build(repo): Update charts for production (#382)

* build(repo): Update charts for production * ci(repo): Enable helm tests again
FuelLabs · Jan 21, 2025 · afde4ad · afde4ad
1 parent 7bc35c3
commit afde4ad
Show file tree

Hide file tree

Showing 21 changed files with 950 additions and 917 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -187,24 +187,24 @@ jobs:
       - name: Install dependencies
         run: cargo fetch
 
-  # test-helm:
-  #   needs: install-deps
-  #   name: Test Helm
-  #   runs-on: ubuntu-latest
-  #   steps:
-  #     - uses: actions/checkout@v4
-  #     - name: Set up Helm
-  #       uses: azure/setup-helm@v4
-  #       with:
-  #         version: "latest"
-
-  #     - name: Install helm unittest plugin
-  #       run: |
-  #         helm plugin install https://github.com/helm-unittest/helm-unittest.git
-
-  #     - name: Run Helm unit tests
-  #       run: |
-  #         make helm-test
+  test-helm:
+    needs: install-deps
+    name: Test Helm
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Helm
+        uses: azure/setup-helm@v4
+        with:
+          version: "latest"
+
+      - name: Install helm unittest plugin
+        run: |
+          helm plugin install https://github.com/helm-unittest/helm-unittest.git
+
+      - name: Run Helm unit tests
+        run: |
+          make helm-test
 
   test:
     needs: install-deps

diff --git a/cluster/charts/fuel-streams/Chart.lock b/cluster/charts/fuel-streams/Chart.lock
@@ -1,9 +1,6 @@
 dependencies:
 - name: nats
   repository: https://nats-io.github.io/k8s/helm/charts/
-  version: 1.2.8
-- name: cockroachdb
-  repository: https://charts.cockroachdb.com/
-  version: 15.0.3
-digest: sha256:31915b4f840d27a1b3c42639e007e420b5fd4300b2038990746c9643e784a2c7
-generated: "2025-01-10T23:33:35.594199-03:00"
+  version: 1.2.9
+digest: sha256:68cbbb410fdf97d0cf025d1e9fc54dc16ad9f301927c93041629724b656c6815
+generated: "2025-01-21T15:08:31.514313-03:00"
diff --git a/cluster/charts/fuel-streams/Chart.yaml b/cluster/charts/fuel-streams/Chart.yaml
@@ -2,10 +2,10 @@ apiVersion: v2
 appVersion: "1.0"
 description: A Helm chart for Kubernetes
 name: fuel-streams
-version: 0.9.0
+version: 0.9.1
 dependencies:
   - name: nats
-    version: 1.2.8
+    version: 1.2.9
     repository: https://nats-io.github.io/k8s/helm/charts/
     alias: nats
     condition: nats.enabled
diff --git a/cluster/charts/fuel-streams/templates/_blocks.tpl b/cluster/charts/fuel-streams/templates/_blocks.tpl
@@ -1,3 +1,35 @@
+{{/*
+Configure nats accounts
+*/}}
+{{- define "nats-accounts" -}}
+data:
+  auth.conf: |
+    accounts {
+      SYS: {
+        users: [
+          {user: $NATS_SYSTEM_USER, password: $NATS_SYSTEM_PASS}
+        ]
+      }
+      ADMIN: {
+        jetstream: enabled
+        users: [
+          {user: $NATS_ADMIN_USER, password: $NATS_ADMIN_PASS}
+        ]
+      }
+    }
+{{- end }}
+
+{{- define "k8s.default-affinity" -}}
+podAntiAffinity:
+  preferredDuringSchedulingIgnoredDuringExecution:
+    - weight: 100
+      podAffinityTerm:
+        labelSelector:
+          matchLabels:
+            app.kubernetes.io/component: publisher
+        topologyKey: topology.kubernetes.io/zone
+{{- end }}
+
 {{/*
 Configure basic Kubernetes resource metadata fields.
 Parameters:
@@ -12,70 +44,141 @@ app: {{ .context.Chart.Name }}
 {{- end }}
 
 {{/*
-Configure pod security context settings by merging global and service-specific values.
+Configure resource header including replicas and selector labels
+*/}}
+{{- define "k8s.resource-metadata" -}}
+{{- $suffix := printf "-%s" .name -}}
+{{- $component := .component | default .name }}
+{{- include "k8s.metadata" (dict "context" .root "suffix" $suffix) }}
+labels:
+  {{- include "fuel-streams.labels" (dict "name" .name "context" .root) | nindent 2 }}
+  {{- include "set-value" (dict "root" .root "context" .context "path" "config.labels") | nindent 2 -}}
+  app.kubernetes.io/component: {{ $component }}
+{{- if not .noAnnotations -}}
+{{- include "set-field-and-value" (dict "root" .root "context" .context "field" "annotations" "path" "config.annotations") }}
+{{- end }}
+{{- end }}
+
+{{/*
+Configure resource annotations
+*/}}
+{{- define "k8s.resource-annotations" -}}
+{{- include "set-value" (dict "root" .root "context" .context "path" "config.annotations") }}
+{{- end }}
+
+{{/*
+Configure pod spec header including replicas and selector labels
 Parameters:
-  - context: Root context for accessing global values
-  - service: Service name for service-specific overrides
-Returns: Security context configuration for pod-level settings
-Example:
-  {{- include "k8s.security-context" (dict "context" . "service" "publisher") }}
+  - root: Root context object for fallback values
+  - context: Service-specific context object containing configuration
+  - name: Name of the service for selector labels
+Returns: YAML configuration for pod spec header
 */}}
-{{- define "k8s.security-context" -}}
-securityContext:
-  {{- include "merge" (dict "context" .context "service" .service "defaultKey" "securityContext" "path" "config.securityContext") | nindent 4 }}
+{{- define "k8s.pod-spec-common" -}}
+{{- if not .context.autoscaling.enabled }}
+replicas: {{ .context.config.replicaCount }}
+{{- end }}
+selector:
+  matchLabels:
+    {{- include "fuel-streams.selectorLabels" (dict "name" .name "context" .root) | nindent 4 }}
 {{- end }}
 
 {{/*
-Configure container security context settings by merging global and service-specific values.
+Configure pod template metadata including annotations and labels
 Parameters:
-  - context: Root context for accessing global values
-  - service: Service name for service-specific overrides
-Returns: Security context configuration for container-level settings
-Example:
-  {{- include "k8s.container-security-context" (dict "context" . "service" "publisher") }}
+  - root: Root context object for fallback values 
+  - context: Service-specific context object containing configuration
+  - name: Name of the service for labels
+Returns: YAML configuration for pod template metadata
 */}}
-{{- define "k8s.container-security-context" -}}
-securityContext:
-  {{- include "merge" (dict "context" .context "service" .service "defaultKey" "containerSecurityContext" "path" "config.containerSecurityContext") | nindent 4 }}
+{{- define "k8s.template-labels" -}}
+{{- $component := .component | default .name }}
+{{- include "fuel-streams.labels" (dict "name" .name "context" .root) }}
+{{- include "set-value" (dict "root" .root "context" .context "path" "config.labels") }}
+app.kubernetes.io/component: {{ $component }}
 {{- end }}
 
 {{/*
-Configure container probe settings by merging global and service-specific values.
+Configure pod template metadata including annotations and labels
 Parameters:
-  - context: Root context for accessing global values
-  - service: Service name for service-specific overrides
-Returns: Probe configurations for liveness, readiness, and startup
-Example:
-  {{- include "k8s.probes" (dict "context" . "service" "publisher") }}
+  - root: Root context object for fallback values 
+  - context: Service-specific context object containing configuration
+  - name: Name of the service for labels
+Returns: YAML configuration for pod template metadata
 */}}
-{{- define "k8s.probes" -}}
-{{- if .context.Values.config.healthChecks }}
-livenessProbe:
-  {{- include "merge" (dict "context" .context "service" .service "defaultKey" "livenessProbe" "path" "config.livenessProbe") | nindent 2 }}
-readinessProbe:
-  {{- include "merge" (dict "context" .context "service" .service "defaultKey" "readinessProbe" "path" "config.readinessProbe") | nindent 2 }}
-startupProbe:
-  {{- include "merge" (dict "context" .context "service" .service "defaultKey" "startupProbe" "path" "config.startupProbe") | nindent 2 }}
+{{- define "k8s.template-annotations" -}}
+{{- include "set-value" (dict "root" .root "context" .context "path" "config.podAnnotations") }}
 {{- end }}
+
+{{- define "k8s.template-metadata" -}}
+metadata:
+  {{- include "set-field-and-value" (dict "root" .root "context" .context "field" "annotations" "path" "config.podAnnotations") | nindent 4 }}
+  labels:
+    {{- include "k8s.template-labels" (dict "root" .root "context" .context) | nindent 4 }}
 {{- end }}
 
 {{/*
-Configure nats accounts
+Configure pod-level settings including security, scheduling and image pull configuration
+Parameters:
+  - root: Root context object for fallback values
+  - context: Service-specific context object containing configuration
+Returns: YAML configuration for pod-level settings
 */}}
-{{- define "nats-accounts" -}}
-data:
-  auth.conf: |
-    accounts {
-      SYS: {
-        users: [
-          {user: $NATS_SYSTEM_USER, password: $NATS_SYSTEM_PASS}
-        ]
-      }
-      ADMIN: {
-        jetstream: enabled
-        users: [
-          {user: $NATS_ADMIN_USER, password: $NATS_ADMIN_PASS}
-        ]
-      }
-    }
+{{- define "k8s.pod-config" -}}
+{{- if .root.Values.serviceAccount.create }}
+serviceAccountName: {{ include "fuel-streams.serviceAccountName" .root }}
+{{- end }}
+
+{{- include "set-field-and-value" (dict "root" .root "context" .context "field" "imagePullSecrets") }}
+{{- include "set-field-and-value" (dict "root" .root "context" .context "field" "nodeSelector") }}
+{{- include "set-field-and-value" (dict "root" .root "context" .context "field" "affinity") }}
+{{- include "set-field-and-value" (dict "root" .root "context" .context "field" "tolerations") }}
+{{- include "set-field-and-value" (dict "root" .root "context" .context "field" "securityContext" "path" "config.podSecurityContext") }}
+{{- end }}
+
+{{/*
+Configure container-level settings including resource requests, security context, and probes
+Parameters:
+  - root: Root context object for fallback values
+  - context: Service-specific context object containing configuration
+Returns: YAML configuration for container-level settings
+*/}}
+{{- define "k8s.container-config" -}}
+{{- include "set-field-and-value" (dict "root" .root "context" .context "field" "resources") }}
+{{- include "set-field-and-value" (dict "root" .root "context" .context "field" "securityContext" "path" "config.containerSecurityContext") }}
+
+{{- if .root.Values.config.healthChecks }}
+{{- include "set-field-and-value" (dict "root" .root "context" .context "field" "livenessProbe") }}
+{{- include "set-field-and-value" (dict "root" .root "context" .context "field" "readinessProbe") }}
+{{- include "set-field-and-value" (dict "root" .root "context" .context "field" "startupProbe") }}
+{{- end }}
+
+ports:
+  - name: server
+    containerPort: {{ .context.port }}
+    protocol: TCP
+  {{- with .context.ports }}
+  {{- toYaml . | nindent 2 }}
+  {{- end }}
+
+env:
+  {{- if .context.port }}
+  - name: PORT
+    value: {{ .context.port | quote }}
+  {{- end }}
+  {{- range $key, $value := .context.env }}
+  - name: {{ $key }}
+    value: {{ $value | quote }}
+  {{- end }}
+
+envFrom:
+- configMapRef:
+    name: {{ include "fuel-streams.fullname" .root }}-config
+    optional: true
+- secretRef:
+    name: {{ include "fuel-streams.fullname" .root }}-keys
+    optional: true
+{{- with .context.envFrom }}
+{{- toYaml . | nindent 0 }}
+{{- end }}
 {{- end }}