Commit a365297f authored by Volodymyr Kovalenko's avatar Volodymyr Kovalenko
Browse files

change helm template

parent 3e208e9b
Pipeline #27597 passed with stages
in 6 minutes and 55 seconds
__pycache__
.coverage*
cover-html
\ No newline at end of file
cover-html
helm/*/charts/*
\ No newline at end of file
......@@ -21,6 +21,9 @@ code-style-check:
helm-linter-check:
extends: .helm-lint-template
helm-kubeval:
extends: .helm-kubeval-template
build-new-image:
extends: .build-new-image-template
......@@ -28,7 +31,7 @@ build-helm-package:
extends: .build-helm-package-template
artifacts:
paths:
- registry-mirror-service-*.tgz
- registry-mirror-*.tgz
test-integration:
extends: .test-integration-template
......
PROJECT_NAME=registry-mirror-service
IMAGE ?= registry-mirror:develop
IMAGE_TEST ?= registry-mirror:develop-test
CHART_MUSEUM_URL ?= "https://helm.prozorro.sale/api/charts"
......@@ -87,19 +88,28 @@ publish-coverage:
docker cp $(CI_COMMIT_SHORT_SHA):/tmp/cover-html cover-html
docker rm -f $(CI_COMMIT_SHORT_SHA)
## Dependency update helm
helm-dependency-update:
@helm3 dependency update helm/$(PROJECT_NAME)
## Build helm
helm-build:
helm package helm/registry-mirror-service --app-version=$(GIT_STAMP) --version=$(GIT_STAMP)$(HELM_STAMP)
helm-build: helm-dependency-update
@helm3 package helm/$(PROJECT_NAME) --app-version=$(GIT_STAMP) --version=$(GIT_STAMP)$(HELM_STAMP)
## Check helm
helm-lint:
helm lint helm/registry-mirror-service
helm-lint: helm-dependency-update
@helm3 lint helm/$(PROJECT_NAME)
## Check helm-kubeval
validate-helm-charts-kubeval: helm-dependency-update
@helm3 kubeval --exit-on-error --strict --name-template=prozorro-dev-test --namespace=prozorro-dev-test helm/$(PROJECT_NAME)
## Publish helm
push-helm-package:
curl \
--user $(CHART_MUSEUM_USER):$(CHART_MUSEUM_PASS) \
--data-binary "@registry-mirror-service-$(GIT_STAMP)$(HELM_STAMP).tgz" \
--data-binary "@registry-mirror-$(GIT_STAMP)$(HELM_STAMP).tgz" \
$(CHART_MUSEUM_URL)
## Create tag
......
dependencies:
- name: prozorro-helm-template-chart
repository: https://helm.prozorro.sale
version: v0.1.0
digest: sha256:09fbdf7f15b1eeedc606c48a55a4fa6d5b873df39a83bdd2d156e9c49a1cfcbf
generated: "2021-09-14T11:46:29.336566+03:00"
apiVersion: v1
apiVersion: v2
appVersion: "1.0"
description: A Helm chart for Kubernetes
name: registry-mirror-service
description: The registry-mirror Helm chart for Kubernetes
name: registry-mirror
version: 0.1.0
dependencies:
- name: prozorro-helm-template-chart
version: 0.1.0
repository: https://helm.prozorro.sale
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "registry-mirror-service.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "registry-mirror-service.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "registry-mirror-service.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Common labels
*/}}
{{- define "registry-mirror-service.labels" -}}
app.kubernetes.io/name: {{ include "registry-mirror-service.name" . }}
helm.sh/chart: {{ include "registry-mirror-service.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{- $Context := dict "ArchitectComponent" "api" "Release" .Release "Chart" .Chart "Values" .Values.application.api "Global" . -}}
{{- include "prozorro-helm-template.base-http-app" $Context -}}
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "registry-mirror-service.fullname" . -}}
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
{{ include "registry-mirror-service.labels" . | indent 4 }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ . }}
backend:
serviceName: {{ $fullName }}
servicePort: http
{{- end }}
{{- end }}
{{- end }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "registry-mirror-service.fullname" . }}
labels:
{{ include "registry-mirror-service.labels" . | indent 4 }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
app.kubernetes.io/name: {{ include "registry-mirror-service.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
template:
metadata:
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "9091"
labels:
app.kubernetes.io/name: {{ include "registry-mirror-service.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
- name: registry-config
configMap:
name: {{ .Release.Name }}-registry-config
- name: secrets-volume
projected:
sources:
- secret:
name: registry-auth-file
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
command: ['python', '-m', 'registry_mirror.main']
ports:
- name: http
containerPort: 80
protocol: TCP
volumeMounts:
- name: registry-config
mountPath: /config/
- name: secrets-volume
mountPath: /secrets/
readOnly: true
livenessProbe:
httpGet:
path: /ping
port: http
timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
readinessProbe:
httpGet:
path: /ping
port: http
timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
{{- if .Values.startupProbe.enabled }}
startupProbe:
httpGet:
path: /ping
port: http
failureThreshold: {{ .Values.startupProbe.failureThreshold }}
periodSeconds: {{ .Values.startupProbe.periodSeconds }}
{{- end }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
env:
- name: MONGO_URL
value: 'mongodb://{{ .Release.Name }}-registry-mongo/?replicaSet=rs0&maxIdleTimeMS=60000'
- name: DOCUMENT_SERVICE_URL
value: {{.Values.document_service_url}}
- name: DICTIONARIES_URL
value: {{.Release.Name}}-{{.Values.dictionaries_and_classifiers_api}}
- name: AUTH_IP_BLOCK_STRICT
value: "{{ .Values.authApiBlockStrict }}"
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "registry-mirror-service.fullname" . }}
labels:
{{ include "registry-mirror-service.labels" . | indent 4 }}
spec:
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
app.kubernetes.io/name: {{ include "registry-mirror-service.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
# Default values for mirror-service.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 3
document_service_url: https://procedure-dev.prozorro.sale
dictionaries_and_classifiers_api: dictionaries-and-classifiers-api
authApiBlockStrict: '1'
imagePullSecrets: []
prometheus: true
image:
repository: registry-gitlab.prozorro.sale/prozorro-sale/registry-mirror
tag: latest
pullPolicy: Always
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
service:
type: ClusterIP
port: 80
application:
api:
enabled: true
command:
- python
args:
- -m
- registry_mirror.main
livenessProbe:
timeoutSeconds: 10
......@@ -30,18 +32,7 @@ startupProbe:
failureThreshold: 20
periodSeconds: 5
ingress:
enabled: false
hosts:
- host: mirror.localhost
paths:
- /
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits:
cpu: 1000m
memory: 1Gi
......@@ -49,12 +40,29 @@ resources:
cpu: 500m
memory: 512Mi
nodeSelector: {}
tolerations: []
env:
- name: MONGO_URL
value: 'mongodb://{{ .Release.Name }}-registry-mongo/?replicaSet=rs0&maxIdleTimeMS=60000'
- name: DOCUMENT_SERVICE_URL
value: "{{.Values.document_service_url}}"
- name: DICTIONARIES_URL
value: "{{.Release.Name}}-{{.Values.dictionaries_and_classifiers_api}}"
- name: AUTH_IP_BLOCK_STRICT
value: "{{ .Values.authApiBlockStrict }}"
affinity: {}
volumes:
- name: registry-config
configMap:
name: "{{ .Release.Name }}-registry-config"
- name: secrets-volume
projected:
sources:
- secret:
name: registry-auth-file
document_service_url: https://procedure-dev.prozorro.sale
dictionaries_and_classifiers_api: dictionaries-and-classifiers-api
authApiBlockStrict: '1'
volumeMounts:
- name: registry-config
mountPath: /config/
- name: secrets-volume
mountPath: /secrets/
readOnly: true
\ No newline at end of file
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment