Skip to content

Commit

Permalink
Merge branch 'main' into add-support-for-internal-frontend
Browse files Browse the repository at this point in the history
  • Loading branch information
@tomwheeler
tomwheeler authored Dec 18, 2024
2 parents 5910d48 + ac23333 commit 5d49da6
Show file tree
Hide file tree
Showing 17 changed files with 313 additions and 25 deletions.
9 changes: 8 additions & 1 deletion .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,4 +49,11 @@ jobs:

- name: Run template tests
working-directory: charts/temporal/tests
run: go test
run: go test

- name: Install helm-unittest
run: helm plugin install https://github.com/helm-unittest/helm-unittest.git

- name: Run helm-unittest
working-directory: charts/temporal
run: helm unittest .
27 changes: 25 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -110,7 +110,7 @@ helm install \

### Install with sidecar containers

You may need to provide your own sidecar containers.
You may need to provide your own sidecar containers.

For an example, review the values for Google's `cloud sql proxy` in the `values/values.cloudsqlproxy.yaml` and pass that file to `helm install`:

Expand Down Expand Up @@ -283,7 +283,7 @@ helm install \
```

Note that if archival is enabled, it is also enabled for all newly created namespaces.
Make sure to update the specific archival provider values file to set your configs.
Make sure to update the specific archival provider values file to set your configs.

### Install and configure Temporal

Expand Down Expand Up @@ -316,6 +316,29 @@ helm install \
--wait
```

### Enable SSO in Temporal UI

To enable SSO in the temporal UI set following env variables in the `web.additionalEnv`:

```yaml
- name: TEMPORAL_AUTH_ENABLED
value: "true"
- name: TEMPORAL_AUTH_PROVIDER_URL
value: "https://accounts.google.com"
- name: TEMPORAL_AUTH_CLIENT_ID
value: "xxxxx-xxxx.apps.googleusercontent.com"
- name: TEMPORAL_AUTH_CALLBACK_URL
value: "https://xxxx.com:8080/auth/sso/callback"
```
In the `web.additionalEnvSecretName` set the secret name, the secret should have following

```yaml
TEMPORAL_AUTH_CLIENT_SECRET: xxxxxxxxxxxxxxx
```

Reference: <https://docs.temporal.io/references/web-ui-server-env-vars>

## Play With It

### Exploring Your Cluster
Expand Down
1 change: 1 addition & 0 deletions charts/temporal/.helmignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,3 +20,4 @@
.idea/
*.tmproj
.vscode/
tests/
4 changes: 2 additions & 2 deletions charts/temporal/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ dependencies:
type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
version: 0.50.0
version: 0.52.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application.
appVersion: 1.25.1
appVersion: 1.25.2
18 changes: 17 additions & 1 deletion charts/temporal/templates/_admintools-env.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,18 @@
secretKeyRef:
name: {{ include "temporal.persistence.secretName" (list $global $store) }}
key: {{ include "temporal.persistence.secretKey" (list $global $store) }}
{{- with $driverConfig.tls }}
- name: CASSANDRA_ENABLE_TLS
value: {{ .enabled | quote }}
{{- with .caFile }}
- name: CASSANDRA_TLS_CA
value: {{ . }}
{{- end }}
{{- if hasKey . "enableHostVerification" }}
- name: CASSANDRA_TLS_DISABLE_HOST_VERIFICATION
value: {{ not .enableHostVerification | quote }}
{{- end }}
{{- end }}
{{- else if eq $driver "sql" -}}
- name: SQL_PLUGIN
value: {{ include "temporal.persistence.sql.driver" (list $global $store) }}
Expand All @@ -37,6 +49,10 @@
secretKeyRef:
name: {{ include "temporal.persistence.secretName" (list $global $store) }}
key: {{ include "temporal.persistence.secretKey" (list $global $store) }}
{{- with $driverConfig.connectAttributes }}
- name: SQL_CONNECT_ATTRIBUTES
value: {{ include "temporal.persistence.sql.connectAttributes" (list $global $store) | quote }}
{{- end }}
{{- with $driverConfig.tls }}
- name: SQL_TLS
value: {{ .enabled | quote }}
Expand Down Expand Up @@ -78,4 +94,4 @@
- name: ES_VISIBILITY_INDEX
value: {{ $driverConfig.visibilityIndex }}
{{- end }}
{{- end -}}
{{- end -}}
20 changes: 16 additions & 4 deletions charts/temporal/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,11 +91,11 @@ Create the annotations for all resources
{{- end -}}
{{- $resourceAnnotations := merge $scopeAnnotations $componentAnnotations -}}
{{- range $annotation_name, $annotation_value := $resourceAnnotations }}
{{ $annotation_name }}: {{ $annotation_value }}
{{ $annotation_name }}: {{ $annotation_value | quote }}
{{- end -}}
{{- end -}}
{{- range $annotation_name, $annotation_value := $global.Values.additionalAnnotations }}
{{ $annotation_name }}: {{ $annotation_value }}
{{ $annotation_name }}: {{ $annotation_value | quote }}
{{- end -}}
{{- end -}}

Expand Down Expand Up @@ -128,11 +128,11 @@ app.kubernetes.io/part-of: {{ $global.Chart.Name }}
{{- end -}}
{{- $resourceLabels := merge $scopeLabels $componentLabels -}}
{{- range $label_name, $label_value := $resourceLabels }}
{{ $label_name}}: {{ $label_value }}
{{ $label_name}}: {{ $label_value | quote }}
{{- end -}}
{{- end -}}
{{- range $label_name, $label_value := $global.Values.additionalLabels }}
{{ $label_name }}: {{ $label_value }}
{{ $label_name }}: {{ $label_value | quote }}
{{- end -}}
{{- end -}}

Expand Down Expand Up @@ -360,6 +360,18 @@ Source: https://stackoverflow.com/a/52024583/3027614
{{- end -}}
{{- end -}}

{{- define "temporal.persistence.sql.connectAttributes" -}}
{{- $global := index . 0 -}}
{{- $store := index . 1 -}}
{{- $storeConfig := index $global.Values.server.config.persistence $store -}}
{{- $driverConfig := $storeConfig.sql -}}
{{- $result := list -}}
{{- range $key, $value := $driverConfig.connectAttributes -}}
{{- $result = append $result (printf "%s=%v" $key $value) -}}
{{- end -}}
{{- join "&" $result -}}
{{- end -}}

{{- define "temporal.persistence.elasticsearch.secretName" -}}
{{- $global := index . 0 -}}
{{- $store := index . 1 -}}
Expand Down
17 changes: 17 additions & 0 deletions charts/temporal/templates/admintools-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,10 @@ spec:
{{- include "temporal.resourceLabels" (list $ "admintools" "pod") | nindent 8 }}
spec:
{{ include "temporal.serviceAccount" $ }}
{{- if $.Values.admintools.additionalInitContainers }}
initContainers:
{{- toYaml $.Values.admintools.additionalInitContainers | nindent 8 }}
{{- end }}
containers:
- name: admin-tools
image: "{{ .Values.admintools.image.repository }}:{{ .Values.admintools.image.tag }}"
Expand All @@ -47,13 +51,22 @@ spec:
{{- if .Values.admintools.additionalEnv }}
{{- toYaml .Values.admintools.additionalEnv | nindent 12 }}
{{- end }}
{{- if .Values.admintools.additionalEnvSecretName }}
envFrom:
- secretRef:
name: {{ .Values.admintools.additionalEnvSecretName }}
{{- end }}
livenessProbe:
exec:
command:
- ls
- /
initialDelaySeconds: 5
periodSeconds: 5
{{- if $.Values.admintools.additionalVolumeMounts }}
volumeMounts:
{{- toYaml $.Values.admintools.additionalVolumeMounts | nindent 12}}
{{- end }}
{{- with .Values.admintools.resources }}
resources:
{{- toYaml . | nindent 12 }}
Expand All @@ -70,6 +83,10 @@ spec:
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if $.Values.admintools.additionalVolumes }}
volumes:
{{- toYaml $.Values.admintools.additionalVolumes | nindent 8}}
{{- end }}
{{- with .Values.admintools.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
Expand Down
4 changes: 4 additions & 0 deletions charts/temporal/templates/server-configmap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,10 @@ data:
logLevel: "{{ $elasticsearch.logLevel }}"
indices:
visibility: "{{ $elasticsearch.visibilityIndex }}"
{{- with $elasticsearch.tls }}
tls:
{{- toYaml . | nindent 16 }}
{{- end }}
{{- else if eq (include "temporal.persistence.driver" (list $ "visibility")) "sql" }}
sql:
pluginName: "{{ include "temporal.persistence.sql.driver" (list $ "visibility") }}"
Expand Down
10 changes: 9 additions & 1 deletion charts/temporal/templates/server-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,8 +38,11 @@ spec:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}
{{- if or $.Values.cassandra.enabled (or $.Values.elasticsearch.enabled $.Values.elasticsearch.external)}}
{{- if or (or $.Values.server.additionalInitContainers $.Values.cassandra.enabled) (or $.Values.elasticsearch.enabled $.Values.elasticsearch.external)}}
initContainers:
{{- if $.Values.server.additionalInitContainers }}
{{- toYaml $.Values.server.additionalInitContainers | nindent 8}}
{{- end }}
{{- if $.Values.cassandra.enabled }}
- name: check-cassandra-service
image: busybox
Expand Down Expand Up @@ -94,6 +97,11 @@ spec:
{{- if or $.Values.server.additionalEnv $serviceValues.additionalEnv }}
{{- toYaml (default $.Values.server.additionalEnv $serviceValues.additionalEnv) | nindent 12 }}
{{- end }}
{{- if $.Values.server.additionalEnvSecretName }}
envFrom:
- secretRef:
name: {{ $.Values.server.additionalEnvSecretName }}
{{- end }}
ports:
{{- if ne $service "worker" }}
- name: rpc
Expand Down
22 changes: 10 additions & 12 deletions charts/temporal/templates/server-job.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,9 @@ spec:
{{ include "temporal.serviceAccount" $ }}
restartPolicy: OnFailure
initContainers:
{{- if $.Values.admintools.additionalInitContainers }}
{{- toYaml $.Values.admintools.additionalInitContainers | nindent 8 }}
{{- end }}
{{- if $.Values.cassandra.enabled }}
- name: check-cassandra-service
image: busybox
Expand Down Expand Up @@ -56,7 +59,7 @@ spec:
{{- end }}
env:
{{- include "temporal.admintools-env" (list $ $store) | nindent 12 }}
{{- with $.Values.server.additionalVolumeMounts }}
{{- with $.Values.admintools.additionalVolumeMounts }}
volumeMounts:
{{- toYaml . | nindent 12 }}
{{- end }}
Expand All @@ -83,7 +86,7 @@ spec:
{{- end }}
env:
{{- include "temporal.admintools-env" (list $ $store) | nindent 12 }}
{{- with $.Values.server.additionalVolumeMounts }}
{{- with $.Values.admintools.additionalVolumeMounts }}
volumeMounts:
{{- toYaml . | nindent 12 }}
{{- end }}
Expand Down Expand Up @@ -118,7 +121,7 @@ spec:
{{- end }}
env:
{{- include "temporal.admintools-env" (list $ $store) | nindent 12 }}
{{- with $.Values.server.additionalVolumeMounts }}
{{- with $.Values.admintools.additionalVolumeMounts }}
volumeMounts:
{{- toYaml . | nindent 12 }}
{{- end }}
Expand Down Expand Up @@ -146,8 +149,7 @@ spec:
value: {{ include "temporal.fullname" $ }}-internal-frontend.{{ $.Release.Namespace }}.svc:{{ .Values.server.internalFrontend.service.port }}
{{- else }}
value: "{{ include "temporal.fullname" $ }}-frontend.{{ $.Release.Namespace }}.svc:{{ $.Values.server.frontend.service.port }}"
{{- end }}
{{- with $.Values.server.additionalVolumeMounts }}
{{- with $.Values.admintools.additionalVolumeMounts }}
volumeMounts:
{{- toYaml . | nindent 12 }}
{{- end }}
Expand Down Expand Up @@ -182,19 +184,15 @@ spec:
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with $.Values.server.nodeSelector }}
{{- with $.Values.admintools.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with $.Values.server.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with $.Values.server.tolerations }}
{{- with $.Values.admintools.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with $.Values.server.additionalVolumes }}
{{- with $.Values.admintools.additionalVolumes }}
volumes:
{{- toYaml . | nindent 8 }}
{{- end }}
Expand Down
5 changes: 5 additions & 0 deletions charts/temporal/templates/web-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,11 @@ spec:
{{- if .Values.web.additionalEnv }}
{{- toYaml .Values.web.additionalEnv | nindent 12 }}
{{- end }}
{{- if .Values.web.additionalEnvSecretName }}
envFrom:
- secretRef:
name: {{ .Values.web.additionalEnvSecretName }}
{{- end }}
ports:
- name: http
containerPort: 8080
Expand Down
31 changes: 31 additions & 0 deletions charts/temporal/tests/admintools_deployment_test.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
suite: test admintools deployment
templates:
- admintools-deployment.yaml
tests:
- it: includes additional init containers
set:
admintools:
additionalInitContainers:
- name: my-init-container
asserts:
- equal:
path: spec.template.spec.initContainers[0].name
value: my-init-container
- it: includes additional volumes
set:
admintools:
additionalVolumes:
- name: my-volume
asserts:
- equal:
path: spec.template.spec.volumes[0].name
value: my-volume
- it: includes additional volume mounts
set:
admintools:
additionalVolumeMounts:
- name: my-volume
asserts:
- equal:
path: spec.template.spec.containers[0].volumeMounts[0].name
value: my-volume
4 changes: 4 additions & 0 deletions charts/temporal/tests/deployment_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -120,6 +120,7 @@ func TestTemplateServerDeploymentAnnotations(t *testing.T) {
SetValues: map[string]string{
"server.frontend.deploymentAnnotations.one": "three",
"server.frontend.deploymentAnnotations.four": "four",
"server.frontend.deploymentAnnotations.five": "[{\"test\":\"success\"}]",
"server.deploymentAnnotations.one": "one",
"server.deploymentAnnotations.two": "two",
"additionalAnnotations.zero": "zero",
Expand All @@ -135,6 +136,7 @@ func TestTemplateServerDeploymentAnnotations(t *testing.T) {
require.Equal(t, "three", deployment.ObjectMeta.Annotations["one"])
require.Equal(t, "two", deployment.ObjectMeta.Annotations["two"])
require.Equal(t, "four", deployment.ObjectMeta.Annotations["four"])
require.Equal(t, "[{\"test\":\"success\"}]", deployment.ObjectMeta.Annotations["five"])
require.Equal(t, "zero", deployment.ObjectMeta.Annotations["zero"])
require.Equal(t, "zero", deployment.Spec.Template.ObjectMeta.Annotations["zero"])
}
Expand All @@ -154,6 +156,7 @@ func TestTemplateServerDeploymentLabels(t *testing.T) {
SetValues: map[string]string{
"server.frontend.deploymentLabels.one": "three",
"server.frontend.deploymentLabels.four": "four",
"server.frontend.deploymentLabels.five": "[{\"test\":\"success\"}]",
"server.deploymentLabels.one": "one",
"server.deploymentLabels.two": "two",
"additionalLabels.zero": "zero",
Expand All @@ -169,6 +172,7 @@ func TestTemplateServerDeploymentLabels(t *testing.T) {
require.Equal(t, "three", deployment.ObjectMeta.Labels["one"])
require.Equal(t, "two", deployment.ObjectMeta.Labels["two"])
require.Equal(t, "four", deployment.ObjectMeta.Labels["four"])
require.Equal(t, "[{\"test\":\"success\"}]", deployment.ObjectMeta.Labels["five"])
require.Equal(t, "zero", deployment.ObjectMeta.Labels["zero"])
require.Equal(t, "zero", deployment.Spec.Template.ObjectMeta.Labels["zero"])
}
Loading

0 comments on commit 5d49da6

Please sign in to comment.