diff --git a/delegator/.helmignore b/delegator/.helmignore deleted file mode 100644 index 0e8a0eb3..00000000 --- a/delegator/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/delegator/Chart.yaml b/delegator/Chart.yaml index 80e1bc6c..4da32687 100644 --- a/delegator/Chart.yaml +++ b/delegator/Chart.yaml @@ -1,7 +1,6 @@ apiVersion: v2 name: orakl-delegator description: A Helm chart for Kubernetes - # A chart can be either an 'application' or a 'library' chart. # # Application charts are a collection of templates that can be packaged into versioned archives @@ -11,14 +10,12 @@ description: A Helm chart for Kubernetes # a dependency of application charts to inject those utilities and functions into the rendering # pipeline. Library charts do not define any templates and therefore cannot be deployed. type: application - # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.5 - +version: 0.0.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "v0.0.1.20231211.0735.867d885" +appVersion: "v0.0.1.20240326.0927.a8a6135" diff --git a/delegator/README.md b/delegator/README.md deleted file mode 100644 index 0966e746..00000000 --- a/delegator/README.md +++ /dev/null @@ -1,2 +0,0 @@ -## Orakl delegator ## - diff --git a/delegator/index.yaml b/delegator/index.yaml deleted file mode 100644 index 55ba9b36..00000000 --- a/delegator/index.yaml +++ /dev/null @@ -1,3 +0,0 @@ -apiVersion: v1 -entries: {} -generated: "2023-03-17T00:07:44.413794+09:00" diff --git a/delegator/templates/NOTES.txt b/delegator/templates/NOTES.txt deleted file mode 100644 index 775f926d..00000000 --- a/delegator/templates/NOTES.txt +++ /dev/null @@ -1 +0,0 @@ -Welcome to orakl-delegator diff --git a/delegator/templates/_helpers.tpl b/delegator/templates/_helpers.tpl deleted file mode 100644 index b2c1421f..00000000 --- a/delegator/templates/_helpers.tpl +++ /dev/null @@ -1,71 +0,0 @@ -{{/* -Expand the name of the chart. -*/}} -{{- define "orakl-delegator.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "orakl-delegator.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "orakl-delegator.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "orakl-delegator.labels" -}} -helm.sh/chart: {{ include "orakl-delegator.chart" . }} -{{ include "orakl-delegator.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "orakl-delegator.selectorLabels" -}} -app.kubernetes.io/name: {{ include "orakl-delegator.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Common labels for delegator -*/}} -{{- define "orakl-delegator.labels.delegator" -}} -helm.sh/chart: {{ include "orakl-delegator.chart" . }} -{{ include "orakl-delegator.selectorLabels.delegator" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels for delegator -*/}} -{{- define "orakl-delegator.selectorLabels.delegator" -}} -app.kubernetes.io/name: {{ include "orakl-delegator.name" . }}-delegator -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} \ No newline at end of file diff --git a/delegator/templates/deployment.yaml b/delegator/templates/deployment.yaml index ed5dc2a7..93557595 100644 --- a/delegator/templates/deployment.yaml +++ b/delegator/templates/deployment.yaml @@ -1,14 +1,18 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: delegator + name: {{ .Values.deployment.name }} labels: - {{- include "orakl-delegator.labels.delegator" . | nindent 4 }} + app: {{ .Values.deployment.name }} + app.kubernetes.io/name: {{ .Values.deployment.name }} + app.kubernetes.io/instance: {{ .Values.deployment.name }} spec: replicas: {{ .Values.delegator.replicas }} selector: matchLabels: - {{- include "orakl-delegator.selectorLabels.delegator" . | nindent 6 }} + app: {{ .Values.deployment.name }} + app.kubernetes.io/name: {{ .Values.deployment.name }} + app.kubernetes.io/instance: {{ .Values.deployment.name }} template: metadata: {{- with .Values.global.podAnnotations }} @@ -16,16 +20,18 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} labels: - {{- include "orakl-delegator.selectorLabels.delegator" . | nindent 8 }} + app: {{ .Values.deployment.name }} + app.kubernetes.io/name: {{ .Values.deployment.name }} + app.kubernetes.io/instance: {{ .Values.deployment.name }} spec: {{- with .Values.global.image.