Init the lib

.woodpecker/helm.yaml

@@ -0,0 +1,96 @@
+---
+when:
+  event:
+    - push
+
+.chart-testing-image: &chart-testing-image
+  image: quay.io/helmpack/chart-testing:v3.10.1
+clone:
+  git:
+    image: woodpeckerci/plugin-git
+    settings:
+      partial: false
+
+steps:
+  changed:
+    <<: *chart-testing-image
+    name: Check changed charts
+    commands:
+      - git fetch origin
+      - ct lint --target-branch main --print-config --debug
+      - ct list-changed --target-branch main > .changed
+
+  lint:
+    <<: *chart-testing-image
+    name: Lint charts
+    commands:
+      - git fetch origin
+      - |
+        if [ -s .changed ]; then
+          ct lint --target-branch main --validate-maintainers=false
+        fi
+
+  test:
+    <<: *chart-testing-image
+    name: Test charts
+    environment:
+      - DOCKER_HOST=tcp://docker:2375
+    commands:
+      - |
+        if [ -s .changed ]; then
+          export PATH=$PWD/.bin:$PATH
+          apk update && apk add docker curl bash
+          curl -s https://raw.githubusercontent.com/k3d-io/k3d/main/install.sh | bash
+          k3d cluster create test --api-port 16443 --k3s-arg="kubelet-args=\"--allowed-unsafe-sysctls=net.ipv4.ip_forward\""@all
+          sed -i -E -e 's/localhost|0\.0\.0\.0/docker/g' ~/.kube/config
+          kubectl get storageclass
+          git fetch origin
+          ct install --target-branch main
+          ct install --target-branch main --upgrade
+        fi
+
+  release:
+    <<: *chart-testing-image
+    name: Release charts
+    when:
+      - branch: main
+    secrets:
+      - gitea_token
+    environment:
+      - DISABLE_FORCE_OVERWRITE='true'
+      - ALLOW_OVERWRITE='false'
+    commands:
+      - helm plugin install https://github.com/chartmuseum/helm-push
+      - |
+          helm repo add --username allanger --password $GITEA_TOKEN \
+            badhouseplants-library https://git.badhouseplants.net/api/packages/badhouseplants/helm
+      - |
+          for chart in $(find charts -maxdepth 1 -mindepth 1 -type d); do
+            helm package $chart -d chart-packages;
+          done
+      - |
+          for chart in $(find chart-packages -maxdepth 1 -mindepth 1 -type f); do
+            helm cm-push $chart badhouseplants-library
+          done
+
+
+
+services:
+  docker:
+    image: docker:dind
+    commands:
+      - echo "1" >  /proc/sys/net/ipv4/ip_forward
+      - dockerd -H tcp://0.0.0.0:2375 --tls=false
+    privileged: true
+    ports:
+      - 2375
+      - 16443
+    backend_options:
+      kubernetes:
+        resources:
+          requests:
+            memory: 500Mi
+            cpu: 500m
+          limits:
+            memory: 1000Mi
+            cpu: 1000m

testing/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

testing/Chart.yaml

@@ -0,0 +1,8 @@
+apiVersion: v2
+name: badhouseplants-lib
+description: A library to be reused accross badhouseplants charts
+type: library
+version: 0.1.0
+maintainers:
+  - name: allanger
+    email: allanger@badhouseplants.net

testing/templates/_helpers.tpl

@@ -0,0 +1,63 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "chart.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "chart.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "chart.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "chart.labels" -}}
+helm.sh/chart: {{ include "chart.chart" . }}
+{{ include "chart.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "chart.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "chart.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "chart.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "chart.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+

testing/templates/_utils.yaml

@@ -0,0 +1,13 @@
+{{- /*
+lib.util.merge will merge two YAML templates and output the result.
+This takes an array of three values:
+- the top context
+- the template name of the overrides (destination)
+- the template name of the base (source)
+*/}}
+{{- define "lib.util.merge" -}}
+{{- $top := first . -}}
+{{- $overrides := fromYaml (include (index . 1) $top) | default (dict ) -}}
+{{- $tpl := fromYaml (include (index . 2) $top) | default (dict ) -}}
+{{- toYaml (merge $overrides $tpl) -}}
+{{- end -}}

testing/templates/_workloads.yaml

@@ -0,0 +1,12 @@
+{{- define "helpers.allowed_workloads" -}}
+{{ index .Chart.Annotations "helm.badhouseplants.net/allowed_workload_kinds" }}
+{{- end -}}
+
+{{- define "lib.workload" -}}
+---
+{{ if eq .Values.workload.kind "Deployment" -}}
+{{- if contains .Values.workload.kind (include "helpers.allowed_workloads" .) }}
+{{- include "lib.deployment" . }}
+{{- end }}
+{{- end }}
+{{- end }}

testing/templates/configs/_env.tpl

@@ -0,0 +1,20 @@
+{{- define "lib.env" -}}
+{{- range $k, $v := .Values.env }}
+{{- $customName := printf "%s-%s" (include "chart.fullname" $) $k }}
+---
+apiVersion: v1
+{{- if not $v.sensitive }}
+kind: ConfigMap
+{{- include "lib.metadata" (dict "Context" $ "customName" $customName)}}
+data:
+{{- else }}
+kind: Secret
+{{- include "lib.metadata" (dict "Context" $ "customName" $customName)}}
+stringData:
+{{- end }}
+{{- with $v.data }}
+{{ toYaml . | indent 2}}
+{{- end }}
+{{- end }}
+{{- end -}}
+

testing/templates/deployment/_deployment.tpl

@@ -0,0 +1,11 @@
+{{- define "lib.deployment" -}}
+# ---------------------------------------------------------------------
+# The deployment is build withing the helm library
+# please check the lib/tempaltes/deployment/base
+# ---------------------------------------------------------------------
+apiVersion: apps/v1
+kind: Deployment
+{{- include "lib.metadata" (dict "Context" . "customName" "")}}
+{{- include "deployment.spec" . }}
+{{- end -}}
+

testing/templates/deployment/_spec.tpl

@@ -0,0 +1,61 @@
+{{/*
+  This is a builder for deployments
+*/}}
+{{- define "deployment.spec" }}
+spec: 
+  replicas: {{ .Values.workload.replicas }}
+  selector:
+    matchLabels:
+{{ include "metadata.selectorLabels" . | indent 6 }}
+  template:
+    metadata:
+      labels:
+{{ include "metadata.labels" . | indent 8 }}
+    spec:
+{{ include "lib.securityContext" . | indent 6 }}
+      {{- if or .Values.storage .Values.extraVolumes }}
+      volumes:
+      {{- if .Values.storage }}
+      {{- range $k, $v := .Values.storage }}
+        - name: {{ $k }}
+          persistentVolumeClaim:
+            claimName: {{ include "chart.fullname" $ }}-data
+      {{- end }}
+      {{- end }}
+      {{- end }}
+      containers:
+{{- range $k,$v := .Values.workload.containers }}
+      - name: {{ $k }}
+{{ include "lib.containerSecurityContext" . | indent 8 }}
+        image: {{ index $.Chart.Annotations "helm.badhouseplants.net/registry" }}:{{ $.Chart.AppVersion }}
+{{- with $v.ports }}
+        ports:
+{{- range $p := $v.ports}}
+          - containerPort: {{ index (index $.Values.service.ports $p) "targetPort" }}
+
+{{- if $v.envFrom }}
+        envFrom:
+{{- range $k := $v.envFrom }}
+{{- if kindIs "string" $k }}
+{{- if (index $.Values.env $k) }}
+{{- if (index $.Values.env $k).sensitive }}
+          - secretRef:
+{{- else }}
+          - configMapRef:
+{{- end }}
+              name: {{ printf "%s-%s" (include "chart.fullname" $) $k }}
+{{- end }}
+{{- else }}
+{{- range $k, $v := $k }}
+          - {{ $k }}:
+{{ toYaml $v | indent 14 }}
+{{- end }}
+{{- end -}}
+
+
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}

