From 8962c045c5ff1f8b6490d7452fd658f3d67915f1 Mon Sep 17 00:00:00 2001 From: yyashkin Date: Wed, 3 Jul 2019 22:44:43 +0300 Subject: [PATCH 1/3] homework 23 --- kubernetes/Charts/.gitlab-ci.yml | 122 +++++++++ kubernetes/Charts/comment/Chart.yaml | 7 + .../Charts/comment/templates/_helpers.tpl | 3 + .../Charts/comment/templates/deployment.yaml | 34 +++ .../Charts/comment/templates/service.yaml | 19 ++ kubernetes/Charts/comment/values.yaml | 10 + .../Charts/gitlab-omnibus/.gitlab-ci.yml | 19 ++ kubernetes/Charts/gitlab-omnibus/.helmignore | 21 ++ kubernetes/Charts/gitlab-omnibus/CHANGELOG.md | 11 + kubernetes/Charts/gitlab-omnibus/Chart.yaml | 26 ++ kubernetes/Charts/gitlab-omnibus/README.md | 24 ++ .../charts/gitlab-runner/.gitlab-ci.yml | 19 ++ .../charts/gitlab-runner/.helmignore | 21 ++ .../charts/gitlab-runner/Chart.yaml | 16 ++ .../charts/gitlab-runner/README.md | 3 + .../charts/gitlab-runner/templates/NOTES.txt | 27 ++ .../gitlab-runner/templates/_cache_s3.tpl | 26 ++ .../gitlab-runner/templates/_helpers.tpl | 23 ++ .../gitlab-runner/templates/configmap.yaml | 30 +++ .../gitlab-runner/templates/deployment.yaml | 122 +++++++++ .../gitlab-runner/templates/role-binding.yaml | 19 ++ .../charts/gitlab-runner/templates/role.yaml | 15 ++ .../gitlab-runner/templates/secrets.yaml | 13 + .../templates/service-account.yaml | 11 + .../charts/gitlab-runner/values.yaml | 144 ++++++++++ .../Charts/gitlab-omnibus/requirements.lock | 6 + .../Charts/gitlab-omnibus/requirements.yaml | 4 + .../Charts/gitlab-omnibus/templates/NOTES.txt | 28 ++ .../gitlab-omnibus/templates/_helpers.tpl | 45 ++++ .../templates/fast-storage/storage.yaml | 20 ++ .../templates/gitlab-config.yaml | 36 +++ .../gitlab/gitlab-config-storage.yaml | 23 ++ .../templates/gitlab/gitlab-deployment.yaml | 246 ++++++++++++++++++ .../templates/gitlab/gitlab-storage.yaml | 48 ++++ .../templates/gitlab/gitlab-svc.yaml | 31 +++ .../gitlab/postgresql-configmap.yaml | 12 + .../gitlab/postgresql-deployment.yaml | 78 ++++++ .../templates/gitlab/postgresql-storage.yaml | 25 ++ .../templates/gitlab/postgresql-svc.yaml | 16 ++ .../templates/gitlab/redis-deployment.yaml | 46 ++++ .../templates/gitlab/redis-storage.yaml | 25 ++ .../templates/gitlab/redis-svc.yaml | 16 ++ .../templates/ingress/gitlab-ingress.yaml | 50 ++++ .../ingress/gitlab-pages-ingress.yaml | 29 +++ .../load-balancer/lego/00-namespace.yaml | 4 + .../load-balancer/lego/configmap.yaml | 10 + .../load-balancer/lego/deployment.yaml | 43 +++ .../load-balancer/nginx/00-namespace.yaml | 4 + .../load-balancer/nginx/configmap.yaml | 13 + .../load-balancer/nginx/daemonset.yaml | 45 ++++ .../nginx/default-deployment.yaml | 34 +++ .../load-balancer/nginx/default-service.yaml | 12 + .../load-balancer/nginx/service.yaml | 22 ++ .../load-balancer/nginx/tcp-configmap.yaml | 7 + kubernetes/Charts/gitlab-omnibus/values.yaml | 97 +++++++ kubernetes/Charts/post/Chart.yaml | 7 + kubernetes/Charts/post/templates/_helpers.tpl | 3 + .../Charts/post/templates/deployment.yaml | 34 +++ kubernetes/Charts/post/templates/service.yaml | 18 ++ kubernetes/Charts/post/values.yaml | 10 + kubernetes/Charts/reddit/Chart.yaml | 6 + .../Charts/reddit/charts/comment-1.0.0.tgz | Bin 0 -> 854 bytes .../Charts/reddit/charts/mongodb-0.4.18.tgz | Bin 0 -> 3702 bytes .../Charts/reddit/charts/post-1.0.0.tgz | Bin 0 -> 848 bytes kubernetes/Charts/reddit/charts/ui-1.0.0.tgz | Bin 0 -> 1073 bytes kubernetes/Charts/reddit/requirements.lock | 15 ++ kubernetes/Charts/reddit/requirements.yaml | 13 + kubernetes/Charts/reddit/values.yaml | 20 ++ kubernetes/Charts/ui/Chart.yaml | 7 + kubernetes/Charts/ui/templates/_helpers.tpl | 3 + kubernetes/Charts/ui/templates/deployment.yml | 44 ++++ kubernetes/Charts/ui/templates/ingress.yml | 15 ++ kubernetes/Charts/ui/templates/service.yml | 19 ++ kubernetes/Charts/ui/values.yaml | 16 ++ kubernetes/reddit/tiller.yml | 19 ++ kubernetes/reddit/values.yaml | 0 76 files changed, 2109 insertions(+) create mode 100644 kubernetes/Charts/.gitlab-ci.yml create mode 100644 kubernetes/Charts/comment/Chart.yaml create mode 100644 kubernetes/Charts/comment/templates/_helpers.tpl create mode 100644 kubernetes/Charts/comment/templates/deployment.yaml create mode 100644 kubernetes/Charts/comment/templates/service.yaml create mode 100644 kubernetes/Charts/comment/values.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/.gitlab-ci.yml create mode 100644 kubernetes/Charts/gitlab-omnibus/.helmignore create mode 100644 kubernetes/Charts/gitlab-omnibus/CHANGELOG.md create mode 100644 kubernetes/Charts/gitlab-omnibus/Chart.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/README.md create mode 100644 kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/.gitlab-ci.yml create mode 100644 kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/.helmignore create mode 100644 kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/Chart.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/README.md create mode 100644 kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/NOTES.txt create mode 100644 kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/_cache_s3.tpl create mode 100644 kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/_helpers.tpl create mode 100644 kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/configmap.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/deployment.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/role-binding.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/role.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/secrets.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/service-account.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/values.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/requirements.lock create mode 100644 kubernetes/Charts/gitlab-omnibus/requirements.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/NOTES.txt create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/_helpers.tpl create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/fast-storage/storage.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/gitlab-config.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/gitlab/gitlab-config-storage.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/gitlab/gitlab-deployment.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/gitlab/gitlab-storage.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/gitlab/gitlab-svc.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/gitlab/postgresql-configmap.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/gitlab/postgresql-deployment.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/gitlab/postgresql-storage.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/gitlab/postgresql-svc.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/gitlab/redis-deployment.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/gitlab/redis-storage.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/gitlab/redis-svc.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/ingress/gitlab-ingress.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/ingress/gitlab-pages-ingress.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/load-balancer/lego/00-namespace.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/load-balancer/lego/configmap.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/load-balancer/lego/deployment.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/00-namespace.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/configmap.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/daemonset.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/default-deployment.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/default-service.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/service.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/tcp-configmap.yaml create mode 100644 kubernetes/Charts/gitlab-omnibus/values.yaml create mode 100644 kubernetes/Charts/post/Chart.yaml create mode 100644 kubernetes/Charts/post/templates/_helpers.tpl create mode 100644 kubernetes/Charts/post/templates/deployment.yaml create mode 100644 kubernetes/Charts/post/templates/service.yaml create mode 100644 kubernetes/Charts/post/values.yaml create mode 100644 kubernetes/Charts/reddit/Chart.yaml create mode 100644 kubernetes/Charts/reddit/charts/comment-1.0.0.tgz create mode 100644 kubernetes/Charts/reddit/charts/mongodb-0.4.18.tgz create mode 100644 kubernetes/Charts/reddit/charts/post-1.0.0.tgz create mode 100644 kubernetes/Charts/reddit/charts/ui-1.0.0.tgz create mode 100644 kubernetes/Charts/reddit/requirements.lock create mode 100644 kubernetes/Charts/reddit/requirements.yaml create mode 100644 kubernetes/Charts/reddit/values.yaml create mode 100644 kubernetes/Charts/ui/Chart.yaml create mode 100644 kubernetes/Charts/ui/templates/_helpers.tpl create mode 100644 kubernetes/Charts/ui/templates/deployment.yml create mode 100644 kubernetes/Charts/ui/templates/ingress.yml create mode 100644 kubernetes/Charts/ui/templates/service.yml create mode 100644 kubernetes/Charts/ui/values.yaml create mode 100644 kubernetes/reddit/tiller.yml create mode 100644 kubernetes/reddit/values.yaml diff --git a/kubernetes/Charts/.gitlab-ci.yml b/kubernetes/Charts/.gitlab-ci.yml new file mode 100644 index 0000000..884cc73 --- /dev/null +++ b/kubernetes/Charts/.gitlab-ci.yml @@ -0,0 +1,122 @@ +image: alpine:latest + +stages: + - test + - staging + - production + +test: + stage: test + script: + - exit 0 + only: + - triggers + - branches + +staging: + stage: staging + script: + - install_dependencies + - ensure_namespace + - install_tiller + - deploy + variables: + KUBE_NAMESPACE: staging + environment: + name: staging + url: http://staging + only: + refs: + - master + kubernetes: active + +production: + stage: production + script: + - install_dependencies + - ensure_namespace + - install_tiller + - deploy + variables: + KUBE_NAMESPACE: production + environment: + name: production + url: http://production + when: manual + only: + refs: + - master + kubernetes: active + +.auto_devops: &auto_devops | + # Auto DevOps variables and functions + [[ "$TRACE" ]] && set -x + export CI_REGISTRY="index.docker.io" + export CI_APPLICATION_REPOSITORY=$CI_REGISTRY/$CI_PROJECT_PATH + export CI_APPLICATION_TAG=$CI_COMMIT_REF_SLUG + export CI_CONTAINER_NAME=ci_job_build_${CI_JOB_ID} + export TILLER_NAMESPACE="kube-system" + + function deploy() { + echo $KUBE_NAMESPACE + track="${1-stable}" + name="$CI_ENVIRONMENT_SLUG" + helm dep build reddit + + # for microservice in $(helm dep ls | grep "file://" | awk '{print $1}') ; do + # SET_VERSION="$SET_VERSION \ --set $microservice.image.tag='$(curl http://gitlab-gitlab/$CI_PROJECT_NAMESPACE/ui/raw/master/VERSION)' " + + helm upgrade --install \ + --wait \ + --set ui.ingress.host="$host" \ + --set ui.image.tag="$(curl http://gitlab-gitlab/$CI_PROJECT_NAMESPACE/ui/raw/master/VERSION)" \ + --set post.image.tag="$(curl http://gitlab-gitlab/$CI_PROJECT_NAMESPACE/post/raw/master/VERSION)" \ + --set comment.image.tag="$(curl http://gitlab-gitlab/$CI_PROJECT_NAMESPACE/comment/raw/master/VERSION)" \ + --namespace="$KUBE_NAMESPACE" \ + --version="$CI_PIPELINE_ID-$CI_JOB_ID" \ + "$name" \ + reddit + } + + function install_dependencies() { + + apk add -U openssl curl tar gzip bash ca-certificates git + wget -q -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub + wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.23-r3/glibc-2.23-r3.apk + apk add glibc-2.23-r3.apk + rm glibc-2.23-r3.apk + + curl https://get.helm.sh/helm-v2.14.1-linux-amd64.tar.gz | tar zx + + mv linux-amd64/helm /usr/bin/ + helm version --client + + curl -L -o /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl + chmod +x /usr/bin/kubectl + kubectl version --client + } + + function ensure_namespace() { + kubectl describe namespace "$KUBE_NAMESPACE" || kubectl create namespace "$KUBE_NAMESPACE" + } + + function install_tiller() { + echo "Checking Tiller..." + helm init --upgrade + kubectl rollout status -n "$TILLER_NAMESPACE" -w "deployment/tiller-deploy" + if ! helm version --debug; then + echo "Failed to init Tiller." + return 1 + fi + echo "" + } + + function delete() { + track="${1-stable}" + name="$CI_ENVIRONMENT_SLUG" + helm delete "$name" || true + } + +before_script: + - *auto_devops + \ No newline at end of file diff --git a/kubernetes/Charts/comment/Chart.yaml b/kubernetes/Charts/comment/Chart.yaml new file mode 100644 index 0000000..b9fcfc5 --- /dev/null +++ b/kubernetes/Charts/comment/Chart.yaml @@ -0,0 +1,7 @@ +name: comment +version: 1.0.0 +description: OTUS reddit application UI +maintainers: + - name: Someone + email: my@mail.com +appVersion: 1.0 \ No newline at end of file diff --git a/kubernetes/Charts/comment/templates/_helpers.tpl b/kubernetes/Charts/comment/templates/_helpers.tpl new file mode 100644 index 0000000..9f74850 --- /dev/null +++ b/kubernetes/Charts/comment/templates/_helpers.tpl @@ -0,0 +1,3 @@ +{{- define "comment.fullname" -}} +{{- printf "%s-%s" .Release.Name .Chart.Name }} +{{- end -}} \ No newline at end of file diff --git a/kubernetes/Charts/comment/templates/deployment.yaml b/kubernetes/Charts/comment/templates/deployment.yaml new file mode 100644 index 0000000..8736051 --- /dev/null +++ b/kubernetes/Charts/comment/templates/deployment.yaml @@ -0,0 +1,34 @@ +--- +apiVersion: apps/v1beta2 +kind: Deployment +metadata: + name: {{ .Release.Name }}-{{ .Chart.Name }} + labels: + app: reddit + component: comment + release: {{ .Release.Name }} +spec: + replicas: 1 + selector: + matchLabels: + app: reddit + component: comment + release: {{ .Release.Name }} + template: + metadata: + name: comment + labels: + app: reddit + component: comment + release: {{ .Release.Name }} + spec: + containers: + - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + name: comment + ports: + - containerPort: {{ .Values.service.internalPort }} + name: comment + protocol: TCP + env: + - name: COMMENT_DATABASE_HOST + value: {{ .Values.databaseHost | default (printf "%s-mongodb" .Release.Name) }} \ No newline at end of file diff --git a/kubernetes/Charts/comment/templates/service.yaml b/kubernetes/Charts/comment/templates/service.yaml new file mode 100644 index 0000000..c6ef7b3 --- /dev/null +++ b/kubernetes/Charts/comment/templates/service.yaml @@ -0,0 +1,19 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ template "comment.fullname" . }} + labels: + app: reddit + component: comment + release: {{ .Release.Name }} +spec: + type: ClusterIP + ports: + - port: {{ .Values.service.externalPort }} + protocol: TCP + targetPort: {{ .Values.service.internalPort }} + selector: + app: reddit + component: comment + release: {{ .Release.Name }} \ No newline at end of file diff --git a/kubernetes/Charts/comment/values.yaml b/kubernetes/Charts/comment/values.yaml new file mode 100644 index 0000000..702bfd0 --- /dev/null +++ b/kubernetes/Charts/comment/values.yaml @@ -0,0 +1,10 @@ +--- +service: + internalPort: 9292 + externalPort: 9292 + +image: + repository: yashkin/comment + tag: latest + +databaseHost: \ No newline at end of file diff --git a/kubernetes/Charts/gitlab-omnibus/.gitlab-ci.yml b/kubernetes/Charts/gitlab-omnibus/.gitlab-ci.yml new file mode 100644 index 0000000..c0e9a6b --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/.gitlab-ci.yml @@ -0,0 +1,19 @@ +image: registry.gitlab.com/charts/alpine-helm + +stages: + - test + - release + +lint: + stage: test + script: + - helm lint . + except: + - master + +release-chart: + stage: release + script: + - curl --request POST --form "token=$CI_JOB_TOKEN" --form ref=master https://gitlab.com/api/v4/projects/2860651/trigger/pipeline + only: + - master diff --git a/kubernetes/Charts/gitlab-omnibus/.helmignore b/kubernetes/Charts/gitlab-omnibus/.helmignore new file mode 100644 index 0000000..f0c1319 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/Charts/gitlab-omnibus/CHANGELOG.md b/kubernetes/Charts/gitlab-omnibus/CHANGELOG.md new file mode 100644 index 0000000..c23e6a7 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/CHANGELOG.md @@ -0,0 +1,11 @@ +**0.1.35** +> Upgrade note: +* Due to the change in default access mode, existing users will have to specify `ReadWriteMany` as the access mode. For example: +``` +gitlabDataAccessMode=ReadWriteMany +gitlabRegistryAccessMode=ReadWriteMany +gitlabConfigAccessMode=ReadWriteMany +``` + +* Sets the default access mode for `gitlab-storage`, `gitlab-registry-storage`, and `gitlab-config-storage` to be `ReadWriteOnce` to be compatible with Kubernetes 1.7.0+. +* The parameter name to configure the size of the `gitlab-storage` PVC has changed from `gitlabRailsStorageSize` to `gitlabDataStorageSize`. For backwards compatability, `gitlabRailsStorageSize` will still apply provided `gitlabDataStorageSize` is undefined. \ No newline at end of file diff --git a/kubernetes/Charts/gitlab-omnibus/Chart.yaml b/kubernetes/Charts/gitlab-omnibus/Chart.yaml new file mode 100644 index 0000000..aefe028 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +deprecated: true +description: GitLab Omnibus all-in-one bundle +home: https://about.gitlab.com +icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.png +keywords: +- git +- ci +- cd +- deploy +- issue tracker +- code review +- wiki +maintainers: +- email: support@gitlab.com + name: GitLab Inc. +- name: Mark Pundsack +- name: Jason Plum +- name: DJ Mountney +- name: Joshua Lambert +name: gitlab-omnibus +sources: +- http://docs.gitlab.com/ce/install/kubernetes/ +- https://gitlab.com/charts/charts.gitlab.io +tillerVersion: '>=2.5.0' +version: 0.1.37 diff --git a/kubernetes/Charts/gitlab-omnibus/README.md b/kubernetes/Charts/gitlab-omnibus/README.md new file mode 100644 index 0000000..3870232 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/README.md @@ -0,0 +1,24 @@ +# DEPRECATION NOTICE + +This chart is **DEPRECATED**. + +### Replacement + +We have built a set of fully cloud native charts in [gitlab/gitlab](https://gitlab.com/charts/gitlab). +These new charts are designed from the ground up to be performant, flexible, scalable, and resilient. + +We _very strongly_ recommend transitioning, if you are currently using these charts. If you have +never used these charts, _do not now_. + +### Availability + +This project remains visible as an example of how to convert a full monolith application to Kubernetes capable. +[Monolith to Microservice: Pitchforks not included](https://youtu.be/rIUth_KrJdw?list=PLj6h78yzYM2PZf9eA7bhWnIh_mK1vyOfU) (video) +details the work done to break this monolithic container into component parts. + +# GitLab-Omnibus Helm Chart + +This chart is an easy way to get started with GitLab on Kubernetes. It includes everything needed to run GitLab, including: a Runner, Container Registry, automatic SSL, and an Ingress. + +For more information, please review [our documentation](http://docs.gitlab.com/ee/install/kubernetes/gitlab_omnibus.html). + diff --git a/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/.gitlab-ci.yml b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/.gitlab-ci.yml new file mode 100644 index 0000000..c0e9a6b --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/.gitlab-ci.yml @@ -0,0 +1,19 @@ +image: registry.gitlab.com/charts/alpine-helm + +stages: + - test + - release + +lint: + stage: test + script: + - helm lint . + except: + - master + +release-chart: + stage: release + script: + - curl --request POST --form "token=$CI_JOB_TOKEN" --form ref=master https://gitlab.com/api/v4/projects/2860651/trigger/pipeline + only: + - master diff --git a/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/.helmignore b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/.helmignore new file mode 100644 index 0000000..f0c1319 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/Chart.yaml b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/Chart.yaml new file mode 100644 index 0000000..6c54279 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/Chart.yaml @@ -0,0 +1,16 @@ +description: GitLab Runner +icon: https://gitlab.com/uploads/-/system/project/avatar/250833/runner_logo.png +keywords: +- git +- ci +- deploy +maintainers: +- email: support@gitlab.com + name: GitLab Inc. +- email: dj@gitlab.com + name: DJ Mountney +name: gitlab-runner +sources: +- https://hub.docker.com/r/gitlab/gitlab-runner/ +- https://docs.gitlab.com/runner/ +version: 0.1.13 diff --git a/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/README.md b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/README.md new file mode 100644 index 0000000..a05c351 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/README.md @@ -0,0 +1,3 @@ +# GitLab Runner Helm Chart + +This chart deploys a GitLab Runner instance into your Kubernetes cluster. For more information, please review [our documentation](http://docs.gitlab.com/ee/install/kubernetes/gitlab_runner_chart.html). \ No newline at end of file diff --git a/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/NOTES.txt b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/NOTES.txt new file mode 100644 index 0000000..af5a074 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/NOTES.txt @@ -0,0 +1,27 @@ +{{- if include "gitlabUrl" . }} +{{- if or (default "" .Values.runnerRegistrationToken) (default "" .Values.runnerToken) }} +Your GitLab Runner should now be registered against the GitLab instance reachable at: {{ template "gitlabUrl" . }} +{{- else -}} +############################################################################## +## WARNING: You did not specify an runnerRegistrationToken in your 'helm install' call. ## +############################################################################## + +This deployment will be incomplete until you provide the Registration Token for your +GitLab instance: + + helm upgrade {{ .Release.Name }} \ + --set gitlabUrl=http://gitlab.your-domain.com,runnerRegistrationToken=your-registration-token \ + stable/gitlab-runner +{{- end -}} +{{- else -}} +############################################################################## +## WARNING: You did not specify an gitlabUrl in your 'helm install' call. ## +############################################################################## + +This deployment will be incomplete until you provide the URL that your +GitLab instance is reachable at: + + helm upgrade {{ .Release.Name }} \ + --set gitlabUrl=http://gitlab.your-domain.com,runnerRegistrationToken=your-registration-token \ + stable/gitlab-runner +{{- end -}} diff --git a/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/_cache_s3.tpl b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/_cache_s3.tpl new file mode 100644 index 0000000..4641b02 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/_cache_s3.tpl @@ -0,0 +1,26 @@ +{{- define "cache_s3" }} +- name: CACHE_TYPE + value: {{ default "" .Values.runners.cache.cacheType | quote }} +- name: S3_SERVER_ADDRESS + value: {{ default "" .Values.runners.cache.s3ServerAddress | quote }} +- name: S3_ACCESS_KEY + valueFrom: + secretKeyRef: + name: s3access + key: accessKey +- name: S3_SECRET_KEY + valueFrom: + secretKeyRef: + name: s3access + key: secretKey +- name: S3_BUCKET_NAME + value: {{ default "" .Values.runners.cache.s3BucketName | quote }} +- name: S3_BUCKET_LOCATION + value: {{ default "" .Values.runners.cache.s3BucketLocation | quote }} +- name: S3_CACHE_INSECURE + value: {{ default "" .Values.runners.cache.s3CacheInsecure | quote }} +- name: S3_CACHE_PATH + value: {{ default "" .Values.runners.cache.s3CachePath | quote }} +- name: CACHE_SHARED + value: {{ default "" .Values.runners.cache.cacheShared | quote }} +{{- end -}} diff --git a/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/_helpers.tpl b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/_helpers.tpl new file mode 100644 index 0000000..ec4c5bd --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/_helpers.tpl @@ -0,0 +1,23 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "fullname" -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Template for outputing the gitlabUrl +*/}} +{{- define "gitlabUrl" -}} +{{- .Values.gitlabUrl | quote -}} +{{- end -}} diff --git a/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/configmap.yaml b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/configmap.yaml new file mode 100644 index 0000000..059f2d6 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/configmap.yaml @@ -0,0 +1,30 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "fullname" . }} + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +data: + entrypoint: | + #!/bin/bash + + set -xe + + cp /scripts/config.toml /etc/gitlab-runner/ + + # Register the runner + /entrypoint register --non-interactive \ + --executor kubernetes \ + {{- range .Values.runners.imagePullSecrets }} + --kubernetes-image-pull-secrets {{ . | quote }} \ + {{- end }} + + # Start the runner + /entrypoint run --user=gitlab-runner \ + --working-directory=/home/gitlab-runner + config.toml: | + concurrent = {{ .Values.concurrent }} + check_interval = {{ .Values.checkInterval }} diff --git a/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/deployment.yaml b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/deployment.yaml new file mode 100644 index 0000000..53985af --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/deployment.yaml @@ -0,0 +1,122 @@ +{{- if and (include "gitlabUrl" .) (or (default "" .Values.runnerRegistrationToken) (default "" .Values.runnerToken)) }} +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ template "fullname" . }} + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +spec: + replicas: 1 + template: + metadata: + labels: + app: {{ template "fullname" . }} + annotations: + checksum/configmap: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + checksum/secrets: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }} + spec: + serviceAccountName: {{ if .Values.rbac.create }}{{ template "fullname" . }}{{ else }}"{{ .Values.rbac.serviceAccountName }}"{{ end }} + containers: + - name: {{ template "fullname" . }} + image: {{ .Values.image }} + {{- if and .Values.unregisterRunners .Values.runnerRegistrationToken }} + lifecycle: + preStop: + exec: + command: ["gitlab-runner", "unregister", "--all-runners"] + {{- end }} + imagePullPolicy: {{ default "" .Values.imagePullPolicy | quote }} + command: ["/bin/bash", "/scripts/entrypoint"] + env: + - name: CI_SERVER_URL + value: {{ template "gitlabUrl" . }} + - name: CI_SERVER_TOKEN + valueFrom: + secretKeyRef: + name: {{ template "fullname" . }} + key: runner-token + - name: REGISTRATION_TOKEN + valueFrom: + secretKeyRef: + name: {{ template "fullname" . }} + key: runner-registration-token + - name: KUBERNETES_IMAGE + value: {{ .Values.runners.image | quote }} + {{ if .Values.runners.privileged }} + - name: KUBERNETES_PRIVILEGED + value: "true" + {{ end }} + - name: KUBERNETES_NAMESPACE + value: {{ default .Release.Namespace .Values.runners.namespace | quote }} + - name: KUBERNETES_CPU_LIMIT + value: {{ default "" .Values.runners.builds.cpuLimit | quote }} + - name: KUBERNETES_MEMORY_LIMIT + value: {{ default "" .Values.runners.builds.memoryLimit | quote }} + - name: KUBERNETES_CPU_REQUEST + value: {{ default "" .Values.runners.builds.cpuRequests | quote }} + - name: KUBERNETES_MEMORY_REQUEST + value: {{ default "" .Values.runners.builds.memoryRequests| quote }} + - name: KUBERNETES_SERVICE_CPU_LIMIT + value: {{ default "" .Values.runners.services.cpuLimit | quote }} + - name: KUBERNETES_SERVICE_MEMORY_LIMIT + value: {{ default "" .Values.runners.services.memoryLimit | quote }} + - name: KUBERNETES_SERVICE_CPU_REQUEST + value: {{ default "" .Values.runners.services.cpuRequests | quote }} + - name: KUBERNETES_SERVICE_MEMORY_REQUEST + value: {{ default "" .Values.runners.services.memoryRequests | quote }} + - name: KUBERNETES_HELPERS_CPU_LIMIT + value: {{ default "" .Values.runners.helpers.cpuLimit | quote }} + - name: KUBERNETES_HELPERS_MEMORY_LIMIT + value: {{ default "" .Values.runners.helpers.memoryLimit | quote }} + - name: KUBERNETES_HELPERS_CPU_REQUEST + value: {{ default "" .Values.runners.helpers.cpuRequests | quote }} + - name: KUBERNETES_HELPERS_MEMORY_REQUEST + value: {{ default "" .Values.runners.helpers.memoryRequests | quote }} + {{- if .Values.runners.cache -}} + {{ include "cache_s3" . | indent 8 }} + {{- end }} + livenessProbe: + exec: + command: ["/usr/bin/pgrep","gitlab.*runner"] + initialDelaySeconds: 60 + timeoutSeconds: 1 + periodSeconds: 10 + successThreshold: 1 + failureThreshold: 3 + readinessProbe: + exec: + command: ["/usr/bin/pgrep","gitlab.*runner"] + initialDelaySeconds: 10 + timeoutSeconds: 1 + periodSeconds: 10 + successThreshold: 1 + failureThreshold: 3 + volumeMounts: + - name: scripts + mountPath: /scripts + {{- if .Values.certsSecretName }} + - name: custom-certs + readOnly: true + mountPath: /etc/gitlab-runner/certs/ + {{- end }} + resources: +{{ toYaml .Values.resources | indent 10 }} + volumes: + {{ if .Values.runners.privileged }} + - name: var-run-docker-sock + hostPath: + path: /var/run/docker.sock + {{ end }} + {{- if .Values.certsSecretName }} + - name: custom-certs + secret: + secretName: {{ .Values.certsSecretName }} + {{- end }} + - name: scripts + configMap: + name: {{ template "fullname" . }} +{{ else }} +{{ end }} diff --git a/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/role-binding.yaml b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/role-binding.yaml new file mode 100644 index 0000000..c1044eb --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/role-binding.yaml @@ -0,0 +1,19 @@ +{{- if .Values.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: {{ if .Values.rbac.clusterWideAccess }}"ClusterRoleBinding"{{ else }}"RoleBinding"{{ end }} +metadata: + name: {{ template "fullname" . }} + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: {{ if .Values.rbac.clusterWideAccess }}"ClusterRole"{{ else }}"Role"{{ end }} + name: {{ template "fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ template "fullname" . }} + namespace: "{{ .Release.Namespace }}" +{{- end -}} diff --git a/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/role.yaml b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/role.yaml new file mode 100644 index 0000000..ecb0ba2 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/role.yaml @@ -0,0 +1,15 @@ +{{- if .Values.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: {{ if .Values.rbac.clusterWideAccess }}"ClusterRole"{{ else }}"Role"{{ end }} +metadata: + name: {{ template "fullname" . }} + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +rules: +- apiGroups: [""] + resources: ["*"] + verbs: ["*"] +{{- end -}} diff --git a/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/secrets.yaml b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/secrets.yaml new file mode 100644 index 0000000..de1adec --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/secrets.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "fullname" . }} + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +type: Opaque +data: + runner-registration-token: {{ default "" .Values.runnerRegistrationToken | b64enc | quote }} + runner-token: {{ default "" .Values.runnerToken | b64enc | quote }} diff --git a/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/service-account.yaml b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/service-account.yaml new file mode 100644 index 0000000..1d049fd --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/templates/service-account.yaml @@ -0,0 +1,11 @@ +{{- if .Values.rbac.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "fullname" . }} + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- end -}} diff --git a/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/values.yaml b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/values.yaml new file mode 100644 index 0000000..d6fac7e --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/values.yaml @@ -0,0 +1,144 @@ +## GitLab Runner Image +## ref: https://hub.docker.com/r/gitlab/gitlab-runner/tags/ +## +image: gitlab/gitlab-runner:alpine-v10.3.0 + +## Specify a imagePullPolicy +## 'Always' if imageTag is 'latest', else set to 'IfNotPresent' +## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images +## +# imagePullPolicy: + +## The GitLab Server URL (with protocol) that want to register the runner against +## ref: https://docs.gitlab.com/runner/commands/README.html#gitlab-runner-register +## +# gitlabUrl: http://gitlab.your-domain.com/ + +## The Registration Token for adding new Runners to the GitLab Server. This must +## be retreived from your GitLab Instance. +## ref: https://docs.gitlab.com/ce/ci/runners/README.html#creating-and-registering-a-runner +## +# runnerRegistrationToken: "" + +## The Runner Token for adding new Runners to the GitLab Server. This must +## be retreived from your GitLab Instance. It is token of already registered runner. +## ref: (we don't yet have docs for that, but we want to use existing token) +## +# runnerToken: "" + +## Unregister all runners before termination +## +## Updating the runner's chart version or configuration will cause the runner container +## to be terminated and created again. This may cause your Gitlab instance to reference +## non-existant runners. Un-registering the runner before termination mitigates this issue. +## ref: https://docs.gitlab.com/runner/commands/README.html#gitlab-runner-unregister +## +unregisterRunners: true + +## Set the certsSecretName in order to pass custom certficates for GitLab Runner to use +## Provide resource name for a Kubernetes Secret Object in the same namespace, +## this is used to populate the /etc/gitlab-runner/certs directory +## ref: https://docs.gitlab.com/runner/configuration/tls-self-signed.html#supported-options-for-self-signed-certificates +## +# certsSecretName: + +## Configure the maximum number of concurrent jobs +## ref: https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-global-section +## +concurrent: 10 + +## Defines in seconds how often to check GitLab for a new builds +## ref: https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-global-section +## +checkInterval: 30 + +## For RBAC support: +rbac: + create: false + + ## Run the gitlab-bastion container with the ability to deploy/manage containers of jobs + ## cluster-wide or only within namespace + clusterWideAccess: false + + ## Use the following Kubernetes Service Account name if RBAC is disabled in this Helm chart (see rbac.create) + ## + # serviceAccountName: default + +## Configuration for the Pods that that the runner launches for each new job +## +runners: + ## Default container image to use for builds when none is specified + ## + image: ubuntu:16.04 + + ## Specify one or more imagePullSecrets + ## + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## + # imagePullSecrets: [] + + ## Run all containers with the privileged flag enabled + ## This will allow the docker:dind image to run if you need to run Docker + ## commands. Please read the docs before turning this on: + ## ref: https://docs.gitlab.com/runner/executors/kubernetes.html#using-docker-dind + ## + privileged: false + + ## Namespace to run Kubernetes jobs in (defaults to the same namespace of this release) + ## + # namespace: + + ## Distributed runners caching + ## ref: https://gitlab.com/gitlab-org/gitlab-runner/blob/master/docs/configuration/autoscale.md#distributed-runners-caching + ## + ## Create a secret 's3access' containing 'accessKey' & 'secretKey' + ## ref: https://aws.amazon.com/blogs/security/wheres-my-secret-access-key/ + ## + ## $ kubectl create secret generic s3access --\ + ## --from-literal=accessKey="YourAccessKey" \ + ## --from-literal=secretKey="YourSecretKey" + ## ref: https://kubernetes.io/docs/concepts/configuration/secret/ + ## + cache: {} + # cacheType: s3 + # s3ServerAddress: s3.amazonaws.com + # s3BucketName: + # s3BucketLocation: + # s3CacheInsecure: false + # s3CachePath: "gitlab_runner" + # cacheShared: true + + ## Build Container specific configuration + ## + builds: {} + # cpuLimit: 200m + # memoryLimit: 256Mi + # cpuRequests: 100m + # memoryRequests: 128Mi + + ## Service Container specific configuration + ## + services: {} + # cpuLimit: 200m + # memoryLimit: 256Mi + # cpuRequests: 100m + # memoryRequests: 128Mi + + ## Helper Container specific configuration + ## + helpers: {} + # cpuLimit: 200m + # memoryLimit: 256Mi + # cpuRequests: 100m + # memoryRequests: 128Mi + +## Configure resource requests and limits +## ref: http://kubernetes.io/docs/user-guide/compute-resources/ +## +resources: {} + # limits: + # memory: 256Mi + # cpu: 200m + # requests: + # memory: 128Mi + # cpu: 100m diff --git a/kubernetes/Charts/gitlab-omnibus/requirements.lock b/kubernetes/Charts/gitlab-omnibus/requirements.lock new file mode 100644 index 0000000..0125b10 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/requirements.lock @@ -0,0 +1,6 @@ +dependencies: +- name: gitlab-runner + repository: https://charts.gitlab.io/ + version: 0.1.13 +digest: sha256:0aee2695db7d33f0d894372aedde81e5675c72ac058393f3c0f29182b15b5065 +generated: 2019-07-03T15:47:21.235708572Z diff --git a/kubernetes/Charts/gitlab-omnibus/requirements.yaml b/kubernetes/Charts/gitlab-omnibus/requirements.yaml new file mode 100644 index 0000000..a13ac14 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/requirements.yaml @@ -0,0 +1,4 @@ +dependencies: +- name: gitlab-runner + version: 0.1.13 + repository: https://charts.gitlab.io/ diff --git a/kubernetes/Charts/gitlab-omnibus/templates/NOTES.txt b/kubernetes/Charts/gitlab-omnibus/templates/NOTES.txt new file mode 100644 index 0000000..410e5fc --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/NOTES.txt @@ -0,0 +1,28 @@ +{{- if and (default "" .Values.baseDomain) (default "" .Values.legoEmail) }} + It may take several minutes for GitLab to reconfigure. + You can watch the status by running `kubectl get deployment -w {{ template "fullname" . }} --namespace {{ .Release.Namespace }} + + {{- if .Values.baseIP }} + Make sure to configure DNS with something like: + *.{{ .Values.baseDomain }} 300 IN A {{ .Values.baseIP }} + {{- else }} + You did not specify a baseIP so one will be assigned for you. + It may take a few minutes for the LoadBalancer IP to be available. + Watch the status with: 'kubectl get svc -w --namespace nginx-ingress nginx', then: + + export SERVICE_IP=$(kubectl get svc --namespace nginx-ingress nginx -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + + Then make sure to configure DNS with something like: + *.{{ .Values.baseDomain }} 300 IN A $SERVICE_IP + {{- end }} +{{- else }} +#################################################################################################### +## WARNING: You did not specify an baseDomain, gitlab-runner.gitlabUrl, and legoEmail in your 'helm install' call. ## +#################################################################################################### + +This deployment will be incomplete until you provide these variables: + +$ helm upgrade {{ .Release.Name }} \ + --set baseDomain=example.com,gitlab-runner.gitlabUrl=https://gitlab.example.com,legoEmail=you@example.com \ + gitlab/kubernetes-gitlab-demo +{{- end -}} diff --git a/kubernetes/Charts/gitlab-omnibus/templates/_helpers.tpl b/kubernetes/Charts/gitlab-omnibus/templates/_helpers.tpl new file mode 100644 index 0000000..5dfb005 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/_helpers.tpl @@ -0,0 +1,45 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "fullname" -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified postgresql name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "postgresql.fullname" -}} +{{- $appName := (include "fullname" .) | trunc 54 | trimSuffix "-" -}} +{{- printf "%s-%s" $appName "postgresql" -}} +{{- end -}} + +{{/* +Create a default fully qualified redis name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "redis.fullname" -}} +{{- $appName := (include "fullname" .) | trunc 57 | trimSuffix "-" -}} +{{- printf "%s-%s" $appName "redis" -}} +{{- end -}} + +{{/* +Template for outputing the gitlabUrl +*/}} +{{- define "gitlabUrl" -}} +{{- if .Values.gitlabUrl -}} +{{- .Values.gitlabUrl | quote -}} +{{- else -}} +{{- printf "http://%s-gitlab.%s:8005/" .Release.Name .Release.Namespace | quote -}} +{{- end -}} +{{- end -}} diff --git a/kubernetes/Charts/gitlab-omnibus/templates/fast-storage/storage.yaml b/kubernetes/Charts/gitlab-omnibus/templates/fast-storage/storage.yaml new file mode 100644 index 0000000..b692811 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/fast-storage/storage.yaml @@ -0,0 +1,20 @@ +{{- if (eq .Values.provider "gke") }} +kind: StorageClass +apiVersion: {{ if .Capabilities.APIVersions.Has "storage.k8s.io/v1" }}storage.k8s.io/v1{{ else }}storage.k8s.io/v1beta1{{ end }} +metadata: + name: {{ template "fullname" . }}-fast + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + annotations: + storageclass.beta.kubernetes.io/is-default-class: "false" + labels: + kubernetes.io/cluster-service: "true" +{{- if eq .Values.provider "gke" }} +provisioner: kubernetes.io/gce-pd +parameters: + type: pd-ssd +{{- end }} +{{- end }} diff --git a/kubernetes/Charts/gitlab-omnibus/templates/gitlab-config.yaml b/kubernetes/Charts/gitlab-omnibus/templates/gitlab-config.yaml new file mode 100644 index 0000000..a7618c2 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/gitlab-config.yaml @@ -0,0 +1,36 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "fullname" . }}-config + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +data: + external_scheme: http + external_hostname: {{ template "fullname" . }} + registry_external_scheme: https + registry_external_hostname: registry.{{ .Values.baseDomain }} + mattermost_external_scheme: https + mattermost_external_hostname: mattermost.{{ .Values.baseDomain }} + mattermost_app_uid: {{ .Values.mattermostAppUID }} + postgres_user: gitlab + postgres_db: gitlab_production +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "fullname" . }}-secrets + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +data: + postgres_password: {{ .Values.postgresPassword }} + initial_shared_runners_registration_token: {{ default "" .Values.initialSharedRunnersRegistrationToken | b64enc | quote }} + mattermost_app_secret: {{ .Values.mattermostAppSecret | b64enc | quote }} +{{- if .Values.gitlabEELicense }} + gitlab_ee_license: {{ .Values.gitlabEELicense | b64enc | quote }} +{{- end }} \ No newline at end of file diff --git a/kubernetes/Charts/gitlab-omnibus/templates/gitlab/gitlab-config-storage.yaml b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/gitlab-config-storage.yaml new file mode 100644 index 0000000..1ec6c38 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/gitlab-config-storage.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ template "fullname" . }}-config-storage + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + annotations: + {{- if .Values.gitlabConfigStorageClass }} + volume.beta.kubernetes.io/storage-class: {{ .Values.gitlabConfigStorageClass | quote }} + {{- else if (eq .Values.provider "gke") }} + volume.beta.kubernetes.io/storage-class: {{ template "fullname" . }}-fast + {{- else }} + volume.alpha.kubernetes.io/storage-class: default + {{- end }} +spec: + accessModes: + - {{ default "ReadWriteOnce" .Values.gitlabConfigAccessMode | quote }} + resources: + requests: + storage: {{ default "1Gi" .Values.gitlabConfigStorageSize }} diff --git a/kubernetes/Charts/gitlab-omnibus/templates/gitlab/gitlab-deployment.yaml b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/gitlab-deployment.yaml new file mode 100644 index 0000000..606656f --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/gitlab-deployment.yaml @@ -0,0 +1,246 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ template "fullname" . }} + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +spec: + replicas: 1 + template: + metadata: + labels: + app: {{ template "fullname" . }} + name: {{ template "fullname" . }} + spec: + containers: + - name: gitlab + {{- if eq .Values.gitlab "ee" }} + image: {{ .Values.gitlabEEImage }} + {{- else }} + image: {{ .Values.gitlabCEImage }} + {{- end }} + imagePullPolicy: IfNotPresent + command: ["/bin/bash", "-c", + "sed -i \"s/environment ({'GITLAB_ROOT_PASSWORD' => initial_root_password }) if initial_root_password/environment ({'GITLAB_ROOT_PASSWORD' => initial_root_password, 'GITLAB_SHARED_RUNNERS_REGISTRATION_TOKEN' => node['gitlab']['gitlab-rails']['initial_shared_runners_registration_token'] })/g\" /opt/gitlab/embedded/cookbooks/gitlab/recipes/database_migrations.rb && echo 'gitlab-omnibus-helm-chart' > /opt/gitlab/embedded/service/gitlab-rails/INSTALLATION_TYPE && exec /assets/wrapper"] + env: + - name: GITLAB_EXTERNAL_SCHEME + valueFrom: + configMapKeyRef: + name: {{ template "fullname" . }}-config + key: external_scheme + - name: GITLAB_EXTERNAL_HOSTNAME + valueFrom: + configMapKeyRef: + name: {{ template "fullname" . }}-config + key: external_hostname + - name: GITLAB_REGISTRY_EXTERNAL_SCHEME + valueFrom: + configMapKeyRef: + name: {{ template "fullname" . }}-config + key: registry_external_scheme + - name: GITLAB_REGISTRY_EXTERNAL_HOSTNAME + valueFrom: + configMapKeyRef: + name: {{ template "fullname" . }}-config + key: registry_external_hostname + - name: GITLAB_MATTERMOST_EXTERNAL_SCHEME + valueFrom: + configMapKeyRef: + name: {{ template "fullname" . }}-config + key: mattermost_external_scheme + - name: GITLAB_MATTERMOST_EXTERNAL_HOSTNAME + valueFrom: + configMapKeyRef: + name: {{ template "fullname" . }}-config + key: mattermost_external_hostname + - name: POSTGRES_USER + valueFrom: + configMapKeyRef: + name: {{ template "fullname" . }}-config + key: postgres_user + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "fullname" . }}-secrets + key: postgres_password + - name: POSTGRES_DB + valueFrom: + configMapKeyRef: + name: {{ template "fullname" . }}-config + key: postgres_db + - name: GITLAB_INITIAL_SHARED_RUNNERS_REGISTRATION_TOKEN + valueFrom: + secretKeyRef: + name: {{ template "fullname" . }}-secrets + key: initial_shared_runners_registration_token + - name: MATTERMOST_APP_UID + valueFrom: + configMapKeyRef: + name: {{ template "fullname" . }}-config + key: mattermost_app_uid + - name: MATTERMOST_APP_SECRET + valueFrom: + secretKeyRef: + name: {{ template "fullname" . }}-secrets + key: mattermost_app_secret + {{- if .Values.gitlabEELicense }} + - name: GITLAB_EE_LICENSE + valueFrom: + secretKeyRef: + name: {{ template "fullname" . }}-secrets + key: gitlab_ee_license + {{- end }} + {{- if and .Values.pagesExternalScheme .Values.pagesExternalDomain }} + - name: PAGES_EXTERNAL_SCHEME + valueFrom: + configMapKeyRef: + name: {{ template "fullname" . }}-config + key: pages_external_scheme + - name: PAGES_EXTERNAL_DOMAIN + valueFrom: + configMapKeyRef: + name: {{ template "fullname" . }}-config + key: pages_external_domain + {{- end }} + - name: GITLAB_OMNIBUS_CONFIG + value: | + external_url "#{ENV['GITLAB_EXTERNAL_SCHEME']}://#{ENV['GITLAB_EXTERNAL_HOSTNAME']}" + registry_external_url "#{ENV['GITLAB_REGISTRY_EXTERNAL_SCHEME']}://#{ENV['GITLAB_REGISTRY_EXTERNAL_HOSTNAME']}" + mattermost_external_url "#{ENV['GITLAB_MATTERMOST_EXTERNAL_SCHEME']}://#{ENV['GITLAB_MATTERMOST_EXTERNAL_HOSTNAME']}" + + gitlab_rails['initial_shared_runners_registration_token'] = ENV['GITLAB_INITIAL_SHARED_RUNNERS_REGISTRATION_TOKEN'] + + nginx['enable'] = false + registry_nginx['enable'] = false + mattermost_nginx['enable'] = false + + gitlab_workhorse['listen_network'] = 'tcp' + gitlab_workhorse['listen_addr'] = '0.0.0.0:8005' + + mattermost['service_address'] = '0.0.0.0' + mattermost['service_port'] = '8065' + + registry['registry_http_addr'] = '0.0.0.0:8105' + + postgresql['enable'] = false + gitlab_rails['db_host'] = '{{ template "postgresql.fullname" . }}' + gitlab_rails['db_password'] = ENV['POSTGRES_PASSWORD'] + gitlab_rails['db_username'] = ENV['POSTGRES_USER'] + gitlab_rails['db_database'] = ENV['POSTGRES_DB'] + + redis['enable'] = false + gitlab_rails['redis_host'] = '{{ template "redis.fullname" . }}' + + mattermost['file_directory'] = '/gitlab-data/mattermost'; + mattermost['sql_driver_name'] = 'postgres'; + mattermost['sql_data_source'] = "user=#{ENV['POSTGRES_USER']} host={{ template "postgresql.fullname" . }} port=5432 dbname=mattermost_production password=#{ENV['POSTGRES_PASSWORD']} sslmode=disable"; + mattermost['gitlab_enable'] = true; + mattermost['gitlab_secret'] = ENV['MATTERMOST_APP_SECRET']; + mattermost['gitlab_id'] = ENV['MATTERMOST_APP_UID']; + mattermost['gitlab_scope'] = ''; + mattermost['gitlab_auth_endpoint'] = "#{ENV['GITLAB_EXTERNAL_SCHEME']}://#{ENV['GITLAB_EXTERNAL_HOSTNAME']}/oauth/authorize"; + mattermost['gitlab_token_endpoint'] = "#{ENV['GITLAB_EXTERNAL_SCHEME']}://#{ENV['GITLAB_EXTERNAL_HOSTNAME']}/oauth/token"; + mattermost['gitlab_user_api_endpoint'] = "#{ENV['GITLAB_EXTERNAL_SCHEME']}://#{ENV['GITLAB_EXTERNAL_HOSTNAME']}/api/v4/user" + + manage_accounts['enable'] = true + manage_storage_directories['manage_etc'] = false + + if ENV['PAGES_EXTERNAL_SCHEME'] && ENV['PAGES_EXTERNAL_DOMAIN'] + pages_external_url "#{ENV['PAGES_EXTERNAL_SCHEME']}://#{ENV['PAGES_EXTERNAL_DOMAIN']}/" + gitlab_pages['enable'] = true + gitlab_pages['listen_proxy'] = "0.0.0.0:8090" + end + + gitlab_shell['auth_file'] = '/gitlab-data/ssh/authorized_keys' + git_data_dirs({ "default" => { "path" => "/gitlab-data/git-data" } }) + gitlab_rails['shared_path'] = '/gitlab-data/shared' + gitlab_rails['uploads_directory'] = '/gitlab-data/uploads' + gitlab_ci['builds_directory'] = '/gitlab-data/builds' + gitlab_rails['registry_path'] = '/gitlab-registry' + gitlab_rails['trusted_proxies'] = ["10.0.0.0/8","172.16.0.0/12","192.168.0.0/16"] + + prometheus['listen_address'] = '0.0.0.0:9090' + postgres_exporter['enable'] = true + postgres_exporter['env'] = { + 'DATA_SOURCE_NAME' => "user=#{ENV['POSTGRES_USER']} host={{ template "postgresql.fullname" . }} port=5432 dbname=#{ENV['POSTGRES_DB']} password=#{ENV['POSTGRES_PASSWORD']} sslmode=disable" + } + redis_exporter['enable'] = true + redis_exporter['flags'] = { + 'redis.addr' => "{{ template "redis.fullname" . }}:6379", + } + +{{ .Values.omnibusConfigRuby | default "" | indent 12 }} + - name: GITLAB_POST_RECONFIGURE_CODE + value: | + include Gitlab::CurrentSettings + + Doorkeeper::Application.where(uid: ENV["MATTERMOST_APP_UID"]).first_or_create( + name: "GitLab Mattermost", + secret: ENV["MATTERMOST_APP_SECRET"], + redirect_uri: "#{ENV["GITLAB_MATTERMOST_EXTERNAL_SCHEME"]}://#{ENV["GITLAB_MATTERMOST_EXTERNAL_HOSTNAME"]}/signup/gitlab/complete\r\n#{ENV["GITLAB_MATTERMOST_EXTERNAL_SCHEME"]}://#{ENV["GITLAB_MATTERMOST_EXTERNAL_HOSTNAME"]}/login/gitlab/complete") + + PrometheusService.where(template: true).first_or_create( + active: true, api_url: "http://localhost:9090") + + KubernetesService.where(template: true).first_or_create( + active: true, + api_url: "https://#{ENV["KUBERNETES_SERVICE_HOST"]}:#{ENV["KUBERNETES_SERVICE_PORT"]}", + token: File.read("/var/run/secrets/kubernetes.io/serviceaccount/token"), + ca_pem: File.read("/var/run/secrets/kubernetes.io/serviceaccount/ca.crt")) + + Gitlab::CurrentSettings.current_application_settings.update_attribute(:health_check_access_token, '{{.Values.healthCheckToken}}') + + {{- if .Values.gitlabEELicense }} + License.first_or_create(data: "#{ENV["GITLAB_EE_LICENSE"]}") + {{- end }} + - name: GITLAB_POST_RECONFIGURE_SCRIPT + value: | + /opt/gitlab/bin/gitlab-rails runner -e production "$GITLAB_POST_RECONFIGURE_CODE" + ports: + - name: registry + containerPort: 8105 + - name: mattermost + containerPort: 8065 + - name: workhorse + containerPort: 8005 + - name: ssh + containerPort: 22 + - name: prometheus + containerPort: 9090 + {{- if and .Values.pagesExternalScheme .Values.pagesExternalDomain }} + - name: pages + containerPort: 8090 + {{- end }} + volumeMounts: + - name: config + mountPath: /etc/gitlab + - name: data + mountPath: /gitlab-data + subPath: gitlab-data + - name: registry + mountPath: /gitlab-registry + livenessProbe: + httpGet: + path: /health_check?token={{.Values.healthCheckToken}} + port: 8005 + initialDelaySeconds: 180 + timeoutSeconds: 15 + readinessProbe: + httpGet: + path: /health_check?token={{.Values.healthCheckToken}} + port: 8005 + initialDelaySeconds: 15 + timeoutSeconds: 1 + volumes: + - name: data + persistentVolumeClaim: + claimName: {{ template "fullname" . }}-storage + - name: registry + persistentVolumeClaim: + claimName: {{ template "fullname" . }}-registry-storage + - name: config + persistentVolumeClaim: + claimName: {{ template "fullname" . }}-config-storage diff --git a/kubernetes/Charts/gitlab-omnibus/templates/gitlab/gitlab-storage.yaml b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/gitlab-storage.yaml new file mode 100644 index 0000000..45fd8eb --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/gitlab-storage.yaml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ template "fullname" . }}-storage + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + annotations: + {{- if .Values.gitlabDataStorageClass }} + volume.beta.kubernetes.io/storage-class: {{ .Values.gitlabDataStorageClass | quote }} + {{- else if (eq .Values.provider "gke") }} + volume.beta.kubernetes.io/storage-class: {{ template "fullname" . }}-fast + {{- else }} + volume.alpha.kubernetes.io/storage-class: default + {{- end }} +spec: + accessModes: + - {{ default "ReadWriteOnce" .Values.gitlabDataAccessMode | quote }} + resources: + requests: + # Fallback to supporting older value: gitlabRailsStorageSize when the new one is not set + storage: {{ coalesce .Values.gitlabDataStorageSize .Values.gitlabRailsStorageSize "30Gi" }} +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ template "fullname" . }}-registry-storage + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + annotations: + {{- if .Values.gitlabRegistryStorageClass }} + volume.beta.kubernetes.io/storage-class: {{ .Values.gitlabRegistryStorageClass | quote }} + {{- else if (eq .Values.provider "gke") }} + volume.beta.kubernetes.io/storage-class: {{ template "fullname" . }}-fast + {{- else }} + volume.alpha.kubernetes.io/storage-class: default + {{- end }} +spec: + accessModes: + - {{ default "ReadWriteOnce" .Values.gitlabRegistryAccessMode | quote }} + resources: + requests: + storage: {{ default "30Gi" .Values.gitlabRegistryStorageSize }} diff --git a/kubernetes/Charts/gitlab-omnibus/templates/gitlab/gitlab-svc.yaml b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/gitlab-svc.yaml new file mode 100644 index 0000000..3d872fa --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/gitlab-svc.yaml @@ -0,0 +1,31 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "fullname" . }} + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +spec: + selector: + name: {{ template "fullname" . }} + ports: + - name: ssh + port: 22 + targetPort: ssh + - name: mattermost + port: 8065 + targetPort: mattermost + - name: registry + port: 8105 + targetPort: registry + - name: workhorse + port: 8005 + targetPort: workhorse + - name: prometheus + port: 9090 + targetPort: prometheus + - name: web + port: 80 + targetPort: workhorse \ No newline at end of file diff --git a/kubernetes/Charts/gitlab-omnibus/templates/gitlab/postgresql-configmap.yaml b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/postgresql-configmap.yaml new file mode 100644 index 0000000..a965a0e --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/postgresql-configmap.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "postgresql.fullname" . }}-initdb + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +data: + 01_create_mattermost_production.sql: | + CREATE DATABASE mattermost_production WITH OWNER gitlab; diff --git a/kubernetes/Charts/gitlab-omnibus/templates/gitlab/postgresql-deployment.yaml b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/postgresql-deployment.yaml new file mode 100644 index 0000000..5ddd4ba --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/postgresql-deployment.yaml @@ -0,0 +1,78 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ template "postgresql.fullname" . }} + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +spec: + replicas: 1 + template: + metadata: + labels: + app: {{ template "fullname" . }} + name: {{ template "postgresql.fullname" . }} + spec: + containers: + - name: postgresql + image: {{ .Values.postgresImage }} + imagePullPolicy: IfNotPresent + env: + - name: POSTGRES_USER + valueFrom: + configMapKeyRef: + name: {{ template "fullname" . }}-config + key: postgres_user + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "fullname" . }}-secrets + key: postgres_password + - name: POSTGRES_DB + valueFrom: + configMapKeyRef: + name: {{ template "fullname" . }}-config + key: postgres_db + - name: DB_EXTENSION + value: pg_trgm + - name: PGDATA + value: /var/lib/postgresql/data/pgdata + ports: + - name: postgres + containerPort: 5432 + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: data + subPath: postgres + - mountPath: /docker-entrypoint-initdb.d + name: initdb + readOnly: true + livenessProbe: + exec: + command: + - pg_isready + - -h + - localhost + - -U + - postgres + initialDelaySeconds: 30 + timeoutSeconds: 5 + readinessProbe: + exec: + command: + - pg_isready + - -h + - localhost + - -U + - postgres + initialDelaySeconds: 5 + timeoutSeconds: 1 + volumes: + - name: data + persistentVolumeClaim: + claimName: {{ if .Values.postgresDedicatedStorage }} {{ template "postgresql.fullname" . }}-storage {{ else }} {{ template "fullname" . }}-storage {{ end }} + - name: initdb + configMap: + name: {{ template "postgresql.fullname" . }}-initdb diff --git a/kubernetes/Charts/gitlab-omnibus/templates/gitlab/postgresql-storage.yaml b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/postgresql-storage.yaml new file mode 100644 index 0000000..71ce994 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/postgresql-storage.yaml @@ -0,0 +1,25 @@ +{{- if .Values.postgresDedicatedStorage }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ template "postgresql.fullname" . }}-storage + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + annotations: + {{- if .Values.postgresStorageClass }} + volume.beta.kubernetes.io/storage-class: {{ .Values.postgresStorageClass | quote }} + {{- else if (eq .Values.provider "gke") }} + volume.beta.kubernetes.io/storage-class: {{ template "fullname" . }}-fast + {{- else }} + volume.alpha.kubernetes.io/storage-class: default + {{- end }} +spec: + accessModes: + - {{ default "ReadWriteOnce" .Values.postgresAccessMode | quote }} + resources: + requests: + storage: {{ default "30Gi" .Values.postgresStorageSize }} +{{- end }} diff --git a/kubernetes/Charts/gitlab-omnibus/templates/gitlab/postgresql-svc.yaml b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/postgresql-svc.yaml new file mode 100644 index 0000000..b9d3171 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/postgresql-svc.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "postgresql.fullname" . }} + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +spec: + ports: + - name: postgres + port: 5432 + targetPort: postgres + selector: + name: {{ template "postgresql.fullname" . }} diff --git a/kubernetes/Charts/gitlab-omnibus/templates/gitlab/redis-deployment.yaml b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/redis-deployment.yaml new file mode 100644 index 0000000..c3c8dd5 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/redis-deployment.yaml @@ -0,0 +1,46 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ template "redis.fullname" . }} + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +spec: + replicas: 1 + template: + metadata: + labels: + name: {{ template "redis.fullname" . }} + app: {{ template "fullname" . }} + spec: + containers: + - name: redis + image: {{ .Values.redisImage }} + imagePullPolicy: IfNotPresent + ports: + - name: redis + containerPort: 6379 + volumeMounts: + - mountPath: /var/lib/redis + name: data + subPath: redis + livenessProbe: + exec: + command: + - redis-cli + - ping + initialDelaySeconds: 30 + timeoutSeconds: 5 + readinessProbe: + exec: + command: + - redis-cli + - ping + initialDelaySeconds: 5 + timeoutSeconds: 1 + volumes: + - name: data + persistentVolumeClaim: + claimName: {{ if .Values.redisDedicatedStorage }} {{ template "redis.fullname" . }}-storage {{ else }} {{ template "fullname" . }}-storage {{ end }} diff --git a/kubernetes/Charts/gitlab-omnibus/templates/gitlab/redis-storage.yaml b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/redis-storage.yaml new file mode 100644 index 0000000..6c1cbdc --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/redis-storage.yaml @@ -0,0 +1,25 @@ +{{- if .Values.redisDedicatedStorage }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ template "redis.fullname" . }}-storage + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + annotations: + {{- if .Values.redisStorageClass }} + volume.beta.kubernetes.io/storage-class: {{ .Values.redisStorageClass | quote }} + {{- else if (eq .Values.provider "gke") }} + volume.beta.kubernetes.io/storage-class: {{ template "fullname" . }}-fast + {{- else }} + volume.alpha.kubernetes.io/storage-class: default + {{- end }} +spec: + accessModes: + - {{ default "ReadWriteOnce" .Values.redisAccessMode | quote }} + resources: + requests: + storage: {{ default "5Gi" .Values.redisStorageSize }} +{{- end }} diff --git a/kubernetes/Charts/gitlab-omnibus/templates/gitlab/redis-svc.yaml b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/redis-svc.yaml new file mode 100644 index 0000000..a039c7d --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/gitlab/redis-svc.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "redis.fullname" . }} + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +spec: + selector: + name: {{ template "redis.fullname" . }} + ports: + - name: redis + port: 6379 + targetPort: redis diff --git a/kubernetes/Charts/gitlab-omnibus/templates/ingress/gitlab-ingress.yaml b/kubernetes/Charts/gitlab-omnibus/templates/ingress/gitlab-ingress.yaml new file mode 100644 index 0000000..e1900d6 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/ingress/gitlab-ingress.yaml @@ -0,0 +1,50 @@ +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ template "fullname" . }} + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + annotations: + kubernetes.io/tls-acme: "true" + kubernetes.io/ingress.class: "nginx" +spec: + tls: + - hosts: + - gitlab.{{ .Values.baseDomain }} + - registry.{{ .Values.baseDomain }} + - mattermost.{{ .Values.baseDomain }} + - prometheus.{{ .Values.baseDomain }} + secretName: gitlab-tls + rules: + - host: {{ template "fullname" . }} + http: + paths: + - path: / + backend: + serviceName: {{ template "fullname" . }} + servicePort: 8005 + - host: registry.{{ .Values.baseDomain }} + http: + paths: + - path: / + backend: + serviceName: {{ template "fullname" . }} + servicePort: 8105 + - host: mattermost.{{ .Values.baseDomain }} + http: + paths: + - path: / + backend: + serviceName: {{ template "fullname" . }} + servicePort: 8065 + - host: prometheus.{{ .Values.baseDomain }} + http: + paths: + - path: / + backend: + serviceName: {{ template "fullname" . }} + servicePort: 9090 +--- diff --git a/kubernetes/Charts/gitlab-omnibus/templates/ingress/gitlab-pages-ingress.yaml b/kubernetes/Charts/gitlab-omnibus/templates/ingress/gitlab-pages-ingress.yaml new file mode 100644 index 0000000..34cbf75 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/ingress/gitlab-pages-ingress.yaml @@ -0,0 +1,29 @@ +{{- if and .Values.pagesExternalScheme .Values.pagesExternalDomain}} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ template "fullname" . }}-pages + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + annotations: + kubernetes.io/ingress.class: "nginx" +spec: + {{- if .Values.pagesTlsSecret }} + tls: + - hosts: + - "*.{{ .Values.pagesExternalDomain }}" + secretName: {{ .Values.pagesTlsSecret }} + {{- end }} + rules: + - host: "*.{{ .Values.pagesExternalDomain }}" + http: + paths: + - path: / + backend: + serviceName: {{ template "fullname" . }} + servicePort: 8090 +{{- end }} +--- diff --git a/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/lego/00-namespace.yaml b/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/lego/00-namespace.yaml new file mode 100644 index 0000000..be95521 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/lego/00-namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: kube-lego diff --git a/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/lego/configmap.yaml b/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/lego/configmap.yaml new file mode 100644 index 0000000..0b8c74e --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/lego/configmap.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +metadata: + name: kube-lego + namespace: kube-lego +data: + # modify this to specify your address + lego.email: "{{ .Values.legoEmail }}" + # configure letencrypt's production api + lego.url: "https://acme-v01.api.letsencrypt.org/directory" +kind: ConfigMap diff --git a/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/lego/deployment.yaml b/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/lego/deployment.yaml new file mode 100644 index 0000000..eb623a8 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/lego/deployment.yaml @@ -0,0 +1,43 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: kube-lego + namespace: kube-lego +spec: + replicas: 1 + template: + metadata: + labels: + app: kube-lego + spec: + containers: + - name: kube-lego + image: jetstack/kube-lego:0.1.6 + imagePullPolicy: Always + ports: + - containerPort: 8080 + env: + - name: LEGO_EMAIL + valueFrom: + configMapKeyRef: + name: kube-lego + key: lego.email + - name: LEGO_URL + valueFrom: + configMapKeyRef: + name: kube-lego + key: lego.url + - name: LEGO_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: LEGO_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + readinessProbe: + httpGet: + path: /healthz + port: 8080 + initialDelaySeconds: 5 + timeoutSeconds: 1 diff --git a/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/00-namespace.yaml b/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/00-namespace.yaml new file mode 100644 index 0000000..4b60fec --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/00-namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: nginx-ingress diff --git a/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/configmap.yaml b/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/configmap.yaml new file mode 100644 index 0000000..e85a70f --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/configmap.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +data: + proxy-connect-timeout: "15" + proxy-read-timeout: "600" + proxy-send-timeout: "600" + hsts-include-subdomains: "false" + proxy-body-size: "1024m" + server-name-hash-bucket-size: "256" + enable-vts-status: "true" +kind: ConfigMap +metadata: + namespace: nginx-ingress + name: nginx diff --git a/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/daemonset.yaml b/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/daemonset.yaml new file mode 100644 index 0000000..0e6a356 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/daemonset.yaml @@ -0,0 +1,45 @@ +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: nginx + namespace: nginx-ingress +spec: + template: + metadata: + labels: + app: nginx + annotations: + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + spec: + containers: + - image: gcr.io/google_containers/nginx-ingress-controller:0.9.0-beta.11 + name: nginx + imagePullPolicy: Always + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + livenessProbe: + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + initialDelaySeconds: 30 + timeoutSeconds: 5 + ports: + - containerPort: 80 + - containerPort: 443 + - containerPort: 22 + - containerPort: 18080 + - containerPort: 10254 + args: + - /nginx-ingress-controller + - --default-backend-service=nginx-ingress/default-http-backend + - --configmap=nginx-ingress/nginx + - --tcp-services-configmap=nginx-ingress/tcp-ports diff --git a/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/default-deployment.yaml b/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/default-deployment.yaml new file mode 100644 index 0000000..ab92454 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/default-deployment.yaml @@ -0,0 +1,34 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: default-http-backend + namespace: nginx-ingress +spec: + replicas: 1 + template: + metadata: + labels: + app: default-http-backend + spec: + containers: + - name: default-http-backend + # Any image is permissable as long as: + # 1. It serves a 404 page at / + # 2. It serves 200 on a /healthz endpoint + image: gcr.io/google_containers/defaultbackend:1.0 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + scheme: HTTP + initialDelaySeconds: 30 + timeoutSeconds: 5 + ports: + - containerPort: 8080 + resources: + limits: + cpu: 10m + memory: 20Mi + requests: + cpu: 10m + memory: 20Mi diff --git a/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/default-service.yaml b/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/default-service.yaml new file mode 100644 index 0000000..d9db408 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/default-service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: default-http-backend + namespace: nginx-ingress +spec: + ports: + - port: 80 + targetPort: 8080 + protocol: TCP + selector: + app: default-http-backend diff --git a/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/service.yaml b/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/service.yaml new file mode 100644 index 0000000..41644e1 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/service.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Service +metadata: + name: nginx + namespace: nginx-ingress + annotations: + service.beta.kubernetes.io/external-traffic: "OnlyLocal" +spec: + type: LoadBalancer +{{- if .Values.baseIP }} + loadBalancerIP: {{ .Values.baseIP }} +{{- end }} + ports: + - port: 80 + name: http + - port: 443 + name: https + - port: 22 + name: git + selector: + app: nginx +apiVersion: v1 diff --git a/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/tcp-configmap.yaml b/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/tcp-configmap.yaml new file mode 100644 index 0000000..af26e5b --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/templates/load-balancer/nginx/tcp-configmap.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: tcp-ports + namespace: nginx-ingress +data: + 22: "{{ .Release.Namespace }}/{{ template "fullname" . }}:22" diff --git a/kubernetes/Charts/gitlab-omnibus/values.yaml b/kubernetes/Charts/gitlab-omnibus/values.yaml new file mode 100644 index 0000000..fbbc759 --- /dev/null +++ b/kubernetes/Charts/gitlab-omnibus/values.yaml @@ -0,0 +1,97 @@ +# Default values for kubernetes-gitlab-demo. +# This is a YAML-formatted file. + +# Required variables + +# baseDomain is the top-most part of the domain. Subdomains will be generated +# for gitlab, mattermost, registry, and prometheus. +# Recommended to set up an A record on the DNS to *.your-domain.com to point to +# the baseIP +# e.g. *.your-domain.com. A 300 baseIP +baseDomain: example.com + +# legoEmail is a valid email address used by Let's Encrypt. It does not have to +# be at the baseDomain. +legoEmail: you@example.com + +# Optional variables +# baseIP is an externally provisioned static IP address to use instead of the provisioned one. +# baseIP: 35.184.199.209 +nameOverride: gitlab +# `ce` or `ee` +gitlab: ce +gitlabCEImage: gitlab/gitlab-ce:10.1.0-ce.0 +gitlabEEImage: gitlab/gitlab-ee:10.1.0-ee.0 +postgresPassword: NDl1ZjNtenMxcWR6NXZnbw== +initialSharedRunnersRegistrationToken: "tQtCbx5UZy_ByS7FyzUH" +mattermostAppSecret: NDl1ZjNtenMxcWR6NXZnbw== +mattermostAppUID: aadas +redisImage: redis:3.2.10 +redisDedicatedStorage: true +#redisStorageSize: 5Gi +redisAccessMode: ReadWriteOnce +postgresImage: postgres:9.6.5 +# If you disable postgresDedicatedStorage, you should consider bumping up gitlabRailsStorageSize +postgresDedicatedStorage: true +postgresAccessMode: ReadWriteOnce +#postgresStorageSize: 30Gi +gitlabDataAccessMode: ReadWriteOnce +#gitlabDataStorageSize: 30Gi +gitlabRegistryAccessMode: ReadWriteOnce +#gitlabRegistryStorageSize: 30Gi +gitlabConfigAccessMode: ReadWriteOnce +#gitlabConfigStorageSize: 1Gi +gitlabRunnerImage: gitlab/gitlab-runner:alpine-v10.1.0 +# Valid values for provider are `gke` for Google Container Engine. Leaving it blank (or any othervalue) will disable fast disk options. +provider: gke + +## Storage Class Options +## If defined, volume.beta.kubernetes.io/storage-class: +## If not defined, but provider is gke, will use SSDs +## Otherwise default: volume.alpha.kubernetes.io/storage-class: default +#gitlabConfigStorageClass: default +#gitlabDataStorageClass: default +#gitlabRegistryStorageClass: default +#postgresStorageClass: default +#redisStorageClass: default + +healthCheckToken: 'SXBAQichEJasbtDSygrD' +# Optional, for GitLab EE images only +#gitlabEELicense: base64-encoded-license + +gitlab-runner: + checkInterval: 1 + # runnerRegistrationToken must equal initialSharedRunnersRegistrationToken + runnerRegistrationToken: "tQtCbx5UZy_ByS7FyzUH" + # resources: + # limits: + # memory: 500Mi + # cpu: 600m + # requests: + # memory: 500Mi + # cpu: 600m + runners: + privileged: true + ## Build Container specific configuration + ## + # builds: + # cpuLimit: 200m + # memoryLimit: 256Mi + # cpuRequests: 100m + # memoryRequests: 128Mi + + ## Service Container specific configuration + ## + # services: + # cpuLimit: 200m + # memoryLimit: 256Mi + # cpuRequests: 100m + # memoryRequests: 128Mi + + ## Helper Container specific configuration + ## + # helpers: + # cpuLimit: 200m + # memoryLimit: 256Mi + # cpuRequests: 100m + # memoryRequests: 128Mi \ No newline at end of file diff --git a/kubernetes/Charts/post/Chart.yaml b/kubernetes/Charts/post/Chart.yaml new file mode 100644 index 0000000..22b8d72 --- /dev/null +++ b/kubernetes/Charts/post/Chart.yaml @@ -0,0 +1,7 @@ +name: post +version: 1.0.0 +description: OTUS reddit application UI +maintainers: + - name: Someone + email: my@mail.com +appVersion: 1.0 \ No newline at end of file diff --git a/kubernetes/Charts/post/templates/_helpers.tpl b/kubernetes/Charts/post/templates/_helpers.tpl new file mode 100644 index 0000000..356397a --- /dev/null +++ b/kubernetes/Charts/post/templates/_helpers.tpl @@ -0,0 +1,3 @@ +{{- define "post.fullname" -}} +{{- printf "%s-%s" .Release.Name .Chart.Name }} +{{- end -}} \ No newline at end of file diff --git a/kubernetes/Charts/post/templates/deployment.yaml b/kubernetes/Charts/post/templates/deployment.yaml new file mode 100644 index 0000000..e4d1324 --- /dev/null +++ b/kubernetes/Charts/post/templates/deployment.yaml @@ -0,0 +1,34 @@ +--- +apiVersion: apps/v1beta2 +kind: Deployment +metadata: + name: {{ .Release.Name }}-{{ .Chart.Name }} + labels: + app: reddit + component: post + release: {{ .Release.Name }} +spec: + replicas: 1 + selector: + matchLabels: + app: reddit + component: post + release: {{ .Release.Name }} + template: + metadata: + name: post + labels: + app: reddit + component: post + release: {{ .Release.Name }} + spec: + containers: + - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + name: post + ports: + - containerPort: {{ .Values.service.internalPort }} + name: post + protocol: TCP + env: + - name: POST_DATABASE_HOST + value: {{ .Values.databaseHost | default (printf "%s-mongodb" .Release.Name) }} \ No newline at end of file diff --git a/kubernetes/Charts/post/templates/service.yaml b/kubernetes/Charts/post/templates/service.yaml new file mode 100644 index 0000000..73da097 --- /dev/null +++ b/kubernetes/Charts/post/templates/service.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "post.fullname" . }} + labels: + app: reddit + component: post + release: {{ .Release.Name }} +spec: + type: ClusterIP + ports: + - port: {{ .Values.service.externalPort }} + protocol: TCP + targetPort: {{ .Values.service.internalPort }} +selector: + app: reddit + component: post + release: {{ .Release.Name }} \ No newline at end of file diff --git a/kubernetes/Charts/post/values.yaml b/kubernetes/Charts/post/values.yaml new file mode 100644 index 0000000..080d6f0 --- /dev/null +++ b/kubernetes/Charts/post/values.yaml @@ -0,0 +1,10 @@ +--- +service: + internalPort: 5000 + externalPort: 5000 + +image: + repository: yashkin/post + tag: latest + +databaseHost: \ No newline at end of file diff --git a/kubernetes/Charts/reddit/Chart.yaml b/kubernetes/Charts/reddit/Chart.yaml new file mode 100644 index 0000000..2ed82ca --- /dev/null +++ b/kubernetes/Charts/reddit/Chart.yaml @@ -0,0 +1,6 @@ +name: reddit +version: 0.1.0 +description: OTUS sample reddit application +maintainers: + - name: Yury Yashkin + email: theyahkins@gmail.com \ No newline at end of file diff --git a/kubernetes/Charts/reddit/charts/comment-1.0.0.tgz b/kubernetes/Charts/reddit/charts/comment-1.0.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..6f7b9b50727c8936a7066cbd310d676f0ac345cc GIT binary patch literal 854 zcmV-c1F8HUiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PI-bZ`(Ey_A~#AgMk9ugA_`hV^mMe(gH28HpT4rHDIKRLzKTj z(#DKT|NB7waAeu5G1QGwMBj_$v&cJ2_kDNgTuX_{UtB*h>*EcRVsvs)O6hDmtv)HG z{ZE?G*(jMz=`5u*y_}3_l3q?GBcP`bWgjc&nH|yZ_SHY!PXcDl7qpIRmBBa}lLB3C zx$%|ZX7PCr7K?&=V8#fZv+x6aeorLh$}_Iex{O4Cl5vrN-25Ic;#^AtpqRuA=31gw zNa}A*zL9n7G>K_U$+;iHi$%--H4`gzKSltK@jsa*J^oMVEE)L!9EhTbIJ9e?V@3eD z@@N$kpS1NEyiQ-I1OWfuGZHS@vRYx$Xve*_n+!J0J$&Wrq9r+iXUhx(^XNPw1@r8V zIee#`&(3}D0To*Qdz7YnPZzfjC=6N`dvhWwILiOYw8#HxnqCh4e-1o8Mo{2AR|w-K z7vlSs5TRO+Au3A}?l6`se-GnVE_&t05dVb&nZx)alL&F$J66}t{iuqt_S}aXa1{Ie zFVG0RsS@Et-M|t4C)0%X`9J$@;QzBA)PH99b_QU^xQlgihn}V6D_2DZZ?*|RBzhLA zc((2CA0K;aP?k}!?P>ymV0S27SO>vJ){GU^_gqV(6)OKU9t5+kw>{{CID>i9euS~a zWsnd6hXQl2ZS6-gpFjNBalG&PKb;?O56}{(an*S+0lULaZ4*0@9E#-|(HxBjpnW9u zK2OtGZHb_6*i>p7b=5KG`-OLxAt*U`% zC#-IJ3jc(v$X3F`FP-8iwOZ=pu2%tng`c<7?dyO0c1|}69_#-ulm7od({wT&^#3`~ z*Z+0WsQ$c8gTs>FX3L?TG5)cF?>8o}TdbT%`#y-kR(Yc8@}SgoN7zoZy(}PKN;l2D~8r8vp?R|I{URY5*Dl0P@bM5&!@I literal 0 HcmV?d00001 diff --git a/kubernetes/Charts/reddit/charts/mongodb-0.4.18.tgz b/kubernetes/Charts/reddit/charts/mongodb-0.4.18.tgz new file mode 100644 index 0000000000000000000000000000000000000000..3350e27954d22a2637bce97e55023deaffb69a33 GIT binary patch literal 3702 zcmV-+4vFy}iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH+za~rpk`8>a(OL}iDc{M{y){){{zgpSS%X$+XD=JQ<{8AZk zrb(hS1B?L-Wk%9}-@-K)smoEcZ!5xwn8MN5bT_(zMsm(3JRSAkPl-^`oaEUzPu}|d zet&Og$Nbyx_q+f0_jb3c-==?aYp1{W4Lm(1OIj%v5#RLtzZXuIx&J4P6vamrl5#eH zH_>*q*$+~biJ*lteaC$GKR-aqlQKu9LM|vWg(;*&kr9yyYDyGH#RW?E@8QXDn9&QY z7D%|HY8n8fb4GHSfJ~;C6S)DB=0!%wbIK;5rU;ZNoCu<^0v{XrKp7;QDUCQ4bcPH_ zQDihRvt$$?n^1-Wm~d5O!IbAXfT>c29Q1llu_G=f0ZlY3eq=%g)o$U+kUmm*TrAW|#@k~spnwBHOgM;J$4O5<6pa}iqng6_f z{dvC)+TY)^JR@0&@{e%<_t^i|-qv>4{`acjY$t5bmznR?YCe9-G%lp_=j z70QV6Udj{MDQqmNA2D~R0!=rGFDRf$Szdejs{!MO@OrjWC6OoddTD4C_xK|14How`|V zT9Z;Lo`Yr`2&?`0lT)1tB!+Af8aWe|h924Ng#Rc}7~fZS)qGT42M&&9?fdG>fc%KoP%g1R` z1y_YL1H~Fd1Kl71Ktn`203}Kc09Gsh?C!Tn%TRHlZS#Fbq_itOj3LD_WteW5U6@SJ zj2@c}f&+e-vBx0 zT+9cswX=IfO;1vk1K8~M^WZW5zw+9c7sjjhj!(`HhmrcCo@|e~H~xRq@9h8ETm9{q z{r@>ywJ#6`BXm}PDaI%G8!HN&Z$7Po3bt@3T%}sQ51<@I1NF+wuA;^Lxs0ZXMi5#RT;|a-v;GFB| znPFmliosQ7A)@ROnD9I&Oz(aGpp7q4nVI$gvce?OX%2*;$RP}snnOq-v=Ko!pn))S zxFB>10fga{OZ5;`aCH^x@Fx0b1MnpqxSkaj8ra>FG$hni+}s2Y_5q9b|LYVpy;DW1 zc%oF`9{bl{k^Rh`+tshb=7+fGnx;~UOlE6>e%URuEml}aR9G-H#dQv6&!vk zw32HxGnUWC=67OFjsiC?bm2&??^f5tderRakv(uSL4a3lJ@aISLeLc9T8Bj}f!#Oe zC(VcDcuc?O-MRu+X}h8Cy^c5$NQFaN+8jQYB%@=BDUhNtlt;l&XrY_=O5@O6NEl&4 zN}W;g9Gh{a^>h@oR00ubw|GpoA5v2)VQn-wvT$Be`yUMlcXzkz|99WK z`2S~Vq@dOLFMd(T^iSEFZH`cp&ESHvbN~mHN(4D7qNA=sb!7Q~ASVFG$Oto+yO5%I z=rXX|%K%n%_|x!*H#cG3<2Znun-#N0SpVl%wY;I9GDSg^IiG6H8M*@mJxzOXO|U1^ zCtkGxbZav9Xy!Z$!zizhi)~N%C<)u<4&7E7(V~r7J>%7+#%Y$u;5VI>mG;7V8eGHY zk}GVYLpG~f_w*i}9DjFm@b1^MlaupbPxptzpH9vWs#yT$toa{;=YvM4PW}^t>U*4@ z;kZ5WI8|%53!GQS=HvYn*MpT)^Dc3&0q@vYuMrX)S%2UBd*pv-^sg26Rak*f#)8%TN zzA(fY$vT}Y=_oRXyzecbwO0jYlUM62jd_$&MM-vm8JQ0;;VhK{c++ppP&7wgs%mhj z8WTuT`mfH*&K<05R%7t=j@yPTGia)YuBGPsOV(hjT73)9nZEDw>puv2eRgDxcMa#-EsU#yELJ9Cfj~B zFVy^iiUC};ragItz8L=%v*d}d0q@QK`-|s)o4YUZ-*dEw8GsD~PnW5G(2O8wn_n3q z`aq~Yg?CmPHqX79)YUWFTTJWBynAX6{^);j8(2wyYXQ7NKFwQ%#?&?ZY_jV6maJQP zm)*YvZI`fQ%5BuQNm{AW`bLJ|{<&!XHspB9Qh@u;|9AKHy7}Mc*5-@-KS%3WuQl|c zQGq{GuBXf;@kv2Gml$}Sm*x%k#J#OE`D+;MZX-+D9;zF9-vjYZXutdWFR}mU-v9f% zJKgjD?X5R2^?%ROZn1x38Gj}RP#yLdN6^?_8&xEh$|`$ZmbVt2L{$+nL1oj|dY;4# z6UD_NCGb+{rMSjQQ zfXG%Vy4!cX)IBF~;~Q03D#~Pvm(pCKD?w7KC}$)CMMfEhdTy#Wdg8jPx*w@TnW$1A zPzGZ%;{y2j)^`YtuMl!_ao+<36pB!00t2ZBnoke_iKMQQc5EtOBU2)H{=?r6&i)nz zaU73`oCbdZy}bfuQjshJY1pccI^#Gtt3EI#cv>bJbP$|Rsk8wRj5t?P2~ubgE`Fv5 zm+G!VeYp#qX<&7cgN4_vR9yGu!=ObL1b>Iuug_`m`t<;Qpi+V6-El0PV#G!;8kJS%9~r&v8c-0iCsJ^;;mJ+A5i3HgJ;Ta;M_g}p3air>CxiGhwCxN|az^`;uz7cH@S(GoYGvc!?azvP4| z?(*M$in4&8(d-^h@8G|4(cR*I+4GVm{67W$4)3?)?@Hl`@cWzX7XIqGTX9Hi9pWO8 z--*9*5)pSHH$2?1@dl=gzj_7pNGc5eC3i!W{{1Ks2%LU=uLa;H+7PORUx{+L1wR&l z^P(e$>*{4pVs1Y87)B&9k)0-~#&6`mR!Xxs6jS1_R@^$m7*}rdyc>Ug`xICF+uLRx z=bj-+PgphwF6y@=8h`6y$s+`@$Upt9vHlu{^f#=cR!7JJ5QxA1j((;7nSG9o_^h>y z<)pARun5RzFe8Gx2Se^f5M}VG<8-Sy^WkA@1pnXya&E$WopabIy|5vdz%dF>#uH$3 zn}|;xd<^7YDk4dywG0|zaU6yc6QHp5L3CngTVwyVdJ>MI@w|KKH){m=Kl9QMRZ46nAfFmAepze$ zv2OFc+B;bl_|$n<{8jm?HAVNo7iembadcX@S~-sdqO2`;>xp70h?-V!7JOk@Dc zVQyr3R8em|NM&qo0PI)aZ`(Ey_A~#AgMb3tgA~fP9Dq;D(g7_nEWzydHDIKRLzE&3 zk~U^!`rijimZM1STwwWuwfbHxolM@H#QW|$qn$syyyw;@J6_7kOMp^J&$F!lrIhx6 z>6FeV=`5q?Q%a|c*@ULkG@DI;zDP7ZY@FwILjSX`escd4aAQ8BbwVo!Q5ul~U2cW( zwc%>@X$cmKLU`cDNRjjK06u*rB^Szbq0l-;V!)CM$)Mc*5-yTlmjpoZ5*aLYiCQ6P z?!tK^+ty>6(1en=eg{7?>iXYuxk2}01aPYU)5W4+|MMvw>;E+n$1!new<1SI0EF^r z6_?lAdIlM#lmOsg10xY7U)L)v8tsJFcE@1H-TfD#&gvou@O;fca*xgvQgF|2xx)|I zdG^*>k7!ZXzsJ(l-|6h;9;HF+5^tW53QpGlY}%{;c{X2+_5T`pc!;6EJE0Jwa2Arg zjg+BPM-W#P36G5x%HKis&c*Ls1j(N$kvmNO;3Y!RXvg|`|9@0PSo_wQjrbPy>c2oE z^{zzqoa4ZW`cLPJS+D-H86Erot044$Zp2{*;KsPKZF-BIPstad3I^{FXM&XId1&P9 zpza?YdW29_aj-q51pvu!QM#}Wf)BPIE9(1Pmqsg8em@=rn{DVP z!B_VOFjjk=Ysp}Bd3~^>+IGD*E3dDXtDE;1tBYSRmcQM6xLU3{`_$vjlYqKn6#fnk zkZ+`ipE|9s)M~AZ+g`u>8NRc|*5m*7OFio-cuN0e=R^Is82SHI(B=MZx@Y`la|({r zeS262dNFxHruRF83@+uyd9)t`864;*t}l=BO?Pl@`DREep4&D0Zzip7n|YewFuQ-t a?XAE3h!G=xbo>(l0RR7W)oCUG8UO$+gRSQP literal 0 HcmV?d00001 diff --git a/kubernetes/Charts/reddit/charts/ui-1.0.0.tgz b/kubernetes/Charts/reddit/charts/ui-1.0.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..84f155cc20bd6a97d3ff1f26071b4a6e4415cd32 GIT binary patch literal 1073 zcmV-11kU>(iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PI*%Z`(Ey&NF|-K|q0RfMm*vV^mKAvJ5S-CPAF$HDIK(O++F& zk}_(f{_g`NS(X%cPM5@9H+?UrjwbI;;@y46oDa_COxs||vh?U}Kq;l;(Wv;Ply-mV zkPeT+;}IPXDIK03AJH&8rQs3KH?pUN+*qcM=!+yYZ7=e9r#(!r#2(B?j zW-z#58A4EU$6{RlA4THU9@?)S&qFKz6I7{Ox^x>XUy%&#i2vd7Fzm+v=(Okmdx5L} zO!2x0U`m<6BD_b-Lh`^x62WivsUR6zmN3hrn%zG>!utGl5=h`O0zk^{F)a!|xXq)g zpD3PVnJFny*rG3R5?yAOV&8VES*?gs7*~|TwIU`0$4(5U7+a}J6&bVf{Evptr&_n^ z-Juz3Co3(D_u#PZZG0t@N|d&2*k;9cJ9b(EuznBa7MnJ#l=x6`Gw|H{+mhTDqF}?- zV6}>#Oj|aC)yk_4sXMl{KuK*IF8LenB{gj9SaHgrNhsI$e`9w5rKOdzOe45CyQ<|V z7EPVyx~t2{&E4eu`u5}5`Q3-h$xUOMqM>P7vu2s_)fGFIrxt!{6gD^ADQ!PDjoqsB z>hgNG(!%YHQg1{l_24V~nM;e?RGeLY`gDHr9j-OV@;AJz{_z|KyV`g9*kI>PH(ihL zw{D(a+;;cRQ3pebtfRE+b*iHeuWy*K5c5eW{gpjtlK&)!WLw=81pmhaE z)`zdUAMj=|dYh7;r&z4=VQ#HjX9UIUyixd6krM{L)cN9`#SbWwW&)`S)5Uk0-dVi4 z2s!lUdofz^zb@K)j{gxoeiHvDJ^$Yey79kQ$NQu_3;z Date: Wed, 3 Jul 2019 22:52:14 +0300 Subject: [PATCH 2/3] homework 23 fix1 --- .../Charts/ui/templates/{deployment.yml => deployment.yaml} | 0 kubernetes/Charts/ui/templates/{ingress.yml => ingress.yaml} | 0 kubernetes/Charts/ui/templates/{service.yml => service.yaml} | 0 3 files changed, 0 insertions(+), 0 deletions(-) rename kubernetes/Charts/ui/templates/{deployment.yml => deployment.yaml} (100%) rename kubernetes/Charts/ui/templates/{ingress.yml => ingress.yaml} (100%) rename kubernetes/Charts/ui/templates/{service.yml => service.yaml} (100%) diff --git a/kubernetes/Charts/ui/templates/deployment.yml b/kubernetes/Charts/ui/templates/deployment.yaml similarity index 100% rename from kubernetes/Charts/ui/templates/deployment.yml rename to kubernetes/Charts/ui/templates/deployment.yaml diff --git a/kubernetes/Charts/ui/templates/ingress.yml b/kubernetes/Charts/ui/templates/ingress.yaml similarity index 100% rename from kubernetes/Charts/ui/templates/ingress.yml rename to kubernetes/Charts/ui/templates/ingress.yaml diff --git a/kubernetes/Charts/ui/templates/service.yml b/kubernetes/Charts/ui/templates/service.yaml similarity index 100% rename from kubernetes/Charts/ui/templates/service.yml rename to kubernetes/Charts/ui/templates/service.yaml From a15e27fb04c5d1ee1545ed89b8ec19c6d375c2a0 Mon Sep 17 00:00:00 2001 From: yyashkin Date: Wed, 3 Jul 2019 22:56:01 +0300 Subject: [PATCH 3/3] homework 23 fix2 --- kubernetes/Charts/comment/.gitlab-ci.yml | 175 +++++++++++++++++++++++ kubernetes/Charts/post/.gitlab-ci.yml | 175 +++++++++++++++++++++++ kubernetes/Charts/ui/.gitlab-ci.yml | 175 +++++++++++++++++++++++ 3 files changed, 525 insertions(+) create mode 100644 kubernetes/Charts/comment/.gitlab-ci.yml create mode 100644 kubernetes/Charts/post/.gitlab-ci.yml create mode 100644 kubernetes/Charts/ui/.gitlab-ci.yml diff --git a/kubernetes/Charts/comment/.gitlab-ci.yml b/kubernetes/Charts/comment/.gitlab-ci.yml new file mode 100644 index 0000000..0de5eb0 --- /dev/null +++ b/kubernetes/Charts/comment/.gitlab-ci.yml @@ -0,0 +1,175 @@ +image: alpine:latest + +stages: + - build + - test + - review + - release + +build: + stage: build + image: docker:git + services: + - docker:dind + script: + - setup_docker + - build + variables: + DOCKER_DRIVER: overlay2 + only: + - branches + +test: + stage: test + script: + - exit 0 + only: + - branches + +release: + stage: release + image: docker + services: + - docker:dind + script: + - setup_docker + - release + only: + - master + +review: + stage: review + script: + - install_dependencies + - ensure_namespace + - install_tiller + - deploy + variables: + KUBE_NAMESPACE: review + host: $CI_PROJECT_PATH_SLUG-$CI_COMMIT_REF_SLUG + environment: + name: review/$CI_PROJECT_PATH/$CI_COMMIT_REF_NAME + url: http://$CI_PROJECT_PATH_SLUG-$CI_COMMIT_REF_SLUG + only: + refs: + - branches + kubernetes: active + except: + - master + +.auto_devops: &auto_devops | + [[ "$TRACE" ]] && set -x + export CI_REGISTRY="index.docker.io" + export CI_APPLICATION_REPOSITORY=$CI_REGISTRY/$CI_PROJECT_PATH + export CI_APPLICATION_TAG=$CI_COMMIT_REF_SLUG + export CI_CONTAINER_NAME=ci_job_build_${CI_JOB_ID} + export TILLER_NAMESPACE="kube-system" + + function deploy() { + track="${1-stable}" + name="$CI_ENVIRONMENT_SLUG" + + if [[ "$track" != "stable" ]]; then + name="$name-$track" + fi + + echo "Clone deploy repository..." + git clone http://gitlab-gitlab/$CI_PROJECT_NAMESPACE/reddit-deploy.git + + echo "Download helm dependencies..." + helm dep update reddit-deploy/reddit + + echo "Deploy helm release $name to $KUBE_NAMESPACE" + helm upgrade --install \ + --wait \ + --set ui.ingress.host="$host" \ + --set $CI_PROJECT_NAME.image.tag=$CI_APPLICATION_TAG \ + --namespace="$KUBE_NAMESPACE" \ + --version="$CI_PIPELINE_ID-$CI_JOB_ID" \ + "$name" \ + reddit-deploy/reddit/ + } + + function install_dependencies() { + + apk add -U openssl curl tar gzip bash ca-certificates git + wget -q -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub + wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.23-r3/glibc-2.23-r3.apk + apk add glibc-2.23-r3.apk + rm glibc-2.23-r3.apk + + curl https://storage.googleapis.com/pub/gsutil.tar.gz | tar -xz -C $HOME + export PATH=${PATH}:$HOME/gsutil + + curl https://kubernetes-helm.storage.googleapis.com/helm-v2.9.1-linux-amd64.tar.gz | tar zx + + mv linux-amd64/helm /usr/bin/ + helm version --client + + curl -o /usr/bin/sync-repo.sh https://raw.githubusercontent.com/kubernetes/helm/master/scripts/sync-repo.sh + chmod a+x /usr/bin/sync-repo.sh + + curl -L -o /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl + chmod +x /usr/bin/kubectl + kubectl version --client + } + + function setup_docker() { + if ! docker info &>/dev/null; then + if [ -z "$DOCKER_HOST" -a "$KUBERNETES_PORT" ]; then + export DOCKER_HOST='tcp://localhost:2375' + fi + fi + } + + function ensure_namespace() { + kubectl describe namespace "$KUBE_NAMESPACE" || kubectl create namespace "$KUBE_NAMESPACE" + } + + function release() { + + echo "Updating docker images ..." + + if [[ -n "$CI_REGISTRY_USER" ]]; then + echo "Logging to GitLab Container Registry with CI credentials..." + docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" + echo "" + fi + + docker pull "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" + docker tag "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" "$CI_APPLICATION_REPOSITORY:$(cat VERSION)" + docker push "$CI_APPLICATION_REPOSITORY:$(cat VERSION)" + echo "" + } + + function build() { + + echo "Building Dockerfile-based application..." + echo `git show --format="%h" HEAD | head -1` > build_info.txt + echo `git rev-parse --abbrev-ref HEAD` >> build_info.txt + docker build -t "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" . + + if [[ -n "$CI_REGISTRY_USER" ]]; then + echo "Logging to GitLab Container Registry with CI credentials..." + docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" + echo "" + fi + + echo "Pushing to GitLab Container Registry..." + docker push "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" + echo "" + } + + function install_tiller() { + echo "Checking Tiller..." + helm init --upgrade + kubectl rollout status -n "$TILLER_NAMESPACE" -w "deployment/tiller-deploy" + if ! helm version --debug; then + echo "Failed to init Tiller." + return 1 + fi + echo "" + } + +before_script: + - *auto_devops \ No newline at end of file diff --git a/kubernetes/Charts/post/.gitlab-ci.yml b/kubernetes/Charts/post/.gitlab-ci.yml new file mode 100644 index 0000000..0de5eb0 --- /dev/null +++ b/kubernetes/Charts/post/.gitlab-ci.yml @@ -0,0 +1,175 @@ +image: alpine:latest + +stages: + - build + - test + - review + - release + +build: + stage: build + image: docker:git + services: + - docker:dind + script: + - setup_docker + - build + variables: + DOCKER_DRIVER: overlay2 + only: + - branches + +test: + stage: test + script: + - exit 0 + only: + - branches + +release: + stage: release + image: docker + services: + - docker:dind + script: + - setup_docker + - release + only: + - master + +review: + stage: review + script: + - install_dependencies + - ensure_namespace + - install_tiller + - deploy + variables: + KUBE_NAMESPACE: review + host: $CI_PROJECT_PATH_SLUG-$CI_COMMIT_REF_SLUG + environment: + name: review/$CI_PROJECT_PATH/$CI_COMMIT_REF_NAME + url: http://$CI_PROJECT_PATH_SLUG-$CI_COMMIT_REF_SLUG + only: + refs: + - branches + kubernetes: active + except: + - master + +.auto_devops: &auto_devops | + [[ "$TRACE" ]] && set -x + export CI_REGISTRY="index.docker.io" + export CI_APPLICATION_REPOSITORY=$CI_REGISTRY/$CI_PROJECT_PATH + export CI_APPLICATION_TAG=$CI_COMMIT_REF_SLUG + export CI_CONTAINER_NAME=ci_job_build_${CI_JOB_ID} + export TILLER_NAMESPACE="kube-system" + + function deploy() { + track="${1-stable}" + name="$CI_ENVIRONMENT_SLUG" + + if [[ "$track" != "stable" ]]; then + name="$name-$track" + fi + + echo "Clone deploy repository..." + git clone http://gitlab-gitlab/$CI_PROJECT_NAMESPACE/reddit-deploy.git + + echo "Download helm dependencies..." + helm dep update reddit-deploy/reddit + + echo "Deploy helm release $name to $KUBE_NAMESPACE" + helm upgrade --install \ + --wait \ + --set ui.ingress.host="$host" \ + --set $CI_PROJECT_NAME.image.tag=$CI_APPLICATION_TAG \ + --namespace="$KUBE_NAMESPACE" \ + --version="$CI_PIPELINE_ID-$CI_JOB_ID" \ + "$name" \ + reddit-deploy/reddit/ + } + + function install_dependencies() { + + apk add -U openssl curl tar gzip bash ca-certificates git + wget -q -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub + wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.23-r3/glibc-2.23-r3.apk + apk add glibc-2.23-r3.apk + rm glibc-2.23-r3.apk + + curl https://storage.googleapis.com/pub/gsutil.tar.gz | tar -xz -C $HOME + export PATH=${PATH}:$HOME/gsutil + + curl https://kubernetes-helm.storage.googleapis.com/helm-v2.9.1-linux-amd64.tar.gz | tar zx + + mv linux-amd64/helm /usr/bin/ + helm version --client + + curl -o /usr/bin/sync-repo.sh https://raw.githubusercontent.com/kubernetes/helm/master/scripts/sync-repo.sh + chmod a+x /usr/bin/sync-repo.sh + + curl -L -o /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl + chmod +x /usr/bin/kubectl + kubectl version --client + } + + function setup_docker() { + if ! docker info &>/dev/null; then + if [ -z "$DOCKER_HOST" -a "$KUBERNETES_PORT" ]; then + export DOCKER_HOST='tcp://localhost:2375' + fi + fi + } + + function ensure_namespace() { + kubectl describe namespace "$KUBE_NAMESPACE" || kubectl create namespace "$KUBE_NAMESPACE" + } + + function release() { + + echo "Updating docker images ..." + + if [[ -n "$CI_REGISTRY_USER" ]]; then + echo "Logging to GitLab Container Registry with CI credentials..." + docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" + echo "" + fi + + docker pull "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" + docker tag "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" "$CI_APPLICATION_REPOSITORY:$(cat VERSION)" + docker push "$CI_APPLICATION_REPOSITORY:$(cat VERSION)" + echo "" + } + + function build() { + + echo "Building Dockerfile-based application..." + echo `git show --format="%h" HEAD | head -1` > build_info.txt + echo `git rev-parse --abbrev-ref HEAD` >> build_info.txt + docker build -t "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" . + + if [[ -n "$CI_REGISTRY_USER" ]]; then + echo "Logging to GitLab Container Registry with CI credentials..." + docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" + echo "" + fi + + echo "Pushing to GitLab Container Registry..." + docker push "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" + echo "" + } + + function install_tiller() { + echo "Checking Tiller..." + helm init --upgrade + kubectl rollout status -n "$TILLER_NAMESPACE" -w "deployment/tiller-deploy" + if ! helm version --debug; then + echo "Failed to init Tiller." + return 1 + fi + echo "" + } + +before_script: + - *auto_devops \ No newline at end of file diff --git a/kubernetes/Charts/ui/.gitlab-ci.yml b/kubernetes/Charts/ui/.gitlab-ci.yml new file mode 100644 index 0000000..0de5eb0 --- /dev/null +++ b/kubernetes/Charts/ui/.gitlab-ci.yml @@ -0,0 +1,175 @@ +image: alpine:latest + +stages: + - build + - test + - review + - release + +build: + stage: build + image: docker:git + services: + - docker:dind + script: + - setup_docker + - build + variables: + DOCKER_DRIVER: overlay2 + only: + - branches + +test: + stage: test + script: + - exit 0 + only: + - branches + +release: + stage: release + image: docker + services: + - docker:dind + script: + - setup_docker + - release + only: + - master + +review: + stage: review + script: + - install_dependencies + - ensure_namespace + - install_tiller + - deploy + variables: + KUBE_NAMESPACE: review + host: $CI_PROJECT_PATH_SLUG-$CI_COMMIT_REF_SLUG + environment: + name: review/$CI_PROJECT_PATH/$CI_COMMIT_REF_NAME + url: http://$CI_PROJECT_PATH_SLUG-$CI_COMMIT_REF_SLUG + only: + refs: + - branches + kubernetes: active + except: + - master + +.auto_devops: &auto_devops | + [[ "$TRACE" ]] && set -x + export CI_REGISTRY="index.docker.io" + export CI_APPLICATION_REPOSITORY=$CI_REGISTRY/$CI_PROJECT_PATH + export CI_APPLICATION_TAG=$CI_COMMIT_REF_SLUG + export CI_CONTAINER_NAME=ci_job_build_${CI_JOB_ID} + export TILLER_NAMESPACE="kube-system" + + function deploy() { + track="${1-stable}" + name="$CI_ENVIRONMENT_SLUG" + + if [[ "$track" != "stable" ]]; then + name="$name-$track" + fi + + echo "Clone deploy repository..." + git clone http://gitlab-gitlab/$CI_PROJECT_NAMESPACE/reddit-deploy.git + + echo "Download helm dependencies..." + helm dep update reddit-deploy/reddit + + echo "Deploy helm release $name to $KUBE_NAMESPACE" + helm upgrade --install \ + --wait \ + --set ui.ingress.host="$host" \ + --set $CI_PROJECT_NAME.image.tag=$CI_APPLICATION_TAG \ + --namespace="$KUBE_NAMESPACE" \ + --version="$CI_PIPELINE_ID-$CI_JOB_ID" \ + "$name" \ + reddit-deploy/reddit/ + } + + function install_dependencies() { + + apk add -U openssl curl tar gzip bash ca-certificates git + wget -q -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub + wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.23-r3/glibc-2.23-r3.apk + apk add glibc-2.23-r3.apk + rm glibc-2.23-r3.apk + + curl https://storage.googleapis.com/pub/gsutil.tar.gz | tar -xz -C $HOME + export PATH=${PATH}:$HOME/gsutil + + curl https://kubernetes-helm.storage.googleapis.com/helm-v2.9.1-linux-amd64.tar.gz | tar zx + + mv linux-amd64/helm /usr/bin/ + helm version --client + + curl -o /usr/bin/sync-repo.sh https://raw.githubusercontent.com/kubernetes/helm/master/scripts/sync-repo.sh + chmod a+x /usr/bin/sync-repo.sh + + curl -L -o /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl + chmod +x /usr/bin/kubectl + kubectl version --client + } + + function setup_docker() { + if ! docker info &>/dev/null; then + if [ -z "$DOCKER_HOST" -a "$KUBERNETES_PORT" ]; then + export DOCKER_HOST='tcp://localhost:2375' + fi + fi + } + + function ensure_namespace() { + kubectl describe namespace "$KUBE_NAMESPACE" || kubectl create namespace "$KUBE_NAMESPACE" + } + + function release() { + + echo "Updating docker images ..." + + if [[ -n "$CI_REGISTRY_USER" ]]; then + echo "Logging to GitLab Container Registry with CI credentials..." + docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" + echo "" + fi + + docker pull "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" + docker tag "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" "$CI_APPLICATION_REPOSITORY:$(cat VERSION)" + docker push "$CI_APPLICATION_REPOSITORY:$(cat VERSION)" + echo "" + } + + function build() { + + echo "Building Dockerfile-based application..." + echo `git show --format="%h" HEAD | head -1` > build_info.txt + echo `git rev-parse --abbrev-ref HEAD` >> build_info.txt + docker build -t "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" . + + if [[ -n "$CI_REGISTRY_USER" ]]; then + echo "Logging to GitLab Container Registry with CI credentials..." + docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" + echo "" + fi + + echo "Pushing to GitLab Container Registry..." + docker push "$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG" + echo "" + } + + function install_tiller() { + echo "Checking Tiller..." + helm init --upgrade + kubectl rollout status -n "$TILLER_NAMESPACE" -w "deployment/tiller-deploy" + if ! helm version --debug; then + echo "Failed to init Tiller." + return 1 + fi + echo "" + } + +before_script: + - *auto_devops \ No newline at end of file