Rename Helm chart to api7ee-demo-k8s
- Changed chart name from api7ee to api7ee-demo-k8s in Chart.yaml
- Renamed helm/api7ee directory to helm/api7ee-demo-k8s
- Updated all references in build.yml workflow
- Updated all references in helm-release.yml workflow
- Updated main README.md with new chart name
- Updated Helm chart README with new chart name
- Verified all old references have been replaced
- Chart packages correctly as api7ee-demo-k8s-{version}.tgz
This commit is contained in:
d.viti
212
helm/api7ee-demo-k8s/templates/job-adc-sync.yaml
Normal file
212
helm/api7ee-demo-k8s/templates/job-adc-sync.yaml
Normal file
@@ -0,0 +1,212 @@
|
||||
{{- if .Values.api7.enabled }}
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
name: {{ include "api7ee.fullname" . }}-adc-sync
|
||||
labels:
|
||||
{{- include "api7ee.labels" . | nindent 4 }}
|
||||
app.kubernetes.io/component: adc-sync
|
||||
annotations:
|
||||
"helm.sh/hook": post-install,post-upgrade
|
||||
"helm.sh/hook-weight": "10"
|
||||
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
|
||||
spec:
|
||||
backoffLimit: 3
|
||||
activeDeadlineSeconds: 300
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
{{- include "api7ee.selectorLabels" . | nindent 8 }}
|
||||
app.kubernetes.io/component: adc-sync
|
||||
spec:
|
||||
restartPolicy: Never
|
||||
serviceAccountName: {{ include "api7ee.serviceAccountName" . }}
|
||||
{{- if .Values.api7.tls.certManager.enabled }}
|
||||
initContainers:
|
||||
- name: wait-for-certificate
|
||||
image: busybox:1.35
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
- |
|
||||
echo "Waiting for TLS certificate to be ready..."
|
||||
while [ ! -f /etc/ssl/certs/tls.crt ] || [ ! -f /etc/ssl/certs/tls.key ]; do
|
||||
echo "Certificate not ready, waiting..."
|
||||
sleep 5
|
||||
done
|
||||
echo "Certificate is ready!"
|
||||
volumeMounts:
|
||||
- name: tls-certs
|
||||
mountPath: /etc/ssl/certs
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: adc-sync
|
||||
image: {{ .Values.api7.adc.image | default "ghcr.io/api7/adc:latest" }}
|
||||
imagePullPolicy: {{ .Values.api7.adc.imagePullPolicy | default "IfNotPresent" }}
|
||||
command:
|
||||
- /bin/sh
|
||||
- -c
|
||||
- |
|
||||
set -e
|
||||
echo "Starting API7 ADC configuration sync..."
|
||||
|
||||
# Install jq if needed for auto-publish feature
|
||||
{{- if .Values.api7.autoPublish }}
|
||||
if ! command -v jq &> /dev/null; then
|
||||
echo "Installing jq..."
|
||||
apk add --no-cache jq curl || apt-get update && apt-get install -y jq curl || yum install -y jq curl
|
||||
fi
|
||||
{{- end }}
|
||||
|
||||
# Wait for API7 Gateway to be ready
|
||||
echo "Waiting for API7 Gateway to be available..."
|
||||
MAX_RETRIES=30
|
||||
RETRY_COUNT=0
|
||||
while [ $RETRY_COUNT -lt $MAX_RETRIES ]; do
|
||||
if curl -s -o /dev/null -w "%{http_code}" ${API7_ADMIN_URL}/apisix/admin/routes \
|
||||
-H "X-API-KEY: ${API7_ADMIN_KEY}" | grep -q "200\|401"; then
|
||||
echo "API7 Gateway is ready!"
|
||||
break
|
||||
fi
|
||||
echo "API7 Gateway not ready, retrying... ($RETRY_COUNT/$MAX_RETRIES)"
|
||||
RETRY_COUNT=$((RETRY_COUNT + 1))
|
||||
sleep 10
|
||||
done
|
||||
|
||||
if [ $RETRY_COUNT -eq $MAX_RETRIES ]; then
|
||||
echo "ERROR: API7 Gateway not ready after $MAX_RETRIES attempts"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
{{- if .Values.api7.tls.certManager.enabled }}
|
||||
# Copy certificates to config directory
|
||||
cp /etc/ssl/certs/tls.crt /tmp/tls.crt
|
||||
cp /etc/ssl/certs/tls.key /tmp/tls.key
|
||||
|
||||
# Update certificate paths in config
|
||||
sed -i 's|/etc/ssl/certs/tls.crt|/tmp/tls.crt|g' /config/adc-config.yaml
|
||||
sed -i 's|/etc/ssl/certs/tls.key|/tmp/tls.key|g' /config/adc-config.yaml
|
||||
{{- end }}
|
||||
|
||||
# Validate configuration
|
||||
echo "Validating ADC configuration..."
