helm hlaeja device api

- update actuator.http
- update helmfile.yaml
- add 04-service.yaml
- add 03-deployment.yaml
- add 02-configmap.yaml
- add 01-secret.yaml
- update 01 secret values.yaml with keystore
- add values.yaml
- add Chart.yaml

helm/charts/01-secrets/values.yaml

@@ -33,9 +33,9 @@ secrets:
 
   # Look at /doc/keystore.md to make these values
   keystore:
-#    - name: keystore-service
+#    - name: device-api-keystore
-#      app: account-register
+#      app: device-api
-#      tier: backend
+#      tier: frontend
-#      keystoreFile: ServiceKeystoreFileBase64==
 #      keystorePassword: ServiceKeystorePassword
+#      keystoreFile: ServiceKeystoreFileBase64==
 

helm/charts/07-device-api/Chart.yaml

@@ -0,0 +1,4 @@
+apiVersion: v2
+name: hlaeja-device-api
+description: A Helm chart for the hlaeja device api
+version: 0.1.0

helm/charts/07-device-api/templates/01-secret.yaml

@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: device-api-environment
+  labels:
+    app: device-api
+    environment: {{ .Values.environment }}
+    tier: frontend
+type: Opaque
+data:
+  SPRING_DATA_REDIS_PASSWORD: {{ .Values.secrets.redisPassword | b64enc | quote }}

helm/charts/07-device-api/templates/02-configmap.yaml

@@ -0,0 +1,28 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: device-api-environment
+  labels:
+    app: device-api
+    environment: {{ .Values.environment }}
+    tier: frontend
+data:
+  SPRING_PROFILES_ACTIVE: {{ .Values.config.profiles | quote }}
+  SPRING_DATA_REDIS_DATABASE: {{ .Values.config.redis.database | quote }}
+  SPRING_DATA_REDIS_HOST: {{ .Values.config.redis.host | quote }}
+  DEVICE_CONFIGURATION_URL: {{ .Values.config.deviceConfigurationUrl | quote }}
+  DEVICE_DATA_URL: {{ .Values.config.deviceDataUrl | quote }}
+  DEVICE_REGISTRY_URL: {{ .Values.config.deviceRegistryUrl | quote }}
+
+  # all of this should be preset in application.yaml
+  SERVER_PORT: "8443"
+  SERVER_SSL_ENABLED: "true"
+  SERVER_SSL_KEY_STORE: "/app/resources/cert/keystore.p12"
+  SERVER_SSL_KEY_STORE_TYPE: "PKCS12"
+
+  # This was experimental and should be removed in later versions
+  MANAGEMENT_METRICS_TAGS_APPLICATION: "device-api"
+  MANAGEMENT_INFLUX_METRICS_EXPORT_ENABLED: "false"
+  MANAGEMENT_INFLUX_METRICS_EXPORT_URL: "http://influxdb"
+  # adding this here as it's going to be deleted and is not sued internally
+  MANAGEMENT_INFLUX_METRICS_EXPORT_TOKEN: "invalidInfluxDbToken=="

helm/charts/07-device-api/templates/03-deployment.yaml

@@ -0,0 +1,59 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: device-api
+  labels:
+    app: device-api
+    environment: {{ .Values.environment }}
+    tier: frontend
+spec:
+  replicas: {{ .Values.replicas }}
+  selector:
+    matchLabels:
+      app: device-api
+  template:
+    metadata:
+      labels:
+        app: device-api
+    spec:
+      imagePullSecrets:
+        - name: {{ .Values.docker.registry }}
+      containers:
+        - name: device-api-app
+          image: {{ .Values.docker.image }}
+          imagePullPolicy: IfNotPresent
+          envFrom:
+            - configMapRef:
+                name: device-api-environment
+            - secretRef:
+                name: device-api-environment
+          env:
+            - name: SERVER_SSL_KEY_STORE_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.keystoreRef }}
+                  key: keystore-password
+          ports:
+            - containerPort: 8443
+          volumeMounts:
+            - name: keystore-volume
+              mountPath: /app/resources/cert/keystore.p12
+              subPath: keystore.p12
+              readOnly: true
+            - name: jwt-volume
+              mountPath: /app/resources/cert/{{ .Values.jwtPublicKey.filename }}
+              subPath: {{ .Values.jwtPublicKey.filename }}
+              readOnly: true
+      volumes:
+        - name: keystore-volume
+          secret:
+            secretName: {{ .Values.keystoreRef }}
+            items:
+              - key: keystore.p12
+                path: keystore.p12
+        - name: jwt-volume
+          secret:
+            secretName: {{ .Values.jwtPublicKey.name }}
+            items:
+              - key: {{ .Values.jwtPublicKey.filename }}
+                path: {{ .Values.jwtPublicKey.filename }}

helm/charts/07-device-api/templates/04-service.yaml

@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: device-api
+  labels:
+    app: device-api
+    environment: {{ .Values.environment }}
+    tier: frontend
+spec:
+  {{- if and .Values.loadBalancerIP (ne .Values.loadBalancerIP "") }}
+  type: LoadBalancer
+  loadBalancerIP: {{ .Values.loadBalancerIP }}
+  {{- end }}
+  selector:
+    app: device-api
+  ports:
+    - protocol: TCP
+      port: 443
+      targetPort: 8443

helm/charts/07-device-api/values.yaml

@@ -0,0 +1,26 @@
+environment: testing
+replicas: 1
+#loadBalancerIP: 10.0.3.12
+
+docker:
+  registry: dockerRegistry
+  image: lulz.ltd/hlaeja/hlaeja-device-api:0.1.0
+
+secrets:
+  redisPassword: redisPassword
+
+config:
+  profiles: testing
+  redis:
+    database: 1
+    host: database-redis-master
+  deviceConfigurationUrl: http://device-configuration
+  deviceDataUrl: http://device-data
+  deviceRegistryUrl: http://device-register
+
+jwtPublicKey:
+  name: device-jwt-public-key
+  filename: public_key.pem
+
+
+keystoreRef: device-api-keystore

helm/helmfile.yaml

@@ -34,3 +34,9 @@ releases:
     chart: ./charts/06-device-data
     values: []
     historyMax: 3
+
+  - name: device-api
+    namespace: hlaeja-testing
+    chart: ./charts/07-device-api
+    values: []
+    historyMax: 3

http/device-api/actuator.http

@@ -1,2 +1,5 @@
 ### get actuator
 GET {{hostname}}/actuator
+
+### get actuator health
+GET {{hostname}}/actuator/health