Merge branch 'sebastian/prod-2981-set-up-catalog-pipeline' of github.…

…com:pluralsh/scaffolds into sebastian/prod-2981-set-up-catalog-pipeline
pluralsh · Dec 17, 2024 · 1eaf21b · 1eaf21b
2 parents b7879a4 + 546b4f9
commit 1eaf21b
Show file tree

Hide file tree

Showing 2 changed files with 57 additions and 131 deletions.
diff --git a/catalogs/data/dagster/helm/dagster.yaml.liquid b/catalogs/data/dagster/helm/dagster.yaml.liquid
@@ -1,130 +1,56 @@
-global:
-    serviceAccountName: dagster
-
-oidc-config:
-    enabled: false
-    service:
-        name: dagster-oauth2-proxy
-        selector:
-            app.kubernetes.io/instance: dagster
-            component: dagster-webserver
-    secret:
-        env:
-            OAUTH2_PROXY_UPSTREAM_TIMEOUT: '120s'
-
-
-postgres:
-    team: plural
-    user: dagster
-    dbName: dagster
-    ownerChart: dagster
-    password: REPLACE_ME
-    infix: ""
-
-test-base:
-    enabled: false
-    application: dagster
-    testName: dagster-integration
-    promoteTag: stable
-    tags:
-        - 1.7.7
-
-config-overlays:
-    configOverlays:
-        ingress-class:
-            spec:
-                folder: network
-                subfolder: ingress
-                name: Ingress Class
-                documentation: the ingress class to deploy dagster with (use `internal-nginx` to place it on a private network)
-                updates:
-                    - path: ['dagster', 'dagster', 'ingress', 'ingressClassName']
-
-oidcProxy:
+{% raw %}
+{% assign imports_dagster_key =  'dagster-' | append: configuration.cluster %}
+
+dagsterWebserver:
+    annotations:
+        security.plural.sh/oauth-env-secret: dagster-proxy-config
+      {% if configuration["basicAuth"] %}
+        security.plural.sh/htpasswd-secret: httpaswd-users
+      {% endif %}
+    labels:
+        security.plural.sh/inject-oauth-sidecar: "true"
+
+postgresql:
     enabled: false
-
-dagster:
-    migrate:
-        enabled: true
-
-    dagsterDaemon:
-        image:
-            repository: dkr.plural.sh/dagster/dagster/dagster-celery-k8s
-            tag: 1.7.7
-        resources:
-            requests:
-                cpu: 15m
-                memory: 156Mi
-            limits:
-                memory: 256Mi
+    postgresqlHost: {{ imports[imports_dagster_key].postgres_host }}
+    postgresqlUsername: dagster
+    postgresqlPassword: {{ imports[imports_dagster_key].postgres_password }}
+    postgresqlDatabase: dagster
+    postgresqlParams:
+        sslmode: require
+
+ingress:
+    enabled: true
+    ingressClassName: nginx
     dagsterWebserver:
-        image:
-            repository: dkr.plural.sh/dagster/dagster/dagster-celery-k8s
-            tag: 1.7.7
-        resources:
-            requests:
-                cpu: 25m
-                memory: 180Mi
-            limits:
-                memory: 256Mi
-    busybox:
-        image:
-            repository: dkr.plural.sh/dagster/library/busybox
-            tag: 1.28.0
-    pipelineRun:
-        image:
-            repository: dkr.plural.sh/dagster/dagster/user-code-example
-            tag: 1.7.7
-
-    ingress:
-        enabled: true
-        dagit:
-            tls:
-                enabled: true
-                secretName: dagster-tls
-        ingressClassName: nginx
-        annotations:
-            kubernetes.io/tls-acme: "true"
-            cert-manager.io/cluster-issuer: letsencrypt-prod
-            # Extend timeout to allow long running queries.
-            nginx.ingress.kubernetes.io/proxy-connect-timeout: "300"
-            nginx.ingress.kubernetes.io/proxy-read-timeout: "300"
-            nginx.ingress.kubernetes.io/proxy-send-timeout: "300"
-            nginx.ingress.kubernetes.io/use-regex: "true"
-
-    runLauncher:
-        type: K8sRunLauncher
-        config:
-            celeryK8sRunLauncher:
-                image:
-                    repository: dkr.plural.sh/dagster/dagster/dagster-celery-k8s
-                    tag: 1.7.7
-
-    postgresql:
-        enabled: false
-        # image is still used for checks if the db is ready
-        image:
-            repository: dkr.plural.sh/dagster/library/postgres
-            tag: 9.6.24
-        postgresqlHost: plural-dagster
-        postgresqlUsername: dagster
-        postgresqlDatabase: dagster
-        postgresqlParams:
-            sslmode: require
-
-    dagster-user-deployments:
-        enabled: true
-        deployments:
-            - name: "k8s-example-user-code-1"
-              image:
-                  repository: ghcr.io/pluralsh/containers/dagster/user-code-example
-                  tag: 1.7.7-plural1.3.10
-                  pullPolicy: Always
-              resources:
-                  requests:
-                      cpu: 20m
-                      memory: 100Mi
-              dagsterApiGrpcArgs:
-                  - "--python-file"
-                  - "/example_project/example_repo/repo.py"
-              port: 3030
+        host: {{ configuration.hostname }}
+        tls:
+            enabled: true
+            secretName: dagster-tls
+        precedingPaths:
+            - path: /.*
+              pathType: ImplementationSpecific
+              serviceName: dagster-oauth2-proxy
+              servicePort: http-oauth
+    annotations:
+        kubernetes.io/tls-acme: "true"
+        cert-manager.io/cluster-issuer: letsencrypt-prod
+        # Extend timeout to allow long running queries.
+        nginx.ingress.kubernetes.io/proxy-connect-timeout: "300"
+        nginx.ingress.kubernetes.io/proxy-read-timeout: "300"
+        nginx.ingress.kubernetes.io/proxy-send-timeout: "300"
+        nginx.ingress.kubernetes.io/use-regex: "true"
+
+dagster-user-deployments:
+    enabled: true
+    deployments:
+        - name: "k8s-example-user-code-1"
+          image:
+              repository: "docker.io/dagster/user-code-example"
+              tag: latest
+              pullPolicy: Always
+          dagsterApiGrpcArgs:
+              - "--python-file"
+              - "/example_project/example_repo/repo.py"
+          port: 3030
+{% endraw %}
diff --git a/catalogs/data/dagster/helm/oauth-proxy-config.yaml.liquid b/catalogs/data/dagster/helm/oauth-proxy-config.yaml.liquid
@@ -4,15 +4,15 @@
 service:
   name: dagster-oauth2-proxy
   selector:
-    app.kubernetes.io/instance: dagster
-    app.kubernetes.io/name: webapp
+    app.kubernetes.io/name: dagster
+    component: dagster-webserver
 
 secret:
   clientID: {{ imports[imports_dagster_key].oidc_client_id }}
   clientSecret: {{ imports[imports_dagster_key].oidc_client_secret }}
   cookieSecret: {{ imports[imports_dagster_key].oidc_cookie_secret }}
   issuer: https://oidc.plural.sh/
-  upstream: http://localhost:8080
+  upstream: http://localhost:80
   name: dagster-proxy-config
   env:
     OAUTH2_PROXY_UPSTREAM_TIMEOUT: '120s'