Skip to content

Commit

Permalink
feat: ingress, pubsub, blob store, ent support (#44)
Browse files Browse the repository at this point in the history 
* add ingress

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* fix linting errors

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* add ingress and test

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* update unit test

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* update helm unittest version

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* add ENT postgres support

Signed-off-by: Sunny Yip <sunny@kusari.dev>

check in test inputs

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* bump helm chart version

Signed-off-by: Sunny Yip <sunny@kusari.dev>

fix test

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* add pubsub and blob addr

Signed-off-by: Sunny Yip <sunny@kusari.dev>

add labels to collectsub

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* add labels to collectsub

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* set defaults for pubSubAddr and blobAddr

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* fix white spaces

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* add minio blobstore

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* update test config and set namespace

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* add minio chart to test

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* fix whitespaces

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* fix whitespaces

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* make test work

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* lower memory request for minio

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* fix formatting

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* pull image from ghcr

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* login to ghcr

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* login to ghcr

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* use generated ns

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* use latest build

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* remove unused permission

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* update README

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* get local test running

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* update README

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* bump version and include minio as a dependency

Signed-off-by: Sunny Yip <sunny@kusari.dev>

* fix linting error

Signed-off-by: Sunny Yip <sunny@kusari.dev>

---------

Signed-off-by: Sunny Yip <sunny@kusari.dev>
  • Loading branch information
@sunnyyip
sunnyyip authored Mar 8, 2024
1 parent 12395bf commit e7fefb5
Show file tree
Hide file tree
Showing 29 changed files with 727 additions and 136 deletions.
18 changes: 14 additions & 4 deletions .github/workflows/tests.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,8 @@ jobs:

- name: Run helm unittest
run: |
helm plugin install https://github.com/quintush/helm-unittest --version 0.2.11
helm unittest charts/guac -3
helm plugin install https://github.com/helm-unittest/helm-unittest.git --version 0.4.1
helm unittest charts/guac
- name: Install Helm
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5
Expand All @@ -37,8 +37,9 @@ jobs:

- name: Add Helm repos
run: |
helm repo add neo4j https://helm.neo4j.com/neo4j
# helm repo add neo4j https://helm.neo4j.com/neo4j
helm repo add nats https://nats-io.github.io/k8s/helm/charts
helm repo add minio https://charts.min.io/
- name: Set up chart-testing
uses: helm/chart-testing-action@afea100a513515fbd68b0e72a7bb0ae34cb62aec # v2.3.1
Expand Down Expand Up @@ -66,6 +67,15 @@ jobs:
version: 'v1.26.0'
id: install

- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Run chart-testing (install)
run: ct install --all --helm-extra-args --timeout=600s
run: |
kubectl create ns chart-testing
ct install --all --helm-extra-args --timeout=600s
# if: steps.list-changed.outputs.changed == 'true'
7 changes: 5 additions & 2 deletions charts/guac/Chart.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,8 @@ dependencies:
- name: nats
repository: https://nats-io.github.io/k8s/helm/charts/
version: 0.19.17
digest: sha256:ecbbc3cea93f04cb5daf676ad1953d09c399396f2e74dbeb326521203240b508
generated: "2023-08-16T14:24:33.92852-04:00"
- name: minio
repository: https://charts.min.io/
version: 5.0.15
digest: sha256:bea07af7a724b783003cd5c82ac3763d7c3fb82b2c6df0fb0b8a3f82ebc1b577
generated: "2024-02-28T21:29:37.996055-05:00"
11 changes: 9 additions & 2 deletions charts/guac/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,17 @@ maintainers:
email: guac-info@kusari.dev

type: application
version: 0.2.6
appVersion: "v0.4.0"
version: 0.2.7
appVersion: "v0.5.0"

dependencies:
- name: nats
version: "~0.19.12"
repository: "https://nats-io.github.io/k8s/helm/charts/"
condition: nats.enabled

# See s3 compatible storage config for MinIO at https://gocloud.dev/howto/blob/#s3
- name: minio
version: "~5.0.15"
repository: "https://charts.min.io/"
condition: minio.enabled
209 changes: 128 additions & 81 deletions charts/guac/README.md
View file

Large diffs are not rendered by default.

165 changes: 152 additions & 13 deletions charts/guac/schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,16 +26,10 @@
"description": "Path to the GUAC image",
"default": "ghcr.io/guacsec/guac"
},
"tag": {
"type": "string",
"description": "Tag if using an image tag. Optional",
"default": "v0.2.0",
"nullable": true
},
"digest": {
"type": "string",
"description": "Sha256 Image Digest. It is strongly recommended to use this for verification.",
"default": ""
"default": "\"\""
},
"pullPolicy": {
"type": "string",
Expand All @@ -49,6 +43,16 @@
}
}
},
"common": {
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "Environment variables common apply for all guac services",
"default": "\"\""
}
}
},
"ociCollector": {
"type": "object",
"properties": {
Expand Down Expand Up @@ -84,6 +88,11 @@
}
}
},
"env": {
"type": "object",
"description": "Environment variables for OCI Collector.",
"default": {}
},
"nodeSelector": {
"type": "object",
"description": "- sets the node selector for where to run the deployment",
Expand Down Expand Up @@ -126,6 +135,11 @@
}
}
},
"env": {
"type": "object",
"description": "Environment variables for Deps.Dev Collector.",
"default": {}
},
"nodeSelector": {
"type": "object",
"description": "- sets the node selector for where to run the deployment",
Expand Down Expand Up @@ -168,6 +182,11 @@
}
}
},
"env": {
"type": "object",
"description": "Environment variables for OSV Certifier Collector.",
"default": {}
},
"nodeSelector": {
"type": "object",
"description": "- sets the node selector for where to run the deployment",
Expand Down Expand Up @@ -210,6 +229,11 @@
}
}
},
"env": {
"type": "object",
"description": "Environment variables for ingestor.",
"default": {}
},
"nodeSelector": {
"type": "object",
"description": "- sets the node selector for where to run the deployment",
Expand Down Expand Up @@ -265,6 +289,11 @@
}
}
},
"env": {
"type": "object",
"description": "Environment variables for Collector Sub.",
"default": {}
},
"svcPorts": {
"type": "array",
"description": "Protocol used at Collector Sub",
Expand Down Expand Up @@ -341,6 +370,11 @@
}
}
},
"env": {
"type": "object",
"description": "Environment variables for GraphQL Server.",
"default": {}
},
"svcPorts": {
"type": "array",
"description": "Protocol used at the the GraphQL Server",
Expand All @@ -364,8 +398,8 @@
},
"backend": {
"type": "string",
"description": "which backend to use - only support inmem at the moment.",
"default": "inmem"
"description": "which backend to use - keyvalue (default) | arango | ent.",
"default": "keyvalue"
},
"debug": {
"type": "boolean",
Expand Down Expand Up @@ -414,7 +448,7 @@
"digest": {
"type": "string",
"description": "Sha256 Image Digest. It is strongly recommended to use this for verification.",
"default": ""
"default": "\"\""
},
"pullPolicy": {
"type": "string",
Expand Down Expand Up @@ -457,6 +491,11 @@
}
}
},
"env": {
"type": "object",
"description": "Environment variables for the visualizer.",
"default": {}
},
"nodeSelector": {
"type": "object",
"description": "- sets the node selector for where to run the deployment",
Expand All @@ -479,13 +518,68 @@
"properties": {
"ingest": {
"type": "boolean",
"description": "Boolean - whether to ingest sample data after deployment",
"description": "Boolean Whether to ingest sample data after deployment",
"default": false
},
"jobName": {
"type": "string",
"description": "Name of the sample data ingest job",
"default": "ingest-guac-data"
},
"env": {
"type": "object",
"description": "Environment variables for the sample data ingest job",
"default": {}
}
}
},
"ingress": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Whether to deploy an Ingress object",
"default": false
}
}
},
"apiOnlyIngress": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Whether to deploy an Ingress object to expose API only",
"default": false
}
}
},
"backend": {
"type": "object",
"properties": {
"ent": {
"type": "object",
"properties": {
"db-driver": {
"type": "string",
"description": "database driver to use, one of [postgres | sqlite3 | mysql] or anything supported by sql.DB",
"default": "postgres"
},
"db-address": {
"type": "string",
"description": "Full URL of database to connect to",
"default": "postgres://guac:guac@host:port/dbName?sslmode=disable"
},
"db-migrate": {
"type": "boolean",
"description": "Wether to automatically run database migrations on start",
"default": true
},
"db-debug": {
"type": "boolean",
"description": "Enable debug logging for database queries",
"default": true
}
}
}
}
}
Expand All @@ -494,6 +588,11 @@
"nats": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Whehter to deploy nats",
"default": true
},
"nats": {
"type": "object",
"properties": {
Expand All @@ -519,13 +618,23 @@
}
}
},
"natsbox": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Whehter to run natsbox",
"default": false
}
}
},
"exporter": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Boolean to enable data collection",
"default": true
"default": false
},
"serviceMonitor": {
"type": "object",
Expand All @@ -537,7 +646,7 @@
},
"namespace": {
"type": "string",
"description": "nats service monitor namespace - this is for monitoring purposes and is used by Prometheus",
"description": "String nats service monitor namespace - this is for monitoring purposes and is used by Prometheus",
"default": "monitoring"
},
"labels": {
Expand All @@ -555,6 +664,36 @@
}
}
}
},
"minio": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Whehter to deploy minio as part of the Helm deployment",
"default": true
},
"replicas": {
"type": "number",
"description": "Number of replicas.",
"default": 1
},
"mode": {
"type": "string",
"description": "minio mode, i.e. standalone or distributed",
"default": "standalone"
},
"rootUser": {
"type": "string",
"description": "root user name.",
"default": "rootUser"
},
"rootPassword": {
"type": "string",
"description": "root user password.",
"default": "rootPassword"
}
}
}
}
}
2 changes: 0 additions & 2 deletions charts/guac/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,8 +44,6 @@ helm.sh/chart: {{ include "guac.chart" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: "guac"
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}

Expand Down
Loading

0 comments on commit e7fefb5

Please sign in to comment.