public/helm-charts
1
0
Fork 0
mirror of https://github.com/bjw-s-labs/helm-charts.git synced 2025-07-03 16:37:04 +02:00
Code Issues Projects Releases Packages Wiki Activity

Copy over kah library

Browse source
This commit is contained in:
Bᴇʀɴᴅ Sᴄʜᴏʀɢᴇʀs 2022-07-26 16:08:37 +02:00
parent c922af6065
commit 61626834fe
No known key found for this signature in database
GPG key ID: BC5E2BD907F9A8EC
57 changed files with 3583 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

58
charts/library/common/templates/_all.tpl Normal file
View file

@ -0,0 +1,58 @@
{{/*
Main entrypoint for the common library chart. It will render all underlying templates based on the provided values.
*/}}
{{- define "common.all" -}}
{{- /* Merge the local chart values and the common chart defaults */ -}}
{{- include "common.values.setup" . }}
{{- /* Enable code-server add-on if required */ -}}
{{- if .Values.addons.codeserver.enabled }}
{{- include "common.addon.codeserver" . }}
{{- end -}}
{{- /* Enable VPN add-on if required */ -}}
{{- if .Values.addons.vpn.enabled }}
{{- include "common.addon.vpn" . }}
{{- end -}}
{{- /* Enable promtail add-on if required */ -}}
{{- if .Values.addons.promtail.enabled }}
{{- include "common.addon.promtail" . }}
{{- end -}}
{{- /* Enable netshoot add-on if required */ -}}
{{- if .Values.addons.netshoot.enabled }}
{{- include "common.addon.netshoot" . }}
{{- end -}}
{{ include "common.configmap" . | nindent 0 }}
{{- /* Build the templates */ -}}
{{- include "common.pvc" . }}
{{- if .Values.serviceAccount.create -}}
{{- include "common.serviceAccount" . }}
{{- end -}}
{{- if .Values.controller.enabled }}
{{- if eq .Values.controller.type "deployment" }}
{{- include "common.deployment" . | nindent 0 }}
{{ else if eq .Values.controller.type "daemonset" }}
{{- include "common.daemonset" . | nindent 0 }}
{{ else if eq .Values.controller.type "statefulset" }}
{{- include "common.statefulset" . | nindent 0 }}
{{ else }}
{{- fail (printf "Not a valid controller.type (%s)" .Values.controller.type) }}
{{- end -}}
{{- end -}}
{{ include "common.classes.hpa" . | nindent 0 }}
{{ include "common.service" . | nindent 0 }}
{{ include "common.ingress" . | nindent 0 }}
{{- if .Values.secret -}}
{{ include "common.secret" . | nindent 0 }}
{{- end -}}
{{- end -}}

19
charts/library/common/templates/_configmap.tpl Normal file
View file

@ -0,0 +1,19 @@
{{/*
Renders the configMap objects required by the chart.
*/}}
{{- define "common.configmap" -}}
{{- /* Generate named configMaps as required */ -}}
{{- range $name, $configmap := .Values.configmap }}
{{- if $configmap.enabled -}}
{{- $configmapValues := $configmap -}}
{{/* set the default nameOverride to the configMap name */}}
{{- if not $configmapValues.nameOverride -}}
{{- $_ := set $configmapValues "nameOverride" $name -}}
{{ end -}}
{{- $_ := set $ "ObjectValues" (dict "configmap" $configmapValues) -}}
{{- include "common.classes.configmap" $ }}
{{- end }}
{{- end }}
{{- end }}

35
charts/library/common/templates/_daemonset.tpl Normal file
View file

@ -0,0 +1,35 @@
{{/*
This template serves as the blueprint for the DaemonSet objects that are created
within the common library.
*/}}
{{- define "common.daemonset" }}
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: {{ include "common.names.fullname" . }}
{{- with (merge (.Values.controller.labels | default dict) (include "common.labels" $ | fromYaml)) }}
labels: {{- toYaml . | nindent 4 }}
{{- end }}
{{- with (merge (.Values.controller.annotations | default dict) (include "common.annotations" $ | fromYaml)) }}
annotations: {{- toYaml . | nindent 4 }}
{{- end }}
spec:
revisionHistoryLimit: {{ .Values.controller.revisionHistoryLimit }}
selector:
matchLabels:
{{- include "common.labels.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "common.labels.selectorLabels" . | nindent 8 }}
{{- with .Values.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- include "common.controller.pod" . | nindent 6 }}
{{- end }}

53
charts/library/common/templates/_deployment.tpl Normal file
View file

@ -0,0 +1,53 @@
{{/*
This template serves as the blueprint for the Deployment objects that are created
within the common library.
*/}}
{{- define "common.deployment" }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "common.names.fullname" . }}
{{- with (merge (.Values.controller.labels | default dict) (include "common.labels" $ | fromYaml)) }}
labels: {{- toYaml . | nindent 4 }}
{{- end }}
{{- with (merge (.Values.controller.annotations | default dict) (include "common.annotations" $ | fromYaml)) }}
annotations: {{- toYaml . | nindent 4 }}
{{- end }}
spec:
revisionHistoryLimit: {{ .Values.controller.revisionHistoryLimit }}
replicas: {{ .Values.controller.replicas }}
{{- $strategy := default "Recreate" .Values.controller.strategy }}
{{- if and (ne $strategy "Recreate") (ne $strategy "RollingUpdate") }}
{{- fail (printf "Not a valid strategy type for Deployment (%s)" $strategy) }}
{{- end }}
strategy:
type: {{ $strategy }}
{{- with .Values.controller.rollingUpdate }}
{{- if and (eq $strategy "RollingUpdate") (or .surge .unavailable) }}
rollingUpdate:
{{- with .unavailable }}
maxUnavailable: {{ . }}
{{- end }}
{{- with .surge }}
maxSurge: {{ . }}
{{- end }}
{{- end }}
{{- end }}
selector:
matchLabels:
{{- include "common.labels.selectorLabels" . | nindent 6 }}
template:
metadata:
{{ if .Values.podAnnotations }}
annotations:
{{- tpl (toYaml .Values.podAnnotations) . | nindent 8 }}
{{- end }}
labels:
{{- include "common.labels.selectorLabels" . | nindent 8 }}
{{- with .Values.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- include "common.controller.pod" . | nindent 6 }}
{{- end }}

39
charts/library/common/templates/_ingress.tpl Normal file
View file

@ -0,0 +1,39 @@
{{/* Renders the Ingress objects required by the chart */}}
{{- define "common.ingress" -}}
{{- /* Generate named ingresses as required */ -}}
{{- range $name, $ingress := .Values.ingress }}
{{- if $ingress.enabled -}}
{{- $ingressValues := $ingress -}}
{{/* set defaults */}}
{{- if and (not $ingressValues.nameOverride) (ne $name (include "common.ingress.primary" $)) -}}
{{- $_ := set $ingressValues "nameOverride" $name -}}
{{- end -}}
{{- $_ := set $ "ObjectValues" (dict "ingress" $ingressValues) -}}
{{- include "common.classes.ingress" $ }}
{{- end }}
{{- end }}
{{- end }}
{{/* Return the name of the primary ingress object */}}
{{- define "common.ingress.primary" -}}
{{- $enabledIngresses := dict -}}
{{- range $name, $ingress := .Values.ingress -}}
{{- if $ingress.enabled -}}
{{- $_ := set $enabledIngresses $name . -}}
{{- end -}}
{{- end -}}
{{- $result := "" -}}
{{- range $name, $ingress := $enabledIngresses -}}
{{- if and (hasKey $ingress "primary") $ingress.primary -}}
{{- $result = $name -}}
{{- end -}}
{{- end -}}
{{- if not $result -}}
{{- $result = keys $enabledIngresses | first -}}
{{- end -}}
{{- $result -}}
{{- end -}}

56
charts/library/common/templates/_notes.tpl Normal file
View file

@ -0,0 +1,56 @@
{{/*
Default NOTES.txt content.
*/}}
{{- define "common.notes.defaultNotes" -}}
{{- $primaryIngress := get .Values.ingress (include "common.ingress.primary" .) -}}
{{- $primaryService := get .Values.service (include "common.service.primary" .) -}}
{{- $primaryPort := "" -}}
{{- if $primaryService -}}
{{- $primaryPort = get $primaryService.ports (include "common.classes.service.ports.primary" (dict "serviceName" (include "common.service.primary" .) "values" $primaryService)) -}}
{{- end -}}
{{- $prefix := "http" -}}
{{- if $primaryPort }}
{{- if hasKey $primaryPort "protocol" }}
{{- if eq $primaryPort.protocol "HTTPS" }}
{{- $prefix = "https" }}
{{- end }}
{{- end }}
{{- end }}
{{- if $primaryIngress }}
1. Access the application by visiting one of these URL's:
{{ range $primaryIngress.hosts }}
{{- $protocol := "http" -}}
{{ if $primaryIngress.tls -}}
{{- $prefix = "https" -}}
{{ end -}}
{{- $host := .host -}}
{{ if .hostTpl -}}
{{- $host = tpl .hostTpl $ -}}
{{ end }}
{{- $path := (first .paths).path | default "/" -}}
{{ if (first .paths).pathTpl -}}
{{- $path = tpl (first .paths).pathTpl $ -}}
{{ end }}
- {{ $protocol }}://{{- $host }}{{- $path }}
{{- end }}
{{- else if and $primaryService $primaryPort }}
1. Get the application URL by running these commands:
{{- if contains "NodePort" $primaryService.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.names.fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo {{ $prefix }}://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" $primaryService.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get svc -w {{ include "common.names.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "common.names.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo {{ $prefix }}://$SERVICE_IP:{{ $primaryPort.port }}
{{- else if contains "ClusterIP" $primaryService.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "common.names.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
echo "Visit {{ $prefix }}://127.0.0.1:8080 to use your application"
kubectl port-forward $POD_NAME 8080:{{ $primaryPort.port }}
{{- end }}
{{- end }}
{{- end -}}

16
charts/library/common/templates/_pvc.tpl Normal file
View file

@ -0,0 +1,16 @@
{{/*
Renders the Persistent Volume Claim objects required by the chart.
*/}}
{{- define "common.pvc" -}}
{{- /* Generate pvc as required */ -}}
{{- range $index, $PVC := .Values.persistence }}
{{- if and $PVC.enabled (eq (default "pvc" $PVC.type) "pvc") (not $PVC.existingClaim) -}}
{{- $persistenceValues := $PVC -}}
{{- if not $persistenceValues.nameOverride -}}
{{- $_ := set $persistenceValues "nameOverride" $index -}}
{{- end -}}
{{- $_ := set $ "ObjectValues" (dict "persistence" $persistenceValues) -}}
{{- include "common.classes.pvc" $ | nindent 0 -}}
{{- end }}
{{- end }}
{{- end }}

17
charts/library/common/templates/_secret.tpl Normal file
View file

@ -0,0 +1,17 @@
{{/*
The Secret object to be created.
*/}}
{{- define "common.secret" }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" . }}
labels: {{- include "common.labels" $ | nindent 4 }}
annotations: {{- include "common.annotations" $ | nindent 4 }}
type: Opaque
{{- with .Values.secret }}
stringData:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end }}

43
charts/library/common/templates/_service.tpl Normal file
View file

@ -0,0 +1,43 @@
{{/*
Renders the Service objects required by the chart.
*/}}
{{- define "common.service" -}}
{{- /* Generate named services as required */ -}}
{{- range $name, $service := .Values.service }}
{{- if $service.enabled -}}
{{- $serviceValues := $service -}}
{{/* set the default nameOverride to the service name */}}
{{- if and (not $serviceValues.nameOverride) (ne $name (include "common.service.primary" $)) -}}
{{- $_ := set $serviceValues "nameOverride" $name -}}
{{ end -}}
{{- $_ := set $ "ObjectValues" (dict "service" $serviceValues) -}}
{{- include "common.classes.service" $ }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Return the primary service object
*/}}
{{- define "common.service.primary" -}}
{{- $enabledServices := dict -}}
{{- range $name, $service := .Values.service -}}
{{- if $service.enabled -}}
{{- $_ := set $enabledServices $name . -}}
{{- end -}}
{{- end -}}
{{- $result := "" -}}
{{- range $name, $service := $enabledServices -}}
{{- if and (hasKey $service "primary") $service.primary -}}
{{- $result = $name -}}
{{- end -}}
{{- end -}}
{{- if not $result -}}
{{- $result = keys $enabledServices | first -}}
{{- end -}}
{{- $result -}}
{{- end -}}

14
charts/library/common/templates/_serviceaccount.tpl Normal file
View file

@ -0,0 +1,14 @@
{{/*
The ServiceAccount object to be created.
*/}}
{{- define "common.serviceAccount" }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "common.names.serviceAccountName" . }}
labels: {{- include "common.labels" $ | nindent 4 }}
{{- with (merge (.Values.serviceAccount.annotations | default dict) (include "common.annotations" $ | fromYaml)) }}
annotations: {{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

62
charts/library/common/templates/_statefulset.tpl Normal file
View file

@ -0,0 +1,62 @@
{{/*
This template serves as the blueprint for the StatefulSet objects that are created
within the common library.
*/}}
{{- define "common.statefulset" }}
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "common.names.fullname" . }}
{{- with (merge (.Values.controller.labels | default dict) (include "common.labels" $ | fromYaml)) }}
labels: {{- toYaml . | nindent 4 }}
{{- end }}
{{- with (merge (.Values.controller.annotations | default dict) (include "common.annotations" $ | fromYaml)) }}
annotations: {{- toYaml . | nindent 4 }}
{{- end }}
spec:
revisionHistoryLimit: {{ .Values.controller.revisionHistoryLimit }}
replicas: {{ .Values.controller.replicas }}
podManagementPolicy: {{ default "OrderedReady" .Values.controller.podManagementPolicy }}
{{- $strategy := default "RollingUpdate" .Values.controller.strategy }}
{{- if and (ne $strategy "OnDelete") (ne $strategy "RollingUpdate") }}
{{- fail (printf "Not a valid strategy type for StatefulSet (%s)" $strategy) }}
{{- end }}
updateStrategy:
type: {{ $strategy }}
{{- if and (eq $strategy "RollingUpdate") .Values.controller.rollingUpdate.partition }}
rollingUpdate:
partition: {{ .Values.controller.rollingUpdate.partition }}
{{- end }}
selector:
matchLabels:
{{- include "common.labels.selectorLabels" . | nindent 6 }}
serviceName: {{ include "common.names.fullname" . }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "common.labels.selectorLabels" . | nindent 8 }}
{{- with .Values.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- include "common.controller.pod" . | nindent 6 }}
volumeClaimTemplates:
{{- range $index, $vct := .Values.volumeClaimTemplates }}
- metadata:
name: {{ $vct.name }}
spec:
accessModes:
- {{ required (printf "accessMode is required for vCT %v" $vct.name) $vct.accessMode | quote }}
resources:
requests:
storage: {{ required (printf "size is required for PVC %v" $vct.name) $vct.size | quote }}
{{- if $vct.storageClass }}
storageClassName: {{ if (eq "-" $vct.storageClass) }}""{{- else }}{{ $vct.storageClass | quote }}{{- end }}
{{- end }}
{{- end }}
{{- end }}

50
charts/library/common/templates/addons/code-server/_codeserver.tpl Normal file
View file

@ -0,0 +1,50 @@
{{/*
Template to render code-server addon
It will include / inject the required templates based on the given values.
*/}}
{{- define "common.addon.codeserver" -}}
{{- if .Values.addons.codeserver.enabled -}}
{{/* Append the code-server container to the additionalContainers */}}
{{- $container := include "common.addon.codeserver.container" . | fromYaml -}}
{{- if $container -}}
{{- $_ := set .Values.additionalContainers "addon-codeserver" $container -}}
{{- end -}}
{{/* Include the deployKeySecret if not empty */}}
{{- $secret := include "common.addon.codeserver.deployKeySecret" . -}}
{{- if $secret -}}
{{- $secret | nindent 0 -}}
{{- end -}}
{{/* Append the secret volume to the volumes */}}
{{- $volume := include "common.addon.codeserver.deployKeyVolumeSpec" . | fromYaml -}}
{{- if $volume -}}
{{- $_ := set .Values.persistence "deploykey" (dict "enabled" "true" "mountPath" "-" "type" "custom" "volumeSpec" $volume) -}}
{{- end -}}
{{/* Add the code-server service */}}
{{- if .Values.addons.codeserver.service.enabled -}}
{{- $serviceValues := .Values.addons.codeserver.service -}}
{{- $_ := set $serviceValues "nameOverride" "codeserver" -}}
{{- $_ := set $ "ObjectValues" (dict "service" $serviceValues) -}}
{{- include "common.classes.service" $ -}}
{{- $_ := unset $ "ObjectValues" -}}
{{- end -}}
{{/* Add the code-server ingress */}}
{{- if .Values.addons.codeserver.ingress.enabled -}}
{{- $ingressValues := .Values.addons.codeserver.ingress -}}
{{- $_ := set $ingressValues "nameOverride" "codeserver" -}}
{{/* Determine the target service name & port */}}
{{- $svcName := printf "%v-codeserver" (include "common.names.fullname" .) -}}
{{- $svcPort := .Values.addons.codeserver.service.ports.codeserver.port -}}
{{- range $_, $host := $ingressValues.hosts -}}
{{- $_ := set (index $host.paths 0) "service" (dict "name" $svcName "port" $svcPort) -}}
{{- end -}}
{{- $_ := set $ "ObjectValues" (dict "ingress" $ingressValues) -}}
{{- include "common.classes.ingress" $ -}}
{{- $_ := unset $ "ObjectValues" -}}
{{- end -}}
{{- end -}}
{{- end -}}

46
charts/library/common/templates/addons/code-server/_container.tpl Normal file
View file

@ -0,0 +1,46 @@
{{/*
The code-server sidecar container to be inserted.
*/}}
{{- define "common.addon.codeserver.container" -}}
{{- if lt (len .Values.addons.codeserver.volumeMounts) 1 }}
{{- fail "At least 1 volumeMount is required for codeserver container" }}
{{- end -}}
name: codeserver
image: "{{ .Values.addons.codeserver.image.repository }}:{{ .Values.addons.codeserver.image.tag }}"
imagePullPolicy: {{ .Values.addons.codeserver.pullPolicy }}
{{- with .Values.addons.codeserver.securityContext }}
securityContext:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with .Values.addons.codeserver.env }}
env:
{{- range $k, $v := . }}
- name: {{ $k }}
value: {{ $v | quote }}
{{- end }}
{{- end }}
ports:
- name: codeserver
containerPort: {{ .Values.addons.codeserver.service.ports.codeserver.port }}
protocol: TCP
args:
{{- range .Values.addons.codeserver.args }}
- {{ . | quote }}
{{- end }}
- "--port"
- "{{ .Values.addons.codeserver.service.ports.codeserver.port }}"
- {{ .Values.addons.codeserver.workingDir | default (first .Values.addons.codeserver.volumeMounts).mountPath }}
volumeMounts:
{{- with .Values.addons.codeserver.volumeMounts }}
{{- toYaml . | nindent 2 }}
{{- end }}
{{- if or .Values.addons.codeserver.git.deployKey .Values.addons.codeserver.git.deployKeyBase64 .Values.addons.codeserver.git.deployKeySecret }}
- name: deploykey
mountPath: /root/.ssh/id_rsa
subPath: id_rsa
{{- end }}
{{- with .Values.addons.codeserver.resources }}
resources:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end -}}

22
charts/library/common/templates/addons/code-server/_secret.tpl Normal file
View file

@ -0,0 +1,22 @@
{{/*
The OpenVPN credentials secrets to be included.
*/}}
{{- define "common.addon.codeserver.deployKeySecret" -}}
{{- if or .Values.addons.codeserver.git.deployKey .Values.addons.codeserver.git.deployKeyBase64 }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ template "common.names.fullname" . }}-deploykey
labels: {{- include "common.labels" $ | nindent 4 }}
annotations: {{- include "common.annotations" $ | nindent 4 }}
type: Opaque
{{- if .Values.addons.codeserver.git.deployKey }}
stringData:
id_rsa: {{ .Values.addons.codeserver.git.deployKey | quote }}
{{- else }}
data:
id_rsa: {{ .Values.addons.codeserver.git.deployKeyBase64 | quote }}
{{- end }}
{{- end }}
{{- end -}}

17
charts/library/common/templates/addons/code-server/_volume.tpl Normal file
View file

@ -0,0 +1,17 @@
{{/*
The volume (referencing git deploykey) to be inserted into additionalVolumes.
*/}}
{{- define "common.addon.codeserver.deployKeyVolumeSpec" -}}
{{- if or .Values.addons.codeserver.git.deployKey .Values.addons.codeserver.git.deployKeyBase64 .Values.addons.codeserver.git.deployKeySecret }}
secret:
{{- if .Values.addons.codeserver.git.deployKeySecret }}
secretName: {{ .Values.addons.codeserver.git.deployKeySecret }}
{{- else }}
secretName: {{ include "common.names.fullname" . }}-deploykey
{{- end }}
defaultMode: 256
items:
- key: id_rsa
path: id_rsa
{{- end -}}
{{- end -}}

27
charts/library/common/templates/addons/netshoot/_container.tpl Normal file
View file

@ -0,0 +1,27 @@
{{/*
The netshoot sidecar container to be inserted.
*/}}
{{- define "common.addon.netshoot.container" -}}
name: netshoot
image: "{{ .Values.addons.netshoot.image.repository }}:{{ .Values.addons.netshoot.image.tag }}"
imagePullPolicy: {{ .Values.addons.netshoot.pullPolicy }}
{{- with .Values.addons.netshoot.securityContext }}
securityContext:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with .Values.addons.netshoot.env }}
env:
{{- range $k, $v := . }}
- name: {{ $k }}
value: {{ $v | quote }}
{{- end }}
{{- end }}
command:
- /bin/sh
- -c
- sleep infinity
{{- with .Values.addons.netshoot.resources }}
resources:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end -}}

13
charts/library/common/templates/addons/netshoot/_netshoot.tpl Normal file
View file

@ -0,0 +1,13 @@
{{/*
Template to render netshoot addon
It will include / inject the required templates based on the given values.
*/}}
{{- define "common.addon.netshoot" -}}
{{- if .Values.addons.netshoot.enabled -}}
{{/* Append the netshoot container to the additionalContainers */}}
{{- $container := include "common.addon.netshoot.container" . | fromYaml -}}
{{- if $container -}}
{{- $_ := set .Values.additionalContainers "addon-netshoot" $container -}}
{{- end -}}
{{- end -}}
{{- end -}}

35
charts/library/common/templates/addons/promtail/_configmap.tpl Normal file
View file

@ -0,0 +1,35 @@
{{/*
The promtail config to be included.
*/}}
{{- define "common.addon.promtail.configmap" -}}
{{- if .Values.addons.promtail.enabled }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "common.names.fullname" . }}-promtail
labels: {{- include "common.labels" $ | nindent 4 }}
annotations: {{- include "common.annotations" $ | nindent 4 }}
data:
promtail.yaml: |
server:
http_listen_port: 9080
grpc_listen_port: 0
positions:
filename: /tmp/positions.yaml
{{- with .Values.addons.promtail.loki }}
client:
url: {{ . }}
{{- end }}
scrape_configs:
{{- range .Values.addons.promtail.logs }}
- job_name: {{ .name }}
static_configs:
- targets:
- localhost
labels:
job: {{ .name }}
__path__: "{{ .path }}"
{{- end }}
{{- end -}}
{{- end -}}

39
charts/library/common/templates/addons/promtail/_container.tpl Normal file
View file

@ -0,0 +1,39 @@
{{/*
The promtail sidecar container to be inserted.
*/}}
{{- define "common.addon.promtail.container" -}}
{{- if lt (len .Values.addons.promtail.volumeMounts) 1 }}
{{- fail "At least 1 volumeMount is required for the promtail container" }}
{{- end -}}
name: promtail
image: "{{ .Values.addons.promtail.image.repository }}:{{ .Values.addons.promtail.image.tag }}"
imagePullPolicy: {{ .Values.addons.promtail.pullPolicy }}
{{- with .Values.addons.promtail.securityContext }}
securityContext:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with .Values.addons.promtail.env }}
env:
{{- range $k, $v := . }}
- name: {{ $k }}
value: {{ $v | quote }}
{{- end }}
{{- end }}
args:
{{- range .Values.addons.promtail.args }}
- {{ . | quote }}
{{- end }}
- "-config.file=/etc/promtail/promtail.yaml"
volumeMounts:
- name: promtail-config
mountPath: /etc/promtail/promtail.yaml
subPath: promtail.yaml
readOnly: true
{{- with .Values.addons.promtail.volumeMounts }}
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with .Values.addons.promtail.resources }}
resources:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end -}}

25
charts/library/common/templates/addons/promtail/_promtail.tpl Normal file
View file

@ -0,0 +1,25 @@
{{/*
Template to render promtail addon
It will include / inject the required templates based on the given values.
*/}}
{{- define "common.addon.promtail" -}}
{{- if .Values.addons.promtail.enabled -}}
{{/* Append the promtail container to the additionalContainers */}}
{{- $container := include "common.addon.promtail.container" . | fromYaml -}}
{{- if $container -}}
{{- $_ := set .Values.additionalContainers "addon-promtail" $container -}}
{{- end -}}
{{/* Include the configmap if not empty */}}
{{- $configmap := include "common.addon.promtail.configmap" . -}}
{{- if $configmap -}}
{{- $configmap | nindent 0 -}}
{{- end -}}
{{/* Append the promtail config volume to the volumes */}}
{{- $volume := include "common.addon.promtail.volumeSpec" . | fromYaml -}}
{{- if $volume -}}
{{- $_ := set .Values.persistence "promtail-config" (dict "enabled" "true" "mountPath" "-" "type" "custom" "volumeSpec" $volume) -}}
{{- end -}}
{{- end -}}
{{- end -}}

7
charts/library/common/templates/addons/promtail/_volume.tpl Normal file
View file

@ -0,0 +1,7 @@
{{/*
The volume (referencing config) to be inserted into additionalVolumes.
*/}}
{{- define "common.addon.promtail.volumeSpec" -}}
configMap:
name: {{ include "common.names.fullname" . }}-promtail
{{- end -}}

23
charts/library/common/templates/addons/vpn/_configmap.tpl Normal file
View file

@ -0,0 +1,23 @@
{{/*
The VPN config and scripts to be included.
*/}}
{{- define "common.addon.vpn.configmap" -}}
{{- if or .Values.addons.vpn.scripts.up .Values.addons.vpn.scripts.down }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "common.names.fullname" . }}-vpn
labels: {{- include "common.labels" $ | nindent 4 }}
annotations: {{- include "common.annotations" $ | nindent 4 }}
data:
{{- with .Values.addons.vpn.scripts.up }}
up.sh: |-
{{- . | nindent 4}}
{{- end }}
{{- with .Values.addons.vpn.scripts.down }}
down.sh: |-
{{- . | nindent 4}}
{{- end }}
{{- end -}}
{{- end -}}

29
charts/library/common/templates/addons/vpn/_networkpolicy.tpl Normal file
View file

@ -0,0 +1,29 @@
{{/*
Blueprint for the NetworkPolicy object that can be included in the addon.
*/}}
{{- define "common.addon.vpn.networkpolicy" -}}
{{- if .Values.addons.vpn.networkPolicy.enabled }}
---
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
name: {{ include "common.names.fullname" . }}
{{- with (merge (.Values.addons.vpn.networkPolicy.labels | default dict) (include "common.labels" $ | fromYaml)) }}
labels: {{- toYaml . | nindent 4 }}
{{- end }}
{{- with (merge (.Values.addons.vpn.networkPolicy.annotations | default dict) (include "common.annotations" $ | fromYaml)) }}
annotations: {{- toYaml . | nindent 4 }}
{{- end }}
spec:
podSelector:
{{- with (merge .Values.addons.vpn.networkPolicy.podSelectorLabels (include "common.labels.selectorLabels" . | fromYaml)) }}
matchLabels: {{- toYaml . | nindent 6 }}
{{- end }}
policyTypes:
- Egress
egress:
{{- with .Values.addons.vpn.networkPolicy.egress }}
{{- . | toYaml | nindent 4 }}
{{- end -}}
{{- end -}}
{{- end -}}

19
charts/library/common/templates/addons/vpn/_secret.tpl Normal file
View file

@ -0,0 +1,19 @@
{{/*
The OpenVPN config secret to be included.
*/}}
{{- define "common.addon.vpn.secret" -}}
{{- if and .Values.addons.vpn.configFile (not .Values.addons.vpn.configFileSecret) }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" . }}-vpnconfig
labels: {{- include "common.labels" $ | nindent 4 }}
annotations: {{- include "common.annotations" $ | nindent 4 }}
stringData:
{{- with .Values.addons.vpn.configFile }}
vpnConfigfile: |-
{{- . | nindent 4}}
{{- end }}
{{- end -}}
{{- end -}}

37
charts/library/common/templates/addons/vpn/_volume.tpl Normal file
View file

@ -0,0 +1,37 @@
{{/*
The volume (referencing VPN scripts) to be inserted into additionalVolumes.
*/}}
{{- define "common.addon.vpn.scriptsVolumeSpec" -}}
{{- if or .Values.addons.vpn.scripts.up .Values.addons.vpn.scripts.down -}}
configMap:
name: {{ include "common.names.fullname" . }}-vpn
items:
{{- if .Values.addons.vpn.scripts.up }}
- key: up.sh
path: up.sh
mode: 0777
{{- end }}
{{- if .Values.addons.vpn.scripts.down }}
- key: down.sh
path: down.sh
mode: 0777
{{- end }}
{{- end -}}
{{- end -}}
{{/*
The volume (referencing VPN config) to be inserted into additionalVolumes.
*/}}
{{- define "common.addon.vpn.configVolumeSpec" -}}
{{- if or .Values.addons.vpn.configFile .Values.addons.vpn.configFileSecret -}}
secret:
{{- if .Values.addons.vpn.configFileSecret }}
secretName: {{ .Values.addons.vpn.configFileSecret }}
{{- else }}
secretName: {{ include "common.names.fullname" . }}-vpnconfig
{{- end }}
items:
- key: vpnConfigfile
path: vpnConfigfile
{{- end -}}
{{- end -}}

45
charts/library/common/templates/addons/vpn/_vpn.tpl Normal file
View file

@ -0,0 +1,45 @@
{{/*
Template to render VPN addon
It will include / inject the required templates based on the given values.
*/}}
{{- define "common.addon.vpn" -}}
{{- if .Values.addons.vpn.enabled -}}
{{- if eq "openvpn" .Values.addons.vpn.type -}}
{{- include "common.addon.openvpn" . }}
{{- end -}}
{{- if eq "wireguard" .Values.addons.vpn.type -}}
{{- include "common.addon.wireguard" . }}
{{- end -}}
{{/* Include the configmap if not empty */}}
{{- $configmap := include "common.addon.vpn.configmap" . -}}
{{- if $configmap -}}
{{- $configmap | nindent 0 -}}
{{- end -}}
{{/* Include the secret if not empty */}}
{{- $secret := include "common.addon.vpn.secret" . -}}
{{- if $secret -}}
{{- $secret | nindent 0 -}}
{{- end -}}
{{/* Append the vpn scripts volume to the volumes */}}
{{- $scriptVolume := include "common.addon.vpn.scriptsVolumeSpec" . | fromYaml -}}
{{- if $scriptVolume -}}
{{- $_ := set .Values.persistence "vpnscript" (dict "enabled" "true" "mountPath" "-" "type" "custom" "volumeSpec" $scriptVolume) -}}
{{- end -}}
{{/* Append the vpn config volume to the volumes */}}
{{- $configVolume := include "common.addon.vpn.configVolumeSpec" . | fromYaml }}
{{ if $configVolume -}}
{{- $_ := set .Values.persistence "vpnconfig" (dict "enabled" "true" "mountPath" "-" "type" "custom" "volumeSpec" $configVolume) -}}
{{- end -}}
{{/* Include the networkpolicy if not empty */}}
{{- $networkpolicy := include "common.addon.vpn.networkpolicy" . -}}
{{- if $networkpolicy -}}
{{- $networkpolicy | nindent 0 -}}
{{- end -}}
{{- end -}}
{{- end -}}

17
charts/library/common/templates/addons/vpn/openvpn/_addon.tpl Normal file
View file

@ -0,0 +1,17 @@
{{/*
Template to render OpenVPN addon. It will add the container to the list of additionalContainers
and add a credentials secret if speciffied.
*/}}
{{- define "common.addon.openvpn" -}}
{{/* Append the openVPN container to the additionalContainers */}}
{{- $container := include "common.addon.openvpn.container" . | fromYaml -}}
{{- if $container -}}
{{- $_ := set .Values.additionalContainers "addon-openvpn" $container -}}
{{- end -}}
{{/* Include the secret if not empty */}}
{{- $secret := include "common.addon.openvpn.secret" . -}}
{{- if $secret -}}
{{- $secret | nindent 0 -}}
{{- end -}}
{{- end -}}

65
charts/library/common/templates/addons/vpn/openvpn/_container.tpl Normal file
View file

@ -0,0 +1,65 @@
{{/*
The OpenVPN sidecar container to be inserted.
*/}}
{{- define "common.addon.openvpn.container" -}}
name: openvpn
image: "{{ .Values.addons.vpn.openvpn.image.repository }}:{{ .Values.addons.vpn.openvpn.image.tag }}"
imagePullPolicy: {{ .Values.addons.vpn.openvpn.pullPolicy }}
{{- with .Values.addons.vpn.securityContext }}
securityContext:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with .Values.addons.vpn.env }}
env:
{{- range $k, $v := . }}
- name: {{ $k }}
value: {{ $v | quote }}
{{- end }}
{{- end }}
args:
{{- range .Values.addons.vpn.args }}
- {{ . | quote }}
{{- end }}
{{- if or .Values.addons.vpn.openvpn.auth .Values.addons.vpn.openvpn.authSecret }}
envFrom:
- secretRef:
{{- if .Values.addons.vpn.openvpn.authSecret }}
name: {{ .Values.addons.vpn.openvpn.authSecret }}
{{- else }}
name: {{ include "common.names.fullname" . }}-openvpn
{{- end }}
{{- end }}
{{- if or .Values.addons.vpn.configFile .Values.addons.vpn.configFileSecret .Values.addons.vpn.scripts.up .Values.addons.vpn.scripts.down .Values.addons.vpn.additionalVolumeMounts .Values.persistence.shared.enabled }}
volumeMounts:
{{- if or .Values.addons.vpn.configFile .Values.addons.vpn.configFileSecret }}
- name: vpnconfig
mountPath: /vpn/vpn.conf
subPath: vpnConfigfile
{{- end }}
{{- if .Values.addons.vpn.scripts.up }}
- name: vpnscript
mountPath: /vpn/up.sh
subPath: up.sh
{{- end }}
{{- if .Values.addons.vpn.scripts.down }}
- name: vpnscript
mountPath: /vpn/down.sh
subPath: down.sh
{{- end }}
{{- if .Values.persistence.shared.enabled }}
- mountPath: {{ .Values.persistence.shared.mountPath }}
name: shared
{{- end }}
{{- with .Values.addons.vpn.additionalVolumeMounts }}
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end }}
{{- with .Values.addons.vpn.livenessProbe }}
livenessProbe:
{{- toYaml . | nindent 2 }}
{{- end -}}
{{- with .Values.addons.vpn.resources }}
resources:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end -}}

16
charts/library/common/templates/addons/vpn/openvpn/_secret.tpl Normal file
View file

@ -0,0 +1,16 @@
{{/*
The OpenVPN credentials secrets to be included.
*/}}
{{- define "common.addon.openvpn.secret" -}}
{{- with .Values.addons.vpn.openvpn.auth }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" $ }}-openvpn
labels: {{- include "common.labels" $ | nindent 4 }}
annotations: {{- include "common.annotations" $ | nindent 4 }}
data:
VPN_AUTH: {{ . | b64enc }}
{{- end -}}
{{- end -}}

11
charts/library/common/templates/addons/vpn/wireguard/_addon.tpl Normal file
View file

@ -0,0 +1,11 @@
{{/*
Template to render Wireguard addon. It will add the container to the list of additionalContainers.
*/}}
*/}}
{{- define "common.addon.wireguard" -}}
{{/* Append the Wireguard container to the additionalContainers */}}
{{- $container := fromYaml (include "common.addon.wireguard.container" .) -}}
{{- if $container -}}
{{- $_ := set .Values.additionalContainers "addon-wireguard" $container -}}
{{- end -}}
{{- end -}}

56
charts/library/common/templates/addons/vpn/wireguard/_container.tpl Normal file
View file

@ -0,0 +1,56 @@
{{/*
The Wireguard sidecar container to be inserted.
*/}}
{{- define "common.addon.wireguard.container" -}}
name: wireguard
image: "{{ .Values.addons.vpn.wireguard.image.repository }}:{{ .Values.addons.vpn.wireguard.image.tag }}"
imagePullPolicy: {{ .Values.addons.vpn.wireguard.pullPolicy }}
{{- with .Values.addons.vpn.securityContext }}
securityContext:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with .Values.addons.vpn.env }}
env:
{{- range $k, $v := . }}
- name: {{ $k }}
value: {{ $v | quote }}
{{- end }}
{{- end }}
args:
{{- range .Values.addons.vpn.args }}
- {{ . | quote }}
{{- end }}
{{- if or .Values.addons.vpn.configFile .Values.addons.vpn.configFileSecret .Values.addons.vpn.scripts.up .Values.addons.vpn.scripts.down .Values.addons.vpn.additionalVolumeMounts .Values.persistence.shared.enabled }}
volumeMounts:
{{- if or .Values.addons.vpn.configFile .Values.addons.vpn.configFileSecret }}
- name: vpnconfig
mountPath: /etc/wireguard/wg0.conf
subPath: vpnConfigfile
{{- end }}
{{- if .Values.addons.vpn.scripts.up }}
- name: vpnscript
mountPath: /config/up.sh
subPath: up.sh
{{- end }}
{{- if .Values.addons.vpn.scripts.down }}
- name: vpnscript
mountPath: /config/down.sh
subPath: down.sh
{{- end }}
{{- if .Values.persistence.shared.enabled }}
- mountPath: {{ .Values.persistence.shared.mountPath }}
name: shared
{{- end }}
{{- with .Values.addons.vpn.additionalVolumeMounts }}
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end }}
{{- with .Values.addons.vpn.livenessProbe }}
livenessProbe:
{{- toYaml . | nindent 2 }}
{{- end -}}
{{- with .Values.addons.vpn.resources }}
resources:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end -}}

37
charts/library/common/templates/classes/_HorizontalPodAutoscaler.tpl Normal file
View file

@ -0,0 +1,37 @@
{{/*
This template serves as a blueprint for horizontal pod autoscaler objects that are created
using the common library.
*/}}
{{- define "common.classes.hpa" -}}
{{- if .Values.autoscaling.enabled -}}
{{- $hpaName := include "common.names.fullname" . -}}
{{- $targetName := include "common.names.fullname" . }}
---
apiVersion: autoscaling/v2beta1
kind: HorizontalPodAutoscaler
metadata:
name: {{ $hpaName }}
labels: {{- include "common.labels" $ | nindent 4 }}
annotations: {{- include "common.annotations" $ | nindent 4 }}
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: {{ include "common.names.controllerType" . }}
name: {{ .Values.autoscaling.target | default $targetName }}
minReplicas: {{ .Values.autoscaling.minReplicas | default 1 }}
maxReplicas: {{ .Values.autoscaling.maxReplicas | default 3 }}
metrics:
{{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
- type: Resource
resource:
name: cpu
targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
{{- end }}
{{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
- type: Resource
resource:
name: memory
targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
{{- end }}
{{- end -}}
{{- end -}}

34
charts/library/common/templates/classes/_configmap.tpl Normal file
View file

@ -0,0 +1,34 @@
{{/*
This template serves as a blueprint for all configMap objects that are created
within the common library.
*/}}
{{- define "common.classes.configmap" -}}
{{- $fullName := include "common.names.fullname" . -}}
{{- $configMapName := $fullName -}}
{{- $values := .Values.configmap -}}
{{- if hasKey . "ObjectValues" -}}
{{- with .ObjectValues.configmap -}}
{{- $values = . -}}
{{- end -}}
{{ end -}}
{{- if and (hasKey $values "nameOverride") $values.nameOverride -}}
{{- $configMapName = printf "%v-%v" $configMapName $values.nameOverride -}}
{{- end }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ $configMapName }}
{{- with (merge ($values.labels | default dict) (include "common.labels" $ | fromYaml)) }}
labels: {{- toYaml . | nindent 4 }}
{{- end }}
{{- with (merge ($values.annotations | default dict) (include "common.annotations" $ | fromYaml)) }}
annotations: {{- toYaml . | nindent 4 }}
{{- end }}
data:
{{- with $values.data }}
{{- tpl (toYaml .) $ | nindent 2 }}
{{- end }}
{{- end }}

