From 95aa8fd84bf69cb216d92159d9043f68f5e14beb Mon Sep 17 00:00:00 2001 From: Nicolas Date: Tue, 22 Jul 2025 17:50:25 +0800 Subject: [PATCH] feat(reconciler): update Helm chart configs, templates, and CI/CD integration for reconciler service --- .../helm-pkg/reconciler/Chart.yaml | 6 + .../templates/reconciler/certificate.yaml | 27 ++++ .../templates/reconciler/deployment.yaml | 121 ++++++++++++++++ .../templates/reconciler/ingress.yaml | 36 +++++ .../reconciler/reconciler-config.yaml | 70 ++++++++++ .../templates/reconciler/service.yaml | 26 ++++ .../templates/reconciler/servicemonitor.yaml | 40 ++++++ .../reconciler/templates/reconciler/vpa.yaml | 32 +++++ .../helm-pkg/reconciler/values.alpha.yaml | 131 ++++++++++++++++++ .../helm-pkg/reconciler/values.yaml | 131 ++++++++++++++++++ .../ci/freeleaps-service-hub/Jenkinsfile | 2 +- 11 files changed, 621 insertions(+), 1 deletion(-) create mode 100644 freeleaps-devops-reconciler/helm-pkg/reconciler/Chart.yaml create mode 100644 freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/certificate.yaml create mode 100644 freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/deployment.yaml create mode 100644 freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/ingress.yaml create mode 100644 freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/reconciler-config.yaml create mode 100644 freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/service.yaml create mode 100644 freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/servicemonitor.yaml create mode 100644 freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/vpa.yaml create mode 100644 freeleaps-devops-reconciler/helm-pkg/reconciler/values.alpha.yaml create mode 100644 freeleaps-devops-reconciler/helm-pkg/reconciler/values.yaml diff --git a/freeleaps-devops-reconciler/helm-pkg/reconciler/Chart.yaml b/freeleaps-devops-reconciler/helm-pkg/reconciler/Chart.yaml new file mode 100644 index 00000000..3253a288 --- /dev/null +++ b/freeleaps-devops-reconciler/helm-pkg/reconciler/Chart.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +name: chat +description: A Helm Chart of chat service, which part of Freeleaps Platform, powered by Freeleaps. +type: application +version: 0.0.1 +appVersion: "0.0.1" diff --git a/freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/certificate.yaml b/freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/certificate.yaml new file mode 100644 index 00000000..393734a7 --- /dev/null +++ b/freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/certificate.yaml @@ -0,0 +1,27 @@ +{{ $namespace := .Release.Namespace }} +{{ $appVersion := .Chart.AppVersion | quote }} +{{ $releaseCertificate := .Release.Service }} +{{ $releaseName := .Release.Name }} +{{- range $ingress := .Values.reconciler.ingresses }} +{{- if not $ingress.tls.exists }} +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: {{ $ingress.name }} + namespace: {{ $namespace }} + labels: + app.kubernetes.io/version: {{ $appVersion }} + app.kubernetes.io/name: {{ $ingress.name | quote }} + app.kubernetes.io/managed-by: {{ $releaseCertificate }} + app.kubernetes.io/instance: {{ $releaseName }} +spec: + commonName: {{ $ingress.host }} + dnsNames: + - {{ $ingress.host }} + issuerRef: + name: {{ $ingress.tls.issuerRef.name }} + kind: {{ $ingress.tls.issuerRef.kind }} + secretName: {{ $ingress.tls.name }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/deployment.yaml b/freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/deployment.yaml new file mode 100644 index 00000000..138c37d3 --- /dev/null +++ b/freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/deployment.yaml @@ -0,0 +1,121 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} + app.kubernetes.io/name: "reconciler" + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} +{{- if .Values.logIngest.enabled }} + annotations: + opentelemetry.io/config-checksum: {{ include (print $.Template.BasePath "/reconciler/opentelemetry.yaml") . | sha256sum }} +{{- end }} + name: "reconciler" + namespace: {{ .Release.Namespace | quote }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: "reconciler" + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + replicas: {{ .Values.reconciler.replicas }} + template: + metadata: + labels: + app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} + app.kubernetes.io/name: "reconciler" + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + annotations: + app.kubernetes.io/config-checksum: {{ include (print $.Template.BasePath "/reconciler/reconciler-config.yaml") . | sha256sum }} +{{- if .Values.logIngest.enabled }} + opentelemetry.io/config-checksum: {{ include (print $.Template.BasePath "/reconciler/opentelemetry.yaml") . | sha256sum }} + sidecar.opentelemetry.io/inject: "{{ .Release.Namespace}}/{{ .Release.Name }}-opentelemetry-collector" +{{- end }} + spec: +{{- if .Values.logIngest.enabled }} + serviceAccountName: "{{ .Release.Name }}-otel-collector" +{{- end }} + containers: + - name: "reconciler" + image: "{{ coalesce .Values.reconciler.image.registry .Values.global.registry "docker.io"}}/{{ coalesce .Values.reconciler.image.repository .Values.global.repository }}/{{ .Values.reconciler.image.name }}:{{ .Values.reconciler.image.tag | default "latest" }}" + imagePullPolicy: {{ .Values.reconciler.image.imagePullPolicy | default "IfNotPresent" }} + ports: + {{- range $port := .Values.reconciler.ports }} + - containerPort: {{ $port.containerPort }} + name: {{ $port.name }} + protocol: {{ $port.protocol }} + {{- end }} + {{- if .Values.reconciler.resources }} + resources: + {{- toYaml .Values.reconciler.resources | nindent 12 }} + {{- end }} + {{- if .Values.reconciler.probes }} + {{- if and (.Values.reconciler.probes.liveness) (eq .Values.reconciler.probes.liveness.type "httpGet") }} + livenessProbe: + httpGet: + path: {{ .Values.reconciler.probes.liveness.config.path }} + port: {{ .Values.reconciler.probes.liveness.config.port }} + {{- if .Values.reconciler.probes.liveness.config.initialDelaySeconds }} + initialDelaySeconds: {{ .Values.reconciler.probes.liveness.config.initialDelaySeconds }} + {{- end }} + {{- if .Values.reconciler.probes.liveness.config.periodSeconds }} + periodSeconds: {{ .Values.reconciler.probes.liveness.config.periodSeconds }} + {{- end }} + {{- if .Values.reconciler.probes.liveness.config.timeoutSeconds }} + timeoutSeconds: {{ .Values.reconciler.probes.liveness.config.timeoutSeconds }} + {{- end }} + {{- if .Values.reconciler.probes.liveness.config.successThreshold }} + successThreshold: {{ .Values.reconciler.probes.liveness.config.successThreshold }} + {{- end }} + {{- if .Values.reconciler.probes.liveness.config.failureThreshold }} + failureThreshold: {{ .Values.reconciler.probes.liveness.config.failureThreshold }} + {{- end }} + {{- if .Values.reconciler.probes.liveness.config.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.reconciler.probes.liveness.config.terminationGracePeriodSeconds }} + {{- end }} + {{- end }} + {{- if and (.Values.reconciler.probes.readiness) (eq .Values.reconciler.probes.readiness.type "httpGet") }} + readinessProbe: + httpGet: + path: {{ .Values.reconciler.probes.readiness.config.path }} + port: {{ .Values.reconciler.probes.readiness.config.port }} + {{- if .Values.reconciler.probes.readiness.config.initialDelaySeconds }} + initialDelaySeconds: {{ .Values.reconciler.probes.readiness.config.initialDelaySeconds }} + {{- end }} + {{- if .Values.reconciler.probes.readiness.config.periodSeconds }} + periodSeconds: {{ .Values.reconciler.probes.readiness.config.periodSeconds }} + {{- end }} + {{- if .Values.reconciler.probes.readiness.config.timeoutSeconds }} + timeoutSeconds: {{ .Values.reconciler.probes.readiness.config.timeoutSeconds }} + {{- end }} + {{- if .Values.reconciler.probes.readiness.config.successThreshold }} + successThreshold: {{ .Values.reconciler.probes.readiness.config.successThreshold }} + {{- end }} + {{- if .Values.reconciler.probes.readiness.config.failureThreshold }} + failureThreshold: {{ .Values.reconciler.probes.readiness.config.failureThreshold }} + {{- end }} + {{- if .Values.reconciler.probes.readiness.config.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.reconciler.probes.readiness.config.terminationGracePeriodSeconds }} + {{- end }} + {{- end }} + {{- end}} + env: + {{- range $key, $value := .Values.reconciler.configs }} + - name: {{ $key | snakecase | upper }} + valueFrom: + secretKeyRef: + name: reconciler-config + key: {{ $key | snakecase | upper }} + {{- end }} +{{- if .Values.logIngest.enabled }} + volumeMounts: + - name: app-logs + mountPath: {{ .Values.logIngest.logPath }} +{{- end }} +{{- if .Values.logIngest.enabled }} + volumes: + - name: app-logs + emptyDir: {} +{{- end }} \ No newline at end of file diff --git a/freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/ingress.yaml b/freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/ingress.yaml new file mode 100644 index 00000000..3c022c5d --- /dev/null +++ b/freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/ingress.yaml @@ -0,0 +1,36 @@ +{{ $namespace := .Release.Namespace }} +{{ $appVersion := .Chart.AppVersion | quote }} +{{ $releaseIngress := .Release.Service }} +{{ $releaseName := .Release.Name }} +{{- range $ingress := .Values.reconciler.ingresses }} +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $ingress.name }} + namespace: {{ $namespace }} + labels: + app.kubernetes.io/version: {{ $appVersion }} + app.kubernetes.io/name: {{ $ingress.name | quote }} + app.kubernetes.io/managed-by: {{ $releaseIngress }} + app.kubernetes.io/instance: {{ $releaseName }} +spec: +{{- if $ingress.class }} + ingressClassName: {{ $ingress.class }} +{{- end }} +{{- if $ingress.tls }} + tls: + - hosts: + - {{ $ingress.host }} +{{- if $ingress.tls.exists }} + secretName: {{ $ingress.tls.secretRef.name }} +{{- else }} + secretName: {{ $ingress.tls.name }} +{{- end }} +{{- end }} + rules: + - host: {{ $ingress.host }} + http: + paths: +{{- toYaml $ingress.rules | nindent 10 }} +{{- end }} \ No newline at end of file diff --git a/freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/reconciler-config.yaml b/freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/reconciler-config.yaml new file mode 100644 index 00000000..724256ad --- /dev/null +++ b/freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/reconciler-config.yaml @@ -0,0 +1,70 @@ +apiVersion: v1 +kind: Secret +metadata: + name: reconciler-config + namespace: {{ .Release.Namespace }} +type: Opaque +data: + DEBUG: {{ .Values.reconciler.configs.debug | b64enc | quote }} + K8S_CLUSTER_DOMAIN: {{ .Values.reconciler.configs.k8sClusterDomain | b64enc | quote }} + AUTO_DISCOVER_K8S_CLUSTER_DOMAIN_MAX_RETRIES: {{ .Values.reconciler.configs.autoDiscoverK8sClusterDomainMaxRetries | toString | b64enc | quote }} + RABBITMQ_HOST: {{ .Values.reconciler.configs.rabbitmqHost | b64enc | quote }} + RABBITMQ_PORT: {{ .Values.reconciler.configs.rabbitmqPort | toString | b64enc | quote }} + RABBITMQ_USERNAME: {{ .Values.reconciler.configs.rabbitmqUsername | b64enc | quote }} + RABBITMQ_PASSWORD: {{ .Values.reconciler.configs.rabbitmqPassword | b64enc | quote }} + RABBITMQ_VHOST: {{ .Values.reconciler.configs.rabbitmqVhost | b64enc | quote }} + RABBITMQ_INPUT_QUEUE: {{ .Values.reconciler.configs.rabbitmqInputQueue | b64enc | quote }} + RABBITMQ_OUTPUT_QUEUE: {{ .Values.reconciler.configs.rabbitmqOutputQueue | b64enc | quote }} + RABBITMQ_ENABLE_EXCHANGE_BINDING: {{ .Values.reconciler.configs.rabbitmqEnableExchangeBinding | b64enc | quote }} + RABBITMQ_INPUT_EXCHANGE: {{ .Values.reconciler.configs.rabbitmqInputExchange | b64enc | quote }} + RABBITMQ_INPUT_EXCHANGE_TYPE: {{ .Values.reconciler.configs.rabbitmqInputExchangeType | b64enc | quote }} + RABBITMQ_INPUT_ROUTING_KEY: {{ .Values.reconciler.configs.rabbitmqInputRoutingKey | b64enc | quote }} + RABBITMQ_OUTPUT_EXCHANGE: {{ .Values.reconciler.configs.rabbitmqOutputExchange | b64enc | quote }} + RABBITMQ_OUTPUT_ROUTING_KEY: {{ .Values.reconciler.configs.rabbitmqOutputRoutingKey | b64enc | quote }} + JENKINS_ENDPOINT: {{ .Values.reconciler.configs.jenkinsEndpoint | b64enc | quote }} + JENKINS_USERNAME: {{ .Values.reconciler.configs.jenkinsUsername | b64enc | quote }} + JENKINS_TOKEN: {{ .Values.reconciler.configs.jenkinsToken | b64enc | quote }} + JENKINS_API_TIMEOUT: {{ .Values.reconciler.configs.jenkinsApiTimeout | toString | b64enc | quote }} + JENKINS_FOLDER_CREATION_RETRY_COUNT: {{ .Values.reconciler.configs.jenkinsFolderCreationRetryCount | toString | b64enc | quote }} + ARGOCD_ENDPOINT: {{ .Values.reconciler.configs.argocdEndpoint | b64enc | quote }} + ARGOCD_USERNAME: {{ .Values.reconciler.configs.argocdUsername | b64enc | quote }} + ARGOCD_PASSWORD: {{ .Values.reconciler.configs.argocdPassword | b64enc | quote }} + ARGOCD_API_TIMEOUT: {{ .Values.reconciler.configs.argocdApiTimeout | toString | b64enc | quote }} + ARGOCD_RESOURCE_CREATION_TIMEOUT: {{ .Values.reconciler.configs.argocdResourceCreationTimeout | toString | b64enc | quote }} + DEFAULT_GIT_USERNAME: {{ .Values.reconciler.configs.defaultGitUsername | b64enc | quote }} + DEFAULT_GIT_PASSWORD: {{ .Values.reconciler.configs.defaultGitPassword | b64enc | quote }} + DEFAULT_REGISTRY_USERNAME: {{ .Values.reconciler.configs.defaultRegistryUsername | b64enc | quote }} + DEFAULT_REGISTRY_PASSWORD: {{ .Values.reconciler.configs.defaultRegistryPassword | b64enc | quote }} + KUBERNETES_API_TIMEOUT: {{ .Values.reconciler.configs.kubernetesApiTimeout | toString | b64enc | quote }} + DEFAULT_HTTP_TIMEOUT: {{ .Values.reconciler.configs.defaultHttpTimeout | toString | b64enc | quote }} + ALLOW_HTTP_GIT_URLS: {{ .Values.reconciler.configs.allowHttpGitUrls | b64enc | quote }} + LOG_LEVEL: {{ .Values.reconciler.configs.logLevel | b64enc | quote }} + LOG_FORMAT: {{ .Values.reconciler.configs.logFormat | b64enc | quote }} + OPERATOR_NAMESPACE: {{ .Values.reconciler.configs.operatorNamespace | b64enc | quote }} + RECONCILE_INTERVAL: {{ .Values.reconciler.configs.reconcileInterval | toString | b64enc | quote }} + ENABLE_MOCK_SERVICE: {{ .Values.reconciler.configs.enableMockService | b64enc | quote }} + MOCK_SERVICE_PORT: {{ .Values.reconciler.configs.mockServicePort | toString | b64enc | quote }} + DEV_MODE: {{ .Values.reconciler.configs.devMode | b64enc | quote }} + GODADDY_API_KEY: {{ .Values.reconciler.configs.godaddyApiKey | b64enc | quote }} + GODADDY_API_SECRET: {{ .Values.reconciler.configs.godaddyApiSecret | b64enc | quote }} + GODADDY_BASE_DOMAIN: {{ .Values.reconciler.configs.godaddyBaseDomain | b64enc | quote }} + DOMAIN_TEMPLATE: {{ .Values.reconciler.configs.domainTemplate | b64enc | quote }} + INGRESS_CLASS_NAME: {{ .Values.reconciler.configs.ingressClassName | b64enc | quote }} + CERT_MANAGER_CLUSTER_ISSUER: {{ .Values.reconciler.configs.certManagerClusterIssuer | b64enc | quote }} + DNS_CREATION_TIMEOUT: {{ .Values.reconciler.configs.dnsCreationTimeout | toString | b64enc | quote }} + CERTIFICATE_ISSUANCE_TIMEOUT: {{ .Values.reconciler.configs.certificateIssuanceTimeout | toString | b64enc | quote }} + INGRESS_READY_TIMEOUT: {{ .Values.reconciler.configs.ingressReadyTimeout | toString | b64enc | quote }} + NETWORK_RESOURCE_CLEANUP_TIMEOUT: {{ .Values.reconciler.configs.networkResourceCleanupTimeout | toString | b64enc | quote }} + NETWORK_RESOURCE_RETRY_COUNT: {{ .Values.reconciler.configs.networkResourceRetryCount | toString | b64enc | quote }} + NETWORK_RESOURCE_RETRY_DELAY: {{ .Values.reconciler.configs.networkResourceRetryDelay | toString | b64enc | quote }} + SERVICE_API_ACCESS_HOST: {{ .Values.reconciler.configs.serviceApiAccessHost | b64enc | quote }} + SERVICE_API_ACCESS_PORT: {{ .Values.reconciler.configs.serviceApiAccessPort | toString | b64enc | quote }} + MONGODB_NAME: {{ .Values.reconciler.configs.mongodbName | b64enc | quote }} + MONGODB_URI: {{ .Values.reconciler.configs.mongodbUri | b64enc | quote }} + MONGODB_PORT: {{ .Values.reconciler.configs.mongodbPort | toString | b64enc | quote }} + REDIS_URL: {{ .Values.reconciler.configs.redisUrl | b64enc | quote }} + REDIS_IS_CLUSTER: {{ .Values.reconciler.configs.redisIsCluster | b64enc | quote }} + JWT_SECRET_KEY: {{ .Values.reconciler.configs.jwtSecretKey | b64enc | quote }} + JWT_ALGORITHM: {{ .Values.reconciler.configs.jwtAlgorithm | b64enc | quote }} + METRICS_ENABLED: {{ .Values.reconciler.configs.metricsEnabled | b64enc | quote }} + PROBES_ENABLED: {{ .Values.reconciler.configs.probesEnabled | b64enc | quote }} \ No newline at end of file diff --git a/freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/service.yaml b/freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/service.yaml new file mode 100644 index 00000000..5f0803ff --- /dev/null +++ b/freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/service.yaml @@ -0,0 +1,26 @@ +{{ $namespace := .Release.Namespace }} +{{ $appVersion := .Chart.AppVersion | quote }} +{{ $releaseService := .Release.Service }} +{{ $releaseName := .Release.Name }} +{{- range $service := .Values.reconciler.services }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ $service.name }} + namespace: {{ $namespace }} + labels: + app.kubernetes.io/version: {{ $appVersion }} + app.kubernetes.io/name: {{ $service.name | quote }} + app.kubernetes.io/managed-by: {{ $releaseService }} + app.kubernetes.io/instance: {{ $releaseName }} +spec: + ports: + - port: {{ $service.port }} + targetPort: {{ $service.targetPort }} + selector: + app.kubernetes.io/version: {{ $appVersion }} + app.kubernetes.io/name: "reconciler" + app.kubernetes.io/managed-by: {{ $releaseService }} + app.kubernetes.io/instance: {{ $releaseName }} +{{- end }} \ No newline at end of file diff --git a/freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/servicemonitor.yaml b/freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/servicemonitor.yaml new file mode 100644 index 00000000..7deb8c5c --- /dev/null +++ b/freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/servicemonitor.yaml @@ -0,0 +1,40 @@ +{{ $namespace := .Release.Namespace }} +{{ $appVersion := .Chart.AppVersion | quote }} +{{ $releaseService := .Release.Service }} +{{ $releaseName := .Release.Name }} + +{{- range $service := .Values.reconciler.services }} +{{- if $service.serviceMonitor.enabled }} +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ $service.name }}-monitor + namespace: {{ $service.serviceMonitor.namespace }} + labels: + app.kubernetes.io/version: {{ $appVersion }} + app.kubernetes.io/name: {{ $service.name }}-monitor + app.kubernetes.io/managed-by: {{ $releaseService }} + app.kubernetes.io/instance: {{ $releaseName }} + {{- if $service.serviceMonitor.labels }} + {{- toYaml $service.serviceMonitor.labels | nindent 4 }} + {{- end }} +spec: + endpoints: + - path: /api/_/metrics + targetPort: {{ $service.targetPort }} + {{- if $service.serviceMonitor.interval }} + interval: {{ $service.serviceMonitor.interval }} + {{- end }} + {{- if $service.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ $service.serviceMonitor.scrapeTimeout }} + {{- end }} + namespaceSelector: + matchNames: + - {{ $namespace | quote }} + selector: + matchLabels: + app.kubernetes.io/name: {{ $service.name }} + app.kubernetes.io/instance: {{ $releaseName }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/vpa.yaml b/freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/vpa.yaml new file mode 100644 index 00000000..acbdd880 --- /dev/null +++ b/freeleaps-devops-reconciler/helm-pkg/reconciler/templates/reconciler/vpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.reconciler.vpa }} +--- +apiVersion: autoscaling.k8s.io/v1 +kind: VerticalPodAutoscaler +metadata: + name: {{ .Release.Name }}-reconciler-vpa + namespace: {{ .Release.Namespace }} +spec: + targetRef: + apiVersion: apps/v1 + kind: Deployment + name: reconciler + resourcePolicy: + containerPolicies: + - containerName: '*' + {{- if .Values.reconciler.vpa.minAllowed.enabled }} + minAllowed: + cpu: {{ .Values.reconciler.vpa.minAllowed.cpu }} + memory: {{ .Values.reconciler.vpa.minAllowed.memory }} + {{- end }} + {{- if .Values.reconciler.vpa.maxAllowed.enabled }} + maxAllowed: + cpu: {{ .Values.reconciler.vpa.maxAllowed.cpu }} + memory: {{ .Values.reconciler.vpa.maxAllowed.memory }} + {{- end }} + {{- if .Values.reconciler.vpa.controlledResources }} + controlledResources: + {{- range .Values.reconciler.vpa.controlledResources }} + - {{ . }} + {{- end }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/freeleaps-devops-reconciler/helm-pkg/reconciler/values.alpha.yaml b/freeleaps-devops-reconciler/helm-pkg/reconciler/values.alpha.yaml new file mode 100644 index 00000000..9098ac39 --- /dev/null +++ b/freeleaps-devops-reconciler/helm-pkg/reconciler/values.alpha.yaml @@ -0,0 +1,131 @@ +global: + registry: docker.io + repository: freeleaps + nodeSelector: {} +logIngest: + enabled: false +reconciler: + replicas: 1 + image: + registry: + repository: freeleaps + name: reconciler + tag: 1.0.0 + imagePullPolicy: IfNotPresent + ports: + - name: http + containerPort: 8080 + protocol: TCP + resources: + requests: + cpu: "0.1" + memory: "64Mi" + limits: + cpu: "0.2" + memory: "128Mi" + # FIXME: Wait until the developers implements the probes APIs + probes: {} + services: + - name: reconciler-service + type: ClusterIP + port: 8080 + targetPort: 8080 + serviceMonitor: + enabled: false + labels: + release: kube-prometheus-stack + namespace: freeleaps-monitoring-system + interval: 30s + scrapeTimeout: "" + # Defaults to {}, which means doesn't have any ingress + ingresses: {} + configs: + # General + debug: "false" + k8sClusterDomain: "kubernetes.default.svc.cluster.local" + autoDiscoverK8sClusterDomainMaxRetries: 5 + # RabbitMQ + rabbitmqHost: "localhost" + rabbitmqPort: 5672 + rabbitmqUsername: "admin" + rabbitmqPassword: "admin" + rabbitmqVhost: "/" + rabbitmqInputQueue: "freeleaps.devops.reconciler.input" + rabbitmqOutputQueue: "freeleaps.devops.reconciler.output" + rabbitmqEnableExchangeBinding: "true" + rabbitmqInputExchange: "freeleaps.notification.exchange" + rabbitmqInputExchangeType: "direct" + rabbitmqInputRoutingKey: "freeleaps.devops.reconciler.input" + rabbitmqOutputExchange: "freeleaps.notification.exchange" + rabbitmqOutputRoutingKey: "freeleaps.devops.reconciler.output" + # Jenkins + jenkinsEndpoint: "http://localhost:8080" + jenkinsUsername: "admin" + jenkinsToken: "admin" + jenkinsApiTimeout: 30 + jenkinsFolderCreationRetryCount: 3 + # ArgoCD + argocdEndpoint: "http://localhost:8080" + argocdUsername: "admin" + argocdPassword: "admin" + argocdApiTimeout: 30 + argocdResourceCreationTimeout: 30 + # Default Credentials + defaultGitUsername: "admin" + defaultGitPassword: "admin" + defaultRegistryUsername: "admin" + defaultRegistryPassword: "admin" + # API Timeouts + kubernetesApiTimeout: 30 + defaultHttpTimeout: 30 + # Git + allowHttpGitUrls: "false" + # Advanced + logLevel: "INFO" + logFormat: "text" + operatorNamespace: "freeleaps-devops-system" + reconcileInterval: 30 + # Development + enableMockService: "false" + mockServicePort: 5000 + devMode: "false" + # Network Resource Management + godaddyApiKey: "" + godaddyApiSecret: "" + godaddyBaseDomain: "mathmast.com" + domainTemplate: "{env}.{project_id}.mathmast.com" + ingressClassName: "nginx" + certManagerClusterIssuer: "letsencrypt-prod" + dnsCreationTimeout: 300 + certificateIssuanceTimeout: 600 + ingressReadyTimeout: 300 + networkResourceCleanupTimeout: 300 + networkResourceRetryCount: 3 + networkResourceRetryDelay: 30 + # Service + serviceApiAccessHost: "0.0.0.0" + serviceApiAccessPort: "8080" + # MongoDB/Redis (如需可补充) + mongodbName: "" + mongodbUri: "" + mongodbPort: "" + redisUrl: "" + redisIsCluster: "false" + # JWT + jwtSecretKey: "" + jwtAlgorithm: "" + # Metrics/Probes + metricsEnabled: "false" + probesEnabled: "false" + vpa: + minAllowed: + enabled: false + cpu: "0.1" + memory: "64Mi" + maxAllowed: + enabled: true + cpu: "0.2" + memory: "128Mi" + controlledResources: + - cpu + - memory \ No newline at end of file diff --git a/freeleaps-devops-reconciler/helm-pkg/reconciler/values.yaml b/freeleaps-devops-reconciler/helm-pkg/reconciler/values.yaml new file mode 100644 index 00000000..9098ac39 --- /dev/null +++ b/freeleaps-devops-reconciler/helm-pkg/reconciler/values.yaml @@ -0,0 +1,131 @@ +global: + registry: docker.io + repository: freeleaps + nodeSelector: {} +logIngest: + enabled: false +reconciler: + replicas: 1 + image: + registry: + repository: freeleaps + name: reconciler + tag: 1.0.0 + imagePullPolicy: IfNotPresent + ports: + - name: http + containerPort: 8080 + protocol: TCP + resources: + requests: + cpu: "0.1" + memory: "64Mi" + limits: + cpu: "0.2" + memory: "128Mi" + # FIXME: Wait until the developers implements the probes APIs + probes: {} + services: + - name: reconciler-service + type: ClusterIP + port: 8080 + targetPort: 8080 + serviceMonitor: + enabled: false + labels: + release: kube-prometheus-stack + namespace: freeleaps-monitoring-system + interval: 30s + scrapeTimeout: "" + # Defaults to {}, which means doesn't have any ingress + ingresses: {} + configs: + # General + debug: "false" + k8sClusterDomain: "kubernetes.default.svc.cluster.local" + autoDiscoverK8sClusterDomainMaxRetries: 5 + # RabbitMQ + rabbitmqHost: "localhost" + rabbitmqPort: 5672 + rabbitmqUsername: "admin" + rabbitmqPassword: "admin" + rabbitmqVhost: "/" + rabbitmqInputQueue: "freeleaps.devops.reconciler.input" + rabbitmqOutputQueue: "freeleaps.devops.reconciler.output" + rabbitmqEnableExchangeBinding: "true" + rabbitmqInputExchange: "freeleaps.notification.exchange" + rabbitmqInputExchangeType: "direct" + rabbitmqInputRoutingKey: "freeleaps.devops.reconciler.input" + rabbitmqOutputExchange: "freeleaps.notification.exchange" + rabbitmqOutputRoutingKey: "freeleaps.devops.reconciler.output" + # Jenkins + jenkinsEndpoint: "http://localhost:8080" + jenkinsUsername: "admin" + jenkinsToken: "admin" + jenkinsApiTimeout: 30 + jenkinsFolderCreationRetryCount: 3 + # ArgoCD + argocdEndpoint: "http://localhost:8080" + argocdUsername: "admin" + argocdPassword: "admin" + argocdApiTimeout: 30 + argocdResourceCreationTimeout: 30 + # Default Credentials + defaultGitUsername: "admin" + defaultGitPassword: "admin" + defaultRegistryUsername: "admin" + defaultRegistryPassword: "admin" + # API Timeouts + kubernetesApiTimeout: 30 + defaultHttpTimeout: 30 + # Git + allowHttpGitUrls: "false" + # Advanced + logLevel: "INFO" + logFormat: "text" + operatorNamespace: "freeleaps-devops-system" + reconcileInterval: 30 + # Development + enableMockService: "false" + mockServicePort: 5000 + devMode: "false" + # Network Resource Management + godaddyApiKey: "" + godaddyApiSecret: "" + godaddyBaseDomain: "mathmast.com" + domainTemplate: "{env}.{project_id}.mathmast.com" + ingressClassName: "nginx" + certManagerClusterIssuer: "letsencrypt-prod" + dnsCreationTimeout: 300 + certificateIssuanceTimeout: 600 + ingressReadyTimeout: 300 + networkResourceCleanupTimeout: 300 + networkResourceRetryCount: 3 + networkResourceRetryDelay: 30 + # Service + serviceApiAccessHost: "0.0.0.0" + serviceApiAccessPort: "8080" + # MongoDB/Redis (如需可补充) + mongodbName: "" + mongodbUri: "" + mongodbPort: "" + redisUrl: "" + redisIsCluster: "false" + # JWT + jwtSecretKey: "" + jwtAlgorithm: "" + # Metrics/Probes + metricsEnabled: "false" + probesEnabled: "false" + vpa: + minAllowed: + enabled: false + cpu: "0.1" + memory: "64Mi" + maxAllowed: + enabled: true + cpu: "0.2" + memory: "128Mi" + controlledResources: + - cpu + - memory \ No newline at end of file diff --git a/freeleaps/alpha/ci/freeleaps-service-hub/Jenkinsfile b/freeleaps/alpha/ci/freeleaps-service-hub/Jenkinsfile index fc862939..1e4c9072 100644 --- a/freeleaps/alpha/ci/freeleaps-service-hub/Jenkinsfile +++ b/freeleaps/alpha/ci/freeleaps-service-hub/Jenkinsfile @@ -1,4 +1,4 @@ -library 'first-class-pipeline' +library 'first-class-pipeline@Nicolas_local_ops' executeFreeleapsPipeline { serviceName = 'freeleaps'