github.com/freiheit-com/kuberpult@v1.24.2-0.20240328135542-315d5630abe6/charts/kuberpult/templates/rollout-service.yaml (about) 1 # This file is part of kuberpult. 2 3 # Kuberpult is free software: you can redistribute it and/or modify 4 # it under the terms of the Expat(MIT) License as published by 5 # the Free Software Foundation. 6 7 # Kuberpult is distributed in the hope that it will be useful, 8 # but WITHOUT ANY WARRANTY; without even the implied warranty of 9 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 10 # MIT License for more details. 11 12 # You should have received a copy of the MIT License 13 # along with kuberpult. If not, see <https://directory.fsf.org/wiki/License:Expat>. 14 15 # Copyright 2023 freiheit.com 16 # This file is part of kuberpult. 17 {{- if .Values.rollout.tag }} 18 {{ fail "Values.rollout.tag cannot be used anymore. We only support the same appVersion for all services at this point."}} 19 {{ end -}} 20 21 {{- if .Values.rollout.enabled }} 22 {{- if not (regexMatch "^https?://[^:]+:[0-9]+$" .Values.argocd.server) -}} 23 {{ fail "argocd.server must be a valid http/https url including the port"}} 24 {{- end -}} 25 {{- if not (eq .Values.argocd.refreshEnabled nil) }} 26 {{ fail "argocd.refreshEnabled is removed in favour of argocd.refresh.enabled"}} 27 {{- end -}} 28 {{- $podAnnotations := mustMergeOverwrite (dict) (include "rollout-podAnnotations" . | fromYaml ) .Values.rollout.podAnnotations -}} 29 --- 30 apiVersion: apps/v1 31 kind: Deployment 32 metadata: 33 name: kuberpult-rollout-service 34 labels: 35 app: kuberpult-rollout-service 36 {{- if .Values.datadogTracing.enabled }} 37 tags.datadoghq.com/service: kuberpult-rollout-service 38 tags.datadoghq.com/version: {{ $.Chart.AppVersion }} 39 tags.datadoghq.com/env: {{ .Values.datadogTracing.environment }} 40 {{- end }} 41 spec: 42 replicas: 1 43 selector: 44 matchLabels: 45 app: kuberpult-rollout-service 46 template: 47 metadata: 48 labels: 49 app: kuberpult-rollout-service 50 {{- if .Values.datadogTracing.enabled }} 51 tags.datadoghq.com/env: {{ .Values.datadogTracing.environment }} 52 tags.datadoghq.com/service: kuberpult-rollout-service 53 tags.datadoghq.com/version: {{ $.Chart.AppVersion }} 54 {{- end }} 55 annotations: 56 {{ $podAnnotations | toYaml | indent 8}} 57 spec: 58 {{- with .Values.imagePullSecrets }} 59 imagePullSecrets: 60 {{- toYaml . | nindent 8 }} 61 {{- end }} 62 containers: 63 - name: service 64 image: "{{ .Values.hub }}/{{ .Values.rollout.image }}:{{ $.Chart.AppVersion }}" 65 ports: 66 - name: http 67 containerPort: 8080 68 protocol: TCP 69 - name: grpc 70 containerPort: 8443 71 protocol: TCP 72 readinessProbe: 73 httpGet: 74 path: /healthz 75 port: http 76 initialDelaySeconds: 5 77 periodSeconds: 10 78 livenessProbe: 79 httpGet: 80 path: /healthz 81 port: http 82 resources: 83 limits: 84 cpu: "{{ .Values.rollout.resources.limits.cpu }}" 85 memory: "{{ .Values.rollout.resources.limits.memory }}" 86 requests: 87 cpu: "{{ .Values.rollout.resources.requests.cpu }}" 88 memory: "{{ .Values.rollout.resources.requests.memory }}" 89 env: 90 - name: KUBERPULT_CDSERVER 91 value: kuberpult-cd-service:8443 92 - name: KUBERPULT_ARGOCD_SERVER 93 value: {{ .Values.argocd.server | quote }} 94 - name: KUBERPULT_ARGOCD_INSECURE 95 value: {{ .Values.argocd.insecure | quote }} 96 - name: KUBERPULT_ARGOCD_REFRESH_ENABLED 97 value: {{ .Values.argocd.refresh.enabled | quote }} 98 - name: KUBERPULT_ARGOCD_REFRESH_CONCURRENCY 99 value: {{ .Values.argocd.refresh.concurrency | quote }} 100 - name: KUBERPULT_MANAGE_ARGO_APPLICATIONS_ENABLED 101 value: {{ .Values.manageArgoApplications.enabled | quote }} 102 - name: KUBERPULT_MANAGE_ARGO_APPLICATIONS_FILTER 103 value: {{ .Values.manageArgoApplications.filter | quote }} 104 - name: LOG_FORMAT 105 value: {{ .Values.log.format | quote }} 106 - name: LOG_LEVEL 107 value: {{ .Values.log.level | quote }} 108 {{- if .Values.datadogTracing.enabled }} 109 - name: DD_AGENT_HOST 110 valueFrom: 111 fieldRef: 112 fieldPath: status.hostIP 113 - name: DD_ENV 114 valueFrom: 115 fieldRef: 116 fieldPath: metadata.labels['tags.datadoghq.com/env'] 117 - name: DD_SERVICE 118 valueFrom: 119 fieldRef: 120 fieldPath: metadata.labels['tags.datadoghq.com/service'] 121 - name: DD_VERSION 122 valueFrom: 123 fieldRef: 124 fieldPath: metadata.labels['tags.datadoghq.com/version'] 125 - name: KUBERPULT_ENABLE_TRACING 126 value: "{{ .Values.datadogTracing.enabled }}" 127 {{- end }} 128 {{- if .Values.datadogTracing.enabled }} 129 - name: DD_TRACE_DEBUG 130 value: "{{ .Values.datadogTracing.debugging }}" 131 {{- end }} 132 {{- if .Values.dogstatsdMetrics.enabled }} 133 - name: KUBERPULT_ENABLE_METRICS 134 value: "{{ .Values.dogstatsdMetrics.enabled }}" 135 - name: KUBERPULT_DOGSTATSD_ADDR 136 value: "{{ .Values.dogstatsdMetrics.address }}" 137 {{- end }} 138 - name: KUBERPULT_ARGOCD_TOKEN 139 valueFrom: 140 secretKeyRef: 141 name: kuberpult-rollout-service 142 key: KUBERPULT_ARGOCD_TOKEN 143 - name: KUBERPULT_REVOLUTION_DORA_ENABLED 144 value: {{ .Values.revolution.dora.enabled | quote }} 145 - name: KUBERPULT_REVOLUTION_DORA_URL 146 value: {{ .Values.revolution.dora.url | quote }} 147 - name: KUBERPULT_REVOLUTION_DORA_CONCURRENCY 148 value: {{ .Values.revolution.dora.concurrency | quote }} 149 - name: KUBERPULT_REVOLUTION_DORA_TOKEN 150 valueFrom: 151 secretKeyRef: 152 name: kuberpult-rollout-service 153 key: KUBERPULT_REVOLUTION_DORA_TOKEN 154 - name: KUBERPULT_REVOLUTION_DORA_MAX_EVENT_AGE 155 value: "2h" 156 volumeMounts: 157 # We need to mount a writeable tmp directory for argocd connections to work correctly. https://github.com/argoproj/argo-cd/issues/14115 158 - name: tmp 159 mountPath: /tmp 160 readOnly: false 161 {{- if .Values.dogstatsdMetrics.enabled }} 162 - name: dsdsocket 163 mountPath: {{ .Values.dogstatsdMetrics.hostSocketPath }} 164 readOnly: true 165 {{- end }} 166 volumes: 167 - name: tmp 168 emptyDir: {} 169 {{- if .Values.dogstatsdMetrics.enabled }} 170 - name: dsdsocket 171 hostPath: 172 path: {{ .Values.dogstatsdMetrics.hostSocketPath }} 173 {{- end }} 174 --- 175 apiVersion: v1 176 kind: Service 177 metadata: 178 name: kuberpult-rollout-service 179 spec: 180 ports: 181 - name: http 182 port: 80 183 targetPort: http 184 - name: grpc 185 port: 8443 186 targetPort: grpc 187 selector: 188 app: kuberpult-rollout-service 189 type: NodePort 190 --- 191 apiVersion: v1 192 kind: Secret 193 metadata: 194 name: kuberpult-rollout-service 195 type: Opaque 196 data: 197 KUBERPULT_ARGOCD_TOKEN: {{ .Values.argocd.token | b64enc | quote }} 198 KUBERPULT_REVOLUTION_DORA_TOKEN: {{ .Values.revolution.dora.token | b64enc | quote }} 199 {{- end }}