Geoweb TAF Backend Chart (#25)

* geoweb-taf-backend initial chart * Discontinue old env variables and add missing GW_TAF_BASE_URL * Fix different version numbers * Remove unused variables --------- Co-authored-by: Jussi Liukkonen <[email protected]>
fmidev · Sep 18, 2023 · e570e27 · e570e27
1 parent 6a9451c
commit e570e27
Show file tree

Hide file tree

Showing 16 changed files with 438 additions and 20 deletions.
diff --git a/charts/geoweb-frontend/Chart.yaml b/charts/geoweb-frontend/Chart.yaml
@@ -15,7 +15,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 2.3.1
+version: 3.0.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

diff --git a/charts/geoweb-frontend/README.md b/charts/geoweb-frontend/README.md
@@ -128,6 +128,7 @@ The following table lists the configurable parameters of the GeoWeb frontend cha
 | `secretProviderParameters` | Option to add custom parameters to the secretProvider, for example with aws you can specify region | |
 | `frontend.env.GW_CAP_BASE_URL` | Url which the application uses to connect to CAP backend | |
 | `frontend.env.GW_DRAWINGS_BASE_URL` | Url which the application uses to connect to Drawings backend | |
+| `frontend.env.GW_TAF_BASE_URL` | Url which the application uses to connect to TAF backend | |
 | `frontend.env.GW_APP_URL` | Url which the application can be accessed | |
 | `frontend.env.GW_DEFAULT_THEME` | Default theme: lightMode or darkMode | |
 | `frontend.env.GW_FEATURE_APP_TITLE` | Application title | |
@@ -141,10 +142,6 @@ The following table lists the configurable parameters of the GeoWeb frontend cha
 | `frontend.env.GW_TIMESERIES_CONFIGURATION_FILENAME` | Filename to fetch TimeSeries preset locations | `timeSeriesPresetLocations.json` |
 | `frontend.env.GW_FEATURE_FORCE_AUTHENTICATION` | Force authentication (block Guest access) | `false` |
 | `frontend.env.GW_FEATURE_MODULE_SPACE_WEATHER` | Enable Space Weather module | `false` |
-| `frontend.env.GW_FEATURE_MODULE_TAF` | Enable TAF module | `false` |
-| `frontend.env.GW_FEATURE_MODULE_SIGMET` | Enable SIGMET module | `false` |
-| `frontend.env.GW_FEATURE_MODULE_AIRMET` | Enable AIRMET module | `false` |
-| `frontend.env.GW_FEATURE_MENU_SATCOMP` | Enable SATCOMP menu option | `false` |
 | `frontend.env.GW_FEATURE_MENU_FEEDBACK` | Enable Feedback menu option | `false` |
 | `frontend.env.GW_FEATURE_MENU_INFO` | Enable Info menu option | `true` |
 | `frontend.env.GW_FEATURE_MENU_VERSION` | Enable Version menu option | `false` |

diff --git a/charts/geoweb-frontend/templates/geoweb-configmap.yaml b/charts/geoweb-frontend/templates/geoweb-configmap.yaml
@@ -49,17 +49,8 @@ data:
 {{- if .Values.frontend.env.GW_FEATURE_MODULE_SPACE_WEATHER }}
   GW_FEATURE_MODULE_SPACE_WEATHER: {{ .Values.frontend.env.GW_FEATURE_MODULE_SPACE_WEATHER | quote }}
 {{- end }}
-{{- if .Values.frontend.env.GW_FEATURE_MODULE_TAF }}
-  GW_FEATURE_MODULE_TAF: {{ .Values.frontend.env.GW_FEATURE_MODULE_TAF | quote }}
-{{- end }}
-{{- if .Values.frontend.env.GW_FEATURE_MODULE_SIGMET }}
-  GW_FEATURE_MODULE_SIGMET: {{ .Values.frontend.env.GW_FEATURE_MODULE_SIGMET | quote }}
-{{- end }}
-{{- if .Values.frontend.env.GW_FEATURE_MODULE_AIRMET }}
-  GW_FEATURE_MODULE_AIRMET: {{ .Values.frontend.env.GW_FEATURE_MODULE_AIRMET | quote }}
-{{- end }}
-{{- if .Values.frontend.env.GW_FEATURE_MENU_SATCOMP }}
-  GW_FEATURE_MENU_SATCOMP: {{ .Values.frontend.env.GW_FEATURE_MENU_SATCOMP | quote }}
+{{- if .Values.frontend.env.GW_TAF_BASE_URL }}
+  GW_TAF_BASE_URL: {{ .Values.frontend.env.GW_TAF_BASE_URL | quote }}
 {{- end }}
 {{- if .Values.frontend.env.GW_FEATURE_MENU_FEEDBACK }}
   GW_FEATURE_MENU_FEEDBACK: {{ .Values.frontend.env.GW_FEATURE_MENU_FEEDBACK | quote }}

diff --git a/charts/geoweb-frontend/values.yaml b/charts/geoweb-frontend/values.yaml
@@ -20,10 +20,6 @@ frontend:
     GW_INFRA_BASE_URL: https://api.opengeoweb.com
     GW_FEATURE_FORCE_AUTHENTICATION: false
     GW_FEATURE_MODULE_SPACE_WEATHER: false
-    GW_FEATURE_MODULE_TAF: false
-    GW_FEATURE_MODULE_SIGMET: false
-    GW_FEATURE_MODULE_AIRMET: false
-    GW_FEATURE_MENU_SATCOMP: false
     GW_FEATURE_MENU_FEEDBACK: false
     GW_FEATURE_MENU_INFO: true
     GW_FEATURE_MENU_VERSION: false

diff --git a/charts/geoweb-taf-backend/Chart.yaml b/charts/geoweb-taf-backend/Chart.yaml
@@ -0,0 +1,24 @@
+apiVersion: v2
+name: geoweb-taf-backend
+description: A Helm chart for geoweb taf backend resources in Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.0.1
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "v0.0.1"
diff --git a/charts/geoweb-taf-backend/README.md b/charts/geoweb-taf-backend/README.md
@@ -0,0 +1,104 @@
+# Install the chart repository
+
+```bash
+helm repo add fmi https://fmidev.github.io/helm-charts/
+helm repo update
+```
+
+# Create requried dependencies
+
+Create values.yaml file for required variables:
+* Using aws as the secret provider
+```yaml
+taf: 
+  url: geoweb.example.com
+  db_secret: secretName # Secret should contain postgresql database connection string
+  iamRoleARN: arn:aws:iam::123456789012:role/example-iam-role-with-permissions-to-secret
+
+secretProvider: aws
+secretProviderParameters:
+  region: your-region
+```
+
+* Using base64 encoded secret
+```yaml
+taf:
+  url: geoweb.example.com
+  db_secret: base64_encoded_postgresql_connection_string
+```
+
+# Testing the Chart
+Execute the following for testing the chart:
+
+```bash
+helm install geoweb-taf-backend fmi/geoweb-taf-backend --dry-run --debug -n geoweb --values=./values.yaml
+```
+
+# Installing the Chart
+
+Execute the following for installing the chart:
+
+```bash
+helm install geoweb-taf-backend fmi/geoweb-taf-backend -n geoweb --values=./values.yaml
+```
+
+# Deleting the Chart
+Execute the following for deleting the chart:
+
+```bash
+## Delete the Helm Chart
+helm delete -n geoweb geoweb-taf-backend
+## Delete the Namespace
+kubectl delete namespace geoweb
+```
+
+# Chart Configuration
+The following table lists the configurable parameters of the Taf backend chart and their default values.
+
+| Parameter | Description | Default |
+| - | - | - |
+| `versions.taf` | Possibility to override application version | `v0.0.1` |
+| `taf.name` | Name of backend | `taf` |
+| `taf.registry` | Registry to fetch image | `registry.gitlab.com/opengeoweb/backend-services/aviation-taf-backend/aviation-taf-backend` |
+| `taf.commitHash` | Adds commitHash annotation to the deployment | |
+| `taf.imagePullPolicy` | Adds option to modify imagePullPolicy | |
+| `taf.url` | Url which the application can be accessed | |
+| `taf.path` | Path suffix added to url | `/taf/(.*)` |
+| `taf.svcPort` | Port used for service | `80` |
+| `taf.replicas` | Amount of replicas deployed | `1` |
+| `taf.db_secret` | Secret containing base64 encoded Postgresql database connection string | |
+| `taf.db_secretName` | Name of db secret | `taf-db` |
+| `taf.db_secretType` | Type to db secret | `secretsmanager` |
+| `taf.db_secretPath` | Path to db secret | |
+| `taf.db_secretKey` | Key of db secret | |
+| `taf.iamRoleARN` | IAM Role with permissions to access db_secret secret | |
+| `taf.secretServiceAccount` | Service Account created for handling secrets | `taf-service-account` |
+| `secretProvider` | Option to use secret provider instead of passing base64 encoded database connection string as taf.db_secret *(aws\|azure\|gcp\|vault)* | |
+| `secretProviderParameters` | Option to add custom parameters to the secretProvider, for example with aws you can specify region | |
+| `taf.env.AVIATION_TAF_PORT_HTTP` | Port used for container | `8000` |
+| `taf.env.GEOWEB_KNMI_AVI_MESSAGESERVICES_HOST` | - | `"localhost:8081"` |
+| `taf.env.OAUTH2_USERINFO` | - | |
+| `taf.env.AVIATION_TAF_PUBLISH_HOST` | - | `"localhost:8090"` |
+| `taf.messageconverter.name` | Name of messageconverter container | `taf-messageconverter` |
+| `taf.messageconverter.registry` | Registry to fetch image | `registry.gitlab.com/opengeoweb/avi-msgconverter/geoweb-knmi-avi-messageservices` |
+| `taf.messageconverter.version` | Possibility to override application version | `"0.1.1"` |
+| `taf.messageconverter.port` | Port used for messageconverter | `8080` |
+| `taf.nginx.name` | Name of nginx container | `taf-nginx` |
+| `taf.nginx.registry` | Registry to fetch nginx image | `registry.gitlab.com/opengeoweb/backend-services/aviation-taf-backend/nginx-aviation-taf-backend` |
+| `taf.nginx.AVIATION_TAF_ENABLE_SSL` | Toggle SSL termination | `"FALSE"` |
+| `taf.nginx.OAUTH2_USERINFO` | Userinfo endpoint to retrieve consented claims, or assertions, about the logged in end-user | |
+| `taf.nginx.NGINX_PORT_HTTP` | Port used for nginx | `80` |
+| `taf.nginx.EXTERNAL_HOSTNAME` | - | `localhost:80` |
+| `taf.nginx.AVIATION_TAF_BACKEND_HOST` | Address where nginx accesses the backend | `localhost:8080` |
+| `taf.publisher.name` | Name of publisher container  | `taf-publisher` |
+| `taf.publisher.registry` | Registry to fetch image | `registry.gitlab.com/opengeoweb/backend-services/aviation-taf-backend/aviation-taf-backend-publisher-local` |
+| `taf.publisher.port` | Port used for publisher | `8090`|
+| `taf.publisher.DESTINATION` | Folder inside publisher container where TACs are stored | `/app/output` |
+| `taf.publisher.volumeOptions` | yaml including the definition of the volume where TACs are published to, for example: <pre>hostPath:<br>&nbsp;&nbsp; path: /test/path</pre> or <pre>emptyDir:<br>&nbsp;&nbsp;</pre>| `emptyDir:` |
+| `taf.placeholder.name` | Name of publisher container  | `taf-placeholder` |
+| `taf.placeholder.registry` | Registry to fetch image | `registry.gitlab.com/opengeoweb/backend-services/aviation-taf-backend/tafplaceholder-aviation-taf-backend` |
+| `taf.placeholder.port` | Port used for tafplaceholder | `8085` |
+| `taf.placeholder.TAFPLACEHOLDER_KEEPRUNNING` | - | `TRUE` |
+| `ingress.name` | Name of the ingress controller in use | `nginx-ingress-controller` |
+| `ingress.ingressClassName` | Set ingressClassName parameter to not use default ingressClass | |
+| `ingress.customAnnotations` | Custom annotations for ingress, for example <pre>customAnnotations:<br>  traefik.annotation: exampleValue</pre> Overrides default nginx annotations if set | |
diff --git a/charts/geoweb-taf-backend/templates/taf-configmap.yaml b/charts/geoweb-taf-backend/templates/taf-configmap.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Values.taf.name }}
+  annotations:
+  {{- if .Values.taf.commitHash }}
+    commitHash: {{ .Values.taf.commitHash }}
+  {{- end }}
+data:
+  GEOWEB_KNMI_AVI_MESSAGESERVICES_HOST: {{ .Values.taf.env.GEOWEB_KNMI_AVI_MESSAGESERVICES_HOST | quote }}
+  AVIATION_TAF_PORT_HTTP: {{ .Values.taf.env.AVIATION_TAF_PORT_HTTP | quote }}
+  AVIATION_TAF_PUBLISH_HOST: {{ .Values.taf.env.AVIATION_TAF_PUBLISH_HOST | quote }}
+  VERSION: {{ .Values.versions.taf | quote }}
+  AVI_VERSION: {{ .Values.taf.messageconverter.version | quote }}
diff --git a/charts/geoweb-taf-backend/templates/taf-deployment.yaml b/charts/geoweb-taf-backend/templates/taf-deployment.yaml
@@ -0,0 +1,125 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Values.taf.name }}
+  labels:
+    app: {{ .Values.taf.name }}
+spec:
+  replicas: {{ .Values.taf.replicas }}
+  selector:
+    matchLabels:
+      app: {{ .Values.taf.name }}
+  template:
+    metadata:
+      labels:
+        app: {{ .Values.taf.name }}
+      annotations:
+        eks.amazonaws.com/compute-type: ec2
+      {{- if .Values.taf.commitHash }}
+        commitHash: {{ .Values.taf.commitHash }}
+      {{- end }}
+    spec:
+    {{- if eq .Values.secretProvider "aws" }}
+      serviceAccountName: {{ .Values.taf.secretServiceAccount }}
+    {{- end }}
+      containers:
+      - name: {{ .Values.taf.name }}
+        image: {{ .Values.taf.registry }}:{{ .Values.versions.taf }}
+      {{- if .Values.taf.imagePullPolicy }}
+        imagePullPolicy: {{ .Values.taf.imagePullPolicy }}
+      {{- end }}
+      {{- if .Values.taf.postStartCommand }}
+        lifecycle:
+          postStart:
+            exec:
+              command: ["/bin/sh", "-c", {{ .Values.taf.postStartCommand | quote }}]
+      {{- end }}
+        ports:
+        - containerPort: {{ .Values.taf.env.AVIATION_TAF_PORT_HTTP }}
+        envFrom:
+        - configMapRef:
+            name: {{ .Values.taf.name }}
+        env:
+        - name: AVIATION_TAF_BACKEND_DB
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.taf.db_secretName }}
+              key: AVIATION_TAF_BACKEND_DB
+        volumeMounts:
+        - name: secrets-store-inline
+          mountPath: "/mnt/secrets-store"
+          readOnly: true
+      - name: {{ .Values.taf.placeholder.name }}
+        image: {{ .Values.taf.placeholder.registry }}:{{ .Values.versions.taf }}
+      {{- if .Values.taf.imagePullPolicy }}
+        imagePullPolicy: {{ .Values.taf.imagePullPolicy }}
+      {{- end }}
+        ports:
+        - containerPort: {{ .Values.taf.placeholder.port }}
+        envFrom:
+        - configMapRef:
+            name: {{ .Values.taf.placeholder.name }}
+        env:
+        - name: AVIATION_TAF_BACKEND_DB
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.taf.db_secretName }}
+              key: AVIATION_TAF_BACKEND_DB
+        volumeMounts:
+        - name: secrets-store-inline
+          mountPath: "/mnt/secrets-store"
+          readOnly: true
+      - name: {{ .Values.taf.messageconverter.name }}
+        image: {{ .Values.taf.messageconverter.registry }}:{{ .Values.taf.messageconverter.version }}
+      {{- if .Values.taf.imagePullPolicy }}
+        imagePullPolicy: {{ .Values.taf.imagePullPolicy }}
+      {{- end }}
+        env:
+        - name: AVI_CONTAINER_PORT
+          value: {{ .Values.taf.messageconverter.port | quote }}
+        ports:
+        - containerPort: {{ .Values.taf.messageconverter.port }}
+        envFrom:
+        - configMapRef:
+            name: {{ .Values.taf.name }}
+      - name: {{ .Values.taf.publisher.name }}
+        image: {{ .Values.taf.publisher.registry }}:{{ .Values.versions.taf }}
+      {{- if .Values.taf.imagePullPolicy }}
+        imagePullPolicy: {{ .Values.taf.imagePullPolicy }}
+      {{- end }}
+        ports:
+        - containerPort: {{ .Values.taf.publisher.port }}
+        envFrom:
+        - configMapRef:
+            name: {{ .Values.taf.publisher.name }}
+        volumeMounts:
+        - name: publisher-volume
+          mountPath: {{ .Values.taf.publisher.DESTINATION | quote }}
+      - name: {{ .Values.taf.nginx.name }}
+        image: {{ .Values.taf.nginx.registry }}:{{ .Values.versions.taf }}
+      {{- if .Values.taf.imagePullPolicy }}
+        imagePullPolicy: {{ .Values.taf.imagePullPolicy }}
+      {{- end }}
+        ports:
+        - containerPort: {{ .Values.taf.nginx.NGINX_PORT_HTTP }}
+        envFrom:
+        - configMapRef:
+            name: {{ .Values.taf.nginx.name }}
+      volumes:
+      - name: secrets-store-inline
+      {{- if .Values.secretProvider }}
+        csi:
+          driver: secrets-store.csi.k8s.io
+          readOnly: true
+          volumeAttributes:
+            secretProviderClass: {{ .Values.taf.spcName | quote }}
+      {{- else }}
+        secret:
+          secretName: {{ .Values.taf.db_secretName | quote }}
+      {{- end }}
+      - name: publisher-volume
+      {{- if .Values.taf.publisher.volumeOptions }}
+        {{- toYaml .Values.taf.publisher.volumeOptions | nindent 8 }}
+      {{- else }}
+        emptyDir:
+      {{- end }}
diff --git a/charts/geoweb-taf-backend/templates/taf-ingress.yaml b/charts/geoweb-taf-backend/templates/taf-ingress.yaml
@@ -0,0 +1,31 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: {{ .Values.ingress.name }}-{{ .Values.taf.name }}
+  annotations:
+  {{- if .Values.ingress.customAnnotations }}
+    {{- with .Values.ingress.customAnnotations }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- else }}
+    nginx.ingress.kubernetes.io/ssl-redirect: "false"
+    nginx.ingress.kubernetes.io/force-ssl-redirect: "false"
+    nginx.ingress.kubernetes.io/rewrite-target: /$1
+    nginx.ingress.kubernetes.io/enable-cors: "true"
+    nginx.ingress.kubernetes.io/cors-allow-methods: "DELETE, PUT, GET, POST, OPTIONS, PATCH, HEAD"
+  {{- end }}
+spec:
+{{- if .Values.ingress.ingressClassName }}
+  ingressClassName: {{ .Values.ingress.ingressClassName }}
+{{- end }}
+  rules:
+    - host: {{ .Values.taf.url }}
+      http:
+        paths:
+          - path: {{ .Values.taf.path }}
+            pathType: Prefix
+            backend:
+              service:
+                name: {{ .Values.taf.name }}
+                port:
+                  number: {{ .Values.taf.svcPort }}
diff --git a/charts/geoweb-taf-backend/templates/taf-nginx-configmap.yaml b/charts/geoweb-taf-backend/templates/taf-nginx-configmap.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Values.taf.nginx.name }}
+  annotations:
+  {{- if .Values.taf.commitHash }}
+    commitHash: {{ .Values.taf.commitHash }}
+  {{- end }}
+data:
+  AVIATION_TAF_ENABLE_SSL: {{ .Values.taf.nginx.AVIATION_TAF_ENABLE_SSL | quote }}
+  EXTERNAL_HOSTNAME: {{ .Values.taf.nginx.EXTERNAL_HOSTNAME | quote }}
+  OAUTH2_USERINFO: {{ .Values.taf.nginx.OAUTH2_USERINFO | quote }}
+  AVIATION_TAF_BACKEND_HOST: {{ .Values.taf.nginx.AVIATION_TAF_BACKEND_HOST | quote }}
+  NGINX_PORT_HTTP: {{ .Values.taf.nginx.NGINX_PORT_HTTP | quote }}
diff --git a/charts/geoweb-taf-backend/templates/taf-placeholder-configmap.yaml b/charts/geoweb-taf-backend/templates/taf-placeholder-configmap.yaml
@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Values.taf.placeholder.name }}
+  annotations:
+  {{- if .Values.taf.commitHash }}
+    commitHash: {{ .Values.taf.commitHash }}
+  {{- end }}
+data:
+  TAFPLACEHOLDER_KEEPRUNNING: {{ .Values.taf.placeholder.TAFPLACEHOLDER_KEEPRUNNING | quote }}