feat(helm): Base helm chart incident-commander

flanksource · Mar 6, 2022 · 7a9697c · 7a9697c
1 parent 0fae1fa
commit 7a9697c
Show file tree

Hide file tree

Showing 9 changed files with 353 additions and 0 deletions.
diff --git a/chart/.helmignore b/chart/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/chart/Chart.yaml b/chart/Chart.yaml
@@ -0,0 +1,17 @@
+apiVersion: v2
+name: incident-commander
+description: A Helm chart for incident-commander
+type: application
+version: 0.1.0
+appVersion: "0.0.10"
+
+dependencies:
+  - name: apm-hub
+    version: "~0.0.17"
+    repository: https://github.com/flanksource/charts/index.yaml
+  - name: config-db
+    version: "~0.0.5"
+    repository: https://github.com/flanksource/charts/index.yaml
+  - name: canary-checker
+    version: "~0.0.5"
+    repository: https://github.com/flanksource/charts/index.yaml
diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl
@@ -0,0 +1,34 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "incident-commander.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "incident-commander.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "incident-commander.labels" -}}
+helm.sh/chart: {{ include "incident-commander.chart" . }}
+{{ include "incident-commander.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "incident-commander.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "incident-commander.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+control-plane: incident-commander
+{{- end }}
diff --git a/chart/templates/create-db.yaml b/chart/templates/create-db.yaml
@@ -0,0 +1,35 @@
+{{- if empty .Values.db.secretKeyRef.name }}
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: create-postgres-db
+  labels:
+    {{- include "incident-commander.labels" . | nindent 4 }}
+  annotations: 
+    helm.sh/hook: post-install
+    helm.sh/hook-delete-policy: hook-succeeded
+spec:
+  template:
+    spec:
+      containers:
+        - name: create-postgres-db
+          image: usql/postgres
+          env:
+            - name: POSTGRES_USER
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.db.secretKeyRef.name | default "postgres-connection" }}
+                  key: POSTGRES_USER
+            - name: POSTGRES_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.db.secretKeyRef.name | default "postgres-connection" }}
+                  key: POSTGRES_PASSWORD
+          command: ["bash"]
+          {{ $setpgpass := (print "echo postgres." .Release.Namespace ".svc.cluster.local:5432/postgres:$POSTGRES_USER:$POSTGRES_PASSWORD > ~/.pgpass" }}
+          {{ $createIncidentCommanderDb := (print "psql -h postgres." .Release.Namespace ".svc.cluster.local:5432/postgres -u $POSTGRES_USER -c 'create database incident_commander'") }}
+          {{ $createConfig_dbDb := (print "psql -h postgres." .Release.Namespace ".svc.cluster.local:5432/postgres -u $POSTGRES_USER -c 'create database config_db'") }}
+          {{ $canaryCheckerDb := (print "psql -h postgres." .Release.Namespace ".svc.cluster.local:5432/postgres -u $POSTGRES_USER -c 'create database canary_checker'") }}
+          args: ["-c", "{{ $setpgpass }}", "chmod 0600 ~/.pgpass" , "{{ $createIncidentCommanderDb }}", "{{ $createConfig_dbDb }}", "{{ $canaryCheckerDb }}" ]
+      restartPolicy: Never
+{{- end }}
diff --git a/chart/templates/deployment.yaml b/chart/templates/deployment.yaml
@@ -0,0 +1,39 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "incident-commander.name" . }}
+  labels:
+    {{- include "incident-commander.labels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.replicas }}
+  selector:
+    matchLabels:
+      {{- include "incident-commander.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        {{- include "incident-commander.selectorLabels" . | nindent 8 }}
+    spec:
+      containers:
+        - name: {{ .Chart.Name }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          env:
+            - name: DB_URL
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.db.secretKeyRef.name | default "postgres-connection" }}
+                  key: {{ .Values.db.secretKeyRef.key | default 'DB_URL' }}
+          command:
+            - /app/incident-commander
+          args:
+            - serve
+            - -vvv
+            - --apm-hub=http://apm-hub:8080
+            - --canary-checker=http://canary-checker:8080
+            - --config-db=http://config-db:8080
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+      {{- with .Values.extra }}
+      {{- toYaml . | nindent 6 }}
+      {{- end }}
diff --git a/chart/templates/ingress.yaml b/chart/templates/ingress.yaml
@@ -0,0 +1,35 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "incident-commander.name" . -}}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  labels:
+    {{- include "incident-commander.labels" . | nindent 4 }}
+  {{- with .Values.ingress.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if .Values.ingress.tls }}
+  tls:
+    {{- range .Values.ingress.tls }}
+    - hosts:
+        {{- range .hosts }}
+        - {{ . | quote }}
+        {{- end }}
+      secretName: {{ .secretName }}
+    {{- end }}
+  {{- end }}
+  rules:
+    - host: {{ .Values.ingress.host | quote }}
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: {{ $fullName }}
+                port:
+                  number: 8080
+{{- end }}
diff --git a/chart/templates/postgres.yaml b/chart/templates/postgres.yaml
@@ -0,0 +1,81 @@
+{{- if eq .Values.db.enabled true }}
+
+---
+# PostgreSQL StatefulSet
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: postgresql
+spec:
+  serviceName: postgresql
+  selector:
+    matchLabels:
+      app: postgresql
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: postgresql
+    spec:
+      containers:
+      - name: postgresql
+        image: postgres:14
+        volumeMounts:
+          - name: postgresql
+            mountPath: /data
+        envFrom:
+          - secretRef:
+              name: {{ .Values.db.secretKeyRef.name }}
+    volumeClaimTemplates:
+    - metadata:
+        name: postgresql
+      spec:
+        accessModes: ["ReadWriteOnce"]
+        storageClassName: {{ .Values.db.storageClass }}
+        resources:
+          requests:
+            storage: {{ .Values.db.storage }}
+
+---
+
+# PostgreSQL StatefulSet Service
+apiVersion: v1
+kind: Service
+  metadata:
+    name: postgres
+spec:
+  selector:
+    app: postgresql
+  ports:
+  - port: 5432
+    targetPort: 5432
+
+---
+
+{{- if empty .Values.db.secretKeyRef.name }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: postgres-connection
+  annotations:
+    "helm.sh/resource-policy": "keep"
+type: Opaque
+data:
+  {{- $secretObj := (lookup "v1" "Secret" .Release.Namespace "postgres-connection") | default dict }}
+  {{ $releaseNamespace := .Release.Namespace }}
+  {{- $secretData := (get $secretObj "data") | default dict }}
+  {{- $user := (get $secretData "POSTGRES_USER") | default ("postgres" | b64enc) }}
+  POSTGRES_USER: {{ $user | quote }}
+  {{- $password := (get $secretData "POSTGRES_PASSWORD") | default (randAlphaNum 32 | b64enc) }}
+  POSTGRES_PASSWORD: {{ $password | quote }}
+  {{- $configDbUrl := ( get $secretData .Values.db.secretKeyRef.configDbKey ) | default ( ( print "postgresql://" $user ":" $password "@postgres." $releaseNamespace ".svc.cluster.local:5432/config_db" ) | b64enc ) }}
+  {{ .Values.db.secretKeyRef.configDbKey }}: {{ $configDbUrl | quote }}
+  {{- $canaryCheckerDbUrl := (get $secretData .Values.db.secretKeyRef.canaryCheckerKey) | default ( ( print "postgresql://" $user ":" $password "@postgres." $releaseNamespace ".svc.cluster.local:5432/canary_checker" ) | b64enc ) }}
+  {{ .Values.db.secretKeyRef.canaryCheckerKey | default 'DB_URL'}}: {{ $canaryCheckerDbUrl | quote }}
+  {{- $incidentCommanderDbUrl := (get $secretData .Values.db.secretKeyRef.incidentCommanderKey) | default ( ( print "postgresql://" $user ":" $password "@postgres." $releaseNamespace ".svc.cluster.local:5432/incident_commander" ) | b64enc ) }}
+  {{ .Values.db.secretKeyRef.incidentCommanderKey | default 'DB_URL'}}: {{ $incidentCommanderDbUrl | quote }}
+{{- end }}
+
+---
+
+{{- end }}
diff --git a/chart/templates/service.yaml b/chart/templates/service.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "incident-commander.name" . }}
+  labels:
+    {{- include "incident-commander.labels" . | nindent 4 }}
+spec:
+  ports:
+    - port: 8080
+      targetPort: 8080
+      protocol: TCP
+  selector:
+    {{- include "incident-commander.selectorLabels" . | nindent 4 }}
diff --git a/chart/values.yaml b/chart/values.yaml
@@ -0,0 +1,76 @@
+# Default values for incident-commander.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicas: 1
+
+# Use this only if you want to replace the default that is .Chart.Name as the name of all the objects.
+nameOverride: ""
+
+image:
+  repository: docker.io/flanksource/incident-commander
+  pullPolicy: IfNotPresent
+  # Overrides the image tag whose default is the chart appVersion.
+  tag: "latest"
+
+db:
+  enabled: false
+  secretKeyRef:
+    name: &secretKeyRef postgres-connection
+    configDbKey: &configDbKey CONFIG_DB_URL
+    canaryCheckerDbKey: &canaryCheckerKey CANARY_CHECKER_DB_URL
+    incidentCommanderKey: 
+  storageClass: 
+  storage: 
+
+ingress:
+  enabled: false
+  annotations: 
+    kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  host: chart-example.local
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local
+
+resources: 
+  requests:
+    cpu: 200m
+    memory: 200Mi
+  limits:
+    memory: 512Mi
+    cpu: 500m
+
+extra:
+  # nodeSelector:
+  #   key: value
+  # tolerations:
+  #   - key: "key1"
+  #     operator: "Equal"
+  #     value: "value1"
+  #     effect: "NoSchedule"
+  # affinity: 
+  #   nodeAffinity:
+  #       requiredDuringSchedulingIgnoredDuringExecution:
+  #         nodeSelectorTerms:
+  #         - matchExpressions:
+  #           - key: kubernetes.io/e2e-az-name
+  #             operator: In
+  #             values:
+  #             - e2e-az1
+  #             - e2e-az2
+
+canary-checker:
+  db:
+    enabled: false
+    secretKeyRef:
+      name: *secretKeyRef
+      key: *canaryCheckerKey
+
+config-db:
+  db:
+  enabled: false
+  secretKeyRef:
+    name: *secretKeyRef
+    key: *configDbKey