fix: cronicle with kube

charts/kexa-chart/backup/kexa-job.yaml → charts/kexa-chart/backup/kexa-job-simple.yaml

@@ -14,11 +14,14 @@ spec:
         image: "{{ .Values.kexaScript.image }}:{{ .Values.kexaScript.tag }}"
         command: ["pnpm", "run", "start:nobuild"]
         env:
-          - name: POSTGRES_STRING
-            valueFrom:
-              secretKeyRef:
-                name: kexa-secret
-                key: postgres-connection-string
+          - name: POSTGRES_HOST
+            value: "{{ .Values.postgresql.host }}"
+          - name: POSTGRES_USER
+            value: "{{ .Values.postgresql.username }}"
+          - name: POSTGRES_PASSWORD
+            value: "{{ .Values.postgresql.auth.postgresPassword }}"
+          - name: POSTGRES_DB
+            value: "{{ .Values.postgresql.database }}"
         resources:
           limits:
             cpu: "1000m"
@@ -45,8 +48,8 @@ spec:
       restartPolicy: Never
       volumes:
       - name: kexa-config-volume
-        configMap:
-          name: kexa-configuration-files
+        secret:
+          secretName: kexa-configuration-secret
       - name: kexa-env-volume
         secret:
           secretName: kexa-environment-secret

charts/kexa-chart/templates/NOTES.txt

@@ -24,10 +24,10 @@ kubectl port-forward svc/YOUR_RELEASE_NAME-grafana 8080:80
 # All dashboards and database connection to Postgres are already set 
 
 
-### Rundeck dashboard (scheduling) ###
+### Cronicle dashboard (scheduling) ###
 
 # Forwarding port
-kubectl port-forward svc/kexa-helm-rundeck-svc 4440:80
+kubectl port-forward svc/kexa-helm-cronicle-svc 3012:80
 
 #### Kexa Logs ####
 

charts/kexa-chart/templates/cronicle-deployment.yaml

@@ -0,0 +1,113 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: "{{ .Values.appname }}-cronicle"
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: cronicle
+  template:
+    metadata:
+      labels:
+        app: cronicle
+    spec:
+      serviceAccountName: {{ .Values.appname }}-cronicle-sa
+      securityContext:
+        runAsUser: 1000
+        runAsGroup: 3000
+        fsGroup: 2000
+      containers:
+      - name: "{{ .Values.appname }}-cronicle-container"
+        image: "{{ .Values.cronicle.repository }}:{{ .Values.cronicle.tag }}"
+        command:
+          - sh
+          - -c
+          - |
+            chown -R 1000:3000 /opt /opt/cronicle /opt/cronicle/data /opt/cronicle/lib /opt/cronicle/node_modules /opt/cronicle/logs /opt/cronicle/plugins /opt/cronicle/bin/shell-plugin.js && \
+            /opt/cronicle/bin/control.sh setup && /opt/cronicle/bin/control.sh start
+        env:
+          - name: POSTGRES_STRING
+            valueFrom:
+              secretKeyRef:
+                name: kexa-secret
+                key: postgres-connection-string
+        securityContext:
+          runAsUser: 0
+        volumeMounts:
+          - name: kexa-config-volume
+            mountPath: /app/config/default.json
+            subPath: default.json
+            readOnly: false
+          - name: kexa-env-volume
+            mountPath: /app/.env
+            subPath: .env
+            readOnly: false
+          - name: writable-app-volume
+            mountPath: /app/config
+            readOnly: false
+          - name: tmpconfig
+            mountPath: /app/shared
+            readOnly: false
+          - name: localtime
+            mountPath: /etc/localtime
+            readOnly: false
+          - name: timezone
+            mountPath: /etc/timezone
+            readOnly: false
+          - name: data
+            mountPath: /opt/cronicle/data
+            readOnly: false
+          - name: logs
+            mountPath: /opt/cronicle/logs
+            readOnly: false
+          - name: plugins
+            mountPath: /opt/cronicle/plugins
+            readOnly: false
+          - name: docker-socket
+            mountPath: /var/run/docker.sock
+            readOnly: false
+{{- if .Values.kubernetesAddon.enabled }}
+          - name: kubeconfig-volume
+            mountPath: "/app/{{ .Values.kubernetesAddon.mountPath }}"
+            readOnly: false
+{{- end }}
+        resources:
+          limits:
+            cpu: "1000m"
+            memory: "2048Mi"
+          requests:
+            cpu: "500m"
+            memory: "1024Mi"
+      restartPolicy: Always
+      volumes:
+      - name: kexa-config-volume
+        secret:
+          secretName: kexa-configuration-secret
+      - name: kexa-env-volume
+        secret:
+          secretName: kexa-environment-secret
+      - name: writable-app-volume
+        emptyDir: {}
+      - name: tmpconfig
+        emptyDir: {}
+      - name: localtime
+        hostPath:
+          path: /etc/localtime
+      - name: timezone
+        hostPath:
+          path: /etc/timezone
+      - name: docker-socket
+        hostPath:
+          path: /var/run/guest-services/docker.sock
+      - name: data
+        emptyDir: {}
+      - name: logs
+        emptyDir: {}
+      - name: plugins
+        emptyDir: {}
+{{- if .Values.kubernetesAddon.enabled }}
+      - name: kubeconfig-volume
+        secret:
+          secretName: kubeconfig-secret
+{{- end }}

