feat: better quickstart

Author: abelanger5

charts/hatchet-api/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: hatchet-api
 description: A Helm chart for deploying Hatchet API components on Kubernetes.
 type: application
-version: 0.5.0
+version: 0.6.0
 maintainers:
   - name: Hatchet Engineering
     email: [email protected]

charts/hatchet-api/templates/deployment.yaml

@@ -55,7 +55,10 @@ spec:
           value: "{{ $value }}"
         {{- end }}
         envFrom:
-{{ toYaml .Values.envFrom | indent 10 }}
+{{ toYaml .Values.deploymentEnvFrom | nindent 10 }}
+{{- if .Values.envFrom }}
+{{ toYaml .Values.envFrom | nindent 10 }}
+{{- end }}
         ports:
         - containerPort: {{ .Values.service.internalPort }}
           name: {{ template "hatchet.name" . }}

charts/hatchet-api/templates/pre-deploy-hook.yaml

@@ -0,0 +1,131 @@
+{{- if .Values.setupJob.enabled }}
+# create a role and rolebinding to write to the configmap
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: hatchet-config-writer
+  labels:
+{{- include "hatchet.labels" . | nindent 4 }}
+rules:
+- apiGroups: [""]
+  resources: ["configmaps", "secrets"]
+  verbs: ["get", "create", "update", "patch", "delete"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: hatchet-config-writer
+  labels:
+{{- include "hatchet.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: hatchet-config-writer
+subjects:
+- kind: ServiceAccount
+  name: {{ template "hatchet.serviceAccountName" . }}
+  namespace: {{ .Release.Namespace }}
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: "{{ .Release.Name | trunc 20 }}-{{ randAlphaNum 10 | lower }}"
+  labels:
+{{- include "hatchet.labels" . | nindent 4 }}
+spec:
+  backoffLimit: 1
+  activeDeadlineSeconds: 300
+  template:
+    metadata:
+      name: {{ template "hatchet.fullname" . }}-migration
+      labels:
+{{- include "hatchet.labels" . | nindent 8 }}
+    spec:
+      restartPolicy: Never
+      shareProcessNamespace: true
+      serviceAccountName: {{ template "hatchet.serviceAccountName" . }}
+      {{- if .Values.priorityClassName }}
+      priorityClassName: "{{ .Values.priorityClassName }}"
+      {{- end }}
+      initContainers:
+      # Run migrations as an init container
+      {{- if .Values.migrationJob.enabled }}
+      - name: migration-job
+        image: "{{ .Values.migrationJob.image.repository }}:{{ required "Please set a value for .Values.image.tag" .Values.migrationJob.image.tag }}"
+        imagePullPolicy: Always
+        command: ["/bin/sh", "-c"]
+        args:
+        - ./atlas-apply.sh
+        securityContext:
+          capabilities:
+            add:
+              - SYS_PTRACE
+        env:
+        {{- range $key, $value := .Values.env }}
+          - name: "{{ $key }}"
+            value: "{{ $value }}"
+        {{- end }}
+        envFrom: 
+{{ toYaml .Values.envFrom | indent 10 }}
+      {{- end }}
+      {{- if .Values.seedJob.enabled }}
+      - name: seed-job
+        image: "{{ .Values.setupJob.image.repository }}:{{ required "Please set a value for .Values.image.tag" .Values.setupJob.image.tag }}"
+        imagePullPolicy: Always
+        # this command requires read-write access on the hatchet-config configmap
+        command: ["/hatchet/hatchet-admin", "quickstart", "--skip", "certs", "--skip", "keys"]
+        securityContext:
+          capabilities:
+            add:
+              - SYS_PTRACE
+        env:
+        {{- range $key, $value := .Values.env }}
+          - name: "{{ $key }}"
+            value: "{{ $value }}"
+        {{- end }}
+        envFrom: 
+{{ toYaml .Values.envFrom | indent 10 }}
+      {{- end }}
+      {{- if and (not .Values.migrationJob.enabled) (not .Values.seedJob.enabled) }}
+      []
+      {{- end }}
+      containers:
+      - name: setup-job
+        image: "{{ .Values.setupJob.image.repository }}:{{ required "Please set a value for .Values.image.tag" .Values.setupJob.image.tag }}"
+        imagePullPolicy: Always
+        # this command requires read-write access on the hatchet-config configmap
+        command: ["/hatchet/hatchet-admin", "k8s", "quickstart", "--namespace", "{{ .Release.Namespace }}"]
+        securityContext:
+          capabilities:
+            add:
+              - SYS_PTRACE
+        env:
+        {{- range $key, $value := .Values.env }}
+          - name: "{{ $key }}"
+            value: "{{ $value }}"
+        {{- end }}
+        envFrom: 
+{{ toYaml .Values.envFrom | indent 10 }}
+      - name: setup-worker-token
+        image: "{{ .Values.setupJob.image.repository }}:{{ required "Please set a value for .Values.image.tag" .Values.setupJob.image.tag }}"
+        imagePullPolicy: Always
+        # this command requires read-write access on the hatchet-config configmap
+        command: ["/hatchet/hatchet-admin", "k8s", "create-worker-token", "--namespace", "{{ .Release.Namespace }}"]
+        securityContext:
+          capabilities:
+            add:
+              - SYS_PTRACE
+        env:
+        {{- range $key, $value := .Values.env }}
+          - name: "{{ $key }}"
+            value: "{{ $value }}"
+        {{- end }}
+        envFrom: 
+{{ toYaml .Values.deploymentEnvFrom | nindent 10 }}
+{{- if .Values.envFrom }}
+{{ toYaml .Values.envFrom | nindent 10 }}
+{{- end }}
+{{- with .Values.extraContainers }}
+{{ toYaml . | indent 8 }}
+{{- end }}
+{{- end }}

charts/hatchet-api/templates/setup-job.yaml

@@ -1,13 +1,27 @@
 image:
   repository: "ghcr.io/hatchet-dev/hatchet/hatchet-api"
-  tag: "v0.42.8"
+  tag: "v0.42.12"
   pullPolicy: "Always"
 
 migrationJob:
   enabled: true
   image:
     repository: "ghcr.io/hatchet-dev/hatchet/hatchet-migrate"
-    tag: "v0.42.8"
+    tag: "v0.42.12"
+    pullPolicy: "Always"
+
+seedJob:
+  enabled: true
+  image:
+    repository: "ghcr.io/hatchet-dev/hatchet/hatchet-admin"
+    tag: "v0.42.12"
+    pullPolicy: "Always"
+
+setupJob:
+  enabled: true
+  image:
+    repository: "ghcr.io/hatchet-dev/hatchet/hatchet-admin"
+    tag: "v0.42.12"
     pullPolicy: "Always"
 
 commandline:
@@ -28,6 +42,10 @@ retainFailedHooks: false
 
 env: {}
 
+deploymentEnvFrom:
+  - secretRef:
+      name: hatchet-config
+
 envFrom: []
 
 files: {}

charts/hatchet-api/values.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: hatchet-frontend
 description: A Helm chart for deploying a frontend static file server on Kubernetes.
 type: application
-version: 0.5.0
+version: 0.6.0
 maintainers:
   - name: Hatchet Engineering
     email: [email protected]

charts/hatchet-frontend/Chart.yaml

@@ -1,6 +1,6 @@
 image:
   repository: "ghcr.io/hatchet-dev/hatchet/hatchet-frontend"
-  tag: "v0.42.8"
+  tag: "v0.42.12"
   pullPolicy: "Always"
 
 commandline:

charts/hatchet-frontend/values.yaml

@@ -1,18 +1,18 @@
 dependencies:
 - name: hatchet-api
   repository: file://../hatchet-api
-  version: 0.5.0
+  version: 0.6.0
 - name: hatchet-api
   repository: file://../hatchet-api
-  version: 0.5.0
+  version: 0.6.0
 - name: hatchet-frontend
   repository: file://../hatchet-frontend
-  version: 0.5.0
+  version: 0.6.0
 - name: postgresql
   repository: https://charts.bitnami.com/bitnami
   version: 14.3.3
 - name: rabbitmq
   repository: https://charts.bitnami.com/bitnami
   version: 12.15.0
-digest: sha256:2ce45e960b781a4d24cfe7da62528b1d9e8627243a8d5374ec27b01ec1d99b10
-generated: "2024-08-20T15:58:44.184303-04:00"
+digest: sha256:9a33ce0d42d2ee3ea4d6205e51cf7f06ba2192a4250fd2739a04b85db5a3f8d9
+generated: "2024-08-22T17:26:47.846473-04:00"

charts/hatchet-stack/Chart.lock

@@ -2,25 +2,25 @@ apiVersion: v2
 name: hatchet-stack
 description: A Helm chart for deploying Hatchet on Kubernetes together with a PostgreSQL database and RabbitMQ.
 type: application
-version: 0.5.0
+version: 0.6.0
 maintainers:
   - name: Hatchet Engineering
     email: [email protected]
 dependencies:
   - name: "hatchet-api"
     condition: api.enabled
     repository: "file://../hatchet-api"
-    version: "^0.5.0"
+    version: "^0.6.0"
     alias: api
   - name: "hatchet-api"
     condition: engine.enabled
     repository: "file://../hatchet-api"
-    version: "^0.5.0"
+    version: "^0.6.0"
     alias: engine
   - name: "hatchet-frontend"
     condition: frontend.enabled
     repository: "file://../hatchet-frontend"
-    version: "^0.5.0"
+    version: "^0.6.0"
     alias: frontend
   - name: "postgresql"
     condition: postgres.enabled

charts/hatchet-stack/Chart.yaml

@@ -3,7 +3,7 @@ api:
   replicaCount: 2
   image:
     repository: "ghcr.io/hatchet-dev/hatchet/hatchet-api"
-    tag: "v0.42.8"
+    tag: "v0.42.12"
     pullPolicy: "Always"
   migrationJob:
     image:
@@ -16,9 +16,9 @@ api:
     SERVER_URL: "http://localhost:8080"
     SERVER_AUTH_COOKIE_INSECURE: "t"
     SERVER_AUTH_SET_EMAIL_VERIFIED: "t"
-    SERVER_LOGGER_LEVEL: "debug"
+    SERVER_LOGGER_LEVEL: "warn"
     SERVER_LOGGER_FORMAT: "console"
-    DATABASE_LOGGER_LEVEL: "debug"
+    DATABASE_LOGGER_LEVEL: "warn"
     DATABASE_LOGGER_FORMAT: "console"
     SERVER_AUTH_GOOGLE_ENABLED: "f"
     SERVER_AUTH_BASIC_AUTH_ENABLED: "t"
@@ -56,10 +56,12 @@ engine:
   replicaCount: 1
   image:
     repository: "ghcr.io/hatchet-dev/hatchet/hatchet-engine"
-    tag: "v0.42.8"
+    tag: "v0.42.12"
     pullPolicy: "Always"
   migrationJob:
     enabled: false
+  setupJob:
+    enabled: false
   service:
     externalPort: 7070
     internalPort: 7070
@@ -115,7 +117,7 @@ frontend:
   enabled: true
   image:
     repository: "ghcr.io/hatchet-dev/hatchet/hatchet-frontend"
-    tag: "v0.42.8"
+    tag: "v0.42.12"
     pullPolicy: "Always"
   service:
     externalPort: 8080