From 0180da386532abf28d793d4947102f94badeb582 Mon Sep 17 00:00:00 2001 From: shreddedbacon Date: Wed, 3 Jul 2024 07:49:46 +1000 Subject: [PATCH 1/6] feat: add sshkey internal handler --- Makefile | 1 + .../lagoon-core/templates/api.deployment.yaml | 24 +++++++++++++++++++ .../templates/webhooks2tasks.deployment.yaml | 24 +++++++++++++++++++ charts/lagoon-core/values.yaml | 7 ++++++ 4 files changed, 56 insertions(+) diff --git a/Makefile b/Makefile index abe0cf44f..1897cc964 100644 --- a/Makefile +++ b/Makefile @@ -250,6 +250,7 @@ install-lagoon-core: install-minio --set autoIdler.enabled=false \ --set backupHandler.enabled=false \ --set broker.image.repository=$(IMAGE_REGISTRY)/broker \ + --set sshkeyHandler.image.repository=$(IMAGE_REGISTRY)/api-sidecar-handler \ --set insightsHandler.enabled=false \ --set keycloak.image.repository=$(IMAGE_REGISTRY)/keycloak \ --set keycloakDB.image.repository=$(IMAGE_REGISTRY)/keycloak-db \ diff --git a/charts/lagoon-core/templates/api.deployment.yaml b/charts/lagoon-core/templates/api.deployment.yaml index 2e4dec379..daa207812 100644 --- a/charts/lagoon-core/templates/api.deployment.yaml +++ b/charts/lagoon-core/templates/api.deployment.yaml @@ -72,6 +72,30 @@ spec: - secretRef: name: {{ include "lagoon-core.api.fullname" . }} containers: + - name: api-sidecar-handler + securityContext: + {{- toYaml .Values.api.securityContext | nindent 10 }} + image: "{{ .Values.sshkeyHandler.image.repository }}:{{ coalesce .Values.sshkeyHandler.image.tag .Values.imageTag .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.sshkeyHandler.image.pullPolicy }} + ports: + - name: http-3333 + containerPort: 3333 + livenessProbe: + httpGet: + path: /status + port: http-3333 + readinessProbe: + httpGet: + path: /status + port: http-3333 + startupProbe: + httpGet: + path: /status + port: http-3333 + failureThreshold: 60 + periodSeconds: 10 + resources: + {{- toYaml .Values.api.resources | nindent 10 }} - name: api securityContext: {{- toYaml .Values.api.securityContext | nindent 10 }} diff --git a/charts/lagoon-core/templates/webhooks2tasks.deployment.yaml b/charts/lagoon-core/templates/webhooks2tasks.deployment.yaml index d9ee07a5d..9e0693440 100644 --- a/charts/lagoon-core/templates/webhooks2tasks.deployment.yaml +++ b/charts/lagoon-core/templates/webhooks2tasks.deployment.yaml @@ -30,6 +30,30 @@ spec: securityContext: {{- toYaml (coalesce .Values.webhooks2tasks.podSecurityContext .Values.podSecurityContext) | nindent 8 }} containers: + - name: api-sidecar-handler + securityContext: + {{- toYaml .Values.webhooks2tasks.securityContext | nindent 10 }} + image: "{{ .Values.sshkeyHandler.image.repository }}:{{ coalesce .Values.sshkeyHandler.image.tag .Values.imageTag .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.sshkeyHandler.image.pullPolicy }} + ports: + - name: http-3333 + containerPort: 3333 + livenessProbe: + httpGet: + path: /status + port: http-3333 + readinessProbe: + httpGet: + path: /status + port: http-3333 + startupProbe: + httpGet: + path: /status + port: http-3333 + failureThreshold: 60 + periodSeconds: 10 + resources: + {{- toYaml .Values.webhooks2tasks.resources | nindent 10 }} - name: webhooks2tasks securityContext: {{- toYaml .Values.webhooks2tasks.securityContext | nindent 10 }} diff --git a/charts/lagoon-core/values.yaml b/charts/lagoon-core/values.yaml index 19308b782..184294b3d 100644 --- a/charts/lagoon-core/values.yaml +++ b/charts/lagoon-core/values.yaml @@ -225,6 +225,13 @@ apiRedis: type: ClusterIP port: 6379 +sshkeyHandler: + image: + repository: uselagoon/api-sidecar-handler + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + keycloak: # keycloak realm and email settings configuration realmSettings: From b105eefe989be4f374687571183a14a7a7c24713 Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Wed, 3 Jul 2024 07:49:46 +1000 Subject: [PATCH 2/6] chore: added api-sidecar-handler container to api and webhooks2tasks --- charts/lagoon-core/Chart.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/lagoon-core/Chart.yaml b/charts/lagoon-core/Chart.yaml index 48d23d8cd..c895e130c 100644 --- a/charts/lagoon-core/Chart.yaml +++ b/charts/lagoon-core/Chart.yaml @@ -46,3 +46,5 @@ annotations: description: update values for local development - kind: changed description: bump minimum Kubernetes version to 1.25 + - kind: changed + description: added api-sidecar-handler container to api and webhooks2tasks From a5a0a11528a47b200613b007175963ad9b564aad Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Wed, 3 Jul 2024 07:49:46 +1000 Subject: [PATCH 3/6] chore: add sshkeyHandler image override --- charts/lagoon-core/ci/linter-values.yaml | 4 ++++ charts/lagoon-core/ci/testlagoon-main-override.yaml | 5 +++++ 2 files changed, 9 insertions(+) diff --git a/charts/lagoon-core/ci/linter-values.yaml b/charts/lagoon-core/ci/linter-values.yaml index b4b7f49dd..8555c951c 100644 --- a/charts/lagoon-core/ci/linter-values.yaml +++ b/charts/lagoon-core/ci/linter-values.yaml @@ -49,6 +49,10 @@ apiRedis: requests: cpu: "10m" +sshkeyHandler: + image: + repository: uselagoon/api-sidecar-handler + actionsHandler: replicaCount: 1 image: diff --git a/charts/lagoon-core/ci/testlagoon-main-override.yaml b/charts/lagoon-core/ci/testlagoon-main-override.yaml index 88b92cab4..716496601 100644 --- a/charts/lagoon-core/ci/testlagoon-main-override.yaml +++ b/charts/lagoon-core/ci/testlagoon-main-override.yaml @@ -12,6 +12,11 @@ apiRedis: image: repository: testlagoon/api-redis +sshkeyHandler: + image: + repository: testlagoon/api-sidecar-handler + tag: pr-3662 + actionsHandler: image: repository: testlagoon/actions-handler From d7c397976f4f90e8ba20460093cc341e3fc014d5 Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Wed, 3 Jul 2024 07:49:46 +1000 Subject: [PATCH 4/6] chore: rename sshkeyHandler to apisidecarhandler --- Makefile | 2 +- charts/lagoon-core/ci/linter-values.yaml | 2 +- charts/lagoon-core/ci/testlagoon-main-override.yaml | 2 +- charts/lagoon-core/templates/api.deployment.yaml | 4 ++-- charts/lagoon-core/templates/webhooks2tasks.deployment.yaml | 4 ++-- charts/lagoon-core/values.yaml | 2 +- 6 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Makefile b/Makefile index 1897cc964..8b56e9bf4 100644 --- a/Makefile +++ b/Makefile @@ -250,7 +250,7 @@ install-lagoon-core: install-minio --set autoIdler.enabled=false \ --set backupHandler.enabled=false \ --set broker.image.repository=$(IMAGE_REGISTRY)/broker \ - --set sshkeyHandler.image.repository=$(IMAGE_REGISTRY)/api-sidecar-handler \ + --set apiSidecarHandler.image.repository=$(IMAGE_REGISTRY)/api-sidecar-handler \ --set insightsHandler.enabled=false \ --set keycloak.image.repository=$(IMAGE_REGISTRY)/keycloak \ --set keycloakDB.image.repository=$(IMAGE_REGISTRY)/keycloak-db \ diff --git a/charts/lagoon-core/ci/linter-values.yaml b/charts/lagoon-core/ci/linter-values.yaml index 8555c951c..94234214b 100644 --- a/charts/lagoon-core/ci/linter-values.yaml +++ b/charts/lagoon-core/ci/linter-values.yaml @@ -49,7 +49,7 @@ apiRedis: requests: cpu: "10m" -sshkeyHandler: +apiSidecarHandler: image: repository: uselagoon/api-sidecar-handler diff --git a/charts/lagoon-core/ci/testlagoon-main-override.yaml b/charts/lagoon-core/ci/testlagoon-main-override.yaml index 716496601..20b771c90 100644 --- a/charts/lagoon-core/ci/testlagoon-main-override.yaml +++ b/charts/lagoon-core/ci/testlagoon-main-override.yaml @@ -12,7 +12,7 @@ apiRedis: image: repository: testlagoon/api-redis -sshkeyHandler: +apiSidecarHandler: image: repository: testlagoon/api-sidecar-handler tag: pr-3662 diff --git a/charts/lagoon-core/templates/api.deployment.yaml b/charts/lagoon-core/templates/api.deployment.yaml index daa207812..92db4c8fb 100644 --- a/charts/lagoon-core/templates/api.deployment.yaml +++ b/charts/lagoon-core/templates/api.deployment.yaml @@ -75,8 +75,8 @@ spec: - name: api-sidecar-handler securityContext: {{- toYaml .Values.api.securityContext | nindent 10 }} - image: "{{ .Values.sshkeyHandler.image.repository }}:{{ coalesce .Values.sshkeyHandler.image.tag .Values.imageTag .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.sshkeyHandler.image.pullPolicy }} + image: "{{ .Values.apiSidecarHandler.image.repository }}:{{ coalesce .Values.apiSidecarHandler.image.tag .Values.imageTag .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.apiSidecarHandler.image.pullPolicy }} ports: - name: http-3333 containerPort: 3333 diff --git a/charts/lagoon-core/templates/webhooks2tasks.deployment.yaml b/charts/lagoon-core/templates/webhooks2tasks.deployment.yaml index 9e0693440..c370b58ce 100644 --- a/charts/lagoon-core/templates/webhooks2tasks.deployment.yaml +++ b/charts/lagoon-core/templates/webhooks2tasks.deployment.yaml @@ -33,8 +33,8 @@ spec: - name: api-sidecar-handler securityContext: {{- toYaml .Values.webhooks2tasks.securityContext | nindent 10 }} - image: "{{ .Values.sshkeyHandler.image.repository }}:{{ coalesce .Values.sshkeyHandler.image.tag .Values.imageTag .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.sshkeyHandler.image.pullPolicy }} + image: "{{ .Values.apiSidecarHandler.image.repository }}:{{ coalesce .Values.apiSidecarHandler.image.tag .Values.imageTag .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.apiSidecarHandler.image.pullPolicy }} ports: - name: http-3333 containerPort: 3333 diff --git a/charts/lagoon-core/values.yaml b/charts/lagoon-core/values.yaml index 184294b3d..752d7acd1 100644 --- a/charts/lagoon-core/values.yaml +++ b/charts/lagoon-core/values.yaml @@ -225,7 +225,7 @@ apiRedis: type: ClusterIP port: 6379 -sshkeyHandler: +apiSidecarHandler: image: repository: uselagoon/api-sidecar-handler pullPolicy: Always From 853eccee6ad066d57daf97ff3ae0ef67c688fea4 Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Wed, 3 Jul 2024 07:49:46 +1000 Subject: [PATCH 5/6] chore: remove sidecar port --- charts/lagoon-core/templates/api.deployment.yaml | 9 +++------ .../lagoon-core/templates/webhooks2tasks.deployment.yaml | 9 +++------ 2 files changed, 6 insertions(+), 12 deletions(-) diff --git a/charts/lagoon-core/templates/api.deployment.yaml b/charts/lagoon-core/templates/api.deployment.yaml index 92db4c8fb..4d15bed93 100644 --- a/charts/lagoon-core/templates/api.deployment.yaml +++ b/charts/lagoon-core/templates/api.deployment.yaml @@ -77,21 +77,18 @@ spec: {{- toYaml .Values.api.securityContext | nindent 10 }} image: "{{ .Values.apiSidecarHandler.image.repository }}:{{ coalesce .Values.apiSidecarHandler.image.tag .Values.imageTag .Chart.AppVersion }}" imagePullPolicy: {{ .Values.apiSidecarHandler.image.pullPolicy }} - ports: - - name: http-3333 - containerPort: 3333 livenessProbe: httpGet: path: /status - port: http-3333 + port: 3333 readinessProbe: httpGet: path: /status - port: http-3333 + port: 3333 startupProbe: httpGet: path: /status - port: http-3333 + port: 3333 failureThreshold: 60 periodSeconds: 10 resources: diff --git a/charts/lagoon-core/templates/webhooks2tasks.deployment.yaml b/charts/lagoon-core/templates/webhooks2tasks.deployment.yaml index c370b58ce..d1f294d3c 100644 --- a/charts/lagoon-core/templates/webhooks2tasks.deployment.yaml +++ b/charts/lagoon-core/templates/webhooks2tasks.deployment.yaml @@ -35,21 +35,18 @@ spec: {{- toYaml .Values.webhooks2tasks.securityContext | nindent 10 }} image: "{{ .Values.apiSidecarHandler.image.repository }}:{{ coalesce .Values.apiSidecarHandler.image.tag .Values.imageTag .Chart.AppVersion }}" imagePullPolicy: {{ .Values.apiSidecarHandler.image.pullPolicy }} - ports: - - name: http-3333 - containerPort: 3333 livenessProbe: httpGet: path: /status - port: http-3333 + port: 3333 readinessProbe: httpGet: path: /status - port: http-3333 + port: 3333 startupProbe: httpGet: path: /status - port: http-3333 + port: 3333 failureThreshold: 60 periodSeconds: 10 resources: From 44102dc41851bf309d9d55e5dfe967eb792d784b Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Wed, 3 Jul 2024 07:49:46 +1000 Subject: [PATCH 6/6] chore: remove pr image override --- charts/lagoon-core/ci/linter-values.yaml | 4 ++-- charts/lagoon-core/ci/testlagoon-main-override.yaml | 1 - 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/charts/lagoon-core/ci/linter-values.yaml b/charts/lagoon-core/ci/linter-values.yaml index 94234214b..c8916ba45 100644 --- a/charts/lagoon-core/ci/linter-values.yaml +++ b/charts/lagoon-core/ci/linter-values.yaml @@ -220,8 +220,8 @@ natsService: natsConfig: users: lagoonRemote: - - user: ci-ssh-portal - password: ci-password + - user: ci-ssh-portal + password: ci-password tls: secretData: ca.crt: | diff --git a/charts/lagoon-core/ci/testlagoon-main-override.yaml b/charts/lagoon-core/ci/testlagoon-main-override.yaml index 20b771c90..802010051 100644 --- a/charts/lagoon-core/ci/testlagoon-main-override.yaml +++ b/charts/lagoon-core/ci/testlagoon-main-override.yaml @@ -15,7 +15,6 @@ apiRedis: apiSidecarHandler: image: repository: testlagoon/api-sidecar-handler - tag: pr-3662 actionsHandler: image: