Documentation
¶
Overview ¶
Package quincey provides a Pulumi component for deploying and managing the Quincey service in a Kubernetes cluster. It handles the creation and configuration of all necessary Kubernetes resources including deployments, services, and Istio configurations.
The package provides a high-level interface for deploying the Quincey service with proper Kubernetes resource configuration, including: - Deployment with proper resource limits and environment variables - Service for internal communication - Istio VirtualService for external access - Authentication and authorization policies
Index ¶
Constants ¶
const ( // Port defaults DefaultQuinceyPort = 8080 DefaultMetricsPort = 9000 // Deployment defaults DefaultReplicas = 1 // Component kind ComponentKind = "signet:index:Quincey" )
Resource defaults
const ( // ServiceName is the name of the Quincey service ServiceName = "quincey-server" // AppLabel is the label used to identify Quincey resources AppLabel = "quincey-server" // ComponentName is the name of this component ComponentName = "quincey" )
Resource names and identifiers
const ( ServiceSuffix = "-service" DeploymentSuffix = "-deployment" ServiceAccountSuffix = "-sa" ConfigMapSuffix = "-configmap" VirtualServiceSuffix = "-vservice" RequestAuthSuffix = "-request-auth" AuthPolicySuffix = "-auth-policy" )
Resource name suffixes
const ( IstioNetworkingAPIVersion = "networking.istio.io/v1alpha3" IstioSecurityAPIVersion = "security.istio.io/v1beta1" VirtualServiceKind = "VirtualService" RequestAuthenticationKind = "RequestAuthentication" AuthorizationPolicyKind = "AuthorizationPolicy" )
Istio API versions and kinds
const ( JWTTokenHeader = "authorization" JWTTokenPrefix = "Bearer " OAuthIssuerClaim = "iss" DefaultAppSelector = "signet" )
JWT and OAuth constants
const (
ServiceTypeClusterIP = "ClusterIP"
)
Service types
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Quincey ¶
type Quincey interface {
// GetServiceURL returns the internal Kubernetes service URL for the Quincey service
GetServiceURL() pulumi.StringOutput
// GetMetricsURL returns the URL for accessing the metrics endpoint
GetMetricsURL() pulumi.StringOutput
}
Quincey defines the interface for interacting with a Quincey deployment.
type QuinceyComponent ¶
type QuinceyComponent struct {
Service *corev1.Service
ServiceAccount *corev1.ServiceAccount
Deployment *appsv1.Deployment
VirtualService *crd.CustomResource
RequestAuthentication *crd.CustomResource
AuthorizationPolicy *crd.CustomResource
ConfigMap *corev1.ConfigMap
pulumi.ResourceState
}
QuinceyComponent represents a complete Quincey deployment in Kubernetes. It manages all the necessary Kubernetes resources for running the Quincey service.
func NewQuinceyComponent ¶
func NewQuinceyComponent(ctx *pulumi.Context, name string, args *QuinceyComponentArgs, opts ...pulumi.ResourceOption) (*QuinceyComponent, error)
NewQuinceyComponent creates a new Quincey deployment in the specified namespace. It sets up all necessary Kubernetes resources including the deployment, service, and Istio configurations.
Example:
component, err := NewQuinceyComponent(ctx, "quincey", &QuinceyComponentArgs{
Namespace: pulumi.String("default"),
Image: pulumi.String("quincey:latest"),
Env: QuinceyEnv{
QuinceyPort: pulumi.String("8080"),
// ... other environment variables
},
})
func (*QuinceyComponent) GetMetricsURL ¶
func (c *QuinceyComponent) GetMetricsURL() pulumi.StringOutput
GetMetricsURL returns the URL of the builder metrics endpoint
func (*QuinceyComponent) GetServiceURL ¶
func (c *QuinceyComponent) GetServiceURL() pulumi.StringOutput
GetServiceURL returns the URL of the builder service
type QuinceyComponentArgs ¶
type QuinceyComponentArgs struct {
// Namespace is the Kubernetes namespace where resources will be created
Namespace pulumi.StringInput
// Image is the container image to use for the Quincey service
Image pulumi.StringInput
// Env contains all environment variables for the Quincey service
Env QuinceyEnv
// Port is the port the service will listen on
Port pulumi.StringInput
// VirtualServiceHosts is the list of hosts for the virtual service
VirtualServiceHosts pulumi.StringArrayInput
}
QuinceyComponentArgs contains the configuration for creating a new QuinceyComponent.
func (*QuinceyComponentArgs) Validate ¶
func (args *QuinceyComponentArgs) Validate() error
Validate validates the QuinceyComponentArgs struct, ensuring all required fields are set
type QuinceyEnv ¶
type QuinceyEnv struct {
QuinceyPort pulumi.StringInput `pulumi:"quinceyPort" validate:"required"`
QuinceyKeyId pulumi.StringInput `pulumi:"quinceyKeyId" validate:"required"`
AwsAccessKeyId pulumi.StringInput `pulumi:"awsAccessKeyId" validate:"required"`
AwsSecretAccessKey pulumi.StringInput `pulumi:"awsSecretAccessKey" validate:"required"`
AwsDefaultRegion pulumi.StringInput `pulumi:"awsDefaultRegion" validate:"required"`
BlockQueryStart pulumi.StringInput `pulumi:"blockQueryStart" validate:"required"`
BlockQueryCutoff pulumi.StringInput `pulumi:"blockQueryCutoff" validate:"required"`
ChainOffset pulumi.StringInput `pulumi:"chainOffset" validate:"required"`
HostRpcUrl pulumi.StringInput `pulumi:"hostRpcUrl" validate:"required"`
OauthIssuer pulumi.StringInput `pulumi:"oauthIssuer" validate:"required"`
OauthJwksUri pulumi.StringInput `pulumi:"oauthJwksUri" validate:"required"`
OtelExporterOtlpEndpoint pulumi.StringInput `pulumi:"otelExporterOtlpEndpoint"`
OtelExporterOtlpProtocol pulumi.StringInput `pulumi:"otelExporterOtlpProtocol"`
RustLog pulumi.StringInput `pulumi:"rustLog"`
QuinceyBuilders pulumi.StringInput `pulumi:"quinceyBuilders" validate:"required"`
}
QuinceyEnv contains all environment variables needed by the Quincey service. It implements the utils.EnvProvider interface for automatic environment variable handling.
func (*QuinceyEnv) GetEnvMap ¶
func (e *QuinceyEnv) GetEnvMap() pulumi.StringMap
GetEnvMap implements the utils.EnvProvider interface
func (*QuinceyEnv) Validate ¶
func (env *QuinceyEnv) Validate() error
Validate validates the QuinceyEnv struct, ensuring all required fields are set
Source Files