fix(autopush): add unifiedpush common-proxies support

2025-01-22 21:29:58 +01:00 · 2025-01-22 21:29:58 +01:00 · 6de9ec016b
commit 6de9ec016b
parent 24286723f0
9 changed files with 248 additions and 3 deletions
--- a/autopush/Chart.yaml
+++ b/autopush/Chart.yaml
@ -3,7 +3,7 @@ name: autopush
 description: A Helm chart for Kubernetes
 icon:
 type: application
-version: 0.0.8
+version: 0.0.9
 # renovate: image=docker.io/mozilla-services/autopush-rs
 appVersion: "1.72.2"
 maintainers:
--- a/autopush/README.md
+++ b/autopush/README.md
@ -7,7 +7,7 @@ description: "A Helm chart for Kubernetes"

 # autopush

-![Version: 0.0.8](https://img.shields.io/badge/Version-0.0.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square)
+![Version: 0.0.9](https://img.shields.io/badge/Version-0.0.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square)

 A Helm chart for Kubernetes

@ -138,8 +138,8 @@ helm uninstall autopush-release
 | prometheus.volumeMounts | list | `[]` | Additional volumeMounts on the output Deployment definition. - name: foo   mountPath: "/etc/foo"   readOnly: true |
 | redis.architecture | string | `"standalone"` |  |
 | redis.auth.enabled | bool | `true` |  |
-| redis.auth.existingSecret | string | `nil` | Or use existing secret with "redis-password" key instead of static password |
 | redis.auth.existingSecret | string | `""` | name of an existing secret with Redis credentials (instead of auth.password), must be created ahead of time |
+| redis.auth.existingSecret | string | `nil` | Or use existing secret with "redis-password" key instead of static password |
 | redis.auth.existingSecretPasswordKey | string | `""` | Password key to be retrieved from existing secret |
 | redis.auth.password | string | `"autopush"` | XXX Change me! |
 | redis.dbid | int | `0` | Database ID for non-default database |
@ -155,6 +155,31 @@ helm uninstall autopush-release
 | serviceAccount.automount | bool | `true` |  |
 | serviceAccount.create | bool | `true` |  |
 | serviceAccount.name | string | `""` |  |
+| unifiedPush.affinity | object | `{}` |  |
+| unifiedPush.config.gateway.allowedHosts | list | `[]` |  |
+| unifiedPush.config.gateway.generic.enable | bool | `true` |  |
+| unifiedPush.config.gateway.matrix.enable | bool | `true` |  |
+| unifiedPush.config.uaid | string | `""` |  |
+| unifiedPush.config.verbose | bool | `false` |  |
+| unifiedPush.enabled | bool | `false` |  |
+| unifiedPush.image.pullPolicy | string | `"IfNotPresent"` |  |
+| unifiedPush.image.registry | string | `"docker.io"` |  |
+| unifiedPush.image.repository | string | `"unifiedpush/common-proxies"` |  |
+| unifiedPush.image.tag | string | `"v2.2.0"` |  |
+| unifiedPush.livenessProbe | object | `{"httpGet":{"path":"/health","port":"http"}}` | This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ |
+| unifiedPush.nodeSelector | object | `{}` |  |
+| unifiedPush.podAnnotations | object | `{}` |  |
+| unifiedPush.podLabels | object | `{}` |  |
+| unifiedPush.podSecurityContext | object | `{}` |  |
+| unifiedPush.readinessProbe.httpGet.path | string | `"/health"` |  |
+| unifiedPush.readinessProbe.httpGet.port | string | `"http"` |  |
+| unifiedPush.replicaCount | int | `1` | This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ |
+| unifiedPush.resources | object | `{}` | We usually recommend not to specify default resources and to leave this as a conscious choice for the user. This also increases chances charts run on environments with little resources, such as Minikube. If you do want to specify resources, uncomment the following lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits:   cpu: 100m   memory: 128Mi requests:   cpu: 100m   memory: 128Mi |
+| unifiedPush.securityContext | object | `{}` |  |
+| unifiedPush.service.port | int | `80` |  |
+| unifiedPush.service.type | string | `"ClusterIP"` |  |
+| unifiedPush.tolerations | list | `[]` |  |
+| unifiedPush.volumeMounts | list | `[]` | Additional volumeMounts on the output Deployment definition. - name: foo   mountPath: "/etc/foo"   readOnly: true |
 | volumes | list | `[]` | Additional volumes on the output Deployment definition. - name: foo   secret:     secretName: mysecret     optional: false |

 Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)
--- a/autopush/templates/autoconnect/service.yaml
+++ b/autopush/templates/autoconnect/service.yaml
@ -4,6 +4,7 @@ metadata:
  name: {{ include "autopush.fullname" . }}-autoconnect
  labels:
    {{- include "autopush.labels" . | nindent 4 }}
+    app.kubernetes.io/metrics: "true"
 spec:
  type: {{ .Values.autoconnect.service.type }}
  selector:
--- a/autopush/templates/autoendpoint/service.yaml
+++ b/autopush/templates/autoendpoint/service.yaml
@ -4,6 +4,7 @@ metadata:
  name: {{ include "autopush.fullname" . }}-autoendpoint
  labels:
    {{- include "autopush.labels" . | nindent 4 }}
+    app.kubernetes.io/metrics: "true"
 spec:
  type: {{ .Values.autoendpoint.service.type }}
  selector:
--- a/autopush/templates/ingress.yaml
+++ b/autopush/templates/ingress.yaml
@ -38,4 +38,26 @@ spec:
                name: {{ include "autopush.fullname" $ }}-autoendpoint
                port:
                  name: http
+          {{- with .Values.unifiedPush }}
+          {{- if .enabled }}
+          {{- if .config.gateway.generic.enable }}
+          - path: /generic/
+            pathType: Prefix
+            backend:
+              service:
+                name: {{ include "autopush.fullname" $ }}-unifiedpush
+                port:
+                  name: http
+          {{- end }}
+          {{- if .config.gateway.matrix.enable }}
+          - path: /_matrix/push/v1/notify
+            pathType: Prefix
+            backend:
+              service:
+                name: {{ include "autopush.fullname" $ }}-unifiedpush
+                port:
+                  name: http
+          {{- end }}
+          {{- end }}
+          {{- end }}
 {{- end }}
--- a/autopush/templates/servicemonitor.yaml
+++ b/autopush/templates/servicemonitor.yaml
@ -12,6 +12,7 @@ spec:
  selector:
    matchLabels:
      {{- include "autopush.selectorLabels" . | nindent 6 }}
+      app.kubernetes.io/metrics: "true"
  endpoints:
    - port: metrics
 {{- end }}
--- a/autopush/templates/unifiedpush/deployment.yaml
+++ b/autopush/templates/unifiedpush/deployment.yaml
@ -0,0 +1,97 @@
+{{- with .Values.unifiedPush }}
+{{- if .enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "autopush.fullname" $ }}-unifiedpush
+  labels:
+    {{- include "autopush.labels" $ | nindent 4 }}
+spec:
+  replicas: {{ .replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "autopush.selectorLabels" $ | nindent 6 }}
+      app.kubernetes.io/component: unifiedpush
+  template:
+    metadata:
+      {{- with .podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "autopush.labels" $ | nindent 8 }}
+        app.kubernetes.io/component: unifiedpush
+        {{- with .podLabels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- with .imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "autopush.serviceAccountName" $ }}
+      securityContext:
+        {{- toYaml .podSecurityContext | nindent 8 }}
+      containers:
+        - name: common-proxies
+          securityContext:
+            {{- toYaml .securityContext | nindent 12 }}
+          {{- with .image }}
+          image: "{{ coalesce $.Values.global.image.registry .registry }}/{{ .repository }}:{{ .tag | default (printf "v%s" $.Chart.AppVersion) }}"
+          imagePullPolicy: {{ coalesce $.Values.global.image.pullPolicy .pullPolicy }}
+          {{- end }}
+          env:
+            - name: "UP_LISTEN"
+              value: ":8080"
+            {{- if .config.verbose }}
+            - name: "UP_VERBOSE"
+              value: "true"
+            {{- end }}
+            {{- with .config.uaid }}
+            - name: "UP_UAID"
+              value: {{ . | quote }}
+            {{- end }}
+            {{- if .config.gateway.generic.enable }}
+            - name: "UP_GATEWAY_GENERIC_ENABLE"
+              value: "true"
+            {{- end }}
+            {{- if .config.gateway.matrix.enable }}
+            - name: "UP_GATEWAY_MATRIX_ENABLE"
+              value: "true"
+            {{- end }}
+            {{- with .config.gateway.allowedHosts }}
+            - name: "UP_GATEWAY_ALLOWEDHOSTS"
+              value: {{ join "," . | quote }}
+            {{- end }}
+          ports:
+            - name: http
+              containerPort: 8080
+              protocol: TCP
+          livenessProbe:
+            {{- toYaml .livenessProbe | nindent 12 }}
+          readinessProbe:
+            {{- toYaml .readinessProbe | nindent 12 }}
+          resources:
+            {{- toYaml .resources | nindent 12 }}
+          {{- with .volumeMounts }}
+          volumeMounts:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+      {{- with .volumes }}
+      volumes:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+{{- end }}
+{{- end }}
--- a/autopush/templates/unifiedpush/service.yaml
+++ b/autopush/templates/unifiedpush/service.yaml
@ -0,0 +1,19 @@
+{{- if .Values.unifiedPush.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "autopush.fullname" . }}-unifiedpush
+  labels:
+    app.kubernetes.io/metrics: "true"
+    {{- include "autopush.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.unifiedPush.service.type }}
+  selector:
+    {{- include "autopush.selectorLabels" . | nindent 4 }}
+    app.kubernetes.io/component: unifiedpush
+  ports:
+    - port: {{ .Values.unifiedPush.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+{{- end }}
--- a/autopush/values.yaml
+++ b/autopush/values.yaml
@ -264,6 +264,85 @@ autoendpoint:
  #   readOnly: true
  volumeMounts: []

+unifiedPush:
+  enabled: false
+  # -- This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/
+  replicaCount: 1
+  image:
+    registry: docker.io
+    repository: unifiedpush/common-proxies
+    pullPolicy: IfNotPresent
+    tag: "v2.2.0"
+
+  config:
+    verbose: false
+    uaid: ""
+    gateway:
+      generic:
+        enable: true
+      matrix:
+        enable: true
+      allowedHosts: []
+
+  # This is for setting Kubernetes Annotations to a Pod.
+  # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+  podAnnotations: {}
+  # This is for setting Kubernetes Labels to a Pod.
+  # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
+  podLabels: {}
+
+  nodeSelector: {}
+
+  tolerations: []
+
+  affinity: {}
+
+  podSecurityContext: {}
+    # fsGroup: 2000
+
+  securityContext: {}
+    # capabilities:
+    #   drop:
+    #   - ALL
+    # readOnlyRootFilesystem: true
+    # runAsNonRoot: true
+    # runAsUser: 1000
+
+  # This is for setting up a service more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/
+  service:
+    # This sets the service type more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
+    type: ClusterIP
+    # This sets the ports more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports
+    port: 80
+
+  # -- We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+  resources: {}
+
+  # -- This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
+  livenessProbe:
+    httpGet:
+      path: /health
+      port: http
+  readinessProbe:
+    httpGet:
+      path: /health
+      port: http
+
+  # -- Additional volumeMounts on the output Deployment definition.
+  # - name: foo
+  #   mountPath: "/etc/foo"
+  #   readOnly: true
+  volumeMounts: []
+

 # This section builds out the service account more information can be found here: https://kubernetes.io/docs/concepts/security/service-accounts/
 serviceAccount: