From 8c8987640d04e6260c884c4901256261568b185b Mon Sep 17 00:00:00 2001 From: Lalith Kota Date: Mon, 18 Nov 2024 11:27:46 +0530 Subject: [PATCH] Added openg2p helm charts. Changed all versions to develop Signed-off-by: Lalith Kota --- .github/keys/mosipgpgkey_pub.gpg | Bin 1270 -> 0 bytes .github/keys/mosipgpgkey_sec.gpg | Bin 2663 -> 0 bytes .github/workflows/chart-lint-publish.yml | 62 -- .github/workflows/helm-charts-build.yml | 134 ++++ README.md | 1 + charts/websub/.gitignore | 2 + charts/websub/.helmignore | 23 + charts/websub/Chart.yaml | 22 + charts/websub/README.md | 3 + charts/websub/app-readme.md | 1 + charts/websub/questions.yaml | 10 + charts/websub/templates/_helpers.tpl | 101 +++ charts/websub/templates/configmap-confg.yaml | 13 + .../websub/templates/configmap-startup.yaml | 13 + .../consolidator/configmap-config.yaml | 13 + .../consolidator/configmap-startup.yaml | 13 + .../templates/consolidator/deployment.yaml | 113 +++ .../templates/consolidator/gateway.yaml | 40 + .../templates/consolidator/service.yaml | 26 + .../consolidator/virtualservice.yaml | 37 + charts/websub/templates/deployment.yaml | 117 +++ charts/websub/templates/extra-list.yaml | 4 + charts/websub/templates/gateway.yaml | 38 + charts/websub/templates/secret.yaml | 13 + charts/websub/templates/service-account.yaml | 8 + charts/websub/templates/service.yaml | 24 + charts/websub/templates/servicemonitor.yaml | 34 + charts/websub/templates/virtualservice.yaml | 35 + charts/websub/values.yaml | 708 ++++++++++++++++++ consolidator.Dockerfile | 1 - consolidator/Ballerina.toml | 6 +- hub.Dockerfile | 1 - hub/Ballerina.toml | 6 +- kafka-admin-client/pom.xml | 2 +- 34 files changed, 1553 insertions(+), 71 deletions(-) delete mode 100644 .github/keys/mosipgpgkey_pub.gpg delete mode 100644 .github/keys/mosipgpgkey_sec.gpg delete mode 100644 .github/workflows/chart-lint-publish.yml create mode 100644 .github/workflows/helm-charts-build.yml create mode 100644 charts/websub/.gitignore create mode 100644 charts/websub/.helmignore create mode 100644 charts/websub/Chart.yaml create mode 100644 charts/websub/README.md create mode 100644 charts/websub/app-readme.md create mode 100644 charts/websub/questions.yaml create mode 100644 charts/websub/templates/_helpers.tpl create mode 100644 charts/websub/templates/configmap-confg.yaml create mode 100644 charts/websub/templates/configmap-startup.yaml create mode 100644 charts/websub/templates/consolidator/configmap-config.yaml create mode 100644 charts/websub/templates/consolidator/configmap-startup.yaml create mode 100644 charts/websub/templates/consolidator/deployment.yaml create mode 100644 charts/websub/templates/consolidator/gateway.yaml create mode 100644 charts/websub/templates/consolidator/service.yaml create mode 100644 charts/websub/templates/consolidator/virtualservice.yaml create mode 100644 charts/websub/templates/deployment.yaml create mode 100644 charts/websub/templates/extra-list.yaml create mode 100644 charts/websub/templates/gateway.yaml create mode 100644 charts/websub/templates/secret.yaml create mode 100644 charts/websub/templates/service-account.yaml create mode 100644 charts/websub/templates/service.yaml create mode 100644 charts/websub/templates/servicemonitor.yaml create mode 100644 charts/websub/templates/virtualservice.yaml create mode 100644 charts/websub/values.yaml diff --git a/.github/keys/mosipgpgkey_pub.gpg b/.github/keys/mosipgpgkey_pub.gpg deleted file mode 100644 index 4bdb1a947beaa877a93b56a2074580cdd9bf0578..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1270 zcmbQq$jcHZy2y@^gW*i(B_ZoOO}xok8QrJ7Cf&}qetdqLrPuP}`P;)T-Y(VI_HkO_ z1{{w_f#RHj!qd-^bJoQmWM7;XW@lbzf|A4J(W)_uZi-T`J_?5k8I!A{8+V6Y2-?iCh1xP-B zIq6E*9lP}7Ro)kBJiO-Q-t)Wj;Fy-k3!e44+^24G7$(eOmrP(w-?^yl?-s_Lj~{U? z|Iz2Tvh0=vd*g}qnQnX5u8!QgWqQ&|20=y!#w{MX`Nf$93K}69nZ*h~1mWf;mZjz? zB&X(;6eZ>;6r~pAYbw})rSwvB6Ek!2@=G$)GE<8j(m_1E^d-NQtB%>uiS4{`PS#`d z!2|Vwjd%R@+!xB97yY%eDJ><;wy?==@1nw%l1YihOg~;t$!Xr>^ncmLm-3sEy5o&z z7@iA#{p{Nz<!2>s$RBXB1ov96vXdr)51sAImSU;o{c6)J0UM44_b zpVf0Mm{D=={>!vRIb z`z+?pC(SfW%+zuj?53RMyjoQ7Nu3fcuhg`sy#Fh4&J!iymvj-SznK9SLE*G_rU-{#+($YQM6^zA8 z7bu5adm9((&-Z%Wg4K*(CprHfSNpfyX0CO^G<~zxx?F0xdnCb$wUg0|MFN<_6quxW z@FgT>9}%#9~XsWKj>S1US}t8BZxbD3G^vqQ&Cgnpb7no=`QThyYOHDz_% zPyV~E60;&o^Q5#s6vChzi|I4kog5a!b&-`}rA>|>XChRoKXOCr47i%DqEc5_q84HM3=sTiyHYODL3TL5is59vl$0S z0P5K9i{z~+wleRGRKMl<*)5aQTBct*FFWudgJRnFET(72mrDmV9;Hd3jpVQFX^}_ z<1>tMeUoTe{<>j4Sl*F^S}yKjYuAJfUm#cR`9!vKOZ5~`EGDHTsLhjaIlqMT|ibes6-JO^oZ;_(fXz-}1m7;Fc0vih~S-l*y`s z+e5k`-!Lb8zU9?SFbX9+4ouyB(rl4dsSn9eZ>+47Ni+amQnP?qW_3)}M$~za7R04; z53Ze2D2hU@KbHu0VW)vjGwRC!h?o0NTvYJPnowNier5fN^RGavD@W6SlFN7T%Uk_? z)Kug6b;6#x>aVobJ+w9VJY5~dXH%QeShiu**;XY0ng6KwdZm5jz^Pnc%D>lM)53>1 z!3?ZAEf&{6G)k@P;r^{@3V=C8x85RXso6eNyC!J1CSl#`EU~oJ`r^Wk+YyME=`N(3 ziCwp&2o#9jpR$@LI5gNJ9beNRf^VuMq*v}9d_sP#cUvB~He+Rn;3Dk~4*CkC8&G~V z%~tY`L|5ag!SpFlU8?(%_VV<$YTX4Uy^Dul7axlELQ*oXu3eiyQeK!-oj{J40+xBF z0|G2&9orf8%9oX_mn(e5^m$)qWGjC1DYjO{$3E;5_NPQ_%87T*NZd1v0^1)L z{+VRC3G!nw5nVIcAg$?!W_)uPO21X^({O*ih~gvNHOYDo4^eYyT008jOUrh$;ZTx( zhuL7fM&N_Ou)#7)D1U62%-{F#i1&>2A;@_95W+(}17$*ef`gQ04E|NA``|sXfrOxN ztS{Cl)Wq+fN!>dLZ=1t0_cIn!4Pgvj=vWHWIx3L;^g9H69IvNASob7G(kj` zEy-wVWn`-ZOPdw6iZmT_^90Cq$|(!L#VPQg&uTK{*ilT^ot#xzcQ<#gZpPNx z*858Olsa4_9@r}Xw(4f$=+Vje8}RFjdAnAjrG9eIjx$jql1m@)r-Ov+G5IREVCCc0 zdTfsCs15mLk72P}+T@5N;#Eg`{E=4kk>y)7Kf!e`Cein%qhUy*QQNbSyW!cMVW9o> zoWP_vX2;L#*Q6V~NbazF%@Op*@~`*uyA-ZjW+9x!D(7*mEjW8|C@Y_OPn>(V;(jh& z929Tr0;FB`P1@pt3M7kmYYb=gHd4zLErQPU&ahIKyV$sFSi!CYqxX`)C3S zsFCL(dlRiaUqr^4bM)ZqF(5H0tPxE~H5^(o_l%?cIc1TOYQcIO>9?bSf zD^v%b0!>vGrcXEkWlP>wKgvP%H*kkasI!79#4x{u*`(6~6&tl#Q8bsJJnRPe+H)a% zUAwF-lkMWAer+YVwjv&2lrzjZ9vZwqJdyQ1u}X~3r1rb?^>7WdW=G@XJsqVrnMYsp z2NZa@y`U`va_m8*C|iUx*NJe7Bx z*utP~`8H~vQh>;Q&ZAyMR;xjYenPH>Hbsp~5&!1&f0b3$uLqw=?|68O5{qzlmCGvS zgv#+dZ2q)&*pYh=6U-6S!KZkYUUD6Y?fn@tFQxO?izh>1pzVEwbw8y87n+3`PF}4R zIxWRXV@q$jE=G%zsVfd3R!DxEO(&Ao-?hmv#ZNuSXh1M9y+}lK(1lCeA}%(IB-{A6 zgt)}E>^;uadQ#c9W8g|zMh*3bK#`K#(s)v|$Zi0qYoEh$$vgd(`ZQsW8>qe*C+)iVx)hWwg)zdwrEa{_G%_ z68Tp`giRFXQ_-f#h=?wT!d?kWbu-nR(edIm3M}h0=65#1d;N)74v&nWsbc$;;htvro%w;%G@v${ z*xxkDfW&$JAAsQh1+d5t!cvf!{3_=ofw(Xpom#0t9iu(hPFsH83m4iS5Xy;ra{iP~ z?1`I{(IE{)wYI0 zp?Lro`tclyiF&K_MBTH9kbUsg=yu-maA!*_U*}`HPj-_Wbh&ke5YP9M2PwKR~+0n z`yU!zDyk)lFb4N<72OjB)L)J#F`fE*5><~{u0AZpb_3h}4U&GS>wU*FJ#yt)=4Y@a SkkiE(Bh1Lh;14qU=Klc8TJt&p diff --git a/.github/workflows/chart-lint-publish.yml b/.github/workflows/chart-lint-publish.yml deleted file mode 100644 index c8d6ba3..0000000 --- a/.github/workflows/chart-lint-publish.yml +++ /dev/null @@ -1,62 +0,0 @@ -name: Validate / Publish helm charts - -on: - release: - types: [published] - pull_request: - types: [opened, reopened, synchronize] - paths: - - 'helm/**' - workflow_dispatch: - inputs: - IGNORE_CHARTS: - description: 'Provide list of charts to be ignored separated by pipe(|)' - required: false - default: '""' - type: string - CHART_PUBLISH: - description: 'Chart publishing to gh-pages branch' - required: false - default: 'NO' - type: string - options: - - YES - - NO - INCLUDE_ALL_CHARTS: - description: 'Include all charts for Linting/Publishing (YES/NO)' - required: false - default: 'NO' - type: string - options: - - YES - - NO - push: - branches: - - '!release-branch' - - '!master' - - 1.* - - 0.* - - develop - - release* - paths: - - 'helm/**' - -jobs: - chart-lint-publish: - uses: mosip/kattu/.github/workflows/chart-lint-publish.yml@master - with: - CHARTS_DIR: ./helm - CHARTS_URL: https://mosip.github.io/mosip-helm - REPOSITORY: mosip-helm - BRANCH: gh-pages - INCLUDE_ALL_CHARTS: "${{ inputs.INCLUDE_ALL_CHARTS || 'NO' }}" - IGNORE_CHARTS: "${{ inputs.IGNORE_CHARTS || '\"\"' }}" - CHART_PUBLISH: "${{ inputs.CHART_PUBLISH || 'YES' }}" - LINTING_CHART_SCHEMA_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/chart-schema.yaml" - LINTING_LINTCONF_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/lintconf.yaml" - LINTING_CHART_TESTING_CONFIG_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/chart-testing-config.yaml" - LINTING_HEALTH_CHECK_SCHEMA_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/health-check-schema.yaml" - DEPENDENCIES: "mosip,https://mosip.github.io/mosip-helm;" - secrets: - TOKEN: ${{ secrets.ACTION_PAT }} - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} diff --git a/.github/workflows/helm-charts-build.yml b/.github/workflows/helm-charts-build.yml new file mode 100644 index 0000000..f852e59 --- /dev/null +++ b/.github/workflows/helm-charts-build.yml @@ -0,0 +1,134 @@ +name: Build and Publish Helm charts + +on: + push: + tags-ignore: + - '**' + branches: + - 1.* + - develop + - main + workflow_dispatch: + inputs: + forcePublishCharts: + description: "Force publish Charts?" + default: "*" + type: string + +jobs: + generate-charts: + runs-on: ubuntu-latest + env: + SKIP: 'FALSE' + RANCHER_CHART_FILTER: "openg2p.org/add-to-rancher" + FORCE_PUBLISH_CHARTS: "${{ inputs.forcePublishCharts || '' }}" + defaults: + run: + shell: bash + steps: + - name: Checkout Repository + uses: actions/checkout@v3 + + - id: files + if: env.FORCE_PUBLISH_CHARTS == '' + uses: jitterbit/get-changed-files@v1 + + - name: save helm/charts to tmp.txt file + run: | + touch charts-list.txt + if [ -n "${FORCE_PUBLISH_CHARTS}" ]; then + for chart in charts/${FORCE_PUBLISH_CHARTS}/; do + chart="${chart#charts/}" + chart="${chart%/}" + echo "$chart" >> charts-list.txt + done + else + for changed_file in ${{ steps.files.outputs.all }}; do + if [[ ${changed_file} =~ ^charts ]]; then + chart_name=$(echo "${changed_file}" | awk -F/ '/^[charts]/{print $2}') + echo $chart_name >> charts-list.txt; + echo "Saved $chart_name chart to charts-list.txt" + fi + done + cat charts-list.txt | sort | uniq > charts-list-unique.txt + mv charts-list-unique.txt charts-list.txt + fi + echo "List of charts to be published"; + cat charts-list.txt + + - name: Generate tar files + run: | + if [[ ! -s charts-list.txt ]]; then + echo "::warning::No Charts to publish"; + echo "SKIP=TRUE" >> $GITHUB_ENV + else + for chartpath in charts/*/; do + if [ -f ${chartpath}Chart.yaml ]; then + helm dep up $chartpath + fi + done + RANCHER_CHARTS=() + while IFS= read -r chartpath; do + echo "chartpath: $chartpath" + chartname=$(basename "$chartpath") + if [ -f charts/${chartname}/Chart.yaml ]; then + echo "Chartname: $chartname" + helm package charts/$chartpath + is_rancher_chart=$(grep "$RANCHER_CHART_FILTER" charts/${chartpath%*/}/Chart.yaml || true) + if [ -n "$is_rancher_chart" ]; then + RANCHER_CHARTS+=("$chartname") + fi + fi + done < charts-list.txt + echo "RANCHER_CHARTS=${RANCHER_CHARTS[@]}" >> $GITHUB_ENV + rm charts-list.txt + fi + + shopt -s nocasematch + if [[ '${{ github.repository_owner }}' != 'OpenG2P' ]]; then + echo "SKIP=TRUE" >> $GITHUB_ENV + fi + - name: Upload tar as Artifact + uses: actions/upload-artifact@v4 + with: + name: charts + path: ./*.tgz + if: env.SKIP != 'TRUE' + + - name: Checkout branch for publishing + uses: actions/checkout@v3 + with: + repository: 'openg2p/openg2p-helm' + ref: gh-pages + token: ${{ secrets.OPENG2P_BOT_GITHUB_PAT }} + if: env.SKIP != 'TRUE' + + - name: Download tar from Artifacts + uses: actions/download-artifact@v4 + with: + name: charts + path: ./ + if: env.SKIP != 'TRUE' + + - name: Update index.yaml + run: | + helm repo index --url https://openg2p.github.io/openg2p-helm/ . + for chartname in $RANCHER_CHARTS; do + cp ${chartname}*.tgz rancher/ + done + helm repo index --url https://openg2p.github.io/openg2p-helm/ --merge rancher/index.yaml rancher + for chartname in $RANCHER_CHARTS; do + rm rancher/${chartname}*.tgz || true + done + if: env.SKIP != 'TRUE' + + - name: Commit Changes to repository + uses: EndBug/add-and-commit@v7 + with: + branch: gh-pages + author_name: openg2pbot + author_email: bot@openg2p.org + default_author: user_info + message: 'added common helm charts for publish openg2p/websub@${{ github.sha }}' + add: './*.tgz ./index.yaml rancher/index.yaml' + if: env.SKIP != 'TRUE' diff --git a/README.md b/README.md index 89a7148..0d62f22 100644 --- a/README.md +++ b/README.md @@ -57,6 +57,7 @@ NOTE: ballerina should be present in your local system [(Download ballerina)](ht - Build: ``` + cd consolidator/ bal build ``` diff --git a/charts/websub/.gitignore b/charts/websub/.gitignore new file mode 100644 index 0000000..9169e44 --- /dev/null +++ b/charts/websub/.gitignore @@ -0,0 +1,2 @@ +charts/*.tgz +Chart.lock diff --git a/charts/websub/.helmignore b/charts/websub/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/websub/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/websub/Chart.yaml b/charts/websub/Chart.yaml new file mode 100644 index 0000000..438de98 --- /dev/null +++ b/charts/websub/Chart.yaml @@ -0,0 +1,22 @@ +apiVersion: v2 +name: websub +description: A Helm chart for WebSub +type: application +version: 0.0.0-develop +dependencies: +- name: common + repository: oci://registry-1.docker.io/bitnamicharts + version: 2.x.x +- name: kafka + repository: oci://registry-1.docker.io/bitnamicharts + version: 29.x.x + condition: kafka.enabled +keywords: + - mosip + - websub +maintainers: + - email: info@openg2p.org + name: OpenG2P +icon: https://openg2p.github.io/openg2p-helm/openg2p-logo.png +annotations: + catalog.cattle.io/display-name: "WebSub" diff --git a/charts/websub/README.md b/charts/websub/README.md new file mode 100644 index 0000000..ff90cbc --- /dev/null +++ b/charts/websub/README.md @@ -0,0 +1,3 @@ +# WebSub + +Helm chart for installing WebSub module. diff --git a/charts/websub/app-readme.md b/charts/websub/app-readme.md new file mode 100644 index 0000000..1ead844 --- /dev/null +++ b/charts/websub/app-readme.md @@ -0,0 +1 @@ +WebSub Installation. diff --git a/charts/websub/questions.yaml b/charts/websub/questions.yaml new file mode 100644 index 0000000..96f96c5 --- /dev/null +++ b/charts/websub/questions.yaml @@ -0,0 +1,10 @@ +questions: +- variable: hostname + description: Hostname under which WebSub should be accessible + type: string + label: WebSub Hostname + +- variable: global.keycloakBaseUrl + description: Required for API auth validation. + type: string + label: Keycloak Base URL diff --git a/charts/websub/templates/_helpers.tpl b/charts/websub/templates/_helpers.tpl new file mode 100644 index 0000000..5113f7a --- /dev/null +++ b/charts/websub/templates/_helpers.tpl @@ -0,0 +1,101 @@ +{{/* +Return the proper image name +*/}} +{{- define "websub.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }} +{{- end -}} + +{{- define "websub.consolidator.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.consolidator.image "global" .Values.global) }} +{{- end -}} + +{{/* +Return the proper Docker Image Registry Secret Names +*/}} +{{- define "websub.imagePullSecrets" -}} +{{- include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.consolidator.image) "global" .Values.global) -}} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "websub.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (printf "%s" (include "common.names.fullname" .)) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Return podAnnotations +*/}} +{{- define "websub.podAnnotations" -}} +{{- if .Values.podAnnotations }} +{{ include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) }} +{{- end }} +{{- if and .Values.metrics.enabled .Values.metrics.podAnnotations }} +{{ include "common.tplvalues.render" (dict "value" .Values.metrics.podAnnotations "context" $) }} +{{- end }} +{{- end -}} + +{{- define "websub.consolidator.podAnnotations" -}} +{{- if .Values.consolidator.podAnnotations }} +{{ include "common.tplvalues.render" (dict "value" .Values.consolidator.podAnnotations "context" $) }} +{{- end }} +{{- if and .Values.metrics.enabled .Values.metrics.podAnnotations }} +{{ include "common.tplvalues.render" (dict "value" .Values.metrics.podAnnotations "context" $) }} +{{- end }} +{{- end -}} + +{{/* +Render Env values section +*/}} +{{- define "websub.baseEnvVars" -}} +{{- $context := .context -}} +{{- range $k, $v := .envVars }} +- name: {{ $k }} +{{- if or (kindIs "int64" $v) (kindIs "float64" $v) (kindIs "bool" $v) }} + value: {{ $v | quote }} +{{- else if kindIs "string" $v }} + value: {{ include "common.tplvalues.render" ( dict "value" $v "context" $context ) | squote }} +{{- else }} + valueFrom: {{- include "common.tplvalues.render" ( dict "value" $v "context" $context ) | nindent 4}} +{{- end }} +{{- end }} +{{- end -}} + +{{- define "websub.envVars" -}} +{{- $envVars := merge (deepCopy .Values.envVars) (deepCopy .Values.envVarsFrom) -}} +{{- include "websub.baseEnvVars" (dict "envVars" $envVars "context" $) }} +{{- end -}} + +{{- define "websub.consolidator.envVars" -}} +{{- $envVars := merge (deepCopy .Values.consolidator.envVars) (deepCopy .Values.consolidator.envVarsFrom) -}} +{{- include "websub.baseEnvVars" (dict "envVars" $envVars "context" $) }} +{{- end -}} + +{{/* +Return command +*/}} +{{- define "websub.commandBase" -}} +{{- if or .command .args }} +{{- if .command }} +command: {{- include "common.tplvalues.render" (dict "value" .command "context" .context) }} +{{- end }} +{{- if .args }} +args: {{- include "common.tplvalues.render" (dict "value" .args "context" .context) }} +{{- end }} +{{- else if .startUpCommand }} +command: ["/startup.sh"] +args: [] +{{- end }} +{{- end -}} + +{{- define "websub.command" -}} +{{- include "websub.commandBase" (dict "command" .Values.command "args" .Values.args "startUpCommand" .Values.startUpCommand "context" $) }} +{{- end -}} + +{{- define "websub.consolidator.command" -}} +{{- include "websub.commandBase" (dict "command" .Values.consolidator.command "args" .Values.consolidator.args "startUpCommand" .Values.consolidator.startUpCommand "context" $) }} +{{- end -}} diff --git a/charts/websub/templates/configmap-confg.yaml b/charts/websub/templates/configmap-confg.yaml new file mode 100644 index 0000000..61e97a3 --- /dev/null +++ b/charts/websub/templates/configmap-confg.yaml @@ -0,0 +1,13 @@ +{{- if .Values.configToml }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.names.fullname" . }}-config + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + config.toml: |- + {{- include "common.tplvalues.render" (dict "value" .Values.configToml "context" $) | nindent 4 }} +{{- end }} diff --git a/charts/websub/templates/configmap-startup.yaml b/charts/websub/templates/configmap-startup.yaml new file mode 100644 index 0000000..bce096b --- /dev/null +++ b/charts/websub/templates/configmap-startup.yaml @@ -0,0 +1,13 @@ +{{- if and .Values.startUpCommand (not (or .Values.command .Values.args)) }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.names.fullname" . }}-startup + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + startup.sh: |- + {{- include "common.tplvalues.render" (dict "value" .Values.startUpCommand "context" $) | nindent 4 }} +{{- end }} diff --git a/charts/websub/templates/consolidator/configmap-config.yaml b/charts/websub/templates/consolidator/configmap-config.yaml new file mode 100644 index 0000000..f73a020 --- /dev/null +++ b/charts/websub/templates/consolidator/configmap-config.yaml @@ -0,0 +1,13 @@ +{{- if .Values.consolidator.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.names.fullname" . }}-consolidator-config + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + config.toml: |- + {{- include "common.tplvalues.render" (dict "value" .Values.consolidator.configToml "context" $) | nindent 4 }} +{{- end }} diff --git a/charts/websub/templates/consolidator/configmap-startup.yaml b/charts/websub/templates/consolidator/configmap-startup.yaml new file mode 100644 index 0000000..e367636 --- /dev/null +++ b/charts/websub/templates/consolidator/configmap-startup.yaml @@ -0,0 +1,13 @@ +{{- if and .Values.consolidator.startUpCommand (not (or .Values.consolidator.command .Values.consolidator.args)) }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.names.fullname" . }}-consolidator-startup + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + startup.sh: |- + {{- include "common.tplvalues.render" (dict "value" .Values.consolidator.startUpCommand "context" $) | nindent 4 }} +{{- end }} diff --git a/charts/websub/templates/consolidator/deployment.yaml b/charts/websub/templates/consolidator/deployment.yaml new file mode 100644 index 0000000..c5046dd --- /dev/null +++ b/charts/websub/templates/consolidator/deployment.yaml @@ -0,0 +1,113 @@ +{{- if .Values.consolidator.enabled }} +apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} +kind: Deployment +metadata: + name: {{ include "common.names.fullname" . }}-consolidator + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + replicas: {{ .Values.consolidator.replicaCount }} + {{- if .Values.consolidator.updateStrategy }} + strategy: {{- toYaml .Values.consolidator.updateStrategy | nindent 4 }} + {{- end }} + selector: + matchLabels: {{- include "common.labels.matchLabels" (dict "customLabels" .Values.consolidator.podLabels "context" $) | nindent 6 }} + template: + metadata: + {{- if or .Values.consolidator.podAnnotations .Values.metrics.enabled }} + annotations: {{- include "websub.consolidator.podAnnotations" . | nindent 8 }} + {{- end }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.consolidator.podLabels "context" $) | nindent 8 }} + spec: + serviceAccountName: {{ template "websub.serviceAccountName" . }} + {{- include "websub.imagePullSecrets" . | nindent 6 }} + {{- if .Values.consolidator.hostAliases }} + hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.consolidator.hostAliases "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.consolidator.affinity }} + affinity: {{- include "common.tplvalues.render" ( dict "value" .Values.consolidator.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.consolidator.podAffinityPreset "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.consolidator.podAntiAffinityPreset "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.consolidator.nodeAffinityPreset.type "key" .Values.consolidator.nodeAffinityPreset.key "values" .Values.consolidator.nodeAffinityPreset.values) | nindent 10 }} + {{- end }} + {{- if .Values.consolidator.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.consolidator.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.consolidator.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.consolidator.tolerations "context" .) | nindent 8 }} + {{- end }} + {{- if .Values.consolidator.priorityClassName }} + priorityClassName: {{ .Values.consolidator.priorityClassName | quote }} + {{- end }} + {{- if .Values.consolidator.podSecurityContext.enabled }} + securityContext: {{- omit .Values.consolidator.podSecurityContext "enabled" | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.consolidator.initContainers }} + initContainers: + {{- include "common.tplvalues.render" (dict "value" .Values.consolidator.initContainers "context" $) | nindent 8 }} + {{- end }} + containers: + - name: websub-consolidator + image: {{ template "websub.consolidator.image" . }} + imagePullPolicy: {{ .Values.consolidator.image.pullPolicy }} + {{- if .Values.consolidator.lifecycleHooks }} + lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.consolidator.lifecycleHooks "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.consolidator.containerSecurityContext.enabled }} + securityContext: {{- omit .Values.consolidator.containerSecurityContext "enabled" | toYaml | nindent 12 }} + {{- end }} + {{- include "websub.consolidator.command" . | nindent 10 }} + env: + {{- include "websub.consolidator.envVars" . | nindent 12 }} + ports: + - name: http + containerPort: {{ .Values.consolidator.containerPort }} + {{- if .Values.consolidator.resources }} + resources: {{- toYaml .Values.consolidator.resources | nindent 12 }} + {{- end }} + {{- if .Values.consolidator.startupProbe.enabled }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.consolidator.startupProbe "enabled") "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.consolidator.livenessProbe.enabled }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.consolidator.livenessProbe "enabled") "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.consolidator.readinessProbe.enabled }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.consolidator.readinessProbe "enabled") "context" $) | nindent 12 }} + {{- end }} + volumeMounts: + {{- if and .Values.consolidator.startUpCommand (not (or .Values.consolidator.command .Values.consolidator.args)) }} + - name: startup-command + mountPath: /startup.sh + subPath: startup.sh + {{- end }} + {{- if .Values.consolidator.configToml }} + - name: config-toml + mountPath: {{ include "common.tplvalues.render" (dict "value" .Values.consolidator.configTomlMountPath "context" $) }} + subPath: config.toml + {{- end }} + {{- if .Values.consolidator.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.consolidator.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.consolidator.sidecars }} + {{- include "common.tplvalues.render" ( dict "value" .Values.consolidator.sidecars "context" $) | nindent 8 }} + {{- end }} + volumes: + {{- if and .Values.consolidator.startUpCommand (not (or .Values.consolidator.command .Values.consolidator.args)) }} + - name: startup-command + configMap: + name: {{ include "common.names.fullname" . }}-consolidator-startup + defaultMode: 0755 + {{- end }} + {{- if .Values.consolidator.configToml }} + - name: config-toml + configMap: + name: {{ include "common.names.fullname" . }}-consolidator-config + {{- end }} + {{- if .Values.consolidator.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.consolidator.extraVolumes "context" $) | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/websub/templates/consolidator/gateway.yaml b/charts/websub/templates/consolidator/gateway.yaml new file mode 100644 index 0000000..b0dc882 --- /dev/null +++ b/charts/websub/templates/consolidator/gateway.yaml @@ -0,0 +1,40 @@ +{{- if .Values.consolidator.enabled }} +{{- if .Values.consolidator.istio.enabled }} +{{- if .Values.consolidator.istio.gateway.enabled }} +apiVersion: networking.istio.io/v1beta1 +kind: Gateway +metadata: + name: {{ include "common.names.fullname" . }}-consolidator + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + selector: + {{ toYaml .Values.consolidator.istio.gateway.ingressController | nindent 4 }} + servers: + {{- if .Values.consolidator.istio.gateway.httpEnabled }} + - port: + name: http2 + number: 8080 + protocol: HTTP2 + hosts: + - {{ default .Values.hostname .Values.consolidator.istio.gateway.host | quote }} + {{- if .Values.consolidator.istio.gateway.httpTlsRedirect }} + tls: + httpsRedirect: true + {{- end }} + {{- end }} + {{- if .Values.consolidator.istio.gateway.httpsEnabled }} + - port: + name: https + number: 8443 + protocol: HTTPS + hosts: + - {{ default .Values.hostname .Values.consolidator.istio.gateway.host | quote }} + tls: + {{ toYaml (omit .Values.consolidator.istio.gateway.tls "enabled") | nindent 6 }} + {{- end }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/websub/templates/consolidator/service.yaml b/charts/websub/templates/consolidator/service.yaml new file mode 100644 index 0000000..a2303b1 --- /dev/null +++ b/charts/websub/templates/consolidator/service.yaml @@ -0,0 +1,26 @@ +{{- if .Values.consolidator.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.names.fullname" . }}-consolidator + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.consolidator.service.type }} + {{- if (or (eq .Values.consolidator.service.type "LoadBalancer") (eq .Values.consolidator.service.type "NodePort")) }} + externalTrafficPolicy: {{ .Values.consolidator.service.externalTrafficPolicy | quote }} + {{- end }} + {{ if eq .Values.consolidator.service.type "LoadBalancer" }} + loadBalancerSourceRanges: {{ .Values.consolidator.service.loadBalancerSourceRanges }} + {{ end }} + {{- if (and (eq .Values.consolidator.service.type "LoadBalancer") (not (empty .Values.consolidator.service.loadBalancerIP))) }} + loadBalancerIP: {{ .Values.consolidator.service.loadBalancerIP }} + {{- end }} + ports: + - name: http + port: {{ .Values.consolidator.service.port }} + targetPort: {{ .Values.consolidator.containerPort }} + selector: {{- include "common.labels.matchLabels" (dict "customLabels" .Values.consolidator.podLabels "context" $) | nindent 4 }} +{{- end }} diff --git a/charts/websub/templates/consolidator/virtualservice.yaml b/charts/websub/templates/consolidator/virtualservice.yaml new file mode 100644 index 0000000..0a0c7c9 --- /dev/null +++ b/charts/websub/templates/consolidator/virtualservice.yaml @@ -0,0 +1,37 @@ +{{- if .Values.consolidator.enabled }} +{{- if .Values.consolidator.istio.enabled }} +{{- if .Values.consolidator.istio.virtualservice.enabled }} +apiVersion: networking.istio.io/v1alpha3 +kind: VirtualService +metadata: + name: {{ include "common.names.fullname" . }}-consolidator + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + hosts: + - {{ default .Values.hostname .Values.consolidator.istio.virtualservice.host | quote }} + gateways: + - {{ default (include "common.names.fullname" .) .Values.consolidator.istio.virtualservice.gateway }} + http: + - headers: + request: + set: + x-forwarded-host: {{ default .Values.hostname .Values.consolidator.istio.virtualservice.host | quote }} + x-forwarded-proto: https + match: + - uri: + prefix: {{ .Values.consolidator.istio.virtualservice.prefix }} + {{- if .Values.consolidator.istio.virtualservice.rewriteUri }} + rewrite: + uri: {{ .Values.consolidator.istio.virtualservice.rewriteUri }} + {{- end }} + route: + - destination: + host: {{ include "common.tplvalues.render" (dict "value" .Values.consolidator.istio.virtualservice.destination "context" $) }} + port: + number: {{ include "common.tplvalues.render" (dict "value" .Values.consolidator.istio.virtualservice.destinationPort "context" $) }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/websub/templates/deployment.yaml b/charts/websub/templates/deployment.yaml new file mode 100644 index 0000000..7940d79 --- /dev/null +++ b/charts/websub/templates/deployment.yaml @@ -0,0 +1,117 @@ +apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} +kind: Deployment +metadata: + name: {{ include "common.names.fullname" . }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + replicas: {{ .Values.replicaCount }} + {{- if .Values.updateStrategy }} + strategy: {{- toYaml .Values.updateStrategy | nindent 4 }} + {{- end }} + selector: + matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }} + template: + metadata: + {{- if or .Values.podAnnotations .Values.metrics.enabled }} + annotations: {{- include "websub.podAnnotations" . | nindent 8 }} + {{- end }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.podLabels "context" $) | nindent 8 }} + spec: + serviceAccountName: {{ template "websub.serviceAccountName" . }} + {{- include "websub.imagePullSecrets" . | nindent 6 }} + {{- if .Values.hostAliases }} + hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.affinity }} + affinity: {{- include "common.tplvalues.render" ( dict "value" .Values.