demos/api7-demo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Rename Helm chart to api7ee-demo-k8s

Browse Source 
- Changed chart name from api7ee to api7ee-demo-k8s in Chart.yaml
- Renamed helm/api7ee directory to helm/api7ee-demo-k8s
- Updated all references in build.yml workflow
- Updated all references in helm-release.yml workflow
- Updated main README.md with new chart name
- Updated Helm chart README with new chart name
- Verified all old references have been replaced
- Chart packages correctly as api7ee-demo-k8s-{version}.tgz
This commit is contained in:
d.viti
2025-10-03 02:31:23 +02:00
parent fb396ac71a
commit f9d529ac87
27 changed files with 32 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
helm/api7ee-demo-k8s/templates/NOTES.txt Normal file
View File

@@ -0,0 +1,58 @@
1. Get the application URL by running these commands:
{{- if .Values.ingress.enabled }}
{{- range $host := .Values.ingress.hosts }}
{{- range .paths }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
{{- end }}
{{- end }}
{{- else if contains "NodePort" .Values.web.service.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "api7ee.fullname" . }}-web)
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.web.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "api7ee.fullname" . }}-web'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "api7ee.fullname" . }}-web --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
echo http://$SERVICE_IP:{{ .Values.web.service.port }}
{{- else if contains "ClusterIP" .Values.web.service.type }}
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl --namespace {{ .Release.Namespace }} port-forward service/{{ include "api7ee.fullname" . }}-web 8080:{{ .Values.web.service.port }}
{{- end }}
2. Check the deployment status:
kubectl get deployments -n {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "api7ee.name" . }},app.kubernetes.io/instance={{ .Release.Name }}"
3. View the pods:
kubectl get pods -n {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "api7ee.name" . }},app.kubernetes.io/instance={{ .Release.Name }}"
4. Check the logs:
# For Web component:
kubectl logs -n {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "api7ee.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=web"
# For API component:
kubectl logs -n {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "api7ee.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=api"
5. Scale the deployments:
# Scale Web component:
kubectl scale deployment {{ include "api7ee.fullname" . }}-web -n {{ .Release.Namespace }} --replicas=3
# Scale API component:
kubectl scale deployment {{ include "api7ee.fullname" . }}-api -n {{ .Release.Namespace }} --replicas=5
{{- if .Values.web.autoscaling.enabled }}
6. Web Horizontal Pod Autoscaler is enabled:
Min replicas: {{ .Values.web.autoscaling.minReplicas }}
Max replicas: {{ .Values.web.autoscaling.maxReplicas }}
Target CPU: {{ .Values.web.autoscaling.targetCPUUtilizationPercentage }}%
Target Memory: {{ .Values.web.autoscaling.targetMemoryUtilizationPercentage }}%
{{- end }}
{{- if .Values.api.autoscaling.enabled }}
7. API Horizontal Pod Autoscaler is enabled:
Min replicas: {{ .Values.api.autoscaling.minReplicas }}
Max replicas: {{ .Values.api.autoscaling.maxReplicas }}
Target CPU: {{ .Values.api.autoscaling.targetCPUUtilizationPercentage }}%
Target Memory: {{ .Values.api.autoscaling.targetMemoryUtilizationPercentage }}%
{{- end }}

62
helm/api7ee-demo-k8s/templates/_helpers.tpl Normal file
View File

@@ -0,0 +1,62 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "api7ee.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "api7ee.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "api7ee.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "api7ee.labels" -}}
helm.sh/chart: {{ include "api7ee.chart" . }}
{{ include "api7ee.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "api7ee.selectorLabels" -}}
app.kubernetes.io/name: {{ include "api7ee.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "api7ee.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "api7ee.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

25
helm/api7ee-demo-k8s/templates/certificate.yaml Normal file
View File

@@ -0,0 +1,25 @@
{{- if and .Values.api7.enabled .Values.api7.tls.enabled .Values.api7.tls.certManager.enabled }}
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: {{ include "api7ee.fullname" . }}-tls
labels:
{{- include "api7ee.labels" . | nindent 4 }}
spec:
secretName: {{ .Values.api7.tls.secretName | default (printf "%s-tls" (include "api7ee.fullname" .)) }}
issuerRef:
name: {{ .Values.api7.tls.certManager.issuer }}
kind: {{ .Values.api7.tls.certManager.issuerKind | default "ClusterIssuer" }}
commonName: {{ first .Values.api7.hosts }}
dnsNames:
{{- range .Values.api7.hosts }}
- {{ . | quote }}
{{- end }}
usages:
- digital signature
- key encipherment
- server auth
- client auth
duration: 2160h # 90 days
renewBefore: 720h # 30 days before expiry
{{- end }}

147
helm/api7ee-demo-k8s/templates/configmap-adc.yaml Normal file
View File

@@ -0,0 +1,147 @@
{{- if .Values.api7.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "api7ee.fullname" . }}-adc-config
labels:
{{- include "api7ee.labels" . | nindent 4 }}
app.kubernetes.io/component: adc
data:
adc-config.yaml: |
services:
{{- if .Values.web.enabled }}
- name: web-service
upstream:
name: web-upstream
scheme: http
type: roundrobin
{{- if .Values.api7.serviceDiscovery.enabled }}
discovery_type: kubernetes
service_name: {{ .Release.Namespace }}/{{ include "api7ee.fullname" . }}-web:http
{{- else }}
nodes:
- host: {{ include "api7ee.fullname" . }}-web.{{ .Release.Namespace }}.svc.cluster.local
port: {{ .Values.web.service.port }}
weight: 100
{{- end }}
routes:
- name: web-route
uris:
- /*
hosts:
{{- range .Values.api7.hosts }}
- {{ . | quote }}
{{- end }}
priority: 0
plugins:
{{- if .Values.api7.tls.enabled }}
redirect:
http_to_https: true
{{- end }}
{{- if .Values.api7.plugins.rateLimit.enabled }}
limit-count:
count: {{ .Values.api7.plugins.rateLimit.count }}
time_window: {{ .Values.api7.plugins.rateLimit.timeWindow }}
rejected_code: 429
{{- end }}
{{- if .Values.api7.plugins.cors.enabled }}
cors:
allow_origins: {{ .Values.api7.plugins.cors.allowOrigins | toJson }}
allow_methods: {{ .Values.api7.plugins.cors.allowMethods | toJson }}
allow_headers: {{ .Values.api7.plugins.cors.allowHeaders | toJson }}
expose_headers: {{ .Values.api7.plugins.cors.exposeHeaders | toJson }}
max_age: {{ .Values.api7.plugins.cors.maxAge }}
allow_credentials: {{ .Values.api7.plugins.cors.allowCredentials }}
{{- end }}
{{- end }}
{{- if .Values.api.enabled }}
- name: api-service
upstream:
name: api-upstream
scheme: http
type: roundrobin
{{- if .Values.api7.serviceDiscovery.enabled }}
discovery_type: kubernetes
service_name: {{ .Release.Namespace }}/{{ include "api7ee.fullname" . }}-api:http
{{- else }}
nodes:
- host: {{ include "api7ee.fullname" . }}-api.{{ .Release.Namespace }}.svc.cluster.local
port: {{ .Values.api.service.port }}
weight: 100
{{- end }}
routes:
- name: api-route
uris:
- /api
- /api/*
hosts:
{{- range .Values.api7.hosts }}
- {{ . | quote }}
{{- end }}
priority: 10
plugins:
{{- if .Values.api7.tls.enabled }}
redirect:
http_to_https: true
{{- end }}
proxy-rewrite:
regex_uri:
- ^/api/(.*)
- /$1
{{- if .Values.api7.plugins.rateLimit.enabled }}
limit-count:
count: {{ .Values.api7.plugins.rateLimit.apiCount | default .Values.api7.plugins.rateLimit.count }}
time_window: {{ .Values.api7.plugins.rateLimit.timeWindow }}
rejected_code: 429
{{- end }}
{{- if .Values.api7.plugins.auth.enabled }}
key-auth:
header: {{ .Values.api7.plugins.auth.header | default "X-API-Key" }}
{{- end }}
{{- end }}
{{- if .Values.api7.tls.enabled }}
ssls:
- snis:
{{- range .Values.api7.hosts }}
- {{ . | quote }}
{{- end }}
certificates:
{{- if .Values.api7.tls.certManager.enabled }}
- certificate: /etc/ssl/certs/tls.crt
key: /etc/ssl/certs/tls.key
{{- else if .Values.api7.tls.certificate }}
- certificate: |
{{ .Values.api7.tls.certificate | nindent 14 }}
key: |
{{ .Values.api7.tls.key | nindent 14 }}
{{- end }}
{{- end }}
{{- if .Values.api7.plugins.auth.enabled }}
consumers:
{{- range .Values.api7.consumers }}
- username: {{ .username }}
plugins:
key-auth:
key: {{ .apiKey }}
{{- end }}
{{- end }}
global_rules:
{{- if .Values.api7.plugins.prometheus.enabled }}
- id: prometheus-metrics
plugins:
prometheus:
prefer_name: true
{{- end }}
{{- if .Values.api7.plugins.logging.enabled }}
- id: request-logging
plugins:
http-logger:
uri: {{ .Values.api7.plugins.logging.endpoint }}
batch_max_size: {{ .Values.api7.plugins.logging.batchMaxSize | default 1000 }}
inactive_timeout: {{ .Values.api7.plugins.logging.inactiveTimeout | default 5 }}
{{- end }}
{{- end }}

10
helm/api7ee-demo-k8s/templates/configmap.yaml Normal file
View File

@@ -0,0 +1,10 @@
{{- if .Values.configMap.data }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "api7ee.fullname" . }}
labels:
{{- include "api7ee.labels" . | nindent 4 }}
data:
{{- toYaml .Values.configMap.data | nindent 2 }}
{{- end }}

77
helm/api7ee-demo-k8s/templates/deployment-api.yaml Normal file
View File

@@ -0,0 +1,77 @@
{{- if .Values.api.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "api7ee.fullname" . }}-api
labels:
{{- include "api7ee.labels" . | nindent 4 }}
app.kubernetes.io/component: api
spec:
{{- if not .Values.api.autoscaling.enabled }}
replicas: {{ .Values.api.replicaCount }}
{{- end }}
selector:
matchLabels:
{{- include "api7ee.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: api
template:
metadata:
annotations:
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
labels:
{{- include "api7ee.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: api
spec:
{{- with .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "api7ee.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: api
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.global.imageRegistry | default .Values.api.image.registry }}/{{ .Values.api.image.repository }}:{{ .Values.api.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.api.image.pullPolicy }}
ports:
- name: http
containerPort: {{ .Values.api.service.targetPort }}
protocol: TCP
livenessProbe:
{{- toYaml .Values.api.livenessProbe | nindent 12 }}
readinessProbe:
{{- toYaml .Values.api.readinessProbe | nindent 12 }}
resources:
{{- toYaml .Values.api.resources | nindent 12 }}
env:
- name: PORT
value: "{{ .Values.api.service.targetPort }}"
{{- with .Values.api.env }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- if .Values.configMap.data }}
envFrom:
- configMapRef:
name: {{ include "api7ee.fullname" . }}
{{- end }}
volumeMounts:
- name: tmp
mountPath: /tmp
volumes:
- name: tmp
emptyDir: {}
{{- with .Values.api.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.api.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.api.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}

77
helm/api7ee-demo-k8s/templates/deployment-web.yaml Normal file
View File

@@ -0,0 +1,77 @@
{{- if .Values.web.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "api7ee.fullname" . }}-web
labels:
{{- include "api7ee.labels" . | nindent 4 }}
app.kubernetes.io/component: web
spec:
{{- if not .Values.web.autoscaling.enabled }}
replicas: {{ .Values.web.replicaCount }}
{{- end }}
selector:
matchLabels:
{{- include "api7ee.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: web
template:
metadata:
annotations:
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
labels:
{{- include "api7ee.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: web
spec:
{{- with .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "api7ee.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: web
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.global.imageRegistry | default .Values.web.image.registry }}/{{ .Values.web.image.repository }}:{{ .Values.web.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.web.image.pullPolicy }}
ports:
- name: http
containerPort: {{ .Values.web.service.targetPort }}
protocol: TCP
livenessProbe:
{{- toYaml .Values.web.livenessProbe | nindent 12 }}
readinessProbe:
{{- toYaml .Values.web.readinessProbe | nindent 12 }}
resources:
{{- toYaml .Values.web.resources | nindent 12 }}
env:
- name: PORT
value: "{{ .Values.web.service.targetPort }}"
{{- with .Values.web.env }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- if .Values.configMap.data }}
envFrom:
- configMapRef:
name: {{ include "api7ee.fullname" . }}
{{- end }}
volumeMounts:
- name: tmp
mountPath: /tmp
volumes:
- name: tmp
emptyDir: {}
{{- with .Values.web.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.web.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.web.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}

33
helm/api7ee-demo-k8s/templates/hpa-api.yaml Normal file
View File

@@ -0,0 +1,33 @@
{{- if and .Values.api.enabled .Values.api.autoscaling.enabled }}
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: {{ include "api7ee.fullname" . }}-api
labels:
{{- include "api7ee.labels" . | nindent 4 }}
app.kubernetes.io/component: api
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: {{ include "api7ee.fullname" . }}-api
minReplicas: {{ .Values.api.autoscaling.minReplicas }}
maxReplicas: {{ .Values.api.autoscaling.maxReplicas }}
metrics:
{{- if .Values.api.autoscaling.targetCPUUtilizationPercentage }}
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: {{ .Values.api.autoscaling.targetCPUUtilizationPercentage }}
{{- end }}
{{- if .Values.api.autoscaling.targetMemoryUtilizationPercentage }}
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: {{ .Values.api.autoscaling.targetMemoryUtilizationPercentage }}
{{- end }}
{{- end }}

33
helm/api7ee-demo-k8s/templates/hpa-web.yaml Normal file
View File

@@ -0,0 +1,33 @@
{{- if and .Values.web.enabled .Values.web.autoscaling.enabled }}
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: {{ include "api7ee.fullname" . }}-web
labels:
{{- include "api7ee.labels" . | nindent 4 }}
app.kubernetes.io/component: web
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: {{ include "api7ee.fullname" . }}-web
minReplicas: {{ .Values.web.autoscaling.minReplicas }}
maxReplicas: {{ .Values.web.autoscaling.maxReplicas }}
metrics:
{{- if .Values.web.autoscaling.targetCPUUtilizationPercentage }}
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: {{ .Values.web.autoscaling.targetCPUUtilizationPercentage }}
{{- end }}
{{- if .Values.web.autoscaling.targetMemoryUtilizationPercentage }}
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: {{ .Values.web.autoscaling.targetMemoryUtilizationPercentage }}
{{- end }}
{{- end }}

47
helm/api7ee-demo-k8s/templates/ingress.yaml Normal file
View File

@@ -0,0 +1,47 @@
{{- if .Values.ingress.enabled -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "api7ee.fullname" . }}
labels:
{{- include "api7ee.labels" . | nindent 4 }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.ingress.className }}
ingressClassName: {{ .Values.ingress.className }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
{{- if eq .service "web" }}
name: {{ include "api7ee.fullname" $ }}-web
port:
number: {{ $.Values.web.service.port }}
{{- else if eq .service "api" }}
name: {{ include "api7ee.fullname" $ }}-api
port:
number: {{ $.Values.api.service.port }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

212
helm/api7ee-demo-k8s/templates/job-adc-sync.yaml Normal file
View File

@@ -0,0 +1,212 @@
{{- if .Values.api7.enabled }}
apiVersion: batch/v1
kind: Job
metadata:
name: {{ include "api7ee.fullname" . }}-adc-sync
labels:
{{- include "api7ee.labels" . | nindent 4 }}
app.kubernetes.io/component: adc-sync
annotations:
"helm.sh/hook": post-install,post-upgrade
"helm.sh/hook-weight": "10"
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
spec:
backoffLimit: 3
activeDeadlineSeconds: 300
template:
metadata:
labels:
{{- include "api7ee.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: adc-sync
spec:
restartPolicy: Never
serviceAccountName: {{ include "api7ee.serviceAccountName" . }}
{{- if .Values.api7.tls.certManager.enabled }}
initContainers:
- name: wait-for-certificate
image: busybox:1.35
command:
- sh
- -c
- |
echo "Waiting for TLS certificate to be ready..."
while [ ! -f /etc/ssl/certs/tls.crt ] || [ ! -f /etc/ssl/certs/tls.key ]; do
echo "Certificate not ready, waiting..."
sleep 5
done
echo "Certificate is ready!"
volumeMounts:
- name: tls-certs
mountPath: /etc/ssl/certs
readOnly: true
{{- end }}
containers:
- name: adc-sync
image: {{ .Values.api7.adc.image | default "ghcr.io/api7/adc:latest" }}
imagePullPolicy: {{ .Values.api7.adc.imagePullPolicy | default "IfNotPresent" }}
command:
- /bin/sh
- -c
- |
set -e
echo "Starting API7 ADC configuration sync..."
# Install jq if needed for auto-publish feature
{{- if .Values.api7.autoPublish }}
if ! command -v jq &> /dev/null; then
echo "Installing jq..."
apk add --no-cache jq curl || apt-get update && apt-get install -y jq curl || yum install -y jq curl
fi
{{- end }}
# Wait for API7 Gateway to be ready
echo "Waiting for API7 Gateway to be available..."
MAX_RETRIES=30
RETRY_COUNT=0
while [ $RETRY_COUNT -lt $MAX_RETRIES ]; do
if curl -s -o /dev/null -w "%{http_code}" ${API7_ADMIN_URL}/apisix/admin/routes \
-H "X-API-KEY: ${API7_ADMIN_KEY}" | grep -q "200\|401"; then
echo "API7 Gateway is ready!"
break
fi
echo "API7 Gateway not ready, retrying... ($RETRY_COUNT/$MAX_RETRIES)"
RETRY_COUNT=$((RETRY_COUNT + 1))
sleep 10
done
if [ $RETRY_COUNT -eq $MAX_RETRIES ]; then
echo "ERROR: API7 Gateway not ready after $MAX_RETRIES attempts"
exit 1
fi
{{- if .Values.api7.tls.certManager.enabled }}
# Copy certificates to config directory
cp /etc/ssl/certs/tls.crt /tmp/tls.crt
cp /etc/ssl/certs/tls.key /tmp/tls.key
# Update certificate paths in config
sed -i 's|/etc/ssl/certs/tls.crt|/tmp/tls.crt|g' /config/adc-config.yaml
sed -i 's|/etc/ssl/certs/tls.key|/tmp/tls.key|g' /config/adc-config.yaml
{{- end }}
# Validate configuration
echo "Validating ADC configuration..."
adc validate -f /config/adc-config.yaml || {
echo "ERROR: Configuration validation failed"
cat /config/adc-config.yaml
exit 1
}
# Sync configuration to API7
echo "Syncing configuration to API7 Gateway..."
adc sync -f /config/adc-config.yaml \
--backend {{ .Values.api7.backend | default "api7ee" }} \
--server ${API7_ADMIN_URL} \
--token ${API7_ADMIN_KEY} \
--gateway-group ${API7_GATEWAY_GROUP} \
{{- if .Values.api7.adc.tlsSkipVerify }}
--tls-skip-verify \
{{- end }}
--verbose || {
echo "ERROR: Failed to sync configuration"
exit 1
}
echo "✅ API7 configuration sync completed successfully!"
{{- if .Values.api7.autoPublish }}
# Auto-publish routes
echo "Auto-publishing routes..."
# Get list of services and routes
SERVICES=$(curl -s ${API7_ADMIN_URL}/apisix/admin/services \
-H "X-API-KEY: ${API7_ADMIN_KEY}" | jq -r '.list[].id' || echo "")
for SERVICE_ID in $SERVICES; do
echo "Publishing routes for service: $SERVICE_ID"
# Get routes for this service
ROUTES=$(curl -s ${API7_ADMIN_URL}/apisix/admin/services/${SERVICE_ID}/routes \
-H "X-API-KEY: ${API7_ADMIN_KEY}" | jq -r '.list[].id' || echo "")
for ROUTE_ID in $ROUTES; do
echo "Publishing route: $ROUTE_ID"
curl -X POST ${API7_ADMIN_URL}/apisix/admin/services/${SERVICE_ID}/routes/${ROUTE_ID}/publish \
-H "X-API-KEY: ${API7_ADMIN_KEY}" \
-H "Content-Type: application/json" \
-d "{\"gateway_group_id\": \"${API7_GATEWAY_GROUP}\"}" || {
echo "Warning: Failed to publish route $ROUTE_ID"
}
done
done
echo "✅ Routes published successfully!"
{{- end }}
# Display summary
echo ""
echo "=========================================="
echo "API7 Configuration Summary:"
echo "=========================================="
echo "Gateway URL: ${API7_ADMIN_URL}"
echo "Gateway Group: ${API7_GATEWAY_GROUP}"
echo "Hosts configured:"
{{- range .Values.api7.hosts }}
echo " - {{ . }}"
{{- end }}
{{- if .Values.api7.tls.enabled }}
echo "TLS: Enabled"
{{- end }}
{{- if .Values.api7.serviceDiscovery.enabled }}
echo "Service Discovery: Kubernetes"
{{- end }}
echo "=========================================="
echo ""
echo "Access your application at:"
{{- range .Values.api7.hosts }}
echo " {{ if $.Values.api7.tls.enabled }}https{{ else }}http{{ end }}://{{ . }}"
{{- end }}
env:
- name: ADC_VERBOSE
value: "{{ .Values.api7.adc.verbose | default true }}"
- name: API7_ADMIN_URL
valueFrom:
secretKeyRef:
name: {{ include "api7ee.fullname" . }}-api7-admin
key: admin-url
- name: API7_ADMIN_KEY
valueFrom:
secretKeyRef:
name: {{ include "api7ee.fullname" . }}-api7-admin
key: admin-key
- name: API7_GATEWAY_GROUP
valueFrom:
secretKeyRef:
name: {{ include "api7ee.fullname" . }}-api7-admin
key: gateway-group
volumeMounts:
- name: adc-config
mountPath: /config
readOnly: true
{{- if .Values.api7.tls.certManager.enabled }}
- name: tls-certs
mountPath: /etc/ssl/certs
readOnly: true
{{- end }}
resources:
limits:
cpu: 500m
memory: 256Mi
requests:
cpu: 100m
memory: 128Mi
volumes:
- name: adc-config
configMap:
name: {{ include "api7ee.fullname" . }}-adc-config
{{- if .Values.api7.tls.certManager.enabled }}
- name: tls-certs
secret:
secretName: {{ .Values.api7.tls.secretName | default (printf "%s-tls" (include "api7ee.fullname" .)) }}
{{- end }}
{{- end }}

40
helm/api7ee-demo-k8s/templates/poddisruptionbudget.yaml Normal file
View File

@@ -0,0 +1,40 @@
{{- if .Values.podDisruptionBudget.enabled }}
---
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "api7ee.fullname" . }}-web
labels:
{{- include "api7ee.labels" . | nindent 4 }}
app.kubernetes.io/component: web
spec:
{{- if .Values.podDisruptionBudget.minAvailable }}
minAvailable: {{ .Values.podDisruptionBudget.minAvailable }}
{{- end }}
{{- if .Values.podDisruptionBudget.maxUnavailable }}
maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }}
{{- end }}
selector:
matchLabels:
{{- include "api7ee.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: web
---
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "api7ee.fullname" . }}-api
labels:
{{- include "api7ee.labels" . | nindent 4 }}
app.kubernetes.io/component: api
spec:
{{- if .Values.podDisruptionBudget.minAvailable }}
minAvailable: {{ .Values.podDisruptionBudget.minAvailable }}
{{- end }}
{{- if .Values.podDisruptionBudget.maxUnavailable }}
maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }}
{{- end }}
selector:
matchLabels:
{{- include "api7ee.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: api
{{- end }}

36
helm/api7ee-demo-k8s/templates/rbac-adc.yaml Normal file
View File

@@ -0,0 +1,36 @@
{{- if and .Values.api7.enabled .Values.serviceAccount.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ include "api7ee.fullname" . }}-adc
labels:
{{- include "api7ee.labels" . | nindent 4 }}
rules:
# Allow reading secrets (for certificates)
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "list"]
# Allow reading services and endpoints for service discovery
- apiGroups: [""]
resources: ["services", "endpoints"]
verbs: ["get", "list", "watch"]
# Allow reading pods for health checks
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ include "api7ee.fullname" . }}-adc
labels:
{{- include "api7ee.labels" . | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ include "api7ee.fullname" . }}-adc
subjects:
- kind: ServiceAccount
name: {{ include "api7ee.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- end }}

14
helm/api7ee-demo-k8s/templates/secret-api7.yaml Normal file
View File

@@ -0,0 +1,14 @@
{{- if .Values.api7.enabled }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "api7ee.fullname" . }}-api7-admin
labels:
{{- include "api7ee.labels" . | nindent 4 }}
app.kubernetes.io/component: api7
type: Opaque
stringData:
admin-key: {{ .Values.api7.gateway.adminKey | quote }}
admin-url: {{ .Values.api7.gateway.adminUrl | quote }}
gateway-group: {{ .Values.api7.gateway.group | default "default" | quote }}
{{- end }}

13
helm/api7ee-demo-k8s/templates/secret.yaml Normal file
View File

@@ -0,0 +1,13 @@
{{- if .Values.secrets.create }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "api7ee.fullname" . }}
labels:
{{- include "api7ee.labels" . | nindent 4 }}
type: Opaque
data:
{{- range $key, $val := .Values.secrets.data }}
{{ $key }}: {{ $val | b64enc | quote }}
{{- end }}
{{- end }}

23
helm/api7ee-demo-k8s/templates/service-api.yaml Normal file
View File

@@ -0,0 +1,23 @@
{{- if .Values.api.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "api7ee.fullname" . }}-api
labels:
{{- include "api7ee.labels" . | nindent 4 }}
app.kubernetes.io/component: api
{{- with .Values.api.service.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.api.service.type }}
ports:
- port: {{ .Values.api.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
{{- include "api7ee.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: api
{{- end }}

23
helm/api7ee-demo-k8s/templates/service-web.yaml Normal file
View File

@@ -0,0 +1,23 @@
{{- if .Values.web.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "api7ee.fullname" . }}-web
labels:
{{- include "api7ee.labels" . | nindent 4 }}
app.kubernetes.io/component: web
{{- with .Values.web.service.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.web.service.type }}
ports:
- port: {{ .Values.web.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
{{- include "api7ee.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: web
{{- end }}

12
helm/api7ee-demo-k8s/templates/serviceaccount.yaml Normal file
View File

@@ -0,0 +1,12 @@
{{- if .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "api7ee.serviceAccountName" . }}
labels:
{{- include "api7ee.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}