diff --git a/.helmignore b/.helmignore new file mode 100644 index 00000000..4ebe4d70 --- /dev/null +++ b/.helmignore @@ -0,0 +1 @@ +tmpcharts* diff --git a/charts/agh3/Chart.lock b/charts/agh3/Chart.lock index b5432552..296ef470 100644 --- a/charts/agh3/Chart.lock +++ b/charts/agh3/Chart.lock @@ -8,11 +8,14 @@ dependencies: - name: rabbitmq repository: https://charts.bitnami.com/bitnami version: 13.0.0 +- name: redis + repository: https://charts.bitnami.com/bitnami + version: 20.1.0 - name: common repository: https://charts.bitnami.com/bitnami version: 2.19.1 - name: postfix repository: https://charts.lkc-lab.com version: 0.1.1 -digest: sha256:3b310df8d762e892d379638b90599237b16e36db6c0a48a60bd9fd5102b501cc -generated: "2024-05-27T19:28:29.196989+08:00" +digest: sha256:fb6ba056468f47e486b96134dccb3de190f3525da983e7413f352b5bd6051982 +generated: "2024-09-11T12:52:01.457922+08:00" diff --git a/charts/agh3/Chart.yaml b/charts/agh3/Chart.yaml index bcb54f98..e194fac1 100644 --- a/charts/agh3/Chart.yaml +++ b/charts/agh3/Chart.yaml @@ -32,6 +32,10 @@ dependencies: version: 13.0.0 repository: https://charts.bitnami.com/bitnami condition: rabbitmq.internal.enabled + - name: redis + version: 20.1.0 + repository: https://charts.bitnami.com/bitnami + condition: redis.enabled - name: common version: 2.19.1 repository: https://charts.bitnami.com/bitnami diff --git a/charts/agh3/README.md b/charts/agh3/README.md index 899f41e5..4d103f89 100644 --- a/charts/agh3/README.md +++ b/charts/agh3/README.md @@ -13,12 +13,29 @@ helm install agh2 lkclab/agh2 ### Global parameters -| Name | Description | Value | -| ---------------------------------- | -------------------------------------------------------------------------------------------------------------------- | ---------------------- | -| `global.imageRegistry` | Global Docker Image registry | `registry.lkc-lab.com` | -| `global.imagePullSecrets` | Global Docker registry secret names as an array | `["lkc-registry"]` | -| `global.storageClass` | Global storage class for dynamic provisioning | `""` | -| `global.volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `true` | + +### Image Registry parameters + +| Name | Description | Value | +| ------------------------- | ----------------------------------------------- | ---------------------- | +| `global.imageRegistry` | Global Docker Image registry | `registry.lkc-lab.com` | +| `global.imagePullSecrets` | Global Docker registry secret names as an array | `["lkc-registry"]` | + +### Proxy parameters + +| Name | Description | Value | +| ------------------------- | --------------------------------------------------------------------- | ------- | +| `global.proxy.enabled` | Enable the use of a proxy | `false` | +| `global.proxy.httpProxy` | HTTP Proxy server (ex: http://user:password@proxy.example.com:1080) | `""` | +| `global.proxy.httpsProxy` | HTTPS Proxy server (ex: https://user:password@proxy.example.com:4380) | `""` | +| `global.proxy.noProxy` | No Proxy targets (ex: 127.0.0.0/8,10.0.0.0/8) | `""` | + +### Common parameters + +| Name | Description | Value | +| ---------------------------------- | -------------------------------------------------------------------------------------------------------------------- | ------ | +| `global.storageClass` | Global storage class for dynamic provisioning | `""` | +| `global.volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `true` | ### Common parameters @@ -153,6 +170,22 @@ Leave as default if using external DB | `minio.provisioning.enabled` | Enable minio provisioning | `true` | | `minio.provisioning.generateUser` | Enable minio user generation | `true` | +### Redis parameters + +| Name | Description | Value | +| -------------------------------------- | ---------------------------------------------------------------- | ---------------------- | +| `redis.enabled` | Enable internal redis | `true` | +| `redis.image.repository` | Internal Redis image repository | `docker/bitnami/redis` | +| `redis.image.tag` | Internal Redis image tag (immutable tags are recommended) | `7.4.0` | +| `redis.image.pullPolicy` | Internal Redis image pull policy | `IfNotPresent` | +| `redis.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `redis.secret.secretName` | Name of the generated secret | `agh-redis-secret` | +| `redis.secret.password` | Redis password | `""` | +| `redis.helpers.test.image.repository` | Redis Connection Test image repository | `docker/library/redis` | +| `redis.helpers.test.image.tag` | Redis Connection Test image tag (immutable tags are recommended) | `7-alpine` | +| `redis.helpers.test.image.pullPolicy` | Redis Connection Test image pull policy | `IfNotPresent` | +| `redis.helpers.test.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | + ### RabbitMQ parameters | Name | Description | Value | @@ -211,7 +244,7 @@ ref: https://github.com/Leukocyte-Lab/AGH3-Captain | -------------------------------------- | -------------------------------------------------- | -------------------------------------- | | `captain.enabled` | Enable Captain module | `true` | | `captain.image.repository` | Captain image repository | `leukocyte-lab/argushack3/ctr-captain` | -| `captain.image.tag` | Captain image tag (immutable tags are recommended) | `v1.5.9` | +| `captain.image.tag` | Captain image tag (immutable tags are recommended) | `v1.7.6` | | `captain.image.pullPolicy` | Captain image pull policy | `IfNotPresent` | | `captain.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | | `captain.secret.enabled` | Enable secret generate for Captain | `true` | @@ -235,6 +268,9 @@ ref: https://github.com/Leukocyte-Lab/AGH3-Captain | `captain.secret.oidc.clientID` | OIDC user | `""` | | `captain.secret.oidc.clientSecret` | OIDC password | `""` | | `captain.secret.oidc.realm` | OIDC realm | `""` | +| `captain.serviceAccount.create` | Create serviceAccount for Captain | `true` | +| `captain.serviceAccount.name` | Name of the serviceAccount for Captain | `captain-sa` | +| `captain.rbac.create` | Create RBAC for Captain | `true` | | `captain.extraEnv` | Captain additional environment variables | `{}` | ### AGH3-Controller parameters @@ -246,7 +282,7 @@ ref: https://github.com/Leukocyte-Lab/AGH3-Controller | ------------------------------------ | ----------------------------------------------------- | ----------------------------------------- | | `controller.enabled` | Enable Controller module | `true` | | `controller.image.repository` | Controller image repository | `leukocyte-lab/argushack3/ctr-controller` | -| `controller.image.tag` | Controller image tag (immutable tags are recommended) | `v0.7.1` | +| `controller.image.tag` | Controller image tag (immutable tags are recommended) | `v0.7.2` | | `controller.image.pullPolicy` | Controller image pull policy | `IfNotPresent` | | `controller.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | | `controller.secret.enabled` | Enable secret generate for Controller | `true` | @@ -254,6 +290,9 @@ ref: https://github.com/Leukocyte-Lab/AGH3-Controller | `controller.secret.minio.secretName` | Secret name for Minio | `executor-minio-secret` | | `controller.secret.minio.user` | Minio user | `executor-minio-user` | | `controller.secret.minio.password` | Minio password | `""` | +| `controller.serviceAccount.create` | Create serviceAccount for Controller | `true` | +| `controller.serviceAccount.name` | Name of the serviceAccount for Controller | `controller-sa` | +| `controller.rbac.create` | Create RBAC for Controller | `true` | | `controller.env` | Controller environment variables | | | `controller.env.REGISTRY_URL` | Controller registry URL | `registry.lkc-lab.com` | | `controller.extraEnv` | Controller additional environment variables | `{}` | @@ -267,7 +306,7 @@ ref: https://github.com/Leukocyte-Lab/AGH3-UI | ---------------------- | ------------------------------------------------ | --------------------------------- | | `ui.enabled` | Enable UI module | `true` | | `ui.image.repository` | UI image repository | `leukocyte-lab/argushack3/ctr-ui` | -| `ui.image.tag` | UI image tag (immutable tags are recommended) | `v1.3.9` | +| `ui.image.tag` | UI image tag (immutable tags are recommended) | `v1.6.11` | | `ui.image.pullPolicy` | UI image pull policy | `IfNotPresent` | | `ui.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | | `ui.extraEnv` | UI additional environment variables | `{}` | @@ -281,7 +320,7 @@ ref: https://github.com/Leukocyte-Lab/AGH3-Report | -------------------------- | ------------------------------------------------- | --------------------------------- | | `report.enabled` | Enable Report module | `true` | | `report.image.repository` | Report image repository | `leukocyte-lab/argushack3/report` | -| `report.image.tag` | Report image tag (immutable tags are recommended) | `v1.0.9` | +| `report.image.tag` | Report image tag (immutable tags are recommended) | `v1.1.4` | | `report.image.pullPolicy` | Report image pull policy | `IfNotPresent` | | `report.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | | `report.extraEnv` | UI additional environment variables | `{}` | diff --git a/charts/agh3/templates/_helpers.tpl b/charts/agh3/templates/_helpers.tpl index b74caf86..3dbdc51b 100644 --- a/charts/agh3/templates/_helpers.tpl +++ b/charts/agh3/templates/_helpers.tpl @@ -168,6 +168,13 @@ Return the proper db image name {{- include "common.images.image" (dict "imageRoot" (default .Values.db.image .Values.postgresql.image) "global" .Values.global) }} {{- end }} +{{/* +Return the proper redis-test image name +*/}} +{{- define "redis-test.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.redis.helpers.test.image "global" .Values.global) }} +{{- end -}} + {{/* Return the proper rabbitmq-test-client image name */}} diff --git a/charts/agh3/templates/base/redis-secret.yml b/charts/agh3/templates/base/redis-secret.yml new file mode 100644 index 00000000..89eef2e3 --- /dev/null +++ b/charts/agh3/templates/base/redis-secret.yml @@ -0,0 +1,24 @@ +{{- if .Values.redis.enabled }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Values.redis.secret.secretName }} + labels: + {{- include "AGH3.labels" . | nindent 4 }} +type: Opaque +stringData: + password: {{ + default + .Values.redis.secret.password + ( + include "specify-password" + ( + dict + "domain" (default .Values.ingress.host "app.argushack.com") + "token" .Values.keygen.apiToken + "prefix" .Values.redis.secret.secretName + ) + ) + | quote + }} +{{- end }} diff --git a/charts/agh3/templates/captain/captain-deployment.yml b/charts/agh3/templates/captain/captain-deployment.yml index 2b85a534..8d67a74c 100644 --- a/charts/agh3/templates/captain/captain-deployment.yml +++ b/charts/agh3/templates/captain/captain-deployment.yml @@ -16,6 +16,26 @@ spec: spec: {{- include "captain.imagePullSecrets" . | nindent 6 }} initContainers: + {{- if .Values.redis.enabled }} + - name: captain-init-redis + image: {{ include "redis-test.image" . }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.redis.secret.secretName }} + key: password + command: + [ + "sh", + "-c", + "until redis-cli -h redis-master.$(NAMESPACE).svc.cluster.local -a $REDIS_PASSWORD ping; do echo waiting for redis; sleep 1; done", + ] + {{- end }} - name: captain-init-rabbitmq image: {{ include "rabbitmq-test-client.image" . }} env: @@ -64,6 +84,15 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + {{- if .Values.redis.enabled }} + - name: REDIS_URL + value: "redis-master.$(NAMESPACE).svc.cluster.local:6379" + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.redis.secret.secretName }} + key: password + {{- end }} {{- if .Values.captain.secret.superadmin.enabled }} - name: SUPERADMIN_PASSWORD valueFrom: diff --git a/charts/agh3/values.yaml b/charts/agh3/values.yaml index 362a679f..c35e2c5a 100644 --- a/charts/agh3/values.yaml +++ b/charts/agh3/values.yaml @@ -338,6 +338,46 @@ minio: - "s3:GetObject" usersExistingSecrets: - agh-minio-users-secret +## @section Redis parameters +## +redis: + ## @param redis.enabled Enable internal redis + enabled: true + ## @skip redis.fullnameOverride + fullnameOverride: redis # remapping chart bitnami/redis -> redis + image: + ## @param redis.image.repository Internal Redis image repository + ## @param redis.image.tag Internal Redis image tag (immutable tags are recommended) + ## @param redis.image.pullPolicy Internal Redis image pull policy + ## @param redis.image.pullSecrets Specify docker-registry secret names as an array + repository: docker/bitnami/redis + tag: 7.4.0 + pullPolicy: IfNotPresent + pullSecrets: [] + secret: + ## @param redis.secret.secretName Name of the generated secret + ## @param redis.secret.password Redis password + secretName: agh-redis-secret + password: "" + auth: + ## @skip redis.auth.existingSecret + ## @skip redis.auth.existingSecretPasswordKey + ## @skip redis.auth.usePasswordFileFromSecret + existingSecret: "agh-redis-secret" + existingSecretPasswordKey: "password" + helpers: + ## Redis Connection Test image + ## @param redis.helpers.test.image.repository Redis Connection Test image repository + ## @param redis.helpers.test.image.tag Redis Connection Test image tag (immutable tags are recommended) + ## @param redis.helpers.test.image.pullPolicy Redis Connection Test image pull policy + ## @param redis.helpers.test.image.pullSecrets Specify docker-registry secret names as an array + ## + test: + image: + repository: docker/library/redis + tag: 7-alpine + pullPolicy: IfNotPresent + pullSecrets: [] ## @section RabbitMQ parameters ## rabbitmq: