diff --git a/swh/templates/listers/configmap.yaml b/swh/templates/listers/configmap.yaml index 973c26b..1ca2f12 100644 --- a/swh/templates/listers/configmap.yaml +++ b/swh/templates/listers/configmap.yaml @@ -1,42 +1,42 @@ {{ if .Values.listers.enabled -}} {{- range $lister_type, $deployment_config := .Values.listers.deployments -}} {{- $lister_name := ( print "lister-" $lister_type ) -}} --- apiVersion: v1 kind: ConfigMap metadata: name: {{ $lister_name }}-template namespace: {{ $.Values.namespace }} data: config.yml.template: | storage: cls: remote url: http://{{ $.Values.listers.storage.host }}:{{ $.Values.listers.storage.port }}/ scheduler: cls: remote url: http://{{ $.Values.listers.scheduler.host }}:{{ $.Values.listers.scheduler.port }}/ celery: - task_broker: ${host} + task_broker: amqp://${AMQP_USERNAME}:${AMQP_PASSWORD}@{{ $.Values.loaders.amqp.host }}:{{ $.Values.loaders.amqp.port }}/ task_acks_late: true task_queues: {{- range $queue := get $deployment_config "queues" }} - {{ $queue }} {{- end }} credentials: init-container-entrypoint.sh: | #!/bin/bash set -e CONFIG_FILE=/etc/swh/config.yml # substitute environment variables when creating the default config.yml eval echo \""$( $CONFIG_FILE CREDS_LISTER_PATH=/etc/credentials/listers/credentials [ -f $CREDS_LISTER_PATH ] && \ sed 's/^/ /g' $CREDS_LISTER_PATH >> $CONFIG_FILE {{ end }} {{- end -}} diff --git a/swh/templates/listers/deployment.yaml b/swh/templates/listers/deployment.yaml index e565e90..6ab9851 100644 --- a/swh/templates/listers/deployment.yaml +++ b/swh/templates/listers/deployment.yaml @@ -1,118 +1,129 @@ {{ if .Values.listers.enabled -}} {{- $configurationChecksum := include (print $.Template.BasePath "/listers/configmap.yaml") . -}} {{- range $lister_type, $deployment_config := .Values.listers.deployments -}} {{- $lister_name := ( print "lister-" $lister_type ) -}} --- apiVersion: apps/v1 kind: Deployment metadata: name: {{ $lister_name }} namespace: {{ $.Values.namespace }} labels: app: {{ $lister_name }} spec: revisionHistoryLimit: 2 selector: matchLabels: app: {{ $lister_name }} strategy: type: RollingUpdate rollingUpdate: maxSurge: 1 template: metadata: labels: app: {{ $lister_name }} annotations: # Force a rollout upgrade if the configuration changes checksum/config: {{ $configurationChecksum | sha256sum }} spec: {{- if $.Values.listers.affinity }} affinity: {{ toYaml $.Values.listers.affinity | nindent 8 }} {{- end }} initContainers: - name: prepare-configuration image: debian:bullseye imagePullPolicy: Always - envFrom: - - secretRef: - # define the ${host) values for configuration "celery > task_broker: " key - name: amqp-access-credentials + env: + - name: AMQP_USERNAME + valueFrom: + secretKeyRef: + name: common-secrets + key: rabbitmq-amqp-username + # 'name' secret must exist & include that ^ key + optional: false + - name: AMQP_PASSWORD + valueFrom: + secretKeyRef: + name: common-secrets + key: rabbitmq-amqp-password + # 'name' secret must exist & include that ^ key + optional: false command: - /entrypoint.sh volumeMounts: - name: configuration-template mountPath: /entrypoint.sh subPath: "init-container-entrypoint.sh" readOnly: true - name: configuration mountPath: /etc/swh - name: configuration-template mountPath: /etc/swh/configuration-template - name: lister-credentials-secrets mountPath: /etc/credentials/listers readOnly: true containers: - name: listers resources: requests: memory: {{ get $deployment_config "requestedMemory" | default "512Mi" }} cpu: {{ get $deployment_config "requestedCpu" | default "500m" }} limits: memory: "4000Mi" cpu: "1200m" image: {{ $.Values.swh_listers_image }}:{{ $.Values.swh_listers_image_version }} imagePullPolicy: Always command: - /bin/bash args: - -c - /opt/swh/entrypoint.sh lifecycle: preStop: exec: command: ["kill", "1"] env: - name: STATSD_HOST value: {{ $.Values.statsdExternalHost | default "prometheus-statsd-exporter" }} - name: STATSD_PORT value: {{ $.Values.statsdPort | default "9125" | quote }} - name: MAX_TASKS_PER_CHILD value: {{ get $deployment_config "maxTasksPerChild" | default 1 | quote }} - name: LOGLEVEL value: {{ get $deployment_config "logLevel" | default "INFO" | quote }} - name: SWH_CONFIG_FILENAME value: /etc/swh/config.yml - name: SWH_SENTRY_ENVIRONMENT value: {{ $.Values.sentry.environment }} - name: SWH_MAIN_PACKAGE value: {{ $.Values.listers.sentrySwhPackage }} - name: SWH_SENTRY_DSN valueFrom: secretKeyRef: - name: lister-sentry-secrets - key: sentry-dsn + name: common-secrets + key: lister-sentry-dsn # 'name' secret must exist & include key "host" optional: false volumeMounts: - name: configuration mountPath: /etc/swh volumes: - name: configuration emptyDir: {} - name: configuration-template configMap: name: {{ $lister_name }}-template defaultMode: 0777 items: - key: "config.yml.template" path: "config.yml.template" - key: "init-container-entrypoint.sh" path: "init-container-entrypoint.sh" - name: lister-credentials-secrets secret: secretName: lister-credentials-secrets optional: true {{ end }} {{- end -}}