refactor: change image layout to enable renovate updates of sidecarts (#955)

* some cleanup for common (+6 squashed commit)

Squashed commit:

[43a501de8] bump sogo

[62c009b63] some tryouts

[6840fafdb] try to fix rendering of new format

[003d3c81b] move seperate apps to new format and fix mistake in common

[752ae2c68] more work on the image refactor

[edfc28533] refactor common images

* sogo scale differently

* slight release build fix

* fix issues with release script and multiple tags
This commit is contained in:
Kjeld Schouten-Lebbing 2021-09-10 16:57:08 +02:00 committed by GitHub
parent fe3af5e130
commit 00e9bd819f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
19 changed files with 137 additions and 74 deletions

View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 5.2.0"
appVersion: 5.2.0
dependencies:
- name: common
repository: https://truecharts.org/
@ -27,4 +27,4 @@ name: sogo
sources:
- https://www.sogo.nu/
type: application
version: 2.0.2
version: 2.0.3

View File

@ -6,11 +6,16 @@
image:
repository: ghcr.io/truecharts/sogo
pullPolicy: IfNotPresent
tag: "v5.2.0"
tag: v5.2.0
postgresqlImage:
repository: postgres
pullPolicy: IfNotPresent
tag: 13.4-alpine
initContainers:
- name: init-postgresdb
image: postgres:13.1
image: "{{ .Values.postgresqlImage.repository}}:{{ .Values.postgresqlImage.tag }}"
command:
- "sh"
- "-c"

View File

@ -2,7 +2,12 @@
image:
repository: ghcr.io/truecharts/sogo
pullPolicy: IfNotPresent
tag: "v5.2.0"
tag: v5.2.0
postgresqlImage:
repository: postgres
pullPolicy: IfNotPresent
tag: 13.4-alpine
# -- services
service:
@ -15,7 +20,7 @@ service:
initContainers:
# -- wait for database before starting sogo
init-postgresdb:
image: postgres:13.1
image: "{{ .Values.postgresqlImage.repository }}:{{ .Values.postgresqlImage.tag }}"
command:
- "sh"
- "-c"

View File

@ -6,8 +6,8 @@ The code-server sidecar container to be inserted.
{{- fail "At least 1 volumeMount is required for codeserver container" }}
{{- end -}}
name: codeserver
image: "{{ .Values.addons.codeserver.image.repository }}:{{ .Values.addons.codeserver.image.tag }}"
imagePullPolicy: {{ .Values.addons.codeserver.pullPolicy }}
image: "{{ .Values.codeserverImage.repository }}:{{ .Values.codeserverImage.tag }}"
imagePullPolicy: {{ .Values.codeserverImage.pullPolicy }}
{{- with .Values.addons.codeserver.securityContext }}
securityContext:
{{- toYaml . | nindent 2 }}

View File

@ -3,8 +3,8 @@ The netshoot sidecar container to be inserted.
*/}}
{{- define "common.addon.netshoot.container" -}}
name: netshoot
image: "{{ .Values.addons.netshoot.image.repository }}:{{ .Values.addons.netshoot.image.tag }}"
imagePullPolicy: {{ .Values.addons.netshoot.pullPolicy }}
image: "{{ .Values.netshootImage.repository }}:{{ .Values.netshootImage.tag }}"
imagePullPolicy: {{ .Values.netshootImage.pullPolicy }}
{{- with .Values.addons.netshoot.securityContext }}
securityContext:
{{- toYaml . | nindent 2 }}

View File

@ -6,8 +6,8 @@ The promtail sidecar container to be inserted.
{{- fail "At least 1 volumeMount is required for the promtail container" }}
{{- end -}}
name: promtail
image: "{{ .Values.addons.promtail.image.repository }}:{{ .Values.addons.promtail.image.tag }}"
imagePullPolicy: {{ .Values.addons.promtail.pullPolicy }}
image: "{{ .Values.promtailImage.repository }}:{{ .Values.promtailImage.tag }}"
imagePullPolicy: {{ .Values.promtailImage.pullPolicy }}
{{- with .Values.addons.promtail.securityContext }}
securityContext:
{{- toYaml . | nindent 2 }}

View File

@ -3,8 +3,8 @@ The OpenVPN sidecar container to be inserted.
*/}}
{{- define "common.addon.openvpn.container" -}}
name: openvpn
image: "{{ .Values.addons.vpn.openvpn.image.repository }}:{{ .Values.addons.vpn.openvpn.image.tag }}"
imagePullPolicy: {{ .Values.addons.vpn.openvpn.pullPolicy }}
image: "{{ .Values.openvpnImage.repository }}:{{ .Values.openvpnImage.tag }}"
imagePullPolicy: {{ .Values.openvpnImage.pullPolicy }}
{{- with .Values.addons.vpn.securityContext }}
securityContext:
{{- toYaml . | nindent 2 }}

View File

@ -3,8 +3,8 @@ The Wireguard sidecar container to be inserted.
*/}}
{{- define "common.addon.wireguard.container" -}}
name: wireguard
image: "{{ .Values.addons.vpn.wireguard.image.repository }}:{{ .Values.addons.vpn.wireguard.image.tag }}"
imagePullPolicy: {{ .Values.addons.vpn.wireguard.pullPolicy }}
image: "{{ .Values.wireguardImage.repository }}:{{ .Values.wireguardImage.tag }}"
imagePullPolicy: {{ .Values.wireguardImage.pullPolicy }}
{{- with .Values.addons.vpn.securityContext }}
securityContext:
{{- toYaml . | nindent 2 }}

View File

@ -17,7 +17,7 @@ before chart installation.
{{- end -}}
{{- end }}
- name: autopermissions
image: alpine:3.3
image: {{ .Values.alpineImage.repository }}:{{ .Values.alpineImage.tag }}
securityContext:
allowPrivilegeEscalation: false
runAsUser: 0

View File

@ -1,3 +1,57 @@
# -- OpenVPN specific configuration
# @default -- See below
openvpnImage:
# -- Specify the openvpn client image
repository: dperson/openvpn-client
# -- Specify the openvpn client image tag
tag: latest
# -- Specify the openvpn client image pull policy
pullPolicy: IfNotPresent
# -- WireGuard specific configuration
# @default -- See below
wireguardImage:
# -- Specify the WireGuard image
repository: ghcr.io/k8s-at-home/wireguard
# -- Specify the WireGuard image tag
tag: v1.0.20210424
# -- Specify the WireGuard image pull policy
pullPolicy: IfNotPresent
promtailImage:
# -- Specify the promtail image
repository: grafana/promtail
# -- Specify the promtail image tag
tag: 2.2.0
# -- Specify the promtail image pull policy
pullPolicy: IfNotPresent
netshootImage:
# -- Specify the netshoot image
repository: nicolaka/netshoot
# -- Specify the netshoot image tag
tag: latest
# -- Specify the netshoot image pull policy
pullPolicy: Always
codeserverImage:
# -- Specify the code-server image
repository: codercom/code-server
# -- Specify the code-server image tag
tag: 3.9.2
# -- Specify the code-server image pull policy
pullPolicy: IfNotPresent
alpineImage:
# -- Specify the code-server image
repository: alpine
# -- Specify the code-server image tag
tag: "3.3"
# -- Specify the code-server image pull policy
pullPolicy: IfNotPresent
global:
# -- Set an override for the prefix of the fullname
nameOverride:
@ -641,30 +695,14 @@ addons:
# -- OpenVPN specific configuration
# @default -- See below
openvpn:
image:
# -- Specify the openvpn client image
repository: dperson/openvpn-client
# -- Specify the openvpn client image tag
tag: latest
# -- Specify the openvpn client image pull policy
pullPolicy: IfNotPresent
# -- Credentials to connect to the VPN Service (used with -a)
auth: # "user;password"
# -- Optionally specify an existing secret that contains the credentials.
# Credentials should be stored under the `VPN_AUTH` key
authSecret: # my-vpn-secret
# -- WireGuard specific configuration
# @default -- See below
wireguard:
image:
# -- Specify the WireGuard image
repository: ghcr.io/k8s-at-home/wireguard
# -- Specify the WireGuard image tag
tag: v1.0.20210424
# -- Specify the WireGuard image pull policy
pullPolicy: IfNotPresent
wireguard: {}
# -- Set the VPN container securityContext
# @default -- See values.yaml
@ -690,7 +728,6 @@ addons:
# See Kubernetes documentation for options.
hostPathType: "File"
# -- Provide custom up/down scripts that can be used by the vpn configuration.
# @default -- See values.yaml
scripts:
@ -709,18 +746,9 @@ addons:
# -- Enable running a code-server container in the pod
enabled: false
image:
# -- Specify the code-server image
repository: codercom/code-server
# -- Specify the code-server image tag
tag: 3.9.2
# -- Specify the code-server image pull policy
pullPolicy: IfNotPresent
# -- Set any environment variables for code-server here
env: {}
# TZ: UTC
# -- Set codeserver command line arguments.
# Consider setting --user-data-dir to a persistent location to preserve code-server setting changes
args:
@ -794,24 +822,12 @@ addons:
promtail:
# -- Enable running a promtail container in the pod
enabled: false
image:
# -- Specify the promtail image
repository: grafana/promtail
# -- Specify the promtail image tag
tag: 2.2.0
# -- Specify the promtail image pull policy
pullPolicy: IfNotPresent
# -- Set any environment variables for promtail here
env: {}
# -- Set promtail command line arguments
args: []
# -- The URL to Loki
loki: ""
# -- The paths to logs on the volume
logs: []
# - name: log
@ -833,14 +849,6 @@ addons:
# -- Enable running a netshoot container in the pod
enabled: false
image:
# -- Specify the netshoot image
repository: nicolaka/netshoot
# -- Specify the netshoot image tag
tag: latest
# -- Specify the netshoot image pull policy
pullPolicy: Always
# -- Set any environment variables for netshoot here
env: {}

View File

@ -9,6 +9,12 @@ image:
pullPolicy: IfNotPresent
tag: "4.30.4"
postgresqlImage:
repository: postgres
pullPolicy: IfNotPresent
tag: 13.4-alpine
enableServiceLinks: false
command: ["authelia"]
@ -17,7 +23,7 @@ args: ["--config=/configuration.yaml"]
initContainers:
init-postgresdb:
image: postgres:13.1
image: "{{ .Values.postgresqlImage.repository}}:{{ .Values.postgresqlImage.tag }}"
command:
- "sh"
- "-c"

View File

@ -5,6 +5,12 @@ image:
pullPolicy: IfNotPresent
tag: "4.30.4"
postgresqlImage:
repository: postgres
pullPolicy: IfNotPresent
tag: 13.4-alpine
command: ["authelia"]
args: ["--config=/configuration.yaml"]
@ -21,7 +27,7 @@ service:
initContainers:
init-postgresdb:
image: postgres:13.1
image: "{{ .Values.postgresqlImage.repository}}:{{ .Values.postgresqlImage.tag }}"
command:
- "sh"
- "-c"

View File

@ -9,9 +9,15 @@ image:
pullPolicy: IfNotPresent
tag: version-5.5.12
postgresqlImage:
repository: postgres
pullPolicy: IfNotPresent
tag: 13.4-alpine
initContainers:
init-postgresdb:
image: postgres:13.1
image: "{{ .Values.postgresqlImage.repository}}:{{ .Values.postgresqlImage.tag }}"
command:
- "sh"
- "-c"

View File

@ -5,6 +5,12 @@ image:
pullPolicy: IfNotPresent
tag: version-5.5.12
postgresqlImage:
repository: postgres
pullPolicy: IfNotPresent
tag: 13.4-alpine
strategy:
type: Recreate
@ -22,7 +28,7 @@ service:
initContainers:
init-postgresdb:
image: postgres:13.1
image: "{{ .Values.postgresqlImage.repository}}:{{ .Values.postgresqlImage.tag }}"
command:
- "sh"
- "-c"

View File

@ -9,6 +9,11 @@ image:
pullPolicy: IfNotPresent
tag: 22.1.1
postgresqlImage:
repository: postgres
pullPolicy: IfNotPresent
tag: 13.4-alpine
strategy:
type: Recreate
@ -43,7 +48,7 @@ envValueFrom:
initContainers:
init-postgresdb:
image: postgres:13.1
image: "{{ .Values.postgresqlImage.repository}}:{{ .Values.postgresqlImage.tag }}"
command:
- "sh"
- "-c"
@ -56,7 +61,6 @@ initContainers:
name: dbcreds
key: plainhost
# -- Probe configuration
# -- [[ref]](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/)
# @default -- See below

View File

@ -5,6 +5,11 @@ image:
pullPolicy: IfNotPresent
tag: 22.1.1
postgresqlImage:
repository: postgres
pullPolicy: IfNotPresent
tag: "13.1"
strategy:
type: Recreate
@ -69,7 +74,7 @@ persistence:
initContainers:
init-postgresdb:
image: postgres:13.1
image: "{{ .Values.postgresqlImage.repository}}:{{ .Values.postgresqlImage.tag }}"
command:
- "sh"
- "-c"

View File

@ -9,6 +9,12 @@ image:
pullPolicy: IfNotPresent
tag: 1.22.2
postgresqlImage:
repository: postgres
pullPolicy: IfNotPresent
tag: 13.4-alpine
envTpl:
DOMAIN: "https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}"
@ -20,7 +26,7 @@ envFrom:
initContainers:
init-postgresdb:
image: postgres:13.1
image: "{{ .Values.postgresqlImage.repository }}:{{ .Values.postgresqlImage.tag }}"
command:
- "sh"
- "-c"

View File

@ -5,6 +5,12 @@ image:
pullPolicy: IfNotPresent
tag: 1.22.2
postgresqlImage:
repository: postgres
pullPolicy: IfNotPresent
tag: 13.4-alpine
strategy:
type: Recreate
@ -91,7 +97,7 @@ ingress:
initContainers:
init-postgresdb:
image: postgres:13.1
image: "{{ .Values.postgresqlImage.repository }}:{{ .Values.postgresqlImage.tag }}"
command:
- "sh"
- "-c"

View File

@ -123,7 +123,7 @@ sync_tag() {
local train="$3"
local chartversion="$4"
echo "Attempting to sync primary tag with appversion for: ${chartname}"
local tag="$(cat ${chart}/values.yaml | grep "^ tag: " | awk -F" " '{ print $2 }')"
local tag="$(cat ${chart}/values.yaml | grep '^ tag: ' | awk -F" " '{ print $2 }' | head -1)"
tag="${tag:-auto}"
tag="${tag#*release-}"
tag="${tag#*version-}"