diff --git a/README.md b/README.md index fa887e3..f6cc6dc 100644 --- a/README.md +++ b/README.md @@ -1,2 +1 @@ # tracetest-cloud-charts - diff --git a/charts/tracetest-agent-operator/templates/configmap.yaml b/charts/tracetest-agent-operator/templates/configmap.yaml index efbe1bd..e9fc024 100644 --- a/charts/tracetest-agent-operator/templates/configmap.yaml +++ b/charts/tracetest-agent-operator/templates/configmap.yaml @@ -10,5 +10,4 @@ data: TRACETEST_TARGET_NAMESPACE: "{{ .Values.config.targetNamespace }}" TRACETEST_TARGET_SERVER: "{{ .Values.config.targetServer }}" TRACETEST_TARGET_DOMAIN: "{{ .Values.config.targetDomain }}" - TRACETEST_TRACING_COLLECTORENDPOINT: "collector-opentelemetry-collector.otel:4317" - # TRACETEST_TRACING_COLLECTORENDPOINT: "" + TRACETEST_TRACING_COLLECTORENDPOINT: "" diff --git a/charts/tracetest-agent-operator/templates/deployment.yaml b/charts/tracetest-agent-operator/templates/deployment.yaml index b9f9adb..8fa108c 100644 --- a/charts/tracetest-agent-operator/templates/deployment.yaml +++ b/charts/tracetest-agent-operator/templates/deployment.yaml @@ -62,3 +62,7 @@ spec: imagePullPolicy: Always resources: {{- toYaml .Values.deployment.resources | nindent 12 }} + {{- if $.Values.global.imagePullSecret }} + imagePullSecrets: + - name: {{ $.Values.global.imagePullSecret }} + {{- end }} \ No newline at end of file diff --git a/charts/tracetest-auth/.helmignore b/charts/tracetest-auth/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/tracetest-auth/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/tracetest-auth/config/keto/namespaces.keto.ts b/charts/tracetest-auth/config/keto/namespaces.keto.ts deleted file mode 100644 index f8d1a1b..0000000 --- a/charts/tracetest-auth/config/keto/namespaces.keto.ts +++ /dev/null @@ -1,59 +0,0 @@ -import { Namespace, SubjectSet } from "@ory/keto-namespace-types"; - -export class User implements Namespace {} -export class Token implements Namespace {} -export class Group implements Namespace { - related: { - member: (User | Group)[]; - }; -} - -export class EnvGroup implements Namespace { - related: { - member: (User | Token | Group)[]; - }; -} - -export class Organization implements Namespace { - related: { - view: Group[]; - edit: SubjectSet[]; - bill: SubjectSet[]; - agent: SubjectSet[]; - - invite: OrganizationInvite[]; - environments: Environment[]; - }; -} - -export class OrganizationInvite implements Namespace { - related: { - accept: User[]; - }; -} - -export class EnvironmentInvite implements Namespace { - related: { - accept: User[]; - }; -} - -// Environments -export class Environment implements Namespace { - related: { - view: SubjectSet[]; - // settings - edit: SubjectSet[]; - - // tests, test suites, test runs, test suites, variable sets etc. - configure: SubjectSet[]; - - agent: SubjectSet[]; - }; -} - -export class LocalEnvironment implements Namespace { - related: { - own: User[]; - }; -} diff --git a/charts/tracetest-auth/config/kratos/github.jsonnet b/charts/tracetest-auth/config/kratos/github.jsonnet deleted file mode 100644 index fc8d38f..0000000 --- a/charts/tracetest-auth/config/kratos/github.jsonnet +++ /dev/null @@ -1,17 +0,0 @@ -local claims = { - email_verified: false, -} + std.extVar('claims'); -{ - identity: { - traits: { - // Allowing unverified email addresses enables account - // enumeration attacks, especially if the value is used for - // e.g. verification or as a password login identifier. - // - // Therefore we only return the email if it (a) exists and (b) is marked verified - // by GitHub. - [if 'email' in claims && claims.email_verified then 'email' else null]: claims.email, - }, - }, -} - diff --git a/charts/tracetest-auth/config/kratos/google.jsonnet b/charts/tracetest-auth/config/kratos/google.jsonnet deleted file mode 100644 index 42843ee..0000000 --- a/charts/tracetest-auth/config/kratos/google.jsonnet +++ /dev/null @@ -1,14 +0,0 @@ -local claims = { - email_verified: true, -} + std.extVar('claims'); - -{ - identity: { - traits: { - [if 'email' in claims && claims.email_verified then 'email' else null]: claims.email, - name: { - first: claims.given_name, - }, - }, - }, -} \ No newline at end of file diff --git a/charts/tracetest-auth/config/kratos/identity.schema.json b/charts/tracetest-auth/config/kratos/identity.schema.json deleted file mode 100644 index b9a497d..0000000 --- a/charts/tracetest-auth/config/kratos/identity.schema.json +++ /dev/null @@ -1,53 +0,0 @@ -{ - "$id": "https://schemas.ory.sh/presets/kratos/quickstart/email-password/identity.schema.json", - "$schema": "http://json-schema.org/draft-07/schema#", - "title": "Person", - "type": "object", - "properties": { - "traits": { - "type": "object", - "properties": { - "email": { - "type": "string", - "format": "email", - "title": "E-Mail", - "minLength": 3, - "ory.sh/kratos": { - "credentials": { - "password": { - "identifier": true - } - }, - "verification": { - "via": "email" - }, - "recovery": { - "via": "email" - } - } - }, - "hubspot_id": { - "type": "string" - }, - "is_initialized": { - "type": "boolean" - }, - "name": { - "type": "object", - "properties": { - "first": { - "title": "First Name", - "type": "string" - }, - "last": { - "title": "Last Name", - "type": "string" - } - } - } - }, - "required": ["email"], - "additionalProperties": false - } - } -} diff --git a/charts/tracetest-auth/config/kratos/login.jsonnet b/charts/tracetest-auth/config/kratos/login.jsonnet deleted file mode 100644 index 64ca507..0000000 --- a/charts/tracetest-auth/config/kratos/login.jsonnet +++ /dev/null @@ -1,5 +0,0 @@ -function(ctx) { - userId: ctx.identity.id, - email: ctx.identity.traits.email, - name: '', -} diff --git a/charts/tracetest-auth/templates/_helpers.tpl b/charts/tracetest-auth/templates/_helpers.tpl index 016afd5..3de24dd 100644 --- a/charts/tracetest-auth/templates/_helpers.tpl +++ b/charts/tracetest-auth/templates/_helpers.tpl @@ -41,3 +41,22 @@ app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end }} app.kubernetes.io/managed-by: {{ .Release.Service }} {{- end }} + +{{/* +Selector labels +*/}} +{{- define "tracetest-auth.selectorLabels" -}} +app.kubernetes.io/name: {{ include "tracetest-auth.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "tracetest-auth.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "tracetest-auth.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/tracetest-auth/templates/configmap.yaml b/charts/tracetest-auth/templates/configmap.yaml index 7b42226..5ef67f8 100644 --- a/charts/tracetest-auth/templates/configmap.yaml +++ b/charts/tracetest-auth/templates/configmap.yaml @@ -3,7 +3,7 @@ kind: ConfigMap metadata: name: keto-custom-config labels: - {{- include "ory-kratos.labels" . | nindent 4 }} + {{- include "tracetest-auth.labels" . | nindent 4 }} data: {{- range $path, $bytes := .Files.Glob "config/keto/*" }} {{ base $path }}: |- @@ -15,11 +15,11 @@ data: apiVersion: v1 kind: ConfigMap metadata: - name: keto-custom-config + name: kratos-custom-config labels: - {{- include "ory-kratos.labels" . | nindent 4 }} + {{- include "tracetest-auth.labels" . | nindent 4 }} data: - {{- range $path, $bytes := .Files.Glob "config/kratos*" }} + {{- range $path, $bytes := .Files.Glob "config/kratos/*" }} {{ base $path }}: |- {{ $.Files.Get $path | nindent 4 }} {{- end }} diff --git a/charts/tracetest-cloud/templates/_helpers.tpl b/charts/tracetest-cloud/templates/_helpers.tpl index e024d00..9bf6574 100644 --- a/charts/tracetest-cloud/templates/_helpers.tpl +++ b/charts/tracetest-cloud/templates/_helpers.tpl @@ -64,6 +64,7 @@ app.kubernetes.io/managed-by: {{ .Release.Service }} Selector labels */}} {{- define "tracetest-cloud.selectorLabels" -}} +app.kubernetes.io/package: tracetest app.kubernetes.io/name: {{ include "tracetest-cloud.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} \ No newline at end of file diff --git a/charts/tracetest-cloud/templates/deployment.yaml b/charts/tracetest-cloud/templates/deployment.yaml index 4e286f4..3ed71c7 100644 --- a/charts/tracetest-cloud/templates/deployment.yaml +++ b/charts/tracetest-cloud/templates/deployment.yaml @@ -209,3 +209,7 @@ spec: httpGet: path: /health port: cloud-api-http + {{- if $.Values.global.imagePullSecret }} + imagePullSecrets: + - name: {{ $.Values.global.imagePullSecret }} + {{- end }} diff --git a/charts/tracetest-cloud/templates/ingressroute.yaml b/charts/tracetest-cloud/templates/ingressroute.yaml index f066f47..546319f 100644 --- a/charts/tracetest-cloud/templates/ingressroute.yaml +++ b/charts/tracetest-cloud/templates/ingressroute.yaml @@ -1,63 +1,63 @@ -# --- -# apiVersion: traefik.io/v1alpha1 -# kind: Middleware -# metadata: -# name: {{ include "tracetest-cloud.fullname" . }}-stripprefix -# spec: -# stripPrefix: -# prefixes: -# - /api -# --- -# apiVersion: traefik.io/v1alpha1 -# kind: IngressRoute -# metadata: -# name: {{ include "tracetest-cloud.fullname" . }} -# spec: -# entryPoints: -# - websecure -# routes: -# - kind: Rule -# match: Host(`{{ .Values.config.apiUrl }}`) -# middlewares: -# - name: {{ include "tracetest-cloud.fullname" . }}-stripprefix -# services: -# - kind: Service -# name: {{ include "tracetest-cloud.fullname" . }} -# passHostHeader: true -# port: cloud-api-http -# --- -# apiVersion: traefik.io/v1alpha1 -# kind: IngressRoute -# metadata: -# name: control-plane -# spec: -# entryPoints: -# - websecure -# routes: -# - kind: Rule -# match: Host(`{{ .Values.config.apiUrl }}`) && Headers(`Content-Type`, `application/grpc`) -# services: -# - kind: Service -# name: {{ include "tracetest-cloud.fullname" . }} -# passHostHeader: true -# port: control-plane -# scheme: h2c +--- +apiVersion: traefik.io/v1alpha1 +kind: Middleware +metadata: + name: {{ include "tracetest-cloud.fullname" . }}-stripprefix +spec: + stripPrefix: + prefixes: + - /api +--- +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: {{ include "tracetest-cloud.fullname" . }} +spec: + entryPoints: + - websecure + routes: + - kind: Rule + match: Host(`{{ .Values.config.apiUrl }}`) + middlewares: + - name: {{ include "tracetest-cloud.fullname" . }}-stripprefix + services: + - kind: Service + name: {{ include "tracetest-cloud.fullname" . }} + passHostHeader: true + port: cloud-api-http +--- +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: control-plane +spec: + entryPoints: + - websecure + routes: + - kind: Rule + match: Host(`{{ .Values.config.apiUrl }}`) && Headers(`Content-Type`, `application/grpc`) + services: + - kind: Service + name: {{ include "tracetest-cloud.fullname" . }} + passHostHeader: true + port: control-plane + scheme: h2c -# --- -# apiVersion: traefik.io/v1alpha1 -# kind: IngressRoute -# metadata: -# name: control-plane-custom-port -# spec: -# entryPoints: -# - controlplane -# routes: -# - kind: Rule -# match: Host(`{{ .Values.config.apiUrl }}`) -# services: -# - kind: Service -# name: {{ include "tracetest-cloud.fullname" . }} -# passHostHeader: true -# port: control-plane -# scheme: h2c +--- +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: control-plane-custom-port +spec: + entryPoints: + - controlplane + routes: + - kind: Rule + match: Host(`{{ .Values.config.apiUrl }}`) + services: + - kind: Service + name: {{ include "tracetest-cloud.fullname" . }} + passHostHeader: true + port: control-plane + scheme: h2c diff --git a/charts/tracetest-cloud/values.yaml b/charts/tracetest-cloud/values.yaml index c23b4c0..d2fd69a 100644 --- a/charts/tracetest-cloud/values.yaml +++ b/charts/tracetest-cloud/values.yaml @@ -1,3 +1,6 @@ +global: + imagePullSecret: "" + postgres: host: "postgres" user: "postgres" @@ -35,7 +38,7 @@ deployment: image: repository: ghcr.io/kubeshop/tracetest-cloud - tag: v1.0.0 + # tag: v1.2.0 config: webUIUrl: some-url diff --git a/charts/tracetest-core/templates/_helpers.tpl b/charts/tracetest-core/templates/_helpers.tpl index 343cc8d..146ef58 100644 --- a/charts/tracetest-core/templates/_helpers.tpl +++ b/charts/tracetest-core/templates/_helpers.tpl @@ -46,6 +46,7 @@ app.kubernetes.io/managed-by: {{ .Release.Service }} Selector labels */}} {{- define "tracetest-core.selectorLabels" -}} +app.kubernetes.io/package: tracetest app.kubernetes.io/name: {{ include "tracetest-core.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} diff --git a/charts/tracetest-core/templates/deployment.yaml b/charts/tracetest-core/templates/deployment.yaml index d5a3ab7..541fc77 100644 --- a/charts/tracetest-core/templates/deployment.yaml +++ b/charts/tracetest-core/templates/deployment.yaml @@ -13,10 +13,10 @@ spec: {{- include "tracetest-core.selectorLabels" $ | nindent 6 }} tracetest/component: {{ .name }} strategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 1 - maxSurge: 1 + type: RollingUpdate + rollingUpdate: + maxUnavailable: 1 + maxSurge: 1 template: metadata: annotations: @@ -25,6 +25,9 @@ spec: {{- include "tracetest-core.selectorLabels" $ | nindent 8 }} tracetest/component: {{ .name }} spec: + + imagePullSecrets: + - name: ghcr-credentials containers: - name: {{ $.Chart.Name }} image: "{{ $.Values.image.repository }}:{{ $.Values.image.tag | default $.Chart.AppVersion }}" @@ -96,6 +99,11 @@ spec: - name: config configMap: name: {{ include "tracetest-core.fullname" $ }} + {{- if $.Values.global.imagePullSecret }} + imagePullSecrets: + - name: {{ $.Values.global.imagePullSecret }} + {{- end }} + --- {{- end }} \ No newline at end of file diff --git a/charts/tracetest-core/values.yaml b/charts/tracetest-core/values.yaml index f6dfa11..c8e3a44 100644 --- a/charts/tracetest-core/values.yaml +++ b/charts/tracetest-core/values.yaml @@ -1,3 +1,7 @@ +global: + imagePullSecret: "" + replicasPerService: 1 + postgres: host: "" user: "" @@ -25,7 +29,6 @@ deployments: env: TRACETEST_SERVER_API_ENABLED: true TRACETEST_SERVER_WORKFLOW_ENABLED: false - replicaCount: 2 resources: limits: memory: 2048Mi @@ -38,7 +41,6 @@ deployments: TRACETEST_SERVER_WORKFLOW_ENABLED: true TRACETEST_SERVER_WORKFLOW_STEPS: trigger_resolver trigger_result - replicaCount: 2 resources: limits: memory: 2048Mi @@ -52,7 +54,6 @@ deployments: TRACETEST_SERVER_WORKFLOW_ENABLED: true TRACETEST_SERVER_WORKFLOW_STEPS: poll_start poll_evaluate - replicaCount: 2 resources: limits: memory: 2048Mi @@ -66,7 +67,6 @@ deployments: TRACETEST_SERVER_WORKFLOW_ENABLED: true TRACETEST_SERVER_WORKFLOW_STEPS: linter_runner assertion_runner - replicaCount: 2 resources: limits: memory: 2048Mi diff --git a/charts/tracetest-onprem/Chart.yaml b/charts/tracetest-onprem/Chart.yaml index eff1dc6..a015142 100644 --- a/charts/tracetest-onprem/Chart.yaml +++ b/charts/tracetest-onprem/Chart.yaml @@ -4,13 +4,22 @@ description: A Helm chart for tracetest On Prem type: application version: 1.0.0 dependencies: +- name: tracetest-core + version: 1.0.0 + repository: file://../tracetest-core +- name: tracetest-cloud + version: 1.0.0 + repository: file://../tracetest-cloud +- name: tracetest-agent-operator + version: 1.0.0 + repository: file://../tracetest-agent-operator +- name: tracetest-auth + version: 1.0.0 + repository: file://../tracetest-auth - name: nats version: 1.1.11 repository: https://nats-io.github.io/k8s/helm/charts/ condition: nats.enabled -- name: tracetest-core - version: 1.0.0 - repository: file://../tracetest-core maintainers: - name: tracetest diff --git a/charts/tracetest-onprem/values.yaml b/charts/tracetest-onprem/values.yaml index 3f49fb4..3c3334d 100644 --- a/charts/tracetest-onprem/values.yaml +++ b/charts/tracetest-onprem/values.yaml @@ -1,4 +1,5 @@ global: + imagePullSecret: &global_imagePullSecret "ghcr-secret" # TODO: set to blank postgres: &global_postgres host: "postgres" user: "postgres" @@ -19,7 +20,6 @@ global: nats: enabled: true - tracetest-core: postgres: *global_postgres diff --git a/scripts/create_image_pull_secret.sh b/scripts/create_image_pull_secret.sh new file mode 100755 index 0000000..f562dc0 --- /dev/null +++ b/scripts/create_image_pull_secret.sh @@ -0,0 +1,32 @@ +#!/bin/bash + +# Prompt for GitHub username +read -p "Enter your GitHub username: " GITHUB_USERNAME + +# Prompt for GitHub token + +# Prompt for GitHub token requirements +cat <