allow name overrides in pods

[avimoondra]

Enable internal Retool to align service names with Cloud Prod, for DD dashboards shared across env

---

before the change

without custom names:

helm template -f ~/retool-helm/charts/retool/values.yaml retool ~/retool-helm/charts/retool --set config.encryptionKey="foo" --set image.tag="5.6.10" --set codeExecutor.image.tag="5.6.10" --set codeExecutor.enabled=true | rg retool- -C 2

kind: Secret
metadata:
  name: retool-postgresql
  namespace: "default"
  labels:
--
  name: retool
  labels:
    helm.sh/chart: retool-6.0.13
    app.kubernetes.io/name: retool
    app.kubernetes.io/instance: retool
--
kind: Service
metadata:
  name: retool-postgresql-hl
  namespace: "default"
  labels:
--
kind: Service
metadata:
  name: retool-postgresql
  namespace: "default"
  labels:
--
kind: Service
metadata:
  name: retool-code-executor
spec:
  selector:
    retoolService: retool-code-executor
  ports:
  - protocol: TCP
--
kind: Service
metadata:
  name: retool-workflow-backend
spec:
  selector:
    retoolService: retool-workflow-backend
  ports:
  - protocol: TCP
--
kind: Service
metadata:
  name: retool-workflow-worker
spec:
  selector:
    retoolService: retool-workflow-worker
  ports:
  - protocol: TCP
--
metadata:
  labels:
    helm.sh/chart: retool-6.0.13
    app.kubernetes.io/name: retool
    app.kubernetes.io/instance: retool
--
  name: retool
  labels:
    helm.sh/chart: retool-6.0.13
    app.kubernetes.io/name: retool
    app.kubernetes.io/instance: retool
--
          - bash
          - -c
          - chmod -R +x ./docker_scripts; sync; ./docker_scripts/wait-for-it.sh -t 0 "retool-postgresql":"5432"; ./docker_scripts/start_api.sh
        env:
          - name: NODE_ENV
--
            value: "false"
          - name: POSTGRES_HOST
            value: "retool-postgresql"
          - name: POSTGRES_PORT
            value: "5432"
--
            value: "false"
          - name: WORKFLOW_BACKEND_HOST
            value: http://retool-workflow-backend
          - name: CODE_EXECUTOR_INGRESS_DOMAIN
            value: http://retool-code-executor
          - name: LICENSE_KEY
            valueFrom:
--
            valueFrom:
              secretKeyRef:
                name: retool-postgresql
                # `postgres` is the default admin username for postgres in the subchart we use, so it needs the admin password
                # if a different username is picked, then it needs the custom password instead.
--
kind: Deployment
metadata:
  name: retool-code-executor
  labels:
    retoolService: retool-code-executor
    helm.sh/chart: retool-6.0.13
    app.kubernetes.io/name: retool
    app.kubernetes.io/instance: retool
--
  selector:
    matchLabels:
      retoolService: retool-code-executor
  revisionHistoryLimit: 3
  template:
    metadata:
      annotations:
        prometheus.io/job: retool-code-executor
        prometheus.io/scrape: 'true'
        prometheus.io/port: '9090'
      labels:
        retoolService: retool-code-executor
    spec:
      serviceAccountName: retool
--
kind: Deployment
metadata:
  name: retool-jobs-runner
  labels:
    helm.sh/chart: retool-6.0.13
    app.kubernetes.io/name: retool
    app.kubernetes.io/instance: retool
--
  selector:
    matchLabels:
      app.kubernetes.io/name: retool-jobs-runner
      app.kubernetes.io/instance: retool
  revisionHistoryLimit: 3
--
      annotations:
      labels:
        app.kubernetes.io/name: retool-jobs-runner
        app.kubernetes.io/instance: retool
    spec:
--
          - bash
          - -c
          - chmod -R +x ./docker_scripts; sync; ./docker_scripts/wait-for-it.sh -t 0 "retool-postgresql":"5432"; ./docker_scripts/start_api.sh
        env:
          - name: NODE_ENV
--
            value: "false"
          - name: POSTGRES_HOST
            value: "retool-postgresql"
          - name: POSTGRES_PORT
            value: "5432"
--
            valueFrom:
              secretKeyRef:
                name: retool-postgresql
                key: postgres-password
          - name: CLIENT_SECRET
--
kind: Deployment
metadata:
  name: retool-workflow-backend
  labels:
    retoolService: retool-workflow-backend
    helm.sh/chart: retool-6.0.13
    app.kubernetes.io/name: retool
    app.kubernetes.io/instance: retool
--
  selector:
    matchLabels:
      retoolService: retool-workflow-backend
  revisionHistoryLimit: 3
  template:
--
      annotations:
      labels:
        retoolService: retool-workflow-backend
    spec:
      serviceAccountName: retool
--
          - bash
          - -c
          - chmod -R +x ./docker_scripts; sync; ./docker_scripts/wait-for-it.sh -t 0 "retool-postgresql":"5432"; ./docker_scripts/start_api.sh
        env:
          - name: NODE_ENV
--
            value: "false"
          - name: POSTGRES_HOST
            value: "retool-postgresql"
          - name: POSTGRES_PORT
            value: "5432"
--
            value: "false"
          - name: WORKFLOW_BACKEND_HOST
            value: http://retool-workflow-backend
          - name: CODE_EXECUTOR_INGRESS_DOMAIN
            value: http://retool-code-executor
          - name: LICENSE_KEY
            valueFrom:
--
            valueFrom:
              secretKeyRef:
                name: retool-postgresql
                key: postgres-password
          - name: CLIENT_SECRET
--
kind: Deployment
metadata:
  name: retool-workflow-worker
  labels:
    retoolService: retool-workflow-worker
    helm.sh/chart: retool-6.0.13
    app.kubernetes.io/name: retool
    app.kubernetes.io/instance: retool
--
  selector:
    matchLabels:
      retoolService: retool-workflow-worker
  revisionHistoryLimit: 3
  template:
    metadata:
      annotations:
        prometheus.io/job: retool-workflow-worker
        prometheus.io/scrape: 'true'
        prometheus.io/port: '9090'
      labels:
        retoolService: retool-workflow-worker
    spec:
      serviceAccountName: retool
--
          - bash
          - -c
          - chmod -R +x ./docker_scripts; sync; ./docker_scripts/wait-for-it.sh -t 0 "retool-postgresql":"5432"; ./docker_scripts/start_api.sh
        env:
          - name: NODE_ENV
--
            value: "3005"
          - name: WORKFLOW_BACKEND_HOST
            value: http://retool-workflow-backend
          - name: CLIENT_ID
            value:
--
            value: "false"
          - name: POSTGRES_HOST
            value: "retool-postgresql"
          - name: POSTGRES_PORT
            value: "5432"
--
            value: "false"
          - name: CODE_EXECUTOR_INGRESS_DOMAIN
            value: http://retool-code-executor
          - name: LICENSE_KEY
            valueFrom:
--
            valueFrom:
              secretKeyRef:
                name: retool-postgresql
                key: postgres-password
          - name: CLIENT_SECRET
--
kind: StatefulSet
metadata:
  name: retool-postgresql
  namespace: "default"
  labels:
--
spec:
  replicas: 1
  serviceName: retool-postgresql-hl
  updateStrategy:
    rollingUpdate: {}
--
  template:
    metadata:
      name: retool-postgresql
      labels:
        app.kubernetes.io/name: postgresql
--
              valueFrom:
                secretKeyRef:
                  name: retool-postgresql
                  key: postgres-password
            - name: POSTGRES_DB
--
metadata:
  labels:
    helm.sh/chart: retool-6.0.13
    app.kubernetes.io/name: retool
    app.kubernetes.io/instance: retool

after the change

without custom names (no difference):

helm template -f ~/retool-helm/charts/retool/values.yaml retool ~/retool-helm/charts/retool --set config.encryptionKey="foo" --set image.tag="5.6.10" --set codeExecutor.image.tag="5.6.10" --set codeExecutor.enabled=true | rg retool- -C 2

kind: Secret
metadata:
  name: retool-postgresql
  namespace: "default"
  labels:
--
  name: retool
  labels:
    helm.sh/chart: retool-6.0.14
    app.kubernetes.io/name: retool
    app.kubernetes.io/instance: retool
--
kind: Service
metadata:
  name: retool-postgresql-hl
  namespace: "default"
  labels:
--
kind: Service
metadata:
  name: retool-postgresql
  namespace: "default"
  labels:
--
kind: Service
metadata:
  name: retool-code-executor
spec:
  selector:
    retoolService: retool-code-executor
  ports:
  - protocol: TCP
--
kind: Service
metadata:
  name: retool-workflow-backend
spec:
  selector:
    retoolService: retool-workflow-backend
  ports:
  - protocol: TCP
--
kind: Service
metadata:
  name: retool-workflow-worker
spec:
  selector:
    retoolService: retool-workflow-worker
  ports:
  - protocol: TCP
--
metadata:
  labels:
    helm.sh/chart: retool-6.0.14
    app.kubernetes.io/name: retool
    app.kubernetes.io/instance: retool
--
  name: retool
  labels:
    helm.sh/chart: retool-6.0.14
    app.kubernetes.io/name: retool
    app.kubernetes.io/instance: retool
--
          - bash
          - -c
          - chmod -R +x ./docker_scripts; sync; ./docker_scripts/wait-for-it.sh -t 0 "retool-postgresql":"5432"; ./docker_scripts/start_api.sh
        env:
          - name: NODE_ENV
--
            value: "false"
          - name: POSTGRES_HOST
            value: "retool-postgresql"
          - name: POSTGRES_PORT
            value: "5432"
--
            value: "false"
          - name: WORKFLOW_BACKEND_HOST
            value: http://retool-workflow-backend
          - name: CODE_EXECUTOR_INGRESS_DOMAIN
            value: http://retool-code-executor
          - name: LICENSE_KEY
            valueFrom:
--
            valueFrom:
              secretKeyRef:
                name: retool-postgresql
                # `postgres` is the default admin username for postgres in the subchart we use, so it needs the admin password
                # if a different username is picked, then it needs the custom password instead.
--
kind: Deployment
metadata:
  name: retool-code-executor
  labels:
    retoolService: retool-code-executor
    helm.sh/chart: retool-6.0.14
    app.kubernetes.io/name: retool
    app.kubernetes.io/instance: retool
--
  selector:
    matchLabels:
      retoolService: retool-code-executor
  revisionHistoryLimit: 3
  template:
    metadata:
      annotations:
        prometheus.io/job: retool-code-executor
        prometheus.io/scrape: 'true'
        prometheus.io/port: '9090'
      labels:
        retoolService: retool-code-executor
    spec:
      serviceAccountName: retool
--
kind: Deployment
metadata:
  name: retool-jobs-runner
  labels:
    helm.sh/chart: retool-6.0.14
    app.kubernetes.io/name: retool
    app.kubernetes.io/instance: retool
--
  selector:
    matchLabels:
      app.kubernetes.io/name: retool-jobs-runner
      app.kubernetes.io/instance: retool
  revisionHistoryLimit: 3
--
      annotations:
      labels:
        app.kubernetes.io/name: retool-jobs-runner
        app.kubernetes.io/instance: retool
    spec:
--
          - bash
          - -c
          - chmod -R +x ./docker_scripts; sync; ./docker_scripts/wait-for-it.sh -t 0 "retool-postgresql":"5432"; ./docker_scripts/start_api.sh
        env:
          - name: NODE_ENV
--
            value: "false"
          - name: POSTGRES_HOST
            value: "retool-postgresql"
          - name: POSTGRES_PORT
            value: "5432"
--
            valueFrom:
              secretKeyRef:
                name: retool-postgresql
                key: postgres-password
          - name: CLIENT_SECRET
--
kind: Deployment
metadata:
  name: retool-workflow-backend
  labels:
    retoolService: retool-workflow-backend
    helm.sh/chart: retool-6.0.14
    app.kubernetes.io/name: retool
    app.kubernetes.io/instance: retool
--
  selector:
    matchLabels:
      retoolService: retool-workflow-backend
  revisionHistoryLimit: 3
  template:
--
      annotations:
      labels:
        retoolService: retool-workflow-backend
    spec:
      serviceAccountName: retool
--
          - bash
          - -c
          - chmod -R +x ./docker_scripts; sync; ./docker_scripts/wait-for-it.sh -t 0 "retool-postgresql":"5432"; ./docker_scripts/start_api.sh
        env:
          - name: NODE_ENV
--
            value: "false"
          - name: POSTGRES_HOST
            value: "retool-postgresql"
          - name: POSTGRES_PORT
            value: "5432"
--
            value: "false"
          - name: WORKFLOW_BACKEND_HOST
            value: http://retool-workflow-backend
          - name: CODE_EXECUTOR_INGRESS_DOMAIN
            value: http://retool-code-executor
          - name: LICENSE_KEY
            valueFrom:
--
            valueFrom:
              secretKeyRef:
                name: retool-postgresql
                key: postgres-password
          - name: CLIENT_SECRET
--
kind: Deployment
metadata:
  name: retool-workflow-worker
  labels:
    retoolService: retool-workflow-worker
    helm.sh/chart: retool-6.0.14
    app.kubernetes.io/name: retool
    app.kubernetes.io/instance: retool
--
  selector:
    matchLabels:
      retoolService: retool-workflow-worker
  revisionHistoryLimit: 3
  template:
    metadata:
      annotations:
        prometheus.io/job: retool-workflow-worker
        prometheus.io/scrape: 'true'
        prometheus.io/port: '9090'
      labels:
        retoolService: retool-workflow-worker
    spec:
      serviceAccountName: retool
--
          - bash
          - -c
          - chmod -R +x ./docker_scripts; sync; ./docker_scripts/wait-for-it.sh -t 0 "retool-postgresql":"5432"; ./docker_scripts/start_api.sh
        env:
          - name: NODE_ENV
--
            value: "3005"
          - name: WORKFLOW_BACKEND_HOST
            value: http://retool-workflow-backend
          - name: CLIENT_ID
            value:
--
            value: "false"
          - name: POSTGRES_HOST
            value: "retool-postgresql"
          - name: POSTGRES_PORT
            value: "5432"
--
            value: "false"
          - name: CODE_EXECUTOR_INGRESS_DOMAIN
            value: http://retool-code-executor
          - name: LICENSE_KEY
            valueFrom:
--
            valueFrom:
              secretKeyRef:
                name: retool-postgresql
                key: postgres-password
          - name: CLIENT_SECRET
--
kind: StatefulSet
metadata:
  name: retool-postgresql
  namespace: "default"
  labels:
--
spec:
  replicas: 1
  serviceName: retool-postgresql-hl
  updateStrategy:
    rollingUpdate: {}
--
  template:
    metadata:
      name: retool-postgresql
      labels:
        app.kubernetes.io/name: postgresql
--
              valueFrom:
                secretKeyRef:
                  name: retool-postgresql
                  key: postgres-password
            - name: POSTGRES_DB
--
metadata:
  labels:
    helm.sh/chart: retool-6.0.14
    app.kubernetes.io/name: retool
    app.kubernetes.io/instance: retool

with custom names:

helm template -f ~/retool-helm/charts/retool/values.yaml retool ~/retool-helm/charts/retool --set config.encryptionKey="foo" --set image.tag="5.6.10" --set codeExecutor.image.tag="5.6.10" --set codeExecutor.enabled=true --set codeExecutor.name=customName1 --set jobRunner.name=customName2 --set backend.name=customName3 --set workflows.worker.name=customName4 --set workflows.backend.name=customName5 | rg custom -C 3

apiVersion: v1
kind: Service
metadata:
  name: customName1
spec:
  selector:
    retoolService: customName1
  ports:
  - protocol: TCP
    port: 80
--
apiVersion: v1
kind: Service
metadata:
  name: customName5
spec:
  selector:
    retoolService: customName5
  ports:
  - protocol: TCP
    port: 80
--
apiVersion: v1
kind: Service
metadata:
  name: customName4
spec:
  selector:
    retoolService: customName4
  ports:
  - protocol: TCP
    port: 3005
--
apiVersion: apps/v1
kind: Deployment
metadata:
  name: customName3
  labels:
    helm.sh/chart: retool-6.0.14
    app.kubernetes.io/name: retool
--
          - name: POSTGRES_SSL_ENABLED
            value: "false"
          - name: WORKFLOW_BACKEND_HOST
            value: http://customName5
          - name: CODE_EXECUTOR_INGRESS_DOMAIN
            value: http://customName1
          - name: LICENSE_KEY
            valueFrom:
              secretKeyRef:
                name: customName3
                key: license-key
          - name: JWT_SECRET
            valueFrom:
              secretKeyRef:
                name: customName3
                key: jwt-secret
          - name: ENCRYPTION_KEY
            valueFrom:
              secretKeyRef:
                name: customName3
                key: encryption-key
          - name: POSTGRES_PASSWORD
            valueFrom:
              secretKeyRef:
                name: retool-postgresql
                # `postgres` is the default admin username for postgres in the subchart we use, so it needs the admin password
                # if a different username is picked, then it needs the custom password instead.
                key: postgres-password
          - name: CLIENT_SECRET
            valueFrom:
              secretKeyRef:
                name: customName3
                key: google-client-secret
        ports:
        - containerPort: 3000
--
apiVersion: apps/v1
kind: Deployment
metadata:
  name: customName1
  labels:
    retoolService: customName1
    helm.sh/chart: retool-6.0.14
    app.kubernetes.io/name: retool
    app.kubernetes.io/instance: retool
--
  replicas: 1
  selector:
    matchLabels:
      retoolService: customName1
  revisionHistoryLimit: 3
  template:
    metadata:
      annotations:
        prometheus.io/job: customName1
        prometheus.io/scrape: 'true'
        prometheus.io/port: '9090'
      labels:
        retoolService: customName1
    spec:
      serviceAccountName: retool
      containers:
--
apiVersion: apps/v1
kind: Deployment
metadata:
  name: customName2
  labels:
    helm.sh/chart: retool-6.0.14
    app.kubernetes.io/name: retool
--
  replicas: 1
  selector:
    matchLabels:
      app.kubernetes.io/name: customName2
      app.kubernetes.io/instance: retool
  revisionHistoryLimit: 3
  template:
    metadata:
      annotations:
      labels:
        app.kubernetes.io/name: customName2
        app.kubernetes.io/instance: retool
    spec:
      serviceAccountName: retool
--
apiVersion: apps/v1
kind: Deployment
metadata:
  name: customName5
  labels:
    retoolService: customName5
    helm.sh/chart: retool-6.0.14
    app.kubernetes.io/name: retool
    app.kubernetes.io/instance: retool
--
  replicas: 1
  selector:
    matchLabels:
      retoolService: customName5
  revisionHistoryLimit: 3
  template:
    metadata:
      annotations:
      labels:
        retoolService: customName5
    spec:
      serviceAccountName: retool
      containers:
--
          - name: POSTGRES_SSL_ENABLED
            value: "false"
          - name: WORKFLOW_BACKEND_HOST
            value: http://customName5
          - name: CODE_EXECUTOR_INGRESS_DOMAIN
            value: http://customName1
          - name: LICENSE_KEY
            valueFrom:
              secretKeyRef:
--
apiVersion: apps/v1
kind: Deployment
metadata:
  name: customName4
  labels:
    retoolService: customName4
    helm.sh/chart: retool-6.0.14
    app.kubernetes.io/name: retool
    app.kubernetes.io/instance: retool
--
  replicas: 1
  selector:
    matchLabels:
      retoolService: customName4
  revisionHistoryLimit: 3
  template:
    metadata:
      annotations:
        prometheus.io/job: customName4
        prometheus.io/scrape: 'true'
        prometheus.io/port: '9090'
      labels:
        retoolService: customName4
    spec:
      serviceAccountName: retool
      containers:
--
          - name: WORKFLOW_WORKER_HEALTHCHECK_PORT
            value: "3005"
          - name: WORKFLOW_BACKEND_HOST
            value: http://customName5
          - name: CLIENT_ID
            value:
          - name: COOKIE_INSECURE
--
          - name: POSTGRES_SSL_ENABLED
            value: "false"
          - name: CODE_EXECUTOR_INGRESS_DOMAIN
            value: http://customName1
          - name: LICENSE_KEY
            valueFrom:
              secretKeyRef:

[avimoondra]

cc @ryanartecona @KnlnKS (thanks for the discussion and review!)

Before

Changed values

diff --git a/helm/internal-tools/internal-onprem/onprem-instances/values.avi-test.retool.dev.yaml b/helm/internal-tools/internal-onprem/onprem-instances/values.avi-test.retool.dev.yaml
index 22eb17ab98..285a4af396 100644
--- a/helm/internal-tools/internal-onprem/onprem-instances/values.avi-test.retool.dev.yaml
+++ b/helm/internal-tools/internal-onprem/onprem-instances/values.avi-test.retool.dev.yaml
@@ -5,12 +5,25 @@ image:
   tag: "3.24.14"
   pullPolicy: "Always"

+backend:
+  name: backend-avi
+
+replicaCount: 2
+
+jobsRunner:
+  name: jobs-runner-avi
+
 workflows:
   enabled: true
   temporal:
     enabled: false
+  backend:
+    name: workflow-backend-avi
+  worker:
+    name: workflow-temporal-worker-avi

 codeExecutor:
+  name: code-executor-avi
   enabled: true
   image:
     tag: "3.24.14"

Ran command

helm upgrade --install -f ~/retool-k8s/helm/internal-tools/internal-onprem/onprem-instances/values.base.yaml -f ~/retool-k8s/helm/internal-tools/internal-onprem/onprem-instances/values.avi-test.retool.dev.yaml avi-test ~/retool-helm/charts/retool

After

          - name: JWT_SECRET
            valueFrom:
              secretKeyRef:
                {{- if .Values.config.jwtSecretSecretName }}
                name: {{ .Values.config.jwtSecretSecretName }}
                key: {{ .Values.config.jwtSecretSecretKey | default "jwt-secret" }}
                {{- else }}
                name: {{ template "retool.backend.name" . }}
                key: jwt-secret
                {{- end }}

So I've removed those changes to secret locations (https://github.com/tryretool/retool-helm/pull/143/commits/b37160e9a491f51f704a0bb0aaafc0b8d044b556), and we're all good: