feat(common)!: Release version 0.2.0

- 🛑 BREAKING - Removed support for the openvpn and wireguard VPN types.
- Update container versions
- Added support for adding serviceMonitors to services.
- ConfigMap checksum logic now only looks at ConfigMap data
- Explicitly convert defaultMode to decimal notation in code-server addon.

charts/library/common/templates/_service.tpl

@@ -3,7 +3,7 @@ Renders the Service objects required by the chart.
 */}}
 {{- define "common.service" -}}
   {{- /* Generate named services as required */ -}}
-  {{- range $name, $service := .Values.service }}
+  {{- range $name, $service := .Values.service -}}
     {{- if $service.enabled -}}
       {{- $serviceValues := $service -}}
 
@@ -12,10 +12,24 @@ Renders the Service objects required by the chart.
         {{- $_ := set $serviceValues "nameOverride" $name -}}
       {{ end -}}
 
+      {{/* Include the Service class */}}
       {{- $_ := set $ "ObjectValues" (dict "service" $serviceValues) -}}
-      {{- include "common.classes.service" $ }}
-    {{- end }}
-  {{- end }}
+      {{- include "common.classes.service" $ | nindent 0 -}}
+
+      {{/* Include a serviceMonitor if required */}}
+      {{- if $service.monitor.enabled | default false -}}
+        {{- $_ := set $ "ObjectValues" (dict "serviceMonitor" $serviceValues.monitor) -}}
+        {{- $_ := set $.ObjectValues.serviceMonitor "nameOverride" $serviceValues.nameOverride -}}
+
+        {{- $serviceName := include "common.names.fullname" $ -}}
+        {{- if and (hasKey $serviceValues "nameOverride") $serviceValues.nameOverride -}}
+          {{- $serviceName = printf "%v-%v" $serviceName $serviceValues.nameOverride -}}
+        {{ end -}}
+        {{- $_ := set $.ObjectValues.serviceMonitor "serviceName" $serviceName -}}
+        {{- include "common.classes.serviceMonitor" $ | nindent 0 -}}
+      {{- end -}}
+    {{- end -}}
+  {{- end -}}
 {{- end }}
 
 {{/*

charts/library/common/templates/addons/code-server/_volume.tpl

@@ -9,7 +9,7 @@ secret:
   {{- else }}
   secretName: {{ include "common.names.fullname" . }}-deploykey
   {{- end }}
-  defaultMode: 256
+  defaultMode: {{ "0400" | toDecimal }}
   items:
     - key: id_rsa
       path: id_rsa

charts/library/common/templates/addons/vpn/_vpn.tpl

@@ -5,11 +5,11 @@ It will include / inject the required templates based on the given values.
 {{- define "common.addon.vpn" -}}
 {{- if .Values.addons.vpn.enabled -}}
   {{- if eq "openvpn" .Values.addons.vpn.type -}}
-    {{- include "common.addon.openvpn" . }}
+    {{- fail "The 'openvpn' VPN type is no longer supported. Please migrate to the 'gluetun' type." . }}
   {{- end -}}
 
   {{- if eq "wireguard" .Values.addons.vpn.type -}}
-    {{- include "common.addon.wireguard" . }}
+    {{- fail "The 'wireguard' VPN type is no longer supported. Please migrate to the 'gluetun' type." . }}
   {{- end -}}
 
   {{- if eq "gluetun" .Values.addons.vpn.type -}}

charts/library/common/templates/addons/vpn/openvpn/_addon.tpl

@@ -1,17 +0,0 @@
-{{/*
-Template to render OpenVPN addon. It will add the container to the list of additionalContainers
-and add a credentials secret if speciffied.
-*/}}
-{{- define "common.addon.openvpn" -}}
-  {{/* Append the openVPN container to the additionalContainers */}}
-  {{- $container := include "common.addon.openvpn.container" . | fromYaml -}}
-  {{- if $container -}}
-    {{- $_ := set .Values.additionalContainers "addon-openvpn" $container -}}
-  {{- end -}}
-
-  {{/* Include the secret if not empty */}}
-  {{- $secret := include "common.addon.openvpn.secret" . -}}
-  {{- if $secret -}}
-    {{- $secret | nindent 0 -}}
-  {{- end -}}
-{{- end -}}

charts/library/common/templates/addons/vpn/openvpn/_container.tpl

@@ -1,66 +0,0 @@
-{{/*
-The OpenVPN sidecar container to be inserted.
-*/}}
-{{- define "common.addon.openvpn.container" -}}
-name: openvpn
-image: "{{ .Values.addons.vpn.openvpn.image.repository }}:{{ .Values.addons.vpn.openvpn.image.tag }}"
-imagePullPolicy: {{ .Values.addons.vpn.openvpn.pullPolicy }}
-{{- with .Values.addons.vpn.securityContext }}
-securityContext:
-  {{- toYaml . | nindent 2 }}
-{{- end }}
-{{- with .Values.addons.vpn.env }}
-env:
-  {{- . | toYaml | nindent 2 }}
-{{- end }}
-{{- with .Values.addons.vpn.envFrom }}
-envFrom:
-  {{- . | toYaml | nindent 2 }}
-{{- end }}
-{{- with .Values.addons.vpn.args }}
-args:
-  {{- . | toYaml | nindent 2 }}
-{{- end }}
-{{- if or .Values.addons.vpn.openvpn.auth .Values.addons.vpn.openvpn.authSecret }}
-envFrom:
-  - secretRef:
-    {{- if .Values.addons.vpn.openvpn.authSecret }}
-      name: {{ .Values.addons.vpn.openvpn.authSecret }}
-    {{- else }}
-      name: {{ include "common.names.fullname" . }}-openvpn
-    {{- end }}
-{{- end }}
-{{- if or .Values.addons.vpn.configFile .Values.addons.vpn.configFileSecret .Values.addons.vpn.scripts.up .Values.addons.vpn.scripts.down .Values.addons.vpn.additionalVolumeMounts .Values.persistence.shared.enabled }}
-volumeMounts:
-{{- if or .Values.addons.vpn.configFile .Values.addons.vpn.configFileSecret }}
-  - name: vpnconfig
-    mountPath: /vpn/vpn.conf
-    subPath: vpnConfigfile
-{{- end }}
-{{- if .Values.addons.vpn.scripts.up }}
-  - name: vpnscript
-    mountPath: /vpn/up.sh
-    subPath: up.sh
-{{- end }}
-{{- if .Values.addons.vpn.scripts.down }}
-  - name: vpnscript
-    mountPath: /vpn/down.sh
-    subPath: down.sh
-{{- end }}
-{{- if .Values.persistence.shared.enabled }}
-  - mountPath: {{ .Values.persistence.shared.mountPath }}
-    name: shared
-{{- end }}
-{{- with .Values.addons.vpn.additionalVolumeMounts }}
-  {{- toYaml . | nindent 2 }}
-{{- end }}
-{{- end }}
-{{- with .Values.addons.vpn.livenessProbe }}
-livenessProbe:
-  {{- toYaml . | nindent 2 }}
-{{- end -}}
-{{- with .Values.addons.vpn.resources }}
-resources:
-  {{- toYaml . | nindent 2 }}
-{{- end }}
-{{- end -}}

charts/library/common/templates/addons/vpn/openvpn/_secret.tpl

@@ -1,16 +0,0 @@
-{{/*
-The OpenVPN credentials secrets to be included.
-*/}}
-{{- define "common.addon.openvpn.secret" -}}
-{{- with .Values.addons.vpn.openvpn.auth }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "common.names.fullname" $ }}-openvpn
-  labels: {{- include "common.labels" $ | nindent 4 }}
-  annotations: {{- include "common.annotations" $ | nindent 4 }}
-data:
-  VPN_AUTH: {{ . | b64enc }}
-{{- end -}}
-{{- end -}}

charts/library/common/templates/addons/vpn/wireguard/_addon.tpl

@@ -1,11 +0,0 @@
-{{/*
-Template to render Wireguard addon. It will add the container to the list of additionalContainers.
-*/}}
-*/}}
-{{- define "common.addon.wireguard" -}}
-  {{/* Append the Wireguard container to the additionalContainers */}}
-  {{- $container := fromYaml (include "common.addon.wireguard.container" .) -}}
-  {{- if $container -}}
-    {{- $_ := set .Values.additionalContainers "addon-wireguard" $container -}}
-  {{- end -}}
-{{- end -}}

charts/library/common/templates/addons/vpn/wireguard/_container.tpl

@@ -1,57 +0,0 @@
-{{/*
-The Wireguard sidecar container to be inserted.
-*/}}
-{{- define "common.addon.wireguard.container" -}}
-name: wireguard
-image: "{{ .Values.addons.vpn.wireguard.image.repository }}:{{ .Values.addons.vpn.wireguard.image.tag }}"
-imagePullPolicy: {{ .Values.addons.vpn.wireguard.pullPolicy }}
-{{- with .Values.addons.vpn.securityContext }}
-securityContext:
-  {{- toYaml . | nindent 2 }}
-{{- end }}
-{{- with .Values.addons.vpn.env }}
-env:
-  {{- . | toYaml | nindent 2 }}
-{{- end }}
-{{- with .Values.addons.vpn.envFrom }}
-envFrom:
-  {{- . | toYaml | nindent 2 }}
-{{- end }}
-{{- with .Values.addons.vpn.args }}
-args:
-  {{- . | toYaml | nindent 2 }}
-{{- end }}
-{{- if or .Values.addons.vpn.configFile .Values.addons.vpn.configFileSecret .Values.addons.vpn.scripts.up .Values.addons.vpn.scripts.down .Values.addons.vpn.additionalVolumeMounts .Values.persistence.shared.enabled }}
-volumeMounts:
-{{- if or .Values.addons.vpn.configFile .Values.addons.vpn.configFileSecret }}
-  - name: vpnconfig
-    mountPath: /etc/wireguard/wg0.conf
-    subPath: vpnConfigfile
-{{- end }}
-{{- if .Values.addons.vpn.scripts.up }}
-  - name: vpnscript
-    mountPath: /config/up.sh
-    subPath: up.sh
-{{- end }}
-{{- if .Values.addons.vpn.scripts.down }}
-  - name: vpnscript
-    mountPath: /config/down.sh
-    subPath: down.sh
-{{- end }}
-{{- if .Values.persistence.shared.enabled }}
-  - mountPath: {{ .Values.persistence.shared.mountPath }}
-    name: shared
-{{- end }}
-{{- with .Values.addons.vpn.additionalVolumeMounts }}
-  {{- toYaml . | nindent 2 }}
-{{- end }}
-{{- end }}
-{{- with .Values.addons.vpn.livenessProbe }}
-livenessProbe:
-  {{- toYaml . | nindent 2 }}
-{{- end -}}
-{{- with .Values.addons.vpn.resources }}
-resources:
-  {{- toYaml . | nindent 2 }}
-{{- end }}
-{{- end -}}

charts/library/common/templates/classes/_service.tpl

@@ -21,9 +21,11 @@ apiVersion: v1
 kind: Service
 metadata:
   name: {{ $serviceName }}
-  {{- with (merge ($values.labels | default dict) (include "common.labels" $ | fromYaml)) }}
-  labels: {{- toYaml . | nindent 4 }}
-  {{- end }}
+  labels:
+    app.kubernetes.io/service: {{ $serviceName }}
+    {{- with (merge ($values.labels | default dict) (include "common.labels" $ | fromYaml)) }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
   annotations:
   {{- if eq ( $primaryPort.protocol | default "" ) "HTTPS" }}
     traefik.ingress.kubernetes.io/service.serversscheme: https

charts/library/common/templates/classes/_serviceMonitor.tpl

@@ -0,0 +1,30 @@
+{{- define "common.classes.serviceMonitor" -}}
+{{- $values := dict -}}
+{{- if hasKey . "ObjectValues" -}}
+  {{- with .ObjectValues.serviceMonitor -}}
+    {{- $values = . -}}
+  {{- end -}}
+{{ end -}}
+
+{{- $serviceMonitorName := include "common.names.fullname" . -}}
+{{- if and (hasKey $values "nameOverride") $values.nameOverride -}}
+  {{- $serviceMonitorName = printf "%v-%v" $serviceMonitorName $values.nameOverride -}}
+{{ end -}}
+---
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ $serviceMonitorName }}
+  {{- with (merge ($values.labels | default dict) (include "common.labels" $ | fromYaml)) }}
+  labels: {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with (merge ($values.annotations | default dict) (include "common.annotations" $ | fromYaml)) }}
+  annotations: {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/service: {{ $values.serviceName }}
+      {{- include "common.labels.selectorLabels" . | nindent 6 }}
+  endpoints: {{- toYaml (required (printf "endpoints are required for serviceMonitor %v" $serviceMonitorName) $values.endpoints) | nindent 4 }}
+{{- end }}

charts/library/common/templates/lib/chart/_annotations.tpl

@@ -15,13 +15,13 @@
     {{- tpl (toYaml .Values.podAnnotations) . | nindent 0 -}}
   {{- end -}}
 
-  {{- $configMapsFound := false -}}
+  {{- $configMapsFound := dict -}}
   {{- range $name, $configmap := .Values.configmap -}}
     {{- if $configmap.enabled -}}
-      {{- $configMapsFound = true -}}
+      {{- $_ := set $configMapsFound $name (toYaml $configmap.data | sha256sum) -}}
     {{- end -}}
   {{- end -}}
   {{- if $configMapsFound -}}
-    {{- printf "checksum/config: %v" (include ("common.configmap") . | sha256sum) | nindent 0 -}}
+    {{- printf "checksum/config: %v" (toYaml $configMapsFound | sha256sum) | nindent 0 -}}
   {{- end -}}
 {{- end -}}