diff --git a/charts/agent/templates/deployment.yaml b/charts/agent/templates/deployment.yaml index 9a031d3..786221d 100755 --- a/charts/agent/templates/deployment.yaml +++ b/charts/agent/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.rollout.enabled }} apiVersion: apps/v1 kind: Deployment metadata: @@ -401,3 +402,4 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} +{{- end }} diff --git a/charts/agent/templates/rollout.yaml b/charts/agent/templates/rollout.yaml new file mode 100644 index 0000000..3f5aec9 --- /dev/null +++ b/charts/agent/templates/rollout.yaml @@ -0,0 +1,407 @@ +{{- if .Values.rollout.enabled }} +apiVersion: argoproj.io/v1alpha1 +kind: Rollout +metadata: + name: {{ include "convoy-agent.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "convoy-agent.name" . }} + helm.sh/chart: {{ include "convoy-agent.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +spec: + replicas: {{ .Values.app.replicaCount }} + strategy: + {{- toYaml .Values.rollout.strategy | nindent 4 }} + selector: + matchLabels: + app.kubernetes.io/name: {{ include "convoy-agent.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + template: + metadata: + annotations: + {{- with .Values.app.podAnnotations }} + {{- tpl (toYaml . ) $ | nindent 8 }} + {{- end }} + updatedAt: {{ now | quote }} + labels: + app.kubernetes.io/name: {{ include "convoy-agent.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + spec: + {{- if or .Values.global.convoy.cacert_secret_name .Values.global.convoy.cacert_content }} + volumes: + - name: convoy-cacert + secret: + secretName: {{ if .Values.global.convoy.cacert_secret_name }}{{ .Values.global.convoy.cacert_secret_name }}{{ else }}{{ include "convoy-agent.fullname" . }}-cacert{{ end }} + items: + - key: ca.crt + path: ca.crt + {{- end }} + initContainers: + - name: wait-for-migrate + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + env: + {{- if .Values.global.externalDatabase.enabled }} + - name: CONVOY_DB_SCHEME + value: postgresql + - name: CONVOY_DB_HOST + value: {{ .Values.global.externalDatabase.host | quote }} + - name: CONVOY_DB_PORT + value: {{ .Values.global.externalDatabase.port | quote }} + - name: CONVOY_DB_USERNAME + value: {{ .Values.global.externalDatabase.username | quote }} + {{- if ne .Values.global.externalDatabase.secret "" }} + - name: CONVOY_DB_PASSWORD + valueFrom: + secretKeyRef: + name: "{{ .Values.global.externalDatabase.secret }}" + key: password + {{- else }} + - name: CONVOY_DB_PASSWORD + value: {{ .Values.global.externalDatabase.password | quote }} + {{- end }} + - name: CONVOY_DB_DATABASE + value: {{ .Values.global.externalDatabase.database | quote }} + - name: CONVOY_DB_OPTIONS + value: {{ .Values.global.externalDatabase.options | quote }} + {{- end }} + command: [ "/cmd" ] + args: [ "migrate", "up" ] + {{- with .Values.securityContext }} + securityContext: + {{- toYaml . | nindent 2 }} + {{- end }} + + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: ["/cmd"] + args: ["agent"] + {{- with .Values.securityContext }} + securityContext: + {{- toYaml . | nindent 2 }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.app.port }} + protocol: TCP + env: + - name: SERVICE_NAME + value: {{ .Chart.Name }} + - name: PORT + value: {{ .Values.app.port | quote }} + - name: HTTP_PROXY + value: {{ .Values.env.proxy | quote }} + - name: CONVOY_LOGGER_LEVEL + value: {{ .Values.env.log_level | quote }} + - name: CONVOY_ENV + value: {{ .Values.env.environment | quote }} + - name: CONVOY_SIGNUP_ENABLED + value: {{ .Values.env.sign_up_enabled | quote }} + {{- if or .Values.global.convoy.cacert_secret_name .Values.global.convoy.cacert_content }} + - name: CONVOY_DISPATCHER_CACERT_PATH + value: "/etc/convoy/ca.crt" + {{- end }} + {{- if and .Values.env.auth.file.secret (ne .Values.env.auth.file.secret "") }} + - name: CONVOY_BASIC_AUTH_CONFIG + valueFrom: + secretKeyRef: + name: "{{ .Values.env.auth.file.secret }}" + key: basic_auth_config + {{- else if .Values.env.auth.file.basic }} + - name: CONVOY_BASIC_AUTH_CONFIG + value: {{ .Values.env.auth.file.basic | toJson | quote }} + {{- end }} + + {{- if .Values.global.externalDatabase.enabled }} + - name: CONVOY_DB_SCHEME + value: postgresql + - name: CONVOY_DB_HOST + value: {{ .Values.global.externalDatabase.host | quote }} + - name: CONVOY_DB_PORT + value: {{ .Values.global.externalDatabase.port | quote }} + - name: CONVOY_DB_USERNAME + value: {{ .Values.global.externalDatabase.username | quote }} + {{- if ne .Values.global.externalDatabase.secret "" }} + - name: CONVOY_DB_PASSWORD + valueFrom: + secretKeyRef: + name: "{{ .Values.global.externalDatabase.secret }}" + key: password + {{- else }} + - name: CONVOY_DB_PASSWORD + value: {{ .Values.global.externalDatabase.password | quote }} + {{- end }} + - name: CONVOY_DB_DATABASE + value: {{ .Values.global.externalDatabase.database | quote }} + - name: CONVOY_DB_OPTIONS + value: {{ .Values.global.externalDatabase.options | quote }} + {{- if .Values.global.externalDatabase.readReplicas }} + - name: CONVOY_DB_READ_REPLICAS + value: {{ .Values.global.externalDatabase.readReplicas | toJson | quote }} + {{- end }} + {{- end }} + + {{- if .Values.global.nativeRedis.enabled }} + - name: CONVOY_REDIS_HOST + value: {{ .Values.global.nativeRedis.host | quote }} + {{- if ne .Values.global.nativeRedis.secret "" }} + - name: CONVOY_REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: "{{ .Values.global.nativeRedis.secret }}" + key: password + {{- else }} + - name: CONVOY_REDIS_PASSWORD + value: {{ .Values.global.nativeRedis.password | quote }} + {{- end }} + - name: CONVOY_REDIS_PORT + value: {{ .Values.global.nativeRedis.port | quote }} + - name : CONVOY_REDIS_TYPE + value: "NATIVE" + {{- end }} + + {{- if .Values.global.externalRedis.enabled }} + {{- if .Values.global.externalRedis.addresses }} + - name: CONVOY_REDIS_CLUSTER_ADDRESSES + value: {{ .Values.global.externalRedis.addresses | quote }} + {{- else }} + - name: CONVOY_REDIS_TYPE + value: "EXTERNAL" + - name: CONVOY_REDIS_HOST + value: {{ .Values.global.externalRedis.host | quote }} + {{- if ne .Values.global.externalRedis.secret "" }} + - name: CONVOY_REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: "{{ .Values.global.externalRedis.secret }}" + key: password + {{- else }} + - name: CONVOY_REDIS_PASSWORD + value: {{ .Values.global.externalRedis.password | quote }} + {{- end }} + - name : CONVOY_REDIS_PORT + value: {{ .Values.global.externalRedis.port | quote }} + - name: CONVOY_REDIS_SCHEME + value: {{ .Values.global.externalRedis.scheme | quote }} + - name : CONVOY_REDIS_USERNAME + value: {{ .Values.global.externalRedis.username | quote }} + - name: CONVOY_REDIS_DATABASE + value: {{ .Values.global.externalRedis.database | quote }} + {{- end }} + {{- end }} + + {{- if .Values.env.smtp.enabled }} + - name: CONVOY_SMTP_URL + value: {{ .Values.env.smtp.url | quote }} + - name: CONVOY_SMTP_USERNAME + value: {{ .Values.env.smtp.username | quote }} + {{- if and .Values.env.smtp.secret (ne .Values.env.smtp.secret "") }} + - name: CONVOY_SMTP_PASSWORD + valueFrom: + secretKeyRef: + name: "{{ .Values.env.smtp.secret }}" + key: password + {{- else }} + - name: CONVOY_SMTP_PASSWORD + value: {{ .Values.env.smtp.password | quote }} + {{- end }} + - name: CONVOY_SMTP_FROM + value: {{ .Values.env.smtp.from | quote }} + - name: CONVOY_SMTP_PORT + value: {{ .Values.env.smtp.port | quote }} + - name: CONVOY_SMTP_REPLY_TO + value: {{ .Values.env.smtp.from | quote }} + - name: CONVOY_SMTP_PROVIDER + value: {{ .Values.env.smtp.provider | quote }} + - name: CONVOY_SMTP_SSL + value: {{ .Values.env.smtp.ssl | toString | quote }} + {{- end }} + + + {{- if .Values.env.tracer.enabled }} + - name: CONVOY_TRACER_PROVIDER + value: {{ .Values.env.tracer.type | quote }} + - name: CONVOY_OTEL_SAMPLE_RATE + value: {{ .Values.env.tracer.otel.sample_rate | quote }} + - name: CONVOY_OTEL_COLLECTOR_URL + value: {{ .Values.env.tracer.otel.collector_url | quote }} + - name: CONVOY_OTEL_AUTH_HEADER_NAME + value: {{ .Values.env.tracer.otel.otel_auth.header_name | quote }} + - name: CONVOY_OTEL_AUTH_HEADER_VALUE + value: {{ .Values.env.tracer.otel.otel_auth.header_value | quote }} + - name: CONVOY_OTEL_INSECURE_SKIP_VERIFY + value: {{ .Values.env.tracer.otel.insecure_skip_verify | quote }} + - name: CONVOY_SENTRY_DSN + value: {{ .Values.env.tracer.sentry.dsn | quote }} + - name: CONVOY_SENTRY_DEBUG + value: {{ .Values.env.tracer.sentry.debug | quote }} + {{- if .Values.env.tracer.sentry.environment }} + - name: CONVOY_SENTRY_ENVIRONMENT + value: {{ .Values.env.tracer.sentry.environment | quote }} + {{- end }} + {{- end }} + + {{- if .Values.env.storage.enabled }} + - name: CONVOY_STORAGE_POLICY_TYPE + value: {{ .Values.env.storage.type | quote }} + + {{- if eq .Values.env.storage.type "on_prem"}} + - name: CONVOY_STORAGE_PREM_PATH + value: {{ .Values.env.storage.on_prem.path | quote }} + {{- end }} + + {{- if eq .Values.env.storage.type "s3" }} + - name: CONVOY_STORAGE_AWS_BUCKET + value: {{ .Values.env.storage.s3.bucket | quote }} + - name: CONVOY_STORAGE_AWS_ACCESS_KEY + value: {{ .Values.env.storage.s3.accessKey | quote }} + {{- if and .Values.env.storage.s3.secret (ne .Values.env.storage.s3.secret "") }} + - name: CONVOY_STORAGE_AWS_SECRET_KEY + valueFrom: + secretKeyRef: + name: "{{ .Values.env.storage.s3.secret }}" + key: secretKey + {{- else }} + - name: CONVOY_STORAGE_AWS_SECRET_KEY + value: {{ .Values.env.storage.s3.secretKey | quote }} + {{- end }} + - name: CONVOY_STORAGE_AWS_REGION + value: {{ .Values.env.storage.s3.region | quote }} + - name: CONVOY_STORAGE_AWS_SESSION_TOKEN + value: {{ .Values.env.storage.s3.session_token | quote }} + - name: CONVOY_STORAGE_AWS_ENDPOINT + value: {{ .Values.env.storage.s3.endpoint | quote }} + - name: CONVOY_STORAGE_AWS_PREFIX + value: {{ .Values.env.storage.s3.prefix | quote }} + {{- end }} + {{- end }} + + - name: CONVOY_INSTANCE_INGEST_RATE + value: {{ .Values.env.instance_ingest_rate | quote }} + - name: CONVOY_ANALYTICS_ENABLED + value: {{ .Values.env.analytics_enabled | quote }} + - name: CONVOY_ENABLE_PROFILING + value: {{ .Values.env.enable_profiling | quote }} + + {{- if .Values.env.metrics.enabled }} + - name: CONVOY_METRICS_ENABLED + value: {{ .Values.env.metrics.enabled | quote }} + - name: CONVOY_METRICS_BACKEND + value: {{ .Values.env.metrics.metrics_backend | quote }} + - name: CONVOY_METRICS_SAMPLE_TIME + value: {{ .Values.env.metrics.prometheus_metrics.sample_time | quote }} + {{- end }} + + {{- if .Values.env.pyroscope.enabled }} + - name: CONVOY_ENABLE_PYROSCOPE_PROFILING + value: {{ .Values.env.pyroscope.enabled | quote }} + - name: CONVOY_PYROSCOPE_URL + value: {{ .Values.env.pyroscope.url | quote }} + - name: CONVOY_PYROSCOPE_USERNAME + value: {{ .Values.env.pyroscope.username | quote }} + - name: CONVOY_PYROSCOPE_PASSWORD + value: {{ .Values.env.pyroscope.password | quote }} + - name: CONVOY_PYROSCOPE_PROFILE_ID + value: {{ .Values.env.pyroscope.profile_id | quote }} + {{- end }} + + {{- if .Values.env.retention_policy.enabled }} + - name: CONVOY_RETENTION_POLICY + value: {{ .Values.env.retention_policy.policy | quote }} + - name: CONVOY_RETENTION_POLICY_ENABLED + value: {{ .Values.env.retention_policy.enabled | quote }} + {{- end}} + + {{- if .Values.global.convoy.license_key_secret_name }} + - name: CONVOY_LICENSE_KEY + valueFrom: + secretKeyRef: + name: "{{ .Values.global.convoy.license_key_secret_name }}" + key: license_key + {{- else if .Values.global.convoy.license_key }} + - name: CONVOY_LICENSE_KEY + valueFrom: + secretKeyRef: + name: "convoy-license-key" + key: license_key + {{- else }} + {{- end }} + + - name: CONVOY_ENABLE_FEATURE_FLAG + value: {{ join "," .Values.env.enable_feature_flag | quote }} + - name: CONVOY_CONSUMER_POOL_SIZE + value: {{ .Values.env.consumer_pool_size | quote }} + - name: CONVOY_WORKER_EXECUTION_MODE + value: {{ .Values.env.worker_execution_mode | quote }} + - name: CONVOY_MAX_RETRY_SECONDS + value: {{ .Values.env.max_retry_seconds | quote }} + - name: CONVOY_DISPATCHER_INSECURE_SKIP_VERIFY + value: {{ .Values.env.dispatcher.insecure_skip_verify | quote }} + - name: CONVOY_DISPATCHER_ALLOW_LIST + value: {{ join "," .Values.env.dispatcher.allow_list | toJson | quote }} + - name: CONVOY_DISPATCHER_DENY_LIST + value: {{ join "," .Values.env.dispatcher.deny_list | toJson | quote }} + + {{- if .Values.global.convoy.google_oauth_enabled }} + # -- Google OAuth SSO configuration + - name: CONVOY_GOOGLE_OAUTH_ENABLED + value: {{ .Values.global.convoy.google_oauth_enabled | quote }} + - name: CONVOY_GOOGLE_OAUTH_CLIENT_ID + value: {{ .Values.global.convoy.google_oauth_client_id | quote }} + - name: CONVOY_GOOGLE_OAUTH_REDIRECT_URL + value: {{ .Values.global.convoy.google_oauth_redirect_url | quote }} + {{- end }} + + {{- if .Values.global.convoy.portal_realm_enabled }} + # -- Portal Realm authentication + - name: CONVOY_PORTAL_REALM_ENABLED + value: {{ .Values.global.convoy.portal_realm_enabled | quote }} + {{- end }} + + {{- if .Values.global.convoy.sentry_sample_rate }} + # -- Sentry error sampling rate + - name: CONVOY_SENTRY_SAMPLE_RATE + value: {{ .Values.global.convoy.sentry_sample_rate | quote }} + {{- end }} + + {{- if .Values.global.convoy.read_replica_dsn }} + # -- Database read replica connection + - name: CONVOY_READ_REPLICA_DSN + value: {{ .Values.global.convoy.read_replica_dsn | quote }} + {{- end }} + + {{- with .Values.extraEnvs }} + {{- toYaml . | nindent 12 }} + {{- end }} + livenessProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 30 + readinessProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 30 + resources: + {{- toYaml .Values.app.resources | nindent 12 }} + volumeMounts: + {{- if or .Values.global.convoy.cacert_secret_name .Values.global.convoy.cacert_content }} + - name: convoy-cacert + mountPath: /etc/convoy + readOnly: true + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/agent/values.yaml b/charts/agent/values.yaml index f70ea86..615227b 100755 --- a/charts/agent/values.yaml +++ b/charts/agent/values.yaml @@ -159,6 +159,10 @@ service: type: ClusterIP port: 80 +rollout: + enabled: false + strategy: {} + autoscaling: enabled: true minReplicas: 2 diff --git a/charts/server/templates/deployment.yaml b/charts/server/templates/deployment.yaml index dc39d13..450415f 100755 --- a/charts/server/templates/deployment.yaml +++ b/charts/server/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.rollout.enabled }} apiVersion: apps/v1 kind: Deployment metadata: @@ -398,3 +399,4 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} +{{- end }} diff --git a/charts/server/templates/rollout.yaml b/charts/server/templates/rollout.yaml new file mode 100644 index 0000000..4326e9a --- /dev/null +++ b/charts/server/templates/rollout.yaml @@ -0,0 +1,404 @@ +{{- if .Values.rollout.enabled }} +apiVersion: argoproj.io/v1alpha1 +kind: Rollout +metadata: + name: {{ include "convoy-server.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "convoy-server.name" . }} + helm.sh/chart: {{ include "convoy-server.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +spec: + replicas: {{ .Values.app.replicaCount }} + strategy: + {{- toYaml .Values.rollout.strategy | nindent 4 }} + selector: + matchLabels: + app.kubernetes.io/name: {{ include "convoy-server.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + template: + metadata: + annotations: + {{- with .Values.app.podAnnotations }} + {{- tpl (toYaml . ) $ | nindent 8 }} + {{- end }} + updatedAt: {{ now | quote }} + labels: + app.kubernetes.io/name: {{ include "convoy-server.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + spec: + {{- if or .Values.global.convoy.cacert_secret_name .Values.global.convoy.cacert_content }} + volumes: + - name: convoy-cacert + secret: + secretName: {{ if .Values.global.convoy.cacert_secret_name }}{{ .Values.global.convoy.cacert_secret_name }}{{ else }}{{ include "convoy-server.fullname" . }}-cacert{{ end }} + items: + - key: ca.crt + path: ca.crt + {{- end }} + initContainers: + - name: wait-for-migrate + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + env: + {{- if .Values.global.externalDatabase.enabled }} + - name: CONVOY_DB_SCHEME + value: postgresql + - name: CONVOY_DB_HOST + value: {{ .Values.global.externalDatabase.host | quote }} + - name: CONVOY_DB_PORT + value: {{ .Values.global.externalDatabase.port | quote }} + - name: CONVOY_DB_USERNAME + value: {{ .Values.global.externalDatabase.username | quote }} + {{- if ne .Values.global.externalDatabase.secret "" }} + - name: CONVOY_DB_PASSWORD + valueFrom: + secretKeyRef: + name: "{{ .Values.global.externalDatabase.secret }}" + key: password + {{- else }} + - name: CONVOY_DB_PASSWORD + value: {{ .Values.global.externalDatabase.password | quote }} + {{- end }} + - name: CONVOY_DB_DATABASE + value: {{ .Values.global.externalDatabase.database | quote }} + - name: CONVOY_DB_OPTIONS + value: {{ .Values.global.externalDatabase.options | quote }} + {{- end }} + command: [ "/cmd" ] + args: [ "migrate", "up" ] + {{- with .Values.securityContext }} + securityContext: + {{- toYaml . | nindent 2 }} + {{- end }} + + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- with .Values.securityContext }} + securityContext: + {{- toYaml . | nindent 2 }} + {{- end }} + + command: ["/cmd"] + args: ["server"] + ports: + - name: http + containerPort: {{ .Values.app.port }} + protocol: TCP + env: + - name: SERVICE_NAME + value: {{ .Chart.Name }} + - name: PORT + value: {{ .Values.app.port | quote }} + - name: HTTP_PROXY + value: {{ .Values.env.proxy | quote }} + - name: CONVOY_ENV + value: {{ .Values.global.convoy.environment | quote }} + - name: CONVOY_HOST + value: {{ .Values.env.host | quote }} + - name: CONVOY_ROOT_PATH + value: {{ .Values.env.root_path | quote }} + - name: CONVOY_LOGGER_LEVEL + value: {{ .Values.env.log_level | quote }} + - name: CONVOY_SIGNUP_ENABLED + value: {{ .Values.env.sign_up_enabled | quote }} + - name: CONVOY_MAX_RESPONSE_SIZE + value: {{ .Values.env.max_response_size | quote }} + {{- if or .Values.global.convoy.cacert_secret_name .Values.global.convoy.cacert_content }} + - name: CONVOY_DISPATCHER_CACERT_PATH + value: "/etc/convoy/ca.crt" + {{- end }} + {{- if .Values.global.convoy.jwt_secret_name }} + - name: CONVOY_JWT_SECRET + valueFrom: + secretKeyRef: + name: "{{ .Values.global.convoy.jwt_secret_name }}" + key: jwt_secret + - name: CONVOY_JWT_REFRESH_SECRET + valueFrom: + secretKeyRef: + name: "{{ .Values.global.convoy.jwt_secret_name }}" + key: jwt_refresh_secret + {{- else if or .Values.global.convoy.jwt_secret .Values.global.convoy.jwt_refresh_secret }} + - name: CONVOY_JWT_SECRET + valueFrom: + secretKeyRef: + name: "{{ include "convoy-server.fullname" . }}-jwt" + key: jwt_secret + - name: CONVOY_JWT_REFRESH_SECRET + valueFrom: + secretKeyRef: + name: "{{ include "convoy-server.fullname" . }}-jwt" + key: jwt_refresh_secret + {{- else }} + - name: CONVOY_JWT_SECRET + value: {{ .Values.env.auth.jwt.secret | quote }} + - name: CONVOY_JWT_REFRESH_SECRET + value: {{ .Values.env.auth.jwt.refresh_secret | quote }} + {{- end }} + - name: CONVOY_JWT_REALM_ENABLED + value: {{ .Values.env.auth.jwt.enabled | quote }} + {{- if ne .Values.env.auth.file.secret "" }} + - name: CONVOY_BASIC_AUTH_CONFIG + valueFrom: + secretKeyRef: + name: "{{ .Values.env.auth.file.secret }}" + key: basic_auth_config + {{- else if .Values.env.auth.file.basic }} + - name: CONVOY_BASIC_AUTH_CONFIG + value: {{ .Values.env.auth.file.basic | toJson | quote }} + {{- end }} + + {{- if .Values.global.externalDatabase.enabled }} + - name: CONVOY_DB_SCHEME + value: postgresql + - name: CONVOY_DB_HOST + value: {{ .Values.global.externalDatabase.host | quote }} + - name: CONVOY_DB_PORT + value: {{ .Values.global.externalDatabase.port | quote }} + - name: CONVOY_DB_USERNAME + value: {{ .Values.global.externalDatabase.username | quote }} + {{- if ne .Values.global.externalDatabase.secret "" }} + - name: CONVOY_DB_PASSWORD + valueFrom: + secretKeyRef: + name: "{{ .Values.global.externalDatabase.secret }}" + key: password + {{- else }} + - name: CONVOY_DB_PASSWORD + value: {{ .Values.global.externalDatabase.password | quote }} + {{- end }} + - name: CONVOY_DB_DATABASE + value: {{ .Values.global.externalDatabase.database | quote }} + - name: CONVOY_DB_OPTIONS + value: {{ .Values.global.externalDatabase.options | quote }} + {{- if .Values.global.externalDatabase.readReplicas }} + - name: CONVOY_DB_READ_REPLICAS + value: {{ .Values.global.externalDatabase.readReplicas | toJson | quote }} + {{- end }} + {{- end }} + + {{- if .Values.global.nativeRedis.enabled }} + - name: CONVOY_REDIS_HOST + value: {{ .Values.global.nativeRedis.host | quote }} + {{- if ne .Values.global.nativeRedis.secret "" }} + - name: CONVOY_REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: "{{ .Values.global.nativeRedis.secret }}" + key: password + {{- else }} + - name: CONVOY_REDIS_PASSWORD + value: {{ .Values.global.nativeRedis.password | quote }} + {{- end }} + - name: CONVOY_REDIS_PORT + value: {{ .Values.global.nativeRedis.port | quote }} + - name: CONVOY_REDIS_TYPE + value: "NATIVE" + {{- end }} + + {{- if .Values.global.externalRedis.enabled }} + {{- if .Values.global.externalRedis.addresses }} + - name: CONVOY_REDIS_CLUSTER_ADDRESSES + value: {{ .Values.global.externalRedis.addresses | quote }} + {{- else }} + - name: CONVOY_REDIS_TYPE + value: "EXTERNAL" + - name: CONVOY_REDIS_HOST + value: {{ .Values.global.externalRedis.host | quote }} + {{- if ne .Values.global.externalRedis.secret "" }} + - name: CONVOY_REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: "{{ .Values.global.externalRedis.secret }}" + key: password + {{- else }} + - name: CONVOY_REDIS_PASSWORD + value: {{ .Values.global.externalRedis.password | quote }} + {{- end }} + - name : CONVOY_REDIS_PORT + value: {{ .Values.global.externalRedis.port | quote }} + - name: CONVOY_REDIS_SCHEME + value: {{ .Values.global.externalRedis.scheme | quote }} + - name : CONVOY_REDIS_USERNAME + value: {{ .Values.global.externalRedis.username | quote }} + - name: CONVOY_REDIS_DATABASE + value: {{ .Values.global.externalRedis.database | quote }} + {{- end }} + {{- end }} + + {{- if .Values.env.tracer.enabled }} + - name: CONVOY_TRACER_PROVIDER + value: {{ .Values.env.tracer.type | quote }} + - name: CONVOY_OTEL_SAMPLE_RATE + value: {{ .Values.env.tracer.otel.sample_rate | quote }} + - name: CONVOY_OTEL_AUTH_HEADER_NAME + value: {{ .Values.env.tracer.otel.otel_auth.header_name | quote }} + - name: CONVOY_OTEL_AUTH_HEADER_VALUE + value: {{ .Values.env.tracer.otel.otel_auth.header_value | quote }} + - name: CONVOY_OTEL_COLLECTOR_URL + value: {{ .Values.env.tracer.otel.collector_url | quote }} + - name: CONVOY_OTEL_INSECURE_SKIP_VERIFY + value: {{ .Values.env.tracer.otel.insecure_skip_verify | quote }} + - name: CONVOY_SENTRY_DSN + value: {{ .Values.env.tracer.sentry.dsn | quote }} + - name: CONVOY_SENTRY_DEBUG + value: {{ .Values.env.tracer.sentry.debug | quote }} + {{- if .Values.env.tracer.sentry.environment }} + - name: CONVOY_SENTRY_ENVIRONMENT + value: {{ .Values.global.convoy.environment | quote }} + {{- end }} + {{- end }} + + - name: CONVOY_INSTANCE_INGEST_RATE + value: {{ .Values.env.instance_ingest_rate | quote }} + - name: CONVOY_ENABLE_FEATURE_FLAG + value: {{ join "," .Values.env.enable_feature_flag | quote }} + - name: CONVOY_ANALYTICS_ENABLED + value: {{ .Values.env.analytics_enabled | quote }} + - name: CONVOY_ENABLE_PROFILING + value: {{ .Values.env.enable_profiling | quote }} + - name: CONVOY_API_VERSION + value: {{ .Values.env.api_version | quote }} + + {{- if .Values.global.convoy.google_oauth_enabled }} + # -- Google OAuth SSO configuration + - name: CONVOY_GOOGLE_OAUTH_ENABLED + value: {{ .Values.global.convoy.google_oauth_enabled | quote }} + - name: CONVOY_GOOGLE_OAUTH_CLIENT_ID + value: {{ .Values.global.convoy.google_oauth_client_id | quote }} + - name: CONVOY_GOOGLE_OAUTH_REDIRECT_URL + value: {{ .Values.global.convoy.google_oauth_redirect_url | quote }} + {{- end }} + + {{- if .Values.global.convoy.portal_realm_enabled }} + # -- Portal Realm authentication + - name: CONVOY_PORTAL_REALM_ENABLED + value: {{ .Values.global.convoy.portal_realm_enabled | quote }} + {{- end }} + + {{- if .Values.global.convoy.sentry_sample_rate }} + # -- Sentry error sampling rate + - name: CONVOY_SENTRY_SAMPLE_RATE + value: {{ .Values.global.convoy.sentry_sample_rate | quote }} + {{- end }} + + {{- if .Values.global.convoy.read_replica_dsn }} + # -- Database read replica connection + - name: CONVOY_READ_REPLICA_DSN + value: {{ .Values.global.convoy.read_replica_dsn | quote }} + {{- end }} + + {{- if .Values.global.convoy.license_key_secret_name }} + - name: CONVOY_LICENSE_KEY + valueFrom: + secretKeyRef: + name: "{{ .Values.global.convoy.license_key_secret_name }}" + key: license_key + {{- else if .Values.global.convoy.license_key }} + - name: CONVOY_LICENSE_KEY + valueFrom: + secretKeyRef: + name: "convoy-license-key" + key: license_key + {{- else }} + {{- end }} + + {{- if .Values.env.storage.enabled }} + - name: CONVOY_STORAGE_POLICY_TYPE + value: {{ .Values.env.storage.type | quote }} + + {{- if eq .Values.env.storage.type "on_prem"}} + - name: CONVOY_STORAGE_PREM_PATH + value: {{ .Values.env.storage.on_prem.path | quote }} + {{- end }} + + {{- if eq .Values.env.storage.type "s3" }} + - name: CONVOY_STORAGE_AWS_BUCKET + value: {{ .Values.env.storage.s3.bucket | quote }} + - name: CONVOY_STORAGE_AWS_ACCESS_KEY + value: {{ .Values.env.storage.s3.accessKey | quote }} + {{- if ne .Values.env.storage.s3.secret "" }} + - name: CONVOY_STORAGE_AWS_SECRET_KEY + valueFrom: + secretKeyRef: + name: "{{ .Values.env.storage.s3.secret }}" + key: secretKey + {{- else }} + - name: CONVOY_STORAGE_AWS_SECRET_KEY + value: {{ .Values.env.storage.s3.secretKey | quote }} + {{- end }} + - name: CONVOY_STORAGE_AWS_REGION + value: {{ .Values.env.storage.s3.region | quote }} + - name: CONVOY_STORAGE_AWS_SESSION_TOKEN + value: {{ .Values.env.storage.s3.session_token | quote }} + - name: CONVOY_STORAGE_AWS_ENDPOINT + value: {{ .Values.env.storage.s3.endpoint | quote }} + {{- end }} + {{- end }} + + {{- if .Values.env.metrics.enabled }} + - name: CONVOY_METRICS_ENABLED + value: {{ .Values.env.metrics.enabled | quote }} + - name: CONVOY_METRICS_BACKEND + value: {{ .Values.env.metrics.metrics_backend | quote }} + - name: CONVOY_METRICS_SAMPLE_TIME + value: {{ .Values.env.metrics.prometheus_metrics.sample_time | quote }} + {{- end }} + + {{- if .Values.env.pyroscope.enabled }} + - name: CONVOY_ENABLE_PYROSCOPE_PROFILING + value: {{ .Values.env.pyroscope.enabled | quote }} + - name: CONVOY_PYROSCOPE_URL + value: {{ .Values.env.pyroscope.url | quote }} + - name: CONVOY_PYROSCOPE_USERNAME + value: {{ .Values.env.pyroscope.username | quote }} + - name: CONVOY_PYROSCOPE_PASSWORD + value: {{ .Values.env.pyroscope.password | quote }} + - name: CONVOY_PYROSCOPE_PROFILE_ID + value: {{ .Values.env.pyroscope.profile_id | quote }} + {{- end }} + {{- if .Values.env.retention_policy.enabled }} + - name: CONVOY_RETENTION_POLICY + value: {{ .Values.env.retention_policy.policy | quote }} + - name: CONVOY_RETENTION_POLICY_ENABLED + value: {{ .Values.env.retention_policy.enabled | quote }} + {{- end}} + + - name: CONVOY_MAX_RETRY_SECONDS + value: {{ .Values.env.max_retry_seconds | quote }} + {{- with .Values.extraEnvs }} + {{- toYaml . | nindent 12 }} + {{- end }} + livenessProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 30 + readinessProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 30 + resources: + {{- toYaml .Values.app.resources | nindent 12 }} + volumeMounts: + {{- if or .Values.global.convoy.cacert_secret_name .Values.global.convoy.cacert_content }} + - name: convoy-cacert + mountPath: /etc/convoy + readOnly: true + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/server/values.yaml b/charts/server/values.yaml index 58856ec..45d21d0 100755 --- a/charts/server/values.yaml +++ b/charts/server/values.yaml @@ -162,6 +162,10 @@ service: type: ClusterIP port: 80 +rollout: + enabled: false + strategy: {} + ingress: enabled: false annotations: {}