-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1 from cardano-foundation/feat/add-cf-eks-baseline
feat: add cf-eks-baseline + cf-idw helm charts
- Loading branch information
Showing
20 changed files
with
628 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
*.tgz |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
# Patterns to ignore when building packages. | ||
# This supports shell glob matching, relative path matching, and | ||
# negation (prefixed with !). Only one pattern per line. | ||
.DS_Store | ||
# Common VCS dirs | ||
.git/ | ||
.gitignore | ||
.bzr/ | ||
.bzrignore | ||
.hg/ | ||
.hgignore | ||
.svn/ | ||
# Common backup files | ||
*.swp | ||
*.bak | ||
*.tmp | ||
*.orig | ||
*~ | ||
# Various IDEs | ||
.project | ||
.idea/ | ||
*.tmproj | ||
.vscode/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
dependencies: | ||
- name: traefik | ||
repository: https://helm.traefik.io/traefik | ||
version: 27.0.2 | ||
- name: external-secrets | ||
repository: https://charts.external-secrets.io | ||
version: 0.9.16 | ||
- name: metrics-server | ||
repository: https://kubernetes-sigs.github.io/metrics-server/ | ||
version: 3.12.1 | ||
- name: aws-ebs-csi-driver | ||
repository: https://kubernetes-sigs.github.io/aws-ebs-csi-driver | ||
version: 2.30.0 | ||
- name: coredns | ||
repository: https://coredns.github.io/helm | ||
version: 1.29.0 | ||
digest: sha256:a0afe3c31b11b8676c47e5e44ab3ffcfff8e6d4ddcf2b2ba550164412b3cb825 | ||
generated: "2024-04-30T17:47:39.148897+02:00" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
apiVersion: v2 | ||
name: cf-eks-baseline | ||
description: A Helm chart for deploying the baseline services to CF's EKS clusters | ||
type: application | ||
version: 0.0.1 | ||
appVersion: 0.0.1 | ||
dependencies: | ||
- name: traefik | ||
version: 27.0.2 | ||
repository: https://helm.traefik.io/traefik | ||
condition: traefik.enabled | ||
- name: external-secrets | ||
version: 0.9.16 | ||
repository: https://charts.external-secrets.io | ||
condition: external-secrets.enabled | ||
- name: metrics-server | ||
version: 3.12.1 | ||
repository: https://kubernetes-sigs.github.io/metrics-server/ | ||
condition: metrics-server.enabled | ||
- name: aws-ebs-csi-driver | ||
version: 2.30.0 | ||
repository: https://kubernetes-sigs.github.io/aws-ebs-csi-driver | ||
condition: aws-ebs-csi-driver.enabled | ||
- name: coredns | ||
version: 1.29.0 | ||
repository: https://coredns.github.io/helm | ||
condition: coredns.enabled | ||
- name: kube-prometheus-stack | ||
version: 58.3.1 | ||
repository: https://prometheus-community.github.io/helm-charts | ||
condition: kube-prometheus-stack.enabled | ||
- name: nginx | ||
version: 16.0.6 | ||
repository: https://charts.bitnami.com/bitnami | ||
condition: nginx.enabled |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
traefik: | ||
enabled: true | ||
deployment: | ||
enabled: true | ||
kind: "DaemonSet" | ||
service: | ||
type: "NodePort" | ||
ports: | ||
web: | ||
exposed: "false" | ||
websecure: | ||
nodePort: 30443 | ||
exposed: "false" | ||
|
||
kube-prometheus-stack: | ||
enabled: true | ||
grafana: | ||
plugins: | ||
- grafana-singlestat-panel | ||
sidecar: | ||
alerts: | ||
enabled: true | ||
datasources: | ||
enabled: true | ||
notifiers: | ||
enabled: true | ||
|
||
nginx: | ||
enabled: true | ||
service: | ||
type: ClusterIP | ||
serverBlock: |- | ||
server { | ||
listen 0.0.0.0:8080; | ||
location / { | ||
return 404 "Not Found"; | ||
} | ||
} | ||
external-secrets: | ||
enabled: true | ||
metrics-server: | ||
enabled: true | ||
aws-ebs-csi-driver: | ||
enabled: true | ||
coredns: | ||
enabled: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
# Patterns to ignore when building packages. | ||
# This supports shell glob matching, relative path matching, and | ||
# negation (prefixed with !). Only one pattern per line. | ||
.DS_Store | ||
# Common VCS dirs | ||
.git/ | ||
.gitignore | ||
.bzr/ | ||
.bzrignore | ||
.hg/ | ||
.hgignore | ||
.svn/ | ||
# Common backup files | ||
*.swp | ||
*.bak | ||
*.tmp | ||
*.orig | ||
*~ | ||
# Various IDEs | ||
.project | ||
.idea/ | ||
*.tmproj | ||
.vscode/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
apiVersion: v2 | ||
name: cf-idw | ||
description: A Helm chart for Kubernetes | ||
type: application | ||
version: 0.0.1 | ||
appVersion: 0.0.1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
FROM alpine | ||
RUN apk add --no-cache curl jq bash gettext |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,62 @@ | ||
{{/* | ||
Expand the name of the chart. | ||
*/}} | ||
{{- define "cf-idw.name" -}} | ||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} | ||
{{- end }} | ||
|
||
{{/* | ||
Create a default fully qualified app name. | ||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). | ||
If release name contains chart name it will be used as a full name. | ||
*/}} | ||
{{- define "cf-idw.fullname" -}} | ||
{{- if .Values.fullnameOverride }} | ||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} | ||
{{- else }} | ||
{{- $name := default .Chart.Name .Values.nameOverride }} | ||
{{- if contains $name .Release.Name }} | ||
{{- .Release.Name | trunc 63 | trimSuffix "-" }} | ||
{{- else }} | ||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} | ||
{{- end }} | ||
{{- end }} | ||
{{- end }} | ||
|
||
{{/* | ||
Create chart name and version as used by the chart label. | ||
*/}} | ||
{{- define "cf-idw.chart" -}} | ||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} | ||
{{- end }} | ||
|
||
{{/* | ||
Common labels | ||
*/}} | ||
{{- define "cf-idw.labels" -}} | ||
helm.sh/chart: {{ include "cf-idw.chart" . }} | ||
{{ include "cf-idw.selectorLabels" . }} | ||
{{- if .Chart.AppVersion }} | ||
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} | ||
{{- end }} | ||
app.kubernetes.io/managed-by: {{ .Release.Service }} | ||
{{- end }} | ||
|
||
{{/* | ||
Selector labels | ||
*/}} | ||
{{- define "cf-idw.selectorLabels" -}} | ||
app.kubernetes.io/name: {{ include "cf-idw.name" . }} | ||
app.kubernetes.io/instance: {{ .Release.Name }} | ||
{{- end }} | ||
|
||
{{/* | ||
Create the name of the service account to use | ||
*/}} | ||
{{- define "cf-idw.serviceAccountName" -}} | ||
{{- if .Values.serviceAccount.create }} | ||
{{- default (include "cf-idw.fullname" .) .Values.serviceAccount.name }} | ||
{{- else }} | ||
{{- default "default" .Values.serviceAccount.name }} | ||
{{- end }} | ||
{{- end }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
{{- $root := .Values -}} | ||
{{ with .Values.credIssuance }} | ||
{{- if .ingress.enabled -}} | ||
{{- $credIssuance := . -}} | ||
apiVersion: networking.k8s.io/v1 | ||
kind: Ingress | ||
metadata: | ||
name: cred-issuance-ingress | ||
labels: | ||
app: cred-issuance | ||
labels: | ||
{{- with .ingress.annotations }} | ||
annotations: | ||
{{- toYaml . | nindent 4 }} | ||
{{- end }} | ||
spec: | ||
rules: | ||
{{- range $host := .ingress.hosts }} | ||
- host: {{ $host }}.{{ $root.ingressTLD }} | ||
http: | ||
paths: | ||
- path: / | ||
pathType: Prefix | ||
backend: | ||
service: | ||
name: cred-issuance | ||
port: | ||
number: {{ $credIssuance.port | default 3010 }} | ||
{{- end }} | ||
tls: | ||
- hosts: | ||
{{- range $host := .ingress.hosts }} | ||
- "{{ $host }}.{{ $root.ingressTLD }}" | ||
{{- end }} | ||
{{ end }} | ||
{{ end }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
labels: | ||
app: cred-issuance | ||
name: cred-issuance | ||
spec: | ||
ports: | ||
- name: {{ .port | default "3010" | quote }} | ||
port: {{ .port | default "3010" }} | ||
targetPort: {{ .port | default "3010" }} | ||
selector: | ||
app: cred-issuance |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
{{ with .Values.credIssuance }} | ||
{{ if .enabled }} | ||
apiVersion: apps/v1 | ||
kind: StatefulSet | ||
metadata: | ||
labels: | ||
app: cred-issuance | ||
name: cred-issuance | ||
spec: | ||
replicas: 1 | ||
selector: | ||
matchLabels: | ||
app: cred-issuance | ||
template: | ||
metadata: | ||
labels: | ||
app: cred-issuance | ||
spec: | ||
restartPolicy: Always | ||
{{- if .tolerations }} | ||
tolerations: | ||
{{ with index .tolerations }} | ||
{{ toYaml . | nindent 8 }} | ||
{{- end }} | ||
{{- end }} | ||
{{- if .affinity }} | ||
affinity: | ||
{{ with index .affinity }} | ||
{{ toYaml . | nindent 8 }} | ||
{{- end }} | ||
{{- end }} | ||
containers: | ||
- env: | ||
- name: KERIA_BOOT_ENDPOINT | ||
value: {{ .keriaBootEndpoint | default "http://keria:3903" }} | ||
- name: KERIA_ENDPOINT | ||
value: {{ .keriaEndpoint | default "http://keria:3901" }} | ||
- name: OOBI_ENDPOINT | ||
value: {{ .oobiEndpoint | default "http://keria:3901" }} | ||
- name: PORT | ||
value: {{ .port | default "3010" | quote }} | ||
image: "{{ .image.repository }}:{{ .image.tag }}" | ||
name: cred-issuance | ||
ports: | ||
- containerPort: {{ .port | default 3010 }} | ||
hostPort: {{ .port | default 3010 }} | ||
protocol: TCP | ||
volumeMounts: | ||
- mountPath: /usr/local/var/keri | ||
name: issuer-server-data | ||
volumes: | ||
- name: issuer-server-data | ||
persistentVolumeClaim: | ||
claimName: issuer-server-data | ||
|
||
volumeClaimTemplates: | ||
- metadata: | ||
name: issuer-server-data | ||
spec: | ||
accessModes: [ "ReadWriteOnce" ] | ||
resources: | ||
requests: | ||
storage: {{ .volumeSize | default "1Gi" }} | ||
|
||
{{ end }} | ||
{{ end }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
{{ with .Values.keria }} | ||
{{ if .enabled }} | ||
apiVersion: v1 | ||
kind: ConfigMap | ||
metadata: | ||
name: keria-configmap | ||
data: | ||
initContainer-entrypoint.sh: | | ||
#!/bin/sh | ||
set -e | ||
export KERIA_RENDERED_CURLS=$(for keria_curl in ${KERIA_CURLS}; do echo $keria_curl; done | jq -cRn '[inputs]') | ||
envsubst < /configmap/backer-oobis.json.tpl > /config/backer-oobis.json | ||
backer-oobis.json.tpl: | | ||
{ | ||
"dt": "2022-01-20T12:57:59.823350+00:00", | ||
"keria": { | ||
"dt": "2022-01-20T12:57:59.823350+00:00", | ||
"curls": ${KERIA_RENDERED_CURLS} | ||
}, | ||
"iurls": [] | ||
} | ||
{{ end }} | ||
{{ end }} |
Oops, something went wrong.