Commit d3d30236 authored by Francesco-gmail's avatar Francesco-gmail
Browse files

sample chart for karma and udit-logger

parent 61f41a2e
Pipeline #177540 failed with stage
in 6 seconds
......@@ -6,5 +6,5 @@ stages:
upload:
stage: upload
script:
- chart_version=$(helm package ./common | awk -F/ '{print $7}') #--version 1.0.0
- chart_version=$(helm package ./chart | awk -F/ '{print $7}') #--version 1.0.0
- curl --request POST --user gitlab-ci-token:$CI_JOB_TOKEN --form "chart=@$chart_version" "${CI_API_V4_URL}/projects/4410/packages/helm/api/stable/charts"
apiVersion: v2
name: sample-chart
description: A Helm chart for Kubernetes
# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: library
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.1
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "1.16.0"
dependencies:
- name: library-chart
version: 1.0.1
repository: https://gitlab.fbk.eu/api/v4/projects/4410/packages/helm/stable
\ No newline at end of file
apiVersion: v1
name: fbk-test-ingress
version: 1.0.0
description: The Universal Deployment Helm Chart
dependencies:
- name: fbk-common # Common chart for TreC microservices
version: 1.0.0
repository: file://../../library/common-old
\ No newline at end of file
# Default values for a "deployment"
# REQUIRED for you to set a value here, name of your application/service
nameOverride: audit-logger
# Number of pods in deployment, default of not highly available (override on HA environments)
replicaCount: 1
# minReadySeconds
minReadySeconds: false
# Rollback limit
revisionHistoryLimit: 10
# The pod priority, to make things more critical
# See: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/
priorityClassName: ""
# Image repository location (override if needed)
image:
# Which image to release
tag: latest
# Which repo to use
repository: trecregistry.azurecr.io/trec/microservices/test-fbk-sit-cloud/audit-logger
# Which command to run (NOTE: ONLY SPECIFY IF YOU NEED, IF NOT SPECIFIED WILL USE DOCKER DEFAULT)
command: []
# What args to pass to the command (NOTE: ONLY SPECIFY IF YOU NEED, IF NOT SPECIFIED WILL USE DOCKER DEFAULT)
args: []
# Image pull policy: IfNotPresent / Always
imagePullPolicy: IfNotPresent
configMap: []
# Ingress definitions
ingress:
enabled: true
# If we want to override the name, RECOMMEND YOU DO NOT DO THIS UNLESS YOU NEED, it has a sane default
name: ""
# If we want to have affinity in nginx enabled
nginx_affinity: true
# This is for the nginx controllers, this should be set to the controller that is intended to route your service
nginx_class: "nginx"
annotations: {}
hosts:
- host: karma.tony
paths:
- /api/audit-logger/?(.*)
tls: []
# Secondary ingress definition
ingress_secondary:
enabled: false
# If we want to override the name, RECOMMEND YOU DO NOT DO THIS UNLESS YOU NEED, it has a sane default
name: ""
# If we want to have affinity in nginx enabled
nginx_affinity: true
# This is for the nginx controllers, this should be set to the controller that is intended to route your service
nginx_class: "nginx"
annotations: {}
hosts:
- host: chart-example.local
paths:
- /api/audit-logger/?(.*)
tls: []
# Service definitions
service:
enabled: true
annotations: {}
type: ClusterIP
port: 80
targetPort: 8080
name: ""
# externalTrafficPolicy: Local
additionalPorts: []
# Additional container ports to open
# This can allow scraping by prometheus, or exposure to other services
additionalPorts:
- containerPort: 6666
name: metrics
protocol: TCP
# Additional pod annotations
podAnnotations: {}
# tick: "1528451892"
# Additional labels put onto anything that can be labelled (pods, services)
labels: {}
# This adds lifecycle events for the deployment
lifecycle: {}
# Environment variables (for globals, all deployments)
globalEnvs:
- name: DB_URL
value: mariadb://fbk-mariadb-trec-test.mariadb.database.azure.com:3306/audit_logger
- name: DB_USERNAME
value: trecroot@fbk-mariadb-trec-test # For Azure we need to append the `@servername` part
- name: DB_PASSWORD # Read username from the Kubernetes secret created by init script
valueFrom:
secretKeyRef:
name: audit-logger-db-credentials
key: password
- name: JAVA_OPTIONS
value: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005,quiet=y"
- name: INTERNAL_KEY_PATH
value: /secrets/internal-key/internal_key
# Used by Swagger library to set the base URL inside the swagger.yaml file
# This is used by Swagger UI to reach the API endpoints when using the "Try it out" button on an API
- name: EXTERNAL_BASE_PATH
value: "/api/{{ .Chart.Name }}/"
# How to reach Redis service
- name: REDIS_URL
value: redis
- name: REDIS_PORT
value: "6379"
- name: JSON_LOGGING
value: "true"
# stdin and tty status
tty: true
# A secondary source for env variables (eg: for a specific env (eg: dev, or staging))
extraEnvs: []
# A way to pull secondary env variables from configmaps and secrets
envFrom: []
# livenessProbes are used to determine when to restart a container
livenessProbe:
enabled: true
# For the liveness probe we'll wait a full 2 minutes, just incase this service takes a while to start-up
initialDelaySeconds: 120
periodSeconds: 10
timeoutSeconds: 9
successThreshold: 1
failureThreshold: 3
# Specify either httpGet, tcpSocket or exec
# httpGet uses path and port (below)
# tcpSocket uses port (below)
# exec uses command (below)
probeType: httpGet
# parameters for probes
path: /metrics
port: metrics
command:
- ls -la /
# readinessProbes are used to determine when a container is ready to start accepting traffic
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 4
successThreshold: 2
failureThreshold: 2
# Specify either httpGet, tcpSocket or exec
# httpGet uses path and port (below)
# tcpSocket uses port (below)
# exec uses command (below)
probeType: httpGet
# parameters for probes
path: /metrics
port: metrics
command:
- ls -la /
# Lower the ndots value, to reduce the search path expansion of DNS queries
# https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-config
dnsConfig:
enabled: false
ndots: 2
# container resource requests/limits
# this is set VERY low by default, to be aggressive above resource limiting, please override this if necessary
# Note: Limits are HARD Limits
# Requests are "soft" limits and are what affects HPA (autoscaling) aggressiveness and are what is guaranteed
resources:
limits:
# cpu: 100m
memory: 300Mi
requests:
# cpu: 100m
memory: 300Mi
# Assign pods to nodes based on nodeSelector labels, define a default here if desired
nodeSelector: []
# purpose: node-feature-name
# Assign pods to nodes based on tolerations and taints
tolerations: []
# Init container(s)
initContainers: []
# - name: volume-mount-hack
# image: busybox
# command: ["sh", "-c", "chown -R 1000:1000 /var/chaindata"]
# volumeMounts:
# - name: data
# mountPath: /var/chaindata
# Additional containers to be added to the pod (eg: add the cloudsql proxy)
extraContainers: []
# Volumes added to the pod eg: for cloudsql
volumeMounts:
- name: internal-key
readOnly: true
mountPath: /secrets/internal-key/
volumes:
- name: internal-key
secret:
secretName: internal-key
# Security context options, should default to run as non root enabled, but for now not
security:
runAsNonRoot: true
runAsUser: 1000
fsGroup: 1000
# Whether or not to enable autoscaling
autoscaling:
enabled: false
minReplicas: 2
maxReplicas: 8
targetCPUUtilizationPercentage: 75
targetMemoryUtilizationPercentage: 90
# Whether or not we want a pod disruption budget, enabled by default, but this only is enabled if replicaCount > 1
podDistuptionBudget:
enabled: true
# maxUnavailable: 1
minAvailable: 1
# What deployment strategy to use
deploymentStrategy:
# Recreate / RollingUpdate
type: RollingUpdate
rollingUpdate:
# Minimize downtime by only having only 25 percent max unavailable. If you're only at 3 pods, because 33% it won't kill any pods before one gets healthy first.
maxUnavailable: 25%
# Allows up to 25% more pods to be created when trying to roll out. If you're at 10 pods, it'll spin up 2 new ones (20%) and when healthy will wait for termination of old ones to ensure compliance of 25%
maxSurge: 25%
# This is so we can use the same tag on various different objects (eg: statefulsets, crons, etc) via our Gitlab CI Automation
global:
image:
tag: ""
# This can be used Gitlab CI and helm automatically to set our URIs based on namespace
namespace: ""
# This is for service accounts
serviceAccount:
# Disabled by default, set to true if you want
enabled: false
# Add annotations if desited,
annotations: {}
# Here's an example of assigning an IAM role to a pod
# eks.amazonaws.com/role-arn: arn:aws:iam::123123123:role/role-name-goes-here
# If we want a hostname set for this deployment
hostname: ""
## For RBAC support, enable if you want, and set the rules you wish, examples below
rbac:
create: false
rules:
## Define specific rbac permissions.
# Eg: This grants all on API groups
# - apiGroups: ['*']
# resources: ['*']
# verbs: ['*']
# Eg: This grants all on non resource URLs
# - nonResourceURLs: ['*']
# verbs: ['*']
# Eg: This is "readonly" for common resources
# - resources: ["deployments", "configmaps", "pods", "pods/log", "services", "jobs", "jobs/status", "nodes", "serviceaccount", "namespaces"]
# verbs: ["get", "list", "watch"]
## Make this into a clusterwide role to give access to all namespaces if desired, disabled by default for more security
clusterWideAccess: false
\ No newline at end of file
# Default values for a "deployment"
# REQUIRED for you to set a value here, name of your application/service
nameOverride: karma-tony
# Number of pods in deployment, default of not highly available (override on HA environments)
replicaCount: 1
# minReadySeconds
minReadySeconds: false
# Rollback limit
revisionHistoryLimit: 10
# The pod priority, to make things more critical
# See: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/
priorityClassName: ""
# Image repository location (override if needed)
image:
# Which image to release
tag: latest
# Which repo to use
repository: ghcr.io/prymitive/karma
# Which command to run (NOTE: ONLY SPECIFY IF YOU NEED, IF NOT SPECIFIED WILL USE DOCKER DEFAULT)
command: []
# What args to pass to the command (NOTE: ONLY SPECIFY IF YOU NEED, IF NOT SPECIFIED WILL USE DOCKER DEFAULT)
args: []
# Image pull policy: IfNotPresent / Always
imagePullPolicy: IfNotPresent
configMap:
- name: karma-config-2
mountPath: /etc/karma.yaml
subPath: karma.yaml
data: |
alertmanager:
interval: 60s
servers:
- name: local
uri: http://prometheus-kube-prometheus-alertmanager:9093
readonly: false
proxy: true
cors:
credentials: same-origin
history:
enabled: true
rewrite:
- source: http://prometheus.microk8s.fbk.eu
uri: http://prometheus-kube-prometheus-prometheus:9090
labels:
color:
custom:
severity:
- value: warning
color: "#ffae42"
- value: critical
color: "#ff220c"
env:
- value: Demo
color: "#00b33c"
- value: Dev
color: "#ffae42"
- value: Prod
color: "#ff220c"
job:
- value: linux-dc
color: "#660033"
- value: azure-nodes
color: "#00ccff"
- value: windows-dc
color: "#3399ff"
instance:
- value_re: ".*"
color: "#ffffe6"
receivers:
strip:
- impianti
# Ingress definitions
ingress:
enabled: true
# If we want to override the name, RECOMMEND YOU DO NOT DO THIS UNLESS YOU NEED, it has a sane default
name: ""
# If we want to have affinity in nginx enabled
nginx_affinity: true
# This is for the nginx controllers, this should be set to the controller that is intended to route your service
nginx_class: "public"
annotations: {}
hosts:
- host: karma.tony
paths:
- /
tls: []
# Secondary ingress definition
ingress_secondary:
enabled: false
# If we want to override the name, RECOMMEND YOU DO NOT DO THIS UNLESS YOU NEED, it has a sane default
name: ""
# If we want to have affinity in nginx enabled
nginx_affinity: true
# This is for the nginx controllers, this should be set to the controller that is intended to route your service
nginx_class: "nginx"
annotations: {}
hosts:
- host: chart-example.local
paths:
- /
tls: []
# Service definitions
service:
enabled: true
annotations: {}
type: ClusterIP
port: 80
targetPort: 8080
name: ""
# externalTrafficPolicy: Local
additionalPorts: []
# Additional container ports to open
# This can allow scraping by prometheus, or exposure to other services
additionalPorts: []
# - containerPort: 8001
# name: http-admin
# protocol: TCP
# Additional pod annotations
podAnnotations: {}
# tick: "1528451892"
# Additional labels put onto anything that can be labelled (pods, services)
labels: {}
# This adds lifecycle events for the deployment
lifecycle: {}
# Environment variables (for globals, all deployments)
globalEnvs:
- name: CONFIG_FILE
value: "/etc/karma.yaml"
# stdin and tty status
tty: true
# A secondary source for env variables (eg: for a specific env (eg: dev, or staging))
extraEnvs: []
# A way to pull secondary env variables from configmaps and secrets
envFrom: []
# livenessProbes are used to determine when to restart a container
livenessProbe:
enabled: false
# For the liveness probe we'll wait a full 2 minutes, just incase this service takes a while to start-up
initialDelaySeconds: 120
periodSeconds: 10
timeoutSeconds: 9
successThreshold: 1
failureThreshold: 3
# Specify either httpGet, tcpSocket or exec
# httpGet uses path and port (below)
# tcpSocket uses port (below)
# exec uses command (below)
probeType: httpGet
# parameters for probes
path: /alive
port: default-service
command:
- ls -la /
# readinessProbes are used to determine when a container is ready to start accepting traffic
readinessProbe:
enabled: false
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 4
successThreshold: 2
failureThreshold: 2
# Specify either httpGet, tcpSocket or exec
# httpGet uses path and port (below)
# tcpSocket uses port (below)
# exec uses command (below)
probeType: httpGet
# parameters for probes
path: /
port: default-service
command:
- ls -la /
# Lower the ndots value, to reduce the search path expansion of DNS queries
# https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-config
dnsConfig:
enabled: false
ndots: 2
# container resource requests/limits
# this is set VERY low by default, to be aggressive above resource limiting, please override this if necessary
# Note: Limits are HARD Limits
# Requests are "soft" limits and are what affects HPA (autoscaling) aggressiveness and are what is guaranteed
resources: {}
# limits:
# cpu: 100m
# memory: 64Mi
# requests:
# cpu: 50m
# memory: 32Mi
# Assign pods to nodes based on nodeSelector labels, define a default here if desired
nodeSelector: []
# purpose: node-feature-name
# Assign pods to nodes based on tolerations and taints
tolerations: []
# Init container(s)
initContainers: []
# - name: volume-mount-hack
# image: busybox
# command: ["sh", "-c", "chown -R 1000:1000 /var/chaindata"]
# volumeMounts:
# - name: data
# mountPath: /var/chaindata
# Additional containers to be added to the pod (eg: add the cloudsql proxy)
extraContainers: []
# Volumes added to the pod eg: for cloudsql
volumes: []
volumeMounts: []
# Security context options, should default to run as non root enabled, but for now not
security:
runAsNonRoot: true
runAsUser: 1000
fsGroup: 1000
# Whether or not to enable autoscaling
autoscaling:
enabled: false
minReplicas: 2
maxReplicas: 8
targetCPUUtilizationPercentage: 75
targetMemoryUtilizationPercentage: 90
# Whether or not we want a pod disruption budget, enabled by default, but this only is enabled if replicaCount > 1
podDistuptionBudget:
enabled: true
# maxUnavailable: 1
minAvailable: 1
# What deployment strategy to use
deploymentStrategy:
# Recreate / RollingUpdate
type: RollingUpdate
rollingUpdate:
# Minimize downtime by only having only 25 percent max unavailable. If you're only at 3 pods, because 33% it won't kill any pods before one gets healthy first.
maxUnavailable: 25%
# Allows up to 25% more pods to be created when trying to roll out. If you're at 10 pods, it'll spin up 2 new ones (20%) and when healthy will wait for termination of old ones to ensure compliance of 25%
maxSurge: 25%
# This is so we can use the same tag on various different objects (eg: statefulsets, crons, etc) via our Gitlab CI Automation
global:
image:
tag: ""
# This can be used Gitlab CI and helm automatically to set our URIs based on namespace
namespace: ""
# This is for service accounts
serviceAccount:
# Disabled by default, set to true if you want
enabled: false
# Add annotations if desited,
annotations: {}
# Here's an example of assigning an IAM role to a pod
# eks.amazonaws.com/role-arn: arn:aws:iam::123123123:role/role-name-goes-here
# If we want a hostname set for this deployment
hostname: ""
## For RBAC support, enable if you want, and set the rules you wish, examples below
rbac:
create: false
rules:
## Define specific rbac permissions.
# Eg: This grants all on API groups
# - apiGroups: ['*']
# resources: ['*']
# verbs: ['*']
# Eg: This grants all on non resource URLs