diff --git a/.github/workflows/acceptance-tests.yml b/.github/workflows/acceptance-tests.yml index e1f70034d2..d3ad93b382 100644 --- a/.github/workflows/acceptance-tests.yml +++ b/.github/workflows/acceptance-tests.yml @@ -31,7 +31,7 @@ jobs: persist: ${{ steps.deploy-comment.outputs.persist}} steps: - id: deploy-comment - uses: SwissDataScienceCenter/renku-actions/check-pr-description@v1.4.5 + uses: SwissDataScienceCenter/renku-actions/check-pr-description@v1.7.0 with: string: /deploy pr_ref: ${{ github.event.number }} @@ -43,7 +43,7 @@ jobs: name: renku-ci-rp-${{ github.event.number }} steps: - name: deploy-pr - uses: SwissDataScienceCenter/renku-actions/deploy-renku@v1.4.5 + uses: SwissDataScienceCenter/renku-actions/deploy-renku@v1.7.0 env: DOCKER_PASSWORD: ${{ secrets.RENKU_DOCKER_PASSWORD }} DOCKER_USERNAME: ${{ secrets.RENKU_DOCKER_USERNAME }} @@ -52,7 +52,7 @@ jobs: RANCHER_PROJECT_ID: ${{ secrets.CI_RANCHER_PROJECT }} RENKU_RELEASE: renku-ci-rp-${{ github.event.number }} RENKU_VALUES_FILE: "${{ github.workspace }}/values.yaml" - RENKU_VALUES: ${{ secrets.CI_RENKU_VALUES }} + RENKU_VALUES: ${{ secrets.COMBINED_CHARTS_CI_RENKU_VALUES }} RENKUBOT_KUBECONFIG: ${{ secrets.RENKUBOT_DEV_KUBECONFIG }} RENKUBOT_RANCHER_BEARER_TOKEN: ${{ secrets.RENKUBOT_RANCHER_BEARER_TOKEN }} RANCHER_DEV_API_ENDPOINT: ${{ secrets.RANCHER_DEV_API_ENDPOINT }} @@ -88,7 +88,7 @@ jobs: if: ${{ github.event.action != 'closed' && needs.check-deploy.outputs.pr-contains-string == 'true' && needs.check-deploy.outputs.test-enabled == 'true' }} needs: [check-deploy, deploy-pr] steps: - - uses: SwissDataScienceCenter/renku-actions/test-renku@v1.4.5 + - uses: SwissDataScienceCenter/renku-actions/test-renku@v1.7.0 with: kubeconfig: ${{ secrets.RENKUBOT_DEV_KUBECONFIG }} renku-release: renku-ci-rp-${{ github.event.number }} @@ -103,7 +103,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: renku teardown - uses: SwissDataScienceCenter/renku-actions/cleanup-renku-ci-deployments@v1.4.5 + uses: SwissDataScienceCenter/renku-actions/cleanup-renku-ci-deployments@v1.7.0 env: HELM_RELEASE_REGEX: "^renku-ci-rp-${{ github.event.number }}$" GITLAB_TOKEN: ${{ secrets.DEV_GITLAB_TOKEN }} diff --git a/.github/workflows/test_deploy.yml b/.github/workflows/test_deploy.yml index 929f45632f..54e478343e 100644 --- a/.github/workflows/test_deploy.yml +++ b/.github/workflows/test_deploy.yml @@ -589,19 +589,16 @@ jobs: run: | echo "GIT_USER=Renku Bot" >> $GITHUB_ENV echo "GIT_EMAIL=renku@datascience.ch" >> $GITHUB_ENV - - name: Push chart and images - uses: SwissDataScienceCenter/renku-actions/publish-chart@v1.4.5 + - name: Build and push images + uses: SwissDataScienceCenter/renku-actions/publish-chartpress-images@v1.7.0 env: - CHART_NAME: renku-core GITHUB_TOKEN: ${{ secrets.RENKUBOT_GITHUB_TOKEN }} DOCKER_USERNAME: ${{ secrets.RENKU_DOCKER_USERNAME }} DOCKER_PASSWORD: ${{ secrets.RENKU_DOCKER_PASSWORD }} - - name: Wait for chart to be available - run: sleep 120 - name: Update component version - uses: SwissDataScienceCenter/renku-actions/update-component-version@v1.4.5 + uses: SwissDataScienceCenter/renku-actions/update-component-version@v1.7.0 env: - CHART_NAME: renku-core + COMPONENT_NAME: renku-core GITHUB_TOKEN: ${{ secrets.RENKUBOT_GITHUB_TOKEN }} coveralls-final: diff --git a/DEVELOPING.rst b/DEVELOPING.rst index b62fe6a0d0..594c4a07e5 100644 --- a/DEVELOPING.rst +++ b/DEVELOPING.rst @@ -261,7 +261,7 @@ number. - Once the release PR has been merged, publish the github release. This creates the tag on master that kicks off the publishing CI. - Keep an eye on CI, make sure that the `publish-pypi`, `build-images` and - `publish-chart` finish successfully. + `publish-chartpress-images` finish successfully. * If any of them don't finish successfully, ask for help. - Go to the `Renku` repository and approve/merge the automatically created PR there. diff --git a/chartpress.yaml b/chartpress.yaml index bdab0ab67e..a60c81f5df 100644 --- a/chartpress.yaml +++ b/chartpress.yaml @@ -11,8 +11,7 @@ charts: renku-core: contextPath: . dockerfilePath: Dockerfile - valuesPath: versions.latest.image + valuesPath: global.core.versions.latest.image buildArgs: CLEAN_INSTALL: "1" BUILD_CORE_SERVICE: "1" - diff --git a/git-deploy-chart.sh b/git-deploy-chart.sh deleted file mode 100755 index 4fc340f23a..0000000000 --- a/git-deploy-chart.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/usr/bin/env bash -# -# Copyright 2018 - Swiss Data Science Center (SDSC) -# A partnership between École Polytechnique Fédérale de Lausanne (EPFL) and -# Eidgenössische Technische Hochschule Zürich (ETHZ). -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -ex - -# get ssh key to use for docker hub login -chmod 600 deploy_rsa -eval "$(ssh-agent -s)" -ssh-add deploy_rsa - -make docker-login - -# build charts/images and push -helm repo update -helm dependency update helm-chart/renku-core -chartpress --push --publish-chart -git diff - -# push also images tagged with "latest" -chartpress --tag latest --push - -# if it's a tag, push the tagged chart -if [[ -n $TAG ]]; then - git clean -dff - chartpress --tag "$TAG" --push --publish-chart -fi diff --git a/helm-chart/renku-core/requirements.yaml b/helm-chart/renku-core/requirements.yaml deleted file mode 100644 index 3bd290aa59..0000000000 --- a/helm-chart/renku-core/requirements.yaml +++ /dev/null @@ -1,4 +0,0 @@ -dependencies: -- name: certificates - version: 0.0.3 - repository: "https://swissdatasciencecenter.github.io/helm-charts/" diff --git a/helm-chart/renku-core/templates/_helpers.tpl b/helm-chart/renku-core/templates/_helpers.tpl deleted file mode 100644 index 9d6d734fc9..0000000000 --- a/helm-chart/renku-core/templates/_helpers.tpl +++ /dev/null @@ -1,45 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "renku-core.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "renku-core.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "renku-core.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Common labels -*/}} -{{- define "renku-core.labels" -}} -app.kubernetes.io/name: {{ include "renku-core.name" . }} -helm.sh/chart: {{ include "renku-core.chart" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end -}} diff --git a/helm-chart/renku-core/templates/cache-cleanup-job.yaml b/helm-chart/renku-core/templates/cache-cleanup-job.yaml deleted file mode 100644 index 162b8f4b92..0000000000 --- a/helm-chart/renku-core/templates/cache-cleanup-job.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- range $version := .Values.versions }} -{{ if ne $version.name "v9"}} ---- -apiVersion: batch/v1 -kind: CronJob -metadata: - name: {{ include "renku-core.fullname" $ }}-cleanup-{{ $version.name }} - labels: - app.kubernetes.io/deploymentVersion: {{ $version.name }} -spec: - schedule: "*/5 * * * *" - concurrencyPolicy: Forbid - jobTemplate: - spec: - template: - spec: - containers: - - name: {{ include "renku-core.fullname" $ }}-cache-cleanup-{{ $version.name }} - image: renku/renku-core-cleanup:v1 - imagePullPolicy: IfNotPresent - args: - - {{ $version.name | quote}} - - {{ $.Release.Namespace }} - restartPolicy: OnFailure - serviceAccountName: {{ include "renku-core.fullname" $ }}-cleanup -{{ end }} -{{ end }} diff --git a/helm-chart/renku-core/templates/configmap.yaml b/helm-chart/renku-core/templates/configmap.yaml deleted file mode 100644 index abd664ba8d..0000000000 --- a/helm-chart/renku-core/templates/configmap.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "renku-core.fullname" . }}-metadata-versions -data: - metadata-versions.json: | - { - "name": "renku-core", - "versions": [ - {{- $printComma := false -}} - {{- range $key, $version := .Values.versions }} - {{- if $printComma }},{{ else }} {{- $printComma = true }} {{ end }} - { - "version": "{{ $version.image.tag }}", - "data": { - "metadata_version": "{{ $version.prefix }}" - } - } - {{- end }} - ] - } diff --git a/helm-chart/renku-core/templates/cronjob-serviceaccount.yaml b/helm-chart/renku-core/templates/cronjob-serviceaccount.yaml deleted file mode 100644 index 3b94c995d6..0000000000 --- a/helm-chart/renku-core/templates/cronjob-serviceaccount.yaml +++ /dev/null @@ -1,36 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "renku-core.fullname" $ }}-cleanup - labels: -{{ include "renku-core.labels" $ | indent 4 }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ include "renku-core.fullname" $ }}-cleanup - labels: -{{ include "renku-core.labels" $ | indent 4 }} -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ include "renku-core.fullname" $ }}-cleanup - labels: -{{ include "renku-core.labels" $ | indent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ include "renku-core.fullname" $ }}-cleanup -subjects: -- kind: ServiceAccount - name: {{ include "renku-core.fullname" $ }}-cleanup - namespace: {{ $.Release.Namespace }} diff --git a/helm-chart/renku-core/templates/deployment.yaml b/helm-chart/renku-core/templates/deployment.yaml deleted file mode 100644 index 08ccf913a0..0000000000 --- a/helm-chart/renku-core/templates/deployment.yaml +++ /dev/null @@ -1,289 +0,0 @@ -{{- range $version := .Values.versions }} ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "renku-core.fullname" $ }}-{{ $version.name }} - labels: - app.kubernetes.io/deploymentVersion: {{ $version.name }} -{{ include "renku-core.labels" $ | indent 4 }} -spec: - replicas: {{ $.Values.replicaCount }} - strategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 0 - maxSurge: 1 - selector: - matchLabels: - app.kubernetes.io/name: {{ include "renku-core.name" $ }} - app.kubernetes.io/instance: {{ $.Release.Name }} - app.kubernetes.io/deploymentVersion: {{ $version.name }} - template: - metadata: - annotations: - {{ if $.Values.metrics.enabled }} - prometheus.io/scrape: 'true' - prometheus.io/path: '/metrics' - prometheus.io/port: '8765' - {{ end }} - labels: - app.kubernetes.io/name: {{ include "renku-core.name" $ }} - app.kubernetes.io/instance: {{ $.Release.Name }} - app.kubernetes.io/deploymentVersion: {{ $version.name }} - {{ $.Values.global.redis.clientLabel | toYaml | nindent 8 }} - spec: - {{- with $.Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - volumes: - - name: shared-volume - emptyDir: {} - - name: metadata-versions - configMap: - name: {{ include "renku-core.fullname" $ }}-metadata-versions - {{- include "certificates.volumes" $ | nindent 8 }} - initContainers: - {{- include "certificates.initContainer" $ | nindent 8 }} - securityContext: - {{- toYaml $.Values.podSecurityContext | nindent 8 }} - automountServiceAccountToken: {{ $.Values.global.debug }} - containers: - {{ if $.Values.metrics.enabled }} - - name: {{ $.Chart.Name}}-rqmetrics - image: "{{ $.Values.metrics.image.repository }}:{{ $.Values.metrics.image.tag }}" - imagePullPolicy: {{ $.Values.metrics.image.pullPolicy }} - securityContext: - {{- toYaml $.Values.securityContext | nindent 12 }} - env: - - name: RQ_REDIS_HOST - value: {{ $.Values.global.redis.host | quote }} - - name: RQ_REDIS_PORT - value: {{ $.Values.global.redis.port | quote }} - - name: RQ_REDIS_DB - value: {{ $.Values.global.redis.dbIndex.coreService | quote }} - - name: RQ_REDIS_IS_SENTINEL - value: {{ $.Values.global.redis.sentinel.enabled | quote }} - - name: RQ_REDIS_MASTER_SET - value: {{ $.Values.global.redis.sentinel.masterSet | quote }} - - name: RQ_REDIS_PASS - valueFrom: - secretKeyRef: - name: {{ $.Values.global.redis.existingSecret }} - key: {{ $.Values.global.redis.existingSecretPasswordKey }} - # TODO: Deal with redis namespace properly in rqmetrics, then pass that on as well - {{ end }} - - name: {{ $.Chart.Name }} - image: "{{ $version.image.repository }}:{{ $version.image.tag }}" - imagePullPolicy: {{ $version.image.pullPolicy }} - securityContext: - {{- toYaml $.Values.securityContext | nindent 12 }} - args: ["service", "api"] - env: - - name: REDIS_HOST - value: {{ $.Values.global.redis.host | quote }} - - name: REDIS_PORT - value: {{ $.Values.global.redis.port | quote }} - - name: REDIS_DATABASE - value: {{ $.Values.global.redis.dbIndex.coreService | quote }} - - name: REDIS_IS_SENTINEL - value: {{ $.Values.global.redis.sentinel.enabled | quote }} - - name: REDIS_MASTER_SET - value: {{ $.Values.global.redis.sentinel.masterSet | quote }} - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: {{ $.Values.global.redis.existingSecret }} - key: {{ $.Values.global.redis.existingSecretPasswordKey }} - - name: REDIS_NAMESPACE - value: {{ $version.name }} - - name: CACHE_DIR - value: {{ $.Values.cacheDirectory }} - - name: PROJECT_CLONE_DEPTH_DEFAULT - value: {{ $.Values.projectCloneDepth | quote }} - - name: TEMPLATE_CLONE_DEPTH_DEFAULT - value: {{ $.Values.templateCloneDepth | quote }} - - name: MAX_CONTENT_LENGTH - value: {{ $.Values.maximumUploadSizeBytes | quote }} - - name: REQUEST_TIMEOUT - value: {{ $.Values.requestTimeout | quote }} - - name: CORE_SERVICE_PREFIX - value: /renku - - name: CORE_SERVICE_API_BASE_PATH - value: {{ $.Values.apiBasePath }} - - name: RENKU_SVC_SWAGGER_URL - value: /renku/openapi.json - - name: SERVICE_LOG_LEVEL - value: {{ $.Values.logLevel }} - - name: SENTRY_ENABLED - value: {{ $.Values.sentry.enabled | quote }} - - name: SENTRY_DSN - value: {{ $.Values.sentry.dsn }} - - name: SENTRY_SAMPLE_RATE - value: {{ $.Values.sentry.sampleRate | quote }} - - name: SENTRY_ENV - value: {{ $.Values.sentry.environment }} - {{ if $.Values.nWorkers }} - - name: RENKU_SVC_NUM_WORKERS - value: {{ $.Values.nWorkers | quote }} - {{ end }} - {{ if $.Values.nThreads }} - - name: RENKU_SVC_NUM_THREADS - value: {{ $.Values.nThreads | quote }} - {{ end }} - - name: GIT_LFS_SKIP_SMUDGE - value: {{ $.Values.gitLFSSkipSmudge | quote }} - - name: RENKU_DOMAIN - value: {{ $.Values.global.renku.domain }} - - name: RENKU_PROJECT_DEFAULT_CLI_VERSION - value: {{ $.Values.global.renku.cli_version | default "" | quote }} - - name: METADATA_VERSIONS_LIST - value: /svc/config/metadata-versions/metadata-versions.json - {{- include "certificates.env.python" $ | nindent 12 }} - volumeMounts: - - name: shared-volume - mountPath: {{ $.Values.cacheDirectory }} - - name: metadata-versions - mountPath: /svc/config/metadata-versions - {{- include "certificates.volumeMounts.system" $ | nindent 12 }} - ports: - - name: http - containerPort: 8080 - protocol: TCP - livenessProbe: - httpGet: - path: /health - port: http - readinessProbe: - httpGet: - path: /health - port: http - resources: - {{- toYaml $.Values.resources.core | nindent 12 }} - - name: {{ $.Chart.Name }}-datasets-workers - image: "{{ $version.image.repository }}:{{ $version.image.tag }}" - imagePullPolicy: {{ $version.image.pullPolicy }} - securityContext: - {{- toYaml $.Values.securityContext | nindent 12 }} - args: ["service", "worker"] - env: - - name: REDIS_HOST - value: {{ $.Values.global.redis.host | quote }} - - name: REDIS_PORT - value: {{ $.Values.global.redis.port | quote }} - - name: REDIS_DATABASE - value: {{ $.Values.global.redis.dbIndex.coreService | quote }} - - name: REDIS_IS_SENTINEL - value: {{ $.Values.global.redis.sentinel.enabled | quote }} - - name: REDIS_MASTER_SET - value: {{ $.Values.global.redis.sentinel.masterSet | quote }} - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: {{ $.Values.global.redis.existingSecret }} - key: {{ $.Values.global.redis.existingSecretPasswordKey }} - - name: REDIS_NAMESPACE - value: {{ $version.name }} - - name: RENKU_JWT_TOKEN_SECRET - value: {{ $.Values.jwtTokenSecret }} - - name: CACHE_DIR - value: {{ $.Values.cacheDirectory }} - - name: RENKU_SVC_CLEANUP_INTERVAL - value: {{ $.Values.cleanupInterval | quote }} - - name: RENKU_SVC_WORKER_QUEUES - value: {{ $.Values.datasetsWorkerQueues}} - - name: RENKU_SVC_CLEANUP_TTL_FILES - value: {{ $.Values.cleanupFilesTTL | quote }} - - name: RENKU_SVC_CLEANUP_TTL_PROJECTS - value: {{ $.Values.cleanupProjectsTTL | quote }} - - name: DEPLOYMENT_LOG_LEVEL - value: {{ $.Values.logLevel }} - - name: SENTRY_ENABLED - value: {{ $.Values.sentry.enabled | quote }} - - name: SENTRY_DSN - value: {{ $.Values.sentry.dsn }} - - name: SENTRY_SAMPLE_RATE - value: {{ $.Values.sentry.sampleRate | quote }} - - name: SENTRY_ENV - value: {{ $.Values.sentry.environment }} - - name: GIT_LFS_SKIP_SMUDGE - value: {{ $.Values.gitLFSSkipSmudge | quote }} - - name: RENKU_DOMAIN - value: {{ $.Values.global.renku.domain }} - {{- include "certificates.env.python" $ | nindent 12 }} - volumeMounts: - - name: shared-volume - mountPath: {{ $.Values.cacheDirectory }} - {{- include "certificates.volumeMounts.system" $ | nindent 12 }} - resources: - {{- toYaml $.Values.resources.datasetsWorkers | nindent 12 }} - - - name: {{ $.Chart.Name }}-management-workers - image: "{{ $version.image.repository }}:{{ $version.image.tag }}" - imagePullPolicy: {{ $version.image.pullPolicy }} - securityContext: - {{- toYaml $.Values.securityContext | nindent 12 }} - args: ["service", "worker"] - env: - - name: REDIS_HOST - value: {{ $.Values.global.redis.host | quote }} - - name: REDIS_PORT - value: {{ $.Values.global.redis.port | quote }} - - name: REDIS_DATABASE - value: {{ $.Values.global.redis.dbIndex.coreService | quote }} - - name: REDIS_IS_SENTINEL - value: {{ $.Values.global.redis.sentinel.enabled | quote }} - - name: REDIS_MASTER_SET - value: {{ $.Values.global.redis.sentinel.masterSet | quote }} - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: {{ $.Values.global.redis.existingSecret }} - key: {{ $.Values.global.redis.existingSecretPasswordKey }} - - name: REDIS_NAMESPACE - value: {{ $version.name }} - - name: CACHE_DIR - value: {{ $.Values.cacheDirectory }} - - name: RENKU_SVC_CLEANUP_INTERVAL - value: {{ $.Values.cleanupInterval | quote }} - - name: RENKU_SVC_WORKER_QUEUES - value: {{ $.Values.managementWorkerQueues }} - - name: RENKU_SVC_CLEANUP_TTL_FILES - value: {{ $.Values.cleanupFilesTTL | quote }} - - name: RENKU_SVC_CLEANUP_TTL_PROJECTS - value: {{ $.Values.cleanupProjectsTTL | quote }} - - name: DEPLOYMENT_LOG_LEVEL - value: {{ $.Values.logLevel }} - - name: SENTRY_ENABLED - value: {{ $.Values.sentry.enabled | quote }} - - name: SENTRY_DSN - value: {{ $.Values.sentry.dsn }} - - name: SENTRY_SAMPLE_RATE - value: {{ $.Values.sentry.sampleRate | quote }} - - name: SENTRY_ENV - value: {{ $.Values.sentry.environment }} - - name: GIT_LFS_SKIP_SMUDGE - value: {{ $.Values.gitLFSSkipSmudge | quote }} - - name: RENKU_DOMAIN - value: {{ $.Values.global.renku.domain }} - {{- include "certificates.env.python" $ | nindent 12 }} - volumeMounts: - - name: shared-volume - mountPath: {{ $.Values.cacheDirectory }} - {{- include "certificates.volumeMounts.system" $ | nindent 12 }} - resources: - {{- toYaml $.Values.resources.scheduler | nindent 12 }} - {{- with $.Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $.Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $.Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} -{{ end }} diff --git a/helm-chart/renku-core/templates/hpa.yaml b/helm-chart/renku-core/templates/hpa.yaml deleted file mode 100644 index 3ce0b9ee87..0000000000 --- a/helm-chart/renku-core/templates/hpa.yaml +++ /dev/null @@ -1,29 +0,0 @@ -{{- range $version := .Values.versions }} ---- -{{- if $.Capabilities.APIVersions.Has "autoscaling/v2" }} -apiVersion: autoscaling/v2 -{{- else if $.Capabilities.APIVersions.Has "autoscaling/v2beta2" }} -apiVersion: autoscaling/v2beta2 -{{- else if $.Capabilities.APIVersions.Has "autoscaling/v2beta1" }} -apiVersion: autoscaling/v2beta1 -{{- else }} - {{- fail "ERROR: You must have at least autoscaling/v2beta1 to use HorizontalPodAutoscaler" }} -{{- end }} -kind: HorizontalPodAutoscaler -metadata: - name: {{ include "renku-core.fullname" $ }}-{{ $version.name }} -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: {{ include "renku-core.fullname" $ }}-{{ $version.name }} - minReplicas: {{ $.Values.horizontalPodAutoscaling.minReplicas }} - maxReplicas: {{ $.Values.horizontalPodAutoscaling.maxReplicas }} - metrics: - - type: Resource - resource: - name: memory - target: - type: Utilization - averageUtilization: {{ $.Values.horizontalPodAutoscaling.averageMemoryUtilization }} -{{ end }} diff --git a/helm-chart/renku-core/templates/pdb.yaml b/helm-chart/renku-core/templates/pdb.yaml deleted file mode 100644 index 6bbba04907..0000000000 --- a/helm-chart/renku-core/templates/pdb.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- range $version := .Values.versions }} ---- -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: {{ include "renku-core.fullname" $ }}-{{ $version.name }} -spec: - minAvailable: 1 - selector: - matchLabels: - app.kubernetes.io/deploymentVersion: {{ $version.name }} -{{ end }} diff --git a/helm-chart/renku-core/templates/service.yaml b/helm-chart/renku-core/templates/service.yaml deleted file mode 100644 index a85f29fc0c..0000000000 --- a/helm-chart/renku-core/templates/service.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- range $version := .Values.versions }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ include "renku-core.fullname" $ }}-{{ $version.name }} - labels: - app.kubernetes.io/deploymentVersion: {{ $version.name }} -{{ include "renku-core.labels" $ | indent 4 }} -spec: - type: {{ $.Values.service.type }} - ports: - - port: {{ $.Values.service.port }} - targetPort: http - protocol: TCP - name: http - selector: - app.kubernetes.io/name: {{ include "renku-core.name" $ }} - app.kubernetes.io/instance: {{ $.Release.Name }} - app.kubernetes.io/deploymentVersion: {{ $version.name }} -{{ end }} diff --git a/helm-chart/renku-core/values.schema.json b/helm-chart/renku-core/values.schema.json deleted file mode 100644 index b814c0f133..0000000000 --- a/helm-chart/renku-core/values.schema.json +++ /dev/null @@ -1,258 +0,0 @@ -{ - "$schema": "https://json-schema.org/draft-07/schema#", - "properties": { - "replicaCount": { - "description": "The number of replicas of the service workers to deploy", - "type": "integer", - "minimum": 0 - }, - "cacheDirectory": { - "description": "The directory the project cache is in", - "type": "string", - "pattern": "^(/[^/]+)+$" - }, - "cleanupInterval": { - "description": "Interval for cache cleanup", - "type": "integer", - "minimum": 0 - }, - "projectCloneDepth": { - "description": "Depth of git clone in cache", - "type": "integer", - "minimum": 1 - }, - "templateCloneDepth": { - "description": "Depth of git clone for templates", - "type": "integer", - "minimum": 1 - }, - "maximumUploadSizeBytes": { - "description": "Maximum allowed file upload size.", - "type": "string", - "minimum": 1, - "pattern": "^\\d+" - }, - "requestTimeout": { - "description": "Time before requests time out.", - "type": "integer" - }, - "datasetsWorkerQueues": { - "description": "Name of the worker queue for dataset jobs", - "type": "string" - }, - "managementWorkerQueues": { - "description": "Name of the worker queue for management jobs", - "type": "string" - }, - "cleanupFilesTTL": { - "description": "Time to live for uploaded files", - "type": "integer", - "minimum": 0 - }, - "cleanupProjectsTTL": { - "description": "Time to live for projects in cache", - "type": "integer", - "minimum": 0 - }, - "logLevel": { - "description": "Logging level", - "type": "string" - }, - "gitLFSSkipSmudge": { - "description": "Whether to download files from LFS when cloning a project", - "type": "integer", - "minimum": 0, - "maximum": 1 - }, - "nWorkers": { - "description": "Number of gunicorn workers for the service", - "type": "integer", - "minimum": 1 - }, - "nThreads": { - "description": "Number of gunicorn threads per worker for the service", - "type": "integer", - "minimum": 1 - }, - "jwtTokenSecret": { - "description": "Secret to encrypt jwt tokens", - "type": "string", - "minLength": 32 - }, - "imagePullSecrets": { - "description": "Secrets necessary for pulling the image", - "type": "array", - "items": { - "type": "object" - } - }, - "service": { - "description": "Kubernetes service definition", - "properties": { - "type": { - "description": "The type of kubernetes service", - "type": "string" - }, - "port": { - "description": "The port of the kubernetes service", - "type": "integer", - "minimum": 1 - } - }, - "type": "object" - }, - "metrics": { - "description": "Definition of Redis Queue metrics", - "properties": { - "enabled":{ - "description": "whether to enable redis queue metrics", - "type":"boolean" - }, - "image": { - "description": "Image settings for rq metrics", - "properties": { - "repository": { - "type": "string" - }, - "tag": { - "type": "string" - }, - "pullPolicy": { - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "resources": { - "description": "Kubenetes resource requests/limites (cpu/memory/etc.) to request", - "type": "object" - }, - "nodeSelector": { - "description": "Node selector for deployment", - "type": "object" - }, - "horizontalPodAutoscaling": { - "description": "Setup for scaling the core service", - "type": "object", - "properties": { - "minReplicas": { - "description": "Flag to turn on/off Sentry", - "type": "integer", - "minimum": 1 - }, - "maxReplicas": { - "description": "URI of the sentry Data Source Name", - "type": "integer", - "minimum": 1 - }, - "averageMemoryUtilization": { - "description": "Name of the sentry environment to post to", - "type": "integer", - "exclusiveMinimum": 0, - "exclusiveMaximum": 100 - } - } - }, - "tolerations": { - "description": "Tolerations for deployment", - "items": { - "type": "object" - }, - "type": "array" - }, - "affinity": { - "description": "Affinity for deployment", - "type": "object" - }, - "sentry": { - "description": "Definition of sentry instance to use to log warnings/errors", - "properties": { - "enabled": { - "description": "Flag to turn on/off Sentry", - "type": "boolean" - }, - "dsn": { - "description": "URI of the sentry Data Source Name", - "type": ["string", "null"] - }, - "environment": { - "description": "Name of the sentry environment to post to", - "type": ["string", "null"] - }, - "sampleRate": { - "description": "Portion of requests to track in Sentry performance tracing", - "type": ["number", "null"] - } - }, - "type": "object" - }, - "versions": { - "description": "A map of different service deployments", - "type": "object", - "required": ["latest"], - "additionalProperties": { - "type": "object", - "properties": { - "name": { - "type": "string" - }, - "prefix": { - "description": "Prefix for deployment's API route", - "type": "string" - }, - "nameOverride": { - "description": "Override for the chart name", - "type": "string" - }, - "fullnameOverride": { - "description": "Override for the chart fullname", - "type": "string" - }, - "image": { - "description": "Docker image settings", - "properties": { - "repository": { - "type": "string" - }, - "tag": { - "type": "string" - }, - "pullPolicy": { - "type": "string" - } - }, - "type": "object" - } - }, - "required": [ - "name", - "prefix", - "image" - ] - } - } - }, - "required": [ - "replicaCount", - "cacheDirectory", - "cleanupInterval", - "projectCloneDepth", - "templateCloneDepth", - "datasetsWorkerQueues", - "managementWorkerQueues", - "cleanupFilesTTL", - "cleanupProjectsTTL", - "logLevel", - "gitLFSSkipSmudge", - "jwtTokenSecret", - "service", - "metrics", - "sentry", - "versions" - ], - "title": "Values", - "type": "object" - } diff --git a/helm-chart/renku-core/values.yaml b/helm-chart/renku-core/values.yaml index e5477fc60b..853a834460 100644 --- a/helm-chart/renku-core/values.yaml +++ b/helm-chart/renku-core/values.yaml @@ -1,112 +1,7 @@ -# Default values for renku-core. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -replicaCount: 2 global: - ## Specify a secret that containes the certificate - ## if you would like to use a custom CA. The key for the secret - ## should have the .crt extension otherwise it is ignored. The - ## keys across all secrets are mounted as files in one location so - ## the keys across all secrets have to be unique. - certificates: - image: - repository: renku/certificates - tag: '0.0.2' - customCAs: [] - # - secret: - ## Redis configuration. This is where renku-core expects to find - ## a functioning redis instance and credentials to connect to it. - redis: - sentinel: - enabled: true - masterSet: mymaster - dbIndex: - coreService: "1" - host: renku-redis - port: 26379 - clientLabel: - renku-redis-host: "true" - existingSecret: redis-secret - existingSecretPasswordKey: redis-password - debug: false -# base path - this is the reverse proxy base path -apiBasePath: /api -cacheDirectory: /svc/cache -cleanupInterval: 60 # NOTE: This needs to be a divisor of, and less than cleanupFilesTTL|cleanupProjectsTTL. -projectCloneDepth: 1 -templateCloneDepth: 1 -maximumUploadSizeBytes: "1073741824" # 1 Gigabyte, store as string to keep Helm from converting it to scientific notation -requestTimeout: 600 -datasetsWorkerQueues: datasets.jobs,delayed.ctrl.DatasetsCreateCtrl,delayed.ctrl.DatasetsAddFileCtrl,delayed.ctrl.DatasetsRemoveCtrl,delayed.ctrl.DatasetsImportCtrl,delayed.ctrl.DatasetsEditCtrl,delayed.ctrl.DatasetsUnlinkCtrl -managementWorkerQueues: cache.cleanup.files,cache.cleanup.projects,delayed.ctrl.MigrateProjectCtrl,delayed.ctrl.SetConfigCtrl -cleanupFilesTTL: 1800 -cleanupProjectsTTL: 1800 -logLevel: INFO -# override to automatically pull LFS data on clone -gitLFSSkipSmudge: 1 -# Concurrency settings for the main service: -# the default it 4 workers with 8 threads set in the Dockerfile -nWorkers: 4 -nThreads: 8 -# NOTE: Make sure token secret is greater or equal to 32 bytes. -jwtTokenSecret: bW9menZ3cnh6cWpkcHVuZ3F5aWJycmJn -imagePullSecrets: [] -nameOverride: "" -fullnameOverride: "" -service: - type: ClusterIP - port: 80 -metrics: - enabled: false - image: - repository: renku/rqmetrics - tag: 0.0.2 - pullPolicy: IfNotPresent -resources: - core: {} - rqmetrics: {} - datasetsWorkers: {} - managementWorkers: {} - scheduler: {} -# nodeSelector: {} - -# tolerations: [] - -# affinity: {} - -## Add sentry configuration -sentry: - enabled: false - dsn: - environment: - sampleRate: 0.2 -# versions is the list of different deployment that support different metadata versions. -versions: - latest: - name: v10 - prefix: "10" - nameOverride: "" - fullnameOverride: "" - image: - repository: renku/renku-core - tag: "v2.7.0" - pullPolicy: IfNotPresent - v9: - name: v9 - prefix: "9" - nameOverride: "" - fullnameOverride: "" - image: - repository: renku/renku-core - tag: "v1.11.4" - pullPolicy: IfNotPresent -podSecurityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 100 -securityContext: - allowPrivilegeEscalation: false -horizontalPodAutoscaling: - minReplicas: 2 - maxReplicas: 10 - averageMemoryUtilization: 50 + core: + versions: + latest: + image: + repository: renku/renku-core + tag: "v2.7.0"