From 331a5232f9af4f9b01db6ce0495c811e758ab8a5 Mon Sep 17 00:00:00 2001 From: Thomas von Dein Date: Fri, 31 Mar 2023 15:17:49 +0200 Subject: [PATCH 01/13] fix gofmt warnings and misspellings --- api/auth.go | 3 +-- api/cleaner.go | 1 - api/db.go | 1 - api/db_test.go | 1 - api/fileio.go | 1 - api/form_handlers.go | 3 +-- api/mail.go | 1 - api/server.go | 1 - api/upload_handlers.go | 3 +-- api/utils.go | 1 - common/timestamp.go | 1 - common/types.go | 1 - common/utils.go | 1 - main.go | 1 - upctl/lib/client.go | 1 - upctl/lib/client_test.go | 1 - upctl/lib/output.go | 1 - upctl/main.go | 1 - 18 files changed, 3 insertions(+), 21 deletions(-) diff --git a/api/auth.go b/api/auth.go index afc79c1..04f0ab5 100644 --- a/api/auth.go +++ b/api/auth.go @@ -14,7 +14,6 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ - package api import ( @@ -108,7 +107,7 @@ func AuthValidateAPIKey(c *fiber.Ctx, key string) (bool, error) { return true, nil } - // actual key comparision + // actual key comparison for _, apicontext := range Apikeys { hashedAPIKey := sha256.Sum256([]byte(apicontext.Key)) hashedKey := sha256.Sum256([]byte(key)) diff --git a/api/cleaner.go b/api/cleaner.go index dc97710..dc33f18 100644 --- a/api/cleaner.go +++ b/api/cleaner.go @@ -14,7 +14,6 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ - package api import ( diff --git a/api/db.go b/api/db.go index ae68159..0b988e3 100644 --- a/api/db.go +++ b/api/db.go @@ -14,7 +14,6 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ - package api import ( diff --git a/api/db_test.go b/api/db_test.go index 4227412..3916099 100644 --- a/api/db_test.go +++ b/api/db_test.go @@ -14,7 +14,6 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ - package api import ( diff --git a/api/fileio.go b/api/fileio.go index 8018488..057cd86 100644 --- a/api/fileio.go +++ b/api/fileio.go @@ -14,7 +14,6 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ - package api import ( diff --git a/api/form_handlers.go b/api/form_handlers.go index 2c9536c..327a844 100644 --- a/api/form_handlers.go +++ b/api/form_handlers.go @@ -14,7 +14,6 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ - package api import ( @@ -63,7 +62,7 @@ func FormCreate(c *fiber.Ctx, cfg *cfg.Config, db *Db) error { } entry.Context = apicontext - // extract auxilliary form data (expire field et al) + // extract auxiliary form data (expire field et al) if err := c.BodyParser(&formdata); err != nil { return JsonStatus(c, fiber.StatusInternalServerError, "bodyparser error : "+err.Error()) diff --git a/api/mail.go b/api/mail.go index 894eadb..5f85c46 100644 --- a/api/mail.go +++ b/api/mail.go @@ -14,7 +14,6 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ - package api import ( diff --git a/api/server.go b/api/server.go index 5e7fe99..e6d3ab0 100644 --- a/api/server.go +++ b/api/server.go @@ -14,7 +14,6 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ - package api import ( diff --git a/api/upload_handlers.go b/api/upload_handlers.go index 16bfbe4..ca57e11 100644 --- a/api/upload_handlers.go +++ b/api/upload_handlers.go @@ -14,7 +14,6 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ - package api import ( @@ -86,7 +85,7 @@ func UploadPost(c *fiber.Ctx, cfg *cfg.Config, db *Db) error { } entry.Members = members - // extract auxilliary form data (expire field et al) + // extract auxiliary form data (expire field et al) if err := c.BodyParser(&formdata); err != nil { return JsonStatus(c, fiber.StatusInternalServerError, "bodyparser error : "+err.Error()) diff --git a/api/utils.go b/api/utils.go index f662c9b..ac93eba 100644 --- a/api/utils.go +++ b/api/utils.go @@ -14,7 +14,6 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ - package api import ( diff --git a/common/timestamp.go b/common/timestamp.go index 4c9531f..4419b0f 100644 --- a/common/timestamp.go +++ b/common/timestamp.go @@ -14,7 +14,6 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ - package common import ( diff --git a/common/types.go b/common/types.go index a380042..e762374 100644 --- a/common/types.go +++ b/common/types.go @@ -14,7 +14,6 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ - package common import ( diff --git a/common/utils.go b/common/utils.go index 406bbd9..76d2b97 100644 --- a/common/utils.go +++ b/common/utils.go @@ -14,7 +14,6 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ - package common import ( diff --git a/main.go b/main.go index 6957212..91bf484 100644 --- a/main.go +++ b/main.go @@ -14,7 +14,6 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ - package main import ( diff --git a/upctl/lib/client.go b/upctl/lib/client.go index cc90f8d..1ba6537 100644 --- a/upctl/lib/client.go +++ b/upctl/lib/client.go @@ -14,7 +14,6 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ - package lib import ( diff --git a/upctl/lib/client_test.go b/upctl/lib/client_test.go index 3b92a22..2912210 100644 --- a/upctl/lib/client_test.go +++ b/upctl/lib/client_test.go @@ -14,7 +14,6 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ - package lib import ( diff --git a/upctl/lib/output.go b/upctl/lib/output.go index cdc26ad..57c56d1 100644 --- a/upctl/lib/output.go +++ b/upctl/lib/output.go @@ -14,7 +14,6 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ - package lib import ( diff --git a/upctl/main.go b/upctl/main.go index a7aa748..3cd2db7 100644 --- a/upctl/main.go +++ b/upctl/main.go @@ -14,7 +14,6 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ - package main import ( From b5cdcdde299ed8f16fc68a4c1cd6338469e4f0f4 Mon Sep 17 00:00:00 2001 From: Thomas von Dein Date: Wed, 13 Sep 2023 20:33:21 +0200 Subject: [PATCH 02/13] build real statics --- Makefile | 3 ++- mkrel.sh | 7 +++++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index 1a4c92d..553142f 100644 --- a/Makefile +++ b/Makefile @@ -45,7 +45,8 @@ buildlocalctl: make -C upctl buildlocal: - go build -ldflags "-X 'github.com/tlinden/ephemerup/cfg.VERSION=$(VERSION)'" -o $(DAEMON) +# go build -ldflags "-X 'github.com/tlinden/ephemerup/cfg.VERSION=$(VERSION)'" -o $(DAEMON) + CGO_LDFLAGS='-static' go build -tags osusergo,netgo -ldflags "-extldflags=-static -s -X 'github.com/tlinden/ephemerup/cfg.VERSION=$(VERSION)'" -o $(DAEMON) buildimage: clean docker-compose --verbose build diff --git a/mkrel.sh b/mkrel.sh index 158e2ba..e06b02f 100755 --- a/mkrel.sh +++ b/mkrel.sh @@ -44,9 +44,12 @@ for D in $DIST; do tarfile="releases/${daemon}-${os}-${arch}-${version}.tar.gz" set -x - GOOS=${os} GOARCH=${arch} go build -o ${binfile} -ldflags "-X 'github.com/tlinden/ephemerup/cfg.VERSION=${version}'" + GOOS=${os} GOARCH=${arch} CGO_LDFLAGS='-static' go build -tags osusergo,netgo -ldflags \ + "-extldflags=-static -s -X 'github.com/tlinden/ephemerup/cfg.VERSION=${version}'" -o ${binfile} + #GOOS=${os} GOARCH=${arch} go build -o ${binfile} -ldflags "-X 'github.com/tlinden/ephemerup/cfg.VERSION=${version}'" cd $client - GOOS=${os} GOARCH=${arch} go build -o ../${clientfile} -ldflags "-X 'github.com/tlinden/ephemerup/upctl/cfg.VERSION=${version}'" + GOOS=${os} GOARCH=${arch} go build -o ../${clientfile} -ldflags \ + "-X 'github.com/tlinden/ephemerup/upctl/cfg.VERSION=${version}'" cd - mkdir -p ${tardir} From 45fb3a7b2c82ea15dff9155d8cde4385cdf6665a Mon Sep 17 00:00:00 2001 From: Thomas von Dein Date: Thu, 21 Sep 2023 19:28:21 +0200 Subject: [PATCH 03/13] + helm chart --- charts/cm.yaml | 24 + charts/ephemerup/.helmignore | 21 + charts/ephemerup/Chart.yaml | 21 + charts/ephemerup/README.md | 121 +++++ charts/ephemerup/templates/NOTES.txt | 51 ++ charts/ephemerup/templates/_helpers.tpl | 8 + charts/ephemerup/templates/configmap.yaml | 36 ++ charts/ephemerup/templates/ingress.yaml | 63 +++ charts/ephemerup/templates/secrets.yaml | 18 + .../ephemerup/templates/service-monitor.yaml | 33 ++ charts/ephemerup/templates/service.yaml | 49 ++ charts/ephemerup/templates/statefulset.yaml | 130 +++++ charts/ephemerup/values.schema.json | 12 + charts/ephemerup/values.yaml | 480 ++++++++++++++++++ 14 files changed, 1067 insertions(+) create mode 100644 charts/cm.yaml create mode 100644 charts/ephemerup/.helmignore create mode 100644 charts/ephemerup/Chart.yaml create mode 100644 charts/ephemerup/README.md create mode 100644 charts/ephemerup/templates/NOTES.txt create mode 100644 charts/ephemerup/templates/_helpers.tpl create mode 100644 charts/ephemerup/templates/configmap.yaml create mode 100644 charts/ephemerup/templates/ingress.yaml create mode 100644 charts/ephemerup/templates/secrets.yaml create mode 100644 charts/ephemerup/templates/service-monitor.yaml create mode 100644 charts/ephemerup/templates/service.yaml create mode 100644 charts/ephemerup/templates/statefulset.yaml create mode 100644 charts/ephemerup/values.schema.json create mode 100644 charts/ephemerup/values.yaml diff --git a/charts/cm.yaml b/charts/cm.yaml new file mode 100644 index 0000000..3d62ae0 --- /dev/null +++ b/charts/cm.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: eph-ephemerup-config + namespace: "eph" + labels: + app.kubernetes.io/name: ephemerup + helm.sh/chart: ephemerup-1.0.0 + app.kubernetes.io/instance: eph + app.kubernetes.io/managed-by: Helm + annotations: + app: ephemerup +data: + listen = "8080" + bodylimit = "1024" + super = "root" + mail = { + server = + port = + from = + password = + } + apicontexts = [ + ] diff --git a/charts/ephemerup/.helmignore b/charts/ephemerup/.helmignore new file mode 100644 index 0000000..f0c1319 --- /dev/null +++ b/charts/ephemerup/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/ephemerup/Chart.yaml b/charts/ephemerup/Chart.yaml new file mode 100644 index 0000000..f804290 --- /dev/null +++ b/charts/ephemerup/Chart.yaml @@ -0,0 +1,21 @@ +apiVersion: v2 +name: ephemerup +description: | + A Helm chart for Ephemerup. + +type: application + +sources: + - https://github.com/tlinden/ephemerup + +version: 1.0.0 + +appVersion: "0.0.2" + +dependencies: + - name: common + repository: https://charts.bitnami.com/bitnami + tags: + - bitnami-common + version: 1.x.x +# icon: "" diff --git a/charts/ephemerup/README.md b/charts/ephemerup/README.md new file mode 100644 index 0000000..8b739af --- /dev/null +++ b/charts/ephemerup/README.md @@ -0,0 +1,121 @@ +# ephemerup + +A Helm chart for ephemerup + +## Source Code + +* + +## Requirements + +| Repository | Name | Version | +|------------|------|---------| +| https://charts.bitnami.com/bitnami | common | 1.x.x | + +## Values + +| Key | Type | Description | Default | +|---------------------------------------------------|--------|-----------------------------------------------------------|-----------------------| +| kubeVersion | string | | `""` | +| nameOverride | string | | `""` | +| fullnameOverride | string | | `""` | +| namespaceOverride | string | | `""` | +| commonLabels | object | | `{}` | +| commonAnnotations.app | string | | `"ephemerup"` | +| clusterDomain | string | | `"cluster.local"` | +| logLevel | string | | `"info"` | +| image.registry | string | | `"docker.io"` | +| image.repository | string | | `"tlinden/ephemerup"` | +| image.tag | string | | `"latest"` | +| image.pullPolicy | string | | `"IfNotPresent"` | +| image.pullSecrets | list | | `[]` | +| secrets | object | | `{}` | +| mountSecrets | list | | `[]` | +| env | list | | `[]` | +| config | object | Backup plans. For details, see [values.yaml](values.yaml) | `{}` | +| replicaCount | int | | `1` | +| sidecars | list | | `[]` | +| lifecycleHooks | object | | `{}` | +| podAnnotations | object | | `{}` | +| podLabels | object | | `{}` | +| updateStrategy.type | string | | `"RollingUpdate"` | +| podAffinityPreset | string | | `""` | +| podAntiAffinityPreset | string | | `"soft"` | +| nodeAffinityPreset.type | string | | `""` | +| nodeAffinityPreset.key | string | | `""` | +| nodeAffinityPreset.values | list | | `[]` | +| affinity | object | | `{}` | +| nodeSelector | object | | `{}` | +| tolerations | list | | `[]` | +| resources.limits.cpu | string | | `"500m"` | +| resources.limits.memory | string | | `"256Mi"` | +| resources.requests.cpu | string | | `"100m"` | +| resources.requests.memory | string | | `"128Mi"` | +| podSecurityContext.fsGroup | int | | `65534` | +| containerSecurityContext.enabled | bool | | `false` | +| containerSecurityContext.allowPrivilegeEscalation | bool | | `false` | +| containerSecurityContext.capabilities.drop[0] | string | | `"ALL"` | +| containerSecurityContext.privileged | bool | | `false` | +| containerSecurityContext.runAsUser | int | | `0` | +| containerSecurityContext.runAsNonRoot | bool | | `false` | +| livenessProbe.enabled | bool | | `true` | +| livenessProbe.initialDelaySeconds | int | | `5` | +| livenessProbe.timeoutSeconds | int | | `1` | +| livenessProbe.periodSeconds | int | | `20` | +| livenessProbe.failureThreshold | int | | `6` | +| livenessProbe.successThreshold | int | | `1` | +| readinessProbe.enabled | bool | | `true` | +| readinessProbe.initialDelaySeconds | int | | `5` | +| readinessProbe.timeoutSeconds | int | | `1` | +| readinessProbe.periodSeconds | int | | `20` | +| readinessProbe.failureThreshold | int | | `6` | +| readinessProbe.successThreshold | int | | `1` | +| startupProbe.enabled | bool | | `true` | +| startupProbe.initialDelaySeconds | int | | `10` | +| startupProbe.timeoutSeconds | int | | `1` | +| startupProbe.periodSeconds | int | | `20` | +| startupProbe.failureThreshold | int | | `6` | +| startupProbe.successThreshold | int | | `1` | +| customLivenessProbe | object | | `{}` | +| customStartupProbe | object | | `{}` | +| customReadinessProbe | object | | `{}` | +| service.type | string | | `"ClusterIP"` | +| service.ports.http | int | | `8090` | +| service.nodePorts.http | string | | `""` | +| service.clusterIP | string | | `""` | +| service.extraPorts | list | | `[]` | +| service.loadBalancerIP | string | | `""` | +| service.loadBalancerSourceRanges | list | | `[]` | +| service.externalTrafficPolicy | string | | `"Cluster"` | +| service.annotations | object | | `{}` | +| service.sessionAffinity | string | | `"None"` | +| service.sessionAffinityConfig | object | | `{}` | +| ingress.enabled | bool | | `false` | +| ingress.pathType | string | | `"Prefix"` | +| ingress.apiVersion | string | | `""` | +| ingress.hostname | string | | `"ephemerup.local"` | +| ingress.path | string | | `"/"` | +| ingress.annotations | object | | `{}` | +| ingress.tls | bool | | `false` | +| ingress.tlsSecretName | string | | `""` | +| ingress.extraPaths | list | | `[]` | +| ingress.selfSigned | bool | | `false` | +| ingress.ingressClassName | string | | `"nginx"` | +| ingress.extraHosts | list | | `[]` | +| ingress.extraTls | list | | `[]` | +| ingress.secrets | list | | `[]` | +| ingress.extraRules | list | | `[]` | +metrics.serviceMonitor.enabled | bool | `true` | | +| metrics.serviceMonitor.port | string | `"http"` | | +| metrics.serviceMonitor.namespace | string | `""` | | +| metrics.serviceMonitor.interval | string | `"30s"` | | +| metrics.serviceMonitor.scrapeTimeout | string | `"10s"` | | +| storage.longTerm | object | `{"name":"ephemerup-storage","spec":{"accessModes":["ReadWriteOnce"],"resources":{"requests":{"storage":"100Gi"}},"storageClassName":"standard"}}` | Persistent volume for backups, see `config.retention` | +| storage.tmp | object | `{"name":"ephemerup-tmp","spec":{"accessModes":["ReadWriteOnce"],"resources":{"requests":{"storage":"10Gi"}},"storageClassName":"standard"}}` | Persistent volume for temporary files | +| storage.restoreTmp.name | string | `"ephemerup-restore-tmp"` | | +| storage.restoreTmp.spec.accessModes[0] | string | `"ReadWriteOnce"` | | +| storage.restoreTmp.spec.resources.requests.storage | string | `"100Gi"` | | +| storage.restoreTmp.spec.storageClassName | string | `"standard"` | | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) diff --git a/charts/ephemerup/templates/NOTES.txt b/charts/ephemerup/templates/NOTES.txt new file mode 100644 index 0000000..2f66bb5 --- /dev/null +++ b/charts/ephemerup/templates/NOTES.txt @@ -0,0 +1,51 @@ +CHART NAME: {{ .Chart.Name }} +CHART VERSION: {{ .Chart.Version }} +APP VERSION: {{ .Chart.AppVersion }} + +** Please be patient while the chart is being deployed ** + +Application can be accessed through the following DNS name from within your cluster: + + {{ include "common.names.fullname" . }}.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }} (port {{ .Values.service.ports.http }}) + +To access Application from outside the cluster execute the following commands: + +{{- if .Values.ingress.enabled }} + +1. Get the Application URL and associate its hostname to your cluster external IP: + + export CLUSTER_IP=$(minikube ip) # On Minikube. Use: `kubectl cluster-info` on others K8s clusters + echo "Application URL: http{{ if .Values.ingress.tls }}s{{ end }}://{{ .Values.ingress.hostname }}" + echo "$CLUSTER_IP {{ .Values.ingress.hostname }}" | sudo tee -a /etc/hosts + +{{- else }} + +1. Get the Application URL by running these commands: + +{{- if contains "NodePort" .Values.service.type }} + + export NODE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.names.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo "http://${NODE_IP}:${NODE_PORT}" + +{{- else if contains "LoadBalancer" .Values.service.type }} + + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ include "common.names.namespace" . }} svc -w {{ include "common.names.fullname" . }}' + + export SERVICE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[0].port}" services {{ include "common.names.fullname" . }}) + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.names.namespace" . }} {{ include "common.names.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo "http://${SERVICE_IP}:${SERVICE_PORT}" + +{{- else if contains "ClusterIP" .Values.service.type }} + + export SERVICE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[0].port}" services {{ include "common.names.fullname" . }}) + kubectl port-forward --namespace {{ include "common.names.namespace" . }} svc/{{ include "common.names.fullname" . }} ${SERVICE_PORT}:${SERVICE_PORT} & + echo "http://127.0.0.1:${SERVICE_PORT}" + +{{- end }} +{{- end }} + +2. Access Application using the obtained URL. + +{{- include "common.warnings.rollingTag" .Values.image }} \ No newline at end of file diff --git a/charts/ephemerup/templates/_helpers.tpl b/charts/ephemerup/templates/_helpers.tpl new file mode 100644 index 0000000..7d2ec6f --- /dev/null +++ b/charts/ephemerup/templates/_helpers.tpl @@ -0,0 +1,8 @@ +{{/* + Return the proper image name +*/}} +{{- define "ephemerup.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }} +{{- end -}} + + diff --git a/charts/ephemerup/templates/configmap.yaml b/charts/ephemerup/templates/configmap.yaml new file mode 100644 index 0000000..6aa8831 --- /dev/null +++ b/charts/ephemerup/templates/configmap.yaml @@ -0,0 +1,36 @@ +{{- if (.Values.config) }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "common.names.fullname" . }}-config + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + ephemerup.hcl: |- + listen = {{ .Values.config.listen | quote }} + bodylimit = {{ .Values.config.bodylimit | quote }} + {{- if .Values.config.url }} + url = {{ .Values.config.url | quote }} + {{- end }} + super = {{ .Values.config.super | quote }} + mail = { + server = {{ .Values.config.mail.server | quote }} + port = {{ .Values.config.mail.port | quote }} + from = {{ .Values.config.mail.from | quote }} + password = {{ .Values.config.password | quote }} + } + apicontexts = [ + {{- range $context := .Values.config.apicontexts }} + { + context = {{ $context.context | quote }} + key = {{ $context.key | quote }} + } + {{- end }} + ] +{{- end }} diff --git a/charts/ephemerup/templates/ingress.yaml b/charts/ephemerup/templates/ingress.yaml new file mode 100644 index 0000000..6164d19 --- /dev/null +++ b/charts/ephemerup/templates/ingress.yaml @@ -0,0 +1,63 @@ +{{- if .Values.ingress.enabled -}} +apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }} +kind: Ingress +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + annotations: + {{- if .Values.ingress.certManager }} + kubernetes.io/tls-acme: "true" + {{- end }} + {{- if .Values.ingress.annotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.ingress.annotations "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.ingressClassName (include "common.ingress.supportsIngressClassname" .) }} + ingressClassName: {{ .Values.ingress.ingressClassName | quote }} + {{- end }} + rules: + {{- if .Values.ingress.hostname }} + - host: {{ .Values.ingress.hostname }} + http: + paths: + {{- if .Values.ingress.extraPaths }} + {{- toYaml .Values.ingress.extraPaths | nindent 10 }} + {{- end }} + - path: {{ .Values.ingress.path }} + {{- if eq "true" (include "common.ingress.supportsPathType" .) }} + pathType: {{ .Values.ingress.pathType }} + {{- end }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" .) "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + {{- range .Values.ingress.extraHosts }} + - host: {{ .name }} + http: + paths: + - path: {{ default "/" .path }} + {{- if eq "true" (include "common.ingress.supportsPathType" $) }} + pathType: {{ default "ImplementationSpecific" .pathType }} + {{- end }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" $) "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + {{- if .Values.ingress.extraRules }} + {{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraRules "context" $) | nindent 4 }} + {{- end }} + {{- if or .Values.ingress.tls .Values.ingress.extraTls .Values.ingress.hosts }} + tls: + {{- if .Values.ingress.tls }} + - hosts: + - {{ .Values.ingress.hostname }} + secretName: {{ default (printf "%s-tls" .Values.ingress.hostname) .Values.ingress.tlsSecretName }} + {{- end }} + {{- if .Values.ingress.extraTls }} + {{- toYaml .Values.ingress.extraTls | nindent 4 }} + {{- end }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/ephemerup/templates/secrets.yaml b/charts/ephemerup/templates/secrets.yaml new file mode 100644 index 0000000..c95b3a8 --- /dev/null +++ b/charts/ephemerup/templates/secrets.yaml @@ -0,0 +1,18 @@ +{{- if .Values.secrets }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "common.names.fullname" . }}-config + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: +{{- with .Values.secrets }} +{{ toYaml . | nindent 2 }} +{{- end }} +{{ end }} \ No newline at end of file diff --git a/charts/ephemerup/templates/service-monitor.yaml b/charts/ephemerup/templates/service-monitor.yaml new file mode 100644 index 0000000..293112c --- /dev/null +++ b/charts/ephemerup/templates/service-monitor.yaml @@ -0,0 +1,33 @@ + +{{- if .Values.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "common.names.fullname" . }}-sm + {{- if .Values.metrics.serviceMonitor.namespace }} + namespace: {{ .Values.metrics.serviceMonitor.namespace }} + {{- end }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + selector: + matchLabels: + {{- include "common.labels.standard" . | nindent 6 }} + endpoints: + - path: /metrics + port: {{ .Values.metrics.serviceMonitor.port }} + {{- if .Values.metrics.serviceMonitor.interval }} + interval: {{ .Values.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/charts/ephemerup/templates/service.yaml b/charts/ephemerup/templates/service.yaml new file mode 100644 index 0000000..2ae2000 --- /dev/null +++ b/charts/ephemerup/templates/service.yaml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + annotations: + {{- if .Values.service.annotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.service.annotations "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.service.type }} + {{- if and .Values.service.clusterIP (eq .Values.service.type "ClusterIP") }} + clusterIP: {{ .Values.service.clusterIP }} + {{- end }} + {{- if and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP)) }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} + {{- end }} + {{- if and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerSourceRanges)) }} + loadBalancerSourceRanges: {{ .Values.service.loadBalancerSourceRanges }} + {{- end }} + {{- if or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort") }} + externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | quote }} + {{- end }} + {{- if .Values.service.sessionAffinity }} + sessionAffinity: {{ .Values.service.sessionAffinity }} + {{- end }} + {{- if .Values.service.sessionAffinityConfig }} + sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.service.sessionAffinityConfig "context" $) | nindent 4 }} + {{- end }} + ports: + - name: http + port: {{ .Values.service.ports.http }} + targetPort: http + {{- if (and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.http))) }} + nodePort: {{ .Values.service.nodePorts.http }} + {{- else if eq .Values.service.type "ClusterIP" }} + nodePort: null + {{- end }} + {{- if .Values.service.extraPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.service.extraPorts "context" $) | nindent 4 }} + {{- end }} + selector: {{- include "common.labels.matchLabels" . | nindent 4 }} \ No newline at end of file diff --git a/charts/ephemerup/templates/statefulset.yaml b/charts/ephemerup/templates/statefulset.yaml new file mode 100644 index 0000000..f8d4a06 --- /dev/null +++ b/charts/ephemerup/templates/statefulset.yaml @@ -0,0 +1,130 @@ +{{- $fullName := include "common.names.fullname" . -}} +apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} +kind: StatefulSet +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + serviceName: {{ include "common.names.fullname" . }} + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }} + template: + metadata: + annotations: + checksum/configMap: {{ toYaml .Values.config | sha256sum }} + {{- if .Values.podAnnotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }} + {{- end }} + labels: {{- include "common.labels.standard" . | nindent 8 }} + {{- if .Values.podLabels }} + {{- include "common.tplvalues.render" (dict "value" .Values.podLabels "context" $) | nindent 8 }} + {{- end }} + spec: + containers: + - name: ephemerup + image: {{ include "ephemerup.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote}} + args: + - "-LogLevel={{ .Values.logLevel }}" + env: + {{- range $envVar := .Values.env }} + - name: {{ $envVar.name }} + value: {{ $envVar.value }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.service.ports.http }} + protocol: TCP + {{- if .Values.livenessProbe.enabled }} + livenessProbe: + httpGet: + port: http + path: /status + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.livenessProbe.failureThreshold }} + {{- else if .Values.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.readinessProbe.enabled }} + readinessProbe: + httpGet: + port: http + path: /status + initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.readinessProbe.failureThreshold }} + {{- else if .Values.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.startupProbe.enabled }} + startupProbe: + tcpSocket: + port: http + initialDelaySeconds: {{ .Values.startupProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.startupProbe.periodSeconds }} + timeoutSeconds: {{ .Values.startupProbe.timeoutSeconds }} + successThreshold: {{ .Values.startupProbe.successThreshold }} + failureThreshold: {{ .Values.startupProbe.failureThreshold }} + {{- else if .Values.customStartupProbe }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customStartupProbe "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.resources }} + resources: {{- toYaml .Values.resources | nindent 12 }} + {{- end }} + {{- if .Values.containerSecurityContext.enabled }} + securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 10 }} + {{- end }} + volumeMounts: + - name: "ephemerup-storage" + mountPath: "/storage" + - name: "ephemerup-tmp" + mountPath: "/tmp" + - name: "ephemerup-tmp" + mountPath: "/data" + - mountPath: "/config/ephemerup.hcl" + name: config + subPath: "ephemerup.hcl" + {{- range $secret := .Values.mountSecrets }} + - mountPath: "/secret/{{ $secret.name }}" + name: {{ $secret.name }} + {{- end }} + + securityContext: + {{ toYaml .Values.podSecurityContext | nindent 8 | trim }} + {{- if .Values.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.nodeSelector "context" $) | nindent 8 }} + {{- end }} + volumes: + - name: config + configMap: + name: {{ template "common.names.fullname" . }}-config + items: + - key: ephemerup.hcl + path: ephemerup.hcl + {{- range $secret := .Values.mountSecrets }} + - name: {{ $secret.name }} + secret: + secretName: {{ $secret.name }} + {{- end }} + volumeClaimTemplates: + - metadata: + name: {{ .Values.storage.longTerm.name }} + spec: + {{ toYaml .Values.storage.longTerm.spec | nindent 6 | trim }} + - metadata: + name: {{ .Values.storage.tmp.name }} + spec: + {{ toYaml .Values.storage.tmp.spec | nindent 6 | trim }} diff --git a/charts/ephemerup/values.schema.json b/charts/ephemerup/values.schema.json new file mode 100644 index 0000000..545568d --- /dev/null +++ b/charts/ephemerup/values.schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "https://json-schema.org/draft-07/schema#", + "title": "Values schema", + "type": "object", + "properties": { + "replicaCount": { + "type": "integer", + "enum": [0, 1] + } + }, + "required": ["replicaCount"] +} \ No newline at end of file diff --git a/charts/ephemerup/values.yaml b/charts/ephemerup/values.yaml new file mode 100644 index 0000000..79f156f --- /dev/null +++ b/charts/ephemerup/values.yaml @@ -0,0 +1,480 @@ +## @section Common parameters +## + +## @param kubeVersion Override Kubernetes version +## +kubeVersion: "" +## @param nameOverride String to partially override aspnet-core.fullname +## +nameOverride: "" +## @param fullnameOverride String to fully override aspnet-core.fullname +## +fullnameOverride: "" +## @param namespaceOverride String to fully override common.names.namespace +## +namespaceOverride: "" +## @param commonLabels Labels to add to all deployed objects +## +commonLabels: {} +## @param commonAnnotations Annotations to add to all deployed objects +## +commonAnnotations: + app: ephemerup + +## @param clusterDomain Kubernetes cluster domain name +## +clusterDomain: cluster.local + +logLevel: info + +## +image: + registry: docker.io + repository: tlinden/ephemerup + tag: "latest" + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + +secrets: {} + +mountSecrets: [] +# - name: my-secret + +# Environment variables +env: [] +# - name: HTTPS_PROXY +# value: "http://localhost:3128" + +# Ephemerup configuration +config: + ## must be the same as in the service spec below + listen: 8080 + ## max bytes allowed to upload + bodylimit: 1024 + ## optional public visible url + #url: + ## root context which has all permissions + super: "root" + ## mail config + mail: + server: "localhost" + port: 25 + from: "root@localhost" + password: "" + ## context config, add more as needed + apicontexts: + - context: "root" + key: "0fddbff5d8010f81cd28a7d77f3e38981b13d6164c2fd6e1c3f60a4287630c37" + + +## @param replicaCount Number of application replicas to deploy +## +replicaCount: 1 + +## @param sidecars Add additional sidecar containers to the application pods +## e.g: +## sidecars: +## - name: your-image-name +## image: your-image +## imagePullPolicy: Always +## ports: +## - name: portname +## containerPort: 1234 +## +sidecars: [] + +## @param lifecycleHooks Add lifecycle hooks to the application deployment +## +lifecycleHooks: {} + +## @param podAnnotations Annotations for application pods +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +## +podAnnotations: {} + +## @param podLabels Extra labels for application pods +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +## +podLabels: {} + +## @param updateStrategy.type Deployment strategy type +## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies +## +updateStrategy: + ## StrategyType + ## Can be set to RollingUpdate or OnDelete + ## + type: RollingUpdate + +## @param podAffinityPreset Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` +## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity +## +podAffinityPreset: "" + +## @param podAntiAffinityPreset Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity +## +podAntiAffinityPreset: soft + +## Node affinity preset +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity +## +nodeAffinityPreset: + ## @param nodeAffinityPreset.type Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## + type: "" + ## @param nodeAffinityPreset.key Node label key to match. Ignored if `affinity` is set + ## + key: "" + ## @param nodeAffinityPreset.values Node label values to match. Ignored if `affinity` is set + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] + + ## @param affinity Affinity for pod assignment +## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +## NOTE: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set +## +affinity: {} +## @param nodeSelector Node labels for pod assignment +## ref: https://kubernetes.io/docs/user-guide/node-selection/ +## + +nodeSelector: {} + +## @param tolerations Tolerations for pod assignment +## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +## +tolerations: [] + +## application containers' resource requests and limits +## ref: https://kubernetes.io/docs/user-guide/compute-resources/ + +## @param resources.limits The resources limits for the application container +## @param resources.requests The requested resources for the application container +## +resources: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + +## Configure Pods Security Context +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod +## @param podSecurityContext.fsGroup Set Security Context fsGroup +podSecurityContext: + fsGroup: 65534 + +## Configure Container Security Context (only main container) +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container +## @param containerSecurityContext.enabled Enabled application containers' Security Context +## @param containerSecurityContext.runAsUser Set application container's Security Context runAsUser +## @param containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot +## +containerSecurityContext: + enabled: false + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + runAsUser: 0 + runAsNonRoot: false + +## Configure extra options for application containers' liveness and readiness probes +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes +## @param livenessProbe.enabled Enable livenessProbe +## @param livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe +## @param livenessProbe.periodSeconds Period seconds for livenessProbe +## @param livenessProbe.timeoutSeconds Timeout seconds for livenessProbe +## @param livenessProbe.failureThreshold Failure threshold for livenessProbe +## @param livenessProbe.successThreshold Success threshold for livenessProbe +## +livenessProbe: + enabled: true + initialDelaySeconds: 5 + timeoutSeconds: 1 + periodSeconds: 20 + failureThreshold: 6 + successThreshold: 1 + +## @param readinessProbe.enabled Enable readinessProbe +## @param readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe +## @param readinessProbe.periodSeconds Period seconds for readinessProbe +## @param readinessProbe.timeoutSeconds Timeout seconds for readinessProbe +## @param readinessProbe.failureThreshold Failure threshold for readinessProbe +## @param readinessProbe.successThreshold Success threshold for readinessProbe +## +readinessProbe: + enabled: true + initialDelaySeconds: 5 + timeoutSeconds: 1 + periodSeconds: 20 + failureThreshold: 6 + successThreshold: 1 + +## Configure extra options for application containers' startup and readiness probes +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-startup-readiness-probes/#configure-probes +## @param startupProbe.enabled Enable startupProbe +## @param startupProbe.initialDelaySeconds Initial delay seconds for startupProbe +## @param startupProbe.periodSeconds Period seconds for startupProbe +## @param startupProbe.timeoutSeconds Timeout seconds for startupProbe +## @param startupProbe.failureThreshold Failure threshold for startupProbe +## @param startupProbe.successThreshold Success threshold for startupProbe +## +startupProbe: + enabled: true + initialDelaySeconds: 10 + timeoutSeconds: 1 + periodSeconds: 20 + failureThreshold: 6 + successThreshold: 1 + +## @param customLivenessProbe Custom livenessProbe that overrides the default one +## +customLivenessProbe: {} + +## @param customStartupProbe Custom startupProbe that overrides the default one +## +customStartupProbe: {} + +## @param customReadinessProbe Custom readinessProbe that overrides the default one +## +customReadinessProbe: {} + +## @section Traffic Exposure Parameters +## + +## application Service parameters. +## +service: + ## @param service.type application service type + ## + type: ClusterIP + ## @param service.ports.http application service HTTP port + ## + ports: + http: 8090 + ## @param service.nodePorts.http Node ports to expose + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + ## + nodePorts: + http: "" + ## @param service.clusterIP application service Cluster IP + ## e.g.: + ## clusterIP: None + ## + clusterIP: "" + ## @param service.extraPorts Extra ports to expose (normally used with the `sidecar` value) + ## + extraPorts: [] + ## @param service.loadBalancerIP application service Load Balancer IP + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer + ## + loadBalancerIP: "" + ## @param service.loadBalancerSourceRanges application service Load Balancer sources + ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## e.g: + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + ## + loadBalancerSourceRanges: [] + ## @param service.externalTrafficPolicy application service external traffic policy + ## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip + ## + externalTrafficPolicy: Cluster + ## @param service.annotations Additional custom annotations for application service + ## + annotations: {} + ## @param service.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP" + ## If "ClientIP", consecutive client requests will be directed to the same Pod + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + ## + sessionAffinity: None + ## @param service.sessionAffinityConfig Additional settings for the sessionAffinity + ## sessionAffinityConfig: + ## clientIP: + ## timeoutSeconds: 300 + ## + sessionAffinityConfig: {} + +## Configure the ingress resource that allows you to access the application app +## ref: https://kubernetes.io/docs/user-guide/ingress/ +## +ingress: + ## @param ingress.enabled Enable ingress record generation for application + ## + enabled: false + ## @param ingress.pathType Ingress path type + ## + pathType: Prefix + ## @param ingress.apiVersion Force Ingress API version (automatically detected if not set) + ## + apiVersion: "" + ## @param ingress.hostname Default host for the ingress resource, a host pointing to this will be created + ## + hostname: ephemerup.local + ## @param ingress.path Default path for the ingress record + ## + path: / + ## @param ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. + ## For a full list of possible ingress annotations, please see + ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md + ## Use this parameter to set the required annotations for cert-manager, see + ## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations + ## + ## e.g: + ## annotations: + ## kubernetes.io/ingress.class: nginx + ## cert-manager.io/cluster-issuer: cluster-issuer-name + ## + annotations: {} + ## @param ingress.tls Enable TLS configuration for the host defined at `ingress.hostname` parameter + ## TLS certificates will be retrieved from a TLS secret with name: `{{- printf "%s-tls" .Values.ingress.hostname }}` + ## You can: + ## - Use the `ingress.secrets` parameter to create this TLS secret + ## - Rely on cert-manager to create it by setting the corresponding annotations + ## + tls: false + tlsSecretName: "" + ## @param ingress.extraPaths Any additional arbitrary paths that may need to be added to the ingress under the main host. + ## For example: The ALB ingress controller requires a special rule for handling SSL redirection. + ## extraPaths: + ## - path: /* + ## backend: + ## serviceName: ssl-redirect + ## servicePort: use-annotation + ## + extraPaths: [] + ## @param ingress.selfSigned Create a TLS secret for this ingress record using self-signed certificates generated by Helm + ## + selfSigned: false + ## @param ingress.ingressClassName IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) + ## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster . + ## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/ + ## + ingressClassName: "nginx" + + ## @param ingress.extraHosts An array with additional hostname(s) to be covered with the ingress record + ## e.g: + ## extraHosts: + ## - name: aspnet-core.local + ## path: / + ## + extraHosts: [] + ## @param ingress.extraTls TLS configuration for additional hostname(s) to be covered with this ingress record + ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls + ## e.g: + ## extraTls: + ## - hosts: + ## - aspnet-core.local + ## secretName: aspnet-core.local-tls + ## + extraTls: [] + ## @param ingress.secrets Custom TLS certificates as secrets + ## NOTE: 'key' and 'certificate' are expected in PEM format + ## NOTE: 'name' should line up with a 'secretName' set further up + ## If it is not set and you're using cert-manager, this is unneeded, as it will create a secret for you with valid certificates + ## If it is not set and you're NOT using cert-manager either, self-signed certificates will be created + ## It is also possible to create and manage the certificates outside of this helm chart + ## Please see README.md for more information + ## e.g: + ## secrets: + ## - name: aspnet-core.local-tls + ## key: |- + ## -----BEGIN RSA PRIVATE KEY----- + ## ... + ## -----END RSA PRIVATE KEY----- + ## certificate: |- + ## -----BEGIN CERTIFICATE----- + ## ... + ## -----END CERTIFICATE----- + ## + secrets: [] + ## @param ingress.extraRules Additional rules to be covered with this ingress record + ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules + ## e.g: + ## extraRules: + ## - host: aspnet-core.local + ## http: + ## path: / + ## backend: + ## service: + ## name: aspnet-core-svc + ## port: + ## name: http + ## + extraRules: [] + +## @section RBAC parameters +## + +metrics: + serviceMonitor: + ## @param metrics.serviceMonitor.enabled Creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) + ## + enabled: false + + port: "http" + ## @param metrics.serviceMonitor.namespace Namespace in which Prometheus is running + ## + namespace: "" + ## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped. + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## e.g: + ## interval: 10s + ## + interval: "30s" + ## @param metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## e.g: + ## scrapeTimeout: 10s + ## + scrapeTimeout: "10s" + +storage: + # -- Persistent volume for backups, see `config.retention` + longTerm: + name: "ephemerup-storage" + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: standard + # -- Persistent volume for temporary files + tmp: + name: "ephemerup-tmp" + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: standard + restoreTmp: + name: "ephemerup-restore-tmp" + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: standard From 4245335df6219695260c4c9350e7990c6e40391a Mon Sep 17 00:00:00 2001 From: Thomas von Dein Date: Fri, 22 Sep 2023 11:05:55 +0200 Subject: [PATCH 04/13] try docker image build --- .github/workflows/pushimage.yaml | 38 ++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 .github/workflows/pushimage.yaml diff --git a/.github/workflows/pushimage.yaml b/.github/workflows/pushimage.yaml new file mode 100644 index 0000000..b4f49cf --- /dev/null +++ b/.github/workflows/pushimage.yaml @@ -0,0 +1,38 @@ +# +name: build-push-docker-image + +on: + push: + branches: ['development'] + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + +jobs: + build-and-push-image: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Log in to the Container registry + uses: docker/login-action@v1 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v1 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + - name: Build and push Docker image + uses: docker/build-push-action@v1 + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} From 1bc1fa9d4a09aab1f7ccd7c5c75c8495f15a6cdf Mon Sep 17 00:00:00 2001 From: Thomas von Dein Date: Fri, 22 Sep 2023 11:20:21 +0200 Subject: [PATCH 05/13] another try? --- .github/workflows/pushimage.yaml | 50 ++++++++++---------------------- 1 file changed, 15 insertions(+), 35 deletions(-) diff --git a/.github/workflows/pushimage.yaml b/.github/workflows/pushimage.yaml index b4f49cf..8b7e4a5 100644 --- a/.github/workflows/pushimage.yaml +++ b/.github/workflows/pushimage.yaml @@ -1,38 +1,18 @@ -# -name: build-push-docker-image - -on: - push: - branches: ['development'] - -env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }} - +name: publish +on: [push] jobs: - build-and-push-image: + publish-ephemeruo-image: runs-on: ubuntu-latest - permissions: - contents: read - packages: write steps: - - name: Checkout repository - uses: actions/checkout@v4 - - name: Log in to the Container registry - uses: docker/login-action@v1 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v1 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - - name: Build and push Docker image - uses: docker/build-push-action@v1 - with: - context: . - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} + - uses: actions/checkout@v2 + - name: Login to GitHub Container Registry + uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: build-push-image + run: | + docker build . --tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest + docker run ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest + docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest From 5da493ee7eea998468f4461676133d0fd0f48e34 Mon Sep 17 00:00:00 2001 From: Thomas von Dein Date: Fri, 22 Sep 2023 11:26:33 +0200 Subject: [PATCH 06/13] next try --- .github/workflows/pushimage.yaml | 41 ++++++++++++++++++++------------ 1 file changed, 26 insertions(+), 15 deletions(-) diff --git a/.github/workflows/pushimage.yaml b/.github/workflows/pushimage.yaml index 8b7e4a5..b6a5911 100644 --- a/.github/workflows/pushimage.yaml +++ b/.github/workflows/pushimage.yaml @@ -1,18 +1,29 @@ -name: publish -on: [push] +name: build-push-image + +on: + push: + branches: + - 'development' + jobs: - publish-ephemeruo-image: + build-and-push-image: runs-on: ubuntu-latest + permissions: + packages: write steps: - - uses: actions/checkout@v2 - - name: Login to GitHub Container Registry - uses: docker/login-action@v1 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: build-push-image - run: | - docker build . --tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest - docker run ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest - docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Log in to the Container registry + uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9 + with: + registry: https://ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push Docker image + uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc + with: + context: image/ + push: true + tags: ghcr.io/tlinden/ephemerup:latest From fcfa4e077a181497a9c25ae43ee89cb3e5994fae Mon Sep 17 00:00:00 2001 From: Thomas von Dein Date: Fri, 22 Sep 2023 11:28:00 +0200 Subject: [PATCH 07/13] fix path --- .github/workflows/pushimage.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/pushimage.yaml b/.github/workflows/pushimage.yaml index b6a5911..d21011b 100644 --- a/.github/workflows/pushimage.yaml +++ b/.github/workflows/pushimage.yaml @@ -24,6 +24,5 @@ jobs: - name: Build and push Docker image uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc with: - context: image/ push: true tags: ghcr.io/tlinden/ephemerup:latest From fc0b2dfa8d3cb279a857dcfa5277a3e4167cf5cf Mon Sep 17 00:00:00 2001 From: Thomas von Dein Date: Fri, 22 Sep 2023 13:31:38 +0200 Subject: [PATCH 08/13] added status handler, so readyness+liveness-probes in k82 get some --- api/server.go | 10 +++++++--- api/status_handlers.go | 24 ++++++++++++++++++++++++ 2 files changed, 31 insertions(+), 3 deletions(-) create mode 100644 api/status_handlers.go diff --git a/api/server.go b/api/server.go index e6d3ab0..12002a3 100644 --- a/api/server.go +++ b/api/server.go @@ -18,6 +18,7 @@ package api import ( "errors" + "github.com/gofiber/fiber/v2" "github.com/gofiber/fiber/v2/middleware/compress" "github.com/gofiber/fiber/v2/middleware/cors" @@ -130,6 +131,9 @@ func Runserver(conf *cfg.Config, args []string) error { return FormPage(c, conf, db, shallExpire) }) + router.Get("/status", func(c *fiber.Ctx) error { + return Status(c, conf) + }) } // setup cleaner @@ -196,8 +200,8 @@ func SetupServer(conf *cfg.Config) *fiber.App { } /* - Wrapper to respond with proper json status, message and code, - shall be prepared and called by the handlers directly. +Wrapper to respond with proper json status, message and code, +shall be prepared and called by the handlers directly. */ func JsonStatus(c *fiber.Ctx, code int, msg string) error { success := true @@ -214,7 +218,7 @@ func JsonStatus(c *fiber.Ctx, code int, msg string) error { } /* - Used for non json-aware handlers, called by server +Used for non json-aware handlers, called by server */ func SendResponse(c *fiber.Ctx, msg string, err error) error { if err != nil { diff --git a/api/status_handlers.go b/api/status_handlers.go new file mode 100644 index 0000000..03d5395 --- /dev/null +++ b/api/status_handlers.go @@ -0,0 +1,24 @@ +/* +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program. If not, see . +*/ +package api + +import ( + "github.com/gofiber/fiber/v2" + "github.com/tlinden/ephemerup/cfg" + "github.com/tlinden/ephemerup/common" +) + +func Status(c *fiber.Ctx, cfg *cfg.Config) error { + res := &common.Response{} + res.Success = true + res.Code = fiber.StatusOK + res.Message = "up and running" + return c.Status(fiber.StatusOK).JSON(res) +} From e491b89320192b5d022d8d556c69d457e6640311 Mon Sep 17 00:00:00 2001 From: Thomas von Dein Date: Fri, 22 Sep 2023 13:36:02 +0200 Subject: [PATCH 09/13] first working chart version --- charts/ephemerup/README.md | 207 ++++++++++---------- charts/ephemerup/charts/common-1.16.0.tgz | Bin 0 -> 14693 bytes charts/ephemerup/templates/configmap.yaml | 3 + charts/ephemerup/templates/statefulset.yaml | 13 +- charts/ephemerup/values.yaml | 20 +- 5 files changed, 120 insertions(+), 123 deletions(-) create mode 100644 charts/ephemerup/charts/common-1.16.0.tgz diff --git a/charts/ephemerup/README.md b/charts/ephemerup/README.md index 8b739af..a5ff035 100644 --- a/charts/ephemerup/README.md +++ b/charts/ephemerup/README.md @@ -1,6 +1,8 @@ # ephemerup -A Helm chart for ephemerup +![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.2](https://img.shields.io/badge/AppVersion-0.0.2-informational?style=flat-square) + +A Helm chart for Ephemerup. ## Source Code @@ -14,108 +16,111 @@ A Helm chart for ephemerup ## Values -| Key | Type | Description | Default | -|---------------------------------------------------|--------|-----------------------------------------------------------|-----------------------| -| kubeVersion | string | | `""` | -| nameOverride | string | | `""` | -| fullnameOverride | string | | `""` | -| namespaceOverride | string | | `""` | -| commonLabels | object | | `{}` | -| commonAnnotations.app | string | | `"ephemerup"` | -| clusterDomain | string | | `"cluster.local"` | -| logLevel | string | | `"info"` | -| image.registry | string | | `"docker.io"` | -| image.repository | string | | `"tlinden/ephemerup"` | -| image.tag | string | | `"latest"` | -| image.pullPolicy | string | | `"IfNotPresent"` | -| image.pullSecrets | list | | `[]` | -| secrets | object | | `{}` | -| mountSecrets | list | | `[]` | -| env | list | | `[]` | -| config | object | Backup plans. For details, see [values.yaml](values.yaml) | `{}` | -| replicaCount | int | | `1` | -| sidecars | list | | `[]` | -| lifecycleHooks | object | | `{}` | -| podAnnotations | object | | `{}` | -| podLabels | object | | `{}` | -| updateStrategy.type | string | | `"RollingUpdate"` | -| podAffinityPreset | string | | `""` | -| podAntiAffinityPreset | string | | `"soft"` | -| nodeAffinityPreset.type | string | | `""` | -| nodeAffinityPreset.key | string | | `""` | -| nodeAffinityPreset.values | list | | `[]` | -| affinity | object | | `{}` | -| nodeSelector | object | | `{}` | -| tolerations | list | | `[]` | -| resources.limits.cpu | string | | `"500m"` | -| resources.limits.memory | string | | `"256Mi"` | -| resources.requests.cpu | string | | `"100m"` | -| resources.requests.memory | string | | `"128Mi"` | -| podSecurityContext.fsGroup | int | | `65534` | -| containerSecurityContext.enabled | bool | | `false` | -| containerSecurityContext.allowPrivilegeEscalation | bool | | `false` | -| containerSecurityContext.capabilities.drop[0] | string | | `"ALL"` | -| containerSecurityContext.privileged | bool | | `false` | -| containerSecurityContext.runAsUser | int | | `0` | -| containerSecurityContext.runAsNonRoot | bool | | `false` | -| livenessProbe.enabled | bool | | `true` | -| livenessProbe.initialDelaySeconds | int | | `5` | -| livenessProbe.timeoutSeconds | int | | `1` | -| livenessProbe.periodSeconds | int | | `20` | -| livenessProbe.failureThreshold | int | | `6` | -| livenessProbe.successThreshold | int | | `1` | -| readinessProbe.enabled | bool | | `true` | -| readinessProbe.initialDelaySeconds | int | | `5` | -| readinessProbe.timeoutSeconds | int | | `1` | -| readinessProbe.periodSeconds | int | | `20` | -| readinessProbe.failureThreshold | int | | `6` | -| readinessProbe.successThreshold | int | | `1` | -| startupProbe.enabled | bool | | `true` | -| startupProbe.initialDelaySeconds | int | | `10` | -| startupProbe.timeoutSeconds | int | | `1` | -| startupProbe.periodSeconds | int | | `20` | -| startupProbe.failureThreshold | int | | `6` | -| startupProbe.successThreshold | int | | `1` | -| customLivenessProbe | object | | `{}` | -| customStartupProbe | object | | `{}` | -| customReadinessProbe | object | | `{}` | -| service.type | string | | `"ClusterIP"` | -| service.ports.http | int | | `8090` | -| service.nodePorts.http | string | | `""` | -| service.clusterIP | string | | `""` | -| service.extraPorts | list | | `[]` | -| service.loadBalancerIP | string | | `""` | -| service.loadBalancerSourceRanges | list | | `[]` | -| service.externalTrafficPolicy | string | | `"Cluster"` | -| service.annotations | object | | `{}` | -| service.sessionAffinity | string | | `"None"` | -| service.sessionAffinityConfig | object | | `{}` | -| ingress.enabled | bool | | `false` | -| ingress.pathType | string | | `"Prefix"` | -| ingress.apiVersion | string | | `""` | -| ingress.hostname | string | | `"ephemerup.local"` | -| ingress.path | string | | `"/"` | -| ingress.annotations | object | | `{}` | -| ingress.tls | bool | | `false` | -| ingress.tlsSecretName | string | | `""` | -| ingress.extraPaths | list | | `[]` | -| ingress.selfSigned | bool | | `false` | -| ingress.ingressClassName | string | | `"nginx"` | -| ingress.extraHosts | list | | `[]` | -| ingress.extraTls | list | | `[]` | -| ingress.secrets | list | | `[]` | -| ingress.extraRules | list | | `[]` | -metrics.serviceMonitor.enabled | bool | `true` | | -| metrics.serviceMonitor.port | string | `"http"` | | -| metrics.serviceMonitor.namespace | string | `""` | | +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| clusterDomain | string | `"cluster.local"` | | +| commonAnnotations.app | string | `"ephemerup"` | | +| commonLabels | object | `{}` | | +| config.apicontexts[0].context | string | `"root"` | | +| config.apicontexts[0].key | string | `"0fddbff5d8010f81cd28a7d77f3e38981b13d6164c2fd6e1c3f60a4287630c37"` | | +| config.bodylimit | int | `1024` | | +| config.listen | int | `8080` | | +| config.mail.from | string | `"root@localhost"` | | +| config.mail.port | int | `25` | | +| config.mail.server | string | `"localhost"` | | +| config.super | string | `"root"` | | +| containerSecurityContext.allowPrivilegeEscalation | bool | `false` | | +| containerSecurityContext.capabilities.drop[0] | string | `"ALL"` | | +| containerSecurityContext.enabled | bool | `false` | | +| containerSecurityContext.privileged | bool | `false` | | +| containerSecurityContext.runAsNonRoot | bool | `false` | | +| containerSecurityContext.runAsUser | int | `0` | | +| customLivenessProbe | object | `{}` | | +| customReadinessProbe | object | `{}` | | +| customStartupProbe | object | `{}` | | +| env | list | `[]` | | +| fullnameOverride | string | `""` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.pullSecrets | list | `[]` | | +| image.registry | string | `"ghcr.io/tlinden"` | | +| image.repository | string | `"ephemerup"` | | +| image.tag | string | `"latest"` | | +| ingress.annotations | object | `{}` | | +| ingress.apiVersion | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.extraHosts | list | `[]` | | +| ingress.extraPaths | list | `[]` | | +| ingress.extraRules | list | `[]` | | +| ingress.extraTls | list | `[]` | | +| ingress.hostname | string | `"ephemerup.local"` | | +| ingress.ingressClassName | string | `"nginx"` | | +| ingress.path | string | `"/"` | | +| ingress.pathType | string | `"Prefix"` | | +| ingress.secrets | list | `[]` | | +| ingress.selfSigned | bool | `false` | | +| ingress.tls | bool | `false` | | +| ingress.tlsSecretName | string | `""` | | +| kubeVersion | string | `""` | | +| lifecycleHooks | object | `{}` | | +| livenessProbe.enabled | bool | `true` | | +| livenessProbe.failureThreshold | int | `6` | | +| livenessProbe.initialDelaySeconds | int | `5` | | +| livenessProbe.periodSeconds | int | `20` | | +| livenessProbe.successThreshold | int | `1` | | +| livenessProbe.timeoutSeconds | int | `1` | | +| logLevel | string | `"info"` | | +| metrics.serviceMonitor.enabled | bool | `false` | | | metrics.serviceMonitor.interval | string | `"30s"` | | +| metrics.serviceMonitor.namespace | string | `""` | | +| metrics.serviceMonitor.port | string | `"http"` | | | metrics.serviceMonitor.scrapeTimeout | string | `"10s"` | | -| storage.longTerm | object | `{"name":"ephemerup-storage","spec":{"accessModes":["ReadWriteOnce"],"resources":{"requests":{"storage":"100Gi"}},"storageClassName":"standard"}}` | Persistent volume for backups, see `config.retention` | +| mountSecrets | list | `[]` | | +| nameOverride | string | `""` | | +| namespaceOverride | string | `""` | | +| nodeAffinityPreset.key | string | `""` | | +| nodeAffinityPreset.type | string | `""` | | +| nodeAffinityPreset.values | list | `[]` | | +| nodeSelector | object | `{}` | | +| podAffinityPreset | string | `""` | | +| podAnnotations | object | `{}` | | +| podAntiAffinityPreset | string | `"soft"` | | +| podLabels | object | `{}` | | +| podSecurityContext.fsGroup | int | `65534` | | +| readinessProbe.enabled | bool | `true` | | +| readinessProbe.failureThreshold | int | `6` | | +| readinessProbe.initialDelaySeconds | int | `5` | | +| readinessProbe.periodSeconds | int | `20` | | +| readinessProbe.successThreshold | int | `1` | | +| readinessProbe.timeoutSeconds | int | `1` | | +| replicaCount | int | `1` | | +| resources.limits.cpu | string | `"500m"` | | +| resources.limits.memory | string | `"256Mi"` | | +| resources.requests.cpu | string | `"100m"` | | +| resources.requests.memory | string | `"128Mi"` | | +| secrets | object | `{}` | | +| service.annotations | object | `{}` | | +| service.clusterIP | string | `""` | | +| service.externalTrafficPolicy | string | `"Cluster"` | | +| service.extraPorts | list | `[]` | | +| service.loadBalancerIP | string | `""` | | +| service.loadBalancerSourceRanges | list | `[]` | | +| service.nodePorts.http | string | `""` | | +| service.ports.http | int | `8080` | | +| service.sessionAffinity | string | `"None"` | | +| service.sessionAffinityConfig | object | `{}` | | +| service.type | string | `"ClusterIP"` | | +| sidecars | list | `[]` | | +| startupProbe.enabled | bool | `true` | | +| startupProbe.failureThreshold | int | `6` | | +| startupProbe.initialDelaySeconds | int | `10` | | +| startupProbe.periodSeconds | int | `20` | | +| startupProbe.successThreshold | int | `1` | | +| startupProbe.timeoutSeconds | int | `1` | | +| storage.longTerm | object | `{"name":"ephemerup-storage","spec":{"accessModes":["ReadWriteOnce"],"resources":{"requests":{"storage":"10Gi"}},"storageClassName":"standard"}}` | Persistent volume for bolt database and uploads | | storage.tmp | object | `{"name":"ephemerup-tmp","spec":{"accessModes":["ReadWriteOnce"],"resources":{"requests":{"storage":"10Gi"}},"storageClassName":"standard"}}` | Persistent volume for temporary files | -| storage.restoreTmp.name | string | `"ephemerup-restore-tmp"` | | -| storage.restoreTmp.spec.accessModes[0] | string | `"ReadWriteOnce"` | | -| storage.restoreTmp.spec.resources.requests.storage | string | `"100Gi"` | | -| storage.restoreTmp.spec.storageClassName | string | `"standard"` | | +| tolerations | list | `[]` | | +| updateStrategy.type | string | `"RollingUpdate"` | | ---------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) +Autogenerated from chart metadata using [helm-docs v1.11.2](https://github.com/norwoodj/helm-docs/releases/v1.11.2) diff --git a/charts/ephemerup/charts/common-1.16.0.tgz b/charts/ephemerup/charts/common-1.16.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..aae0af392e84accbbc87a4033cf39ef3caeb0370 GIT binary patch literal 14693 zcmV-rIhw{FiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PKBhciT9U=zP|%s7t3eb|#`EJ8{o=Hhb4`GBZA%PJHcja%Q{d zwjmOd(53)30LsxMxxf7$yh!k+hb=#{Yko*%5-1c3RfR&KP>9%c%4qLsg18LlXqx*l%#^(ocOh+6E$+Jji9CuJkK42~gqX#hC?VvQx{~Uya z{jlGOv4}WHrG9q^Z^)1%K8L^KWD1(SV8l3#Im=Q)$6y!_5;i6g46(e#n8J`qilzi2 zRbGT0fcFz3%%4C6P$nV9X~O1cm|z&rfk=UqQP`QVDL#OSl&LuA^~OX_vSAppY0rY} z8IV26G44%~keC;rG%6huDa;)R`%%M)*(FUFibXGBVc$y|i;!YPv8I2T$I$hV-&J+J+JtytE$yGM=o^ua2o^ z+ZHV25!T?A*DT6hUS5WNw>xs4;sZ#`NOoqG0l#b3eRwwTSp7dkNruG@O#n;ue}AyQ zU)BHL?>^}NTY0v&prQu1w%}MRTaJIv2*?g|89yBy zP?7)V&z}t*ugoNPb;c1}${jXqW2fAOsb~HMlKX*-wOIuJ?QjSNMa~!|QIHBXSXoBM`A#{8^ zrYwK``V)>aZM=2>x?n0{8e#RfdZtK5lh>b8j)idMvU$32f#(PC`7?wUcn)8`=3f9< ziaC;uD}&m5ZMu2jy#Y|Y;)sqhgywS@l4?ga0bk(vj7ePms;XleyVsYPj3@E{1|9dI zTOY^?;&IzRt~8Dcz|D@MX+c$S^U>z`sMN8g*^jp6joxX^qeWh!cU!Pz}GV1J%?hLACT=KzpqMQx-e= z_tbAH$@=4wvbdrTBQ{ML#Z=~Ffj>!(epF2R1`Tl{0ti1Ci@o|q)us}Ek^wwgd7L~H zT(=+PNWj4hRTX84gdl*h_>h;aA>mcgecFLKqE}bV1=W>MJHbm7SSRg;G){{q5A@(} zSI0tE6ydZ)UQ5Lt_yUyBSao;MFN>*VXv!pP<7q1A9?^EHMIq&c$`J%8O~Z?9h&ja) zi;%EhUg-e76M;|pT63O$uj-jc7kK^@9%-pn^sf&}6{AN+!D(e@>ouyQTEi4gu}D#b zOL|l3GfTDb6ek!79KLlW>yRZ&S;EHiAC$T+6J)}KT9M#2=dsO6V`)~q8)+=2z1x$< z^(WYFv(#-)=Kkcf;>rSdeQ|3LwkwL-%7RvDvMyw6ir6Xwwm_sdCQY|vYM7QbU}<=B z;pPktPo$UG8MnOttFQkfl%gR?Hs}FZy#5~ycAr11tpE4>&%S?H|KG-Qh4sIjV33H9 zv4kITwE}i`pjB2&Y^BtZ-9IWOIWo%U(Q(3tC@Be7^`j5NFSwvo*DI#w+56i~kl~S! z=MP2g&_Qtxv_kfU+P1Qp7FJrCsL?@b%2~<@lIpkHxYPS@DT`wwc&7L1hFLtuGF)xU zQkIZt9v1LQBPZ~5hWQbjrifz*{(TVc4!ZrIKJ&NpLAa9x)U!7PrpexHFvJoKf-+g# z$_5*w6~*$B@eAAW)u?3aoUBQ#@2^cO{7GV}of)gq%OXnXIK23iwhA^$x`;FS8yl`j zG*|jId26W5wbe-Fif)cPW)FLc>8ir#RaluwgJ-wSR47fwMhPV(l6aIQVr4bu*SJkm z*{V&8-{Ie_|MmFxJjLEL<>Jq?Y8Hx z)0c-wz_AUYSy8I^5JhX~o9oZ_rol{37$^VI0bFa5a8dQmk@D#D)v5%Hc)SMvuFrZX zB?a5BMY@)no1@y{$?+NHGZNtyX@^qcDy&Yz{w7Gs@t6q7*XO_1x|<{8-xX^!Dp3L_ zEQZ5OG7+H!^A)K&Nzob>>E62J%)Ood467)&Tcef5oX~M^wyTRQA#SZg8(EiDUVS(O zNS^7bLXAr%aBN~ftz!U)fW2_(>Av4{{AVHriC7MTFlr z5`ci?G5)08yg;as7{$Ow@cFYIxi%c&>sJ`!2xS5r$b^nHd#Zk4U=twg$`T6yz8CJP z*(Xb+!T=Bigi6duD8iZ|BbL!P0L(d4oc!cHgCPcvr)-8}xSU`k7!i^vVdKXFri7Ad zMw>?C$&(e0>MTtem%_ufBo7{Cg3sHtpZncE|8wWb&;R%9Kc9U4`Y3?y5_#YYNOmT< zqJ;I^D>#~c7IE8M`^x@1K6U@EW~`0He*Iy2{MX*#SvCIa+4sBq5B}fVcvkcOYBm3U z!dW(+7|ml8O_q*1ij^E^Lj7xYBU zA+a_FUaJQBeK>eg+fykD2^&}ws)iFBYLNL}lm7OD-eO9ToP?5v4y%4YfI#4gW10VW zi>5e$U_@{d>nf&bx8Dzn`MHMS;HEGftbySm$FPQqm1HwWI0rB4nE2hw_u(2wq)vjJ z@)ozU2~J(yuxk)f#E}WU>O!?O=z^UJy5MSt@J1oPMqX((O%pm6%5c#0ow7Nes>z4w zXl28CM8YMbk0r(?02QMJ_g`OOqoqc?F`sxf`pPs%uJ%E3(%*bQP z*^I;(<}Bk7Wn5FCkl%`sE4zZ*#)I}oUszMJ^fLH`LiKseBsR(c&oBivl9&U>%D6&F zqWk_7SQ10Tag3=XC=oD4bHxA@^MV1!6=zxJ~q zp7ox({YR!~yt&x_KPHh-Q24ijLKTjExMbw-EE{HIWP+AM5OL|L)kP&SA zaikuY9X%dZvK&+}Ej6rLaYwiHxsD1RB{Vk2|5z;|kyJ{@uC$do?56SsOkR_Wjk9`X zQMiP?8}M1q!{Xf{Pp8xIdKlp!dM_C56t>oH7m@RJW3AJDCU-sJx z|El^YPdsm=2Qzm>hI)1dHUdNee*g z^nfxM-_KJFdOt()v)y6F@d}E;?M9ziD1n*7m$7WUn#X9{4G}VbT026f79ul3iNK44 zH4JgC7G+_(c9b9?w6?hxJ&!BU)}(8_`r-hj^~rnV)Xj+-VJ^E6DlSoh6K4y>p63MOrVvHKnOy7KvV_#;s?G+}p|r zwCjUeKDY|@j|Q}w2C$IDTF-;j;*E29+Uxk@_1uD1-7ck3RTCtBz;h^p4yuHRl1xa< z%~l9kYJR0^d2vr)Jw%r@K6U%w9?iWy|Nmf6v;Uv%Kkq--|F`k1;s5t+c_9&v5s%IB zZ_%m_EHAm@MhDc7Wali;|#l++;Tu?=Sw{`06=?!KYS-Z+VN!?uD zsFt`poR@3Zpxb7To;?aKnf6RGY7hN{BE?ZC?1_2*1iaq%7qh5bVi|2qN9eCh-gQa! zpg+I$r>_4EQ*2QEFZKWI?>(>T|K|_!f4B3jq5ofhN|lCE7A>_75*=u)Q%AR|DPPBQ ziz4FQ$7zBh48b1*2!0K&-YJw5Zj>d- z9DdJGLPkU_Owv?$Htc-F2D&aURT~O(k%yoQHpRYIu2?miWlKV)#5$qmgb3KSqT}*RTu(ptNeBwUlywa^4L97*6 ziSGUq@)5NW0W0&Xhi6U>1EoB5=D3#Lu8m-o3ro;UyX!F9;uZ2zCNy43Or!ZX$&2kv zX~T_0_dLdQIigfE))ifpvvGN*q$%^kX1a0QQ!Tvm#_0l_d|~k#T_7WvWC;BVDqo78n(SeiL?!=s@BjpZBv~-$Yo=a{ea=eq9Ed`6HF5&DhyHc zQ&y*_aHp+|2Rz(ai+gUt{;S*n=Dfk}?f(v*^`BMaKcDx%f5`uQE6*DCf4==|IK)ny z3+7G7Nu{aMZK$5v^DRwo=W-b}rRs@9=?^0<0R+=|{&Ud=Zv|8rUYB0<^0O!JQgbTQ z?2#&LjNO6#EnpW#sNZ{cCcv1?Fm=m{Oki$P@a5KqcVJW%aZ@9sI0QWnm>mToo#HpU zgYIn1_HUVxcJnwV{*JCPMA5}1;&HJ7PZA>Mp~m2kgpSzt?nT*h{WmRZs@4X?KgCl} z(%d7U`_E`HSF_6{h6$RfZp<)8NtLETX?8z5&Q0%UmwB{i!Yo(&rCsZM4s9S%3G|EV z{9;X=dc8GQi(Pvpy2|&({H`OZYCF%x-kPaTeH+W+95zqfb>pwKsE=qt0oVOzQ=qDM zF7SLMwWBjkUPJ4c43!sH$1w*Fs^xZ6%LSe{9|?Tx`J7ZCr!jQZ<#2DvFGo~=nvxkfpxu?|tS_#;YFcTm8Kyi~Zn077H@X;H05InwRHlS{?TfmkkW z`5{imfn&)Do?*pX`kZ3IF^cC9X=6QJNh*sYlV(@N3-2l&cy-I>vJ^sKPb|hC$~j}J zXJ`iv=W2I@9S9Ok$8r+Dps&Y}sWH@X1m#tH>G#3_GAsNwj)iWCWgnZ7e4J+%g3Af! z*hG9g8WRCRGR5wTWT67NK^V*p7Cxb%tIyQ_y8-qeWoT8kx_}YkLYlL`SYmF20xRnGteAJ8rUxUy z`8-tPQlp@@k4JzSSXi~iG8#ih6&Cr{fa5(!-N(Y#EV#ir^>SRz-U5;h%@p}tG_z|) zD%wIqB2wqRqY_d+<;qLIu! zX{nIQ_V^GezI2jQr>Gr1EA}GAk@4-=E<83L9+z~7L8xe0^{qf}>GWTpcJhhwQI6Tc z3kU)?c|LNoS$SQkf@&)M{DUj%09!5Ql^^sWwB64OTOM$n^@A}{s`F?jNg~2AmOtS6 zUpbp9t?u8zBLWC3s^6QyisedMvmabm`__ha3Dxuuo`J2W>Bc@RY~2jcDknv?-d5fkPwk zFlt~@{{&hU6`cU#O4(oPz3SG-=0ij35R;On84+)lvZ)j>?YK0`bNRGZXf3hI;GapJ z_hdU^mzcx0nj;RAbb?^8vt#~zn@uq%5e#-JO9T4UyVA75wtcM~@Z|{AU1Pl+h+6hv%yTFIHZ9?PV!Zlqdn zYHJ$q%ZwG*+irQ9yxtU9pB*1k?>#&X`+t&gG{(1g{&O(cuipRiyubgj|930T`uSh{ z90g~FS3sZnY1H4AnIcu7ICzq$=hBUu5vX&e8pw}DDUb}DXVH;4OW%%R6$f?onZ&w_7P zEURk_nP$vdd-E`v+`p%;|BGx6o0PtHzZU=TZ14Gl{=bc9E&Wep%yVy|an|Op zS;s+(0x263g+Mt|NW)ZMoD!?XMb?|BXz<$p-K=ns6q-+_iTmOwm1(*?%&)Q?&T<#Z zKhQMUX|8>b@`}{u-}w1%^ZZA@U(5ge{Mp0#k6U@xkbiTSpHP!8U!S~{4903b?^f4# zPp@4A80NCulw&Nd+%I0%yQIhVt*+B`FIUtHEe+=@>>1)N=BF8F-QIiln$A8T?ym8~ zpHjx9z1P(M`1QKcMT1fR9bJ5(ji zq5rR6zXtFHhDhN3XVBG2?y63jml;W7z;p&P#Lf1Z2`@n=?tbaWRj6Qw%?-tL-px0H zmybmSl;;N3Uvvmmnh@>v5bB4{39am1+hMPUb`u^Uf&W^os=bZfYHqA*8~!BG3avvS^+()8X_$4&6?d_M?-Jdw-l2BjN6jdBdSG6hx;Tz8SUEAtFT=ACS@gV=K{|MWj@r= zI_q*`sl95nm+ijZfX}~iJi}bzAJof(7hwOirOI697p)HR)izAS#*L?)(w3#i4wX=` zu)cS;(1UM<4(^BL`S9F_r*8jWB2Eb%Z*U2))c@PB`G0r!9`66Xm1hn6|D$0HKtq;E zd*KUbNup0-q46TKKj$f1{yiEmNdJAxm|Udo8=?6=Q$%Cf&OH->3px(KOX$60bBb28 zcYiT^!G9$*hM>!T`6d42qc38DcAxJb1SZ|+$HUXN$8Z030H;OoA;uC%634KuOmZ)A z_}8xo>WwP%_3O@4uqFr1@4hez{mhnmG6#-TH!-#0b7;m$T&K3Z8!Xiqlr$+9Y-2xM41A7t?*0&6i>+zbMVU24riXc8 zdeM?QG>1e{mvKeb5MG&8-+}3G>m0c%alJKY<>*Vpil%^ILDr5{mEhSBz?A@*vK0vN z@F#)!3CAPyX(cchcpjQc6-X{((2pf7)<(tog-V;{ur_U0Fm4QoN7ZvbIs44K|z z-Eki+K}=H0@=2juWS^)yuhxl*taZ0FB(i~dgJp;nez5wt=J>{917^7n&^Zp$+I@Kr zZbJyAACuS^lDHrPL-vUz1o63dK*0F4byfy4o=E3%W4v$O3hB2Wn#} z+9d~DSfJ=}Of?j^fN5l_ddANAyDO0hi$JanXj21kCAa9xdSmajTl1i=J{S(p3Zvk= z3fo7-b!-9cOFl=X`C3A~n>^mvrMruWH{-n)&HbssSrECcVABHMd+GB#v1H7vQr0w_ zEPY9^k%dCxoMPoyZ$?LsaAK{qCC!gnaE2c(M>IAVP~!wR2xX`4yP3sC5HmYQkwT z#r~%_a#ooEH|ERPpfRut-dAwuIIs=yuHwj95zL0&IIa_GjQbT`IBig_>A-Pd@45TN zSEuX9SjninLFdg4id(4**O4=SMp{R(TIy}sF{k8rjgc+P>~C^Z3-p(asIMiPM$CVI zw{Ey4{vSri?1ue6gZ{IgB(2JpRk(oj{i5?vE45?`^v$ z$e?{qUy$F_4LOABoHoV+f0#eww)0JoT_;0xJxTFv1scg88ss&u)6%gy`bDl^)>^2rG-S8&M{YH67>&X!z( z=}q~rz_OdCl-{5R&LZ;Qdt24m*qrZ88(+hXEE`wA`zk&G3-;Ugz1dEzG45COy|qBO zuJ6r)z30BSl|3|V7W7SeXg0jgY3;)@H;pGyS8&tZs7rLwlH}VRn(O;T-H_e9U-YhB zGq>_A@&D=U{?|PSx-9}08;$(Z zE!>csuS(4IoP4_WMqGS8q$@^zm5{k|yq6EL9+N-|8*Ao3dz^QfDv0f$3d9S=m zcO2u!8aOXs}Jd73sg@h`{uDl04v^xO6^=`O51+E?{2HNv>AcS!@i=f0(t zofz$=+fBMKZbrPW?YS^=^^M1KHJj1j+-R=uBFwen{f^_h>a*DYlQJR49ADE3v?Ts( zuwV86?Dhu_=l^c!xr+bi#Bjw;IDtHdyEmSo0;hI&P*LW3J|VBIn{f;^6L>A}kO$(L zX!h-{2W4}*vWRK9Q>n3(*N(@YhEwzn`Acir6y3hFp*-q$ z=4)C$gRbX^SPsvd=nSD+ulZerL92}{514IUDZ51G+to4kaB21-?UcK-U_IU1#=3wv z?5gs*xF*M3&1tm&&^0|*{$Sm2_my*Y)J(!PhoHr*yg_HkW|s#m_vl8nM^W^rd_#1( z2GO>1T{IW)E%-8))=b9oolZ@a>LqC_Yu9F><`!>2llaE!)l^B@-2H~RxUoN*({4VY z*VJ@Xs7pX?Sl{`rrB_#ZjceO)m|a@?w1j0^SR$>6xz7)a%H56sc(MPNil(76s;KNK#)*nyH!pm{Y1U^{{&3oa^_iipMD0H1j!VwM% zs4(`NQ{YA>VcXga@E0>*j}mu zdoAb{=Z-42i_H%*YHQw?SjFB;gz>J|Pv82pc>V9sWmoqCELs0Q+u!R~9-cRhc){;3(L}N|I78IeL zg%ZxuG%1~SEEan${*=P3X!WNww<}FV-zf}=#m|mAgz3Gh?{?2>``nLaC_gc(#KBHwr6OZ2 zk220NEu4x$P<7lO8t0nBYK)5i#I@8$HC^dFdrfB_5ch*5ThJ)hFz~)uE=Q(_VeNxo z=r7boBYr1-p$#h?)40K0jhv-GxYH8oRrUZF@Q=R}kLzkJzn~e#F+A>em06^gTQ44| z;#LbNED()DwF)a(qZobfog-k468B?WW9|QNf|Ds3Q^xV;+gM`%_n+@p@BiK1|9(!no20%HXNX)9SXyYB(c)sDT*%87>ls81@9+BfXLF6aVbDdaFXbl7nmX$ zO$Z%71&$LW$;?ih#d}2K&K6KSHc`^s#x-H1QQ?2>gz%0gb6`~0R474;IV6PQuoJ#I z`}Issa-A(W(ku%fj?N$^Ty(-Qkv;vdLBA6Y|HXUyU-x1%?x}y=pJGOP1)w2{F0xdw zeMIL;C@#~^lW>SGI!{75O*>EiUuO$GAWm2&;P};R(Fs$|e#4RMge1nOXUcK*TPK`} zh{d?~4S6N3{GYx)eD&k&a2nr48;j+Cf3UmvtSbNg-3R%xb7Jr#=HmMXKO{oiBG zvQ()Q!*!6bF^OP^~ZyP8`M zEId8WTUY7<48l+0Cl__Y1d)u-55OUA8?kMM5u5hxZ`GJ?afrmE^9U6BkT*PsELC=D zUP|MIQu4vII~#N^2#pUwt>DS{N0fG^SR!RTE0hhw4NE5VL4>0$NlYxH-qCiorgLK& zLGX8+Bn&<>p2UGcVrvVIspKrq^fpANqm{HVL{iRXB*p@eqq+0+seYxH3%Hz+XaW(U z$^_Exe|^wlh7*sj%S`ODy0drzM}17_lT_m#QI&h6&dD$7YMfu>zVQlIU-CK@ZHlgle~zH}Eq%f4@_+Lz83IJY8?a!Q4i#cJ)!M)DlKz$um)r+`4c z0QJohb#4~Gq={T#;M|X|{_DGUfpxS9=XVTV9-ap3-~S4B&S4=c6U5^ZD(b~;qmr`N z5v4|zl*JB{p88ECX~HZ=C1TT*QA}lyP~jvxFSAN3DuyUEs@xnZTA+?liiRXvQKTA# zWjJt!d9x>O&lMhkU zfaDr@p1wRh0*(dCc!bwMcTG8po6%eu&!f{+lpNu7{YdAiW^eOP5(O7w(07e_W52?RaVv>NV$# zuVp;lxYe|&XYIAnYEaj(-)`J++thP2i29;{HJ^o9I_4N z^Z}E`^D|>I!_@fUFR^}OKx(gnacYEcJc9FL1Jtnixiclr#v-w;$q8qdfGB7Lwc|m* z7m}q$3=PJB^in=7)+*Hosv#`ygBQS(zZ&d7d1+&%@py{H%a<~@j(O%ukAjfKVYZigzkq&xNJ6_k*YH-*$Hj+LW`LoHup6 zhSk-(?=r;{C*MTwHx`@kWRr$4Ym@c79d|Kh-=4PF*t4E%<}N1pZ^ob~o{~V?h4m0c z7nsK94MPBbv$0!%oM2j(2U`m;Rf1_Yp47C@j2IuD9Ostudc*FdR+z<#i>hNR$lskX z9X&ThJg~}GHTknc&8bDzHf54Tm5mYO0SgK14HGu*?e+(M?)AU#4gSQ~Rj-+S3&mO0O2QLsUU-3n2)E${{n zadK0ug|?=zu%)rtS!>y5MWU(VPLaiBkCnF_;R=AMuoev#yL~JMI>O70ky01t7f7ZJ zXGY=N`0YcH;wTh2!I5OVTuZGf&c!S$mpNbL(9xFaYUbglIOFQuT$|#IWjtX*NQ~lc zz+I79sR!ysV&{iE)o7hNb)ZVTn_KZ*ecR(r8f+J@OS> z0LG|4Zy;ZOzB5uk))6we{jGe;cy>-f?sxvov2S*8#KHUu>OP!7Lx zM0RZtg8IANU0Q})m;8_oKK zD#_}wXA6m{2OM{rOEQ!IOV6qOmW}fDYiV?@ZXPC-l?kY#6MaTK0b2V$K)rjTV zpCnoCExOs=qKz^73hsp)WVwxj_Ia=2*sz(^UuGnU0n-`bj84sIU{3UD1Z|+3kO*W< zhBd>%49hkp5LjoDuXm$z06BM;>!mw4XGlbTBE;DwCLzMwys*S@alNx|bt7H(vb@Dw z?MCJ3yD?E^p$kTwO>^haIk4exIFfcih!iH7K9ZBQx^Yp;#$x_j$M|aO#t(R|I`M`G z|Hy!V5#d65T~HY7Q%J~W6o_qC8MkHadQcn7+6+&CGTL>e{chBa>I*y{lsl(Q>89>k zt@WWuWN?KL|GN)YyT^0;Z9i8y`f&G_!(F$3j~-vKEXgn8Z$7V(G3O?ku4I?3l<6v@ z*U77MZfCQncI#KI>+}2<<@NkAg$N1lYnvC*jZeL!hb9m(1%a3#Wx$%)N_|1H4!O*;0-TKsLetmXoi?G!r^rM3E>SZNa{ndxHZk<^?yM@#($lH2e z$W9(f;RMLI%=B7mh)wLg!biK{h_n$x0vNUFqUJ0!1jqyii-lb^xg9`5rW?{n%f_#i z7E9zlCO81 z<#^ul80L7~);KPk^B5ho>)R{}%Bz$Z1SIkGmDWT)#ewY<} zF4uC4EOjKTuxP*5y58sNOG}lIvm_yO{2qVlM-#i9MPFGT=}0iun}~+M)gUFu6o? z@fgUcz(djOu|6auA3rshIS4Fu@#E23CQmpPn99cn9~&rEAcQza^9}%!*d*s&jH$~l zo6JEtq^SV{Y*e7{4ry%{7hsppGliW_jE9*=?xDFUqedFj7k7GDt1GSD5^|vf2o-nZ zPm&`bbj0}7oRlz$&V)Zm<_-CbKfXY$^J;jQ$pQ z!w>#Qbhf~B-C|_(iEV+mUtCC*y&q*Mo!q4&raXAN&7n^OMaNFZ?uqN|?q$6Bw+Ry_ z4{?E@gbysqrntOu{uGW!j`xCY@D%)J-s%)=L15Eb#Y8AP1;lej(8wfB6ND+nR>C;w z2AvLyA}qv@EXK>wJ=7&(%HrZ4&Q`oj4V_{Xf8<2scX|K>`Pb6M&d9&;8ZG?kZ=};n zk(?}pdt#Gc4~v0}OOW!sd5hTDv5pz^tKrEk}VB zY^yWwE$OA7oZ1DCxmZBIv(veSeu3vdqBJE`tBn#Y`##TWXkc0^-~!KWoNq%gw)#kD z8xjV8v-!4=*e1nbj_MZp$Zi4TR;4QBZk+l7&vQ~LTIvof#4@F+KH8J$I?*@?Oa;+7 zUbQT03)9ckM`*s;`4j}3VvuBtg#vJis20kxs%;JlaI>$UG9idgBQZD4+AwIsMU@&N zEJk;$(BwT!EB(IP?KY=nv{bozPDZdtDa;Io(scEzW(eP<==TigxgCqq`25+6r?7_q z7Z~n8!!&X?)9VD`ey8I!DS8}+q0PRH>Fl86EJ>Fq^W^aC?Bl!BSDnJhoVktPgN|=| z8dB82yd;9MF>$6aPGI}avRImhJ=iZcl|8{Rq=?|`Ocgl*Fr!2iM z@7lMh=&?B-DUCE@JW?|!6Zw9RneI#m4W+YmrVNaYDnkk8Qj~_xCW*D@HFT0un9l8G z2s(p&WvE^R!P5#gUj%{X`Nx%_E2gNgHt@)a`mYK^C2f6s>iteGclcAvxC9T(i$~iR z*$_uE(Usj*7Tw}piaXd-a07H1{3aMx=)DL&hf3##9v^-Ul!8M7?>~cXywhnS!Qe_H z82BU@Y=#7b8z8};N&=VD_a~R|#Rg+C7=-<>-|77Pj>20u!_y(=FxYzvyZzn%Q=3C+ z*B!uxOQg??PW1w5L?{sx92e)c$3#xDq0Y3cnAavm-VzeYOmx|(D<`;X6P@oo1vw!C zrsy}u{X9+PD3wqhwkAw*j&*|Q7z>lj)+7~H-;0#JR?74eK{BNl7*AP#D5FR(JHkk2 zT!D&XlX}*4bSbUIx)aq;K&wJ_vxNr+8<^$EMONpcR`?vR%v!*C8mCMTxS zuI}ERqrC@6jjYK+t-D`_xm$;65(5LH$$Te-pZ|_IUYx<(W$soifKp;RWrE3e^tv}f zRPj^{Q>Lj@tagnfNKyCPPgiE5_BvhoNm0SrK{mVac@3x8URXkFgnsXB+0tE&T-S2> z5^Pk1@5{_&4jiOr{p+mlCz`N&zJH=G0w^*@Gj5|(lXQZHSdvH!ls0iEY|6%%Vm0!Y zXkK!)y1dd}j%vkXM~YEn%)5&)tmW)7HC4)*AU*FWgg!rF z7{R67wsP}S!!zNx^s$7IQe246fe4Xdv3irnMz>OA`BX%hB2HMI(lpNpfJC`=%&<_+ zJB8(>5z)CC#{!L_7bZ@=ENgz(jLays#Ui}R#IQ37$0N+0n);cIMnpRub+MR5nOfQC zQCloKv)x~3d%sS}*bH%REC1Qe1nx#iV6kJR#D1bVs~t zJKOC_W`FMW^lbKqM3}0Tlr2t7|B`A6v^m><%zdd{1-Br`}Pc*?o6cgld z?()3rWbEh?l=c{NY_vL|aLI|(SEmRzl9!0%PE3U4WSGekfgDyufL}lM3Ai9C@Eoolk;sAX7b^hn+K<9L6=Cd+)U?mPC*sI?m7-!J!&{Dy8(d3YY4hv(t>_MZPA00960rlSG}0D=Jk Date: Fri, 22 Sep 2023 13:36:18 +0200 Subject: [PATCH 10/13] first working docker image publishing workflow --- .github/workflows/pushimage.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pushimage.yaml b/.github/workflows/pushimage.yaml index d21011b..dc5f0e1 100644 --- a/.github/workflows/pushimage.yaml +++ b/.github/workflows/pushimage.yaml @@ -2,8 +2,8 @@ name: build-push-image on: push: - branches: - - 'development' + tags: + - 'v*' jobs: build-and-push-image: @@ -25,4 +25,4 @@ jobs: uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc with: push: true - tags: ghcr.io/tlinden/ephemerup:latest + tags: ghcr.io/tlinden/ephemerup:${{ github.ref_name}} From 49eca67037fcbe4cab19cf35b101ceafd04bb56d Mon Sep 17 00:00:00 2001 From: Thomas von Dein Date: Fri, 22 Sep 2023 13:37:40 +0200 Subject: [PATCH 11/13] bump version --- cfg/config.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cfg/config.go b/cfg/config.go index 1935502..02100be 100644 --- a/cfg/config.go +++ b/cfg/config.go @@ -23,7 +23,7 @@ import ( "time" ) -const Version string = "v0.0.2" +const Version string = "v0.0.3" var VERSION string // maintained by -x From a7ba982c6924bccd1b5aa74242f255877ad59323 Mon Sep 17 00:00:00 2001 From: Thomas von Dein Date: Sun, 1 Oct 2023 14:51:20 +0200 Subject: [PATCH 12/13] upd install docs --- README.md | 47 ++++++++++++++++++++++++++++++++++++++++++++--- charts/cm.yaml | 24 ------------------------ 2 files changed, 44 insertions(+), 27 deletions(-) delete mode 100644 charts/cm.yaml diff --git a/README.md b/README.md index 3c3c739..da709fd 100644 --- a/README.md +++ b/README.md @@ -57,9 +57,21 @@ authorize. A user can only manage uploads within that context. Think ## Installation -Since the software is currently being developed, there are no binary -releases available yet. You'll need a go build environment. Just run -`make` to build everything. +### Deploy server using pre-built docker file + +A ready to use ephemerup server image is available on +[ghcr.io](https://ghcr.io/tlinden/ephemerup). Supported tags are: +`latest` or a github release tag. + +To try it locally with docker: + +``` +docker run -dp 8080:8080 --name eph \ + ghcr.io/tlinden/ephemerup:latest \ + -LogLevel=info +``` + +### Build Dockerfile There's a `Dockerfile` available for the server so you can build and run it using docker: ``` @@ -68,6 +80,35 @@ docker-compose run ephemerup ``` Then use the client to test it. +### Install from binary package + +Go to the [Releases](https://github.com/TLINDEN/ephemerup/releases) +page and download the latest tarball for your platform. Unpack it and +execute `make install` inside the created directory. + +This installs both the server `ephemerupd` and the client `upctl`. + +If you only need the client, just grab the tarball and extract just +the client, copy it to your bin folder and you're good to go. + +### Deploy on Kubernetes using the Helm chart + +``` +helm repo add tlinden https://tlinden.github.io/ephemerup/ +helm repo update +helm upgrade --install ephemerup tlinden/ephemerup --namespace ephemerup --create-namespace +``` + +Refer to the [chart documentation](https://github.com/TLINDEN/ephemerup/tree/main/charts/ephemerup) for help. + +### Build from source + +To build from source, you'll need a go build environment. + +Clone the git repo +Just run `make` to build everything. + + ## Server Usage ``` diff --git a/charts/cm.yaml b/charts/cm.yaml deleted file mode 100644 index 3d62ae0..0000000 --- a/charts/cm.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: eph-ephemerup-config - namespace: "eph" - labels: - app.kubernetes.io/name: ephemerup - helm.sh/chart: ephemerup-1.0.0 - app.kubernetes.io/instance: eph - app.kubernetes.io/managed-by: Helm - annotations: - app: ephemerup -data: - listen = "8080" - bodylimit = "1024" - super = "root" - mail = { - server = - port = - from = - password = - } - apicontexts = [ - ] From e7b03d55db74bb64586f797c67acff84190cef71 Mon Sep 17 00:00:00 2001 From: Thomas von Dein Date: Sun, 1 Oct 2023 15:23:19 +0200 Subject: [PATCH 13/13] + values hint --- README.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/README.md b/README.md index da709fd..e40cd3e 100644 --- a/README.md +++ b/README.md @@ -101,6 +101,14 @@ helm upgrade --install ephemerup tlinden/ephemerup --namespace ephemerup --creat Refer to the [chart documentation](https://github.com/TLINDEN/ephemerup/tree/main/charts/ephemerup) for help. +For starters, create a minimal `values.yaml` like this one: +```yaml +image: + tag: "v0.0.3" +``** + +**Please note that the helm chart doesn't deploy a loadbalancer, you need to do this yourself, if needed.** + ### Build from source To build from source, you'll need a go build environment.