Skip to content

Commit

Permalink
chore: add support for adding manually created secrets and sentry (#7)
Browse files Browse the repository at this point in the history
  • Loading branch information
@siddhant-deepsource
siddhant-deepsource authored Aug 29, 2023
1 parent 7160a58 commit f3cff67
Show file tree
Hide file tree
Showing 8 changed files with 88 additions and 27 deletions.
4 changes: 2 additions & 2 deletions charts/runner/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,10 +18,10 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 1.0.2
version: 1.1.0

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "v1.0.0-beta.2"
appVersion: "v1.0.0-beta.3"
43 changes: 25 additions & 18 deletions charts/runner/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,24 +2,29 @@

### Runner configuration Parameters

| Name | Description | Value |
| --------------------------------- | -------------------------------------------------------------- | ------- |
| `config.apps` | Configuration values for the VCS apps to be used by the runner | `[]` |
| `config.deepsource.host` | The host of the deepsource remote | `""` |
| `config.deepsource.publicKey` | The public key to use for the deepsource remote | `""` |
| `config.objectStorage.backend` | The backend to use for the object storage (e.g gcs) | `""` |
| `config.objectStorage.bucket` | The bucket to use for the object storage | `""` |
| `config.objectStorage.credential` | The credentials value to use for the object storage | `""` |
| `config.runner.id` | The id of the runner | `""` |
| `config.runner.host` | The host of the runner to use | `""` |
| `config.runner.clientId` | The client id to use for the runner | `""` |
| `config.runner.clientSecret` | The client secret to use for the runner | `""` |
| `config.runner.privateKey` | The private key to use for the runner | `""` |
| `config.runner.webhookSecret` | The webhook secret to use for the runner | `""` |
| `config.saml.enabled` | Whether to enable SAML2.0 authentication | `false` |
| `config.saml.certificate` | The certificate to use for the runner as service provider | `""` |
| `config.saml.key` | The private key to use for the runner as service provider | `""` |
| `config.saml.metadataUrl` | The metadata url to use for the identity provider | `""` |
| Name | Description | Value |
| ----------------------------------- | --------------------------------------------------------------------------- | ------- |
| `config.createSecret` | Whether to create a secret for the runner config | `true` |
| `config.secretName` | The name of the secret to use for the runner, if created externally | `""` |
| `config.apps` | Configuration values for the VCS apps to be used by the runner | `[]` |
| `config.deepsource.host` | The host of the deepsource remote | `""` |
| `config.deepsource.publicKey` | The public key to use for the deepsource remote | `""` |
| `config.objectStorage.createSecret` | Whether to create a secret for the object storage | `true` |
| `config.objectStorage.secretName` | The name of the secret to use for the object storage, if created externally | `""` |
| `config.objectStorage.provider` | The provider to use for the object storage (e.g gcs, s3) | `""` |
| `config.objectStorage.bucket` | The bucket to use for the object storage | `""` |
| `config.objectStorage.credential` | The credentials value to use for the object storage | `""` |
| `config.runner.id` | The id of the runner | `""` |
| `config.runner.host` | The host of the runner to use | `""` |
| `config.runner.clientId` | The client id to use for the runner | `""` |
| `config.runner.clientSecret` | The client secret to use for the runner | `""` |
| `config.runner.privateKey` | The private key to use for the runner | `""` |
| `config.runner.webhookSecret` | The webhook secret to use for the runner | `""` |
| `config.saml.enabled` | Whether to enable SAML2.0 authentication | `false` |
| `config.saml.certificate` | The certificate to use for the runner as service provider | `""` |
| `config.saml.key` | The private key to use for the runner as service provider | `""` |
| `config.saml.metadataUrl` | The metadata url to use for the identity provider | `""` |
| `config.sentry.dsn` | The DSN to use for the sentry integration | `""` |

### Common Parameters

Expand All @@ -29,6 +34,8 @@
| `image.repository` | deepsource runner image repository | `proxy.deepsource.com/images/deepsource-production/runner` |
| `image.pullPolicy` | deepsource runner image pull policy | `Always` |
| `image.tag` | deepsource runner image tag | `""` |
| `imageRegistry.createSecret` | Whether to create a secret for the image registry | `true` |
| `imageRegistry.secretName` | The name of the secret to use for the image registry, if created externally | `""` |
| `imageRegistry.registryUrl` | The registry url to use for the task images | `""` |
| `imageRegistry.username` | The username to use for the image registry | `""` |
| `imageRegistry.password` | The password to use for the image registry | `""` |
Expand Down
4 changes: 3 additions & 1 deletion charts/runner/templates/artifact-secret.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
{{ if .Values.config.objectStorage.createSecret }}
apiVersion: v1
kind: Secret
metadata:
name: "artifacts-credentials"
name: {{ include "runner.fullname" . }}-object-storage
namespace: {{ .Release.Namespace }}
type: Opaque
data:
credentials: {{ .Values.config.objectStorage.credential | b64enc | indent 2 }}
{{ end }}
20 changes: 19 additions & 1 deletion charts/runner/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,11 @@ spec:
{{- include "runner.selectorLabels" . | nindent 8 }}
spec:
imagePullSecrets:
{{- if .Values.imageRegistry.createSecret }}
- name: {{ include "runner.fullname" . }}-image-registry
{{- else }}
- name: {{ .Values.imageRegistry.secretName }}
{{- end }}
serviceAccountName: {{ include "runner.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
Expand All @@ -39,13 +43,23 @@ spec:
- name: RQLITE_PORT
value: "4001"
- name: TASK_IMAGE_PULL_SECRET_NAME
{{- if .Values.imageRegistry.createSecret }}
value: {{ include "runner.fullname" . }}-image-registry
{{- else }}
value: {{ .Values.imageRegistry.secretName }}
{{- end }}
- name: TASK_IMAGE_REGISTRY_URL
value: {{ .Values.imageRegistry.registryUrl }}
- name: TASK_NAMESPACE
value: {{ .Release.Namespace }}
- name: TASK_NODE_SELECTOR
value: {{ .Values.nodeSelector | toYaml | toString | quote }}
- name: TASK_ARTIFACT_SECRET_NAME
{{- if .Values.config.objectStorage.createSecret }}
value: {{ include "runner.fullname" . }}-object-storage
{{- else }}
value: {{ .Values.config.objectStorage.secretName }}
{{- end }}
ports:
- name: http
containerPort: 8080
Expand All @@ -71,7 +85,11 @@ spec:
volumes:
- name: secret
secret:
{{- if .Values.config.createSecret}}
secretName: {{ include "runner.fullname" . }}
{{- else }}
secretName: {{ .Values.config.secretName }}
{{- end }}
items:
- key: config
path: config.yaml
path: config.yaml
6 changes: 4 additions & 2 deletions charts/runner/templates/image-pull-secret.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
{{ if .Values.imageRegistry.createSecret }}
apiVersion: v1
kind: Secret
metadata:
metadata:
name: {{ include "runner.fullname" . }}-image-registry
namespace: {{ .Release.Namespace }}
type: kubernetes.io/dockerconfigjson
Expand All @@ -9,10 +10,11 @@ stringData:
{{- $auth := printf "%s:%s" .Values.imageRegistry.username .Values.imageRegistry.password | b64enc }}
{
"auths": {
"{{ .Values.imageRegistry.registryUrl }}": {
"proxy.deepsource.com": {
"username": "{{ .Values.imageRegistry.username }}",
"password": "{{ .Values.imageRegistry.password }}",
"auth": "{{ $auth }}"
}
}
}
{{ end }}
2 changes: 2 additions & 0 deletions charts/runner/templates/secret.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
{{ if .Values.config.createSecret }}
apiVersion: v1
kind: Secret
metadata:
Expand All @@ -7,3 +8,4 @@ type: Generic
data:
config: |
{{ .Values.config | toYaml | toString | b64enc | indent 4 }}
{{ end }}
10 changes: 9 additions & 1 deletion charts/runner/values.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@
"objectStorage": {
"type": "object",
"properties": {
"backend": {
"provider": {
"type": "string"
},
"bucket": {
Expand All @@ -72,6 +72,14 @@
"type": "string"
}
}
},
"sentry": {
"type": "object",
"properties": {
"dsn": {
"type": "string"
}
}
}
}
},
Expand Down
26 changes: 24 additions & 2 deletions charts/runner/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,12 @@
## The configuration values for deepsource runner, this will create a secret to be used by the runner
##
config:
## @param config.createSecret Whether to create a secret for the runner config
##
createSecret: true
## @param config.secretName The name of the secret to use for the runner, if created externally
##
secretName: ""
## @param config.apps Configuration values for the VCS apps to be used by the runner
## apps:
## - id: app1
Expand All @@ -29,9 +35,15 @@ config:
## Configuration values for the object storage to use for the runner
##
objectStorage:
## @param config.objectStorage.backend The backend to use for the object storage (e.g gcs)
## @param config.objectStorage.createSecret Whether to create a secret for the object storage
##
createSecret: true
## @param config.objectStorage.secretName The name of the secret to use for the object storage, if created externally
##
backend: ""
secretName: ""
## @param config.objectStorage.provider The provider to use for the object storage (e.g gcs, s3)
##
provider: ""
## @param config.objectStorage.bucket The bucket to use for the object storage
##
bucket: ""
Expand Down Expand Up @@ -73,6 +85,12 @@ config:
key: ""
## @param config.saml.metadataUrl The metadata url to use for the identity provider
metadataUrl: ""
## Configuration values for the sentry integration
##
sentry:
## @param config.sentry.dsn The DSN to use for the sentry integration
##
dsn: ""

## @section Common Parameters
##
Expand All @@ -92,10 +110,14 @@ image:
tag: ""

## Deepsource runner image registry configuration
## @param imageRegistry.createSecret Whether to create a secret for the image registry
## @param imageRegistry.secretName The name of the secret to use for the image registry, if created externally
## @param imageRegistry.registryUrl The registry url to use for the task images
## @param imageRegistry.username The username to use for the image registry
## @param imageRegistry.password The password to use for the image registry
imageRegistry:
createSecret: true
secretName: ""
registryUrl: ""
username: ""
password: ""
Expand Down

0 comments on commit f3cff67

Please sign in to comment.