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }} + {{- end }} + {{- if .Values.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" .) | nindent 8 }} + {{- end }} + {{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName | quote }} + {{- end }} + {{- if .Values.podSecurityContext.enabled }} + securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.initContainers }} + initContainers: + {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }} + {{- end }} + containers: + - name: websub + image: {{ template "websub.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- if .Values.lifecycleHooks }} + lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleHooks "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.containerSecurityContext.enabled }} + securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }} + {{- end }} + {{- include "websub.command" . | nindent 10 }} + env: + {{- include "websub.envVars" . | nindent 12 }} + ports: + - name: http + containerPort: {{ .Values.containerPort }} + {{- if .Values.resources }} + resources: {{- toYaml .Values.resources | nindent 12 }} + {{- end }} + {{- if .Values.startupProbe.enabled }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.startupProbe "enabled") "context" $) | nindent 12 }} + {{- else if .Values.customStartupProbe }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customStartupProbe "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.livenessProbe.enabled }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.livenessProbe "enabled") "context" $) | nindent 12 }} + {{- else if .Values.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.readinessProbe.enabled }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.readinessProbe "enabled") "context" $) | nindent 12 }} + {{- else if .Values.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }} + {{- end }} + volumeMounts: + {{- if and .Values.startUpCommand (not (or .Values.command .Values.args)) }} + - name: startup-command + mountPath: /startup.sh + subPath: startup.sh + {{- end }} + {{- if .Values.configToml }} + - name: config-toml + mountPath: {{ include "common.tplvalues.render" (dict "value" .Values.configTomlMountPath "context" $) }} + subPath: config.toml + {{- end }} + {{- if .Values.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.sidecars }} + {{- include "common.tplvalues.render" ( dict "value" .Values.sidecars "context" $) | nindent 8 }} + {{- end }} + volumes: + {{- if and .Values.startUpCommand (not (or .Values.command .Values.args)) }} + - name: startup-command + configMap: + name: {{ include "common.names.fullname" . }}-startup + defaultMode: 0755 + {{- end }} + {{- if .Values.configToml }} + - name: config-toml + configMap: + name: {{ include "common.names.fullname" . }}-config + {{- end }} + {{- if .Values.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }} + {{- end }} diff --git a/charts/websub/templates/extra-list.yaml b/charts/websub/templates/extra-list.yaml new file mode 100644 index 0000000..9ac65f9 --- /dev/null +++ b/charts/websub/templates/extra-list.yaml @@ -0,0 +1,4 @@ +{{- range .Values.extraDeploy }} +--- +{{ include "common.tplvalues.render" (dict "value" . "context" $) }} +{{- end }} diff --git a/charts/websub/templates/gateway.yaml b/charts/websub/templates/gateway.yaml new file mode 100644 index 0000000..a1cd9b4 --- /dev/null +++ b/charts/websub/templates/gateway.yaml @@ -0,0 +1,38 @@ +{{- if .Values.istio.enabled }} +{{- if .Values.istio.gateway.enabled }} +apiVersion: networking.istio.io/v1beta1 +kind: Gateway +metadata: + name: {{ include "common.names.fullname" . }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + selector: + {{ toYaml .Values.istio.gateway.ingressController | nindent 4 }} + servers: + {{- if .Values.istio.gateway.httpEnabled }} + - port: + name: http2 + number: 8080 + protocol: HTTP2 + hosts: + - {{ default .Values.hostname .Values.istio.gateway.host | quote }} + {{- if .Values.istio.gateway.httpTlsRedirect }} + tls: + httpsRedirect: true + {{- end }} + {{- end }} + {{- if .Values.istio.gateway.httpsEnabled }} + - port: + name: https + number: 8443 + protocol: HTTPS + hosts: + - {{ default .Values.hostname .Values.istio.gateway.host | quote }} + tls: + {{ toYaml (omit .Values.istio.gateway.tls "enabled") | nindent 6 }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/websub/templates/secret.yaml b/charts/websub/templates/secret.yaml new file mode 100644 index 0000000..b72c620 --- /dev/null +++ b/charts/websub/templates/secret.yaml @@ -0,0 +1,13 @@ +{{- if not .Values.existingSecret }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.names.fullname" . }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + encryption-key: {{ include "common.secrets.passwords.manage" (dict "secret" (include "common.names.fullname" .) "key" "encryption-key" "length" 10 "providedValues" (list "encryptionKey") "context" $) }} +{{- end }} diff --git a/charts/websub/templates/service-account.yaml b/charts/websub/templates/service-account.yaml new file mode 100644 index 0000000..6c6e063 --- /dev/null +++ b/charts/websub/templates/service-account.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "websub.serviceAccountName" . }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} diff --git a/charts/websub/templates/service.yaml b/charts/websub/templates/service.yaml new file mode 100644 index 0000000..58ce32e --- /dev/null +++ b/charts/websub/templates/service.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.names.fullname" . }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.service.type }} + {{- if (or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort")) }} + externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | quote }} + {{- end }} + {{ if eq .Values.service.type "LoadBalancer" }} + loadBalancerSourceRanges: {{ .Values.service.loadBalancerSourceRanges }} + {{ end }} + {{- if (and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP))) }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} + {{- end }} + ports: + - port: {{ .Values.service.port }} + protocol: TCP + targetPort: {{ .Values.containerPort }} + selector: {{- include "common.labels.matchLabels" . | nindent 4 }} diff --git a/charts/websub/templates/servicemonitor.yaml b/charts/websub/templates/servicemonitor.yaml new file mode 100644 index 0000000..03f1d96 --- /dev/null +++ b/charts/websub/templates/servicemonitor.yaml @@ -0,0 +1,34 @@ +{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "common.names.fullname" . }} + {{- if .Values.metrics.serviceMonitor.namespace }} + namespace: {{ .Values.metrics.serviceMonitor.namespace }} + {{- end }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.metrics.serviceMonitor.additionalLabels "context" $) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + endpoints: + - targetPort: {{ .Values.containerPort }} + path: {{ .Values.metrics.endpointPath }} + {{- if .Values.metrics.serviceMonitor.interval }} + interval: {{ .Values.