diff --git a/client/web/src/jscontext.ts b/client/web/src/jscontext.ts index c7a4143611b..017d28bfc61 100644 --- a/client/web/src/jscontext.ts +++ b/client/web/src/jscontext.ts @@ -5,7 +5,14 @@ import type { BatchChangesLicenseInfo } from '@sourcegraph/shared/src/testing/ba import type { TemporarySettingsResult } from './graphql-operations' -export type DeployType = 'kubernetes' | 'docker-container' | 'docker-compose' | 'pure-docker' | 'dev' | 'helm' +export type DeployType = + | 'kubernetes' + | 'docker-container' + | 'docker-compose' + | 'pure-docker' + | 'dev' + | 'helm' + | 'appliance' /** * Defined in cmd/frontend/internal/app/jscontext/jscontext.go JSContext struct diff --git a/internal/appliance/config/defaults.go b/internal/appliance/config/defaults.go index 13fd6eb4368..e61ce24d428 100644 --- a/internal/appliance/config/defaults.go +++ b/internal/appliance/config/defaults.go @@ -143,6 +143,25 @@ func NewDefaultConfig() Sourcegraph { }, Replicas: 1, }, + Frontend: FrontendSpec{ + StandardConfig: StandardConfig{ + PrometheusPort: pointers.Ptr(6060), + }, + Replicas: 2, + Migrator: true, + }, + + // Grafana and Jaeger are opt-in + Grafana: GrafanaSpec{ + StandardConfig: StandardConfig{ + Disabled: true, + }, + }, + Jaeger: JaegerSpec{ + StandardConfig: StandardConfig{ + Disabled: true, + }, + }, }, } } diff --git a/internal/appliance/config/spec.go b/internal/appliance/config/spec.go index 3007c1236f9..5d1f5220c56 100644 --- a/internal/appliance/config/spec.go +++ b/internal/appliance/config/spec.go @@ -42,10 +42,9 @@ type CodeDBSpec struct { } type IngressSpec struct { - Disabled bool `json:"enabled,omitempty"` Annotations map[string]string `json:"annotations,omitempty"` Host string `json:"host,omitempty"` - IngressClassName string `json:"ingressClassName,omitempty"` + IngressClassName *string `json:"ingressClassName,omitempty"` TLSSecret string `json:"tlsSecret,omitempty"` } @@ -53,20 +52,17 @@ type EmbeddingsSpec struct { StandardConfig } -// FrontendSpec defines the desired state of Frontend. type FrontendSpec struct { + StandardConfig + + Migrator bool `json:"migrator,omitempty"` + // Replicas defines the number of Frontend pod replicas. // Default: 2 Replicas int32 `json:"replicas,omitempty"` // Ingress allows for changes to the custom Sourcegraph ingress. Ingress *IngressSpec `json:"ingress,omitempty"` - - // ExistingSecret is the name of an existing secret to use for Postgres credentials. - ExistingSecret string `json:"existingSecret,omitempty"` - - // Resources allows for custom resource limits and requests. - Resources *corev1.ResourceList `json:"resources,omitempty"` } // GitServerSpec defines the desired state of GitServer. @@ -82,6 +78,10 @@ type GitServerSpec struct { SSHSecret string `json:"sshSecret,omitempty"` } +type GrafanaSpec struct { + StandardConfig +} + // IndexedSearchSpec defines the desired state of Index Search. type IndexedSearchSpec struct { // Replicas defines the number of Index Search pod replicas. @@ -98,6 +98,10 @@ type IndexedSearchIndexerSpec struct { Resources *corev1.ResourceList `json:"resources,omitempty"` } +type JaegerSpec struct { + StandardConfig +} + // PGSQLSpec defines the desired state of the Postgres server. type PGSQLSpec struct { StandardConfig @@ -231,12 +235,16 @@ type SourcegraphSpec struct { // GitServer defines the desired state of the GitServer service. GitServer GitServerSpec `json:"gitServer,omitempty"` + Grafana GrafanaSpec `json:"grafana,omitempty"` + // IndexedSearch defines the desired state of the Indexed Search service. IndexedSearch IndexedSearchSpec `json:"indexedSearch,omitempty"` // IndexedSearchIndexer defines the desired state of the Indexed Search Indexer service. IndexedSearchIndexer IndexedSearchIndexerSpec `json:"indexedSearchIndexer,omitempty"` + Jaeger JaegerSpec `json:"jaeger,omitempty"` + // PGSQL defines the desired state of the PostgreSQL database. PGSQL PGSQLSpec `json:"pgsql,omitempty"` diff --git a/internal/appliance/reconciler/BUILD.bazel b/internal/appliance/reconciler/BUILD.bazel index 152f5491bf9..e9604b73a4d 100644 --- a/internal/appliance/reconciler/BUILD.bazel +++ b/internal/appliance/reconciler/BUILD.bazel @@ -8,6 +8,7 @@ go_library( "cadvisor.go", "codeinsights.go", "codeintel.go", + "frontend.go", "gitserver.go", "kubernetes.go", "pgsql.go", @@ -29,6 +30,7 @@ go_library( "//internal/k8s/resource/container", "//internal/k8s/resource/daemonset", "//internal/k8s/resource/deployment", + "//internal/k8s/resource/ingress", "//internal/k8s/resource/pod", "//internal/k8s/resource/pvc", "//internal/k8s/resource/role", @@ -41,6 +43,7 @@ go_library( "//lib/pointers", "@io_k8s_api//apps/v1:apps", "@io_k8s_api//core/v1:core", + "@io_k8s_api//networking/v1:networking", "@io_k8s_api//rbac/v1:rbac", "@io_k8s_apimachinery//pkg/api/errors", "@io_k8s_apimachinery//pkg/api/resource", @@ -69,6 +72,7 @@ go_test( "cadvisor_test.go", "codeinsights_test.go", "codeintel_test.go", + "frontend_test.go", "gitserver_test.go", "golden_test.go", "helpers_test.go", diff --git a/internal/appliance/reconciler/frontend.go b/internal/appliance/reconciler/frontend.go new file mode 100644 index 00000000000..fdb5bcbd528 --- /dev/null +++ b/internal/appliance/reconciler/frontend.go @@ -0,0 +1,304 @@ +package reconciler + +import ( + "context" + + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + netv1 "k8s.io/api/networking/v1" + rbacv1 "k8s.io/api/rbac/v1" + "k8s.io/apimachinery/pkg/api/resource" + "k8s.io/apimachinery/pkg/util/intstr" + "sigs.k8s.io/controller-runtime/pkg/client" + + "github.com/sourcegraph/sourcegraph/internal/appliance/config" + "github.com/sourcegraph/sourcegraph/internal/k8s/resource/container" + "github.com/sourcegraph/sourcegraph/internal/k8s/resource/deployment" + "github.com/sourcegraph/sourcegraph/internal/k8s/resource/ingress" + "github.com/sourcegraph/sourcegraph/internal/k8s/resource/pod" + "github.com/sourcegraph/sourcegraph/internal/k8s/resource/role" + "github.com/sourcegraph/sourcegraph/internal/k8s/resource/rolebinding" + "github.com/sourcegraph/sourcegraph/internal/k8s/resource/service" + "github.com/sourcegraph/sourcegraph/internal/k8s/resource/serviceaccount" + "github.com/sourcegraph/sourcegraph/lib/errors" + "github.com/sourcegraph/sourcegraph/lib/pointers" +) + +const ( + pgsqlSecretName = "pgsql-auth" + codeInsightsDBSecretName = "codeinsights-db-auth" + codeIntelDBSecretName = "codeintel-db-auth" +) + +func (r *Reconciler) reconcileFrontend(ctx context.Context, sg *config.Sourcegraph, owner client.Object) error { + if err := r.reconcileFrontendDeployment(ctx, sg, owner); err != nil { + return errors.Wrap(err, "reconciling Deployment") + } + if err := r.reconcileFrontendService(ctx, sg, owner); err != nil { + return errors.Wrap(err, "reconciling Service") + } + if err := r.reconcileFrontendServiceInternal(ctx, sg, owner); err != nil { + return errors.Wrap(err, "reconciling Service (internal)") + } + if err := r.reconcileFrontendServiceAccount(ctx, sg, owner); err != nil { + return errors.Wrap(err, "reconciling ServiceAccount") + } + if err := r.reconcileFrontendRole(ctx, sg, owner); err != nil { + return errors.Wrap(err, "reconciling Role") + } + if err := r.reconcileFrontendRoleBinding(ctx, sg, owner); err != nil { + return errors.Wrap(err, "reconciling RoleBinding") + } + if err := r.reconcileFrontendIngress(ctx, sg, owner); err != nil { + return errors.Wrap(err, "reconciling Ingress") + } + return nil +} + +func (r *Reconciler) reconcileFrontendDeployment(ctx context.Context, sg *config.Sourcegraph, owner client.Object) error { + name := "frontend" + cfg := sg.Spec.Frontend + + defaultImage := config.GetDefaultImage(sg, name) + ctr := container.NewContainer(name, cfg, config.ContainerConfig{ + Image: defaultImage, + Resources: &corev1.ResourceRequirements{ + Requests: corev1.ResourceList{ + corev1.ResourceCPU: resource.MustParse("2"), + corev1.ResourceMemory: resource.MustParse("2G"), + corev1.ResourceEphemeralStorage: resource.MustParse("4Gi"), + }, + Limits: corev1.ResourceList{ + corev1.ResourceCPU: resource.MustParse("2"), + corev1.ResourceMemory: resource.MustParse("4G"), + corev1.ResourceEphemeralStorage: resource.MustParse("8Gi"), + }, + }, + }) + + ctr.Env = append(ctr.Env, frontendEnvVars(sg)...) + ctr.Env = append(ctr.Env, dbAuthVars()...) + ctr.Env = append(ctr.Env, container.EnvVarsRedis()...) + ctr.Env = append(ctr.Env, container.EnvVarsOtel()...) + + ctr.Args = []string{"serve"} + + ctr.Ports = []corev1.ContainerPort{ + {Name: "http", ContainerPort: 3080}, + {Name: "http-internal", ContainerPort: 3090}, + {Name: "debug", ContainerPort: 6060}, + } + + ctr.LivenessProbe = &corev1.Probe{ + ProbeHandler: corev1.ProbeHandler{ + HTTPGet: &corev1.HTTPGetAction{ + Path: "/healthz", + Port: intstr.FromString("debug"), + }, + }, + InitialDelaySeconds: 300, + TimeoutSeconds: 5, + } + ctr.ReadinessProbe = &corev1.Probe{ + ProbeHandler: corev1.ProbeHandler{ + HTTPGet: &corev1.HTTPGetAction{ + Path: "/ready", + Port: intstr.FromString("debug"), + }, + }, + PeriodSeconds: 5, + TimeoutSeconds: 5, + } + ctr.VolumeMounts = []corev1.VolumeMount{ + {Name: "home-dir", MountPath: "/home/sourcegraph"}, + } + + template := pod.NewPodTemplate("sourcegraph-frontend", cfg) + template.Template.Spec.Containers = []corev1.Container{ctr} + template.Template.Spec.Volumes = []corev1.Volume{pod.NewVolumeEmptyDir("home-dir")} + template.Template.Spec.ServiceAccountName = "sourcegraph-frontend" + + if cfg.Migrator { + migratorImage := config.GetDefaultImage(sg, "migrator") + migratorCtr := container.NewContainer("migrator", cfg, config.ContainerConfig{ + Image: migratorImage, + Resources: &corev1.ResourceRequirements{ + Requests: corev1.ResourceList{ + corev1.ResourceCPU: resource.MustParse("100m"), + corev1.ResourceMemory: resource.MustParse("50M"), + }, + Limits: corev1.ResourceList{ + corev1.ResourceCPU: resource.MustParse("500m"), + corev1.ResourceMemory: resource.MustParse("100M"), + }, + }, + }) + migratorCtr.Args = []string{"up"} + migratorCtr.Env = append(migratorCtr.Env, frontendEnvVars(sg)...) + migratorCtr.Env = append(migratorCtr.Env, dbAuthVars()...) + template.Template.Spec.InitContainers = []corev1.Container{migratorCtr} + } + + dep := deployment.NewDeployment("sourcegraph-frontend", sg.Namespace, sg.Spec.RequestedVersion) + dep.Spec.Replicas = &cfg.Replicas + dep.Spec.Strategy.RollingUpdate = &appsv1.RollingUpdateDeployment{ + MaxSurge: pointers.Ptr(intstr.FromInt(2)), + MaxUnavailable: pointers.Ptr(intstr.FromInt(0)), + } + dep.Spec.Template = template.Template + + return reconcileObject(ctx, r, cfg, &dep, &appsv1.Deployment{}, sg, owner) +} + +func (r *Reconciler) reconcileFrontendService(ctx context.Context, sg *config.Sourcegraph, owner client.Object) error { + name := "sourcegraph-frontend" + cfg := sg.Spec.Frontend + + svc := service.NewService(name, sg.Namespace, cfg) + svc.Spec.Ports = []corev1.ServicePort{ + {Name: "http", Port: 30080, TargetPort: intstr.FromString("http")}, + } + svc.Spec.Selector = map[string]string{ + "app": name, + } + + return reconcileObject(ctx, r, cfg, &svc, &corev1.Service{}, sg, owner) +} + +func (r *Reconciler) reconcileFrontendServiceInternal(ctx context.Context, sg *config.Sourcegraph, owner client.Object) error { + cfg := sg.Spec.Frontend + + svc := service.NewService("sourcegraph-frontend-internal", sg.Namespace, nil) + svc.Spec.Ports = []corev1.ServicePort{ + {Name: "http-internal", Port: 80, TargetPort: intstr.FromString("http-internal")}, + } + svc.Spec.Selector = map[string]string{ + "app": "sourcegraph-frontend", + } + + return reconcileObject(ctx, r, cfg, &svc, &corev1.Service{}, sg, owner) +} + +func (r *Reconciler) reconcileFrontendRole(ctx context.Context, sg *config.Sourcegraph, owner client.Object) error { + name := "sourcegraph-frontend" + cfg := sg.Spec.Frontend + + role := role.NewRole(name, sg.Namespace) + + readVerbs := []string{"get", "list", "watch"} + role.Rules = []rbacv1.PolicyRule{ + { + APIGroups: []string{""}, + Resources: []string{"endpoints", "services"}, + Verbs: readVerbs, + }, + { + APIGroups: []string{"apps"}, + Resources: []string{"statefulsets"}, + Verbs: readVerbs, + }, + } + + return reconcileObject(ctx, r, cfg, &role, &rbacv1.Role{}, sg, owner) +} + +func (r *Reconciler) reconcileFrontendServiceAccount(ctx context.Context, sg *config.Sourcegraph, owner client.Object) error { + cfg := sg.Spec.Frontend + sa := serviceaccount.NewServiceAccount("sourcegraph-frontend", sg.Namespace, cfg) + return reconcileObject(ctx, r, cfg, &sa, &corev1.ServiceAccount{}, sg, owner) +} + +func (r *Reconciler) reconcileFrontendRoleBinding(ctx context.Context, sg *config.Sourcegraph, owner client.Object) error { + name := "sourcegraph-frontend" + binding := rolebinding.NewRoleBinding(name, sg.Namespace) + binding.RoleRef = rbacv1.RoleRef{ + Kind: "Role", + Name: name, + } + binding.Subjects = []rbacv1.Subject{ + { + Kind: "ServiceAccount", + Name: name, + Namespace: sg.Namespace, + }, + } + return reconcileObject(ctx, r, sg.Spec.Frontend, &binding, &rbacv1.RoleBinding{}, sg, owner) +} + +func (r *Reconciler) reconcileFrontendIngress(ctx context.Context, sg *config.Sourcegraph, owner client.Object) error { + name := "sourcegraph-frontend" + cfg := sg.Spec.Frontend + ingress := ingress.NewIngress(name, sg.Namespace) + if cfg.Ingress == nil { + return r.ensureObjectDeleted(ctx, &ingress) + } + + ingress.SetAnnotations(cfg.Ingress.Annotations) + + if cfg.Ingress.TLSSecret != "" { + ingress.Spec.TLS = []netv1.IngressTLS{{ + Hosts: []string{cfg.Ingress.Host}, + SecretName: cfg.Ingress.TLSSecret, + }} + } + + ingress.Spec.Rules = []netv1.IngressRule{{ + Host: cfg.Ingress.Host, + IngressRuleValue: netv1.IngressRuleValue{ + HTTP: &netv1.HTTPIngressRuleValue{ + Paths: []netv1.HTTPIngressPath{{ + Path: "/", + PathType: pointers.Ptr(netv1.PathTypePrefix), + Backend: netv1.IngressBackend{ + Service: &netv1.IngressServiceBackend{ + Name: name, + Port: netv1.ServiceBackendPort{ + Number: 30080, + }, + }, + }, + }}, + }, + }, + }} + + ingress.Spec.IngressClassName = cfg.Ingress.IngressClassName + + return reconcileObject(ctx, r, sg.Spec.Frontend, &ingress, &netv1.Ingress{}, sg, owner) +} + +func frontendEnvVars(sg *config.Sourcegraph) []corev1.EnvVar { + vars := []corev1.EnvVar{ + {Name: "DEPLOY_TYPE", Value: "appliance"}, + } + if !sg.Spec.Grafana.Disabled { + vars = append(vars, corev1.EnvVar{Name: "GRAFANA_SERVER_URL", Value: "http://grafana:30070"}) + } + if !sg.Spec.Jaeger.Disabled { + vars = append(vars, corev1.EnvVar{Name: "JAEGER_SERVER_URL", Value: "http://jaeger-query:16686"}) + } + if !sg.Spec.Prometheus.Disabled { + vars = append(vars, corev1.EnvVar{Name: "PROMETHEUS_URL", Value: "http://prometheus:30090"}) + } + return vars +} + +func dbAuthVars() []corev1.EnvVar { + return []corev1.EnvVar{ + container.NewEnvVarSecretKeyRef("PGDATABASE", pgsqlSecretName, "database"), + container.NewEnvVarSecretKeyRef("PGHOST", pgsqlSecretName, "host"), + container.NewEnvVarSecretKeyRef("PGPASSWORD", pgsqlSecretName, "password"), + container.NewEnvVarSecretKeyRef("PGPORT", pgsqlSecretName, "port"), + container.NewEnvVarSecretKeyRef("PGUSER", pgsqlSecretName, "user"), + container.NewEnvVarSecretKeyRef("CODEINTEL_PGDATABASE", codeIntelDBSecretName, "database"), + container.NewEnvVarSecretKeyRef("CODEINTEL_PGHOST", codeIntelDBSecretName, "host"), + container.NewEnvVarSecretKeyRef("CODEINTEL_PGPASSWORD", codeIntelDBSecretName, "password"), + container.NewEnvVarSecretKeyRef("CODEINTEL_PGPORT", codeIntelDBSecretName, "port"), + container.NewEnvVarSecretKeyRef("CODEINTEL_PGUSER", codeIntelDBSecretName, "user"), + container.NewEnvVarSecretKeyRef("CODEINSIGHTS_PGDATABASE", codeInsightsDBSecretName, "database"), + container.NewEnvVarSecretKeyRef("CODEINSIGHTS_PGHOST", codeInsightsDBSecretName, "host"), + container.NewEnvVarSecretKeyRef("CODEINSIGHTS_PGPASSWORD", codeInsightsDBSecretName, "password"), + container.NewEnvVarSecretKeyRef("CODEINSIGHTS_PGPORT", codeInsightsDBSecretName, "port"), + container.NewEnvVarSecretKeyRef("CODEINSIGHTS_PGUSER", codeInsightsDBSecretName, "user"), + } +} diff --git a/internal/appliance/reconciler/frontend_test.go b/internal/appliance/reconciler/frontend_test.go new file mode 100644 index 00000000000..29d3faae53b --- /dev/null +++ b/internal/appliance/reconciler/frontend_test.go @@ -0,0 +1,18 @@ +package reconciler + +func (suite *ApplianceTestSuite) TestDeployFrontend() { + for _, tc := range []struct { + name string + }{ + {name: "frontend/default"}, + {name: "frontend/with-blobstore"}, + {name: "frontend/with-ingress"}, + {name: "frontend/with-ingress-optional-fields"}, + {name: "frontend/with-overrides"}, + } { + suite.Run(tc.name, func() { + namespace := suite.createConfigMapAndAwaitReconciliation(tc.name) + suite.makeGoldenAssertions(namespace, tc.name) + }) + } +} diff --git a/internal/appliance/reconciler/golden_test.go b/internal/appliance/reconciler/golden_test.go index 16a4784bd90..88626083b6b 100644 --- a/internal/appliance/reconciler/golden_test.go +++ b/internal/appliance/reconciler/golden_test.go @@ -211,6 +211,15 @@ func (suite *ApplianceTestSuite) gatherResources(namespace string) []client.Obje objs = append(objs, &obj) } + ingresses, err := suite.k8sClient.NetworkingV1().Ingresses(namespace).List(suite.ctx, metav1.ListOptions{}) + suite.Require().NoError(err) + for _, obj := range ingresses.Items { + obj := obj + obj.SetGroupVersionKind(schema.GroupVersionKind{Group: "networking.k8s.io", Version: "v1", Kind: "Ingress"}) + normalizeObj(&obj) + objs = append(objs, &obj) + } + return objs } diff --git a/internal/appliance/reconciler/reconcile.go b/internal/appliance/reconciler/reconcile.go index 59005f92771..b2f47b57be3 100644 --- a/internal/appliance/reconciler/reconcile.go +++ b/internal/appliance/reconciler/reconcile.go @@ -111,6 +111,9 @@ func (r *Reconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Resu if err := r.reconcileWorker(ctx, &sourcegraph, &applianceSpec); err != nil { return ctrl.Result{}, errors.Newf("failed to reconcile worker: %w", err) } + if err := r.reconcileFrontend(ctx, &sourcegraph, &applianceSpec); err != nil { + return ctrl.Result{}, errors.Newf("failed to reconcile frontend: %w", err) + } // Set the current version annotation in case migration logic depends on it. applianceSpec.Annotations[config.AnnotationKeyCurrentVersion] = sourcegraph.Spec.RequestedVersion diff --git a/internal/appliance/reconciler/testdata/golden-fixtures/frontend/default.yaml b/internal/appliance/reconciler/testdata/golden-fixtures/frontend/default.yaml new file mode 100644 index 00000000000..5792c40ef75 --- /dev/null +++ b/internal/appliance/reconciler/testdata/golden-fixtures/frontend/default.yaml @@ -0,0 +1,545 @@ +resources: + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + appliance.sourcegraph.com/configHash: b5dce290e22d1afb4c9102ac4c245490ab01dd3be13653de391536cfe0e323b0 + creationTimestamp: "2024-04-19T00:00:00Z" + generation: 1 + labels: + app.kubernetes.io/component: sourcegraph-frontend + app.kubernetes.io/name: sourcegraph + app.kubernetes.io/version: 5.3.9104 + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + spec: + minReadySeconds: 10 + progressDeadlineSeconds: 600 + replicas: 2 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: sourcegraph-frontend + strategy: + rollingUpdate: + maxSurge: 2 + maxUnavailable: 0 + type: RollingUpdate + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: sourcegraph-frontend + creationTimestamp: null + labels: + app: sourcegraph-frontend + deploy: sourcegraph + name: sourcegraph-frontend + spec: + containers: + - args: + - serve + env: + - name: DEPLOY_TYPE + value: appliance + - name: PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: pgsql-auth + - name: PGHOST + valueFrom: + secretKeyRef: + key: host + name: pgsql-auth + - name: PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: pgsql-auth + - name: PGPORT + valueFrom: + secretKeyRef: + key: port + name: pgsql-auth + - name: PGUSER + valueFrom: + secretKeyRef: + key: user + name: pgsql-auth + - name: CODEINTEL_PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: codeintel-db-auth + - name: CODEINTEL_PGHOST + valueFrom: + secretKeyRef: + key: host + name: codeintel-db-auth + - name: CODEINTEL_PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: codeintel-db-auth + - name: CODEINTEL_PGPORT + valueFrom: + secretKeyRef: + key: port + name: codeintel-db-auth + - name: CODEINTEL_PGUSER + valueFrom: + secretKeyRef: + key: user + name: codeintel-db-auth + - name: CODEINSIGHTS_PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGHOST + valueFrom: + secretKeyRef: + key: host + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGPORT + valueFrom: + secretKeyRef: + key: port + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGUSER + valueFrom: + secretKeyRef: + key: user + name: codeinsights-db-auth + - name: REDIS_CACHE_ENDPOINT + valueFrom: + secretKeyRef: + key: endpoint + name: redis-cache + - name: REDIS_STORE_ENDPOINT + valueFrom: + secretKeyRef: + key: endpoint + name: redis-store + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + image: index.docker.io/sourcegraph/frontend:5.3.9104 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: debug + scheme: HTTP + initialDelaySeconds: 300 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: frontend + ports: + - containerPort: 3080 + name: http + protocol: TCP + - containerPort: 3090 + name: http-internal + protocol: TCP + - containerPort: 6060 + name: debug + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /ready + port: debug + scheme: HTTP + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 5 + resources: + limits: + cpu: "2" + ephemeral-storage: 8Gi + memory: 4G + requests: + cpu: "2" + ephemeral-storage: 4Gi + memory: 2G + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsGroup: 101 + runAsUser: 100 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /home/sourcegraph + name: home-dir + dnsPolicy: ClusterFirst + initContainers: + - args: + - up + env: + - name: DEPLOY_TYPE + value: appliance + - name: PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: pgsql-auth + - name: PGHOST + valueFrom: + secretKeyRef: + key: host + name: pgsql-auth + - name: PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: pgsql-auth + - name: PGPORT + valueFrom: + secretKeyRef: + key: port + name: pgsql-auth + - name: PGUSER + valueFrom: + secretKeyRef: + key: user + name: pgsql-auth + - name: CODEINTEL_PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: codeintel-db-auth + - name: CODEINTEL_PGHOST + valueFrom: + secretKeyRef: + key: host + name: codeintel-db-auth + - name: CODEINTEL_PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: codeintel-db-auth + - name: CODEINTEL_PGPORT + valueFrom: + secretKeyRef: + key: port + name: codeintel-db-auth + - name: CODEINTEL_PGUSER + valueFrom: + secretKeyRef: + key: user + name: codeintel-db-auth + - name: CODEINSIGHTS_PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGHOST + valueFrom: + secretKeyRef: + key: host + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGPORT + valueFrom: + secretKeyRef: + key: port + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGUSER + valueFrom: + secretKeyRef: + key: user + name: codeinsights-db-auth + image: index.docker.io/sourcegraph/migrator:5.3.9104 + imagePullPolicy: IfNotPresent + name: migrator + resources: + limits: + cpu: 500m + memory: 100M + requests: + cpu: 100m + memory: 50M + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsGroup: 101 + runAsUser: 100 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 101 + runAsUser: 100 + serviceAccount: sourcegraph-frontend + serviceAccountName: sourcegraph-frontend + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: home-dir + status: {} + - apiVersion: v1 + data: + spec: | + spec: + requestedVersion: "5.3.9104" + + blobstore: + disabled: true + + codeInsights: + disabled: true + + codeIntel: + disabled: true + + frontend: {} + + gitServer: + disabled: true + + indexedSearch: + disabled: true + + indexedSearchIndexer: + disabled: true + + pgsql: + disabled: true + + postgresExporter: + disabled: true + + preciseCodeIntel: + disabled: true + + redisCache: + disabled: true + + redisStore: + disabled: true + + repoUpdater: + disabled: true + + searcher: + disabled: true + + symbols: + disabled: true + + syntectServer: + disabled: true + + worker: + disabled: true + + prometheus: + disabled: true + + embeddings: + disabled: true + kind: ConfigMap + metadata: + annotations: + appliance.sourcegraph.com/currentVersion: 5.3.9104 + appliance.sourcegraph.com/managed: "true" + creationTimestamp: "2024-04-19T00:00:00Z" + name: sg + namespace: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + - apiVersion: rbac.authorization.k8s.io/v1 + kind: Role + metadata: + annotations: + appliance.sourcegraph.com/configHash: b5dce290e22d1afb4c9102ac4c245490ab01dd3be13653de391536cfe0e323b0 + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + rules: + - apiGroups: + - "" + resources: + - endpoints + - services + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - get + - list + - watch + - apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + metadata: + annotations: + appliance.sourcegraph.com/configHash: b5dce290e22d1afb4c9102ac4c245490ab01dd3be13653de391536cfe0e323b0 + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: sourcegraph-frontend + subjects: + - kind: ServiceAccount + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + - apiVersion: v1 + kind: ServiceAccount + metadata: + annotations: + appliance.sourcegraph.com/configHash: b5dce290e22d1afb4c9102ac4c245490ab01dd3be13653de391536cfe0e323b0 + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + - apiVersion: v1 + kind: Service + metadata: + annotations: + appliance.sourcegraph.com/configHash: b5dce290e22d1afb4c9102ac4c245490ab01dd3be13653de391536cfe0e323b0 + prometheus.io/port: "6060" + sourcegraph.prometheus/scrape: "true" + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + app: sourcegraph-frontend + app.kubernetes.io/component: sourcegraph-frontend + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + spec: + clusterIP: NORMALIZED_FOR_TESTING + clusterIPs: + - NORMALIZED_FOR_TESTING + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http + port: 30080 + protocol: TCP + targetPort: http + selector: + app: sourcegraph-frontend + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + appliance.sourcegraph.com/configHash: b5dce290e22d1afb4c9102ac4c245490ab01dd3be13653de391536cfe0e323b0 + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + app: sourcegraph-frontend-internal + app.kubernetes.io/component: sourcegraph-frontend-internal + deploy: sourcegraph + name: sourcegraph-frontend-internal + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + spec: + clusterIP: NORMALIZED_FOR_TESTING + clusterIPs: + - NORMALIZED_FOR_TESTING + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http-internal + port: 80 + protocol: TCP + targetPort: http-internal + selector: + app: sourcegraph-frontend + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} diff --git a/internal/appliance/reconciler/testdata/golden-fixtures/frontend/with-blobstore.yaml b/internal/appliance/reconciler/testdata/golden-fixtures/frontend/with-blobstore.yaml new file mode 100644 index 00000000000..5aba04a6a17 --- /dev/null +++ b/internal/appliance/reconciler/testdata/golden-fixtures/frontend/with-blobstore.yaml @@ -0,0 +1,703 @@ +resources: + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + appliance.sourcegraph.com/configHash: 2b72058f008a684f7fa052f8ad33d0226af4cfb7973242c9103d6d1900da355e + creationTimestamp: "2024-04-19T00:00:00Z" + generation: 1 + labels: + app.kubernetes.io/component: blobstore + app.kubernetes.io/name: sourcegraph + app.kubernetes.io/version: 5.3.9104 + deploy: sourcegraph + name: blobstore + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + spec: + minReadySeconds: 10 + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: blobstore + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: blobstore + creationTimestamp: null + labels: + app: blobstore + deploy: sourcegraph + name: blobstore + spec: + containers: + - image: index.docker.io/sourcegraph/blobstore:5.3.9104 + imagePullPolicy: IfNotPresent + name: blobstore + ports: + - containerPort: 9000 + name: blobstore + protocol: TCP + resources: + limits: + cpu: "1" + memory: 500M + requests: + cpu: "1" + memory: 500M + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsGroup: 101 + runAsUser: 100 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /blobstore + name: blobstore + - mountPath: /data + name: blobstore-data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 101 + runAsUser: 100 + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: blobstore + - name: blobstore-data + persistentVolumeClaim: + claimName: blobstore + status: {} + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + appliance.sourcegraph.com/configHash: b5dce290e22d1afb4c9102ac4c245490ab01dd3be13653de391536cfe0e323b0 + creationTimestamp: "2024-04-19T00:00:00Z" + generation: 1 + labels: + app.kubernetes.io/component: sourcegraph-frontend + app.kubernetes.io/name: sourcegraph + app.kubernetes.io/version: 5.3.9104 + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + spec: + minReadySeconds: 10 + progressDeadlineSeconds: 600 + replicas: 2 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: sourcegraph-frontend + strategy: + rollingUpdate: + maxSurge: 2 + maxUnavailable: 0 + type: RollingUpdate + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: sourcegraph-frontend + creationTimestamp: null + labels: + app: sourcegraph-frontend + deploy: sourcegraph + name: sourcegraph-frontend + spec: + containers: + - args: + - serve + env: + - name: DEPLOY_TYPE + value: appliance + - name: PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: pgsql-auth + - name: PGHOST + valueFrom: + secretKeyRef: + key: host + name: pgsql-auth + - name: PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: pgsql-auth + - name: PGPORT + valueFrom: + secretKeyRef: + key: port + name: pgsql-auth + - name: PGUSER + valueFrom: + secretKeyRef: + key: user + name: pgsql-auth + - name: CODEINTEL_PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: codeintel-db-auth + - name: CODEINTEL_PGHOST + valueFrom: + secretKeyRef: + key: host + name: codeintel-db-auth + - name: CODEINTEL_PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: codeintel-db-auth + - name: CODEINTEL_PGPORT + valueFrom: + secretKeyRef: + key: port + name: codeintel-db-auth + - name: CODEINTEL_PGUSER + valueFrom: + secretKeyRef: + key: user + name: codeintel-db-auth + - name: CODEINSIGHTS_PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGHOST + valueFrom: + secretKeyRef: + key: host + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGPORT + valueFrom: + secretKeyRef: + key: port + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGUSER + valueFrom: + secretKeyRef: + key: user + name: codeinsights-db-auth + - name: REDIS_CACHE_ENDPOINT + valueFrom: + secretKeyRef: + key: endpoint + name: redis-cache + - name: REDIS_STORE_ENDPOINT + valueFrom: + secretKeyRef: + key: endpoint + name: redis-store + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + image: index.docker.io/sourcegraph/frontend:5.3.9104 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: debug + scheme: HTTP + initialDelaySeconds: 300 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: frontend + ports: + - containerPort: 3080 + name: http + protocol: TCP + - containerPort: 3090 + name: http-internal + protocol: TCP + - containerPort: 6060 + name: debug + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /ready + port: debug + scheme: HTTP + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 5 + resources: + limits: + cpu: "2" + ephemeral-storage: 8Gi + memory: 4G + requests: + cpu: "2" + ephemeral-storage: 4Gi + memory: 2G + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsGroup: 101 + runAsUser: 100 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /home/sourcegraph + name: home-dir + dnsPolicy: ClusterFirst + initContainers: + - args: + - up + env: + - name: DEPLOY_TYPE + value: appliance + - name: PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: pgsql-auth + - name: PGHOST + valueFrom: + secretKeyRef: + key: host + name: pgsql-auth + - name: PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: pgsql-auth + - name: PGPORT + valueFrom: + secretKeyRef: + key: port + name: pgsql-auth + - name: PGUSER + valueFrom: + secretKeyRef: + key: user + name: pgsql-auth + - name: CODEINTEL_PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: codeintel-db-auth + - name: CODEINTEL_PGHOST + valueFrom: + secretKeyRef: + key: host + name: codeintel-db-auth + - name: CODEINTEL_PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: codeintel-db-auth + - name: CODEINTEL_PGPORT + valueFrom: + secretKeyRef: + key: port + name: codeintel-db-auth + - name: CODEINTEL_PGUSER + valueFrom: + secretKeyRef: + key: user + name: codeintel-db-auth + - name: CODEINSIGHTS_PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGHOST + valueFrom: + secretKeyRef: + key: host + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGPORT + valueFrom: + secretKeyRef: + key: port + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGUSER + valueFrom: + secretKeyRef: + key: user + name: codeinsights-db-auth + image: index.docker.io/sourcegraph/migrator:5.3.9104 + imagePullPolicy: IfNotPresent + name: migrator + resources: + limits: + cpu: 500m + memory: 100M + requests: + cpu: 100m + memory: 50M + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsGroup: 101 + runAsUser: 100 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 101 + runAsUser: 100 + serviceAccount: sourcegraph-frontend + serviceAccountName: sourcegraph-frontend + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: home-dir + status: {} + - apiVersion: v1 + data: + spec: | + spec: + requestedVersion: "5.3.9104" + + blobstore: {} + + codeInsights: + disabled: true + + codeIntel: + disabled: true + + frontend: {} + + gitServer: + disabled: true + + indexedSearch: + disabled: true + + indexedSearchIndexer: + disabled: true + + pgsql: + disabled: true + + postgresExporter: + disabled: true + + preciseCodeIntel: + disabled: true + + redisCache: + disabled: true + + redisStore: + disabled: true + + repoUpdater: + disabled: true + + searcher: + disabled: true + + symbols: + disabled: true + + syntectServer: + disabled: true + + worker: + disabled: true + + prometheus: + disabled: true + + embeddings: + disabled: true + kind: ConfigMap + metadata: + annotations: + appliance.sourcegraph.com/currentVersion: 5.3.9104 + appliance.sourcegraph.com/managed: "true" + creationTimestamp: "2024-04-19T00:00:00Z" + name: sg + namespace: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + annotations: + appliance.sourcegraph.com/configHash: 2b72058f008a684f7fa052f8ad33d0226af4cfb7973242c9103d6d1900da355e + creationTimestamp: "2024-04-19T00:00:00Z" + finalizers: + - kubernetes.io/pvc-protection + labels: + deploy: sourcegraph + name: blobstore + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 100Gi + volumeMode: Filesystem + status: + phase: Pending + - apiVersion: rbac.authorization.k8s.io/v1 + kind: Role + metadata: + annotations: + appliance.sourcegraph.com/configHash: b5dce290e22d1afb4c9102ac4c245490ab01dd3be13653de391536cfe0e323b0 + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + rules: + - apiGroups: + - "" + resources: + - endpoints + - services + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - get + - list + - watch + - apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + metadata: + annotations: + appliance.sourcegraph.com/configHash: b5dce290e22d1afb4c9102ac4c245490ab01dd3be13653de391536cfe0e323b0 + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: sourcegraph-frontend + subjects: + - kind: ServiceAccount + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + - apiVersion: v1 + kind: ServiceAccount + metadata: + annotations: + appliance.sourcegraph.com/configHash: b5dce290e22d1afb4c9102ac4c245490ab01dd3be13653de391536cfe0e323b0 + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + - apiVersion: v1 + kind: Service + metadata: + annotations: + appliance.sourcegraph.com/configHash: 2b72058f008a684f7fa052f8ad33d0226af4cfb7973242c9103d6d1900da355e + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + app: blobstore + app.kubernetes.io/component: blobstore + deploy: sourcegraph + name: blobstore + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + spec: + clusterIP: NORMALIZED_FOR_TESTING + clusterIPs: + - NORMALIZED_FOR_TESTING + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: blobstore + port: 9000 + protocol: TCP + targetPort: blobstore + selector: + app: blobstore + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + appliance.sourcegraph.com/configHash: b5dce290e22d1afb4c9102ac4c245490ab01dd3be13653de391536cfe0e323b0 + prometheus.io/port: "6060" + sourcegraph.prometheus/scrape: "true" + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + app: sourcegraph-frontend + app.kubernetes.io/component: sourcegraph-frontend + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + spec: + clusterIP: NORMALIZED_FOR_TESTING + clusterIPs: + - NORMALIZED_FOR_TESTING + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http + port: 30080 + protocol: TCP + targetPort: http + selector: + app: sourcegraph-frontend + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + appliance.sourcegraph.com/configHash: b5dce290e22d1afb4c9102ac4c245490ab01dd3be13653de391536cfe0e323b0 + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + app: sourcegraph-frontend-internal + app.kubernetes.io/component: sourcegraph-frontend-internal + deploy: sourcegraph + name: sourcegraph-frontend-internal + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + spec: + clusterIP: NORMALIZED_FOR_TESTING + clusterIPs: + - NORMALIZED_FOR_TESTING + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http-internal + port: 80 + protocol: TCP + targetPort: http-internal + selector: + app: sourcegraph-frontend + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} diff --git a/internal/appliance/reconciler/testdata/golden-fixtures/frontend/with-ingress-optional-fields.yaml b/internal/appliance/reconciler/testdata/golden-fixtures/frontend/with-ingress-optional-fields.yaml new file mode 100644 index 00000000000..476732de125 --- /dev/null +++ b/internal/appliance/reconciler/testdata/golden-fixtures/frontend/with-ingress-optional-fields.yaml @@ -0,0 +1,591 @@ +resources: + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + appliance.sourcegraph.com/configHash: 7caff941f7756c1a8aa77fb1604c7c1d191868889bbe1ca514eac63a4c1aafc8 + creationTimestamp: "2024-04-19T00:00:00Z" + generation: 1 + labels: + app.kubernetes.io/component: sourcegraph-frontend + app.kubernetes.io/name: sourcegraph + app.kubernetes.io/version: 5.3.9104 + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + spec: + minReadySeconds: 10 + progressDeadlineSeconds: 600 + replicas: 2 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: sourcegraph-frontend + strategy: + rollingUpdate: + maxSurge: 2 + maxUnavailable: 0 + type: RollingUpdate + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: sourcegraph-frontend + creationTimestamp: null + labels: + app: sourcegraph-frontend + deploy: sourcegraph + name: sourcegraph-frontend + spec: + containers: + - args: + - serve + env: + - name: DEPLOY_TYPE + value: appliance + - name: PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: pgsql-auth + - name: PGHOST + valueFrom: + secretKeyRef: + key: host + name: pgsql-auth + - name: PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: pgsql-auth + - name: PGPORT + valueFrom: + secretKeyRef: + key: port + name: pgsql-auth + - name: PGUSER + valueFrom: + secretKeyRef: + key: user + name: pgsql-auth + - name: CODEINTEL_PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: codeintel-db-auth + - name: CODEINTEL_PGHOST + valueFrom: + secretKeyRef: + key: host + name: codeintel-db-auth + - name: CODEINTEL_PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: codeintel-db-auth + - name: CODEINTEL_PGPORT + valueFrom: + secretKeyRef: + key: port + name: codeintel-db-auth + - name: CODEINTEL_PGUSER + valueFrom: + secretKeyRef: + key: user + name: codeintel-db-auth + - name: CODEINSIGHTS_PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGHOST + valueFrom: + secretKeyRef: + key: host + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGPORT + valueFrom: + secretKeyRef: + key: port + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGUSER + valueFrom: + secretKeyRef: + key: user + name: codeinsights-db-auth + - name: REDIS_CACHE_ENDPOINT + valueFrom: + secretKeyRef: + key: endpoint + name: redis-cache + - name: REDIS_STORE_ENDPOINT + valueFrom: + secretKeyRef: + key: endpoint + name: redis-store + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + image: index.docker.io/sourcegraph/frontend:5.3.9104 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: debug + scheme: HTTP + initialDelaySeconds: 300 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: frontend + ports: + - containerPort: 3080 + name: http + protocol: TCP + - containerPort: 3090 + name: http-internal + protocol: TCP + - containerPort: 6060 + name: debug + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /ready + port: debug + scheme: HTTP + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 5 + resources: + limits: + cpu: "2" + ephemeral-storage: 8Gi + memory: 4G + requests: + cpu: "2" + ephemeral-storage: 4Gi + memory: 2G + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsGroup: 101 + runAsUser: 100 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /home/sourcegraph + name: home-dir + dnsPolicy: ClusterFirst + initContainers: + - args: + - up + env: + - name: DEPLOY_TYPE + value: appliance + - name: PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: pgsql-auth + - name: PGHOST + valueFrom: + secretKeyRef: + key: host + name: pgsql-auth + - name: PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: pgsql-auth + - name: PGPORT + valueFrom: + secretKeyRef: + key: port + name: pgsql-auth + - name: PGUSER + valueFrom: + secretKeyRef: + key: user + name: pgsql-auth + - name: CODEINTEL_PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: codeintel-db-auth + - name: CODEINTEL_PGHOST + valueFrom: + secretKeyRef: + key: host + name: codeintel-db-auth + - name: CODEINTEL_PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: codeintel-db-auth + - name: CODEINTEL_PGPORT + valueFrom: + secretKeyRef: + key: port + name: codeintel-db-auth + - name: CODEINTEL_PGUSER + valueFrom: + secretKeyRef: + key: user + name: codeintel-db-auth + - name: CODEINSIGHTS_PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGHOST + valueFrom: + secretKeyRef: + key: host + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGPORT + valueFrom: + secretKeyRef: + key: port + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGUSER + valueFrom: + secretKeyRef: + key: user + name: codeinsights-db-auth + image: index.docker.io/sourcegraph/migrator:5.3.9104 + imagePullPolicy: IfNotPresent + name: migrator + resources: + limits: + cpu: 500m + memory: 100M + requests: + cpu: 100m + memory: 50M + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsGroup: 101 + runAsUser: 100 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 101 + runAsUser: 100 + serviceAccount: sourcegraph-frontend + serviceAccountName: sourcegraph-frontend + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: home-dir + status: {} + - apiVersion: v1 + data: + spec: | + spec: + requestedVersion: "5.3.9104" + + blobstore: + disabled: true + + codeInsights: + disabled: true + + codeIntel: + disabled: true + + frontend: + ingress: + host: example.com + annotations: + foo: bar + ingressClassName: an-ingress-class + tlsSecret: ingress-tls-secret + + gitServer: + disabled: true + + indexedSearch: + disabled: true + + indexedSearchIndexer: + disabled: true + + pgsql: + disabled: true + + postgresExporter: + disabled: true + + preciseCodeIntel: + disabled: true + + redisCache: + disabled: true + + redisStore: + disabled: true + + repoUpdater: + disabled: true + + searcher: + disabled: true + + symbols: + disabled: true + + syntectServer: + disabled: true + + worker: + disabled: true + + prometheus: + disabled: true + + embeddings: + disabled: true + kind: ConfigMap + metadata: + annotations: + appliance.sourcegraph.com/currentVersion: 5.3.9104 + appliance.sourcegraph.com/managed: "true" + creationTimestamp: "2024-04-19T00:00:00Z" + name: sg + namespace: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + - apiVersion: rbac.authorization.k8s.io/v1 + kind: Role + metadata: + annotations: + appliance.sourcegraph.com/configHash: 7caff941f7756c1a8aa77fb1604c7c1d191868889bbe1ca514eac63a4c1aafc8 + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + rules: + - apiGroups: + - "" + resources: + - endpoints + - services + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - get + - list + - watch + - apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + metadata: + annotations: + appliance.sourcegraph.com/configHash: 7caff941f7756c1a8aa77fb1604c7c1d191868889bbe1ca514eac63a4c1aafc8 + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: sourcegraph-frontend + subjects: + - kind: ServiceAccount + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + - apiVersion: v1 + kind: ServiceAccount + metadata: + annotations: + appliance.sourcegraph.com/configHash: 7caff941f7756c1a8aa77fb1604c7c1d191868889bbe1ca514eac63a4c1aafc8 + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + - apiVersion: v1 + kind: Service + metadata: + annotations: + appliance.sourcegraph.com/configHash: 7caff941f7756c1a8aa77fb1604c7c1d191868889bbe1ca514eac63a4c1aafc8 + prometheus.io/port: "6060" + sourcegraph.prometheus/scrape: "true" + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + app: sourcegraph-frontend + app.kubernetes.io/component: sourcegraph-frontend + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + spec: + clusterIP: NORMALIZED_FOR_TESTING + clusterIPs: + - NORMALIZED_FOR_TESTING + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http + port: 30080 + protocol: TCP + targetPort: http + selector: + app: sourcegraph-frontend + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + appliance.sourcegraph.com/configHash: 7caff941f7756c1a8aa77fb1604c7c1d191868889bbe1ca514eac63a4c1aafc8 + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + app: sourcegraph-frontend-internal + app.kubernetes.io/component: sourcegraph-frontend-internal + deploy: sourcegraph + name: sourcegraph-frontend-internal + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + spec: + clusterIP: NORMALIZED_FOR_TESTING + clusterIPs: + - NORMALIZED_FOR_TESTING + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http-internal + port: 80 + protocol: TCP + targetPort: http-internal + selector: + app: sourcegraph-frontend + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: networking.k8s.io/v1 + kind: Ingress + metadata: + annotations: + appliance.sourcegraph.com/configHash: 7caff941f7756c1a8aa77fb1604c7c1d191868889bbe1ca514eac63a4c1aafc8 + foo: bar + creationTimestamp: "2024-04-19T00:00:00Z" + generation: 1 + labels: + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + spec: + ingressClassName: an-ingress-class + rules: + - host: example.com + http: + paths: + - backend: + service: + name: sourcegraph-frontend + port: + number: 30080 + path: / + pathType: Prefix + tls: + - hosts: + - example.com + secretName: ingress-tls-secret + status: + loadBalancer: {} diff --git a/internal/appliance/reconciler/testdata/golden-fixtures/frontend/with-ingress.yaml b/internal/appliance/reconciler/testdata/golden-fixtures/frontend/with-ingress.yaml new file mode 100644 index 00000000000..ff4c395a0b2 --- /dev/null +++ b/internal/appliance/reconciler/testdata/golden-fixtures/frontend/with-ingress.yaml @@ -0,0 +1,579 @@ +resources: + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + appliance.sourcegraph.com/configHash: d3eb623947fedba566dfc56adc4733ff5ef1b2887a5cb63d75dbc1df452b0b5c + creationTimestamp: "2024-04-19T00:00:00Z" + generation: 1 + labels: + app.kubernetes.io/component: sourcegraph-frontend + app.kubernetes.io/name: sourcegraph + app.kubernetes.io/version: 5.3.9104 + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + spec: + minReadySeconds: 10 + progressDeadlineSeconds: 600 + replicas: 2 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: sourcegraph-frontend + strategy: + rollingUpdate: + maxSurge: 2 + maxUnavailable: 0 + type: RollingUpdate + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: sourcegraph-frontend + creationTimestamp: null + labels: + app: sourcegraph-frontend + deploy: sourcegraph + name: sourcegraph-frontend + spec: + containers: + - args: + - serve + env: + - name: DEPLOY_TYPE + value: appliance + - name: PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: pgsql-auth + - name: PGHOST + valueFrom: + secretKeyRef: + key: host + name: pgsql-auth + - name: PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: pgsql-auth + - name: PGPORT + valueFrom: + secretKeyRef: + key: port + name: pgsql-auth + - name: PGUSER + valueFrom: + secretKeyRef: + key: user + name: pgsql-auth + - name: CODEINTEL_PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: codeintel-db-auth + - name: CODEINTEL_PGHOST + valueFrom: + secretKeyRef: + key: host + name: codeintel-db-auth + - name: CODEINTEL_PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: codeintel-db-auth + - name: CODEINTEL_PGPORT + valueFrom: + secretKeyRef: + key: port + name: codeintel-db-auth + - name: CODEINTEL_PGUSER + valueFrom: + secretKeyRef: + key: user + name: codeintel-db-auth + - name: CODEINSIGHTS_PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGHOST + valueFrom: + secretKeyRef: + key: host + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGPORT + valueFrom: + secretKeyRef: + key: port + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGUSER + valueFrom: + secretKeyRef: + key: user + name: codeinsights-db-auth + - name: REDIS_CACHE_ENDPOINT + valueFrom: + secretKeyRef: + key: endpoint + name: redis-cache + - name: REDIS_STORE_ENDPOINT + valueFrom: + secretKeyRef: + key: endpoint + name: redis-store + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + image: index.docker.io/sourcegraph/frontend:5.3.9104 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: debug + scheme: HTTP + initialDelaySeconds: 300 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: frontend + ports: + - containerPort: 3080 + name: http + protocol: TCP + - containerPort: 3090 + name: http-internal + protocol: TCP + - containerPort: 6060 + name: debug + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /ready + port: debug + scheme: HTTP + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 5 + resources: + limits: + cpu: "2" + ephemeral-storage: 8Gi + memory: 4G + requests: + cpu: "2" + ephemeral-storage: 4Gi + memory: 2G + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsGroup: 101 + runAsUser: 100 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /home/sourcegraph + name: home-dir + dnsPolicy: ClusterFirst + initContainers: + - args: + - up + env: + - name: DEPLOY_TYPE + value: appliance + - name: PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: pgsql-auth + - name: PGHOST + valueFrom: + secretKeyRef: + key: host + name: pgsql-auth + - name: PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: pgsql-auth + - name: PGPORT + valueFrom: + secretKeyRef: + key: port + name: pgsql-auth + - name: PGUSER + valueFrom: + secretKeyRef: + key: user + name: pgsql-auth + - name: CODEINTEL_PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: codeintel-db-auth + - name: CODEINTEL_PGHOST + valueFrom: + secretKeyRef: + key: host + name: codeintel-db-auth + - name: CODEINTEL_PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: codeintel-db-auth + - name: CODEINTEL_PGPORT + valueFrom: + secretKeyRef: + key: port + name: codeintel-db-auth + - name: CODEINTEL_PGUSER + valueFrom: + secretKeyRef: + key: user + name: codeintel-db-auth + - name: CODEINSIGHTS_PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGHOST + valueFrom: + secretKeyRef: + key: host + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGPORT + valueFrom: + secretKeyRef: + key: port + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGUSER + valueFrom: + secretKeyRef: + key: user + name: codeinsights-db-auth + image: index.docker.io/sourcegraph/migrator:5.3.9104 + imagePullPolicy: IfNotPresent + name: migrator + resources: + limits: + cpu: 500m + memory: 100M + requests: + cpu: 100m + memory: 50M + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsGroup: 101 + runAsUser: 100 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 101 + runAsUser: 100 + serviceAccount: sourcegraph-frontend + serviceAccountName: sourcegraph-frontend + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: home-dir + status: {} + - apiVersion: v1 + data: + spec: | + spec: + requestedVersion: "5.3.9104" + + blobstore: + disabled: true + + codeInsights: + disabled: true + + codeIntel: + disabled: true + + frontend: + ingress: {} + + gitServer: + disabled: true + + indexedSearch: + disabled: true + + indexedSearchIndexer: + disabled: true + + pgsql: + disabled: true + + postgresExporter: + disabled: true + + preciseCodeIntel: + disabled: true + + redisCache: + disabled: true + + redisStore: + disabled: true + + repoUpdater: + disabled: true + + searcher: + disabled: true + + symbols: + disabled: true + + syntectServer: + disabled: true + + worker: + disabled: true + + prometheus: + disabled: true + + embeddings: + disabled: true + kind: ConfigMap + metadata: + annotations: + appliance.sourcegraph.com/currentVersion: 5.3.9104 + appliance.sourcegraph.com/managed: "true" + creationTimestamp: "2024-04-19T00:00:00Z" + name: sg + namespace: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + - apiVersion: rbac.authorization.k8s.io/v1 + kind: Role + metadata: + annotations: + appliance.sourcegraph.com/configHash: d3eb623947fedba566dfc56adc4733ff5ef1b2887a5cb63d75dbc1df452b0b5c + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + rules: + - apiGroups: + - "" + resources: + - endpoints + - services + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - get + - list + - watch + - apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + metadata: + annotations: + appliance.sourcegraph.com/configHash: d3eb623947fedba566dfc56adc4733ff5ef1b2887a5cb63d75dbc1df452b0b5c + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: sourcegraph-frontend + subjects: + - kind: ServiceAccount + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + - apiVersion: v1 + kind: ServiceAccount + metadata: + annotations: + appliance.sourcegraph.com/configHash: d3eb623947fedba566dfc56adc4733ff5ef1b2887a5cb63d75dbc1df452b0b5c + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + - apiVersion: v1 + kind: Service + metadata: + annotations: + appliance.sourcegraph.com/configHash: d3eb623947fedba566dfc56adc4733ff5ef1b2887a5cb63d75dbc1df452b0b5c + prometheus.io/port: "6060" + sourcegraph.prometheus/scrape: "true" + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + app: sourcegraph-frontend + app.kubernetes.io/component: sourcegraph-frontend + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + spec: + clusterIP: NORMALIZED_FOR_TESTING + clusterIPs: + - NORMALIZED_FOR_TESTING + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http + port: 30080 + protocol: TCP + targetPort: http + selector: + app: sourcegraph-frontend + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + appliance.sourcegraph.com/configHash: d3eb623947fedba566dfc56adc4733ff5ef1b2887a5cb63d75dbc1df452b0b5c + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + app: sourcegraph-frontend-internal + app.kubernetes.io/component: sourcegraph-frontend-internal + deploy: sourcegraph + name: sourcegraph-frontend-internal + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + spec: + clusterIP: NORMALIZED_FOR_TESTING + clusterIPs: + - NORMALIZED_FOR_TESTING + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http-internal + port: 80 + protocol: TCP + targetPort: http-internal + selector: + app: sourcegraph-frontend + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: networking.k8s.io/v1 + kind: Ingress + metadata: + annotations: + appliance.sourcegraph.com/configHash: d3eb623947fedba566dfc56adc4733ff5ef1b2887a5cb63d75dbc1df452b0b5c + creationTimestamp: "2024-04-19T00:00:00Z" + generation: 1 + labels: + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + spec: + rules: + - http: + paths: + - backend: + service: + name: sourcegraph-frontend + port: + number: 30080 + path: / + pathType: Prefix + status: + loadBalancer: {} diff --git a/internal/appliance/reconciler/testdata/golden-fixtures/frontend/with-overrides.yaml b/internal/appliance/reconciler/testdata/golden-fixtures/frontend/with-overrides.yaml new file mode 100644 index 00000000000..3916d4c1bd2 --- /dev/null +++ b/internal/appliance/reconciler/testdata/golden-fixtures/frontend/with-overrides.yaml @@ -0,0 +1,449 @@ +resources: + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + appliance.sourcegraph.com/configHash: f6325ffd3262b0ff8bdb406ba80aabad2daea7ecc342353fabd7bbda7ea1f4a9 + creationTimestamp: "2024-04-19T00:00:00Z" + generation: 1 + labels: + app.kubernetes.io/component: sourcegraph-frontend + app.kubernetes.io/name: sourcegraph + app.kubernetes.io/version: 5.3.9104 + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + spec: + minReadySeconds: 10 + progressDeadlineSeconds: 600 + replicas: 9 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: sourcegraph-frontend + strategy: + rollingUpdate: + maxSurge: 2 + maxUnavailable: 0 + type: RollingUpdate + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: sourcegraph-frontend + creationTimestamp: null + labels: + app: sourcegraph-frontend + deploy: sourcegraph + name: sourcegraph-frontend + spec: + containers: + - args: + - serve + env: + - name: DEPLOY_TYPE + value: appliance + - name: PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: pgsql-auth + - name: PGHOST + valueFrom: + secretKeyRef: + key: host + name: pgsql-auth + - name: PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: pgsql-auth + - name: PGPORT + valueFrom: + secretKeyRef: + key: port + name: pgsql-auth + - name: PGUSER + valueFrom: + secretKeyRef: + key: user + name: pgsql-auth + - name: CODEINTEL_PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: codeintel-db-auth + - name: CODEINTEL_PGHOST + valueFrom: + secretKeyRef: + key: host + name: codeintel-db-auth + - name: CODEINTEL_PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: codeintel-db-auth + - name: CODEINTEL_PGPORT + valueFrom: + secretKeyRef: + key: port + name: codeintel-db-auth + - name: CODEINTEL_PGUSER + valueFrom: + secretKeyRef: + key: user + name: codeintel-db-auth + - name: CODEINSIGHTS_PGDATABASE + valueFrom: + secretKeyRef: + key: database + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGHOST + valueFrom: + secretKeyRef: + key: host + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGPASSWORD + valueFrom: + secretKeyRef: + key: password + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGPORT + valueFrom: + secretKeyRef: + key: port + name: codeinsights-db-auth + - name: CODEINSIGHTS_PGUSER + valueFrom: + secretKeyRef: + key: user + name: codeinsights-db-auth + - name: REDIS_CACHE_ENDPOINT + valueFrom: + secretKeyRef: + key: endpoint + name: redis-cache + - name: REDIS_STORE_ENDPOINT + valueFrom: + secretKeyRef: + key: endpoint + name: redis-store + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + image: index.docker.io/sourcegraph/frontend:5.3.9104 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: debug + scheme: HTTP + initialDelaySeconds: 300 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: frontend + ports: + - containerPort: 3080 + name: http + protocol: TCP + - containerPort: 3090 + name: http-internal + protocol: TCP + - containerPort: 6060 + name: debug + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /ready + port: debug + scheme: HTTP + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 5 + resources: + limits: + cpu: "2" + ephemeral-storage: 8Gi + memory: 4G + requests: + cpu: "2" + ephemeral-storage: 4Gi + memory: 2G + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsGroup: 101 + runAsUser: 100 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /home/sourcegraph + name: home-dir + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 101 + runAsUser: 100 + serviceAccount: sourcegraph-frontend + serviceAccountName: sourcegraph-frontend + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: home-dir + status: {} + - apiVersion: v1 + data: + spec: | + spec: + requestedVersion: "5.3.9104" + + blobstore: + disabled: true + + codeInsights: + disabled: true + + codeIntel: + disabled: true + + frontend: + replicas: 9 + migrator: false + + gitServer: + disabled: true + + indexedSearch: + disabled: true + + indexedSearchIndexer: + disabled: true + + pgsql: + disabled: true + + postgresExporter: + disabled: true + + preciseCodeIntel: + disabled: true + + redisCache: + disabled: true + + redisStore: + disabled: true + + repoUpdater: + disabled: true + + searcher: + disabled: true + + symbols: + disabled: true + + syntectServer: + disabled: true + + worker: + disabled: true + + prometheus: + disabled: true + + embeddings: + disabled: true + kind: ConfigMap + metadata: + annotations: + appliance.sourcegraph.com/currentVersion: 5.3.9104 + appliance.sourcegraph.com/managed: "true" + creationTimestamp: "2024-04-19T00:00:00Z" + name: sg + namespace: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + - apiVersion: rbac.authorization.k8s.io/v1 + kind: Role + metadata: + annotations: + appliance.sourcegraph.com/configHash: f6325ffd3262b0ff8bdb406ba80aabad2daea7ecc342353fabd7bbda7ea1f4a9 + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + rules: + - apiGroups: + - "" + resources: + - endpoints + - services + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - get + - list + - watch + - apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + metadata: + annotations: + appliance.sourcegraph.com/configHash: f6325ffd3262b0ff8bdb406ba80aabad2daea7ecc342353fabd7bbda7ea1f4a9 + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: sourcegraph-frontend + subjects: + - kind: ServiceAccount + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + - apiVersion: v1 + kind: ServiceAccount + metadata: + annotations: + appliance.sourcegraph.com/configHash: f6325ffd3262b0ff8bdb406ba80aabad2daea7ecc342353fabd7bbda7ea1f4a9 + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + - apiVersion: v1 + kind: Service + metadata: + annotations: + appliance.sourcegraph.com/configHash: f6325ffd3262b0ff8bdb406ba80aabad2daea7ecc342353fabd7bbda7ea1f4a9 + prometheus.io/port: "6060" + sourcegraph.prometheus/scrape: "true" + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + app: sourcegraph-frontend + app.kubernetes.io/component: sourcegraph-frontend + deploy: sourcegraph + name: sourcegraph-frontend + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + spec: + clusterIP: NORMALIZED_FOR_TESTING + clusterIPs: + - NORMALIZED_FOR_TESTING + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http + port: 30080 + protocol: TCP + targetPort: http + selector: + app: sourcegraph-frontend + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + appliance.sourcegraph.com/configHash: f6325ffd3262b0ff8bdb406ba80aabad2daea7ecc342353fabd7bbda7ea1f4a9 + creationTimestamp: "2024-04-19T00:00:00Z" + labels: + app: sourcegraph-frontend-internal + app.kubernetes.io/component: sourcegraph-frontend-internal + deploy: sourcegraph + name: sourcegraph-frontend-internal + namespace: NORMALIZED_FOR_TESTING + ownerReferences: + - apiVersion: v1 + blockOwnerDeletion: true + controller: true + kind: ConfigMap + name: sg + uid: NORMALIZED_FOR_TESTING + resourceVersion: NORMALIZED_FOR_TESTING + uid: NORMALIZED_FOR_TESTING + spec: + clusterIP: NORMALIZED_FOR_TESTING + clusterIPs: + - NORMALIZED_FOR_TESTING + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http-internal + port: 80 + protocol: TCP + targetPort: http-internal + selector: + app: sourcegraph-frontend + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} diff --git a/internal/appliance/reconciler/testdata/sg/frontend/default.yaml b/internal/appliance/reconciler/testdata/sg/frontend/default.yaml new file mode 100644 index 00000000000..895d02b6557 --- /dev/null +++ b/internal/appliance/reconciler/testdata/sg/frontend/default.yaml @@ -0,0 +1,58 @@ +spec: + requestedVersion: "5.3.9104" + + blobstore: + disabled: true + + codeInsights: + disabled: true + + codeIntel: + disabled: true + + frontend: {} + + gitServer: + disabled: true + + indexedSearch: + disabled: true + + indexedSearchIndexer: + disabled: true + + pgsql: + disabled: true + + postgresExporter: + disabled: true + + preciseCodeIntel: + disabled: true + + redisCache: + disabled: true + + redisStore: + disabled: true + + repoUpdater: + disabled: true + + searcher: + disabled: true + + symbols: + disabled: true + + syntectServer: + disabled: true + + worker: + disabled: true + + prometheus: + disabled: true + + embeddings: + disabled: true diff --git a/internal/appliance/reconciler/testdata/sg/frontend/with-blobstore.yaml b/internal/appliance/reconciler/testdata/sg/frontend/with-blobstore.yaml new file mode 100644 index 00000000000..4b3cf1affbc --- /dev/null +++ b/internal/appliance/reconciler/testdata/sg/frontend/with-blobstore.yaml @@ -0,0 +1,57 @@ +spec: + requestedVersion: "5.3.9104" + + blobstore: {} + + codeInsights: + disabled: true + + codeIntel: + disabled: true + + frontend: {} + + gitServer: + disabled: true + + indexedSearch: + disabled: true + + indexedSearchIndexer: + disabled: true + + pgsql: + disabled: true + + postgresExporter: + disabled: true + + preciseCodeIntel: + disabled: true + + redisCache: + disabled: true + + redisStore: + disabled: true + + repoUpdater: + disabled: true + + searcher: + disabled: true + + symbols: + disabled: true + + syntectServer: + disabled: true + + worker: + disabled: true + + prometheus: + disabled: true + + embeddings: + disabled: true diff --git a/internal/appliance/reconciler/testdata/sg/frontend/with-ingress-optional-fields.yaml b/internal/appliance/reconciler/testdata/sg/frontend/with-ingress-optional-fields.yaml new file mode 100644 index 00000000000..74cc152f10d --- /dev/null +++ b/internal/appliance/reconciler/testdata/sg/frontend/with-ingress-optional-fields.yaml @@ -0,0 +1,64 @@ +spec: + requestedVersion: "5.3.9104" + + blobstore: + disabled: true + + codeInsights: + disabled: true + + codeIntel: + disabled: true + + frontend: + ingress: + host: example.com + annotations: + foo: bar + ingressClassName: an-ingress-class + tlsSecret: ingress-tls-secret + + gitServer: + disabled: true + + indexedSearch: + disabled: true + + indexedSearchIndexer: + disabled: true + + pgsql: + disabled: true + + postgresExporter: + disabled: true + + preciseCodeIntel: + disabled: true + + redisCache: + disabled: true + + redisStore: + disabled: true + + repoUpdater: + disabled: true + + searcher: + disabled: true + + symbols: + disabled: true + + syntectServer: + disabled: true + + worker: + disabled: true + + prometheus: + disabled: true + + embeddings: + disabled: true diff --git a/internal/appliance/reconciler/testdata/sg/frontend/with-ingress.yaml b/internal/appliance/reconciler/testdata/sg/frontend/with-ingress.yaml new file mode 100644 index 00000000000..5297519013b --- /dev/null +++ b/internal/appliance/reconciler/testdata/sg/frontend/with-ingress.yaml @@ -0,0 +1,59 @@ +spec: + requestedVersion: "5.3.9104" + + blobstore: + disabled: true + + codeInsights: + disabled: true + + codeIntel: + disabled: true + + frontend: + ingress: {} + + gitServer: + disabled: true + + indexedSearch: + disabled: true + + indexedSearchIndexer: + disabled: true + + pgsql: + disabled: true + + postgresExporter: + disabled: true + + preciseCodeIntel: + disabled: true + + redisCache: + disabled: true + + redisStore: + disabled: true + + repoUpdater: + disabled: true + + searcher: + disabled: true + + symbols: + disabled: true + + syntectServer: + disabled: true + + worker: + disabled: true + + prometheus: + disabled: true + + embeddings: + disabled: true diff --git a/internal/appliance/reconciler/testdata/sg/frontend/with-overrides.yaml b/internal/appliance/reconciler/testdata/sg/frontend/with-overrides.yaml new file mode 100644 index 00000000000..28e11ccf9e1 --- /dev/null +++ b/internal/appliance/reconciler/testdata/sg/frontend/with-overrides.yaml @@ -0,0 +1,60 @@ +spec: + requestedVersion: "5.3.9104" + + blobstore: + disabled: true + + codeInsights: + disabled: true + + codeIntel: + disabled: true + + frontend: + replicas: 9 + migrator: false + + gitServer: + disabled: true + + indexedSearch: + disabled: true + + indexedSearchIndexer: + disabled: true + + pgsql: + disabled: true + + postgresExporter: + disabled: true + + preciseCodeIntel: + disabled: true + + redisCache: + disabled: true + + redisStore: + disabled: true + + repoUpdater: + disabled: true + + searcher: + disabled: true + + symbols: + disabled: true + + syntectServer: + disabled: true + + worker: + disabled: true + + prometheus: + disabled: true + + embeddings: + disabled: true diff --git a/internal/conf/deploy/deploytype.go b/internal/conf/deploy/deploytype.go index 56dbd07ae49..b2e4477b97b 100644 --- a/internal/conf/deploy/deploytype.go +++ b/internal/conf/deploy/deploytype.go @@ -15,6 +15,7 @@ const ( Helm = "helm" Kustomize = "kustomize" K3s = "k3s" + Appliance = "appliance" ) var mock string @@ -46,7 +47,7 @@ func Mock(val string) { func IsDeployTypeKubernetes(deployType string) bool { switch deployType { // includes older Kubernetes aliases for backwards compatibility - case "k8s", "cluster", Kubernetes, Helm, Kustomize, K3s: + case "k8s", "cluster", Kubernetes, Helm, Kustomize, K3s, Appliance: return true }