From 21ff595d4063ab76b63263b2a87fa486aa2640d2 Mon Sep 17 00:00:00 2001 From: Nikolai Rodionov Date: Fri, 16 Feb 2024 15:47:14 +0100 Subject: [PATCH] Some small chagnes --- badhouseplants/helmfile.yaml | 2 + badhouseplants/values/values.roles.yaml | 9 ++++ .../chart/templates/namespaces.yaml | 3 +- charts/roles/.helmignore | 23 ++++++++++ charts/roles/Chart.yaml | 6 +++ charts/roles/templates/_helpers.tpl | 43 +++++++++++++++++++ charts/roles/templates/namespaces.yaml | 23 ++++++++++ charts/roles/values.yaml | 9 ++++ releases.yaml | 8 ++++ 9 files changed, 125 insertions(+), 1 deletion(-) create mode 100644 badhouseplants/values/values.roles.yaml create mode 100644 charts/roles/.helmignore create mode 100644 charts/roles/Chart.yaml create mode 100644 charts/roles/templates/_helpers.tpl create mode 100644 charts/roles/templates/namespaces.yaml create mode 100644 charts/roles/values.yaml diff --git a/badhouseplants/helmfile.yaml b/badhouseplants/helmfile.yaml index 0ec24c9..39e25bd 100644 --- a/badhouseplants/helmfile.yaml +++ b/badhouseplants/helmfile.yaml @@ -4,6 +4,8 @@ releases: - <<: *namespaces installed: true + - <<: *roles + installed: true - <<: *coredns installed: true - <<: *cilium diff --git a/badhouseplants/values/values.roles.yaml b/badhouseplants/values/values.roles.yaml new file mode 100644 index 0000000..7fcd045 --- /dev/null +++ b/badhouseplants/values/values.roles.yaml @@ -0,0 +1,9 @@ +roles: + - name: minecraft-admin + namespace: minecraft-application + kind: Role + rules: + - apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] + namespace: ["minecraft-application"] diff --git a/charts/namespaces/chart/templates/namespaces.yaml b/charts/namespaces/chart/templates/namespaces.yaml index dc2bd62..3e87e83 100644 --- a/charts/namespaces/chart/templates/namespaces.yaml +++ b/charts/namespaces/chart/templates/namespaces.yaml @@ -10,8 +10,9 @@ metadata: {{- with $ns.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with $ns.annotations}} annotations: + "helm.sh/resource-policy": keep + {{- with $ns.annotations}} {{- toYaml . | nindent 4 }} {{- end }} {{- end }} diff --git a/charts/roles/.helmignore b/charts/roles/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/roles/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/roles/Chart.yaml b/charts/roles/Chart.yaml new file mode 100644 index 0000000..c2d5cc6 --- /dev/null +++ b/charts/roles/Chart.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +name: roles +description: A Helm chart for Kubernetes +type: application +version: 0.1.0 +appVersion: "1.16.0" diff --git a/charts/roles/templates/_helpers.tpl b/charts/roles/templates/_helpers.tpl new file mode 100644 index 0000000..2927519 --- /dev/null +++ b/charts/roles/templates/_helpers.tpl @@ -0,0 +1,43 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "roles.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "roles.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "roles.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "roles.labels" -}} +helm.sh/chart: {{ include "roles.chart" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + diff --git a/charts/roles/templates/namespaces.yaml b/charts/roles/templates/namespaces.yaml new file mode 100644 index 0000000..7cb85dc --- /dev/null +++ b/charts/roles/templates/namespaces.yaml @@ -0,0 +1,23 @@ +{{- if .Values.roles }} +{{- range $roles := .Values.roles }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: {{ $roles.kind }} +metadata: + name: {{ $roles.name }} + namespace: {{ $roles.namespace }} + labels: + {{- include "roles.labels" $ | nindent 4 }} + {{- with $roles.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with $roles.annotations}} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +rules: +{{- with $roles.rules }} +{{- toYaml . | nindent 2 }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/roles/values.yaml b/charts/roles/values.yaml new file mode 100644 index 0000000..7fcd045 --- /dev/null +++ b/charts/roles/values.yaml @@ -0,0 +1,9 @@ +roles: + - name: minecraft-admin + namespace: minecraft-application + kind: Role + rules: + - apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] + namespace: ["minecraft-application"] diff --git a/releases.yaml b/releases.yaml index 7c999fd..e8a4277 100644 --- a/releases.yaml +++ b/releases.yaml @@ -106,6 +106,14 @@ templates: inherit: - template: default-env-values + roles: &roles + name: roles + chart: '{{ requiredEnv "PWD" }}/charts/roles' + namespace: kube-public + createNamespace: false + inherit: + - template: default-env-values + metrics-server: &metrics-server name: metrics-server chart: metrics-server/metrics-server