diff --git a/charts/alfresco-ai-transformer/.helmignore b/charts/alfresco-ai-transformer/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/charts/alfresco-ai-transformer/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/alfresco-ai-transformer/Chart.lock b/charts/alfresco-ai-transformer/Chart.lock new file mode 100644 index 00000000..1c2d0491 --- /dev/null +++ b/charts/alfresco-ai-transformer/Chart.lock @@ -0,0 +1,9 @@ +dependencies: +- name: alfresco-common + repository: https://alfresco.github.io/alfresco-helm-charts/ + version: 2.0.0 +- name: activemq + repository: https://alfresco.github.io/alfresco-helm-charts/ + version: 3.0.1 +digest: sha256:059f7c41f5c44851b1157d40b13a84f07b7194e3d0eb5c216efe3d064a6244fc +generated: "2023-05-23T14:30:09.957156+05:30" diff --git a/charts/alfresco-ai-transformer/Chart.yaml b/charts/alfresco-ai-transformer/Chart.yaml new file mode 100644 index 00000000..138da996 --- /dev/null +++ b/charts/alfresco-ai-transformer/Chart.yaml @@ -0,0 +1,14 @@ +apiVersion: v2 +name: alfresco-ai-transformer +description: A Helm chart for deploying Alfresco ai transformer service +type: application +version: 0.1.0-alpha.0 +appVersion: "1.4.5" +dependencies: + - name: alfresco-common + version: 2.0.0 + repository: https://alfresco.github.io/alfresco-helm-charts/ + - name: activemq + version: 3.0.1 + repository: https://alfresco.github.io/alfresco-helm-charts/ + condition: activemq.enabled diff --git a/charts/alfresco-ai-transformer/README.md b/charts/alfresco-ai-transformer/README.md new file mode 100644 index 00000000..1914053c --- /dev/null +++ b/charts/alfresco-ai-transformer/README.md @@ -0,0 +1,59 @@ +# alfresco-ai-transformer + +![Version: 0.1.0-alpha.0](https://img.shields.io/badge/Version-0.1.0--alpha.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.4.5](https://img.shields.io/badge/AppVersion-1.4.5-informational?style=flat-square) + +A Helm chart for deploying Alfresco ai transformer service + +## Requirements + +| Repository | Name | Version | +|------------|------|---------| +| https://alfresco.github.io/alfresco-helm-charts/ | activemq | 3.0.1 | +| https://alfresco.github.io/alfresco-helm-charts/ | alfresco-common | 2.0.0 | + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| activemq.enabled | bool | `false` | | +| aws.accessKey | string | `"XXXXXXXXXXXXXXXXXXXXXXXX"` | To configure these, you need to provide or export your AWS credentials https://docs.alfresco.com/intelligence-services/latest/config/#default-configuration | +| aws.comprehendRoleARN | string | `"arn:aws:iam::XXXXXXXXXXXX:role/ComprehendAsyncJobs"` | | +| aws.region | string | `"region-name"` | | +| aws.s3Bucket | string | `"s3-bucket-name"` | | +| aws.secretAccessKey | string | `"XXXXXXXXXXXXXXXXXXXXXXXX"` | | +| environment.JAVA_OPTS | string | `"-XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80"` | | +| global.alfrescoRegistryPullSecrets | string | `"quay-registry-secret"` | | +| image.internalPort | int | `8090` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.repository | string | `"quay.io/alfresco/alfresco-ai-docker-engine"` | | +| image.tag | string | `"1.4.5"` | | +| livenessProbe.initialDelaySeconds | int | `10` | | +| livenessProbe.livenessPercent | int | `400` | | +| livenessProbe.livenessTransformPeriodSeconds | int | `600` | | +| livenessProbe.maxTransformSeconds | int | `1800` | | +| livenessProbe.maxTransforms | int | `10000` | | +| livenessProbe.periodSeconds | int | `20` | | +| livenessProbe.timeoutSeconds | int | `10` | | +| messageBroker.existingSecretName | string | `nil` | Alternatively, provide credentials via an existing secret that contains BROKER_URL, BROKER_USERNAME and BROKER_PASSWORD keys | +| messageBroker.password | string | `nil` | | +| messageBroker.secretName | string | `"acs-alfresco-cs-brokersecret"` | Name of the secret managed by this chart | +| messageBroker.url | string | `nil` | | +| messageBroker.user | string | `nil` | | +| nodeSelector | object | `{}` | | +| podSecurityContext.runAsUser | int | `33015` | | +| readinessProbe.initialDelaySeconds | int | `20` | | +| readinessProbe.periodSeconds | int | `60` | | +| readinessProbe.timeoutSeconds | int | `10` | | +| replicaCount | int | `2` | | +| resources.limits.cpu | string | `"2"` | | +| resources.limits.memory | string | `"1000Mi"` | | +| resources.requests.cpu | string | `"0.25"` | | +| resources.requests.memory | string | `"1000Mi"` | | +| service.externalPort | int | `80` | | +| service.name | string | `"ai-transformer"` | | +| service.type | string | `"ClusterIP"` | | +| strategy.rollingUpdate.maxSurge | int | `1` | | +| strategy.rollingUpdate.maxUnavailable | int | `0` | | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) diff --git a/charts/alfresco-ai-transformer/ci/default-values.yaml b/charts/alfresco-ai-transformer/ci/default-values.yaml new file mode 100644 index 00000000..c4794b1b --- /dev/null +++ b/charts/alfresco-ai-transformer/ci/default-values.yaml @@ -0,0 +1,16 @@ +resources: + requests: + cpu: "0.01" + memory: "256Mi" + limits: + cpu: "1" + memory: "500Mi" +activemq: + enabled: true + resources: + requests: + cpu: "100m" + memory: "512Mi" + limits: + cpu: "1000m" + memory: "1Gi" diff --git a/charts/alfresco-ai-transformer/templates/_helpers.tpl b/charts/alfresco-ai-transformer/templates/_helpers.tpl new file mode 100644 index 00000000..4317ab80 --- /dev/null +++ b/charts/alfresco-ai-transformer/templates/_helpers.tpl @@ -0,0 +1,51 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "alfresco-ai-transformer.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "alfresco-ai-transformer.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "alfresco-ai-transformer.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "alfresco-ai-transformer.labels" -}} +helm.sh/chart: {{ include "alfresco-ai-transformer.chart" . }} +{{ include "alfresco-ai-transformer.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "alfresco-ai-transformer.selectorLabels" -}} +app.kubernetes.io/name: {{ include "alfresco-ai-transformer.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} diff --git a/charts/alfresco-ai-transformer/templates/config-ai-transformer.yaml b/charts/alfresco-ai-transformer/templates/config-ai-transformer.yaml new file mode 100644 index 00000000..1a3cd90d --- /dev/null +++ b/charts/alfresco-ai-transformer/templates/config-ai-transformer.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "alfresco-ai-transformer.fullname" . }} + labels: + {{- include "alfresco-ai-transformer.labels" . | nindent 4 }} +data: + {{- if .Values.environment }} + {{- range $key, $val := .Values.environment }} + {{ $key }}: {{ $val | quote }} + {{- end }} + {{- end }} + FILE_STORE_URL: http://{{ template "alfresco.shortname" . }}-filestore:80/alfresco/api/-default-/private/sfs/versions/1/file + AWS_ACCESS_KEY: {{ .Values.aws.accessKey }} + AWS_SECRET_ACCESS_KEY: {{ .Values.aws.secretAccessKey }} + AWS_REGION: {{ .Values.aws.region }} + AWS_S3_BUCKET: {{ .Values.aws.s3Bucket }} + AWS_COMPREHEND_ROLE_ARN: {{ .Values.aws.comprehendRoleARN }} + livenessPercent: "{{ .Values.livenessProbe.livenessPercent }}" + livenessTransformPeriodSeconds: "{{ .Values.livenessProbe.livenessTransformPeriodSeconds }}" + maxTransforms: "{{ .Values.livenessProbe.maxTransforms }}" + maxTransformSeconds: "{{ .Values.livenessProbe.maxTransformSeconds }}" diff --git a/charts/alfresco-ai-transformer/templates/deployment-ai-transformer.yaml b/charts/alfresco-ai-transformer/templates/deployment-ai-transformer.yaml new file mode 100644 index 00000000..5983aad4 --- /dev/null +++ b/charts/alfresco-ai-transformer/templates/deployment-ai-transformer.yaml @@ -0,0 +1,86 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "alfresco-ai-transformer.fullname" . }} + labels: + {{- include "alfresco-ai-transformer.