badhouseplants/open-strike-2
4
0
Fork 0
Code Issues 11 Pull Requests 4 Actions Packages Projects 2 Releases Activity

Add helm chart
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details

Browse Source
This commit is contained in:
Nikolai Rodionov
2025-01-30 17:37:11 +01:00
parent a33167ebb5
commit 5a45278545
33 changed files with 1165 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
helm/charts/helm-library/templates/core/_configmap.yaml Normal file
View File

@ -0,0 +1,18 @@
{{- define "lib.core.configmap" -}} {{- /* define[0] */}}
{{- include "lib.error.noCtx" . -}}
{{- include "lib.error.noKey" (dict "ctx" . "key" "metadata") -}}
---
# ---------------------------------------------------------------------
# -- This resource is managed by the allanger's helm library
# ---------------------------------------------------------------------
apiVersion: v1
kind: ConfigMap
metadata:
{{ .metadata | indent 2 }}
data:
{{- range $key, $value := .data }}
{{- if $value }}
{{ $key }}: {{ tpl $value $.Context | quote }}
{{- end }}
{{- end }}
{{- end -}} {{- /* /define[0]) */ -}}

78
helm/charts/helm-library/templates/core/_deployment.yaml Normal file
View File

@ -0,0 +1,78 @@
{{/*
* Bootstrap a deployment
* It should always receive a dict as an argument
*/}}
{{- define "lib.core.deployment" -}} {{- /* define[0] */ -}}
{{- include "lib.error.noCtx" . -}}
{{- include "lib.error.noKey" (dict "ctx" . "key" "securityContext") -}}
{{- include "lib.error.noKey" (dict "ctx" . "key" "metadata") -}}
---
# ---------------------------------------------------------------------
# -- This resource is managed by the allanger's helm library
# ---------------------------------------------------------------------
apiVersion: apps/v1
kind: Deployment
metadata:
{{ .metadata | indent 2 }}
spec:
{{-
include "lib.core.deployment.spec"
(dict
"ctx" .ctx
"securityContext" .securityContext
"metadata" .metadata
"containers" .containers
"volumes" .volumes
)
| indent 2
}}
{{- end -}} {{- /* /define[0] */ -}}
{{- define "lib.core.deployment.spec" -}} {{- /* define[0] */ -}}
{{- include "lib.error.noCtx" . }}
{{- include "lib.error.noKey" (dict "ctx" . "key" "securityContext") -}}
{{- include "lib.error.noKey" (dict "ctx" . "key" "metadata") }}
replicas: {{ .ctx.Values.base.workload.replicas | default 1 }}
selector:
matchLabels:
{{- include "lib.chart.selectorLabels" (dict "ctx" .ctx) | nindent 6 }}
{{
include "lib.core.deployment.template"
(dict
"ctx" .ctx
"securityContext" .securityContext
"metadata" .metadata
"containers" .containers
"volumes" .volumes
)
}}
{{- end -}} {{- /* /define[0] */ -}}
{{- /* A deployment temopalte goes here */ -}}
{{- define "lib.core.deployment.template" -}} {{- /* define[0] */ -}}
{{- include "lib.error.noCtx" . -}}
{{- include "lib.error.noKey" (dict "ctx" . "key" "securityContext") -}}
{{- include "lib.error.noKey" (dict "ctx" . "key" "metadata") -}}
{{- include "lib.error.noKey" (dict "ctx" . "key" "containers") -}}
{{- $labels := toYaml (index (fromYaml .metadata) "labels") -}}
{{- $annotations := toYaml (index (fromYaml .metadata) "annotations") -}}
template:
metadata:
labels:
{{- $labels | nindent 6 }}
annotations:
{{- if not (eq $annotations "null") }}
{{- $annotations | nindent 6 }}
{{- end }}
{{
include "lib.helpers.hashes"
(dict
"env" (.ctx.Values.config).env
"files" (.ctx.Values.config).files)
| nindent 6
}}
spec:
{{- .securityContext | nindent 4 }}
{{ .containers | nindent 4 }}
{{ .volumes | nindent 4 }}
{{- end -}} {{- /* /define[0] */ -}}

20
helm/charts/helm-library/templates/core/_ingress.tpl Normal file
View File

@ -0,0 +1,20 @@
{{- define "lib.core.ingress" }}
---
# ---------------------------------------------------------------------
# -- This resource is managed by the allanger's helm library
# ---------------------------------------------------------------------
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
{{- .metadata | nindent 2 }}
spec:
ingressClassName: {{ .spec.class }}
{{- with .spec.rules }}
rules:
{{- tpl ( . | toYaml | nindent 4 | toString) $.ctx }}
{{- end }}
{{- with .spec.tls }}
tls:
{{- tpl ( . | toYaml | nindent 4 | toString) $.ctx }}
{{- end }}
{{- end }}

117
helm/charts/helm-library/templates/core/_pod.tpl Normal file
View File

@ -0,0 +1,117 @@
{{- define "lib.core.pod" -}} {{- /* define[0] */ -}}
{{- fail "pods are not implemented net" -}}
{{- end -}} {{- /* /define[0] */ -}}
{{/*
* This function should accept a seucrityContext
* from values, so please use it with values
* directly
* SecurityContext is not templated, so it will be
* added as is
*/}}
{{- define "lib.core.pod.securityContext" -}} {{- /* define[0] */ -}}
securityContext:
{{- if not .securityContext }} {{- /* if[1] */}}
# ---------------------------------------------------------------------
# Using the default security context, if it doesn't work for you,
# please update `.Values.base.workload.securityContext`
# ---------------------------------------------------------------------
runAsUser: 1000
runAsGroup: 3000
fsGroup: 2000
seccompProfile:
type: RuntimeDefault
{{- else -}}
{{- with .securityContext }} {{- /* with[2] */}}
{{ toYaml . | indent 2 }}
{{- end -}} {{- /* /with[2] */}}
{{- end -}} {{- /* /if[1] */ -}}
{{- end -}} {{- /* define[0] */ -}}
{{- define "lib.core.pod.volumes" -}} {{- /* define[0] */ -}}
{{- include "lib.error.noCtx" . -}}
{{- include "lib.error.noKey" (dict "ctx" . "key" "storage") -}}
{{- include "lib.error.noKey" (dict "ctx" . "key" "files") -}}
{{- include "lib.error.noKey" (dict "ctx" . "key" "extraVolumes") -}}
{{- if or (or .storage .files) .extraVolumes -}} {{- /* if[0]*/ -}}
volumes:
{{- /* If storage is defined, mount a pvc */ -}}
{{- if .storage }} {{- /* if[1] */}}
{{- range $k, $v := .storage }} {{- /* range[0] */}}
{{- if $v.enabled }}
{{- $name := include "lib.component.storage.name" (dict "ctx" $.ctx "name" $k) }}
- name: {{ $k }}-storage
persistentVolumeClaim:
claimName: {{ $name }}
{{- end }}
{{- end }} {{- /* /range[0] */}}
{{- end }} {{- /* /if[1] */}}
{{- if .extraVolumes}} {{- /* if[1] */}}
{{- range $k, $v := .extraVolumes}} {{- /* range[0] */}}
- name: {{ $k }}-extra
{{- $v | toYaml | nindent 4 }}
{{- end }} {{- /* /range[0] */}}
{{- end }} {{- /* /if[1] */}}
{{- if .files }} {{- /* if[1] */}}
{{- range $k, $v := .files }} {{- /* range[0] */}}
- name: {{ $k }}-file
{{- $name := include "lib.component.file.name" (dict "ctx" $.ctx "name" $k) }}
{{- if $v.sensitive }} {{- /* if[2] */}}
secret:
defaultMode: 420
secretName: {{ $name }}
{{- else }}
configMap:
name: {{ $name }}
{{- end }} {{- /* /if[2] */}}
{{- end }} {{- /* /range[0] */}}
{{- end }} {{- /* /if[1] */}}
{{- end -}} {{- /* /if[0] */ -}}
{{- end -}} {{- /* define[0] */ -}}
{{/*
* This template should generate a valid container
* defintion that should be used by both
* containers and initContainers
*/}}
{{- define "lib.core.pod.containers" -}} {{- /* define[0] */ -}}
{{- include "lib.error.noCtx" . -}}
{{- include "lib.error.noKey" (dict "ctx" . "key" "containers") -}}
{{- $ctx := .ctx }}
containers:
{{- $containers := list }}
{{- range $k, $v := .containers }} {{- /* range[1] */}}
{{- $containerRaw := include "lib.core.pod.container"
(dict
"ctx" $ctx
"name" $k
"data" $v
)
}}
{{- $container := fromYaml $containerRaw }}
{{- if hasKey $container "Error" }} {{- /* if[2] */}}
{{- fail (printf "%s\n%v" $container $containerRaw) }}
{{- end }} {{- /* /if[1] */}}
{{- $containers = append $containers $container }}
{{- end }} {{- /* /range[1] */}}
{{ $containers | toYaml | indent 2 }}
{{- end -}} {{- /* define[0] */ -}}
{{- define "lib.core.pod.initContainers" -}} {{- /* define[0] */ -}}
{{- end -}} {{- /* define[0] */ -}}
{{- define "lib.core.pod.container.image.tag" -}} {{/* define[0] */}}
{{- if or .tag .appVersion -}} {{/* if[1] */}}
{{- if .tag -}} {{/* if[2] */}}
{{- .tag -}}
{{- else -}}
{{- .appVersion -}}
{{- end -}} {{/* /if[2] */}}
{{- else -}}
{{ fail ".tag or .appVersion must be passed to this helper"}}
{{- end -}} {{/* /if[1] */}}
{{- end -}} {{/* /define[0] */}}

21
helm/charts/helm-library/templates/core/_pvc.tpl Normal file
View File

@ -0,0 +1,21 @@
{{- define "lib.core.pvc" -}}
---
# ---------------------------------------------------------------------
# -- This resource is managed by the allanger's helm library
# ---------------------------------------------------------------------
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
{{- .metadata | nindent 2 }}
spec:
{{- with .spec.accessModes }}
accessModes:
{{ toYaml . | indent 4}}
{{- end }}
resources:
requests:
storage: {{ .spec.size }}
{{- if ne .spec.storageClassName "default" }}
storageClassName: {{ .spec.storageClassName }}
{{- end }}
{{- end -}}

16
helm/charts/helm-library/templates/core/_secret.yaml Normal file
View File

@ -0,0 +1,16 @@
{{- define "lib.core.secret" -}} {{- /* define[0] */}}
---
# ---------------------------------------------------------------------
# -- This resource is managed by the allanger's helm library
# ---------------------------------------------------------------------
apiVersion: v1
kind: Secret
metadata:
{{- .metadata | nindent 2 }}
data:
{{- range $key, $value := .data }}
{{- if $value }}
{{ $key }}: {{ tpl $value $.Context | b64enc }}
{{- end }}
{{- end }}
{{- end -}} {{- /* /define[0]) */ -}}

21
helm/charts/helm-library/templates/core/_service.tpl Normal file
View File

@ -0,0 +1,21 @@
{{- define "lib.core.service" }}
---
# ---------------------------------------------------------------------
# -- This resource is managed by the allanger's helm library
# ---------------------------------------------------------------------
apiVersion: v1
kind: Service
metadata:
{{- .metadata | nindent 2 }}
spec:
type: {{ .spec.type }}
selector:
{{- include "lib.chart.selectorLabels" (dict "ctx" .ctx) | nindent 4 }}
ports:
{{- range $k,$v := .spec.ports }} {{- /* range[0] */}}
- name: {{ $k }}
port: {{ $v.port }}
targetPort: {{ $v.targetPort}}
protocol: {{ $v.protocol}}
{{- end }} {{- /* /range[0] */}}
{{- end }}

214
helm/charts/helm-library/templates/core/pod/_container.tpl Normal file
View File

@ -0,0 +1,214 @@
{{/*
* This template should be able to create a valid container spec
*/}}
{{- define "lib.core.pod.container" -}} {{- /* define[0] */ -}}
{{- include "lib.error.noCtx" . -}}
{{- include "lib.error.noKey" (dict "ctx" . "key" "data") -}}
{{- include "lib.error.noKey" (dict "ctx" . "key" "name") -}}
name: {{ .name }}
{{ include "lib.core.pod.container.securityContext" (dict "securityContext" .data.securityContext) }}
{{ include "lib.core.pod.container.command" (dict "command" .data.command) }}
{{ include "lib.core.pod.container.args" (dict "args" .data.command) }}
{{ include "lib.core.pod.container.livenessProbe" (dict "ctx" .ctx "probe" .data.livenessProbe) }}
{{ include "lib.core.pod.container.readinessProbe" (dict "ctx" .ctx "probe" .data.readinessProbe) }}
{{ include "lib.core.pod.container.startupProbe" (dict "ctx" .ctx "probe" .data.readinessProbe) }}
{{ include "lib.core.pod.container.image" (dict "ctx" .ctx "image" .data.image) }}
{{ include "lib.core.pod.container.envFrom" (dict "ctx" .ctx "envFrom" .data.envFrom) }}
{{ include "lib.core.pod.container.volumeMounts" (dict "ctx" .ctx "mounts" .data.volumeMounts) }}
{{ include "lib.core.pod.container.ports" (dict "ctx" .ctx "ports" .data.ports) }}
{{- /*
{{-
include "lib.core.pod.container.ports"
(dict "Context" .Context "Container" .ContainerData)
| indent 2
-}}
{{-
include "lib.core.pod.container.volumeMounts"
.ContainerData | indent 2
-}}
*/}}
{{- end -}} {{- /* /define[0] */ -}}
{{- define "lib.core.pod.container.securityContext" }} {{- /* define[0] */ -}}
securityContext:
{{- if not .securityContext }} {{- /* if[1] */}}
# ---------------------------------------------------------------------
# Using the default security context, if it doesn't work for you,
# please update `.Values.base.workload.containers[].securityContext`
# ---------------------------------------------------------------------
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
{{- else }}
{{- with .securityContext }} {{- /* with[2] */}}
{{ toYaml . | indent 2 }}
{{- end }} {{- /* /with[2] */}}
{{- end -}} {{- /* /if[1] */ -}}
{{- end -}} {{- /* /define[0] */ -}}
{{/*
* Command and Args are accepting a dict as an argument
* dict should contain the following keys:
* - ctx
* - command/args (optional list) - When empty, entry is not added
*/}}
{{- define "lib.core.pod.container.command" -}} {{- /* define[0] */ -}}
{{- with .command -}} {{- /* with[1] */ -}}
command:
{{ . | toYaml | indent 2 }}
{{- end -}} {{- /* /with[1] */ -}}
{{- end -}} {{- /* /define[0] */ -}}
{{- define "lib.core.pod.container.args" -}} {{- /* define[0] */ -}}
{{- with .args -}} {{- /* with[1] */ -}}
args:
{{ . | toYaml | indent 2 }}
{{- end -}} {{- /* /with[1] */ -}}
{{- end -}} {{- /* /define[0] */ -}}
{{/*
* Probes are accepting a dict as an argument
* dict should contain the following keys:
* - ctx
* - probe (optional) - When empty, probe is not added
*
* Notes: Probes can be tempalted, because some kinds of probes
* need to be aware of a port to be checking against. And to avoid
* copypaste all the probes are tempalted
*/}}
{{- define "lib.core.pod.container.readinessProbe" -}} {{- /* define[0] */ -}}
{{- include "lib.error.noCtx" . -}}
{{- include "lib.error.noKey" (dict "ctx" . "key" "probe") -}}
{{- if .probe }} {{- /* if[1] */}}
{{- $probe := tpl (toYaml .probe) .ctx -}}
readinessProbe:
{{ $probe | indent 2}}
{{- end }} {{- /* /if[1] */}}
{{- end -}} {{- /* /define[0] */ -}}
{{- define "lib.core.pod.container.livenessProbe" -}} {{- /* define[0] */ -}}
{{- include "lib.error.noCtx" . -}}
{{- include "lib.error.noKey" (dict "ctx" . "key" "probe") -}}
{{- if .probe }} {{- /* if[1] */}}
{{- $probe := tpl (toYaml .probe) .ctx -}}
livenessProbe:
{{ $probe | indent 2}}
{{- end }} {{- /* /if[1] */}}
{{- end -}} {{- /* /define[0] */ -}}
{{- define "lib.core.pod.container.startupProbe" -}} {{- /* define[0] */ -}}
{{- include "lib.error.noCtx" . -}}
{{- include "lib.error.noKey" (dict "ctx" . "key" "probe") -}}
{{- if .probe }} {{- /* if[1] */}}
{{- $probe := tpl (toYaml .probe) .ctx -}}
startupProbe:
{{ $probe | indent 2}}
{{- end }} {{- /* /if[1] */}}
{{- end -}} {{- /* /define[0] */ -}}
{{- define "lib.core.pod.container.image" -}} {{/* define[0] */}}
{{- include "lib.error.noCtx" . -}}
{{- include "lib.error.noKey" (dict "ctx" . "key" "image") -}}
image: {{ printf "%s/%s:%s"
.image.registry .image.repository
(include "lib.core.pod.container.image.tag"
(dict "appVersion" .ctx.Chart.AppVersion "tag" .image.tag))
}}
imagePullPolicy: {{ .image.pullPolicy | default "Always" }}
{{- end -}} {{/* /define[0] */}}
{{/*
* EnvFrom can either take values from predefined env values
* or add a raw envFrom entries to the manifests
* When using the predefined env, it's possible to remove entries
* using the '.remove' entry from the env mountpoint
*
* Should accept a dict with the followibg keys
* ctx
* envFrom
*
*/}}
{{- define "lib.core.pod.container.envFrom" -}} {{- /* define[0] */ -}}
{{- include "lib.error.noCtx" . -}}
{{- include "lib.error.noKey" (dict "ctx" . "key" "envFrom") -}}
{{- /* If env should be set from a Configmap/Secret */ -}}
{{- if .envFrom -}} {{- /* if[1] */ -}}
envFrom:
{{- range $k, $v := .envFrom -}} {{- /* range[2] */ -}}
{{- if not (eq $k "raw") -}} {{- /* if[3] */ -}}
{{- $source := include "lib.helpers.lookup.env" (dict "ctx" $.ctx "key" $k) | fromYaml }}
{{- if $source.sensitive }}
- secretRef:
{{- else }}
- configMapRef:
{{- end }}
name: {{ include "lib.component.env.name" (dict "ctx" $.ctx "name" $k) }}
{{- else -}}
{{ $v | toYaml | nindent 2}}
{{- end }} {{- /* if[3] */}}
{{- end }} {{- /* /range[2] */}}
{{- end -}} {{- /* /if[1] */ -}}
{{- end -}} {{- /* /define[0] */ -}}
{{- define "lib.core.pod.container.volumeMounts" -}} {{- /* define[0] */ -}}
{{- include "lib.error.noCtx" . -}}
{{- include "lib.error.noKey" (dict "ctx" . "key" "mounts") -}}
{{- if .mounts }} {{- /* if[1] */}}
volumeMounts:
{{- range $mountKind, $mountData := .mounts }} {{- /* range[1] */}}
{{- if eq $mountKind "storage" }} {{- /* if[2] */}}
{{- range $mountName, $mountEntry := $mountData }} {{- /* range[3] */}}
{{- $name := include "lib.component.storage.name" (dict "ctx" $.ctx "name" $mountName) }}
- name: {{ $mountName }}-storage
mountPath: {{ $mountEntry.path }}
{{- end }} {{- /* /range[1] */}}
{{- end }} {{- /* /if[1] */}}
{{- if eq $mountKind "files" }} {{- /* if[1] */}}
{{- range $mountName, $mountEntry := $mountData }} {{- /* range[1] */}}
{{- $name := include "lib.component.file.name" (dict "ctx" $.ctx "name" $mountName) }}
- name: {{ $name }}
mountPath: {{ $mountEntry.path }}
{{- if $mountEntry.subPath }} {{- /* if[2] */}}
subPath: {{ $mountEntry.subPath }}
{{- end }} {{- /* /if[2] */}}
{{- end }} {{- /* /range[1] */}}
{{- end }} {{- /* /if[1] */}}
{{- if eq $mountKind "extraVolumes" }} {{- /* if[1] */}}
{{- range $mountName, $mountEntry := $mountData }} {{- /* range[1] */}}
- name: {{ printf "%s-extra" $mountName }}
mountPath: {{ $mountEntry.path }}
{{- end }} {{- /* /range[1] */}}
{{- end }} {{- /* /if[1] */}}
{{- end }} {{- /* /range[0] */}}
{{- end }} {{- /* /if[0] */}}
{{- end -}} {{- /* /define[0] */ -}}
{{- define "lib.core.pod.container.ports" -}} {{- /* define[0] */ -}}
{{- include "lib.error.noCtx" . -}}
{{- include "lib.error.noKey" (dict "ctx" . "key" "ports") -}}
{{- if .ports }} {{- /* if[0] */}}
ports:
{{- range $k, $v := .ports }} {{- /* range[0] */}}
{{- if and (kindIs "string" $v) (eq $k "raw") }} {{- /* if[1] */}}
{{- fail "raw port should be an array of ports" -}}
{{- end -}}
{{- if ne $k "raw" }}
{{- $service := include "lib.helpers.lookup.service" (dict "ctx" $.ctx "key" $k) | fromYaml -}}
{{- $ports := index $service "ports" }}
{{- range $port := $v }}
{{- $protocol := index (index $ports $port) "protocol" }}
{{- $containerPort := index (index $ports $port) "targetPort" }}
- containerPort: {{ $containerPort }}
protocol: {{ $protocol }}
{{- end }}
{{- else }}
{{ $v | toYaml | indent 2 -}}
{{- end -}} {{- /* /if[1] */ -}}
{{- end -}} {{- /* /range[0] */ -}}
{{- end -}} {{- /* /if[1] */ -}}
{{- end -}} {{- /* /define[0] */ -}}