Merge pull request #1 from kloeckner-i/METAL-3701/migrate_db-operator…

…_charts migrate db operator charts
kloeckner-i · Sep 13, 2022 · 6acd02a · 6acd02a
2 parents fac95cc + c7361ae
commit 6acd02a
Show file tree

Hide file tree

Showing 33 changed files with 2,292 additions and 2 deletions.
diff --git a/.github/workflows/chart-release.yaml b/.github/workflows/chart-release.yaml
@@ -0,0 +1,33 @@
+name: Release Charts
+
+on:
+  workflow_run:
+    workflows: ["Test"]
+    branches: [main]
+    types:
+      - completed
+
+jobs:
+  chart-release:
+    # if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Configure Git
+        run: |
+          git config user.name "$GITHUB_ACTOR"
+          git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
+
+      - name: Install Helm
+        uses: azure/setup-helm@v1
+        with:
+          version: v3.9.4
+
+      - name: Run chart-releaser
+        uses: helm/chart-releaser-action@v1.2.1
+        env:
+          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
diff --git a/README.md b/README.md
@@ -1,2 +1,8 @@
-# charts
-Kloeckner.i's Helm charts repository
+## Prerequisites
+* Kubernetes v1.21+
+* Helm v3.0.2+
+
+## Releasing new chart version
+
+The new chart version release is executed automatically with Github actions.
+For triggering it, change the version of Chart.yaml in the chart directory and merge to `main` branch.
diff --git a/db-instances/.gitignore b/db-instances/.gitignore
@@ -0,0 +1 @@
+*-local.yaml
diff --git a/db-instances/Chart.yaml b/db-instances/Chart.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+appVersion: "1.0"
+description: Database Instances for db operator
+name: db-instances
+version: 1.3.0
diff --git a/db-instances/README.md b/db-instances/README.md
@@ -0,0 +1,24 @@
+# db-instances
+Create DB Instance resources for is DB Operator
+
+## Configuring helm client
+```
+$ helm repo add kloeckneri https://kloeckner-i.github.io/charts
+```
+Test the helm chart repository
+```
+$ helm search repo kloeckneri/db-instances
+```
+
+## Installing Chart
+To install the chart with the release name my-release:
+```
+$ helm install --name my-release kloeckneri/db-instances
+```
+The command deploys DB Operator on Kubernetes with default configuration.
+
+## Uninstalling Chart
+To uninstall the `my-release` deployment:
+```
+$ helm delete my-release
+```
diff --git a/db-instances/templates/_helpers.tpl b/db-instances/templates/_helpers.tpl
@@ -0,0 +1,25 @@
+{{/* vim: set filetype=mustache: */}}
+
+{{- define "db-instances.smName" -}}
+{{- default .Release.Name .Values.serviceMonitorName | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{- define "db-instances.operatorNs" -}}
+{{- default .Release.Namespace .Values.operatorNamespace -}}
+{{- end -}}
+
+{{/*
+Common labels
+*/}}
+{{- define "db-instances.labels" -}}
+{{- include "db-instances.selectorLabels" . -}}
+{{- end -}}
+
+{{/*
+Selector labels
+*/}}
+{{- define "db-instances.selectorLabels" -}}
+chart: {{ .Chart.Name }}
+release: {{ $.Release.Name | quote}}
+heritage: {{ $.Release.Service | quote}}
+{{- end -}}
diff --git a/db-instances/templates/dbinstance.yaml b/db-instances/templates/dbinstance.yaml
@@ -0,0 +1,102 @@
+{{- $selectorLabels := include "db-instances.selectorLabels" . }}
+{{- $operatorNs := include "db-instances.operatorNs" . -}}
+{{- if .Values.dbinstances }}
+{{- range $name, $value := .Values.dbinstances }}
+---
+apiVersion: "kci.rocks/v1alpha1"
+kind: "DbInstance"
+metadata:
+  name: {{ $name }}
+  annotations:
+    {{- if $value.google }}
