Skip to content

Commit

Permalink
Set fixed version in all the components, move the sciencemesh/iop ing…
Browse files Browse the repository at this point in the history 
…ress resources to the revad chart & add support for 'networking.k8s.io/v1' (cs3org#22)

* wopiserver: generate ingress' resources apiVersion to support v1
  - This is based on the '.Capabilities.KubeVersion.GitVersion'
* revad: move ingress resources templates from sciencemesh/iop here
  - Closes cs3org#13
  - Add 'maintainers' to revad and fix wopiserver's
* revad,wopiserver: rely on '.Capabilities.APIVersions' instead
  - Fix: use the right scope for the 'apiVersion' in revad ingress
  - Fix: replace when using v1 service{Name,Port} with the new ingress.spec.rules.http.paths.backend.service spec
* wopi{server,bridge}: explicit tagged versions, replace latest
  - Fix WOPI Server, Bridge version in Chart.yaml
  - Rename 'revahost' to 'revagateway' in WOPI Server config
  - Set 'CODIMD_{INT,EXT}_URL' explicit placeholders to prevent WB CrashLoopBackOff
* wopibridge: add 'codimd_apikey' to secrets
* revad: set tagged revad version explicitly on the Chart
* Quote 'artifacthub.io/changes' entries to prevent parsing errors
  • Loading branch information
@SamuAlfageme
SamuAlfageme authored May 3, 2021
1 parent 8d99f5b commit 6f47503
Show file tree
Hide file tree
Showing 13 changed files with 154 additions and 31 deletions.
13 changes: 8 additions & 5 deletions revad/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,9 @@ apiVersion: v2
name: revad
description: The Reva daemon (revad) helm chart
type: application
version: 1.2.3
version: 1.3.0
appVersion: v1.7.0
kubeVersion: ">= 1.14.0"
icon: https://reva.link/logo.svg
home: https://reva.link
sources:
Expand All @@ -22,9 +23,11 @@ keywords:
- sync-and-share
annotations:
artifacthub.io/changes: |
- Enable group support by default, providing some placeholder groups
- Inject an empty 'ocm-providers.json' to prevent revad from crashing at startup
- Add maintainters to the chart
- "Add the ingress resource templates from sciencemesh/iop"
- "Generate the right 'apiVersion' for ingress resources when using k8s versions >= 1.19"
- "Explicitly drop support for Kubernetes versions older than 1.14"
- "Bump revad's version to v1.7.0"
- "Add maintainters to the chart"
artifacthub.io/images: |
- name: revad
image: cs3org/revad:latest
image: cs3org/revad:v1.7.0
7 changes: 6 additions & 1 deletion revad/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ The following configurations may be set. It is recommended to use `values.yaml`
| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------- |
| `replicaCount` | How many replicas to run. | `1` |
| `image.repository` | Name of the image to run, without the tag. | [`cs3org/revad`](https://hub.docker.com/r/cs3org/revad) |
| `image.tag` | The image tag to use. | `latest` |
| `image.tag` | The image tag to use. | `v1.7.0` |
| `image.pullPolicy` | The kubernetes image pull policy. | `Always` |
| `service.type` | The kubernetes service type to use. | `ClusterIP` |
| `service.grpc.port` | Revad's GRPC Service port. To be set on the `address` under the `[grpc]` section of the config. | `19000`. Can be explicitly disabled by setting `service.grpc` to `null`. |
Expand All @@ -53,6 +53,11 @@ The following configurations may be set. It is recommended to use `values.yaml`
| `env` | Dictionary of environment variables passed to the container in `NAME:value` form. | `{}` |
| `extraEnv` | List of environment variables passed to the container in pod field (`name` and `value`/`valueFrom`) form. | `[]` |
| `envFrom` | List of sources (ConfigMap/Secret) to populate environment variables in the container. | `[]` |
| `ingress.enabled` | Whether to create an Ingress resource to access the reva daemon services. | `false`. Individual ingress resources might be disabled by setting `ingress.services.{http,grpc}` to `null`. |
| `ingress.services.{http,grpc}.hostname` | The {HTTP, gRPC} service ingress hostname. | `{http,grpc}.revad.local` |
| `ingress.services.{http,grpc}.path` | The {HTTP, gRPC} service ingress path. | `/` |
| `ingress.services.{http,grpc}.annotations` | {HTTP, gRPC} ingress resource annotations. | `{}` |
| `ingress.services.{http,grpc}.tls` | {HTTP, gRPC} ingress TLS configuration (YAML). | `[]` |
| `configFiles.revad\\.toml` | Revad [config file](https://reva.link/docs/config/). Mounted on `/etc/revad/`. | [`examples/standalone/standalone.toml`](https://github.com/cs3org/reva/blob/master/examples/standalone/standalone.toml) |
| `configFiles.users\\.json` | Revad `users.json` for the `auth_manager` and `userprovider` services. Mounted on `/etc/revad/`. | [`examples/standalone/users.demo.json`](https://github.com/cs3org/reva/blob/master/examples/standalone/users.demo.json) |
| `configFiles.groups\\.json` | Revad `groups.json` for the `groupprovider` service. Mounted on `/etc/revad/`. | [`examples/standalone/groups.demo.json`](https://github.com/cs3org/reva/blob/master/examples/standalone/groups.demo.json) |
Expand Down
12 changes: 12 additions & 0 deletions revad/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,18 @@ app.kubernetes.io/name: {{ include "revad.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}


{{/*
Return the appropriate apiVersion for ingress.
*/}}
{{- define "revad.ingressapiVersion" -}}
{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
{{- print "networking.k8s.io/v1" -}}
{{- else }}
{{- print "networking.k8s.io/v1beta1" -}}
{{- end }}
{{- end -}}

{{/*
Create the name of the service account to use
*/}}
Expand Down
37 changes: 37 additions & 0 deletions revad/templates/ingress.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
{{- if .Values.ingress.enabled }}
{{- range $service, $ingress := .Values.ingress.services }}
apiVersion: {{ template "revad.ingressapiVersion" $ }}
kind: Ingress
metadata:
name: {{ template "revad.fullname" $ }}-{{ $service }}
labels: {{- include "revad.labels" $ | nindent 4 }}
annotations:
{{- if $ingress.annotations }}
{{ toYaml $ingress.annotations | indent 4 }}
{{- end }}
spec:
rules:
{{- if $ingress.hostname }}
- host: {{ $ingress.hostname }}
http:
paths:
- path: {{ $ingress.path }}
backend:
{{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
service:
name: {{ template "revad.fullname" $ }}
port:
name: {{ $service }}
pathType: ImplementationSpecific
{{- else }}
serviceName: {{ template "revad.fullname" $ }}
servicePort: {{ $service }}
{{- end }}
{{- end }}
{{- if $ingress.tls }}
tls:
{{ toYaml $ingress.tls | indent 4 }}
{{- end }}
---
{{- end }}
{{- end }}
28 changes: 27 additions & 1 deletion revad/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ replicaCount: 1

image:
repository: cs3org/revad
tag: latest
tag: v1.7.0
pullPolicy: Always

service:
Expand Down Expand Up @@ -69,6 +69,32 @@ envFrom: []
# - secretRef:
# name: reva-secrets

ingress:
enabled: false
services:
http:
hostname: http.revad.local
path: /
annotations: {}
# kubernetes.io/ingress.class: nginx
# nginx.ingress.kubernetes.io/ssl-redirect: "true"
tls: []
# Secrets must be present in the namespace beforehand.
# - secretName: http-revad-tls
# hosts:
# - http.revad.local
grpc:
hostname: grpc.revad.local
path: /
annotations: {}
# kubernetes.io/ingress.class: nginx
# nginx.ingress.kubernetes.io/ssl-redirect: "true"
# nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
tls: []
# - secretName: grpc-revad-tls
# hosts:
# - grpc.revad.local

# https://reva.link/docs/config/
configFiles:
revad.toml: |
Expand Down
20 changes: 13 additions & 7 deletions wopiserver/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,24 +2,30 @@ apiVersion: v2
name: wopiserver
description: A Vendor-neutral Web-application Open Platform Interface (WOPI) gateway for EFSS systems
type: application
version: 0.2.2
appVersion: 6.3.1
version: 0.2.3
appVersion: 6.5.0
kubeVersion: ">= 1.14.0"
home: https://github.com/cs3org/wopiserver
sources:
- https://github.com/cs3org/wopiserver
maintainers:
- name: Samuel Alfageme Sainz
- name: SamuAlfageme
email: samuel.alfageme.sainz@cern.ch
- name: Giuseppe Lo Presti
- name: glpatcern
email: giuseppe.lopresti@cern.ch
keywords:
- wopi
- efss
annotations:
artifacthub.io/changes: |
- Include 'wbsecret'
- "Fix WOPI Server, Bridge version in Chart.yaml"
- "Rename 'revahost' to 'revagateway' in WOPI Server config"
- "Set 'CODIMD_{INT,EXT}_URL' explicit placeholders to prevent WB CrashLoopBackOff"
- "Add 'codimd_apikey' shared Secret to the WOPI Bridge deployment"
- "Generate the right 'apiVersion' for ingress resources when using k8s versions >= 1.19"
artifacthub.io/images: |
- name: wopiserver
image: cs3org/wopiserver:latest
image: cs3org/wopiserver:v6.5.0
- name: wopibridge
image: cs3org/wopibridge:latest
image: cs3org/wopibridge:v3.2.0
artifacthub.io/containsSecurityUpdates: "false"
9 changes: 5 additions & 4 deletions wopiserver/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ The following configurations may be set. It is recommended to use `values.yaml`
| ------------------------------------------------- | --------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------- |
| `replicaCount` | How many replicas to run. | `1` |
| `image.repository` | Name of the image to run, without the tag. | [`cs3org/wopiserver`](https://hub.docker.com/r/cs3org/wopiserver) |
| `image.tag` | The image tag to use. | `latest` |
| `image.tag` | The image tag to use. | `v6.5.0` |
| `image.pullPolicy` | The kubernetes image pull policy. | `Always` |
| `service.type` | The kubernetes service type to use. | `ClusterIP` |
| `service.port` | The wopiserver service HTTP port. | `8880` |
Expand All @@ -54,7 +54,7 @@ The following configurations may be set. It is recommended to use `values.yaml`
| Parameter | Description | Default |
| ------------------------------------------------- | --------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------- |
| `wopibridge.enabled` | Wheter to deploy the [WOPI Bridge](https://github.com/cs3org/wopibridge) service. | `false` |
| `wopibridge.name` | The name used to identify the resources as `{{ wopiserver.fullname }}-{{ .name }}`. | `wopibridge` |
| `wopibridge.name` | The name used to identify the resources as `{{ wopiserver.fullname }}-{{ .name }}`. | `v3.2.0` |
| `wopibridge.replicaCount` | How many replicas to run. | `1` |
| `wopibridge.image.repository` | Name of the image to run, without the tag. | [`cs3org/wopibridge`](https://hub.docker.com/r/cs3org/wopibridge) |
| `wopibridge.image.tag` | The image tag to use. | `latest` |
Expand All @@ -64,8 +64,9 @@ The following configurations may be set. It is recommended to use `values.yaml`
| `wopibridge.bridgeUrl` | Overrides the (default) Helm URL generation based on the ingress/service values. | Not set |
| `wopibridge.extraVolumeMounts` | Array of additional volume mounts. | `[]` |
| `wopibridge.extraVolumes` | Array of additional volumes. | `[]` |
| `wopibridge.env` | Additional environment variables passed to the wopibridge container. | `[]` |
| `wopibridge.wbsecret` | Wopi-Bridge Secret, stored in `/var/run/secrets/wbsecret` | `nil` - generates a random secret (`randAlphaNum 24`) |
| `wopibridge.env` | Additional environment variables passed to the wopibridge container. | `CODIMD_INT_URL: "http://codimd"` and `CODIMD_EXT_URL: https://codimd.local/` |
| `wopibridge.secrets.wbsecret` | Wopi-Bridge Secret, stored in `/var/run/secrets/wbsecret` | `nil` - generates a random secret (`randAlphaNum 24`) |
| `wopibridge.secrets.codimd_apikey` | CodiMD Shared Secret, stored in `/var/run/secrets/codimd_apikey` | `nil` - generates a random secret (`randAlphaNum 24`) |
| `wopibridge.ingress.enabled` | Whether to create an Ingress resource to access the wopibridge. | `false` |
| `wopibridge.ingress.hostname` | The ingress hostname. | `bridge.local` |
| `wopibridge.ingress.path` | The ingress path. | `/wopibridge` |
Expand Down
11 changes: 11 additions & 0 deletions wopiserver/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,17 @@ app.kubernetes.io/name: {{ include "wopiserver.name" . }}-{{ .Values.wopibridge.
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}

{{/*
Return the appropriate apiVersion for ingress.
*/}}
{{- define "wopiserver.ingress.apiVersion" -}}
{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
{{- print "networking.k8s.io/v1" -}}
{{- else }}
{{- print "networking.k8s.io/v1beta1" -}}
{{- end }}
{{- end -}}

{{/*
Returns the WOPI Server external URL
*/}}
Expand Down
2 changes: 1 addition & 1 deletion wopiserver/templates/configmap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ data:
iopsecretfile = /etc/wopi/iopsecret

[cs3]
revahost = {{ .Values.config.cs3.revahost }}
revagateway = {{ .Values.config.cs3.revahost }}
authtokenvalidity = 3600

[io]
Expand Down
10 changes: 9 additions & 1 deletion wopiserver/templates/ingress.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{- if .Values.ingress.enabled }}
apiVersion: networking.k8s.io/v1beta1
apiVersion: {{ template "wopiserver.ingress.apiVersion" . }}
kind: Ingress
metadata:
name: {{ template "wopiserver.fullname" . }}
Expand All @@ -16,8 +16,16 @@ spec:
paths:
- path: {{ .Values.ingress.path }}
backend:
{{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
service:
name: {{ template "wopiserver.fullname" . }}
port:
name: http
pathType: ImplementationSpecific
{{- else }}
serviceName: {{ template "wopiserver.fullname" . }}
servicePort: http
{{- end }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
Expand Down
Loading

0 comments on commit 6f47503

Please sign in to comment.