JE VAIS PETER UN CABLE

.gitignore

+dist/
\ No newline at end of file

Chart.yaml

+apiVersion: v2
+name: cdb
+description: All applications in the cdb ecosystem
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+appVersion: snapshot
+maintainers:
+- name: takiformation
+  email: takiformation@takima.school

templates/_helpers.tpl

+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "AppCtx.chartName" -}}
+{{- default .Chart.Name | trunc 24 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "AppCtx.chartNameVersion" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 30 chars in order to leave room for suffixes (because some Kubernetes name fields are limited to 63 chars by the DNS naming spec).
+*/}}
+{{- define "AppCtx.name" }}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- printf "%s" $name | trunc 30 | trimSuffix "-"}}
+{{- end }}
+
+{{/*
+Create the API name
+*/}}
+{{- define "AppCtx.apiName" }}
+{{- printf "%s-api" (include "AppCtx.name" .) | trunc 63  }}
+{{- end }}
+
+{{/*
+Create the Front name
+*/}}
+{{- define "AppCtx.frontName" }}
+{{- printf "%s-front" (include "AppCtx.name" .) | trunc 63  }}
+{{- end }}
+
+{{/*
+Create the DB name
+*/}}
+{{- define "AppCtx.dbName" }}
+{{- printf "%s-db" (include "AppCtx.name" .) | trunc 63 }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "AppCtx.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "AppCtx.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "AppCtx.labels" -}}
+helm.sh/chart: {{ include "AppCtx.chartName" . }}
+{{ include "AppCtx.selectorLabels" . }}
+app.kubernetes.io/part-of: {{ include "AppCtx.chartName" . }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{- define "AppCtx.apiSelectorLabels" -}}
+{{ include "AppCtx.selectorLabels" . }}
+app.kubernetes.io/component: api
+{{- end }}
+
+{{- define "AppCtx.apiLabels" -}}
+{{ include "AppCtx.apiSelectorLabels" . }}
+app.kubernetes.io/part-of: {{ include "AppCtx.chartName" . }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app/language: java
+app/version: {{ .Values.api.image.tag }}
+{{- end }}
+
+
+{{- define "AppCtx.frontSelectorLabels" -}}
+{{ include "AppCtx.selectorLabels" . }}
+app.kubernetes.io/component: front
+{{- end }}
+
+{{- define "AppCtx.frontLabels" -}}
+{{ include "AppCtx.frontSelectorLabels" . }}
+app.kubernetes.io/part-of: {{ include "AppCtx.chartName" . }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app/language: javascript
+app/version: {{ .Values.front.image.tag }}
+{{- end }}
+
+{{- define "AppCtx.dbSelectorLabels" -}}
+{{ include "AppCtx.selectorLabels" . }}
+app.kubernetes.io/component: db
+{{- end }}
+
+{{- define "AppCtx.dbLabels" -}}
+{{ include "AppCtx.dbSelectorLabels" . }}
+app.kubernetes.io/part-of: {{ include "AppCtx.chartName" . }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app/language: postgresql
+app/version: {{ .Values.db.image.tag }}
+{{- end }}

templates/api-config.yaml

+{{- if .Values.api.enabled }}  
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "AppCtx.apiName" . }}
+  labels: {{ include "AppCtx.apiLabels" . | nindent 4 }}
+data:
+  DB_ENDPOINT: "{{ template "AppCtx.dbName" . }}:5432"
+  DB_NAME: {{ .Values.db.name }}
+{{- end }}
\ No newline at end of file

templates/api-deployment.yaml

+{{- if .Values.api.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "AppCtx.apiName" . }}
+  labels: {{ include "AppCtx.apiLabels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.api.replicaCount }}
+  selector:
+    matchLabels: {{ include "AppCtx.apiSelectorLabels" . | nindent 8 }}
+  template:
+    metadata:
+      labels: {{ include "AppCtx.apiLabels" . | nindent 10 }}
+      annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/api-config.yaml") . | sha256sum }}
+    spec:
+      securityContext:
+        runAsUser: 1001
+        runAsGroup: 1001
+      imagePullSecrets:
+        - name: takima-school-registry
+      containers:
+      - name: api
+        image: {{ .Values.api.image.repository }}:{{ .Values.api.image.tag }}
+        resources:
+          requests:
+            memory: {{ .Values.api.requests.memory }}
+            cpu: {{ .Values.api.requests.cpu }}
+          limits:
+            memory: {{ .Values.api.limits.memory }}
+            cpu: {{ .Values.api.limits.cpu }}
+        startupProbe:
+          httpGet:
+            path: /actuator/health
+            port: 8080
+          initialDelaySeconds: {{ .Values.api.startupProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.api.startupProbe.periodSeconds }}
+          successThreshold: 1
+          failureThreshold: {{ .Values.api.startupProbe.failureThreshold }}
+        livenessProbe:
+          httpGet:
+            path: /actuator/health/liveness
+            port: 8080
+          periodSeconds: 3
+          successThreshold: 1
+          failureThreshold: 3
+        readinessProbe:
+          httpGet:
+            path: /actuator/health/readiness
+            port: 8080
+          periodSeconds: 1
+          successThreshold: 1
+          failureThreshold: 3        
+        securityContext:
+          allowPrivilegeEscalation: false
+        ports:
+        - containerPort: 8080
+        env: 
+          - name: DB_ENDPOINT
+            valueFrom:
+              configMapKeyRef:
+                name: {{ template "AppCtx.apiName" . }}
+                key: DB_ENDPOINT
+          - name: POSTGRES_DB
+            valueFrom:
+              configMapKeyRef:
+                name: {{ template "AppCtx.apiName" . }}
+                key: DB_NAME
+          - name: POSTGRES_USER
+            valueFrom:
+              secretKeyRef:
+                name: {{ template "AppCtx.dbName" . }}-credentials  # Nom du secret
+                key: pg_username     # nom de la clef dans le config map
+          - name: POSTGRES_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: {{ template "AppCtx.dbName" . }}-credentials  # Nom du secret
+                key: pg_password 
+{{- end }}
\ No newline at end of file

templates/api-ingress.yaml

+{{- if .Values.api.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ annotations:
+   kubernetes.io/ingress.class: nginx
+ name: {{ template "AppCtx.apiName" . }}
+ labels: {{ include "AppCtx.apiLabels" . | nindent 4 }}
+spec:
+  rules:
+  - host: {{ .Values.api.ingress.host }}
+    http:
+      paths:
+      - backend:
+          service:
+            name: {{ template "AppCtx.apiName" . }}
+            port:
+              number: 80
+        path: /
+        pathType: Prefix
+  tls:
+  - hosts:
+     - {{ .Values.api.ingress.host }}
+    secretName: app-wildcard
+{{- end }}
\ No newline at end of file

templates/api-service.yaml

+{{- if .Values.api.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "AppCtx.apiName" . }}
+  labels: {{ include "AppCtx.apiLabels" . | nindent 8 }}
+spec:
+  selector: {{ include "AppCtx.apiSelectorLabels" . | nindent 4 }}
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 8080
+{{- end }}
\ No newline at end of file

templates/front-config.yaml

+{{- if .Values.front.enabled }}  
+  {{- $apiUrl := "" }}  
+  {{- if .Values.api.ingress.tlsEnabled }}  
+    {{- $apiUrl = printf "https://%s" .Values.api.ingress.host | quote }}  
+  {{- else }}  
+    {{- $apiUrl = printf "http://%s" .Values.api.ingress.host | quote }}  
+  {{- end }}  
+apiVersion: v1  
+kind: ConfigMap  
+metadata:  
+  name: {{ template "AppCtx.frontName" . }}
+data:  
+  API_URL: {{ $apiUrl }}  
+{{- end }}
\ No newline at end of file

templates/front-deployment.yaml

+{{- if .Values.front.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "AppCtx.frontName" . }}
+  labels: {{ include "AppCtx.frontLabels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.front.replicaCount }}
+  selector:
+    matchLabels: {{ include "AppCtx.frontSelectorLabels" . | nindent 8 }}
+  template:
+    metadata:
+      labels: {{ include "AppCtx.frontLabels" . | nindent 10 }}
+      annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/front-config.yaml") . | sha256sum }}
+    spec:
+      imagePullSecrets:
+        - name: takima-school-registry
+      securityContext:
+        runAsUser: 101
+        runAsGroup: 101
+
+      containers:
+      - name: front
+        image: {{ .Values.front.image.repository }}:{{ .Values.front.image.tag }}
+        imagePullPolicy: Always
+        ports:
+          - containerPort: 8080
+        resources:
+          requests:
+            memory: "32M"
+            cpu: "0.1"
+          limits:
+            memory: "128M"
+            cpu: "1"
+        startupProbe:
+          httpGet:
+            path: /health
+            port: 8080
+          initialDelaySeconds: 3
+          periodSeconds: 1
+          successThreshold: 1
+          failureThreshold: 5
+        livenessProbe:
+          httpGet:
+            path: /health
+            port: 8080
+          periodSeconds: 3
+          successThreshold: 1
+          failureThreshold: 3
+        readinessProbe:
+          httpGet:
+            path: /health
+            port: 8080
+          periodSeconds: 1
+          successThreshold: 1
+          failureThreshold: 3
+        securityContext:
+          allowPrivilegeEscalation: false
+        
+        env: 
+          - name: API_URL
+            valueFrom:
+              configMapKeyRef:
+                name: {{ template "AppCtx.frontName" . }}
+                key: API_URL
+{{- end }}
\ No newline at end of file

templates/front-ingress.yaml

+{{- if .Values.front.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ annotations:
+   kubernetes.io/ingress.class: nginx
+ name: {{ template "AppCtx.frontName" . }}
+ labels: {{ include "AppCtx.frontLabels" . | nindent 4 }}
+spec:
+  rules:
+  - host: {{ .Values.front.ingress.host }}
+    http:
+      paths:
+      - backend:
+          service:
+            name: {{ template "AppCtx.frontName" . }}
+            port:
+              number: 80
+        path: /
+        pathType: Prefix
+  {{- if .Values.front.ingress.tlsEnabled }}
+  tls:
+  - hosts:
+      - {{ .Values.front.ingress.host }}
+    secretName: app-wildcard
+  {{- end }}
+{{- end }}
\ No newline at end of file

templates/front-service.yaml

+{{- if .Values.front.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "AppCtx.frontName" . }}
+  labels: {{ include "AppCtx.frontLabels" . | nindent 8 }}
+spec:
+  selector: {{ include "AppCtx.frontSelectorLabels" . | nindent 4 }}
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 8080
+{{- end }}
\ No newline at end of file

templates/pg-config.yaml

+{{- if .Values.db.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "AppCtx.dbName" . }}
+  labels: {{ include "AppCtx.dbLabels" . | nindent 4 }}
+data:
+  db_name: {{ .Values.db.name }}
+  db_path: "/var/lib/postgresql/data/pgdata"
+{{- end }}
\ No newline at end of file

templates/pg-credentials.yaml

+{{- if .Values.db.enabled }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "AppCtx.dbName" . }}-credentials
+  labels: {{ include "AppCtx.dbLabels" . | nindent 4 }}
+type: Opaque
+data:
+  pg_username: YWRtaW4=   # user: admin
+  pg_password: dGVzdDEyMyo=  # pwd: test123*
+{{- end }}
\ No newline at end of file

templates/pg-deployment.yaml

+{{- if .Values.db.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "AppCtx.dbName" . }}
+  labels: {{ include "AppCtx.dbLabels" . | nindent 4 }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels: {{ include "AppCtx.dbSelectorLabels" . | nindent 8 }}
+  template:
+    metadata:
+      labels: {{ include "AppCtx.dbLabels" . | nindent 10 }}
+      annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/front-config.yaml") . | sha256sum }}
+    spec:
+      containers:
+      - name: postgres
+        image: {{ .Values.db.image.repository }}:{{ .Values.db.image.tag }}
+        ports:
+        - containerPort: 80
+        env:
+          - name: POSTGRES_DB
+            valueFrom:
+              configMapKeyRef:
+                name: {{ template "AppCtx.dbName" . }}  # Nom du configmap
+                key: db_name     # nom de la clef dans le config map contenant le nom de la DB
+          - name: PGDATA
+            valueFrom:
+              configMapKeyRef:
+                name: {{ template "AppCtx.dbName" . }}  # Nom du configmap
+                key: db_path     # nom de la clef dans le configMap contenant path ou installer la db dans le volume persistant
+          - name: POSTGRES_USER
+            valueFrom:
+              secretKeyRef:
+                name: {{ template "AppCtx.dbName" . }}-credentials  # Nom du secret
+                key: pg_username     # nom de la clef dans le secret
+          - name: POSTGRES_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: {{ template "AppCtx.dbName" . }}-credentials  # Nom du secret
+                key: pg_password     # nom de la clef dans le secret contenant le password
+      imagePullSecrets:
+      - name: takima-school-registry
+{{- end }}
\ No newline at end of file

templates/pg-pvc.yaml

+{{- if .Values.db.enabled }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ template "AppCtx.dbName" . }}
+  labels: {{ include "AppCtx.dbLabels" . | nindent 4 }}
+spec:
+  accessModes:
+    - ReadWriteOnce
+  volumeMode: Filesystem
+  resources:
+    requests:
+      storage: {{ .Values.db.pvc.size }}
+  storageClassName: {{ .Values.db.pvc.storageClass }}
+{{- end }}

templates/pg-service.yaml

+{{- if .Values.db.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "AppCtx.dbName" . }}
+  labels: {{ include "AppCtx.dbLabels" . | nindent 4 }}
+spec:
+  selector: {{ include "AppCtx.dbSelectorLabels" . | nindent 4 }}
+  type: ClusterIP
+  ports:
+   - port: 5432
+{{- end}}

values.prod.yaml

+# Default values for CDB app.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+nameOverride: mycdb-prod
+
+api:
+  image:
+    tag: latest
+  replicaCount: 2
+  requests:
+    memory: "192M"
+    cpu: "0.2"
+  limits:
+    memory: "256M"
+    cpu: "1"
+  startupProbe:
+    initialDelaySeconds: 20
+    periodSeconds: 3
+    failureThreshold: 5
+  ingress:
+    tlsEnabled: true
+    host: api.replace-me.takima.school
+
+front:
+  image:
+    tag: latest
+  replicaCount: 1
+  ingress:
+    tlsEnabled: true
+    host: www.replace-me.takima.school
+
+db:
+  image:
+    tag: latest
+  pvc:
+    storageClass: gp2
+    size: 512Mi
+  credentials:
+    user: cdb
+    pwd: cdb123
\ No newline at end of file

values.staging.yaml

+# Default values for CDB app.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+nameOverride: mycdb-staging
+
+api:
+  image:
+    tag: latest
+  replicaCount: 1
+  requests:
+    memory: "128M"
+    cpu: "0.1"
+  limits:
+    memory: "256M"
+    cpu: "1"
+  startupProbe:
+    initialDelaySeconds: 20
+    periodSeconds: 3
+    failureThreshold: 5
+  ingress:
+    tlsEnabled: true
+    host: api-staging.to-replace.takima.school
+
+front:
+  image:
+    tag: latest
+  replicaCount: 1
+  ingress:
+    tlsEnabled: true
+    host: www-staging.to-replace.takima.school
+
+db:
+  image:
+    tag: latest
+  pvc:
+    storageClass: gp2
+    size: 512Mi
+  credentials:
+    user: cdb
+    pwd: cdb123
\ No newline at end of file

values.yaml

+# Default values for CDB app.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+nameOverride: mycdb
+
+api:
+  enabled: true
+  image:
+    repository: registry.gitlab.com/takima-school/images/cdb/api
+    tag: latest
+  replicaCount: 1
+  requests:
+    memory: "192M"
+    cpu: "0.2"
+  limits:
+    memory: "256M"
+    cpu: "1"
+  startupProbe:
+    initialDelaySeconds: 30
+    periodSeconds: 3
+    failureThreshold: 5
+  ingress:
+    tlsEnabled: false
+    host: api.to-replace.takima.school
+
+front:
+  enabled: true
+  image:
+    repository: registry.gitlab.com/takima-school/images/cdb/www
+    tag: latest
+  replicaCount: 1
+  ingress:
+    tlsEnabled: false
+    host: www.to-replace.takima.school
+
+db:
+  enabled: true
+  name: cdb-db
+  image:
+    repository: registry.takima.io/school/proxy/postgres
+    tag: latest
+  pvc:
+    storageClass: gp2
+    size: 512Mi
+  credentials:
+    user: cdb
+    pwd: cdb123
+