Terraform Deployments

Terraform is the recommended and best supported method of deploying your Codecov Self Hosted install.

General process

1. Clone repo and navigate to the template for your cloud provider
2. Run cluster template
3. Run timescaledb template (optionally)
4. Run k8s-config template

Upon completion of the above process, you will have the following:

• Kubernetes Cluster
• Working Codecov deployment*
• DNS and SSL certificates*
• Postgres DB running in managed redis service for your cloud
• Redis running in managed redis service for your cloud
• Timescaledb VM(s)*

*Depending on your config

AWS

ALB Ingress

By default, this template creates an ALB (application load balancer) ingress. This can be disabled by setting ingress_enabled to false. You are then expected to provide you own ingress.

DNS and SSL

It is recommended to let the template handle DNS for you. If your DNS is hosted in Route53, all you need to do is:

#Set this in both cluster and k8s-config.
dns_enabled=true
hosted_zone_id=ID_FROM_ROUTE_53

This will do ACM cert validation for you in addition to creating a record for Codecov for the ingress_host that you specify.

📘

Cross account Route53

Sometimes, your route53 zones are located in other AWS accounts. This is accommodated by allowing a profile for this account to be specified for the route53 account.

#Set this in both cluster and k8s-config.
route53_profile="your_profile_that_manages_route53"
route53_region="us-east-1" #this is the default

GCP

GKE Ingress

By default, this template creates a GKE ingress. This can be disabled by setting ingress_enabled to false. You are then expected to provide you own ingress.

DNS and SSL

It is recommended to let the template handle DNS for you. If your DNS is hosted in GCP, set the following variables:

#Set this in both cluster and k8s-config.
dns_enabled=true
dns_credentials=FILEPATH_FOR_CREDS
dns_zone=NAME_OF_DNS_ZONE_IN_GCP
dns_project=NAME_OF_GCP_PROJECT_WITH_ZONE

This will create the DNS record for your ingress host and a managed cert tied to the GKE ingress.

Azure

Nginx Ingress

By default, this template uses the nginx ingress that is included as part of the generic Codecov terraform template. This can be disabled by setting ingress_enabled to false. You are then expected to provide you own ingress.

DNS and SSL

It is recommended to let this template handle DNS for you. If your DNS is hosted in Azure, all you need to do is:

#Set this in k8s-config.
dns_enabled=true
dns_zone=NAME_OF_ZONE_IN_AZURE
domain=ROOT_DNS_ZONE # eg example.com if you want dns set to codecov.example.com

This template will create a minio dns record as well in the format minio.${domain} with the domain from the variables above. If you choose to manage your own dns, this still will need to be set and the minio record created.
This template uses the Letsencrypt configuration from the generic Codecov terraform template for ssl.

Templates

Below there are links to the three major cloud providers AWS, GCP and Azure. This should allow you to build a Kubernetes cluster, Postgres Database, redis database and storage accounts. It is broken up into two parts, run terraform in the cluster folder and run terraform the k8s-config folder. When runs successfully, you should have a running worker, api, frontend, and gateway deployments.

Deployments

• AWS Elastic Kubernetes Service
• Google Kubernetes Engine
• Microsoft Azure Kubernetes Service

Codecov Terraform Module for use with existing clusters

• Codecov k8s terraform module