diff --git a/charts/codecov/Chart.lock b/charts/codecov/Chart.lock index 576b78d..65e4f8f 100644 --- a/charts/codecov/Chart.lock +++ b/charts/codecov/Chart.lock @@ -1,18 +1,18 @@ dependencies: - name: common - repository: https://sun-asterisk-research.github.io/helm-charts - version: 1.0.0 -- name: redis - repository: https://charts.bitnami.com/bitnami - version: 17.0.11 + repository: oci://registry-1.docker.io/bitnamicharts + version: 2.19.2 +- name: minio + repository: oci://registry-1.docker.io/bitnamicharts + version: 14.4.1 - name: postgresql - repository: https://charts.bitnami.com/bitnami - version: 12.1.2 + repository: oci://registry-1.docker.io/bitnamicharts + version: 15.3.1 +- name: redis + repository: oci://registry-1.docker.io/bitnamicharts + version: 19.3.1 - name: timescaledb-single repository: https://charts.timescale.com/ version: 0.33.1 -- name: minio - repository: https://charts.bitnami.com/bitnami - version: 11.8.1 -digest: sha256:af0d5e8aa30a7fd831e24b42039064ba9bded00edf3d5927abe374220b46d8fa -generated: "2023-10-03T15:58:01.950639816+07:00" +digest: sha256:bd170985de837a005277ab0f8ad7f25f997ddbb8f5386bed089bf800be4ebe7a +generated: "2024-05-14T13:12:55.068978043+07:00" diff --git a/charts/codecov/Chart.yaml b/charts/codecov/Chart.yaml index 348819a..e3b93ef 100644 --- a/charts/codecov/Chart.yaml +++ b/charts/codecov/Chart.yaml @@ -2,26 +2,26 @@ apiVersion: v2 name: codecov description: A Helm chart for Codecov type: application -version: 0.1.5 -appVersion: "v5.0.1" +version: 1.0.0 +appVersion: "24.5.1" dependencies: - name: common - version: 1.0.0 - repository: https://sun-asterisk-research.github.io/helm-charts -- name: redis - version: 17.0.11 - repository: https://charts.bitnami.com/bitnami - condition: redis.enabled + version: 2.19.2 + repository: oci://registry-1.docker.io/bitnamicharts +- name: minio + version: 14.4.1 + repository: oci://registry-1.docker.io/bitnamicharts + condition: minio.enabled - name: postgresql - version: 12.1.2 - repository: https://charts.bitnami.com/bitnami + version: 15.3.1 + repository: oci://registry-1.docker.io/bitnamicharts condition: postgresql.enabled +- name: redis + version: 19.3.1 + repository: oci://registry-1.docker.io/bitnamicharts + condition: redis.enabled - name: timescaledb-single alias: timescaledb version: 0.33.* repository: https://charts.timescale.com/ condition: timescaledb.enabled -- name: minio - version: 11.8.1 - repository: https://charts.bitnami.com/bitnami - condition: minio.enabled diff --git a/charts/codecov/templates/_db.tpl b/charts/codecov/templates/_db.tpl index db26e72..82447d4 100644 --- a/charts/codecov/templates/_db.tpl +++ b/charts/codecov/templates/_db.tpl @@ -1,4 +1,3 @@ -{{/* vim: set filetype=mustache: */}} {{- define "codecov.db.host" -}} {{- if eq .Values.postgresql.enabled true -}} {{- printf "%s-%s" .Release.Name "postgresql" | trunc 63 | trimSuffix "-" -}} diff --git a/charts/codecov/templates/_helpers.tpl b/charts/codecov/templates/_helpers.tpl index 3556a20..b425090 100644 --- a/charts/codecov/templates/_helpers.tpl +++ b/charts/codecov/templates/_helpers.tpl @@ -1,4 +1,64 @@ -{{/* vim: set filetype=mustache: */}} +{{- define "codecov.images.api" -}} +{{ include "codecov.renderImage" (dict "imageRoot" .Values.api.image "context" .) }} +{{- end -}} + +{{- define "codecov.images.worker" -}} +{{ include "codecov.renderImage" (dict "imageRoot" .Values.worker.image "context" .) }} +{{- end -}} + +{{- define "codecov.images.frontend" -}} +{{ include "codecov.renderImage" (dict "imageRoot" .Values.frontend.image "context" .) }} +{{- end -}} + +{{- define "codecov.images.gateway" -}} +{{ include "codecov.renderImage" (dict "imageRoot" .Values.gateway.image "context" .) }} +{{- end -}} + +{{- define "codecov.renderImage" -}} +{{- $ := .context -}} +{{- $image := empty .imageRoot.tag | ternary (merge (dict) .imageRoot (dict "tag" $.Chart.AppVersion)) .imageRoot -}} +{{ include "common.images.image" (dict "imageRoot" $image "global" $.Values.global) }} +{{- end -}} + +{{- define "codecov.imagePullSecrets" -}} +{{- include "common.images.renderPullSecrets" (dict "images" (list .Values.api.image .Values.worker.image .Values.frontend.image .Values.gateway.image) "context" $) -}} +{{- end -}} + +{{- define "codecov.config.scheme" -}} +{{- ternary "https" "http" (and .Values.ingress.enabled .Values.ingress.tls) -}} +{{- end -}} + +{{- define "codecov.config.hostname" -}} +{{- ternary .Values.ingress.hostname (printf "%s-api.%s.svc.%s" (include "common.names.fullname" .) .Release.Namespace .Values.clusterDomain) .Values.ingress.enabled -}} +{{- end -}} + +{{- define "codecov.config.port" -}} +{{- ternary "" (printf ":%d" .Values.frontend.service.port) .Values.ingress.enabled -}} +{{- end -}} + +{{- define "codecov.config.host" -}} +{{- printf "%s%s" (include "codecov.config.hostname" .) (include "codecov.config.port" .) -}} +{{- end -}} + +{{- define "codecov.config.url" -}} +{{- printf "%s://%s" (include "codecov.config.scheme" .) (include "codecov.config.host" .) -}} +{{- end -}} + +{{- define "codecov.config.apiHostname" -}} +{{- ternary .Values.ingress.hostname (printf "%s-frontend.%s.svc.%s" (include "common.names.fullname" .) .Release.Namespace .Values.clusterDomain) .Values.ingress.enabled -}} +{{- end -}} + +{{- define "codecov.config.apiPort" -}} +{{- ternary "" (printf ":%d" .Values.api.service.port) .Values.ingress.enabled -}} +{{- end -}} + +{{- define "codecov.config.apiHost" -}} +{{- printf "%s%s" (include "codecov.config.apiHostname" .) (include "codecov.config.apiPort" .) -}} +{{- end -}} + +{{- define "codecov.config.apiUrl" -}} +{{- printf "%s://%s" (include "codecov.config.scheme" .) (include "codecov.config.apiHost" .) -}} +{{- end -}} {{- define "codecov.checksums.appConfig" -}} checksum/configmap: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} diff --git a/charts/codecov/templates/_images.tpl b/charts/codecov/templates/_images.tpl deleted file mode 100644 index 63ec959..0000000 --- a/charts/codecov/templates/_images.tpl +++ /dev/null @@ -1,12 +0,0 @@ - -{{/* -Render image pull secrets -*/}} -{{- define "codecov.imagePullSecrets" -}} -{{- $images := list .Values.image -}} -{{- if index .Values "image-pull-secret" "enabled" }} -{{- $secretName := include "common.subchart.tpl" (list . "image-pull-secret" "common.names.fullname") -}} -{{- $images = append $images (dict "pullSecrets" (list ($secretName))) -}} -{{- end -}} -{{- include "common.images.pullSecrets" (dict "images" $images "global" .Values.global) -}} -{{- end -}} diff --git a/charts/codecov/templates/_redis.tpl b/charts/codecov/templates/_redis.tpl index 25d0d67..edb49c1 100644 --- a/charts/codecov/templates/_redis.tpl +++ b/charts/codecov/templates/_redis.tpl @@ -1,4 +1,3 @@ -{{/* vim: set filetype=mustache: */}} {{- define "codecov.redis.host" -}} {{- if eq .Values.redis.enabled true -}} {{- printf "%s-%s" .Release.Name "redis" | trunc 63 | trimSuffix "-" -}}-master diff --git a/charts/codecov/templates/configmap.yaml b/charts/codecov/templates/configmap.yaml index d380371..aa2c1b2 100644 --- a/charts/codecov/templates/configmap.yaml +++ b/charts/codecov/templates/configmap.yaml @@ -4,10 +4,8 @@ metadata: name: {{ template "common.names.fullname" . }} labels: {{ include "common.labels.standard" . | nindent 4 }} data: - SETUP__LOGLVL: DEBUG - SETUP__CODECOV_HOST: {{ .Values.config.setup.codecovHost }} - SETUP__CODECOV_SCHEME: {{ .Values.config.setup.codecovScheme }} - SETUP__CODECOV_URL: {{ .Values.config.setup.codecovUrl }} - SETUP__CODECOV_API_URL: {{ .Values.config.setup.codecovApiUrl }} + SETUP__LOGLVL: {{ .Values.config.setup.loglvl | quote }} + SETUP__CODECOV_URL: {{ .Values.config.setup.codecovUrl | default (include "codecov.config.url" .) | quote }} + SETUP__CODECOV_API_URL: {{ .Values.config.setup.codecovApiUrl | default (include "codecov.config.apiUrl" .) | quote }} SETUP__TIMESERIES__ENABLED: {{ .Values.config.setup.timeseries.enabled | quote }} SITE__COMMENT__LAYOUT: {{ .Values.config.site.comment.layout | quote }} diff --git a/charts/codecov/templates/deployment-api.yaml b/charts/codecov/templates/deployment-api.yaml index 6e51f04..5b3eb60 100644 --- a/charts/codecov/templates/deployment-api.yaml +++ b/charts/codecov/templates/deployment-api.yaml @@ -19,31 +19,25 @@ spec: app.kubernetes.io/component: api spec: serviceAccountName: {{ include "codecov.serviceAccountName" . }} - {{- with .Values.api.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} + {{- include "codecov.imagePullSecrets" . | nindent 6 }} containers: - - name: api - image: "{{ .Values.api.image.repository }}:{{ .Values.api.image.tag | default .Chart.AppVersion }}" + - name: codecov-api + image: {{ template "codecov.images.api" . }} imagePullPolicy: {{ .Values.api.image.pullPolicy }} env: - {{- with .Values.extraEnvs }} - {{- toYaml . | nindent 12 }} - {{- end }} + {{- with .Values.extraEnvs }} + {{- toYaml . | nindent 8 }} + {{- end }} envFrom: {{- include "codecov.env" . | nindent 8 }} volumeMounts: - name: codecov-config mountPath: "/config" {{- include "codecov.volumeMounts" . | nindent 8 }} - {{- with .Values.volumeMounts }} - {{- toYaml . | nindent 12 }} - {{- end }} ports: - - name: http - containerPort: {{ .Values.api.containerPort }} - protocol: TCP + - name: http + containerPort: 8000 + protocol: TCP livenessProbe: httpGet: path: / @@ -52,8 +46,9 @@ spec: httpGet: path: / port: http - securityContext: - {{- toYaml .Values.api.securityContext | nindent 12 }} + {{- if .Values.api.containerSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.api.containerSecurityContext "context" $) | nindent 10 }} + {{- end }} resources: {{- toYaml .Values.api.resources | nindent 12 }} volumes: @@ -79,5 +74,6 @@ spec: topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.api.topologySpreadConstraints "context" .) | nindent 8 }} {{- end }} {{- if .Values.api.podSecurityContext.enabled }} - securityContext: {{- omit .Values.api.podSecurityContext "enabled" | toYaml | nindent 8 }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.api.podSecurityContext "context" $) | nindent 8 }} {{- end }} + enableServiceLinks: false diff --git a/charts/codecov/templates/deployment-frontend.yaml b/charts/codecov/templates/deployment-frontend.yaml index b574867..8454724 100644 --- a/charts/codecov/templates/deployment-frontend.yaml +++ b/charts/codecov/templates/deployment-frontend.yaml @@ -19,32 +19,29 @@ spec: app.kubernetes.io/component: frontend spec: serviceAccountName: {{ include "codecov.serviceAccountName" . }} - {{- with .Values.frontend.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} + {{- include "codecov.imagePullSecrets" . | nindent 6 }} containers: - - name: frontend - image: "{{ .Values.frontend.image.repository }}:{{ .Values.frontend.image.tag | default .Chart.AppVersion }}" + - name: codecov-frontend + image: {{ template "codecov.images.frontend" . }} imagePullPolicy: {{ .Values.api.image.pullPolicy }} env: - name: CODECOV_BASE_HOST - value: {{ .Values.config.setup.codecovHost }} + value: {{ include "codecov.config.host" . }} - name: CODECOV_API_HOST - value: {{ .Values.config.setup.codecovHost }} + value: {{ include "codecov.config.apiHost" . }} - name: CODECOV_IA_HOST - value: {{ .Values.config.setup.codecovHost }} + value: {{ include "codecov.config.host" . }} - name: CODECOV_SCHEME - value: {{ .Values.config.setup.codecovScheme }} + value: {{ include "codecov.config.scheme" . }} {{- with .Values.extraEnvs }} {{- toYaml . | nindent 10 }} {{- end }} envFrom: {{- include "codecov.env" . | nindent 8 }} ports: - - name: http - containerPort: {{ .Values.frontend.containerPort }} - protocol: TCP + - name: http + containerPort: 8080 + protocol: TCP livenessProbe: httpGet: path: /frontend_health @@ -55,11 +52,9 @@ spec: port: http volumeMounts: {{- include "codecov.volumeMounts" . | nindent 8 }} - {{- with .Values.volumeMounts }} - {{- toYaml . | nindent 12 }} - {{- end }} - securityContext: - {{- toYaml .Values.frontend.securityContext | nindent 12 }} + {{- if .Values.frontend.containerSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.frontend.containerSecurityContext "context" $) | nindent 10 }} + {{- end }} resources: {{- toYaml .Values.frontend.resources | nindent 12 }} volumes: @@ -81,6 +76,7 @@ spec: {{- if .Values.frontend.topologySpreadConstraints }} topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.frontend.topologySpreadConstraints "context" .) | nindent 8 }} {{- end }} - {{- if .Values.podSecurityContext.enabled }} - securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }} + {{- if .Values.frontend.podSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.frontend.podSecurityContext "context" $) | nindent 8 }} {{- end }} + enableServiceLinks: false diff --git a/charts/codecov/templates/deployment-gateway.yaml b/charts/codecov/templates/deployment-gateway.yaml index 8b022a5..37a03e4 100644 --- a/charts/codecov/templates/deployment-gateway.yaml +++ b/charts/codecov/templates/deployment-gateway.yaml @@ -17,29 +17,34 @@ spec: app.kubernetes.io/component: gateway spec: serviceAccountName: {{ include "codecov.serviceAccountName" . }} - {{- with .Values.gateway.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} + {{- include "codecov.imagePullSecrets" . | nindent 6 }} containers: - - name: gateway - image: "{{ .Values.gateway.image.repository }}:{{ .Values.gateway.image.tag | default .Chart.AppVersion }}" + - name: codecov-gateway + image: {{ template "codecov.images.gateway" . }} imagePullPolicy: {{ .Values.api.image.pullPolicy }} env: - name: CODECOV_GATEWAY_MINIO_ENABLED value: "false" - name: CODECOV_API_HOST - value: {{ include "common.names.fullname" . }}-api-svc + value: {{ include "common.names.fullname" . }}-api - name: CODECOV_API_PORT value: {{ .Values.api.service.port | quote }} + - name: CODECOV_API_SCHEME + value: http - name: CODECOV_IA_HOST - value: {{ include "common.names.fullname" . }}-api-svc + value: {{ include "common.names.fullname" . }}-api - name: CODECOV_IA_PORT value: {{ .Values.api.service.port | quote }} - - name: CODECOV_FRONTEND_HOST - value: {{ include "common.names.fullname" . }}-frontend-svc - - name: CODECOV_FRONTEND_PORT + - name: CODECOV_IA_SCHEME + value: http + - name: CODECOV_DEFAULT_HOST + value: {{ include "common.names.fullname" . }}-frontend + - name: CODECOV_DEFAULT_PORT value: {{ .Values.frontend.service.port | quote }} + - name: CODECOV_DEFAULT_SCHEME + value: http + - name: CODECOV_GATEWAY_HTTP_PORT + value: "8080" {{- if .Values.minio.enabled }} - name: CODECOV_MINIO_HOST value: {{ include "common.names.fullname" . }}-minio @@ -52,9 +57,9 @@ spec: envFrom: {{- include "codecov.env" . | nindent 8 }} ports: - - name: http - containerPort: {{ .Values.gateway.containerPort }} - protocol: TCP + - name: http + containerPort: 8080 + protocol: TCP livenessProbe: httpGet: path: /gateway_health @@ -63,8 +68,9 @@ spec: httpGet: path: /gateway_health port: http - securityContext: - {{- toYaml .Values.gateway.securityContext | nindent 12 }} + {{- if .Values.gateway.containerSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.gateway.containerSecurityContext "context" $) | nindent 10 }} + {{- end }} resources: {{- toYaml .Values.gateway.resources | nindent 12 }} volumes: @@ -86,6 +92,7 @@ spec: {{- if .Values.gateway.topologySpreadConstraints }} topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.gateway.topologySpreadConstraints "context" .) | nindent 8 }} {{- end }} - {{- if .Values.podSecurityContext.enabled }} - securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }} + {{- if .Values.gateway.podSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.gateway.podSecurityContext "context" $) | nindent 8 }} {{- end }} + enableServiceLinks: false diff --git a/charts/codecov/templates/deployment-worker.yaml b/charts/codecov/templates/deployment-worker.yaml index dc8ed0c..2095b75 100644 --- a/charts/codecov/templates/deployment-worker.yaml +++ b/charts/codecov/templates/deployment-worker.yaml @@ -19,32 +19,27 @@ spec: app.kubernetes.io/component: worker spec: serviceAccountName: {{ include "codecov.serviceAccountName" . }} - {{- with .Values.worker.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} + {{- include "codecov.imagePullSecrets" . | nindent 6 }} containers: - - name: worker - image: "{{ .Values.worker.image.repository }}:{{ .Values.worker.image.tag | default .Chart.AppVersion }}" + - name: codecov-worker + image: {{ template "codecov.images.worker" . }} imagePullPolicy: {{ .Values.api.image.pullPolicy }} args: {{- include "common.tplvalues.render" (dict "value" .Values.worker.args "context" $) | nindent 10 }} env: - - name: RUN_ENV - value: "ENTERPRISE" - {{- with .Values.extraEnvs }} - {{- toYaml . | nindent 10 }} - {{- end }} + - name: RUN_ENV + value: "ENTERPRISE" + {{- with .Values.extraEnvs }} + {{- toYaml . | nindent 8 }} + {{- end }} envFrom: {{- include "codecov.env" . | nindent 8 }} volumeMounts: - name: codecov-config mountPath: "/config" {{- include "codecov.volumeMounts" . | nindent 8 }} - {{- with .Values.volumeMounts }} - {{- toYaml . | nindent 12 }} + {{- if .Values.worker.containerSecurityContext.enabled }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.worker.containerSecurityContext "context" $) | nindent 10 }} {{- end }} - securityContext: - {{- toYaml .Values.worker.securityContext | nindent 12 }} resources: {{- toYaml .Values.worker.resources | nindent 12 }} volumes: @@ -70,5 +65,6 @@ spec: topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.worker.topologySpreadConstraints "context" .) | nindent 8 }} {{- end }} {{- if .Values.worker.podSecurityContext.enabled }} - securityContext: {{- omit .Values.worker.podSecurityContext "enabled" | toYaml | nindent 8 }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.worker.podSecurityContext "context" $) | nindent 8 }} {{- end }} + enableServiceLinks: false diff --git a/charts/codecov/templates/ingress.yaml b/charts/codecov/templates/ingress.yaml index 3dbf3fd..a52bbb1 100644 --- a/charts/codecov/templates/ingress.yaml +++ b/charts/codecov/templates/ingress.yaml @@ -1,5 +1,6 @@ {{- if .Values.ingress.enabled -}} -{{- $fullName := printf "%s-gateway" (include "common.names.fullname" .) -}} +{{- $fullName := include "common.names.fullname" . -}} +{{- $svcName := printf "%s-gateway" $fullName -}} apiVersion: {{ template "common.capabilities.ingress.apiVersion" . }} kind: Ingress metadata: @@ -13,30 +14,36 @@ metadata: {{- with .Values.ingress.annotations }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.commonIngressAnnotations }} - {{- toYaml . | nindent 4 }} - {{- end }} spec: {{- if and .Values.ingress.ingressClassName (include "common.ingress.supportsIngressClassname" .) }} ingressClassName: {{ .Values.ingress.ingressClassName | quote }} {{- end }} - tls: - {{- range .Values.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} rules: - {{- range .Values.ingress.hosts }} - - host: {{ .host | quote }} + - host: {{ .Values.ingress.hostname | quote }} http: paths: - {{- range .paths }} - - path: {{ .path | default "/" }} - {{ template "common.ingress.pathType" (dict "context" $ "value" .pathType) }} - backend: {{- include "common.ingress.backend" (dict "serviceName" $fullName "servicePort" "http" "context" $) | nindent 10 }} - {{- end }} + - path: {{ .Values.ingress.path | default "/" }} + {{- if eq "true" (include "common.ingress.supportsPathType" .) }} + pathType: {{ .Values.ingress.pathType }} + {{- end }} + backend: {{- include "common.ingress.backend" (dict "serviceName" $svcName "servicePort" "http" "context" $) | nindent 10 }} + {{- range .Values.ingress.extraHosts }} + - host: {{ .name | quote }} + http: + paths: + - path: {{ default "/" .path }} + {{- if eq "true" (include "common.ingress.supportsPathType" $) }} + pathType: {{ default "ImplementationSpecific" .pathType }} + {{- end }} + backend: {{- include "common.ingress.backend" (dict "serviceName" $svcName "servicePort" "http" "context" $) | nindent 10 }} + {{- end }} + tls: + {{- if and .Values.ingress.tls }} + - hosts: + - {{ .Values.ingress.hostname | quote }} + secretName: {{ printf "%s-tls" .Values.ingress.hostname }} + {{- end }} + {{- if .Values.ingress.extraTls }} + {{- include "common.tplvalues.render" ( dict "value" .Values.ingress.extraTls "context" $ ) | nindent 2 }} {{- end }} {{- end }} diff --git a/charts/codecov/templates/secret.yaml b/charts/codecov/templates/secret.yaml index 5d36459..e739ea7 100644 --- a/charts/codecov/templates/secret.yaml +++ b/charts/codecov/templates/secret.yaml @@ -22,12 +22,16 @@ data: {{- if .Values.minio.enabled }} SERVICES__MINIO__HOST: {{ printf "%s-minio" (include "common.names.fullname" .) | b64enc | quote }} SERVICES__MINIO__PORT: {{ .Values.minio.service.ports.api | toString | b64enc | quote }} + SERVICES__MINIO__BUCKET: "codecov" + SERVICES__MINIO__REGION: "us-east-1" SERVICES__MINIO__ACCESS_KEY_ID: {{ .Values.minio.auth.rootUser | b64enc | quote }} SERVICES__MINIO__SECRET_ACCESS_KEY: {{ .Values.minio.auth.rootPassword | b64enc | quote }} {{- else }} SERVICES__MINIO__HOST: {{ .Values.config.services.minio.host | b64enc | quote }} + SERVICES__MINIO__PORT: {{ .Values.config.services.minio.port | toString | b64enc | quote }} SERVICES__MINIO__BUCKET: {{ .Values.config.services.minio.bucket | b64enc | quote }} SERVICES__MINIO__REGION: {{ .Values.config.services.minio.region | b64enc | quote }} + SERVICES__MINIO__VERIFY_SSL: {{ .Values.config.services.minio.verifySsl | toString | b64enc | quote }} SERVICES__MINIO__ACCESS_KEY_ID: {{ .Values.config.services.minio.accessKeyId | b64enc | quote }} SERVICES__MINIO__SECRET_ACCESS_KEY: {{ .Values.config.services.minio.secretAccessKey | b64enc | quote }} {{- end }} diff --git a/charts/codecov/templates/service-api.yaml b/charts/codecov/templates/service-api.yaml index c07f537..44ff92c 100644 --- a/charts/codecov/templates/service-api.yaml +++ b/charts/codecov/templates/service-api.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "common.names.fullname" . }}-api-svc + name: {{ include "common.names.fullname" . }}-api labels: {{- include "common.labels.standard" . | nindent 4 }} app.kubernetes.io/component: api @@ -14,4 +14,4 @@ spec: name: http selector: {{- include "common.labels.matchLabels" . | nindent 4 }} - app.kubernetes.io/component: api \ No newline at end of file + app.kubernetes.io/component: api diff --git a/charts/codecov/templates/service-frontend.yaml b/charts/codecov/templates/service-frontend.yaml index d1527ef..d696923 100644 --- a/charts/codecov/templates/service-frontend.yaml +++ b/charts/codecov/templates/service-frontend.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "common.names.fullname" . }}-frontend-svc + name: {{ include "common.names.fullname" . }}-frontend labels: {{- include "common.labels.standard" . | nindent 4 }} app.kubernetes.io/component: frontend @@ -14,4 +14,4 @@ spec: name: http selector: {{- include "common.labels.matchLabels" . | nindent 4 }} - app.kubernetes.io/component: frontend \ No newline at end of file + app.kubernetes.io/component: frontend diff --git a/charts/codecov/values.yaml b/charts/codecov/values.yaml index 9a5577c..17a56ca 100644 --- a/charts/codecov/values.yaml +++ b/charts/codecov/values.yaml @@ -1,51 +1,55 @@ -imagePullSecrets: [] +global: + image: + imageRegistry: "" + imagePullSecrets: [] + nameOverride: "" fullnameOverride: "" +clusterDomain: cluster.local + config: - codecovConfig: |- - setup: - admins: - - service: github - username: "username" - services: - minio: - verify_ssl: false - port: 443 setup: - codecovHost: codecov.local - codecovScheme: https - codecovUrl: https://codecov.local - codecovApiUrl: https://codecov.local + loglvl: INFO + codecovHost: "" + codecovScheme: "" + codecovUrl: "" + codecovApiUrl: "" timeseries: enabled: false - enterprise_license: "very-long-license-key" + enterprise_license: "" http: - cookie_secret: "secrets" + cookie_secret: "" site: comment: layout: "reach,diff,flags,tree" github: - client_id: "Iv1.xxx" - client_secret: "secret" - global_upload_token: "upload-token" - webhook_secret: "secret" + ## e.g: + ## client_id: "Iv1.xxx" + ## client_secret: "secret + client_id: "" + client_secret: "" + global_upload_token: "" + webhook_secret: "" integration: - id: 1 + id: "" pem: /home/codecov/github-app-private.key services: minio: - host: "ap-south-1.linodeobjects.com" - bucket: "codecov" - region: "ap-south-1" - accessKeyId: "access-key" - secretAccessKey: "secret-key" + host: "" + port: "" + bucket: "" + region: "" + verifySsl: false + accessKeyId: "" + secretAccessKey: "" postgres: - username: "codecov" - password: "secret" database: "codecov" - host: "localhost" + username: "codecov" + password: "" + host: "" port: 5432 + secretFiles: github-app-private.key: |- -----BEGIN RSA PRIVATE KEY----- @@ -54,20 +58,15 @@ secretFiles: extraEnvs: [] -volumes: [] - -volumeMounts: [] - api: replicaCount: 1 image: - repository: codecov/enterprise-api - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. + registry: docker.io + repository: codecov/self-hosted-api tag: "" - - imagePullSecrets: [] + pullPolicy: IfNotPresent + pullSecrets: [] podAnnotations: {} @@ -75,7 +74,7 @@ api: enabled: true fsGroup: 101 - securityContext: + containerSecurityContext: enabled: true runAsNonRoot: true runAsUser: 100 @@ -85,8 +84,6 @@ api: type: ClusterIP port: 80 - containerPort: 8000 - resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little @@ -123,23 +120,22 @@ worker: replicaCount: 1 image: - repository: codecov/enterprise-worker - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. + registry: docker.io + repository: codecov/self-hosted-worker tag: "" + pullPolicy: IfNotPresent + pullSecrets: [] args: - worker - imagePullSecrets: [] - podAnnotations: {} podSecurityContext: enabled: true fsGroup: 101 - securityContext: + containerSecurityContext: enabled: true runAsNonRoot: true runAsUser: 100 @@ -180,19 +176,19 @@ gateway: replicaCount: 1 image: - repository: codecov/enterprise-gateway - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. + registry: docker.io + repository: codecov/self-hosted-gateway tag: "" - - imagePullSecrets: [] + pullPolicy: IfNotPresent + pullSecrets: [] podAnnotations: {} - podSecurityContext: {} - # fsGroup: 2000 + podSecurityContext: + enabled: false - securityContext: {} + containerSecurityContext: + enabled: false # capabilities: # drop: # - ALL @@ -204,8 +200,6 @@ gateway: type: ClusterIP port: 80 - containerPort: 8080 - resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little @@ -242,19 +236,19 @@ frontend: replicaCount: 1 image: - repository: codecov/enterprise-frontend - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. + registry: docker.io + repository: codecov/self-hosted-frontend tag: "" - - imagePullSecrets: [] + pullPolicy: IfNotPresent + pullSecrets: [] podAnnotations: {} - podSecurityContext: {} - # fsGroup: 2000 + podSecurityContext: + enabled: false - securityContext: {} + containerSecurityContext: + enabled: false # capabilities: # drop: # - ALL @@ -266,9 +260,6 @@ frontend: type: ClusterIP port: 80 - containerPort: 8080 - - resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little @@ -310,69 +301,35 @@ serviceAccount: # If not set and create is true, a name is generated using the fullname template name: "" -podAnnotations: {} - -podSecurityContext: {} - # fsGroup: 2000 - -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - service: type: ClusterIP port: 80 ingress: - enabled: true - ingressClassName: nginx + enabled: false annotations: {} - hosts: - - host: codecov.local - paths: - - path: / - pathType: ImplementationSpecific - tls: [] -# - secretName: codecov-tls -# hosts: -# - codecov.local + hostname: codecov.local + path: / + pathType: ImplementationSpecific + tls: false + extraHosts: [] + extraTls: [] redis: - enabled: true - architecture: standalone - auth: - enabled: true - password: "REDIS_PASSWORD" - master: - persistence: - enabled: true - size: 8Gi - replica: - replicaCount: 0 + enabled: false postgresql: enabled: false - architecture: standalone image: tag: 14.5.0-debian-11-r29 - postgresPassword: "testpassword" - service: - port: 5432 auth: - postgresPassword: "testpassword" database: "codecov" username: codecov - password: "testpassword" - primary: - persistence: - enabled: false + password: "secret" + postgresPassword: "secret" timescaledb: - enabled: true + enabled: false fullnameOverride: "codecov-timescaledb" replicaCount: 1 image: @@ -397,5 +354,4 @@ minio: auth: rootUser: minioadmin rootPassword: minioadmin - persistence: - enabled: false + defaultBuckets: minio