feat: add codecov helm chart

.github/workflows/ci.yml

@@ -30,6 +30,7 @@ jobs:
           helm repo add grafana https://grafana.github.io/helm-charts
           helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
           helm repo add sunasteriskrnd https://sun-asterisk-research.github.io/helm-charts
+          helm repo add timescale https://charts.timescale.com
           helm repo update
 
       - name: Release Charts

charts/codecov/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

charts/codecov/Chart.lock

@@ -0,0 +1,18 @@
+dependencies:
+- name: common
+  repository: https://sun-asterisk-research.github.io/helm-charts
+  version: 1.0.0
+- name: redis
+  repository: https://charts.bitnami.com/bitnami
+  version: 17.0.11
+- name: postgresql
+  repository: https://charts.bitnami.com/bitnami
+  version: 12.1.2
+- name: timescaledb-single
+  repository: https://charts.timescale.com/
+  version: 0.33.1
+- name: minio
+  repository: https://charts.bitnami.com/bitnami
+  version: 11.8.1
+digest: sha256:af0d5e8aa30a7fd831e24b42039064ba9bded00edf3d5927abe374220b46d8fa
+generated: "2023-10-03T15:58:01.950639816+07:00"

charts/codecov/Chart.yaml

@@ -0,0 +1,27 @@
+apiVersion: v2
+name: codecov
+description: A Helm chart for Codecov
+type: application
+version: 0.1.0
+appVersion: "v5.0.1"
+dependencies:
+- name: common
+  version: 1.0.0
+  repository: https://sun-asterisk-research.github.io/helm-charts
+- name: redis
+  version: 17.0.11
+  repository: https://charts.bitnami.com/bitnami
+  condition: redis.enabled
+- name: postgresql
+  version: 12.1.2
+  repository: https://charts.bitnami.com/bitnami
+  condition: postgresql.enabled
+- name: timescaledb-single
+  alias: timescaledb
+  version: 0.33.*
+  repository: https://charts.timescale.com/
+  condition: timescaledb.enabled
+- name: minio
+  version: 11.8.1
+  repository: https://charts.bitnami.com/bitnami
+  condition: minio.enabled

charts/codecov/templates/_db.tpl

@@ -0,0 +1,57 @@
+{{/* vim: set filetype=mustache: */}}
+{{- define "codecov.db.host" -}}
+  {{- if eq .Values.postgresql.enabled true -}}
+    {{- printf "%s-%s" .Release.Name "postgresql" | trunc 63 | trimSuffix "-" -}}
+  {{- else -}}
+    {{- .Values.config.services.postgres.host -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "codecov.db.port" -}}
+  {{- if eq .Values.postgresql.enabled true -}}
+    {{- .Values.postgresql.service.port | default 5432 -}}
+  {{- else -}}
+    {{- .Values.config.services.postgres.port -}}
+  {{- end -}}
+{{- end }}
+
+{{- define "codecov.db.database" -}}
+  {{- if eq .Values.postgresql.enabled true -}}
+    {{- .Values.postgresql.auth.database -}}
+  {{- else -}}
+    {{- .Values.config.services.postgres.database -}}
+  {{- end -}}
+{{- end }}
+
+{{- define "codecov.db.username" -}}
+  {{- if eq .Values.postgresql.enabled true -}}
+    {{- .Values.postgresql.auth.username -}}
+  {{- else -}}
+    {{- .Values.config.services.postgres.username -}}
+  {{- end -}}
+{{- end }}
+
+{{- define "codecov.db.password" -}}
+  {{- if eq .Values.postgresql.enabled true -}}
+    {{- .Values.postgresql.auth.postgresPassword | required ".Values.postgresql.auth.postgresPassword is required" -}}
+  {{- else -}}
+    {{- .Values.config.services.postgres.password -}}
+  {{- end -}}
+{{- end }}
+
+{{- define "codecov.db.url" -}}
+{{- printf "postgres://%s:%s@%s:%s/%s"
+    (include "codecov.db.username" .)
+    (include "codecov.db.password" .)
+    (include "codecov.db.host" .)
+    (include "codecov.db.port" .)
+    (include "codecov.db.database" .)
+-}}
+{{- end }}
+
+{{- define "codecov.db.timescaleUrl" -}}
+{{- printf "postgres://postgres:%s@%s:5432/postgres"
+    .Values.timescaledb.secrets.credentials.PATRONI_SUPERUSER_PASSWORD
+    .Values.timescaledb.fullnameOverride
+-}}
+{{- end }}

charts/codecov/templates/_helpers.tpl

@@ -0,0 +1,44 @@
+{{/* vim: set filetype=mustache: */}}
+
+{{- define "codecov.checksums.appConfig" -}}
+checksum/configmap: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
+{{- if not (empty .Values.secretFiles) }}
+checksum/secretFiles: {{ include (print $.Template.BasePath "/secret-files.yaml") . | sha256sum }}
+{{- end }}
+{{- end -}}
+
+{{- define "codecov.env" -}}
+- configMapRef:
+    name: {{ template "common.names.fullname" . }}
+- secretRef:
+    name: {{ template "common.names.fullname" . }}
+{{- end -}}
+
+{{- define "codecov.volumes" -}}
+{{- if not (empty .Values.secretFiles) -}}
+- name: secret-files
+  secret:
+    secretName: {{ template "common.names.fullname" . }}-secret-files
+    defaultMode: 0640
+{{- end -}}
+{{- end -}}
+
+{{- define "codecov.volumeMounts" -}}
+{{- range $filename, $content := .Values.secretFiles -}}
+- name: secret-files
+  mountPath: {{ printf "/home/codecov/%s" $filename }}
+  subPath: {{ $filename }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Returns the ServiceAccount name
+*/}}
+{{- define "codecov.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create -}}
+    {{- default (include "common.names.fullname" .) .Values.serviceAccount.name -}}
+{{- else -}}
+    {{- default "default" .Values.serviceAccount.name -}}
+{{- end -}}
+{{- end -}}

charts/codecov/templates/_images.tpl

@@ -0,0 +1,12 @@
+
+{{/*
+Render image pull secrets
+*/}}
+{{- define "codecov.imagePullSecrets" -}}
+{{- $images := list .Values.image -}}
+{{- if index .Values "image-pull-secret" "enabled" }}
+{{- $secretName := include "common.subchart.tpl" (list . "image-pull-secret" "common.names.fullname") -}}
+{{- $images = append $images (dict "pullSecrets" (list ($secretName))) -}}
+{{- end -}}
+{{- include "common.images.pullSecrets" (dict "images" $images "global" .Values.global) -}}
+{{- end -}}

charts/codecov/templates/_redis.tpl

@@ -0,0 +1,29 @@
+{{/* vim: set filetype=mustache: */}}
+{{- define "codecov.redis.host" -}}
+  {{- if eq .Values.redis.enabled true -}}
+    {{- printf "%s-%s" .Release.Name "redis" | trunc 63 | trimSuffix "-" -}}-master
+  {{- else -}}
+    {{- .Values.config.redis.host -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "codecov.redis.port" -}}
+  {{- if eq .Values.redis.enabled true -}}
+    {{- .Values.redis.master.service.ports.redis -}}
+  {{- else -}}
+    {{- .Values.config.redis.port -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "codecov.redis.password" -}}
+  {{- if not .Values.redis.enabled  -}}
+    {{- .Values.config.redis.password -}}
+  {{- else if .Values.redis.auth.enabled -}}
+    {{- .Values.redis.auth.password | required ".Values.redis.password is required" -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "codecov.redis.url" -}}
+  {{- printf "redis://:%s@%s:%s/0" (include "codecov.redis.password" .) (include "codecov.redis.host" .) (include
+  "codecov.redis.port" .) -}}
+{{- end -}}

charts/codecov/templates/configmap.yaml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "common.names.fullname" . }}
+  labels: {{ include "common.labels.standard" . | nindent 4 }}
+data:
+  SETUP__LOGLVL: DEBUG
+  SETUP__CODECOV_HOST: {{ .Values.config.setup.codecovHost }}
+  SETUP__CODECOV_SCHEME: {{ .Values.config.setup.codecovScheme }}
+  SETUP__CODECOV_URL: {{ .Values.config.setup.codecovUrl }}
+  SETUP__CODECOV_API_URL: {{ .Values.config.setup.codecovApiUrl }}
+  SETUP__TIMESERIES__ENABLED: {{ .Values.config.setup.timeseries.enabled | quote }}
+  SITE__COMMENT__LAYOUT: {{ .Values.config.site.comment.layout | quote }}
+  codecov.yml: |
+{{ .Values.config.codecovConfig | indent 4 }}

charts/codecov/templates/deployment-api.yaml

@@ -0,0 +1,85 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "common.names.fullname" . }}-api
+  labels:
+    {{- include "common.labels.standard" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.api.replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "common.labels.matchLabels" . | nindent 6 }}
+      app.kubernetes.io/component: api
+  template:
+    metadata:
+      annotations:
+        {{- include "codecov.checksums.appConfig" . | nindent 8 }}
+      labels:
+        {{- include "common.labels.standard" . | nindent 8 }}
+        app.kubernetes.io/component: api
+    spec:
+      serviceAccountName: {{ include "codecov.serviceAccountName" . }}
+      {{- with .Values.api.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      containers:
+      - name: api
+        image: "{{ .Values.api.image.repository }}:{{ .Values.api.image.tag | default .Chart.AppVersion }}"
+        imagePullPolicy: {{ .Values.api.image.pullPolicy }}
+        env:
+          - name: RUN_ENV
+            value: "ENTERPRISE"
+          {{- with .Values.extraEnvs }}
+          {{- toYaml . | nindent 12 }}
+          {{- end }}
+        envFrom:
+          {{- include "codecov.env" . | nindent 8 }}
+        volumeMounts:
+        - name: codecov-config
+          mountPath: "/config"
+        {{- include "codecov.volumeMounts" . | nindent 8 }}
+        {{- with .Values.volumeMounts }}
+        {{- toYaml . | nindent 12 }}
+        {{- end }}
+        ports:
+          - name: http
+            containerPort: {{ .Values.api.containerPort }}
+            protocol: TCP
+        livenessProbe:
+          httpGet:
+            path: /
+            port: http
+        readinessProbe:
+          httpGet:
+            path: /
+            port: http
+        securityContext:
+          {{- toYaml .Values.api.securityContext | nindent 12 }}
+        resources:
+          {{- toYaml .Values.api.resources | nindent 12 }}
+      volumes:
+      - name: codecov-config
+        configMap:
+          name: {{ template "common.names.fullname" . }}
+      {{- include "codecov.volumes" . | nindent 6 }}
+      {{- if .Values.api.affinity }}
+      affinity: {{- include "common.tplvalues.render" (dict "value" .Values.api.affinity "context" $) | nindent 8 }}
+      {{- else }}
+      affinity:
+        podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.api.podAffinityPreset "component" "api" "context" $) | nindent 10 }}
+        podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.api.podAntiAffinityPreset "component" "api" "context" $) | nindent 10 }}
+        nodeAffinity: {{- include "common.affinities.nodes" .Values.api.nodeAffinityPreset | nindent 10 }}
+      {{- end }}
+      {{- if .Values.api.nodeSelector }}
+      nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.api.nodeSelector "context" $) | nindent 8 }}
+      {{- end }}
+      {{- if .Values.api.tolerations }}
+      tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.api.tolerations "context" $) | nindent 8 }}
+      {{- end }}
+      {{- if .Values.api.topologySpreadConstraints }}
+      topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.api.topologySpreadConstraints "context" .) | nindent 8 }}
+      {{- end }}
+      {{- if .Values.podSecurityContext.enabled }}
+      securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }}
+      {{- end }}