diff --git a/.github/workflows/actions/action.yaml b/.github/workflows/actions/action.yaml index 17efcbe7ce..4970bd9a08 100644 --- a/.github/workflows/actions/action.yaml +++ b/.github/workflows/actions/action.yaml @@ -6,12 +6,6 @@ runs: with: java-version: '21' distribution: 'adopt' - - name: Cache SonarCloud packages - uses: actions/cache@v4 - with: - path: ~/.sonar/cache - key: ${{ runner.os }}-sonar - restore-keys: ${{ runner.os }}-sonar - name: Cache Maven packages uses: actions/cache@v4 with: diff --git a/.github/workflows/backoffice-bff-ci.yaml b/.github/workflows/backoffice-bff-ci.yaml index bc86417285..c697f43e46 100644 --- a/.github/workflows/backoffice-bff-ci.yaml +++ b/.github/workflows/backoffice-bff-ci.yaml @@ -2,7 +2,6 @@ name: backoffice-bff service ci on: push: - branches: [ "main" ] paths: - "backoffice-bff/**" - ".github/workflows/actions/action.yaml" @@ -20,54 +19,28 @@ on: jobs: Build: runs-on: ubuntu-latest - env: - FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} steps: - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - uses: ./.github/workflows/actions - - name: Run Maven Checkstyle - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - run: mvn checkstyle:checkstyle -f backoffice-bff -Dcheckstyle.output.file=backoffice-bff-checkstyle-result.xml - - name: Upload Checkstyle Result - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: jwgmeligmeyling/checkstyle-github-action@master - with: - path: '**/backoffice-bff-checkstyle-result.xml' - name: Run Maven Verify run: mvn clean verify -f backoffice-bff - - name: Analyze with sonar cloud - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -f backoffice-bff - - name: OWASP Dependency Check - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: dependency-check/Dependency-Check_Action@main - env: - JAVA_HOME: /opt/jdk - with: - project: 'yas' - path: '.' - format: 'HTML' - - name: Upload OWASP Dependency Check results - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: actions/upload-artifact@master - with: - name: OWASP Dependency Check Report - path: ${{github.workspace}}/reports - - name: Log in to the Container registry - if: ${{ github.ref == 'refs/heads/main' }} + - name: Log in to Docker Hub uses: docker/login-action@v3 with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push Docker images - if: ${{ github.ref == 'refs/heads/main' }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker Tag + run: | + if [ "${{ github.ref_name }}" == "main" ]; then + echo "DOCKER_TAG=latest" >> $GITHUB_ENV + else + echo "DOCKER_TAG=${{ github.sha }}" >> $GITHUB_ENV + fi + + - name: Build and push Docker image uses: docker/build-push-action@v6 with: - context: ./backoffice-bff + context: ./backofficehow to use nvida gpu free in kaggle-bff push: true - tags: ghcr.io/nashtech-garage/yas-backoffice-bff:latest + tags: ${{ secrets.DOCKERHUB_USERNAME }}/yas-backoffice-bff:${{ env.DOCKER_TAG }} diff --git a/.github/workflows/backoffice-ci.yaml b/.github/workflows/backoffice-ci.yaml index 262082dbe8..f033fd1689 100644 --- a/.github/workflows/backoffice-ci.yaml +++ b/.github/workflows/backoffice-ci.yaml @@ -2,7 +2,6 @@ name: backoffice service ci on: push: - branches: [ "main" ] paths: - "backoffice/**" - ".github/workflows/actions/action.yaml" @@ -18,12 +17,8 @@ on: jobs: Build: runs-on: ubuntu-latest - env: - FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} steps: - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - uses: actions/setup-node@v4 with: node-version: 20 @@ -38,49 +33,23 @@ jobs: - run: npm audit --omit=dev continue-on-error: true working-directory: backoffice - - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.24.0 - with: - scan-type: 'fs' - scan-ref: './backoffice' - format: 'sarif' - output: 'trivy-results.sarif' - - name: SonarCloud Scan - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: SonarSource/sonarcloud-github-action@master - with: - projectBaseDir: backoffice - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - - name: Log in to the Container registry - if: ${{ github.ref == 'refs/heads/main' }} + - name: Log in to Docker Hub uses: docker/login-action@v3 with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build Docker image - if: ${{ github.ref == 'refs/heads/main' }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker Tag + run: | + if [ "${{ github.ref_name }}" == "main" ]; then + echo "DOCKER_TAG=latest" >> $GITHUB_ENV + else + echo "DOCKER_TAG=${{ github.sha }}" >> $GITHUB_ENV + fi + + - name: Build and push Docker image uses: docker/build-push-action@v6 with: context: ./backoffice - tags: ghcr.io/nashtech-garage/yas-backoffice:latest - - name: Run Trivy vulnerability scanner - if: ${{ github.ref == 'refs/heads/main' }} - uses: aquasecurity/trivy-action@0.24.0 - with: - image-ref: 'ghcr.io/nashtech-garage/yas-backoffice:latest' - format: 'sarif' - output: 'trivy-results.sarif' - - name: Push Docker image - if: ${{ github.ref == 'refs/heads/main' }} - uses: docker/build-push-action@v6 - with: push: true - context: ./backoffice - tags: ghcr.io/nashtech-garage/yas-backoffice:latest - - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v3 - with: - sarif_file: 'trivy-results.sarif' + tags: ${{ secrets.DOCKERHUB_USERNAME }}/yas-backoffice:${{ env.DOCKER_TAG }} diff --git a/.github/workflows/cart-ci.yaml b/.github/workflows/cart-ci.yaml index 59f0045fa6..3f0f811182 100644 --- a/.github/workflows/cart-ci.yaml +++ b/.github/workflows/cart-ci.yaml @@ -2,7 +2,6 @@ name: cart service ci on: push: - branches: [ "main" ] paths: - "cart/**" - ".github/workflows/actions/action.yaml" @@ -24,67 +23,26 @@ jobs: FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} steps: - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - uses: ./.github/workflows/actions - name: Run Maven Build Command run: mvn clean install -pl cart -am - - name: Run Maven Checkstyle - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - run: mvn checkstyle:checkstyle -pl cart -am -Dcheckstyle.output.file=cart-checkstyle-result.xml - - name: Upload Checkstyle Result - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: jwgmeligmeyling/checkstyle-github-action@master - with: - path: '**/cart-checkstyle-result.xml' - - name: Test Results - uses: dorny/test-reporter@v1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' && (success() || failure()) }} - with: - name: Cart-Service-Unit-Test-Results - path: "cart/**/*-reports/TEST*.xml" - reporter: java-junit - - name: OWASP Dependency Check - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: dependency-check/Dependency-Check_Action@main - env: - JAVA_HOME: /opt/jdk - with: - project: 'yas' - path: '.' - format: 'HTML' - - name: Upload OWASP Dependency Check results - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: actions/upload-artifact@master - with: - name: OWASP Dependency Check Report - path: ${{github.workspace}}/reports - - name: Analyze with sonar cloud - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -pl cart -am - - name: Add coverage report to PR - uses: madrapps/jacoco-report@v1.6.1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - with: - paths: ${{github.workspace}}/cart/target/site/jacoco/jacoco.xml - token: ${{secrets.GITHUB_TOKEN}} - min-coverage-overall: 80 - min-coverage-changed-files: 60 - title: 'Cart Coverage Report' - update-comment: true - - name: Log in to the Container registry - if: ${{ github.ref == 'refs/heads/main' }} + - name: Log in to Docker Hub uses: docker/login-action@v3 with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push Docker images - if: ${{ github.ref == 'refs/heads/main' }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker Tag + run: | + if [ "${{ github.ref_name }}" == "main" ]; then + echo "DOCKER_TAG=latest" >> $GITHUB_ENV + else + echo "DOCKER_TAG=${{ github.sha }}" >> $GITHUB_ENV + fi + + - name: Build and push Docker image uses: docker/build-push-action@v6 with: context: ./cart push: true - tags: ghcr.io/nashtech-garage/yas-cart:latest \ No newline at end of file + tags: ${{ secrets.DOCKERHUB_USERNAME }}/yas-cart:${{ env.DOCKER_TAG }} \ No newline at end of file diff --git a/.github/workflows/customer-ci.yaml b/.github/workflows/customer-ci.yaml index 9258bd4ade..39de290626 100644 --- a/.github/workflows/customer-ci.yaml +++ b/.github/workflows/customer-ci.yaml @@ -2,7 +2,6 @@ name: customer service ci on: push: - branches: [ "main" ] paths: - "customer/**" - ".github/workflows/actions/action.yaml" @@ -20,71 +19,28 @@ on: jobs: Build: runs-on: ubuntu-latest - env: - FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} steps: - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - uses: ./.github/workflows/actions - name: Run Maven Build Command run: mvn clean install -pl customer -am - - name: Run Maven Checkstyle - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - run: mvn checkstyle:checkstyle -pl customer -am -Dcheckstyle.output.file=customer-checkstyle-result.xml - - name: Upload Checkstyle Result - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: jwgmeligmeyling/checkstyle-github-action@master - with: - path: '**/customer-checkstyle-result.xml' - - name: Test Results - uses: dorny/test-reporter@v1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' && (success() || failure()) }} - with: - name: Customer-Service-Unit-Test-Results - path: "customer/**/*-reports/TEST*.xml" - reporter: java-junit - - name: Analyze with sonar cloud - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -f customer - - name: OWASP Dependency Check - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: dependency-check/Dependency-Check_Action@main - env: - JAVA_HOME: /opt/jdk - with: - project: 'yas' - path: '.' - format: 'HTML' - - name: Upload OWASP Dependency Check results - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: actions/upload-artifact@master - with: - name: OWASP Dependency Check Report - path: ${{github.workspace}}/reports - - name: Add coverage report to PR - uses: madrapps/jacoco-report@v1.6.1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - with: - paths: ${{github.workspace}}/customer/target/site/jacoco/jacoco.xml - token: ${{secrets.GITHUB_TOKEN}} - min-coverage-overall: 80 - min-coverage-changed-files: 60 - title: 'Customer Coverage Report' - update-comment: true - - name: Log in to the Container registry - if: ${{ github.ref == 'refs/heads/main' }} + - name: Log in to Docker Hub uses: docker/login-action@v3 with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push Docker images - if: ${{ github.ref == 'refs/heads/main' }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker Tag + run: | + if [ "${{ github.ref_name }}" == "main" ]; then + echo "DOCKER_TAG=latest" >> $GITHUB_ENV + else + echo "DOCKER_TAG=${{ github.sha }}" >> $GITHUB_ENV + fi + + - name: Build and push Docker image uses: docker/build-push-action@v6 with: context: ./customer push: true - tags: ghcr.io/nashtech-garage/yas-customer:latest \ No newline at end of file + tags: ${{ secrets.DOCKERHUB_USERNAME }}/yas-customer:${{ env.DOCKER_TAG }} \ No newline at end of file diff --git a/.github/workflows/inventory-ci.yaml b/.github/workflows/inventory-ci.yaml index a5e362ba3b..66644e1a0c 100644 --- a/.github/workflows/inventory-ci.yaml +++ b/.github/workflows/inventory-ci.yaml @@ -2,7 +2,6 @@ name: inventory service ci on: push: - branches: ["main"] paths: - "inventory/**" - ".github/workflows/actions/action.yaml" @@ -20,71 +19,28 @@ on: jobs: Build: runs-on: ubuntu-latest - env: - FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} steps: - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - uses: ./.github/workflows/actions - name: Run Maven Build Command run: mvn clean install -pl inventory -am - - name: Run Maven Checkstyle - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - run: mvn checkstyle:checkstyle -pl inventory -am -Dcheckstyle.output.file=inventory-checkstyle-result.xml - - name: Upload Checkstyle Result - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: jwgmeligmeyling/checkstyle-github-action@master - with: - path: '**/inventory-checkstyle-result.xml' - - name: Test Results - uses: dorny/test-reporter@v1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' && (success() || failure()) }} - with: - name: Inventory-Service-Test-Results - path: "inventory/**/*-reports/TEST*.xml" - reporter: java-junit - - name: OWASP Dependency Check - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: dependency-check/Dependency-Check_Action@main - env: - JAVA_HOME: /opt/jdk - with: - project: 'yas' - path: '.' - format: 'HTML' - - name: Upload OWASP Dependency Check results - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: actions/upload-artifact@master - with: - name: OWASP Dependency Check Report - path: ${{github.workspace}}/reports - - name: Analyze with sonar cloud - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -f inventory - - name: Add coverage report to PR - uses: madrapps/jacoco-report@v1.6.1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - with: - paths: ${{github.workspace}}/inventory/target/site/jacoco/jacoco.xml - token: ${{secrets.GITHUB_TOKEN}} - min-coverage-overall: 80 - min-coverage-changed-files: 60 - title: 'Inventory Coverage Report' - update-comment: true - - name: Log in to the Container registry - if: ${{ github.ref == 'refs/heads/main' }} + - name: Log in to Docker Hub uses: docker/login-action@v3 with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push Docker images - if: ${{ github.ref == 'refs/heads/main' }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker Tag + run: | + if [ "${{ github.ref_name }}" == "main" ]; then + echo "DOCKER_TAG=latest" >> $GITHUB_ENV + else + echo "DOCKER_TAG=${{ github.sha }}" >> $GITHUB_ENV + fi + + - name: Build and push Docker image uses: docker/build-push-action@v6 with: context: ./inventory push: true - tags: ghcr.io/nashtech-garage/yas-inventory:latest \ No newline at end of file + tags: ${{ secrets.DOCKERHUB_USERNAME }}/yas-inventory:${{ env.DOCKER_TAG }} \ No newline at end of file diff --git a/.github/workflows/location-ci.yaml b/.github/workflows/location-ci.yaml index 2199903905..d12d56ac5c 100644 --- a/.github/workflows/location-ci.yaml +++ b/.github/workflows/location-ci.yaml @@ -2,7 +2,6 @@ name: location service ci on: push: - branches: ["main"] paths: - "location/**" - ".github/workflows/actions/action.yaml" @@ -20,71 +19,28 @@ on: jobs: Build: runs-on: ubuntu-latest - env: - FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} steps: - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - uses: ./.github/workflows/actions - name: Run Maven Build Command run: mvn clean install -pl location -am - - name: Run Maven Checkstyle - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - run: mvn checkstyle:checkstyle -pl location -am -Dcheckstyle.output.file=location-checkstyle-result.xml - - name: Upload Checkstyle Result - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: jwgmeligmeyling/checkstyle-github-action@master - with: - path: '**/location-checkstyle-result.xml' - - name: Test Results - uses: dorny/test-reporter@v1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' && (success() || failure()) }} - with: - name: Location-Service-Unit-Test-Results - path: "location/**/*-reports/TEST*.xml" - reporter: java-junit - - name: Analyze with sonar cloud - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -f location - - name: OWASP Dependency Check - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: dependency-check/Dependency-Check_Action@main - env: - JAVA_HOME: /opt/jdk - with: - project: 'yas' - path: '.' - format: 'HTML' - - name: Upload OWASP Dependency Check results - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: actions/upload-artifact@master - with: - name: OWASP Dependency Check Report - path: ${{github.workspace}}/reports - - name: Add coverage report to PR - uses: madrapps/jacoco-report@v1.6.1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - with: - paths: ${{github.workspace}}/location/target/site/jacoco/jacoco.xml - token: ${{secrets.GITHUB_TOKEN}} - min-coverage-overall: 80 - min-coverage-changed-files: 60 - title: 'Location Coverage Report' - update-comment: true - - name: Log in to the Container registry - if: ${{ github.ref == 'refs/heads/main' }} + - name: Log in to Docker Hub uses: docker/login-action@v3 with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push Docker images - if: ${{ github.ref == 'refs/heads/main' }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker Tag + run: | + if [ "${{ github.ref_name }}" == "main" ]; then + echo "DOCKER_TAG=latest" >> $GITHUB_ENV + else + echo "DOCKER_TAG=${{ github.sha }}" >> $GITHUB_ENV + fi + + - name: Build and push Docker image uses: docker/build-push-action@v6 with: context: ./location push: true - tags: ghcr.io/nashtech-garage/yas-location:latest \ No newline at end of file + tags: ${{ secrets.DOCKERHUB_USERNAME }}/yas-location:${{ env.DOCKER_TAG }} \ No newline at end of file diff --git a/.github/workflows/media-ci.yaml b/.github/workflows/media-ci.yaml index 006fb4fb92..453a231a07 100644 --- a/.github/workflows/media-ci.yaml +++ b/.github/workflows/media-ci.yaml @@ -2,7 +2,6 @@ name: media service ci on: push: - branches: [ "main" ] paths: - "media/**" - ".github/workflows/actions/action.yaml" @@ -20,71 +19,28 @@ on: jobs: Build: runs-on: ubuntu-latest - env: - FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} steps: - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - uses: ./.github/workflows/actions - name: Run Maven Build Command run: mvn clean install -pl media -am - - name: Run Maven Checkstyle - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - run: mvn checkstyle:checkstyle -pl media -am -Dcheckstyle.output.file=media-checkstyle-result.xml - - name: Upload Checkstyle Result - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: jwgmeligmeyling/checkstyle-github-action@master - with: - path: '**/media-checkstyle-result.xml' - - name: Test Results - uses: dorny/test-reporter@v1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' && (success() || failure()) }} - with: - name: Media-Service-Unit-Test-Results - path: "media/**/*-reports/TEST*.xml" - reporter: java-junit - - name: Analyze with sonar cloud - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -f media - - name: OWASP Dependency Check - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: dependency-check/Dependency-Check_Action@main - env: - JAVA_HOME: /opt/jdk - with: - project: 'yas' - path: '.' - format: 'HTML' - - name: Upload OWASP Dependency Check results - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: actions/upload-artifact@master - with: - name: OWASP Dependency Check Report - path: ${{github.workspace}}/reports - - name: Add coverage report to PR - uses: madrapps/jacoco-report@v1.6.1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - with: - paths: ${{github.workspace}}/media/target/site/jacoco/jacoco.xml - token: ${{secrets.GITHUB_TOKEN}} - min-coverage-overall: 80 - min-coverage-changed-files: 60 - title: 'Media Coverage Report' - update-comment: true - - name: Log in to the Container registry - if: ${{ github.ref == 'refs/heads/main' }} + - name: Log in to Docker Hub uses: docker/login-action@v3 with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push Docker images - if: ${{ github.ref == 'refs/heads/main' }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker Tag + run: | + if [ "${{ github.ref_name }}" == "main" ]; then + echo "DOCKER_TAG=latest" >> $GITHUB_ENV + else + echo "DOCKER_TAG=${{ github.sha }}" >> $GITHUB_ENV + fi + + - name: Build and push Docker image uses: docker/build-push-action@v6 with: context: ./media push: true - tags: ghcr.io/nashtech-garage/yas-media:latest \ No newline at end of file + tags: ${{ secrets.DOCKERHUB_USERNAME }}/yas-media:${{ env.DOCKER_TAG }} \ No newline at end of file diff --git a/.github/workflows/order-ci.yaml b/.github/workflows/order-ci.yaml index a9a37d2feb..78d44a3249 100644 --- a/.github/workflows/order-ci.yaml +++ b/.github/workflows/order-ci.yaml @@ -2,7 +2,6 @@ name: order service ci on: push: - branches: ["main"] paths: - "order/**" - ".github/workflows/actions/action.yaml" @@ -20,71 +19,28 @@ on: jobs: Build: runs-on: ubuntu-latest - env: - FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} steps: - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - uses: ./.github/workflows/actions - name: Run Maven Build Command run: mvn clean install -pl order -am - - name: Run Maven Checkstyle - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - run: mvn checkstyle:checkstyle -pl order -am -Dcheckstyle.output.file=order-checkstyle-result.xml - - name: Upload Checkstyle Result - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: jwgmeligmeyling/checkstyle-github-action@master - with: - path: '**/order-checkstyle-result.xml' - - name: Test Results - uses: dorny/test-reporter@v1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' && (success() || failure()) }} - with: - name: Order-Service-Unit-Test-Results - path: "order/**/*-reports/TEST*.xml" - reporter: java-junit - - name: Analyze with sonar cloud - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -f order - - name: OWASP Dependency Check - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: dependency-check/Dependency-Check_Action@main - env: - JAVA_HOME: /opt/jdk - with: - project: 'yas' - path: '.' - format: 'HTML' - - name: Upload OWASP Dependency Check results - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: actions/upload-artifact@master - with: - name: OWASP Dependency Check Report - path: ${{github.workspace}}/reports - - name: Add coverage report to PR - uses: madrapps/jacoco-report@v1.6.1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - with: - paths: ${{github.workspace}}/order/target/site/jacoco/jacoco.xml - token: ${{secrets.GITHUB_TOKEN}} - min-coverage-overall: 80 - min-coverage-changed-files: 60 - title: 'Order Coverage Report' - update-comment: true - - name: Log in to the Container registry - if: ${{ github.ref == 'refs/heads/main' }} + - name: Log in to Docker Hub uses: docker/login-action@v3 with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push Docker images - if: ${{ github.ref == 'refs/heads/main' }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker Tag + run: | + if [ "${{ github.ref_name }}" == "main" ]; then + echo "DOCKER_TAG=latest" >> $GITHUB_ENV + else + echo "DOCKER_TAG=${{ github.sha }}" >> $GITHUB_ENV + fi + + - name: Build and push Docker image uses: docker/build-push-action@v6 with: context: ./order push: true - tags: ghcr.io/nashtech-garage/yas-order:latest \ No newline at end of file + tags: ${{ secrets.DOCKERHUB_USERNAME }}/yas-order:${{ env.DOCKER_TAG }} \ No newline at end of file diff --git a/.github/workflows/payment-ci.yaml b/.github/workflows/payment-ci.yaml index c311795486..c1e9a63b41 100644 --- a/.github/workflows/payment-ci.yaml +++ b/.github/workflows/payment-ci.yaml @@ -2,7 +2,6 @@ name: payment service ci on: push: - branches: ["main"] paths: - "payment/**" - ".github/workflows/actions/action.yaml" @@ -20,71 +19,28 @@ on: jobs: Build: runs-on: ubuntu-latest - env: - FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} steps: - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - uses: ./.github/workflows/actions - name: Run Maven Build Command run: mvn clean install -pl payment -am - - name: Run Maven Checkstyle - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - run: mvn checkstyle:checkstyle -pl payment -am -Dcheckstyle.output.file=payment-checkstyle-result.xml - - name: Upload Checkstyle Result - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: jwgmeligmeyling/checkstyle-github-action@master - with: - path: '**/payment-checkstyle-result.xml' - - name: Test Results - uses: dorny/test-reporter@v1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' && (success() || failure()) }} - with: - name: Payment-Service-Unit-Test-Results - path: "payment/**/*-reports/TEST*.xml" - reporter: java-junit - - name: Analyze with sonar cloud - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -f payment - - name: OWASP Dependency Check - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: dependency-check/Dependency-Check_Action@main - env: - JAVA_HOME: /opt/jdk - with: - project: 'yas' - path: '.' - format: 'HTML' - - name: Upload OWASP Dependency Check results - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: actions/upload-artifact@master - with: - name: OWASP Dependency Check Report - path: ${{github.workspace}}/reports - - name: Add coverage report to PR - uses: madrapps/jacoco-report@v1.6.1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - with: - paths: ${{github.workspace}}/payment/target/site/jacoco/jacoco.xml - token: ${{secrets.GITHUB_TOKEN}} - min-coverage-overall: 80 - min-coverage-changed-files: 60 - title: 'Payment Coverage Report' - update-comment: true - - name: Log in to the Container registry - if: ${{ github.ref == 'refs/heads/main' }} + - name: Log in to Docker Hub uses: docker/login-action@v3 with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push Docker images - if: ${{ github.ref == 'refs/heads/main' }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker Tag + run: | + if [ "${{ github.ref_name }}" == "main" ]; then + echo "DOCKER_TAG=latest" >> $GITHUB_ENV + else + echo "DOCKER_TAG=${{ github.sha }}" >> $GITHUB_ENV + fi + + - name: Build and push Docker image uses: docker/build-push-action@v6 with: context: ./payment push: true - tags: ghcr.io/nashtech-garage/yas-payment:latest \ No newline at end of file + tags: ${{ secrets.DOCKERHUB_USERNAME }}/yas-payment:${{ env.DOCKER_TAG }} \ No newline at end of file diff --git a/.github/workflows/payment-paypal-ci.yaml b/.github/workflows/payment-paypal-ci.yaml index bc0ad53089..e756569a3d 100644 --- a/.github/workflows/payment-paypal-ci.yaml +++ b/.github/workflows/payment-paypal-ci.yaml @@ -2,7 +2,6 @@ name: payment-paypal service ci on: push: - branches: ["main"] paths: - "payment-paypal/**" - ".github/workflows/actions/action.yaml" @@ -20,71 +19,28 @@ on: jobs: Build: runs-on: ubuntu-latest - env: - FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} steps: - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - uses: ./.github/workflows/actions - name: Run Maven Build Command run: mvn clean install -pl payment-paypal -am - - name: Run Maven Checkstyle - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - run: mvn checkstyle:checkstyle -pl payment-paypal -am -Dcheckstyle.output.file=payment-paypal-checkstyle-result.xml - - name: Upload Checkstyle Result - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: jwgmeligmeyling/checkstyle-github-action@master - with: - path: '**/payment-paypal-checkstyle-result.xml' - - name: Test Results - uses: dorny/test-reporter@v1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' && (success() || failure()) }} - with: - name: Payment-Paypal-Unit-Test-Results - path: "payment-paypal/**/*-reports/TEST*.xml" - reporter: java-junit - - name: Analyze with sonar cloud - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -f payment-paypal - - name: OWASP Dependency Check - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: dependency-check/Dependency-Check_Action@main - env: - JAVA_HOME: /opt/jdk - with: - project: 'yas' - path: '.' - format: 'HTML' - - name: Upload OWASP Dependency Check results - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: actions/upload-artifact@master - with: - name: OWASP Dependency Check Report - path: ${{github.workspace}}/reports - - name: Add coverage report to PR - uses: madrapps/jacoco-report@v1.6.1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - with: - paths: ${{github.workspace}}/payment-paypal/target/site/jacoco/jacoco.xml - token: ${{secrets.GITHUB_TOKEN}} - min-coverage-overall: 80 - min-coverage-changed-files: 60 - title: 'Payment Paypal Coverage Report' - update-comment: true - - name: Log in to the Container registry - if: ${{ github.ref == 'refs/heads/main' }} + - name: Log in to Docker Hub uses: docker/login-action@v3 with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push Docker images - if: ${{ github.ref == 'refs/heads/main' }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker Tag + run: | + if [ "${{ github.ref_name }}" == "main" ]; then + echo "DOCKER_TAG=latest" >> $GITHUB_ENV + else + echo "DOCKER_TAG=${{ github.sha }}" >> $GITHUB_ENV + fi + + - name: Build and push Docker image uses: docker/build-push-action@v6 with: context: ./payment-paypal push: true - tags: ghcr.io/nashtech-garage/yas-payment-paypal:latest \ No newline at end of file + tags: ${{ secrets.DOCKERHUB_USERNAME }}/yas-payment-paypal:${{ env.DOCKER_TAG }} \ No newline at end of file diff --git a/.github/workflows/product-ci.yaml b/.github/workflows/product-ci.yaml index caf92af448..2622cd19fa 100644 --- a/.github/workflows/product-ci.yaml +++ b/.github/workflows/product-ci.yaml @@ -2,7 +2,6 @@ name: product service ci on: push: - branches: [ "main" ] paths: - "product/**" - ".github/workflows/actions/action.yaml" @@ -20,71 +19,28 @@ on: jobs: Build: runs-on: ubuntu-latest - env: - FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} steps: - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - uses: ./.github/workflows/actions - name: Run Maven Build Command run: mvn clean install -pl product -am - - name: Run Maven Checkstyle - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - run: mvn checkstyle:checkstyle -pl product -am -Dcheckstyle.output.file=product-checkstyle-result.xml - - name: Upload Checkstyle Result - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: jwgmeligmeyling/checkstyle-github-action@master - with: - path: '**/product-checkstyle-result.xml' - - name: Test Results - uses: dorny/test-reporter@v1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' && (success() || failure()) }} - with: - name: Product-Service-Unit-Test-Results - path: "product/**/*-reports/TEST*.xml" - reporter: java-junit - - name: Analyze with sonar cloud - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -f product - - name: OWASP Dependency Check - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: dependency-check/Dependency-Check_Action@main - env: - JAVA_HOME: /opt/jdk - with: - project: 'yas' - path: '.' - format: 'HTML' - - name: Upload OWASP Dependency Check results - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: actions/upload-artifact@master - with: - name: OWASP Dependency Check Report - path: ${{github.workspace}}/reports - - name: Add coverage report to PR - uses: madrapps/jacoco-report@v1.6.1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - with: - paths: ${{github.workspace}}/product/target/site/jacoco/jacoco.xml - token: ${{secrets.GITHUB_TOKEN}} - min-coverage-overall: 80 - min-coverage-changed-files: 60 - title: 'Product Coverage Report' - update-comment: true - - name: Log in to the Container registry - if: ${{ github.ref == 'refs/heads/main' }} + - name: Log in to Docker Hub uses: docker/login-action@v3 with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push Docker images - if: ${{ github.ref == 'refs/heads/main' }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker Tag + run: | + if [ "${{ github.ref_name }}" == "main" ]; then + echo "DOCKER_TAG=latest" >> $GITHUB_ENV + else + echo "DOCKER_TAG=${{ github.sha }}" >> $GITHUB_ENV + fi + + - name: Build and push Docker image uses: docker/build-push-action@v6 with: context: ./product push: true - tags: ghcr.io/nashtech-garage/yas-product:latest \ No newline at end of file + tags: ${{ secrets.DOCKERHUB_USERNAME }}/yas-product:${{ env.DOCKER_TAG }} \ No newline at end of file diff --git a/.github/workflows/promotion-ci.yaml b/.github/workflows/promotion-ci.yaml index 3d1fa1458c..315b30ba48 100644 --- a/.github/workflows/promotion-ci.yaml +++ b/.github/workflows/promotion-ci.yaml @@ -2,7 +2,6 @@ name: promotion service ci on: push: - branches: ["main"] paths: - "promotion/**" - ".github/workflows/actions/action.yaml" @@ -20,71 +19,28 @@ on: jobs: Build: runs-on: ubuntu-latest - env: - FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} steps: - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - uses: ./.github/workflows/actions - name: Run Maven Build Command run: mvn clean install -pl promotion -am - - name: Run Maven Checkstyle - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - run: mvn checkstyle:checkstyle -pl promotion -am -Dcheckstyle.output.file=promotion-checkstyle-result.xml - - name: Upload Checkstyle Result - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: jwgmeligmeyling/checkstyle-github-action@master - with: - path: '**/promotion-checkstyle-result.xml' - - name: Test Results - uses: dorny/test-reporter@v1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' && (success() || failure()) }} - with: - name: Promotion-Service-Unit-Test-Results - path: "promotion/**/*-reports/TEST*.xml" - reporter: java-junit - - name: Analyze with sonar cloud - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -f promotion - - name: OWASP Dependency Check - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: dependency-check/Dependency-Check_Action@main - env: - JAVA_HOME: /opt/jdk - with: - project: 'yas' - path: '.' - format: 'HTML' - - name: Upload OWASP Dependency Check results - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: actions/upload-artifact@master - with: - name: OWASP Dependency Check Report - path: ${{github.workspace}}/reports - - name: Add coverage report to PR - uses: madrapps/jacoco-report@v1.6.1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - with: - paths: ${{github.workspace}}/promotion/target/site/jacoco/jacoco.xml - token: ${{secrets.GITHUB_TOKEN}} - min-coverage-overall: 80 - min-coverage-changed-files: 60 - title: 'Promotion Coverage Report' - update-comment: true - - name: Log in to the Container registry - if: ${{ github.ref == 'refs/heads/main' }} + - name: Log in to Docker Hub uses: docker/login-action@v3 with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push Docker images - if: ${{ github.ref == 'refs/heads/main' }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker Tag + run: | + if [ "${{ github.ref_name }}" == "main" ]; then + echo "DOCKER_TAG=latest" >> $GITHUB_ENV + else + echo "DOCKER_TAG=${{ github.sha }}" >> $GITHUB_ENV + fi + + - name: Build and push Docker image uses: docker/build-push-action@v6 with: context: ./promotion push: true - tags: ghcr.io/nashtech-garage/yas-promotion:latest \ No newline at end of file + tags: ${{ secrets.DOCKERHUB_USERNAME }}/yas-promotion:${{ env.DOCKER_TAG }} \ No newline at end of file diff --git a/.github/workflows/rating-ci.yaml b/.github/workflows/rating-ci.yaml index 9ad9c84ca8..2f0d97c453 100644 --- a/.github/workflows/rating-ci.yaml +++ b/.github/workflows/rating-ci.yaml @@ -2,7 +2,6 @@ name: rating service ci on: push: - branches: ["main"] paths: - "rating/**" - ".github/workflows/actions/action.yaml" @@ -20,71 +19,28 @@ on: jobs: Build: runs-on: ubuntu-latest - env: - FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} steps: - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - uses: ./.github/workflows/actions - name: Run Maven Build Command run: mvn clean install -pl rating -am - - name: Run Maven Checkstyle - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - run: mvn checkstyle:checkstyle -pl rating -am -Dcheckstyle.output.file=rating-checkstyle-result.xml - - name: Upload Checkstyle Result - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: jwgmeligmeyling/checkstyle-github-action@master - with: - path: '**/rating-checkstyle-result.xml' - - name: Test Results - uses: dorny/test-reporter@v1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' && (success() || failure()) }} - with: - name: Rating-Service-Unit-Test-Results - path: "rating/**/*-reports/TEST*.xml" - reporter: java-junit - - name: Analyze with sonar cloud - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -f rating - - name: OWASP Dependency Check - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: dependency-check/Dependency-Check_Action@main - env: - JAVA_HOME: /opt/jdk - with: - project: 'yas' - path: '.' - format: 'HTML' - - name: Upload OWASP Dependency Check results - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: actions/upload-artifact@master - with: - name: OWASP Dependency Check Report - path: ${{github.workspace}}/reports - - name: Add coverage report to PR - uses: madrapps/jacoco-report@v1.6.1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - with: - paths: ${{github.workspace}}/rating/target/site/jacoco/jacoco.xml - token: ${{secrets.GITHUB_TOKEN}} - min-coverage-overall: 80 - min-coverage-changed-files: 60 - title: 'Rating Coverage Report' - update-comment: true - - name: Log in to the Container registry - if: ${{ github.ref == 'refs/heads/main' }} + - name: Log in to Docker Hub uses: docker/login-action@v3 with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push Docker images - if: ${{ github.ref == 'refs/heads/main' }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker Tag + run: | + if [ "${{ github.ref_name }}" == "main" ]; then + echo "DOCKER_TAG=latest" >> $GITHUB_ENV + else + echo "DOCKER_TAG=${{ github.sha }}" >> $GITHUB_ENV + fi + + - name: Build and push Docker image uses: docker/build-push-action@v6 with: context: ./rating push: true - tags: ghcr.io/nashtech-garage/yas-rating:latest \ No newline at end of file + tags: ${{ secrets.DOCKERHUB_USERNAME }}/yas-rating:${{ env.DOCKER_TAG }} \ No newline at end of file diff --git a/.github/workflows/recommendation-ci.yaml b/.github/workflows/recommendation-ci.yaml index ca8d1a2873..33a60d4f83 100644 --- a/.github/workflows/recommendation-ci.yaml +++ b/.github/workflows/recommendation-ci.yaml @@ -2,7 +2,6 @@ name: recommendation service ci on: push: - branches: ["main"] paths: - "recommendation/**" - ".github/workflows/actions/action.yaml" @@ -20,71 +19,28 @@ on: jobs: Build: runs-on: ubuntu-latest - env: - FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} steps: - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - uses: ./.github/workflows/actions - name: Run Maven Build Command run: mvn clean install -pl recommendation -am - - name: Run Maven Checkstyle - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - run: mvn checkstyle:checkstyle -pl recommendation -am -Dcheckstyle.output.file=recommendation-checkstyle-result.xml - - name: Upload Checkstyle Result - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: jwgmeligmeyling/checkstyle-github-action@master - with: - path: '**/recommendation-checkstyle-result.xml' - - name: Test Results - uses: dorny/test-reporter@v1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' && (success() || failure()) }} - with: - name: Recommendation-Service-Unit-Test-Results - path: "recommendation/**/*-reports/TEST*.xml" - reporter: java-junit - - name: Analyze with sonar cloud - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -f recommendation - - name: OWASP Dependency Check - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: dependency-check/Dependency-Check_Action@main - env: - JAVA_HOME: /opt/jdk - with: - project: 'yas' - path: '.' - format: 'HTML' - - name: Upload OWASP Dependency Check results - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: actions/upload-artifact@master - with: - name: OWASP Dependency Check Report - path: ${{github.workspace}}/reports - - name: Add coverage report to PR - uses: madrapps/jacoco-report@v1.6.1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - with: - paths: ${{github.workspace}}/recommendation/target/site/jacoco/jacoco.xml - token: ${{secrets.GITHUB_TOKEN}} - min-coverage-overall: 80 - min-coverage-changed-files: 60 - title: 'Recommendation Coverage Report' - update-comment: true - - name: Log in to the Container registry - if: ${{ github.ref == 'refs/heads/main' }} + - name: Log in to Docker Hub uses: docker/login-action@v3 with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push Docker images - if: ${{ github.ref == 'refs/heads/main' }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker Tag + run: | + if [ "${{ github.ref_name }}" == "main" ]; then + echo "DOCKER_TAG=latest" >> $GITHUB_ENV + else + echo "DOCKER_TAG=${{ github.sha }}" >> $GITHUB_ENV + fi + + - name: Build and push Docker image uses: docker/build-push-action@v6 with: context: ./recommendation push: true - tags: ghcr.io/nashtech-garage/yas-recommendation:latest \ No newline at end of file + tags: ${{ secrets.DOCKERHUB_USERNAME }}/yas-recommendation:${{ env.DOCKER_TAG }} \ No newline at end of file diff --git a/.github/workflows/sampledata-ci.yaml b/.github/workflows/sampledata-ci.yaml index b3c7db5ed4..1b4be19618 100644 --- a/.github/workflows/sampledata-ci.yaml +++ b/.github/workflows/sampledata-ci.yaml @@ -2,7 +2,6 @@ name: sampledata service ci on: push: - branches: ["main"] paths: - "sampledata/**" - ".github/workflows/actions/action.yaml" @@ -20,54 +19,28 @@ on: jobs: Build: runs-on: ubuntu-latest - env: - FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} steps: - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - uses: ./.github/workflows/actions - name: Run Maven Build Command run: mvn clean install -pl sampledata -am - - name: Run Maven Checkstyle - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - run: mvn checkstyle:checkstyle -pl sampledata -am -Dcheckstyle.output.file=sampledata-checkstyle-result.xml - - name: Upload Checkstyle Result - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: jwgmeligmeyling/checkstyle-github-action@master - with: - path: '**/sampledata-checkstyle-result.xml' - - name: Analyze with sonar cloud - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -f sampledata - - name: OWASP Dependency Check - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: dependency-check/Dependency-Check_Action@main - env: - JAVA_HOME: /opt/jdk - with: - project: 'yas' - path: '.' - format: 'HTML' - - name: Upload OWASP Dependency Check results - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: actions/upload-artifact@master - with: - name: OWASP Dependency Check Report - path: ${{github.workspace}}/reports - - name: Log in to the Container registry - if: ${{ github.ref == 'refs/heads/main' }} + - name: Log in to Docker Hub uses: docker/login-action@v3 with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push Docker images - if: ${{ github.ref == 'refs/heads/main' }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker Tag + run: | + if [ "${{ github.ref_name }}" == "main" ]; then + echo "DOCKER_TAG=latest" >> $GITHUB_ENV + else + echo "DOCKER_TAG=${{ github.sha }}" >> $GITHUB_ENV + fi + + - name: Build and push Docker image uses: docker/build-push-action@v6 with: context: ./sampledata push: true - tags: ghcr.io/nashtech-garage/yas-sampledata:latest \ No newline at end of file + tags: ${{ secrets.DOCKERHUB_USERNAME }}/yas-sampledata:${{ env.DOCKER_TAG }} \ No newline at end of file diff --git a/.github/workflows/search-ci.yaml b/.github/workflows/search-ci.yaml index c77dc4011e..f91138eb0c 100644 --- a/.github/workflows/search-ci.yaml +++ b/.github/workflows/search-ci.yaml @@ -2,7 +2,6 @@ name: search service ci on: push: - branches: ["main"] paths: - "search/**" - ".github/workflows/actions/action.yaml" @@ -20,71 +19,28 @@ on: jobs: Build: runs-on: ubuntu-latest - env: - FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} steps: - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - uses: ./.github/workflows/actions - name: Run Maven Build Command run: mvn clean install -pl search -am - - name: Run Maven Checkstyle - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - run: mvn checkstyle:checkstyle -pl search -am -Dcheckstyle.output.file=search-checkstyle-result.xml - - name: Upload Checkstyle Result - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: jwgmeligmeyling/checkstyle-github-action@master - with: - path: '**/search-checkstyle-result.xml' - - name: Test Results - uses: dorny/test-reporter@v1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' && (success() || failure()) }} - with: - name: Search-Service-Unit-Test-Results - path: "search/**/*-reports/TEST*.xml" - reporter: java-junit - - name: Analyze with sonar cloud - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -f search - - name: OWASP Dependency Check - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: dependency-check/Dependency-Check_Action@main - env: - JAVA_HOME: /opt/jdk - with: - project: 'yas' - path: '.' - format: 'HTML' - - name: Upload OWASP Dependency Check results - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: actions/upload-artifact@master - with: - name: OWASP Dependency Check Report - path: ${{github.workspace}}/reports - - name: Add coverage report to PR - uses: madrapps/jacoco-report@v1.6.1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - with: - paths: ${{github.workspace}}/search/target/site/jacoco/jacoco.xml - token: ${{secrets.GITHUB_TOKEN}} - min-coverage-overall: 80 - min-coverage-changed-files: 60 - title: 'Search Coverage Report' - update-comment: true - - name: Log in to the Container registry - if: ${{ github.ref == 'refs/heads/main' }} + - name: Log in to Docker Hub uses: docker/login-action@v3 with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push Docker images - if: ${{ github.ref == 'refs/heads/main' }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker Tag + run: | + if [ "${{ github.ref_name }}" == "main" ]; then + echo "DOCKER_TAG=latest" >> $GITHUB_ENV + else + echo "DOCKER_TAG=${{ github.sha }}" >> $GITHUB_ENV + fi + + - name: Build and push Docker image uses: docker/build-push-action@v6 with: context: ./search push: true - tags: ghcr.io/nashtech-garage/yas-search:latest \ No newline at end of file + tags: ${{ secrets.DOCKERHUB_USERNAME }}/yas-search:${{ env.DOCKER_TAG }} \ No newline at end of file diff --git a/.github/workflows/storefront-bff-ci.yaml b/.github/workflows/storefront-bff-ci.yaml index b9e9c534ea..ac92c21fc8 100644 --- a/.github/workflows/storefront-bff-ci.yaml +++ b/.github/workflows/storefront-bff-ci.yaml @@ -2,14 +2,13 @@ name: storefront-bff service ci on: push: - branches: [ "main" ] paths: - "storefront-bff/**" - ".github/workflows/actions/action.yaml" - ".github/workflows/storefront-bff-ci.yaml" - "pom.xml" pull_request: - branches: [ "main" ] + branches: ["main"] paths: - "storefront-bff/**" - ".github/workflows/actions/action.yaml" @@ -20,64 +19,28 @@ on: jobs: Build: runs-on: ubuntu-latest - env: - FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} steps: - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - uses: ./.github/workflows/actions - - name: Run Maven Build Command - run: mvn clean install -pl storefront-bff -am - - name: Run Maven Checkstyle - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - run: mvn checkstyle:checkstyle -pl storefront-bff -am -Dcheckstyle.output.file=storefront-bff-checkstyle-result.xml - - name: Upload Checkstyle Result - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: jwgmeligmeyling/checkstyle-github-action@master - with: - path: '**/storefront-bff-checkstyle-result.xml' - - name: Analyze with sonar cloud - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -f storefront-bff - - name: OWASP Dependency Check - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: dependency-check/Dependency-Check_Action@main - env: - JAVA_HOME: /opt/jdk - with: - project: 'yas' - path: '.' - format: 'HTML' - - name: Upload OWASP Dependency Check results - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: actions/upload-artifact@master - with: - name: OWASP Dependency Check Report - path: ${{github.workspace}}/reports - - name: Add coverage report to PR - uses: madrapps/jacoco-report@v1.6.1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - with: - paths: ${{github.workspace}}/storefront-bff/target/site/jacoco/jacoco.xml - token: ${{secrets.GITHUB_TOKEN}} - min-coverage-overall: 80 - min-coverage-changed-files: 60 - title: 'Storefront BFF Coverage Report' - update-comment: true - - name: Log in to the Container registry - if: ${{ github.ref == 'refs/heads/main' }} + - name: Run Maven Verify + run: mvn clean verify -f storefront-bff + - name: Log in to Docker Hub uses: docker/login-action@v3 with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push Docker images - if: ${{ github.ref == 'refs/heads/main' }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker Tag + run: | + if [ "${{ github.ref_name }}" == "main" ]; then + echo "DOCKER_TAG=latest" >> $GITHUB_ENV + else + echo "DOCKER_TAG=${{ github.sha }}" >> $GITHUB_ENV + fi + + - name: Build and push Docker image uses: docker/build-push-action@v6 with: context: ./storefront-bff push: true - tags: ghcr.io/nashtech-garage/yas-storefront-bff:latest \ No newline at end of file + tags: ${{ secrets.DOCKERHUB_USERNAME }}/yas-storefront-bff:${{ env.DOCKER_TAG }} \ No newline at end of file diff --git a/.github/workflows/storefront-ci.yaml b/.github/workflows/storefront-ci.yaml index d5cd57eece..eb9eedabe8 100644 --- a/.github/workflows/storefront-ci.yaml +++ b/.github/workflows/storefront-ci.yaml @@ -2,7 +2,6 @@ name: storefront service ci on: push: - branches: [ "main" ] paths: - "storefront/**" - ".github/workflows/actions/action.yaml" @@ -18,12 +17,8 @@ on: jobs: Build: runs-on: ubuntu-latest - env: - FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} steps: - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - uses: actions/setup-node@v4 with: node-version: 20 @@ -35,25 +30,23 @@ jobs: working-directory: storefront - run: npx prettier --check . working-directory: storefront - - name: SonarCloud Scan - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: SonarSource/sonarcloud-github-action@master - with: - projectBaseDir: storefront - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - - name: Log in to the Container registry - if: ${{ github.ref == 'refs/heads/main' }} + - name: Log in to Docker Hub uses: docker/login-action@v3 with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push Docker images - if: ${{ github.ref == 'refs/heads/main' }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker Tag + run: | + if [ "${{ github.ref_name }}" == "main" ]; then + echo "DOCKER_TAG=latest" >> $GITHUB_ENV + else + echo "DOCKER_TAG=${{ github.sha }}" >> $GITHUB_ENV + fi + + - name: Build and push Docker image uses: docker/build-push-action@v6 with: context: ./storefront push: true - tags: ghcr.io/nashtech-garage/yas-storefront:latest + tags: ${{ secrets.DOCKERHUB_USERNAME }}/yas-storefront:${{ env.DOCKER_TAG }} diff --git a/.github/workflows/tax-ci.yaml b/.github/workflows/tax-ci.yaml index f677cfd69a..e7a5b6844b 100644 --- a/.github/workflows/tax-ci.yaml +++ b/.github/workflows/tax-ci.yaml @@ -2,7 +2,6 @@ name: tax service ci on: push: - branches: ["main"] paths: - "tax/**" - ".github/workflows/actions/action.yaml" @@ -20,71 +19,28 @@ on: jobs: Build: runs-on: ubuntu-latest - env: - FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} steps: - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - uses: ./.github/workflows/actions - name: Run Maven Build Command run: mvn clean install -pl tax -am - - name: Run Maven Checkstyle - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - run: mvn checkstyle:checkstyle -pl tax -am -Dcheckstyle.output.file=tax-checkstyle-result.xml - - name: Upload Checkstyle Result - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: jwgmeligmeyling/checkstyle-github-action@master - with: - path: '**/tax-checkstyle-result.xml' - - name: Test Results - uses: dorny/test-reporter@v1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' && (success() || failure()) }} - with: - name: Tax-Service-Unit-Test-Results - path: "tax/**/*-reports/TEST*.xml" - reporter: java-junit - - name: Analyze with sonar cloud - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -f tax - - name: OWASP Dependency Check - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: dependency-check/Dependency-Check_Action@main - env: - JAVA_HOME: /opt/jdk - with: - project: 'yas' - path: '.' - format: 'HTML' - - name: Upload OWASP Dependency Check results - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: actions/upload-artifact@master - with: - name: OWASP Dependency Check Report - path: ${{github.workspace}}/reports - - name: Add coverage report to PR - uses: madrapps/jacoco-report@v1.6.1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - with: - paths: ${{github.workspace}}/tax/target/site/jacoco/jacoco.xml - token: ${{secrets.GITHUB_TOKEN}} - min-coverage-overall: 80 - min-coverage-changed-files: 60 - title: 'Tax Coverage Report' - update-comment: true - - name: Log in to the Container registry - if: ${{ github.ref == 'refs/heads/main' }} + - name: Log in to Docker Hub uses: docker/login-action@v3 with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push Docker images - if: ${{ github.ref == 'refs/heads/main' }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker Tag + run: | + if [ "${{ github.ref_name }}" == "main" ]; then + echo "DOCKER_TAG=latest" >> $GITHUB_ENV + else + echo "DOCKER_TAG=${{ github.sha }}" >> $GITHUB_ENV + fi + + - name: Build and push Docker image uses: docker/build-push-action@v6 with: context: ./tax push: true - tags: ghcr.io/nashtech-garage/yas-tax:latest \ No newline at end of file + tags: ${{ secrets.DOCKERHUB_USERNAME }}/yas-tax:${{ env.DOCKER_TAG }} \ No newline at end of file diff --git a/.github/workflows/webhook-ci.yaml b/.github/workflows/webhook-ci.yaml index b0b05bc755..66c5554aaf 100644 --- a/.github/workflows/webhook-ci.yaml +++ b/.github/workflows/webhook-ci.yaml @@ -2,7 +2,6 @@ name: webhook service ci on: push: - branches: ["main"] paths: - "webhook/**" - ".github/workflows/actions/action.yaml" @@ -20,71 +19,28 @@ on: jobs: Build: runs-on: ubuntu-latest - env: - FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} steps: - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - uses: ./.github/workflows/actions - name: Run Maven Build Command run: mvn clean install -pl webhook -am - - name: Run Maven Checkstyle - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - run: mvn checkstyle:checkstyle -pl webhook -am -Dcheckstyle.output.file=webhook-checkstyle-result.xml - - name: Upload Checkstyle Result - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: jwgmeligmeyling/checkstyle-github-action@master - with: - path: '**/webhook-checkstyle-result.xml' - - name: Unit Test Results - uses: dorny/test-reporter@v1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' && (success() || failure()) }} - with: - name: Webhook-Service-Unit-Test-Results - path: "webhook/**/*-reports/TEST*.xml" - reporter: java-junit - - name: Analyze with sonar cloud - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -f webhook - - name: OWASP Dependency Check - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: dependency-check/Dependency-Check_Action@main - env: - JAVA_HOME: /opt/jdk - with: - project: 'yas' - path: '.' - format: 'HTML' - - name: Upload OWASP Dependency Check results - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - uses: actions/upload-artifact@master - with: - name: OWASP Dependency Check Report - path: ${{github.workspace}}/reports - - name: Add coverage report to PR - uses: madrapps/jacoco-report@v1.6.1 - if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} - with: - paths: ${{github.workspace}}/webhook/target/site/jacoco/jacoco.xml - token: ${{secrets.GITHUB_TOKEN}} - min-coverage-overall: 80 - min-coverage-changed-files: 60 - title: 'Webhook Coverage Report' - update-comment: true - - name: Log in to the Container registry - if: ${{ github.ref == 'refs/heads/main' }} + - name: Log in to Docker Hub uses: docker/login-action@v3 with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push Docker images - if: ${{ github.ref == 'refs/heads/main' }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker Tag + run: | + if [ "${{ github.ref_name }}" == "main" ]; then + echo "DOCKER_TAG=latest" >> $GITHUB_ENV + else + echo "DOCKER_TAG=${{ github.sha }}" >> $GITHUB_ENV + fi + + - name: Build and push Docker image uses: docker/build-push-action@v6 with: context: ./webhook push: true - tags: ghcr.io/nashtech-garage/yas-webhook:latest \ No newline at end of file + tags: ${{ secrets.DOCKERHUB_USERNAME }}/yas-webhook:${{ env.DOCKER_TAG }} \ No newline at end of file diff --git a/.gitignore b/.gitignore index 184d9884c0..e0ef4c3009 100644 --- a/.gitignore +++ b/.gitignore @@ -29,3 +29,4 @@ hs_err_pid* .settings* .vscode *.iml +k8s-cd/deploy/minikube-linux-amd64 diff --git a/Jenkinsfile-argocd b/Jenkinsfile-argocd new file mode 100644 index 0000000000..b8461d76ee --- /dev/null +++ b/Jenkinsfile-argocd @@ -0,0 +1,148 @@ +pipeline { + agent any + + options { + // Tự quản lý checkout để sửa lỗi safe directory của Git + skipDefaultCheckout() + timeout(time: 1, unit: 'HOURS') + } + + parameters { + choice(name: 'TARGET_ENV', choices: ['dev', 'staging'], description: 'Environment to deploy to') + string(name: 'TARGET_TAG', defaultValue: '', description: 'Specific tag to deploy (e.g., v1.2.3). If empty, branch logic is used.') + string(name: 'common_branch', defaultValue: '', description: 'Override branch for all services (used by CI)') + // Tham số cho từng service đúng như yêu cầu mục 4 + string(name: 'backoffice_bff', defaultValue: 'main', description: 'Branch for backoffice-bff') + string(name: 'backoffice_ui', defaultValue: 'main', description: 'Branch for backoffice-ui') + string(name: 'storefront_bff', defaultValue: 'main', description: 'Branch for storefront-bff') + string(name: 'storefront_ui', defaultValue: 'main', description: 'Branch for storefront-ui') + string(name: 'cart', defaultValue: 'main', description: 'Branch for cart') + string(name: 'customer', defaultValue: 'main', description: 'Branch for customer') + string(name: 'inventory', defaultValue: 'main', description: 'Branch for inventory') + string(name: 'location', defaultValue: 'main', description: 'Branch for location') + string(name: 'media', defaultValue: 'main', description: 'Branch for media') + string(name: 'order', defaultValue: 'main', description: 'Branch for order') + string(name: 'payment', defaultValue: 'main', description: 'Branch for payment') + string(name: 'product', defaultValue: 'main', description: 'Branch for product') + string(name: 'promotion', defaultValue: 'main', description: 'Branch for promotion') + string(name: 'rating', defaultValue: 'main', description: 'Branch for rating') + string(name: 'search', defaultValue: 'main', description: 'Branch for search') + string(name: 'tax', defaultValue: 'main', description: 'Branch for tax') + string(name: 'recommendation', defaultValue: 'main', description: 'Branch for recommendation') + string(name: 'webhook', defaultValue: 'main', description: 'Branch for webhook') + string(name: 'sampledata', defaultValue: 'main', description: 'Branch for sampledata') + } + + environment { + GITOPS_REPO = 'https://github.com/BongLanTrungMuoi/yas-gitops.git' + VALUES_FILE = "values-${params.TARGET_ENV}.yaml" + ARGO_APP = "yas-root-${params.TARGET_ENV}" + } + + stages { + stage('Initialize & Clone') { + steps { + script { + // Khắc phục lỗi bảo mật "dubious ownership" của Git trên Jenkins agent + sh "git config --global --add safe.directory '*'" + + // Dọn dẹp workspace (thay thế cho Wipe out repository & force clone) + deleteDir() + + // Checkout repo hiện tại để lấy các file cần thiết + checkout scm + + // Cô lập việc clone GitOps repo vào thư mục riêng + dir('yas-gitops') { + checkout scmGit( + branches: [[name: 'main']], + userRemoteConfigs: [[url: env.GITOPS_REPO]] + ) + } + } + } + } + + stage('Determine Tags & Update GitOps') { + steps { + script { + def services = [ + "backoffice-bff", "backoffice-ui", "storefront-bff", "storefront-ui", + "cart", "customer", "inventory", "location", "media", "order", + "payment", "product", "promotion", "rating", "search", "tax", + "recommendation", "webhook", "sampledata" + ] + + for (svc in services) { + def paramName = svc.replace('-', '_') + def branchName = params.common_branch ?: (params."${paramName}" ?: 'main') + def tag = 'latest' + + if (params.TARGET_TAG) { + tag = params.TARGET_TAG + } else if (branchName != 'main') { + echo "Fetching latest commit ID for ${svc} from branch ${branchName}..." + tag = sh(script: "git ls-remote https://github.com/Hownameee/yas.git ${branchName} | cut -f1 | cut -c1-7", returnStdout: true).trim() + } + + echo "Setting ${svc} to tag: ${tag} in yas-gitops/${env.VALUES_FILE}" + sh "yq -i '.services.\"${svc}\".tag = \"${tag}\"' yas-gitops/${env.VALUES_FILE}" + } + } + } + } + + stage('Git Commit and Push') { + steps { + script { + // Sử dụng ID GitHub App của bạn: 'jenkins-yas' + withCredentials([usernamePassword(credentialsId: 'jenkins-yas', + passwordVariable: 'GITHUB_APP_TOKEN', + usernameVariable: 'GITHUB_APP_USER')]) { + + dir('yas-gitops') { + sh "git config user.email jenkins-bot@yas.local" + sh "git config user.name 'Jenkins GitOps Bot'" + sh "git add ${env.VALUES_FILE}" + + // Tránh lỗi nếu không có thay đổi gì để commit + sh """ + if git diff --cached --quiet; then + echo "No changes to commit" + else + git commit -m 'deploy: update ${params.TARGET_ENV} images (Build #${env.BUILD_NUMBER}) [skip ci]' + # Đẩy code bằng token của GitHub App + git push https://x-access-token:${GITHUB_APP_TOKEN}@github.com/BongLanTrungMuoi/yas-gitops.git HEAD:main + fi + """ + } + } + } + } + } + + stage('ArgoCD Sync & Info') { + steps { + script { + // Force ArgoCD sync + sh "kubectl patch application ${env.ARGO_APP} -n argocd --type merge -p '{\"metadata\":{\"annotations\":{\"argocd.argoproj.io/refresh\":\"hard\"}}}'" + + // Mục 5: Hiển thị thông tin truy cập + def domain = sh(script: "yq -r '.global.domain' yas-gitops/${env.VALUES_FILE}", returnStdout: true).trim() + def env_tag = sh(script: "yq -r '.global.envTag' yas-gitops/${env.VALUES_FILE}", returnStdout: true).trim() + def nodeIp = sh(script: "kubectl get nodes -o jsonpath='{.items[0].status.addresses[?