Init the lib
This commit is contained in:
parent
13d350796b
commit
31ba5d0bd2
|
@ -0,0 +1,96 @@
|
|||
---
|
||||
when:
|
||||
event:
|
||||
- push
|
||||
|
||||
.chart-testing-image: &chart-testing-image
|
||||
image: quay.io/helmpack/chart-testing:v3.10.1
|
||||
clone:
|
||||
git:
|
||||
image: woodpeckerci/plugin-git
|
||||
settings:
|
||||
partial: false
|
||||
|
||||
steps:
|
||||
changed:
|
||||
<<: *chart-testing-image
|
||||
name: Check changed charts
|
||||
commands:
|
||||
- git fetch origin
|
||||
- ct lint --target-branch main --print-config --debug
|
||||
- ct list-changed --target-branch main > .changed
|
||||
|
||||
lint:
|
||||
<<: *chart-testing-image
|
||||
name: Lint charts
|
||||
commands:
|
||||
- git fetch origin
|
||||
- |
|
||||
if [ -s .changed ]; then
|
||||
ct lint --target-branch main --validate-maintainers=false
|
||||
fi
|
||||
|
||||
test:
|
||||
<<: *chart-testing-image
|
||||
name: Test charts
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker:2375
|
||||
commands:
|
||||
- |
|
||||
if [ -s .changed ]; then
|
||||
export PATH=$PWD/.bin:$PATH
|
||||
apk update && apk add docker curl bash
|
||||
curl -s https://raw.githubusercontent.com/k3d-io/k3d/main/install.sh | bash
|
||||
k3d cluster create test --api-port 16443 --k3s-arg="kubelet-args=\"--allowed-unsafe-sysctls=net.ipv4.ip_forward\""@all
|
||||
sed -i -E -e 's/localhost|0\.0\.0\.0/docker/g' ~/.kube/config
|
||||
kubectl get storageclass
|
||||
git fetch origin
|
||||
ct install --target-branch main
|
||||
ct install --target-branch main --upgrade
|
||||
fi
|
||||
|
||||
release:
|
||||
<<: *chart-testing-image
|
||||
name: Release charts
|
||||
when:
|
||||
- branch: main
|
||||
secrets:
|
||||
- gitea_token
|
||||
environment:
|
||||
- DISABLE_FORCE_OVERWRITE='true'
|
||||
- ALLOW_OVERWRITE='false'
|
||||
commands:
|
||||
- helm plugin install https://github.com/chartmuseum/helm-push
|
||||
- |
|
||||
helm repo add --username allanger --password $GITEA_TOKEN \
|
||||
badhouseplants-library https://git.badhouseplants.net/api/packages/badhouseplants/helm
|
||||
- |
|
||||
for chart in $(find charts -maxdepth 1 -mindepth 1 -type d); do
|
||||
helm package $chart -d chart-packages;
|
||||
done
|
||||
- |
|
||||
for chart in $(find chart-packages -maxdepth 1 -mindepth 1 -type f); do
|
||||
helm cm-push $chart badhouseplants-library
|
||||
done
|
||||
|
||||
|
||||
|
||||
services:
|
||||
docker:
|
||||
image: docker:dind
|
||||
commands:
|
||||
- echo "1" > /proc/sys/net/ipv4/ip_forward
|
||||
- dockerd -H tcp://0.0.0.0:2375 --tls=false
|
||||
privileged: true
|
||||
ports:
|
||||
- 2375
|
||||
- 16443
|
||||
backend_options:
|
||||
kubernetes:
|
||||
resources:
|
||||
requests:
|
||||
memory: 500Mi
|
||||
cpu: 500m
|
||||
limits:
|
||||
memory: 1000Mi
|
||||
cpu: 1000m
|
|
@ -0,0 +1,23 @@
|
|||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*.orig
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
||||
.vscode/
|
|
@ -0,0 +1,8 @@
|
|||
apiVersion: v2
|
||||
name: badhouseplants-lib
|
||||
description: A library to be reused accross badhouseplants charts
|
||||
type: library
|
||||
version: 0.1.0
|
||||
maintainers:
|
||||
- name: allanger
|
||||
email: allanger@badhouseplants.net
|
|
@ -0,0 +1,63 @@
|
|||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "chart.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "chart.fullname" -}}
|
||||
{{- if .Values.fullnameOverride }}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
|
||||
{{- else }}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride }}
|
||||
{{- if contains $name .Release.Name }}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
|
||||
{{- else }}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "chart.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Common labels
|
||||
*/}}
|
||||
{{- define "chart.labels" -}}
|
||||
helm.sh/chart: {{ include "chart.chart" . }}
|
||||
{{ include "chart.selectorLabels" . }}
|
||||
{{- if .Chart.AppVersion }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
|
||||
{{- end }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Selector labels
|
||||
*/}}
|
||||
{{- define "chart.selectorLabels" -}}
|
||||
app.kubernetes.io/name: {{ include "chart.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create the name of the service account to use
|
||||
*/}}
|
||||
{{- define "chart.serviceAccountName" -}}
|
||||
{{- if .Values.serviceAccount.create }}
|
||||
{{- default (include "chart.fullname" .) .Values.serviceAccount.name }}
|
||||
{{- else }}
|
||||
{{- default "default" .Values.serviceAccount.name }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
|
@ -0,0 +1,13 @@
|
|||
{{- /*
|
||||
lib.util.merge will merge two YAML templates and output the result.
|
||||
This takes an array of three values:
|
||||
- the top context
|
||||
- the template name of the overrides (destination)
|
||||
- the template name of the base (source)
|
||||
*/}}
|
||||
{{- define "lib.util.merge" -}}
|
||||
{{- $top := first . -}}
|
||||
{{- $overrides := fromYaml (include (index . 1) $top) | default (dict ) -}}
|
||||
{{- $tpl := fromYaml (include (index . 2) $top) | default (dict ) -}}
|
||||
{{- toYaml (merge $overrides $tpl) -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,12 @@
|
|||
{{- define "helpers.allowed_workloads" -}}
|
||||
{{ index .Chart.Annotations "helm.badhouseplants.net/allowed_workload_kinds" }}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "lib.workload" -}}
|
||||
---
|
||||
{{ if eq .Values.workload.kind "Deployment" -}}
|
||||
{{- if contains .Values.workload.kind (include "helpers.allowed_workloads" .) }}
|
||||
{{- include "lib.deployment" . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,20 @@
|
|||
{{- define "lib.env" -}}
|
||||
{{- range $k, $v := .Values.env }}
|
||||
{{- $customName := printf "%s-%s" (include "chart.fullname" $) $k }}
|
||||
---
|
||||
apiVersion: v1
|
||||
{{- if not $v.sensitive }}
|
||||
kind: ConfigMap
|
||||
{{- include "lib.metadata" (dict "Context" $ "customName" $customName)}}
|
||||
data:
|
||||
{{- else }}
|
||||
kind: Secret
|
||||
{{- include "lib.metadata" (dict "Context" $ "customName" $customName)}}
|
||||
stringData:
|
||||
{{- end }}
|
||||
{{- with $v.data }}
|
||||
{{ toYaml . | indent 2}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
|
@ -0,0 +1,11 @@
|
|||
{{- define "lib.deployment" -}}
|
||||
# ---------------------------------------------------------------------
|
||||
# The deployment is build withing the helm library
|
||||
# please check the lib/tempaltes/deployment/base
|
||||
# ---------------------------------------------------------------------
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
{{- include "lib.metadata" (dict "Context" . "customName" "")}}
|
||||
{{- include "deployment.spec" . }}
|
||||
{{- end -}}
|
||||
|
|
@ -0,0 +1,61 @@
|
|||
{{/*
|
||||
This is a builder for deployments
|
||||
*/}}
|
||||
{{- define "deployment.spec" }}
|
||||
spec:
|
||||
replicas: {{ .Values.workload.replicas }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{ include "metadata.selectorLabels" . | indent 6 }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
{{ include "metadata.labels" . | indent 8 }}
|
||||
spec:
|
||||
{{ include "lib.securityContext" . | indent 6 }}
|
||||
{{- if or .Values.storage .Values.extraVolumes }}
|
||||
volumes:
|
||||
{{- if .Values.storage }}
|
||||
{{- range $k, $v := .Values.storage }}
|
||||
- name: {{ $k }}
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ include "chart.fullname" $ }}-data
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
containers:
|
||||
{{- range $k,$v := .Values.workload.containers }}
|
||||
- name: {{ $k }}
|
||||
{{ include "lib.containerSecurityContext" . | indent 8 }}
|
||||
image: {{ index $.Chart.Annotations "helm.badhouseplants.net/registry" }}:{{ $.Chart.AppVersion }}
|
||||
{{- with $v.ports }}
|
||||
ports:
|
||||
{{- range $p := $v.ports}}
|
||||
- containerPort: {{ index (index $.Values.service.ports $p) "targetPort" }}
|
||||
|
||||
{{- if $v.envFrom }}
|
||||
envFrom:
|
||||
{{- range $k := $v.envFrom }}
|
||||
{{- if kindIs "string" $k }}
|
||||
{{- if (index $.Values.env $k) }}
|
||||
{{- if (index $.Values.env $k).sensitive }}
|
||||
- secretRef:
|
||||
{{- else }}
|
||||
- configMapRef:
|
||||
{{- end }}
|
||||
name: {{ printf "%s-%s" (include "chart.fullname" $) $k }}
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
