Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/codacy/chart

Codacy Helm chart and self-hosted infrastructure quickstart
https://github.com/codacy/chart

aks aws azure codacy codacy-chart docs eks helm kubernetes terraform

Last synced: 4 days ago
JSON representation

Codacy Helm chart and self-hosted infrastructure quickstart

Host: GitHub
URL: https://github.com/codacy/chart
Owner: codacy
Created: 2019-10-30T14:21:02.000Z (about 5 years ago)
Default Branch: master
Last Pushed: 2024-06-27T09:13:51.000Z (5 months ago)
Last Synced: 2024-06-27T10:54:39.157Z (5 months ago)
Topics: aks, aws, azure, codacy, codacy-chart, docs, eks, helm, kubernetes, terraform
Language: Makefile
Homepage: https://docs.codacy.com/chart/
Size: 7.13 MB
Stars: 11
Watchers: 14
Forks: 8
Open Issues: 1
Metadata Files:
- Readme: README.md
- Codeowners: .github/CODEOWNERS

Awesome Lists containing this project

README

# Codacy Chart

[![Codacy Badge](https://api.codacy.com/project/badge/Grade/6a38f8edc57d4a6aaaa38e87d76a3520)](https://www.codacy.com/gh/codacy/chart?utm_source=github.com&utm_medium=referral&utm_content=codacy/chart&utm_campaign=Badge_Grade)
[![CircleCI](https://circleci.com/gh/codacy/chart.svg?style=svg)](https://circleci.com/gh/codacy/chart)

With the Codacy chart it is possible to run all Codacy components and
its dependencies with a single command line.

![K8s Love](https://raw.githubusercontent.com/codacy/chart/master/docs/images/k8s-love.png)
[edit image](https://docs.google.com/drawings/d/1kLkRRQLxCK8NkliYls9mv882w4fomI3rVlZNeP8MLP4/edit)

Each service in Codacy has its chart published to our
[charts repository](https://charts.codacy.com/stable/api/charts).

This chart bundles all the components and their dependencies.
For the bundle, we make use of the
[requirements capability](https://helm.sh/docs/chart_best_practices/#requirements-files)
of Helm.

## Disclaimer

Our Docker images are currently private and you will not be
able to run the chart by yourself without the necessary Docker credentials.
If you are interested in trying out Codacy contact our support at [email protected].

## Charts

Documentation on a per-chart basis is listed here.
Some of these repositories are private and accessible to Codacy engineers only.

![Helm Chart Structure](https://raw.githubusercontent.com/codacy/chart/master/docs/images/charts.png)
[edit image](https://docs.google.com/drawings/d/1o7z3L8XnnNjHBOTWKHiIYUkBP3DDiogdUyxNdUfzyfY/edit)

- [MinIO](https://github.com/minio/charts/tree/master)
- [RabbitMQ-HA](https://github.com/helm/charts/tree/master/stable/rabbitmq-ha)
- [PostgreSQL](https://github.com/bitnami/charts/tree/master/bitnami/postgresql)
- [kube-fluentd-operator](https://github.com/codacy/kube-fluentd-operator)
- Codacy/[Website](https://github.com/codacy/codacy-website/tree/master/.helm/)
- Codacy/[API](https://github.com/codacy/codacy-website/tree/master/.helm/)
- Codacy/[Ragnaros](https://github.com/codacy/ragnaros/tree/master/.helm/)
- Codacy/[Repository Listener](https://github.com/codacy/repository-listener/tree/master/.helm/)
- Codacy/[Portal](https://github.com/codacy/portal/src/master/.helm/)
- Codacy/[Worker Manager](https://github.com/codacy/worker-manager/tree/master/.helm/)
- Codacy/[Engine](https://github.com/codacy/codacy-worker/tree/master/.helm/)
- Codacy/[Remote Provider Service](https://github.com/codacy/remote-provider-service/tree/master/.helm/)
- Codacy/[SPA](https://github.com/codacy/codacy-spa/tree/dev/.helm/codacy-spa/)

## Configuration

The following table lists the configurable parameters of the Codacy chart and their default values.

