From 513f4ec85cfc4cc359f0edb6df971cda45cfcb6d Mon Sep 17 00:00:00 2001 From: OMPRAKASH MISHRA Date: Thu, 15 Feb 2024 17:28:02 -0800 Subject: [PATCH 01/11] feat(helm)!: changes to simplify HELM Signed-off-by: OMPRAKASH MISHRA --- charts/quickstart-openshift/Chart.yaml | 18 -- .../templates/backend/templates/_helpers.tpl | 51 ++++ .../backend/templates/deployment.yaml | 119 ++++++++ .../templates/backend/templates/hpa.yaml | 55 ++++ .../templates/backend/templates/pdb.yaml | 14 + .../templates/backend/templates/service.yaml | 18 ++ .../templates/frontend/templates/_helpers.tpl | 51 ++++ .../frontend/templates/deployment.yaml | 89 ++++++ .../templates/frontend/templates/hpa.yaml | 55 ++++ .../templates/frontend/templates/pdb.yaml | 13 + .../templates/frontend/templates/route.yaml | 20 ++ .../templates/frontend/templates/service.yaml | 25 ++ .../templates/secret.yaml | 8 + charts/quickstart-openshift/values.yaml | 286 +----------------- 14 files changed, 530 insertions(+), 292 deletions(-) create mode 100644 charts/quickstart-openshift/templates/backend/templates/_helpers.tpl create mode 100644 charts/quickstart-openshift/templates/backend/templates/deployment.yaml create mode 100644 charts/quickstart-openshift/templates/backend/templates/hpa.yaml create mode 100644 charts/quickstart-openshift/templates/backend/templates/pdb.yaml create mode 100644 charts/quickstart-openshift/templates/backend/templates/service.yaml create mode 100644 charts/quickstart-openshift/templates/frontend/templates/_helpers.tpl create mode 100644 charts/quickstart-openshift/templates/frontend/templates/deployment.yaml create mode 100644 charts/quickstart-openshift/templates/frontend/templates/hpa.yaml create mode 100644 charts/quickstart-openshift/templates/frontend/templates/pdb.yaml create mode 100644 charts/quickstart-openshift/templates/frontend/templates/route.yaml create mode 100644 charts/quickstart-openshift/templates/frontend/templates/service.yaml diff --git a/charts/quickstart-openshift/Chart.yaml b/charts/quickstart-openshift/Chart.yaml index 887e48eb7..c38f1adf0 100644 --- a/charts/quickstart-openshift/Chart.yaml +++ b/charts/quickstart-openshift/Chart.yaml @@ -25,29 +25,11 @@ version: 0.1.0 appVersion: "1.16.0" dependencies: - - name: component - condition: backend.enabled - version: 0.3.0 - repository: https://bcgov.github.io/helm-service - alias: backend - - - name: component - condition: frontend.enabled - version: 0.3.0 - repository: https://bcgov.github.io/helm-service - alias: frontend - - name: postgresql condition: bitnami-pg.enabled version: 14.0.5 repository: https://charts.bitnami.com/bitnami alias: bitnami-pg - - - name: component - condition: backup.enabled - version: 0.3.0 - repository: https://bcgov.github.io/helm-service - alias: backup maintainers: - name: Om Mishra email: omprakash.2.mishra@gov.bc.ca diff --git a/charts/quickstart-openshift/templates/backend/templates/_helpers.tpl b/charts/quickstart-openshift/templates/backend/templates/_helpers.tpl new file mode 100644 index 000000000..1c1319767 --- /dev/null +++ b/charts/quickstart-openshift/templates/backend/templates/_helpers.tpl @@ -0,0 +1,51 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "backend.name" -}} +{{- printf "backend" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "backend.fullname" -}} +{{- $componentName := include "backend.name" . }} +{{- if .Values.backend.fullnameOverride }} +{{- .Values.backend.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $componentName | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "backend.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "backend.labels" -}} +helm.sh/chart: {{ include "backend.chart" . }} +{{ include "backend.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/image-version: {{ .Values.backend.image.tag | quote }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/short-name: {{ include "backend.name" . }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "backend.selectorLabels" -}} +app.kubernetes.io/name: {{ include "backend.fullname" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + + diff --git a/charts/quickstart-openshift/templates/backend/templates/deployment.yaml b/charts/quickstart-openshift/templates/backend/templates/deployment.yaml new file mode 100644 index 000000000..12ce38afc --- /dev/null +++ b/charts/quickstart-openshift/templates/backend/templates/deployment.yaml @@ -0,0 +1,119 @@ +{{- if .Values.backend.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "backend.fullname" . }} + labels: + {{- include "backend.labels" . | nindent 4 }} +spec: + strategy: + type: {{ .Values.backend.deploymentStrategy }} + {{- if not .Values.backend.autoscaling.enabled }} + replicas: {{ .Values.backend.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "backend.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + prometheus.io/scrape: 'true' + prometheus.io/port: '3000' + prometheus.io/path: '/api/metrics' + labels: + {{- include "backend.selectorLabels" . | nindent 8 }} + spec: + {{- if .Values.backend.podSecurityContext }} + securityContext: + {{- toYaml .Values.backend.podSecurityContext | nindent 12 }} + {{- end }} + initContainers: + - name: {{ include "backend.fullname" . }}-init + image: "{{.Values.global.registry}}/{{.Values.global.repository}}/migrations:{{ .Values.backend.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ default "IfNotPresent" .Values.backend.image.pullPolicy }} + envFrom: + - secretRef: + name: {{.Release.Name}} + env: + - name: FLYWAY_BASELINE_ON_MIGRATE + value: "true" + - name: FLYWAY_DEFAULT_SCHEMA + value: "USERS" + - name: FLYWAY_CONNECT_RETRIES + value: "10" + resources: + limits: + cpu: 500m + memory: 250Mi + requests: + cpu: 200m + memory: 150Mi + containers: + - name: {{ include "backend.fullname" . }} + {{- if .Values.backend.securityContext }} + securityContext: + {{- toYaml .Values.backend.securityContext | nindent 12 }} + {{- end }} + image: {{.Values.global.registry}}/{{.Values.global.repository}}/backend:{{ .Values.global.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ default "IfNotPresent" .Values.backend.image.pullPolicy }} + envFrom: + - secretRef: + name: {{.Release.Name}} + env: + - name: LOG_LEVEL + value: info + ports: + - name: http + containerPort: {{ .Values.backend.service.targetPort }} + protocol: TCP + readinessProbe: + httpGet: + path: /api/health + port: http + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 2 + timeoutSeconds: 2 + successThreshold: 1 + failureThreshold: 30 + livenessProbe: + successThreshold: 1 + failureThreshold: 3 + httpGet: + path: /api/health + port: 3000 + scheme: HTTP + initialDelaySeconds: 15 + periodSeconds: 30 + timeoutSeconds: 5 + resources: # this is optional + limits: + cpu: 250m + memory: 250Mi + requests: + cpu: 100m + memory: 150Mi + {{- with .Values.backend.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.backend.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - {{ include "backend.fullname" . }} + - key: app.kubernetes.io/instance + operator: In + values: + - {{ .Release.Name }} + topologyKey: "kubernetes.io/hostname" + +{{- end }} diff --git a/charts/quickstart-openshift/templates/backend/templates/hpa.yaml b/charts/quickstart-openshift/templates/backend/templates/hpa.yaml new file mode 100644 index 000000000..d22860931 --- /dev/null +++ b/charts/quickstart-openshift/templates/backend/templates/hpa.yaml @@ -0,0 +1,55 @@ +{{- if .Values.global.autoscaling }} +{{- if and .Values.backend.autoscaling .Values.backend.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "backend.fullname" . }} + labels: + {{- include "backend.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "backend.fullname" . }} + minReplicas: {{ .Values.backend.autoscaling.minReplicas }} + maxReplicas: {{ .Values.backend.autoscaling.maxReplicas }} + behavior: + scaleDown: + stabilizationWindowSeconds: 300 + policies: + - type: Percent + value: 10 + periodSeconds: 60 + - type: Pods + value: 2 + periodSeconds: 60 + selectPolicy: Min + scaleUp: + stabilizationWindowSeconds: 0 + policies: + - type: Percent + value: 100 + periodSeconds: 30 + - type: Pods + value: 2 + periodSeconds: 30 + selectPolicy: Max + metrics: + {{- if .Values.backend.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.backend.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.backend.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.backend.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/quickstart-openshift/templates/backend/templates/pdb.yaml b/charts/quickstart-openshift/templates/backend/templates/pdb.yaml new file mode 100644 index 000000000..142e583d1 --- /dev/null +++ b/charts/quickstart-openshift/templates/backend/templates/pdb.yaml @@ -0,0 +1,14 @@ +{{- if and .Values.backend.pdb .Values.backend.pdb.enabled }} +--- +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ include "backend.fullname" . }} + labels: + {{- include "backend.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "backend.fullname" . }} + minAvailable: {{ .Values.backend.pdb.minAvailable }} +{{- end }} diff --git a/charts/quickstart-openshift/templates/backend/templates/service.yaml b/charts/quickstart-openshift/templates/backend/templates/service.yaml new file mode 100644 index 000000000..2ea12d8fb --- /dev/null +++ b/charts/quickstart-openshift/templates/backend/templates/service.yaml @@ -0,0 +1,18 @@ +{{- if .Values.backend.enabled }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "backend.fullname" . }} + labels: + {{- include "backend.labels" . | nindent 4 }} +spec: + type: {{ .Values.backend.service.type }} + ports: + - port: {{ .Values.backend.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "backend.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/charts/quickstart-openshift/templates/frontend/templates/_helpers.tpl b/charts/quickstart-openshift/templates/frontend/templates/_helpers.tpl new file mode 100644 index 000000000..3c45e0d95 --- /dev/null +++ b/charts/quickstart-openshift/templates/frontend/templates/_helpers.tpl @@ -0,0 +1,51 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "frontend.name" -}} +{{- printf "frontend" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "frontend.fullname" -}} +{{- $componentName := include "frontend.name" . }} +{{- if .Values.frontend.fullnameOverride }} +{{- .Values.frontend.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $componentName | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "frontend.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "frontend.labels" -}} +helm.sh/chart: {{ include "frontend.chart" . }} +{{ include "frontend.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/image-version: {{ .Values.frontend.image.tag | quote }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/short-name: {{ include "frontend.name" . }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "frontend.selectorLabels" -}} +app.kubernetes.io/name: {{ include "frontend.fullname" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + + diff --git a/charts/quickstart-openshift/templates/frontend/templates/deployment.yaml b/charts/quickstart-openshift/templates/frontend/templates/deployment.yaml new file mode 100644 index 000000000..c947f7a00 --- /dev/null +++ b/charts/quickstart-openshift/templates/frontend/templates/deployment.yaml @@ -0,0 +1,89 @@ +{{- if .Values.frontend.