diff --git a/Kubernetes/Components/Bot/Chart.yaml b/Kubernetes/Components/Bot/Chart.yaml index a4b12f8..b6b6d2a 100644 --- a/Kubernetes/Components/Bot/Chart.yaml +++ b/Kubernetes/Components/Bot/Chart.yaml @@ -1,8 +1,9 @@ apiVersion: v2 name: Bot -description: A Helm chart for Bot +description: A Helm chart for Train-bot type: application version: 0.1.0 -appVersion: 2.0.0 \ No newline at end of file +appVersion: 2.0.0 + diff --git a/Kubernetes/Components/Bot/templates/deployment-byk-bot.yaml b/Kubernetes/Components/Bot/templates/deployment-byk-bot.yaml index 71b6e7c..41537cf 100644 --- a/Kubernetes/Components/Bot/templates/deployment-byk-bot.yaml +++ b/Kubernetes/Components/Bot/templates/deployment-byk-bot.yaml @@ -13,59 +13,50 @@ spec: app: "{{ .Values.release_name }}" spec: initContainers: - - name: bring-loba-folder-for-init-train - image: alpine/git:2.36.3 - volumeMounts: - - name: loba-volume - mountPath: /app - command: ["/bin/sh"] - args: - - "-c" - - > - git clone $DSL_REPO /tmp/dsl-source && - echo 'downloaded' && - cp -r /tmp/dsl-source/$DSL_PATH/loba/* /app/ && - echo 'moved' && - ls /app - env: - - name: DSL_REPO - value: {{ .Values.images.bot.dsl.repo }} - - name: DSL_PATH - value: {{ .Values.images.bot.dsl.path }} + # - name: bring-loba-folder-for-init-train + # image: alpine/git:2.36.3 + # volumeMounts: + # - name: rasa-training-data + # mountPath: /app + # command: ["/bin/sh"] + # args: + # - "-c" + # - > + # git clone $DSL_REPO /tmp/dsl-source && + # echo 'downloaded' && + # cp -r /tmp/dsl-source/$DSL_PATH/loba/* /app/ && + # echo 'moved' && + # adduser --no-create-home --disabled-password rasa && + # chown -R rasa:rasa /app && + # ls /app + + # env: + # - name: DSL_REPO + # value: {{ .Values.bot.dsl.repo }} + # - name: DSL_PATH + # value: {{ .Values.bot.dsl.path }} containers: - - name: byk-bot - image: riaee/byk:bot-20220728 - command: ["/bin/sh"] - args: - - "-c" - - > - rasa train --fixed-model-name loba-model && - rasa run - ports: - - containerPort: 5005 - volumeMounts: - - name: loba-volume - mountPath: /app/ -# resources: -# limits: -# memory: "1Gi" -# cpu: "500m" - - name: byk-bot-action - image: "{{ .Values.images.scope.bot_action.image }}" - command: ["python", "-m", "rasa_sdk.endpoint", "--actions", "actions"] - - ports: - - containerPort: 5055 - volumeMounts: - - name: loba-volume - mountPath: /app/ - resources: - limits: - memory: "512Mi" - cpu: "500m" + - name: "{{ .Values.release_name }}" + image: "{{ .Values.images.scope.registry }}/{{ .Values.images.scope.repository }}:{{ .Values.images.scope.tag }}" + env: + - name: RASA_MAX_CACHE_SIZE + value: "0" + command: ["/bin/sh"] + args: + - "-c" + - > + rasa run --enable-api + + ports: + - containerPort: 5005 + volumeMounts: + - name: bot-rasa-models + mountPath: /app/models volumes: - - name: loba-volume - persistentVolumeClaim: - claimName: pvc-loba - + - name: bot-rasa-models + persistentVolumeClaim: + claimName: pvc-bot-models + + + diff --git a/Kubernetes/Components/Bot/templates/pvc-bot-models.yaml b/Kubernetes/Components/Bot/templates/pvc-bot-models.yaml new file mode 100644 index 0000000..68f5337 --- /dev/null +++ b/Kubernetes/Components/Bot/templates/pvc-bot-models.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: pvc-bot-models +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 500Mi diff --git a/Kubernetes/Components/Bot/templates/service-byk-bot.yaml b/Kubernetes/Components/Bot/templates/service-byk-bot.yaml deleted file mode 100644 index 3f38d21..0000000 --- a/Kubernetes/Components/Bot/templates/service-byk-bot.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: byk-bot -spec: - selector: - app: byk-bot - ports: - - port: 5005 - targetPort: 5005 - protocol: TCP - name: bot - ---- - -apiVersion: v1 -kind: Service -metadata: - name: byk-bot-action -spec: - selector: - app: byk-bot - ports: - - port: 5055 - targetPort: 5055 - protocol: TCP - name: bot diff --git a/Kubernetes/Components/Bot/templates/service-byk-trainbot.yaml b/Kubernetes/Components/Bot/templates/service-byk-trainbot.yaml new file mode 100644 index 0000000..78b00ef --- /dev/null +++ b/Kubernetes/Components/Bot/templates/service-byk-trainbot.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.release_name }} +spec: + selector: + app: {{ .Values.release_name }} + ports: + - protocol: TCP + port: 5005 + targetPort: 5005 + name: http diff --git a/Kubernetes/Components/Bot/values.yaml b/Kubernetes/Components/Bot/values.yaml index 87ae43c..2777595 100644 --- a/Kubernetes/Components/Bot/values.yaml +++ b/Kubernetes/Components/Bot/values.yaml @@ -17,21 +17,22 @@ securityContext: {} domain: test.buerokratt.ee # Domain name +#ingress: +# tlsConfigMapName: byk-tls-configmap + ingress: - certIssuerName: letsencrypt-prod # Change this if your certIssuerName has set up different + certIssuerName: letsencrypt-prod-issuer -release_name: "byk-bot" -releaseName: "byk-bot" +release_name: "component-byk-bot" images: scope: - bot: - image: "riaee/byk:bot-20220728" - bot_action: - image: "riaee/byk:bot-action-server-20220728" - bot: - dsl: - repo: https://github.com/buerokratt/Installation-Guides.git - path: default-setup/chatbot-and-training/bot - + registry: "ghcr.io" + repository: "varmoh/rasa-for-buerokratt" + tag: "pre-alpha-1.1.0" # Images (tags) are up to date, currently no changes needed + +bot: + dsl: + repo: https://github.com/buerokratt/Installation-Guides.git + path: default-setup/chatbot-and-training/bot diff --git a/Kubernetes/Components/CronManager/Chart.yaml b/Kubernetes/Components/CronManager/Chart.yaml new file mode 100644 index 0000000..211b92d --- /dev/null +++ b/Kubernetes/Components/CronManager/Chart.yaml @@ -0,0 +1,7 @@ +apiVersion: v2 +name: Cronmanager +description: A Helm chart for Kubernetes + +type: application +version: 0.1.0 +appVersion: "1.1.0" \ No newline at end of file diff --git a/Kubernetes/Components/CronManager/templates/configmap-train-bot.yaml b/Kubernetes/Components/CronManager/templates/configmap-train-bot.yaml new file mode 100644 index 0000000..dbc289c --- /dev/null +++ b/Kubernetes/Components/CronManager/templates/configmap-train-bot.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cronconst +data: + constants.ini: | + TRAINING_PUBLIC_RUUTER=http://component-byk-ruuter-private:8080/training + TRAINING_DMAPPER=http://component-byk-dmapper:3000 + TRAINING_OPENSEARCH=http://component-opensearch-node:9200 + TRAINING_TIM=http://component-byk-tim:8085 + TRAINING_RESQL=http://component-byk-resql:8082/training + TRAINING_USERS_RESQL=http://component-byk-resql:8082/training + TRAINING_PIPELINE=http://module-byk-training-gui-pipelines:3010 + TRAINING_RASA=http://component-byk-train-bot:5005 + S3_FERRY=http://component-byk-s3:3000 + SERVICES_RESQL=http://component-byk-resql:8082/training + CRON_INSTANCE=http://component-byk-cronmanager:9010 + CRON_MANAGER=http://component-byk-cronmanager:9010 + + TRAINING_FILES_PATH=/rasa/locations/data/ + TESTING_FILES_PATH=/rasa/locations/tests/ + CROSS_VALIDATION_FILES_PATH=/rasa/locations/data/nlu/ \ No newline at end of file diff --git a/Kubernetes/Components/CronManager/templates/deployment.yaml b/Kubernetes/Components/CronManager/templates/deployment.yaml new file mode 100644 index 0000000..2c9476f --- /dev/null +++ b/Kubernetes/Components/CronManager/templates/deployment.yaml @@ -0,0 +1,64 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: "{{ .Values.release_name }}" +spec: + replicas: 1 + selector: + matchLabels: + app: "{{ .Values.release_name }}" + template: + metadata: + labels: + app: "{{ .Values.release_name }}" + spec: + containers: + - name: "{{ .Values.release_name }}" + image: "{{ .Values.images.scope.registry }}/{{ .Values.images.scope.repository }}:{{ .Values.images.scope.tag }}" + ports: + - containerPort: 9010 + env: + - name: TRAINING_PUBLIC_RUUTER + value: "{{ .Values.contstants.TRAINING_PUBLIC_RUUTER }}" + - name: TRAINING_DMAPPER + value: "{{ .Values.contstants.TRAINING_DMAPPER }}" + - name: TRAINING_OPENSEARCH + value: "{{ .Values.contstants.TRAINING_OPENSEARCH }}" + - name: TRAINING_TIM + value: "{{ .Values.contstants.TRAINING_TIM }}" + - name: TRAINING_RESQL + value: "{{ .Values.contstants.TRAINING_RESQL }}" + - name: TRAINING_USERS_RESQL + value: "{{ .Values.contstants.TRAINING_USERS_RESQL }}" + - name: TRAINING_PIPELINE + value: "{{ .Values.contstants.TRAINING_PIPELINE }}" + - name: TRAINING_RASA + value: "{{ .Values.contstants.TRAINING_RASA }}" + - name: S3_FERRY + value: "{{ .Values.contstants.S3_FERRY }}" + - name: SERVICES_RESQL + value: "{{ .Values.contstants.SERVICES_RESQL }}" + - name: CRON_INSTANCE + value: "{{ .Values.contstants.CRON_INSTANCE }}" + - name: CRON_MANAGER + value: "{{ .Values.contstants.CRON_MANAGER }}" + - name: TRAINING_FILES_PATH + value: "{{ .Values.contstants.TRAINING_FILES_PATH }}" + - name: TESTING_FILES_PATH + value: "{{ .Values.contstants.TESTING_FILES_PATH }}" + - name: CROSS_VALIDATION_FILES_PATH + value: "{{ .Values.contstants.CROSS_VALIDATION_FILES_PATH }}" + + volumeMounts: + - name: trainbot-rasa-models + mountPath: /data + - name: cronconst + mountPath: /app/constants.ini + subPath: constants.ini + volumes: + - name: trainbot-rasa-models + persistentVolumeClaim: + claimName: pvc-trainbot-models + - name: cronconst + configMap: + name: cronconst diff --git a/Kubernetes/Components/CronManager/templates/service.yaml b/Kubernetes/Components/CronManager/templates/service.yaml new file mode 100644 index 0000000..c563daa --- /dev/null +++ b/Kubernetes/Components/CronManager/templates/service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.release_name }} +spec: + selector: + app: {{ .Values.release_name }} + ports: + - protocol: TCP + port: 9010 + targetPort: 8080 + name: http + diff --git a/Kubernetes/Components/CronManager/values.yaml b/Kubernetes/Components/CronManager/values.yaml new file mode 100644 index 0000000..bbc30ab --- /dev/null +++ b/Kubernetes/Components/CronManager/values.yaml @@ -0,0 +1,48 @@ +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +domain: test.buerokratt.ee # Domain name +#secretname: ruuter.test.buerokratt.ee1904prod # Cert name value, change this as suited to environment +#ingress: +# certIssuerName: letsencrypt-prod # Change this if your certIssuerName has set up different + +release_name: "component-byk-cronmanager" + +images: + scope: + registry: "ghcr.io" + repository: "varmoh/cronmanager" + tag: "pre-alpha-1.2.0" # Images (tags) are up to date, currently no changes needed + + +contstants: + TRAINING_PUBLIC_RUUTER: "http://component-byk-ruuter-private:8080" + TRAINING_DMAPPER: "http://component-byk-dmapper-v1:3000" # Vaata üle täpselt mi siia läks + TRAINING_OPENSEARCH: "http://component-opensearch-node:9200" + TRAINING_TIM: "http://component-byk-tim:8085" + TRAINING_RESQL: "http://component-byk-resql:8082" + TRAINING_USERS_RESQL: http://component-byk-resql:8082 + TRAINING_PIPELINE: "http://module-byk-training-gui-pipelines:3010" + TRAINING_RASA: "http://component-byk-train-bot:5005" # ehita training rasa image, muuda trin-bot? deploy kausta, midagi seal all juba valmis kah + S3_FERRY: "http://component-byk-s3:3000" + SERVICES_RESQL: "http://component-byk-resql:8082" + CRON_INSTANCE: "http://component-byk-cronmanager:9010" + CRON_MANAGER: "http://component-byk-cronmanager:9010" + + TRAINING_FILES_PATH: "/rasa/locations/data/" + TESTING_FILES_PATH: "/rasa/locations/tests/" + CROSS_VALIDATION_FILES_PATH: "/rasa/locations/data/nlu/" \ No newline at end of file diff --git a/Kubernetes/Components/DataMapper/templates/deployment-byk-dmapper.yaml b/Kubernetes/Components/DataMapper/templates/deployment-byk-dmapper.yaml index 4efa710..1b44863 100644 --- a/Kubernetes/Components/DataMapper/templates/deployment-byk-dmapper.yaml +++ b/Kubernetes/Components/DataMapper/templates/deployment-byk-dmapper.yaml @@ -12,6 +12,26 @@ spec: app: "{{ .Values.release_name }}" spec: initContainers: + - name: bring-train-data + image: alpine/git:2.36.3 + volumeMounts: + - name: trainbot-rasa-locations + mountPath: /rasa/locations + command: ["/bin/sh"] + args: + - "-c" + - > + git clone $DSL_REPO /tmp/dsl-source && + echo 'downloaded' && + cp -r /tmp/dsl-source/$DSL_PATH/* /rasa/locations/ && + echo 'moved' && + ls /rasa/locations/ + env: + - name: DSL_REPO + value: {{ .Values.images.bot.dsl.repo }} + - name: DSL_PATH + value: {{ .Values.images.bot.dsl.path }} + - name: init-copy-files-backoffice image: "{{ .Values.images.backoffice.registry }}/{{ .Values.images.backoffice.repository }}:{{ .Values.images.backoffice.tag }}" command: ["/bin/sh", "-c"] @@ -95,11 +115,13 @@ spec: - name: byk-dsl-services mountPath: /data readOnly: false + - name: trainbot-rasa-locations + mountPath: /rasa/locations livenessProbe: httpGet: path: / port: 3000 - initialDelaySeconds: 26 + initialDelaySeconds: 24 periodSeconds: 11 readinessProbe: httpGet: @@ -113,3 +135,6 @@ spec: - name: byk-dsl-services persistentVolumeClaim: claimName: byk-dsl-services + - name: trainbot-rasa-locations + persistentVolumeClaim: + claimName: pvc-trainbot diff --git a/Kubernetes/Components/DataMapper/templates/istio-setup-byk-dmapper.yaml b/Kubernetes/Components/DataMapper/templates/istio-setup-byk-dmapper.yaml new file mode 100644 index 0000000..ca8d949 --- /dev/null +++ b/Kubernetes/Components/DataMapper/templates/istio-setup-byk-dmapper.yaml @@ -0,0 +1,39 @@ +apiVersion: networking.istio.io/v1beta1 +kind: DestinationRule +metadata: + name: "{{ .Values.release_name }}" +spec: + host: "{{ .Values.release_name }}" + subsets: + - name: "{{ .Values.release_name }}" + labels: + app: "{{ .Values.release_name }}" +--- +apiVersion: networking.istio.io/v1beta1 +kind: VirtualService +metadata: + name: "{{ .Values.release_name }}" +spec: + hosts: + - "{{ .Values.release_name }}" + http: + - name: allow + match: + - sourceLabels: + app: component-byk-ruuter + - sourceLabels: + app: component-byk-ruuter-private + route: + - destination: + host: "{{ .Values.release_name }}" + subset: "{{ .Values.release_name }}" + - name: reject + route: + - destination: + host: "{{ .Values.release_name }}" + subset: "{{ .Values.release_name }}" + fault: + abort: + percentage: + value: 100.0 + httpStatus: 403 diff --git a/Kubernetes/Components/Bot/templates/pv-loba.yaml b/Kubernetes/Components/DataMapper/templates/pv-trainbot.yaml similarity index 74% rename from Kubernetes/Components/Bot/templates/pv-loba.yaml rename to Kubernetes/Components/DataMapper/templates/pv-trainbot.yaml index 934243c..dfeeb53 100644 --- a/Kubernetes/Components/Bot/templates/pv-loba.yaml +++ b/Kubernetes/Components/DataMapper/templates/pv-trainbot.yaml @@ -1,11 +1,11 @@ apiVersion: v1 kind: PersistentVolume metadata: - name: pv-loba + name: pv-trainbot spec: capacity: storage: 500Mi accessModes: - ReadWriteMany hostPath: - path: /app/loba + path: /rasa/locations diff --git a/Kubernetes/Components/Bot/templates/pvc-loba.yaml b/Kubernetes/Components/DataMapper/templates/pvc-trainbot.yaml similarity index 87% rename from Kubernetes/Components/Bot/templates/pvc-loba.yaml rename to Kubernetes/Components/DataMapper/templates/pvc-trainbot.yaml index bc9bf07..28718b9 100644 --- a/Kubernetes/Components/Bot/templates/pvc-loba.yaml +++ b/Kubernetes/Components/DataMapper/templates/pvc-trainbot.