(@.type==\"InternalIP\")].address}'", returnStdout: true).trim() + + echo "==========================================================" + echo " DEPLOYMENT TRIGGERED TO ${params.TARGET_ENV.toUpperCase()}" + echo "----------------------------------------------------------" + echo "Add this to your /etc/hosts:" + echo "${nodeIp} identity-${env_tag}.${domain}" + echo "${nodeIp} backoffice-${env_tag}.${domain}" + echo "${nodeIp} storefront-${env_tag}.${domain}" + echo "${nodeIp} api-${env_tag}.${domain}" + echo "==========================================================" + } + } + } + } +} diff --git a/Jenkinsfile-cd b/Jenkinsfile-cd new file mode 100644 index 0000000000..8b327de325 --- /dev/null +++ b/Jenkinsfile-cd @@ -0,0 +1,172 @@ +pipeline { + agent any + + parameters { + string(name: 'backoffice_bff', defaultValue: 'main', description: 'Branch for backoffice-bff') + string(name: 'backoffice_ui', defaultValue: 'main', description: 'Branch for backoffice-ui') + string(name: 'storefront_bff', defaultValue: 'main', description: 'Branch for storefront-bff') + string(name: 'storefront_ui', defaultValue: 'main', description: 'Branch for storefront-ui') + string(name: 'cart', defaultValue: 'main', description: 'Branch for cart') + string(name: 'customer', defaultValue: 'main', description: 'Branch for customer') + string(name: 'inventory', defaultValue: 'main', description: 'Branch for inventory') + string(name: 'location', defaultValue: 'main', description: 'Branch for location') + string(name: 'media', defaultValue: 'main', description: 'Branch for media') + string(name: 'order', defaultValue: 'main', description: 'Branch for order') + string(name: 'payment', defaultValue: 'main', description: 'Branch for payment') + string(name: 'product', defaultValue: 'main', description: 'Branch for product') + string(name: 'promotion', defaultValue: 'main', description: 'Branch for promotion') + string(name: 'rating', defaultValue: 'main', description: 'Branch for rating') + string(name: 'search', defaultValue: 'main', description: 'Branch for search') + string(name: 'tax', defaultValue: 'main', description: 'Branch for tax') + string(name: 'recommendation', defaultValue: 'main', description: 'Branch for recommendation') + string(name: 'webhook', defaultValue: 'main', description: 'Branch for webhook') + string(name: 'sampledata', defaultValue: 'main', description: 'Branch for sampledata') + } + + environment { + DOCKER_REGISTRY = 'hownamee' + ENV_TAG = "dev-${env.BUILD_ID}" + YAS_NAMESPACE = "yas-${env.BUILD_ID}" + } + + stages { + stage('Checkout') { + steps { + checkout scmGit( + branches: [[name: 'main']], + userRemoteConfigs: [[url: 'https://github.com/Hownameee/yas-CI-CD.git']] + ) + } + } + + stage('Initialize') { + steps { + script { + echo "Initializing Deployment for ${env.YAS_NAMESPACE}..." + + def domainOutput = sh(script: "yq -r '.domain' k8s-cd/deploy/cluster-config.yaml", returnStdout: true).trim() + if (domainOutput == '__DOMAIN__' || !domainOutput || domainOutput == 'null') { + domainOutput = 'yas.local.com' + } + env.DOMAIN = domainOutput + + def nodeIp = sh(script: "kubectl get nodes -o jsonpath='{.items[0].status.addresses[?(@.type==\"InternalIP\")].address}'", returnStdout: true).trim() + if (!nodeIp) { + nodeIp = sh(script: "minikube ip", returnStdout: true).trim() + } + env.NODE_IP = nodeIp + } + } + } + + stage('Deploy Infrastructure') { + steps { + script { + echo "Stage 1 & 2: Setting up operators and data layer..." + sh """ + cd k8s-cd/deploy + ./01-setup-operators.sh + + export ENV_TAG=${env.ENV_TAG} + export YAS_NAMESPACE=${env.YAS_NAMESPACE} + ./02-setup-data-layer.sh + sleep(60) + """ + } + } + } + + stage('Deploy yas-configuration') { + steps { + script { + sh """ + cd k8s-cd/charts/yas-configuration + helm dependency build . + helm upgrade --install yas-configuration . \ + --namespace ${env.YAS_NAMESPACE} \ + --set global.domain=${env.DOMAIN} \ + --set global.envTag=${env.ENV_TAG} + """ + } + } + } + + stage('Deploy Applications') { + steps { + script { + def deployService = { serviceName, isUi, extraArgs -> + def paramName = serviceName.replace('-', '_') + def branchName = params."${paramName}" ?: 'main' + def tag = 'latest' + + if (branchName != 'main' && serviceName != 'swagger-ui') { + echo "Fetching tag for ${serviceName} branch ${branchName}" + tag = sh(script: "git ls-remote https://github.com/Hownameee/yas.git ${branchName} | cut -f1", returnStdout: true).trim() + } + + def hostPrefix = serviceName.contains('swagger') ? 'api' : serviceName.replace('-bff', '').replace('-ui', '') + def host = "${hostPrefix}-${env.ENV_TAG}.${env.DOMAIN}" + + def imageTagKey = isUi ? 'ui.image.tag' : 'backend.image.tag' + def ingressHostKey = isUi ? 'ingress.host' : 'backend.ingress.host' + + def helmCmd = """ + cd k8s-cd/charts/${serviceName} + helm dependency build . + helm upgrade --install ${serviceName} . \ + --namespace ${env.YAS_NAMESPACE} \ + --set ${imageTagKey}=${tag} \ + --set ${ingressHostKey}=${host} \ + --set global.domain=${env.DOMAIN} \ + --set global.envTag=${env.ENV_TAG} \ + ${extraArgs} + """ + sh helmCmd + } + + // Deploy BFFs and UIs + deployService('backoffice-bff', false, "") + deployService('backoffice-ui', true, "--set ui.extraEnvs[0].name=API_BASE_PATH --set ui.extraEnvs[0].value=http://backoffice-${env.ENV_TAG}.${env.DOMAIN}/api") + sleep(20) + + deployService('storefront-bff', false, "") + deployService('storefront-ui', true, "--set ui.extraEnvs[0].name=API_BASE_PATH --set ui.extraEnvs[0].value=http://storefront-${env.ENV_TAG}.${env.DOMAIN}/api") + sleep(20) + + deployService('swagger-ui', false, "") + sleep(20) + + // Deploy Microservices + def services = ["cart", "customer", "inventory", "location", "media", "order", "payment", "product", "promotion", "rating", "search", "tax", "recommendation", "webhook", "sampledata"] + for (svc in services) { + deployService(svc, false, "") + sleep(30) + } + } + } + } + + stage('Access Information') { + steps { + script { + def suffix = "-${env.ENV_TAG}.${env.DOMAIN}" + echo "==========================================================" + echo "DEPLOYMENT COMPLETE - BUILD #${env.BUILD_ID}" + echo "==========================================================" + echo "IP: ${env.NODE_IP}" + echo "----------------------------------------------------------" + echo "Copy to /etc/hosts:" + echo "${env.NODE_IP} identity${suffix}" + echo "${env.NODE_IP} backoffice${suffix}" + echo "${env.NODE_IP} storefront${suffix}" + echo "${env.NODE_IP} api${suffix}" + echo "${env.NODE_IP} pgadmin${suffix}" + echo "${env.NODE_IP} akhq${suffix}" + echo "${env.NODE_IP} kibana${suffix}" + echo "${env.NODE_IP} grafana.${env.DOMAIN}" + echo "==========================================================" + } + } + } + } +} diff --git a/Jenkinsfile-ci b/Jenkinsfile-ci new file mode 100644 index 0000000000..447913e3bc --- /dev/null +++ b/Jenkinsfile-ci @@ -0,0 +1,163 @@ +pipeline { + agent any + + options { + // Tránh lỗi dubious ownership và tự quản lý checkout + skipDefaultCheckout() + } + + environment { + DOCKER_HUB_USER = 'hownamee' + DOCKER_CRED_ID = 'dockerhub-token' + MAVEN_IMAGE = 'maven:3.9-eclipse-temurin-21-alpine' + NODE_IMAGE = 'node:20-alpine' + } + + stages { + stage('1. Initialize & Identify') { + steps { + script { + sh "git config --global --add safe.directory '*'" + checkout scm + + env.GIT_TAG = sh(script: "git rev-parse --short HEAD", returnStdout: true).trim() + echo "🚀 Starting build for Commit: ${env.GIT_TAG}" + + def changedFiles = "" + try { + changedFiles = sh(script: "git diff --name-only HEAD~1 HEAD | cut -d/ -f1 | sort -u", returnStdout: true).trim() + } catch (Exception e) { + echo "⚠️ Warning: Could not get git diff. Checking all directories." + changedFiles = sh(script: "ls -d */ | cut -f1 -d'/'", returnStdout: true).trim() + } + + def mavenServices = ['cart', 'customer', 'inventory', 'product', 'order', 'media', 'payment', 'location', 'backoffice-bff', 'storefront-bff', 'search', 'tax', 'webhook', 'sampledata', 'recommendation', 'delivery', 'common-library'] + def nodeServices = ['backoffice', 'storefront'] + + def targetServices = changedFiles.split('\n').findAll { (mavenServices + nodeServices).contains(it) } + + if (targetServices.isEmpty()) { + echo "⏩ No valid services changed. Skipping build." + env.SERVICES_TO_BUILD = "" + } else { + env.SERVICES_TO_BUILD = targetServices.join(',') + echo "🎯 Target services identified: ${env.SERVICES_TO_BUILD}" + } + + env.MAVEN_LIST = mavenServices.join(',') + env.NODE_LIST = nodeServices.join(',') + } + } + } + + stage('2. Build & Push Services') { + when { + expression { env.SERVICES_TO_BUILD != "" } + } + steps { + script { + def serviceList = env.SERVICES_TO_BUILD.split(',') + def mavenList = env.MAVEN_LIST.split(',') + def nodeList = env.NODE_LIST.split(',') + + def builds = [:] + + for (serviceName in serviceList) { + def name = serviceName + builds["Service: ${name}"] = { + // Chạy trực tiếp trong workspace hiện tại, không dùng 'node' mới để tránh mất code + stage("Build: ${name}") { + echo "🛠️ Processing ${name}..." + + if (mavenList.contains(name)) { + echo "📦 Building JAR for ${name}..." + docker.image(env.MAVEN_IMAGE).inside('-u root -v /var/lib/jenkins/.m2:/root/.m2') { + sh "mvn clean package -pl :${name} -am -DskipTests" + } + } else if (nodeList.contains(name)) { + echo "📦 Building Node.js app for ${name}..." + docker.image(env.NODE_IMAGE).inside() { + dir(name) { + sh "npm install && npm run build --if-present" + } + } + } + + dir(name) { + def fullImageName = "${env.DOCKER_HUB_USER}/yas-${name}:${env.GIT_TAG}" + + withCredentials([usernamePassword(credentialsId: env.DOCKER_CRED_ID, passwordVariable: 'PASS', usernameVariable: 'USER')]) { + echo "🔨 Building Docker Image: ${fullImageName}" + sh "docker build -t ${fullImageName} ." + + echo "🚀 Pushing Image: ${fullImageName}" + sh "echo \$PASS | docker login -u \$USER --password-stdin" + sh "docker push ${fullImageName}" + + if (env.TAG_NAME) { + sh "docker tag ${fullImageName} ${env.DOCKER_HUB_USER}/yas-${name}:${env.TAG_NAME}" + sh "docker push ${env.DOCKER_HUB_USER}/yas-${name}:${env.TAG_NAME}" + } + + if (env.BRANCH_NAME == 'main') { + sh "docker tag ${fullImageName} ${env.DOCKER_HUB_USER}/yas-${name}:latest" + sh "docker push ${env.DOCKER_HUB_USER}/yas-${name}:latest" + } + sh "docker logout" + } + } + echo "✅ Finished ${name}" + } + } + } + + parallel builds + } + } + } + + stage('3. Trigger ArgoCD') { + when { + expression { env.SERVICES_TO_BUILD != "" } + } + steps { + script { + // Nếu có tag (v1.2.3) thì deploy staging, ngược lại deploy dev + def targetEnv = (env.TAG_NAME && env.TAG_NAME.startsWith('v')) ? 'staging' : 'dev' + def targetTag = env.TAG_NAME ?: '' + def branch = env.BRANCH_NAME ?: 'main' + + echo "🚀 Triggering ArgoCD Sync Job [Env: ${targetEnv.toUpperCase()}, Tag: ${targetTag}, Branch: ${branch}]" + + build job: 'yas-argocd', + parameters: [ + string(name: 'TARGET_ENV', value: targetEnv), + string(name: 'TARGET_TAG', value: targetTag), + string(name: 'common_branch', value: branch) + ], + wait: false + } + } + } + } + + post { + always { + script { + def status = currentBuild.result ?: 'SUCCESS' + echo "🏁 CI Finished with status: ${status}" + + // Fix conclusion enum case: SUCCESS, FAILURE, NEUTRAL, etc. + def checkConclusion = (status == 'SUCCESS') ? 'SUCCESS' : 'FAILURE' + + publishChecks name: 'Jenkins CI', + title: "CI Status: ${status}", + summary: "Built Services: ${env.SERVICES_TO_BUILD}. Tag: ${env.GIT_TAG}", + conclusion: checkConclusion + } + } + cleanup { + cleanWs() + } + } +} \ No newline at end of file diff --git a/Jenkinsfile-destroy b/Jenkinsfile-destroy new file mode 100644 index 0000000000..98b9f9ff43 --- /dev/null +++ b/Jenkinsfile-destroy @@ -0,0 +1,70 @@ +pipeline { + agent any + + parameters { + string(name: 'TARGET_BUILD_ID', defaultValue: '', description: 'Nhập Build ID của Job Deploy mà bạn muốn xóa (Ví dụ: 12, 13...)') + booleanParam(name: 'CONFIRM_DESTROY', defaultValue: false, description: 'CẢNH BÁO: Tích vào đây để xác nhận xóa toàn bộ Services và Namespace của Build ID trên.') + } + + environment { + YAS_NAMESPACE = "yas-${params.TARGET_BUILD_ID}" + } + + stages { + stage('Xác nhận & Kiểm tra') { + steps { + script { + if (params.TARGET_BUILD_ID == '') { + error("HỦY BỎ: Bạn chưa nhập TARGET_BUILD_ID.") + } + + if (!params.CONFIRM_DESTROY) { + error("HỦY BỎ: Bạn chưa tích chọn CONFIRM_DESTROY để xác nhận xóa.") + } + + echo """ + ========================================================== + BẮT ĐẦU QUÁ TRÌNH DỌN DẸP + Build ID mục tiêu : ${params.TARGET_BUILD_ID} + Namespace mục tiêu: ${env.YAS_NAMESPACE} + ========================================================== + """ + } + } + } + + stage('Thực thi Cleanup') { + steps { + script { + echo "-> Đang gỡ bỏ toàn bộ Helm releases trong namespace ${env.YAS_NAMESPACE}..." + sh """ + helm list -n ${env.YAS_NAMESPACE} -q | xargs -r helm uninstall -n ${env.YAS_NAMESPACE} + """ + + echo "-> Đang xóa namespace ${env.YAS_NAMESPACE}..." + sh """ + kubectl delete ns ${env.YAS_NAMESPACE} --ignore-not-found=true + """ + } + } + } + } + + post { + success { + echo """ + ========================================================== + THÀNH CÔNG: Môi trường của Build #${params.TARGET_BUILD_ID} + đã được gỡ bỏ hoàn toàn! + ========================================================== + """ + } + failure { + echo """ + ========================================================== + THẤT BẠI: Có lỗi xảy ra trong quá trình dọn dẹp. + ========================================================== + """ + } + } +} diff --git a/README.md b/README.md index 84384e1013..20b71b2e75 100644 --- a/README.md +++ b/README.md @@ -117,3 +117,4 @@ By contributing, you agree that your contributions will be licensed under MIT Li +# yas-gitops diff --git a/backoffice-bff/src/main/java/com/yas/backofficebff/controller/AuthenticationController.java b/backoffice-bff/src/main/java/com/yas/backofficebff/controller/AuthenticationController.java index de82486519..cd3ec35c54 100644 --- a/backoffice-bff/src/main/java/com/yas/backofficebff/controller/AuthenticationController.java +++ b/backoffice-bff/src/main/java/com/yas/backofficebff/controller/AuthenticationController.java @@ -13,5 +13,6 @@ public class AuthenticationController { public ResponseEntity user(@AuthenticationPrincipal OAuth2User principal) { AuthenticatedUser authenticatedUser = new AuthenticatedUser(principal.getAttribute("preferred_username")); return ResponseEntity.ok(authenticatedUser); + } } diff --git a/cart/src/test/java/com/yas/cart/service/ProductServiceTest.java b/cart/src/test/java/com/yas/cart/service/ProductServiceTest.java index 2f97af31da..6477aaf009 100644 --- a/cart/src/test/java/com/yas/cart/service/ProductServiceTest.java +++ b/cart/src/test/java/com/yas/cart/service/ProductServiceTest.java @@ -1,6 +1,5 @@ package com.yas.cart.service; - import static org.assertj.core.api.Assertions.assertThat; import static org.mockito.Mockito.when; @@ -42,11 +41,11 @@ void getProducts_NormalCase_ReturnProductThumbnailVms() { List ids = List.of(1L, 2L, 3L); URI url = UriComponentsBuilder - .fromHttpUrl("http://api.yas.local/media") - .path("/storefront/products/list-featured") - .queryParam("productId", ids) - .build() - .toUri(); + .fromHttpUrl("http://api.yas.local/media") + .path("/storefront/products/list-featured") + .queryParam("productId", ids) + .build() + .toUri(); when(serviceUrlConfig.product()).thenReturn("http://api.yas.local/media"); when(restClient.get()).thenReturn(requestHeadersUriSpec); @@ -54,7 +53,7 @@ void getProducts_NormalCase_ReturnProductThumbnailVms() { when(requestHeadersUriSpec.retrieve()).thenReturn(responseSpec); when(responseSpec.toEntity(new ParameterizedTypeReference>() { })) - .thenReturn(ResponseEntity.ok(getProductThumbnailVms())); + .thenReturn(ResponseEntity.ok(getProductThumbnailVms())); List result = productService.getProducts(ids); @@ -67,24 +66,22 @@ void getProducts_NormalCase_ReturnProductThumbnailVms() { private List getProductThumbnailVms() { ProductThumbnailVm product1 = new ProductThumbnailVm( - 1L, - "Product 1", - "product-1", - "http://example.com/product1.jpg" - ); + 1L, + "Product 1", + "product-1", + "http://example.com/product1.jpg"); ProductThumbnailVm product2 = new ProductThumbnailVm( - 2L, - "Product 2", - "product-2", - "http://example.com/product2.jpg" - ); + 2L, + "Product 2", + "product-2", + "http://example.com/product2.jpg"); ProductThumbnailVm product3 = new ProductThumbnailVm( - 3L, - "Product 3", - "product-3", - "http://example.com/product3.jpg" - ); + 3L, + "Product 3", + "product-3", + "http://example.com/product3.jpg"); return List.of(product1, product2, product3); } + } \ No newline at end of file diff --git a/delivery/src/main/java/com/yas/delivery/service/DeliveryService.java b/delivery/src/main/java/com/yas/delivery/service/DeliveryService.java index 6ac53153ca..f7dbc9290a 100644 --- a/delivery/src/main/java/com/yas/delivery/service/DeliveryService.java +++ b/delivery/src/main/java/com/yas/delivery/service/DeliveryService.java @@ -4,4 +4,5 @@ @Service public class DeliveryService { + } diff --git a/dif.txt b/dif.txt new file mode 100644 index 0000000000..0b0c42b444 --- /dev/null +++ b/dif.txt @@ -0,0 +1,74 @@ +diff --git a/k8s-cd/deploy/03-deploy-apps.sh b/k8s-cd/deploy/03-deploy-apps.sh +index 45d800b5..327cb0d1 100755 +--- a/k8s-cd/deploy/03-deploy-apps.sh ++++ b/k8s-cd/deploy/03-deploy-apps.sh +@@ -32,7 +32,7 @@ helm upgrade --install yas-configuration ../charts/yas-configuration \ + --set global.domain="$DOMAIN" \ + --set global.envTag="$ENV_TAG" + +-sleep 10 ++sleep 50 + + echo ">>> Deploying Backoffice..." + helm dependency build ../charts/backoffice-bff +@@ -49,7 +49,7 @@ helm upgrade --install backoffice-ui ../charts/backoffice-ui \ + --set ui.extraEnvs[0].name=API_BASE_PATH \ + --set ui.extraEnvs[0].value="http://$BACKOFFICE_HOST/api" + +-sleep 10 ++sleep 50 + + echo ">>> Deploying Storefront..." + helm dependency build ../charts/storefront-bff +@@ -66,14 +66,14 @@ helm upgrade --install storefront-ui ../charts/storefront-ui \ + --set ui.extraEnvs[0].name=API_BASE_PATH \ + --set ui.extraEnvs[0].value="http://$STOREFRONT_HOST/api" + +-sleep 10 ++sleep 50 + + echo ">>> Deploying Swagger UI..." + helm upgrade --install swagger-ui ../charts/swagger-ui \ + --namespace "$NAMESPACE" \ + --set ingress.host="$API_HOST" + +-sleep 10 ++sleep 50 + + echo ">>> Deploying Core Microservices..." + for chart in {"cart","customer","inventory","location","media","order","payment","product","promotion","rating","search","tax","recommendation","webhook","sampledata"} ; do +@@ -83,7 +83,7 @@ for chart in {"cart","customer","inventory","location","media","order","payment" + --set backend.ingress.host="$API_HOST" \ + --set global.domain="$DOMAIN" \ + --set global.envTag="$ENV_TAG" +- sleep 10 ++ sleep 50 + done + + echo ">>> Xong Giai đoạn 2.2: Tất cả Microservices và UI đã được cài vào namespace '$NAMESPACE' với domain prefix '$ENV_TAG'." +diff --git a/k8s-cd/deploy/kafka/akhq.values.yaml b/k8s-cd/deploy/kafka/akhq.values.yaml +index eb63f715..22c8245f 100644 +--- a/k8s-cd/deploy/kafka/akhq.values.yaml ++++ b/k8s-cd/deploy/kafka/akhq.values.yaml +@@ -11,7 +11,7 @@ configuration: + connect: + - name: debezium-connect-cluster + url: http://debezium-connect-cluster-connect-api:8083 +-hostname: &hostname akhq-dev-46.yas.local.com ++hostname: &hostname akhq-dev-13.yas.local.com + ingress: + enabled: true + ingressClassName: nginx +diff --git a/k8s-cd/deploy/postgres/pgadmin/values.yaml b/k8s-cd/deploy/postgres/pgadmin/values.yaml +index 054ef1ed..cda1a3cc 100644 +--- a/k8s-cd/deploy/postgres/pgadmin/values.yaml ++++ b/k8s-cd/deploy/postgres/pgadmin/values.yaml +@@ -41,7 +41,7 @@ persistence: + service: + type: ClusterIP + port: 80 +-hostname: &hostname pgadmin-dev-46.yas.local.com ++hostname: &hostname pgadmin-dev-13.yas.local.com + ingress: + enabled: true + className: "nginx" diff --git a/k8s-cd/charts/.gitignore b/k8s-cd/charts/.gitignore new file mode 100644 index 0000000000..7d08b3879d --- /dev/null +++ b/k8s-cd/charts/.gitignore @@ -0,0 +1,2 @@ +**/Chart.lock +**/charts/*.tgz \ No newline at end of file diff --git a/k8s-cd/charts/Chart.template.yaml b/k8s-cd/charts/Chart.template.yaml new file mode 100644 index 0000000000..b4f407d7eb --- /dev/null +++ b/k8s-cd/charts/Chart.template.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: {{service}} +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend \ No newline at end of file diff --git a/k8s-cd/charts/backend/.helmignore b/k8s-cd/charts/backend/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/backend/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/backend/Chart.yaml b/k8s-cd/charts/backend/Chart.yaml new file mode 100644 index 0000000000..26ba14033a --- /dev/null +++ b/k8s-cd/charts/backend/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: backend +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" diff --git a/k8s-cd/charts/backend/README.md b/k8s-cd/charts/backend/README.md new file mode 100644 index 0000000000..815466b2bb --- /dev/null +++ b/k8s-cd/charts/backend/README.md @@ -0,0 +1 @@ +The base chart for backend application \ No newline at end of file diff --git a/k8s-cd/charts/backend/templates/NOTES.txt b/k8s-cd/charts/backend/templates/NOTES.txt new file mode 100644 index 0000000000..2d6453175e --- /dev/null +++ b/k8s-cd/charts/backend/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "backend.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "backend.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "backend.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "backend.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/k8s-cd/charts/backend/templates/_helpers.tpl b/k8s-cd/charts/backend/templates/_helpers.tpl new file mode 100644 index 0000000000..471310f063 --- /dev/null +++ b/k8s-cd/charts/backend/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "backend.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "backend.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "backend.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "backend.labels" -}} +helm.sh/chart: {{ include "backend.chart" . }} +{{ include "backend.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "backend.selectorLabels" -}} +app.kubernetes.io/name: {{ include "backend.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "backend.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "backend.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/backend/templates/deployment.yaml b/k8s-cd/charts/backend/templates/deployment.yaml new file mode 100644 index 0000000000..7f31d5f713 --- /dev/null +++ b/k8s-cd/charts/backend/templates/deployment.yaml @@ -0,0 +1,101 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "backend.fullname" . }} + labels: + {{- include "backend.labels" . | nindent 4 }} + annotations: + {{- toYaml .Values.deployment.annotations | nindent 4 }} + {{- if .Values.deployment.extraAnnotations }} + {{- toYaml .Values.deployment.extraAnnotations | nindent 4 }} + {{- end }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "backend.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "backend.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "backend.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + volumes: + - name: yas-configuration + configMap: + name: yas-configuration-configmap + {{- with .Values.extraVolumes}} + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: {{ include "backend.fullname" . }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + envFrom: + - secretRef: + name: yas-postgresql-credentials-secret + {{- with .Values.extraEnvFroms }} + {{- toYaml . | nindent 12 }} + {{- end }} + env: + - name: LOGGING_CONFIG + value: {{ .Values.logbackXmlPath }} + - name: SPRING_DATASOURCE_URL + value: {{ .Values.databaseConnectionUrl }}/{{ .Values.databaseName }} + {{- if .Values.extraApplicationConfigPaths }} + - name: SPRING_CONFIG_ADDITIONAL_LOCATION + value: /opt/yas/config/application.yaml,{{ join "," .Values.extraApplicationConfigPaths }} + {{- else }} + - name: SPRING_CONFIG_ADDITIONAL_LOCATION + value: /opt/yas/config/application.yaml + {{- end }} + {{- with .Values.extraEnvs }} + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /opt/yas/config + name: yas-configuration + {{- with .Values.extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.httpPort }} + protocol: TCP + - name: metric + containerPort: {{ .Values.metricPort }} + lifecycle: + {{ toYaml .Values.lifecycle | nindent 12 }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} \ No newline at end of file diff --git a/k8s-cd/charts/backend/templates/extra-manifests.yaml b/k8s-cd/charts/backend/templates/extra-manifests.yaml new file mode 100644 index 0000000000..d6abe5fbf9 --- /dev/null +++ b/k8s-cd/charts/backend/templates/extra-manifests.yaml @@ -0,0 +1,8 @@ +{{ range .Values.extraObjects }} +--- +{{- if typeIs "string" . }} +{{- tpl . $ }} +{{- else }} +{{- tpl (toYaml .) $ }} +{{- end }} +{{ end }} \ No newline at end of file diff --git a/k8s-cd/charts/backend/templates/hpa.yaml b/k8s-cd/charts/backend/templates/hpa.yaml new file mode 100644 index 0000000000..c32d92b42d --- /dev/null +++ b/k8s-cd/charts/backend/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "backend.fullname" . }} + labels: + {{- include "backend.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "backend.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/k8s-cd/charts/backend/templates/ingress.yaml b/k8s-cd/charts/backend/templates/ingress.yaml new file mode 100644 index 0000000000..ab69718c15 --- /dev/null +++ b/k8s-cd/charts/backend/templates/ingress.yaml @@ -0,0 +1,50 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "backend.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "backend.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- with .Values.ingress.tls }} + - hosts: + - {{ .host | quote }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- with .Values.ingress }} + - host: {{ .host}} + http: + paths: + - path: {{ .path }} + pathType: {{ .pathType }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- end }} +{{- end }} diff --git a/k8s-cd/charts/backend/templates/service.yaml b/k8s-cd/charts/backend/templates/service.yaml new file mode 100644 index 0000000000..26c0388d25 --- /dev/null +++ b/k8s-cd/charts/backend/templates/service.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "backend.fullname" . }} + labels: + {{- include "backend.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + - port: {{ .Values.metricPort }} + targetPort: metric + protocol: TCP + name: metric + selector: + {{- include "backend.selectorLabels" . | nindent 4 }} diff --git a/k8s-cd/charts/backend/templates/serviceaccount.yaml b/k8s-cd/charts/backend/templates/serviceaccount.yaml new file mode 100644 index 0000000000..a43e942508 --- /dev/null +++ b/k8s-cd/charts/backend/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "backend.serviceAccountName" . }} + labels: + {{- include "backend.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/k8s-cd/charts/backend/templates/servicemonitoring.yaml b/k8s-cd/charts/backend/templates/servicemonitoring.yaml new file mode 100644 index 0000000000..4e5382ee7d --- /dev/null +++ b/k8s-cd/charts/backend/templates/servicemonitoring.yaml @@ -0,0 +1,15 @@ +{{- if .Values.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "backend.fullname" . }} + labels: + release: prometheus +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "backend.fullname" . }} + endpoints: + - port: 'metric' + path: '/actuator/prometheus' + {{- end }} \ No newline at end of file diff --git a/k8s-cd/charts/backend/values.yaml b/k8s-cd/charts/backend/values.yaml new file mode 100644 index 0000000000..480e0e5ca7 --- /dev/null +++ b/k8s-cd/charts/backend/values.yaml @@ -0,0 +1,148 @@ +# Default values for backend. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: "" + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 +logbackXmlPath: /opt/yas/config/logback.xml +httpPort: 80 +metricPort: 8090 +databaseConnectionUrl: jdbc:postgresql://postgresql:5432 +databaseName: postgres + +deployment: + annotations: + reloader.stakater.com/search: "true" + extraAnnotations: [] + +extraEnvs: [] +# - name: EXTRA_VARIABLE_NAME +# value: extra variable data + +extraEnvFroms: [] +# - secretRef: +# name: secret-name-extra + +extraObjects: [] +# - apiVersion: v1 +# kind: ConfigMap +# metadata: +# name: example-extra-configmap +# data: +# example-key: example-data +# - apiVersion: v1 +# kind: Secret +# metadata: +# name: example-extra-secret +# type: Opaque +# data: +# example-key: base64 encoded data + +extraVolumes: [] +# - name: volume-extra-example +# configMap: +# name: example-extra-configmap + +extraVolumeMounts: [] +# - mountPath: /example-path +# name: volume-extra-example + +extraApplicationConfigPaths: [] +# - /opt/config/application-example.yaml + +lifecycle: + preStop: + exec: + command: ["sh", "-c", "sleep 10"] + +terminationGracePeriodSeconds: 45 + +livenessProbe: + periodSeconds: 10 + failureThreshold: 12 + successThreshold: 1 + httpGet: + path: /actuator/health/liveness + port: metric + +readinessProbe: + periodSeconds: 10 + failureThreshold: 12 + successThreshold: 1 + httpGet: + path: /actuator/health/readiness + port: metric + +serviceMonitor: + enabled: true + +service: + type: ClusterIP + port: 80 + +ingress: + enabled: false + className: "nginx" + annotations: {} + host: chart-example.local + path: / + pathType: ImplementationSpecific + tls: {} +# secretName: chart-example-tls +# host: chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/k8s-cd/charts/backoffice-bff/.helmignore b/k8s-cd/charts/backoffice-bff/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/backoffice-bff/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/backoffice-bff/Chart.yaml b/k8s-cd/charts/backoffice-bff/Chart.yaml new file mode 100644 index 0000000000..e367b58903 --- /dev/null +++ b/k8s-cd/charts/backoffice-bff/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: backoffice-bff +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-cd/charts/backoffice-bff/templates/_helpers.tpl b/k8s-cd/charts/backoffice-bff/templates/_helpers.tpl new file mode 100644 index 0000000000..490dccb417 --- /dev/null +++ b/k8s-cd/charts/backoffice-bff/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "backoffice-bff.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "backoffice-bff.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "backoffice-bff.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "backoffice-bff.labels" -}} +helm.sh/chart: {{ include "backoffice-bff.chart" . }} +{{ include "backoffice-bff.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "backoffice-bff.selectorLabels" -}} +app.kubernetes.io/name: {{ include "backoffice-bff.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "backoffice-bff.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "backoffice-bff.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/backoffice-bff/values.yaml b/k8s-cd/charts/backoffice-bff/values.yaml new file mode 100644 index 0000000000..534317dd3c --- /dev/null +++ b/k8s-cd/charts/backoffice-bff/values.yaml @@ -0,0 +1,39 @@ +backend: + image: + repository: hownamee/yas-backoffice-bff + tag: latest + + nameOverride: backoffice-bff + fullnameOverride: backoffice-bff + deployment: + annotations: + configmap.reloader.stakater.com/reload: "yas-gateway-routes-config-configmap,backoffice-bff-extra-configmap" + ingress: + enabled: true + host: backoffice.yas.local.com + path: / + extraEnvs: + - name: SPRING_PROFILES_ACTIVE + value: prod + - name: UI_HOST + value: http://backoffice-ui:3000 + extraEnvFroms: + - secretRef: + name: yas-keycloak-credentials-secret + - secretRef: + name: yas-redis-credentials-secret + extraVolumes: + - name: yas-gateway-routes-config + configMap: + name: yas-gateway-routes-config-configmap + - name: backoffice-bff-extra-config + configMap: + name: backoffice-bff-extra-configmap + extraVolumeMounts: + - name: yas-gateway-routes-config + mountPath: /opt/yas/gateway-routes-config + - name: backoffice-bff-extra-config + mountPath: /opt/yas/extra-config + extraApplicationConfigPaths: + - /opt/yas/gateway-routes-config/gateway-routes-config.yaml + - /opt/yas/extra-config/backoffice-bff-extra-config.yaml \ No newline at end of file diff --git a/k8s-cd/charts/backoffice-ui/.helmignore b/k8s-cd/charts/backoffice-ui/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/backoffice-ui/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/backoffice-ui/Chart.yaml b/k8s-cd/charts/backoffice-ui/Chart.yaml new file mode 100644 index 0000000000..3c8c678dee --- /dev/null +++ b/k8s-cd/charts/backoffice-ui/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: backoffice-ui +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: ui + version: 0.1.0 + repository: file://../ui diff --git a/k8s-cd/charts/backoffice-ui/templates/_helpers.tpl b/k8s-cd/charts/backoffice-ui/templates/_helpers.tpl new file mode 100644 index 0000000000..6e9380608c --- /dev/null +++ b/k8s-cd/charts/backoffice-ui/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "backoffice-ui.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "backoffice-ui.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "backoffice-ui.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "backoffice-ui.labels" -}} +helm.sh/chart: {{ include "backoffice-ui.chart" . }} +{{ include "backoffice-ui.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "backoffice-ui.selectorLabels" -}} +app.kubernetes.io/name: {{ include "backoffice-ui.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "backoffice-ui.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "backoffice-ui.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/backoffice-ui/values.yaml b/k8s-cd/charts/backoffice-ui/values.yaml new file mode 100644 index 0000000000..af82de9fd9 --- /dev/null +++ b/k8s-cd/charts/backoffice-ui/values.yaml @@ -0,0 +1,8 @@ +ui: + image: + repository: hownamee/yas-backoffice + tag: latest + nameOverride: backoffice-ui + fullnameOverride: backoffice-ui + ingress: + enabled: false \ No newline at end of file diff --git a/k8s-cd/charts/cart/.helmignore b/k8s-cd/charts/cart/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/cart/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/cart/Chart.yaml b/k8s-cd/charts/cart/Chart.yaml new file mode 100644 index 0000000000..1acc5c4771 --- /dev/null +++ b/k8s-cd/charts/cart/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: cart +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.2.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-cd/charts/cart/templates/_helpers.tpl b/k8s-cd/charts/cart/templates/_helpers.tpl new file mode 100644 index 0000000000..459ede7896 --- /dev/null +++ b/k8s-cd/charts/cart/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "cart.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "cart.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "cart.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "cart.labels" -}} +helm.sh/chart: {{ include "cart.chart" . }} +{{ include "cart.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "cart.selectorLabels" -}} +app.kubernetes.io/name: {{ include "cart.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "cart.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "cart.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/cart/values.yaml b/k8s-cd/charts/cart/values.yaml new file mode 100644 index 0000000000..6195cc2a73 --- /dev/null +++ b/k8s-cd/charts/cart/values.yaml @@ -0,0 +1,19 @@ +backend: + image: + repository: hownamee/yas-cart + tag: latest + + nameOverride: cart + fullnameOverride: cart + databaseName: cart + ingress: + enabled: false + extraVolumes: + - name: cart-application-config + configMap: + name: cart-application-configmap + extraVolumeMounts: + - name: cart-application-config + mountPath: /opt/yas/cart + extraApplicationConfigPaths: + - /opt/yas/cart/cart-application.yaml diff --git a/k8s-cd/charts/create-charts.sh b/k8s-cd/charts/create-charts.sh new file mode 100644 index 0000000000..bbc17076e9 --- /dev/null +++ b/k8s-cd/charts/create-charts.sh @@ -0,0 +1,17 @@ +#!/bin/bash +for chart in {"cart","inventory","location","order","payment","payment-paypal","product","promotion","rating","search","tax"} ; do + helm create "$chart" + + # Remove all file except _helpers.tpl + find ./"$chart"/templates/* ! -name '_helpers.tpl' -exec rm -rf {} + + + # Overwrite values.yaml file + values_template=$(cat values.template.yaml) + values_file=${values_template//\{\{service\}\}/$chart} + echo "$values_file" > ./"$chart"/values.yaml + + # Overwrite Chart.yaml file + chart_template=$(cat Chart.template.yaml) + chart_file=${chart_template//\{\{service\}\}/$chart} + echo "$chart_file" > ./"$chart"/Chart.yaml +done \ No newline at end of file diff --git a/k8s-cd/charts/customer/.helmignore b/k8s-cd/charts/customer/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/customer/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/customer/Chart.yaml b/k8s-cd/charts/customer/Chart.yaml new file mode 100644 index 0000000000..342b841cad --- /dev/null +++ b/k8s-cd/charts/customer/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: customer +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-cd/charts/customer/templates/_helpers.tpl b/k8s-cd/charts/customer/templates/_helpers.tpl new file mode 100644 index 0000000000..830396619e --- /dev/null +++ b/k8s-cd/charts/customer/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "customer.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "customer.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "customer.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "customer.labels" -}} +helm.sh/chart: {{ include "customer.chart" . }} +{{ include "customer.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "customer.selectorLabels" -}} +app.kubernetes.io/name: {{ include "customer.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "customer.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "customer.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/customer/values.yaml b/k8s-cd/charts/customer/values.yaml new file mode 100644 index 0000000000..8c8531e1ac --- /dev/null +++ b/k8s-cd/charts/customer/values.yaml @@ -0,0 +1,22 @@ +backend: + image: + repository: hownamee/yas-customer + tag: latest + + nameOverride: customer + fullnameOverride: customer + databaseName: customer + ingress: + enabled: false + extraEnvFroms: + - secretRef: + name: yas-keycloak-credentials-secret + extraVolumes: + - name: customer-application + configMap: + name: customer-application-configmap + extraVolumeMounts: + - name: customer-application + mountPath: /opt/yas/customer + extraApplicationConfigPaths: + - /opt/yas/customer/customer-application.yaml diff --git a/k8s-cd/charts/inventory/.helmignore b/k8s-cd/charts/inventory/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/inventory/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/inventory/Chart.yaml b/k8s-cd/charts/inventory/Chart.yaml new file mode 100644 index 0000000000..dec813d07b --- /dev/null +++ b/k8s-cd/charts/inventory/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: inventory +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-cd/charts/inventory/templates/_helpers.tpl b/k8s-cd/charts/inventory/templates/_helpers.tpl new file mode 100644 index 0000000000..1dfca15198 --- /dev/null +++ b/k8s-cd/charts/inventory/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "inventory.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "inventory.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "inventory.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "inventory.labels" -}} +helm.sh/chart: {{ include "inventory.chart" . }} +{{ include "inventory.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "inventory.selectorLabels" -}} +app.kubernetes.io/name: {{ include "inventory.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "inventory.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "inventory.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/inventory/values.yaml b/k8s-cd/charts/inventory/values.yaml new file mode 100644 index 0000000000..60d7f7f806 --- /dev/null +++ b/k8s-cd/charts/inventory/values.yaml @@ -0,0 +1,10 @@ +backend: + image: + repository: hownamee/yas-inventory + tag: latest + + nameOverride: inventory + fullnameOverride: inventory + databaseName: inventory + ingress: + enabled: false diff --git a/k8s-cd/charts/location/.helmignore b/k8s-cd/charts/location/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/location/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/location/Chart.yaml b/k8s-cd/charts/location/Chart.yaml new file mode 100644 index 0000000000..2ad4c315f2 --- /dev/null +++ b/k8s-cd/charts/location/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: location +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-cd/charts/location/templates/_helpers.tpl b/k8s-cd/charts/location/templates/_helpers.tpl new file mode 100644 index 0000000000..cbc879113c --- /dev/null +++ b/k8s-cd/charts/location/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "location.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "location.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "location.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "location.labels" -}} +helm.sh/chart: {{ include "location.chart" . }} +{{ include "location.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "location.selectorLabels" -}} +app.kubernetes.io/name: {{ include "location.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "location.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "location.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/location/values.yaml b/k8s-cd/charts/location/values.yaml new file mode 100644 index 0000000000..c1e13df106 --- /dev/null +++ b/k8s-cd/charts/location/values.yaml @@ -0,0 +1,10 @@ +backend: + image: + repository: hownamee/yas-location + tag: latest + + nameOverride: location + fullnameOverride: location + databaseName: location + ingress: + enabled: false diff --git a/k8s-cd/charts/media/.helmignore b/k8s-cd/charts/media/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/media/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/media/Chart.yaml b/k8s-cd/charts/media/Chart.yaml new file mode 100644 index 0000000000..8b54b8e584 --- /dev/null +++ b/k8s-cd/charts/media/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: media +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-cd/charts/media/templates/_helpers.tpl b/k8s-cd/charts/media/templates/_helpers.tpl new file mode 100644 index 0000000000..5cbd4de41c --- /dev/null +++ b/k8s-cd/charts/media/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "media.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "media.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "media.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "media.labels" -}} +helm.sh/chart: {{ include "media.chart" . }} +{{ include "media.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "media.selectorLabels" -}} +app.kubernetes.io/name: {{ include "media.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "media.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "media.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/media/values.yaml b/k8s-cd/charts/media/values.yaml new file mode 100644 index 0000000000..684d267b2a --- /dev/null +++ b/k8s-cd/charts/media/values.yaml @@ -0,0 +1,20 @@ +backend: + image: + repository: hownamee/yas-media + tag: latest + + nameOverride: media + fullnameOverride: media + databaseName: media + ingress: + enabled: false + extraVolumes: + - name: media-application + configMap: + name: media-application-configmap + extraVolumeMounts: + - name: media-application + mountPath: /opt/yas/media + extraApplicationConfigPaths: + - /opt/yas/media/media-application.yaml + diff --git a/k8s-cd/charts/order/.helmignore b/k8s-cd/charts/order/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/order/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/order/Chart.yaml b/k8s-cd/charts/order/Chart.yaml new file mode 100644 index 0000000000..e95d954fc8 --- /dev/null +++ b/k8s-cd/charts/order/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: order +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.2.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-cd/charts/order/templates/_helpers.tpl b/k8s-cd/charts/order/templates/_helpers.tpl new file mode 100644 index 0000000000..b6400062c4 --- /dev/null +++ b/k8s-cd/charts/order/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "order.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "order.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "order.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "order.labels" -}} +helm.sh/chart: {{ include "order.chart" . }} +{{ include "order.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "order.selectorLabels" -}} +app.kubernetes.io/name: {{ include "order.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "order.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "order.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/order/values.yaml b/k8s-cd/charts/order/values.yaml new file mode 100644 index 0000000000..8aa4780f90 --- /dev/null +++ b/k8s-cd/charts/order/values.yaml @@ -0,0 +1,19 @@ +backend: + image: + repository: hownamee/yas-order + tag: latest + + nameOverride: order + fullnameOverride: order + databaseName: order + ingress: + enabled: false + extraVolumes: + - name: order-application-config + configMap: + name: order-application-configmap + extraVolumeMounts: + - name: order-application-config + mountPath: /opt/yas/order + extraApplicationConfigPaths: + - /opt/yas/order/order-application.yaml \ No newline at end of file diff --git a/k8s-cd/charts/payment-paypal/.helmignore b/k8s-cd/charts/payment-paypal/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/payment-paypal/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/payment-paypal/Chart.yaml b/k8s-cd/charts/payment-paypal/Chart.yaml new file mode 100644 index 0000000000..a5d5abda76 --- /dev/null +++ b/k8s-cd/charts/payment-paypal/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: payment-paypal +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.2.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-cd/charts/payment-paypal/templates/_helpers.tpl b/k8s-cd/charts/payment-paypal/templates/_helpers.tpl new file mode 100644 index 0000000000..01b9112f9e --- /dev/null +++ b/k8s-cd/charts/payment-paypal/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "payment-paypal.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "payment-paypal.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "payment-paypal.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "payment-paypal.labels" -}} +helm.sh/chart: {{ include "payment-paypal.chart" . }} +{{ include "payment-paypal.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "payment-paypal.selectorLabels" -}} +app.kubernetes.io/name: {{ include "payment-paypal.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "payment-paypal.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "payment-paypal.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/payment-paypal/values.yaml b/k8s-cd/charts/payment-paypal/values.yaml new file mode 100644 index 0000000000..53b1712fbe --- /dev/null +++ b/k8s-cd/charts/payment-paypal/values.yaml @@ -0,0 +1,19 @@ +backend: + image: + repository: hownamee/yas-payment-paypal + tag: latest + + nameOverride: payment-paypal + fullnameOverride: payment-paypal + databaseName: payment-paypal + ingress: + enabled: false + extraVolumes: + - name: payment-paypal-application-config + configMap: + name: payment-paypal-application-configmap + extraVolumeMounts: + - name: payment-paypal-application-config + mountPath: /opt/yas/payment-paypal + extraApplicationConfigPaths: + - /opt/yas/payment-paypal/payment-paypal-application.yaml \ No newline at end of file diff --git a/k8s-cd/charts/payment/.helmignore b/k8s-cd/charts/payment/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/payment/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/payment/Chart.yaml b/k8s-cd/charts/payment/Chart.yaml new file mode 100644 index 0000000000..918abebdb4 --- /dev/null +++ b/k8s-cd/charts/payment/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: payment +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.2.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-cd/charts/payment/templates/_helpers.tpl b/k8s-cd/charts/payment/templates/_helpers.tpl new file mode 100644 index 0000000000..74b097c6be --- /dev/null +++ b/k8s-cd/charts/payment/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "payment.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "payment.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "payment.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "payment.labels" -}} +helm.sh/chart: {{ include "payment.chart" . }} +{{ include "payment.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "payment.selectorLabels" -}} +app.kubernetes.io/name: {{ include "payment.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "payment.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "payment.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/payment/values.yaml b/k8s-cd/charts/payment/values.yaml new file mode 100644 index 0000000000..ac6648cdc7 --- /dev/null +++ b/k8s-cd/charts/payment/values.yaml @@ -0,0 +1,19 @@ +backend: + image: + repository: hownamee/yas-payment + tag: latest + + nameOverride: payment + fullnameOverride: payment + databaseName: payment + ingress: + enabled: false + extraVolumes: + - name: payment-application-config + configMap: + name: payment-application-configmap + extraVolumeMounts: + - name: payment-application-config + mountPath: /opt/yas/payment + extraApplicationConfigPaths: + - /opt/yas/payment/payment-application.yaml \ No newline at end of file diff --git a/k8s-cd/charts/product/.helmignore b/k8s-cd/charts/product/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/product/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/product/Chart.yaml b/k8s-cd/charts/product/Chart.yaml new file mode 100644 index 0000000000..4fca56c793 --- /dev/null +++ b/k8s-cd/charts/product/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: product +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-cd/charts/product/templates/_helpers.tpl b/k8s-cd/charts/product/templates/_helpers.tpl new file mode 100644 index 0000000000..c7a726f1ef --- /dev/null +++ b/k8s-cd/charts/product/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "product.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "product.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "product.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "product.labels" -}} +helm.sh/chart: {{ include "product.chart" . }} +{{ include "product.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "product.selectorLabels" -}} +app.kubernetes.io/name: {{ include "product.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "product.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "product.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/product/values.yaml b/k8s-cd/charts/product/values.yaml new file mode 100644 index 0000000000..cce90d759b --- /dev/null +++ b/k8s-cd/charts/product/values.yaml @@ -0,0 +1,19 @@ +backend: + image: + repository: hownamee/yas-product + tag: latest + + nameOverride: product + fullnameOverride: product + databaseName: product + ingress: + enabled: false + extraVolumes: + - name: product-application-config + configMap: + name: product-application-configmap + extraVolumeMounts: + - name: product-application-config + mountPath: /opt/yas/product + extraApplicationConfigPaths: + - /opt/yas/product/product-application.yaml diff --git a/k8s-cd/charts/promotion/.helmignore b/k8s-cd/charts/promotion/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/promotion/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/promotion/Chart.yaml b/k8s-cd/charts/promotion/Chart.yaml new file mode 100644 index 0000000000..ed65cc6684 --- /dev/null +++ b/k8s-cd/charts/promotion/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: promotion +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-cd/charts/promotion/templates/_helpers.tpl b/k8s-cd/charts/promotion/templates/_helpers.tpl new file mode 100644 index 0000000000..2303e18d95 --- /dev/null +++ b/k8s-cd/charts/promotion/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "promotion.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "promotion.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "promotion.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "promotion.labels" -}} +helm.sh/chart: {{ include "promotion.chart" . }} +{{ include "promotion.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "promotion.selectorLabels" -}} +app.kubernetes.io/name: {{ include "promotion.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "promotion.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "promotion.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/promotion/values.yaml b/k8s-cd/charts/promotion/values.yaml new file mode 100644 index 0000000000..c39ffde139 --- /dev/null +++ b/k8s-cd/charts/promotion/values.yaml @@ -0,0 +1,10 @@ +backend: + image: + repository: hownamee/yas-promotion + tag: latest + + nameOverride: promotion + fullnameOverride: promotion + databaseName: promotion + ingress: + enabled: false diff --git a/k8s-cd/charts/rating/.helmignore b/k8s-cd/charts/rating/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/rating/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/rating/Chart.yaml b/k8s-cd/charts/rating/Chart.yaml new file mode 100644 index 0000000000..d8d31581d8 --- /dev/null +++ b/k8s-cd/charts/rating/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: rating +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-cd/charts/rating/templates/_helpers.tpl b/k8s-cd/charts/rating/templates/_helpers.tpl new file mode 100644 index 0000000000..e82b9b6767 --- /dev/null +++ b/k8s-cd/charts/rating/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "rating.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "rating.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "rating.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "rating.labels" -}} +helm.sh/chart: {{ include "rating.chart" . }} +{{ include "rating.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "rating.selectorLabels" -}} +app.kubernetes.io/name: {{ include "rating.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "rating.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "rating.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/rating/values.yaml b/k8s-cd/charts/rating/values.yaml new file mode 100644 index 0000000000..8b56e18d54 --- /dev/null +++ b/k8s-cd/charts/rating/values.yaml @@ -0,0 +1,10 @@ +backend: + image: + repository: hownamee/yas-rating + tag: latest + + nameOverride: rating + fullnameOverride: rating + databaseName: rating + ingress: + enabled: false diff --git a/k8s-cd/charts/recommendation/.helmignore b/k8s-cd/charts/recommendation/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/recommendation/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/recommendation/Chart.yaml b/k8s-cd/charts/recommendation/Chart.yaml new file mode 100644 index 0000000000..ad75bd67c6 --- /dev/null +++ b/k8s-cd/charts/recommendation/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: recommendation +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-cd/charts/recommendation/templates/_helpers.tpl b/k8s-cd/charts/recommendation/templates/_helpers.tpl new file mode 100644 index 0000000000..4945313c24 --- /dev/null +++ b/k8s-cd/charts/recommendation/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "recommendation.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "recommendation.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "recommendation.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "recommendation.labels" -}} +helm.sh/chart: {{ include "recommendation.chart" . }} +{{ include "recommendation.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "recommendation.selectorLabels" -}} +app.kubernetes.io/name: {{ include "recommendation.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "recommendation.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "recommendation.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/recommendation/values.yaml b/k8s-cd/charts/recommendation/values.yaml new file mode 100644 index 0000000000..0fccede06a --- /dev/null +++ b/k8s-cd/charts/recommendation/values.yaml @@ -0,0 +1,22 @@ +backend: + image: + repository: hownamee/yas-recommendation + tag: latest + + nameOverride: recommendation + fullnameOverride: recommendation + databaseName: recommendation + ingress: + enabled: false + extraEnvFroms: + - secretRef: + name: yas-openai-api-key-secret + extraVolumes: + - name: recommendation-application + configMap: + name: recommendation-application-configmap + extraVolumeMounts: + - name: recommendation-application + mountPath: /opt/yas/recommendation + extraApplicationConfigPaths: + - /opt/yas/recommendation/recommendation-application.yaml diff --git a/k8s-cd/charts/sampledata/.helmignore b/k8s-cd/charts/sampledata/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/sampledata/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/sampledata/Chart.yaml b/k8s-cd/charts/sampledata/Chart.yaml new file mode 100644 index 0000000000..66d3404648 --- /dev/null +++ b/k8s-cd/charts/sampledata/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: sampledata +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-cd/charts/sampledata/templates/_helpers.tpl b/k8s-cd/charts/sampledata/templates/_helpers.tpl new file mode 100644 index 0000000000..daf7974fb4 --- /dev/null +++ b/k8s-cd/charts/sampledata/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "sampledata.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "sampledata.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "sampledata.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "sampledata.labels" -}} +helm.sh/chart: {{ include "sampledata.chart" . }} +{{ include "sampledata.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "sampledata.selectorLabels" -}} +app.kubernetes.io/name: {{ include "sampledata.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "sampledata.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "sampledata.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/sampledata/values.yaml b/k8s-cd/charts/sampledata/values.yaml new file mode 100644 index 0000000000..d1541f89b3 --- /dev/null +++ b/k8s-cd/charts/sampledata/values.yaml @@ -0,0 +1,19 @@ +backend: + image: + repository: hownamee/yas-sampledata + tag: latest + + nameOverride: sampledata + fullnameOverride: sampledata + databaseName: sampledata + ingress: + enabled: false + extraVolumes: + - name: sampledata-application + configMap: + name: sampledata-application-configmap + extraVolumeMounts: + - name: sampledata-application + mountPath: /opt/yas/sampledata + extraApplicationConfigPaths: + - /opt/yas/sampledata/sampledata-application.yaml diff --git a/k8s-cd/charts/search/.helmignore b/k8s-cd/charts/search/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/search/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/search/Chart.yaml b/k8s-cd/charts/search/Chart.yaml new file mode 100644 index 0000000000..c202859003 --- /dev/null +++ b/k8s-cd/charts/search/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: search +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-cd/charts/search/templates/_helpers.tpl b/k8s-cd/charts/search/templates/_helpers.tpl new file mode 100644 index 0000000000..067a40637f --- /dev/null +++ b/k8s-cd/charts/search/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "search.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "search.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "search.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "search.labels" -}} +helm.sh/chart: {{ include "search.chart" . }} +{{ include "search.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "search.selectorLabels" -}} +app.kubernetes.io/name: {{ include "search.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "search.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "search.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/search/values.yaml b/k8s-cd/charts/search/values.yaml new file mode 100644 index 0000000000..c04d8da756 --- /dev/null +++ b/k8s-cd/charts/search/values.yaml @@ -0,0 +1,22 @@ +backend: + image: + repository: hownamee/yas-search + tag: latest + + nameOverride: search + fullnameOverride: search + databaseName: search + ingress: + enabled: false + extraEnvFroms: + - secretRef: + name: yas-elasticsearch-credentials-secret + extraVolumes: + - name: search-application + configMap: + name: search-application-configmap + extraVolumeMounts: + - name: search-application + mountPath: /opt/yas/search + extraApplicationConfigPaths: + - /opt/yas/search/search-application.yaml diff --git a/k8s-cd/charts/storefront-bff/.helmignore b/k8s-cd/charts/storefront-bff/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/storefront-bff/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/storefront-bff/Chart.yaml b/k8s-cd/charts/storefront-bff/Chart.yaml new file mode 100644 index 0000000000..8a89664866 --- /dev/null +++ b/k8s-cd/charts/storefront-bff/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: storefront-bff +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-cd/charts/storefront-bff/templates/_helpers.tpl b/k8s-cd/charts/storefront-bff/templates/_helpers.tpl new file mode 100644 index 0000000000..65abf0052b --- /dev/null +++ b/k8s-cd/charts/storefront-bff/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "storefront-bff.