Global parameters apply to all sub-charts and make it easier to configure resources across different components.

| Parameter
| ----------------------------------
| `global.codacy.url`
| `global.codacy.backendUrl`
| `global.codacy.crow.url`
| `global.play.cryptoSecret`
| `global.akka.sessionSecret`
| `global.filestore.contentsSecret`
| `global.filestore.uuidSecret`
| `global.cacheSecret`
| `global.minio.create`
| `global.rabbitmq.create`
| `global.rabbitmq.rabbitmqUsername`
| `global.rabbitmq.rabbitmqPassword`
| `global.defaultdb.postgresqlUsername`
| `global.defaultdb.postgresqlDatabase`
| `global.defaultdb.postgresqlPassword`
| `global.defaultdb.host`
| `global.defaultdb.service.port`
| `global.analysisdb.postgresqlUsername`
| `global.analysisdb.postgresqlDatabase`
| `global.analysisdb.postgresqlPassword`
| `global.analysisdb.host`
| `global.analysisdb.service.port`
| `global.resultsdb.postgresqlUsername`
| `global.resultsdb.postgresqlDatabase`
| `global.resultsdb.postgresqlPassword`
| `global.resultsdb.host`
| `global.resultsdb.service.port`
| `global.metricsdb.postgresqlUsername`
| `global.metricsdb.postgresqlDatabase`
| `global.metricsdb.postgresqlPassword`
| `global.metricsdb.host`
| `global.metricsdb.service.port`
| `global.filestoredb.postgresqlUsername`
| `global.filestoredb.postgresqlDatabase`
| `global.filestoredb.postgresqlPassword`
| `global.filestoredb.host`
| `global.filestoredb.service.port`
| `global.jobsdb.postgresqlUsername`
| `global.jobsdb.postgresqlDatabase`
| `global.jobsdb.postgresqlPassword`
| `global.jobsdb.host`
| `global.jobsdb.service.port`
| `global.crowdb.postgresqlUsername`
| `global.crowdb.postgresqlDatabase`
| `global.crowdb.postgresqlPassword`
| `global.crowdb.host`
| `global.crowdb.service.port`
| `global.github.enabled`
| `global.github.login`
| `global.github.app.name`
| `global.github.app.id`
| `global.github.app.privateKey`
| `global.github.clientId`
| `global.github.clientSecret`
| `global.githubEnterprise.enabled`
| `global.githubEnterprise.login`
| `global.githubEnterprise.hostname`
| `global.githubEnterprise.protocol`
| `global.githubEnterprise.port`
| `global.githubEnterprise.isPrivateMode`
| `global.githubEnterprise.disableSSL`
| `global.githubEnterprise.app.name`
| `global.githubEnterprise.app.id`
| `global.githubEnterprise.app.privateKey`
| `global.gitlab.enabled`
| `global.gitlab.login`
| `global.gitlab.clientId`
| `global.gitlab.clientSecret`
| `global.gitlabEnterprise.enabled`
| `global.gitlabEnterprise.login`
| `global.gitlabEnterprise.hostname`
| `global.gitlabEnterprise.protocol`
| `global.gitlabEnterprise.port`
| `global.gitlabEnterprise.clientId`
| `global.gitlabEnterprise.clientSecret`
| `global.bitbucket.enabled`
| `global.bitbucket.login`
| `global.bitbucket.key`
| `global.bitbucket.secret`
| `global.bitbucketEnterprise.enabled`
| `global.bitbucketEnterprise.login`
| `global.bitbucketEnterprise.hostname`
| `global.bitbucketEnterprise.protocol`
| `global.bitbucketEnterprise.port`
| `global.bitbucketEnterprise.consumerKey`
| `global.bitbucketEnterprise.consumerPublicKey`
| `global.bitbucketEnterprise.consumerPrivateKey`
| `global.features.cloneSubmodules`
| `global.workerManager.workers.conf
| `global.workerManager.workers.conf
| `global.workerManager.workers.conf
| `global.workers.config.dedicatedMax`
| `global.workers.config.inactivityTimeout`
| `global.git.branchListTimeoutSeconds`
| `global.codacy.portal.pullRequestL
| `global.codacy.license`
| `global.listenerdb.postgresqlUsername`
| `global.listenerdb.postgresqlDatabase`
| `global.listenerdb.postgresqlPassword`
| `global.listenerdb.host`
| `global.listenerdb.service.port`
| `global.crow.passwordAuth.enable`
| `global.crow.passwordAuth.username`
| `global.crow.passwordAuth.password`
| `global.metrics.serviceMonitor.enabled`
| `global.metrics.grafana.enabled` | Description | Default | ------------------------------ | ------------------------------------------------------------------------------------------------------------ | -------------------------------------------- | | Hostname to your Codacy installation | `nil` | | Hostname to your Codacy installation | `nil` | | Hostname to Crow within your Codacy installation | `nil` | | Secrets used internally for encryption. Generate one with \`openssl rand -base64 128 \| tr -dc 'a-zA-Z0-9'\` | `nil` | | Secrets used internally for encryption. Generate one with \`openssl rand -base64 128 \| tr -dc 'a-zA-Z0-9'\` | `nil` | | Secrets used internally for encryption. Generate one with \`openssl rand -base64 128 \| tr -dc 'a-zA-Z0-9'\` | `nil` | | Secrets used internally for encryption. Generate one with \`openssl rand -base64 128 \| tr -dc 'a-zA-Z0-9'\` | `nil` | | Secrets used internally for encryption. Generate one with \`openssl rand -base64 128 \| tr -dc 'a-zA-Z0-9'\` | `nil` | | Create minio internally | `nil` | | Create rabbitmq internally | `nil` | | Username for rabbitmq. If you are using the bundled version, change the `rabbitmq-ha.rabbitmqUsername` also. | `nil` | | Password for rabbitmq. If you are using the bundled version, change the `rabbitmq-ha.rabbitmqPassword` also. | `nil` | | Username of the Postgresql server | `codacy` | | Database name of the Postgresql server | `default` | | Hostname of the Postgresql server | `nil` | | Hostname of the Postgresql server | `nil` | | Port of the Postgresql server | `5432` | | Username of the Postgresql server | `codacy` | | Database name of the Postgresql server | `analysis` | | Hostname of the Postgresql server | `nil` | | Hostname of the Postgresql server | `nil` | | Port of the Postgresql server | `5432` | | Username of the Postgresql server | `codacy` | | Database name of the Postgresql server | `results201709` | | Hostname of the Postgresql server | `nil` | | Hostname of the Postgresql server | `nil` | | Port of the Postgresql server | `5432` | | Username of the Postgresql server | `codacy` | | Database name of the Postgresql server | `metrics` | | Hostname of the Postgresql server | `nil` | | Hostname of the Postgresql server | `nil` | | Port of the Postgresql server | `5432` | | Username of the Postgresql server | `codacy` | | Database name of the Postgresql server | `filestore` | | Hostname of the Postgresql server | `nil` | | Hostname of the Postgresql server | `nil` | | Port of the Postgresql server | `5432` | | Username of the Postgresql server | `codacy` | | Database name of the Postgresql server | `jobs` | | Hostname of the Postgresql server | `nil` | | Hostname of the Postgresql server | `nil` | | Port of the Postgresql server | `5432` | | Username of the Postgresql server | `codacy` | | Database name of the Postgresql server | `crow` | | Hostname of the Postgresql server | `nil` | | Hostname of the Postgresql server | `nil` | | Port of the Postgresql server | `5432` | | Enable GitHub | `nil` | | Show login for GitHub | `nil` | | The name of the GitHub app to integrate with. Only required if you use the GitHub integration. | `nil` | | App id used in Codacy to integrate with GitHub Apps | `nil` | | Private key generated after the GitHub App's creation | `nil` | | Client id generated when creating the GitHub App | `nil` | | Client secret generated when creating the GitHub App | `nil` | | Enable GitHub Enterprise | `nil` | | Show login for GitHub Enterprise | `nil` | | Hostname of GitHub Enterprise instance | `nil` | | Protocol of GitHub Enterprise instance | `nil` | | Port of GitHub Enterprise instance | `nil` | | Status of private mode on GitHub Enterprise instance | `nil` | | Disable certificate validation on interaction with GitHub Enterprise instance | `nil` | | The name of the GitHub app to integrate with. Only required if you use the GitHub Enterprise integration. | `nil` | | App id used in Codacy to integrate with GitHub Apps in GitHub Enterprise | `nil` | | Private key generated after the GitHub App's creation in GitHub Enterprise | `nil` | | Enable GitLab | `nil` | | Show login for GitLab | `nil` | | Client id generated when creating the GitLab App | `nil` | | Client secret generated when creating the GitLab App | `nil` | | Enable GitLab Enterprise | `nil` | | Show login for GitLab Enterprise | `nil` | | Hostname of GitLab Enterprise instance | `nil` | | Protocol of GitLab Enterprise instance | `nil` | | Port of GitLab Enterprise instance | `nil` | | Client id generated when creating the GitLab App | `nil` | | Client secret generated when creating the GitLab App | `nil` | | Enable Bitbucket | `nil` | | Show login for Bitbucket | `nil` | | Bitbucket key used for OAuth | `nil` | | Bitbucket secret used for OAuth | `nil` | | Enable Bitbucket Enterprise | `nil` | | Show login for Bitbucket Enterprise | `nil` | | Hostname of Bitbucket Enterprise instance | `nil` | | Protocol of Bitbucket Enterprise instance | `nil` | | Port of Bitbucket Enterprise instance | `nil` | | Codacy app name to be identified on Bitbucket Enterprise instance | `nil` | | Public key to be set on Bitbucket Enterprise instance | `nil` | | Private key to sign requests made to the bitbucketEnteprise instance | `nil` | | Enable sharing of configuration files for the analysis tools placed on git submodules | `false` | ig.analysis.maxFileSizeBytes` | Analysis max file size in bytes | `150000` | ig.analysis.pluginTimeout.min` | Minimum plugin timeout value in seconds | `300` | ig.analysis.pluginTimeout.max` | Maximum plugin timeout value in seconds | `900` | | Number of concurrent worker pod instances | `5` | | Inactivity timeout for a worker | `30` | | Timeout in seconds for listing branches in git | `30` | istTimeoutSeconds` | Timeout in seconds for listing pull requests from a git provider | `30` | | Codacy license for your installation | `nil` | | Username of the Postgresql server | `codacy` | | Database name of the Postgresql server | `listener` | | Hostname of the Postgresql server | `PLEASE_CHANGE_ME` | | Hostname of the Postgresql server | `codacy-listenerdb.codacy.svc.cluster.local` | | Port of the Postgresql server | `5432` | | Enable password authentication on crow | `true` | | Crow login username | `codacy` | | Crow login password | `PLEASE_CHANGE_ME` | | Enable instantiation of ServiceMonitors for prometheus metric scraping | `false` | | Enable grafana metrics. | `false` |

The following parameters are specific to each Codacy component.

| Parameter | Description | Default |
| ------------------------------------------------------- | -------------------------------------------------------------------------- | ---------------- |
| `portal.replicaCount` | Number of replicas | `1` |
| `portal.image.repository` | Image repository | from dependency |
| `portal.image.tag` | Image tag | from dependency |
| `portal.service.type` | Portal service type | `ClusterIP` |
| `portal.service.annotations` | Annotations to be added to the Portal service | `{}` |
| `remote-provider-service.replicaCount` | Number of replicas | `1` |
| `remote-provider-service.image.repository` | Image repository | from dependency |
| `remote-provider-service.image.tag` | Image tag | from dependency |
| `remote-provider-service.service.type` | Remote Provider service type | `ClusterIP` |
| `remote-provider-service.service.annotations` | Annotations to be added to the Remote Provider service | `{}` |
| `listener.replicaCount` | Number of replicas | `1` |
| `listener.image.repository` | Image repository | from dependency |
| `listener.image.tag` | Image tag | from dependency |
| `listener.service.type` | Service type | `ClusterIP` |
| `listener.service.annotations` | Annotations to be added to the service | `{}` |
| `listener.persistence.claim.size` | Each pod mounts and NFS disk and claims this size. | `100Gi` |
| `listener.nfsserverprovisioner.enabled` | Creates an NFS server and a storage class to mount volumes in that server. | `true` |
| `listener.nfsserverprovisioner.persistence.enabled` | Creates an NFS provisioner | `true` |
| `listener.nfsserverprovisioner.persistence.size` | Size of the NFS server disk | `120Gi` |
| `listener.cacheCleanup.olderThanDays` | Data retention policy in days | `30` |
| `listener.cache.name` | External NFS volume name | `listener-cache` |
| `listener.cache.path` | External NFS volume mount path | `/data` |
| `listener.cache.nfs.server` | IP address of external NFS server | `0.0.0.0` |
| `listener.cache.nfs.path` | External NFS server directory or file system to be mounted | `/` |
| `engine.replicaCount` | Number of replicas | `1` |
| `engine.image.repository` | Image repository | from dependency |
| `engine.image.tag` | Image tag | from dependency |
| `engine.service.type` | Service type | `ClusterIP` |
| `engine.service.annotations` | Annotations to be added to the service | `{}` |
| `engine.metrics.serviceMonitor.enabled` | Create the ServiceMonitor resource type to be read by prometheus operator. | `false` |
| `codacy-api.image.repository` | Image repository | from dependency |
| `codacy-api.image.tag` | Image tag | from dependency |
| `codacy-api.service.type` | Service type | `ClusterIP` |
| `codacy-api.service.annotations` | Annotations to be added to the service | `{}` |
| `codacy-api.metrics.serviceMonitor.enabled` | Create the ServiceMonitor resource type to be read by prometheus operator. | `false` |
| `crow.replicaCount` | Number of replicas | `1` |
| `crow.image.repository` | Image repository | from dependency |
| `crow.image.tag` | Image tag | from dependency |
| `codacy-spa.replicaCount` | Number of replicas | `1` |
| `codacy-spa.image.repository` | Image repository | from dependency |
| `codacy-spa.image.tag` | Image tag | from dependency |
| `codacy-spa.service.type` | SPA service type | `ClusterIP` |
| `codacy-spa.service.annotations` | Annotations to be added to the SPA service | `{}` |
| `codacy-spa.config.codacy.pagination.repositoriesLimit` | Amount of repositories to fetch on each page | `100` |

The following parameters refer to components that are not internal to Codacy, but go as part of this bundle so that you can bootstrap Codacy faster.

| Parameter | Description | Default |
| ---------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ----------------- |
| `fluentdoperator.enable` | Enable fluentd operator. It gathers logs from Codacy so that you can send it to our support if needed. | `true` |
| `fluentdoperator.expirationDays` | Number of days to retain logs. More time uses more disk on minio and retention over 7 days is not recommended. | `7` |
| `fluentdoperator.flushTimeout` | Maximum time until Fluentd stops retrying to flush the logs. Values must be expressed using a unit, e.g. `10s`, `5h`. | `1h` |
| `rabbitmq-ha.rabbitmqUsername` | Username for the bundled RabbitMQ. | `rabbitmq-codacy` |
| `rabbitmq-ha.rabbitmqPassword` | Password for the bundled RabbitMQ. | `rabbitmq-codacy` |
| `rabbitmq-ha.rabbitmqErlangCookie` | The rabbitmq Erlang cookie RabbitMQ. | `nil` |

You can also configure values for the PostgreSQL database via the Postgresql [README.md](https://github.com/kubernetes/charts/blob/master/stable/postgresql/README.md)

For overriding variables see: [Customizing the chart](https://docs.helm.sh/using_helm/#customizing-the-chart-before-installing)

## Development

These are some relevant processes we follow when adding/editing something
in this repo.

### Development Installations

Currently, we have these set of installations done through `circleci`.
All of them serve different purposes.

| Installation | Cluster | Namespace | Purpose | Url |
| ------------ | ------------------- | -------------- | -------------------------------------------------------------------------------------------------------------------------- | ----------------------------------- |
| Dev | codacy-doks-cluster | codacy-dev | Updated automatically on each component pipeline. Rolling release of [unstable](https://charts.codacy.com/unstable/api) | |
| Sandbox | codacy-doks-cluster | codacy-sandbox | Used for development. Manually updated. Check out [this](#deploy-your-version-of-a-component) process on how to update it. | |
| Release | codacy-doks-cluster | codacy-release | Used for releases. Updated when the process on the [RELEASE.md](./RELEASE.md) is triggered. | |

### Set up your environment for DigitalOcean clusters

#### 1. Requirements

Using a DOKS cluster has the following requirements:

- [doctl](https://github.com/digitalocean/doctl)
- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/)

On macOS you can install all these tools with brew:

```bash
$ brew install doctl kubectl
```

#### 2. Configuring the DigitalOcean cli

To configure the cli create a [personal access token](https://www.digitalocean.com/docs/api/create-personal-access-token/), then run:

```bash
$ doctl auth init
```

#### 3. Setup your kubecontext for the target

Replace the `` with the name of your target cluster.

```bash
$ doctl kubernetes cluster kubeconfig save --set-current-context
```

### Deploy your version of a component

You can deploy your version of a component using any of the `.circleci`
pipelines we have set up in this project. Currently, we use the `hourly_pipeline`
for this purpose.

1. Checkout this repository
2. Create a new branch with a name like `sandbox/....`
3. Change the `requirements-dev.yaml` to use your custom versions.
4. `git push` of your branch
5. Follow the circleci pipeline and use kubectl to see if your installation was successful
6. Go to and test it out

### Add a new component

To add a new component on this chart, you need to:

1. Change the `requirements.yaml`
2. use the `helm dep up codacy/` command to update the `requirements.lock`
3. `git push`

### Installing a custom Codacy version

To install a custom Codacy version:

```bash
sudo git clone git://github.com/codacy/chart -b
helm dep build ./chart/codacy
helm upgrade --install codacy ./chart/codacy/ --namespace codacy --atomic --timeout=300 --values ./
```

To upgrade a custom Codacy version:

```bash
(cd chart; sudo git fetch --all --prune --tags; sudo git reset --hard origin/;)
helm dep build ./chart/codacy
helm upgrade --install codacy ./chart/codacy/ --namespace codacy --atomic --timeout=300 --values ./
```