diff --git a/autopush/Chart.yaml b/autopush/Chart.yaml index 0d77753..727c3dc 100644 --- a/autopush/Chart.yaml +++ b/autopush/Chart.yaml @@ -3,7 +3,7 @@ name: autopush description: A Helm chart for Kubernetes icon: type: application -version: 0.0.8 +version: 0.0.9 # renovate: image=docker.io/mozilla-services/autopush-rs appVersion: "1.72.2" maintainers: diff --git a/autopush/README.md b/autopush/README.md index 8c6eb95..057e0e6 100644 --- a/autopush/README.md +++ b/autopush/README.md @@ -7,7 +7,7 @@ description: "A Helm chart for Kubernetes" # autopush -![Version: 0.0.8](https://img.shields.io/badge/Version-0.0.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square) +![Version: 0.0.9](https://img.shields.io/badge/Version-0.0.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square) A Helm chart for Kubernetes @@ -138,8 +138,8 @@ helm uninstall autopush-release | prometheus.volumeMounts | list | `[]` | Additional volumeMounts on the output Deployment definition. - name: foo mountPath: "/etc/foo" readOnly: true | | redis.architecture | string | `"standalone"` | | | redis.auth.enabled | bool | `true` | | -| redis.auth.existingSecret | string | `nil` | Or use existing secret with "redis-password" key instead of static password | | redis.auth.existingSecret | string | `""` | name of an existing secret with Redis credentials (instead of auth.password), must be created ahead of time | +| redis.auth.existingSecret | string | `nil` | Or use existing secret with "redis-password" key instead of static password | | redis.auth.existingSecretPasswordKey | string | `""` | Password key to be retrieved from existing secret | | redis.auth.password | string | `"autopush"` | XXX Change me! | | redis.dbid | int | `0` | Database ID for non-default database | @@ -155,6 +155,31 @@ helm uninstall autopush-release | serviceAccount.automount | bool | `true` | | | serviceAccount.create | bool | `true` | | | serviceAccount.name | string | `""` | | +| unifiedPush.affinity | object | `{}` | | +| unifiedPush.config.gateway.allowedHosts | list | `[]` | | +| unifiedPush.config.gateway.generic.enable | bool | `true` | | +| unifiedPush.config.gateway.matrix.enable | bool | `true` | | +| unifiedPush.config.uaid | string | `""` | | +| unifiedPush.config.verbose | bool | `false` | | +| unifiedPush.enabled | bool | `false` | | +| unifiedPush.image.pullPolicy | string | `"IfNotPresent"` | | +| unifiedPush.image.registry | string | `"docker.io"` | | +| unifiedPush.image.repository | string | `"unifiedpush/common-proxies"` | | +| unifiedPush.image.tag | string | `"v2.2.0"` | | +| unifiedPush.livenessProbe | object | `{"httpGet":{"path":"/health","port":"http"}}` | This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ | +| unifiedPush.nodeSelector | object | `{}` | | +| unifiedPush.podAnnotations | object | `{}` | | +| unifiedPush.podLabels | object | `{}` | | +| unifiedPush.podSecurityContext | object | `{}` | | +| unifiedPush.readinessProbe.httpGet.path | string | `"/health"` | | +| unifiedPush.readinessProbe.httpGet.port | string | `"http"` | | +| unifiedPush.replicaCount | int | `1` | This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ | +| unifiedPush.resources | object | `{}` | We usually recommend not to specify default resources and to leave this as a conscious choice for the user. This also increases chances charts run on environments with little resources, such as Minikube. If you do want to specify resources, uncomment the following lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: cpu: 100m memory: 128Mi requests: cpu: 100m memory: 128Mi | +| unifiedPush.securityContext | object | `{}` | | +| unifiedPush.service.port | int | `80` | | +| unifiedPush.service.type | string | `"ClusterIP"` | | +| unifiedPush.tolerations | list | `[]` | | +| unifiedPush.volumeMounts | list | `[]` | Additional volumeMounts on the output Deployment definition. - name: foo mountPath: "/etc/foo" readOnly: true | | volumes | list | `[]` | Additional volumes on the output Deployment definition. - name: foo secret: secretName: mysecret optional: false | Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/autopush/templates/autoconnect/service.yaml b/autopush/templates/autoconnect/service.yaml index 5f12030..b94b1fc 100644 --- a/autopush/templates/autoconnect/service.yaml +++ b/autopush/templates/autoconnect/service.yaml @@ -4,6 +4,7 @@ metadata: name: {{ include "autopush.fullname" . }}-autoconnect labels: {{- include "autopush.labels" . | nindent 4 }} + app.kubernetes.io/metrics: "true" spec: type: {{ .Values.autoconnect.service.type }} selector: diff --git a/autopush/templates/autoendpoint/service.yaml b/autopush/templates/autoendpoint/service.yaml index ef7abb3..94f3eac 100644 --- a/autopush/templates/autoendpoint/service.yaml +++ b/autopush/templates/autoendpoint/service.yaml @@ -4,6 +4,7 @@ metadata: name: {{ include "autopush.fullname" . }}-autoendpoint labels: {{- include "autopush.labels" . | nindent 4 }} + app.kubernetes.io/metrics: "true" spec: type: {{ .Values.autoendpoint.service.type }} selector: diff --git a/autopush/templates/ingress.yaml b/autopush/templates/ingress.yaml index d53ba34..a5e2dd4 100644 --- a/autopush/templates/ingress.yaml +++ b/autopush/templates/ingress.yaml @@ -38,4 +38,26 @@ spec: name: {{ include "autopush.fullname" $ }}-autoendpoint port: name: http + {{- with .Values.unifiedPush }} + {{- if .enabled }} + {{- if .config.gateway.generic.enable }} + - path: /generic/ + pathType: Prefix + backend: + service: + name: {{ include "autopush.fullname" $ }}-unifiedpush + port: + name: http + {{- end }} + {{- if .config.gateway.matrix.enable }} + - path: /_matrix/push/v1/notify + pathType: Prefix + backend: + service: + name: {{ include "autopush.fullname" $ }}-unifiedpush + port: + name: http + {{- end }} + {{- end }} + {{- end }} {{- end }} diff --git a/autopush/templates/servicemonitor.yaml b/autopush/templates/servicemonitor.yaml index 87b7f82..44569c5 100644 --- a/autopush/templates/servicemonitor.yaml +++ b/autopush/templates/servicemonitor.yaml @@ -12,6 +12,7 @@ spec: selector: matchLabels: {{- include "autopush.selectorLabels" . | nindent 6 }} + app.kubernetes.io/metrics: "true" endpoints: - port: metrics {{- end }} diff --git a/autopush/templates/unifiedpush/deployment.yaml b/autopush/templates/unifiedpush/deployment.yaml new file mode 100644 index 0000000..62ddbd5 --- /dev/null +++ b/autopush/templates/unifiedpush/deployment.yaml @@ -0,0 +1,97 @@ +{{- with .Values.unifiedPush }} +{{- if .enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "autopush.fullname" $ }}-unifiedpush + labels: + {{- include "autopush.labels" $ | nindent 4 }} +spec: + replicas: {{ .replicaCount }} + selector: + matchLabels: + {{- include "autopush.selectorLabels" $ | nindent 6 }} + app.kubernetes.io/component: unifiedpush + template: + metadata: + {{- with .podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "autopush.labels" $ | nindent 8 }} + app.kubernetes.io/component: unifiedpush + {{- with .podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "autopush.serviceAccountName" $ }} + securityContext: + {{- toYaml .podSecurityContext | nindent 8 }} + containers: + - name: common-proxies + securityContext: + {{- toYaml .securityContext | nindent 12 }} + {{- with .image }} + image: "{{ coalesce $.Values.global.image.registry .registry }}/{{ .repository }}:{{ .tag | default (printf "v%s" $.Chart.AppVersion) }}" + imagePullPolicy: {{ coalesce $.Values.global.image.pullPolicy .pullPolicy }} + {{- end }} + env: + - name: "UP_LISTEN" + value: ":8080" + {{- if .config.verbose }} + - name: "UP_VERBOSE" + value: "true" + {{- end }} + {{- with .config.uaid }} + - name: "UP_UAID" + value: {{ . | quote }} + {{- end }} + {{- if .config.gateway.generic.enable }} + - name: "UP_GATEWAY_GENERIC_ENABLE" + value: "true" + {{- end }} + {{- if .config.gateway.matrix.enable }} + - name: "UP_GATEWAY_MATRIX_ENABLE" + value: "true" + {{- end }} + {{- with .config.gateway.allowedHosts }} + - name: "UP_GATEWAY_ALLOWEDHOSTS" + value: {{ join "," . | quote }} + {{- end }} + ports: + - name: http + containerPort: 8080 + protocol: TCP + livenessProbe: + {{- toYaml .livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .readinessProbe | nindent 12 }} + resources: + {{- toYaml .resources | nindent 12 }} + {{- with .volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} +{{- end }} diff --git a/autopush/templates/unifiedpush/service.yaml b/autopush/templates/unifiedpush/service.yaml new file mode 100644 index 0000000..300a35c --- /dev/null +++ b/autopush/templates/unifiedpush/service.yaml @@ -0,0 +1,19 @@ +{{- if .Values.unifiedPush.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "autopush.fullname" . }}-unifiedpush + labels: + app.kubernetes.io/metrics: "true" + {{- include "autopush.labels" . | nindent 4 }} +spec: + type: {{ .Values.unifiedPush.service.type }} + selector: + {{- include "autopush.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: unifiedpush + ports: + - port: {{ .Values.unifiedPush.service.port }} + targetPort: http + protocol: TCP + name: http +{{- end }} diff --git a/autopush/values.yaml b/autopush/values.yaml index bb4504b..e17ad54 100644 --- a/autopush/values.yaml +++ b/autopush/values.yaml @@ -264,6 +264,85 @@ autoendpoint: # readOnly: true volumeMounts: [] +unifiedPush: + enabled: false + # -- This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ + replicaCount: 1 + image: + registry: docker.io + repository: unifiedpush/common-proxies + pullPolicy: IfNotPresent + tag: "v2.2.0" + + config: + verbose: false + uaid: "" + gateway: + generic: + enable: true + matrix: + enable: true + allowedHosts: [] + + # This is for setting Kubernetes Annotations to a Pod. + # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + podAnnotations: {} + # This is for setting Kubernetes Labels to a Pod. + # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + podLabels: {} + + nodeSelector: {} + + tolerations: [] + + affinity: {} + + podSecurityContext: {} + # fsGroup: 2000 + + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + + # This is for setting up a service more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/ + service: + # This sets the service type more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types + type: ClusterIP + # This sets the ports more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports + port: 80 + + # -- We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + resources: {} + + # -- This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ + livenessProbe: + httpGet: + path: /health + port: http + readinessProbe: + httpGet: + path: /health + port: http + + # -- Additional volumeMounts on the output Deployment definition. + # - name: foo + # mountPath: "/etc/foo" + # readOnly: true + volumeMounts: [] + # This section builds out the service account more information can be found here: https://kubernetes.io/docs/concepts/security/service-accounts/ serviceAccount: