diff --git a/.github/workflows/merge.yml b/.github/workflows/merge.yml index 92db154a7..5ff66c877 100644 --- a/.github/workflows/merge.yml +++ b/.github/workflows/merge.yml @@ -49,8 +49,8 @@ jobs: tag: ${{ needs.vars.outputs.pr }} release: prod params: - --set backend.deploymentStrategy.type=RollingUpdate - --set frontend.deploymentStrategy.type=RollingUpdate + --set backend.deploymentStrategy=RollingUpdate + --set frontend.deploymentStrategy=RollingUpdate promote: name: Promote Images diff --git a/backend/src/app.module.ts b/backend/src/app.module.ts index a198dff3a..472e5da0e 100644 --- a/backend/src/app.module.ts +++ b/backend/src/app.module.ts @@ -16,7 +16,7 @@ const DB_PWD = encodeURIComponent(process.env.POSTGRES_PASSWORD || "default"); / const DB_PORT = process.env.POSTGRES_PORT || 5432; const DB_NAME = process.env.POSTGRES_DATABASE || "postgres"; const DB_SCHEMA = process.env.DB_SCHEMA || "users"; - +const dataSourceURL = `postgresql://${DB_USER}:${DB_PWD}@${DB_HOST}:${DB_PORT}/${DB_NAME}?schema=${DB_SCHEMA}&connection_limit=5`; function getMiddlewares() { if (process.env.PRISMA_LOGGING) { return [ diff --git a/charts/quickstart-openshift/Chart.yaml b/charts/quickstart-openshift/Chart.yaml index 887e48eb7..c38f1adf0 100644 --- a/charts/quickstart-openshift/Chart.yaml +++ b/charts/quickstart-openshift/Chart.yaml @@ -25,29 +25,11 @@ version: 0.1.0 appVersion: "1.16.0" dependencies: - - name: component - condition: backend.enabled - version: 0.3.0 - repository: https://bcgov.github.io/helm-service - alias: backend - - - name: component - condition: frontend.enabled - version: 0.3.0 - repository: https://bcgov.github.io/helm-service - alias: frontend - - name: postgresql condition: bitnami-pg.enabled version: 14.0.5 repository: https://charts.bitnami.com/bitnami alias: bitnami-pg - - - name: component - condition: backup.enabled - version: 0.3.0 - repository: https://bcgov.github.io/helm-service - alias: backup maintainers: - name: Om Mishra email: omprakash.2.mishra@gov.bc.ca diff --git a/charts/quickstart-openshift/templates/backend/templates/_helpers.tpl b/charts/quickstart-openshift/templates/backend/templates/_helpers.tpl new file mode 100644 index 000000000..b10861537 --- /dev/null +++ b/charts/quickstart-openshift/templates/backend/templates/_helpers.tpl @@ -0,0 +1,51 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "backend.name" -}} +{{- printf "backend" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "backend.fullname" -}} +{{- $componentName := include "backend.name" . }} +{{- if .Values.backend.fullnameOverride }} +{{- .Values.backend.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $componentName | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "backend.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "backend.labels" -}} +helm.sh/chart: {{ include "backend.chart" . }} +{{ include "backend.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/image-version: {{ .Values.global.tag | quote }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/short-name: {{ include "backend.name" . }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "backend.selectorLabels" -}} +app.kubernetes.io/name: {{ include "backend.fullname" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + + diff --git a/charts/quickstart-openshift/templates/backend/templates/deployment.yaml b/charts/quickstart-openshift/templates/backend/templates/deployment.yaml new file mode 100644 index 000000000..41faa70dd --- /dev/null +++ b/charts/quickstart-openshift/templates/backend/templates/deployment.yaml @@ -0,0 +1,119 @@ +{{- if .Values.backend.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "backend.fullname" . }} + labels: + {{- include "backend.labels" . | nindent 4 }} +spec: + strategy: + type: {{ .Values.backend.deploymentStrategy }} + {{- if not .Values.backend.autoscaling.enabled }} + replicas: {{ .Values.backend.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "backend.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + prometheus.io/scrape: 'true' + prometheus.io/port: '3000' + prometheus.io/path: '/api/metrics' + labels: + {{- include "backend.selectorLabels" . | nindent 8 }} + spec: + {{- if .Values.backend.podSecurityContext }} + securityContext: + {{- toYaml .Values.backend.podSecurityContext | nindent 12 }} + {{- end }} + initContainers: + - name: {{ include "backend.fullname" . }}-init + image: "{{.Values.global.registry}}/{{.Values.global.repository}}/migrations:{{ .Values.global.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ default "IfNotPresent" .Values.backend.imagePullPolicy }} + envFrom: + - secretRef: + name: {{.Release.Name}} + env: + - name: FLYWAY_BASELINE_ON_MIGRATE + value: "true" + - name: FLYWAY_DEFAULT_SCHEMA + value: "USERS" + - name: FLYWAY_CONNECT_RETRIES + value: "10" + resources: + limits: + cpu: 500m + memory: 250Mi + requests: + cpu: 200m + memory: 150Mi + containers: + - name: {{ include "backend.fullname" . }} + {{- if .Values.backend.securityContext }} + securityContext: + {{- toYaml .Values.backend.securityContext | nindent 12 }} + {{- end }} + image: "{{.Values.global.registry}}/{{.Values.global.repository}}/backend:{{ .Values.global.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ default "IfNotPresent" .Values.backend.imagePullPolicy }} + envFrom: + - secretRef: + name: {{.Release.Name}} + env: + - name: LOG_LEVEL + value: info + ports: + - name: http + containerPort: {{ .Values.backend.service.targetPort }} + protocol: TCP + readinessProbe: + httpGet: + path: /api/health + port: http + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 2 + timeoutSeconds: 2 + successThreshold: 1 + failureThreshold: 30 + livenessProbe: + successThreshold: 1 + failureThreshold: 3 + httpGet: + path: /api/health + port: 3000 + scheme: HTTP + initialDelaySeconds: 15 + periodSeconds: 30 + timeoutSeconds: 5 + resources: # this is optional + limits: + cpu: 250m + memory: 250Mi + requests: + cpu: 100m + memory: 150Mi + {{- with .Values.backend.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.backend.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - {{ include "backend.fullname" . }} + - key: app.kubernetes.io/instance + operator: In + values: + - {{ .Release.Name }} + topologyKey: "kubernetes.io/hostname" + +{{- end }} diff --git a/charts/quickstart-openshift/templates/backend/templates/hpa.yaml b/charts/quickstart-openshift/templates/backend/templates/hpa.yaml new file mode 100644 index 000000000..d22860931 --- /dev/null +++ b/charts/quickstart-openshift/templates/backend/templates/hpa.yaml @@ -0,0 +1,55 @@ +{{- if .Values.global.autoscaling }} +{{- if and .Values.backend.autoscaling .Values.backend.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "backend.fullname" . }} + labels: + {{- include "backend.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "backend.fullname" . }} + minReplicas: {{ .Values.backend.autoscaling.minReplicas }} + maxReplicas: {{ .Values.backend.autoscaling.maxReplicas }} + behavior: + scaleDown: + stabilizationWindowSeconds: 300 + policies: + - type: Percent + value: 10 + periodSeconds: 60 + - type: Pods + value: 2 + periodSeconds: 60 + selectPolicy: Min + scaleUp: + stabilizationWindowSeconds: 0 + policies: + - type: Percent + value: 100 + periodSeconds: 30 + - type: Pods + value: 2 + periodSeconds: 30 + selectPolicy: Max + metrics: + {{- if .Values.backend.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.backend.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.backend.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.backend.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/quickstart-openshift/templates/backend/templates/pdb.yaml b/charts/quickstart-openshift/templates/backend/templates/pdb.yaml new file mode 100644 index 000000000..142e583d1 --- /dev/null +++ b/charts/quickstart-openshift/templates/backend/templates/pdb.yaml @@ -0,0 +1,14 @@ +{{- if and .Values.backend.pdb .Values.backend.pdb.enabled }} +--- +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ include "backend.fullname" . }} + labels: + {{- include "backend.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "backend.fullname" . }} + minAvailable: {{ .Values.backend.pdb.minAvailable }} +{{- end }} diff --git a/charts/quickstart-openshift/templates/backend/templates/service.yaml b/charts/quickstart-openshift/templates/backend/templates/service.yaml new file mode 100644 index 000000000..2ea12d8fb --- /dev/null +++ b/charts/quickstart-openshift/templates/backend/templates/service.yaml @@ -0,0 +1,18 @@ +{{- if .Values.backend.enabled }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "backend.fullname" . }} + labels: + {{- include "backend.labels" . | nindent 4 }} +spec: + type: {{ .Values.backend.service.type }} + ports: + - port: {{ .Values.backend.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "backend.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/charts/quickstart-openshift/templates/frontend/templates/_helpers.tpl b/charts/quickstart-openshift/templates/frontend/templates/_helpers.tpl new file mode 100644 index 000000000..853ad31e6 --- /dev/null +++ b/charts/quickstart-openshift/templates/frontend/templates/_helpers.tpl @@ -0,0 +1,51 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "frontend.name" -}} +{{- printf "frontend" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "frontend.fullname" -}} +{{- $componentName := include "frontend.name" . }} +{{- if .Values.frontend.fullnameOverride }} +{{- .Values.frontend.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $componentName | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "frontend.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "frontend.labels" -}} +helm.sh/chart: {{ include "frontend.chart" . }} +{{ include "frontend.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/image-version: {{ .Values.global.tag | quote }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/short-name: {{ include "frontend.name" . }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "frontend.selectorLabels" -}} +app.kubernetes.io/name: {{ include "frontend.fullname" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + + diff --git a/charts/quickstart-openshift/templates/frontend/templates/deployment.yaml b/charts/quickstart-openshift/templates/frontend/templates/deployment.yaml new file mode 100644 index 000000000..dfe4c029b --- /dev/null +++ b/charts/quickstart-openshift/templates/frontend/templates/deployment.yaml @@ -0,0 +1,89 @@ +{{- if .Values.frontend.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "frontend.fullname" . }} + labels: + {{- include "frontend.labels" . | nindent 4 }} +spec: + strategy: + type: {{ .Values.frontend.deploymentStrategy }} + {{- if not .Values.frontend.autoscaling.enabled }} + replicas: {{ .Values.frontend.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "frontend.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + prometheus.io/scrape: 'true' + prometheus.io/port: '3003' + prometheus.io/path: '/metrics' + labels: + {{- include "frontend.selectorLabels" . | nindent 8 }} + spec: + {{- if .Values.frontend.podSecurityContext }} + securityContext: + {{- toYaml .Values.frontend.podSecurityContext | nindent 12 }} + {{- end }} + containers: + - name: {{ include "frontend.fullname" . }} + securityContext: + capabilities: + add: [ "NET_BIND_SERVICE" ] + image: "{{.Values.global.registry}}/{{.Values.global.repository}}/frontend:{{ .Values.global.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ default "IfNotPresent" .Values.frontend.imagePullPolicy }} + env: + - name: BACKEND_URL + value: "http://{{ .Release.Name }}-backend" + - name: LOG_LEVEL + value: "info" + ports: + - name: http + containerPort: 3000 + protocol: TCP + readinessProbe: + httpGet: + path: /health + port: 3001 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 2 + timeoutSeconds: 2 + successThreshold: 1 + failureThreshold: 30 + #-- the liveness probe for the container. it is optional and is an object. for default values check this link: https://github.com/bcgov/helm-service/blob/main/charts/component/templates/deployment.yaml#L324-L328 + livenessProbe: + successThreshold: 1 + failureThreshold: 3 + httpGet: + path: /health + port: 3001 + scheme: HTTP + initialDelaySeconds: 15 + periodSeconds: 30 + timeoutSeconds: 5 + resources: + limits: + cpu: 100m + memory: 150Mi + requests: + cpu: 30m + memory: 50Mi + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - {{ include "frontend.fullname" . }} + - key: app.kubernetes.io/instance + operator: In + values: + - {{ .Release.Name }} + topologyKey: "kubernetes.io/hostname" + +{{- end }} diff --git a/charts/quickstart-openshift/templates/frontend/templates/hpa.yaml b/charts/quickstart-openshift/templates/frontend/templates/hpa.yaml new file mode 100644 index 000000000..94191d14a --- /dev/null +++ b/charts/quickstart-openshift/templates/frontend/templates/hpa.yaml @@ -0,0 +1,55 @@ +{{- if .Values.global.autoscaling }} +{{- if and .Values.frontend.autoscaling .Values.frontend.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "frontend.fullname" . }} + labels: + {{- include "frontend.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "frontend.fullname" . }} + minReplicas: {{ .Values.frontend.autoscaling.minReplicas }} + maxReplicas: {{ .Values.frontend.autoscaling.maxReplicas }} + behavior: + scaleDown: + stabilizationWindowSeconds: 300 + policies: + - type: Percent + value: 10 + periodSeconds: 60 + - type: Pods + value: 2 + periodSeconds: 60 + selectPolicy: Min + scaleUp: + stabilizationWindowSeconds: 0 + policies: + - type: Percent + value: 100 + periodSeconds: 30 + - type: Pods + value: 2 + periodSeconds: 30 + selectPolicy: Max + metrics: + {{- if .Values.frontend.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.frontend.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.frontend.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.frontend.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/quickstart-openshift/templates/frontend/templates/pdb.yaml b/charts/quickstart-openshift/templates/frontend/templates/pdb.yaml new file mode 100644 index 000000000..cfdf97841 --- /dev/null +++ b/charts/quickstart-openshift/templates/frontend/templates/pdb.yaml @@ -0,0 +1,13 @@ +{{- if and .Values.frontend.pdb .Values.frontend.pdb.enabled }} +--- +apiVersion: policy/v1 +metadata: + name: {{ include "frontend.fullname" . }} + labels: + {{- include "frontend.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "frontend.fullname" . }} + minAvailable: {{ .Values.frontend.pdb.minAvailable }} +{{- end }} diff --git a/charts/quickstart-openshift/templates/frontend/templates/route.yaml b/charts/quickstart-openshift/templates/frontend/templates/route.yaml new file mode 100644 index 000000000..5675a8157 --- /dev/null +++ b/charts/quickstart-openshift/templates/frontend/templates/route.yaml @@ -0,0 +1,20 @@ +{{- if .Values.frontend.enabled }} +--- +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + labels: + {{- include "frontend.labels" . | nindent 4 }} + name: {{ include "frontend.fullname" . }} +spec: + host: {{ include "frontend.fullname" . }}.