Skip to content

feat: k8s support #18

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
vgpopov wants to merge 6 commits into
base: main
Choose a base branch
from
Open

feat: k8s support #18

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
824f58a
feat: k8s support
popoffvg Jan 12, 2026
9490b38
feat: remove workdir setup
popoffvg Jan 12, 2026
afa91a4
fix: linter
popoffvg Jan 12, 2026
a727b26
fix: main-root isn't set up
popoffvg Jan 13, 2026
37c75d2
fix: metrics for doesn't have properly configured rights
popoffvg Jan 16, 2026
cfadd87
feat: init container for shared PVC
popoffvg Jan 16, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
47 changes: 19 additions & 28 deletions charts/platforma/templates/_helpers.tpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,20 +67,14 @@ Returns the GCP service account to use, preferring explicit fields and falling b
{{- end -}}

# Gathers all *enabled* PVC configurations.
# Note: mainRoot is always included. workDir and packagesDir are subfolders within mainRoot.
{{- define "platforma.allPvcs" -}}
{{- $allPvcs := dict -}}
{{- if and .Values.persistence.mainRoot.enabled (not .Values.googleBatch.enabled) -}}
{{- $_ := set $allPvcs "main-root" .Values.persistence.mainRoot -}}
{{- else -}}
{{- if .Values.persistence.dbDir.enabled -}}
{{- $_ := set $allPvcs "db" .Values.persistence.dbDir -}}
{{- end -}}
{{- if and .Values.persistence.workDir.enabled (not .Values.googleBatch.enabled) -}}
{{- $_ := set $allPvcs "work" .Values.persistence.workDir -}}
{{- end -}}
{{- if and .Values.persistence.packagesDir.enabled (not .Values.googleBatch.enabled) -}}
{{- $_ := set $allPvcs "packages" .Values.persistence.packagesDir -}}
{{- end -}}
{{- /* mainRoot is always created */ -}}
{{- $_ := set $allPvcs "main-root" .Values.persistence.mainRoot -}}
{{- /* dbDir can optionally be a separate PVC */ -}}
{{- if .Values.persistence.dbDir.enabled -}}
{{- $_ := set $allPvcs "db" .Values.persistence.dbDir -}}
{{- end -}}

{{- if .Values.logging.persistence.enabled -}}
Expand Down Expand Up @@ -132,21 +126,12 @@ Returns the GCP service account to use, preferring explicit fields and falling b
{{/*
Validate Persistence Configuration
This helper enforces:
- If mainRoot.enabled is false, at least one of dbDir/workDir/packagesDir must be enabled
- If persistence section (mainRoot, dbDir, workDir, packagesDir), has non-empty existingClaim, new claim will not be created
- mainRoot is always enabled (always created)
- workDir and packagesDir are subfolders within mainRoot
- dbDir can optionally be a separate PVC
*/}}
{{- define "platforma.validatePersistence" -}}
{{- if not .Values.googleBatch.enabled -}}
{{- $p := .Values.persistence -}}
{{- if not $p.mainRoot.enabled -}}
{{- $db := $p.dbDir.enabled | default false -}}
{{- $work := $p.workDir.enabled | default false -}}
{{- $pkg := $p.packagesDir.enabled | default false -}}
{{- if not (or $db $work $pkg) -}}
{{- fail "Persistence misconfiguration: persistence.mainRoot.enabled is false, but none of persistence.dbDir/workDir/packagesDir are enabled." -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- /* mainRoot is always enabled, no validation needed */ -}}
{{- end -}}

{{/*
Expand Down Expand Up @@ -175,14 +160,13 @@ volumeMount definition with the correct name and mount path.
mountPath: {{ $pvc.mountPath }}
{{- end -}}
{{- end -}}

{{/*
Constructs a list of shared volumes that should be mounted into additional pods (i.e. Docker-in-Docker pod)
*/}}
{{- define "platforma.sharedVolumes" -}}
{{- $allPvcs := fromJson (include "platforma.allPvcs" .) -}}
{{- range $key, $pvc := $allPvcs }}
{{- if or (eq $key "main-root") (eq $key "work") }}
{{- if eq $key "main-root" }}
- name: {{ $key | trunc 63 | trimSuffix "-" }}
persistentVolumeClaim:
claimName: {{ $pvc.existingClaim | default (printf "%s-%s" (include "platforma.fullname" $) $key | trunc 63 | trimSuffix "-") | quote }}
Expand All @@ -197,7 +181,7 @@ additional pods (i.e. Docker-in-Docker pod)
{{- define "platforma.sharedVolumeMounts" -}}
{{- $allPvcs := fromJson (include "platforma.allPvcs" .) -}}
{{- range $key, $pvc := $allPvcs -}}
{{- if or (eq $key "main-root") (eq $key "work") }}
{{- if eq $key "main-root" }}
- name: {{ $key | trunc 63 | trimSuffix "-" }}
mountPath: {{ $pvc.mountPath }}
{{- end -}}
Expand Down Expand Up @@ -272,3 +256,10 @@ Use common resources section, overriding particular values if they are not empty

{{- toYaml $resources -}}
{{- end -}}

{{/*
Create the name of the platforma-data PVC.
*/}}
{{- define "platforma.platformaDataPvcName" -}}
{{- printf "%s-platforma-data" (include "platforma.fullname" .) -}}
{{- end -}}
70 changes: 47 additions & 23 deletions charts/platforma/templates/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,30 @@ spec:
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if and .Values.persistence.mainRoot.initDirsChown .Values.deployment.securityContext.runAsUser }}
initContainers:
- name: chown-volumes
image: "busybox:1.36"
imagePullPolicy: IfNotPresent
securityContext:
runAsUser: 0
runAsGroup: 0
runAsNonRoot: false
command:
- /bin/sh
- -c
- |
WORK_DIR="{{ .Values.persistence.mainRoot.mountPath }}/{{ .Values.persistence.mainRoot.workDirName }}"
PACKAGES_DIR="{{ .Values.persistence.mainRoot.mountPath }}/{{ .Values.persistence.mainRoot.packagesDirName }}"
USER_ID="{{ .Values.deployment.securityContext.runAsUser }}"
GROUP_ID="{{ .Values.deployment.securityContext.runAsGroup | default .Values.deployment.securityContext.runAsUser }}"

mkdir -p "$WORK_DIR" "$PACKAGES_DIR"
chown -R "$USER_ID:$GROUP_ID" "$WORK_DIR" "$PACKAGES_DIR"
echo "Changed ownership of $WORK_DIR and $PACKAGES_DIR to $USER_ID:$GROUP_ID"
volumeMounts:
{{- include "platforma.volumeMounts" . | nindent 12 }}
{{- end }}
containers:
- name: {{ .Chart.Name }}
{{- with .Values.deployment.securityContext }}
Expand All @@ -65,24 +89,15 @@ spec:
{{- end }}
{{- end }}
# Local Storage
{{- if .Values.persistence.mainRoot.enabled }}
# mainRoot is always created
- "--main-root={{ .Values.persistence.mainRoot.mountPath }}"
{{- else }}
# workDir and packagesDir are subfolders within mainRoot
- "--work-dir={{ .Values.persistence.mainRoot.mountPath }}/{{ .Values.persistence.mainRoot.workDirName }}"
- "--packages-dir={{ .Values.persistence.mainRoot.mountPath }}/{{ .Values.persistence.mainRoot.packagesDirName }}"
# dbDir can optionally be a separate PVC
{{- if .Values.persistence.dbDir.enabled }}
- "--db-dir={{ .Values.persistence.dbDir.mountPath }}"
{{- end }}
{{- if .Values.googleBatch.enabled }}
- "--work-dir={{ .Values.googleBatch.volumes.mountPath }}/{{ .Values.googleBatch.volumes.workDirName }}"
- "--packages-dir={{ .Values.googleBatch.volumes.mountPath }}/{{ .Values.googleBatch.volumes.packagesDirName }}"
{{- else }}
{{- if .Values.persistence.workDir.enabled }}
- "--work-dir={{ .Values.persistence.workDir.mountPath }}"
{{- end }}
{{- if .Values.persistence.packagesDir.enabled }}
- "--packages-dir={{ .Values.persistence.packagesDir.mountPath }}"
{{- end }}
{{- end }}
{{- end }}
# Listen Options
- "--listen-address={{ .Values.listenOptions.ip }}"
- "--listen-port={{ .Values.listenOptions.port }}"
Expand Down Expand Up @@ -297,19 +312,37 @@ spec:
- "--debug-ip={{ .Values.listenOptions.ip }}"
- "--debug-port={{ .Values.debug.port }}"
{{- end }}
# Docker Options
{{- if .Values.docker.enabled }}
{{- $dockerResources := fromYaml (include "platforma.dockerResources" .) }}
- "--runner-enable-docker"
{{- if $dockerResources.limits.cpu }}
- "--runner-local-cpu={{ include "platforma.parseCpuToWholeCpus" $dockerResources.limits.cpu }}"
{{- end }}
{{- if $dockerResources.limits.memory }}
- "--runner-local-ram={{ $dockerResources.limits.memory }}"
{{- end }}
Comment on lines 316 to +324
Copy link
Copy Markdown

@gemini-code-assist gemini-code-assist bot Jan 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

The --runner-local-cpu and --runner-local-ram arguments are no longer being passed when docker.enabled is true. This removes the ability to configure CPU and RAM limits for the Docker runner via these arguments. Please confirm if this removal is intentional, or if these parameters are now configured through a different mechanism for Kubernetes support.

{{- end }}
{{- if .Values.gcp.gar }}
- "--google-artifact-registry={{ .Values.gcp.gar }}"
- "--default-docker-registry={{ .Values.gcp.gar }}"
{{- end -}}
{{- if .Values.assetsRegistry }}
- "--assets-registry-url={{ .Values.assetsRegistry }}"
{{- end -}}
{{- if .Values.k8s.enabled }}
{{- if .Values.persistence.mainRoot.existingClaim }}
- "--k8s-pvc-name={{ .Values.persistence.mainRoot.existingClaim }}"
{{- else }}
- "--k8s-pvc-name={{ printf "%s-main-root" (include "platforma.fullname" .) }}"
{{- end }}
- "--k8s-work-dir-name={{ .Values.persistence.mainRoot.workDirName }}"
- "--k8s-storage-location={{ .Values.persistence.mainRoot.mountPath }}"
{{- end -}}
{{- if hasPrefix "dir://" .Values.logging.destination }}
- "--monitoring-dump-dir={{ trimPrefix "dir://" .Values.logging.destination }}"
{{- end }}

# Extra Arguments
{{- range .Values.extraArgs }}
- {{ . | quote }}
Expand Down Expand Up @@ -422,10 +455,6 @@ spec:
# -- A list of volume mounts for the application container.
# This is automatically populated based on your persistence settings.
volumeMounts:
{{- if and .Values.googleBatch.enabled .Values.googleBatch.volumes.enabled }}
- name: {{ .Values.googleBatch.volumes.name }}
mountPath: {{ .Values.googleBatch.volumes.mountPath }}
{{- end }}
{{- if and .Values.googleBatch.enabled .Values.googleBatch.customJobTemplate.enabled .Values.googleBatch.customJobTemplate.configMap.name }}
- name: google-batch-custom-job-template-cm
mountPath: "/etc/platforma/templates/google-batch-custom-job-template-cm"
Expand Down Expand Up @@ -495,11 +524,6 @@ spec:
# -- Volumes for the pod.
# This is automatically populated based on your persistence settings.
volumes:
{{- if and .Values.googleBatch.enabled .Values.googleBatch.volumes.enabled }}
- name: {{ .Values.googleBatch.volumes.name }}
persistentVolumeClaim:
claimName: {{ .Values.googleBatch.volumes.existingClaim | default (printf "%s-google-batch" (include "platforma.fullname" .)) }}
{{- end -}}
{{- if and .Values.googleBatch.enabled .Values.googleBatch.customJobTemplate.enabled .Values.googleBatch.customJobTemplate.configMap.name }}
- name: google-batch-custom-job-template-cm
configMap:
Expand Down
17 changes: 0 additions & 17 deletions charts/platforma/templates/pvc-google-batch.yaml
View file
Open in desktop

This file was deleted.

Loading