diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 92855aaf..0cf90750 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -108,24 +108,6 @@ jobs: push: true tags: ${{ steps.buildvars.outputs.image_tags }} - - name: Set Helm Chart Version - env: - DEBIAN_FRONTEND: noninteractive - if: ${{ github.event.inputs.publish == 'true' }} - run: | - echo "Setting version ${{ steps.semver.outputs.nextStrict }}..." - sed -i -r -e "s|^version: .*$|version: '${{ steps.semver.outputs.nextStrict }}'|" helm/Chart.yaml - sed -i -r -e "s|^appVersion: ".*"$|appVersion: '${{ steps.semver.outputs.nextStrict }}'|" helm/Chart.yaml - - - - name: Package and Push Chart - if: ${{ github.event.inputs.publish == 'true' }} - run: | - helm plugin install https://github.com/chartmuseum/helm-push.git - helm repo add chartmuseum https://charts.ietf.org - helm cm-push --version="${{ steps.semver.outputs.nextStrict }}" --username="${{ secrets.HELM_REPO_USERNAME }}" --password="${{ secrets.HELM_REPO_PASSWORD }}" helm/ chartmuseum - helm repo remove chartmuseum - - name: Update CHANGELOG id: changelog uses: Requarks/changelog-action@v1 diff --git a/.github/workflows/helm-checks.yml b/.github/workflows/helm-checks.yml deleted file mode 100644 index 5267f713..00000000 --- a/.github/workflows/helm-checks.yml +++ /dev/null @@ -1,26 +0,0 @@ -name: Helm Config Check - -on: - push: - branches: [ main ] - paths: - - 'helm/**' - pull_request: - branches: [ main ] - paths: - - 'helm/**' - -jobs: - helm-config-check: - runs-on: ubuntu-latest - - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Set up Helm - uses: azure/setup-helm@v3 - - - name: Lint Helm Chart - run: | - helm lint ./helm diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 9d2afb2a..788f06ea 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -72,168 +72,3 @@ Replace "`http://localhost:8001`" with the URL of your running website. ## Deploying See the [deployment section](README.md#deployment) - -## Running Kubernetes Locally - -### Prerequisites - -- `kubectl` - - See [Install Tools](https://kubernetes.io/docs/tasks/tools/) (kubernetes.io) for more info. - -- `minikube` - - See [Install Tools](https://kubernetes.io/docs/tasks/tools/) (kubernetes.io) for more info. - -- `helm` - - See [Installing Helm](https://helm.sh/docs/intro/install/) (helm.sh) for more info. - -- Docker image: `postgres` - - ``` bash - docker pull postgres:14.6-alpine - ``` - -- Database backup: `www_backup_latest.gz` - - ``` bash - gunzip www_backup_latest.gz - ``` - - Note: The name of your backup file will be different. - -### Quick Start - -1. Start a `minikube` cluster unless running already. - - ``` bash - minikube status - ``` - - ``` bash - minikube start - ``` - -2. Run a PostgreSQL instance in a new container. - - ``` bash - docker run --name my-postgres \ - --rm \ - -v $(pwd)/www_backup_latest:/www_backup_latest \ - -v pgdata:/var/lib/postgresql/data \ - -e POSTGRES_PASSWORD=postgres \ - -p 5432:5432 \ - postgres:14.6-alpine \ - postgres -c log_statement=all - ``` - - NOTE: With `log_statement=all`, it will output all queries hitting the database in stdout. - -3. Start a new `bash` session in the container. - - ``` bash - docker exec -it 188fcfec0bf9 bash - ``` - - where `188fcfec0bf9` is the ID of the container. - - 1. (Required only once) Using `psql`, create a new database called `www`, and a new role called `www_iab`. - - ``` bash - psql -U postgres - ``` - - ``` sql - CREATE DATABASE www; - CREATE ROLE www_iab WITH LOGIN PASSWORD 'www_iab'; - ``` - - ``` text - \q - ``` - - 2. (Required only once) Restore `www_backup_latest` to the `www` database using `pg_restore`. - - ``` bash - pg_restore -U postgres -d www www_backup_latest - ``` - - 3. Check extensions installed in the `www` database. - - ``` bash - psql -U postgres - ``` - - ``` text - \c www - ``` - - ``` text - \dx - ``` - - ``` text - List of installed extensions - Name | Version | Schema | Description - --------------------+---------+------------+------------------------------------------------------------------------ - adminpack | 2.1 | pg_catalog | administrative functions for PostgreSQL - amcheck | 1.3 | public | functions for verifying relation integrity - bloom | 1.0 | public | bloom access method - signature file based index - btree_gin | 1.3 | public | support for indexing common datatypes in GIN - btree_gist | 1.6 | public | support for indexing common datatypes in GiST - citext | 1.6 | public | data type for case-insensitive character strings - fuzzystrmatch | 1.1 | public | determine similarities and distance between strings - pageinspect | 1.9 | public | inspect the contents of database pages at a low level - pg_buffercache | 1.3 | public | examine the shared buffer cache - pg_freespacemap | 1.2 | public | examine the free space map (FSM) - pg_stat_statements | 1.9 | public | track planning and execution statistics of all SQL statements executed - pg_trgm | 1.6 | public | text similarity measurement and index searching based on trigrams - pg_visibility | 1.2 | public | examine the visibility map (VM) and page-level visibility info - pgrowlocks | 1.2 | public | show row-level locking information - pgstattuple | 1.5 | public | show tuple-level statistics - plpgsql | 1.0 | pg_catalog | PL/pgSQL procedural language - (16 rows) - ``` - - Notes: - - - The `adminpack` extension is not available in RDS, therefore it will not be included in future database snapshots. See [Extensions supported for RDS for PostgreSQL 14](https://docs.aws.amazon.com/AmazonRDS/latest/PostgreSQLReleaseNotes/postgresql-extensions.html#postgresql-extensions-14x) for more information. - - - The extensions above are from the latest IAB snapshot. - -4. Run - - ``` bash - helm install www helm - ``` - - to install the Helm chart. - -5. Initiate a port-forwarding session for the pod that is running the `wagtail` service. - - ``` bash - kubectl --namespace default port-forward $POD_NAME 8080:$CONTAINER_PORT - ``` - - e.g. - - ``` bash - kubectl --namespace default port-forward www-wagtail-69f957f5d6-ppfsd 8080:8000 - ``` - -6. Go to localhost:8080 on your web browser, and perform basic testing. - -7. Create an admin user. - - ``` bash - kubectl exec -it $POD_NAME --container www -- python manage.py createsuperuser - ``` - - e.g. - - ``` bash - kubectl exec -it www-wagtail-69f957f5d6-ppfsd --container www -- python manage.py createsuperuser - ``` - -8. Using the admin username and password, log in to localhost:8080/admin. diff --git a/helm/.helmignore b/helm/.helmignore deleted file mode 100644 index 691fa13d..00000000 --- a/helm/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ \ No newline at end of file diff --git a/helm/Chart.yaml b/helm/Chart.yaml deleted file mode 100644 index 09ffd411..00000000 --- a/helm/Chart.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: v2 -name: www -description: Helm chart for IETF www -maintainers: - - name: IETF Tools Team - email: tools-discuss@ietf.org - url: https://github.com/ietf-tools - -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -# Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.0.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. Versions are not expected to -# follow Semantic Versioning. They should reflect the version the application is using. -# It is recommended to use it with quotes. -appVersion: "1.0.0" diff --git a/helm/local.py b/helm/local.py deleted file mode 100644 index fdf1065e..00000000 --- a/helm/local.py +++ /dev/null @@ -1,79 +0,0 @@ -import os - -DEFAULT_FROM_EMAIL = "donotreply@ietf.org" -SERVER_EMAIL = "donotreply@ietf.org" -EMAIL_BACKEND = "django.core.mail.backends.smtp.EmailBackend" -EMAIL_HOST = os.environ["EMAIL_HOST"] -EMAIL_PORT = os.environ["EMAIL_PORT"] - -DATABASES = { - "default": { - "ENGINE": "django.db.backends.postgresql_psycopg2", - "HOST": os.environ["DBHOST"], - "NAME": os.environ["DBNAME"], - "USER": os.environ["DBUSER"], - "PASSWORD": os.environ["DBPASS"], - "CONN_MAX_AGE": 600, # number of seconds database connections should persist for - }, -} - -SECRET_KEY = os.environ["SECRET_KEY"] - -FILE_UPLOAD_PERMISSIONS = 0o664 - -ALLOWED_HOSTS = os.environ["ALLOWED_HOSTS"].split(",") -ALLOWED_HOSTS.append(os.environ["POD_IP"]) - -CSRF_TRUSTED_ORIGINS = os.environ["CSRF_TRUSTED_ORIGINS"].split(",") - -WAGTAILADMIN_BASE_URL = os.environ["WAGTAILADMIN_BASE_URL"] - -ADMINS = (("Django Server", "django-project@ietf.org"),) - -# Logging - -LOGGING = { - "version": 1, - "disable_existing_loggers": False, - "handlers": { - "mail_admins": { - "level": "ERROR", - "class": "django.utils.log.AdminEmailHandler", - }, - }, - "loggers": { - "django.request": { - "handlers": ["mail_admins"], - "level": "ERROR", - "propagate": False, - }, - "django.security": { - "handlers": ["mail_admins"], - "level": "ERROR", - "propagate": False, - }, - }, -} - -MATOMO_DOMAIN_PATH = "analytics.ietf.org" -MATOMO_SITE_ID = os.environ["MATOMO_SITE_ID"] -MATOMO_DISABLE_COOKIES = True - -MEMCACHED_HOST = os.environ["MEMCACHED_SERVICE_HOST"] -MEMCACHED_PORT = os.environ["MEMCACHED_SERVICE_PORT"] - -MEMCACHED_KEY_PREFIX = os.environ["MEMCACHED_KEY_PREFIX"] - -CACHES = { - "default": { - "BACKEND": "django.core.cache.backends.memcached.PyMemcacheCache", - "LOCATION": f"{MEMCACHED_HOST}:{MEMCACHED_PORT}", - "KEY_PREFIX": MEMCACHED_KEY_PREFIX, - }, - "sessions": { - "BACKEND": "django.core.cache.backends.memcached.PyMemcacheCache", - "LOCATION": f"{MEMCACHED_HOST}:{MEMCACHED_PORT}", - "KEY_PREFIX": MEMCACHED_KEY_PREFIX, - }, - "dummy": {"BACKEND": "django.core.cache.backends.dummy.DummyCache"}, -} diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl deleted file mode 100644 index 72a0e2bc..00000000 --- a/helm/templates/_helpers.tpl +++ /dev/null @@ -1,104 +0,0 @@ -{{/* - Expand the name of the chart. - */}} -{{- define "wagtail.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "wagtail.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create a fully qualified wagtail name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "wagtail.wagtail.fullname" -}} -{{- if .Values.wagtail.fullnameOverride -}} -{{- .Values.wagtail.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- printf "%s-%s" .Release.Name .Values.wagtail.name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s-%s" .Release.Name $name .Values.wagtail.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create a fully qualified memcached name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "wagtail.memcached.fullname" -}} -{{- if .Values.memcached.fullnameOverride -}} -{{- .Values.memcached.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- printf "%s-%s" .Release.Name .Values.memcached.name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s-%s" .Release.Name $name .Values.memcached.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "wagtail.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "wagtail.labels" -}} -helm.sh/chart: {{ include "wagtail.chart" . }} -{{ include "wagtail.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "wagtail.selectorLabels" -}} -app.kubernetes.io/name: {{ include "wagtail.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "wagtail.serviceAccountName.wagtail" -}} -{{- if .Values.serviceAccounts.wagtail.create -}} - {{ default (include "wagtail.wagtail.fullname" .) .Values.serviceAccounts.wagtail.name }} -{{- else -}} - {{ default "default" .Values.serviceAccounts.wagtail.name }} -{{- end -}} -{{- end }} - -{{- define "wagtail.serviceAccountName.memcached" -}} -{{- if .Values.serviceAccounts.memcached.create -}} - {{ default (include "wagtail.memcached.fullname" .) .Values.serviceAccounts.memcached.name }} -{{- else -}} - {{ default "default" .Values.serviceAccounts.memcached.name }} -{{- end -}} -{{- end }} diff --git a/helm/templates/configmap.yaml b/helm/templates/configmap.yaml deleted file mode 100644 index 05e886e2..00000000 --- a/helm/templates/configmap.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: django-configmap -data: - local.py: |- - {{ .Files.Get "local.py" | nindent 4 }} diff --git a/helm/templates/cronjob.yaml b/helm/templates/cronjob.yaml deleted file mode 100644 index f6fc1a2b..00000000 --- a/helm/templates/cronjob.yaml +++ /dev/null @@ -1,42 +0,0 @@ -{{- range .Values.cronjob.crons }} ---- -apiVersion: batch/v1 -kind: CronJob -metadata: - name: {{ .name | quote }} -spec: - schedule: {{ .schedule | quote }} - timeZone: {{ .timeZone | quote }} - concurrencyPolicy: Forbid - jobTemplate: - spec: - backoffLimit: 0 # No retries - template: - spec: - restartPolicy: Never - volumes: - - name: settings-local-volume - configMap: - name: django-configmap - containers: - - name: {{ .name | quote }} - image: "{{ $.Values.wagtail.image.repository }}:{{ default $.Chart.AppVersion $.Values.wagtail.image.tag }}" - imagePullPolicy: {{ $.Values.wagtail.image.pullPolicy }} - volumeMounts: - - name: settings-local-volume - mountPath: /app/ietf/settings/local.py - subPath: local.py - readOnly: true - {{- if $.Values.env }} - env: - - name: "POD_IP" - valueFrom: - fieldRef: - fieldPath: status.podIP - {{- range $key, $val := $.Values.env }} - - name: {{ $key | quote }} - value: {{ $val | quote }} - {{- end }} - {{- end }} - command: {{ .command | toJson }} -{{- end }} diff --git a/helm/templates/deployments/memcached.yaml b/helm/templates/deployments/memcached.yaml deleted file mode 100644 index c407ac74..00000000 --- a/helm/templates/deployments/memcached.yaml +++ /dev/null @@ -1,70 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "wagtail.memcached.fullname" . }} - labels: - {{- include "wagtail.labels" . | nindent 4 }} -spec: - {{- $podValues := .Values.memcached }} - replicas: {{ $podValues.replicaCount }} - revisionHistoryLimit: {{ $podValues.revisionHistoryLimit }} - selector: - matchLabels: - {{- include "wagtail.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - {{- include "wagtail.selectorLabels" . | nindent 8 }} - spec: - {{- with $podValues.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "wagtail.serviceAccountName.memcached" . }} - securityContext: - {{- toYaml $podValues.podSecurityContext | nindent 8 }} - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml $podValues.securityContext | nindent 12 }} - image: "{{ $podValues.image.repository }}:{{ default "latest" $podValues.image.tag }}" - imagePullPolicy: {{ default "IfNotPresent" $podValues.image.imagePullPolicy }} - env: - {{- if .Values.env }} - {{- range $key, $val := .Values.env }} - - name: {{ $key | quote }} - value: {{ $val | quote }} - {{- end }} - {{- end }} - {{- with $podValues.volumeMounts }} - volumeMounts: - {{- toYaml . | nindent 12 }} - {{- end }} - ports: - - name: memcached - containerPort: 11211 - protocol: TCP - livenessProbe: - {{- toYaml $podValues.livenessProbe | nindent 12 }} - readinessProbe: - {{- toYaml $podValues.readinessProbe | nindent 12 }} - startupProbe: - {{- toYaml $podValues.startupProbe | nindent 12 }} - resources: - {{- toYaml $podValues.resources | nindent 12 }} - {{- with $podValues.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $podValues.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $podValues.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $podValues.volumes }} - volumes: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/helm/templates/deployments/wagtail.yaml b/helm/templates/deployments/wagtail.yaml deleted file mode 100644 index 0367b298..00000000 --- a/helm/templates/deployments/wagtail.yaml +++ /dev/null @@ -1,76 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "wagtail.wagtail.fullname" . }} - labels: - {{- include "wagtail.labels" . | nindent 4 }} -spec: - {{- $podValues := .Values.wagtail }} - replicas: {{ $podValues.replicaCount }} - revisionHistoryLimit: {{ $podValues.revisionHistoryLimit }} - selector: - matchLabels: - {{- include "wagtail.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - {{- include "wagtail.selectorLabels" . | nindent 8 }} - spec: - {{- with $podValues.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "wagtail.serviceAccountName.wagtail" . }} - securityContext: - {{- toYaml $podValues.podSecurityContext | nindent 8 }} - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml $podValues.securityContext | nindent 12 }} - image: "{{ $podValues.image.repository }}:{{ default .Chart.AppVersion $podValues.image.tag }}" - imagePullPolicy: {{ default "IfNotPresent" $podValues.image.imagePullPolicy }} - env: - - name: "CONTAINER_ROLE" - value: "wagtail" - - name: "POD_IP" - valueFrom: - fieldRef: - fieldPath: status.podIP - {{- if $.Values.env }} - {{- range $key, $val := $.Values.env }} - - name: {{ $key | quote }} - value: {{ $val | quote }} - {{- end }} - {{- end }} - {{- with $podValues.volumeMounts }} - volumeMounts: - {{- toYaml . | nindent 12 }} - {{- end }} - ports: - - name: http - containerPort: 80 - protocol: TCP - livenessProbe: - {{- toYaml $podValues.livenessProbe | nindent 12 }} - readinessProbe: - {{- toYaml $podValues.readinessProbe | nindent 12 }} - startupProbe: - {{- toYaml $podValues.startupProbe | nindent 12 }} - resources: - {{- toYaml $podValues.resources | nindent 12 }} - {{- with $podValues.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $podValues.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $podValues.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $podValues.volumes }} - volumes: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/helm/templates/hpa.yaml b/helm/templates/hpa.yaml deleted file mode 100644 index fec1cb92..00000000 --- a/helm/templates/hpa.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{- if .Values.autoscaling.enabled }} -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: {{ include "wagtail.fullname" . }} - labels: - {{- include "wagtail.labels" . | nindent 4 }} -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: {{ include "wagtail.fullname" . }} - minReplicas: {{ .Values.autoscaling.minReplicas }} - maxReplicas: {{ .Values.autoscaling.maxReplicas }} - metrics: - {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} - {{- end }} - {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} - - type: Resource - resource: - name: memory - target: - type: Utilization - averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} - {{- end }} -{{- end }} diff --git a/helm/templates/ingress.yaml b/helm/templates/ingress.yaml deleted file mode 100644 index 3bc294f1..00000000 --- a/helm/templates/ingress.yaml +++ /dev/null @@ -1,61 +0,0 @@ -{{- if .Values.wagtail.ingress.enabled -}} -{{- $fullName := include "wagtail.fullname" . -}} -{{- $svcPort := .Values.wagtail.service.port -}} -{{- if and .Values.wagtail.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} - {{- if not (hasKey .Values.wagtail.ingress.annotations "kubernetes.io/ingress.class") }} - {{- $_ := set .Values.wagtail.ingress.annotations "kubernetes.io/ingress.class" .Values.wagtail.ingress.className}} - {{- end }} -{{- end }} -{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1 -{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1beta1 -{{- else -}} -apiVersion: extensions/v1beta1 -{{- end }} -kind: Ingress -metadata: - name: {{ $fullName }} - labels: - {{- include "wagtail.labels" . | nindent 4 }} - {{- with .Values.wagtail.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - {{- if and .Values.wagtail.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} - ingressClassName: {{ .Values.wagtail.ingress.className }} - {{- end }} - {{- if .Values.wagtail.ingress.tls }} - tls: - {{- range .Values.wagtail.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} - {{- end }} - rules: - {{- range .Values.wagtail.ingress.hosts }} - - host: {{ .host | quote }} - http: - paths: - {{- range .paths }} - - path: {{ .path }} - {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} - pathType: {{ .pathType }} - {{- end }} - backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ $fullName }} - port: - number: {{ $svcPort }} - {{- else }} - serviceName: {{ $fullName }} - servicePort: {{ $svcPort }} - {{- end }} - {{- end }} - {{- end }} -{{- end }} diff --git a/helm/templates/rbac/memcached-serviceaccount.yaml b/helm/templates/rbac/memcached-serviceaccount.yaml deleted file mode 100644 index 412b7a40..00000000 --- a/helm/templates/rbac/memcached-serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.serviceAccounts.memcached.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "wagtail.serviceAccountName.memcached" . }} - labels: - {{- include "wagtail.labels" . | nindent 4 }} - {{- with .Values.serviceAccounts.memcached.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end -}} diff --git a/helm/templates/rbac/wagtail-serviceaccount.yaml b/helm/templates/rbac/wagtail-serviceaccount.yaml deleted file mode 100644 index 2f57279f..00000000 --- a/helm/templates/rbac/wagtail-serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.serviceAccounts.wagtail.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "wagtail.serviceAccountName.wagtail" . }} - labels: - {{- include "wagtail.labels" . | nindent 4 }} - {{- with .Values.serviceAccounts.wagtail.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end -}} diff --git a/helm/templates/services/memcached.yaml b/helm/templates/services/memcached.yaml deleted file mode 100644 index 6cd427ce..00000000 --- a/helm/templates/services/memcached.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: memcached - labels: {{- include "wagtail.labels" . | nindent 4 }} - {{- with .Values.memcached.service.annotations }} - annotations: - {{- range $key, $value := . }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} -spec: - type: {{.Values.memcached.service.type}} - ports: - - port: {{ default "11211" .Values.memcached.service.port}} - targetPort: memcached - protocol: TCP - name: memcached - selector: {{- include "wagtail.selectorLabels" . | nindent 4}} diff --git a/helm/templates/services/wagtail.yaml b/helm/templates/services/wagtail.yaml deleted file mode 100644 index 137d9818..00000000 --- a/helm/templates/services/wagtail.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{include "wagtail.fullname" .}} - labels: {{- include "wagtail.labels" . | nindent 4 }} - {{- with .Values.wagtail.service.annotations }} - annotations: - {{- range $key, $value := . }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} -spec: - type: {{.Values.wagtail.service.type}} - ports: - - port: {{ default "80" .Values.wagtail.service.port}} - targetPort: http - protocol: TCP - name: http - selector: {{- include "wagtail.selectorLabels" . | nindent 4}} diff --git a/helm/values.yaml b/helm/values.yaml deleted file mode 100644 index 2b4da84b..00000000 --- a/helm/values.yaml +++ /dev/null @@ -1,241 +0,0 @@ -# Default values for wagtail. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -## Define serviceAccount names for components. Defaults to component's fully qualified name. -## -serviceAccounts: - wagtail: - create: true - name: wagtail - annotations: {} - memcached: - create: true - name: memcached - annotations: {} - -# ------------------------------------------------------------- -# WAGTAIL -# ------------------------------------------------------------- - -wagtail: - name: wagtail - image: - repository: "ghcr.io/ietf-tools/www" - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. - # tag: "v2.1.10" - - imagePullSecrets: [] - nameOverride: "" - fullnameOverride: "" - - ingress: - enabled: false - className: "" - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - hosts: - - host: wagtail.local - paths: - - path: / - pathType: ImplementationSpecific - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local - - livenessProbe: - timeoutSeconds: 5 - httpGet: - path: /healthz - port: http - - podAnnotations: {} - podLabels: {} - - podSecurityContext: {} - # fsGroup: 2000 - - readinessProbe: - timeoutSeconds: 5 - httpGet: - path: /healthz - port: http - - replicaCount: 1 - - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - - securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - - service: - type: ClusterIP - port: 80 - - serviceAccount: - # Specifies whether a service account should be created - create: true - # Automatically mount a ServiceAccount's API credentials? - automount: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - - startupProbe: - initialDelaySeconds: 5 - timeoutSeconds: 5 - periodSeconds: 10 - failureThreshold: 6 - successThreshold: 1 - httpGet: - path: /healthz - port: http - - # Additional volumes on the output Deployment definition. - volumes: - - name: settings-local-volume - configMap: - name: django-configmap - - name: media - hostPath: - path: /path-to/media - - # Additional volumeMounts on the output Deployment definition. - volumeMounts: - - name: settings-local-volume - mountPath: /app/ietf/settings/local.py - subPath: local.py - readOnly: true - - name: media - mountPath: "/app/media" - - tolerations: [] - - nodeSelector: {} - - affinity: {} - -# ------------------------------------------------------------- -# MEMCACHED -# ------------------------------------------------------------- - -memcached: - name: memcached - image: - repository: "memcached" - pullPolicy: IfNotPresent - tag: "1.6-alpine" - - imagePullSecrets: [] - nameOverride: "" - fullnameOverride: "" - - podAnnotations: {} - podLabels: {} - - podSecurityContext: {} - # fsGroup: 2000 - - replicaCount: 1 - - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - - securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - - service: - type: ClusterIP - port: 11211 - - serviceAccount: - # Specifies whether a service account should be created - create: true - # Automatically mount a ServiceAccount's API credentials? - automount: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - - tolerations: [] - - nodeSelector: {} - - affinity: {} - -# ------------------------------------------------------------- -# SCHEDULED JOBS -# ------------------------------------------------------------- - -cronjob: - crons: - - name: mgmt-hourly - schedule: "0 * * * *" # "At minute 0." - timeZone: "Etc/UTC" - command: ["python", "/app/manage.py", "publish_scheduled"] - - name: mgmt-weekly - schedule: "30 0 * * 0" # "At 00:30 on Sunday." - timeZone: "Etc/UTC" - command: ["python", "/app/manage.py", "update_index"] - -# ------------------------------------------------------------- -# COMMON -# ------------------------------------------------------------- - -autoscaling: - enabled: false - minReplicas: 1 - maxReplicas: 100 - targetCPUUtilizationPercentage: 80 - # targetMemoryUtilizationPercentage: 80 - -env: - DJANGO_SETTINGS_MODULE: "ietf.settings.production" - EMAIL_HOST: "localhost" - EMAIL_PORT: "25" - DBHOST: "host.minikube.internal" - DBNAME: "www" - DBUSER: "www_iab" - DBPASS: "www_iab" - SECRET_KEY: "SpAA3v4icREtlC2ND3oZ8JABMEP2Cf1U" - ALLOWED_HOSTS: "localhost,127.0.0.1" - WAGTAILADMIN_BASE_URL: "http://localhost:8080/admin" - CSRF_TRUSTED_ORIGINS: "http://localhost:8080/,http://127.0.0.1:8080/" - MATOMO_SITE_ID: "11" - MEMCACHED_KEY_PREFIX: "iab"