155 lines
4.5 KiB
Text
155 lines
4.5 KiB
Text
local appr = import 'appr.libsonnet';
|
|
local quaylib = import 'lib/quay.libsonnet';
|
|
|
|
function(
|
|
params={}
|
|
)
|
|
|
|
|
|
appr.package({
|
|
package: import "Chart.jsonnet",
|
|
|
|
variables: {
|
|
namespace: 'default',
|
|
cluster_domain_name: 'cluster.local',
|
|
|
|
# Minimum configuration
|
|
base_config: (import "templates/conf/config.libsonnet")($.variables),
|
|
|
|
# Additional values stack/config.yaml values
|
|
config: {},
|
|
|
|
# path to the local stack configuration directory
|
|
stack_path: "stack",
|
|
|
|
# load local `stack` directory if exists
|
|
stack_files: {
|
|
"syslog-ng-extra.conf": appr.b64encode(importstr "templates/conf/syslog-ng-extra.conf")} +
|
|
if $.variables.license != null then {"license": appr.b64encode($.variables.license) } else {} +
|
|
quaylib.load_stack_files($.variables.stack_path),
|
|
|
|
# load license
|
|
license: null,
|
|
|
|
# Image tag and repo
|
|
tag: $.package.version,
|
|
image: 'quay.io/quay/quay:%s' % self.tag,
|
|
|
|
# Used in the pull secret
|
|
docker_user: 'changeme',
|
|
docker_pass: 'changeme',
|
|
|
|
# Redis configuration
|
|
redis_host: 'quay-redis.%s.svc.%s:6379' % [$.variables.namespace, $.variables.cluster_domain_name],
|
|
redisconf: {redis_parts:: std.split($.variables.redis_host, ":"),
|
|
"host": self.redis_parts[0], port: self.redis_parts[1]},
|
|
|
|
# Configure the ingress with the ingress controller class and domain to use
|
|
domain: 'quay.%s.example.com' % $.variables.namespace,
|
|
ingress: {
|
|
class: 'nginx',
|
|
tls: "kubernetes.io/tls-acme",
|
|
domains: std.split($.variables.domain, ','),
|
|
annotations: {}
|
|
},
|
|
|
|
# Force to reload the secret/configuration
|
|
reconfigure: "false",
|
|
|
|
# Deploy a postgres (don't use it for prod)
|
|
deploy_db: 'false',
|
|
|
|
# Postgres deployment configuratio
|
|
db: {
|
|
user: 'quay',
|
|
password: 'quay',
|
|
name: 'quay',
|
|
},
|
|
|
|
# Quay DB_URI
|
|
db_uri: 'postgresql://%s:%s@postgres.%s.svc.%s/%s' % [$.variables.db.user,
|
|
$.variables.db.password,
|
|
$.variables.namespace,
|
|
$.variables.cluster_domain_name,
|
|
$.variables.db.name],
|
|
|
|
},
|
|
|
|
|
|
# ServiceAccount to attach Rbac rules
|
|
resources: appr.compact([ # + appr.importResourceDir('templates/')
|
|
{
|
|
value: {apiVersion: 'v1', kind: 'ServiceAccount',
|
|
metadata: {name: 'quay-enterprise'}}
|
|
},
|
|
|
|
# Grant secret read/write permission inside the namespace
|
|
{
|
|
value: (import 'templates/quay-enterprise-role.libsonnet')($.variables),
|
|
},
|
|
|
|
# Bind role to the Service account
|
|
{
|
|
value: (import 'templates/quay-enterprise-rolebinding.libsonnet')($.variables),
|
|
},
|
|
|
|
# Quay.io robot / user account. Protected from default values
|
|
{
|
|
value: (import 'templates/quay-enterprise-pullsecret.libsonnet')($.variables),
|
|
protected: if $.variables.docker_user == "changeme" || $.variables.docker_pass == "changeme"
|
|
then true else false
|
|
},
|
|
|
|
# Quay configuration files (quay/conf/stack), automatically read local the "./stack" directory to load values.
|
|
# Values can also be loaded from $.variables.stack_files
|
|
# Protected unless explicitly requested (reconfigure == "true").
|
|
{
|
|
value: (import 'templates/quay-enterprise-secret.libsonnet')($.variables),
|
|
protected: if $.variables.reconfigure == "true" then false else true
|
|
},
|
|
|
|
# Quay-registry deployment
|
|
# Force a rollout when the secret is reconfigured by updating a label (see randLabel)
|
|
{
|
|
value: appr.loadObject(appr.jinja2(importstr 'templates/quay-enterprise-app-dp.yaml', $.variables)) +
|
|
if $.variables.reconfigure == "true" then
|
|
# trigger a rollout
|
|
quaylib.rand_label()
|
|
else {}
|
|
}, # + {value+: if $.variables.reconfigure == "true" then randLabel() else {},},
|
|
|
|
{
|
|
template: (importstr 'templates/quay-enterprise-service.yaml'),
|
|
},
|
|
|
|
# Redis
|
|
{
|
|
template: (importstr 'templates/quay-enterprise-redis-service.yaml'),
|
|
},
|
|
|
|
{
|
|
template: (importstr 'templates/quay-enterprise-redis.yaml'),
|
|
},
|
|
|
|
|
|
# Ingress, assumes usage of kube-lego and an ingress controller.
|
|
# see variables.ingress for configuration
|
|
{
|
|
value: (import 'templates/quay-enterprise-ingress.libsonnet')($.variables.ingress),
|
|
},
|
|
|
|
|
|
]),
|
|
|
|
|
|
deploy: appr.compact([
|
|
if $.variables.deploy_db == 'true' then
|
|
{name: 'quay/postgres-app',
|
|
variables: {
|
|
user: $.variables.db.user,
|
|
dbname: $.variables.db.name,
|
|
password: $.variables.db.password
|
|
}},
|
|
{name: '$self'},
|
|
]),
|
|
}, params)
|