Add Zulip
For discussion about Rocketchat and Zulip, see #953 (closed).
Blocks #986 and #985 (closed) and if we continue with Zulip also makes obsolete #637 (closed)
New app checklist:
Flux
-
Create new source if needed in flux2/infrastructure/sources/APP.yaml
-
Include APP.yaml
influx2/infrastructure/sources/kustomization.yaml
-
Add app secret: install/templates/oas-APP-variables.yaml.jinja
- Add kustomizations:
-
flux2/cluster/optional/APP/APP.yaml
-
flux2/apps/APP/kustomization.yaml
-
If needed, add PVCs in flux2/apps/APP/pvc.yaml
-
Add helmrelease in flux2/apps/APP/release.yaml
-
Single sign-on
- Integrate the new app into the single sign-on system
-
Add OAuth client secret to install/templates/oas-oauth-variables.yaml.jinja
- In
flux2/core/base/single-sign-on/release.yaml
:-
Add app userbackend.applications
-
Add app to oAuthClients
-
-
Configure app OIDC settings in helmrelease flux2/apps/APP/release.yaml
-
Disable user/pw login if possible -
Admin-login should grant admin privileges (impossible ATM) (#1035) -
Non-admin should not grant admin privileges (impossible ATM) (#1035)
-
Tests
-
Make sure testing app resources work ( test/pytest/test_resources.py
) -
Add taiko test ( tests/taiko
) (extremely limited)
CI
Add the following elements to .gitlab-ci.yml
:
-
.APP-rules
partial -
enable-APP
job -
APP-kustomization-ready
job -
APP-cert
job -
APP-taiko
test job
Other
-
Reduce memory footprint
Renovatebot
N/A because we have a GitRepository chart
-
Make sure the needed helmRelease fields for renovatebot are in place and order, i.e. # renovate: registryUrl=https://helm-charts.wikimedia.org/stable/ chart: eventrouter version: 0.3.6
**Note**: the order of these lines is important for renovatebot's regular expression to match them. For adding the registryUrl automatically, you could use the [renovate-helm-releases](https://github.com/k8s-at-home/renovate-helm-releases) script: ``` git clone https://github.com/k8s-at-home/renovate-helm-releases /tmp/renovate-helm-releases /tmp/renovate.py --cluster-path flux2 ```
-
Make sure that latest renovate pipeline checks for app updates after the new app is merged into the main branch
Documentation
- Add app to:
-
docs/installation_instructions.rst
-
docs/testing_instructions.rst
-
docs/usage.rst
-
Helm chart improvements
-
Use existingClaim PVCs -
Use external helm charts for dependencies -
Add Velero-compatible labels (#457 (closed)): -
stackspin.net/backupSet: zulip
on pods -
stackspin.net/backupSet: zulip
on statefulset/deployment -
stackspin.net/backupSet: zulip
on PVC - also one annotation on the pods:
backup.velero.io/backup-volumes: "volume1,volume2,..."
where thevolume1
etc. are the names of the volumes that need to be backed up, as they are named internally in the pod spec.
-
-
Add liveness, readiness and startup probes
Edited by Maarten de Waard