From 7f9f558d1c088a2178468852d4644edcd8b9d0b3 Mon Sep 17 00:00:00 2001 From: Ammar Lakis Date: Tue, 26 Oct 2021 11:54:23 +0200 Subject: [PATCH 01/11] Add reverse proxy deployment Signed-off-by: Ammar Lakis --- .../components/reverse_proxy_deployment.yaml | 60 +++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 prow/cluster/components/reverse_proxy_deployment.yaml diff --git a/prow/cluster/components/reverse_proxy_deployment.yaml b/prow/cluster/components/reverse_proxy_deployment.yaml new file mode 100644 index 000000000000..40142b84e942 --- /dev/null +++ b/prow/cluster/components/reverse_proxy_deployment.yaml @@ -0,0 +1,60 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: reverse-proxy + namespace: default + labels: + app: reverse-proxy +spec: + selector: + matchLabels: + app: reverse-proxy + template: + metadata: + labels: + app: reverse-proxy + spec: + containers: + - name: nginx + image: nginx:1.20-alpine + ports: + - containerPort: 80 + volumeMounts: + - name: config + mountPath: /etc/nginx/conf.d/ + volumes: + - name: config + configMap: + name: reverse-proxy-config +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: reverse-proxy-config + namespace: default +data: + default.conf: | + server { + listen 80; + server_name _; + + location /robots.txt { + proxy_pass https://storage.googleapis.com/kyma-prow-logs/robots.txt; + } + + location = /50x.html { + root /usr/share/nginx/html; + } + } +--- +apiVersion: v1 +kind: Service +metadata: + name: reverse-proxy +spec: + type: ClusterIP + selector: + app: nginx + ports: + - port: 80 + targetPort: 80 From 3469c4a9f899b9021ab06816fdb052dababd4137 Mon Sep 17 00:00:00 2001 From: Ammar Lakis Date: Tue, 26 Oct 2021 12:00:09 +0200 Subject: [PATCH 02/11] Serve robots.txt for prow status dashboard Signed-off-by: Ammar Lakis --- prow/cluster/components/tls-ing_ingress.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/prow/cluster/components/tls-ing_ingress.yaml b/prow/cluster/components/tls-ing_ingress.yaml index 2a791b429972..078ecf5cbe26 100644 --- a/prow/cluster/components/tls-ing_ingress.yaml +++ b/prow/cluster/components/tls-ing_ingress.yaml @@ -34,3 +34,7 @@ spec: backend: serviceName: pushgateway-external servicePort: 80 + - path: /robots.txt + backend: + serviceName: reverse-proxy + servicePort: 80 From 315dc13a2c34eb99b2a0991d6f689d3a39916dab Mon Sep 17 00:00:00 2001 From: Ammar Lakis Date: Tue, 26 Oct 2021 13:56:55 +0200 Subject: [PATCH 03/11] Fix service selector for reverse proxy Signed-off-by: Ammar Lakis --- prow/cluster/components/reverse_proxy_deployment.yaml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/prow/cluster/components/reverse_proxy_deployment.yaml b/prow/cluster/components/reverse_proxy_deployment.yaml index 40142b84e942..677f348af7c7 100644 --- a/prow/cluster/components/reverse_proxy_deployment.yaml +++ b/prow/cluster/components/reverse_proxy_deployment.yaml @@ -51,10 +51,13 @@ apiVersion: v1 kind: Service metadata: name: reverse-proxy + namespace: default + labels: + app: reverse-proxy spec: - type: ClusterIP + type: NodePort selector: - app: nginx + app: reverse-proxy ports: - - port: 80 - targetPort: 80 + - name: http + port: 80 From 0498de672a53abe4deb7e6e5e7219a51de99edde Mon Sep 17 00:00:00 2001 From: Ammar Lakis Date: Tue, 26 Oct 2021 13:57:15 +0200 Subject: [PATCH 04/11] Add liveness and readiness probes for reverse proxy container Signed-off-by: Ammar Lakis --- .../components/reverse_proxy_deployment.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/prow/cluster/components/reverse_proxy_deployment.yaml b/prow/cluster/components/reverse_proxy_deployment.yaml index 677f348af7c7..5cee4dfa5eb0 100644 --- a/prow/cluster/components/reverse_proxy_deployment.yaml +++ b/prow/cluster/components/reverse_proxy_deployment.yaml @@ -22,6 +22,20 @@ spec: volumeMounts: - name: config mountPath: /etc/nginx/conf.d/ + livenessProbe: + httpGet: + path: /robots.txt + port: 80 + initialDelaySeconds: 10 + periodSeconds: 3 + timeoutSeconds: 600 + readinessProbe: + httpGet: + path: /robots.txt + port: 80 + initialDelaySeconds: 10 + periodSeconds: 3 + timeoutSeconds: 600 volumes: - name: config configMap: From fbe5ea4775c8e2021239f7f7d659ee8cb7337249 Mon Sep 17 00:00:00 2001 From: Ammar Lakis Date: Wed, 27 Oct 2021 13:23:54 +0200 Subject: [PATCH 05/11] Host static files on reverse proxy Signed-off-by: Ammar Lakis --- prow/cluster/components/reverse_proxy_deployment.yaml | 9 +++++++-- prow/plugins.yaml | 2 ++ prow/static_files/index.html | 0 prow/static_files/robots.txt | 2 ++ 4 files changed, 11 insertions(+), 2 deletions(-) create mode 100644 prow/static_files/index.html create mode 100644 prow/static_files/robots.txt diff --git a/prow/cluster/components/reverse_proxy_deployment.yaml b/prow/cluster/components/reverse_proxy_deployment.yaml index 5cee4dfa5eb0..0a7f77127f3c 100644 --- a/prow/cluster/components/reverse_proxy_deployment.yaml +++ b/prow/cluster/components/reverse_proxy_deployment.yaml @@ -22,6 +22,8 @@ spec: volumeMounts: - name: config mountPath: /etc/nginx/conf.d/ + - name: static-files + mountPath: /usr/share/nginx/html/ livenessProbe: httpGet: path: /robots.txt @@ -40,6 +42,9 @@ spec: - name: config configMap: name: reverse-proxy-config + - name: static-files + configMap: + name: static-files --- apiVersion: v1 kind: ConfigMap @@ -52,8 +57,8 @@ data: listen 80; server_name _; - location /robots.txt { - proxy_pass https://storage.googleapis.com/kyma-prow-logs/robots.txt; + location / { + root /usr/share/nginx/html/; } location = /50x.html { diff --git a/prow/plugins.yaml b/prow/plugins.yaml index f2d1ed56a7a2..a9421496dce0 100644 --- a/prow/plugins.yaml +++ b/prow/plugins.yaml @@ -49,6 +49,8 @@ config_updater: clusters: trusted-workload: - default + prow/static-files/*: + name: static-files triggers: - repos: diff --git a/prow/static_files/index.html b/prow/static_files/index.html new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/prow/static_files/robots.txt b/prow/static_files/robots.txt new file mode 100644 index 000000000000..1f53798bb4fe --- /dev/null +++ b/prow/static_files/robots.txt @@ -0,0 +1,2 @@ +User-agent: * +Disallow: / From 830717acba576f1271d8c52308ca5eabde5b266b Mon Sep 17 00:00:00 2001 From: Ammar Lakis Date: Wed, 27 Oct 2021 14:28:55 +0200 Subject: [PATCH 06/11] Rename reverse proxy to web server Signed-off-by: Ammar Lakis --- ...loyment.yaml => web_server_deployment.yaml} | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) rename prow/cluster/components/{reverse_proxy_deployment.yaml => web_server_deployment.yaml} (85%) diff --git a/prow/cluster/components/reverse_proxy_deployment.yaml b/prow/cluster/components/web_server_deployment.yaml similarity index 85% rename from prow/cluster/components/reverse_proxy_deployment.yaml rename to prow/cluster/components/web_server_deployment.yaml index 0a7f77127f3c..8547d5d9c02a 100644 --- a/prow/cluster/components/reverse_proxy_deployment.yaml +++ b/prow/cluster/components/web_server_deployment.yaml @@ -1,18 +1,18 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: reverse-proxy + name: web-server namespace: default labels: - app: reverse-proxy + app: web-server spec: selector: matchLabels: - app: reverse-proxy + app: web-server template: metadata: labels: - app: reverse-proxy + app: web-server spec: containers: - name: nginx @@ -41,7 +41,7 @@ spec: volumes: - name: config configMap: - name: reverse-proxy-config + name: web-server-config - name: static-files configMap: name: static-files @@ -49,7 +49,7 @@ spec: apiVersion: v1 kind: ConfigMap metadata: - name: reverse-proxy-config + name: web-server-config namespace: default data: default.conf: | @@ -69,14 +69,14 @@ data: apiVersion: v1 kind: Service metadata: - name: reverse-proxy + name: web-server namespace: default labels: - app: reverse-proxy + app: web-server spec: type: NodePort selector: - app: reverse-proxy + app: web-server ports: - name: http port: 80 From 4c4af18de4a02f01e26a276f9e58ff131938189b Mon Sep 17 00:00:00 2001 From: Ammar Lakis Date: Wed, 27 Oct 2021 14:54:07 +0200 Subject: [PATCH 07/11] Add web server to deployment script Signed-off-by: Ammar Lakis --- prow/README.md | 1 + prow/cluster/components/tls-ing_ingress.yaml | 2 +- ...{web_server_deployment.yaml => web-server_deployment.yaml} | 4 ++-- prow/cluster/deploy.sh | 1 + prow/{static_files => static-files}/robots.txt | 0 prow/static_files/index.html | 0 6 files changed, 5 insertions(+), 3 deletions(-) rename prow/cluster/components/{web_server_deployment.yaml => web-server_deployment.yaml} (96%) rename prow/{static_files => static-files}/robots.txt (100%) delete mode 100644 prow/static_files/index.html diff --git a/prow/README.md b/prow/README.md index 17552b539b41..7d7215392c4e 100644 --- a/prow/README.md +++ b/prow/README.md @@ -52,6 +52,7 @@ Its structure looks as follows: └── plugins.yaml # The file with Prow plugins configuration └── create-secrets-for-workload-cluster.sh # The script which creates a Secret in the Prow cluster, used to access the workload cluster └── set-up-workload-cluster.sh # The script which prepares the workload cluster to be used by the Prow cluster + └── static-files # Files that will be uploaded to the nginx web server. To configure how traffic is routed to these files, update the prow ingress paths and the web server configuration ConfigMap. ``` ## Installation diff --git a/prow/cluster/components/tls-ing_ingress.yaml b/prow/cluster/components/tls-ing_ingress.yaml index 078ecf5cbe26..c9a3de4737fb 100644 --- a/prow/cluster/components/tls-ing_ingress.yaml +++ b/prow/cluster/components/tls-ing_ingress.yaml @@ -36,5 +36,5 @@ spec: servicePort: 80 - path: /robots.txt backend: - serviceName: reverse-proxy + serviceName: web-server servicePort: 80 diff --git a/prow/cluster/components/web_server_deployment.yaml b/prow/cluster/components/web-server_deployment.yaml similarity index 96% rename from prow/cluster/components/web_server_deployment.yaml rename to prow/cluster/components/web-server_deployment.yaml index 8547d5d9c02a..14174f94af5e 100644 --- a/prow/cluster/components/web_server_deployment.yaml +++ b/prow/cluster/components/web-server_deployment.yaml @@ -30,14 +30,14 @@ spec: port: 80 initialDelaySeconds: 10 periodSeconds: 3 - timeoutSeconds: 600 + timeoutSeconds: 30 readinessProbe: httpGet: path: /robots.txt port: 80 initialDelaySeconds: 10 periodSeconds: 3 - timeoutSeconds: 600 + timeoutSeconds: 30 volumes: - name: config configMap: diff --git a/prow/cluster/deploy.sh b/prow/cluster/deploy.sh index 880961d3b11f..c8e04e8a709c 100755 --- a/prow/cluster/deploy.sh +++ b/prow/cluster/deploy.sh @@ -44,6 +44,7 @@ prow_components=( "tide_deployment.yaml" "tide_service.yaml" "tls-ing_ingress.yaml" +"web_server_deployment.yaml" ) function ensure-context() { diff --git a/prow/static_files/robots.txt b/prow/static-files/robots.txt similarity index 100% rename from prow/static_files/robots.txt rename to prow/static-files/robots.txt diff --git a/prow/static_files/index.html b/prow/static_files/index.html deleted file mode 100644 index e69de29bb2d1..000000000000 From 73e034135e33834e5b59d4d79eaae20258a73ffb Mon Sep 17 00:00:00 2001 From: Ammar Lakis Date: Tue, 9 Nov 2021 14:37:14 +0100 Subject: [PATCH 08/11] Move prow static files under cluster folder Signed-off-by: Ammar Lakis --- prow/README.md | 1 - prow/cluster/README.md | 5 +++-- prow/{ => cluster}/static-files/robots.txt | 0 prow/plugins.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) rename prow/{ => cluster}/static-files/robots.txt (100%) diff --git a/prow/README.md b/prow/README.md index 7d7215392c4e..17552b539b41 100644 --- a/prow/README.md +++ b/prow/README.md @@ -52,7 +52,6 @@ Its structure looks as follows: └── plugins.yaml # The file with Prow plugins configuration └── create-secrets-for-workload-cluster.sh # The script which creates a Secret in the Prow cluster, used to access the workload cluster └── set-up-workload-cluster.sh # The script which prepares the workload cluster to be used by the Prow cluster - └── static-files # Files that will be uploaded to the nginx web server. To configure how traffic is routed to these files, update the prow ingress paths and the web server configuration ConfigMap. ``` ## Installation diff --git a/prow/cluster/README.md b/prow/cluster/README.md index 3a4572d0216d..4b29ab1422ea 100644 --- a/prow/cluster/README.md +++ b/prow/cluster/README.md @@ -11,6 +11,7 @@ This folder contains files related to the configuration of the Prow production c The structure of the folder looks as follows: ``` - ├── components # Definitions of Prow components and cluster configuration. - └── resources # Helm charts used by the Prow cluster. + ├── components # Definitions of Prow components and cluster configuration. + ├── resources # Helm charts used by the Prow cluster. + └── static-files # Files that will be uploaded to the nginx web server. ``` diff --git a/prow/static-files/robots.txt b/prow/cluster/static-files/robots.txt similarity index 100% rename from prow/static-files/robots.txt rename to prow/cluster/static-files/robots.txt diff --git a/prow/plugins.yaml b/prow/plugins.yaml index a9421496dce0..aa4b7c1a6199 100644 --- a/prow/plugins.yaml +++ b/prow/plugins.yaml @@ -49,7 +49,7 @@ config_updater: clusters: trusted-workload: - default - prow/static-files/*: + prow/cluster/static-files/*: name: static-files triggers: From 2af7a9251ddac5ef224ec1e6827942a4cb3daba0 Mon Sep 17 00:00:00 2001 From: Ammar Lakis Date: Tue, 9 Nov 2021 14:55:10 +0100 Subject: [PATCH 09/11] Add explaination for updating static files Signed-off-by: Ammar Lakis --- prow/cluster/README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/prow/cluster/README.md b/prow/cluster/README.md index 4b29ab1422ea..7e19503509a7 100644 --- a/prow/cluster/README.md +++ b/prow/cluster/README.md @@ -15,3 +15,6 @@ The structure of the folder looks as follows: ├── resources # Helm charts used by the Prow cluster. └── static-files # Files that will be uploaded to the nginx web server. ``` + +## Adding static files +All files added to the `static-files` folder are uploaded in a ConfigMap to the cluster and mounted by the web server in the web root directory. To route traffic for a specific path to the nginx web server, update the ingress `tls-ing` configuration in `tls-ing_ingress.yaml`. From 13bb045862f0b7ae49ae3f8957fcbb74d49ec766 Mon Sep 17 00:00:00 2001 From: Ammar Lakis Date: Tue, 9 Nov 2021 15:51:12 +0100 Subject: [PATCH 10/11] Rewording Co-authored-by: Przemek Pokrywka --- prow/cluster/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/prow/cluster/README.md b/prow/cluster/README.md index 7e19503509a7..a58013c562f7 100644 --- a/prow/cluster/README.md +++ b/prow/cluster/README.md @@ -17,4 +17,4 @@ The structure of the folder looks as follows: ``` ## Adding static files -All files added to the `static-files` folder are uploaded in a ConfigMap to the cluster and mounted by the web server in the web root directory. To route traffic for a specific path to the nginx web server, update the ingress `tls-ing` configuration in `tls-ing_ingress.yaml`. +All files added to the `static-files` folder are automatically uploaded by Prow config_updater plugin to the cluster in a ConfigMap. Uploaded files are mounted by the web server in the web root directory. To route traffic for a specific path to the nginx web server, in order to serve these files, update the ingress `tls-ing` configuration in `tls-ing_ingress.yaml`. From d674625b2488520ba00db7dd47733b4c8901c307 Mon Sep 17 00:00:00 2001 From: Ammar Lakis Date: Mon, 15 Nov 2021 13:59:45 +0100 Subject: [PATCH 11/11] Update prow/cluster/README.md Co-authored-by: Aleksandra Simeonova --- prow/cluster/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/prow/cluster/README.md b/prow/cluster/README.md index a58013c562f7..39849ffae242 100644 --- a/prow/cluster/README.md +++ b/prow/cluster/README.md @@ -16,5 +16,5 @@ The structure of the folder looks as follows: └── static-files # Files that will be uploaded to the nginx web server. ``` -## Adding static files -All files added to the `static-files` folder are automatically uploaded by Prow config_updater plugin to the cluster in a ConfigMap. Uploaded files are mounted by the web server in the web root directory. To route traffic for a specific path to the nginx web server, in order to serve these files, update the ingress `tls-ing` configuration in `tls-ing_ingress.yaml`. +### Adding static files +All files added to the `static-files` folder are automatically uploaded by the Prow `config_updater` plugin to the cluster in a ConfigMap. Uploaded files are mounted by the web server in the web root directory. To route traffic for a specific path to the NGINX web server, in order to serve these files, update the Ingress `tls-ing` configuration in `tls-ing_ingress.yaml`.