From 72ea0f9424d1f2d680ab1983d33d3ecf230e467a Mon Sep 17 00:00:00 2001 From: Fleur Kelpin Date: Sat, 29 Sep 2018 14:10:32 +0200 Subject: [PATCH] refactor: Move charts to charts directory --- .../molgenis-httpd}/.helmignore | 0 .../molgenis-httpd}/Chart.yaml | 0 .../molgenis-httpd}/README.md | 0 .../catalogIcon-molgenis-httpd.svg | 0 .../molgenis-httpd}/questions.yml | 0 .../molgenis-httpd}/templates/NOTES.txt | 0 .../molgenis-httpd}/templates/_helpers.tpl | 0 .../molgenis-httpd}/templates/deployment.yaml | 0 .../molgenis-httpd}/templates/ingress.yaml | 0 .../molgenis-httpd}/templates/service.yaml | 0 .../molgenis-httpd}/values.yaml | 0 charts/molgenis-jenkins/Chart.yaml | 8 + charts/molgenis-jenkins/README.md | 111 ++++ .../catalogIcon-molgenis-jenkins.svg | 0 .../charts/jenkins-0.18.0.tgz | Bin .../molgenis-jenkins}/requirements.lock | 0 .../molgenis-jenkins}/requirements.yaml | 0 charts/molgenis-jenkins/resources/README.md | 6 + ...nkins-default-tiller-user-rolebinding.yaml | 0 .../resources/tiller-user-role.yaml | 0 .../molgenis-jenkins}/templates/config.tpl | 0 .../molgenis-jenkins-dockerhub-secret.yaml | 0 .../molgenis-jenkins-github-secret.yaml | 0 .../molgenis-jenkins-gogs-secret.yaml | 0 .../molgenis-jenkins-registry-secret.yaml | 0 .../molgenis-pipeline-vault-secret.yaml | 0 charts/molgenis-jenkins/values.yaml | 608 ++++++++++++++++++ .../molgenis-nexus}/.helmignore | 0 .../molgenis-nexus}/Chart.yaml | 0 charts/molgenis-nexus/README.md | 64 ++ .../catalogIcon-molgenis-nexus.svg | 0 .../molgenis-nexus}/templates/_helpers.tpl | 0 .../deployments/nexus-deployment.yaml | 0 .../deployments/nexusProxy-deployment.yaml | 0 .../molgenis-nexus}/templates/ingress.yaml | 0 .../templates/persistence/nexusPVC.yaml | 0 .../templates/services/nexus-service.yaml | 0 .../services/nexusProxy-service.yaml | 0 .../molgenis-nexus}/values.yaml | 0 .../molgenis-opencpu}/.helmignore | 0 .../molgenis-opencpu}/Chart.yaml | 0 .../molgenis-opencpu}/README.md | 0 .../catalog-molgenis-opencpu.svg | 0 .../molgenis-opencpu}/questions.yml | 0 .../molgenis-opencpu}/templates/_helpers.tpl | 0 .../templates/deployment.yaml | 35 + .../molgenis-opencpu}/templates/ingress.yaml | 0 .../molgenis-opencpu}/templates/service.yaml | 0 charts/molgenis-opencpu/values.yaml | 41 ++ .../molgenis-vault}/.helmignore | 0 .../molgenis-vault}/Chart.yaml | 0 charts/molgenis-vault/README.md | 52 ++ .../catalogIcon-molgenis-vault.svg | 0 .../charts/etcd-operator-0.8.0.tgz | Bin .../charts/vault-operator-0.1.1.tgz | Bin .../molgenis-vault}/requirements.lock | 0 .../molgenis-vault}/requirements.yaml | 0 .../molgenis-vault}/resources/restore.yaml | 0 .../molgenis-vault}/resources/vault.yaml | 0 .../molgenis-vault}/templates/NOTES.txt | 0 .../molgenis-vault}/templates/_helpers.tpl | 0 .../molgenis-vault}/templates/abs-secret.yaml | 0 .../templates/backup-configmap.yaml | 0 .../templates/backup-cronjob.yaml | 0 .../molgenis-vault}/templates/ui-ingress.yaml | 0 .../molgenis-vault}/templates/ui-service.yaml | 0 .../templates/vault-ui-deployment.yaml | 0 charts/molgenis-vault/values.yaml | 79 +++ {molgenis => charts/molgenis}/Chart.yaml | 0 {molgenis => charts/molgenis}/README.md | 0 .../molgenis}/catalogIcon-molgenis.svg | 0 {molgenis => charts/molgenis}/questions.yml | 0 .../molgenis}/templates/NOTES.txt | 0 .../molgenis}/templates/_helpers.tpl | 0 .../molgenis}/templates/deployment.yaml | 0 .../molgenis}/templates/ingress.yaml | 0 .../persistence/elasticsearchPVC.yaml | 0 .../templates/persistence/molgenisPVC.yaml | 0 .../templates/persistence/postgresPVC.yaml | 0 .../molgenis}/templates/service.yaml | 0 charts/molgenis/values.yaml | 103 +++ 81 files changed, 1107 insertions(+) rename {molgenis-httpd => charts/molgenis-httpd}/.helmignore (100%) rename {molgenis-httpd => charts/molgenis-httpd}/Chart.yaml (100%) rename {molgenis-httpd => charts/molgenis-httpd}/README.md (100%) rename {molgenis-httpd => charts/molgenis-httpd}/catalogIcon-molgenis-httpd.svg (100%) rename {molgenis-httpd => charts/molgenis-httpd}/questions.yml (100%) rename {molgenis-httpd => charts/molgenis-httpd}/templates/NOTES.txt (100%) rename {molgenis-httpd => charts/molgenis-httpd}/templates/_helpers.tpl (100%) rename {molgenis-httpd => charts/molgenis-httpd}/templates/deployment.yaml (100%) rename {molgenis-httpd => charts/molgenis-httpd}/templates/ingress.yaml (100%) rename {molgenis-httpd => charts/molgenis-httpd}/templates/service.yaml (100%) rename {molgenis-httpd => charts/molgenis-httpd}/values.yaml (100%) create mode 100755 charts/molgenis-jenkins/Chart.yaml create mode 100644 charts/molgenis-jenkins/README.md rename {molgenis-jenkins => charts/molgenis-jenkins}/catalogIcon-molgenis-jenkins.svg (100%) rename {molgenis-jenkins => charts/molgenis-jenkins}/charts/jenkins-0.18.0.tgz (100%) rename {molgenis-jenkins => charts/molgenis-jenkins}/requirements.lock (100%) rename {molgenis-jenkins => charts/molgenis-jenkins}/requirements.yaml (100%) create mode 100644 charts/molgenis-jenkins/resources/README.md rename {molgenis-jenkins => charts/molgenis-jenkins}/resources/jenkins-default-tiller-user-rolebinding.yaml (100%) rename {molgenis-jenkins => charts/molgenis-jenkins}/resources/tiller-user-role.yaml (100%) rename {molgenis-jenkins => charts/molgenis-jenkins}/templates/config.tpl (100%) rename {molgenis-jenkins => charts/molgenis-jenkins}/templates/molgenis-jenkins-dockerhub-secret.yaml (100%) rename {molgenis-jenkins => charts/molgenis-jenkins}/templates/molgenis-jenkins-github-secret.yaml (100%) rename {molgenis-jenkins => charts/molgenis-jenkins}/templates/molgenis-jenkins-gogs-secret.yaml (100%) rename {molgenis-jenkins => charts/molgenis-jenkins}/templates/molgenis-jenkins-registry-secret.yaml (100%) rename {molgenis-jenkins => charts/molgenis-jenkins}/templates/molgenis-pipeline-vault-secret.yaml (100%) create mode 100644 charts/molgenis-jenkins/values.yaml rename {molgenis-nexus => charts/molgenis-nexus}/.helmignore (100%) rename {molgenis-nexus => charts/molgenis-nexus}/Chart.yaml (100%) create mode 100644 charts/molgenis-nexus/README.md rename {molgenis-nexus => charts/molgenis-nexus}/catalogIcon-molgenis-nexus.svg (100%) rename {molgenis-nexus => charts/molgenis-nexus}/templates/_helpers.tpl (100%) rename {molgenis-nexus => charts/molgenis-nexus}/templates/deployments/nexus-deployment.yaml (100%) rename {molgenis-nexus => charts/molgenis-nexus}/templates/deployments/nexusProxy-deployment.yaml (100%) rename {molgenis-nexus => charts/molgenis-nexus}/templates/ingress.yaml (100%) rename {molgenis-nexus => charts/molgenis-nexus}/templates/persistence/nexusPVC.yaml (100%) rename {molgenis-nexus => charts/molgenis-nexus}/templates/services/nexus-service.yaml (100%) rename {molgenis-nexus => charts/molgenis-nexus}/templates/services/nexusProxy-service.yaml (100%) rename {molgenis-nexus => charts/molgenis-nexus}/values.yaml (100%) rename {molgenis-opencpu => charts/molgenis-opencpu}/.helmignore (100%) rename {molgenis-opencpu => charts/molgenis-opencpu}/Chart.yaml (100%) rename {molgenis-opencpu => charts/molgenis-opencpu}/README.md (100%) rename {molgenis-opencpu => charts/molgenis-opencpu}/catalog-molgenis-opencpu.svg (100%) rename {molgenis-opencpu => charts/molgenis-opencpu}/questions.yml (100%) rename {molgenis-opencpu => charts/molgenis-opencpu}/templates/_helpers.tpl (100%) create mode 100644 charts/molgenis-opencpu/templates/deployment.yaml rename {molgenis-opencpu => charts/molgenis-opencpu}/templates/ingress.yaml (100%) rename {molgenis-opencpu => charts/molgenis-opencpu}/templates/service.yaml (100%) create mode 100644 charts/molgenis-opencpu/values.yaml rename {molgenis-vault => charts/molgenis-vault}/.helmignore (100%) rename {molgenis-vault => charts/molgenis-vault}/Chart.yaml (100%) create mode 100644 charts/molgenis-vault/README.md rename {molgenis-vault => charts/molgenis-vault}/catalogIcon-molgenis-vault.svg (100%) rename {molgenis-vault => charts/molgenis-vault}/charts/etcd-operator-0.8.0.tgz (100%) rename {molgenis-vault => charts/molgenis-vault}/charts/vault-operator-0.1.1.tgz (100%) rename {molgenis-vault => charts/molgenis-vault}/requirements.lock (100%) rename {molgenis-vault => charts/molgenis-vault}/requirements.yaml (100%) rename {molgenis-vault => charts/molgenis-vault}/resources/restore.yaml (100%) rename {molgenis-vault => charts/molgenis-vault}/resources/vault.yaml (100%) rename {molgenis-vault => charts/molgenis-vault}/templates/NOTES.txt (100%) rename {molgenis-vault => charts/molgenis-vault}/templates/_helpers.tpl (100%) rename {molgenis-vault => charts/molgenis-vault}/templates/abs-secret.yaml (100%) rename {molgenis-vault => charts/molgenis-vault}/templates/backup-configmap.yaml (100%) rename {molgenis-vault => charts/molgenis-vault}/templates/backup-cronjob.yaml (100%) rename {molgenis-vault => charts/molgenis-vault}/templates/ui-ingress.yaml (100%) rename {molgenis-vault => charts/molgenis-vault}/templates/ui-service.yaml (100%) rename {molgenis-vault => charts/molgenis-vault}/templates/vault-ui-deployment.yaml (100%) create mode 100644 charts/molgenis-vault/values.yaml rename {molgenis => charts/molgenis}/Chart.yaml (100%) rename {molgenis => charts/molgenis}/README.md (100%) rename {molgenis => charts/molgenis}/catalogIcon-molgenis.svg (100%) rename {molgenis => charts/molgenis}/questions.yml (100%) rename {molgenis => charts/molgenis}/templates/NOTES.txt (100%) rename {molgenis => charts/molgenis}/templates/_helpers.tpl (100%) rename {molgenis => charts/molgenis}/templates/deployment.yaml (100%) rename {molgenis => charts/molgenis}/templates/ingress.yaml (100%) rename {molgenis => charts/molgenis}/templates/persistence/elasticsearchPVC.yaml (100%) rename {molgenis => charts/molgenis}/templates/persistence/molgenisPVC.yaml (100%) rename {molgenis => charts/molgenis}/templates/persistence/postgresPVC.yaml (100%) rename {molgenis => charts/molgenis}/templates/service.yaml (100%) create mode 100644 charts/molgenis/values.yaml diff --git a/molgenis-httpd/.helmignore b/charts/molgenis-httpd/.helmignore similarity index 100% rename from molgenis-httpd/.helmignore rename to charts/molgenis-httpd/.helmignore diff --git a/molgenis-httpd/Chart.yaml b/charts/molgenis-httpd/Chart.yaml similarity index 100% rename from molgenis-httpd/Chart.yaml rename to charts/molgenis-httpd/Chart.yaml diff --git a/molgenis-httpd/README.md b/charts/molgenis-httpd/README.md similarity index 100% rename from molgenis-httpd/README.md rename to charts/molgenis-httpd/README.md diff --git a/molgenis-httpd/catalogIcon-molgenis-httpd.svg b/charts/molgenis-httpd/catalogIcon-molgenis-httpd.svg similarity index 100% rename from molgenis-httpd/catalogIcon-molgenis-httpd.svg rename to charts/molgenis-httpd/catalogIcon-molgenis-httpd.svg diff --git a/molgenis-httpd/questions.yml b/charts/molgenis-httpd/questions.yml similarity index 100% rename from molgenis-httpd/questions.yml rename to charts/molgenis-httpd/questions.yml diff --git a/molgenis-httpd/templates/NOTES.txt b/charts/molgenis-httpd/templates/NOTES.txt similarity index 100% rename from molgenis-httpd/templates/NOTES.txt rename to charts/molgenis-httpd/templates/NOTES.txt diff --git a/molgenis-httpd/templates/_helpers.tpl b/charts/molgenis-httpd/templates/_helpers.tpl similarity index 100% rename from molgenis-httpd/templates/_helpers.tpl rename to charts/molgenis-httpd/templates/_helpers.tpl diff --git a/molgenis-httpd/templates/deployment.yaml b/charts/molgenis-httpd/templates/deployment.yaml similarity index 100% rename from molgenis-httpd/templates/deployment.yaml rename to charts/molgenis-httpd/templates/deployment.yaml diff --git a/molgenis-httpd/templates/ingress.yaml b/charts/molgenis-httpd/templates/ingress.yaml similarity index 100% rename from molgenis-httpd/templates/ingress.yaml rename to charts/molgenis-httpd/templates/ingress.yaml diff --git a/molgenis-httpd/templates/service.yaml b/charts/molgenis-httpd/templates/service.yaml similarity index 100% rename from molgenis-httpd/templates/service.yaml rename to charts/molgenis-httpd/templates/service.yaml diff --git a/molgenis-httpd/values.yaml b/charts/molgenis-httpd/values.yaml similarity index 100% rename from molgenis-httpd/values.yaml rename to charts/molgenis-httpd/values.yaml diff --git a/charts/molgenis-jenkins/Chart.yaml b/charts/molgenis-jenkins/Chart.yaml new file mode 100755 index 0000000..855c692 --- /dev/null +++ b/charts/molgenis-jenkins/Chart.yaml @@ -0,0 +1,8 @@ +name: molgenis-jenkins +home: https://jenkins.io/ +version: 0.7.1 +appVersion: 2.121 +description: Molgenis installation for the jenkins chart. +sources: +- https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm.git +icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/molgenis-jenkins/catalogIcon-molgenis-jenkins.svg diff --git a/charts/molgenis-jenkins/README.md b/charts/molgenis-jenkins/README.md new file mode 100644 index 0000000..48c0a53 --- /dev/null +++ b/charts/molgenis-jenkins/README.md @@ -0,0 +1,111 @@ +# Molgenis Jenkins Helm Chart + +Jenkins master and slave cluster utilizing the Jenkins Kubernetes plugin. +Wraps [the kuberenetes jenkins chart](https://github.com/kubernetes/charts/tree/master/stable/jenkins), see documentation there! + +## Chart Details + +This chart will do the following: + +* 1 x Jenkins Master with port 8080 exposed on an external ClusterIP +* All using Kubernetes Deployments + +## Installing the Chart + +Usually, you'll be deploying this to the molgenis cluster. +In the [Rancher Catalog](https://rancher.molgenis.org:7443/g/catalog), add the latest version of this repository. +In the [molgenis cluster management page](https://rancher.molgenis.org:7443/p/c-mhkqb:project-2pf45/apps), choose the +catalog, pick the molgenis-jenkins app from the catalog and deploy it. + +## Configuration + +When deploying, you can paste values into the Rancher Answers to override the defaults in this chart. +Array values can be added as {value, value, value}. +``` +jenkins.Master.HostName=jenkins.molgenis.org +jenkins.Master.AdminPassword=pa$$word +jenkins.Persistence.Enabled=false +jenkins.Master.InstallPlugins={kubernetes:1.8.4, workflow-aggregator:2.5, workflow-job:2.21, credentials-binding:1.16, git:3.9.1, blueocean:1.6.2, github-oauth:0.29} +jenkins.Master.Security.UseGitHub=false +## if UseGitHub=true +jenkins.Master.Security.GitHub.ClientID=id +jenkins.Master.Security.GitHub.ClientSecret=S3cr3t +## end UseGitHub=true +PipelineSecrets.Env.PGPPassphrase=literal:S3cr3t +``` + +You can use [all configuration values of the jenkins subchart](https://github.com/kubernetes/charts/tree/master/stable/jenkins). +> Because we use jenkins as a sub-chart, you should prefix all value keys with `jenkins`! + +### GitHub Authentication delegation +You need to setup a MOLGENIS - Jenkins GitHub OAuth App. You can do this by accessing this url: [add new OAuth app](https://github.com/settings/applications/new). + +### Secrets + + When deployed, the chart creates a couple of kubernetes secrets that get used by jenkins. + + You can override the values at deploy time but otherwise also configure them + [in Rancher](https://rancher.molgenis.org:7443/p/c-mhkqb:project-2pf45/secrets) or through kubectl. + +#### Vault + +The vault secret gets mounted in the vault pod so pipeline scripts can retrieve secrets from the vault. + +| Parameter | Description | Default | +| ------------------------- | ------------------------------------------ | ---------------------------------------------- | +| `secret.vault.token` | Token to log into the hashicorp vault | `xxxx` | +| `secret.vault.addr` | Address of the vault | `https:vault-operator.vault-operator.svc:8200` | +| `secret.vault.skipVerify` | Skip verification of the https connection | `1` | + +#### GitHub + +Token used by Jenkins to authenticate on GitHub. + +| Parameter | Description | Default | +| --------------------- | ------------------------ | ------------------ | +| `secret.gitHub.user` | username for the account | `molgenis-jenkins` | +| `secret.gitHub.token` | token for the account | `xxxx` | + +#### Gogs + +Token used by Jenkins to authenticate on the [RuG Webhosting Gogs](https://git.webhosting.rug.nl). + +| Parameter | Description | Default | +| ------------------- | ------------------------ | --------- | +| `secret.gogs.user` | username for the account | `p281392` | +| `secret.gogs.token` | token for the account | `xxxx` | + +#### Legacy: + +##### Docker Hub + +Account used in pipeline builds to push docker images to `hub.docker.com`. +> They should read `secret/gcc/account/dockerhub` from vault instead! + +| Parameter | Description | Default | +| --------------------------- | ------------------------ | --------------- | +| `secret.dockerHub.user` | username for the account | `molgenisci` | +| `secret.dockerHub.password` | password for the account | `xxxx` | + +##### Registry + +Account used in pipeline builds to push docker images to `registry.molgenis.org`. +> They should read `secret/ops/account/nexus` from vault instead! + +| Parameter | Description | Default | +| --------------------------- | ------------------------ | --------- | +| `secret.dockerHub.user` | username for the account | `admin` | +| `secret.dockerHub.password` | password for the account | `xxxx` | + +## Command line use +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. +For example, + +```bash +$ helm install --name jenkins -f values.yaml molgenis-jenkins +``` + +> **Tip**: You can use the default [values.yaml](values.yaml) + diff --git a/molgenis-jenkins/catalogIcon-molgenis-jenkins.svg b/charts/molgenis-jenkins/catalogIcon-molgenis-jenkins.svg similarity index 100% rename from molgenis-jenkins/catalogIcon-molgenis-jenkins.svg rename to charts/molgenis-jenkins/catalogIcon-molgenis-jenkins.svg diff --git a/molgenis-jenkins/charts/jenkins-0.18.0.tgz b/charts/molgenis-jenkins/charts/jenkins-0.18.0.tgz similarity index 100% rename from molgenis-jenkins/charts/jenkins-0.18.0.tgz rename to charts/molgenis-jenkins/charts/jenkins-0.18.0.tgz diff --git a/molgenis-jenkins/requirements.lock b/charts/molgenis-jenkins/requirements.lock similarity index 100% rename from molgenis-jenkins/requirements.lock rename to charts/molgenis-jenkins/requirements.lock diff --git a/molgenis-jenkins/requirements.yaml b/charts/molgenis-jenkins/requirements.yaml similarity index 100% rename from molgenis-jenkins/requirements.yaml rename to charts/molgenis-jenkins/requirements.yaml diff --git a/charts/molgenis-jenkins/resources/README.md b/charts/molgenis-jenkins/resources/README.md new file mode 100644 index 0000000..67bf687 --- /dev/null +++ b/charts/molgenis-jenkins/resources/README.md @@ -0,0 +1,6 @@ +To be able to