charts/kexa-chart/templates/cronicle-role.yaml

@@ -0,0 +1,18 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  namespace: {{ .Values.namespace }}
+  name: {{ .Values.appname }}-cronicle-role
+rules:
+- apiGroups: [""]
+  resources: ["pods"]
+  verbs: ["get", "list", "watch"]
+- apiGroups: [""]
+  resources: ["pods/log"]
+  verbs: ["get", "list", "watch"]
+- apiGroups: ["batch"]
+  resources: ["jobs"]
+  verbs: ["get", "create", "delete", "watch"]
+- apiGroups: ["batch"]
+  resources: ["cronjobs"]
+  verbs: ["get", "watch"]

charts/kexa-chart/templates/cronicle-sa-binding.yaml

@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ .Values.appname }}-cronicle-role-binding
+  namespace: {{ .Values.namespace }}
+subjects:
+- kind: ServiceAccount
+  name: {{ .Values.appname }}-cronicle-sa
+  namespace: {{ .Values.namespace }}
+roleRef:
+  kind: Role
+  name: {{ .Values.appname }}-cronicle-role
+  apiGroup: rbac.authorization.k8s.io

charts/kexa-chart/templates/cronicle-service-account.yaml

@@ -0,0 +1,5 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Values.appname }}-cronicle-sa
+  namespace: {{ .Values.namespace }}

charts/kexa-chart/templates/cronicle-service.yaml

@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: "{{ .Values.appname }}-cronicle-svc"
+spec:
+  selector:
+    app: cronicle
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 3012

charts/kexa-chart/templates/kexa-job.yaml

@@ -3,7 +3,7 @@ kind: CronJob
 metadata:
   name: "{{ .Values.appname }}-job"
 spec:
-  schedule: "*/10 * * * *"
+  schedule: "0 0 29 2 1"  # Use "0 0 29 2 1" for never if you're using the Cronicle scheduler
   jobTemplate:
     spec:
       template:

charts/kexa-chart/values.yaml

@@ -140,4 +140,23 @@ kexaScript:
     type: postgres
     name: "Clever Cloud Postgresql"
     urlName: postgres_connect
-    description: "Database to save the data (clever-cloud)"
+    description: "Database to save the data (clever-cloud)"
+
+
+cronicle:
+  repository: innovtech/kexa-cronicle
+  tag: latest
+  envFile: .env
+  volumes:
+    tmpconfig:
+      mountPath: /app/shared
+    localtime:
+      mountPath: /etc/localtime
+    timezone:
+      mountPath: /etc/timezone
+    data:
+      mountPath: /opt/cronicle/data
+    logs:
+      mountPath: /opt/cronicle/logs
+    plugins:
+      mountPath: /opt/cronicle/plugins

cronicle/Dockerfile

@@ -1,8 +1,21 @@
 FROM soulteary/cronicle
 
 RUN apk update && \
-    apk add docker-cli
+    apk add docker-cli curl
 
-RUN adduser cronicle docker
+RUN adduser -S cronicle docker
+
+
+RUN curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
+RUN chmod +x ./kubectl
+RUN mv ./kubectl /usr/local/bin
+
+# RUN chown -R 1000:3000 /opt || true && \
+#     chmod -R u+rwx,g+rwx /opt || true
+
+# RUN chown -R 1000:3000 / || true && \
+#     chmod -R u+rwx,g+rwx / || true
+
+# RUN chmod +wrx /opt/cronicle/bin/shell-plugin.js
 
 ENV DOCKER_CLI_VERSION=23.0.3

cronicle/config/default.json

@@ -0,0 +1,19 @@
+{
+    "azure":[
+        {
+            "description": "organization 4urcloud",
+            "prefix": "AZUREPROJ1_",
+            "rules": [
+                "azureBenchmarkRules"
+            ]
+        }
+    ],
+    "save": [
+        {
+            "type": "postgres",
+            "name": "Clever Cloud Postgresql",
+            "urlName": "postgres_connect",
+            "description": "Database to save the data (clever-cloud)"
+        }
+    ]
+}

cronicle/jobCronicleScriptKubernetes.sh

@@ -0,0 +1,54 @@
+#!/bin/sh
+
+# Enter your shell script code here
+
+DATE_STAMP=`date "+%Y-%m-%d"`
+
+YOUR_RELEASE_NAME="kexa-helm"
+
+
+
+JOB_NAME="kexa-job-run-$DATE_STAMP"
+
+kubectl delete job $JOB_NAME
+
+kubectl create job --from=cronjob/$YOUR_RELEASE_NAME-job $JOB_NAME
+
+# wait for pod to start before following logs
+
+while true; do
+    STATUS=$(kubectl get job $JOB_NAME -o jsonpath='{.status.conditions[?(@.type=="Complete")].status}')
+
+    if [ "$STATUS" = "Pending" ]; then
+        echo "Waiting for job to start..."
+        sleep 2
+    else
+        break
+    fi
+
+done
+
+
+kubectl logs -f job/$JOB_NAME
+
+
+while true; do
+    STATUS=$(kubectl get job $JOB_NAME -o jsonpath='{.status.conditions[?(@.type=="Complete")].status}')
+
+    if [ "$STATUS" = "True" ]; then
+        echo "Job completed successfully."
+        break
+    fi
+
+    FAILED_STATUS=$(kubectl get job $JOB_NAME -o jsonpath='{.status.conditions[?(@.type=="Failed")].status}')
+    if [ "$FAILED_STATUS" = "True" ]; then
+        echo "Job failed."
+        exit 1
+    fi
+
+    sleep 5
+done
+
+kubectl delete job $JOB_NAME
+
+exit 0