Skip to content

Commit

Permalink
build(helm): update templates
Browse files Browse the repository at this point in the history
  • Loading branch information
@brucetony
brucetony committed Oct 17, 2024
1 parent 66e14b0 commit c3099f4
Show file tree
Hide file tree
Showing 4 changed files with 121 additions and 29 deletions.
67 changes: 63 additions & 4 deletions helm/node-ui/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,49 @@
{{/*
Set the hostname of the Node UI. Assumes if global ingress enabled then global hostname is supplied
*/}}
{{- define "ui.ingress.hostname" -}}
{{- if .Values.global.node.ingress.enabled -}}
{{- if .Values.global.node.ingress.hostname -}}
{{- if not (hasPrefix "http" .Values.global.node.ingress.hostname) -}}
{{- printf "https://%s" .Values.global.node.ingress.hostname -}}
{{- else -}}
{{- print .Values.global.node.ingress.hostname -}}
{{- end -}}
{{- else -}}
{{- print "http://localhost:3000" -}}
{{- end -}}
{{- else if .Values.ingress.enabled -}}
{{- if .Values.ingress.hostname -}}
{{- if not (hasPrefix "http" .Values.ingress.hostname) -}}
{{- printf "https://%s" .Values.ingress.hostname -}}
{{- else -}}
{{- print .Values.ingress.hostname -}}
{{- end -}}
{{- else -}}
{{- print "http://localhost:3000" -}}
{{- end -}}
{{- else -}}
{{- print "http://localhost:3000" -}}
{{- end -}}
{{- end -}}

{{/*
Return the hub adapter endpoint
*/}}
{{- define "ui.adapter.endpoint" -}}
{{- if .Values.node.adapter -}}
{{- .Values.node.adapter -}}
{{- else if and .Values.global.node.ingress.enabled .Values.global.node.ingress.hostname -}}
{{- if hasPrefix "http" .Values.global.node.ingress.hostname -}}
{{- printf "%s/api" .Values.global.node.ingress.hostname -}}
{{- else -}}
{{- printf "http://%s/api" .Values.global.node.ingress.hostname -}}
{{- end -}}
{{- else -}}
{{- print "http://localhost:5000" -}}
{{- end -}}
{{- end -}}

{{/*
Return the secret containing the Keycloak client secret
*/}}
Expand Down Expand Up @@ -49,12 +95,25 @@ Generate a random clientSecret value for the node-ui client in keycloak if none
{{- end -}}

{{/*
Return the Keycloak endpoint
Return the Keycloak service endpoint
*/}}
{{- define "ui.keycloak.service.endpoint" -}}
{{- $realmSuffix := printf "/realms/%s" .Values.idp.realm -}}
{{- if .Values.idp.service -}}
{{- printf "http://%s%s" .Values.idp.service $realmSuffix -}}
{{- else -}}
{{- printf "http://%s-keycloak:80%s" .Release.Name $realmSuffix -}}
{{- end -}}
{{- end -}}

{{/*
Return the Keycloak frontend endpoint
*/}}
{{- define "ui.keycloak.endpoint" -}}
{{- define "ui.keycloak.frontend.endpoint" -}}
{{- $realmSuffix := printf "/realms/%s" .Values.idp.realm -}}
{{- if .Values.idp.host -}}
{{- .Values.idp.host -}}
{{- printf "http://%s%s" .Values.idp.host $realmSuffix -}}
{{- else -}}
{{- printf "http://%s-keycloak-headless:8080" .Release.Name -}}
{{- printf "http://localhost:8080%s" $realmSuffix -}}
{{- end -}}
{{- end -}}
42 changes: 25 additions & 17 deletions helm/node-ui/templates/node-ui-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,25 +18,40 @@ spec:
spec:
containers:
- name: node-ui
{{ if eq .Values.env "production" }}
image: ghcr.io/privateaim/node-ui:prod
{{ else }}
image: ghcr.io/privateaim/node-ui:latest
{{ end }}
imagePullPolicy: Always # Maybe "Always" during debug
ports:
- containerPort: 3000
name: ui
{{/* readinessProbe:*/}}
{{/* initialDelaySeconds: 45*/}}
{{/* httpGet:*/}}
{{/* path: /healthz*/}}
{{/* port: healthcp*/}}
env:
- name: NODE_ENV
value: {{ .Values.env | default "development" | quote }}
value: {{ .Values.env | default "production" | quote }}
- name: NUXT_PUBLIC_BASE_URL
value: {{ .Values.url | default "http://localhost:3000" | quote }}
value: {{ include "ui.ingress.hostname" . }}
- name: NUXT_PUBLIC_HUB_ADAPTER_URL
value: {{ .Values.node.adapter | default "http://localhost:5000" | quote }}
- name: NUXT_OIDC_PROVIDERS_KEYCLOAK_BASE_URL
value: {{ include "ui.keycloak.endpoint" . }}
value: {{ include "ui.adapter.endpoint" . }}
- name: NUXT_OIDC_PROVIDERS_KEYCLOAK_REDIRECT_URI
value: {{ printf "%s/auth/keycloak/callback" (include "ui.ingress.hostname" .) }}
- name: NUXT_OIDC_PROVIDERS_KEYCLOAK_AUTHORIZATION_URL
value: {{ printf "%s/protocol/openid-connect/auth" (include "ui.keycloak.frontend.endpoint" .) }}
- name: NUXT_OIDC_PROVIDERS_KEYCLOAK_TOKEN_URL
value: {{ printf "%s/protocol/openid-connect/token" (include "ui.keycloak.service.endpoint" .) }}
- name: NUXT_OIDC_PROVIDERS_KEYCLOAK_USERINFO_URL
value: {{ printf "%s/protocol/openid-connect/userinfo" (include "ui.keycloak.service.endpoint" .) }}
- name: NUXT_OIDC_PROVIDERS_KEYCLOAK_OPEN_ID_CONFIGURATION
value: {{ printf "%s/.well-known/openid-configuration" (include "ui.keycloak.frontend.endpoint" .) }}
- name: NUXT_OIDC_PROVIDERS_KEYCLOAK_LOGOUT_URL
value: {{ printf "%s/protocol/openid-connect/logout" (include "ui.keycloak.frontend.endpoint" .) }}
- name: NUXT_OIDC_PROVIDERS_KEYCLOAK_LOGOUT_REDIRECT_URI
value: {{ include "ui.ingress.hostname" . }}
- name: NUXT_OIDC_PROVIDERS_KEYCLOAK_VALIDATE_ACCESS_TOKEN
{{ if hasPrefix "http://localhost" (include "ui.ingress.hostname" .) }}value: "false"
{{ else }}value: "true"
{{ end }}
- name: NUXT_OIDC_PROVIDERS_KEYCLOAK_CLIENT_ID
value: {{ .Values.idp.clientId | default "node-ui" | quote }}
- name: NUXT_OIDC_PROVIDERS_KEYCLOAK_CLIENT_SECRET
Expand All @@ -50,10 +65,3 @@ spec:
value: {{ randAlphaNum 48 | quote }}
- name: NUXT_OIDC_AUTH_SESSION_SECRET
value: {{ randAlphaNum 48 | quote }}
{{/* livenessProbe:*/}}
{{/* httpGet:*/}}
{{/* path: /healthz*/}}
{{/* port: healthcp*/}}
{{/* failureThreshold: 3*/}}
{{/* periodSeconds: 60*/}}
{{/* initialDelaySeconds: 60*/}}
8 changes: 5 additions & 3 deletions helm/node-ui/templates/node-ui-ingress.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
{{- if or .Values.global.node.ingress.enabled .Values.ingress.enabled -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
Expand All @@ -8,13 +9,14 @@ metadata:
deployment-id: {{ .Release.Name }}
spec:
rules:
- host: {{ .Values.ingress.domain }}
- host: {{ regexReplaceAll "^https?://(.*)" (include "ui.ingress.hostname" .) "${1}" }}
http:
paths:
- path: /
pathType: Prefix
- path: {{ .Values.ingress.path }}
pathType: {{ .Values.ingress.pathType }}
backend:
service:
name: {{ .Release.Name }}-node-ui-service
port:
number: 3000
{{- end }}
33 changes: 28 additions & 5 deletions helm/node-ui/values.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,28 @@
## Global variables
global:
node:
ingress:
## @param global.node.ingress.enabled Toggle whether ingress should be enabled
enabled: false
## @param global.node.ingress.enabled Host name to be assigned to the Node UI (/) and Hub Adapter API (/api)
hostname: ""

env: production

## For defining ingress specific metadata
ingress:
domain: localhost

env: development
url: http://localhost:3000
## @param ingress.enabled Enable ingress record generation for the Node UI
##
enabled: false
## @param ingress.hostname Default host for the ingress record (evaluated as template)
##
hostname: ""
## @param ingress.pathType Ingress path type
##
pathType: ImplementationSpecific
## @param ingress.path Default file path for the ingress hostname
##
path: "/"

## Keycloak related information
idp:
Expand All @@ -25,8 +44,12 @@ idp:
## @param idp.host URL to keycloak service
## Will be inferred using the Release.Name if not defined
host: ""
## @param idp.service Service name of keycloak
## Will be inferred using the Release.Name if not defined
service: ""

## Downstream node services
node:
## @param node.adapter Hub adapter endpoint
## @param node.adapter Hub adapter endpoint.
## This will overwrite the global.node.ingress.host generated path if provided!
adapter: ""

0 comments on commit c3099f4

Please sign in to comment.