DodoApp: Support dev virtual machines Change-Id: Ib7641adb5be477bdde7cd9a06df4b45aa65a1c01

commit: 7fbd4ad2920fa3ac2923bffb3f30c2bd2dd1a846 [log] [tgz]
author: gio <gio@v1.dodo.cloud> Tue Aug 27 10:06:39 2024 +0400
committer: gio <gio@v1.dodo.cloud> Wed Sep 04 13:50:35 2024 +0400
tree: 14fb607a7a45e142ea90e58751c4b7825e2a7e59
parent: dd32bbcf11ff3be729efe7bcc9902761858e2b00 [diff] [blame]
diff --git a/core/installer/values-tmpl/zot.cue b/core/installer/values-tmpl/zot.cue
index 35fdbc7..c5cf631 100644
--- a/core/installer/values-tmpl/zot.cue
+++ b/core/installer/values-tmpl/zot.cue

@@ -39,153 +39,155 @@
   </g>
 </svg>"""
 
-ingress: {
-	zot: {
-		auth: enabled: false
-		network: input.network
-		subdomain: input.subdomain
-		service: {
-			name: "zot"
-			port: number: _httpPort // TODO(gio): make optional
+out: {
+	ingress: {
+		zot: {
+			auth: enabled: false
+			network: input.network
+			subdomain: input.subdomain
+			service: {
+				name: "zot"
+				port: number: _httpPort // TODO(gio): make optional
+			}
 		}
 	}
-}
 
-// TODO(gio): configure busybox
-images: {
-	zot: {
-		registry: "ghcr.io"
-		repository: "project-zot"
-		name: "zot-linux-amd64"
-		tag: "v2.0.3"
-		pullPolicy: "IfNotPresent"
-	}
-}
-
-charts: {
-	zot: {
-		kind: "GitRepository"
-		address: "https://code.v1.dodo.cloud/helm-charts"
-		branch: "main"
-		path: "charts/zot"
-	}
-	oauth2Client: {
-		kind: "GitRepository"
-		address: "https://code.v1.dodo.cloud/helm-charts"
-		branch: "main"
-		path: "charts/oauth2-client"
-	}
-	resourceRenderer: {
-		kind: "GitRepository"
-		address: "https://code.v1.dodo.cloud/helm-charts"
-		branch: "main"
-		path: "charts/resource-renderer"
-	}
-}
-
-volumes: zot: size: "100Gi"
-
-_httpPort: 80
-_oauth2ClientSecretName: "oauth2-client"
-
-helm: {
-	"oauth2-client": {
-		chart: charts.oauth2Client
-		info: "Creating OAuth2 client"
-		// TODO(gio): remove once hydra maester is installed as part of dodo itself
-		dependsOn: [{
-			name: "auth"
-			namespace: "\(global.namespacePrefix)core-auth"
-		}]
-		values: {
-			name: "\(release.namespace)-zot"
-			secretName: _oauth2ClientSecretName
-			grantTypes: ["authorization_code"]
-			responseTypes: ["code"]
-			scope: "openid profile email groups"
-			redirectUris: ["https://\(_domain)/zot/auth/callback/oidc"]
-			hydraAdmin: "http://hydra-admin.\(global.namespacePrefix)core-auth.svc.cluster.local"
+	// TODO(gio): configure busybox
+	images: {
+		zot: {
+			registry: "ghcr.io"
+			repository: "project-zot"
+			name: "zot-linux-amd64"
+			tag: "v2.0.3"
+			pullPolicy: "IfNotPresent"
 		}
 	}
-	"config-renderer": {
-		chart: charts.resourceRenderer
-		info: "Generating Zot configuration"
-		values: {
-			name: "config-renderer"
-			secretName: _oauth2ClientSecretName
-			resourceTemplate: yaml.Marshal({
-				apiVersion: "v1"
-				kind: "ConfigMap"
-				metadata: {
-					name: _zotConfigMapName
-					namespace: "\(release.namespace)"
-				}
-				data: {
-					"config.json": json.Marshal({
-						storage: rootDirectory: "/var/lib/registry"
-						http: {
-							address: "0.0.0.0"
-							port: "5000"
-							externalUrl: url
-							auth: openid: providers: oidc: {
-								name: "dodo:"
-								issuer: "https://hydra.\(networks.public.domain)"
-								clientid: "{{ .client_id }}"
-								clientsecret: "{{ .client_secret }}"
-								keypath: ""
-								scopes: ["openid", "profile", "email", "groups"]
-							}
-							accessControl: {
-								repositories: {
-									"**": {
-										defaultPolicy: ["read", "create", "update", "delete"]
-										anonymousPolicy: ["read"]
+
+	charts: {
+		zot: {
+			kind: "GitRepository"
+			address: "https://code.v1.dodo.cloud/helm-charts"
+			branch: "main"
+			path: "charts/zot"
+		}
+		oauth2Client: {
+			kind: "GitRepository"
+			address: "https://code.v1.dodo.cloud/helm-charts"
+			branch: "main"
+			path: "charts/oauth2-client"
+		}
+		resourceRenderer: {
+			kind: "GitRepository"
+			address: "https://code.v1.dodo.cloud/helm-charts"
+			branch: "main"
+			path: "charts/resource-renderer"
+		}
+	}
+
+	volumes: zot: size: "100Gi"
+
+	_httpPort: 80
+	_oauth2ClientSecretName: "oauth2-client"
+
+	helm: {
+		"oauth2-client": {
+			chart: charts.oauth2Client
+			info: "Creating OAuth2 client"
+			// TODO(gio): remove once hydra maester is installed as part of dodo itself
+			dependsOn: [{
+				name: "auth"
+				namespace: "\(global.namespacePrefix)core-auth"
+			}]
+			values: {
+				name: "\(release.namespace)-zot"
+				secretName: _oauth2ClientSecretName
+				grantTypes: ["authorization_code"]
+				responseTypes: ["code"]
+				scope: "openid profile email groups"
+				redirectUris: ["https://\(_domain)/zot/auth/callback/oidc"]
+				hydraAdmin: "http://hydra-admin.\(global.namespacePrefix)core-auth.svc.cluster.local"
+			}
+		}
+		"config-renderer": {
+			chart: charts.resourceRenderer
+			info: "Generating Zot configuration"
+			values: {
+				name: "config-renderer"
+				secretName: _oauth2ClientSecretName
+				resourceTemplate: yaml.Marshal({
+					apiVersion: "v1"
+					kind: "ConfigMap"
+					metadata: {
+						name: _zotConfigMapName
+						namespace: "\(release.namespace)"
+					}
+					data: {
+						"config.json": json.Marshal({
+							storage: rootDirectory: "/var/lib/registry"
+							http: {
+								address: "0.0.0.0"
+								port: "5000"
+								externalUrl: url
+								auth: openid: providers: oidc: {
+									name: "dodo:"
+									issuer: "https://hydra.\(networks.public.domain)"
+									clientid: "{{ .client_id }}"
+									clientsecret: "{{ .client_secret }}"
+									keypath: ""
+									scopes: ["openid", "profile", "email", "groups"]
+								}
+								accessControl: {
+									repositories: {
+										"**": {
+											defaultPolicy: ["read", "create", "update", "delete"]
+											anonymousPolicy: ["read"]
+										}
 									}
 								}
 							}
-						}
-						log: level: "debug"
-						extensions: {
-							ui: enable: true
-							search: enable: true
-						}
-					})
-				}
-			})
+							log: level: "debug"
+							extensions: {
+								ui: enable: true
+								search: enable: true
+							}
+						})
+					}
+				})
+			}
 		}
-	}
-	zot: {
-		chart: charts.zot
-		info: "Installing Zot server"
-		values: {
-			image: {
-				repository: images.zot.fullName
-				tag: images.zot.tag
-				pullPolicy: images.zot.pullPolicy
-			}
-			service: {
-				type: "ClusterIP"
-				additionalAnnotations: {
-					"metallb.universe.tf/address-pool": global.id
+		zot: {
+			chart: charts.zot
+			info: "Installing Zot server"
+			values: {
+				image: {
+					repository: images.zot.fullName
+					tag: images.zot.tag
+					pullPolicy: images.zot.pullPolicy
 				}
-				port: _httpPort
+				service: {
+					type: "ClusterIP"
+					additionalAnnotations: {
+						"metallb.universe.tf/address-pool": global.id
+					}
+					port: _httpPort
+				}
+				ingress: enabled: false
+				mountConfig: false
+				persistence: true
+				pvc: {
+					create: false
+					name: volumes.zot.name
+				}
+				extraVolumes: [{
+					name: "config"
+					configMap: name: _zotConfigMapName
+				}]
+				extraVolumeMounts: [{
+					name: "config"
+					mountPath: "/etc/zot"
+				}]
+				startupProbe: {}
 			}
-			ingress: enabled: false
-			mountConfig: false
-			persistence: true
-			pvc: {
-				create: false
-				name: volumes.zot.name
-			}
-			extraVolumes: [{
-				name: "config"
-				configMap: name: _zotConfigMapName
-			}]
-			extraVolumeMounts: [{
-				name: "config"
-				mountPath: "/etc/zot"
-			}]
-			startupProbe: {}
 		}
 	}
 }
commit	7fbd4ad2920fa3ac2923bffb3f30c2bd2dd1a846	[log] [tgz]
author	gio <gio@v1.dodo.cloud>	Tue Aug 27 10:06:39 2024 +0400
committer	gio <gio@v1.dodo.cloud>	Wed Sep 04 13:50:35 2024 +0400
tree	14fb607a7a45e142ea90e58751c4b7825e2a7e59
parent	dd32bbcf11ff3be729efe7bcc9902761858e2b00 [diff] [blame]