From 1a85887d3f6c2c799484c540121bd6dc2ab176e3 Mon Sep 17 00:00:00 2001 From: Burak Sekili Date: Thu, 9 May 2024 13:05:01 +0300 Subject: [PATCH] [TT-9514] Add tyk-operator chart as a dependency (#278) * Add tyk-operator dependency to umbrella chart Signed-off-by: Burak Sekili * make operator disabled by default Signed-off-by: Burak Sekili * remove tyk-operator dep from data-plane Signed-off-by: Burak Sekili * update workflows; add tyk-helm repo dependency Signed-off-by: Burak Sekili * add tyk-operator values to all umbrella charts Signed-off-by: Burak Sekili * update cp docs Signed-off-by: Burak Sekili * Update README.md * Update README.md * Update README.md * Update README.md --------- Signed-off-by: Burak Sekili --- .github/workflows/run-tests.yaml | 3 ++ tyk-control-plane/Chart.lock | 7 ++- tyk-control-plane/Chart.yaml | 4 ++ tyk-control-plane/values.yaml | 78 ++++++++++++++++++++++++++++++ tyk-data-plane/values.yaml | 2 +- tyk-oss/Chart.lock | 7 ++- tyk-oss/Chart.yaml | 4 ++ tyk-oss/values.yaml | 81 +++++++++++++++++++++++++++++++- tyk-stack/Chart.lock | 7 ++- tyk-stack/Chart.yaml | 4 ++ tyk-stack/values.yaml | 78 ++++++++++++++++++++++++++++++ 11 files changed, 267 insertions(+), 8 deletions(-) diff --git a/.github/workflows/run-tests.yaml b/.github/workflows/run-tests.yaml index b894505a..2aab220f 100644 --- a/.github/workflows/run-tests.yaml +++ b/.github/workflows/run-tests.yaml @@ -33,6 +33,9 @@ jobs: with: version: v3.3.0 + - name: Add dependencies + run: helm repo add tyk-helm https://helm.tyk.io/public/helm/charts/ + - name: Run chart-testing (lint) run: ct lint --config ct.yaml --all diff --git a/tyk-control-plane/Chart.lock b/tyk-control-plane/Chart.lock index 3a8b0bdc..4d9effb7 100644 --- a/tyk-control-plane/Chart.lock +++ b/tyk-control-plane/Chart.lock @@ -17,5 +17,8 @@ dependencies: - name: tyk-dev-portal repository: file://../components/tyk-dev-portal version: 1.4.0 -digest: sha256:2e6bf2a59a937a32f06ac8286e29dddcf1c02f75053118f76d3b044df49f90eb -generated: "2024-05-06T17:30:10.223133+05:30" +- name: tyk-operator + repository: https://helm.tyk.io/public/helm/charts/ + version: 0.17.1 +digest: sha256:7b3cfafd43ed0a91345cd8ef2a193e811a0bf97b0162e11a9bb4377b277d7961 +generated: "2024-05-09T12:54:26.585871+03:00" diff --git a/tyk-control-plane/Chart.yaml b/tyk-control-plane/Chart.yaml index 78b596ae..5f6c8fe1 100644 --- a/tyk-control-plane/Chart.yaml +++ b/tyk-control-plane/Chart.yaml @@ -46,6 +46,10 @@ dependencies: version: 1.4.0 repository: file://../components/tyk-dev-portal condition: global.components.devPortal + - name: tyk-operator + version: 0.17.1 + repository: https://helm.tyk.io/public/helm/charts/ + condition: global.components.operator annotations: artifacthub.io/category: networking artifacthub.io/links: | diff --git a/tyk-control-plane/values.yaml b/tyk-control-plane/values.yaml index 6a9aa8f8..cce9f5ac 100644 --- a/tyk-control-plane/values.yaml +++ b/tyk-control-plane/values.yaml @@ -43,6 +43,10 @@ global: # Determines whether Tyk Developer Portal component should be installed. # If you want to bootstrap Tyk Developer Portal, set `tyk-bootstrap.bootstrap.devPortal` to true devPortal: false + # operator determines whether Tyk Operator component should be installed or not. + # Tyk Operator needs cert-manager to be installed beforehand. Make sure that cert-manager is installed. + # For further details, please refer to https://tyk.io/docs/tyk-stack/tyk-operator/installing-tyk-operator/ + operator: false servicePorts: # The port at which the dashboard service can be found at @@ -523,6 +527,80 @@ tyk-gateway: # podLabels specifies labels to be added in gateway Pod podLabels: {} +tyk-operator: + nameOverride: "" + fullnameOverride: "" + # envFrom loads environment variables from the specified resources such as Kubernetes Secret + # to the Tyk Operator Controller Manager pod. + envFrom: + - secretRef: + name: tyk-operator-conf + # envVars adds environment variables to the Tyk Operator Controller Manager pod. + envVars: + - name: TYK_HTTPS_INGRESS_PORT + value: "8443" + - name: TYK_HTTP_INGRESS_PORT + value: "8080" + image: + # image repository for Tyk Operator + repository: tykio/tyk-operator + # image pull policy + pullPolicy: IfNotPresent + # image tag for Tyk Operator + tag: "v0.17.0" + # number for replicas for Tyk Operator deployment. + replicaCount: 1 + # imagePullSecrets specify imagePullSecrets for ServiceAccount + imagePullSecrets: [] + # extraVolumes is a list of volumes to be added to the pod + # extraVolumes: + # - name: ca-certs + # secret: + # secretName: ca-certs + # - name: ca-certs + # configMap: + # name: custom-ca-configmap + extraVolumes: [] + + # extraVolumeMounts is a list of volume mounts to be added to the pod + # extraVolumeMounts: + # - name: ca-certs + # mountPath: /etc/ssl/certs/your-cert.pem + # subPath: your-cert.pem + # readOnly: false + extraVolumeMounts: [] + + # healthProbePort identifies the port the Controller Manager will listen on. Used by liveness and readiness probes + healthProbePort: 8081 + # metricsPort identifies the port on which Tyk Operator metrics are served + metricsPort: 8080 + # webhookPort identifies the port on which webhooks are handled + webhookPort: 9443 + + annotations: {} + podAnnotations: {} + podSecurityContext: + allowPrivilegeEscalation: false + resources: {} + nodeSelector: {} + hostNetwork: false + + # rbac specifies necessary resources for kube-rbac-proxy. + rbac: + resources: {} + # specify custom/internal repo name for kube-rbac-proxy container + image: + repository: gcr.io/kubebuilder/kube-rbac-proxy + pullPolicy: IfNotPresent + tag: "v0.8.0" + port: 8443 + + # serviceMonitor decides deploying ServiceMonitor if Prometheus Operator scrapes /metrics. + # By default it is set to false and set it to true to enable deploying Service Monitor. + # Tyk Operator publishes a collection of performance metrics for each controller. + # These metrics can be scraped by Prometheus Operator, by deploying ServiceMonitor resource. + serviceMonitor: false + tyk-pump: ## Default values for tyk-pump chart. ## This is a YAML-formatted file. diff --git a/tyk-data-plane/values.yaml b/tyk-data-plane/values.yaml index 162f5056..b3f84cbd 100644 --- a/tyk-data-plane/values.yaml +++ b/tyk-data-plane/values.yaml @@ -10,7 +10,7 @@ fullnameOverride: "" global: components: - # Determines whether the pump component should be installed. + # pump determines whether the pump component should be installed. pump: true servicePorts: diff --git a/tyk-oss/Chart.lock b/tyk-oss/Chart.lock index c25c8d29..181f30ca 100644 --- a/tyk-oss/Chart.lock +++ b/tyk-oss/Chart.lock @@ -5,5 +5,8 @@ dependencies: - name: tyk-pump repository: file://../components/tyk-pump version: 1.4.0 -digest: sha256:3fbbe22d53aaf78ae796c731d4f2d58e72b7516c017f0bce4944a51710711816 -generated: "2024-05-06T17:29:47.174239+05:30" +- name: tyk-operator + repository: https://helm.tyk.io/public/helm/charts/ + version: 0.17.1 +digest: sha256:0fdca72203b67c2d682d5f5a09e8d223da082b9fcb1735f28fd47cf31678be64 +generated: "2024-05-09T12:54:19.711073+03:00" diff --git a/tyk-oss/Chart.yaml b/tyk-oss/Chart.yaml index 06ac9a99..d7704bc8 100644 --- a/tyk-oss/Chart.yaml +++ b/tyk-oss/Chart.yaml @@ -42,6 +42,10 @@ dependencies: version: 1.4.0 repository: file://../components/tyk-pump condition: global.components.pump + - name: tyk-operator + version: 0.17.1 + repository: https://helm.tyk.io/public/helm/charts/ + condition: global.components.operator annotations: artifacthub.io/category: networking artifacthub.io/links: | diff --git a/tyk-oss/values.yaml b/tyk-oss/values.yaml index df3d93a9..bd9d5179 100644 --- a/tyk-oss/values.yaml +++ b/tyk-oss/values.yaml @@ -14,8 +14,12 @@ operatorSecret: global: components: - # Determines whether the pump component should be installed. + # pump determines whether the pump component should be installed. pump: false + # operator determines whether Tyk Operator component should be installed or not. + # Tyk Operator needs cert-manager to be installed beforehand. Make sure that cert-manager is installed. + # For further details, please refer to https://tyk.io/docs/tyk-stack/tyk-operator/installing-tyk-operator/ + operator: false servicePorts: # The port at which the gateway service can be found at @@ -426,6 +430,81 @@ tyk-gateway: # readOnly: true extraVolumeMounts: [] +tyk-operator: + nameOverride: "" + fullnameOverride: "" + # envFrom loads environment variables from the specified resources such as Kubernetes Secret + # to the Tyk Operator Controller Manager pod. + envFrom: + - secretRef: + name: tyk-operator-conf + # envVars adds environment variables to the Tyk Operator Controller Manager pod. + envVars: + - name: TYK_HTTPS_INGRESS_PORT + value: "8443" + - name: TYK_HTTP_INGRESS_PORT + value: "8080" + image: + # image repository for Tyk Operator + repository: tykio/tyk-operator + # image pull policy + pullPolicy: IfNotPresent + # image tag for Tyk Operator + tag: "v0.17.0" + # number for replicas for Tyk Operator deployment. + replicaCount: 1 + # imagePullSecrets specify imagePullSecrets for ServiceAccount + imagePullSecrets: [] + # extraVolumes is a list of volumes to be added to the pod + # extraVolumes: + # - name: ca-certs + # secret: + # secretName: ca-certs + # - name: ca-certs + # configMap: + # name: custom-ca-configmap + extraVolumes: [] + + # extraVolumeMounts is a list of volume mounts to be added to the pod + # extraVolumeMounts: + # - name: ca-certs + # mountPath: /etc/ssl/certs/your-cert.pem + # subPath: your-cert.pem + # readOnly: false + extraVolumeMounts: [] + + # healthProbePort identifies the port the Controller Manager will listen on. Used by liveness and readiness probes + healthProbePort: 8081 + # metricsPort identifies the port on which Tyk Operator metrics are served + metricsPort: 8080 + # webhookPort identifies the port on which webhooks are handled + webhookPort: 9443 + + annotations: {} + podAnnotations: {} + podSecurityContext: + allowPrivilegeEscalation: false + resources: {} + nodeSelector: {} + hostNetwork: false + + # rbac specifies necessary resources for kube-rbac-proxy. + rbac: + resources: {} + # specify custom/internal repo name for kube-rbac-proxy container + image: + repository: gcr.io/kubebuilder/kube-rbac-proxy + pullPolicy: IfNotPresent + tag: "v0.8.0" + port: 8443 + + # serviceMonitor decides deploying ServiceMonitor if Prometheus Operator scrapes /metrics. + # By default it is set to false and set it to true to enable deploying Service Monitor. + # Tyk Operator publishes a collection of performance metrics for each controller. + # These metrics can be scraped by Prometheus Operator, by deploying ServiceMonitor resource. + serviceMonitor: false + + tyk-pump: ## Default values for tyk-pump chart. ## This is a YAML-formatted file. diff --git a/tyk-stack/Chart.lock b/tyk-stack/Chart.lock index 668e1eac..29bb5a5b 100644 --- a/tyk-stack/Chart.lock +++ b/tyk-stack/Chart.lock @@ -14,5 +14,8 @@ dependencies: - name: tyk-dev-portal repository: file://../components/tyk-dev-portal version: 1.4.0 -digest: sha256:927e4df36fcd0d6053e6bd30190491139c047eb77ea12206d9a541c96c164b23 -generated: "2024-05-06T17:29:58.773605+05:30" +- name: tyk-operator + repository: https://helm.tyk.io/public/helm/charts/ + version: 0.17.1 +digest: sha256:5c7d2197cc31370d1a99f6b935daead41d3245d9cea27a51ecdd602d5a3a92e3 +generated: "2024-05-09T12:54:06.937394+03:00" diff --git a/tyk-stack/Chart.yaml b/tyk-stack/Chart.yaml index 1bc5889f..ad613d32 100644 --- a/tyk-stack/Chart.yaml +++ b/tyk-stack/Chart.yaml @@ -41,6 +41,10 @@ dependencies: version: 1.4.0 repository: file://../components/tyk-dev-portal condition: global.components.devPortal + - name: tyk-operator + version: 0.17.1 + repository: https://helm.tyk.io/public/helm/charts/ + condition: global.components.operator annotations: artifacthub.io/category: networking artifacthub.io/links: | diff --git a/tyk-stack/values.yaml b/tyk-stack/values.yaml index 72069a7b..b774de2d 100644 --- a/tyk-stack/values.yaml +++ b/tyk-stack/values.yaml @@ -46,6 +46,10 @@ global: pump: true # Determines whether Tyk Developer Portal component should be installed. devPortal: false + # operator determines whether Tyk Operator component should be installed or not. + # Tyk Operator needs cert-manager to be installed beforehand. Make sure that cert-manager is installed. + # For further details, please refer to https://tyk.io/docs/tyk-stack/tyk-operator/installing-tyk-operator/ + operator: false servicePorts: # The port at which the dashboard service can be found at @@ -514,6 +518,80 @@ tyk-gateway: # readOnly: true extraVolumeMounts: [] +tyk-operator: + nameOverride: "" + fullnameOverride: "" + # envFrom loads environment variables from the specified resources such as Kubernetes Secret + # to the Tyk Operator Controller Manager pod. + envFrom: + - secretRef: + name: tyk-operator-conf + # envVars adds environment variables to the Tyk Operator Controller Manager pod. + envVars: + - name: TYK_HTTPS_INGRESS_PORT + value: "8443" + - name: TYK_HTTP_INGRESS_PORT + value: "8080" + image: + # image repository for Tyk Operator + repository: tykio/tyk-operator + # image pull policy + pullPolicy: IfNotPresent + # image tag for Tyk Operator + tag: "v0.17.0" + # number for replicas for Tyk Operator deployment. + replicaCount: 1 + # imagePullSecrets specify imagePullSecrets for ServiceAccount + imagePullSecrets: [] + # extraVolumes is a list of volumes to be added to the pod + # extraVolumes: + # - name: ca-certs + # secret: + # secretName: ca-certs + # - name: ca-certs + # configMap: + # name: custom-ca-configmap + extraVolumes: [] + + # extraVolumeMounts is a list of volume mounts to be added to the pod + # extraVolumeMounts: + # - name: ca-certs + # mountPath: /etc/ssl/certs/your-cert.pem + # subPath: your-cert.pem + # readOnly: false + extraVolumeMounts: [] + + # healthProbePort identifies the port the Controller Manager will listen on. Used by liveness and readiness probes + healthProbePort: 8081 + # metricsPort identifies the port on which Tyk Operator metrics are served + metricsPort: 8080 + # webhookPort identifies the port on which webhooks are handled + webhookPort: 9443 + + annotations: {} + podAnnotations: {} + podSecurityContext: + allowPrivilegeEscalation: false + resources: {} + nodeSelector: {} + hostNetwork: false + + # rbac specifies necessary resources for kube-rbac-proxy. + rbac: + resources: {} + # specify custom/internal repo name for kube-rbac-proxy container + image: + repository: gcr.io/kubebuilder/kube-rbac-proxy + pullPolicy: IfNotPresent + tag: "v0.8.0" + port: 8443 + + # serviceMonitor decides deploying ServiceMonitor if Prometheus Operator scrapes /metrics. + # By default it is set to false and set it to true to enable deploying Service Monitor. + # Tyk Operator publishes a collection of performance metrics for each controller. + # These metrics can be scraped by Prometheus Operator, by deploying ServiceMonitor resource. + serviceMonitor: false + tyk-pump: ## Default values for tyk-pump chart. ## This is a YAML-formatted file.