Documentation
¶
Overview ¶
Package quincey provides a Pulumi component for deploying and managing the Quincey service in a Kubernetes cluster. It handles the creation and configuration of all necessary Kubernetes resources including deployments, services, and Istio configurations.
The package provides a high-level interface for deploying the Quincey service with proper Kubernetes resource configuration, including: - Deployment with proper resource limits and environment variables - Service for internal communication - Istio VirtualService for external access - Authentication and authorization policies
Index ¶
Constants ¶
const ( // Port defaults DefaultQuinceyPort = 8080 DefaultMetricsPort = 9000 // Deployment defaults DefaultReplicas = 1 // Component kind ComponentKind = "signet:index:Quincey" )
Resource defaults
const ( // ServiceName is the name of the Quincey service ServiceName = "quincey-server" // AppLabel is the label used to identify Quincey resources AppLabel = "quincey-server" // ComponentName is the name of this component ComponentName = "quincey" )
Resource names and identifiers
const ( ServiceSuffix = "-service" DeploymentSuffix = "-deployment" ServiceAccountSuffix = "-sa" ConfigMapSuffix = "-configmap" VirtualServiceSuffix = "-vservice" RequestAuthSuffix = "-request-auth" AuthPolicySuffix = "-auth-policy" )
Resource name suffixes
const ( IstioNetworkingAPIVersion = "networking.istio.io/v1alpha3" IstioSecurityAPIVersion = "security.istio.io/v1beta1" VirtualServiceKind = "VirtualService" RequestAuthenticationKind = "RequestAuthentication" AuthorizationPolicyKind = "AuthorizationPolicy" )
Istio API versions and kinds
const ( JWTTokenHeader = "authorization" JWTTokenPrefix = "Bearer " OAuthIssuerClaim = "iss" DefaultAppSelector = "signet" )
JWT and OAuth constants
const (
ServiceTypeClusterIP = "ClusterIP"
)
Service types
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Quincey ¶
type Quincey interface {
// GetServiceURL returns the internal Kubernetes service URL for the Quincey service
GetServiceURL(name string, namespace pulumi.StringInput) pulumi.StringOutput
// GetMetricsURL returns the URL for accessing the metrics endpoint
GetMetricsURL(name string, namespace pulumi.StringInput) pulumi.StringOutput
}
Quincey defines the interface for interacting with a Quincey deployment.
type QuinceyComponent ¶
type QuinceyComponent struct {
Service *corev1.Service
ServiceAccount *corev1.ServiceAccount
Deployment *appsv1.Deployment
VirtualService *crd.CustomResource
RequestAuthentication *crd.CustomResource
AuthorizationPolicy *crd.CustomResource
ConfigMap *corev1.ConfigMap
pulumi.ResourceState
}
QuinceyComponent represents a complete Quincey deployment in Kubernetes. It manages all the necessary Kubernetes resources for running the Quincey service.
func NewQuinceyComponent ¶
func NewQuinceyComponent(ctx *pulumi.Context, name string, args *QuinceyComponentArgs, opts ...pulumi.ResourceOption) (*QuinceyComponent, error)
NewQuinceyComponent creates a new Quincey deployment in the specified namespace. It sets up all necessary Kubernetes resources including the deployment, service, and Istio configurations.
Example:
component, err := NewQuinceyComponent(ctx, "quincey", &QuinceyComponentArgs{
Namespace: pulumi.String("default"),
Image: pulumi.String("quincey:latest"),
Env: QuinceyEnv{
QuinceyPort: "8080",
// ... other environment variables
},
})
func (*QuinceyComponent) GetMetricsURL ¶
func (c *QuinceyComponent) GetMetricsURL(name string, namespace pulumi.StringInput) pulumi.StringOutput
GetMetricsURL returns the URL of the builder metrics endpoint
func (*QuinceyComponent) GetServiceURL ¶
func (c *QuinceyComponent) GetServiceURL(name string, namespace pulumi.StringInput) pulumi.StringOutput
GetServiceURL returns the URL of the builder service
type QuinceyComponentArgs ¶
type QuinceyComponentArgs struct {
// Namespace is the Kubernetes namespace where resources will be created
Namespace string
// Image is the container image to use for the Quincey service
Image string
// Env contains all environment variables for the Quincey service
Env QuinceyEnv
// Port is the port the service will listen on
Port int
// VirtualServiceHosts is the list of hosts for the virtual service
VirtualServiceHosts []string
}
Public-facing structs with base Go types
func (*QuinceyComponentArgs) Validate ¶
func (args *QuinceyComponentArgs) Validate() error
Validate validates the QuinceyComponentArgs struct, ensuring all required fields are set
type QuinceyEnv ¶
type QuinceyEnv struct {
QuinceyPort string `pulumi:"quinceyPort" validate:"required"`
QuinceyKeyId string `pulumi:"quinceyKeyId" validate:"required"`
AwsAccessKeyId string `pulumi:"awsAccessKeyId" validate:"required"`
AwsSecretAccessKey string `pulumi:"awsSecretAccessKey" validate:"required"`
AwsDefaultRegion string `pulumi:"awsDefaultRegion" validate:"required"`
BlockQueryStart string `pulumi:"blockQueryStart" validate:"required"`
BlockQueryCutoff string `pulumi:"blockQueryCutoff" validate:"required"`
ChainOffset string `pulumi:"chainOffset" validate:"required"`
HostRpcUrl string `pulumi:"hostRpcUrl" validate:"required"`
OauthIssuer string `pulumi:"oauthIssuer" validate:"required"`
OauthJwksUri string `pulumi:"oauthJwksUri" validate:"required"`
OtelExporterOtlpEndpoint string `pulumi:"otelExporterOtlpEndpoint"`
OtelExporterOtlpProtocol string `pulumi:"otelExporterOtlpProtocol"`
RustLog string `pulumi:"rustLog"`
QuinceyBuilders string `pulumi:"quinceyBuilders" validate:"required"`
}
Public-facing environment struct with base Go types
func (*QuinceyEnv) Validate ¶
func (env *QuinceyEnv) Validate() error
Validate validates the QuinceyEnv struct, ensuring all required fields are set
Source Files