Enterprise split reports api (#188)

* move reports service to seperate deployment
* use enterprise prefix for helper templates
* add rbacAuth container back to api pod
* make reports-worker fullname match values key for the service
* update unit tests
* bump chart version
* fix reports worker descriptions & alphabetize the top level keys

---------

Signed-off-by: Brady Todhunter <[email protected]>

stable/enterprise/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v2
 name: enterprise
-version: "2.3.0"
+version: "2.3.1"
 appVersion: "5.2.0"
 kubeVersion: 1.23.x - 1.28.x || 1.23.x-x - 1.28.x-x
 description: |

stable/enterprise/templates/_common.tpl

@@ -90,11 +90,7 @@ When calling this template, .component can be included in the context for compon
 {{ toYaml . }}
   {{- end }}
 - name: ANCHORE_ENDPOINT_HOSTNAME
-  {{- if and (eq $component "reports") (eq .api "true") }}
-  value: {{ template "enterprise.api.fullname" . }}
-  {{- else }}
   value: {{ include (printf "enterprise.%s.fullname" $component) . }}
-  {{- end }}
   {{- with (index .Values (print $component)).service }}
 - name: ANCHORE_PORT
   value: {{ .port | quote }}

stable/enterprise/templates/_helpers.tpl

@@ -148,7 +148,7 @@ Return the database user for the Anchore Enterprise UI config
 {{/*
 Set the nodePort for services if its defined
 */}}
-{{- define "service.nodePort" -}}
+{{- define "enterprise.service.nodePort" -}}
 {{- $component := .component -}}
 {{- if (index .Values (print $component)).service.nodePort -}}
 nodePort: {{ (index .Values (print $component)).service.nodePort }}

stable/enterprise/templates/_names.tpl

@@ -52,6 +52,11 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this
 {{- printf "%s-%s-%s" .Release.Name $name "reports"| trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 
+{{- define "enterprise.reportsWorker.fullname" -}}
+{{- $name := default .Chart.Name .Values.global.nameOverride -}}
+{{- printf "%s-%s-%s" .Release.Name $name "reportsworker"| trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
 {{- define "enterprise.simpleQueue.fullname" -}}
 {{- $name := default .Chart.Name .Values.global.nameOverride -}}
 {{- printf "%s-%s-%s" .Release.Name $name "simplequeue"| trunc 63 | trimSuffix "-" -}}

stable/enterprise/templates/api_deployment.yaml

@@ -71,28 +71,6 @@ spec:
         {{- with .Values.api.resources }}
           resources: {{- toYaml . | nindent 12 }}
         {{- end }}
-
-        - name: "{{ .Chart.Name }}-reports-api"
-          image: {{ .Values.image }}
-          imagePullPolicy: {{ .Values.imagePullPolicy }}
-        {{- with .Values.containerSecurityContext }}
-          securityContext:
-            {{ toYaml . | nindent 12 }}
-        {{- end }}
-          command: ["/bin/sh", "-c"]
-          args:
-            - {{ print (include "enterprise.common.dockerEntrypoint" .) }} reports
-          envFrom: {{- include "enterprise.common.envFrom" . | nindent 12 }}
-          env: {{- include "enterprise.common.environment" (merge (dict "component" "reports" "api" "true") .) | nindent 12 }}
-          ports:
-            - containerPort: {{ .Values.reports.service.port }}
-              name: reports
-          volumeMounts: {{- include "enterprise.common.volumeMounts" . | nindent 12 }}
-          livenessProbe: {{- include "enterprise.common.livenessProbe" (merge (dict "component" "reports") .) | nindent 12 }}
-          readinessProbe: {{- include "enterprise.common.readinessProbe" (merge (dict "component" "reports") .) | nindent 12 }}
-        {{- with .Values.reports.resources }}
-          resources: {{- toYaml . | nindent 12 }}
-        {{- end }}
         {{- include "enterprise.common.rbacAuthContainer" . | nindent 8 }}
 
 ---
@@ -110,12 +88,7 @@ spec:
       port: {{ .Values.api.service.port }}
       targetPort: {{ .Values.api.service.port }}
       protocol: TCP
-      {{ include "service.nodePort" (merge (dict "component" $component) .) }}
-    - name: reports
-      port: {{ .Values.reports.service.port }}
-      targetPort: {{ .Values.reports.service.port }}
-      protocol: TCP
-      {{ include "service.nodePort" (merge (dict "component" "reports") .) }}
+      {{ include "enterprise.service.nodePort" (merge (dict "component" $component) .) }}
   selector:
     app.kubernetes.io/name: {{ template "enterprise.fullname" . }}
     app.kubernetes.io/component: {{ $component | lower }}

stable/enterprise/templates/catalog_deployment.yaml

@@ -92,7 +92,7 @@ spec:
       port: {{ .Values.catalog.service.port }}
       targetPort: {{ .Values.catalog.service.port }}
       protocol: TCP
-      {{ include "service.nodePort" (merge (dict "component" $component) .) }}
+      {{ include "enterprise.service.nodePort" (merge (dict "component" $component) .) }}
   selector:
     app.kubernetes.io/name: {{ template "enterprise.fullname" . }}
     app.kubernetes.io/component: {{ $component | lower }}

stable/enterprise/templates/ingress.yaml

@@ -98,13 +98,13 @@ spec:
             pathType: Prefix
             backend:
               service:
-                name: {{ template "enterprise.api.fullname" $ }}
+                name: {{ template "enterprise.reports.fullname" $ }}
                 port:
-                  number: {{ $.Values.api.service.reportsPort }}
+                  number: {{ $.Values.reports.service.port }}
           {{- else }}
             backend:
-              serviceName: {{ template "enterprise.api.fullname" $ }}
-              servicePort: {{ $.Values.api.service.reportsPort }}
+              serviceName: {{ template "enterprise.reports.fullname" $ }}
+              servicePort: {{ $.Values.reports.service.port }}
           {{- end }}
         {{- end }}
     {{- end }}
@@ -162,13 +162,13 @@ spec:
             pathType: Prefix
             backend:
               service:
-                name: {{ template "enterprise.api.fullname" $ }}
+                name: {{ template "enterprise.reports.fullname" $ }}
                 port:
-                  number: {{ $.Values.api.service.reportsPort }}
+                  number: {{ $.Values.reports.service.port }}
           {{- else }}
             backend:
-              serviceName: {{ template "enterprise.api.fullname" $ }}
-              servicePort: {{ $.Values.api.service.reportsPort }}
+              serviceName: {{ template "enterprise.reports.fullname" $ }}
+              servicePort: {{ $.Values.reports.service.port }}
           {{- end }}
         {{- end }}
   {{- end }}

stable/enterprise/templates/notifications_deployment.yaml

@@ -66,7 +66,7 @@ spec:
       port: {{ .Values.notifications.service.port }}
       targetPort: {{ .Values.notifications.service.port }}
       protocol: TCP
-      {{ include "service.nodePort" (merge (dict "component" $component) .) }}
+      {{ include "enterprise.service.nodePort" (merge (dict "component" $component) .) }}
   selector:
     app.kubernetes.io/name: {{ template "enterprise.fullname" . }}
     app.kubernetes.io/component: {{ $component | lower }}

stable/enterprise/templates/policyengine_deployment.yaml

@@ -77,7 +77,7 @@ spec:
       port: {{ .Values.policyEngine.service.port }}
       targetPort: {{ .Values.policyEngine.service.port }}
       protocol: TCP
-      {{ include "service.nodePort" (merge (dict "component" $component) .) }}
+      {{ include "enterprise.service.nodePort" (merge (dict "component" $component) .) }}
   selector:
     app.kubernetes.io/name: {{ template "enterprise.fullname" . }}
     app.kubernetes.io/component: {{ $component | lower }}

stable/enterprise/templates/rbacmanager_deployment.yaml

@@ -66,7 +66,7 @@ spec:
       port: {{ .Values.rbacManager.service.port }}
       targetPort: {{ .Values.rbacManager.service.port }}
       protocol: TCP
-      {{ include "service.nodePort" (merge (dict "component" $component) .) }}
+      {{ include "enterprise.service.nodePort" (merge (dict "component" $component) .) }}
   selector:
     app.kubernetes.io/name: {{ template "enterprise.fullname" . }}
     app.kubernetes.io/component: {{ $component | lower }}

stable/enterprise/templates/reports_deployment.yaml

@@ -49,7 +49,7 @@ spec:
         {{- end }}
           command: ["/bin/sh", "-c"]
           args:
-            -  {{ print (include "enterprise.common.dockerEntrypoint" .) }} reports_worker
+            -  {{ print (include "enterprise.common.dockerEntrypoint" .) }} reports
           ports:
             - containerPort: {{ .Values.reports.service.port }}
               name: {{ $component | lower }}
@@ -81,7 +81,7 @@ spec:
       port: {{ .Values.reports.service.port }}
       targetPort: {{ .Values.reports.service.port }}
       protocol: TCP
-      {{ include "service.nodePort" (merge (dict "component" $component) .) }}
+      {{ include "enterprise.service.nodePort" (merge (dict "component" $component) .) }}
   selector:
     app.kubernetes.io/name: {{ template "enterprise.fullname" . }}
     app.kubernetes.io/component: {{ $component | lower }}

stable/enterprise/templates/reportsworker_deployment.yaml

@@ -0,0 +1,71 @@
+{{- $component := "reportsWorker" -}}
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "enterprise.reportsWorker.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels: {{- include "enterprise.common.labels" (merge (dict "component" $component) .) | nindent 4 }}
+  annotations: {{- include "enterprise.common.annotations" (merge (dict "component" $component) .) | nindent 4 }}
+spec:
+  selector:
+    matchLabels: {{- include "enterprise.common.matchLabels" (merge (dict "component" $component) .) | nindent 6 }}
+  replicas: {{ .Values.reportsWorker.replicaCount }}
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      labels: {{- include "enterprise.common.labels" (merge (dict "component" $component) .) | nindent 8 }}
+      annotations: {{- include "enterprise.common.annotations" (merge (dict "component" $component "nil" true) .) | nindent 8 }}
+      {{- if and (not .Values.injectSecretsViaEnv) (not .Values.useExistingSecrets) }}
+        checksum/secrets: {{ include (print $.Template.BasePath "/anchore_secret.yaml") . | sha256sum }}
+      {{- end }}
+        checksum/enterprise-config: {{ tpl (print $.Files.BasePath "/default_config.yaml") . | sha256sum }}
+    spec:
+      {{- include "enterprise.common.podSpec" (merge (dict "component" $component) .) | indent 6 }}
+      volumes: {{- include "enterprise.common.volumes" . | nindent 8 }}
+      containers:
+      {{- if .Values.cloudsql.enabled  }}
+        {{- include "enterprise.common.cloudsqlContainer" . | nindent 8 }}
+      {{- end }}
+        - name: "{{ .Chart.Name }}-{{ $component | lower }}"
+          image: {{ .Values.image }}
+          imagePullPolicy: {{ .Values.imagePullPolicy }}
+        {{- with .Values.containerSecurityContext }}
+          securityContext:
+            {{ toYaml . | nindent 12 }}
+        {{- end }}
+          command: ["/bin/sh", "-c"]
+          args:
+            -  {{ print (include "enterprise.common.dockerEntrypoint" .) }} reports_worker
+          ports:
+            - containerPort: {{ .Values.reportsWorker.service.port }}
+              name: {{ $component | lower }}
+          envFrom: {{- include "enterprise.common.envFrom" . | nindent 12 }}
+          env: {{- include "enterprise.common.environment" (merge (dict "component" $component) .) | nindent 12 }}
+          volumeMounts: {{- include "enterprise.common.volumeMounts" . | nindent 12 }}
+          livenessProbe: {{- include "enterprise.common.livenessProbe" (merge (dict "component" $component) .) | nindent 12 }}
+          readinessProbe: {{- include "enterprise.common.readinessProbe" (merge (dict "component" $component) .) | nindent 12 }}
+        {{- with .Values.reportsWorker.resources }}
+          resources: {{- toYaml . | nindent 12 }}
+        {{- end }}
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "enterprise.reportsWorker.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels: {{- include "enterprise.common.labels" (merge (dict "component" $component) .) | nindent 4 }}
+  annotations: {{- include "enterprise.common.annotations" (merge (dict "component" $component) .) | nindent 4 }}
+spec:
+  type: {{ .Values.reportsWorker.service.type }}
+  ports:
+    - name: {{ $component | lower }}
+      port: {{ .Values.reportsWorker.service.port }}
+      targetPort: {{ .Values.reportsWorker.service.port }}
+      protocol: TCP
+      {{ include "enterprise.service.nodePort" (merge (dict "component" $component) .) }}
+  selector:
+    app.kubernetes.io/name: {{ template "enterprise.fullname" . }}
+    app.kubernetes.io/component: {{ $component | lower }}

stable/enterprise/templates/simplequeue_deployment.yaml

@@ -64,7 +64,7 @@ spec:
       port: {{ .Values.simpleQueue.service.port }}
       targetPort: {{ .Values.simpleQueue.service.port }}
       protocol: TCP
-      {{ include "service.nodePort" (merge (dict "component" $component) .) }}
+      {{ include "enterprise.service.nodePort" (merge (dict "component" $component) .) }}
   selector:
     app.kubernetes.io/name: {{ template "enterprise.fullname" . }}
     app.kubernetes.io/component: {{ $component | lower }}

stable/enterprise/templates/ui_deployment.yaml

@@ -132,7 +132,7 @@ spec:
       port: {{ .Values.ui.service.port }}
       protocol: TCP
       targetPort: 3000
-      {{ include "service.nodePort" (merge (dict "component" $component) .) }}
+      {{ include "enterprise.service.nodePort" (merge (dict "component" $component) .) }}
   selector:
     app.kubernetes.io/name: {{ template "enterprise.fullname" . }}
     app.kubernetes.io/component: {{ $component | lower }}