feat: Helm chart

chart/Chart.yaml

@@ -0,0 +1,7 @@
+apiVersion: v2
+name: versia_go
+description: Helm chart for Versia-Go
+
+type: application
+version: 0.1.0
+appVersion: "0.0.1"

chart/templates/_helpers.tpl

@@ -0,0 +1,47 @@
+    {{/*
+Expand the name of the chart.
+*/}}
+{{- define "versiago.name" -}}
+{{- .Chart.Name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "versiago.fullname" -}}
+{{- $name := .Chart.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "versiago.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "versiago.labels" -}}
+helm.sh/chart: {{ include "versiago.chart" . }}
+{{ include "versiago.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "versiago.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "versiago.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{- define "versiago.instanceHostname"}}
+{{- first (regexSplit ":" (get (urlParse .) "host") 2) }}
+{{- end }}

chart/templates/database-pvc.yaml

@@ -0,0 +1,16 @@
+# Only SQLite needs a volume
+{{- if eq .Values.database.type "sqlite" }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ include "versiago.fullname" . }}-db
+spec:
+  accessModes:
+    - ReadWriteOnce
+{{- if .Values.database.storageClassName }}
+  storageClassName: {{ .Values.database.storageClassName }}
+{{- end }}
+  resources:
+    requests:
+      storage: {{ .Values.database.size }}
+{{- end }}

chart/templates/deployment.yaml

@@ -0,0 +1,143 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "versiago.fullname" . }}
+  labels:
+    {{- include "versiago.labels" . | nindent 4 }}
+spec:
+  {{- if eq .Values.database.type "sqlite" }}
+  {{- if gt (int .Values.pod.replicas) 1 }}
+  {{- fail "Having multiple replicas with a SQLite database isn't currently possible" }}
+  {{- end }}
+
+  strategy:
+    type: Recreate
+  {{- end }}
+
+  replicas: {{ .Values.pod.replicas }}
+  selector:
+    matchLabels:
+      {{- include "versiago.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.pod.annotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "versiago.selectorLabels" . | nindent 8 }}
+        {{- with .Values.pod.labels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- with .Values.pod.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.pod.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.pod.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+
+      securityContext:
+        fsGroup: 1000
+
+      {{- if eq .Values.database.type "sqlite" }}
+      initContainers:
+        - name: create-db
+          image: alpine:3.20.2
+          command:
+            - touch
+            - /data/db/db.sqlite3
+          securityContext:
+            runAsNonRoot: true
+            runAsGroup: 1000
+            runAsUser: 1000
+          volumeMounts:
+            - mountPath: /data/db
+              name: db
+      {{- end }}
+
+      containers:
+        - name: server
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: 80
+              protocol: TCP
+          startupProbe:
+            initialDelaySeconds: 20
+            httpGet:
+              path: /api/health
+              port: http
+          livenessProbe:
+            httpGet:
+              path: /api/health
+              port: http
+          readinessProbe:
+            httpGet:
+              path: /api/health
+              port: http
+          resources:
+            {{- toYaml .Values.pod.resources | nindent 12 }}
+
+          securityContext:
+            # TODO: Investigate if we can drop more caps
+            runAsNonRoot: true
+            runAsUser: 1000
+
+          env:
+            - name: ENVIRONMENT
+              value: {{ .Values.environment | quote }}
+            - name: VERSIA_PORT
+              value: "80"
+            - name: VERSIA_INSTANCE_ADDRESS
+              value: {{ .Values.versia.instance.address | quote }}
+            - name: VERSIA_INSTANCE_NAME
+              value: {{ .Values.versia.instance.name | quote }}
+            - name: VERSIA_INSTANCE_DESCRIPTION
+              value: {{ .Values.versia.instance.description | quote }}
+            - name: NATS_URI
+              value: {{ .Values.nats.uri | quote }}
+            - name: NATS_STREAM_NAME
+              value: {{ include "versiago.name" . | quote }}
+            {{- if hasKey .Values.versia.telemetry "forwardSpansTo" }}
+            - name: FORWARD_TRACES_TO
+              value: {{ .Values.versia.telemetry.forwardSpansTo | quote }}
+            {{- end }}
+            {{- if hasKey .Values.versia.telemetry "sentryDSN" }}
+            - name: SENTRY_DSN
+              value: {{ .Values.versia.telemetry.sentryDSN | quote }}
+            {{- end }}
+            {{- if hasKey .Values.versia.telemetry "otlpEndpoint" }}
+            - name: OTLP_ENDPOINT
+              value: {{ .Values.versia.telemetry.otlpEndpoint | quote }}
+            {{- end }}
+
+            - name: DATABASE_URI
+            {{- if eq .Values.database.type "sqlite" }}
+              value: "file:/data/db/db.sqlite3?cache=shared&_fk=1"
+            {{- else }}
+              {{- if eq .Values.database.type "postgresql" }}
+              value: {{ required "The database URI is required when using postgresql databases" .Values.database.uri | quote }}
+              {{- else }}
+                {{- fail "Unknown database type" }}
+              {{- end }}
+            {{- end }}
+
+          volumeMounts:
+            {{- if eq .Values.database.type "sqlite" }}
+            - name: db
+              mountPath: /data/db
+            {{- end }}
+      volumes:
+        {{- if eq .Values.database.type "sqlite" }}
+        - name: db
+          persistentVolumeClaim:
+            claimName: {{ include "versiago.fullname" . }}-db
+        {{- end }}

chart/templates/ingress.yaml

@@ -0,0 +1,36 @@
+{{- if .Values.ingress.enabled }}
+{{ $host := include "versiago.instanceHostname" .Values.versia.instance.address }}
+
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: {{ include "versiago.fullname" . }}-ingress
+  annotations:
+    {{- if hasKey .Values.ingress "className" }}
+    # Istio requires this annotation
+    kubernetes.io/ingress.class: {{ .Values.ingress.className | quote }}
+    {{- end }}
+spec:
+  {{- if and (hasKey .Values.ingress "className") (ne .Values.ingress.className "istio") }}
+  ingressClassName: {{ .Values.ingress.className | quote }}
+  {{- end}}
+
+  {{- if hasKey .Values.ingress "sslSecret" }}
+  tls:
+    - hosts:
+        - {{ $host | quote }}
+      secretName: {{ .Values.ingress.sslSecret | quote }}
+  {{- end }}
+
+  rules:
+    - host: {{ $host | quote }}
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: {{ include "versiago.fullname" . | quote }}
+                port:
+                  number: 80
+{{- end }}

chart/templates/service.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "versiago.fullname" . }}
+  labels:
+    {{- include "versiago.labels" . | nindent 4 }}
+spec:
+  selector:
+    {{- include "versiago.selectorLabels" . | nindent 4 }}
+  ports:
+    - port: 80
+      targetPort: http
+      name: http
+      protocol: TCP

chart/values.yaml

@@ -0,0 +1,54 @@
+image:
+  repository: ghcr.io/lysand-org/versia-go
+  pullPolicy: IfNotPresent
+  tag: "latest"
+
+environment: production
+
+versia:
+  instance:
+    name: Versia-Go
+    description: Versia-Go instance
+    address: ""
+
+  telemetry: {
+    # Regex to match the full URL
+    # forwardSpansTo:
+
+    # sentryDSN: ""
+
+    # The OTLP endpoint must be OTLP+GRPC or "console"
+    # otlpEndpoint: ""
+  }
+
+ingress:
+  enabled: true
+  # className: ""
+  # sslSecret: ""
+
+pod:
+  replicas: 1
+  resources: {
+    # limits:
+    #   cpu: 500m
+    # requests:
+    #   cpu: 50m
+    #   memory: 16Mi
+  }
+  annotations: { }
+  labels: { }
+  nodeSelector: { }
+  affinity: { }
+  tolerations: { }
+
+database:
+  type: "sqlite"
+  size: 1Gi
+  # If not commented in, this will use whatever is your default storage class
+  # storageClassName: longhorn
+
+  # type: "postgresql"
+  # uri: postgres://user:password@host:5432/database
+
+nats:
+  uri: ""

scripts/set-up-test-k8s.sh

@@ -0,0 +1,25 @@
+  #!/bin/sh
+
+set -x
+
+k3d cluster create versia-go --agents 1 -p "30000-30050:30000-30050@server:0" -p "8443:443@loadbalancer" -p "8080:80@loadbalancer" || true
+
+helm repo add nats https://nats-io.github.io/k8s/helm/charts/ || true
+helm repo update
+
+helm install nats nats/nats \
+	--set config.jetstream.enabled=true \
+	--set config.cluster.enabled=true \
+	--set config.cluster.replicas=2 \
+	--set config.jetstream.fileStore.pvc.size=1Gi
+
+opts=$(cat <<EOF
+  --set image.tag=main
+  --set nats.uri=nats://nats:4222
+  --set versia.instance.address=http://localhost:8080
+  `#--set versia.telemetry.sentryDSN=`
+EOF
+)
+
+# shellcheck disable=SC2086
+helm install versia ./chart/ $opts || helm upgrade versia ./chart/ $opts