diff --git a/charts/speckle-server/Chart.yaml b/charts/speckle-server/Chart.yaml index 49953e69..37673db6 100644 --- a/charts/speckle-server/Chart.yaml +++ b/charts/speckle-server/Chart.yaml @@ -5,7 +5,7 @@ apiVersion: v2 # It is recommended to use it with quotes. # Set by the build process to the correct value -appVersion: '2.23.8-alpha.295574' +appVersion: '2.23.8-alpha.295728' description: Speckle Server home: 'https://speckle.systems/' icon: 'https://app.speckle.systems/images/logo.png' @@ -21,4 +21,4 @@ type: application # Versions are expected to follow Semantic Versioning (https://semver.org/) # Set by the build process to the correct value -version: 2.23.8-alpha.295574 +version: 2.23.8-alpha.295728 diff --git a/charts/speckle-server/templates/_helpers.tpl b/charts/speckle-server/templates/_helpers.tpl index e38a5cfb..548eaf65 100644 --- a/charts/speckle-server/templates/_helpers.tpl +++ b/charts/speckle-server/templates/_helpers.tpl @@ -547,9 +547,6 @@ Generate the environment variables for Speckle server and Speckle objects deploy - name: LOG_PRETTY value: {{ .Values.server.logPretty | quote }} -- name: USE_FRONTEND_2 - value: {{ .Values.frontend_2.enabled | quote }} - - name: FRONTEND_ORIGIN {{- if .Values.ssl_canonical_url }} value: https://{{ .Values.domain }} diff --git a/charts/speckle-server/templates/frontend/_helpers.tpl b/charts/speckle-server/templates/frontend/_helpers.tpl deleted file mode 100644 index 5b5c6bb1..00000000 --- a/charts/speckle-server/templates/frontend/_helpers.tpl +++ /dev/null @@ -1,53 +0,0 @@ -{{/* -Expand the name of the chart. -*/}} -{{- define "frontend.name" -}} -{{- default "speckle-frontend" .Values.frontend.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "frontend.fullname" -}} -{{- if .Values.frontend.fullnameOverride }} -{{- .Values.frontend.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default "speckle-frontend" .Values.frontend.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "frontend.labels" -}} -{{ include "speckle.commonLabels" . }} -app.kubernetes.io/component: {{ include "frontend.name" . }} -{{ include "frontend.selectorLabels" . }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "frontend.selectorLabels" -}} -app: {{ include "frontend.name" . }} -app.kubernetes.io/name: {{ include "frontend.name" . }} -{{ include "speckle.commonSelectorLabels" . }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "frontend.serviceAccountName" -}} -{{- if .Values.frontend.serviceAccount.create }} -{{- default (include "frontend.fullname" .) .Values.frontend.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.frontend.serviceAccount.name }} -{{- end }} -{{- end }} diff --git a/charts/speckle-server/templates/frontend/deployment.yml b/charts/speckle-server/templates/frontend/deployment.yml deleted file mode 100644 index 112db322..00000000 --- a/charts/speckle-server/templates/frontend/deployment.yml +++ /dev/null @@ -1,99 +0,0 @@ -{{- if not .Values.frontend_2.enabled -}} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: speckle-frontend - namespace: {{ .Values.namespace }} - labels: -{{ include "frontend.labels" . | indent 4 }} -spec: - replicas: {{ .Values.frontend.replicas }} - selector: - matchLabels: - app: speckle-frontend - project: speckle-server - strategy: - type: RollingUpdate - template: - metadata: - labels: -{{ include "frontend.labels" . | indent 8 }} - spec: - containers: - - name: main - image: {{ default (printf "speckle/speckle-frontend:%s" .Values.docker_image_tag) .Values.frontend.image }} - imagePullPolicy: {{ .Values.imagePullPolicy }} - - ports: - - name: www - containerPort: 8080 - protocol: TCP - - resources: - requests: - cpu: {{ .Values.frontend.requests.cpu }} - memory: {{ .Values.frontend.requests.memory }} - limits: - cpu: {{ .Values.frontend.limits.cpu }} - memory: {{ .Values.frontend.limits.memory }} - - # Allow for k8s to remove the pod from the service endpoints to stop receive traffic - lifecycle: - preStop: - exec: - command: ["sleep", "5"] - - readinessProbe: - httpGet: - path: / - port: www - initialDelaySeconds: 5 - periodSeconds: 5 - - env: - - name: FILE_SIZE_LIMIT_MB - value: {{ .Values.file_size_limit_mb | quote }} - - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - privileged: false - readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 20000 - - volumeMounts: - - name: openresty-temp - mountPath: /bitnami/openresty - - name: openresty-conf - mountPath: /opt/bitnami/openresty/nginx/conf/ - - name: openresty-logs - mountPath: /opt/bitnami/openresty/nginx/logs/ - - priorityClassName: high-priority - {{- if .Values.frontend.affinity }} - affinity: {{- include "speckle.renderTpl" (dict "value" .Values.frontend.affinity "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.frontend.nodeSelector }} - nodeSelector: {{- include "speckle.renderTpl" (dict "value" .Values.frontend.nodeSelector "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.frontend.tolerations }} - tolerations: {{- include "speckle.renderTpl" (dict "value" .Values.frontend.tolerations "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.frontend.topologySpreadConstraints }} - topologySpreadConstraints: {{- include "speckle.renderTpl" (dict "value" .Values.frontend.topologySpreadConstraints "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.frontend.serviceAccount.create }} - serviceAccountName: {{ include "frontend.name" $ }} - {{- end }} - - volumes: - - name: openresty-temp - emptyDir: {} - - name: openresty-conf - emptyDir: {} - - name: openresty-logs - emptyDir: {} -{{- end -}} diff --git a/charts/speckle-server/templates/frontend/networkpolicy.cilium.yml b/charts/speckle-server/templates/frontend/networkpolicy.cilium.yml deleted file mode 100644 index 572c412a..00000000 --- a/charts/speckle-server/templates/frontend/networkpolicy.cilium.yml +++ /dev/null @@ -1,27 +0,0 @@ -{{- if not .Values.frontend_2.enabled -}} -{{- if (and (.Values.frontend.networkPolicy.enabled) (eq .Values.networkPlugin.type "cilium")) -}} -apiVersion: cilium.io/v2 -kind: CiliumNetworkPolicy -metadata: - name: {{ include "frontend.name" $ }} - namespace: {{ .Values.namespace }} - labels: -{{ include "frontend.labels" . | indent 4 }} -spec: - endpointSelector: - matchLabels: -{{ include "frontend.selectorLabels" . | indent 6 }} - ingress: - - fromEndpoints: - - matchLabels: - io.kubernetes.pod.namespace: {{ .Values.ingress.namespace }} -{{ include "speckle.ingress.selector.pod" $ | indent 12 }} - toPorts: - - ports: - - port: "www" - protocol: TCP - egressDeny: - - toEntities: - - "all" -{{- end }} -{{- end -}} diff --git a/charts/speckle-server/templates/frontend/networkpolicy.kubernetes.yml b/charts/speckle-server/templates/frontend/networkpolicy.kubernetes.yml deleted file mode 100644 index ebdfe85d..00000000 --- a/charts/speckle-server/templates/frontend/networkpolicy.kubernetes.yml +++ /dev/null @@ -1,30 +0,0 @@ -{{- if not .Values.frontend_2.enabled -}} -{{- if (and (.Values.frontend.networkPolicy.enabled) (eq .Values.networkPlugin.type "kubernetes")) -}} -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: {{ include "frontend.name" $ }} - namespace: {{ .Values.namespace }} - labels: -{{ include "frontend.labels" . | indent 4 }} -spec: - podSelector: - matchLabels: -{{ include "frontend.selectorLabels" . | indent 6 }} - policyTypes: - - Ingress - - Egress - ingress: - # allow ingress from the loadbalancer - - from: - - namespaceSelector: - matchLabels: - kubernetes.io/metadata.name: {{ .Values.ingress.namespace }} - podSelector: - matchLabels: -{{ include "speckle.ingress.selector.pod" $ | indent 14 }} - ports: - - port: www - egress: [] # block all egress -{{- end -}} -{{- end -}} diff --git a/charts/speckle-server/templates/frontend/service.yml b/charts/speckle-server/templates/frontend/service.yml deleted file mode 100644 index 6c488e79..00000000 --- a/charts/speckle-server/templates/frontend/service.yml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if not .Values.frontend_2.enabled -}} -apiVersion: v1 -kind: Service -metadata: - name: speckle-frontend - namespace: {{ .Values.namespace }} - labels: -{{ include "frontend.labels" . | indent 4 }} -spec: - selector: - app: speckle-frontend - project: speckle-server - ports: - - protocol: TCP - name: www - port: 8080 - targetPort: www -{{- end -}} diff --git a/charts/speckle-server/templates/frontend/serviceaccount.yml b/charts/speckle-server/templates/frontend/serviceaccount.yml deleted file mode 100644 index 92efe9a0..00000000 --- a/charts/speckle-server/templates/frontend/serviceaccount.yml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if not .Values.frontend_2.enabled -}} -{{- if .Values.frontend.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "frontend.name" $ }} - namespace: {{ .Values.namespace | quote }} - labels: -{{ include "frontend.labels" $ | indent 4 }} - annotations: - "kubernetes.io/enforce-mountable-secrets": "true" -automountServiceAccountToken: false -secrets: [] # no access to any secret -{{- end -}} -{{- end -}} diff --git a/charts/speckle-server/templates/tests/deployment.yml b/charts/speckle-server/templates/tests/deployment.yml index 51ff1bd4..5369f2f4 100644 --- a/charts/speckle-server/templates/tests/deployment.yml +++ b/charts/speckle-server/templates/tests/deployment.yml @@ -25,12 +25,6 @@ spec: value: https://{{ .Values.domain }} - name: SERVER_VERSION value: {{ .Values.docker_image_tag | quote}} - - name: FRONTEND_VERSION - {{- if .Values.frontend_2.enabled }} - value: {{ "2" | quote }} - {{- else }} - value: {{ "1" | quote }} - {{- end }} - name: VERIFY_CERTIFICATE value: {{ (default "1" .Values.tlsRejectUnauthorized) | quote }} - name: LOG_LEVEL diff --git a/charts/speckle-server/values.schema.json b/charts/speckle-server/values.schema.json index 066b01b1..81c25c37 100644 --- a/charts/speckle-server/values.schema.json +++ b/charts/speckle-server/values.schema.json @@ -1664,103 +1664,6 @@ } } }, - "frontend": { - "type": "object", - "properties": { - "replicas": { - "type": "number", - "description": "The number of instances of the Frontend pod to be deployed within the cluster.", - "default": 1 - }, - "logLevel": { - "type": "string", - "description": "The minimum level of logs which will be output. Suitable values are trace, debug, info, warn, error, fatal, or silent", - "default": "info" - }, - "logPretty": { - "type": "boolean", - "description": "If enabled, will output logs in a human-readable format. Otherwise, logs will be output in JSON format.", - "default": false - }, - "image": { - "type": "string", - "description": "The Docker image to be used for the Speckle Frontend component. If blank, defaults to speckle/speckle-frontend:{{ .Values.docker_image_tag }}. If provided, this value should be the full path including tag. The docker_image_tag value will be ignored.", - "default": "" - }, - "requests": { - "type": "object", - "properties": { - "cpu": { - "type": "string", - "description": "The CPU that should be available on a node when scheduling this pod.", - "default": "250m" - }, - "memory": { - "type": "string", - "description": "The Memory that should be available on a node when scheduling this pod.", - "default": "256Mi" - } - } - }, - "limits": { - "type": "object", - "properties": { - "cpu": { - "type": "string", - "description": "The maximum CPU that will be made available to the frontend Pod in a given period.", - "default": "1000m" - }, - "memory": { - "type": "string", - "description": "The maximum Memory that will be made available to the frontend Pod.", - "default": "512Mi" - } - } - }, - "networkPolicy": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "If enabled, will provide additional security be limiting network traffic into and out of the pod to only the required endpoints and ports.", - "default": false - } - } - }, - "affinity": { - "type": "object", - "description": "Affinity for Speckle frontend pod scheduling", - "default": {} - }, - "nodeSelector": { - "type": "object", - "description": "Node labels for Speckle frontend pods scheduling", - "default": {} - }, - "tolerations": { - "type": "array", - "description": "Tolerations for Speckle frontend pods scheduling", - "default": [], - "items": {} - }, - "topologySpreadConstraints": { - "type": "array", - "description": "Spread Constraints for Speckle frontend pod scheduling", - "default": [], - "items": {} - }, - "serviceAccount": { - "type": "object", - "properties": { - "create": { - "type": "boolean", - "description": "If enabled, a Kubernetes Service Account will be created for this pod.", - "default": true - } - } - } - } - }, "frontend_2": { "type": "object", "properties": { diff --git a/charts/speckle-server/values.yaml b/charts/speckle-server/values.yaml index abcdf257..52946ebe 100644 --- a/charts/speckle-server/values.yaml +++ b/charts/speckle-server/values.yaml @@ -83,7 +83,7 @@ ingress: ## ## @param docker_image_tag Speckle is published as a Docker Image. The version of the image which will be deployed is specified by this tag. ## -docker_image_tag: '2.23.8-alpha.295574' +docker_image_tag: '2.23.8-alpha.295728' ## @param imagePullPolicy Determines the conditions when the Docker Images for Speckle should be pulled from the Image registry. ## ref: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy ## @@ -930,74 +930,6 @@ objects: ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ ## topologySpreadConstraints: [] -## @section Frontend -## @descriptionStart -## Defines parameters related to the frontend server component of Speckle. -## @descriptionEnd -## -frontend: - ## @param frontend.replicas The number of instances of the Frontend pod to be deployed within the cluster. - ## - replicas: 1 - ## @param frontend.logLevel The minimum level of logs which will be output. Suitable values are trace, debug, info, warn, error, fatal, or silent - ## - logLevel: 'info' - ## @param frontend.logPretty If enabled, will output logs in a human-readable format. Otherwise, logs will be output in JSON format. - ## - logPretty: false - ## @param frontend.image The Docker image to be used for the Speckle Frontend component. If blank, defaults to speckle/speckle-frontend:{{ .Values.docker_image_tag }}. If provided, this value should be the full path including tag. The docker_image_tag value will be ignored. - ## - image: '' - requests: - ## @param frontend.requests.cpu The CPU that should be available on a node when scheduling this pod. - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - ## - cpu: 250m - ## @param frontend.requests.memory The Memory that should be available on a node when scheduling this pod. - ## Depending on the Kubernetes cluster's configuration, exceeding this value may result in pod eviction from a node. - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - ## - memory: 256Mi - limits: - ## @param frontend.limits.cpu The maximum CPU that will be made available to the frontend Pod in a given period. - ## If this limit is exceeded, execution of the Pod will be paused until the next period. - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - ## - cpu: 1000m - ## @param frontend.limits.memory The maximum Memory that will be made available to the frontend Pod. - ## If this limit is exceeded, processes within the pod that request additional memory may be stopped. - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - ## - memory: 512Mi - networkPolicy: - ## @param frontend.networkPolicy.enabled If enabled, will provide additional security be limiting network traffic into and out of the pod to only the required endpoints and ports. - ## If enabled, the `ingress` parameters need be configured. - ## ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/ - ## - enabled: false - ## @param frontend.affinity Affinity for Speckle frontend pod scheduling - ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity - ## - affinity: {} - ## @param frontend.nodeSelector Node labels for Speckle frontend pods scheduling - ## ref: https://kubernetes.io/docs/user-guide/node-selection/ - ## - nodeSelector: {} - ## @param frontend.tolerations Tolerations for Speckle frontend pods scheduling - ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ - ## - tolerations: [] - ## @param frontend.topologySpreadConstraints Spread Constraints for Speckle frontend pod scheduling - ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - ## - topologySpreadConstraints: [] - serviceAccount: - ## @param frontend.serviceAccount.create If enabled, a Kubernetes Service Account will be created for this pod. - ## This provides additional security by limiting this pod's access to the Kubernetes API and to Secrets on the Kubernetes cluster. - ## If disabled, the default Service Account will be used which in most Kubernetes configurations will grant this pod - ## access to most secrets on the cluster and access to the Kubernetes API. - ## - create: true ## @section frontend_2 ## @descriptionStart ## Defines parameters related to the new web application component of Speckle