Some updates

2024-05-13 17:20:21 +02:00 · 2024-05-13 17:20:21 +02:00 · ac6751d3da
commit ac6751d3da
parent 4b5a4e493b
16 changed files with 424 additions and 0 deletions
--- a/charts/workload-testing/.helmignore
+++ b/charts/workload-testing/.helmignore
@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
--- a/charts/workload-testing/Chart.yaml
+++ b/charts/workload-testing/Chart.yaml
@ -0,0 +1,8 @@
+apiVersion: v2
+name: softplayer-lib-workload-testing
+description: A library to be reused accross softplayer charts
+type: library
+version: 0.1.0
+maintainers:
+  - name: allanger
+    email: allanger@badhouseplants.net
--- a/charts/workload-testing/templates/_helpers.tpl
+++ b/charts/workload-testing/templates/_helpers.tpl
@ -0,0 +1,63 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "chart.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "chart.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "chart.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "chart.labels" -}}
+helm.sh/chart: {{ include "chart.chart" . }}
+{{ include "chart.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "chart.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "chart.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "chart.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "chart.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
--- a/charts/workload-testing/templates/_utils.yaml
+++ b/charts/workload-testing/templates/_utils.yaml
@ -0,0 +1,13 @@
+{{- /*
+lib.util.merge will merge two YAML templates and output the result.
+This takes an array of three values:
+- the top context
+- the template name of the overrides (destination)
+- the template name of the base (source)
+*/}}
+{{- define "lib.util.merge" -}}
+{{- $top := first . -}}
+{{- $overrides := fromYaml (include (index . 1) $top) | default (dict ) -}}
+{{- $tpl := fromYaml (include (index . 2) $top) | default (dict ) -}}
+{{- toYaml (merge $overrides $tpl) -}}
+{{- end -}}
--- a/charts/workload-testing/templates/_workloads.yaml
+++ b/charts/workload-testing/templates/_workloads.yaml
@ -0,0 +1,12 @@
+{{- define "helpers.allowed_workloads" -}}
+{{ index .Chart.Annotations "helm.badhouseplants.net/allowed_workload_kinds" }}
+{{- end -}}
+
+{{- define "lib.workload" -}}
+---
+{{ if eq .Values.workload.kind "Deployment" -}}
+{{- if contains .Values.workload.kind (include "helpers.allowed_workloads" .) }}
+{{- include "lib.deployment" . }}
+{{- end }}
+{{- end }}
+{{- end }}
--- a/charts/workload-testing/templates/configs/_env.tpl
+++ b/charts/workload-testing/templates/configs/_env.tpl
@ -0,0 +1,20 @@
+{{- define "lib.config.env" -}}
+{{- range $k, $v := .Values.env }}
+{{- $customName := printf "%s-%s" (include "chart.fullname" $) $k }}
+---
+apiVersion: v1
+{{- if not $v.sensitive }}
+kind: ConfigMap
+{{- include "lib.metadata" (dict "Context" $ "customName" $customName)}}
+data:
+{{- else }}
+kind: Secret
+{{- include "lib.metadata" (dict "Context" $ "customName" $customName)}}
+stringData:
+{{- end }}
+{{- with $v.data }}
+{{ toYaml . | indent 2}}
+{{- end }}
+{{- end }}
+{{- end -}}
+
--- a/charts/workload-testing/templates/configs/_files.tpl
+++ b/charts/workload-testing/templates/configs/_files.tpl
@ -0,0 +1,20 @@
+{{- define "lib.config.files" -}}
+{{- range $k, $v := .Values.files }}
+{{- $customName := printf "%s-%s" (include "chart.fullname" $) $k }}
+---
+apiVersion: v1
+{{- if not $v.sensitive }}
+kind: ConfigMap
+{{- include "lib.metadata" (dict "Context" $ "customName" $customName)}}
+data:
+{{- else }}
+kind: Secret
+{{- include "lib.metadata" (dict "Context" $ "customName" $customName)}}
+stringData:
+{{- end }}
+{{- with $v.data }}
+{{ toYaml . | indent 2}}
+{{- end }}
+{{- end }}
+{{- end -}}
+
--- a/charts/workload-testing/templates/deployment/_deployment.tpl
+++ b/charts/workload-testing/templates/deployment/_deployment.tpl
@ -0,0 +1,11 @@
+{{- define "lib.deployment" -}}
+# ---------------------------------------------------------------------
+# The deployment is build within the helm library
+# please check the lib/tempaltes/deployment/base
+# ---------------------------------------------------------------------