82
charts/library/common/templates/classes/_ingress.tpl Normal file
View file

@ -0,0 +1,82 @@
{{/*
This template serves as a blueprint for all Ingress objects that are created
within the common library.
*/}}
{{- define "common.classes.ingress" -}}
{{- $fullName := include "common.names.fullname" . -}}
{{- $ingressName := $fullName -}}
{{- $values := .Values.ingress -}}
{{- if hasKey . "ObjectValues" -}}
{{- with .ObjectValues.ingress -}}
{{- $values = . -}}
{{- end -}}
{{ end -}}
{{- if and (hasKey $values "nameOverride") $values.nameOverride -}}
{{- $ingressName = printf "%v-%v" $ingressName $values.nameOverride -}}
{{- end -}}
{{- $primaryService := get .Values.service (include "common.service.primary" .) -}}
{{- $defaultServiceName := $fullName -}}
{{- if and (hasKey $primaryService "nameOverride") $primaryService.nameOverride -}}
{{- $defaultServiceName = printf "%v-%v" $defaultServiceName $primaryService.nameOverride -}}
{{- end -}}
{{- $defaultServicePort := get $primaryService.ports (include "common.classes.service.ports.primary" (dict "values" $primaryService)) -}}
{{- $isStable := include "common.capabilities.ingress.isStable" . }}
---
apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }}
kind: Ingress
metadata:
name: {{ $ingressName }}
{{- with (merge ($values.labels | default dict) (include "common.labels" $ | fromYaml)) }}
labels: {{- toYaml . | nindent 4 }}
{{- end }}
{{- with (merge ($values.annotations | default dict) (include "common.annotations" $ | fromYaml)) }}
annotations: {{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if and $isStable $values.ingressClassName }}
ingressClassName: {{ $values.ingressClassName }}
{{- end }}
{{- if $values.tls }}
tls:
{{- range $values.tls }}
- hosts:
{{- range .hosts }}
- {{ tpl . $ | quote }}
{{- end }}
{{- if .secretName }}
secretName: {{ tpl .secretName $ | quote}}
{{- end }}
{{- end }}
{{- end }}
rules:
{{- range $values.hosts }}
- host: {{ tpl .host $ | quote }}
http:
paths:
{{- range .paths }}
{{- $service := $defaultServiceName -}}
{{- $port := $defaultServicePort.port -}}
{{- if .service -}}
{{- $service = default $service .service.name -}}
{{- $port = default $port .service.port -}}
{{- end }}
- path: {{ tpl .path $ | quote }}
{{- if $isStable }}
pathType: {{ default "Prefix" .pathType }}
{{- end }}
backend:
{{- if $isStable }}
service:
name: {{ $service }}
port:
number: {{ $port }}
{{- else }}
serviceName: {{ $service }}
servicePort: {{ $port }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

45
charts/library/common/templates/classes/_pvc.tpl Normal file
View file

@ -0,0 +1,45 @@
{{/*
This template serves as a blueprint for all PersistentVolumeClaim objects that are created
within the common library.
*/}}
{{- define "common.classes.pvc" -}}
{{- $values := .Values.persistence -}}
{{- if hasKey . "ObjectValues" -}}
{{- with .ObjectValues.persistence -}}
{{- $values = . -}}
{{- end -}}
{{ end -}}
{{- $pvcName := include "common.names.fullname" . -}}
{{- if and (hasKey $values "nameOverride") $values.nameOverride -}}
{{- if not (eq $values.nameOverride "-") -}}
{{- $pvcName = printf "%v-%v" $pvcName $values.nameOverride -}}
{{ end -}}
{{ end }}
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ $pvcName }}
{{- with (merge ($values.labels | default dict) (include "common.labels" $ | fromYaml)) }}
labels: {{- toYaml . | nindent 4 }}
{{- end }}
annotations:
{{- if $values.retain }}
"helm.sh/resource-policy": keep
{{- end }}
{{- with (merge ($values.annotations | default dict) (include "common.annotations" $ | fromYaml)) }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
accessModes:
- {{ required (printf "accessMode is required for PVC %v" $pvcName) $values.accessMode | quote }}
resources:
requests:
storage: {{ required (printf "size is required for PVC %v" $pvcName) $values.size | quote }}
{{- if $values.storageClass }}
storageClassName: {{ if (eq "-" $values.storageClass) }}""{{- else }}{{ $values.storageClass | quote }}{{- end }}
{{- end }}
{{- if $values.volumeName }}
volumeName: {{ $values.volumeName | quote }}
{{- end }}
{{- end -}}

98
charts/library/common/templates/classes/_service.tpl Normal file
View file

@ -0,0 +1,98 @@
{{/*
This template serves as a blueprint for all Service objects that are created
within the common library.
*/}}
{{- define "common.classes.service" -}}
{{- $values := .Values.service -}}
{{- if hasKey . "ObjectValues" -}}
{{- with .ObjectValues.service -}}
{{- $values = . -}}
{{- end -}}
{{ end -}}
{{- $serviceName := include "common.names.fullname" . -}}
{{- if and (hasKey $values "nameOverride") $values.nameOverride -}}
{{- $serviceName = printf "%v-%v" $serviceName $values.nameOverride -}}
{{ end -}}
{{- $svcType := $values.type | default "" -}}
{{- $primaryPort := get $values.ports (include "common.classes.service.ports.primary" (dict "values" $values)) }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ $serviceName }}
{{- with (merge ($values.labels | default dict) (include "common.labels" $ | fromYaml)) }}
labels: {{- toYaml . | nindent 4 }}
{{- end }}
annotations:
{{- if eq ( $primaryPort.protocol | default "" ) "HTTPS" }}
traefik.ingress.kubernetes.io/service.serversscheme: https
{{- end }}
{{- with (merge ($values.annotations | default dict) (include "common.annotations" $ | fromYaml)) }}
{{ toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if (or (eq $svcType "ClusterIP") (empty $svcType)) }}
type: ClusterIP
{{- if $values.clusterIP }}
clusterIP: {{ $values.clusterIP }}
{{end}}
{{- else if eq $svcType "LoadBalancer" }}
type: {{ $svcType }}
{{- if $values.loadBalancerIP }}
loadBalancerIP: {{ $values.loadBalancerIP }}
{{- end }}
{{- if $values.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{ toYaml $values.loadBalancerSourceRanges | nindent 4 }}
{{- end -}}
{{- else }}
type: {{ $svcType }}
{{- end }}
{{- if $values.externalTrafficPolicy }}
externalTrafficPolicy: {{ $values.externalTrafficPolicy }}
{{- end }}
{{- if $values.sessionAffinity }}
sessionAffinity: {{ $values.sessionAffinity }}
{{- if $values.sessionAffinityConfig }}
sessionAffinityConfig:
{{ toYaml $values.sessionAffinityConfig | nindent 4 }}
{{- end -}}
{{- end }}
{{- with $values.externalIPs }}
externalIPs:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- if $values.publishNotReadyAddresses }}
publishNotReadyAddresses: {{ $values.publishNotReadyAddresses }}
{{- end }}
{{- if $values.ipFamilyPolicy }}
ipFamilyPolicy: {{ $values.ipFamilyPolicy }}
{{- end }}
{{- with $values.ipFamilies }}
ipFamilies:
{{ toYaml . | nindent 4 }}
{{- end }}
ports:
{{- range $name, $port := $values.ports }}
{{- if $port.enabled }}
- port: {{ $port.port }}
targetPort: {{ $port.targetPort | default $name }}
{{- if $port.protocol }}
{{- if or ( eq $port.protocol "HTTP" ) ( eq $port.protocol "HTTPS" ) ( eq $port.protocol "TCP" ) }}
protocol: TCP
{{- else }}
protocol: {{ $port.protocol }}
{{- end }}
{{- else }}
protocol: TCP
{{- end }}
name: {{ $name }}
{{- if (and (eq $svcType "NodePort") (not (empty $port.nodePort))) }}
nodePort: {{ $port.nodePort }}
{{ end }}
{{- end }}
{{- end }}
selector:
{{- include "common.labels.selectorLabels" . | nindent 4 }}
{{- end }}

27
charts/library/common/templates/classes/_service_ports.tpl Normal file
View file

@ -0,0 +1,27 @@
{{/*
Return the primary port for a given Service object.
*/}}
{{- define "common.classes.service.ports.primary" -}}
{{- $enabledPorts := dict -}}
{{- range $name, $port := .values.ports -}}
{{- if $port.enabled -}}
{{- $_ := set $enabledPorts $name . -}}
{{- end -}}
{{- end -}}
{{- if eq 0 (len $enabledPorts) }}
{{- fail (printf "No ports are enabled for service \"%s\"!" .serviceName) }}
{{- end }}
{{- $result := "" -}}
{{- range $name, $port := $enabledPorts -}}
{{- if and (hasKey $port "primary") $port.primary -}}
{{- $result = $name -}}
{{- end -}}
{{- end -}}
{{- if not $result -}}
{{- $result = keys $enabledPorts | first -}}
{{- end -}}
{{- $result -}}
{{- end -}}

10
charts/library/common/templates/lib/chart/_annotations.tpl Normal file
View file

@ -0,0 +1,10 @@
{{/* Common annotations shared across objects */}}
{{- define "common.annotations" -}}
{{- with .Values.global.annotations }}
{{- range $k, $v := . }}
{{- $name := $k }}
{{- $value := tpl $v $ }}
{{ $name }}: {{ quote $value }}
{{- end }}
{{- end }}
{{- end -}}

19
charts/library/common/templates/lib/chart/_capabilities.tpl Normal file
View file