|
||||
adc validate -f /config/adc-config.yaml || {
|
||||
echo "ERROR: Configuration validation failed"
|
||||
cat /config/adc-config.yaml
|
||||
exit 1
|
||||
}
|
||||
|
||||
# Sync configuration to API7
|
||||
echo "Syncing configuration to API7 Gateway..."
|
||||
adc sync -f /config/adc-config.yaml \
|
||||
--backend {{ .Values.api7.backend | default "api7ee" }} \
|
||||
--server ${API7_ADMIN_URL} \
|
||||
--token ${API7_ADMIN_KEY} \
|
||||
--gateway-group ${API7_GATEWAY_GROUP} \
|
||||
{{- if .Values.api7.adc.tlsSkipVerify }}
|
||||
--tls-skip-verify \
|
||||
{{- end }}
|
||||
--verbose || {
|
||||
echo "ERROR: Failed to sync configuration"
|
||||
exit 1
|
||||
}
|
||||
|
||||
echo "✅ API7 configuration sync completed successfully!"
|
||||
|
||||
{{- if .Values.api7.autoPublish }}
|
||||
# Auto-publish routes
|
||||
echo "Auto-publishing routes..."
|
||||
|
||||
# Get list of services and routes
|
||||
SERVICES=$(curl -s ${API7_ADMIN_URL}/apisix/admin/services \
|
||||
-H "X-API-KEY: ${API7_ADMIN_KEY}" | jq -r '.list[].id' || echo "")
|
||||
|
||||
for SERVICE_ID in $SERVICES; do
|
||||
echo "Publishing routes for service: $SERVICE_ID"
|
||||
|
||||
# Get routes for this service
|
||||
ROUTES=$(curl -s ${API7_ADMIN_URL}/apisix/admin/services/${SERVICE_ID}/routes \
|
||||
-H "X-API-KEY: ${API7_ADMIN_KEY}" | jq -r '.list[].id' || echo "")
|
||||
|
||||
for ROUTE_ID in $ROUTES; do
|
||||
echo "Publishing route: $ROUTE_ID"
|
||||
curl -X POST ${API7_ADMIN_URL}/apisix/admin/services/${SERVICE_ID}/routes/${ROUTE_ID}/publish \
|
||||
-H "X-API-KEY: ${API7_ADMIN_KEY}" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "{\"gateway_group_id\": \"${API7_GATEWAY_GROUP}\"}" || {
|
||||
echo "Warning: Failed to publish route $ROUTE_ID"
|
||||
}
|
||||
done
|
||||
done
|
||||
|
||||
echo "✅ Routes published successfully!"
|
||||
{{- end }}
|
||||
|
||||
# Display summary
|
||||
echo ""
|
||||
echo "=========================================="
|
||||
echo "API7 Configuration Summary:"
|
||||
echo "=========================================="
|
||||
echo "Gateway URL: ${API7_ADMIN_URL}"
|
||||
echo "Gateway Group: ${API7_GATEWAY_GROUP}"
|
||||
echo "Hosts configured:"
|
||||
{{- range .Values.api7.hosts }}
|
||||
echo " - {{ . }}"
|
||||
{{- end }}
|
||||
{{- if .Values.api7.tls.enabled }}
|
||||
echo "TLS: Enabled"
|
||||
{{- end }}
|
||||
{{- if .Values.api7.serviceDiscovery.enabled }}
|
||||
echo "Service Discovery: Kubernetes"
|
||||
{{- end }}
|
||||
echo "=========================================="
|
||||
echo ""
|
||||
echo "Access your application at:"
|
||||
{{- range .Values.api7.hosts }}
|
||||
echo " {{ if $.Values.api7.tls.enabled }}https{{ else }}http{{ end }}://{{ . }}"
|
||||
{{- end }}
|
||||
env:
|
||||
- name: ADC_VERBOSE
|
||||
value: "{{ .Values.api7.adc.verbose | default true }}"
|
||||
- name: API7_ADMIN_URL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ include "api7ee.fullname" . }}-api7-admin
|
||||
key: admin-url
|
||||
- name: API7_ADMIN_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ include "api7ee.fullname" . }}-api7-admin
|
||||
key: admin-key
|
||||
- name: API7_GATEWAY_GROUP
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ include "api7ee.fullname" . }}-api7-admin
|
||||
key: gateway-group
|
||||
volumeMounts:
|
||||
- name: adc-config
|
||||
mountPath: /config
|
||||
readOnly: true
|
||||
{{- if .Values.api7.tls.certManager.enabled }}
|
||||
- name: tls-certs
|
||||
mountPath: /etc/ssl/certs
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
resources:
|
||||
limits:
|
||||
cpu: 500m
|
||||
memory: 256Mi
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 128Mi
|
||||
volumes:
|
||||
- name: adc-config
|
||||
configMap:
|
||||
name: {{ include "api7ee.fullname" . }}-adc-config
|
||||
{{- if .Values.api7.tls.certManager.enabled }}
|
||||
- name: tls-certs
|
||||
secret:
|
||||
secretName: {{ .Values.api7.tls.secretName | default (printf "%s-tls" (include "api7ee.fullname" .)) }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
Reference in New Issue
Block a user