openstack
/
openstack-helm-addons
Code Issues Proposed changes

Merge "Add artifactory chart"

This commit is contained in:
Zuul 2018-03-12 19:02:29 +00:00 committed by Gerrit Code Review
parent 49b552a44b b13645834a
commit b58ee9caca
12 changed files with 595 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
artifactory/Chart.yaml Normal file
View File

@ -0,0 +1,22 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
description: OpenStack-Helm Artifactory
name: artifactory
version: 0.1.0
sources:
- https://git.openstack.org/cgit/openstack/openstack-helm-addons
maintainers:
- name: OpenStack-Helm Authors

18
artifactory/requirements.yaml Normal file
View File

@ -0,0 +1,18 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
dependencies:
- name: helm-toolkit
repository: http://localhost:8879/charts
version: 0.1.0

29
artifactory/templates/configmap-bin.yaml Normal file
View File

@ -0,0 +1,29 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.configmap_bin }}
{{- $envAll := . }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: artifactory-bin
data:
db-init.py: |
{{- include "helm-toolkit.scripts.db_init" . | indent 4 }}
db-drop.py: |
{{- include "helm-toolkit.scripts.db_drop" . | indent 4 }}
{{- end }}

27
artifactory/templates/configmap-etc.yaml Normal file
View File

@ -0,0 +1,27 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.configmap_etc }}
{{- $envAll := . }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: artifactory-extra-etc
data:
db.properties: |
{{ tuple "etc/_db.properties.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
{{- end }}

17
artifactory/templates/etc/_db.properties.tpl Normal file
View File

@ -0,0 +1,17 @@
# this is minimalist db.properties file for running artifactory via
# helm talking to mysql
#
# it should be made available to the artifactory user and writable as
# it will be updated with an encrypted password
type=mysql
driver=com.mysql.jdbc.Driver
{{ if .Values.endpoints.oslo_db.namespace }}
# known namespace, using fqdn
url=jdbc:mysql://{{- .Values.endpoints.oslo_db.hosts.default -}}.{{- .Values.endpoints.oslo_db.namespace -}}.svc.cluster.local:{{ tuple "oslo_db" "internal" "mysql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}{{- .Values.endpoints.oslo_db.path -}}?characterEncoding=UTF-8&elideSetAutoCommits=true
{{ else }}
# namespace not given, do not not use fqdn
url=jdbc:mysql://{{- .Values.endpoints.oslo_db.hosts.default -}}:{{ tuple "oslo_db" "internal" "mysql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}{{- .Values.endpoints.oslo_db.path -}}?characterEncoding=UTF-8&elideSetAutoCommits=true
{{ end }}
username={{ .Values.endpoints.oslo_db.auth.artifactory.username }}
password={{ .Values.endpoints.oslo_db.auth.artifactory.password }}

73
artifactory/templates/job-db-drop.yaml Normal file
View File

@ -0,0 +1,73 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_db_drop }}
{{- $envAll := . }}
{{- $dependencies := .Values.dependencies.db_drop }}
{{- $randStringSuffix := randAlphaNum 5 | lower }}
{{- $serviceAccountName := print "artifactory-db-drop-" $randStringSuffix }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: {{ print "artifactory-db-drop-" $randStringSuffix }}
annotations:
"helm.sh/hook": pre-delete
"helm.sh/hook-delete-policy": hook-succeeded
spec:
template:
metadata:
labels:
{{ tuple $envAll "artifactory" "db-drop" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
nodeSelector:
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
initContainers:
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: artifactory-db-drop
image: {{ .Values.images.tags.db_drop }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_drop | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
env:
- name: ROOT_DB_CONNECTION
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.oslo_db.admin }}
key: DB_CONNECTION
- name: DB_CONNECTION
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.oslo_db.artifactory }}
key: DB_CONNECTION
command:
- /tmp/db-drop.py
volumeMounts:
- name: artifactory-bin
mountPath: /tmp/db-drop.py
subPath: db-drop.py
readOnly: true
volumes:
- name: artifactory-bin
configMap:
name: artifactory-bin
defaultMode: 0555
{{- end }}

68
artifactory/templates/job-db-init.yaml Normal file
View File

@ -0,0 +1,68 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_db_init }}
{{- $envAll := . }}
{{- $dependencies := .Values.dependencies.db_init }}
{{- $serviceAccountName := "artifactory-db-init" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: artifactory-db-init
spec:
template:
metadata:
labels:
{{ tuple $envAll "artifactory" "db-init" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
nodeSelector:
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
initContainers:
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: artifactory-db-init
image: {{ .Values.images.tags.db_init }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_init | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
env:
- name: ROOT_DB_CONNECTION
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.oslo_db.admin }}
key: DB_CONNECTION
- name: DB_CONNECTION
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.oslo_db.artifactory }}
key: DB_CONNECTION
command:
- /tmp/db-init.py
volumeMounts:
- name: artifactory-bin
mountPath: /tmp/db-init.py
subPath: db-init.py
readOnly: true
volumes:
- name: artifactory-bin
configMap:
name: artifactory-bin
defaultMode: 0555
{{- end }}

28
artifactory/templates/secret-db-creds.yaml Normal file
View File

@ -0,0 +1,28 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_db_creds }}
{{- $envAll := . }}
---
apiVersion: v1
kind: Secret
metadata:
name: artifactory-db-creds
type: Opaque
data:
DB_USERNAME: {{ .Values.endpoints.oslo_db.auth.artifactory.username | b64enc }}
DB_PASSWORD: {{ .Values.endpoints.oslo_db.auth.artifactory.password | b64enc }}
{{- end }}

30
artifactory/templates/secret-db.yaml Normal file
View File

@ -0,0 +1,30 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_db }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "artifactory" }}
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
DB_CONNECTION: {{ tuple "oslo_db" "internal" $userClass "mysql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc -}}
{{- end }}
{{- end }}

56
artifactory/templates/service.yaml Normal file
View File

@ -0,0 +1,56 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.service }}
{{- $envAll := . }}
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "cicd" "default" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: artifactoryhttp
{{ if and .Values.network.node_ports.enabled .Values.network.http.port }}
nodePort: {{ .Values.network.http.node_port }}
{{ end }}
port: {{ .Values.network.http.port }}
protocol: TCP
targetPort: 8081
- name: artifactorydocker
{{ if and .Values.network.node_ports.enabled .Values.network.docker.port }}
nodePort: {{ .Values.network.docker.node_port }}
{{ end }}
port: {{ .Values.network.docker.port }}
protocol: TCP
targetPort: 5050
- name: artifactorysecure
{{ if and .Values.network.node_ports.enabled .Values.network.docker.port }}
nodePort: {{ .Values.network.secure.node_port }}
{{ end }}
port: {{ .Values.network.secure.port }}
protocol: TCP
targetPort: 5052
selector:
{{ tuple $envAll "artifactory" "dashboard" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
sessionAffinity: None
{{ if .Values.network.node_ports.enabled }}
type: NodePort
{{ else }}
type: ClusterIP
{{ end }}
{{ end }}

87
artifactory/templates/statefulset.yaml Normal file
View File

@ -0,0 +1,87 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.statefulset }}
{{- $envAll := . }}
---
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: artifactory
spec:
serviceName: artifactory
replicas: 1
template:
metadata:
labels:
{{ tuple $envAll "artifactory" "dashboard" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
nodeSelector:
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
containers:
- name: artifactory
image: {{ .Values.images.tags.artifactory }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.artifactory | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
env:
- name: DB_TYPE
value: mysql
- name: DB_USER
valueFrom:
secretKeyRef:
name: artifactory-db-creds
key: DB_USERNAME
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: artifactory-db-creds
key: DB_PASSWORD
- name: DB_HOST
value: {{ .Values.endpoints.oslo_db.hosts.default }}
{{ if .Values.bootstrap.master_key }}
- name: ARTIFACTORY_MASTER_KEY
value: {{ .Values.bootstrap.master_key }}
{{ end }}
ports:
- containerPort: 8081
protocol: TCP
volumeMounts:
- name: artifactory-extra-etc
mountPath: /artifactory_extra_conf/db.properties
subPath: db.properties
- name: artifactory-data
mountPath: /var/opt/jfrog/artifactory
volumes:
- name: artifactory-extra-etc
configMap:
name: artifactory-extra-etc
- name: artifactory-bin
configMap:
name: artifactory-bin
defaultMode: 0555
volumeClaimTemplates:
- metadata:
name: artifactory-data
spec:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: {{ .Values.volume.size }}
storageClassName: {{ .Values.volume.class_name }}
{{- end }}

140
artifactory/values.yaml Normal file
View File

@ -0,0 +1,140 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Default values for artifactory.
# This is a YAML-formatted file.
# Declare name/value pairs to be passed into your templates.
# name: value
labels:
node_selector_key: openstack-control-plane
node_selector_value: enabled
release_group: null
images:
tags:
db_init: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
db_drop: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.2.1
artifactory: quay.io/attcomdev/artifactory-pro-mysql:5.8.4
pull_policy: "IfNotPresent"
network:
node_ports:
enabled: false
http:
port: 8081
node_port: 31672
docker:
port: 5050
node_port: 31777
secure:
port: 5052
node_port: 31776
dependencies:
db_init:
services:
- service: oslo_db
endpoint: internal
db_drop:
services:
- service: oslo_db
endpoint: internal
artifactory:
jobs: null
services: null
storage: pvc
volume:
size: 100Gi
class_name: general
chown_on_start: true
pod:
resources:
enabled: false
jobs:
db_init:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
db_drop:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
lifecycle:
upgrades:
deployments:
pod_replacement_strategy: RollingUpdate
revision_history: 1
rolling_update:
max_surge: 1
max_unavailable: 1
secrets:
oslo_db:
admin: artifactory-db-admin
artifactory: artifactory-db-user
# typically overriden by environmental values, but should include all
# endpoints required by this chart
endpoints:
cluster_domain_suffix: cluster.local
oslo_db:
namespace: null
auth:
admin:
username: root
password: password
artifactory:
username: artifactory
password: password
hosts:
default: mariadb
host_fqdn_override:
default: null
path: /artifactory
scheme: mysql+pymysql
port:
mysql:
default: 3306
cicd:
name: artifactory
hosts:
default: artifactory
manifests:
configmap_bin: true
configmap_etc: true
statefulset: true
job_db_init: true
job_db_drop: false
secret_db: true
secret_db_creds: true
pvc_artifactory: true
service: true
# bootstrap/seed artifactory configuration
bootstrap:
master_key: null