{{- range $k, $v := $k }}
|
||||
- {{ $k }}:
|
||||
{{ toYaml $v | indent 14 }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,13 @@
|
|||
{{- define "lib.metadata" }}
|
||||
metadata:
|
||||
{{- if .customName }}
|
||||
name: {{ .customName }}
|
||||
{{- else }}
|
||||
name: {{ include "chart.fullname" .Context }}
|
||||
{{- end }}
|
||||
labels:
|
||||
{{ include "metadata.labels" .Context | indent 4 }}
|
||||
{{- end }}
|
||||
|
||||
{{- define "metadata.customName" -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,20 @@
|
|||
{{/*
|
||||
Common labels
|
||||
*/}}
|
||||
{{- define "metadata.labels" -}}
|
||||
helm.sh/chart: {{ include "chart.chart" . }}
|
||||
{{ include "chart.selectorLabels" . }}
|
||||
{{- if .Chart.AppVersion }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
|
||||
{{- end }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Selector labels
|
||||
*/}}
|
||||
{{- define "metadata.selectorLabels" -}}
|
||||
app.kubernetes.io/name: {{ include "chart.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end }}
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
{{- define "lib.notes" -}}
|
||||
{{ include "helpers.allowed_workloads" . }}
|
||||
{{- end }}
|
|
@ -0,0 +1,18 @@
|
|||
{{- define "lib.pvc" -}}
|
||||
{{- range $k, $v := .Values.storage }}
|
||||
{{- $customName := printf "%s-%s" (include "chart.fullname" $) $k }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
{{- include "lib.metadata" (dict "Context" $ "customName" $customName)}}
|
||||
spec:
|
||||
{{- with $v.accessModes }}
|
||||
accessModes:
|
||||
{{ toYaml . | indent 4}}
|
||||
{{- end }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ $v.size }}
|
||||
storageClassName: {{ $v.storageClassName }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
|
@ -0,0 +1,25 @@
|
|||
{{- define "lib.service" }}
|
||||
---
|
||||
# ---------------------------------------------------------------------
|
||||
# This service is created as a part of badhouseplants helm library
|
||||
# please see /lib/tempaltes/service/_service.tpl
|
||||
# ---------------------------------------------------------------------
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
{{- include "lib.metadata" (dict "Context" . "customName" "")}}
|
||||
spec:
|
||||
{{- if (.Values.service).type }}
|
||||
type: {{ .Values.service.type }}
|
||||
{{- else }}
|
||||
type: ClusterIP
|
||||
{{- end }}
|
||||
selector:
|
||||
{{ include "metadata.selectorLabels" . | indent 4}}
|
||||
ports:
|
||||
{{- range $k,$v := .Values.service.ports }}
|
||||
- name: {{ $k }}
|
||||
port: {{ $v.port }}
|
||||
targetPort: {{ $v.targetPort}}
|
||||
protocol: {{ $v.protocol}}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,29 @@
|
|||
{{- define "lib.securityContext" -}}
|
||||
{{- if not .Values.workload.securityContext -}}
|
||||
# ---------------------------------------------------------------------
|
||||
# Using the default security context, if it doesn't work for you,
|
||||
# please update `.Values.workload.securityContext`
|
||||
# ---------------------------------------------------------------------
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 3000
|
||||
fsGroup: 2000
|
||||
{{- else -}}
|
||||
{{- with .Values.workload.securityContext -}}
|
||||
securityContext:
|
||||
{{ toYaml . | indent 2 }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "lib.containerSecurityContext" -}}
|
||||
securityContext:
|
||||
{{- if not .securityContext }}
|
||||
runAsUser: 2000
|
||||
allowPrivilegeEscalation: false
|
||||
{{- else }}
|
||||
{{- with .securityContext }}
|
||||
{{ toYaml . | indent 2 }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
Loading…
Reference in New Issue