diff --git a/docs/helm/index.yaml b/docs/helm/index.yaml new file mode 100644 index 000000000..850bb89fc --- /dev/null +++ b/docs/helm/index.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +entries: + notify-bc: + - apiVersion: v2 + appVersion: "5.0" + created: "2024-01-12T15:48:31.2306-08:00" + dependencies: + - name: mongodb + repository: https://charts.bitnami.com/bitnami + version: 14.3.2 + - condition: redis.enabled + name: redis + repository: https://charts.bitnami.com/bitnami + version: 16.13.2 + description: NotifyBC Helm chart for Kubernetes + digest: 8f2985912a30ca0429151dc5e8220b17ee261500e0149ddebcede3f74160d3a5 + icon: https://raw.githubusercontent.com/bcgov/NotifyBC/main/favicon.ico + name: notify-bc + type: application + urls: + - notify-bc-2.0.0.tgz + version: 2.0.0 +generated: "2024-01-12T15:48:31.217156-08:00" diff --git a/docs/helm/notify-bc-2.0.0.tgz b/docs/helm/notify-bc-2.0.0.tgz new file mode 100644 index 000000000..febafcc5f Binary files /dev/null and b/docs/helm/notify-bc-2.0.0.tgz differ diff --git a/helm/README.md b/helm/README.md new file mode 100644 index 000000000..acedeb8db --- /dev/null +++ b/helm/README.md @@ -0,0 +1,23 @@ +## Creating new versions of this chart +1. Update the `version` property in `helm/Chart.yaml` to the desired version number. +2. From the `helm/` directory, run the command `helm package ./` to create a `.tgz` package for the new version. +3. Move the new `.tgz` file to the `docs/` directory (`mv notify-bc-[version].tgz ../docs/helm`). +4. Update `docs/helm/index.yaml` to list the new package (`helm repo index ../docs/helm`). + +## Deploying to OpenShift +1. In this example we will be deploying to `dev`, so a file named `values.dev.local.yaml` should exist and contain values specific to the `dev` instance. +1. Run `helm install dev -f platform-specific/openshift.yaml -f values.yaml -f values.dev.local.yaml ./` + - If a deployment already exists, run `helm uninstall dev` to remove it, then repeat the command above. +1. To deploy to `test`, replace `dev` with `test` in the above example. + +## Deploying BuildConfig and ImageStream for NotifyBC application +```bash +# Step 1 - Go to helm/ directory of repo +cd helm +# Step 2 - Login to OpenShift oc command line +oc login --token=secret-token --server=https://myopnshift.com +# Step 3 - Choose the tools folder +oc project 12345-tools +# step 4 - Apply deployment file +oc apply -f deployments/openshift/notify-build.yaml +``` diff --git a/helm/deployments/openshift/notify-build.yaml b/helm/deployments/openshift/notify-build.yaml new file mode 100644 index 000000000..e40c935a4 --- /dev/null +++ b/helm/deployments/openshift/notify-build.yaml @@ -0,0 +1,48 @@ +# ImageStream api-run +apiVersion: image.openshift.io/v1 +kind: ImageStream +metadata: + annotations: + description: Image for the notify application + labels: + role: app + name: notify-bc + +--- +# BuildConfig api-run +apiVersion: build.openshift.io/v1 +kind: BuildConfig +metadata: + annotations: + description: Image Build for notify bc application + labels: + role: app + name: notify-bc +spec: + failedBuildsHistoryLimit: 1 + successfulBuildsHistoryLimit: 2 + strategy: + dockerStrategy: + from: + kind: DockerImage + name: node:20.9.0-slim + incremental: false + type: Docker + source: + contextDir: ./ + git: + ref: main + uri: https://github.com/bcgov/NotifyBC.git + type: Git + output: + to: + kind: ImageStreamTag + name: notify-bc:latest + resources: + limits: + cpu: "2" + memory: 2Gi + requests: + cpu: "1.5" + memory: 1.5Gi + runPolicy: Serial \ No newline at end of file diff --git a/helm/templates/network-policy-app-ingress.yaml b/helm/templates/network-policy-app-ingress.yaml new file mode 100644 index 000000000..2c116d843 --- /dev/null +++ b/helm/templates/network-policy-app-ingress.yaml @@ -0,0 +1,20 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: allow-app-ingress + labels: + {{- include "NotifyBC.labels" . | nindent 4 }} +spec: + podSelector: + matchLabels: + app.kubernetes.io/name: {{ include "NotifyBC.name" . }}-app + ingress: + - ports: + - protocol: TCP + port: 3000 + from: + - namespaceSelector: + matchLabels: + network.openshift.io/policy-group: ingress + policyTypes: + - Ingress \ No newline at end of file diff --git a/helm/templates/network-policy-db-ingress.yaml b/helm/templates/network-policy-db-ingress.yaml new file mode 100644 index 000000000..a21315df1 --- /dev/null +++ b/helm/templates/network-policy-db-ingress.yaml @@ -0,0 +1,16 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: allow-db-ingress + labels: + {{- include "NotifyBC.labels" . | nindent 4 }} +spec: + podSelector: + matchLabels: + app.kubernetes.io/component: mongodb + ingress: + - ports: + - protocol: TCP + port: 27017 + policyTypes: + - Ingress \ No newline at end of file diff --git a/helm/templates/network-policy-redis-ingress.yaml b/helm/templates/network-policy-redis-ingress.yaml new file mode 100644 index 000000000..c23295066 --- /dev/null +++ b/helm/templates/network-policy-redis-ingress.yaml @@ -0,0 +1,22 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: allow-redis-ingress + labels: + {{- include "NotifyBC.labels" . | nindent 4 }} +spec: + podSelector: + matchLabels: + app.kubernetes.io/name: redis + ingress: + - ports: + - protocol: TCP + port: 6379 + - protocol: TCP + port: 26379 + from: + - podSelector: + matchLabels: + app.kubernetes.io/name: {{ include "NotifyBC.name" . }}-app + policyTypes: + - Ingress \ No newline at end of file diff --git a/helm/templates/route-smtp.yaml b/helm/templates/route-smtp.yaml index d13309eb1..b291ac9f2 100644 --- a/helm/templates/route-smtp.yaml +++ b/helm/templates/route-smtp.yaml @@ -1,3 +1,4 @@ +{{- if .Values.service.smtp.enabled -}} {{- if .Capabilities.APIVersions.Has "route.openshift.io/v1/Route" }} {{- $fullName := include "NotifyBC.fullname" . -}} apiVersion: route.openshift.io/v1 @@ -18,3 +19,4 @@ spec: kind: Service name: {{ $fullName }} {{- end }} +{{- end }}