From 6de9ec016b99ae4e88df3eb21df97bdb9358a10e Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 22 Jan 2025 21:29:58 +0100 Subject: [PATCH] fix(autopush): add unifiedpush common-proxies support --- autopush/Chart.yaml | 2 +- autopush/README.md | 29 +++++- autopush/templates/autoconnect/service.yaml | 1 + autopush/templates/autoendpoint/service.yaml | 1 + autopush/templates/ingress.yaml | 22 +++++ autopush/templates/servicemonitor.yaml | 1 + .../templates/unifiedpush/deployment.yaml | 97 +++++++++++++++++++ autopush/templates/unifiedpush/service.yaml | 19 ++++ autopush/values.yaml | 79 +++++++++++++++ 9 files changed, 248 insertions(+), 3 deletions(-) create mode 100644 autopush/templates/unifiedpush/deployment.yaml create mode 100644 autopush/templates/unifiedpush/service.yaml diff --git a/autopush/Chart.yaml b/autopush/Chart.yaml index 0d77753..727c3dc 100644 --- a/autopush/Chart.yaml +++ b/autopush/Chart.yaml @@ -3,7 +3,7 @@ name: autopush description: A Helm chart for Kubernetes icon: type: application -version: 0.0.8 +version: 0.0.9 # renovate: image=docker.io/mozilla-services/autopush-rs appVersion: "1.72.2" maintainers: diff --git a/autopush/README.md b/autopush/README.md index 8c6eb95..057e0e6 100644 --- a/autopush/README.md +++ b/autopush/README.md @@ -7,7 +7,7 @@ description: "A Helm chart for Kubernetes" # autopush -![Version: 0.0.8](https://img.shields.io/badge/Version-0.0.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square) +![Version: 0.0.9](https://img.shields.io/badge/Version-0.0.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square) A Helm chart for Kubernetes @@ -138,8 +138,8 @@ helm uninstall autopush-release | prometheus.volumeMounts | list | `[]` | Additional volumeMounts on the output Deployment definition. - name: foo mountPath: "/etc/foo" readOnly: true | | redis.architecture | string | `"standalone"` | | | redis.auth.enabled | bool | `true` | | -| redis.auth.existingSecret | string | `nil` | Or use existing secret with "redis-password" key instead of static password | | redis.auth.existingSecret | string | `""` | name of an existing secret with Redis credentials (instead of auth.password), must be created ahead of time | +| redis.auth.existingSecret | string | `nil` | Or use existing secret with "redis-password" key instead of static password | | redis.auth.existingSecretPasswordKey | string | `""` | Password key to be retrieved from existing secret | | redis.auth.password | string | `"autopush"` | XXX Change me! | | redis.dbid | int | `0` | Database ID for non-default database | @@ -155,6 +155,31 @@ helm uninstall autopush-release | serviceAccount.automount | bool | `true` | | | serviceAccount.create | bool | `true` | | | serviceAccount.name | string | `""` | | +| unifiedPush.affinity | object | `{}` | | +| unifiedPush.config.gateway.allowedHosts | list | `[]` | | +| unifiedPush.config.gateway.generic.enable | bool | `true` | | +| unifiedPush.config.gateway.matrix.enable | bool | `true` | | +| unifiedPush.config.uaid | string | `""` | | +| unifiedPush.config.verbose | bool | `false` | | +| unifiedPush.enabled | bool | `false` | | +| unifiedPush.image.pullPolicy | string | `"IfNotPresent"` | | +| unifiedPush.image.registry | string | `"docker.io"` | | +| unifiedPush.image.repository | string | `"unifiedpush/common-proxies"` | | +| unifiedPush.image.tag | string | `"v2.2.0"` | | +| unifiedPush.livenessProbe | object | `{"httpGet":{"path":"/health","port":"http"}}` | This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ | +| unifiedPush.nodeSelector | object | `{}` | | +| unifiedPush.podAnnotations | object | `{}` | | +| unifiedPush.podLabels | object | `{}` | | +| unifiedPush.podSecurityContext | object | `{}` | | +| unifiedPush.readinessProbe.httpGet.path | string | `"/health"` | | +| unifiedPush.readinessProbe.httpGet.port | string | `"http"` | | +| unifiedPush.replicaCount | int | `1` | This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ | +| unifiedPush.resources | object | `{}` | We usually recommend not to specify default resources and to leave this as a conscious choice for the user. This also increases chances charts run on environments with little resources, such as Minikube. If you do want to specify resources, uncomment the following lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: cpu: 100m memory: 128Mi requests: cpu: 100m memory: 128Mi | +| unifiedPush.securityContext | object | `{}` | | +| unifiedPush.service.port | int | `80` | | +| unifiedPush.service.type | string | `"ClusterIP"` | | +| unifiedPush.tolerations | list | `[]` | | +| unifiedPush.volumeMounts | list | `[]` | Additional volumeMounts on the output Deployment definition. - name: foo mountPath: "/etc/foo" readOnly: true | | volumes | list | `[]` | Additional volumes on the output Deployment definition. - name: foo secret: secretName: mysecret optional: false | Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/autopush/templates/autoconnect/service.yaml b/autopush/templates/autoconnect/service.yaml index 5f12030..b94b1fc 100644 --- a/autopush/templates/autoconnect/service.yaml +++ b/autopush/templates/autoconnect/service.yaml @@ -4,6 +4,7 @@ metadata: name: {{ include "autopush.fullname" . }}-autoconnect labels: {{- include "autopush.labels" . | nindent 4 }} + app.kubernetes.io/metrics: "true" spec: type: {{ .Values.autoconnect.service.type }} selector: diff --git a/autopush/templates/autoendpoint/service.yaml b/autopush/templates/autoendpoint/service.yaml index ef7abb3..94f3eac 100644 --- a/autopush/templates/autoendpoint/service.yaml +++ b/autopush/templates/autoendpoint/service.yaml @@ -4,6 +4,7 @@ metadata: name: {{ include "autopush.fullname" . }}-autoendpoint labels: {{- include "autopush.labels" . | nindent 4 }} + app.kubernetes.io/metrics: "true" spec: type: {{ .Values.autoendpoint.service.type }} selector: diff --git a/autopush/templates/ingress.yaml b/autopush/templates/ingress.yaml index d53ba34..a5e2dd4 100644 --- a/autopush/templates/ingress.yaml +++ b/autopush/templates/ingress.yaml @@ -38,4 +38,26 @@ spec: name: {{ include "autopush.fullname" $ }}-autoendpoint port: name: http + {{- with .Values.unifiedPush }} + {{- if .enabled }} + {{- if .config.gateway.generic.enable }} + - path: /generic/ + pathType: Prefix + backend: + service: + name: {{ include "autopush.fullname" $ }}-unifiedpush + port: + name: http + {{- end }} + {{- if .config.gateway.matrix.enable }} + - path: /_matrix/push/v1/notify + pathType: Prefix + backend: + service: + name: {{ include "autopush.fullname" $ }}-unifiedpush + port: + name: http + {{- end }} + {{- end }} + {{- end }} {{- end }} diff --git a/autopush/templates/servicemonitor.yaml b/autopush/templates/servicemonitor.yaml index 87b7f82..44569c5 100644 --- a/autopush/templates/servicemonitor.yaml +++ b/autopush/templates/servicemonitor.yaml @@ -12,6 +12,7 @@ spec: selector: matchLabels: {{- include "autopush.selectorLabels" . | nindent 6 }} + app.kubernetes.io/metrics: "true" endpoints: - port: metrics {{- end }} diff --git a/autopush/templates/unifiedpush/deployment.yaml b/autopush/templates/unifiedpush/deployment.yaml new file mode 100644 index 0000000..62ddbd5 --- /dev/null +++ b/autopush/templates/unifiedpush/deployment.yaml @@ -0,0 +1,97 @@ +{{- with .Values.unifiedPush }} +{{- if .enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "autopush.fullname" $ }}-unifiedpush + labels: + {{- include "autopush.labels" $ | nindent 4 }} +spec: + replicas: {{ .replicaCount }} + selector: + matchLabels: + {{- include "autopush.selectorLabels" $ | nindent 6 }} + app.kubernetes.io/component: unifiedpush + template: + metadata: + {{- with .podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "autopush.labels" $ | nindent 8 }} + app.kubernetes.io/component: unifiedpush + {{- with .podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "autopush.serviceAccountName" $ }} + securityContext: + {{- toYaml .podSecurityContext | nindent 8 }} + containers: + - name: common-proxies + securityContext: + {{- toYaml .securityContext | nindent 12 }} + {{- with .image }} + image: "{{ coalesce $.Values.global.image.registry .registry }}/{{ .repository }}:{{ .tag | default (printf "v%s" $.Chart.AppVersion) }}" + imagePullPolicy: {{ coalesce $.Values.global.image.pullPolicy .pullPolicy }} + {{- end }} + env: + - name: "UP_LISTEN" + value: ":8080" + {{- if .config.verbose }} + - name: "UP_VERBOSE" + value: "true" + {{- end }} + {{- with .config.uaid }} + - name: "UP_UAID" + value: {{ . | quote }} + {{- end }} + {{- if .config.gateway.generic.enable }} + - name: "UP_GATEWAY_GENERIC_ENABLE" + value: "true" + {{- end }} + {{- if .config.gateway.matrix.enable }} + - name: "UP_GATEWAY_MATRIX_ENABLE" + value: "true" + {{- end }} + {{- with .config.gateway.allowedHosts }} + - name: "UP_GATEWAY_ALLOWEDHOSTS" + value: {{ join "," . | quote }} + {{- end }} + ports: + - name: http + containerPort: 8080 + protocol: TCP + livenessProbe: + {{- toYaml .livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .readinessProbe | nindent 12 }} + resources: + {{- toYaml .resources | nindent 12 }} + {{- with .volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} +{{- end }} diff --git a/autopush/templates/unifiedpush/service.yaml b/autopush/templates/unifiedpush/service.yaml new file mode 100644 index 0000000..300a35c --- /dev/null +++ b/autopush/templates/unifiedpush/service.yaml @@ -0,0 +1,19 @@ +{{- if .Values.unifiedPush.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "autopush.fullname" . }}-unifiedpush + labels: + app.kubernetes.io/metrics: "true" + {{- include "autopush.labels" . | nindent 4 }} +spec: + type: {{ .Values.unifiedPush.service.type }} + selector: + {{- include "autopush.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: unifiedpush + ports: + - port: {{ .Values.unifiedPush.service.port }} + targetPort: http + protocol: TCP + name: http +{{- end }} diff --git a/autopush/values.yaml b/autopush/values.yaml index bb4504b..e17ad54 100644 --- a/autopush/values.yaml +++ b/autopush/values.yaml @@ -264,6 +264,85 @@ autoendpoint: # readOnly: true volumeMounts: [] +unifiedPush: + enabled: false + # -- This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ + replicaCount: 1 + image: + registry: docker.io + repository: unifiedpush/common-proxies + pullPolicy: IfNotPresent + tag: "v2.2.0" + + config: + verbose: false + uaid: "" + gateway: + generic: + enable: true + matrix: + enable: true + allowedHosts: [] + + # This is for setting Kubernetes Annotations to a Pod. + # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + podAnnotations: {} + # This is for setting Kubernetes Labels to a Pod. + # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + podLabels: {} + + nodeSelector: {} + + tolerations: [] + + affinity: {} + + podSecurityContext: {} + # fsGroup: 2000 + + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + + # This is for setting up a service more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/ + service: + # This sets the service type more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types + type: ClusterIP + # This sets the ports more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports + port: 80 + + # -- We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + resources: {} + + # -- This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ + livenessProbe: + httpGet: + path: /health + port: http + readinessProbe: + httpGet: + path: /health + port: http + + # -- Additional volumeMounts on the output Deployment definition. + # - name: foo + # mountPath: "/etc/foo" + # readOnly: true + volumeMounts: [] + # This section builds out the service account more information can be found here: https://kubernetes.io/docs/concepts/security/service-accounts/ serviceAccount: