feat(chart): migrate k8s services (#1156)

migmartri · web-flow · commit 2eeacacd3ca9 · 2024-07-30T14:42:08.000+02:00
Signed-off-by: Miguel &lt;miguel@chainloop.dev&gt;
diff --git a/deployment/chainloop/Chart.yaml b/deployment/chainloop/Chart.yaml
@@ -7,7 +7,7 @@ description: Chainloop is an open source software supply chain control plane, a
 
 type: application
 # Bump the patch (not minor, not major) version on each change in the Chart Source code
-version: 1.83.1
+version: 1.83.2
 # Do not update appVersion, this is handled automatically by the release process
 appVersion: v0.95.0
 
diff --git a/deployment/chainloop/README.md b/deployment/chainloop/README.md
diff --git a/deployment/chainloop/templates/cas/service_grpc.yaml b/deployment/chainloop/templates/cas/service_grpc.yaml
@@ -7,19 +7,49 @@ apiVersion: v1
 kind: Service
 metadata:
   name: {{ include "chainloop.cas.fullname" . }}-api
-  labels:
-    {{- include "chainloop.cas.labels" . | nindent 4 }}
-  {{- with .Values.cas.serviceAPI.annotations }}
-  annotations:
-    {{- toYaml . | nindent 4 }}
+  namespace: {{ include "common.names.namespace" . | quote }}
+  labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
+    app.kubernetes.io/component: cas
+  {{- if or .Values.cas.serviceAPI.annotations .Values.commonAnnotations }}
+  {{- $annotations := include "common.tplvalues.merge" (dict "values" (list .Values.cas.serviceAPI.annotations .Values.commonAnnotations) "context" .) }}
+  annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }}
   {{- end }}
 spec:
   type: {{ .Values.cas.serviceAPI.type }}
+  {{- if and .Values.cas.serviceAPI.clusterIP (eq .Values.cas.serviceAPI.type "ClusterIP") }}
+  clusterIP: {{ .Values.cas.serviceAPI.clusterIP }}
+  {{- end }}
+  {{- if .Values.cas.serviceAPI.sessionAffinity }}
+  sessionAffinity: {{ .Values.cas.serviceAPI.sessionAffinity }}
+  {{- end }}
+  {{- if .Values.cas.serviceAPI.sessionAffinityConfig }}
+  sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.cas.serviceAPI.sessionAffinityConfig "context" $) | nindent 4 }}
+  {{- end }}
+  {{- if or (eq .Values.cas.serviceAPI.type "LoadBalancer") (eq .Values.cas.serviceAPI.type "NodePort") }}
+  externalTrafficPolicy: {{ .Values.cas.serviceAPI.externalTrafficPolicy | quote }}
+  {{- end }}
+  {{- if and (eq .Values.cas.serviceAPI.type "LoadBalancer") (not (empty .Values.cas.serviceAPI.loadBalancerSourceRanges)) }}
+  loadBalancerSourceRanges: {{ .Values.cas.serviceAPI.loadBalancerSourceRanges }}
+  {{- end }}
+  {{- if and (eq .Values.cas.serviceAPI.type "LoadBalancer") (not (empty .Values.cas.serviceAPI.loadBalancerIP)) }}
+  loadBalancerIP: {{ .Values.cas.serviceAPI.loadBalancerIP }}
+  {{- end }}
   ports:
-    - port: {{ .Values.cas.serviceAPI.port }}
-      targetPort: {{ .Values.cas.serviceAPI.targetPort }}
+    - name: grpc
+      {{- $port := coalesce .Values.cas.serviceAPI.port .Values.cas.serviceAPI.ports.http }}
+      port: {{ $port }}
+      {{- if not (eq $port .Values.cas.containerPorts.grpc) }}
+      targetPort: {{ .Values.cas.containerPorts.grpc }}
+      {{- end }}
       protocol: TCP
-      name: grpc
-      nodePort: {{ include "chainloop.node_port" .Values.cas.serviceAPI }}
-  selector:
-    {{- include "chainloop.cas.selectorLabels" . | nindent 4 }}
+      {{- if and (or (eq .Values.cas.serviceAPI.type "NodePort") (eq .Values.cas.serviceAPI.type "LoadBalancer")) (not (empty .Values.cas.serviceAPI.nodePorts.http)) }}
+      nodePort: {{ .Values.cas.serviceAPI.nodePorts.http }}
+      {{- else if eq .Values.cas.serviceAPI.type "ClusterIP" }}
+      nodePort: null
+      {{- end }}
+    {{- if .Values.cas.serviceAPI.extraPorts }}
+    {{- include "common.tplvalues.render" (dict "value" .Values.cas.serviceAPI.extraPorts "context" $) | nindent 4 }}
+    {{- end }}
+  {{- $podLabels := include "common.tplvalues.merge" (dict "values" (list .Values.cas.podLabels .Values.commonLabels) "context" .) | fromYaml }}
+  selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }}
+    app.kubernetes.io/component: cas
diff --git a/deployment/chainloop/templates/cas/service_http.yaml b/deployment/chainloop/templates/cas/service_http.yaml
@@ -7,18 +7,49 @@ apiVersion: v1
 kind: Service
 metadata:
   name: {{ include "chainloop.cas.fullname" . }}
-  labels:
-    {{- include "chainloop.cas.labels" . | nindent 4 }}
-  {{- with .Values.cas.service.annotations }}
-  annotations:
-    {{- toYaml . | nindent 4 }}
+  namespace: {{ include "common.names.namespace" . | quote }}
+  labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
+    app.kubernetes.io/component: cas
+  {{- if or .Values.cas.service.annotations .Values.commonAnnotations }}
+  {{- $annotations := include "common.tplvalues.merge" (dict "values" (list .Values.cas.service.annotations .Values.commonAnnotations) "context" .) }}
+  annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }}
   {{- end }}
 spec:
   type: {{ .Values.cas.service.type }}
+  {{- if and .Values.cas.service.clusterIP (eq .Values.cas.service.type "ClusterIP") }}
+  clusterIP: {{ .Values.cas.service.clusterIP }}
+  {{- end }}
+  {{- if .Values.cas.service.sessionAffinity }}
+  sessionAffinity: {{ .Values.cas.service.sessionAffinity }}
+  {{- end }}
+  {{- if .Values.cas.service.sessionAffinityConfig }}
+  sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.cas.service.sessionAffinityConfig "context" $) | nindent 4 }}
+  {{- end }}
+  {{- if or (eq .Values.cas.service.type "LoadBalancer") (eq .Values.cas.service.type "NodePort") }}
+  externalTrafficPolicy: {{ .Values.cas.service.externalTrafficPolicy | quote }}
+  {{- end }}
+  {{- if and (eq .Values.cas.service.type "LoadBalancer") (not (empty .Values.cas.service.loadBalancerSourceRanges)) }}
+  loadBalancerSourceRanges: {{ .Values.cas.service.loadBalancerSourceRanges }}
+  {{- end }}
+  {{- if and (eq .Values.cas.service.type "LoadBalancer") (not (empty .Values.cas.service.loadBalancerIP)) }}
+  loadBalancerIP: {{ .Values.cas.service.loadBalancerIP }}
+  {{- end }}
   ports:
-    - port: {{ .Values.cas.service.port }}
-      targetPort: {{ .Values.cas.service.targetPort }}
+    - name: http
+      {{- $port := coalesce .Values.cas.service.port .Values.cas.service.ports.http }}
+      port: {{ $port }}
+      {{- if not (eq $port .Values.cas.containerPorts.http) }}
+      targetPort: {{ .Values.cas.containerPorts.http }}
+      {{- end }}
       protocol: TCP
-      name: http
-      nodePort: {{ include "chainloop.node_port" .Values.cas.service }}
-  selector: {{- include "chainloop.cas.selectorLabels" . | nindent 4 }}
+      {{- if and (or (eq .Values.cas.service.type "NodePort") (eq .Values.cas.service.type "LoadBalancer")) (not (empty .Values.cas.service.nodePorts.http)) }}
+      nodePort: {{ .Values.cas.service.nodePorts.http }}
+      {{- else if eq .Values.cas.service.type "ClusterIP" }}
+      nodePort: null
+      {{- end }}
+    {{- if .Values.cas.service.extraPorts }}
+    {{- include "common.tplvalues.render" (dict "value" .Values.cas.service.extraPorts "context" $) | nindent 4 }}
+    {{- end }}
+  {{- $podLabels := include "common.tplvalues.merge" (dict "values" (list .Values.cas.podLabels .Values.commonLabels) "context" .) | fromYaml }}
+  selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }}
+    app.kubernetes.io/component: cas
diff --git a/deployment/chainloop/templates/controlplane/config.configmap.yaml b/deployment/chainloop/templates/controlplane/config.configmap.yaml
@@ -34,7 +34,7 @@ data:
         {{- end }}
     cas_server:
       grpc:
-        addr: {{ printf "%s-api:%.0f" (include "chainloop.cas.fullname" .) .Values.cas.serviceAPI.port }}
+        addr: {{ printf "%s-api:%.0f" (include "chainloop.cas.fullname" .) (coalesce .Values.cas.serviceAPI.port .Values.cas.serviceAPI.ports.http) }}
       insecure: {{ empty .Values.cas.tlsConfig.secret.name }}
       download_url: {{ include "chainloop.cas.external_url" . }}/download
     plugins_dir: {{ .Values.controlplane.pluginsDir }}
diff --git a/deployment/chainloop/templates/controlplane/service_grpc.yaml b/deployment/chainloop/templates/controlplane/service_grpc.yaml
@@ -7,19 +7,49 @@ apiVersion: v1
 kind: Service
 metadata:
   name: {{ include "chainloop.controlplane.fullname" . }}-api
-  labels:
-    {{- include "chainloop.controlplane.labels" . | nindent 4 }}
-  {{- with .Values.controlplane.serviceAPI.annotations }}
-  annotations:
-    {{- toYaml . | nindent 4 }}
+  namespace: {{ include "common.names.namespace" . | quote }}
+  labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
+    app.kubernetes.io/component: controlplane
+  {{- if or .Values.controlplane.serviceAPI.annotations .Values.commonAnnotations }}
+  {{- $annotations := include "common.tplvalues.merge" (dict "values" (list .Values.controlplane.serviceAPI.annotations .Values.commonAnnotations) "context" .) }}
+  annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }}
   {{- end }}
 spec:
   type: {{ .Values.controlplane.serviceAPI.type }}
+  {{- if and .Values.controlplane.serviceAPI.clusterIP (eq .Values.controlplane.serviceAPI.type "ClusterIP") }}
+  clusterIP: {{ .Values.controlplane.serviceAPI.clusterIP }}
+  {{- end }}
+  {{- if .Values.controlplane.serviceAPI.sessionAffinity }}
+  sessionAffinity: {{ .Values.controlplane.serviceAPI.sessionAffinity }}
+  {{- end }}
+  {{- if .Values.controlplane.serviceAPI.sessionAffinityConfig }}
+  sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.controlplane.serviceAPI.sessionAffinityConfig "context" $) | nindent 4 }}
+  {{- end }}
+  {{- if or (eq .Values.controlplane.serviceAPI.type "LoadBalancer") (eq .Values.controlplane.serviceAPI.type "NodePort") }}
+  externalTrafficPolicy: {{ .Values.controlplane.serviceAPI.externalTrafficPolicy | quote }}
+  {{- end }}
+  {{- if and (eq .Values.controlplane.serviceAPI.type "LoadBalancer") (not (empty .Values.controlplane.serviceAPI.loadBalancerSourceRanges)) }}
+  loadBalancerSourceRanges: {{ .Values.controlplane.serviceAPI.loadBalancerSourceRanges }}
+  {{- end }}
+  {{- if and (eq .Values.controlplane.serviceAPI.type "LoadBalancer") (not (empty .Values.controlplane.serviceAPI.loadBalancerIP)) }}
+  loadBalancerIP: {{ .Values.controlplane.serviceAPI.loadBalancerIP }}
+  {{- end }}
   ports:
-    - port: {{ .Values.controlplane.serviceAPI.port }}
-      targetPort: {{ .Values.controlplane.serviceAPI.targetPort }}
+    - name: grpc
+      {{- $port := coalesce .Values.controlplane.serviceAPI.port .Values.controlplane.serviceAPI.ports.http }}
+      port: {{ $port }}
+      {{- if not (eq $port .Values.controlplane.containerPorts.grpc) }}
+      targetPort: {{ .Values.controlplane.containerPorts.grpc }}
+      {{- end }}
       protocol: TCP
-      name: grpc
-      nodePort: {{ include "chainloop.node_port" .Values.controlplane.serviceAPI }}
-  selector:
-    {{- include "chainloop.controlplane.selectorLabels" . | nindent 4 }}
+      {{- if and (or (eq .Values.controlplane.serviceAPI.type "NodePort") (eq .Values.controlplane.serviceAPI.type "LoadBalancer")) (not (empty .Values.controlplane.serviceAPI.nodePorts.http)) }}
+      nodePort: {{ .Values.controlplane.serviceAPI.nodePorts.http }}
+      {{- else if eq .Values.controlplane.serviceAPI.type "ClusterIP" }}
+      nodePort: null
+      {{- end }}
+    {{- if .Values.controlplane.serviceAPI.extraPorts }}
+    {{- include "common.tplvalues.render" (dict "value" .Values.controlplane.serviceAPI.extraPorts "context" $) | nindent 4 }}
+    {{- end }}
+  {{- $podLabels := include "common.tplvalues.merge" (dict "values" (list .Values.controlplane.podLabels .Values.commonLabels) "context" .) | fromYaml }}
+  selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }}
+    app.kubernetes.io/component: controlplane
diff --git a/deployment/chainloop/templates/controlplane/service_http.yaml b/deployment/chainloop/templates/controlplane/service_http.yaml
@@ -7,18 +7,49 @@ apiVersion: v1
 kind: Service
 metadata:
   name: {{ include "chainloop.controlplane.fullname" . }}
-  labels:
-    {{- include "chainloop.controlplane.labels" . | nindent 4 }}
-  {{- with .Values.controlplane.service.annotations }}
-  annotations:
-    {{- toYaml . | nindent 4 }}
+  namespace: {{ include "common.names.namespace" . | quote }}
+  labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
+    app.kubernetes.io/component: controlplane
+  {{- if or .Values.controlplane.service.annotations .Values.commonAnnotations }}
+  {{- $annotations := include "common.tplvalues.merge" (dict "values" (list .Values.controlplane.service.annotations .Values.commonAnnotations) "context" .) }}
+  annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }}
   {{- end }}
 spec:
   type: {{ .Values.controlplane.service.type }}
+  {{- if and .Values.controlplane.service.clusterIP (eq .Values.controlplane.service.type "ClusterIP") }}
+  clusterIP: {{ .Values.controlplane.service.clusterIP }}
+  {{- end }}
+  {{- if .Values.controlplane.service.sessionAffinity }}
+  sessionAffinity: {{ .Values.controlplane.service.sessionAffinity }}
+  {{- end }}
+  {{- if .Values.controlplane.service.sessionAffinityConfig }}
+  sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.controlplane.service.sessionAffinityConfig "context" $) | nindent 4 }}
+  {{- end }}
+  {{- if or (eq .Values.controlplane.service.type "LoadBalancer") (eq .Values.controlplane.service.type "NodePort") }}
+  externalTrafficPolicy: {{ .Values.controlplane.service.externalTrafficPolicy | quote }}
+  {{- end }}
+  {{- if and (eq .Values.controlplane.service.type "LoadBalancer") (not (empty .Values.controlplane.service.loadBalancerSourceRanges)) }}
+  loadBalancerSourceRanges: {{ .Values.controlplane.service.loadBalancerSourceRanges }}
+  {{- end }}
+  {{- if and (eq .Values.controlplane.service.type "LoadBalancer") (not (empty .Values.controlplane.service.loadBalancerIP)) }}
+  loadBalancerIP: {{ .Values.controlplane.service.loadBalancerIP }}
+  {{- end }}
   ports:
-    - port: {{ .Values.controlplane.service.port }}
-      targetPort: {{ .Values.controlplane.service.targetPort }}
+    - name: http
+      {{- $port := coalesce .Values.controlplane.service.port .Values.controlplane.service.ports.http }}
+      port: {{ $port }}
+      {{- if not (eq $port .Values.controlplane.containerPorts.http) }}
+      targetPort: {{ .Values.controlplane.containerPorts.http }}
+      {{- end }}
       protocol: TCP
-      name: http
-      nodePort: {{ include "chainloop.node_port" .Values.controlplane.service }}
-  selector: {{- include "chainloop.controlplane.selectorLabels" . | nindent 4 }}
+      {{- if and (or (eq .Values.controlplane.service.type "NodePort") (eq .Values.controlplane.service.type "LoadBalancer")) (not (empty .Values.controlplane.service.nodePorts.http)) }}
+      nodePort: {{ .Values.controlplane.service.nodePorts.http }}
+      {{- else if eq .Values.controlplane.service.type "ClusterIP" }}
+      nodePort: null
+      {{- end }}
+    {{- if .Values.controlplane.service.extraPorts }}
+    {{- include "common.tplvalues.render" (dict "value" .Values.controlplane.service.extraPorts "context" $) | nindent 4 }}
+    {{- end }}
+  {{- $podLabels := include "common.tplvalues.merge" (dict "values" (list .Values.controlplane.podLabels .Values.commonLabels) "context" .) | fromYaml }}
+  selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }}
+    app.kubernetes.io/component: controlplane
diff --git a/deployment/chainloop/values.yaml b/deployment/chainloop/values.yaml