run helm inside a jenkins pod, you'll need to +* create a role in the namespace where tiller is installed +* bind that role to the user that jenkins pods run as + +This directory contains yaml for these resources. +See also https://github.com/helm/helm/blob/master/docs/rbac.md \ No newline at end of file diff --git a/molgenis-jenkins/resources/jenkins-default-tiller-user-rolebinding.yaml b/charts/molgenis-jenkins/resources/jenkins-default-tiller-user-rolebinding.yaml similarity index 100% rename from molgenis-jenkins/resources/jenkins-default-tiller-user-rolebinding.yaml rename to charts/molgenis-jenkins/resources/jenkins-default-tiller-user-rolebinding.yaml diff --git a/molgenis-jenkins/resources/tiller-user-role.yaml b/charts/molgenis-jenkins/resources/tiller-user-role.yaml similarity index 100% rename from molgenis-jenkins/resources/tiller-user-role.yaml rename to charts/molgenis-jenkins/resources/tiller-user-role.yaml diff --git a/molgenis-jenkins/templates/config.tpl b/charts/molgenis-jenkins/templates/config.tpl similarity index 100% rename from molgenis-jenkins/templates/config.tpl rename to charts/molgenis-jenkins/templates/config.tpl diff --git a/molgenis-jenkins/templates/molgenis-jenkins-dockerhub-secret.yaml b/charts/molgenis-jenkins/templates/molgenis-jenkins-dockerhub-secret.yaml similarity index 100% rename from molgenis-jenkins/templates/molgenis-jenkins-dockerhub-secret.yaml rename to charts/molgenis-jenkins/templates/molgenis-jenkins-dockerhub-secret.yaml diff --git a/molgenis-jenkins/templates/molgenis-jenkins-github-secret.yaml b/charts/molgenis-jenkins/templates/molgenis-jenkins-github-secret.yaml similarity index 100% rename from molgenis-jenkins/templates/molgenis-jenkins-github-secret.yaml rename to charts/molgenis-jenkins/templates/molgenis-jenkins-github-secret.yaml diff --git a/molgenis-jenkins/templates/molgenis-jenkins-gogs-secret.yaml b/charts/molgenis-jenkins/templates/molgenis-jenkins-gogs-secret.yaml similarity index 100% rename from molgenis-jenkins/templates/molgenis-jenkins-gogs-secret.yaml rename to charts/molgenis-jenkins/templates/molgenis-jenkins-gogs-secret.yaml diff --git a/molgenis-jenkins/templates/molgenis-jenkins-registry-secret.yaml b/charts/molgenis-jenkins/templates/molgenis-jenkins-registry-secret.yaml similarity index 100% rename from molgenis-jenkins/templates/molgenis-jenkins-registry-secret.yaml rename to charts/molgenis-jenkins/templates/molgenis-jenkins-registry-secret.yaml diff --git a/molgenis-jenkins/templates/molgenis-pipeline-vault-secret.yaml b/charts/molgenis-jenkins/templates/molgenis-pipeline-vault-secret.yaml similarity index 100% rename from molgenis-jenkins/templates/molgenis-pipeline-vault-secret.yaml rename to charts/molgenis-jenkins/templates/molgenis-pipeline-vault-secret.yaml diff --git a/charts/molgenis-jenkins/values.yaml b/charts/molgenis-jenkins/values.yaml new file mode 100644 index 0000000..9816fee --- /dev/null +++ b/charts/molgenis-jenkins/values.yaml @@ -0,0 +1,608 @@ +jenkins: + Master: + HostName: jenkins.molgenis.org + ServiceType: ClusterIP + InstallPlugins: + - kubernetes:1.12.6 + - workflow-aggregator:2.5 + - workflow-job:2.25 + - credentials-binding:1.16 + - git:3.9.1 + - github-branch-source:2.3.6 + - kubernetes-credentials-provider:0.10 + - blueocean:1.8.3 + - github-oauth:0.29 + - gogs-webhook:1.0.14 + - github-scm-trait-commit-skip:0.1.1 + Security: + UseGitHub: false + GitHub: + ClientID: "" + ClienSecret: "" + DefaultView: dev + Views: + dev: + - molgenis + ops: + - molgenis-ops-docker-httpd + - molgenis-ops-docker-maven + - molgenis-ops-docker-node + - molgenis-ops-tools + - molgenis-ops-tomcat + Jobs: |- + molgenis: |- + + + + + + + + + + + .* + + + + + + + + false + + + + + + + true + -1 + -1 + + + + H H * * * + 86400000 + + + false + + + molgenis + molgenis-jenkins-github-secret + + + 1 + + + 1 + + + 1 + + + + + + ** + + + + + MOLGENIS Jenkins + molgenis+ci@gmail.com + + + + + + + + Jenkinsfile + + + + + molgenis-ops-docker-httpd: |- + + + + HTTPD server that can be used for redirection and proxieing + molgenis-ops-docker-httpd + + + + + + + + + + + + false + + + + + + + true + -1 + -1 + + + false + + + + + a756941d-6c9d-4492-bcf9-327041764be6 + https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-httpd.git + molgenis-jenkins-gogs-secret + + + + + ** + + + + + MOLGENIS Jenkins + molgenis+ci@gmail.com + + + + + + + + + + + + + + Jenkinsfile + + + molgenis-ops-docker-node: |- + + + + NodeJS build container with Curl + molgenis-ops-docker-node + + + + + + + + + + + + false + + + + + + + true + -1 + -1 + + + false + + + + + a756941d-6c9d-4492-bcf9-327041764be6 + https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-node.git + molgenis-jenkins-gogs-secret + + + + + ** + + + + + MOLGENIS Jenkins + molgenis+ci@gmail.com + + + + + + + + + + + + + + Jenkinsfile + + + molgenis-ops-docker-maven: |- + + + + MAVEN build container with RPMbuild and Curl + molgenis-ops-docker-maven + + + + + + + + + + + + false + + + + + + + true + -1 + -1 + + + false + + + + + 4702479a-6988-4a85-b4b7-e77fa2d05ffa + https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-maven.git + molgenis-jenkins-gogs-secret + + + + + ** + + + + + MOLGENIS Jenkins + molgenis+ci@gmail.com + + + + + + + + + + + + + + Jenkinsfile + + + molgenis-ops-tomcat: |- + + + + MOLGENIS tomcat package to manage tomcat version on CentOS + molgenis-ops-tomcat + + + + + + + + + + + + false + + + + + + + true + -1 + -1 + + + false + + + + + 4702479a-6988-4a85-b4b7-e77fa2d05ffa + https://git.webhosting.rug.nl/molgenis/molgenis-ops-tomcat.git + molgenis-jenkins-gogs-secret + + + + + ** + + + + + MOLGENIS Jenkins + molgenis+ci@gmail.com + + + + + + + + + + + + + + Jenkinsfile + + + molgenis-ops-tools: |- + + + + MOLGENIS operations tools-package to configure firewall, apache, sudoers, etc. + molgenis-ops-tools + + + + + + + + + + + + false + + + + + + + true + -1 + -1 + + + false + + + + + 4702479a-6988-4a85-b4b7-e77fa2d05ffa + https://git.webhosting.rug.nl/molgenis/molgenis-ops-tools.git + molgenis-jenkins-gogs-secret + + + + + ** + + + + + MOLGENIS Jenkins + molgenis+ci@gmail.com + + + + + + + + + + + + + + Jenkinsfile + + + # Kubernetes secret that contains a 'credentials.xml' for Jenkins + # CredentialsXmlSecret: jenkins-credentials + # Kubernetes secret that contains files to be put in the Jenkins 'secrets' directory, + # useful to manage encryption keys used for credentials.xml for instance (such as + # master.key and hudson.util.Secret) + # SecretsFilesSecret: jenkins-secrets + CustomConfigMap: true + rbac: + install: true + Pods: + molgenis: + Label: molgenis + NodeUsageMode: NORMAL + volumes: + - type: HostPath + hostPath: "/var/run/docker.sock" + mountPath: "/var/run/docker.sock" + Containers: + maven: + Image: "registry.webhosting.rug.nl/molgenis/maven" + ImageTag: lts + AlwaysPullImage: true + Command: cat + WorkingDir: /home/jenkins + TTY: true + resources: + requests: + cpu: "1" + memory: "4Gi" + EnvVars: + - type: KeyValue + key: MAVEN_OPTS + value: "-Duser.home=/home/jenkins" + - type: KeyValue + key: MAVEN_CONFIG + value: "/home/jenkins/.m2" + alpine: + Image: "spotify/alpine" + Command: cat + WorkingDir: /home/jenkins + TTY: true + vault: + Image: "vault" + Command: cat + WorkingDir: /home/jenkins + TTY: true + EnvVars: + - type: Secret + key: VAULT_TOKEN + secretName: molgenis-pipeline-vault-secret + secretKey: token + - type: Secret + key: VAULT_SKIP_VERIFY + secretName: molgenis-pipeline-vault-secret + secretKey: skipVerify + - type: Secret + key: VAULT_ADDR + secretName: molgenis-pipeline-vault-secret + secretKey: addr + helm: + Image: "lachlanevenson/k8s-helm" + ImageTag: "v2.10.0" + Command: cat + WorkingDir: /home/jenkins + TTY: true + NodeSelector: {} + node: + Label: node-carbon + NodeUsageMode: EXCLUSIVE + Containers: + node: + Image: "registry.webhosting.rug.nl/molgenis/node" + ImageTag: lts + AlwaysPullImage: true + Command: cat + WorkingDir: /home/jenkins + TTY: true + vault: + Image: "vault" + Command: cat + WorkingDir: /home/jenkins + TTY: true + EnvVars: + - type: Secret + key: VAULT_TOKEN + secretName: molgenis-pipeline-vault-secret + secretKey: token + - type: Secret + key: VAULT_SKIP_VERIFY + secretName: molgenis-pipeline-vault-secret + secretKey: skipVerify + - type: Secret + key: VAULT_ADDR + secretName: molgenis-pipeline-vault-secret + secretKey: addr + NodeSelector: {} + molgenis-it: + InheritFrom: molgenis + Label: molgenis-it + NodeUsageMode: EXCLUSIVE + Containers: + elasticsearch: + Image: docker.elastic.co/elasticsearch/elasticsearch + ImageTag: 5.5.3 + resources: + requests: + cpu: "100m" + memory: "1Gi" + limits: + cpu: "1" + memory: "1500Mi" + EnvVars: + - type: KeyValue + key: ES_JAVA_OPTS + value: "-Xms512m -Xmx512m" + - type: KeyValue + key: cluster.name + value: molgenis + - type: KeyValue + key: bootstrap.memory_lock + value: "true" + - type: KeyValue + key: xpack.security.enabled + value: "false" + - type: KeyValue + key: discovery.type + value: single-node + postgres: + Image: postgres + ImageTag: 9.6-alpine + resources: + requests: + cpu: "100m" + memory: "250Mi" + limits: + cpu: "1" + memory: "250Mi" + EnvVars: + - type: KeyValue + key: POSTGRES_USER + value: molgenis + - type: KeyValue + key: POSTGRES_PASSWORD + value: molgenis + - type: KeyValue + key: POSTGRES_DB + value: molgenis + opencpu: + Image: molgenis/opencpu + AlwaysPullImage: true + resources: + requests: + cpu: "100m" + memory: "256Mi" + limits: + cpu: "1" + memory: "512Mi" + NodeSelector: {} + +#secret contains configuration for the kubernetes secrets that jenkins can access +secret: + # vault configures the vault secret + vault: + token: xxxx + addr: "https://vault-operator.vault-operator.svc:8200" + skipVerify: "1" + # githubToken contains access token for jenkins bot account on github.com + gitHub: + user: "molgenis-jenkins" + token: xxxx + # gogs contains access token for jenkins bot account on RuG GoGs + gogs: + user: p281392 + token: xxxx + # registry contains credentials for registry.molgenis.org + registry: + user: admin + password: xxxx + # dockerHubPassword contains password for hub.docker.com + dockerHub: + user: molgenisci + password: xxxx \ No newline at end of file diff --git a/molgenis-nexus/.helmignore b/charts/molgenis-nexus/.helmignore similarity index 100% rename from molgenis-nexus/.helmignore rename to charts/molgenis-nexus/.helmignore diff --git a/molgenis-nexus/Chart.yaml b/charts/molgenis-nexus/Chart.yaml similarity index 100% rename from molgenis-nexus/Chart.yaml rename to charts/molgenis-nexus/Chart.yaml diff --git a/charts/molgenis-nexus/README.md b/charts/molgenis-nexus/README.md new file mode 100644 index 0000000..b6bda27 --- /dev/null +++ b/charts/molgenis-nexus/README.md @@ -0,0 +1,64 @@ +# MOLGENIS - NEXUS Helm Chart + +NEXUS repository for kubernetes to deploy on a kubernetes cluster with NFS-share + +## Chart Details + +This chart will deploy: + +- 1 NEXUS-nfs initialization container + + We need this container to avoid permission issues on the NEXUS docker +- 1 NEXUS container +- 1 MOLGENIS-httpd container (to proxy the registry and docker to one domain) + +## Backup restore +There are two steps in restoring the NEXUS. + +- Database +- Blobstore + +### Restore the database +Go to the commandline: + +```bash +kubectl get pv +``` + +```bash +| NAME | CAPACITY | ACCESS | MODES | RECLAIM | POLICY | STATUS | CLAIM | STORAGECLASS | REASON | AGE | +| ---- | -------- | ------ | ----- | ------- | ------ | ------ | ----- | ------------ | ------ | --- | +| pvc-45988f55-900f-11e8-a0b4-005056a51744 | 30G | RWX | | Retain | Bound | molgenis-nexus/molgenis-nfs-claim | nfs-provisioner-retain | | | 33d | +| pvc-3984723d-220f-14e8-a98a-skjhf88823kk | 30G | RWO | | Delete | Bound | molgenis-test/molgenis-nfs-claim | nfs-provisioner | | | 33d | +``` + +The persistent volume is the one in the molgenis-nexus namespace. + +Go to the NFS-provisioner to the path of the persistent volume: + +```bash +ls -t --full-time | head -7 | xargs cp ../restore-from-backup/ +``` + +### Restore the blobstore +You can copy the directory ```blobs``` to the target persistent volume ```/ blobs```. + +You can now bring the NEXUS back up. + +## Installing the Chart + +You can test in install the chart by executing: + +```helm lint .``` + +To test if your helm chart-syntax is right and: + +```helm install . --dry-run --debug``` + +To test if your hem chart works and: + +```helm install .``` + +To deploy it on the cluster. + + diff --git a/molgenis-nexus/catalogIcon-molgenis-nexus.svg b/charts/molgenis-nexus/catalogIcon-molgenis-nexus.svg similarity index 100% rename from molgenis-nexus/catalogIcon-molgenis-nexus.svg rename to charts/molgenis-nexus/catalogIcon-molgenis-nexus.svg diff --git a/molgenis-nexus/templates/_helpers.tpl b/charts/molgenis-nexus/templates/_helpers.tpl similarity index 100% rename from molgenis-nexus/templates/_helpers.tpl rename to charts/molgenis-nexus/templates/_helpers.tpl diff --git a/molgenis-nexus/templates/deployments/nexus-deployment.yaml b/charts/molgenis-nexus/templates/deployments/nexus-deployment.yaml similarity index 100% rename from molgenis-nexus/templates/deployments/nexus-deployment.yaml rename to charts/molgenis-nexus/templates/deployments/nexus-deployment.yaml diff --git a/molgenis-nexus/templates/deployments/nexusProxy-deployment.yaml b/charts/molgenis-nexus/templates/deployments/nexusProxy-deployment.yaml similarity index 100% rename from molgenis-nexus/templates/deployments/nexusProxy-deployment.yaml rename to charts/molgenis-nexus/templates/deployments/nexusProxy-deployment.yaml diff --git a/molgenis-nexus/templates/ingress.yaml b/charts/molgenis-nexus/templates/ingress.yaml similarity index 100% rename from molgenis-nexus/templates/ingress.yaml rename to charts/molgenis-nexus/templates/ingress.yaml diff --git a/molgenis-nexus/templates/persistence/nexusPVC.yaml b/charts/molgenis-nexus/templates/persistence/nexusPVC.yaml similarity index 100% rename from molgenis-nexus/templates/persistence/nexusPVC.yaml rename to charts/molgenis-nexus/templates/persistence/nexusPVC.yaml diff --git a/molgenis-nexus/templates/services/nexus-service.yaml b/charts/molgenis-nexus/templates/services/nexus-service.yaml similarity index 100% rename from molgenis-nexus/templates/services/nexus-service.yaml rename to charts/molgenis-nexus/templates/services/nexus-service.yaml diff --git a/molgenis-nexus/templates/services/nexusProxy-service.yaml b/charts/molgenis-nexus/templates/services/nexusProxy-service.yaml similarity index 100% rename from molgenis-nexus/templates/services/nexusProxy-service.yaml rename to charts/molgenis-nexus/templates/services/nexusProxy-service.yaml diff --git a/molgenis-nexus/values.yaml b/charts/molgenis-nexus/values.yaml similarity index 100% rename from molgenis-nexus/values.yaml rename to charts/molgenis-nexus/values.yaml diff --git a/molgenis-opencpu/.helmignore b/charts/molgenis-opencpu/.helmignore similarity index 100% rename from molgenis-opencpu/.helmignore rename to charts/molgenis-opencpu/.helmignore diff --git a/molgenis-opencpu/Chart.yaml b/charts/molgenis-opencpu/Chart.yaml similarity index 100% rename from molgenis-opencpu/Chart.yaml rename to charts/molgenis-opencpu/Chart.yaml diff --git a/molgenis-opencpu/README.md b/charts/molgenis-opencpu/README.md similarity index 100% rename from molgenis-opencpu/README.md rename to charts/molgenis-opencpu/README.md diff --git a/molgenis-opencpu/catalog-molgenis-opencpu.svg b/charts/molgenis-opencpu/catalog-molgenis-opencpu.svg similarity index 100% rename from molgenis-opencpu/catalog-molgenis-opencpu.svg rename to charts/molgenis-opencpu/catalog-molgenis-opencpu.svg diff --git a/molgenis-opencpu/questions.yml b/charts/molgenis-opencpu/questions.yml similarity index 100% rename from molgenis-opencpu/questions.yml rename to charts/molgenis-opencpu/questions.yml diff --git a/molgenis-opencpu/templates/_helpers.tpl b/charts/molgenis-opencpu/templates/_helpers.tpl similarity index 100% rename from molgenis-opencpu/templates/_helpers.tpl rename to charts/molgenis-opencpu/templates/_helpers.tpl diff --git a/charts/molgenis-opencpu/templates/deployment.yaml b/charts/molgenis-opencpu/templates/deployment.yaml new file mode 100644 index 0000000..ddb57c7 --- /dev/null +++ b/charts/molgenis-opencpu/templates/deployment.yaml @@ -0,0 +1,35 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + {{- with .Values.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} + {{- end }} + name: {{ template "opencpu.fullname" . }} + labels: + app: {{ template "opencpu.name" . }} + chart: {{ template "opencpu.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ template "opencpu.name" . }} + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ template "opencpu.name" . }} + release: {{ .Release.Name }} + spec: + containers: + {{- with .Values.opencpu }} + - name: {{ .name }} + image: "{{ .image.repository }}/{{ .image.name }}:{{ .image.tag }}" + imagePullPolicy: {{ .image.pullPolicy }} + ports: + - containerPort: {{ .service.port }} + {{- end }} + + diff --git a/molgenis-opencpu/templates/ingress.yaml b/charts/molgenis-opencpu/templates/ingress.yaml similarity index 100% rename from molgenis-opencpu/templates/ingress.yaml rename to charts/molgenis-opencpu/templates/ingress.yaml diff --git a/molgenis-opencpu/templates/service.yaml b/charts/molgenis-opencpu/templates/service.yaml similarity index 100% rename from molgenis-opencpu/templates/service.yaml rename to charts/molgenis-opencpu/templates/service.yaml diff --git a/charts/molgenis-opencpu/values.yaml b/charts/molgenis-opencpu/values.yaml new file mode 100644 index 0000000..c21be14 --- /dev/null +++ b/charts/molgenis-opencpu/values.yaml @@ -0,0 +1,41 @@ +# Default values for nexus. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +environment: production + +opencpu: + name: opencpu + strategy: + type: Recreate + restartPolicy: Always + image: + repository: registry.hub.docker.com + name: molgenis/opencpu + tag: stable + pullPolicy: Always + service: + name: opencpu + type: LoadBalancer + port: 8004 + firewall: + - 145.100.224.1/24 + +ingress: + enabled: false + annotations: { + kubernetes.io/ingress.class: "nginx", + nginx.ingress.kubernetes.io/proxy-body-size: "0" + } + path: / + hosts: + - name: opencpu.molgenis.org + tls: [] + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/molgenis-vault/.helmignore b/charts/molgenis-vault/.helmignore similarity index 100% rename from molgenis-vault/.helmignore rename to charts/molgenis-vault/.helmignore diff --git a/molgenis-vault/Chart.yaml b/charts/molgenis-vault/Chart.yaml similarity index 100% rename from molgenis-vault/Chart.yaml rename to charts/molgenis-vault/Chart.yaml diff --git a/charts/molgenis-vault/README.md b/charts/molgenis-vault/README.md new file mode 100644 index 0000000..5ebac64 --- /dev/null +++ b/charts/molgenis-vault/README.md @@ -0,0 +1,52 @@ +# MOLGENIS Vault helm chart + +This chart creates a vault operator, but NO vault. +The vault operator defines a new custom resource named `vault` that you can use to create vaults. + +After launching the operator, create the molgenis vault manually: +`kubectl create -f resources/vault.yaml` + +That creates a new vault with two vault pods. + +See https://github.com/coreos/vault-operator/blob/master/doc/user/vault.md + +## Parameters + +### Azure cloud credentials +Define credentials for backup to the Azure Blob Store. +See [etcd-operator documentation](https://github.com/coreos/etcd-operator/blob/master/doc/user/abs_backup.md). + +| Parameter | Description | Default | +| --------------- | ----------------------------- | ------------------ | +| `abs.account` | name of storage account | `fdlkops` | +| `abs.accessKey` | access key of storage account | `xxxx` | +| `abs.cloud` | name of cloud environment | `AzurePublicCloud` | + +### Backup job +Define the schedule of the backup job + +| Parameter | Description | Default | +| -------------------- | ---------------------------- | ------------- | +| `backupJob.enable` | Enable backup cronjob | `true` | +| `backupJob.schedule` | cron schedule for the backup | `0 12 * * 1` | + +### UI + +Parameter | Description | Default +--------- | ----------- | ------- +`ui.replicaCount` | desired number of Vault UI pod | `1` +`ui.image.repository` | Vault UI container image repository | `djenriquez/vault-ui` +`ui.image.tag` | Vault UI container image tag | `latest` +`ui.resources` | Vault UI pod resource requests & limits | `{}` +`ui.nodeSelector` | node labels for Vault UI pod assignment | `{}` +`ui.ingress.enabled` | If true, Vault UI Ingress will be created | `true` +`ui.ingress.annotations` | Vault UI Ingress annotations | `{}` +`ui.ingress.host` | Vault UI Ingress hostname | `vault.molgenis.org` +`ui.ingress.tls` | Vault UI Ingress TLS configuration (YAML) | `[]` +`ui.vault.url` | Vault UI default vault url | `https://vault.vault-operator:8200` +`ui.vault.auth` | Vault UI login method | `GITHUB` +`ui.service.name` | Vault UI service name | `vault-ui` +`ui.service.type` | type of ui service to create | `ClusterIP` +`ui.service.externalPort` | Vault UI service target port | `8000` +`ui.service.internalPort` | Vault UI container port | `8000` +`ui.service.nodePort` | Port to be used as the service NodePort (ignored if `server.service.type` is not `NodePort`) | `0` \ No newline at end of file diff --git a/molgenis-vault/catalogIcon-molgenis-vault.svg b/charts/molgenis-vault/catalogIcon-molgenis-vault.svg similarity index 100% rename from molgenis-vault/catalogIcon-molgenis-vault.svg rename to charts/molgenis-vault/catalogIcon-molgenis-vault.svg diff --git a/molgenis-vault/charts/etcd-operator-0.8.0.tgz b/charts/molgenis-vault/charts/etcd-operator-0.8.0.tgz similarity index 100% rename from molgenis-vault/charts/etcd-operator-0.8.0.tgz rename to charts/molgenis-vault/charts/etcd-operator-0.8.0.tgz diff --git a/molgenis-vault/charts/vault-operator-0.1.1.tgz b/charts/molgenis-vault/charts/vault-operator-0.1.1.tgz similarity index 100% rename from molgenis-vault/charts/vault-operator-0.1.1.tgz rename to charts/molgenis-vault/charts/vault-operator-0.1.1.tgz diff --git a/molgenis-vault/requirements.lock b/charts/molgenis-vault/requirements.lock similarity index 100% rename from molgenis-vault/requirements.lock rename to charts/molgenis-vault/requirements.lock diff --git a/molgenis-vault/requirements.yaml b/charts/molgenis-vault/requirements.yaml similarity index 100% rename from molgenis-vault/requirements.yaml rename to charts/molgenis-vault/requirements.yaml diff --git a/molgenis-vault/resources/restore.yaml b/charts/molgenis-vault/resources/restore.yaml similarity index 100% rename from molgenis-vault/resources/restore.yaml rename to charts/molgenis-vault/resources/restore.yaml diff --git a/molgenis-vault/resources/vault.yaml b/charts/molgenis-vault/resources/vault.yaml similarity index 100% rename from molgenis-vault/resources/vault.yaml rename to charts/molgenis-vault/resources/vault.yaml diff --git a/molgenis-vault/templates/NOTES.txt b/charts/molgenis-vault/templates/NOTES.txt similarity index 100% rename from molgenis-vault/templates/NOTES.txt rename to charts/molgenis-vault/templates/NOTES.txt diff --git a/molgenis-vault/templates/_helpers.tpl b/charts/molgenis-vault/templates/_helpers.tpl similarity index 100% rename from molgenis-vault/templates/_helpers.tpl rename to charts/molgenis-vault/templates/_helpers.tpl diff --git a/molgenis-vault/templates/abs-secret.yaml b/charts/molgenis-vault/templates/abs-secret.yaml similarity index 100% rename from molgenis-vault/templates/abs-secret.yaml rename to charts/molgenis-vault/templates/abs-secret.yaml diff --git a/molgenis-vault/templates/backup-configmap.yaml b/charts/molgenis-vault/templates/backup-configmap.yaml similarity index 100% rename from molgenis-vault/templates/backup-configmap.yaml rename to charts/molgenis-vault/templates/backup-configmap.yaml diff --git a/molgenis-vault/templates/backup-cronjob.yaml b/charts/molgenis-vault/templates/backup-cronjob.yaml similarity index 100% rename from molgenis-vault/templates/backup-cronjob.yaml rename to charts/molgenis-vault/templates/backup-cronjob.yaml diff --git a/molgenis-vault/templates/ui-ingress.yaml b/charts/molgenis-vault/templates/ui-ingress.yaml similarity index 100% rename from molgenis-vault/templates/ui-ingress.yaml rename to charts/molgenis-vault/templates/ui-ingress.yaml diff --git a/molgenis-vault/templates/ui-service.yaml b/charts/molgenis-vault/templates/ui-service.yaml similarity index 100% rename from molgenis-vault/templates/ui-service.yaml rename to charts/molgenis-vault/templates/ui-service.yaml diff --git a/molgenis-vault/templates/vault-ui-deployment.yaml b/charts/molgenis-vault/templates/vault-ui-deployment.yaml similarity index 100% rename from molgenis-vault/templates/vault-ui-deployment.yaml rename to charts/molgenis-vault/templates/vault-ui-deployment.yaml diff --git a/charts/molgenis-vault/values.yaml b/charts/molgenis-vault/values.yaml new file mode 100644 index 0000000..aaca8f3 --- /dev/null +++ b/charts/molgenis-vault/values.yaml @@ -0,0 +1,79 @@ +# Default values for molgenis-vault. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +# abs gives details of the credentials to reach the azure backup storage +abs: + # account is the name of the Storage account + account: fdlkops + # access key for the Storage account + accessKey: xxxx + # default cloud + cloud: AzurePublicCloud + +# backupjob describes the backup cronjob +backupJob: + # enable enables the backup job + enable: true + # schedule gives the cron schedule for the backup job + schedule: "0 12 * * 1" + +### +# All of the config variables related to setting up the etcd-operator +# If you want more information about the variables exposed, please visit: +# https://github.com/kubernetes/charts/tree/master/stable/etcd-operator#configuration +### +etcd-operator: + deployments: + etcdOperator: true + backupOperator: true + restoreOperator: true + serviceAccount: + etcdOperatorServiceAccount: + create: true + backupOperatorServiceAccount: + create: true + restoreOperatorServiceAccount: + create: true + etcdOperator: + image: + tag: v0.9.2 + backupOperator: + image: + tag: v0.9.2 + restoreOperator: + image: + tag: v0.9.2 + +ui: + name: "vault-ui" + replicaCount: 1 + image: + repository: djenriquez/vault-ui + tag: latest + service: + name: vault-ui + type: ClusterIP + externalPort: 8000 + internalPort: 8000 + # nodePort: 32001 + ingress: + enabled: true + # Used to create Ingress record (should used with service.type: ClusterIP). + host: vault.molgenis.org + + resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + #requests: + # cpu: 100m + # memory: 128Mi + nodeSelector: {} + vault: + auth: GITHUB + url: https://vault.vault-operator:8200 \ No newline at end of file diff --git a/molgenis/Chart.yaml b/charts/molgenis/Chart.yaml similarity index 100% rename from molgenis/Chart.yaml rename to charts/molgenis/Chart.yaml diff --git a/molgenis/README.md b/charts/molgenis/README.md similarity index 100% rename from molgenis/README.md rename to charts/molgenis/README.md diff --git a/molgenis/catalogIcon-molgenis.svg b/charts/molgenis/catalogIcon-molgenis.svg similarity index 100% rename from molgenis/catalogIcon-molgenis.svg rename to charts/molgenis/catalogIcon-molgenis.svg diff --git a/molgenis/questions.yml b/charts/molgenis/questions.yml similarity index 100% rename from molgenis/questions.yml rename to charts/molgenis/questions.yml diff --git a/molgenis/templates/NOTES.txt b/charts/molgenis/templates/NOTES.txt similarity index 100% rename from molgenis/templates/NOTES.txt rename to charts/molgenis/templates/NOTES.txt diff --git a/molgenis/templates/_helpers.tpl b/charts/molgenis/templates/_helpers.tpl similarity index 100% rename from molgenis/templates/_helpers.tpl rename to charts/molgenis/templates/_helpers.tpl diff --git a/molgenis/templates/deployment.yaml b/charts/molgenis/templates/deployment.yaml similarity index 100% rename from molgenis/templates/deployment.yaml rename to charts/molgenis/templates/deployment.yaml diff --git a/molgenis/templates/ingress.yaml b/charts/molgenis/templates/ingress.yaml similarity index 100% rename from molgenis/templates/ingress.yaml rename to charts/molgenis/templates/ingress.yaml diff --git a/molgenis/templates/persistence/elasticsearchPVC.yaml b/charts/molgenis/templates/persistence/elasticsearchPVC.yaml similarity index 100% rename from molgenis/templates/persistence/elasticsearchPVC.yaml rename to charts/molgenis/templates/persistence/elasticsearchPVC.yaml diff --git a/molgenis/templates/persistence/molgenisPVC.yaml b/charts/molgenis/templates/persistence/molgenisPVC.yaml similarity index 100% rename from molgenis/templates/persistence/molgenisPVC.yaml rename to charts/molgenis/templates/persistence/molgenisPVC.yaml diff --git a/molgenis/templates/persistence/postgresPVC.yaml b/charts/molgenis/templates/persistence/postgresPVC.yaml similarity index 100% rename from molgenis/templates/persistence/postgresPVC.yaml rename to charts/molgenis/templates/persistence/postgresPVC.yaml diff --git a/molgenis/templates/service.yaml b/charts/molgenis/templates/service.yaml similarity index 100% rename from molgenis/templates/service.yaml rename to charts/molgenis/templates/service.yaml diff --git a/charts/molgenis/values.yaml b/charts/molgenis/values.yaml new file mode 100644 index 0000000..c9fa30c --- /dev/null +++ b/charts/molgenis/values.yaml @@ -0,0 +1,103 @@ +# Default values for molgenis. + +replicaCount: 1 + +service: + type: LoadBalancer + firewall: + enabled: false + kind: "umcg" + umcg: + rules: + - 127.0.0.1/32 + cluster: + rules: + - 127.0.0.1/32 + port: 8080 + +ingress: + enabled: true + annotations: + nginx.ingress.kubernetes.io/proxy-body-size: "0" + path: / + hosts: + - name: test.molgenis.org + tls: [] + +molgenis: + image: + repository: registry.hub.docker.com + name: molgenis/molgenis-app + tag: stable + pullPolicy: Always + adminPassword: + javaOpts: + maxHeapSpace: "1g" + resources: + limits: + cpu: 1 + memory: 1250Mi + requests: + cpu: 200m + memory: 1250Mi + persistence: + claim: molgenis-nfs-claim + size: 5Gi + services: + opencpu: + host: localhost + elasticsearch: + transportAddresses: localhost:9300 + clusterName: molgenis + postgres: + embedded: false + host: localhost + scheme: molgenis + user: molgenis + password: molgenis + +elasticsearch: + image: + repository: docker.elastic.co/elasticsearch/elasticsearch + tag: 5.5.3 + pullPolicy: IfNotPresent + javaOpts: "-Xms1g -Xmx1g" + clusterName: molgenis + resources: + limits: + cpu: 2 + memory: 3Gi + requests: + cpu: 100m + memory: 1Gi + persistence: + claim: elasticsearch-nfs-claim + size: 5Gi + +postgres: + image: + repository: postgres + tag: 9.6-alpine + pullPolicy: IfNotPresent + resources: + limits: + cpu: 1 + memory: 250Mi + requests: + cpu: 100m + memory: 250Mi + persistence: + claim: postgres-nfs-claim + size: 5Gi + +persistence: + enabled: true + retain: false + +nodeSelector: { + deployPod: "true" +} + +tolerations: [] + +affinity: {}