generated from TBD54566975/tbd-project-template
-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Showing
34 changed files
with
704 additions
and
466 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -45,3 +45,4 @@ junit*.xml | |
.ftl.lock | ||
docker-build/ | ||
**/.ftl | ||
charts/charts/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
FROM ubuntu:24.04 AS builder | ||
RUN apt-get update | ||
RUN apt-get install -y curl git zip | ||
|
||
# Copy Hermit bin stubs and install all packages. This is done | ||
# separately so that Docker will cache the tools correctly. | ||
COPY ./bin /src/bin | ||
ENV PATH="/src/bin:$PATH" | ||
WORKDIR /src | ||
|
||
# Seed some of the most common tools - this will be cached | ||
RUN go version | ||
RUN node --version | ||
|
||
# Download Go dependencies separately so Docker will cache them | ||
COPY go.mod go.sum ./ | ||
RUN go mod download -x | ||
|
||
# Download PNPM dependencies separately so Docker will cache them | ||
COPY frontend/console/package.json ./frontend/console/ | ||
COPY frontend/vscode/package.json ./frontend/vscode/ | ||
COPY pnpm-workspace.yaml pnpm-lock.yaml ./ | ||
RUN pnpm install --frozen-lockfile | ||
|
||
# Build | ||
COPY . /src/ | ||
RUN just errtrace | ||
# Reset timestamps so that the build state is reset | ||
RUN git ls-files -z | xargs -0 touch -r go.mod | ||
RUN just build ftl-controller | ||
|
||
# Finally create the runtime image. | ||
FROM scratch | ||
|
||
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ | ||
|
||
WORKDIR /service/ | ||
|
||
COPY --from=builder /src/build/release/ftl-controller . | ||
COPY --from=builder /src/build/release/ftl-initdb . #TODO: Remove this line, we need a different migration image, this will get us moving for now though | ||
|
||
EXPOSE 8891 | ||
EXPOSE 8892 | ||
|
||
ENV FTL_CONTROLLER_BIND="http://0.0.0.0:8892" | ||
ENV FTL_CONTROLLER_ADVERTISE="http://127.0.0.1:8892" | ||
ENV FTL_CONTROLLER_CONSOLE_URL="*" | ||
ENV FTL_CONTROLLER_DSN="postgres://host.docker.internal/ftl?sslmode=disable&user=postgres&password=secret" | ||
|
||
CMD ["/service/ftl-controller"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
dependencies: | ||
- name: postgresql | ||
repository: oci://registry-1.docker.io/bitnamicharts | ||
version: 15.5.29 | ||
- name: harbor | ||
repository: https://helm.goharbor.io | ||
version: 1.15.1 | ||
digest: sha256:54ee3d28306509e5360950f19a6ff0add5552f2a90adef6c50dcecf77d7fd119 | ||
generated: "2024-10-10T14:53:25.059332+11:00" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
apiVersion: v2 | ||
name: ftl | ||
description: | | ||
A Helm chart for Kubernetes that deploys FTL | ||
home: https://github.com/TBD54566975/ftl | ||
version: 0.0.1 | ||
appVersion: v0.354.1 | ||
|
||
dependencies: | ||
- name: postgresql | ||
version: 15.5.29 | ||
repository: oci://registry-1.docker.io/bitnamicharts | ||
condition: postgresql.enabled | ||
- name: harbor | ||
version: v1.15.1 | ||
repository: https://helm.goharbor.io | ||
condition: harbor.enabled |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
_help: | ||
@just -l | ||
|
||
dep-update: | ||
helm dep update . |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
{{/* vim: set filetype=mustache: */}} | ||
{{/* | ||
Expand the name of the chart. | ||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). | ||
If release name contains chart name it will be used as a full name. | ||
*/}} | ||
{{- define "ftl.fullname" -}} | ||
{{- if .Values.fullnameOverride -}} | ||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} | ||
{{- else -}} | ||
{{- $name := default .Chart.Name .Values.nameOverride -}} | ||
