feat(hydra): add horizontal pod autoscaling

Merge pull request 'Composant "OIDC Test"' (#7 ) from oidc-test-component-2 into develop
Reviewed-on: #7
2023-12-11 16:48:50 +01:00 · 2023-12-11 14:31:37 +01:00 · 2023-12-11 14:29:30 +01:00 · 2023-12-11 13:46:54 +01:00 · 2023-12-11 11:30:50 +01:00 · 2023-12-11 10:47:56 +01:00
13 changed files with 106 additions and 18 deletions
--- a/components/hydra-cnpg-database/kustomization.yaml
+++ b/components/hydra-cnpg-database/kustomization.yaml
@ -29,7 +29,7 @@ vars:
  fieldref:
    fieldpath: metadata.name
-patchesJson6902:
+patches:
 - target:
    group: apps
    version: v1
@ -42,3 +42,9 @@ patchesJson6902:
    kind: Job
    name: hydra-migrate
  path: patches/hydra-migrate-job.yaml
 - target:
    group: batch
    version: v1
    kind: CronJob
    name: hydra-janitor
  path: patches/hydra-janitor-cronjob.yaml
--- a/components/hydra-cnpg-database/patches/hydra-janitor-cronjob.yaml
+++ b/components/hydra-cnpg-database/patches/hydra-janitor-cronjob.yaml
@ -0,0 +1,21 @@
 - op: add
  path: "/spec/jobTemplate/spec/template/spec/containers/0/env/-"
  value:
    name: HYDRA_DATABASE_USER
    valueFrom:
      secretKeyRef:
        name: hydra-postgres-user
        key: username
 - op: add
  path: "/spec/jobTemplate/spec/template/spec/containers/0/env/-"
  value:
    name: HYDRA_DATABASE_PASSWORD
    valueFrom:
      secretKeyRef:
        name: hydra-postgres-user
        key: password
 - op: add
  path: "/spec/jobTemplate/spec/template/spec/containers/0/env/-"
  value:
    name: DSN
    value: "postgres://$(HYDRA_DATABASE_USER):$(HYDRA_DATABASE_PASSWORD)@$(HYDRA_DATABASE_SERVICE_NAME)-rw:5432/hydra?sslmode=disable"
--- a/components/oidc-test/kustomization.yaml
+++ b/components/oidc-test/kustomization.yaml
@ -7,7 +7,7 @@ resources:
  - ./resources/oauth2-client.yaml
 configMapGenerator:
-  - name: oidc-test-env
+  - name: oidc-test
    literals:
      - LOG_LEVEL=0
      - HTTP_ADDRESS=0.0.0.0:8080
--- a/components/oidc-test/resources/deployment.yaml
+++ b/components/oidc-test/resources/deployment.yaml
@ -24,7 +24,7 @@ spec:
          resources: {}
          envFrom:
          - configMapRef:
-              name: oidc-test-env
+              name: oidc-test
          env:
          - name: OIDC_CLIENT_ID
            valueFrom:
--- a/examples/authenticated-app/kustomization.yaml
+++ b/examples/authenticated-app/kustomization.yaml
@ -2,19 +2,12 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - ../../overlays/base
+  - ../../overlays/full
  - ./resources/ingress.yaml
  - ./resources/saml-idp.yaml
  - ./resources/self-signed-issuer.yaml
  - ./resources/port-forwarder.yaml
 components:
  - ../../components/hydra-cnpg-database
  - ../../components/oidc-test
  #- ../../components/hydra-oidc
  - ../../components/hydra-saml
 patchesJson6902:
  - target:
      version: v1
@ -38,7 +31,7 @@ patchesJson6902:
    path: patches/hydra-secret.yaml
  - target:
      version: v1
-      kind: Secret
+      kind: ConfigMap
      name: oidc-test
    path: patches/oidc-test.yaml
  - target:
--- a/examples/authenticated-app/patches/oidc-test-oauth2-client.yaml
+++ b/examples/authenticated-app/patches/oidc-test-oauth2-client.yaml
@ -3,4 +3,4 @@
  value: https://ssokustom/oauth2/callback
 - op: replace
  path: "/spec/postLogoutRedirectUris/0"
-  value: https://ssokustom/oauth2/callback
+  value: https://ssokustom
--- a/examples/authenticated-app/patches/oidc-test.yaml
+++ b/examples/authenticated-app/patches/oidc-test.yaml
@ -1,6 +1,3 @@
 - op: replace
  path: "/data/LOG_LEVEL"
  value: 0
 - op: replace
  path: "/data/OIDC_REDIRECT_URL"
  value: https://ssokustom/oauth2/callback
--- a/kustomization.yaml
+++ b/kustomization.yaml
@ -0,0 +1,5 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
 - ./overlays/base
--- a/overlays/full/kustomization.yaml
+++ b/overlays/full/kustomization.yaml
@ -14,3 +14,4 @@ components:
 - ../../components/hydra-oidc
 - ../../components/hydra-saml
 - ../../components/hydra-sql
 - ../../components/oidc-test
--- a/resources/hydra/kustomization.yaml
+++ b/resources/hydra/kustomization.yaml
@ -9,6 +9,8 @@ resources:
  - ./resources/hydra-serviceaccount.yaml
  - ./resources/hydra-migrate-job.yaml
  - ./resources/hydra-maester
  - ./resources/hydra-janitor-cronjob.yaml
  - ./resources/hydra-hpa.yaml
 secretGenerator:
  - name: hydra-secret
--- a/resources/hydra/resources/hydra-deployment.yaml
+++ b/resources/hydra/resources/hydra-deployment.yaml
@ -55,6 +55,9 @@ spec:
              name: hydra-public
            - containerPort: 4445
              name: hydra-admin
-          resources: {}
+          resources:
            requests:
              cpu: 100m
              memory: 128Mi
      restartPolicy: Always
--- a/resources/hydra/resources/hydra-hpa.yaml
+++ b/resources/hydra/resources/hydra-hpa.yaml
@ -0,0 +1,26 @@
 apiVersion: autoscaling/v2
 kind: HorizontalPodAutoscaler
 metadata:
  name: hydra
  labels:
    io.kompose.service: hydra
 spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: hydra
  minReplicas: 1
  maxReplicas: 3
  metrics:
  - type: Resource
    resource:
      name: memory
      target:
        type: Utilization
        averageUtilization: 80
  - type: Resource
    resource:
      name: cpu
      target:
        type: Utilization
        averageUtilization: 80
--- a/resources/hydra/resources/hydra-janitor-cronjob.yaml
+++ b/resources/hydra/resources/hydra-janitor-cronjob.yaml
@ -0,0 +1,34 @@
 apiVersion: batch/v1
 kind: CronJob
 metadata:
  name: hydra-janitor
  labels:
    app.kubernetes.io/name: hydra-janitor
 spec:
  concurrencyPolicy: Forbid
  schedule: "0 */1 * * *"
  jobTemplate:
    spec:
      template:
        metadata:
          labels:
            app.kubernetes.io/name: hydra-janitor
        spec:
          restartPolicy: OnFailure
          serviceAccountName: hydra-sa
          containers:
            - name: janitor
              image: reg.cadoles.com/proxy_cache/oryd/hydra:v2.0.3
              envFrom:
              - configMapRef:
                  name: hydra-env
              imagePullPolicy: IfNotPresent
              command: ["hydra"]
              env: []
              args:
                - janitor
                - --read-from-env
                - --grants
                - --requests
                - --tokens
              resources: {}
Author	SHA1	Message	Date
Laurent Gourvénec	4cbc6c3972	feat(hydra): add horizontal pod autoscaling	2023-12-11 16:48:50 +01:00
wpetit	8b02e8a875	Merge pull request 'Composant "OIDC Test"' (#7 ) from oidc-test-component-2 into develop Reviewed-on: #7	2023-12-11 14:31:37 +01:00
William Petit	caa180747e	feat: add oidc-test app component	2023-12-11 14:29:30 +01:00
wpetit	4d29851350	Merge pull request 'Ajout de la tâche programmée "janitor" pour Hydra' (#8 ) from hydra-janitor into develop Reviewed-on: #8	2023-12-11 13:46:54 +01:00
William Petit	d88cc2de65	feat(hydra): add janitor cronjob	2023-12-11 11:30:50 +01:00
William Petit	435597f9f1	feat(hydra-dispatcher): update image tag	2023-12-11 10:47:56 +01:00
Matthieu Lamalle	ee2bb1ea45	update hydra-dispatcher probes and image ref	2023-12-11 10:47:56 +01:00
Matthieu Lamalle	63c5d7259c	add probes	2023-12-11 10:47:56 +01:00
Matthieu Lamalle	815917c306	add hydra-sql deployment	2023-12-11 10:47:56 +01:00
Philippe Caseiro	bc6fe46e1c	fix(saml): fixing port name longer than 15c	2023-12-11 10:47:56 +01:00
Philippe Caseiro	1b1cc27916	feat(hydra-sql): adding new hydra login app	2023-12-11 10:47:56 +01:00
Matthieu Lamalle	d37e85000f	set correct tag for hydra-oidc	2023-12-11 10:47:56 +01:00
Matthieu Lamalle	d9570ec8d0	add imagepullpolicy rule	2023-12-11 10:47:56 +01:00
Matthieu Lamalle	d56ae059a3	remove loginapp default app configmap	2023-12-11 10:47:56 +01:00
Matthieu Lamalle	5ec48c8b22	update config default apps filename	2023-12-11 10:47:56 +01:00
Matthieu Lamalle	aaae6e2f20	set default configuration	2023-12-11 10:47:56 +01:00
Matthieu Lamalle	081e854454	correciton config	2023-12-11 10:47:56 +01:00
Matthieu Lamalle	3dba6c0d69	set hydra-oidc side container	2023-12-11 10:47:56 +01:00
Matthieu Lamalle	8c6dc30bde	set hydra-dispatcher side container	2023-12-11 10:47:56 +01:00
Matthieu Lamalle	4ff0f83880	set hydra-dispatcher side container	2023-12-11 10:47:56 +01:00
Matthieu Lamalle	e93bc069d3	set correct path for hydra-dispatcher conf	2023-12-11 10:47:56 +01:00
Matthieu Lamalle	a56089efe5	Utilisation images symfony-containers	2023-12-11 10:47:56 +01:00
wpetit	c4998279d5	Merge pull request 'feat(component): adding hydra-ldap' (#6 ) from f/werther into master Reviewed-on: #6	2023-12-11 10:13:18 +01:00
William Petit	6de80b1d9c	fix(hydra-ldap): update werther secret name references	2023-12-11 10:06:37 +01:00
William Petit	2f3cf60974	fix(hydra-ldap): update werther container port name	2023-12-11 09:56:27 +01:00
William Petit	bf865b02e2	feat(hydra-ldap): rename resources from werther to hydra-ldap	2023-12-11 09:50:33 +01:00
Laurent Gourvénec	063b575117	feat(werther): update image	2023-12-06 15:38:40 +01:00
Laurent Gourvénec	38d3f1c1df	feat(werther): adding a timeout for LDAP connection	2023-12-06 14:40:24 +01:00
Laurent Gourvénec	6acda0553e	feat(component): adding werther	2023-11-29 10:22:33 +01:00