{{ .Values.global.domain }} + port: + targetPort: http + to: + kind: Service + name: {{ include "frontend.fullname" . }} + weight: 100 + tls: + termination: edge + insecureEdgeTerminationPolicy: Redirect +{{- end }} diff --git a/charts/quickstart-openshift/templates/frontend/templates/service.yaml b/charts/quickstart-openshift/templates/frontend/templates/service.yaml new file mode 100644 index 000000000..4ba07f696 --- /dev/null +++ b/charts/quickstart-openshift/templates/frontend/templates/service.yaml @@ -0,0 +1,25 @@ +{{- if .Values.frontend.enabled }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "frontend.fullname" . }} + labels: + {{- include "frontend.labels" . | nindent 4 }} +spec: + type: {{ .Values.frontend.service.type }} + ports: + - name: http + #-- the port for the service. the service will be accessible on this port within the namespace. + port: 80 + #-- the container port where the application is listening on + targetPort: 3000 + #-- the protocol for the port. it can be TCP or UDP. TCP is the default and is recommended. + protocol: TCP + - port: 3003 + targetPort: 3003 + protocol: TCP + name: metrics + selector: + {{- include "frontend.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/charts/quickstart-openshift/templates/secret.yaml b/charts/quickstart-openshift/templates/secret.yaml index 679adc799..ad8ff9fc9 100644 --- a/charts/quickstart-openshift/templates/secret.yaml +++ b/charts/quickstart-openshift/templates/secret.yaml @@ -7,6 +7,7 @@ {{- $databasePassword = (get $secretData "databasePassword") | default ($databasePassword | b64enc) }} {{- $databaseName := .Values.global.secrets.databaseName| default "quickstart" }} {{- $host := printf "%s-%s:5432" .Release.Name .Values.global.databaseAlias }} +{{- $hostWithoutPort := printf "%s-%s" .Release.Name .Values.global.databaseAlias }} {{- $databaseURL := printf "postgresql://%s:%s@%s/%s" $databaseUser (b64dec $databasePassword) $host $databaseName }} {{- $databaseJDBCURL := printf "jdbc:postgresql://%s:%s@%s/%s" $databaseUser (b64dec $databasePassword) $host $databaseName }} {{- $databaseJDBCURLNoCreds := printf "jdbc:postgresql://%s/%s" $host $databaseName }} @@ -25,4 +26,12 @@ data: databaseURL: {{ $databaseURL | b64enc | quote }} databaseJDBCURL: {{ $databaseJDBCURL | b64enc | quote }} databaseJDBCURLNoCreds: {{ $databaseJDBCURLNoCreds | b64enc | quote }} + FLYWAY_URL: {{ $databaseJDBCURLNoCreds | b64enc | quote }} + FLYWAY_USER: {{ $databaseUser | b64enc | quote }} + FLYWAY_PASSWORD: {{ $databasePassword | quote }} + POSTGRES_PASSWORD: {{ $databasePassword | quote }} + POSTGRES_USER: {{ $databaseUser | b64enc | quote }} + POSTGRES_DATABASE: {{ $databaseName | b64enc | quote }} + POSTGRES_HOST: {{ $hostWithoutPort | b64enc | quote }} + {{- end }} diff --git a/charts/quickstart-openshift/values.yaml b/charts/quickstart-openshift/values.yaml index 49c861eae..c03a62b44 100644 --- a/charts/quickstart-openshift/values.yaml +++ b/charts/quickstart-openshift/values.yaml @@ -3,9 +3,9 @@ #-- global variables, can be accessed by sub-charts. global: #-- the registry where the images are stored. override during runtime for other registry at global level or individual level. - repository: + repository: ~ # provide the repo name from where images will be sourced for example bcgo #-- the registry where the images are stored. override during runtime for other registry at global level or individual level. default is ghcr.io - registry: ghcr.io + registry: ghcr.io # ghcr.io for directly streaming from github container registry or "artifacts.developer.gov.bc.ca/github-docker-remote" for artifactory, or any other registry. #-- the tag of the image, it can be latest, 1.0.0 etc..., or the sha256 hash tag: ~ #-- turn off autoscaling for the entire suite by setting this to false. default is true. @@ -19,125 +19,15 @@ global: annotation: helm.sh/policy: "keep" #-- domain of the application, it is required, apps.silver.devops.gov.bc.ca for silver cluster and apps.devops.gov.bc.ca for gold cluster - domain: "apps.silver.devops.gov.bc.ca" - #-- the image registry of OpenShift. It is used in conjunction with ImageStreams which is a OpenShift specific resource. - openshiftImageRegistry: "image-registry.openshift-image-registry.svc:5000" + domain: "apps.silver.devops.gov.bc.ca" # it is apps.gold.devops.gov.bc.ca for gold cluster #-- the database Alias gives a nice way to switch to different databases, crunchy, patroni ... etc. - databaseAlias: bitnami-pg # this is the alias for bitnami postgres, change it based on db type(crunchy,patroni...) and alias used in the chart. - #-- extra annotations for the pod, it is optional and is an object. - podAnnotations: | - app.kubernetes.io/timestamp: {{now | toString }} - imagestreams: - enabled: true + databaseAlias: bitnami-pg #-- the components of the application, backend. backend: - #-- enable or disable a component deployment. + #-- enable or disable backend enabled: true - #-- can be either a statefulSet or a deployment not both. TBD (StatefulSet) - deployment: # can be either a statefulSet or a deployment not both - enabled: true #-- the deployment strategy, can be "Recreate" or "RollingUpdate" - deploymentStrategy: - type: Recreate - #-- containers specific to the component. one or many containers can be defined. - containers: - #-- name of the container. - - name: backend - #-- the registry where the image is stored. override during runtime for other registry at global level or individual level. - registry: '{{ .Values.global.registry }}' - #-- the repository where the image is stored. override during runtime for other repository at global level or individual level. - repository: '{{ .Values.global.repository }}' - #-- the exact component name, in this case backend. - image: backend - #-- the tag of the image, it can be latest, 1.0.0 etc..., or the sha256 hash - tag: '{{ .Values.global.tag }}' - #-- environment variables for the container. it is optional and is an object. - env: - #-- the environment variables from global secrets, the secret name is auto deciphered from the release name. - fromGlobalSecret: - - name: POSTGRES_PASSWORD - key: password - - name: POSTGRES_USER - key: databaseUser - - name: POSTGRES_DATABASE - key: databaseName - #-- the environment variables from values, these are interpolated during runtime and can contain tpl. - fromValues: - - name: POSTGRES_HOST - value: '{{ .Release.Name }}-{{.Values.global.databaseAlias}}' - #-- the ports for the container. it is optional and is an array of objects. - ports: - - name: http - containerPort: 3000 - protocol: TCP - #-- the resources for the container. it is optional and is an object. for default values check this link: https://github.com/bcgov/helm-service/blob/main/charts/component/templates/deployment.yaml#L298-L304 - resources: # this is optional - limits: - cpu: 250m - memory: 250Mi - requests: - cpu: 100m - memory: 150Mi - #-- the readiness probe for the container. it is optional and is an object. for default values check this link: https://github.com/bcgov/helm-service/blob/main/charts/component/templates/deployment.yaml#L312-L316 - readinessProbe: - httpGet: - path: /api/health - port: 3000 - scheme: HTTP - initialDelaySeconds: 5 - periodSeconds: 2 - timeoutSeconds: 2 - successThreshold: 1 - failureThreshold: 30 - #-- the liveness probe for the container. it is optional and is an object. for default values check this link: https://github.com/bcgov/helm-service/blob/main/charts/component/templates/deployment.yaml#L324-L328 - livenessProbe: - successThreshold: 1 - failureThreshold: 3 - httpGet: - path: /api/health - port: 3000 - scheme: HTTP - initialDelaySeconds: 15 - periodSeconds: 30 - timeoutSeconds: 5 - #-- init containers specific to the component. one or many containers can be defined. - initContainers: - #-- name of the container. - - name: database-migrations - #-- the registry where the image is stored. override during runtime for other registry at global level or individual level. - registry: '{{ .Values.global.registry }}' - #-- the repository where the image is stored. override during runtime for other repository at global level or individual level. - repository: '{{ .Values.global.repository }}' # example, it includes registry and repository - #-- the exact image name, in this case migrations - image: migrations - #-- the tag of the image, it can be latest, 1.0.0 etc..., or the sha256 hash - tag: '{{ .Values.global.tag }}' - #-- the security context for the container. it is optional and is an object. - env: - #-- the environment variables from global secrets, the secret name is auto deciphered from the release name. - fromGlobalSecret: - - name: FLYWAY_PASSWORD - key: databasePassword - - name: FLYWAY_URL - key: databaseJDBCURLNoCreds - - name: FLYWAY_USER - key: databaseUser - #-- the environment variables from values, these are interpolated during runtime and can contain tpl. - fromValues: - - name: FLYWAY_BASELINE_ON_MIGRATE - value: "true" - - name: FLYWAY_DEFAULT_SCHEMA - value: "USERS" - - name: FLYWAY_CONNECT_RETRIES - value: "30" - #-- the resources for the container. it is optional and is an object. for default values check this link: - resources: - limits: - cpu: 500m - memory: 250Mi - requests: - cpu: 200m - memory: 150Mi + deploymentStrategy: Recreate #-- autoscaling for the component. it is optional and is an object. autoscaling: #-- enable or disable autoscaling. @@ -148,28 +38,6 @@ backend: maxReplicas: 7 #-- the target cpu utilization percentage, is from request cpu and NOT LIMIT CPU. targetCPUUtilizationPercentage: 80 - #-- the behavior for the autoscaling. it is optional and is an object. - behavior: - scaleDown: - stabilizationWindowSeconds: 300 - policies: - - type: Percent - value: 10 - periodSeconds: 60 - - type: Pods - value: 2 - periodSeconds: 60 - selectPolicy: Min - scaleUp: - stabilizationWindowSeconds: 0 - policies: - - type: Percent - value: 100 - periodSeconds: 30 - - type: Pods - value: 2 - periodSeconds: 30 - selectPolicy: Max #-- vault, for injecting secrets from vault. it is optional and is an object. it creates an initContainer which reads from vault and app container can source those secrets. for referring to a working example with vault follow this link: https://github.com/bcgov/onroutebc/blob/main/charts/onroutebc/values.yaml#L171-L186 vault: #-- enable or disable vault. @@ -194,130 +62,20 @@ backend: memory: 25Mi #-- the service for the component. for inter namespace communication, use the service name as the hostname. service: - #-- enable or disable the service. - enabled: true #-- the type of the service. it can be ClusterIP, NodePort, LoadBalancer, ExternalName. ClusterIP is the default and is recommended. type: ClusterIP - #-- the ports for the service. - ports: - #-- the name for the port. - - name: http - #-- the port for the service. the service will be accessible on this port within the namespace. - port: 80 - #-- the container port where the application is listening on. - targetPort: 3000 - protocol: TCP - nodeSelector: { } - tolerations: [ ] - affinity: { } - podAnnotations: | - prometheus.io/scrape: 'true' - prometheus.io/port: '3000' - prometheus.io/path: '/api/metrics' + port: 80 # this is the service port, where it will be exposed internal to the namespace. + targetPort: 3000 # this is container port where app listens on + pdb: + enabled: false # enable it in PRODUCTION for having pod disruption budget. + minAvailable: 1 # the minimum number of pods that must be available during the disruption budget. + frontend: # -- enable or disable a component deployment. enabled: true - # -- can be either a statefulSet or a deployment not both. TBD (StatefulSet) - deployment: # can be either a statefulSet or a deployment not both - enabled: true # -- the deployment strategy, can be "Recreate" or "RollingUpdate" - deploymentStrategy: - type: Recreate - # -- the configmap specific to the component. - configmap: - # -- enable or disable the configmap. - enabled: true - # -- dat contains key value pairs for the configmap. can contain multiple files. value can be piped as string. - data: - #-- sample to create a config.js object. - config.js: |- - const envConfig = (() => { - return { - "VITE_DEPLOY_ENVIRONMENT":"{{ .Release.Name }}-{{ .Release.Namespace }}" - }; - })(); - #-- sample to create a config.prod.js object. - config.prod.js: |- - const envConfig = (() => { - return { - "VITE_DEPLOY_ENVIRONMENT":"static" - }; - })(); - # -- the containers specific to the component. one or many containers can be defined. - containers: - #-- name of the container. - - name: frontend - #-- the registry where the image is stored. override during runtime for other registry at global level or individual level. - registry: '{{ .Values.global.registry }}' - #-- the repository where the image is stored. override during runtime for other repository at global level or individual level. - repository: '{{ .Values.global.repository }}' # example, it includes registry and repository - #-- the exact component name, in this case frontend. - image: frontend - #-- the tag of the image, it can be latest, 1.0.0 etc..., or the sha256 hash - tag: '{{ .Values.global.tag }}' - #-- the security context for the container. it is optional and is an object. - securityContext: - capabilities: - add: [ "NET_BIND_SERVICE" ] - #-- the environment variables for the container. it is optional and is an object. - env: - #-- the environment variables from values, these are interpolated during runtime and can contain tpl. - fromValues: - - name: BACKEND_URL - value: "http://{{ .Release.Name }}-backend" - - name: LOG_LEVEL - value: "info" - #-- the environment variables from local configmap(configmap associated to the component), these are interpolated during runtime and can contain tpl. - fromLocalConfigmap: - - name: frontend-configmap - key: config.js - - name: frontend-prod-configmap - key: config.prod.js - #-- the ports for the container. it is optional and is an array of objects. - ports: - - name: http - containerPort: 3000 - protocol: TCP - - name: http2 - containerPort: 3001 - protocol: TCP - - name: metrics - containerPort: 3003 - protocol: TCP - #-- the resources for the container. it is optional and is an object. for default values check this link: https://github.com/bcgov/helm-service/blob/main/charts/component/templates/deployment.yaml#L298-L304 - resources: - limits: - cpu: 100m - memory: 150Mi - requests: - cpu: 30m - memory: 50Mi - #-- the readiness probe for the container. it is optional and is an object. for default values check this link: https://github.com/bcgov/helm-service/blob/main/charts/component/templates/deployment.yaml#L312-L316 - readinessProbe: - httpGet: - path: /health - port: 3001 - scheme: HTTP - initialDelaySeconds: 5 - periodSeconds: 2 - timeoutSeconds: 2 - successThreshold: 1 - failureThreshold: 30 - #-- the liveness probe for the container. it is optional and is an object. for default values check this link: https://github.com/bcgov/helm-service/blob/main/charts/component/templates/deployment.yaml#L324-L328 - livenessProbe: - successThreshold: 1 - failureThreshold: 3 - httpGet: - path: /health - port: 3001 - scheme: HTTP - initialDelaySeconds: 15 - periodSeconds: 30 - timeoutSeconds: 5 - podAnnotations: | - prometheus.io/scrape: 'true' - prometheus.io/port: '3003' - prometheus.io/path: '/metrics' + deploymentStrategy: Recreate + #-- autoscaling for the component. it is optional and is an object. autoscaling: #-- enable or disable autoscaling. @@ -328,28 +86,6 @@ frontend: maxReplicas: 7 #-- the target cpu utilization percentage, is from request cpu and NOT LIMIT CPU. targetCPUUtilizationPercentage: 80 - #-- the behavior for the autoscaling. it is optional and is an object. - behavior: - scaleDown: - stabilizationWindowSeconds: 300 - policies: - - type: Percent - value: 10 - periodSeconds: 60 - - type: Pods - value: 2 - periodSeconds: 60 - selectPolicy: Min - scaleUp: - stabilizationWindowSeconds: 0 - policies: - - type: Percent - value: 100 - periodSeconds: 30 - - type: Pods - value: 2 - periodSeconds: 30 - selectPolicy: Max #-- the service for the component. for inter namespace communication, use the service name as the hostname. service: #-- enable or disable the service.