@ -0,0 +1,19 @@
{{/* Allow KubeVersion to be overridden. */}}
{{- define "common.capabilities.ingress.kubeVersion" -}}
{{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride -}}
{{- end -}}
{{/* Return the appropriate apiVersion for Ingress objects */}}
{{- define "common.capabilities.ingress.apiVersion" -}}
{{- print "networking.k8s.io/v1" -}}
{{- if semverCompare "<1.19" (include "common.capabilities.ingress.kubeVersion" .) -}}
{{- print "beta1" -}}
{{- end -}}
{{- end -}}
{{/* Check Ingress stability */}}
{{- define "common.capabilities.ingress.isStable" -}}
{{- if eq (include "common.capabilities.ingress.apiVersion" .) "networking.k8s.io/v1" -}}
{{- true -}}
{{- end -}}
{{- end -}}

22
charts/library/common/templates/lib/chart/_labels.tpl Normal file
View file

@ -0,0 +1,22 @@
{{/* Common labels shared across objects */}}
{{- define "common.labels" -}}
helm.sh/chart: {{ include "common.names.chart" . }}
{{ include "common.labels.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- with .Values.global.labels }}
{{- range $k, $v := . }}
{{- $name := $k }}
{{- $value := tpl $v $ }}
{{ $name }}: {{ quote $value }}
{{- end }}
{{- end }}
{{- end -}}
{{/* Selector labels shared across objects */}}
{{- define "common.labels.selectorLabels" -}}
app.kubernetes.io/name: {{ include "common.names.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}

58
charts/library/common/templates/lib/chart/_names.tpl Normal file
View file

@ -0,0 +1,58 @@
{{/* Expand the name of the chart */}}
{{- define "common.names.name" -}}
{{- $globalNameOverride := "" -}}
{{- if hasKey .Values "global" -}}
{{- $globalNameOverride = (default $globalNameOverride .Values.global.nameOverride) -}}
{{- end -}}
{{- default .Chart.Name (default .Values.nameOverride $globalNameOverride) | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "common.names.fullname" -}}
{{- $name := include "common.names.name" . -}}
{{- $globalFullNameOverride := "" -}}
{{- if hasKey .Values "global" -}}
{{- $globalFullNameOverride = (default $globalFullNameOverride .Values.global.fullnameOverride) -}}
{{- end -}}
{{- if or .Values.fullnameOverride $globalFullNameOverride -}}
{{- $name = default .Values.fullnameOverride $globalFullNameOverride -}}
{{- else -}}
{{- if contains $name .Release.Name -}}
{{- $name = .Release.Name -}}
{{- else -}}
{{- $name = printf "%s-%s" .Release.Name $name -}}
{{- end -}}
{{- end -}}
{{- trunc 63 $name | trimSuffix "-" -}}
{{- end -}}
{{/* Create chart name and version as used by the chart label */}}
{{- define "common.names.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/* Create the name of the ServiceAccount to use */}}
{{- define "common.names.serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}}
{{- default (include "common.names.fullname" .) .Values.serviceAccount.name -}}
{{- else -}}
{{- default "default" .Values.serviceAccount.name -}}
{{- end -}}
{{- end -}}
{{/* Return the properly cased version of the controller type */}}
{{- define "common.names.controllerType" -}}
{{- if eq .Values.controller.type "deployment" -}}
{{- print "Deployment" -}}
{{- else if eq .Values.controller.type "daemonset" -}}
{{- print "DaemonSet" -}}
{{- else if eq .Values.controller.type "statefulset" -}}
{{- print "StatefulSet" -}}
{{- else -}}
{{- fail (printf "Not a valid controller.type (%s)" .Values.controller.type) -}}
{{- end -}}
{{- end -}}

9
charts/library/common/templates/lib/chart/_values.tpl Normal file
View file

@ -0,0 +1,9 @@
{{/* Merge the local chart values and the common chart defaults */}}
{{- define "common.values.setup" -}}
{{- if .Values.common -}}
{{- $defaultValues := deepCopy .Values.common -}}
{{- $userValues := deepCopy (omit .Values "common") -}}
{{- $mergedValues := mustMergeOverwrite $defaultValues $userValues -}}
{{- $_ := set . "Values" (deepCopy $mergedValues) -}}
{{- end -}}
{{- end -}}

84
charts/library/common/templates/lib/controller/_container.tpl Normal file
View file

@ -0,0 +1,84 @@
{{- /* The main container included in the controller */ -}}
{{- define "common.controller.mainContainer" -}}
- name: {{ include "common.names.fullname" . }}
image: {{ printf "%s:%s" .Values.image.repository (default .Chart.AppVersion .Values.image.tag) | quote }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- with .Values.command }}
command:
{{- if kindIs "string" . }}
- {{ . }}
{{- else }}
{{ toYaml . | nindent 4 }}
{{- end }}
{{- end }}
{{- with .Values.args }}
args:
{{- if kindIs "string" . }}
- {{ . }}
{{- else }}
{{ toYaml . | nindent 4 }}
{{- end }}
{{- end }}
{{- with .Values.securityContext }}
securityContext:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.lifecycle }}
lifecycle:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.termination.messagePath }}
terminationMessagePath: {{ . }}
{{- end }}
{{- with .Values.termination.messagePolicy }}
terminationMessagePolicy: {{ . }}
{{- end }}
{{- with .Values.env }}
env:
{{- range $k, $v := . }}
{{- $name := $k }}
{{- $value := $v }}
{{- if kindIs "int" $name }}
{{- $name = required "environment variables as a list of maps require a name field" $value.name }}
{{- end }}
- name: {{ quote $name }}
{{- if kindIs "map" $value -}}
{{- if hasKey $value "value" }}
{{- $value = $value.value -}}
{{- else if hasKey $value "valueFrom" }}
{{- toYaml $value | nindent 6 }}
{{- else }}
{{- dict "valueFrom" $value | toYaml | nindent 6 }}
{{- end }}
{{- end }}
{{- if not (kindIs "map" $value) }}
{{- if kindIs "string" $value }}
{{- $value = tpl $value $ }}
{{- end }}
value: {{ quote $value }}
{{- end }}
{{- end }}
{{- end }}
{{- if or .Values.envFrom .Values.secret }}
envFrom:
{{- with .Values.envFrom }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- if .Values.secret }}
- secretRef:
name: {{ include "common.names.fullname" . }}
{{- end }}
{{- end }}
ports:
{{- include "common.controller.ports" . | trim | nindent 4 }}
{{- with (include "common.controller.volumeMounts" . | trim) }}
volumeMounts:
{{- nindent 4 . }}
{{- end }}
{{- include "common.controller.probes" . | trim | nindent 2 }}
{{- with .Values.resources }}
resources:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end -}}

93
charts/library/common/templates/lib/controller/_pod.tpl Normal file
View file

@ -0,0 +1,93 @@
{{- /*
The pod definition included in the controller.
*/ -}}
{{- define "common.controller.pod" -}}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 2 }}
{{- end }}
serviceAccountName: {{ include "common.names.serviceAccountName" . }}
automountServiceAccountToken: {{ .Values.automountServiceAccountToken }}
{{- with .Values.podSecurityContext }}
securityContext:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with .Values.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
{{- with .Values.runtimeClassName }}
runtimeClassName: {{ . }}
{{- end }}
{{- with .Values.schedulerName }}
schedulerName: {{ . }}
{{- end }}
{{- with .Values.hostNetwork }}
hostNetwork: {{ . }}
{{- end }}
{{- with .Values.hostname }}
hostname: {{ . }}
{{- end }}
{{- if .Values.dnsPolicy }}
dnsPolicy: {{ .Values.dnsPolicy }}
{{- else if .Values.hostNetwork }}
dnsPolicy: ClusterFirstWithHostNet
{{- else }}
dnsPolicy: ClusterFirst
{{- end }}
{{- with .Values.dnsConfig }}
dnsConfig:
{{- toYaml . | nindent 2 }}
{{- end }}
enableServiceLinks: {{ .Values.enableServiceLinks }}
{{- with .Values.termination.gracePeriodSeconds }}
terminationGracePeriodSeconds: {{ . }}
{{- end }}
{{- if .Values.initContainers }}
initContainers:
{{- $initContainers := list }}
{{- range $index, $key := (keys .Values.initContainers | uniq | sortAlpha) }}
{{- $container := get $.Values.initContainers $key }}
{{- if not $container.name -}}
{{- $_ := set $container "name" $key }}
{{- end }}
{{- $initContainers = append $initContainers $container }}
{{- end }}
{{- tpl (toYaml $initContainers) $ | nindent 2 }}
{{- end }}
containers:
{{- include "common.controller.mainContainer" . | nindent 2 }}
{{- with .Values.additionalContainers }}
{{- $additionalContainers := list }}
{{- range $name, $container := . }}
{{- if not $container.name -}}
{{- $_ := set $container "name" $name }}
{{- end }}
{{- $additionalContainers = append $additionalContainers $container }}
{{- end }}
{{- tpl (toYaml $additionalContainers) $ | nindent 2 }}
{{- end }}
{{- with (include "common.controller.volumes" . | trim) }}
volumes:
{{- nindent 2 . }}
{{- end }}
{{- with .Values.hostAliases }}
hostAliases:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with .Values.topologySpreadConstraints }}
topologySpreadConstraints:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end -}}

36
charts/library/common/templates/lib/controller/_ports.tpl Normal file
View file

@ -0,0 +1,36 @@
{{/*
Ports included by the controller.
*/}}
{{- define "common.controller.ports" -}}
{{- $ports := list -}}
{{- range .Values.service -}}
{{- if .enabled -}}
{{- range $name, $port := .ports -}}
{{- $_ := set $port "name" $name -}}
{{- $ports = mustAppend $ports $port -}}
{{- end }}
{{- end }}
{{- end }}
{{/* export/render the list of ports */}}
{{- if $ports -}}
{{- range $_ := $ports }}
{{- if .enabled }}
- name: {{ .name }}
{{- if and .targetPort (kindIs "string" .targetPort) }}
{{- fail (printf "Our charts do not support named ports for targetPort. (port name %s, targetPort %s)" .name .targetPort) }}
{{- end }}
containerPort: {{ .targetPort | default .port }}
{{- if .protocol }}
{{- if or ( eq .protocol "HTTP" ) ( eq .protocol "HTTPS" ) ( eq .protocol "TCP" ) }}
protocol: TCP
{{- else }}
protocol: {{ .protocol }}
{{- end }}
{{- else }}
protocol: TCP
{{- end }}
{{- end}}
{{- end -}}
{{- end -}}
{{- end -}}

33
charts/library/common/templates/lib/controller/_probes.tpl Normal file
View file

@ -0,0 +1,33 @@
{{/*
Probes selection logic.
*/}}
{{- define "common.controller.probes" -}}
{{- $primaryService := get .Values.service (include "common.service.primary" .) -}}
{{- $primaryPort := "" -}}
{{- if $primaryService -}}
{{- $primaryPort = get $primaryService.ports (include "common.classes.service.ports.primary" (dict "serviceName" (include "common.service.primary" .) "values" $primaryService)) -}}
{{- end -}}
{{- range $probeName, $probe := .Values.probes }}
{{- if $probe.enabled -}}
{{- "" | nindent 0 }}
{{- $probeName }}Probe:
{{- if $probe.custom -}}
{{- $probe.spec | toYaml | nindent 2 }}
{{- else }}
{{- if and $primaryService $primaryPort -}}
{{- "tcpSocket:" | nindent 2 }}
{{- if $primaryPort.targetPort }}
{{- printf "port: %v" $primaryPort.targetPort | nindent 4 }}
{{- else}}
{{- printf "port: %v" $primaryPort.port | nindent 4 }}
{{- end }}
{{- printf "initialDelaySeconds: %v" $probe.spec.initialDelaySeconds | nindent 2 }}
{{- printf "failureThreshold: %v" $probe.spec.failureThreshold | nindent 2 }}
{{- printf "timeoutSeconds: %v" $probe.spec.timeoutSeconds | nindent 2 }}
{{- printf "periodSeconds: %v" $probe.spec.periodSeconds | nindent 2 }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

56
charts/library/common/templates/lib/controller/_volumemounts.tpl Normal file
View file

@ -0,0 +1,56 @@
{{/* Volumes included by the controller */}}
{{- define "common.controller.volumeMounts" -}}
{{- range $persistenceIndex, $persistenceItem := .Values.persistence }}
{{- if $persistenceItem.enabled -}}
{{- if kindIs "slice" $persistenceItem.subPath -}}
{{- if $persistenceItem.mountPath -}}
{{- fail (printf "Cannot use persistence.mountPath with a subPath list (%s)" $persistenceIndex) }}
{{- end -}}
{{- range $subPathIndex, $subPathItem := $persistenceItem.subPath }}
- name: {{ $persistenceIndex }}
subPath: {{ required "subPaths as a list of maps require a path field" $subPathItem.path }}
mountPath: {{ required "subPaths as a list of maps require an explicit mountPath field" $subPathItem.mountPath }}
{{- with $subPathItem.readOnly }}
readOnly: {{ . }}
{{- end }}
{{- with $subPathItem.mountPropagation }}
mountPropagation: {{ . }}
{{- end }}
{{- end -}}
{{- else -}}
{{/* Set the default mountPath to /<name_of_the_peristence_item> */}}
{{- $mountPath := (printf "/%v" $persistenceIndex) -}}
{{- if eq "hostPath" (default "pvc" $persistenceItem.type) -}}
{{- $mountPath = $persistenceItem.hostPath -}}
{{- end -}}
{{/* Use the specified mountPath if provided */}}
{{- with $persistenceItem.mountPath -}}
{{- $mountPath = . -}}
{{- end }}
{{- if ne $mountPath "-" }}
- name: {{ $persistenceIndex }}
mountPath: {{ $mountPath }}
{{- with $persistenceItem.subPath }}
subPath: {{ . }}
{{- end }}
{{- with $persistenceItem.readOnly }}
readOnly: {{ . }}
{{- end }}
{{- with $persistenceItem.mountPropagation }}
mountPropagation: {{ . }}
{{- end }}
{{- end }}
{{- end -}}
{{- end -}}
{{- end }}
{{- if eq .Values.controller.type "statefulset" }}
{{- range $index, $vct := .Values.volumeClaimTemplates }}
- mountPath: {{ $vct.mountPath }}
name: {{ $vct.name }}
{{- if $vct.subPath }}
subPath: {{ $vct.subPath }}
{{- end }}
{{- end }}
{{- end }}
{{- end -}}

68
charts/library/common/templates/lib/controller/_volumes.tpl Normal file
View file

@ -0,0 +1,68 @@
{{/*
Volumes included by the controller.
*/}}
{{- define "common.controller.volumes" -}}
{{- range $index, $persistence := .Values.persistence }}
{{- if $persistence.enabled }}
- name: {{ $index }}
{{- if eq (default "pvc" $persistence.type) "pvc" }}
{{- $pvcName := (include "common.names.fullname" $) -}}
{{- if $persistence.existingClaim }}
{{- /* Always prefer an existingClaim if that is set */}}
{{- $pvcName = $persistence.existingClaim -}}
{{- else -}}
{{- /* Otherwise refer to the PVC name */}}
{{- if $persistence.nameOverride -}}
{{- if not (eq $persistence.nameOverride "-") -}}
{{- $pvcName = (printf "%s-%s" (include "common.names.fullname" $) $persistence.nameOverride) -}}
{{- end -}}
{{- else -}}
{{- $pvcName = (printf "%s-%s" (include "common.names.fullname" $) $index) -}}
{{- end -}}
{{- end }}
persistentVolumeClaim:
claimName: {{ $pvcName }}
{{- else if or (eq $persistence.type "configMap") (eq $persistence.type "secret") }}
{{- $objectName := (required (printf "name not set for persistence item %s" $index) $persistence.name) }}
{{- $objectName = tpl $objectName $ }}
{{- if eq $persistence.type "configMap" }}
configMap:
name: {{ $objectName }}
{{- else }}
secret:
secretName: {{ $objectName }}
{{- end }}
{{- with $persistence.defaultMode }}
defaultMode: {{ . }}
{{- end }}
{{- with $persistence.items }}
items:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- else if eq $persistence.type "emptyDir" }}
{{- $emptyDir := dict -}}
{{- with $persistence.medium -}}
{{- $_ := set $emptyDir "medium" . -}}
{{- end -}}
{{- with $persistence.sizeLimit -}}
{{- $_ := set $emptyDir "sizeLimit" . -}}
{{- end }}
emptyDir: {{- $emptyDir | toYaml | nindent 4 }}
{{- else if eq $persistence.type "hostPath" }}
hostPath:
path: {{ required "hostPath not set" $persistence.hostPath }}
{{- with $persistence.hostPathType }}
type: {{ . }}
{{- end }}
{{- else if eq $persistence.type "nfs" }}
nfs:
server: {{ required "server not set" $persistence.server }}
path: {{ required "path not set" $persistence.path }}
{{- else if eq $persistence.type "custom" }}
{{- toYaml $persistence.volumeSpec | nindent 2 }}
{{- else }}
{{- fail (printf "Not a valid persistence.type (%s)" .Values.persistence.type) }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}