From 616a490c4c13fd4f8570fe2808d29cdde59f8c16 Mon Sep 17 00:00:00 2001 From: Martin Marcher Date: Thu, 12 Oct 2023 17:45:41 +0000 Subject: [PATCH] Add route and ingress, use default settings Fixes #959 --- docker-plain/.gitignore | 2 + docker-plain/Jenkinsfile.template | 6 +- docker-plain/files/chart/Chart.yaml | 2 +- docker-plain/files/chart/templates/NOTES.txt | 22 ------- .../files/chart/templates/configMap.yaml | 15 +++++ .../files/chart/templates/deployment.yaml | 11 ++-- .../files/chart/templates/ingress.yaml | 4 +- docker-plain/files/chart/templates/route.yaml | 21 +++++++ docker-plain/files/chart/values.yaml | 60 +++++++++++++------ 9 files changed, 93 insertions(+), 50 deletions(-) create mode 100644 docker-plain/.gitignore delete mode 100644 docker-plain/files/chart/templates/NOTES.txt create mode 100644 docker-plain/files/chart/templates/configMap.yaml create mode 100644 docker-plain/files/chart/templates/route.yaml diff --git a/docker-plain/.gitignore b/docker-plain/.gitignore new file mode 100644 index 000000000..29474880c --- /dev/null +++ b/docker-plain/.gitignore @@ -0,0 +1,2 @@ +*.scratch +scratch/ diff --git a/docker-plain/Jenkinsfile.template b/docker-plain/Jenkinsfile.template index d885ca418..62d3088d8 100644 --- a/docker-plain/Jenkinsfile.template +++ b/docker-plain/Jenkinsfile.template @@ -20,7 +20,10 @@ odsComponentPipeline( */ odsComponentStageBuildOpenShiftImage(context) } - odsComponentStageRolloutOpenShiftDeployment(context) + odsComponentStageRolloutOpenShiftDeployment(context,[ + 'selector': "app.kubernetes.io/instance=${context.componentId}", + 'helmEnvBasedValuesFiles': ['values.env.yaml'] + ]) } def stageBuild(def context) { @@ -36,4 +39,3 @@ def stageUnitTest(def context) { // add your unit tests here, if needed } } - diff --git a/docker-plain/files/chart/Chart.yaml b/docker-plain/files/chart/Chart.yaml index df2d97f9b..b0787abf1 100644 --- a/docker-plain/files/chart/Chart.yaml +++ b/docker-plain/files/chart/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -name: chart +name: docker-plain description: A Helm chart for Kubernetes # A chart can be either an 'application' or a 'library' chart. diff --git a/docker-plain/files/chart/templates/NOTES.txt b/docker-plain/files/chart/templates/NOTES.txt deleted file mode 100644 index 319f01bda..000000000 --- a/docker-plain/files/chart/templates/NOTES.txt +++ /dev/null @@ -1,22 +0,0 @@ -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range $host := .Values.ingress.hosts }} - {{- range .paths }} - http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} - {{- end }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "chart.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "chart.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "chart.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") - echo http://$SERVICE_IP:{{ .Values.service.port }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "chart.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT -{{- end }} diff --git a/docker-plain/files/chart/templates/configMap.yaml b/docker-plain/files/chart/templates/configMap.yaml new file mode 100644 index 000000000..02063a5e4 --- /dev/null +++ b/docker-plain/files/chart/templates/configMap.yaml @@ -0,0 +1,15 @@ +{{- if false -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: "{{ .Release.Name }}-configmap" + labels: + {{- include "chart.labels" . | nindent 4 }} +data: + capabilities: | + {{- range $capability := .Capabilities.APIVersions }} + - {{ $capability }} + {{- end }} + kubeVersion: {{ printf "%#v" .Capabilities.KubeVersion }} + kubeVersion.gitVersion: {{ printf "%#v" .Capabilities.KubeVersion.GitVersion }} +{{- end }} diff --git a/docker-plain/files/chart/templates/deployment.yaml b/docker-plain/files/chart/templates/deployment.yaml index 11eae71d6..01030685f 100644 --- a/docker-plain/files/chart/templates/deployment.yaml +++ b/docker-plain/files/chart/templates/deployment.yaml @@ -31,19 +31,20 @@ spec: - name: {{ .Chart.Name }} securityContext: {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + image: "{{ .Values.registry }}/{{ .Values.imageNamespace }}/{{ .Values.componentId }}:{{ .Values.imageTag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + - name: HTTP_LISTEN_PORT + value: "{{ .Values.service.port }}" ports: - name: http containerPort: {{ .Values.service.port }} protocol: TCP livenessProbe: - httpGet: - path: / + tcpSocket: port: http readinessProbe: - httpGet: - path: / + tcpSocket: port: http resources: {{- toYaml .Values.resources | nindent 12 }} diff --git a/docker-plain/files/chart/templates/ingress.yaml b/docker-plain/files/chart/templates/ingress.yaml index 63c1311c9..c713260a9 100644 --- a/docker-plain/files/chart/templates/ingress.yaml +++ b/docker-plain/files/chart/templates/ingress.yaml @@ -37,8 +37,8 @@ spec: {{- end }} {{- end }} rules: - {{- range .Values.ingress.hosts }} - - host: {{ .host | quote }} + {{- range $entry := .Values.ingress.hosts }} + - host: {{ printf "%s" $entry.host | quote }} http: paths: {{- range .paths }} diff --git a/docker-plain/files/chart/templates/route.yaml b/docker-plain/files/chart/templates/route.yaml new file mode 100644 index 000000000..3cdee1ca0 --- /dev/null +++ b/docker-plain/files/chart/templates/route.yaml @@ -0,0 +1,21 @@ +{{- if .Capabilities.APIVersions.Has "route.openshift.io/v1/Route" }} +kind: Route +apiVersion: route.openshift.io/v1 +metadata: + name: {{ include "chart.fullname" . }} + labels: + {{- include "chart.labels" . | nindent 4 }} +spec: + # BUG(serverhorror): FIXME + host: {{ include "chart.fullname" . }} + to: + kind: Service + name: {{ include "chart.fullname" . }} + weight: 100 + port: + targetPort: http + tls: + termination: edge + insecureEdgeTerminationPolicy: Redirect + wildcardPolicy: None +{{- end }} diff --git a/docker-plain/files/chart/values.yaml b/docker-plain/files/chart/values.yaml index 045d76ca0..877decc3b 100644 --- a/docker-plain/files/chart/values.yaml +++ b/docker-plain/files/chart/values.yaml @@ -5,10 +5,7 @@ replicaCount: 1 image: - repository: nginx - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. - tag: "" + imagePullPolicy: IfNotPresent imagePullSecrets: [] nameOverride: "" @@ -16,7 +13,7 @@ fullnameOverride: "" serviceAccount: # Specifies whether a service account should be created - create: true + create: false # Annotations to add to the service account annotations: {} # The name of the service account to use. @@ -38,32 +35,59 @@ securityContext: {} service: type: ClusterIP - port: 80 + port: 8080 +# BUG(serverhorror): FIXME ingress: enabled: false className: "" - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" + annotations: + # Please see: https://confluence.biscrum.com/x/YxU_FQ + # the cluster-issuer that cert-manager should use + cert-manager.io/cluster-issuer: "bi-acme-issuer" + # Add your CN (e.g. your main domain) + cert-manager.io/common-name: your-app.apps.eu-dev.ocp.aws.boehringer.com + # Add your mail + cert-manager.io/email-sans: your-mail@boehringer-ingelheim.com + # configure your Org + cert-manager.io/subject-organizations: Boehringer Ingelheim GmbH + # configure your Org Unit + cert-manager.io/subject-organizationalunits: IT + # configure your Org country + cert-manager.io/subject-countries: DE + # You can also add your province, etc here (see cert-manager docs) + + # try to renew your certificate 30 days before it will expire (default is 15 days) + cert-manager.io/renew-before: 720h + # limit the number of CertificateRequests to keep to the last 5 (by default it will keep all CertificateRequests) + cert-manager.io/revision-history-limit: '5' + # set the encoding of your private key (default is PKCS1) + cert-manager.io/private-key-encoding: PKCS8 + # the key size to use for the RSA private key algorithm + # (default is 2048; you can also go up to 8192). + # You could also switch to other private key alogrithms, + # which are not supported by the BI ACME server as far as I know. + cert-manager.io/private-key-size: '4096' hosts: - - host: chart-example.local + # BUG(serverhorror): FIXME + - host: chart-example.eu.example.invalid paths: - path: / pathType: ImplementationSpecific - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local + tls: + - secretName: chart-example-tls + hosts: + # BUG(serverhorror): FIXME + - chart-example.eu.example.invalid -resources: {} +resources: # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi + limits: + cpu: 100m + memory: 128Mi # requests: # cpu: 100m # memory: 128Mi