Merge pull request #37 from gabriel-farache/main

move m2k charts from parodos-dev/orchestrator-helm-chart

.gitignore

@@ -0,0 +1 @@
+*.tgz

charts/workflows/Chart.lock

@@ -5,5 +5,8 @@ dependencies:
 - name: greeting
   repository: file://charts/greeting
   version: 0.2.1
-digest: sha256:dcb311aadb9425b4dade8e250ee4bb54b50a480598adddbbe2a22e8b09396aec
-generated: "2024-01-30T09:12:32.196378562+02:00"
+- name: move2kube
+  repository: file://charts/move2kube
+  version: 0.2.1
+digest: sha256:829a6e7e4a4bbdb65ca03f6500fd3d9b46a5b1bcf194691b01fe7602d4635898
+generated: "2024-01-30T09:05:50.424446778+01:00"

charts/workflows/Chart.yaml

@@ -23,4 +23,8 @@ dependencies:
     repository: "file://charts/greeting"
     version: "0.2.1"
     condition: greeting.enabled
+  - name: move2kube
+    repository: "file://charts/move2kube"
+    version: "0.2.1"
+    condition: move2kube.enabled
 

charts/workflows/charts/move2kube/Chart.yaml

@@ -0,0 +1,28 @@
+apiVersion: v2
+name: move2kube
+description: >
+  Helm chart to deploy the move2kube workflow. #magic___^_^___line
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.2.1
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "0.0.1"
+
+# This is an icon to Parodos project. In the future we might design a dedicated logo for the Orchestrator.
+# However, since the entire development is done under the Parodos organization, we'll use it.
+icon: https://raw.githubusercontent.com/parodos-dev/parodos-dev.github.io/main/assets/images/WO_black.svg

charts/workflows/charts/move2kube/INSTALL.md

@@ -0,0 +1,55 @@
+Move2kube
+===========
+
+# Configuration
+
+We need to use `initContainers` and `securityContext` in our Knative services to allow SSH key exchange in move2kube workflow, we have to tell Knative to enable that feature:
+```bash
+  oc patch configmap/config-features \
+    -n knative-serving \
+    --type merge \
+    -p '{"data":{"kubernetes.podspec-init-containers": "enabled", "kubernetes.podspec-securitycontext": "enabled"}}'
+
+```
+
+Also, `move2kube` instance runs as root so we need to allow the `default` service account to use `runAsUser`:
+```console
+oc -n sonataflow-infra adm policy add-scc-to-user anyuid -z default
+```
+
+Create the secret that holds the ssh keys:
+```console
+oc create secret generic sshkeys --from-file=id_rsa=${HOME}/.ssh/id_rsa --from-file=id_rsa.pub=${HOME}/.ssh/id_rsa.pub -n sonataflow-infra
+```
+If you change the name of the secret, you will also have to updated the value of `sshSecretName` in [values.yaml](values.yaml)
+
+If you want to use other ssh keys you should update the `from-file` parameters values to match your own.
+
+If you do not have ssh keys, you can generate them with `ssh-keygen` command. You can for instance refer to https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent 
+
+Note that those ssh keys needs to be added in your git repository as well. For bitbucket it should be on the account level (https://bitbucket.org/account/settings/ssh-keys/)
+
+# Installation
+
+
+From `charts` folder run 
+```console
+helm install move2kube orchestrator/move2kube
+```
+
+Get the route of the move2kube instance:
+```console
+$ oc -n sonataflow-infra get routes move2kube-route 
+
+move2kube-route   move2kube-route-sonataflow-infra.apps.cluster-8xfw6.dynamic.redhatworkshops.io          move2kube-svc   <all>   edge          None
+```
+
+and run the following command to apply it to the `move2kubeURL` parameter:
+```console
+oc -n sonataflow-infra delete ksvc m2k-save-transformation-func &&
+ helm upgrade move2kube move2kube --set workflow.move2kubeURL=<url> &&
+ oc -n sonataflow-infra scale deployment serverless-workflow-m2k --replicas=0 &&
+ oc -n sonataflow-infra scale deployment serverless-workflow-m2k --replicas=1
+```
+
+In all of the above commands, the namespace `sonataflow-infra` is used. Beware that the `namespace` shall be the same as the one specify in [values.yaml](values.yaml) under the `namespace` property.

charts/workflows/charts/move2kube/README.md

@@ -0,0 +1,31 @@
+
+Move2kube
+===========
+
+Helm chart to deploy the move2kube workflow. #magic___^_^___line
+
+
+
+## Configuration
+
+The following table lists the configurable parameters of the Move2kube chart and their default values.
+
+| Parameter                | Description             | Default        |
+| ------------------------ | ----------------------- | -------------- |
+| `sshSecretName` | name of the secret holding the ssh keys that will be used by move2kube resources | `"sshkeys"` |
+| `brokerName` | name of the broker used by Knative eventing resources | `"default"` |
+| `namespace` | name where install the resources | `"sonataflow-infra"` |
+| `workflow.name` | name of the workflow | `"serverless-workflow-m2k"` |
+| `workflow.image` | image containing the workflow | `"quay.io/orchestrator/serverless-workflow-move2kube:latest"` |
+| `workflow.move2kubeURL` | URL for move2kube instace | `"https://move2kube-route-sonataflow-infra.apps.cluster-8xfw.redhatworkshops.io"` |
+| `workflow.backstageNotificationURL` | URL for backstage notification plugin | `"http://orchestrator-backstage.orchestrator/api/notifications/"` |
+| `kfunction.name` | name of the Knative function that save the transformation output to git | `"m2k-save-transformation-func"` |
+| `kfunction.image` | image of the knative function | `"quay.io/orchestrator/serverless-workflow-m2k-kfunc:latest"` |
+| `instance.name` | name of the move2kube instance deployment | `"move2kube"` |
+| `instance.image` | image of the move2kube instance | `"quay.io/orchestrator/move2kube-ui:latest"` |
+
+
+
+---
+_Documentation generated by [Frigate](https://frigate.readthedocs.io)._
+