quelch 0.10.0

Ingest data from Jira, Confluence, and more directly into Azure AI Search
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296

/// Kubernetes manifest artefact writer for on-prem deployments.
///
/// Writes a minimal set of Kubernetes resources for a pull-only ingest worker
/// (no ingress, no service — ingest is pull-only):
/// - `Deployment.yaml`
/// - `ConfigMap.yaml`
/// - `Secret.example.yaml`
/// - `kustomization.yaml`
/// - `README.md`
use super::GenerateError;
use crate::config::Config;
use std::path::{Path, PathBuf};

/// Write Kubernetes artefacts to `output_dir`.
///
/// Returns the list of paths written (not including common artefacts).
pub fn write(
    _sliced: &Config,
    deployment_name: &str,
    output_dir: &Path,
) -> Result<Vec<PathBuf>, GenerateError> {
    let mut written = Vec::new();

    let deployment_path = output_dir.join("Deployment.yaml");
    std::fs::write(&deployment_path, deployment_yaml(deployment_name))?;
    written.push(deployment_path);

    let configmap_path = output_dir.join("ConfigMap.yaml");
    std::fs::write(&configmap_path, configmap_yaml(deployment_name))?;
    written.push(configmap_path);

    let secret_path = output_dir.join("Secret.example.yaml");
    std::fs::write(&secret_path, secret_example_yaml(deployment_name))?;
    written.push(secret_path);

    let kustomization_path = output_dir.join("kustomization.yaml");
    std::fs::write(&kustomization_path, kustomization_yaml(deployment_name))?;
    written.push(kustomization_path);

    let readme_path = output_dir.join("README.md");
    std::fs::write(&readme_path, readme(deployment_name))?;
    written.push(readme_path);

    Ok(written)
}

fn deployment_yaml(deployment_name: &str) -> String {
    let version = env!("CARGO_PKG_VERSION");
    let safe_name = deployment_name.to_lowercase().replace('_', "-");
    format!(
        r#"apiVersion: apps/v1
kind: Deployment
metadata:
  name: quelch-{safe_name}
  labels:
    app: quelch-{safe_name}
spec:
  replicas: 1
  selector:
    matchLabels:
      app: quelch-{safe_name}
  template:
    metadata:
      labels:
        app: quelch-{safe_name}
    spec:
      containers:
        - name: ingest
          image: ghcr.io/mklab-se/quelch:{version}
          command: ["ingest", "--config", "/etc/quelch/quelch.yaml", "--deployment", "{deployment_name}"]
          envFrom:
            - secretRef:
                name: quelch-{safe_name}-env
          volumeMounts:
            - name: config
              mountPath: /etc/quelch
              readOnly: true
      volumes:
        - name: config
          configMap:
            name: quelch-{safe_name}-config
"#
    )
}

fn configmap_yaml(deployment_name: &str) -> String {
    let safe_name = deployment_name.to_lowercase().replace('_', "-");
    format!(
        r#"apiVersion: v1
kind: ConfigMap
metadata:
  name: quelch-{safe_name}-config
data:
  quelch.yaml: |
    # Paste the contents of effective-config.yaml here.
    # Alternatively, generate this ConfigMap from the file:
    #   kubectl create configmap quelch-{safe_name}-config --from-file=quelch.yaml=effective-config.yaml
"#
    )
}

fn secret_example_yaml(deployment_name: &str) -> String {
    let safe_name = deployment_name.to_lowercase().replace('_', "-");
    format!(
        r#"# Example Secret for quelch-{safe_name}.
# Fill in the base64-encoded values (echo -n "value" | base64) and apply:
#   kubectl apply -f Secret.example.yaml
#
# Or use kubectl directly:
#   kubectl create secret generic quelch-{safe_name}-env \
#     --from-literal=JIRA_INTERNAL_PAT=<value> \
#     --from-literal=COSMOS_ENDPOINT=<value> \
#     --from-literal=COSMOS_KEY=<value>
apiVersion: v1
kind: Secret
metadata:
  name: quelch-{safe_name}-env
type: Opaque
stringData:
  # Source credentials
  JIRA_INTERNAL_PAT: "<your-jira-pat>"
  # Azure Cosmos DB
  COSMOS_ENDPOINT: "https://YOUR-COSMOS-ACCOUNT.documents.azure.com:443/"
  COSMOS_KEY: "<your-cosmos-key>"
  # Optional
  # HTTPS_PROXY: ""
"#
    )
}

fn kustomization_yaml(deployment_name: &str) -> String {
    let safe_name = deployment_name.to_lowercase().replace('_', "-");
    format!(
        r#"# Apply all resources: kubectl apply -k .
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

resources:
  - ConfigMap.yaml
  - Deployment.yaml

# Apply the Secret separately (it is not checked in):
#   kubectl apply -f Secret.example.yaml  # after filling in values
#
# Or reference it here if you manage secrets in-cluster:
# secretGenerator:
#   - name: quelch-{safe_name}-env
#     envs:
#       - .env
"#
    )
}

fn readme(deployment_name: &str) -> String {
    let safe_name = deployment_name.to_lowercase().replace('_', "-");
    format!(
        r#"# Quelch — Kubernetes on-prem deployment: {deployment_name}

## Prerequisites

- A Kubernetes cluster with `kubectl` configured.
- The cluster nodes can reach your Jira / Confluence URLs.
- The cluster nodes can reach your Azure Cosmos DB endpoint.

## Files

| File | Purpose |
|---|---|
| `Deployment.yaml` | The ingest worker Deployment (1 replica) |
| `ConfigMap.yaml` | Mounts `effective-config.yaml` into the pod |
| `Secret.example.yaml` | Template for credential Secret — **fill in and apply manually** |
| `kustomization.yaml` | Ties resources together for `kubectl apply -k .` |
| `effective-config.yaml` | The sliced quelch config for this deployment |

## Setup

1. Fill in `ConfigMap.yaml` with the contents of `effective-config.yaml`,
   or create it directly:
   ```sh
   kubectl create configmap quelch-{safe_name}-config \
     --from-file=quelch.yaml=effective-config.yaml
   ```

2. Create the Secret with your credentials:
   ```sh
   kubectl create secret generic quelch-{safe_name}-env \
     --from-literal=JIRA_INTERNAL_PAT=<value> \
     --from-literal=COSMOS_ENDPOINT=https://YOUR-COSMOS.documents.azure.com:443/ \
     --from-literal=COSMOS_KEY=<value>
   ```

3. Apply the Deployment:
   ```sh
   kubectl apply -k .
   ```

4. Check the worker:
   ```sh
   kubectl get pods -l app=quelch-{safe_name}
   kubectl logs -l app=quelch-{safe_name} -f
   ```

## Updating

```sh
kubectl rollout restart deployment/quelch-{safe_name}
```
"#
    )
}

// ---------------------------------------------------------------------------
// Tests
// ---------------------------------------------------------------------------

#[cfg(test)]
mod tests {
    use super::*;
    use crate::config::Config;

    fn sample_config() -> Config {
        let yaml = r#"
azure:
  subscription_id: "sub-test"
  resource_group: "rg-test"
  region: "swedencentral"
cosmos:
  database: "quelch"
ai:
  provider: azure_openai
  endpoint: "https://test.openai.azure.com"
  embedding:
    deployment: "text-embedding-3-large"
    dimensions: 3072
  chat:
    deployment: "gpt-4.1-mini"
    model_name: "gpt-4.1-mini"
sources:
  - type: jira
    name: jira-test
    url: "https://jira.internal.example"
    auth:
      pat: "my-pat"
    projects: ["INT"]
deployments:
  - name: ingest-k8s
    role: ingest
    target: onprem
    sources:
      - source: jira-test
"#;
        serde_yaml::from_str(yaml).expect("sample config must parse")
    }

    #[test]
    fn writes_expected_files() {
        let dir = tempfile::tempdir().unwrap();
        let config = sample_config();
        write(&config, "ingest-k8s", dir.path()).unwrap();

        assert!(dir.path().join("Deployment.yaml").exists());
        assert!(dir.path().join("ConfigMap.yaml").exists());
        assert!(dir.path().join("Secret.example.yaml").exists());
        assert!(dir.path().join("kustomization.yaml").exists());
        assert!(dir.path().join("README.md").exists());
    }

    #[test]
    fn deployment_yaml_contains_deployment_name() {
        let yaml = deployment_yaml("my-worker");
        assert!(yaml.contains("--deployment"));
        assert!(yaml.contains("my-worker"));
        assert!(yaml.contains("ghcr.io/mklab-se/quelch:"));
    }

    #[test]
    fn deployment_yaml_is_valid_yaml() {
        let yaml = deployment_yaml("test");
        serde_yaml::from_str::<serde_yaml::Value>(&yaml)
            .expect("Deployment.yaml must be valid YAML");
    }

    #[test]
    fn configmap_yaml_is_valid_yaml() {
        let yaml = configmap_yaml("test");
        serde_yaml::from_str::<serde_yaml::Value>(&yaml)
            .expect("ConfigMap.yaml must be valid YAML");
    }

    #[test]
    fn kustomization_yaml_is_valid_yaml() {
        let yaml = kustomization_yaml("test");
        serde_yaml::from_str::<serde_yaml::Value>(&yaml)
            .expect("kustomization.yaml must be valid YAML");
    }
}