Skip to content

CodeScoring.Save PostgreSQL Installation

PostgreSQL installation is intended for production use, larger teams, availability requirements, scaling, and performance requirements.

Preparing Infrastructure

PostgreSQL

By default, PostgreSQL is deployed as a Helm chart dependency. To use it, enable postgres.enabled=true in values.yaml and set connection parameters:

postgres:
  enabled: true
  fullnameOverride: postgres
  auth:
    database: save_db
    username: save_user
    password: <STRONG_PASSWORD>

When built-in PostgreSQL is used, backend and auth must connect to host postgres.

For external PostgreSQL, disable the built-in dependency:

postgres:
  enabled: false

Then set the external PostgreSQL host in DATABASE_HOST for backend and auth.

Prepare the database and user in external PostgreSQL:

CREATE DATABASE save_db;
CREATE USER save_user WITH PASSWORD '<STRONG_PASSWORD>';
GRANT ALL PRIVILEGES ON DATABASE save_db TO save_user;

Object Storage

By default, MinIO is deployed as a Helm chart dependency. To use it, enable minio.enabled=true in values.yaml. The service will be available as save-minio.

minio:
  enabled: true
  fullnameOverride: save-minio
  auth:
    rootUser: <ACCESS_KEY>
    rootPassword: <SECRET_KEY>
  provisioning:
    enabled: true
    buckets:
      - save

For built-in MinIO, use endpoint http://minio.example.com:9000 in app.envs, and S3_BUCKET must match the bucket from minio.provisioning.buckets.

For external S3-compatible storage, disable built-in MinIO:

minio:
  enabled: false

Then set S3_ENDPOINT, S3_BUCKET, S3_ACCESS_KEY, and S3_SECRET_KEY in app.envs.

CodeScoring.Save Configuration

Use the base values.yaml from the chart and change the required parameters.

Auth container overrides

Do not create a separate minimal override only with app.deployments.auth.containers, because containers is a list and Helm can replace the whole container block.

For built-in PostgreSQL and MinIO, use these values:

app:
  envs:
    DATABASE_DRIVER: postgres
    DATABASE_HOST: postgres
    DATABASE_PORT: "5432"
    DATABASE_NAME: save_db
    DATABASE_USER: save_user
    DATABASE_PASSWORD: <STRONG_PASSWORD>

    STORAGE_TYPE: s3
    S3_ENDPOINT: http://minio.example.com:9000
    S3_BUCKET: save
    S3_ACCESS_KEY: <ACCESS_KEY>
    S3_SECRET_KEY: <SECRET_KEY>

    AUTH_SERVICE_URL: http://cs-auth.example.com:9100
    AUTH_JWKS_URL: http://cs-auth.example.com:9100/internal/v1/jwks
    AUTH_INTERNAL_SECRET: <STRONG_SECRET>

postgres:
  enabled: true
  fullnameOverride: postgres
  auth:
    database: save_db
    username: save_user
    password: <STRONG_PASSWORD>

minio:
  enabled: true
  fullnameOverride: save-minio
  auth:
    rootUser: <ACCESS_KEY>
    rootPassword: <SECRET_KEY>
  provisioning:
    enabled: true
    buckets:
      - save

For the auth service, change values in the existing app.deployments.auth.containers[0].env block. Env is defined as a name/value list:

app:
  deployments:
    auth:
      containers:
        - name: auth
          env:
            - name: ENVIRONMENT
              value: production
            - name: LOG_LEVEL
              value: info
            - name: LOG_FORMAT
              value: json
            - name: LOG_OUTPUT
              value: stdout

            - name: DATABASE_DRIVER
              value: postgres
            - name: DATABASE_HOST
              value: postgres
            - name: DATABASE_PORT
              value: "5432"
            - name: DATABASE_NAME
              value: save_db
            - name: DATABASE_USER
              value: save_user
            - name: DATABASE_PASSWORD
              value: <STRONG_PASSWORD>
            - name: DATABASE_SSL_MODE
              value: disable

            - name: AUTH_PORT
              value: "9100"
            - name: AUTH_ADMIN_PASSWORD
              value: <STRONG_PASSWORD>
            - name: AUTH_JWT_EXPIRY
              value: "900"
            - name: AUTH_REFRESH_TOKEN_TTL
              value: "604800"
            - name: AUTH_REFRESH_ABSOLUTE_TTL
              value: "2592000"
            - name: AUTH_REFRESH_SLIDING
              value: "true"
            - name: AUTH_DOCKER_TOKEN_EXPIRY
              value: "300"
            - name: AUTH_INTERNAL_SECRET
              value: <STRONG_SECRET>

The AUTH_INTERNAL_SECRET value must match for backend and auth.

Installation

helm install codescoring-save codescoring/save \
  --namespace codescoring-save \
  --create-namespace \
  --values values.yaml

Installation Check

# Check pod status
kubectl get pods -n codescoring-save -w

# Check all resources
kubectl get all -n codescoring-save

# Check backend logs
kubectl logs -n codescoring-save -l app=backend --tail=100

# Check auth logs
kubectl logs -n codescoring-save -l app=auth --tail=100

# Check frontend logs
kubectl logs -n codescoring-save -l app=frontend --tail=100

# Check readiness
kubectl get pods -n codescoring-save -o wide

Next Steps

After installation:

  1. Create the first repository
  2. Configure cleanup policies
  3. Create users and assign roles
Страница была полезна?