Implement dynamic envs (#19)

Reviewed-on: https://git.badhouseplants.net/allanger/badhouseplants-net/pulls/19
2023-02-25 20:25:16 +00:00
parent c85c686e80
commit 80058b11b1
16 changed files with 725 additions and 89 deletions
--- a/chart/templates/deployment.yaml
+++ b/chart/templates/deployment.yaml
@ -24,35 +24,73 @@ spec:
      labels:
        {{- include "badhouseplants-net.selectorLabels" . | nindent 8 }}
    spec:
-      {{- with .Values.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      securityContext:
-        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      initContainers:
+        - name: {{ .Values.rclone.container.name }}
+          image: "{{ .Values.rclone.image.repository}}:{{ .Values.rclone.image.tag}}"
+          imagePullPolicy: {{ .Values.rclone.image.pullPolicy }}
+          env:
+            - name: RCLONE_CONFIG
+              value: /tmp/rclone.conf
+          command:
+            - sh
+          args:
+            - "-c"
+            - "rclone copy -P badhouseplants-public:/badhouseplants-static /static"
+          volumeMounts:
+            - name: rclone-config
+              mountPath: "/tmp"
+              readOnly: true
+            - name: {{ .Values.volumes.rclone.name }}
+              mountPath: /static
+              readOnly: false
+          resources:
+            {{- toYaml .Values.rclone.container.resources | nindent 12 }}
+        - name: {{ .Values.hugo.container.name }}
+          args:
+            - --baseURL
+            - {{ .Values.hugo.baseURL }}
+            {{- if .Values.hugo.buildDrafts }}
+            - --buildDrafts
+            {{- end }}
+          volumeMounts:
+            - name: {{ .Values.volumes.rclone.name }}
+              mountPath: /src/static
+              readOnly: true
+            - name: {{ .Values.volumes.public.name }}
+              mountPath: /src/public
+              readOnly: false
+          image: "{{ .Values.hugo.image.repository}}:{{ .Values.hugo.image.tag}}"
+          imagePullPolicy: {{ .Values.hugo.image.pullPolicy }}
+          resources:
+            {{- toYaml .Values.hugo.container.resources | nindent 12 }}
      containers:
-        - name: {{ .Chart.Name }}
-          securityContext:
-            {{- toYaml .Values.securityContext | nindent 12 }}
-          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
+        - name: {{ .Values.nginx.container.name }}
+          image: "{{ .Values.nginx.image.repository}}:{{ .Values.nginx.image.tag}}"
+          imagePullPolicy: {{ .Values.nginx.image.pullPolicy }}
          ports:
            - name: http
              containerPort: {{ .Values.service.port }}
              protocol: TCP
          resources:
-            {{- toYaml .Values.resources | nindent 12 }}
-          command: 
-{{ toYaml .Values.command | indent 12 }}
-      {{- with .Values.nodeSelector }}
-      nodeSelector:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.affinity }}
-      affinity:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.tolerations }}
-      tolerations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
+            {{- toYaml .Values.nginx.container.resources | nindent 12 }}
+          volumeMounts:
+            - name: {{ .Values.volumes.public.name }}
+              mountPath: /var/www
+              readOnly: true
+            - name: nginx-config
+              mountPath:  /etc/nginx/conf.d
+              readOnly: true
+      volumes:
+        - name: rclone-config
+          secret:
+            secretName: rclone-config
+        - name: {{ .Values.volumes.rclone.name }}
+          emptyDir:
+            sizeLimit: {{ .Values.volumes.rclone.sizeLimit }}
+        - name: {{ .Values.volumes.public.name }}
+          emptyDir:
+            sizeLimit: {{ .Values.volumes.public.sizeLimit }}
+        - name: nginx-config
+          configMap:
+            name: nginx-config
+
--- a/chart/templates/namespace.yaml
+++ b/chart/templates/namespace.yaml
@ -0,0 +1,6 @@
+{{- if .Values.istio.enabled -}}
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: {{ .Values.namespace.name }}
+{{- end }}
--- a/chart/templates/nginx-config-cm.yaml
+++ b/chart/templates/nginx-config-cm.yaml
@ -0,0 +1,17 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: nginx-config
+data:
+  default.conf: |
+    server {
+      listen 80;
+      listen [::]:80;
+      server_name  ~.;
+      root /var/www;
+      index index.html;
+      location / {
+        try_files $uri $uri/ =404;
+      }
+    }
+
--- a/chart/templates/rclone-config-sec.yaml
+++ b/chart/templates/rclone-config-sec.yaml
@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: rclone-config
+type: generic
+data:
+  # the data is abbreviated in this example
+  rclone.conf: {{ .Values.rclone.config  | b64enc }}
--- a/chart/templates/virtual-service.yaml
+++ b/chart/templates/virtual-service.yaml
@ -0,0 +1,21 @@
+{{- if .Values.istio.enabled -}}
+apiVersion: networking.istio.io/v1beta1
+kind: VirtualService
+metadata:
+  annotations:
+  labels:
+  name: blog-virtual-service
+spec:
+  gateways:
+  - istio-system/badhouseplants-net
+  hosts: {{ .Values.istio.hosts }}
+  http:
+  - match:
+    - uri:
+        prefix:  {{ .Values.istio.prefix }}
+    route:
+    - destination:
+        host: {{ include "badhouseplants-net.fullname" . }}
+        port:
+          number: {{ .Values.service.port }}
+{{- end }}