Skip to content

Commit

Permalink
Merge pull request #36 from SAP/controller
Browse files Browse the repository at this point in the history 
Controller
  • Loading branch information
@ib-steffen
ib-steffen authored Jun 3, 2018
2 parents e9cc651 + 43a2362 commit 67aad78
Show file tree
Hide file tree
Showing 99 changed files with 4,294 additions and 2,809 deletions.
6 changes: 3 additions & 3 deletions .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,12 +37,12 @@ infrabox/test/github-review/results.xml
src/pyinfrabox/.coverage
src/pyinfrabox/coverage.xml
src/pyinfrabox/results.xml
src/controller/pkg/client
src/controller/controller
src/controller/vendor
src/services/gcp/vendor
src/services/gcp/gcp
src/services/gcp/tmp/_output/
src/services/namespace/vendor
src/services/namespace/namespace
src/services/namespace/tmp/_output/
src/controller/vendor
src/controller/namespace
src/controller/tmp/_output/
2 changes: 2 additions & 0 deletions deploy/infrabox-function/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
name: infrabox-function
version: 1
293 changes: 293 additions & 0 deletions deploy/infrabox-function/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,293 @@
{{ define "env_database" }}
-
name: INFRABOX_DATABASE_USER
valueFrom:
secretKeyRef:
name: infrabox-postgres
key: username
-
name: INFRABOX_DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: infrabox-postgres
key: password
-
name: INFRABOX_DATABASE_HOST
value: {{ default "localhost" .Values.storage.postgres.host | quote }}
-
name: INFRABOX_DATABASE_DB
value: {{ default "infrabox" .Values.storage.postgres.db | quote }}
-
name: INFRABOX_DATABASE_PORT
value: {{ default 5432 .Values.storage.postgres.port | quote }}
-
name: INFRABOX_STORAGE_CLOUDSQL_ENABLED
value: {{ .Values.storage.cloudsql.enabled | quote }}
{{ if .Values.storage.cloudsql.enabled }}
-
name: INFRABOX_STORAGE_CLOUDSQL_INSTANCE_CONNECTION_NAME
value: {{ .Values.storage.cloudsql.instance_connection_name }}
{{ end }}
{{ end }}

{{ define "volumes_rsa" }}
-
name: rsa-key
secret:
secretName: infrabox-rsa
{{ end }}

{{ define "mounts_rsa_private" }}
-
name: rsa-key
mountPath: "/var/run/secrets/infrabox.net/rsa/id_rsa"
subPath: id_rsa
readOnly: true
{{ end }}

{{ define "mounts_rsa_public" }}
-
name: rsa-key
mountPath: "/var/run/secrets/infrabox.net/rsa/id_rsa.pub"
subPath: id_rsa.pub
readOnly: true
{{ end }}

{{ define "volumes_database" }}
{{ if .Values.storage.cloudsql.enabled }}
-
name: cloudsql-instance-credentials
secret:
secretName: infrabox-cloudsql-instance-credentials
-
name: cloudsql
emptyDir:
{{ end }}
{{ end }}

{{ define "env_gcs" }}
-
name: INFRABOX_STORAGE_GCS_ENABLED
value: {{ .Values.storage.gcs.enabled | quote }}
{{ if .Values.storage.gcs.enabled }}
-
name: INFRABOX_STORAGE_GCS_BUCKET
value: {{ .Values.storage.gcs.bucket }}
-
name: GOOGLE_APPLICATION_CREDENTIALS
value: /etc/infrabox/gcs/gcs_service_account.json
{{ end }}
{{ end }}

{{ define "env_s3" }}
-
name: INFRABOX_STORAGE_S3_ENABLED
value: {{ .Values.storage.s3.enabled | quote }}
{{ if .Values.storage.s3.enabled }}
-
name: INFRABOX_STORAGE_S3_ENDPOINT
value: {{ .Values.storage.s3.endpoint }}
-
name: INFRABOX_STORAGE_S3_PORT
value: {{ .Values.storage.s3.port | quote }}
-
name: INFRABOX_STORAGE_S3_REGION
value: {{ .Values.storage.s3.region | quote }}
-
name: INFRABOX_STORAGE_S3_SECURE
value: {{ .Values.storage.s3.secure | quote }}
-
name: INFRABOX_STORAGE_S3_BUCKET
value: {{ default "infrabox" .Values.storage.s3.bucket | quote }}
-
name: INFRABOX_STORAGE_S3_ACCESS_KEY
valueFrom:
secretKeyRef:
name: infrabox-s3-credentials
key: accessKey
-
name: INFRABOX_STORAGE_S3_SECRET_KEY
valueFrom:
secretKeyRef:
name: infrabox-s3-credentials
key: secretKey
{{ end }}
{{ end }}

{{ define "env_azure" }}
-
name: INFRABOX_STORAGE_AZURE_ENABLED
value: {{ .Values.storage.azure.enabled | quote }}
{{ if .Values.storage.azure.enabled }}
-
name: INFRABOX_STORAGE_AZURE_ACCOUNT_NAME
valueFrom:
secretKeyRef:
name: infrabox-azure-credentials
key: account-name
-
name: INFRABOX_STORAGE_AZURE_ACCOUNT_KEY
valueFrom:
secretKeyRef:
name: infrabox-azure-credentials
key: account-key
{{ end }}
{{ end }}

{{ define "env_github" }}
-
name: INFRABOX_GITHUB_ENABLED
value: {{ .Values.github.enabled | quote }}
{{ if .Values.github.enabled }}
-
name: INFRABOX_GITHUB_LOGIN_ENABLED
value: {{ .Values.github.login.enabled | quote }}
-
name: INFRABOX_GITHUB_API_URL
value: {{ default "https://api.github.com" .Values.github.api_url }}
-
name: INFRABOX_GITHUB_LOGIN_URL
value: {{ default "https://github.com/login" .Values.github.login.url }}
-
name: INFRABOX_GITHUB_LOGIN_ALLOWED_ORGANIZATIONS
value: {{ default "" .Values.github.login.allowed_organizations | quote }}
{{ end }}
{{ end }}

{{ define "env_gerrit" }}
-
name: INFRABOX_GERRIT_ENABLED
value: {{ .Values.gerrit.enabled | quote }}
{{ if .Values.gerrit.enabled }}
-
name: INFRABOX_GERRIT_HOSTNAME
value: {{ required "gerrit.hostname is required" .Values.gerrit.hostname }}
-
name: INFRABOX_GERRIT_KEY_FILENAME
value: /root/.ssh/id_rsa
-
name: INFRABOX_GERRIT_USERNAME
value: {{ required "gerrit.username is required" .Values.gerrit.username }}
-
name: INFRABOX_GERRIT_PORT
value: {{ default "29418" .Values.gerrit.port | quote }}
{{ end }}
{{ end }}

{{ define "env_ldap" }}
-
name: INFRABOX_ACCOUNT_LDAP_ENABLED
value: {{ .Values.account.ldap.enabled | quote }}
{{ if .Values.account.ldap.enabled }}
-
name: INFRABOX_ACCOUNT_LDAP_URL
value: {{ required "account.ldap.url is required" .Values.account.ldap.url }}
-
name: INFRABOX_ACCOUNT_LDAP_BASE
value: {{ required "account.ldap.base is required" .Values.account.ldap.base }}
-
name: INFRABOX_ACCOUNT_LDAP_DN
valueFrom:
secretKeyRef:
name: infrabox-ldap
key: dn
-
name: INFRABOX_ACCOUNT_LDAP_PASSWORD
valueFrom:
secretKeyRef:
name: infrabox-ldap
key: password
{{ end }}
{{ end }}


{{ define "env_github_secrets" }}
{{ if .Values.github.enabled }}
-
name: INFRABOX_GITHUB_CLIENT_ID
valueFrom:
secretKeyRef:
name: infrabox-github
key: client_id
-
name: INFRABOX_GITHUB_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: infrabox-github
key: client_secret
-
name: INFRABOX_GITHUB_WEBHOOK_SECRET
valueFrom:
secretKeyRef:
name: infrabox-github
key: webhook_secret
{{ end }}
{{ end }}

{{ define "env_general" }}
-
name: INFRABOX_GENERAL_LOG_STACKDRIVER
value: {{ default "false" .Values.general.log.stackdriver | quote }}
-
name: INFRABOX_GENERAL_DONT_CHECK_CERTIFICATES
value: {{ default "false" .Values.general.dont_check_certificates | quote }}
-
name: INFRABOX_GENERAL_WORKER_NAMESPACE
value: {{ default "infrabox-worker" .Values.general.worker_namespace }}
-
name: INFRABOX_ROOT_URL
value: {{ .Values.root_url }}
-
name: INFRABOX_GENERAL_REPORT_ISSUE_URL
value: {{ .Values.general.report_issue_url }}
-
name: INFRABOX_GENERAL_DOCKER_REGISTRY
value: {{ .Values.general.docker_registry }}
{{ end }}

{{ define "env_docker_registry" }}
-
name: INFRABOX_DOCKER_REGISTRY_ADMIN_USERNAME
value: "admin"
-
name: INFRABOX_DOCKER_REGISTRY_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: infrabox-admin
key: password
{{ end }}

{{ define "containers_database" }}
{{ if .Values.storage.cloudsql.enabled }}
-
image: gcr.io/cloudsql-docker/gce-proxy:1.09
name: cloudsql-proxy
command: ["/cloud_sql_proxy", "--dir=/cloudsql",
"-instances={{ .Values.storage.cloudsql.instance_connection_name }}=tcp:5432",
"-credential_file=/secrets/cloudsql/credentials.json"]
volumeMounts:
- name: cloudsql-instance-credentials
mountPath: /secrets/cloudsql
readOnly: true
- name: cloudsql
mountPath: /cloudsql
{{ end }}
{{ end }}

{{ define "env_job" }}
-
name: INFRABOX_JOB_MAX_OUTPUT_SIZE
value: {{ default "104857600" .Values.job.max_output_size | quote }}
-
name: INFRABOX_JOB_SECURITY_CONTEXT_CAPABILITIES_ENABLED
value: {{ default "false" .Values.job.security_context.capabilities.enabled | quote }}
{{ end }}

{{ define "env_kubernetes" }}
-
name: INFRABOX_KUBERNETES_MASTER_HOST
value: {{ default "kubernetes.default.svc.cluster.local" .Values.general.kubernetes_master_host }}
-
name: INFRABOX_KUBERNETES_MASTER_PORT
value: {{ default 443 .Values.general.kubernetes_master_port | quote }}
{{ end }}
65 changes: 65 additions & 0 deletions deploy/infrabox-function/templates/function_crd.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
apiVersion: core.infrabox.net/v1alpha1
kind: IBFunction
metadata:
name: infrabox-default-function
spec:
image: {{ required "general.docker_registry is required" .Values.general.docker_registry }}/{{ default "job" .Values.job.image }}:{{ required "job.tag is required" .Values.job.tag }}
securityContext:
privileged: true
resources:
limits:
cpu: 1000m
requests:
cpu: 1000m
memory: 1Gi
env:
{{ include "env_general" . | indent 4 }}
{{ include "env_job" . | indent 4 }}
{{ include "env_gerrit" . | indent 4 }}
-
name: INFRABOX_LOCAL_CACHE_ENABLED
value: {{ .Values.local_cache.enabled | quote }}
-
name: INFRABOX_SERVICE
value: infrabox-default-function
-
name: INFRABOX_VERSION
value: "unknown"
volumeMounts:
-
mountPath: /etc/docker/daemon.json
name: dockerd-config
subPath: daemon.json
-
name: data-dir
mountPath: "/data"
{{ if .Values.local_cache.enabled }}
-
mountPath: /local-cache
name: local-cache
{{ end }}
{{ if .Values.gerrit.enabled }}
-
mountPath: /tmp/gerrit
name: gerrit-ssh
{{ end }}
volumes:
-
name: data-dir
emptyDir: {}
-
name: dockerd-config
configMap:
name: infrabox-dockerd-config
{{ if .Values.local_cache.enabled }}
-
name: local-cache
hostPath:
Path: {{ default "/tmp/infrabox/local_cache" .Values.local_cache.host_path }}
{{ end }}
{{ if .Values.gerrit.enabled }}
-
name: gerrit-ssh
secret:
secretName: infrabox-gerrit-ssh
{{ end }}
8 changes: 8 additions & 0 deletions deploy/infrabox-function/templates/pipeline_crd.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
apiVersion: core.infrabox.net/v1alpha1
kind: IBPipeline
metadata:
name: infrabox-default-pipeline
spec:
steps:
- functionName: infrabox-default-function
name: run
Loading

0 comments on commit 67aad78

Please sign in to comment.