Skip to content

Commit

Permalink
Add initializer job for hyades (#149)
Browse files Browse the repository at this point in the history
  • Loading branch information
@nscuro
nscuro authored Aug 28, 2024
1 parent e163e05 commit cafba8a
Show file tree
Hide file tree
Showing 15 changed files with 531 additions and 41 deletions.
182 changes: 182 additions & 0 deletions charts/hyades/ci/test-initializer-values.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,182 @@
common:
database:
jdbcUrl: "jdbc:postgresql://postgres.{{ .Release.Namespace }}.svc.cluster.local:5432/dtrack"
username: "dtrack"
password: "dtrack"
kafka:
bootstrapServers: "redpanda.{{ .Release.Namespace }}.svc.cluster.local:9092"
secretKey:
createSecret: true
serviceAccount:
automount: true

apiServer:
resources:
requests:
cpu: 100m
memory: 512Mi
limits:
cpu: "2"
memory: 512Mi

initializer:
enabled: true
# chart-testing executes `helm install` with `--wait` flag,
# causing post-install hooks to never run.
# See https://github.com/helm/chart-testing/issues/202.
noHelmHook: true

mirrorService:
resources: &hyadesResources
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 500m
memory: 256Mi

repoMetaAnalyzer:
resources: *hyadesResources

vulnAnalyzer:
resources: *hyadesResources

extraObjects:
- apiVersion: apps/v1
kind: Deployment
metadata:
name: postgres
namespace: "{{ .Release.Namespace }}"
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/name: "{{ printf \"%s-postgres\" (include \"hyades.name\" .) }}"
app.kubernetes.io/component: postgres
template:
metadata:
labels:
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/name: "{{ printf \"%s-postgres\" (include \"hyades.name\" .) }}"
app.kubernetes.io/component: postgres
spec:
containers:
- name: postgres
image: postgres:16-alpine
env:
- name: POSTGRES_DB
value: dtrack
- name: POSTGRES_USER
value: dtrack
- name: POSTGRES_PASSWORD
value: dtrack
ports:
- name: postgres
containerPort: 5432
protocol: TCP
- apiVersion: v1
kind: Service
metadata:
name: postgres
namespace: "{{ .Release.Namespace }}"
labels:
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/name: "{{ printf \"%s-postgres\" (include \"hyades.name\" .) }}"
app.kubernetes.io/component: postgres
spec:
type: ClusterIP
selector:
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/name: "{{ printf \"%s-postgres\" (include \"hyades.name\" .) }}"
app.kubernetes.io/component: postgres
ports:
- port: 5432
targetPort: 5432
- apiVersion: apps/v1
kind: Deployment
metadata:
name: redpanda
namespace: "{{ .Release.Namespace }}"
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/name: "{{ printf \"%s-redpanda\" (include \"hyades.name\" .) }}"
app.kubernetes.io/component: redpanda
template:
metadata:
labels:
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/name: "{{ printf \"%s-redpanda\" (include \"hyades.name\" .) }}"
app.kubernetes.io/component: redpanda
spec:
containers:
- name: redpanda
image: docker.redpanda.com/vectorized/redpanda:v24.1.7
args:
- redpanda
- start
- --smp
- '1'
- --reserve-memory
- 0M
- --memory
- 512M
- --overprovisioned
- --node-id
- '0'
- --kafka-addr
- PLAINTEXT://0.0.0.0:9092
- --advertise-kafka-addr
- PLAINTEXT://redpanda.{{ .Release.Namespace }}.svc.cluster.local:9092
ports:
- name: kafka-api
containerPort: 9092
protocol: TCP
- name: redpanda-admin
containerPort: 9644
protocol: TCP
- apiVersion: v1
kind: Service
metadata:
name: redpanda
namespace: "{{ .Release.Namespace }}"
labels:
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/name: "{{ printf \"%s-redpanda\" (include \"hyades.name\" .) }}"
app.kubernetes.io/component: redpanda
spec:
type: ClusterIP
selector:
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/name: "{{ printf \"%s-redpanda\" (include \"hyades.name\" .) }}"
app.kubernetes.io/component: redpanda
ports:
- name: kafka-api
port: 9092
targetPort: 9092
- name: redpanda-admin
port: 9644
targetPort: 9644
- apiVersion: batch/v1
kind: Job
metadata:
name: redpanda-init
namespace: "{{ .Release.Namespace }}"
spec:
template:
spec:
containers:
- name: redpanda
image: docker.redpanda.com/vectorized/redpanda:v24.1.7
command:
- /bin/bash
args:
- -c
- bash <(curl -s https://raw.githubusercontent.com/DependencyTrack/hyades/main/scripts/create-topics.sh)
env:
- name: REDPANDA_BROKERS
value: "redpanda.{{ .Release.Namespace }}.svc.cluster.local:9092"
restartPolicy: OnFailure
24 changes: 6 additions & 18 deletions charts/hyades/ci/test-values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,38 +11,26 @@ common:
apiServer:
resources:
requests:
cpu: 500m
cpu: 100m
memory: 512Mi
limits:
cpu: 500m
cpu: "2"
memory: 512Mi

mirrorService:
resources:
resources: &hyadesResources
requests:
cpu: 500m
cpu: 100m
memory: 256Mi
limits:
cpu: 500m
memory: 256Mi

repoMetaAnalyzer:
resources:
requests:
cpu: 500m
memory: 256Mi
limits:
cpu: 500m
memory: 256Mi
resources: *hyadesResources

vulnAnalyzer:
resources:
requests:
cpu: 500m
memory: 256Mi
limits:
cpu: 500m
memory: 256Mi
resources: *hyadesResources

extraObjects:
- apiVersion: apps/v1
Expand Down
24 changes: 6 additions & 18 deletions charts/hyades/ci/test-vulnanalyzer-statefulset-values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,39 +11,27 @@ common:
apiServer:
resources:
requests:
cpu: 500m
cpu: 100m
memory: 512Mi
limits:
cpu: 500m
cpu: "2"
memory: 512Mi

mirrorService:
resources:
resources: &hyadesResources
requests:
cpu: 500m
cpu: 100m
memory: 256Mi
limits:
cpu: 500m
memory: 256Mi

repoMetaAnalyzer:
resources:
requests:
cpu: 500m
memory: 256Mi
limits:
cpu: 500m
memory: 256Mi
resources: *hyadesResources

vulnAnalyzer:
useStatefulSet: true
resources:
requests:
cpu: 500m
memory: 256Mi
limits:
cpu: 500m
memory: 256Mi
resources: *hyadesResources
persistentVolume:
enabled: true
extraEnv:
Expand Down
86 changes: 86 additions & 0 deletions charts/hyades/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,92 @@ API server image
{{- end -}}


{{/*
Initializer labels
*/}}
{{- define "hyades.initializerLabels" -}}
{{ include "hyades.commonLabels" . }}
{{ include "hyades.initializerSelectorLabels" . }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
{{- end -}}

{{/*
Initializer selector labels
*/}}
{{- define "hyades.initializerSelectorLabels" -}}
{{ include "hyades.commonSelectorLabels" . }}
app.kubernetes.io/name: {{ printf "%s-initializer" (include "hyades.name" .) }}
app.kubernetes.io/component: initializer
{{- end -}}

{{/*
Initializer name
*/}}
{{- define "hyades.initializerName" -}}
{{- printf "%s-initializer" (include "hyades.name" .) -}}
{{- end -}}

{{/*
Initializer fully qualified name
*/}}
{{- define "hyades.initializerFullname" -}}
{{- printf "%s-initializer" (include "hyades.fullname" .) -}}
{{- end -}}

{{/*
Initializer image
*/}}
{{- define "hyades.initializerImage" -}}
{{- if eq (substr 0 7 .Values.initializer.image.tag) "sha256:" -}}
{{- printf "%s/%s@%s" (.Values.initializer.image.registry | default .Values.common.image.registry) .Values.initializer.image.repository .Values.initializer.image.tag -}}
{{- else -}}
{{- printf "%s/%s:%s" (.Values.initializer.image.registry | default .Values.common.image.registry) .Values.initializer.image.repository (.Values.initializer.image.tag | default .Chart.AppVersion) -}}
{{- end -}}
{{- end -}}


{{/*
Initializer waiter name
*/}}
{{- define "hyades.initializerWaiterName" -}}
{{- printf "%s-waiter" (include "hyades.initializerName" .) -}}
{{- end -}}

{{/*
Initializer waiter fully qualified name
*/}}
{{- define "hyades.initializerWaiterFullname" -}}
{{- printf "%s-waiter" (include "hyades.initializerFullname" .) -}}
{{- end -}}

{{/*
Initializer waiter image
*/}}
{{- define "hyades.initializerWaiterImage" -}}
{{- if eq (substr 0 7 .Values.initializer.waiter.image.tag) "sha256:" -}}
{{- printf "%s/%s@%s" (.Values.initializer.waiter.image.registry | default .Values.common.image.registry) .Values.initializer.waiter.image.repository .Values.initializer.waiter.image.tag -}}
{{- else -}}
{{- printf "%s/%s:%s" (.Values.initializer.waiter.image.registry | default .Values.common.image.registry) .Values.initializer.waiter.image.repository (.Values.initializer.waiter.image.tag | default .Chart.AppVersion) -}}
{{- end -}}
{{- end -}}

{{/*
Initializer waiter container
*/}}
{{- define "hyades.initializerWaiterContainer" -}}
name: {{ include "hyades.initializerWaiterName" . }}
image: {{ include "hyades.initializerWaiterImage" . }}
imagePullPolicy: {{ .Values.initializer.waiter.image.pullPolicy }}
args:
- wait
- --for
- condition=complete
- --timeout
- "5m"
- job/{{ include "hyades.initializerFullname" . }}
{{- end -}}


{{/*
Frontend labels
*/}}
Expand Down
11 changes: 7 additions & 4 deletions charts/hyades/templates/api-server/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,9 @@ spec:
imagePullSecrets: {{- toYaml . | nindent 6 }}
{{- end }}
initContainers:
{{- if .Values.initializer.enabled }}
- {{ include "hyades.initializerWaiterContainer" . | nindent 8 }}
{{- end }}
{{- with .Values.apiServer.initContainers }}
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
Expand All @@ -48,10 +51,6 @@ spec:
- name: ALPINE_SECRET_KEY_PATH
value: "/var/run/secrets/secret.key"
{{- end }}
- name: ALPINE_DATABASE_MODE
value: "external"
- name: ALPINE_DATABASE_DRIVER
value: "org.postgresql.Driver"
{{- with .Values.common.database.jdbcUrl }}
- name: ALPINE_DATABASE_URL
value: {{ tpl . $ | quote }}
Expand All @@ -64,6 +63,10 @@ spec:
- name: ALPINE_DATABASE_PASSWORD
value: {{ . | quote }}
{{- end }}
{{- if .Values.initializer.enabled }}
- name: INIT_TASKS_ENABLED
value: "false"
{{- end }}
- name: KAFKA_BOOTSTRAP_SERVERS
value: {{ tpl .Values.common.kafka.bootstrapServers $ | quote }}
{{- with .Values.common.kafka.topicPrefix }}
Expand Down
Loading

0 comments on commit cafba8a

Please sign in to comment.