Reorganize deployment into independant parts

Provide base deployment and then extra deployments for gerrit and the
mailing list. See kunit/prow-lkml for details on lkml deployment and
kunit/test-infra-prow for details on custom crier for mail reporting.

Change-Id: I9db2e1e3a15b3ba4ad8365edeb5153906c6f1b56
Signed-off-by: Avi Kondareddy <avikr@google.com>
diff --git a/README.md b/README.md
index ac361c8..8e1697e 100644
--- a/README.md
+++ b/README.md
@@ -191,11 +191,25 @@
 To deploy in any Kubernetes environment, first read Prow deployment
 documentation [here](https://github.com/kubernetes/test-infra/blob/master/prow/\
 getting_started_deploy.md) and for further clarification, the Kubernetes
-documentation [here](https://kubernetes.io/docs/setup/). Prow comes with several
+documentation [here](https://kubernetes.io/docs/setup/).
+
+Prow comes with several
 [components](https://github.com/kubernetes/test-infra/blob/master/prow/cmd/README.md),
 several of which are only necessary for interacting with github webhooks. We
-have included here a [deployment.yaml](deployment.yaml) which includes just the
-components needed to poll gerrit repos. For every new gerrit repo to run
+have included here a [deployment.yaml](deployment/deployment.yaml) which includes just the
+components needed to deploy prow. Applying the configs under
+[deployment/gerrit](deployment/gerrit) will
+deploy the gerrit adapter and the crier reporter for reporting back to gerrit.
+Applying the configs under
+[deployment/lkml](deployment/lkml) will deploy the lkml adapter and the custom
+crier reporter (named mail to allow concurrent deployment with regular crier)
+for handling mail.
+
+For all Deployment objects, please check the source for the corresponding
+component under [prow/cmd](https://github.com/kubernetes/test-infra/tree/master/prow/cmd)
+for arguments to provide the container being deployed.
+
+For every new gerrit repo to run
 presubmits on, you will need to update the
 [Gerrit](https://github.com/kubernetes/test-infra/tree/master/prow/cmd/gerrit)
 component in the deployment accordingly.
diff --git a/deployment.yaml b/deployment/deployment.yaml
similarity index 70%
rename from deployment.yaml
rename to deployment/deployment.yaml
index 596d6d9..756942e 100644
--- a/deployment.yaml
+++ b/deployment/deployment.yaml
@@ -215,83 +215,6 @@
         backend:
           serviceName: deck
           servicePort: 80
----
-# start gerrit
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
-  labels:
-    app: gerrit
-  name: gerrit-storage
-spec:
-  accessModes:
-    - ReadWriteOnce
-  resources:
-    requests:
-      storage: 1Gi
-  # volumeName: added automatically after volume creation
-  # See https://cloud.google.com/kubernetes-engine/docs/concepts/persistent-volumes
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: gerrit
-  labels:
-    app: gerrit
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: gerrit
-  template:
-    metadata:
-      labels:
-        app: gerrit
-    spec:
-      serviceAccountName: gerrit
-      terminationGracePeriodSeconds: 30
-      containers:
-      - name: gerrit
-        image: gcr.io/k8s-prow/gerrit:v20181203-6a1345b
-        args:
-        - --config-path=/etc/config/config.yaml
-        - --gerrit-projects=https://kunit-review.googlesource.com=linux
-        - --last-sync-fallback=/store/gerrit
-        volumeMounts:
-        - name: config
-          mountPath: /etc/config
-          readOnly: true
-        - name: gerrit-volume
-          mountPath: /store
-      volumes:
-      - name: config
-        configMap:
-          name: config
-      - name: gerrit-volume
-        persistentVolumeClaim:
-          claimName: gerrit-storage
----
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
-  name: crier
-  labels:
-    app: crier
-spec:
-  replicas: 1
-  template:
-    metadata:
-      labels:
-        app: crier
-    spec:
-      serviceAccountName: crier
-      terminationGracePeriodSeconds: 30
-      containers:
-      - name: crier
-        image: gcr.io/k8s-prow/crier:v20181203-6a1345b
-        args:
-        - --gerrit-workers=1
-        - --gerrit-projects=https://kunit-review.googlesource.com=linux
 ### Cluster rbac rules
 ---
 apiVersion: v1
@@ -435,67 +358,3 @@
 subjects:
 - kind: ServiceAccount
   name: "sinker"
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: "gerrit"
----
-kind: Role
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
-  name: "gerrit"
-rules:
-- apiGroups:
-    - "prow.k8s.io"
-  resources:
-    - prowjobs
-  verbs:
-    - create
-    - list
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
-  name: "gerrit"
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: "gerrit"
-subjects:
-- kind: ServiceAccount
-  name: "gerrit"
----
-kind: ServiceAccount
-apiVersion: v1
-metadata:
-  name: "crier"
----
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  # "namespace" omitted since ClusterRoles are not namespaced
-  name: crier
-rules:
-- apiGroups:
-    - "prow.k8s.io"
-  resources:
-    - "prowjobs"
-  verbs:
-    - "get"
-    - "watch"
-    - "list"
----
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
-  name: "crier"
-  namespace: "default"
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: "crier"
-subjects:
-- kind: ServiceAccount
-  name: "crier"
-  namespace: "default"
diff --git a/deployment/gerrit/crier.yaml b/deployment/gerrit/crier.yaml
new file mode 100644
index 0000000..b39f783
--- /dev/null
+++ b/deployment/gerrit/crier.yaml
@@ -0,0 +1,55 @@
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: crier
+  labels:
+    app: crier
+spec:
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: crier
+    spec:
+      serviceAccountName: crier
+      terminationGracePeriodSeconds: 30
+      containers:
+      - name: crier
+        image: gcr.io/k8s-prow/crier:v20181203-6a1345b
+        args:
+        - --gerrit-workers=1
+        - --gerrit-projects=https://kunit-review.googlesource.com=linux
+---
+kind: ServiceAccount
+apiVersion: v1
+metadata:
+  name: "crier"
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  # "namespace" omitted since ClusterRoles are not namespaced
+  name: crier
+rules:
+- apiGroups:
+    - "prow.k8s.io"
+  resources:
+    - "prowjobs"
+  verbs:
+    - "get"
+    - "watch"
+    - "list"
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: "crier"
+  namespace: "default"
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: "crier"
+subjects:
+- kind: ServiceAccount
+  name: "crier"
+  namespace: "default"
diff --git a/deployment/gerrit/gerrit.yaml b/deployment/gerrit/gerrit.yaml
new file mode 100644
index 0000000..4491dc8
--- /dev/null
+++ b/deployment/gerrit/gerrit.yaml
@@ -0,0 +1,84 @@
+# start gerrit
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  labels:
+    app: gerrit
+  name: gerrit-storage
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi
+  # volumeName: added automatically after volume creation
+  # See https://cloud.google.com/kubernetes-engine/docs/concepts/persistent-volumes
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: gerrit
+  labels:
+    app: gerrit
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: gerrit
+  template:
+    metadata:
+      labels:
+        app: gerrit
+    spec:
+      serviceAccountName: gerrit
+      terminationGracePeriodSeconds: 30
+      containers:
+      - name: gerrit
+        image: gcr.io/k8s-prow/gerrit:v20181203-6a1345b
+        args:
+        - --config-path=/etc/config/config.yaml
+        - --gerrit-projects=https://kunit-review.googlesource.com=linux
+        - --last-sync-fallback=/store/gerrit
+        volumeMounts:
+        - name: config
+          mountPath: /etc/config
+          readOnly: true
+        - name: gerrit-volume
+          mountPath: /store
+      volumes:
+      - name: config
+        configMap:
+          name: config
+      - name: gerrit-volume
+        persistentVolumeClaim:
+          claimName: gerrit-storage
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: "gerrit"
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: "gerrit"
+rules:
+- apiGroups:
+    - "prow.k8s.io"
+  resources:
+    - prowjobs
+  verbs:
+    - create
+    - list
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: "gerrit"
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: "gerrit"
+subjects:
+- kind: ServiceAccount
+  name: "gerrit"
diff --git a/deployment/lkml/config.yaml b/deployment/lkml/config.yaml
new file mode 100644
index 0000000..176c3b2
--- /dev/null
+++ b/deployment/lkml/config.yaml
@@ -0,0 +1,52 @@
+# Copyright 2018 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+plank:
+  pod_pending_timeout: 60m
+  default_decoration_config:
+    timeout: 600000000000 # 15s
+    grace_period: 15000000000 # 15s
+    utility_images:
+      clonerefs: gcr.io/k8s-prow/clonerefs:v20181203-6a1345b
+      initupload: gcr.io/k8s-prow/initupload:v20181203-6a1345b
+      entrypoint: gcr.io/k8s-prow/entrypoint:v20181203-6a1345b
+      sidecar: gcr.io/k8s-prow/sidecar:v20181203-6a1345b
+    gcs_configuration:
+      bucket: "test-lkml-bucket"
+      path_strategy: "explicit"
+    gcs_credentials_secret: "service-account"
+sinker:
+  resync_period: 1m
+  max_prowjob_age: 48h
+  max_pod_age: 24h
+
+log_level: info
+
+presubmits:
+  kunit-dev@googlegroups.com:
+  - name: kunit-lkml-presubmit
+    decorate: true
+    always_run: true
+    spec:
+      volumes:
+      - name: shared-mem
+        emptyDir: {}
+      containers:
+      - image: gcr.io/kunit-presubmit/kunit_alt
+        securityContext:
+          privileged: true
+        command:
+        - /kunit.sh
+        volumeMounts:
+        - name: shared-mem
+          mountPath: /dev/shm
diff --git a/deployment/lkml/crier.yaml b/deployment/lkml/crier.yaml
new file mode 100644
index 0000000..2df94c8
--- /dev/null
+++ b/deployment/lkml/crier.yaml
@@ -0,0 +1,66 @@
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: mail
+  labels:
+    app: mail
+spec:
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: mail
+    spec:
+      serviceAccountName: mail
+      terminationGracePeriodSeconds: 30
+      containers:
+      - name: mail
+        image: gcr.io/kunit-presubmit/crier_kunit
+        imagePullPolicy: Always
+        args:
+        - --mail-workers=1
+        - --to-address=kunit-dev@googlegroups.com
+        - --from-address={SENDER EMAIL}
+        - --msa-domain={MSADOMAIN (ie- smtp.gmail.com0}
+        env:
+          - name: SECRET_SMTP_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: smtpsecret
+                key: password
+---
+kind: ServiceAccount
+apiVersion: v1
+metadata:
+  name: "mail"
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  # "namespace" omitted since ClusterRoles are not namespaced
+  name: mail
+rules:
+- apiGroups:
+    - "prow.k8s.io"
+  resources:
+    - "prowjobs"
+  verbs:
+    - "get"
+    - "watch"
+    - "list"
+    - "patch"
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: mail
+  namespace: "default"
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: mail
+subjects:
+- kind: ServiceAccount
+  name: mail
+  namespace: "default"
+---
diff --git a/deployment/lkml/lkml.yaml b/deployment/lkml/lkml.yaml
new file mode 100644
index 0000000..9e38f78
--- /dev/null
+++ b/deployment/lkml/lkml.yaml
@@ -0,0 +1,93 @@
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  namespace: default
+  name: lkml
+  labels:
+    app: lkml
+spec:
+  replicas: 1
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      labels:
+        app: lkml
+    spec:
+      serviceAccountName: lkml
+      containers:
+      - name: lkml
+        image: gcr.io/kunit-presubmit/lkml
+        imagePullPolicy: Always
+        stdin: true
+        tty: true
+        args:
+        - --config-path=/etc/config/config.yaml
+        - --source-repo=https://kunit.googlesource.com/linux
+        - --source-branch=kunit/alpha/master
+        - --job-uri=kunit-dev@googlegroups.com
+        ports:
+          - name: smtp
+            containerPort: 25
+          - name: git
+            containerPort: 9418
+        volumeMounts:
+        - name: repo
+          mountPath: /kunit
+          readOnly: false
+        - name: config
+          mountPath: /etc/config
+          readOnly: true
+      volumes:
+      - name: repo
+        persistentVolumeClaim:
+          claimName: repo-storage
+      - name: config
+        configMap:
+            name: config
+---
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  labels:
+    app: lkml
+  name: repo-storage
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 3Gi
+  # volumeName: added automatically after volume creation
+  # See https://cloud.google.com/kubernetes-engine/docs/concepts/persistent-volumes
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: lkml
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: lkml
+rules:
+- apiGroups:
+    - "prow.k8s.io"
+  resources:
+    - prowjobs
+  verbs:
+    - create
+    - list
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: lkml
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: lkml
+subjects:
+- kind: ServiceAccount
+  name: lkml
+---
diff --git a/deployment/lkml/service.yaml b/deployment/lkml/service.yaml
new file mode 100644
index 0000000..a788460
--- /dev/null
+++ b/deployment/lkml/service.yaml
@@ -0,0 +1,29 @@
+apiVersion: v1
+kind: Service
+metadata:
+  namespace: default
+  name: smtp
+spec:
+  type: LoadBalancer
+  selector:
+    app: lkml
+  ports:
+  - port: 25
+    targetPort: 25
+---
+apiVersion: v1
+kind: Service
+metadata:
+  namespace: default
+  name: git
+spec:
+  type: ClusterIP
+  selector:
+    app: lkml
+  ports:
+  - port: 9418
+    targetPort: 9418
+    name: git
+  - port: 8080
+    targetPort: 8080
+    name: http