Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: ingress, pubsub, blob store, ent support #44

Merged
merged 30 commits into from
Mar 8, 2024
Merged

feat: ingress, pubsub, blob store, ent support #44

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
30 commits
Select commit Hold shift + click to select a range
f83b545
add ingress
sunnyyip Feb 3, 2024
ee0fb6c
fix linting errors
sunnyyip Feb 3, 2024
c648299
add ingress and test
sunnyyip Feb 5, 2024
56b8a24
update unit test
sunnyyip Feb 5, 2024
22aafd2
update helm unittest version
sunnyyip Feb 5, 2024
ae7f1b8
add ENT postgres support
sunnyyip Feb 5, 2024
5b37800
bump helm chart version
sunnyyip Feb 5, 2024
fa05f00
add pubsub and blob addr
sunnyyip Feb 6, 2024
7d13672
add labels to collectsub
sunnyyip Feb 6, 2024
f9bb8dc
set defaults for pubSubAddr and blobAddr
sunnyyip Feb 27, 2024
b052fa5
fix white spaces
sunnyyip Feb 27, 2024
23d03a1
add minio blobstore
sunnyyip Feb 29, 2024
f26e243
update test config and set namespace
sunnyyip Feb 29, 2024
91a4c01
add minio chart to test
sunnyyip Feb 29, 2024
357975a
fix whitespaces
sunnyyip Feb 29, 2024
a1171e5
fix whitespaces
sunnyyip Feb 29, 2024
1d2fc2c
make test work
sunnyyip Feb 29, 2024
afd8807
lower memory request for minio
sunnyyip Feb 29, 2024
6c50e78
fix formatting
sunnyyip Mar 1, 2024
69dd110
pull image from ghcr
sunnyyip Mar 1, 2024
431594b
login to ghcr
sunnyyip Mar 1, 2024
d021a5c
login to ghcr
sunnyyip Mar 1, 2024
04e40ec
use generated ns
sunnyyip Mar 1, 2024
45fa550
use latest build
sunnyyip Mar 1, 2024
7e82fb9
remove unused permission
sunnyyip Mar 1, 2024
aae487e
update README
sunnyyip Mar 8, 2024
4ebd2fd
get local test running
sunnyyip Mar 8, 2024
36e81f6
update README
sunnyyip Mar 8, 2024
f86edb3
bump version and include minio as a dependency
sunnyyip Mar 8, 2024
cbfd5fe
fix linting error
sunnyyip Mar 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 14 additions & 4 deletions .github/workflows/tests.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,8 @@ jobs:

- name: Run helm unittest
run: |
helm plugin install https://github.com/quintush/helm-unittest --version 0.2.11
helm unittest charts/guac -3
helm plugin install https://github.com/helm-unittest/helm-unittest.git --version 0.4.1
helm unittest charts/guac

- name: Install Helm
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5
Expand All @@ -37,8 +37,9 @@ jobs:

- name: Add Helm repos
run: |
helm repo add neo4j https://helm.neo4j.com/neo4j
# helm repo add neo4j https://helm.neo4j.com/neo4j
helm repo add nats https://nats-io.github.io/k8s/helm/charts
helm repo add minio https://charts.min.io/

- name: Set up chart-testing
uses: helm/chart-testing-action@afea100a513515fbd68b0e72a7bb0ae34cb62aec # v2.3.1
Expand Down Expand Up @@ -66,6 +67,15 @@ jobs:
version: 'v1.26.0'
id: install

- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Run chart-testing (install)
run: ct install --all --helm-extra-args --timeout=600s
run: |
kubectl create ns chart-testing
ct install --all --helm-extra-args --timeout=600s
# if: steps.list-changed.outputs.changed == 'true'
7 changes: 5 additions & 2 deletions charts/guac/Chart.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,8 @@ dependencies:
- name: nats
repository: https://nats-io.github.io/k8s/helm/charts/
version: 0.19.17
digest: sha256:ecbbc3cea93f04cb5daf676ad1953d09c399396f2e74dbeb326521203240b508
generated: "2023-08-16T14:24:33.92852-04:00"
- name: minio
repository: https://charts.min.io/
version: 5.0.15
digest: sha256:bea07af7a724b783003cd5c82ac3763d7c3fb82b2c6df0fb0b8a3f82ebc1b577
generated: "2024-02-28T21:29:37.996055-05:00"
11 changes: 9 additions & 2 deletions charts/guac/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,17 @@ maintainers:
email: guac-info@kusari.dev

type: application
version: 0.2.6
appVersion: "v0.4.0"
version: 0.2.7
appVersion: "v0.5.0"

dependencies:
- name: nats
version: "~0.19.12"
repository: "https://nats-io.github.io/k8s/helm/charts/"
condition: nats.enabled

# See s3 compatible storage config for MinIO at https://gocloud.dev/howto/blob/#s3
- name: minio
version: "~5.0.15"
repository: "https://charts.min.io/"
condition: minio.enabled
209 changes: 128 additions & 81 deletions charts/guac/README.md
View file
Open in desktop

Large diffs are not rendered by default.

165 changes: 152 additions & 13 deletions charts/guac/schema.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,16 +26,10 @@
"description": "Path to the GUAC image",
"default": "ghcr.io/guacsec/guac"
},
"tag": {
"type": "string",
"description": "Tag if using an image tag. Optional",
"default": "v0.2.0",
"nullable": true
},
"digest": {
"type": "string",
"description": "Sha256 Image Digest. It is strongly recommended to use this for verification.",
"default": ""
"default": "\"\""
},
"pullPolicy": {
"type": "string",
Expand All @@ -49,6 +43,16 @@
}
}
},
"common": {
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "Environment variables common apply for all guac services",
"default": "\"\""
}
}
},
"ociCollector": {
"type": "object",
"properties": {
Expand Down Expand Up @@ -84,6 +88,11 @@
}
}
},
"env": {
"type": "object",
"description": "Environment variables for OCI Collector.",
"default": {}
},
"nodeSelector": {
"type": "object",
"description": "- sets the node selector for where to run the deployment",
Expand Down Expand Up @@ -126,6 +135,11 @@
}
}
},
"env": {
"type": "object",
"description": "Environment variables for Deps.Dev Collector.",
"default": {}
},
"nodeSelector": {
"type": "object",
"description": "- sets the node selector for where to run the deployment",
Expand Down Expand Up @@ -168,6 +182,11 @@
}
}
},
"env": {
"type": "object",
"description": "Environment variables for OSV Certifier Collector.",
"default": {}
},
"nodeSelector": {
"type": "object",
"description": "- sets the node selector for where to run the deployment",
Expand Down Expand Up @@ -210,6 +229,11 @@
}
}
},
"env": {
"type": "object",
"description": "Environment variables for ingestor.",
"default": {}
},
"nodeSelector": {
"type": "object",
"description": "- sets the node selector for where to run the deployment",
Expand Down Expand Up @@ -265,6 +289,11 @@
}
}
},
"env": {
"type": "object",
"description": "Environment variables for Collector Sub.",
"default": {}
},
"svcPorts": {
"type": "array",
"description": "Protocol used at Collector Sub",
Expand Down Expand Up @@ -341,6 +370,11 @@
}
}
},
"env": {
"type": "object",
"description": "Environment variables for GraphQL Server.",
"default": {}
},
"svcPorts": {
"type": "array",
"description": "Protocol used at the the GraphQL Server",
Expand All @@ -364,8 +398,8 @@
},
"backend": {
"type": "string",
"description": "which backend to use - only support inmem at the moment.",
"default": "inmem"
"description": "which backend to use - keyvalue (default) | arango | ent.",
"default": "keyvalue"
},
"debug": {
"type": "boolean",
Expand Down Expand Up @@ -414,7 +448,7 @@
"digest": {
"type": "string",
"description": "Sha256 Image Digest. It is strongly recommended to use this for verification.",
"default": ""
"default": "\"\""
},
"pullPolicy": {
"type": "string",
Expand Down Expand Up @@ -457,6 +491,11 @@
}
}
},
"env": {
"type": "object",
"description": "Environment variables for the visualizer.",
"default": {}
},
"nodeSelector": {
"type": "object",
"description": "- sets the node selector for where to run the deployment",
Expand All @@ -479,13 +518,68 @@
"properties": {
"ingest": {
"type": "boolean",
"description": "Boolean - whether to ingest sample data after deployment",
"description": "Boolean Whether to ingest sample data after deployment",
"default": false
},
"jobName": {
"type": "string",
"description": "Name of the sample data ingest job",
"default": "ingest-guac-data"
},
"env": {
"type": "object",
"description": "Environment variables for the sample data ingest job",
"default": {}
}
}
},
"ingress": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Whether to deploy an Ingress object",
"default": false
}
}
},
"apiOnlyIngress": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Whether to deploy an Ingress object to expose API only",
"default": false
}
}
},
"backend": {
"type": "object",
"properties": {
"ent": {
"type": "object",
"properties": {
"db-driver": {
"type": "string",
"description": "database driver to use, one of [postgres | sqlite3 | mysql] or anything supported by sql.DB",
"default": "postgres"
},
"db-address": {
"type": "string",
"description": "Full URL of database to connect to",
"default": "postgres://guac:guac@host:port/dbName?sslmode=disable"
},
"db-migrate": {
"type": "boolean",
"description": "Wether to automatically run database migrations on start",
"default": true
},
"db-debug": {
"type": "boolean",
"description": "Enable debug logging for database queries",
"default": true
}
}
}
}
}
Expand All @@ -494,6 +588,11 @@
"nats": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Whehter to deploy nats",
"default": true
},
"nats": {
"type": "object",
"properties": {
Expand All @@ -519,13 +618,23 @@
}
}
},
"natsbox": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Whehter to run natsbox",
"default": false
}
}
},
"exporter": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Boolean to enable data collection",
"default": true
"default": false
},
"serviceMonitor": {
"type": "object",
Expand All @@ -537,7 +646,7 @@
},
"namespace": {
"type": "string",
"description": "nats service monitor namespace - this is for monitoring purposes and is used by Prometheus",
"description": "String nats service monitor namespace - this is for monitoring purposes and is used by Prometheus",
"default": "monitoring"
},
"labels": {
Expand All @@ -555,6 +664,36 @@
}
}
}
},
"minio": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Whehter to deploy minio as part of the Helm deployment",
"default": true
},
"replicas": {
"type": "number",
"description": "Number of replicas.",
"default": 1
},
"mode": {
"type": "string",
"description": "minio mode, i.e. standalone or distributed",
"default": "standalone"
},
"rootUser": {
"type": "string",
"description": "root user name.",
"default": "rootUser"
},
"rootPassword": {
"type": "string",
"description": "root user password.",
"default": "rootPassword"
}
}
}
}
}
2 changes: 0 additions & 2 deletions charts/guac/templates/_helpers.tpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,8 +44,6 @@ helm.sh/chart: {{ include "guac.chart" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: "guac"
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}

Expand Down
Loading
Loading