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "storefront-bff.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "storefront-bff.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "storefront-bff.labels" -}} +helm.sh/chart: {{ include "storefront-bff.chart" . }} +{{ include "storefront-bff.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "storefront-bff.selectorLabels" -}} +app.kubernetes.io/name: {{ include "storefront-bff.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "storefront-bff.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "storefront-bff.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/storefront-bff/templates/storefront-bff.configmap.yaml b/k8s-cd/charts/storefront-bff/templates/storefront-bff.configmap.yaml new file mode 100644 index 0000000000..3c0eb0b93d --- /dev/null +++ b/k8s-cd/charts/storefront-bff/templates/storefront-bff.configmap.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: storefront-bff-configmap + annotations: + reloader.stakater.com/match: "true" +data: + backoffice-bff-application.yaml: | + {{- toYaml .Values.storefrontBffApplicationConfig | nindent 4 }} \ No newline at end of file diff --git a/k8s-cd/charts/storefront-bff/values.yaml b/k8s-cd/charts/storefront-bff/values.yaml new file mode 100644 index 0000000000..5fbdb906da --- /dev/null +++ b/k8s-cd/charts/storefront-bff/values.yaml @@ -0,0 +1,42 @@ +backend: + image: + repository: hownamee/yas-storefront-bff + tag: latest + + nameOverride: storefront-bff + fullnameOverride: storefront-bff + + deployment: + annotations: + configmap.reloader.stakater.com/reload: "yas-gateway-routes-config-configmap,storefront-bff-extra-configmap" + + ingress: + enabled: true + host: storefront.yas.local.com + path: / + + extraEnvs: + - name: SPRING_PROFILES_ACTIVE + value: prod + - name: UI_HOST + value: http://storefront-ui:3000 + extraEnvFroms: + - secretRef: + name: yas-keycloak-credentials-secret + - secretRef: + name: yas-redis-credentials-secret + extraVolumes: + - name: yas-gateway-routes-config + configMap: + name: yas-gateway-routes-config-configmap + - name: storefront-bff-extra-config + configMap: + name: storefront-bff-extra-configmap + extraVolumeMounts: + - name: yas-gateway-routes-config + mountPath: /opt/yas/gateway-routes-config + - name: storefront-bff-extra-config + mountPath: /opt/yas/extra-config + extraApplicationConfigPaths: + - /opt/yas/gateway-routes-config/gateway-routes-config.yaml + - /opt/yas/extra-config/storefront-bff-extra-config.yaml \ No newline at end of file diff --git a/k8s-cd/charts/storefront-ui/.helmignore b/k8s-cd/charts/storefront-ui/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/storefront-ui/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/storefront-ui/Chart.yaml b/k8s-cd/charts/storefront-ui/Chart.yaml new file mode 100644 index 0000000000..05aa67ff9e --- /dev/null +++ b/k8s-cd/charts/storefront-ui/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: storefront-ui +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: ui + version: 0.1.0 + repository: file://../ui \ No newline at end of file diff --git a/k8s-cd/charts/storefront-ui/templates/_helpers.tpl b/k8s-cd/charts/storefront-ui/templates/_helpers.tpl new file mode 100644 index 0000000000..40e4fb215b --- /dev/null +++ b/k8s-cd/charts/storefront-ui/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "storefront-ui.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "storefront-ui.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "storefront-ui.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "storefront-ui.labels" -}} +helm.sh/chart: {{ include "storefront-ui.chart" . }} +{{ include "storefront-ui.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "storefront-ui.selectorLabels" -}} +app.kubernetes.io/name: {{ include "storefront-ui.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "storefront-ui.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "storefront-ui.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/storefront-ui/templates/storefront-env-production.configmap.yaml b/k8s-cd/charts/storefront-ui/templates/storefront-env-production.configmap.yaml new file mode 100644 index 0000000000..8682cde1cd --- /dev/null +++ b/k8s-cd/charts/storefront-ui/templates/storefront-env-production.configmap.yaml @@ -0,0 +1,11 @@ +{{- if .Values.storefrontEnvProduction }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: storefront-env-production-configmap + annotations: + reloader.stakater.com/match: "true" +data: + .env.production: | + {{ .Values.storefrontEnvProduction | nindent 4 }} + {{- end }} \ No newline at end of file diff --git a/k8s-cd/charts/storefront-ui/values.yaml b/k8s-cd/charts/storefront-ui/values.yaml new file mode 100644 index 0000000000..e7b617d1a1 --- /dev/null +++ b/k8s-cd/charts/storefront-ui/values.yaml @@ -0,0 +1,26 @@ +ui: + image: + repository: hownamee/yas-storefront + tag: latest + nameOverride: storefront-ui + fullnameOverride: storefront-ui +# extraVolumes: +# - name: storefront-env-production +# configMap: +# name: storefront-env-production-configmap +# items: +# - key: .env.production +# path: .env.production +# extraVolumeMounts: +# - name: storefront-env-production +# mountPath: /app/.env.production +# readOnly: true +# subPath: .env.production + extraEnvs: + - name: API_BASE_PATH + value: http://storefront.yas.local.com/api + ingress: + enabled: false + +#storefrontEnvProduction: | +# API_BASE_PATH=http://storefront.yas.local.com/api \ No newline at end of file diff --git a/k8s-cd/charts/swagger-ui/.helmignore b/k8s-cd/charts/swagger-ui/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/swagger-ui/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/swagger-ui/Chart.yaml b/k8s-cd/charts/swagger-ui/Chart.yaml new file mode 100644 index 0000000000..4c87b42beb --- /dev/null +++ b/k8s-cd/charts/swagger-ui/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: swagger-ui +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" diff --git a/k8s-cd/charts/swagger-ui/templates/NOTES.txt b/k8s-cd/charts/swagger-ui/templates/NOTES.txt new file mode 100644 index 0000000000..9a163f5f48 --- /dev/null +++ b/k8s-cd/charts/swagger-ui/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "swagger-ui.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "swagger-ui.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "swagger-ui.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "swagger-ui.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/k8s-cd/charts/swagger-ui/templates/_helpers.tpl b/k8s-cd/charts/swagger-ui/templates/_helpers.tpl new file mode 100644 index 0000000000..c65e4fd1d6 --- /dev/null +++ b/k8s-cd/charts/swagger-ui/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "swagger-ui.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "swagger-ui.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "swagger-ui.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "swagger-ui.labels" -}} +helm.sh/chart: {{ include "swagger-ui.chart" . }} +{{ include "swagger-ui.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "swagger-ui.selectorLabels" -}} +app.kubernetes.io/name: {{ include "swagger-ui.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "swagger-ui.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "swagger-ui.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/swagger-ui/templates/deployment.yaml b/k8s-cd/charts/swagger-ui/templates/deployment.yaml new file mode 100644 index 0000000000..cd9adbbeb8 --- /dev/null +++ b/k8s-cd/charts/swagger-ui/templates/deployment.yaml @@ -0,0 +1,66 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "swagger-ui.fullname" . }} + labels: + {{- include "swagger-ui.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "swagger-ui.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "swagger-ui.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "swagger-ui.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + - name: BASE_URL + value: {{ .Values.baseUrl }} + - name: URLS + value: {{ .Values.urls | quote }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + livenessProbe: + httpGet: + path: {{ .Values.baseUrl }} + port: http + readinessProbe: + httpGet: + path: {{ .Values.baseUrl }} + port: http + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/k8s-cd/charts/swagger-ui/templates/hpa.yaml b/k8s-cd/charts/swagger-ui/templates/hpa.yaml new file mode 100644 index 0000000000..d10579637c --- /dev/null +++ b/k8s-cd/charts/swagger-ui/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "swagger-ui.fullname" . }} + labels: + {{- include "swagger-ui.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "swagger-ui.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/k8s-cd/charts/swagger-ui/templates/ingress.yaml b/k8s-cd/charts/swagger-ui/templates/ingress.yaml new file mode 100644 index 0000000000..75886e7c4e --- /dev/null +++ b/k8s-cd/charts/swagger-ui/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "swagger-ui.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "swagger-ui.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ $.Values.ingress.host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/k8s-cd/charts/swagger-ui/templates/service.yaml b/k8s-cd/charts/swagger-ui/templates/service.yaml new file mode 100644 index 0000000000..4a9c5de32a --- /dev/null +++ b/k8s-cd/charts/swagger-ui/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "swagger-ui.fullname" . }} + labels: + {{- include "swagger-ui.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "swagger-ui.selectorLabels" . | nindent 4 }} diff --git a/k8s-cd/charts/swagger-ui/templates/serviceaccount.yaml b/k8s-cd/charts/swagger-ui/templates/serviceaccount.yaml new file mode 100644 index 0000000000..171bcfeb53 --- /dev/null +++ b/k8s-cd/charts/swagger-ui/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "swagger-ui.serviceAccountName" . }} + labels: + {{- include "swagger-ui.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/k8s-cd/charts/swagger-ui/templates/tests/test-connection.yaml b/k8s-cd/charts/swagger-ui/templates/tests/test-connection.yaml new file mode 100644 index 0000000000..d7e898b777 --- /dev/null +++ b/k8s-cd/charts/swagger-ui/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "swagger-ui.fullname" . }}-test-connection" + labels: + {{- include "swagger-ui.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "swagger-ui.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/k8s-cd/charts/swagger-ui/values.yaml b/k8s-cd/charts/swagger-ui/values.yaml new file mode 100644 index 0000000000..4b1b5723fc --- /dev/null +++ b/k8s-cd/charts/swagger-ui/values.yaml @@ -0,0 +1,97 @@ +# Default values for swagger-ui. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: swaggerapi/swagger-ui + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "v4.16.0" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +baseUrl: /swagger-ui +urls: "[{ url: 'http://api.yas.local.com/product/v3/api-docs', name: 'Product' }, + { url: 'http://api.yas.local.com/media/v3/api-docs', name: 'Media' }, + { url: 'http://api.yas.local.com/customer/v3/api-docs', name: 'Customer' }, + { url: 'http://api.yas.local.com/cart/v3/api-docs', name: 'Cart'}, + { url: 'http://api.yas.local.com/rating/v3/api-docs', name: 'Rating' }, + { url: 'http://api.yas.local.com/order/v3/api-docs', name: 'Order'}, + { url: 'http://api.yas.local.com/payment/v3/api-docs', name: 'Payment'}, + { url: 'http://api.yas.local.com/location/v3/api-docs', name: 'Location'}, + { url: 'http://api.yas.local.com/inventory/v3/api-docs', name: 'Inventory'}, + { url: 'http://api.yas.local.com/tax/v3/api-docs', name: 'Tax' }, + { url: 'http://api.yas.local.com/promotion/v3/api-docs', name: 'Promotion'}, + { url: 'http://api.yas.local.com/search/v3/api-docs', name: 'Search'}]" + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: true + className: "nginx" + host: api.yas.local.com + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: api.yas.local.com + paths: + - path: /swagger-ui + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/k8s-cd/charts/tax/.helmignore b/k8s-cd/charts/tax/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/tax/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/tax/Chart.yaml b/k8s-cd/charts/tax/Chart.yaml new file mode 100644 index 0000000000..4564e75ae7 --- /dev/null +++ b/k8s-cd/charts/tax/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: tax +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-cd/charts/tax/templates/_helpers.tpl b/k8s-cd/charts/tax/templates/_helpers.tpl new file mode 100644 index 0000000000..c533556efe --- /dev/null +++ b/k8s-cd/charts/tax/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "tax.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "tax.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "tax.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "tax.labels" -}} +helm.sh/chart: {{ include "tax.chart" . }} +{{ include "tax.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "tax.selectorLabels" -}} +app.kubernetes.io/name: {{ include "tax.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "tax.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "tax.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/tax/values.yaml b/k8s-cd/charts/tax/values.yaml new file mode 100644 index 0000000000..dfaa655712 --- /dev/null +++ b/k8s-cd/charts/tax/values.yaml @@ -0,0 +1,10 @@ +backend: + image: + repository: hownamee/yas-tax + tag: latest + + nameOverride: tax + fullnameOverride: tax + databaseName: tax + ingress: + enabled: false diff --git a/k8s-cd/charts/ui/.helmignore b/k8s-cd/charts/ui/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/ui/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/ui/Chart.yaml b/k8s-cd/charts/ui/Chart.yaml new file mode 100644 index 0000000000..7467f29c71 --- /dev/null +++ b/k8s-cd/charts/ui/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ui +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" diff --git a/k8s-cd/charts/ui/README.md b/k8s-cd/charts/ui/README.md new file mode 100644 index 0000000000..96cc1a12ae --- /dev/null +++ b/k8s-cd/charts/ui/README.md @@ -0,0 +1 @@ +The base chart for ui application \ No newline at end of file diff --git a/k8s-cd/charts/ui/templates/NOTES.txt b/k8s-cd/charts/ui/templates/NOTES.txt new file mode 100644 index 0000000000..7ee947f547 --- /dev/null +++ b/k8s-cd/charts/ui/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ui.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ui.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ui.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ui.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/k8s-cd/charts/ui/templates/_helpers.tpl b/k8s-cd/charts/ui/templates/_helpers.tpl new file mode 100644 index 0000000000..07e4048494 --- /dev/null +++ b/k8s-cd/charts/ui/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ui.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ui.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ui.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ui.labels" -}} +helm.sh/chart: {{ include "ui.chart" . }} +{{ include "ui.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ui.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ui.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ui.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ui.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/ui/templates/deployment.yaml b/k8s-cd/charts/ui/templates/deployment.yaml new file mode 100644 index 0000000000..153427b3bb --- /dev/null +++ b/k8s-cd/charts/ui/templates/deployment.yaml @@ -0,0 +1,78 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ui.fullname" . }} + labels: + {{- include "ui.labels" . | nindent 4 }} + annotations: + {{- toYaml .Values.deployment.annotations | nindent 4 }} + {{- if .Values.deployment.extraAnnotations }} + {{- toYaml .Values.deployment.extraAnnotations | nindent 4 }} + {{- end }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ui.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "ui.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ui.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- if .Values.extraVolumes }} + volumes: + {{- toYaml .Values.extraVolumes | nindent 8 }} + {{- end }} + containers: + - name: {{ include "ui.fullname" . }} + {{- if .Values.extraEnvs }} + env: + {{- toYaml .Values.extraEnvs | nindent 12 }} + {{- end }} + {{- if .Values.extraVolumeMounts }} + volumeMounts: + {{- toYaml .Values.extraVolumeMounts | nindent 12 }} + {{- end }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.httpPort }} + protocol: TCP + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/k8s-cd/charts/ui/templates/hpa.yaml b/k8s-cd/charts/ui/templates/hpa.yaml new file mode 100644 index 0000000000..aa932aa447 --- /dev/null +++ b/k8s-cd/charts/ui/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ui.fullname" . }} + labels: + {{- include "ui.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ui.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/k8s-cd/charts/ui/templates/ingress.yaml b/k8s-cd/charts/ui/templates/ingress.yaml new file mode 100644 index 0000000000..9bdbbea52e --- /dev/null +++ b/k8s-cd/charts/ui/templates/ingress.yaml @@ -0,0 +1,50 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ui.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ui.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- with .Values.ingress.tls }} + - hosts: + - {{ .host | quote }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- with .Values.ingress }} + - host: {{ .host}} + http: + paths: + - path: {{ .path }} + pathType: {{ .pathType }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- end }} +{{- end }} diff --git a/k8s-cd/charts/ui/templates/service.yaml b/k8s-cd/charts/ui/templates/service.yaml new file mode 100644 index 0000000000..80c6956c21 --- /dev/null +++ b/k8s-cd/charts/ui/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "ui.fullname" . }} + labels: + {{- include "ui.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.httpPort }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ui.selectorLabels" . | nindent 4 }} diff --git a/k8s-cd/charts/ui/templates/serviceaccount.yaml b/k8s-cd/charts/ui/templates/serviceaccount.yaml new file mode 100644 index 0000000000..7ab0824eca --- /dev/null +++ b/k8s-cd/charts/ui/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ui.serviceAccountName" . }} + labels: + {{- include "ui.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/k8s-cd/charts/ui/values.yaml b/k8s-cd/charts/ui/values.yaml new file mode 100644 index 0000000000..7441547292 --- /dev/null +++ b/k8s-cd/charts/ui/values.yaml @@ -0,0 +1,89 @@ +# Default values for ui. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: "" + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +deployment: + annotations: + reloader.stakater.com/search: "true" + extraAnnotations: [] + +extraEnvs: [] +extraVolumes: [] +extraVolumeMounts: [] + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +httpPort: 3000 + +service: + type: ClusterIP + port: 3000 + +ingress: + enabled: false + className: "nginx" + annotations: {} + host: chart-example.local + path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/k8s-cd/charts/values.template.yaml b/k8s-cd/charts/values.template.yaml new file mode 100644 index 0000000000..6ff48fe483 --- /dev/null +++ b/k8s-cd/charts/values.template.yaml @@ -0,0 +1,13 @@ +backend: + image: + repository: hownamee/yas-{{service}} + tag: latest + + nameOverride: {{service}} + fullnameOverride: {{service}} + databaseName: {{service}} + + ingress: + enabled: true + host: api.yas.local.com + path: /{{service}} \ No newline at end of file diff --git a/k8s-cd/charts/webhook/.helmignore b/k8s-cd/charts/webhook/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/webhook/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/webhook/Chart.yaml b/k8s-cd/charts/webhook/Chart.yaml new file mode 100644 index 0000000000..360f493be1 --- /dev/null +++ b/k8s-cd/charts/webhook/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: webhook +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-cd/charts/webhook/templates/_helpers.tpl b/k8s-cd/charts/webhook/templates/_helpers.tpl new file mode 100644 index 0000000000..101c73d6a5 --- /dev/null +++ b/k8s-cd/charts/webhook/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "webhook.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "webhook.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "webhook.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "webhook.labels" -}} +helm.sh/chart: {{ include "webhook.chart" . }} +{{ include "webhook.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "webhook.selectorLabels" -}} +app.kubernetes.io/name: {{ include "webhook.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "webhook.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "webhook.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/charts/webhook/values.yaml b/k8s-cd/charts/webhook/values.yaml new file mode 100644 index 0000000000..67193d35f1 --- /dev/null +++ b/k8s-cd/charts/webhook/values.yaml @@ -0,0 +1,8 @@ +backend: + image: + repository: hownamee/yas-webhook + tag: latest + + nameOverride: webhook + fullnameOverride: webhook + databaseName: webhook diff --git a/k8s-cd/charts/yas-configuration/.helmignore b/k8s-cd/charts/yas-configuration/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/charts/yas-configuration/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/charts/yas-configuration/Chart.yaml b/k8s-cd/charts/yas-configuration/Chart.yaml new file mode 100644 index 0000000000..b9b21e4f55 --- /dev/null +++ b/k8s-cd/charts/yas-configuration/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: yas-configuration +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.4.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.1.0" + +dependencies: + - name: reloader + version: 1.0.29 + repository: https://stakater.github.io/stakater-charts \ No newline at end of file diff --git a/k8s-cd/charts/yas-configuration/README.md b/k8s-cd/charts/yas-configuration/README.md new file mode 100644 index 0000000000..19e7b78eea --- /dev/null +++ b/k8s-cd/charts/yas-configuration/README.md @@ -0,0 +1 @@ +The chart contain common configmap and secret for all applications in yas system \ No newline at end of file diff --git a/k8s-cd/charts/yas-configuration/templates/yas-configurations.configmap.yaml b/k8s-cd/charts/yas-configuration/templates/yas-configurations.configmap.yaml new file mode 100644 index 0000000000..0372068112 --- /dev/null +++ b/k8s-cd/charts/yas-configuration/templates/yas-configurations.configmap.yaml @@ -0,0 +1,157 @@ +#Configmap of general application config for all microservices +apiVersion: v1 +kind: ConfigMap +metadata: + name: yas-configuration-configmap + annotations: + reloader.stakater.com/match: "true" +data: + application.yaml: | + {{- tpl (toYaml .Values.applicationConfig) . | nindent 4 }} + logback.xml: | + {{- .Values.logbackConfig | nindent 4 }} +--- +#Configmap of gateway routes config for bff microservices +apiVersion: v1 +kind: ConfigMap +metadata: + name: yas-gateway-routes-config-configmap + annotations: + reloader.stakater.com/match: "true" +data: + gateway-routes-config.yaml: | + {{- tpl (toYaml .Values.gatewayRoutesConfig) . | nindent 4 }} +--- +#Configmap for backoffice-bff extra +apiVersion: v1 +kind: ConfigMap +metadata: + name: backoffice-bff-extra-configmap + annotations: + reloader.stakater.com/match: "true" +data: + backoffice-bff-extra-config.yaml: | + {{- tpl (toYaml .Values.backofficeBffExtraConfig) . | nindent 4 }} +--- +#Configmap for storefront-bff extra +apiVersion: v1 +kind: ConfigMap +metadata: + name: storefront-bff-extra-configmap + annotations: + reloader.stakater.com/match: "true" +data: + storefront-bff-extra-config.yaml: | + {{- tpl (toYaml .Values.storefrontBffExtraConfig) . | nindent 4 }} +--- +# Configmap for media application config custom +apiVersion: v1 +kind: ConfigMap +metadata: + name: media-application-configmap + annotations: + reloader.stakater.com/match: "true" +data: + media-application.yaml: | + {{- tpl (toYaml .Values.mediaApplicationConfig) . | nindent 4 }} +--- +#Configmap for customer application config custom +apiVersion: v1 +kind: ConfigMap +metadata: + name: customer-application-configmap + annotations: + reloader.stakater.com/match: "true" +data: + customer-application.yaml: | + {{ tpl (toYaml .Values.customerApplicationConfig) . | nindent 4 }} +--- +# Configmap of search application config custom +apiVersion: v1 +kind: ConfigMap +metadata: + name: search-application-configmap + annotations: + reloader.stakater.com/match: "true" +data: + search-application.yaml: | + {{ tpl (toYaml .Values.searchApplicationConfig) . | nindent 4 }} +--- +# Configmap of cart application config custom +apiVersion: v1 +kind: ConfigMap +metadata: + name: cart-application-configmap + annotations: + reloader.stakater.com/match: "true" +data: + cart-application.yaml: | + {{ tpl (toYaml .Values.cartApplicationConfig) . | nindent 4 }} +--- +# Configmap of order application config custom +apiVersion: v1 +kind: ConfigMap +metadata: + name: order-application-configmap + annotations: + reloader.stakater.com/match: "true" +data: + order-application.yaml: | + {{ tpl (toYaml .Values.orderApplicationConfig) . | nindent 4 }} +--- +# Configmap of payment application config custom +apiVersion: v1 +kind: ConfigMap +metadata: + name: payment-application-configmap + annotations: + reloader.stakater.com/match: "true" +data: + payment-application.yaml: | + {{ tpl (toYaml .Values.paymentApplicationConfig) . | nindent 4 }} +--- +# Configmap of payment-paypal application config custom +apiVersion: v1 +kind: ConfigMap +metadata: + name: payment-paypal-application-configmap + annotations: + reloader.stakater.com/match: "true" +data: + payment-paypal-application.yaml: | + {{ tpl (toYaml .Values.paymentPaypalApplicationConfig) . | nindent 4 }} +--- +# Configmap of production application config custom +apiVersion: v1 +kind: ConfigMap +metadata: + name: product-application-configmap + annotations: + reloader.stakater.com/match: "true" +data: + product-application.yaml: | + {{ tpl (toYaml .Values.productApplicationConfig) . | nindent 4 }} + +--- +# Configmap of recommendation application config custom +apiVersion: v1 +kind: ConfigMap +metadata: + name: recommendation-application-configmap + annotations: + reloader.stakater.com/match: "true" +data: + recommendation-application.yaml: | + {{ tpl (toYaml .Values.recommendationApplicationConfig) . | nindent 4 }} + +--- +# Configmap of sampledata application config custom +apiVersion: v1 +kind: ConfigMap +metadata: + name: sampledata-application-configmap + annotations: + reloader.stakater.com/match: "true" +data: + sampledata-application.yaml: | + {{ tpl (toYaml .Values.sampledataApplicationConfig) . | nindent 4 }} \ No newline at end of file diff --git a/k8s-cd/charts/yas-configuration/templates/yas-credentials.secret.yaml b/k8s-cd/charts/yas-configuration/templates/yas-credentials.secret.yaml new file mode 100644 index 0000000000..d3279e5ff6 --- /dev/null +++ b/k8s-cd/charts/yas-configuration/templates/yas-credentials.secret.yaml @@ -0,0 +1,57 @@ +apiVersion: v1 +kind: Secret +metadata: + name: yas-postgresql-credentials-secret + annotations: + reloader.stakater.com/match: "true" +type: Opaque +data: + POSTGRESQL_USERNAME: {{ .Values.credentials.postgresql.username | b64enc }} + POSTGRESQL_PASSWORD: {{ .Values.credentials.postgresql.password | b64enc }} + +--- +apiVersion: v1 +kind: Secret +metadata: + name: yas-elasticsearch-credentials-secret + annotations: + reloader.stakater.com/match: "true" +type: Opaque +data: + ELASTICSEARCH_USERNAME: {{ .Values.credentials.elasticsearch.username | b64enc }} + ELASTICSEARCH_PASSWORD: {{ .Values.credentials.elasticsearch.password | b64enc }} + +--- +apiVersion: v1 +kind: Secret +metadata: + name: yas-keycloak-credentials-secret + annotations: + reloader.stakater.com/match: "true" +type: Opaque +data: + KEYCLOAK_BACKOFFICE_BFF_CLIENT_SECRET: {{ .Values.credentials.keycloak.backofficeBffClientSecret | b64enc }} + KEYCLOAK_STOREFRONT_BFF_CLIENT_SECRET: {{ .Values.credentials.keycloak.storefrontBffClientSecret | b64enc }} + KEYCLOAK_CUSTOMER_MANAGEMENT_CLIENT_SECRET: {{ .Values.credentials.keycloak.customerManagementClientSecret | b64enc }} + +--- +apiVersion: v1 +kind: Secret +metadata: + name: yas-redis-credentials-secret + annotations: + reloader.stakater.com/match: "true" +type: Opaque +data: + REDIS_PASSWORD: {{ .Values.credentials.redis.password | b64enc }} + +--- +apiVersion: v1 +kind: Secret +metadata: + name: yas-openai-api-key-secret + annotations: + reloader.stakater.com/match: "true" +type: Opaque +data: + OPENAI_API_KEY: {{ .Values.credentials.openai.apiKey | b64enc }} \ No newline at end of file diff --git a/k8s-cd/charts/yas-configuration/values.yaml b/k8s-cd/charts/yas-configuration/values.yaml new file mode 100644 index 0000000000..246e0c8f35 --- /dev/null +++ b/k8s-cd/charts/yas-configuration/values.yaml @@ -0,0 +1,316 @@ +credentials: + postgresql: + username: yasadminuser + password: admin + elasticsearch: + username: yas + password: LarUmB3A49NTg9YmgW4= + keycloak: + backofficeBffClientSecret: TVacLC0cQ8tiiEKiTVerTb2YvwQ1TRJF + storefrontBffClientSecret: ZrU9I0q2uXBglBnmvyJdkl1lf0ncr8tn + customerManagementClientSecret: NKAr3rnjwm9jlakgKpelukZGFaHYqIWE + redis: + password: redis + openai: + apiKey: update-me + +global: + domain: yas.local.com + envTag: "" + +#Genneral application.yaml for all microservice +applicationConfig: + server: + shutdown: graceful + port: 80 + + management: + otlp: + tracing: + endpoint: http://opentelemetry-collector.observability:4318/v1/traces + server: + port: 8090 + health: + readinessstate: + enabled: true + livenessstate: + enabled: true + tracing: + sampling: + probability: 1.0 + metrics: + tags: + application: ${spring.application.name} + endpoints: + web: + exposure: + include: prometheus, health + endpoint: + health: + probes: + enabled: true + show-details: always + + logging: + pattern: + level: application=${spring.application.name} traceId=%X{traceId:-} spanId=%X{spanId:-} level=%level + + spring: + lifecycle: + timeout-per-shutdown-phase: 30s + security: + oauth2: + resourceserver: + jwt: + issuer-uri: http://identity{{ if .Values.global.envTag }}-{{ .Values.global.envTag }}{{ end }}.{{ .Values.global.domain }}/realms/Yas + + datasource: + url: + username: ${POSTGRESQL_USERNAME} + password: ${POSTGRESQL_PASSWORD} + kafka: + bootstrap-servers: kafka-cluster-kafka-brokers:9092 + consumer: + bootstrap-servers: kafka-cluster-kafka-brokers:9092 + + springdoc: + oauthflow: + authorization-url: http://identity{{ if .Values.global.envTag }}-{{ .Values.global.envTag }}{{ end }}.{{ .Values.global.domain }}/realms/Yas/protocol/openid-connect/auth + token-url: http://identity{{ if .Values.global.envTag }}-{{ .Values.global.envTag }}{{ end }}.{{ .Values.global.domain }}/realms/Yas/protocol/openid-connect/token + + yas: + services: + cart: http://cart/cart + customer: http://customer/customer + inventory: http://inventory/inventory + location: http://location/location + media: http://media/media + order: http://order/order + payment: http://payment/payment + payment-paypal: http://payment-paypal/payment-paypal + product: http://product/product + promotion: http://promotion/promotion + rating: http://rating/rating + search: http://search/search + tax: http://tax/tax + sampledata: http://sampledata/sampledata + recommendation: http://recommendation/recommendation + +# Gateway config for bff microservices +gatewayRoutesConfig: + spring: + cloud: + gateway: + routes: + - id: product_api + uri: http://product + predicates: + - Path=/api/product/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: location_api + uri: http://location + predicates: + - Path=/api/location/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: inventory_api + uri: http://inventory + predicates: + - Path=/api/inventory/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: cart_api + uri: http://cart + predicates: + - Path=/api/cart/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: customer_api + uri: http://customer + predicates: + - Path=/api/customer/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: media_api + uri: http://media + predicates: + - Path=/api/media/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: rating_api + uri: http://rating + predicates: + - Path=/api/rating/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: tax_api + uri: http://tax + predicates: + - Path=/api/tax/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: promotion_api + uri: http://protion + predicates: + - Path=/api/promotion/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: search_api + uri: http://search + predicates: + - Path=/api/search/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: order_api + uri: http://order + predicates: + - Path=/api/order/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: recommendation_api + uri: http://recommendation + predicates: + - Path=/api/recommendation/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: webhook_api + uri: http://webhook + predicates: + - Path=/api/webhook/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: sampledata_api + uri: http://sampledata + predicates: + - Path=/api/sampledata/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: ui + uri: ${UI_HOST} + predicates: + - Path=/** + +backofficeBffExtraConfig: + spring: + data: + redis: + host: redis-master + password: ${REDIS_PASSWORD} + port: 6379 + security: + oauth2: + client: + provider: + keycloak: + issuer-uri: http://identity{{ if .Values.global.envTag }}-{{ .Values.global.envTag }}{{ end }}.{{ .Values.global.domain }}/realms/Yas + registration: + api-client: + provider: keycloak + client-id: backoffice-bff + client-secret: ${KEYCLOAK_BACKOFFICE_BFF_CLIENT_SECRET} + scope: openid, profile, email, roles + +storefrontBffExtraConfig: + spring: + data: + redis: + host: redis-master + password: ${REDIS_PASSWORD} + port: 6379 + security: + oauth2: + client: + provider: + keycloak: + issuer-uri: http://identity{{ if .Values.global.envTag }}-{{ .Values.global.envTag }}{{ end }}.{{ .Values.global.domain }}/realms/Yas + registration: + api-client: + provider: keycloak + client-id: storefront-bff + client-secret: ${KEYCLOAK_STOREFRONT_BFF_CLIENT_SECRET} + scope: openid, profile, email, roles + +# Media application config custom +mediaApplicationConfig: + server: + servlet: + context-path: /media + yas: + publicUrl: http://api{{ if .Values.global.envTag }}-{{ .Values.global.envTag }}{{ end }}.{{ .Values.global.domain }}/media + +# Customer application config custom +customerApplicationConfig: + keycloak: + auth-server-url: http://identity{{ if .Values.global.envTag }}-{{ .Values.global.envTag }}{{ end }}.{{ .Values.global.domain }} + realm: Yas + resource: customer-management + credentials: + secret: ${KEYCLOAK_CUSTOMER_MANAGEMENT_CLIENT_SECRET} + +# Search application config custom +searchApplicationConfig: + elasticsearch: + url: elasticsearch-es-http + username: ${ELASTICSEARCH_USERNAME} + password: ${ELASTICSEARCH_PASSWORD} + +# Payment-paypal application config custom +paymentPaypalApplicationConfig: + yas: + public: + url: http://storefront{{ if .Values.global.envTag }}-{{ .Values.global.envTag }}{{ end }}.{{ .Values.global.domain }}/complete-payment + +# Recommendation application config custom +recommendationApplicationConfig: + spring: + ai: + azure: + openai: + api-key: ${OPENAI_API_KEY} + endpoint: https://product-recommendation.openai.azure.com + embedding: + options: + model: text-embedding-3-small + +sampledataApplicationConfig: + spring: + datasource: + product: + url: jdbc:postgresql://postgresql:5432/product + media: + url: jdbc:postgresql://postgresql:5432/media + +logbackConfig: | + + + + + + + + + + + + + +reloader: + nameOverride: "yas-reloader" + fullnameOverride: "yas-reloader" + reloader: + watchGlobally: false \ No newline at end of file diff --git a/k8s-cd/deploy/01-setup-operators.sh b/k8s-cd/deploy/01-setup-operators.sh new file mode 100755 index 0000000000..5d4a3f7743 --- /dev/null +++ b/k8s-cd/deploy/01-setup-operators.sh @@ -0,0 +1,90 @@ +#!/bin/bash +set -x + +# Add chart repos and update +helm repo add postgres-operator-charts https://opensource.zalando.com/postgres-operator/charts/postgres-operator +helm repo add strimzi https://strimzi.io/charts/ +helm repo add elastic https://helm.elastic.co +helm repo add grafana https://grafana.github.io/helm-charts +helm repo add prometheus-community https://prometheus-community.github.io/helm-charts +helm repo add open-telemetry https://open-telemetry.github.io/opentelemetry-helm-charts +helm repo add jetstack https://charts.jetstack.io +helm repo update + +# Read configuration value from cluster-config.yaml file +read -rd '' DOMAIN GRAFANA_USERNAME GRAFANA_PASSWORD POSTGRESQL_USERNAME POSTGRESQL_PASSWORD \ +< <(yq -r '.domain, .grafana.username, .grafana.password, .postgresql.username, .postgresql.password' ./cluster-config.yaml) + +NAMESPACE="${YAS_NAMESPACE:-yas}" + +# Install cert manager +helm upgrade --install cert-manager jetstack/cert-manager \ + --namespace cert-manager \ + --create-namespace \ + --version v1.12.0 \ + --set installCRDs=true \ + --set prometheus.enabled=false \ + --set webhook.timeoutSeconds=4 \ + --set admissionWebhooks.certManager.create=true + +# Install the postgres-operator +helm upgrade --install postgres-operator postgres-operator-charts/postgres-operator \ + --create-namespace --namespace postgres + +# Install strimzi-kafka-operator +helm upgrade --install kafka-operator strimzi/strimzi-kafka-operator \ +--create-namespace --namespace kafka \ +--version 0.38.0 \ +-f ./kafka/kafka-operator.values.yaml + +# Install elastic-operator +helm upgrade --install elastic-operator elastic/eck-operator \ + --create-namespace --namespace elasticsearch + +# Install opentelemetry-operator +helm upgrade --install opentelemetry-operator open-telemetry/opentelemetry-operator \ +--create-namespace --namespace observability + +# Wait for OpenTelemetry Operator to be ready +kubectl wait --for=condition=available --timeout=120s deployment/opentelemetry-operator -n observability +sleep 10 + +# Install opentelemetry-collector +helm upgrade --install opentelemetry-collector ./observability/opentelemetry \ +--create-namespace --namespace observability + +# Install loki +helm upgrade --install loki grafana/loki \ + --create-namespace --namespace observability \ + -f ./observability/loki.values.yaml \ + --set loki.useTestSchema=true + +# Install tempo +helm upgrade --install tempo grafana/tempo \ +--create-namespace --namespace observability \ +-f ./observability/tempo.values.yaml + +# Install promtail +helm upgrade --install promtail grafana/promtail \ +--create-namespace --namespace observability \ +--values ./observability/promtail.values.yaml + +# Install prometheus + grafana +grafana_hostname="grafana.$DOMAIN" yq -i '.hostname=env(grafana_hostname)' ./observability/prometheus.values.yaml +helm upgrade --install prometheus prometheus-community/kube-prometheus-stack \ + --create-namespace --namespace observability \ +-f ./observability/prometheus.values.yaml + +# Install grafana operator +helm upgrade --install grafana-operator oci://ghcr.io/grafana-operator/helm-charts/grafana-operator \ +--version v5.0.2 \ +--create-namespace --namespace observability + +# Add datasource and dashboard to grafana +helm upgrade --install grafana ./observability/grafana \ +--create-namespace --namespace observability \ +--set hotname="grafana.$DOMAIN" \ +--set grafana.username="$GRAFANA_USERNAME" \ +--set grafana.password="$GRAFANA_PASSWORD" + +echo ">>> Xong Giai đoạn 1: Các Operator và Observability đã được cài đặt vào các namespace độc lập." diff --git a/k8s-cd/deploy/02-setup-data-layer.sh b/k8s-cd/deploy/02-setup-data-layer.sh new file mode 100755 index 0000000000..ce388a86d4 --- /dev/null +++ b/k8s-cd/deploy/02-setup-data-layer.sh @@ -0,0 +1,102 @@ +#!/bin/bash +set -x + +helm repo add akhq https://akhq.io/ +helm repo update + +# Read configuration value from cluster-config.yaml file +read -rd '' DOMAIN POSTGRESQL_REPLICAS POSTGRESQL_USERNAME POSTGRESQL_PASSWORD \ +KAFKA_REPLICAS ZOOKEEPER_REPLICAS ELASTICSEARCH_REPLICAS REDIS_PASSWORD \ +BOOTSTRAP_ADMIN_USERNAME BOOTSTRAP_ADMIN_PASSWORD \ +KEYCLOAK_BACKOFFICE_REDIRECT_URL KEYCLOAK_STOREFRONT_REDIRECT_URL \ +< <(yq -r '.domain, .postgresql.replicas, .postgresql.username, + .postgresql.password, .kafka.replicas, .zookeeper.replicas, + .elasticsearch.replicas, .redis.password, + .keycloak.bootstrapAdmin.username, .keycloak.bootstrapAdmin.password, + .keycloak.backofficeRedirectUrl, .keycloak.storefrontRedirectUrl' ./cluster-config.yaml) + +NAMESPACE="${YAS_NAMESPACE:-yas}" + +# Construct dynamic domains +if [ -n "$ENV_TAG" ]; then + IDENTITY_HOST="identity-$ENV_TAG.$DOMAIN" + PGADMIN_HOST="pgadmin-$ENV_TAG.$DOMAIN" + AKHQ_HOST="akhq-$ENV_TAG.$DOMAIN" + KIBANA_HOST="kibana-$ENV_TAG.$DOMAIN" + BACKOFFICE_REDIRECT_URL="http://backoffice-$ENV_TAG.$DOMAIN" + STOREFRONT_REDIRECT_URL="http://storefront-$ENV_TAG.$DOMAIN" + API_REDIRECT_URL="http://api-$ENV_TAG.$DOMAIN" +else + IDENTITY_HOST="identity.$DOMAIN" + PGADMIN_HOST="pgadmin.$DOMAIN" + AKHQ_HOST="akhq.$DOMAIN" + KIBANA_HOST="kibana.$DOMAIN" + BACKOFFICE_REDIRECT_URL="$KEYCLOAK_BACKOFFICE_REDIRECT_URL" + STOREFRONT_REDIRECT_URL="$KEYCLOAK_STOREFRONT_REDIRECT_URL" + API_REDIRECT_URL="http://api.$DOMAIN" +fi + +# Create yas namespace if not exists +kubectl create namespace "$NAMESPACE" || true + +# Install postgresql +helm upgrade --install postgres ./postgres/postgresql \ +--namespace "$NAMESPACE" \ +--set replicas="$POSTGRESQL_REPLICAS" \ +--set username="$POSTGRESQL_USERNAME" \ +--set password="$POSTGRESQL_PASSWORD" + +# Install pgadmin +pg_admin_hostname="$PGADMIN_HOST" yq -i '.hostname=env(pg_admin_hostname)' ./postgres/pgadmin/values.yaml +helm upgrade --install pgadmin ./postgres/pgadmin \ +--namespace "$NAMESPACE" + +# Install zookeeper +helm upgrade --install zookeeper ./zookeeper \ + --namespace "$NAMESPACE" + +# Install kafka and postgresql connector +helm upgrade --install kafka-cluster ./kafka/kafka-cluster \ +--namespace "$NAMESPACE" \ +--set kafka.replicas="$KAFKA_REPLICAS" \ +--set zookeeper.replicas="$ZOOKEEPER_REPLICAS" \ +--set postgresql.username="$POSTGRESQL_USERNAME" \ +--set postgresql.password="$POSTGRESQL_PASSWORD" + +# Install akhq +akhq_hostname="$AKHQ_HOST" yq -i '.hostname=env(akhq_hostname)' ./kafka/akhq.values.yaml +helm upgrade --install akhq akhq/akhq \ +--namespace "$NAMESPACE" \ +--values ./kafka/akhq.values.yaml + +# Install elasticsearch-cluster +helm upgrade --install elasticsearch-cluster ./elasticsearch/elasticsearch-cluster \ +--namespace "$NAMESPACE" \ +--set elasticsearch.replicas="$ELASTICSEARCH_REPLICAS" \ +--set kibana.ingress.hostname="$KIBANA_HOST" + +# Install Redis +helm upgrade --install redis \ + --set auth.password="$REDIS_PASSWORD" \ + oci://registry-1.docker.io/bitnamicharts/redis -n "$NAMESPACE" + +# Install Keycloak CRDs +kubectl apply -f https://raw.githubusercontent.com/keycloak/keycloak-k8s-resources/26.0.2/kubernetes/keycloaks.k8s.keycloak.org-v1.yml +kubectl apply -f https://raw.githubusercontent.com/keycloak/keycloak-k8s-resources/26.0.2/kubernetes/keycloakrealmimports.k8s.keycloak.org-v1.yml +kubectl apply -f https://raw.githubusercontent.com/keycloak/keycloak-k8s-resources/26.0.2/kubernetes/kubernetes.yml -n "$NAMESPACE" + +# Install keycloak +helm upgrade --install keycloak ./keycloak/keycloak \ +--namespace "$NAMESPACE" \ +--set hostname="$IDENTITY_HOST" \ +--set postgresql.username="$POSTGRESQL_USERNAME" \ +--set postgresql.password="$POSTGRESQL_PASSWORD" \ +--set bootstrapAdmin.username="$BOOTSTRAP_ADMIN_USERNAME" \ +--set bootstrapAdmin.password="$BOOTSTRAP_ADMIN_PASSWORD" \ +--set backofficeRedirectUrl="$BACKOFFICE_REDIRECT_URL" \ +--set storefrontRedirectUrl="$STOREFRONT_REDIRECT_URL" \ +--set apiRedirectUrl="$API_REDIRECT_URL" \ +--set global.domain="$DOMAIN" \ +--set global.envTag="$ENV_TAG" + +echo ">>> Xong Giai đoạn 2.1: Data Instances đã được cài vào namespace '$NAMESPACE' với domain prefix '$ENV_TAG'." diff --git a/k8s-cd/deploy/03-deploy-apps.sh b/k8s-cd/deploy/03-deploy-apps.sh new file mode 100755 index 0000000000..327cb0d142 --- /dev/null +++ b/k8s-cd/deploy/03-deploy-apps.sh @@ -0,0 +1,89 @@ +#!/bin/bash +set -x + +helm repo add stakater https://stakater.github.io/stakater-charts +helm repo update + +read -rd '' DOMAIN \ +< <(yq -r '.domain' ./cluster-config.yaml) + +NAMESPACE="${YAS_NAMESPACE:-yas}" + +# Construct dynamic domains +if [ -n "$ENV_TAG" ]; then + IDENTITY_HOST="identity-$ENV_TAG.$DOMAIN" + BACKOFFICE_HOST="backoffice-$ENV_TAG.$DOMAIN" + STOREFRONT_HOST="storefront-$ENV_TAG.$DOMAIN" + API_HOST="api-$ENV_TAG.$DOMAIN" +else + IDENTITY_HOST="identity.$DOMAIN" + BACKOFFICE_HOST="backoffice.$DOMAIN" + STOREFRONT_HOST="storefront.$DOMAIN" + API_HOST="api.$DOMAIN" +fi + +# Create namespace yas if not exists +kubectl create namespace "$NAMESPACE" || true + +echo ">>> Deploying YAS Configuration (including Reloader)..." +helm dependency build ../charts/yas-configuration +helm upgrade --install yas-configuration ../charts/yas-configuration \ +--namespace "$NAMESPACE" \ +--set global.domain="$DOMAIN" \ +--set global.envTag="$ENV_TAG" + +sleep 50 + +echo ">>> Deploying Backoffice..." +helm dependency build ../charts/backoffice-bff +helm upgrade --install backoffice-bff ../charts/backoffice-bff \ +--namespace "$NAMESPACE" \ +--set backend.ingress.host="$BACKOFFICE_HOST" \ +--set global.domain="$DOMAIN" \ +--set global.envTag="$ENV_TAG" + +helm dependency build ../charts/backoffice-ui +helm upgrade --install backoffice-ui ../charts/backoffice-ui \ +--namespace "$NAMESPACE" \ +--set ingress.host="$BACKOFFICE_HOST" \ +--set ui.extraEnvs[0].name=API_BASE_PATH \ +--set ui.extraEnvs[0].value="http://$BACKOFFICE_HOST/api" + +sleep 50 + +echo ">>> Deploying Storefront..." +helm dependency build ../charts/storefront-bff +helm upgrade --install storefront-bff ../charts/storefront-bff \ +--namespace "$NAMESPACE" \ +--set backend.ingress.host="$STOREFRONT_HOST" \ +--set global.domain="$DOMAIN" \ +--set global.envTag="$ENV_TAG" + +helm dependency build ../charts/storefront-ui +helm upgrade --install storefront-ui ../charts/storefront-ui \ +--namespace "$NAMESPACE" \ +--set ingress.host="$STOREFRONT_HOST" \ +--set ui.extraEnvs[0].name=API_BASE_PATH \ +--set ui.extraEnvs[0].value="http://$STOREFRONT_HOST/api" + +sleep 50 + +echo ">>> Deploying Swagger UI..." +helm upgrade --install swagger-ui ../charts/swagger-ui \ +--namespace "$NAMESPACE" \ +--set ingress.host="$API_HOST" + +sleep 50 + +echo ">>> Deploying Core Microservices..." +for chart in {"cart","customer","inventory","location","media","order","payment","product","promotion","rating","search","tax","recommendation","webhook","sampledata"} ; do + helm dependency build ../charts/"$chart" + helm upgrade --install "$chart" ../charts/"$chart" \ + --namespace "$NAMESPACE" \ + --set backend.ingress.host="$API_HOST" \ + --set global.domain="$DOMAIN" \ + --set global.envTag="$ENV_TAG" + sleep 50 +done + +echo ">>> Xong Giai đoạn 2.2: Tất cả Microservices và UI đã được cài vào namespace '$NAMESPACE' với domain prefix '$ENV_TAG'." diff --git a/k8s-cd/deploy/DeployCLI.md b/k8s-cd/deploy/DeployCLI.md new file mode 100755 index 0000000000..5c9a72b3ec --- /dev/null +++ b/k8s-cd/deploy/DeployCLI.md @@ -0,0 +1,68 @@ +# Deploy YAS K8s (Hybrid Architecture) + +## 0. Khởi động Minikube + +Khởi tạo cụm và bật addon Ingress (bỏ qua bước cài Ingress Controller thủ công): + +```bash +minikube start --driver=docker --disk-size='80000mb' --memory='18g' --cpus='7' --kubernetes-version=v1.29.0 +minikube addons enable ingress +``` + +## 1. Triển khai Hệ thống (Kiến trúc Hybrid) + +Di chuyển vào thư mục `deploy` và chạy tuần tự các script theo đúng 3 giai đoạn: + +```bash +cd k8s-cd/deploy/ +export YAS_NAMESPACE="yas-13" +export ENV_TAG="dev-13" +./01-setup-operators.sh +./02-setup-data-layer.sh +./03-deploy-apps.sh +``` + +## 2. Cấu hình Local DNS (Mapping Domain) + +```bash +kubectl get nodes -o wide + +sudo nano /etc/hosts +``` + +*Thêm nội dung sau vào file `/etc/hosts`. Nếu bạn có đặt `ENV_TAG`, hãy thêm suffix tương ứng:* + +### Nếu KHÔNG dùng ENV_TAG: +```text +192.168.49.2 pgoperator.yas.local.com +192.168.49.2 pgadmin.yas.local.com +192.168.49.2 akhq.yas.local.com +192.168.49.2 kibana.yas.local.com +192.168.49.2 identity.yas.local.com +192.168.49.2 backoffice.yas.local.com +192.168.49.2 storefront.yas.local.com +192.168.49.2 grafana.yas.local.com +192.168.49.2 api.yas.local.com +``` + +### Nếu dùng ENV_TAG (ví dụ `dev-13`): +```text +192.168.49.2 identity-dev-13.yas.local.com +192.168.49.2 backoffice-dev-13.yas.local.com +192.168.49.2 storefront-dev-13.yas.local.com +192.168.49.2 api-dev-13.yas.local.com +192.168.49.2 pgadmin-dev-13.yas.local.com +192.168.49.2 akhq-dev-13.yas.local.com +192.168.49.2 kibana-dev-13.yas.local.com +192.168.49.2 grafana.yas.local.com +``` + +## 3. Teardown & Cleanup (Dọn dẹp cụm) + +Để gỡ bỏ toàn bộ hệ thống một cách sạch sẽ: + +```bash +export YAS_NAMESPACE="yas-13" +helm list -n "$YAS_NAMESPACE" -q | xargs -r helm uninstall -n "$YAS_NAMESPACE" +kubectl delete ns "$YAS_NAMESPACE" --ignore-not-found=true +``` diff --git a/k8s-cd/deploy/argocd.sh b/k8s-cd/deploy/argocd.sh new file mode 100755 index 0000000000..8f38cdd629 --- /dev/null +++ b/k8s-cd/deploy/argocd.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +set +e + +echo "📦 Creating namespace argocd..." +kubectl create namespace argocd || true + +echo "⚙️ Installing ArgoCD..." +kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml + +echo "⏳ Waiting for ArgoCD pods..." +kubectl wait --for=condition=available --timeout=300s deployment/argocd-server -n argocd + +echo "🌐 Exposing ArgoCD UI..." +kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "NodePort"}}' + +echo "🔑 Getting initial admin password..." +ARGO_PASS=$(kubectl -n argocd get secret argocd-initial-admin-secret \ + -o jsonpath="{.data.password}" | base64 -d) + +kubectl port-forward svc/argocd-server -n argocd 8080:443 & + +echo "" +echo "ArgoCD installed!" +echo "Access UI" +echo "Url: http://localhost:8080" +echo "User: admin" +echo "Password: $ARGO_PASS" + +kubectl apply -n argocd -f argocd/dev-app.yml +kubectl apply -n argocd -f argocd/staging-app.yml + +kubectl get pods -n argocd +kubectl get applications -n argocd diff --git a/k8s-cd/deploy/cluster-config.yaml b/k8s-cd/deploy/cluster-config.yaml new file mode 100755 index 0000000000..097013b8a6 --- /dev/null +++ b/k8s-cd/deploy/cluster-config.yaml @@ -0,0 +1,24 @@ +domain: yas.local.com +postgresql: + replicas: 1 + username: yasadminuser + password: admin +kafka: + replicas: 1 +zookeeper: + replicas: 1 +elasticsearch: + replicas: 1 + username: yas + password: LarUmB3A49NTg9YmgW4= +keycloak: + bootstrapAdmin: + username: admin + password: admin + backofficeRedirectUrl: http://backoffice.yas.local.com + storefrontRedirectUrl: http://storefront.yas.local.com +grafana: + username: admin + password: admin +redis: + password: redis \ No newline at end of file diff --git a/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/.helmignore b/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/.helmignore new file mode 100644 index 0000000000..c15212ef1d --- /dev/null +++ b/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/.helmignore @@ -0,0 +1,24 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ +templates/filerealm diff --git a/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/Chart.yaml b/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/Chart.yaml new file mode 100644 index 0000000000..61cd1aeb23 --- /dev/null +++ b/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: elasticsearch-cluster +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/filerealm/users b/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/filerealm/users new file mode 100644 index 0000000000..e828a47c3e --- /dev/null +++ b/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/filerealm/users @@ -0,0 +1 @@ +yas:$2a$10$0YmyY3Y4qhsUlDRqRoeslebIs3pEa.7Gay8R7XzWvMo2da7mkmLo. \ No newline at end of file diff --git a/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/templates/_helpers.tpl b/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/templates/_helpers.tpl new file mode 100644 index 0000000000..cfe9457f38 --- /dev/null +++ b/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "elasticsearch-cluster.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "elasticsearch-cluster.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "elasticsearch-cluster.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "elasticsearch-cluster.labels" -}} +helm.sh/chart: {{ include "elasticsearch-cluster.chart" . }} +{{ include "elasticsearch-cluster.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "elasticsearch-cluster.selectorLabels" -}} +app.kubernetes.io/name: {{ include "elasticsearch-cluster.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "elasticsearch-cluster.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "elasticsearch-cluster.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/templates/elasticsearch.yaml b/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/templates/elasticsearch.yaml new file mode 100644 index 0000000000..1d9d506a94 --- /dev/null +++ b/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/templates/elasticsearch.yaml @@ -0,0 +1,18 @@ +apiVersion: elasticsearch.k8s.elastic.co/v1 +kind: Elasticsearch +metadata: + name: elasticsearch +spec: + http: + tls: + selfSignedCertificate: + disabled: true + version: 8.8.1 + auth: + fileRealm: + - secretName: user-credentials-secret + nodeSets: + - name: node + count: {{ .Values.elasticsearch.replicas }} + config: + node.store.allow_mmap: false diff --git a/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/templates/kibana-ingress.yaml b/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/templates/kibana-ingress.yaml new file mode 100644 index 0000000000..030f08b816 --- /dev/null +++ b/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/templates/kibana-ingress.yaml @@ -0,0 +1,17 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: kibana-ingress +spec: + ingressClassName: {{ .Values.kibana.ingress.className }} + rules: + - host: {{ .Values.kibana.ingress.hostname }} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: kibana-kb-http + port: + number: 5601 \ No newline at end of file diff --git a/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/templates/kibana.yaml b/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/templates/kibana.yaml new file mode 100644 index 0000000000..5af5d00fff --- /dev/null +++ b/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/templates/kibana.yaml @@ -0,0 +1,13 @@ +apiVersion: kibana.k8s.elastic.co/v1 +kind: Kibana +metadata: + name: kibana +spec: + version: 8.8.1 + count: 1 + elasticsearchRef: + name: elasticsearch + http: + tls: + selfSignedCertificate: + disabled: true \ No newline at end of file diff --git a/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/templates/user-credentials.secret.yaml b/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/templates/user-credentials.secret.yaml new file mode 100644 index 0000000000..0f46520af3 --- /dev/null +++ b/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/templates/user-credentials.secret.yaml @@ -0,0 +1,12 @@ +kind: Secret +apiVersion: v1 +metadata: + name: user-credentials-secret +stringData: + {{- $files := .Files }} + users: |- + {{- range tuple "filerealm/users" }} + {{ $files.Get . }} + {{- end }} + users_roles: |- + superuser:yas \ No newline at end of file diff --git a/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/values.yaml b/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/values.yaml new file mode 100644 index 0000000000..12fc969fd3 --- /dev/null +++ b/k8s-cd/deploy/elasticsearch/elasticsearch-cluster/values.yaml @@ -0,0 +1,6 @@ +elasticsearch: + replicas: 1 +kibana: + ingress: + className: nginx + hostname: kibana.yas.local.com diff --git a/k8s-cd/deploy/kafka/akhq.values.yaml b/k8s-cd/deploy/kafka/akhq.values.yaml new file mode 100644 index 0000000000..22c8245fac --- /dev/null +++ b/k8s-cd/deploy/kafka/akhq.values.yaml @@ -0,0 +1,23 @@ +configuration: + akhq: + server: + access-log: + enabled: false + name: org.akhq.log.access + connections: + kafka-connection: + properties: + bootstrap.servers: kafka-cluster-kafka-bootstrap:9092 + connect: + - name: debezium-connect-cluster + url: http://debezium-connect-cluster-connect-api:8083 +hostname: &hostname akhq-dev-13.yas.local.com +ingress: + enabled: true + ingressClassName: nginx + annotations: {} + paths: + - / + hosts: + - *hostname + tls: [] diff --git a/k8s-cd/deploy/kafka/kafka-cluster/Chart.yaml b/k8s-cd/deploy/kafka/kafka-cluster/Chart.yaml new file mode 100644 index 0000000000..b4a342e362 --- /dev/null +++ b/k8s-cd/deploy/kafka/kafka-cluster/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: kafka-cluster +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/k8s-cd/deploy/kafka/kafka-cluster/templates/_helpers.tpl b/k8s-cd/deploy/kafka/kafka-cluster/templates/_helpers.tpl new file mode 100644 index 0000000000..78bf2fe072 --- /dev/null +++ b/k8s-cd/deploy/kafka/kafka-cluster/templates/_helpers.tpl @@ -0,0 +1,70 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "kafka.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "kafka.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "kafka.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "kafka.labels" -}} +helm.sh/chart: {{ include "kafka.chart" . }} +{{ include "kafka.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "kafka.selectorLabels" -}} +app.kubernetes.io/name: {{ include "kafka.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "kafka.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "kafka.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{- define "kafka.namespace" -}} +{{- if .Values.namespaceOverride }} +{{- .Values.namespaceOverride }} +{{- else }} +{{- .Release.Namespace }} +{{- end }} +{{- end }} diff --git a/k8s-cd/deploy/kafka/kafka-cluster/templates/credentials.secret.yaml b/k8s-cd/deploy/kafka/kafka-cluster/templates/credentials.secret.yaml new file mode 100644 index 0000000000..88b2e49f7c --- /dev/null +++ b/k8s-cd/deploy/kafka/kafka-cluster/templates/credentials.secret.