[SIS-xxx] introducing helm chart

restructuring
2026-01-26 19:21:43 +00:00 · 2023-08-27 23:04:42 +02:00
parent 30d45952be
commit d65f6d380f
60 changed files with 1955 additions and 3246 deletions
--- a/deployment/helm/sissi/templates/_helpers.tpl
+++ b/deployment/helm/sissi/templates/_helpers.tpl
@@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "sissi.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "sissi.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "sissi.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "sissi.labels" -}}
+helm.sh/chart: {{ include "sissi.chart" . }}
+{{ include "sissi.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "sissi.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "sissi.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "sissi.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "sissi.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
--- a/deployment/helm/sissi/templates/api-keys.yaml
+++ b/deployment/helm/sissi/templates/api-keys.yaml
@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: api-keys
+data:
+  discordToken: {{ $.Values.apiKeys.discord.token | b64enc }} # b64enc is needed, because a stringData secret field cannot hold numeric values
+  youtubeApiKey: {{ $.Values.apiKeys.youtube.apiKey | b64enc }}
+  twitchClientId: {{ $.Values.apiKeys.twitch.clientId | b64enc }}
+  twitchSecret: {{ $.Values.apiKeys.twitch.secret | b64enc }}
+  openWeatherMapApiKey: {{ $.Values.apiKeys.openWeatherMap.apiKey | b64enc }}
--- a/deployment/helm/sissi/templates/db-config-deployment-job.yaml
+++ b/deployment/helm/sissi/templates/db-config-deployment-job.yaml
@@ -0,0 +1,69 @@
+{{- if .Values.dbConfigDeployment.enabled -}}
+apiVersion: batch/v1
+kind: Job
+metadata:
+{{- $deploymentJobName := print ((include "sissi.fullname" .) | trunc 39) "-db-config-deployment-job" }}
+  name: {{ $deploymentJobName | trunc 63 }}
+  annotations:
+    "helm.sh/hook": post-install
+    "helm.sh/hook-weight": "-5"
+    "helm.sh/hook-delete-policy": hook-succeeded
+spec:
+  template:
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      containers:
+        - name: db-config-deployment-job
+          image: "{{ $.Values.dbConfigDeployment.repository }}/{{ $.Values.dbConfigDeployment.image }}:{{ $.Values.dbConfigDeployment.tag | default .Chart.AppVersion}}"
+          imagePullPolicy: {{ $.Values.dbConfigDeployment.pullPolicy }}
+          args:
+            - "/var/db-config/"
+          env:
+            - name: DB_PASS
+              valueFrom:
+                secretKeyRef:
+                  name: db-credentials
+                  key: dbPassword
+            - name: DB_HOST
+              valueFrom:
+                secretKeyRef:
+                  name: db-credentials
+                  key: dbHost
+            - name: DB_PORT
+              valueFrom:
+                secretKeyRef:
+                  name: db-credentials
+                  key: dbPort
+            - name: DB_USER
+              valueFrom:
+                secretKeyRef:
+                  name: db-credentials
+                  key: dbUser
+            - name: DB_NAME
+              valueFrom:
+                secretKeyRef:
+                  name: db-credentials
+                  key: dbName
+            - name: DB_SCHEME
+              value: "abstracto"
+          volumeMounts:
+            - mountPath: "/var/db-config/"
+              name: database-config-mount
+      restartPolicy: Never
+      initContainers:
+        - name: database-config-data
+          image: "{{ $.Values.dbConfigDeploymentData.repository }}/{{ $.Values.dbConfigDeploymentData.image }}:{{ $.Values.dbConfigDeploymentData.tag | default .Chart.AppVersion}}"
+          imagePullPolicy: {{ $.Values.dbConfigDeploymentData.pullPolicy }}
+          volumeMounts:
+            - mountPath: "/var/run-config"
+              name: database-config-mount
+      volumes:
+        - name: database-config-mount
+          emptyDir: {}
+  backoffLimit: 4
+{{- end }}
+
+
--- a/deployment/helm/sissi/templates/db-credentials.yaml
+++ b/deployment/helm/sissi/templates/db-credentials.yaml
@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: db-credentials
+data:
+  dbPassword: {{ $.Values.dbCredentials.password | b64enc }} # b64enc is needed, because a stringData secret field cannot hold numeric values
+  dbUser: {{ $.Values.dbCredentials.userName | b64enc }}
+  dbHost: {{ $.Values.dbCredentials.host | b64enc }}
+  dbPort: {{ $.Values.dbCredentials.port | b64enc }}
+  dbName: {{ $.Values.dbCredentials.name | b64enc }}
--- a/deployment/helm/sissi/templates/deployment.yaml
+++ b/deployment/helm/sissi/templates/deployment.yaml
@@ -0,0 +1,116 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "sissi.fullname" . }}
+  labels:
+    {{- include "sissi.labels" . | nindent 4 }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      {{- include "sissi.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "sissi.selectorLabels" . | nindent 8 }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "sissi.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      containers:
+        - name: {{ .Chart.Name }}
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: "{{ .Values.bot.repository }}/{{ .Values.bot.image }}:{{ .Values.bot.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.bot.pullPolicy }}
+          env:
+            - name: DB_PASS
+              valueFrom:
+                secretKeyRef:
+                  name: db-credentials
+                  key: dbPassword
+            - name: DB_HOST
+              valueFrom:
+                secretKeyRef:
+                  name: db-credentials
+                  key: dbHost
+            - name: DB_PORT
+              valueFrom:
+                secretKeyRef:
+                  name: db-credentials
+                  key: dbPort
+            - name: DB_USER
+              valueFrom:
+                secretKeyRef:
+                  name: db-credentials
+                  key: dbUser
+            - name: DB_NAME
+              valueFrom:
+                secretKeyRef:
+                  name: db-credentials
+                  key: dbName
+            - name: DEBRA_DONATION_NOTIFICATION_SERVER_ID
+              value: "297910194841583616"
+            - name: TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: api-keys
+                  key: discordToken
+            - name: YOUTUBE_API_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: api-keys
+                  key: youtubeApiKey
+            - name: OPEN_WEATHER_MAP_API_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: api-keys
+                  key: openWeatherMapApiKey
+            - name: TWITCH_CLIENT_ID
+              valueFrom:
+                secretKeyRef:
+                  name: api-keys
+                  key: twitchClientId
+            - name: TWITCH_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: api-keys
+                  key: twitchSecret
+          ports:
+            - name: http
+              containerPort: {{ .Values.service.port }}
+              protocol: TCP
+          livenessProbe:
+            httpGet:
+              path: /actuator/health/liveness
+              port: 8080
+            initialDelaySeconds: 60
+            periodSeconds: 3
+          readinessProbe:
+            httpGet:
+              path: /actuator/health/readiness
+              port: 8080
+            initialDelaySeconds: 60
+            periodSeconds: 3
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
--- a/deployment/helm/sissi/templates/grafana-credentials.yaml
+++ b/deployment/helm/sissi/templates/grafana-credentials.yaml
@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: grafana-credentials
+data:
+  dbPassword: {{ $.Values.dbCredentials.password | b64enc }} # b64enc is needed, because a stringData secret field cannot hold numeric values
+  dbUser: {{ $.Values.dbCredentials.userName | b64enc }}
+  dbHost: {{ $.Values.dbCredentials.host | b64enc }}
+  dbPort: {{ $.Values.dbCredentials.port | b64enc }}
+  dbName: {{ $.Values.dbCredentials.name | b64enc }}
--- a/deployment/helm/sissi/templates/grafana-dashboard-deployment.yaml
+++ b/deployment/helm/sissi/templates/grafana-dashboard-deployment.yaml
@@ -0,0 +1,42 @@
+{{- if $.Values.grafanaDeployment.enabled }}
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: grafana-dashboard-deployment-job
+  annotations:
+    "helm.sh/hook": post-install
+    "helm.sh/hook-weight": "-4"
+    "helm.sh/hook-delete-policy": hook-succeeded
+spec:
+  template:
+    spec:
+        {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      containers:
+        - name: template-deployment-job
+          image: "{{ $.Values.grafanaDeployment.repository }}/{{ $.Values.grafanaDeployment.image }}:{{ $.Values.grafanaDeployment.tag }}"
+          imagePullPolicy: {{ $.Values.grafanaDeployment.pullPolicy }}
+          args:
+            - "/var/userconfig"
+          volumeMounts:
+            - mountPath: "/var/userconfig"
+              name: grafana-dashboard-config
+              readOnly: true
+      volumes:
+        - name: grafana-dashboard-config
+          secret:
+            secretName: grafana-dashboard-config
+      restartPolicy: Never
+  backoffLimit: 4
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: grafana-dashboard-config
+data:
+  config.yaml: {{ (tpl (.Files.Get "configuration/grafana/config.yaml") . ) | b64enc }}
+  log-dashboard.json: {{ (tpl (.Files.Get "configuration/grafana/sissi-log-dashboard.json") . ) | b64enc }}
+  discord-dashboard.json: {{ (tpl (.Files.Get "configuration/grafana/sissi-discord-dashboard.json") . ) | b64enc }}
+{{- end }}
--- a/deployment/helm/sissi/templates/service.yaml
+++ b/deployment/helm/sissi/templates/service.yaml
@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "sissi.fullname" . }}
+  labels:
+    {{- include "sissi.labels" . | nindent 4 }}
+  {{- with .Values.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+  selector:
+    {{- include "sissi.selectorLabels" . | nindent 4 }}
--- a/deployment/helm/sissi/templates/serviceaccount.yaml
+++ b/deployment/helm/sissi/templates/serviceaccount.yaml
@@ -0,0 +1,12 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "sissi.serviceAccountName" . }}
+  labels:
+    {{- include "sissi.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
--- a/deployment/helm/sissi/templates/template-deployment-job.yaml
+++ b/deployment/helm/sissi/templates/template-deployment-job.yaml
@@ -0,0 +1,69 @@
+{{- if .Values.dbConfigDeployment.enabled -}}
+apiVersion: batch/v1
+kind: Job
+metadata:
+{{- $deploymentJobName := print ((include "sissi.fullname" .) | trunc 39) "-template-deployment-job" }}
+  name: {{ $deploymentJobName | trunc 63 }}
+  annotations:
+    "helm.sh/hook": post-install
+    "helm.sh/hook-weight": "-4"
+    "helm.sh/hook-delete-policy": hook-succeeded
+spec:
+  template:
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      containers:
+        - name: template-deployment-job
+          image: "{{ $.Values.templateDeployment.repository }}/{{ $.Values.templateDeployment.image }}:{{ $.Values.templateDeployment.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ $.Values.templateDeployment.pullPolicy }}
+          args:
+            - "/var/template-config/"
+          env:
+            - name: DB_PASS
+              valueFrom:
+                secretKeyRef:
+                  name: db-credentials
+                  key: dbPassword
+            - name: DB_HOST
+              valueFrom:
+                secretKeyRef:
+                  name: db-credentials
+                  key: dbHost
+            - name: DB_PORT
+              valueFrom:
+                secretKeyRef:
+                  name: db-credentials
+                  key: dbPort
+            - name: DB_USER
+              valueFrom:
+                secretKeyRef:
+                  name: db-credentials
+                  key: dbUser
+            - name: DB_NAME
+              valueFrom:
+                secretKeyRef:
+                  name: db-credentials
+                  key: dbName
+            - name: DB_SCHEME
+              value: "abstracto."
+          volumeMounts:
+            - mountPath: "/var/template-config/"
+              name: template-config-mount
+      initContainers:
+        - name: database-config-data
+          image: "{{ $.Values.templateDeploymentData.repository }}/{{ $.Values.templateDeploymentData.image }}:{{ $.Values.templateDeploymentData.tag | default .Chart.AppVersion}}"
+          imagePullPolicy: {{ $.Values.templateDeploymentData.pullPolicy }}
+          volumeMounts:
+            - mountPath: "/var/run-config"
+              name: template-config-mount
+      volumes:
+        - name: template-config-mount
+          emptyDir: {}
+      restartPolicy: Never
+  backoffLimit: 4
+{{- end }}
+
+