diff --git a/applications/common/deploy/values.yaml b/applications/common/deploy/values.yaml index 256492adb..eec864503 100644 --- a/applications/common/deploy/values.yaml +++ b/applications/common/deploy/values.yaml @@ -5,6 +5,9 @@ harness: auto: true port: 8080 name: common + proxy: + gatekeeper: + replicas: 1 deployment: auto: true name: common diff --git a/applications/samples/deploy/values.yaml b/applications/samples/deploy/values.yaml index 1006e7a1f..ed04be7c7 100644 --- a/applications/samples/deploy/values.yaml +++ b/applications/samples/deploy/values.yaml @@ -17,6 +17,9 @@ harness: usenfs: false auto: true port: 8080 + proxy: + gatekeeper: + replicas: 1 uri_role_mapping: - uri: / white-listed: true diff --git a/applications/volumemanager/deploy/values.yaml b/applications/volumemanager/deploy/values.yaml index 0b10b02d0..a30e43d11 100644 --- a/applications/volumemanager/deploy/values.yaml +++ b/applications/volumemanager/deploy/values.yaml @@ -1,6 +1,9 @@ harness: name: volumemanager subdomain: volumemanager + proxy: + gatekeeper: + replicas: 1 service: port: 8080 auto: true diff --git a/deployment-configuration/helm/templates/auto-gatekeepers.yaml b/deployment-configuration/helm/templates/auto-gatekeepers.yaml index 32c66b0ef..2e1e6197a 100644 --- a/deployment-configuration/helm/templates/auto-gatekeepers.yaml +++ b/deployment-configuration/helm/templates/auto-gatekeepers.yaml @@ -121,7 +121,7 @@ metadata: labels: app: "{{ .subdomain }}-gk" spec: - replicas: 1 + replicas: {{ .app.harness.proxy.gatekeeper.replicas | default .root.Values.proxy.gatekeeper.replicas | default 5 }} selector: matchLabels: app: "{{ .subdomain }}-gk" @@ -135,7 +135,7 @@ spec: {{ include "deploy_utils.etcHosts" .root | indent 6 }} containers: - name: {{ .app.harness.service.name | quote }} - image: "quay.io/gogatekeeper/gatekeeper:2.14.3" + image: {{ .app.harness.proxy.gatekeeper.image | default .root.Values.proxy.gatekeeper.image | default "quay.io/gogatekeeper/gatekeeper:2.14.3" }} imagePullPolicy: IfNotPresent {{ if .root.Values.local }} securityContext: @@ -163,12 +163,7 @@ spec: - name: https containerPort: 8443 resources: - requests: - memory: "32Mi" - cpu: "5m" - limits: - memory: "64Mi" - cpu: "100m" +{{ .app.harness.proxy.gatekeeper.resources | default .root.Values.proxy.gatekeeper.resources | toYaml | nindent 10 }} volumes: - name: "{{ .subdomain }}-gk-proxy-config" configMap: diff --git a/deployment-configuration/helm/templates/ingress.yaml b/deployment-configuration/helm/templates/ingress.yaml index 425ac3beb..5d3ea8ee7 100644 --- a/deployment-configuration/helm/templates/ingress.yaml +++ b/deployment-configuration/helm/templates/ingress.yaml @@ -1,15 +1,52 @@ {{- define "deploy_utils.ingress.http" }} {{ $domain := .root.Values.domain }} {{ $secured_gatekeepers := and .root.Values.secured_gatekeepers }} + {{ $app := .app }} http: paths: +{{- if and $app.harness.secured $secured_gatekeepers $app.harness.uri_role_mapping }} + {{- range $mapping := $app.harness.uri_role_mapping }} + {{- if and (hasKey $mapping "white-listed") (index $mapping "white-listed") }} + {{- $uri := $mapping.uri }} + {{- if eq $uri "/" }} + - path: /() + pathType: ImplementationSpecific + backend: + service: + name: {{ $app.harness.service.name | quote }} + port: + number: {{ $app.harness.service.port | default 80 }} + {{- else if hasSuffix "/*" $uri }} + {{- $cleanPath := trimSuffix "/*" $uri }} + {{- $pathWithoutSlash := trimPrefix "/" $cleanPath }} + - path: {{ printf "/(%s/.*)" $pathWithoutSlash }} + pathType: ImplementationSpecific + backend: + service: + name: {{ $app.harness.service.name | quote }} + port: + number: {{ $app.harness.service.port | default 80 }} + {{- else if not (contains "*" $uri) }} + {{- $pathWithoutSlash := trimPrefix "/" $uri }} + - path: {{ printf "/(%s)" $pathWithoutSlash }} + pathType: ImplementationSpecific + backend: + service: + name: {{ $app.harness.service.name | quote }} + port: + number: {{ $app.harness.service.port | default 80 }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} - path: /(.*) pathType: ImplementationSpecific backend: service: - name: {{ if (and .app.harness.secured $secured_gatekeepers) }}{{ printf "%s-gk" .subdomain }}{{ else }}{{ .app.harness.service.name | quote }}{{ end }} + name: {{ if (and $app.harness.secured $secured_gatekeepers) }}{{ printf "%s-gk" .subdomain }}{{ else }}{{ $app.harness.service.name | quote }}{{ end }} port: - number: {{- if (and .app.harness.secured $secured_gatekeepers) }} 8080 {{- else }} {{ .app.harness.service.port | default 80 }}{{- end }} + number: {{- if (and $app.harness.secured $secured_gatekeepers) }} 8080 {{- else }} {{ $app.harness.service.port | default 80 }}{{- end }} + {{- end }} {{- define "deploy_utils.ingress.service" }} {{ $domain := .root.Values.domain }} @@ -40,6 +77,9 @@ metadata: nginx.ingress.kubernetes.io/ssl-redirect: {{ (and $tls .Values.ingress.ssl_redirect) | quote }} nginx.ingress.kubernetes.io/proxy-body-size: '{{ .Values.proxy.payload.max }}m' nginx.ingress.kubernetes.io/proxy-buffer-size: '128k' + nginx.ingress.kubernetes.io/proxy-buffering: "on" + nginx.ingress.kubernetes.io/proxy-buffers-number: "8" + nginx.ingress.kubernetes.io/proxy-max-temp-file-size: "1024m" nginx.ingress.kubernetes.io/from-to-www-redirect: 'true' nginx.ingress.kubernetes.io/rewrite-target: /$1 nginx.ingress.kubernetes.io/auth-keepalive-timeout: {{ .Values.proxy.timeout.keepalive | quote }} diff --git a/deployment-configuration/helm/values.yaml b/deployment-configuration/helm/values.yaml index 75a14f3ab..ec38061b0 100644 --- a/deployment-configuration/helm/values.yaml +++ b/deployment-configuration/helm/values.yaml @@ -76,3 +76,13 @@ proxy: payload: # -- Maximum size of payload in MB max: 250 + gatekeeper: + # -- Default gatekeeper image + image: "quay.io/gogatekeeper/gatekeeper:2.14.3" + # -- Default number of gatekeeper replicas + replicas: 1 + resources: + requests: + memory: "32Mi" + limits: + memory: "64Mi" diff --git a/deployment-configuration/value-template.yaml b/deployment-configuration/value-template.yaml index 50cc7b11b..31f1b7eb9 100644 --- a/deployment-configuration/value-template.yaml +++ b/deployment-configuration/value-template.yaml @@ -139,3 +139,13 @@ harness: payload: # -- Maximum size of payload in MB max: + gatekeeper: + # -- Default gatekeeper image + image: "quay.io/gogatekeeper/gatekeeper:2.14.3" + # -- Default number of gatekeeper replicas + replicas: 1 + resources: + requests: + memory: "32Mi" + limits: + memory: "64Mi" \ No newline at end of file diff --git a/docs/model/GatekeeperConf.md b/docs/model/GatekeeperConf.md new file mode 100644 index 000000000..e27090fbf --- /dev/null +++ b/docs/model/GatekeeperConf.md @@ -0,0 +1,31 @@ +# GatekeeperConf + + + +## Properties + +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**image** | **str** | | [optional] +**replicas** | **int** | | [optional] + +## Example + +```python +from cloudharness_model.models.gatekeeper_conf import GatekeeperConf + +# TODO update the JSON string below +json = "{}" +# create an instance of GatekeeperConf from a JSON string +gatekeeper_conf_instance = GatekeeperConf.from_json(json) +# print the JSON string representation of the object +print(GatekeeperConf.to_json()) + +# convert the object into a dict +gatekeeper_conf_dict = gatekeeper_conf_instance.to_dict() +# create an instance of GatekeeperConf from a dict +gatekeeper_conf_from_dict = GatekeeperConf.from_dict(gatekeeper_conf_dict) +``` +[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) + + diff --git a/docs/model/ProxyConf.md b/docs/model/ProxyConf.md index 2f46546f8..dc47913aa 100644 --- a/docs/model/ProxyConf.md +++ b/docs/model/ProxyConf.md @@ -9,6 +9,7 @@ Name | Type | Description | Notes **forwarded_headers** | **bool** | | [optional] **payload** | [**ProxyPayloadConf**](ProxyPayloadConf.md) | | [optional] **timeout** | [**ProxyTimeoutConf**](ProxyTimeoutConf.md) | | [optional] +**gatekeeper** | [**GatekeeperConf**](GatekeeperConf.md) | | [optional] ## Example diff --git a/libraries/models/README.md b/libraries/models/README.md index 3aa69ec5d..4cab56aa4 100644 --- a/libraries/models/README.md +++ b/libraries/models/README.md @@ -87,6 +87,7 @@ Class | Method | HTTP request | Description - [DockerfileConfig](docs/DockerfileConfig.md) - [E2ETestsConfig](docs/E2ETestsConfig.md) - [FileResourcesConfig](docs/FileResourcesConfig.md) + - [GatekeeperConf](docs/GatekeeperConf.md) - [GitDependencyConfig](docs/GitDependencyConfig.md) - [HarnessMainConfig](docs/HarnessMainConfig.md) - [IngressConfig](docs/IngressConfig.md) diff --git a/libraries/models/api/openapi.yaml b/libraries/models/api/openapi.yaml index 99c84f92c..161e0d57f 100644 --- a/libraries/models/api/openapi.yaml +++ b/libraries/models/api/openapi.yaml @@ -5,28 +5,30 @@ info: components: schemas: AutoArtifactSpec: - description: "" + description: '' required: [] type: object properties: auto: - description: "When true, enables automatic template" + description: 'When true, enables automatic template' type: boolean name: - description: "" + description: '' type: string ServiceAutoArtifactConfig: - description: "" + description: '' type: object allOf: - - type: object - properties: - port: - description: Service port - type: integer - - $ref: "#/components/schemas/AutoArtifactSpec" + - + type: object + properties: + port: + description: Service port + type: integer + - + $ref: '#/components/schemas/AutoArtifactSpec' ApplicationDependenciesConfig: - description: "" + description: '' type: object properties: hard: @@ -51,22 +53,22 @@ components: items: type: string git: - description: "" + description: '' type: array items: - $ref: "#/components/schemas/GitDependencyConfig" + $ref: '#/components/schemas/GitDependencyConfig' DeploymentResourcesConf: - description: "" + description: '' type: object properties: requests: - $ref: "#/components/schemas/CpuMemoryConfig" - description: "" + $ref: '#/components/schemas/CpuMemoryConfig' + description: '' limits: - $ref: "#/components/schemas/CpuMemoryConfig" - description: "" + $ref: '#/components/schemas/CpuMemoryConfig' + description: '' FileResourcesConfig: - description: "" + description: '' required: - name - src @@ -74,13 +76,13 @@ components: type: object properties: name: - $ref: "#/components/schemas/Filename" - description: "" + $ref: '#/components/schemas/Filename' + description: '' src: - $ref: "#/components/schemas/Filename" - description: "" + $ref: '#/components/schemas/Filename' + description: '' dst: - description: "" + description: '' type: string ApplicationProbe: description: >- @@ -93,22 +95,22 @@ components: type: object properties: path: - $ref: "#/components/schemas/URL" - description: "" + $ref: '#/components/schemas/URL' + description: '' periodSeconds: - description: "" + description: '' type: number failureThreshold: - description: "" + description: '' type: number initialDelaySeconds: - description: "" + description: '' type: number port: - description: "" + description: '' type: number URL: - description: "" + description: '' type: string ApplicationConfig: description: Place here the values to configure your application helm templates. @@ -117,43 +119,43 @@ components: type: object properties: harness: - $ref: "#/components/schemas/ApplicationHarnessConfig" + $ref: '#/components/schemas/ApplicationHarnessConfig' description: >- Values inside this section have a special meaning to cloudharness (e.g. enabling and configuring automatic deployment) additionalProperties: true RegistryConfig: - description: "" + description: '' required: - name type: object properties: name: - $ref: "#/components/schemas/URL" + $ref: '#/components/schemas/URL' description: The docker registry where built images are pushed secret: description: Optional secret used for pulling from docker registry. type: string FreeObject: - description: "" + description: '' type: object additionalProperties: true ApplicationsConfigsMap: - description: "" + description: '' type: object additionalProperties: - $ref: "#/components/schemas/ApplicationConfig" + $ref: '#/components/schemas/ApplicationConfig' NameValue: - description: "" + description: '' required: - name type: object properties: name: - description: "" + description: '' type: string value: - description: "" + description: '' type: string UserGroup: type: object @@ -162,7 +164,7 @@ components: type: object additionalProperties: true attributes: - $ref: "#/components/schemas/SimpleMap" + $ref: '#/components/schemas/SimpleMap' additionalProperties: true clientRoles: type: object @@ -180,7 +182,7 @@ components: subGroups: type: array items: - $ref: "#/components/schemas/UserGroup" + $ref: '#/components/schemas/UserGroup' UserCredential: type: object properties: @@ -222,7 +224,7 @@ components: credentials: type: array items: - $ref: "#/components/schemas/UserCredential" + $ref: '#/components/schemas/UserCredential' disableableCredentialTypes: type: array items: @@ -259,25 +261,25 @@ components: type: string additionalProperties: {} userGroups: - description: "" + description: '' type: array items: - $ref: "#/components/schemas/UserGroup" + $ref: '#/components/schemas/UserGroup' organizations: - description: "" + description: '' type: array items: - $ref: "#/components/schemas/Organization" + $ref: '#/components/schemas/Organization' Filename: - description: "" - pattern: "^[^<>:;,?*|]+$" + description: '' + pattern: '^[^<>:;,?*|]+$' type: string PathSpecifier: - description: "" - pattern: "^[^<>:;,?|]+$" + description: '' + pattern: '^[^<>:;,?|]+$' type: string CDCEventMeta: - description: "" + description: '' required: - app_name type: object @@ -286,20 +288,20 @@ components: description: The name of the application/microservice sending the message type: string user: - $ref: "#/components/schemas/User" - description: "" + $ref: '#/components/schemas/User' + description: '' args: description: the caller function arguments type: array items: - $ref: "#/components/schemas/FreeObject" + $ref: '#/components/schemas/FreeObject' kwargs: description: the caller function keyword arguments description: description: General description -- for human consumption type: string JupyterHubConfig: - description: "" + description: '' type: object properties: args: @@ -308,10 +310,10 @@ components: items: type: string extraConfig: - $ref: "#/components/schemas/SimpleMap" + $ref: '#/components/schemas/SimpleMap' description: allows you to add Python snippets to the jupyterhub_config.py file spawnerExtraConfig: - $ref: "#/components/schemas/FreeObject" + $ref: '#/components/schemas/FreeObject' description: allows you to add values to the spawner object without the need of creating a new hook applicationHook: description: |- @@ -341,7 +343,7 @@ components: type: string additionalProperties: true ApplicationAccountsConfig: - description: "" + description: '' type: object properties: roles: @@ -350,10 +352,10 @@ components: items: type: string users: - description: "Defines test users to be added to the deployment, specific for this application" + description: 'Defines test users to be added to the deployment, specific for this application' type: array items: - $ref: "#/components/schemas/ApplicationUser" + $ref: '#/components/schemas/ApplicationUser' ApplicationUser: description: Defines a user required: @@ -361,23 +363,23 @@ components: type: object properties: username: - description: "" + description: '' type: string password: - description: "" + description: '' type: string clientRoles: - description: "" + description: '' type: array items: type: string realmRoles: - description: "" + description: '' type: array items: type: string ApplicationTestConfig: - description: "" + description: '' required: - unit - e2e @@ -385,23 +387,23 @@ components: type: object properties: unit: - $ref: "#/components/schemas/UnitTestsConfig" - description: "" + $ref: '#/components/schemas/UnitTestsConfig' + description: '' api: - $ref: "#/components/schemas/ApiTestsConfig" - description: "" + $ref: '#/components/schemas/ApiTestsConfig' + description: '' e2e: - $ref: "#/components/schemas/E2ETestsConfig" - description: "" + $ref: '#/components/schemas/E2ETestsConfig' + description: '' UnitTestsConfig: - description: "" + description: '' required: - enabled - commands type: object properties: enabled: - description: "Enables unit tests for this application (default: true)" + description: 'Enables unit tests for this application (default: true)' type: boolean commands: description: Commands to run unit tests @@ -410,26 +412,26 @@ components: type: string example: '["pytest /usr/src/app/samples/test"]' E2ETestsConfig: - description: "" + description: '' required: - enabled - smoketest type: object properties: enabled: - description: "Enables end to end testing for this application (default: false)" + description: 'Enables end to end testing for this application (default: false)' type: boolean smoketest: description: Specify whether to run the common smoke tests type: boolean ignoreConsoleErrors: - description: "" + description: '' type: boolean ignoreRequestErrors: - description: "" + description: '' type: boolean ApiTestsConfig: - description: "" + description: '' required: - enabled - autotest @@ -437,7 +439,7 @@ components: type: object properties: enabled: - description: "Enables api tests for this application (default: false)" + description: 'Enables api tests for this application (default: false)' type: boolean autotest: description: Specify whether to run the common smoke tests @@ -469,11 +471,11 @@ components: type: string example: '["not_a_server_error", "status_code_conformance"]' SimpleMap: - description: "" + description: '' type: object additionalProperties: true Quota: - description: "" + description: '' type: object additionalProperties: true example: @@ -492,10 +494,10 @@ components: branch_tag: type: string path: - description: "Defines the path where the repo is cloned. default: /git" + description: 'Defines the path where the repo is cloned. default: /git' type: string example: - url: "https://github.com/MetaCell/nwb-explorer.git" + url: 'https://github.com/MetaCell/nwb-explorer.git' branch_tag: master path: /git DockerfileConfig: @@ -503,7 +505,7 @@ components: type: object properties: buildArgs: - $ref: "#/components/schemas/SimpleMap" + $ref: '#/components/schemas/SimpleMap' description: >- Map of build arguments to provide to the dockerfile at build time. @@ -513,7 +515,7 @@ components: caution should be taken when using this feature as it can lead to inconsistent behaviour across environments. HarnessMainConfig: - description: "" + description: '' required: - local - secured_gatekeepers @@ -524,7 +526,7 @@ components: type: object properties: local: - description: "If set to true, local DNS mapping is added to pods." + description: 'If set to true, local DNS mapping is added to pods.' type: boolean secured_gatekeepers: description: >- @@ -542,39 +544,39 @@ components: description: Defines the app to map to the root domain type: string registry: - $ref: "#/components/schemas/RegistryConfig" - description: "" + $ref: '#/components/schemas/RegistryConfig' + description: '' tag: description: Docker tag used to push/pull the built images. type: string apps: - $ref: "#/components/schemas/ApplicationsConfigsMap" - description: "" + $ref: '#/components/schemas/ApplicationsConfigsMap' + description: '' env: description: Environmental variables added to all pods type: array items: - $ref: "#/components/schemas/NameValue" + $ref: '#/components/schemas/NameValue' privenv: description: Private environmental variables added to all pods type: array items: - $ref: "#/components/schemas/NameValue" + $ref: '#/components/schemas/NameValue' backup: - $ref: "#/components/schemas/BackupConfig" - description: "" + $ref: '#/components/schemas/BackupConfig' + description: '' name: description: Base name type: string task-images: - $ref: "#/components/schemas/SimpleMap" - description: "" + $ref: '#/components/schemas/SimpleMap' + description: '' build_hash: - description: "" + description: '' type: string ingress: - $ref: "#/components/schemas/IngressConfig" - description: "" + $ref: '#/components/schemas/IngressConfig' + description: '' additionalProperties: true ApplicationHarnessConfig: description: |- @@ -584,37 +586,37 @@ components: type: object properties: deployment: - $ref: "#/components/schemas/DeploymentAutoArtifactConfig" + $ref: '#/components/schemas/DeploymentAutoArtifactConfig' description: Defines reference deployment parameters. Values maps to k8s spec service: - $ref: "#/components/schemas/ServiceAutoArtifactConfig" + $ref: '#/components/schemas/ServiceAutoArtifactConfig' description: Defines automatic service parameters. subdomain: - description: "If specified, an ingress will be created at [subdomain].[.Values.domain]" + description: 'If specified, an ingress will be created at [subdomain].[.Values.domain]' type: string aliases: - description: "If specified, an ingress will be created at [alias].[.Values.domain] for each alias" + description: 'If specified, an ingress will be created at [alias].[.Values.domain] for each alias' type: array items: type: string domain: - description: "If specified, an ingress will be created at [domain]" + description: 'If specified, an ingress will be created at [domain]' type: string dependencies: - $ref: "#/components/schemas/ApplicationDependenciesConfig" + $ref: '#/components/schemas/ApplicationDependenciesConfig' description: >- Application dependencies are used to define what is required in the deployment when --include (-i) is used. Specify application names in the list. secured: - description: "When true, the application is shielded with a getekeeper" + description: 'When true, the application is shielded with a getekeeper' type: boolean uri_role_mapping: - description: "Map uri/roles to secure with the Gatekeeper (if `secured: true`)" + description: 'Map uri/roles to secure with the Gatekeeper (if `secured: true`)' type: array items: - $ref: "#/components/schemas/UriRoleMappingConfig" + $ref: '#/components/schemas/UriRoleMappingConfig' secrets: - $ref: "#/components/schemas/SimpleMap" + $ref: '#/components/schemas/SimpleMap' description: |- Define secrets will be mounted in the deployment @@ -639,136 +641,140 @@ components: ``` type: array items: - $ref: "#/components/schemas/NamedObject" + $ref: '#/components/schemas/NamedObject' database: - $ref: "#/components/schemas/DatabaseDeploymentConfig" - description: "" + $ref: '#/components/schemas/DatabaseDeploymentConfig' + description: '' resources: description: |- Application file resources. Maps from deploy/resources folder and mounts as configmaps type: array items: - $ref: "#/components/schemas/FileResourcesConfig" + $ref: '#/components/schemas/FileResourcesConfig' readinessProbe: - $ref: "#/components/schemas/ApplicationProbe" + $ref: '#/components/schemas/ApplicationProbe' description: Kubernetes readiness probe configuration startupProbe: - $ref: "#/components/schemas/ApplicationProbe" - description: "" + $ref: '#/components/schemas/ApplicationProbe' + description: '' livenessProbe: - $ref: "#/components/schemas/ApplicationProbe" + $ref: '#/components/schemas/ApplicationProbe' description: Kubernetes liveness probe configuration sourceRoot: - $ref: "#/components/schemas/Filename" - description: "" + $ref: '#/components/schemas/Filename' + description: '' name: description: |- Application's name. Do not edit, the value is automatically set from the application directory's name type: string jupyterhub: - $ref: "#/components/schemas/JupyterHubConfig" + $ref: '#/components/schemas/JupyterHubConfig' description: | Configurations specific to jupyterhub. Edit only if your application is configured as a jupyterhub deployment accounts: - $ref: "#/components/schemas/ApplicationAccountsConfig" + $ref: '#/components/schemas/ApplicationAccountsConfig' description: Define specific test users and roles for this application test: - $ref: "#/components/schemas/ApplicationTestConfig" + $ref: '#/components/schemas/ApplicationTestConfig' description: Enable and configure automated testing for this application. quotas: - $ref: "#/components/schemas/Quota" - description: "" + $ref: '#/components/schemas/Quota' + description: '' env: - description: "Environmental variables added to all containers (deprecated, please use envmap)" + description: 'Environmental variables added to all containers (deprecated, please use envmap)' type: array items: - $ref: "#/components/schemas/NameValue" + $ref: '#/components/schemas/NameValue' envmap: - $ref: "#/components/schemas/SimpleMap" + $ref: '#/components/schemas/SimpleMap' description: Environmental variables added to all containers dockerfile: - $ref: "#/components/schemas/DockerfileConfig" + $ref: '#/components/schemas/DockerfileConfig' description: Configuration for the dockerfile used to build the app sentry: - description: "" + description: '' type: boolean proxy: - $ref: "#/components/schemas/ProxyConf" - description: "" + $ref: '#/components/schemas/ProxyConf' + description: '' additionalProperties: true Organization: - description: "" + description: '' type: object allOf: - - type: object - properties: - domains: - description: "" - type: array - items: - $ref: "#/components/schemas/NamedObject" - alias: - description: "" - type: string - enabled: - description: "" - type: boolean - id: - description: "" - type: string - - $ref: "#/components/schemas/NamedObject" + - + type: object + properties: + domains: + description: '' + type: array + items: + $ref: '#/components/schemas/NamedObject' + alias: + description: '' + type: string + enabled: + description: '' + type: boolean + id: + description: '' + type: string + - + $ref: '#/components/schemas/NamedObject' DatabaseDeploymentConfig: - description: "" + description: '' type: object allOf: - - type: object - properties: - type: - description: |- - Define the database type. + - + type: object + properties: + type: + description: |- + Define the database type. - One of (mongo, postgres, neo4j, sqlite3) - pattern: ^(mongo|postgres|neo4j|sqlite3)$ - type: string - example: '"neo4j"' - size: - description: Specify database disk size - type: string - example: 1Gi - user: - description: database username - type: string - pass: - description: Database password - type: string - image_ref: - description: Used for referencing images from the build - type: string - example: "image_ref: myownpgimage" - mongo: - $ref: "#/components/schemas/FreeObject" - description: Mongo db specific configuration - postgres: - $ref: "#/components/schemas/FreeObject" - description: Postgres database specific configuration - neo4j: - description: Neo4j database specific configuration - resources: - $ref: "#/components/schemas/DeploymentResourcesConf" - description: Database deployment resources - - $ref: "#/components/schemas/AutoArtifactSpec" + One of (mongo, postgres, neo4j, sqlite3) + pattern: ^(mongo|postgres|neo4j|sqlite3)$ + type: string + example: '"neo4j"' + size: + description: Specify database disk size + type: string + example: 1Gi + user: + description: database username + type: string + pass: + description: Database password + type: string + image_ref: + description: Used for referencing images from the build + type: string + example: 'image_ref: myownpgimage' + mongo: + $ref: '#/components/schemas/FreeObject' + description: Mongo db specific configuration + postgres: + $ref: '#/components/schemas/FreeObject' + description: Postgres database specific configuration + neo4j: + description: Neo4j database specific configuration + resources: + $ref: '#/components/schemas/DeploymentResourcesConf' + description: Database deployment resources + - + $ref: '#/components/schemas/AutoArtifactSpec' additionalProperties: true UriRoleMappingConfig: - description: "Defines the application Gatekeeper configuration, if enabled (i.e. `secured: true`." + description: 'Defines the application Gatekeeper configuration, if enabled (i.e. `secured: true`.' required: - uri type: object properties: uri: - $ref: "#/components/schemas/PathSpecifier" + $ref: '#/components/schemas/PathSpecifier' description: Path to secure roles: description: Roles allowed to access the present uri @@ -776,25 +782,25 @@ components: items: type: string white-listed: - description: "" + description: '' type: boolean additionalProperties: true BackupConfig: - description: "" + description: '' required: - dir - resources type: object properties: active: - description: "" + description: '' type: boolean keep_days: - description: "" + description: '' keep_weeks: - description: "" + description: '' keep_months: - description: "" + description: '' schedule: description: Cron expression type: string @@ -805,67 +811,71 @@ components: description: The volume size for backups (all backups share the same volume) type: string dir: - $ref: "#/components/schemas/Filename" - description: "Target directory of backups, the mount point of the persistent volume." + $ref: '#/components/schemas/Filename' + description: 'Target directory of backups, the mount point of the persistent volume.' resources: - $ref: "#/components/schemas/DeploymentResourcesConf" - description: "" + $ref: '#/components/schemas/DeploymentResourcesConf' + description: '' CpuMemoryConfig: - description: "" + description: '' type: object properties: cpu: - description: "" + description: '' memory: - description: "" + description: '' DeploymentAutoArtifactConfig: - description: "" + description: '' type: object allOf: - - type: object - properties: - port: - description: Deployment port - replicas: - description: Number of replicas - type: integer - image: - description: >- - Image name to use in the deployment. Leave it blank to set from the - application's + - + type: object + properties: + port: + description: Deployment port + replicas: + description: Number of replicas + type: integer + image: + description: >- + Image name to use in the deployment. Leave it blank to set from the + application's - Docker file - pattern: "(?:[a-z]+/)?([a-z]+)(?::[0-9]+)?" - type: string - resources: - $ref: "#/components/schemas/DeploymentResourcesConf" - description: Deployment resources - volume: - $ref: "#/components/schemas/DeploymentVolumeSpec" - description: Volume specification - - $ref: "#/components/schemas/AutoArtifactSpec" + Docker file + pattern: '(?:[a-z]+/)?([a-z]+)(?::[0-9]+)?' + type: string + resources: + $ref: '#/components/schemas/DeploymentResourcesConf' + description: Deployment resources + volume: + $ref: '#/components/schemas/DeploymentVolumeSpec' + description: Volume specification + - + $ref: '#/components/schemas/AutoArtifactSpec' DeploymentVolumeSpec: description: |- Defines a volume attached to the deployment. Automatically created the volume claim and mounts. type: object allOf: - - required: - - mountpath - type: object - properties: - mountpath: - description: The mount path for the volume - type: string - size: - description: |- - The volume size. + - + required: + - mountpath + type: object + properties: + mountpath: + description: The mount path for the volume + type: string + size: + description: |- + The volume size. - E.g. 5Gi - usenfs: - description: Set to `true` to use the nfs on the created volume and mount as ReadWriteMany. - type: boolean - - $ref: "#/components/schemas/AutoArtifactSpec" + E.g. 5Gi + usenfs: + description: Set to `true` to use the nfs on the created volume and mount as ReadWriteMany. + type: boolean + - + $ref: '#/components/schemas/AutoArtifactSpec' example: auto: true mountpath: /usr/src/app/persistent @@ -898,26 +908,26 @@ components: description: the type of the message (relates to the object type) e.g. jobs type: string resource: - $ref: "#/components/schemas/FreeObject" + $ref: '#/components/schemas/FreeObject' description: The target object meta: - $ref: "#/components/schemas/CDCEventMeta" - description: "" + $ref: '#/components/schemas/CDCEventMeta' + description: '' ProxyConf: title: Root Type for ProxyConf - description: "" + description: '' type: object properties: forwardedHeaders: type: boolean payload: - $ref: "#/components/schemas/ProxyPayloadConf" + $ref: '#/components/schemas/ProxyPayloadConf' properties: max: format: int32 type: integer timeout: - $ref: "#/components/schemas/ProxyTimeoutConf" + $ref: '#/components/schemas/ProxyTimeoutConf' properties: keepalive: format: int32 @@ -928,6 +938,9 @@ components: send: format: int32 type: integer + gatekeeper: + $ref: '#/components/schemas/GatekeeperConf' + description: '' example: forwardedHeaders: true payload: @@ -938,7 +951,7 @@ components: send: 60 ProxyPayloadConf: title: Root Type for ProxyPayloadConf - description: "" + description: '' type: object properties: max: @@ -948,7 +961,7 @@ components: max: 250 ProxyTimeoutConf: title: Root Type for ProxyTimeoutConf - description: "" + description: '' type: object properties: keepalive: @@ -966,7 +979,7 @@ components: send: 60 NamedObject: title: Root Type for NamedObject - description: "" + description: '' type: object properties: name: @@ -975,22 +988,37 @@ components: example: name: a name IngressConfig: - description: "" + description: '' type: object allOf: - - type: object - properties: - ssl_redirect: - description: "" - type: boolean - letsencrypt: - description: "" - type: object - properties: - email: - type: string - enabled: - description: "" - type: boolean - - $ref: "#/components/schemas/AutoArtifactSpec" + - + type: object + properties: + ssl_redirect: + description: '' + type: boolean + letsencrypt: + description: '' + type: object + properties: + email: + type: string + enabled: + description: '' + type: boolean + - + $ref: '#/components/schemas/AutoArtifactSpec' additionalProperties: true + GatekeeperConf: + title: Root Type for GatekeeperConf + description: '' + type: object + properties: + image: + type: string + replicas: + format: int32 + type: integer + example: + image: 'quay.io/gogatekeeper/gatekeeper:2.14.3' + replicas: 5 diff --git a/libraries/models/cloudharness_model/models/__init__.py b/libraries/models/cloudharness_model/models/__init__.py index 070578357..82af9e911 100644 --- a/libraries/models/cloudharness_model/models/__init__.py +++ b/libraries/models/cloudharness_model/models/__init__.py @@ -34,6 +34,7 @@ from cloudharness_model.models.dockerfile_config import DockerfileConfig from cloudharness_model.models.e2_e_tests_config import E2ETestsConfig from cloudharness_model.models.file_resources_config import FileResourcesConfig +from cloudharness_model.models.gatekeeper_conf import GatekeeperConf from cloudharness_model.models.git_dependency_config import GitDependencyConfig from cloudharness_model.models.harness_main_config import HarnessMainConfig from cloudharness_model.models.ingress_config import IngressConfig diff --git a/libraries/models/cloudharness_model/models/gatekeeper_conf.py b/libraries/models/cloudharness_model/models/gatekeeper_conf.py new file mode 100644 index 000000000..2e757429a --- /dev/null +++ b/libraries/models/cloudharness_model/models/gatekeeper_conf.py @@ -0,0 +1,85 @@ +# coding: utf-8 + +""" + cloudharness + + No description provided (generated by Openapi Generator https://github.com/openapitools/openapi-generator) + + The version of the OpenAPI document: 1.0.0 + Generated by OpenAPI Generator (https://openapi-generator.tech) + + Do not edit the class manually. +""" # noqa: E501 + + +from __future__ import annotations +import pprint +import re # noqa: F401 +import json + +from typing import Optional, Set +from typing_extensions import Self + + +from cloudharness_model.base_model import CloudHarnessBaseModel +from pydantic import BaseModel, Field, field_validator, StrictStr, StrictBool, StrictInt, StrictFloat +from typing import ClassVar, List, Dict, Any, Union, Optional, Annotated +import importlib + +class GatekeeperConf(CloudHarnessBaseModel): + """ + + """ # noqa: E501 + image: Optional[StrictStr] = None + replicas: Optional[StrictInt] = None + additional_properties: Dict[str, Any] = {} + __properties: ClassVar[List[str]] = ["image", "replicas"] + + def to_dict(self) -> Dict[str, Any]: + """Return the dictionary representation of the model using alias. + + This has the following differences from calling pydantic's + `self.model_dump(by_alias=True)`: + + * `None` is only added to the output dict for nullable fields that + were set at model initialization. Other fields with value `None` + are ignored. + * Fields in `self.additional_properties` are added to the output dict. + """ + excluded_fields: Set[str] = set([ + "additional_properties", + ]) + + _dict = self.model_dump( + by_alias=True, + exclude=excluded_fields, + exclude_none=True, + ) + # puts key-value pairs in additional_properties in the top level + if self.additional_properties is not None: + for _key, _value in self.additional_properties.items(): + _dict[_key] = _value + + return _dict + + @classmethod + def from_dict(cls, obj: Optional[Dict[str, Any]]) -> Optional[Self]: + """Create an instance of GatekeeperConf from a dict""" + if obj is None: + return None + + if not isinstance(obj, dict): + return cls.model_validate(obj) + + _obj = cls.model_validate({ + "image": obj.get("image"), + "replicas": obj.get("replicas") + }) + # store additional fields in additional_properties + for _key in obj.keys(): + if _key not in cls.__properties: + _obj.additional_properties[_key] = obj.get(_key) + + return _obj + + diff --git a/libraries/models/cloudharness_model/models/proxy_conf.py b/libraries/models/cloudharness_model/models/proxy_conf.py index 330a9ff7a..7fc250f24 100644 --- a/libraries/models/cloudharness_model/models/proxy_conf.py +++ b/libraries/models/cloudharness_model/models/proxy_conf.py @@ -25,6 +25,7 @@ from pydantic import BaseModel, Field, field_validator, StrictStr, StrictBool, StrictInt, StrictFloat from typing import ClassVar, List, Dict, Any, Union, Optional, Annotated import importlib +from cloudharness_model.models.gatekeeper_conf import GatekeeperConf from cloudharness_model.models.proxy_payload_conf import ProxyPayloadConf from cloudharness_model.models.proxy_timeout_conf import ProxyTimeoutConf @@ -35,8 +36,9 @@ class ProxyConf(CloudHarnessBaseModel): forwarded_headers: Optional[StrictBool] = Field(default=None, alias="forwardedHeaders") payload: Optional[ProxyPayloadConf] = None timeout: Optional[ProxyTimeoutConf] = None + gatekeeper: Optional[GatekeeperConf] = None additional_properties: Dict[str, Any] = {} - __properties: ClassVar[List[str]] = ["forwardedHeaders", "payload", "timeout"] + __properties: ClassVar[List[str]] = ["forwardedHeaders", "payload", "timeout", "gatekeeper"] def to_dict(self) -> Dict[str, Any]: """Return the dictionary representation of the model using alias. @@ -64,6 +66,9 @@ def to_dict(self) -> Dict[str, Any]: # override the default output from pydantic by calling `to_dict()` of timeout if self.timeout: _dict['timeout'] = self.timeout.to_dict() + # override the default output from pydantic by calling `to_dict()` of gatekeeper + if self.gatekeeper: + _dict['gatekeeper'] = self.gatekeeper.to_dict() # puts key-value pairs in additional_properties in the top level if self.additional_properties is not None: for _key, _value in self.additional_properties.items(): @@ -83,7 +88,8 @@ def from_dict(cls, obj: Optional[Dict[str, Any]]) -> Optional[Self]: _obj = cls.model_validate({ "forwardedHeaders": obj.get("forwardedHeaders"), "payload": ProxyPayloadConf.from_dict(obj["payload"]) if obj.get("payload") is not None else None, - "timeout": ProxyTimeoutConf.from_dict(obj["timeout"]) if obj.get("timeout") is not None else None + "timeout": ProxyTimeoutConf.from_dict(obj["timeout"]) if obj.get("timeout") is not None else None, + "gatekeeper": GatekeeperConf.from_dict(obj["gatekeeper"]) if obj.get("gatekeeper") is not None else None }) # store additional fields in additional_properties for _key in obj.keys(): diff --git a/libraries/models/docs/GatekeeperConf.md b/libraries/models/docs/GatekeeperConf.md new file mode 100644 index 000000000..e27090fbf --- /dev/null +++ b/libraries/models/docs/GatekeeperConf.md @@ -0,0 +1,31 @@ +# GatekeeperConf + + + +## Properties + +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**image** | **str** | | [optional] +**replicas** | **int** | | [optional] + +## Example + +```python +from cloudharness_model.models.gatekeeper_conf import GatekeeperConf + +# TODO update the JSON string below +json = "{}" +# create an instance of GatekeeperConf from a JSON string +gatekeeper_conf_instance = GatekeeperConf.from_json(json) +# print the JSON string representation of the object +print(GatekeeperConf.to_json()) + +# convert the object into a dict +gatekeeper_conf_dict = gatekeeper_conf_instance.to_dict() +# create an instance of GatekeeperConf from a dict +gatekeeper_conf_from_dict = GatekeeperConf.from_dict(gatekeeper_conf_dict) +``` +[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) + + diff --git a/libraries/models/docs/ProxyConf.md b/libraries/models/docs/ProxyConf.md index 2f46546f8..dc47913aa 100644 --- a/libraries/models/docs/ProxyConf.md +++ b/libraries/models/docs/ProxyConf.md @@ -9,6 +9,7 @@ Name | Type | Description | Notes **forwarded_headers** | **bool** | | [optional] **payload** | [**ProxyPayloadConf**](ProxyPayloadConf.md) | | [optional] **timeout** | [**ProxyTimeoutConf**](ProxyTimeoutConf.md) | | [optional] +**gatekeeper** | [**GatekeeperConf**](GatekeeperConf.md) | | [optional] ## Example