Skip to content

Commit

Permalink
fix: Helm chart refactor (#1160)
Browse files Browse the repository at this point in the history 
Signed-off-by: Milos Backonja <milos.backonja@iohk.io>
  • Loading branch information
@milosbackonja
milosbackonja committed Jun 9, 2024
1 parent 9eaa5d4 commit 4b59112
Show file tree
Hide file tree
Showing 16 changed files with 76 additions and 51 deletions.
20 changes: 16 additions & 4 deletions infrastructure/charts/agent/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,22 @@ Create chart name and version as used by the chart label.
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}

{{/*
Common labels
*/}}
{{- define "labels.common" -}}
helm.sh/chart: {{ include "cloud-agent.chart" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/part-of: {{ include "cloud-agent.fullname" . }}
{{- end }}





{{- define "cors" }}
{{- if .Values.ingress.cors.enabled }}
- name: cors
Expand All @@ -54,10 +70,6 @@ Create chart name and version as used by the chart label.
{{- end }}
{{- end -}}

{{- define "labels.common" -}}
{{- $fullname := include "cloud-agent.fullname" $ -}}
app.kubernetes.io/part-of: {{ $fullname }}
{{- end }}

{{- define "headers.security" }}
- name: response-rewrite
Expand Down
4 changes: 2 additions & 2 deletions infrastructure/charts/agent/templates/apisixconsumer.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ metadata:
name: "{{ $consumer | lower }}"
namespace: "{{ $root.Release.Namespace }}"
labels:
{{ template "labels.common" . }}
{{- include "labels.common" $root | nindent 4 }}
spec:
authParameter:
keyAuth:
Expand All @@ -25,7 +25,7 @@ metadata:
name: "{{ $consumer | lower }}"
namespace: "{{ $root.Release.Namespace }}"
labels:
{{ template "labels.common" . }}
{{- include "labels.common" $root | nindent 4 }}
spec:
authParameter:
keyAuth:
Expand Down
42 changes: 21 additions & 21 deletions infrastructure/charts/agent/templates/apisixroute.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
name: agent-route
namespace: "{{ .Release.Namespace }}"
labels:
{{ template "labels.common" . }}
{{- include "labels.common" . | nindent 4 }}
spec:
http:
- name: agent-rule
Expand Down Expand Up @@ -33,10 +33,10 @@ spec:
config:
block_rules: ["_system/metrics"]
rejected_message: "access to metrics resource is not allowed from an external location"
{{ template "cors" . }}
{{ template "consumer-restriction" . }}
{{ template "headers.requestId" . }}
{{ template "headers.security" . }}
{{- template "cors" . }}
{{- template "consumer-restriction" . }}
{{- template "headers.requestId" . }}
{{- template "headers.security" . }}

---

Expand All @@ -46,7 +46,7 @@ metadata:
name: agent-didcomm-route
namespace: "{{ .Release.Namespace }}"
labels:
{{ template "labels.common" . }}
{{- include "labels.common" . | nindent 4}}
spec:
http:
- name: agent-didcomm-rule
Expand All @@ -66,9 +66,9 @@ spec:
enable: true
config:
regex_uri: ["^/(prism-agent|{{ include "cloud-agent.fullname" . }})/didcomm(.*)", "/$2"]
{{ template "cors" . }}
{{ template "headers.requestId" . }}
{{ template "headers.security" . }}
{{- template "cors" . }}
{{- template "headers.requestId" . }}
{{- template "headers.security" . }}

---

Expand All @@ -78,7 +78,7 @@ metadata:
name: agent-schema-registry-route
namespace: "{{ .Release.Namespace }}"
labels:
{{ template "labels.common" . }}
{{- include "labels.common" . | nindent 4 }}
spec:
http:
- name: agent-schema-registry-rule
Expand All @@ -100,9 +100,9 @@ spec:
enable: true
config:
regex_uri: ["^/(prism-agent|{{ include "cloud-agent.fullname" . }})/schema-registry/schemas/(.*)", "/schema-registry/schemas/$2"]
{{ template "cors" . }}
{{ template "headers.requestId" . }}
{{ template "headers.security" . }}
{{- template "cors" . }}
{{- template "headers.requestId" . }}
{{- template "headers.security" . }}

---

Expand All @@ -112,7 +112,7 @@ metadata:
name: agent-cred-def-registry-route
namespace: "{{ .Release.Namespace }}"
labels:
{{ template "labels.common" . }}
{{- include "labels.common" . | nindent 4 }}
spec:
http:
- name: agent-cred-def-registry-rule
Expand All @@ -134,9 +134,9 @@ spec:
enable: true
config:
regex_uri: ["^/(prism-agent|{{ include "cloud-agent.fullname" . }})/credential-definition-registry/definitions/(.*)", "/credential-definition-registry/definitions/$2"]
{{ template "cors" . }}
{{ template "headers.requestId" . }}
{{ template "headers.security" . }}
{{- template "cors" . }}
{{- template "headers.requestId" . }}
{{- template "headers.security" . }}

---

Expand All @@ -146,7 +146,7 @@ metadata:
name: agent-docs-route
namespace: "{{ .Release.Namespace }}"
labels:
{{ template "labels.common" . }}
{{- include "labels.common" . | nindent 4 }}
spec:
http:
- name: agent-docs-rule
Expand All @@ -166,9 +166,9 @@ spec:
enable: true
config:
regex_uri: ["^/(prism-agent|{{ include "cloud-agent.fullname" . }})/docs/(.*)","/docs/$2"]
{{ template "cors" . }}
{{ template "headers.requestId" . }}
{{ template "headers.security" . }}
{{- template "cors" . }}
{{- template "headers.requestId" . }}
{{- template "headers.security" . }}

---
{{- end }}
2 changes: 1 addition & 1 deletion infrastructure/charts/agent/templates/apisixtls.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
name: "{{ include "cloud-agent.fullname" . }}-base-path-tls"
namespace: "{{ .Release.Namespace }}"
labels:
{{ template "labels.common" . }}
{{- include "labels.common" . | nindent 4}}
spec:
hosts:
{{- range .Values.ingress.applicationUrls }}
Expand Down
2 changes: 1 addition & 1 deletion infrastructure/charts/agent/templates/certificate.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
name: "{{ include "cloud-agent.fullname" . }}-base-path-cert"
namespace: "{{ .Release.Namespace }}"
labels:
{{ template "labels.common" . }}
{{- include "labels.common" . | nindent 4}}
annotations:
argocd.argoproj.io/sync-wave: "-1"
spec:
Expand Down
4 changes: 4 additions & 0 deletions infrastructure/charts/agent/templates/configmap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@ apiVersion: v1
kind: ConfigMap
metadata:
name: keycloak-bootstrap-script
labels:
{{- include "labels.common" . | nindent 4 }}
data:
init.sh: |
#!/usr/bin/env bash
Expand Down Expand Up @@ -82,6 +84,8 @@ apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "cloud-agent.fullname" . }}-realm-import
labels:
{{- include "labels.common" . | nindent 4}}
data:
{{ include "cloud-agent.fullname" . }}.json: |
{
Expand Down
12 changes: 6 additions & 6 deletions infrastructure/charts/agent/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ metadata:
name: {{ include "cloud-agent.fullname" . }}-server
namespace: "{{ .Release.Namespace }}"
labels:
{{ template "labels.common" . }}
{{- include "labels.common" . | nindent 4 }}
spec:
selector:
matchLabels:
Expand All @@ -14,14 +14,14 @@ spec:
metadata:
labels:
app.kubernetes.io/name: {{ include "cloud-agent.fullname" . }}-server
{{ template "labels.common" . }}
{{- include "labels.common" . | nindent 8 }}
spec:
imagePullSecrets:
- name: atala-prism-dev-deployments-github-docker-registry-key
initContainers:
- name: wait-postgress-ready
image: busybox
command: ['sh', '-c', "until nc -z {{ .Values.database.postgres.managingTeam }}-{{ include "cloud-agent.fullname" . }}-postgres-cluster.{{.Release.Namespace}} 5432; do echo waiting for postgress-operator; sleep 2; done;"]
command: ['sh', '-c', "until nc -z {{ .Values.database.postgres.managingTeam }}-{{ include "cloud-agent.fullname" . }}-postgres-cluster.{{ .Release.Namespace }} 5432; do echo waiting for postgress-operator; sleep 2; done;"]
{{- if .Values.server.keycloak.enabled }}
- name: wait-keycloak-ready
image: badouralix/curl-jq:ubuntu
Expand Down Expand Up @@ -78,7 +78,7 @@ spec:
key: salt
optional: false
- name: POLLUX_DB_HOST
value: "{{ .Values.database.postgres.managingTeam }}-{{ include "cloud-agent.fullname" . }}-postgres-cluster.{{.Release.Namespace}}"
value: "{{ .Values.database.postgres.managingTeam }}-{{ include "cloud-agent.fullname" . }}-postgres-cluster.{{ .Release.Namespace }}"
- name: POLLUX_DB_PORT
value: "5432"
- name: POLLUX_DB_NAME
Expand Down Expand Up @@ -108,7 +108,7 @@ spec:
key: password
optional: false
- name: CONNECT_DB_HOST
value: "{{ .Values.database.postgres.managingTeam }}-{{ include "cloud-agent.fullname" . }}-postgres-cluster.{{.Release.Namespace}}"
value: "{{ .Values.database.postgres.managingTeam }}-{{ include "cloud-agent.fullname" . }}-postgres-cluster.{{ .Release.Namespace }}"
- name: CONNECT_DB_PORT
value: "5432"
- name: CONNECT_DB_NAME
Expand Down Expand Up @@ -138,7 +138,7 @@ spec:
key: password
optional: false
- name: AGENT_DB_HOST
value: "{{ .Values.database.postgres.managingTeam }}-{{ include "cloud-agent.fullname" . }}-postgres-cluster.{{.Release.Namespace}}"
value: "{{ .Values.database.postgres.managingTeam }}-{{ include "cloud-agent.fullname" . }}-postgres-cluster.{{ .Release.Namespace }}"
- name: AGENT_DB_PORT
value: "5432"
- name: AGENT_DB_NAME
Expand Down
9 changes: 5 additions & 4 deletions infrastructure/charts/agent/templates/externalsecret.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,11 @@ metadata:
name: "atala-prism-dev-deployments-github-docker-registry-key"
namespace: {{ .Release.Namespace }}
labels:
{{ template "labels.common" . }}
{{- include "labels.common" . | nindent 4 }}
spec:
refreshInterval: "0"
secretStoreRef:
name: {{ .Values.secrets.secretStore }}
name: {{ .Values.secrets.secretStore | quote }}
kind: ClusterSecretStore
target:
template:
Expand All @@ -17,7 +17,7 @@ spec:
.dockerconfigjson: "{{ `{{ .dockerconfigjson | b64dec }}` }}"
dataFrom:
- extract:
key: {{ .Values.secrets.dockerRegistryToken }}
key: {{ .Values.secrets.dockerRegistryToken | quote }}

---

Expand All @@ -27,8 +27,9 @@ apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: "{{ $root.Values.ingress.auth.externalConsumerKeyPrefix }}-{{ $consumer | lower }}"
namespace: {{ $root.Release.Namespace }}
labels:
{{ template "labels.common" . }}
{{- include "labels.common" $root | nindent 4 }}
spec:
refreshInterval: "0"
secretStoreRef:
Expand Down
6 changes: 2 additions & 4 deletions infrastructure/charts/agent/templates/postgresql.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ metadata:
name: "{{ .Values.database.postgres.managingTeam }}-{{ include "cloud-agent.fullname" . }}-postgres-cluster"
namespace: {{ .Release.Namespace }}
labels:
{{ template "labels.common" . }}
{{- include "labels.common" . | nindent 4 }}
spec:
teamId: "{{ .Values.database.postgres.managingTeam }}"
volume:
Expand Down Expand Up @@ -41,14 +41,13 @@ spec:

{{- if .Values.keycloak.enabled }}
---

apiVersion: "acid.zalan.do/v1"
kind: postgresql
metadata:
name: "{{ .Values.database.postgres.managingTeam }}-keycloak-postgres-cluster"
namespace: {{ .Release.Namespace }}
labels:
{{ template "labels.common" . }}
{{- include "labels.common" . | nindent 4 }}
spec:
teamId: "{{ .Values.database.postgres.managingTeam }}"
volume:
Expand All @@ -63,5 +62,4 @@ spec:
keycloak: keycloak-admin
postgresql:
version: "14"

{{- end }}
10 changes: 5 additions & 5 deletions infrastructure/charts/agent/templates/service.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ metadata:
labels:
app.kubernetes.io/name: {{ include "cloud-agent.fullname" . }}-server
app.kubernetes.io/service: {{ include "cloud-agent.fullname" . }}-server-main
{{ template "labels.common" . }}
{{- include "labels.common" . | nindent 4 }}
spec:
selector:
app.kubernetes.io/name: {{ include "cloud-agent.fullname" . }}-server
Expand All @@ -27,7 +27,7 @@ metadata:
labels:
app.kubernetes.io/name: {{ include "cloud-agent.fullname" . }}-server
app.kubernetes.io/service: {{ include "cloud-agent.fullname" . }}-server-didcomm
{{ template "labels.common" . }}
{{- include "labels.common" . | nindent 4 }}
spec:
selector:
app.kubernetes.io/name: {{ include "cloud-agent.fullname" . }}-server
Expand All @@ -41,17 +41,17 @@ spec:
---

{{- if .Values.ingress.enabled }}
kind: Service
apiVersion: v1
kind: Service
metadata:
name: agent-domain-name-fake-service
name: agent-domain-name-fake-service
namespace: "{{ .Release.Namespace }}"
annotations:
external-dns.alpha.kubernetes.io/hostname: "{{ join ", " .Values.ingress.applicationUrls }}"
labels:
app.kubernetes.io/name: {{ include "cloud-agent.fullname" . }}-server
app.kubernetes.io/service: agent-server-domain-name-fake
{{ template "labels.common" . }}
{{- include "labels.common" . | nindent 4 }}
spec:
type: ExternalName
externalName: {{ .Values.ingress.platformIngressUrl }}
Expand Down
2 changes: 2 additions & 0 deletions infrastructure/charts/agent/templates/stringsecret-agent-admin-token.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@ kind: StringSecret
metadata:
name: "agent-admin-token"
namespace: {{ .Release.Namespace }}
labels:
{{- include "labels.common" . | nindent 4 }}
spec:
forceRegenerate: false
fields:
Expand Down
2 changes: 2 additions & 0 deletions infrastructure/charts/agent/templates/stringsecret-agent-api-key-salt.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@ kind: StringSecret
metadata:
name: "agent-api-key-salt"
namespace: {{ .Release.Namespace }}
labels:
{{- include "labels.common" . | nindent 4 }}
spec:
forceRegenerate: false
fields:
Expand Down
4 changes: 3 additions & 1 deletion infrastructure/charts/agent/templates/stringsecret-agent-keycloak-secret.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@ kind: StringSecret
metadata:
name: "agent-keycloak-client-secret"
namespace: {{ .Release.Namespace }}
labels:
{{- include "labels.common" . | nindent 4 }}
spec:
forceRegenerate: false
fields:
Expand All @@ -18,7 +20,7 @@ metadata:
name: "keycloak-admin-secret"
namespace: {{ .Release.Namespace }}
labels:
{{ template "labels.common" . }}
{{- include "labels.common" . | nindent 4 }}
spec:
forceRegenerate: false
fields:
Expand Down

0 comments on commit 4b59112

Please sign in to comment.