diff --git a/charts/oada/Chart.yaml b/charts/oada/Chart.yaml index 14ab2871..85662886 100644 --- a/charts/oada/Chart.yaml +++ b/charts/oada/Chart.yaml @@ -8,12 +8,16 @@ maintainers: - name: awlayton email: alex@layton.in type: application -version: 3.4.0 -appVersion: 3.10.0 +keywords: + - api + - oauth 2.0 + - oidc + - oada +version: 4.0.0 +appVersion: 4.0.0 annotations: artifacthub.io/recommendations: | - url: https://artifacthub.io/packages/helm/cert-manager/cert-manager - - url: https://artifacthub.io/packages/helm/redpanda/redpanda-operator - - url: https://artifacthub.io/packages/helm/source-field/kube-arangodb - - url: https://artifacthub.io/packages/helm/source-field/kube-arangodb-crd + - url: https://artifacthub.io/packages/helm/redpanda-data/operator + - url: https://github.com/arangodb/kube-arangodb#installation-of-latest-release-using-helm - url: https://artifacthub.io/packages/helm/ingress-nginx/ingress-nginx diff --git a/charts/oada/templates/init.yaml b/charts/oada/templates/init.yaml index 47f85745..befe4780 100644 --- a/charts/oada/templates/init.yaml +++ b/charts/oada/templates/init.yaml @@ -57,6 +57,8 @@ spec: - configMapRef: name: {{ .Chart.Name }}-configmap-{{ .Release.Name }} env: + - name: CONFIG + value: /oada.config.mjs - name: ARANGODB_USERNAME valueFrom: secretKeyRef: diff --git a/charts/oada/templates/redpanda.yaml b/charts/oada/templates/redpanda.yaml index c8a935b2..0cc959d9 100644 --- a/charts/oada/templates/redpanda.yaml +++ b/charts/oada/templates/redpanda.yaml @@ -1,6 +1,6 @@ {{- if eq (include "oada.kafka.deploy" .) "true" }} -apiVersion: redpanda.vectorized.io/v1alpha1 -kind: Cluster +apiVersion: cluster.redpanda.com/v1alpha1 +kind: Redpanda metadata: namespace: {{ .Release.Namespace }} name: redpanda-{{ .Release.Name }} @@ -8,66 +8,54 @@ metadata: app.kubernetes.io/component: redpanda {{- include "oada.chart.labels" . | nindent 4 }} spec: - image: {{ .Values.kafka.image }} - version: {{ .Values.kafka.tag }} - replicas: 1 - resources: - requests: + chartRef: + chartVersion: {{ .Values.kafka.chartVersion }} + clusterSpec: + image: + repository: {{ .Values.kafka.image }} + tag: {{ .Values.kafka.tag }} + statefulset: + replicas: 1 + resources: {{- if .Values.global.development }} - cpu: 100m + #cpu: 100m {{- else }} - cpu: 1 - {{- end }} - memory: 1.2Gi - #ephemeral-storage: 1Gi - limits: - cpu: 1 - memory: 1.2Gi + cpu: + cores: 4 + memory: + enable_memory_locking: true + container: + max: 10Gi #ephemeral-storage: 1Gi - configuration: - autoCreateTopics: true - rpcServer: - port: 33145 - kafkaApi: - - port: 9092 - {{- if .Values.global.development }} - - external: - enabled: true {{- end }} - pandaproxyApi: - - port: 8082 - {{- if .Values.global.development }} - - external: - enabled: true - {{- end }} - adminApi: - - port: 9644 - {{- if .Values.global.development }} - - external: - enabled: true + logging: + logLevel: info + usageStats: + enabled: false + {{- if eq (include "oada.prometheus" $) "true" }} + monitoring: + enabled: true + {{- end }} + external: + {{- if .Values.global.development }} + enabled: true + service: + enabled: true + {{- else }} + enabled: false {{- end }} - developerMode: {{ .Values.global.development }} -{{- if eq (include "oada.prometheus" $) "true" }} ---- -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - namespace: {{ .Release.Namespace }} - name: redpanda-{{ .Release.Name }} - labels: - app.kubernetes.io/component: redpanda - {{- include "oada.chart.labels" . | nindent 4 }} -spec: - selector: - matchLabels: - app.kubernetes.io/component: redpanda - {{- include "oada.chart.selectorLabels" . | nindent 6 }} - endpoints: - - port: admin - path: /public_metrics - - port: admin - path: /metrics - namespaceSelector: - any: false -{{- end }} + listeners: + admin: + port: 9644 + kafka: + port: 9092 + tls: + enabled: false + http: + port: 8082 + rpc: + port: 33145 + config: + node: + developer_mode: {{ .Values.global.development }} {{- end }} \ No newline at end of file diff --git a/charts/oada/templates/users.yaml b/charts/oada/templates/users.yaml index cbfd1aac..6015f030 100644 --- a/charts/oada/templates/users.yaml +++ b/charts/oada/templates/users.yaml @@ -34,7 +34,7 @@ stringData: {{- end }} --- {{- $jobName := print "user-add-" .name "-" $.Release.Name -}} -{{- if empty (lookup "batch/v1" "Job" $.Release.Namespace $jobName) -}} +{{- if empty (lookup "batch/v1" "Job" $.Release.Namespace $jobName) }} apiVersion: batch/v1 kind: Job metadata: @@ -71,6 +71,8 @@ spec: - configMapRef: name: {{ $.Chart.Name }}-configmap-{{ $.Release.Name }} env: + - name: CONFIG + value: /oada.config.mjs - name: ARANGODB_USERNAME valueFrom: secretKeyRef: @@ -90,8 +92,21 @@ spec: {{- end }} image: oada/users:{{ $tag }} #imagePullPolicy: {{ $.Values.global.development | ternary "Always" "IfNotPresent" }} - command: ["/usr/bin/dumb-init", "--rewrite", "15:2", "--", "/bin/sh"] - args: ["-c", "yarn workspace @oada/users run add -u {{ .name }} -a {{ .admin | default false }} "] + command: + - /usr/bin/dumb-init + - --rewrite + - 15:2 + - -- + - /bin/sh + args: + - -c + - >- + yarn workspace @oada/users run add + -u={{ .name }} + -a={{ .admin | default false }} + {{- range (.roles | default list) }} + -r={{ . }} + {{- end }} resources: limits: {{- toYaml $.Values.oada.resources.limits | nindent 14 }} requests: {{- toYaml $.Values.oada.resources.limits | nindent 14 }} @@ -101,6 +116,8 @@ spec: - configMapRef: name: {{ $.Chart.Name }}-configmap-{{ $.Release.Name }} env: + - name: CONFIG + value: /oada.config.mjs - name: TOKEN valueFrom: secretKeyRef: @@ -126,7 +143,13 @@ spec: image: oada/auth:{{ $tag }} imagePullPolicy: {{ $.Values.oada.imagePullPolicy }} command: ["/usr/bin/dumb-init", "--rewrite", "15:2", "--", "/bin/sh"] - args: ["-c", "yarn workspace @oada/auth run token create -u {{ .name }} -s {{ .scope | join "," }} ${TOKEN} "] + args: + - -c + - >- + yarn workspace @oada/auth run token create + -u={{ .name }} + -s=all:all + ${TOKEN} resources: limits: {{- toYaml $.Values.oada.resources.limits | nindent 14 }} requests: {{- toYaml $.Values.oada.resources.limits | nindent 14 }} diff --git a/charts/oada/values.schema.json b/charts/oada/values.schema.json new file mode 100644 index 00000000..26223a82 --- /dev/null +++ b/charts/oada/values.schema.json @@ -0,0 +1,176 @@ +{ + "$schema": "http://json-schema.org/schema#", + "type": "object", + "$defs": { + "resources": { + "type": "object" + } + }, + "properties": { + "replicaCount": { + "type": "integer", + "minimum": 1 + }, + "ingress": { + "type": "object", + "properties": { + "enabled": { + "default": true, + "type": "boolean" + }, + "className": { + "type": ["string", "null"] + } + } + }, + "oada": { + "type": "object", + "properties": { + "domains": { + "type": "array", + "items": { + "type": "string" + } + }, + "tag": { + "type": ["string", "null"] + }, + "imagePullPolicy": { + "type": "string", + "enum": ["Always", "IfNotPresent", "Never"] + }, + "services": { + "type": "object", + "additionalProperties": { + "type": "object", + "properties": { + "http": { + "type": "boolean", + "default": false + }, + "enabled": { + "type": "boolean", + "default": true + } + } + } + }, + "users": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "required": ["name"], + "properties": { + "name": { + "type": "string" + }, + "admin": { + "type": "boolean", + "default": false + }, + "roles": { + "type": "array", + "items": { + "type": "string" + } + } + } + } + } + } + }, + "oauth": { + "type": "object", + "properties": { + "issuer": { + "type": ["string", "null"] + } + } + }, + "debug": { + "type": "array", + "items": { + "type": "string" + } + }, + "pino": { + "type": "object", + "properties": { + "level": { + "type": "string", + "enum": ["trace", "debug", "info", "warn", "error", "fatal"] + } + } + }, + "arangodb": { + "type": "object", + "properties": { + "database": { + "type": "string" + }, + "connection": { + "type": ["string", "null"] + }, + "image": { + "type": "string" + }, + "tag": { + "type": "string" + }, + "profileAql": { + "enum": [null, false, 0, true, 1, 2] + }, + "resources": { + "$ref": "#/$defs/resources" + } + } + }, + "kafka": { + "brokers": { + "type": "array", + "items": { + "type": "string" + } + }, + "image": { + "type": "string" + }, + "tag": { + "type": "string" + }, + "chartVersion": { + "type": "string" + } + }, + "k8sWaitFor": { + "image": { + "type": "string" + }, + "tag": { + "type": "string" + }, + "resources": { + "$ref": "#/$defs/resources" + } + }, + "prometheus": { + "type": ["string", "null"] + }, + "nameOverride": { + "type": ["string", "null"] + }, + "fullnameOverride": { + "type": ["string", "null"] + }, + "global": { + "type": "object", + "properties": { + "development": { + "type": "boolean", + "default": false + } + } + } + } +} diff --git a/charts/oada/values.yaml b/charts/oada/values.yaml index b55b9d3d..49c84e00 100644 --- a/charts/oada/values.yaml +++ b/charts/oada/values.yaml @@ -34,9 +34,7 @@ oada: # oada.users is a list of users to be created users: - name: admin - admin: true - scope: - - all:all + roles: - oada.admin.user:all # oada.rateLimit configures rate-limits for OADA API clients rateLimit: @@ -120,9 +118,10 @@ kafka: # If this is empty, the redpanda operator will be used to deploy a cluster. brokers: [] # kafka.image is the Docker image to use for Kafka - image: docker.redpanda.com/vectorized/redpanda + image: docker.redpanda.com/redpandadata/redpanda # kafka.tag is the Docker tag for the Kafka/Redpanda images - tag: v23.1.2 + tag: v24.1.13 + chartVersion: 5.8.13 k8sWaitFor: image: groundnuty/k8s-wait-for