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "frontend.fullname" . }} + labels: + {{- include "frontend.labels" . | nindent 4 }} +spec: + strategy: + type: {{ .Values.frontend.deploymentStrategy }} + {{- if not .Values.frontend.autoscaling.enabled }} + replicas: {{ .Values.frontend.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "frontend.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + prometheus.io/scrape: 'true' + prometheus.io/port: '3003' + prometheus.io/path: '/metrics' + labels: + {{- include "frontend.selectorLabels" . | nindent 8 }} + spec: + {{- if .Values.frontend.podSecurityContext }} + securityContext: + {{- toYaml .Values.frontend.podSecurityContext | nindent 12 }} + {{- end }} + containers: + - name: {{ include "frontend.fullname" . }} + {{- if .Values.frontend.securityContext }} + securityContext: + {{- toYaml .Values.frontend.securityContext | nindent 12 }} + {{- end }} + image: {{.Values.global.registry}}/{{.Values.global.repository}}/frontend:{{ .Values.global.tag | default .Chart.AppVersion }}" + env: + - name: BACKEND_URL + value: "http://{{ .Release.Name }}-backend" + - name: LOG_LEVEL + value: "info" + ports: + - name: http + containerPort: 3000 + protocol: TCP + readinessProbe: + httpGet: + path: /health + port: 3001 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 2 + timeoutSeconds: 2 + successThreshold: 1 + failureThreshold: 30 + #-- the liveness probe for the container. it is optional and is an object. for default values check this link: https://github.com/bcgov/helm-service/blob/main/charts/component/templates/deployment.yaml#L324-L328 + livenessProbe: + successThreshold: 1 + failureThreshold: 3 + httpGet: + path: /health + port: 3001 + scheme: HTTP + initialDelaySeconds: 15 + periodSeconds: 30 + timeoutSeconds: 5 + resources: + limits: + cpu: 100m + memory: 150Mi + requests: + cpu: 30m + memory: 50Mi + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - {{ include "frontend.fullname" . }} + - key: app.kubernetes.io/instance + operator: In + values: + - {{ .Release.Name }} + topologyKey: "kubernetes.io/hostname" + +{{- end }} diff --git a/charts/quickstart-openshift/templates/frontend/templates/hpa.yaml b/charts/quickstart-openshift/templates/frontend/templates/hpa.yaml new file mode 100644 index 000000000..94191d14a --- /dev/null +++ b/charts/quickstart-openshift/templates/frontend/templates/hpa.yaml @@ -0,0 +1,55 @@ +{{- if .Values.global.autoscaling }} +{{- if and .Values.frontend.autoscaling .Values.frontend.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "frontend.fullname" . }} + labels: + {{- include "frontend.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "frontend.fullname" . }} + minReplicas: {{ .Values.frontend.autoscaling.minReplicas }} + maxReplicas: {{ .Values.frontend.autoscaling.maxReplicas }} + behavior: + scaleDown: + stabilizationWindowSeconds: 300 + policies: + - type: Percent + value: 10 + periodSeconds: 60 + - type: Pods + value: 2 + periodSeconds: 60 + selectPolicy: Min + scaleUp: + stabilizationWindowSeconds: 0 + policies: + - type: Percent + value: 100 + periodSeconds: 30 + - type: Pods + value: 2 + periodSeconds: 30 + selectPolicy: Max + metrics: + {{- if .Values.frontend.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.frontend.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.frontend.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.frontend.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/quickstart-openshift/templates/frontend/templates/pdb.yaml b/charts/quickstart-openshift/templates/frontend/templates/pdb.yaml new file mode 100644 index 000000000..cfdf97841 --- /dev/null +++ b/charts/quickstart-openshift/templates/frontend/templates/pdb.yaml @@ -0,0 +1,13 @@ +{{- if and .Values.frontend.pdb .Values.frontend.pdb.enabled }} +--- +apiVersion: policy/v1 +metadata: + name: {{ include "frontend.fullname" . }} + labels: + {{- include "frontend.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "frontend.fullname" . }} + minAvailable: {{ .Values.frontend.pdb.minAvailable }} +{{- end }} diff --git a/charts/quickstart-openshift/templates/frontend/templates/route.yaml b/charts/quickstart-openshift/templates/frontend/templates/route.yaml new file mode 100644 index 000000000..5675a8157 --- /dev/null +++ b/charts/quickstart-openshift/templates/frontend/templates/route.yaml @@ -0,0 +1,20 @@ +{{- if .Values.frontend.enabled }} +--- +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + labels: + {{- include "frontend.labels" . | nindent 4 }} + name: {{ include "frontend.fullname" . }} +spec: + host: {{ include "frontend.fullname" . }}.{{ .Values.global.domain }} + port: + targetPort: http + to: + kind: Service + name: {{ include "frontend.fullname" . }} + weight: 100 + tls: + termination: edge + insecureEdgeTerminationPolicy: Redirect +{{- end }} diff --git a/charts/quickstart-openshift/templates/frontend/templates/service.yaml b/charts/quickstart-openshift/templates/frontend/templates/service.yaml new file mode 100644 index 000000000..4ba07f696 --- /dev/null +++ b/charts/quickstart-openshift/templates/frontend/templates/service.yaml @@ -0,0 +1,25 @@ +{{- if .Values.frontend.enabled }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "frontend.fullname" . }} + labels: + {{- include "frontend.labels" . | nindent 4 }} +spec: + type: {{ .Values.frontend.service.type }} + ports: + - name: http + #-- the port for the service. the service will be accessible on this port within the namespace. + port: 80 + #-- the container port where the application is listening on + targetPort: 3000 + #-- the protocol for the port. it can be TCP or UDP. TCP is the default and is recommended. + protocol: TCP + - port: 3003 + targetPort: 3003 + protocol: TCP + name: metrics + selector: + {{- include "frontend.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/charts/quickstart-openshift/templates/secret.yaml b/charts/quickstart-openshift/templates/secret.yaml index 679adc799..6614f7d30 100644 --- a/charts/quickstart-openshift/templates/secret.yaml +++ b/charts/quickstart-openshift/templates/secret.yaml @@ -25,4 +25,12 @@ data: databaseURL: {{ $databaseURL | b64enc | quote }} databaseJDBCURL: {{ $databaseJDBCURL | b64enc | quote }} databaseJDBCURLNoCreds: {{ $databaseJDBCURLNoCreds | b64enc | quote }} + FLYWAY_URL: {{ $databaseJDBCURLNoCreds | b64enc | quote }} + FLYWAY_USER: {{ $databaseUser | b64enc | quote }} + FLYWAY_PASSWORD: {{ $databasePassword | quote }} + POSTGRES_PASSWORD: {{ $databasePassword | quote }} + POSTGRES_USER: {{ $databaseUser | b64enc | quote }} + POSTGRES_DATABASE: {{ $databaseName | b64enc | quote }} + POSTGRES_HOST: {{ $host | b64enc | quote }} + {{- end }} diff --git a/charts/quickstart-openshift/values.yaml b/charts/quickstart-openshift/values.yaml index 49c861eae..d57fd6f9e 100644 --- a/charts/quickstart-openshift/values.yaml +++ b/charts/quickstart-openshift/values.yaml @@ -3,9 +3,9 @@ #-- global variables, can be accessed by sub-charts. global: #-- the registry where the images are stored. override during runtime for other registry at global level or individual level. - repository: + repository: ~ # provide the repo name from where images will be sourced for example bcgo #-- the registry where the images are stored. override during runtime for other registry at global level or individual level. default is ghcr.io - registry: ghcr.io + registry: ghcr.io # ghcr.io for directly streaming from github container registry or "artifacts.developer.gov.bc.ca/github-docker-remote" for artifactory, or any other registry. #-- the tag of the image, it can be latest, 1.0.0 etc..., or the sha256 hash tag: ~ #-- turn off autoscaling for the entire suite by setting this to false. default is true. @@ -19,125 +19,16 @@ global: annotation: helm.sh/policy: "keep" #-- domain of the application, it is required, apps.silver.devops.gov.bc.ca for silver cluster and apps.devops.gov.bc.ca for gold cluster - domain: "apps.silver.devops.gov.bc.ca" - #-- the image registry of OpenShift. It is used in conjunction with ImageStreams which is a OpenShift specific resource. - openshiftImageRegistry: "image-registry.openshift-image-registry.svc:5000" + domain: "apps.silver.devops.gov.bc.ca" # it is apps.gold.devops.gov.bc.ca for gold cluster #-- the database Alias gives a nice way to switch to different databases, crunchy, patroni ... etc. - databaseAlias: bitnami-pg # this is the alias for bitnami postgres, change it based on db type(crunchy,patroni...) and alias used in the chart. - #-- extra annotations for the pod, it is optional and is an object. - podAnnotations: | - app.kubernetes.io/timestamp: {{now | toString }} - imagestreams: - enabled: true + databaseAlias: bitnami-pg #-- the components of the application, backend. backend: - #-- enable or disable a component deployment. + #-- enable or disable backend enabled: true - #-- can be either a statefulSet or a deployment not both. TBD (StatefulSet) - deployment: # can be either a statefulSet or a deployment not both - enabled: true #-- the deployment strategy, can be "Recreate" or "RollingUpdate" deploymentStrategy: type: Recreate - #-- containers specific to the component. one or many containers can be defined. - containers: - #-- name of the container. - - name: backend - #-- the registry where the image is stored. override during runtime for other registry at global level or individual level. - registry: '{{ .Values.global.registry }}' - #-- the repository where the image is stored. override during runtime for other repository at global level or individual level. - repository: '{{ .Values.global.repository }}' - #-- the exact component name, in this case backend. - image: backend - #-- the tag of the image, it can be latest, 1.0.0 etc..., or the sha256 hash - tag: '{{ .Values.global.tag }}' - #-- environment variables for the container. it is optional and is an object. - env: - #-- the environment variables from global secrets, the secret name is auto deciphered from the release name. - fromGlobalSecret: - - name: POSTGRES_PASSWORD - key: password - - name: POSTGRES_USER - key: databaseUser - - name: POSTGRES_DATABASE - key: databaseName - #-- the environment variables from values, these are interpolated during runtime and can contain tpl. - fromValues: - - name: POSTGRES_HOST - value: '{{ .Release.Name }}-{{.Values.global.databaseAlias}}' - #-- the ports for the container. it is optional and is an array of objects. - ports: - - name: http - containerPort: 3000 - protocol: TCP - #-- the resources for the container. it is optional and is an object. for default values check this link: https://github.com/bcgov/helm-service/blob/main/charts/component/templates/deployment.yaml#L298-L304 - resources: # this is optional - limits: - cpu: 250m - memory: 250Mi - requests: - cpu: 100m - memory: 150Mi - #-- the readiness probe for the container. it is optional and is an object. for default values check this link: https://github.com/bcgov/helm-service/blob/main/charts/component/templates/deployment.yaml#L312-L316 - readinessProbe: - httpGet: - path: /api/health - port: 3000 - scheme: HTTP - initialDelaySeconds: 5 - periodSeconds: 2 - timeoutSeconds: 2 - successThreshold: 1 - failureThreshold: 30 - #-- the liveness probe for the container. it is optional and is an object. for default values check this link: https://github.com/bcgov/helm-service/blob/main/charts/component/templates/deployment.yaml#L324-L328 - livenessProbe: - successThreshold: 1 - failureThreshold: 3 - httpGet: - path: /api/health - port: 3000 - scheme: HTTP - initialDelaySeconds: 15 - periodSeconds: 30 - timeoutSeconds: 5 - #-- init containers specific to the component. one or many containers can be defined. - initContainers: - #-- name of the container. - - name: database-migrations - #-- the registry where the image is stored. override during runtime for other registry at global level or individual level. - registry: '{{ .Values.global.registry }}' - #-- the repository where the image is stored. override during runtime for other repository at global level or individual level. - repository: '{{ .Values.global.repository }}' # example, it includes registry and repository - #-- the exact image name, in this case migrations - image: migrations - #-- the tag of the image, it can be latest, 1.0.0 etc..., or the sha256 hash - tag: '{{ .Values.global.tag }}' - #-- the security context for the container. it is optional and is an object. - env: - #-- the environment variables from global secrets, the secret name is auto deciphered from the release name. - fromGlobalSecret: - - name: FLYWAY_PASSWORD - key: databasePassword - - name: FLYWAY_URL - key: databaseJDBCURLNoCreds - - name: FLYWAY_USER - key: databaseUser - #-- the environment variables from values, these are interpolated during runtime and can contain tpl. - fromValues: - - name: FLYWAY_BASELINE_ON_MIGRATE - value: "true" - - name: FLYWAY_DEFAULT_SCHEMA - value: "USERS" - - name: FLYWAY_CONNECT_RETRIES - value: "30" - #-- the resources for the container. it is optional and is an object. for default values check this link: - resources: - limits: - cpu: 500m - memory: 250Mi - requests: - cpu: 200m - memory: 150Mi #-- autoscaling for the component. it is optional and is an object. autoscaling: #-- enable or disable autoscaling. @@ -148,28 +39,6 @@ backend: maxReplicas: 7 #-- the target cpu utilization percentage, is from request cpu and NOT LIMIT CPU. targetCPUUtilizationPercentage: 80 - #-- the behavior for the autoscaling. it is optional and is an object. - behavior: - scaleDown: - stabilizationWindowSeconds: 300 - policies: - - type: Percent - value: 10 - periodSeconds: 60 - - type: Pods - value: 2 - periodSeconds: 60 - selectPolicy: Min - scaleUp: - stabilizationWindowSeconds: 0 - policies: - - type: Percent - value: 100 - periodSeconds: 30 - - type: Pods - value: 2 - periodSeconds: 30 - selectPolicy: Max #-- vault, for injecting secrets from vault. it is optional and is an object. it creates an initContainer which reads from vault and app container can source those secrets. for referring to a working example with vault follow this link: https://github.com/bcgov/onroutebc/blob/main/charts/onroutebc/values.yaml#L171-L186 vault: #-- enable or disable vault. @@ -194,130 +63,21 @@ backend: memory: 25Mi #-- the service for the component. for inter namespace communication, use the service name as the hostname. service: - #-- enable or disable the service. - enabled: true #-- the type of the service. it can be ClusterIP, NodePort, LoadBalancer, ExternalName. ClusterIP is the default and is recommended. type: ClusterIP - #-- the ports for the service. - ports: - #-- the name for the port. - - name: http - #-- the port for the service. the service will be accessible on this port within the namespace. - port: 80 - #-- the container port where the application is listening on. - targetPort: 3000 - protocol: TCP - nodeSelector: { } - tolerations: [ ] - affinity: { } - podAnnotations: | - prometheus.io/scrape: 'true' - prometheus.io/port: '3000' - prometheus.io/path: '/api/metrics' + port: 80 # this is the service port, where it will be exposed internal to the namespace. + targetPort: 3000 # this is container port where app listens on + pdb: + enabled: false # enable it in PRODUCTION for having pod disruption budget. + minAvailable: 1 # the minimum number of pods that must be available during the disruption budget. + frontend: # -- enable or disable a component deployment. enabled: true - # -- can be either a statefulSet or a deployment not both. TBD (StatefulSet) - deployment: # can be either a statefulSet or a deployment not both - enabled: true # -- the deployment strategy, can be "Recreate" or "RollingUpdate" deploymentStrategy: type: Recreate - # -- the configmap specific to the component. - configmap: - # -- enable or disable the configmap. - enabled: true - # -- dat contains key value pairs for the configmap. can contain multiple files. value can be piped as string. - data: - #-- sample to create a config.js object. - config.js: |- - const envConfig = (() => { - return { - "VITE_DEPLOY_ENVIRONMENT":"{{ .Release.Name }}-{{ .Release.Namespace }}" - }; - })(); - #-- sample to create a config.prod.js object. - config.prod.js: |- - const envConfig = (() => { - return { - "VITE_DEPLOY_ENVIRONMENT":"static" - }; - })(); - # -- the containers specific to the component. one or many containers can be defined. - containers: - #-- name of the container. - - name: frontend - #-- the registry where the image is stored. override during runtime for other registry at global level or individual level. - registry: '{{ .Values.global.registry }}' - #-- the repository where the image is stored. override during runtime for other repository at global level or individual level. - repository: '{{ .Values.global.repository }}' # example, it includes registry and repository - #-- the exact component name, in this case frontend. - image: frontend - #-- the tag of the image, it can be latest, 1.0.0 etc..., or the sha256 hash - tag: '{{ .Values.global.tag }}' - #-- the security context for the container. it is optional and is an object. - securityContext: - capabilities: - add: [ "NET_BIND_SERVICE" ] - #-- the environment variables for the container. it is optional and is an object. - env: - #-- the environment variables from values, these are interpolated during runtime and can contain tpl. - fromValues: - - name: BACKEND_URL - value: "http://{{ .Release.Name }}-backend" - - name: LOG_LEVEL - value: "info" - #-- the environment variables from local configmap(configmap associated to the component), these are interpolated during runtime and can contain tpl. - fromLocalConfigmap: - - name: frontend-configmap - key: config.js - - name: frontend-prod-configmap - key: config.prod.js - #-- the ports for the container. it is optional and is an array of objects. - ports: - - name: http - containerPort: 3000 - protocol: TCP - - name: http2 - containerPort: 3001 - protocol: TCP - - name: metrics - containerPort: 3003 - protocol: TCP - #-- the resources for the container. it is optional and is an object. for default values check this link: https://github.com/bcgov/helm-service/blob/main/charts/component/templates/deployment.yaml#L298-L304 - resources: - limits: - cpu: 100m - memory: 150Mi - requests: - cpu: 30m - memory: 50Mi - #-- the readiness probe for the container. it is optional and is an object. for default values check this link: https://github.com/bcgov/helm-service/blob/main/charts/component/templates/deployment.yaml#L312-L316 - readinessProbe: - httpGet: - path: /health - port: 3001 - scheme: HTTP - initialDelaySeconds: 5 - periodSeconds: 2 - timeoutSeconds: 2 - successThreshold: 1 - failureThreshold: 30 - #-- the liveness probe for the container. it is optional and is an object. for default values check this link: https://github.com/bcgov/helm-service/blob/main/charts/component/templates/deployment.yaml#L324-L328 - livenessProbe: - successThreshold: 1 - failureThreshold: 3 - httpGet: - path: /health - port: 3001 - scheme: HTTP - initialDelaySeconds: 15 - periodSeconds: 30 - timeoutSeconds: 5 - podAnnotations: | - prometheus.io/scrape: 'true' - prometheus.io/port: '3003' - prometheus.io/path: '/metrics' + #-- autoscaling for the component. it is optional and is an object. autoscaling: #-- enable or disable autoscaling. @@ -328,28 +88,6 @@ frontend: maxReplicas: 7 #-- the target cpu utilization percentage, is from request cpu and NOT LIMIT CPU. targetCPUUtilizationPercentage: 80 - #-- the behavior for the autoscaling. it is optional and is an object. - behavior: - scaleDown: - stabilizationWindowSeconds: 300 - policies: - - type: Percent - value: 10 - periodSeconds: 60 - - type: Pods - value: 2 - periodSeconds: 60 - selectPolicy: Min - scaleUp: - stabilizationWindowSeconds: 0 - policies: - - type: Percent - value: 100 - periodSeconds: 30 - - type: Pods - value: 2 - periodSeconds: 30 - selectPolicy: Max #-- the service for the component. for inter namespace communication, use the service name as the hostname. service: #-- enable or disable the service. From 8893b48be93805103736a4007a4acf7f4edd67db Mon Sep 17 00:00:00 2001 From: OMPRAKASH MISHRA Date: Thu, 15 Feb 2024 17:33:34 -0800 Subject: [PATCH 02/11] fix: helm charts. Signed-off-by: OMPRAKASH MISHRA --- .../templates/backend/templates/_helpers.tpl | 2 +- .../templates/backend/templates/deployment.yaml | 2 +- .../templates/frontend/templates/_helpers.tpl | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/quickstart-openshift/templates/backend/templates/_helpers.tpl b/charts/quickstart-openshift/templates/backend/templates/_helpers.tpl index 1c1319767..b10861537 100644 --- a/charts/quickstart-openshift/templates/backend/templates/_helpers.tpl +++ b/charts/quickstart-openshift/templates/backend/templates/_helpers.tpl @@ -35,7 +35,7 @@ helm.sh/chart: {{ include "backend.chart" . }} {{- if .Chart.AppVersion }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end }} -app.kubernetes.io/image-version: {{ .Values.backend.image.tag | quote }} +app.kubernetes.io/image-version: {{ .Values.global.tag | quote }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/short-name: {{ include "backend.name" . }} {{- end }} diff --git a/charts/quickstart-openshift/templates/backend/templates/deployment.yaml b/charts/quickstart-openshift/templates/backend/templates/deployment.yaml index 12ce38afc..234143360 100644 --- a/charts/quickstart-openshift/templates/backend/templates/deployment.yaml +++ b/charts/quickstart-openshift/templates/backend/templates/deployment.yaml @@ -29,7 +29,7 @@ spec: {{- end }} initContainers: - name: {{ include "backend.fullname" . }}-init - image: "{{.Values.global.registry}}/{{.Values.global.repository}}/migrations:{{ .Values.backend.image.tag | default .Chart.AppVersion }}" + image: "{{.Values.global.registry}}/{{.Values.global.repository}}/migrations:{{ .Values.global.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ default "IfNotPresent" .Values.backend.image.pullPolicy }} envFrom: - secretRef: diff --git a/charts/quickstart-openshift/templates/frontend/templates/_helpers.tpl b/charts/quickstart-openshift/templates/frontend/templates/_helpers.tpl index 3c45e0d95..853ad31e6 100644 --- a/charts/quickstart-openshift/templates/frontend/templates/_helpers.tpl +++ b/charts/quickstart-openshift/templates/frontend/templates/_helpers.tpl @@ -35,7 +35,7 @@ helm.sh/chart: {{ include "frontend.chart" . }} {{- if .Chart.AppVersion }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end }} -app.kubernetes.io/image-version: {{ .Values.frontend.image.tag | quote }} +app.kubernetes.io/image-version: {{ .Values.global.tag | quote }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/short-name: {{ include "frontend.name" . }} {{- end }} From 