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + {{- include "alfresco-ai-transformer.selectorLabels" . | nindent 6 }} + strategy: + type: RollingUpdate + rollingUpdate: + {{- toYaml .Values.strategy.rollingUpdate | nindent 6 }} + template: + metadata: + annotations: + checksum/config: {{ include (print $.Template.BasePath "/config-ai-transformer.yaml") . | sha256sum }} + labels: + {{- include "alfresco-ai-transformer.selectorLabels" . | nindent 8 }} + spec: + {{- include "component-pod-security-context" .Values | indent 4 }} + {{- if .Values.nodeSelector }} + nodeSelector: {{- .Values.nodeSelector | toYaml | nindent 8 }} + {{- end }} + {{- include "alfresco-content-services.imagePullSecrets" . | indent 6 }} + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 10 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - {{ template "alfresco-ai-transformer.name" . }} + - key: app.kubernetes.io/instance + operator: In + values: + - {{ .Release.Name }} + topologyKey: failure-domain.beta.kubernetes.io/zone + - weight: 5 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - {{ template "alfresco-ai-transformer.name" . }} + - key: app.kubernetes.io/instance + operator: In + values: + - {{ .Release.Name }} + topologyKey: failure-domain.beta.kubernetes.io/zone + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- include "component-security-context" .Values | indent 8 }} + envFrom: + - configMapRef: + name: {{ template "alfresco-ai-transformer.fullname" . }} + - secretRef: + name: {{ default (printf "%s-messagebroker-secret" (include "alfresco-ai-transformer.fullname" $)) $.Values.messageBroker.existingSecretName }} + env: + {{- include "activemq.env" . | nindent 12 }} + ports: + - containerPort: {{ .Values.image.internalPort }} + resources: {{- toYaml .Values.resources | nindent 12 }} + readinessProbe: + httpGet: + path: /ready + port: {{ .Values.image.internalPort }} + initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} + livenessProbe: + httpGet: + path: /live + port: {{ .Values.image.internalPort }} + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.livenessProbe.periodSeconds }} + failureThreshold: 1 + timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} diff --git a/charts/alfresco-ai-transformer/templates/secret-messagebroker.yaml b/charts/alfresco-ai-transformer/templates/secret-messagebroker.yaml new file mode 100644 index 00000000..44535cf9 --- /dev/null +++ b/charts/alfresco-ai-transformer/templates/secret-messagebroker.yaml @@ -0,0 +1,19 @@ +{{- if not .Values.messageBroker.existingSecretName }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "alfresco-ai-transformer.fullname" . }}-messagebroker-secret + labels: + {{- include "alfresco-ai-transformer.labels" $ | nindent 4 }} +type: Opaque +data: + {{- if .Values.activemq.enabled }} + BROKER_URL: {{ printf "failover:(nio://%s-activemq-broker:61616)?timeout=3000&jms.useCompression=true" (include "alfresco-ai-transformer.fullname" .) | b64enc | quote }} + BROKER_USERNAME: {{ .Values.activemq.adminUser.user | b64enc | quote }} + BROKER_PASSWORD: {{ .Values.activemq.adminUser.password | b64enc | quote }} + {{- else }} + BROKER_URL: {{ required "Disabling in-cluster ActiveMQ requires passing (at least) messageBroker.url" .Values.messageBroker.url | b64enc | quote }} + BROKER_USERNAME: {{ .Values.messageBroker.user | b64enc | quote }} + BROKER_PASSWORD: {{ .Values.messageBroker.password | b64enc | quote }} + {{- end }} +{{- end }} diff --git a/charts/alfresco-ai-transformer/templates/svc-ai-transformer.yaml b/charts/alfresco-ai-transformer/templates/svc-ai-transformer.yaml new file mode 100644 index 00000000..b0a53ac8 --- /dev/null +++ b/charts/alfresco-ai-transformer/templates/svc-ai-transformer.