+apiVersion: apps/v1
+kind: Deployment
+{{- include "lib.metadata" (dict "Context" . "customName" "")}}
+{{- include "deployment.spec" . }}
+{{- end -}}
+
--- a/charts/workload-testing/templates/deployment/_spec.tpl
+++ b/charts/workload-testing/templates/deployment/_spec.tpl
@ -0,0 +1,97 @@
+{{/*
+  This is a builder for deployments
+*/}}
+{{- define "deployment.spec" }}
+spec: 
+  replicas: {{ .Values.workload.replicas }}
+  selector:
+    matchLabels:
+{{ include "metadata.selectorLabels" . | indent 6 }}
+  template:
+    metadata:
+      labels:
+{{ include "metadata.labels" . | indent 8 }}
+    spec:
+{{/* Prepare the securityContext for the pod */}}
+{{- include "lib.securityContext" . | indent 6 -}}
+{{/* Add all the volues to pod */}}
+      {{- if or ( or .Values.storage .Values.extraVolumes) .Values.files }}
+      volumes:
+      {{- if .Values.storage }}
+      {{- range $k, $v := .Values.storage }}
+        - name: {{ $k }}-storage
+          persistentVolumeClaim:
+            claimName: " {{- printf "%s-%s" (include "chart.fullname" $) $k }}"
+      {{- end }}
+      {{- end  }}
+      {{- if .Values.files }}-file
+      {{- range $k, $v := .Values.files }}
+        - name: {{ $k }}
+          {{- if $v.sensitive }}
+          secret:
+            defaultMode: 420
+            secretName: " {{- printf "%s-%s" (include "chart.fullname" $) $k }}"
+          {{- else }}
+          configMap:
+            name: "{{- printf "%s-%s" (include "chart.fullname" $) $k }}"
+          {{- end }}
+      {{- end }}
+      {{- end }}
+      {{- end -}}
+{{/* Define containers */}}
+      containers:
+{{- range $k,$v := .Values.workload.containers }}
+      - name: {{ $k }}
+{{/* Prepare the securityContext for the container */}}
+{{- include "lib.containerSecurityContext" . | indent 8 -}}
+{{/* Image fron chart's annotations */}}
+        image: {{ index $.Chart.Annotations "helm.badhouseplants.net/registry" }}:{{ $.Chart.AppVersion }}
+        {{- with $v.command }}
+        command: 
+{{. | toYaml | indent 10 }}
+        {{- end -}}
+        {{- with $v.args }}
+        args: 
+{{. | toYaml | indent 10 }}
+        {{- end -}}
+{{- if $v.mounts }}
+        mounts:
+{{- range $k ,$v := range $v.mounts }}
+{{- if $k == "storage" }}
+          name: {{ $k }}-storage
+{{- end }}
+{{- end }}
+    volumeMounts:
+{{/* Ports */}}
+{{- with $v.ports }}
+        ports:
+{{- range $p := $v.ports}}
+          - containerPort: {{ index (index $.Values.service.ports $p) "targetPort" }}
+{{/* If env should be set from a Configmap/Secret */}}
+{{- if $v.envFrom }}
+        envFrom:
+{{- range $k := $v.envFrom }}
+{{/* If envFrom entry is a string, then refer to the env created by the library */}}
+{{- if kindIs "string" $k }}
+{{- if (index $.Values.env $k) }}
+{{- if (index $.Values.env $k).sensitive }}
+          - secretRef:
+{{- else }}
+          - configMapRef:
+{{- end }}
+              name: {{ printf "%s-%s" (include "chart.fullname" $) $k }}
+{{- end }}
+{{/* Otherwise try to add references directly (if Secrets/ConfigMaps are not managed by the chart) */}}
+{{- else }}
+{{- range $k, $v := $k }}
+          - {{ $k }}:
+{{ toYaml $v | indent 14 }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
--- a/charts/workload-testing/templates/metadata/_base.tpl
+++ b/charts/workload-testing/templates/metadata/_base.tpl
@ -0,0 +1,13 @@
+{{- define "lib.metadata" }}
+metadata:
+  {{- if  .customName }}
+  name: {{ .customName }}
+  {{- else }}
+  name: {{ include "chart.fullname" .Context }}
+  {{- end }}
+  labels:
+{{ include "metadata.labels" .Context | indent 4 }}
+{{- end }}
+
+{{- define "metadata.customName" -}}
+{{- end -}}
--- a/charts/workload-testing/templates/metadata/_labels.tpl
+++ b/charts/workload-testing/templates/metadata/_labels.tpl
@ -0,0 +1,20 @@
+{{/*
+Common labels
+*/}}
+{{- define "metadata.labels" -}}
+helm.sh/chart: {{ include "chart.chart" . }}
+{{ include "chart.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "metadata.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "chart.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
--- a/charts/workload-testing/templates/notes/_notes.tpl
+++ b/charts/workload-testing/templates/notes/_notes.tpl
@ -0,0 +1,8 @@
+{{- define "lib.notes" -}}
+*** Release metadata ***
+Chart: {{ .Chart.Name }}
+Chart version: {{ .Chart.Version }}
+App version: {{ .Chart.Version }}
+Image: {{ index $.Chart.Annotations "helm.badhouseplants.net/registry" }}
+Release name: {{ .Release.Name }}
+{{- end }}
--- a/charts/workload-testing/templates/pvc/_pvc.tpl
+++ b/charts/workload-testing/templates/pvc/_pvc.tpl
@ -0,0 +1,23 @@
+{{- define "lib.pvc" -}}
+{{- range $k, $v := .Values.storage }}
+{{- $customName := printf "%s-%s" (include "chart.fullname" $) $k }}
+---
+# ---------------------------------------------------------------------
+# This pvc is created as a part of softplayer helm library
+# please see /lib/tempaltes/pvc/_pvc.tpl
+# ---------------------------------------------------------------------
+
+apiVersion: v1
+kind: PersistentVolumeClaim
+{{- include "lib.metadata" (dict "Context" $ "customName" $customName)}}
+spec:
+{{- with $v.accessModes }}
+  accessModes:
+{{ toYaml . | indent 4}}
+{{- end }}
+  resources:
+    requests:
+      storage: {{ $v.size }}
+  storageClassName: {{ $v.storageClassName }}
+{{- end }}
+{{- end -}}
--- a/charts/workload-testing/templates/rbac/_rbac.yaml
+++ b/charts/workload-testing/templates/rbac/_rbac.yaml
@ -0,0 +1,34 @@
+{{- define "lib.rbac" -}}
+{{- range $k, $v := .Values.rbac }}
+{{- $customName := printf "%s-%s" (include "chart.fullname" $) $k }}
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: {{ $v.role.kind }}
+{{- include "lib.metadata" (dict "Context" $ "customName" $customName)}}
+rules:
+{{ $v.role.rules | toYaml | indent 2}}
+
+{{- if $v.serviceAccount }}
+---
+apiVersion: v1
+kind: ServiceAccount
+{{- include "lib.metadata" (dict "Context" $ "customName" $customName)}}
+---
+kind: {{ $v.binding.kind }}
+apiVersion: rbac.authorization.k8s.io/v1
+{{- include "lib.metadata" (dict "Context" $ "customName" $customName)}}
+subjects:
+
+- kind: ServiceAccount
+  name: {{ $customName }}
+  namespace: {{ $.Release.Namespace }}
+roleRef:
+  kind: {{ $v.role.kind }}
+  name: {{ $customName }}
+  apiGroup: rbac.authorization.k8s.io
+{{- end  }}
+{{- end  }}
+
+{{- end -}}
+
--- a/charts/workload-testing/templates/service/_service.tpl
+++ b/charts/workload-testing/templates/service/_service.tpl
@ -0,0 +1,25 @@
+{{- define "lib.service" }}
+---
+# ---------------------------------------------------------------------
+# This service is created as a part of softplayer helm library
+# please see /lib/tempaltes/service/_service.tpl
+# ---------------------------------------------------------------------
+apiVersion: v1
+kind: Service
+{{- include "lib.metadata" (dict "Context" . "customName" "")}}
+spec:
+  {{- if (.Values.service).type }}
+  type: {{ .Values.service.type }}
+  {{- else }}
+  type: ClusterIP
+  {{- end }}
+  selector:
+{{ include "metadata.selectorLabels" .  | indent 4}}
+  ports:
+{{- range $k,$v := .Values.service.ports }}
+    - name: {{ $k }}
+      port: {{ $v.port }}
+      targetPort: {{ $v.targetPort}}
+      protocol: {{ $v.protocol}}
+{{- end }}
+{{- end }}
--- a/charts/workload-testing/templates/workload/_security.tpl
+++ b/charts/workload-testing/templates/workload/_security.tpl
@ -0,0 +1,34 @@
+{{- define "lib.securityContext" -}}
+{{- if not .Values.workload.securityContext -}}
+# ---------------------------------------------------------------------
+# Using the default security context, if it doesn't work for you,
+# please update `.Values.workload.securityContext`
+# ---------------------------------------------------------------------
+securityContext:
+  runAsUser: 1000
+  runAsGroup: 3000
+  fsGroup: 2000
+  seccompProfile:
+    type: RuntimeDefault
+{{- else -}}
+{{- with .Values.workload.securityContext -}}
+securityContext:
+{{ toYaml . | indent 2 }}
+{{- end }}
+{{- end -}}
+{{- end -}}
+
+{{- define "lib.containerSecurityContext" -}}
+securityContext:
+{{- if  not .securityContext }}
+  runAsUser: 2000
+  allowPrivilegeEscalation: false
+  capabilities:
+    drop:
+      - ALL
+{{- else }}
+{{- with .securityContext }}
+{{ toYaml . | indent 2 }}
+{{- end }}
+{{- end -}}
+{{- end -}}