diff --git a/charts/library/common-test/tests/ingress/values_test.yaml b/charts/library/common-test/tests/ingress/values_test.yaml index 8fd5386e..4e3f778b 100644 --- a/charts/library/common-test/tests/ingress/values_test.yaml +++ b/charts/library/common-test/tests/ingress/values_test.yaml @@ -110,7 +110,11 @@ tests: - it: with defaultBackend should pass set: ingress.main: - defaultBackend: test + defaultBackend: + resource: + apiGroup: k8s.example.com + kind: StorageBucket + name: static-assets asserts: - documentIndex: &IngressDocument 2 isKind: @@ -118,7 +122,11 @@ tests: - documentIndex: *IngressDocument equal: path: spec.defaultBackend - value: test + value: + resource: + apiGroup: k8s.example.com + kind: StorageBucket + name: static-assets - documentIndex: *IngressDocument notExists: path: spec.rules diff --git a/charts/library/common-test/tests/pod/field_hostUsers_test.yaml b/charts/library/common-test/tests/pod/field_hostUsers_test.yaml index 0d36f5af..8595d2c8 100644 --- a/charts/library/common-test/tests/pod/field_hostUsers_test.yaml +++ b/charts/library/common-test/tests/pod/field_hostUsers_test.yaml @@ -9,50 +9,51 @@ capabilities: majorVersion: 1 minorVersion: 29 tests: - - it: default should pass for kubernetes < 1.28 + - it: should not be present by default for kubernetes < 1.28 capabilities: majorVersion: 1 minorVersion: 28 + documentSelector: &DeploymentSelector + path: $[?(@.kind == "Deployment")].metadata.name + value: RELEASE-NAME asserts: - - documentIndex: 0 - isKind: - of: Deployment - - documentIndex: 0 - notExists: + - notExists: path: spec.template.spec.hostUsers - - it: default should pass for kubernetes >= 1.29 - asserts: - - documentIndex: 0 - isKind: - of: Deployment - - documentIndex: 0 - equal: - path: spec.template.spec.hostUsers - value: true - - - it: hostUsers disabled should pass + - it: should not be present even if specified for kubernetes < 1.28 + capabilities: + majorVersion: 1 + minorVersion: 28 set: defaultPodOptions: hostUsers: false + documentSelector: *DeploymentSelector asserts: - - documentIndex: 0 - isKind: - of: Deployment - - documentIndex: 0 - equal: + - notExists: + path: spec.template.spec.hostUsers + + - it: should not be present by default for kubernetes >= 1.29 + documentSelector: *DeploymentSelector + asserts: + - notExists: + path: spec.template.spec.hostUsers + + - it: hostUsers disabled should set for kubernetes >= 1.29 + set: + defaultPodOptions: + hostUsers: false + documentSelector: *DeploymentSelector + asserts: + - equal: path: spec.template.spec.hostUsers value: false - - it: hostUsers enabled should pass + - it: hostUsers enabled should be set for kubernetes >= 1.29 set: defaultPodOptions: hostUsers: true + documentSelector: *DeploymentSelector asserts: - - documentIndex: 0 - isKind: - of: Deployment - - documentIndex: 0 - equal: + - equal: path: spec.template.spec.hostUsers value: true diff --git a/charts/library/common/Chart.yaml b/charts/library/common/Chart.yaml index e0504b75..8f305231 100644 --- a/charts/library/common/Chart.yaml +++ b/charts/library/common/Chart.yaml @@ -3,7 +3,7 @@ apiVersion: v2 name: common description: Function library for Helm charts type: library -version: 3.6.0 +version: 3.6.1 kubeVersion: ">=1.22.0-0" keywords: - common @@ -14,9 +14,12 @@ maintainers: email: me@bjw-s.dev annotations: artifacthub.io/changes: |- - - kind: added + - kind: fixed description: |- - Add hostUsers field to pod spec for k8s clusters >= 1.29 - - kind: added + Only add hostUsers when explicitly configured + - kind: fixed description: |- - Allow propagating global labels and annotations to Pod metadata + `hosts` should be an optional field for Ingress resources + - kind: fixed + description: |- + `defaultBackend` should be an object for Ingress resources diff --git a/charts/library/common/README.md b/charts/library/common/README.md index 3696b86c..43115525 100644 --- a/charts/library/common/README.md +++ b/charts/library/common/README.md @@ -1,6 +1,6 @@ # common -![Version: 3.6.0](https://img.shields.io/badge/Version-3.6.0-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square) +![Version: 3.6.1](https://img.shields.io/badge/Version-3.6.1-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square) Function library for Helm charts @@ -27,7 +27,7 @@ Include this chart as a dependency in your `Chart.yaml` e.g. # Chart.yaml dependencies: - name: common - version: 3.6.0 + version: 3.6.1 repository: https://bjw-s.github.io/helm-charts/ ``` diff --git a/charts/library/common/schemas/ingress.json b/charts/library/common/schemas/ingress.json index f68875c1..69225a43 100644 --- a/charts/library/common/schemas/ingress.json +++ b/charts/library/common/schemas/ingress.json @@ -18,7 +18,7 @@ }, "defaultBackend": { - "type": "string" + "$ref": "k8s-api.json#/networking.v1.ingressBackend" }, "hosts": { @@ -42,8 +42,7 @@ "$ref": "#/tlsEntry" } } - }, - "required": ["hosts"] + } }, "hostEntry": { diff --git a/charts/library/common/schemas/k8s-api.json b/charts/library/common/schemas/k8s-api.json index 144cd087..fc2642d3 100644 --- a/charts/library/common/schemas/k8s-api.json +++ b/charts/library/common/schemas/k8s-api.json @@ -967,5 +967,62 @@ } }, "type": "object" + }, + + "networking.v1.ingressBackend": { + "description": "IngressBackend describes all endpoints for a given service and port.", + "properties": { + "resource": { + "description": "resource is an ObjectRef to another Kubernetes resource in the namespace of the Ingress object. If resource is specified, a service.Name and service.Port must not be specified. This is a mutually exclusive setting with \"Service\".", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "service": { + "description": "service references a service as a backend. This is a mutually exclusive setting with \"Resource\".", + "properties": { + "name": { + "description": "name is the referenced service. The service must exist in the same namespace as the Ingress object.", + "type": "string" + }, + "port": { + "description": "port of the referenced service. A port name or port number is required for a IngressServiceBackend.", + "properties": { + "name": { + "description": "name is the name of the port on the Service. This is a mutually exclusive setting with \"Number\".", + "type": "string" + }, + "number": { + "description": "number is the numerical port number (e.g. 80) on the Service. This is a mutually exclusive setting with \"Name\".", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + } + }, + "type": "object" } } diff --git a/charts/library/common/schemas/pod.json b/charts/library/common/schemas/pod.json index 6f58ce01..639c8239 100644 --- a/charts/library/common/schemas/pod.json +++ b/charts/library/common/schemas/pod.json @@ -37,15 +37,14 @@ }, "hostNetwork": { "type": "boolean", - "default": "false" + "default": false }, "hostPID": { "type": "boolean", "default": false }, "hostUsers": { - "type": "boolean", - "default": false + "type": ["boolean", "null"] }, "hostname": { "type": "string" diff --git a/charts/library/common/templates/classes/_ingress.tpl b/charts/library/common/templates/classes/_ingress.tpl index 6bb1857a..3ed5c06d 100644 --- a/charts/library/common/templates/classes/_ingress.tpl +++ b/charts/library/common/templates/classes/_ingress.tpl @@ -50,7 +50,7 @@ spec: {{- end }} {{- end }} {{- if $ingressObject.defaultBackend }} - defaultBackend: {{ $ingressObject.defaultBackend }} + defaultBackend: {{ $ingressObject.defaultBackend | toYaml | nindent 4 }} {{- else }} rules: {{- range $ingressObject.hosts }} diff --git a/charts/library/common/templates/lib/pod/_spec.tpl b/charts/library/common/templates/lib/pod/_spec.tpl index e6ecbc4b..4b335491 100644 --- a/charts/library/common/templates/lib/pod/_spec.tpl +++ b/charts/library/common/templates/lib/pod/_spec.tpl @@ -28,7 +28,9 @@ hostIPC: {{ include "bjw-s.common.lib.pod.getOption" (dict "ctx" $ctx "option" " hostNetwork: {{ include "bjw-s.common.lib.pod.getOption" (dict "ctx" $ctx "option" "hostNetwork" "default" false) }} hostPID: {{ include "bjw-s.common.lib.pod.getOption" (dict "ctx" $ctx "option" "hostPID" "default" false) }} {{- if ge ($rootContext.Capabilities.KubeVersion.Minor | int) 29 }} -hostUsers: {{ include "bjw-s.common.lib.pod.getOption" (dict "ctx" $ctx "option" "hostUsers" "default" true) }} + {{- with (include "bjw-s.common.lib.pod.getOption" (dict "ctx" $ctx "option" "hostUsers")) }} +hostUsers: {{ . | trim }} + {{- end -}} {{- end }} dnsPolicy: {{ include "bjw-s.common.lib.pod.field.dnsPolicy" (dict "ctx" $ctx) | trim }} {{- with (include "bjw-s.common.lib.pod.getOption" (dict "ctx" $ctx "option" "dnsConfig")) }} diff --git a/charts/library/common/values.schema.json b/charts/library/common/values.schema.json index 90097c8b..119df69f 100644 --- a/charts/library/common/values.schema.json +++ b/charts/library/common/values.schema.json @@ -1,6 +1,6 @@ { "$schema": "http://json-schema.org/draft-07/schema", - "$id": "https://raw.githubusercontent.com/bjw-s/helm-charts/common-3.6.0/charts/library/common/values.schema.json", + "$id": "https://raw.githubusercontent.com/bjw-s/helm-charts/common-3.6.1/charts/library/common/values.schema.json", "type": "object", "properties": { "global": { diff --git a/charts/library/common/values.yaml b/charts/library/common/values.yaml index 0dcb9afb..17157356 100644 --- a/charts/library/common/values.yaml +++ b/charts/library/common/values.yaml @@ -51,7 +51,7 @@ defaultPodOptions: hostPID: false # -- Use the host's user namespace (requires 1.29 or newer) - hostUsers: true + hostUsers: # -- Set image pull secrets imagePullSecrets: []