feat: add helm chart for deployment to k8s
This commit is contained in:
		
							parent
							
								
									917376899c
								
							
						
					
					
						commit
						bb1a9403bb
					
				
					 14 changed files with 218 additions and 1 deletions
				
			
		|  | @ -5,7 +5,7 @@ stages: | ||||||
|   - test |   - test | ||||||
|   - build |   - build | ||||||
| 
 | 
 | ||||||
| test: | test:go: | ||||||
|   stage: test |   stage: test | ||||||
|   image: golang:alpine |   image: golang:alpine | ||||||
|   variables: |   variables: | ||||||
|  | @ -26,6 +26,13 @@ test: | ||||||
|         coverage_format: cobertura |         coverage_format: cobertura | ||||||
|         path: coverage.xml |         path: coverage.xml | ||||||
| 
 | 
 | ||||||
|  | test:helm: | ||||||
|  |   stage: test | ||||||
|  |   image: chainguard/helm:latest | ||||||
|  |   script: | ||||||
|  |     - helm lint ./deploy | ||||||
|  |     - helm template ./deploy --values deploy/values.test.yaml | ||||||
|  | 
 | ||||||
| build:httpserver: | build:httpserver: | ||||||
|   stage: build |   stage: build | ||||||
|   variables: |   variables: | ||||||
|  |  | ||||||
							
								
								
									
										4
									
								
								deploy/Chart.yaml
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								deploy/Chart.yaml
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,4 @@ | ||||||
|  | apiVersion: v2 | ||||||
|  | name: yggdrasil | ||||||
|  | description: A Helm chart for Kubernetes | ||||||
|  | version: 0.0.0 | ||||||
							
								
								
									
										3
									
								
								deploy/templates/NOTES.txt
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								deploy/templates/NOTES.txt
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | {{- if .Values.ingress.enabled }} | ||||||
|  | URL: https://{{ .Values.ingress.host }} | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										5
									
								
								deploy/templates/_helpers.tpl
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										5
									
								
								deploy/templates/_helpers.tpl
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,5 @@ | ||||||
|  | {{- define "imagePullSecret" }} | ||||||
|  | {{- with .Values.imageCredentials }} | ||||||
|  | {{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" .registry .username .password .email (printf "%s:%s" .username .password | b64enc) | b64enc }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										8
									
								
								deploy/templates/config.yaml
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										8
									
								
								deploy/templates/config.yaml
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,8 @@ | ||||||
|  | apiVersion: v1 | ||||||
|  | kind: ConfigMap | ||||||
|  | metadata: | ||||||
|  |   name: {{ .Release.Name }} | ||||||
|  | data: | ||||||
|  |   APP_ENV: "production" | ||||||
|  |   APP_PORT: {{ .Values.config.port | quote }} | ||||||
|  |   DATABASE_URL_FILE: "/etc/yggdrasil/secrets/database_url.txt" | ||||||
							
								
								
									
										62
									
								
								deploy/templates/deployment.yaml
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										62
									