2059a7ac9766fff8f18da68001e60c949050867c Mon Sep 17 00:00:00 2001 From: OMPRAKASH MISHRA Date: Thu, 15 Feb 2024 17:50:08 -0800 Subject: [PATCH 03/11] fix: helm charts. Signed-off-by: OMPRAKASH MISHRA --- .../templates/backend/templates/deployment.yaml | 2 +- .../templates/frontend/templates/deployment.yaml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/charts/quickstart-openshift/templates/backend/templates/deployment.yaml b/charts/quickstart-openshift/templates/backend/templates/deployment.yaml index 234143360..290f34be1 100644 --- a/charts/quickstart-openshift/templates/backend/templates/deployment.yaml +++ b/charts/quickstart-openshift/templates/backend/templates/deployment.yaml @@ -30,7 +30,7 @@ spec: initContainers: - name: {{ include "backend.fullname" . }}-init image: "{{.Values.global.registry}}/{{.Values.global.repository}}/migrations:{{ .Values.global.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ default "IfNotPresent" .Values.backend.image.pullPolicy }} + imagePullPolicy: {{ default "IfNotPresent" .Values.backend.imagePullPolicy }} envFrom: - secretRef: name: {{.Release.Name}} diff --git a/charts/quickstart-openshift/templates/frontend/templates/deployment.yaml b/charts/quickstart-openshift/templates/frontend/templates/deployment.yaml index c947f7a00..c55167151 100644 --- a/charts/quickstart-openshift/templates/frontend/templates/deployment.yaml +++ b/charts/quickstart-openshift/templates/frontend/templates/deployment.yaml @@ -34,6 +34,7 @@ spec: {{- toYaml .Values.frontend.securityContext | nindent 12 }} {{- end }} image: {{.Values.global.registry}}/{{.Values.global.repository}}/frontend:{{ .Values.global.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ default "IfNotPresent" .Values.frontend.imagePullPolicy }} env: - name: BACKEND_URL value: "http://{{ .Release.Name }}-backend" From 1b31e89214e97e166618b4f4046f71b8e7a3cbdd Mon Sep 17 00:00:00 2001 From: OMPRAKASH MISHRA Date: Thu, 15 Feb 2024 17:53:22 -0800 Subject: [PATCH 04/11] fix: helm charts. Signed-off-by: OMPRAKASH MISHRA --- .../templates/backend/templates/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/quickstart-openshift/templates/backend/templates/deployment.yaml b/charts/quickstart-openshift/templates/backend/templates/deployment.yaml index 290f34be1..09c2d05ec 100644 --- a/charts/quickstart-openshift/templates/backend/templates/deployment.yaml +++ b/charts/quickstart-openshift/templates/backend/templates/deployment.yaml @@ -55,7 +55,7 @@ spec: {{- toYaml .Values.backend.securityContext | nindent 12 }} {{- end }} image: {{.Values.global.registry}}/{{.Values.global.repository}}/backend:{{ .Values.global.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ default "IfNotPresent" .Values.backend.image.pullPolicy }} + imagePullPolicy: {{ default "IfNotPresent" .Values.backend.imagePullPolicy }} envFrom: - secretRef: name: {{.Release.Name}} From c441f9807cc2a4c53311be7a1115c92c45832edb Mon Sep 17 00:00:00 2001 From: OMPRAKASH MISHRA Date: Thu, 15 Feb 2024 17:55:57 -0800 Subject: [PATCH 05/11] fix: helm charts. Signed-off-by: OMPRAKASH MISHRA --- charts/quickstart-openshift/values.yaml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/charts/quickstart-openshift/values.yaml b/charts/quickstart-openshift/values.yaml index d57fd6f9e..c03a62b44 100644 --- a/charts/quickstart-openshift/values.yaml +++ b/charts/quickstart-openshift/values.yaml @@ -27,8 +27,7 @@ backend: #-- enable or disable backend enabled: true #-- the deployment strategy, can be "Recreate" or "RollingUpdate" - deploymentStrategy: - type: Recreate + deploymentStrategy: Recreate #-- autoscaling for the component. it is optional and is an object. autoscaling: #-- enable or disable autoscaling. @@ -75,8 +74,7 @@ frontend: # -- enable or disable a component deployment. enabled: true # -- the deployment strategy, can be "Recreate" or "RollingUpdate" - deploymentStrategy: - type: Recreate + deploymentStrategy: Recreate #-- autoscaling for the component. it is optional and is an object. autoscaling: From b9d808d9a77f8281b1829a0f061d62ba6bec579c Mon Sep 17 00:00:00 2001 From: OMPRAKASH MISHRA Date: Thu, 15 Feb 2024 17:56:22 -0800 Subject: [PATCH 06/11] fix: helm charts. Signed-off-by: OMPRAKASH MISHRA --- .github/workflows/merge.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/merge.yml b/.github/workflows/merge.yml index 92db154a7..5ff66c877 100644 --- a/.github/workflows/merge.yml +++ b/.github/workflows/merge.yml @@ -49,8 +49,8 @@ jobs: tag: ${{ needs.vars.outputs.pr }} release: prod params: - --set backend.deploymentStrategy.type=RollingUpdate - --set frontend.deploymentStrategy.type=RollingUpdate + --set backend.deploymentStrategy=RollingUpdate + --set frontend.deploymentStrategy=RollingUpdate promote: name: Promote Images From 1140c3b657aaa0979beed21dd204f44cb10d3b0e Mon Sep 17 00:00:00 2001 From: OMPRAKASH MISHRA Date: Thu, 15 Feb 2024 18:03:18 -0800 Subject: [PATCH 07/11] fix: image tags Signed-off-by: OMPRAKASH MISHRA --- .../templates/backend/templates/deployment.yaml | 2 +- .../templates/frontend/templates/deployment.yaml | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/charts/quickstart-openshift/templates/backend/templates/deployment.yaml b/charts/quickstart-openshift/templates/backend/templates/deployment.yaml index 09c2d05ec..41faa70dd 100644 --- a/charts/quickstart-openshift/templates/backend/templates/deployment.yaml +++ b/charts/quickstart-openshift/templates/backend/templates/deployment.yaml @@ -54,7 +54,7 @@ spec: securityContext: {{- toYaml .Values.backend.securityContext | nindent 12 }} {{- end }} - image: {{.Values.global.registry}}/{{.Values.global.repository}}/backend:{{ .Values.global.tag | default .Chart.AppVersion }}" + image: "{{.Values.global.registry}}/{{.Values.global.repository}}/backend:{{ .Values.global.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ default "IfNotPresent" .Values.backend.imagePullPolicy }} envFrom: - secretRef: diff --git a/charts/quickstart-openshift/templates/frontend/templates/deployment.yaml b/charts/quickstart-openshift/templates/frontend/templates/deployment.yaml index c55167151..df73d48d1 100644 --- a/charts/quickstart-openshift/templates/frontend/templates/deployment.yaml +++ b/charts/quickstart-openshift/templates/frontend/templates/deployment.yaml @@ -31,9 +31,10 @@ spec: - name: {{ include "frontend.fullname" . }} {{- if .Values.frontend.securityContext }} securityContext: - {{- toYaml .Values.frontend.securityContext | nindent 12 }} + capabilities: + add: [ "NET_BIND_SERVICE" ] {{- end }} - image: {{.Values.global.registry}}/{{.Values.global.repository}}/frontend:{{ .Values.global.tag | default .Chart.AppVersion }}" + image: "{{.Values.global.registry}}/{{.Values.global.repository}}/frontend:{{ .Values.global.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ default "IfNotPresent" .Values.frontend.imagePullPolicy }} env: - name: BACKEND_URL From 73fd6eeae653195618567c3148828fa46994c41c Mon Sep 17 00:00:00 2001 From: OMPRAKASH MISHRA Date: Fri, 16 Feb 2024 11:06:51 -0800 Subject: [PATCH 08/11] print db url Signed-off-by: OMPRAKASH MISHRA --- backend/src/app.module.ts | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/backend/src/app.module.ts b/backend/src/app.module.ts index a198dff3a..ec4a5a3c8 100644 --- a/backend/src/app.module.ts +++ b/backend/src/app.module.ts @@ -16,7 +16,9 @@ const DB_PWD = encodeURIComponent(process.env.POSTGRES_PASSWORD || "default"); / const DB_PORT = process.env.POSTGRES_PORT || 5432; const DB_NAME = process.env.POSTGRES_DATABASE || "postgres"; const DB_SCHEMA = process.env.DB_SCHEMA || "users"; - +const dataSourceURL = `postgresql://${DB_USER}:${DB_PWD}@${DB_HOST}:${DB_PORT}/${DB_NAME}?schema=${DB_SCHEMA}&connection_limit=5`; +const logger = new Logger("HTTP"); +logger.log(`dataSourceURL: ${dataSourceURL}`); function getMiddlewares() { if (process.env.PRISMA_LOGGING) { return [ From d78ae91304c81c612c31e091df68c175789958a7 Mon Sep 17 00:00:00 2001 From: OMPRAKASH MISHRA Date: Fri, 16 Feb 2024 11:59:13 -0800 Subject: [PATCH 09/11] print db url Signed-off-by: OMPRAKASH MISHRA --- charts/quickstart-openshift/templates/secret.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/charts/quickstart-openshift/templates/secret.yaml b/charts/quickstart-openshift/templates/secret.yaml index 6614f7d30..ad8ff9fc9 100644 --- a/charts/quickstart-openshift/templates/secret.yaml +++ b/charts/quickstart-openshift/templates/secret.yaml @@ -7,6 +7,7 @@ {{- $databasePassword = (get $secretData "databasePassword") | default ($databasePassword | b64enc) }} {{- $databaseName := .Values.global.secrets.databaseName| default "quickstart" }} {{- $host := printf "%s-%s:5432" .Release.Name .Values.global.databaseAlias }} +{{- $hostWithoutPort := printf "%s-%s" .Release.Name .Values.global.databaseAlias }} {{- $databaseURL := printf "postgresql://%s:%s@%s/%s" $databaseUser (b64dec $databasePassword) $host $databaseName }} {{- $databaseJDBCURL := printf "jdbc:postgresql://%s:%s@%s/%s" $databaseUser (b64dec $databasePassword) $host $databaseName }} {{- $databaseJDBCURLNoCreds := printf "jdbc:postgresql://%s/%s" $host $databaseName }} @@ -31,6 +32,6 @@ data: POSTGRES_PASSWORD: {{ $databasePassword | quote }} POSTGRES_USER: {{ $databaseUser | b64enc | quote }} POSTGRES_DATABASE: {{ $databaseName | b64enc | quote }} - POSTGRES_HOST: {{ $host | b64enc | quote }} + POSTGRES_HOST: {{ $hostWithoutPort | b64enc | quote }} {{- end }} From a81854a41101228a09382a44a7de75c3b8d507d6 Mon Sep 17 00:00:00 2001 From: OMPRAKASH MISHRA Date: Fri, 16 Feb 2024 12:29:54 -0800 Subject: [PATCH 10/11] remove logger Signed-off-by: OMPRAKASH MISHRA --- backend/src/app.module.ts | 2 -- 1 file changed, 2 deletions(-) diff --git a/backend/src/app.module.ts b/backend/src/app.module.ts index ec4a5a3c8..472e5da0e 100644 --- a/backend/src/app.module.ts +++ b/backend/src/app.module.ts @@ -17,8 +17,6 @@ const DB_PORT = process.env.POSTGRES_PORT || 5432; const DB_NAME = process.env.POSTGRES_DATABASE || "postgres"; const DB_SCHEMA = process.env.DB_SCHEMA || "users"; const dataSourceURL = `postgresql://${DB_USER}:${DB_PWD}@${DB_HOST}:${DB_PORT}/${DB_NAME}?schema=${DB_SCHEMA}&connection_limit=5`; -const logger = new Logger("HTTP"); -logger.log(`dataSourceURL: ${dataSourceURL}`); function getMiddlewares() { if (process.env.PRISMA_LOGGING) { return [ From 13d3658245bd6209dd665b97ffe31d1e3dbadeac Mon Sep 17 00:00:00 2001 From: OMPRAKASH MISHRA Date: Fri, 16 Feb 2024 12:40:45 -0800 Subject: [PATCH 11/11] add securitycontext for frontend Signed-off-by: OMPRAKASH MISHRA --- .../templates/frontend/templates/deployment.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/charts/quickstart-openshift/templates/frontend/templates/deployment.yaml b/charts/quickstart-openshift/templates/frontend/templates/deployment.yaml index df73d48d1..dfe4c029b 100644 --- a/charts/quickstart-openshift/templates/frontend/templates/deployment.yaml +++ b/charts/quickstart-openshift/templates/frontend/templates/deployment.yaml @@ -29,11 +29,9 @@ spec: {{- end }} containers: - name: {{ include "frontend.fullname" . }} - {{- if .Values.frontend.securityContext }} securityContext: capabilities: add: [ "NET_BIND_SERVICE" ] - {{- end }} image: "{{.Values.global.registry}}/{{.Values.global.repository}}/frontend:{{ .Values.global.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ default "IfNotPresent" .Values.frontend.imagePullPolicy }} env: