From bd4b869d628a0c3e347f30d4c47bdb04883639dc Mon Sep 17 00:00:00 2001 From: "meetkumar.javiya" Date: Thu, 21 Aug 2025 14:16:31 +0530 Subject: [PATCH 01/24] feat: added jovvix helm chart #118 --- charts/jovvix/.helmignore | 23 + charts/jovvix/Chart.lock | 12 + charts/jovvix/Chart.yaml | 41 ++ charts/jovvix/templates/NOTES.txt | 0 charts/jovvix/templates/_helpers.tpl | 118 +++++ charts/jovvix/templates/configmap.yaml | 14 + charts/jovvix/templates/deployment.yaml | 443 +++++++++++++++++ charts/jovvix/templates/job.yaml | 116 +++++ charts/jovvix/templates/secret.yaml | 15 + charts/jovvix/values.yaml | 625 ++++++++++++++++++++++++ 10 files changed, 1407 insertions(+) create mode 100644 charts/jovvix/.helmignore create mode 100644 charts/jovvix/Chart.lock create mode 100644 charts/jovvix/Chart.yaml create mode 100644 charts/jovvix/templates/NOTES.txt create mode 100644 charts/jovvix/templates/_helpers.tpl create mode 100644 charts/jovvix/templates/configmap.yaml create mode 100644 charts/jovvix/templates/deployment.yaml create mode 100644 charts/jovvix/templates/job.yaml create mode 100644 charts/jovvix/templates/secret.yaml create mode 100644 charts/jovvix/values.yaml diff --git a/charts/jovvix/.helmignore b/charts/jovvix/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/charts/jovvix/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/jovvix/Chart.lock b/charts/jovvix/Chart.lock new file mode 100644 index 00000000..31bccca9 --- /dev/null +++ b/charts/jovvix/Chart.lock @@ -0,0 +1,12 @@ +dependencies: +- name: postgresql + repository: oci://registry-1.docker.io/bitnamicharts + version: 16.7.21 +- name: redis + repository: oci://registry-1.docker.io/bitnamicharts + version: 21.2.13 +- name: kratos + repository: https://k8s.ory.sh/helm/charts + version: 0.45.0 +digest: sha256:88fc564a207e9b01b1758dfe0911c2181d73a0bd67b9b2d560a50809d55b5353 +generated: "2025-08-06T18:48:56.874391824+05:30" diff --git a/charts/jovvix/Chart.yaml b/charts/jovvix/Chart.yaml new file mode 100644 index 00000000..8807e05b --- /dev/null +++ b/charts/jovvix/Chart.yaml @@ -0,0 +1,41 @@ +apiVersion: v2 +name: jovvix +description: A Helm chart for jovvix + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.0.0" + +maintainers: + - name: improwised + +dependencies: + - name: postgresql + version: "16.7.21" + repository: oci://registry-1.docker.io/bitnamicharts + condition: postgresql.enabled + - name: redis + version: "21.2.13" + repository: oci://registry-1.docker.io/bitnamicharts + condition: redis.enabled + - name: kratos + version: "0.45.0" + repository: https://k8s.ory.sh/helm/charts + condition: kratos.enabled diff --git a/charts/jovvix/templates/NOTES.txt b/charts/jovvix/templates/NOTES.txt new file mode 100644 index 00000000..e69de29b diff --git a/charts/jovvix/templates/_helpers.tpl b/charts/jovvix/templates/_helpers.tpl new file mode 100644 index 00000000..92df6f01 --- /dev/null +++ b/charts/jovvix/templates/_helpers.tpl @@ -0,0 +1,118 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "jovvix.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "jovvix.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "jovvix.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "jovvix.labels" -}} +helm.sh/chart: {{ include "jovvix.chart" . }} +{{ include "jovvix.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "jovvix.selectorLabels" -}} +app.kubernetes.io/name: {{ include "jovvix.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "jovvix.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "jovvix.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Return the appropriate apiVersion for deployment. +*/}} +{{- define "deployment.apiVersion" -}} +{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.Version -}} +{{- print "extensions/v1beta1" -}} +{{- else -}} +{{- print "apps/v1" -}} +{{- end -}} +{{- end -}} + +{{- define "hpa.apiVersion" -}} +{{- if semverCompare ">1.25-0" .Capabilities.KubeVersion.Version -}} +{{- print "autoscaling/v2" -}} +{{- else -}} +{{- print "autoscaling/v2beta2" -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for ingress. +*/}} +{{- define "ingress.apiVersion" -}} +{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.Version -}} +{{- print "extensions/v1beta1" -}} +{{- else if semverCompare "<1.19-0" .Capabilities.KubeVersion.Version -}} +{{- print "networking.k8s.io/v1beta1" -}} +{{- else -}} +{{- print "networking.k8s.io/v1" -}} +{{- end -}} +{{- end -}} + +{{- define "ingress.backend" -}} +{{- $apiVersion := (include "ingress.apiVersion" .context) -}} +{{- if or (eq $apiVersion "extensions/v1beta1") (eq $apiVersion "networking.k8s.io/v1beta1") -}} +serviceName: {{ .serviceName }} +servicePort: {{ .servicePort }} +{{- else -}} +service: + name: {{ .serviceName }} + port: + {{- if typeIs "string" .servicePort }} + name: {{ .servicePort }} + {{- else if or (typeIs "int" .servicePort) (typeIs "float64" .servicePort) }} + number: {{ .servicePort | int }} + {{- end }} +{{- end -}} +{{- end -}} + +{{- define "ingress.pathtype" -}} +{{- $apiVersion := (include "ingress.apiVersion" .) -}} +{{- if (eq $apiVersion "networking.k8s.io/v1") -}} +pathType: ImplementationSpecific +{{- end -}} +{{- end -}} diff --git a/charts/jovvix/templates/configmap.yaml b/charts/jovvix/templates/configmap.yaml new file mode 100644 index 00000000..acb38220 --- /dev/null +++ b/charts/jovvix/templates/configmap.yaml @@ -0,0 +1,14 @@ +{{- range .Values.configmaps }} +{{- if .create }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .fullNameOverride | default (printf "%s-%s" $.Release.Name .name) }} + namespace: {{ $.Release.Namespace | quote }} + labels: + {{- include "jovvix.labels" $ | nindent 4 }} +data: + {{- toYaml .data | nindent 2 }} +{{- end }} +{{- end }} diff --git a/charts/jovvix/templates/deployment.yaml b/charts/jovvix/templates/deployment.yaml new file mode 100644 index 00000000..63029e94 --- /dev/null +++ b/charts/jovvix/templates/deployment.yaml @@ -0,0 +1,443 @@ +{{- range .Values.services }} +--- +apiVersion: {{ include "deployment.apiVersion" $ }} +kind: Deployment +metadata: +{{- if $.Values.prefixWithReleaseName.enabled }} + name: "{{ $.Release.Name }}-{{ .name | default $.Values.serviceTemplate.name }}-svc" +{{- else}} + name: "{{ .name | default $.Values.serviceTemplate.name }}" +{{- end }} + namespace: {{ $.Release.Namespace | quote }} + labels: + {{- include "jovvix.labels" $ | nindent 4 }} + app.kubernetes.io/component: "{{ .name | default $.Values.serviceTemplate.name }}" +{{- with .annotations | default $.Values.serviceTemplate.annotations }} + annotations: + {{- toYaml . | nindent 4 }} +{{- end }} +spec: + {{ if .type }} + {{- else }} + strategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 50% + maxSurge: 100% + {{- end }} + replicas: {{ if ne .minReplicaCount nil }}{{ .minReplicaCount }}{{ else }}{{ $.Values.serviceTemplate.minReplicaCount }}{{ end }} + selector: + matchLabels: + {{- include "jovvix.selectorLabels" $ | nindent 6 }} + app.kubernetes.io/component: "{{ .name | default $.Values.serviceTemplate.name }}" + template: + metadata: + labels: + {{- include "jovvix.labels" $ | nindent 8 }} + app.kubernetes.io/component: "{{ .name | default $.Values.serviceTemplate.name }}" + {{ if .podAnnotations }} + annotations: +{{ toYaml .podAnnotations | indent 8 }} + {{- end }} + spec: + {{- if .imagePullSecrets }} + imagePullSecrets: +{{ toYaml .imagePullSecrets | indent 8 }} + {{- else if $.Values.serviceTemplate.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .imagePullSecrets | indent 8 }} + {{- else }} + {{- if $.Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml $.Values.imagePullSecrets | indent 8 }} + {{- end }} + {{- end }} + terminationGracePeriodSeconds: {{ .terminationGracePeriodSeconds | default $.Values.serviceTemplate.terminationGracePeriodSeconds }} + {{- if or ($.Values.serviceTemplate.initContainers) (.initContainers) }} + {{- with .initContainers | default $.Values.serviceTemplate.initContainers }} + initContainers: +{{ toYaml . | indent 8 }} + {{- end }} + {{- end }} + containers: + {{- if $.Values.prefixWithReleaseName.enabled }} + - name: "{{ $.Release.Name }}-{{ .name | default $.Values.serviceTemplate.name }}" + {{- else}} + - name: "{{ .name | default $.Values.serviceTemplate.name }}" + {{- end }} + {{- if .image }} + image: "{{ .image.repository }}:{{ .image.tag }}" + {{- else }} + image: "{{ $.Values.image.repository }}:{{ $.Values.image.tag }}" + {{- end }} + imagePullPolicy: {{ $.Values.image.pullPolicy }} + env: + {{- if .env }} +{{ toYaml .env | indent 12 }} + {{- end }} + {{- if $.Values.env }} +{{ toYaml $.Values.env | indent 12 }} + {{- end }} + {{- if $.Values.serviceTemplate.env }} +{{ toYaml $.Values.serviceTemplate.env | indent 12 }} + {{- end }} + envFrom: + {{- if .envFrom }} +{{ toYaml .envFrom | indent 12 }} + {{- end }} + {{- if $.Values.envFrom }} +{{ toYaml $.Values.envFrom | indent 12 }} + {{- end }} + {{- if $.Values.serviceTemplate.envFrom }} +{{ toYaml $.Values.serviceTemplate.envFrom | indent 12 }} + {{- end }} + {{- if .command }} + {{- with .command | default $.Values.serviceTemplate.command }} + command: +{{ toYaml . | indent 12 }} + {{- end }} + {{- end }} + {{- if .args }} + {{- with .args | default $.Values.serviceTemplate.args }} + args: +{{ toYaml . | indent 12 }} + {{- end }} + {{- end }} + {{- with .ports | default $.Values.serviceTemplate.ports }} + ports: +{{ toYaml . | indent 12 }} + {{- end }} + {{- with .resources | default $.Values.serviceTemplate.resources }} + resources: +{{ toYaml . | indent 12 }} + {{- end }} + {{- if or ($.Values.serviceTemplate.healthcheck.enabled) (.healthcheck.enabled) }} + {{- if .healthcheck }} +{{- $healthType := .healthcheck.type -}} + {{- if and (eq $healthType "httpGet") (.healthcheck.path ) }} + livenessProbe: + httpGet: + path: {{ .healthcheck.path }} + port: {{ .healthcheck.port }} + timeoutSeconds: 7 + initialDelaySeconds: {{ .healthcheck.initialDelaySeconds | default "20" }} + periodSeconds: {{ .healthcheck.periodSeconds | default "20" }} + readinessProbe: + httpGet: + path: {{ .healthcheck.path }} + port: {{ .healthcheck.port }} + timeoutSeconds: 7 + initialDelaySeconds: {{ .healthcheck.initialDelaySeconds | default "20" }} + periodSeconds: {{ .healthcheck.periodSeconds | default "20" }} + {{- else if and (eq $healthType "tcpSocket") ( .healthcheck.port ) }} + livenessProbe: + tcpSocket: + port: {{ .healthcheck.port }} + initialDelaySeconds: {{ .healthcheck.initialDelaySeconds | default "20" }} + periodSeconds: {{ .healthcheck.periodSeconds | default "20" }} + readinessProbe: + tcpSocket: + port: {{ .healthcheck.port }} + initialDelaySeconds: {{ .healthcheck.initialDelaySeconds | default "20" }} + periodSeconds: {{ .healthcheck.periodSeconds | default "20" }} + {{- end }} +{{- else }} +{{- $healthType := $.Values.serviceTemplate.healthcheck.type -}} + {{- if and (eq $healthType "httpGet") ($.Values.serviceTemplate.healthcheck.path) }} + livenessProbe: + httpGet: + path: {{ $.Values.serviceTemplate.healthcheck.path }} + port: {{ $.Values.serviceTemplate.healthcheck.port }} + timeoutSeconds: 7 + initialDelaySeconds: {{ $.Values.serviceTemplate.healthcheck.initialDelaySeconds | default "20" }} + periodSeconds: {{ $.Values.serviceTemplate.healthcheck.periodSeconds | default "20" }} + readinessProbe: + httpGet: + path: {{ $.Values.serviceTemplate.healthcheck.path }} + port: {{ $.Values.serviceTemplate.healthcheck.port }} + timeoutSeconds: 7 + initialDelaySeconds: {{ $.Values.serviceTemplate.healthcheck.initialDelaySeconds | default "20" }} + periodSeconds: {{ $.Values.serviceTemplate.healthcheck.periodSeconds | default "20" }} + {{- else if and (eq $healthType "tcpSocket") ($.Values.serviceTemplate.healthcheck.port) }} + livenessProbe: + tcpSocket: + port: {{ $.Values.serviceTemplate.healthcheck.port }} + initialDelaySeconds: {{ $.Values.serviceTemplate.healthcheck.initialDelaySeconds | default "20" }} + periodSeconds: {{ $.Values.serviceTemplate.healthcheck.periodSeconds | default "20" }} + readinessProbe: + tcpSocket: + port: {{ $.Values.serviceTemplate.healthcheck.port }} + initialDelaySeconds: {{ $.Values.serviceTemplate.healthcheck.initialDelaySeconds | default "20" }} + periodSeconds: {{ $.Values.serviceTemplate.healthcheck.periodSeconds | default "20" }} + {{- end }} +{{- end }} + {{- end }} + volumeMounts: + {{- if .volumeMounts }} +{{ toYaml .volumeMounts | indent 10 }} + {{- end }} + {{- if $.Values.volumeMounts }} +{{ toYaml $.Values.volumeMounts | indent 10 }} + {{- end }} + {{- if $.Values.serviceTemplate.volumeMounts }} +{{ toYaml $.Values.serviceTemplate.volumeMounts | indent 10 }} + {{- end }} + {{- with .securityContext | default $.Values.serviceTemplate.securityContext }} + securityContext: +{{ toYaml . | indent 8 }} + {{- end }} + volumes: + {{- if .volumes }} +{{ toYaml .volumes | indent 8 }} + {{- end }} + {{- if $.Values.volumes }} +{{ toYaml $.Values.volumes | indent 8 }} + {{- end }} + {{- if $.Values.serviceTemplate.volumes }} +{{ toYaml $.Values.serviceTemplate.volumes | indent 8 }} + {{- end }} + {{- with .nodeSelector | default $.Values.serviceTemplate.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 1 + podAffinityTerm: + topologyKey: kubernetes.io/hostname + labelSelector: + matchLabels: + {{- include "jovvix.labels" $ | nindent 18 }} + app.kubernetes.io/component: "{{ .name | default $.Values.serviceTemplate.name }}" + {{- with .affinity | default $.Values.serviceTemplate.affinity }} +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .tolerations | default $.Values.serviceTemplate.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} +{{- if .volumeClaimTemplates }} + volumeClaimTemplates: + +{{ toYaml .volumeClaimTemplates | indent 8 }} + {{- end }} + {{- if $.Values.volumeClaimTemplates }} +{{ toYaml $.Values.volumeClaimTemplates | indent 8 }} + {{- end }} + {{- if $.Values.serviceTemplate.volumeClaimTemplates }} +{{ toYaml $.Values.serviceTemplate.volumeClaimTemplates | indent 8 }} + {{- end }} +{{- if and (.autoscaling | default $.Values.serviceTemplate.autoscaling) (ne .type "StatefulSet")}} +--- +apiVersion: {{ include "hpa.apiVersion" $ }} +kind: HorizontalPodAutoscaler +metadata: +{{- if $.Values.prefixWithReleaseName.enabled }} + name: "{{ $.Release.Name }}-{{ .name | default $.Values.serviceTemplate.name }}-svc" +{{- else }} + name: "{{ .name | default $.Values.serviceTemplate.name }}" +{{- end }} + namespace: {{ $.Release.Namespace | quote }} + labels: + {{- include "jovvix.labels" $ | nindent 4 }} + app.kubernetes.io/component: "{{ .name | default $.Values.serviceTemplate.name }}" +spec: + scaleTargetRef: + apiVersion: {{ include "deployment.apiVersion" $ }} + kind: Deployment + {{- if $.Values.prefixWithReleaseName.enabled }} + name: "{{ $.Release.Name }}-{{ .name | default $.Values.serviceTemplate.name }}-svc" + {{- else }} + name: "{{ .name | default $.Values.serviceTemplate.name }}" + {{- end }} + minReplicas: {{ .minReplicaCount | default $.Values.serviceTemplate.minReplicaCount }} + maxReplicas: {{ .maxReplicaCount | default $.Values.serviceTemplate.maxReplicaCount }} + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .averageUtilization | default $.Values.serviceTemplate.averageUtilization }} + # - type: Resource + # resource: + # name: memory + # target: + # type: AverageValue + # averageValue: 100Mi +{{- end }} +{{- if .service}} +{{- if or ( .service.enabled ) ($.Values.serviceTemplate.service.enabled) }} +--- +apiVersion: v1 +kind: Service +metadata: +{{- if $.Values.prefixWithReleaseName.enabled }} + {{- if .service.ClusterIP }} + name: "{{ $.Release.Name }}-{{ .name | default $.Values.serviceTemplate.name }}-svc-headless" + {{- else }} + name: "{{ $.Release.Name }}-{{ .name | default $.Values.serviceTemplate.name }}-svc" + {{- end }} +{{- else}} + name: "{{ .name | default $.Values.serviceTemplate.name }}" +{{- end }} + namespace: {{ $.Release.Namespace | quote }} + labels: + {{- include "jovvix.labels" $ | nindent 4 }} + app.kubernetes.io/component: "{{ .name | default $.Values.serviceTemplate.name }}" +{{- with .service.annotations }} + annotations: + {{- toYaml . | nindent 4 }} +{{- end }} +spec: + type: {{ .service.type }} + {{- if .service.ClusterIP }} + clusterIP: {{ .service.ClusterIP }} + {{- end}} + ports: +{{- with .service.ports }} + {{ toYaml . | nindent 4 }} +{{- end }} + selector: + {{- include "jovvix.selectorLabels" $ | nindent 4 }} + app.kubernetes.io/component: "{{ .name | default $.Values.serviceTemplate.name }}" +{{- end }} +{{- else if $.Values.serviceTemplate.service.enabled }} +--- +apiVersion: v1 +kind: Service +metadata: +{{- if $.Values.prefixWithReleaseName.enabled }} + {{- if $.Values.serviceTemplate.service.ClusterIP }} + name: "{{ $.Release.Name }}-{{ .name | default $.Values.serviceTemplate.name }}-svc-headless" + {{- else }} + name: "{{ $.Release.Name }}-{{ .name | default $.Values.serviceTemplate.name }}-svc" + {{- end }} +{{- else}} + name: "{{ .name | default $.Values.serviceTemplate.name }}" +{{- end }} + namespace: {{ $.Release.Namespace | quote }} + labels: + {{- include "jovvix.labels" $ | nindent 4 }} + app.kubernetes.io/component: "{{ .name | default $.Values.serviceTemplate.name }}" +{{- with $.Values.serviceTemplate.service.annotations }} + annotations: + {{- toYaml . | nindent 4 }} +{{- end }} +spec: + type: {{ $.Values.serviceTemplate.service.type }} + {{- if $.Values.serviceTemplate.service.ClusterIP }} + clusterIP: {{ $.Values.serviceTemplate.service.ClusterIP }} + {{- end}} + ports: +{{- with $.Values.serviceTemplate.service.ports }} + {{ toYaml . | nindent 4 }} +{{- end }} + selector: + {{- include "jovvix.selectorLabels" $ | nindent 4 }} + app.kubernetes.io/component: "{{ .name | default $.Values.serviceTemplate.name }}" +{{- end }} + +{{- if and .httpRoute (.httpRoute.enabled | default $.Values.serviceTemplate.httpRoute.enabled) }} +--- +{{- $svcName := .name | default $.Values.serviceTemplate.name -}} +{{- $fullName := printf "%s-%s-svc" $.Release.Name ($svcName) -}} +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: +{{- if $.Values.prefixWithReleaseName.enabled }} + name: "{{ $.Release.Name }}-{{ $svcName }}-svc" +{{- else }} + name: "{{ $svcName }}" +{{- end }} + namespace: {{ $.Release.Namespace | quote }} + labels: + {{- include "jovvix.labels" $ | nindent 4 }} + {{- with (.httpRoute.annotations | default $.Values.serviceTemplate.httpRoute.annotations) }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- with (.httpRoute.parentRefs | default $.Values.serviceTemplate.httpRoute.parentRefs) }} + parentRefs: + {{- toYaml . | nindent 2 }} + {{- end }} + {{- with (.httpRoute.hostnames | default $.Values.serviceTemplate.httpRoute.hostnames) }} + hostnames: + {{- toYaml . | nindent 2 }} + {{- end }} + rules: + - matches: + {{- with (.httpRoute.matches.path | default $.Values.serviceTemplate.httpRoute.matches.path) }} + - path: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .httpRoute.matches.timeouts }} + timeouts: + {{- toYaml . | nindent 6 }} + {{- end }} + backendRefs: + - kind: Service + {{- if $.Values.prefixWithReleaseName.enabled }} + name: "{{ $.Release.Name }}-{{ $svcName }}-svc" + {{- else }} + name: "{{ $svcName }}" + {{- end }} + port: {{ (index .service.ports 0).port | default (index $.Values.serviceTemplate.service.ports 0).port }} + {{- with .httpRoute.filters }} + filters: + {{- toYaml . | nindent 6 }} + {{- end }} +{{- end }} + +{{- if and .ingress (.ingress.enabled | default $.Values.serviceTemplate.ingress.enabled) }} +--- +{{- $svcName := .name | default $.Values.serviceTemplate.name -}} +{{- $fullName := printf "%s-%s-svc" $.Release.Name (.name | default $.Values.serviceTemplate.name) -}} +apiVersion: {{ include "ingress.apiVersion" $ }} +kind: Ingress +metadata: +{{- if $.Values.prefixWithReleaseName.enabled }} + name: "{{ $.Release.Name }}-{{ .name | default $.Values.serviceTemplate.name }}-svc" +{{- else}} + name: "{{ .name | default $.Values.serviceTemplate.name }}" +{{- end }} + namespace: {{ $.Release.Namespace | quote }} + labels: + {{- include "jovvix.labels" $ | nindent 4 }} + {{- with (.ingress.annotations | default $.Values.serviceTemplate.ingress.annotations) }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: +{{- if .ingress.className | default $.Values.serviceTemplate.ingress.className }} + ingressClassName: {{ .ingress.className | default $.Values.serviceTemplate.ingress.className }} +{{- end }} +{{- if gt (len (.ingress.tls | default $.Values.serviceTemplate.ingress.tls)) 0 }} + tls: + {{- range (.ingress.tls | default $.Values.serviceTemplate.ingress.tls) }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range (.ingress.hosts | default $.Values.serviceTemplate.ingress.hosts) }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + pathType: {{ .pathType }} + {{- if $.Values.prefixWithReleaseName.enabled }} + backend: {{- include "ingress.backend" (dict "serviceName" $fullName "servicePort" .servicePort "context" $) | nindent 14 }} + {{- else}} + backend: {{- include "ingress.backend" (dict "serviceName" $svcName "servicePort" .servicePort "context" $) | nindent 14 }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/jovvix/templates/job.yaml b/charts/jovvix/templates/job.yaml new file mode 100644 index 00000000..dab5cc1b --- /dev/null +++ b/charts/jovvix/templates/job.yaml @@ -0,0 +1,116 @@ +{{- range .Values.jobs }} +--- +apiVersion: batch/v1 +kind: Job +metadata: +{{- if $.Values.prefixWithReleaseName.enabled }} + name: "{{ $.Release.Name }}-{{ .name | default $.Values.jobTemplate.name }}" +{{- else}} + name: "{{ .name | default $.Values.jobTemplate.name }}" +{{- end }} + namespace: {{ $.Release.Namespace | quote }} + labels: + {{- include "jovvix.labels" $ | nindent 4 }} + app.kubernetes.io/component: "{{ .name | default $.Values.jobTemplate.name }}" + annotations: + linkerd.io/inject: disabled +{{- with .annotations | default $.Values.jobTemplate.annotations }} + {{- toYaml . | nindent 4 }} +{{- end }} +spec: + template: + metadata: + labels: + {{- include "jovvix.labels" $ | nindent 8 }} + app.kubernetes.io/component: "{{ .name | default $.Values.jobTemplate.name }}" + spec: + {{- if $.Values.jobTemplate.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .imagePullSecrets | indent 8 }} + {{- else if .imagePullSecrets }} + imagePullSecrets: +{{ toYaml .imagePullSecrets | indent 8 }} + {{- else }} + {{- if $.Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml $.Values.imagePullSecrets | indent 8 }} + {{- end }} + {{- end }} + restartPolicy: Never + containers: + {{- if $.Values.prefixWithReleaseName.enabled }} + - name: "{{ $.Release.Name }}-{{ .name | default $.Values.jobTemplate.name }}" + {{- else}} + - name: "{{ .name | default $.Values.jobTemplate.name }}" + {{- end }} + {{- if .image }} + image: "{{ .image.repository }}:{{ .image.tag }}" + {{- else }} + image: "{{ $.Values.image.repository }}:{{ $.Values.image.tag }}" + {{- end }} + env: + {{- if .env }} +{{ toYaml .env | indent 12 }} + {{- end }} + {{- if $.Values.env }} +{{ toYaml $.Values.env | indent 12 }} + {{- end }} + {{- if $.Values.jobTemplate.env }} +{{ toYaml $.Values.jobTemplate.env | indent 12 }} + {{- end }} + envFrom: + {{- if .envFrom }} +{{ toYaml .envFrom | indent 12 }} + {{- end }} + {{- if $.Values.envFrom }} +{{ toYaml $.Values.envFrom | indent 12 }} + {{- end }} + {{- if $.Values.jobTemplate.envFrom }} +{{ toYaml $.Values.jobTemplate.envFrom | indent 12 }} + {{- end }} + imagePullPolicy: {{ $.Values.image.pullPolicy }} + {{- if .command }} + {{- with .command | default $.Values.jobTemplate.command }} + command: +{{ toYaml . | indent 12 }} + {{- end }} + {{- end }} + {{- if .args }} + {{- with .args | default $.Values.jobTemplate.args }} + args: +{{ toYaml . | indent 12 }} + {{- end }} + {{- end }} + volumeMounts: + {{- if .volumeMounts }} +{{ toYaml .volumeMounts | indent 10 }} + {{- end }} + {{- if $.Values.volumeMounts }} +{{ toYaml $.Values.volumeMounts | indent 10 }} + {{- end }} + {{- if $.Values.jobTemplate.volumeMounts }} +{{ toYaml $.Values.jobTemplate.volumeMounts | indent 10 }} + {{- end }} + {{- with .securityContext | default $.Values.jobTemplate.securityContext }} + securityContext: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .affinity | default $.Values.jobTemplate.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .tolerations | default $.Values.jobTemplate.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} + volumes: + {{- if .volumes }} +{{ toYaml .volumes | indent 8 }} + {{- end }} + {{- if $.Values.volumes }} +{{ toYaml $.Values.volumes | indent 8 }} + {{- end }} + {{- if $.Values.jobTemplate.volumes }} +{{ toYaml $.Values.jobTemplate.volumes | indent 8 }} + {{- end }} +{{- end }} diff --git a/charts/jovvix/templates/secret.yaml b/charts/jovvix/templates/secret.yaml new file mode 100644 index 00000000..a6f918c2 --- /dev/null +++ b/charts/jovvix/templates/secret.yaml @@ -0,0 +1,15 @@ +{{- range .Values.secrets }} +{{- if .create }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ .fullNameOverride | default (printf "%s-%s" $.Release.Name .name) }} + namespace: {{ $.Release.Namespace | quote }} + labels: + {{- include "jovvix.labels" $ | nindent 4 }} +type: Opaque +stringData: + {{- toYaml .stringData | nindent 2 }} +{{- end }} +{{- end }} diff --git a/charts/jovvix/values.yaml b/charts/jovvix/values.yaml new file mode 100644 index 00000000..90291a75 --- /dev/null +++ b/charts/jovvix/values.yaml @@ -0,0 +1,625 @@ +# Default values for polymorphic-app. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +nameOverride: "" +fullnameOverride: "" +prefixWithReleaseName: + enabled: true +image: + repository: + tag: + pullPolicy: IfNotPresent + +imagePullSecrets: [] + +volumeMounts: [] + +volumes: [] + +env: [] +envFrom: [] + +# service template +serviceTemplate: + name: svc + image: + averageUtilization: 50 + # initContainers: + # - name: something + # image: alpine + # command: ['command', 'here'] + + initContainers: [] + + lifecycleHooks: {} + + healthcheck: + enabled: false + type: httpGet + # path: /healthz + # port: http + # initialDelaySeconds: 30 + # periodSeconds: 30 + + podDisruptionBudget: + enabled: false + # Set either `minAvailable` OR `maxUnavailable` + # minAvailable: 1 + # maxUnavailable: 1 + autoscaling: false + minReplicaCount: 1 + maxReplicaCount: 1 + env: [] + envFrom: [] + ports: + - name: http + containerPort: 80 + protocol: TCP + resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + securityContext: {} + # fsGroup: 1001 + # runAsGroup: 1001 + # runAsUser: 1001 + dnsConfig: {} + # nameservers: + # - 192.0.2.1 # this is an example + # searches: + # - ns1.svc.cluster-domain.example + # - my.dns.search.suffix + # options: + # - name: ndots + # value: "2" + # - name: edns0 + annotations: {} + podAnnotations: {} + # my-annotation: "value" + nodeSelector: {} + tolerations: [] + affinity: {} + volumeMounts: [] + volumes: [] + + service: + enabled: true + # className: nginx + type: ClusterIP + ports: + - name: http + port: 80 + targetPort: http + protocol: TCP + annotations: {} + + ingress: + enabled: false + # className: nginx + annotations: {} + hosts: + - host: app.example.com + paths: [] + + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +# Enables Gateway API HTTPRoute as a replacement for traditional Ingress resources + httpRoute: + enabled: false + annotations: {} + parentRefs: [] + # - name: contour #name of the gateway resource + # namespace: projectcontour #name space where gateway resource running + hostnames: [] + # - "app.example.com" + matches: + path: + type: PathPrefix + value: "/" + timeouts: {} + # request: 10s #Maximum time the Gateway waits to complete the full client request and response cycle. + # backendRequest: 10s # Maximum time the Gateway waits for a response from the backend service. + filters: [] + # - type: RequestHeaderModifier + # requestHeaderModifier: + # set: + # - name: X-Forwarded-Proto + # value: https + +# Based on serviceTemplate we can create services +services: + # service for the jovvix-ui + - name: ui + image: + repository: improwised/jovvix-ui + tag: main-9acf2cb-1754290699 + envFrom: + - configMapRef: + name: jovvix-ui + healthcheck: + enabled: false + ports: + - name: http + containerPort: 5000 + protocol: TCP + resources: + limits: + memory: 600Mi + requests: + cpu: 100m + memory: 600Mi + service: + enabled: true + type: ClusterIP + ports: + - name: http + port: 5000 + targetPort: http + protocol: TCP + ingress: + enabled: true + className: nginx + hosts: + - host: app.example.com + paths: + - path: / + pathType: Prefix + servicePort: http + # service for the jovvix-api + - name: api + # init container is used to wait for the redis pod to be up and running + initContainers: + - name: wait-for-redis + image: busybox:1.37.0 + command: ['sh', '-c', 'until timeout 3 nc -z jovvix-redis-master 6379; do echo waiting for redis; sleep 5; done; echo redis found'] + image: + repository: improwised/jovvix-api + tag: main-82546e9-1753769203 + envFrom: + - configMapRef: + name: jovvix-api + - secretRef: + name: jovvix-api + healthcheck: + enabled: true + type: httpGet + path: /api/healthz + port: http + initialDelaySeconds: 6 + periodSeconds: 6 + resources: + limits: + memory: 4Gi + requests: + cpu: 500m + memory: 4Gi + ports: + - name: http + containerPort: 3300 + protocol: TCP + service: + enabled: true + type: ClusterIP + ports: + - name: http + port: 3300 + targetPort: http + protocol: TCP + command: ["/bin/sh", "-c"] + args: ["./jovvix api"] + ingress: + enabled: true + className: nginx + hosts: + - host: app.example.com + paths: + - path: /api + pathType: Prefix + servicePort: http + +# job template +jobTemplate: + name: job + image: + repository: + tag: + env: [] + envFrom: [] + command: + annotations: [] + volumeMounts: [] + securityContext: {} + # fsGroup: 1001 + # runAsGroup: 1001 + # runAsUser: 1001 + affinity: {} + tolerations: [] + volumes: [] + +# Used to add jobs based on job template +jobs: + # runs migraion for the jovvix + - name: migration + image: + repository: improwised/jovvix-api + tag: main-82546e9-1753769203 + envFrom: + - configMapRef: + name: jovvix-api + - secretRef: + name: jovvix-api # To keep the container running + command: ["/bin/sh", "-c"] + args: + - | + until timeout 5 ./jovvix migrate up; do + echo "Waiting for Postgres to be ready for migrations..." + sleep 3 + done + echo "Migrations successful" + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + # after completing migration job will disappear + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-weight": "-5" # high priority than kratos-migration so that this finishes first + "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation + # runs kratos migrations + - name: kratos-migration + image: + repository: oryd/kratos + tag: v1.3.1 + env: + - name: DSN + valueFrom: + secretKeyRef: + name: jovvix-kratos + key: dsn + command: ["/bin/sh", "-c"] + args: + - | + until timeout 5 kratos migrate sql -e --yes; do + echo "Waiting for Postgres to be ready for kratos migrations..." + sleep 3 + done + echo "kratos migrations successful" + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + # after completing migration job will disappear + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-weight": "-4" # comes after the jovvix migration + "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation + +# Used to create configmaps, you can add existing configmaps also, but the name should be the same or you have to make changes accordingly +configmaps: + - fullNameOverride: "jovvix-api" + create: true + data: + APP_PORT: 0.0.0.0:3300 + APP_ENV: local + IS_DEVELOPMENT: "true" + DEBUG: "true" + DB_DIALECT: postgres + DB_HOST: "jovvix-db-postgresql" + DB_PORT: "5432" + DB_USERNAME: jovvix + DB_NAME: jovvix + DB_QUERYSTRING: "sslmode=disable" + MIGRATION_DIR: database/migrations + WEB_URL: "https://app.example.com" + ISSUER: "https://app.example.com" + REDIS_HOST: "jovvix-redis-master" + REDIS_PORT: "6379" + REDIS_DATABASES: "0" + MAXIMUM_POINTS_PER_QUESTION: "20" + MINIMUM_POINTS_PER_QUESTION: "0" + QUESTION_TIME_LIMIT: "15" + SCOREBOARD_MAX_DURATION: "10" + KRATOS_ENABLED: "true" + KRATOS_COOKIE_EXPIRATION_TIME: 2h23m + SERVE_PUBLIC_BASE_URL: https://app.example.com + SERVE_PUBLIC_PORT: "4433" + SERVE_ADMIN_PORT: "4451" + SELF_SERVICE_DEFAULT_BROWSER_RETURN_URL: https://app.example.com/api/v1/kratos/auth + SELF_SERVICE_FLOWS_REGISTRATION_AFTER_DEFAULT_BROWSER_RETURN_URL: https://app.example.com/api/v1/kratos/auth + AWS_REGION: ap-south-1 + BUCKET_NAME: example-bucket + S3_BUCKET_ENDPOINT: https://s3.example.com + SMTP_HOST: "smtp.example.com" + SMTP_PORT: "587" + EMAIL_FROM: "no-reply@example.com" + - fullNameOverride: "jovvix-ui" + create: true + data: + APP_ENV: local + MODE: development + PORT: "4000" + HOST: "0.0.0.0" + NUXT_PUBLIC_BASE_URL: "https://app.example.com" + NUXT_PUBLIC_API_URL: "https://app.example.com/api/v1" + NUXT_PUBLIC_API_SOCKET_URL: "wss://app.example.com/api/v1/socket" + NUXT_PUBLIC_KRATOS_URL: "https://app.example.com" + S3_BUCKET_URL: https://example-bucket.s3.example.com + +# Used to create secrets, you can add existing secrets also, but the name should be the same or you have to make changes accordingly +secrets: + - fullNameOverride: "jovvix-api" + create: true + stringData: + DB_PASSWORD: "example-db-password" + JWT_SECRET: "example-jwt-secret" + REDIS_PASSWORD: "example-redis-password" + DSN: postgres://jovvix:example-db-password@jovvix-db-postgresql:5432/jovvix?sslmode=disable + SMTP_USERNAME: "example-smtp-user" + SMTP_PASSWORD: "example-smtp-pass" + - fullNameOverride: "jovvix-db" + create: true + stringData: + postgres-password: "example-postgres-password" + password: "example-db-password" + redis-password: "example-redis-password" + - fullNameOverride: "jovvix-kratos" + create: true + stringData: + dsn: postgres://jovvix:example-db-password@jovvix-db-postgresql:5432/jovvix?sslmode=disable&search_path=kratos + secretsCipher: example-32-long-secret-change-me + secretsCookie: example-cookie-secret + secretsDefault: example-default-secret + smtpConnectionURI: smtp://example-smtp-user:example-smtp-pass@smtp.example.com:587/ + +# postgresql configurations +postgresql: + nameOverride: "db-postgresql" + global: + storageClass: local-path + primary: + persistence: + size: 1Gi + resources: + requests: + cpu: 300m + memory: 4Gi + limits: + memory: 4Gi + extendedConfiguration: | + max_connections = 1000 + auth: + username: jovvix + database: jovvix + existingSecret: jovvix-db + postgresql: + maxConnections: 4000 + +# redis configurations +redis: + nameOverride: "redis" + architecture: standalone + auth: + existingSecret: jovvix-db + global: + storageClass: local-path + master: + persistence: + size: 1Gi + resources: + requests: + cpu: 200m + memory: 1024Mi + limits: + memory: 1024Mi + +# kratos configurations +kratos: + nameOverride: "kratos" + ingress: + admin: + enabled: true + className: "nginx" + hosts: + - host: app.example.com + paths: + - path: /admin/identities + pathType: ImplementationSpecific + servicePort: http + public: + enabled: true + className: "nginx" + hosts: + - host: app.example.com + paths: + - path: /self-service + pathType: ImplementationSpecific + servicePort: http + - path: /sessions + pathType: ImplementationSpecific + servicePort: http + secret: + enabled: false # do not create secret by default + nameOverride: jovvix-kratos # takes existing secret with this name + kratos: + automigration: + enabled: false + config: + courier: + smtp: + connection_uri: smtps://test:test@mailslurper:1025/?skip_ssl_verify=true + from_address: no-reply@example.com + serve: + public: + base_url: https://app.example.com + port: 4433 + cors: + enabled: true + allowed_origins: + - https://app.example.com + allowed_methods: + - POST + - GET + - PUT + - PATCH + - DELETE + allowed_headers: + - Authorization + - Cookie + - Content-Type + exposed_headers: + - Content-Type + - Set-Cookie + allow_credentials: true + admin: + base_url: https://app.example.com + port: 4434 + selfservice: + allowed_return_urls: + - https://app.example.com + default_browser_return_url: https://app.example.com + flows: + error: + ui_url: https://app.example.com/error + login: + after: + default_browser_return_url: https://app.example.com/api/v1/kratos/auth + hooks: + - hook: require_verified_address + lifespan: 10m + ui_url: https://app.example.com/account/login + logout: + after: + default_browser_return_url: https://app.example.com/login + recovery: + enabled: true + ui_url: https://app.example.com/recovery + use: code + registration: + after: + default_browser_return_url: https://app.example.com/api/v1/kratos/auth + oidc: + hooks: + - hook: session + password: + hooks: + - hook: session + - hook: show_verification_ui + lifespan: 10m + ui_url: https://app.example.com/account/register + settings: + privileged_session_max_age: 15m + required_aal: highest_available + ui_url: https://app.example.com/settings + verification: + after: + default_browser_return_url: https://app.example.com/api/v1/kratos/auth + enabled: true + ui_url: https://app.example.com/verification + use: code + methods: + code: + enabled: true + link: + enabled: true + lookup_secret: + enabled: true + oidc: + config: + base_redirect_uri: https://app.example.com + providers: + - auth_url: https://accounts.google.com/o/oauth2/v2/auth + client_id: + client_secret: + id: google + issuer_url: https://accounts.google.com + mapper_url: base64:// + provider: google + scope: + - openid + - email + - profile + token_url: https://www.googleapis.com/oauth2/v4/token + enabled: true + password: + enabled: true + totp: + config: + issuer: Kratos + enabled: true + ciphers: + algorithm: xchacha20-poly1305 + cookies: + domain: app.example.com + path: / + same_site: Lax + hashers: + algorithm: bcrypt + bcrypt: + cost: 8 + identity: + default_schema_id: default + schemas: + - id: default + url: file:///etc/config/identity.schema.json + log: + format: json + leak_sensitive_values: true + level: warning + identitySchemas: + identity.schema.json: | + { + "$id": "https://schemas.ory.sh/presets/kratos/quickstart/email-password/identity.schema.json", + "$schema": "http://json-schema.org/draft-07/schema#", + "title": "Person", + "type": "object", + "properties": { + "traits": { + "type": "object", + "properties": { + "email": { + "type": "string", + "format": "email", + "title": "E-Mail", + "minLength": 3, + "ory.sh/kratos": { + "credentials": { + "password": { + "identifier": true + } + }, + "verification": { + "via": "email" + }, + "recovery": { + "via": "email" + } + } + }, + "name": { + "type": "object", + "properties": { + "first": { + "title": "First Name", + "type": "string" + }, + "last": { + "title": "Last Name", + "type": "string" + } + } + } + }, + "required": [ + "email" + ], + "additionalProperties": false + } + } + } From 48c974369070bcb2e2453e4303bddafa4f2973db Mon Sep 17 00:00:00 2001 From: Luv7804 Date: Mon, 25 Aug 2025 11:56:43 +0530 Subject: [PATCH 02/24] fix: added kratos helmrepo as dependency helmchart in ci --- .github/workflows/lint-test.yaml | 4 +++- .github/workflows/release.yaml | 3 ++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index 0f6af39f..433403e3 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -37,10 +37,12 @@ jobs: with: version: v3.18.4 - - name: Adding bitnamirepo + - name: Adding dependency repositories run: | helm repo add bitnami https://charts.bitnami.com/bitnami helm repo add bitnami-full-index https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami + helm repo add ory https://k8s.ory.sh/helm/charts + - uses: actions/setup-python@v5 with: diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index fefe9877..cad89c13 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -22,10 +22,11 @@ jobs: git config user.name "$GITHUB_ACTOR" git config user.email "$GITHUB_ACTOR@users.noreply.github.com" - - name: Adding bitnamirepo + - name: Adding dependency repositories run: | helm repo add bitnami https://charts.bitnami.com/bitnami helm repo add bitnami-full-index https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami + helm repo add ory https://k8s.ory.sh/helm/charts - name: Prepare GPG key run: | From 5701e3bd5a4232f39b2b1abc4bcaabb111d0405b Mon Sep 17 00:00:00 2001 From: "meetkumar.javiya" Date: Mon, 25 Aug 2025 12:37:12 +0530 Subject: [PATCH 03/24] modified values for linting --- charts/jovvix/values.yaml | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/charts/jovvix/values.yaml b/charts/jovvix/values.yaml index 90291a75..8f1d2ae3 100644 --- a/charts/jovvix/values.yaml +++ b/charts/jovvix/values.yaml @@ -12,7 +12,7 @@ image: pullPolicy: IfNotPresent imagePullSecrets: [] - + volumeMounts: [] volumes: [] @@ -258,7 +258,8 @@ jobs: - configMapRef: name: jovvix-api - secretRef: - name: jovvix-api # To keep the container running + # To keep the container running + name: jovvix-api command: ["/bin/sh", "-c"] args: - | @@ -272,7 +273,8 @@ jobs: # job is considered part of the release. # after completing migration job will disappear "helm.sh/hook": post-install,post-upgrade - "helm.sh/hook-weight": "-5" # high priority than kratos-migration so that this finishes first + # high priority than kratos-migration so that this finishes first + "helm.sh/hook-weight": "-5" "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation # runs kratos migrations - name: kratos-migration @@ -283,7 +285,7 @@ jobs: - name: DSN valueFrom: secretKeyRef: - name: jovvix-kratos + name: jovvix-kratos key: dsn command: ["/bin/sh", "-c"] args: @@ -298,10 +300,11 @@ jobs: # job is considered part of the release. # after completing migration job will disappear "helm.sh/hook": post-install,post-upgrade - "helm.sh/hook-weight": "-4" # comes after the jovvix migration + # kept it -4 ao that it can comes after the jovvix migration + "helm.sh/hook-weight": "-4" "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation -# Used to create configmaps, you can add existing configmaps also, but the name should be the same or you have to make changes accordingly +# Used to create configmaps, you can add existing configmaps also, but the name should be the same or you have to make changes accordingly configmaps: - fullNameOverride: "jovvix-api" create: true @@ -393,7 +396,7 @@ postgresql: limits: memory: 4Gi extendedConfiguration: | - max_connections = 1000 + max_connections = 1000 auth: username: jovvix database: jovvix @@ -445,8 +448,10 @@ kratos: pathType: ImplementationSpecific servicePort: http secret: - enabled: false # do not create secret by default - nameOverride: jovvix-kratos # takes existing secret with this name + # do not create secret by default + enabled: false + # takes existing secret with this name + nameOverride: jovvix-kratos kratos: automigration: enabled: false From 2b59b3807ae45ac80e0f18952ed9ce52e70f0749 Mon Sep 17 00:00:00 2001 From: "meetkumar.javiya" Date: Mon, 25 Aug 2025 12:43:09 +0530 Subject: [PATCH 04/24] removed trailing space --- charts/jovvix/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/jovvix/values.yaml b/charts/jovvix/values.yaml index 8f1d2ae3..2ade4f77 100644 --- a/charts/jovvix/values.yaml +++ b/charts/jovvix/values.yaml @@ -274,7 +274,7 @@ jobs: # after completing migration job will disappear "helm.sh/hook": post-install,post-upgrade # high priority than kratos-migration so that this finishes first - "helm.sh/hook-weight": "-5" + "helm.sh/hook-weight": "-5" "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation # runs kratos migrations - name: kratos-migration From 91edeb900a9333d6391dec7ded4c45a879544910 Mon Sep 17 00:00:00 2001 From: "meetkumar.javiya" Date: Wed, 3 Sep 2025 14:57:58 +0530 Subject: [PATCH 05/24] modified the chart from scratch --- charts/jovvix/templates/_helpers.tpl | 77 +--- charts/jovvix/templates/configmap.yaml | 14 - charts/jovvix/templates/deployment.yaml | 443 ------------------------ charts/jovvix/templates/hpa.yaml | 32 ++ charts/jovvix/templates/job.yaml | 116 +++---- charts/jovvix/templates/secret.yaml | 15 - charts/jovvix/templates/services.yaml | 205 +++++++++++ charts/jovvix/values.yaml | 316 ++++------------- 8 files changed, 358 insertions(+), 860 deletions(-) delete mode 100644 charts/jovvix/templates/configmap.yaml delete mode 100644 charts/jovvix/templates/deployment.yaml create mode 100644 charts/jovvix/templates/hpa.yaml delete mode 100644 charts/jovvix/templates/secret.yaml create mode 100644 charts/jovvix/templates/services.yaml diff --git a/charts/jovvix/templates/_helpers.tpl b/charts/jovvix/templates/_helpers.tpl index 92df6f01..1efcb145 100644 --- a/charts/jovvix/templates/_helpers.tpl +++ b/charts/jovvix/templates/_helpers.tpl @@ -2,7 +2,7 @@ Expand the name of the chart. */}} {{- define "jovvix.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- default $.Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} {{- end }} {{/* @@ -14,7 +14,7 @@ If release name contains chart name it will be used as a full name. {{- if .Values.fullnameOverride }} {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} {{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} +{{- $name := default $.Chart.Name .Values.nameOverride }} {{- if contains $name .Release.Name }} {{- .Release.Name | trunc 63 | trimSuffix "-" }} {{- else }} @@ -27,7 +27,7 @@ If release name contains chart name it will be used as a full name. Create chart name and version as used by the chart label. */}} {{- define "jovvix.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- printf "%s-%s" $.Chart.Name $.Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} {{- end }} {{/* @@ -36,8 +36,8 @@ Common labels {{- define "jovvix.labels" -}} helm.sh/chart: {{ include "jovvix.chart" . }} {{ include "jovvix.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- if $.Chart.AppVersion }} +app.kubernetes.io/version: {{ $.Chart.AppVersion | quote }} {{- end }} app.kubernetes.io/managed-by: {{ .Release.Service }} {{- end }} @@ -49,70 +49,3 @@ Selector labels app.kubernetes.io/name: {{ include "jovvix.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "jovvix.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "jovvix.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} - -{{/* -Return the appropriate apiVersion for deployment. -*/}} -{{- define "deployment.apiVersion" -}} -{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.Version -}} -{{- print "extensions/v1beta1" -}} -{{- else -}} -{{- print "apps/v1" -}} -{{- end -}} -{{- end -}} - -{{- define "hpa.apiVersion" -}} -{{- if semverCompare ">1.25-0" .Capabilities.KubeVersion.Version -}} -{{- print "autoscaling/v2" -}} -{{- else -}} -{{- print "autoscaling/v2beta2" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for ingress. -*/}} -{{- define "ingress.apiVersion" -}} -{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.Version -}} -{{- print "extensions/v1beta1" -}} -{{- else if semverCompare "<1.19-0" .Capabilities.KubeVersion.Version -}} -{{- print "networking.k8s.io/v1beta1" -}} -{{- else -}} -{{- print "networking.k8s.io/v1" -}} -{{- end -}} -{{- end -}} - -{{- define "ingress.backend" -}} -{{- $apiVersion := (include "ingress.apiVersion" .context) -}} -{{- if or (eq $apiVersion "extensions/v1beta1") (eq $apiVersion "networking.k8s.io/v1beta1") -}} -serviceName: {{ .serviceName }} -servicePort: {{ .servicePort }} -{{- else -}} -service: - name: {{ .serviceName }} - port: - {{- if typeIs "string" .servicePort }} - name: {{ .servicePort }} - {{- else if or (typeIs "int" .servicePort) (typeIs "float64" .servicePort) }} - number: {{ .servicePort | int }} - {{- end }} -{{- end -}} -{{- end -}} - -{{- define "ingress.pathtype" -}} -{{- $apiVersion := (include "ingress.apiVersion" .) -}} -{{- if (eq $apiVersion "networking.k8s.io/v1") -}} -pathType: ImplementationSpecific -{{- end -}} -{{- end -}} diff --git a/charts/jovvix/templates/configmap.yaml b/charts/jovvix/templates/configmap.yaml deleted file mode 100644 index acb38220..00000000 --- a/charts/jovvix/templates/configmap.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{- range .Values.configmaps }} -{{- if .create }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .fullNameOverride | default (printf "%s-%s" $.Release.Name .name) }} - namespace: {{ $.Release.Namespace | quote }} - labels: - {{- include "jovvix.labels" $ | nindent 4 }} -data: - {{- toYaml .data | nindent 2 }} -{{- end }} -{{- end }} diff --git a/charts/jovvix/templates/deployment.yaml b/charts/jovvix/templates/deployment.yaml deleted file mode 100644 index 63029e94..00000000 --- a/charts/jovvix/templates/deployment.yaml +++ /dev/null @@ -1,443 +0,0 @@ -{{- range .Values.services }} ---- -apiVersion: {{ include "deployment.apiVersion" $ }} -kind: Deployment -metadata: -{{- if $.Values.prefixWithReleaseName.enabled }} - name: "{{ $.Release.Name }}-{{ .name | default $.Values.serviceTemplate.name }}-svc" -{{- else}} - name: "{{ .name | default $.Values.serviceTemplate.name }}" -{{- end }} - namespace: {{ $.Release.Namespace | quote }} - labels: - {{- include "jovvix.labels" $ | nindent 4 }} - app.kubernetes.io/component: "{{ .name | default $.Values.serviceTemplate.name }}" -{{- with .annotations | default $.Values.serviceTemplate.annotations }} - annotations: - {{- toYaml . | nindent 4 }} -{{- end }} -spec: - {{ if .type }} - {{- else }} - strategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 50% - maxSurge: 100% - {{- end }} - replicas: {{ if ne .minReplicaCount nil }}{{ .minReplicaCount }}{{ else }}{{ $.Values.serviceTemplate.minReplicaCount }}{{ end }} - selector: - matchLabels: - {{- include "jovvix.selectorLabels" $ | nindent 6 }} - app.kubernetes.io/component: "{{ .name | default $.Values.serviceTemplate.name }}" - template: - metadata: - labels: - {{- include "jovvix.labels" $ | nindent 8 }} - app.kubernetes.io/component: "{{ .name | default $.Values.serviceTemplate.name }}" - {{ if .podAnnotations }} - annotations: -{{ toYaml .podAnnotations | indent 8 }} - {{- end }} - spec: - {{- if .imagePullSecrets }} - imagePullSecrets: -{{ toYaml .imagePullSecrets | indent 8 }} - {{- else if $.Values.serviceTemplate.imagePullSecrets }} - imagePullSecrets: -{{ toYaml .imagePullSecrets | indent 8 }} - {{- else }} - {{- if $.Values.imagePullSecrets }} - imagePullSecrets: -{{ toYaml $.Values.imagePullSecrets | indent 8 }} - {{- end }} - {{- end }} - terminationGracePeriodSeconds: {{ .terminationGracePeriodSeconds | default $.Values.serviceTemplate.terminationGracePeriodSeconds }} - {{- if or ($.Values.serviceTemplate.initContainers) (.initContainers) }} - {{- with .initContainers | default $.Values.serviceTemplate.initContainers }} - initContainers: -{{ toYaml . | indent 8 }} - {{- end }} - {{- end }} - containers: - {{- if $.Values.prefixWithReleaseName.enabled }} - - name: "{{ $.Release.Name }}-{{ .name | default $.Values.serviceTemplate.name }}" - {{- else}} - - name: "{{ .name | default $.Values.serviceTemplate.name }}" - {{- end }} - {{- if .image }} - image: "{{ .image.repository }}:{{ .image.tag }}" - {{- else }} - image: "{{ $.Values.image.repository }}:{{ $.Values.image.tag }}" - {{- end }} - imagePullPolicy: {{ $.Values.image.pullPolicy }} - env: - {{- if .env }} -{{ toYaml .env | indent 12 }} - {{- end }} - {{- if $.Values.env }} -{{ toYaml $.Values.env | indent 12 }} - {{- end }} - {{- if $.Values.serviceTemplate.env }} -{{ toYaml $.Values.serviceTemplate.env | indent 12 }} - {{- end }} - envFrom: - {{- if .envFrom }} -{{ toYaml .envFrom | indent 12 }} - {{- end }} - {{- if $.Values.envFrom }} -{{ toYaml $.Values.envFrom | indent 12 }} - {{- end }} - {{- if $.Values.serviceTemplate.envFrom }} -{{ toYaml $.Values.serviceTemplate.envFrom | indent 12 }} - {{- end }} - {{- if .command }} - {{- with .command | default $.Values.serviceTemplate.command }} - command: -{{ toYaml . | indent 12 }} - {{- end }} - {{- end }} - {{- if .args }} - {{- with .args | default $.Values.serviceTemplate.args }} - args: -{{ toYaml . | indent 12 }} - {{- end }} - {{- end }} - {{- with .ports | default $.Values.serviceTemplate.ports }} - ports: -{{ toYaml . | indent 12 }} - {{- end }} - {{- with .resources | default $.Values.serviceTemplate.resources }} - resources: -{{ toYaml . | indent 12 }} - {{- end }} - {{- if or ($.Values.serviceTemplate.healthcheck.enabled) (.healthcheck.enabled) }} - {{- if .healthcheck }} -{{- $healthType := .healthcheck.type -}} - {{- if and (eq $healthType "httpGet") (.healthcheck.path ) }} - livenessProbe: - httpGet: - path: {{ .healthcheck.path }} - port: {{ .healthcheck.port }} - timeoutSeconds: 7 - initialDelaySeconds: {{ .healthcheck.initialDelaySeconds | default "20" }} - periodSeconds: {{ .healthcheck.periodSeconds | default "20" }} - readinessProbe: - httpGet: - path: {{ .healthcheck.path }} - port: {{ .healthcheck.port }} - timeoutSeconds: 7 - initialDelaySeconds: {{ .healthcheck.initialDelaySeconds | default "20" }} - periodSeconds: {{ .healthcheck.periodSeconds | default "20" }} - {{- else if and (eq $healthType "tcpSocket") ( .healthcheck.port ) }} - livenessProbe: - tcpSocket: - port: {{ .healthcheck.port }} - initialDelaySeconds: {{ .healthcheck.initialDelaySeconds | default "20" }} - periodSeconds: {{ .healthcheck.periodSeconds | default "20" }} - readinessProbe: - tcpSocket: - port: {{ .healthcheck.port }} - initialDelaySeconds: {{ .healthcheck.initialDelaySeconds | default "20" }} - periodSeconds: {{ .healthcheck.periodSeconds | default "20" }} - {{- end }} -{{- else }} -{{- $healthType := $.Values.serviceTemplate.healthcheck.type -}} - {{- if and (eq $healthType "httpGet") ($.Values.serviceTemplate.healthcheck.path) }} - livenessProbe: - httpGet: - path: {{ $.Values.serviceTemplate.healthcheck.path }} - port: {{ $.Values.serviceTemplate.healthcheck.port }} - timeoutSeconds: 7 - initialDelaySeconds: {{ $.Values.serviceTemplate.healthcheck.initialDelaySeconds | default "20" }} - periodSeconds: {{ $.Values.serviceTemplate.healthcheck.periodSeconds | default "20" }} - readinessProbe: - httpGet: - path: {{ $.Values.serviceTemplate.healthcheck.path }} - port: {{ $.Values.serviceTemplate.healthcheck.port }} - timeoutSeconds: 7 - initialDelaySeconds: {{ $.Values.serviceTemplate.healthcheck.initialDelaySeconds | default "20" }} - periodSeconds: {{ $.Values.serviceTemplate.healthcheck.periodSeconds | default "20" }} - {{- else if and (eq $healthType "tcpSocket") ($.Values.serviceTemplate.healthcheck.port) }} - livenessProbe: - tcpSocket: - port: {{ $.Values.serviceTemplate.healthcheck.port }} - initialDelaySeconds: {{ $.Values.serviceTemplate.healthcheck.initialDelaySeconds | default "20" }} - periodSeconds: {{ $.Values.serviceTemplate.healthcheck.periodSeconds | default "20" }} - readinessProbe: - tcpSocket: - port: {{ $.Values.serviceTemplate.healthcheck.port }} - initialDelaySeconds: {{ $.Values.serviceTemplate.healthcheck.initialDelaySeconds | default "20" }} - periodSeconds: {{ $.Values.serviceTemplate.healthcheck.periodSeconds | default "20" }} - {{- end }} -{{- end }} - {{- end }} - volumeMounts: - {{- if .volumeMounts }} -{{ toYaml .volumeMounts | indent 10 }} - {{- end }} - {{- if $.Values.volumeMounts }} -{{ toYaml $.Values.volumeMounts | indent 10 }} - {{- end }} - {{- if $.Values.serviceTemplate.volumeMounts }} -{{ toYaml $.Values.serviceTemplate.volumeMounts | indent 10 }} - {{- end }} - {{- with .securityContext | default $.Values.serviceTemplate.securityContext }} - securityContext: -{{ toYaml . | indent 8 }} - {{- end }} - volumes: - {{- if .volumes }} -{{ toYaml .volumes | indent 8 }} - {{- end }} - {{- if $.Values.volumes }} -{{ toYaml $.Values.volumes | indent 8 }} - {{- end }} - {{- if $.Values.serviceTemplate.volumes }} -{{ toYaml $.Values.serviceTemplate.volumes | indent 8 }} - {{- end }} - {{- with .nodeSelector | default $.Values.serviceTemplate.nodeSelector }} - nodeSelector: -{{ toYaml . | indent 8 }} - {{- end }} - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 1 - podAffinityTerm: - topologyKey: kubernetes.io/hostname - labelSelector: - matchLabels: - {{- include "jovvix.labels" $ | nindent 18 }} - app.kubernetes.io/component: "{{ .name | default $.Values.serviceTemplate.name }}" - {{- with .affinity | default $.Values.serviceTemplate.affinity }} -{{ toYaml . | indent 8 }} - {{- end }} - {{- with .tolerations | default $.Values.serviceTemplate.tolerations }} - tolerations: -{{ toYaml . | indent 8 }} - {{- end }} -{{- if .volumeClaimTemplates }} - volumeClaimTemplates: - -{{ toYaml .volumeClaimTemplates | indent 8 }} - {{- end }} - {{- if $.Values.volumeClaimTemplates }} -{{ toYaml $.Values.volumeClaimTemplates | indent 8 }} - {{- end }} - {{- if $.Values.serviceTemplate.volumeClaimTemplates }} -{{ toYaml $.Values.serviceTemplate.volumeClaimTemplates | indent 8 }} - {{- end }} -{{- if and (.autoscaling | default $.Values.serviceTemplate.autoscaling) (ne .type "StatefulSet")}} ---- -apiVersion: {{ include "hpa.apiVersion" $ }} -kind: HorizontalPodAutoscaler -metadata: -{{- if $.Values.prefixWithReleaseName.enabled }} - name: "{{ $.Release.Name }}-{{ .name | default $.Values.serviceTemplate.name }}-svc" -{{- else }} - name: "{{ .name | default $.Values.serviceTemplate.name }}" -{{- end }} - namespace: {{ $.Release.Namespace | quote }} - labels: - {{- include "jovvix.labels" $ | nindent 4 }} - app.kubernetes.io/component: "{{ .name | default $.Values.serviceTemplate.name }}" -spec: - scaleTargetRef: - apiVersion: {{ include "deployment.apiVersion" $ }} - kind: Deployment - {{- if $.Values.prefixWithReleaseName.enabled }} - name: "{{ $.Release.Name }}-{{ .name | default $.Values.serviceTemplate.name }}-svc" - {{- else }} - name: "{{ .name | default $.Values.serviceTemplate.name }}" - {{- end }} - minReplicas: {{ .minReplicaCount | default $.Values.serviceTemplate.minReplicaCount }} - maxReplicas: {{ .maxReplicaCount | default $.Values.serviceTemplate.maxReplicaCount }} - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: {{ .averageUtilization | default $.Values.serviceTemplate.averageUtilization }} - # - type: Resource - # resource: - # name: memory - # target: - # type: AverageValue - # averageValue: 100Mi -{{- end }} -{{- if .service}} -{{- if or ( .service.enabled ) ($.Values.serviceTemplate.service.enabled) }} ---- -apiVersion: v1 -kind: Service -metadata: -{{- if $.Values.prefixWithReleaseName.enabled }} - {{- if .service.ClusterIP }} - name: "{{ $.Release.Name }}-{{ .name | default $.Values.serviceTemplate.name }}-svc-headless" - {{- else }} - name: "{{ $.Release.Name }}-{{ .name | default $.Values.serviceTemplate.name }}-svc" - {{- end }} -{{- else}} - name: "{{ .name | default $.Values.serviceTemplate.name }}" -{{- end }} - namespace: {{ $.Release.Namespace | quote }} - labels: - {{- include "jovvix.labels" $ | nindent 4 }} - app.kubernetes.io/component: "{{ .name | default $.Values.serviceTemplate.name }}" -{{- with .service.annotations }} - annotations: - {{- toYaml . | nindent 4 }} -{{- end }} -spec: - type: {{ .service.type }} - {{- if .service.ClusterIP }} - clusterIP: {{ .service.ClusterIP }} - {{- end}} - ports: -{{- with .service.ports }} - {{ toYaml . | nindent 4 }} -{{- end }} - selector: - {{- include "jovvix.selectorLabels" $ | nindent 4 }} - app.kubernetes.io/component: "{{ .name | default $.Values.serviceTemplate.name }}" -{{- end }} -{{- else if $.Values.serviceTemplate.service.enabled }} ---- -apiVersion: v1 -kind: Service -metadata: -{{- if $.Values.prefixWithReleaseName.enabled }} - {{- if $.Values.serviceTemplate.service.ClusterIP }} - name: "{{ $.Release.Name }}-{{ .name | default $.Values.serviceTemplate.name }}-svc-headless" - {{- else }} - name: "{{ $.Release.Name }}-{{ .name | default $.Values.serviceTemplate.name }}-svc" - {{- end }} -{{- else}} - name: "{{ .name | default $.Values.serviceTemplate.name }}" -{{- end }} - namespace: {{ $.Release.Namespace | quote }} - labels: - {{- include "jovvix.labels" $ | nindent 4 }} - app.kubernetes.io/component: "{{ .name | default $.Values.serviceTemplate.name }}" -{{- with $.Values.serviceTemplate.service.annotations }} - annotations: - {{- toYaml . | nindent 4 }} -{{- end }} -spec: - type: {{ $.Values.serviceTemplate.service.type }} - {{- if $.Values.serviceTemplate.service.ClusterIP }} - clusterIP: {{ $.Values.serviceTemplate.service.ClusterIP }} - {{- end}} - ports: -{{- with $.Values.serviceTemplate.service.ports }} - {{ toYaml . | nindent 4 }} -{{- end }} - selector: - {{- include "jovvix.selectorLabels" $ | nindent 4 }} - app.kubernetes.io/component: "{{ .name | default $.Values.serviceTemplate.name }}" -{{- end }} - -{{- if and .httpRoute (.httpRoute.enabled | default $.Values.serviceTemplate.httpRoute.enabled) }} ---- -{{- $svcName := .name | default $.Values.serviceTemplate.name -}} -{{- $fullName := printf "%s-%s-svc" $.Release.Name ($svcName) -}} -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: -{{- if $.Values.prefixWithReleaseName.enabled }} - name: "{{ $.Release.Name }}-{{ $svcName }}-svc" -{{- else }} - name: "{{ $svcName }}" -{{- end }} - namespace: {{ $.Release.Namespace | quote }} - labels: - {{- include "jovvix.labels" $ | nindent 4 }} - {{- with (.httpRoute.annotations | default $.Values.serviceTemplate.httpRoute.annotations) }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - {{- with (.httpRoute.parentRefs | default $.Values.serviceTemplate.httpRoute.parentRefs) }} - parentRefs: - {{- toYaml . | nindent 2 }} - {{- end }} - {{- with (.httpRoute.hostnames | default $.Values.serviceTemplate.httpRoute.hostnames) }} - hostnames: - {{- toYaml . | nindent 2 }} - {{- end }} - rules: - - matches: - {{- with (.httpRoute.matches.path | default $.Values.serviceTemplate.httpRoute.matches.path) }} - - path: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .httpRoute.matches.timeouts }} - timeouts: - {{- toYaml . | nindent 6 }} - {{- end }} - backendRefs: - - kind: Service - {{- if $.Values.prefixWithReleaseName.enabled }} - name: "{{ $.Release.Name }}-{{ $svcName }}-svc" - {{- else }} - name: "{{ $svcName }}" - {{- end }} - port: {{ (index .service.ports 0).port | default (index $.Values.serviceTemplate.service.ports 0).port }} - {{- with .httpRoute.filters }} - filters: - {{- toYaml . | nindent 6 }} - {{- end }} -{{- end }} - -{{- if and .ingress (.ingress.enabled | default $.Values.serviceTemplate.ingress.enabled) }} ---- -{{- $svcName := .name | default $.Values.serviceTemplate.name -}} -{{- $fullName := printf "%s-%s-svc" $.Release.Name (.name | default $.Values.serviceTemplate.name) -}} -apiVersion: {{ include "ingress.apiVersion" $ }} -kind: Ingress -metadata: -{{- if $.Values.prefixWithReleaseName.enabled }} - name: "{{ $.Release.Name }}-{{ .name | default $.Values.serviceTemplate.name }}-svc" -{{- else}} - name: "{{ .name | default $.Values.serviceTemplate.name }}" -{{- end }} - namespace: {{ $.Release.Namespace | quote }} - labels: - {{- include "jovvix.labels" $ | nindent 4 }} - {{- with (.ingress.annotations | default $.Values.serviceTemplate.ingress.annotations) }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: -{{- if .ingress.className | default $.Values.serviceTemplate.ingress.className }} - ingressClassName: {{ .ingress.className | default $.Values.serviceTemplate.ingress.className }} -{{- end }} -{{- if gt (len (.ingress.tls | default $.Values.serviceTemplate.ingress.tls)) 0 }} - tls: - {{- range (.ingress.tls | default $.Values.serviceTemplate.ingress.tls) }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} -{{- end }} - rules: - {{- range (.ingress.hosts | default $.Values.serviceTemplate.ingress.hosts) }} - - host: {{ .host | quote }} - http: - paths: - {{- range .paths }} - - path: {{ .path }} - pathType: {{ .pathType }} - {{- if $.Values.prefixWithReleaseName.enabled }} - backend: {{- include "ingress.backend" (dict "serviceName" $fullName "servicePort" .servicePort "context" $) | nindent 14 }} - {{- else}} - backend: {{- include "ingress.backend" (dict "serviceName" $svcName "servicePort" .servicePort "context" $) | nindent 14 }} - {{- end }} - {{- end }} - {{- end }} -{{- end }} -{{- end }} diff --git a/charts/jovvix/templates/hpa.yaml b/charts/jovvix/templates/hpa.yaml new file mode 100644 index 00000000..af4dd47e --- /dev/null +++ b/charts/jovvix/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "jovvix.fullname" . }} + labels: + {{- include "jovvix.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "jovvix.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/charts/jovvix/templates/job.yaml b/charts/jovvix/templates/job.yaml index dab5cc1b..094f84e9 100644 --- a/charts/jovvix/templates/job.yaml +++ b/charts/jovvix/templates/job.yaml @@ -3,114 +3,88 @@ apiVersion: batch/v1 kind: Job metadata: -{{- if $.Values.prefixWithReleaseName.enabled }} - name: "{{ $.Release.Name }}-{{ .name | default $.Values.jobTemplate.name }}" -{{- else}} - name: "{{ .name | default $.Values.jobTemplate.name }}" -{{- end }} + {{- if $.Values.prefixWithReleaseName.enabled }} + name: "{{ $.Release.Name }}-{{ .name }}" + {{- else}} + name: "{{ .name }}" + {{- end }} namespace: {{ $.Release.Namespace | quote }} labels: {{- include "jovvix.labels" $ | nindent 4 }} - app.kubernetes.io/component: "{{ .name | default $.Values.jobTemplate.name }}" + {{- with .annotations }} annotations: - linkerd.io/inject: disabled -{{- with .annotations | default $.Values.jobTemplate.annotations }} {{- toYaml . | nindent 4 }} -{{- end }} + {{- end }} spec: template: metadata: labels: {{- include "jovvix.labels" $ | nindent 8 }} - app.kubernetes.io/component: "{{ .name | default $.Values.jobTemplate.name }}" + {{- with .podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} spec: - {{- if $.Values.jobTemplate.imagePullSecrets }} - imagePullSecrets: -{{ toYaml .imagePullSecrets | indent 8 }} - {{- else if .imagePullSecrets }} + {{- with $.Values.imagePullSecrets }} imagePullSecrets: -{{ toYaml .imagePullSecrets | indent 8 }} - {{- else }} - {{- if $.Values.imagePullSecrets }} - imagePullSecrets: -{{ toYaml $.Values.imagePullSecrets | indent 8 }} - {{- end }} + {{- toYaml . | nindent 8 }} {{- end }} restartPolicy: Never containers: - {{- if $.Values.prefixWithReleaseName.enabled }} - - name: "{{ $.Release.Name }}-{{ .name | default $.Values.jobTemplate.name }}" - {{- else}} - - name: "{{ .name | default $.Values.jobTemplate.name }}" - {{- end }} + - name: {{ $.Chart.Name }} {{- if .image }} - image: "{{ .image.repository }}:{{ .image.tag }}" + image: "{{ .image.repository }}:{{ .image.tag | default $.Chart.AppVersion }}" {{- else }} image: "{{ $.Values.image.repository }}:{{ $.Values.image.tag }}" {{- end }} - env: + imagePullPolicy: {{ $.Values.image.pullPolicy | default "IfNotPresent" }} {{- if .env }} -{{ toYaml .env | indent 12 }} - {{- end }} - {{- if $.Values.env }} -{{ toYaml $.Values.env | indent 12 }} - {{- end }} - {{- if $.Values.jobTemplate.env }} -{{ toYaml $.Values.jobTemplate.env | indent 12 }} + env: + {{- toYaml .env | nindent 12 }} + {{- else if $.Values.env }} + env: + {{- toYaml $.Values.env | nindent 12 }} {{- end }} - envFrom: {{- if .envFrom }} -{{ toYaml .envFrom | indent 12 }} - {{- end }} - {{- if $.Values.envFrom }} -{{ toYaml $.Values.envFrom | indent 12 }} - {{- end }} - {{- if $.Values.jobTemplate.envFrom }} -{{ toYaml $.Values.jobTemplate.envFrom | indent 12 }} + envFrom: + {{- toYaml .envFrom | nindent 12 }} + {{- else if $.Values.envFrom }} + envFrom: + {{- toYaml $.Values.envFrom | nindent 12 }} {{- end }} - imagePullPolicy: {{ $.Values.image.pullPolicy }} - {{- if .command }} - {{- with .command | default $.Values.jobTemplate.command }} + {{- if .command }} + {{- with .command }} command: -{{ toYaml . | indent 12 }} + {{- toYaml . | nindent 12 }} {{- end }} - {{- end }} - {{- if .args }} - {{- with .args | default $.Values.jobTemplate.args }} + {{- end }} + {{- if .args }} + {{- with .args }} args: -{{ toYaml . | indent 12 }} + {{- toYaml . | nindent 12 }} + {{- end }} {{- end }} - {{- end }} volumeMounts: {{- if .volumeMounts }} -{{ toYaml .volumeMounts | indent 10 }} - {{- end }} - {{- if $.Values.volumeMounts }} -{{ toYaml $.Values.volumeMounts | indent 10 }} + {{- toYaml .volumeMounts | nindent 12 }} + {{- else if $.Values.volumeMounts }} + {{- toYaml $.Values.volumeMounts | nindent 12 }} {{- end }} - {{- if $.Values.jobTemplate.volumeMounts }} -{{ toYaml $.Values.jobTemplate.volumeMounts | indent 10 }} - {{- end }} - {{- with .securityContext | default $.Values.jobTemplate.securityContext }} + {{- with .securityContext }} securityContext: -{{ toYaml . | indent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} - {{- with .affinity | default $.Values.jobTemplate.affinity }} + {{- with .affinity }} affinity: -{{ toYaml . | indent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} - {{- with .tolerations | default $.Values.jobTemplate.tolerations }} + {{- with .tolerations }} tolerations: -{{ toYaml . | indent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} volumes: {{- if .volumes }} -{{ toYaml .volumes | indent 8 }} - {{- end }} - {{- if $.Values.volumes }} -{{ toYaml $.Values.volumes | indent 8 }} - {{- end }} - {{- if $.Values.jobTemplate.volumes }} -{{ toYaml $.Values.jobTemplate.volumes | indent 8 }} + {{- toYaml .volumes | nindent 8 }} + {{- else if $.Values.volumes }} + {{- toYaml $.Values.volumes | nindent 8 }} {{- end }} {{- end }} diff --git a/charts/jovvix/templates/secret.yaml b/charts/jovvix/templates/secret.yaml deleted file mode 100644 index a6f918c2..00000000 --- a/charts/jovvix/templates/secret.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- range .Values.secrets }} -{{- if .create }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ .fullNameOverride | default (printf "%s-%s" $.Release.Name .name) }} - namespace: {{ $.Release.Namespace | quote }} - labels: - {{- include "jovvix.labels" $ | nindent 4 }} -type: Opaque -stringData: - {{- toYaml .stringData | nindent 2 }} -{{- end }} -{{- end }} diff --git a/charts/jovvix/templates/services.yaml b/charts/jovvix/templates/services.yaml new file mode 100644 index 00000000..63da4858 --- /dev/null +++ b/charts/jovvix/templates/services.yaml @@ -0,0 +1,205 @@ +{{- range .Values.services }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + {{- if $.Values.prefixWithReleaseName.enabled }} + name: "{{ $.Release.Name }}-{{ .name }}-svc" + {{- else}} + name: "{{ .name }}" + {{- end }} + namespace: {{ $.Release.Namespace | quote }} + labels: + {{- include "jovvix.labels" $ | nindent 4 }} + {{- with .annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if not $.Values.autoscaling.enabled }} + replicas: {{ if ne .replicaCount nil }}{{ .replicaCount }}{{ else }}{{ $.Values.replicaCount }}{{ end }} + {{- end }} + selector: + matchLabels: + {{- include "jovvix.selectorLabels" $ | nindent 6 }} + template: + metadata: + {{- with .podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "jovvix.labels" $ | nindent 8 }} + {{- with .podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- if .initContainers }} + {{- with .initContainers }} + initContainers: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} + {{- with $.Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .podSecurityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: {{ .name }} + {{- with .securityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- if .image }} + image: "{{ .image.repository }}:{{ .image.tag | default $.Chart.AppVersion }}" + {{- else }} + image: "{{ $.Values.image.repository }}:{{ $.Values.image.tag }}" + {{- end }} + imagePullPolicy: {{ .image.pullPolicy | default $.Values.image.pullPolicy | default "IfNotPresent" }} + {{- if .env }} + env: + {{- toYaml .env | nindent 12 }} + {{- else if $.Values.env }} + env: + {{- toYaml $.Values.env | nindent 12 }} + {{- end }} + {{- if .envFrom }} + envFrom: + {{- toYaml .envFrom | nindent 12 }} + {{- else if $.Values.envFrom }} + envFrom: + {{- toYaml $.Values.envFrom | nindent 12 }} + {{- end }} + {{- if .command }} + {{- with .command }} + command: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- end }} + {{- if .args }} + {{- with .args }} + args: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- end }} + {{- with .ports }} + ports: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .livenessProbe }} + livenessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .readinessProbe }} + readinessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .startupProbe }} + startupProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- if .resources }} + resources: + {{- toYaml .resources | nindent 12 }} + {{- else if $.Values.resources }} + resources: + {{- toYaml $.Values.resources | nindent 12 }} + {{- end }} + volumeMounts: + {{- if .volumeMounts }} + {{- toYaml .volumeMounts | nindent 12 }} + {{- else if $.Values.volumeMounts }} + {{- toYaml $.Values.volumeMounts | nindent 12 }} + {{- end }} + volumes: + {{- if .volumes }} + {{- toYaml .volumes | nindent 8 }} + {{- else if $.Values.volumes }} + {{- toYaml $.Values.volumes | nindent 8 }} + {{- end }} + {{- with .nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- if and .service (.service.enabled) }} +--- +apiVersion: v1 +kind: Service +metadata: + name: "{{ $.Release.Name }}-{{ .service.name }}-svc" + namespace: {{ $.Release.Namespace | quote }} + labels: + {{- include "jovvix.labels" $ | nindent 4 }} + {{- with .service.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + type: {{ .service.type | default "ClusterIP" }} + selector: + {{- include "jovvix.selectorLabels" $ | nindent 4 }} + ports: + - name: {{ .service.ports.name | default "http" }} + port: {{ .service.ports.port }} + targetPort: {{ .service.ports.targetPort | default 80 }} + protocol: {{ .service.ports.protocol | default "TCP" }} +{{- end }} +{{- if and .ingress (.ingress.enabled) }} +{{- $svcName := printf "%s-%s-svc" $.Release.Name .service.name }} +{{- $svcPortName := .service.ports.name | default "http" }} +{{- $svcPortNumber := .service.ports.port }} +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .ingress.name | default (printf "%s-%s" $.Release.Name .name) | quote }} + namespace: {{ $.Release.Namespace | quote }} + labels: + {{- include "jovvix.labels" $ | nindent 4 }} + {{- with .ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- with .ingress.className }} + ingressClassName: {{ . }} + {{- end }} + {{- if .ingress.tls }} + tls: + {{- range .ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + - host: {{ .ingress.host | quote }} + http: + paths: + - path: {{ .ingress.path | default "/" }} + pathType: {{ .ingress.pathType | default "Prefix" }} + backend: + service: + name: "{{ $svcName }}" + port: + {{- if $svcPortName }} + name: {{ $svcPortName }} + {{- else }} + number: {{ $svcPortNumber }} + {{- end }} +{{- end }} +{{- end}} diff --git a/charts/jovvix/values.yaml b/charts/jovvix/values.yaml index 2ade4f77..5f34d5d1 100644 --- a/charts/jovvix/values.yaml +++ b/charts/jovvix/values.yaml @@ -1,62 +1,28 @@ -# Default values for polymorphic-app. +# Default values for jovvix. # This is a YAML-formatted file. # Declare variables to be passed into your templates. +# This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ +replicaCount: 1 + nameOverride: "" fullnameOverride: "" prefixWithReleaseName: enabled: true + +# This sets the container image more information can be found here: https://kubernetes.io/docs/concepts/containers/images/ image: - repository: - tag: + repository: nginx + # This sets the pull policy for images. pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" +# This is for the secrets for pulling an image from a private repository more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ imagePullSecrets: [] -volumeMounts: [] - -volumes: [] - -env: [] -envFrom: [] - -# service template -serviceTemplate: - name: svc - image: - averageUtilization: 50 - # initContainers: - # - name: something - # image: alpine - # command: ['command', 'here'] - - initContainers: [] - - lifecycleHooks: {} - - healthcheck: - enabled: false - type: httpGet - # path: /healthz - # port: http - # initialDelaySeconds: 30 - # periodSeconds: 30 - - podDisruptionBudget: - enabled: false - # Set either `minAvailable` OR `maxUnavailable` - # minAvailable: 1 - # maxUnavailable: 1 - autoscaling: false - minReplicaCount: 1 - maxReplicaCount: 1 - env: [] - envFrom: [] - ports: - - name: http - containerPort: 80 - protocol: TCP - resources: {} +# If not resource specified it will take resources from this, remove the brackets and uncomment the below limits and add appropriate resources. +resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following @@ -67,88 +33,27 @@ serviceTemplate: # requests: # cpu: 100m # memory: 128Mi - securityContext: {} - # fsGroup: 1001 - # runAsGroup: 1001 - # runAsUser: 1001 - dnsConfig: {} - # nameservers: - # - 192.0.2.1 # this is an example - # searches: - # - ns1.svc.cluster-domain.example - # - my.dns.search.suffix - # options: - # - name: ndots - # value: "2" - # - name: edns0 - annotations: {} - podAnnotations: {} - # my-annotation: "value" - nodeSelector: {} - tolerations: [] - affinity: {} - volumeMounts: [] - volumes: [] - - service: - enabled: true - # className: nginx - type: ClusterIP - ports: - - name: http - port: 80 - targetPort: http - protocol: TCP - annotations: {} - - ingress: - enabled: false - # className: nginx - annotations: {} - hosts: - - host: app.example.com - paths: [] - - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local -# Enables Gateway API HTTPRoute as a replacement for traditional Ingress resources - httpRoute: - enabled: false - annotations: {} - parentRefs: [] - # - name: contour #name of the gateway resource - # namespace: projectcontour #name space where gateway resource running - hostnames: [] - # - "app.example.com" - matches: - path: - type: PathPrefix - value: "/" - timeouts: {} - # request: 10s #Maximum time the Gateway waits to complete the full client request and response cycle. - # backendRequest: 10s # Maximum time the Gateway waits for a response from the backend service. - filters: [] - # - type: RequestHeaderModifier - # requestHeaderModifier: - # set: - # - name: X-Forwarded-Proto - # value: https +# This section is for setting up autoscaling more information can be found here: https://kubernetes.io/docs/concepts/workloads/autoscaling/ +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 -# Based on serviceTemplate we can create services +# This section is for adding the deployments, service, ingress. you can define multiple services as done below. services: - # service for the jovvix-ui + # This is for the jovvix-ui pod - name: ui + replicaCount: 1 image: repository: improwised/jovvix-ui tag: main-9acf2cb-1754290699 + pullPolicy: IfNotPresent envFrom: - configMapRef: name: jovvix-ui - healthcheck: - enabled: false ports: - name: http containerPort: 5000 @@ -161,41 +66,54 @@ services: memory: 600Mi service: enabled: true + name: ui type: ClusterIP ports: - - name: http - port: 5000 - targetPort: http - protocol: TCP + name: http + port: 5000 + targetPort: http + protocol: TCP + # Ingress for the ui pod ingress: enabled: true + name: ui className: nginx - hosts: - - host: app.example.com - paths: - - path: / - pathType: Prefix - servicePort: http - # service for the jovvix-api + host: app.example.com + path: / + pathType: Prefix + # This is for the jovvix-api pod - name: api - # init container is used to wait for the redis pod to be up and running + # This init container waits for the redis pod to running, if removed the api pod crashes while redis is not in running state. initContainers: - name: wait-for-redis image: busybox:1.37.0 - command: ['sh', '-c', 'until timeout 3 nc -z jovvix-redis-master 6379; do echo waiting for redis; sleep 5; done; echo redis found'] + command: + - sh + - -c + - > + until timeout 3 nc -z jovvix-redis-master 6379; + do echo waiting for redis; sleep 5; done; + echo redis found + replicaCount: 1 image: repository: improwised/jovvix-api tag: main-82546e9-1753769203 + pullPolicy: IfNotPresent envFrom: - configMapRef: name: jovvix-api - secretRef: name: jovvix-api - healthcheck: - enabled: true - type: httpGet - path: /api/healthz - port: http + livenessProbe: + httpGet: + path: /api/healthz + port: http + initialDelaySeconds: 6 + periodSeconds: 6 + readinessProbe: + httpGet: + path: /api/healthz + port: http initialDelaySeconds: 6 periodSeconds: 6 resources: @@ -210,42 +128,27 @@ services: protocol: TCP service: enabled: true + name: api type: ClusterIP ports: - - name: http - port: 3300 - targetPort: http - protocol: TCP - command: ["/bin/sh", "-c"] - args: ["./jovvix api"] + name: http + port: 3300 + targetPort: http + protocol: TCP + # Used to start the api server + command: + - "/bin/sh" + - "-c" + args: + - "./jovvix api" + # Ingress for the api pod ingress: enabled: true + name: api className: nginx - hosts: - - host: app.example.com - paths: - - path: /api - pathType: Prefix - servicePort: http - -# job template -jobTemplate: - name: job - image: - repository: - tag: - env: [] - envFrom: [] - command: - annotations: [] - volumeMounts: [] - securityContext: {} - # fsGroup: 1001 - # runAsGroup: 1001 - # runAsUser: 1001 - affinity: {} - tolerations: [] - volumes: [] + host: app.example.com + path: /api + pathType: Prefix # Used to add jobs based on job template jobs: @@ -304,83 +207,6 @@ jobs: "helm.sh/hook-weight": "-4" "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation -# Used to create configmaps, you can add existing configmaps also, but the name should be the same or you have to make changes accordingly -configmaps: - - fullNameOverride: "jovvix-api" - create: true - data: - APP_PORT: 0.0.0.0:3300 - APP_ENV: local - IS_DEVELOPMENT: "true" - DEBUG: "true" - DB_DIALECT: postgres - DB_HOST: "jovvix-db-postgresql" - DB_PORT: "5432" - DB_USERNAME: jovvix - DB_NAME: jovvix - DB_QUERYSTRING: "sslmode=disable" - MIGRATION_DIR: database/migrations - WEB_URL: "https://app.example.com" - ISSUER: "https://app.example.com" - REDIS_HOST: "jovvix-redis-master" - REDIS_PORT: "6379" - REDIS_DATABASES: "0" - MAXIMUM_POINTS_PER_QUESTION: "20" - MINIMUM_POINTS_PER_QUESTION: "0" - QUESTION_TIME_LIMIT: "15" - SCOREBOARD_MAX_DURATION: "10" - KRATOS_ENABLED: "true" - KRATOS_COOKIE_EXPIRATION_TIME: 2h23m - SERVE_PUBLIC_BASE_URL: https://app.example.com - SERVE_PUBLIC_PORT: "4433" - SERVE_ADMIN_PORT: "4451" - SELF_SERVICE_DEFAULT_BROWSER_RETURN_URL: https://app.example.com/api/v1/kratos/auth - SELF_SERVICE_FLOWS_REGISTRATION_AFTER_DEFAULT_BROWSER_RETURN_URL: https://app.example.com/api/v1/kratos/auth - AWS_REGION: ap-south-1 - BUCKET_NAME: example-bucket - S3_BUCKET_ENDPOINT: https://s3.example.com - SMTP_HOST: "smtp.example.com" - SMTP_PORT: "587" - EMAIL_FROM: "no-reply@example.com" - - fullNameOverride: "jovvix-ui" - create: true - data: - APP_ENV: local - MODE: development - PORT: "4000" - HOST: "0.0.0.0" - NUXT_PUBLIC_BASE_URL: "https://app.example.com" - NUXT_PUBLIC_API_URL: "https://app.example.com/api/v1" - NUXT_PUBLIC_API_SOCKET_URL: "wss://app.example.com/api/v1/socket" - NUXT_PUBLIC_KRATOS_URL: "https://app.example.com" - S3_BUCKET_URL: https://example-bucket.s3.example.com - -# Used to create secrets, you can add existing secrets also, but the name should be the same or you have to make changes accordingly -secrets: - - fullNameOverride: "jovvix-api" - create: true - stringData: - DB_PASSWORD: "example-db-password" - JWT_SECRET: "example-jwt-secret" - REDIS_PASSWORD: "example-redis-password" - DSN: postgres://jovvix:example-db-password@jovvix-db-postgresql:5432/jovvix?sslmode=disable - SMTP_USERNAME: "example-smtp-user" - SMTP_PASSWORD: "example-smtp-pass" - - fullNameOverride: "jovvix-db" - create: true - stringData: - postgres-password: "example-postgres-password" - password: "example-db-password" - redis-password: "example-redis-password" - - fullNameOverride: "jovvix-kratos" - create: true - stringData: - dsn: postgres://jovvix:example-db-password@jovvix-db-postgresql:5432/jovvix?sslmode=disable&search_path=kratos - secretsCipher: example-32-long-secret-change-me - secretsCookie: example-cookie-secret - secretsDefault: example-default-secret - smtpConnectionURI: smtp://example-smtp-user:example-smtp-pass@smtp.example.com:587/ - # postgresql configurations postgresql: nameOverride: "db-postgresql" From bc7d5922a5c6b44e7d49f42853c85e85f4f51fc5 Mon Sep 17 00:00:00 2001 From: "meetkumar.javiya" Date: Thu, 4 Sep 2025 12:29:25 +0530 Subject: [PATCH 06/24] added configmap and secrets, modified naming format for ingress --- charts/jovvix/templates/configmap.yaml | 18 ++++++ charts/jovvix/templates/secret.yaml | 19 +++++++ charts/jovvix/templates/services.yaml | 10 +++- charts/jovvix/values.yaml | 77 ++++++++++++++++++++++++++ 4 files changed, 123 insertions(+), 1 deletion(-) create mode 100644 charts/jovvix/templates/configmap.yaml create mode 100644 charts/jovvix/templates/secret.yaml diff --git a/charts/jovvix/templates/configmap.yaml b/charts/jovvix/templates/configmap.yaml new file mode 100644 index 00000000..1a4a7208 --- /dev/null +++ b/charts/jovvix/templates/configmap.yaml @@ -0,0 +1,18 @@ +{{- range .Values.configmaps }} +{{- if .create }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + {{- if $.Values.prefixWithReleaseName.enabled }} + name: "{{ $.Release.Name }}-{{ .name }}" + {{- else}} + name: "{{ .name }}" + {{- end }} + namespace: {{ $.Release.Namespace | quote }} + labels: + {{- include "jovvix.labels" $ | nindent 4 }} +data: + {{- toYaml .data | nindent 2 }} +{{- end }} +{{- end }} diff --git a/charts/jovvix/templates/secret.yaml b/charts/jovvix/templates/secret.yaml new file mode 100644 index 00000000..317b3429 --- /dev/null +++ b/charts/jovvix/templates/secret.yaml @@ -0,0 +1,19 @@ +{{- range .Values.secrets }} +{{- if .create }} +--- +apiVersion: v1 +kind: Secret +metadata: + {{- if $.Values.prefixWithReleaseName.enabled }} + name: "{{ $.Release.Name }}-{{ .name }}" + {{- else}} + name: "{{ .name }}" + {{- end }} + namespace: {{ $.Release.Namespace | quote }} + labels: + {{- include "jovvix.labels" $ | nindent 4 }} +type: Opaque +stringData: + {{- toYaml .stringData | nindent 2 }} +{{- end }} +{{- end }} diff --git a/charts/jovvix/templates/services.yaml b/charts/jovvix/templates/services.yaml index 63da4858..5a74c664 100644 --- a/charts/jovvix/templates/services.yaml +++ b/charts/jovvix/templates/services.yaml @@ -138,7 +138,11 @@ spec: apiVersion: v1 kind: Service metadata: + {{- if $.Values.prefixWithReleaseName.enabled }} name: "{{ $.Release.Name }}-{{ .service.name }}-svc" + {{- else}} + name: "{{ .service.name }}" + {{- end }} namespace: {{ $.Release.Namespace | quote }} labels: {{- include "jovvix.labels" $ | nindent 4 }} @@ -164,7 +168,11 @@ spec: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: {{ .ingress.name | default (printf "%s-%s" $.Release.Name .name) | quote }} + {{- if $.Values.prefixWithReleaseName.enabled }} + name: "{{ $.Release.Name }}-{{ .name }}" + {{- else}} + name: "{{ .name }}" + {{- end }} namespace: {{ $.Release.Namespace | quote }} labels: {{- include "jovvix.labels" $ | nindent 4 }} diff --git a/charts/jovvix/values.yaml b/charts/jovvix/values.yaml index 5f34d5d1..02845c0d 100644 --- a/charts/jovvix/values.yaml +++ b/charts/jovvix/values.yaml @@ -207,6 +207,83 @@ jobs: "helm.sh/hook-weight": "-4" "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation +# Used to create configmaps, you can add existing configmaps also, but the name should be the same or you have to make changes accordingly +configmaps: + - name: "api" + create: true + data: + APP_PORT: 0.0.0.0:3300 + APP_ENV: local + IS_DEVELOPMENT: "true" + DEBUG: "true" + DB_DIALECT: postgres + DB_HOST: "jovvix-db-postgresql" + DB_PORT: "5432" + DB_USERNAME: jovvix + DB_NAME: jovvix + DB_QUERYSTRING: "sslmode=disable" + MIGRATION_DIR: database/migrations + WEB_URL: "https://app.example.com" + ISSUER: "https://app.example.com" + REDIS_HOST: "jovvix-redis-master" + REDIS_PORT: "6379" + REDIS_DATABASES: "0" + MAXIMUM_POINTS_PER_QUESTION: "20" + MINIMUM_POINTS_PER_QUESTION: "0" + QUESTION_TIME_LIMIT: "15" + SCOREBOARD_MAX_DURATION: "10" + KRATOS_ENABLED: "true" + KRATOS_COOKIE_EXPIRATION_TIME: 2h23m + SERVE_PUBLIC_BASE_URL: https://app.example.com + SERVE_PUBLIC_PORT: "4433" + SERVE_ADMIN_PORT: "4451" + SELF_SERVICE_DEFAULT_BROWSER_RETURN_URL: https://app.example.com/api/v1/kratos/auth + SELF_SERVICE_FLOWS_REGISTRATION_AFTER_DEFAULT_BROWSER_RETURN_URL: https://app.example.com/api/v1/kratos/auth + AWS_REGION: ap-south-1 + BUCKET_NAME: example-bucket + S3_BUCKET_ENDPOINT: https://s3.example.com + SMTP_HOST: "smtp.example.com" + SMTP_PORT: "587" + EMAIL_FROM: "no-reply@example.com" + - name: "ui" + create: true + data: + APP_ENV: local + MODE: development + PORT: "4000" + HOST: "0.0.0.0" + NUXT_PUBLIC_BASE_URL: "https://app.example.com" + NUXT_PUBLIC_API_URL: "https://app.example.com/api/v1" + NUXT_PUBLIC_API_SOCKET_URL: "wss://app.example.com/api/v1/socket" + NUXT_PUBLIC_KRATOS_URL: "https://app.example.com" + S3_BUCKET_URL: https://example-bucket.s3.example.com + +# Used to create secrets, you can add existing secrets also, but the name should be the same or you have to make changes accordingly +secrets: + - name: "api" + create: true + stringData: + DB_PASSWORD: "example-db-password" + JWT_SECRET: "example-jwt-secret" + REDIS_PASSWORD: "example-redis-password" + DSN: postgres://jovvix:example-db-password@jovvix-db-postgresql:5432/jovvix?sslmode=disable + SMTP_USERNAME: "example-smtp-user" + SMTP_PASSWORD: "example-smtp-pass" + - name: "db" + create: true + stringData: + postgres-password: "example-postgres-password" + password: "example-db-password" + redis-password: "example-redis-password" + - name: "kratos" + create: true + stringData: + dsn: postgres://jovvix:example-db-password@jovvix-db-postgresql:5432/jovvix?sslmode=disable&search_path=kratos + secretsCipher: example-32-long-secret-change-me + secretsCookie: example-cookie-secret + secretsDefault: example-default-secret + smtpConnectionURI: smtp://example-smtp-user:example-smtp-pass@smtp.example.com:587/ + # postgresql configurations postgresql: nameOverride: "db-postgresql" From 3a4c4cd451daf5a582f25534385002495b03ac67 Mon Sep 17 00:00:00 2001 From: "meetkumar.javiya" Date: Thu, 4 Sep 2025 12:54:57 +0530 Subject: [PATCH 07/24] commented the resources limit and requests --- charts/jovvix/values.yaml | 48 +++++++++++++++++++-------------------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/charts/jovvix/values.yaml b/charts/jovvix/values.yaml index 02845c0d..f5ad8f2c 100644 --- a/charts/jovvix/values.yaml +++ b/charts/jovvix/values.yaml @@ -58,12 +58,12 @@ services: - name: http containerPort: 5000 protocol: TCP - resources: - limits: - memory: 600Mi - requests: - cpu: 100m - memory: 600Mi + resources: {} + # limits: + # memory: 600Mi + # requests: + # cpu: 100m + # memory: 600Mi service: enabled: true name: ui @@ -116,12 +116,12 @@ services: port: http initialDelaySeconds: 6 periodSeconds: 6 - resources: - limits: - memory: 4Gi - requests: - cpu: 500m - memory: 4Gi + resources: {} + # limits: + # memory: 4Gi + # requests: + # cpu: 500m + # memory: 4Gi ports: - name: http containerPort: 3300 @@ -292,12 +292,12 @@ postgresql: primary: persistence: size: 1Gi - resources: - requests: - cpu: 300m - memory: 4Gi - limits: - memory: 4Gi + resources: {} + # requests: + # cpu: 300m + # memory: 4Gi + # limits: + # memory: 4Gi extendedConfiguration: | max_connections = 1000 auth: @@ -318,12 +318,12 @@ redis: master: persistence: size: 1Gi - resources: - requests: - cpu: 200m - memory: 1024Mi - limits: - memory: 1024Mi + resources: {} + # requests: + # cpu: 200m + # memory: 1024Mi + # limits: + # memory: 1024Mi # kratos configurations kratos: From 20c001cee2d20088c6d9ad272cdd506efa78c689 Mon Sep 17 00:00:00 2001 From: "meetkumar.javiya" Date: Thu, 4 Sep 2025 13:31:06 +0530 Subject: [PATCH 08/24] modified the persistence storage req --- charts/jovvix/values.yaml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/jovvix/values.yaml b/charts/jovvix/values.yaml index f5ad8f2c..4e058c6c 100644 --- a/charts/jovvix/values.yaml +++ b/charts/jovvix/values.yaml @@ -291,7 +291,9 @@ postgresql: storageClass: local-path primary: persistence: - size: 1Gi + # Change this to true if you want to make it persistence + enabled: false + size: 100Mi resources: {} # requests: # cpu: 300m @@ -317,7 +319,9 @@ redis: storageClass: local-path master: persistence: - size: 1Gi + # Change this to true if you want to make it persistence + enabled: false + size: 100Mi resources: {} # requests: # cpu: 200m From d44edf9c57c92bb2f62446d3e08a1e8ab06cff8d Mon Sep 17 00:00:00 2001 From: "meetkumar.javiya" Date: Thu, 4 Sep 2025 14:24:23 +0530 Subject: [PATCH 09/24] modified the naming for the configmap ans secret --- charts/jovvix/templates/configmap.yaml | 6 +----- charts/jovvix/templates/secret.yaml | 6 +----- charts/jovvix/values.yaml | 10 +++++----- 3 files changed, 7 insertions(+), 15 deletions(-) diff --git a/charts/jovvix/templates/configmap.yaml b/charts/jovvix/templates/configmap.yaml index 1a4a7208..41143913 100644 --- a/charts/jovvix/templates/configmap.yaml +++ b/charts/jovvix/templates/configmap.yaml @@ -4,11 +4,7 @@ apiVersion: v1 kind: ConfigMap metadata: - {{- if $.Values.prefixWithReleaseName.enabled }} - name: "{{ $.Release.Name }}-{{ .name }}" - {{- else}} - name: "{{ .name }}" - {{- end }} + name: {{ .name | default (printf "%s-%s" $.Release.Name .name) }} namespace: {{ $.Release.Namespace | quote }} labels: {{- include "jovvix.labels" $ | nindent 4 }} diff --git a/charts/jovvix/templates/secret.yaml b/charts/jovvix/templates/secret.yaml index 317b3429..739b1ea8 100644 --- a/charts/jovvix/templates/secret.yaml +++ b/charts/jovvix/templates/secret.yaml @@ -4,11 +4,7 @@ apiVersion: v1 kind: Secret metadata: - {{- if $.Values.prefixWithReleaseName.enabled }} - name: "{{ $.Release.Name }}-{{ .name }}" - {{- else}} - name: "{{ .name }}" - {{- end }} + name: {{ .name | default (printf "%s-%s" $.Release.Name .name) }} namespace: {{ $.Release.Namespace | quote }} labels: {{- include "jovvix.labels" $ | nindent 4 }} diff --git a/charts/jovvix/values.yaml b/charts/jovvix/values.yaml index 4e058c6c..91239fb6 100644 --- a/charts/jovvix/values.yaml +++ b/charts/jovvix/values.yaml @@ -209,7 +209,7 @@ jobs: # Used to create configmaps, you can add existing configmaps also, but the name should be the same or you have to make changes accordingly configmaps: - - name: "api" + - name: "jovvix-api" create: true data: APP_PORT: 0.0.0.0:3300 @@ -245,7 +245,7 @@ configmaps: SMTP_HOST: "smtp.example.com" SMTP_PORT: "587" EMAIL_FROM: "no-reply@example.com" - - name: "ui" + - name: "jovvix-ui" create: true data: APP_ENV: local @@ -260,7 +260,7 @@ configmaps: # Used to create secrets, you can add existing secrets also, but the name should be the same or you have to make changes accordingly secrets: - - name: "api" + - name: "jovvix-api" create: true stringData: DB_PASSWORD: "example-db-password" @@ -269,13 +269,13 @@ secrets: DSN: postgres://jovvix:example-db-password@jovvix-db-postgresql:5432/jovvix?sslmode=disable SMTP_USERNAME: "example-smtp-user" SMTP_PASSWORD: "example-smtp-pass" - - name: "db" + - name: "jovvix-db" create: true stringData: postgres-password: "example-postgres-password" password: "example-db-password" redis-password: "example-redis-password" - - name: "kratos" + - name: "jovvix-kratos" create: true stringData: dsn: postgres://jovvix:example-db-password@jovvix-db-postgresql:5432/jovvix?sslmode=disable&search_path=kratos From 67064d894c146d0bbfa681fb09466c08b7a9d4a8 Mon Sep 17 00:00:00 2001 From: "meetkumar.javiya" Date: Mon, 8 Sep 2025 18:57:01 +0530 Subject: [PATCH 10/24] added override-values for ci and modified values file accordingly --- charts/jovvix/ci/override-values.yaml | 148 ++++++++++++++++++++++++++ charts/jovvix/templates/services.yaml | 18 ++-- charts/jovvix/values.yaml | 22 ++-- 3 files changed, 171 insertions(+), 17 deletions(-) create mode 100644 charts/jovvix/ci/override-values.yaml diff --git a/charts/jovvix/ci/override-values.yaml b/charts/jovvix/ci/override-values.yaml new file mode 100644 index 00000000..993bcd0f --- /dev/null +++ b/charts/jovvix/ci/override-values.yaml @@ -0,0 +1,148 @@ +services: + - fullnameOverride: "jovvix-ui" + name: ui + replicaCount: 1 + image: + repository: improwised/jovvix-ui + tag: main-9acf2cb-1754290699 + pullPolicy: IfNotPresent + envFrom: + - configMapRef: + name: jovvix-ui + service: + enabled: true + fullnameOverride: "jovvix-ui" + type: ClusterIP + ports: + name: http + port: 4000 + targetPort: http + ingress: + enabled: true + fullnameOverride: "jovvix-ui" + host: app.example.com + path: / + pathType: Prefix + - fullnameOverride: "jovvix-api" + name: api + replicaCount: 1 + image: + repository: improwised/jovvix-api + tag: main-82546e9-1753769203 + pullPolicy: IfNotPresent + command: ["/bin/sh", "-c"] + args: ["./jovvix api || sleep 3600"] + service: + enabled: true + fullnameOverride: "jovvix-api" + type: ClusterIP + ports: + name: http + port: 3300 + targetPort: http + ingress: + enabled: true + fullnameOverride: "jovvix-api" + host: app.example.com + path: /api + pathType: Prefix + envFrom: + - configMapRef: + name: jovvix-api + - secretRef: + name: jovvix-api + +jobs: + - name: migration + image: + repository: improwised/jovvix-api + tag: main-82546e9-1753769203 + envFrom: + - configMapRef: + name: jovvix-api + - secretRef: + # To keep the container running + name: jovvix-api + command: ["/bin/sh", "-c"] + args: + - | + until timeout 5 ./jovvix migrate up; do + echo "Waiting for Postgres to be ready for migrations..." + sleep 3 + done + echo "Migrations successful" + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + # after completing migration job will disappear + "helm.sh/hook": post-install,post-upgrade + # high priority than kratos-migration so that this finishes first + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation + - name: kratos-migration + image: + repository: oryd/kratos + tag: v1.3.1 + env: + - name: DSN + valueFrom: + secretKeyRef: + name: jovvix-kratos + key: dsn + command: ["/bin/sh", "-c"] + args: + - | + until timeout 5 kratos migrate sql -e --yes; do + echo "Waiting for Postgres to be ready for kratos migrations..." + sleep 3 + done + echo "kratos migrations successful" + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + # after completing migration job will disappear + "helm.sh/hook": post-install,post-upgrade + # kept it -4 ao that it can comes after the jovvix migration + "helm.sh/hook-weight": "-4" + "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation + +postgresql: + fullnameOverride: "jovvix-db-postgresql" + primary: + persistence: + enabled: false + auth: + username: jovvix + password: password + database: jovvix + +redis: + fullnameOverride: "jovvix-redis" + master: + persistence: + enabled: false + auth: + password: password + +kratos: + fullnameOverride: "jovvix-kratos" + enabled: true + ingress: + admin: + enabled: false + public: + enabled: false + kratos: + automigration: + enabled: false + config: + serve: + public: + base_url: http://jovvix-kratos + port: 4433 + admin: + base_url: http://jovvix-kratos + port: 4434 + selfservice: + allowed_return_urls: + - http://localhost diff --git a/charts/jovvix/templates/services.yaml b/charts/jovvix/templates/services.yaml index 5a74c664..07ca015f 100644 --- a/charts/jovvix/templates/services.yaml +++ b/charts/jovvix/templates/services.yaml @@ -3,7 +3,9 @@ apiVersion: apps/v1 kind: Deployment metadata: - {{- if $.Values.prefixWithReleaseName.enabled }} + {{- if .fullnameOverride }} + name: "{{ .fullnameOverride }}" + {{- else if $.Values.prefixWithReleaseName.enabled }} name: "{{ $.Release.Name }}-{{ .name }}-svc" {{- else}} name: "{{ .name }}" @@ -138,7 +140,9 @@ spec: apiVersion: v1 kind: Service metadata: - {{- if $.Values.prefixWithReleaseName.enabled }} + {{- if .fullnameOverride }} + name: "{{ .fullnameOverride }}" + {{- else if $.Values.prefixWithReleaseName.enabled }} name: "{{ $.Release.Name }}-{{ .service.name }}-svc" {{- else}} name: "{{ .service.name }}" @@ -161,17 +165,19 @@ spec: protocol: {{ .service.ports.protocol | default "TCP" }} {{- end }} {{- if and .ingress (.ingress.enabled) }} -{{- $svcName := printf "%s-%s-svc" $.Release.Name .service.name }} +{{- $svcName := ternary .ingress.fullnameOverride (printf "%s-%s-svc" $.Release.Name .service.name) (ne .ingress.fullnameOverride "") }} {{- $svcPortName := .service.ports.name | default "http" }} {{- $svcPortNumber := .service.ports.port }} --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - {{- if $.Values.prefixWithReleaseName.enabled }} - name: "{{ $.Release.Name }}-{{ .name }}" + {{- if .fullnameOverride }} + name: "{{ .fullnameOverride }}" + {{- else if $.Values.prefixWithReleaseName.enabled }} + name: "{{ $.Release.Name }}-{{ .name }}-svc" {{- else}} - name: "{{ .name }}" + name: "{{ .ingress.name }}" {{- end }} namespace: {{ $.Release.Namespace | quote }} labels: diff --git a/charts/jovvix/values.yaml b/charts/jovvix/values.yaml index 91239fb6..15aee20c 100644 --- a/charts/jovvix/values.yaml +++ b/charts/jovvix/values.yaml @@ -46,6 +46,7 @@ autoscaling: services: # This is for the jovvix-ui pod - name: ui + fullnameOverride: "jovvix-ui" replicaCount: 1 image: repository: improwised/jovvix-ui @@ -66,7 +67,7 @@ services: # memory: 600Mi service: enabled: true - name: ui + fullnameOverride: "jovvix-ui" type: ClusterIP ports: name: http @@ -76,13 +77,14 @@ services: # Ingress for the ui pod ingress: enabled: true - name: ui + fullnameOverride: "jovvix-ui" className: nginx host: app.example.com path: / pathType: Prefix # This is for the jovvix-api pod - name: api + fullnameOverride: "jovvix-api" # This init container waits for the redis pod to running, if removed the api pod crashes while redis is not in running state. initContainers: - name: wait-for-redis @@ -128,7 +130,7 @@ services: protocol: TCP service: enabled: true - name: api + fullnameOverride: "jovvix-api" type: ClusterIP ports: name: http @@ -144,7 +146,7 @@ services: # Ingress for the api pod ingress: enabled: true - name: api + fullnameOverride: "jovvix-api" className: nginx host: app.example.com path: /api @@ -286,13 +288,12 @@ secrets: # postgresql configurations postgresql: - nameOverride: "db-postgresql" + fullnameOverride: "jovvix-db-postgresql" global: storageClass: local-path primary: persistence: - # Change this to true if you want to make it persistence - enabled: false + enabled: true size: 100Mi resources: {} # requests: @@ -311,7 +312,7 @@ postgresql: # redis configurations redis: - nameOverride: "redis" + fullnameOverride: "jovvix-redis" architecture: standalone auth: existingSecret: jovvix-db @@ -319,8 +320,7 @@ redis: storageClass: local-path master: persistence: - # Change this to true if you want to make it persistence - enabled: false + enabled: true size: 100Mi resources: {} # requests: @@ -331,7 +331,7 @@ redis: # kratos configurations kratos: - nameOverride: "kratos" + fullnameOverride: "jovvix-kratos" ingress: admin: enabled: true From 7bf101e53e37a8166007d96a37c5ce0599c2c5c8 Mon Sep 17 00:00:00 2001 From: "meetkumar.javiya" Date: Tue, 9 Sep 2025 11:11:13 +0530 Subject: [PATCH 11/24] enabled kratos secret in ci --- charts/jovvix/ci/override-values.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/charts/jovvix/ci/override-values.yaml b/charts/jovvix/ci/override-values.yaml index 993bcd0f..e3c11ec9 100644 --- a/charts/jovvix/ci/override-values.yaml +++ b/charts/jovvix/ci/override-values.yaml @@ -126,12 +126,13 @@ redis: kratos: fullnameOverride: "jovvix-kratos" - enabled: true ingress: admin: enabled: false public: enabled: false + secrets: + enabled: true kratos: automigration: enabled: false From 0541048232fe8adf1ede0a7e9519fba23bbcf907 Mon Sep 17 00:00:00 2001 From: "meetkumar.javiya" Date: Tue, 9 Sep 2025 11:57:04 +0530 Subject: [PATCH 12/24] modified the secrets in dependent charts, removed annotations from job --- charts/jovvix/ci/override-values.yaml | 23 ++++------------------- 1 file changed, 4 insertions(+), 19 deletions(-) diff --git a/charts/jovvix/ci/override-values.yaml b/charts/jovvix/ci/override-values.yaml index e3c11ec9..ab7660cf 100644 --- a/charts/jovvix/ci/override-values.yaml +++ b/charts/jovvix/ci/override-values.yaml @@ -71,14 +71,6 @@ jobs: sleep 3 done echo "Migrations successful" - annotations: - # This is what defines this resource as a hook. Without this line, the - # job is considered part of the release. - # after completing migration job will disappear - "helm.sh/hook": post-install,post-upgrade - # high priority than kratos-migration so that this finishes first - "helm.sh/hook-weight": "-5" - "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation - name: kratos-migration image: repository: oryd/kratos @@ -97,14 +89,6 @@ jobs: sleep 3 done echo "kratos migrations successful" - annotations: - # This is what defines this resource as a hook. Without this line, the - # job is considered part of the release. - # after completing migration job will disappear - "helm.sh/hook": post-install,post-upgrade - # kept it -4 ao that it can comes after the jovvix migration - "helm.sh/hook-weight": "-4" - "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation postgresql: fullnameOverride: "jovvix-db-postgresql" @@ -113,8 +97,8 @@ postgresql: enabled: false auth: username: jovvix - password: password database: jovvix + existingSecret: jovvix-db redis: fullnameOverride: "jovvix-redis" @@ -122,7 +106,7 @@ redis: persistence: enabled: false auth: - password: password + existingSecret: jovvix-db kratos: fullnameOverride: "jovvix-kratos" @@ -132,7 +116,8 @@ kratos: public: enabled: false secrets: - enabled: true + enabled: false + nameOverride: jovvix-kratos kratos: automigration: enabled: false From fd9d4de7436d5a8c0c6050afef31c7cfab5d8017 Mon Sep 17 00:00:00 2001 From: "meetkumar.javiya" Date: Tue, 9 Sep 2025 12:44:00 +0530 Subject: [PATCH 13/24] added dummy connection_uri in kratos config --- charts/jovvix/ci/override-values.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/charts/jovvix/ci/override-values.yaml b/charts/jovvix/ci/override-values.yaml index ab7660cf..a2af49e4 100644 --- a/charts/jovvix/ci/override-values.yaml +++ b/charts/jovvix/ci/override-values.yaml @@ -122,6 +122,9 @@ kratos: automigration: enabled: false config: + courier: + smtp: + connection_uri: smtps://test:test@mailslurper:1025/?skip_ssl_verify=true serve: public: base_url: http://jovvix-kratos From d185b4f34e55d57eab5ec32cd377a0734275fbd7 Mon Sep 17 00:00:00 2001 From: Luv7804 Date: Tue, 9 Sep 2025 18:31:00 +0530 Subject: [PATCH 14/24] fix: removed older version of kubernetes from ci --- .github/workflows/lint-test.yaml | 105 +++++++++++++++---------------- 1 file changed, 52 insertions(+), 53 deletions(-) diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index 433403e3..562a6ea3 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -4,7 +4,7 @@ on: pull_request: push: branches: - - main + - main jobs: lint-test: @@ -13,64 +13,63 @@ jobs: matrix: # Latest k8s versions. There's no series-based tag, nor is there a latest tag. k8s: - - 1.21.14 - - 1.22.17 - - 1.23.17 - - 1.24.17 - - 1.25.16 - - 1.26.15 - - 1.27.16 - - 1.28.15 - - 1.29.14 - - 1.30.13 - - 1.31.9 - - 1.32.5 - - 1.33.2 + # - 1.21.14 + # - 1.22.17 + # - 1.23.17 + # - 1.24.17 + # - 1.25.16 + # - 1.26.15 + # - 1.27.16 + - 1.28.15 + - 1.29.14 + - 1.30.13 + - 1.31.9 + - 1.32.5 + - 1.33.2 steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 - - name: Set up Helm - uses: azure/setup-helm@v4.3.0 - with: - version: v3.18.4 + - name: Set up Helm + uses: azure/setup-helm@v4.3.0 + with: + version: v3.18.4 - - name: Adding dependency repositories - run: | - helm repo add bitnami https://charts.bitnami.com/bitnami - helm repo add bitnami-full-index https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami - helm repo add ory https://k8s.ory.sh/helm/charts + - name: Adding dependency repositories + run: | + helm repo add bitnami https://charts.bitnami.com/bitnami + helm repo add bitnami-full-index https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami + helm repo add ory https://k8s.ory.sh/helm/charts + - uses: actions/setup-python@v5 + with: + python-version: "3.x" + check-latest: true - - uses: actions/setup-python@v5 - with: - python-version: "3.x" - check-latest: true + - name: Set up chart-testing + uses: helm/chart-testing-action@v2 - - name: Set up chart-testing - uses: helm/chart-testing-action@v2 + - name: Run chart-testing (list-changed) + id: list-changed + run: | + changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }}) + if [[ -n "$changed" ]]; then + echo "changed=true" >> "$GITHUB_OUTPUT" + fi - - name: Run chart-testing (list-changed) - id: list-changed - run: | - changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }}) - if [[ -n "$changed" ]]; then - echo "changed=true" >> "$GITHUB_OUTPUT" - fi + - name: Run chart-testing (lint) + if: steps.list-changed.outputs.changed == 'true' + run: ct lint --target-branch ${{ github.event.repository.default_branch }} --excluded-charts freeipa - - name: Run chart-testing (lint) - if: steps.list-changed.outputs.changed == 'true' - run: ct lint --target-branch ${{ github.event.repository.default_branch }} --excluded-charts freeipa + - name: Create kind cluster + if: steps.list-changed.outputs.changed == 'true' + uses: helm/kind-action@v1.12.0 + with: + version: "v0.24.0" + node_image: "kindest/node:v${{ matrix.k8s }}" - - name: Create kind cluster - if: steps.list-changed.outputs.changed == 'true' - uses: helm/kind-action@v1.12.0 - with: - version: "v0.24.0" - node_image: "kindest/node:v${{ matrix.k8s }}" - - - name: Run chart-testing (install) - if: steps.list-changed.outputs.changed == 'true' - run: ct install --target-branch ${{ github.event.repository.default_branch }} --excluded-charts freeipa + - name: Run chart-testing (install) + if: steps.list-changed.outputs.changed == 'true' + run: ct install --target-branch ${{ github.event.repository.default_branch }} --excluded-charts freeipa From a37f7836c50be48e9bb30c8026a35a785a6e1073 Mon Sep 17 00:00:00 2001 From: Luv7804 Date: Tue, 9 Sep 2025 18:55:24 +0530 Subject: [PATCH 15/24] fix: added commands to create schema --- charts/jovvix/ci/override-values.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/charts/jovvix/ci/override-values.yaml b/charts/jovvix/ci/override-values.yaml index a2af49e4..22d33953 100644 --- a/charts/jovvix/ci/override-values.yaml +++ b/charts/jovvix/ci/override-values.yaml @@ -95,6 +95,11 @@ postgresql: primary: persistence: enabled: false + initdb: + scripts: + init-kratos-schema.sql: | + CREATE SCHEMA IF NOT EXISTS kratos; + GRANT ALL ON SCHEMA kratos TO kratos; auth: username: jovvix database: jovvix @@ -134,4 +139,4 @@ kratos: port: 4434 selfservice: allowed_return_urls: - - http://localhost + - http://localhost From 8933b67fb5fe146d52de513212915da0ac6ceb9e Mon Sep 17 00:00:00 2001 From: Luv7804 Date: Tue, 9 Sep 2025 19:03:26 +0530 Subject: [PATCH 16/24] fix: added all the verion of kuberntes in ci --- .github/workflows/lint-test.yaml | 104 +++++++++++++++---------------- 1 file changed, 52 insertions(+), 52 deletions(-) diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index 562a6ea3..7b60d5f6 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -4,7 +4,7 @@ on: pull_request: push: branches: - - main + - main jobs: lint-test: @@ -13,63 +13,63 @@ jobs: matrix: # Latest k8s versions. There's no series-based tag, nor is there a latest tag. k8s: - # - 1.21.14 - # - 1.22.17 - # - 1.23.17 - # - 1.24.17 - # - 1.25.16 - # - 1.26.15 - # - 1.27.16 - - 1.28.15 - - 1.29.14 - - 1.30.13 - - 1.31.9 - - 1.32.5 - - 1.33.2 + - 1.21.14 + - 1.22.17 + - 1.23.17 + - 1.24.17 + - 1.25.16 + - 1.26.15 + - 1.27.16 + - 1.28.15 + - 1.29.14 + - 1.30.13 + - 1.31.9 + - 1.32.5 + - 1.33.2 steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 - - name: Set up Helm - uses: azure/setup-helm@v4.3.0 - with: - version: v3.18.4 + - name: Set up Helm + uses: azure/setup-helm@v4.3.0 + with: + version: v3.18.4 - - name: Adding dependency repositories - run: | - helm repo add bitnami https://charts.bitnami.com/bitnami - helm repo add bitnami-full-index https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami - helm repo add ory https://k8s.ory.sh/helm/charts + - name: Adding dependency repositories + run: | + helm repo add bitnami https://charts.bitnami.com/bitnami + helm repo add bitnami-full-index https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami + helm repo add ory https://k8s.ory.sh/helm/charts - - uses: actions/setup-python@v5 - with: - python-version: "3.x" - check-latest: true + - uses: actions/setup-python@v5 + with: + python-version: "3.x" + check-latest: true - - name: Set up chart-testing - uses: helm/chart-testing-action@v2 + - name: Set up chart-testing + uses: helm/chart-testing-action@v2 - - name: Run chart-testing (list-changed) - id: list-changed - run: | - changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }}) - if [[ -n "$changed" ]]; then - echo "changed=true" >> "$GITHUB_OUTPUT" - fi + - name: Run chart-testing (list-changed) + id: list-changed + run: | + changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }}) + if [[ -n "$changed" ]]; then + echo "changed=true" >> "$GITHUB_OUTPUT" + fi - - name: Run chart-testing (lint) - if: steps.list-changed.outputs.changed == 'true' - run: ct lint --target-branch ${{ github.event.repository.default_branch }} --excluded-charts freeipa + - name: Run chart-testing (lint) + if: steps.list-changed.outputs.changed == 'true' + run: ct lint --target-branch ${{ github.event.repository.default_branch }} --excluded-charts freeipa - - name: Create kind cluster - if: steps.list-changed.outputs.changed == 'true' - uses: helm/kind-action@v1.12.0 - with: - version: "v0.24.0" - node_image: "kindest/node:v${{ matrix.k8s }}" + - name: Create kind cluster + if: steps.list-changed.outputs.changed == 'true' + uses: helm/kind-action@v1.12.0 + with: + version: "v0.24.0" + node_image: "kindest/node:v${{ matrix.k8s }}" - - name: Run chart-testing (install) - if: steps.list-changed.outputs.changed == 'true' - run: ct install --target-branch ${{ github.event.repository.default_branch }} --excluded-charts freeipa + - name: Run chart-testing (install) + if: steps.list-changed.outputs.changed == 'true' + run: ct install --target-branch ${{ github.event.repository.default_branch }} --excluded-charts freeipa From 1c09f63a2f573e62e3975ddeb79c86d781a4ec84 Mon Sep 17 00:00:00 2001 From: "meetkumar.javiya" Date: Wed, 10 Sep 2025 12:46:01 +0530 Subject: [PATCH 17/24] modified the job and values file for ci --- charts/jovvix/ci/override-values.yaml | 54 ++++++++++++++++++++------- charts/jovvix/templates/job.yaml | 4 +- charts/jovvix/values.yaml | 26 +++++++++---- 3 files changed, 61 insertions(+), 23 deletions(-) diff --git a/charts/jovvix/ci/override-values.yaml b/charts/jovvix/ci/override-values.yaml index 22d33953..28fd43ad 100644 --- a/charts/jovvix/ci/override-values.yaml +++ b/charts/jovvix/ci/override-values.yaml @@ -1,5 +1,5 @@ services: - - fullnameOverride: "jovvix-ui" + - fullnameOverride: "jovvix-ui-svc" name: ui replicaCount: 1 image: @@ -11,7 +11,7 @@ services: name: jovvix-ui service: enabled: true - fullnameOverride: "jovvix-ui" + fullnameOverride: "jovvix-ui-svc" type: ClusterIP ports: name: http @@ -19,12 +19,22 @@ services: targetPort: http ingress: enabled: true - fullnameOverride: "jovvix-ui" + fullnameOverride: "jovvix-ui-svc" host: app.example.com path: / pathType: Prefix - - fullnameOverride: "jovvix-api" + - fullnameOverride: "jovvix-api-svc" name: api + initContainers: + - name: wait-for-redis + image: busybox:1.37.0 + command: + - sh + - -c + - > + until timeout 3 nc -z jovvix-redis-master 6379; + do echo waiting for redis; sleep 5; done; + echo redis found replicaCount: 1 image: repository: improwised/jovvix-api @@ -34,7 +44,7 @@ services: args: ["./jovvix api || sleep 3600"] service: enabled: true - fullnameOverride: "jovvix-api" + fullnameOverride: "jovvix-api-svc" type: ClusterIP ports: name: http @@ -42,7 +52,7 @@ services: targetPort: http ingress: enabled: true - fullnameOverride: "jovvix-api" + fullnameOverride: "jovvix-api-svc" host: app.example.com path: /api pathType: Prefix @@ -53,7 +63,7 @@ services: name: jovvix-api jobs: - - name: migration + - fullnameOverride: jovvix-migration image: repository: improwised/jovvix-api tag: main-82546e9-1753769203 @@ -66,12 +76,26 @@ jobs: command: ["/bin/sh", "-c"] args: - | + echo "Waiting for Postgres to be ready..." + until nc -z jovvix-db-postgresql 5432; do + echo "Postgres not up yet, retrying in 3s..." + sleep 3 + done + + echo "Postgres is ready, running migrations..." until timeout 5 ./jovvix migrate up; do - echo "Waiting for Postgres to be ready for migrations..." + echo "Postgres is up but there is some other issue, retrying in 3s..." sleep 3 done echo "Migrations successful" - - name: kratos-migration + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + # after completing migration job will disappear + "helm.sh/hook": post-install,post-upgrade + # high priority than kratos-migration so that this finishes first + "helm.sh/hook-weight": "-5" + - fullnameOverride: jovvix-kratos-migration image: repository: oryd/kratos tag: v1.3.1 @@ -89,17 +113,19 @@ jobs: sleep 3 done echo "kratos migrations successful" + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + # after completing migration job will disappear + "helm.sh/hook": post-install,post-upgrade + # kept it -4 ao that it can comes after the jovvix migration + "helm.sh/hook-weight": "-4" postgresql: fullnameOverride: "jovvix-db-postgresql" primary: persistence: enabled: false - initdb: - scripts: - init-kratos-schema.sql: | - CREATE SCHEMA IF NOT EXISTS kratos; - GRANT ALL ON SCHEMA kratos TO kratos; auth: username: jovvix database: jovvix diff --git a/charts/jovvix/templates/job.yaml b/charts/jovvix/templates/job.yaml index 094f84e9..0775172a 100644 --- a/charts/jovvix/templates/job.yaml +++ b/charts/jovvix/templates/job.yaml @@ -3,7 +3,9 @@ apiVersion: batch/v1 kind: Job metadata: - {{- if $.Values.prefixWithReleaseName.enabled }} + {{- if .fullnameOverride }} + name: "{{ .fullnameOverride }}" + {{- else if $.Values.prefixWithReleaseName.enabled }} name: "{{ $.Release.Name }}-{{ .name }}" {{- else}} name: "{{ .name }}" diff --git a/charts/jovvix/values.yaml b/charts/jovvix/values.yaml index 15aee20c..38c47a36 100644 --- a/charts/jovvix/values.yaml +++ b/charts/jovvix/values.yaml @@ -46,7 +46,7 @@ autoscaling: services: # This is for the jovvix-ui pod - name: ui - fullnameOverride: "jovvix-ui" + fullnameOverride: "jovvix-ui-svc" replicaCount: 1 image: repository: improwised/jovvix-ui @@ -67,7 +67,7 @@ services: # memory: 600Mi service: enabled: true - fullnameOverride: "jovvix-ui" + fullnameOverride: "jovvix-ui-svc" type: ClusterIP ports: name: http @@ -77,14 +77,14 @@ services: # Ingress for the ui pod ingress: enabled: true - fullnameOverride: "jovvix-ui" + fullnameOverride: "jovvix-ui-svc" className: nginx host: app.example.com path: / pathType: Prefix # This is for the jovvix-api pod - name: api - fullnameOverride: "jovvix-api" + fullnameOverride: "jovvix-api-svc" # This init container waits for the redis pod to running, if removed the api pod crashes while redis is not in running state. initContainers: - name: wait-for-redis @@ -130,7 +130,7 @@ services: protocol: TCP service: enabled: true - fullnameOverride: "jovvix-api" + fullnameOverride: "jovvix-api-svc" type: ClusterIP ports: name: http @@ -146,7 +146,7 @@ services: # Ingress for the api pod ingress: enabled: true - fullnameOverride: "jovvix-api" + fullnameOverride: "jovvix-api-svc" className: nginx host: app.example.com path: /api @@ -155,7 +155,7 @@ services: # Used to add jobs based on job template jobs: # runs migraion for the jovvix - - name: migration + - fullnameOverride: jovvix-migration image: repository: improwised/jovvix-api tag: main-82546e9-1753769203 @@ -182,7 +182,7 @@ jobs: "helm.sh/hook-weight": "-5" "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation # runs kratos migrations - - name: kratos-migration + - fullnameOverride: jovvix-kratos-migration image: repository: oryd/kratos tag: v1.3.1 @@ -332,6 +332,16 @@ redis: # kratos configurations kratos: fullnameOverride: "jovvix-kratos" + job: + extraInitContainers: | + - name: wait-for-jovvix-api-svc + image: curlimages/curl:8.15.0 + command: + [ + "sh", + "-c", + "until curl -sf --connect-timeout 3 http://jovvix-api-svc:3300/api/healthz; do echo 'Waiting for jovvix-api-svc health endpoint...'; sleep 5; done; echo 'jovvix-api-svc is healthy, proceeding...';" + ] ingress: admin: enabled: true From 084a2737e7aba41d11cad05a343da131fd64f6af Mon Sep 17 00:00:00 2001 From: "meetkumar.javiya" Date: Wed, 10 Sep 2025 13:12:32 +0530 Subject: [PATCH 18/24] added delete hooks in jobs --- charts/jovvix/ci/override-values.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/jovvix/ci/override-values.yaml b/charts/jovvix/ci/override-values.yaml index 28fd43ad..86f52015 100644 --- a/charts/jovvix/ci/override-values.yaml +++ b/charts/jovvix/ci/override-values.yaml @@ -95,6 +95,7 @@ jobs: "helm.sh/hook": post-install,post-upgrade # high priority than kratos-migration so that this finishes first "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": before-hook-creation - fullnameOverride: jovvix-kratos-migration image: repository: oryd/kratos @@ -120,6 +121,7 @@ jobs: "helm.sh/hook": post-install,post-upgrade # kept it -4 ao that it can comes after the jovvix migration "helm.sh/hook-weight": "-4" + "helm.sh/hook-delete-policy": before-hook-creation postgresql: fullnameOverride: "jovvix-db-postgresql" From 98bb2a94499bc5aa82738c9d5baa22eb7172ef76 Mon Sep 17 00:00:00 2001 From: "meetkumar.javiya" Date: Mon, 22 Sep 2025 16:49:48 +0530 Subject: [PATCH 19/24] modified image registry from docker to public ecr --- charts/jovvix/values.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/charts/jovvix/values.yaml b/charts/jovvix/values.yaml index 38c47a36..fc80938e 100644 --- a/charts/jovvix/values.yaml +++ b/charts/jovvix/values.yaml @@ -291,6 +291,12 @@ postgresql: fullnameOverride: "jovvix-db-postgresql" global: storageClass: local-path + security: + allowInsecureImages: true + imageRegistry: public.ecr.aws + image: + repository: bitnami/postgresql + tag: 17.5.0-debian-12-r20 primary: persistence: enabled: true @@ -318,6 +324,12 @@ redis: existingSecret: jovvix-db global: storageClass: local-path + security: + allowInsecureImages: true + imageRegistry: public.ecr.aws + image: + repository: bitnami/redis + tag: 8.0.3-debian-12-r1 master: persistence: enabled: true From 97dfbd34b728b9f26caded8c1d3f93f21e94f1bb Mon Sep 17 00:00:00 2001 From: "meetkumar.javiya" Date: Mon, 22 Sep 2025 16:50:59 +0530 Subject: [PATCH 20/24] commented the annotations in the job --- charts/jovvix/ci/override-values.yaml | 32 +++++++++++++-------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/charts/jovvix/ci/override-values.yaml b/charts/jovvix/ci/override-values.yaml index 86f52015..a2045ade 100644 --- a/charts/jovvix/ci/override-values.yaml +++ b/charts/jovvix/ci/override-values.yaml @@ -88,14 +88,14 @@ jobs: sleep 3 done echo "Migrations successful" - annotations: - # This is what defines this resource as a hook. Without this line, the - # job is considered part of the release. - # after completing migration job will disappear - "helm.sh/hook": post-install,post-upgrade - # high priority than kratos-migration so that this finishes first - "helm.sh/hook-weight": "-5" - "helm.sh/hook-delete-policy": before-hook-creation + # annotations: + # # This is what defines this resource as a hook. Without this line, the + # # job is considered part of the release. + # # after completing migration job will disappear + # "helm.sh/hook": post-install,post-upgrade + # # high priority than kratos-migration so that this finishes first + # "helm.sh/hook-weight": "-5" + # "helm.sh/hook-delete-policy": before-hook-creation - fullnameOverride: jovvix-kratos-migration image: repository: oryd/kratos @@ -114,14 +114,14 @@ jobs: sleep 3 done echo "kratos migrations successful" - annotations: - # This is what defines this resource as a hook. Without this line, the - # job is considered part of the release. - # after completing migration job will disappear - "helm.sh/hook": post-install,post-upgrade - # kept it -4 ao that it can comes after the jovvix migration - "helm.sh/hook-weight": "-4" - "helm.sh/hook-delete-policy": before-hook-creation + # annotations: + # # This is what defines this resource as a hook. Without this line, the + # # job is considered part of the release. + # # after completing migration job will disappear + # "helm.sh/hook": post-install,post-upgrade + # # kept it -4 ao that it can comes after the jovvix migration + # "helm.sh/hook-weight": "-4" + # "helm.sh/hook-delete-policy": before-hook-creation postgresql: fullnameOverride: "jovvix-db-postgresql" From ccdee322777ccb454217c4480e0ac5a219c92c96 Mon Sep 17 00:00:00 2001 From: "meetkumar.javiya" Date: Tue, 23 Sep 2025 10:17:28 +0530 Subject: [PATCH 21/24] modified the bitnami registry in ci --- .github/workflows/lint-test.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index 7b60d5f6..e25300a3 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -39,7 +39,7 @@ jobs: - name: Adding dependency repositories run: | - helm repo add bitnami https://charts.bitnami.com/bitnami + helm repo add bitnami oci://registry-1.docker.io/bitnamicharts helm repo add bitnami-full-index https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami helm repo add ory https://k8s.ory.sh/helm/charts From 3150889cce495859f3d115172dda49e5131ab887 Mon Sep 17 00:00:00 2001 From: "meetkumar.javiya" Date: Tue, 23 Sep 2025 10:22:38 +0530 Subject: [PATCH 22/24] modified helm repo in ci --- .github/workflows/lint-test.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index e25300a3..7b60d5f6 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -39,7 +39,7 @@ jobs: - name: Adding dependency repositories run: | - helm repo add bitnami oci://registry-1.docker.io/bitnamicharts + helm repo add bitnami https://charts.bitnami.com/bitnami helm repo add bitnami-full-index https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami helm repo add ory https://k8s.ory.sh/helm/charts From d98f96320805733017bd47f31d776fec1aec7f65 Mon Sep 17 00:00:00 2001 From: "meetkumar.javiya" Date: Fri, 26 Sep 2025 12:55:12 +0530 Subject: [PATCH 23/24] modified the helm dependency installation --- .github/workflows/lint-test.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index 7b60d5f6..fb17c40d 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -39,9 +39,7 @@ jobs: - name: Adding dependency repositories run: | - helm repo add bitnami https://charts.bitnami.com/bitnami - helm repo add bitnami-full-index https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami - helm repo add ory https://k8s.ory.sh/helm/charts + helm dependency update - uses: actions/setup-python@v5 with: From 5c19b060cff9dc0aa05345aab7d19c0773e198bf Mon Sep 17 00:00:00 2001 From: "meetkumar.javiya" Date: Fri, 26 Sep 2025 15:16:23 +0530 Subject: [PATCH 24/24] modified adding dependency in lint and release ci --- .github/workflows/lint-test.yaml | 7 ++++++- .github/workflows/release.yaml | 7 +++++-- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index fb17c40d..b9902669 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -39,7 +39,12 @@ jobs: - name: Adding dependency repositories run: | - helm dependency update + helm pull oci://registry-1.docker.io/bitnamicharts/postgresql --version 16.7.21 + helm pull oci://registry-1.docker.io/bitnamicharts/postgresql --version 12.2.6 + helm pull oci://registry-1.docker.io/bitnamicharts/postgresql --version 12.1.6 + helm pull oci://registry-1.docker.io/bitnamicharts/redis --version 21.2.13 + helm pull oci://registry-1.docker.io/bitnamicharts/common --version 1.x.x + helm repo add ory https://k8s.ory.sh/helm/charts - uses: actions/setup-python@v5 with: diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index cad89c13..327ac6e9 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -24,8 +24,11 @@ jobs: - name: Adding dependency repositories run: | - helm repo add bitnami https://charts.bitnami.com/bitnami - helm repo add bitnami-full-index https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami + helm pull oci://registry-1.docker.io/bitnamicharts/postgresql --version 16.7.21 + helm pull oci://registry-1.docker.io/bitnamicharts/postgresql --version 12.2.6 + helm pull oci://registry-1.docker.io/bitnamicharts/postgresql --version 12.1.6 + helm pull oci://registry-1.docker.io/bitnamicharts/redis --version 21.2.13 + helm pull oci://registry-1.docker.io/bitnamicharts/common --version 1.x.x helm repo add ory https://k8s.ory.sh/helm/charts - name: Prepare GPG key