From 2de194fcf8effdc10e8296248706dbd21c48268f Mon Sep 17 00:00:00 2001 From: beyondszine Date: Sat, 17 Aug 2019 12:06:58 +0530 Subject: [PATCH 01/15] added docker example --- README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/README.md b/README.md index 56ea23b..6d04d49 100644 --- a/README.md +++ b/README.md @@ -203,6 +203,12 @@ For easy deployment, we've created a Docker container. ```bash docker run --publish 8080:8080 dutchcoders/transfer.sh:latest --provider local --basedir /tmp/ ``` +Pass the params to the transfer.sh binary inside container by the *args*, not through docker environment vars. + +```bash +docker run -p 8080:8080 dutchcoders/transfer.sh:latest --provider s3 --http-auth-user my-username --http-auth-pass somepassword --aws-access-key $AWS_ACCESS_KEY_ID --aws-secret-key $AWS_SECRET_ACCESS_KEY --bucket $AWS_TRANSFERSH_BUCKET --s3-region $AWS_TRANSFERSH_BUCKET_REGION +``` + ## S3 Usage From 26ec9f539180f92d7d716ca060c98afd3a0a68e2 Mon Sep 17 00:00:00 2001 From: beyondszine Date: Sat, 17 Aug 2019 14:18:22 +0530 Subject: [PATCH 02/15] added helm chart & parametrized port --- Dockerfile | 3 +- README.md | 9 ++++ charts/transfersh/.helmignore | 21 +++++++++ charts/transfersh/Chart.yaml | 5 ++ charts/transfersh/templates/NOTES.txt | 19 ++++++++ charts/transfersh/templates/_helpers.tpl | 32 +++++++++++++ charts/transfersh/templates/deployment.yaml | 48 +++++++++++++++++++ charts/transfersh/templates/ingress.yaml | 38 +++++++++++++++ charts/transfersh/templates/service.yaml | 19 ++++++++ charts/transfersh/values.yaml | 51 +++++++++++++++++++++ 10 files changed, 244 insertions(+), 1 deletion(-) create mode 100644 charts/transfersh/.helmignore create mode 100644 charts/transfersh/Chart.yaml create mode 100644 charts/transfersh/templates/NOTES.txt create mode 100644 charts/transfersh/templates/_helpers.tpl create mode 100644 charts/transfersh/templates/deployment.yaml create mode 100644 charts/transfersh/templates/ingress.yaml create mode 100644 charts/transfersh/templates/service.yaml create mode 100644 charts/transfersh/values.yaml diff --git a/Dockerfile b/Dockerfile index 25661aa..2c58d91 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,6 +10,7 @@ ADD . /go/src/github.com/dutchcoders/transfer.sh WORKDIR /go/src/github.com/dutchcoders/transfer.sh ENV GO111MODULE=on +ENV APP_PORT=80 # build & install server RUN go get -u ./... && CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags -a -tags netgo -ldflags '-w -extldflags "-static"' -o /go/bin/transfersh github.com/dutchcoders/transfer.sh @@ -20,6 +21,6 @@ LABEL maintainer="Andrea Spacca " COPY --from=build /go/bin/transfersh /go/bin/transfersh COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt -ENTRYPOINT ["/go/bin/transfersh", "--listener", ":8080"] +ENTRYPOINT /go/bin/transfersh --listener :$APP_PORT EXPOSE 8080 diff --git a/README.md b/README.md index 6d04d49..904f44d 100644 --- a/README.md +++ b/README.md @@ -207,6 +207,15 @@ Pass the params to the transfer.sh binary inside container by the *args*, not th ```bash docker run -p 8080:8080 dutchcoders/transfer.sh:latest --provider s3 --http-auth-user my-username --http-auth-pass somepassword --aws-access-key $AWS_ACCESS_KEY_ID --aws-secret-key $AWS_SECRET_ACCESS_KEY --bucket $AWS_TRANSFERSH_BUCKET --s3-region $AWS_TRANSFERSH_BUCKET_REGION + +# Kubernetes examples: +# run locally +kubectl run transfersh --restart=Never --image=dutchcoders/transfer.sh:latest -- --http-auth-user my-username --http-auth-pass somepassword --provider local --basedir=/tmp + +# run with s3 +kubectl run transfersh --restart=Never --image=dutchcoders/transfer.sh:latest -- --http-auth-user my-username --http-auth-pass somepassword --provider s3 --basedir=/tmp--aws-access-key $AWS_ACCESS_KEY_ID --aws-secret-key $AWS_SECRET_ACCESS_KEY --bucket $AWS_TRANSFERSH_BUCKET --s3-region $AWS_TRANSFERSH_BUCKET_REGION + + ``` diff --git a/charts/transfersh/.helmignore b/charts/transfersh/.helmignore new file mode 100644 index 0000000..f0c1319 --- /dev/null +++ b/charts/transfersh/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/transfersh/Chart.yaml b/charts/transfersh/Chart.yaml new file mode 100644 index 0000000..52fedb6 --- /dev/null +++ b/charts/transfersh/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: "1.0" +description: A Helm chart for Kubernetes +name: transfersh +version: 0.1.0 diff --git a/charts/transfersh/templates/NOTES.txt b/charts/transfersh/templates/NOTES.txt new file mode 100644 index 0000000..c3e1122 --- /dev/null +++ b/charts/transfersh/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "transfersh.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "transfersh.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "transfersh.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "transfersh.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:80 +{{- end }} diff --git a/charts/transfersh/templates/_helpers.tpl b/charts/transfersh/templates/_helpers.tpl new file mode 100644 index 0000000..e95904d --- /dev/null +++ b/charts/transfersh/templates/_helpers.tpl @@ -0,0 +1,32 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "transfersh.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "transfersh.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "transfersh.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} diff --git a/charts/transfersh/templates/deployment.yaml b/charts/transfersh/templates/deployment.yaml new file mode 100644 index 0000000..dd064f7 --- /dev/null +++ b/charts/transfersh/templates/deployment.yaml @@ -0,0 +1,48 @@ +apiVersion: apps/v1beta2 +kind: Deployment +metadata: + name: {{ include "transfersh.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "transfersh.name" . }} + helm.sh/chart: {{ include "transfersh.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app.kubernetes.io/name: {{ include "transfersh.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "transfersh.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + spec: + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + args: ["--http-auth-user", "beyond","--http-auth-pass","somePassword","--provider","local","--basedir","/tmp"] + livenessProbe: + httpGet: + path: / + port: {{ .Values.service.internalPort }} + readinessProbe: + httpGet: + path: / + port: {{ .Values.service.internalPort }} + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} diff --git a/charts/transfersh/templates/ingress.yaml b/charts/transfersh/templates/ingress.yaml new file mode 100644 index 0000000..0ac5258 --- /dev/null +++ b/charts/transfersh/templates/ingress.yaml @@ -0,0 +1,38 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "transfersh.fullname" . -}} +{{- $ingressPath := .Values.ingress.path -}} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + app.kubernetes.io/name: {{ include "transfersh.name" . }} + helm.sh/chart: {{ include "transfersh.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- with .Values.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: +{{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ . | quote }} + http: + paths: + - path: {{ $ingressPath }} + backend: + serviceName: {{ $fullName }} + servicePort: http + {{- end }} +{{- end }} diff --git a/charts/transfersh/templates/service.yaml b/charts/transfersh/templates/service.yaml new file mode 100644 index 0000000..53712bf --- /dev/null +++ b/charts/transfersh/templates/service.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "transfersh.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "transfersh.name" . }} + helm.sh/chart: {{ include "transfersh.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + app.kubernetes.io/name: {{ include "transfersh.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/charts/transfersh/values.yaml b/charts/transfersh/values.yaml new file mode 100644 index 0000000..0f2b2f7 --- /dev/null +++ b/charts/transfersh/values.yaml @@ -0,0 +1,51 @@ +# Default values for transfersh. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: dutchcoders/transfer.sh + tag: latest + pullPolicy: IfNotPresent + +nameOverride: "" +fullnameOverride: "" + +service: + type: ClusterIP + name: apiwrapper-service + port: 80 + externalPort: 80 + internalPort: 8080 + +ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + path: / + hosts: + - transfersh.local + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +nodeSelector: {} + +tolerations: [] + +affinity: {} From d888835d5412d4ee159fbef6e822721243bfef1e Mon Sep 17 00:00:00 2001 From: beyondszine Date: Sat, 17 Aug 2019 14:28:39 +0530 Subject: [PATCH 03/15] buf fix in values.yml port value --- charts/transfersh/values.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/charts/transfersh/values.yaml b/charts/transfersh/values.yaml index 0f2b2f7..8d111ea 100644 --- a/charts/transfersh/values.yaml +++ b/charts/transfersh/values.yaml @@ -14,8 +14,7 @@ fullnameOverride: "" service: type: ClusterIP - name: apiwrapper-service - port: 80 + name: transfersh-service externalPort: 80 internalPort: 8080 From 79873c37c194a3cfff277a92aa27531db6c804b2 Mon Sep 17 00:00:00 2001 From: beyondszine Date: Sat, 17 Aug 2019 14:31:54 +0530 Subject: [PATCH 04/15] variabl-ised port --- charts/transfersh/templates/service.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/transfersh/templates/service.yaml b/charts/transfersh/templates/service.yaml index 53712bf..cca8240 100644 --- a/charts/transfersh/templates/service.yaml +++ b/charts/transfersh/templates/service.yaml @@ -11,9 +11,9 @@ spec: type: {{ .Values.service.type }} ports: - port: {{ .Values.service.port }} - targetPort: http + targetPort: {{ .Values.service.internalPort }} protocol: TCP - name: http + name: {{ .Values.service.name }} selector: app.kubernetes.io/name: {{ include "transfersh.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} From 3d57d8996f17af30dc9b7da9e14aaaa1d4344c5a Mon Sep 17 00:00:00 2001 From: beyondszine Date: Sat, 17 Aug 2019 14:35:00 +0530 Subject: [PATCH 05/15] bug fix port var name --- charts/transfersh/templates/service.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/transfersh/templates/service.yaml b/charts/transfersh/templates/service.yaml index cca8240..a2c0810 100644 --- a/charts/transfersh/templates/service.yaml +++ b/charts/transfersh/templates/service.yaml @@ -10,7 +10,7 @@ metadata: spec: type: {{ .Values.service.type }} ports: - - port: {{ .Values.service.port }} + - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} protocol: TCP name: {{ .Values.service.name }} From 3dadfd21abdd824f106610e7c20a7a0cdfdfe95d Mon Sep 17 00:00:00 2001 From: beyondszine Date: Sat, 17 Aug 2019 19:08:06 +0530 Subject: [PATCH 06/15] added secrets capability for chart params --- charts/transfersh/templates/deployment.yaml | 33 ++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/charts/transfersh/templates/deployment.yaml b/charts/transfersh/templates/deployment.yaml index dd064f7..4bb20b6 100644 --- a/charts/transfersh/templates/deployment.yaml +++ b/charts/transfersh/templates/deployment.yaml @@ -23,7 +23,38 @@ spec: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} - args: ["--http-auth-user", "beyond","--http-auth-pass","somePassword","--provider","local","--basedir","/tmp"] + env: + - name: HTTP_AUTH_USER + valueFrom: + secretKeyRef: + name: transfersh-secrets + key: HTTP_AUTH_USER + - name: HTTP_AUTH_PASS + valueFrom: + secretKeyRef: + name: transfersh-secrets + key: HTTP_AUTH_PASS + - name: AWS_ACCESS_KEY + valueFrom: + secretKeyRef: + name: transfersh-secrets + key: AWS_ACCESS_KEY + - name: AWS_SECRET_KEY + valueFrom: + secretKeyRef: + name: transfersh-secrets + key: AWS_SECRET_KEY + - name: AWS_BUCKET_NAME + valueFrom: + secretKeyRef: + name: transfersh-secrets + key: AWS_BUCKET_NAME + - name: AWS_BUCKET_REGION + valueFrom: + secretKeyRef: + name: transfersh-secrets + key: AWS_BUCKET_REGION + args: ["--http-auth-user","$(HTTP_AUTH_USER)","--http-auth-pass","$(HTTP_AUTH_PASS)","--provider","s3","--aws-access-key","$(AWS_ACCESS_KEY)","--aws-secret-key","$(AWS_SECRET_KEY)","--bucket","$(AWS_BUCKET_NAME)","--s3-region","$(AWS_BUCKET_REGION)","--proxy-path","filemanager"] livenessProbe: httpGet: path: / From 21b585689d452d67860a3450685f8cd14a4e9e42 Mon Sep 17 00:00:00 2001 From: beyondszine Date: Sat, 17 Aug 2019 19:13:38 +0530 Subject: [PATCH 07/15] updated README for kubernetes n helm chart --- README.md | 17 +++++++++++++++-- charts/transfersh/templates/deployment.yaml | 2 +- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 904f44d..ae0f044 100644 --- a/README.md +++ b/README.md @@ -207,14 +207,27 @@ Pass the params to the transfer.sh binary inside container by the *args*, not th ```bash docker run -p 8080:8080 dutchcoders/transfer.sh:latest --provider s3 --http-auth-user my-username --http-auth-pass somepassword --aws-access-key $AWS_ACCESS_KEY_ID --aws-secret-key $AWS_SECRET_ACCESS_KEY --bucket $AWS_TRANSFERSH_BUCKET --s3-region $AWS_TRANSFERSH_BUCKET_REGION +``` +## Kubernetes helm chart +```sh # Kubernetes examples: # run locally -kubectl run transfersh --restart=Never --image=dutchcoders/transfer.sh:latest -- --http-auth-user my-username --http-auth-pass somepassword --provider local --basedir=/tmp +kubectl run transfersh --restart=Never --image=dutchcoders/transfer.sh:latest -- --http-auth-user my-username --http-auth-pass somepassword --provider local --basedir=/tmp # run with s3 -kubectl run transfersh --restart=Never --image=dutchcoders/transfer.sh:latest -- --http-auth-user my-username --http-auth-pass somepassword --provider s3 --basedir=/tmp--aws-access-key $AWS_ACCESS_KEY_ID --aws-secret-key $AWS_SECRET_ACCESS_KEY --bucket $AWS_TRANSFERSH_BUCKET --s3-region $AWS_TRANSFERSH_BUCKET_REGION +kubectl run transfersh --restart=Never --image=dutchcoders/transfer.sh:latest -- --http-auth-user my-username --http-auth-pass somepassword --provider s3 --aws-access-key $AWS_ACCESS_KEY_ID --aws-secret-key $AWS_SECRET_ACCESS_KEY --bucket $AWS_TRANSFERSH_BUCKET --s3-region $AWS_TRANSFERSH_BUCKET_REGION + + +# Helm chart deployment +# defaults to s3 provider, to change, goto `args` in deployment.yaml +# if your service is going to run behind nginx or any other proxy then update, proxy-path variable too in deployment.yaml, by-default it is blank. + +# create secret for deployment params +kubectl create secret generic transfersh-secrets --from-literal=HTTP_AUTH_USER=$HTTP_AUTH_USER --from-literal=HTTP_AUTH_PASS=$HTTP_AUTH_PASS --from-literal=AWS_ACCESS_KEY=$AWS_ACCESS_KEY --from-literal=AWS_SECRET_KEY=$AWS_SECRET_KEY --from-literal=AWS_BUCKET_NAME=$AWS_BUCKET_NAME --from-literal=AWS_BUCKET_REGION=$AWS_BUCKET_REGION +cd charts/transfersh +helm install --debug --name=transfersh transfersh/ ``` diff --git a/charts/transfersh/templates/deployment.yaml b/charts/transfersh/templates/deployment.yaml index 4bb20b6..acc6b95 100644 --- a/charts/transfersh/templates/deployment.yaml +++ b/charts/transfersh/templates/deployment.yaml @@ -54,7 +54,7 @@ spec: secretKeyRef: name: transfersh-secrets key: AWS_BUCKET_REGION - args: ["--http-auth-user","$(HTTP_AUTH_USER)","--http-auth-pass","$(HTTP_AUTH_PASS)","--provider","s3","--aws-access-key","$(AWS_ACCESS_KEY)","--aws-secret-key","$(AWS_SECRET_KEY)","--bucket","$(AWS_BUCKET_NAME)","--s3-region","$(AWS_BUCKET_REGION)","--proxy-path","filemanager"] + args: ["--http-auth-user","$(HTTP_AUTH_USER)","--http-auth-pass","$(HTTP_AUTH_PASS)","--provider","s3","--aws-access-key","$(AWS_ACCESS_KEY)","--aws-secret-key","$(AWS_SECRET_KEY)","--bucket","$(AWS_BUCKET_NAME)","--s3-region","$(AWS_BUCKET_REGION)","--proxy-path",""] livenessProbe: httpGet: path: / From e49de34786137df3551f5f4c5ec05d04af18b491 Mon Sep 17 00:00:00 2001 From: beyondszine Date: Sun, 18 Aug 2019 13:34:45 +0530 Subject: [PATCH 08/15] corrected transfersh server port to 8080 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 2c58d91..86619b2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,7 +10,7 @@ ADD . /go/src/github.com/dutchcoders/transfer.sh WORKDIR /go/src/github.com/dutchcoders/transfer.sh ENV GO111MODULE=on -ENV APP_PORT=80 +ENV APP_PORT=8080 # build & install server RUN go get -u ./... && CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags -a -tags netgo -ldflags '-w -extldflags "-static"' -o /go/bin/transfersh github.com/dutchcoders/transfer.sh From 182ab89d1e38d7459410a4dcd4f46e82457657ef Mon Sep 17 00:00:00 2001 From: beyondszine Date: Sun, 18 Aug 2019 15:43:30 +0530 Subject: [PATCH 09/15] templatized env & args redundancy --- charts/transfersh/templates/deployment.yaml | 39 +++++---------------- charts/transfersh/values.yaml | 30 ++++++++++++---- 2 files changed, 32 insertions(+), 37 deletions(-) diff --git a/charts/transfersh/templates/deployment.yaml b/charts/transfersh/templates/deployment.yaml index acc6b95..d1ac52a 100644 --- a/charts/transfersh/templates/deployment.yaml +++ b/charts/transfersh/templates/deployment.yaml @@ -19,42 +19,21 @@ spec: app.kubernetes.io/name: {{ include "transfersh.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} spec: + {{- $keyRefSource := .Values.argValues.source.type -}} + {{- $keyRefName := .Values.argValues.source.name -}} containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- range .Values.argValues.paramNames }} env: - - name: HTTP_AUTH_USER + - name: {{ . | upper }} valueFrom: - secretKeyRef: - name: transfersh-secrets - key: HTTP_AUTH_USER - - name: HTTP_AUTH_PASS - valueFrom: - secretKeyRef: - name: transfersh-secrets - key: HTTP_AUTH_PASS - - name: AWS_ACCESS_KEY - valueFrom: - secretKeyRef: - name: transfersh-secrets - key: AWS_ACCESS_KEY - - name: AWS_SECRET_KEY - valueFrom: - secretKeyRef: - name: transfersh-secrets - key: AWS_SECRET_KEY - - name: AWS_BUCKET_NAME - valueFrom: - secretKeyRef: - name: transfersh-secrets - key: AWS_BUCKET_NAME - - name: AWS_BUCKET_REGION - valueFrom: - secretKeyRef: - name: transfersh-secrets - key: AWS_BUCKET_REGION - args: ["--http-auth-user","$(HTTP_AUTH_USER)","--http-auth-pass","$(HTTP_AUTH_PASS)","--provider","s3","--aws-access-key","$(AWS_ACCESS_KEY)","--aws-secret-key","$(AWS_SECRET_KEY)","--bucket","$(AWS_BUCKET_NAME)","--s3-region","$(AWS_BUCKET_REGION)","--proxy-path",""] + {{ $keyRefSource }}: + name: {{ $keyRefName }} + key: {{ . | upper }} + {{- end }} + args: [ {{- range .Values.argValues.paramNames }} {{ printf "%s%s" $.Values.argIdentifier . | quote}},{{ printf "%s%s%s" "$(" . ")" | upper | quote}},{{- end }} ] livenessProbe: httpGet: path: / diff --git a/charts/transfersh/values.yaml b/charts/transfersh/values.yaml index 8d111ea..215310b 100644 --- a/charts/transfersh/values.yaml +++ b/charts/transfersh/values.yaml @@ -1,9 +1,5 @@ -# Default values for transfersh. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - +--- replicaCount: 1 - image: repository: dutchcoders/transfer.sh tag: latest @@ -18,11 +14,31 @@ service: externalPort: 80 internalPort: 8080 +errorValues: + varValue : UltraBadValue + +argIdentifier: "--" + +argValues : { + "source" :{ + "type" : "secretKeyRef", + "name" : "transfersh-secrets" + }, + "paramNames" :[ + "http-auth-user", + "http-auth-pass", + "provider", + "aws-access-key", + "aws-secret-key", + "bucket", + "s3-region", + "proxy-path" + ] + } + ingress: enabled: false annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" path: / hosts: - transfersh.local From 738c9f36b2e3f75fe473e2f612a58d9e1306e007 Mon Sep 17 00:00:00 2001 From: beyondszine Date: Sun, 18 Aug 2019 23:42:02 +0530 Subject: [PATCH 10/15] fixed whitespacing --- charts/transfersh/values.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/charts/transfersh/values.yaml b/charts/transfersh/values.yaml index 215310b..c296d30 100644 --- a/charts/transfersh/values.yaml +++ b/charts/transfersh/values.yaml @@ -14,9 +14,6 @@ service: externalPort: 80 internalPort: 8080 -errorValues: - varValue : UltraBadValue - argIdentifier: "--" argValues : { From 68dc5d944204e428007a2aec434a3e1171b1d016 Mon Sep 17 00:00:00 2001 From: beyondszine Date: Mon, 19 Aug 2019 00:05:11 +0530 Subject: [PATCH 11/15] replaced hyphens to underscores for var names --- README.md | 11 +++++------ charts/transfersh/templates/deployment.yaml | 2 +- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index ae0f044..92f5d67 100644 --- a/README.md +++ b/README.md @@ -209,7 +209,8 @@ Pass the params to the transfer.sh binary inside container by the *args*, not th docker run -p 8080:8080 dutchcoders/transfer.sh:latest --provider s3 --http-auth-user my-username --http-auth-pass somepassword --aws-access-key $AWS_ACCESS_KEY_ID --aws-secret-key $AWS_SECRET_ACCESS_KEY --bucket $AWS_TRANSFERSH_BUCKET --s3-region $AWS_TRANSFERSH_BUCKET_REGION ``` -## Kubernetes helm chart +## HOW TO? Kubernetes helm chart + ```sh # Kubernetes examples: # run locally @@ -218,13 +219,11 @@ kubectl run transfersh --restart=Never --image=dutchcoders/transfer.sh:latest -- # run with s3 kubectl run transfersh --restart=Never --image=dutchcoders/transfer.sh:latest -- --http-auth-user my-username --http-auth-pass somepassword --provider s3 --aws-access-key $AWS_ACCESS_KEY_ID --aws-secret-key $AWS_SECRET_ACCESS_KEY --bucket $AWS_TRANSFERSH_BUCKET --s3-region $AWS_TRANSFERSH_BUCKET_REGION - -# Helm chart deployment -# defaults to s3 provider, to change, goto `args` in deployment.yaml +# Manual process of Helm chart deployment # if your service is going to run behind nginx or any other proxy then update, proxy-path variable too in deployment.yaml, by-default it is blank. -# create secret for deployment params -kubectl create secret generic transfersh-secrets --from-literal=HTTP_AUTH_USER=$HTTP_AUTH_USER --from-literal=HTTP_AUTH_PASS=$HTTP_AUTH_PASS --from-literal=AWS_ACCESS_KEY=$AWS_ACCESS_KEY --from-literal=AWS_SECRET_KEY=$AWS_SECRET_KEY --from-literal=AWS_BUCKET_NAME=$AWS_BUCKET_NAME --from-literal=AWS_BUCKET_REGION=$AWS_BUCKET_REGION +# manually create needed secrets for deployment params totally aligned with [Usage Params](https://github.com/dutchcoders/transfer.sh#usage-1) +kubectl create secret generic transfersh-secrets --from-literal=HTTP_AUTH_USER=$HTTP_AUTH_USER --from-literal=HTTP_AUTH_PASS=$HTTP_AUTH_PASS --from-literal=AWS_ACCESS_KEY=$AWS_ACCESS_KEY --from-literal=AWS_SECRET_KEY=$AWS_SECRET_KEY --from-literal=BUCKET=$BUCKET --from-literal=S3_REGION=$S3_REGION --from-literal=PROXY_PATH=$PROXY_PATH cd charts/transfersh helm install --debug --name=transfersh transfersh/ diff --git a/charts/transfersh/templates/deployment.yaml b/charts/transfersh/templates/deployment.yaml index d1ac52a..6afde20 100644 --- a/charts/transfersh/templates/deployment.yaml +++ b/charts/transfersh/templates/deployment.yaml @@ -33,7 +33,7 @@ spec: name: {{ $keyRefName }} key: {{ . | upper }} {{- end }} - args: [ {{- range .Values.argValues.paramNames }} {{ printf "%s%s" $.Values.argIdentifier . | quote}},{{ printf "%s%s%s" "$(" . ")" | upper | quote}},{{- end }} ] + args: [ {{- range .Values.argValues.paramNames }} {{ printf "%s%s" $.Values.argIdentifier . | quote}},{{ printf "%s%s%s" "$(" . ")" | upper | replace "-" "_" | quote}},{{- end }} ] livenessProbe: httpGet: path: / From e965e296ec619355c145709e35f4d2a1d3dab4c6 Mon Sep 17 00:00:00 2001 From: beyondszine Date: Mon, 19 Aug 2019 00:14:06 +0530 Subject: [PATCH 12/15] fixed missed conversions hyphen to underscores --- README.md | 4 ++-- charts/transfersh/templates/deployment.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 92f5d67..a5dc733 100644 --- a/README.md +++ b/README.md @@ -222,8 +222,8 @@ kubectl run transfersh --restart=Never --image=dutchcoders/transfer.sh:latest -- # Manual process of Helm chart deployment # if your service is going to run behind nginx or any other proxy then update, proxy-path variable too in deployment.yaml, by-default it is blank. -# manually create needed secrets for deployment params totally aligned with [Usage Params](https://github.com/dutchcoders/transfer.sh#usage-1) -kubectl create secret generic transfersh-secrets --from-literal=HTTP_AUTH_USER=$HTTP_AUTH_USER --from-literal=HTTP_AUTH_PASS=$HTTP_AUTH_PASS --from-literal=AWS_ACCESS_KEY=$AWS_ACCESS_KEY --from-literal=AWS_SECRET_KEY=$AWS_SECRET_KEY --from-literal=BUCKET=$BUCKET --from-literal=S3_REGION=$S3_REGION --from-literal=PROXY_PATH=$PROXY_PATH +# Example to manually create needed secrets for deployment params totally aligned with [Usage Params](https://github.com/dutchcoders/transfer.sh#usage-1) +kubectl create secret generic transfersh-secrets --from-literal=HTTP_AUTH_USER=$HTTP_AUTH_USER --from-literal=HTTP_AUTH_PASS=$HTTP_AUTH_PASS --from-literal=AWS_ACCESS_KEY=$AWS_ACCESS_KEY --from-literal=AWS_SECRET_KEY=$AWS_SECRET_KEY --from-literal=BUCKET=$BUCKET --from-literal=S3_REGION=$S3_REGION --from-literal=PROXY_PATH=$PROXY_PATH --from-literal=PROVIDER=$PROVIDER cd charts/transfersh helm install --debug --name=transfersh transfersh/ diff --git a/charts/transfersh/templates/deployment.yaml b/charts/transfersh/templates/deployment.yaml index 6afde20..d17f281 100644 --- a/charts/transfersh/templates/deployment.yaml +++ b/charts/transfersh/templates/deployment.yaml @@ -27,11 +27,11 @@ spec: imagePullPolicy: {{ .Values.image.pullPolicy }} {{- range .Values.argValues.paramNames }} env: - - name: {{ . | upper }} + - name: {{ . | upper | replace "-" "_" }} valueFrom: {{ $keyRefSource }}: name: {{ $keyRefName }} - key: {{ . | upper }} + key: {{ . | upper | replace "-" "_"}} {{- end }} args: [ {{- range .Values.argValues.paramNames }} {{ printf "%s%s" $.Values.argIdentifier . | quote}},{{ printf "%s%s%s" "$(" . ")" | upper | replace "-" "_" | quote}},{{- end }} ] livenessProbe: From 8ed1f7f296fa4dbcc21ca10088abec13d6fdbb63 Mon Sep 17 00:00:00 2001 From: beyondszine Date: Mon, 19 Aug 2019 00:46:50 +0530 Subject: [PATCH 13/15] fixed env tag template positioning bug --- charts/transfersh/templates/deployment.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/transfersh/templates/deployment.yaml b/charts/transfersh/templates/deployment.yaml index d17f281..21d29ec 100644 --- a/charts/transfersh/templates/deployment.yaml +++ b/charts/transfersh/templates/deployment.yaml @@ -20,13 +20,13 @@ spec: app.kubernetes.io/instance: {{ .Release.Name }} spec: {{- $keyRefSource := .Values.argValues.source.type -}} - {{- $keyRefName := .Values.argValues.source.name -}} + {{ $keyRefName := .Values.argValues.source.name }} containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- range .Values.argValues.paramNames }} env: + {{- range .Values.argValues.paramNames }} - name: {{ . | upper | replace "-" "_" }} valueFrom: {{ $keyRefSource }}: From 249948207e70c7b0eb2dfdd4cb8d2c703d550300 Mon Sep 17 00:00:00 2001 From: beyondszine Date: Mon, 19 Aug 2019 00:51:47 +0530 Subject: [PATCH 14/15] working templatized helm chart --- README.md | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index a5dc733..89da7c3 100644 --- a/README.md +++ b/README.md @@ -209,26 +209,29 @@ Pass the params to the transfer.sh binary inside container by the *args*, not th docker run -p 8080:8080 dutchcoders/transfer.sh:latest --provider s3 --http-auth-user my-username --http-auth-pass somepassword --aws-access-key $AWS_ACCESS_KEY_ID --aws-secret-key $AWS_SECRET_ACCESS_KEY --bucket $AWS_TRANSFERSH_BUCKET --s3-region $AWS_TRANSFERSH_BUCKET_REGION ``` -## HOW TO? Kubernetes helm chart +## Manual run inside kubernetes cluster ```sh -# Kubernetes examples: # run locally kubectl run transfersh --restart=Never --image=dutchcoders/transfer.sh:latest -- --http-auth-user my-username --http-auth-pass somepassword --provider local --basedir=/tmp # run with s3 kubectl run transfersh --restart=Never --image=dutchcoders/transfer.sh:latest -- --http-auth-user my-username --http-auth-pass somepassword --provider s3 --aws-access-key $AWS_ACCESS_KEY_ID --aws-secret-key $AWS_SECRET_ACCESS_KEY --bucket $AWS_TRANSFERSH_BUCKET --s3-region $AWS_TRANSFERSH_BUCKET_REGION -# Manual process of Helm chart deployment # if your service is going to run behind nginx or any other proxy then update, proxy-path variable too in deployment.yaml, by-default it is blank. # Example to manually create needed secrets for deployment params totally aligned with [Usage Params](https://github.com/dutchcoders/transfer.sh#usage-1) kubectl create secret generic transfersh-secrets --from-literal=HTTP_AUTH_USER=$HTTP_AUTH_USER --from-literal=HTTP_AUTH_PASS=$HTTP_AUTH_PASS --from-literal=AWS_ACCESS_KEY=$AWS_ACCESS_KEY --from-literal=AWS_SECRET_KEY=$AWS_SECRET_KEY --from-literal=BUCKET=$BUCKET --from-literal=S3_REGION=$S3_REGION --from-literal=PROXY_PATH=$PROXY_PATH --from-literal=PROVIDER=$PROVIDER + +``` + + +## HOW TO? Kubernetes helm chart + cd charts/transfersh helm install --debug --name=transfersh transfersh/ -``` ## S3 Usage From 454e3085fecfb013a116bdab2a4483ea6abe8e4d Mon Sep 17 00:00:00 2001 From: beyondszine Date: Mon, 19 Aug 2019 01:15:56 +0530 Subject: [PATCH 15/15] updated README --- README.md | 37 +++++++++++++++++++++++++++++++------ 1 file changed, 31 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 89da7c3..f8dc6c5 100644 --- a/README.md +++ b/README.md @@ -209,7 +209,7 @@ Pass the params to the transfer.sh binary inside container by the *args*, not th docker run -p 8080:8080 dutchcoders/transfer.sh:latest --provider s3 --http-auth-user my-username --http-auth-pass somepassword --aws-access-key $AWS_ACCESS_KEY_ID --aws-secret-key $AWS_SECRET_ACCESS_KEY --bucket $AWS_TRANSFERSH_BUCKET --s3-region $AWS_TRANSFERSH_BUCKET_REGION ``` -## Manual run inside kubernetes cluster +## Manually run inside kubernetes cluster ```sh # run locally @@ -218,19 +218,44 @@ kubectl run transfersh --restart=Never --image=dutchcoders/transfer.sh:latest -- # run with s3 kubectl run transfersh --restart=Never --image=dutchcoders/transfer.sh:latest -- --http-auth-user my-username --http-auth-pass somepassword --provider s3 --aws-access-key $AWS_ACCESS_KEY_ID --aws-secret-key $AWS_SECRET_ACCESS_KEY --bucket $AWS_TRANSFERSH_BUCKET --s3-region $AWS_TRANSFERSH_BUCKET_REGION -# if your service is going to run behind nginx or any other proxy then update, proxy-path variable too in deployment.yaml, by-default it is blank. - # Example to manually create needed secrets for deployment params totally aligned with [Usage Params](https://github.com/dutchcoders/transfer.sh#usage-1) kubectl create secret generic transfersh-secrets --from-literal=HTTP_AUTH_USER=$HTTP_AUTH_USER --from-literal=HTTP_AUTH_PASS=$HTTP_AUTH_PASS --from-literal=AWS_ACCESS_KEY=$AWS_ACCESS_KEY --from-literal=AWS_SECRET_KEY=$AWS_SECRET_KEY --from-literal=BUCKET=$BUCKET --from-literal=S3_REGION=$S3_REGION --from-literal=PROXY_PATH=$PROXY_PATH --from-literal=PROVIDER=$PROVIDER - - ``` +### TIPS +If your service is going to run behind nginx or any other proxy in your kubernetes cluster then passing on `proxy-path` variable becomes a must to avoid to avoid errors by webend, by-default it is blank. +dont add prefix '/' for the path. +Ex: if your kubernetes ingress piece of routing yaml is like this +```yaml +... +spec: + rules: + - host: api.myhost.mysite.com + http: + paths: + - backend: + serviceName: transfersh + servicePort: 80 + path: /filemanager +... +``` +=> PROXY_PATH arg must be set to 'filemanager' & not /filemanager. -## HOW TO? Kubernetes helm chart +## Helm chart +```sh cd charts/transfersh helm install --debug --name=transfersh transfersh/ +``` + +### NOTE: +- All variables are same as mentioned [here](https://github.com/dutchcoders/transfer.sh#usage-1) with below mentioned operations done on them. +- Operations applied on Usage params + - UPPERCASING them + - replacing hyphens by underscores +- Ex: http-auth-user => HTTP_AUTH_USER, s3-region => S3_REGION +- Every arg needed by the transfer.sh binary is passed via environment variable in deployment yaml injected via the secrets/configmaps at runtime. +- Deployment fails in case of non-availability of secrets/configMaps in your cluster, as selected via values.yaml file.