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.honorLabels }} + honorLabels: {{ .Values.metrics.serviceMonitor.honorLabels }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.relabellings }} + metricRelabelings: {{- toYaml .Values.metrics.serviceMonitor.relabellings | nindent 6 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace | quote }} + selector: + matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }} +{{- end }} diff --git a/charts/websub/templates/virtualservice.yaml b/charts/websub/templates/virtualservice.yaml new file mode 100644 index 0000000..f0bdb87 --- /dev/null +++ b/charts/websub/templates/virtualservice.yaml @@ -0,0 +1,35 @@ +{{- if .Values.istio.enabled }} +{{- if .Values.istio.virtualservice.enabled }} +apiVersion: networking.istio.io/v1alpha3 +kind: VirtualService +metadata: + name: {{ include "common.names.fullname" . }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + hosts: + - {{ default .Values.hostname .Values.istio.virtualservice.host | quote }} + gateways: + - {{ default (include "common.names.fullname" .) .Values.istio.virtualservice.gateway }} + http: + - headers: + request: + set: + x-forwarded-host: {{ default .Values.hostname .Values.istio.virtualservice.host | quote }} + x-forwarded-proto: https + match: + - uri: + prefix: {{ include "common.tplvalues.render" (dict "value" .Values.istio.virtualservice.prefix "context" $) }} + {{- if .Values.istio.virtualservice.rewriteUri }} + rewrite: + uri: {{ include "common.tplvalues.render" (dict "value" .Values.istio.virtualservice.rewriteUri "context" $) }} + {{- end }} + route: + - destination: + host: {{ include "common.tplvalues.render" (dict "value" .Values.istio.virtualservice.destination "context" $) }} + port: + number: {{ include "common.tplvalues.render" (dict "value" .Values.istio.virtualservice.destinationPort "context" $) }} +{{- end }} +{{- end }} diff --git a/charts/websub/values.yaml b/charts/websub/values.yaml new file mode 100644 index 0000000..2879d98 --- /dev/null +++ b/charts/websub/values.yaml @@ -0,0 +1,708 @@ +## Global Docker image parameters +## Please, note that this will override the image parameters, including dependencies, configured to use the global value +## Current available global Docker image parameters: imageRegistry and imagePullSecrets +## +# global: +# imageRegistry: myRegistryName +# imagePullSecrets: +# - myRegistryKeySecretName +# storageClass: myStorageClass +global: + keycloakBaseUrl: 'https://keycloak.your.org' + +hostname: websub.openg2p.sandbox.net + +## Add labels to all the deployed resources +## +commonLabels: {} + +## Add annotations to all the deployed resources +## +commonAnnotations: {} + +## Extra objects to deploy (value evaluated as a template) +## +extraDeploy: [] + +## Number of nodes +## +replicaCount: 1 + +service: + type: ClusterIP + port: 80 + ## loadBalancerIP for the SuiteCRM Service (optional, cloud specific) + ## ref: http://kubernetes.io/docs/user-guide/services/#type-loadbalancer + ## + ## loadBalancerIP: + ## + ## nodePorts: + ## http: + ## https: + ## + + nodePorts: + http: "" + https: "" + ## Enable client source IP preservation + ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip + ## + externalTrafficPolicy: Cluster + +image: + registry: docker.io + repository: openg2p/websub-service + tag: develop + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: Always + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## + # pullSecrets: + # - myRegistryKeySecretName + +## Port on which this particular spring service module is running. +containerPort: 9191 + +## Configure extra options for liveness and readiness probes +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes +## +startupProbe: + enabled: true + httpGet: + path: /hub/actuator/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 30 + successThreshold: 1 + +livenessProbe: + enabled: true + httpGet: + path: /hub/actuator/health + port: http + initialDelaySeconds: 20 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + +readinessProbe: + enabled: true + httpGet: + path: /hub/actuator/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + +## Command and args for running the container (set to default if not set). Use array form +## +command: [] +args: [] + +## Deployment pod host aliases +## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ +## +hostAliases: [] + +## ref: http://kubernetes.io/docs/user-guide/compute-resources/ +## +## We usually recommend not to specify default resources and to leave this as a conscious +## choice for the user. This also increases chances charts run on environments with little +## resources, such as Minikube. If you do want to specify resources, uncomment the following +## lines, adjust them as necessary. +# resources: +# limits: +# cpu: 500m +# memory: 2250Mi +# requests: +# cpu: 100m +# memory: 1500Mi +resources: {} + +## Specify any JAVA_OPTS string here. These typically will be specified in conjunction with above resources. Example: +# javaOpts: "-Xms500M -Xmx500M" +javaOpts: "" + +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container +## Clamav container already runs as 'mosip' user, so we may not need to enable this +containerSecurityContext: + enabled: false + runAsUser: 1001 + runAsNonRoot: true + +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod +## +podSecurityContext: + enabled: false + fsGroup: 1001 + +## Pod affinity preset +## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity +## Allowed values: soft, hard +## +podAffinityPreset: "" + +## Pod anti-affinity preset +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity +## Allowed values: soft, hard +## +podAntiAffinityPreset: soft + +## Node affinity preset +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity +## Allowed values: soft, hard +## +nodeAffinityPreset: + ## Node affinity type + ## Allowed values: soft, hard + ## + type: "" + ## Node label key to match + ## E.g. + ## key: "kubernetes.io/e2e-az-name" + ## + key: "" + ## Node label values to match + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] + +## Affinity for pod assignment. Evaluated as a template. +## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +## +affinity: {} + +## Node labels for pod assignment. Evaluated as a template. +## ref: https://kubernetes.io/docs/user-guide/node-selection/ +## +nodeSelector: {} + +## Tolerations for pod assignment. Evaluated as a template. +## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +## +tolerations: [] + +## Pod extra labels +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +## +podLabels: {} + +## Annotations for server pods. +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +## +podAnnotations: {} + +## pods' priority. +## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ +## +# priorityClassName: "" + +## lifecycleHooks for the container to automate configuration before or after startup. +## +lifecycleHooks: {} + +## Custom Liveness probes for +## +customLivenessProbe: {} + +## Custom Rediness probes +## +customReadinessProbe: {} + +## Update strategy - only really applicable for deployments with RWO PVs attached +## If replicas = 1, an update can get "stuck", as the previous pod remains attached to the +## PV, and the "incoming" pod can never start. Changing the strategy to "Recreate" will +## terminate the single previous pod, so that the new, incoming pod can attach to the PV +## +updateStrategy: + type: RollingUpdate + +## Add init containers to the pods. +## Example: +## initContainers: +## - name: your-image-name +## image: your-image +## imagePullPolicy: Always +## ports: +## - name: portname +## containerPort: 1234 +## +initContainers: [] + +## Add sidecars to the pods. +## Example: +## sidecars: +## - name: your-image-name +## image: your-image +## imagePullPolicy: Always +## ports: +## - name: portname +## containerPort: 1234 +## +sidecars: [] + +## Specifies whether a ServiceAccount should be created +## +serviceAccount: + create: true + ## The name of the ServiceAccount to use. + ## If not set and create is true, a name is generated using the fullname template + ## + name: + +## Prometheus Metrics +## +metrics: + enabled: false + ## Prometheus pod annotations + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + ## + podAnnotations: + prometheus.io/scrape: "true" + + endpointPath: /v1/websub/actuator/prometheus + + ## Prometheus Service Monitor + ## ref: https://github.com/coreos/prometheus-operator + ## + serviceMonitor: + ## If the operator is installed in your cluster, set to true to create a Service Monitor Entry + ## + enabled: true + ## Specify the namespace in which the serviceMonitor resource will be created + ## + # namespace: "" + ## Specify the interval at which metrics should be scraped + ## + interval: 10s + ## Specify the timeout after which the scrape is ended + ## + # scrapeTimeout: 30s + ## Specify Metric Relabellings to add to the scrape endpoint + ## + # relabellings: + ## Specify honorLabels parameter to add the scrape endpoint + ## + honorLabels: false + ## Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec + ## + additionalLabels: {} + + ## Custom PrometheusRule to be defined + ## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart + ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions + ## + prometheusRule: + enabled: false + additionalLabels: {} + namespace: '' + ## List of rules, used as template by Helm. + ## These are just examples rules inspired from https://awesome-prometheus-alerts.grep.to/rules.html + # rules: + # - alert: RabbitmqDown + # expr: rabbitmq_up{service="{{ template "rabbitmq.fullname" . }}"} == 0 + # for: 5m + # labels: + # severity: error + rules: [] + +## Extra volumes to add to the deployment +## +extraVolumes: [] + +## Extra volume mounts to add to the container +## +extraVolumeMounts: [] + +istio: + enabled: true + virtualservice: + enabled: true + host: "" + gateway: "internal" + destination: '{{ include "common.names.fullname" . }}' + destinationPort: '{{ .Values.service.port }}' + prefix: /hub + rewriteUri: "" + gateway: + enabled: false + host: "" + ingressController: + istio: ingressgateway + httpTlsRedirect: false + httpEnabled: true + httpsEnabled: false + tls: + mode: SIMPLE + credentialName: "" + +kafka: + enabled: true + nameOverride: websub-kafka + heapOpts: "" + extraConfig: |- + default.replication.factor=1 + offsets.topic.replication.factor=1 + transaction.state.log.replication.factor=1 + auto.create.topics.enable=true + delete.topic.enable=true + num.partitions=3 + controller: + heapOpts: "" + replicaCount: 1 + resourcesPreset: "none" + broker: + heapOpts: "" + persistence: + enabled: false + listeners: + client: + protocol: PLAINTEXT + controller: + protocol: PLAINTEXT + interbroker: + protocol: PLAINTEXT + external: + protocol: PLAINTEXT + service: + ports: + client: 9092 + +consolidator: + enabled: true + replicaCount: 1 + service: + type: ClusterIP + port: 80 + nodePorts: + http: "" + https: "" + externalTrafficPolicy: Cluster + image: + registry: docker.io + repository: openg2p/consolidator-websub-service + tag: develop + pullPolicy: Always + pullSecrets: [] + # - myRegistryKeySecretName + containerPort: 9192 + startupProbe: + enabled: true + httpGet: + path: /consolidator/actuator/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 30 + successThreshold: 1 + livenessProbe: + enabled: true + httpGet: + path: /consolidator/actuator/health + port: http + initialDelaySeconds: 20 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + readinessProbe: + enabled: true + httpGet: + path: /consolidator/actuator/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + command: [] + args: [] + hostAliases: [] + resources: {} + javaOpts: "" + containerSecurityContext: + enabled: false + runAsUser: 1001 + runAsNonRoot: true + podSecurityContext: + enabled: false + fsGroup: 1001 + podAffinityPreset: "" + podAntiAffinityPreset: soft + nodeAffinityPreset: + type: "" + key: "" + values: [] + affinity: {} + nodeSelector: {} + tolerations: [] + podLabels: + app.kubernetes.io/name: '{{ include "common.names.name" . }}-consolidator' + podAnnotations: {} + # priorityClassName: "" + lifecycleHooks: {} + updateStrategy: + type: RollingUpdate + initContainers: [] + sidecars: [] + extraVolumes: [] + extraVolumeMounts: [] + istio: + enabled: true + virtualservice: + enabled: true + host: "" + gateway: "internal" + destination: '{{ include "common.names.fullname" . }}-consolidator' + destinationPort: '{{ .Values.consolidator.service.port }}' + prefix: /consolidator + rewriteUri: "" + gateway: + enabled: false + host: "" + ingressController: + istio: ingressgateway + httpTlsRedirect: false + httpEnabled: true + httpsEnabled: false + tls: + mode: SIMPLE + credentialName: "" + envVars: + JDK_JAVA_OPTIONS: '{{ tpl .Values.consolidator.javaOpts $ }}' + CONSOLIDATOR_PORT: '{{ .Values.consolidator.containerPort }}' + KAFKA_BOOTSTRAP_HOSTNAME: '{{ tpl .Values.kafkaInstallationName $ }}' + KAFKA_PORT: '9092' + KAFKA_BOOTSTRAP_SERVER: '{{ tpl .Values.envVars.KAFKA_BOOTSTRAP_HOSTNAME $ }}:{{ tpl .Values.envVars.KAFKA_PORT $ }}' + + envVarsFrom: {} + + configTomlMountPath: /etc/config.template.toml + + configToml: |- + [consolidatorService.config] + # IP and Port of the Kafka bootstrap node + KAFKA_BOOTSTRAP_NODE = "${KAFKA_BOOTSTRAP_SERVER}" + + # Kafka topic which will get notified for websub topic registration/deregistration + # All the hubs must be pointed to the same Kafka topic to notify websub topic registration/deregistration + REGISTERED_WEBSUB_TOPICS_TOPIC = "registered-websub-topics" + + # Kafka topic which stores consolidated websub topics for the hub + CONSOLIDATED_WEBSUB_TOPICS_TOPIC = "consolidated-websub-topics" + + # Kafka topic which will get notified for websub subscription/unsubscription + # All the hubs must be pointed to the same Kafka topic to notify websub subscription/unsubscription + WEBSUB_SUBSCRIBERS_TOPIC = "registered-websub-subscribers" + + # Kafka topic which is stores consolidated websub subscribers for this server + CONSOLIDATED_WEBSUB_SUBSCRIBERS_TOPIC = "consolidated-websub-subscribers" + + # The interval in which Kafka consumers wait for new messages + POLLING_INTERVAL = 10.0 + + # The period in which Kafka close method waits to complete + GRACEFUL_CLOSE_PERIOD = 5.0 + + # The disk space threshold for healthcheck + DISK_SPACE_THRESHOLD = 10485760 + + # The port that is used to start the consolidator + CONSOLIDATOR_PORT = ${CONSOLIDATOR_PORT} + + # consolidator health endpoint + CONSOLIDATOR_HEALTH_ENDPOINT = "/consolidator/actuator/health" + + [ballerina.http.accessLogConfig] + # Enable printing access logs in console + console = true # Default is false + + [ballerina.http.traceLogAdvancedConfig] + # Enable printing trace logs in console + console = false # Default is false + + startUpCommand: |- + #!/usr/bin/env bash + echo "==> Copying Configs" + envsubst < {{ tpl .Values.consolidator.configTomlMountPath $ }} > Config.toml + echo "==> Waiting for kafka" + RETRY_COUNT=0 + while :; do + if nc -z ${KAFKA_BOOTSTRAP_HOSTNAME} ${KAFKA_PORT} ; then + break + elif [ $RETRY_COUNT -ne 200 ]; then + ((RETRY_COUNT++)) + sleep 1s + else + echo "Could not connect to Kafka even after retries..." + exit 1 + fi + done + java -jar ./consolidator.jar + +# If a hub secret already exists give the secret name here. Else will be generated. +existingSecret: "" + +# Give Hub Encryption Key here. If empty it will be autogenerated. +encryptionKey: "" + +envVars: + JDK_JAVA_OPTIONS: '{{ tpl .Values.javaOpts $ }}' + HUB_PORT: '{{ .Values.containerPort }}' + KAFKA_BOOTSTRAP_HOSTNAME: '{{ tpl .Values.kafkaInstallationName $ }}' + KAFKA_PORT: '9092' + KAFKA_BOOTSTRAP_SERVER: '{{ tpl .Values.envVars.KAFKA_BOOTSTRAP_HOSTNAME $ }}:{{ tpl .Values.envVars.KAFKA_PORT $ }}' + CONSOLIDATOR_URL: 'http://{{ include "common.names.fullname" . }}-consolidator' + CONSOLIDATOR_HEALTH_ENDPOINT: '/consolidator/actuator/health' + SECURITY_JWT_ISSUER: '{{ tpl .Values.global.keycloakBaseUrl $ }}/realms/master' + SECURITY_JWT_ISSUER_JWKS_URL: '{{ tpl .Values.envVars.SECURITY_JWT_ISSUER $ }}/protocol/openid-connect/certs' + +envVarsFrom: + hub_secret_encryption_key: + secretKeyRef: + name: '{{ (not .Values.existingSecret) | ternary (include "common.names.fullname" .) .Values.existingSecret }}' + key: encryption-key + +configTomlMountPath: /etc/config.template.toml + +configToml: |- + [kafkaHub.config] + # Flag to check whether to enable/disable security + SECURITY_ON = true + + # Security: JWT Issuer URL + SECURITY_JWT_ISSUER = "${SECURITY_JWT_ISSUER}"; + + # Security: JWKS Url for the configured issuer + SECURITY_JWT_ISSUER_JWKS_URL = "${SECURITY_JWT_ISSUER_JWKS_URL}"; + + # Server ID is is used to uniquely identify each server + # Each server must have a unique ID + SERVER_ID = "server-1" + + # IP and Port of the Kafka bootstrap node + KAFKA_BOOTSTRAP_NODE = "${KAFKA_BOOTSTRAP_SERVER}" + + # Kafka topic which will get notified for websub topic registration/deregistration + # All the hubs must be pointed to the same Kafka topic to notify websub topic registration/deregistration + REGISTERED_WEBSUB_TOPICS_TOPIC = "registered-websub-topics" + + # Kafka topic which stores consolidated websub topics for the hub + CONSOLIDATED_WEBSUB_TOPICS_TOPIC = "consolidated-websub-topics" + + # Kafka topic which will get notified for websub subscription/unsubscription + # All the hubs must be pointed to the same Kafka topic to notify websub subscription/unsubscription + WEBSUB_SUBSCRIBERS_TOPIC = "registered-websub-subscribers" + + # Kafka topic which is stores consolidated websub subscribers for this server + CONSOLIDATED_WEBSUB_SUBSCRIBERS_TOPIC = "consolidated-websub-subscribers" + + # The interval in which Kafka consumers wait for new messages + POLLING_INTERVAL = 10.0 + + # The period in which Kafka close method waits to complete + GRACEFUL_CLOSE_PERIOD = 5.0 + + # The port that is used to start the hub + HUB_PORT = ${HUB_PORT} + + # The period between retry requests + MESSAGE_DELIVERY_RETRY_INTERVAL = 3.0 + + # The maximum retry count + MESSAGE_DELIVERY_COUNT = 3 + + # The message delivery timeout + MESSAGE_DELIVERY_TIMEOUT = 30.0 + + # The token validation URL of IDP + DISK_SPACE_THRESHOLD = 10485760 + + # The token validation URL of IDP + PARTNER_USER_ID_PREFIX = "service-account-" + + # The period between retry requests + INTENT_VERIFICATION_RETRY_INTERVAL = 3.0 + + # The maximum retry count + INTENT_VERIFICATION_COUNT = 3 + + # The period between retry requests + INTENT_VERIFICATION_BACKOFF_FACTOR = 2.0 + + # The maximum retry count + INTENT_VERIFICATION_MAX_INTERVAL = 20.0 + + # The maximum retry count + KAFKA_CONSUMER_MAX_POLL_RECORDS = 3 + + # The maximum retry count + KAFKA_CONSUMER_FETCH_MAX_BYTES = 3145728 + + # The maximum retry count + KAFKA_CONSUMER_MAX_PARTITION_FETCH_BYTES = 524288 + + # Kafka topic which is stores consolidated websub subscribers for this server + META_TOPICS = "registered-websub-topics,consolidated-websub-topics,registered-websub-subscribers,consolidated-websub-subscribers" + + # consolidator base url + CONSOLIDATOR_BASE_URL = "${CONSOLIDATOR_URL}" + + # consolidator health endpoint + CONSOLIDATOR_HEALTH_ENDPOINT = "/consolidator/actuator/health" + + #Encryption key that will be used to encrypt / decrypt the hub secret + HUB_SECRET_ENCRYPTION_KEY = "${hub_secret_encryption_key}" + + # Below config will allow base64-encoded-bytes / alpha-numeric. + # Recommended to use base64-encoded-bytes since alpha-numeric is considered less secure. This is just given to ensure the backward compatiblity + HUB_SECRET_ENCRYPTION_KEY_FORMAT = "alpha-numeric" + + [ballerina.http.accessLogConfig] + # Enable printing access logs in console + console = true # Default is false + + [ballerina.http.traceLogAdvancedConfig] + # Enable printing trace logs in console + console = false # Default is false + +startUpCommand: |- + #!/usr/bin/env bash + echo "==> Copying Configs" + envsubst < {{ tpl .Values.consolidator.configTomlMountPath $ }} > Config.toml + echo "==> Waiting for kafka" + RETRY_COUNT=0 + while :; do + if nc -z ${KAFKA_BOOTSTRAP_HOSTNAME} ${KAFKA_PORT} ; then + break + elif [ $RETRY_COUNT -ne 200 ]; then + ((RETRY_COUNT++)) + sleep 1s + else + echo "Could not connect to Kafka even after retries..." + exit 1 + fi + done + echo "==> Waiting for consolidator" + if ! curl -I -s -o /dev/null -m 10 --retry 100 --retry-delay 10 --retry-all-errors "${CONSOLIDATOR_URL}${CONSOLIDATOR_HEALTH_ENDPOINT}"; then + echo "Failed connecting with consolidator after max retries..." + exit 1 + fi + java -jar ./hub.jar + +kafkaInstallationName: '{{ include "common.names.fullname" .Subcharts.kafka }}' diff --git a/consolidator.Dockerfile b/consolidator.Dockerfile index aee32b1..1259b79 100644 --- a/consolidator.Dockerfile +++ b/consolidator.Dockerfile @@ -44,6 +44,5 @@ ENV consolidator_config_file_url_env=${consolidator_config_url} USER ${container_user} EXPOSE 9192 -#TODO Link to be parameterized instead of hardcoding CMD wget -q --show-progress "${consolidator_config_file_url_env}" -O Config.toml; \ java -jar -Xms256m -Xmx2048m ./consolidator.jar diff --git a/consolidator/Ballerina.toml b/consolidator/Ballerina.toml index 52cdbeb..e537617 100644 --- a/consolidator/Ballerina.toml +++ b/consolidator/Ballerina.toml @@ -1,7 +1,7 @@ [package] org = "mosip" name = "consolidatorService" -version = "1.2.1-SNAPSHOT" +version = "0.0.0-SNAPSHOT" [build-options] observabilityIncluded = true @@ -10,5 +10,5 @@ observabilityIncluded = true modules = ["inittopic"] groupId = "io.mosip" artifactId = "kafka-admin-client" -version = "1.2.1-SNAPSHOT" -path = "../kafka-admin-client/target/kafka-admin-client-1.2.1-SNAPSHOT.jar" +version = "0.0.0-SNAPSHOT" +path = "../kafka-admin-client/target/kafka-admin-client-0.0.0-SNAPSHOT.jar" diff --git a/hub.Dockerfile b/hub.Dockerfile index af5f8f5..61794c2 100644 --- a/hub.Dockerfile +++ b/hub.Dockerfile @@ -44,6 +44,5 @@ ENV hub_config_file_url_env=${hub_config_url} USER ${container_user} EXPOSE 9191 -#TODO Link to be parameterized instead of hardcoding CMD wget -q --show-progress "${hub_config_file_url_env}" -O Config.toml; \ java -jar -Xms256m -Xmx2048m ./hub.jar diff --git a/hub/Ballerina.toml b/hub/Ballerina.toml index 4726a25..7dc7e19 100644 --- a/hub/Ballerina.toml +++ b/hub/Ballerina.toml @@ -1,7 +1,7 @@ [package] org = "mosip" name = "kafkaHub" -version = "1.2.1-SNAPSHOT" +version = "0.0.0-SNAPSHOT" [build-options] observabilityIncluded = true @@ -10,5 +10,5 @@ observabilityIncluded = true modules = ["inittopic"] groupId = "io.mosip" artifactId = "kafka-admin-client" -version = "1.2.1-SNAPSHOT" -path = "../kafka-admin-client/target/kafka-admin-client-1.2.1-SNAPSHOT.jar" +version = "0.0.0-SNAPSHOT" +path = "../kafka-admin-client/target/kafka-admin-client-0.0.0-SNAPSHOT.jar" diff --git a/kafka-admin-client/pom.xml b/kafka-admin-client/pom.xml index cf2f74e..6e44bb6 100644 --- a/kafka-admin-client/pom.xml +++ b/kafka-admin-client/pom.xml @@ -4,7 +4,7 @@ io.mosip kafka-admin-client - 1.2.1-SNAPSHOT + 0.0.0-SNAPSHOT jar kafka-admin-client