diff --git a/smardigo/templates/iam/_helpers.tpl b/smardigo/templates/iam/_helpers.tpl new file mode 100644 index 0000000..1ba85f4 --- /dev/null +++ b/smardigo/templates/iam/_helpers.tpl @@ -0,0 +1,42 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "iam.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "iam.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "chartName" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Labels that should be added on each resource +*/}} +{{- define "labels" -}} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- if eq (default "helm" .Values.creator) "helm" }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +helm.sh/chart: {{ include "chartName" . }} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/smardigo/templates/iam/deployment.yml b/smardigo/templates/iam/deployment.yml new file mode 100644 index 0000000..4f2a883 --- /dev/null +++ b/smardigo/templates/iam/deployment.yml @@ -0,0 +1,43 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: "{{ .Release.Name }}-iam" +spec: + replicas: 1 + selector: + matchLabels: + app: "{{ .Release.Name }}-iam" + template: + metadata: + labels: + app: "{{ .Release.Name }}-iam" + spec: + hostAliases: + - ip: "{{ .Values.sharedService.keycloak.host.ip }}" + hostnames: + - "{{ .Values.sharedService.keycloak.host.name }}" + containers: + - name: "{{ .Release.Name }}-iam" + image: "{{ .Values.harbor.host.name }}/{{ .Values.iam.image.name }}:{{ .Values.iam.image.version }}" + imagePullPolicy: Always + env: + - name: SERVER_ERROR_INCLUDE_MESSAGE + value: "always" + - name: IAM_KEYCLOAK_AUTH_SERVER_URL + value: "https://{{ .Values.sharedService.keycloak.host.name }}/auth" + - name: IAM_KEYCLOAK_ADMIN_USER + value: "{{ .Values.iam.keycloak.username }}" + - name: IAM_KEYCLOAK_ADMIN_PASSWORD + value: "{{ .Values.iam.keycloak.username }}" + - name: SMA_JWT_ENABLED + value: "true" + - name: SMA_JWT_SECRET + value: "456ae14462d049d3be76439ef379c7c6" + ports: + - containerPort: 8080 + initContainers: + - name: init-keycloak + image: busybox:1.28 + command: ['sh', '-c', "until nslookup {{ .Values.sharedService.keycloak.host.name }}; do echo waiting for keycloak; sleep 2; done"] + imagePullSecrets: + - name: "{{ .Values.smardigo.pull_secret }}" diff --git a/smardigo/templates/iam/service.yml b/smardigo/templates/iam/service.yml new file mode 100644 index 0000000..dccbefd --- /dev/null +++ b/smardigo/templates/iam/service.yml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: "{{ .Release.Name }}-iam" +spec: + selector: + app: "{{ .Release.Name }}-iam" + type: NodePort + ports: + - port: 8080 + targetPort: 8080 + protocol: TCP + name: http + - port: 8081 + targetPort: 8081 + protocol: TCP + name: metrics diff --git a/smardigo/values.yaml b/smardigo/values.yaml index 3fbeb95..5d0e653 100644 --- a/smardigo/values.yaml +++ b/smardigo/values.yaml @@ -25,6 +25,7 @@ sharedService: iam: image: version: latest + name: smardigo/iam-app keycloak: username: keycloak-admin password: keycloak-admin