diff --git a/.gitea/workflows/upload-helm.yml b/.gitea/workflows/upload-helm.yml index c0e4a7f..e9dad00 100644 --- a/.gitea/workflows/upload-helm.yml +++ b/.gitea/workflows/upload-helm.yml @@ -21,5 +21,5 @@ jobs: run: | curl --request POST \ --user ${{ secrets.HELM_PKG_UPLOAD_USER }}:${{ secrets.HELM_PKG_UPLOAD_PASS }} \ - --form "chart=@umbraco-${HELM_CHART_VERSION}.tgz" \ - https://git.cloudyne.io/api/packages/helm/helm/api/charts \ No newline at end of file + --form "chart=@*-${HELM_CHART_VERSION}.tgz" \ + https://git.cloudyne.io/api/packages/helm/helm/api/charts diff --git a/Chart/Chart.yaml b/Chart/Chart.yaml index 5b71148..370b5cd 100644 --- a/Chart/Chart.yaml +++ b/Chart/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: "v2" -name: "umbraco" -description: "Umbraco sites on Azure hosting" -version: "0.1.0" +name: "minimal-test" +description: "Minimal test helm chart" +version: "1.0.0" appVersion: "1.0.0" diff --git a/Chart/templates/_helpers.tpl b/Chart/templates/_helpers.tpl index cae9752..8729ee4 100644 --- a/Chart/templates/_helpers.tpl +++ b/Chart/templates/_helpers.tpl @@ -3,28 +3,13 @@ Define the application name and fullname */}} {{- define "..name" -}} -{{- .Values.site.name | trunc 63 }} +{{- .Chart.Name | trunc 63 }} {{- end }} {{- define "..fullname" -}} {{ include "..name" . }} {{- end }} -{{- define "..domains" }} -- {{ .Values.site.primaryDomain }} -{{- if .Values.site.additionalDomains }}{{ .Values.site.additionalDomains | toYaml }}{{- end }} -{{- end }} - -{{- define "..resourcelimits" -}} -resources: - limits: - cpu: {{ .Values.site.resources.cpu.peak }} - memory: {{ .Values.site.resources.mem.peak }} - requests: - cpu: {{ .Values.site.resources.cpu.avg }} - memory: {{ .Values.site.resources.mem.avg }} -{{- end }} - {{/* Define the chart name and version */}} @@ -42,31 +27,4 @@ app.kubernetes.io/name: {{ include "..name" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} app.kubernetes.io/managed-by: {{ .Release.Service }} -cloudyne.systems/customer: {{ .Values.customer.legalName | replace " " "-" | replace "," "" | trunc 63 | trimSuffix "-" | quote }} -cloudyne.systems/customer-legal-id: '{{ .Values.customer.legalId }}' -cloudyne.systems/site: {{ .Values.site.primaryDomain | quote }} {{- end }} -{{- define "..selector-labels" -}} -cloudyne.systems/customer: {{ .Values.customer.legalName | replace " " "-" | replace "," "" | trunc 63 | trimSuffix "-" | quote }} -cloudyne.systems/site: {{ .Values.site.primaryDomain | quote }} -cloudyne.systems/component: site -{{- end }} -{{- define "..affinity-labels" -}} -podAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: cloudyne.systems/customer - operator: In - values: - - {{ .Values.customer.legalName | replace " " "-" | replace "," "" | trunc 63 | trimSuffix "-" | quote }} - - key: cloudyne.systems/site - operator: In - values: - - {{ .Values.site.domain | quote }} - - key: cloudyne.systems/component - operator: In - values: - - "site" - topologyKey: kubernetes.io/hostname -{{- end }} \ No newline at end of file diff --git a/Chart/templates/deployment.yaml b/Chart/templates/deployment.yaml deleted file mode 100644 index 475f9f0..0000000 --- a/Chart/templates/deployment.yaml +++ /dev/null @@ -1,70 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - {{ include "..labels" . | nindent 4 }} - name: {{ include "..fullname" . }} -spec: - replicas: 1 - selector: - matchLabels: - {{ include "..selector-labels" . | nindent 6 }} - template: - metadata: - labels: - {{ include "..selector-labels" . | nindent 8 }} - spec: - containers: - - name: umbraco - env: - - name: DOTNET_SYSTEM_GLOBALIZATION_INVARIANT - value: 'false' - envFrom: - {{- range $sec := .Values.secrets }} - {{- if eq $sec.type "env"}} - - secretRef: - name: {{ include "..fullname" $ }}-{{ $sec.name }} - {{- end }} - {{- end }} - {{- range $esec := .Values.externalSecrets }} - {{- if eq $esec.type "env"}} - - secretRef: - name: {{ include "..fullname" $ }}-exts-{{ $esec.name }} - {{- end }} - {{- end }} - {{- range $cfgm := .Values.configMaps }} - {{- if eq $cfgm.type "env"}} - - configMapRef: - name: {{ include "..fullname" $ }}-{{ $cfgm.name }} - {{- end }} - {{- end }} - image: {{ .Values.site.image }} - imagePullPolicy: Always - imagePullSecrets: - {{ range $secret := .Values.secrets }} - {{- if eq $secret.type "docker" }} - - name: {{ $secret.name }} - {{- end }} - {{- end }} - {{- range $esecret := .Values.externalSecrets }} - {{- if eq $esecret.type "docker" }} - - name: {{ include "..fullname" $ }}-exts-{{ $esecret.name }} - {{- end }} - {{- end }} - ports: - - containerPort: 8123 - name: http - protocol: TCP - resources: - limits: - cpu: {{ .Values.site.resources.cpu.peak | default "1000m" }} - memory: {{ .Values.site.resources.mem.peak | default "512Mi" }} - requests: - cpu: {{ .Values.site.resources.cpu.min | default "100m" }} - memory: {{ .Values.site.resources.mem.min | default "256Mi" }} - securityContext: - allowPrivilegeEscalation: false - runAsUser: 0 - dnsPolicy: ClusterFirst - restartPolicy: Always - diff --git a/Chart/templates/externalsecret.yaml b/Chart/templates/externalsecret.yaml deleted file mode 100644 index 53a851a..0000000 --- a/Chart/templates/externalsecret.yaml +++ /dev/null @@ -1,37 +0,0 @@ -{{- if and .Values.externalSecrets }} - {{- range .Values.externalSecrets }} ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: {{ include "..fullname" $ }}-{{ .name }} - labels: - {{- include "..labels" $ | nindent 4 }} -spec: - refreshInterval: {{ .refreshInterval | default "10h" }} - secretStoreRef: - {{- if .ref.clusterSecretStore }} - kind: ClusterSecretStore - name: {{ .ref.clusterSecretStore }} - {{- else }} - kind: SecretStore - name: {{ .ref.secretStore }} - namespace: {{ .ref.secretStoreNamespace }} - {{- end }} - target: - name: {{ include "..fullname" $ }}-exts-{{ .name }} - template: - {{- if eq .type "docker"}} - type: kubernetes.io/dockerconfigjson - {{- end }} - metadata: - labels: - app.kubernetes.io/managed-by: External-Secrets - data: - {{- range $v := .items }} - - secretKey: {{ $v.target }} - remoteRef: - key: {{ $v.source }} - {{- end }} - {{- end }} -{{- end }} diff --git a/Chart/templates/ingress.yaml b/Chart/templates/ingress.yaml deleted file mode 100644 index a3f8913..0000000 --- a/Chart/templates/ingress.yaml +++ /dev/null @@ -1,43 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - cert-manager.io/cluster-issuer: {{ .Values.site.certificateIssuer | default "zssl-production" }} - labels: {{- include "..labels" . | nindent 4 }} - name: {{ include "..fullname" . }} -spec: - ingressClassName: nginx - rules: - - host: {{ .Values.site.primaryDomain }} - http: - paths: - - backend: - service: - name: {{ include "..fullname" . }} - port: - number: 8123 - path: / - pathType: Prefix - {{- if .Values.site.additionalDomains }} - {{- range $domain := .Values.site.additionalDomains }} - - host: {{ $domain }} - http: - paths: - - backend: - service: - name: {{ include "..fullname" $ }} - port: - number: 8123 - path: / - pathType: Prefix - {{- end }} - {{- end }} - tls: - - hosts: - - {{ .Values.site.primaryDomain }} - {{- if .Values.site.additionalDomains }} - {{- range $domain := .Values.site.additionalDomains }} - - {{ $domain }} - {{- end }} - {{- end }} - secretName: tls-{{ include "..fullname" . }} diff --git a/Chart/templates/secret.yaml b/Chart/templates/secret.yaml index 2859d8c..7a13cc8 100644 --- a/Chart/templates/secret.yaml +++ b/Chart/templates/secret.yaml @@ -1,20 +1,10 @@ -{{- if .Values.secrets }} - {{- range $sec := .Values.secrets }} --- apiVersion: v1 kind: Secret -{{- if or (eq $sec.type "env") (eq $sec.type "file") }} type: Opaque -{{- else if eq $sec.type "docker" }} -type: kubernetes.io/dockerconfigjson -{{- end }} metadata: - name: {{ include "..fullname" $ }}-{{ $sec.name }} + name: {{ include "..fullname" . }} labels: - {{- include "..labels" $ | nindent 4 }} -data: - {{- range $item := $sec.values }} - {{ $item.name }}: {{ $item.value | b64enc | quote }} - {{- end }} - {{- end }} -{{- end }} \ No newline at end of file + {{- include "..labels" . | nindent 4 }} +stringData: +{{- toYaml .Values.secretContents | nindent 2 }} diff --git a/Chart/templates/service.yaml b/Chart/templates/service.yaml deleted file mode 100644 index f93a78a..0000000 --- a/Chart/templates/service.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "..fullname" . }} -spec: - internalTrafficPolicy: Cluster - ports: - - port: 8123 - protocol: TCP - targetPort: 8123 - selector: {{ include "..selector-labels" . | nindent 4 }} - sessionAffinity: None - type: ClusterIP diff --git a/Chart/values.yaml b/Chart/values.yaml index a10cbb0..0d626ef 100644 --- a/Chart/values.yaml +++ b/Chart/values.yaml @@ -1,97 +1,3 @@ -customer: - name: "customer-name" - legalName: "Customer Name Ltd" - legalId: "123456-7890" - timezone: "Europe/Stockholm" - -site: - name: "site-name" - primaryDomain: "primarydomain.com" - - additionalDomains: - - "additionaldomain.com" - - image: "image:tag" - - certificateIssuer: "zssl-production" - - resources: - cpu: - peak: 1000m - avg: 500m - mem: - peak: 1Gi - avg: 500Mi - storage: 10Gi - -secrets: - - name: "test-secret" - type: "env" - values: - - name: "ABC_TEST" - value: "123" - - name: "DEF_TEST" - value: | - Hello World - - name: "test-file" - type: "file" - values: - - name: "test-file.txt" - path: "/tmp/test-file.txt" - value: | - Hello World - - name: "test-docker" - type: "docker" - values: - - name: ".dockerconfigjson" - value: | - { - "auths": { - "https://index.docker.io/v1/": { - "auth": "dXNlcm5hbWU6cGFzc3dvcmQ=" - } - } - } - -configMaps: - - name: "test-configmap" - type: "file" - values: - - name: "test-configmap.txt" - path: "/tmp/test-configmap.txt" - value: | - Hello World - - name: "test-env" - type: "env" - values: - - name: "ABC_TEST" - value: "123" - - name: "DEF_TEST" - value: | - Hello World - -externalSecrets: - - name: "ex-gl-secret" - type: "env" - ref: - secretStore: "" - clusterSecretStore: "az-cluster-store" - target: "global-secrets" - items: - - source: secret/SMTP-USER - target: SMTP_USER - - source: secret/SMTP-PASSWORD - target: SMTP_PASS - - source: secret/SMTP-HOST - target: SMTP_HOST - - name: "ex-pull-secret" - type: "docker" - ref: - secretStore: "" - secretStoreNamespace: "" - clusterSecretStore: "az-cluster-store" - target: "pull-secret" - items: - - source: secret/PULL-TOKEN - target: dockerconfigjson - \ No newline at end of file +secretContents: + HELLO: world + GOODBYE: space