From 5a9a7de643b1ac170fac38a2a16ce4d73b6f4eb2 Mon Sep 17 00:00:00 2001 From: Karl Cardenas Date: Fri, 22 Mar 2024 16:20:24 -0700 Subject: [PATCH] chore: update terraform (#25) --- deployment/k8s-generic/spectromate.yaml | 132 +++++++++--------- deployment/terraform/README.md | 13 +- deployment/terraform/application-profile.tf | 4 +- deployment/terraform/inputs.tf | 10 +- deployment/terraform/manifests/container.yaml | 106 +++++++------- 5 files changed, 136 insertions(+), 129 deletions(-) diff --git a/deployment/k8s-generic/spectromate.yaml b/deployment/k8s-generic/spectromate.yaml index 7c39c4c..9fecfb1 100644 --- a/deployment/k8s-generic/spectromate.yaml +++ b/deployment/k8s-generic/spectromate.yaml @@ -49,26 +49,26 @@ spec: app: redis spec: containers: - - name: redis - image: redis:7.0.5-alpine3.17 - ports: - - containerPort: 6379 - name: redis - env: - - name: REDIS_USER - value: "default" - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: redis-secret - key: redis-password - resources: - limits: - memory: "500Mi" - cpu: "500m" - requests: - memory: "500Mi" - cpu: "500m" + - name: redis + image: redis:7.0.5-alpine3.17 + ports: + - containerPort: 6379 + name: redis + env: + - name: REDIS_USER + value: "default" + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: redis-secret + key: redis-password + resources: + limits: + memory: "500Mi" + cpu: "500m" + requests: + memory: "500Mi" + cpu: "500m" --- apiVersion: v1 kind: Service @@ -100,52 +100,52 @@ spec: app: slackbot spec: containers: - - name: slackbot - image: ghcr.io/spectrocloud/spectromate:v1.0.6 - ports: - - containerPort: 3000 - name: slackbot - env: - - name: SLACK_SIGNING_SECRET - valueFrom: - secretKeyRef: - name: slack-signing-secret - key: slack-signing-secret - - name: MENDABLE_API_KEY - valueFrom: - secretKeyRef: - name: mendable-api-key - key: mendable-api-key - - name: REDIS_URL - value: "redis.spectromate.svc.cluster.local" - - name: REDIS_PORT - value: "6379" - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: redis-secret - key: redis-password - - name: REDIS_USER - value: "default" - resources: - limits: - memory: "500Mi" - cpu: "500m" - requests: - memory: "500Mi" - cpu: "500m" - livenessProbe: - httpGet: - path: /api/v1/health - port: 3000 - initialDelaySeconds: 10 - periodSeconds: 3 - readinessProbe: - httpGet: - path: /api/v1/health - port: 3000 - initialDelaySeconds: 5 - periodSeconds: 3 + - name: slackbot + image: ghcr.io/spectrocloud/spectromate:v1.0.9 + ports: + - containerPort: 3000 + name: slackbot + env: + - name: SLACK_SIGNING_SECRET + valueFrom: + secretKeyRef: + name: slack-signing-secret + key: slack-signing-secret + - name: MENDABLE_API_KEY + valueFrom: + secretKeyRef: + name: mendable-api-key + key: mendable-api-key + - name: REDIS_URL + value: "redis.spectromate.svc.cluster.local" + - name: REDIS_PORT + value: "6379" + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: redis-secret + key: redis-password + - name: REDIS_USER + value: "default" + resources: + limits: + memory: "500Mi" + cpu: "500m" + requests: + memory: "500Mi" + cpu: "500m" + livenessProbe: + httpGet: + path: /api/v1/health + port: 3000 + initialDelaySeconds: 10 + periodSeconds: 3 + readinessProbe: + httpGet: + path: /api/v1/health + port: 3000 + initialDelaySeconds: 5 + periodSeconds: 3 --- apiVersion: v1 kind: Service diff --git a/deployment/terraform/README.md b/deployment/terraform/README.md index 3d22cfe..b3f78d6 100644 --- a/deployment/terraform/README.md +++ b/deployment/terraform/README.md @@ -2,15 +2,15 @@ | Name | Version | |------|---------| -| [random](#requirement\_random) | >= 3.5.1 | -| [spectrocloud](#requirement\_spectrocloud) | >= 0.16.0 | +| [random](#requirement\_random) | >= 3.6.0 | +| [spectrocloud](#requirement\_spectrocloud) | >= 0.17.4 | ## Providers | Name | Version | |------|---------| -| [random](#provider\_random) | 3.5.1 | -| [spectrocloud](#provider\_spectrocloud) | 0.16.0 | +| [random](#provider\_random) | 3.6.0 | +| [spectrocloud](#provider\_spectrocloud) | 0.17.4 | ## Modules @@ -33,15 +33,16 @@ No modules. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [app\_version](#input\_app\_version) | The version of the Spectromate application profile in Palette. | `string` | `"1.0.1"` | no | +| [app\_version](#input\_app\_version) | The version of the Spectromate application profile in Palette. | `string` | `"1.0.7"` | no | | [application\_name](#input\_application\_name) | The name of the application to create. | `string` | `"spectromate-app"` | no | | [cluster-group-name](#input\_cluster-group-name) | The name of the cluster group to use for the virtual cluster | `string` | `"beehive"` | no | | [cluster\_name](#input\_cluster\_name) | The name of the cluster to create. | `string` | `"cluster-1"` | no | | [cluster\_resources](#input\_cluster\_resources) | The resources to allocate to the virtual cluster | 
map(object({
    max_cpu           = number
    max_mem_in_mb     = number
    min_cpu           = number
    min_mem_in_mb     = number
    max_storage_in_gb = string
    min_storage_in_gb = string
  }))
| 
{
  "resources": {
    "max_cpu": 6,
    "max_mem_in_mb": 6144,
    "max_storage_in_gb": "6",
    "min_cpu": 0,
    "min_mem_in_mb": 0,
    "min_storage_in_gb": "0"
  }
}
| no | -| [image](#input\_image) | The Spectromate image to deploy. | `string` | `"ghcr.io/spectrocloud/spectromate:v1.0.2"` | no | +| [image](#input\_image) | The Spectromate image to deploy. | `string` | `"ghcr.io/spectrocloud/spectromate:v1.0.9"` | no | | [mendable\_api\_key](#input\_mendable\_api\_key) | The value of the Mendable API Key. Set using TF\_VAR environment variable. | `string` | n/a | yes | | [project](#input\_project) | The name of the Spectro Cloud project to use. | `string` | `"Default"` | no | | [redis\_database\_volume\_size](#input\_redis\_database\_volume\_size) | The size of the Redis database volume in GiB. | `string` | `"3"` | no | +| [redis\_password](#input\_redis\_password) | The password for the Redis database. | `string` | `""` | no | | [slack\_signing\_secret](#input\_slack\_signing\_secret) | The value of the Slack Signing Secret. Set using TF\_VAR environment variable. | `string` | n/a | yes | | [tags](#input\_tags) | The default tags to apply to Palette resources | `list(string)` | 
[
  "spectro-cloud-education",
  "app:spectromate",
  "repository:spectrocloud/spectromate",
  "terraform_managed:true"
]
| no | | [trace\_level](#input\_trace\_level) | The trace level for the Spectromate application. | `string` | `"INFO"` | no | diff --git a/deployment/terraform/application-profile.tf b/deployment/terraform/application-profile.tf index 2ca2f9b..42cd660 100644 --- a/deployment/terraform/application-profile.tf +++ b/deployment/terraform/application-profile.tf @@ -10,7 +10,7 @@ resource "spectrocloud_application_profile" "spectromate" { type = data.spectrocloud_pack_simple.redis_service.type source_app_tier = data.spectrocloud_pack_simple.redis_service.id properties = { - "userPassword" = base64encode(random_password.password.result) + "userPassword" = base64encode(var.redis_password != "" ? var.redis_password : random_password.password.result) "redisVolumeSize" = var.redis_database_volume_size } values = templatefile("manifests/redis.yaml", {}) @@ -28,4 +28,4 @@ resource "spectrocloud_application_profile" "spectromate" { }) } tags = var.tags -} \ No newline at end of file +} diff --git a/deployment/terraform/inputs.tf b/deployment/terraform/inputs.tf index 498abf1..521f7c5 100644 --- a/deployment/terraform/inputs.tf +++ b/deployment/terraform/inputs.tf @@ -34,7 +34,7 @@ variable "mendable_api_key" { variable "image" { type = string description = "The Spectromate image to deploy." - default = "ghcr.io/spectrocloud/spectromate:v1.0.7" + default = "ghcr.io/spectrocloud/spectromate:v1.0.9" } variable "cluster_name" { @@ -61,6 +61,12 @@ variable "trace_level" { default = "INFO" } +variable "redis_password" { + type = string + description = "The password for the Redis database." + default = "" +} + variable "cluster_resources" { description = "The resources to allocate to the virtual cluster" type = map(object({ @@ -88,4 +94,4 @@ variable "tags" { type = list(string) description = "The default tags to apply to Palette resources" default = ["spectro-cloud-education", "app:spectromate", "repository:spectrocloud/spectromate", "terraform_managed:true"] -} \ No newline at end of file +} diff --git a/deployment/terraform/manifests/container.yaml b/deployment/terraform/manifests/container.yaml index 7dafe8a..fb75fc4 100644 --- a/deployment/terraform/manifests/container.yaml +++ b/deployment/terraform/manifests/container.yaml @@ -6,58 +6,58 @@ pack: releaseNameOverride: "{{.spectro.system.appdeployment.tiername}}" postReadinessHooks: outputParameters: - - name: CONTAINER_NAMESPACE - type: lookupSecret - spec: - namespace: "{{.spectro.system.appdeployment.tiername}}-ns" - secretName: "{{.spectro.system.appdeployment.tiername}}-custom-secret" - ownerReference: - apiVersion: v1 - kind: Service - name: "{{.spectro.system.appdeployment.tiername}}-svc" - keyToCheck: metadata.namespace - - name: CONTAINER_SVC - type: lookupSecret - spec: - namespace: "{{.spectro.system.appdeployment.tiername}}-ns" - secretName: "{{.spectro.system.appdeployment.tiername}}-custom-secret" - ownerReference: - apiVersion: v1 - kind: Service - name: "{{.spectro.system.appdeployment.tiername}}-svc" - keyToCheck: metadata.annotations["spectrocloud.com/service-fqdn"] - - name: CONTAINER_SVC_EXTERNALHOSTNAME - type: lookupSecret - spec: - namespace: "{{.spectro.system.appdeployment.tiername}}-ns" - secretName: "{{.spectro.system.appdeployment.tiername}}-custom-secret" - ownerReference: - apiVersion: v1 - kind: Service - name: "{{.spectro.system.appdeployment.tiername}}-svc" - keyToCheck: status.loadBalancer.ingress[0].hostname - conditional: true - - name: CONTAINER_SVC_EXTERNALIP - type: lookupSecret - spec: - namespace: "{{.spectro.system.appdeployment.tiername}}-ns" - secretName: "{{.spectro.system.appdeployment.tiername}}-custom-secret" - ownerReference: - apiVersion: v1 - kind: Service - name: "{{.spectro.system.appdeployment.tiername}}-svc" - keyToCheck: status.loadBalancer.ingress[0].ip - conditional: true - - name: CONTAINER_SVC_PORT - type: lookupSecret - spec: - namespace: "{{.spectro.system.appdeployment.tiername}}-ns" - secretName: "{{.spectro.system.appdeployment.tiername}}-custom-secret" - ownerReference: - apiVersion: v1 - kind: Service - name: "{{.spectro.system.appdeployment.tiername}}-svc" - keyToCheck: spec.ports[0].port + - name: CONTAINER_NAMESPACE + type: lookupSecret + spec: + namespace: "{{.spectro.system.appdeployment.tiername}}-ns" + secretName: "{{.spectro.system.appdeployment.tiername}}-custom-secret" + ownerReference: + apiVersion: v1 + kind: Service + name: "{{.spectro.system.appdeployment.tiername}}-svc" + keyToCheck: metadata.namespace + - name: CONTAINER_SVC + type: lookupSecret + spec: + namespace: "{{.spectro.system.appdeployment.tiername}}-ns" + secretName: "{{.spectro.system.appdeployment.tiername}}-custom-secret" + ownerReference: + apiVersion: v1 + kind: Service + name: "{{.spectro.system.appdeployment.tiername}}-svc" + keyToCheck: metadata.annotations["spectrocloud.com/service-fqdn"] + - name: CONTAINER_SVC_EXTERNALHOSTNAME + type: lookupSecret + spec: + namespace: "{{.spectro.system.appdeployment.tiername}}-ns" + secretName: "{{.spectro.system.appdeployment.tiername}}-custom-secret" + ownerReference: + apiVersion: v1 + kind: Service + name: "{{.spectro.system.appdeployment.tiername}}-svc" + keyToCheck: status.loadBalancer.ingress[0].hostname + conditional: true + - name: CONTAINER_SVC_EXTERNALIP + type: lookupSecret + spec: + namespace: "{{.spectro.system.appdeployment.tiername}}-ns" + secretName: "{{.spectro.system.appdeployment.tiername}}-custom-secret" + ownerReference: + apiVersion: v1 + kind: Service + name: "{{.spectro.system.appdeployment.tiername}}-svc" + keyToCheck: status.loadBalancer.ingress[0].ip + conditional: true + - name: CONTAINER_SVC_PORT + type: lookupSecret + spec: + namespace: "{{.spectro.system.appdeployment.tiername}}-ns" + secretName: "{{.spectro.system.appdeployment.tiername}}-custom-secret" + ownerReference: + apiVersion: v1 + kind: Service + name: "{{.spectro.system.appdeployment.tiername}}-svc" + keyToCheck: spec.ports[0].port containerService: serviceName: "{{.spectro.system.appdeployment.tiername}}-svc" registryUrl: "" @@ -82,4 +82,4 @@ containerService: - name: SLACK_SIGNING_SECRET value: ${slack_signing_secret} - name: TRACE - value: ${trace_level} \ No newline at end of file + value: ${trace_level}