Add optimize to helm charts #287
Conversation
Add a new sub-chart for Optimize. Copied resources from tasklist and operate and adjusted to our needs.
Define in camunda-platform values.yaml the default values for Optimize sub-chart.
Add condition for sub-chart such that it is disabled if identity integration is disabled, since optimize has a dependency on identity.
Previous name (zeebe) was misleading
| value: {{ .Values.global.identity.auth.publicIssuerUrl | quote }} | ||
| - name: CAMUNDA_OPTIMIZE_IDENTITY_ISSUER_BACKEND_URL | ||
| value: "http://{{ include "common.names.dependency.fullname" (dict "chartName" "keycloak" "chartValues" . "context" $) | trunc 20 | trimSuffix "-" }}:80/auth/realms/camunda-platform" | ||
| - name: CAMUNDA_OPTIMIZE_IDENTITY_CLIENTID |
There was a problem hiding this comment.
@RomanJRW it seems that Optimize only supports CLIENTID the other tools, like tasklist and operate use (or support) CLIENT_ID Is this expected? I stumbled over it, because it didn't worked without the right settings here.
There was a problem hiding this comment.
Thanks for the heads up. Once JIRA wakes up, I'll create a ticket for us to change this in future 👍
There was a problem hiding this comment.
🚀
- 🤡 Kind of weird that we can't use a single
.helmignorefor all the charts together 🤷♂️ - At this point, I feel like the secret helpers might be, uh, abstracted? Is that even possible without making it too confusing (I mean, this is templated YAML, so it's already confusing 😄)
- ❓ I couldn't find where we specify the number of Zeebe partitions in the Optimize deployment - isn't that required? 🤔
The main blocker is that some golden file tests (for deployment for example) are pointing to the Operate chart, so the optimize deployment is not tested 😄
Co-authored-by: Nicolas Pepin-Perreault <43373+npepinpe@users.noreply.github.com>
|
Thanks for your quick review @npepinpe Regarding your comments:
Yeah I can check this.
Yeah agree but tbh I don't want to rewrite the logic of bitnami, it is in general quite cool to use their helpers here. I could try, if I find the time, to add some abstractions around it.
As I wrote above this needs to be fixed with #286 and related discussion here https://camunda.slack.com/archives/C02UT3T8DQR/p1650536952860079 Please put your comments or opinions here if you have any :) |
This test is tested in the global-deployment
charts/camunda-platform/charts/optimize/templates/tests/test-connection.yaml
Outdated
Show resolved
Hide resolved
charts/camunda-platform/charts/optimize/templates/tests/test-connection.yaml
Outdated
Show resolved
Hide resolved
| value: {{ .Values.global.identity.auth.publicIssuerUrl | quote }} | ||
| - name: CAMUNDA_OPTIMIZE_IDENTITY_ISSUER_BACKEND_URL | ||
| value: "http://{{ include "common.names.dependency.fullname" (dict "chartName" "keycloak" "chartValues" . "context" $) | trunc 20 | trimSuffix "-" }}:80/auth/realms/camunda-platform" | ||
| - name: CAMUNDA_OPTIMIZE_IDENTITY_CLIENTID |
There was a problem hiding this comment.
Thanks for the heads up. Once JIRA wakes up, I'll create a ticket for us to change this in future 👍
Co-authored-by: Josh Windels <joshuawindels@gmail.com>
Logout is done by identity.
This PR contains:
Manual testing:
After installing we see:
Doing the necessary port-forwards we can login
Next Steps:
Reviewers:
I know it looks like an big PR, but most of the lines are due to tests and golden files, which you can skip. :)
@oleschoenburg @npepinpe whoever has more time please have a look at the PR
@RomanJRW could you please check the configuration to whether this makes sense in your opinion?
related to #126