software-engineering/zitadel-k8s-operator
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

divide operators
Some checks failed
Build and Publish / build-release (push) Failing after 26s
Details

Browse Source
This commit is contained in:
HaimKortovich
2026-04-07 13:41:25 -05:00
parent 66f38d90ee
commit da5d944430
179 changed files with 2996 additions and 10163 deletions
Download Patch File Download Diff File Expand all files Collapse all files

173
pkg/builder/deployment_builder.go Normal file
View File

@@ -0,0 +1,173 @@
package builder
import (
"fmt"
zitadelv1alpha1 "gitea.corredorconect.com/software-engineering/zitadel-k8s-operator/api/v1alpha1"
labels "gitea.corredorconect.com/software-engineering/zitadel-k8s-operator/pkg/builder/labels"
metadata "gitea.corredorconect.com/software-engineering/zitadel-k8s-operator/pkg/builder/metadata"
configuration "gitea.corredorconect.com/software-engineering/zitadel-k8s-operator/pkg/configuration"
deployment "gitea.corredorconect.com/software-engineering/zitadel-k8s-operator/pkg/deployment"
"gitea.corredorconect.com/software-engineering/zitadel-k8s-operator/pkg/masterkey"
appsv1 "k8s.io/api/apps/v1"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/types"
"k8s.io/apimachinery/pkg/util/intstr"
"sigs.k8s.io/controller-runtime/pkg/client"
"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
)
func (b *Builder) BuildDeployment(zitadel *zitadelv1alpha1.Cluster, key types.NamespacedName) (*appsv1.Deployment, error) {
replicas := zitadel.Spec.Replicas
objMeta :=
metadata.NewMetadataBuilder(key).
WithZitadel(zitadel).
WithAnnotations(map[string]string{
"reloader.stakater.com/auto": "true",
}).
Build()
selectorLabels :=
labels.NewLabelsBuilder().
WithZitadelSelectorLabels(zitadel).
Build()
podTemplate, err := b.buildDepPodTemplate(zitadel, selectorLabels)
if err != nil {
return nil, fmt.Errorf("error building pod template: %v", err)
}
dep := &appsv1.Deployment{
ObjectMeta: objMeta,
Spec: appsv1.DeploymentSpec{
Replicas: &replicas,
Selector: &metav1.LabelSelector{
MatchLabels: selectorLabels,
},
Template: *podTemplate,
}}
if err := controllerutil.SetControllerReference(zitadel, dep, b.scheme); err != nil {
return nil, fmt.Errorf("error setting controller reference to Deployment: %v", err)
}
return dep, nil
}
func (b *Builder) buildDepPodTemplate(zitadel *zitadelv1alpha1.Cluster, labels map[string]string) (*corev1.PodTemplateSpec, error) {
objMeta :=
metadata.NewMetadataBuilder(client.ObjectKeyFromObject(zitadel)).
WithZitadel(zitadel).
WithLabels(labels).
WithAnnotations(zitadel.Spec.PodAnnotations).
Build()
group := int64(0)
// mode := int32(0444)
return &corev1.PodTemplateSpec{
ObjectMeta: objMeta,
Spec: corev1.PodSpec{
SecurityContext: &corev1.PodSecurityContext{FSGroup: &group},
Containers: *b.buildDepContainers(zitadel),
Volumes: []corev1.Volume{
// {Name: "certs", VolumeSource: corev1.VolumeSource{
// Secret: &corev1.SecretVolumeSource{
// SecretName: zitadel.Spec.RootTLSSecret.Name,
// DefaultMode: &mode,
// },
// }},
{Name: "zitadel-config-yaml", VolumeSource: corev1.VolumeSource{ConfigMap: &corev1.ConfigMapVolumeSource{LocalObjectReference: corev1.LocalObjectReference{Name: configuration.ConfigurationName(zitadel)}}}},
},
},
},
nil
}
func (b *Builder) buildDepContainers(zitadel *zitadelv1alpha1.Cluster) *[]corev1.Container {
readyProbeHandle := corev1.ProbeHandler{
HTTPGet: &corev1.HTTPGetAction{HTTPHeaders: []corev1.HTTPHeader{},
Port: intstr.FromInt(deployment.ZitadelPort),
Scheme: corev1.URISchemeHTTP,
Path: "/debug/ready",
},
}
livenessProbeHandle := corev1.ProbeHandler{
HTTPGet: &corev1.HTTPGetAction{HTTPHeaders: []corev1.HTTPHeader{},
Port: intstr.FromInt(deployment.ZitadelPort),
Scheme: corev1.URISchemeHTTP,
Path: "/debug/healthz",
},
}
return &[]corev1.Container{
{
Name: "zitadel",
Image: zitadel.Spec.Image.Name + ":" + zitadel.Spec.Image.Tag,
Args: []string{
"start",
"--config", "/config/zitadel-config-yaml",
"--masterkeyFromEnv",
},
ImagePullPolicy: corev1.PullIfNotPresent,
Env: []corev1.EnvVar{
{
Name: "ZITADEL_MASTERKEY",
ValueFrom: &corev1.EnvVarSource{SecretKeyRef: &corev1.SecretKeySelector{LocalObjectReference: corev1.LocalObjectReference{Name: masterkey.MasterKeyName(zitadel)}, Key: masterkey.Key}},
},
{
Name: "ZITADEL_DATABASE_POSTGRES_ADMIN_PASSWORD",
ValueFrom: &corev1.EnvVarSource{SecretKeyRef: &corev1.SecretKeySelector{LocalObjectReference: corev1.LocalObjectReference{Name: zitadel.Spec.PostgreSQLClusterRef.Name + "-superuser"}, Key: "password"}},
},
{
Name: "ZITADEL_DATABASE_POSTGRES_USER_PASSWORD",
ValueFrom: &corev1.EnvVarSource{SecretKeyRef: &corev1.SecretKeySelector{LocalObjectReference: corev1.LocalObjectReference{Name: zitadel.Spec.PostgreSQLClusterRef.Name + "-user"}, Key: "password"}},
},
// {
// Name: "ZITADEL_DATABASE_COCKROACH_ADMIN_SSL_ROOTCERT",
// Value: "/certs/ca.crt",
// },
// {
// Name: "ZITADEL_DATABASE_COCKROACH_ADMIN_SSL_CERT",
// Value: "/certs/tls.crt",
// },
// {
// Name: "ZITADEL_DATABASE_COCKROACH_ADMIN_SSL_KEY",
// Value: "/certs/tls.key",
// },
// {
// Name: "ZITADEL_DATABASE_COCKROACH_USER_SSL_ROOTCERT",
// Value: "/certs/ca.crt",
// },
// {
// Name: "ZITADEL_DATABASE_COCKROACH_USER_SSL_CERT",
// Value: "/certs/tls.crt",
// },
// {
// Name: "ZITADEL_DATABASE_COCKROACH_USER_SSL_KEY",
// Value: "/certs/tls.key",
// },
},
Ports: []corev1.ContainerPort{
{Name: deployment.ZitadelName, ContainerPort: deployment.ZitadelPort},
},
LivenessProbe: &corev1.Probe{
ProbeHandler: livenessProbeHandle,
FailureThreshold: 10,
InitialDelaySeconds: 0,
PeriodSeconds: 5,
},
ReadinessProbe: &corev1.Probe{
ProbeHandler: readyProbeHandle,
FailureThreshold: 3,
InitialDelaySeconds: 0,
PeriodSeconds: 5,
},
Resources: zitadel.Spec.Resources,
VolumeMounts: []corev1.VolumeMount{
{Name: "zitadel-config-yaml", MountPath: "/config"},
// {Name: "certs", MountPath: "/certs"},
},
},
}
}