chore(app): add headless service type to chart

stevepentland · stevepentland · commit 28dd3232542f · 2024-03-10T18:38:20.000-04:00
In some scenarios, an ExternalName service cannot point to an IP
address. For these cases, a headless service + endpoint slice may
resolve any issues
diff --git a/charts/nx-cloud/Chart.yaml b/charts/nx-cloud/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 name: nx-cloud
 description: Nx Cloud Helm Chart
 type: application
-version: 0.14.1
+version: 0.15.0-rc.1
 maintainers:
   - name: nx
     url: "https://nx.app/"
diff --git a/charts/nx-cloud/ci/endpointslice-values.yaml b/charts/nx-cloud/ci/endpointslice-values.yaml
@@ -0,0 +1,69 @@
+global:
+  imageTag: '2308.22.7'
+
+nxCloudAppURL: 'URL_TO_ACCESS_INGRESS_FROM_DEV_MACHINES'
+
+secret:
+  name: 'cloudsecret'
+  nxCloudMongoServerEndpoint: 'NX_CLOUD_MONGO_SERVER_ENDPOINT'
+  adminPassword: 'ADMIN_PASSWORD'
+
+# When creating new values files for testing, bring over the lines below. The generated environment is quite resource
+# constrained and with the default settings from values.yaml some of the pods will fail to schedule.
+frontend:
+  resources:
+    requests:
+      memory: '0.5Mi'
+      cpu: '0.1'
+
+nxApi:
+  resources:
+    requests:
+      memory: '0.5Mi'
+      cpu: '0.1'
+
+fileServer:
+  resources:
+    requests:
+      memory: '0.5Mi'
+      cpu: '0.1'
+
+aggregator:
+  resources:
+    requests:
+      memory: '0.5Mi'
+      cpu: '0.1'
+
+nxCloudWorkflows:
+  enabled: true
+  port: 9000
+  name: 'nx-cloud-workflow-controller-service'
+  workflowsNamespace: 'nx-cloud-workflows'
+
+  externalName: '192.0.2.22'
+  headless: true
+
+extraManifests:
+  secret:
+    apiVersion: v1
+    kind: Secret
+    metadata:
+      name: cloudsecret
+      namespace: default
+    type: Opaque
+    stringData:
+      NX_CLOUD_MONGO_SERVER_ENDPOINT: "mongodb://127.0.0.1"
+      ADMIN_PASSWORD: "SOME_ADMIN_PASSWORD"
+      GITHUB_SECRET: "I_AM_A_SECRET_VALUE"
+      GH_CLIENT_ID: "I_AM_A_SECRET_VALUE"
+      GH_CLIENT_SECRET_VALUE: "I_AM_A_SECRET_VALUE"
+      SOME_SECRET_TOKEN: "I_AM_A_SECRET_VALUE"
+      GITLAB_ACCESS_TOKEN: "I_AM_A_SECRET_VALUE"
+      GITHUB_AUTH_CLIENT_ID: "A_GITHUB_ID"
+      GITHUB_AUTH_CLIENT_SECRET: "A_GITHUB_CLIENT_SECRET"
+      GITHUB_WEBHOOK_SECRET: "A_GITHUB_SECRET_VALUE"
+      GITHUB_AUTH_TOKEN: "A_GITHUB_SECRET_VALUE"
+      GITHUB_APP_PRIVATE_KEY: "A_GITHUB_SECRET_VALUE"
+      GITHUB_APP_ID: "A_GITHUB_SECRET_VALUE"
+      AWS_KEY: "MYAWSKEY"
+      AWS_SECRET: "SUPER_SECRET_AWS_SECRET"
diff --git a/charts/nx-cloud/templates/nx-cloud-workflow-controller-service.yaml b/charts/nx-cloud/templates/nx-cloud-workflow-controller-service.yaml
@@ -1,4 +1,40 @@
-{{- if and .Values.nxCloudWorkflows.enabled .Values.nxCloudWorkflows.externalName }}
+{{- if and .Values.nxCloudWorkflows.enabled .Values.nxCloudWorkflows.externalName}}
+{{- if .Values.nxCloudWorkflows.headless }}
+# Headless service and endpoint slice
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Values.nxCloudWorkflows.name }}
+  namespace: {{ .Values.global.namespace }}
+  labels:
+    app: nx-cloud-workflow-controller
+    {{- include "nxCloud.app.labels" . | indent 4 }}
+spec:
+  ports:
+  - port: {{ .Values.nxCloudWorkflows.port }}
+    protocol: TCP
+    targetPort: {{ .Values.nxCloudWorkflows.port }}
+---
+apiVersion: v1
+kind: EndpointSlice
+metadata:
+  name: {{ printf "%s-1" .Values.nxCloudWorkflows.name }}
+  namespace: {{ .Values.global.namespace }}
+  labels:
+    kubernetes.io/service-name: {{ .Values.nxCloudWorkflows.name }}
+    endpointslice.kubernetes.io/manage-by: helm
+    app: nx-cloud-workflow-controller
+    {{- include "nxCloud.app.labels" . | indent 4 }}
+addressType: IPv4
+ports:
+- name: ''
+  protocol: TCP
+  port: {{ .Values.nxCloudWorkflows.port }}
+endpoints:
+- addresses:
+  - {{ .Values.nxCloudWorkflows.externalName }}
+{{- else }}
 ---
 apiVersion: v1
 kind: Service
@@ -14,3 +50,4 @@ spec:
   externalName: {{ .Values.nxCloudWorkflows.externalName }}
   {{- end }}
 {{- end }}
+{{- end }}
diff --git a/charts/nx-cloud/values.yaml b/charts/nx-cloud/values.yaml
@@ -135,7 +135,6 @@ nxCloudWorkflows:
   name: 'nx-cloud-workflow-controller-service'
   workflowsNamespace: 'nx-cloud-workflows'
 
-
   # If externalName is left unset, the applications will look for ane existing service with the name defined
   # by `nxCloudWorkflows.name` in the namespace `nxCloudWorkflows.workflowsNamespace`. Use this option if you are
   # also running the nx-agents chart in the same cluster as this nx-cloud chart
@@ -145,6 +144,10 @@ nxCloudWorkflows:
   # Use this option if your nx-agents are running in a different cluster than this nx-cloud chart
   externalName: ''
 
+  # If you find that an externalName service is not working as expected, you can set this to true to create a headless service
+  # which will create an endpoint group as an alternative
+  headless: false
+
 # Deprecated, use nxApi.deployment.replicas and frontend.deployment.replicas
 replicas:
   frontend: 1
