diff --git a/sourcegraph/templates/frontend/sourcegraph-frontend-internal.Service.yaml b/sourcegraph/templates/frontend/sourcegraph-frontend-internal.Service.yaml index 905f3121..6bb7c8bb 100644 --- a/sourcegraph/templates/frontend/sourcegraph-frontend-internal.Service.yaml +++ b/sourcegraph/templates/frontend/sourcegraph-frontend-internal.Service.yaml @@ -1,17 +1,25 @@ apiVersion: v1 kind: Service metadata: + annotations: + {{- if .Values.frontend.serviceAnnotations }} + {{- toYaml .Values.frontend.serviceAnnotations | nindent 4 }} + {{- end }} labels: app: sourcegraph-frontend deploy: sourcegraph sourcegraph-resource-requires: no-cluster-admin app.kubernetes.io/component: frontend - name: sourcegraph-frontend-internal + {{- if .Values.frontend.serviceLabels }} + {{- toYaml .Values.frontend.serviceLabels | nindent 4 }} + {{- end }} + name: {{ default "sourcegraph-frontend-internal" .Values.frontend.internalServiceName }} spec: ports: - name: http-internal port: 80 targetPort: http-internal selector: + {{- include "sourcegraph.selectorLabels" . | nindent 4 }} app: sourcegraph-frontend type: ClusterIP diff --git a/sourcegraph/templates/frontend/sourcegraph-frontend.Deployment.yaml b/sourcegraph/templates/frontend/sourcegraph-frontend.Deployment.yaml index 83aba879..59f8db15 100644 --- a/sourcegraph/templates/frontend/sourcegraph-frontend.Deployment.yaml +++ b/sourcegraph/templates/frontend/sourcegraph-frontend.Deployment.yaml @@ -5,16 +5,25 @@ metadata: kubectl.kubernetes.io/default-container: frontend description: Serves the frontend of Sourcegraph via HTTP(S). labels: + {{- include "sourcegraph.labels" . | nindent 4 }} + {{- if .Values.frontend.labels }} + {{- toYaml .Values.frontend.labels | nindent 4 }} + {{- end }} deploy: sourcegraph sourcegraph-resource-requires: no-cluster-admin app.kubernetes.io/component: frontend - name: sourcegraph-frontend + name: {{ default "sourcegraph-frontend" .Values.frontend.name }} spec: + {{- with .Values.sourcegraph.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 4 }} + {{- end }} minReadySeconds: 10 - replicas: 2 - revisionHistoryLimit: 10 + replicas: {{ .Values.frontend.replicaCount }} + revisionHistoryLimit: {{ .Values.sourcegraph.revisionHistoryLimit }} selector: matchLabels: + {{- include "sourcegraph.selectorLabels" . | nindent 6 }} app: sourcegraph-frontend strategy: rollingUpdate: @@ -23,13 +32,27 @@ spec: type: RollingUpdate template: metadata: + annotations: + {{- if .Values.sourcegraph.podAnnotations }} + {{- toYaml .Values.sourcegraph.podAnnotations | nindent 8 }} + {{- end }} + {{- if .Values.frontend.podAnnotations }} + {{- toYaml .Values.frontend.podAnnotations | nindent 8 }} + {{- end }} labels: + {{- if .Values.sourcegraph.podLabels }} + {{- toYaml .Values.sourcegraph.podLabels | nindent 8 }} + {{- end }} + {{- if .Values.frontend.podLabels }} + {{- toYaml .Values.frontend.podLabels | nindent 8 }} + {{- end }} app: sourcegraph-frontend deploy: sourcegraph spec: containers: - name: frontend - image: {{ include "sourcegraph.image" (list . "frontend") }} + image: {{ include "sourcegraph.image" (list . "frontend" ) }} + imagePullPolicy: {{ .Values.sourcegraph.image.pullPolicy }} args: - serve env: @@ -93,47 +116,35 @@ spec: - containerPort: 6060 name: debug resources: - limits: - cpu: "2" - ephemeral-storage: "8Gi" - memory: 4G - requests: - cpu: "2" - ephemeral-storage: "4Gi" - memory: 2G + {{- toYaml .Values.frontend.resources | nindent 10 }} volumeMounts: - mountPath: /mnt/cache name: cache-ssd - - name: jaeger-agent - image: index.docker.io/sourcegraph/jaeger-agent:insiders@sha256:b980c65f7675a83c2181ba9b5d98efd257709dec1c261d1f93197238076249ab - env: - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - ports: - - containerPort: 5775 - protocol: UDP - - containerPort: 5778 - protocol: TCP - - containerPort: 6831 - protocol: UDP - - containerPort: 6832 - protocol: UDP - resources: - limits: - cpu: "1" - memory: 500M - requests: - cpu: 100m - memory: 100M - args: - - --reporter.grpc.host-port=jaeger-collector:14250 - - --reporter.type=grpc + {{- if .Values.frontend.extraVolumeMounts }} + {{- toYaml .Values.frontend.extraVolumeMounts | nindent 8 }} + {{- end }} + {{- include "sourcegraph.tracing" . | nindent 6 }} + {{- if .Values.frontend.extraContainers }} + {{- toYaml .Values.frontend.extraContainers | nindent 6 }} + {{- end }} securityContext: - runAsUser: 0 - serviceAccountName: sourcegraph-frontend + {{- toYaml .Values.frontend.podSecurityContext | nindent 8 }} + {{- with .Values.sourcegraph.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.sourcegraph.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.sourcegraph.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "sourcegraph.serviceAccountName" (list . "frontend") }} volumes: - emptyDir: {} name: cache-ssd + {{- if .Values.frontend.extraVolumes }} + {{- toYaml .Values.frontend.extraVolumes | nindent 6 }} + {{- end }} diff --git a/sourcegraph/templates/frontend/sourcegraph-frontend.Ingress.yaml b/sourcegraph/templates/frontend/sourcegraph-frontend.Ingress.yaml index 696aefa6..6f187f0b 100644 --- a/sourcegraph/templates/frontend/sourcegraph-frontend.Ingress.yaml +++ b/sourcegraph/templates/frontend/sourcegraph-frontend.Ingress.yaml @@ -1,19 +1,22 @@ +{{- if .Values.frontend.ingress.enabled -}} apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: annotations: + {{- if .Values.frontend.ingress.annotations}} + {{- toYaml .Values.frontend.ingress.annotations | nindent 4 }} + {{- end }} kubernetes.io/ingress.class: "nginx" - # We can upload large files (extensions) nginx.ingress.kubernetes.io/proxy-body-size: "150m" - # See - # https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/ - # for more nginx annotations. labels: app: sourcegraph-frontend deploy: sourcegraph sourcegraph-resource-requires: no-cluster-admin app.kubernetes.io/component: frontend - name: sourcegraph-frontend + {{- if .Values.frontend.ingress.labels}} + {{- toYaml .Values.frontend.ingress.labels | nindent 4 }} + {{- end }} + name: {{ default "sourcegraph-frontend" .Values.frontend.name }} spec: # See the customization guide (../../../docs/configure.md) for information # about configuring TLS @@ -26,8 +29,9 @@ spec: paths: - path: / backend: - serviceName: sourcegraph-frontend + serviceName: {{ default "sourcegraph-frontend" .Values.frontend.name }} servicePort: 30080 # If you're using TLS/SSL, uncomment the following line and replace 'sourcegraph.example.com' with the real # domain that you want to use for your Sourcegraph instance. # host: sourcegraph.example.com +{{- end }} diff --git a/sourcegraph/templates/frontend/sourcegraph-frontend.Role.yaml b/sourcegraph/templates/frontend/sourcegraph-frontend.Role.yaml index 8b513c8f..f04f351e 100644 --- a/sourcegraph/templates/frontend/sourcegraph-frontend.Role.yaml +++ b/sourcegraph/templates/frontend/sourcegraph-frontend.Role.yaml @@ -2,11 +2,12 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: labels: + {{- include "sourcegraph.labels" . | nindent 4 }} category: rbac deploy: sourcegraph sourcegraph-resource-requires: cluster-admin app.kubernetes.io/component: frontend - name: sourcegraph-frontend + name: {{ default "sourcegraph-frontend" .Values.frontend.name }} rules: - apiGroups: - "" diff --git a/sourcegraph/templates/frontend/sourcegraph-frontend.RoleBinding.yaml b/sourcegraph/templates/frontend/sourcegraph-frontend.RoleBinding.yaml index 9440ef27..b7741e58 100644 --- a/sourcegraph/templates/frontend/sourcegraph-frontend.RoleBinding.yaml +++ b/sourcegraph/templates/frontend/sourcegraph-frontend.RoleBinding.yaml @@ -2,15 +2,16 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: labels: + {{- include "sourcegraph.labels" . | nindent 4 }} category: rbac deploy: sourcegraph sourcegraph-resource-requires: cluster-admin app.kubernetes.io/component: frontend - name: sourcegraph-frontend + name: {{ default "sourcegraph-frontend" .Values.frontend.name }} roleRef: apiGroup: "rbac.authorization.k8s.io" kind: Role - name: sourcegraph-frontend + name: {{ default "sourcegraph-frontend" .Values.frontend.name }} subjects: - kind: ServiceAccount - name: sourcegraph-frontend + name: {{ include "sourcegraph.serviceAccountName" (list . "frontend") }} diff --git a/sourcegraph/templates/frontend/sourcegraph-frontend.Service.yaml b/sourcegraph/templates/frontend/sourcegraph-frontend.Service.yaml index 7a3b065a..5a0a19d3 100644 --- a/sourcegraph/templates/frontend/sourcegraph-frontend.Service.yaml +++ b/sourcegraph/templates/frontend/sourcegraph-frontend.Service.yaml @@ -4,17 +4,24 @@ metadata: annotations: prometheus.io/port: "6060" sourcegraph.prometheus/scrape: "true" + {{- if .Values.frontend.serviceAnnotations }} + {{- toYaml .Values.frontend.serviceAnnotations | nindent 4 }} + {{- end }} labels: app: sourcegraph-frontend deploy: sourcegraph sourcegraph-resource-requires: no-cluster-admin app.kubernetes.io/component: frontend - name: sourcegraph-frontend + {{- if .Values.frontend.serviceLabels }} + {{- toYaml .Values.frontend.serviceLabels | nindent 4 }} + {{- end }} + name: {{ default "sourcegraph-frontend" .Values.frontend.name }} spec: ports: - name: http port: 30080 targetPort: http selector: + {{- include "sourcegraph.selectorLabels" . | nindent 4 }} app: sourcegraph-frontend type: ClusterIP diff --git a/sourcegraph/templates/frontend/sourcegraph-frontend.ServiceAccount.yaml b/sourcegraph/templates/frontend/sourcegraph-frontend.ServiceAccount.yaml index 74e52ced..813e3b6f 100644 --- a/sourcegraph/templates/frontend/sourcegraph-frontend.ServiceAccount.yaml +++ b/sourcegraph/templates/frontend/sourcegraph-frontend.ServiceAccount.yaml @@ -1,11 +1,15 @@ +{{- if .Values.frontend.serviceAccount.create -}} apiVersion: v1 -imagePullSecrets: -- name: docker-registry kind: ServiceAccount +{{- with .Values.sourcegraph.imagePullSecrets }} +imagePullSecrets: + {{- toYaml . | nindent 4 }} +{{- end }} metadata: labels: category: rbac deploy: sourcegraph sourcegraph-resource-requires: no-cluster-admin app.kubernetes.io/component: frontend - name: sourcegraph-frontend + name: {{ include "sourcegraph.serviceAccountName" (list . "frontend") }} +{{- end }} diff --git a/sourcegraph/templates/github-proxy/github-proxy.Deployment.yaml b/sourcegraph/templates/github-proxy/github-proxy.Deployment.yaml index beb91d17..c2e9de76 100644 --- a/sourcegraph/templates/github-proxy/github-proxy.Deployment.yaml +++ b/sourcegraph/templates/github-proxy/github-proxy.Deployment.yaml @@ -60,6 +60,9 @@ spec: resources: {{- toYaml .Values.githubProxy.resources | nindent 10 }} {{- include "sourcegraph.tracing" . | nindent 6 }} + {{- if .Values.githubProxy.extraContainers }} + {{- toYaml .Values.githubProxy.extraContainers | nindent 6 }} + {{- end }} securityContext: {{- toYaml .Values.githubProxy.podSecurityContext | nindent 8 }} {{- with .Values.sourcegraph.nodeSelector }} diff --git a/sourcegraph/values.yaml b/sourcegraph/values.yaml index 2b0502c6..edbe943a 100644 --- a/sourcegraph/values.yaml +++ b/sourcegraph/values.yaml @@ -17,6 +17,23 @@ sourcegraph: frontend: image: tag: "insiders@sha256:cc01a2f65e5bb9ef8d762eaa973cf1287507c74d5d4c76b3e00d278c40b356a9" + replicaCount: 2 + resources: + limits: + cpu: "2" + ephemeral-storage: "8Gi" + memory: 4G + requests: + cpu: "2" + ephemeral-storage: "4Gi" + memory: 2G + podSecurityContext: + runAsUser: 0 + serviceAccount: + create: true + name: "sourcegraph-frontend" + ingress: + enabled: true githubProxy: image: