Skip to content

Commit

Permalink
Merge branch 'main' into update-rest-source-auth
Browse files Browse the repository at this point in the history
  • Loading branch information
mpgxvii authored Oct 30, 2024
2 parents af3630c + c4b9890 commit 8aa7331
Show file tree
Hide file tree
Showing 95 changed files with 6,901 additions and 5,734 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/lint-test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
- name: Check helm docs did not change anything
run: |
CHANGES=$(git diff --stat charts :^charts/kafka-manager)
CHANGES=$(git diff --stat charts)
if [ -n "${CHANGES}" ]; then
printf "README is not up to date with helm-docs. Following mismatches are detected:\n$CHANGES\n"
exit 1
Expand Down
6 changes: 6 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,12 @@ The external charts that have a depedency need manual steps:
- In the `Chart.yaml` the repository should be changd to `https://radar-base.github.io/radar-helm-charts`.
- The `Chart.lock` file should be removed and then run `helm dependency build` to recreate the file with new repository URL and remove any `.tgz` files that gets created.

### kube-prometheus-stack
For this chart, `Chart.yaml` needs to be updated to the latest version, remove `Chart.lock` and run `helm dependency build`. Make sure to copy the CRDs from
https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/charts/crds/crds
to
https://github.com/RADAR-base/RADAR-Kubernetes/blob/main/etc/kube-prometheus-stack/files/crds.yaml

## Feedback and Contributions

Enabling RADAR-base community to use RADAR-Kubernetes is important for us. If you have troubles setting up the platform using provided instructions, you can create an issue with exact details to reproduce and the expected behaviour.
Expand Down
2 changes: 1 addition & 1 deletion charts/app-config-frontend/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 2.0.3
version: 2.1.1

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
Expand Down
6 changes: 4 additions & 2 deletions charts/app-config-frontend/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
# app-config-frontend
[![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/app-config-frontend)](https://artifacthub.io/packages/helm/radar-base/app-config-frontend)

![Version: 2.0.3](https://img.shields.io/badge/Version-2.0.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.5.2](https://img.shields.io/badge/AppVersion-0.5.2-informational?style=flat-square)
![Version: 2.1.1](https://img.shields.io/badge/Version-2.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.5.2](https://img.shields.io/badge/AppVersion-0.5.2-informational?style=flat-square)

A Helm chart for the frontend application of RADAR-base application config (app-config).

Expand Down Expand Up @@ -43,13 +43,15 @@ A Helm chart for the frontend application of RADAR-base application config (app-
| securityContext | object | `{}` | Configure Appconfig containers' Security Context |
| service.type | string | `"ClusterIP"` | Kubernetes Service type |
| service.port | int | `8080` | Appconfig frontend port |
| disable_tls | bool | `false` | Reconfigure Ingress to not force TLS |
| advertised_protocol | string | `"https"` | The protocol in advertised URIs (https, http) |
| ingress.enabled | bool | `true` | Enable ingress controller resource |
| ingress.annotations | object | check values.yaml | Annotations that define default ingress class, certificate issuer |
| ingress.path | string | `"/appconfig"` | Path within the url structure |
| ingress.pathType | string | `"ImplementationSpecific"` | Ingress Path type |
| ingress.ingressClassName | string | `"nginx"` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) |
| ingress.hosts | list | `["localhost"]` | Hosts to accept requests from |
| ingress.tls.secretName | string | `"radar-base-tls-appconfig-frontend"` | TLS Secret Name |
| ingress.tls.secretName | string | `"radar-base-tls"` | TLS Secret Name |
| resources.limits | object | `{"cpu":"200m","memory":"512Mi"}` | CPU/Memory resource limits |
| resources.requests | object | `{"cpu":"100m","memory":"128Mi"}` | CPU/Memory resource requests |
| nodeSelector | object | `{}` | Node labels for pod assignment |
Expand Down
5 changes: 2 additions & 3 deletions charts/app-config-frontend/templates/deployment.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
{{ $https := ternary "http" "https" (or .Values.disable_tls (not .Values.ingress.tls)) }}
apiVersion: apps/v1
kind: Deployment
metadata:
Expand Down Expand Up @@ -53,9 +52,9 @@ spec:
- name: APP_CONFIG_URL
value: /appconfig/api
- name: AUTH_URL
value: {{ printf "%s://%s/managementportal/oauth" $https .Values.serverName }}
value: {{ printf "%s://%s/managementportal/oauth" .Values.advertised_protocol .Values.serverName }}
- name: AUTH_CALLBACK_URL
value: {{ printf "%s://%s/appconfig/login" $https .Values.serverName }}
value: {{ printf "%s://%s/appconfig/login" .Values.advertised_protocol .Values.serverName }}
{{- with .Values.extraEnvVars }}
{{- toYaml . | nindent 10 }}
{{- end }}
Expand Down
7 changes: 6 additions & 1 deletion charts/app-config-frontend/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,11 @@ service:
# -- Appconfig frontend port
port: 8080

# -- Reconfigure Ingress to not force TLS
disable_tls: false
# -- The protocol in advertised URIs (https, http)
advertised_protocol: https

ingress:
# -- Enable ingress controller resource
enabled: true
Expand All @@ -62,7 +67,7 @@ ingress:
- localhost
tls:
# -- TLS Secret Name
secretName: radar-base-tls-appconfig-frontend
secretName: radar-base-tls

resources:
# We usually recommend not to specify default resources and to leave this as a conscious
Expand Down
2 changes: 1 addition & 1 deletion charts/app-config/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v2
appVersion: "0.5.2"
description: A Helm chart for RADAR-base application config (app-config) backend service which is used as mobile app configuration engine with per-project and per-user configuration.
name: app-config
version: 1.3.2
version: 1.3.4
icon: "http://radar-base.org/wp-content/uploads/2022/09/Logo_RADAR-Base-RGB.png"
sources:
- https://github.com/RADAR-base/radar-helm-charts/tree/main/charts/app-config
Expand Down
6 changes: 3 additions & 3 deletions charts/app-config/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
# app-config
[![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/app-config)](https://artifacthub.io/packages/helm/radar-base/app-config)

![Version: 1.3.2](https://img.shields.io/badge/Version-1.3.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.5.2](https://img.shields.io/badge/AppVersion-0.5.2-informational?style=flat-square)
![Version: 1.3.4](https://img.shields.io/badge/Version-1.3.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.5.2](https://img.shields.io/badge/AppVersion-0.5.2-informational?style=flat-square)

A Helm chart for RADAR-base application config (app-config) backend service which is used as mobile app configuration engine with per-project and per-user configuration.

Expand Down Expand Up @@ -45,14 +45,14 @@ A Helm chart for RADAR-base application config (app-config) backend service whic
| securityContext | object | `{}` | Configure Appconfig containers' Security Context |
| service.type | string | `"ClusterIP"` | Kubernetes Service type |
| service.port | int | `8090` | Appconfig port |
| disable_tls | bool | `false` | Disable TLS (reconfigures Ingress and sets URLs to use HTTP) |
| disable_tls | bool | `false` | Reconfigure Ingress to not force TLS |
| ingress.enabled | bool | `true` | Enable ingress controller resource |
| ingress.annotations | object | check values.yaml | Annotations that define default ingress class, certificate issuer |
| ingress.path | string | `"/appconfig/api"` | Path within the url structure |
| ingress.pathType | string | `"ImplementationSpecific"` | Ingress Path type |
| ingress.ingressClassName | string | `"nginx"` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) |
| ingress.hosts | list | `["localhost"]` | Hosts to accept requests from |
| ingress.tls.secretName | string | `"radar-base-tls-appconfig"` | TLS Secret Name |
| ingress.tls.secretName | string | `"radar-base-tls"` | TLS Secret Name |
| resources.limits | object | `{"cpu":2}` | CPU/Memory resource limits |
| resources.requests | object | `{"cpu":"100m","memory":"768Mi"}` | CPU/Memory resource requests |
| nodeSelector | object | `{}` | Node labels for pod assignment |
Expand Down
4 changes: 2 additions & 2 deletions charts/app-config/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ service:
# -- Appconfig port
port: 8090

# -- Disable TLS (reconfigures Ingress and sets URLs to use HTTP)
# -- Reconfigure Ingress to not force TLS
disable_tls: false

ingress:
Expand All @@ -72,7 +72,7 @@ ingress:
- localhost
tls:
# -- TLS Secret Name
secretName: radar-base-tls-appconfig
secretName: radar-base-tls

resources:
# We usually recommend not to specify default resources and to leave this as a conscious
Expand Down
2 changes: 1 addition & 1 deletion charts/cc-schema-registry-proxy/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v2
appVersion: "1.0"
description: A Helm chart for Confluent Cloud schema registry proxy. This proxy service is used when RADAR-base platform is used with Confluent Cloud based schema registry. It forwards requests to schema registry with an additonal basic authentication header with Confluent Cloud schema registry credentials. This service will be enabled if `cc.enabled = true`.
name: cc-schema-registry-proxy
version: 0.3.2
version: 0.3.3
type: application
home: "https://radar-base.org"
icon: "http://radar-base.org/wp-content/uploads/2022/09/Logo_RADAR-Base-RGB.png"
Expand Down
4 changes: 2 additions & 2 deletions charts/cc-schema-registry-proxy/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
# cc-schema-registry-proxy
[![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/cc-schema-registry-proxy)](https://artifacthub.io/packages/helm/radar-base/cc-schema-registry-proxy)

![Version: 0.3.2](https://img.shields.io/badge/Version-0.3.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.0](https://img.shields.io/badge/AppVersion-1.0-informational?style=flat-square)
![Version: 0.3.3](https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.0](https://img.shields.io/badge/AppVersion-1.0-informational?style=flat-square)

A Helm chart for Confluent Cloud schema registry proxy. This proxy service is used when RADAR-base platform is used with Confluent Cloud based schema registry. It forwards requests to schema registry with an additonal basic authentication header with Confluent Cloud schema registry credentials. This service will be enabled if `cc.enabled = true`.

Expand Down Expand Up @@ -34,7 +34,7 @@ A Helm chart for Confluent Cloud schema registry proxy. This proxy service is us
| service.type | string | `"ExternalName"` | Kubernetes Service type, |
| service.externalName | string | `"schema-registry-domain"` | Domain name used for pointing to actual schema registry instance |
| service.port | int | `443` | Port number to connect to Confluent platform |
| disable_tls | bool | `false` | Disable TLS (reconfigures Ingress and sets URLs to use HTTP) |
| disable_tls | bool | `false` | Reconfigure Ingress to not force TLS |
| ingress.enabled | bool | `true` | Enable ingress controller resource |
| ingress.annotations | object | check values.yaml | Annotations that define default ingress class, certificate issuer |
| ingress.path | string | `"/schema/?(.*)"` | Path within the url structure |
Expand Down
2 changes: 1 addition & 1 deletion charts/cc-schema-registry-proxy/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ service:
# -- Port number to connect to Confluent platform
port: 443

# -- Disable TLS (reconfigures Ingress and sets URLs to use HTTP)
# -- Reconfigure Ingress to not force TLS
disable_tls: false

ingress:
Expand Down
2 changes: 1 addition & 1 deletion charts/data-dashboard-backend/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v2
appVersion: "0.2.2"
name: data-dashboard-backend
description: API for data in the data dashboard
version: 0.3.4
version: 0.3.7
sources: ["https://github.com/thehyve/radar-data-dashboard-backend"]
deprecated: false
type: application
Expand Down
7 changes: 4 additions & 3 deletions charts/data-dashboard-backend/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

# data-dashboard-backend

![Version: 0.3.4](https://img.shields.io/badge/Version-0.3.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.2.2](https://img.shields.io/badge/AppVersion-0.2.2-informational?style=flat-square)
![Version: 0.3.7](https://img.shields.io/badge/Version-0.3.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.2.2](https://img.shields.io/badge/AppVersion-0.2.2-informational?style=flat-square)

API for data in the data dashboard

Expand Down Expand Up @@ -40,19 +40,20 @@ API for data in the data dashboard
| securityContext | object | `{}` | Configure container's Security Context |
| service.type | string | `"ClusterIP"` | Kubernetes Service type |
| service.port | int | `9000` | data-dashboard-backend port |
| disable_tls | bool | `false` | Disable TLS (reconfigures Ingress and sets URLs to use HTTP) |
| disable_tls | bool | `false` | Reconfigure Ingress to not force TLS |
| ingress.enabled | bool | `true` | Enable ingress controller resource |
| ingress.ingressClassName | string | `"nginx"` | Ingress class name |
| ingress.annotations | object | check values.yaml | Annotations that define default ingress class, certificate issuer |
| ingress.path | string | `"/api"` | Path within the url structure |
| ingress.pathType | string | `"ImplementationSpecific"` | |
| ingress.hosts | list | `["localhost"]` | Hosts to accept requests from |
| ingress.tls.secretName | string | `"radar-base-data-dashboard-tls"` | |
| ingress.tls.secretName | string | `"radar-base-tls"` | |
| resources | object | `{}` | |
| autoscaling.enabled | bool | `false` | Enable horizontal autoscaling |
| autoscaling.minReplicas | int | `1` | |
| autoscaling.maxReplicas | int | `100` | |
| autoscaling.targetCPUUtilizationPercentage | int | `80` | |
| networkpolicy | object | check `values.yaml` | Network policy defines who can access this application and who this applications has access to |
| nodeSelector | object | `{}` | Node labels for pod assignment |
| tolerations | list | `[]` | Toleration labels for pod assignment |
| affinity | object | `{}` | Affinity labels for pod assignment |
Expand Down
13 changes: 13 additions & 0 deletions charts/data-dashboard-backend/templates/networkpolicy.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
{{- if .Values.networkpolicy }}
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
name: {{ template "data-dashboard-backend.fullname" . }}
labels:
{{ include "data-dashboard-backend.labels" . | indent 4 }}
spec:
podSelector:
matchLabels:
{{ include "data-dashboard-backend.labels" . | indent 6 }}
{{- tpl (toYaml .Values.networkpolicy) . | nindent 2 }}
{{- end -}}
46 changes: 44 additions & 2 deletions charts/data-dashboard-backend/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ service:
# -- data-dashboard-backend port
port: 9000

# -- Disable TLS (reconfigures Ingress and sets URLs to use HTTP)
# -- Reconfigure Ingress to not force TLS
disable_tls: false

ingress:
Expand All @@ -59,7 +59,7 @@ ingress:
hosts:
- localhost
tls:
secretName: radar-base-data-dashboard-tls
secretName: radar-base-tls

resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
Expand All @@ -81,6 +81,48 @@ autoscaling:
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80

# -- Network policy defines who can access this application and who this applications has access to
# @default -- check `values.yaml`
networkpolicy:
policyTypes:
- Ingress
- Egress
ingress:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: '{{ .Release.Namespace }}'
podSelector:
matchLabels:
app.kubernetes.io/name: ingress-nginx
egress:
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: '{{ .Release.Namespace }}'
podSelector:
matchLabels:
app.kubernetes.io/name: 'management-portal'
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: '{{ .Release.Namespace }}'
podSelector:
matchLabels:
app.kubernetes.io/name: postgresql
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: kube-system
podSelector:
matchLabels:
k8s-app: kube-dns
ports:
- port: 53
protocol: UDP
- port: 53
protocol: TCP

# -- Node labels for pod assignment
nodeSelector: {}

Expand Down
22 changes: 0 additions & 22 deletions charts/kafka-manager/.helmignore

This file was deleted.

20 changes: 0 additions & 20 deletions charts/kafka-manager/Chart.yaml

This file was deleted.

Empty file.
6 changes: 0 additions & 6 deletions charts/kafka-manager/OWNERS

This file was deleted.

Loading

0 comments on commit 8aa7331

Please sign in to comment.