From 9a5f2b8fea94c4848965b2cb4e72cf6bcce70bd2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moritz=20J=C3=B6rg?= Date: Thu, 7 May 2026 17:24:14 +0200 Subject: [PATCH] feat: Initial fap(r) stubs with for prod/staging --- charts/fapr/Chart.yaml | 6 ++ charts/fapr/templates/_helpers.tpl | 61 +++++++++++++ charts/fapr/templates/deployment.yaml | 85 +++++++++++++++++++ charts/fapr/templates/pvc.yaml | 21 +++++ charts/fapr/templates/redis.yaml | 49 +++++++++++ charts/fapr/templates/service.yaml | 15 ++++ charts/fapr/templates/serviceaccount.yaml | 12 +++ charts/fapr/values.yaml | 67 +++++++++++++++ helmfile.d/fapr.yaml.gotmpl | 39 +++++++++ values/fapr/env-ekman.yaml.gotmpl | 2 + values/fapr/env.yaml.gotmpl | 4 + values/fapr/kustomize/base/kustomization.yaml | 4 + .../kustomize/prod-ekman/appsettings.json | 20 +++++ .../kustomize/prod-ekman/cron-bindings.yaml | 77 +++++++++++++++++ .../prod-ekman/deployment_patch.yaml | 3 + .../kustomize/prod-ekman/kustomization.yaml | 21 +++++ values/fapr/kustomize/prod-ekman/pv.yaml | 22 +++++ values/fapr/kustomize/prod-ekman/pvc.yaml | 13 +++ values/fapr/kustomize/prod-ekman/secrets.yaml | 6 ++ .../kustomize/prod-ekman/secretstore.yaml | 12 +++ .../fapr/kustomize/prod-ekman/statestore.yaml | 22 +++++ values/fapr/kustomize/prod-ekman/tracing.yaml | 11 +++ values/fapr/manifests/fapr.yaml | 42 +++++++++ values/fapr/values/values-prod.yaml | 55 ++++++++++++ values/fapr/values/values.yaml | 1 + 25 files changed, 670 insertions(+) create mode 100644 charts/fapr/Chart.yaml create mode 100644 charts/fapr/templates/_helpers.tpl create mode 100644 charts/fapr/templates/deployment.yaml create mode 100644 charts/fapr/templates/pvc.yaml create mode 100644 charts/fapr/templates/redis.yaml create mode 100644 charts/fapr/templates/service.yaml create mode 100644 charts/fapr/templates/serviceaccount.yaml create mode 100644 charts/fapr/values.yaml create mode 100644 helmfile.d/fapr.yaml.gotmpl create mode 100644 values/fapr/env-ekman.yaml.gotmpl create mode 100644 values/fapr/env.yaml.gotmpl create mode 100644 values/fapr/kustomize/base/kustomization.yaml create mode 100644 values/fapr/kustomize/prod-ekman/appsettings.json create mode 100644 values/fapr/kustomize/prod-ekman/cron-bindings.yaml create mode 100644 values/fapr/kustomize/prod-ekman/deployment_patch.yaml create mode 100644 values/fapr/kustomize/prod-ekman/kustomization.yaml create mode 100644 values/fapr/kustomize/prod-ekman/pv.yaml create mode 100644 values/fapr/kustomize/prod-ekman/pvc.yaml create mode 100644 values/fapr/kustomize/prod-ekman/secrets.yaml create mode 100644 values/fapr/kustomize/prod-ekman/secretstore.yaml create mode 100644 values/fapr/kustomize/prod-ekman/statestore.yaml create mode 100644 values/fapr/kustomize/prod-ekman/tracing.yaml create mode 100644 values/fapr/manifests/fapr.yaml create mode 100644 values/fapr/values/values-prod.yaml create mode 100644 values/fapr/values/values.yaml diff --git a/charts/fapr/Chart.yaml b/charts/fapr/Chart.yaml new file mode 100644 index 00000000..32c730f5 --- /dev/null +++ b/charts/fapr/Chart.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +name: fapr +description: A Helm chart for Fapr (F# Dapr workflow orchestrator) +type: application +version: v0.1.0 +appVersion: v0.1.0 diff --git a/charts/fapr/templates/_helpers.tpl b/charts/fapr/templates/_helpers.tpl new file mode 100644 index 00000000..d4704c9a --- /dev/null +++ b/charts/fapr/templates/_helpers.tpl @@ -0,0 +1,61 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "fapr.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +*/}} +{{- define "fapr.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "fapr.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "fapr.labels" -}} +helm.sh/chart: {{ include "fapr.chart" . }} +{{ include "fapr.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "fapr.selectorLabels" -}} +app.kubernetes.io/name: {{ include "fapr.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "fapr.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "fapr.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} diff --git a/charts/fapr/templates/deployment.yaml b/charts/fapr/templates/deployment.yaml new file mode 100644 index 00000000..68c330c2 --- /dev/null +++ b/charts/fapr/templates/deployment.yaml @@ -0,0 +1,85 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "fapr.fullname" . }} + labels: + {{- include "fapr.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "fapr.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "fapr.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "fapr.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + env: + {{- toYaml .Values.env | nindent 12 }} + livenessProbe: + httpGet: + path: /healthz + port: http + initialDelaySeconds: 5 + periodSeconds: 15 + readinessProbe: + httpGet: + path: /healthz + port: http + initialDelaySeconds: 3 + periodSeconds: 10 + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + - name: data + mountPath: /data + - name: appsettings + mountPath: /app/appsettings.json + subPath: appsettings.json + readOnly: true + volumes: + - name: data + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Values.persistence.existingClaim | default (include "fapr.fullname" .) }} + {{- else }} + emptyDir: {} + {{- end }} + - name: appsettings + configMap: + name: {{ include "fapr.fullname" . }}-appsettings + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/fapr/templates/pvc.yaml b/charts/fapr/templates/pvc.yaml new file mode 100644 index 00000000..5346f697 --- /dev/null +++ b/charts/fapr/templates/pvc.yaml @@ -0,0 +1,21 @@ +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "fapr.fullname" . }} + labels: +{{ include "fapr.labels" . | indent 4 }} +spec: + accessModes: + - {{ .Values.persistence.accessMode | quote }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/fapr/templates/redis.yaml b/charts/fapr/templates/redis.yaml new file mode 100644 index 00000000..41480a89 --- /dev/null +++ b/charts/fapr/templates/redis.yaml @@ -0,0 +1,49 @@ +{{- if .Values.redis.enabled -}} +apiVersion: dragonflydb.io/v1alpha1 +kind: Dragonfly +metadata: + name: {{ include "fapr.fullname" . }}-redis + namespace: {{ .Release.Namespace }} + annotations: + linkerd.io/inject: disabled + labels: + app.kubernetes.io/created-by: dragonfly-operator + {{- include "fapr.labels" . | nindent 4 }} +spec: + args: + - --dbfilename=dump + - --maxmemory=$(MAX_MEMORY)Mi + - --proactor_threads=1 + - --logtostderr + - --save_schedule= + env: + - name: MAX_MEMORY + valueFrom: + resourceFieldRef: + resource: limits.memory + divisor: 1Mi + replicas: {{ .Values.redis.replicas | default "1" }} + resources: + requests: + cpu: {{ .Values.redis.resources.cpu | default "100m" }} + memory: {{ .Values.redis.resources.memory | default "128Mi" }} + limits: + memory: {{ .Values.redis.resources.memory | default "128Mi" }} + authentication: + passwordFromSecret: + name: {{ .Values.redis.secret.name | default (printf "%s-redis" (include "fapr.fullname" .)) | quote }} + key: {{ .Values.redis.secret.key | quote }} + {{- if .Values.redis.backup.enabled }} + snapshot: + dir: /data + cron: "0 3 * * *" + enableOnMasterOnly: false + persistentVolumeClaimSpec: + storageClassName: {{ .Values.redis.storageClass | default "managed-nfs-storage" }} + accessModes: + - ReadWriteOnce + resources: + requests: + storage: {{ .Values.redis.size | default "1Gi" }} + {{- end }} +{{- end }} diff --git a/charts/fapr/templates/service.yaml b/charts/fapr/templates/service.yaml new file mode 100644 index 00000000..a280037b --- /dev/null +++ b/charts/fapr/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "fapr.fullname" . }} + labels: + {{- include "fapr.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "fapr.selectorLabels" . | nindent 4 }} diff --git a/charts/fapr/templates/serviceaccount.yaml b/charts/fapr/templates/serviceaccount.yaml new file mode 100644 index 00000000..bd31322d --- /dev/null +++ b/charts/fapr/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "fapr.serviceAccountName" . }} + labels: + {{- include "fapr.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/fapr/values.yaml b/charts/fapr/values.yaml new file mode 100644 index 00000000..4b10c233 --- /dev/null +++ b/charts/fapr/values.yaml @@ -0,0 +1,67 @@ +# Default values for fapr. + +replicaCount: 1 +image: + repository: git.oceanbox.io/oceanbox/fapr/fapr + tag: v0.1.0 + pullPolicy: IfNotPresent +env: + - name: APP_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: APP_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace +imagePullSecrets: + - name: gitlab-pull-secret +nameOverride: "" +fullnameOverride: "" +serviceAccount: + create: true + annotations: {} + name: "" +podAnnotations: {} +podSecurityContext: + fsGroup: 0 +securityContext: + capabilities: + drop: + - ALL + readOnlyRootFilesystem: false + runAsNonRoot: false + runAsUser: 0 +service: + type: ClusterIP + port: 8080 +persistence: + enabled: true + existingClaim: "" + size: 1Gi + storageClass: "ceph-rbd" + accessMode: ReadWriteMany +redis: + enabled: true + replicas: 1 + backup: + enabled: false + size: 1Gi + storageClass: "ceph-rbd" + secret: + name: "" + key: "redis-password" + resources: + cpu: 100m + memory: 128Mi +resources: {} +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 3 + targetCPUUtilizationPercentage: 80 +serviceMonitor: + enabled: false +nodeSelector: {} +tolerations: [] +affinity: {} diff --git a/helmfile.d/fapr.yaml.gotmpl b/helmfile.d/fapr.yaml.gotmpl new file mode 100644 index 00000000..cc7bbce2 --- /dev/null +++ b/helmfile.d/fapr.yaml.gotmpl @@ -0,0 +1,39 @@ +bases: + - ../envs/environments.yaml.gotmpl + +commonLabels: + tier: oceanbox + +releases: +- name: {{ .Environment.Name }}-fapr + namespace: {{ .Environment.Name }}-fapr + chart: ../charts/fapr + condition: fapr.enabled + values: + - ../values/fapr/values/values.yaml + - ../values/fapr/values/values-{{ .Environment.Name }}.yaml + - ../values/fapr/values/values-{{ .Environment.Name }}-{{ requiredEnv "ARGOCD_ENV_CLUSTER_NAME" }}.yaml + postRenderer: ../bin/kustomizer + postRendererArgs: + - ../values/fapr/kustomize/{{ .Environment.Name }}-{{ requiredEnv "ARGOCD_ENV_CLUSTER_NAME" }} + missingFileHandler: Info +- name: manifests + namespace: {{ .Environment.Name }}-fapr + chart: manifests + condition: fapr.enabled + missingFileHandler: Info + values: + - ../values/env.yaml + - ../values/env-{{ requiredEnv "ARGOCD_ENV_CLUSTER_NAME" }}.yaml + - ../values/fapr/env.yaml.gotmpl + - ../values/fapr/env-{{ requiredEnv "ARGOCD_ENV_CLUSTER_NAME" }}.yaml.gotmpl + hooks: + - events: [ prepare, cleanup ] + showlogs: true + command: ../bin/helmify + args: + - '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}' + - '{{`{{ .Release.Chart }}`}}' + - '{{`{{ .Environment.Name }}`}}' + - ../values/fapr/manifests + - manifests diff --git a/values/fapr/env-ekman.yaml.gotmpl b/values/fapr/env-ekman.yaml.gotmpl new file mode 100644 index 00000000..cf0945b0 --- /dev/null +++ b/values/fapr/env-ekman.yaml.gotmpl @@ -0,0 +1,2 @@ +fapr: + enabled: true diff --git a/values/fapr/env.yaml.gotmpl b/values/fapr/env.yaml.gotmpl new file mode 100644 index 00000000..889f349b --- /dev/null +++ b/values/fapr/env.yaml.gotmpl @@ -0,0 +1,4 @@ +fapr: + enabled: true + autosync: {{ if or (eq .Environment.Name "prod") (eq .Environment.Name "beta") }}false{{ else }}true{{ end }} + env: {{ .Environment.Name }} diff --git a/values/fapr/kustomize/base/kustomization.yaml b/values/fapr/kustomize/base/kustomization.yaml new file mode 100644 index 00000000..57f354b1 --- /dev/null +++ b/values/fapr/kustomize/base/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - _manifest.yaml diff --git a/values/fapr/kustomize/prod-ekman/appsettings.json b/values/fapr/kustomize/prod-ekman/appsettings.json new file mode 100644 index 00000000..5c8744c8 --- /dev/null +++ b/values/fapr/kustomize/prod-ekman/appsettings.json @@ -0,0 +1,20 @@ +{ + "appName": "fapr", + "appEnv": "prod", + "logLevel": "Information", + "aromeOutputDir": "/data/hdd/data/AROME", + "aromeStartDate": "2026-04-24", + "nveOutputDir": "/data/hdd/data/river-data/Data", + "nveNdays": 5000, + "nveApiUrl": "https://chartserver.nve.no/ShowData.aspx?req=getchart&ver=1.0", + "riverrunBinary": "/app/riverrun", + "norshelfOutputDir": "/data/hdd/data/norshelf/sea_norshelf_files", + "norshelfStartDate": "2026-03-01", + "nemoOutputDir": "/data/hdd/data/NEMO", + "copernicusmarineBinary": "/usr/local/bin/copernicusmarine", + "copernicusUsername": "", + "copernicusPassword": "", + "murOutputDir": "/data/hdd/data/river-data/MUR/MUR_SST_nc", + "netrcPath": "/root/.netrc", + "norkystOutputDir": "/data/hdd/data/norkyst" +} diff --git a/values/fapr/kustomize/prod-ekman/cron-bindings.yaml b/values/fapr/kustomize/prod-ekman/cron-bindings.yaml new file mode 100644 index 00000000..0b6ab86a --- /dev/null +++ b/values/fapr/kustomize/prod-ekman/cron-bindings.yaml @@ -0,0 +1,77 @@ +apiVersion: dapr.io/v1alpha1 +kind: Component +metadata: + name: cron-arome +spec: + type: bindings.cron + version: v1 + metadata: + - name: schedule + value: "0 6 * * *" +scopes: + - prod-fapr +--- +apiVersion: dapr.io/v1alpha1 +kind: Component +metadata: + name: cron-nve +spec: + type: bindings.cron + version: v1 + metadata: + - name: schedule + value: "0 8 * * *" +scopes: + - prod-fapr +--- +apiVersion: dapr.io/v1alpha1 +kind: Component +metadata: + name: cron-norshelf +spec: + type: bindings.cron + version: v1 + metadata: + - name: schedule + value: "0 13 * * *" +scopes: + - prod-fapr +--- +apiVersion: dapr.io/v1alpha1 +kind: Component +metadata: + name: cron-nemo +spec: + type: bindings.cron + version: v1 + metadata: + - name: schedule + value: "0 13 * * *" +scopes: + - prod-fapr +--- +apiVersion: dapr.io/v1alpha1 +kind: Component +metadata: + name: cron-mur +spec: + type: bindings.cron + version: v1 + metadata: + - name: schedule + value: "0 6 * * *" +scopes: + - prod-fapr +--- +apiVersion: dapr.io/v1alpha1 +kind: Component +metadata: + name: cron-norkyst +spec: + type: bindings.cron + version: v1 + metadata: + - name: schedule + value: "0 13 * * *" +scopes: + - prod-fapr diff --git a/values/fapr/kustomize/prod-ekman/deployment_patch.yaml b/values/fapr/kustomize/prod-ekman/deployment_patch.yaml new file mode 100644 index 00000000..816eb266 --- /dev/null +++ b/values/fapr/kustomize/prod-ekman/deployment_patch.yaml @@ -0,0 +1,3 @@ +- op: add + path: /spec/template/spec/containers/0/envFrom + value: [] diff --git a/values/fapr/kustomize/prod-ekman/kustomization.yaml b/values/fapr/kustomize/prod-ekman/kustomization.yaml new file mode 100644 index 00000000..49177031 --- /dev/null +++ b/values/fapr/kustomize/prod-ekman/kustomization.yaml @@ -0,0 +1,21 @@ +generatorOptions: + disableNameSuffixHash: true +configMapGenerator: + - name: prod-fapr-appsettings + files: + - appsettings.json +patches: + - target: + group: apps + version: v1 + kind: Deployment + path: deployment_patch.yaml +resources: + - ../base + - pv.yaml + - pvc.yaml + - secrets.yaml + - secretstore.yaml + - statestore.yaml + - tracing.yaml + - cron-bindings.yaml diff --git a/values/fapr/kustomize/prod-ekman/pv.yaml b/values/fapr/kustomize/prod-ekman/pv.yaml new file mode 100644 index 00000000..11ff1f2c --- /dev/null +++ b/values/fapr/kustomize/prod-ekman/pv.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: pv-prod-fapr-ceph-data +spec: + accessModes: + - ReadWriteMany + capacity: + storage: 1Gi + csi: + driver: rook-ceph.cephfs.csi.ceph.com + nodeStageSecretRef: + name: rook-csi-cephfs-node + namespace: rook-ceph + volumeAttributes: + clusterID: rook-ceph + fsName: data + rootPath: / + staticVolume: "true" + volumeHandle: pv-prod-fapr-ceph-data + persistentVolumeReclaimPolicy: Retain + volumeMode: Filesystem diff --git a/values/fapr/kustomize/prod-ekman/pvc.yaml b/values/fapr/kustomize/prod-ekman/pvc.yaml new file mode 100644 index 00000000..ae4856b7 --- /dev/null +++ b/values/fapr/kustomize/prod-ekman/pvc.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: prod-fapr-ceph-data +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 1Gi + storageClassName: "" + volumeMode: Filesystem + volumeName: pv-prod-fapr-ceph-data diff --git a/values/fapr/kustomize/prod-ekman/secrets.yaml b/values/fapr/kustomize/prod-ekman/secrets.yaml new file mode 100644 index 00000000..5019a8b5 --- /dev/null +++ b/values/fapr/kustomize/prod-ekman/secrets.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Secret +metadata: + name: prod-fapr-redis +type: Opaque +data: diff --git a/values/fapr/kustomize/prod-ekman/secretstore.yaml b/values/fapr/kustomize/prod-ekman/secretstore.yaml new file mode 100644 index 00000000..586de05c --- /dev/null +++ b/values/fapr/kustomize/prod-ekman/secretstore.yaml @@ -0,0 +1,12 @@ +apiVersion: dapr.io/v1alpha1 +kind: Component +metadata: + name: secretstore +spec: + type: secretstores.kubernetes + version: v1 + metadata: + - name: defaultNamespace + value: prod-fapr +scopes: + - prod-fapr diff --git a/values/fapr/kustomize/prod-ekman/statestore.yaml b/values/fapr/kustomize/prod-ekman/statestore.yaml new file mode 100644 index 00000000..930883e9 --- /dev/null +++ b/values/fapr/kustomize/prod-ekman/statestore.yaml @@ -0,0 +1,22 @@ +apiVersion: dapr.io/v1alpha1 +kind: Component +metadata: + name: statestore +spec: + type: state.redis + version: v1 + metadata: + - name: redisHost + value: prod-fapr-redis:6379 + - name: redisUsername + value: default + - name: redisPassword + secretKeyRef: + name: prod-fapr-redis + key: redis-password + - name: actorStateStore + value: "true" + - name: redisDB + value: "0" +scopes: + - prod-fapr diff --git a/values/fapr/kustomize/prod-ekman/tracing.yaml b/values/fapr/kustomize/prod-ekman/tracing.yaml new file mode 100644 index 00000000..4c4c318c --- /dev/null +++ b/values/fapr/kustomize/prod-ekman/tracing.yaml @@ -0,0 +1,11 @@ +apiVersion: dapr.io/v1alpha1 +kind: Configuration +metadata: + name: tracing +spec: + tracing: + samplingRate: "1" + otel: + endpointAddress: "10.255.241.12:4317" + protocol: grpc + isSecure: false diff --git a/values/fapr/manifests/fapr.yaml b/values/fapr/manifests/fapr.yaml new file mode 100644 index 00000000..e6ad3d5d --- /dev/null +++ b/values/fapr/manifests/fapr.yaml @@ -0,0 +1,42 @@ +{{ if .Values.clusterConfig.argo.enabled }} +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: {{ .Values.fapr.env }}-fapr + namespace: argocd + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + argocd.argoproj.io/compare-options: ServerSideDiff=true + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + destination: + namespace: {{ .Values.fapr.env }}-fapr + server: https://kubernetes.default.svc + project: atlantis + sources: + - repoURL: {{ .Values.clusterConfig.manifests }} + targetRevision: HEAD + path: helmfile.d + plugin: + name: helmfile-cmp + env: + - name: CLUSTER_NAME + value: {{ .Values.clusterConfig.cluster }} + - name: HELMFILE_ENVIRONMENT + value: {{ .Values.fapr.env }} + - name: HELMFILE_FILE_PATH + value: fapr.yaml.gotmpl + - repoURL: https://git.oceanbox.io/platform/manifests.git + targetRevision: main + ref: values + syncPolicy: + syncOptions: + - CreateNamespace=true + - ApplyOutOfSyncOnly=true + {{- if .Values.fapr.autosync }} + automated: + prune: true + selfHeal: false + {{- end }} +{{- end }} diff --git a/values/fapr/values/values-prod.yaml b/values/fapr/values/values-prod.yaml new file mode 100644 index 00000000..d850418e --- /dev/null +++ b/values/fapr/values/values-prod.yaml @@ -0,0 +1,55 @@ +replicaCount: 1 + +podAnnotations: + dapr.io/enabled: "true" + dapr.io/app-id: "prod-fapr" + dapr.io/app-port: "8080" + dapr.io/api-token-secret: "dapr-api-token" + dapr.io/config: "tracing" + dapr.io/app-protocol: "http" + dapr.io/log-as-json: "true" + dapr.io/sidecar-cpu-request: "10m" + dapr.io/sidecar-memory-request: "50Mi" + +env: + - name: APP_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: APP_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: DAPR_API_TOKEN + valueFrom: + secretKeyRef: + name: dapr-api-token + key: token + +persistence: + enabled: true + existingClaim: prod-fapr-ceph-data + +redis: + enabled: true + replicas: 1 + backup: + enabled: true + size: 2Gi + storageClass: "ceph-rbd" + secret: + name: "prod-fapr-redis" + key: "redis-password" + resources: + cpu: 100m + memory: 128Mi + +affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "topology.kubernetes.io/group" + operator: In + values: + - srv diff --git a/values/fapr/values/values.yaml b/values/fapr/values/values.yaml new file mode 100644 index 00000000..a0446d51 --- /dev/null +++ b/values/fapr/values/values.yaml @@ -0,0 +1 @@ +# Base values for fapr - overridden per environment