Context Flow (#36)

* Add context-flow-db Helm chart with PostgreSQL configuration and templates

* Update kube/context-flow-db/templates/manual-backup.yaml

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Phelipe Rocha <phelipeafonso@gmail.com>

* Update kube/context-flow-db/templates/manual-backup.yaml

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Phelipe Rocha <phelipeafonso@gmail.com>

* Update kube/context-flow-db/Chart.yaml

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Phelipe Rocha <phelipeafonso@gmail.com>

* Add context-flow Helm chart with deployment, service, and ingress configurations

* Update kube/context-flow-db/templates/networkpolicy.yaml

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Phelipe Rocha <phelipeafonso@gmail.com>

* Update container images in deployment and job templates to use values from values.yaml

* Update kube/context-flow/Chart.yaml

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Phelipe Rocha <phelipeafonso@gmail.com>

* Update kube/context-flow/templates/ingress.yaml

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Phelipe Rocha <phelipeafonso@gmail.com>

---------

Signed-off-by: Phelipe Rocha <phelipeafonso@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

Author: pheliperocha

helmfile.yaml.gotmpl

@@ -101,3 +101,19 @@ releases:
       - ./kube/values.yaml
     secrets:
       - ./kube/secrets.yaml
+
+  - name: context-flow
+    namespace: context-flow
+    chart: ./kube/context-flow
+    version: 1.0.0
+    values:
+      - ./kube/values.yaml
+  
+  - name: context-flow-db
+    namespace: context-flow
+    chart: ./kube/context-flow-db
+    version: 1.0.0
+    values:
+      - ./kube/values.yaml
+    secrets:
+      - ./kube/secrets.yaml

kube/context-flow-db/Chart.yaml

@@ -0,0 +1,12 @@
+apiVersion: v2
+name: context-flow-db
+description: Context Flow Database (CloudNative-PG)
+type: application
+version: 1.0.0
+appVersion: "18.1"
+kubeVersion: "^1.20.0"
+sources:
+  - https://github.com/pheliperocha/home-server
+maintainers:
+  - name: Phelipe Rocha
+    url: https://pheliperocha.com

kube/context-flow-db/templates/_helpers.tpl

@@ -0,0 +1,56 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "context-flow-db.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+*/}}
+{{- define "context-flow-db.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "context-flow-db.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "context-flow-db.labels" -}}
+helm.sh/chart: {{ include "context-flow-db.chart" . }}
+{{ include "context-flow-db.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "context-flow-db.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "context-flow-db.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Cluster name
+*/}}
+{{- define "context-flow-db.clusterName" -}}
+{{- printf "context-flow-db" }}
+{{- end }}

kube/context-flow-db/templates/cluster.yaml

@@ -0,0 +1,65 @@
+{{- if .Values.context_flow_db.enabled }}
+apiVersion: postgresql.cnpg.io/v1
+kind: Cluster
+metadata:
+  name: {{ include "context-flow-db.clusterName" . }}
+  namespace: context-flow
+  labels:
+    {{- include "context-flow-db.labels" . | nindent 4 }}
+spec:
+  instances: {{ .Values.context_flow_db.cluster.instances }}
+  
+  imageName: ghcr.io/cloudnative-pg/postgresql:18.1
+  
+  bootstrap:
+    initdb:
+      database: {{ .Values.context_flow_db.database.name }}
+      owner: app
+      encoding: UTF8
+      localeCType: en_US.UTF-8
+      localeCollate: en_US.UTF-8
+  
+  storage:
+    size: {{ .Values.context_flow_db.cluster.storage.size }}
+    {{- if .Values.context_flow_db.cluster.storage.storageClass }}
+    storageClass: {{ .Values.context_flow_db.cluster.storage.storageClass }}
+    {{- end }}
+  
+  resources:
+    requests:
+      memory: {{ .Values.context_flow_db.cluster.resources.requests.memory | quote }}
+      cpu: {{ .Values.context_flow_db.cluster.resources.requests.cpu | quote }}
+    limits:
+      memory: {{ .Values.context_flow_db.cluster.resources.limits.memory | quote }}
+      cpu: {{ .Values.context_flow_db.cluster.resources.limits.cpu | quote }}
+  
+  postgresql:
+    parameters:
+      {{- range $key, $value := .Values.context_flow_db.cluster.postgresql.parameters }}
+      {{ $key }}: {{ $value | quote }}
+      {{- end }}
+  
+  monitoring:
+    enablePodMonitor: true
+  
+  {{- if .Values.context_flow_db.backup.enabled }}
+  backup:
+    barmanObjectStore:
+      destinationPath: "s3://{{ .Values.context_flow_db.backup.s3.bucket }}{{ .Values.context_flow_db.backup.s3.path }}"
+      endpointURL: {{ .Values.context_flow_db.backup.s3.endpointURL }}
+      s3Credentials:
+        accessKeyId:
+          name: {{ .Values.context_flow_db.backup.s3.credentialsSecretName }}
+          key: AWS_ACCESS_KEY_ID
+        secretAccessKey:
+          name: {{ .Values.context_flow_db.backup.s3.credentialsSecretName }}
+          key: AWS_SECRET_ACCESS_KEY
+      wal:
+        compression: gzip
+        encryption: AES256
+      data:
+        compression: gzip
+        encryption: AES256
+    retentionPolicy: {{ .Values.context_flow_db.backup.retentionPolicy | quote }}
+  {{- end }}
+{{- end }}