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Secret +metadata: + name: postgresql.credentials +type: Opaque +data: + username: {{ .Values.postgresql.username | b64enc }} + password: {{ .Values.postgresql.password | b64enc }} \ No newline at end of file diff --git a/k8s-cd/deploy/kafka/kafka-cluster/templates/debezium-connect-cluster.yaml b/k8s-cd/deploy/kafka/kafka-cluster/templates/debezium-connect-cluster.yaml new file mode 100644 index 0000000000..73be167751 --- /dev/null +++ b/k8s-cd/deploy/kafka/kafka-cluster/templates/debezium-connect-cluster.yaml @@ -0,0 +1,33 @@ +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaConnect +metadata: + name: debezium-connect-cluster + annotations: + strimzi.io/use-connector-resources: "true" +spec: + replicas: 1 + bootstrapServers: kafka-cluster-kafka-bootstrap:9092 + image: {{ .Values.debeziumConnect.image }} + config: + config.providers: secrets + config.providers.secrets.class: io.strimzi.kafka.KubernetesSecretConfigProvider + group.id: connect-cluster + offset.storage.topic: kafka_connect_offsets + config.storage.topic: kafka_connect_configs + status.storage.topic: kafka_connect_status + # -1 means it will use the default replication factor configured in the broker + config.storage.replication.factor: -1 + offset.storage.replication.factor: -1 + status.storage.replication.factor: -1 + {{- if eq .Values.debeziumConnect.buildImage true }} + build: + output: + type: docker + image: {{ .Values.debeziumConnect.image }} + pushSecret: docker-registry.secret + plugins: + - name: debezium-postgresql-connector + artifacts: + - type: tgz + url: https://repo1.maven.org/maven2/io/debezium/debezium-connector-postgres/2.3.0.Final/debezium-connector-postgres-2.3.0.Final-plugin.tar.gz + {{- end }} \ No newline at end of file diff --git a/k8s-cd/deploy/kafka/kafka-cluster/templates/debezium-connector-postgresql-product-db.yaml b/k8s-cd/deploy/kafka/kafka-cluster/templates/debezium-connector-postgresql-product-db.yaml new file mode 100644 index 0000000000..e6993328f1 --- /dev/null +++ b/k8s-cd/deploy/kafka/kafka-cluster/templates/debezium-connector-postgresql-product-db.yaml @@ -0,0 +1,21 @@ +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaConnector +metadata: + name: debezium-connector-postgresql-product-db + labels: + strimzi.io/cluster: debezium-connect-cluster +spec: + class: io.debezium.connector.postgresql.PostgresConnector + config: + database.hostname: postgresql + database.port: 5432 + database.user: ${secrets:postgresql.credentials:username} + database.password: ${secrets:postgresql.credentials:password} + topic.prefix: dbproduct + database.dbname: product + table.include.list: public.product + schema.include.list: public + key.converter.schemas.enable: false + value.converter.schemas.enable: false + value.converter: org.apache.kafka.connect.json.JsonConverter + key.converter: org.apache.kafka.connect.json.JsonConverter \ No newline at end of file diff --git a/k8s-cd/deploy/kafka/kafka-cluster/templates/kafka-cluster.yaml b/k8s-cd/deploy/kafka/kafka-cluster/templates/kafka-cluster.yaml new file mode 100644 index 0000000000..564dce8f64 --- /dev/null +++ b/k8s-cd/deploy/kafka/kafka-cluster/templates/kafka-cluster.yaml @@ -0,0 +1,46 @@ +apiVersion: kafka.strimzi.io/v1beta2 +kind: Kafka +metadata: + name: kafka-cluster +spec: + kafka: + replicas: {{ .Values.kafka.replicas }} + listeners: + - name: plain + port: 9092 + type: internal + tls: false + - name: tls + port: 9093 + type: internal + tls: true + authentication: + type: tls + - name: external + port: 9094 + type: nodeport + tls: false + storage: + type: jbod + volumes: + - id: 0 + type: persistent-claim + size: 10Gi + deleteClaim: false + config: + offsets.topic.replication.factor: 1 + transaction.state.log.replication.factor: 1 + transaction.state.log.min.isr: 1 + default.replication.factor: 1 + min.insync.replicas: 1 + zookeeper: + replicas: {{ .Values.zookeeper.replicas }} + config: + quorumListenOnAllIPs: "true" + storage: + type: persistent-claim + size: {{ .Values.zookeeper.storeSize }} + deleteClaim: false + entityOperator: + topicOperator: {} + userOperator: {} \ No newline at end of file diff --git a/k8s-cd/deploy/kafka/kafka-cluster/templates/role-binding.yaml b/k8s-cd/deploy/kafka/kafka-cluster/templates/role-binding.yaml new file mode 100644 index 0000000000..a50a32784f --- /dev/null +++ b/k8s-cd/deploy/kafka/kafka-cluster/templates/role-binding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: connector-configuration-role-binding +subjects: + - kind: ServiceAccount + name: debezium-connect-cluster-connect + namespace: {{ include "kafka.namespace" . }} +roleRef: + kind: Role + name: connector-configuration-role + apiGroup: rbac.authorization.k8s.io \ No newline at end of file diff --git a/k8s-cd/deploy/kafka/kafka-cluster/templates/role.yaml b/k8s-cd/deploy/kafka/kafka-cluster/templates/role.yaml new file mode 100644 index 0000000000..28d1929944 --- /dev/null +++ b/k8s-cd/deploy/kafka/kafka-cluster/templates/role.yaml @@ -0,0 +1,9 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: connector-configuration-role +rules: + - apiGroups: [""] + resources: ["secrets"] + resourceNames: ["postgresql.credentials"] + verbs: ["get", "watch", "list"] \ No newline at end of file diff --git a/k8s-cd/deploy/kafka/kafka-cluster/values.yaml b/k8s-cd/deploy/kafka/kafka-cluster/values.yaml new file mode 100644 index 0000000000..9bf79352c0 --- /dev/null +++ b/k8s-cd/deploy/kafka/kafka-cluster/values.yaml @@ -0,0 +1,11 @@ +kafka: + replicas: 1 +zookeeper: + replicas: 1 + storeSize: 5Gi +postgresql: + username: yasadminuser + password: admin +debeziumConnect: + image: melyen/my-debezium-postgres:latest + buildImage: false #Enabled when build debezium-connect-postgresql image \ No newline at end of file diff --git a/k8s-cd/deploy/kafka/kafka-operator.values.yaml b/k8s-cd/deploy/kafka/kafka-operator.values.yaml new file mode 100644 index 0000000000..127405836e --- /dev/null +++ b/k8s-cd/deploy/kafka/kafka-operator.values.yaml @@ -0,0 +1 @@ +watchAnyNamespace: true diff --git a/k8s-cd/deploy/keycloak/keycloak/.helmignore b/k8s-cd/deploy/keycloak/keycloak/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/deploy/keycloak/keycloak/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/deploy/keycloak/keycloak/Chart.yaml b/k8s-cd/deploy/keycloak/keycloak/Chart.yaml new file mode 100644 index 0000000000..dc9b37c026 --- /dev/null +++ b/k8s-cd/deploy/keycloak/keycloak/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: keycloak +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/k8s-cd/deploy/keycloak/keycloak/templates/_helpers.tpl b/k8s-cd/deploy/keycloak/keycloak/templates/_helpers.tpl new file mode 100644 index 0000000000..5ae124b1ba --- /dev/null +++ b/k8s-cd/deploy/keycloak/keycloak/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "keycloak.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "keycloak.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "keycloak.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "keycloak.labels" -}} +helm.sh/chart: {{ include "keycloak.chart" . }} +{{ include "keycloak.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "keycloak.selectorLabels" -}} +app.kubernetes.io/name: {{ include "keycloak.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "keycloak.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "keycloak.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/deploy/keycloak/keycloak/templates/keycloak-credential.secret.yaml b/k8s-cd/deploy/keycloak/keycloak/templates/keycloak-credential.secret.yaml new file mode 100644 index 0000000000..72312d2fcd --- /dev/null +++ b/k8s-cd/deploy/keycloak/keycloak/templates/keycloak-credential.secret.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Secret +metadata: + name: keycloak-credentials +type: Opaque +data: + username: {{ .Values.bootstrapAdmin.username | b64enc }} + password: {{ .Values.bootstrapAdmin.password | b64enc }} \ No newline at end of file diff --git a/k8s-cd/deploy/keycloak/keycloak/templates/keycloak-yas-realm-import.yaml b/k8s-cd/deploy/keycloak/keycloak/templates/keycloak-yas-realm-import.yaml new file mode 100644 index 0000000000..db122f2bcd --- /dev/null +++ b/k8s-cd/deploy/keycloak/keycloak/templates/keycloak-yas-realm-import.yaml @@ -0,0 +1,2054 @@ +apiVersion: k8s.keycloak.org/v2alpha1 +kind: KeycloakRealmImport +metadata: + name: yas-realm-kc +spec: + keycloakCRName: keycloak + realm: + id: Yas + realm: Yas + notBefore: 0 + defaultSignatureAlgorithm: RS256 + revokeRefreshToken: false + refreshTokenMaxReuse: 0 + accessTokenLifespan: 300 + accessTokenLifespanForImplicitFlow: 900 + ssoSessionIdleTimeout: 1800 + ssoSessionMaxLifespan: 36000 + ssoSessionIdleTimeoutRememberMe: 0 + ssoSessionMaxLifespanRememberMe: 0 + offlineSessionIdleTimeout: 2592000 + offlineSessionMaxLifespanEnabled: false + offlineSessionMaxLifespan: 5184000 + clientSessionIdleTimeout: 0 + clientSessionMaxLifespan: 0 + clientOfflineSessionIdleTimeout: 0 + clientOfflineSessionMaxLifespan: 0 + accessCodeLifespan: 60 + accessCodeLifespanUserAction: 300 + accessCodeLifespanLogin: 1800 + actionTokenGeneratedByAdminLifespan: 43200 + actionTokenGeneratedByUserLifespan: 300 + oauth2DeviceCodeLifespan: 600 + oauth2DevicePollingInterval: 5 + enabled: true + sslRequired: none + registrationAllowed: true + registrationEmailAsUsername: false + rememberMe: false + verifyEmail: false + loginWithEmailAllowed: true + duplicateEmailsAllowed: false + resetPasswordAllowed: false + editUsernameAllowed: false + bruteForceProtected: false + permanentLockout: false + maxFailureWaitSeconds: 900 + minimumQuickLoginWaitSeconds: 60 + waitIncrementSeconds: 60 + quickLoginCheckMilliSeconds: 1000 + maxDeltaTimeSeconds: 43200 + failureFactor: 30 + roles: + realm: + - id: 2006cd24-9bfb-417d-8e0b-81ef33fac6cf + name: CUSTOMER + composite: false + clientRole: false + containerId: Yas + attributes: { } + - id: a4b40d5f-75d9-47d4-9119-eaf7db5a6c25 + name: uma_authorization + description: ${role_uma_authorization} + composite: false + clientRole: false + containerId: Yas + attributes: { } + - id: 514784fb-7137-4134-bad7-db373e7d398a + name: offline_access + description: ${role_offline-access} + composite: false + clientRole: false + containerId: Yas + attributes: { } + - id: f2da71cd-654f-4beb-8ec8-fa78d6fc1219 + name: default-roles-yas + description: ${role_default-roles} + composite: true + composites: + realm: + - offline_access + - CUSTOMER + - uma_authorization + clientRole: false + containerId: Yas + attributes: { } + - id: eadee165-c7b4-4508-bf60-937580c5d987 + name: ADMIN + composite: false + clientRole: false + containerId: Yas + attributes: { } + - id: 7cdd5ed7-4a2b-4b71-aa7a-f4b1085dd507 + name: GUEST + composite: false + clientRole: false + containerId: Yas + attributes: { } + client: + customer-management: + - id: bbe55368-20f8-4787-b7c2-fc7e32073ad6 + name: uma_protection + composite: false + clientRole: true + containerId: 60946636-ed9b-470c-b900-277f4d41ba80 + attributes: { } + realm-management: + - id: b347faf1-614c-4560-b309-3963c8b8ed72 + name: query-users + description: ${role_query-users} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 6d01b738-8f9d-465b-9464-25389823c74f + name: view-users + composite: true + composites: + client: + realm-management: + - query-users + - query-groups + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 51a27561-fffb-40f1-a2b6-d7608bde9269 + name: manage-events + description: ${role_manage-events} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 6ba0385a-dc94-4da0-8649-92d9d684263e + name: impersonation + description: ${role_impersonation} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 955f290e-e4d8-4af9-909c-09f776378031 + name: manage-clients + description: ${role_manage-clients} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 76a7b8bd-3440-4ae2-b951-51626d3468ae + name: manage-identity-providers + description: ${role_manage-identity-providers} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: de9badf2-e26c-4193-80d4-a604c659ed4f + name: create-client + description: ${role_create-client} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: f00232df-6145-458e-9ce7-c7bc2334fa43 + name: query-clients + description: ${role_query-clients} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 41dbcfdb-d5fa-42ef-bbe9-af26f2c43bdb + name: manage-users + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 5abdaafd-95b9-4f8c-8328-78f991efbb00 + name: view-clients + description: ${role_view-clients} + composite: true + composites: + client: + realm-management: + - query-clients + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: f3048ffb-3023-4973-a25e-dfe42e83cc54 + name: view-identity-providers + description: ${role_view-identity-providers} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 6c17291d-e469-4139-aa90-b5e3b1a44e46 + name: view-authorization + description: ${role_view-authorization} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: e2b7165b-59d7-415b-a4b9-cd705eae95a3 + name: manage-realm + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 48084127-c5e1-41be-ba71-2406823788ae + name: view-events + description: ${role_view-events} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 361537c1-1c9e-47dc-906c-c96b2eeb654d + name: query-groups + description: ${role_query-groups} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 2d591814-fb0b-4df2-b8fa-4d894bf2789a + name: realm-admin + description: ${role_realm-admin} + composite: true + composites: + client: + realm-management: + - query-users + - manage-events + - impersonation + - manage-clients + - manage-identity-providers + - create-client + - query-clients + - view-clients + - view-identity-providers + - view-authorization + - view-events + - query-groups + - query-realms + - view-realm + - manage-authorization + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 0b754c52-b512-4c64-aa72-d358e18aabbc + name: query-realms + description: ${role_query-realms} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 95a46057-7254-452e-b6b9-f34178a84aa8 + name: manage-authorization + description: ${role_manage-authorization} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 6ec2be44-3b2d-49aa-9706-1845559d986e + name: view-realm + description: ${role_view-realm} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + backoffice-bff: [ ] + security-admin-console: [ ] + admin-cli: [ ] + storefront-bff: + - id: 4e71f89c-cffc-4a7a-8bf3-51524e6db708 + name: uma_protection + composite: false + clientRole: true + containerId: 4f64c142-0545-44bb-9446-2a18b9c9effd + attributes: { } + account-console: [ ] + broker: [ ] + account: + - id: 84c2f82c-0d3c-4b44-ba9d-d38600a94f3d + name: delete-account + description: ${role_delete-account} + composite: false + clientRole: true + containerId: 63a551a9-12e6-465b-9b06-83747ff64c8d + attributes: { } + - id: 4ce54078-8a93-4155-9ba8-cd7fab17c24c + name: view-groups + description: ${role_view-groups} + composite: false + clientRole: true + containerId: 63a551a9-12e6-465b-9b06-83747ff64c8d + attributes: { } + swagger-ui: [ ] + groups: [ ] + defaultRole: + id: f2da71cd-654f-4beb-8ec8-fa78d6fc1219 + name: default-roles-yas + description: ${role_default-roles} + composite: true + clientRole: false + containerId: Yas + requiredCredentials: + - password + otpPolicyType: totp + otpPolicyAlgorithm: HmacSHA1 + otpPolicyInitialCounter: 0 + otpPolicyDigits: 6 + otpPolicyLookAheadWindow: 1 + otpPolicyPeriod: 30 + otpPolicyCodeReusable: false + otpSupportedApplications: + - totpAppGoogleName + - totpAppFreeOTPName + - totpAppMicrosoftAuthenticatorName + webAuthnPolicyRpEntityName: keycloak + webAuthnPolicySignatureAlgorithms: + - ES256 + webAuthnPolicyRpId: '' + webAuthnPolicyAttestationConveyancePreference: not specified + webAuthnPolicyAuthenticatorAttachment: not specified + webAuthnPolicyRequireResidentKey: not specified + webAuthnPolicyUserVerificationRequirement: not specified + webAuthnPolicyCreateTimeout: 0 + webAuthnPolicyAvoidSameAuthenticatorRegister: false + webAuthnPolicyAcceptableAaguids: [ ] + webAuthnPolicyPasswordlessRpEntityName: keycloak + webAuthnPolicyPasswordlessSignatureAlgorithms: + - ES256 + webAuthnPolicyPasswordlessRpId: '' + webAuthnPolicyPasswordlessAttestationConveyancePreference: not specified + webAuthnPolicyPasswordlessAuthenticatorAttachment: not specified + webAuthnPolicyPasswordlessRequireResidentKey: not specified + webAuthnPolicyPasswordlessUserVerificationRequirement: not specified + webAuthnPolicyPasswordlessCreateTimeout: 0 + webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister: false + webAuthnPolicyPasswordlessAcceptableAaguids: [ ] + users: + - id: 6a4ccf58-14a7-4c68-8f35-9107f98755b2 + createdTimestamp: 1678334999731 + username: admin + enabled: true + totp: false + emailVerified: false + firstName: John + lastName: Doe + email: admin@gmail.com + credentials: + - id: 0bed1acd-4585-450d-9fca-0cd02fb57140 + type: password + userLabel: My password + createdDate: 1678346530213 + secretData: '{"value":"u6oZH6INLj3cGGIJNxhhVUAhJQhYpFmsr3yLLQyVNqs=","salt":"WmnWNNQ1hvyeXj0NlcVugA==","additionalParameters":{}}' + credentialData: '{"hashIterations":27500,"algorithm":"pbkdf2-sha256","additionalParameters":{}}' + disableableCredentialTypes: [ ] + requiredActions: [ ] + realmRoles: + - default-roles-yas + - ADMIN + notBefore: 0 + groups: [ ] + - id: 6249ae7e-844e-4ed7-9b66-02013a98ba2e + createdTimestamp: 1663154002788 + username: service-account-customer-management + enabled: true + totp: false + emailVerified: false + serviceAccountClientId: customer-management + disableableCredentialTypes: [ ] + requiredActions: [ ] + realmRoles: + - default-roles-yas + clientRoles: + realm-management: + - view-users + - manage-realm + - manage-users + customer-management: + - uma_protection + notBefore: 0 + groups: [ ] + - id: 338216c3-c4a7-4d4f-b394-72d7a79c579e + createdTimestamp: 1678087360744 + username: service-account-storefront-bff + enabled: true + totp: false + emailVerified: false + serviceAccountClientId: storefront-bff + disableableCredentialTypes: [ ] + requiredActions: [ ] + realmRoles: + - default-roles-yas + clientRoles: + storefront-bff: + - uma_protection + notBefore: 0 + groups: [ ] + scopeMappings: + - clientScope: offline_access + roles: + - offline_access + clientScopeMappings: + account: + - client: account-console + roles: + - view-groups + clients: + - id: 63a551a9-12e6-465b-9b06-83747ff64c8d + clientId: account + name: ${client_account} + rootUrl: ${authBaseUrl} + baseUrl: /realms/Yas/account/ + surrogateAuthRequired: false + enabled: true + alwaysDisplayInConsole: false + clientAuthenticatorType: client-secret + redirectUris: + - /realms/Yas/account/* + webOrigins: [ ] + notBefore: 0 + bearerOnly: false + consentRequired: false + standardFlowEnabled: true + implicitFlowEnabled: false + directAccessGrantsEnabled: false + serviceAccountsEnabled: false + publicClient: true + frontchannelLogout: false + protocol: openid-connect + attributes: + post.logout.redirect.uris: + + authenticationFlowBindingOverrides: { } + fullScopeAllowed: false + nodeReRegistrationTimeout: 0 + defaultClientScopes: + - web-origins + - roles + - profile + - email + optionalClientScopes: + - address + - phone + - offline_access + - microprofile-jwt + - id: c9b985d8-1db7-43aa-aabe-35b103bce986 + clientId: account-console + name: ${client_account-console} + rootUrl: ${authBaseUrl} + baseUrl: /realms/Yas/account/ + surrogateAuthRequired: false + enabled: true + alwaysDisplayInConsole: false + clientAuthenticatorType: client-secret + redirectUris: + - /realms/Yas/account/* + webOrigins: [ ] + notBefore: 0 + bearerOnly: false + consentRequired: false + standardFlowEnabled: true + implicitFlowEnabled: false + directAccessGrantsEnabled: false + serviceAccountsEnabled: false + publicClient: true + frontchannelLogout: false + protocol: openid-connect + attributes: + post.logout.redirect.uris: + + pkce.code.challenge.method: S256 + authenticationFlowBindingOverrides: { } + fullScopeAllowed: false + nodeReRegistrationTimeout: 0 + protocolMappers: + - id: 667a0992-0916-45fc-aa7d-a70573b56ee9 + name: audience resolve + protocol: openid-connect + protocolMapper: oidc-audience-resolve-mapper + consentRequired: false + config: { } + defaultClientScopes: + - web-origins + - roles + - profile + - email + optionalClientScopes: + - address + - phone + - offline_access + - microprofile-jwt + - id: 2872ae9d-daf4-4ff9-9556-15870acbfaff + clientId: admin-cli + name: ${client_admin-cli} + surrogateAuthRequired: false + enabled: true + alwaysDisplayInConsole: false + clientAuthenticatorType: client-secret + redirectUris: [ ] + webOrigins: [ ] + notBefore: 0 + bearerOnly: false + consentRequired: false + standardFlowEnabled: false + implicitFlowEnabled: false + directAccessGrantsEnabled: true + serviceAccountsEnabled: false + publicClient: true + frontchannelLogout: false + protocol: openid-connect + attributes: + post.logout.redirect.uris: + + authenticationFlowBindingOverrides: { } + fullScopeAllowed: false + nodeReRegistrationTimeout: 0 + defaultClientScopes: + - web-origins + - roles + - profile + - email + optionalClientScopes: + - address + - phone + - offline_access + - microprofile-jwt + - id: 26490047-2a91-4938-9324-371523ad1e14 + clientId: backoffice-bff + surrogateAuthRequired: false + enabled: true + alwaysDisplayInConsole: false + clientAuthenticatorType: client-secret + secret: TVacLC0cQ8tiiEKiTVerTb2YvwQ1TRJF + redirectUris: + - {{ .Values.backofficeRedirectUrl }}/* + - http://localhost:3000/* + - http://localhost:8087/* + webOrigins: [ ] + notBefore: 0 + bearerOnly: false + consentRequired: false + standardFlowEnabled: true + implicitFlowEnabled: false + directAccessGrantsEnabled: true + serviceAccountsEnabled: false + publicClient: false + frontchannelLogout: false + protocol: openid-connect + attributes: + saml.assertion.signature: 'false' + id.token.as.detached.signature: 'false' + saml.multivalued.roles: 'false' + saml.force.post.binding: 'false' + saml.encrypt: 'false' + post.logout.redirect.uris: + + oauth2.device.authorization.grant.enabled: 'false' + backchannel.logout.revoke.offline.tokens: 'false' + saml.server.signature: 'false' + saml.server.signature.keyinfo.ext: 'false' + use.refresh.tokens: 'true' + exclude.session.state.from.auth.response: 'false' + oidc.ciba.grant.enabled: 'false' + saml.artifact.binding: 'false' + backchannel.logout.session.required: 'true' + client_credentials.use_refresh_token: 'false' + saml_force_name_id_format: 'false' + saml.client.signature: 'false' + tls.client.certificate.bound.access.tokens: 'false' + require.pushed.authorization.requests: 'false' + saml.authnstatement: 'false' + display.on.consent.screen: 'false' + saml.onetimeuse.condition: 'false' + authenticationFlowBindingOverrides: { } + fullScopeAllowed: true + nodeReRegistrationTimeout: -1 + protocolMappers: + - id: bde88d27-ba50-4b7a-87b3-f610d7e93c2e + name: realm roles + protocol: openid-connect + protocolMapper: oidc-usermodel-realm-role-mapper + consentRequired: false + config: + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: realm_access.roles + userinfo.token.claim: 'true' + multivalued: 'true' + defaultClientScopes: + - web-origins + - roles + - profile + - email + optionalClientScopes: + - address + - phone + - offline_access + - microprofile-jwt + - id: 2705a11e-bac1-40dc-a67a-12894e2a2acd + clientId: broker + name: ${client_broker} + surrogateAuthRequired: false + enabled: true + alwaysDisplayInConsole: false + clientAuthenticatorType: client-secret + redirectUris: [ ] + webOrigins: [ ] + notBefore: 0 + bearerOnly: true + consentRequired: false + standardFlowEnabled: true + implicitFlowEnabled: false + directAccessGrantsEnabled: false + serviceAccountsEnabled: false + publicClient: false + frontchannelLogout: false + protocol: openid-connect + attributes: + post.logout.redirect.uris: + + authenticationFlowBindingOverrides: { } + fullScopeAllowed: false + nodeReRegistrationTimeout: 0 + defaultClientScopes: + - web-origins + - roles + - profile + - email + optionalClientScopes: + - address + - phone + - offline_access + - microprofile-jwt + - id: 60946636-ed9b-470c-b900-277f4d41ba80 + clientId: customer-management + surrogateAuthRequired: false + enabled: true + alwaysDisplayInConsole: false + clientAuthenticatorType: client-secret + secret: NKAr3rnjwm9jlakgKpelukZGFaHYqIWE + redirectUris: + - '' + webOrigins: [ ] + notBefore: 0 + bearerOnly: false + consentRequired: false + standardFlowEnabled: true + implicitFlowEnabled: false + directAccessGrantsEnabled: true + serviceAccountsEnabled: true + authorizationServicesEnabled: true + publicClient: false + frontchannelLogout: false + protocol: openid-connect + attributes: + access.token.lifespan: '3600' + saml.multivalued.roles: 'false' + saml.force.post.binding: 'false' + post.logout.redirect.uris: + + oauth2.device.authorization.grant.enabled: 'false' + backchannel.logout.revoke.offline.tokens: 'false' + saml.server.signature.keyinfo.ext: 'false' + use.refresh.tokens: 'true' + oidc.ciba.grant.enabled: 'false' + backchannel.logout.session.required: 'true' + client_credentials.use_refresh_token: 'false' + saml.client.signature: 'false' + require.pushed.authorization.requests: 'false' + saml.assertion.signature: 'false' + id.token.as.detached.signature: 'false' + saml.encrypt: 'false' + saml.server.signature: 'false' + exclude.session.state.from.auth.response: 'false' + saml.artifact.binding: 'false' + saml_force_name_id_format: 'false' + tls.client.certificate.bound.access.tokens: 'false' + saml.authnstatement: 'false' + display.on.consent.screen: 'false' + saml.onetimeuse.condition: 'false' + authenticationFlowBindingOverrides: { } + fullScopeAllowed: true + nodeReRegistrationTimeout: -1 + protocolMappers: + - id: 00d85c6f-6a39-4ef6-a1a3-437da954a317 + name: Client Host + protocol: openid-connect + protocolMapper: oidc-usersessionmodel-note-mapper + consentRequired: false + config: + user.session.note: clientHost + userinfo.token.claim: 'true' + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: clientHost + jsonType.label: String + - id: 6b02f2b3-60ba-401a-ab8a-9644dc66d60a + name: Client IP Address + protocol: openid-connect + protocolMapper: oidc-usersessionmodel-note-mapper + consentRequired: false + config: + user.session.note: clientAddress + userinfo.token.claim: 'true' + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: clientAddress + jsonType.label: String + - id: 1727d303-0db0-4d37-a861-3c3f22029470 + name: Client ID + protocol: openid-connect + protocolMapper: oidc-usersessionmodel-note-mapper + consentRequired: false + config: + user.session.note: clientId + userinfo.token.claim: 'true' + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: clientId + jsonType.label: String + defaultClientScopes: + - web-origins + - roles + - profile + - email + optionalClientScopes: + - address + - phone + - offline_access + - microprofile-jwt + authorizationSettings: + allowRemoteResourceManagement: true + policyEnforcementMode: ENFORCING + resources: [ ] + policies: [ ] + scopes: [ ] + decisionStrategy: UNANIMOUS + - id: cdd87e47-0556-4612-95ad-122de3a09b8f + clientId: realm-management + name: ${client_realm-management} + surrogateAuthRequired: false + enabled: true + alwaysDisplayInConsole: false + clientAuthenticatorType: client-secret + redirectUris: [ ] + webOrigins: [ ] + notBefore: 0 + bearerOnly: true + consentRequired: false + standardFlowEnabled: true + implicitFlowEnabled: false + directAccessGrantsEnabled: false + serviceAccountsEnabled: false + publicClient: false + frontchannelLogout: false + protocol: openid-connect + attributes: + post.logout.redirect.uris: + + authenticationFlowBindingOverrides: { } + fullScopeAllowed: false + nodeReRegistrationTimeout: 0 + defaultClientScopes: + - web-origins + - roles + - profile + - email + optionalClientScopes: + - address + - phone + - offline_access + - microprofile-jwt + - id: 36b9332d-e925-42e2-bef4-6e9271695118 + clientId: security-admin-console + name: ${client_security-admin-console} + rootUrl: ${authAdminUrl} + baseUrl: /admin/Yas/console/ + surrogateAuthRequired: false + enabled: true + alwaysDisplayInConsole: false + clientAuthenticatorType: client-secret + redirectUris: + - /admin/Yas/console/* + webOrigins: + - + + notBefore: 0 + bearerOnly: false + consentRequired: false + standardFlowEnabled: true + implicitFlowEnabled: false + directAccessGrantsEnabled: false + serviceAccountsEnabled: false + publicClient: true + frontchannelLogout: false + protocol: openid-connect + attributes: + post.logout.redirect.uris: + + pkce.code.challenge.method: S256 + authenticationFlowBindingOverrides: { } + fullScopeAllowed: false + nodeReRegistrationTimeout: 0 + protocolMappers: + - id: bf597b1e-302a-4cac-92e7-72da275a9450 + name: locale + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: locale + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: locale + jsonType.label: String + defaultClientScopes: + - web-origins + - roles + - profile + - email + optionalClientScopes: + - address + - phone + - offline_access + - microprofile-jwt + - id: 4f64c142-0545-44bb-9446-2a18b9c9effd + clientId: storefront-bff + surrogateAuthRequired: false + enabled: true + alwaysDisplayInConsole: false + clientAuthenticatorType: client-secret + secret: ZrU9I0q2uXBglBnmvyJdkl1lf0ncr8tn + redirectUris: + - {{ .Values.storefrontRedirectUrl }}/* + - http://localhost:8087/* + webOrigins: [ ] + notBefore: 0 + bearerOnly: false + consentRequired: false + standardFlowEnabled: true + implicitFlowEnabled: false + directAccessGrantsEnabled: true + serviceAccountsEnabled: true + authorizationServicesEnabled: true + publicClient: false + frontchannelLogout: false + protocol: openid-connect + attributes: + id.token.as.detached.signature: 'false' + saml.assertion.signature: 'false' + saml.force.post.binding: 'false' + saml.multivalued.roles: 'false' + saml.encrypt: 'false' + post.logout.redirect.uris: + + oauth2.device.authorization.grant.enabled: 'false' + backchannel.logout.revoke.offline.tokens: 'false' + saml.server.signature: 'false' + saml.server.signature.keyinfo.ext: 'false' + use.refresh.tokens: 'true' + exclude.session.state.from.auth.response: 'false' + oidc.ciba.grant.enabled: 'false' + saml.artifact.binding: 'false' + backchannel.logout.session.required: 'true' + client_credentials.use_refresh_token: 'false' + saml_force_name_id_format: 'false' + require.pushed.authorization.requests: 'false' + saml.client.signature: 'false' + tls.client.certificate.bound.access.tokens: 'false' + saml.authnstatement: 'false' + display.on.consent.screen: 'false' + saml.onetimeuse.condition: 'false' + authenticationFlowBindingOverrides: { } + fullScopeAllowed: true + nodeReRegistrationTimeout: -1 + protocolMappers: + - id: e5b39176-5f85-48e6-8aba-6e0442eaa712 + name: Client ID + protocol: openid-connect + protocolMapper: oidc-usersessionmodel-note-mapper + consentRequired: false + config: + user.session.note: clientId + userinfo.token.claim: 'true' + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: clientId + jsonType.label: String + - id: 4872f46c-4ebe-4820-ac83-3ae267d47441 + name: Client Host + protocol: openid-connect + protocolMapper: oidc-usersessionmodel-note-mapper + consentRequired: false + config: + user.session.note: clientHost + userinfo.token.claim: 'true' + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: clientHost + jsonType.label: String + - id: cba83ef5-0a89-44bb-81ac-62dac81c7773 + name: Client IP Address + protocol: openid-connect + protocolMapper: oidc-usersessionmodel-note-mapper + consentRequired: false + config: + user.session.note: clientAddress + userinfo.token.claim: 'true' + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: clientAddress + jsonType.label: String + - id: d3968f38-2a46-411f-849f-5342e7008e44 + name: realm roles + protocol: openid-connect + protocolMapper: oidc-usermodel-realm-role-mapper + consentRequired: false + config: + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: realm_access.roles + userinfo.token.claim: 'true' + multivalued: 'true' + defaultClientScopes: + - web-origins + - roles + - profile + - email + optionalClientScopes: + - address + - phone + - offline_access + - microprofile-jwt + authorizationSettings: + allowRemoteResourceManagement: true + policyEnforcementMode: ENFORCING + resources: [ ] + policies: [ ] + scopes: [ ] + decisionStrategy: UNANIMOUS + - id: ce61ec4b-d4c5-477b-91c0-ebf1fd189bbd + clientId: swagger-ui + surrogateAuthRequired: false + enabled: true + alwaysDisplayInConsole: false + clientAuthenticatorType: client-secret + redirectUris: + - {{ .Values.apiRedirectUrl }}/* + - http://localhost:8080/* + - http://localhost:8081/* + - http://localhost:8083/* + - http://localhost:8084/* + - http://localhost:8085/* + - http://localhost:8086/* + - http://localhost:8088/* + - http://localhost:8089/* + - http://localhost:8090/* + - http://localhost:8091/* + - http://localhost:8092/* + - http://localhost:8093/* + webOrigins: + - {{ .Values.apiRedirectUrl }} + - http://localhost:8080 + - http://localhost:8081 + - http://localhost:8083 + - http://localhost:8084 + - http://localhost:8085 + - http://localhost:8086 + - http://localhost:8088 + - http://localhost:8089 + - http://localhost:8090 + - http://localhost:8091 + - http://localhost:8092 + - http://localhost:8093 + notBefore: 0 + bearerOnly: false + consentRequired: false + standardFlowEnabled: true + implicitFlowEnabled: false + directAccessGrantsEnabled: false + serviceAccountsEnabled: false + publicClient: true + frontchannelLogout: false + protocol: openid-connect + attributes: + id.token.as.detached.signature: 'false' + saml.assertion.signature: 'false' + saml.force.post.binding: 'false' + saml.multivalued.roles: 'false' + saml.encrypt: 'false' + post.logout.redirect.uris: + + oauth2.device.authorization.grant.enabled: 'false' + backchannel.logout.revoke.offline.tokens: 'false' + saml.server.signature: 'false' + saml.server.signature.keyinfo.ext: 'false' + use.refresh.tokens: 'true' + exclude.session.state.from.auth.response: 'false' + oidc.ciba.grant.enabled: 'false' + saml.artifact.binding: 'false' + backchannel.logout.session.required: 'true' + client_credentials.use_refresh_token: 'false' + saml_force_name_id_format: 'false' + require.pushed.authorization.requests: 'false' + saml.client.signature: 'false' + tls.client.certificate.bound.access.tokens: 'false' + saml.authnstatement: 'false' + display.on.consent.screen: 'false' + saml.onetimeuse.condition: 'false' + authenticationFlowBindingOverrides: { } + fullScopeAllowed: true + nodeReRegistrationTimeout: -1 + defaultClientScopes: + - web-origins + - roles + - profile + - email + optionalClientScopes: + - address + - phone + - offline_access + - microprofile-jwt + clientScopes: + - id: 65c94f63-6035-4d6c-af24-1f14e3b94a38 + name: email + description: 'OpenID Connect built-in scope: email' + protocol: openid-connect + attributes: + include.in.token.scope: 'true' + display.on.consent.screen: 'true' + consent.screen.text: ${emailScopeConsentText} + protocolMappers: + - id: 974d8ce9-735f-487a-a6a9-588e561e901f + name: email verified + protocol: openid-connect + protocolMapper: oidc-usermodel-property-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: emailVerified + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: email_verified + jsonType.label: boolean + - id: fb983e0f-34a1-4044-a3d6-53c0c2b62c00 + name: email + protocol: openid-connect + protocolMapper: oidc-usermodel-property-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: email + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: email + jsonType.label: String + - id: d3087d0d-d3fd-4f43-8aca-17b1aa5be6a0 + name: offline_access + description: 'OpenID Connect built-in scope: offline_access' + protocol: openid-connect + attributes: + consent.screen.text: ${offlineAccessScopeConsentText} + display.on.consent.screen: 'true' + - id: eea01d80-65da-4540-85c9-c22b6193479e + name: address + description: 'OpenID Connect built-in scope: address' + protocol: openid-connect + attributes: + include.in.token.scope: 'true' + display.on.consent.screen: 'true' + consent.screen.text: ${addressScopeConsentText} + protocolMappers: + - id: d99969f9-1402-4d8b-a6ba-558a57caae9e + name: address + protocol: openid-connect + protocolMapper: oidc-address-mapper + consentRequired: false + config: + user.attribute.formatted: formatted + user.attribute.country: country + user.attribute.postal_code: postal_code + userinfo.token.claim: 'true' + user.attribute.street: street + id.token.claim: 'true' + user.attribute.region: region + access.token.claim: 'true' + user.attribute.locality: locality + - id: 337c3515-30b8-4e7c-881a-109f1c94a011 + name: web-origins + description: OpenID Connect scope for add allowed web origins to the access token + protocol: openid-connect + attributes: + include.in.token.scope: 'false' + display.on.consent.screen: 'false' + consent.screen.text: '' + protocolMappers: + - id: fbffeaba-3e7b-432c-abbd-d4110f0fb8d2 + name: allowed web origins + protocol: openid-connect + protocolMapper: oidc-allowed-origins-mapper + consentRequired: false + config: { } + - id: 2cd6e0f6-a0dc-4eab-bbc2-792cb4f2f998 + name: phone + description: 'OpenID Connect built-in scope: phone' + protocol: openid-connect + attributes: + include.in.token.scope: 'true' + display.on.consent.screen: 'true' + consent.screen.text: ${phoneScopeConsentText} + protocolMappers: + - id: effcf372-86b3-4be7-9fd5-bd4b27f81ad7 + name: phone number verified + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: phoneNumberVerified + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: phone_number_verified + jsonType.label: boolean + - id: 45412629-3241-42cc-9c31-e931a5ccfbd8 + name: phone number + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: phoneNumber + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: phone_number + jsonType.label: String + - id: 51e71de7-0fa8-4ca8-9789-d1a240e7954c + name: role_list + description: SAML role list + protocol: saml + attributes: + consent.screen.text: ${samlRoleListScopeConsentText} + display.on.consent.screen: 'true' + protocolMappers: + - id: 4a393c0d-069d-4012-be5d-c5157e0291e5 + name: role list + protocol: saml + protocolMapper: saml-role-list-mapper + consentRequired: false + config: + single: 'false' + attribute.nameformat: Basic + attribute.name: Role + - id: 215618ce-81df-4751-b38a-b64b011a7475 + name: roles + description: OpenID Connect scope for add user roles to the access token + protocol: openid-connect + attributes: + include.in.token.scope: 'false' + display.on.consent.screen: 'true' + consent.screen.text: ${rolesScopeConsentText} + protocolMappers: + - id: cf2078e3-4b15-44c9-ad07-7f8f87d8a057 + name: realm roles + protocol: openid-connect + protocolMapper: oidc-usermodel-realm-role-mapper + consentRequired: false + config: + user.attribute: foo + access.token.claim: 'true' + claim.name: realm_access.roles + jsonType.label: String + multivalued: 'true' + - id: 4aaee979-5114-4d48-9e9c-415ac0240dec + name: client roles + protocol: openid-connect + protocolMapper: oidc-usermodel-client-role-mapper + consentRequired: false + config: + user.attribute: foo + access.token.claim: 'true' + claim.name: resource_access.${client_id}.roles + jsonType.label: String + multivalued: 'true' + - id: acb14904-46e0-40be-bea8-130d04bf52d2 + name: audience resolve + protocol: openid-connect + protocolMapper: oidc-audience-resolve-mapper + consentRequired: false + config: { } + - id: 571bd089-79c4-414f-811d-059110e90303 + name: microprofile-jwt + description: Microprofile - JWT built-in scope + protocol: openid-connect + attributes: + include.in.token.scope: 'true' + display.on.consent.screen: 'false' + protocolMappers: + - id: 071dc8d4-03af-4960-9211-a0313a902caa + name: groups + protocol: openid-connect + protocolMapper: oidc-usermodel-realm-role-mapper + consentRequired: false + config: + multivalued: 'true' + userinfo.token.claim: 'true' + user.attribute: foo + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: groups + jsonType.label: String + - id: 5fc63466-e78c-44ae-892e-cc1af3d9ff89 + name: upn + protocol: openid-connect + protocolMapper: oidc-usermodel-property-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: username + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: upn + jsonType.label: String + - id: 19969f81-191a-4485-b659-4a5ebe01285c + name: profile + description: 'OpenID Connect built-in scope: profile' + protocol: openid-connect + attributes: + include.in.token.scope: 'true' + display.on.consent.screen: 'true' + consent.screen.text: ${profileScopeConsentText} + protocolMappers: + - id: 09ebd0bc-7811-46d0-aff0-f8d7adf5982f + name: middle name + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: middleName + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: middle_name + jsonType.label: String + - id: 3912134c-627e-4e9f-8d3a-5120d799fb16 + name: username + protocol: openid-connect + protocolMapper: oidc-usermodel-property-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: username + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: preferred_username + jsonType.label: String + - id: 1b4331fe-334c-4ba4-9c2d-e0f073d3762e + name: zoneinfo + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: zoneinfo + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: zoneinfo + jsonType.label: String + - id: 2cfd41fc-61c3-468b-89ed-1b929c32568c + name: picture + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: picture + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: picture + jsonType.label: String + - id: c7f24d2a-0740-4724-8008-45600c5e9742 + name: updated at + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: updatedAt + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: updated_at + jsonType.label: String + - id: 77e47ece-29ac-4de2-a452-a4a1e2a9f130 + name: website + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: website + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: website + jsonType.label: String + - id: 06b7db1f-adfa-41c3-9286-9a945ca13cfa + name: birthdate + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: birthdate + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: birthdate + jsonType.label: String + - id: 153dbe4c-7205-4a42-86d7-c0ec6ac152f7 + name: nickname + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: nickname + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: nickname + jsonType.label: String + - id: 8a9fc6cc-995e-4b0b-bdad-f5af6b0abc73 + name: given name + protocol: openid-connect + protocolMapper: oidc-usermodel-property-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: firstName + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: given_name + jsonType.label: String + - id: 0ca34d5e-f181-4c1a-8d72-41ba359cef57 + name: full name + protocol: openid-connect + protocolMapper: oidc-full-name-mapper + consentRequired: false + config: + id.token.claim: 'true' + access.token.claim: 'true' + userinfo.token.claim: 'true' + - id: be3ce14c-f2a7-4b20-a79e-369f6c9fa22d + name: locale + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: locale + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: locale + jsonType.label: String + - id: 04bad41a-daf4-48d9-a6e1-80fd41ea223b + name: gender + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: gender + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: gender + jsonType.label: String + - id: 8b7a8d0e-e674-4ab8-8c56-dbde99ba50a1 + name: family name + protocol: openid-connect + protocolMapper: oidc-usermodel-property-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: lastName + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: family_name + jsonType.label: String + - id: 2c2c19aa-e05b-4d61-ae0e-1d3086b90531 + name: profile + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: profile + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: profile + jsonType.label: String + - id: 0ddee3ba-73b6-43bc-b66a-cf8bf520e2a5 + name: acr + description: OpenID Connect scope for add acr (authentication context class reference) to the token + protocol: openid-connect + attributes: + include.in.token.scope: 'false' + display.on.consent.screen: 'false' + protocolMappers: + - id: 3f29f288-049e-4e95-a060-fa45809f8908 + name: acr loa level + protocol: openid-connect + protocolMapper: oidc-acr-mapper + consentRequired: false + config: + id.token.claim: 'true' + access.token.claim: 'true' + defaultDefaultClientScopes: + - role_list + - profile + - email + - roles + - web-origins + - acr + defaultOptionalClientScopes: + - offline_access + - address + - phone + - microprofile-jwt + browserSecurityHeaders: + contentSecurityPolicyReportOnly: '' + xContentTypeOptions: nosniff + xRobotsTag: none + xFrameOptions: SAMEORIGIN + contentSecurityPolicy: frame-src 'self'; frame-ancestors 'self'; object-src 'none'; + xXSSProtection: 1; mode=block + strictTransportSecurity: max-age=31536000; includeSubDomains + smtpServer: { } + loginTheme: yas + eventsEnabled: false + eventsListeners: + - jboss-logging + enabledEventTypes: [ ] + adminEventsEnabled: false + adminEventsDetailsEnabled: false + identityProviders: [ ] + identityProviderMappers: [ ] + components: + org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy: + - id: f1a4c9f9-a63f-4db9-b937-aa5f557d41e5 + name: Trusted Hosts + providerId: trusted-hosts + subType: anonymous + subComponents: { } + config: + host-sending-registration-request-must-match: + - 'true' + client-uris-must-match: + - 'true' + - id: 32611d53-6e58-45ba-9f7b-72b590a538fe + name: Consent Required + providerId: consent-required + subType: anonymous + subComponents: { } + config: { } + - id: f888a4c5-4512-46a3-96d2-8d6ad063a443 + name: Allowed Protocol Mapper Types + providerId: allowed-protocol-mappers + subType: anonymous + subComponents: { } + config: + allowed-protocol-mapper-types: + - saml-user-property-mapper + - saml-user-attribute-mapper + - oidc-sha256-pairwise-sub-mapper + - oidc-usermodel-property-mapper + - oidc-full-name-mapper + - saml-role-list-mapper + - oidc-address-mapper + - oidc-usermodel-attribute-mapper + - id: 2d3731aa-f5f7-42b6-bede-6f82d347913b + name: Allowed Client Scopes + providerId: allowed-client-templates + subType: authenticated + subComponents: { } + config: + allow-default-scopes: + - 'true' + - id: d47cb88e-2a27-425f-b96b-1c4640d31522 + name: Allowed Client Scopes + providerId: allowed-client-templates + subType: anonymous + subComponents: { } + config: + allow-default-scopes: + - 'true' + - id: 126efd47-9cec-46e6-b528-5bceb453f893 + name: Max Clients Limit + providerId: max-clients + subType: anonymous + subComponents: { } + config: + max-clients: + - '200' + - id: 87a66d4a-9995-4a93-b1bb-5aa1383ccece + name: Full Scope Disabled + providerId: scope + subType: anonymous + subComponents: { } + config: { } + - id: 8d9b43e5-51cb-457f-a042-a0e4816f014d + name: Allowed Protocol Mapper Types + providerId: allowed-protocol-mappers + subType: authenticated + subComponents: { } + config: + allowed-protocol-mapper-types: + - saml-user-attribute-mapper + - saml-user-property-mapper + - oidc-address-mapper + - oidc-usermodel-property-mapper + - oidc-sha256-pairwise-sub-mapper + - oidc-full-name-mapper + - saml-role-list-mapper + - oidc-usermodel-attribute-mapper + org.keycloak.keys.KeyProvider: + - id: 7b811bf0-3c37-4528-814e-54e03726c2ab + name: rsa-generated + providerId: rsa-generated + subComponents: { } + config: + priority: + - '100' + - id: 2a3bb174-df5a-494d-9fdb-23ecf4823d13 + name: hmac-generated + providerId: hmac-generated + subComponents: { } + config: + priority: + - '100' + algorithm: + - HS256 + - id: 2ab9adec-59f0-4f5e-9f2f-8dc3bff23e5d + name: aes-generated + providerId: aes-generated + subComponents: { } + config: + priority: + - '100' + - id: 5662273c-09e8-4734-848d-617184a5988e + name: rsa-enc-generated + providerId: rsa-enc-generated + subComponents: { } + config: + priority: + - '100' + algorithm: + - RSA-OAEP + internationalizationEnabled: false + supportedLocales: [ ] + authenticationFlows: + - id: f04b4023-c1a1-42cd-8da8-5c839b625136 + alias: Account verification options + description: Method with which to verity the existing account + providerId: basic-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticator: idp-email-verification + authenticatorFlow: false + requirement: ALTERNATIVE + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: ALTERNATIVE + priority: 20 + autheticatorFlow: true + flowAlias: Verify Existing Account by Re-authentication + userSetupAllowed: false + - id: 14511596-c28a-4caa-b11e-a6e3cb6f4e41 + alias: Authentication Options + description: Authentication options. + providerId: basic-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticator: basic-auth + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: basic-auth-otp + authenticatorFlow: false + requirement: DISABLED + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: auth-spnego + authenticatorFlow: false + requirement: DISABLED + priority: 30 + autheticatorFlow: false + userSetupAllowed: false + - id: 4d7f696a-2ab5-4049-9d74-0dc587ae9714 + alias: Browser - Conditional OTP + description: Flow to determine if the OTP is required for the authentication + providerId: basic-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticator: conditional-user-configured + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: auth-otp-form + authenticatorFlow: false + requirement: REQUIRED + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - id: a144d634-1d2d-404f-a398-60adacaf4919 + alias: Direct Grant - Conditional OTP + description: Flow to determine if the OTP is required for the authentication + providerId: basic-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticator: conditional-user-configured + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: direct-grant-validate-otp + authenticatorFlow: false + requirement: REQUIRED + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - id: 4da5c4d3-9baa-4f09-afc3-eeb9917c697f + alias: First broker login - Conditional OTP + description: Flow to determine if the OTP is required for the authentication + providerId: basic-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticator: conditional-user-configured + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: auth-otp-form + authenticatorFlow: false + requirement: REQUIRED + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - id: ac4c0060-a554-4672-85d8-2d9eb6688410 + alias: Handle Existing Account + description: Handle what to do if there is existing account with same email/username like authenticated + identity provider + providerId: basic-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticator: idp-confirm-link + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: REQUIRED + priority: 20 + autheticatorFlow: true + flowAlias: Account verification options + userSetupAllowed: false + - id: 1ac65105-ae91-41b2-9c45-32f5897c39f1 + alias: Reset - Conditional OTP + description: Flow to determine if the OTP should be reset or not. Set to REQUIRED to force. + providerId: basic-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticator: conditional-user-configured + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: reset-otp + authenticatorFlow: false + requirement: REQUIRED + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - id: 1eeba3b5-cdba-42ca-a708-3d8e9f332b15 + alias: User creation or linking + description: Flow for the existing/non-existing user alternatives + providerId: basic-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticatorConfig: create unique user config + authenticator: idp-create-user-if-unique + authenticatorFlow: false + requirement: ALTERNATIVE + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: ALTERNATIVE + priority: 20 + autheticatorFlow: true + flowAlias: Handle Existing Account + userSetupAllowed: false + - id: 9bc10d3a-3a17-477d-900f-7561031dab96 + alias: Verify Existing Account by Re-authentication + description: Reauthentication of existing account + providerId: basic-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticator: idp-username-password-form + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: CONDITIONAL + priority: 20 + autheticatorFlow: true + flowAlias: First broker login - Conditional OTP + userSetupAllowed: false + - id: 5d1bc3a4-b6b1-4ba5-a598-41c30c49cfb2 + alias: browser + description: browser based authentication + providerId: basic-flow + topLevel: true + builtIn: true + authenticationExecutions: + - authenticator: auth-cookie + authenticatorFlow: false + requirement: ALTERNATIVE + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: auth-spnego + authenticatorFlow: false + requirement: DISABLED + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: identity-provider-redirector + authenticatorFlow: false + requirement: ALTERNATIVE + priority: 25 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: ALTERNATIVE + priority: 30 + autheticatorFlow: true + flowAlias: forms + userSetupAllowed: false + - id: a820f93d-47f6-40c7-a6e5-13e09b193293 + alias: clients + description: Base authentication for clients + providerId: client-flow + topLevel: true + builtIn: true + authenticationExecutions: + - authenticator: client-secret + authenticatorFlow: false + requirement: ALTERNATIVE + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: client-jwt + authenticatorFlow: false + requirement: ALTERNATIVE + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: client-secret-jwt + authenticatorFlow: false + requirement: ALTERNATIVE + priority: 30 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: client-x509 + authenticatorFlow: false + requirement: ALTERNATIVE + priority: 40 + autheticatorFlow: false + userSetupAllowed: false + - id: 2035c417-608b-4f7d-af0f-89fb445054b0 + alias: direct grant + description: OpenID Connect Resource Owner Grant + providerId: basic-flow + topLevel: true + builtIn: true + authenticationExecutions: + - authenticator: direct-grant-validate-username + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: direct-grant-validate-password + authenticatorFlow: false + requirement: REQUIRED + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: CONDITIONAL + priority: 30 + autheticatorFlow: true + flowAlias: Direct Grant - Conditional OTP + userSetupAllowed: false + - id: 0b3bd405-178e-4ab9-a57e-f33d8941cc0e + alias: docker auth + description: Used by Docker clients to authenticate against the IDP + providerId: basic-flow + topLevel: true + builtIn: true + authenticationExecutions: + - authenticator: docker-http-basic-authenticator + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - id: 47842f9d-d92a-4018-a1d7-cbc02c7042f5 + alias: first broker login + description: Actions taken after first broker login with identity provider account, which is not yet + linked to any Keycloak account + providerId: basic-flow + topLevel: true + builtIn: true + authenticationExecutions: + - authenticatorConfig: review profile config + authenticator: idp-review-profile + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: REQUIRED + priority: 20 + autheticatorFlow: true + flowAlias: User creation or linking + userSetupAllowed: false + - id: bb98f470-b1bb-4387-b658-8eb16cd818e1 + alias: forms + description: Username, password, otp and other auth forms. + providerId: basic-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticator: auth-username-password-form + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: CONDITIONAL + priority: 20 + autheticatorFlow: true + flowAlias: Browser - Conditional OTP + userSetupAllowed: false + - id: 3b0a50a7-a06a-48b8-a345-c3cf1582227e + alias: http challenge + description: An authentication flow based on challenge-response HTTP Authentication Schemes + providerId: basic-flow + topLevel: true + builtIn: true + authenticationExecutions: + - authenticator: no-cookie-redirect + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: REQUIRED + priority: 20 + autheticatorFlow: true + flowAlias: Authentication Options + userSetupAllowed: false + - id: 17b70852-e5df-4328-9aa5-a0fe9005842e + alias: registration + description: registration flow + providerId: basic-flow + topLevel: true + builtIn: true + authenticationExecutions: + - authenticator: registration-page-form + authenticatorFlow: true + requirement: REQUIRED + priority: 10 + autheticatorFlow: true + flowAlias: registration form + userSetupAllowed: false + - id: 33a008ca-35d7-4f35-97b1-e2db23e24fe2 + alias: registration form + description: registration form + providerId: form-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticator: registration-user-creation + authenticatorFlow: false + requirement: REQUIRED + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: registration-profile-action + authenticatorFlow: false + requirement: REQUIRED + priority: 40 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: registration-password-action + authenticatorFlow: false + requirement: REQUIRED + priority: 50 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: registration-recaptcha-action + authenticatorFlow: false + requirement: DISABLED + priority: 60 + autheticatorFlow: false + userSetupAllowed: false + - id: 7fe8ad8b-f273-49b6-a730-29020aa1bbee + alias: reset credentials + description: Reset credentials for a user if they forgot their password or something + providerId: basic-flow + topLevel: true + builtIn: true + authenticationExecutions: + - authenticator: reset-credentials-choose-user + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: reset-credential-email + authenticatorFlow: false + requirement: REQUIRED + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: reset-password + authenticatorFlow: false + requirement: REQUIRED + priority: 30 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: CONDITIONAL + priority: 40 + autheticatorFlow: true + flowAlias: Reset - Conditional OTP + userSetupAllowed: false + - id: 9f11c59c-0fcc-4ecb-9f61-2195e0ad9d97 + alias: saml ecp + description: SAML ECP Profile Authentication Flow + providerId: basic-flow + topLevel: true + builtIn: true + authenticationExecutions: + - authenticator: http-basic-authenticator + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + authenticatorConfig: + - id: 516de5eb-224a-49af-987b-569e5aa89bc0 + alias: create unique user config + config: + require.password.update.after.registration: 'false' + - id: d6f7e752-79e8-49af-9633-040849f05254 + alias: review profile config + config: + update.profile.on.first.login: missing + requiredActions: + - alias: CONFIGURE_TOTP + name: Configure OTP + providerId: CONFIGURE_TOTP + enabled: true + defaultAction: false + priority: 10 + config: { } + - alias: terms_and_conditions + name: Terms and Conditions + providerId: terms_and_conditions + enabled: false + defaultAction: false + priority: 20 + config: { } + - alias: UPDATE_PASSWORD + name: Update Password + providerId: UPDATE_PASSWORD + enabled: true + defaultAction: false + priority: 30 + config: { } + - alias: UPDATE_PROFILE + name: Update Profile + providerId: UPDATE_PROFILE + enabled: true + defaultAction: false + priority: 40 + config: { } + - alias: VERIFY_EMAIL + name: Verify Email + providerId: VERIFY_EMAIL + enabled: true + defaultAction: false + priority: 50 + config: { } + - alias: delete_account + name: Delete Account + providerId: delete_account + enabled: false + defaultAction: false + priority: 60 + config: { } + - alias: update_user_locale + name: Update User Locale + providerId: update_user_locale + enabled: true + defaultAction: false + priority: 1000 + config: { } + browserFlow: browser + registrationFlow: registration + directGrantFlow: direct grant + resetCredentialsFlow: reset credentials + clientAuthenticationFlow: clients + dockerAuthenticationFlow: docker auth + attributes: + cibaBackchannelTokenDeliveryMode: poll + cibaExpiresIn: '120' + cibaAuthRequestedUserHint: login_hint + oauth2DeviceCodeLifespan: '600' + oauth2DevicePollingInterval: '5' + clientOfflineSessionMaxLifespan: '0' + clientSessionIdleTimeout: '0' + parRequestUriLifespan: '60' + clientSessionMaxLifespan: '0' + clientOfflineSessionIdleTimeout: '0' + cibaInterval: '5' + realmReusableOtpCode: 'false' + keycloakVersion: 21.0.1 + userManagedAccessAllowed: false + clientProfiles: + profiles: [ ] + clientPolicies: + policies: [ ] diff --git a/k8s-cd/deploy/keycloak/keycloak/templates/keycloak.yaml b/k8s-cd/deploy/keycloak/keycloak/templates/keycloak.yaml new file mode 100644 index 0000000000..cd07a8a15d --- /dev/null +++ b/k8s-cd/deploy/keycloak/keycloak/templates/keycloak.yaml @@ -0,0 +1,43 @@ +apiVersion: k8s.keycloak.org/v2alpha1 +kind: Keycloak +metadata: + name: keycloak +spec: + bootstrapAdmin: + user: + secret: keycloak-credentials + db: + vendor: postgres + usernameSecret: + name: postgresql-credentials + key: username + passwordSecret: + name: postgresql-credentials + key: password + host: postgresql + database: keycloak + port: 5432 + http: + httpEnabled: true + httpPort: 8080 + hostname: + hostname: {{ .Values.hostname }} + backchannelDynamic: false + strict: false + proxy: + headers: xforwarded + ingress: + enabled: true + className: nginx +# unsupported: +# podTemplate: +# spec: +# volumes: +# - name: yas-themes +# configMap: +# name: yas-themes-configmap +# containers: +# - name: keycloak +# volumeMounts: +# - name: yas-themes +# mountPath: /opt/keycloak/providers diff --git a/k8s-cd/deploy/keycloak/keycloak/templates/postgresql-credential.secret.yaml b/k8s-cd/deploy/keycloak/keycloak/templates/postgresql-credential.secret.yaml new file mode 100644 index 0000000000..29e3fd7e20 --- /dev/null +++ b/k8s-cd/deploy/keycloak/keycloak/templates/postgresql-credential.secret.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Secret +metadata: + name: postgresql-credentials +type: Opaque +data: + username: {{ .Values.postgresql.username | b64enc }} + password: {{ .Values.postgresql.password | b64enc }} \ No newline at end of file diff --git a/k8s-cd/deploy/keycloak/keycloak/templates/yas-themes.configmap.yaml b/k8s-cd/deploy/keycloak/keycloak/templates/yas-themes.configmap.yaml new file mode 100644 index 0000000000..76d00564c9 --- /dev/null +++ b/k8s-cd/deploy/keycloak/keycloak/templates/yas-themes.configmap.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: yas-themes-configmap +binaryData: + yas.jar: | + {{- .Files.Get "themes/yas.jar" | b64enc | nindent 4 }} \ No newline at end of file diff --git a/k8s-cd/deploy/keycloak/keycloak/values.yaml b/k8s-cd/deploy/keycloak/keycloak/values.yaml new file mode 100644 index 0000000000..9f8405ce1c --- /dev/null +++ b/k8s-cd/deploy/keycloak/keycloak/values.yaml @@ -0,0 +1,16 @@ +hostname: identity.yas.local.com +backofficeRedirectUrl: http://backoffice.yas.local.com +storefrontRedirectUrl: http://storefront.yas.local.com +apiRedirectUrl: http://api.yas.local.com + +global: + domain: yas.local.com + envTag: "" + +postgresql: + username: yasadminuser + password: admin + +bootstrapAdmin: + username: admin + password: admin \ No newline at end of file diff --git a/k8s-cd/deploy/minikube_latest_amd64.deb b/k8s-cd/deploy/minikube_latest_amd64.deb new file mode 100644 index 0000000000..2741cebcbf Binary files /dev/null and b/k8s-cd/deploy/minikube_latest_amd64.deb differ diff --git a/k8s-cd/deploy/observability/grafana/.helmignore b/k8s-cd/deploy/observability/grafana/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/deploy/observability/grafana/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/deploy/observability/grafana/Chart.yaml b/k8s-cd/deploy/observability/grafana/Chart.yaml new file mode 100644 index 0000000000..2c7c54e5d4 --- /dev/null +++ b/k8s-cd/deploy/observability/grafana/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: grafana +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/k8s-cd/deploy/observability/grafana/templates/_helpers.tpl b/k8s-cd/deploy/observability/grafana/templates/_helpers.tpl new file mode 100644 index 0000000000..993f46bdd8 --- /dev/null +++ b/k8s-cd/deploy/observability/grafana/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "grafana.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "grafana.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "grafana.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "grafana.labels" -}} +helm.sh/chart: {{ include "grafana.chart" . }} +{{ include "grafana.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "grafana.selectorLabels" -}} +app.kubernetes.io/name: {{ include "grafana.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "grafana.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "grafana.