Add Initial BETA Test release of the Common Chart and testing environment
Co-authored-by: Troy Prelog <tprelog@users.noreply.github.com> Signed-off-by: Kjeld Schouten-Lebbing <kjeld@schouten-lebbing.nl>
This commit is contained in:
parent
9b0999f63d
commit
50d1f93e12
|
@ -38,6 +38,53 @@ class Test < ChartTest
|
|||
end
|
||||
end
|
||||
|
||||
describe 'Environment settings' do
|
||||
it 'Check no environment variables' do
|
||||
values = {}
|
||||
chart.value values
|
||||
assert_nil(resource('Deployment')['spec']['template']['spec']['containers'][0]['env'])
|
||||
end
|
||||
|
||||
it 'set "static" environment variables' do
|
||||
values = {
|
||||
env: {
|
||||
STATIC_ENV: 'value_of_env'
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
jq('.spec.template.spec.containers[0].env[0].name', resource('Deployment')).must_equal values[:env].keys[0].to_s
|
||||
jq('.spec.template.spec.containers[0].env[0].value', resource('Deployment')).must_equal values[:env].values[0].to_s
|
||||
end
|
||||
|
||||
|
||||
it 'set "static" and "Dynamic/Tpl" environment variables' do
|
||||
values = {
|
||||
env: {
|
||||
STATIC_ENV: 'value_of_env'
|
||||
},
|
||||
envTpl: {
|
||||
DYN_ENV: "{{ .Release.Name }}-admin"
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
jq('.spec.template.spec.containers[0].env[0].name', resource('Deployment')).must_equal values[:env].keys[0].to_s
|
||||
jq('.spec.template.spec.containers[0].env[0].value', resource('Deployment')).must_equal values[:env].values[0].to_s
|
||||
jq('.spec.template.spec.containers[0].env[1].name', resource('Deployment')).must_equal values[:envTpl].keys[0].to_s
|
||||
jq('.spec.template.spec.containers[0].env[1].value', resource('Deployment')).must_equal 'common-test-admin'
|
||||
end
|
||||
|
||||
it 'set "Dynamic/Tpl" environment variables' do
|
||||
values = {
|
||||
envTpl: {
|
||||
DYN_ENV: "{{ .Release.Name }}-admin"
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
jq('.spec.template.spec.containers[0].env[0].name', resource('Deployment')).must_equal values[:envTpl].keys[0].to_s
|
||||
jq('.spec.template.spec.containers[0].env[0].value', resource('Deployment')).must_equal 'common-test-admin'
|
||||
end
|
||||
end
|
||||
|
||||
describe 'ports settings' do
|
||||
default_name = 'http'
|
||||
default_port = 8080
|
||||
|
@ -97,5 +144,33 @@ class Test < ChartTest
|
|||
assert_match("Our charts do not support named ports for targetPort. (port name #{default_name}, targetPort #{values[:service][:port][:targetPort]})", exception.message)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'statefulset volumeClaimTemplates' do
|
||||
|
||||
it 'volumeClaimTemplates should be empty by default' do
|
||||
chart.value controllerType: 'statefulset'
|
||||
assert_nil(resource('StatefulSet')['spec']['volumeClaimTemplates'])
|
||||
end
|
||||
|
||||
it 'can set values for volumeClaimTemplates' do
|
||||
values = {
|
||||
controllerType: 'statefulset',
|
||||
volumeClaimTemplates: [
|
||||
{
|
||||
name: 'storage',
|
||||
accessMode: 'ReadWriteOnce',
|
||||
size: '10Gi',
|
||||
storageClass: 'storage'
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
chart.value values
|
||||
jq('.spec.volumeClaimTemplates[0].metadata.name', resource('StatefulSet')).must_equal values[:volumeClaimTemplates][0][:name]
|
||||
jq('.spec.volumeClaimTemplates[0].spec.accessModes[0]', resource('StatefulSet')).must_equal values[:volumeClaimTemplates][0][:accessMode]
|
||||
jq('.spec.volumeClaimTemplates[0].spec.resources.requests.storage', resource('StatefulSet')).must_equal values[:volumeClaimTemplates][0][:size]
|
||||
jq('.spec.volumeClaimTemplates[0].spec.storageClassName', resource('StatefulSet')).must_equal values[:volumeClaimTemplates][0][:storageClass]
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -0,0 +1,14 @@
|
|||
apiVersion: v2
|
||||
name: common-test
|
||||
description: Helper chart to test different use cases of the common library
|
||||
version: 1.1.0
|
||||
keywords:
|
||||
- truecharts
|
||||
- common
|
||||
home: https://github.com/truecharts/truecharts/tree/master/charts/common-test
|
||||
maintainers:
|
||||
- name: truecharts
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: file://../common
|
||||
version: n/a
|
|
@ -0,0 +1,34 @@
|
|||
image:
|
||||
repository: b4bz/homer
|
||||
tag: latest
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
service:
|
||||
port:
|
||||
port: 8080
|
||||
|
||||
ingress:
|
||||
enabled: true
|
||||
|
||||
appIngressEnabled: true
|
||||
appIngress:
|
||||
main:
|
||||
enabled: true
|
||||
|
||||
appVolumesEnabled: false
|
||||
appVolumeMounts:
|
||||
data:
|
||||
enabled: true
|
||||
emptyDir: true
|
||||
datasetName: "data"
|
||||
mountPath: "/data"
|
||||
hostPathEnabled: false
|
||||
hostPath: ""
|
||||
|
||||
probes:
|
||||
liveness:
|
||||
enabled: true
|
||||
readiness:
|
||||
enabled: true
|
||||
startup:
|
||||
enabled: true
|
|
@ -0,0 +1,42 @@
|
|||
image:
|
||||
repository: b4bz/homer
|
||||
tag: latest
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
service:
|
||||
port:
|
||||
port: 8080
|
||||
|
||||
ingress:
|
||||
enabled: true
|
||||
|
||||
appIngressEnabled: true
|
||||
appIngress:
|
||||
main:
|
||||
enabled: true
|
||||
|
||||
persistence:
|
||||
config:
|
||||
enabled: true
|
||||
emptyDir: true
|
||||
mountPath: /www/assets
|
||||
|
||||
appVolumesEnabled: false
|
||||
appVolumeMounts:
|
||||
data:
|
||||
enabled: true
|
||||
emptyDir: true
|
||||
datasetName: "data"
|
||||
mountPath: "/data"
|
||||
hostPathEnabled: false
|
||||
hostPath: ""
|
||||
|
||||
addons:
|
||||
codeserver:
|
||||
enabled: true
|
||||
workingDir: "/www/assets"
|
||||
ingress:
|
||||
enabled: true
|
||||
volumeMounts:
|
||||
- name: config
|
||||
mountPath: /www/assets
|
|
@ -0,0 +1 @@
|
|||
{{ include "common.all" . }}
|
|
@ -0,0 +1,40 @@
|
|||
image:
|
||||
repository: b4bz/homer
|
||||
tag: latest
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
service:
|
||||
port:
|
||||
port: 8080
|
||||
|
||||
ingress:
|
||||
enabled: true
|
||||
|
||||
appIngressEnabled: true
|
||||
appIngress:
|
||||
main:
|
||||
enabled: true
|
||||
mainhttp:
|
||||
enabled: true
|
||||
entrypoint: "web"
|
||||
certType: ""
|
||||
existingcert: ""
|
||||
authForwardURL: ""
|
||||
annotations: {}
|
||||
labels: {}
|
||||
hosts:
|
||||
- host: app.truecharts.placeholder
|
||||
paths:
|
||||
- path: /
|
||||
# Ignored if not kubeVersion >= 1.14-0
|
||||
pathType: Prefix
|
||||
|
||||
appVolumesEnabled: true
|
||||
appVolumeMounts:
|
||||
data:
|
||||
enabled: true
|
||||
emptyDir: true
|
||||
datasetName: "data"
|
||||
mountPath: "/data"
|
||||
hostPathEnabled: false
|
||||
hostPath: ""
|
|
@ -0,0 +1,23 @@
|
|||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*.orig
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
||||
.vscode/
|
|
@ -0,0 +1,91 @@
|
|||
# Changelog
|
||||
All notable changes to this project will be documented in this file.
|
||||
|
||||
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
||||
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
||||
|
||||
## [2.3.0]
|
||||
|
||||
### Added
|
||||
|
||||
- Allow overriding the main container command.
|
||||
- Allow setting Helm templates as environment variables via `envTpl`. The given value is parsed through Helm's `tpl` function, allowing for powerful variable substitution.
|
||||
- Support for defining volumeClaimTemplates for StatefulSet.
|
||||
- Allow the following Pod spec fields to be configurable:
|
||||
- `priorityClassName`
|
||||
- `schedulerName`
|
||||
- `hostname`
|
||||
|
||||
### Fixed
|
||||
|
||||
- `values.yaml` now contains the following sections, these were already functional but were previously undocumented:
|
||||
- `podSecurityContext`
|
||||
- `securityContext`
|
||||
- `resources`
|
||||
|
||||
## [2.2.1]
|
||||
|
||||
### Fixed
|
||||
|
||||
- Made explicit that `service.port.targetPort` cannot be a named port.
|
||||
|
||||
## [2.2.0]
|
||||
|
||||
### Added
|
||||
|
||||
- Allow serviceLinks to be enabled/disabled.
|
||||
- Support for ingressClassName on apiVersion `networking.k8s.io/v1` by setting `ingress.ingressClassName`.
|
||||
- Added some initial proper unit tests for the `common` chart.
|
||||
|
||||
### Changed
|
||||
|
||||
- `service.port.targetPort` is now used in the container spec instead of `service.port.port` if specified. This allows for different service and container ports. (Implements [#465](https://github.com/k8s-at-home/charts/issues/465)).
|
||||
|
||||
### Fixed
|
||||
|
||||
- Document setting environment variables for code-server add-on in `values.yaml` (Fixes [#436](https://github.com/k8s-at-home/charts/issues/436)).
|
||||
- Set service targetPort to the service port name first if no `targetPort` value is given.
|
||||
|
||||
## [2.1.0]
|
||||
|
||||
### Added
|
||||
|
||||
- Allow for additional arguments to be added to code-server runtime via `addons.codeserver.args`
|
||||
|
||||
## [2.0.4]
|
||||
|
||||
### Fixed
|
||||
|
||||
- `periodSeconds` now works for all probe types.
|
||||
|
||||
## [2.0.0]
|
||||
|
||||
### Changed
|
||||
|
||||
- :warning: Updated `probes` logic to support custom probes, it is now possible to set your own custom probes by setting the `probes.[liveness|readiness|startup].custom` value to `true` and configuring them. Default is `false`.
|
||||
- :warning: `addon.vpn.imagePullPolicy` is now `addon.vpn.[openvpn|wireguard].image.pullPolicy`. Default is `IfNotPresent`
|
||||
- [code-server](https://github.com/cdr/code-server) is now an `addon` like `vpn`. This enables a code-server container inside the pod which allows you to modify a configuration in a volume attached to the pod. Default for `addons.codeserver.enabled` is `false`
|
||||
- Added `envFrom` for more configuration with environment variables
|
||||
- Added `dnsConfig` to be configurable
|
||||
- Added support for 1.19+ ingress spec
|
||||
- Added this [CHANGELOG.md](CHANGELOG.md)
|
||||
|
||||
### Fixed
|
||||
|
||||
- `nameOverride` and `fullNameOverride` not in `values.yaml`
|
||||
|
||||
## [1.7.0]
|
||||
|
||||
This is the last version before starting this changelog. All sorts of cool stuff was changed, but only `git log` remembers what that was :slightly_frowning_face:
|
||||
|
||||
[2.2.1]: https://github.com/k8s-at-home/charts/tree/common-2.2.1/charts/common
|
||||
|
||||
[2.2.0]: https://github.com/k8s-at-home/charts/tree/common-2.2.0/charts/common
|
||||
|
||||
[2.1.0]: https://github.com/k8s-at-home/charts/tree/common-2.1.0/charts/common
|
||||
|
||||
[2.0.4]: https://github.com/k8s-at-home/charts/tree/common-2.0.4/charts/common
|
||||
|
||||
[2.0.0]: https://github.com/k8s-at-home/charts/tree/common-2.0.0/charts/common
|
||||
|
||||
[1.7.0]: https://github.com/k8s-at-home/charts/tree/common-1.7.0/charts/common
|
|
@ -0,0 +1,14 @@
|
|||
apiVersion: v2
|
||||
name: common
|
||||
description: Function library for TrueCharts
|
||||
type: library
|
||||
version: 0.10.1
|
||||
# upstream_version: 2.3.0
|
||||
keywords:
|
||||
- truecharts
|
||||
- library-chart
|
||||
- k8s-at-home
|
||||
- common
|
||||
home: https://github.com/truecharts/truecharts/tree/master/common
|
||||
maintainers:
|
||||
- name: truecharts
|
|
@ -0,0 +1,201 @@
|
|||
Apache License
|
||||
Version 2.0, January 2004
|
||||
http://www.apache.org/licenses/
|
||||
|
||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
||||
|
||||
1. Definitions.
|
||||
|
||||
"License" shall mean the terms and conditions for use, reproduction,
|
||||
and distribution as defined by Sections 1 through 9 of this document.
|
||||
|
||||
"Licensor" shall mean the copyright owner or entity authorized by
|
||||
the copyright owner that is granting the License.
|
||||
|
||||
"Legal Entity" shall mean the union of the acting entity and all
|
||||
other entities that control, are controlled by, or are under common
|
||||
control with that entity. For the purposes of this definition,
|
||||
"control" means (i) the power, direct or indirect, to cause the
|
||||
direction or management of such entity, whether by contract or
|
||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
||||
|
||||
"You" (or "Your") shall mean an individual or Legal Entity
|
||||
exercising permissions granted by this License.
|
||||
|
||||
"Source" form shall mean the preferred form for making modifications,
|
||||
including but not limited to software source code, documentation
|
||||
source, and configuration files.
|
||||
|
||||
"Object" form shall mean any form resulting from mechanical
|
||||
transformation or translation of a Source form, including but
|
||||
not limited to compiled object code, generated documentation,
|
||||
and conversions to other media types.
|
||||
|
||||
"Work" shall mean the work of authorship, whether in Source or
|
||||
Object form, made available under the License, as indicated by a
|
||||
copyright notice that is included in or attached to the work
|
||||
(an example is provided in the Appendix below).
|
||||
|
||||
"Derivative Works" shall mean any work, whether in Source or Object
|
||||
form, that is based on (or derived from) the Work and for which the
|
||||
editorial revisions, annotations, elaborations, or other modifications
|
||||
represent, as a whole, an original work of authorship. For the purposes
|
||||
of this License, Derivative Works shall not include works that remain
|
||||
separable from, or merely link (or bind by name) to the interfaces of,
|
||||
the Work and Derivative Works thereof.
|
||||
|
||||
"Contribution" shall mean any work of authorship, including
|
||||
the original version of the Work and any modifications or additions
|
||||
to that Work or Derivative Works thereof, that is intentionally
|
||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
||||
or by an individual or Legal Entity authorized to submit on behalf of
|
||||
the copyright owner. For the purposes of this definition, "submitted"
|
||||
means any form of electronic, verbal, or written communication sent
|
||||
to the Licensor or its representatives, including but not limited to
|
||||
communication on electronic mailing lists, source code control systems,
|
||||
and issue tracking systems that are managed by, or on behalf of, the
|
||||
Licensor for the purpose of discussing and improving the Work, but
|
||||
excluding communication that is conspicuously marked or otherwise
|
||||
designated in writing by the copyright owner as "Not a Contribution."
|
||||
|
||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
||||
on behalf of whom a Contribution has been received by Licensor and
|
||||
subsequently incorporated within the Work.
|
||||
|
||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
copyright license to reproduce, prepare Derivative Works of,
|
||||
publicly display, publicly perform, sublicense, and distribute the
|
||||
Work and such Derivative Works in Source or Object form.
|
||||
|
||||
3. Grant of Patent License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
(except as stated in this section) patent license to make, have made,
|
||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
||||
where such license applies only to those patent claims licensable
|
||||
by such Contributor that are necessarily infringed by their
|
||||
Contribution(s) alone or by combination of their Contribution(s)
|
||||
with the Work to which such Contribution(s) was submitted. If You
|
||||
institute patent litigation against any entity (including a
|
||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
||||
or a Contribution incorporated within the Work constitutes direct
|
||||
or contributory patent infringement, then any patent licenses
|
||||
granted to You under this License for that Work shall terminate
|
||||
as of the date such litigation is filed.
|
||||
|
||||
4. Redistribution. You may reproduce and distribute copies of the
|
||||
Work or Derivative Works thereof in any medium, with or without
|
||||
modifications, and in Source or Object form, provided that You
|
||||
meet the following conditions:
|
||||
|
||||
(a) You must give any other recipients of the Work or
|
||||
Derivative Works a copy of this License; and
|
||||
|
||||
(b) You must cause any modified files to carry prominent notices
|
||||
stating that You changed the files; and
|
||||
|
||||
(c) You must retain, in the Source form of any Derivative Works
|
||||
that You distribute, all copyright, patent, trademark, and
|
||||
attribution notices from the Source form of the Work,
|
||||
excluding those notices that do not pertain to any part of
|
||||
the Derivative Works; and
|
||||
|
||||
(d) If the Work includes a "NOTICE" text file as part of its
|
||||
distribution, then any Derivative Works that You distribute must
|
||||
include a readable copy of the attribution notices contained
|
||||
within such NOTICE file, excluding those notices that do not
|
||||
pertain to any part of the Derivative Works, in at least one
|
||||
of the following places: within a NOTICE text file distributed
|
||||
as part of the Derivative Works; within the Source form or
|
||||
documentation, if provided along with the Derivative Works; or,
|
||||
within a display generated by the Derivative Works, if and
|
||||
wherever such third-party notices normally appear. The contents
|
||||
of the NOTICE file are for informational purposes only and
|
||||
do not modify the License. You may add Your own attribution
|
||||
notices within Derivative Works that You distribute, alongside
|
||||
or as an addendum to the NOTICE text from the Work, provided
|
||||
that such additional attribution notices cannot be construed
|
||||
as modifying the License.
|
||||
|
||||
You may add Your own copyright statement to Your modifications and
|
||||
may provide additional or different license terms and conditions
|
||||
for use, reproduction, or distribution of Your modifications, or
|
||||
for any such Derivative Works as a whole, provided Your use,
|
||||
reproduction, and distribution of the Work otherwise complies with
|
||||
the conditions stated in this License.
|
||||
|
||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
||||
any Contribution intentionally submitted for inclusion in the Work
|
||||
by You to the Licensor shall be under the terms and conditions of
|
||||
this License, without any additional terms or conditions.
|
||||
Notwithstanding the above, nothing herein shall supersede or modify
|
||||
the terms of any separate license agreement you may have executed
|
||||
with Licensor regarding such Contributions.
|
||||
|
||||
6. Trademarks. This License does not grant permission to use the trade
|
||||
names, trademarks, service marks, or product names of the Licensor,
|
||||
except as required for reasonable and customary use in describing the
|
||||
origin of the Work and reproducing the content of the NOTICE file.
|
||||
|
||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
||||
agreed to in writing, Licensor provides the Work (and each
|
||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||
implied, including, without limitation, any warranties or conditions
|
||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
||||
appropriateness of using or redistributing the Work and assume any
|
||||
risks associated with Your exercise of permissions under this License.
|
||||
|
||||
8. Limitation of Liability. In no event and under no legal theory,
|
||||
whether in tort (including negligence), contract, or otherwise,
|
||||
unless required by applicable law (such as deliberate and grossly
|
||||
negligent acts) or agreed to in writing, shall any Contributor be
|
||||
liable to You for damages, including any direct, indirect, special,
|
||||
incidental, or consequential damages of any character arising as a
|
||||
result of this License or out of the use or inability to use the
|
||||
Work (including but not limited to damages for loss of goodwill,
|
||||
work stoppage, computer failure or malfunction, or any and all
|
||||
other commercial damages or losses), even if such Contributor
|
||||
has been advised of the possibility of such damages.
|
||||
|
||||
9. Accepting Warranty or Additional Liability. While redistributing
|
||||
the Work or Derivative Works thereof, You may choose to offer,
|
||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
||||
or other liability obligations and/or rights consistent with this
|
||||
License. However, in accepting such obligations, You may act only
|
||||
on Your own behalf and on Your sole responsibility, not on behalf
|
||||
of any other Contributor, and only if You agree to indemnify,
|
||||
defend, and hold each Contributor harmless for any liability
|
||||
incurred by, or claims asserted against, such Contributor by reason
|
||||
of your accepting any such warranty or additional liability.
|
||||
|
||||
END OF TERMS AND CONDITIONS
|
||||
|
||||
APPENDIX: How to apply the Apache License to your work.
|
||||
|
||||
To apply the Apache License to your work, attach the following
|
||||
boilerplate notice, with the fields enclosed by brackets "[]"
|
||||
replaced with your own identifying information. (Don't include
|
||||
the brackets!) The text should be enclosed in the appropriate
|
||||
comment syntax for the file format. We also recommend that a
|
||||
file or class name and description of purpose be included on the
|
||||
same "printed page" as the copyright notice for easier
|
||||
identification within third-party archives.
|
||||
|
||||
Copyright 2020 k8s@Home
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
|
@ -0,0 +1,99 @@
|
|||
# Library chart for k8s@home media charts
|
||||
|
||||
**WARNING: THIS CHART IS NOT MEANT TO BE INSTALLED DIRECTLY**
|
||||
|
||||
This is a [Helm Library Chart](https://helm.sh/docs/topics/library_charts/#helm). It's purpose is for grouping common logic between the k8s@home charts.
|
||||
|
||||
Since a lot of charts follow the same pattern this library was built to reduce maintenance cost between the charts that use it and try achieve a goal of being DRY.
|
||||
|
||||
## Introduction
|
||||
|
||||
This chart provides common template helpers which can be used to develop new charts using [Helm](https://helm.sh) package manager.
|
||||
|
||||
## :star2: Changelog
|
||||
|
||||
Please refer to [CHANGELOG.md](CHANGELOG.md) for an overview of notable changes to the chart. **This is especially important for major version updates!**
|
||||
|
||||
## TL;DR
|
||||
|
||||
When using one of the many charts that uses this library be sure to view this [values.yaml](./values.yaml) for configuration options. Any setting here can be used to define what values your helm deployment will use.
|
||||
|
||||
For example using the helm CLI tool
|
||||
|
||||
```bash
|
||||
helm install node-red \
|
||||
--set image.repository="nodered/node-red" \
|
||||
--set image.tag="1.2.5" \
|
||||
--set env.TZ="America/New_York" \
|
||||
k8s-at-home/node-red
|
||||
```
|
||||
|
||||
or
|
||||
|
||||
```yaml
|
||||
# node-red-values.yaml
|
||||
image:
|
||||
repository: nodered/node-red
|
||||
tag: 1.2.5
|
||||
env:
|
||||
TZ: America/New_York
|
||||
```
|
||||
|
||||
```bash
|
||||
helm install node-red \
|
||||
--values=./node-red-values.yaml \
|
||||
k8s-at-home/node-red
|
||||
```
|
||||
|
||||
## Creating a new chart
|
||||
|
||||
First be sure to checkout the many charts that already use this like [qBittorrent](../qbittorrent/), [node-red](../node-red/) or the many others in this repository.
|
||||
|
||||
Include this chart as a dependency in your `Chart.yaml` e.g.
|
||||
|
||||
```yaml
|
||||
# Chart.yaml
|
||||
dependencies:
|
||||
- name: common
|
||||
version: x.x.x
|
||||
repository: https://k8s-at-home.com/charts/
|
||||
```
|
||||
|
||||
Write a `values.yaml` with some basic defaults you want to present to the user e.g.
|
||||
|
||||
```yaml
|
||||
# Default values for node-red.
|
||||
|
||||
image:
|
||||
repository: nodered/node-red
|
||||
pullPolicy: IfNotPresent
|
||||
tag: 1.2.5
|
||||
|
||||
strategy:
|
||||
type: Recreate
|
||||
|
||||
# See more environment varaibles in the node-red documentation
|
||||
# https://nodered.org/docs/getting-started/docker
|
||||
env: {}
|
||||
# TZ:
|
||||
# NODE_OPTIONS:
|
||||
# NODE_RED_ENABLE_PROJECTS:
|
||||
# NODE_RED_ENABLE_SAFE_MODE:
|
||||
# FLOWS:
|
||||
|
||||
service:
|
||||
port:
|
||||
port: 1880
|
||||
|
||||
persistence:
|
||||
data:
|
||||
enabled: false
|
||||
emptyDir: false
|
||||
mountPath: /data
|
||||
```
|
||||
|
||||
If testing locally make sure you update the dependencies with:
|
||||
|
||||
```bash
|
||||
helm dependency update
|
||||
```
|
|
@ -0,0 +1,27 @@
|
|||
{{/*
|
||||
Renders the Ingress objects required by the chart by returning a concatinated list
|
||||
of the main Ingress and any additionalIngresses.
|
||||
*/}}
|
||||
{{- define "common.ingress" -}}
|
||||
{{- if .Values.ingress.enabled -}}
|
||||
{{- $svcPort := .Values.service.port.port -}}
|
||||
|
||||
{{- /* Generate primary ingress */ -}}
|
||||
{{- $ingressValues := .Values.ingress -}}
|
||||
{{- $_ := set . "ObjectValues" (dict "ingress" $ingressValues) -}}
|
||||
{{- include "common.classes.ingress" . }}
|
||||
|
||||
{{- /* Generate additional ingresses as required */ -}}
|
||||
{{- range $index, $extraIngress := .Values.ingress.additionalIngresses }}
|
||||
{{- if $extraIngress.enabled -}}
|
||||
{{- print ("---") | nindent 0 -}}
|
||||
{{- $ingressValues := $extraIngress -}}
|
||||
{{- if not $ingressValues.nameSuffix -}}
|
||||
{{- $_ := set $ingressValues "nameSuffix" $index -}}
|
||||
{{ end -}}
|
||||
{{- $_ := set $ "ObjectValues" (dict "ingress" $ingressValues) -}}
|
||||
{{- include "common.classes.ingress" $ -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,39 @@
|
|||
{{/*
|
||||
Main entrypoint for the common library chart. It will render all underlying templates based on the provided values.
|
||||
*/}}
|
||||
{{- define "common.all" -}}
|
||||
{{- /* Merge the local chart values and the common chart defaults */ -}}
|
||||
{{- include "common.values.setup" . }}
|
||||
|
||||
{{- /* Enable code-server add-on if required */ -}}
|
||||
{{- if .Values.addons.codeserver.enabled }}
|
||||
{{- include "common.addon.codeserver" . }}
|
||||
{{- end -}}
|
||||
|
||||
{{- /* Enable VPN add-on if required */ -}}
|
||||
{{- if .Values.addons.vpn.enabled }}
|
||||
{{- include "common.addon.vpn" . }}
|
||||
{{- end -}}
|
||||
|
||||
{{- /* Build the templates */ -}}
|
||||
{{- include "common.pvc" . }}
|
||||
{{- print "---" | nindent 0 -}}
|
||||
{{- if .Values.serviceAccount.create -}}
|
||||
{{- include "common.serviceAccount" . }}
|
||||
{{- print "---" | nindent 0 -}}
|
||||
{{- end -}}
|
||||
{{- if eq .Values.controllerType "deployment" }}
|
||||
{{- include "common.deployment" . | nindent 0 }}
|
||||
{{ else if eq .Values.controllerType "daemonset" }}
|
||||
{{- include "common.daemonset" . | nindent 0 }}
|
||||
{{ else if eq .Values.controllerType "statefulset" }}
|
||||
{{- include "common.statefulset" . | nindent 0 }}
|
||||
{{- end -}}
|
||||
{{- print "---" | nindent 0 -}}
|
||||
{{ include "common.service" . | nindent 0 }}
|
||||
{{ include "custom.appService" . | nindent 0 }}
|
||||
{{- print "---" | nindent 0 -}}
|
||||
{{ include "common.ingress" . | nindent 0 }}
|
||||
{{- print "---" | nindent 0 -}}
|
||||
{{ include "custom.appIngress" . | nindent 0 }}
|
||||
{{- end -}}
|
|
@ -0,0 +1,33 @@
|
|||
{{/*
|
||||
This template serves as the blueprint for the DaemonSet objects that are created
|
||||
within the common library.
|
||||
*/}}
|
||||
{{- define "common.daemonset" -}}
|
||||
apiVersion: {{ include "common.capabilities.daemonset.apiVersion" . }}
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
name: {{ include "common.names.fullname" . }}
|
||||
labels:
|
||||
{{- include "common.labels" . | nindent 4 }}
|
||||
{{- with .Values.controllerLabels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.controllerAnnotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "common.labels.selectorLabels" . | nindent 6 }}
|
||||
template:
|
||||
metadata:
|
||||
{{- with .Values.podAnnotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
labels:
|
||||
{{- include "common.labels.selectorLabels" . | nindent 8 }}
|
||||
spec:
|
||||
{{- include "common.controller.pod" . | nindent 6 }}
|
||||
{{- end }}
|
|
@ -0,0 +1,38 @@
|
|||
{{/*
|
||||
This template serves as the blueprint for the Deployment objects that are created
|
||||
within the common library.
|
||||
*/}}
|
||||
{{- define "common.deployment" -}}
|
||||
apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ include "common.names.fullname" . }}
|
||||
labels:
|
||||
{{- include "common.labels" . | nindent 4 }}
|
||||
{{- with .Values.controllerLabels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.controllerAnnotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
replicas: {{ .Values.replicas }}
|
||||
{{- with .Values.strategy }}
|
||||
strategy:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "common.labels.selectorLabels" . | nindent 6 }}
|
||||
template:
|
||||
metadata:
|
||||
{{- with .Values.podAnnotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
labels:
|
||||
{{- include "common.labels.selectorLabels" . | nindent 8 }}
|
||||
spec:
|
||||
{{- include "common.controller.pod" . | nindent 6 }}
|
||||
{{- end }}
|
|
@ -0,0 +1,27 @@
|
|||
{{/*
|
||||
Renders the Ingress objects required by the chart by returning a concatinated list
|
||||
of the main Ingress and any additionalIngresses.
|
||||
*/}}
|
||||
{{- define "common.ingress" -}}
|
||||
{{- if .Values.ingress.enabled -}}
|
||||
{{- $svcPort := .Values.service.port.port -}}
|
||||
|
||||
{{- /* Generate primary ingress */ -}}
|
||||
{{- $ingressValues := .Values.ingress -}}
|
||||
{{- $_ := set . "ObjectValues" (dict "ingress" $ingressValues) -}}
|
||||
{{- include "common.classes.ingress" . }}
|
||||
|
||||
{{- /* Generate additional ingresses as required */ -}}
|
||||
{{- range $index, $extraIngress := .Values.ingress.additionalIngresses }}
|
||||
{{- if $extraIngress.enabled -}}
|
||||
{{- print ("---") | nindent 0 -}}
|
||||
{{- $ingressValues := $extraIngress -}}
|
||||
{{- if not $ingressValues.nameSuffix -}}
|
||||
{{- $_ := set $ingressValues "nameSuffix" $index -}}
|
||||
{{ end -}}
|
||||
{{- $_ := set $ "ObjectValues" (dict "ingress" $ingressValues) -}}
|
||||
{{- include "common.classes.ingress" $ -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,25 @@
|
|||
{{/*
|
||||
Default NOTES.txt content.
|
||||
*/}}
|
||||
{{- define "common.notes.defaultNotes" -}}
|
||||
{{- $svcPort := .Values.service.port.port -}}
|
||||
1. Get the application URL by running these commands:
|
||||
{{- if .Values.ingress.enabled }}
|
||||
{{- range .Values.ingress.hosts }}
|
||||
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ .host }}{{ (first .paths).path }}
|
||||
{{- end }}
|
||||
{{- else if contains "NodePort" .Values.service.type }}
|
||||
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.names.fullname" . }})
|
||||
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
|
||||
echo http://$NODE_IP:$NODE_PORT
|
||||
{{- else if contains "LoadBalancer" .Values.service.type }}
|
||||
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
|
||||
You can watch the status of by running 'kubectl get svc -w {{ include "common.names.fullname" . }}'
|
||||
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "common.names.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
|
||||
echo http://$SERVICE_IP:{{ $svcPort }}
|
||||
{{- else if contains "ClusterIP" .Values.service.type }}
|
||||
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "common.names.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
|
||||
echo "Visit http://127.0.0.1:8080 to use your application"
|
||||
kubectl port-forward $POD_NAME 8080:{{ $svcPort }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,18 @@
|
|||
{{/*
|
||||
Renders the PersistentVolumeClaim objects required by the chart by returning a concatinated list
|
||||
of all the entries of the persistence key.
|
||||
*/}}
|
||||
{{- define "common.pvc" -}}
|
||||
{{- /* Generate pvc as required */ -}}
|
||||
{{- range $index, $PVC := .Values.persistence }}
|
||||
{{- if and $PVC.enabled (not (or $PVC.emptyDir $PVC.existingClaim)) -}}
|
||||
{{- $persistenceValues := $PVC -}}
|
||||
{{- if not $persistenceValues.nameSuffix -}}
|
||||
{{- $_ := set $persistenceValues "nameSuffix" $index -}}
|
||||
{{- end -}}
|
||||
{{- $_ := set $ "ObjectValues" (dict "persistence" $persistenceValues) -}}
|
||||
{{- print ("---") | nindent 0 -}}
|
||||
{{- include "common.classes.pvc" $ -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,22 @@
|
|||
{{/*
|
||||
Renders the Service objects required by the chart by returning a concatinated list
|
||||
of the main Service and any additionalServices.
|
||||
*/}}
|
||||
{{- define "common.service" -}}
|
||||
{{- if .Values.service.enabled -}}
|
||||
{{- /* Generate primary service */ -}}
|
||||
{{- include "common.classes.service" . }}
|
||||
{{- /* Generate additional services as required */ -}}
|
||||
{{- range $index, $extraService := .Values.service.additionalServices }}
|
||||
{{- if $extraService.enabled -}}
|
||||
{{- print ("---") | nindent 0 -}}
|
||||
{{- $serviceValues := $extraService -}}
|
||||
{{- if not $serviceValues.nameSuffix -}}
|
||||
{{- $_ := set $serviceValues "nameSuffix" $index -}}
|
||||
{{ end -}}
|
||||
{{- $_ := set $ "ObjectValues" (dict "service" $serviceValues) -}}
|
||||
{{- include "common.classes.service" $ -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,15 @@
|
|||
{{/*
|
||||
The ServiceAccount object to be created.
|
||||
*/}}
|
||||
{{- define "common.serviceAccount" -}}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ include "common.names.serviceAccountName" . }}
|
||||
labels:
|
||||
{{- include "common.labels" . | nindent 4 }}
|
||||
{{- with .Values.serviceAccount.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,53 @@
|
|||
{{/*
|
||||
This template serves as the blueprint for the StatefulSet objects that are created
|
||||
within the common library.
|
||||
*/}}
|
||||
{{- define "common.statefulset" -}}
|
||||
apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }}
|
||||
kind: StatefulSet
|
||||
metadata:
|
||||
name: {{ include "common.names.fullname" . }}
|
||||
labels:
|
||||
{{- include "common.labels" . | nindent 4 }}
|
||||
{{- with .Values.controllerLabels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.controllerAnnotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
replicas: {{ .Values.replicas }}
|
||||
{{- with .Values.strategy }}
|
||||
updateStrategy:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "common.labels.selectorLabels" . | nindent 6 }}
|
||||
serviceName: {{ include "common.names.fullname" . }}
|
||||
template:
|
||||
metadata:
|
||||
{{- with .Values.podAnnotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
labels:
|
||||
{{- include "common.labels.selectorLabels" . | nindent 8 }}
|
||||
spec:
|
||||
{{- include "common.controller.pod" . | nindent 6 }}
|
||||
volumeClaimTemplates:
|
||||
{{- range $index, $vct := .Values.volumeClaimTemplates }}
|
||||
- metadata:
|
||||
name: {{ $vct.name }}
|
||||
spec:
|
||||
accessModes:
|
||||
- {{ required (printf "accessMode is required for vCT %v" $vct.name) $vct.accessMode | quote }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ required (printf "size is required for PVC %v" $vct.name) $vct.size | quote }}
|
||||
{{- if $vct.storageClass }}
|
||||
storageClassName: {{ if (eq "-" $vct.storageClass) }}""{{- else }}{{ $vct.storageClass | quote }}{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,44 @@
|
|||
{{/*
|
||||
Template to render code-server addon
|
||||
It will include / inject the required templates based on the given values.
|
||||
*/}}
|
||||
{{- define "common.addon.codeserver" -}}
|
||||
{{- if .Values.addons.codeserver.enabled -}}
|
||||
{{/* Append the code-server container to the additionalContainers */}}
|
||||
{{- $container := include "common.addon.codeserver.container" . | fromYaml -}}
|
||||
{{- if $container -}}
|
||||
{{- $additionalContainers := append .Values.additionalContainers $container -}}
|
||||
{{- $_ := set .Values "additionalContainers" $additionalContainers -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/* Add the code-server service */}}
|
||||
{{- if .Values.addons.codeserver.service.enabled -}}
|
||||
{{- print ("---") | nindent 0 -}}
|
||||
{{- $serviceValues := .Values.addons.codeserver.service -}}
|
||||
{{- if not $serviceValues.nameSuffix -}}
|
||||
{{- $_ := set $serviceValues "nameSuffix" "codeserver" -}}
|
||||
{{ end -}}
|
||||
{{- $_ := set $ "ObjectValues" (dict "service" $serviceValues) -}}
|
||||
{{- include "common.classes.service" $ -}}
|
||||
{{- $_ := unset $ "ObjectValues" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/* Add the code-server ingress */}}
|
||||
{{- if .Values.addons.codeserver.ingress.enabled -}}
|
||||
{{- print ("---") | nindent 0 -}}
|
||||
{{- $ingressValues := .Values.addons.codeserver.ingress -}}
|
||||
{{- if not $ingressValues.nameSuffix -}}
|
||||
{{- $_ := set $ingressValues "nameSuffix" "codeserver" -}}
|
||||
{{ end -}}
|
||||
|
||||
{{/* Determine the target service name & port */}}
|
||||
{{- $svcName := printf "%v-%v" (include "common.names.fullname" .) .Values.addons.codeserver.service.nameSuffix -}}
|
||||
{{- $_ := set $ingressValues "serviceName" $svcName -}}
|
||||
{{- $_ := set $ingressValues "servicePort" .Values.addons.codeserver.service.port.port -}}
|
||||
|
||||
{{- $_ := set $ "ObjectValues" (dict "ingress" $ingressValues) -}}
|
||||
{{- include "common.classes.ingress" $ -}}
|
||||
{{- $_ := unset $ "ObjectValues" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,41 @@
|
|||
{{/*
|
||||
The code-server sidecar container to be inserted.
|
||||
*/}}
|
||||
{{- define "common.addon.codeserver.container" -}}
|
||||
{{- if lt (len .Values.addons.codeserver.volumeMounts) 1 }}
|
||||
{{- fail "At least 1 volumeMount is required for codeserver container" }}
|
||||
{{- end -}}
|
||||
name: codeserver
|
||||
image: "{{ .Values.addons.codeserver.image.repository }}:{{ .Values.addons.codeserver.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.addons.codeserver.pullPolicy }}
|
||||
{{- with .Values.addons.codeserver.securityContext }}
|
||||
securityContext:
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end }}
|
||||
{{- with .Values.addons.codeserver.env }}
|
||||
env:
|
||||
{{- range $k, $v := . }}
|
||||
- name: {{ $k }}
|
||||
value: {{ $v | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: {{ .Values.addons.codeserver.service.port.name }}
|
||||
containerPort: {{ .Values.addons.codeserver.service.port.port }}
|
||||
protocol: TCP
|
||||
args:
|
||||
{{- range .Values.addons.codeserver.args }}
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
- "--port"
|
||||
- "{{ .Values.addons.codeserver.service.port.port }}"
|
||||
- {{ .Values.addons.codeserver.workingDir | default (first .Values.addons.codeserver.volumeMounts).mountPath }}
|
||||
{{- with .Values.addons.codeserver.volumeMounts }}
|
||||
volumeMounts:
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end }}
|
||||
{{- with .Values.addons.codeserver.resources }}
|
||||
resources:
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
|
@ -0,0 +1,26 @@
|
|||
{{/*
|
||||
The VPN config and scripts to be included.
|
||||
*/}}
|
||||
{{- define "common.addon.vpn.configmap" -}}
|
||||
{{- if or .Values.addons.vpn.configFile .Values.addons.vpn.scripts.up .Values.addons.vpn.scripts.down }}
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ include "common.names.fullname" . }}-vpn
|
||||
labels:
|
||||
{{- include "common.labels" . | nindent 4 }}
|
||||
data:
|
||||
{{- with .Values.addons.vpn.configFile }}
|
||||
vpnConfigfile: |-
|
||||
{{- . | nindent 4}}
|
||||
{{- end }}
|
||||
{{- with .Values.addons.vpn.scripts.up }}
|
||||
up.sh: |-
|
||||
{{- . | nindent 4}}
|
||||
{{- end }}
|
||||
{{- with .Values.addons.vpn.scripts.down }}
|
||||
down.sh: |-
|
||||
{{- . | nindent 4}}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,21 @@
|
|||
{{/*
|
||||
Blueprint for the NetworkPolicy object that can be included in the addon.
|
||||
*/}}
|
||||
{{- define "common.addon.vpn.networkpolicy" -}}
|
||||
{{- if .Values.addons.vpn.networkPolicy.enabled -}}
|
||||
kind: NetworkPolicy
|
||||
apiVersion: networking.k8s.io/v1
|
||||
metadata:
|
||||
name: {{ include "common.names.fullname" . }}
|
||||
spec:
|
||||
podSelector:
|
||||
matchLabels:
|
||||
{{- include "common.labels.selectorLabels" . | nindent 6 }}
|
||||
policyTypes:
|
||||
- Egress
|
||||
egress:
|
||||
{{- with .Values.addons.vpn.networkPolicy.egress }}
|
||||
{{- . | toYaml | nindent 4 }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,25 @@
|
|||
{{/*
|
||||
The volume (referencing VPN config and scripts) to be inserted into additionalVolumes.
|
||||
*/}}
|
||||
{{- define "common.addon.vpn.volume" -}}
|
||||
{{- if or .Values.addons.vpn.configFile .Values.addons.vpn.scripts.up .Values.addons.vpn.scripts.down -}}
|
||||
name: vpnconfig
|
||||
configMap:
|
||||
name: {{ include "common.names.fullname" . }}-vpn
|
||||
items:
|
||||
{{- if .Values.addons.vpn.configFile }}
|
||||
- key: vpnConfigfile
|
||||
path: vpnConfigfile
|
||||
{{- end }}
|
||||
{{- if .Values.addons.vpn.scripts.up }}
|
||||
- key: up.sh
|
||||
path: up.sh
|
||||
mode: 0777
|
||||
{{- end }}
|
||||
{{- if .Values.addons.vpn.scripts.down }}
|
||||
- key: down.sh
|
||||
path: down.sh
|
||||
mode: 0777
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,36 @@
|
|||
{{/*
|
||||
Template to render VPN addon
|
||||
It will include / inject the required templates based on the given values.
|
||||
*/}}
|
||||
{{- define "common.addon.vpn" -}}
|
||||
{{- if .Values.addons.vpn.enabled -}}
|
||||
{{- if eq "openvpn" .Values.addons.vpn.type -}}
|
||||
{{- include "common.addon.openvpn" . }}
|
||||
{{- end -}}
|
||||
|
||||
{{- if eq "wireguard" .Values.addons.vpn.type -}}
|
||||
{{- include "common.addon.wireguard" . }}
|
||||
{{- end -}}
|
||||
|
||||
{{/* Include the configmap if not empty */}}
|
||||
{{- $configmap := include "common.addon.vpn.configmap" . -}}
|
||||
{{- if $configmap -}}
|
||||
{{- print "---" | nindent 0 -}}
|
||||
{{- $configmap | nindent 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/* Append the vpn config volume to the additionalVolumes */}}
|
||||
{{- $volume := include "common.addon.vpn.volume" . | fromYaml -}}
|
||||
{{- if $volume -}}
|
||||
{{- $additionalVolumes := append .Values.additionalVolumes $volume }}
|
||||
{{- $_ := set .Values "additionalVolumes" $additionalVolumes -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/* Include the networkpolicy if not empty */}}
|
||||
{{- $networkpolicy := include "common.addon.vpn.networkpolicy" . -}}
|
||||
{{- if $networkpolicy -}}
|
||||
{{- print "---" | nindent 0 -}}
|
||||
{{- $networkpolicy | nindent 0 -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,19 @@
|
|||
{{/*
|
||||
Template to render OpenVPN addon. It will add the container to the list of additionalContainers
|
||||
and add a credentials secret if speciffied.
|
||||
*/}}
|
||||
{{- define "common.addon.openvpn" -}}
|
||||
{{/* Append the openVPN container to the additionalContainers */}}
|
||||
{{- $container := include "common.addon.openvpn.container" . | fromYaml -}}
|
||||
{{- if $container -}}
|
||||
{{- $additionalContainers := append .Values.additionalContainers $container -}}
|
||||
{{- $_ := set .Values "additionalContainers" $additionalContainers -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/* Include the secret if not empty */}}
|
||||
{{- $secret := include "common.addon.openvpn.secret" . -}}
|
||||
{{- if $secret -}}
|
||||
{{- print "---" | nindent 0 -}}
|
||||
{{- $secret | nindent 0 -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,61 @@
|
|||
{{/*
|
||||
The OpenVPN sidecar container to be inserted.
|
||||
*/}}
|
||||
{{- define "common.addon.openvpn.container" -}}
|
||||
name: openvpn
|
||||
image: "{{ .Values.addons.vpn.openvpn.image.repository }}:{{ .Values.addons.vpn.openvpn.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.addons.vpn.openvpn.pullPolicy }}
|
||||
{{- with .Values.addons.vpn.securityContext }}
|
||||
securityContext:
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end }}
|
||||
{{- with .Values.addons.vpn.env }}
|
||||
env:
|
||||
{{- range $k, $v := . }}
|
||||
- name: {{ $k }}
|
||||
value: {{ $v | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if or .Values.addons.vpn.openvpn.auth .Values.addons.vpn.openvpn.authSecret }}
|
||||
envFrom:
|
||||
- secretRef:
|
||||
{{- if .Values.addons.vpn.openvpn.authSecret }}
|
||||
name: {{ .Values.addons.vpn.openvpn.authSecret }}
|
||||
{{- else }}
|
||||
name: {{ include "common.names.fullname" . }}-openvpn
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if or .Values.addons.vpn.configFile .Values.addons.vpn.scripts.up .Values.addons.vpn.scripts.down .Values.addons.vpn.additionalVolumeMounts .Values.persistence.shared.enabled }}
|
||||
volumeMounts:
|
||||
{{- if .Values.addons.vpn.configFile }}
|
||||
- name: vpnconfig
|
||||
mountPath: /vpn/vpn.conf
|
||||
subPath: vpnConfigfile
|
||||
{{- end }}
|
||||
{{- if .Values.addons.vpn.scripts.up }}
|
||||
- name: vpnconfig
|
||||
mountPath: /vpn/up.sh
|
||||
subPath: up.sh
|
||||
{{- end }}
|
||||
{{- if .Values.addons.vpn.scripts.down }}
|
||||
- name: vpnconfig
|
||||
mountPath: /vpn/down.sh
|
||||
subPath: down.sh
|
||||
{{- end }}
|
||||
{{- if .Values.persistence.shared.enabled }}
|
||||
- mountPath: {{ .Values.persistence.shared.mountPath }}
|
||||
name: shared
|
||||
{{- end }}
|
||||
{{- with .Values.addons.vpn.additionalVolumeMounts }}
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- with .Values.addons.vpn.livenessProbe }}
|
||||
livenessProbe:
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end -}}
|
||||
{{- with .Values.addons.vpn.resources }}
|
||||
resources:
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
|
@ -0,0 +1,15 @@
|
|||
{{/*
|
||||
The OpenVPN credentials secrets to be included.
|
||||
*/}}
|
||||
{{- define "common.addon.openvpn.secret" -}}
|
||||
{{- with .Values.addons.vpn.openvpn.auth -}}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ include "common.names.fullname" $ }}-openvpn
|
||||
labels:
|
||||
{{- include "common.labels" $ | nindent 4 }}
|
||||
data:
|
||||
VPN_AUTH: {{ . | b64enc }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,12 @@
|
|||
{{/*
|
||||
Template to render Wireguard addon. It will add the container to the list of additionalContainers.
|
||||
*/}}
|
||||
*/}}
|
||||
{{- define "common.addon.wireguard" -}}
|
||||
{{/* Append the Wireguard container to the additionalContainers */}}
|
||||
{{- $container := fromYaml (include "common.addon.wireguard.container" .) -}}
|
||||
{{- if $container -}}
|
||||
{{- $additionalContainers := append .Values.additionalContainers $container -}}
|
||||
{{- $_ := set .Values "additionalContainers" $additionalContainers -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,52 @@
|
|||
{{/*
|
||||
The Wireguard sidecar container to be inserted.
|
||||
*/}}
|
||||
{{- define "common.addon.wireguard.container" -}}
|
||||
name: wireguard
|
||||
image: "{{ .Values.addons.vpn.wireguard.image.repository }}:{{ .Values.addons.vpn.wireguard.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.addons.vpn.wireguard.pullPolicy }}
|
||||
{{- with .Values.addons.vpn.securityContext }}
|
||||
securityContext:
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end }}
|
||||
{{- with .Values.addons.vpn.env }}
|
||||
env:
|
||||
{{- range $k, $v := . }}
|
||||
- name: {{ $k }}
|
||||
value: {{ $v | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if or .Values.addons.vpn.configFile .Values.addons.vpn.scripts.up .Values.addons.vpn.scripts.down .Values.addons.vpn.additionalVolumeMounts .Values.persistence.shared.enabled }}
|
||||
volumeMounts:
|
||||
{{- if .Values.addons.vpn.configFile }}
|
||||
- name: vpnconfig
|
||||
mountPath: /etc/wireguard/wg0.conf
|
||||
subPath: vpnConfigfile
|
||||
{{- end }}
|
||||
{{- if .Values.addons.vpn.scripts.up }}
|
||||
- name: vpnconfig
|
||||
mountPath: /config/up.sh
|
||||
subPath: up.sh
|
||||
{{- end }}
|
||||
{{- if .Values.addons.vpn.scripts.down }}
|
||||
- name: vpnconfig
|
||||
mountPath: /config/down.sh
|
||||
subPath: down.sh
|
||||
{{- end }}
|
||||
{{- if .Values.persistence.shared.enabled }}
|
||||
- mountPath: {{ .Values.persistence.shared.mountPath }}
|
||||
name: shared
|
||||
{{- end }}
|
||||
{{- with .Values.addons.vpn.additionalVolumeMounts }}
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- with .Values.addons.vpn.livenessProbe }}
|
||||
livenessProbe:
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end -}}
|
||||
{{- with .Values.addons.vpn.resources }}
|
||||
resources:
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
|
@ -0,0 +1,66 @@
|
|||
{{/*
|
||||
This template serves as a blueprint for all Ingress objects that are created
|
||||
within the common library.
|
||||
*/}}
|
||||
{{- define "common.classes.ingress" -}}
|
||||
{{- $ingressName := include "common.names.fullname" . -}}
|
||||
{{- $values := .Values.ingress -}}
|
||||
{{- if hasKey . "ObjectValues" -}}
|
||||
{{- with .ObjectValues.ingress -}}
|
||||
{{- $values = . -}}
|
||||
{{- end -}}
|
||||
{{ end -}}
|
||||
{{- if hasKey $values "nameSuffix" -}}
|
||||
{{- $ingressName = printf "%v-%v" $ingressName $values.nameSuffix -}}
|
||||
{{ end -}}
|
||||
{{- $svcName := $values.serviceName | default (include "common.names.fullname" .) -}}
|
||||
{{- $svcPort := $values.servicePort | default $.Values.service.port.port -}}
|
||||
apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }}
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ $ingressName }}
|
||||
labels:
|
||||
{{- include "common.labels" . | nindent 4 }}
|
||||
{{- with $values.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if eq (include "common.capabilities.ingress.apiVersion" $) "networking.k8s.io/v1" }}
|
||||
{{- if $values.ingressClassName }}
|
||||
ingressClassName: {{ $values.ingressClassName }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if $values.tls }}
|
||||
tls:
|
||||
{{- range $values.tls }}
|
||||
- hosts:
|
||||
{{- range .hosts }}
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
secretName: {{ .secretName }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
rules:
|
||||
{{- range $values.hosts }}
|
||||
- host: {{ .host | quote }}
|
||||
http:
|
||||
paths:
|
||||
{{- range .paths }}
|
||||
- path: {{ .path }}
|
||||
{{- if eq (include "common.capabilities.ingress.apiVersion" $) "networking.k8s.io/v1" }}
|
||||
pathType: Prefix
|
||||
{{- end }}
|
||||
backend:
|
||||
{{- if eq (include "common.capabilities.ingress.apiVersion" $) "networking.k8s.io/v1" }}
|
||||
service:
|
||||
name: {{ $svcName }}
|
||||
port:
|
||||
number: {{ $svcPort }}
|
||||
{{- else }}
|
||||
serviceName: {{ $svcName }}
|
||||
servicePort: {{ $svcPort }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,40 @@
|
|||
{{/*
|
||||
This template serves as a blueprint for all PersistentVolumeClaim objects that are created
|
||||
within the common library.
|
||||
*/}}
|
||||
{{- define "common.classes.pvc" -}}
|
||||
{{- $values := .Values.persistence -}}
|
||||
{{- if hasKey . "ObjectValues" -}}
|
||||
{{- with .ObjectValues.persistence -}}
|
||||
{{- $values = . -}}
|
||||
{{- end -}}
|
||||
{{ end -}}
|
||||
{{- $pvcName := include "common.names.fullname" . -}}
|
||||
{{- if hasKey $values "nameSuffix" -}}
|
||||
{{- $pvcName = printf "%v-%v" $pvcName $values.nameSuffix -}}
|
||||
{{ end -}}
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: {{ $pvcName }}
|
||||
{{- if or $values.skipuninstall $values.annotations }}
|
||||
annotations:
|
||||
{{- if $values.skipuninstall }}
|
||||
"helm.sh/resource-policy": keep
|
||||
{{- end }}
|
||||
{{- with $values.annotations }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
labels:
|
||||
{{- include "common.labels" . | nindent 4 }}
|
||||
spec:
|
||||
accessModes:
|
||||
- {{ required (printf "accessMode is required for PVC %v" $pvcName) $values.accessMode | quote }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ required (printf "size is required for PVC %v" $pvcName) $values.size | quote }}
|
||||
{{- if $values.storageClass }}
|
||||
storageClassName: {{ if (eq "-" $values.storageClass) }}""{{- else }}{{ $values.storageClass | quote }}{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
|
@ -0,0 +1,68 @@
|
|||
{{/*
|
||||
This template serves as a blueprint for all Service objects that are created
|
||||
within the common library.
|
||||
*/}}
|
||||
{{- define "common.classes.service" -}}
|
||||
{{- $values := .Values.service -}}
|
||||
{{- if hasKey . "ObjectValues" -}}
|
||||
{{- with .ObjectValues.service -}}
|
||||
{{- $values = . -}}
|
||||
{{- end -}}
|
||||
{{ end -}}
|
||||
{{- $serviceName := include "common.names.fullname" . -}}
|
||||
{{- if hasKey $values "nameSuffix" -}}
|
||||
{{- $serviceName = printf "%v-%v" $serviceName $values.nameSuffix -}}
|
||||
{{ end -}}
|
||||
{{- $svcType := $values.type | default "" -}}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ $serviceName }}
|
||||
labels:
|
||||
{{- include "common.labels" . | nindent 4 }}
|
||||
{{- if $values.labels }}
|
||||
{{ toYaml $values.labels | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with $values.annotations }}
|
||||
annotations:
|
||||
{{ toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if (or (eq $svcType "ClusterIP") (empty $svcType)) }}
|
||||
type: ClusterIP
|
||||
{{- if $values.clusterIP }}
|
||||
clusterIP: {{ $values.clusterIP }}
|
||||
{{end}}
|
||||
{{- else if eq $svcType "LoadBalancer" }}
|
||||
type: {{ $svcType }}
|
||||
{{- if $values.loadBalancerIP }}
|
||||
loadBalancerIP: {{ $values.loadBalancerIP }}
|
||||
{{- end }}
|
||||
{{- if $values.externalTrafficPolicy }}
|
||||
externalTrafficPolicy: {{ $values.externalTrafficPolicy }}
|
||||
{{- end }}
|
||||
{{- if $values.loadBalancerSourceRanges }}
|
||||
loadBalancerSourceRanges:
|
||||
{{ toYaml $values.loadBalancerSourceRanges | nindent 4 }}
|
||||
{{- end -}}
|
||||
{{- else }}
|
||||
type: {{ $svcType }}
|
||||
{{- end }}
|
||||
{{- if $values.sessionAffinity }}
|
||||
sessionAffinity: {{ $values.sessionAffinity }}
|
||||
{{- if $values.sessionAffinityConfig }}
|
||||
sessionAffinityConfig:
|
||||
{{ toYaml $values.sessionAffinityConfig | nindent 4 }}
|
||||
{{- end -}}
|
||||
{{- end }}
|
||||
{{- with $values.externalIPs }}
|
||||
externalIPs:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if $values.publishNotReadyAddresses }}
|
||||
publishNotReadyAddresses: {{ $values.publishNotReadyAddresses }}
|
||||
{{- end }}
|
||||
{{- include "common.classes.service.ports" (dict "svcType" $svcType "values" $values ) | trim | nindent 2 }}
|
||||
selector:
|
||||
{{- include "common.labels.selectorLabels" . | nindent 4 }}
|
||||
{{- end }}
|
|
@ -0,0 +1,23 @@
|
|||
{{/*
|
||||
Render all the ports and additionalPorts for a Service object.
|
||||
*/}}
|
||||
{{- define "common.classes.service.ports" -}}
|
||||
{{- $ports := list -}}
|
||||
{{- $values := .values -}}
|
||||
{{- $ports = mustAppend $ports $values.port -}}
|
||||
{{- range $_ := $values.additionalPorts -}}
|
||||
{{- $ports = mustAppend $ports . -}}
|
||||
{{- end }}
|
||||
{{- if $ports -}}
|
||||
ports:
|
||||
{{- range $_ := $ports }}
|
||||
- port: {{ .port }}
|
||||
targetPort: {{ .targetPort | default .name | default "http" }}
|
||||
protocol: {{ .protocol | default "TCP" }}
|
||||
name: {{ .name | default "http" }}
|
||||
{{- if (and (eq $.svcType "NodePort") (not (empty .nodePort))) }}
|
||||
nodePort: {{ .nodePort }}
|
||||
{{ end }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end }}
|
|
@ -0,0 +1,19 @@
|
|||
{{/*
|
||||
Renders the additioanl Service objects from appAdditionalServices
|
||||
*/}}
|
||||
{{- define "custom.appService" -}}
|
||||
{{- /* Generate TrueNAS SCALE app services as required v1 */ -}}
|
||||
{{- if and .Values.appAdditionalServicesEnabled .Values.appAdditionalServices -}}
|
||||
{{- range $name, $srv := .Values.appAdditionalServices }}
|
||||
{{- if $srv.enabled -}}
|
||||
{{- print ("---") | nindent 0 -}}
|
||||
{{- $serviceValues := $srv -}}
|
||||
{{- if not $serviceValues.nameSuffix -}}
|
||||
{{- $_ := set $serviceValues "nameSuffix" $name -}}
|
||||
{{ end -}}
|
||||
{{- $_ := set $ "ObjectValues" (dict "service" $serviceValues) -}}
|
||||
{{- include "common.classes.service" $ -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,52 @@
|
|||
{{/*
|
||||
Retrieve host path from ix volumes based on dataset name
|
||||
*/}}
|
||||
{{- define "retrieveHostPathFromiXVolume" -}}
|
||||
{{- range $index, $hostPathConfiguration := $.ixVolumes }}
|
||||
{{- $dsName := base $hostPathConfiguration.hostPath -}}
|
||||
{{- if eq $.datasetName $dsName -}}
|
||||
{{- $hostPathConfiguration.hostPath -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Define appVolumeMounts for container
|
||||
*/}}
|
||||
{{- define "configuredAppVolumeMounts" -}}
|
||||
{{- if and .Values.appVolumesEnabled .Values.appVolumeMounts }}
|
||||
{{- range $name, $avm := .Values.appVolumeMounts -}}
|
||||
{{- if $avm.enabled }}
|
||||
- name: {{ $name }}
|
||||
mountPath: {{ $avm.mountPath }}
|
||||
{{- if $avm.subPath }}
|
||||
subPath: {{ $avm.subPath }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Define hostPath for appVolumes
|
||||
*/}}
|
||||
{{- define "configuredAppVolumes" -}}
|
||||
{{- if and .Values.appVolumesEnabled .Values.appVolumeMounts }}
|
||||
{{- range $name, $av := .Values.appVolumeMounts -}}
|
||||
{{- if $av.enabled }}
|
||||
- name: {{ $name }}
|
||||
{{- if or $av.emptyDir $.Values.emptyDirVolumes }}
|
||||
emptyDir: {}
|
||||
{{- else }}
|
||||
hostPath:
|
||||
{{ if $av.hostPathEnabled }}
|
||||
path: {{ required "hostPath not set" $av.hostPath }}
|
||||
{{- else }}
|
||||
{{- $volDict := dict "datasetName" $av.datasetName "ixVolumes" $.Values.ixVolumes -}}
|
||||
path: {{ include "retrieveHostPathFromiXVolume" $volDict }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
|
@ -0,0 +1,35 @@
|
|||
{{/*
|
||||
Renders the additional ingress objects from appIngress
|
||||
*/}}
|
||||
{{- define "custom.appIngress" -}}
|
||||
{{- /* Generate TrueNAS SCALE app services as required v1 */ -}}
|
||||
{{- if .Values.appIngress -}}
|
||||
{{- range $name, $ingr := .Values.appIngress }}
|
||||
{{- if $ingr.enabled -}}
|
||||
{{- print ("---") | nindent 0 -}}
|
||||
{{- $ingressValues := $ingr -}}
|
||||
{{- if not $ingressValues.nameSuffix -}}
|
||||
{{- $_ := set $ingressValues "nameSuffix" $name -}}
|
||||
{{ end -}}
|
||||
{{- $_ := set $ "ObjectValues" (dict "appIngress" $ingressValues) -}}
|
||||
{{- if $ingressValues.type -}}
|
||||
{{- if eq $ingressValues.type "UDP" -}}
|
||||
{{- include "custom.classes.appIngressUDP" $ }}
|
||||
{{- else if eq $ingressValues.type "TCP" -}}
|
||||
{{- include "custom.classes.appIngressTCP" $ }}
|
||||
{{- else }}
|
||||
{{- include "custom.classes.appIngressHTTP" $ }}
|
||||
{{- if $ingressValues.authForwardURL }}
|
||||
{{- include "custom.classes.appAuthForward" $ }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
{{- include "custom.classes.appIngressHTTP" $ }}
|
||||
{{- if $ingressValues.authForwardURL }}
|
||||
{{- include "custom.classes.appAuthForward" $ }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,31 @@
|
|||
{{/*
|
||||
Renders the additioanl authForward objects from appAuthForward
|
||||
*/}}
|
||||
{{- define "custom.classes.appAuthForward" -}}
|
||||
{{- /* Generate TrueNAS SCALE app services as required v1 */ -}}
|
||||
{{- $values := .Values.appIngress -}}
|
||||
{{- if hasKey . "ObjectValues" -}}
|
||||
{{- with .ObjectValues.appIngress -}}
|
||||
{{- $values = . -}}
|
||||
{{- end -}}
|
||||
{{ end -}}
|
||||
{{- $authForwardName := include "common.names.fullname" . -}}
|
||||
{{- if hasKey $values "nameSuffix" -}}
|
||||
{{- $authForwardName = printf "%v-%v" $authForwardName $values.nameSuffix -}}
|
||||
{{ end -}}
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: {{ $authForwardName }}
|
||||
spec:
|
||||
forwardAuth:
|
||||
address: {{ $values.authForwardURL }}
|
||||
tls:
|
||||
insecureSkipVerify: true
|
||||
rustForwardHeader: true
|
||||
authResponseHeaders:
|
||||
- Remote-User
|
||||
- Remote-Groups
|
||||
- Remote-Name
|
||||
- Remote-Email
|
||||
{{- end }}
|
|
@ -0,0 +1,78 @@
|
|||
{{/*
|
||||
This template serves as a blueprint for all appIngress objects that are created
|
||||
within the common library.
|
||||
*/}}
|
||||
{{- define "custom.classes.appIngressHTTP" -}}
|
||||
{{- $values := .Values.appIngress -}}
|
||||
{{- if hasKey . "ObjectValues" -}}
|
||||
{{- with .ObjectValues.appIngress -}}
|
||||
{{- $values = . -}}
|
||||
{{- end -}}
|
||||
{{ end -}}
|
||||
{{- $IngressName := include "common.names.fullname" . -}}
|
||||
{{- if hasKey $values "nameSuffix" -}}
|
||||
{{- $IngressName = printf "%v-%v" $IngressName $values.nameSuffix -}}
|
||||
{{ end -}}
|
||||
{{- $svcName := $values.serviceName | default (include "common.names.fullname" .) -}}
|
||||
{{- $svcPort := $values.servicePort | default $.Values.service.port.port -}}
|
||||
apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }}
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ $IngressName }}
|
||||
labels:
|
||||
{{- include "common.labels" . | nindent 4 }}
|
||||
annotations:
|
||||
{{- if or (eq $values.certType "letsencrypt-prod") (eq $values.certType "letsencrypt-staging") }}
|
||||
cert-manager.io/cluster-issuer: {{ $values.certType }}
|
||||
{{- end }}
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: {{ $values.entrypoint }}
|
||||
traefik.ingress.kubernetes.io/router.middlewares: traefik-middlewares-chain-public@kubernetescrd
|
||||
{{- if $values.authForwardURL }}
|
||||
traefik.ingress.kubernetes.io/router.middlewares: {{ $IngressName }}
|
||||
{{- end }}
|
||||
{{- with $values.annotations }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if eq (include "common.capabilities.ingress.apiVersion" $) "networking.k8s.io/v1" }}
|
||||
{{- if $values.IngressClassName }}
|
||||
IngressClassName: {{ $values.appIngressHTTPClassName }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if $values.certType }}
|
||||
tls:
|
||||
{{- if eq $values.certType "selfsigned" -}}{{ else if eq $values.certType "existingcert" }}
|
||||
secretName: {{ $values.existingcert }}
|
||||
{{ else if eq $values.certType "wildcard" }}
|
||||
secretName: wilddcardcert
|
||||
{{ else }}
|
||||
- hosts:
|
||||
{{- range $values.hosts }}
|
||||
- {{ .host | quote }}
|
||||
{{- end }}
|
||||
secretName: {{ $IngressName }}-tls-secret
|
||||
{{ end }}
|
||||
{{- end }}
|
||||
rules:
|
||||
{{- range $values.hosts }}
|
||||
- host: {{ .host | quote }}
|
||||
http:
|
||||
paths:
|
||||
{{- range .paths }}
|
||||
- path: {{ .path }}
|
||||
{{- if eq (include "common.capabilities.ingress.apiVersion" $) "networking.k8s.io/v1" }}
|
||||
pathType: Prefix
|
||||
{{- end }}
|
||||
backend:
|
||||
{{- if eq (include "common.capabilities.ingress.apiVersion" $) "networking.k8s.io/v1" }}
|
||||
service:
|
||||
name: {{ $svcName }}
|
||||
port:
|
||||
number: {{ $svcPort }}
|
||||
{{- else }}
|
||||
serviceName: {{ $svcName }}
|
||||
servicePort: {{ $svcPort }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,58 @@
|
|||
{{/*
|
||||
This template serves as a blueprint for all appIngressTCP objects that are created
|
||||
within the common library.
|
||||
*/}}
|
||||
{{- define "custom.classes.appIngressTCP" -}}
|
||||
{{- $values := .Values.appIngress -}}
|
||||
{{- if hasKey . "ObjectValues" -}}
|
||||
{{- with .ObjectValues.appIngress -}}
|
||||
{{- $values = . -}}
|
||||
{{- end -}}
|
||||
{{ end -}}
|
||||
{{- $IngressName := include "common.names.fullname" . -}}
|
||||
{{- if hasKey $values "nameSuffix" -}}
|
||||
{{- $IngressName = printf "%v-%v" $IngressName $values.nameSuffix -}}
|
||||
{{ end -}}
|
||||
{{- $svcName := $values.serviceName | default (include "common.names.fullname" .) -}}
|
||||
{{- $svcPort := $values.servicePort | default $.Values.service.port.port -}}
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRouteTCP
|
||||
metadata:
|
||||
name: {{ $IngressName }}
|
||||
labels:
|
||||
{{- include "common.labels" . | nindent 4 }}
|
||||
annotations:
|
||||
{{- if or (eq $values.certType "letsencrypt-prod") (eq $values.certType "letsencrypt-staging") }}
|
||||
cert-manager.io/cluster-issuer: {{ $values.certType }}
|
||||
{{- end }}
|
||||
{{- with $values.annotations }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
entryPoints:
|
||||
- {{ $values.entrypoint }}
|
||||
routes:
|
||||
- match: HostSNI(`*`)
|
||||
services:
|
||||
- name: {{ $svcName }}
|
||||
port: {{ $svcPort }}
|
||||
weight: 10
|
||||
terminationDelay: 400
|
||||
{{- if $values.certType }}
|
||||
tls:
|
||||
{{- if eq $values.certType "selfsigned" -}}{{ else if eq $values.certType "existingcert" }}
|
||||
secretName: {{ $values.existingcert }}
|
||||
{{ else if eq $values.certType "wildcard" }}
|
||||
secretName: wilddcardcert
|
||||
{{ else }}
|
||||
secretName: {{ $IngressName }}-tls-secret
|
||||
domains:
|
||||
- main: {{ index $values.hosts 0 }}
|
||||
sans:
|
||||
{{- range $values.hosts }}
|
||||
- {{ .host | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
passthrough: false
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,36 @@
|
|||
{{/*
|
||||
This template serves as a blueprint for all appIngressTCP objects that are created
|
||||
within the common library.
|
||||
*/}}
|
||||
{{- define "custom.classes.appIngressUDP" -}}
|
||||
{{- $values := .Values.appIngress -}}
|
||||
{{- if hasKey . "ObjectValues" -}}
|
||||
{{- with .ObjectValues.appIngress -}}
|
||||
{{- $values = . -}}
|
||||
{{- end -}}
|
||||
{{ end -}}
|
||||
{{- $IngressName := include "common.names.fullname" . -}}
|
||||
{{- if hasKey $values "nameSuffix" -}}
|
||||
{{- $IngressName = printf "%v-%v" $IngressName $values.nameSuffix -}}
|
||||
{{ end -}}
|
||||
{{- $svcName := $values.serviceName | default (include "common.names.fullname" .) -}}
|
||||
{{- $svcPort := $values.servicePort | default $.Values.service.port.port -}}
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRouteUDP
|
||||
metadata:
|
||||
name: {{ $IngressName }}
|
||||
labels:
|
||||
{{- include "common.labels" . | nindent 4 }}
|
||||
{{- with $values.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
entryPoints:
|
||||
- {{ $values.entrypoint }}
|
||||
routes:
|
||||
- services:
|
||||
- name: {{ $svcName }}
|
||||
port: {{ $svcPort }}
|
||||
weight: 10
|
||||
{{- end }}
|
|
@ -0,0 +1,92 @@
|
|||
{{/*
|
||||
Return the appropriate apiVersion for DaemonSet objects.
|
||||
*/}}
|
||||
{{- define "common.capabilities.daemonset.apiVersion" -}}
|
||||
{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
|
||||
{{- print "extensions/v1beta1" -}}
|
||||
{{- else -}}
|
||||
{{- print "apps/v1" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Waiting on https://github.com/helm/helm/pull/8608
|
||||
{{- define "common.capabilities.daemonset.apiVersion" -}}
|
||||
{{- if .Capabilities.APIVersions.Has "apps/v1/DaemonSet" -}}
|
||||
{{- print "apps/v1" -}}
|
||||
{{- else -}}
|
||||
{{- print "extensions/v1beta1" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
*/}}
|
||||
|
||||
{{/*
|
||||
Return the appropriate apiVersion for Deployment objects.
|
||||
*/}}
|
||||
{{- define "common.capabilities.deployment.apiVersion" -}}
|
||||
{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
|
||||
{{- print "extensions/v1beta1" -}}
|
||||
{{- else -}}
|
||||
{{- print "apps/v1" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Waiting on https://github.com/helm/helm/pull/8608
|
||||
{{- define "common.capabilities.deployment.apiVersion" -}}
|
||||
{{- if .Capabilities.APIVersions.Has "apps/v1/Deployment" -}}
|
||||
{{- print "apps/v1" -}}
|
||||
{{- else -}}
|
||||
{{- print "extensions/v1beta1" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
*/}}
|
||||
|
||||
{{/*
|
||||
Return the appropriate apiVersion for StatefulSet objects.
|
||||
*/}}
|
||||
{{- define "common.capabilities.statefulset.apiVersion" -}}
|
||||
{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
|
||||
{{- print "apps/v1beta1" -}}
|
||||
{{- else -}}
|
||||
{{- print "apps/v1" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Waiting on https://github.com/helm/helm/pull/8608
|
||||
{{- define "common.capabilities.statefulset.apiVersion" -}}
|
||||
{{- if .Capabilities.APIVersions.Has "apps/v1/StatefulSet" -}}
|
||||
{{- print "apps/v1" -}}
|
||||
{{- else -}}
|
||||
{{- print "apps/v1beta1" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
*/}}
|
||||
|
||||
{{/*
|
||||
Return the appropriate apiVersion for Ingress objects.
|
||||
*/}}
|
||||
|
||||
{{- define "common.capabilities.ingress.apiVersion" -}}
|
||||
{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
|
||||
{{- print "extensions/v1beta1" -}}
|
||||
{{- else if semverCompare "<1.19-0" .Capabilities.KubeVersion.GitVersion -}}
|
||||
{{- print "networking.k8s.io/v1beta1" -}}
|
||||
{{- else -}}
|
||||
{{- print "networking.k8s.io/v1" -}}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Waiting on https://github.com/helm/helm/pull/8608
|
||||
{{- define "common.capabilities.ingress.apiVersion" -}}
|
||||
{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" -}}
|
||||
{{- print "networking.k8s.io/v1" -}}
|
||||
{{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/Ingress" -}}
|
||||
{{- print "networking.k8s.io/v1beta1" -}}
|
||||
{{- else -}}
|
||||
{{- print "extensions/v1beta1" -}}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
*/}}
|
|
@ -0,0 +1,19 @@
|
|||
{{/*
|
||||
Common labels shared across objects.
|
||||
*/}}
|
||||
{{- define "common.labels" -}}
|
||||
helm.sh/chart: {{ include "common.names.chart" . }}
|
||||
{{ include "common.labels.selectorLabels" . }}
|
||||
{{- if .Chart.AppVersion }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
|
||||
{{- end }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Selector labels shared across objects.
|
||||
*/}}
|
||||
{{- define "common.labels.selectorLabels" -}}
|
||||
app.kubernetes.io/name: {{ include "common.names.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end }}
|
|
@ -0,0 +1,42 @@
|
|||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "common.names.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "common.names.fullname" -}}
|
||||
{{- if .Values.fullnameOverride }}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
|
||||
{{- else }}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride }}
|
||||
{{- if contains $name .Release.Name }}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
|
||||
{{- else }}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "common.names.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create the name of the ServiceAccount to use.
|
||||
*/}}
|
||||
{{- define "common.names.serviceAccountName" -}}
|
||||
{{- if .Values.serviceAccount.create }}
|
||||
{{- default (include "common.names.fullname" .) .Values.serviceAccount.name }}
|
||||
{{- else }}
|
||||
{{- default "default" .Values.serviceAccount.name }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,11 @@
|
|||
{{/*
|
||||
Merge the local chart values and the common chart defaults.
|
||||
*/}}
|
||||
{{- define "common.values.setup" -}}
|
||||
{{- if .Values.common -}}
|
||||
{{- $defaultValues := deepCopy .Values.common -}}
|
||||
{{- $userValues := deepCopy (omit .Values "common") -}}
|
||||
{{- $mergedValues := mustMergeOverwrite $defaultValues $userValues -}}
|
||||
{{- $_ := set . "Values" (deepCopy $mergedValues) -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,78 @@
|
|||
{{- /*
|
||||
The main container included in the controller.
|
||||
*/ -}}
|
||||
{{- define "common.controller.mainContainer" -}}
|
||||
- name: {{ include "common.names.fullname" . }}
|
||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
{{- with .Values.command }}
|
||||
command: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.args }}
|
||||
args: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.securityContext }}
|
||||
securityContext:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if or .Values.env .Values.envTpl }}
|
||||
env:
|
||||
{{- range $envVariable := .Values.environmentVariables }}
|
||||
{{- if and $envVariable.name $envVariable.value }}
|
||||
- name: {{ $envVariable.name }}
|
||||
value: {{ $envVariable.value | quote }}
|
||||
{{- else }}
|
||||
{{- fail "Please specify name/value for environment variable" }}
|
||||
{{- end }}
|
||||
{{- end}}
|
||||
{{- range $key, $value := .Values.env }}
|
||||
- name: {{ $key }}
|
||||
value: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- range $key, $value := .Values.envTpl }}
|
||||
- name: {{ $key }}
|
||||
value: {{ tpl $value $ | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- with .Values.envFrom }}
|
||||
envFrom:
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- include "common.controller.ports" . | trim | nindent 2 }}
|
||||
volumeMounts:
|
||||
{{- range $index, $PVC := .Values.persistence }}
|
||||
{{- if $PVC.enabled }}
|
||||
- mountPath: {{ $PVC.mountPath }}
|
||||
name: {{ $index }}
|
||||
{{- if $PVC.subPath }}
|
||||
subPath: {{ $PVC.subPath }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- include "configuredAppVolumeMounts" . | indent 2 }}
|
||||
{{- if .Values.additionalVolumeMounts }}
|
||||
{{- toYaml .Values.additionalVolumeMounts | nindent 2 }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.controllerType "statefulset" }}
|
||||
{{- range $index, $vct := .Values.volumeClaimTemplates }}
|
||||
- mountPath: {{ $vct.mountPath }}
|
||||
name: {{ $vct.name }}
|
||||
{{- if $vct.subPath }}
|
||||
subPath: {{ $vct.subPath }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- include "common.controller.probes" . | nindent 2 }}
|
||||
{{- with .Values.resources }}
|
||||
resources:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if and .Values.gpuConfiguration .Values.resources }}
|
||||
limits:
|
||||
{{- toYaml .Values.gpuConfiguration | nindent 14 }}
|
||||
{{- else if .Values.gpuConfiguration }}
|
||||
resources:
|
||||
limits:
|
||||
{{- toYaml .Values.gpuConfiguration | nindent 14 }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
|
@ -0,0 +1,63 @@
|
|||
{{- /*
|
||||
The pod definition included in the controller.
|
||||
*/ -}}
|
||||
{{- define "common.controller.pod" -}}
|
||||
{{- with .Values.imagePullSecrets }}
|
||||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ include "common.names.serviceAccountName" . }}
|
||||
{{- with .Values.podSecurityContext }}
|
||||
securityContext:
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end }}
|
||||
{{- with .Values.priorityClassName }}
|
||||
priorityClassName: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.schedulerName }}
|
||||
schedulerName: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.hostNetwork }}
|
||||
hostNetwork: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.hostname }}
|
||||
hostname: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.dnsPolicy }}
|
||||
dnsPolicy: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.dnsConfig }}
|
||||
dnsConfig:
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end }}
|
||||
enableServiceLinks: {{ .Values.enableServiceLinks }}
|
||||
{{- with .Values.initContainers }}
|
||||
initContainers:
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end }}
|
||||
containers:
|
||||
{{- include "common.controller.mainContainer" . | nindent 0 }}
|
||||
{{- with .Values.additionalContainers }}
|
||||
{{- toYaml . | nindent 0 }}
|
||||
{{- end }}
|
||||
{{- with (include "common.controller.volumes" . | trim) }}
|
||||
volumes:
|
||||
{{- . | nindent 0 }}
|
||||
{{- end }}
|
||||
{{- with .Values.hostAliases }}
|
||||
hostAliases:
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end }}
|
||||
{{- with .Values.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end }}
|
||||
{{- with .Values.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end }}
|
||||
{{- with .Values.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
|
@ -0,0 +1,59 @@
|
|||
{{/*
|
||||
Ports included by the controller.
|
||||
*/}}
|
||||
{{- define "common.controller.ports" -}}
|
||||
{{- $ports := list -}}
|
||||
{{- with .Values.service -}}
|
||||
{{- $serviceValues := deepCopy . -}}
|
||||
{{/* append the ports for the main service */}}
|
||||
{{- if .enabled -}}
|
||||
{{- $_ := set .port "name" (default "http" .port.name) -}}
|
||||
{{- $ports = mustAppend $ports .port -}}
|
||||
{{- range $_ := .additionalPorts -}}
|
||||
{{/* append the additonalPorts for the main service */}}
|
||||
{{- $ports = mustAppend $ports . -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{/* append the ports for each additional service */}}
|
||||
{{- range $_ := .additionalServices }}
|
||||
{{- if .enabled -}}
|
||||
{{- $_ := set .port "name" (required "Missing port.name" .port.name) -}}
|
||||
{{- $ports = mustAppend $ports .port -}}
|
||||
{{- range $_ := .additionalPorts -}}
|
||||
{{/* append the additonalPorts for each additional service */}}
|
||||
{{- $ports = mustAppend $ports . -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{/* append the ports for each appAdditionalService - TrueCharts */}}
|
||||
{{- if and $.Values.appAdditionalServicesEnabled $.Values.appAdditionalServices -}}
|
||||
{{- range $name, $_ := $.Values.appAdditionalServices }}
|
||||
{{- if .enabled -}}
|
||||
{{- if kindIs "string" $name -}}
|
||||
{{- $_ := set .port "name" (default .port.name | default $name) -}}
|
||||
{{- else -}}
|
||||
{{- $_ := set .port "name" (required "Missing port.name" .port.name) -}}
|
||||
{{- end -}}
|
||||
{{- $ports = mustAppend $ports .port -}}
|
||||
{{- range $_ := .additionalPorts -}}
|
||||
{{/* append the additonalPorts for each additional service */}}
|
||||
{{- $ports = mustAppend $ports . -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/* export/render the list of ports */}}
|
||||
{{- if $ports -}}
|
||||
ports:
|
||||
{{- range $_ := $ports }}
|
||||
- name: {{ required "The port's 'name' is not defined" .name }}
|
||||
{{- if and .targetPort (kindIs "string" .targetPort) }}
|
||||
{{- fail (printf "Our charts do not support named ports for targetPort. (port name %s, targetPort %s)" .name .targetPort) }}
|
||||
{{- end }}
|
||||
containerPort: {{ .targetPort | default .port }}
|
||||
protocol: {{ .protocol | default "TCP" }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,22 @@
|
|||
{{/*
|
||||
Probes selection logic.
|
||||
*/}}
|
||||
{{- define "common.controller.probes" -}}
|
||||
{{- $svcPort := .Values.service.port.name -}}
|
||||
{{- range $probeName, $probe := .Values.probes }}
|
||||
{{- if $probe.enabled -}}
|
||||
{{- "" | nindent 0 }}
|
||||
{{- $probeName }}Probe:
|
||||
{{- if $probe.custom -}}
|
||||
{{- $probe.spec | toYaml | nindent 2 }}
|
||||
{{- else }}
|
||||
{{- "tcpSocket:" | nindent 2 }}
|
||||
{{- printf "port: %v" $svcPort | nindent 4 }}
|
||||
{{- printf "initialDelaySeconds: %v" $probe.spec.initialDelaySeconds | nindent 2 }}
|
||||
{{- printf "failureThreshold: %v" $probe.spec.failureThreshold | nindent 2 }}
|
||||
{{- printf "timeoutSeconds: %v" $probe.spec.timeoutSeconds | nindent 2 }}
|
||||
{{- printf "periodSeconds: %v" $probe.spec.periodSeconds | nindent 2 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,32 @@
|
|||
{{/*
|
||||
Volumes included by the controller.
|
||||
*/}}
|
||||
{{- define "common.controller.volumes" -}}
|
||||
{{- range $index, $persistence := .Values.persistence }}
|
||||
{{- if $persistence.enabled }}
|
||||
- name: {{ $index }}
|
||||
{{- if $persistence.existingClaim }}
|
||||
{{- /* Always prefer an existingClaim if that is set */}}
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ $persistence.existingClaim }}
|
||||
{{- else -}}
|
||||
{{- if $persistence.emptyDir -}}
|
||||
{{- /* Always prefer an emptyDir next if that is set */}}
|
||||
emptyDir: {}
|
||||
{{- else -}}
|
||||
{{- /* Otherwise refer to the PVC name */}}
|
||||
persistentVolumeClaim:
|
||||
{{- if $persistence.nameSuffix }}
|
||||
claimName: {{ printf "%s-%s" (include "common.names.fullname" $) $persistence.nameSuffix }}
|
||||
{{- else }}
|
||||
claimName: {{ printf "%s-%s" (include "common.names.fullname" $) $index }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- include "configuredAppVolumes" . }}
|
||||
{{- if .Values.additionalVolumes }}
|
||||
{{- toYaml .Values.additionalVolumes | nindent 0 }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
|
@ -0,0 +1,521 @@
|
|||
# type: options are deployment, daemonset or statefulset
|
||||
controllerType: deployment
|
||||
# Set annotations on the deployment/statefulset/daemonset
|
||||
controllerAnnotations: {}
|
||||
# Set labels on the deployment/statefulset/daemonset
|
||||
controllerLabels: {}
|
||||
|
||||
replicas: 1
|
||||
strategy:
|
||||
## For Deployments, valid values are Recreate and RollingUpdate
|
||||
## For StatefulSets, valid values are OnDelete and RollingUpdate
|
||||
## DaemonSets ignore this
|
||||
type: RollingUpdate
|
||||
|
||||
# Override the default command
|
||||
command: []
|
||||
# Override the default args
|
||||
args: []
|
||||
|
||||
nameOverride: ""
|
||||
fullnameOverride: ""
|
||||
|
||||
# Set annotations on the pod
|
||||
podAnnotations: {}
|
||||
|
||||
serviceAccount:
|
||||
# Specifies whether a service account should be created
|
||||
create: false
|
||||
# Annotations to add to the service account
|
||||
annotations: {}
|
||||
# The name of the service account to use.
|
||||
# If not set and create is true, a name is generated using the fullname template
|
||||
name: ""
|
||||
|
||||
env: {}
|
||||
# TZ: UTC
|
||||
|
||||
## Variables with values set from templates, example
|
||||
## With a release name of: demo, the example env value will be: demo-admin
|
||||
envTpl: {}
|
||||
# TEMPLATE_VALUE: "{{ .Release.Name }}-admin"
|
||||
envFrom: []
|
||||
# - configMapRef:
|
||||
# name: config-map-name
|
||||
# - secretRef:
|
||||
# name: secret-name
|
||||
|
||||
# Custom priority class for different treatment by the scheduler
|
||||
# priorityClassName: system-node-critical
|
||||
|
||||
# Allow specifying a custom scheduler name
|
||||
# schedulerName: awkward-dangerous-scheduler
|
||||
|
||||
# Allow specifying explicit hostname setting
|
||||
# hostname:
|
||||
|
||||
# When using hostNetwork make sure you set dnsPolicy to ClusterFirstWithHostNet
|
||||
hostNetwork: false
|
||||
|
||||
dnsPolicy: ClusterFirst
|
||||
|
||||
# Optional DNS settings, configuring the ndots option may resolve
|
||||
# nslookup issues on some Kubernetes setups.
|
||||
# dnsConfig:
|
||||
# options:
|
||||
# - name: ndots
|
||||
# value: "1"
|
||||
|
||||
# Enable/disable the generation of environment variables for services.
|
||||
# See https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#accessing-the-service
|
||||
# for more information.
|
||||
enableServiceLinks: true
|
||||
|
||||
# Configure the Security Context for the Pod
|
||||
podSecurityContext: {}
|
||||
|
||||
# Configure the Security Context for the main container
|
||||
securityContext: {}
|
||||
|
||||
initContainers: []
|
||||
|
||||
additionalContainers: []
|
||||
|
||||
## Probes configuration
|
||||
probes:
|
||||
liveness:
|
||||
enabled: true
|
||||
## Set this to true if you wish to specify your own livenessProbe
|
||||
custom: false
|
||||
## The spec field contains the values for the default livenessProbe.
|
||||
## If you selected custom: true, this field holds the definition of the livenessProbe.
|
||||
spec:
|
||||
initialDelaySeconds: 30
|
||||
failureThreshold: 5
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 10
|
||||
|
||||
readiness:
|
||||
enabled: true
|
||||
## Set this to true if you wish to specify your own readinessProbe
|
||||
custom: false
|
||||
## The spec field contains the values for the default readinessProbe.
|
||||
## If you selected custom: true, this field holds the definition of the readinessProbe.
|
||||
spec:
|
||||
initialDelaySeconds: 30
|
||||
failureThreshold: 5
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 10
|
||||
|
||||
startup:
|
||||
enabled: false
|
||||
## Set this to true if you wish to specify your own startupProbe
|
||||
custom: false
|
||||
## The spec field contains the values for the default startupProbe.
|
||||
## If you selected custom: true, this field holds the definition of the startupProbe.
|
||||
spec:
|
||||
initialDelaySeconds: 5
|
||||
failureThreshold: 30
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 10
|
||||
|
||||
service:
|
||||
enabled: true
|
||||
type: ClusterIP
|
||||
## Specify the default port information
|
||||
port:
|
||||
port:
|
||||
## name defaults to http
|
||||
name:
|
||||
protocol: TCP
|
||||
## Specify a service targetPort if you wish to differ the service port from the application port.
|
||||
## If targetPort is specified, this port number is used in the container definition instead of
|
||||
## service.port.port. Therefore named ports are not supported for this field.
|
||||
targetPort:
|
||||
## Specify the nodePort value for the LoadBalancer and NodePort service types.
|
||||
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
|
||||
##
|
||||
# nodePort:
|
||||
additionalPorts: []
|
||||
|
||||
## Provide any additional annotations which may be required. This can be used to
|
||||
## set the LoadBalancer service type to internal only.
|
||||
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
|
||||
##
|
||||
annotations: {}
|
||||
labels: {}
|
||||
|
||||
additionalServices: []
|
||||
# - enabled: false
|
||||
# nameSuffix: api
|
||||
# type: ClusterIP
|
||||
# # Specify the default port information
|
||||
# port:
|
||||
# port:
|
||||
# # name defaults to http
|
||||
# name:
|
||||
# protocol: TCP
|
||||
# # targetPort defaults to http
|
||||
# targetPort:
|
||||
# # nodePort:
|
||||
# additionalPorts: []
|
||||
# annotations: {}
|
||||
# labels: {}
|
||||
|
||||
ingress:
|
||||
enabled: false
|
||||
annotations: {}
|
||||
# kubernetes.io/ingress.class: nginx
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
labels: {}
|
||||
hosts:
|
||||
- host: chart-example.local
|
||||
paths:
|
||||
- path: /
|
||||
# Ignored if not kubeVersion >= 1.14-0
|
||||
pathType: Prefix
|
||||
tls: []
|
||||
# - secretName: chart-example-tls
|
||||
# hosts:
|
||||
# - chart-example.local
|
||||
additionalIngresses: []
|
||||
# - enabled: false
|
||||
# nameSuffix: "api"
|
||||
# annotations: {}
|
||||
# # kubernetes.io/ingress.class: nginx
|
||||
# # kubernetes.io/tls-acme: "true"
|
||||
# labels: {}
|
||||
# hosts:
|
||||
# - host: chart-example.local
|
||||
# paths:
|
||||
# - path: /api
|
||||
# # Ignored if not kubeVersion >= 1.14-0
|
||||
# pathType: Prefix
|
||||
# tls: []
|
||||
# # - secretName: chart-example-tls
|
||||
# # hosts:
|
||||
# # - chart-example.local
|
||||
|
||||
persistence:
|
||||
config:
|
||||
enabled: false
|
||||
mountPath: /config
|
||||
## configuration data Persistent Volume Storage Class
|
||||
## If defined, storageClassName: <storageClass>
|
||||
## If set to "-", storageClassName: "", which disables dynamic provisioning
|
||||
## If undefined (the default) or set to null, no storageClassName spec is
|
||||
## set, choosing the default provisioner. (gp2 on AWS, standard on
|
||||
## GKE, AWS & OpenStack)
|
||||
##
|
||||
# storageClass: "-"
|
||||
##
|
||||
## If you want to reuse an existing claim, you can pass the name of the PVC using
|
||||
## the existingClaim variable
|
||||
# existingClaim: your-claim
|
||||
# subPath: some-subpath
|
||||
accessMode: ReadWriteOnce
|
||||
size: 1Gi
|
||||
## Set to true to retain the PVC upon helm uninstall
|
||||
skipuninstall: false
|
||||
|
||||
# Create an emptyDir volume to share between all containers
|
||||
shared:
|
||||
enabled: false
|
||||
emptyDir: true
|
||||
mountPath: /shared
|
||||
|
||||
additionalVolumes: []
|
||||
|
||||
additionalVolumeMounts: []
|
||||
|
||||
volumeClaimTemplates: []
|
||||
# Used in statefulset to create individual disks for each instance
|
||||
# - name: data
|
||||
# mountPath: /data
|
||||
# accessMode: "ReadWriteOnce"
|
||||
# size: 1Gi
|
||||
# - name: backup
|
||||
# mountPath: /backup
|
||||
# subPath: theSubPath
|
||||
# accessMode: "ReadWriteOnce"
|
||||
# size: 2Gi
|
||||
# storageClass: cheap-storage-class
|
||||
|
||||
nodeSelector: {}
|
||||
|
||||
affinity: {}
|
||||
|
||||
tolerations: []
|
||||
|
||||
hostAliases: []
|
||||
# Use hostAliases to add custom entries to /etc/hosts - mapping IP addresses to hostnames.
|
||||
# ref: https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
|
||||
# - ip: "192.168.1.100"
|
||||
# hostnames:
|
||||
# - "example.com"
|
||||
# - "www.example.com"
|
||||
|
||||
resources: {}
|
||||
# We usually recommend not to specify default resources and to leave this as a conscious
|
||||
# choice for the user. This also increases chances charts run on environments with little
|
||||
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
||||
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
||||
# limits:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
# requests:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
|
||||
addons:
|
||||
|
||||
# Enable running a VPN in the pod to route traffic through a VPN
|
||||
vpn:
|
||||
enabled: false
|
||||
|
||||
# VPN type: options are openvpn or wireguard
|
||||
type: openvpn
|
||||
|
||||
# OpenVPN specific configuration
|
||||
openvpn:
|
||||
image:
|
||||
repository: dperson/openvpn-client
|
||||
pullPolicy: IfNotPresent
|
||||
tag: latest
|
||||
|
||||
# Credentials to connect to the VPN Service (used with -a)
|
||||
auth: # "user;password"
|
||||
# OR specify an existing secret that contains the credentials. Credentials should be stored
|
||||
# under the VPN_AUTH key
|
||||
authSecret: # my-vpn-secret
|
||||
|
||||
# WireGuard specific configuration
|
||||
wireguard:
|
||||
image:
|
||||
repository: k8sathome/wireguard
|
||||
pullPolicy: IfNotPresent
|
||||
tag: 1.0.20200827
|
||||
|
||||
# Set the VPN container securityContext
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- NET_ADMIN
|
||||
- SYS_MODULE
|
||||
|
||||
# All variables specified here will be added to the vpn sidecar container
|
||||
# See the documentation of the VPN image for all config values
|
||||
env: {}
|
||||
# TZ: UTC
|
||||
|
||||
# Provide a customized vpn configuration file to be used by the VPN.
|
||||
configFile: # |-
|
||||
# Some Example Config
|
||||
# remote greatvpnhost.com 8888
|
||||
# auth-user-pass
|
||||
# Cipher AES
|
||||
|
||||
# Provide custom up/down scripts that can be used by the vpnConf
|
||||
scripts:
|
||||
up: # |-
|
||||
# #!/bin/bash
|
||||
# echo "connected" > /shared/vpnstatus
|
||||
down: # |-
|
||||
# #!/bin/bash
|
||||
# echo "disconnected" > /shared/vpnstatus
|
||||
|
||||
additionalVolumeMounts: []
|
||||
|
||||
# Optionally specify a livenessProbe, e.g. to check if the connection is still
|
||||
# being protected by the VPN
|
||||
livenessProbe: {}
|
||||
# exec:
|
||||
# command:
|
||||
# - sh
|
||||
# - -c
|
||||
# - if [ $(curl -s https://ipinfo.io/country) == 'US' ]; then exit 0; else exit $?; fi
|
||||
# initialDelaySeconds: 30
|
||||
# periodSeconds: 60
|
||||
# failureThreshold: 1
|
||||
|
||||
# If set to true, will deploy a network policy that blocks all outbound
|
||||
# traffic except traffic specified as allowed
|
||||
networkPolicy:
|
||||
enabled: false
|
||||
|
||||
# The egress configuration for your network policy, All outbound traffic
|
||||
# From the pod will be blocked unless specified here. Your cluster must
|
||||
# have a CNI that supports network policies (Canal, Calico, etc...)
|
||||
# https://kubernetes.io/docs/concepts/services-networking/network-policies/
|
||||
# https://github.com/ahmetb/kubernetes-network-policy-recipes
|
||||
egress:
|
||||
# - to:
|
||||
# - ipBlock:
|
||||
# cidr: 0.0.0.0/0
|
||||
# ports:
|
||||
# - port: 53
|
||||
# protocol: UDP
|
||||
# - port: 53
|
||||
# protocol: TCP
|
||||
|
||||
# Enable running a code-server container in the pod to access files
|
||||
codeserver:
|
||||
enabled: false
|
||||
|
||||
image:
|
||||
repository: codercom/code-server
|
||||
pullPolicy: IfNotPresent
|
||||
tag: 3.7.4
|
||||
|
||||
# Set any environment variables for code-server here
|
||||
env: {}
|
||||
# TZ: UTC
|
||||
|
||||
# Set codeserver command line arguments
|
||||
# consider setting --user-data-dir to a persistent location to preserve code-server setting changes
|
||||
args:
|
||||
- --auth
|
||||
- none
|
||||
# - --user-data-dir
|
||||
# - "/config/.vscode"
|
||||
|
||||
# Specify a list of volumes that get mounted in the code-server container.
|
||||
# At least 1 volumeMount is required!
|
||||
volumeMounts: []
|
||||
# - name: config
|
||||
# mountPath: /data/config
|
||||
|
||||
# Specify the working dir that will be opened when code-server starts
|
||||
# If not given, the app will default to the mountpah of the first specified volumeMount
|
||||
workingDir: ""
|
||||
|
||||
service:
|
||||
enabled: true
|
||||
type: ClusterIP
|
||||
# Specify the default port information
|
||||
port:
|
||||
port: 12321
|
||||
name: codeserver
|
||||
protocol: TCP
|
||||
targetPort: codeserver
|
||||
## Specify the nodePort value for the LoadBalancer and NodePort service types.
|
||||
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
|
||||
##
|
||||
# nodePort:
|
||||
|
||||
## Provide any additional annotations which may be required. This can be used to
|
||||
## set the LoadBalancer service type to internal only.
|
||||
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
|
||||
##
|
||||
annotations: {}
|
||||
labels: {}
|
||||
|
||||
ingress:
|
||||
enabled: false
|
||||
nameSuffix: codeserver
|
||||
annotations: {}
|
||||
# kubernetes.io/ingress.class: nginx
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
labels: {}
|
||||
hosts:
|
||||
- host: code.chart-example.local
|
||||
paths:
|
||||
- path: /
|
||||
# Ignored if not kubeVersion >= 1.14-0
|
||||
pathType: Prefix
|
||||
tls: []
|
||||
# - secretName: chart-example-tls
|
||||
# hosts:
|
||||
# - code.chart-example.local
|
||||
|
||||
securityContext:
|
||||
runAsUser: 0
|
||||
|
||||
|
||||
## TrueCharts Specific
|
||||
|
||||
appAdditionalServicesEnabled: false
|
||||
# appAdditionalServices:
|
||||
# api:
|
||||
# enabled: false
|
||||
# type: NodePort
|
||||
# protocol: TCP
|
||||
# port:
|
||||
# port: 8091
|
||||
# nodePort: 38091
|
||||
# additionalPorts: []
|
||||
# - name: api-alt
|
||||
# port: 8092
|
||||
# targetPort: 8092
|
||||
# protocol: TCP
|
||||
# nodePort: 38092
|
||||
# ws:
|
||||
# enabled: false
|
||||
# type: ClusterIP
|
||||
# port:
|
||||
# port: 3000
|
||||
# additionalPorts: {}
|
||||
# foo:
|
||||
# name: ws-alt
|
||||
# protocol: TCP
|
||||
# port: 3001
|
||||
# targetPort: 3001
|
||||
|
||||
appVolumesEnabled: false
|
||||
# appVolumeMounts:
|
||||
# config:
|
||||
# enabled: false
|
||||
# emptyDir: false
|
||||
# datasetName: "config"
|
||||
# mountPath: "/config"
|
||||
# subPath: some-subpath
|
||||
# hostPathEnabled: false
|
||||
# hostPath: ""
|
||||
# data:
|
||||
# enabled: false
|
||||
# emptyDir: false
|
||||
# datasetName: "data"
|
||||
# mountPath: "/data"
|
||||
# subPath: some-subpath
|
||||
# hostPathEnabled: false
|
||||
# hostPath: ""
|
||||
|
||||
emptyDirVolumes: true
|
||||
|
||||
appIngressEnabled: false
|
||||
appIngress:
|
||||
main:
|
||||
enabled: false
|
||||
entrypoint: "websecure"
|
||||
certType: "letsencrypt-prod"
|
||||
existingcert: ""
|
||||
authForwardURL: ""
|
||||
annotations: {}
|
||||
labels: {}
|
||||
hosts:
|
||||
- host: app.truecharts.placeholder
|
||||
paths:
|
||||
- path: /
|
||||
# Ignored if not kubeVersion >= 1.14-0
|
||||
pathType: Prefix
|
||||
|
||||
maintcp:
|
||||
enabled: false
|
||||
type: "TCP"
|
||||
entrypoint: "kms"
|
||||
certType: "none"
|
||||
existingcert: ""
|
||||
annotations: {}
|
||||
labels: {}
|
||||
hosts:
|
||||
- host: app.truecharts.placeholder
|
||||
paths:
|
||||
- path: /
|
||||
# Ignored if not kubeVersion >= 1.14-0
|
||||
pathType: Prefix
|
||||
mainudp:
|
||||
enabled: false
|
||||
type: "UDP"
|
||||
entrypoint: "DNSUDP"
|
||||
annotations: {}
|
||||
labels: {}
|
Loading…
Reference in New Issue