helm/minimal-test
2
0
Fork 0
Code Issues Pull Requests Actions Packages Releases Activity

Created test chart
Some checks failed
Upload Helm Chart / Explore-Gitea-Actions (push) Failing after 2s
Details

Browse Source
This commit is contained in:
Lars
2024-01-22 12:15:02 +01:00
parent 65757f6f24
commit 0ceead288a
9 changed files with 13 additions and 322 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.gitea/workflows/upload-helm.yml
View File

@@ -21,5 +21,5 @@ jobs:
run: |
curl --request POST \
--user ${{ secrets.HELM_PKG_UPLOAD_USER }}:${{ secrets.HELM_PKG_UPLOAD_PASS }} \
--form "chart=@umbraco-${HELM_CHART_VERSION}.tgz" \
--form "chart=@*-${HELM_CHART_VERSION}.tgz" \
https://git.cloudyne.io/api/packages/helm/helm/api/charts

6
Chart/Chart.yaml
View File

@@ -1,5 +1,5 @@
apiVersion: "v2"
name: "umbraco"
description: "Umbraco sites on Azure hosting"
version: "0.1.0"
name: "minimal-test"
description: "Minimal test helm chart"
version: "1.0.0"
appVersion: "1.0.0"

44
Chart/templates/_helpers.tpl
View File

@@ -3,28 +3,13 @@ Define the application name and fullname
*/}}
{{- define "..name" -}}
{{- .Values.site.name | trunc 63 }}
{{- .Chart.Name | trunc 63 }}
{{- end }}
{{- define "..fullname" -}}
{{ include "..name" . }}
{{- end }}
{{- define "..domains" }}
- {{ .Values.site.primaryDomain }}
{{- if .Values.site.additionalDomains }}{{ .Values.site.additionalDomains | toYaml }}{{- end }}
{{- end }}
{{- define "..resourcelimits" -}}
resources:
limits:
cpu: {{ .Values.site.resources.cpu.peak }}
memory: {{ .Values.site.resources.mem.peak }}
requests:
cpu: {{ .Values.site.resources.cpu.avg }}
memory: {{ .Values.site.resources.mem.avg }}
{{- end }}
{{/*
Define the chart name and version
*/}}
@@ -42,31 +27,4 @@ app.kubernetes.io/name: {{ include "..name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
cloudyne.systems/customer: {{ .Values.customer.legalName | replace " " "-" | replace "," "" | trunc 63 | trimSuffix "-" | quote }}
cloudyne.systems/customer-legal-id: '{{ .Values.customer.legalId }}'
cloudyne.systems/site: {{ .Values.site.primaryDomain | quote }}
{{- end }}
{{- define "..selector-labels" -}}
cloudyne.systems/customer: {{ .Values.customer.legalName | replace " " "-" | replace "," "" | trunc 63 | trimSuffix "-" | quote }}
cloudyne.systems/site: {{ .Values.site.primaryDomain | quote }}
cloudyne.systems/component: site
{{- end }}
{{- define "..affinity-labels" -}}
podAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: cloudyne.systems/customer
operator: In
values:
- {{ .Values.customer.legalName | replace " " "-" | replace "," "" | trunc 63 | trimSuffix "-" | quote }}
- key: cloudyne.systems/site
operator: In
values:
- {{ .Values.site.domain | quote }}
- key: cloudyne.systems/component
operator: In
values:
- "site"
topologyKey: kubernetes.io/hostname
{{- end }}

70
Chart/templates/deployment.yaml
View File

@@ -1,70 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
{{ include "..labels" . | nindent 4 }}
name: {{ include "..fullname" . }}
spec:
replicas: 1
selector:
matchLabels:
{{ include "..selector-labels" . | nindent 6 }}
template:
metadata:
labels:
{{ include "..selector-labels" . | nindent 8 }}
spec:
containers:
- name: umbraco
env:
- name: DOTNET_SYSTEM_GLOBALIZATION_INVARIANT
value: 'false'
envFrom:
{{- range $sec := .Values.secrets }}
{{- if eq $sec.type "env"}}
- secretRef:
name: {{ include "..fullname" $ }}-{{ $sec.name }}
{{- end }}
{{- end }}
{{- range $esec := .Values.externalSecrets }}
{{- if eq $esec.type "env"}}
- secretRef:
name: {{ include "..fullname" $ }}-exts-{{ $esec.name }}
{{- end }}
{{- end }}
{{- range $cfgm := .Values.configMaps }}
{{- if eq $cfgm.type "env"}}
- configMapRef:
name: {{ include "..fullname" $ }}-{{ $cfgm.name }}
{{- end }}
{{- end }}
image: {{ .Values.site.image }}
imagePullPolicy: Always
imagePullSecrets:
{{ range $secret := .Values.secrets }}
{{- if eq $secret.type "docker" }}
- name: {{ $secret.name }}
{{- end }}
{{- end }}
{{- range $esecret := .Values.externalSecrets }}
{{- if eq $esecret.type "docker" }}
- name: {{ include "..fullname" $ }}-exts-{{ $esecret.name }}
{{- end }}
{{- end }}
ports:
- containerPort: 8123
name: http
protocol: TCP
resources:
limits:
cpu: {{ .Values.site.resources.cpu.peak | default "1000m" }}
memory: {{ .Values.site.resources.mem.peak | default "512Mi" }}
requests:
cpu: {{ .Values.site.resources.cpu.min | default "100m" }}
memory: {{ .Values.site.resources.mem.min | default "256Mi" }}
securityContext:
allowPrivilegeEscalation: false
runAsUser: 0
dnsPolicy: ClusterFirst
restartPolicy: Always

37
Chart/templates/externalsecret.yaml
View File

@@ -1,37 +0,0 @@
{{- if and .Values.externalSecrets }}
{{- range .Values.externalSecrets }}
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: {{ include "..fullname" $ }}-{{ .name }}
labels:
{{- include "..labels" $ | nindent 4 }}
spec:
refreshInterval: {{ .refreshInterval | default "10h" }}
secretStoreRef:
{{- if .ref.clusterSecretStore }}
kind: ClusterSecretStore
name: {{ .ref.clusterSecretStore }}
{{- else }}
kind: SecretStore
name: {{ .ref.secretStore }}
namespace: {{ .ref.secretStoreNamespace }}
{{- end }}
target:
name: {{ include "..fullname" $ }}-exts-{{ .name }}
template:
{{- if eq .type "docker"}}
type: kubernetes.io/dockerconfigjson
{{- end }}
metadata:
labels:
app.kubernetes.io/managed-by: External-Secrets
data:
{{- range $v := .items }}
- secretKey: {{ $v.target }}
remoteRef:
key: {{ $v.source }}
{{- end }}
{{- end }}
{{- end }}

43
Chart/templates/ingress.yaml
View File

@@ -1,43 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
cert-manager.io/cluster-issuer: {{ .Values.site.certificateIssuer | default "zssl-production" }}
labels: {{- include "..labels" . | nindent 4 }}
name: {{ include "..fullname" . }}
spec:
ingressClassName: nginx
rules:
- host: {{ .Values.site.primaryDomain }}
http:
paths:
- backend:
service:
name: {{ include "..fullname" . }}
port:
number: 8123
path: /
pathType: Prefix
{{- if .Values.site.additionalDomains }}
{{- range $domain := .Values.site.additionalDomains }}
- host: {{ $domain }}
http:
paths:
- backend:
service:
name: {{ include "..fullname" $ }}
port:
number: 8123
path: /
pathType: Prefix
{{- end }}
{{- end }}
tls:
- hosts:
- {{ .Values.site.primaryDomain }}
{{- if .Values.site.additionalDomains }}
{{- range $domain := .Values.site.additionalDomains }}
- {{ $domain }}
{{- end }}
{{- end }}
secretName: tls-{{ include "..fullname" . }}

18
Chart/templates/secret.yaml
View File

@@ -1,20 +1,10 @@
{{- if .Values.secrets }}
{{- range $sec := .Values.secrets }}
---
apiVersion: v1
kind: Secret
{{- if or (eq $sec.type "env") (eq $sec.type "file") }}
type: Opaque
{{- else if eq $sec.type "docker" }}
type: kubernetes.io/dockerconfigjson
{{- end }}
metadata:
name: {{ include "..fullname" $ }}-{{ $sec.name }}
name: {{ include "..fullname" . }}
labels:
{{- include "..labels" $ | nindent 4 }}
data:
{{- range $item := $sec.values }}
{{ $item.name }}: {{ $item.value | b64enc | quote }}
{{- end }}
{{- end }}
{{- end }}
{{- include "..labels" . | nindent 4 }}
stringData:
{{- toYaml .Values.secretContents | nindent 2 }}

13
Chart/templates/service.yaml
View File

@@ -1,13 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "..fullname" . }}
spec:
internalTrafficPolicy: Cluster
ports:
- port: 8123
protocol: TCP
targetPort: 8123
selector: {{ include "..selector-labels" . | nindent 4 }}
sessionAffinity: None
type: ClusterIP

100
Chart/values.yaml
View File

@@ -1,97 +1,3 @@
customer:
name: "customer-name"
legalName: "Customer Name Ltd"
legalId: "123456-7890"
timezone: "Europe/Stockholm"
site:
name: "site-name"
primaryDomain: "primarydomain.com"
additionalDomains:
- "additionaldomain.com"
image: "image:tag"
certificateIssuer: "zssl-production"
resources:
cpu:
peak: 1000m
avg: 500m
mem:
peak: 1Gi
avg: 500Mi
storage: 10Gi
secrets:
- name: "test-secret"
type: "env"
values:
- name: "ABC_TEST"
value: "123"
- name: "DEF_TEST"
value: |
Hello World
- name: "test-file"
type: "file"
values:
- name: "test-file.txt"
path: "/tmp/test-file.txt"
value: |
Hello World
- name: "test-docker"
type: "docker"
values:
- name: ".dockerconfigjson"
value: |
{
"auths": {
"https://index.docker.io/v1/": {
"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="
}
}
}
configMaps:
- name: "test-configmap"
type: "file"
values:
- name: "test-configmap.txt"
path: "/tmp/test-configmap.txt"
value: |
Hello World
- name: "test-env"
type: "env"
values:
- name: "ABC_TEST"
value: "123"
- name: "DEF_TEST"
value: |
Hello World
externalSecrets:
- name: "ex-gl-secret"
type: "env"
ref:
secretStore: ""
clusterSecretStore: "az-cluster-store"
target: "global-secrets"
items:
- source: secret/SMTP-USER
target: SMTP_USER
- source: secret/SMTP-PASSWORD
target: SMTP_PASS
- source: secret/SMTP-HOST
target: SMTP_HOST
- name: "ex-pull-secret"
type: "docker"
ref:
secretStore: ""
secretStoreNamespace: ""
clusterSecretStore: "az-cluster-store"
target: "pull-secret"
items:
- source: secret/PULL-TOKEN
target: dockerconfigjson
secretContents:
HELLO: world
GOODBYE: space