kube/context-flow-db/templates/manual-backup.yaml

@@ -0,0 +1,10 @@
+{{- if and .Values.context_flow_db.enabled .Values.context_flow_db.backup.enabled .Values.context_flow_db.backup.manualBackup.enabled }}
+apiVersion: postgresql.cnpg.io/v1
+kind: Backup
+metadata:
+  name: cnpg-manual-backup{{- if .Values.context_flow_db.backup.manualBackup.suffix }}-{{ .Values.context_flow_db.backup.manualBackup.suffix }}{{- end }}
+  namespace: context-flow
+spec:
+  cluster:
+    name: {{ include "context-flow-db.clusterName" . }}
+{{- end }}

kube/context-flow-db/templates/networkpolicy.yaml

@@ -0,0 +1,34 @@
+{{- if and .Values.context_flow_db.enabled .Values.context_flow_db.networkPolicy.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: {{ include "context-flow-db.clusterName" . }}-netpol
+  namespace: context-flow
+  labels:
+    {{- include "context-flow-db.labels" . | nindent 4 }}
+spec:
+  podSelector:
+    matchLabels:
+      cnpg.io/cluster: {{ include "context-flow-db.clusterName" . }}
+  policyTypes:
+    - Ingress
+  ingress:
+    {{- if .Values.context_flow_db.networkPolicy.allowSameNamespace }}
+    # Allow connections from pods in the same namespace
+    - from:
+      - podSelector: {}
+      ports:
+      - protocol: TCP
+        port: 5432
+    {{- end }}
+    # Allow connections from CloudNative-PG operator
+    - from:
+      - namespaceSelector:
+          matchLabels:
+            kubernetes.io/metadata.name: cloudnative-pg-system
+      ports:
+      - protocol: TCP
+        port: 5432
+      - protocol: TCP
+        port: 8000
+{{- end }}

kube/context-flow-db/templates/scheduledbackup.yaml

@@ -0,0 +1,16 @@
+{{- if and .Values.context_flow_db.enabled .Values.context_flow_db.backup.enabled }}
+apiVersion: postgresql.cnpg.io/v1
+kind: ScheduledBackup
+metadata:
+  name: {{ include "context-flow-db.clusterName" . }}-backup
+  namespace: context-flow
+  labels:
+    {{- include "context-flow-db.labels" . | nindent 4 }}
+spec:
+  schedule: {{ .Values.context_flow_db.backup.schedule | quote }}
+  backupOwnerReference: self
+  cluster:
+    name: {{ include "context-flow-db.clusterName" . }}
+  method: barmanObjectStore
+  immediate: false
+{{- end }}

kube/context-flow-db/templates/service.yaml

@@ -0,0 +1,19 @@
+{{- if .Values.context_flow_db.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Values.context_flow_db.service.name }}
+  namespace: context-flow
+  labels:
+    {{- include "context-flow-db.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.context_flow_db.service.type }}
+  ports:
+    - name: postgres
+      port: {{ .Values.context_flow_db.service.port }}
+      targetPort: 5432
+      protocol: TCP
+  selector:
+    cnpg.io/cluster: {{ include "context-flow-db.clusterName" . }}
+    role: primary
+{{- end }}

kube/context-flow-db/values.yaml

@@ -0,0 +1,58 @@
+context_flow_db:
+  enabled: true
+  
+  database:
+    name: context_flow
+  
+  cluster:
+    instances: 1
+    
+    resources:
+      requests:
+        memory: "1Gi"
+        cpu: "500m"
+      limits:
+        memory: "2Gi"
+        cpu: "1000m"
+    
+    storage:
+      size: 10Gi
+      storageClass: ""  # Use cluster default
+    
+    postgresql:
+      parameters:
+        max_connections: "100"
+        shared_buffers: "256MB"
+        effective_cache_size: "1GB"
+        maintenance_work_mem: "64MB"
+        checkpoint_completion_target: "0.9"
+        wal_buffers: "16MB"
+        default_statistics_target: "100"
+        random_page_cost: "1.1"
+        effective_io_concurrency: "200"
+        work_mem: "2621kB"
+        min_wal_size: "1GB"
+        max_wal_size: "4GB"
+  
+  backup:
+    enabled: false
+    schedule: "0 2 * * *"  # Daily at 2 AM
+    retentionPolicy: "30d"
+    s3:
+      endpointURL: "https://s3.sa-east-1.amazonaws.com"
+      bucket: "context-flow-backups"
+      path: "/cnpg-production"
+      credentialsSecretName: "aws-secrets"
+    manualBackup:
+      enabled: false
+      suffix: ""
+  
+  service:
+    name: "pg-context-flow-db"
+    type: ClusterIP
+    port: 5432
+  
+  networkPolicy:
+    enabled: true
+    # Only allow connections from pods in the same namespace
+    allowSameNamespace: true

kube/context-flow/Chart.yaml

@@ -0,0 +1,10 @@
+apiVersion: v2
+name: context-flow
+description: Helm chart for context-flow
+type: application
+version: 1.0.0
+appVersion: "1.0.0"
+kubeVersion: "^1.20.0"
+maintainers:
+  - name: Phelipe Rocha
+    url: https://pheliperocha.com