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - serviceAccountName: {{ .Values.delegator.serviceAccount.name }} + serviceAccountName: {{ .Values.deployment.name }}-{{ .Values.delegator.serviceAccount.name }} securityContext: {{- toYaml .Values.delegator.podSecurityContext | nindent 8 }} - {{- if .Values.global.affinity.enabled }} + {{- if .Values.global.affinity.enabled }} affinity: nodeAffinity: preferredDuringSchedulingIgnoredDuringExecution: @@ -36,34 +42,15 @@ spec: operator: In values: - {{ .Values.global.affinity.value }} - {{- end }} + {{- end }} containers: - name: {{ .Chart.Name }} securityContext: {{- toYaml .Values.delegator.containerSecurityContext | nindent 12 }} image: "{{ .Values.global.image.repository }}:{{ .Values.global.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.global.image.pullPolicy }} - {{- if .Values.global.secretManager.enabled }} - env: - - name: DATABASE_URL - valueFrom: - secretKeyRef: - name: orakl-delegator-secrets - key: DATABASE_URL - - name: APP_PORT - valueFrom: - secretKeyRef: - name: orakl-delegator-secrets - key: APP_PORT - - name: PROVIDER_URL - value: "{{ .Values.global.config.PROVIDER_URL }}" - valueFrom: - secretKeyRef: - name: orakl-delegator-secrets - key: PROVIDER_URL - {{ else }} env: - - name: DATABASE_URL + - name: DATABASE_URL valueFrom: secretKeyRef: name: delegator-secrets @@ -73,12 +60,12 @@ spec: secretKeyRef: name: delegator-secrets key: PROVIDER_URL + - name: USE_GOOGLE_SECRET_MANAGER + value: "true" + - name: GOOGLE_SECRET_PATH + value: "projects/284574693973/secrets/orakl-baobab-fee-payer/versions/latest" - name: APP_PORT value: "5050" - {{ end }} - - command: ["yarn"] - args: ["start:prod"] ports: - name: http containerPort: 5050 @@ -103,8 +90,8 @@ spec: periodSeconds: {{ .Values.global.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.global.readinessProbe.timeoutSeconds }} successThreshold: {{ .Values.global.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.global.readinessProbe.failureThreshold }} - {{- end }} + failureThreshold: {{ .Values.global.readinessProbe.failureThreshold }} + {{- end }} resources: {{- toYaml .Values.delegator.resources | nindent 12 }} diff --git a/delegator/templates/sa.yaml b/delegator/templates/sa.yaml index 6133abfb..ab997573 100644 --- a/delegator/templates/sa.yaml +++ b/delegator/templates/sa.yaml @@ -1,12 +1,10 @@ -{{- if .Values.delegator.serviceAccount.create -}} +{{- if .Values.global.secretManager -}} apiVersion: v1 kind: ServiceAccount metadata: - name: {{ .Values.delegator.serviceAccount.name }} - labels: - {{- include "orakl-delegator.labels.delegator" . | nindent 4 }} - {{- with .Values.delegator.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} + name: {{ .Values.deployment.name }}-{{ .Values.delegator.serviceAccount.name }} + labels: {{ .Values.deployment.name }} + # TODO: This annotation should be sync with GCP SA email injected from GH actions + # annotations: + # iam.gke.io/gcp-service-account: {{- end }} diff --git a/delegator/templates/service.yaml b/delegator/templates/service.yaml index 54f73042..576e3531 100644 --- a/delegator/templates/service.yaml +++ b/delegator/templates/service.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Service metadata: - name: orakl-delegator + name: {{ .Values.deployment.name }} spec: # type: ClusterIP ports: @@ -11,4 +11,4 @@ spec: type: LoadBalancer loadBalancerIP: 34.87.152.175 selector: - {{- include "orakl-delegator.selectorLabels.delegator" . | nindent 4 }} + app: {{ .Values.deployment.name }} diff --git a/delegator/templates/tests/test-connection.yaml b/delegator/templates/tests/test-connection.yaml deleted file mode 100644 index 89def0ba..00000000 --- a/delegator/templates/tests/test-connection.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: "{{ include "orakl-delegator.fullname" . }}-test-connection" - labels: - {{- include "orakl-delegator.labels" . | nindent 4 }} - annotations: - "helm.sh/hook": test -spec: - containers: - - name: wget - image: busybox - command: ['wget'] - args: ['{{ include "orakl-delegator.fullname" . }}'] - restartPolicy: Never diff --git a/delegator/values.yaml b/delegator/values.yaml index dbb5e785..ad828c11 100644 --- a/delegator/values.yaml +++ b/delegator/values.yaml @@ -1,30 +1,25 @@ -## Klaytn Orakl Listener Configuration +## Klaytn Orakl Go Delegator Configuration ## created by Bisonai global: name: delegator namespace: orakl - image: repository: public.ecr.aws/bisonai/orakl-delegator #repository url pullPolicy: IfNotPresent - tag: "v0.0.1.20231211.0735.867d885" + tag: "v0.0.1.20240326.0927.a8a6135" imagePullPolicy: IfNotPresent # -- If defined, uses a Secret to pull an image from a private Docker registry or repository imagePullSecrets: [] - secretManager: - enabled: false + enabled: true secretId: versionId: - affinity: enabled: false key: kubernetes.io/hostname value: - podAnnotations: - livenessProbe: enabled: true path: /api/v1/ @@ -33,7 +28,6 @@ global: timeoutSeconds: 5 successThreshold: 1 failureThreshold: 5 - readinessProbe: enabled: true path: /api/v1/ @@ -42,24 +36,16 @@ global: timeoutSeconds: 1 successThreshold: 1 failureThreshold: 5 - delegator: enabled: true replicas: 1 serviceAccount: - # -- Create a service account for the application controller - create: false - # -- Service account name - name: internal-app - # -- Annotations applied to created service account + create: true + name: sa annotations: {} - # -- Automount API credentials for the Service Account automountServiceAccountToken: true - podSecurityContext: {} - containerSecurityContext: {} - resources: limits: cpu: 500m @@ -67,7 +53,9 @@ delegator: requests: cpu: 500m memory: 1Gi - nodeSelector: {} tolerations: [] dotenv: {} +deployment: + name: orakl-delegator + replicas: 1 diff --git a/godelegator/Chart.yaml b/godelegator/Chart.yaml deleted file mode 100644 index a4c43373..00000000 --- a/godelegator/Chart.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v2 -name: orakl-godelegator -description: A Helm chart for Kubernetes -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -# Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.1 -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. Versions are not expected to -# follow Semantic Versioning. They should reflect the version the application is using. -# It is recommended to use it with quotes. -appVersion: "v0.0.1.20240313.0958.82d191d" diff --git a/godelegator/templates/deployment.yaml b/godelegator/templates/deployment.yaml deleted file mode 100644 index e3ca29a2..00000000 --- a/godelegator/templates/deployment.yaml +++ /dev/null @@ -1,111 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ .Values.deployment.name }} - labels: - app: {{ .Values.deployment.name }} - app.kubernetes.io/name: {{ .Values.deployment.name }} - app.kubernetes.io/instance: {{ .Values.deployment.name }} -spec: - replicas: {{ .Values.godelegator.replicas }} - selector: - matchLabels: - app: {{ .Values.deployment.name }} - app.kubernetes.io/name: {{ .Values.deployment.name }} - app.kubernetes.io/instance: {{ .Values.deployment.name }} - template: - metadata: - {{- with .Values.global.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - app: {{ .Values.deployment.name }} - app.kubernetes.io/name: {{ .Values.deployment.name }} - app.kubernetes.io/instance: {{ .Values.deployment.name }} - spec: - {{- with .Values.global.image.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ .Values.deployment.name }}-{{ .Values.godelegator.serviceAccount.name }} - securityContext: - {{- toYaml .Values.godelegator.podSecurityContext | nindent 8 }} - {{- if .Values.global.affinity.enabled }} - affinity: - nodeAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 1 - preference: - matchExpressions: - - key: {{ .Values.global.affinity.key }} - operator: In - values: - - {{ .Values.global.affinity.value }} - {{- end }} - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.godelegator.containerSecurityContext | nindent 12 }} - image: "{{ .Values.global.image.repository }}:{{ .Values.global.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.global.image.pullPolicy }} - env: - - name: DATABASE_URL - valueFrom: - secretKeyRef: - name: godelegator-secrets - key: DATABASE_URL - - name: PROVIDER_URL - valueFrom: - secretKeyRef: - name: godelegator-secrets - key: PROVIDER_URL - - name: USE_GOOGLE_SECRET_MANAGER - valueFrom: - secretKeyRef: - name: godelegator-secrets - key: USE_GOOGLE_SECRET_MANAGER - - name: GOOGLE_SECRET_PATH - valueFrom: - secretKeyRef: - name: godelegator-secrets - key: GOOGLE_SECRET_PATH - - name: APP_PORT - value: "5050" - ports: - - name: http - containerPort: 5050 - protocol: TCP - {{- if .Values.global.livenessProbe.enabled }} - livenessProbe: - httpGet: - path: {{ .Values.global.livenessProbe.path }} - port: 5050 - initialDelaySeconds: {{ .Values.global.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.global.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.global.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.global.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.global.livenessProbe.failureThreshold }} - {{- end }} - {{- if .Values.global.readinessProbe.enabled }} - readinessProbe: - httpGet: - path: {{ .Values.global.readinessProbe.path }} - port: 5050 - initialDelaySeconds: {{ .Values.global.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.global.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.global.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.global.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.global.readinessProbe.failureThreshold }} - {{- end }} - resources: - {{- toYaml .Values.godelegator.resources | nindent 12 }} - - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/godelegator/templates/sa.yaml b/godelegator/templates/sa.yaml deleted file mode 100644 index 4c18f44f..00000000 --- a/godelegator/templates/sa.yaml +++ /dev/null @@ -1,10 +0,0 @@ -{{- if .Values.global.secretManager -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ .Values.deployment.name }}-{{ .Values.godelegator.serviceAccount.name }} - labels: {{ .Values.deployment.name }} - # TODO: This annotation should be sync with GCP SA email injected from GH actions - # annotations: - # iam.gke.io/gcp-service-account: -{{- end }} diff --git a/godelegator/templates/service.yaml b/godelegator/templates/service.yaml deleted file mode 100644 index 576e3531..00000000 --- a/godelegator/templates/service.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.deployment.name }} -spec: - # type: ClusterIP - ports: - - port: 5050 - targetPort: http - protocol: TCP - type: LoadBalancer - loadBalancerIP: 34.87.152.175 - selector: - app: {{ .Values.deployment.name }} diff --git a/godelegator/values.yaml b/godelegator/values.yaml deleted file mode 100644 index 21e6ee46..00000000 --- a/godelegator/values.yaml +++ /dev/null @@ -1,61 +0,0 @@ -## Klaytn Orakl Go Delegator Configuration -## created by Bisonai - -global: - name: godelegator - namespace: orakl - image: - repository: public.ecr.aws/bisonai/orakl-godelegator #repository url - pullPolicy: IfNotPresent - tag: "v0.0.1.20240313.0958.82d191d" - imagePullPolicy: IfNotPresent - # -- If defined, uses a Secret to pull an image from a private Docker registry or repository - imagePullSecrets: [] - secretManager: - enabled: true - secretId: - versionId: - affinity: - enabled: false - key: kubernetes.io/hostname - value: - podAnnotations: - livenessProbe: - enabled: true - path: /api/v1/ - initialDelaySeconds: 10 - periodSeconds: 5 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 5 - readinessProbe: - enabled: true - path: /api/v1/ - initialDelaySeconds: 10 - periodSeconds: 5 - timeoutSeconds: 1 - successThreshold: 1 - failureThreshold: 5 -godelegator: - enabled: true - replicas: 1 - serviceAccount: - create: true - name: sa - annotations: {} - automountServiceAccountToken: true - podSecurityContext: {} - containerSecurityContext: {} - resources: - limits: - cpu: 500m - memory: 1Gi - requests: - cpu: 500m - memory: 1Gi -nodeSelector: {} -tolerations: [] -dotenv: {} -deployment: - name: orakl-godelegator - replicas: 1 diff --git a/secret-store/delegator-secret.yaml b/secret-store/delegator-secret.yaml index 09b85158..75e7a67d 100644 --- a/secret-store/delegator-secret.yaml +++ b/secret-store/delegator-secret.yaml @@ -8,11 +8,19 @@ spec: name: vault-backend kind: SecretStore data: - - secretKey: DATABASE_URL - remoteRef: - key: baobab/delegator - property: DATABASE_URL - - secretKey: PROVIDER_URL - remoteRef: - key: baobab/delegator - property: PROVIDER_URL \ No newline at end of file + - secretKey: DATABASE_URL + remoteRef: + key: baobab/delegator + property: DATABASE_URL + - secretKey: PROVIDER_URL + remoteRef: + key: baobab/delegator + property: PROVIDER_URL + - secretKey: USE_GOOGLE_SECRET_MANAGER + remoteRef: + key: baobab/delegator + property: USE_GOOGLE_SECRET_MANAGER + - secretKey: GOOGLE_SECRET_PATH + remoteRef: + key: baobab/delegator + property: GOOGLE_SECRET_PATH diff --git a/secret-store/godelegator-secret.yaml b/secret-store/godelegator-secret.yaml deleted file mode 100644 index fbf0e62d..00000000 --- a/secret-store/godelegator-secret.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: godelegator-secrets -spec: - refreshInterval: "15s" - secretStoreRef: - name: vault-backend - kind: SecretStore - data: - - secretKey: DATABASE_URL - remoteRef: - key: baobab/godelegator - property: DATABASE_URL - - secretKey: PROVIDER_URL - remoteRef: - key: baobab/godelegator - property: PROVIDER_URL - - secretKey: USE_GOOGLE_SECRET_MANAGER - remoteRef: - key: baobab/godelegator - property: USE_GOOGLE_SECRET_MANAGER - - secretKey: GOOGLE_SECRET_PATH - remoteRef: - key: baobab/godelegator - property: GOOGLE_SECRET_PATH