testing/templates/metadata/_base.tpl

@@ -0,0 +1,13 @@
+{{- define "lib.metadata" }}
+metadata:
+  {{- if  .customName }}
+  name: {{ .customName }}
+  {{- else }}
+  name: {{ include "chart.fullname" .Context }}
+  {{- end }}
+  labels:
+{{ include "metadata.labels" .Context | indent 4 }}
+{{- end }}
+
+{{- define "metadata.customName" -}}
+{{- end -}}

testing/templates/metadata/_labels.tpl

@@ -0,0 +1,20 @@
+{{/*
+Common labels
+*/}}
+{{- define "metadata.labels" -}}
+helm.sh/chart: {{ include "chart.chart" . }}
+{{ include "chart.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "metadata.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "chart.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+

testing/templates/notes/_notes.tpl

@@ -0,0 +1,3 @@
+{{- define "lib.notes" -}}
+{{ include "helpers.allowed_workloads" . }}
+{{- end }}

testing/templates/pvc/_pvc.tpl

@@ -0,0 +1,18 @@
+{{- define "lib.pvc" -}}
+{{- range $k, $v := .Values.storage }}
+{{- $customName := printf "%s-%s" (include "chart.fullname" $) $k }}
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+{{- include "lib.metadata" (dict "Context" $ "customName" $customName)}}
+spec:
+{{- with $v.accessModes }}
+  accessModes:
+{{ toYaml . | indent 4}}
+{{- end }}
+  resources:
+    requests:
+      storage: {{ $v.size }}
+  storageClassName: {{ $v.storageClassName }}
+{{- end }}
+{{- end -}}

testing/templates/service/_service.tpl

@@ -0,0 +1,25 @@
+{{- define "lib.service" }}
+---
+# ---------------------------------------------------------------------
+# This service is created as a part of badhouseplants helm library
+# please see /lib/tempaltes/service/_service.tpl
+# ---------------------------------------------------------------------
+apiVersion: v1
+kind: Service
+{{- include "lib.metadata" (dict "Context" . "customName" "")}}
+spec:
+  {{- if (.Values.service).type }}
+  type: {{ .Values.service.type }}
+  {{- else }}
+  type: ClusterIP
+  {{- end }}
+  selector:
+{{ include "metadata.selectorLabels" .  | indent 4}}
+  ports:
+{{- range $k,$v := .Values.service.ports }}
+    - name: {{ $k }}
+      port: {{ $v.port }}
+      targetPort: {{ $v.targetPort}}
+      protocol: {{ $v.protocol}}
+{{- end }}
+{{- end }}

testing/templates/workload/_security.tpl

@@ -0,0 +1,29 @@
+{{- define "lib.securityContext" -}}
+{{- if not .Values.workload.securityContext -}}
+# ---------------------------------------------------------------------
+# Using the default security context, if it doesn't work for you,
+# please update `.Values.workload.securityContext`
+# ---------------------------------------------------------------------
+securityContext:
+  runAsUser: 1000
+  runAsGroup: 3000
+  fsGroup: 2000
+{{- else -}}
+{{- with .Values.workload.securityContext -}}
+securityContext:
+{{ toYaml . | indent 2 }}
+{{- end }}
+{{- end -}}
+{{- end -}}
+
+{{- define "lib.containerSecurityContext" -}}
+securityContext:
+{{- if  not .securityContext }}
+  runAsUser: 2000
+  allowPrivilegeEscalation: false
+{{- else }}
+{{- with .securityContext }}
+{{ toYaml . | indent 2 }}
+{{- end }}
+{{- end -}}
+{{- end -}}