diff --git a/charts/allure-ee/Chart.yaml b/charts/allure-ee/Chart.yaml index 2c73c45..4754a85 100644 --- a/charts/allure-ee/Chart.yaml +++ b/charts/allure-ee/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 name: allure-ee -version: 1.9.7 +version: 1.9.8 appVersion: 3.188.3 diff --git a/charts/allure-ee/requirements.yaml b/charts/allure-ee/requirements.yaml index ba71efa..c9d9942 100644 --- a/charts/allure-ee/requirements.yaml +++ b/charts/allure-ee/requirements.yaml @@ -1,13 +1,18 @@ +--- dependencies: - name: rabbitmq - version: ~6.18.0 - repository: https://charts.helm.sh/stable + version: ~8.26.0 + repository: https://charts.bitnami.com/bitnami condition: rabbitmq.enabled - name: postgresql - version: ~8.4.0 - repository: https://charts.helm.sh/stable + version: ~10.3.18 + repository: https://charts.bitnami.com/bitnami condition: postgresql.enabled - name: redis - version: ~10.5.6 - repository: https://charts.helm.sh/stable - condition: redis.enabled \ No newline at end of file + version: ~10.0.0 + repository: https://charts.bitnami.com/bitnami + condition: redis.enabled + - name: minio + version: 10.0.1 + repository: https://charts.bitnami.com/bitnami + condition: minio.enabled diff --git a/charts/allure-ee/templates/_helpers.tpl b/charts/allure-ee/templates/_helpers.tpl index a4090dd..4fd8396 100644 --- a/charts/allure-ee/templates/_helpers.tpl +++ b/charts/allure-ee/templates/_helpers.tpl @@ -54,6 +54,14 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this {{- printf "%s-%s" .Release.Name "rabbitmq" | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{/* +Create a default fully qualified minio name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "allure-ee.minio.fullname" -}} +{{- printf "%s-%s" .Release.Name "minio" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{/* Create a default fully qualified postgresql name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). diff --git a/charts/allure-ee/templates/gateway-dep.yaml b/charts/allure-ee/templates/allure/gateway-dep.yaml similarity index 69% rename from charts/allure-ee/templates/gateway-dep.yaml rename to charts/allure-ee/templates/allure/gateway-dep.yaml index 75b0cbf..f8abfc0 100644 --- a/charts/allure-ee/templates/gateway-dep.yaml +++ b/charts/allure-ee/templates/allure/gateway-dep.yaml @@ -1,30 +1,41 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: name: {{ template "allure-ee.gateway.fullname" . }} labels: app: {{ template "allure-ee.gateway.fullname" . }} + version: v1 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" spec: replicas: {{ .Values.gateway.replicaCount }} strategy: -{{ toYaml .Values.gateway.strategy | indent 4 }} +{{ toYaml .Values.strategy | indent 4 }} selector: matchLabels: app: {{ template "allure-ee.gateway.fullname" . }} + version: v1 template: metadata: labels: app: {{ template "allure-ee.gateway.fullname" . }} + version: v1 + annotations: + prometheus.io/path: /management/prometheus + prometheus.io/port: "{{ .Values.gateway.service.port }}" + prometheus.io/scrape: "true" + co.elastic.logs/multiline.pattern: "^[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:" + co.elastic.logs/multiline.match: after + co.elastic.logs/multiline.negate: "true" spec: {{- if .Values.rbac.enabled }} serviceAccountName: {{ template "allure-ee.name" . }} {{- end }} -{{- if .Values.imagePullSecret }} +{{- if .Values.registry.enabled }} imagePullSecrets: - - name: {{ .Values.imagePullSecret }} + - name: {{ .Values.registry.imagePullSecret }} {{- end }} tolerations: {{ toYaml .Values.gateway.tolerations | indent 8 }} @@ -38,12 +49,16 @@ spec: {{- end }} containers: - name: {{ template "allure-ee.gateway.fullname" . }} - image: {{ .Values.gateway.image.repository }}:{{ .Values.version }} - imagePullPolicy: {{ .Values.gateway.image.pullPolicy }} + image: {{ .Values.registry.name }}{{ .Values.gateway.image }}:{{ .Values.version | default .Chart.AppVersion }} + imagePullPolicy: {{ .Values.registry.pullPolicy }} + securityContext: + runAsUser: {{ .Values.runAsUser }} ports: - name: http - containerPort: 8080 + containerPort: {{ .Values.gateway.service.port }} env: + - name: SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_JWKSETURI + value: http://{{ template "allure-ee.uaa.fullname" . }}:{{ .Values.uaa.service.port }}{{ .Values.uaa.env.open.SERVER_SERVLET_CONTEXTPATH }}.well-known/jwks.json {{- range $name, $value := .Values.gateway.env.open }} - name: {{ $name | quote }} value: {{ $value | quote }} diff --git a/charts/allure-ee/templates/gateway-svc.yaml b/charts/allure-ee/templates/allure/gateway-svc.yaml similarity index 62% rename from charts/allure-ee/templates/gateway-svc.yaml rename to charts/allure-ee/templates/allure/gateway-svc.yaml index 386a30d..2799fa6 100644 --- a/charts/allure-ee/templates/gateway-svc.yaml +++ b/charts/allure-ee/templates/allure/gateway-svc.yaml @@ -5,6 +5,7 @@ metadata: name: {{ template "allure-ee.gateway.fullname" . }} labels: app: {{ template "allure-ee.gateway.fullname" . }} + version: v1 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" @@ -15,14 +16,9 @@ metadata: spec: selector: app: {{ template "allure-ee.gateway.fullname" . }} + version: v1 ports: - name: http - targetPort: 8080 + targetPort: {{ .Values.gateway.service.port }} port: {{ .Values.gateway.service.port }} - type: {{ .Values.gateway.service.type }} -{{- if .Values.gateway.service.loadBalancerIp -}} - loadBalancerIP: {{ .Values.gateway.service.loadBalancerIp }} -{{- end -}} -{{- if .Values.gateway.service.externalTrafficPolicy -}} - externalTrafficPolicy: {{ .Values.gateway.service.externalTrafficPolicy }} -{{- end -}} + type: ClusterIP diff --git a/charts/allure-ee/templates/report-dep.yaml b/charts/allure-ee/templates/allure/report-dep.yaml similarity index 55% rename from charts/allure-ee/templates/report-dep.yaml rename to charts/allure-ee/templates/allure/report-dep.yaml index a486b8c..63ad490 100644 --- a/charts/allure-ee/templates/report-dep.yaml +++ b/charts/allure-ee/templates/allure/report-dep.yaml @@ -1,30 +1,41 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: name: {{ template "allure-ee.report.fullname" . }} labels: app: {{ template "allure-ee.report.fullname" . }} + version: v1 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" spec: replicas: {{ .Values.report.replicaCount }} strategy: -{{ toYaml .Values.report.strategy | indent 4 }} +{{ toYaml .Values.strategy | indent 4 }} selector: matchLabels: app: {{ template "allure-ee.report.fullname" . }} + version: v1 template: metadata: labels: app: {{ template "allure-ee.report.fullname" . }} + version: v1 + annotations: + prometheus.io/path: /rs/management/prometheus + prometheus.io/port: "{{ .Values.report.service.port }}" + prometheus.io/scrape: "true" + co.elastic.logs/multiline.pattern: "^[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:" + co.elastic.logs/multiline.match: after + co.elastic.logs/multiline.negate: "true" spec: {{- if .Values.rbac.enabled }} serviceAccountName: {{ template "allure-ee.name" . }} {{- end }} -{{- if .Values.imagePullSecret }} +{{- if .Values.registry.enabled }} imagePullSecrets: - - name: {{ .Values.imagePullSecret }} + - name: {{ .Values.registry.imagePullSecret }} {{- end }} tolerations: {{ toYaml .Values.report.tolerations | indent 8 }} @@ -38,19 +49,29 @@ spec: {{- end }} containers: - name: {{ template "allure-ee.report.fullname" . }} - image: {{ .Values.report.image.repository }}:{{ .Values.version }} - imagePullPolicy: {{ .Values.report.image.pullPolicy }} + image: {{ .Values.registry.name }}{{ .Values.report.image }}:{{ .Values.version | default .Chart.AppVersion }} + imagePullPolicy: {{ .Values.registry.pullPolicy }} + securityContext: + runAsUser: {{ .Values.runAsUser }} ports: - name: http containerPort: 8081 env: + - name: ALLURE_ENDPOINT +{{- if .Values.network.tls.enabled }} + value: https://{{ .Values.host }} +{{- else }} + value: http://{{ .Values.host }} + - name: SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_JWKSETURI + value: http://{{ template "allure-ee.uaa.fullname" . }}:{{ .Values.uaa.service.port }}{{ .Values.uaa.env.open.SERVER_SERVLET_CONTEXTPATH }}.well-known/jwks.json +{{- end }} {{- if .Values.rabbitmq.enabled }} - name: SPRING_RABBITMQ_HOST value: {{ template "allure-ee.rabbitmq.fullname" . }} - name: SPRING_RABBITMQ_USERNAME - value: {{ .Values.rabbitmq.rabbitmq.username }} + value: {{ .Values.rabbitmq.auth.username }} - name: SPRING_RABBITMQ_PASSWORD - value: {{ .Values.rabbitmq.rabbitmq.password }} + value: {{ .Values.rabbitmq.auth.password }} {{- end }} {{- if .Values.postgresql.enabled }} - name: SPRING_DATASOURCE_URL @@ -59,12 +80,27 @@ spec: value: {{ .Values.postgresql.postgresqlUsername }} - name: SPRING_DATASOURCE_PASSWORD value: {{ .Values.postgresql.postgresqlPassword }} - - name: SPRING_DATASOURCE_DRIVER_CLASS_NAME - value: org.postgresql.Driver - - name: SPRING_JPA_DATABASE_PLATFORM - value: org.hibernate.dialect.PostgreSQL9Dialect - - name: SPRING_JPA_PROPERTIES_HIBERNATE_GLOBALLY_QUOTED_IDENTIFIERS - value: 'true' +{{- end }} +{{- if .Values.minio.enabled }} + - name: ALLURE_BLOBSTORAGE_TYPE + value: S3 + - name: ALLURE_BLOBSTORAGE_S3_ENDPOINT + value: "http://{{ template "allure-ee.minio.fullname" . }}:{{ .Values.minio.service.ports.api }}" + - name: ALLURE_BLOBSTORAGE_S3_BUCKET + value: {{ .Values.minio.defaultBuckets }} + - name: ALLURE_BLOBSTORAGE_S3_REGION + value: {{ .Values.minio.defaultRegion }} + - name: ALLURE_BLOBSTORAGE_S3_ACCESSKEY + value: {{ .Values.minio.auth.rootUser }} + - name: ALLURE_BLOBSTORAGE_S3_SECRETKEY + value: {{ .Values.minio.auth.rootPassword }} + - name: ALLURE_BLOBSTORAGE_S3_PATHSTYLEACCESS + value: "{{ .Values.file_system.pathstyle }}" +{{- else }} + - name: ALLURE_BLOBSTORAGE_TYPE + value: FILE_SYSTEM + - name: ALLURE_BLOBSTORAGE_FILESYSTEM_DIRECTORY + value: /data {{- end }} {{- range $name, $value := .Values.report.env.open }} - name: {{ $name | quote }} @@ -88,18 +124,18 @@ spec: {{- if .Values.report.probes.enabled }} livenessProbe: httpGet: - path: /rs/management/health + path: {{ .Values.report.env.open.SERVER_SERVLET_CONTEXTPATH }}management/health port: http {{ toYaml .Values.report.probes.liveness.probe | indent 10 }} readinessProbe: httpGet: - path: /rs/management/health + path: {{ .Values.report.env.open.SERVER_SERVLET_CONTEXTPATH }}management/health port: http {{ toYaml .Values.report.probes.readiness.probe | indent 10 }} {{- end }} -{{- if eq .Values.report.env.open.ALLURE_BLOBSTORAGE_TYPE "FILE_SYSTEM" }} +{{- if .Values.file_system.has_legacy_volume }} volumeMounts: - - mountPath: "{{ .Values.report.env.open.ALLURE_BLOBSTORAGE_FILESYSTEM_DIRECTORY }}" + - mountPath: "{{ .Values.file_system.legacy_directory }}" name: storage-volume {{- end }} {{- with .Values.report.resources }} diff --git a/charts/allure-ee/templates/report-pvc.yaml b/charts/allure-ee/templates/allure/report-pvc.yaml similarity index 100% rename from charts/allure-ee/templates/report-pvc.yaml rename to charts/allure-ee/templates/allure/report-pvc.yaml diff --git a/charts/allure-ee/templates/report-svc.yaml b/charts/allure-ee/templates/allure/report-svc.yaml similarity index 62% rename from charts/allure-ee/templates/report-svc.yaml rename to charts/allure-ee/templates/allure/report-svc.yaml index 00a935d..b231868 100644 --- a/charts/allure-ee/templates/report-svc.yaml +++ b/charts/allure-ee/templates/allure/report-svc.yaml @@ -5,6 +5,7 @@ metadata: name: {{ template "allure-ee.report.fullname" . }} labels: app: {{ template "allure-ee.report.fullname" . }} + version: v1 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" @@ -15,14 +16,9 @@ metadata: spec: selector: app: {{ template "allure-ee.report.fullname" . }} + version: v1 ports: - name: http - targetPort: 8081 + targetPort: {{ .Values.report.service.port }} port: {{ .Values.report.service.port }} - type: {{ .Values.report.service.type }} -{{- if .Values.report.service.loadBalancerIp -}} - loadBalancerIP: {{ .Values.report.service.loadBalancerIp }} -{{- end -}} -{{- if .Values.report.service.externalTrafficPolicy -}} - externalTrafficPolicy: {{ .Values.report.service.externalTrafficPolicy }} -{{- end -}} + type: ClusterIP diff --git a/charts/allure-ee/templates/uaa-dep.yaml b/charts/allure-ee/templates/allure/uaa-dep.yaml similarity index 68% rename from charts/allure-ee/templates/uaa-dep.yaml rename to charts/allure-ee/templates/allure/uaa-dep.yaml index 4cbef80..7218313 100644 --- a/charts/allure-ee/templates/uaa-dep.yaml +++ b/charts/allure-ee/templates/allure/uaa-dep.yaml @@ -4,27 +4,37 @@ metadata: name: {{ template "allure-ee.uaa.fullname" . }} labels: app: {{ template "allure-ee.uaa.fullname" . }} + version: v1 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" spec: replicas: {{ .Values.uaa.replicaCount }} strategy: -{{ toYaml .Values.uaa.strategy | indent 4 }} +{{ toYaml .Values.strategy | indent 4 }} selector: matchLabels: app: {{ template "allure-ee.uaa.fullname" . }} + version: v1 template: metadata: labels: app: {{ template "allure-ee.uaa.fullname" . }} + version: v1 + annotations: + prometheus.io/path: /uaa/management/prometheus + prometheus.io/port: "{{ .Values.uaa.service.port }}" + prometheus.io/scrape: "true" + co.elastic.logs/multiline.pattern: "^[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:" + co.elastic.logs/multiline.match: after + co.elastic.logs/multiline.negate: "true" spec: {{- if .Values.rbac.enabled }} serviceAccountName: {{ template "allure-ee.name" . }} {{- end }} -{{- if .Values.imagePullSecret }} +{{- if .Values.registry.enabled }} imagePullSecrets: - - name: {{ .Values.imagePullSecret }} + - name: {{ .Values.registry.imagePullSecret }} {{- end }} tolerations: {{ toYaml .Values.uaa.tolerations | indent 8 }} @@ -38,12 +48,22 @@ spec: {{- end }} containers: - name: {{ template "allure-ee.uaa.fullname" . }} - image: {{ .Values.uaa.image.repository }}:{{ .Values.version }} - imagePullPolicy: {{ .Values.uaa.image.pullPolicy }} + image: {{ .Values.registry.name }}{{ .Values.uaa.image }}:{{ .Values.version | default .Chart.AppVersion }} + imagePullPolicy: {{ .Values.registry.pullPolicy }} + securityContext: + runAsUser: {{ .Values.runAsUser }} ports: - name: http containerPort: 8082 env: + - name: ALLURE_ENDPOINT +{{- if .Values.network.tls.enabled }} + value: https://{{ .Values.host }} +{{- else }} + value: http://{{ .Values.host }} + - name: SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_JWKSETURI + value: http://{{ template "allure-ee.uaa.fullname" . }}:{{ .Values.uaa.service.port }}{{ .Values.uaa.env.open.SERVER_SERVLET_CONTEXTPATH }}.well-known/jwks.json +{{- end }} {{- if .Values.postgresql.enabled }} - name: SPRING_DATASOURCE_URL value: jdbc:postgresql://{{ template "allure-ee.postgresql.fullname" . }}/uaa @@ -51,12 +71,6 @@ spec: value: {{ .Values.postgresql.postgresqlUsername }} - name: SPRING_DATASOURCE_PASSWORD value: {{ .Values.postgresql.postgresqlPassword }} - - name: SPRING_DATASOURCE_DRIVER_CLASS_NAME - value: org.postgresql.Driver - - name: SPRING_JPA_DATABASE_PLATFORM - value: org.hibernate.dialect.PostgreSQL9Dialect - - name: SPRING_JPA_PROPERTIES_HIBERNATE_GLOBALLY_QUOTED_IDENTIFIERS - value: 'true' {{- end }} {{- range $name, $value := .Values.uaa.env.open }} - name: {{ $name | quote }} @@ -95,12 +109,12 @@ spec: {{- if .Values.uaa.probes.enabled }} livenessProbe: httpGet: - path: /uaa/management/health + path: {{ .Values.uaa.env.open.SERVER_SERVLET_CONTEXTPATH }}management/health port: http {{ toYaml .Values.uaa.probes.liveness.probe | indent 10 }} readinessProbe: httpGet: - path: /uaa/management/health + path: {{ .Values.uaa.env.open.SERVER_SERVLET_CONTEXTPATH }}management/health port: http {{ toYaml .Values.uaa.probes.readiness.probe | indent 10 }} {{- end }} diff --git a/charts/allure-ee/templates/uaa-svc.yaml b/charts/allure-ee/templates/allure/uaa-svc.yaml similarity index 63% rename from charts/allure-ee/templates/uaa-svc.yaml rename to charts/allure-ee/templates/allure/uaa-svc.yaml index 767d410..8debf55 100644 --- a/charts/allure-ee/templates/uaa-svc.yaml +++ b/charts/allure-ee/templates/allure/uaa-svc.yaml @@ -5,6 +5,7 @@ metadata: name: {{ template "allure-ee.uaa.fullname" . }} labels: app: {{ template "allure-ee.uaa.fullname" . }} + version: v1 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" @@ -15,14 +16,9 @@ metadata: spec: selector: app: {{ template "allure-ee.uaa.fullname" . }} + version: v1 ports: - name: http - targetPort: 8082 + targetPort: {{ .Values.uaa.service.port }} port: {{ .Values.uaa.service.port }} - type: {{ .Values.uaa.service.type }} -{{- if .Values.uaa.service.loadBalancerIp -}} - loadBalancerIP: {{ .Values.uaa.service.loadBalancerIp }} -{{- end -}} -{{- if .Values.uaa.service.externalTrafficPolicy -}} - externalTrafficPolicy: {{ .Values.uaa.service.externalTrafficPolicy }} -{{- end -}} + type: ClusterIP diff --git a/charts/allure-ee/templates/role.yaml b/charts/allure-ee/templates/infra/role.yaml similarity index 100% rename from charts/allure-ee/templates/role.yaml rename to charts/allure-ee/templates/infra/role.yaml diff --git a/charts/allure-ee/templates/rolebinding.yaml b/charts/allure-ee/templates/infra/rolebinding.yaml similarity index 100% rename from charts/allure-ee/templates/rolebinding.yaml rename to charts/allure-ee/templates/infra/rolebinding.yaml diff --git a/charts/allure-ee/templates/secret.yaml b/charts/allure-ee/templates/infra/secret.yaml similarity index 94% rename from charts/allure-ee/templates/secret.yaml rename to charts/allure-ee/templates/infra/secret.yaml index 17039bc..38909dd 100644 --- a/charts/allure-ee/templates/secret.yaml +++ b/charts/allure-ee/templates/infra/secret.yaml @@ -17,6 +17,8 @@ data: {{- end }} {{- if .Values.jwtSecret }} jwtSecret: {{ .Values.jwtSecret | b64enc | quote }} +{{- else }} + jwtSecret: {{ randAlphaNum 64 | b64enc | quote }} {{- end }} {{- range $name, $value := .Values.gateway.env.secret }} {{- if not (empty $value) }} diff --git a/charts/allure-ee/templates/serviceaccount.yaml b/charts/allure-ee/templates/infra/serviceaccount.yaml similarity index 100% rename from charts/allure-ee/templates/serviceaccount.yaml rename to charts/allure-ee/templates/infra/serviceaccount.yaml diff --git a/charts/allure-ee/templates/ingress.yaml b/charts/allure-ee/templates/network/ingress.yaml similarity index 59% rename from charts/allure-ee/templates/ingress.yaml rename to charts/allure-ee/templates/network/ingress.yaml index dfdcd6d..087831e 100644 --- a/charts/allure-ee/templates/ingress.yaml +++ b/charts/allure-ee/templates/network/ingress.yaml @@ -1,4 +1,5 @@ -{{- if .Values.ingress.host }} +--- +{{- if .Values.network.ingress.enabled }} apiVersion: networking.k8s.io/v1 kind: Ingress metadata: @@ -8,16 +9,16 @@ metadata: chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" -{{- if .Values.ingress.annotations }} +{{- if .Values.network.ingress.annotations }} annotations: -{{ toYaml .Values.ingress.annotations | indent 4 }} +{{ toYaml .Values.network.ingress.annotations | indent 4 }} {{- end }} spec: -{{- if .Values.ingress.className }} - ingressClassName: {{ .Values.ingress.className }} +{{- if .Values.network.ingress.className }} + ingressClassName: {{ .Values.network.ingress.className }} {{- end }} rules: - - host: {{ .Values.ingress.host | quote }} + - host: {{ .Values.host | quote }} http: paths: - path: / @@ -27,8 +28,10 @@ spec: name: {{ template "allure-ee.gateway.fullname" . }} port: number: {{ .Values.gateway.service.port }} -{{- if .Values.ingress.tls }} +{{- if .Values.network.tls.enabled }} tls: -{{ toYaml .Values.ingress.tls | indent 4 }} + - secretName: {{ template "allure-ee.fullname" . }} + hosts: + - {{ .Values.host . }} {{- end -}} {{- end -}} diff --git a/charts/allure-ee/templates/network/istio.yaml b/charts/allure-ee/templates/network/istio.yaml new file mode 100644 index 0000000..3daad62 --- /dev/null +++ b/charts/allure-ee/templates/network/istio.yaml @@ -0,0 +1,56 @@ +{{- if .Values.network.istio.enabled }} +--- +apiVersion: networking.istio.io/v1beta1 +kind: Gateway +metadata: + name: {{ template "allure-ee.fullname" . }} +spec: + selector: + "{{ .Values.network.istio.gateway.selector }}": {{ .Values.network.istio.gateway.name }} + servers: + - hosts: + - {{ .Values.host }} + port: + number: 80 + name: http + protocol: HTTP +{{- if .Values.network.tls.enabled }} + tls: + httpsRedirect: true + - hosts: + - {{ .Values.host }} + port: + number: 443 + name: https + protocol: HTTPS + tls: + mode: SIMPLE + credentialName: {{ .Values.network.tls.secretName }} +{{- end }} +--- +apiVersion: networking.istio.io/v1beta1 +kind: VirtualService +metadata: + name: {{ template "allure-ee.fullname" . }} +spec: + gateways: + - {{ template "allure-ee.fullname" . }} + hosts: + - {{ .Values.host }} + http: + - match: + - uri: + prefix: / + route: + - destination: + host: {{ template "allure-ee.gateway.fullname" . }} + port: + number: {{ .Values.gateway.service.port }} + headers: + response: + add: + Content-Security-Policy: "frame-ancestors 'self' {{ .Values.network.istio.domain_exceptions }}" +{{- if .Values.network.tls.hstsEnabled }} + Strict-Transport-Security: "max-age=63072000; includeSubDomains; preload;" +{{- end }} +{{- end }} diff --git a/charts/allure-ee/values-custom.yaml b/charts/allure-ee/values-custom.yaml deleted file mode 100644 index da45758..0000000 --- a/charts/allure-ee/values-custom.yaml +++ /dev/null @@ -1,23 +0,0 @@ -rabbitmq: - resources: - requests: - memory: 256Mi - cpu: 100m - -ui: - resources: - requests: - memory: 256Mi - cpu: 250m - -uaa: - resources: - requests: - memory: 256Mi - cpu: 500m - -report: - resources: - requests: - memory: 1024Mi - cpu: 1000m diff --git a/charts/allure-ee/values.yaml b/charts/allure-ee/values.yaml index fd7eb1f..ca8ed69 100644 --- a/charts/allure-ee/values.yaml +++ b/charts/allure-ee/values.yaml @@ -1,9 +1,21 @@ version: 3.188.3 +# Credentials for accessing AllureTestOps as Admin on default auth scheme username: admin password: admin -# imagePullSecret: allure-server +# Security Context +runAsUser: 65534 + +# your-domain.tld +host: localhost + +# Registry Auth +registry: + enabled: false # Private registry or Proxy like Nexus + name: allure/ # Prefix with registry name, should end with / + imagePullSecret: allure-server + pullPolicy: IfNotPresent rbac: enabled: true @@ -13,18 +25,24 @@ strategy: rollingUpdate: maxUnavailable: 0 -ingress: -# host: allure.local - host: - className: - annotations: - kubernetes.io/ingress.class: nginx - nginx.ingress.kubernetes.io/ssl-redirect: "false" - nginx.ingress.kubernetes.io/proxy-body-size: "50m" +network: + ingress: # Nginx Ingress + enabled: false + className: + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/ssl-redirect: "false" + nginx.ingress.kubernetes.io/proxy-body-size: "50m" + istio: # Istio Gateway + enabled: false + gateway: + name: ingressgateway + selector: istio # e.g. qameta.io/istio-ingressgateway + domain_exceptions: "https://jira.your-domain.io https://jira.your-domain.ru" # makes Allure TestOps accessible from Jira Plugin tls: - # - secretName: allure.local - # hosts: - # - allure.local + enabled: false + secretName: allure-tls # Secret with SSL termination secrets. + hstsEnabled: false redis: enabled: true @@ -32,7 +50,8 @@ redis: rabbitmq: enabled: true - rabbitmq: + auth: + erlangCookie: fTwP5LxRVjZ9XJkyWmJSKR5hPDWMjkQx # Set your own random string username: allure password: allure resources: {} @@ -48,79 +67,144 @@ postgresql: persistence: size: 20Gi +# Local FS is NOT disabled for migration purpose. Please bear in mind that primary FS for allure is S3 +file_system: + primary: S3 + pathstyle: true + has_legacy_volume: true + legacy_directory: /opt/allure/report/storage + +minio: + enabled: true + auth: + rootUser: WBuetMuTAMAB4M78NG3gQ4dCFJr3SSmU # Replace with your Access Key + rootPassword: m9F4qupW4ucKBDQBWr4rwQLSAeC6FE2L # Replace with your Secret Key + disableWebUI: true + service: + ports: + api: 9000 + defaultBuckets: allure-testops + defaultRegion: qameta-0 + provisioning: + enabled: true + buckets: + - name: allure-testops + region: qameta-0 + config: + - name: region + options: + name: qameta-0 + gateway: replicaCount: 1 - image: - repository: allure/allure-gateway + image: allure-gateway tolerations: [] affinity: {} nodeSelector: {} service: port: 8080 - type: NodePort env: open: + TZ: "Europe/Moscow" + ALLURE_SECURE: "true" + ALLURE_JWT_ACCESS_TOKEN_VALIDITY_SECONDS: "57600" + SPRING_OUTPUT_ANSI_ENABLED: never + LOGGING_LEVEL_IO_QAMETA_ALLURE: warn + LOGGING_LEVEL_ORG_SPRINGFRAMEWORK_SECURITY: warn SPRING_SESSION_STORE_TYPE: REDIS SPRING_PROFILES_ACTIVE: kubernetes + MANAGEMENT_ENDPOINTS_WEB_EXPOSURE_INCLUDE: health,info,prometheus,configprops + MANAGEMENT_ENDPOINT_HEALTH_CACHE_TIME-TO-LIVE: 19s JAVA_TOOL_OPTIONS: > - -Xss256k -Xms256m -Xmx256m - -XX:+UseStringDeduplication -XX:+UseG1GC - resources: {} + -XX:+UseStringDeduplication + -Dsun.jnu.encoding=UTF-8 + -Dfile.encoding=UTF-8 + resources: # One pod is good for ~ 400 users + requests: + memory: 1Gi + cpu: 500m + limits: + memory: 1536Mi + cpu: 1 probes: enabled: true liveness: probe: + periodSeconds: 40 + timeoutSeconds: 2 + successThreshold: 1 + failureThreshold: 3 initialDelaySeconds: 60 - failureThreshold: 10 - periodSeconds: 30 readiness: probe: - initialDelaySeconds: 60 - failureThreshold: 5 - periodSeconds: 30 + periodSeconds: 20 + timeoutSeconds: 2 + successThreshold: 1 + failureThreshold: 3 + initialDelaySeconds: 25 uaa: replicaCount: 1 - image: - repository: allure/allure-uaa + image: allure-uaa tolerations: [] affinity: {} nodeSelector: {} service: port: 8082 - type: NodePort env: open: + TZ: "Europe/Moscow" + SERVER_SERVLET_CONTEXTPATH: /uaa/ + SPRING_OUTPUT_ANSI_ENABLED: never + LOGGING_LEVEL_IO_QAMETA_ALLURE: warn + LOGGING_LEVEL_ORG_SPRINGFRAMEWORK_SECURITY: warn SPRING_PROFILES_ACTIVE: kubernetes + SPRING_DATASOURCE_DRIVER_CLASS_NAME: org.postgresql.Driver + SPRING_JPA_DATABASE_PLATFORM: org.hibernate.dialect.PostgreSQL9Dialect + SPRING_JPA_PROPERTIES_HIBERNATE_GLOBALLY_QUOTED_IDENTIFIERS: 'true' + MANAGEMENT_ENDPOINTS_WEB_EXPOSURE_INCLUDE: health,info,prometheus,configprops + MANAGEMENT_ENDPOINT_HEALTH_CACHE_TIME-TO-LIVE: 19s + MANAGEMENT_HEALTH_DISKSPACE_ENABLED: "false" + MANAGEMENT_HEALTH_KUBERNETES_ENABLED: "false" + SPRING_CLOUD_DISCOVERY_CLIENT_HEALTH_INDICATOR_ENABLED: "false" JAVA_TOOL_OPTIONS: > - -Xss256k -Xms256m -Xmx256m - -XX:+UseStringDeduplication -XX:+UseG1GC - resources: {} + -XX:+UseStringDeduplication + -Dsun.jnu.encoding=UTF-8 + -Dfile.encoding=UTF-8 + resources: # One pod is good for ~ 400 users + requests: + memory: 1Gi + cpu: 500m + limits: + memory: 1536Mi + cpu: 1 probes: enabled: true liveness: probe: + periodSeconds: 40 + timeoutSeconds: 2 + successThreshold: 1 + failureThreshold: 3 initialDelaySeconds: 60 - failureThreshold: 10 - periodSeconds: 30 readiness: probe: + periodSeconds: 20 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 10 initialDelaySeconds: 60 - failureThreshold: 5 - periodSeconds: 30 report: replicaCount: 1 - image: - repository: allure/allure-report + image: allure-report tolerations: [] affinity: {} nodeSelector: {} service: port: 8081 - type: NodePort persistence: enabled: true accessMode: ReadWriteOnce @@ -131,23 +215,50 @@ report: - kubernetes.io/pvc-protection env: open: + TZ: "Europe/Moscow" + SERVER_SERVLET_CONTEXTPATH: /rs/ + SPRING_OUTPUT_ANSI_ENABLED: never + LOGGING_LEVEL_IO_QAMETA_ALLURE: warn + LOGGING_LEVEL_IO_QAMETA_ALLURE_REPORT_ISSUE_LISTENER: error + LOGGING_LEVEL_ORG_SPRINGFRAMEWORK: warn + LOGGING_LEVEL_COM_ZAXXER_HIKARI: warn SPRING_PROFILES_ACTIVE: kubernetes - ALLURE_BLOBSTORAGE_TYPE: FILE_SYSTEM - ALLURE_BLOBSTORAGE_FILESYSTEM_DIRECTORY: /opt/allure/report/storage + SPRING_DATASOURCE_DRIVER_CLASS_NAME: org.postgresql.Driver + SPRING_JPA_DATABASE_PLATFORM: org.hibernate.dialect.PostgreSQL9Dialect + SPRING_JPA_PROPERTIES_HIBERNATE_GLOBALLY_QUOTED_IDENTIFIERS: 'true' + MANAGEMENT_ENDPOINTS_WEB_EXPOSURE_INCLUDE: health,info,prometheus,configprops + MANAGEMENT_METRICS_EXPORT_PROMETHEUS_ENABLED: 'true' + SERVER_ERROR_INCLUDE_STACKTRACE: always + SPRING_DATASOURCE_HIKARI_CONNECTIONTIMEOUT: "60000" + MANAGEMENT_ENDPOINT_HEALTH_CACHE_TIME-TO-LIVE: 19s + MANAGEMENT_HEALTH_DISKSPACE_ENABLED: "false" + MANAGEMENT_HEALTH_KUBERNETES_ENABLED: "false" + SPRING_CLOUD_DISCOVERY_CLIENT_HEALTH_INDICATOR_ENABLED: "false" JAVA_TOOL_OPTIONS: > - -Xss256k -Xms256m -Xmx1g - -XX:+UseStringDeduplication -XX:+UseG1GC - resources: {} + -XX:+UseStringDeduplication + -Dsun.jnu.encoding=UTF-8 + -Dfile.encoding=UTF-8 + resources: # One pod is good for ~ 400 users + requests: + memory: 3Gi + cpu: 500m + limits: + memory: 3Gi + cpu: 2 probes: enabled: true liveness: probe: - initialDelaySeconds: 60 - failureThreshold: 10 - periodSeconds: 30 + periodSeconds: 40 + timeoutSeconds: 2 + successThreshold: 1 + failureThreshold: 3 + initialDelaySeconds: 300 readiness: probe: - initialDelaySeconds: 60 - failureThreshold: 5 periodSeconds: 30 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 10 + initialDelaySeconds: 60