software-engineering/zitadel-k8s-operator
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

divide operators
Some checks failed
Build and Publish / build-release (push) Failing after 26s
Details

Browse Source
This commit is contained in:
HaimKortovich
2026-04-07 13:41:25 -05:00
parent 66f38d90ee
commit da5d944430
179 changed files with 2996 additions and 10163 deletions
Download Patch File Download Diff File Expand all files Collapse all files

120
pkg/builder/login_deployment_builder.go Normal file
View File

@@ -0,0 +1,120 @@
package builder
import (
"fmt"
zitadelv1alpha1 "gitea.corredorconect.com/software-engineering/zitadel-k8s-operator/api/v1alpha1"
labels "gitea.corredorconect.com/software-engineering/zitadel-k8s-operator/pkg/builder/labels"
metadata "gitea.corredorconect.com/software-engineering/zitadel-k8s-operator/pkg/builder/metadata"
deployment "gitea.corredorconect.com/software-engineering/zitadel-k8s-operator/pkg/deployment"
appsv1 "k8s.io/api/apps/v1"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/types"
"k8s.io/apimachinery/pkg/util/intstr"
"sigs.k8s.io/controller-runtime/pkg/client"
"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
)
func (b *Builder) BuildLoginDeployment(cluster *zitadelv1alpha1.Cluster, instance *zitadelv1alpha1.Instance, customDomain string, key types.NamespacedName) (*appsv1.Deployment, error) {
replicas := int32(1)
tag := cluster.Spec.Image.Tag
if instance.Spec.LoginUI.Image.Tag != nil {
tag = *instance.Spec.LoginUI.Image.Tag
}
objMeta :=
metadata.NewMetadataBuilder(key).
WithAnnotations(map[string]string{
"reloader.stakater.com/auto": "true",
}).
Build()
selectorLabels :=
labels.NewLabelsBuilder().
WithLoginUISelectorLabels(instance).
Build()
templateObjMeta :=
metadata.NewMetadataBuilder(client.ObjectKeyFromObject(instance)).
WithLabels(selectorLabels).
Build()
dep := &appsv1.Deployment{
ObjectMeta: objMeta,
Spec: appsv1.DeploymentSpec{
Replicas: &replicas,
Selector: &metav1.LabelSelector{
MatchLabels: selectorLabels,
},
Template: corev1.PodTemplateSpec{
ObjectMeta: templateObjMeta,
Spec: corev1.PodSpec{
// SecurityContext: &corev1.PodSecurityContext{FSGroup: &group},
Containers: []corev1.Container{
corev1.Container{
Name: "login-ui",
Image: instance.Spec.LoginUI.Image.Name + ":" + tag,
ImagePullPolicy: corev1.PullIfNotPresent,
Env: []corev1.EnvVar{
{
Name: "ZITADEL_SERVICE_USER_TOKEN_FILE",
Value: "/login-client/pat",
},
{
Name: "ZITADEL_API_URL",
Value: fmt.Sprintf("http://%s:%d", deployment.ServiceFQDN(cluster.ObjectMeta), deployment.ZitadelPort),
},
{
Name: "CUSTOM_REQUEST_HEADERS",
Value: fmt.Sprintf("Host:%s,X-Zitadel-Public-Host:%s", customDomain, customDomain),
},
},
Ports: []corev1.ContainerPort{
{Name: deployment.LoginName, ContainerPort: deployment.LoginPort},
},
LivenessProbe: &corev1.Probe{
ProbeHandler: corev1.ProbeHandler{
HTTPGet: &corev1.HTTPGetAction{
Path: "/ui/v2/login/healthy",
Port: intstr.FromString(deployment.LoginName),
Scheme: corev1.URISchemeHTTP,
},
},
FailureThreshold: 3,
InitialDelaySeconds: 0,
PeriodSeconds: 5,
},
ReadinessProbe: &corev1.Probe{
ProbeHandler: corev1.ProbeHandler{
HTTPGet: &corev1.HTTPGetAction{
Path: "/ui/v2/login/security",
Port: intstr.FromString(deployment.LoginName),
Scheme: corev1.URISchemeHTTP,
},
},
FailureThreshold: 3,
InitialDelaySeconds: 0,
PeriodSeconds: 5,
},
Resources: instance.Spec.LoginUI.Resources,
VolumeMounts: []corev1.VolumeMount{
{Name: "login-ui-pat", MountPath: "/login-client"},
},
},
},
Volumes: []corev1.Volume{
{Name: "login-ui-pat", VolumeSource: corev1.VolumeSource{Secret: &corev1.SecretVolumeSource{
SecretName: instance.LoginMachineUserName() + "-pat-secret",
}}},
},
},
},
}}
if err := controllerutil.SetControllerReference(instance, dep, b.scheme); err != nil {
return nil, fmt.Errorf("error setting controller reference to Deployment: %v", err)
}
return dep, nil
}