From 46fdc9889d9c94da2a1e2dbbf7af8db04da0fef8 Mon Sep 17 00:00:00 2001
From: Batuhan Apaydin <batuhan.apaydin@chainguard.dev>
Date: Thu, 25 Jan 2024 23:38:38 +0300
Subject: [PATCH] management-api-for-apache-cassandra

Signed-off-by: Batuhan Apaydin <batuhan.apaydin@chainguard.dev>
---
 .../README.md                                 |  29 +++
 .../config/main.tf                            |  19 ++
 .../config/template.apko.yaml                 |  85 +++++++
 .../main.tf                                   |  36 +++
 .../metadata.hcl                              |   9 +
 .../tests/main.tf                             | 211 ++++++++++++++++++
 .../tests/smoke-test.sh                       |  10 +
 main.tf                                       |   5 +
 8 files changed, 404 insertions(+)
 create mode 100644 images/management-api-for-apache-cassandra/README.md
 create mode 100644 images/management-api-for-apache-cassandra/config/main.tf
 create mode 100644 images/management-api-for-apache-cassandra/config/template.apko.yaml
 create mode 100644 images/management-api-for-apache-cassandra/main.tf
 create mode 100644 images/management-api-for-apache-cassandra/metadata.hcl
 create mode 100644 images/management-api-for-apache-cassandra/tests/main.tf
 create mode 100644 images/management-api-for-apache-cassandra/tests/smoke-test.sh

diff --git a/images/management-api-for-apache-cassandra/README.md b/images/management-api-for-apache-cassandra/README.md
new file mode 100644
index 0000000000..dfcdda3523
--- /dev/null
+++ b/images/management-api-for-apache-cassandra/README.md
@@ -0,0 +1,29 @@
+<!--monopod:start-->
+# cassandra
+| | |
+| - | - |
+| **OCI Reference** | `cgr.dev/chainguard/cassandra` |
+
+
+* [View Image in Chainguard Academy](https://edu.chainguard.dev/chainguard/chainguard-images/reference/cassandra/overview/)
+* [View Image Catalog](https://console.enforce.dev/images/catalog) for a full list of available tags.
+* [Contact Chainguard](https://www.chainguard.dev/chainguard-images) for enterprise support, SLAs, and access to older tags.*
+
+---
+<!--monopod:end-->
+
+<!--overview:start-->
+[Cassandra](https://cassandra.apache.org) is a free and open-source, distributed, wide-column store, NoSQL database.
+<!--overview:end-->
+
+<!--getting:start-->
+## Get It!
+The image is available on `cgr.dev`:
+
+```
+docker pull cgr.dev/chainguard/cassandra:latest
+```
+<!--getting:end-->
+
+<!--body:start-->
+<!--body:end-->
diff --git a/images/management-api-for-apache-cassandra/config/main.tf b/images/management-api-for-apache-cassandra/config/main.tf
new file mode 100644
index 0000000000..c012575166
--- /dev/null
+++ b/images/management-api-for-apache-cassandra/config/main.tf
@@ -0,0 +1,19 @@
+terraform {
+  required_providers {
+    apko = { source = "chainguard-dev/apko" }
+  }
+}
+
+variable "extra_packages" {
+  description = "The additional packages to install."
+  default     = ["management-api-for-apache-cassandra", "management-api-for-apache-cassandra-compat", "metric-collector-for-apache-cassandra", "cassandra", "cassandra-compat"]
+}
+
+data "apko_config" "this" {
+  config_contents = file("${path.module}/template.apko.yaml")
+  extra_packages  = var.extra_packages
+}
+
+output "config" {
+  value = jsonencode(data.apko_config.this.config)
+}
diff --git a/images/management-api-for-apache-cassandra/config/template.apko.yaml b/images/management-api-for-apache-cassandra/config/template.apko.yaml
new file mode 100644
index 0000000000..15ab0328a6
--- /dev/null
+++ b/images/management-api-for-apache-cassandra/config/template.apko.yaml
@@ -0,0 +1,85 @@
+contents:
+  packages:
+    - python3
+    - busybox
+    - bash
+    - tini
+    - libatasmart
+    - boost-filesystem
+    - iproute2
+
+accounts:
+  groups:
+    - groupname: cassandra
+      gid: 999
+  users:
+    - username: cassandra
+      uid: 999
+  run-as: 999
+
+work-dir: /
+
+entrypoint:
+  command:  "/sbin/tini -g -- /docker-entrypoint.sh"
+
+cmd: mgmtapi
+
+environment:
+  LANG: en_US.UTF-8
+  CASSANDRA_HOME: /opt/cassandra
+  CASSANDRA_VERSION: 4.1.3
+  PATH: /usr/sbin:/sbin:/usr/bin:/bin:/opt/cassandra/bin/
+  MGMT_API_LOG_DIR: /var/log/cassandra
+  CASSANDRA_LOGS_DIR: /opt/cassandra/logs
+  CASSANDRA_CONF: /opt/cassandra/conf
+  MAAC_PATH: /opt/management-api
+  MCAC_PATH: /opt/metrics-collector
+
+paths:
+  - path: /var/lib/cassandra
+    type: directory
+    permissions: 0o777
+    uid: 999
+    gid: 999
+    recursive: true
+  - path: /opt/cassandra
+    type: directory
+    permissions: 0o777
+    uid: 999
+    gid: 999
+    recursive: true
+  - path: /opt/cassandra/logs
+    type: directory
+    permissions: 0o777
+    uid: 999
+    gid: 999
+    recursive: true
+  - path: /opt/cassandra/conf
+    type: directory
+    permissions: 0o777
+    uid: 999
+    gid: 999
+    recursive: true
+  - path: /var/lib/cassandra
+    type: directory
+    permissions: 0o777
+    uid: 999
+    gid: 999
+  - path: /var/log/cassandra
+    type: directory
+    permissions: 0o777
+    uid: 999
+    gid: 999
+    recursive: true
+  - path: /opt/management-api
+    type: directory
+    permissions: 0o777
+    uid: 999
+    gid: 999
+    recursive: true
+  - path: /opt/metrics-collector
+    type: directory
+    permissions: 0o777
+    uid: 999
+    gid: 999
+    recursive: true
\ No newline at end of file
diff --git a/images/management-api-for-apache-cassandra/main.tf b/images/management-api-for-apache-cassandra/main.tf
new file mode 100644
index 0000000000..d84fa61554
--- /dev/null
+++ b/images/management-api-for-apache-cassandra/main.tf
@@ -0,0 +1,36 @@
+terraform {
+  required_providers {
+    oci = { source = "chainguard-dev/oci" }
+  }
+}
+
+variable "target_repository" {
+  description = "The docker repo into which the image and attestations should be published."
+}
+
+module "config" { source = "./config" }
+
+module "latest" {
+  source            = "../../tflib/publisher"
+  name              = basename(path.module)
+  target_repository = var.target_repository
+  config            = module.config.config
+  build-dev         = true
+}
+
+module "test-latest" {
+  source = "./tests"
+  digest = module.latest.image_ref
+}
+
+resource "oci_tag" "latest" {
+  depends_on = [module.test-latest]
+  digest_ref = module.latest.image_ref
+  tag        = "latest"
+}
+
+resource "oci_tag" "latest-dev" {
+  depends_on = [module.test-latest]
+  digest_ref = module.latest.dev_ref
+  tag        = "latest-dev"
+}
diff --git a/images/management-api-for-apache-cassandra/metadata.hcl b/images/management-api-for-apache-cassandra/metadata.hcl
new file mode 100644
index 0000000000..40f5389a0e
--- /dev/null
+++ b/images/management-api-for-apache-cassandra/metadata.hcl
@@ -0,0 +1,9 @@
+name                = "cassandra"
+image               = "cgr.dev/chainguard/cassandra"
+logo                = "https://storage.googleapis.com/chainguard-academy/logos/cassandra.svg"
+endoflife           = ""
+console_summary     = ""
+short_description   = "[Cassandra](https://cassandra.apache.org) is a free and open-source, distributed, wide-column store, NoSQL database."
+compatibility_notes = ""
+readme_file         = "README.md"
+upstream_url        = "https://github.com/apache/cassandra"
diff --git a/images/management-api-for-apache-cassandra/tests/main.tf b/images/management-api-for-apache-cassandra/tests/main.tf
new file mode 100644
index 0000000000..0b630d7552
--- /dev/null
+++ b/images/management-api-for-apache-cassandra/tests/main.tf
@@ -0,0 +1,211 @@
+terraform {
+  required_providers {
+    oci = { source = "chainguard-dev/oci" }
+    kubernetes = {
+      source  = "hashicorp/kubernetes"
+      version = "~> 2.24.0"
+    }
+  }
+}
+
+variable "digest" {
+  description = "The image digest to run tests over."
+}
+
+data "oci_string" "ref" { input = var.digest }
+
+resource "random_pet" "suffix" {}
+
+resource "kubernetes_namespace" "cassandra" {
+  metadata {
+    name = "cassandra-${random_pet.suffix.id}"
+  }
+}
+
+resource "kubernetes_service" "cassandra" {
+  metadata {
+    name      = "cassandra"
+    namespace = kubernetes_namespace.cassandra.metadata[0].name
+
+    labels = {
+      app = "cassandra"
+    }
+  }
+
+  spec {
+    port {
+      port = 9042
+    }
+
+    selector = {
+      app = "cassandra"
+    }
+
+    cluster_ip = "None"
+  }
+}
+
+resource "kubernetes_stateful_set" "cassandra" {
+  metadata {
+    name      = "cassandra"
+    namespace = kubernetes_namespace.cassandra.metadata[0].name
+
+    labels = {
+      app = "cassandra"
+    }
+  }
+
+  spec {
+    replicas = 1
+
+    selector {
+      match_labels = {
+        app = "cassandra"
+      }
+    }
+
+    template {
+      metadata {
+        labels = {
+          app = "cassandra"
+        }
+      }
+
+      spec {
+        container {
+          name  = "cassandra"
+          image = "${data.oci_string.ref.registry_repo}:${data.oci_string.ref.pseudo_tag}"
+
+          port {
+            name           = "intra-node"
+            container_port = 7000
+          }
+
+          port {
+            name           = "tls-intra-node"
+            container_port = 7001
+          }
+
+          port {
+            name           = "jmx"
+            container_port = 7199
+          }
+
+          port {
+            name           = "cql"
+            container_port = 9042
+          }
+
+          env {
+            name  = "MAX_HEAP_SIZE"
+            value = "512M"
+          }
+
+          env {
+            name  = "HEAP_NEWSIZE"
+            value = "100M"
+          }
+
+          env {
+            name  = "CASSANDRA_SEEDS"
+            value = "cassandra-0.cassandra.default.svc.cluster.local"
+          }
+
+          env {
+            name  = "CASSANDRA_CLUSTER_NAME"
+            value = "K8Demo"
+          }
+
+          env {
+            name  = "CASSANDRA_DC"
+            value = "DC1-K8Demo"
+          }
+
+          env {
+            name  = "CASSANDRA_RACK"
+            value = "Rack1-K8Demo"
+          }
+
+          env {
+            name = "POD_IP"
+
+            value_from {
+              field_ref {
+                field_path = "status.podIP"
+              }
+            }
+          }
+
+          resources {
+            limits = {
+              cpu = "500m"
+
+              memory = "1Gi"
+            }
+
+            requests = {
+              cpu = "500m"
+
+              memory = "1Gi"
+            }
+          }
+
+          volume_mount {
+            name       = "cassandra-data"
+            mount_path = "/cassandra_data"
+          }
+
+          lifecycle {
+            pre_stop {
+              exec {
+                command = ["/bin/sh", "-c", "nodetool drain"]
+              }
+            }
+          }
+
+          image_pull_policy = "Always"
+
+          security_context {
+            capabilities {
+              add = ["IPC_LOCK"]
+            }
+          }
+        }
+
+        termination_grace_period_seconds = 1800
+      }
+    }
+
+    volume_claim_template {
+      metadata {
+        name = "cassandra-data"
+      }
+
+      spec {
+        access_modes = ["ReadWriteOnce"]
+
+        resources {
+          requests = {
+            storage = "1Gi"
+          }
+        }
+
+        storage_class_name = "local-path" # Assumes K3s, use standard for KinD
+      }
+    }
+
+    service_name = kubernetes_service.cassandra.metadata[0].name
+  }
+}
+
+data "oci_exec_test" "runs" {
+  digest      = var.digest
+  depends_on  = [kubernetes_stateful_set.cassandra]
+  script      = "./smoke-test.sh"
+  working_dir = path.module
+
+  env {
+    name  = "CASSANDRA_STATEFULSET_NAMESPACE"
+    value = kubernetes_namespace.cassandra.metadata[0].name
+  }
+}
diff --git a/images/management-api-for-apache-cassandra/tests/smoke-test.sh b/images/management-api-for-apache-cassandra/tests/smoke-test.sh
new file mode 100644
index 0000000000..a1acccc323
--- /dev/null
+++ b/images/management-api-for-apache-cassandra/tests/smoke-test.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+set -o errexit -o nounset -o errtrace -o pipefail -x
+
+
+kubectl get statefulsets -n $CASSANDRA_STATEFULSET_NAMESPACE cassandra
+
+# check that the cassandra cluster is ready
+
+kubectl wait --for=condition=ready pod --selector app.kubernetes.io/name=cassandra --namespace $CASSANDRA_STATEFULSET_NAMESPACE
\ No newline at end of file
diff --git a/main.tf b/main.tf
index 80ee76937e..1f5afeb1c9 100644
--- a/main.tf
+++ b/main.tf
@@ -760,6 +760,11 @@ module "loki" {
   target_repository = "${var.target_repository}/loki"
 }
 
+module "management-api-for-apache-cassandra" {
+  source            = "./images/management-api-for-apache-cassandra"
+  target_repository = "${var.target_repository}/management-api-for-apache-cassandra"
+}
+
 module "mariadb" {
   source            = "./images/mariadb"
   target_repository = "${var.target_repository}/mariadb"