feat: add helm chart for CDN (#307)

.github/workflows/image-release.yml

@@ -10,6 +10,7 @@ on:
         options:
           - keycloak
           - otelcollector
+          - cdn
           - controlplane
           - studio
           - graphqlmetrics

.github/workflows/images-ci.yaml

@@ -31,6 +31,9 @@ jobs:
     strategy:
       matrix:
         include:
+          - container_name: cdn
+            dockerfile: cdn-server/Dockerfile
+            context_path: .
           - container_name: controlplane
             dockerfile: controlplane/Dockerfile
             context_path: .

Makefile

@@ -116,5 +116,6 @@ docker-build-minikube: docker-build-local
 	minikube image load ghcr.io/wundergraph/cosmo/otelcollector:latest & \
 	minikube image load ghcr.io/wundergraph/cosmo/router:latest & \
 	minikube image load ghcr.io/wundergraph/cosmo/graphqlmetrics:latest & \
-	minikube image load ghcr.io/wundergraph/cosmo/keycloak:latest
+	minikube image load ghcr.io/wundergraph/cosmo/keycloak:latest & \
+	minikube image load ghcr.io/wundergraph/cosmo/cdn:latest
 	minikube cache reload

cdn-server/Dockerfile

@@ -0,0 +1,34 @@
+FROM node:18 as builder
+
+WORKDIR /app
+
+# Ensure we have pnpm available to us
+RUN npm install --global pnpm@8
+
+# Files required by pnpm install.
+COPY .npmrc package.json pnpm-lock.yaml pnpm-workspace.yaml ./
+
+# Files required by pnpm install for each package. Tried pnpm fetch but errors.
+COPY cdn-server/package.json cdn-server/
+COPY cdn-server/cdn/package.json cdn-server/cdn/
+
+RUN pnpm install --filter=./cdn-server/cdn --filter=./cdn-server --frozen-lockfile
+
+COPY . /app/
+RUN pnpm run --filter=./cdn-server/cdn --filter=./cdn-server build
+
+# Deploy
+RUN pnpm --filter=./cdn-server --prod deploy pruned
+
+FROM node:18-slim
+
+WORKDIR /app
+
+ENV NODE_ENV production
+
+# Fetch built artifacts
+COPY --from=builder /app/pruned .
+
+CMD ["node", "dist", "index.js"]
+
+EXPOSE 8787

cdn-server/package.json

@@ -1,17 +1,22 @@
 {
-  "name": "@wundergraph/cdn-server",
+  "name": "cdn",
   "version": "0.1.0",
   "author": {
     "name": "WunderGraph Maintainers",
     "email": "info@wundergraph.com"
   },
+  "main": "dist/index.js",
+  "files": [
+    "dist"
+  ],
   "license": "Apache-2.0",
   "scripts": {
     "dev": "tsx watch src/index.ts",
     "build": "del dist && tsc",
     "start": "tsx src/index.ts",
     "lint": "eslint --cache && prettier -c src",
-    "format:fix": "prettier --write -c src"
+    "format:fix": "prettier --write -c src",
+    "postversion": "name=\"$(node -p \"var a = require('./package.json');process.stdout.write(a.name);process.exit(0)\")\"; version=\"$(node -p \"var a = require('./package.json');process.stdout.write(a.version);process.exit(0)\")\"; gh workflow run image-release.yml -F name=$name -F tag=$version -F dockerContext=."
   },
   "dependencies": {
     "@aws-sdk/client-s3": "^3.445.0",

cdn-server/src/index.ts

@@ -2,7 +2,7 @@ import dotenv from 'dotenv';
 import { serve } from '@hono/node-server';
 import { Hono } from 'hono';
 import { logger } from 'hono/logger';
-import { cdn } from '../cdn/src/index';
+import { cdn } from '@wundergraph/cosmo-cdn';
 import { createS3BlobStorage } from './s3';
 
 dotenv.config();
@@ -22,5 +22,22 @@ cdn(app, {
   blobStorage,
 });
 
+let exiting = false;
+app.get('/health', (c) => {
+  if (exiting) {
+    c.status(503);
+    return c.json({ status: 'exiting' });
+  }
+  return c.json({ status: 'ok' });
+});
+
 const port = process.env.PORT ? Number.parseInt(process.env.PORT, 10) : 8787;
-serve({ fetch: app.fetch, port });
+const server = serve({ fetch: app.fetch, port });
+const exit = () => {
+  exiting = true;
+  server.close();
+  // eslint-disable-next-line unicorn/no-process-exit
+  process.exit(0);
+};
+process.on('SIGTERM', exit);
+process.on('SIGINT', exit);

cdn-server/tsconfig.json

@@ -5,6 +5,6 @@
     "outDir": "./dist",
     "module": "commonjs"
   },
-  "include": ["src/**/*"],
+  "include": ["src"],
   "exclude": ["node_modules"]
 }

docker-compose.cosmo.yml

@@ -3,6 +3,17 @@ version: "3.8"
 name: cosmo
 services:
 
+  cdn:
+    image: ghcr.io/wundergraph/cosmo/cdn:${DC_CDN_VERSION:-latest}
+    build:
+      context: .
+      dockerfile: cdn-server/Dockerfile
+      cache_from:
+        - ghcr.io/wundergraph/cosmo/cdn:buildcache
+      args:
+        GITHUB_SHA: ${GITHUB_SHA:-latest}
+        GITHUB_REF: ${GITHUB_REF:-latest}
+
   keycloak:
     image: ghcr.io/wundergraph/cosmo/keycloak:${DC_KEYCLOAK_VERSION:-latest}
     build:

docker-compose.full.yml

@@ -141,9 +141,26 @@ services:
     restart: unless-stopped
     networks:
       - primary
+    profiles:
+      - default
 
   # Cosmo Platform
 
+  cdn:
+    build:
+      context: .
+      dockerfile: cdn-server/Dockerfile
+    environment:
+      - PORT=11000
+      - AUTH_JWT_SECRET=fkczyomvdprgvtmvkuhvprxuggkbgwld
+      - S3_STORAGE_URL=http://${MINIO_ROOT_USER:-minio}:${MINIO_ROOT_PASSWORD:-changeme}@minio:9000/cosmo
+    ports:
+      - "11000:11000"
+    networks:
+      - primary
+    profiles:
+      - default
+
   graphqlmetrics:
     image: ghcr.io/wundergraph/cosmo/graphqlmetrics:${DC_GRAPHQLMETRICS_VERSION:-latest}
     platform: linux/amd64

docker-compose.yml

@@ -138,6 +138,19 @@ services:
     networks:
       - primary
 
+  cdn:
+    build:
+      context: .
+      dockerfile: cdn-server/Dockerfile
+    environment:
+      - PORT=11000
+      - AUTH_JWT_SECRET=fkczyomvdprgvtmvkuhvprxuggkbgwld
+      - S3_STORAGE_URL=http://${MINIO_ROOT_USER:-minio}:${MINIO_ROOT_PASSWORD:-changeme}@minio:9000/cosmo
+    ports:
+      - "11000:11000"
+    networks:
+      - primary
+
 # This network is shared between this file and docker-compose.full.yml to
 # allow the demo subgraphs to communicate with the rest of the infra
 networks:

helm/cosmo/CHART.md

@@ -28,6 +28,8 @@ This is the official Helm Chart for WunderGraph Cosmo - The Full Lifecycle Graph
 
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
+| global.cdn.enabled | bool | `false` |  |
+| global.cdn.s3StorageUrl | string | `"http://minio:changeme@cosmo-minio:9000/cosmo"` |  |
 | global.clickhouse.enabled | bool | `false` |  |
 | global.controlplane.enabled | bool | `false` |  |
 | global.controlplane.jwtSecret | string | `"1YQ4YR18WWNEWCLUIUKN5WVQ31HWDHEM"` |  |

helm/cosmo/charts/cdn/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

helm/cosmo/charts/cdn/CHART.md

@@ -0,0 +1,49 @@
+# cdn
+
+![Version: 0.0.1](https://img.shields.io/badge/Version-0.0.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square)
+
+WunderGraph Cosmo CDN
+
+**Homepage:** <https://wundergraph.com>
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| affinity | object | `{}` |  |
+| autoscaling.enabled | bool | `false` |  |
+| autoscaling.maxReplicas | int | `100` |  |
+| autoscaling.minReplicas | int | `1` |  |
+| autoscaling.targetCPUUtilizationPercentage | int | `80` |  |
+| configuration | string | `nil` |  |
+| deploymentStrategy | object | `{}` |  |
+| fullnameOverride | string | `""` |  |
+| image.pullPolicy | string | `"IfNotPresent"` |  |
+| image.registry | string | `"ghcr.io"` |  |
+| image.repository | string | `"wundergraph/cosmo/cdn"` |  |
+| image.version | string | `"latest"` |  |
+| imagePullSecrets | list | `[]` |  |
+| ingress.hosts | string | `nil` |  |
+| ingress.tls | list | `[]` |  |
+| nameOverride | string | `""` |  |
+| nodeSelector | object | `{}` |  |
+| podAnnotations | object | `{}` |  |
+| podDisruptionBudget | object | `{}` | Sets the [pod disruption budget](https://kubernetes.io/docs/tasks/run-application/configure-pdb/) for Deployment pods |
+| podSecurityContext | object | `{}` |  |
+| priorityClassName | string | `""` | Set to existing PriorityClass name to control pod preemption by the scheduler |
+| probes.liveness | object | `{"failureThreshold":5,"httpGet":{"path":"/health","port":"http"},"initialDelaySeconds":10,"periodSeconds":10,"timeoutSeconds":5}` | Configure liveness probe |
+| probes.readiness | object | `{"failureThreshold":5,"httpGet":{"path":"/health","port":"http"},"initialDelaySeconds":5,"periodSeconds":5,"timeoutSeconds":3}` | Configure readiness probe |
+| replicaCount | int | `1` |  |
+| resources | object | `{}` |  |
+| securityContext | object | `{}` |  |
+| service.port | int | `8787` |  |
+| service.type | string | `"ClusterIP"` |  |
+| serviceAccount.annotations | object | `{}` |  |
+| serviceAccount.create | bool | `true` |  |
+| serviceAccount.name | string | `""` |  |
+| serviceAnnotations | object | `{}` |  |
+| terminationGracePeriodSeconds | int | `60` | Sets the [termination grace period](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#hook-handler-execution) for Deployment pods |
+| tolerations | list | `[]` |  |
+| volumeMounts | list | `[]` |  |
+| volumes | list | `[]` |  |
+

helm/cosmo/charts/cdn/Chart.yaml

@@ -0,0 +1,24 @@
+---
+apiVersion: v2
+name: cdn
+description: WunderGraph Cosmo CDN
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: "0.0.1"
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "0.0.1"
+home: https://wundergraph.com

helm/cosmo/charts/cdn/templates/NOTES.txt

@@ -0,0 +1,22 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range $host := .Values.ingress.hosts }}
+  {{- range .paths }}
+  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
+  {{- end }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "cdn.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "cdn.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "cdn.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "cdn.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}

helm/cosmo/charts/cdn/templates/_helpers.tpl

@@ -0,0 +1,73 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "cdn.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create the image path for the passed in image field
+*/}}
+{{- define "cdn.image" -}}
+{{- if eq (substr 0 7 .Values.image.version) "sha256:" -}}
+{{- printf "%s/%s@%s" .Values.image.registry .Values.image.repository .Values.image.version -}}
+{{- else -}}
+{{- printf "%s/%s:%s" .Values.image.registry .Values.image.repository (.Values.image.version | default .Chart.AppVersion) -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "cdn.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "cdn.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "cdn.labels" -}}
+helm.sh/chart: {{ include "cdn.chart" . }}
+{{ include "cdn.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "cdn.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "cdn.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "cdn.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "cdn.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}