feat: add OpenVox View dashboard alongside Puppetboard

Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v2
 name: puppetserver
-version: 10.0.2
+version: 10.0.3
 appVersion: 8.8.0
 description: OpenVox automates the delivery and operation of software.
 keywords: ["OpenVox", "OpenVoxserver", "automation", "iac", "infrastructure", "cm", "ci", "cd"]

README.md

@@ -501,6 +501,21 @@ The following table lists the configurable parameters of the Puppetserver chart
 | `puppetboard.ingress.extraLabels`| puppetboard ingress extraLabels |``|
 | `puppetboard.ingress.hosts`| puppetboard ingress hostnames |``|
 | `puppetboard.ingress.tls`| puppetboard ingress tls configuration |``|
+| `openvoxview.enabled` | OpenVox View availability | `false`|
+| `openvoxview.name` | OpenVox View component label | `openvoxview`|
+| `openvoxview.image` | OpenVox View image | `ghcr.io/voxpupuli/openvoxview`|
+| `openvoxview.tag` | OpenVox View image tag | `latest`|
+| `openvoxview.port` | OpenVox View container port | `5000`|
+| `openvoxview.pullPolicy` | OpenVox View image pull policy | `IfNotPresent`|
+| `openvoxview.resources` | OpenVox View resource limits |``|
+| `openvoxview.extraEnv` | OpenVox View additional container env vars |``|
+| `openvoxview.extraEnvSecret` | OpenVox View additional container env vars from pre-existing secret |``|
+| `openvoxview.service.targetPort` | target port for the OpenVox View service port |`openvoxview`|
+| `openvoxview.ingress.enabled`| OpenVox View ingress creation enabled |`false`|
+| `openvoxview.ingress.annotations`| OpenVox View ingress annotations |``|
+| `openvoxview.ingress.extraLabels`| OpenVox View ingress extraLabels |``|
+| `openvoxview.ingress.hosts`| OpenVox View ingress hostnames |``|
+| `openvoxview.ingress.tls`| OpenVox View ingress tls configuration |``|
 | `hiera.name` | hiera component label | `hiera`|
 | `hiera.hieradataurl`| hieradata repo url |``|
 | `hiera.config`| hieradata yaml config |``|
@@ -621,6 +636,27 @@ jobs | grep 'port-forward' | grep 'puppetserver'
 kill %[job_numbers_above]
 ```
 
+### Example: Enabling OpenVox View
+
+To enable the OpenVox View dashboard as a sidecar on the PuppetDB pod, you can use a values file similar to:
+
+```yaml
+openvoxview:
+  enabled: true
+  image: ghcr.io/voxpupuli/openvoxview
+  tag: latest
+  port: 5000
+  ingress:
+    enabled: true
+    hosts:
+      - openvoxview.example.com
+
+puppetboard:
+  enabled: false
+```
+
+You can also enable both dashboards at the same time by setting both `openvoxview.enabled` and `puppetboard.enabled` to `true` and configuring distinct ingress hosts or paths.
+
 ## Credits
 
 * [Miroslav Hadzhiev](https://www.linkedin.com/in/mehadzhiev/), Lead Author and Owner

templates/_helpers.tpl

@@ -123,6 +123,16 @@ app.kubernetes.io/component: {{ .Values.puppetboard.name }}
 {{ include "puppetserver.common.matchLabels" . }}
 {{- end -}}
 
+{{- define "puppetserver.openvoxview.labels" -}}
+{{ include "puppetserver.openvoxview.matchLabels" . }}
+{{ include "puppetserver.common.metaLabels" . }}
+{{- end -}}
+
+{{- define "puppetserver.openvoxview.matchLabels" -}}
+app.kubernetes.io/component: {{ .Values.openvoxview.name }}
+{{ include "puppetserver.common.matchLabels" . }}
+{{- end -}}
+
 {{- define "puppetserver.puppetserver.labels" -}}
 {{ include "puppetserver.puppetserver.matchLabels" . }}
 {{ include "puppetserver.common.metaLabels" . }}

templates/openvoxview-ingress.yaml

@@ -0,0 +1,53 @@
+{{- if and .Values.openvoxview.enabled .Values.openvoxview.ingress.enabled }}
+{{- $releaseName := .Release.Name -}}
+{{- $serviceName := ( include "puppetdb.fullname" . ) }}
+{{- $servicePort := .Values.openvoxview.port -}}
+{{- $pathType := .Values.openvoxview.ingress.pathType | default "ImplementationSpecific" -}}
+{{- $apiIsStable := eq (include "puppetserver.ingress.isStable" .) "true" -}}
+{{- $ingressSupportsPathType := eq (include "puppetserver.ingress.supportsPathType" .) "true" -}}
+apiVersion: {{ include "puppetserver.ingress.apiVersion" . }}
+kind: Ingress
+metadata:
+  {{- if .Values.openvoxview.ingress.annotations }}
+  annotations:
+    {{ toYaml .Values.openvoxview.ingress.annotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "puppetserver.puppetdb.labels" . | nindent 4 }}
+    {{- range $key, $value := .Values.openvoxview.ingress.extraLabels }}
+    {{ $key }}: {{ $value }}
+    {{- end }}
+  name: {{ template "puppetdb.fullname" . }}-openvoxview
+spec:
+  {{- if $apiIsStable }}
+  {{- if .Values.openvoxview.ingress.ingressClassName }}
+  ingressClassName: {{ .Values.openvoxview.ingress.ingressClassName }}
+  {{- end }}
+  {{- end }}
+  rules:
+    {{- range .Values.openvoxview.ingress.hosts }}
+    {{- $url := splitList "/" . }}
+    - host: {{ first $url }}
+      http:
+        paths:
+          - path: {{ if gt (len $url) 1 }}{{ printf "/%s" (join "/" (rest $url)) }}{{ else }} / {{ end }}
+            {{- if $ingressSupportsPathType }}
+            pathType: {{ $pathType }}
+            {{- end }}
+            backend:
+              {{- if $apiIsStable }}
+              service:
+                name: {{ $serviceName }}
+                port:
+                  number: {{ $servicePort }}
+              {{- else }}
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+              {{- end }}
+    {{- end -}}
+  {{- if .Values.openvoxview.ingress.tls }}
+  tls:
+    {{ toYaml .Values.openvoxview.ingress.tls | nindent 4 }}
+  {{- end -}}
+{{- end -}}
+

templates/puppetdb-deployment.yaml

@@ -218,6 +218,57 @@ spec:
             - name: puppetdb-storage
               mountPath: /opt/puppetlabs/server/data/puppetdb
         {{- end }}
+        {{- if .Values.openvoxview.enabled }}
+        - name: openvoxview
+          image: "{{.Values.openvoxview.image}}:{{.Values.openvoxview.tag}}"
+          imagePullPolicy: "{{.Values.openvoxview.pullPolicy}}"
+          resources:
+            {{- toYaml .Values.openvoxview.resources | nindent 12 }}
+          env:
+            - name: LISTEN
+              value: "0.0.0.0"
+            - name: PORT
+              value: {{ .Values.openvoxview.port | quote }}
+            - name: PUPPETDB_HOST
+              value: {{ if .Values.singleCA.enabled}}{{.Values.singleCA.puppetdb.overrideHostname}}{{ else }}{{ ( include "puppetdb.fullname" . ) }}{{ end }}
+            - name: PUPPETDB_PORT
+              value: "8081"
+            - name: PUPPETDB_TLS
+              value: "true"
+            - name: PUPPETDB_TLS_CA
+              value: "/opt/puppetlabs/server/data/puppetdb/certs/certs/ca.pem"
+            - name: PUPPETDB_TLS_KEY
+              value: "/opt/puppetlabs/server/data/puppetdb/certs/private_keys/openvoxdb.pem"
+            - name: PUPPETDB_TLS_CERT
+              value: "/opt/puppetlabs/server/data/puppetdb/certs/certs/openvoxdb.pem"
+            {{- range $key, $value := .Values.global.extraEnv }}
+            - name: {{ $key }}
+              value: "{{ $value }}"
+            {{- end }}
+            {{- range $key, $value := .Values.openvoxview.extraEnv }}
+            - name: {{ $key }}
+              value: "{{ $value }}"
+            {{- end }}
+          envFrom:
+          {{- if .Values.global.extraEnvSecret }}
+            - secretRef:
+                name: {{ .Values.global.extraEnvSecret }}
+          {{- end }}
+          {{- if .Values.openvoxview.extraEnvSecret }}
+            - secretRef:
+                name: {{ .Values.openvoxview.extraEnvSecret }}
+          {{- end }}
+          ports:
+            - name: openvoxview
+              containerPort: {{ .Values.openvoxview.port }}
+          securityContext:
+            {{- toYaml .Values.openvoxview.securityContext | nindent 12 }}
+            runAsUser: {{ .Values.global.securityContext.runAsUser }}
+            runAsGroup: {{ .Values.global.securityContext.runAsGroup }}
+          volumeMounts:
+            - name: puppetdb-storage
+              mountPath: /opt/puppetlabs/server/data/puppetdb
+        {{- end }}
         {{- if and .Values.singleCA.enabled .Values.singleCA.crl.asSidecar }}
         # singleCA crl script update Sidecar
         - name: update-crl

templates/puppetdb-service.yaml

@@ -25,6 +25,11 @@ spec:
       port: {{ .Values.puppetboard.port }}
       targetPort: {{ .Values.puppetboard.service.targetPort }}
     {{- end }}
+    {{- if .Values.openvoxview.enabled }}
+    - name: openvoxview
+      port: {{ .Values.openvoxview.port }}
+      targetPort: {{ .Values.openvoxview.service.targetPort }}
+    {{- end }}
     {{- if .Values.metrics.prometheus.enabled }}
     - name: metrics
       port: {{ .Values.metrics.prometheus.port }}

tests/__snapshot__/jmx-servicemonitor_test.yaml.snap

@@ -9,7 +9,7 @@ manifest should match snapshot:
         app.kubernetes.io/managed-by: Helm
         app.kubernetes.io/name: puppetserver
         app.kubernetes.io/version: 8.8.0
-        helm.sh/chart: puppetserver-10.0.2
+        helm.sh/chart: puppetserver-10.0.3
         release: kube-prometheus-stack
       name: puppetserver-jmx
       namespace: puppet

tests/__snapshot__/openvoxview-ingress_test.yaml.snap

@@ -0,0 +1,22 @@
+should create openvoxview ingress when enabled:
+  1: |
+    apiVersion: extensions/v1beta1
+    kind: Ingress
+    metadata:
+      labels:
+        app.kubernetes.io/component: puppetdb
+        app.kubernetes.io/instance: puppetserver
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: puppetserver
+        app.kubernetes.io/version: 8.8.0
+        helm.sh/chart: puppetserver-10.0.3
+      name: puppetserver-puppetdb-openvoxview
+    spec:
+      rules:
+        - host: openvoxview.example.com
+          http:
+            paths:
+              - backend:
+                  serviceName: puppetserver-puppetdb
+                  servicePort: 5000
+                path: /