From 868be42a89793c551666d80b68f54653f7b43703 Mon Sep 17 00:00:00 2001 From: Philippe Vienne Date: Mon, 12 Aug 2024 12:44:39 +0200 Subject: [PATCH] feat: add the common chart --- charts/common/.helmignore | 23 ++ charts/common/Chart.yaml | 6 + charts/common/README.md | 30 +++ charts/common/templates/NOTES.txt | 22 ++ charts/common/templates/_helpers.tpl | 71 ++++++ charts/common/templates/cronjob.yaml | 89 +++++++ charts/common/templates/deployment.yaml | 111 +++++++++ charts/common/templates/hpa.yaml | 32 +++ charts/common/templates/ingress.yaml | 45 ++++ charts/common/templates/jobs.yaml | 77 ++++++ charts/common/templates/networkpolicy.yaml | 27 +++ charts/common/templates/pdb.yaml | 17 ++ .../templates/persistentvolumeclaim.yaml | 28 +++ charts/common/templates/service.yaml | 20 ++ charts/common/templates/serviceaccount.yaml | 10 + .../templates/tests/test-connection.yaml | 21 ++ charts/common/templates/vpa.yaml | 13 + charts/common/values.test.yaml | 187 ++++++++++++++ charts/common/values.yaml | 229 ++++++++++++++++++ 19 files changed, 1058 insertions(+) create mode 100644 charts/common/.helmignore create mode 100644 charts/common/Chart.yaml create mode 100644 charts/common/README.md create mode 100644 charts/common/templates/NOTES.txt create mode 100644 charts/common/templates/_helpers.tpl create mode 100644 charts/common/templates/cronjob.yaml create mode 100644 charts/common/templates/deployment.yaml create mode 100644 charts/common/templates/hpa.yaml create mode 100644 charts/common/templates/ingress.yaml create mode 100644 charts/common/templates/jobs.yaml create mode 100644 charts/common/templates/networkpolicy.yaml create mode 100644 charts/common/templates/pdb.yaml create mode 100644 charts/common/templates/persistentvolumeclaim.yaml create mode 100644 charts/common/templates/service.yaml create mode 100644 charts/common/templates/serviceaccount.yaml create mode 100644 charts/common/templates/tests/test-connection.yaml create mode 100644 charts/common/templates/vpa.yaml create mode 100644 charts/common/values.test.yaml create mode 100644 charts/common/values.yaml diff --git a/charts/common/.helmignore b/charts/common/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/common/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/common/Chart.yaml b/charts/common/Chart.yaml new file mode 100644 index 0000000..45059b4 --- /dev/null +++ b/charts/common/Chart.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +name: common +description: Opinated Helm chart for deploying applications to Kubernetes +type: application +version: 1.0.17 +appVersion: "v0.1.0" diff --git a/charts/common/README.md b/charts/common/README.md new file mode 100644 index 0000000..eba0684 --- /dev/null +++ b/charts/common/README.md @@ -0,0 +1,30 @@ +# Common Helm Chart + +The Common Helm Chart is an opinionated framework for deploying applications to Kubernetes. It provides a standardized structure and configuration options to streamline the deployment process. + +## Features + +- **Modularity**: The Common Helm Chart is designed to be modular, allowing you to easily add or remove components based on your application's requirements. +- **Configuration Management**: It provides a centralized configuration management system, allowing you to easily manage and override application-specific configurations. +- **Scalability**: The Common Helm Chart is built with scalability in mind, enabling you to effortlessly scale your application as your needs evolve. +- **Monitoring and Logging**: It includes built-in support for monitoring and logging, ensuring that you have visibility into the health and performance of your application. +- **Security**: The Common Helm Chart follows best practices for securing your application, including the use of secrets and RBAC (Role-Based Access Control). + +## Getting Started + +To get started with the Common Helm Chart, follow these steps: + +1. Clone the repository: `git clone https://github.com/skyloud/helm-charts.git` +2. Customize the configuration: Modify the values in the `values.yaml` file to match your application's requirements. +3. Deploy the chart: Run `helm install common-chart charts/common` to deploy your application to Kubernetes. + +For more detailed instructions and examples, please refer to the [documentation](https://github.com/skyloud/helm-charts). + +## Contributing + +We welcome contributions from the community! If you have any suggestions, bug reports, or feature requests, please open an issue or submit a pull request on our [GitHub repository](https://github.com/skyloud/helm-charts). + +## License + +The Common Helm Chart is released under the [Apache 2.0 License](https://www.apache.org/licenses/LICENSE-2.0). Please refer to the [LICENSE](https://github.com/skyloud/helm-charts/blob/main/LICENSE.md) file for more information. + diff --git a/charts/common/templates/NOTES.txt b/charts/common/templates/NOTES.txt new file mode 100644 index 0000000..72a19b6 --- /dev/null +++ b/charts/common/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "common.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "common.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "common.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/charts/common/templates/_helpers.tpl b/charts/common/templates/_helpers.tpl new file mode 100644 index 0000000..d26da38 --- /dev/null +++ b/charts/common/templates/_helpers.tpl @@ -0,0 +1,71 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "common.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "common.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "common.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "common.labels" -}} +helm.sh/chart: {{ include "common.chart" . }} +{{ include "common.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "common.selectorLabels" -}} +app.kubernetes.io/name: {{ include "common.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Return the proper Common image +*/}} +{{- define "common.image" -}} +{{- $repositoryName := .Values.image.repository -}} +{{- $separator := ":" -}} +{{- $tag := .Values.image.tag | default .Chart.AppVersion | toString -}} +{{- if .Values.global }} + {{- if .Values.global.image }} + {{- if .Values.global.image.repository }} + {{- $repositoryName = .Values.global.image.repository | toString -}} + {{- end -}} + {{- if .Values.global.image.tag }} + {{- $tag = .Values.global.image.tag | toString -}} + {{- end -}} + {{- end -}} +{{- end -}} +{{- printf "%s%s%s" $repositoryName $separator $tag -}} +{{- end -}} diff --git a/charts/common/templates/cronjob.yaml b/charts/common/templates/cronjob.yaml new file mode 100644 index 0000000..a720a62 --- /dev/null +++ b/charts/common/templates/cronjob.yaml @@ -0,0 +1,89 @@ +{{- $imagePullSecrets := .Values.image.pullSecrets -}} + +{{- range .Values.cronJobs }} +--- +apiVersion: batch/v1 +kind: CronJob +metadata: + name: {{ .name }} +spec: + concurrencyPolicy: {{ .concurrencyPolicy | default "Allow" }} + failedJobsHistoryLimit: {{ .failedJobsHistoryLimit | default 1 }} + schedule: {{ .schedule | quote }} + jobTemplate: + metadata: + name: {{ .name }} + spec: + template: + spec: + containers: + - name: {{ .name }} + imagePullPolicy: {{ .imagePullPolicy | default "IfNotPresent"}} + {{- if and (.image).tag .image.repository }} + image: "{{ .image.repository }}:{{ .image.tag }}" + {{- else }} + image: {{ include "common.image" $ }} + {{- end }} + {{- with .resources }} + resources: + {{- toYaml . | nindent 16 }} + {{- end }} + {{- with .command }} + command: + {{- toYaml . | nindent 16 }} + {{- end }} + {{- with .args }} + args: + {{- toYaml . | nindent 16 }} + {{- end }} + {{- with .env }} + env: + {{- toYaml . | nindent 16 }} + {{- end }} + {{- with .envFrom }} + envFrom: + {{- toYaml . | nindent 16 }} + {{- end }} + {{- with .securityContext }} + securityContext: + {{- toYaml . | nindent 16 }} + {{- end }} + {{- with .volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 16 }} + {{- end }} + {{- with $imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 12 }} + {{- end }} + restartPolicy: {{ .restartPolicy | default "OnFailure" }} + {{- with .podSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .volumes }} + volumes: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .affinity }} + affinity: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .tolerations }} + tolerations: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .priorityClassName }} + priorityClassName: {{ . }} + {{- end }} + {{- with .schedulerName }} + schedulerName: {{ . }} + {{- end }} + terminationGracePeriodSeconds: {{ .terminationGracePeriodSeconds | default 30 }} + backoffLimit: 3 + successfulJobsHistoryLimit: {{ .successfulJobsHistoryLimit | default 2 }} +{{- end }} \ No newline at end of file diff --git a/charts/common/templates/deployment.yaml b/charts/common/templates/deployment.yaml new file mode 100644 index 0000000..893f809 --- /dev/null +++ b/charts/common/templates/deployment.yaml @@ -0,0 +1,111 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + labels: + {{- include "common.labels" . | nindent 4 }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- with .Values.strategy }} + strategy: + {{- toYaml .| nindent 4 }} + {{- end }} + revisionHistoryLimit: {{ .Values.revisionHistoryLimit | default 2 }} + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "common.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "common.selectorLabels" $ | nindent 8 }} + spec: + {{- with .Values.image.pullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "common.fullname" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Values.containerName | default .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: {{ include "common.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- with .Values.env }} + env: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.envFrom }} + envFrom: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.args }} + args: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- if and .Values.service.enabled .Values.containerPort }} + ports: + - name: http + containerPort: {{ .Values.containerPort }} + protocol: {{ .Values.service.protocol }} + {{- end }} + {{- with .Values.livenessProbe }} + livenessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.readinessProbe }} + readinessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.startupProbe }} + startupProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.command }} + command: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.lifecycleHooks }} + lifecycle: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.sidecars }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.volumes }} + volumes: + {{- toYaml .Values.volumes | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.initContainers }} + initContainers: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/common/templates/hpa.yaml b/charts/common/templates/hpa.yaml new file mode 100644 index 0000000..92b7830 --- /dev/null +++ b/charts/common/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "common.fullname" . }} + labels: + {{- include "common.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "common.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/common/templates/ingress.yaml b/charts/common/templates/ingress.yaml new file mode 100644 index 0000000..7bbca4d --- /dev/null +++ b/charts/common/templates/ingress.yaml @@ -0,0 +1,45 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "common.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "common.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.ingress.className }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if .pathType }} + pathType: {{ .pathType }} + {{- end }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/common/templates/jobs.yaml b/charts/common/templates/jobs.yaml new file mode 100644 index 0000000..8978d42 --- /dev/null +++ b/charts/common/templates/jobs.yaml @@ -0,0 +1,77 @@ +{{- $imagePullSecrets := .Values.image.pullSecrets -}} + +{{- range .Values.jobs }} +--- +apiVersion: batch/v1 +kind: Job +metadata: +{{- if .useGenerateName }} + generateName: "{{ .name }}-" +{{- else }} + name: {{ .name }} +{{- end }} +{{- with .annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + template: + spec: + containers: + - name: {{ .name }} + {{- if and (.image).tag .image.repository }} + image: "{{ .image.repository }}:{{ .image.tag }}" + {{- else }} + image: {{ include "common.image" $ }} + {{- end }} + imagePullPolicy: {{ .imagePullPolicy | default "IfNotPresent"}} + {{- with .resources }} + resources: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .command }} + command: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .args }} + args: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .env }} + env: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .envFrom }} + envFrom: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .securityContext }} + securityContext: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- if .imagePullSecrets }} + imagePullSecrets: + {{- toYaml .imagePullSecrets | nindent 6 }} + {{- else }} + {{- with $imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- end }} + restartPolicy: {{ .restartPolicy | default "OnFailure" }} + {{- with .podSecurityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .volumes }} + volumes: + {{- toYaml . | nindent 6 }} + {{- end }} + + terminationGracePeriodSeconds: {{ .terminationGracePeriodSeconds | default 30 }} + backoffLimit: {{ .backoffLimit | default 6 }} +{{- end }} diff --git a/charts/common/templates/networkpolicy.yaml b/charts/common/templates/networkpolicy.yaml new file mode 100644 index 0000000..41f4adb --- /dev/null +++ b/charts/common/templates/networkpolicy.yaml @@ -0,0 +1,27 @@ +{{- if .Values.networkPolicy.enabled }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "common.fullname" . }} + labels: + {{- include "common.labels" . | nindent 4 }} +spec: + podSelector: + matchLabels: + {{- include "common.selectorLabels" . | nindent 6 }} + policyTypes: + {{- if .Values.networkPolicy.ingress.enabled }} + - Ingress + {{- end }} + {{- if .Values.networkPolicy.egress.enabled }} + - Egress + {{- end }} + {{- if .Values.networkPolicy.ingress.enabled }} + ingress: + {{- toYaml .Values.networkPolicy.ingress.content | nindent 4 }} + {{- end }} + {{- if .Values.networkPolicy.egress.enabled }} + egress: + {{- toYaml .Values.networkPolicy.egress.content | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/common/templates/pdb.yaml b/charts/common/templates/pdb.yaml new file mode 100644 index 0000000..f94fc0e --- /dev/null +++ b/charts/common/templates/pdb.yaml @@ -0,0 +1,17 @@ +{{- if .Values.pdb.enabled }} +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ include "common.fullname" $ }} +spec: + {{- if .Values.pdb.minAvailable }} + minAvailable: {{ .Values.pdb.minAvailable }} + {{- end }} + {{- if .Values.pdb.maxUnavailable }} + maxUnavailable: {{ .Values.pdb.maxUnavailable }} + {{- end }} + selector: + matchLabels: + {{- include "common.selectorLabels" $ | nindent 6 }} +{{- end }} + diff --git a/charts/common/templates/persistentvolumeclaim.yaml b/charts/common/templates/persistentvolumeclaim.yaml new file mode 100644 index 0000000..a538299 --- /dev/null +++ b/charts/common/templates/persistentvolumeclaim.yaml @@ -0,0 +1,28 @@ +{{- if and (.Values.persistentVolume.enabled) (not .Values.persistentVolume.existingClaim) -}} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + {{- if .Values.persistentVolume.annotations }} + annotations: +{{ toYaml .Values.persistentVolume.annotations | indent 4 }} + {{- end }} + labels: + {{- include "common.labels" . | nindent 4 }} + name: {{ include "common.fullname" . }} +spec: + accessModes: + {{- toYaml .Values.persistentVolume.accessModes | nindent 4 }} +{{- if .Values.persistentVolume.volumeBindingMode }} + volumeBindingModeName: "{{ .Values.persistentVolume.volumeBindingMode }}" +{{- end }} +{{- if .Values.persistentVolume.storageClass }} +{{- if (eq "-" .Values.persistentVolume.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistentVolume.storageClass }}" +{{- end }} +{{- end }} + resources: + requests: + storage: "{{ .Values.persistentVolume.size }}" +{{- end -}} \ No newline at end of file diff --git a/charts/common/templates/service.yaml b/charts/common/templates/service.yaml new file mode 100644 index 0000000..57fcdb8 --- /dev/null +++ b/charts/common/templates/service.yaml @@ -0,0 +1,20 @@ +{{- if .Values.service.enabled -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.fullname" . }} + labels: + {{- include "common.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: {{ .Values.service.protocol }} + name: http + {{- with .Values.service.extraPorts }} + {{- toYaml . | nindent 4 }} + {{- end }} + selector: + {{- include "common.selectorLabels" . | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/charts/common/templates/serviceaccount.yaml b/charts/common/templates/serviceaccount.yaml new file mode 100644 index 0000000..2d180fc --- /dev/null +++ b/charts/common/templates/serviceaccount.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "common.fullname" . }} + labels: + {{- include "common.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} diff --git a/charts/common/templates/tests/test-connection.yaml b/charts/common/templates/tests/test-connection.yaml new file mode 100644 index 0000000..f35fbee --- /dev/null +++ b/charts/common/templates/tests/test-connection.yaml @@ -0,0 +1,21 @@ +{{- range $key, $val := .Values.services -}} +{{- with $val }} +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "common.fullname" $ }}-{{ $key }}-test-connection" + labels: + {{- include "common.labels" $ | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "common.fullname" $ }}-{{ $key }}:{{ $.Values.service.port }}'] + restartPolicy: Never + +{{- end }} +--- +{{- end -}} diff --git a/charts/common/templates/vpa.yaml b/charts/common/templates/vpa.yaml new file mode 100644 index 0000000..3e66172 --- /dev/null +++ b/charts/common/templates/vpa.yaml @@ -0,0 +1,13 @@ +{{- if .Values.vpaRecommender.enabled }} +apiVersion: "autoscaling.k8s.io/v1" +kind: VerticalPodAutoscaler +metadata: + name: {{ include "common.fullname" . }} +spec: + targetRef: + apiVersion: "apps/v1" + kind: Deployment + name: {{ include "common.fullname" . }} + updatePolicy: + updateMode: "Off" +{{- end }} diff --git a/charts/common/values.test.yaml b/charts/common/values.test.yaml new file mode 100644 index 0000000..d259a2f --- /dev/null +++ b/charts/common/values.test.yaml @@ -0,0 +1,187 @@ +global: + image: + repository: "ubuntu" + tag: "test" + +replicaCount: 1 + +image: + repository: "" + pullPolicy: Always + tag: "" + pullSecrets: [] + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +containerName: "" + +initContainers: [] + +sidecars: [] + +lifecycleHooks: {} + +podAnnotations: {} + +revisionHistoryLimit: 2 + +podSecurityContext: + {} + # fsGroup: 2000 + +securityContext: + {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +networkPolicy: + egress: + enabled: false + content: [] + ingress: + enabled: false + content: [] + +service: + enabled: true + type: ClusterIP + protocol: TCP + port: 80 + +containerPort: 3000 + +ingress: + enabled: false + className: "" + annotations: + {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + [] + # - host: chart-example.local + # paths: + # - path: / + # pathType: Prefix + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 5 + targetCPUUtilizationPercentage: 300 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +livenessProbe: {} + # tcpSocket: + # port: http + # initialDelaySeconds: 10 + # periodSeconds: 30 + # timeoutSeconds: 10 + # successThreshold: 1 + # failureThreshold: 10 +readinessProbe: {} + # httpGet: + # path: /health + # port: http + # initialDelaySeconds: 10 + # periodSeconds: 60 + # timeoutSeconds: 10 + # successThreshold: 1 + # failureThreshold: 10 + +vpaRecommender: + enabled: false + +pdb: + enabled: true + # Optionnal + minAvailable: 1 + # Optionnal + # maxUnavailable: 5 + +env: + - name: APP_ENV + value: test + +envFrom: [] + +command: [] + +args: [] + +volumes: + - name: staging-website-files + secret: + defaultMode: 420 + secretName: staging-website-files + - name: shared-files + emptyDir: {} + - name: nginx-config + configMap: + name: nginx-config + +volumeMounts: + - name: shared-files + mountPath: /usr/share/nginx/html + +cronJobs: + - name: my-cronjob + schedule: "0 0 * * *" + image: # Use global image if not defined + repository: "hello-world" + pullPolicy: Always + concurrencyPolicy: "" + imagePullPolicy: "" + failedJobsHistoryLimit: "" + terminationGracePeriodSeconds: "" + successfulJobsHistoryLimit: "" + restartPolicy: "" + securityContext: + privileged: true + allowPrivilegeEscalation: true + podSecurityContext: + runAsUser: 1000 + runAsGroup: 3000 + fsGroup: 2000 + fsGroupChangePolicy: "OnRootMismatch" + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + command: + - "hello command" + args: + - "hello args" + env: + - name: "MYVAR" + value: "my-value" + envFrom: + - secretRef: + name: "my-secret" diff --git a/charts/common/values.yaml b/charts/common/values.yaml new file mode 100644 index 0000000..c986843 --- /dev/null +++ b/charts/common/values.yaml @@ -0,0 +1,229 @@ +# global: +# image: +# repository: "" +# tag: "" + +replicaCount: 1 + +image: + repository: "" + pullPolicy: Always + tag: "" + pullSecrets: [] + +nameOverride: "" +fullnameOverride: "" + +containerName: "" + +initContainers: [] + +sidecars: [] + +lifecycleHooks: {} + +annotations: {} + +podAnnotations: {} + +revisionHistoryLimit: 2 + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + + + # strategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxUnavailable: 0 + # maxSurge: 1 + + +networkPolicy: + egress: + enabled: false + content: [] + ingress: + enabled: false + content: [] + +service: + enabled: true + type: ClusterIP + protocol: TCP + port: 80 + extraPorts: [] +# - port: 8080 +# targetPort: 8080 +# protocol: TCP +# name: admin + +containerPort: 3000 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: [] + # - host: chart-example.local + # paths: + # - path: / + # pathType: Prefix + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +persistentVolume: + enabled: false + accessModes: + - ReadWriteOnce + existingClaim: "" + size: 10Gi + storageClass: "" + subPath: "" + volumeBindingMode: "" + annotations: {} + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 5 + targetCPUUtilizationPercentage: 300 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +livenessProbe: {} + # tcpSocket: + # port: http + # initialDelaySeconds: 10 + # periodSeconds: 30 + # timeoutSeconds: 10 + # successThreshold: 1 + # failureThreshold: 10 + +readinessProbe: {} + # httpGet: + # path: /health + # port: http + # initialDelaySeconds: 10 + # periodSeconds: 60 + # timeoutSeconds: 10 + # successThreshold: 1 + # failureThreshold: 10 + +startupProbe: {} + # httpGet: + # path: /health + # port: http + # initialDelaySeconds: 10 + # periodSeconds: 60 + # timeoutSeconds: 10 + # successThreshold: 1 + # failureThreshold: 10 + +vpaRecommender: + enabled: false + +pdb: + enabled: false + # Optionnal + minAvailable: 1 + # Optionnal + # maxUnavailable: 5 + +env: [] + +envFrom: [] + +command: [] + +args: [] + +volumes: [] + +volumeMounts: [] + +serviceAccount: + annotations: {} + +cronJobs: [] + # - name: my-cronjob + # schedule: "0 0 * * *" + # image: # Use global image if not defined + # repository: "hello-world" + # pullPolicy: Always + # tag: "latest" + # concurrencyPolicy: "" + # imagePullPolicy: "" + # failedJobsHistoryLimit: "" + # terminationGracePeriodSeconds: "" + # successfulJobsHistoryLimit: "" + # restartPolicy: "" + # resources: + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + # command: + # - "hello world" + # args: + # - "hello world" + # env: + # - name: "MYVAR" + # values: "my-value" + # envFrom: + # - secretRef: + # name: "my-secret" + # affinity: {} + # nodeSelector: {} + # tolerations: [] + # priorityClassName: "" + # schedulerName: "" + +jobs: + # - name: my-job + # useGenerateName: false # If true create a job with a generateName with a "-" instead of name. + # annotations: {} + # image: # Use global image if not defined + # repository: "" + # tag: "" + # imagePullPolicy: "" + # imagePullSecrets: [] # Use global imagePullSecrets if not defined + # terminationGracePeriodSeconds: 30 + # restartPolicy: "" + # backoffLimit: 6 + # resources: {} + # command: [] + # args: [] + # env: [] + # envFrom: [] + # volumeMounts: [] + # volumes: [] + # securityContext: {} + # podSecurityContext: {} \ No newline at end of file