From 6d80df7866f12e74205a9099f4f85b8e6094f3cf Mon Sep 17 00:00:00 2001 From: Samuel Alfageme Date: Mon, 17 Aug 2020 18:52:08 +0200 Subject: [PATCH 1/3] Fix: hardcoded WOPI Server URL with a helper function Includes a fallback to http://: for non- defined ingress'. Also, remove hardcoded loglevel and enable its override. --- wopiserver/Chart.yaml | 4 ++-- wopiserver/README.md | 1 + wopiserver/templates/_helpers.tpl | 18 +++++++++++------- wopiserver/templates/configmap.yaml | 11 +++-------- wopiserver/values.yaml | 1 + 5 files changed, 18 insertions(+), 17 deletions(-) diff --git a/wopiserver/Chart.yaml b/wopiserver/Chart.yaml index f66c297..9da2966 100644 --- a/wopiserver/Chart.yaml +++ b/wopiserver/Chart.yaml @@ -2,6 +2,6 @@ apiVersion: v2 name: wopiserver description: A Vendor-neutral Web-application Open Platform Interface (WOPI) gateway for EFSS systems type: application -version: 0.1.0 -appVersion: v5.2 +version: 0.2.0 +appVersion: v5.3 source: https://github.com/cs3org/wopiserver diff --git a/wopiserver/README.md b/wopiserver/README.md index f50f5cb..c3d8778 100644 --- a/wopiserver/README.md +++ b/wopiserver/README.md @@ -41,6 +41,7 @@ The following configurations may be set. It is recommended to use `values.yaml` | `config.iopsecret` | IOP-Shared-Secret, stored in `/etc/wopi/iopsecret` | `nil` - generates a random secret (`randAlphaNum 24`) | | `config.appProviders` | Freeform `: ` (`oosurl`, `codeurl`, `slidesurl` or `codimdurl` as app-providers) | `{codimdurl: http://codimd.local}` | | `config.cs3.revahost` | The GRPC endpoint of the REVA service. | `revad:19000` | +| `config.loglevel` | Logging fequency. Values, in order of severity: `Critical`, `Error`, `Warning`, `Info` `Debug`. | `Debug` | | `ingress.enabled` | Whether to create an Ingress resource to access the wopiserver. | `false` | | `ingress.hostname` | The ingress hostname. | `wopi.local` | | `ingress.path` | The ingress path. | `/wopi` | diff --git a/wopiserver/templates/_helpers.tpl b/wopiserver/templates/_helpers.tpl index 2f3bad5..17483a1 100644 --- a/wopiserver/templates/_helpers.tpl +++ b/wopiserver/templates/_helpers.tpl @@ -52,12 +52,16 @@ app.kubernetes.io/instance: {{ .Release.Name }} {{- end -}} {{/* -Create the name of the service account to use +Returns the WOPI Server external URL */}} -{{- define "wopiserver.serviceAccountName" -}} -{{- if .Values.serviceAccount.create -}} - {{ default (include "wopiserver.fullname" .) .Values.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.serviceAccount.name }} -{{- end -}} +{{- define "wopiserver.url" -}} + {{- if .Values.ingress.hostname }} + {{- if .Values.ingress.tls }} + https://{{ .Values.ingress.hostname }} + {{- else }} + http://{{ .Values.ingress.hostname }} + {{- end }} + {{- else }} + http://{{ template "wopiserver.fullname" . }}:{{ .Values.service.port }} + {{- end }} {{- end -}} diff --git a/wopiserver/templates/configmap.yaml b/wopiserver/templates/configmap.yaml index e8ccd5a..3bf6b87 100644 --- a/wopiserver/templates/configmap.yaml +++ b/wopiserver/templates/configmap.yaml @@ -18,15 +18,10 @@ data: tokenvalidity = 86400 -{{- if .Values.ingress.enabled }} - wopiurl = http://{{ .Values.ingress.hostname }} - downloadurl = http://{{ .Values.ingress.hostname }}/wopi/cbox/download -{{- else }} - wopiurl = http://{{ include "wopiserver.fullname" . }} - downloadurl = http://{{ include "wopiserver.fullname" . }}/wopi/cbox/download -{{- end }} + wopiurl = {{ template "wopiserver.url" . }} + downloadurl = {{ template "wopiserver.url" . }}/wopi/cbox/download - loglevel = Debug + loglevel = {{ .Values.config.loglevel }} [security] usehttps = no diff --git a/wopiserver/values.yaml b/wopiserver/values.yaml index ba9d40a..6dffafc 100644 --- a/wopiserver/values.yaml +++ b/wopiserver/values.yaml @@ -21,6 +21,7 @@ config: codimdurl: http://codimd.local cs3: revahost: revad:19000 + loglevel: Debug ingress: enabled: false From f5200528a7612443124871a26fe754bd290f8db9 Mon Sep 17 00:00:00 2001 From: Samuel Alfageme Date: Wed, 19 Aug 2020 18:44:00 +0200 Subject: [PATCH 2/3] Add wopibridge sidecar to wopiserver when .enabled - Fix an issue with whitespace stripping on the 'wopiserver.url' --- wopiserver/templates/_helpers.tpl | 38 ++++++++++--- .../templates/wopibridge/deployment.yaml | 53 +++++++++++++++++++ wopiserver/templates/wopibridge/ingress.yaml | 28 ++++++++++ wopiserver/templates/wopibridge/service.yaml | 19 +++++++ wopiserver/values.yaml | 40 ++++++++++++++ 5 files changed, 172 insertions(+), 6 deletions(-) create mode 100644 wopiserver/templates/wopibridge/deployment.yaml create mode 100644 wopiserver/templates/wopibridge/ingress.yaml create mode 100644 wopiserver/templates/wopibridge/service.yaml diff --git a/wopiserver/templates/_helpers.tpl b/wopiserver/templates/_helpers.tpl index 17483a1..507f9d4 100644 --- a/wopiserver/templates/_helpers.tpl +++ b/wopiserver/templates/_helpers.tpl @@ -43,6 +43,13 @@ app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} app.kubernetes.io/managed-by: {{ .Release.Service }} {{- end -}} +{{- define "wopibridge.labels" -}} +helm.sh/chart: {{ include "wopiserver.chart" . }} +{{ include "wopibridge.selectorLabels" . }} +app.kubernetes.io/version: {{ .Values.wopibridge.image.tag | quote }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + {{/* Selector labels */}} @@ -51,17 +58,36 @@ app.kubernetes.io/name: {{ include "wopiserver.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end -}} +{{- define "wopibridge.selectorLabels" -}} +app.kubernetes.io/name: {{ include "wopiserver.name" . }}-{{ .Values.wopibridge.name }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} + {{/* Returns the WOPI Server external URL */}} {{- define "wopiserver.url" -}} - {{- if .Values.ingress.hostname }} - {{- if .Values.ingress.tls }} + {{- if .Values.ingress.hostname -}} + {{- if .Values.ingress.tls -}} https://{{ .Values.ingress.hostname }} - {{- else }} + {{- else -}} http://{{ .Values.ingress.hostname }} - {{- end }} - {{- else }} + {{- end -}} + {{- else -}} http://{{ template "wopiserver.fullname" . }}:{{ .Values.service.port }} - {{- end }} + {{- end -}} +{{- end -}} + +{{- define "wopibridge.url" -}} +{{- with .Values.wopibridge -}} + {{- if .ingress.hostname -}} + {{- if .ingress.tls -}} + https://{{ .ingress.hostname }}{{ .ingress.path }} + {{- else -}} + http://{{ .ingress.hostname }}{{ .ingress.path }} + {{- end -}} + {{- else -}} + http://{{ template "wopiserver.fullname" $ }}-{{ .name }}:{{ .service.port }} + {{- end -}} +{{- end -}} {{- end -}} diff --git a/wopiserver/templates/wopibridge/deployment.yaml b/wopiserver/templates/wopibridge/deployment.yaml new file mode 100644 index 0000000..8770d1f --- /dev/null +++ b/wopiserver/templates/wopibridge/deployment.yaml @@ -0,0 +1,53 @@ +{{- with .Values.wopibridge }} +{{- if .enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "wopiserver.fullname" $ }}-{{ .name }} + labels: + {{- include "wopibridge.labels" $ | nindent 4 }} +spec: + replicas: {{ .replicaCount }} + selector: + matchLabels: + {{- include "wopibridge.selectorLabels" $ | nindent 6 }} + template: + metadata: + labels: + {{- include "wopibridge.selectorLabels" $ | nindent 8 }} + spec: + containers: + - name: {{ .name }} + image: "{{ .image.repository }}:{{ .image.tag }}" + imagePullPolicy: {{ .image.pullPolicy }} + ports: + - name: http + containerPort: 8000 + protocol: TCP + {{- if .extraVolumeMounts }} + volumeMounts: + {{- toYaml .extraVolumeMounts | nindent 12 }} + {{- end }} + env: + - name: WOPIBRIDGE_URL + value: {{ template "wopibridge.url" $ }} + {{- if .env }} + {{- range $name, $value := .env }} + - name: "{{ $name }}" + value: "{{ $value }}" + {{- end }} + {{- end }} + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http + {{- if .extraVolumes }} + volumes: + {{- toYaml .extraVolumes | nindent 6 }} + {{- end }} +{{- end }} +{{- end }} diff --git a/wopiserver/templates/wopibridge/ingress.yaml b/wopiserver/templates/wopibridge/ingress.yaml new file mode 100644 index 0000000..73eb095 --- /dev/null +++ b/wopiserver/templates/wopibridge/ingress.yaml @@ -0,0 +1,28 @@ +{{- with .Values.wopibridge }} +{{- if and .enabled .ingress.enabled }} +apiVersion: networking.k8s.io/v1beta1 +kind: Ingress +metadata: + name: {{ template "wopiserver.fullname" $ }}-{{ .name }} + labels: {{- include "wopibridge.labels" $ | nindent 4 }} + annotations: + {{- if .ingress.annotations }} +{{ toYaml .ingress.annotations | indent 4 }} + {{- end }} +spec: + rules: + {{- if .ingress.hostname }} + - host: {{ .ingress.hostname }} + http: + paths: + - path: {{ .ingress.path }} + backend: + serviceName: {{ template "wopiserver.fullname" $ }}-{{ .name }} + servicePort: http + {{- end }} + {{- if .ingress.tls }} + tls: + {{- toYaml .ingress.tls | indent 4 }} + {{- end }} +{{- end }} +{{- end }} diff --git a/wopiserver/templates/wopibridge/service.yaml b/wopiserver/templates/wopibridge/service.yaml new file mode 100644 index 0000000..829b905 --- /dev/null +++ b/wopiserver/templates/wopibridge/service.yaml @@ -0,0 +1,19 @@ +{{- with .Values.wopibridge }} +{{- if .enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "wopiserver.fullname" $ }}-{{ .name }} + labels: + {{- include "wopibridge.labels" $ | nindent 4 }} +spec: + type: {{ .service.type }} + ports: + - port: {{ .service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "wopibridge.selectorLabels" $ | nindent 4 }} +{{- end }} +{{- end }} diff --git a/wopiserver/values.yaml b/wopiserver/values.yaml index 6dffafc..30ec8b8 100644 --- a/wopiserver/values.yaml +++ b/wopiserver/values.yaml @@ -35,3 +35,43 @@ ingress: # - secretName: wopi-tls # hosts: # - wopi.local + +wopibridge: + enabled: false + name: wopibridge + replicaCount: 1 + image: + repository: cs3org/wopibridge + tag: latest + pullPolicy: Always + + service: + type: ClusterIP + port: 8000 + + extraVolumes: [] + # - name: image-store + # persistentVolumeClaim: + # claimName: image-store + + extraVolumeMounts: [] + # - name: image-store + # mountPath: /mnt/codimd_storage + + env: [] + # CODIMD_INT_URL: http://codimd + # CODIMD_EXT_URL: https://codimd.local/path + # CODIMD_STORAGE_PATH: /mnt/codimd_storage + + ingress: + enabled: false + hostname: bridge.local + path: /wopibridge + annotations: {} + # kubernetes.io/ingress.class: nginx + # nginx.ingress.kubernetes.io/ssl-redirect: "true" + tls: [] + # Secrets must be present in the namespace beforehand. + # - secretName: bridge-tls + # hosts: + # - wopi.local From 05eb57619c1aa44ab7f57052aa20bddd1cd356b5 Mon Sep 17 00:00:00 2001 From: Samuel Alfageme Date: Thu, 27 Aug 2020 10:42:27 +0200 Subject: [PATCH 3/3] Add {wopiserver,bridge}Url to override Helm's auto-generation ... based on the ingress/service provided values, which sometimes is unaccurate (e.g. wildcard paths for the nginx ingress resources). Or when the operator does not want to rely on the chart-provided ingress but rather on its own. Add the config table for the WOPI bridge and use its url for the .Values.config.appProviders.codimdurl to prevent using CodiMD's Bump the wopiserver version to v5.4 --- wopiserver/Chart.yaml | 2 +- wopiserver/README.md | 23 +++++++++++++ wopiserver/templates/_helpers.tpl | 32 ++++++++++++------- .../templates/wopibridge/deployment.yaml | 2 +- wopiserver/values.yaml | 8 ++++- 5 files changed, 52 insertions(+), 15 deletions(-) diff --git a/wopiserver/Chart.yaml b/wopiserver/Chart.yaml index 9da2966..318038a 100644 --- a/wopiserver/Chart.yaml +++ b/wopiserver/Chart.yaml @@ -3,5 +3,5 @@ name: wopiserver description: A Vendor-neutral Web-application Open Platform Interface (WOPI) gateway for EFSS systems type: application version: 0.2.0 -appVersion: v5.3 +appVersion: v5.4 source: https://github.com/cs3org/wopiserver diff --git a/wopiserver/README.md b/wopiserver/README.md index c3d8778..4089d22 100644 --- a/wopiserver/README.md +++ b/wopiserver/README.md @@ -34,6 +34,7 @@ The following configurations may be set. It is recommended to use `values.yaml` | `image.pullPolicy` | The kubernetes image pull policy. | `Always` | | `service.type` | The kubernetes service type to use. | `ClusterIP` | | `service.port` | The wopiserver service HTTP port. | `8880` | +| `wopiserverUrl` | Overrides the (default) Helm URL generation based on the ingress/service values. | Not set | | `extraVolumeMounts` | Array of additional volume mounts. | `[]` | | `extraVolumes` | Array of additional volumes. | `[]` | | `env` | Additional environment variables passed to the wopiserver container. | `[]` | @@ -47,3 +48,25 @@ The following configurations may be set. It is recommended to use `values.yaml` | `ingress.path` | The ingress path. | `/wopi` | | `ingress.annotations` | Ingress annotations. | `{}` | | `ingress.tls` | Ingress TLS configuration (YAML). | `[]` | + +## WOPI Bridge Configuration + +| Parameter | Description | Default | +| ------------------------------------------------- | --------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------- | +| `wopibridge.enabled` | Wheter to deploy the [WOPI Bridge](https://github.com/cs3org/wopibridge) service. | `false` | +| `wopibridge.name` | The name used to identify the resources as `{{ wopiserver.fullname }}-{{ .name }}`. | `wopibridge` | +| `wopibridge.replicaCount` | How many replicas to run. | `1` | +| `wopibridge.image.repository` | Name of the image to run, without the tag. | [`cs3org/wopibridge`](https://hub.docker.com/r/cs3org/wopibridge) | +| `wopibridge.image.tag` | The image tag to use. | `latest` | +| `wopibridge.image.pullPolicy` | The kubernetes image pull policy. | `Always` | +| `wopibridge.service.type` | The kubernetes service type to use. | `ClusterIP` | +| `wopibridge.service.port` | The wopibridge service HTTP port. | `8000` | +| `wopibridge.bridgeUrl` | Overrides the (default) Helm URL generation based on the ingress/service values. | Not set | +| `wopibridge.extraVolumeMounts` | Array of additional volume mounts. | `[]` | +| `wopibridge.extraVolumes` | Array of additional volumes. | `[]` | +| `wopibridge.env` | Additional environment variables passed to the wopibridge container. | `[]` | +| `wopibridge.ingress.enabled` | Whether to create an Ingress resource to access the wopibridge. | `false` | +| `wopibridge.ingress.hostname` | The ingress hostname. | `bridge.local` | +| `wopibridge.ingress.path` | The ingress path. | `/wopibridge` | +| `wopibridge.ingress.annotations` | Ingress annotations. | `{}` | +| `wopibridge.ingress.tls` | Ingress TLS configuration (YAML). | `[]` | diff --git a/wopiserver/templates/_helpers.tpl b/wopiserver/templates/_helpers.tpl index 507f9d4..deb9fe6 100644 --- a/wopiserver/templates/_helpers.tpl +++ b/wopiserver/templates/_helpers.tpl @@ -67,27 +67,35 @@ app.kubernetes.io/instance: {{ .Release.Name }} Returns the WOPI Server external URL */}} {{- define "wopiserver.url" -}} - {{- if .Values.ingress.hostname -}} - {{- if .Values.ingress.tls -}} - https://{{ .Values.ingress.hostname }} + {{- if .Values.wopiserverUrl -}} + {{- .Values.wopiserverUrl }} + {{- else }} + {{- if .Values.ingress.hostname -}} + {{- if .Values.ingress.tls -}} + https://{{ .Values.ingress.hostname }} + {{- else -}} + http://{{ .Values.ingress.hostname }} + {{- end -}} {{- else -}} - http://{{ .Values.ingress.hostname }} + http://{{ template "wopiserver.fullname" . }}:{{ .Values.service.port }} {{- end -}} - {{- else -}} - http://{{ template "wopiserver.fullname" . }}:{{ .Values.service.port }} {{- end -}} {{- end -}} {{- define "wopibridge.url" -}} {{- with .Values.wopibridge -}} - {{- if .ingress.hostname -}} - {{- if .ingress.tls -}} - https://{{ .ingress.hostname }}{{ .ingress.path }} + {{- if .bridgeUrl -}} + {{- .bridgeUrl }} + {{- else -}} + {{- if .ingress.hostname -}} + {{- if .ingress.tls -}} + https://{{ .ingress.hostname }}{{ .ingress.path }} + {{- else -}} + http://{{ .ingress.hostname }}{{ .ingress.path }} + {{- end -}} {{- else -}} - http://{{ .ingress.hostname }}{{ .ingress.path }} + http://{{ template "wopiserver.fullname" $ }}-{{ .name }}:{{ .service.port }} {{- end -}} - {{- else -}} - http://{{ template "wopiserver.fullname" $ }}-{{ .name }}:{{ .service.port }} {{- end -}} {{- end -}} {{- end -}} diff --git a/wopiserver/templates/wopibridge/deployment.yaml b/wopiserver/templates/wopibridge/deployment.yaml index 8770d1f..7b29aac 100644 --- a/wopiserver/templates/wopibridge/deployment.yaml +++ b/wopiserver/templates/wopibridge/deployment.yaml @@ -29,7 +29,7 @@ spec: {{- toYaml .extraVolumeMounts | nindent 12 }} {{- end }} env: - - name: WOPIBRIDGE_URL + - name: "WOPIBRIDGE_URL" value: {{ template "wopibridge.url" $ }} {{- if .env }} {{- range $name, $value := .env }} diff --git a/wopiserver/values.yaml b/wopiserver/values.yaml index 30ec8b8..c6e4fb8 100644 --- a/wopiserver/values.yaml +++ b/wopiserver/values.yaml @@ -9,6 +9,9 @@ service: type: ClusterIP port: 8880 +## Overrides the default URL generation based on the ingress/service values +# wopiserverUrl: https://wopi.local/ + extraVolumeMounts: [] extraVolumes: [] @@ -18,7 +21,7 @@ env: [] # - ref: https://github.com/cs3org/wopiserver/blob/master/wopiserver.conf config: appProviders: - codimdurl: http://codimd.local + codimdurl: http://wopibridge:8000 cs3: revahost: revad:19000 loglevel: Debug @@ -49,6 +52,9 @@ wopibridge: type: ClusterIP port: 8000 + ## Overrides the default URL generation based on the ingress/service values + # bridgeUrl: https://bridge.local/wopibridge + extraVolumes: [] # - name: image-store # persistentVolumeClaim: