Skip to content

Improving helm chart #868

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 10 commits into
base: develop
Choose a base branch
from
+102 −56
Open

Improving helm chart #868

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
4b51c4a
Allow to provide external rabbit and postgresql
ascalotoru Jun 25, 2025
914c07f
Allow to use custom secret to provide postgresql data
ascalotoru Jun 25, 2025
b41fab9
Allow set CELERY url
ascalotoru Jun 26, 2025
11b1b77
Add support for disabling ingress via ingress.enabled
ascalotoru Jun 26, 2025
b443d15
Add default fallback and validation for serviceName and servicePort
ascalotoru Jun 26, 2025
651eaef
Add ingress.tls.enabled flag to control optional TLS configuration
ascalotoru Jun 27, 2025
671617f
Add support for custom annotations and conditional ssl-redirect
ascalotoru Jun 27, 2025
35aea0b
Fix syntax error
ascalotoru Jun 30, 2025
7461371
Use irisapp.service.type instead of irisapp.type in service manifest
ascalotoru Jun 30, 2025
a066579
rename ingress TLS flag and adjust values.yaml structure
ascalotoru Jul 10, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
41 changes: 29 additions & 12 deletions deploy/kubernetes/charts/templates/ingress.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,15 @@
{{- if .Values.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ .Values.ingress.name }}
annotations:
{{- toYaml .Values.ingress.annotations | nindent 4 }}
{{- if .Values.ingress.sslRedirect }}
nginx.ingress.kubernetes.io/ssl-redirect: "true"
{{- end }}
{{- with .Values.ingress.customAnnotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
ingressClassName: {{ .Values.ingress.className }}
rules:
Expand All @@ -13,21 +19,32 @@ spec:
paths:
{{- range $path := $host.paths }}
- path: {{ $path.path }}
pathType: Prefix
pathType: {{ default "ImplementationSpecific" $path.pathType}}
backend:
service:
name: {{ $path.serviceName }}
name: {{- if hasKey $path "serviceName" -}}
{{- $path.serviceName | indent 1}}
{{- else if hasKey $.Values.irisapp "name" -}}
{{- $.Values.irisapp.name | indent 1}}
{{- else -}}
{{- fail "Missing 'serviceName' in ingress.hosts[].paths[] and no default in irisapp.name" }}
{{- end }}
port:
number: {{ $path.servicePort }}
number: {{- if hasKey $path "servicePort" -}}
{{- printf "%v" $path.servicePort | indent 1}}
{{- else if hasKey $.Values.irisapp.service "port" -}}
{{- printf "%v" $.Values.irisapp.service.port | indent 1 }}
{{- else -}}
{{- fail "Missing 'servicePort' in ingress.hosts[].paths[] and no default in irisapp.service.port" }}
{{- end }}
{{- end }}
{{- end }}
{{- with .Values.ingress.tls }}
{{- if and .Values.ingress.enableTls.enabled (gt (len .Values.ingress.tls.hosts) 0) }}
tls:
{{- range . }}
- hosts:
{{- range .hosts }}
- {{ . }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
- hosts:
{{- range .Values.ingress.tls.hosts }}
- {{ . }}
{{- end }}
secretName: {{ .Values.ingress.tls.secretName }}
{{- end }}
{{- end }}
32 changes: 13 additions & 19 deletions deploy/kubernetes/charts/templates/iris_app.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
apiVersion: v1
kind: Secret
metadata:
Expand Down Expand Up @@ -45,24 +46,17 @@ spec:
command: ['nohup', './iris-entrypoint.sh', 'iriswebapp']

env:

- name: POSTGRES_USER # Setting Database username
value: {{ .Values.irisapp.POSTGRES_USER| quote }}

- name: POSTGRES_PASSWORDD # Setting Database password
value: {{ .Values.irisapp.POSTGRES_PASSWORD | quote }}

- name: POSTGRES_ADMIN_USER # Setting Database admin user
value: {{ .Values.irisapp.POSTGRES_ADMIN_USER | quote }}

- name: POSTGRES_ADMIN_PASSWORD # Setting Database admin password
value: {{ .Values.irisapp.POSTGRES_ADMIN_PASSWORD | quote }}

- name: POSTGRES_PORT # Setting Database port
value: {{ .Values.irisapp.POSTGRES_PORT | quote }}

- name: POSTGRES_SERVER # Setting Database server
value: {{ .Values.irisapp.POSTGRES_SERVER | quote }}
{{- range $key := list "POSTGRES_USER" "POSTGRES_PASSWORD" "POSTGRES_ADMIN_USER" "POSTGRES_ADMIN_PASSWORD" "POSTGRES_PORT" "POSTGRES_SERVER" }}
- name: {{ $key }}
{{- if and (hasKey $.Values.irisapp "envFromSecret") (has $key $.Values.irisapp.envFromSecret.keys) }}
valueFrom:
secretKeyRef:
name: {{ $.Values.irisapp.envFromSecret.name }}
key: {{ $key }}
{{- else }}
value: {{ index $.Values.irisapp $key | quote }}
{{- end }}
{{- end }}

- name: IRIS_SECRET_KEY
value: {{ .Values.irisapp.IRIS_SECRET_KEY | quote }}
Expand Down Expand Up @@ -148,7 +142,7 @@ metadata:
labels:
app: {{ .Values.irisapp.app }}
spec:
type: {{ .Values.irisapp.type }}
type: {{ .Values.irisapp.service.type }}
ports:
- port: {{ .Values.irisapp.service.port }}
targetPort: {{ .Values.irisapp.service.targetPort }}
Expand Down
29 changes: 13 additions & 16 deletions deploy/kubernetes/charts/templates/iris_worker.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,23 +49,20 @@ spec:
- name: DOCKERIZED
value: {{ .Values.irisworker.DOCKERIZED | quote }}

- name: POSTGRES_USER
value: {{ .Values.irisworker.POSTGRES_USER | quote }}
{{- range $key := list "POSTGRES_USER" "POSTGRES_PASSWORD" "POSTGRES_ADMIN_USER" "POSTGRES_ADMIN_PASSWORD" "POSTGRES_PORT" "POSTGRES_SERVER" }}
- name: {{ $key }}
{{- if and (hasKey $.Values.irisworker "envFromSecret") (has $key $.Values.irisworker.envFromSecret.keys) }}
valueFrom:
secretKeyRef:
name: {{ $.Values.irisworker.envFromSecret.name }}
key: {{ $key }}
{{- else }}
value: {{ index $.Values.irisworker $key | quote }}
{{- end }}
{{- end }}

- name: POSTGRES_PASSWORDD
value: {{ .Values.irisworker.POSTGRES_PASSWORD | quote }}

- name: POSTGRES_ADMIN_USER
value: {{ .Values.irisworker.POSTGRES_ADMIN_USER | quote }}

- name: POSTGRES_ADMIN_PASSWORD
value: {{ .Values.irisworker.POSTGRES_ADMIN_PASSWORD | quote }}

- name: POSTGRES_PORT
value: {{ .Values.irisworker.POSTGRES_PORT | quote }}

- name: POSTGRES_SERVER
value: {{ .Values.irisworker.POSTGRES_SERVER | quote }}
- name: CELERY_BROKER
value: {{ .Values.irisworker.CELERY_BROKER | quote }}

- name: IRIS_SECRET_KEY
value: {{ .Values.irisworker.IRIS_SECRET_KEY | quote }}
Expand Down
2 changes: 2 additions & 0 deletions deploy/kubernetes/charts/templates/postgres.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
{{- if .Values.postgres.enabled }}
---
# Here I have used a hostpath
# Local volumes can only be used as a statically created PersistentVolume. Dynamic provisioning is not supported.
Expand Down Expand Up @@ -108,3 +109,4 @@ spec:
selector:
app: {{ .Values.postgres.app }}
---
{{- end }}
4 changes: 3 additions & 1 deletion deploy/kubernetes/charts/templates/rabbitmq.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
{{- if .Values.rabbitmq.enabled }}
---
apiVersion: apps/v1
kind: Deployment
Expand Down Expand Up @@ -38,4 +39,5 @@ spec:
type: ClusterIP
selector:
app: {{ .Values.rabbitmq.app }}
---
---
{{- end }}
50 changes: 42 additions & 8 deletions deploy/kubernetes/charts/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
## @section rabbitmq Configuration
##
rabbitmq:
## @param rabbitmq.enable Enable RabbitMQ deployment
##
enable: true
## @param rabbitmq.app App name for rabbitmq
##
app: rabbitmq
Expand Down Expand Up @@ -33,6 +36,9 @@ rabbitmq:
## @section PostgreSQL Configuration
##
postgres:
## @param postgres.enable Enable PostgreSQL deployment
##
enable: true
## @param postgres.app PostgreSQL App
##
app: postgres
Expand Down Expand Up @@ -105,9 +111,9 @@ irisapp:
service:
port: 8000

## @param irisapp.type Iris Frontend Service type
##
type: NodePort
## @param irisapp.service.type Iris Frontend Service type
##
type: NodePort

## @param Iris Frontend Environments
##
Expand All @@ -125,6 +131,19 @@ irisapp:
DB_RETRY_COUNT: 5
DB_RETRY_DELAY: 5
INTERFACE_HTTPS_PORT: 443

## @param irisapp.envFromSecret Environment variables from a secret
##
envFromSecret:
name: postgres-secret
keys:
- POSTGRES_USER
- POSTGRES_PASSWORD
- POSTGRES_ADMIN_USER
- POSTGRES_ADMIN_PASSWORD
- POSTGRES_PORT
- POSTGRES_SERVER

## @param irisapp.securityContext securityContext for irisapp
##
securityContext: {}
Expand Down Expand Up @@ -179,6 +198,19 @@ irisworker:
POSTGRES_SERVER: postgres.<name_space>.svc.cluster.local
IRIS_SECRET_KEY: AVerySuperSecretKey-SoNotThisOne
IRIS_SECURITY_PASSWORD_SALT: ARandomSalt-NotThisOneEither

## @param irisapp.envFromSecret Environment variables from a secret
##
envFromSecret:
name: postgres-secret
keys:
- POSTGRES_USER
- POSTGRES_PASSWORD
- POSTGRES_ADMIN_USER
- POSTGRES_ADMIN_PASSWORD
- POSTGRES_PORT
- POSTGRES_SERVER

## @param irisworker.securityContext securityContext for irisworker
##
securityContext: {}
Expand All @@ -192,11 +224,13 @@ ingress:
enabled: true
name: iris-ingress
className: nginx
annotations:
enableTls: false
sslRedirect: false
customAnnotations:
# Add any annotations specific to your Ingress controller
kubernetes.io/ingress.class: nginx
# kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /$1
nginx.ingress.kubernetes.io/ssl-redirect: "true"
# nginx.ingress.kubernetes.io/ssl-redirect: "true"
hosts:
- host: <host_name>
paths:
Expand All @@ -205,6 +239,6 @@ ingress:
serviceName: iriswebapp-app
servicePort: 8000
tls:
- secretName: iris-ingress-tls-secret
- secretName: <secret_name>
hosts:
- <host_name>
- <host_name>