From 3d3028b889c8ebbbcc14121c8e75ad1e3a7a251e Mon Sep 17 00:00:00 2001 From: Bernd Schorgers Date: Sun, 10 Dec 2023 09:56:08 +0100 Subject: [PATCH] feat(common): Release v2.4.0 (#245) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christopher Larivière Co-authored-by: Christopher Larivière Co-authored-by: Markus Reiter --- .../common-test/ci/advanced-values.yaml | 8 +-- .../library/common-test/ci/basic-values.yaml | 2 +- .../common-test/ci/cronjob-values.yaml | 2 +- charts/library/common-test/ci/no-service.yaml | 2 +- .../common-test/ci/vaultwarden-example.yaml | 3 +- .../tests/container/image_test.yaml | 14 +++++ .../tests/container/volumemounts_test.yaml | 6 +- .../tests/container/workingdir_test.yaml | 38 ++++++++++++ .../tests/controller/type_test.yaml | 4 +- .../tests/persistence/volumes_test.yaml | 4 +- .../tests/route/service_reference_test.yaml | 62 ++++++++++++++++++- .../common-test/tests/route/values_test.yaml | 61 ++++++++++++++++++ charts/library/common-test/values.yaml | 2 +- charts/library/common/Chart.yaml | 33 ++++++---- charts/library/common/README.md | 2 +- .../common/templates/classes/_route.tpl | 9 ++- .../common/templates/classes/_statefulset.tpl | 4 +- .../common/templates/lib/container/_spec.tpl | 3 + .../lib/container/_valuesToObject.tpl | 10 ++- .../templates/lib/container/fields/_image.tpl | 2 +- .../templates/lib/pod/fields/_containers.tpl | 2 +- .../lib/pod/fields/_initContainers.tpl | 2 +- .../common/templates/lib/routes/_validate.tpl | 20 +++++- .../lib/statefulset/_volumeClaimTemplates.tpl | 2 +- charts/library/common/values.yaml | 20 +++--- docs/app-template/howto/multiple-services.md | 6 +- docs/app-template/index.md | 3 +- examples/flux/helmrelease.yaml | 51 +++++++++++++-- examples/helm/vaultwarden/values.yaml | 45 +++++++++++++- examples/kustomize/values.yaml | 3 +- 30 files changed, 364 insertions(+), 61 deletions(-) create mode 100644 charts/library/common-test/tests/container/workingdir_test.yaml diff --git a/charts/library/common-test/ci/advanced-values.yaml b/charts/library/common-test/ci/advanced-values.yaml index 15be9c4d..6e7f1a10 100644 --- a/charts/library/common-test/ci/advanced-values.yaml +++ b/charts/library/common-test/ci/advanced-values.yaml @@ -4,7 +4,7 @@ controllers: main: image: repository: ghcr.io/mendhak/http-https-echo - tag: 30 + tag: 31 pullPolicy: IfNotPresent env: @@ -25,7 +25,7 @@ controllers: - third-container image: repository: ghcr.io/mendhak/http-https-echo - tag: 30 + tag: 31 env: HTTP_PORT: 8888 HTTPS_PORT: 9998 @@ -34,7 +34,7 @@ controllers: dependsOn: main image: repository: ghcr.io/mendhak/http-https-echo - tag: 30 + tag: 31 second-controller: type: deployment @@ -42,7 +42,7 @@ controllers: main: image: repository: ghcr.io/mendhak/http-https-echo - tag: 30 + tag: 31 pullPolicy: IfNotPresent env: HTTP_PORT: 8889 diff --git a/charts/library/common-test/ci/basic-values.yaml b/charts/library/common-test/ci/basic-values.yaml index 83d71c56..18b4ee52 100644 --- a/charts/library/common-test/ci/basic-values.yaml +++ b/charts/library/common-test/ci/basic-values.yaml @@ -4,7 +4,7 @@ controllers: main: image: repository: ghcr.io/mendhak/http-https-echo - tag: 30 + tag: 31 pullPolicy: IfNotPresent probes: diff --git a/charts/library/common-test/ci/cronjob-values.yaml b/charts/library/common-test/ci/cronjob-values.yaml index 82d30965..91f10929 100644 --- a/charts/library/common-test/ci/cronjob-values.yaml +++ b/charts/library/common-test/ci/cronjob-values.yaml @@ -7,7 +7,7 @@ controllers: main: image: repository: ghcr.io/mendhak/http-https-echo - tag: 30 + tag: 31 pullPolicy: IfNotPresent service: diff --git a/charts/library/common-test/ci/no-service.yaml b/charts/library/common-test/ci/no-service.yaml index ad8fbd91..f206f83f 