Skip to content

Commit

Permalink
Merge branch 'main' into version_bumps
Browse files Browse the repository at this point in the history
  • Loading branch information
tobybellwood authored Oct 16, 2023
2 parents eaba61a + d1d3aa4 commit adb3ba2
Show file tree
Hide file tree
Showing 19 changed files with 188 additions and 19 deletions.
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -178,7 +178,7 @@ install-lagoon-core: install-minio
$$([ $(OVERRIDE_BUILD_DEPLOY_DIND_IMAGE) ] && echo '--set buildDeployImage.default.image=$(OVERRIDE_BUILD_DEPLOY_DIND_IMAGE)') \
$$([ $(DISABLE_CORE_HARBOR) ] && echo '--set api.additionalEnvs.DISABLE_CORE_HARBOR=$(DISABLE_CORE_HARBOR)') \
$$([ $(OPENSEARCH_INTEGRATION_ENABLED) ] && echo '--set api.additionalEnvs.OPENSEARCH_INTEGRATION_ENABLED=$(OPENSEARCH_INTEGRATION_ENABLED)') \
--set "keycloakAPIURL=http://lagoon-keycloak.$$($(KUBECTL) get nodes -o jsonpath='{.items[0].status.addresses[0].address}').nip.io:32080/auth" \
--set "keycloakFrontEndURL=http://lagoon-keycloak.$$($(KUBECTL) get nodes -o jsonpath='{.items[0].status.addresses[0].address}').nip.io:32080" \
--set "lagoonAPIURL=http://lagoon-api.$$($(KUBECTL) get nodes -o jsonpath='{.items[0].status.addresses[0].address}').nip.io:32080/graphql" \
--set actionsHandler.image.repository=$(IMAGE_REGISTRY)/actions-handler \
--set api.image.repository=$(IMAGE_REGISTRY)/api \
Expand Down
2 changes: 1 addition & 1 deletion charts/lagoon-build-deploy/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ type: application

version: 0.26.0

appVersion: v0.15.0
appVersion: v0.15.2

annotations:
artifacthub.io/changes: |
Expand Down
3 changes: 3 additions & 0 deletions charts/lagoon-build-deploy/templates/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -119,6 +119,9 @@ spec:
{{- with .Values.lagoonFeatureFlagBackupWeeklyRandom }}
- "--lagoon-feature-flag-backup-weekly-random={{ . }}"
{{- end }}
{{- with .Values.lagoonFeatureFlagSupportK8upV2 }}
- "--lagoon-feature-flag-support-k8upv2={{ . }}"
{{- end }}
{{- with .Values.lagoonBackupDefaultSchedule }}
- "--backup-default-schedule={{ . }}"
{{- end }}
Expand Down
1 change: 1 addition & 0 deletions charts/lagoon-build-deploy/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ namespacePrefix: ""
# lagoonFeatureFlagDefaultInsights: disabled
# lagoonFeatureFlagForceRWX2RWO: disabled
# lagoonFeatureFlagDefaultRWX2RWO: disabled
# lagoonFeatureFlagSupportK8upV2: false

# It is also possible to define feature flags using `extraEnvs` by defining them like so
# this method is useful for enabling features on the fly, ones that might not have built in support
Expand Down
6 changes: 2 additions & 4 deletions charts/lagoon-core/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,13 +21,13 @@ type: application
# time you make changes to the chart and its templates, including the app
# version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 1.37.0
version: 1.38.0

# This is the version number of the application being deployed. This version
# number should be incremented each time you make changes to the application.
# Versions are not expected to follow Semantic Versioning. They should reflect
# the version the application is using.
appVersion: v2.15.4
appVersion: v2.16.0

dependencies:
- name: nats
Expand All @@ -42,5 +42,3 @@ annotations:
artifacthub.io/changes: |
- kind: changed
description: require minimum Kubernetes 1.23
- kind: changed
description: removed autoscaling api version helper
2 changes: 1 addition & 1 deletion charts/lagoon-core/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ kind create cluster
helm upgrade --install --create-namespace --namespace lagoon-core \
--values ./charts/lagoon-core/ci/linter-values.yaml \
--set lagoonAPIURL=http://localhost:7070/graphql \
--set keycloakAPIURL=http://localhost:8080/auth \
--set keycloakFrontEndURL=http://localhost:8080 \
lagoon-core \
./charts/lagoon-core

Expand Down
22 changes: 20 additions & 2 deletions charts/lagoon-core/ci/linter-values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,10 @@ lagoonWebhookURL: http://webhook:11213
defaultIngressClassName: nginx

# used in ui
lagoonAPIURL: https://api.example.com/graphql
keycloakAPIURL: https://keycloak.example.com/auth
# lagoonAPIURL: https://api.example.com/graphql
# keycloakFrontEndURL: https://keycloak.example.com

keycloakAdminEmail: [email protected]

api:
replicaCount: 1
Expand Down Expand Up @@ -53,6 +55,22 @@ actionsHandler:
repository: uselagoon/actions-handler

keycloak:
keycloakFrontEndURL: https://keycloak.example.com
realmSettings:
enabled: true
options:
resetPasswordAllowed: true
rememberMe: true
email:
enabled: true
settings:
host: mailhog
port: '1025'
fromDisplayName: Lagoon
from: [email protected]
replyToDisplayName: Lagoon No-Reply
replyTo: [email protected]
envelopeFrom: [email protected]
image:
repository: uselagoon/keycloak
resources:
Expand Down
15 changes: 15 additions & 0 deletions charts/lagoon-core/templates/api-redis.deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -36,13 +36,22 @@ spec:
secretKeyRef:
name: {{ include "lagoon-core.api.fullname" . }}
key: REDIS_PASSWORD
{{- if .Values.apiRedis.persistence.enabled }}
- name: FLAVOR
value: persistent
{{- end }}
{{- range $key, $val := .Values.apiRedis.additionalEnvs }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
ports:
- name: redis
containerPort: 6379
{{- if .Values.apiRedis.persistence.enabled }}
volumeMounts:
- name: {{ include "lagoon-core.apiRedis.fullname" . }}-data
mountPath: /data
{{- end }}
livenessProbe:
tcpSocket:
port: redis
Expand All @@ -51,6 +60,12 @@ spec:
port: redis
resources:
{{- toYaml .Values.apiRedis.resources | nindent 10 }}
{{- if .Values.apiRedis.persistence.enabled }}
volumes:
- name: {{ include "lagoon-core.apiRedis.fullname" . }}-data
persistentVolumeClaim:
claimName: {{ include "lagoon-core.apiRedis.fullname" . }}-data
{{- end }}
{{- with .Values.apiRedis.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
Expand Down
17 changes: 17 additions & 0 deletions charts/lagoon-core/templates/api-redis.pvc.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
{{- if .Values.apiRedis.persistence.enabled -}}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "lagoon-core.apiRedis.fullname" . }}-data
labels:
{{- include "lagoon-core.apiRedis.labels" . | nindent 4 }}
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ .Values.apiRedis.persistence.size | quote }}
{{- with .Values.apiRedis.persistence.storageClass }}
storageClassName: {{ . | quote }}
{{- end }}
{{- end }}
6 changes: 6 additions & 0 deletions charts/lagoon-core/templates/api.deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,13 @@ spec:
name: {{ include "lagoon-core.keycloak.fullname" . }}
key: KEYCLOAK_API_CLIENT_SECRET
- name: KEYCLOAK_URL
{{- if .Values.keycloakFrontEndURL }}
value: {{ .Values.keycloakFrontEndURL }}
{{- else if .Values.keycloak.ingress.enabled }}
value: https://{{ index .Values.keycloak.ingress.hosts 0 "host" }}
{{- else }}
value: http://{{ include "lagoon-core.keycloak.fullname" . }}:{{ .Values.keycloak.service.port }}
{{- end }}
- name: KIBANA_URL
value: {{ required "A valid .Values.kibanaURL required!" .Values.kibanaURL | quote }}
- name: LAGOON_VERSION
Expand Down
24 changes: 24 additions & 0 deletions charts/lagoon-core/templates/keycloak.configmap.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
{{- if .Values.keycloak.email.enabled -}}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "lagoon-core.keycloak.fullname" . }}-smtp-settings
labels:
{{- include "lagoon-core.keycloak.labels" . | nindent 4 }}
data:
keycloak-smtp-settings.json: |
{"smtpServer":{{ .Values.keycloak.email.settings | toJson }}}
{{ end -}}
{{- if .Values.keycloak.realmSettings.enabled -}}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "lagoon-core.keycloak.fullname" . }}-realm-settings
labels:
{{- include "lagoon-core.keycloak.labels" . | nindent 4 }}
data:
keycloak-realm-settings.json: |
{{ .Values.keycloak.realmSettings.options | toJson }}
{{ end -}}
36 changes: 36 additions & 0 deletions charts/lagoon-core/templates/keycloak.deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,18 @@ spec:
value: {{ include "lagoon-core.keycloakDB.fullname" . }}
- name: KEYCLOAK_ADMIN_USER
value: {{ .Values.keycloakAdminUser | quote }}
- name: KEYCLOAK_FRONTEND_URL
{{- if .Values.keycloakFrontEndURL }}
value: {{ .Values.keycloakFrontEndURL }}/auth
{{- else if .Values.keycloak.ingress.enabled }}
value: https://{{ index .Values.keycloak.ingress.hosts 0 "host" }}/auth
{{- else }}
value: http://{{ include "lagoon-core.keycloak.fullname" . }}:{{ .Values.keycloak.service.port }}/auth
{{- end }}
{{- with .Values.keycloakAdminEmail }}
- name: KEYCLOAK_ADMIN_EMAIL
value: {{ . | quote }}
{{- end }}
{{- range $key, $val := .Values.keycloak.additionalEnvs }}
- name: {{ $key }}
value: {{ $val | quote }}
Expand All @@ -67,6 +79,17 @@ spec:
- /tmp/keycloak-config-complete
failureThreshold: 90
periodSeconds: 20
volumeMounts:
{{- if .Values.keycloak.email.enabled }}
- mountPath: /lagoon/keycloak/keycloak-smtp-settings.json
name: {{ include "lagoon-core.keycloak.fullname" . }}-smtp-settings
subPath: keycloak-smtp-settings.json
{{- end }}
{{- if .Values.keycloak.realmSettings.enabled }}
- mountPath: /lagoon/keycloak/keycloak-realm-settings.json
name: {{ include "lagoon-core.keycloak.fullname" . }}-realm-settings
subPath: keycloak-realm-settings.json
{{- end }}
resources:
{{- toYaml .Values.keycloak.resources | nindent 10 }}
{{- with .Values.keycloak.nodeSelector }}
Expand All @@ -81,3 +104,16 @@ spec:
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
{{- if .Values.keycloak.email.enabled }}
- configMap:
defaultMode: 420
name: {{ include "lagoon-core.keycloak.fullname" . }}-smtp-settings
name: {{ include "lagoon-core.keycloak.fullname" . }}-smtp-settings
{{- end }}
{{- if .Values.keycloak.realmSettings.enabled }}
- configMap:
defaultMode: 420
name: {{ include "lagoon-core.keycloak.fullname" . }}-realm-settings
name: {{ include "lagoon-core.keycloak.fullname" . }}-realm-settings
{{- end }}
6 changes: 6 additions & 0 deletions charts/lagoon-core/templates/opensearch-sync.deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,13 @@ spec:
name: {{ include "lagoon-core.apiDB.fullname" . }}
key: API_DB_PASSWORD
- name: KEYCLOAK_BASE_URL
{{- if .Values.keycloakFrontEndURL }}
value: {{ .Values.keycloakFrontEndURL }}/
{{- else if .Values.keycloak.ingress.enabled }}
value: https://{{ index .Values.keycloak.ingress.hosts 0 "host" }}/
{{- else }}
value: http://{{ include "lagoon-core.keycloak.fullname" . }}:{{ .Values.keycloak.service.port }}/
{{- end }}
- name: KEYCLOAK_CLIENT_ID
value: lagoon-opensearch-sync
- name: KEYCLOAK_CLIENT_SECRET
Expand Down
6 changes: 6 additions & 0 deletions charts/lagoon-core/templates/ssh-portal-api.deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,13 @@ spec:
value: "true"
{{- end }}
- name: KEYCLOAK_BASE_URL
{{- if .Values.keycloakFrontEndURL }}
value: {{ .Values.keycloakFrontEndURL }}/
{{- else if .Values.keycloak.ingress.enabled }}
value: https://{{ index .Values.keycloak.ingress.hosts 0 "host" }}/
{{- else }}
value: http://{{ include "lagoon-core.keycloak.fullname" . }}:{{ .Values.keycloak.service.port }}/
{{- end }}
- name: KEYCLOAK_SERVICE_API_CLIENT_SECRET
valueFrom:
secretKeyRef:
Expand Down
6 changes: 6 additions & 0 deletions charts/lagoon-core/templates/ssh-token.deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,13 @@ spec:
value: "true"
{{- end }}
- name: KEYCLOAK_BASE_URL
{{- if .Values.keycloakFrontEndURL }}
value: {{ .Values.keycloakFrontEndURL }}/
{{- else if .Values.keycloak.ingress.enabled }}
value: https://{{ index .Values.keycloak.ingress.hosts 0 "host" }}/
{{- else }}
value: http://{{ include "lagoon-core.keycloak.fullname" . }}:{{ .Values.keycloak.service.port }}/
{{- end }}
- name: KEYCLOAK_AUTH_SERVER_CLIENT_SECRET
valueFrom:
secretKeyRef:
Expand Down
14 changes: 11 additions & 3 deletions charts/lagoon-core/templates/ui.deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -45,10 +45,18 @@ spec:
value: https://{{ index .Values.api.ingress.hosts 0 "host" }}/graphql
{{- end }}
- name: KEYCLOAK_API
{{- if .Values.keycloakAPIURL }}
value: {{ .Values.keycloakAPIURL | quote }}
{{- else }}
{{- if .Values.keycloakFrontEndURL }}
value: {{ .Values.keycloakFrontEndURL }}/auth
{{- else if .Values.keycloak.ingress.enabled }}
value: https://{{ index .Values.keycloak.ingress.hosts 0 "host" }}/auth
{{- else }}
value: http://{{ include "lagoon-core.keycloak.fullname" . }}:{{ .Values.keycloak.service.port }}/auth
{{- end }}
- name: WEBHOOK_URL
{{- if .Values.lagoonWebhookURL }}
value: {{ .Values.lagoonWebhookURL | quote }}
{{- else }}
value: https://{{ index .Values.webhookHandler.ingress.hosts 0 "host" }}
{{- end }}
- name: LAGOON_VERSION
value: {{ .Chart.AppVersion | replace "-" "." }}
Expand Down
27 changes: 26 additions & 1 deletion charts/lagoon-core/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@
# These values may be set on install, otherwise the chart tries to guess
# sensible defaults.

# keycloakAPIURL: https://keycloak.example.com/auth
# keycloakFrontEndURL: https://keycloak.example.com
# lagoonAPIURL: https://api.example.com/graphql
# lagoonUIURL: https://ui.example.com
# lagoonWebhookURL: https://webhook-handler.example.com
Expand Down Expand Up @@ -60,6 +60,8 @@ rabbitMQUsername: lagoon
k8upS3Endpoint: ""

keycloakAdminUser: admin
# this is required if email sending is to be enabled in keycloak
# keycloakAdminEmail: [email protected]

buildDeployImage:
edge:
Expand Down Expand Up @@ -202,11 +204,34 @@ apiRedis:
additionalEnvs:
# FOO: Bar

persistence:
enabled: false
size: 100Mi

service:
type: ClusterIP
port: 6379

keycloak:
# keycloak realm and email settings configuration
realmSettings:
enabled: false
# the full list of config settings is available TODO
options:
resetPasswordAllowed: true
rememberMe: true
email:
enabled: false
settings:
host: mailhog
port: '1025'
from: [email protected]
fromDisplayName: Lagoon
replyTo: [email protected]
ssl: 'false'
starttls: 'false'
auth: 'false'

replicaCount: 1
image:
repository: uselagoon/keycloak
Expand Down
6 changes: 3 additions & 3 deletions charts/lagoon-remote/Chart.lock
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
dependencies:
- name: lagoon-build-deploy
repository: https://uselagoon.github.io/lagoon-charts/
version: 0.25.0
version: 0.25.2
- name: dioscuri
repository: https://amazeeio.github.io/charts/
version: 0.4.1
Expand All @@ -11,5 +11,5 @@ dependencies:
- name: nats
repository: https://nats-io.github.io/k8s/helm/charts/
version: 0.19.17
digest: sha256:f5484f77cfe25d079752ea3a19b1a93edb3c93e1262c4f310e149843359ff2c1
generated: "2023-09-20T15:20:44.302630522+10:00"
digest: sha256:8ca3385f69f64eed0be9276ea4fb5b59e13e0caac5777e50bfae80fd6fd29cb0
generated: "2023-10-06T10:49:35.479733592+11:00"
Loading

0 comments on commit adb3ba2

Please sign in to comment.