diff --git a/helm/Chart.yaml b/helm/Chart.yaml new file mode 100644 index 0000000..ff8d0a2 --- /dev/null +++ b/helm/Chart.yaml @@ -0,0 +1,13 @@ +apiVersion: v2 +name: command-bot +description: A Helm chart for Kubernetes +type: application +version: 0.1.0 +appVersion: "0.1.0" +dependencies: + # - name: gcloud-sqlproxy + # version: "0.22.6" + # repository: "https://charts.rimusz.net" + - name: common + version: "0.7.2" + repository: "https://paritytech.github.io/helm-charts/" \ No newline at end of file diff --git a/helm/values-parity-prod.yaml b/helm/values-parity-prod.yaml new file mode 100644 index 0000000..ace3698 --- /dev/null +++ b/helm/values-parity-prod.yaml @@ -0,0 +1,63 @@ +gcloud-sqlproxy: + serviceAccount: + annotations: + iam.gke.io/gcp-service-account: "command-bot@parity-prod.iam.gserviceaccount.com" + cloudsql: + instances: + - instance: "command-bot-pgsql" + project: "parity-prod" + region: "europe-west3" + port: 5432 + +common: + image: + tag: v0.38.0-3bbce12d + env: + GITLAB_PUSH_NAMESPACE: parity/mirrors + GITLAB_JOB_IMAGE: paritytech/ci-unified:bullseye-1.77.0-2024-04-10-v20240408 + GITLAB_DOMAIN: gitlab.parity.io + DATA_PATH: /data + IS_DEPLOYMENT: true + TMPDIR: /data/tmp + TASK_DB_VERSION: v3 + PING_PORT: 3001 + LOG_FORMAT: json + MIN_LOG_LEVEL: debug + DB_CLIENT: postgres + DB_PORT: 5432 + CMD_BOT_URL: https://command-bot.parity-prod.parity.io/ + BOT_PR_COMMENT_MENTION: bot + PIPELINE_SCRIPTS_REF: main + PROCESSBOT_SUPPORTED_REPOS: "substrate,polkadot,cumulus" + secrets: + ALLOWED_ORGANIZATIONS: ref+vault://kv/argo-cd/command-bot/devops-parity-prod#ALLOWED_ORGANIZATIONS + APP_ID: ref+vault://kv/argo-cd/command-bot/devops-parity-prod#APP_ID + CLIENT_ID: ref+vault://kv/argo-cd/command-bot/devops-parity-prod#CLIENT_ID + CLIENT_SECRET: ref+vault://kv/argo-cd/command-bot/devops-parity-prod#CLIENT_SECRET + GITLAB_ACCESS_TOKEN: ref+vault://kv/argo-cd/command-bot/devops-parity-prod#GITLAB_ACCESS_TOKEN + GITLAB_ACCESS_TOKEN_USERNAME: ref+vault://kv/argo-cd/command-bot/devops-parity-prod#GITLAB_ACCESS_TOKEN_USERNAME + MASTER_TOKEN: ref+vault://kv/argo-cd/command-bot/devops-parity-prod#MASTER_TOKEN + PRIVATE_KEY_BASE64: ref+vault://kv/argo-cd/command-bot/devops-parity-prod#PRIVATE_KEY_BASE64 + WEBHOOK_SECRET: ref+vault://kv/argo-cd/command-bot/devops-parity-prod#WEBHOOK_SECRET + DB_USER: ref+vault://kv/argo-cd/command-bot/devops-parity-prod#DB_USER + DB_PASSWORD: ref+vault://kv/argo-cd/command-bot/devops-parity-prod#DB_PASSWORD + DB_HOST: ref+vault://kv/argo-cd/command-bot/devops-parity-prod#DB_HOST + DB_NAME: ref+vault://kv/argo-cd/command-bot/devops-parity-prod#DB_NAME + ingress: + annotations: + external-dns.alpha.kubernetes.io/target: traefik-external.parity-prod.parity.io. + rules: + - host: command-bot.parity-prod.parity.io + http: + paths: + - path: / + pathType: ImplementationSpecific + backend: + service: + name: command-bot + port: + name: http + tls: + - hosts: + - command-bot.parity-prod.parity.io + secretName: command-bot.parity-prod.parity.io diff --git a/helm/values-parity-stg.yaml b/helm/values-parity-stg.yaml new file mode 100644 index 0000000..a8510bd --- /dev/null +++ b/helm/values-parity-stg.yaml @@ -0,0 +1,61 @@ +gcloud-sqlproxy: + serviceAccount: + annotations: + iam.gke.io/gcp-service-account: "command-bot@parity-stg.iam.gserviceaccount.com" + cloudsql: + instances: + - instance: "command-bot-pgsql" + project: "parity-stg" + region: "europe-west3" + port: 5432 + +common: + env: + GITLAB_PUSH_NAMESPACE: parity/mirrors + GITLAB_JOB_IMAGE: paritytech/ci-unified:bullseye-1.77.0-2024-04-10-v20240408 + GITLAB_DOMAIN: gitlab-stg.parity.io + DATA_PATH: /data + IS_DEPLOYMENT: true + TMPDIR: /data/tmp + TASK_DB_VERSION: v3 + PING_PORT: 3001 + LOG_FORMAT: json + MIN_LOG_LEVEL: debug + DB_CLIENT: postgres + DB_PORT: 5432 + CMD_BOT_URL: https://command-bot.parity-stg.parity.io/ + PIPELINE_SCRIPTS_REF: main + BOT_PR_COMMENT_MENTION: bot + PROCESSBOT_SUPPORTED_REPOS: "substrate,polkadot,cumulus" + secrets: + ALLOWED_ORGANIZATIONS: ref+vault://kv/argo-cd/command-bot/devops-parity-stg#ALLOWED_ORGANIZATIONS + APP_ID: ref+vault://kv/argo-cd/command-bot/devops-parity-stg#APP_ID + CLIENT_ID: ref+vault://kv/argo-cd/command-bot/devops-parity-stg#CLIENT_ID + CLIENT_SECRET: ref+vault://kv/argo-cd/command-bot/devops-parity-stg#CLIENT_SECRET + GITLAB_ACCESS_TOKEN: ref+vault://kv/argo-cd/command-bot/devops-parity-stg#GITLAB_ACCESS_TOKEN + GITLAB_ACCESS_TOKEN_USERNAME: ref+vault://kv/argo-cd/command-bot/devops-parity-stg#GITLAB_ACCESS_TOKEN_USERNAME + MASTER_TOKEN: ref+vault://kv/argo-cd/command-bot/devops-parity-stg#MASTER_TOKEN + PRIVATE_KEY_BASE64: ref+vault://kv/argo-cd/command-bot/devops-parity-stg#PRIVATE_KEY_BASE64 + WEBHOOK_SECRET: ref+vault://kv/argo-cd/command-bot/devops-parity-stg#WEBHOOK_SECRET + DB_USER: ref+vault://kv/argo-cd/command-bot/devops-parity-stg#DB_USER + DB_PASSWORD: ref+vault://kv/argo-cd/command-bot/devops-parity-stg#DB_PASSWORD + DB_HOST: ref+vault://kv/argo-cd/command-bot/devops-parity-stg#DB_HOST + DB_NAME: ref+vault://kv/argo-cd/command-bot/devops-parity-stg#DB_NAME + ingress: + annotations: + external-dns.alpha.kubernetes.io/target: traefik-external.parity-stg.parity.io. + rules: + - host: command-bot.parity-stg.parity.io + http: + paths: + - path: / + pathType: ImplementationSpecific + backend: + service: + name: command-bot + port: + name: http + tls: + - hosts: + - command-bot.parity-stg.parity.io + secretName: command-bot.parity-stg.parity.io diff --git a/helm/values.yaml b/helm/values.yaml new file mode 100644 index 0000000..626b53c --- /dev/null +++ b/helm/values.yaml @@ -0,0 +1,78 @@ +# gcloud-sqlproxy: +# serviceAccountName: "command-bot" +# serviceAccount: +# create: true +# name: command-bot +# networkPolicy: +# enabled: false + +common: + fullnameOverride: "command-bot" + extraLabels: + team: "opstooling" + serviceAccount: + create: false + image: + # tag is set in ci https://github.com/paritytech/command-bot/blob/master/.gitlab-ci.yml + repository: docker.io/paritytech/command-bot + envFrom: + - secretRef: + name: command-bot + service: + ports: + - name: http + protocol: TCP + port: 80 + targetPort: 3000 + ingress: + enabled: true + annotations: + cert-manager.io/cluster-issuer: letsencrypt-dns01 + kubernetes.io/ingress.class: traefik-external + traefik.ingress.kubernetes.io/router.entrypoints: web,websecure + traefik.ingress.kubernetes.io/router.tls: "true" + persistence: + enabled: true + mountPath: "" + subPath: "" + annotations: {} + storageClass: hdd-csi + size: 100G + accessModes: + - ReadWriteOnce + env: + GITLAB_PUSH_NAMESPACE: parity/mirrors + GITLAB_JOB_IMAGE: paritytech/ci-unified:bullseye-1.77.0-2024-04-10-v20240408 + GITLAB_DOMAIN: gitlab.parity.io + PIPELINE_SCRIPTS_REPOSITORY: https://github.com/paritytech/command-bot-scripts/ + PIPELINE_SCRIPTS_REF: main + # We only want one instance at all times so that the execution queue can be + # sanely tracked across multiple MRs. + autoscaling: + enabled: false + + livenessProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 60 + periodSeconds: 5 + + readinessProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 60 + periodSeconds: 5 + + serviceMonitor: + enabled: true + endpoints: + - port: http + path: /metrics + interval: 1m + scheme: http + scrapeTimeout: 30s + honorLabels: true + targetLabels: + - team