freezer/mareshq-backoffice-v3-api
Archived
1
0
Fork 0
Code Activity

feat: add helm chart for deploying the app on k8s

Browse source
This commit is contained in:
Vojtěch Mareš 2024-10-10 21:30:23 +02:00
parent aaa1eff0fe
commit cbaa5272ef
Signed by: vojtech.mares
GPG key ID: C6827B976F17240D
13 changed files with 261 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
deploy/k8s/templates/NOTES.txt Normal file
View file

@ -0,0 +1,3 @@
{{- if .Values.ingress.enabled }}
URL: https://{{ .Values.ingress.host }}
{{- end }}

8
deploy/k8s/templates/config.yaml Normal file
View file

@ -0,0 +1,8 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}
data:
APP_ENV: "production"
APP_PORT: {{ .Values.config.port | quote }}
DATABASE_URL_FILE: "/etc/backoffice-api/secrets/database_url"

65
deploy/k8s/templates/deployment.yaml Normal file
View file

@ -0,0 +1,65 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}
labels:
app.kubernetes.io/name: {{ .Chart.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: "backend-api"
spec:
replicas: {{ .Values.replicas }}
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
selector:
matchLabels:
app.kubernetes.io/name: {{ .Chart.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: "backend-api"
template:
metadata:
annotations:
checksum/config: {{ include (print $.Template.BasePath "/config.yaml") . | sha256sum }}
checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }}
labels:
app.kubernetes.io/name: {{ .Chart.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: "backend-api"
spec:
automountServiceAccountToken: false
{{- with .Values.image.pullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: api
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: Always
ports:
- name: {{ .Values.service.port.name }}
containerPort: {{ .Values.config.port }}
protocol: TCP
# livenessProbe:
# httpGet:
# path: /livez
# port: {{ .Values.service.port.name }}
# readinessProbe:
# httpGet:
# path: /readyz
# port: {{ .Values.service.port.name }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
envFrom:
- configMapRef:
name: {{ .Release.Name }}
volumeMounts:
- mountPath: /etc/backoffice-api/secrets
name: secrets
readOnly: true
volumes:
- name: secrets
secret:
secretName: {{ .Release.Name }}

27
deploy/k8s/templates/ingress.yaml Normal file
View file

@ -0,0 +1,27 @@
{{- if .Values.api.ingress.enabled -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ .Release.Name }}
annotations:
{{- if .Values.ingress.annotations }}
{{- toYaml .Values.ingress.annotations | nindent 8 }}
{{- end }}
spec:
ingressClassName: {{ .Values.ingress.className }}
tls:
- hosts:
- {{ .Values.ingress.host | quote }}
secretName: {{ .Release.Name }}-ingress-tls
rules:
- host: {{ .Values.ingress.host | quote }}
http:
paths:
- path: {{ .Values.ingress.path }}
pathType: {{ .Values.ingress.pathType }}
backend:
service:
name: {{ .Release.Name }}
port:
name: {{ .Values.service.port.name }}
{{- end -}}

46
deploy/k8s/templates/migration-job.yaml Normal file
View file

@ -0,0 +1,46 @@
apiVersion: batch/v1
kind: Job
metadata:
name: {{ .Release.Name }}-migrations-{{ now | unixEpoch }}
labels:
app.kubernetes.io/name: {{ .Chart.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: "database-migrations"
batch.kubernetes.io/job-name: {{ .Release.Name }}-migrations-{{ now | unixEpoch }}
spec:
ttlSecondsAfterFinished: 604800 # 1 week in seconds
template:
metadata:
labels:
app.kubernetes.io/name: {{ .Chart.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: "database-migrations"
batch.kubernetes.io/job-name: {{ .Release.Name }}-migrations-{{ now | unixEpoch }}
spec:
automountServiceAccountToken: false
{{- with .Values.migrations.image.pullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: migrations
image: "{{ .Values.migrations.image.repository }}:{{ .Values.migrations.image.tag }}"
command: ["/bin/ash"]
args:
- -c
- |
migrate -path /srv/migrations -database $(cat /etc/backoffice-api/secrets/database_url) up
{{- with .Values.migrations.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
volumeMounts:
- mountPath: /etc/backoffice-api/secrets
name: secrets
readOnly: true
volumes:
- name: secrets
secret:
secretName: {{ .Release.Name }}-migrations
restartPolicy: Never
backoffLimit: 0

7
deploy/k8s/templates/migration-secrets.yaml Normal file
View file

@ -0,0 +1,7 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ .Release.Name }}-migrations
stringData:
database_url: |
{{ .Values.migrations.config.databaseURL }}

13
deploy/k8s/templates/poddisruptionbudget.yaml Normal file
View file

@ -0,0 +1,13 @@
{{- if gt (.Values.replicas | int) 1 -}}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ .Release.Name }}
spec:
minAvailable: 1
selector:
matchLabels:
app.kubernetes.io/name: {{ .Chart.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: "backend-api"
{{- end -}}

7
deploy/k8s/templates/secrets.yaml Normal file
View file

@ -0,0 +1,7 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ .Release.Name }}
stringData:
database_url: |
{{ .Values.config.databaseURL }}

15
deploy/k8s/templates/service.yaml Normal file
View file

@ -0,0 +1,15 @@
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}
spec:
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.port.number }}
targetPort: {{ .Values.service.port.name }}
protocol: TCP
name: {{ .Values.service.port.name }}
selector:
app.kubernetes.io/name: {{ .Chart.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: "backend-api"