Skip to content

Commit

Permalink
feat: update kratos chart for v6+ (#290)
Browse files Browse the repository at this point in the history 
Closes #289
Closes #285
Closes #286

Co-authored-by: hackerman <3372410+aeneasr@users.noreply.github.com>
  • Loading branch information
@Demonsthere @aeneasr
Demonsthere and aeneasr authored Jun 29, 2021
1 parent a84bcec commit e658234
Show file tree
Hide file tree
Showing 7 changed files with 219 additions and 78 deletions.
2 changes: 1 addition & 1 deletion .circleci/values/kratos.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ kratos:
hashers:
argon2:
parallelism: 1
memory: 131072
memory: 128MB
iterations: 2
salt_length: 16
key_length: 16
Expand Down
19 changes: 12 additions & 7 deletions helm/charts/kratos/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,10 @@ metadata:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
progressDeadlineSeconds: 3600
replicas: {{ .Values.replicaCount }}
strategy:
{{- toYaml .Values.strategy | nindent 4 }}
selector:
matchLabels:
app.kubernetes.io/name: {{ include "kratos.name" . }}
Expand All @@ -41,7 +44,7 @@ spec:
{{- if .Values.deployment.extraInitContainers }}
{{ tpl .Values.deployment.extraInitContainers . | indent 8 }}
{{- end }}
{{- end}}
{{- end }}
volumes:
{{- if .Values.deployment.extraVolumes }}
{{ toYaml .Values.deployment.extraVolumes | indent 8 }}
Expand Down Expand Up @@ -93,23 +96,31 @@ spec:
secretKeyRef:
name: {{ include "kratos.secretname" . }}
key: dsn
{{- if .Values.kratos.config.secrets.default }}
- name: SECRETS_DEFAULT
valueFrom:
secretKeyRef:
name: {{ include "kratos.secretname" . }}
key: secretsDefault
{{- end}}
{{- if .Values.kratos.config.secrets.cookie }}
- name: SECRETS_COOKIE
valueFrom:
secretKeyRef:
name: {{ include "kratos.secretname" . }}
key: secretsCookie
{{- end}}
{{- if .Values.kratos.config.courier.smtp.connection_uri }}
- name: COURIER_SMTP_CONNECTION_URI
valueFrom:
secretKeyRef:
name: {{ include "kratos.secretname" . }}
key: smtpConnectionURI
{{- end}}
{{- if .Values.kratos.dev_disable_api_flow_enforcement }}
- name: DEV_DISABLE_API_FLOW_ENFORCEMENT
value: "true"
{{- end }}
{{- if .Values.deployment.tracing.datadog.enabled }}
- name: TRACING_PROVIDER
value: datadog
Expand Down Expand Up @@ -142,14 +153,8 @@ spec:
containerPort: {{ .Values.kratos.config.serve.public.port }}
protocol: TCP
livenessProbe:
httpGet:
path: /health/alive
port: http-admin
{{- toYaml .Values.deployment.livenessProbe | nindent 12 }}
readinessProbe:
httpGet:
path: /health/ready
port: http-admin
{{- toYaml .Values.deployment.readinessProbe | nindent 12 }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
Expand Down
4 changes: 2 additions & 2 deletions helm/charts/kratos/templates/job-migration.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ metadata:
{{- end }}
helm.sh/hook-weight: "1"
helm.sh/hook: "pre-install, pre-upgrade"
helm.sh/hook-delete-policy: "before-hook-creation"
helm.sh/hook-delete-policy: "before-hook-creation,hook-succeeded"
spec:
template:
{{- with .Values.job.annotations }}
Expand Down Expand Up @@ -49,4 +49,4 @@ spec:
{{ toYaml .Values.deployment.extraVolumes | indent 8 }}
{{- end }}
backoffLimit: 10
{{- end }}
{{- end }}
4 changes: 2 additions & 2 deletions helm/charts/kratos/templates/secrets.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ include "kratos.fullname" . }}
name: {{ include "kratos.secretname" . }}
namespace: {{ .Release.Namespace }}
labels:
{{ include "kratos.labels" . | indent 4 }}
Expand All @@ -19,4 +19,4 @@ data:
{{- if .Values.kratos.config.courier.smtp.connection_uri }}
smtpConnectionURI: {{ .Values.kratos.config.courier.smtp.connection_uri | b64enc | quote }}
{{- end }}