{{- if contains $name .Release.Name -}} | ||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}} | ||
{{- else -}} | ||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} | ||
{{- end -}} | ||
{{- end -}} | ||
{{- end -}} | ||
|
||
{{/* | ||
Common labels | ||
*/}} | ||
{{- define "ftl.labels" -}} | ||
helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }} | ||
app.kubernetes.io/name: {{ include "ftl.fullname" . }} | ||
app.kubernetes.io/instance: {{ .Release.Name }} | ||
{{- if .Values.customLabels -}} | ||
{{ toYaml .Values.customLabels }} | ||
{{- end -}} | ||
{{- end -}} | ||
|
||
{{/* | ||
Selector labels | ||
*/}} | ||
{{- define "ftl-controller.selectorLabels" -}} | ||
app.kubernetes.io/name: {{ include "ftl.fullname" . }} | ||
app.kubernetes.io/component: controller | ||
app.kubernetes.io/instance: {{ .Release.Name }} | ||
{{- end -}} | ||
{{- define "ftl-runner.selectorLabels" -}} | ||
app.kubernetes.io/name: {{ include "ftl.fullname" . }} | ||
app.kubernetes.io/component: runner | ||
app.kubernetes.io/instance: {{ .Release.Name }} | ||
{{- end -}} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
apiVersion: v1 | ||
kind: ServiceAccount | ||
metadata: | ||
name: {{ include "ftl.fullname" . }}-controller | ||
namespace: {{ .Release.Namespace }} | ||
{{- if .Values.controller.controllersRoleArn }} | ||
annotations: | ||
eks.amazonaws.com/role-arn: {{ .Values.controller.controllersRoleArn }} | ||
{{- end }} | ||
--- | ||
apiVersion: rbac.authorization.k8s.io/v1 | ||
kind: Role | ||
metadata: | ||
name: {{ include "ftl.fullname" . }}-controller | ||
labels: | ||
{{- include "ftl.labels" . | nindent 4 }} | ||
rules: | ||
- apiGroups: [ "apps" ] | ||
resources: [ "deployments" ] | ||
verbs: [ "get", "list", "watch", "delete", "create", "update", "patch" ] | ||
- apiGroups: [ "" ] | ||
resources: [ "services" , "serviceaccounts"] | ||
verbs: [ "get", "list", "watch", "delete", "create", "update", "patch" ] | ||
- apiGroups: [ "" ] | ||
resources: [ "pods" ] | ||
verbs: [ "get", "list", "watch" ] | ||
- apiGroups: [ "" ] | ||
resources: [ "configmaps" ] | ||
resourceNames: | ||
- ftl-controller-deployment-config | ||
verbs: [ "get"] | ||
- apiGroups: [ "security.istio.io" ] | ||
resources: [ "authorizationpolicies" ] | ||
verbs: [ "get", "list", "watch", "delete", "create", "update", "patch" ] | ||
--- | ||
apiVersion: rbac.authorization.k8s.io/v1 | ||
kind: RoleBinding | ||
metadata: | ||
name: {{ include "ftl.fullname" . }}-controller | ||
labels: | ||
{{- include "ftl.labels" . | nindent 4 }} | ||
roleRef: | ||
apiGroup: rbac.authorization.k8s.io | ||
kind: Role | ||
name: {{ include "ftl.fullname" . }}-controller | ||
subjects: | ||
- kind: ServiceAccount | ||
name: {{ include "ftl.fullname" . }}-controller |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
labels: | ||
{{- include "ftl.labels" . | nindent 4 }} | ||
name: {{ include "ftl.fullname" . }}-controller | ||
{{- if .Values.controller.service.annotations }} | ||
annotations: | ||
{{- toYaml .Values.controller.service.annotations | nindent 4 }} | ||
{{- end }} | ||
spec: | ||
ports: | ||
{{- range .Values.controller.service.ports }} | ||
- name: {{ .name }} | ||
port: {{ .port }} | ||
protocol: {{ .protocol | default "TCP" }} | ||
{{- if .appProtocol }} | ||
appProtocol: {{ .appProtocol }} | ||
{{- end }} | ||
targetPort: {{ .targetPort }} | ||
{{- end }} | ||
selector: | ||
{{- include "ftl-controller.selectorLabels" . | nindent 4 }} | ||
type: {{ .Values.controller.service.type | default "ClusterIP" }} | ||
--- | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
labels: | ||
{{- include "ftl.labels" . | nindent 4 }} | ||
name: {{ include "ftl.fullname" . }}-controller-ingress | ||