100644 --- a/charts/library/common-test/ci/no-service.yaml +++ b/charts/library/common-test/ci/no-service.yaml @@ -4,7 +4,7 @@ controllers: main: image: repository: ghcr.io/mendhak/http-https-echo - tag: 30 + tag: 31 pullPolicy: IfNotPresent service: diff --git a/charts/library/common-test/ci/vaultwarden-example.yaml b/charts/library/common-test/ci/vaultwarden-example.yaml index 38855bd0..2c5de1a2 100644 --- a/charts/library/common-test/ci/vaultwarden-example.yaml +++ b/charts/library/common-test/ci/vaultwarden-example.yaml @@ -59,4 +59,5 @@ persistence: type: persistentVolumeClaim accessMode: ReadWriteOnce size: 1Gi - mountPath: /config + globalMounts: + - path: /config diff --git a/charts/library/common-test/tests/container/image_test.yaml b/charts/library/common-test/tests/container/image_test.yaml index 3183feea..781a67d3 100644 --- a/charts/library/common-test/tests/container/image_test.yaml +++ b/charts/library/common-test/tests/container/image_test.yaml @@ -31,3 +31,17 @@ tests: equal: path: spec.template.spec.containers[0].image value: ghcr.io/mendhak/http-https-echo:1.23 + + - it: template tag should pass + set: + controllers.main.containers.main.image: + repository: ghcr.io/mendhak/http-https-echo + tag: "{{.Chart.Version}}" + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.containers[0].image + value: ghcr.io/mendhak/http-https-echo:1.0.0 diff --git a/charts/library/common-test/tests/container/volumemounts_test.yaml b/charts/library/common-test/tests/container/volumemounts_test.yaml index 5204fa0d..b16d383d 100644 --- a/charts/library/common-test/tests/container/volumemounts_test.yaml +++ b/charts/library/common-test/tests/container/volumemounts_test.yaml @@ -37,13 +37,13 @@ tests: second-container: image: repository: ghcr.io/mendhak/http-https-echo - tag: 30 + tag: 31 second: containers: first-container: image: repository: ghcr.io/mendhak/http-https-echo - tag: 30 + tag: 31 persistence: data: @@ -268,7 +268,7 @@ tests: second-container: image: repository: ghcr.io/mendhak/http-https-echo - tag: 30 + tag: 31 asserts: - documentIndex: &StatefulSetDoc 0 isKind: diff --git a/charts/library/common-test/tests/container/workingdir_test.yaml b/charts/library/common-test/tests/container/workingdir_test.yaml new file mode 100644 index 00000000..0d35b4a8 --- /dev/null +++ b/charts/library/common-test/tests/container/workingdir_test.yaml @@ -0,0 +1,38 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json +suite: container workingDir override +templates: + - common.yaml +tests: + - it: default should pass + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + notExists: + path: spec.template.spec.containers[0].workingDir + + - it: string should pass + set: + controllers.main.containers.main.workingDir: /work + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.containers[0].workingDir + value: /work + + - it: quoted string should pass + set: + controllers.main.containers.main.workingDir: "/work" + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.containers[0].workingDir + value: /work diff --git a/charts/library/common-test/tests/controller/type_test.yaml b/charts/library/common-test/tests/controller/type_test.yaml index b82600c5..0380e707 100644 --- a/charts/library/common-test/tests/controller/type_test.yaml +++ b/charts/library/common-test/tests/controller/type_test.yaml @@ -26,7 +26,7 @@ tests: main: image: repository: ghcr.io/mendhak/http-https-echo - tag: 30 + tag: 31 asserts: - hasDocuments: count: 3 @@ -62,7 +62,7 @@ tests: main: image: repository: ghcr.io/mendhak/http-https-echo - tag: 30 + tag: 31 asserts: - hasDocuments: count: 3 diff --git a/charts/library/common-test/tests/persistence/volumes_test.yaml b/charts/library/common-test/tests/persistence/volumes_test.yaml index 69678589..9c592ba0 100644 --- a/charts/library/common-test/tests/persistence/volumes_test.yaml +++ b/charts/library/common-test/tests/persistence/volumes_test.yaml @@ -38,13 +38,13 @@ tests: second-container: image: repository: ghcr.io/mendhak/http-https-echo - tag: 30 + tag: 31 second: containers: first-container: image: repository: ghcr.io/mendhak/http-https-echo - tag: 30 + tag: 31 persistence: config: diff --git a/charts/library/common-test/tests/route/service_reference_test.yaml b/charts/library/common-test/tests/route/service_reference_test.yaml index 97038f1b..164a3765 100644 --- a/charts/library/common-test/tests/route/service_reference_test.yaml +++ b/charts/library/common-test/tests/route/service_reference_test.yaml @@ -1,6 +1,6 @@ --- # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json -suite: ingress service reference +suite: route service reference templates: - common.yaml tests: @@ -11,6 +11,14 @@ tests: parentRefs: - name: parentName namespace: parentNamespace + rules: + - backendRefs: + - group: "" + kind: Service + name: RELEASE-NAME + namespace: NAMESPACE + port: 8080 + weight: 1 asserts: - documentIndex: &HTTPRouteDocument 2 isKind: @@ -54,3 +62,55 @@ tests: namespace: serviceNamespace port: 1234 weight: 123 + + - it: custom service reference with filter should fail + set: + route.main: + enabled: true + parentRefs: + - name: parentName + namespace: parentNamespace + rules: + - backendRefs: + - group: test + name: pathService + port: 1234 + namespace: serviceNamespace + weight: 123 + filters: + - type: RequestRedirect + requestRedirect: + scheme: https + statusCode: 301 + asserts: + - failedTemplate: + errorMessage: "backend refs and request redirect filters cannot co-exist." + + - it: custom service with filter should pass + set: + route.main: + enabled: true + parentRefs: + - name: parentName + namespace: parentNamespace + rules: + - filters: + - type: RequestRedirect + requestRedirect: + scheme: https + statusCode: 301 + asserts: + - documentIndex: &HTTPRouteDocument 2 + isKind: + of: HTTPRoute + - documentIndex: *HTTPRouteDocument + equal: + path: spec.rules[0].filters[0] + value: + type: RequestRedirect + requestRedirect: + scheme: https + statusCode: 301 + - documentIndex: *HTTPRouteDocument + notExists: + path: spec.rules[0].backendRefs[0] diff --git a/charts/library/common-test/tests/route/values_test.yaml b/charts/library/common-test/tests/route/values_test.yaml index a4dc78ba..d0447b4f 100644 --- a/charts/library/common-test/tests/route/values_test.yaml +++ b/charts/library/common-test/tests/route/values_test.yaml @@ -73,6 +73,8 @@ tests: - backendRefs: - name: test namespace: test + kind: Service + weight: 1 matches: - path: type: PathPrefix @@ -83,6 +85,8 @@ tests: path: type: ReplacePrefixMatch replacePrefixMatch: "" + timeouts: + backendRequest: 30s grpc: enabled: true kind: GRPCRoute @@ -93,6 +97,8 @@ tests: - backendRefs: - name: test namespace: test + kind: Service + weight: 1 matches: - path: type: PathPrefix @@ -113,6 +119,8 @@ tests: - backendRefs: - name: test namespace: test + kind: Service + weight: 1 matches: - path: type: PathPrefix @@ -133,6 +141,8 @@ tests: - backendRefs: - name: test namespace: test + kind: Service + weight: 1 matches: - path: type: PathPrefix @@ -153,6 +163,8 @@ tests: - backendRefs: - name: test namespace: test + kind: Service + weight: 1 matches: - path: type: PathPrefix @@ -229,6 +241,9 @@ tests: - documentIndex: &HTTPRouteDocument 6 notExists: path: spec.rules[0].filters + - documentIndex: &HTTPRouteDocument 6 + notExists: + path: spec.rules[0].timeouts - it: hostnames shouldn't be used for TCPRoutes and UDPRoutes set: @@ -291,3 +306,49 @@ tests: equal: path: spec.parentRefs[0].sectionName value: parentSection + + - it: timeouts should only be used for HTTPRoutes + set: + route: + main: + enabled: true + kind: HTTPRoute + parentRefs: + - name: parentName + namespace: parentNamespace + rules: + - backendRefs: + - name: test + namespace: test + timeouts: + backendRequest: 30s + grpc: + enabled: true + kind: GRPCRoute + parentRefs: + - name: parentName + namespace: parentNamespace + rules: + - backendRefs: + - name: test + namespace: test + matches: + - path: + type: PathPrefix + value: /test + timeouts: + backendRequest: 10s + asserts: + - documentIndex: &HTTPRouteDocument 2 + isKind: + of: GRPCRoute + - documentIndex: &HTTPRouteDocument 2 + notExists: + path: spec.rules[0].timeouts.backendRequest + - documentIndex: &HTTPRouteDocument 3 + isKind: + of: HTTPRoute + - documentIndex: &HTTPRouteDocument 3 + equal: + path: spec.rules[0].timeouts.backendRequest + value: 30s diff --git a/charts/library/common-test/values.yaml b/charts/library/common-test/values.yaml index 3c9b8ac0..0f44fbaa 100644 --- a/charts/library/common-test/values.yaml +++ b/charts/library/common-test/values.yaml @@ -5,7 +5,7 @@ controllers: main: image: repository: ghcr.io/mendhak/http-https-echo - tag: 30 + tag: 31 pullPolicy: IfNotPresent service: diff --git a/charts/library/common/Chart.yaml b/charts/library/common/Chart.yaml index fc2959f0..3a1e6c0f 100644 --- a/charts/library/common/Chart.yaml +++ b/charts/library/common/Chart.yaml @@ -3,7 +3,7 @@ apiVersion: v2 name: common description: Function library for Helm charts type: library -version: 2.3.0 +version: 2.4.0 kubeVersion: ">=1.22.0-0" keywords: - common @@ -16,19 +16,30 @@ annotations: artifacthub.io/changes: |- - kind: added description: |- - Add support for `appProtocol` in Kubernetes services. + Add support for `timeouts` in HTTPRoute. - kind: added description: |- - Add support for route filters for HTTPRoute and GRPCRoute. - - kind: added - description: |- - Add support `dataSource` and `dataSourceRef` fields in StatefulSet volumeClaimTemplates. - - kind: added - description: |- - Add support `dataSource` and `dataSourceRef` fields in persistentVolumeClaim persistence items. + Add support for `workingDir` for containers. - kind: fixed description: |- - GRPCRoute support for matches was not supported. + Defaulting image tags to chart.Appversion was removed without a proper alternative - kind: fixed description: |- - `valuefrom`-style environment variables can now use Helm templating again. + Using RequestRedirect is not allowed with BackendRefs in Routes. + - kind: fixed + description: |- + StatefulSet objects would not always fall back to proper defaults and error out + - kind: changed + description: |- + routes will no longer auto target its service. + It will need to be explicitly defined as below + + ```yaml + - backendRefs: + - group: "" + kind: Service + name: foo + namespace: foo-namespace + port: 8080 + weight: 1 + ``` diff --git a/charts/library/common/README.md b/charts/library/common/README.md index f004f15c..b5a490e7 100644 --- a/charts/library/common/README.md +++ b/charts/library/common/README.md @@ -175,7 +175,7 @@ The following table contains an overview of available values and their descripti | route.main.labels | object | `{}` | Provide additional labels which may be required. | | route.main.nameOverride | string | `nil` | Override the name suffix that is used for this route. | | route.main.parentRefs | list | `[{"group":"gateway.networking.k8s.io","kind":"Gateway","name":null,"namespace":null,"sectionName":null}]` | Configure the resource the route attaches to. | -| route.main.rules | list | `[{"backendRefs":[{"group":"","kind":"Service","name":"main","namespace":null,"port":null,"weight":1}],"filters":[],"matches":[{"path":{"type":"PathPrefix","value":"/"}}]}]` | Configure