From d7619785783f6616b23813562c65478c333154cf Mon Sep 17 00:00:00 2001 From: Andrea Borghi Date: Wed, 1 Feb 2023 16:07:57 +0100 Subject: [PATCH] cleanup a bit the qwc-data storage stuff --- Chart.yaml | 4 +- Makefile | 4 +- tests/expected.yaml | 69 +----------- tests/values-emptydir.yaml | 215 +++++++++++++++++++++++++++++++++++++ values.yaml | 11 +- 5 files changed, 226 insertions(+), 77 deletions(-) create mode 100644 tests/values-emptydir.yaml diff --git a/Chart.yaml b/Chart.yaml index bd6e848..ec4caa0 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -7,8 +7,8 @@ dependencies: - name: custom-pod repository: https://camptocamp.github.io/helm-custom-pod/ alias: qgis - version: 0.4.2 + version: 0.4.3 - name: custom-pod repository: https://camptocamp.github.io/helm-custom-pod/ alias: qwc - version: 0.4.2 + version: 0.4.3 diff --git a/Makefile b/Makefile index 5f9e594..7b015fa 100644 --- a/Makefile +++ b/Makefile @@ -1,8 +1,8 @@ HELM ?= helm gen-expected: - ${HELM} template --namespace=default qwc . > tests/expected.yaml || \ - ${HELM} template --debug --namespace=default qwc . + ${HELM} template --namespace=default --values=tests/values-emptydir.yaml qwc . > tests/expected.yaml || \ + ${HELM} template --debug --namespace=default --values=tests/values-emptydir.yaml qwc . sed -i 's/[[:blank:]]\+$$//g' tests/expected.yaml #start-local: diff --git a/tests/expected.yaml b/tests/expected.yaml index 49888b7..a8a1ada 100644 --- a/tests/expected.yaml +++ b/tests/expected.yaml @@ -249,7 +249,7 @@ data: # retrieve the secret data using lookup function and when not exists, return an empty dictionary / map as result # set $jwtSecret to existing secret data or generate a random one when not exists # generate 32 chars long random string, base64 encode it and then double-quote the result string. - JWT_SECRET_KEY: "TkRaTVJGQlBVbVExUmpoMGRtaExiVEZNYTJkNVozbG5OVlZIVEdOUFVrND0=" + JWT_SECRET_KEY: "Wm5sMmNtMUdObVpOY2pKeWN6Y3lVR0pQTlhGWFNHWlNSMlpWZWtWcGJtRT0=" --- # Source: qwc/templates/pg-conf-secret.yaml apiVersion: v1 @@ -265,7 +265,7 @@ data: apiVersion: v1 kind: Service metadata: - name: qwc-qgis-qgis-serv + name: qwc-qgis-server labels: helm.sh/chart: qgis app.kubernetes.io/version: "1.0" @@ -667,14 +667,6 @@ spec: name: v-qwc-data readOnly: true subPath: qgs-resources - - mountPath: /srv/pg_service.conf - name: pg-service-conf-secret - readOnly: true - subPath: pg_service.conf - - mountPath: /srv/qwc_service/config - name: v-qwc-data - readOnly: true - subPath: config ports: - name: http @@ -687,10 +679,6 @@ spec: - key: pg_service_conf path: pg_service.conf secretName: pg-service-conf-secret - - name: v-qwc-data - persistentVolumeClaim: - claimName: pvc-qwc-data - readOnly: true --- # Source: qwc/charts/qwc/templates/deployment.yaml apiVersion: apps/v1 @@ -760,7 +748,6 @@ spec: subPath: pg_service.conf - mountPath: /srv/qwc_service/config name: v-qwc-data - readOnly: true subPath: config ports: @@ -843,7 +830,6 @@ spec: subPath: pg_service.conf - mountPath: /srv/qwc_service/config name: v-qwc-data - readOnly: true subPath: config ports: @@ -858,10 +844,6 @@ spec: - key: pg_service_conf path: pg_service.conf secretName: pg-service-conf-secret - - name: v-qwc-data - persistentVolumeClaim: - claimName: pvc-qwc-data - readOnly: true --- # Source: qwc/charts/qwc/templates/deployment.yaml apiVersion: apps/v1 @@ -931,7 +913,6 @@ spec: subPath: pg_service.conf - mountPath: /srv/qwc_service/config name: v-qwc-data - readOnly: true subPath: config - mountPath: /srv/qwc_service/config-in name: v-qwc-data @@ -1021,7 +1002,6 @@ spec: subPath: pg_service.conf - mountPath: /srv/qwc_service/config name: v-qwc-data - readOnly: true subPath: config ports: @@ -1036,10 +1016,6 @@ spec: - key: pg_service_conf path: pg_service.conf secretName: pg-service-conf-secret - - name: v-qwc-data - persistentVolumeClaim: - claimName: pvc-qwc-data - readOnly: true --- # Source: qwc/charts/qwc/templates/deployment.yaml apiVersion: apps/v1 @@ -1101,7 +1077,6 @@ spec: subPath: pg_service.conf - mountPath: /srv/qwc_service/config name: v-qwc-data - readOnly: true subPath: config ports: @@ -1116,10 +1091,6 @@ spec: - key: pg_service_conf path: pg_service.conf secretName: pg-service-conf-secret - - name: v-qwc-data - persistentVolumeClaim: - claimName: pvc-qwc-data - readOnly: true --- # Source: qwc/charts/qwc/templates/deployment.yaml apiVersion: apps/v1 @@ -1179,7 +1150,6 @@ spec: subPath: pg_service.conf - mountPath: /srv/qwc_service/config name: v-qwc-data - readOnly: true subPath: config ports: @@ -1194,10 +1164,6 @@ spec: - key: pg_service_conf path: pg_service.conf secretName: pg-service-conf-secret - - name: v-qwc-data - persistentVolumeClaim: - claimName: pvc-qwc-data - readOnly: true --- # Source: qwc/charts/qwc/templates/deployment.yaml apiVersion: apps/v1 @@ -1259,7 +1225,6 @@ spec: subPath: pg_service.conf - mountPath: /srv/qwc_service/config name: v-qwc-data - readOnly: true subPath: config ports: @@ -1274,10 +1239,6 @@ spec: - key: pg_service_conf path: pg_service.conf secretName: pg-service-conf-secret - - name: v-qwc-data - persistentVolumeClaim: - claimName: pvc-qwc-data - readOnly: true --- # Source: qwc/charts/qwc/templates/deployment.yaml apiVersion: apps/v1 @@ -1339,7 +1300,6 @@ spec: subPath: pg_service.conf - mountPath: /srv/qwc_service/config name: v-qwc-data - readOnly: true subPath: config ports: @@ -1354,10 +1314,6 @@ spec: - key: pg_service_conf path: pg_service.conf secretName: pg-service-conf-secret - - name: v-qwc-data - persistentVolumeClaim: - claimName: pvc-qwc-data - readOnly: true --- # Source: qwc/charts/qwc/templates/deployment.yaml apiVersion: apps/v1 @@ -1417,7 +1373,6 @@ spec: subPath: pg_service.conf - mountPath: /srv/qwc_service/config name: v-qwc-data - readOnly: true subPath: config ports: @@ -1432,10 +1387,6 @@ spec: - key: pg_service_conf path: pg_service.conf secretName: pg-service-conf-secret - - name: v-qwc-data - persistentVolumeClaim: - claimName: pvc-qwc-data - readOnly: true --- # Source: qwc/charts/qwc/templates/deployment.yaml apiVersion: apps/v1 @@ -1497,7 +1448,6 @@ spec: subPath: pg_service.conf - mountPath: /srv/qwc_service/config name: v-qwc-data - readOnly: true subPath: config ports: @@ -1512,10 +1462,6 @@ spec: - key: pg_service_conf path: pg_service.conf secretName: pg-service-conf-secret - - name: v-qwc-data - persistentVolumeClaim: - claimName: pvc-qwc-data - readOnly: true --- # Source: qwc/charts/qwc/templates/deployment.yaml apiVersion: apps/v1 @@ -1577,7 +1523,6 @@ spec: subPath: pg_service.conf - mountPath: /srv/qwc_service/config name: v-qwc-data - readOnly: true subPath: config ports: @@ -1592,10 +1537,6 @@ spec: - key: pg_service_conf path: pg_service.conf secretName: pg-service-conf-secret - - name: v-qwc-data - persistentVolumeClaim: - claimName: pvc-qwc-data - readOnly: true --- # Source: qwc/charts/qwc/templates/deployment.yaml apiVersion: apps/v1 @@ -1657,7 +1598,6 @@ spec: subPath: pg_service.conf - mountPath: /srv/qwc_service/config name: v-qwc-data - readOnly: true subPath: config ports: @@ -1672,10 +1612,6 @@ spec: - key: pg_service_conf path: pg_service.conf secretName: pg-service-conf-secret - - name: v-qwc-data - persistentVolumeClaim: - claimName: pvc-qwc-data - readOnly: true --- # Source: qwc/charts/qwc/templates/deployment.yaml apiVersion: apps/v1 @@ -1739,7 +1675,6 @@ spec: subPath: pg_service.conf - mountPath: /srv/qwc_service/config name: v-qwc-data - readOnly: true subPath: config - mountPath: /var/solr name: v-qwc-data diff --git a/tests/values-emptydir.yaml b/tests/values-emptydir.yaml new file mode 100644 index 0000000..248973e --- /dev/null +++ b/tests/values-emptydir.yaml @@ -0,0 +1,215 @@ +# Default values for mapserver. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +volumes: &common-volumes + v-qwc-data: + emptyDir: + sizeLimit: 500Mi + +volumeMounts: &common-volume-mounts + /srv/qwc_service/config: + name: v-qwc-data + +# you can run as non root like this for example +idstuff: &idstuff + SERVICE_UID: + value: 1012 + SERVICE_GID: + value: 1012 + +initContainers: &initContainers + config: + command: + - '/bin/sh' + - '-c' + - 'cp -r /qwc/config/ /srv/qwc_service/config/' + image: + repository: my-repository/qwcconfig + tag: image-tag + volumeMounts: + <<: *common-volume-mounts + env: + <<: *idstuff + +qwcservices: + config: + pg: + conf: | + [qwc_configdb] + host=10.60.12.122 + port=5439 + dbname=qwc_demo + user=qwc_admin + password=qwc_admin + sslmode=disable + + [qwc_geodb] + host=10.60.12.122 + port=5439 + dbname=qwc_demo + user=qwc_service + password=qwc_service + sslmode=disable + qgis: + services: + qgis-server: + volumes: + <<: *common-volumes + + initContainers: + config: + command: + - '/bin/sh' + - '-c' + - 'cp -r /qwc/qgs-resources/ /data' + image: + repository: my-repository/qwcconfig + tag: image-tag + volumeMounts: &qgis-mounts + /data: + name: v-qwc-data + env: + <<: *idstuff + containers: + qgis: + volumeMounts: + <<: *qgis-mounts + ingress: + enabled: false + + qwc: + ingress: + enabled: true + hostGroups: + host1: + tls: + enabled: false + secretName: 'my-tls-secret' + hosts: + - qwc.local + securityContext: &security + runAsNonRoot: true + runAsUser: 1012 + runAsGroup: 1012 + podSecurityContext: + <<: *security + fsGroup: 1012 + + services: + admin-gui: + enabled: false + auth-service: + volumes: + <<: *common-volumes + initContainers: + <<: *initContainers + containers: + uwsgi: + volumeMounts: + <<: *common-volume-mounts + env: + <<: *idstuff + config-service: + enabled: false + data-service: + initContainers: + <<: *initContainers + volumes: + <<: *common-volumes + containers: + uwsgi: + volumeMounts: + <<: *common-volume-mounts + env: + <<: *idstuff + document-service: + initContainers: + <<: *initContainers + volumes: + <<: *common-volumes + containers: + uwsgi: + volumeMounts: + <<: *common-volume-mounts + env: + <<: *idstuff + elevation-service: + initContainers: + <<: *initContainers + volumes: + <<: *common-volumes + containers: + uwsgi: + volumeMounts: + <<: *common-volume-mounts + env: + <<: *idstuff + feature-info-service: + initContainers: + <<: *initContainers + volumes: + <<: *common-volumes + containers: + uwsgi: + volumeMounts: + <<: *common-volume-mounts + env: + <<: *idstuff + fulltext-search-service: + initContainers: + <<: *initContainers + volumes: + <<: *common-volumes + containers: + uwsgi: + volumeMounts: + <<: *common-volume-mounts + env: + <<: *idstuff + mapinfo-service: + initContainers: + <<: *initContainers + volumes: + <<: *common-volumes + containers: + uwsgi: + volumeMounts: + <<: *common-volume-mounts + env: + <<: *idstuff + map-viewer: + initContainers: + <<: *initContainers + volumes: + <<: *common-volumes + containers: + uwsgi: + volumeMounts: + <<: *common-volume-mounts + env: + <<: *idstuff + ogc-service: + initContainers: + <<: *initContainers + volumes: + <<: *common-volumes + containers: + uwsgi: + volumeMounts: + <<: *common-volume-mounts + env: + <<: *idstuff + permalink-service: + initContainers: + <<: *initContainers + volumes: + <<: *common-volumes + containers: + uwsgi: + volumeMounts: + <<: *common-volume-mounts + env: + <<: *idstuff + solr: + enabled: false diff --git a/values.yaml b/values.yaml index f589af7..5d36ee1 100644 --- a/values.yaml +++ b/values.yaml @@ -18,10 +18,10 @@ volumes: &common-volumes items: - key: pg_service_conf path: pg_service.conf - # v-qwc-data: - # persistentVolumeClaim: - # claimName: pvc-qwc-data - # readOnly: true + # v-qwc-data must be defined as NFS or emptyDir otherwise you + # get "error converting YAML to JSON"... + # see the examples + #v-qwc-data: {} volumeMounts: &common-volume-mounts /srv/pg_service.conf: @@ -31,7 +31,6 @@ volumeMounts: &common-volume-mounts /srv/qwc_service/config: name: v-qwc-data subPath: config - readOnly: true ports: &common-ports http: @@ -99,7 +98,6 @@ qgis: # If not set and create is true, a name is generated using the fullname template name: default services: - # TODO: what about qgis server? qgis-server: enabled: true ingress: @@ -107,6 +105,7 @@ qgis: <<: *common-generic-stuff service: type: ClusterIP + name: qwc-qgis-server servicePort: 80 ports: - name: http