+    checksum/config: {{ $value.google.configMap.data | sha256sum }}
+    {{- end }}
+  labels:
+    {{- include "db-instances.labels" $ | nindent 4 }}
+spec:
+  engine: {{ $value.engine }}
+  {{- if $value.existingAdminSecret }}
+  adminSecretRef:
+    Namespace: {{ $value.existingAdminSecret.namespace }}
+    Name: {{ $value.existingAdminSecret.name }}
+  {{- else }}
+  adminSecretRef:
+    Namespace: {{ $operatorNs }}
+    Name: {{ $name }}-admin-secret
+  {{- end }}
+  {{- if $value.backup }}
+  backup:
+    {{ toYaml $value.backup | nindent 4 }}
+  {{- end }}
+  monitoring:
+    enabled: {{ $value.monitoring.enabled }}
+  {{- if $value.sslConnection }}
+  sslConnection:
+    enabled: {{ $value.sslConnection.enabled }}
+    skip-verify: {{ $value.sslConnection.skipVerify }}
+  {{- end }}
+  {{- if $value.google }}
+  google:
+    instance: {{ $value.google.instanceName }}
+    configmapRef:
+      Namespace: {{ $operatorNs }}
+      Name: {{ $name }}-config
+  {{- if $value.google.clientSecret }}
+    clientSecretRef:
+      Namespace: {{ $operatorNs }}
+      Name: {{ $name }}-client-secret
+  {{- end }}
+  {{- end }}
+  {{- if $value.generic }}
+  generic:
+    host: {{ $value.generic.host }}
+    port: {{ $value.generic.port }}
+  {{- if $value.generic.publicIp }}
+    publicIp: {{ $value.generic.publicIp }}
+  {{- end }}
+  {{- if $value.generic.backupHost }}
+    backupHost: {{ $value.generic.backupHost }}
+  {{- end }}
+  {{- end }}
+{{- if not $value.existingAdminSecret }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ $name }}-admin-secret
+  namespace: {{ $operatorNs }}
+  labels:
+    {{ include "db-instances.labels" $ | nindent 4 }}
+type: Opaque
+data:
+  user: {{ $value.secrets.adminUser | b64enc }}
+  password: {{ $value.secrets.adminPassword | b64enc }}
+{{- end }}
+---
+{{- if $value.google }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ $name }}-config
+  namespace: {{ $operatorNs }}
+  labels:
+    {{- include "db-instances.labels" $ | nindent 4 }}
+data:
+  config: |
+    {{ $value.google.configMap.data | nindent 4 }}
+{{- if $value.google.clientSecret }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ $name }}-client-secret
+  namespace: {{ $operatorNs }}
+  labels:
+    {{- include "db-instances.labels" $ | nindent 4 }}
+data:
+  credentials.json: |-
+    {{ $value.google.clientSecret | b64enc | nindent 4 }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/db-instances/templates/postgres_exporter.yaml b/db-instances/templates/postgres_exporter.yaml
@@ -0,0 +1,95 @@
+{{- $root := . }}
+{{- $nodeSelector := .Values.nodeSelector }}
+{{- $configSha := include (print $.Template.BasePath "/postgres_exporter_query.yaml") . | sha256sum }}
+{{- $exporter := .Values.exporter.postgres }}
+{{- if .Values.dbinstances }}
+{{- range $name, $value := .Values.dbinstances }}
+{{- if eq $value.engine "postgres" }}
+{{- if $value.monitoring.enabled }}
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: dbinstance-{{ $name }}-pgexporter
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      {{- include "db-instances.selectorLabels" $ | nindent 6 }}
+      db-instance: {{ $name }}
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      annotations:
+        prometheus.io/port: "60000"
+        prometheus.io/scrape: "true"
+        checksum/config: {{ $configSha }}
+      labels:
+        {{- include "db-instances.labels" $ | nindent 8 }}
+        db-instance: {{ $name }}
+    spec:
+      containers:
+      - env:
+        - name: DATA_SOURCE_URI
+          value: {{ $value.monitoring.uri | default (printf "dbinstance-%s-svc:5432/postgres?sslmode=disable" $name) }}
+        - name: DATA_SOURCE_PASS_FILE
+          value: /run/secrets/db-secrets/{{ $value.monitoring.passwordKey | default "password" }}
+        - name: DATA_SOURCE_USER_FILE
+          value: /run/secrets/db-secrets/{{ $value.monitoring.usernameKey | default "user" }}
+        - name: PG_EXPORTER_WEB_LISTEN_ADDRESS
+          value: :60000
+        - name: PG_EXPORTER_EXTEND_QUERY_PATH
+          value: /run/cm/queries/queries.yaml
+        - name: PG_EXPORTER_CONSTANT_LABELS
+          value: dbinstance={{ $name }}
+        image: {{ $exporter.image }}
+        imagePullPolicy: Always
+        name: exporter
+        ports:
+        - name: metrics
+          containerPort: 60000
+        volumeMounts:
+        - mountPath: /run/secrets/db-secrets
+          name: db-secrets
+        - mountPath: /run/cm/queries/queries.yaml
+          name: queries
+          subPath: queries.yaml
+      nodeSelector:
+        {{ toYaml $nodeSelector | nindent 8 }}
+      volumes:
+      - name: db-secrets
+        secret:
+          defaultMode: 420
+  {{- if $value.adminUserSecret }}
+          secretName: {{ $value.adminUserSecret }}
+  {{- else }}
+          secretName: {{ $name }}-admin-secret
+  {{- end }}
+      - configMap:
+          defaultMode: 420
+          name: dbinstance-pgexporter-query
+        name: queries
+{{- if $root.Values.serviceMonitor.enabled }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: dbinstance-{{ $name }}-pgexporter
+  labels:
+    {{- include "db-instances.labels" $ | nindent 4 }}
+spec:
+  type: ClusterIP
+  ports:
+    - port: 8080
+      targetPort: metrics
+      protocol: TCP
+      name: metrics
+  selector:
+    {{- include "db-instances.selectorLabels" $ | nindent 4 }}
+    db-instance: {{ $name }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/db-instances/templates/postgres_exporter_query.yaml b/db-instances/templates/postgres_exporter_query.yaml
@@ -0,0 +1,10 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  labels:
+    {{- include "db-instances.labels" . | nindent 4 }}
+  name: dbinstance-pgexporter-query
+data:
+  queries.yaml: |
+    {{ .Values.exporter.postgres.query | nindent 4 }}
diff --git a/db-instances/templates/servicemonitor.yaml b/db-instances/templates/servicemonitor.yaml
@@ -0,0 +1,41 @@
+{{- if and ( .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" ) .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "db-instances.smName" . }}
+  labels:
+    {{- include "db-instances.labels" . | nindent 4 }}
+    {{- with .Values.serviceMonitor.selector }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  {{- if .Values.serviceMonitor.jobLabel }}
+  jobLabel: {{ .Values.serviceMonitor.jobLabel }}
+  {{- end }}
+  endpoints:
+    - port: metrics
+      {{- with .Values.serviceMonitor.interval }}
+      interval: {{ . }}
+      {{- end }}
+      {{- with .Values.serviceMonitor.scrapeTimeout }}
+      scrapeTimeout: {{ . }}
+      {{- end }}
+      {{- with .Values.serviceMonitor.metricRelabelings }}
+      metricRelabelings:
+      {{- if kindIs "string" . }}
+        {{- tpl . $ | nindent 8 }}
+      {{- else }}
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- end }}
+      {{- with .Values.serviceMonitor.relabelings }}
+      relabelings:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+  namespaceSelector:
+    matchNames:
+      - {{ .Release.Namespace }}
+  selector:
+    matchLabels:
+{{- include "db-instances.selectorLabels" . | nindent 6 }}
+{{- end }}