rules for routing. Defaults to the primary service. | +| route.main.rules | list | `[{"backendRefs":[{"group":"","kind":"Service","name":"main","namespace":null,"port":null,"weight":1}],"timeouts":{}"filters":[],"matches":[{"path":{"type":"PathPrefix","value":"/"}}]}]` | Configure rules for routing. Defaults to the primary service. | | route.main.rules[0].backendRefs | list | `[{"group":"","kind":"Service","name":"main","namespace":null,"port":null,"weight":1}]` | Configure backends where matching requests should be sent. | | secrets | object | See below | Use this to populate secrets with the values you specify. Be aware that these values are not encrypted by default, and could therefore visible to anybody with access to the values.yaml file. Additional Secrets can be added by adding a dictionary key similar to the 'secret' object. | | secrets.secret.annotations | object | `{}` | Annotations to add to the Secret | diff --git a/charts/library/common/templates/classes/_route.tpl b/charts/library/common/templates/classes/_route.tpl index ddd3acc7..123bc5fe 100644 --- a/charts/library/common/templates/classes/_route.tpl +++ b/charts/library/common/templates/classes/_route.tpl @@ -24,9 +24,6 @@ within the common library. -}} --- apiVersion: {{ $apiVersion }} -{{- if and (ne $routeKind "GRPCRoute") (ne $routeKind "HTTPRoute") (ne $routeKind "TCPRoute") (ne $routeKind "TLSRoute") (ne $routeKind "UDPRoute") }} - {{- fail (printf "Not a valid route kind (%s)" $routeKind) }} -{{- end }} kind: {{ $routeKind }} metadata: name: {{ $routeObject.name }} @@ -79,5 +76,11 @@ spec: {{- toYaml . | nindent 6 }} {{- end }} {{- end }} + {{- if (eq $routeKind "HTTPRoute") }} + {{- with .timeouts }} + timeouts: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- end }} {{- end }} {{- end }} diff --git a/charts/library/common/templates/classes/_statefulset.tpl b/charts/library/common/templates/classes/_statefulset.tpl index 66adcf8d..bdcf48a3 100644 --- a/charts/library/common/templates/classes/_statefulset.tpl +++ b/charts/library/common/templates/classes/_statefulset.tpl @@ -29,10 +29,10 @@ metadata: spec: revisionHistoryLimit: {{ $statefulsetObject.revisionHistoryLimit }} replicas: {{ $statefulsetObject.replicas }} - podManagementPolicy: {{ default "OrderedReady" $statefulsetObject.statefulset.podManagementPolicy }} + podManagementPolicy: {{ dig "statefulset" "podManagementPolicy" "OrderedReady" $statefulsetObject }} updateStrategy: type: {{ $statefulsetObject.strategy }} - {{- if and (eq $statefulsetObject.strategy "RollingUpdate") $statefulsetObject.rollingUpdate.partition }} + {{- if and (eq $statefulsetObject.strategy "RollingUpdate") (dig "rollingUpdate" "partition" nil $statefulsetObject) }} rollingUpdate: partition: {{ $statefulsetObject.rollingUpdate.partition }} {{- end }} diff --git a/charts/library/common/templates/lib/container/_spec.tpl b/charts/library/common/templates/lib/container/_spec.tpl index acf746bf..c17e450d 100644 --- a/charts/library/common/templates/lib/container/_spec.tpl +++ b/charts/library/common/templates/lib/container/_spec.tpl @@ -17,6 +17,9 @@ command: {{ . | trim | nindent 2 }} {{- end -}} {{- with (include "bjw-s.common.lib.container.field.args" (dict "ctx" $ctx) | trim) }} args: {{ . | trim | nindent 2 }} + {{- end -}} + {{- with $containerObject.workingDir }} +workingDir: {{ . | trim }} {{- end -}} {{- with $containerObject.securityContext }} securityContext: {{ toYaml . | trim | nindent 2 }} diff --git a/charts/library/common/templates/lib/container/_valuesToObject.tpl b/charts/library/common/templates/lib/container/_valuesToObject.tpl index 044ad0a9..50b9e2f5 100644 --- a/charts/library/common/templates/lib/container/_valuesToObject.tpl +++ b/charts/library/common/templates/lib/container/_valuesToObject.tpl @@ -8,12 +8,18 @@ Convert container values to an object {{- $_ := set $objectValues "identifier" $identifier -}} - {{- /* Convert float64 image tags to string */ -}} + {{- /* Process image tags */ -}} {{- if kindIs "map" $objectValues.image -}} {{- $imageTag := dig "image" "tag" "" $objectValues -}} + {{- /* Convert float64 image tags to string */ -}} {{- if kindIs "float64" $imageTag -}} - {{- $_ := set $objectValues.image "tag" ($imageTag | toString) -}} + {{- $imageTag = $imageTag | toString -}} {{- end -}} + + {{- /* Process any templates in the tag */ -}} + {{- $imageTag = tpl $imageTag $rootContext -}} + + {{- $_ := set $objectValues.image "tag" $imageTag -}} {{- end -}} {{- /* Return the container object */ -}} diff --git a/charts/library/common/templates/lib/container/fields/_image.tpl b/charts/library/common/templates/lib/container/fields/_image.tpl index 88d93c2a..327ea627 100644 --- a/charts/library/common/templates/lib/container/fields/_image.tpl +++ b/charts/library/common/templates/lib/container/fields/_image.tpl @@ -7,7 +7,7 @@ Image used by the container. {{- $containerObject := $ctx.containerObject -}} {{- $imageRepo := $containerObject.image.repository -}} - {{- $imageTag := default $rootContext.Chart.AppVersion $containerObject.image.tag -}} + {{- $imageTag := $containerObject.image.tag -}} {{- if and $imageRepo $imageTag -}} {{- printf "%s:%s" $imageRepo $imageTag -}} diff --git a/charts/library/common/templates/lib/pod/fields/_containers.tpl b/charts/library/common/templates/lib/pod/fields/_containers.tpl index 1152ddbb..a20f7d41 100644 --- a/charts/library/common/templates/lib/pod/fields/_containers.tpl +++ b/charts/library/common/templates/lib/pod/fields/_containers.tpl @@ -19,7 +19,7 @@ Returns the value for containers {{- range $key, $containerValues := $enabledContainers -}} {{- /* Create object from the container values */ -}} - {{- $containerObject := (include "bjw-s.common.lib.container.valuesToObject" (dict "rootContext" $ "id" $key "values" $containerValues)) | fromYaml -}} + {{- $containerObject := (include "bjw-s.common.lib.container.valuesToObject" (dict "rootContext" $rootContext "id" $key "values" $containerValues)) | fromYaml -}} {{- /* Perform validations on the Container before rendering */ -}} {{- include "bjw-s.common.lib.container.validate" (dict "rootContext" $ "controllerObject" $controllerObject "containerObject" $containerObject) -}} diff --git a/charts/library/common/templates/lib/pod/fields/_initContainers.tpl b/charts/library/common/templates/lib/pod/fields/_initContainers.tpl index d0a051a8..2d780092 100644 --- a/charts/library/common/templates/lib/pod/fields/_initContainers.tpl +++ b/charts/library/common/templates/lib/pod/fields/_initContainers.tpl @@ -25,7 +25,7 @@ Returns the value for initContainers {{- if $containerEnabled -}} {{- /* Create object from the container values */ -}} - {{- $containerObject := (include "bjw-s.common.lib.container.valuesToObject" (dict "rootContext" $ "id" $key "values" $containerValues)) | fromYaml -}} + {{- $containerObject := (include "bjw-s.common.lib.container.valuesToObject" (dict "rootContext" $rootContext "id" $key "values" $containerValues)) | fromYaml -}} {{- /* Perform validations on the Container before rendering */ -}} {{- include "bjw-s.common.lib.container.validate" (dict "rootContext" $ "controllerObject" $controllerObject "containerObject" $containerObject) -}} diff --git a/charts/library/common/templates/lib/routes/_validate.tpl b/charts/library/common/templates/lib/routes/_validate.tpl index 5b89d856..776494c0 100644 --- a/charts/library/common/templates/lib/routes/_validate.tpl +++ b/charts/library/common/templates/lib/routes/_validate.tpl @@ -3,5 +3,23 @@ Validate Route values */}} {{- define "bjw-s.common.lib.route.validate" -}} {{- $rootContext := .rootContext -}} - {{- $routeValues := .object -}} + {{- $routeObject := .object -}} + + {{/* Route Types */}} + {{- $routeKind := $routeObject.kind | default "HTTPRoute"}} + {{- if and (ne $routeKind "GRPCRoute") (ne $routeKind "HTTPRoute") (ne $routeKind "TCPRoute") (ne $routeKind "TLSRoute") (ne $routeKind "UDPRoute") }} + {{- fail (printf "Not a valid route kind (%s)" $routeKind) }} + {{- end }} + + {{/* Route Rules */}} + + {{- range $routeObject.rules }} + {{- if and (.filters) (.backendRefs) }} + {{- range .filters }} + {{- if eq .type "RequestRedirect" }} + {{- fail (printf "backend refs and request redirect filters cannot co-exist.")}} + {{- end }} + {{- end }} + {{- end }} + {{- end }} {{- end -}} diff --git a/charts/library/common/templates/lib/statefulset/_volumeClaimTemplates.tpl b/charts/library/common/templates/lib/statefulset/_volumeClaimTemplates.tpl index 413c39bb..ab96ae79 100644 --- a/charts/library/common/templates/lib/statefulset/_volumeClaimTemplates.tpl +++ b/charts/library/common/templates/lib/statefulset/_volumeClaimTemplates.tpl @@ -40,7 +40,7 @@ VolumeClaimTemplates for StatefulSet {{- /* Default to empty list */ -}} {{- $volumeClaimTemplates := list -}} - {{- range $index, $volumeClaimTemplate := $statefulsetObject.statefulset.volumeClaimTemplates }} + {{- range $index, $volumeClaimTemplate := (dig "statefulset" "volumeClaimTemplates" list $statefulsetObject) }} {{- $vct := include "bjw-s.common.lib.statefulset.volumeclaimtemplate" (dict "rootContext" $rootContext "values" $volumeClaimTemplate) -}} {{- $volumeClaimTemplates = append $volumeClaimTemplates ($vct | fromYaml) -}} {{- end -}} diff --git a/charts/library/common/values.yaml b/charts/library/common/values.yaml index d5d9215f..48ff7cdb 100644 --- a/charts/library/common/values.yaml +++ b/charts/library/common/values.yaml @@ -161,7 +161,8 @@ controllers: # - name: data # labels: {} # annotations: {} - # mountPath: /data + # globalMounts: + # - path: /data # accessMode: "ReadWriteOnce" # dataSourceRef: # apiGroup: snapshot.storage.k8s.io @@ -171,8 +172,9 @@ controllers: # - name: backup # labels: {} # annotations: {} - # mountPath: /backup - # subPath: theSubPath + # globalMounts: + # - path: /backup + # subPath: theSubPath # accessMode: "ReadWriteOnce" # size: 2Gi # storageClass: cheap-storage-class @@ -207,6 +209,8 @@ controllers: command: [] # -- Override the args for the default container args: [] + # -- Override the working directory for the default container + workingDir: # -- Environment variables. Template enabled. # Syntax options: @@ -589,13 +593,7 @@ route: # -- Configure rules for routing. Defaults to the primary service. rules: - # -- Configure backends where matching requests should be sent. - backendRefs: - - group: "" - kind: Service - name: main - namespace: - port: - weight: 1 + backendRefs: [] ## Configure conditions used for matching incoming requests. Only for HTTPRoutes matches: - path: @@ -603,6 +601,8 @@ route: value: / ## Request filters that are applied to the rules. filters: [] + ## Request timeout that are applied to the rules. + timeouts: {} # -- Configure persistence for the chart here. # Additional items can be added by adding a dictionary key similar to the 'config' key. diff --git a/docs/app-template/howto/multiple-services.md b/docs/app-template/howto/multiple-services.md index 57a5ffe9..ac9ac61d 100644 --- a/docs/app-template/howto/multiple-services.md +++ b/docs/app-template/howto/multiple-services.md @@ -13,7 +13,7 @@ controllers: main: image: repository: ghcr.io/mendhak/http-https-echo - tag: 30 + tag: 31 pullPolicy: IfNotPresent service: @@ -46,14 +46,14 @@ controllers: main: image: repository: ghcr.io/mendhak/http-https-echo - tag: 30 + tag: 31 pullPolicy: IfNotPresent second: containers: main: image: repository: ghcr.io/mendhak/http-https-echo - tag: 30 + tag: 31 pullPolicy: IfNotPresent service: diff --git a/docs/app-template/index.md b/docs/app-template/index.md index d012e57f..487cc1e1 100644 --- a/docs/app-template/index.md +++ b/docs/app-template/index.md @@ -81,7 +81,8 @@ persistence: media: enabled: true existingClaim: nas-media - mountPath: /data/nas-media + globalMounts: + - path: /data/nas-media probes: liveness: diff --git a/examples/flux/helmrelease.yaml b/examples/flux/helmrelease.yaml index 73646660..64d15664 100644 --- a/examples/flux/helmrelease.yaml +++ b/examples/flux/helmrelease.yaml @@ -2,7 +2,7 @@ apiVersion: helm.toolkit.fluxcd.io/v2beta1 kind: HelmRelease metadata: - name: vaultwarden + name: &app vaultwarden namespace: default spec: interval: 15m @@ -45,10 +45,10 @@ spec: main: ports: http: - port: 80 + port: &port 80 websocket: enabled: true - port: 3012 + port: &websocket-port 3012 ingress: # -- Enable and configure ingress settings for the chart under this key. @@ -73,6 +73,48 @@ spec: name: main port: websocket + route: + # -- Enable and configure route settings for the chart under this key. + main: + enabled: true + parentRefs: + - name: gateway + namespace: gateway-namespace + sectionName: gateway-section + hostnames: + - chart-example.local + rules: + - matches: + - path: + type: PathPrefix + value: / + backendRefs: + - kind: Service + port: *port + name: *app + namespace: default + weight: 1 + - matches: + - path: + type: PathPrefix + value: /notifications/hub/negotiate + backendRefs: + - kind: Service + port: *port + name: *app + namespace: default + weight: 1 + - matches: + - path: + type: PathPrefix + value: /notifications/hub + backendRefs: + - kind: Service + port: *websocket-port + name: *app + namespace: default + weight: 1 + # -- Configure persistence settings for the chart under this key. persistence: config: @@ -80,4 +122,5 @@ spec: type: persistentVolumeClaim accessMode: ReadWriteOnce size: 1Gi - mountPath: /config + globalMounts: + - path: /config diff --git a/examples/helm/vaultwarden/values.yaml b/examples/helm/vaultwarden/values.yaml index 38855bd0..a35638e8 100644 --- a/examples/helm/vaultwarden/values.yaml +++ b/examples/helm/vaultwarden/values.yaml @@ -52,6 +52,48 @@ ingress: name: main port: websocket +route: + # -- Enable and configure route settings for the chart under this key. + main: + enabled: true + parentRefs: + - name: gateway + namespace: gateway-namespace + sectionName: gateway-section + hostnames: + - chart-example.local + rules: + - matches: + - path: + type: PathPrefix + value: / + backendRefs: + - kind: Service + port: 80 + name: main + namespace: default + weight: 1 + - matches: + - path: + type: PathPrefix + value: /notifications/hub/negotiate + backendRefs: + - kind: Service + port: 80 + name: main + namespace: default + weight: 1 + - matches: + - path: + type: PathPrefix + value: /notifications/hub + backendRefs: + - kind: Service + port: 3012 + name: main + namespace: default + weight: 1 + # -- Configure persistence settings for the chart under this key. persistence: config: @@ -59,4 +101,5 @@ persistence: type: persistentVolumeClaim accessMode: ReadWriteOnce size: 1Gi - mountPath: /config + globalMounts: + - path: /config diff --git a/examples/kustomize/values.yaml b/examples/kustomize/values.yaml index 38855bd0..2c5de1a2 100644 --- a/examples/kustomize/values.yaml +++ b/examples/kustomize/values.yaml @@ -59,4 +59,5 @@ persistence: type: persistentVolumeClaim accessMode: ReadWriteOnce size: 1Gi - mountPath: /config + globalMounts: + - path: /config