diff --git a/charts/windmill/Chart.yaml b/charts/windmill/Chart.yaml index a749f88..c9260d2 100644 --- a/charts/windmill/Chart.yaml +++ b/charts/windmill/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: windmill type: application -version: 2.0.324 +version: 2.0.325 appVersion: 1.434.2 dependencies: - condition: postgresql.enabled diff --git a/charts/windmill/templates/indexer.yaml b/charts/windmill/templates/indexer.yaml new file mode 100644 index 0000000..5824fb2 --- /dev/null +++ b/charts/windmill/templates/indexer.yaml @@ -0,0 +1,150 @@ +{{- if and .Values.enterprise.enabled .Values.windmill.indexer.enabled -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: windmill-indexer + labels: + app: windmill-indexer + app.kubernetes.io/name: windmill-indexer + chart: {{ template "windmill.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: 1 + strategy: + type: RollingUpdate + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + selector: + matchLabels: + app: windmill-indexer + template: + metadata: + labels: + app: windmill-indexer + app.kubernetes.io/name: windmill-indexer + container: windmill-indexer +{{- with .Values.windmill.indexer.labels }} +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.windmill.indexer.annotations }} + annotations: +{{ toYaml . | indent 8 }} + {{- end }} + spec: + {{ if .Values.windmill.imagePullSecrets }} + imagePullSecrets: + - name: {{ .Values.windmill.imagePullSecrets }} + {{ end }} + containers: + - name: windmill-indexer + securityContext: + {{- with .Values.windmill.indexer.containerSecurityContext }} + {{- toYaml . | nindent 10 }} + {{- end }} + image: {{ default "ghcr.io/windmill-labs/windmill-ee" .Values.windmill.image }}:{{ default "latest" .Values.windmill.tag }} + imagePullPolicy: Always + ports: + - containerPort: 8000 + readinessProbe: + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 1 + httpGet: + host: + scheme: HTTP + path: / + httpHeaders: + - name: Host + value: localhost + port: 8000 + initialDelaySeconds: 5 + periodSeconds: 5 + env: + {{- with .Values.windmill.indexer.extraEnv }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{ if .Values.enterprise.enabled }} + - name : "METRICS_ADDR" + value: "true" + {{ end }} + {{ if .Values.windmill.databaseUrlSecretName }} + - name: "DATABASE_URL" + valueFrom: + secretKeyRef: + name: "{{ .Values.windmill.databaseUrlSecretName }}" + key: "{{ .Values.windmill.databaseUrlSecretKey }}" + {{ else }} + - name: "DATABASE_URL" + value: "{{ .Values.windmill.databaseUrl }}" + {{ end }} + - name: "BASE_URL" + value: "{{ .Values.windmill.baseProtocol }}://{{ .Values.windmill.baseDomain }}" + - name: "RUST_LOG" + value: "{{ .Values.windmill.rustLog }}" + - name: "MODE" + value: "indexer" + - name: "JSON_FMT" + value: "true" + {{ if .Values.windmill.instanceEventsWebhook }} + - name: "INSTANCE_EVENTS_WEBHOOK" + value: "true" + {{ end }} + {{ if .Values.enterprise.enabled }} + {{ if .Values.enterprise.licenseKeySecretName }} + - name: "LICENSE_KEY" + valueFrom: + secretKeyRef: + name: {{ .Values.enterprise.licenseKeySecretName }} + key: {{ .Values.enterprise.licenseKeySecretKey }} + {{ else }} + - name: "LICENSE_KEY" + value: "{{ .Values.enterprise.licenseKey }}" + {{ end }} + {{ if .Values.enterprise.samlMetadata }} + - name: "SAML_METADATA" + value: "{{ .Values.enterprise.samlMetadata }}" + {{ end }} + {{ if $.Values.enterprise.enabledS3DistributedCache }} + - name: "S3_CACHE_BUCKET" + value: "{{ $.Values.enterprise.s3CacheBucket }}" + {{ end }} + {{ end }} + resources: +{{ toYaml .Values.windmill.indexer.resources | indent 12 }} + {{- with .Values.windmill.indexer.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.windmill.indexer.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.windmill.indexer.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.windmill.indexer.podSecurityContext }} + securityContext: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.windmill.indexer.securityContext }} + securityContext: +{{ toYaml . | indent 8 }} + {{- end }} +--- +apiVersion: v1 +kind: Service +metadata: + name: windmill-indexer +spec: + ports: + - port: 8000 + protocol: TCP + targetPort: 8000 + selector: + app.kubernetes.io/name: windmill-indexer + sessionAffinity: ClientIP + type: ClusterIP +{{- end -}} diff --git a/charts/windmill/templates/ingress.yaml b/charts/windmill/templates/ingress.yaml index b07ea6f..01c25cc 100644 --- a/charts/windmill/templates/ingress.yaml +++ b/charts/windmill/templates/ingress.yaml @@ -43,6 +43,18 @@ spec: name: windmill-multiplayer port: number: 3002 + {{ if .Values.windmill.indexer.enabled }} + - host: {{ .Values.windmill.baseDomain | quote }} + http: + paths: + - path: /api/srch/ + pathType: Prefix + backend: + service: + name: windmill-indexer + port: + number: 8000 + {{ end }} {{ if .Values.hub.enabled }} - host: {{ .Values.hub.baseDomain | quote }} http: diff --git a/charts/windmill/values.yaml b/charts/windmill/values.yaml index 97d825c..7f8ff5e 100644 --- a/charts/windmill/values.yaml +++ b/charts/windmill/values.yaml @@ -369,6 +369,43 @@ windmill: # -- target CPU utilization targetCPUUtilizationPercentage: 80 + # indexer configuration + indexer: + tag: "latest" + + enabled: true + + # -- Annotations to apply to the pods + annotations: {} + + # -- Annotations to apply to the pods + labels: {} + + # -- Node selector to use for scheduling the pods + nodeSelector: {} + + # -- Tolerations to apply to the pods + tolerations: [] + + # -- legacy, use podSecurityContext instead + securityContext: + # -- Security context to apply to the pods + podSecurityContext: + # -- run as user. The default is 0 for root user + runAsUser: 0 + # -- run explicitly as a non-root user. The default is false. + runAsNonRoot: false + containerSecurityContext: {} + + # -- Affinity rules to apply to the pods + affinity: {} + + # -- Resource limits and requests for the pods + resources: {} + + # -- Extra environment variables to apply to the pods + extraEnv: [] + ingress: # -- enable/disable included ingress resource enabled: true