new helm chart work

.github/workflows/release.yaml

@@ -0,0 +1,35 @@
+name: release
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Configure Git
+        run: |
+          git config user.name "$GITHUB_ACTOR"
+          git config user.email "[email protected]"
+
+      - name: Set up Helm
+        uses: azure/setup-helm@v4
+        with:
+          version: v3.11.2
+
+      - name: Run chart-releaser
+        uses: helm/[email protected]
+        with:
+          charts_dir: helm/charts
+          config: helm/cr.yaml
+        env:
+          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"

charts/api/Chart.yaml

@@ -0,0 +1,10 @@
+apiVersion: v1
+version: 0.11.4
+appVersion: 0.8.3-rc26
+name: stable-ha
+description: Call Telemetry for Cisco Callmanager
+home: https://calltelemetry.com/
+icon: https://calltelemetry.com/logo.png
+maintainers:
+  - email: [email protected]
+    name: Call Telemetry LLC

charts/api/requirements.lock

@@ -0,0 +1,6 @@
+dependencies:
+- name: nats
+  repository: https://nats-io.github.io/k8s/helm/charts/
+  version: 1.1.10
+digest: sha256:e1e095b2a209b034464b636f4f2ebdde6f93a8b7da0e58dd88435c95f561d237
+generated: "2024-07-25T07:10:35.937857-05:00"

charts/api/requirements.yaml

@@ -0,0 +1,4 @@
+dependencies:
+  - name: nats
+    version: 1.1.10
+    repository: https://nats-io.github.io/k8s/helm/charts/

charts/api/templates/_helper.yaml

@@ -0,0 +1,16 @@
+# {{/* vim: set filetype=mustache: */}}
+# {{/*
+# Expand the name of the chart.
+# */}}
+# {{- define "name" -}}
+# {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+# {{- end -}}
+
+# {{/*
+# Create a default fully qualified app name.
+# We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+# */}}
+# {{- define "fullname" -}}
+# {{- $name := default .Chart.Name .Values.nameOverride -}}
+# {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+# {{- end -}}

charts/api/templates/deployments/admin-deployment.yaml

@@ -0,0 +1,111 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Release.Name  }}-admin-service
+  labels:
+    app: {{ .Release.Name  }}-admin-service
+spec:
+  selector:
+    matchLabels:
+      app: {{ .Release.Name  }}-admin-service
+  replicas: 1
+  strategy:
+    # type: Recreate
+    rollingUpdate:
+      maxSurge: 50%
+      maxUnavailable: 70%
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app: {{ .Release.Name  }}-admin-service
+    spec:
+      securityContext:
+        runAsUser: {{ .Values.userid }}
+      tolerations:
+        - effect: NoExecute
+          key: node.kubernetes.io/unreachable
+          operator: Exists
+          tolerationSeconds: 2
+        - effect: NoExecute
+          key: node.kubernetes.io/not-ready
+          operator: Exists
+          tolerationSeconds: 2
+      terminationGracePeriodSeconds: 5
+      affinity:
+          podAntiAffinity:
+            preferredDuringSchedulingIgnoredDuringExecution:
+            - weight: 100
+              podAffinityTerm:
+                labelSelector:
+                  matchExpressions:
+                  - key: app
+                    operator: In
+                    values:
+                    - {{ .Release.Name  }}-admin-service
+                topologyKey: "kubernetes.io/hostname"
+      containers:
+        - name: admin-service
+          image: {{ .Values.admin.image }}
+          imagePullPolicy: {{ .Values.admin.imagePullPolicy }}
+          ports:
+            - containerPort: 4001
+            - containerPort: 4080
+          resources:
+            requests:
+              memory: "256Mi"
+              cpu: "100m"
+            limits:
+              # memory: "1024Mi"
+              cpu: {{ .Values.admin.cpus }}
+          # livenessProbe:
+          #   httpsGet:
+          #     path: /
+          #     port: 4001
+          #   initialDelaySeconds: 15
+          livenessProbe:
+            httpGet:
+              scheme: HTTP
+              path: /health
+              port: 4000
+            initialDelaySeconds: 15
+            periodSeconds: 3
+          readinessProbe:
+            httpGet:
+              scheme: HTTP
+              path: /health
+              port: 4000
+            initialDelaySeconds: 3
+            periodSeconds: 3
+          env:
+            - name: EXTERNAL_IP
+              value: {{ .Values.hostname}}
+            - name: DB_USER
+              valueFrom: { secretKeyRef: { name: {{ .Values.db_secret }}, key: user} }
+            - name: DB_PASSWORD
+              valueFrom: { secretKeyRef: { name: {{ .Values.db_secret }}, key: password } }
+            - name: DB_NAME
+              valueFrom: { secretKeyRef: { name: {{ .Values.db_secret }}, key: dbname } }
+            - name: DB_HOSTNAME
+              valueFrom: { secretKeyRef: { name: {{ .Values.db_secret }}, key: host} }
+            - name: CDR_ROOT_PATH
+              value: {{ .Values.cdr_root_path }}
+            - name: DB_PORT
+              value: {{ quote .Values.db_port }}
+            - name: DB_SSL_ENABLED
+              value: {{ quote .Values.db_ssl_enabled }}
+            - name: LOGGING_LEVEL
+              value: {{ .Values.admin.logging_level }}
+            - name: LOCAL_NATS
+              value: {{ .Release.Name  }}-nats
+            - name: WORKER_NODE
+              value: "TRUE"
+            - name: ADMIN_NODE
+              value: "TRUE"
+            - name: HTTP_ADAPTER
+              value: "HACKNEY"
+            - name: CERT_KEY
+              value: /home/app/cert/appliance_key.pem
+            - name: CERT_PUBLIC
+              value: /home/app/cert/appliance.pem

charts/api/templates/deployments/api-deployment.yaml

@@ -0,0 +1,104 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Release.Name  }}-api
+  labels:
+    app: {{ .Release.Name  }}-api
+spec:
+  selector:
+    matchLabels:
+      app: {{ .Release.Name  }}-api
+  replicas: {{ .Values.api.replicas }}
+  strategy:
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 2
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app: {{ .Release.Name  }}-api
+    spec:
+      securityContext:
+        runAsUser: {{ .Values.userid }}
+      tolerations:
+        - effect: NoExecute
+          key: node.kubernetes.io/unreachable
+          operator: Exists
+          tolerationSeconds: 2
+        - effect: NoExecute
+          key: node.kubernetes.io/not-ready
+          operator: Exists
+          tolerationSeconds: 2
+      terminationGracePeriodSeconds: 5
+      affinity:
+          podAntiAffinity:
+            preferredDuringSchedulingIgnoredDuringExecution:
+            - weight: 100
+              podAffinityTerm:
+                labelSelector:
+                  matchExpressions:
+                  - key: app
+                    operator: In
+                    values:
+                    - {{ .Release.Name  }}-api
+                topologyKey: "kubernetes.io/hostname"
+      containers:
+        - name: primary-api
+          image: {{ .Values.api.image }}
+          imagePullPolicy: {{ .Values.api.imagePullPolicy }}
+          ports:
+            - containerPort: 4080
+            - containerPort: 4000
+            - containerPort: 3022
+          resources:
+            requests:
+              memory: "256Mi"
+              cpu: "200m"
+            limits:
+              memory: "1024Mi"
+              cpu: {{ .Values.api.cpus }}
+          livenessProbe:
+            httpGet:
+              path: /healthz
+              port: 4080
+            initialDelaySeconds: 15
+            periodSeconds: 3
+          readinessProbe:
+            httpGet:
+              path: /healthz
+              port: 4080
+            initialDelaySeconds: 3
+            periodSeconds: 3
+          env:
+            - name: EXTERNAL_IP
+              value: {{ .Values.hostname }}
+            - name: DB_USER
+              valueFrom: { secretKeyRef: { name: {{ .Values.db_secret }}, key: user} }
+            - name: DB_PASSWORD
+              valueFrom: { secretKeyRef: { name: {{ .Values.db_secret }}, key: password } }
+            - name: DB_NAME
+              valueFrom: { secretKeyRef: { name: {{ .Values.db_secret }}, key: dbname } }
+            - name: DB_HOSTNAME
+              valueFrom: { secretKeyRef: { name: {{ .Values.db_secret }}, key: host} }
+            - name: DB_PORT
+              value: {{ quote .Values.db_port }}
+            - name: DB_SSL_ENABLED
+              value: {{ quote .Values.db_ssl_enabled }}
+            - name: CDR_ROOT_PATH
+              value: {{ .Values.cdr_root_path }}
+            - name: LOGGING_LEVEL
+              value: {{ .Values.api.logging_level }}
+            - name: TRACEROUTE_SERVICE
+              value: {{ .Release.Name  }}-traceroute-service
+            - name: LOCAL_NATS
+              value: {{ .Release.Name  }}-nats
+            - name: ADMIN_NODE
+              value: "FALSE"
+            - name: WORKER_NODE
+              value: "TRUE"
+            - name: CERT_KEY
+              value: /home/app/cert/appliance_key.pem
+            - name: CERT_PUBLIC
+              value: /home/app/cert/appliance.pem

charts/api/templates/deployments/traceroute-deployment.yaml

@@ -0,0 +1,67 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Release.Name  }}-traceroute-service
+  labels:
+    app: {{ .Release.Name  }}-traceroute-service
+spec:
+  selector:
+    matchLabels:
+      app: {{ .Release.Name  }}-traceroute-service
+  replicas: 1
+  strategy:
+    rollingUpdate:
+      maxSurge: 50%
+      maxUnavailable: 70%
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app: {{ .Release.Name  }}-traceroute-service
+    spec:
+      securityContext:
+        # allowPrivilegeEscalation: false
+        # privileged: true
+        runAsUser: 0
+        # capabilities:
+          # add: ["CAP_NET_RAW"]
+      tolerations:
+        - effect: NoExecute
+          key: node.kubernetes.io/unreachable
+          operator: Exists
+          tolerationSeconds: 2
+        - effect: NoExecute
+          key: node.kubernetes.io/not-ready
+          operator: Exists
+          tolerationSeconds: 2
+      terminationGracePeriodSeconds: 5
+      # affinity:
+      #     podAntiAffinity:
+      #       preferredDuringSchedulingIgnoredDuringExecution:
+      #       - weight: 100
+      #         podAffinityTerm:
+      #           labelSelector:
+      #             matchExpressions:
+      #             - key: app
+      #               operator: In
+      #               values:
+      #               - {{ .Release.Name  }}-primary-web
+      #               - {{ .Release.Name  }}-secondary-web
+      #           topologyKey: "kubernetes.io/hostname"
+      containers:
+        - name: {{ .Release.Name  }}-traceroute
+          image: {{ .Values.traceroute.image }}
+          imagePullPolicy: {{ .Values.traceroute.imagePullPolicy }}
+          ports:
+            - containerPort: 4100
+          resources:
+            requests:
+              # memory: "512Mi"
+              cpu: "256m"
+            limits:
+              # memory: "1024Mi"
+              cpu: {{ .Values.traceroute.cpus }}
+          env:
+            - name: NATS_HOSTNAME
+              value: {{ .Release.Name  }}-nats

charts/api/templates/services/admin-internal.yaml

@@ -0,0 +1,23 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Release.Name }}-admin-internal-service
+  labels:
+    app: {{ .Release.Name }}-admin-internal-service
+spec:
+  type: ClusterIP  # Internal service type
+  selector:
+    app: {{ .Release.Name }}-admin-service
+  ports:
+    - port: 4001
+      targetPort: 4001
+      protocol: TCP
+      name: https
+    - port: 4000
+      targetPort: 4000
+      protocol: TCP
+      name: http
+    - port: 4080
+      targetPort: 4080
+      protocol: TCP
+      name: api