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: pvc-loba + name: pvc-trainbot spec: accessModes: - ReadWriteMany diff --git a/Kubernetes/Components/DataMapper/values.yaml b/Kubernetes/Components/DataMapper/values.yaml index 6c7fcd7..f6921c2 100644 --- a/Kubernetes/Components/DataMapper/values.yaml +++ b/Kubernetes/Components/DataMapper/values.yaml @@ -27,8 +27,8 @@ release_name: "component-byk-dmapper" images: scope: registry: "ghcr.io" - repository: "buerokratt/datamapper" - tag: "pre-alpha-19-2.6.18" # Images (tags) are up to date, currently no changes needed + repository: "varmoh/buerokratt-data-mapper" + tag: "pre-alpha-2.7.0" # Images (tags) are up to date, currently no changes needed backoffice: registry: "ghcr.io" repository: "buerokratt/buerokratt-dsl" @@ -44,8 +44,12 @@ images: training: registry: "ghcr.io" repository: "buerokratt/buerokratt-dsl" - tag: "training-module-pre-alpha-1.4.11" # Images (tags) are up to date, currently no changes needed + tag: "training-module-pre-alpha-1.4.48" # Images (tags) are up to date, currently no changes needed pipelines: service: repo: https://github.com/buerokratt/Service-Module.git - path: /DSL \ No newline at end of file + path: /DSL + bot: + dsl: + repo: https://github.com/buerokratt/Training-Module.git + path: DSL/DMapper/locations \ No newline at end of file diff --git a/Kubernetes/Components/Notification-server/templates/istio-setup-notification-server.yaml b/Kubernetes/Components/Notification-server/templates/istio-setup-notification-server.yaml new file mode 100644 index 0000000..ae07ca7 --- /dev/null +++ b/Kubernetes/Components/Notification-server/templates/istio-setup-notification-server.yaml @@ -0,0 +1,39 @@ +apiVersion: networking.istio.io/v1beta1 +kind: DestinationRule +metadata: + name: "{{ .Values.release_name }}" +spec: + host: "{{ .Values.release_name }}" + subsets: + - name: "{{ .Values.release_name }}" + labels: + app: "{{ .Values.release_name }}" +--- +apiVersion: networking.istio.io/v1beta1 +kind: VirtualService +metadata: + name: "{{ .Values.release_name }}" +spec: + hosts: + - "{{ .Values.release_name }}" + http: + - name: allow + match: + - sourceLabels: + app: component-byk-ruuter + - sourceLabels: + app: component-byk-ruuter-private + route: + - destination: + host: "{{ .Values.release_name }}" + subset: "{{ .Values.release_name }}" + - name: reject + route: + - destination: + host: "{{ .Values.release_name }}" + subset: "{{ .Values.release_name }}" + fault: + abort: + percentage: + value: 100.0 + httpStatus: 403 \ No newline at end of file diff --git a/Kubernetes/Components/Private-Ruuter/templates/configmap-tomcat-urls-env.yaml b/Kubernetes/Components/Private-Ruuter/templates/configmap-tomcat-urls-env.yaml index 9bf4560..516d0ae 100644 --- a/Kubernetes/Components/Private-Ruuter/templates/configmap-tomcat-urls-env.yaml +++ b/Kubernetes/Components/Private-Ruuter/templates/configmap-tomcat-urls-env.yaml @@ -14,13 +14,23 @@ data: CHATBOT_NOTIFICATIONS=http://component-notification-node:4040 ANALYTICS_TIM=http://component-byk-tim:8085 ANALYTICS_DMAPPER=http://component-byk-dmapper:3000 - ANALYTICS_RUUTER=http://component-byk-ruuter-private:8080 - ANALYTICS_RESQL=http://component-byk-resql:8082 + ANALYTICS_RUUTER=http://component-byk-ruuter-private:8080/analytics + ANALYTICS_RESQL=http://component-byk-resql:8082/analytics TRAINING_TIM=http://component-byk-tim:8085 - TRAINING_DMAPPER=http://component-byk-dmapper-v1:3000 + TRAINING_DMAPPER=http://component-byk-dmapper:3000 TRAINING_RUUTER=http://component-byk-ruuter-private:8080/training TRAINING_PUBLIC_RUUTER=http://component-byk-ruuter-private:8080/training TRAINING_RESQL=http://component-byk-resql:8082/training + TRAINING_USERS_RESQL=http://component-byk-resql:8082 + TRAINING_PIPELINE=http://module-byk-training-gui-pipelines:3010 + TRAINING_RASA=http://component-byk-train-bot:5005 + S3_FERRY=http://component-byk-s3-ferry-publish:3000 + SERVICES_RESQL=http://component-byk-resql:8082 + CRON_INSTANCE=http://component-byk-cronmanager:9010 + CRON_MANAGER=http://component-byk-cronmanager:9010 + TRAINING_FILES_PATH=/data/DMapper/locations/data/ + TESTING_FILES_PATH=/data/DMapper/locations/tests/ + CROSS_VALIDATION_FILES_PATH=/data/DMapper/locations/data/nlu/ SERVICE_TIM=http://component-byk-tim:8085 SERVICE_DMAPPER=http://component-byk-dmapper:3000 SERVICE_NODE=http://component-byk-dmapper:3000 @@ -28,4 +38,5 @@ data: SERVICE_RESQL=http://component-byk-resql:8082/services SERVICE_TRAINING_RESQL=http://component-byk-resql:8082/services/training TRAINING_OPENSEARCH=http://component-opensearch-node:9200 - DOMAIN=test.buerokratt.ee \ No newline at end of file + DOMAIN=test.buerokratt.ee + CHATBOT_BOT=http://component-byk-bot:5005 \ No newline at end of file diff --git a/Kubernetes/Components/Private-Ruuter/templates/deployment-byk-ruuter-private.yaml b/Kubernetes/Components/Private-Ruuter/templates/deployment-byk-ruuter-private.yaml index f7f2ed2..96a47d6 100644 --- a/Kubernetes/Components/Private-Ruuter/templates/deployment-byk-ruuter-private.yaml +++ b/Kubernetes/Components/Private-Ruuter/templates/deployment-byk-ruuter-private.yaml @@ -2,6 +2,8 @@ apiVersion: apps/v1 kind: Deployment metadata: name: "{{ .Values.release_name }}" + annotations: + sidecar.istio.io/inject: "true" spec: selector: matchLabels: @@ -76,6 +78,8 @@ spec: value: "{{ .Values.env.APPLICATION_CORS_ALLOWED_ORIGINS }}" - name: application.openSearchConfiguration.url value: "{{ .Values.env.APPLICATION_OPENSEARCH_CONFIGURATION_URL }}" + - name: application.httpCodesAllowList + value: "{{ .Values.env.APPLICATION_HTTPCODESALLOWLIST }}" volumeMounts: - name: privateruuter-volume mountPath: /DSL/ @@ -88,7 +92,7 @@ spec: livenessProbe: tcpSocket: port: 8080 - initialDelaySeconds: 21 + initialDelaySeconds: 23 periodSeconds: 10 readinessProbe: tcpSocket: diff --git a/Kubernetes/Components/Private-Ruuter/templates/istio-setup-byk-ruuter-private.yaml b/Kubernetes/Components/Private-Ruuter/templates/istio-setup-byk-ruuter-private.yaml new file mode 100644 index 0000000..583e6b7 --- /dev/null +++ b/Kubernetes/Components/Private-Ruuter/templates/istio-setup-byk-ruuter-private.yaml @@ -0,0 +1,37 @@ +apiVersion: networking.istio.io/v1beta1 +kind: DestinationRule +metadata: + name: "{{ .Values.release_name }}" +spec: + host: "{{ .Values.release_name }}" + subsets: + - name: "{{ .Values.release_name }}" + labels: + app: "{{ .Values.release_name }}" +--- +apiVersion: networking.istio.io/v1beta1 +kind: VirtualService +metadata: + name: "{{ .Values.release_name }}" +spec: + hosts: + - "{{ .Values.release_name }}" + http: + - name: allow + match: + - sourceLabels: + app: "{{ .Values.release_name }}" + route: + - destination: + host: "{{ .Values.release_name }}" + subset: "{{ .Values.release_name }}" + - name: reject + route: + - destination: + host: "{{ .Values.release_name }}" + subset: "{{ .Values.release_name }}" + fault: + abort: + percentage: + value: 100.0 + httpStatus: 403 diff --git a/Kubernetes/Components/Private-Ruuter/values.yaml b/Kubernetes/Components/Private-Ruuter/values.yaml index f5d6888..9d40eb0 100644 --- a/Kubernetes/Components/Private-Ruuter/values.yaml +++ b/Kubernetes/Components/Private-Ruuter/values.yaml @@ -35,7 +35,7 @@ images: analytics: registry: "ghcr.io" repository: "buerokratt/buerokratt-dsl" - tag: "analytics-module-pre-alpha-1.4.7" # Images (tags) are up to date, currently no changes needed + tag: "analytics-module-pre-alpha-1.4.9" # Images (tags) are up to date, currently no changes needed services: registry: "ghcr.io" repository: "buerokratt/buerokratt-dsl" @@ -43,11 +43,16 @@ images: training: registry: "ghcr.io" repository: "buerokratt/buerokratt-dsl" - tag: "training-module-pre-alpha-1.4.28" # Images (tags) are up to date, currently no changes needed + tag: "training-module-pre-alpha-1.4.49" # Images (tags) are up to date, currently no changes needed env: LOGGING_LEVEL_ROOT: "INFO" LOG_LEVEL_TIMING: "INFO" APPLICATION_LOGGING_DISPLAY_REQUEST_CONTENT: "false" APPLICATION_LOGGING_DISPLAY_RESPONSE_CONTENT: "false" +<<<<<<< Updated upstream APPLICATION_CORS_ALLOWED_ORIGINS: https://admin.test.buerokratt.ee # Change the domain name, leave subdomain and subpath same +======= + APPLICATION_HTTPCODESALLOWLIST: "200,201,202,204,400,401,403,500" + APPLICATION_CORS_ALLOWED_ORIGINS: https://admin.test.buerokratt.ee, https://test.buerokratt.ee, https://tim.test.buerokratt.ee, https://ruuter.test.buerokratt.ee # Change the domain name, leave subdomain and subpath same +>>>>>>> Stashed changes APPLICATION_OPENSEARCH_CONFIGURATION_URL: http://component-opensearch-node:9200 diff --git a/Kubernetes/Components/Resql/templates/deployment-byk-resql.yaml b/Kubernetes/Components/Resql/templates/deployment-byk-resql.yaml index c0057e3..43716f9 100644 --- a/Kubernetes/Components/Resql/templates/deployment-byk-resql.yaml +++ b/Kubernetes/Components/Resql/templates/deployment-byk-resql.yaml @@ -83,13 +83,13 @@ spec: httpGet: path: /datasources port: 8082 - initialDelaySeconds: 70 + initialDelaySeconds: 71 periodSeconds: 10 readinessProbe: httpGet: path: /datasources port: 8082 - initialDelaySeconds: 68 + initialDelaySeconds: 70 periodSeconds: 10 volumes: diff --git a/Kubernetes/Components/Resql/templates/istio-setup-byk-resql.yaml b/Kubernetes/Components/Resql/templates/istio-setup-byk-resql.yaml new file mode 100644 index 0000000..ca8d949 --- /dev/null +++ b/Kubernetes/Components/Resql/templates/istio-setup-byk-resql.yaml @@ -0,0 +1,39 @@ +apiVersion: networking.istio.io/v1beta1 +kind: DestinationRule +metadata: + name: "{{ .Values.release_name }}" +spec: + host: "{{ .Values.release_name }}" + subsets: + - name: "{{ .Values.release_name }}" + labels: + app: "{{ .Values.release_name }}" +--- +apiVersion: networking.istio.io/v1beta1 +kind: VirtualService +metadata: + name: "{{ .Values.release_name }}" +spec: + hosts: + - "{{ .Values.release_name }}" + http: + - name: allow + match: + - sourceLabels: + app: component-byk-ruuter + - sourceLabels: + app: component-byk-ruuter-private + route: + - destination: + host: "{{ .Values.release_name }}" + subset: "{{ .Values.release_name }}" + - name: reject + route: + - destination: + host: "{{ .Values.release_name }}" + subset: "{{ .Values.release_name }}" + fault: + abort: + percentage: + value: 100.0 + httpStatus: 403 diff --git a/Kubernetes/Components/Resql/values.yaml b/Kubernetes/Components/Resql/values.yaml index 239f1de..5bb9cac 100644 --- a/Kubernetes/Components/Resql/values.yaml +++ b/Kubernetes/Components/Resql/values.yaml @@ -33,22 +33,22 @@ images: backoffice: registry: "ghcr.io" repository: "buerokratt/buerokratt-dsl" - tag: "backoffice-module-pre-alpha-1.3.13" # Images (tags) are up to date, currently no changes needed + tag: "backoffice-module-pre-alpha-1.3.21" # Images (tags) are up to date, currently no changes needed analytics: registry: "ghcr.io" repository: "buerokratt/buerokratt-dsl" - tag: "analytics-module-pre-alpha-1.4.5" # Images (tags) are up to date, currently no changes needed + tag: "analytics-module-pre-alpha-1.4.10" # Images (tags) are up to date, currently no changes needed services: registry: "ghcr.io" repository: "buerokratt/buerokratt-dsl" - tag: "service-module-pre-alpha-1.4.5" # Images (tags) are up to date, currently no changes needed + tag: "service-module-pre-alpha-1.4.7" # Images (tags) are up to date, currently no changes needed training: registry: "ghcr.io" repository: "buerokratt/buerokratt-dsl" - tag: "training-module-pre-alpha-1.4.34" # Images (tags) are up to date, currently no changes needed + tag: "training-module-pre-alpha-1.4.47" # Images (tags) are up to date, currently no changes needed env: - LOGGING_LEVEL_ROOT: "TRACE" + LOGGING_LEVEL_ROOT: "INFO" SQLMS_DATASOURCES_0_NAME: "byk" SQLMS_DATASOURCES_0_JDBCURL: "jdbc:postgresql://component-databases-users-db:5432/byk" SQLMS_DATASOURCES_0_USERNAME: "byk" diff --git a/Kubernetes/Components/Ruuter/templates/configmap-tomcat-urls-env.yaml b/Kubernetes/Components/Ruuter/templates/configmap-tomcat-urls-env.yaml index 63b47ca..c114ed8 100644 --- a/Kubernetes/Components/Ruuter/templates/configmap-tomcat-urls-env.yaml +++ b/Kubernetes/Components/Ruuter/templates/configmap-tomcat-urls-env.yaml @@ -7,12 +7,12 @@ data: CHATBOT_RUUTER_PUBLIC=http://component-byk-ruuter:8080/backoffice CHATBOT_RUUTER_PRIVATE=http://component-byk-ruuter-private:8080 CHATBOT_RUUTER=http://component-byk-ruuter:8080 - CHATBOT_RESQL=http://component-byk-resql:8082 + CHATBOT_RESQL=http://component-byk-resql:8082/backoffice CHATBOT_DMAPPER=http://component-byk-dmapper:3000 CHATBOT_TIM=http://component-byk-tim:8085 CHATBOT_OPENSEARCH=http://component-opensearch-node:9200 CHATBOT_NOTIFICATIONS=http://component-notification-node:4040 - CHATBOT_BOT=http://byk-bot:5005 + CHATBOT_BOT=http://component-byk-bot:5005 ANALYTICS_TIM=http://component-byk-tim:8085 ANALYTICS_DMAPPER=http://component-byk-dmapper:3000 ANALYTICS_RUUTER=http://component-byk-ruuter-private:8080/analytics @@ -26,4 +26,8 @@ data: SERVICE_RUUTER=http://component-byk-ruuter-private:8080 SERVICE_RESQL=http://component-byk-resql:8082 DOMAIN=test.buerokratt.ee - \ No newline at end of file + CHATBOT_EXTERNAL_BOT_URL= + CHATBOT_EXTERNAL_API_KEY= + CHATBOT_EXTERNAL_KEY= + CHATBOT_RUUTER_PUBLIC_INTERNAL=http://component-byk-ruuter:8080/backoffice + S3_FERRY=http://component-byk-s3-ferry-publish:3000 \ No newline at end of file diff --git a/Kubernetes/Components/Ruuter/templates/deployment-byk-ruuter.yaml b/Kubernetes/Components/Ruuter/templates/deployment-byk-ruuter.yaml index 2d5436f..ffb54e7 100644 --- a/Kubernetes/Components/Ruuter/templates/deployment-byk-ruuter.yaml +++ b/Kubernetes/Components/Ruuter/templates/deployment-byk-ruuter.yaml @@ -2,6 +2,8 @@ apiVersion: apps/v1 kind: Deployment metadata: name: "{{ .Values.release_name }}" + annotations: + sidecar.istio.io/inject: "true" spec: selector: matchLabels: @@ -38,6 +40,8 @@ spec: value: "{{ .Values.env.APPLICATION_LOGGING_DISPLAY_REQUEST_CONTENT }}" - name: application.logging_displayResponseContent value: "{{ .Values.env.APPLICATION_LOGGING_DISPLAY_RESPONSE_CONTENT }}" + - name: application.cors.allowedOrigins + value: "{{ .Values.env.APPLICATION_CORS_ALLOWED_ORIGINS }}" volumeMounts: - name: ruuter-volume mountPath: /DSL/ @@ -47,12 +51,12 @@ spec: livenessProbe: tcpSocket: port: 8080 - initialDelaySeconds: 12 + initialDelaySeconds: 15 periodSeconds: 10 readinessProbe: tcpSocket: port: 8080 - initialDelaySeconds: 14 + initialDelaySeconds: 15 periodSeconds: 10 volumes: - name: ruuter-volume diff --git a/Kubernetes/Components/Ruuter/templates/istio-setup-byk-ruuter.yaml b/Kubernetes/Components/Ruuter/templates/istio-setup-byk-ruuter.yaml new file mode 100644 index 0000000..7e6eee7 --- /dev/null +++ b/Kubernetes/Components/Ruuter/templates/istio-setup-byk-ruuter.yaml @@ -0,0 +1,37 @@ +apiVersion: networking.istio.io/v1beta1 +kind: DestinationRule +metadata: + name: "{{ .Values.release_name }}" +spec: + host: "{{ .Values.release_name }}" + subsets: + - name: "{{ .Values.release_name }}" + labels: + app: "{{ .Values.release_name }}" +--- +apiVersion: networking.istio.io/v1beta1 +kind: VirtualService +metadata: + name: "{{ .Values.release_name }}" +spec: + hosts: + - "{{ .Values.release_name }}" + http: + - name: allow + match: + - sourceLabels: + app: "{{ .Values.release_name }}" + route: + - destination: + host: "{{ .Values.release_name }}" + subset: "{{ .Values.release_name }}" + - name: reject + route: + - destination: + host: "{{ .Values.release_name }}" + subset: "{{ .Values.release_name }}" + fault: + abort: + percentage: + value: 100.0 + httpStatus: 403 \ No newline at end of file diff --git a/Kubernetes/Components/Ruuter/values.yaml b/Kubernetes/Components/Ruuter/values.yaml index 4165cf0..340969b 100644 --- a/Kubernetes/Components/Ruuter/values.yaml +++ b/Kubernetes/Components/Ruuter/values.yaml @@ -30,10 +30,12 @@ images: dsl: registry: "ghcr.io" repository: "buerokratt/buerokratt-dsl" - tag: "backoffice-module-pre-alpha-1.3.16" # Images (tags) are up to date, currently no changes needed + tag: "backoffice-module-pre-alpha-1.3.33" # Images (tags) are up to date, currently no changes needed env: LOGGING_LEVEL_ROOT: "INFO" LOG_LEVEL_TIMING: "INFO" APPLICATION_LOGGING_DISPLAY_REQUEST_CONTENT: "false" APPLICATION_LOGGING_DISPLAY_RESPONSE_CONTENT: "false" + APPLICATION_CORS_ALLOWED_ORIGINS: https://admin.test.buerokratt.ee, https://test.buerokratt.ee, https://tim.test.buerokratt.ee, https://ruuter.test.buerokratt.ee # Change the domain name, leave subdomain and subpath same + diff --git a/Kubernetes/Components/Train-bot/templates/deployment-byk-trainbot.yaml b/Kubernetes/Components/Train-bot/templates/deployment-byk-trainbot.yaml index 9c90b48..8c89666 100644 --- a/Kubernetes/Components/Train-bot/templates/deployment-byk-trainbot.yaml +++ b/Kubernetes/Components/Train-bot/templates/deployment-byk-trainbot.yaml @@ -6,71 +6,39 @@ spec: replicas: 1 selector: matchLabels: - app: train-test-pod + app: "{{ .Values.release_name }}" template: metadata: labels: - app: train-test-pod + app: "{{ .Values.release_name }}" spec: + nodeSelector: + kubernetes.io/hostname: rke-worker03 containers: - - name: train-bot - image: "{{ .Values.images.scope.image }}" + - name: "{{ .Values.release_name }}" + image: "{{ .Values.images.scope.registry }}/{{ .Values.images.scope.repository }}:{{ .Values.images.scope.tag }}" env: - name: RASA_MAX_CACHE_SIZE value: "0" - command: ["train", "--fixed-model-name", "rasa_1_0", "--force"] + command: ["/bin/sh"] + args: + - "-c" + - > + rasa run --enable-api + ports: - containerPort: 5005 + resources: + limits: + cpu: "1000m" + memory: "4Gi" volumeMounts: - - name: mock1-volume - mountPath: /app - resources: - limits: - memory: "512Mi" - cpu: "500m" - requests: - memory: "256Mi" - cpu: "250m" - - name: test-bot - image: "{{ .Values.images.scope.image }}" - env: - - name: RASA_MAX_CACHE_SIZE - value: "0" - command: ["test", "--out", "results/rasa_1_0"] - ports: - - containerPort: 5006 - volumeMounts: - - name: mock1-volume - mountPath: /app - resources: - limits: - memory: "512Mi" - cpu: "500m" - requests: - memory: "256Mi" - cpu: "250m" - - name: test-bot-cv - image: "{{ .Values.images.scope.image }}" - env: - - name: RASA_MAX_CACHE_SIZE - value: "0" - command: ["test", "--cross-validation", "--folds", "2", "--out", "results/cross-rasa_1_0"] - ports: - - containerPort: 5007 - volumeMounts: - - name: mock1-volume - mountPath: /app - resources: - limits: - memory: "512Mi" - cpu: "500m" - requests: - memory: "256Mi" - cpu: "250m" + - name: trainbot-rasa-models + mountPath: /app/models volumes: - - name: mock1-volume - hostPath: - path: /path/to/mock1 + - name: trainbot-rasa-models + persistentVolumeClaim: + claimName: pvc-trainbot-models diff --git a/Kubernetes/Components/Train-bot/templates/pvc-trainbot-models.yaml b/Kubernetes/Components/Train-bot/templates/pvc-trainbot-models.yaml new file mode 100644 index 0000000..dfd8063 --- /dev/null +++ b/Kubernetes/Components/Train-bot/templates/pvc-trainbot-models.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: pvc-trainbot-models +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 500Mi diff --git a/Kubernetes/Components/Train-bot/templates/service-byk-testbot-cv.yaml b/Kubernetes/Components/Train-bot/templates/service-byk-testbot-cv.yaml deleted file mode 100644 index 9454cb1..0000000 --- a/Kubernetes/Components/Train-bot/templates/service-byk-testbot-cv.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: service-test-bot-cv -spec: - selector: - app: train-bot - ports: - - protocol: TCP - port: 5007 - targetPort: 5005 \ No newline at end of file diff --git a/Kubernetes/Components/Train-bot/templates/service-byk-testbot.yaml b/Kubernetes/Components/Train-bot/templates/service-byk-testbot.yaml deleted file mode 100644 index 8456077..0000000 --- a/Kubernetes/Components/Train-bot/templates/service-byk-testbot.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: service-test-bot -spec: - selector: - app: train-bot - ports: - - protocol: TCP - port: 5006 - targetPort: 5005 \ No newline at end of file diff --git a/Kubernetes/Components/Train-bot/templates/service-byk-trainbot.yaml b/Kubernetes/Components/Train-bot/templates/service-byk-trainbot.yaml index 12a9b6b..78b00ef 100644 --- a/Kubernetes/Components/Train-bot/templates/service-byk-trainbot.yaml +++ b/Kubernetes/Components/Train-bot/templates/service-byk-trainbot.yaml @@ -1,11 +1,12 @@ apiVersion: v1 kind: Service metadata: - name: service-train-bot + name: {{ .Values.release_name }} spec: selector: - app: train-bot + app: {{ .Values.release_name }} ports: - protocol: TCP - port: 5006 - targetPort: 5005 \ No newline at end of file + port: 5005 + targetPort: 5005 + name: http diff --git a/Kubernetes/Components/Train-bot/values.yaml b/Kubernetes/Components/Train-bot/values.yaml index 7eb16ca..0507002 100644 --- a/Kubernetes/Components/Train-bot/values.yaml +++ b/Kubernetes/Components/Train-bot/values.yaml @@ -23,12 +23,16 @@ domain: test.buerokratt.ee # Domain name ingress: certIssuerName: letsencrypt-prod-issuer -release_name: "component-train-bot" - +release_name: "component-byk-train-bot" images: scope: - image: "riaee/byk:loba-bot-v0.2" - - + registry: "ghcr.io" + repository: "varmoh/rasa-for-buerokratt" + tag: "pre-alpha-1.1.0" # Images (tags) are up to date, currently no changes needed + +bot: + dsl: + repo: https://github.com/buerokratt/Installation-Guides.git + path: default-setup/chatbot-and-training/bot diff --git a/Kubernetes/Components/s3Ferry/.helmignore b/Kubernetes/Components/s3Ferry/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/Kubernetes/Components/s3Ferry/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/Kubernetes/Components/s3Ferry/Chart.yaml b/Kubernetes/Components/s3Ferry/Chart.yaml new file mode 100644 index 0000000..6c000fe --- /dev/null +++ b/Kubernetes/Components/s3Ferry/Chart.yaml @@ -0,0 +1,7 @@ +apiVersion: v2 +name: s3Ferry +description: A Helm chart for Kubernetes + +type: application +version: 0.1.0 +appVersion: "1.1.0" diff --git a/Kubernetes/Components/s3Ferry/templates/configmap.yaml b/Kubernetes/Components/s3Ferry/templates/configmap.yaml new file mode 100644 index 0000000..aa2ebb9 --- /dev/null +++ b/Kubernetes/Components/s3Ferry/templates/configmap.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: "{{ .Values.release_name }}-config" +data: + development.env: | + API_CORS_ORIGIN=* + API_DOCUMENTATION_ENABLED=false + + S3_REGION=us-east-1 + S3_ENDPOINT_URL= + S3_ACCESS_KEY_ID= + S3_SECRET_ACCESS_KEY= + S3_DATA_BUCKET_NAME= + S3_DATA_BUCKET_PATH= + + FS_DATA_DIRECTORY_PATH=./data diff --git a/Kubernetes/Components/s3Ferry/templates/deployment.yaml b/Kubernetes/Components/s3Ferry/templates/deployment.yaml new file mode 100644 index 0000000..64c4dd1 --- /dev/null +++ b/Kubernetes/Components/s3Ferry/templates/deployment.yaml @@ -0,0 +1,48 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: "{{ .Values.release_name }}" +spec: + replicas: 1 + selector: + matchLabels: + app: "{{ .Values.release_name }}" + template: + metadata: + labels: + app: "{{ .Values.release_name }}" + spec: + containers: + - name: "{{ .Values.release_name }}-ferry" + image: "{{ .Values.images.scope.registry }}/{{ .Values.images.scope.repository }}:{{ .Values.images.scope.tag }}" + ports: + - containerPort: 3000 + env: + - name: S3_ENDPOINT_URL + value: "{{ .Values.config.S3_ENDPOINT_URL }}" + - name: API_CORS_ORIGIN + value: "{{ .Values.config.API_CORS_ORIGIN }}" + - name: API_DOCUMENTATION_ENABLED + value: "true" + - name: S3_REGION + value: "{{ .Values.config.S3_REGION }}" + - name: S3_ACCESS_KEY_ID + value: "{{ .Values.config.S3_ACCESS_KEY_ID }}" + - name: S3_SECRET_ACCESS_KEY + value: "{{ .Values.config.S3_SECRET_ACCESS_KEY }}" + - name: S3_DATA_BUCKET_NAME + value: "{{ .Values.config.S3_DATA_BUCKET_NAME }}" + - name: S3_DATA_BUCKET_PATH + value: "{{ .Values.config.S3_DATA_BUCKET_PATH }}" + - name: FS_DATA_DIRECTORY_PATH + value: "{{ .Values.config.FS_DATA_DIRECTORY_PATH }}" + envFrom: + - configMapRef: + name: "{{ .Values.release_name }}-config" + volumeMounts: + - name: trainbot-rasa-models + mountPath: /api/data + volumes: + - name: trainbot-rasa-models + persistentVolumeClaim: + claimName: pvc-trainbot-models diff --git a/Kubernetes/Components/s3Ferry/templates/service.yaml b/Kubernetes/Components/s3Ferry/templates/service.yaml new file mode 100644 index 0000000..1606cb3 --- /dev/null +++ b/Kubernetes/Components/s3Ferry/templates/service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: "{{ .Values.release_name }}" +spec: + selector: + app: "{{ .Values.release_name }}" + ports: + - protocol: TCP + port: 3000 + targetPort: 3000 + name: http + diff --git a/Kubernetes/Components/s3Ferry/values.yaml b/Kubernetes/Components/s3Ferry/values.yaml new file mode 100644 index 0000000..8094fb4 --- /dev/null +++ b/Kubernetes/Components/s3Ferry/values.yaml @@ -0,0 +1,44 @@ +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +domain: test.buerokratt.ee # Domain name +#secretname: ruuter.test.buerokratt.ee1904prod # Cert name value, change this as suited to environment +#ingress: +# certIssuerName: letsencrypt-prod # Change this if your certIssuerName has set up different + +release_name: "component-byk-s3" + +images: + scope: + registry: "ghcr.io" + repository: "varmoh/buerokratt-s3-ferry" + tag: "pre-alpha-s3-1.1.1" # Images (tags) are up to date, currently no changes needed + + +env: + S3_ENDPOINT_URL: s3.riigipilv.ee:443 + +config: + API_CORS_ORIGIN: "*" + API_DOCUMENTATION_ENABLED: "true" + S3_REGION: + S3_ENDPOINT_URL: + S3_ACCESS_KEY_ID: + S3_SECRET_ACCESS_KEY: + S3_DATA_BUCKET_NAME: + S3_DATA_BUCKET_PATH: "" + FS_DATA_DIRECTORY_PATH: "./data" \ No newline at end of file diff --git a/Kubernetes/Components/s3ferry-publish/.helmignore b/Kubernetes/Components/s3ferry-publish/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/Kubernetes/Components/s3ferry-publish/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/Kubernetes/Components/s3ferry-publish/Chart.yaml b/Kubernetes/Components/s3ferry-publish/Chart.yaml new file mode 100644 index 0000000..967be46 --- /dev/null +++ b/Kubernetes/Components/s3ferry-publish/Chart.yaml @@ -0,0 +1,7 @@ +apiVersion: v2 +name: s3Ferry-publish +description: A Helm chart for Kubernetes + +type: application +version: 0.1.0 +appVersion: "1.1.0" diff --git a/Kubernetes/Components/s3ferry-publish/templates/configmap.yaml b/Kubernetes/Components/s3ferry-publish/templates/configmap.yaml new file mode 100644 index 0000000..0887477 --- /dev/null +++ b/Kubernetes/Components/s3ferry-publish/templates/configmap.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: "{{ .Values.release_name }}-config" +data: + development.env: | + API_CORS_ORIGIN=* + API_DOCUMENTATION_ENABLED=false + + S3_REGION= + S3_ENDPOINT_URL= + S3_ACCESS_KEY_ID= + S3_SECRET_ACCESS_KEY= + S3_DATA_BUCKET_NAME= + S3_DATA_BUCKET_PATH= + + FS_DATA_DIRECTORY_PATH=./data diff --git a/Kubernetes/Components/s3ferry-publish/templates/deployment.yaml b/Kubernetes/Components/s3ferry-publish/templates/deployment.yaml new file mode 100644 index 0000000..f5f5b6c --- /dev/null +++ b/Kubernetes/Components/s3ferry-publish/templates/deployment.yaml @@ -0,0 +1,48 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: "{{ .Values.release_name }}" +spec: + replicas: 1 + selector: + matchLabels: + app: "{{ .Values.release_name }}" + template: + metadata: + labels: + app: "{{ .Values.release_name }}" + spec: + containers: + - name: "{{ .Values.release_name }}-ferry" + image: "{{ .Values.images.scope.registry }}/{{ .Values.images.scope.repository }}:{{ .Values.images.scope.tag }}" + ports: + - containerPort: 3000 + env: + - name: S3_ENDPOINT_URL + value: "{{ .Values.config.S3_ENDPOINT_URL }}" + - name: API_CORS_ORIGIN + value: "{{ .Values.config.API_CORS_ORIGIN }}" + - name: API_DOCUMENTATION_ENABLED + value: "true" + - name: S3_REGION + value: "{{ .Values.config.S3_REGION }}" + - name: S3_ACCESS_KEY_ID + value: "{{ .Values.config.S3_ACCESS_KEY_ID }}" + - name: S3_SECRET_ACCESS_KEY + value: "{{ .Values.config.S3_SECRET_ACCESS_KEY }}" + - name: S3_DATA_BUCKET_NAME + value: "{{ .Values.config.S3_DATA_BUCKET_NAME }}" + - name: S3_DATA_BUCKET_PATH + value: "{{ .Values.config.S3_DATA_BUCKET_PATH }}" + - name: FS_DATA_DIRECTORY_PATH + value: "{{ .Values.config.FS_DATA_DIRECTORY_PATH }}" + envFrom: + - configMapRef: + name: "{{ .Values.release_name }}-config" + volumeMounts: + - name: bot-rasa-models + mountPath: /api/data + volumes: + - name: bot-rasa-models + persistentVolumeClaim: + claimName: pvc-bot-models diff --git a/Kubernetes/Components/s3ferry-publish/templates/service.yaml b/Kubernetes/Components/s3ferry-publish/templates/service.yaml new file mode 100644 index 0000000..1606cb3 --- /dev/null +++ b/Kubernetes/Components/s3ferry-publish/templates/service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: "{{ .Values.release_name }}" +spec: + selector: + app: "{{ .Values.release_name }}" + ports: + - protocol: TCP + port: 3000 + targetPort: 3000 + name: http + diff --git a/Kubernetes/Components/s3ferry-publish/values.yaml b/Kubernetes/Components/s3ferry-publish/values.yaml new file mode 100644 index 0000000..f503ca8 --- /dev/null +++ b/Kubernetes/Components/s3ferry-publish/values.yaml @@ -0,0 +1,44 @@ +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +domain: test.buerokratt.ee # Domain name +#secretname: ruuter.test.buerokratt.ee1904prod # Cert name value, change this as suited to environment +#ingress: +# certIssuerName: letsencrypt-prod # Change this if your certIssuerName has set up different + +release_name: "component-byk-s3-ferry-publish" + +images: + scope: + registry: "ghcr.io" + repository: "varmoh/buerokratt-s3-ferry" + tag: "pre-alpha-s3-1.1.1" # Images (tags) are up to date, currently no changes needed + + +env: + S3_ENDPOINT_URL: s3.riigipilv.ee:443 + +config: + API_CORS_ORIGIN: "*" + API_DOCUMENTATION_ENABLED: "true" + S3_REGION: + S3_ENDPOINT_URL: + S3_ACCESS_KEY_ID: + S3_SECRET_ACCESS_KEY: + S3_DATA_BUCKET_NAME: + S3_DATA_BUCKET_PATH: "" + FS_DATA_DIRECTORY_PATH: "./data" \ No newline at end of file diff --git a/Kubernetes/Modules/Analytics-Module/templates/deployment-byk-analytics-gui.yaml b/Kubernetes/Modules/Analytics-Module/templates/deployment-byk-analytics-gui.yaml index 34dadfc..8505c1e 100644 --- a/Kubernetes/Modules/Analytics-Module/templates/deployment-byk-analytics-gui.yaml +++ b/Kubernetes/Modules/Analytics-Module/templates/deployment-byk-analytics-gui.yaml @@ -22,7 +22,7 @@ spec: cp -r ../Resql/ /app/DSL cp -r ../DataMapper/ /app/DSL cp -r ../Liquibase/ /app/DSL - ls -la + ls -la volumeMounts: - name: analytics-dsl mountPath: /app/DSL @@ -83,6 +83,9 @@ spec: value: "{{ .Values.env.REACT_APP_SERVICE_ID }}" - name: REACT_APP_RUUTER_PRIVATE_API_URL value: "{{ .Values.env.REACT_APP_RUUTER_PRIVATE_API_URL }}" + volumeMounts: + - mountPath: /tmp + name: tmp livenessProbe: httpGet: path: / @@ -95,8 +98,9 @@ spec: port: 3001 initialDelaySeconds: 10 periodSeconds: 11 - volumes: - name: analytics-dsl persistentVolumeClaim: claimName: pvc-analytics-dsl + - emptyDir: {} + name: tmp diff --git a/Kubernetes/Modules/Analytics-Module/templates/job-analytics-liquibase.yaml b/Kubernetes/Modules/Analytics-Module/templates/job-analytics-liquibase.yaml index 64feb17..9337d58 100644 --- a/Kubernetes/Modules/Analytics-Module/templates/job-analytics-liquibase.yaml +++ b/Kubernetes/Modules/Analytics-Module/templates/job-analytics-liquibase.yaml @@ -24,9 +24,21 @@ spec: volumeMounts: - name: liquibase mountPath: /app/DSL + securityContext: + runAsNonRoot: true + runAsUser: 10000 + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - ALL + resources: + limits: + memory: "128Mi" + cpu: "250m" containers: - - name: backoffice-liquibase + - name: analytics-liquibase image: liquibase/liquibase:4.23.2 command: ["/bin/sh"] args: @@ -38,10 +50,21 @@ spec: --password={{ .Values.liquibase.dbPassword }} --changeLogFile=changelog.yaml update volumeMounts: - name: liquibase - mountPath: /DSL/ - + mountPath: /DSL/ + securityContext: + runAsNonRoot: true + runAsUser: 10001 + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - ALL + resources: + limits: + memory: "512Mi" + cpu: "250m" + volumes: - name: liquibase emptyDir: {} - restartPolicy: Never - + restartPolicy: Never \ No newline at end of file diff --git a/Kubernetes/Modules/Analytics-Module/values.yaml b/Kubernetes/Modules/Analytics-Module/values.yaml index 60e8d9d..f796329 100644 --- a/Kubernetes/Modules/Analytics-Module/values.yaml +++ b/Kubernetes/Modules/Analytics-Module/values.yaml @@ -27,11 +27,12 @@ images: gui: registry: "ghcr.io" repository: "buerokratt/analytics-module" - tag: "pre-alpha-1.4.10" # Images (tags) are up to date, currently no changes needed + tag: "v1-alpha-1-1.1.9" # Images (tags) are up to date, currently no changes needed +# tag: "pre-alpha-1.4.10" dsl: registry: "ghcr.io" repository: "buerokratt/buerokratt-dsl" - tag: "analytics-module-pre-alpha-1.4.7" # Images (tags) are up to date, currently no changes needed + tag: "analytics-module-pre-alpha-1.4.8" # Images (tags) are up to date, currently no changes needed env: REACT_APP_RUUTER_API_URL: "https://ruuter.test.buerokratt.ee/v2/public/backoffice" NODE_ENV: "development" diff --git a/Kubernetes/Modules/Authentication-Layer/templates/deployment-byk-authentication-layer.yaml b/Kubernetes/Modules/Authentication-Layer/templates/deployment-byk-authentication-layer.yaml index 3625866..b854b79 100644 --- a/Kubernetes/Modules/Authentication-Layer/templates/deployment-byk-authentication-layer.yaml +++ b/Kubernetes/Modules/Authentication-Layer/templates/deployment-byk-authentication-layer.yaml @@ -11,6 +11,7 @@ spec: labels: app: "{{ .Values.release_name }}" spec: + automountServiceAccountToken: false automountServiceAccountToken: false containers: - name: "{{ .Values.release_name }}" @@ -58,6 +59,27 @@ spec: limits: cpu: "250m" memory: "512Mi" + - name: run + mountPath: /var/run + - name: log + mountPath: /var/log/nginx + - name: cache + mountPath: /var/cache/nginx + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - CHOWN + drop: + - ALL + privileged: false + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 10001 + resources: + limits: + cpu: "250m" + memory: "512Mi" volumes: - name: nginx-config-volume configMap: diff --git a/Kubernetes/Modules/Buerokratt-Chatbot/templates/deployment-byk-backoffice-gui.yaml b/Kubernetes/Modules/Buerokratt-Chatbot/templates/deployment-byk-backoffice-gui.yaml index 290b754..3150445 100644 --- a/Kubernetes/Modules/Buerokratt-Chatbot/templates/deployment-byk-backoffice-gui.yaml +++ b/Kubernetes/Modules/Buerokratt-Chatbot/templates/deployment-byk-backoffice-gui.yaml @@ -63,6 +63,8 @@ spec: value: "{{ .Values.env.REACT_APP_SERVICE_ID }}" - name: REACT_APP_NOTIFICATION_NODE_URL value: "{{ .Values.env.REACT_APP_NOTIFICATION_NODE_URL }}" +# - name: REACT_APP_CSP +# value: "{{ .Values.env.REACT_APP_CSP }}" livenessProbe: httpGet: path: / @@ -73,7 +75,7 @@ spec: httpGet: path: / port: 3001 - initialDelaySeconds: 18 + initialDelaySeconds: 19 periodSeconds: 10 volumeMounts: - name: buerokratt-dsl diff --git a/Kubernetes/Modules/Buerokratt-Chatbot/templates/ingress-byk-backoffice-gui.yaml b/Kubernetes/Modules/Buerokratt-Chatbot/templates/ingress-byk-backoffice-gui.yaml index db93110..f2e0d58 100644 --- a/Kubernetes/Modules/Buerokratt-Chatbot/templates/ingress-byk-backoffice-gui.yaml +++ b/Kubernetes/Modules/Buerokratt-Chatbot/templates/ingress-byk-backoffice-gui.yaml @@ -12,6 +12,8 @@ metadata: # nginx.ingress.kubernetes.io/proxy-set-header: "Content-Type: application/json" # nginx.ingress.kubernetes.io/additional-response-headers: "Access-Control-Allow-Headers: Content-Type, Cache-Control" nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + nginx.ingress.kubernetes.io/configuration-snippet: | + add_header Content-Security-Policy "upgrade-insecure-requests; default-src 'self'; font-src 'self' data:; img-src 'self' data:; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'; connect-src 'self' https://ruuter.test.buerokratt.ee/v2/public https://tim.test.buerokratt.ee https://admin.test.buerokratt.ee https://ruuter.test.buerokratt.ee/v2/private https://ruuter.test.buerokratt.ee;"; cert-manager.io/cluster-issuer: letsencrypt-prod labels: name: "{{ .Values.release_name }}-ingress" diff --git a/Kubernetes/Modules/Buerokratt-Chatbot/templates/job-backoffice-liquibase.yaml b/Kubernetes/Modules/Buerokratt-Chatbot/templates/job-backoffice-liquibase.yaml index 0a132d2..f984e9c 100644 --- a/Kubernetes/Modules/Buerokratt-Chatbot/templates/job-backoffice-liquibase.yaml +++ b/Kubernetes/Modules/Buerokratt-Chatbot/templates/job-backoffice-liquibase.yaml @@ -24,6 +24,19 @@ spec: volumeMounts: - name: liquibase mountPath: /app/DSL + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 10001 + resources: + limits: + cpu: "250m" + memory: "256Mi" - name: base-liquibase image: alpine/git:2.36.3 volumeMounts: @@ -42,9 +55,24 @@ spec: ls /root/DSL env: - name: DSL_REPO - value: {{ .Values.images.liquibase.dsl.repo }} + value: "{{ .Values.images.liquibase.dsl.repo }}" - name: DSL_PATH - value: {{ .Values.images.liquibase.dsl.path }} + value: "{{ .Values.images.liquibase.dsl.path }}" + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - CHOWN + drop: + - ALL + privileged: false + readOnlyRootFilesystem: false + # runAsNonRoot: true + # runAsUser: 10001 + resources: + limits: + cpu: "250m" + memory: "256Mi" containers: - name: byk-liquibase-update image: liquibase/liquibase:4.23.2 @@ -59,6 +87,19 @@ spec: volumeMounts: - name: base-liquibase mountPath: /DSL + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 10001 + resources: + limits: + cpu: "250m" + memory: "256Mi" - name: backoffice-liquibase image: liquibase/liquibase:4.23.2 command: ["/bin/sh"] @@ -72,11 +113,23 @@ spec: volumeMounts: - name: liquibase mountPath: /DSL/ + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 10001 + resources: + limits: + cpu: "250m" + memory: "256Mi" volumes: - - name: base-liquibase - emptyDir: {} - - name: liquibase - emptyDir: {} - restartPolicy: Never - + - name: base-liquibase + emptyDir: {} + - name: liquibase + emptyDir: {} + restartPolicy: Never \ No newline at end of file diff --git a/Kubernetes/Modules/Buerokratt-Chatbot/values.yaml b/Kubernetes/Modules/Buerokratt-Chatbot/values.yaml index 2080fe3..bde14f9 100644 --- a/Kubernetes/Modules/Buerokratt-Chatbot/values.yaml +++ b/Kubernetes/Modules/Buerokratt-Chatbot/values.yaml @@ -32,7 +32,7 @@ images: dsl: registry: "ghcr.io" repository: "buerokratt/buerokratt-dsl" - tag: "backoffice-module-pre-alpha-1.3.16" # Images (tags) are up to date, currently no changes needed + tag: "backoffice-module-pre-alpha-1.3.33" # Images (tags) are up to date, currently no changes needed liquibase: dsl: repo: https://github.com/buerokratt/Buerokratt-Chatbot.git @@ -54,7 +54,7 @@ env: REACT_APP_MONITORING_BASE_URL: "https://admin.test.buerokratt.ee/monitoring" # Change the domain name, leave subdomain and subpath same REACT_APP_SERVICE_ID: "conversations,settings,monitoring" REACT_APP_NOTIFICATION_NODE_URL: "https://ruuter.test.buerokratt.ee" # Change the domain name, leave subdomain and subpath same - +# REACT_APP_CSP: "upgrade-insecure-requests; default-src 'self'; font-src 'self' data:; img-src 'self' data:; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; connect-src 'self' https://ruuter.test.buerokratt.ee/v2/public/ https://tim.test.buerokratt.ee/ https://admin.test.buerokratt.ee/ https://ruuter.test.buerokratt.ee/v2/private/;" liquibase: jdbcUrl: "jdbc:postgresql://component-databases-users-db:5432/byk?user=byk" dbPassword: "01234" # Change password accordingly diff --git a/Kubernetes/Modules/Service-Module/templates/job-services-liquibase.yaml b/Kubernetes/Modules/Service-Module/templates/job-services-liquibase.yaml index 04c7823..fb571d8 100644 --- a/Kubernetes/Modules/Service-Module/templates/job-services-liquibase.yaml +++ b/Kubernetes/Modules/Service-Module/templates/job-services-liquibase.yaml @@ -7,7 +7,7 @@ metadata: "helm.sh/hook-weight": "1" "helm.sh/hook-delete-policy": before-hook-creation spec: - ttlSecondsAfterFinished: 120 +# ttlSecondsAfterFinished: 120 template: metadata: name: services-liquibase diff --git a/Kubernetes/Modules/Training-Module/templates/deployment-byk-training-gui.yaml b/Kubernetes/Modules/Training-Module/templates/deployment-byk-training-gui.yaml index 6f0fa63..bd3fd8b 100644 --- a/Kubernetes/Modules/Training-Module/templates/deployment-byk-training-gui.yaml +++ b/Kubernetes/Modules/Training-Module/templates/deployment-byk-training-gui.yaml @@ -37,6 +37,8 @@ spec: - name: config-volume mountPath: /app/.env.development subPath: env.development + # - name: rasa-training-data + # mountPath: /api/data env: - name: REACT_APP_RUUTER_API_URL value: "{{ .Values.env.REACT_APP_RUUTER_API_URL }}" @@ -100,7 +102,7 @@ spec: httpGet: path: / port: 3001 - initialDelaySeconds: 10 + initialDelaySeconds: 11 periodSeconds: 11 readinessProbe: httpGet: @@ -129,4 +131,7 @@ spec: - name: training-dsl persistentVolumeClaim: claimName: pvc-training-dsl + # - name: rasa-training-data + # persistentVolumeClaim: + # claimName: rasa-training-data diff --git a/Kubernetes/Modules/Training-Module/templates/job-training-liquibase.yaml b/Kubernetes/Modules/Training-Module/templates/job-training-liquibase.yaml index c622b53..dea2cfa 100644 --- a/Kubernetes/Modules/Training-Module/templates/job-training-liquibase.yaml +++ b/Kubernetes/Modules/Training-Module/templates/job-training-liquibase.yaml @@ -7,7 +7,7 @@ metadata: "helm.sh/hook-weight": "1" "helm.sh/hook-delete-policy": before-hook-creation spec: - ttlSecondsAfterFinished: 120 +# ttlSecondsAfterFinished: 120 template: metadata: name: training-liquibase diff --git a/Kubernetes/Modules/Training-Module/values.yaml b/Kubernetes/Modules/Training-Module/values.yaml index 9d1def8..540cd35 100644 --- a/Kubernetes/Modules/Training-Module/values.yaml +++ b/Kubernetes/Modules/Training-Module/values.yaml @@ -31,7 +31,7 @@ images: dsl: registry: "ghcr.io" repository: "buerokratt/buerokratt-dsl" - tag: "training-module-pre-alpha-1.4.30" # Images (tags) are up to date, currently no changes needed + tag: "training-module-pre-alpha-1.4.40" # Images (tags) are up to date, currently no changes needed pipelines: registry: "ghcr.io" repository: "varmoh/training-module" diff --git a/Kubernetes/Modules/Widget/templates/configmap-widget-index.yaml b/Kubernetes/Modules/Widget/templates/configmap-widget-index.yaml index 1b03c70..f2ce1ca 100644 --- a/Kubernetes/Modules/Widget/templates/configmap-widget-index.yaml +++ b/Kubernetes/Modules/Widget/templates/configmap-widget-index.yaml @@ -21,7 +21,7 @@ data: TIMEZONE: 'Europe/Tallinn', BEGIN: 0, END: 24, - DAYS: [1, 2, 3, 4, 5], + DAYS: [1, 2, 3, 4, 5, 6, 7], }, }; @@ -44,6 +44,6 @@ data: TIMEZONE: 'Europe/Tallinn', BEGIN: 0, END: 24, - DAYS: [1, 2, 3, 4, 5], + DAYS: [1, 2, 3, 4, 5, 6, 7], }, }; \ No newline at end of file diff --git a/Kubernetes/Modules/Widget/templates/deployment-byk-widget.yaml b/Kubernetes/Modules/Widget/templates/deployment-byk-widget.yaml index 291314b..e076d4e 100644 --- a/Kubernetes/Modules/Widget/templates/deployment-byk-widget.yaml +++ b/Kubernetes/Modules/Widget/templates/deployment-byk-widget.yaml @@ -15,6 +15,7 @@ spec: containers: - name: "{{ .Values.release_name }}" image: "{{ .Values.images.gui.registry }}/{{ .Values.images.gui.repository }}:{{ .Values.images.gui.tag }}" + imagePullPolicy: IfNotPresent ports: - containerPort: 80 name: http @@ -49,6 +50,7 @@ spec: limits: cpu: "250m" memory: "512Mi" + livenessProbe: tcpSocket: port: 80 @@ -75,3 +77,4 @@ spec: - name: cache emptyDir: medium: "" + diff --git a/Kubernetes/Modules/Widget/values.yaml b/Kubernetes/Modules/Widget/values.yaml index 20e4747..8579879 100644 --- a/Kubernetes/Modules/Widget/values.yaml +++ b/Kubernetes/Modules/Widget/values.yaml @@ -27,7 +27,7 @@ images: gui: registry: "ghcr.io" repository: "buerokratt/chat-widget" - tag: "pre-alpha-1.5.3" # Images (tags) are up to date, currently no changes needed + tag: "pre-alpha-sec-1.6.3" # Images (tags) are up to date, currently no changes needed dsl: registry: "ghcr.io" repository: "buerokratt/buerokratt-dsl" diff --git a/Kubernetes/Post-deploy/first-login/values.yaml b/Kubernetes/Post-deploy/first-login/values.yaml index 1d85cf4..7d1def1 100644 --- a/Kubernetes/Post-deploy/first-login/values.yaml +++ b/Kubernetes/Post-deploy/first-login/values.yaml @@ -23,10 +23,10 @@ ingress: release_name: "job-postdeploy-first-login" user: - login: "EE" # Use a test ID cde. In production replace with real ID code "Every login value must contain EE" + login: "EE30303039914" # Use a test ID cde. In production replace with real ID code "Every login value must contain EE" first_name: "Kustuta" last_name: "Kasutaja" - id_code: "EE" # Use a test ID cde. In production replace with real ID code "Every ID code value must contain EE" + id_code: "EE30303039914" # Use a test ID cde. In production replace with real ID code "Every ID code value must contain EE" display_name: "Kustutamiseks" # csa_title: "" # can be removed csa_email: "kustutamind@mail.ee" diff --git a/README.md b/README.md index f77cf7d..c2ecc82 100644 --- a/README.md +++ b/README.md @@ -15,6 +15,8 @@ git clone https://github.com/buerokratt/NoOps.git Change directory `cd Buerokratt-NoOps` +Change into `` branch +`git checkout ` branch `git checkout -p component-byk-dmapper component-byk-ruuter module-byk-widget` +- example `./deploy-kube.sh -n -p component-byk-dmapper component-byk-ruuter module-byk-widget` - `./remove-kube.sh` will uninstall all the running pods under the given namespace. if the `-p` is left blank, it uninstalls all the pods in given namespace - Postdeploy chart names - `pipeline` `first-login` `dmapperv1` `byk-bot` ``` @@ -76,6 +84,20 @@ Important Notes: bash post-deploy-kube.sh -n -r dmapperv1 -c dmapperv1 ``` +- Postdeploy chart names - `pipeline` `first-login` `dmapperv1` `byk-bot` + ``` + bash post-deploy-kube.sh -n -r pipeline -c pipeline + ``` + ``` + bash post-deploy-kube.sh -n -r first-login -c first-login + ``` + ``` + bash post-deploy-kube.sh -n -r byk-bot -c byk-bot + ``` + ``` + bash post-deploy-kube.sh -n -r dmapperv1 -c dmapperv1 + ``` + - `post-deploy-kube.sh` is for deploying the standalone singular deployments, that do not fit under components or modules. They are to be run as singular k8s jobs. Currently there are 4 deployments, if more will be put in there, make appropriate changes in the script. Example - new Post-deployment chart `test` path `../../Kubernetes/Post-deploy/test` update script with following