diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 00000000..bcd6669d --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,62 @@ +name: Release Charts + +on: + push: + branches: + - main + +jobs: + release: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + + - name: Get dependencies + run: | + helm repo add bitnami https://charts.bitnami.com/bitnami + helm repo add ncsa https://opensource.ncsa.illinois.edu/charts/ + helm dep build + + - name: get release info + id: release_info + run: | + version="$(awk '/^version:/ { print $2} ' Chart.yaml)" + changelog="$(sed -e "1,/^### ${version}/d" -e "/^###/,\$d" -e '/^$/d' README.md)" + changelog="${changelog//'%'/'%25'}" + changelog="${changelog//$'\n'/'%0A'}" + changelog="${changelog//$'\r'/'%0D'}" + echo "::set-output name=version::$version" + echo "::set-output name=changelog::$changelog" + + - name: Publish to NCSA OpenSource + uses: bsord/helm-push@v3 + with: + username: ${{ secrets.HELM_USERNAME }} + password: ${{ secrets.HELM_PASSWORD }} + repository-url: "https://opensource.ncsa.illinois.edu/charts" + chart-folder: "." + force: true + + - name: create release + uses: actions/create-release@v1 + id: create_release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + tag_name: ${{ steps.release_info.outputs.version }} + release_name: Release ${{ steps.release_info.outputs.version }} + body: ${{ steps.release_info.outputs.changelog }} + + - name: Upload Release Asset + id: upload-release-asset + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ steps.create_release.outputs.upload_url }} + asset_path: ./clowder-${{ steps.release_info.outputs.version }}.tgz + asset_name: clowder-${{ steps.release_info.outputs.version }}.tgz + asset_content_type: application/zip diff --git a/.gitignore b/.gitignore new file mode 100644 index 00000000..8dd10878 --- /dev/null +++ b/.gitignore @@ -0,0 +1,17 @@ +# development +.idea + +# generated helm charts folder +charts + +# helm package +.cr-release-packages +bety-*.tgz + +# custom values +secrets-*.yaml +values-*.yaml +*.values.yaml + +# database dumps +*.sql diff --git a/.helmignore b/.helmignore new file mode 100644 index 00000000..b968e54f --- /dev/null +++ b/.helmignore @@ -0,0 +1,24 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ +*.sql +values-*.yaml diff --git a/Chart.lock b/Chart.lock new file mode 100644 index 00000000..a6a3683d --- /dev/null +++ b/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: postgresql + repository: https://charts.bitnami.com/bitnami + version: 8.9.9 +digest: sha256:788b9c691c8d3254deb1ee2341c41b4ab6a50f5112b839896daa9aa2d7bf457d +generated: "2021-10-06T23:08:24.431682-05:00" diff --git a/Chart.yaml b/Chart.yaml new file mode 100644 index 00000000..cc33169f --- /dev/null +++ b/Chart.yaml @@ -0,0 +1,44 @@ +apiVersion: v2 +type: application + +# Information about chart. +name: betydb +icon: https://isda.ncsa.illinois.edu/~kooper/charts/images/betydb.png +home: https://www.betydb.org +description: > + Web-interface to the Biofuel Ecophysiological Traits and Yields Database + (used by PEcAn and TERRA REF) + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.5.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +appVersion: "5.4.1" + +# List of people that maintain this helm chart. +maintainers: + - name: Rob Kooper + email: kooper@illinois.edu + +# location of source code +sources: + - https://github.com/pecanproject/bety + +# Dependencies for chart. Some of the dependencies are only installed if they +# are enabled. +dependencies: +- name: postgresql + version: ~8.9 + repository: https://charts.bitnami.com/bitnami + condition: postgres.enabled + +annotations: + artifacthub.io/links: | + - name: Helm Chart + url: https://github.com/pecanproject/bety-helm + artifacthub.io/changes: | + - initial release of bety helm chart diff --git a/README.md b/README.md new file mode 100644 index 00000000..410c12e9 --- /dev/null +++ b/README.md @@ -0,0 +1,26 @@ +THIS IS A PLACEHOLDER + +## Upgrading BETY + +If the password is generated you will need to save this secret before you upgrade. You can do this using the following commands. **If you do not do this, you will not be able to retrieve the previous secrets**. + +``` +BETY_PASSWORD=$(kubectl get secrets betydb -o json | jq -r '.data.betyPassword' | base64 -d) +BETY_SECRETKEY=$(kubectl get secrets betydb -o json | jq -r '.data.secretKey' | base64 -d) +POSTGRESQL_PASSWORD=$(kubectl get secrets betydb-postgresql -o json | jq -r '.data."postgresql-password"' | base64 -d) +``` + +now you can upgrade and use the secrets retrieved. + +``` +helm upgrade betydb ncsa/betydb \ + --set betyPassword="${BETY_PASSWORD}" \ + --set secretKey="${BETY_SECRETKEY}" \ + --set postgresql.postgresqlPassword="${POSTGRESQL_PASSWORD}" +``` + +## ChangeLog + +### 0.5.0 +- initial release of the BETY helm chart. +- build on bety 5.4.1 diff --git a/cr.yaml b/cr.yaml new file mode 100644 index 00000000..57f15caf --- /dev/null +++ b/cr.yaml @@ -0,0 +1,2 @@ +#sign: true +#key: Chart Releaser Test Key diff --git a/ct.yaml b/ct.yaml new file mode 100644 index 00000000..81371830 --- /dev/null +++ b/ct.yaml @@ -0,0 +1,11 @@ +# See https://github.com/helm/chart-testing#configuration +remote: origin +target-branch: main +chart-dirs: + - . +chart-repos: + - bitnami=https://charts.bitnami.com/bitnami + - ncsa=https://opensource.ncsa.illinois.edu/charts/ +helm-extra-args: --timeout 600s +validate-yaml: true +check-version-increment: true diff --git a/templates/NOTES.txt b/templates/NOTES.txt new file mode 100644 index 00000000..1df66811 --- /dev/null +++ b/templates/NOTES.txt @@ -0,0 +1,33 @@ +Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "betydb.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "betydb.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "betydb.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + kubectl port-forward service/{{ include "betydb.fullname" . }} 8080:{{ .Values.service.port }} + echo "Visit http://127.0.0.1:8080 to use your application" +{{- end }} + +{{- if .Values.users }} + +Following users have been created: +{{- range $index, $element := .Values.users }} + - {{ .username }} : {{ .fullname }} <{{ .email }}> +{{- end }} +{{- end }} + +To upgrade please make sure to save the passwords for BETY, postgresql and the secret key for BETY. + +BETY_PASSWORD=$(kubectl get secrets betydb -o json | jq -r '.data.betyPassword' | base64 -d) +BETY_SECRETKEY=$(kubectl get secrets betydb -o json | jq -r '.data.secretKey' | base64 -d) +POSTGRESQL_PASSWORD=$(kubectl get secrets betydb-postgresql -o json | jq -r '.data."postgresql-password"' | base64 -d) + diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl new file mode 100644 index 00000000..e239785c --- /dev/null +++ b/templates/_helpers.tpl @@ -0,0 +1,108 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "betydb.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "betydb.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "betydb.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "betydb.labels" -}} +app.kubernetes.io/name: {{ include "betydb.name" . }} +helm.sh/chart: {{ include "betydb.chart" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + +{{/* +postgresql Host +*/}} +{{- define "betydb.postgresqlHost" -}} +{{- if .Values.postgresql.enabled -}} +{{ .Release.Name }}-postgresql +{{- else -}} +{{ .Values.postgresql.postgresqlHost }} +{{- end -}} +{{- end -}} + +{{/* +postgresql Port +*/}} +{{- define "betydb.postgresqlPort" -}} +{{- if .Values.postgresql.service -}} +{{ .Values.postgresql.service.port }} +{{- else -}} +{{ .Values.postgresql.postgresqlPort | default "5432" }} +{{- end -}} +{{- end -}} + +{{/* +Environment variables for PostgreSQL +*/}} +{{- define "betydb.postgresqlEnv" -}} +- name: PGHOST + value: {{ include "betydb.postgresqlHost" . | quote }} +- name: PGPORT + value: {{ include "betydb.postgresqlPort" . | quote }} +- name: PGUSER + value: {{ .Values.postgresql.postgresqlUsername | default "postgres" | quote }} +- name: PGPASSWORD + valueFrom: + secretKeyRef: +{{- if .Values.postgresql.enabled }} + name: {{ .Release.Name }}-postgresql + key: postgresql-password +{{- else }} + name: {{ include "betydb.fullname" . }} + key: postgresqlPassword +{{- end }} +{{- end }} + +{{/* +Environment variables for BetyDB +*/}} +{{- define "betydb.betydbEnv" -}} +- name: BETYUSER + value: {{ .Values.betyUser | quote }} +- name: BETYPASSWORD + valueFrom: + secretKeyRef: + name: {{ include "betydb.fullname" . }} + key: betyPassword +- name: BETYDATABASE + value: {{ .Values.betyDatabase | quote }} +- name: LOCAL_SERVER + value: {{ .Values.localServer | quote }} +- name: REMOTE_SERVERS + value: {{ .Values.remoteServers | quote }} +{{- end }} diff --git a/templates/configmap.yaml b/templates/configmap.yaml new file mode 100644 index 00000000..56a760d5 --- /dev/null +++ b/templates/configmap.yaml @@ -0,0 +1,27 @@ +{{- if .Values.customization }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "betydb.fullname" . }}-application + labels: + {{ include "betydb.labels" . | nindent 4 }} +data: + {{- if .Values.customization.application }} + application.yml: | + {{- .Values.customization.application | nindent 4}} + {{- end }} +--- +{{- if .Values.customization }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "betydb.fullname" . }}-logos + labels: + {{ include "betydb.labels" . | nindent 4 }} +binaryData: + {{- range $key, $val := .Values.customization.logos }} + {{ $key }}: | + {{- $val | nindent 4 }} + {{- end }} +{{- end }} +{{- end }} diff --git a/templates/deployment.yaml b/templates/deployment.yaml new file mode 100644 index 00000000..0493d75c --- /dev/null +++ b/templates/deployment.yaml @@ -0,0 +1,107 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "betydb.fullname" . }} + labels: + {{ include "betydb.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app.kubernetes.io/name: {{ include "betydb.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "betydb.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.customization }} + volumes: + {{- if .Values.customization.application }} + - name: application-config + configMap: + name: {{ include "betydb.fullname" . }}-application + items: + - key: application.yml + path: application.yml + {{- end }} + {{- if .Values.customization.logos }} + - name: logos-volume + configMap: + name: {{ include "betydb.fullname" . }}-logos + {{- end }} + {{- end }} + initContainers: + - name: check-postgresql + image: "{{ $.Values.image.checks }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + {{ include "betydb.postgresqlEnv" . | nindent 12 }} + {{ include "betydb.betydbEnv" . | nindent 12 }} + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: bety + containerPort: 8000 + protocol: TCP + env: + - name: UNICORN_WORKER_PROCESSES + value: {{ .Values.workers | quote }} + - name: SECRET_KEY_BASE + valueFrom: + secretKeyRef: + name: {{ include "betydb.fullname" . }} + key: secretKey + - name: RAILS_RELATIVE_URL_ROOT + value: {{ .Values.ingress.path | default "" | trimSuffix "/" | quote }} + - name: RAILS_LOG_TO_STDOUT + value: "true" + {{ include "betydb.postgresqlEnv" . | nindent 12 }} + {{ include "betydb.betydbEnv" . | nindent 12 }} + {{- if .Values.customization }} + volumeMounts: + {{- if .Values.customization.application }} + - name: application-config + mountPath: /home/bety/config/application.yml + subPath: application.yml + {{- end }} + {{- if .Values.customization.logos }} + - name: logos-volume + mountPath: /home/bety/app/assets/images/custom + {{- end }} + {{- end }} + # startupProbe: + # httpGet: + # path: {{ .Values.ingress.path }} + # port: bety + # failureThreshold: 30 + # periodSeconds: 10 + livenessProbe: + tcpSocket: + port: bety + initialDelaySeconds: 60 + readinessProbe: + httpGet: + path: {{ .Values.ingress.path }} + port: bety + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/templates/hooks/add-user.yaml b/templates/hooks/add-user.yaml new file mode 100644 index 00000000..332442da --- /dev/null +++ b/templates/hooks/add-user.yaml @@ -0,0 +1,58 @@ +{{- if .Values.users }} +{{- $imagetag := printf "%s:%s" .Values.image.repository .Values.image.tag }} +{{- $pgenv := include "betydb.postgresqlEnv" . }} +{{- $betyenv := include "betydb.betydbEnv" . }} +{{- $pullPolicy := .Values.image.pullPolicy }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "betydb.fullname" . }}-add-user + labels: + {{ include "betydb.labels" . | nindent 4 }} + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + "helm.sh/hook": "post-install" + "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation" + "helm.sh/hook-weight": "10" +spec: + template: + metadata: + name: {{ include "betydb.name" . }}-add-user + labels: + {{ include "betydb.labels" . | nindent 8 }} + spec: + {{- with .Values.hooks.affinity }} + affinity: + {{ toYaml . | nindent 8 }} + {{- end }} + restartPolicy: Never + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + initContainers: + - name: check-postgresql + image: "{{ $.Values.image.checks }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + {{ include "betydb.postgresqlEnv" . | nindent 12 }} + {{ include "betydb.betydbEnv" . | nindent 12 }} + containers: + {{- range $index, $element := .Values.users }} + - name: bety-add-user-{{ $index }} + image: {{ $imagetag | quote }} + imagePullPolicy: {{ $pullPolicy }} + args: + - user + - {{ .username | quote }} + - {{ .password | quote }} + - {{ .fullname | quote }} + - {{ .email | quote }} + - {{ .data | quote }} + - {{ .page | quote }} + env: + {{ $pgenv | nindent 12 }} + {{ $betyenv | nindent 12 }} + {{- end }} +{{- end }} diff --git a/templates/hooks/load-db.yaml b/templates/hooks/load-db.yaml new file mode 100644 index 00000000..92449e65 --- /dev/null +++ b/templates/hooks/load-db.yaml @@ -0,0 +1,64 @@ +{{- if or .Values.dburl .Values.dbtag }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "betydb.fullname" . }}-load-db + labels: +{{ include "betydb.labels" . | indent 4 }} + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + "helm.sh/hook": "post-install" + "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation" + "helm.sh/hook-weight": "5" +spec: + template: + metadata: + name: {{ include "betydb.name" . }}-load-db + labels: + {{ include "betydb.labels" . | nindent 8 }} + spec: + {{- with .Values.hooks.affinity }} + affinity: + {{ toYaml . | nindent 8 }} + {{- end }} + restartPolicy: Never + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + initContainers: + - name: check-postgresql + image: "{{ $.Values.image.checks }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + {{ include "betydb.postgresqlEnv" . | nindent 12 }} + {{ include "betydb.betydbEnv" . | nindent 12 }} + containers: + - name: bety-init + {{- if .Values.dburl }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: + - -a + - "${PGUSER}" + - -d + - "${BETYDATABASE}" + - -o + - "${BETYUSER}" + - -c + - -m + - ${LOCAL_SERVER} + - -r + - 0 + - -w + - {{ .Values.dburl | quote }} + ./script/load.bety.sh -a "postgres" -d "bety" -p "-h postgres -p 5432" -o bety -c ${INITIALIZE_FLAGS} -m ${LOCAL_SERVER} -r 0 ${INITIALIZE_URL} + {{- else }} + image: "pecan/db:{{ .Values.dbtag }}" + imagePullPolicy: Always + {{- end }} + env: + {{ include "betydb.postgresqlEnv" . | nindent 12 }} + {{ include "betydb.betydbEnv" . | nindent 12 }} +{{- end }} diff --git a/templates/ingress.yaml b/templates/ingress.yaml new file mode 100644 index 00000000..0b2eacf5 --- /dev/null +++ b/templates/ingress.yaml @@ -0,0 +1,53 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "betydb.fullname" . -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }} + labels: +{{ include "betydb.labels" . | indent 4 }} + annotations: + {{- if .Values.ingress.tls }} + kubernetes.io/tls-acme: "true" + traefik.ingress.kubernetes.io/router.tls: "true" + {{- end }} + {{- with .Values.ingress.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: +{{- if .Values.ingress.tls }} + tls: + - hosts: + {{- range .Values.ingress.hosts }} + - {{ . | quote }} + {{- end }} + {{- if .Values.ingress.secretName }} + secretName: {{ .Values.ingress.secretName }} + {{- end }} +{{- end }} + rules: +{{- if .Values.ingress.hosts }} + {{- range .Values.ingress.hosts }} + - host: {{ . }} + http: + paths: + - path: {{ $.Values.ingress.path }} + pathType: ImplementationSpecific + backend: + service: + name: {{ $fullName }} + port: + name: bety + {{- end }} +{{- else }} + - http: + paths: + - path: {{ $.Values.ingress.path }} + pathType: ImplementationSpecific + backend: + service: + name: {{ $fullName }} + port: + name: bety +{{- end }} +{{- end }} diff --git a/templates/secrets.yaml b/templates/secrets.yaml new file mode 100644 index 00000000..82be45b2 --- /dev/null +++ b/templates/secrets.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "betydb.fullname" . }} + labels: +{{ include "betydb.labels" . | indent 4 }} +type: Opaque +data: +{{- if and (not .Values.postgresql.enabled) .Values.postgresql.postgresqlPassword }} + postgresqlPassword: {{ .Values.postgresql.postgresqlPassword | b64enc | quote }} +{{- end }} + betyPassword: {{ .Values.betyPassword | b64enc | quote }} + secretKey: {{ .Values.secretKey | b64enc | quote }} diff --git a/templates/service.yaml b/templates/service.yaml new file mode 100644 index 00000000..42b8a468 --- /dev/null +++ b/templates/service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "betydb.fullname" . }} + labels: +{{ include "betydb.labels" . | indent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - name: bety + port: {{ .Values.service.port }} + targetPort: bety + protocol: TCP + selector: + app.kubernetes.io/name: {{ include "betydb.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/templates/tests/test-connection.yaml b/templates/tests/test-connection.yaml new file mode 100644 index 00000000..32894e01 --- /dev/null +++ b/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "betydb.fullname" . }}-test-connection" + labels: +{{ include "betydb.labels" . | indent 4 }} + annotations: + "helm.sh/hook": test-success +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "betydb.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/values.yaml b/values.yaml new file mode 100644 index 00000000..1a50cb45 --- /dev/null +++ b/values.yaml @@ -0,0 +1,183 @@ +image: + repository: pecan/bety + tag: null + checks: "ncsa/checks:1.0.0" + pullPolicy: IfNotPresent + +imagePullSecrets: [] + +## replicaCount is the number of instances for BETYDB. Each instance can also +## have multuiple workers as defined by workers below. +replicaCount: 1 + +## workers is the number of workers for each BETYDB replica. The total number +## of simultanous connections is replicaCount * workers. +workers: 1 + +## localServer is the ID for this intance. To be able to synchronize your data +## with the PEcAn network you will need to request a unique number. This can +## be done at https://forms.gle/m3SnMVh8WVHyL6eH8 +localServer: 99 + +## remoteservers is the list of all remote servers you want to synchronize with. +## This is the list you will receive data from. +remoteServers: "0, 1, 2, 5" + +## betyUser is the user that is used with PostgreSQL. BETYDB and PEcAn will use +## this user to connect to the database and read and write to the database. +betyUser: bety + +## betyPassword the password used when connecting to the database from BETYDB +## and PEcAn. +betyPassword: bety + +## betyDatabase the database that will be created and that BETYDB adn PEcAn +## will connect to and write data. +betyDatabase: bety + +## secretKey the key that will be used to encrypt the passwords. If this is +## changed users will not be able to login with their existing passwords. +secretKey: thisisnotasecret + +## dbtag is the tag of the database to load. Normally will use latest to +## make sure latest tag is loaded, this might not work with an older database. +## set this to "" to not load the database +dbtag: latest + +## dburl is the url where to get the database from. If this is not set use +## the dbdump that is the PEcAn network. The default is not to use this. +dburl: "" + +## addUsers is a hash of users that should be added to the database when it is +## initialized. +# data : 1=Restricted, 2=Internal, 3=External, 4=Public +# page : 1=Admin, 2=Manager, 3=Creator, 4=Viewer + +users: [] + # - username: carya + # password: illinois + # fullname: Demo User + # email: betydb@gmail.com + # data: 1 + # page: 1 + # - username: guestuser + # password: guestuser + # fullname: Guest User + # email: betydb@gmail.com + # data: 4 + # page: 4 + +# customization of BETY: +# - application will be placed in config/application.yml +# - logos will be placed in public/images/custom +customization: {} + # application: | + # organization: + # name: "TERRA Ref" + # url: #{root_path} + # logo_file: "custom/terraref-logo.png" + # logos: + # "terraref-logo.png": + +# ------------------------------------------------------------------------------- + +## All data for BETYDB will be stored in PostgreSQL +postgresql: + ## enabled should the postgresql chart be installed as well. If not make + ## sure that the other values are provied to get access to the database. + enabled: true + + ## it takes some time to start postgresql, wait 5 min before start liveness. + livenessProbe: + initialDelaySeconds: 300 + + ## postgresqlHost host where postgresql is installed. + # postgresqlHost: postgres + + ## postgresqlPort port to connect to postgresql + # postgresqlPort: 5432 + + ## postgresqlUsername is the initial user added to the system. This is freqently the + ## postgres user. This user will have superuser abilities. + # postgresqlUsername: postgres + + ## postgresqlPassword the password for postgresqlUsername, if using auto generated + ## password make sure to save the password as described in the notes. When upgrading + ## you will need to provide this secret otherwise a new secret will be generated but + ## not saved in the database. + postgresqlPassword: supersecret + + # need more space + persistence: + size: 20Gi + +# ------------------------------------------------------------------------------- + +nameOverride: "" +fullnameOverride: "" + +# ------------------------------------------------------------------------------- + +service: + type: ClusterIP + port: 8000 + +# ------------------------------------------------------------------------------- + +## Configure the ingress resource that allows you to access the +## BETY installation. Set up the URL +## ref: http://kubernetes.io/docs/user-guide/ingress/ +## +ingress: + ## Set to true to enable ingress record generation + enabled: false + + ## Ingress path + path: / + + ## The list of hostnames to be covered with this ingress record. + ## Most likely this will be just one host, but in the event more hosts are needed, this is an array + hosts: [] + # - bety.example.com + + tls: false + # secretName: bety.example.com.tls + + ## Ingress annotations done as key:value pairs + ## + ## For a full list of possible ingress annotations, please see + ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/annotations.md + ## + annotations: + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: true + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + + +## Node selector +## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector +nodeSelector: {} + +## Tolerations +## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +tolerations: [] + +## Affinity +## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +affinity: {} + +## Hook Affinity +## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +hooks: + affinity: {}