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "alfresco-ai-transformer.fullname" . }} + labels: + {{- include "alfresco-ai-transformer.selectorLabels" . | nindent 4 }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.image.internalPort }} + name: {{ .Values.service.name }} + selector: + {{- include "alfresco-ai-transformer.selectorLabels" . | nindent 4 }} diff --git a/charts/alfresco-ai-transformer/tests/deployment-ai-tranformer_test.yaml b/charts/alfresco-ai-transformer/tests/deployment-ai-tranformer_test.yaml new file mode 100644 index 00000000..0e0f989c --- /dev/null +++ b/charts/alfresco-ai-transformer/tests/deployment-ai-tranformer_test.yaml @@ -0,0 +1,27 @@ +suite: test ai-transformer deployment +templates: +- deployment-ai-transformer.yaml +- config-ai-transformer.yaml +tests: +- it: should have basic metadata in place + values: &testvalues + - values/test_values.yaml + asserts: + - equal: + path: metadata.name + value: RELEASE-NAME-alfresco-ai-transformer + template: deployment-ai-transformer.yaml + +- it: should render cpu and memory limits + values: *testvalues + asserts: + - equal: + path: spec.template.spec.containers[0].resources + value: + requests: + cpu: "0.25" + memory: "1000Mi" + limits: + cpu: "2" + memory: "1000Mi" + template: deployment-ai-transformer.yaml diff --git a/charts/alfresco-ai-transformer/tests/values/test_values.yaml b/charts/alfresco-ai-transformer/tests/values/test_values.yaml new file mode 100644 index 00000000..6968a5a1 --- /dev/null +++ b/charts/alfresco-ai-transformer/tests/values/test_values.yaml @@ -0,0 +1,5 @@ +--- +global: + tracking: + sharedsecret: dummy + alfrescoRegistryPullSecrets: secretsecret diff --git a/charts/alfresco-ai-transformer/values.yaml b/charts/alfresco-ai-transformer/values.yaml new file mode 100644 index 00000000..9c27ab90 --- /dev/null +++ b/charts/alfresco-ai-transformer/values.yaml @@ -0,0 +1,59 @@ +global: + alfrescoRegistryPullSecrets: quay-registry-secret +strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 +replicaCount: 2 +nodeSelector: {} +image: + repository: quay.io/alfresco/alfresco-ai-docker-engine + tag: 1.4.5 + pullPolicy: IfNotPresent + internalPort: 8090 +service: + name: ai-transformer + type: ClusterIP + externalPort: 80 +podSecurityContext: + runAsUser: 33015 +resources: + requests: + cpu: "0.25" + memory: "1000Mi" + limits: + cpu: "2" + memory: "1000Mi" +environment: + JAVA_OPTS: >- + -XX:MinRAMPercentage=50 + -XX:MaxRAMPercentage=80 +readinessProbe: + initialDelaySeconds: 20 + periodSeconds: 60 + timeoutSeconds: 10 +livenessProbe: + initialDelaySeconds: 10 + periodSeconds: 20 + timeoutSeconds: 10 + livenessPercent: 400 + livenessTransformPeriodSeconds: 600 + maxTransforms: 10000 + maxTransformSeconds: 1800 +aws: +# -- To configure these, you need to provide or export your AWS credentials https://docs.alfresco.com/intelligence-services/latest/config/#default-configuration + accessKey: XXXXXXXXXXXXXXXXXXXXXXXX + secretAccessKey: XXXXXXXXXXXXXXXXXXXXXXXX + region: region-name + s3Bucket: s3-bucket-name + comprehendRoleARN: arn:aws:iam::XXXXXXXXXXXX:role/ComprehendAsyncJobs +messageBroker: + url: null + user: null + password: null + # -- Name of the secret managed by this chart + secretName: acs-alfresco-cs-brokersecret + # -- Alternatively, provide credentials via an existing secret that contains BROKER_URL, BROKER_USERNAME and BROKER_PASSWORD keys + existingSecretName: null +activemq: + enabled: false