Skip to content

Commit

Permalink
feat: add helm-chart for mediator (#64)
Browse files Browse the repository at this point in the history
* feat: adding helm-chart for mediator

* fix: service name alignment with routes

* fix: add yaml seperator to ensure multiple resources are created

* feat: allow mediator at route and wildcard suffix

* feat: add pre-commit hooks, fix new-lines at end of files

* Update did, did-imp, did-method-peer to 0.1.0-M6 in main (#61)

* chore(release): cut prism mediator 0.5.0 release

# [0.5.0](prism-mediator-v0.4.1...prism-mediator-v0.5.0) (2023-07-21)

### Features

* add endpoint to get the OOB mediate invitation ([#63](#63)) ([c82282c](c82282c))

* fix: mediator version updated

* fix: correct naming for tls object

Signed-off-by: David Poltorak <david.poltorak@iohk.io>

---------

Signed-off-by: David Poltorak <david.poltorak@iohk.io>
Co-authored-by: atala-dev <57987237+atala-dev@users.noreply.github.com>
Co-authored-by: atala-dev <atala.dev@iohk.io>
Co-authored-by: Shailesh Patil <shailesh.patil@iohk.io>
Signed-off-by: davidpoltorak-io <109518299+davidpoltorak-io@users.noreply.github.com>
  • Loading branch information
4 people committed May 1, 2024
1 parent e8f5a8f commit 29a4bee
Show file tree
Hide file tree
Showing 13 changed files with 398 additions and 0 deletions.
10 changes: 10 additions & 0 deletions .pre-commit-config.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
---
# See https://pre-commit.com for more information
# See https://pre-commit.com/hooks.html for more hooks
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v3.2.0
hooks:
- id: trailing-whitespace
- id: end-of-file-fixer
- id: check-added-large-files
23 changes: 23 additions & 0 deletions infrastructure/charts/mediator/.helmignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
26 changes: 26 additions & 0 deletions infrastructure/charts/mediator/Chart.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
apiVersion: v2
name: prism-node
description: A Helm chart for deploying prism-mediator

# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application

# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.0

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "0.5.0"

dependencies: []
22 changes: 22 additions & 0 deletions infrastructure/charts/mediator/templates/_helpers.tpl
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{{- define "cors" }}
{{- if .Values.ingress.cors.enabled }}
- name: cors
enable: true
{{- if .Values.ingress.cors.allow_origins }}
config:
allow_origins: {{ .Values.ingress.cors.allow_origins | quote }}
{{- end }}
{{- end }}
{{- end -}}
{{- define "consumer-restriction" }}
- name: consumer-restriction
enable: true
config:
whitelist:
{{- range .Values.ingress.consumers }}
- {{ regexReplaceAll "-" $.Release.Name "_" }}_{{ regexReplaceAll "-" . "_" | lower }}
{{- end }}
{{- end -}}
{{- define "labels.common" -}}
app.kubernetes.io/part-of: prism-mediator
{{- end -}}
18 changes: 18 additions & 0 deletions infrastructure/charts/mediator/templates/apisixconsumer.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
{{- if .Values.ingress.enabled }}
{{- $root := . -}}
{{- range $consumer := .Values.ingress.consumers }}
apiVersion: apisix.apache.org/v2
kind: ApisixConsumer
metadata:
name: "{{ $consumer | lower }}"
namespace: "{{ $root.Release.Namespace }}"
labels:
{{ template "labels.common" . }}
spec:
authParameter:
keyAuth:
secretRef:
name: "{{ $root.Release.Namespace }}-{{ $consumer | lower }}"
---
{{- end }}
{{- end }}
56 changes: 56 additions & 0 deletions infrastructure/charts/mediator/templates/apisixroute.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
{{- if .Values.ingress.enabled }}
apiVersion: apisix.apache.org/v2
kind: ApisixRoute
metadata:
name: mediator-route
namespace: "{{ .Release.Namespace }}"
labels:
{{ template "labels.common" . }}
spec:
http:
- name: mediator-rule
match:
hosts:
{{- range .Values.ingress.applicationUrls }}
- {{ . }}
{{- end }}
paths:
- /*
backends:
- serviceName: mediator-service
servicePort: 8080
plugins:
- name: proxy-rewrite
enable: true
config:
regex_uri: ["^/(.*)","/$1"]

---

apiVersion: apisix.apache.org/v2
kind: ApisixRoute
metadata:
name: mediator-docs-route
namespace: "{{ .Release.Namespace }}"
labels:
{{ template "labels.common" . }}
spec:
http:
- name: mediator-docs-rule
match:
hosts:
{{- range .Values.ingress.applicationUrls }}
- {{ . }}
{{- end }}
paths:
- /docs/mediator/api/*
backends:
- serviceName: mediator-service
servicePort: 8080
plugins:
- name: proxy-rewrite
enable: true
config:
regex_uri: ["^/docs/mediator/api/(.*)","/api/$1"]
{{ template "cors" . }}
{{- end -}}
17 changes: 17 additions & 0 deletions infrastructure/charts/mediator/templates/apisixtls.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
{{- if .Values.ingress.enabled }}
apiVersion: apisix.apache.org/v2
kind: ApisixTls
metadata:
name: "prism-mediator-base-path-tls"
namespace: "{{ .Release.Namespace }}"
labels:
{{ template "labels.common" . }}
spec:
hosts:
{{- range .Values.ingress.applicationUrls }}
- {{ . }}
{{- end }}
secret:
name: "prism-mediator-base-path-secret"
namespace: "{{ .Release.Namespace }}"
{{- end }}
20 changes: 20 additions & 0 deletions infrastructure/charts/mediator/templates/certificate.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
{{- if .Values.ingress.enabled }}
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: "prism-mediator-base-path-cert"
namespace: "{{ .Release.Namespace }}"
labels:
{{ template "labels.common" . }}
spec:
secretName: "prism-mediator-base-path-secret"
duration: 2160h0m0s # 90d
renewBefore: 360h0m0s # 15d
issuerRef:
name: letsencrypt
kind: ClusterIssuer
dnsNames:
{{- range .Values.ingress.applicationUrls }}
- {{ . }}
{{- end }}
{{- end }}
43 changes: 43 additions & 0 deletions infrastructure/charts/mediator/templates/deployment.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: mediator-server
namespace: "{{ .Release.Namespace }}"
labels:
{{ template "labels.common" . }}
spec:
selector:
matchLabels:
app.kubernetes.io/name: prism-mediator-server
replicas: 1
template:
metadata:
labels:
app.kubernetes.io/name: prism-mediator-server
{{ template "labels.common" . }}
spec:
imagePullSecrets:
- name: atala-prism-dev-deployments-github-docker-registry-key
containers:
- name: mediator-server
image: "{{ .Values.server.image.repository }}/{{ .Values.server.image.tag }}:{{ .Values.server.image.version | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.server.image.pullPolicy }}
resources:
{{- toYaml .Values.server.resources | nindent 12 }}
ports:
- containerPort: 8080
env:
- name: MONGODB_USER
value: "admin"
- name: MONGODB_PASSWORD
value: "admin"
- name: MONGODB_PROTOCOL
value: "mongodb"
- name: MONGODB_HOST
value: "mongodb.{{.Release.Namespace}}"
- name: MONGODB_PORT
value: "27017"
- name: MONGODB_DB_NAME
value: "mediator"
- name: SERVICE_ENDPOINT
value: "https://{{ index .Values.ingress.applicationUrls 0 }}/mediator"
20 changes: 20 additions & 0 deletions infrastructure/charts/mediator/templates/externalsecret.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: "atala-prism-dev-deployments-github-docker-registry-key"
namespace: {{ .Release.Namespace }}
labels:
{{ template "labels.common" . }}
spec:
refreshInterval: "0"
secretStoreRef:
name: {{ .Values.secrets.secretStore }}
kind: ClusterSecretStore
target:
template:
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: "{{ `{{ .dockerconfigjson | b64dec }}` }}"
dataFrom:
- extract:
key: {{ .Values.secrets.dockerRegistryToken }}
77 changes: 77 additions & 0 deletions infrastructure/charts/mediator/templates/mongodb.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
{{- if .Values.database.mongodb.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: mongodb
labels:
app: mongodb
spec:
replicas: 1
selector:
matchLabels:
app: mongodb
template:
metadata:
labels:
app: mongodb
spec:
containers:
- name: mongodb
image: mongo:6.0.7
ports:
- containerPort: 27017
env:
- name: MONGO_INITDB_ROOT_USERNAME
value: "admin"
- name: MONGO_INITDB_ROOT_PASSWORD
value: "admin"
- name: MONGO_INITDB_DATABASE
value: "mediator"
volumeMounts:
- name: mongodb-scripts
mountPath: /docker-entrypoint-initdb.d
readOnly: true
volumes:
- name: mongodb-scripts
configMap:
name: mongodb-cm
---
apiVersion: v1
kind: ConfigMap
metadata:
name: mongodb-cm
data:
initdb.js: |
db.createUser({
user: "admin",
pwd: "admin",
roles: [
{ role: "readWrite", db: "mediator" }
]
});
const database = 'mediator';
const collectionDidAccount = 'user.account';
const collectionMessages = 'messages';
use(database);
db.createCollection(collectionDidAccount);
db.createCollection(collectionMessages);
//create index
db.getCollection(collectionDidAccount).createIndex({ 'did': 1 }, { unique: true });
// Only enforce uniqueness on non-empty arrays
db.getCollection(collectionDidAccount).createIndex({ 'alias': 1 }, { unique: true , partialFilterExpression: { "alias.0": { $exists: true } }});
db.getCollection(collectionDidAccount).createIndex({ "messagesRef.hash": 1, "messagesRef.recipient": 1 });
---
apiVersion: v1
kind: Service
metadata:
name: mongodb
namespace: "{{ .Release.Namespace }}"
spec:
selector:
app: mongodb
ports:
- protocol: TCP
port: 27017
targetPort: 27017
---
{{- end }}
36 changes: 36 additions & 0 deletions infrastructure/charts/mediator/templates/service.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
apiVersion: v1
kind: Service
metadata:
name: mediator-service
namespace: "{{ .Release.Namespace }}"
labels:
app.kubernetes.io/name: prism-mediator-server
app.kubernetes.io/service: prism-mediator-server-main
{{ template "labels.common" . }}
spec:
selector:
app.kubernetes.io/name: prism-mediator-server
ports:
- protocol: "TCP"
port: 8080
targetPort: 8080
type: ClusterIP

---

{{- if .Values.ingress.enabled }}
kind: Service
apiVersion: v1
metadata:
name: mediator-domain-name-fake-service
namespace: "{{ .Release.Namespace }}"
annotations:
external-dns.alpha.kubernetes.io/hostname: "{{ join ", " .Values.ingress.applicationUrls }}"
labels:
app.kubernetes.io/name: prism-mediator-server
app.kubernetes.io/service: prism-mediator-server-domain-name-fake-service
{{ template "labels.common" . }}
spec:
type: ExternalName
externalName: {{ .Values.ingress.platformIngressUrl }}
{{- end }}
Loading

0 comments on commit 29a4bee

Please sign in to comment.