Add dev chart (#31)

* Add dev chart

* fix copy-paste error

Author: jacobsee

development/Chart.yaml

@@ -0,0 +1,21 @@
+apiVersion: v1
+name: backend
+description: A Helm chart to deploy the backend (coordination API) of the Open Management Portal
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application.
+appVersion: 1.0.0

development/README.md

@@ -0,0 +1,43 @@
+# Development on OpenShift
+
+This directory contains a Helm chart which can be used to deploy a development version of this app for rapid testing.
+
+Before you use it, you will need to download & install Helm 3.
+
+To use it, move to the `development` directory (i.e. `cd development/`), and deploy using the following Helm command:
+
+```shell script
+helm template . \
+  --set git.uri=https://github.com/rht-labs/open-management-portal-git-api.git \
+  --set git.ref=master \
+  --set cacheService=<your-infinispan-service-name> \
+  --set cacheUseAuth=<use-infinispan-auth> \
+  --set configRepositoryId=<your-config-repository-id> \
+  --set deployKey=<your-gitlab-deploy-key-id> \
+  --set gitLabApiUrl=<your-gitlab-base-url> \
+  --set gitLabPersonalAccessToken=<your-gitlab-personal-access-token> \
+  --set jwtVerifyPublicKeyLocation=<your-openid-connect-cert-url> \
+  --set residenciesParentRepositoryId=<your-gitlab-group-id> \
+  --set templateRepositoryId=<your-template-repository-id> \
+  --set trustedClientKey=<your-trusted-client-key> \
+| oc apply -f -
+```
+
+It accepts the following variables
+
+| Variable  | Use  |
+|---|---|
+| `git.uri`  | The HTTPS reference to the repo (your fork!) to build  |
+| `git.ref`  | The branch name to build  |
+| `cacheService`  | The service name of the Infinispan deployment  |
+| `cacheUseAuth`  | Enable authentication against the cache  |
+| `configRepositoryId`  | The GitLab ID of the config repository  |
+| `deployKey`  | The ID of the GitLab deploy key to enable on newly-created repositories  |
+| `gitLabApiUrl`  | The base URL of the GitLab instance to use  |
+| `gitLabPersonalAccessToken`  | The access token to use to auth against GitLab  |
+| `jwtVerifyPublicKeyLocation`  | The URL at which your OpenID Connect (SSO) provider exposes its public key  |
+| `residenciesParentRepositoryId`  | The ID of the GitLab group under which to create new projects  |
+| `templateRepositoryId`  | The ID of the GitLab repository which defines a template to use for creating new repos  |
+| `trustedClientKey`  | [Temporary] Used as a placeholder to authenticate client requests, being replaced by validating JWT tokens against the `jwtVerifyPublicKeyLocation` |
+
+This will spin up all of the usual resources that this service needs in production, plus a `BuildConfig` configured to build it from source from the Git repository specified. To trigger this build, use `oc start-build omp-git-api`.

development/templates/buildconfig.yaml

@@ -0,0 +1,30 @@
+apiVersion: build.openshift.io/v1
+kind: BuildConfig
+metadata:
+  labels:
+    app: {{ .Values.name }}
+  name: {{ .Values.name }}
+spec:
+  failedBuildsHistoryLimit: 5
+  nodeSelector: null
+  output:
+    to:
+      kind: ImageStreamTag
+      name: "{{ .Values.imageName }}:{{ .Values.imageTag }}"
+  postCommit: {}
+  resources: {}
+  runPolicy: Serial
+  source:
+    git:
+      uri: {{ .Values.git.uri }}
+      ref: {{ .Values.git.ref }}
+    type: Git
+  strategy:
+    sourceStrategy:
+      from:
+        kind: DockerImage
+        name: "{{ .Values.builderImage }}:{{ .Values.builderImageTag }}"
+    type: Source
+  successfulBuildsHistoryLimit: 5
+  triggers:
+    - type: ConfigChange

development/templates/cache-secret.yaml

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: omp-cache-secret
+type: Opaque
+data:
+  identities.yaml: >-
+    Y3JlZGVudGlhbHM6Ci0gdXNlcm5hbWU6IG9tcAogIHBhc3N3b3JkOiBvbXAKLSB1c2VybmFtZTogb3BlcmF0b3IKICBwYXNzd29yZDogb3BlcmF0b3IxCg==

development/templates/deploymentconfig.yaml

@@ -0,0 +1,57 @@
+apiVersion: apps.openshift.io/v1
+kind: DeploymentConfig
+metadata:
+  labels:
+    app: {{ .Values.name }}
+  name: {{ .Values.name }}
+spec:
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    app: {{ .Values.name }}
+    deploymentconfig: {{ .Values.name }}
+  strategy:
+    activeDeadlineSeconds: 21600
+    resources: {}
+    rollingParams:
+      intervalSeconds: 1
+      maxSurge: 25%
+      maxUnavailable: 25%
+      timeoutSeconds: 600
+      updatePeriodSeconds: 1
+    type: Rolling
+  template:
+    metadata:
+      labels:
+        app: {{ .Values.name }}
+        deploymentconfig: {{ .Values.name }}
+    spec:
+      containers:
+      - envFrom:
+          - secretRef:
+              name: omp-gitlab-configuration
+        image: "{{ .Values.imageName }}:{{ .Values.imageTag }}"
+        imagePullPolicy: Always
+        name: {{ .Values.name }}
+        ports:
+          - containerPort: 8080
+            protocol: TCP
+        resources: {}
+        terminationMessagePath: /dev/termination-log
+        terminationMessagePolicy: File
+      dnsPolicy: ClusterFirst
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+  test: false
+  triggers:
+    - type: ConfigChange
+    - type: ImageChange
+      imageChangeParams:
+        containerNames:
+          - {{ .Values.name }}
+        automatic: true
+        from:
+          kind: "ImageStreamTag"
+          name: "{{ .Values.imageName }}:{{ .Values.imageTag }}"

development/templates/gitlab-secret.yaml

@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: omp-gitlab-configuration
+type: Opaque
+stringData:
+  CACHE_SERVICE: "{{ .Values.cacheService }}"
+  CACHE_USE_AUTH: "{{ .Values.cacheUseAuth }}"
+  CONFIG_REPOSITORY_ID: "{{ .Values.configRepositoryId }}"
+  DEPLOY_KEY: "{{ .Values.deployKey }}"
+  GITLAB_API_URL: "{{ .Values.gitLabApiUrl }}"
+  GITLAB_PERSONAL_ACCESS_TOKEN: "{{ .Values.gitLabPersonalAccessToken }}"
+  MP_JWT_VERIFY_PUBLICKEY_LOCATION: >-
+    {{ .Values.jwtVerifyPublicKeyLocation }}
+  RESIDENCIES_PARENT_REPOSITORIES_ID: "{{ .Values.residenciesParentRepositoryId }}"
+  TEMPLATE_REPOSITORY_ID: "{{ .Values.templateRepositoryId }}"
+  TRUSTED_CLIENT_KEY: "{{ .Values.trustedClientKey }}"

development/templates/imagestream.yaml

@@ -0,0 +1,7 @@
+apiVersion: image.openshift.io/v1
+kind: ImageStream
+metadata:
+  name: {{ .Values.imageName }}
+spec:
+  lookupPolicy:
+    local: false

development/templates/infinispan-cr.yaml

@@ -0,0 +1,13 @@
+apiVersion: infinispan.org/v1
+kind: Infinispan
+metadata:
+  name: omp-cache
+spec:
+  replicas: 1
+  image: infinispan/server:10.1
+  logging:
+    categories:
+      org.infinispan: info
+      org.jgroups: info
+  security:
+    endpointSecretName: omp-cache-secret

development/templates/service.yaml

@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: {{ .Values.name }}
+  name: {{ .Values.name }}
+spec:
+  ports:
+    - name: "{{ .Values.servicePort }}-tcp"
+      port: {{ .Values.servicePort }}
+      protocol: TCP
+      targetPort: {{ .Values.servicePort }}
+  selector:
+    app: {{ .Values.name }}
+    deploymentconfig: {{ .Values.name }}
+  sessionAffinity: None
+  type: ClusterIP

development/values.yaml

@@ -0,0 +1,24 @@
+name: omp-git-api
+
+servicePort: 8080
+
+imageName: "omp-git-api"
+imageTag: "latest"
+
+builderImage: registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift
+builderImageTag: 1.8
+
+git:
+  uri: https://github.com/rht-labs/open-management-portal-git-api.git
+  ref: master
+
+cacheService: false
+cacheUseAuth: false
+configRepositoryId: false
+deployKey: false
+gitLabApiUrl: false
+gitLabPersonalAccessToken: false
+jwtVerifyPublicKeyLocation: false
+residenciesParentRepositoryId: false
+templateRepositoryId: false
+trustedClientKey: false