feat: add Kubeflow Pipelines (#579)

srodenhuis · dennisvankekem · svcAPLBot · web-flow · commit 3f012cfd8a7f · 2025-07-16T14:57:59.000+02:00
* feat: add kfp

* fix: logo name

* fix: full app name

* fix: apits

* feat: alfa chip

* fix: pret

* fix: isAlpha

---------

Co-authored-by: Dennis van Kekem &lt;38350840+dennisvankekem@users.noreply.github.com&gt;
Co-authored-by: svcAPLBot &lt;174728082+svcAPLBot@users.noreply.github.com&gt;
diff --git a/core.yaml b/core.yaml
@@ -3,6 +3,7 @@ k8s:
   namespaces:
     - name: argocd
       app: argocd
+      disableIstioInjection: true
     - name: cert-manager
       disableIstioInjection: true
     - name: cnpg-system
@@ -18,26 +19,20 @@ k8s:
       disablePolicyChecks: true
     - name: external-dns
       disableIstioInjection: true
-    - name: external-secrets
-      disableIstioInjection: true
     - name: falco
       disableIstioInjection: true
       disablePolicyChecks: true
     - name: harbor
       app: harbor
-    - name: gatekeeper-system
-      app: gatekeeper
+    - name: apl-harbor-operator
       disableIstioInjection: true
     - name: gitea
-    - name: gitea-operator
+    - name: apl-gitea-operator
       disableIstioInjection: true
     - name: grafana
       app: grafana
     - name: istio-system
       disableIstioInjection: true
-    - name: istio-operator
-      istio-operator-managed: Reconcile
-      istio-injection: disabled
     - name: httpbin
       app: httpbin
     - name: ingress
@@ -50,6 +45,8 @@ k8s:
       app: jaeger
       disableIstioInjection: true
     - name: keycloak
+    - name: apl-keycloak-operator
+      disableIstioInjection: true
     - name: kiali
       app: kiali
     - name: kiali-operator
@@ -59,12 +56,24 @@ k8s:
       app: knative
       disablePolicyChecks: true
       disableIstioInjection: true
+    - name: knative-operator
+      app: knative
+      disablePolicyChecks: true
+      disableIstioInjection: true
+    - name: kfp
+      app: kubeflow-pipelines
+      disablePolicyChecks: true
+      disableIstioInjection: true
     - name: kured
       app: kured
       disableIstioInjection: true
     - name: kyverno
       app: kyverno
       disableIstioInjection: true
+    - name: thanos
+      app: thanos
+      disableIstioInjection: true
+      disablePolicyChecks: true
     - name: tekton-pipelines
       app: tekton
       disableIstioInjection: true
@@ -87,16 +96,9 @@ k8s:
       disablePolicyChecks: true
     - name: monitoring
       disableIstioInjection: true
-      disablePolicyChecks: true
-    - name: opa-exporter
-      disableIstioInjection: true
-      disablePolicyChecks: true
     - name: otomi
     - name: otomi-operator
       disableIstioInjection: true
-    - name: cluster-overprovisioner
-      app: cluster-overprovisioner
-      disableIstioInjection: true
     - name: rabbitmq
       app: rabbitmq
       disableIstioInjection: true
@@ -113,6 +115,7 @@ k8s:
     - name: velero
       app: velero
       disablePolicyChecks: true
+      disableIstioInjection: true
     - name: otomi-pipelines
       app: tekton
       disableIstioInjection: true
@@ -173,13 +176,9 @@ adminApps:
         auth: true
   - name: external-dns
     tags: [ingress, security, tls]
-  - name: external-secrets
-    tags: [secrets, security, tls]
   - name: falco
     tags: [security]
     deps: [prometheus, grafana]
-  - name: gatekeeper
-    tags: [security, policies, observability]
   - name: gitea
     tags: [git]
     isShared: true
@@ -202,10 +201,6 @@ adminApps:
           - authorization
         type: public
         auth: true
-    shortcuts:
-      - title: NGINX
-        description: NGINX ingress controller metrics
-        path: /d/nginx/nginx-ingress-controller?orgId=1&refresh=5s
   - name: harbor
     tags: [security]
     isShared: true
@@ -259,13 +254,9 @@ adminApps:
     ownHost: true
     ingress:
       - namespace: keycloak
-        svc: keycloak-service
+        svc: keycloak
         type: public
         port: 8080
-    shortcuts:
-      - title: Account
-        description: Edit your account settings.
-        path: /realms/otomi/account/
   - name: kiali
     tags: [tracing, telemetry, observability]
     deps: [istio, prometheus]
@@ -281,6 +272,16 @@ adminApps:
   - name: knative
     tags: [serverless, functions]
     deps: [istio]
+  - name: kubeflow-pipelines
+    tags: [ai, ml]
+    ownHost: true
+    isShared: true
+    ingress:
+      - svc: ml-pipeline-ui
+        namespace: kfp
+        port: 80
+        type: public
+        auth: true
   - name: kured
     tags: [security]
   - name: tekton
@@ -295,21 +296,20 @@ adminApps:
         auth: true
         removeRequestHeaders:
           - authorization
+  - name: thanos
+    tags: [metrics, observability]
+    ownHost: true
+    ingress:
+      - svc: thanos-query
+        port: 9090
+        namespace: thanos
+        type: public
+        auth: true
   - name: loki
     tags: [logging, telemetry, observability]
-    deps: [grafana, prometheus, minio]
+    deps: [grafana, prometheus]
     useHost: grafana
     path: /explore?orgId=1&left=%7B"datasource":"loki","queries":%5B%7B"refId":"A"%7D%5D,"range":%7B"from":"now-1h","to":"now"%7D%7D
-    shortcuts:
-      - title: Ingress logs
-        description: All logs generated in the "ingress" namespace
-        path: /explore?orgId=1&left=%5B"now-1h","now","Loki",%7B"expr":"%7Bnamespace%3D%5C"ingress%5C"%7D","refId":"A"%7D%5D
-      - title: OWASP violations
-        description: All OWASP rule violations
-        path: /explore?orgId=1&left=%5B"now-1h","now","Loki",%7B"expr":"%7Bnamespace%3D%5C"ingress%5C"%7D%20%7C%3D%5C"ModSecurity:%20%5C""%7D%5D
-      - title: Gatekeeper violations
-        description: Kube API violations logged by OPA gatekepeer
-        path: /explore?orgId=1&left=%5B"now-1h","now","Loki",%7B"expr":"%7Bnamespace%3D%5C"gatekeeper-system%5C"%7D%20%7C%3D%5C"Policy:%20%5C""%7D%5D
   - name: minio
     tags: [storage, backup]
     ownHost: true
@@ -321,7 +321,7 @@ adminApps:
         auth: true
         removeRequestHeaders:
           - authorization
-  - name: otomi
+  - name: console
     hide: true
     isShared: true
     ownHost: true
@@ -335,6 +335,17 @@ adminApps:
         namespace: otomi
         type: public
         auth: true
+  - name: api # Used by any client that do not support cookies
+    hide: true
+    isShared: true
+    ownHost: true
+    ingress:
+      - svc: otomi-api
+        namespace: otomi
+        type: public
+        # RequestAuthentication and AuthorizationPolicy ensure Authorization header validation
+        auth: false
+
   - name: prometheus
     tags: [metrics, observability]
     ownHost: true
@@ -350,7 +361,7 @@ adminApps:
     ownHost: true
   - name: tempo
     tags: [tracing]
-    deps: [prometheus, grafana, minio]
+    deps: [prometheus, grafana]
     useHost: grafana
     path: /explore?orgId=1&left=%7B"datasource":"tempo","queries":%5B%7B"refId":"A","datasource":%7B"type":"tempo","uid":"tempo"%7D,"queryType":"clear","limit":20%7D%5D,"range":%7B"from":"now-1h","to":"now"%7D%7D
   - name: otel
@@ -368,6 +379,7 @@ adminApps:
 teamApps:
   - name: alertmanager
     ownHost: true
+    path: /#/alerts?silenced=false&inhibited=false&active=true&filter=%7Bnamespace%3D"team-#TEAM#"%7D
     ingress:
       - svc: po-alertmanager
         hasPrefix: true
@@ -388,14 +400,6 @@ teamApps:
   - name: loki
     useHost: grafana
     path: /explore?orgId=1&left=%7B"datasource":"loki","queries":%5B%7B"refId":"A","expr":"","queryType":"range","datasource":%7B"type":"loki","uid":"loki"%7D%7D%5D,"range":%7B"from":"now-1h","to":"now"%7D%7D
-  - name: prometheus
-    ownHost: true
-    ingress:
-      - svc: po-prometheus
-        hasPrefix: true
-        port: 9090
-        type: public
-        auth: true
   - name: tekton
     ownHost: true
     ingress:
@@ -405,4 +409,4 @@ teamApps:
         type: public
         auth: true
         removeRequestHeaders:
-          - authorization
+          - authorization
diff --git a/public/logos/kubeflow-pipelines_logo.svg b/public/logos/kubeflow-pipelines_logo.svg
@@ -0,0 +1,19 @@
+<svg version="1.2" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1000 1000" width="1000" height="1000">
+	<title>kubeflow-logo</title>
+	<style>
+		.s0 { fill: #0028aa } 
+		.s1 { fill: #a1c3ff } 
+		.s2 { fill: #4279f4 } 
+		.s3 { fill: #6ca1ff } 
+		.s4 { fill: #014bd1 } 
+		.s5 { fill: #bedcff } 
+	</style>
+	<g id="Background">
+		<path id="Path 0" class="s0" d="m392.2 872.5c-34.2 43.7-62.2 80-62.2 80.5 0 0.7 54.5 1 161.5 1 128.7 0 161.4-0.3 161.2-1.3-0.2-0.6-17.7-15.2-38.9-32.2-21.2-17-65.5-52.6-98.3-79-32.9-26.4-60.1-48.1-60.4-48.3-0.4-0.1-28.7 35.6-62.9 79.3z"/>
+		<path id="Path 1" class="s1" d="m436.6 157.3c-50.5 63.3-91.4 115.6-90.9 116 0.4 0.5 107.9-18.8 238.8-42.9 130.9-24 238.5-44.1 239-44.5 0.5-0.5 0.8-1.1 0.5-1.4-0.3-0.2-66.9-32.4-148-71.5-81.1-39.1-147.5-71-147.6-71 0 0-41.4 51.9-91.8 115.3z"/>
+		<path id="Path 2" class="s2" d="m589.1 297.3l-293.4 54.2c0.3 13.2 4.9 127 10.3 261.5 5.4 134.5 10.2 244.9 10.7 245.3 0.4 0.4 2.4-1.1 4.4-3.5 2-2.4 84.2-107.3 182.9-233.3 98.6-126 180.7-230.5 182.4-232.3 1.7-1.8 6-4.8 9.6-6.5 5.5-2.7 7.5-3.2 14-3.2 5.9 0 8.6 0.5 13 2.6 3.6 1.7 44.5 33.8 120.5 94.8 63.2 50.7 115.3 91.8 115.8 91.4 0.4-0.4-15-69.9-34.3-154.3-19.3-84.4-36-157.4-37-162.3-1.6-7-2.3-8.7-3.8-8.6-0.9 0-133.7 24.5-295.1 54.2z"/>
+		<path id="Path 3" class="s3" d="m136.5 533.5c-50.6 63.5-92 116.1-91.9 116.8 0 0.6 46.2 58.9 102.5 129.5 56.3 70.6 102.7 128 103.1 127.5 0.3-0.4-3.8-110.6-9.2-244.8-5.4-134.2-9.9-244.1-9.9-244.3-0.1-0.1-0.7-0.2-1.4-0.2-0.6 0-42.6 52-93.2 115.5z"/>
+		<path id="Path 4" class="s4" d="m701.3 477.7c-7.7 9.8-23.1 29.5-34.3 43.8-11.2 14.3-28.3 36.1-38 48.5-9.7 12.4-26.8 34.2-38 48.5-11.2 14.3-26.5 33.9-34.1 43.5-7.5 9.6-24.3 31-37.2 47.5l-23.6 30c3.4 3.3 55.6 45.2 118.2 95.4 62.5 50.1 114.3 91.3 115 91.6 0.7 0.2 46.4-56.3 111.2-137.6 60.5-76 110.1-138.6 110.2-139.2 0.1-0.7-17.9-15.6-40-33.3-22.1-17.7-73.2-58.6-113.5-91-40.4-32.4-75.3-60.4-77.6-62.2l-4.3-3.2z"/>
+		<path id="Path 5" class="s5" d="m270.5 136.1c-84.2 40.6-153.3 74-153.7 74.1-0.3 0.2-17.7 75.2-38.6 166.8-23 100.4-37.7 166.9-37.1 167.5 0.5 0.6 1.7-0.1 3.1-2 1.3-1.6 87.7-110.1 192-241 104.3-130.9 189.5-238.3 189.3-238.8-0.3-0.4-0.8-0.7-1.3-0.6-0.4 0.1-69.6 33.3-153.7 74z"/>
+	</g>
+</svg>
diff --git a/src/components/AppCard.tsx b/src/components/AppCard.tsx
@@ -101,6 +101,7 @@ export default function ({
   toggleApp,
   isDeprecated,
   isBeta,
+  isAlpha,
   openModal,
 }: any): React.ReactElement {
   const { classes, cx } = useStyles()
@@ -156,6 +157,16 @@ export default function ({
           </Box>
         )}
 
+        {isAlpha && (
+          <Box>
+            <Chip
+              className={cx(classes.chip, isLight ? classes.chipLight : classes.chipDark)}
+              label='ALPHA'
+              variant='outlined'
+            />
+          </Box>
+        )}
+
         {isDeprecated && (
           <Box>
             <Chip className={cx(classes.chip, classes.chipDeprecated)} label='DEPRECATED' variant='outlined' />
diff --git a/src/components/Apps.tsx b/src/components/Apps.tsx
@@ -169,7 +169,11 @@ export default function Apps({ teamId, apps, teamSettings, setAppState, objSetti
 
   const out = (items) =>
     items?.map((item) => {
-      const { enabled, externalUrl, id, logo, logoAlt, isDeprecated, isBeta } = getAppData(session, teamId, item)
+      const { enabled, externalUrl, id, logo, logoAlt, isDeprecated, isAlpha, isBeta } = getAppData(
+        session,
+        teamId,
+        item,
+      )
       return (
         <Grid item xs={12} sm={6} md={4} lg={4} key={id}>
           <AppCard
@@ -188,6 +192,7 @@ export default function Apps({ teamId, apps, teamSettings, setAppState, objSetti
             toggleApp={() => toggleApp(id)}
             isDeprecated={isDeprecated}
             isBeta={isBeta}
+            isAlpha={isAlpha}
             openModal={() => setOpenModal(id)}
           />
         </Grid>
diff --git a/src/redux/otomiApi.ts b/src/redux/otomiApi.ts
@@ -7347,6 +7347,7 @@ export type GetSettingsApiResponse = /** status 200 The request is successful. *
               tempo?: string
               gitea?: string
               thanos?: string
+              kfp?: string
             }
           }
           type: 'linode'
@@ -7609,6 +7610,7 @@ export type EditSettingsApiArg = {
                 tempo?: string
                 gitea?: string
                 thanos?: string
+                kfp?: string
               }
             }
             type: 'linode'
diff --git a/src/utils/data.ts b/src/utils/data.ts
@@ -109,6 +109,14 @@ const getBetaApp = (session, appId) => {
   return app?.isBeta
 }
 
+const getAlphaApp = (session, appId) => {
+  const {
+    core: { appsInfo },
+  }: any = session
+  const app = appsInfo[appId]
+  return app?.isAlpha
+}
+
 const getDeprecationInfo = (session, appId) => {
   const {
     core: { appsInfo },
@@ -169,6 +177,7 @@ export const getAppData = (
   const deps = coreApp.deps
   const isDeprecated = getDeprecatedApp(session, appId)
   const isBeta = getBetaApp(session, appId)
+  const isAlpha = getAlphaApp(session, appId)
   const deprecationInfo = getDeprecationInfo(session, appId)
   const replacementUrl = `https://${deprecationInfo?.replacement}.${cluster.domainSuffix}${deprecationInfo?.path ?? ''}`
   return {
@@ -186,6 +195,7 @@ export const getAppData = (
     hasShortcuts: !!ingress || useHost,
     isDeprecated,
     isBeta,
+    isAlpha,
     deprecationInfo,
     replacementUrl,
   }

Original file line number	Diff line number	Diff line change
`@@ -7347,6 +7347,7 @@ export type GetSettingsApiResponse = /** status 200 The request is successful. *`
`7347`	`7347`	`tempo?: string`
`7348`	`7348`	`gitea?: string`
`7349`	`7349`	`thanos?: string`
	`7350`	`+ kfp?: string`
`7350`	`7351`	`}`
`7351`	`7352`	`}`
`7352`	`7353`	`type: 'linode'`
`@@ -7609,6 +7610,7 @@ export type EditSettingsApiArg = {`
`7609`	`7610`	`tempo?: string`
`7610`	`7611`	`gitea?: string`
`7611`	`7612`	`thanos?: string`
	`7613`	`+ kfp?: string`
`7612`	`7614`	`}`
`7613`	`7615`	`}`
`7614`	`7616`	`type: 'linode'`