERVICE_IP:{{ .Values.service.port }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "keksAccountHelm.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:80 -{{- end }} +Deployment OK diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl deleted file mode 100644 index 5af8efa..0000000 --- a/templates/_helpers.tpl +++ /dev/null @@ -1,63 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "keksAccountHelm.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "keksAccountHelm.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "keksAccountHelm.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Common labels -*/}} -{{- define "keksAccountHelm.labels" -}} -helm.sh/chart: {{ include "keksAccountHelm.chart" . }} -{{ include "keksAccountHelm.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end -}} - -{{/* -Selector labels -*/}} -{{- define "keksAccountHelm.selectorLabels" -}} -app.kubernetes.io/name: {{ include "keksAccountHelm.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end -}} - -{{/* -Create the name of the service account to use -*/}} -{{- define "keksAccountHelm.serviceAccountName" -}} -{{- if .Values.serviceAccount.create -}} - {{ default (include "keksAccountHelm.fullname" .) .Values.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.serviceAccount.name }} -{{- end -}} -{{- end -}} diff --git a/templates/api.yml b/templates/api.yml new file mode 100644 index 0000000..844fc51 --- /dev/null +++ b/templates/api.yml @@ -0,0 +1,104 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: env-api + namespace: {{ .Release.Namespace }} +data: + APP_DEBUG: "true" + DB_CONNECTION: "mysql" + DB_HOST: "{{.Values.mysql.host}}" + DB_PORT: "{{.Values.mysql.port}}" + DB_DATABASE: "{{.Values.mysql.database}}" + DB_USERNAME: "{{.Values.mysql.username}}" + DB_PASSWORD: "{{.Values.mysql.password}}" + SAVE_TOKEN_TO_SESSION: "false" + NEW_GUI: "1" + GUI_URL: "{{.Values.guiURL}}" + S3_ACCESS_KEY: "{{.Values.s3.accessKey}}" + S3_SECRET: "{{.Values.s3.secret}}" + S3_Bucket: "{{.Values.s3.bucket}}" +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: api + namespace: {{ .Release.Namespace }} +spec: + replicas: {{.Values.api.replicas}} + template: + metadata: + labels: + app: api + spec: + initContainers: + - name: init-migration + imagePullPolicy: {{.Values.api.imagePullPolicy}} + image: docker.keks.cloud/keksaccount/web:{{.Values.api.version}} + command: ['php', 'artisan', 'migrate', '--force'] + envFrom: + - configMapRef: + name: env-api + containers: + - name: api + imagePullPolicy: {{.Values.api.imagePullPolicy}} + image: docker.keks.cloud/keksaccount/web:{{.Values.api.version}} + ports: + - containerPort: 80 + envFrom: + - configMapRef: + name: env-api + {{ if .Values.dockerHub.enabled }} + imagePullSecrets: + - name: {{.Values.dockerHub.secret}} + {{ end }} +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + field.cattle.io/targetWorkloadIds: '["deployment:{{ .Release.Namespace }}:api"]' + name: ingress-api + namespace: {{ .Release.Namespace }} +spec: + ports: + - port: 80 + protocol: TCP + targetPort: 80 + type: ClusterIP +status: + loadBalancer: {} +{{ if .Values.api.ssl }} +--- +apiVersion: cert-manager.io/v1alpha2 +kind: Certificate +metadata: + name: api-tls + namespace: {{ .Release.Namespace }} +spec: + secretName: api-tls + issuerRef: + name: letsencrypt-prod + kind: ClusterIssuer + commonName: '{{ .Values.apiUrl }}' + dnsNames: + - {{ .Values.apiUrl }} +{{ end }} +--- +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: api + namespace: {{ .Release.Namespace }} +spec: + rules: + - host: {{ .Values.apiUrl }} + http: + paths: + - backend: + serviceName: ingress-api + servicePort: 80 + path: / +{{ if .Values.api.ssl }} + tls: + - secretName: account-keks-cloud-tls +{{ end }} diff --git a/templates/deployment.yaml b/templates/deployment.yaml deleted file mode 100644 index e15cfe7..0000000 --- a/templates/deployment.yaml +++ /dev/null @@ -1,55 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "keksAccountHelm.fullname" . }} - labels: - {{- include "keksAccountHelm.labels" . | nindent 4 }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - {{- include "keksAccountHelm.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - {{- include "keksAccountHelm.selectorLabels" . | nindent 8 }} - spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "keksAccountHelm.serviceAccountName" . }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - ports: - - name: http - containerPort: 80 - protocol: TCP - livenessProbe: - httpGet: - path: / - port: http - readinessProbe: - httpGet: - path: / - port: http - resources: - {{- toYaml .Values.resources | nindent 12 }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/templates/gui.yml b/templates/gui.yml new file mode 100644 index 0000000..77acb29 --- /dev/null +++ b/templates/gui.yml @@ -0,0 +1,84 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: env-gui + namespace: {{ .Release.Namespace }} +data: + VUE_APP_API_URL: "{{.Values.apiUrl}}" +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: gui + namespace: {{ .Release.Namespace }} +spec: + replicas: {{.Values.gui.replicas}} + template: + metadata: + labels: + app: gui + spec: + containers: + - name: gui + imagePullPolicy: {{.Values.gui.imagePullPolicy}} + image: docker.keks.cloud/keksaccount/gui:{{.Values.gui.version}} + ports: + - containerPort: 8080 + envFrom: + - configMapRef: + name: env-gui + {{ if .Values.dockerHub.enabled }} + imagePullSecrets: + - name: {{.Values.dockerHub.secret}} + {{ end }} +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + field.cattle.io/targetWorkloadIds: '["deployment:{{ .Release.Namespace }}:gui"]' + name: ingress-gui + namespace: {{ .Release.Namespace }} +spec: + ports: + - port: 80 + protocol: TCP + targetPort: 8080 + type: ClusterIP +status: + loadBalancer: {} +{{ if .Values.gui.ssl }} +--- +apiVersion: cert-manager.io/v1alpha2 +kind: Certificate +metadata: + name: gui-tls + namespace: {{ .Release.Namespace }} +spec: + secretName: gui-tls + issuerRef: + name: letsencrypt-prod + kind: ClusterIssuer + commonName: '{{ .Values.guiURL }}' + dnsNames: + - {{ .Values.guiURL }} +{{ end }} +--- +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: gui + namespace: {{ .Release.Namespace }} +spec: + rules: + - host: {{ .Values.guiURL }} + http: + paths: + - backend: + serviceName: ingress-gui + servicePort: 80 + path: / +{{ if .Values.gui.ssl }} + tls: + - secretName: account-keks-cloud-tls +{{ end }} diff --git a/templates/ingress.yaml b/templates/ingress.yaml deleted file mode 100644 index 8abc7f0..0000000 --- a/templates/ingress.yaml +++ /dev/null @@ -1,41 +0,0 @@ -{{- if .Values.ingress.enabled -}} -{{- $fullName := include "keksAccountHelm.fullname" . -}} -{{- $svcPort := .Values.service.port -}} -{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1beta1 -{{- else -}} -apiVersion: extensions/v1beta1 -{{- end }} -kind: Ingress -metadata: - name: {{ $fullName }} - labels: - {{- include "keksAccountHelm.labels" . | nindent 4 }} - {{- with .Values.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: -{{- if .Values.ingress.tls }} - tls: - {{- range .Values.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} -{{- end }} - rules: - {{- range .Values.ingress.hosts }} - - host: {{ .host | quote }} - http: - paths: - {{- range .paths }} - - path: {{ . }} - backend: - serviceName: {{ $fullName }} - servicePort: {{ $svcPort }} - {{- end }} - {{- end }} -{{- end }} diff --git a/templates/mysql.yml b/templates/mysql.yml new file mode 100644 index 0000000..775e29e --- /dev/null +++ b/templates/mysql.yml @@ -0,0 +1,49 @@ +{{ if .Values.mysql.ownServer }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: env-mysql-server + namespace: {{ .Release.Namespace }} +data: + MYSQL_ROOT_PASSWORD: "{{ randAlphaNum 40 }}" + MYSQL_DATABASE: "{{.Values.mysql.database}}" + MYSQL_USER: "{{.Values.mysql.username}}" + MYSQL_PASSWORD: "{{.Values.mysql.password}}" +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: mysql + namespace: {{ .Release.Namespace }} +spec: + replicas: 1 + template: + metadata: + labels: + app: mysql + spec: + containers: + - name: mysql + image: mysql:5.6 + ports: + - containerPort: 3306 + envFrom: + - configMapRef: + name: env-mysql-server +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + field.cattle.io/targetWorkloadIds: '["deployment:{{ .Release.Namespace }}:mysql"]' + name: mysql + namespace: {{ .Release.Namespace }} +spec: + ports: + - port: 3306 + protocol: TCP + targetPort: 3306 + type: ClusterIP +status: + loadBalancer: {} +{{ end }} diff --git a/templates/queueworker.yml b/templates/queueworker.yml new file mode 100644 index 0000000..dbe7dee --- /dev/null +++ b/templates/queueworker.yml @@ -0,0 +1,23 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: queueworker + namespace: {{ .Release.Namespace }} +spec: + replicas: 2 + template: + metadata: + labels: + app: queueworker + spec: + containers: + - name: app + imagePullPolicy: {{.Values.queueworker.imagePullPolicy}} + image: docker.keks.cloud/keksaccount/app:{{.Values.queueworker.version}} + envFrom: + - configMapRef: + name: env-api + {{ if .Values.dockerHub.enabled }} + imagePullSecrets: + - name: {{.Values.dockerHub.secret}} + {{ end }} diff --git a/templates/service.yaml b/templates/service.yaml deleted file mode 100644 index 184f23f..0000000 --- a/templates/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "keksAccountHelm.fullname" . }} - labels: - {{- include "keksAccountHelm.labels" . | nindent 4 }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.port }} - targetPort: http - protocol: TCP - name: http - selector: - {{- include "keksAccountHelm.selectorLabels" . | nindent 4 }} diff --git a/templates/serviceaccount.yaml b/templates/serviceaccount.yaml deleted file mode 100644 index 09b7aad..0000000 --- a/templates/serviceaccount.yaml +++ /dev/null @@ -1,8 +0,0 @@ -{{- if .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "keksAccountHelm.serviceAccountName" . }} - labels: -{{ include "keksAccountHelm.labels" . | nindent 4 }} -{{- end -}} diff --git a/templates/tests/test-connection.yaml b/templates/tests/test-connection.yaml deleted file mode 100644 index 8c62548..0000000 --- a/templates/tests/test-connection.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: "{{ include "keksAccountHelm.fullname" . }}-test-connection" - labels: -{{ include "keksAccountHelm.labels" . | nindent 4 }} - annotations: - "helm.sh/hook": test-success -spec: - containers: - - name: wget - image: busybox - command: ['wget'] - args: ['{{ include "keksAccountHelm.fullname" . }}:{{ .Values.service.port }}'] - restartPolicy: Never diff --git a/values.yaml b/values.yaml index e807d4d..111e5ef 100644 --- a/values.yaml +++ b/values.yaml @@ -1,66 +1,40 @@ -# Default values for keksAccountHelm. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -replicaCount: 1 +apiUrl: api.account.helm.keks.cloud +guiURL: account.helm.keks.cloud -image: - repository: nginx - pullPolicy: IfNotPresent +mysql: + ownServer: true # Just used for development stuff + host: mysql + port: 3306 + username: account + password: account + database: account -imagePullSecrets: [] -nameOverride: "" -fullnameOverride: "" +s3: + ownServer: false + accessKey: "" + secret: "" + bucket: "" -serviceAccount: - # Specifies whether a service account should be created - create: true - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: +api: + replicas: 3 + newGui: "1" + tls: true + version: latest + imagePullPolicy: Always + ssl: false -podSecurityContext: {} - # fsGroup: 2000 +queueworker: + replicas: 2 + version: latest + imagePullPolicy: Always -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 +gui: + replicas: 2 + version: latest + imagePullPolicy: Always + ssl: false -service: - type: ClusterIP - port: 80 - -ingress: - enabled: false - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - hosts: - - host: chart-example.local - paths: [] - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -nodeSelector: {} - -tolerations: [] - -affinity: {} +dockerHub: + enabled: true + secret: docker-keks-cloud