Deploy the sonatype-nexus helm chart on Opensshift

Question

Pulumi · Accepted Answer

To deploy the Sonatype Nexus Helm chart on an OpenShift cluster using Pulumi, you will need to have access to an existing OpenShift cluster and permissions to deploy resources onto it. The deployment will utilize the `kubernetes.helm.v3.Chart` resource from the Pulumi Kubernetes provider, which enables you to deploy Helm charts.

Here's a step-by-step guide on how to achieve this with a Pulumi TypeScript program:

**1. Set Up Your Project**: If you haven't already done so, create a new Pulumi project by running `pulumi new typescript`.

**2. Install Kubernetes and Helm Dependencies**: You need the Pulumi Kubernetes package to interact with your Kubernetes cluster. Install it using `npm` or `yarn`:

```bash
npm install @pulumi/kubernetes
# or
yarn add @pulumi/kubernetes
```

**3. Write Your Pulumi Program**: The program below assumes you have configured Pulumi for Kubernetes by setting up the appropriate kubeconfig and context to interact with your OpenShift cluster. The `Chart` resource will deploy the Sonatype Nexus Helm chart.

Here is a Pulumi program that deploys Sonatype Nexus on OpenShift:

```typescript
import * as k8s from "@pulumi/kubernetes";

// Replace the following variables with appropriate values for your setup.
const chartName = "nexus-repository-manager"; // The name of the Helm chart
const chartVersion = "33.0.0"; // Use the version number of the chart you wish to deploy
const namespace = "nexus"; // Replace with the namespace where you want to install Nexus

// Create a namespace for Sonatype Nexus if it doesn't already exist.
const ns = new k8s.core.v1.Namespace(namespace, {
    metadata: {
        name: namespace, // Namespace names must be unique
    },
});

// Deploy the Sonatype Nexus Helm chart.
const nexus = new k8s.helm.v3.Chart(chartName, {
    chart: "sonatype-nexus",
    version: chartVersion,
    namespace: namespace,
    fetchOpts: {
        repo: "https://sonatype.github.io/helm3-charts/", // The Helm repository where the Sonatype Nexus chart is hosted
    },
}, { dependsOn: [ns] }); // Ensure namespace is created before deploying the chart

// Export the Nexus service URL
export const nexusUrl = nexus.getResourceProperty("v1/Service", `${namespace}/${chartName}-sonatype-nexus`, "status")
    .apply(status => `http://${status.loadBalancer.ingress[0].hostname}`);
```

**Explanation of Key Points:**

- `k8s.core.v1.Namespace`: This creates a new Kubernetes namespace for your application if it doesn't exist already. Namespaces help in organizing clusters into isolated sub-domains. 
- `k8s.helm.v3.Chart`: This is the Pulumi resource used to deploy Helm charts on a Kubernetes cluster. You need to specify the chart name, version, namespace, and Helm repo. The `dependsOn` option is used to specify resource dependencies.
- `fetchOpts.repo`: The Helm repository is where your Helm chart is stored. For Sonatype Nexus, we use the provided repository URL.
- `nexus.getResourceProperty(...)`: This snippet is used to dynamically retrieve the external URL of the Nexus service. It assumes that the service is of type LoadBalancer; however, in an OpenShift environment, you might be using Routes or another service type. Adjust this accordingly based on your service exposure strategy.
  
With this program, when you run `pulumi up`, Pulumi will reach out to your OpenShift cluster and deploy Nexus using the Helm chart specified.

Make sure to adjust any specific values like chart version or custom values according to your own needs or constraints of your environment.

Remember to log in to your OpenShift cluster using your preferred CLI tool (for instance, `oc`) and set the kubeconfig context so that Pulumi can correctly interact with your cluster.