From 35f0f70a302849229949948c51a8cf381140c4ef Mon Sep 17 00:00:00 2001 From: Tamal Saha Date: Fri, 6 Sep 2024 15:04:15 -0700 Subject: [PATCH] Prepare first release (#7) Signed-off-by: sami Signed-off-by: Tamal Saha Co-authored-by: sami Co-authored-by: sohan --- apis/installer/v1alpha1/inbox_agent_types.go | 5 +-- apis/installer/v1alpha1/inbox_server_types.go | 19 ++++++++--- .../v1alpha1/zz_generated.deepcopy.go | 20 ++++++++++++ charts/inbox-agent/README.md | 3 +- .../templates/operator/config.yaml | 5 +-- .../templates/operator/deployment.yaml | 25 +++++++++++---- .../templates/webhook/deployment.yaml | 17 ++++++++-- .../inbox-agent/values.openapiv3_schema.yaml | 7 ++-- charts/inbox-agent/values.yaml | 3 +- charts/inbox-server/README.md | 5 +-- .../templates/james/james-admin-ingress.yaml | 32 ++++--------------- .../templates/james/jmap-ingress.yaml | 32 ++++--------------- .../inbox-server/values.openapiv3_schema.yaml | 19 +++++++++++ charts/inbox-server/values.yaml | 2 ++ 14 files changed, 119 insertions(+), 75 deletions(-) diff --git a/apis/installer/v1alpha1/inbox_agent_types.go b/apis/installer/v1alpha1/inbox_agent_types.go index 634c6e6..6358fc7 100644 --- a/apis/installer/v1alpha1/inbox_agent_types.go +++ b/apis/installer/v1alpha1/inbox_agent_types.go @@ -96,8 +96,9 @@ type InboxAgentApiserver struct { } type InboxServerInfo struct { - Endpoint string `json:"endpoint"` - Token string `json:"token"` + JMAPEndpoint string `json:"jmapEndpoint"` + WebadminEndpoint string `json:"webadminEndpoint"` + Token string `json:"token"` } // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object diff --git a/apis/installer/v1alpha1/inbox_server_types.go b/apis/installer/v1alpha1/inbox_server_types.go index 7b3ab33..870742f 100644 --- a/apis/installer/v1alpha1/inbox_server_types.go +++ b/apis/installer/v1alpha1/inbox_server_types.go @@ -77,16 +77,18 @@ type InboxServerSpec struct { } type DnsSpec struct { + Domain string `json:"domain"` EmailDomain string `json:"emailDomain"` TargetIPs []string `json:"targetIPs"` } type JamesSpec struct { - ReplicaJmapInstanceCount int `json:"replicaJmapInstanceCount"` - ReplicaImapSmtpInstanceCount int `json:"replicaImapSmtpInstanceCount"` - Image string `json:"image"` - Env JamesEnv `json:"env"` - TLS TLSSpec `json:"tls"` + ReplicaJmapInstanceCount int `json:"replicaJmapInstanceCount"` + ReplicaImapSmtpInstanceCount int `json:"replicaImapSmtpInstanceCount"` + Image string `json:"image"` + Env JamesEnv `json:"env"` + TLS TLSSpec `json:"tls"` + Secret *JamesSecret `json:"secret,omitempty"` } type JamesEnv struct { @@ -112,6 +114,13 @@ type JamesEnv struct { JamesResources core.ResourceRequirements `json:"jamesResources"` } +type JamesSecret struct { + AdminJWTPublicKey string `json:"adminJWTPublicKey"` + JwtPublicKey string `json:"jwtPublicKey"` + JwtPrivateKey string `json:"jwtPrivateKey"` + DkimPrivateKey string `json:"dkimPrivateKey"` +} + type GlowrootSpec struct { Enabled bool `json:"enabled"` } diff --git a/apis/installer/v1alpha1/zz_generated.deepcopy.go b/apis/installer/v1alpha1/zz_generated.deepcopy.go index 4753336..43afb1d 100644 --- a/apis/installer/v1alpha1/zz_generated.deepcopy.go +++ b/apis/installer/v1alpha1/zz_generated.deepcopy.go @@ -550,11 +550,31 @@ func (in *JamesEnv) DeepCopy() *JamesEnv { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *JamesSecret) DeepCopyInto(out *JamesSecret) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JamesSecret. +func (in *JamesSecret) DeepCopy() *JamesSecret { + if in == nil { + return nil + } + out := new(JamesSecret) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *JamesSpec) DeepCopyInto(out *JamesSpec) { *out = *in in.Env.DeepCopyInto(&out.Env) out.TLS = in.TLS + if in.Secret != nil { + in, out := &in.Secret, &out.Secret + *out = new(JamesSecret) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JamesSpec. diff --git a/charts/inbox-agent/README.md b/charts/inbox-agent/README.md index be1cec0..a9877ce 100644 --- a/charts/inbox-agent/README.md +++ b/charts/inbox-agent/README.md @@ -89,7 +89,8 @@ The following table lists the configurable parameters of the `inbox-agent` chart | apiserver.servingCerts.serverKey | Private key for the serving certificate used by webhook server. | "" | | monitoring.agent | Name of monitoring agent (either "prometheus.io/operator" or "prometheus.io/builtin") | "none" | | monitoring.serviceMonitor.labels | Specify the labels for ServiceMonitor. Prometheus crd will select ServiceMonitor using these labels. Only usable when monitoring agent is `prometheus.io/operator`. | {} | -| inboxServer.endpoint | | "" | +| inboxServer.jmapEndpoint | | "" | +| inboxServer.webadminEndpoint | | "" | | inboxServer.token | | "" | diff --git a/charts/inbox-agent/templates/operator/config.yaml b/charts/inbox-agent/templates/operator/config.yaml index d67b3eb..f1f922a 100644 --- a/charts/inbox-agent/templates/operator/config.yaml +++ b/charts/inbox-agent/templates/operator/config.yaml @@ -7,5 +7,6 @@ metadata: {{- include "inbox-agent.labels" . | nindent 4 }} type: Opaque stringData: - endpoint: {{ .Values.inboxServer.endpoint }} - token: {{ .Values.inboxServer.token }} + jmapEndpoint: {{ .Values.inboxServer.jmapEndpoint }} + webadminEndpoint: {{ .Values.inboxServer.webadminEndpoint }} + token: {{.Values.inboxServer.token}} diff --git a/charts/inbox-agent/templates/operator/deployment.yaml b/charts/inbox-agent/templates/operator/deployment.yaml index 39bbc5b..0086a92 100644 --- a/charts/inbox-agent/templates/operator/deployment.yaml +++ b/charts/inbox-agent/templates/operator/deployment.yaml @@ -57,12 +57,18 @@ spec: securityContext: {{- toYaml .Values.operator.securityContext | nindent 10 }} args: - - operator - - --v={{ .Values.logLevel }} - - --secure-port=8443 - - --audit-log-path=- - - --tls-cert-file=/var/serving-cert/tls.crt - - --tls-private-key-file=/var/serving-cert/tls.key + - operator + - --v={{ .Values.logLevel }} + - --secure-port=8443 + - --audit-log-path=- + - --tls-cert-file=/var/serving-cert/tls.crt + - --tls-private-key-file=/var/serving-cert/tls.key + {{- if .Values.inboxServer.jmapEndpoint }} + - --jmapEndpoint={{ .Values.inboxServer.jmapEndpoint }} + {{- end }} + {{- if .Values.inboxServer.webadminEndpoint }} + - --webadminEndpoint={{ .Values.inboxServer.webadminEndpoint }} + {{- end }} ports: - containerPort: 8443 env: @@ -78,7 +84,12 @@ spec: valueFrom: secretKeyRef: name: {{ include "inbox-agent.fullname" . }}-config - key: endpoint + key: jmapEndpoint + - name: INBOX_SERVER_WEBADMIN_ENDPOINT + valueFrom: + secretKeyRef: + name: {{ include "inbox-agent.fullname" . }}-config + key: webadminEndpoint - name: INBOX_SERVER_TOKEN valueFrom: secretKeyRef: diff --git a/charts/inbox-agent/templates/webhook/deployment.yaml b/charts/inbox-agent/templates/webhook/deployment.yaml index 82bbb2d..dfb3c61 100644 --- a/charts/inbox-agent/templates/webhook/deployment.yaml +++ b/charts/inbox-agent/templates/webhook/deployment.yaml @@ -58,8 +58,14 @@ spec: securityContext: {{- toYaml .Values.operator.securityContext | nindent 10 }} args: - - webhook - - --webhook-name={{ include "inbox-agent.fullname" . }} + - webhook + - --webhook-name={{ include "inbox-agent.fullname" . }} + {{- if .Values.inboxServer.jmapEndpoint }} + - --jmapEndpoint={{ .Values.inboxServer.jmapEndpoint }} + {{- end }} + {{- if .Values.inboxServer.webadminEndpoint }} + - --webadminEndpoint={{ .Values.inboxServer.webadminEndpoint }} + {{- end }} env: - name: POD_NAME valueFrom: @@ -69,11 +75,16 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + - name: INBOX_SERVER_WEBADMIN_ENDPOINT + valueFrom: + secretKeyRef: + name: {{ include "inbox-agent.fullname" . }}-config + key: webadminEndpoint - name: INBOX_SERVER_JMAP_ENDPOINT valueFrom: secretKeyRef: name: {{ include "inbox-agent.fullname" . }}-config - key: endpoint + key: jmapEndpoint - name: INBOX_SERVER_TOKEN valueFrom: secretKeyRef: diff --git a/charts/inbox-agent/values.openapiv3_schema.yaml b/charts/inbox-agent/values.openapiv3_schema.yaml index 4ec2af8..3de1755 100644 --- a/charts/inbox-agent/values.openapiv3_schema.yaml +++ b/charts/inbox-agent/values.openapiv3_schema.yaml @@ -945,13 +945,16 @@ properties: type: array inboxServer: properties: - endpoint: + jmapEndpoint: type: string token: type: string + webadminEndpoint: + type: string required: - - endpoint + - jmapEndpoint - token + - webadminEndpoint type: object logLevel: format: int32 diff --git a/charts/inbox-agent/values.yaml b/charts/inbox-agent/values.yaml index 8a152a7..44e4adb 100644 --- a/charts/inbox-agent/values.yaml +++ b/charts/inbox-agent/values.yaml @@ -137,5 +137,6 @@ monitoring: labels: {} inboxServer: - endpoint: "" + jmapEndpoint: "" + webadminEndpoint: "" token: "" diff --git a/charts/inbox-server/README.md b/charts/inbox-server/README.md index 4120293..d3df7b3 100644 --- a/charts/inbox-server/README.md +++ b/charts/inbox-server/README.md @@ -47,7 +47,8 @@ The following table lists the configurable parameters of the `inbox-server` char | Parameter | Description | Default | |-------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------| -| dns.emailDomain | # Default domain for all emailing components jmapUrl: "jmap.example.com" adminUrl: "admin.example.com" smtpHostname: "smtp.example.com" | "example.com" | +| dns.domain | # Default domain for all emailing components jmapUrl: "jmap.example.com" adminUrl: "admin.example.com" smtpHostname: "smtp.example.com" | "example.com" | +| dns.emailDomain | in ip mode, the emailDomain is ace.internal, otherwise same as domain | "example.com" | | dns.targetIPs | | [] | | james.replicaJmapInstanceCount | | 1 | | james.replicaImapSmtpInstanceCount | | 1 | @@ -132,7 +133,7 @@ The following table lists the configurable parameters of the `inbox-server` char Specify each parameter using the `--set key=value[,key=value]` argument to `helm upgrade -i`. For example: ```bash -$ helm upgrade -i inbox-server appscode/inbox-server -n monitoring --create-namespace --version=v2024.5.3 --set dns.emailDomain="example.com" +$ helm upgrade -i inbox-server appscode/inbox-server -n monitoring --create-namespace --version=v2024.5.3 --set dns.domain="example.com" ``` Alternatively, a YAML file that specifies the values for the parameters can be provided while diff --git a/charts/inbox-server/templates/james/james-admin-ingress.yaml b/charts/inbox-server/templates/james/james-admin-ingress.yaml index 798feb0..df408dd 100644 --- a/charts/inbox-server/templates/james/james-admin-ingress.yaml +++ b/charts/inbox-server/templates/james/james-admin-ingress.yaml @@ -2,23 +2,13 @@ {{- $fullName := printf "%s-admin" (include "inbox-server.fullname" .) -}} {{- $svcPort := 8000 -}} -{{- if and .Values.adminIngress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} - {{- if not (hasKey .Values.adminIngress.annotations "kubernetes.io/ingress.class") }} - {{- $_ := set .Values.adminIngress.annotations "kubernetes.io/ingress.class" .Values.adminIngress.className}} - {{- end }} -{{- end }} - {{- if and (not (hasKey .Values.adminIngress.annotations "external-dns.alpha.kubernetes.io/target")) .Values.dns.targetIPs }} {{- $_ := set .Values.adminIngress.annotations "external-dns.alpha.kubernetes.io/target" (join "," .Values.dns.targetIPs)}} {{- end }} +{{- $_ := set .Values.ingress.annotations "nginx.ingress.kubernetes.io/use-regex" "true" }} +{{- $_ := set .Values.ingress.annotations "nginx.ingress.kubernetes.io/rewrite-target" "/$2" }} -{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} apiVersion: networking.k8s.io/v1 -{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1beta1 -{{- else -}} -apiVersion: extensions/v1beta1 -{{- end }} kind: Ingress metadata: name: {{ $fullName }} @@ -30,31 +20,23 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: - {{- if and .Values.adminIngress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + {{- if .Values.adminIngress.className }} ingressClassName: {{ .Values.adminIngress.className }} {{- end }} {{- if .Values.adminIngress.tls }} tls: - - hosts: - - inbox-admin.{{ .Values.dns.emailDomain }} + - hosts: {{ list .Values.dns.domain | compact | toJson }} {{- toYaml .Values.adminIngress.tls | nindent 4 }} {{- end }} rules: - - host: inbox-admin.{{ .Values.dns.emailDomain }} + - host: {{ .Values.dns.domain }} http: paths: - - path: / - {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} - pathType: Prefix - {{- end }} + - path: /inbox-admin(/|$)(.*) + pathType: ImplementationSpecific backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} service: name: {{ $fullName }} port: number: {{ $svcPort }} - {{- else }} - serviceName: {{ $fullName }} - servicePort: {{ $svcPort }} - {{- end }} {{- end }} diff --git a/charts/inbox-server/templates/james/jmap-ingress.yaml b/charts/inbox-server/templates/james/jmap-ingress.yaml index 49acc95..9b66ba8 100644 --- a/charts/inbox-server/templates/james/jmap-ingress.yaml +++ b/charts/inbox-server/templates/james/jmap-ingress.yaml @@ -2,23 +2,13 @@ {{- $fullName := printf "%s-jmap" (include "inbox-server.fullname" .) -}} {{- $svcPort := 80 -}} -{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} - {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} - {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} - {{- end }} -{{- end }} - {{- if and (not (hasKey .Values.ingress.annotations "external-dns.alpha.kubernetes.io/target")) .Values.dns.targetIPs }} {{- $_ := set .Values.ingress.annotations "external-dns.alpha.kubernetes.io/target" (join "," .Values.dns.targetIPs)}} {{- end }} +{{- $_ := set .Values.ingress.annotations "nginx.ingress.kubernetes.io/use-regex" "true" }} +{{- $_ := set .Values.ingress.annotations "nginx.ingress.kubernetes.io/rewrite-target" "/$2" }} -{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} apiVersion: networking.k8s.io/v1 -{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1beta1 -{{- else -}} -apiVersion: extensions/v1beta1 -{{- end }} kind: Ingress metadata: name: {{ $fullName }} @@ -30,31 +20,23 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: - {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + {{- if .Values.ingress.className }} ingressClassName: {{ .Values.ingress.className }} {{- end }} {{- if .Values.ingress.tls }} tls: - - hosts: - - jmap.{{ .Values.dns.emailDomain }} + - hosts: {{ list .Values.dns.domain | compact | toJson }} {{- toYaml .Values.ingress.tls | nindent 4 }} {{- end }} rules: - - host: jmap.{{ .Values.dns.emailDomain }} + - host: {{ .Values.dns.domain }} http: paths: - - path: / - {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} - pathType: Prefix - {{- end }} + - path: /jmap(/|$)(.*) + pathType: ImplementationSpecific backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} service: name: {{ $fullName }} port: number: {{ $svcPort }} - {{- else }} - serviceName: {{ $fullName }} - servicePort: {{ $svcPort }} - {{- end }} {{- end }} diff --git a/charts/inbox-server/values.openapiv3_schema.yaml b/charts/inbox-server/values.openapiv3_schema.yaml index b8d69a7..63d5f04 100644 --- a/charts/inbox-server/values.openapiv3_schema.yaml +++ b/charts/inbox-server/values.openapiv3_schema.yaml @@ -1065,6 +1065,8 @@ properties: type: object dns: properties: + domain: + type: string emailDomain: type: string targetIPs: @@ -1072,6 +1074,7 @@ properties: type: string type: array required: + - domain - emailDomain - targetIPs type: object @@ -1221,6 +1224,22 @@ properties: type: integer replicaJmapInstanceCount: type: integer + secret: + properties: + adminJWTPublicKey: + type: string + dkimPrivateKey: + type: string + jwtPrivateKey: + type: string + jwtPublicKey: + type: string + required: + - adminJWTPublicKey + - dkimPrivateKey + - jwtPrivateKey + - jwtPublicKey + type: object tls: properties: secretName: diff --git a/charts/inbox-server/values.yaml b/charts/inbox-server/values.yaml index 5c2e495..f9bcd6c 100644 --- a/charts/inbox-server/values.yaml +++ b/charts/inbox-server/values.yaml @@ -3,6 +3,8 @@ dns: # jmapUrl: "jmap.example.com" # adminUrl: "admin.example.com" # smtpHostname: "smtp.example.com" + domain: "example.com" + # in ip mode, the emailDomain is ace.internal, otherwise same as domain emailDomain: "example.com" targetIPs: []