Start work on deploying pgAdmin to k8s cluster

Co-authored-by: Mikayla <mikayla@zed.dev>
2024-11-07 20:39:04 +03:00 · 2023-09-12 21:06:43 -07:00 · 2023-09-12 21:06:43 -07:00 · 94db0be3ec
commit 94db0be3ec
parent 54838664ae
2 changed files with 116 additions and 1 deletions
--- a/crates/collab/k8s/manifest.template.yml
+++ b/crates/collab/k8s/manifest.template.yml
@ -22,6 +22,26 @@ spec:
      protocol: TCP
      port: 443
      targetPort: 8080
+
+---
+kind: Service
+apiVersion: v1
+metadata:
+  namespace: ${ZED_KUBE_NAMESPACE}
+  name: pgadmin
+  annotations:
+    service.beta.kubernetes.io/do-loadbalancer-tls-ports: "443"
+    service.beta.kubernetes.io/do-loadbalancer-certificate-id: ${ZED_DO_CERTIFICATE_ID}
+spec:
+  type: LoadBalancer
+  selector:
+    app: pgadmin
+  ports:
+    - name: web
+      protocol: TCP
+      port: 443
+      targetPort: 8080
+
 ---
 apiVersion: apps/v1
 kind: Deployment
@ -118,3 +138,98 @@ spec:
              # FIXME - Switch to the more restrictive `PERFMON` capability.
              # This capability isn't yet available in a stable version of Debian.
              add: ["SYS_ADMIN"]
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  namespace: ${ZED_KUBE_NAMESPACE}
+  name: pgadmin
+
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: pgadmin
+  template:
+    metadata:
+      labels:
+        app: pgadmin
+    spec:
+      securityContext:
+        runAsUser: 0
+      containers:
+        - name: pgadmin
+          image: "dpage/pgadmin4"
+          ports:
+            - containerPort: 8080
+              protocol: TCP
+          livenessProbe:
+            httpGet:
+              path: /misc/ping
+              port: 8080
+            initialDelaySeconds: 30
+            periodSeconds: 5
+            timeoutSeconds: 5
+          readinessProbe:
+            httpGet:
+              path: /misc/ping
+              port: 8080
+            initialDelaySeconds: 1
+            periodSeconds: 1
+          command: ['/bin/sh', '-c']
+          args:
+          - |
+            set -e
+
+            python3 - <<EOF
+            import os
+            import json
+            from urllib.parse import urlparse;
+
+            url = urlparse(os.environ["ZED_DATABASE_URL"])
+            db = url.path[1:]
+
+            with open("/pgadmin4/servers.json", "w") as f:
+              f.write(json.dumps({
+                "Servers": {
+                  "1": {
+                      "Name": "Zed Database",
+                      "Group": "Server Group 1",
+                      "Port": url.port,
+                      "Username": url.username,
+                      "Host": url.hostname,
+                      "SSLMode": "require",
+                      "PassFile": "/pgadmin4/passfile",
+                      "MaintenanceDB": db,
+                  }
+                }
+              }))
+
+            with open("/pgadmin4/passfile", "w") as f:
+              f.write(f"{url.hostname}:{url.port}:*:{url.username}:{url.password}\n")
+            os.chmod("/pgadmin4/passfile", 0o600)
+            EOF
+
+            exec /entrypoint.sh
+
+          env:
+            - name: PGADMIN_LISTEN_PORT
+              value: "8080"
+            - name: ZED_DATABASE_URL
+              valueFrom:
+                secretKeyRef:
+                  name: database
+                  key: url
+            - name: PGADMIN_CONFIG_WTF_CSRF_CHECK_DEFAULT
+              value: "False"
+            - name: PGADMIN_DEFAULT_EMAIL
+              valueFrom:
+                secretKeyRef:
+                  name: pgadmin
+                  key: email
+            - name: PGADMIN_DEFAULT_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: pgadmin
+                  key: password
--- a/script/deploy
+++ b/script/deploy
@ -20,4 +20,4 @@ export ZED_IMAGE_ID=${image_id}
 target_zed_kube_cluster
 envsubst < crates/collab/k8s/manifest.template.yml | kubectl apply -f -

-echo "deployed collab v${version} to ${environment}"
+echo "deployed collab v${version} to ${environment}"