fixup! 🔧(helm) rework chart based on jenny helm chart

src/helm/README.md

@@ -106,10 +106,10 @@ Ralph is also distributed as a Helm chart. Check out the [Ralph Helm chart READM
 
 ### Deploy the dashboard suite: Warren
 
-Let's create secrets needed for Warren deployment with:
+Let's create the secrets needed for Warren deployment:
 ```bash
-kubectl create secret generic warren-api-secrets --from-env-file=warren/charts/api/.secret
-kubectl create secret generic warren-app-secrets --from-env-file=warren/charts/app/.secret
+kubectl apply -f manifests/warren-app-secrets.yaml
+kubectl apply -f manifests/warren-api-secrets.yaml
 ```
 
 We can now deploy Warren along with its dependencies

src/helm/manifests/warren-api-secrets.yaml

@@ -0,0 +1,17 @@
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: warren-api-db
+type: Opaque
+stringData:
+  WARREN_API_DB_PASSWORD: pass
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: warren-api-lrs
+type: Opaque
+stringData:
+  WARREN_LRS_AUTH_BASIC_PASSWORD: password
+---

src/helm/manifests/warren-app-secrets.yaml

@@ -0,0 +1,25 @@
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: warren-app-db
+type: Opaque
+stringData:
+  WARREN_APP_DB_PASSWORD: pass
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: warren-app-secret-key
+type: Opaque
+stringData:
+  WARREN_APP_SECRET_KEY: change_me_please
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: warren-signing-key
+type: Opaque
+stringData:
+  WARREN_APP_SIGNING_KEY: change_me
+---

src/helm/warren/charts/api/templates/NOTES.txt

@@ -1,21 +1,28 @@
-1. Get the application URL by running these commands:
+CHART NAME: {{ .Chart.Name }}
+CHART VERSION: {{ .Chart.Version }}
+APP VERSION: {{ .Chart.AppVersion }}
+
+** Please be patient while the chart is being deployed **
+
+1. Access your Warren api installation:
 {{- if .Values.ingress.enabled }}
-{{- range $host := .Values.ingress.hosts }}
-  {{- range .paths }}
-  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
+  Connect to one of the following hosts:
+  {{ if .Values.ingress.tls }}
+    https://{{ .Values.ingress.host }}
+  {{- else }}
+    http://{{ .Values.ingress.host }}
   {{- end }}
-{{- end }}
 {{- else if contains "NodePort" .Values.service.type }}
   export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "api.fullname" . }})
   export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
-  echo http://$NODE_IP:$NODE_PORT
+  echo "Warren API URL: http://$NODE_IP:$NODE_PORT"
 {{- else if contains "LoadBalancer" .Values.service.type }}
      NOTE: It may take a few minutes for the LoadBalancer IP to be available.
            You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "api.fullname" . }}'
   export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "api.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
   echo http://$SERVICE_IP:{{ .Values.service.port }}
 {{- else if contains "ClusterIP" .Values.service.type }}
-  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "api.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "api.name" . }},api.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
   export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
   echo "Visit http://127.0.0.1:8080 to use your application"
   kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT

src/helm/warren/charts/api/templates/_helpers.tpl

@@ -48,6 +48,8 @@ Selector labels
 {{- define "api.selectorLabels" -}}
 app.kubernetes.io/name: {{ include "api.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
+app.kubernetes.io/component: api
+app.kubernetes.io/part-of: warren
 {{- end }}
 
 {{/*
@@ -63,7 +65,7 @@ Environment variables
 - name: "WARREN_API_DB_PASSWORD"
   valueFrom:
     secretKeyRef:
-      name: warren-api-secrets
+      name: warren-api-db
       key: WARREN_API_DB_PASSWORD
 - name: "WARREN_API_DB_ENGINE"
   value: "{{ .Values.fastapi.db.engine }}"
@@ -74,20 +76,29 @@ Environment variables
 - name: "WARREN_ALLOWED_HOSTS"
   value: {{ printf "%q" .Values.fastapi.allowedHosts | replace " " "," | quote }}
 - name: "WARREN_LRS_HOSTS"
-  value: "{{ .Values.fastapi.lrs.hosts }}"
+  value: "{{ .Values.fastapi.lrs.host }}"
 - name: "WARREN_LRS_AUTH_BASIC_USERNAME"
   value: "{{ .Values.fastapi.lrs.username }}"
 - name: "WARREN_LRS_AUTH_BASIC_PASSWORD"
   valueFrom:
     secretKeyRef:
-      name: warren-api-secrets
+      name: warren-api-lrs
       key: WARREN_LRS_AUTH_BASIC_PASSWORD
+- name: "WARREN_XI_LMS_BASE_URL"
+  value: "{{ .Values.fastapi.xi.lmsBaseUrl }}"
+- name: "WARREN_XI_LMS_API_TOKEN"
+  valueFrom:
+    secretKeyRef:
+      name: warren-api-lms
+      key: WARREN_XI_LMS_API_TOKEN
+- name: "WARREN_XI_DEFAULT_LANG"
+  value: "{{ .Values.fastapi.xi.defaultLang }}"
 - name: "WARREN_APP_SIGNING_ALGORITHM"
   value: "{{ .Values.fastapi.signingAlgorithm }}"
 - name: "WARREN_APP_SIGNING_KEY"
   valueFrom:
     secretKeyRef:
-      name: warren-api-secrets
+      name: warren-signing-key
       key: WARREN_APP_SIGNING_KEY
 {{- range $key, $val := .Values.env.secret }}
 - name: {{ $val.envName }}

src/helm/warren/charts/api/templates/configmap.yaml

@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: "{{ template "api.fullname" . }}-logging-config"
+  name: "{{ include "api.fullname" . }}-logging-config"
   labels:
     {{- include "api.labels" . | nindent 4 }}
 data:

src/helm/warren/charts/api/templates/cronjobs.yaml

@@ -0,0 +1,49 @@
+{{- range .Values.fastapi.cronjobs }}
+---
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: {{ include "api.fullname" $ }}-{{ .name }}
+  namespace: {{ $.Release.Namespace | quote }}
+  labels: {{- include "api.labels" $ | nindent 4 }}
+    {{- if $.Values.commonLabels }}
+    {{ toYaml $.Values.commonLabels | nindent 4 }}
+    {{- end }}
+{{- if $.Values.commonAnnotations }}
+  annotations:
+{{- toYaml $.Values.commonAnnotations | nindent 4 }}
+{{- end }}
+spec:
+  schedule: {{ .schedule | quote }}
+  successfulJobsHistoryLimit: 2
+  concurrencyPolicy: Forbid
+  failedJobsHistoryLimit: 1
+  suspend: {{ .suspend }}
+  jobTemplate:
+    spec:
+      template:
+        metadata:   
+          labels: {{- include "api.selectorLabels" $ | nindent 12 }}
+        spec:
+          {{- include "fastapi.imagePullSecrets" $ | nindent 10 }}
+          containers:
+            - name: "{{ $.Chart.Name }}-{{ .name }}"
+              image: "{{ $.Values.image.repository }}:{{ $.Values.image.tag }}"
+              imagePullPolicy: {{ $.Values.image.pullPolicy }}
+              env:
+                - name: "WARREN_SERVER_HOST"
+                  value: {{ include "api.fullname" $ }}
+                {{- include "api.envs" $ | nindent 16 }}
+              command: {{ .command | toJson }}
+              {{- if $.Values.resources }}
+              resources: {{ toYaml $.Values.resources | nindent 16 }}
+              {{- end }}
+              volumeMounts:
+                - name: logging-config
+                  mountPath: "/etc/warren/api"
+          volumes:
+          - name: logging-config
+            configMap:
+              name: {{ include "api.fullname" $ }}-logging-config
+          restartPolicy: Never
+{{- end }}

src/helm/warren/charts/api/templates/deployment.yaml

@@ -31,13 +31,13 @@ spec:
           livenessProbe:
             httpGet:
               path: /__heartbeat__
-              port: http
+              port: {{ .Values.fastapi.port }}
             initialDelaySeconds: 15
             periodSeconds: 30
           readinessProbe:
             httpGet:
               path: /__lbheartbeat__
-              port: http
+              port: {{ .Values.fastapi.port }}
             initialDelaySeconds: 5
             periodSeconds: 5
           startupProbe:
@@ -48,7 +48,7 @@ spec:
                 - "warren migration check"
             initialDelaySeconds: 5
             periodSeconds: 5
-            timeoutSeconds: 120
+            timeoutSeconds: 30
           env:
             {{- include "api.envs" . | nindent 12 }}
           {{ with .Values.fastapi.command }}
@@ -61,7 +61,7 @@ spec:
       volumes:
         - name: logging-config
           configMap:
-            name: "warren-api-logging-config"
+            name: {{ include "api.fullname" . }}-logging-config
       {{- with .Values.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}

src/helm/warren/charts/api/templates/ingress.yaml

@@ -2,12 +2,11 @@
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: {{ template "api.fullname" . }}-ingress
+  name: {{ template "api.fullname" . }}
   labels: {{- include "api.labels" . | nindent 4 }}
     {{- if .Values.commonLabels }}
     {{ toYaml .Values.commonLabels | nindent 4 }}
     {{- end }}
-    app.kubernetes.io/component: fastapi
   annotations:
     {{- if .Values.commonAnnotations }}
     {{- toYaml .Values.commonAnnotations | nindent 4 }}
@@ -17,11 +16,11 @@ metadata:
     {{- end }}
 spec:
   ingressClassName: {{ .Values.ingress.className }}
-  {{- if $.Values.ingress.tls.enable }}
+  {{- if $.Values.ingress.tls.enabled }}
   tls:
     - hosts:
       - {{ $.Values.ingress.host }}
-    secretName: {{ $.Values.ingress.tls.certificateSecretName }}
+      secretName: {{ $.Values.ingress.tls.certificateSecretName }}
   {{- end }}
   rules:
     - host: {{ .Values.ingress.host }}
@@ -31,7 +30,7 @@ spec:
             pathType: Prefix
             backend:
               service:
-                name: {{ include "api.fullname" . }}-service
+                name: {{ include "api.fullname" . }}
                 port:
                   number: {{ .Values.service.port }}
 {{- end }}

src/helm/warren/charts/api/templates/jobs.yaml

@@ -19,12 +19,11 @@ spec:
   template:
     metadata:
       labels: {{- include "api.selectorLabels" $ | nindent 8 }}
-        app.kubernetes.io/component: fastapi
     spec:
       {{- include "fastapi.imagePullSecrets" $ | nindent 6 }}
       containers:
-        - name: fastapi-{{ .name }}
-          image: {{ $.Values.image.repository }}:{{ $.Values.image.tag }}
+        - name: "{{ $.Chart.Name }}-{{ .name }}"
+          image: "{{ $.Values.image.repository }}:{{ $.Values.image.tag }}"
           imagePullPolicy: {{ $.Values.image.pullPolicy }}
           env:
             {{- include "api.envs" $ | nindent 12 }}
@@ -38,6 +37,6 @@ spec:
       volumes:
         - name: logging-config
           configMap:
-            name: "warren-api-logging-config"
+            name: {{ include "api.fullname" $ }}-logging-config
       restartPolicy: Never
 {{- end }}

src/helm/warren/charts/api/templates/service.yaml

@@ -2,7 +2,7 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ include "api.fullname" . }}-service
+  name: {{ include "api.fullname" . }}
   labels: {{- include "api.labels" . | nindent 4 }}
 spec:
   ports:

src/helm/warren/charts/api/values.yaml

@@ -23,7 +23,7 @@ ingress:
   host: ""
   annotations: {}
   tls:
-    enable: false
+    enabled: false
     certificateSecretName: warren-api-certificate
 
 affinity:
@@ -76,6 +76,7 @@ volumeMounts:
 # API configuration
 fastapi:
   fullname: "api"
+  port: 8100
   allowedHosts: 
     - "*"
   signingAlgorithm: "HS256"
@@ -86,8 +87,11 @@ fastapi:
     host: "warren-postgresql"
     port: 5432
   lrs:
-    hosts: "http://lrs-ralph:8080"
+    host: "http://lrs-ralph:8080"
     username: "admin"
+  xi:
+    lmsBaseUrl: "http://my-moodle-instance"
+    defaultLang: "fr"
   command:
     - "uvicorn"
     - "warren.api:app"
@@ -101,6 +105,18 @@ fastapi:
   jobs:
     - name: dbmigrate
       command: ["warren", "migration", "upgrade", "head"]
+  cronjobs: []
+  # Cronjobs should define a name, a schedule, the schedule suspension 
+  # and a command to execute, e.g.
+    # - name: "index-moodle"
+    #   schedule: "0 1 * * *"
+    #   suspend: false
+    #   command:
+    #     - "warren"
+    #     - "xi"
+    #     - "index"
+    #     - "all"
+    #     - "--ignore-errors"
   resources: {}
 
 loggingConfig:

src/helm/warren/charts/app/templates/NOTES.txt

@@ -1,14 +1,21 @@
-1. Get the application URL by running these commands:
+CHART NAME: {{ .Chart.Name }}
+CHART VERSION: {{ .Chart.Version }}
+APP VERSION: {{ .Chart.AppVersion }}
+
+** Please be patient while the chart is being deployed **
+
+1. Access your Warren app installation:
 {{- if .Values.ingress.enabled }}
-{{- range $host := .Values.ingress.hosts }}
-  {{- range .paths }}
-  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
+  Connect to one of the following hosts:
+  {{ if .Values.ingress.tls }}
+    https://{{ .Values.ingress.host }}
+  {{- else }}
+    http://{{ .Values.ingress.host }}
   {{- end }}
-{{- end }}
 {{- else if contains "NodePort" .Values.service.type }}
   export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "app.fullname" . }})
   export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
-  echo http://$NODE_IP:$NODE_PORT
+  echo "Warren APP URL: http://$NODE_IP:$NODE_PORT"
 {{- else if contains "LoadBalancer" .Values.service.type }}
      NOTE: It may take a few minutes for the LoadBalancer IP to be available.
            You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "app.fullname" . }}'