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/deploy/observability/grafana/templates/dashboards.yaml b/k8s-cd/deploy/observability/grafana/templates/dashboards.yaml new file mode 100644 index 0000000000..13ead6adfc --- /dev/null +++ b/k8s-cd/deploy/observability/grafana/templates/dashboards.yaml @@ -0,0 +1,25 @@ +apiVersion: grafana.integreatly.org/v1beta1 +kind: GrafanaDashboard +metadata: + name: jvm-dashboard +spec: + instanceSelector: + matchLabels: + dashboards: "grafana" + url: "https://grafana.com/api/dashboards/4701/revisions/10/download" + datasources: + - datasourceName: prometheus + inputName: DS_PROMETHEUS +--- +apiVersion: grafana.integreatly.org/v1beta1 +kind: GrafanaDashboard +metadata: + name: hikari-cp-dashboard +spec: + instanceSelector: + matchLabels: + dashboards: "grafana" + url: "https://grafana.com/api/dashboards/6083/revisions/5/download" + datasources: + - datasourceName: prometheus + inputName: DS_PROMETHEUS \ No newline at end of file diff --git a/k8s-cd/deploy/observability/grafana/templates/grafana-credentials.secret.yaml b/k8s-cd/deploy/observability/grafana/templates/grafana-credentials.secret.yaml new file mode 100644 index 0000000000..124217db6e --- /dev/null +++ b/k8s-cd/deploy/observability/grafana/templates/grafana-credentials.secret.yaml @@ -0,0 +1,8 @@ +kind: Secret +apiVersion: v1 +metadata: + name: grafana-admin-credentials +stringData: + username: "{{ .Values.grafana.username }}" + password: "{{ .Values.grafana.password }}" +type: Opaque \ No newline at end of file diff --git a/k8s-cd/deploy/observability/grafana/templates/grafana.yaml b/k8s-cd/deploy/observability/grafana/templates/grafana.yaml new file mode 100644 index 0000000000..db960a4cea --- /dev/null +++ b/k8s-cd/deploy/observability/grafana/templates/grafana.yaml @@ -0,0 +1,15 @@ +apiVersion: grafana.integreatly.org/v1beta1 +kind: Grafana +metadata: + name: grafana + labels: + dashboards: "grafana" +spec: + external: + url: http://prometheus-grafana + adminPassword: + name: grafana-admin-credentials + key: username + adminUser: + name: grafana-admin-credentials + key: password \ No newline at end of file diff --git a/k8s-cd/deploy/observability/grafana/templates/loki-datasource.yaml b/k8s-cd/deploy/observability/grafana/templates/loki-datasource.yaml new file mode 100644 index 0000000000..ef631875fa --- /dev/null +++ b/k8s-cd/deploy/observability/grafana/templates/loki-datasource.yaml @@ -0,0 +1,22 @@ +apiVersion: grafana.integreatly.org/v1beta1 +kind: GrafanaDatasource +metadata: + name: loki-datasource +spec: + instanceSelector: + matchLabels: + dashboards: "grafana" + datasource: + name: Loki + type: loki + uid: loki + url: http://loki-gateway + access: proxy + jsonData: + httpMethod: GET + maxLines: 1000 + derivedFields: + - datasourceUid: tempo + matcherRegex: traceId=(\w*) + name: traceId + url: ${__value.raw} \ No newline at end of file diff --git a/k8s-cd/deploy/observability/grafana/templates/tempo-datasource.yaml b/k8s-cd/deploy/observability/grafana/templates/tempo-datasource.yaml new file mode 100644 index 0000000000..c51f10e754 --- /dev/null +++ b/k8s-cd/deploy/observability/grafana/templates/tempo-datasource.yaml @@ -0,0 +1,26 @@ +apiVersion: grafana.integreatly.org/v1beta1 +kind: GrafanaDatasource +metadata: + name: tempo-datasource +spec: + instanceSelector: + matchLabels: + dashboards: "grafana" + datasource: + name: Tempo + type: tempo + uid: tempo + access: proxy + url: http://tempo:3100 + jsonData: + httpMethod: GET + tracesToLogsV2: + datasourceUid: loki + serviceMap: + datasourceUid: prometheus + nodeGraph: + enabled: true + search: + hide: false + lokiSearch: + datasourceUid: loki \ No newline at end of file diff --git a/k8s-cd/deploy/observability/grafana/values.yaml b/k8s-cd/deploy/observability/grafana/values.yaml new file mode 100644 index 0000000000..f2a93e4d8c --- /dev/null +++ b/k8s-cd/deploy/observability/grafana/values.yaml @@ -0,0 +1,4 @@ +hostname: grafana.yas.local.com +grafana: + username: admin + password: admin \ No newline at end of file diff --git a/k8s-cd/deploy/observability/loki.values.yaml b/k8s-cd/deploy/observability/loki.values.yaml new file mode 100644 index 0000000000..e3afaa952d --- /dev/null +++ b/k8s-cd/deploy/observability/loki.values.yaml @@ -0,0 +1,27 @@ +write: + replicas: 1 +read: + replicas: 1 +backend: + replicas: 1 +loki: + commonConfig: + replication_factor: 1 + auth_enabled: false +test: + enabled: false +storage: + type: 'filesystem' +minio: + enabled: true + +monitoring: + selfMonitoring: + enabled: false + grafanaAgent: + installOperator: false + +resultsCache: + allocatedMemory: 512 +chunksCache: + allocatedMemory: 512 diff --git a/k8s-cd/deploy/observability/opentelemetry/.helmignore b/k8s-cd/deploy/observability/opentelemetry/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/deploy/observability/opentelemetry/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/deploy/observability/opentelemetry/Chart.yaml b/k8s-cd/deploy/observability/opentelemetry/Chart.yaml new file mode 100644 index 0000000000..c638888a9d --- /dev/null +++ b/k8s-cd/deploy/observability/opentelemetry/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: opentelemetry +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/k8s-cd/deploy/observability/opentelemetry/templates/_helpers.tpl b/k8s-cd/deploy/observability/opentelemetry/templates/_helpers.tpl new file mode 100644 index 0000000000..922f402dba --- /dev/null +++ b/k8s-cd/deploy/observability/opentelemetry/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "opentelemetry.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "opentelemetry.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "opentelemetry.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "opentelemetry.labels" -}} +helm.sh/chart: {{ include "opentelemetry.chart" . }} +{{ include "opentelemetry.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "opentelemetry.selectorLabels" -}} +app.kubernetes.io/name: {{ include "opentelemetry.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "opentelemetry.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "opentelemetry.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/deploy/observability/opentelemetry/templates/opentelemetry-collector.yaml b/k8s-cd/deploy/observability/opentelemetry/templates/opentelemetry-collector.yaml new file mode 100644 index 0000000000..2f5ae3c23e --- /dev/null +++ b/k8s-cd/deploy/observability/opentelemetry/templates/opentelemetry-collector.yaml @@ -0,0 +1,14 @@ +apiVersion: opentelemetry.io/v1alpha1 +kind: OpenTelemetryCollector +metadata: + name: opentelemetry +spec: + mode: deployment + image: ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-contrib:0.90.0 + ports: + - name: loki + port: 3500 + protocol: TCP + targetPort: 3500 + config: | + {{ toYaml .Values.opentelemetryCollectorConfig | nindent 4 }} \ No newline at end of file diff --git a/k8s-cd/deploy/observability/opentelemetry/values.yaml b/k8s-cd/deploy/observability/opentelemetry/values.yaml new file mode 100644 index 0000000000..94e611df88 --- /dev/null +++ b/k8s-cd/deploy/observability/opentelemetry/values.yaml @@ -0,0 +1,41 @@ +opentelemetryCollectorConfig: + receivers: + otlp: + protocols: + grpc: + endpoint: 0.0.0.0:4317 + http: + endpoint: 0.0.0.0:4318 + loki: + protocols: + http: + endpoint: 0.0.0.0:3500 + use_incoming_timestamp: true + processors: + batch: + attributes: + actions: + - action: insert + key: loki.attribute.labels + value: namespace,container,pod,level,traceId + - action: insert + key: loki.format + value: raw + + exporters: + logging: + verbosity: detailed + loki: + endpoint: http://loki-gateway/loki/api/v1/push + otlphttp: + endpoint: http://tempo:4318 + service: + pipelines: + logs: + receivers: [loki] + processors: [attributes] + exporters: [loki] + traces: + receivers: [otlp] + processors: [batch] + exporters: [otlphttp] \ No newline at end of file diff --git a/k8s-cd/deploy/observability/prometheus.values.yaml b/k8s-cd/deploy/observability/prometheus.values.yaml new file mode 100644 index 0000000000..4af17f1915 --- /dev/null +++ b/k8s-cd/deploy/observability/prometheus.values.yaml @@ -0,0 +1,13 @@ +hostname: &hostname grafana.yas.local.com +prometheus: + prometheusSpec: + enableRemoteWriteReceiver: true +grafana: + assertNoLeakedSecrets: false + adminUser: admin + adminPassword: admin + ingress: + ingressClassName: nginx + enabled: true + hosts: + - *hostname diff --git a/k8s-cd/deploy/observability/promtail.values.yaml b/k8s-cd/deploy/observability/promtail.values.yaml new file mode 100644 index 0000000000..7fdd970473 --- /dev/null +++ b/k8s-cd/deploy/observability/promtail.values.yaml @@ -0,0 +1,6 @@ +config: + clients: + - url: http://opentelemetry-collector:3500/loki/api/v1/push + snippets: + pipelineStages: + - docker: {} \ No newline at end of file diff --git a/k8s-cd/deploy/observability/tempo.values.yaml b/k8s-cd/deploy/observability/tempo.values.yaml new file mode 100644 index 0000000000..b504d56695 --- /dev/null +++ b/k8s-cd/deploy/observability/tempo.values.yaml @@ -0,0 +1,4 @@ +tempo: + metricsGenerator: + enabled: true + remoteWriteUrl: "http://prometheus-kube-prometheus-prometheus:9090/api/v1/write" \ No newline at end of file diff --git a/k8s-cd/deploy/postgres/pgadmin/.helmignore b/k8s-cd/deploy/postgres/pgadmin/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/deploy/postgres/pgadmin/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/deploy/postgres/pgadmin/Chart.yaml b/k8s-cd/deploy/postgres/pgadmin/Chart.yaml new file mode 100644 index 0000000000..4fd722d06c --- /dev/null +++ b/k8s-cd/deploy/postgres/pgadmin/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: pgadmin +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/k8s-cd/deploy/postgres/pgadmin/templates/NOTES.txt b/k8s-cd/deploy/postgres/pgadmin/templates/NOTES.txt new file mode 100644 index 0000000000..5251266ac0 --- /dev/null +++ b/k8s-cd/deploy/postgres/pgadmin/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "pgadmin.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "pgadmin.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "pgadmin.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "pgadmin.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/k8s-cd/deploy/postgres/pgadmin/templates/_helpers.tpl b/k8s-cd/deploy/postgres/pgadmin/templates/_helpers.tpl new file mode 100644 index 0000000000..d51d7c2ce9 --- /dev/null +++ b/k8s-cd/deploy/postgres/pgadmin/templates/_helpers.tpl @@ -0,0 +1,66 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "pgadmin.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "pgadmin.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "pgadmin.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "pgadmin.labels" -}} +helm.sh/chart: {{ include "pgadmin.chart" . }} +{{ include "pgadmin.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "pgadmin.selectorLabels" -}} +app.kubernetes.io/name: {{ include "pgadmin.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "pgadmin.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "pgadmin.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{- define "pgadmin.passwordSecret" -}} +{{ include "pgadmin.fullname" . }}-password +{{- end }} \ No newline at end of file diff --git a/k8s-cd/deploy/postgres/pgadmin/templates/deployment.yaml b/k8s-cd/deploy/postgres/pgadmin/templates/deployment.yaml new file mode 100644 index 0000000000..0520f077c4 --- /dev/null +++ b/k8s-cd/deploy/postgres/pgadmin/templates/deployment.yaml @@ -0,0 +1,81 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "pgadmin.fullname" . }} + labels: + {{- include "pgadmin.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "pgadmin.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "pgadmin.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "pgadmin.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + - name: PGADMIN_DEFAULT_EMAIL + value: {{ .Values.pgadmin.user }} + - name: PGADMIN_DEFAULT_PASSWORD + valueFrom: + secretKeyRef: + key: pgadmin-password + name: {{ include "pgadmin.passwordSecret" . }} + + ports: + - name: http + containerPort: 80 + protocol: TCP + volumeMounts: + - name: pgadmin-data + mountPath: /var/lib/pgadmin + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumes: + - name: pgadmin-data + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Values.persistence.existingClaim | default (include "pgadmin.fullname" .) }} + {{- else }} + emptyDir: { } + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/k8s-cd/deploy/postgres/pgadmin/templates/hpa.yaml b/k8s-cd/deploy/postgres/pgadmin/templates/hpa.yaml new file mode 100644 index 0000000000..91d3d01356 --- /dev/null +++ b/k8s-cd/deploy/postgres/pgadmin/templates/hpa.yaml @@ -0,0 +1,28 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "pgadmin.fullname" . }} + labels: + {{- include "pgadmin.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "pgadmin.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/k8s-cd/deploy/postgres/pgadmin/templates/ingress.yaml b/k8s-cd/deploy/postgres/pgadmin/templates/ingress.yaml new file mode 100644 index 0000000000..2b26bb13cd --- /dev/null +++ b/k8s-cd/deploy/postgres/pgadmin/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "pgadmin.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "pgadmin.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/k8s-cd/deploy/postgres/pgadmin/templates/pvc.yaml b/k8s-cd/deploy/postgres/pgadmin/templates/pvc.yaml new file mode 100644 index 0000000000..394c189b22 --- /dev/null +++ b/k8s-cd/deploy/postgres/pgadmin/templates/pvc.yaml @@ -0,0 +1,15 @@ +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ template "pgadmin.fullname" . }} +spec: + {{- if .Values.persistence.storageClass }} + storageClassName: {{ .Values.persistence.storageClass }} + {{- end }} + accessModes: + - {{ .Values.persistence.accessMode | quote }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} +{{- end }} \ No newline at end of file diff --git a/k8s-cd/deploy/postgres/pgadmin/templates/secret.yaml b/k8s-cd/deploy/postgres/pgadmin/templates/secret.yaml new file mode 100644 index 0000000000..e51c9e20c5 --- /dev/null +++ b/k8s-cd/deploy/postgres/pgadmin/templates/secret.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "pgadmin.passwordSecret" . }} +type: Opaque +data: + pgadmin-password: {{ default "admin" .Values.pgadmin.password | b64enc | quote }} \ No newline at end of file diff --git a/k8s-cd/deploy/postgres/pgadmin/templates/service.yaml b/k8s-cd/deploy/postgres/pgadmin/templates/service.yaml new file mode 100644 index 0000000000..a502ed9ea1 --- /dev/null +++ b/k8s-cd/deploy/postgres/pgadmin/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "pgadmin.fullname" . }} + labels: + {{- include "pgadmin.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "pgadmin.selectorLabels" . | nindent 4 }} diff --git a/k8s-cd/deploy/postgres/pgadmin/templates/serviceaccount.yaml b/k8s-cd/deploy/postgres/pgadmin/templates/serviceaccount.yaml new file mode 100644 index 0000000000..7def8fac49 --- /dev/null +++ b/k8s-cd/deploy/postgres/pgadmin/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "pgadmin.serviceAccountName" . }} + labels: + {{- include "pgadmin.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/k8s-cd/deploy/postgres/pgadmin/templates/tests/test-connection.yaml b/k8s-cd/deploy/postgres/pgadmin/templates/tests/test-connection.yaml new file mode 100644 index 0000000000..bde42f2a4b --- /dev/null +++ b/k8s-cd/deploy/postgres/pgadmin/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "pgadmin.fullname" . }}-test-connection" + labels: + {{- include "pgadmin.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "pgadmin.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/k8s-cd/deploy/postgres/pgadmin/values.yaml b/k8s-cd/deploy/postgres/pgadmin/values.yaml new file mode 100644 index 0000000000..cda1a3cc31 --- /dev/null +++ b/k8s-cd/deploy/postgres/pgadmin/values.yaml @@ -0,0 +1,80 @@ +# Default values for pgadmin. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 +image: + repository: dpage/pgadmin4 + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "7.3" +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" +podAnnotations: {} +podSecurityContext: {} +# fsGroup: 2000 + +securityContext: {} +# capabilities: +# drop: +# - ALL +# readOnlyRootFilesystem: true +# runAsNonRoot: true +# runAsUser: 1000 + +pgadmin: + user: admin@yas.com + password: admin +persistence: + enabled: true + accessMode: ReadWriteOnce + size: 2Gi +service: + type: ClusterIP + port: 80 +hostname: &hostname pgadmin-dev-13.yas.local.com +ingress: + enabled: true + className: "nginx" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: *hostname + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local +resources: {} +# We usually recommend not to specify default resources and to leave this as a conscious +# choice for the user. This also increases chances charts run on environments with little +# resources, such as Minikube. If you do want to specify resources, uncomment the following +# lines, adjust them as necessary, and remove the curly braces after 'resources:'. +# limits: +# cpu: 100m +# memory: 128Mi +# requests: +# cpu: 100m +# memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 +nodeSelector: {} +tolerations: [] +affinity: {} diff --git a/k8s-cd/deploy/postgres/postgres-operator-ui.values.yaml b/k8s-cd/deploy/postgres/postgres-operator-ui.values.yaml new file mode 100644 index 0000000000..610bf628d0 --- /dev/null +++ b/k8s-cd/deploy/postgres/postgres-operator-ui.values.yaml @@ -0,0 +1,10 @@ +hostname: &hostname pgoperator.yas.local.com +ingress: + enabled: true + annotations: + ingressClassName: "nginx" + hosts: + - host: *hostname + paths: + - "/" + tls: [] diff --git a/k8s-cd/deploy/postgres/postgresql/Chart.yaml b/k8s-cd/deploy/postgres/postgresql/Chart.yaml new file mode 100644 index 0000000000..cfbe94ce67 --- /dev/null +++ b/k8s-cd/deploy/postgres/postgresql/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: postgres +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/k8s-cd/deploy/postgres/postgresql/templates/credentials.secret.yaml b/k8s-cd/deploy/postgres/postgresql/templates/credentials.secret.yaml new file mode 100644 index 0000000000..944be7db1e --- /dev/null +++ b/k8s-cd/deploy/postgres/postgresql/templates/credentials.secret.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Values.username }}.postgresql.credentials.postgresql.acid.zalan.do + labels: + application: spilo + cluster-name: postgresql + team: acid +type: Opaque +data: + password: {{ .Values.password | b64enc }} + username: {{ .Values.username | b64enc }} \ No newline at end of file diff --git a/k8s-cd/deploy/postgres/postgresql/templates/postgresql.yaml b/k8s-cd/deploy/postgres/postgresql/templates/postgresql.yaml new file mode 100644 index 0000000000..33208a255e --- /dev/null +++ b/k8s-cd/deploy/postgres/postgresql/templates/postgresql.yaml @@ -0,0 +1,98 @@ +kind: "postgresql" +apiVersion: "acid.zalan.do/v1" + +metadata: + name: "postgresql" + labels: + team: acid + +spec: + streams: + - applicationId: product_db_stream_appid + database: product + tables: {} + teamId: "acid" + postgresql: + version: {{ .Values.postgresqlVersion | quote }} + parameters: + max_connections: {{ .Values.maxConnections | quote }} + wal_level: logical + max_replication_slots: "20" + max_wal_senders: "20" + numberOfInstances: {{ .Values.replicas }} + volume: + size: {{ .Values.volumeSize }} + users: + {{ .Values.username }}: + - superuser + - inherit + - login + - createrole + - createdb + - replication + databases: + cart: {{ .Values.username }} + customer: {{ .Values.username }} + inventory: {{ .Values.username }} + keycloak: {{ .Values.username }} + location: {{ .Values.username }} + media: {{ .Values.username }} + order: {{ .Values.username }} + payment: {{ .Values.username }} + product: {{ .Values.username }} + promotion: {{ .Values.username }} + rating: {{ .Values.username }} + tax: {{ .Values.username }} + recommendation: {{ .Values.username }} + webhook: {{ .Values.username }} + grafana: {{ .Values.username }} + patroni: + slots: + eventuate_slot_cart: + type: logical + database: cart + plugin: wal2json + eventuate_slot_customer: + type: logical + database: customer + plugin: wal2json + eventuate_slot_inventory: + type: logical + database: inventory + plugin: wal2json + eventuate_slot_location: + type: logical + database: location + plugin: wal2json + eventuate_slot_media: + type: logical + database: media + plugin: wal2json + eventuate_slot_order: + type: logical + database: order + plugin: wal2json + eventuate_slot_payment: + type: logical + database: payment + plugin: wal2json + eventuate_slot_product: + type: logical + database: product + plugin: wal2json + eventuate_slot_promotion: + type: logical + database: promotion + plugin: wal2json + eventuate_slot_rating: + type: logical + database: rating + plugin: wal2json + eventuate_slot_tax: + type: logical + database: tax + plugin: wal2json + allowedSourceRanges: + # IP ranges to access your cluster go here + resources: + {{ toYaml .Values.resources | nindent 4 }} \ No newline at end of file diff --git a/k8s-cd/deploy/postgres/postgresql/values.yaml b/k8s-cd/deploy/postgres/postgresql/values.yaml new file mode 100644 index 0000000000..5601594e65 --- /dev/null +++ b/k8s-cd/deploy/postgres/postgresql/values.yaml @@ -0,0 +1,13 @@ +username: yasadminuser +password: admin +replicas: 1 +postgresqlVersion: "15" +volumeSize: "10Gi" +maxConnections: "500" +resources: + requests: + cpu: 100m + memory: 100Mi + limits: + cpu: 500m + memory: 500Mi \ No newline at end of file diff --git a/k8s-cd/deploy/zookeeper/.helmignore b/k8s-cd/deploy/zookeeper/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-cd/deploy/zookeeper/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-cd/deploy/zookeeper/Chart.yaml b/k8s-cd/deploy/zookeeper/Chart.yaml new file mode 100644 index 0000000000..fa5cc184f6 --- /dev/null +++ b/k8s-cd/deploy/zookeeper/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: zookeeper +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "3.8.2" diff --git a/k8s-cd/deploy/zookeeper/templates/NOTES.txt b/k8s-cd/deploy/zookeeper/templates/NOTES.txt new file mode 100644 index 0000000000..c86c53e0b8 --- /dev/null +++ b/k8s-cd/deploy/zookeeper/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "zookeeper.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "zookeeper.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "zookeeper.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "zookeeper.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/k8s-cd/deploy/zookeeper/templates/_helpers.tpl b/k8s-cd/deploy/zookeeper/templates/_helpers.tpl new file mode 100644 index 0000000000..64d8ce47e9 --- /dev/null +++ b/k8s-cd/deploy/zookeeper/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "zookeeper.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "zookeeper.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "zookeeper.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "zookeeper.labels" -}} +helm.sh/chart: {{ include "zookeeper.chart" . }} +{{ include "zookeeper.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "zookeeper.selectorLabels" -}} +app.kubernetes.io/name: {{ include "zookeeper.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "zookeeper.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "zookeeper.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-cd/deploy/zookeeper/templates/deployment.yaml b/k8s-cd/deploy/zookeeper/templates/deployment.yaml new file mode 100644 index 0000000000..fa546a5cc9 --- /dev/null +++ b/k8s-cd/deploy/zookeeper/templates/deployment.yaml @@ -0,0 +1,82 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ include "zookeeper.fullname" . }} + labels: + {{- include "zookeeper.labels" . | nindent 4 }} +spec: + serviceName: {{ include "zookeeper.fullname" . }} + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "zookeeper.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "zookeeper.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "zookeeper.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + volumeMounts: + - name: {{ include "zookeeper.fullname" . }}-persistent-storage + mountPath: /usr/local/zookeeper-data + env: + - name: ZOOKEEPER_CLIENT_PORT + value: "2181" + - name: KAFKA_HEAP_OPTS + value: -Xmx64m + ports: + - name: zkport + containerPort: 2181 + protocol: TCP + livenessProbe: + exec: + command: + - bash + - -c + - "(echo ruok | nc localhost 2181) || exit 1" + readinessProbe: + exec: + command: + - bash + - -c + - "(echo ruok | nc localhost 2181) || exit 1" + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumeClaimTemplates: + - metadata: + name: {{ include "zookeeper.fullname" . }}-persistent-storage + spec: + accessModes: [ "ReadWriteOnce" ] + resources: + requests: + storage: 1Gi \ No newline at end of file diff --git a/k8s-cd/deploy/zookeeper/templates/hpa.yaml b/k8s-cd/deploy/zookeeper/templates/hpa.yaml new file mode 100644 index 0000000000..df40aae3bb --- /dev/null +++ b/k8s-cd/deploy/zookeeper/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "zookeeper.fullname" . }} + labels: + {{- include "zookeeper.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "zookeeper.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/k8s-cd/deploy/zookeeper/templates/ingress.yaml b/k8s-cd/deploy/zookeeper/templates/ingress.yaml new file mode 100644 index 0000000000..751e1fb0ed --- /dev/null +++ b/k8s-cd/deploy/zookeeper/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "zookeeper.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "zookeeper.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/k8s-cd/deploy/zookeeper/templates/service.yaml b/k8s-cd/deploy/zookeeper/templates/service.yaml new file mode 100644 index 0000000000..6fc4f81f1e --- /dev/null +++ b/k8s-cd/deploy/zookeeper/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "zookeeper.fullname" . }} + labels: + {{- include "zookeeper.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: zkport + protocol: TCP + name: zkport + selector: + {{- include "zookeeper.selectorLabels" . | nindent 4 }} diff --git a/k8s-cd/deploy/zookeeper/templates/serviceaccount.yaml b/k8s-cd/deploy/zookeeper/templates/serviceaccount.yaml new file mode 100644 index 0000000000..aee12d9bcb --- /dev/null +++ b/k8s-cd/deploy/zookeeper/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "zookeeper.serviceAccountName" . }} + labels: + {{- include "zookeeper.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/k8s-cd/deploy/zookeeper/templates/tests/test-connection.yaml b/k8s-cd/deploy/zookeeper/templates/tests/test-connection.yaml new file mode 100644 index 0000000000..6bfda6d840 --- /dev/null +++ b/k8s-cd/deploy/zookeeper/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "zookeeper.fullname" . }}-test-connection" + labels: + {{- include "zookeeper.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "zookeeper.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/k8s-cd/deploy/zookeeper/values.yaml b/k8s-cd/deploy/zookeeper/values.yaml new file mode 100644 index 0000000000..bdd6aacb84 --- /dev/null +++ b/k8s-cd/deploy/zookeeper/values.yaml @@ -0,0 +1,82 @@ +# Default values for zookeeper. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: zookeeper + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 2181 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/k8s-save/charts/.gitignore b/k8s-save/charts/.gitignore new file mode 100644 index 0000000000..7d08b3879d --- /dev/null +++ b/k8s-save/charts/.gitignore @@ -0,0 +1,2 @@ +**/Chart.lock +**/charts/*.tgz \ No newline at end of file diff --git a/k8s-save/charts/Chart.template.yaml b/k8s-save/charts/Chart.template.yaml new file mode 100644 index 0000000000..b4f407d7eb --- /dev/null +++ b/k8s-save/charts/Chart.template.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: {{service}} +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend \ No newline at end of file diff --git a/k8s-save/charts/backend/.helmignore b/k8s-save/charts/backend/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/backend/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/backend/Chart.yaml b/k8s-save/charts/backend/Chart.yaml new file mode 100644 index 0000000000..26ba14033a --- /dev/null +++ b/k8s-save/charts/backend/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: backend +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" diff --git a/k8s-save/charts/backend/README.md b/k8s-save/charts/backend/README.md new file mode 100644 index 0000000000..815466b2bb --- /dev/null +++ b/k8s-save/charts/backend/README.md @@ -0,0 +1 @@ +The base chart for backend application \ No newline at end of file diff --git a/k8s-save/charts/backend/templates/NOTES.txt b/k8s-save/charts/backend/templates/NOTES.txt new file mode 100644 index 0000000000..2d6453175e --- /dev/null +++ b/k8s-save/charts/backend/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "backend.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "backend.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "backend.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "backend.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/k8s-save/charts/backend/templates/_helpers.tpl b/k8s-save/charts/backend/templates/_helpers.tpl new file mode 100644 index 0000000000..471310f063 --- /dev/null +++ b/k8s-save/charts/backend/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "backend.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "backend.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "backend.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "backend.labels" -}} +helm.sh/chart: {{ include "backend.chart" . }} +{{ include "backend.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "backend.selectorLabels" -}} +app.kubernetes.io/name: {{ include "backend.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "backend.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "backend.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/backend/templates/deployment.yaml b/k8s-save/charts/backend/templates/deployment.yaml new file mode 100644 index 0000000000..7f31d5f713 --- /dev/null +++ b/k8s-save/charts/backend/templates/deployment.yaml @@ -0,0 +1,101 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "backend.fullname" . }} + labels: + {{- include "backend.labels" . | nindent 4 }} + annotations: + {{- toYaml .Values.deployment.annotations | nindent 4 }} + {{- if .Values.deployment.extraAnnotations }} + {{- toYaml .Values.deployment.extraAnnotations | nindent 4 }} + {{- end }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "backend.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "backend.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "backend.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + volumes: + - name: yas-configuration + configMap: + name: yas-configuration-configmap + {{- with .Values.extraVolumes}} + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: {{ include "backend.fullname" . }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + envFrom: + - secretRef: + name: yas-postgresql-credentials-secret + {{- with .Values.extraEnvFroms }} + {{- toYaml . | nindent 12 }} + {{- end }} + env: + - name: LOGGING_CONFIG + value: {{ .Values.logbackXmlPath }} + - name: SPRING_DATASOURCE_URL + value: {{ .Values.databaseConnectionUrl }}/{{ .Values.databaseName }} + {{- if .Values.extraApplicationConfigPaths }} + - name: SPRING_CONFIG_ADDITIONAL_LOCATION + value: /opt/yas/config/application.yaml,{{ join "," .Values.extraApplicationConfigPaths }} + {{- else }} + - name: SPRING_CONFIG_ADDITIONAL_LOCATION + value: /opt/yas/config/application.yaml + {{- end }} + {{- with .Values.extraEnvs }} + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /opt/yas/config + name: yas-configuration + {{- with .Values.extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.httpPort }} + protocol: TCP + - name: metric + containerPort: {{ .Values.metricPort }} + lifecycle: + {{ toYaml .Values.lifecycle | nindent 12 }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} \ No newline at end of file diff --git a/k8s-save/charts/backend/templates/extra-manifests.yaml b/k8s-save/charts/backend/templates/extra-manifests.yaml new file mode 100644 index 0000000000..d6abe5fbf9 --- /dev/null +++ b/k8s-save/charts/backend/templates/extra-manifests.yaml @@ -0,0 +1,8 @@ +{{ range .Values.extraObjects }} +--- +{{- if typeIs "string" . }} +{{- tpl . $ }} +{{- else }} +{{- tpl (toYaml .) $ }} +{{- end }} +{{ end }} \ No newline at end of file diff --git a/k8s-save/charts/backend/templates/hpa.yaml b/k8s-save/charts/backend/templates/hpa.yaml new file mode 100644 index 0000000000..c32d92b42d --- /dev/null +++ b/k8s-save/charts/backend/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "backend.fullname" . }} + labels: + {{- include "backend.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "backend.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/k8s-save/charts/backend/templates/ingress.yaml b/k8s-save/charts/backend/templates/ingress.yaml new file mode 100644 index 0000000000..ab69718c15 --- /dev/null +++ b/k8s-save/charts/backend/templates/ingress.yaml @@ -0,0 +1,50 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "backend.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "backend.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- with .Values.ingress.tls }} + - hosts: + - {{ .host | quote }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- with .Values.ingress }} + - host: {{ .host}} + http: + paths: + - path: {{ .path }} + pathType: {{ .pathType }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- end }} +{{- end }} diff --git a/k8s-save/charts/backend/templates/service.yaml b/k8s-save/charts/backend/templates/service.yaml new file mode 100644 index 0000000000..26c0388d25 --- /dev/null +++ b/k8s-save/charts/backend/templates/service.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "backend.fullname" . }} + labels: + {{- include "backend.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + - port: {{ .Values.metricPort }} + targetPort: metric + protocol: TCP + name: metric + selector: + {{- include "backend.selectorLabels" . | nindent 4 }} diff --git a/k8s-save/charts/backend/templates/serviceaccount.yaml b/k8s-save/charts/backend/templates/serviceaccount.yaml new file mode 100644 index 0000000000..a43e942508 --- /dev/null +++ b/k8s-save/charts/backend/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "backend.serviceAccountName" . }} + labels: + {{- include "backend.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/k8s-save/charts/backend/templates/servicemonitoring.yaml b/k8s-save/charts/backend/templates/servicemonitoring.yaml new file mode 100644 index 0000000000..4e5382ee7d --- /dev/null +++ b/k8s-save/charts/backend/templates/servicemonitoring.yaml @@ -0,0 +1,15 @@ +{{- if .Values.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "backend.fullname" . }} + labels: + release: prometheus +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "backend.fullname" . }} + endpoints: + - port: 'metric' + path: '/actuator/prometheus' + {{- end }} \ No newline at end of file diff --git a/k8s-save/charts/backend/values.yaml b/k8s-save/charts/backend/values.yaml new file mode 100644 index 0000000000..c3c84be90b --- /dev/null +++ b/k8s-save/charts/backend/values.yaml @@ -0,0 +1,148 @@ +# Default values for backend. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: "" + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 +logbackXmlPath: /opt/yas/config/logback.xml +httpPort: 80 +metricPort: 8090 +databaseConnectionUrl: jdbc:postgresql://postgresql.__NS_PREFIX__-postgres.svc.cluster.local:5432 +databaseName: postgres + +deployment: + annotations: + reloader.stakater.com/search: "true" + extraAnnotations: [] + +extraEnvs: [] +# - name: EXTRA_VARIABLE_NAME +# value: extra variable data + +extraEnvFroms: [] +# - secretRef: +# name: secret-name-extra + +extraObjects: [] +# - apiVersion: v1 +# kind: ConfigMap +# metadata: +# name: example-extra-configmap +# data: +# example-key: example-data +# - apiVersion: v1 +# kind: Secret +# metadata: +# name: example-extra-secret +# type: Opaque +# data: +# example-key: base64 encoded data + +extraVolumes: [] +# - name: volume-extra-example +# configMap: +# name: example-extra-configmap + +extraVolumeMounts: [] +# - mountPath: /example-path +# name: volume-extra-example + +extraApplicationConfigPaths: [] +# - /opt/config/application-example.yaml + +lifecycle: + preStop: + exec: + command: ["sh", "-c", "sleep 10"] + +terminationGracePeriodSeconds: 45 + +livenessProbe: + periodSeconds: 10 + failureThreshold: 12 + successThreshold: 1 + httpGet: + path: /actuator/health/liveness + port: metric + +readinessProbe: + periodSeconds: 10 + failureThreshold: 12 + successThreshold: 1 + httpGet: + path: /actuator/health/readiness + port: metric + +serviceMonitor: + enabled: true + +service: + type: ClusterIP + port: 80 + +ingress: + enabled: false + className: "nginx" + annotations: {} + host: chart-example.local + path: / + pathType: ImplementationSpecific + tls: {} +# secretName: chart-example-tls +# host: chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/k8s-save/charts/backoffice-bff/.helmignore b/k8s-save/charts/backoffice-bff/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/backoffice-bff/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/backoffice-bff/Chart.yaml b/k8s-save/charts/backoffice-bff/Chart.yaml new file mode 100644 index 0000000000..e367b58903 --- /dev/null +++ b/k8s-save/charts/backoffice-bff/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: backoffice-bff +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-save/charts/backoffice-bff/templates/_helpers.tpl b/k8s-save/charts/backoffice-bff/templates/_helpers.tpl new file mode 100644 index 0000000000..490dccb417 --- /dev/null +++ b/k8s-save/charts/backoffice-bff/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "backoffice-bff.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "backoffice-bff.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "backoffice-bff.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "backoffice-bff.labels" -}} +helm.sh/chart: {{ include "backoffice-bff.chart" . }} +{{ include "backoffice-bff.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "backoffice-bff.selectorLabels" -}} +app.kubernetes.io/name: {{ include "backoffice-bff.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "backoffice-bff.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "backoffice-bff.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/backoffice-bff/values.yaml b/k8s-save/charts/backoffice-bff/values.yaml new file mode 100644 index 0000000000..534317dd3c --- /dev/null +++ b/k8s-save/charts/backoffice-bff/values.yaml @@ -0,0 +1,39 @@ +backend: + image: + repository: hownamee/yas-backoffice-bff + tag: latest + + nameOverride: backoffice-bff + fullnameOverride: backoffice-bff + deployment: + annotations: + configmap.reloader.stakater.com/reload: "yas-gateway-routes-config-configmap,backoffice-bff-extra-configmap" + ingress: + enabled: true + host: backoffice.yas.local.com + path: / + extraEnvs: + - name: SPRING_PROFILES_ACTIVE + value: prod + - name: UI_HOST + value: http://backoffice-ui:3000 + extraEnvFroms: + - secretRef: + name: yas-keycloak-credentials-secret + - secretRef: + name: yas-redis-credentials-secret + extraVolumes: + - name: yas-gateway-routes-config + configMap: + name: yas-gateway-routes-config-configmap + - name: backoffice-bff-extra-config + configMap: + name: backoffice-bff-extra-configmap + extraVolumeMounts: + - name: yas-gateway-routes-config + mountPath: /opt/yas/gateway-routes-config + - name: backoffice-bff-extra-config + mountPath: /opt/yas/extra-config + extraApplicationConfigPaths: + - /opt/yas/gateway-routes-config/gateway-routes-config.yaml + - /opt/yas/extra-config/backoffice-bff-extra-config.yaml \ No newline at end of file diff --git a/k8s-save/charts/backoffice-ui/.helmignore b/k8s-save/charts/backoffice-ui/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/backoffice-ui/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/backoffice-ui/Chart.yaml b/k8s-save/charts/backoffice-ui/Chart.yaml new file mode 100644 index 0000000000..3c8c678dee --- /dev/null +++ b/k8s-save/charts/backoffice-ui/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: backoffice-ui +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: ui + version: 0.1.0 + repository: file://../ui diff --git a/k8s-save/charts/backoffice-ui/templates/_helpers.tpl b/k8s-save/charts/backoffice-ui/templates/_helpers.tpl new file mode 100644 index 0000000000..6e9380608c --- /dev/null +++ b/k8s-save/charts/backoffice-ui/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "backoffice-ui.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "backoffice-ui.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "backoffice-ui.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "backoffice-ui.labels" -}} +helm.sh/chart: {{ include "backoffice-ui.chart" . }} +{{ include "backoffice-ui.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "backoffice-ui.selectorLabels" -}} +app.kubernetes.io/name: {{ include "backoffice-ui.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "backoffice-ui.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "backoffice-ui.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/backoffice-ui/values.yaml b/k8s-save/charts/backoffice-ui/values.yaml new file mode 100644 index 0000000000..af82de9fd9 --- /dev/null +++ b/k8s-save/charts/backoffice-ui/values.yaml @@ -0,0 +1,8 @@ +ui: + image: + repository: hownamee/yas-backoffice + tag: latest + nameOverride: backoffice-ui + fullnameOverride: backoffice-ui + ingress: + enabled: false \ No newline at end of file diff --git a/k8s-save/charts/cart/.helmignore b/k8s-save/charts/cart/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/cart/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/cart/Chart.yaml b/k8s-save/charts/cart/Chart.yaml new file mode 100644 index 0000000000..1acc5c4771 --- /dev/null +++ b/k8s-save/charts/cart/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: cart +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.2.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-save/charts/cart/templates/_helpers.tpl b/k8s-save/charts/cart/templates/_helpers.tpl new file mode 100644 index 0000000000..459ede7896 --- /dev/null +++ b/k8s-save/charts/cart/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "cart.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "cart.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "cart.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "cart.labels" -}} +helm.sh/chart: {{ include "cart.chart" . }} +{{ include "cart.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "cart.selectorLabels" -}} +app.kubernetes.io/name: {{ include "cart.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "cart.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "cart.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/cart/values.yaml b/k8s-save/charts/cart/values.yaml new file mode 100644 index 0000000000..6195cc2a73 --- /dev/null +++ b/k8s-save/charts/cart/values.yaml @@ -0,0 +1,19 @@ +backend: + image: + repository: hownamee/yas-cart + tag: latest + + nameOverride: cart + fullnameOverride: cart + databaseName: cart + ingress: + enabled: false + extraVolumes: + - name: cart-application-config + configMap: + name: cart-application-configmap + extraVolumeMounts: + - name: cart-application-config + mountPath: /opt/yas/cart + extraApplicationConfigPaths: + - /opt/yas/cart/cart-application.yaml diff --git a/k8s-save/charts/create-charts.sh b/k8s-save/charts/create-charts.sh new file mode 100644 index 0000000000..bbc17076e9 --- /dev/null +++ b/k8s-save/charts/create-charts.sh @@ -0,0 +1,17 @@ +#!/bin/bash +for chart in {"cart","inventory","location","order","payment","payment-paypal","product","promotion","rating","search","tax"} ; do + helm create "$chart" + + # Remove all file except _helpers.tpl + find ./"$chart"/templates/* ! -name '_helpers.tpl' -exec rm -rf {} + + + # Overwrite values.yaml file + values_template=$(cat values.template.yaml) + values_file=${values_template//\{\{service\}\}/$chart} + echo "$values_file" > ./"$chart"/values.yaml + + # Overwrite Chart.yaml file + chart_template=$(cat Chart.template.yaml) + chart_file=${chart_template//\{\{service\}\}/$chart} + echo "$chart_file" > ./"$chart"/Chart.yaml +done \ No newline at end of file diff --git a/k8s-save/charts/customer/.helmignore b/k8s-save/charts/customer/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/customer/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/customer/Chart.yaml b/k8s-save/charts/customer/Chart.yaml new file mode 100644 index 0000000000..342b841cad --- /dev/null +++ b/k8s-save/charts/customer/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: customer +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-save/charts/customer/templates/_helpers.tpl b/k8s-save/charts/customer/templates/_helpers.tpl new file mode 100644 index 0000000000..830396619e --- /dev/null +++ b/k8s-save/charts/customer/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "customer.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "customer.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "customer.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "customer.labels" -}} +helm.sh/chart: {{ include "customer.chart" . }} +{{ include "customer.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "customer.selectorLabels" -}} +app.kubernetes.io/name: {{ include "customer.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "customer.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "customer.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/customer/values.yaml b/k8s-save/charts/customer/values.yaml new file mode 100644 index 0000000000..8c8531e1ac --- /dev/null +++ b/k8s-save/charts/customer/values.yaml @@ -0,0 +1,22 @@ +backend: + image: + repository: hownamee/yas-customer + tag: latest + + nameOverride: customer + fullnameOverride: customer + databaseName: customer + ingress: + enabled: false + extraEnvFroms: + - secretRef: + name: yas-keycloak-credentials-secret + extraVolumes: + - name: customer-application + configMap: + name: customer-application-configmap + extraVolumeMounts: + - name: customer-application + mountPath: /opt/yas/customer + extraApplicationConfigPaths: + - /opt/yas/customer/customer-application.yaml diff --git a/k8s-save/charts/inventory/.helmignore b/k8s-save/charts/inventory/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/inventory/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/inventory/Chart.yaml b/k8s-save/charts/inventory/Chart.yaml new file mode 100644 index 0000000000..dec813d07b --- /dev/null +++ b/k8s-save/charts/inventory/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: inventory +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-save/charts/inventory/templates/_helpers.tpl b/k8s-save/charts/inventory/templates/_helpers.tpl new file mode 100644 index 0000000000..1dfca15198 --- /dev/null +++ b/k8s-save/charts/inventory/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "inventory.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "inventory.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "inventory.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "inventory.labels" -}} +helm.sh/chart: {{ include "inventory.chart" . }} +{{ include "inventory.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "inventory.selectorLabels" -}} +app.kubernetes.io/name: {{ include "inventory.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "inventory.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "inventory.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/inventory/values.yaml b/k8s-save/charts/inventory/values.yaml new file mode 100644 index 0000000000..60d7f7f806 --- /dev/null +++ b/k8s-save/charts/inventory/values.yaml @@ -0,0 +1,10 @@ +backend: + image: + repository: hownamee/yas-inventory + tag: latest + + nameOverride: inventory + fullnameOverride: inventory + databaseName: inventory + ingress: + enabled: false diff --git a/k8s-save/charts/location/.helmignore b/k8s-save/charts/location/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/location/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/location/Chart.yaml b/k8s-save/charts/location/Chart.yaml new file mode 100644 index 0000000000..2ad4c315f2 --- /dev/null +++ b/k8s-save/charts/location/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: location +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-save/charts/location/templates/_helpers.tpl b/k8s-save/charts/location/templates/_helpers.tpl new file mode 100644 index 0000000000..cbc879113c --- /dev/null +++ b/k8s-save/charts/location/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "location.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "location.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "location.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "location.labels" -}} +helm.sh/chart: {{ include "location.chart" . }} +{{ include "location.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "location.selectorLabels" -}} +app.kubernetes.io/name: {{ include "location.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "location.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "location.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/location/values.yaml b/k8s-save/charts/location/values.yaml new file mode 100644 index 0000000000..c1e13df106 --- /dev/null +++ b/k8s-save/charts/location/values.yaml @@ -0,0 +1,10 @@ +backend: + image: + repository: hownamee/yas-location + tag: latest + + nameOverride: location + fullnameOverride: location + databaseName: location + ingress: + enabled: false diff --git a/k8s-save/charts/media/.helmignore b/k8s-save/charts/media/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/media/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/media/Chart.yaml b/k8s-save/charts/media/Chart.yaml new file mode 100644 index 0000000000..8b54b8e584 --- /dev/null +++ b/k8s-save/charts/media/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: media +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-save/charts/media/templates/_helpers.tpl b/k8s-save/charts/media/templates/_helpers.tpl new file mode 100644 index 0000000000..5cbd4de41c --- /dev/null +++ b/k8s-save/charts/media/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "media.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "media.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "media.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "media.labels" -}} +helm.sh/chart: {{ include "media.chart" . }} +{{ include "media.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "media.selectorLabels" -}} +app.kubernetes.io/name: {{ include "media.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "media.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "media.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/media/values.yaml b/k8s-save/charts/media/values.yaml new file mode 100644 index 0000000000..684d267b2a --- /dev/null +++ b/k8s-save/charts/media/values.yaml @@ -0,0 +1,20 @@ +backend: + image: + repository: hownamee/yas-media + tag: latest + + nameOverride: media + fullnameOverride: media + databaseName: media + ingress: + enabled: false + extraVolumes: + - name: media-application + configMap: + name: media-application-configmap + extraVolumeMounts: + - name: media-application + mountPath: /opt/yas/media + extraApplicationConfigPaths: + - /opt/yas/media/media-application.yaml + diff --git a/k8s-save/charts/order/.helmignore b/k8s-save/charts/order/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/order/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/order/Chart.yaml b/k8s-save/charts/order/Chart.yaml new file mode 100644 index 0000000000..e95d954fc8 --- /dev/null +++ b/k8s-save/charts/order/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: order +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.2.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-save/charts/order/templates/_helpers.tpl b/k8s-save/charts/order/templates/_helpers.tpl new file mode 100644 index 0000000000..b6400062c4 --- /dev/null +++ b/k8s-save/charts/order/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "order.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "order.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "order.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "order.labels" -}} +helm.sh/chart: {{ include "order.chart" . }} +{{ include "order.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "order.selectorLabels" -}} +app.kubernetes.io/name: {{ include "order.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "order.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "order.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/order/values.yaml b/k8s-save/charts/order/values.yaml new file mode 100644 index 0000000000..8aa4780f90 --- /dev/null +++ b/k8s-save/charts/order/values.yaml @@ -0,0 +1,19 @@ +backend: + image: + repository: hownamee/yas-order + tag: latest + + nameOverride: order + fullnameOverride: order + databaseName: order + ingress: + enabled: false + extraVolumes: + - name: order-application-config + configMap: + name: order-application-configmap + extraVolumeMounts: + - name: order-application-config + mountPath: /opt/yas/order + extraApplicationConfigPaths: + - /opt/yas/order/order-application.yaml \ No newline at end of file diff --git a/k8s-save/charts/payment-paypal/.helmignore b/k8s-save/charts/payment-paypal/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/payment-paypal/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/payment-paypal/Chart.yaml b/k8s-save/charts/payment-paypal/Chart.yaml new file mode 100644 index 0000000000..a5d5abda76 --- /dev/null +++ b/k8s-save/charts/payment-paypal/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: payment-paypal +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.2.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-save/charts/payment-paypal/templates/_helpers.tpl b/k8s-save/charts/payment-paypal/templates/_helpers.tpl new file mode 100644 index 0000000000..01b9112f9e --- /dev/null +++ b/k8s-save/charts/payment-paypal/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "payment-paypal.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "payment-paypal.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "payment-paypal.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "payment-paypal.labels" -}} +helm.sh/chart: {{ include "payment-paypal.chart" . }} +{{ include "payment-paypal.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "payment-paypal.selectorLabels" -}} +app.kubernetes.io/name: {{ include "payment-paypal.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "payment-paypal.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "payment-paypal.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/payment-paypal/values.yaml b/k8s-save/charts/payment-paypal/values.yaml new file mode 100644 index 0000000000..53b1712fbe --- /dev/null +++ b/k8s-save/charts/payment-paypal/values.yaml @@ -0,0 +1,19 @@ +backend: + image: + repository: hownamee/yas-payment-paypal + tag: latest + + nameOverride: payment-paypal + fullnameOverride: payment-paypal + databaseName: payment-paypal + ingress: + enabled: false + extraVolumes: + - name: payment-paypal-application-config + configMap: + name: payment-paypal-application-configmap + extraVolumeMounts: + - name: payment-paypal-application-config + mountPath: /opt/yas/payment-paypal + extraApplicationConfigPaths: + - /opt/yas/payment-paypal/payment-paypal-application.yaml \ No newline at end of file diff --git a/k8s-save/charts/payment/.helmignore b/k8s-save/charts/payment/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/payment/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/payment/Chart.yaml b/k8s-save/charts/payment/Chart.yaml new file mode 100644 index 0000000000..918abebdb4 --- /dev/null +++ b/k8s-save/charts/payment/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: payment +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.2.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-save/charts/payment/templates/_helpers.tpl b/k8s-save/charts/payment/templates/_helpers.tpl new file mode 100644 index 0000000000..74b097c6be --- /dev/null +++ b/k8s-save/charts/payment/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "payment.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "payment.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "payment.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "payment.labels" -}} +helm.sh/chart: {{ include "payment.chart" . }} +{{ include "payment.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "payment.selectorLabels" -}} +app.kubernetes.io/name: {{ include "payment.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "payment.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "payment.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/payment/values.yaml b/k8s-save/charts/payment/values.yaml new file mode 100644 index 0000000000..ac6648cdc7 --- /dev/null +++ b/k8s-save/charts/payment/values.yaml @@ -0,0 +1,19 @@ +backend: + image: + repository: hownamee/yas-payment + tag: latest + + nameOverride: payment + fullnameOverride: payment + databaseName: payment + ingress: + enabled: false + extraVolumes: + - name: payment-application-config + configMap: + name: payment-application-configmap + extraVolumeMounts: + - name: payment-application-config + mountPath: /opt/yas/payment + extraApplicationConfigPaths: + - /opt/yas/payment/payment-application.yaml \ No newline at end of file diff --git a/k8s-save/charts/product/.helmignore b/k8s-save/charts/product/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/product/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/product/Chart.yaml b/k8s-save/charts/product/Chart.yaml new file mode 100644 index 0000000000..4fca56c793 --- /dev/null +++ b/k8s-save/charts/product/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: product +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-save/charts/product/templates/_helpers.tpl b/k8s-save/charts/product/templates/_helpers.tpl new file mode 100644 index 0000000000..c7a726f1ef --- /dev/null +++ b/k8s-save/charts/product/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "product.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "product.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "product.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "product.labels" -}} +helm.sh/chart: {{ include "product.chart" . }} +{{ include "product.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "product.selectorLabels" -}} +app.kubernetes.io/name: {{ include "product.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "product.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "product.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/product/values.yaml b/k8s-save/charts/product/values.yaml new file mode 100644 index 0000000000..cce90d759b --- /dev/null +++ b/k8s-save/charts/product/values.yaml @@ -0,0 +1,19 @@ +backend: + image: + repository: hownamee/yas-product + tag: latest + + nameOverride: product + fullnameOverride: product + databaseName: product + ingress: + enabled: false + extraVolumes: + - name: product-application-config + configMap: + name: product-application-configmap + extraVolumeMounts: + - name: product-application-config + mountPath: /opt/yas/product + extraApplicationConfigPaths: + - /opt/yas/product/product-application.yaml diff --git a/k8s-save/charts/promotion/.helmignore b/k8s-save/charts/promotion/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/promotion/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/promotion/Chart.yaml b/k8s-save/charts/promotion/Chart.yaml new file mode 100644 index 0000000000..ed65cc6684 --- /dev/null +++ b/k8s-save/charts/promotion/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: promotion +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-save/charts/promotion/templates/_helpers.tpl b/k8s-save/charts/promotion/templates/_helpers.tpl new file mode 100644 index 0000000000..2303e18d95 --- /dev/null +++ b/k8s-save/charts/promotion/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "promotion.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "promotion.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "promotion.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "promotion.labels" -}} +helm.sh/chart: {{ include "promotion.chart" . }} +{{ include "promotion.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "promotion.selectorLabels" -}} +app.kubernetes.io/name: {{ include "promotion.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "promotion.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "promotion.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/promotion/values.yaml b/k8s-save/charts/promotion/values.yaml new file mode 100644 index 0000000000..c39ffde139 --- /dev/null +++ b/k8s-save/charts/promotion/values.yaml @@ -0,0 +1,10 @@ +backend: + image: + repository: hownamee/yas-promotion + tag: latest + + nameOverride: promotion + fullnameOverride: promotion + databaseName: promotion + ingress: + enabled: false diff --git a/k8s-save/charts/rating/.helmignore b/k8s-save/charts/rating/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/rating/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/rating/Chart.yaml b/k8s-save/charts/rating/Chart.yaml new file mode 100644 index 0000000000..d8d31581d8 --- /dev/null +++ b/k8s-save/charts/rating/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: rating +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-save/charts/rating/templates/_helpers.tpl b/k8s-save/charts/rating/templates/_helpers.tpl new file mode 100644 index 0000000000..e82b9b6767 --- /dev/null +++ b/k8s-save/charts/rating/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "rating.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "rating.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "rating.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "rating.labels" -}} +helm.sh/chart: {{ include "rating.chart" . }} +{{ include "rating.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "rating.selectorLabels" -}} +app.kubernetes.io/name: {{ include "rating.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "rating.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "rating.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/rating/values.yaml b/k8s-save/charts/rating/values.yaml new file mode 100644 index 0000000000..8b56e18d54 --- /dev/null +++ b/k8s-save/charts/rating/values.yaml @@ -0,0 +1,10 @@ +backend: + image: + repository: hownamee/yas-rating + tag: latest + + nameOverride: rating + fullnameOverride: rating + databaseName: rating + ingress: + enabled: false diff --git a/k8s-save/charts/recommendation/.helmignore b/k8s-save/charts/recommendation/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/recommendation/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/recommendation/Chart.yaml b/k8s-save/charts/recommendation/Chart.yaml new file mode 100644 index 0000000000..ad75bd67c6 --- /dev/null +++ b/k8s-save/charts/recommendation/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: recommendation +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-save/charts/recommendation/templates/_helpers.tpl b/k8s-save/charts/recommendation/templates/_helpers.tpl new file mode 100644 index 0000000000..4945313c24 --- /dev/null +++ b/k8s-save/charts/recommendation/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "recommendation.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "recommendation.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "recommendation.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "recommendation.labels" -}} +helm.sh/chart: {{ include "recommendation.chart" . }} +{{ include "recommendation.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "recommendation.selectorLabels" -}} +app.kubernetes.io/name: {{ include "recommendation.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "recommendation.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "recommendation.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/recommendation/values.yaml b/k8s-save/charts/recommendation/values.yaml new file mode 100644 index 0000000000..0fccede06a --- /dev/null +++ b/k8s-save/charts/recommendation/values.yaml @@ -0,0 +1,22 @@ +backend: + image: + repository: hownamee/yas-recommendation + tag: latest + + nameOverride: recommendation + fullnameOverride: recommendation + databaseName: recommendation + ingress: + enabled: false + extraEnvFroms: + - secretRef: + name: yas-openai-api-key-secret + extraVolumes: + - name: recommendation-application + configMap: + name: recommendation-application-configmap + extraVolumeMounts: + - name: recommendation-application + mountPath: /opt/yas/recommendation + extraApplicationConfigPaths: + - /opt/yas/recommendation/recommendation-application.yaml diff --git a/k8s-save/charts/sampledata/.helmignore b/k8s-save/charts/sampledata/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/sampledata/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/sampledata/Chart.yaml b/k8s-save/charts/sampledata/Chart.yaml new file mode 100644 index 0000000000..66d3404648 --- /dev/null +++ b/k8s-save/charts/sampledata/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: sampledata +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-save/charts/sampledata/templates/_helpers.tpl b/k8s-save/charts/sampledata/templates/_helpers.tpl new file mode 100644 index 0000000000..daf7974fb4 --- /dev/null +++ b/k8s-save/charts/sampledata/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "sampledata.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "sampledata.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "sampledata.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "sampledata.labels" -}} +helm.sh/chart: {{ include "sampledata.chart" . }} +{{ include "sampledata.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "sampledata.selectorLabels" -}} +app.kubernetes.io/name: {{ include "sampledata.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "sampledata.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "sampledata.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/sampledata/values.yaml b/k8s-save/charts/sampledata/values.yaml new file mode 100644 index 0000000000..d1541f89b3 --- /dev/null +++ b/k8s-save/charts/sampledata/values.yaml @@ -0,0 +1,19 @@ +backend: + image: + repository: hownamee/yas-sampledata + tag: latest + + nameOverride: sampledata + fullnameOverride: sampledata + databaseName: sampledata + ingress: + enabled: false + extraVolumes: + - name: sampledata-application + configMap: + name: sampledata-application-configmap + extraVolumeMounts: + - name: sampledata-application + mountPath: /opt/yas/sampledata + extraApplicationConfigPaths: + - /opt/yas/sampledata/sampledata-application.yaml diff --git a/k8s-save/charts/search/.helmignore b/k8s-save/charts/search/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/search/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/search/Chart.yaml b/k8s-save/charts/search/Chart.yaml new file mode 100644 index 0000000000..c202859003 --- /dev/null +++ b/k8s-save/charts/search/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: search +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-save/charts/search/templates/_helpers.tpl b/k8s-save/charts/search/templates/_helpers.tpl new file mode 100644 index 0000000000..067a40637f --- /dev/null +++ b/k8s-save/charts/search/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "search.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "search.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "search.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "search.labels" -}} +helm.sh/chart: {{ include "search.chart" . }} +{{ include "search.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "search.selectorLabels" -}} +app.kubernetes.io/name: {{ include "search.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "search.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "search.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/search/values.yaml b/k8s-save/charts/search/values.yaml new file mode 100644 index 0000000000..c04d8da756 --- /dev/null +++ b/k8s-save/charts/search/values.yaml @@ -0,0 +1,22 @@ +backend: + image: + repository: hownamee/yas-search + tag: latest + + nameOverride: search + fullnameOverride: search + databaseName: search + ingress: + enabled: false + extraEnvFroms: + - secretRef: + name: yas-elasticsearch-credentials-secret + extraVolumes: + - name: search-application + configMap: + name: search-application-configmap + extraVolumeMounts: + - name: search-application + mountPath: /opt/yas/search + extraApplicationConfigPaths: + - /opt/yas/search/search-application.yaml diff --git a/k8s-save/charts/storefront-bff/.helmignore b/k8s-save/charts/storefront-bff/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/storefront-bff/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/storefront-bff/Chart.yaml b/k8s-save/charts/storefront-bff/Chart.yaml new file mode 100644 index 0000000000..8a89664866 --- /dev/null +++ b/k8s-save/charts/storefront-bff/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: storefront-bff +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-save/charts/storefront-bff/templates/_helpers.tpl b/k8s-save/charts/storefront-bff/templates/_helpers.tpl new file mode 100644 index 0000000000..65abf0052b --- /dev/null +++ b/k8s-save/charts/storefront-bff/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "storefront-bff.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "storefront-bff.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "storefront-bff.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "storefront-bff.labels" -}} +helm.sh/chart: {{ include "storefront-bff.chart" . }} +{{ include "storefront-bff.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "storefront-bff.selectorLabels" -}} +app.kubernetes.io/name: {{ include "storefront-bff.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "storefront-bff.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "storefront-bff.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/storefront-bff/templates/storefront-bff.configmap.yaml b/k8s-save/charts/storefront-bff/templates/storefront-bff.configmap.yaml new file mode 100644 index 0000000000..3c0eb0b93d --- /dev/null +++ b/k8s-save/charts/storefront-bff/templates/storefront-bff.configmap.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: storefront-bff-configmap + annotations: + reloader.stakater.com/match: "true" +data: + backoffice-bff-application.yaml: | + {{- toYaml .Values.storefrontBffApplicationConfig | nindent 4 }} \ No newline at end of file diff --git a/k8s-save/charts/storefront-bff/values.yaml b/k8s-save/charts/storefront-bff/values.yaml new file mode 100644 index 0000000000..5fbdb906da --- /dev/null +++ b/k8s-save/charts/storefront-bff/values.yaml @@ -0,0 +1,42 @@ +backend: + image: + repository: hownamee/yas-storefront-bff + tag: latest + + nameOverride: storefront-bff + fullnameOverride: storefront-bff + + deployment: + annotations: + configmap.reloader.stakater.com/reload: "yas-gateway-routes-config-configmap,storefront-bff-extra-configmap" + + ingress: + enabled: true + host: storefront.yas.local.com + path: / + + extraEnvs: + - name: SPRING_PROFILES_ACTIVE + value: prod + - name: UI_HOST + value: http://storefront-ui:3000 + extraEnvFroms: + - secretRef: + name: yas-keycloak-credentials-secret + - secretRef: + name: yas-redis-credentials-secret + extraVolumes: + - name: yas-gateway-routes-config + configMap: + name: yas-gateway-routes-config-configmap + - name: storefront-bff-extra-config + configMap: + name: storefront-bff-extra-configmap + extraVolumeMounts: + - name: yas-gateway-routes-config + mountPath: /opt/yas/gateway-routes-config + - name: storefront-bff-extra-config + mountPath: /opt/yas/extra-config + extraApplicationConfigPaths: + - /opt/yas/gateway-routes-config/gateway-routes-config.yaml + - /opt/yas/extra-config/storefront-bff-extra-config.yaml \ No newline at end of file diff --git a/k8s-save/charts/storefront-ui/.helmignore b/k8s-save/charts/storefront-ui/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/storefront-ui/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/storefront-ui/Chart.yaml b/k8s-save/charts/storefront-ui/Chart.yaml new file mode 100644 index 0000000000..05aa67ff9e --- /dev/null +++ b/k8s-save/charts/storefront-ui/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: storefront-ui +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: ui + version: 0.1.0 + repository: file://../ui \ No newline at end of file diff --git a/k8s-save/charts/storefront-ui/templates/_helpers.tpl b/k8s-save/charts/storefront-ui/templates/_helpers.tpl new file mode 100644 index 0000000000..40e4fb215b --- /dev/null +++ b/k8s-save/charts/storefront-ui/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "storefront-ui.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "storefront-ui.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "storefront-ui.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "storefront-ui.labels" -}} +helm.sh/chart: {{ include "storefront-ui.chart" . }} +{{ include "storefront-ui.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "storefront-ui.selectorLabels" -}} +app.kubernetes.io/name: {{ include "storefront-ui.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "storefront-ui.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "storefront-ui.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/storefront-ui/templates/storefront-env-production.configmap.yaml b/k8s-save/charts/storefront-ui/templates/storefront-env-production.configmap.yaml new file mode 100644 index 0000000000..8682cde1cd --- /dev/null +++ b/k8s-save/charts/storefront-ui/templates/storefront-env-production.configmap.yaml @@ -0,0 +1,11 @@ +{{- if .Values.storefrontEnvProduction }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: storefront-env-production-configmap + annotations: + reloader.stakater.com/match: "true" +data: + .env.production: | + {{ .Values.storefrontEnvProduction | nindent 4 }} + {{- end }} \ No newline at end of file diff --git a/k8s-save/charts/storefront-ui/values.yaml b/k8s-save/charts/storefront-ui/values.yaml new file mode 100644 index 0000000000..e7b617d1a1 --- /dev/null +++ b/k8s-save/charts/storefront-ui/values.yaml @@ -0,0 +1,26 @@ +ui: + image: + repository: hownamee/yas-storefront + tag: latest + nameOverride: storefront-ui + fullnameOverride: storefront-ui +# extraVolumes: +# - name: storefront-env-production +# configMap: +# name: storefront-env-production-configmap +# items: +# - key: .env.production +# path: .env.production +# extraVolumeMounts: +# - name: storefront-env-production +# mountPath: /app/.env.production +# readOnly: true +# subPath: .env.production + extraEnvs: + - name: API_BASE_PATH + value: http://storefront.yas.local.com/api + ingress: + enabled: false + +#storefrontEnvProduction: | +# API_BASE_PATH=http://storefront.yas.local.com/api \ No newline at end of file diff --git a/k8s-save/charts/swagger-ui/.helmignore b/k8s-save/charts/swagger-ui/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/swagger-ui/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/swagger-ui/Chart.yaml b/k8s-save/charts/swagger-ui/Chart.yaml new file mode 100644 index 0000000000..4c87b42beb --- /dev/null +++ b/k8s-save/charts/swagger-ui/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: swagger-ui +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" diff --git a/k8s-save/charts/swagger-ui/templates/NOTES.txt b/k8s-save/charts/swagger-ui/templates/NOTES.txt new file mode 100644 index 0000000000..9a163f5f48 --- /dev/null +++ b/k8s-save/charts/swagger-ui/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "swagger-ui.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "swagger-ui.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "swagger-ui.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "swagger-ui.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/k8s-save/charts/swagger-ui/templates/_helpers.tpl b/k8s-save/charts/swagger-ui/templates/_helpers.tpl new file mode 100644 index 0000000000..c65e4fd1d6 --- /dev/null +++ b/k8s-save/charts/swagger-ui/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "swagger-ui.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "swagger-ui.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "swagger-ui.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "swagger-ui.labels" -}} +helm.sh/chart: {{ include "swagger-ui.chart" . }} +{{ include "swagger-ui.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "swagger-ui.selectorLabels" -}} +app.kubernetes.io/name: {{ include "swagger-ui.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "swagger-ui.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "swagger-ui.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/swagger-ui/templates/deployment.yaml b/k8s-save/charts/swagger-ui/templates/deployment.yaml new file mode 100644 index 0000000000..cd9adbbeb8 --- /dev/null +++ b/k8s-save/charts/swagger-ui/templates/deployment.yaml @@ -0,0 +1,66 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "swagger-ui.fullname" . }} + labels: + {{- include "swagger-ui.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "swagger-ui.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "swagger-ui.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "swagger-ui.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + - name: BASE_URL + value: {{ .Values.baseUrl }} + - name: URLS + value: {{ .Values.urls | quote }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + livenessProbe: + httpGet: + path: {{ .Values.baseUrl }} + port: http + readinessProbe: + httpGet: + path: {{ .Values.baseUrl }} + port: http + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/k8s-save/charts/swagger-ui/templates/hpa.yaml b/k8s-save/charts/swagger-ui/templates/hpa.yaml new file mode 100644 index 0000000000..d10579637c --- /dev/null +++ b/k8s-save/charts/swagger-ui/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "swagger-ui.fullname" . }} + labels: + {{- include "swagger-ui.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "swagger-ui.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/k8s-save/charts/swagger-ui/templates/ingress.yaml b/k8s-save/charts/swagger-ui/templates/ingress.yaml new file mode 100644 index 0000000000..75886e7c4e --- /dev/null +++ b/k8s-save/charts/swagger-ui/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "swagger-ui.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "swagger-ui.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ $.Values.ingress.host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/k8s-save/charts/swagger-ui/templates/service.yaml b/k8s-save/charts/swagger-ui/templates/service.yaml new file mode 100644 index 0000000000..4a9c5de32a --- /dev/null +++ b/k8s-save/charts/swagger-ui/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "swagger-ui.fullname" . }} + labels: + {{- include "swagger-ui.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "swagger-ui.selectorLabels" . | nindent 4 }} diff --git a/k8s-save/charts/swagger-ui/templates/serviceaccount.yaml b/k8s-save/charts/swagger-ui/templates/serviceaccount.yaml new file mode 100644 index 0000000000..171bcfeb53 --- /dev/null +++ b/k8s-save/charts/swagger-ui/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "swagger-ui.serviceAccountName" . }} + labels: + {{- include "swagger-ui.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/k8s-save/charts/swagger-ui/templates/tests/test-connection.yaml b/k8s-save/charts/swagger-ui/templates/tests/test-connection.yaml new file mode 100644 index 0000000000..d7e898b777 --- /dev/null +++ b/k8s-save/charts/swagger-ui/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "swagger-ui.fullname" . }}-test-connection" + labels: + {{- include "swagger-ui.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "swagger-ui.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/k8s-save/charts/swagger-ui/values.yaml b/k8s-save/charts/swagger-ui/values.yaml new file mode 100644 index 0000000000..4b1b5723fc --- /dev/null +++ b/k8s-save/charts/swagger-ui/values.yaml @@ -0,0 +1,97 @@ +# Default values for swagger-ui. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: swaggerapi/swagger-ui + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "v4.16.0" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +baseUrl: /swagger-ui +urls: "[{ url: 'http://api.yas.local.com/product/v3/api-docs', name: 'Product' }, + { url: 'http://api.yas.local.com/media/v3/api-docs', name: 'Media' }, + { url: 'http://api.yas.local.com/customer/v3/api-docs', name: 'Customer' }, + { url: 'http://api.yas.local.com/cart/v3/api-docs', name: 'Cart'}, + { url: 'http://api.yas.local.com/rating/v3/api-docs', name: 'Rating' }, + { url: 'http://api.yas.local.com/order/v3/api-docs', name: 'Order'}, + { url: 'http://api.yas.local.com/payment/v3/api-docs', name: 'Payment'}, + { url: 'http://api.yas.local.com/location/v3/api-docs', name: 'Location'}, + { url: 'http://api.yas.local.com/inventory/v3/api-docs', name: 'Inventory'}, + { url: 'http://api.yas.local.com/tax/v3/api-docs', name: 'Tax' }, + { url: 'http://api.yas.local.com/promotion/v3/api-docs', name: 'Promotion'}, + { url: 'http://api.yas.local.com/search/v3/api-docs', name: 'Search'}]" + +service: + type: ClusterIP + port: 8080 + +ingress: + enabled: true + className: "nginx" + host: api.yas.local.com + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: api.yas.local.com + paths: + - path: /swagger-ui + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/k8s-save/charts/tax/.helmignore b/k8s-save/charts/tax/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/tax/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/tax/Chart.yaml b/k8s-save/charts/tax/Chart.yaml new file mode 100644 index 0000000000..4564e75ae7 --- /dev/null +++ b/k8s-save/charts/tax/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: tax +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-save/charts/tax/templates/_helpers.tpl b/k8s-save/charts/tax/templates/_helpers.tpl new file mode 100644 index 0000000000..c533556efe --- /dev/null +++ b/k8s-save/charts/tax/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "tax.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "tax.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "tax.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "tax.labels" -}} +helm.sh/chart: {{ include "tax.chart" . }} +{{ include "tax.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "tax.selectorLabels" -}} +app.kubernetes.io/name: {{ include "tax.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "tax.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "tax.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/tax/values.yaml b/k8s-save/charts/tax/values.yaml new file mode 100644 index 0000000000..dfaa655712 --- /dev/null +++ b/k8s-save/charts/tax/values.yaml @@ -0,0 +1,10 @@ +backend: + image: + repository: hownamee/yas-tax + tag: latest + + nameOverride: tax + fullnameOverride: tax + databaseName: tax + ingress: + enabled: false diff --git a/k8s-save/charts/ui/.helmignore b/k8s-save/charts/ui/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/ui/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/ui/Chart.yaml b/k8s-save/charts/ui/Chart.yaml new file mode 100644 index 0000000000..7467f29c71 --- /dev/null +++ b/k8s-save/charts/ui/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ui +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" diff --git a/k8s-save/charts/ui/README.md b/k8s-save/charts/ui/README.md new file mode 100644 index 0000000000..96cc1a12ae --- /dev/null +++ b/k8s-save/charts/ui/README.md @@ -0,0 +1 @@ +The base chart for ui application \ No newline at end of file diff --git a/k8s-save/charts/ui/templates/NOTES.txt b/k8s-save/charts/ui/templates/NOTES.txt new file mode 100644 index 0000000000..7ee947f547 --- /dev/null +++ b/k8s-save/charts/ui/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ui.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ui.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ui.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ui.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/k8s-save/charts/ui/templates/_helpers.tpl b/k8s-save/charts/ui/templates/_helpers.tpl new file mode 100644 index 0000000000..07e4048494 --- /dev/null +++ b/k8s-save/charts/ui/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ui.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ui.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ui.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ui.labels" -}} +helm.sh/chart: {{ include "ui.chart" . }} +{{ include "ui.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ui.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ui.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ui.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ui.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/ui/templates/deployment.yaml b/k8s-save/charts/ui/templates/deployment.yaml new file mode 100644 index 0000000000..153427b3bb --- /dev/null +++ b/k8s-save/charts/ui/templates/deployment.yaml @@ -0,0 +1,78 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ui.fullname" . }} + labels: + {{- include "ui.labels" . | nindent 4 }} + annotations: + {{- toYaml .Values.deployment.annotations | nindent 4 }} + {{- if .Values.deployment.extraAnnotations }} + {{- toYaml .Values.deployment.extraAnnotations | nindent 4 }} + {{- end }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ui.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "ui.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ui.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- if .Values.extraVolumes }} + volumes: + {{- toYaml .Values.extraVolumes | nindent 8 }} + {{- end }} + containers: + - name: {{ include "ui.fullname" . }} + {{- if .Values.extraEnvs }} + env: + {{- toYaml .Values.extraEnvs | nindent 12 }} + {{- end }} + {{- if .Values.extraVolumeMounts }} + volumeMounts: + {{- toYaml .Values.extraVolumeMounts | nindent 12 }} + {{- end }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.httpPort }} + protocol: TCP + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/k8s-save/charts/ui/templates/hpa.yaml b/k8s-save/charts/ui/templates/hpa.yaml new file mode 100644 index 0000000000..aa932aa447 --- /dev/null +++ b/k8s-save/charts/ui/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ui.fullname" . }} + labels: + {{- include "ui.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ui.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/k8s-save/charts/ui/templates/ingress.yaml b/k8s-save/charts/ui/templates/ingress.yaml new file mode 100644 index 0000000000..9bdbbea52e --- /dev/null +++ b/k8s-save/charts/ui/templates/ingress.yaml @@ -0,0 +1,50 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ui.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ui.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- with .Values.ingress.tls }} + - hosts: + - {{ .host | quote }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- with .Values.ingress }} + - host: {{ .host}} + http: + paths: + - path: {{ .path }} + pathType: {{ .pathType }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- end }} +{{- end }} diff --git a/k8s-save/charts/ui/templates/service.yaml b/k8s-save/charts/ui/templates/service.yaml new file mode 100644 index 0000000000..80c6956c21 --- /dev/null +++ b/k8s-save/charts/ui/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "ui.fullname" . }} + labels: + {{- include "ui.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.httpPort }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ui.selectorLabels" . | nindent 4 }} diff --git a/k8s-save/charts/ui/templates/serviceaccount.yaml b/k8s-save/charts/ui/templates/serviceaccount.yaml new file mode 100644 index 0000000000..7ab0824eca --- /dev/null +++ b/k8s-save/charts/ui/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ui.serviceAccountName" . }} + labels: + {{- include "ui.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/k8s-save/charts/ui/values.yaml b/k8s-save/charts/ui/values.yaml new file mode 100644 index 0000000000..7441547292 --- /dev/null +++ b/k8s-save/charts/ui/values.yaml @@ -0,0 +1,89 @@ +# Default values for ui. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: "" + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +deployment: + annotations: + reloader.stakater.com/search: "true" + extraAnnotations: [] + +extraEnvs: [] +extraVolumes: [] +extraVolumeMounts: [] + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +httpPort: 3000 + +service: + type: ClusterIP + port: 3000 + +ingress: + enabled: false + className: "nginx" + annotations: {} + host: chart-example.local + path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/k8s-save/charts/values.template.yaml b/k8s-save/charts/values.template.yaml new file mode 100644 index 0000000000..6ff48fe483 --- /dev/null +++ b/k8s-save/charts/values.template.yaml @@ -0,0 +1,13 @@ +backend: + image: + repository: hownamee/yas-{{service}} + tag: latest + + nameOverride: {{service}} + fullnameOverride: {{service}} + databaseName: {{service}} + + ingress: + enabled: true + host: api.yas.local.com + path: /{{service}} \ No newline at end of file diff --git a/k8s-save/charts/webhook/.helmignore b/k8s-save/charts/webhook/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/webhook/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/webhook/Chart.yaml b/k8s-save/charts/webhook/Chart.yaml new file mode 100644 index 0000000000..360f493be1 --- /dev/null +++ b/k8s-save/charts/webhook/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: webhook +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "latest" + +dependencies: + - name: backend + version: 0.1.0 + repository: file://../backend diff --git a/k8s-save/charts/webhook/templates/_helpers.tpl b/k8s-save/charts/webhook/templates/_helpers.tpl new file mode 100644 index 0000000000..101c73d6a5 --- /dev/null +++ b/k8s-save/charts/webhook/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "webhook.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "webhook.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "webhook.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "webhook.labels" -}} +helm.sh/chart: {{ include "webhook.chart" . }} +{{ include "webhook.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "webhook.selectorLabels" -}} +app.kubernetes.io/name: {{ include "webhook.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "webhook.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "webhook.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/charts/webhook/values.yaml b/k8s-save/charts/webhook/values.yaml new file mode 100644 index 0000000000..67193d35f1 --- /dev/null +++ b/k8s-save/charts/webhook/values.yaml @@ -0,0 +1,8 @@ +backend: + image: + repository: hownamee/yas-webhook + tag: latest + + nameOverride: webhook + fullnameOverride: webhook + databaseName: webhook diff --git a/k8s-save/charts/yas-configuration/.helmignore b/k8s-save/charts/yas-configuration/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/charts/yas-configuration/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/charts/yas-configuration/Chart.yaml b/k8s-save/charts/yas-configuration/Chart.yaml new file mode 100644 index 0000000000..b9b21e4f55 --- /dev/null +++ b/k8s-save/charts/yas-configuration/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: yas-configuration +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.4.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.1.0" + +dependencies: + - name: reloader + version: 1.0.29 + repository: https://stakater.github.io/stakater-charts \ No newline at end of file diff --git a/k8s-save/charts/yas-configuration/README.md b/k8s-save/charts/yas-configuration/README.md new file mode 100644 index 0000000000..19e7b78eea --- /dev/null +++ b/k8s-save/charts/yas-configuration/README.md @@ -0,0 +1 @@ +The chart contain common configmap and secret for all applications in yas system \ No newline at end of file diff --git a/k8s-save/charts/yas-configuration/templates/yas-configurations.configmap.yaml b/k8s-save/charts/yas-configuration/templates/yas-configurations.configmap.yaml new file mode 100644 index 0000000000..fd0a0ce116 --- /dev/null +++ b/k8s-save/charts/yas-configuration/templates/yas-configurations.configmap.yaml @@ -0,0 +1,157 @@ +#Configmap of general application config for all microservices +apiVersion: v1 +kind: ConfigMap +metadata: + name: yas-configuration-configmap + annotations: + reloader.stakater.com/match: "true" +data: + application.yaml: | + {{- toYaml .Values.applicationConfig | nindent 4 }} + logback.xml: | + {{- .Values.logbackConfig | nindent 4 }} +--- +#Configmap of gateway routes config for bff microservices +apiVersion: v1 +kind: ConfigMap +metadata: + name: yas-gateway-routes-config-configmap + annotations: + reloader.stakater.com/match: "true" +data: + gateway-routes-config.yaml: | + {{- toYaml .Values.gatewayRoutesConfig | nindent 4 }} +--- +#Configmap for backoffice-bff extra +apiVersion: v1 +kind: ConfigMap +metadata: + name: backoffice-bff-extra-configmap + annotations: + reloader.stakater.com/match: "true" +data: + backoffice-bff-extra-config.yaml: | + {{- toYaml .Values.backofficeBffExtraConfig | nindent 4 }} +--- +#Configmap for storefront-bff extra +apiVersion: v1 +kind: ConfigMap +metadata: + name: storefront-bff-extra-configmap + annotations: + reloader.stakater.com/match: "true" +data: + storefront-bff-extra-config.yaml: | + {{- toYaml .Values.storefrontBffExtraConfig | nindent 4 }} +--- +# Configmap for media application config custom +apiVersion: v1 +kind: ConfigMap +metadata: + name: media-application-configmap + annotations: + reloader.stakater.com/match: "true" +data: + media-application.yaml: | + {{- toYaml .Values.mediaApplicationConfig | nindent 4 }} +--- +#Configmap for customer application config custom +apiVersion: v1 +kind: ConfigMap +metadata: + name: customer-application-configmap + annotations: + reloader.stakater.com/match: "true" +data: + customer-application.yaml: | + {{ toYaml .Values.customerApplicationConfig | nindent 4 }} +--- +# Configmap of search application config custom +apiVersion: v1 +kind: ConfigMap +metadata: + name: search-application-configmap + annotations: + reloader.stakater.com/match: "true" +data: + search-application.yaml: | + {{ toYaml .Values.searchApplicationConfig | nindent 4 }} +--- +# Configmap of cart application config custom +apiVersion: v1 +kind: ConfigMap +metadata: + name: cart-application-configmap + annotations: + reloader.stakater.com/match: "true" +data: + cart-application.yaml: | + {{ toYaml .Values.cartApplicationConfig | nindent 4 }} +--- +# Configmap of order application config custom +apiVersion: v1 +kind: ConfigMap +metadata: + name: order-application-configmap + annotations: + reloader.stakater.com/match: "true" +data: + order-application.yaml: | + {{ toYaml .Values.orderApplicationConfig | nindent 4 }} +--- +# Configmap of payment application config custom +apiVersion: v1 +kind: ConfigMap +metadata: + name: payment-application-configmap + annotations: + reloader.stakater.com/match: "true" +data: + payment-application.yaml: | + {{ toYaml .Values.paymentApplicationConfig | nindent 4 }} +--- +# Configmap of payment-paypal application config custom +apiVersion: v1 +kind: ConfigMap +metadata: + name: payment-paypal-application-configmap + annotations: + reloader.stakater.com/match: "true" +data: + payment-paypal-application.yaml: | + {{ toYaml .Values.paymentPaypalApplicationConfig | nindent 4 }} +--- +# Configmap of production application config custom +apiVersion: v1 +kind: ConfigMap +metadata: + name: product-application-configmap + annotations: + reloader.stakater.com/match: "true" +data: + product-application.yaml: | + {{ toYaml .Values.productApplicationConfig | nindent 4 }} + +--- +# Configmap of recommendation application config custom +apiVersion: v1 +kind: ConfigMap +metadata: + name: recommendation-application-configmap + annotations: + reloader.stakater.com/match: "true" +data: + recommendation-application.yaml: | + {{ toYaml .Values.recommendationApplicationConfig | nindent 4 }} + +--- +# Configmap of sampledata application config custom +apiVersion: v1 +kind: ConfigMap +metadata: + name: sampledata-application-configmap + annotations: + reloader.stakater.com/match: "true" +data: + sampledata-application.yaml: | + {{ toYaml .Values.sampledataApplicationConfig | nindent 4 }} \ No newline at end of file diff --git a/k8s-save/charts/yas-configuration/templates/yas-credentials.secret.yaml b/k8s-save/charts/yas-configuration/templates/yas-credentials.secret.yaml new file mode 100644 index 0000000000..d3279e5ff6 --- /dev/null +++ b/k8s-save/charts/yas-configuration/templates/yas-credentials.secret.yaml @@ -0,0 +1,57 @@ +apiVersion: v1 +kind: Secret +metadata: + name: yas-postgresql-credentials-secret + annotations: + reloader.stakater.com/match: "true" +type: Opaque +data: + POSTGRESQL_USERNAME: {{ .Values.credentials.postgresql.username | b64enc }} + POSTGRESQL_PASSWORD: {{ .Values.credentials.postgresql.password | b64enc }} + +--- +apiVersion: v1 +kind: Secret +metadata: + name: yas-elasticsearch-credentials-secret + annotations: + reloader.stakater.com/match: "true" +type: Opaque +data: + ELASTICSEARCH_USERNAME: {{ .Values.credentials.elasticsearch.username | b64enc }} + ELASTICSEARCH_PASSWORD: {{ .Values.credentials.elasticsearch.password | b64enc }} + +--- +apiVersion: v1 +kind: Secret +metadata: + name: yas-keycloak-credentials-secret + annotations: + reloader.stakater.com/match: "true" +type: Opaque +data: + KEYCLOAK_BACKOFFICE_BFF_CLIENT_SECRET: {{ .Values.credentials.keycloak.backofficeBffClientSecret | b64enc }} + KEYCLOAK_STOREFRONT_BFF_CLIENT_SECRET: {{ .Values.credentials.keycloak.storefrontBffClientSecret | b64enc }} + KEYCLOAK_CUSTOMER_MANAGEMENT_CLIENT_SECRET: {{ .Values.credentials.keycloak.customerManagementClientSecret | b64enc }} + +--- +apiVersion: v1 +kind: Secret +metadata: + name: yas-redis-credentials-secret + annotations: + reloader.stakater.com/match: "true" +type: Opaque +data: + REDIS_PASSWORD: {{ .Values.credentials.redis.password | b64enc }} + +--- +apiVersion: v1 +kind: Secret +metadata: + name: yas-openai-api-key-secret + annotations: + reloader.stakater.com/match: "true" +type: Opaque +data: + OPENAI_API_KEY: {{ .Values.credentials.openai.apiKey | b64enc }} \ No newline at end of file diff --git a/k8s-save/charts/yas-configuration/values.yaml b/k8s-save/charts/yas-configuration/values.yaml new file mode 100644 index 0000000000..4a1e9a30a3 --- /dev/null +++ b/k8s-save/charts/yas-configuration/values.yaml @@ -0,0 +1,312 @@ +credentials: + postgresql: + username: yasadminuser + password: admin + elasticsearch: + username: yas + password: LarUmB3A49NTg9YmgW4= + keycloak: + backofficeBffClientSecret: TVacLC0cQ8tiiEKiTVerTb2YvwQ1TRJF + storefrontBffClientSecret: ZrU9I0q2uXBglBnmvyJdkl1lf0ncr8tn + customerManagementClientSecret: NKAr3rnjwm9jlakgKpelukZGFaHYqIWE + redis: + password: redis + openai: + apiKey: update-me + +#Genneral application.yaml for all microservice +applicationConfig: + server: + shutdown: graceful + port: 80 + + management: + otlp: + tracing: + endpoint: http://opentelemetry-collector.__NS_PREFIX__-observability.svc.cluster.local:4318/v1/traces + server: + port: 8090 + health: + readinessstate: + enabled: true + livenessstate: + enabled: true + tracing: + sampling: + probability: 1.0 + metrics: + tags: + application: ${spring.application.name} + endpoints: + web: + exposure: + include: prometheus, health + endpoint: + health: + probes: + enabled: true + show-details: always + + logging: + pattern: + level: application=${spring.application.name} traceId=%X{traceId:-} spanId=%X{spanId:-} level=%level + + spring: + lifecycle: + timeout-per-shutdown-phase: 30s + security: + oauth2: + resourceserver: + jwt: + issuer-uri: http://identity.yas.local.com/realms/Yas + + datasource: + url: + username: ${POSTGRESQL_USERNAME} + password: ${POSTGRESQL_PASSWORD} + kafka: + bootstrap-servers: kafka-cluster-kafka-brokers.__NS_PREFIX__-kafka.svc.cluster.local:9092 + consumer: + bootstrap-servers: kafka-cluster-kafka-brokers.__NS_PREFIX__-kafka.svc.cluster.local:9092 + + springdoc: + oauthflow: + authorization-url: http://identity.yas.local.com/realms/Yas/protocol/openid-connect/auth + token-url: http://identity.yas.local.com/realms/Yas/protocol/openid-connect/token + + yas: + services: + cart: http://cart/cart + customer: http://customer/customer + inventory: http://inventory/inventory + location: http://location/location + media: http://media/media + order: http://order/order + payment: http://payment/payment + payment-paypal: http://payment-paypal/payment-paypal + product: http://product/product + promotion: http://promotion/promotion + rating: http://rating/rating + search: http://search/search + tax: http://tax/tax + sampledata: http://sampledata/sampledata + recommendation: http://recommendation/recommendation + +# Gateway config for bff microservices +gatewayRoutesConfig: + spring: + cloud: + gateway: + routes: + - id: product_api + uri: http://product + predicates: + - Path=/api/product/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: location_api + uri: http://location + predicates: + - Path=/api/location/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: inventory_api + uri: http://inventory + predicates: + - Path=/api/inventory/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: cart_api + uri: http://cart + predicates: + - Path=/api/cart/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: customer_api + uri: http://customer + predicates: + - Path=/api/customer/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: media_api + uri: http://media + predicates: + - Path=/api/media/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: rating_api + uri: http://rating + predicates: + - Path=/api/rating/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: tax_api + uri: http://tax + predicates: + - Path=/api/tax/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: promotion_api + uri: http://protion + predicates: + - Path=/api/promotion/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: search_api + uri: http://search + predicates: + - Path=/api/search/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: order_api + uri: http://order + predicates: + - Path=/api/order/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: recommendation_api + uri: http://recommendation + predicates: + - Path=/api/recommendation/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: webhook_api + uri: http://webhook + predicates: + - Path=/api/webhook/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: sampledata_api + uri: http://sampledata + predicates: + - Path=/api/sampledata/** + filters: + - RewritePath=/api/(?.*), /$\{segment} + - TokenRelay= + - id: ui + uri: ${UI_HOST} + predicates: + - Path=/** + +backofficeBffExtraConfig: + spring: + data: + redis: + host: __NS_PREFIX__-redis-master.__NS_PREFIX__-redis.svc.cluster.local + password: ${REDIS_PASSWORD} + port: 6379 + security: + oauth2: + client: + provider: + keycloak: + issuer-uri: http://identity.yas.local.com/realms/Yas + registration: + api-client: + provider: keycloak + client-id: backoffice-bff + client-secret: ${KEYCLOAK_BACKOFFICE_BFF_CLIENT_SECRET} + scope: openid, profile, email, roles + +storefrontBffExtraConfig: + spring: + data: + redis: + host: __NS_PREFIX__-redis-master.__NS_PREFIX__-redis.svc.cluster.local + password: ${REDIS_PASSWORD} + port: 6379 + security: + oauth2: + client: + provider: + keycloak: + issuer-uri: http://identity.yas.local.com/realms/Yas + registration: + api-client: + provider: keycloak + client-id: storefront-bff + client-secret: ${KEYCLOAK_STOREFRONT_BFF_CLIENT_SECRET} + scope: openid, profile, email, roles + +# Media application config custom +mediaApplicationConfig: + server: + servlet: + context-path: /media + yas: + publicUrl: http://api.yas.local.com/media + +# Customer application config custom +customerApplicationConfig: + keycloak: + auth-server-url: http://identity.yas.local.com + realm: Yas + resource: customer-management + credentials: + secret: ${KEYCLOAK_CUSTOMER_MANAGEMENT_CLIENT_SECRET} + +# Search application config custom +searchApplicationConfig: + elasticsearch: + url: elasticsearch-es-http.__NS_PREFIX__-elasticsearch.svc.cluster.local + username: ${ELASTICSEARCH_USERNAME} + password: ${ELASTICSEARCH_PASSWORD} + +# Payment-paypal application config custom +paymentPaypalApplicationConfig: + yas: + public: + url: http://storefront.yas.local.com/complete-payment + +# Recommendation application config custom +recommendationApplicationConfig: + spring: + ai: + azure: + openai: + api-key: ${OPENAI_API_KEY} + endpoint: https://product-recommendation.openai.azure.com + embedding: + options: + model: text-embedding-3-small + +sampledataApplicationConfig: + spring: + datasource: + product: + url: jdbc:postgresql://postgresql.__NS_PREFIX__-postgres.svc.cluster.local:5432/product + media: + url: jdbc:postgresql://postgresql.__NS_PREFIX__-postgres.svc.cluster.local:5432/media + +logbackConfig: | + + + + + + + + + + + + + +reloader: + nameOverride: "yas-reloader" + fullnameOverride: "yas-reloader" + reloader: + watchGlobally: false \ No newline at end of file diff --git a/k8s-save/deploy/DeployCLI.md b/k8s-save/deploy/DeployCLI.md new file mode 100755 index 0000000000..9d7bc7bbe6 --- /dev/null +++ b/k8s-save/deploy/DeployCLI.md @@ -0,0 +1,92 @@ +# Deploy yas k8s + +## 0. Start minikube + +```bash +minikube start --driver=docker --disk-size='80000mb' --memory='18g' --cpus='7' --kubernetes-version=v1.29.0 +minikube addons enable ingress +``` + +## 1. Install Ingress NGINX Controller (K8S Cluster) + +```bash +helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx +helm repo update + +helm upgrade --install ingress-nginx ingress-nginx/ingress-nginx \ + --namespace ingress-nginx --create-namespace \ + --set controller.service.type=NodePort \ + --set controller.service.nodePorts.http=30080 \ + --set controller.service.nodePorts.https=30443 +``` + +## 2. Deploy YAS System and Infrastructure + +```bash +cd k8s/deploy/ +./setup-cluster.sh +./setup-redis.sh +./setup-keycloak.sh +./deploy-yas-configuration.sh +./deploy-yas-applications.sh +``` + +## 3. Configure Local DNS (Mapping Domain) + +```bash +# Kiểm tra IP của Node +kubectl get nodes -o wide + +# Thêm cấu hình vào file hosts +sudo nano /etc/hosts +``` + +*Thêm nội dung sau vào file `/etc/hosts`:* + +```text +192.168.49.2 pgoperator.yas.local.com +192.168.49.2 pgadmin.yas.local.com +192.168.49.2 akhq.yas.local.com +192.168.49.2 kibana.yas.local.com +192.168.49.2 identity.yas.local.com +192.168.49.2 backoffice.yas.local.com +192.168.49.2 storefront.yas.local.com +192.168.49.2 grafana.yas.local.com +192.168.49.2 api.yas.local.com +``` + +## 4. Teardown & Cleanup + +```bash +# 1. Xóa các ứng dụng bằng Helm một cách an toàn (tránh lỗi nếu namespace trống) +NAMESPACES="yas postgres elasticsearch kafka keycloak observability zookeeper redis ingress-nginx cert-manager" +for ns in $NAMESPACES; do + helm list -n $ns -q | xargs -r helm uninstall -n $ns +done + +# 2. Xóa các Custom Resource Definitions (CRDs) +kubectl delete crd $(kubectl get crd -o name | grep -E "zalan.do|strimzi|elastic|keycloak|cert-manager|opentelemetry") + +# 3. Xóa toàn bộ dữ liệu (Persistent Volume Claims) TRƯỚC KHI xóa namespace +kubectl delete pvc --all -A + +# 4. Xóa các Namespaces (Bước này sẽ quét sạch các ConfigMap, Secret, Service còn sót lại) +kubectl delete ns $NAMESPACES --ignore-not-found=true + +# 5. (Tùy chọn) Xóa bỏ các Persistent Volumes (PV) bị mồ côi nếu StorageClass không tự dọn +kubectl delete pv --all +``` + +```bash +# Set the prefix you want to delete (e.g., dev-34) +export NS_PREFIX="dev-34" + +# 1. Gỡ Helm Release +helm list -A -o json | jq -r --arg prefix "$NS_PREFIX-" '.[] | select(.name | startswith($prefix)) | .name + " -n " + .namespace' | xargs -r -L1 helm uninstall --ignore-not-found + +# 2. Xóa Namespace +kubectl get ns -o name | grep "$NS_PREFIX-" | xargs -r kubectl delete --ignore-not-found + +# 3. Xóa ClusterRole & ClusterRoleBinding +kubectl get clusterrole,clusterrolebinding -o name | grep "$NS_PREFIX" | xargs -r kubectl delete --ignore-not-found +``` \ No newline at end of file diff --git a/k8s-save/deploy/cluster-config.yaml b/k8s-save/deploy/cluster-config.yaml new file mode 100755 index 0000000000..097013b8a6 --- /dev/null +++ b/k8s-save/deploy/cluster-config.yaml @@ -0,0 +1,24 @@ +domain: yas.local.com +postgresql: + replicas: 1 + username: yasadminuser + password: admin +kafka: + replicas: 1 +zookeeper: + replicas: 1 +elasticsearch: + replicas: 1 + username: yas + password: LarUmB3A49NTg9YmgW4= +keycloak: + bootstrapAdmin: + username: admin + password: admin + backofficeRedirectUrl: http://backoffice.yas.local.com + storefrontRedirectUrl: http://storefront.yas.local.com +grafana: + username: admin + password: admin +redis: + password: redis \ No newline at end of file diff --git a/k8s-save/deploy/correct-deploy.txt b/k8s-save/deploy/correct-deploy.txt new file mode 100644 index 0000000000..a2b77006bb --- /dev/null +++ b/k8s-save/deploy/correct-deploy.txt @@ -0,0 +1,59 @@ +NAMESPACE NAME READY STATUS RESTARTS AGE +cert-manager cert-manager-6c96d777c5-6l4r9 1/1 Running 0 14m +cert-manager cert-manager-cainjector-57ff68fc8-dnc7h 1/1 Running 0 14m +cert-manager cert-manager-webhook-7bb75bd8dd-4q6nw 1/1 Running 0 14m +elasticsearch elastic-operator-0 1/1 Running 0 14m +elasticsearch elasticsearch-es-node-0 1/1 Running 0 13m +elasticsearch kibana-kb-5fd6675fdc-48h58 1/1 Running 0 13m +ingress-nginx ingress-nginx-admission-create-62844 0/1 Completed 0 15m +ingress-nginx ingress-nginx-admission-patch-n5lmp 0/1 Completed 1 15m +ingress-nginx ingress-nginx-controller-57c8d565-jbc4v 1/1 Running 0 15m +kafka akhq-86dbc9b574-d48pq 1/1 Running 0 14m +kafka debezium-connect-cluster-connect-0 1/1 Running 1 (11m ago) 13m +kafka kafka-cluster-entity-operator-b9f7f8759-x494g 3/3 Running 0 11m +kafka kafka-cluster-kafka-0 1/1 Running 0 11m +kafka kafka-cluster-zookeeper-0 1/1 Running 0 13m +kafka strimzi-cluster-operator-5d6f48c6f9-8flk7 1/1 Running 0 14m +keycloak keycloak-0 1/1 Running 0 9m10s +keycloak keycloak-operator-67f4957b5f-m7bw8 1/1 Running 0 12m +keycloak yas-realm-kc-tk72z 0/1 Completed 0 9m26s +kube-system coredns-76f75df574-7fl4g 1/1 Running 0 15m +kube-system etcd-minikube 1/1 Running 0 15m +kube-system kube-apiserver-minikube 1/1 Running 0 15m +kube-system kube-controller-manager-minikube 1/1 Running 0 15m +kube-system kube-proxy-vtfs7 1/1 Running 0 15m +kube-system kube-scheduler-minikube 1/1 Running 0 15m +kube-system storage-provisioner 1/1 Running 1 (14m ago) 15m +observability grafana-operator-85b6cfc89c-xwkgc 1/1 Running 0 12m +observability opentelemetry-operator-5bf7c9845b-925cs 1/1 Running 0 12m +observability promtail-khjtf 1/1 Running 0 12m +observability tempo-0 1/1 Running 0 14m +postgres pgadmin-5d5d8b45b9-v4mrr 1/1 Running 0 14m +postgres postgres-operator-7bb8c88db6-xsgs8 1/1 Running 0 14m +postgres postgresql-0 1/1 Running 0 14m +redis redis-master-0 1/1 Running 0 12m +redis redis-replicas-0 1/1 Running 0 12m +redis redis-replicas-1 1/1 Running 0 9m43s +redis redis-replicas-2 1/1 Running 0 9m21s +yas backoffice-bff-79d9b49fff-mzllj 1/1 Running 0 8m43s +yas backoffice-ui-59bc75b7b5-fc65m 1/1 Running 0 8m41s +yas cart-658ff6dbdb-l5wkj 1/1 Running 0 7m35s +yas customer-695657479c-hv9t9 1/1 Running 0 7m13s +yas inventory-7674966679-cg978 1/1 Running 0 6m51s +yas location-64695778f6-9pdrh 1/1 Running 0 6m29s +yas media-85b645f84d-d9nzk 1/1 Running 0 6m7s +yas order-569b75bcbd-rflbl 1/1 Running 0 5m45s +yas payment-77b7966666-2976z 1/1 Running 0 5m23s +yas product-78cdf9bf7f-r755j 1/1 Running 0 5m1s +yas promotion-5898c6bcd-wgkqx 1/1 Running 0 4m39s +yas rating-6769f7bc66-tclnv 1/1 Running 0 4m16s +yas recommendation-5cb5f8687f-jlvzb 1/1 Running 0 3m10s +yas sampledata-65f66c4d8d-n72pl 1/1 Running 0 2m26s +yas search-74d44f665f-kv28n 1/1 Running 0 3m54s +yas storefront-bff-74955b5c8d-59lf6 1/1 Running 0 8m19s +yas storefront-ui-5cbf77f767-ptr2n 1/1 Running 0 8m17s +yas swagger-ui-65949455cc-cgnwf 1/1 Running 0 7m57s +yas tax-d79cf9c4b-pmwjq 1/1 Running 0 3m32s +yas webhook-5559c675f4-qk69q 1/1 Running 0 2m48s +yas yas-reloader-85c4c65786-6f7v2 1/1 Running 0 12m +zookeeper zookeeper-0 1/1 Running 0 12m \ No newline at end of file diff --git a/k8s-save/deploy/deploy-yas-applications.sh b/k8s-save/deploy/deploy-yas-applications.sh new file mode 100755 index 0000000000..4ff5dd6d28 --- /dev/null +++ b/k8s-save/deploy/deploy-yas-applications.sh @@ -0,0 +1,49 @@ +#!/bin/bash +set -x + +# Auto restart when change configmap or secret +helm repo add stakater https://stakater.github.io/stakater-charts +helm repo update + +read -rd '' DOMAIN \ +< <(yq -r '.domain' ./cluster-config.yaml) + +# Define NS_PREFIX +NS_PREFIX=${NS_PREFIX:-yas-dev} +APP_NS="${NS_PREFIX}-yas" + +helm dependency build ../charts/backoffice-bff +helm upgrade --install "${NS_PREFIX}-backoffice-bff" ../charts/backoffice-bff \ +--namespace "$APP_NS" --create-namespace \ +--set backend.ingress.host="backoffice.$DOMAIN" + +helm dependency build ../charts/backoffice-ui +helm upgrade --install "${NS_PREFIX}-backoffice-ui" ../charts/backoffice-ui \ +--namespace "$APP_NS" --create-namespace + +sleep 20 + +helm dependency build ../charts/storefront-bff +helm upgrade --install "${NS_PREFIX}-storefront-bff" ../charts/storefront-bff \ +--namespace "$APP_NS" --create-namespace \ +--set backend.ingress.host="storefront.$DOMAIN" + +helm dependency build ../charts/storefront-ui +helm upgrade --install "${NS_PREFIX}-storefront-ui" ../charts/storefront-ui \ +--namespace "$APP_NS" --create-namespace + +sleep 20 + +helm upgrade --install "${NS_PREFIX}-swagger-ui" ../charts/swagger-ui \ +--namespace "$APP_NS" --create-namespace \ +--set ingress.host="api.$DOMAIN" + +sleep 20 + +for chart in {"cart","customer","inventory","location","media","order","payment","product","promotion","rating","search","tax","recommendation","webhook","sampledata"} ; do + helm dependency build ../charts/"$chart" + helm upgrade --install "${NS_PREFIX}-$chart" ../charts/"$chart" \ + --namespace "$APP_NS" --create-namespace \ + --set backend.ingress.host="api.$DOMAIN" + sleep 20 +done diff --git a/k8s-save/deploy/deploy-yas-configuration.sh b/k8s-save/deploy/deploy-yas-configuration.sh new file mode 100755 index 0000000000..9a37521418 --- /dev/null +++ b/k8s-save/deploy/deploy-yas-configuration.sh @@ -0,0 +1,14 @@ +#!/bin/bash +set -x + +# Auto restart when change configmap or secret +helm repo add stakater https://stakater.github.io/stakater-charts +helm repo update + +# Define NS_PREFIX +NS_PREFIX=${NS_PREFIX:-yas-dev} + +helm dependency build ../charts/yas-configuration +helm upgrade --install "${NS_PREFIX}-yas-configuration" ../charts/yas-configuration \ +--namespace "${NS_PREFIX}-yas" --create-namespace + diff --git a/k8s-save/deploy/elasticsearch/elasticsearch-cluster/.helmignore b/k8s-save/deploy/elasticsearch/elasticsearch-cluster/.helmignore new file mode 100644 index 0000000000..c15212ef1d --- /dev/null +++ b/k8s-save/deploy/elasticsearch/elasticsearch-cluster/.helmignore @@ -0,0 +1,24 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ +templates/filerealm diff --git a/k8s-save/deploy/elasticsearch/elasticsearch-cluster/Chart.yaml b/k8s-save/deploy/elasticsearch/elasticsearch-cluster/Chart.yaml new file mode 100644 index 0000000000..61cd1aeb23 --- /dev/null +++ b/k8s-save/deploy/elasticsearch/elasticsearch-cluster/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: elasticsearch-cluster +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/k8s-save/deploy/elasticsearch/elasticsearch-cluster/filerealm/users b/k8s-save/deploy/elasticsearch/elasticsearch-cluster/filerealm/users new file mode 100644 index 0000000000..e828a47c3e --- /dev/null +++ b/k8s-save/deploy/elasticsearch/elasticsearch-cluster/filerealm/users @@ -0,0 +1 @@ +yas:$2a$10$0YmyY3Y4qhsUlDRqRoeslebIs3pEa.7Gay8R7XzWvMo2da7mkmLo. \ No newline at end of file diff --git a/k8s-save/deploy/elasticsearch/elasticsearch-cluster/templates/_helpers.tpl b/k8s-save/deploy/elasticsearch/elasticsearch-cluster/templates/_helpers.tpl new file mode 100644 index 0000000000..cfe9457f38 --- /dev/null +++ b/k8s-save/deploy/elasticsearch/elasticsearch-cluster/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "elasticsearch-cluster.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "elasticsearch-cluster.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "elasticsearch-cluster.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "elasticsearch-cluster.labels" -}} +helm.sh/chart: {{ include "elasticsearch-cluster.chart" . }} +{{ include "elasticsearch-cluster.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "elasticsearch-cluster.selectorLabels" -}} +app.kubernetes.io/name: {{ include "elasticsearch-cluster.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "elasticsearch-cluster.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "elasticsearch-cluster.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/deploy/elasticsearch/elasticsearch-cluster/templates/elasticsearch.yaml b/k8s-save/deploy/elasticsearch/elasticsearch-cluster/templates/elasticsearch.yaml new file mode 100644 index 0000000000..1d9d506a94 --- /dev/null +++ b/k8s-save/deploy/elasticsearch/elasticsearch-cluster/templates/elasticsearch.yaml @@ -0,0 +1,18 @@ +apiVersion: elasticsearch.k8s.elastic.co/v1 +kind: Elasticsearch +metadata: + name: elasticsearch +spec: + http: + tls: + selfSignedCertificate: + disabled: true + version: 8.8.1 + auth: + fileRealm: + - secretName: user-credentials-secret + nodeSets: + - name: node + count: {{ .Values.elasticsearch.replicas }} + config: + node.store.allow_mmap: false diff --git a/k8s-save/deploy/elasticsearch/elasticsearch-cluster/templates/kibana-ingress.yaml b/k8s-save/deploy/elasticsearch/elasticsearch-cluster/templates/kibana-ingress.yaml new file mode 100644 index 0000000000..030f08b816 --- /dev/null +++ b/k8s-save/deploy/elasticsearch/elasticsearch-cluster/templates/kibana-ingress.yaml @@ -0,0 +1,17 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: kibana-ingress +spec: + ingressClassName: {{ .Values.kibana.ingress.className }} + rules: + - host: {{ .Values.kibana.ingress.hostname }} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: kibana-kb-http + port: + number: 5601 \ No newline at end of file diff --git a/k8s-save/deploy/elasticsearch/elasticsearch-cluster/templates/kibana.yaml b/k8s-save/deploy/elasticsearch/elasticsearch-cluster/templates/kibana.yaml new file mode 100644 index 0000000000..5af5d00fff --- /dev/null +++ b/k8s-save/deploy/elasticsearch/elasticsearch-cluster/templates/kibana.yaml @@ -0,0 +1,13 @@ +apiVersion: kibana.k8s.elastic.co/v1 +kind: Kibana +metadata: + name: kibana +spec: + version: 8.8.1 + count: 1 + elasticsearchRef: + name: elasticsearch + http: + tls: + selfSignedCertificate: + disabled: true \ No newline at end of file diff --git a/k8s-save/deploy/elasticsearch/elasticsearch-cluster/templates/user-credentials.secret.yaml b/k8s-save/deploy/elasticsearch/elasticsearch-cluster/templates/user-credentials.secret.yaml new file mode 100644 index 0000000000..0f46520af3 --- /dev/null +++ b/k8s-save/deploy/elasticsearch/elasticsearch-cluster/templates/user-credentials.secret.yaml @@ -0,0 +1,12 @@ +kind: Secret +apiVersion: v1 +metadata: + name: user-credentials-secret +stringData: + {{- $files := .Files }} + users: |- + {{- range tuple "filerealm/users" }} + {{ $files.Get . }} + {{- end }} + users_roles: |- + superuser:yas \ No newline at end of file diff --git a/k8s-save/deploy/elasticsearch/elasticsearch-cluster/values.yaml b/k8s-save/deploy/elasticsearch/elasticsearch-cluster/values.yaml new file mode 100644 index 0000000000..12fc969fd3 --- /dev/null +++ b/k8s-save/deploy/elasticsearch/elasticsearch-cluster/values.yaml @@ -0,0 +1,6 @@ +elasticsearch: + replicas: 1 +kibana: + ingress: + className: nginx + hostname: kibana.yas.local.com diff --git a/k8s-save/deploy/kafka/akhq.values.yaml b/k8s-save/deploy/kafka/akhq.values.yaml new file mode 100644 index 0000000000..510241dc3a --- /dev/null +++ b/k8s-save/deploy/kafka/akhq.values.yaml @@ -0,0 +1,23 @@ +configuration: + akhq: + server: + access-log: + enabled: false + name: org.akhq.log.access + connections: + kafka-connection: + properties: + bootstrap.servers: kafka-cluster-kafka-bootstrap:9092 + connect: + - name: debezium-connect-cluster + url: http://debezium-connect-cluster-connect-api:8083 +hostname: &hostname akhq.yas.local.com +ingress: + enabled: true + ingressClassName: nginx + annotations: {} + paths: + - / + hosts: + - *hostname + tls: [] diff --git a/k8s-save/deploy/kafka/kafka-cluster/Chart.yaml b/k8s-save/deploy/kafka/kafka-cluster/Chart.yaml new file mode 100644 index 0000000000..b4a342e362 --- /dev/null +++ b/k8s-save/deploy/kafka/kafka-cluster/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: kafka-cluster +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/k8s-save/deploy/kafka/kafka-cluster/templates/_helpers.tpl b/k8s-save/deploy/kafka/kafka-cluster/templates/_helpers.tpl new file mode 100644 index 0000000000..78bf2fe072 --- /dev/null +++ b/k8s-save/deploy/kafka/kafka-cluster/templates/_helpers.tpl @@ -0,0 +1,70 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "kafka.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "kafka.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "kafka.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "kafka.labels" -}} +helm.sh/chart: {{ include "kafka.chart" . }} +{{ include "kafka.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "kafka.selectorLabels" -}} +app.kubernetes.io/name: {{ include "kafka.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "kafka.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "kafka.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{- define "kafka.namespace" -}} +{{- if .Values.namespaceOverride }} +{{- .Values.namespaceOverride }} +{{- else }} +{{- .Release.Namespace }} +{{- end }} +{{- end }} diff --git a/k8s-save/deploy/kafka/kafka-cluster/templates/credentials.secret.yaml b/k8s-save/deploy/kafka/kafka-cluster/templates/credentials.secret.yaml new file mode 100644 index 0000000000..88b2e49f7c --- /dev/null +++ b/k8s-save/deploy/kafka/kafka-cluster/templates/credentials.secret.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Secret +metadata: + name: postgresql.credentials +type: Opaque +data: + username: {{ .Values.postgresql.username | b64enc }} + password: {{ .Values.postgresql.password | b64enc }} \ No newline at end of file diff --git a/k8s-save/deploy/kafka/kafka-cluster/templates/debezium-connect-cluster.yaml b/k8s-save/deploy/kafka/kafka-cluster/templates/debezium-connect-cluster.yaml new file mode 100644 index 0000000000..73be167751 --- /dev/null +++ b/k8s-save/deploy/kafka/kafka-cluster/templates/debezium-connect-cluster.yaml @@ -0,0 +1,33 @@ +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaConnect +metadata: + name: debezium-connect-cluster + annotations: + strimzi.io/use-connector-resources: "true" +spec: + replicas: 1 + bootstrapServers: kafka-cluster-kafka-bootstrap:9092 + image: {{ .Values.debeziumConnect.image }} + config: + config.providers: secrets + config.providers.secrets.class: io.strimzi.kafka.KubernetesSecretConfigProvider + group.id: connect-cluster + offset.storage.topic: kafka_connect_offsets + config.storage.topic: kafka_connect_configs + status.storage.topic: kafka_connect_status + # -1 means it will use the default replication factor configured in the broker + config.storage.replication.factor: -1 + offset.storage.replication.factor: -1 + status.storage.replication.factor: -1 + {{- if eq .Values.debeziumConnect.buildImage true }} + build: + output: + type: docker + image: {{ .Values.debeziumConnect.image }} + pushSecret: docker-registry.secret + plugins: + - name: debezium-postgresql-connector + artifacts: + - type: tgz + url: https://repo1.maven.org/maven2/io/debezium/debezium-connector-postgres/2.3.0.Final/debezium-connector-postgres-2.3.0.Final-plugin.tar.gz + {{- end }} \ No newline at end of file diff --git a/k8s-save/deploy/kafka/kafka-cluster/templates/debezium-connector-postgresql-product-db.yaml b/k8s-save/deploy/kafka/kafka-cluster/templates/debezium-connector-postgresql-product-db.yaml new file mode 100644 index 0000000000..7e4384b1b3 --- /dev/null +++ b/k8s-save/deploy/kafka/kafka-cluster/templates/debezium-connector-postgresql-product-db.yaml @@ -0,0 +1,21 @@ +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaConnector +metadata: + name: debezium-connector-postgresql-product-db + labels: + strimzi.io/cluster: debezium-connect-cluster +spec: + class: io.debezium.connector.postgresql.PostgresConnector + config: + database.hostname: postgresql.__NS_PREFIX__-postgres.svc.cluster.local + database.port: 5432 + database.user: ${secrets:postgresql.credentials:username} + database.password: ${secrets:postgresql.credentials:password} + topic.prefix: dbproduct + database.dbname: product + table.include.list: public.product + schema.include.list: public + key.converter.schemas.enable: false + value.converter.schemas.enable: false + value.converter: org.apache.kafka.connect.json.JsonConverter + key.converter: org.apache.kafka.connect.json.JsonConverter \ No newline at end of file diff --git a/k8s-save/deploy/kafka/kafka-cluster/templates/kafka-cluster.yaml b/k8s-save/deploy/kafka/kafka-cluster/templates/kafka-cluster.yaml new file mode 100644 index 0000000000..564dce8f64 --- /dev/null +++ b/k8s-save/deploy/kafka/kafka-cluster/templates/kafka-cluster.yaml @@ -0,0 +1,46 @@ +apiVersion: kafka.strimzi.io/v1beta2 +kind: Kafka +metadata: + name: kafka-cluster +spec: + kafka: + replicas: {{ .Values.kafka.replicas }} + listeners: + - name: plain + port: 9092 + type: internal + tls: false + - name: tls + port: 9093 + type: internal + tls: true + authentication: + type: tls + - name: external + port: 9094 + type: nodeport + tls: false + storage: + type: jbod + volumes: + - id: 0 + type: persistent-claim + size: 10Gi + deleteClaim: false + config: + offsets.topic.replication.factor: 1 + transaction.state.log.replication.factor: 1 + transaction.state.log.min.isr: 1 + default.replication.factor: 1 + min.insync.replicas: 1 + zookeeper: + replicas: {{ .Values.zookeeper.replicas }} + config: + quorumListenOnAllIPs: "true" + storage: + type: persistent-claim + size: {{ .Values.zookeeper.storeSize }} + deleteClaim: false + entityOperator: + topicOperator: {} + userOperator: {} \ No newline at end of file diff --git a/k8s-save/deploy/kafka/kafka-cluster/templates/role-binding.yaml b/k8s-save/deploy/kafka/kafka-cluster/templates/role-binding.yaml new file mode 100644 index 0000000000..a50a32784f --- /dev/null +++ b/k8s-save/deploy/kafka/kafka-cluster/templates/role-binding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: connector-configuration-role-binding +subjects: + - kind: ServiceAccount + name: debezium-connect-cluster-connect + namespace: {{ include "kafka.namespace" . }} +roleRef: + kind: Role + name: connector-configuration-role + apiGroup: rbac.authorization.k8s.io \ No newline at end of file diff --git a/k8s-save/deploy/kafka/kafka-cluster/templates/role.yaml b/k8s-save/deploy/kafka/kafka-cluster/templates/role.yaml new file mode 100644 index 0000000000..28d1929944 --- /dev/null +++ b/k8s-save/deploy/kafka/kafka-cluster/templates/role.yaml @@ -0,0 +1,9 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: connector-configuration-role +rules: + - apiGroups: [""] + resources: ["secrets"] + resourceNames: ["postgresql.credentials"] + verbs: ["get", "watch", "list"] \ No newline at end of file diff --git a/k8s-save/deploy/kafka/kafka-cluster/values.yaml b/k8s-save/deploy/kafka/kafka-cluster/values.yaml new file mode 100644 index 0000000000..9bf79352c0 --- /dev/null +++ b/k8s-save/deploy/kafka/kafka-cluster/values.yaml @@ -0,0 +1,11 @@ +kafka: + replicas: 1 +zookeeper: + replicas: 1 + storeSize: 5Gi +postgresql: + username: yasadminuser + password: admin +debeziumConnect: + image: melyen/my-debezium-postgres:latest + buildImage: false #Enabled when build debezium-connect-postgresql image \ No newline at end of file diff --git a/k8s-save/deploy/keycloak/keycloak/.helmignore b/k8s-save/deploy/keycloak/keycloak/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/deploy/keycloak/keycloak/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/deploy/keycloak/keycloak/Chart.yaml b/k8s-save/deploy/keycloak/keycloak/Chart.yaml new file mode 100644 index 0000000000..dc9b37c026 --- /dev/null +++ b/k8s-save/deploy/keycloak/keycloak/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: keycloak +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/k8s-save/deploy/keycloak/keycloak/templates/_helpers.tpl b/k8s-save/deploy/keycloak/keycloak/templates/_helpers.tpl new file mode 100644 index 0000000000..5ae124b1ba --- /dev/null +++ b/k8s-save/deploy/keycloak/keycloak/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "keycloak.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "keycloak.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "keycloak.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "keycloak.labels" -}} +helm.sh/chart: {{ include "keycloak.chart" . }} +{{ include "keycloak.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "keycloak.selectorLabels" -}} +app.kubernetes.io/name: {{ include "keycloak.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "keycloak.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "keycloak.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/deploy/keycloak/keycloak/templates/keycloak-credential.secret.yaml b/k8s-save/deploy/keycloak/keycloak/templates/keycloak-credential.secret.yaml new file mode 100644 index 0000000000..72312d2fcd --- /dev/null +++ b/k8s-save/deploy/keycloak/keycloak/templates/keycloak-credential.secret.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Secret +metadata: + name: keycloak-credentials +type: Opaque +data: + username: {{ .Values.bootstrapAdmin.username | b64enc }} + password: {{ .Values.bootstrapAdmin.password | b64enc }} \ No newline at end of file diff --git a/k8s-save/deploy/keycloak/keycloak/templates/keycloak-yas-realm-import.yaml b/k8s-save/deploy/keycloak/keycloak/templates/keycloak-yas-realm-import.yaml new file mode 100644 index 0000000000..ba0ca4644f --- /dev/null +++ b/k8s-save/deploy/keycloak/keycloak/templates/keycloak-yas-realm-import.yaml @@ -0,0 +1,2054 @@ +apiVersion: k8s.keycloak.org/v2alpha1 +kind: KeycloakRealmImport +metadata: + name: yas-realm-kc +spec: + keycloakCRName: keycloak + realm: + id: Yas + realm: Yas + notBefore: 0 + defaultSignatureAlgorithm: RS256 + revokeRefreshToken: false + refreshTokenMaxReuse: 0 + accessTokenLifespan: 300 + accessTokenLifespanForImplicitFlow: 900 + ssoSessionIdleTimeout: 1800 + ssoSessionMaxLifespan: 36000 + ssoSessionIdleTimeoutRememberMe: 0 + ssoSessionMaxLifespanRememberMe: 0 + offlineSessionIdleTimeout: 2592000 + offlineSessionMaxLifespanEnabled: false + offlineSessionMaxLifespan: 5184000 + clientSessionIdleTimeout: 0 + clientSessionMaxLifespan: 0 + clientOfflineSessionIdleTimeout: 0 + clientOfflineSessionMaxLifespan: 0 + accessCodeLifespan: 60 + accessCodeLifespanUserAction: 300 + accessCodeLifespanLogin: 1800 + actionTokenGeneratedByAdminLifespan: 43200 + actionTokenGeneratedByUserLifespan: 300 + oauth2DeviceCodeLifespan: 600 + oauth2DevicePollingInterval: 5 + enabled: true + sslRequired: none + registrationAllowed: true + registrationEmailAsUsername: false + rememberMe: false + verifyEmail: false + loginWithEmailAllowed: true + duplicateEmailsAllowed: false + resetPasswordAllowed: false + editUsernameAllowed: false + bruteForceProtected: false + permanentLockout: false + maxFailureWaitSeconds: 900 + minimumQuickLoginWaitSeconds: 60 + waitIncrementSeconds: 60 + quickLoginCheckMilliSeconds: 1000 + maxDeltaTimeSeconds: 43200 + failureFactor: 30 + roles: + realm: + - id: 2006cd24-9bfb-417d-8e0b-81ef33fac6cf + name: CUSTOMER + composite: false + clientRole: false + containerId: Yas + attributes: { } + - id: a4b40d5f-75d9-47d4-9119-eaf7db5a6c25 + name: uma_authorization + description: ${role_uma_authorization} + composite: false + clientRole: false + containerId: Yas + attributes: { } + - id: 514784fb-7137-4134-bad7-db373e7d398a + name: offline_access + description: ${role_offline-access} + composite: false + clientRole: false + containerId: Yas + attributes: { } + - id: f2da71cd-654f-4beb-8ec8-fa78d6fc1219 + name: default-roles-yas + description: ${role_default-roles} + composite: true + composites: + realm: + - offline_access + - CUSTOMER + - uma_authorization + clientRole: false + containerId: Yas + attributes: { } + - id: eadee165-c7b4-4508-bf60-937580c5d987 + name: ADMIN + composite: false + clientRole: false + containerId: Yas + attributes: { } + - id: 7cdd5ed7-4a2b-4b71-aa7a-f4b1085dd507 + name: GUEST + composite: false + clientRole: false + containerId: Yas + attributes: { } + client: + customer-management: + - id: bbe55368-20f8-4787-b7c2-fc7e32073ad6 + name: uma_protection + composite: false + clientRole: true + containerId: 60946636-ed9b-470c-b900-277f4d41ba80 + attributes: { } + realm-management: + - id: b347faf1-614c-4560-b309-3963c8b8ed72 + name: query-users + description: ${role_query-users} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 6d01b738-8f9d-465b-9464-25389823c74f + name: view-users + composite: true + composites: + client: + realm-management: + - query-users + - query-groups + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 51a27561-fffb-40f1-a2b6-d7608bde9269 + name: manage-events + description: ${role_manage-events} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 6ba0385a-dc94-4da0-8649-92d9d684263e + name: impersonation + description: ${role_impersonation} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 955f290e-e4d8-4af9-909c-09f776378031 + name: manage-clients + description: ${role_manage-clients} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 76a7b8bd-3440-4ae2-b951-51626d3468ae + name: manage-identity-providers + description: ${role_manage-identity-providers} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: de9badf2-e26c-4193-80d4-a604c659ed4f + name: create-client + description: ${role_create-client} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: f00232df-6145-458e-9ce7-c7bc2334fa43 + name: query-clients + description: ${role_query-clients} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 41dbcfdb-d5fa-42ef-bbe9-af26f2c43bdb + name: manage-users + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 5abdaafd-95b9-4f8c-8328-78f991efbb00 + name: view-clients + description: ${role_view-clients} + composite: true + composites: + client: + realm-management: + - query-clients + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: f3048ffb-3023-4973-a25e-dfe42e83cc54 + name: view-identity-providers + description: ${role_view-identity-providers} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 6c17291d-e469-4139-aa90-b5e3b1a44e46 + name: view-authorization + description: ${role_view-authorization} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: e2b7165b-59d7-415b-a4b9-cd705eae95a3 + name: manage-realm + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 48084127-c5e1-41be-ba71-2406823788ae + name: view-events + description: ${role_view-events} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 361537c1-1c9e-47dc-906c-c96b2eeb654d + name: query-groups + description: ${role_query-groups} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 2d591814-fb0b-4df2-b8fa-4d894bf2789a + name: realm-admin + description: ${role_realm-admin} + composite: true + composites: + client: + realm-management: + - query-users + - manage-events + - impersonation + - manage-clients + - manage-identity-providers + - create-client + - query-clients + - view-clients + - view-identity-providers + - view-authorization + - view-events + - query-groups + - query-realms + - view-realm + - manage-authorization + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 0b754c52-b512-4c64-aa72-d358e18aabbc + name: query-realms + description: ${role_query-realms} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 95a46057-7254-452e-b6b9-f34178a84aa8 + name: manage-authorization + description: ${role_manage-authorization} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + - id: 6ec2be44-3b2d-49aa-9706-1845559d986e + name: view-realm + description: ${role_view-realm} + composite: false + clientRole: true + containerId: cdd87e47-0556-4612-95ad-122de3a09b8f + attributes: { } + backoffice-bff: [ ] + security-admin-console: [ ] + admin-cli: [ ] + storefront-bff: + - id: 4e71f89c-cffc-4a7a-8bf3-51524e6db708 + name: uma_protection + composite: false + clientRole: true + containerId: 4f64c142-0545-44bb-9446-2a18b9c9effd + attributes: { } + account-console: [ ] + broker: [ ] + account: + - id: 84c2f82c-0d3c-4b44-ba9d-d38600a94f3d + name: delete-account + description: ${role_delete-account} + composite: false + clientRole: true + containerId: 63a551a9-12e6-465b-9b06-83747ff64c8d + attributes: { } + - id: 4ce54078-8a93-4155-9ba8-cd7fab17c24c + name: view-groups + description: ${role_view-groups} + composite: false + clientRole: true + containerId: 63a551a9-12e6-465b-9b06-83747ff64c8d + attributes: { } + swagger-ui: [ ] + groups: [ ] + defaultRole: + id: f2da71cd-654f-4beb-8ec8-fa78d6fc1219 + name: default-roles-yas + description: ${role_default-roles} + composite: true + clientRole: false + containerId: Yas + requiredCredentials: + - password + otpPolicyType: totp + otpPolicyAlgorithm: HmacSHA1 + otpPolicyInitialCounter: 0 + otpPolicyDigits: 6 + otpPolicyLookAheadWindow: 1 + otpPolicyPeriod: 30 + otpPolicyCodeReusable: false + otpSupportedApplications: + - totpAppGoogleName + - totpAppFreeOTPName + - totpAppMicrosoftAuthenticatorName + webAuthnPolicyRpEntityName: keycloak + webAuthnPolicySignatureAlgorithms: + - ES256 + webAuthnPolicyRpId: '' + webAuthnPolicyAttestationConveyancePreference: not specified + webAuthnPolicyAuthenticatorAttachment: not specified + webAuthnPolicyRequireResidentKey: not specified + webAuthnPolicyUserVerificationRequirement: not specified + webAuthnPolicyCreateTimeout: 0 + webAuthnPolicyAvoidSameAuthenticatorRegister: false + webAuthnPolicyAcceptableAaguids: [ ] + webAuthnPolicyPasswordlessRpEntityName: keycloak + webAuthnPolicyPasswordlessSignatureAlgorithms: + - ES256 + webAuthnPolicyPasswordlessRpId: '' + webAuthnPolicyPasswordlessAttestationConveyancePreference: not specified + webAuthnPolicyPasswordlessAuthenticatorAttachment: not specified + webAuthnPolicyPasswordlessRequireResidentKey: not specified + webAuthnPolicyPasswordlessUserVerificationRequirement: not specified + webAuthnPolicyPasswordlessCreateTimeout: 0 + webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister: false + webAuthnPolicyPasswordlessAcceptableAaguids: [ ] + users: + - id: 6a4ccf58-14a7-4c68-8f35-9107f98755b2 + createdTimestamp: 1678334999731 + username: admin + enabled: true + totp: false + emailVerified: false + firstName: John + lastName: Doe + email: admin@gmail.com + credentials: + - id: 0bed1acd-4585-450d-9fca-0cd02fb57140 + type: password + userLabel: My password + createdDate: 1678346530213 + secretData: '{"value":"u6oZH6INLj3cGGIJNxhhVUAhJQhYpFmsr3yLLQyVNqs=","salt":"WmnWNNQ1hvyeXj0NlcVugA==","additionalParameters":{}}' + credentialData: '{"hashIterations":27500,"algorithm":"pbkdf2-sha256","additionalParameters":{}}' + disableableCredentialTypes: [ ] + requiredActions: [ ] + realmRoles: + - default-roles-yas + - ADMIN + notBefore: 0 + groups: [ ] + - id: 6249ae7e-844e-4ed7-9b66-02013a98ba2e + createdTimestamp: 1663154002788 + username: service-account-customer-management + enabled: true + totp: false + emailVerified: false + serviceAccountClientId: customer-management + disableableCredentialTypes: [ ] + requiredActions: [ ] + realmRoles: + - default-roles-yas + clientRoles: + realm-management: + - view-users + - manage-realm + - manage-users + customer-management: + - uma_protection + notBefore: 0 + groups: [ ] + - id: 338216c3-c4a7-4d4f-b394-72d7a79c579e + createdTimestamp: 1678087360744 + username: service-account-storefront-bff + enabled: true + totp: false + emailVerified: false + serviceAccountClientId: storefront-bff + disableableCredentialTypes: [ ] + requiredActions: [ ] + realmRoles: + - default-roles-yas + clientRoles: + storefront-bff: + - uma_protection + notBefore: 0 + groups: [ ] + scopeMappings: + - clientScope: offline_access + roles: + - offline_access + clientScopeMappings: + account: + - client: account-console + roles: + - view-groups + clients: + - id: 63a551a9-12e6-465b-9b06-83747ff64c8d + clientId: account + name: ${client_account} + rootUrl: ${authBaseUrl} + baseUrl: /realms/Yas/account/ + surrogateAuthRequired: false + enabled: true + alwaysDisplayInConsole: false + clientAuthenticatorType: client-secret + redirectUris: + - /realms/Yas/account/* + webOrigins: [ ] + notBefore: 0 + bearerOnly: false + consentRequired: false + standardFlowEnabled: true + implicitFlowEnabled: false + directAccessGrantsEnabled: false + serviceAccountsEnabled: false + publicClient: true + frontchannelLogout: false + protocol: openid-connect + attributes: + post.logout.redirect.uris: + + authenticationFlowBindingOverrides: { } + fullScopeAllowed: false + nodeReRegistrationTimeout: 0 + defaultClientScopes: + - web-origins + - roles + - profile + - email + optionalClientScopes: + - address + - phone + - offline_access + - microprofile-jwt + - id: c9b985d8-1db7-43aa-aabe-35b103bce986 + clientId: account-console + name: ${client_account-console} + rootUrl: ${authBaseUrl} + baseUrl: /realms/Yas/account/ + surrogateAuthRequired: false + enabled: true + alwaysDisplayInConsole: false + clientAuthenticatorType: client-secret + redirectUris: + - /realms/Yas/account/* + webOrigins: [ ] + notBefore: 0 + bearerOnly: false + consentRequired: false + standardFlowEnabled: true + implicitFlowEnabled: false + directAccessGrantsEnabled: false + serviceAccountsEnabled: false + publicClient: true + frontchannelLogout: false + protocol: openid-connect + attributes: + post.logout.redirect.uris: + + pkce.code.challenge.method: S256 + authenticationFlowBindingOverrides: { } + fullScopeAllowed: false + nodeReRegistrationTimeout: 0 + protocolMappers: + - id: 667a0992-0916-45fc-aa7d-a70573b56ee9 + name: audience resolve + protocol: openid-connect + protocolMapper: oidc-audience-resolve-mapper + consentRequired: false + config: { } + defaultClientScopes: + - web-origins + - roles + - profile + - email + optionalClientScopes: + - address + - phone + - offline_access + - microprofile-jwt + - id: 2872ae9d-daf4-4ff9-9556-15870acbfaff + clientId: admin-cli + name: ${client_admin-cli} + surrogateAuthRequired: false + enabled: true + alwaysDisplayInConsole: false + clientAuthenticatorType: client-secret + redirectUris: [ ] + webOrigins: [ ] + notBefore: 0 + bearerOnly: false + consentRequired: false + standardFlowEnabled: false + implicitFlowEnabled: false + directAccessGrantsEnabled: true + serviceAccountsEnabled: false + publicClient: true + frontchannelLogout: false + protocol: openid-connect + attributes: + post.logout.redirect.uris: + + authenticationFlowBindingOverrides: { } + fullScopeAllowed: false + nodeReRegistrationTimeout: 0 + defaultClientScopes: + - web-origins + - roles + - profile + - email + optionalClientScopes: + - address + - phone + - offline_access + - microprofile-jwt + - id: 26490047-2a91-4938-9324-371523ad1e14 + clientId: backoffice-bff + surrogateAuthRequired: false + enabled: true + alwaysDisplayInConsole: false + clientAuthenticatorType: client-secret + secret: TVacLC0cQ8tiiEKiTVerTb2YvwQ1TRJF + redirectUris: + - {{ .Values.backofficeRedirectUrl }}/* + - http://localhost:3000/* + - http://localhost:8087/* + webOrigins: [ ] + notBefore: 0 + bearerOnly: false + consentRequired: false + standardFlowEnabled: true + implicitFlowEnabled: false + directAccessGrantsEnabled: true + serviceAccountsEnabled: false + publicClient: false + frontchannelLogout: false + protocol: openid-connect + attributes: + saml.assertion.signature: 'false' + id.token.as.detached.signature: 'false' + saml.multivalued.roles: 'false' + saml.force.post.binding: 'false' + saml.encrypt: 'false' + post.logout.redirect.uris: + + oauth2.device.authorization.grant.enabled: 'false' + backchannel.logout.revoke.offline.tokens: 'false' + saml.server.signature: 'false' + saml.server.signature.keyinfo.ext: 'false' + use.refresh.tokens: 'true' + exclude.session.state.from.auth.response: 'false' + oidc.ciba.grant.enabled: 'false' + saml.artifact.binding: 'false' + backchannel.logout.session.required: 'true' + client_credentials.use_refresh_token: 'false' + saml_force_name_id_format: 'false' + saml.client.signature: 'false' + tls.client.certificate.bound.access.tokens: 'false' + require.pushed.authorization.requests: 'false' + saml.authnstatement: 'false' + display.on.consent.screen: 'false' + saml.onetimeuse.condition: 'false' + authenticationFlowBindingOverrides: { } + fullScopeAllowed: true + nodeReRegistrationTimeout: -1 + protocolMappers: + - id: bde88d27-ba50-4b7a-87b3-f610d7e93c2e + name: realm roles + protocol: openid-connect + protocolMapper: oidc-usermodel-realm-role-mapper + consentRequired: false + config: + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: realm_access.roles + userinfo.token.claim: 'true' + multivalued: 'true' + defaultClientScopes: + - web-origins + - roles + - profile + - email + optionalClientScopes: + - address + - phone + - offline_access + - microprofile-jwt + - id: 2705a11e-bac1-40dc-a67a-12894e2a2acd + clientId: broker + name: ${client_broker} + surrogateAuthRequired: false + enabled: true + alwaysDisplayInConsole: false + clientAuthenticatorType: client-secret + redirectUris: [ ] + webOrigins: [ ] + notBefore: 0 + bearerOnly: true + consentRequired: false + standardFlowEnabled: true + implicitFlowEnabled: false + directAccessGrantsEnabled: false + serviceAccountsEnabled: false + publicClient: false + frontchannelLogout: false + protocol: openid-connect + attributes: + post.logout.redirect.uris: + + authenticationFlowBindingOverrides: { } + fullScopeAllowed: false + nodeReRegistrationTimeout: 0 + defaultClientScopes: + - web-origins + - roles + - profile + - email + optionalClientScopes: + - address + - phone + - offline_access + - microprofile-jwt + - id: 60946636-ed9b-470c-b900-277f4d41ba80 + clientId: customer-management + surrogateAuthRequired: false + enabled: true + alwaysDisplayInConsole: false + clientAuthenticatorType: client-secret + secret: NKAr3rnjwm9jlakgKpelukZGFaHYqIWE + redirectUris: + - '' + webOrigins: [ ] + notBefore: 0 + bearerOnly: false + consentRequired: false + standardFlowEnabled: true + implicitFlowEnabled: false + directAccessGrantsEnabled: true + serviceAccountsEnabled: true + authorizationServicesEnabled: true + publicClient: false + frontchannelLogout: false + protocol: openid-connect + attributes: + access.token.lifespan: '3600' + saml.multivalued.roles: 'false' + saml.force.post.binding: 'false' + post.logout.redirect.uris: + + oauth2.device.authorization.grant.enabled: 'false' + backchannel.logout.revoke.offline.tokens: 'false' + saml.server.signature.keyinfo.ext: 'false' + use.refresh.tokens: 'true' + oidc.ciba.grant.enabled: 'false' + backchannel.logout.session.required: 'true' + client_credentials.use_refresh_token: 'false' + saml.client.signature: 'false' + require.pushed.authorization.requests: 'false' + saml.assertion.signature: 'false' + id.token.as.detached.signature: 'false' + saml.encrypt: 'false' + saml.server.signature: 'false' + exclude.session.state.from.auth.response: 'false' + saml.artifact.binding: 'false' + saml_force_name_id_format: 'false' + tls.client.certificate.bound.access.tokens: 'false' + saml.authnstatement: 'false' + display.on.consent.screen: 'false' + saml.onetimeuse.condition: 'false' + authenticationFlowBindingOverrides: { } + fullScopeAllowed: true + nodeReRegistrationTimeout: -1 + protocolMappers: + - id: 00d85c6f-6a39-4ef6-a1a3-437da954a317 + name: Client Host + protocol: openid-connect + protocolMapper: oidc-usersessionmodel-note-mapper + consentRequired: false + config: + user.session.note: clientHost + userinfo.token.claim: 'true' + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: clientHost + jsonType.label: String + - id: 6b02f2b3-60ba-401a-ab8a-9644dc66d60a + name: Client IP Address + protocol: openid-connect + protocolMapper: oidc-usersessionmodel-note-mapper + consentRequired: false + config: + user.session.note: clientAddress + userinfo.token.claim: 'true' + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: clientAddress + jsonType.label: String + - id: 1727d303-0db0-4d37-a861-3c3f22029470 + name: Client ID + protocol: openid-connect + protocolMapper: oidc-usersessionmodel-note-mapper + consentRequired: false + config: + user.session.note: clientId + userinfo.token.claim: 'true' + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: clientId + jsonType.label: String + defaultClientScopes: + - web-origins + - roles + - profile + - email + optionalClientScopes: + - address + - phone + - offline_access + - microprofile-jwt + authorizationSettings: + allowRemoteResourceManagement: true + policyEnforcementMode: ENFORCING + resources: [ ] + policies: [ ] + scopes: [ ] + decisionStrategy: UNANIMOUS + - id: cdd87e47-0556-4612-95ad-122de3a09b8f + clientId: realm-management + name: ${client_realm-management} + surrogateAuthRequired: false + enabled: true + alwaysDisplayInConsole: false + clientAuthenticatorType: client-secret + redirectUris: [ ] + webOrigins: [ ] + notBefore: 0 + bearerOnly: true + consentRequired: false + standardFlowEnabled: true + implicitFlowEnabled: false + directAccessGrantsEnabled: false + serviceAccountsEnabled: false + publicClient: false + frontchannelLogout: false + protocol: openid-connect + attributes: + post.logout.redirect.uris: + + authenticationFlowBindingOverrides: { } + fullScopeAllowed: false + nodeReRegistrationTimeout: 0 + defaultClientScopes: + - web-origins + - roles + - profile + - email + optionalClientScopes: + - address + - phone + - offline_access + - microprofile-jwt + - id: 36b9332d-e925-42e2-bef4-6e9271695118 + clientId: security-admin-console + name: ${client_security-admin-console} + rootUrl: ${authAdminUrl} + baseUrl: /admin/Yas/console/ + surrogateAuthRequired: false + enabled: true + alwaysDisplayInConsole: false + clientAuthenticatorType: client-secret + redirectUris: + - /admin/Yas/console/* + webOrigins: + - + + notBefore: 0 + bearerOnly: false + consentRequired: false + standardFlowEnabled: true + implicitFlowEnabled: false + directAccessGrantsEnabled: false + serviceAccountsEnabled: false + publicClient: true + frontchannelLogout: false + protocol: openid-connect + attributes: + post.logout.redirect.uris: + + pkce.code.challenge.method: S256 + authenticationFlowBindingOverrides: { } + fullScopeAllowed: false + nodeReRegistrationTimeout: 0 + protocolMappers: + - id: bf597b1e-302a-4cac-92e7-72da275a9450 + name: locale + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: locale + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: locale + jsonType.label: String + defaultClientScopes: + - web-origins + - roles + - profile + - email + optionalClientScopes: + - address + - phone + - offline_access + - microprofile-jwt + - id: 4f64c142-0545-44bb-9446-2a18b9c9effd + clientId: storefront-bff + surrogateAuthRequired: false + enabled: true + alwaysDisplayInConsole: false + clientAuthenticatorType: client-secret + secret: ZrU9I0q2uXBglBnmvyJdkl1lf0ncr8tn + redirectUris: + - {{ .Values.storefrontRedirectUrl }}/* + - http://localhost:8087/* + webOrigins: [ ] + notBefore: 0 + bearerOnly: false + consentRequired: false + standardFlowEnabled: true + implicitFlowEnabled: false + directAccessGrantsEnabled: true + serviceAccountsEnabled: true + authorizationServicesEnabled: true + publicClient: false + frontchannelLogout: false + protocol: openid-connect + attributes: + id.token.as.detached.signature: 'false' + saml.assertion.signature: 'false' + saml.force.post.binding: 'false' + saml.multivalued.roles: 'false' + saml.encrypt: 'false' + post.logout.redirect.uris: + + oauth2.device.authorization.grant.enabled: 'false' + backchannel.logout.revoke.offline.tokens: 'false' + saml.server.signature: 'false' + saml.server.signature.keyinfo.ext: 'false' + use.refresh.tokens: 'true' + exclude.session.state.from.auth.response: 'false' + oidc.ciba.grant.enabled: 'false' + saml.artifact.binding: 'false' + backchannel.logout.session.required: 'true' + client_credentials.use_refresh_token: 'false' + saml_force_name_id_format: 'false' + require.pushed.authorization.requests: 'false' + saml.client.signature: 'false' + tls.client.certificate.bound.access.tokens: 'false' + saml.authnstatement: 'false' + display.on.consent.screen: 'false' + saml.onetimeuse.condition: 'false' + authenticationFlowBindingOverrides: { } + fullScopeAllowed: true + nodeReRegistrationTimeout: -1 + protocolMappers: + - id: e5b39176-5f85-48e6-8aba-6e0442eaa712 + name: Client ID + protocol: openid-connect + protocolMapper: oidc-usersessionmodel-note-mapper + consentRequired: false + config: + user.session.note: clientId + userinfo.token.claim: 'true' + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: clientId + jsonType.label: String + - id: 4872f46c-4ebe-4820-ac83-3ae267d47441 + name: Client Host + protocol: openid-connect + protocolMapper: oidc-usersessionmodel-note-mapper + consentRequired: false + config: + user.session.note: clientHost + userinfo.token.claim: 'true' + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: clientHost + jsonType.label: String + - id: cba83ef5-0a89-44bb-81ac-62dac81c7773 + name: Client IP Address + protocol: openid-connect + protocolMapper: oidc-usersessionmodel-note-mapper + consentRequired: false + config: + user.session.note: clientAddress + userinfo.token.claim: 'true' + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: clientAddress + jsonType.label: String + - id: d3968f38-2a46-411f-849f-5342e7008e44 + name: realm roles + protocol: openid-connect + protocolMapper: oidc-usermodel-realm-role-mapper + consentRequired: false + config: + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: realm_access.roles + userinfo.token.claim: 'true' + multivalued: 'true' + defaultClientScopes: + - web-origins + - roles + - profile + - email + optionalClientScopes: + - address + - phone + - offline_access + - microprofile-jwt + authorizationSettings: + allowRemoteResourceManagement: true + policyEnforcementMode: ENFORCING + resources: [ ] + policies: [ ] + scopes: [ ] + decisionStrategy: UNANIMOUS + - id: ce61ec4b-d4c5-477b-91c0-ebf1fd189bbd + clientId: swagger-ui + surrogateAuthRequired: false + enabled: true + alwaysDisplayInConsole: false + clientAuthenticatorType: client-secret + redirectUris: + - http://api.yas.local.com/* + - http://localhost:8080/* + - http://localhost:8081/* + - http://localhost:8083/* + - http://localhost:8084/* + - http://localhost:8085/* + - http://localhost:8086/* + - http://localhost:8088/* + - http://localhost:8089/* + - http://localhost:8090/* + - http://localhost:8091/* + - http://localhost:8092/* + - http://localhost:8093/* + webOrigins: + - http://api.yas.local.com + - http://localhost:8080 + - http://localhost:8081 + - http://localhost:8083 + - http://localhost:8084 + - http://localhost:8085 + - http://localhost:8086 + - http://localhost:8088 + - http://localhost:8089 + - http://localhost:8090 + - http://localhost:8091 + - http://localhost:8092 + - http://localhost:8093 + notBefore: 0 + bearerOnly: false + consentRequired: false + standardFlowEnabled: true + implicitFlowEnabled: false + directAccessGrantsEnabled: false + serviceAccountsEnabled: false + publicClient: true + frontchannelLogout: false + protocol: openid-connect + attributes: + id.token.as.detached.signature: 'false' + saml.assertion.signature: 'false' + saml.force.post.binding: 'false' + saml.multivalued.roles: 'false' + saml.encrypt: 'false' + post.logout.redirect.uris: + + oauth2.device.authorization.grant.enabled: 'false' + backchannel.logout.revoke.offline.tokens: 'false' + saml.server.signature: 'false' + saml.server.signature.keyinfo.ext: 'false' + use.refresh.tokens: 'true' + exclude.session.state.from.auth.response: 'false' + oidc.ciba.grant.enabled: 'false' + saml.artifact.binding: 'false' + backchannel.logout.session.required: 'true' + client_credentials.use_refresh_token: 'false' + saml_force_name_id_format: 'false' + require.pushed.authorization.requests: 'false' + saml.client.signature: 'false' + tls.client.certificate.bound.access.tokens: 'false' + saml.authnstatement: 'false' + display.on.consent.screen: 'false' + saml.onetimeuse.condition: 'false' + authenticationFlowBindingOverrides: { } + fullScopeAllowed: true + nodeReRegistrationTimeout: -1 + defaultClientScopes: + - web-origins + - roles + - profile + - email + optionalClientScopes: + - address + - phone + - offline_access + - microprofile-jwt + clientScopes: + - id: 65c94f63-6035-4d6c-af24-1f14e3b94a38 + name: email + description: 'OpenID Connect built-in scope: email' + protocol: openid-connect + attributes: + include.in.token.scope: 'true' + display.on.consent.screen: 'true' + consent.screen.text: ${emailScopeConsentText} + protocolMappers: + - id: 974d8ce9-735f-487a-a6a9-588e561e901f + name: email verified + protocol: openid-connect + protocolMapper: oidc-usermodel-property-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: emailVerified + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: email_verified + jsonType.label: boolean + - id: fb983e0f-34a1-4044-a3d6-53c0c2b62c00 + name: email + protocol: openid-connect + protocolMapper: oidc-usermodel-property-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: email + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: email + jsonType.label: String + - id: d3087d0d-d3fd-4f43-8aca-17b1aa5be6a0 + name: offline_access + description: 'OpenID Connect built-in scope: offline_access' + protocol: openid-connect + attributes: + consent.screen.text: ${offlineAccessScopeConsentText} + display.on.consent.screen: 'true' + - id: eea01d80-65da-4540-85c9-c22b6193479e + name: address + description: 'OpenID Connect built-in scope: address' + protocol: openid-connect + attributes: + include.in.token.scope: 'true' + display.on.consent.screen: 'true' + consent.screen.text: ${addressScopeConsentText} + protocolMappers: + - id: d99969f9-1402-4d8b-a6ba-558a57caae9e + name: address + protocol: openid-connect + protocolMapper: oidc-address-mapper + consentRequired: false + config: + user.attribute.formatted: formatted + user.attribute.country: country + user.attribute.postal_code: postal_code + userinfo.token.claim: 'true' + user.attribute.street: street + id.token.claim: 'true' + user.attribute.region: region + access.token.claim: 'true' + user.attribute.locality: locality + - id: 337c3515-30b8-4e7c-881a-109f1c94a011 + name: web-origins + description: OpenID Connect scope for add allowed web origins to the access token + protocol: openid-connect + attributes: + include.in.token.scope: 'false' + display.on.consent.screen: 'false' + consent.screen.text: '' + protocolMappers: + - id: fbffeaba-3e7b-432c-abbd-d4110f0fb8d2 + name: allowed web origins + protocol: openid-connect + protocolMapper: oidc-allowed-origins-mapper + consentRequired: false + config: { } + - id: 2cd6e0f6-a0dc-4eab-bbc2-792cb4f2f998 + name: phone + description: 'OpenID Connect built-in scope: phone' + protocol: openid-connect + attributes: + include.in.token.scope: 'true' + display.on.consent.screen: 'true' + consent.screen.text: ${phoneScopeConsentText} + protocolMappers: + - id: effcf372-86b3-4be7-9fd5-bd4b27f81ad7 + name: phone number verified + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: phoneNumberVerified + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: phone_number_verified + jsonType.label: boolean + - id: 45412629-3241-42cc-9c31-e931a5ccfbd8 + name: phone number + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: phoneNumber + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: phone_number + jsonType.label: String + - id: 51e71de7-0fa8-4ca8-9789-d1a240e7954c + name: role_list + description: SAML role list + protocol: saml + attributes: + consent.screen.text: ${samlRoleListScopeConsentText} + display.on.consent.screen: 'true' + protocolMappers: + - id: 4a393c0d-069d-4012-be5d-c5157e0291e5 + name: role list + protocol: saml + protocolMapper: saml-role-list-mapper + consentRequired: false + config: + single: 'false' + attribute.nameformat: Basic + attribute.name: Role + - id: 215618ce-81df-4751-b38a-b64b011a7475 + name: roles + description: OpenID Connect scope for add user roles to the access token + protocol: openid-connect + attributes: + include.in.token.scope: 'false' + display.on.consent.screen: 'true' + consent.screen.text: ${rolesScopeConsentText} + protocolMappers: + - id: cf2078e3-4b15-44c9-ad07-7f8f87d8a057 + name: realm roles + protocol: openid-connect + protocolMapper: oidc-usermodel-realm-role-mapper + consentRequired: false + config: + user.attribute: foo + access.token.claim: 'true' + claim.name: realm_access.roles + jsonType.label: String + multivalued: 'true' + - id: 4aaee979-5114-4d48-9e9c-415ac0240dec + name: client roles + protocol: openid-connect + protocolMapper: oidc-usermodel-client-role-mapper + consentRequired: false + config: + user.attribute: foo + access.token.claim: 'true' + claim.name: resource_access.${client_id}.roles + jsonType.label: String + multivalued: 'true' + - id: acb14904-46e0-40be-bea8-130d04bf52d2 + name: audience resolve + protocol: openid-connect + protocolMapper: oidc-audience-resolve-mapper + consentRequired: false + config: { } + - id: 571bd089-79c4-414f-811d-059110e90303 + name: microprofile-jwt + description: Microprofile - JWT built-in scope + protocol: openid-connect + attributes: + include.in.token.scope: 'true' + display.on.consent.screen: 'false' + protocolMappers: + - id: 071dc8d4-03af-4960-9211-a0313a902caa + name: groups + protocol: openid-connect + protocolMapper: oidc-usermodel-realm-role-mapper + consentRequired: false + config: + multivalued: 'true' + userinfo.token.claim: 'true' + user.attribute: foo + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: groups + jsonType.label: String + - id: 5fc63466-e78c-44ae-892e-cc1af3d9ff89 + name: upn + protocol: openid-connect + protocolMapper: oidc-usermodel-property-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: username + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: upn + jsonType.label: String + - id: 19969f81-191a-4485-b659-4a5ebe01285c + name: profile + description: 'OpenID Connect built-in scope: profile' + protocol: openid-connect + attributes: + include.in.token.scope: 'true' + display.on.consent.screen: 'true' + consent.screen.text: ${profileScopeConsentText} + protocolMappers: + - id: 09ebd0bc-7811-46d0-aff0-f8d7adf5982f + name: middle name + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: middleName + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: middle_name + jsonType.label: String + - id: 3912134c-627e-4e9f-8d3a-5120d799fb16 + name: username + protocol: openid-connect + protocolMapper: oidc-usermodel-property-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: username + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: preferred_username + jsonType.label: String + - id: 1b4331fe-334c-4ba4-9c2d-e0f073d3762e + name: zoneinfo + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: zoneinfo + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: zoneinfo + jsonType.label: String + - id: 2cfd41fc-61c3-468b-89ed-1b929c32568c + name: picture + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: picture + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: picture + jsonType.label: String + - id: c7f24d2a-0740-4724-8008-45600c5e9742 + name: updated at + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: updatedAt + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: updated_at + jsonType.label: String + - id: 77e47ece-29ac-4de2-a452-a4a1e2a9f130 + name: website + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: website + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: website + jsonType.label: String + - id: 06b7db1f-adfa-41c3-9286-9a945ca13cfa + name: birthdate + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: birthdate + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: birthdate + jsonType.label: String + - id: 153dbe4c-7205-4a42-86d7-c0ec6ac152f7 + name: nickname + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: nickname + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: nickname + jsonType.label: String + - id: 8a9fc6cc-995e-4b0b-bdad-f5af6b0abc73 + name: given name + protocol: openid-connect + protocolMapper: oidc-usermodel-property-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: firstName + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: given_name + jsonType.label: String + - id: 0ca34d5e-f181-4c1a-8d72-41ba359cef57 + name: full name + protocol: openid-connect + protocolMapper: oidc-full-name-mapper + consentRequired: false + config: + id.token.claim: 'true' + access.token.claim: 'true' + userinfo.token.claim: 'true' + - id: be3ce14c-f2a7-4b20-a79e-369f6c9fa22d + name: locale + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: locale + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: locale + jsonType.label: String + - id: 04bad41a-daf4-48d9-a6e1-80fd41ea223b + name: gender + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: gender + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: gender + jsonType.label: String + - id: 8b7a8d0e-e674-4ab8-8c56-dbde99ba50a1 + name: family name + protocol: openid-connect + protocolMapper: oidc-usermodel-property-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: lastName + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: family_name + jsonType.label: String + - id: 2c2c19aa-e05b-4d61-ae0e-1d3086b90531 + name: profile + protocol: openid-connect + protocolMapper: oidc-usermodel-attribute-mapper + consentRequired: false + config: + userinfo.token.claim: 'true' + user.attribute: profile + id.token.claim: 'true' + access.token.claim: 'true' + claim.name: profile + jsonType.label: String + - id: 0ddee3ba-73b6-43bc-b66a-cf8bf520e2a5 + name: acr + description: OpenID Connect scope for add acr (authentication context class reference) to the token + protocol: openid-connect + attributes: + include.in.token.scope: 'false' + display.on.consent.screen: 'false' + protocolMappers: + - id: 3f29f288-049e-4e95-a060-fa45809f8908 + name: acr loa level + protocol: openid-connect + protocolMapper: oidc-acr-mapper + consentRequired: false + config: + id.token.claim: 'true' + access.token.claim: 'true' + defaultDefaultClientScopes: + - role_list + - profile + - email + - roles + - web-origins + - acr + defaultOptionalClientScopes: + - offline_access + - address + - phone + - microprofile-jwt + browserSecurityHeaders: + contentSecurityPolicyReportOnly: '' + xContentTypeOptions: nosniff + xRobotsTag: none + xFrameOptions: SAMEORIGIN + contentSecurityPolicy: frame-src 'self'; frame-ancestors 'self'; object-src 'none'; + xXSSProtection: 1; mode=block + strictTransportSecurity: max-age=31536000; includeSubDomains + smtpServer: { } + loginTheme: yas + eventsEnabled: false + eventsListeners: + - jboss-logging + enabledEventTypes: [ ] + adminEventsEnabled: false + adminEventsDetailsEnabled: false + identityProviders: [ ] + identityProviderMappers: [ ] + components: + org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy: + - id: f1a4c9f9-a63f-4db9-b937-aa5f557d41e5 + name: Trusted Hosts + providerId: trusted-hosts + subType: anonymous + subComponents: { } + config: + host-sending-registration-request-must-match: + - 'true' + client-uris-must-match: + - 'true' + - id: 32611d53-6e58-45ba-9f7b-72b590a538fe + name: Consent Required + providerId: consent-required + subType: anonymous + subComponents: { } + config: { } + - id: f888a4c5-4512-46a3-96d2-8d6ad063a443 + name: Allowed Protocol Mapper Types + providerId: allowed-protocol-mappers + subType: anonymous + subComponents: { } + config: + allowed-protocol-mapper-types: + - saml-user-property-mapper + - saml-user-attribute-mapper + - oidc-sha256-pairwise-sub-mapper + - oidc-usermodel-property-mapper + - oidc-full-name-mapper + - saml-role-list-mapper + - oidc-address-mapper + - oidc-usermodel-attribute-mapper + - id: 2d3731aa-f5f7-42b6-bede-6f82d347913b + name: Allowed Client Scopes + providerId: allowed-client-templates + subType: authenticated + subComponents: { } + config: + allow-default-scopes: + - 'true' + - id: d47cb88e-2a27-425f-b96b-1c4640d31522 + name: Allowed Client Scopes + providerId: allowed-client-templates + subType: anonymous + subComponents: { } + config: + allow-default-scopes: + - 'true' + - id: 126efd47-9cec-46e6-b528-5bceb453f893 + name: Max Clients Limit + providerId: max-clients + subType: anonymous + subComponents: { } + config: + max-clients: + - '200' + - id: 87a66d4a-9995-4a93-b1bb-5aa1383ccece + name: Full Scope Disabled + providerId: scope + subType: anonymous + subComponents: { } + config: { } + - id: 8d9b43e5-51cb-457f-a042-a0e4816f014d + name: Allowed Protocol Mapper Types + providerId: allowed-protocol-mappers + subType: authenticated + subComponents: { } + config: + allowed-protocol-mapper-types: + - saml-user-attribute-mapper + - saml-user-property-mapper + - oidc-address-mapper + - oidc-usermodel-property-mapper + - oidc-sha256-pairwise-sub-mapper + - oidc-full-name-mapper + - saml-role-list-mapper + - oidc-usermodel-attribute-mapper + org.keycloak.keys.KeyProvider: + - id: 7b811bf0-3c37-4528-814e-54e03726c2ab + name: rsa-generated + providerId: rsa-generated + subComponents: { } + config: + priority: + - '100' + - id: 2a3bb174-df5a-494d-9fdb-23ecf4823d13 + name: hmac-generated + providerId: hmac-generated + subComponents: { } + config: + priority: + - '100' + algorithm: + - HS256 + - id: 2ab9adec-59f0-4f5e-9f2f-8dc3bff23e5d + name: aes-generated + providerId: aes-generated + subComponents: { } + config: + priority: + - '100' + - id: 5662273c-09e8-4734-848d-617184a5988e + name: rsa-enc-generated + providerId: rsa-enc-generated + subComponents: { } + config: + priority: + - '100' + algorithm: + - RSA-OAEP + internationalizationEnabled: false + supportedLocales: [ ] + authenticationFlows: + - id: f04b4023-c1a1-42cd-8da8-5c839b625136 + alias: Account verification options + description: Method with which to verity the existing account + providerId: basic-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticator: idp-email-verification + authenticatorFlow: false + requirement: ALTERNATIVE + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: ALTERNATIVE + priority: 20 + autheticatorFlow: true + flowAlias: Verify Existing Account by Re-authentication + userSetupAllowed: false + - id: 14511596-c28a-4caa-b11e-a6e3cb6f4e41 + alias: Authentication Options + description: Authentication options. + providerId: basic-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticator: basic-auth + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: basic-auth-otp + authenticatorFlow: false + requirement: DISABLED + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: auth-spnego + authenticatorFlow: false + requirement: DISABLED + priority: 30 + autheticatorFlow: false + userSetupAllowed: false + - id: 4d7f696a-2ab5-4049-9d74-0dc587ae9714 + alias: Browser - Conditional OTP + description: Flow to determine if the OTP is required for the authentication + providerId: basic-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticator: conditional-user-configured + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: auth-otp-form + authenticatorFlow: false + requirement: REQUIRED + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - id: a144d634-1d2d-404f-a398-60adacaf4919 + alias: Direct Grant - Conditional OTP + description: Flow to determine if the OTP is required for the authentication + providerId: basic-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticator: conditional-user-configured + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: direct-grant-validate-otp + authenticatorFlow: false + requirement: REQUIRED + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - id: 4da5c4d3-9baa-4f09-afc3-eeb9917c697f + alias: First broker login - Conditional OTP + description: Flow to determine if the OTP is required for the authentication + providerId: basic-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticator: conditional-user-configured + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: auth-otp-form + authenticatorFlow: false + requirement: REQUIRED + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - id: ac4c0060-a554-4672-85d8-2d9eb6688410 + alias: Handle Existing Account + description: Handle what to do if there is existing account with same email/username like authenticated + identity provider + providerId: basic-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticator: idp-confirm-link + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: REQUIRED + priority: 20 + autheticatorFlow: true + flowAlias: Account verification options + userSetupAllowed: false + - id: 1ac65105-ae91-41b2-9c45-32f5897c39f1 + alias: Reset - Conditional OTP + description: Flow to determine if the OTP should be reset or not. Set to REQUIRED to force. + providerId: basic-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticator: conditional-user-configured + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: reset-otp + authenticatorFlow: false + requirement: REQUIRED + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - id: 1eeba3b5-cdba-42ca-a708-3d8e9f332b15 + alias: User creation or linking + description: Flow for the existing/non-existing user alternatives + providerId: basic-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticatorConfig: create unique user config + authenticator: idp-create-user-if-unique + authenticatorFlow: false + requirement: ALTERNATIVE + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: ALTERNATIVE + priority: 20 + autheticatorFlow: true + flowAlias: Handle Existing Account + userSetupAllowed: false + - id: 9bc10d3a-3a17-477d-900f-7561031dab96 + alias: Verify Existing Account by Re-authentication + description: Reauthentication of existing account + providerId: basic-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticator: idp-username-password-form + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: CONDITIONAL + priority: 20 + autheticatorFlow: true + flowAlias: First broker login - Conditional OTP + userSetupAllowed: false + - id: 5d1bc3a4-b6b1-4ba5-a598-41c30c49cfb2 + alias: browser + description: browser based authentication + providerId: basic-flow + topLevel: true + builtIn: true + authenticationExecutions: + - authenticator: auth-cookie + authenticatorFlow: false + requirement: ALTERNATIVE + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: auth-spnego + authenticatorFlow: false + requirement: DISABLED + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: identity-provider-redirector + authenticatorFlow: false + requirement: ALTERNATIVE + priority: 25 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: ALTERNATIVE + priority: 30 + autheticatorFlow: true + flowAlias: forms + userSetupAllowed: false + - id: a820f93d-47f6-40c7-a6e5-13e09b193293 + alias: clients + description: Base authentication for clients + providerId: client-flow + topLevel: true + builtIn: true + authenticationExecutions: + - authenticator: client-secret + authenticatorFlow: false + requirement: ALTERNATIVE + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: client-jwt + authenticatorFlow: false + requirement: ALTERNATIVE + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: client-secret-jwt + authenticatorFlow: false + requirement: ALTERNATIVE + priority: 30 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: client-x509 + authenticatorFlow: false + requirement: ALTERNATIVE + priority: 40 + autheticatorFlow: false + userSetupAllowed: false + - id: 2035c417-608b-4f7d-af0f-89fb445054b0 + alias: direct grant + description: OpenID Connect Resource Owner Grant + providerId: basic-flow + topLevel: true + builtIn: true + authenticationExecutions: + - authenticator: direct-grant-validate-username + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: direct-grant-validate-password + authenticatorFlow: false + requirement: REQUIRED + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: CONDITIONAL + priority: 30 + autheticatorFlow: true + flowAlias: Direct Grant - Conditional OTP + userSetupAllowed: false + - id: 0b3bd405-178e-4ab9-a57e-f33d8941cc0e + alias: docker auth + description: Used by Docker clients to authenticate against the IDP + providerId: basic-flow + topLevel: true + builtIn: true + authenticationExecutions: + - authenticator: docker-http-basic-authenticator + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - id: 47842f9d-d92a-4018-a1d7-cbc02c7042f5 + alias: first broker login + description: Actions taken after first broker login with identity provider account, which is not yet + linked to any Keycloak account + providerId: basic-flow + topLevel: true + builtIn: true + authenticationExecutions: + - authenticatorConfig: review profile config + authenticator: idp-review-profile + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: REQUIRED + priority: 20 + autheticatorFlow: true + flowAlias: User creation or linking + userSetupAllowed: false + - id: bb98f470-b1bb-4387-b658-8eb16cd818e1 + alias: forms + description: Username, password, otp and other auth forms. + providerId: basic-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticator: auth-username-password-form + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: CONDITIONAL + priority: 20 + autheticatorFlow: true + flowAlias: Browser - Conditional OTP + userSetupAllowed: false + - id: 3b0a50a7-a06a-48b8-a345-c3cf1582227e + alias: http challenge + description: An authentication flow based on challenge-response HTTP Authentication Schemes + providerId: basic-flow + topLevel: true + builtIn: true + authenticationExecutions: + - authenticator: no-cookie-redirect + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: REQUIRED + priority: 20 + autheticatorFlow: true + flowAlias: Authentication Options + userSetupAllowed: false + - id: 17b70852-e5df-4328-9aa5-a0fe9005842e + alias: registration + description: registration flow + providerId: basic-flow + topLevel: true + builtIn: true + authenticationExecutions: + - authenticator: registration-page-form + authenticatorFlow: true + requirement: REQUIRED + priority: 10 + autheticatorFlow: true + flowAlias: registration form + userSetupAllowed: false + - id: 33a008ca-35d7-4f35-97b1-e2db23e24fe2 + alias: registration form + description: registration form + providerId: form-flow + topLevel: false + builtIn: true + authenticationExecutions: + - authenticator: registration-user-creation + authenticatorFlow: false + requirement: REQUIRED + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: registration-profile-action + authenticatorFlow: false + requirement: REQUIRED + priority: 40 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: registration-password-action + authenticatorFlow: false + requirement: REQUIRED + priority: 50 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: registration-recaptcha-action + authenticatorFlow: false + requirement: DISABLED + priority: 60 + autheticatorFlow: false + userSetupAllowed: false + - id: 7fe8ad8b-f273-49b6-a730-29020aa1bbee + alias: reset credentials + description: Reset credentials for a user if they forgot their password or something + providerId: basic-flow + topLevel: true + builtIn: true + authenticationExecutions: + - authenticator: reset-credentials-choose-user + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: reset-credential-email + authenticatorFlow: false + requirement: REQUIRED + priority: 20 + autheticatorFlow: false + userSetupAllowed: false + - authenticator: reset-password + authenticatorFlow: false + requirement: REQUIRED + priority: 30 + autheticatorFlow: false + userSetupAllowed: false + - authenticatorFlow: true + requirement: CONDITIONAL + priority: 40 + autheticatorFlow: true + flowAlias: Reset - Conditional OTP + userSetupAllowed: false + - id: 9f11c59c-0fcc-4ecb-9f61-2195e0ad9d97 + alias: saml ecp + description: SAML ECP Profile Authentication Flow + providerId: basic-flow + topLevel: true + builtIn: true + authenticationExecutions: + - authenticator: http-basic-authenticator + authenticatorFlow: false + requirement: REQUIRED + priority: 10 + autheticatorFlow: false + userSetupAllowed: false + authenticatorConfig: + - id: 516de5eb-224a-49af-987b-569e5aa89bc0 + alias: create unique user config + config: + require.password.update.after.registration: 'false' + - id: d6f7e752-79e8-49af-9633-040849f05254 + alias: review profile config + config: + update.profile.on.first.login: missing + requiredActions: + - alias: CONFIGURE_TOTP + name: Configure OTP + providerId: CONFIGURE_TOTP + enabled: true + defaultAction: false + priority: 10 + config: { } + - alias: terms_and_conditions + name: Terms and Conditions + providerId: terms_and_conditions + enabled: false + defaultAction: false + priority: 20 + config: { } + - alias: UPDATE_PASSWORD + name: Update Password + providerId: UPDATE_PASSWORD + enabled: true + defaultAction: false + priority: 30 + config: { } + - alias: UPDATE_PROFILE + name: Update Profile + providerId: UPDATE_PROFILE + enabled: true + defaultAction: false + priority: 40 + config: { } + - alias: VERIFY_EMAIL + name: Verify Email + providerId: VERIFY_EMAIL + enabled: true + defaultAction: false + priority: 50 + config: { } + - alias: delete_account + name: Delete Account + providerId: delete_account + enabled: false + defaultAction: false + priority: 60 + config: { } + - alias: update_user_locale + name: Update User Locale + providerId: update_user_locale + enabled: true + defaultAction: false + priority: 1000 + config: { } + browserFlow: browser + registrationFlow: registration + directGrantFlow: direct grant + resetCredentialsFlow: reset credentials + clientAuthenticationFlow: clients + dockerAuthenticationFlow: docker auth + attributes: + cibaBackchannelTokenDeliveryMode: poll + cibaExpiresIn: '120' + cibaAuthRequestedUserHint: login_hint + oauth2DeviceCodeLifespan: '600' + oauth2DevicePollingInterval: '5' + clientOfflineSessionMaxLifespan: '0' + clientSessionIdleTimeout: '0' + parRequestUriLifespan: '60' + clientSessionMaxLifespan: '0' + clientOfflineSessionIdleTimeout: '0' + cibaInterval: '5' + realmReusableOtpCode: 'false' + keycloakVersion: 21.0.1 + userManagedAccessAllowed: false + clientProfiles: + profiles: [ ] + clientPolicies: + policies: [ ] diff --git a/k8s-save/deploy/keycloak/keycloak/templates/keycloak.yaml b/k8s-save/deploy/keycloak/keycloak/templates/keycloak.yaml new file mode 100644 index 0000000000..15974215e5 --- /dev/null +++ b/k8s-save/deploy/keycloak/keycloak/templates/keycloak.yaml @@ -0,0 +1,43 @@ +apiVersion: k8s.keycloak.org/v2alpha1 +kind: Keycloak +metadata: + name: keycloak +spec: + bootstrapAdmin: + user: + secret: keycloak-credentials + db: + vendor: postgres + usernameSecret: + name: postgresql-credentials + key: username + passwordSecret: + name: postgresql-credentials + key: password + host: postgresql.__NS_PREFIX__-postgres.svc.cluster.local + database: keycloak + port: 5432 + http: + httpEnabled: true + httpPort: 8080 + hostname: + hostname: http://{{ .Values.hostname }} + backchannelDynamic: true + strict: false + proxy: + headers: xforwarded + ingress: + enabled: true + className: nginx + unsupported: + podTemplate: + spec: + volumes: + - name: yas-themes + configMap: + name: yas-themes-configmap + containers: + - name: keycloak + volumeMounts: + - name: yas-themes + mountPath: /opt/keycloak/providers diff --git a/k8s-save/deploy/keycloak/keycloak/templates/postgresql-credential.secret.yaml b/k8s-save/deploy/keycloak/keycloak/templates/postgresql-credential.secret.yaml new file mode 100644 index 0000000000..29e3fd7e20 --- /dev/null +++ b/k8s-save/deploy/keycloak/keycloak/templates/postgresql-credential.secret.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Secret +metadata: + name: postgresql-credentials +type: Opaque +data: + username: {{ .Values.postgresql.username | b64enc }} + password: {{ .Values.postgresql.password | b64enc }} \ No newline at end of file diff --git a/k8s-save/deploy/keycloak/keycloak/templates/yas-themes.configmap.yaml b/k8s-save/deploy/keycloak/keycloak/templates/yas-themes.configmap.yaml new file mode 100644 index 0000000000..76d00564c9 --- /dev/null +++ b/k8s-save/deploy/keycloak/keycloak/templates/yas-themes.configmap.