Thusara nginx service service

[Tee-S]

Summary by CodeRabbit

• New Features
  • Introduced a Helm chart for deploying an NGINX service on Kubernetes, including deployment and service templates with configurable image, resources, and service type.
  • Added default configuration values for the NGINX service, supporting resource limits, autoscaling, and custom labels.
  • Enabled integration of the NGINX service into the gamma environment with tailored resource settings and application management.
• Chores
  • Included ignore files and helper templates to streamline chart packaging and maintain consistent naming conventions.

[coderabbitai]

Walkthrough

A new Helm chart for deploying an NGINX service on Kubernetes was introduced, including chart metadata, templates, and default values. Supporting configuration files and templates were added for the gamma environment, and the environment rendering pipeline was updated to support the new service. The NGINX service is initially disabled in the environment configuration.

Changes

File(s)	Change Summary
charts/nginx-service/.helmignore	Added Helm ignore patterns for packaging.
charts/nginx-service/Chart.yaml	Created Helm chart definition with metadata and dependency on Bitnami nginx.
charts/nginx-service/templates/_helpers.tpl	Added reusable Helm template helpers for naming, labels, and Datadog tags.
charts/nginx-service/templates/deployment.yaml	Added Deployment template for NGINX with monitoring annotations and configurable settings.
charts/nginx-service/templates/service.yaml	Added Service template exposing port 80 with dynamic type and selectors.
charts/nginx-service/values.yaml	Introduced default configuration values for the NGINX Helm chart.
environments/gamma/rendered/app-of-apps.yaml	Registered nginx-service application entry (disabled) in the gamma environment.
environments/gamma/rendered/nginx-service.yaml	Added rendered configuration for NGINX service image and resources in gamma environment.
environments/gamma/values.yaml	Added nginxService config block and appended nginx-service to applications (disabled) in gamma environment values.
templates/environment.py	Added 'nginx-service' to the list of templates processed by the environment rendering script.
templates/nginx-service.j2	Created Jinja2 template for injecting image tag and resource specs for NGINX service.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant Helm
    participant Kubernetes
    participant NGINX Pod

    User->>Helm: Install nginx-service chart
    Helm->>Kubernetes: Deploy Deployment and Service manifests
    Kubernetes->>NGINX Pod: Create pods with specified image and resources
    Kubernetes->>User: Expose NGINX via Service

Loading

Poem

In gamma fields, a chart appears,
NGINX now deploys—let’s all cheer!
With templates, values, helpers too,
Configs and labels, shiny and new.
Though disabled for now, it’s ready to run—
A rabbit’s hop closer to Kubernetes fun! 🐇

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 3

🔭 Outside diff range comments (1)

templates/environment.py (1)

10-15: 🛠️ Refactor suggestion

Duplicate 'cert-manager' entry inflates render loop

'cert-manager' appears twice in TEMPLATE_NAMES. The script renders the same template twice, printing duplicate log lines and performing redundant I/O.

-  'cert-manager', 
...
-  'cert-manager',

Remove one of them (keeping the original order) or convert the collection to a set before the loop to guarantee uniqueness.

🧹 Nitpick comments (5)

charts/nginx-service/Chart.yaml (1)

26-29: Lock dependency digest or minor version to avoid breaking upgrades

bitnami/nginx moves quickly. Consider pinning version: ~20.1 (tilde-range) or a specific patch version and/or using repository: oci://… with an immutable digest to guarantee reproducible builds.

environments/gamma/values.yaml (1)

68-77: Remove trailing whitespace and quote the tag
Line 69 has trailing spaces that strict YAML parsers will reject. Also quote the latest tag for consistency:

-  image: 
+  image:
     tag: "latest"

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 69-69: trailing spaces

(trailing-spaces)

charts/nginx-service/templates/deployment.yaml (2)

10-11: Consider a rolling update strategy
Recreate causes downtime by killing all pods at once. For high availability, switch to RollingUpdate with sensible maxSurge/maxUnavailable settings.

---

42-43: Make serviceAccountName configurable
Hard-coding main-service-account reduces chart reusability. Introduce a serviceAccountName key in values.yaml and use {{ .Values.serviceAccountName }} here.

charts/nginx-service/templates/_helpers.tpl (1)

33-35: Make ddTags resilient & reuse the helper-generated service name

$.Values.global.environmentName is assumed to be always set.
If the chart is rendered stand-alone (outside the umbrella chart that injects the global block) the lookup will be <no value> and the render will abort.

While touching the helper, you can also avoid hard-coding "nginx-service" by reusing the nginx-service.name helper, keeping things DRY when nameOverride / fullnameOverride are used.

-{{- define "nginx-service.ddTags" -}}
-{{- printf "env:%s, service:%s" $.Values.global.environmentName "nginx-service" }}
-{{- end }}
+{{- define "nginx-service.ddTags" -}}
+{{- $env     := default "unknown" $.Values.global.environmentName -}}
+{{- $service := include "nginx-service.name" . -}}
+{{- printf "env:%s, service:%s" $env $service }}
+{{- end }}

This keeps template rendering failure-proof and honours chart overrides.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 590713a and 7735105.

⛔ Files ignored due to path filters (1)

• charts/nginx-service/Chart.lock is excluded by !**/*.lock

📒 Files selected for processing (11)

• charts/nginx-service/.helmignore (1 hunks)
• charts/nginx-service/Chart.yaml (1 hunks)
• charts/nginx-service/templates/_helpers.tpl (1 hunks)
• charts/nginx-service/templates/deployment.yaml (1 hunks)
• charts/nginx-service/templates/service.yaml (1 hunks)
• charts/nginx-service/values.yaml (1 hunks)
• environments/gamma/rendered/app-of-apps.yaml (1 hunks)
• environments/gamma/rendered/nginx-service.yaml (1 hunks)
• environments/gamma/values.yaml (2 hunks)
• templates/environment.py (1 hunks)
• templates/nginx-service.j2 (1 hunks)

🧰 Additional context used

🪛 YAMLlint (1.37.1)

charts/nginx-service/templates/deployment.yaml

[error] 6-6: syntax error: expected the node content, but found '-'

(syntax)

---

[warning] 32-32: wrong indentation: expected 6 but found 8

(indentation)

---

[warning] 33-33: wrong indentation: expected 6 but found 8

(indentation)

---

[warning] 34-34: wrong indentation: expected 6 but found 8

(indentation)

---

[warning] 37-37: wrong indentation: expected 4 but found 6

(indentation)

environments/gamma/values.yaml

[error] 69-69: trailing spaces

(trailing-spaces)

charts/nginx-service/templates/service.yaml

[error] 6-6: syntax error: expected the node content, but found '-'

(syntax)

🔇 Additional comments (7)

templates/environment.py (1)

23-25: Tuple update is correct – welcome nginx-service

Addition looks good and aligns with the new template/Helm chart.

environments/gamma/rendered/nginx-service.yaml (1)

5-7: Avoid using the mutable latest image tag in production

latest is not reproducible and breaks rollback guarantees. Prefer a semver, git-sha, or OCI digest tag that matches the build artifact promoted to gamma.

charts/nginx-service/.helmignore (1)

4-24: 👍 Comprehensive .helmignore

Good coverage of common noise files; will keep chart packages slim.

environments/gamma/values.yaml (1)

128-130: New nginx-service entry appended correctly
The nginx-service block is properly added under appOfApps.applications and disabled by default as intended.

environments/gamma/rendered/app-of-apps.yaml (1)

119-126: Auto-generated file—no manual review needed
This section is produced by environment.py; it matches the new chart and value files.

charts/nginx-service/templates/service.yaml (1)

1-16: Service template is correctly defined
The Helm template follows best practices: naming via helpers, configurable service.type, and named port alignment with the Deployment.

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 6-6: syntax error: expected the node content, but found '-'

(syntax)

charts/nginx-service/values.yaml (1)

1-83: Values file structure looks solid
Defaults and documentation cover all key parameters. Consumers will override image.tag and resources per environment.

[coderabbitai]

🛠️ Refactor suggestion

Indentation & default-safety for resources block

1. indent(2) does not indent the first line, causing limits: to be indented two spaces while its children are indented four. Valid YAML but untidy and inconsistent with other templates.
2. If nginxService.resources is omitted, Jinja will raise an exception.

-resources:
-  {{ nginxService.resources | to_yaml | indent(2) }}
+resources:
+  {{ nginxService.resources | default({}) | to_yaml | indent(2, true) }}

indent(2, true) keeps all lines aligned, and default({}) prevents template explosions when the key is absent.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	resources:
	{{ nginxService.resources | to_yaml | indent(2) }}
	resources:
	{{ nginxService.resources | default({}) | to_yaml | indent(2, true) }}

🤖 Prompt for AI Agents

In templates/nginx-service.j2 at lines 3-4, the resources block uses indent(2)
which does not indent the first line, causing inconsistent YAML indentation, and
it lacks a default value for nginxService.resources which can cause exceptions
if the key is missing. Fix this by changing the filter to indent(2, true) to
indent all lines consistently and wrap nginxService.resources with default({})
to provide a safe fallback when the key is absent.

[coderabbitai]

🛠️ Refactor suggestion

Add default fallback for empty image tag
If Values.image.tag is blank, the image reference becomes invalid. Apply a default filter to fall back on .Chart.AppVersion:

image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"

🤖 Prompt for AI Agents

In charts/nginx-service/templates/deployment.yaml at lines 47-48, the image tag
is used directly from .Values.image.tag which can be empty, causing an invalid
image reference. Fix this by applying the default filter to .Values.image.tag so
that if it is empty, it falls back to .Chart.AppVersion. Update the image line
to use: {{ .Values.image.tag | default .Chart.AppVersion }} to ensure a valid
tag is always used.

[coderabbitai]

⚠️ Potential issue

Datadog annotations reference the wrong service
The monitoring annotations are copy-pasted from app-registry-service (port 8081) but this chart’s container exposes port 80 as nginx. Update keys and ports:

-ad.datadoghq.com/app-registry-service.logs: '[{"service": "app-registry-service"}]'
-ad.datadoghq.com/app-registry-service.checks: |
+ad.datadoghq.com/nginx-service.logs: '[{"service": "nginx-service"}]'
+ad.datadoghq.com/nginx-service.checks: |
   {
     "openmetrics": {
       "instances": [
         {
-          "prometheus_url": "http://%%host%%:8081/metrics",
+          "prometheus_url": "http://%%host%%:80/metrics",
           "namespace": "nginx-service",
           "metrics": ["*"]
         }
       ]
     }
   }

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents

In charts/nginx-service/templates/deployment.yaml between lines 17 and 29, the
Datadog annotations incorrectly reference the app-registry-service and port
8081. Update the annotation keys to reference nginx instead of
app-registry-service, and change the prometheus_url port from 8081 to 80 to
match the nginx container's exposed port.

[coderabbitai]

Actionable comments posted: 2

♻️ Duplicate comments (1)

charts/nginx-service/templates/deployment.yaml (1)

47-47: Add default fallback for empty image tag

If .Values.image.tag is blank, the image: line will be invalid. Apply the default .Chart.AppVersion filter to ensure a valid tag.

🧹 Nitpick comments (2)

charts/nginx-service/templates/deployment.yaml (2)

9-10: Consider making the update strategy configurable

Using Recreate will lead to full downtime on each deployment update. Consider switching to a RollingUpdate default or exposing the strategy as a .Values.updateStrategy so it can be tuned per environment.

---

43-51: Add resource limits and health probes

To improve stability and observability, define resources.requests/limits, and add both livenessProbe and readinessProbe for the nginx container.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7735105 and bfab82a.

📒 Files selected for processing (2)

• charts/nginx-service/templates/deployment.yaml (1 hunks)
• charts/nginx-service/values.yaml (1 hunks)

✅ Files skipped from review due to trivial changes (1)

• charts/nginx-service/values.yaml

🧰 Additional context used

🪛 YAMLlint (1.37.1)

charts/nginx-service/templates/deployment.yaml

[error] 6-6: syntax error: expected the node content, but found '-'

(syntax)

---

[warning] 32-32: wrong indentation: expected 6 but found 8

(indentation)

---

[warning] 33-33: wrong indentation: expected 6 but found 8

(indentation)

---

[warning] 34-34: wrong indentation: expected 6 but found 8

(indentation)

---

[warning] 37-37: wrong indentation: expected 4 but found 6

(indentation)

🔇 Additional comments (2)

charts/nginx-service/templates/deployment.yaml (2)

1-6: No issues found in metadata definitions

The API version, kind, metadata name, and labels follow Helm best practices and integrate correctly with the chart helpers.

🧰 Tools

🪛 YAMLlint (1.37.1)

[error] 6-6: syntax error: expected the node content, but found '-'

(syntax)

---

30-34: Pod labels injection looks correct

The use of toYaml under podLabels will properly merge any custom labels with the chart’s standard labels.

🧰 Tools

🪛 YAMLlint (1.37.1)

[warning] 32-32: wrong indentation: expected 6 but found 8

(indentation)

---

[warning] 33-33: wrong indentation: expected 6 but found 8

(indentation)

---

[warning] 34-34: wrong indentation: expected 6 but found 8

(indentation)

[coderabbitai]

⚠️ Potential issue

Fix Datadog metrics port to match container port

The prometheus_url is currently targeting port 8081, but the nginx container listens on port 80. This mismatch will break metric scraping—update it to use :80/metrics.

🤖 Prompt for AI Agents

In charts/nginx-service/templates/deployment.yaml between lines 17 and 23,
update the prometheus_url port from 8081 to 80 to match the nginx container's
listening port. Change the URL from "http://%%host%%:8081/metrics" to
"http://%%host%%:80/metrics" to ensure proper metric scraping by Datadog.

[coderabbitai]

🛠️ Refactor suggestion

Parameterize serviceAccountName for greater flexibility

Hardcoding main-service-account limits reuse. Consider pulling this from .Values.serviceAccountName with a sensible default.

🤖 Prompt for AI Agents

In charts/nginx-service/templates/deployment.yaml at line 42, the
serviceAccountName is hardcoded as "main-service-account", which reduces
flexibility. Modify this line to use a Helm template expression that references
.Values.serviceAccountName with a default fallback value, allowing users to
override the service account name via values.yaml while maintaining a sensible
default.