From 0fc63e1d323fd227ea808a15cbb7e5d4f954c736 Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Mon, 24 Mar 2025 15:37:20 +0200 Subject: [PATCH 1/3] remove workflow logs from internal gateway --- .../files/conf.d/s3-gateway.conf | 41 ------------------- charts/internal-gateway/files/njs/auth.js | 28 ------------- .../templates/_default_values.tpl | 4 -- charts/internal-gateway/values.yaml | 10 +---- 4 files changed, 2 insertions(+), 81 deletions(-) delete mode 100644 charts/internal-gateway/files/conf.d/s3-gateway.conf delete mode 100644 charts/internal-gateway/files/njs/auth.js diff --git a/charts/internal-gateway/files/conf.d/s3-gateway.conf b/charts/internal-gateway/files/conf.d/s3-gateway.conf deleted file mode 100644 index 1a24fd0b..00000000 --- a/charts/internal-gateway/files/conf.d/s3-gateway.conf +++ /dev/null @@ -1,41 +0,0 @@ -{{- $vals := include "internal-gateway.default-values" . | fromYaml -}} -{{- $mergedValues := mergeOverwrite $vals .Values -}} -{{- $_ := set . "Values" $mergedValues -}} -server { - listen 8080; - server_name {{ index $vals "codefresh" "serviceEndpoints" "workflow-logs-s3-proxy" "domain" }}; - - js_import scripts/auth.js; - location ~ /(.+) { - client_body_buffer_size 32k; - client_max_body_size 10M; - proxy_buffer_size 128k; - proxy_buffers 4 128k; - proxy_connect_timeout 5s; - proxy_read_timeout 60s; - proxy_send_timeout 60s; - - auth_request /api/auth/authenticate; - auth_request_set $auth_entity $upstream_http_x_cf_auth_entity; - - js_set $account_id auth.account_id; - - proxy_pass http://{{ index $vals "codefresh" "serviceEndpoints" "workflow-logs-s3-proxy" "svc" }}:{{ index $vals "codefresh" "serviceEndpoints" "workflow-logs-s3-proxy" "port" }}/logs/$account_id/$1; - } - - location = /api/auth/authenticate { - client_body_buffer_size 32k; - client_max_body_size 10M; - proxy_buffer_size 128k; - proxy_buffers 4 128k; - proxy_connect_timeout 5s; - proxy_read_timeout 60s; - proxy_send_timeout 60s; - - js_set $auth_header auth.setAuthHeader; - - proxy_set_header Authorization $auth_header; - - proxy_pass http://{{ index $vals "codefresh" "serviceEndpoints" "cfapi-auth" "svc" }}:{{ index $vals "codefresh" "serviceEndpoints" "cfapi-auth" "port" }}; - } -} diff --git a/charts/internal-gateway/files/njs/auth.js b/charts/internal-gateway/files/njs/auth.js deleted file mode 100644 index 81ebae1c..00000000 --- a/charts/internal-gateway/files/njs/auth.js +++ /dev/null @@ -1,28 +0,0 @@ -function account_id(r) { - try { - const auth_entity = r.variables["auth_entity"]; - const b64decoded = Buffer.from(auth_entity, 'base64'); - const json = JSON.parse(b64decoded); - const account_id = json.account.id; - - return account_id; - } catch (e) { - r.error('Failed to extract account id', e); - return ""; - } -} - - -function setAuthHeader(r) { - let auth = r.headersIn['authorization']; - if (auth) { - // Look for the pattern: Credential=/... - let matches = auth.match(/Credential=([^\/]+)\//); - if (matches && matches.length > 1) { - return matches[1]; - } - } - return ""; -} - -export default { account_id, setAuthHeader }; \ No newline at end of file diff --git a/charts/internal-gateway/templates/_default_values.tpl b/charts/internal-gateway/templates/_default_values.tpl index 52f3471a..c86af24a 100644 --- a/charts/internal-gateway/templates/_default_values.tpl +++ b/charts/internal-gateway/templates/_default_values.tpl @@ -58,8 +58,4 @@ codefresh: jira-addon: svc: '{{ .Release.Name }}-{{ index .Values.codefresh "jira-addon-svc" }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}' port: {{ index .Values.codefresh "jira-addon-port" }} - workflow-logs-s3-proxy: - domain: {{ index .Values.codefresh "workflow-logs-s3-proxy-domain" }} - svc: '{{ .Release.Name }}-{{ index .Values.codefresh "workflow-logs-s3-proxy-svc" }}.{{ .Release.Namespace }}.svc.{{ .Values.global.clusterDomain }}' - port: {{ index .Values.codefresh "workflow-logs-s3-proxy-port" }} {{- end }} diff --git a/charts/internal-gateway/values.yaml b/charts/internal-gateway/values.yaml index 69d82c48..3884e985 100644 --- a/charts/internal-gateway/values.yaml +++ b/charts/internal-gateway/values.yaml @@ -63,10 +63,6 @@ codefresh: jira-addon-svc: cf-jira-addon jira-addon-port: 9000 - workflow-logs-s3-proxy-domain: logs.codefresh.io - workflow-logs-s3-proxy-svc: workflow-logs-s3-proxy - workflow-logs-s3-proxy-port: 80 - # -- Override defaults here! serviceEndpoints: cfapi-auth: {} @@ -158,10 +154,8 @@ nginx: # @default -- See below file: "" # -- Path to NJS scripts - scriptFilesPatterns: - - files/njs/** - extraConfigsPatterns: - - files/conf.d/** + scriptFilesPatterns: [] + extraConfigsPatterns: [] # -- Misc signadot configuration signadot: false From cf072a3ce74e486a8364d9de7b81f67ee5dbf48f Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Mon, 24 Mar 2025 15:39:12 +0200 Subject: [PATCH 2/3] remove workflow logs from internal gateway --- charts/internal-gateway/Chart.yaml | 2 +- charts/internal-gateway/README.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/internal-gateway/Chart.yaml b/charts/internal-gateway/Chart.yaml index e12bf608..dbb46980 100644 --- a/charts/internal-gateway/Chart.yaml +++ b/charts/internal-gateway/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v0.0.0 description: A Helm chart for Codefresh Internal Gateway name: internal-gateway -version: 0.10.2 +version: 0.10.3 home: https://github.com/codefresh-io/helm-charts keywords: - codefresh diff --git a/charts/internal-gateway/README.md b/charts/internal-gateway/README.md index 5b60c507..775f3824 100644 --- a/charts/internal-gateway/README.md +++ b/charts/internal-gateway/README.md @@ -53,8 +53,8 @@ A Helm chart for Codefresh Internal Gateway | nginx.config.workerConnections | string | `"16384"` | Sets the maximum number of simultaneous connections that can be opened by a worker process. | | nginx.config.workerProcesses | string | `"8"` | Defines the number of worker processes. | | nginx.config.workerRlimitNofile | string | `"1047552"` | Changes the limit on the largest size of a core file (RLIMIT_CORE) for worker processes. Used to increase the limit without restarting the main process. | -| nginx.extraConfigsPatterns[0] | string | `"files/conf.d/**"` | | -| nginx.scriptFilesPatterns | list | `["files/njs/**"]` | Path to NJS scripts | +| nginx.extraConfigsPatterns | list | `[]` | | +| nginx.scriptFilesPatterns | list | `[]` | Path to NJS scripts | | pdb | object | See below | PDB parameters | | podAnnotations | object | See below | Pod annotations | | podSecurityContext | object | See below | Pod Security Context parameters | From a04d881273e786076d15dcd31ca21d5e575a419f Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Tue, 25 Mar 2025 12:38:51 +0200 Subject: [PATCH 3/3] ngrok-agent docs update --- charts/ngrok-agent/README.md | 60 ++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 charts/ngrok-agent/README.md diff --git a/charts/ngrok-agent/README.md b/charts/ngrok-agent/README.md new file mode 100644 index 00000000..e654e8bf --- /dev/null +++ b/charts/ngrok-agent/README.md @@ -0,0 +1,60 @@ +# ngrok-agent + +![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +A Helm chart for Kubernetes + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| codefresh | | | + +## Requirements + +| Repository | Name | Version | +|------------|------|---------| +| oci://quay.io/codefresh/charts | cf-common | 0.20.1 | + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| codefresh.internal-gateway-port | int | `80` | | +| codefresh.internal-gateway-svc | string | `"internal-gateway"` | | +| codefresh.ngrok-domain | string | `""` | | +| configMaps.config.data."ngrok.yml" | string | `"{{ include (printf \"cf-common-%s.tplrender\" (index .Subcharts \"cf-common\").Chart.Version) ( dict \"Values\" .Values.ngrok.config \"context\" .) | nindent 2 }}\n"` | | +| configMaps.config.enabled | bool | `true` | | +| container.args[0] | string | `"start"` | | +| container.args[1] | string | `"--all"` | | +| container.args[2] | string | `"--config=/etc/ngrok.yml"` | | +| container.args[3] | string | `"--log=stdout"` | | +| container.args[4] | string | `"--log-format=json"` | | +| container.args[5] | string | `"--log-level=debug"` | | +| container.command[0] | string | `"ngrok"` | | +| container.env.NGROK_AUTHTOKEN | string | `""` | | +| container.image.pullPolicy | string | `"IfNotPresent"` | | +| container.image.registry | string | `"docker.io"` | | +| container.image.repository | string | `"ngrok/ngrok"` | | +| container.image.tag | string | `"3-alpine"` | | +| container.volumeMounts.config.path[0].mountPath | string | `"/etc/ngrok.yml"` | | +| container.volumeMounts.config.path[0].subPath | string | `"ngrok.yml"` | | +| controller.deployment.strategy | string | `"Recreate"` | | +| controller.enabled | bool | `true` | | +| controller.replicas | int | `1` | | +| controller.type | string | `"deployment"` | | +| global | object | `{}` | | +| hpa | object | `{}` | | +| keda.auth | object | `{}` | | +| keda.spec | object | `{}` | | +| libraryMode | bool | `true` | | +| ngrok.config | string | `"version: 3\ntunnels:\n ingresshost:\n proto: http\n addr: {{ printf \"%s:%v\" (index .Values.codefresh \"internal-gateway-svc\") (index .Values.codefresh \"internal-gateway-port\") }}\n hostname: {{ index .Values.codefresh \"ngrok-domain\" }}\n"` | | +| nodeSelector | object | `{}` | | +| pdb | object | `{}` | | +| tolerations | list | `[]` | | +| volumes.config.enabled | bool | `true` | | +| volumes.config.type | string | `"configMap"` | | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.9.1](https://github.com/norwoodj/helm-docs/releases/v1.9.1)