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: yas-themes-configmap +binaryData: + yas.jar: | + {{- .Files.Get "themes/yas.jar" | b64enc | nindent 4 }} \ No newline at end of file diff --git a/k8s-save/deploy/keycloak/keycloak/values.yaml b/k8s-save/deploy/keycloak/keycloak/values.yaml new file mode 100644 index 0000000000..ad9c21331e --- /dev/null +++ b/k8s-save/deploy/keycloak/keycloak/values.yaml @@ -0,0 +1,10 @@ +hostname: identity.yas.local.com +backofficeRedirectUrl: http://backoffice.yas.local.com +storefrontRedirectUrl: http://storefront.yas.local.com +postgresql: + username: yasadminuser + password: admin + +bootstrapAdmin: + username: admin + password: admin \ No newline at end of file diff --git a/k8s-save/deploy/observability/grafana/.helmignore b/k8s-save/deploy/observability/grafana/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/deploy/observability/grafana/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/deploy/observability/grafana/Chart.yaml b/k8s-save/deploy/observability/grafana/Chart.yaml new file mode 100644 index 0000000000..2c7c54e5d4 --- /dev/null +++ b/k8s-save/deploy/observability/grafana/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: grafana +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/k8s-save/deploy/observability/grafana/templates/_helpers.tpl b/k8s-save/deploy/observability/grafana/templates/_helpers.tpl new file mode 100644 index 0000000000..993f46bdd8 --- /dev/null +++ b/k8s-save/deploy/observability/grafana/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "grafana.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "grafana.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "grafana.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "grafana.labels" -}} +helm.sh/chart: {{ include "grafana.chart" . }} +{{ include "grafana.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "grafana.selectorLabels" -}} +app.kubernetes.io/name: {{ include "grafana.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "grafana.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "grafana.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/deploy/observability/grafana/templates/dashboards.yaml b/k8s-save/deploy/observability/grafana/templates/dashboards.yaml new file mode 100644 index 0000000000..13ead6adfc --- /dev/null +++ b/k8s-save/deploy/observability/grafana/templates/dashboards.yaml @@ -0,0 +1,25 @@ +apiVersion: grafana.integreatly.org/v1beta1 +kind: GrafanaDashboard +metadata: + name: jvm-dashboard +spec: + instanceSelector: + matchLabels: + dashboards: "grafana" + url: "https://grafana.com/api/dashboards/4701/revisions/10/download" + datasources: + - datasourceName: prometheus + inputName: DS_PROMETHEUS +--- +apiVersion: grafana.integreatly.org/v1beta1 +kind: GrafanaDashboard +metadata: + name: hikari-cp-dashboard +spec: + instanceSelector: + matchLabels: + dashboards: "grafana" + url: "https://grafana.com/api/dashboards/6083/revisions/5/download" + datasources: + - datasourceName: prometheus + inputName: DS_PROMETHEUS \ No newline at end of file diff --git a/k8s-save/deploy/observability/grafana/templates/grafana-credentials.secret.yaml b/k8s-save/deploy/observability/grafana/templates/grafana-credentials.secret.yaml new file mode 100644 index 0000000000..124217db6e --- /dev/null +++ b/k8s-save/deploy/observability/grafana/templates/grafana-credentials.secret.yaml @@ -0,0 +1,8 @@ +kind: Secret +apiVersion: v1 +metadata: + name: grafana-admin-credentials +stringData: + username: "{{ .Values.grafana.username }}" + password: "{{ .Values.grafana.password }}" +type: Opaque \ No newline at end of file diff --git a/k8s-save/deploy/observability/grafana/templates/grafana.yaml b/k8s-save/deploy/observability/grafana/templates/grafana.yaml new file mode 100644 index 0000000000..03aea9dc8f --- /dev/null +++ b/k8s-save/deploy/observability/grafana/templates/grafana.yaml @@ -0,0 +1,15 @@ +apiVersion: grafana.integreatly.org/v1beta1 +kind: Grafana +metadata: + name: grafana + labels: + dashboards: "grafana" +spec: + external: + url: http://__NS_PREFIX__-prometheus-grafana.__NS_PREFIX__-observability.svc.cluster.local + adminPassword: + name: grafana-admin-credentials + key: username + adminUser: + name: grafana-admin-credentials + key: password \ No newline at end of file diff --git a/k8s-save/deploy/observability/grafana/templates/loki-datasource.yaml b/k8s-save/deploy/observability/grafana/templates/loki-datasource.yaml new file mode 100644 index 0000000000..2aad7db55f --- /dev/null +++ b/k8s-save/deploy/observability/grafana/templates/loki-datasource.yaml @@ -0,0 +1,22 @@ +apiVersion: grafana.integreatly.org/v1beta1 +kind: GrafanaDatasource +metadata: + name: loki-datasource +spec: + instanceSelector: + matchLabels: + dashboards: "grafana" + datasource: + name: Loki + type: loki + uid: loki + url: http://__NS_PREFIX__-loki-gateway.__NS_PREFIX__-observability.svc.cluster.local + access: proxy + jsonData: + httpMethod: GET + maxLines: 1000 + derivedFields: + - datasourceUid: tempo + matcherRegex: traceId=(\w*) + name: traceId + url: ${__value.raw} \ No newline at end of file diff --git a/k8s-save/deploy/observability/grafana/templates/tempo-datasource.yaml b/k8s-save/deploy/observability/grafana/templates/tempo-datasource.yaml new file mode 100644 index 0000000000..fd187075ba --- /dev/null +++ b/k8s-save/deploy/observability/grafana/templates/tempo-datasource.yaml @@ -0,0 +1,26 @@ +apiVersion: grafana.integreatly.org/v1beta1 +kind: GrafanaDatasource +metadata: + name: tempo-datasource +spec: + instanceSelector: + matchLabels: + dashboards: "grafana" + datasource: + name: Tempo + type: tempo + uid: tempo + access: proxy + url: http://__NS_PREFIX__-tempo.__NS_PREFIX__-observability.svc.cluster.local:3100 + jsonData: + httpMethod: GET + tracesToLogsV2: + datasourceUid: loki + serviceMap: + datasourceUid: prometheus + nodeGraph: + enabled: true + search: + hide: false + lokiSearch: + datasourceUid: loki \ No newline at end of file diff --git a/k8s-save/deploy/observability/grafana/values.yaml b/k8s-save/deploy/observability/grafana/values.yaml new file mode 100644 index 0000000000..b906063abf --- /dev/null +++ b/k8s-save/deploy/observability/grafana/values.yaml @@ -0,0 +1,8 @@ +hostname: grafana.yas.local.com +grafana: + username: admin + password: admin +postgresql: + url: postgresql.__NS_PREFIX__-postgres.svc.cluster.local:5432 + username: yasadminuser + password: admin \ No newline at end of file diff --git a/k8s-save/deploy/observability/loki.values.yaml b/k8s-save/deploy/observability/loki.values.yaml new file mode 100644 index 0000000000..3a071a442b --- /dev/null +++ b/k8s-save/deploy/observability/loki.values.yaml @@ -0,0 +1,22 @@ +write: + replicas: 1 +read: + replicas: 1 +backend: + replicas: 1 +loki: + commonConfig: + replication_factor: 1 + auth_enabled: false +test: + enabled: false +storage: + type: 'filesystem' +minio: + enabled: true + +monitoring: + selfMonitoring: + enabled: false + grafanaAgent: + installOperator: false \ No newline at end of file diff --git a/k8s-save/deploy/observability/opentelemetry/.helmignore b/k8s-save/deploy/observability/opentelemetry/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/deploy/observability/opentelemetry/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/deploy/observability/opentelemetry/Chart.yaml b/k8s-save/deploy/observability/opentelemetry/Chart.yaml new file mode 100644 index 0000000000..c638888a9d --- /dev/null +++ b/k8s-save/deploy/observability/opentelemetry/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: opentelemetry +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/k8s-save/deploy/observability/opentelemetry/templates/_helpers.tpl b/k8s-save/deploy/observability/opentelemetry/templates/_helpers.tpl new file mode 100644 index 0000000000..922f402dba --- /dev/null +++ b/k8s-save/deploy/observability/opentelemetry/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "opentelemetry.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "opentelemetry.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "opentelemetry.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "opentelemetry.labels" -}} +helm.sh/chart: {{ include "opentelemetry.chart" . }} +{{ include "opentelemetry.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "opentelemetry.selectorLabels" -}} +app.kubernetes.io/name: {{ include "opentelemetry.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "opentelemetry.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "opentelemetry.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/deploy/observability/opentelemetry/templates/opentelemetry-collector.yaml b/k8s-save/deploy/observability/opentelemetry/templates/opentelemetry-collector.yaml new file mode 100644 index 0000000000..d3f5185440 --- /dev/null +++ b/k8s-save/deploy/observability/opentelemetry/templates/opentelemetry-collector.yaml @@ -0,0 +1,13 @@ +apiVersion: opentelemetry.io/v1alpha1 +kind: OpenTelemetryCollector +metadata: + name: opentelemetry +spec: + mode: deployment + ports: + - name: loki + port: 3500 + protocol: TCP + targetPort: 3500 + config: | + {{ toYaml .Values.opentelemetryCollectorConfig | nindent 4 }} \ No newline at end of file diff --git a/k8s-save/deploy/observability/opentelemetry/values.yaml b/k8s-save/deploy/observability/opentelemetry/values.yaml new file mode 100644 index 0000000000..b34330e6d2 --- /dev/null +++ b/k8s-save/deploy/observability/opentelemetry/values.yaml @@ -0,0 +1,41 @@ +opentelemetryCollectorConfig: + receivers: + otlp: + protocols: + grpc: + endpoint: 0.0.0.0:4317 + http: + endpoint: 0.0.0.0:4318 + loki: + protocols: + http: + endpoint: 0.0.0.0:3500 + use_incoming_timestamp: true + processors: + batch: + attributes: + actions: + - action: insert + key: loki.attribute.labels + value: namespace,container,pod,level,traceId + - action: insert + key: loki.format + value: raw + + exporters: + logging: + verbosity: detailed + loki: + endpoint: http://__NS_PREFIX__-loki-gateway.__NS_PREFIX__-observability.svc.cluster.local/loki/api/v1/push + otlphttp: + endpoint: http://__NS_PREFIX__-tempo.__NS_PREFIX__-observability.svc.cluster.local:4318 + service: + pipelines: + logs: + receivers: [loki] + processors: [attributes] + exporters: [loki] + traces: + receivers: [otlp] + processors: [batch] + exporters: [otlphttp] \ No newline at end of file diff --git a/k8s-save/deploy/observability/prometheus.values.yaml b/k8s-save/deploy/observability/prometheus.values.yaml new file mode 100644 index 0000000000..9399803355 --- /dev/null +++ b/k8s-save/deploy/observability/prometheus.values.yaml @@ -0,0 +1,20 @@ +hostname: &hostname grafana.yas.local.com +prometheus: + prometheusSpec: + enableRemoteWriteReceiver: true +grafana: + grafana.ini: + database: + type: postgres + host: postgresql.__NS_PREFIX__-postgres.svc.cluster.local:5432 + name: grafana + user: yasadminuser + password: admin + ssl_mode: require + adminUser: admin + adminPassword: admin + ingress: + ingressClassName: nginx + enabled: true + hosts: + - *hostname diff --git a/k8s-save/deploy/observability/promtail.values.yaml b/k8s-save/deploy/observability/promtail.values.yaml new file mode 100644 index 0000000000..7fdd970473 --- /dev/null +++ b/k8s-save/deploy/observability/promtail.values.yaml @@ -0,0 +1,6 @@ +config: + clients: + - url: http://opentelemetry-collector:3500/loki/api/v1/push + snippets: + pipelineStages: + - docker: {} \ No newline at end of file diff --git a/k8s-save/deploy/observability/tempo.values.yaml b/k8s-save/deploy/observability/tempo.values.yaml new file mode 100644 index 0000000000..5b076d668a --- /dev/null +++ b/k8s-save/deploy/observability/tempo.values.yaml @@ -0,0 +1,4 @@ +tempo: + metricsGenerator: + enabled: true + remoteWriteUrl: "http://__NS_PREFIX__-prometheus-kube-prometheus-prometheus.__NS_PREFIX__-observability.svc.cluster.local:9090/api/v1/write" \ No newline at end of file diff --git a/k8s-save/deploy/postgres/pgadmin/.helmignore b/k8s-save/deploy/postgres/pgadmin/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/deploy/postgres/pgadmin/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/deploy/postgres/pgadmin/Chart.yaml b/k8s-save/deploy/postgres/pgadmin/Chart.yaml new file mode 100644 index 0000000000..4fd722d06c --- /dev/null +++ b/k8s-save/deploy/postgres/pgadmin/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: pgadmin +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/k8s-save/deploy/postgres/pgadmin/templates/NOTES.txt b/k8s-save/deploy/postgres/pgadmin/templates/NOTES.txt new file mode 100644 index 0000000000..5251266ac0 --- /dev/null +++ b/k8s-save/deploy/postgres/pgadmin/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "pgadmin.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "pgadmin.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "pgadmin.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "pgadmin.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/k8s-save/deploy/postgres/pgadmin/templates/_helpers.tpl b/k8s-save/deploy/postgres/pgadmin/templates/_helpers.tpl new file mode 100644 index 0000000000..d51d7c2ce9 --- /dev/null +++ b/k8s-save/deploy/postgres/pgadmin/templates/_helpers.tpl @@ -0,0 +1,66 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "pgadmin.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "pgadmin.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "pgadmin.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "pgadmin.labels" -}} +helm.sh/chart: {{ include "pgadmin.chart" . }} +{{ include "pgadmin.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "pgadmin.selectorLabels" -}} +app.kubernetes.io/name: {{ include "pgadmin.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "pgadmin.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "pgadmin.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{- define "pgadmin.passwordSecret" -}} +{{ include "pgadmin.fullname" . }}-password +{{- end }} \ No newline at end of file diff --git a/k8s-save/deploy/postgres/pgadmin/templates/deployment.yaml b/k8s-save/deploy/postgres/pgadmin/templates/deployment.yaml new file mode 100644 index 0000000000..0520f077c4 --- /dev/null +++ b/k8s-save/deploy/postgres/pgadmin/templates/deployment.yaml @@ -0,0 +1,81 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "pgadmin.fullname" . }} + labels: + {{- include "pgadmin.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "pgadmin.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "pgadmin.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "pgadmin.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + - name: PGADMIN_DEFAULT_EMAIL + value: {{ .Values.pgadmin.user }} + - name: PGADMIN_DEFAULT_PASSWORD + valueFrom: + secretKeyRef: + key: pgadmin-password + name: {{ include "pgadmin.passwordSecret" . }} + + ports: + - name: http + containerPort: 80 + protocol: TCP + volumeMounts: + - name: pgadmin-data + mountPath: /var/lib/pgadmin + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumes: + - name: pgadmin-data + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Values.persistence.existingClaim | default (include "pgadmin.fullname" .) }} + {{- else }} + emptyDir: { } + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/k8s-save/deploy/postgres/pgadmin/templates/hpa.yaml b/k8s-save/deploy/postgres/pgadmin/templates/hpa.yaml new file mode 100644 index 0000000000..91d3d01356 --- /dev/null +++ b/k8s-save/deploy/postgres/pgadmin/templates/hpa.yaml @@ -0,0 +1,28 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "pgadmin.fullname" . }} + labels: + {{- include "pgadmin.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "pgadmin.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/k8s-save/deploy/postgres/pgadmin/templates/ingress.yaml b/k8s-save/deploy/postgres/pgadmin/templates/ingress.yaml new file mode 100644 index 0000000000..2b26bb13cd --- /dev/null +++ b/k8s-save/deploy/postgres/pgadmin/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "pgadmin.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "pgadmin.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/k8s-save/deploy/postgres/pgadmin/templates/pvc.yaml b/k8s-save/deploy/postgres/pgadmin/templates/pvc.yaml new file mode 100644 index 0000000000..394c189b22 --- /dev/null +++ b/k8s-save/deploy/postgres/pgadmin/templates/pvc.yaml @@ -0,0 +1,15 @@ +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ template "pgadmin.fullname" . }} +spec: + {{- if .Values.persistence.storageClass }} + storageClassName: {{ .Values.persistence.storageClass }} + {{- end }} + accessModes: + - {{ .Values.persistence.accessMode | quote }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} +{{- end }} \ No newline at end of file diff --git a/k8s-save/deploy/postgres/pgadmin/templates/secret.yaml b/k8s-save/deploy/postgres/pgadmin/templates/secret.yaml new file mode 100644 index 0000000000..e51c9e20c5 --- /dev/null +++ b/k8s-save/deploy/postgres/pgadmin/templates/secret.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "pgadmin.passwordSecret" . }} +type: Opaque +data: + pgadmin-password: {{ default "admin" .Values.pgadmin.password | b64enc | quote }} \ No newline at end of file diff --git a/k8s-save/deploy/postgres/pgadmin/templates/service.yaml b/k8s-save/deploy/postgres/pgadmin/templates/service.yaml new file mode 100644 index 0000000000..a502ed9ea1 --- /dev/null +++ b/k8s-save/deploy/postgres/pgadmin/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "pgadmin.fullname" . }} + labels: + {{- include "pgadmin.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "pgadmin.selectorLabels" . | nindent 4 }} diff --git a/k8s-save/deploy/postgres/pgadmin/templates/serviceaccount.yaml b/k8s-save/deploy/postgres/pgadmin/templates/serviceaccount.yaml new file mode 100644 index 0000000000..7def8fac49 --- /dev/null +++ b/k8s-save/deploy/postgres/pgadmin/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "pgadmin.serviceAccountName" . }} + labels: + {{- include "pgadmin.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/k8s-save/deploy/postgres/pgadmin/templates/tests/test-connection.yaml b/k8s-save/deploy/postgres/pgadmin/templates/tests/test-connection.yaml new file mode 100644 index 0000000000..bde42f2a4b --- /dev/null +++ b/k8s-save/deploy/postgres/pgadmin/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "pgadmin.fullname" . }}-test-connection" + labels: + {{- include "pgadmin.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "pgadmin.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/k8s-save/deploy/postgres/pgadmin/values.yaml b/k8s-save/deploy/postgres/pgadmin/values.yaml new file mode 100644 index 0000000000..2131d23647 --- /dev/null +++ b/k8s-save/deploy/postgres/pgadmin/values.yaml @@ -0,0 +1,80 @@ +# Default values for pgadmin. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 +image: + repository: dpage/pgadmin4 + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "7.3" +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" +podAnnotations: {} +podSecurityContext: {} +# fsGroup: 2000 + +securityContext: {} +# capabilities: +# drop: +# - ALL +# readOnlyRootFilesystem: true +# runAsNonRoot: true +# runAsUser: 1000 + +pgadmin: + user: admin@yas.com + password: admin +persistence: + enabled: true + accessMode: ReadWriteOnce + size: 2Gi +service: + type: ClusterIP + port: 80 +hostname: &hostname pgadmin.yas.local.com +ingress: + enabled: true + className: "nginx" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: *hostname + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local +resources: {} +# We usually recommend not to specify default resources and to leave this as a conscious +# choice for the user. This also increases chances charts run on environments with little +# resources, such as Minikube. If you do want to specify resources, uncomment the following +# lines, adjust them as necessary, and remove the curly braces after 'resources:'. +# limits: +# cpu: 100m +# memory: 128Mi +# requests: +# cpu: 100m +# memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 +nodeSelector: {} +tolerations: [] +affinity: {} diff --git a/k8s-save/deploy/postgres/postgres-operator-ui.values.yaml b/k8s-save/deploy/postgres/postgres-operator-ui.values.yaml new file mode 100644 index 0000000000..610bf628d0 --- /dev/null +++ b/k8s-save/deploy/postgres/postgres-operator-ui.values.yaml @@ -0,0 +1,10 @@ +hostname: &hostname pgoperator.yas.local.com +ingress: + enabled: true + annotations: + ingressClassName: "nginx" + hosts: + - host: *hostname + paths: + - "/" + tls: [] diff --git a/k8s-save/deploy/postgres/postgresql/Chart.yaml b/k8s-save/deploy/postgres/postgresql/Chart.yaml new file mode 100644 index 0000000000..cfbe94ce67 --- /dev/null +++ b/k8s-save/deploy/postgres/postgresql/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: postgres +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/k8s-save/deploy/postgres/postgresql/templates/credentials.secret.yaml b/k8s-save/deploy/postgres/postgresql/templates/credentials.secret.yaml new file mode 100644 index 0000000000..944be7db1e --- /dev/null +++ b/k8s-save/deploy/postgres/postgresql/templates/credentials.secret.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Values.username }}.postgresql.credentials.postgresql.acid.zalan.do + labels: + application: spilo + cluster-name: postgresql + team: acid +type: Opaque +data: + password: {{ .Values.password | b64enc }} + username: {{ .Values.username | b64enc }} \ No newline at end of file diff --git a/k8s-save/deploy/postgres/postgresql/templates/postgresql.yaml b/k8s-save/deploy/postgres/postgresql/templates/postgresql.yaml new file mode 100644 index 0000000000..33208a255e --- /dev/null +++ b/k8s-save/deploy/postgres/postgresql/templates/postgresql.yaml @@ -0,0 +1,98 @@ +kind: "postgresql" +apiVersion: "acid.zalan.do/v1" + +metadata: + name: "postgresql" + labels: + team: acid + +spec: + streams: + - applicationId: product_db_stream_appid + database: product + tables: {} + teamId: "acid" + postgresql: + version: {{ .Values.postgresqlVersion | quote }} + parameters: + max_connections: {{ .Values.maxConnections | quote }} + wal_level: logical + max_replication_slots: "20" + max_wal_senders: "20" + numberOfInstances: {{ .Values.replicas }} + volume: + size: {{ .Values.volumeSize }} + users: + {{ .Values.username }}: + - superuser + - inherit + - login + - createrole + - createdb + - replication + databases: + cart: {{ .Values.username }} + customer: {{ .Values.username }} + inventory: {{ .Values.username }} + keycloak: {{ .Values.username }} + location: {{ .Values.username }} + media: {{ .Values.username }} + order: {{ .Values.username }} + payment: {{ .Values.username }} + product: {{ .Values.username }} + promotion: {{ .Values.username }} + rating: {{ .Values.username }} + tax: {{ .Values.username }} + recommendation: {{ .Values.username }} + webhook: {{ .Values.username }} + grafana: {{ .Values.username }} + patroni: + slots: + eventuate_slot_cart: + type: logical + database: cart + plugin: wal2json + eventuate_slot_customer: + type: logical + database: customer + plugin: wal2json + eventuate_slot_inventory: + type: logical + database: inventory + plugin: wal2json + eventuate_slot_location: + type: logical + database: location + plugin: wal2json + eventuate_slot_media: + type: logical + database: media + plugin: wal2json + eventuate_slot_order: + type: logical + database: order + plugin: wal2json + eventuate_slot_payment: + type: logical + database: payment + plugin: wal2json + eventuate_slot_product: + type: logical + database: product + plugin: wal2json + eventuate_slot_promotion: + type: logical + database: promotion + plugin: wal2json + eventuate_slot_rating: + type: logical + database: rating + plugin: wal2json + eventuate_slot_tax: + type: logical + database: tax + plugin: wal2json + allowedSourceRanges: + # IP ranges to access your cluster go here + resources: + {{ toYaml .Values.resources | nindent 4 }} \ No newline at end of file diff --git a/k8s-save/deploy/postgres/postgresql/values.yaml b/k8s-save/deploy/postgres/postgresql/values.yaml new file mode 100644 index 0000000000..5601594e65 --- /dev/null +++ b/k8s-save/deploy/postgres/postgresql/values.yaml @@ -0,0 +1,13 @@ +username: yasadminuser +password: admin +replicas: 1 +postgresqlVersion: "15" +volumeSize: "10Gi" +maxConnections: "500" +resources: + requests: + cpu: 100m + memory: 100Mi + limits: + cpu: 500m + memory: 500Mi \ No newline at end of file diff --git a/k8s-save/deploy/setup-cluster.sh b/k8s-save/deploy/setup-cluster.sh new file mode 100755 index 0000000000..25b61e012a --- /dev/null +++ b/k8s-save/deploy/setup-cluster.sh @@ -0,0 +1,130 @@ +#!/bin/bash +set -x + +# Add chart repos and update +helm repo add postgres-operator-charts https://opensource.zalando.com/postgres-operator/charts/postgres-operator +helm repo add strimzi https://strimzi.io/charts/ +helm repo add akhq https://akhq.io/ +helm repo add elastic https://helm.elastic.co +helm repo add grafana https://grafana.github.io/helm-charts +helm repo add prometheus-community https://prometheus-community.github.io/helm-charts +helm repo add open-telemetry https://open-telemetry.github.io/opentelemetry-helm-charts +helm repo add jetstack https://charts.jetstack.io +helm repo update + +#Read configuration value from cluster-config.yaml file +read -rd '' DOMAIN POSTGRESQL_REPLICAS POSTGRESQL_USERNAME POSTGRESQL_PASSWORD \ +KAFKA_REPLICAS ZOOKEEPER_REPLICAS ELASTICSEARCH_REPLICAES \ +GRAFANA_USERNAME GRAFANA_PASSWORD \ +< <(yq -r '.domain, .postgresql.replicas, .postgresql.username, + .postgresql.password, .kafka.replicas, .zookeeper.replicas, + .elasticsearch.replicas, .grafana.username, .grafana.password' ./cluster-config.yaml) + +# Define NS_PREFIX +NS_PREFIX=${NS_PREFIX:-yas-dev} + +# Install the postgres-operator +helm upgrade --install "${NS_PREFIX}-postgres-operator" postgres-operator-charts/postgres-operator \ + --create-namespace --namespace "${NS_PREFIX}-postgres" + +#Install postgresql +helm upgrade --install "${NS_PREFIX}-postgres" ./postgres/postgresql \ +--create-namespace --namespace "${NS_PREFIX}-postgres" \ +--set replicas="$POSTGRESQL_REPLICAS" \ +--set username="$POSTGRESQL_USERNAME" \ +--set password="$POSTGRESQL_PASSWORD" + +#Install pgadmin +pg_admin_hostname="pgadmin.$DOMAIN" yq -i '.hostname=env(pg_admin_hostname)' ./postgres/pgadmin/values.yaml +helm upgrade --install "${NS_PREFIX}-pgadmin" ./postgres/pgadmin \ +--create-namespace --namespace "${NS_PREFIX}-postgres" + +#Install strimzi-kafka-operator +helm upgrade --install "${NS_PREFIX}-kafka-operator" strimzi/strimzi-kafka-operator \ +--create-namespace --namespace "${NS_PREFIX}-kafka" \ +--version 0.38.0 + +#Install kafka and postgresql connector +helm upgrade --install "${NS_PREFIX}-kafka-cluster" ./kafka/kafka-cluster \ +--create-namespace --namespace "${NS_PREFIX}-kafka" \ +--set kafka.replicas="$KAFKA_REPLICAS" \ +--set zookeeper.replicas="$ZOOKEEPER_REPLICAS" \ +--set postgresql.username="$POSTGRESQL_USERNAME" \ +--set postgresql.password="$POSTGRESQL_PASSWORD" + +#Install akhq +akhq_hostname="akhq.$DOMAIN" yq -i '.hostname=env(akhq_hostname)' ./kafka/akhq.values.yaml +helm upgrade --install "${NS_PREFIX}-akhq" akhq/akhq \ +--create-namespace --namespace "${NS_PREFIX}-kafka" \ +--values ./kafka/akhq.values.yaml + +#Install elastic-operator +helm upgrade --install "${NS_PREFIX}-elastic-operator" elastic/eck-operator \ + --create-namespace --namespace "${NS_PREFIX}-elasticsearch" + +# Install elasticsearch-cluster +helm upgrade --install "${NS_PREFIX}-elasticsearch-cluster" ./elasticsearch/elasticsearch-cluster \ +--create-namespace --namespace "${NS_PREFIX}-elasticsearch" \ +--set elasticsearch.replicas="$ELASTICSEARCH_REPLICAES" \ +--set kibana.ingress.hostname="kibana.$DOMAIN" + +#Install loki +helm upgrade --install "${NS_PREFIX}-loki" grafana/loki \ + --create-namespace --namespace "${NS_PREFIX}-observability" \ + --set fullnameOverride="${NS_PREFIX}-loki" \ + -f ./observability/loki.values.yaml + +#Install tempo +helm upgrade --install "${NS_PREFIX}-tempo" grafana/tempo \ + --create-namespace --namespace "${NS_PREFIX}-observability" \ + --set fullnameOverride="${NS_PREFIX}-tempo" \ + -f ./observability/tempo.values.yaml + +#Install cert manager +helm upgrade --install "${NS_PREFIX}-cert-manager" jetstack/cert-manager \ + --namespace "${NS_PREFIX}-cert-manager" \ + --create-namespace \ + --version v1.12.0 \ + --set installCRDs=true \ + --set prometheus.enabled=false \ + --set webhook.timeoutSeconds=4 \ + --set admissionWebhooks.certManager.create=true + +#Install opentelemetry-operator +helm upgrade --install "${NS_PREFIX}-opentelemetry-operator" open-telemetry/opentelemetry-operator \ +--create-namespace --namespace "${NS_PREFIX}-observability" + +#Install opentelemetry-collector +helm upgrade --install "${NS_PREFIX}-opentelemetry-collector" ./observability/opentelemetry \ +--create-namespace --namespace "${NS_PREFIX}-observability" + +#Install promtail +helm upgrade --install "${NS_PREFIX}-promtail" grafana/promtail \ +--create-namespace --namespace "${NS_PREFIX}-observability" \ +--values ./observability/promtail.values.yaml + +#Install prometheus + grafana +grafana_hostname="grafana.$DOMAIN" yq -i '.hostname=env(grafana_hostname)' ./observability/prometheus.values.yaml +postgresql_username="$POSTGRESQL_USERNAME" yq -i '.grafana."grafana.ini".database.user=env(postgresql_username)' ./observability/prometheus.values.yaml +postgresql_password="$POSTGRESQL_PASSWORD" yq -i '.grafana."grafana.ini".database.password=env(postgresql_password)' ./observability/prometheus.values.yaml +helm upgrade --install "${NS_PREFIX}-prometheus" prometheus-community/kube-prometheus-stack \ + --create-namespace --namespace "${NS_PREFIX}-observability" \ + --set fullnameOverride="${NS_PREFIX}-prometheus" \ + -f ./observability/prometheus.values.yaml + +#Install grafana operator +helm upgrade --install "${NS_PREFIX}-grafana-operator" oci://ghcr.io/grafana-operator/helm-charts/grafana-operator \ +--version v5.0.2 \ +--create-namespace --namespace "${NS_PREFIX}-observability" + +#Add datasource and dashboard to grafana +helm upgrade --install "${NS_PREFIX}-grafana" ./observability/grafana \ +--create-namespace --namespace "${NS_PREFIX}-observability" \ +--set hostname="grafana.$DOMAIN" \ +--set grafana.username="$GRAFANA_USERNAME" \ +--set grafana.password="$GRAFANA_PASSWORD" \ +--set postgresql.username="$POSTGRESQL_USERNAME" \ +--set postgresql.password="$POSTGRESQL_PASSWORD" + +helm upgrade --install "${NS_PREFIX}-zookeeper" ./zookeeper \ + --namespace "${NS_PREFIX}-zookeeper" --create-namespace \ No newline at end of file diff --git a/k8s-save/deploy/setup-keycloak.sh b/k8s-save/deploy/setup-keycloak.sh new file mode 100755 index 0000000000..5e788daaa5 --- /dev/null +++ b/k8s-save/deploy/setup-keycloak.sh @@ -0,0 +1,34 @@ +#!/bin/bash +set -x + +#Read configuration value from cluster-config.yaml file +read -rd '' DOMAIN POSTGRESQL_USERNAME POSTGRESQL_PASSWORD \ +BOOTSTRAP_ADMIN_USERNAME BOOTSTRAP_ADMIN_PASSWORD \ +KEYCLOAK_BACKOFFICE_REDIRECT_URL KEYCLOAK_STOREFRONT_REDIRECT_URL \ +< <(yq -r '.domain, + .postgresql.username, .postgresql.password, + .keycloak.bootstrapAdmin.username, .keycloak.bootstrapAdmin.password, + .keycloak.backofficeRedirectUrl, .keycloak.storefrontRedirectUrl' ./cluster-config.yaml) + +# Define NS_PREFIX +NS_PREFIX=${NS_PREFIX:-yas-dev} +KEYCLOAK_NS="${NS_PREFIX}-keycloak" + +# Create keycloak namespace +kubectl create namespace "$KEYCLOAK_NS" --dry-run=client -o yaml | kubectl apply -f - + +# Install Keycloak operator CRDs and operator into the build namespace +kubectl apply -f https://raw.githubusercontent.com/keycloak/keycloak-k8s-resources/26.0.2/kubernetes/keycloaks.k8s.keycloak.org-v1.yml +kubectl apply -f https://raw.githubusercontent.com/keycloak/keycloak-k8s-resources/26.0.2/kubernetes/keycloakrealmimports.k8s.keycloak.org-v1.yml +kubectl apply -f https://raw.githubusercontent.com/keycloak/keycloak-k8s-resources/26.0.2/kubernetes/kubernetes.yml -n "$KEYCLOAK_NS" + +# Install keycloak +helm upgrade --install "${NS_PREFIX}-keycloak" ./keycloak/keycloak \ +--namespace "$KEYCLOAK_NS" \ +--set hostname="identity.$DOMAIN" \ +--set postgresql.username="$POSTGRESQL_USERNAME" \ +--set postgresql.password="$POSTGRESQL_PASSWORD" \ +--set bootstrapAdmin.username="$BOOTSTRAP_ADMIN_USERNAME" \ +--set bootstrapAdmin.password="$BOOTSTRAP_ADMIN_PASSWORD" \ +--set backofficeRedirectUrl="$KEYCLOAK_BACKOFFICE_REDIRECT_URL" \ +--set storefrontRedirectUrl="$KEYCLOAK_STOREFRONT_REDIRECT_URL" diff --git a/k8s-save/deploy/setup-redis.sh b/k8s-save/deploy/setup-redis.sh new file mode 100755 index 0000000000..12fb87d937 --- /dev/null +++ b/k8s-save/deploy/setup-redis.sh @@ -0,0 +1,13 @@ +#!/bin/bash +set -x + +#Read configuration value from cluster-config.yaml file +read -rd '' REDIS_PASSWORD \ +< <(yq -r '.redis.password' ./cluster-config.yaml) + +# Define NS_PREFIX +NS_PREFIX=${NS_PREFIX:-yas-dev} + +helm upgrade --install "${NS_PREFIX}-redis" \ + --set auth.password="$REDIS_PASSWORD" \ + oci://registry-1.docker.io/bitnamicharts/redis -n "${NS_PREFIX}-redis" --create-namespace diff --git a/k8s-save/deploy/zookeeper/.helmignore b/k8s-save/deploy/zookeeper/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/k8s-save/deploy/zookeeper/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s-save/deploy/zookeeper/Chart.yaml b/k8s-save/deploy/zookeeper/Chart.yaml new file mode 100644 index 0000000000..fa5cc184f6 --- /dev/null +++ b/k8s-save/deploy/zookeeper/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: zookeeper +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "3.8.2" diff --git a/k8s-save/deploy/zookeeper/templates/NOTES.txt b/k8s-save/deploy/zookeeper/templates/NOTES.txt new file mode 100644 index 0000000000..c86c53e0b8 --- /dev/null +++ b/k8s-save/deploy/zookeeper/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "zookeeper.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "zookeeper.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "zookeeper.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "zookeeper.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/k8s-save/deploy/zookeeper/templates/_helpers.tpl b/k8s-save/deploy/zookeeper/templates/_helpers.tpl new file mode 100644 index 0000000000..64d8ce47e9 --- /dev/null +++ b/k8s-save/deploy/zookeeper/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "zookeeper.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "zookeeper.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "zookeeper.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "zookeeper.labels" -}} +helm.sh/chart: {{ include "zookeeper.chart" . }} +{{ include "zookeeper.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "zookeeper.selectorLabels" -}} +app.kubernetes.io/name: {{ include "zookeeper.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "zookeeper.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "zookeeper.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/k8s-save/deploy/zookeeper/templates/deployment.yaml b/k8s-save/deploy/zookeeper/templates/deployment.yaml new file mode 100644 index 0000000000..fa546a5cc9 --- /dev/null +++ b/k8s-save/deploy/zookeeper/templates/deployment.yaml @@ -0,0 +1,82 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ include "zookeeper.fullname" . }} + labels: + {{- include "zookeeper.labels" . | nindent 4 }} +spec: + serviceName: {{ include "zookeeper.fullname" . }} + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "zookeeper.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "zookeeper.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "zookeeper.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + volumeMounts: + - name: {{ include "zookeeper.fullname" . }}-persistent-storage + mountPath: /usr/local/zookeeper-data + env: + - name: ZOOKEEPER_CLIENT_PORT + value: "2181" + - name: KAFKA_HEAP_OPTS + value: -Xmx64m + ports: + - name: zkport + containerPort: 2181 + protocol: TCP + livenessProbe: + exec: + command: + - bash + - -c + - "(echo ruok | nc localhost 2181) || exit 1" + readinessProbe: + exec: + command: + - bash + - -c + - "(echo ruok | nc localhost 2181) || exit 1" + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumeClaimTemplates: + - metadata: + name: {{ include "zookeeper.fullname" . }}-persistent-storage + spec: + accessModes: [ "ReadWriteOnce" ] + resources: + requests: + storage: 1Gi \ No newline at end of file diff --git a/k8s-save/deploy/zookeeper/templates/hpa.yaml b/k8s-save/deploy/zookeeper/templates/hpa.yaml new file mode 100644 index 0000000000..df40aae3bb --- /dev/null +++ b/k8s-save/deploy/zookeeper/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "zookeeper.fullname" . }} + labels: + {{- include "zookeeper.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "zookeeper.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/k8s-save/deploy/zookeeper/templates/ingress.yaml b/k8s-save/deploy/zookeeper/templates/ingress.yaml new file mode 100644 index 0000000000..751e1fb0ed --- /dev/null +++ b/k8s-save/deploy/zookeeper/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "zookeeper.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "zookeeper.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/k8s-save/deploy/zookeeper/templates/service.yaml b/k8s-save/deploy/zookeeper/templates/service.yaml new file mode 100644 index 0000000000..6fc4f81f1e --- /dev/null +++ b/k8s-save/deploy/zookeeper/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "zookeeper.fullname" . }} + labels: + {{- include "zookeeper.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: zkport + protocol: TCP + name: zkport + selector: + {{- include "zookeeper.selectorLabels" . | nindent 4 }} diff --git a/k8s-save/deploy/zookeeper/templates/serviceaccount.yaml b/k8s-save/deploy/zookeeper/templates/serviceaccount.yaml new file mode 100644 index 0000000000..aee12d9bcb --- /dev/null +++ b/k8s-save/deploy/zookeeper/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "zookeeper.serviceAccountName" . }} + labels: + {{- include "zookeeper.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/k8s-save/deploy/zookeeper/templates/tests/test-connection.yaml b/k8s-save/deploy/zookeeper/templates/tests/test-connection.yaml new file mode 100644 index 0000000000..6bfda6d840 --- /dev/null +++ b/k8s-save/deploy/zookeeper/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "zookeeper.fullname" . }}-test-connection" + labels: + {{- include "zookeeper.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "zookeeper.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/k8s-save/deploy/zookeeper/values.yaml b/k8s-save/deploy/zookeeper/values.yaml new file mode 100644 index 0000000000..bdd6aacb84 --- /dev/null +++ b/k8s-save/deploy/zookeeper/values.yaml @@ -0,0 +1,82 @@ +# Default values for zookeeper. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: zookeeper + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 2181 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/k8s/charts/backoffice-bff/values.yaml b/k8s/charts/backoffice-bff/values.yaml index 84a1518143..534317dd3c 100644 --- a/k8s/charts/backoffice-bff/values.yaml +++ b/k8s/charts/backoffice-bff/values.yaml @@ -1,6 +1,6 @@ backend: image: - repository: ghcr.io/nashtech-garage/yas-backoffice-bff + repository: hownamee/yas-backoffice-bff tag: latest nameOverride: backoffice-bff diff --git a/k8s/charts/backoffice-ui/values.yaml b/k8s/charts/backoffice-ui/values.yaml index 7833916f08..af82de9fd9 100644 --- a/k8s/charts/backoffice-ui/values.yaml +++ b/k8s/charts/backoffice-ui/values.yaml @@ -1,6 +1,6 @@ ui: image: - repository: ghcr.io/nashtech-garage/yas-backoffice + repository: hownamee/yas-backoffice tag: latest nameOverride: backoffice-ui fullnameOverride: backoffice-ui diff --git a/k8s/charts/cart/values.yaml b/k8s/charts/cart/values.yaml index 4ad2633ccc..6195cc2a73 100644 --- a/k8s/charts/cart/values.yaml +++ b/k8s/charts/cart/values.yaml @@ -1,6 +1,6 @@ backend: image: - repository: ghcr.io/nashtech-garage/yas-cart + repository: hownamee/yas-cart tag: latest nameOverride: cart diff --git a/k8s/charts/customer/values.yaml b/k8s/charts/customer/values.yaml index 23bdad1de4..8c8531e1ac 100644 --- a/k8s/charts/customer/values.yaml +++ b/k8s/charts/customer/values.yaml @@ -1,6 +1,6 @@ backend: image: - repository: ghcr.io/nashtech-garage/yas-customer + repository: hownamee/yas-customer tag: latest nameOverride: customer diff --git a/k8s/charts/inventory/values.yaml b/k8s/charts/inventory/values.yaml index 5d7f71bb15..60d7f7f806 100644 --- a/k8s/charts/inventory/values.yaml +++ b/k8s/charts/inventory/values.yaml @@ -1,6 +1,6 @@ backend: image: - repository: ghcr.io/nashtech-garage/yas-inventory + repository: hownamee/yas-inventory tag: latest nameOverride: inventory diff --git a/k8s/charts/location/values.yaml b/k8s/charts/location/values.yaml index d279b690d9..c1e13df106 100644 --- a/k8s/charts/location/values.yaml +++ b/k8s/charts/location/values.yaml @@ -1,6 +1,6 @@ backend: image: - repository: ghcr.io/nashtech-garage/yas-location + repository: hownamee/yas-location tag: latest nameOverride: location diff --git a/k8s/charts/media/values.yaml b/k8s/charts/media/values.yaml index dad09f5c34..684d267b2a 100644 --- a/k8s/charts/media/values.yaml +++ b/k8s/charts/media/values.yaml @@ -1,6 +1,6 @@ backend: image: - repository: ghcr.io/nashtech-garage/yas-media + repository: hownamee/yas-media tag: latest nameOverride: media diff --git a/k8s/charts/order/values.yaml b/k8s/charts/order/values.yaml index ac1ae52109..8aa4780f90 100644 --- a/k8s/charts/order/values.yaml +++ b/k8s/charts/order/values.yaml @@ -1,6 +1,6 @@ backend: image: - repository: ghcr.io/nashtech-garage/yas-order + repository: hownamee/yas-order tag: latest nameOverride: order diff --git a/k8s/charts/payment-paypal/values.yaml b/k8s/charts/payment-paypal/values.yaml index 0b81b6e550..53b1712fbe 100644 --- a/k8s/charts/payment-paypal/values.yaml +++ b/k8s/charts/payment-paypal/values.yaml @@ -1,6 +1,6 @@ backend: image: - repository: ghcr.io/nashtech-garage/yas-payment-paypal + repository: hownamee/yas-payment-paypal tag: latest nameOverride: payment-paypal diff --git a/k8s/charts/payment/values.yaml b/k8s/charts/payment/values.yaml index 80bca0f366..ac6648cdc7 100644 --- a/k8s/charts/payment/values.yaml +++ b/k8s/charts/payment/values.yaml @@ -1,6 +1,6 @@ backend: image: - repository: ghcr.io/nashtech-garage/yas-payment + repository: hownamee/yas-payment tag: latest nameOverride: payment diff --git a/k8s/charts/product/values.yaml b/k8s/charts/product/values.yaml index 8328a6adda..cce90d759b 100644 --- a/k8s/charts/product/values.yaml +++ b/k8s/charts/product/values.yaml @@ -1,6 +1,6 @@ backend: image: - repository: ghcr.io/nashtech-garage/yas-product + repository: hownamee/yas-product tag: latest nameOverride: product diff --git a/k8s/charts/promotion/values.yaml b/k8s/charts/promotion/values.yaml index c903926274..c39ffde139 100644 --- a/k8s/charts/promotion/values.yaml +++ b/k8s/charts/promotion/values.yaml @@ -1,6 +1,6 @@ backend: image: - repository: ghcr.io/nashtech-garage/yas-promotion + repository: hownamee/yas-promotion tag: latest nameOverride: promotion diff --git a/k8s/charts/rating/values.yaml b/k8s/charts/rating/values.yaml index 80f44c8ea0..8b56e18d54 100644 --- a/k8s/charts/rating/values.yaml +++ b/k8s/charts/rating/values.yaml @@ -1,6 +1,6 @@ backend: image: - repository: ghcr.io/nashtech-garage/yas-rating + repository: hownamee/yas-rating tag: latest nameOverride: rating diff --git a/k8s/charts/recommendation/values.yaml b/k8s/charts/recommendation/values.yaml index bc51cee4ce..0fccede06a 100644 --- a/k8s/charts/recommendation/values.yaml +++ b/k8s/charts/recommendation/values.yaml @@ -1,6 +1,6 @@ backend: image: - repository: ghcr.io/nashtech-garage/yas-recommendation + repository: hownamee/yas-recommendation tag: latest nameOverride: recommendation diff --git a/k8s/charts/sampledata/values.yaml b/k8s/charts/sampledata/values.yaml index 240cd0d04e..d1541f89b3 100644 --- a/k8s/charts/sampledata/values.yaml +++ b/k8s/charts/sampledata/values.yaml @@ -1,6 +1,6 @@ backend: image: - repository: ghcr.io/nashtech-garage/yas-sampledata + repository: hownamee/yas-sampledata tag: latest nameOverride: sampledata diff --git a/k8s/charts/search/values.yaml b/k8s/charts/search/values.yaml index e509319f13..c04d8da756 100644 --- a/k8s/charts/search/values.yaml +++ b/k8s/charts/search/values.yaml @@ -1,6 +1,6 @@ backend: image: - repository: ghcr.io/nashtech-garage/yas-search + repository: hownamee/yas-search tag: latest nameOverride: search diff --git a/k8s/charts/storefront-bff/values.yaml b/k8s/charts/storefront-bff/values.yaml index 23bfc5fccb..5fbdb906da 100644 --- a/k8s/charts/storefront-bff/values.yaml +++ b/k8s/charts/storefront-bff/values.yaml @@ -1,6 +1,6 @@ backend: image: - repository: ghcr.io/nashtech-garage/yas-storefront-bff + repository: hownamee/yas-storefront-bff tag: latest nameOverride: storefront-bff diff --git a/k8s/charts/storefront-ui/values.yaml b/k8s/charts/storefront-ui/values.yaml index 48abb6539a..e7b617d1a1 100644 --- a/k8s/charts/storefront-ui/values.yaml +++ b/k8s/charts/storefront-ui/values.yaml @@ -1,6 +1,6 @@ ui: image: - repository: ghcr.io/nashtech-garage/yas-storefront + repository: hownamee/yas-storefront tag: latest nameOverride: storefront-ui fullnameOverride: storefront-ui diff --git a/k8s/charts/tax/values.yaml b/k8s/charts/tax/values.yaml index fe6aa0ece7..dfaa655712 100644 --- a/k8s/charts/tax/values.yaml +++ b/k8s/charts/tax/values.yaml @@ -1,6 +1,6 @@ backend: image: - repository: ghcr.io/nashtech-garage/yas-tax + repository: hownamee/yas-tax tag: latest nameOverride: tax diff --git a/k8s/charts/values.template.yaml b/k8s/charts/values.template.yaml index 3c09189077..6ff48fe483 100644 --- a/k8s/charts/values.template.yaml +++ b/k8s/charts/values.template.yaml @@ -1,6 +1,6 @@ backend: image: - repository: ghcr.io/nashtech-garage/yas-{{service}} + repository: hownamee/yas-{{service}} tag: latest nameOverride: {{service}} diff --git a/k8s/charts/webhook/values.yaml b/k8s/charts/webhook/values.yaml index ed4f7db8e1..67193d35f1 100644 --- a/k8s/charts/webhook/values.yaml +++ b/k8s/charts/webhook/values.yaml @@ -1,6 +1,6 @@ backend: image: - repository: ghcr.io/nashtech-garage/yas-webhook + repository: hownamee/yas-webhook tag: latest nameOverride: webhook diff --git a/k8s/deploy/DeployCLI.md b/k8s/deploy/DeployCLI.md new file mode 100755 index 0000000000..5e9f6aa42e --- /dev/null +++ b/k8s/deploy/DeployCLI.md @@ -0,0 +1,78 @@ +# Deploy yas k8s + +## 0. Start minikube + +```bash +minikube start --driver=docker --disk-size='80000mb' --memory='18g' --cpus='7' --kubernetes-version=v1.29.0 +minikube addons enable ingress +``` + +## 1. Install Ingress NGINX Controller (K8S Cluster) + +```bash +helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx +helm repo update + +helm upgrade --install ingress-nginx ingress-nginx/ingress-nginx \ + --namespace ingress-nginx --create-namespace \ + --set controller.service.type=NodePort \ + --set controller.service.nodePorts.http=30080 \ + --set controller.service.nodePorts.https=30443 +``` + +## 2. Deploy YAS System and Infrastructure + +```bash +cd k8s/deploy/ +./setup-cluster.sh +./setup-redis.sh +./setup-keycloak.sh +./deploy-yas-configuration.sh +./deploy-yas-applications.sh +``` + +## 3. Configure Local DNS (Mapping Domain) + +```bash +# Kiểm tra IP của Node +kubectl get nodes -o wide + +# Thêm cấu hình vào file hosts +sudo nano /etc/hosts +``` + +*Thêm nội dung sau vào file `/etc/hosts`:* + +```text +192.168.49.2 pgoperator.yas.local.com +192.168.49.2 pgadmin.yas.local.com +192.168.49.2 akhq.yas.local.com +192.168.49.2 kibana.yas.local.com +192.168.49.2 identity.yas.local.com +192.168.49.2 backoffice.yas.local.com +192.168.49.2 storefront.yas.local.com +192.168.49.2 grafana.yas.local.com +192.168.49.2 api.yas.local.com +``` + +## 4. Teardown & Cleanup + +```bash +# 1. Xóa các ứng dụng bằng Helm một cách an toàn (tránh lỗi nếu namespace trống) +NAMESPACES="yas postgres elasticsearch kafka keycloak observability zookeeper redis ingress-nginx cert-manager" +for ns in $NAMESPACES; do + helm list -n $ns -q | xargs -r helm uninstall -n $ns +done + +# 2. Xóa các Custom Resource Definitions (CRDs) +kubectl delete crd $(kubectl get crd -o name | grep -E "zalan.do|strimzi|elastic|keycloak|cert-manager|opentelemetry") + +# 3. Xóa toàn bộ dữ liệu (Persistent Volume Claims) TRƯỚC KHI xóa namespace +kubectl delete pvc --all -A + +# 4. Xóa các Namespaces (Bước này sẽ quét sạch các ConfigMap, Secret, Service còn sót lại) +kubectl delete ns $NAMESPACES --ignore-not-found=true + +# 5. (Tùy chọn) Xóa bỏ các Persistent Volumes (PV) bị mồ côi nếu StorageClass không tự dọn +kubectl delete pv --all +``` diff --git a/k8s/deploy/Dockerfile b/k8s/deploy/Dockerfile new file mode 100644 index 0000000000..356b5ce395 --- /dev/null +++ b/k8s/deploy/Dockerfile @@ -0,0 +1,10 @@ +FROM quay.io/strimzi/kafka:0.38.0-kafka-3.6.0 + +USER root:root + +RUN mkdir -p /opt/kafka/plugins/debezium-postgres && \ + curl -L https://repo1.maven.org/maven2/io/debezium/debezium-connector-postgres/2.5.0.Final/debezium-connector-postgres-2.5.0.Final-plugin.tar.gz | tar -xzf - -C /opt/kafka/plugins/debezium-postgres --strip-components=1 + +RUN chown -R 1001:1001 /opt/kafka/plugins/debezium-postgres + +USER 1001 \ No newline at end of file diff --git a/k8s/deploy/README.md b/k8s/deploy/README.md old mode 100644 new mode 100755 diff --git a/k8s/deploy/cluster-config.yaml b/k8s/deploy/cluster-config.yaml old mode 100644 new mode 100755 diff --git a/k8s/deploy/deploy-yas-applications.sh b/k8s/deploy/deploy-yas-applications.sh old mode 100644 new mode 100755 index c00139937c..c2c2c6d960 --- a/k8s/deploy/deploy-yas-applications.sh +++ b/k8s/deploy/deploy-yas-applications.sh @@ -17,7 +17,7 @@ helm dependency build ../charts/backoffice-ui helm upgrade --install backoffice-ui ../charts/backoffice-ui \ --namespace yas --create-namespace -sleep 60 +sleep 20 helm dependency build ../charts/storefront-bff helm upgrade --install storefront-bff ../charts/storefront-bff \ @@ -28,7 +28,7 @@ helm dependency build ../charts/storefront-ui helm upgrade --install storefront-ui ../charts/storefront-ui \ --namespace yas --create-namespace -sleep 60 +sleep 20 helm upgrade --install swagger-ui ../charts/swagger-ui \ --namespace yas --create-namespace \ @@ -36,10 +36,10 @@ helm upgrade --install swagger-ui ../charts/swagger-ui \ sleep 20 -for chart in {"cart","customer","inventory","location","media","order","payment","payment-paypal","product","promotion","rating","search","tax","recommendation","webhook","sampledata"} ; do +for chart in {"cart","customer","inventory","location","media","order","payment","product","promotion","rating","search","tax","recommendation","webhook","sampledata"} ; do helm dependency build ../charts/"$chart" helm upgrade --install "$chart" ../charts/"$chart" \ --namespace yas --create-namespace \ --set backend.ingress.host="api.$DOMAIN" - sleep 60 + sleep 20 done diff --git a/k8s/deploy/deploy-yas-configuration.sh b/k8s/deploy/deploy-yas-configuration.sh old mode 100644 new mode 100755 diff --git a/k8s/deploy/infrastructure.sh b/k8s/deploy/infrastructure.sh new file mode 100755 index 0000000000..2cd85a6b88 --- /dev/null +++ b/k8s/deploy/infrastructure.sh @@ -0,0 +1,26 @@ +#!/bin/bash +set -e + +echo ">>> 1. Cài đặt yq (v4.44.1)..." +sudo wget https://github.com/mikefarah/yq/releases/download/v4.44.1/yq_linux_amd64 -O /usr/bin/yq +sudo chmod +x /usr/bin/yq +yq --version + +echo ">>> 2. Cài đặt Local Path Provisioner (StorageClass)..." +kubectl apply -f https://raw.githubusercontent.com/rancher/local-path-provisioner/v0.0.28/deploy/local-path-storage.yaml + +echo ">>> 3. Thiết lập local-path làm StorageClass mặc định..." +kubectl patch storageclass local-path -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}' + +echo ">>> 4. Xóa các Pod bị Evicted để hệ thống dọn dẹp..." +kubectl delete pod -A --field-selector status.phase=Failed + +echo ">>> 5. Triển khai lại Keycloak (để cập nhật config từ yq)..." +# Chạy lại script setup keycloak +./setup-keycloak.sh + +echo "=========================================================" +echo "XONG! Hãy đợi khoảng 1-2 phút để các PVC chuyển sang Bound" +echo "và các Pod infrastructure (Redis, Postgres) khởi động." +echo "Sau đó bạn có thể chạy ./deploy-yas-applications.sh" +echo "=========================================================" diff --git a/k8s/deploy/kafka/kafka-cluster/templates/kafka-cluster.yaml b/k8s/deploy/kafka/kafka-cluster/templates/kafka-cluster.yaml index a9c643ca79..564dce8f64 100644 --- a/k8s/deploy/kafka/kafka-cluster/templates/kafka-cluster.yaml +++ b/k8s/deploy/kafka/kafka-cluster/templates/kafka-cluster.yaml @@ -25,7 +25,7 @@ spec: volumes: - id: 0 type: persistent-claim - size: 100Gi + size: 10Gi deleteClaim: false config: offsets.topic.replication.factor: 1 @@ -35,6 +35,8 @@ spec: min.insync.replicas: 1 zookeeper: replicas: {{ .Values.zookeeper.replicas }} + config: + quorumListenOnAllIPs: "true" storage: type: persistent-claim size: {{ .Values.zookeeper.storeSize }} diff --git a/k8s/deploy/kafka/kafka-cluster/values.yaml b/k8s/deploy/kafka/kafka-cluster/values.yaml index 7746cad987..9bf79352c0 100644 --- a/k8s/deploy/kafka/kafka-cluster/values.yaml +++ b/k8s/deploy/kafka/kafka-cluster/values.yaml @@ -7,5 +7,5 @@ postgresql: username: yasadminuser password: admin debeziumConnect: - image: ghcr.io/nashtech-garage/debezium-connect-postgresql:latest + image: melyen/my-debezium-postgres:latest buildImage: false #Enabled when build debezium-connect-postgresql image \ No newline at end of file diff --git a/k8s/deploy/keycloak/keycloak/templates/keycloak.yaml b/k8s/deploy/keycloak/keycloak/templates/keycloak.yaml index 8755e4ae9e..411cd84d44 100644 --- a/k8s/deploy/keycloak/keycloak/templates/keycloak.yaml +++ b/k8s/deploy/keycloak/keycloak/templates/keycloak.yaml @@ -19,7 +19,7 @@ spec: port: 5432 http: httpEnabled: true - httpPort: 80 + httpPort: 8080 hostname: hostname: http://{{ .Values.hostname }} backchannelDynamic: true diff --git a/k8s/deploy/observability/loki.values.yaml b/k8s/deploy/observability/loki.values.yaml index 3a071a442b..e3afaa952d 100644 --- a/k8s/deploy/observability/loki.values.yaml +++ b/k8s/deploy/observability/loki.values.yaml @@ -19,4 +19,9 @@ monitoring: selfMonitoring: enabled: false grafanaAgent: - installOperator: false \ No newline at end of file + installOperator: false + +resultsCache: + allocatedMemory: 512 +chunksCache: + allocatedMemory: 512 diff --git a/k8s/deploy/observability/opentelemetry/templates/opentelemetry-collector.yaml b/k8s/deploy/observability/opentelemetry/templates/opentelemetry-collector.yaml index d3f5185440..2f5ae3c23e 100644 --- a/k8s/deploy/observability/opentelemetry/templates/opentelemetry-collector.yaml +++ b/k8s/deploy/observability/opentelemetry/templates/opentelemetry-collector.yaml @@ -4,6 +4,7 @@ metadata: name: opentelemetry spec: mode: deployment + image: ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-contrib:0.90.0 ports: - name: loki port: 3500 diff --git a/k8s/deploy/observability/prometheus.values.yaml b/k8s/deploy/observability/prometheus.values.yaml index 4e325f2658..af331558ad 100644 --- a/k8s/deploy/observability/prometheus.values.yaml +++ b/k8s/deploy/observability/prometheus.values.yaml @@ -3,6 +3,7 @@ prometheus: prometheusSpec: enableRemoteWriteReceiver: true grafana: + assertNoLeakedSecrets: false grafana.ini: database: type: postgres diff --git a/k8s/deploy/postgres/postgresql/templates/postgresql.yaml b/k8s/deploy/postgres/postgresql/templates/postgresql.yaml index bb68daf800..33208a255e 100644 --- a/k8s/deploy/postgres/postgresql/templates/postgresql.yaml +++ b/k8s/deploy/postgres/postgresql/templates/postgresql.yaml @@ -43,8 +43,8 @@ spec: promotion: {{ .Values.username }} rating: {{ .Values.username }} tax: {{ .Values.username }} - recommendation: { { .Values.username } } - webhook: { { .Values.username } } + recommendation: {{ .Values.username }} + webhook: {{ .Values.username }} grafana: {{ .Values.username }} patroni: slots: diff --git a/k8s/deploy/setup-cluster.sh b/k8s/deploy/setup-cluster.sh old mode 100644 new mode 100755 index ecc7798fa6..50e9250a03 --- a/k8s/deploy/setup-cluster.sh +++ b/k8s/deploy/setup-cluster.sh @@ -38,7 +38,8 @@ helm upgrade --install pgadmin ./postgres/pgadmin \ #Install strimzi-kafka-operator helm upgrade --install kafka-operator strimzi/strimzi-kafka-operator \ ---create-namespace --namespace kafka +--create-namespace --namespace kafka \ +--version 0.38.0 #Install kafka and postgresql connector helm upgrade --install kafka-cluster ./kafka/kafka-cluster \ @@ -67,7 +68,8 @@ helm upgrade --install elasticsearch-cluster ./elasticsearch/elasticsearch-clust #Install loki helm upgrade --install loki grafana/loki \ --create-namespace --namespace observability \ - -f ./observability/loki.values.yaml + -f ./observability/loki.values.yaml \ + --set loki.useTestSchema=true #Install tempo helm upgrade --install tempo grafana/tempo \ @@ -88,6 +90,9 @@ helm upgrade --install cert-manager jetstack/cert-manager \ helm upgrade --install opentelemetry-operator open-telemetry/opentelemetry-operator \ --create-namespace --namespace observability +kubectl wait --for=condition=available --timeout=120s deployment/opentelemetry-operator -n observability +sleep 10 + #Install opentelemetry-collector helm upgrade --install opentelemetry-collector ./observability/opentelemetry \ --create-namespace --namespace observability diff --git a/k8s/deploy/setup-keycloak.sh b/k8s/deploy/setup-keycloak.sh old mode 100644 new mode 100755 diff --git a/k8s/deploy/setup-redis.sh b/k8s/deploy/setup-redis.sh old mode 100644 new mode 100755 diff --git a/location/src/main/java/com/yas/location/controller/AddressController.java b/location/src/main/java/com/yas/location/controller/AddressController.java index c04299e7e6..dca109ee13 100644 --- a/location/src/main/java/com/yas/location/controller/AddressController.java +++ b/location/src/main/java/com/yas/location/controller/AddressController.java @@ -22,7 +22,6 @@ public class AddressController { private final AddressService addressService; - @PostMapping("/storefront/addresses") public ResponseEntity createAddress(@Valid @RequestBody AddressPostVm dto) { return ResponseEntity.ok(addressService.createAddress(dto)); diff --git a/media/src/main/java/com/yas/media/mapper/MediaVmMapper.java b/media/src/main/java/com/yas/media/mapper/MediaVmMapper.java index c68ea5fa79..566f78480e 100644 --- a/media/src/main/java/com/yas/media/mapper/MediaVmMapper.java +++ b/media/src/main/java/com/yas/media/mapper/MediaVmMapper.java @@ -7,4 +7,5 @@ @Mapper(componentModel = "spring") public interface MediaVmMapper extends BaseMapper { + } diff --git a/payment/src/main/resources/db/changelog/data/changelog-0001-provider.sql b/payment/src/main/resources/db/changelog/data/changelog-0001-provider.sql index dfc3a5e915..9c3810ebfd 100644 --- a/payment/src/main/resources/db/changelog/data/changelog-0001-provider.sql +++ b/payment/src/main/resources/db/changelog/data/changelog-0001-provider.sql @@ -1,7 +1,7 @@ --liquibase formatted sql --changeset hoanglam:paypal -insert into payment_provider (id, is_enabled, name, configure_url, landing_view_component_name, additional_settings) +insert into payment_provider (id, enabled, name, configure_url, landing_view_component_name, additional_settings) values ('PaypalPayment', 'true', 'paypal', 'paypal-config', 'paypal landing view', '{"clientId": "AW7GUe26RhVRlWKHeKHjl43ZqON8NFgJbEOljFDkuBiLlFYWj7mskz77QgVMHkl2M9VBMA5jWMFwxRll", "clientSecret": "ENX1js2V-5bdTe86voCAcyrT6bcRtVzRcvNsdo0XDhDYT_5KEBmlYT7oOBWVVwjPsS4i6bktL1R8eL3j", "mode": "sandbox"}'); diff --git a/payment/src/main/resources/db/changelog/data/changelog-0002-provider.sql b/payment/src/main/resources/db/changelog/data/changelog-0002-provider.sql index 3c5d1c1c09..f14608ab42 100644 --- a/payment/src/main/resources/db/changelog/data/changelog-0002-provider.sql +++ b/payment/src/main/resources/db/changelog/data/changelog-0002-provider.sql @@ -1,7 +1,7 @@ --liquibase formatted sql --changeset hieunc:cod -insert into payment_provider (id, is_enabled, name, configure_url, landing_view_component_name, additional_settings) +insert into payment_provider (id, enabled, name, configure_url, landing_view_component_name, additional_settings) values ('CodPayment', 'true', 'Cash on Delivery', 'cod-config', 'cod landing view', ''); diff --git a/payment/src/main/resources/db/changelog/ddl/changelog-0002.sql b/payment/src/main/resources/db/changelog/ddl/changelog-0002.sql index 92e47f9c03..3bd683e949 100644 --- a/payment/src/main/resources/db/changelog/ddl/changelog-0002.sql +++ b/payment/src/main/resources/db/changelog/ddl/changelog-0002.sql @@ -1,7 +1,7 @@ create table payment_provider ( id varchar(255) not null, - is_enabled boolean, + enabled boolean, name varchar(255), configure_url varchar(255), landing_view_component_name varchar(255), diff --git a/payment/src/main/resources/db/changelog/ddl/changelog-0004.sql b/payment/src/main/resources/db/changelog/ddl/changelog-0004.sql index 8211ebff81..3ea8fbb1fe 100644 --- a/payment/src/main/resources/db/changelog/ddl/changelog-0004.sql +++ b/payment/src/main/resources/db/changelog/ddl/changelog-0004.sql @@ -7,4 +7,4 @@ ADD COLUMN created_by varchar(255) DEFAULT 'admin', ADD COLUMN last_modified_on timestamp(6) DEFAULT CURRENT_TIMESTAMP, ADD COLUMN last_modified_by varchar(255) DEFAULT 'admin'; -ALTER TABLE IF EXISTS "payment_provider" RENAME COLUMN is_enabled TO enabled; \ No newline at end of file +-- ALTER TABLE IF EXISTS "payment_provider" RENAME COLUMN is_enabled TO enabled; \ No newline at end of file diff --git a/search/pom.xml b/search/pom.xml index 5a10206496..10a3072d39 100644 --- a/search/pom.xml +++ b/search/pom.xml @@ -16,6 +16,7 @@ nashtech-garage https://sonarcloud.io nashtech-garage_yas-search + true diff --git a/search/src/it/java/com/yas/search/kafka/ProductCdcConsumerTest.java b/search/src/it/java/com/yas/search/kafka/ProductCdcConsumerTest.java index b4f1facdd4..25058aa961 100644 --- a/search/src/it/java/com/yas/search/kafka/ProductCdcConsumerTest.java +++ b/search/src/it/java/com/yas/search/kafka/ProductCdcConsumerTest.java @@ -35,6 +35,7 @@ import org.springframework.context.annotation.PropertySource; import org.springframework.web.util.UriComponentsBuilder; +@Disabled @Import(KafkaIntegrationTestConfiguration.class) @PropertySource("classpath:application.properties") @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)