Elgato_dark/console
1
0
Fork 0
mirror of https://github.com/graphql-hive/console synced 2026-04-21 14:37:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

fix(deployment): upgrade contour to latest version (1.33) and update chart url (#7947)

Browse source
This commit is contained in:
Dotan Simha 2026-04-07 14:50:46 +03:00 committed by GitHub
parent ca69b1c59f
commit dae36931f9
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 37 additions and 265 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
deployment/generate.ts
View file

@ -32,7 +32,7 @@ async function generateVectorDevTypes() {
}
async function generateContourTypes() {
const helmValuesFileUrl = `https://raw.githubusercontent.com/bitnami/charts/contour/${CONTOUR_CHART.version}/bitnami/contour/values.yaml`;
const helmValuesFileUrl = `https://raw.githubusercontent.com/projectcontour/helm-charts/refs/tags/contour-${CONTOUR_CHART.version}/charts/contour/values.yaml`;
const valuesFile = await fetch(helmValuesFileUrl).then(r => r.text());
const valuesTempFile = fileSync();

242
deployment/utils/contour.types.ts
View file

@ -263,168 +263,6 @@ export interface ContourValues {
};
[k: string]: unknown;
};
defaultBackend?: {
affinity?: {
[k: string]: unknown;
};
args?: unknown[];
command?: unknown[];
containerPorts?: {
http?: number;
[k: string]: unknown;
};
containerSecurityContext?: {
allowPrivilegeEscalation?: boolean;
capabilities?: {
drop?: string[];
[k: string]: unknown;
};
enabled?: boolean;
privileged?: boolean;
readOnlyRootFilesystem?: boolean;
runAsGroup?: number;
runAsNonRoot?: boolean;
runAsUser?: number;
seLinuxOptions?: {
[k: string]: unknown;
};
seccompProfile?: {
type?: string;
[k: string]: unknown;
};
[k: string]: unknown;
};
customLivenessProbe?: {
[k: string]: unknown;
};
customReadinessProbe?: {
[k: string]: unknown;
};
customStartupProbe?: {
[k: string]: unknown;
};
enabled?: boolean;
extraArgs?: {
[k: string]: unknown;
};
extraEnvVars?: unknown[];
extraEnvVarsCM?: string;
extraEnvVarsSecret?: string;
extraVolumeMounts?: unknown[];
extraVolumes?: unknown[];
hostAliases?: unknown[];
image?: {
digest?: string;
pullPolicy?: string;
pullSecrets?: unknown[];
registry?: string;
repository?: string;
tag?: string;
[k: string]: unknown;
};
initContainers?: unknown[];
lifecycleHooks?: {
[k: string]: unknown;
};
livenessProbe?: {
enabled?: boolean;
failureThreshold?: number;
initialDelaySeconds?: number;
periodSeconds?: number;
successThreshold?: number;
timeoutSeconds?: number;
[k: string]: unknown;
};
networkPolicy?: {
allowExternal?: boolean;
allowExternalEgress?: boolean;
enabled?: boolean;
extraEgress?: unknown[];
extraIngress?: unknown[];
ingressNSMatchLabels?: {
[k: string]: unknown;
};
ingressNSPodMatchLabels?: {
[k: string]: unknown;
};
[k: string]: unknown;
};
nodeAffinityPreset?: {
key?: string;
type?: string;
values?: unknown[];
[k: string]: unknown;
};
nodeSelector?: {
[k: string]: unknown;
};
pdb?: {
create?: boolean;
maxUnavailable?: string;
minAvailable?: string;
[k: string]: unknown;
};
podAffinityPreset?: string;
podAnnotations?: {
[k: string]: unknown;
};
podAntiAffinityPreset?: string;
podLabels?: {
[k: string]: unknown;
};
podSecurityContext?: {
enabled?: boolean;
fsGroup?: number;
fsGroupChangePolicy?: string;
supplementalGroups?: unknown[];
sysctls?: unknown[];
[k: string]: unknown;
};
priorityClassName?: string;
readinessProbe?: {
enabled?: boolean;
failureThreshold?: number;
initialDelaySeconds?: number;
periodSeconds?: number;
successThreshold?: number;
timeoutSeconds?: number;
[k: string]: unknown;
};
replicaCount?: number;
resources?: {
[k: string]: unknown;
};
resourcesPreset?: string;
schedulerName?: string;
service?: {
annotations?: {
[k: string]: unknown;
};
ports?: {
http?: number;
[k: string]: unknown;
};
type?: string;
[k: string]: unknown;
};
sidecars?: unknown[];
startupProbe?: {
enabled?: boolean;
failureThreshold?: number;
initialDelaySeconds?: number;
periodSeconds?: number;
successThreshold?: number;
timeoutSeconds?: number;
[k: string]: unknown;
};
terminationGracePeriodSeconds?: number;
tolerations?: unknown[];
topologySpreadConstraints?: unknown[];
updateStrategy?: {
[k: string]: unknown;
};
[k: string]: unknown;
};
diagnosticMode?: {
args?: number[];
command?: string[];
@ -485,6 +323,37 @@ export interface ContourValues {
customStartupProbe?: {
[k: string]: unknown;
};
defaultInitContainers?: {
initConfig?: {
containerSecurityContext?: {
allowPrivilegeEscalation?: boolean;
capabilities?: {
drop?: string[];
[k: string]: unknown;
};
enabled?: boolean;
privileged?: boolean;
readOnlyRootFilesystem?: boolean;
runAsGroup?: number;
runAsNonRoot?: boolean;
runAsUser?: number;
seLinuxOptions?: {
[k: string]: unknown;
};
seccompProfile?: {
type?: string;
[k: string]: unknown;
};
[k: string]: unknown;
};
resources?: {
[k: string]: unknown;
};
resourcesPreset?: string;
[k: string]: unknown;
};
[k: string]: unknown;
};
dnsPolicy?: string;
enabled?: boolean;
extraArgs?: unknown[];
@ -516,30 +385,6 @@ export interface ContourValues {
tag?: string;
[k: string]: unknown;
};
initConfig?: {
containerSecurityContext?: {
allowPrivilegeEscalation?: boolean;
capabilities?: {
drop?: string[];
[k: string]: unknown;
};
enabled?: boolean;
privileged?: boolean;
readOnlyRootFilesystem?: boolean;
runAsGroup?: number;
runAsNonRoot?: boolean;
runAsUser?: number;
seLinuxOptions?: {
[k: string]: unknown;
};
seccompProfile?: {
type?: string;
[k: string]: unknown;
};
[k: string]: unknown;
};
[k: string]: unknown;
};
initContainers?: unknown[];
kind?: string;
lifecycleHooks?: {
@ -796,34 +641,9 @@ export interface ContourValues {
defaultStorageClass?: string;
imagePullSecrets?: unknown[];
imageRegistry?: string;
security?: {
allowInsecureImages?: boolean;
[k: string]: unknown;
};
storageClass?: string;
[k: string]: unknown;
};
ingress?: {
annotations?: {
[k: string]: unknown;
};
apiVersion?: string;
certManager?: boolean;
enabled?: boolean;
extraHosts?: unknown[];
extraPaths?: unknown[];
extraRules?: unknown[];
extraTls?: unknown[];
hostname?: string;
ingressClassName?: string;
path?: string;
pathType?: string;
rulesOverride?: unknown[];
secrets?: unknown[];
selfSigned?: boolean;
tls?: boolean;
[k: string]: unknown;
};
kubeVersion?: string;
metrics?: {
prometheusRule?: {

58
deployment/utils/reverse-proxy.ts
View file

@ -4,7 +4,7 @@ import { ContourValues } from './contour.types';
import { helmChart } from './helm';
// prettier-ignore
export const CONTOUR_CHART = helmChart('https://raw.githubusercontent.com/bitnami/charts/refs/heads/index/bitnami/', 'contour', '20.0.3');
export const CONTOUR_CHART = helmChart('https://projectcontour.github.io/helm-charts/', 'contour', '0.4.0');
export class Proxy {
private lbService: Output<k8s.core.v1.Service> | null = null;
@ -91,22 +91,6 @@ export class Proxy {
| 'RequestHash'
| 'Cookie';
customRewrite?: string;
virtualHost?: Output<string>;
httpsUpstream?: boolean;
withWwwDomain?: boolean;
// https://projectcontour.io/docs/1.29/config/rate-limiting/#local-rate-limiting
rateLimit?: {
// Max amount of request allowed with the "unit" parameter.
maxRequests: number;
unit: 'second' | 'minute' | 'hour';
// defining the number of requests above the baseline rate that are allowed in a short period of time.
// This would allow occasional larger bursts of traffic not to be rate limited.
burst?: number;
// default 429
responseStatusCode?: number;
// headers to add to the response in case of a rate limit
responseHeadersToAdd?: Record<string, string>;
};
}[],
) {
const cert = new k8s.apiextensions.CustomResource(`cert-${dns.record}`, {
@ -159,32 +143,10 @@ export class Proxy {
port: route.service.spec.ports[0].port,
},
],
// https://projectcontour.io/docs/1.31/config/request-routing/
// https://projectcontour.io/docs/1.33/config/request-routing/
loadBalancerPolicy: {
strategy: route.loadBalancerPolicy ?? 'RoundRobin',
},
// https://projectcontour.io/docs/1.29/config/rate-limiting/#local-rate-limiting
rateLimitPolicy: route.rateLimit
? {
local: {
requests: route.rateLimit.maxRequests,
unit: route.rateLimit.unit,
responseHeadersToAdd: [
{
name: 'x-rate-limit-active',
value: 'true',
},
...(route.rateLimit.responseHeadersToAdd
? Object.entries(route.rateLimit.responseHeadersToAdd).map(
([key, value]) => ({ name: key, value }),
)
: []),
],
responseStatusCode: route.rateLimit.responseStatusCode || 429,
burst: route.rateLimit.burst,
},
}
: undefined,
...(route.path === '/'
? {}
: {
@ -318,16 +280,7 @@ export class Proxy {
}
: {}),
},
// Needed because we override the `contour.image.repository` field.
global: {
security: {
allowInsecureImages: true,
},
},
contour: {
image: {
repository: 'bitnamilegacy/contour',
},
podAnnotations: {
'prometheus.io/scrape': 'true',
'prometheus.io/port': '8000',
@ -337,14 +290,13 @@ export class Proxy {
podLabels: {
'vector.dev/exclude': 'true',
},
// Placeholder, see below
resources: {
limits: {},
},
},
envoy: {
image: {
repository: 'bitnamilegacy/envoy',
},
// Placeholder, see below
resources: {
limits: {},
},
@ -386,7 +338,7 @@ export class Proxy {
const proxyController = new k8s.helm.v3.Chart('contour-proxy', {
...CONTOUR_CHART,
namespace: ns.metadata.name,
// https://github.com/bitnami/charts/tree/master/bitnami/contour
// https://artifacthub.io/packages/helm/contour/contour
values: chartValues,
});