{{- if .Values.controller.ingressService.annotations }} | ||
annotations: | ||
{{- toYaml .Values.controller.ingressService.annotations | nindent 4 }} | ||
{{- end }} | ||
spec: | ||
ports: | ||
{{- range .Values.controller.ingressService.ports }} | ||
- name: {{ .name }} | ||
port: {{ .port }} | ||
protocol: {{ .protocol | default "TCP" }} | ||
targetPort: {{ .targetPort }} | ||
{{- end }} | ||
selector: | ||
{{- include "ftl-controller.selectorLabels" . | nindent 4 }} | ||
type: {{ .Values.controller.ingressService.type | default "ClusterIP" }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,85 @@ | ||
apiVersion: apps/v1 | ||
kind: Deployment | ||
metadata: | ||
name: {{ include "ftl.fullname" . }}-controller | ||
labels: | ||
{{- include "ftl.labels" . | nindent 4 }} | ||
spec: | ||
replicas: {{ .Values.controller.replicas }} | ||
revisionHistoryLimit: {{ .Values.controller.revisionHistoryLimit }} | ||
selector: | ||
matchLabels: | ||
{{- include "ftl-controller.selectorLabels" . | nindent 6 }} | ||
template: | ||
metadata: | ||
labels: | ||
{{- include "ftl-controller.selectorLabels" . | nindent 8 }} | ||
{{- if .Values.controller.podAnnotations }} | ||
annotations: | ||
{{- toYaml .Values.controller.podAnnotations | nindent 8 }} | ||
{{- end }} | ||
spec: | ||
serviceAccountName: {{ include "ftl.fullname" . }}-controller | ||
containers: | ||
- name: app | ||
image: "{{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag }}" | ||
{{- if .Values.controller.envFrom }} | ||
envFrom: | ||
{{- if .Values.controller.envFrom }} | ||
{{- toYaml .Values.controller.envFrom | nindent 12 }} | ||
{{- end }} | ||
{{- else if or .Values.secrets.logEncryptionKey .Values.secrets.asyncEncryptionKey }} | ||
envFrom: | ||
- secretRef: | ||
name: {{ include "ftl.fullname" . }}-secrets | ||
{{- end }} | ||
env: | ||
{{- if .Values.controller.env }} | ||
{{- toYaml .Values.controller.env | nindent 12 }} | ||
{{- end }} | ||
{{- if not .Values.postgresql.enabled }} | ||
- name: FTL_CONTROLLER_DSN | ||
value: "{{ .Values.controller.dbConnectionString }}" | ||
{{- else }} | ||
- name: FTL_CONTROLLER_DSN | ||
value: "postgres://{{ .Release.Name }}-postgresql:5432/{{ .Values.postgresql.global.postgresql.auth.database }}?sslmode=disable&user={{ .Values.postgresql.global.postgresql.auth.username }}&password={{ .Values.postgresql.global.postgresql.auth.password }}" | ||
{{- end }} | ||
{{- if .Values.controller.kmsUri }} | ||
- name: FTL_KMS_URI | ||
value: "{{ .Values.controller.kmsUri }}" | ||
{{- end }} | ||
ports: | ||
{{- range .Values.controller.ports }} | ||
- name: {{ .name }} | ||
containerPort: {{ .containerPort }} | ||
protocol: {{ .protocol | default "TCP" }} | ||
{{- end }} | ||
readinessProbe: | ||
{{- if .Values.controller.readinessProbe }} | ||
{{- toYaml .Values.controller.readinessProbe | nindent 12 }} | ||
{{- else }} | ||
httpGet: | ||
path: /healthz | ||
port: 8892 | ||
initialDelaySeconds: 1 | ||
periodSeconds: 2 | ||
timeoutSeconds: 2 | ||
successThreshold: 1 | ||
failureThreshold: 15 | ||
{{- end }} | ||
{{- if .Values.controller.nodeSelector }} | ||
nodeSelector: | ||
{{- toYaml .Values.controller.nodeSelector | nindent 8 }} | ||
{{- end }} | ||
{{- if .Values.controller.affinity }} | ||
affinity: | ||
{{- toYaml .Values.controller.affinity | nindent 8 }} | ||
{{- end }} | ||
{{- if .Values.controller.topologySpreadConstraints }} | ||
topologySpreadConstraints: | ||
{{- toYaml .Values.controller.topologySpreadConstraints | nindent 8 }} | ||
{{- end }} | ||
{{- if .Values.controller.tolerations }} | ||
tolerations: | ||
{{- toYaml .Values.controller.tolerations | nindent 8 }} | ||
{{- end }} |
Oops, something went wrong.