								
								deploy/templates/deployment.yaml
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,62 @@ | ||||||
|  | apiVersion: apps/v1 | ||||||
|  | kind: Deployment | ||||||
|  | metadata: | ||||||
|  |   name: {{ .Release.Name }} | ||||||
|  |   labels: | ||||||
|  |     app.kubernetes.io/name: {{ .Chart.Name }} | ||||||
|  |     app.kubernetes.io/instance: {{ .Release.Name }} | ||||||
|  |     app.kubernetes.io/component: "backend-api" | ||||||
|  | spec: | ||||||
|  |   replicas: {{ .Values.replicas }} | ||||||
|  |   strategy: | ||||||
|  |     type: RollingUpdate | ||||||
|  |     rollingUpdate: | ||||||
|  |       maxSurge: 0 | ||||||
|  |       maxUnavailable: 1 | ||||||
|  |   selector: | ||||||
|  |     matchLabels: | ||||||
|  |       app.kubernetes.io/name: {{ .Chart.Name }} | ||||||
|  |       app.kubernetes.io/instance: {{ .Release.Name }} | ||||||
|  |       app.kubernetes.io/component: "backend-api" | ||||||
|  |   template: | ||||||
|  |     metadata: | ||||||
|  |       annotations: | ||||||
|  |         checksum/config: {{ include (print $.Template.BasePath "/config.yaml") . | sha256sum }} | ||||||
|  |         checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }} | ||||||
|  |       labels: | ||||||
|  |         app.kubernetes.io/name: {{ .Chart.Name }} | ||||||
|  |         app.kubernetes.io/instance: {{ .Release.Name }} | ||||||
|  |         app.kubernetes.io/component: "backend-api" | ||||||
|  |     spec: | ||||||
|  |       automountServiceAccountToken: false | ||||||
|  |       imagePullSecrets: | ||||||
|  |         - name: {{ .Release.Name }} | ||||||
|  |       containers: | ||||||
|  |         - name: {{ .Chart.Name }} | ||||||
|  |           image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" | ||||||
|  |           imagePullPolicy: Always | ||||||
|  |           ports: | ||||||
|  |             - name: {{ .Values.service.port.name }} | ||||||
|  |               containerPort: {{ .Values.config.port }} | ||||||
|  |               protocol: TCP | ||||||
|  | #          livenessProbe: | ||||||
|  | #            httpGet: | ||||||
|  | #              path: /livez | ||||||
|  | #              port: {{ .Values.service.port.name }} | ||||||
|  | #          readinessProbe: | ||||||
|  | #            httpGet: | ||||||
|  | #              path: /readyz | ||||||
|  | #              port: {{ .Values.service.port.name }} | ||||||
|  |           resources: | ||||||
|  |             {{- toYaml .Values.resources | nindent 12 }} | ||||||
|  |           envFrom: | ||||||
|  |             - configMapRef: | ||||||
|  |                 name: {{ .Release.Name }} | ||||||
|  |           volumeMounts: | ||||||
|  |             - mountPath: /etc/yggdrasil/secrets | ||||||
|  |               name: secrets | ||||||
|  |               readOnly: true | ||||||
|  |       volumes: | ||||||
|  |         - name: secrets | ||||||
|  |           secret: | ||||||
|  |             secretName: {{ .Release.Name }} | ||||||
							
								
								
									
										10
									
								
								deploy/templates/image-pull-secret.yaml
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										10
									
								
								deploy/templates/image-pull-secret.yaml
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,10 @@ | ||||||
|  | apiVersion: v1 | ||||||
|  | kind: Secret | ||||||
|  | metadata: | ||||||
|  |   name: {{ .Release.Name }} | ||||||
|  |   annotations: | ||||||
|  |     "helm.sh/hook": pre-install | ||||||
|  |     "helm.sh/hook-weight": "-99" | ||||||
|  | type: kubernetes.io/dockerconfigjson | ||||||
|  | data: | ||||||
|  |   .dockerconfigjson: {{ template "imagePullSecret" . }} | ||||||
							
								
								
									
										28
									
								
								deploy/templates/ingress.yaml
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										28
									
								
								deploy/templates/ingress.yaml
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,28 @@ | ||||||
|  | {{- if .Values.ingress.enabled -}} | ||||||
|  | apiVersion: networking.k8s.io/v1 | ||||||
|  | kind: Ingress | ||||||
|  | metadata: | ||||||
|  |   name: {{ .Release.Name }} | ||||||
|  |   annotations: | ||||||
|  |     {{- if .Values.ingress.annotations }} | ||||||
|  |     {{- toYaml .Values.ingress.annotations | nindent 8 }} | ||||||
|  |     {{- end }} | ||||||
|  | spec: | ||||||
|  |   ingressClassName: {{ .Values.ingress.className }} | ||||||
|  |   tls: | ||||||
|  |     - hosts: | ||||||
|  |         - {{ .Values.ingress.host | quote }} | ||||||
|  |       secretName: {{ .Release.Name }}-ingress-tls | ||||||
|  | 
 | ||||||
|  |   rules: | ||||||
|  |     - host: {{ .Values.ingress.host | quote }} | ||||||
|  |       http: | ||||||
|  |         paths: | ||||||
|  |           - path: {{ .Values.ingress.path }} | ||||||
|  |             pathType: {{ .Values.ingress.pathType }} | ||||||
|  |             backend: | ||||||
|  |               service: | ||||||
|  |                 name: {{ .Release.Name }} | ||||||
|  |                 port: | ||||||
|  |                   name: {{ .Values.service.port.name }} | ||||||
|  | {{- end -}} | ||||||
							
								
								
									
										11
									
								
								deploy/templates/poddisruptionbudget.yaml
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										11
									
								
								deploy/templates/poddisruptionbudget.yaml
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,11 @@ | ||||||
|  | apiVersion: policy/v1 | ||||||
|  | kind: PodDisruptionBudget | ||||||
|  | metadata: | ||||||
|  |   name: {{ .Release.Name }} | ||||||
|  | spec: | ||||||
|  |   minAvailable: 1 | ||||||
|  |   selector: | ||||||
|  |     matchLabels: | ||||||
|  |       app.kubernetes.io/name: {{ .Chart.Name }} | ||||||
|  |       app.kubernetes.io/instance: {{ .Release.Name }} | ||||||
|  |       app.kubernetes.io/component: "backend-api" | ||||||
							
								
								
									
										7
									
								
								deploy/templates/secrets.yaml
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										7
									
								
								deploy/templates/secrets.yaml
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,7 @@ | ||||||
|  | apiVersion: v1 | ||||||
|  | kind: Secret | ||||||
|  | metadata: | ||||||
|  |   name: {{ .Release.Name }} | ||||||
|  | stringData: | ||||||
|  |   database_url.txt: | | ||||||
|  |     {{ .Values.config.database.url }} | ||||||
							
								
								
									
										14
									
								
								deploy/templates/service.yaml
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										14
									
								
								deploy/templates/service.yaml
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,14 @@ | ||||||
|  | apiVersion: v1 | ||||||
|  | kind: Service | ||||||
|  | metadata: | ||||||
|  |   name: {{ .Release.Name }} | ||||||
|  | spec: | ||||||
|  |   type: {{ .Values.service.type }} | ||||||
|  |   ports: | ||||||
|  |     - port: {{ .Values.service.port.number }} | ||||||
|  |       targetPort: {{ .Values.service.port.number }} | ||||||
|  |       protocol: TCP | ||||||
|  |       name: {{ .Values.service.port.name }} | ||||||
|  |   selector: | ||||||
|  |     app.kubernetes.io/name: {{ .Chart.Name }} | ||||||
|  |     app.kubernetes.io/instance: {{ .Release.Name }} | ||||||
							
								
								
									
										8
									
								
								deploy/values.staging.yaml
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										8
									
								
								deploy/values.staging.yaml
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,8 @@ | ||||||
|  | ingress: | ||||||
|  |   enabled: true | ||||||
|  |   host: staging.yggdrasil.vmdevel.cz | ||||||
|  |   annotations: | ||||||
|  |     cert-manager.io/cluster-issuer: letsencrypt-prod | ||||||
|  |     cert-manager.io/issuer: letsencrypt-prod | ||||||
|  | 
 | ||||||
|  | replicas: 2 | ||||||
							
								
								
									
										12
									
								
								deploy/values.test.yaml
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										12
									
								
								deploy/values.test.yaml
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,12 @@ | ||||||
|  | ingress: | ||||||
|  |   enabled: true | ||||||
|  |   host: yggdrasil.example.com | ||||||
|  |   annotations: | ||||||
|  |     cert-manager.io/cluster-issuer: letsencrypt-prod | ||||||
|  |     cert-manager.io/issuer: letsencrypt-prod | ||||||
|  | 
 | ||||||
|  | replicas: 2 | ||||||
|  | 
 | ||||||
|  | config: | ||||||
|  |   database: | ||||||
|  |     url: postgres://user:pass@127.0.0.1:5432/db?sslmode=disable | ||||||
							
								
								
									
										38
									
								
								deploy/values.yaml
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										38
									
								
								deploy/values.yaml
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,38 @@ | ||||||
|  | replicas: 1 | ||||||
|  | 
 | ||||||
|  | image: | ||||||
|  |   repository: registry.mareshq.com/hq/yggdrasil/httpserver | ||||||
|  |   tag: latest | ||||||
|  | 
 | ||||||
|  | imageCredentials: | ||||||
|  |   registry: registry.mareshq.com | ||||||
|  |   email: nobody@mareshq.com | ||||||
|  |   username: someone | ||||||
|  |   password: sillyness | ||||||
|  | 
 | ||||||
|  | ingress: | ||||||
|  |   enabled: false | ||||||
|  |   host: example.com | ||||||
|  |   className: nginx | ||||||
|  |   path: / | ||||||
|  |   pathType: Prefix | ||||||
|  |   annotations: {} | ||||||
|  | 
 | ||||||
|  | service: | ||||||
|  |   type: ClusterIP | ||||||
|  |   port: | ||||||
|  |     name: http | ||||||
|  |     number: 80 | ||||||
|  | 
 | ||||||
|  | resources: | ||||||
|  |    limits: | ||||||
|  |      cpu: 250m | ||||||
|  |      memory: 512Mi | ||||||
|  |    requests: | ||||||
|  |      cpu: 100m | ||||||
|  |      memory: 128Mi | ||||||
|  | 
 | ||||||
|  | config: | ||||||
|  |   port: 8080 | ||||||
|  |   database: | ||||||
|  |     url: | ||||||
		Reference in a new issue