cscott/amplify-fusion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
Conan Scott
2026-01-21 17:37:42 +11:00
commit bd1ed71ac4
142 changed files with 18994 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
templates/inbound-worker/NOTES.txt Normal file
View File

@@ -0,0 +1,8 @@
Thank you for installing the {{ .Chart.Name }} chart for the Amplify Integration Platform.
Your release is named {{ .Release.Name }}.
To learn more about the release, try:
$ helm status {{ .Release.Name }}
$ helm get all {{ .Release.Name }}

76
templates/inbound-worker/_helpers.tpl Normal file
View File

@@ -0,0 +1,76 @@
{{- define "inbound-worker.name" -}}
{{- default "inbound-worker" .Values.inboundWorker.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "inbound-worker.fullname" -}}
{{- if .Values.inboundWorker.fullnameOverride }}
{{- .Values.inboundWorker.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default "inbound-worker" .Values.inboundWorker.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "inbound-worker.labels" -}}
{{ include "dataplane.labels" . }}
{{ include "inbound-worker.selectorLabels" . }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "inbound-worker.selectorLabels" -}}
app.kubernetes.io/name: {{ include "inbound-worker.name" . }}
app: {{ include "inbound-worker.appName" . }}
dplane: "inbound-worker"
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "inbound-worker.serviceAccountName" -}}
{{- if .Values.inboundWorker.serviceAccount.enabled }}
{{- default (include "inbound-worker.fullname" .) .Values.inboundWorker.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.inboundWorker.serviceAccount.name }}
{{- end }}
{{- end }}
{{/*
Custom templates start here
*/}}
{{- define "inbound-worker.appName" -}}
{{- $name := default "inbound-worker" .Values.inboundWorker.nameOverride -}}
{{- $env := default "inbound-worker" .Values.global.appEnv -}}
{{- printf "%s-%s" $name $env | trunc 63 | trimSuffix "-" -}}
{{- end }}
{{/*
Image name
*/}}
{{- define "image.finalname" -}}
{{- printf "%s/%s:%s" .Values.inboundWorker.image.server "inbound-worker" .Chart.AppVersion }}
{{- end }}
{{/*
Cpu min request
*/}}
{{- define "microserviceChart.minCpuUnits" -}}
"
{{- index .Values.inboundWorker.valuesPerEnvironment.cpuUnits ((pluck .Values.inboundWorker.environment .Values.inboundWorker.environments | first | default .Values.inboundWorker.environments.sandbox) | int) -}}
m"
{{- end }}

80
templates/inbound-worker/calico.netpol.yaml Normal file
View File

@@ -0,0 +1,80 @@
{{- if .Values.inboundWorker.calicoNetpol.enabled }}
apiVersion: projectcalico.org/v3
kind: NetworkPolicy
metadata:
name: {{ template "inbound-worker.appName" .}}
namespace: {{ .Release.Namespace }}
spec:
order: 10
selector: dplane == 'inbound-worker'
types:
- Ingress
- Egress
ingress:
### traffic from inbound-worker & orchestrator,ingress###
- action: Allow
protocol: TCP
source:
selector: dplane == 'orchestrator' || dplane == 'inbound-worker' || dplane == 'envoy'
namespaceSelector: projectcalico.org/name == '{{ .Release.Namespace }}'
destination:
ports:
{{- range .Values.inboundWorker.service.ports}}
- {{ .targetPort }}
{{- end}}
egress:
# allow to communicate to DNS pods
- action: Allow
protocol: UDP
destination:
namespaceSelector: projectcalico.org/name == 'kube-system'
ports:
- 53
- action: Allow
protocol: TCP
destination:
namespaceSelector: projectcalico.org/name == 'kube-system'
ports:
- 53
### Traffic to Valkey ###
{{- if .Values.valkey.enabled }}
- action: Allow
protocol: TCP
destination:
{{- if and .Values.valkey.internal.enabled .Values.valkey.internal.calicoNetpol.enabled }}
selector: dplane == 'valkey'
namespaceSelector: projectcalico.org/name == '{{ .Release.Namespace }}'
{{- else if and .Values.valkey.external.enabled .Values.valkey.external.calicoNetpol.enabled }}
ports:
{{- include "dataplane.collectPorts" (dict "hosts" .Values.valkey.hosts "defaultPort" 6379) | trim | nindent 10 }}
{{- $rule := .Values.valkey.external.calicoNetpol.outboundRule }}
{{- if $rule.nets }}
nets:
{{- range $rule.nets }}
- {{ . }}
{{- end }}
{{- else if $rule.selector }}
selector: {{ $rule.selector }}
{{- else }}
namespaceSelector: projectcalico.org/name == '{{ .Release.Namespace }}'
{{- end }}
{{- end }}
{{- end }}
### traffic to the orchestrator ###
- action: Allow
protocol: TCP
destination:
selector: dplane == 'orchestrator'
namespaceSelector: projectcalico.org/name == '{{ .Release.Namespace }}'
# allow to communicate with k8s api server
- action: Allow
destination:
services:
name: kubernetes
namespace: default
protocol: TCP
### Traffic to the internet ###
- action: Allow
protocol: TCP
destination: {{ toYaml .Values.inboundWorker.calicoNetpol.outboundRule | nindent 8 }}
{{- end }}

85
templates/inbound-worker/configmap-inbound.yaml Normal file
View File

@@ -0,0 +1,85 @@
{{- if eq .Values.common.externalConfigMaps false }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "inbound-worker.appName" . }}
namespace: {{ .Release.Namespace }}
data:
kubernetes_service_name: {{ template "inbound-worker.appName" . }}
environment: "{{ .Values.global.appEnv }}"
domain: "{{ .Values.global.external_domain }}"
JAVA_OPTS: "{{ .Values.inboundWorker.javaOpts }}"
sftp_enable: "{{ .Values.inboundWorker.sftp_enable }}"
http_enable: "{{ .Values.inboundWorker.http_enable }}"
https_enable: "{{ .Values.inboundWorker.https_enable }}"
api_enable: "{{ .Values.inboundWorker.api_enable }}"
api_mtls_enable: "{{ .Values.inboundWorker.api_mtls_enable }}"
enable_legacy_tls: "{{ .Values.inboundWorker.enable_legacy_tls }}"
host_name: "{{ .Values.global.external_domain }}"
mailTriggerInterval: "{{ .Values.inboundWorker.mailTriggerInterval }}"
txn_log_base_path: "{{ .Values.inboundWorker.hostPath.enabled | ternary .Values.inboundWorker.txn_log_base_path .Values.inboundWorker.efs_txn_log_path }}"
{{- if .Values.inboundWorker.hostPath.enabled }}
ebs_root: "{{ .Values.inboundWorker.ebs_root }}"
{{- end }}
{{- if .Values.valkey.enabled }}
datagrid_subscriptions_per_connection: "{{ .Values.inboundWorker.datagrid_subscriptions_per_connection }}"
datagrid_subscription_connection_pool_size: "{{ .Values.inboundWorker.datagrid_subscription_connection_pool_size }}"
{{- end }}
only_reschedule_missed_events_newer_than: "{{ .Values.inboundWorker.only_reschedule_missed_events_newer_than }}"
stale_process_interval: "{{ .Values.inboundWorker.stale_process_interval }}"
QUARKUS_LOG_CONSOLE_LEVEL: "{{ .Values.inboundWorker.QUARKUS_LOG_CONSOLE_LEVEL }}"
TERMINATION_GRACE_PERIOD_SECS: "{{ .Values.inboundWorker.terminationGracePeriodSeconds }}"
QUARKUS_SHUTDOWN_DELAY: "{{ .Values.inboundWorker.preStopSleepSeconds }}"
max_payload_size_kbs: "{{ .Values.inboundWorker.max_payload_size_kbs }}"
heartbeat_time_interval_sec: "{{ .Values.inboundWorker.heartbeat_time_interval_sec }}"
heartbeat_timeout_sec: "{{ .Values.inboundWorker.heartbeat_timeout_sec }}"
leader_lease_duration: "{{ .Values.inboundWorker.leader_lease_duration }}"
leader_lease_renew_period: "{{ .Values.inboundWorker.leader_lease_renew_period }}"
leader_lease_retry_period: "{{ .Values.inboundWorker.leader_lease_retry_period }}"
delegate_inoperative_pod_events_interval_sec: "{{ .Values.inboundWorker.delegate_inoperative_pod_events_interval_sec }}"
http_tls_termination: "{{ .Values.inboundWorker.http_tls_termination }}"
{{- if eq .Values.inboundWorker.aws.enabled true }}
Access_Key: {{ .Values.inboundWorker.aws.Access_Key }}
Secret_Key: {{ .Values.inboundWorker.aws.Secret_Key }}
region: {{ .Values.inboundWorker.aws.Region }}
{{- end }}
{{- if regexMatch "^ampint-[0-9.]+_[0-9][0-9][0-9][0-9].*$" .Values.inboundWorker.image.buildTag }}
deployed_version: "{{ regexReplaceAll "^ampint-([0-9.]+)_[0-9][0-9][0-9][0-9].*$" .Values.inboundWorker.image.buildTag "${1}" }}"
{{- else if regexMatch "^([^_]+)_[0-9][0-9][0-9][0-9].*$" .Values.inboundWorker.image.buildTag }}
deployed_version: "{{ regexReplaceAll "^([^_]+)_[0-9][0-9][0-9][0-9].*$" .Values.inboundWorker.image.buildTag "${1}" }}"
{{- else if regexMatch "^(.+)-SNAPSHOT$" .Values.inboundWorker.image.buildTag }}
deployed_version: "{{ regexReplaceAll "^(.+)-SNAPSHOT$" .Values.inboundWorker.image.buildTag "${1}" }}"
{{- else }}
deployed_version: "{{ .Values.inboundWorker.image.buildTag }}"
{{- end }}
multihost_enabled: "{{ .Values.global.multihost.enabled }}"
api_external_host: "{{ .Values.global.multihost.listeners.tls.api.hostPrefix }}.{{ .Values.global.external_domain }}"
api_mtls_external_host: "{{ .Values.global.multihost.listeners.tls.api_mtls.hostPrefix }}.{{ .Values.global.external_domain }}"
http_sse_external_host: "{{ .Values.global.multihost.listeners.tls.api.hostPrefix }}.{{ .Values.global.external_domain }}"
http_external_host: "{{ .Values.global.multihost.listeners.tcp.http.hostPrefix }}.{{ .Values.global.external_domain }}"
https_external_host: "{{ .Values.global.multihost.listeners.tls.https.hostPrefix }}.{{ .Values.global.external_domain }}"
sftp_external_host: "{{ .Values.global.multihost.listeners.ssh.sftp.hostPrefix }}.{{ .Values.global.external_domain }}"
webhook_external_host: "{{ .Values.global.multihost.listeners.tls.webhook.hostPrefix }}.{{ .Values.global.external_domain }}"
sftp_external_port: {{ .Values.global.multihost.enabled | ternary .Values.global.multihost.listeners.ssh.port "9022" | quote }}
https_external_port: {{ .Values.global.multihost.enabled | ternary .Values.global.multihost.listeners.tls.port "9443" | quote }}
http_external_port: {{ .Values.global.multihost.enabled | ternary .Values.global.multihost.listeners.tcp.port "9080" | quote }}
webhook_external_port: {{ .Values.global.multihost.enabled | ternary .Values.global.multihost.listeners.tls.port "443" | quote }}
api_external_port: {{ .Values.global.multihost.enabled | ternary .Values.global.multihost.listeners.tls.port "4443" | quote }}
api_mtls_external_port: {{ .Values.global.multihost.enabled | ternary .Values.global.multihost.listeners.tls.port "5443" | quote }}
http_sse_external_port: {{ .Values.global.multihost.enabled | ternary .Values.global.multihost.listeners.tls.port "4443" | quote }}
sap_enabled: "{{ .Values.inboundWorker.sap_enabled }}"
sap_lib_directory: "{{ .Values.inboundWorker.sap_lib_directory }}"
{{- if not (eq .Values.inboundWorker.salesforce.pubsub_api_url "") }}
EVENT_SALESFORCE_PUBSUB_API_URL: {{ .Values.inboundWorker.salesforce.pubsub_api_url | quote }}
{{- end }}
{{- if not (eq .Values.inboundWorker.salesforce.retry_initial_backoff_duration "") }}
EVENT_SALESFORCE_RETRY_INITIAL_BACKOFF: {{ .Values.inboundWorker.salesforce.retry_initial_backoff_duration | quote }}
{{- end }}
{{- if not (eq .Values.inboundWorker.salesforce.retry_max_backoff_duration "") }}
EVENT_SALESFORCE_RETRY_MAX_BACKOFF: {{ .Values.inboundWorker.salesforce.retry_max_backoff_duration | quote }}
{{- end }}
{{- if not (eq .Values.inboundWorker.salesforce.retry_status_code_list "") }}
EVENT_SALESFORCE_RETRY_GRPC_STATUS_CODES: {{ .Values.inboundWorker.salesforce.retry_status_code_list | quote }}
{{- end }}
{{- end }}

196
templates/inbound-worker/deployment.yaml Normal file
View File

@@ -0,0 +1,196 @@
{{- if .Values.inboundWorker.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ template "inbound-worker.appName" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "inbound-worker.labels" . | nindent 4 }}
spec:
{{- if not .Values.inboundWorker.autoscaling.enabled }}
replicas: {{ .Values.inboundWorker.replicaCount }}
{{- end }}
strategy:
type: {{ .Values.inboundWorker.strategy.type }}
rollingUpdate:
maxSurge: {{ .Values.inboundWorker.strategy.rollingUpdate.maxSurge }}
maxUnavailable: {{ .Values.inboundWorker.strategy.rollingUpdate.maxUnavailable }}
selector:
matchLabels:
{{- include "inbound-worker.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.inboundWorker.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "inbound-worker.selectorLabels" . | nindent 8 }}
spec:
terminationGracePeriodSeconds: {{ .Values.inboundWorker.terminationGracePeriodSeconds }}
{{- with .Values.global.image.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.inboundWorker.serviceAccount.enabled }}
serviceAccountName: {{ include "inbound-worker.serviceAccountName" . }}
{{- end }}
{{- if .Values.inboundWorker.podSecurityContextEnabled }}
securityContext: {{- toYaml .Values.inboundWorker.podSecurityContext | nindent 8 }}
{{- end }}
dnsConfig:
options:
- name: use-vc
initContainers:
- name: {{ .Chart.Name }}-init
securityContext:
{{- toYaml .Values.inboundWorker.securityContext | nindent 12 }}
image: "{{ default .Values.global.image.repository .Values.global.alpinetools.image.repository }}/{{ .Values.global.alpinetools.image.name }}:{{ .Values.global.alpinetools.image.tag }}"
imagePullPolicy: {{ .Values.global.image.pullPolicy }}
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
envFrom:
- configMapRef:
name: configmap-common
volumeMounts:
- name: {{ .Values.global.volumeStorageName }}
mountPath: /efs
command:
- "/bin/sh"
- "-c"
- |
{{- if .Values.valkey.internal.enabled }}
{{ include "dataplane.commonInit" (dict "context" . "buildTag" .Values.inboundWorker.image.buildTag "internal" true "replicas" .Values.valkey.internal.clusterSize) | nindent 14 }}
{{- else if .Values.valkey.external.enabled }}
{{ include "dataplane.commonInit" (dict "context" . "buildTag" .Values.inboundWorker.image.buildTag) | nindent 14 }}
{{- end }}
{{- if .Values.fluentBit.enabled }}
{{ include "dataplane.createLogDirectory" (dict "serviceName" "inbound" "efsRoot" "${efs_root}" "podName" "${POD_NAME}" "additionalPathParam" "inbound") | nindent 14 }}
{{- end }}
{{- with .Values.global.initContainers.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
containers:
- name: {{ template "inbound-worker.appName" . }}
securityContext:
{{- toYaml .Values.inboundWorker.securityContext | nindent 12 }}
image: "{{ default .Values.global.image.repository .Values.inboundWorker.image.repository }}/{{ .Values.inboundWorker.image.name }}:{{ .Values.inboundWorker.image.buildTag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.global.image.pullPolicy }}
envFrom:
- secretRef:
name: {{ .Values.common.clusterDetails.name }}
{{- if .Values.common.email_authentication }}
- secretRef:
name: {{ .Values.common.fromMail.name }}
{{- end }}
{{- if .Values.valkey.enabled }}
- secretRef:
name: {{ .Values.common.datagridCredentials.name }}
{{- end }}
- configMapRef:
name: configmap-common
- configMapRef:
name: {{ template "inbound-worker.appName" . }}
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: local_ip
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: server_truststore_password
valueFrom:
secretKeyRef:
key: password
name: certificate-password
- name: server_cert_password
valueFrom:
secretKeyRef:
key: password
name: certificate-password
- name: sftp_server_cert_password
valueFrom:
secretKeyRef:
key: password
name: certificate-password
{{- with .Values.inboundWorker.env }}
{{- toYaml . | nindent 12 }}
{{- end }}
ports:
- containerPort: 8080
name: internal
- containerPort: 9080
name: openapi
- containerPort: 9443
name: service
- containerPort: 2222
name: ssh
- containerPort: 9090
name: xds
volumeMounts:
- name: {{ .Values.global.volumeStorageName }}
mountPath: /efs
- name: tmpdir
mountPath: /tmp
{{- if .Values.inboundWorker.hostPath.enabled }}
- name: payloads-txn-data
mountPath: "{{ .Values.inboundWorker.ebs_root }}"
- name: txn-log-base-path
mountPath: "{{ .Values.inboundWorker.txn_log_base_path }}"
{{- end }}
- mountPath: "/certificate"
name: cert
- mountPath: "/certificate/{{ .Values.common.certificate.name }}"
subPath: {{ .Values.common.certificate.name }}
name: domain-certificate
resources:
{{- toYaml .Values.inboundWorker.resources | nindent 12 }}
livenessProbe: {{- toYaml .Values.inboundWorker.livenessProbe | nindent 12 }}
startupProbe: {{- toYaml .Values.inboundWorker.startupProbe | nindent 12 }}
readinessProbe: {{- toYaml .Values.inboundWorker.readinessProbe | nindent 12 }}
volumes:
- name: tmpdir
emptyDir: {}
{{- if .Values.inboundWorker.hostPath.enabled }}
- name: payloads-txn-data
hostPath:
path: /local/dx-data/data
type: DirectoryOrCreate
- name: txn-log-base-path
hostPath:
path: /local/dx-data/logs
type: DirectoryOrCreate
{{- end }}
- name: {{ .Values.global.volumeStorageName }}
persistentVolumeClaim:
claimName: {{ .Release.Namespace }}-{{ .Values.global.claimName }}
- name: cert
emptyDir: {}
- name: domain-certificate
secret:
secretName: domain-certificate
items:
- key: {{ .Values.common.certificate.name }}
path: {{ .Values.common.certificate.name }}
{{- with .Values.inboundWorker.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.inboundWorker.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.inboundWorker.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}

33
templates/inbound-worker/hpa.yaml Normal file
View File

@@ -0,0 +1,33 @@
{{- if .Values.inboundWorker.autoscaling.enabled }}
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: {{ template "inbound-worker.appName" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "inbound-worker.labels" . | nindent 4 }}
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: {{ template "inbound-worker.appName" . }}
minReplicas: {{ .Values.inboundWorker.autoscaling.minReplicas }}
maxReplicas: {{ .Values.inboundWorker.autoscaling.maxReplicas }}
metrics:
{{- if .Values.inboundWorker.autoscaling.targetCPUUtilizationPercentage }}
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: {{ .Values.inboundWorker.autoscaling.targetCPUUtilizationPercentage }}
{{- end }}
{{- if .Values.inboundWorker.autoscaling.targetMemoryUtilizationPercentage }}
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: {{ .Values.inboundWorker.autoscaling.targetMemoryUtilizationPercentage }}
{{- end }}
{{- end }}

12
templates/inbound-worker/poddisruptionbudget.yaml Normal file
View File

@@ -0,0 +1,12 @@
{{- if .Values.inboundWorker.podDisruptionBudget.enabled }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ template "inbound-worker.appName" . }}
namespace: {{ .Release.Namespace }}
spec:
minAvailable: {{ .Values.inboundWorker.podDisruptionBudget.minPods }}
selector:
matchLabels:
dplane: {{ .Chart.Name }}
{{- end}}

38
templates/inbound-worker/role.yaml Normal file
View File

@@ -0,0 +1,38 @@
{{- if ( and .Values.inboundWorker.serviceAccount.enabled ( not .Values.inboundWorker.serviceAccount.preexisting ) ) -}}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ template "inbound-worker.name" . }}-role
rules:
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- list
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- create
- get
- update
- delete
- patch
{{- if eq (include "parent.dataplaneMode" . ) "shared" }}
- apiGroups:
- operator.fusion.axway.com
resources:
- orchestrators
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
{{- end }}
{{- end }}

14
templates/inbound-worker/roleBinding.yaml Normal file
View File

@@ -0,0 +1,14 @@
{{- if ( and .Values.inboundWorker.serviceAccount.enabled ( not .Values.inboundWorker.serviceAccount.preexisting ) ) -}}
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ template "inbound-worker.name" . }}-role-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ template "inbound-worker.name" . }}-role
subjects:
- kind: ServiceAccount
name: {{ .Values.inboundWorker.serviceAccount.enabled | ternary .Values.inboundWorker.serviceAccount.name "default" }}
namespace: {{ .Release.Namespace }}
{{- end }}

18
templates/inbound-worker/service.yaml Normal file
View File

@@ -0,0 +1,18 @@
apiVersion: v1
kind: Service
metadata:
name: {{ template "inbound-worker.appName" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "inbound-worker.labels" . | nindent 4 }}
spec:
type: {{ .Values.inboundWorker.service.type }}
selector:
{{- include "inbound-worker.selectorLabels" . | nindent 4 }}
ports:
{{- range $port := .Values.inboundWorker.service.ports }}
- name: {{ $port.name }}
protocol: {{ $port.protocol }}
port: {{ $port.port }}
targetPort: {{ $port.targetPort }}
{{- end }}

21
templates/inbound-worker/service_sftp.yaml Normal file
View File

@@ -0,0 +1,21 @@
{{- if .Values.inboundWorker.sftpService.enabled }}
apiVersion: v1
kind: Service
metadata:
name: sftp-{{ template "inbound-worker.appName" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "inbound-worker.labels" . | nindent 4 }}
spec:
type: {{ .Values.inboundWorker.sftpService.type }}
selector:
{{- include "inbound-worker.selectorLabels" . | nindent 4 }}
ports:
{{- range $port := .Values.inboundWorker.sftpService.ports }}
- name: {{ $port.name }}
protocol: {{ $port.protocol }}
port: {{ $port.port }}
targetPort: {{ $port.targetPort }}
nodePort: {{ $port.nodePort }}
{{- end }}
{{- end }}

13
templates/inbound-worker/serviceaccount.yaml Normal file
View File

@@ -0,0 +1,13 @@
{{- if ( and .Values.inboundWorker.serviceAccount.enabled ( not .Values.inboundWorker.serviceAccount.preexisting ) ) -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "inbound-worker.serviceAccountName" . }}
labels:
{{- include "inbound-worker.labels" . | nindent 4 }}
{{- with .Values.inboundWorker.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
automountServiceAccountToken: {{ .Values.inboundWorker.serviceAccount.automountServiceAccountToken }}
{{- end }}