[Draft] First prototype of Application Quality Pipeline

.gitignore

@@ -1 +1,15 @@
-venv/
+venv/
+
+# python cache
+__pycache__
+
+# Backend files and folders
+
+# Old fixtures
+**/fixtures/2024-11-0*.json
+**/fixtures/2024-11-1*.json
+
+# Frontend files and folders
+build
+dist
+node_modules

application-quality-reference-deployment/Chart.yaml

@@ -0,0 +1,37 @@
+apiVersion: v2
+name: application-quality-reference-deployment
+description: A reference deployment of the Application Quality BB (including OpenSearch and SonarQube)
+
+icon: https://upload.wikimedia.org/wikipedia/commons/3/3b/PlaceholderRoss.png
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "0.1.0"
+
+dependencies:
+- name: opensearch
+  version: "2.27.0"
+  repository: "https://opensearch-project.github.io/helm-charts/"
+- name: opensearch-dashboards
+  version: "2.25.0"
+  repository: "https://opensearch-project.github.io/helm-charts/"
+- name: application-quality
+  version: "0.1.0"
+  repository: "file://../helm"

application-quality-reference-deployment/README.md

@@ -0,0 +1,4 @@
+# Helm chart for reference deployment
+
+This is a deployment of the Application Quality BB, including an OpenSearch deployment.
+This leads to a fully functional setup.

application-quality-reference-deployment/templates/_helpers.tpl

@@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "application-quality-reference-deployment.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "application-quality-reference-deployment.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "application-quality-reference-deployment.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "application-quality-reference-deployment.labels" -}}
+helm.sh/chart: {{ include "application-quality-reference-deployment.chart" . }}
+{{ include "application-quality-reference-deployment.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "application-quality-reference-deployment.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "application-quality-reference-deployment.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "application-quality-reference-deployment.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "application-quality-reference-deployment.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}

application-quality-reference-deployment/templates/opensearch-admin-certificate.yaml

@@ -0,0 +1,22 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: opensearch-admin-certificate
+  labels:
+    app.kubernetes.io/component: "opensearch"
+    {{- include "application-quality-reference-deployment.labels" . | nindent 4 }}
+spec:
+  secretName: opensearch-admin-certificate
+  isCA: false
+  usages:
+    - digital signature
+    - key encipherment
+    - server auth
+    - client auth
+  commonName: opensearch-admin
+  issuerRef:
+    {{- toYaml .Values.global.defaultInternalIssuerRef | nindent 4 }}
+  privateKey:
+    algorithm: RSA
+    encoding: PKCS8
+    size: 2048

application-quality-reference-deployment/templates/opensearch-dashboards-client-certificate.yaml

@@ -0,0 +1,25 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: opensearch-dashboards-client-certificate
+  labels:
+    app.kubernetes.io/component: "opensearch-dashboards"
+    {{- include "application-quality-reference-deployment.labels" . | nindent 4 }}
+spec:
+  secretName: opensearch-dashboards-client-certificate
+  isCA: false
+  usages:
+    - digital signature
+    - key encipherment
+    - server auth
+    - client auth
+  commonName: dashboards-client
+  #dnsNames:
+  #  - "application-quality-dashboards.{{ .Release.Namespace }}.{{ .Values.global.internalDomain }}"
+  #  - "application-quality-dashboards"
+  issuerRef:
+    {{- toYaml .Values.global.defaultInternalIssuerRef | nindent 4 }}
+  privateKey:
+    algorithm: RSA
+    encoding: PKCS8
+    size: 2048

application-quality-reference-deployment/templates/opensearch-dashboards-tls-certificate.yaml

@@ -0,0 +1,25 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: opensearch-dashboards-tls-certificate
+  labels:
+    app.kubernetes.io/component: "opensearch-dashboards"
+    {{- include "application-quality-reference-deployment.labels" . | nindent 4 }}
+spec:
+  secretName: opensearch-dashboards-tls-certificate
+  isCA: false
+  usages:
+    - digital signature
+    - key encipherment
+    - server auth
+    - client auth
+  commonName: application-quality-opensearch-dashboards
+  dnsNames:
+    - "application-quality-opensearch-dashboards.{{ .Release.Namespace }}.{{ .Values.global.internalDomain }}"
+    - "application-quality-opensearch-dashboards"
+  issuerRef:
+    {{- toYaml .Values.global.defaultInternalIssuerRef | nindent 4 }}
+  privateKey:
+    algorithm: RSA
+    encoding: PKCS8
+    size: 2048

application-quality-reference-deployment/templates/opensearch-tls-certificate.yaml

@@ -0,0 +1,27 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: opensearch-tls-certificate
+  labels:
+    app.kubernetes.io/component: "opensearch"
+    {{- include "application-quality-reference-deployment.labels" . | nindent 4 }}
+spec:
+  secretName: opensearch-tls-certificate
+  isCA: false
+  usages:
+    - digital signature
+    - key encipherment
+    - server auth
+    - client auth
+  commonName: application-quality-opensearch-node
+  dnsNames:
+    - "opensearch-cluster-master-headless.{{ .Release.Namespace }}.{{ .Values.global.internalDomain }}"
+    - "opensearch-cluster-master.{{ .Release.Namespace }}.{{ .Values.global.internalDomain }}"
+    - "opensearch-cluster-master-headless"
+    - "opensearch-cluster-master"
+  issuerRef:
+    {{- toYaml .Values.global.defaultInternalIssuerRef | nindent 4 }}
+  privateKey:
+    algorithm: RSA
+    encoding: PKCS8
+    size: 2048