# How to run signals-gisib-ams app in Kubernetes using Helm This README provides instructions on how to deploy the `signals-gisib-ams` application in Kubernetes using Helm. Before deploying the application, we need to deploy two dependencies: PostgreSQL and RabbitMQ. However, note that deployment of these components is **optional** if you already have other solutions like an Azure database for PostgreSQL or another instance of RabbitMQ that you wish to use. ## Prerequisites Before you begin, ensure that you have the following prerequisites: - Kubernetes cluster is installed and configured - Helm is installed ## Deploying PostgreSQL and RabbitMQ (optional) This optional deployment of PostgreSQL and RabbitMQ provides a convenient solution for local testing and development purposes, allowing you to easily enable or disable these services as needed in the `values.yaml` file. By default, these settings are enabled in the `values.yaml`: ```yaml tags: postgresql: true rabbitmq: true ``` If you do not want to deploy PostgreSQL and/or RabbitMQ you can easily disable them in the `values.yaml` by setting: ```yaml tags: postgresql: false rabbitmq: false ``` ## Deploying signals-gisib-ams After PostgreSQL and RabbitMQ are deployed, we can deploy the `signals-gisib-ams` application using the following steps: Open a terminal and navigate to the root directory of the `signals-gisib-ams` application. Run the following command to deploy the application: ```bash helm upgrade --install signals-gisib-ams ./helm-charts/signals-gisib-ams ``` This command deploys the application using the `signals-gisib-ams` chart located in the root directory of the application. Note: **This command assumes that you have already configured Helm to work with your Kubernetes cluster.** Congratulations, you have successfully deployed the `signals-gisib-ams` application in Kubernetes using Helm! ## Setting Up Secrets in Kubernetes When deploying the `signals-gisib-ams` app, some sensitive settings need to be stored as secrets in the `secrets.yaml` file. To set up a secret in Kubernetes using kubectl, you can create a `secrets.yaml` file with the following structure: ```yaml apiVersion: v1 kind: Secret metadata: name: my-custom-signals-gisib-ams-secrets type: Opaque data: DATABASE_PASSWORD: aW5zZWN1cmU= RABBITMQ_PASSWORD: aW5zZWN1cmU= SECRETKEY: aW5zZWN1cmU= GISIB_PASSWORD: aW5zZWN1cmU= GISIB_APIKEY: aW5zZWN1cmU= KEYCLOAK_CLIENT_ID: aW5zZWN1cmU= KEYCLOAK_CLIENT_SECRET_KEY: aW5zZWN1cmU= ``` Here, `my-custom-signals-gisib-ams-secrets` is the name of the secret, and the values of the sensitive settings are encoded in Base64. Replace the values `aW5zZWN1cmU=` (the base64-endcoded string `insecure`) with the base64-encoded values of your actual secrets. To create the secret in Kubernetes, you can run the following command: ```bash kubectl apply -f secrets.yaml ``` This way, the sensitive settings can be securely passed to the `signals-gisib-ams` app without being exposed in the deployment files. ## Using Existing Secrets in Kubernetes If you have a secret defined in your Kubernetes cluster, you can reference it in your deployment by setting the `existingSecret` field in your `values.yaml` file. For example, if you have a secret named `my-custom-signals-gisib-ams-secrets` (that we have set up in the example above) , you can reference it in your `values.yaml` file like this: ```yaml existingSecret: my-custom-signals-gisib-ams-secrets ``` This will tell Kubernetes to use the secret named `my-custom-signals-gisib-ams-secrets` for the app deployment instead of creating a new secret. Make sure that the secret has the same keys as those referenced in the `values.yaml` file. ## Customizable Environment Variables The `signals-gisib-ams app` can be customized by setting values in a `values.yaml` file when deploying. Among the values that can be set are environment variables (env vars) that control various aspects of the application's behavior. The following table explains the env vars that can be set: | Env Var Name | Description | Default Value | |----------------------------------------|-------------------------------------------------------------------------------------------------------|-----------------------| | ALLOWED_HOSTS | A comma-separated list of allowed hosts for the app. Set to `*` to allow any host. | `gisib.signals.local` | | LOGGING_LEVEL | The level of logging to use (e.g., `DEBUG`, `INFO`, `WARNING`, `ERROR`, `CRITICAL`). | `INFO` | | APPLICATION_INSIGHTS_CONNECTION_STRING | A connection string for Application Insights. Set to `false` to disable Application Insights. | `false` | | CORS_ALLOW_ALL_ORIGINS | Whether to allow requests from any origin. Set to `True` to allow all origins. | `True` | | CORS_ALLOWED_ORIGINS | A comma-separated list of allowed origins for CORS. | `null` | | DATABASE_HOST | The hostname or IP address of the PostgreSQL database server. | `postgresql` | | DATABASE_PORT | The port number to use for the PostgreSQL database server. | `5432` | | DATABASE_USER | The username to use when connecting to the PostgreSQL database server. | `postgres` | | DATABASE_NAME | The name of the database to use. | `signals-gisib` | | RABBITMQ_HOST | The hostname or IP address of the RabbitMQ server. | `rabbitmq` | | RABBITMQ_PORT | The port number to use for the RabbitMQ server. | `5672` | | RABBITMQ_VHOST | The virtual host to use when connecting to the RabbitMQ server. | `""` | | RABBITMQ_USER | The username to use when connecting to the RabbitMQ server. | `signals-gisib-ams` | | GISIB_BASE_URI | The base URI of the GISIB API. | `null` | | GISIB_USERNAME | The username to use when authenticating with the GISIB API. | `null` | | GISIB_LIMIT | The maximum number of records to retrieve from the GISIB API per request. | `500` | | GISIB_SLEEP | The number of seconds to sleep between requests to the GISIB API. | `0.5` | | SIGNALS_BASE_URI | The base URI of the Signals API. | `null` | | KEYCLOAK_ENABLED | Whether Keycloak authentication is enabled. | `false` | | KEYCLOAK_SERVER_URL | The URL of the Keycloak server. | `null` | | KEYCLOAK_REALM_NAME | The name of the Keycloak realm to use. | `null` | | KEYCLOAK_GRANT_TYPE | The grant type to use when authenticating with | `null` | Example `values.yaml`: ```yaml env: ALLOWED_HOSTS: gisib.signals.local CORS_ALLOW_ALL_ORIGINS: true CORS_ALLOWED_ORIGINS: http://gisib.signals.local,https://gisib.signals.local ``` Open a terminal and navigate to the root directory of the `signals-gisib-ams` application. Run the following command to deploy the application: ```bash helm upgrade --install signals-gisib-ams ./helm-charts/signals-gisib-ams --values /path/to/values.yaml ```