{{- end }}
{{- end }}
85 changes: 85 additions & 0 deletions helm/charts/kratos/templates/statefulset-mail.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "kratos.fullname" . }}-courier
{{- if .Release.Namespace }}
namespace: {{ .Release.Namespace }}
{{- end }}
labels:
{{ include "kratos.labels" . | indent 4 }}
{{- with .Values.deployment.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
annotations:
{{- with .Values.deployment.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
selector:
matchLabels:
app.kubernetes.io/name: {{ include "kratos.fullname" . }}-courier
app.kubernetes.io/instance: {{ .Release.Name }}
serviceName: {{ include "kratos.fullname" . }}-courier
replicas: 1
template:
metadata:
labels:
app.kubernetes.io/name: {{ include "kratos.fullname" . }}-courier
app.kubernetes.io/instance: {{ .Release.Name }}
spec:
containers:
- name: {{ include "kratos.fullname" . }}-courier
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
args: [ "courier", "watch", "--config", "/etc/config/kratos.yaml" ]
volumeMounts:
- name: {{ include "kratos.fullname" . }}-config-volume
mountPath: /etc/config
readOnly: true
{{- if .Values.deployment.extraVolumeMounts }}
{{ toYaml .Values.deployment.extraVolumeMounts | indent 12 }}
{{- end }}
{{- $root := . -}}
{{- range $method, $methodEntry := .Values.kratos.emailTemplates }}
{{- range $result, $resultEntry := $methodEntry }}
- name: {{ include "kratos.name" $root }}-template-{{ $method }}-{{ $result }}-volume
mountPath: /conf/courier-templates/{{ $method }}/{{ $result }}
readOnly: true
{{- end }}
{{- end }}
env:
- name: LOG_FORMAT
value: {{ .Values.statefulset.log.format }}
- name: LOG_LEVEL
value: {{ .Values.statefulset.log.level }}
- name: DSN
valueFrom:
secretKeyRef:
name: {{ include "kratos.secretname" . }}
key: dsn
- name: COURIER_SMTP_CONNECTION_URI
valueFrom:
secretKeyRef:
name: {{ include "kratos.secretname" . }}
key: smtpConnectionURI
{{- if .Values.deployment.extraEnv }}
{{ toYaml .Values.deployment.extraEnv | indent 12 }}
{{- end }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
volumes:
- name: {{ include "kratos.fullname" . }}-config-volume
configMap:
name: {{ include "kratos.fullname" . }}-config
{{- if .Values.deployment.extraVolumes }}
{{ toYaml .Values.deployment.extraVolumes | indent 8 }}
{{- end }}
{{- $root := . -}}
{{- range $method, $methodEntry := .Values.kratos.emailTemplates }}
{{- range $result, $resultEntry := $methodEntry }}
- name: {{ include "kratos.name" $root }}-template-{{ $method }}-{{ $result }}-volume
configMap:
name: {{ include "kratos.fullname" $root }}-template-{{ $method }}-{{ $result }}
{{- end }}
{{- end }}
28 changes: 28 additions & 0 deletions helm/charts/kratos/templates/statefulset-svc.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
# Headless Service for StatefulSet. See https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#limitations
# and https://kubernetes.io/docs/concepts/services-networking/service/#headless-services for details.
apiVersion: v1
kind: Service
metadata:
name: {{ include "kratos.fullname" . }}-courier
{{- if .Release.Namespace }}
namespace: {{ .Release.Namespace }}
{{- end }}
labels:
{{ include "kratos.labels" . | indent 4 }}
{{- with .Values.deployment.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
annotations:
{{- with .Values.deployment.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
clusterIP: None
ports:
- port: {{ .Values.service.public.port }}
targetPort: http-public
protocol: TCP
name: http
selector:
app.kubernetes.io/name: {{ include "kratos.fullname" . }}-courier
app.kubernetes.io/instance: {{ .Release.Name }}
Loading

0 comments on commit e658234

Please sign in to comment.