From 2cb056b0760e4b9729074cc14113ac88d60562d5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakub=20Tr=C4=85d?= Date: Wed, 24 Jan 2024 17:15:24 +0100 Subject: [PATCH] Remove unused helm chart & values (#679) --- deploy/Chart.yaml | 18 - deploy/batching-main-stage.values.yaml | 20 - deploy/dashboard.json | 818 --------------------- deploy/generate.py | 25 - deploy/main-stage.values.yaml | 14 - deploy/prod.values.yaml | 9 - deploy/stage-manual.values.yaml | 13 - deploy/templates/NOTES.txt | 5 - deploy/templates/_helpers.tpl | 67 -- deploy/templates/base-auth-middleware.yaml | 8 - deploy/templates/cors.yaml | 20 - deploy/templates/ebs-volumes.yaml | 43 -- deploy/templates/ebs-wipe.yaml | 30 - deploy/templates/headless-service.yaml | 17 - deploy/templates/ingress.yaml | 70 -- deploy/templates/network-policy.yaml | 28 - deploy/templates/service.yaml | 17 - deploy/templates/statefulset.yaml | 129 ---- deploy/values.yaml | 44 -- 19 files changed, 1395 deletions(-) delete mode 100644 deploy/Chart.yaml delete mode 100644 deploy/batching-main-stage.values.yaml delete mode 100644 deploy/dashboard.json delete mode 100755 deploy/generate.py delete mode 100644 deploy/main-stage.values.yaml delete mode 100644 deploy/prod.values.yaml delete mode 100644 deploy/stage-manual.values.yaml delete mode 100644 deploy/templates/NOTES.txt delete mode 100644 deploy/templates/_helpers.tpl delete mode 100644 deploy/templates/base-auth-middleware.yaml delete mode 100644 deploy/templates/cors.yaml delete mode 100644 deploy/templates/ebs-volumes.yaml delete mode 100644 deploy/templates/ebs-wipe.yaml delete mode 100644 deploy/templates/headless-service.yaml delete mode 100644 deploy/templates/ingress.yaml delete mode 100644 deploy/templates/network-policy.yaml delete mode 100644 deploy/templates/service.yaml delete mode 100644 deploy/templates/statefulset.yaml delete mode 100644 deploy/values.yaml diff --git a/deploy/Chart.yaml b/deploy/Chart.yaml deleted file mode 100644 index d5982dc5..00000000 --- a/deploy/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Do not edit, this file is automatically generated using open("../Cargo.toml", 'r').py -apiVersion: v2 -version: "0.1.0" -name: signup-sequencer -appVersion: "0.1.0" -description: "A tool that processes WorldID signups on-chain." -home: https://github.com/worldcoin/signup-sequencer -sources: - - https://github.com/worldcoin/signup-sequencer -keywords: - - worldcoin - - protocol - - signup -maintainers: - - name: Remco Bloemen - email: remco@worldcoin.org - - name: Lucas Ege - email: lucas@worldcoin.org diff --git a/deploy/batching-main-stage.values.yaml b/deploy/batching-main-stage.values.yaml deleted file mode 100644 index 10061602..00000000 --- a/deploy/batching-main-stage.values.yaml +++ /dev/null @@ -1,20 +0,0 @@ -# main-stage helm env values override -environment: stage -ingress: - host: signup-v2.stage-crypto.worldcoin.dev -persistentStorage: - volumeID: aws://us-east-1a/vol-079e4d29069fba502 -#wipeDisk: true -# Env values can be strings (to be prefixed with `value:`) or objects -env: - LOG_FILTER: "ethers_providers::provider=debug" -# WIPE_STORAGE: "true" - MAX_LOG_BLOCKS: "1000000" - STARTING_BLOCK: "0" - CREATE_GROUP_DEPTH: "20" - TREE_DEPTH: 20 - DENSE_TREE_PREFIX_DEPTH: 18 - # This is way too low for any practical use, but we're trying to stress-test GC. - TREE_GC_THRESHOLD: 20 - IDENTITY_MANAGER_ADDRESS: "0x025b71c2D32A29b419A359632C8050cf82F7308B" - PROVER_URLS: '[{"url": "https://semaphore-mtb.internal.stage-crypto.worldcoin.dev","batch_size": 10,"timeout_s": 30}]' diff --git a/deploy/dashboard.json b/deploy/dashboard.json deleted file mode 100644 index 73a30e4e..00000000 --- a/deploy/dashboard.json +++ /dev/null @@ -1,818 +0,0 @@ -{ - "title": "Semaphore-Sequencer", - "description": "## Title\n\nDescribe this dashboard. Add links to other dashboards, monitors, wikis, and docs to help your teammates. Markdown is supported.\n\n- [This might link to a dashboard](#)\n- [This might link to a wiki](#)", - "widgets": [ - { - "id": 6502935940348600, - "definition": { - "title": "Semaphore Sequencer $env.value", - "type": "group", - "background_color": "vivid_green", - "show_title": true, - "layout_type": "ordered", - "widgets": [ - { - "id": 4464237198422304, - "definition": { - "title": "Service health", - "type": "trace_service", - "env": "$env", - "service": "signup-service", - "span_name": "http.request", - "show_hits": true, - "show_errors": true, - "show_latency": true, - "show_breakdown": true, - "show_distribution": true, - "show_resource_list": false, - "size_format": "medium", - "display_format": "two_column" - }, - "layout": { - "x": 0, - "y": 0, - "width": 7, - "height": 9 - } - }, - { - "id": 4188230667362648, - "definition": { - "title": "Warnings and Errors", - "title_size": "16", - "title_align": "left", - "type": "log_stream", - "indexes": [], - "query": "service:signup-sequencer $env @level:(WARN OR ERROR)", - "sort": { - "column": "time", - "order": "desc" - }, - "columns": [ - "@fields.message" - ], - "show_date_column": true, - "show_message_column": false, - "message_display": "inline" - }, - "layout": { - "x": 7, - "y": 0, - "width": 5, - "height": 6 - } - }, - { - "id": 5923440889362715, - "definition": { - "title": "Events", - "title_size": "16", - "title_align": "left", - "type": "event_stream", - "query": "service:signup-sequencer $env", - "tags_execution": "and", - "event_size": "s" - }, - "layout": { - "x": 7, - "y": 6, - "width": 5, - "height": 3 - } - } - ] - }, - "layout": { - "x": 0, - "y": 0, - "width": 12, - "height": 10 - } - }, - { - "id": 3541089206753020, - "definition": { - "title": "API", - "type": "group", - "show_title": true, - "layout_type": "ordered", - "widgets": [] - }, - "layout": { - "x": 0, - "y": 10, - "width": 12, - "height": 1 - } - }, - { - "id": 4047260648913815, - "definition": { - "title": "Ethereum", - "type": "group", - "show_title": true, - "layout_type": "ordered", - "widgets": [ - { - "id": 1012005377109785, - "definition": { - "title": "RPC Usage", - "title_size": "16", - "title_align": "left", - "type": "toplist", - "requests": [ - { - "formulas": [ - { - "formula": "query1", - "limit": { - "count": 500, - "order": "desc" - } - } - ], - "response_format": "scalar", - "queries": [ - { - "query": "sum:signup_sequencer.eth_rpc_requests.count{$env} by {method}.as_count()", - "data_source": "metrics", - "name": "query1", - "aggregator": "sum" - } - ] - } - ] - }, - "layout": { - "x": 0, - "y": 0, - "width": 2, - "height": 3 - } - }, - { - "id": 1815518004718576, - "definition": { - "title": "RPC Latency", - "title_size": "16", - "title_align": "left", - "show_legend": false, - "time": {}, - "type": "distribution", - "xaxis": { - "max": "auto", - "scale": "linear", - "min": "auto", - "include_zero": true - }, - "yaxis": { - "max": "auto", - "scale": "linear", - "min": "auto", - "include_zero": true - }, - "requests": [ - { - "q": "sum:signup_sequencer.eth_rpc_latency_seconds.bucket{$env} by {upper_bound}.as_count()", - "style": { - "palette": "dog_classic" - } - } - ] - }, - "layout": { - "x": 2, - "y": 0, - "width": 5, - "height": 3 - } - }, - { - "id": 5006001997997875, - "definition": { - "title": "RPC Latency", - "title_size": "16", - "title_align": "left", - "show_legend": false, - "time": {}, - "type": "heatmap", - "requests": [ - { - "q": "sum:signup_sequencer.eth_rpc_latency_seconds.bucket{$env} by {upper_bound}.as_count()", - "style": { - "palette": "dog_classic" - } - } - ] - }, - "layout": { - "x": 7, - "y": 0, - "width": 5, - "height": 3 - } - }, - { - "id": 5096091517005262, - "definition": { - "title": "RPC Latency (seconds)", - "title_size": "16", - "title_align": "left", - "time": {}, - "type": "query_table", - "requests": [ - { - "queries": [ - { - "data_source": "metrics", - "name": "query1", - "query": "sum:signup_sequencer.eth_rpc_latency_seconds.bucket{$env} by {upper_bound}.as_count()", - "aggregator": "sum" - } - ], - "formulas": [ - { - "conditional_formats": [], - "cell_display_mode": "bar", - "alias": "RPC Latency (count)", - "formula": "query1", - "limit": { - "count": 500, - "order": "desc" - } - } - ], - "response_format": "scalar" - } - ], - "has_search_bar": "auto" - }, - "layout": { - "x": 0, - "y": 3, - "width": 4, - "height": 4 - } - } - ] - }, - "layout": { - "x": 0, - "y": 11, - "width": 12, - "height": 8 - } - }, - { - "id": 5502033476559646, - "definition": { - "title": "Process health", - "type": "group", - "show_title": true, - "layout_type": "ordered", - "widgets": [ - { - "id": 86279002124355, - "definition": { - "title": "Open file descriptors", - "title_size": "16", - "title_align": "left", - "time": {}, - "type": "query_value", - "requests": [ - { - "formulas": [ - { - "formula": "query1" - } - ], - "response_format": "scalar", - "queries": [ - { - "query": "sum:signup_sequencer.process_open_fds{$env}", - "data_source": "metrics", - "name": "query1", - "aggregator": "last" - } - ] - } - ], - "autoscale": true, - "precision": 2, - "timeseries_background": { - "type": "bars" - } - }, - "layout": { - "x": 0, - "y": 0, - "width": 2, - "height": 2 - } - }, - { - "id": 1279376680672366, - "definition": { - "title": "Threads", - "title_size": "16", - "title_align": "left", - "time": {}, - "type": "query_value", - "requests": [ - { - "formulas": [ - { - "formula": "query1" - } - ], - "response_format": "scalar", - "queries": [ - { - "query": "sum:signup_sequencer.process_threads{$env}", - "data_source": "metrics", - "name": "query1", - "aggregator": "last" - } - ] - } - ], - "autoscale": true, - "precision": 2, - "timeseries_background": { - "type": "bars", - "yaxis": {} - } - }, - "layout": { - "x": 2, - "y": 0, - "width": 2, - "height": 2 - } - }, - { - "id": 2365615892302591, - "definition": { - "title": "Resident memory", - "title_size": "16", - "title_align": "left", - "type": "query_value", - "requests": [ - { - "formulas": [ - { - "formula": "query1" - } - ], - "response_format": "scalar", - "queries": [ - { - "query": "avg:signup_sequencer.process_resident_memory_bytes{*}", - "data_source": "metrics", - "name": "query1", - "aggregator": "avg" - } - ] - } - ], - "autoscale": true, - "custom_unit": "B", - "precision": 2, - "timeseries_background": { - "type": "area" - } - }, - "layout": { - "x": 4, - "y": 0, - "width": 2, - "height": 2 - } - }, - { - "id": 1770463757789692, - "definition": { - "title": "Start time", - "title_size": "16", - "title_align": "left", - "type": "query_value", - "requests": [ - { - "formulas": [ - { - "formula": "query1" - } - ], - "response_format": "scalar", - "queries": [ - { - "query": "avg:signup_sequencer.process_start_time_seconds{*}", - "data_source": "metrics", - "name": "query1", - "aggregator": "last" - } - ] - } - ], - "autoscale": true, - "custom_unit": "s", - "precision": 2, - "timeseries_background": { - "type": "area" - } - }, - "layout": { - "x": 6, - "y": 0, - "width": 2, - "height": 2 - } - }, - { - "id": 165906758016912, - "definition": { - "title": "Allocation size distribution", - "title_size": "16", - "title_align": "left", - "show_legend": false, - "time": {}, - "type": "heatmap", - "requests": [ - { - "q": "sum:signup_sequencer.mem_alloc_size.bucket{$env} by {upper_bound}.as_count()", - "style": { - "palette": "dog_classic" - } - } - ] - }, - "layout": { - "x": 8, - "y": 0, - "width": 4, - "height": 2 - } - }, - { - "id": 8568624580236067, - "definition": { - "title": "Max FDs", - "title_size": "16", - "title_align": "left", - "time": {}, - "type": "query_value", - "requests": [ - { - "formulas": [ - { - "formula": "query1" - } - ], - "response_format": "scalar", - "queries": [ - { - "query": "sum:signup_sequencer.process_max_fds{$env}", - "data_source": "metrics", - "name": "query1", - "aggregator": "last" - } - ] - } - ], - "autoscale": true, - "precision": 2, - "timeseries_background": { - "type": "bars" - } - }, - "layout": { - "x": 0, - "y": 2, - "width": 2, - "height": 2 - } - }, - { - "id": 6336318099394316, - "definition": { - "title": "Processor usage", - "title_size": "16", - "title_align": "left", - "type": "query_value", - "requests": [ - { - "formulas": [ - { - "formula": "query1 * 100" - } - ], - "response_format": "scalar", - "queries": [ - { - "query": "sum:signup_sequencer.process_cpu_seconds.count{$env}.as_count()", - "data_source": "metrics", - "name": "query1", - "aggregator": "avg" - } - ] - } - ], - "autoscale": true, - "custom_unit": "%", - "precision": 2, - "timeseries_background": { - "type": "area", - "yaxis": { - "include_zero": true - } - } - }, - "layout": { - "x": 2, - "y": 2, - "width": 2, - "height": 2 - } - }, - { - "id": 3812755622569670, - "definition": { - "title": "Virtual memory", - "title_size": "16", - "title_align": "left", - "type": "query_value", - "requests": [ - { - "formulas": [ - { - "formula": "query1" - } - ], - "response_format": "scalar", - "queries": [ - { - "query": "avg:signup_sequencer.process_virtual_memory_bytes{*}", - "data_source": "metrics", - "name": "query1", - "aggregator": "avg" - } - ] - } - ], - "autoscale": true, - "custom_unit": "B", - "precision": 2, - "timeseries_background": { - "type": "area" - } - }, - "layout": { - "x": 4, - "y": 2, - "width": 2, - "height": 2 - } - }, - { - "id": 3811480262801180, - "definition": { - "title": "Allocated memory", - "title_size": "16", - "title_align": "left", - "type": "query_value", - "requests": [ - { - "formulas": [ - { - "formula": "query1 - query2" - } - ], - "response_format": "scalar", - "queries": [ - { - "query": "sum:signup_sequencer.mem_alloc.count{$env}.as_count()", - "data_source": "metrics", - "name": "query1", - "aggregator": "last" - }, - { - "query": "sum:signup_sequencer.mem_free.count{$env}.as_count()", - "data_source": "metrics", - "name": "query2", - "aggregator": "last" - } - ] - } - ], - "autoscale": true, - "custom_unit": "B", - "precision": 2, - "timeseries_background": { - "type": "bars" - } - }, - "layout": { - "x": 6, - "y": 2, - "width": 2, - "height": 2 - } - }, - { - "id": 7373097330942432, - "definition": { - "title": "Allocations", - "title_size": "16", - "title_align": "left", - "show_legend": true, - "legend_layout": "auto", - "legend_columns": [ - "avg", - "min", - "max", - "value", - "sum" - ], - "time": {}, - "type": "timeseries", - "requests": [ - { - "formulas": [ - { - "alias": "Alllocated", - "formula": "query1" - } - ], - "response_format": "timeseries", - "queries": [ - { - "query": "sum:signup_sequencer.mem_alloc.count{$env}.as_count()", - "data_source": "metrics", - "name": "query1" - } - ], - "style": { - "palette": "warm", - "line_type": "solid", - "line_width": "normal" - }, - "display_type": "bars" - } - ], - "yaxis": { - "include_zero": false - } - }, - "layout": { - "x": 8, - "y": 2, - "width": 4, - "height": 2 - } - }, - { - "id": 2992225094945900, - "definition": { - "title": "Allocations and frees", - "title_size": "16", - "title_align": "left", - "show_legend": true, - "legend_layout": "auto", - "legend_columns": [ - "avg", - "min", - "max", - "value", - "sum" - ], - "time": {}, - "type": "timeseries", - "requests": [ - { - "on_right_yaxis": false, - "formulas": [ - { - "alias": "Freed", - "formula": "query0" - } - ], - "queries": [ - { - "query": "sum:signup_sequencer.mem_free.count{$env}.as_count()", - "data_source": "metrics", - "name": "query0" - } - ], - "response_format": "timeseries", - "style": { - "palette": "green", - "line_type": "solid", - "line_width": "normal" - }, - "display_type": "bars" - } - ], - "yaxis": { - "include_zero": false - } - }, - "layout": { - "x": 8, - "y": 4, - "width": 4, - "height": 2 - } - } - ] - }, - "layout": { - "x": 0, - "y": 19, - "width": 12, - "height": 7, - "is_column_break": true - } - }, - { - "id": 8314695745451170, - "definition": { - "title": "Pod health", - "type": "group", - "show_title": true, - "layout_type": "ordered", - "widgets": [ - { - "id": 8418830206606902, - "definition": { - "title": "CPU Usage", - "title_size": "16", - "title_align": "left", - "show_legend": true, - "legend_layout": "auto", - "legend_columns": [ - "avg", - "min", - "max", - "value", - "sum" - ], - "type": "timeseries", - "requests": [ - { - "formulas": [ - { - "alias": "CPU Usage", - "formula": "query1" - } - ], - "response_format": "timeseries", - "queries": [ - { - "query": "avg:system.cpu.user{$env}", - "data_source": "metrics", - "name": "query1" - } - ], - "style": { - "palette": "dog_classic", - "line_type": "solid", - "line_width": "normal" - }, - "display_type": "line" - } - ] - }, - "layout": { - "x": 0, - "y": 0, - "width": 4, - "height": 2 - } - } - ] - }, - "layout": { - "x": 0, - "y": 26, - "width": 12, - "height": 3 - } - } - ], - "template_variables": [ - { - "name": "env", - "default": "prod", - "prefix": "env", - "available_values": [ - "prod", - "stage" - ] - } - ], - "layout_type": "ordered", - "is_read_only": false, - "notify_list": [], - "reflow_type": "fixed", - "id": "mq2-inx-yam" -} diff --git a/deploy/generate.py b/deploy/generate.py deleted file mode 100755 index 1725619b..00000000 --- a/deploy/generate.py +++ /dev/null @@ -1,25 +0,0 @@ -#!/usr/bin/env python3 -import os -import re -import toml -os.chdir(os.path.dirname(os.path.abspath(__file__))) -pkg = toml.load("../Cargo.toml")['package'] - -print(f"""\ -# Do not edit, this file is automatically generated using open("../Cargo.toml", 'r').py -apiVersion: v2 -version: "0.1.0" -name: {pkg['name']} -appVersion: "{pkg['version']}" -description: "{pkg['description']}" -home: {pkg['homepage']} -sources: - - {pkg['repository']} -keywords:\ -""") -for keyword in pkg['keywords']: - print(f" - {keyword}") -print(f"maintainers:") -for author in pkg['authors']: - author = re.match(r'(.+)\s+<(.+)>', author) - print(f" - name: {author[1]}\n email: {author[2]}") diff --git a/deploy/main-stage.values.yaml b/deploy/main-stage.values.yaml deleted file mode 100644 index 7350c926..00000000 --- a/deploy/main-stage.values.yaml +++ /dev/null @@ -1,14 +0,0 @@ -# main-stage helm env values override -environment: stage -ingress: - host: signup.stage-crypto.worldcoin.dev -persistentStorage: - volumeID: aws://us-east-1a/vol-0af0c762d4294742a -wipeDisk: true -# Env values can be strings (to be prefixed with `value:`) or objects -env: - LOG_FILTER: "ethers_providers::provider=debug" - WIPE_STORAGE: "true" - MAX_LOG_BLOCKS: "1000000" - STARTING_BLOCK: "0" - CREATE_GROUP_DEPTH: "20" diff --git a/deploy/prod.values.yaml b/deploy/prod.values.yaml deleted file mode 100644 index 3f2ec698..00000000 --- a/deploy/prod.values.yaml +++ /dev/null @@ -1,9 +0,0 @@ -# prod helm env override -environment: prod -# Env values can be strings (to be prefixed with `value:`) or objects -env: - LOG_FILTER: "ethers_providers::provider=debug" - WIPE_STORAGE: "true" - MAX_LOG_BLOCKS: "10000" - STARTING_BLOCK: "27829300" - PRIORITY_FEE_MULTIPLIER_PERCENTAGE: "200" diff --git a/deploy/stage-manual.values.yaml b/deploy/stage-manual.values.yaml deleted file mode 100644 index 8096ce88..00000000 --- a/deploy/stage-manual.values.yaml +++ /dev/null @@ -1,13 +0,0 @@ -#stage-manual helm env override -environment: stage -ingress: - host: signup.stage-crypto.worldcoin.dev -persistentStorage: - volumeID: aws://us-east-1a/vol-0af0c762d4294742a -wipeDisk: true -# Env values can be strings (to be prefixed with `value:`) or objects -env: - WIPE_STORAGE: "true" - MAX_LOG_BLOCKS: "1000000" - STARTING_BLOCK: "0" - CREATE_GROUP_DEPTH: "20" diff --git a/deploy/templates/NOTES.txt b/deploy/templates/NOTES.txt deleted file mode 100644 index ebf3a55f..00000000 --- a/deploy/templates/NOTES.txt +++ /dev/null @@ -1,5 +0,0 @@ -1. Get the application URL by running these commands: - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "mychart.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT diff --git a/deploy/templates/_helpers.tpl b/deploy/templates/_helpers.tpl deleted file mode 100644 index 2a40660a..00000000 --- a/deploy/templates/_helpers.tpl +++ /dev/null @@ -1,67 +0,0 @@ -{{/* -Expand the name of the chart. -*/}} -{{- define "mychart.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "mychart.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "mychart.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "mychart.labels" -}} -helm.sh/chart: {{ include "mychart.chart" . }} -{{ include "mychart.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -app.kubernetes.io/component: {{ .Values.labels.component | default .Chart.Name | quote }} -app.kubernetes.io/part-of: {{ .Values.labels.partOf | quote }} -{{- if .Values.labels.createdBy }} -app.kubernetes.io/created-by: {{ .Values.labels.createdBy | quote }} -{{- end }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "mychart.selectorLabels" -}} -app.kubernetes.io/name: {{ include "mychart.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "mychart.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "mychart.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} diff --git a/deploy/templates/base-auth-middleware.yaml b/deploy/templates/base-auth-middleware.yaml deleted file mode 100644 index 32ce0a00..00000000 --- a/deploy/templates/base-auth-middleware.yaml +++ /dev/null @@ -1,8 +0,0 @@ -## Temporary auth remove soon -apiVersion: traefik.containo.us/v1alpha1 -kind: Middleware -metadata: - name: {{ include "mychart.fullname" . }}-basic-auth -spec: - basicAuth: - secret: {{ include "mychart.fullname" . }}-basic-auth-secret diff --git a/deploy/templates/cors.yaml b/deploy/templates/cors.yaml deleted file mode 100644 index 059a552d..00000000 --- a/deploy/templates/cors.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if .Values.ingress.cors.enabled }} -apiVersion: traefik.containo.us/v1alpha1 -kind: Middleware -metadata: - name: cors - namespace: {{ .Release.Namespace }} -spec: - headers: - accessControlAllowMethods: - - "GET" - - "OPTIONS" - - "POST" - accessControlAllowOriginList: - - "*" - accessControlAllowHeaders: - - "content-type" - - "authorization" - accessControlMaxAge: 100 - addVaryHeader: true -{{- end }} diff --git a/deploy/templates/ebs-volumes.yaml b/deploy/templates/ebs-volumes.yaml deleted file mode 100644 index f5bd77d9..00000000 --- a/deploy/templates/ebs-volumes.yaml +++ /dev/null @@ -1,43 +0,0 @@ -{{- if .Values.persistentStorage.enabled }} -apiVersion: v1 -kind: PersistentVolume -metadata: - name: {{ include "mychart.fullname" . }} - labels: - {{- include "mychart.labels" . | nindent 4 }} -spec: - accessModes: - - ReadWriteOnce - storageClassName: gp2 - awsElasticBlockStore: - fsType: ext4 - volumeID: {{ .Values.persistentStorage.volumeID }} - capacity: - storage: {{ .Values.persistentStorage.size }} - persistentVolumeReclaimPolicy: Retain - nodeAffinity: - required: - nodeSelectorTerms: - - matchExpressions: - - key: topology.kubernetes.io/zone - operator: In - values: - - {{ regexFind "\\w+-\\w+-\\w+" .Values.persistentStorage.volumeID }} # aws://us-east-1c/vol-aabbcc123 => us-east-1c - claimRef: - name: {{ include "mychart.fullname" . }} - namespace: {{ .Release.Namespace }} ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ include "mychart.fullname" . }} - labels: - {{- include "mychart.labels" . | nindent 4 }} -spec: - accessModes: - - ReadWriteOnce - storageClassName: gp2 - resources: - requests: - storage: {{ .Values.persistentStorage.size }} -{{- end }} diff --git a/deploy/templates/ebs-wipe.yaml b/deploy/templates/ebs-wipe.yaml deleted file mode 100644 index 991ada9c..00000000 --- a/deploy/templates/ebs-wipe.yaml +++ /dev/null @@ -1,30 +0,0 @@ -{{ if .Values.wipeDisk }} -apiVersion: batch/v1 -kind: Job -metadata: - name: ebs-wipe - annotations: - # This is what defines this resource as a hook. Without this line, the - # job is considered part of the release. - "helm.sh/hook": pre-install - "helm.sh/hook-weight": "3" -spec: - completions: 1 - parallelism: 1 - backoffLimit: 3 - ttlSecondsAfterFinished: 0 - template: - spec: - restartPolicy: Never - volumes: - - name: storage - persistentVolumeClaim: - claimName: {{ include "mychart.fullname" . }} - containers: - - name: disk-wiper - image: busybox - command: ["rm", "-rf", "/volume/*"] - volumeMounts: - - name: storage - mountPath: "/volume" -{{ end }} diff --git a/deploy/templates/headless-service.yaml b/deploy/templates/headless-service.yaml deleted file mode 100644 index e4cacd2f..00000000 --- a/deploy/templates/headless-service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if not .Values.canary.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "mychart.fullname" . }}-headless - labels: - {{- include "mychart.labels" . | nindent 4 }} -spec: - clusterIP: None - selector: - app: {{ include "mychart.fullname" . }} - ports: - - name: api - protocol: TCP - port: 80 - targetPort: api -{{- end }} diff --git a/deploy/templates/ingress.yaml b/deploy/templates/ingress.yaml deleted file mode 100644 index eafbc296..00000000 --- a/deploy/templates/ingress.yaml +++ /dev/null @@ -1,70 +0,0 @@ -{{- if not .Values.canary.enabled }} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ include "mychart.fullname" . }} - annotations: - kubernetes.io/ingress.class: traefik - ingress.kubernetes.io/protocol: http - traefik.frontend.rule.type: PathPrefix - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.middlewares: {{ .Release.Namespace }}-cors@kubernetescrd, {{ .Release.Namespace }}-{{ .Release.Name }}-basic-auth@kubernetescrd -spec: - rules: - - host: {{ .Values.ingress.host }} - http: - paths: - - path: /insertIdentity - pathType: Prefix - backend: - service: - name: "{{ include "mychart.fullname" . }}" - port: - name: api ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ include "mychart.fullname" . }}-proof - annotations: - kubernetes.io/ingress.class: traefik - ingress.kubernetes.io/protocol: http - traefik.frontend.rule.type: PathPrefix - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.middlewares: {{ .Release.Namespace }}-cors@kubernetescrd -spec: - rules: - - host: {{ .Values.ingress.host }} - http: - paths: - - path: /inclusionProof - pathType: Prefix - backend: - service: - name: "{{ include "mychart.fullname" . }}" - port: - name: api ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ include "mychart.fullname" . }}-verify-semaphore-proof - annotations: - kubernetes.io/ingress.class: traefik - ingress.kubernetes.io/protocol: http - traefik.frontend.rule.type: PathPrefix - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.middlewares: {{ .Release.Namespace }}-cors@kubernetescrd -spec: - rules: - - host: {{ .Values.ingress.host }} - http: - paths: - - path: /verifySemaphoreProof - pathType: Prefix - backend: - service: - name: "{{ include "mychart.fullname" . }}" - port: - name: api -{{- end }} diff --git a/deploy/templates/network-policy.yaml b/deploy/templates/network-policy.yaml deleted file mode 100644 index 244c1998..00000000 --- a/deploy/templates/network-policy.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: {{ include "mychart.fullname" . }} - labels: - {{- include "mychart.labels" . | nindent 4 }} -spec: - podSelector: - matchLabels: - app: {{ include "mychart.fullname" . }} - policyTypes: - - Ingress - - Egress - ingress: - - ports: - - port: api - protocol: TCP - from: - {{- toYaml .Values.ingress.api | nindent 6 }} - - ports: - - port: metrics - protocol: TCP - from: - {{- toYaml .Values.ingress.metrics | nindent 6 }} - egress: - # TODO: Limit egress traffic to ethereum-rpc. - # Currently not possible to specify by domain name. - - {} # Allow all diff --git a/deploy/templates/service.yaml b/deploy/templates/service.yaml deleted file mode 100644 index a1d9e771..00000000 --- a/deploy/templates/service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if not .Values.canary.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "mychart.fullname" . }} - labels: - {{- include "mychart.labels" . | nindent 4 }} -spec: - type: ClusterIP - selector: - app: {{ include "mychart.fullname" . }} - ports: - - name: api - protocol: TCP - port: 80 - targetPort: api -{{- end }} diff --git a/deploy/templates/statefulset.yaml b/deploy/templates/statefulset.yaml deleted file mode 100644 index 16d6d2a3..00000000 --- a/deploy/templates/statefulset.yaml +++ /dev/null @@ -1,129 +0,0 @@ -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ include "mychart.fullname" . }} - annotations: - kube-score/ignore: 'pod-probes,container-ephemeral-storage-request-and-limit' # TODO - labels: - {{- include "mychart.labels" . | nindent 4 }} -spec: - replicas: {{ .Values.replicas }} - selector: - matchLabels: - app: {{ include "mychart.fullname" . }} - serviceName: {{ include "mychart.fullname" . }}-headless - template: - metadata: - labels: - app: {{ include "mychart.fullname" . }} - {{- include "mychart.labels" . | nindent 8 }} - annotations: - ad.datadoghq.com/{{ .Chart.Name }}.check_names: | - ["openmetrics"] - ad.datadoghq.com/{{ .Chart.Name }}.init_configs: | - [{}] - ad.datadoghq.com/{{ .Chart.Name }}.instances: | - [ - { - "openmetrics_endpoint": "http://%%host%%:9998/metrics", - "namespace": "{{ .Release.Namespace }}", - "metrics": [".*"], - "send_distribution_buckets": true, - "send_distribution_counts_as_monotonic": true - } - ] - spec: - {{- if .Values.persistentStorage.enabled }} - volumes: - - name: {{ include "mychart.fullname" . }}-storage - persistentVolumeClaim: - claimName: {{ include "mychart.fullname" . }} - {{- end }} - {{ with .Values.image.pullSecret -}} - imagePullSecrets: - - name: {{ . }} - {{ end -}} - nodeSelector: - kubernetes.io/arch: {{ .Values.image.arch }} - securityContext: - fsGroup: 10001 - containers: - - name: {{ .Chart.Name }} - image: "{{ .Values.image.image }}:{{ .Values.image.tag | default (print "v" .Chart.AppVersion)}}" - imagePullPolicy: {{ .Values.image.pullPolicy | default "Always" }} - {{- if .Values.persistentStorage.enabled }} - volumeMounts: - - name: {{ include "mychart.fullname" . }}-storage - mountPath: "/volume" - {{- end }} - ports: - - name: api - containerPort: 8080 - protocol: TCP - - name: metrics - containerPort: 9998 - protocol: TCP - envFrom: - - secretRef: - name: application - env: - - name: LOG_FORMAT - value: otlp - - name: VERBOSE - value: "3" - - name: HOST_IP - valueFrom: - fieldRef: - fieldPath: status.hostIP - - name: DATABASE - valueFrom: - secretKeyRef: - name: application - key: DATABASE_URL - - name: DD_SERVICE - value: {{ .Release.Name }} - - name: TRACE_OTLP - value: "grpc://$(HOST_IP):4317" - - name: TRACE_RESOURCE_ENV - value: {{ .Values.environment }} - - name: SERVER - value: http://0.0.0.0:8080 - {{- range $name, $item := .Values.env }} - - name: {{ $name }} - {{- if kindIs "map" $item }} - {{- $item | toYaml | nindent 14 }} - {{- else }} - value: {{ $item | quote }} - {{- end }} - {{- end }} - resources: - {{- toYaml .Values.resources | nindent 12 }} - securityContext: - capabilities: - add: - - NET_BIND_SERVICE - drop: - - all - allowPrivilegeEscalation: false - runAsNonRoot: true - readOnlyRootFilesystem: true - runAsUser: 10001 - runAsGroup: 10001 - livenessProbe: - httpGet: - path: /metrics - scheme: HTTP - port: 9998 - initialDelaySeconds: 10 - timeoutSeconds: 10 - successThreshold: 1 - failureThreshold: 6 - readinessProbe: - httpGet: - path: /metrics - scheme: HTTP - port: 9998 - initialDelaySeconds: 10 - timeoutSeconds: 10 - successThreshold: 1 - failureThreshold: 2 diff --git a/deploy/values.yaml b/deploy/values.yaml deleted file mode 100644 index 51892a3d..00000000 --- a/deploy/values.yaml +++ /dev/null @@ -1,44 +0,0 @@ -image: - image: "ghcr.io/worldcoin/signup-sequencer" - tag: # Defaults to `v` + appVersion - arch: amd64 # Either amd64 or arm64 - pullSecret: - -labels: - component: # Defaults to name - partOf: protocol-signup - createdBy: - -environment: prod -replicas: 1 -region: "us-east-1" - -canary: - enabled: false - -resources: - requests: - cpu: 0.1 - memory: 128Mi - limits: - cpu: 16.0 - memory: 4Gi - -# Env values can be strings (to be prefixed with `value:`) or objects -env: - ETHEREUM_PROVIDER: "https://localhost:8545/" - STORAGE_FILE: "/volume/commitments.json" # use mounted EBS Volume - -# Spec ingress policy for the `api` and `metrics` port. -# Values are a list of NetworkPolicyPeer v1 objects, empty means allow all. -ingress: - host: "signup.crypto.worldcoin.dev" - api: - metrics: - cors: # Enable Traefik Middleware with CORS headers - enabled: true - -persistentStorage: - enabled: true - size: 100Gi - volumeID: aws://us-east-1a/vol-0ad5bd5c5af15e0c8 # example: aws://us-east-1c/vol-aabbcc123