From d52444b21cb26e443284508a7c744adb2871fb37 Mon Sep 17 00:00:00 2001
From: Jonas Forsberg <jonas.m.forsberg@advania.se>
Date: Fri, 18 Oct 2024 07:56:18 +0200
Subject: [PATCH] secrets/configmaps added

---
 templates/_all.tpl         |  13 ++++-
 templates/_helpers.tpl     |  55 +++++++++++++++++-
 templates/_ingress.tpl     |  12 ++--
 templates/_statefulset.tpl |   2 +
 values.yaml                | 111 +++++++++++++++++++++----------------
 5 files changed, 135 insertions(+), 58 deletions(-)

diff --git a/templates/_all.tpl b/templates/_all.tpl
index 258fb93..7686a5b 100644
--- a/templates/_all.tpl
+++ b/templates/_all.tpl
@@ -4,11 +4,18 @@ Main entrypoint for the common library chart. It will render all underlying temp
 {{- define "lib.all" -}}
   {{- include "lib.values.setup" . }}
   {{- if .Values.serviceAccount.create -}}
-  {{- include "lib.serviceaccount" .  | nindent 0 }}
+    {{- include "lib.serviceaccount" .  | nindent 0 }}
+  {{- end -}}
+  {{- if .Values.ingress.enabled -}}
+    {{- include "lib.ingress" . | nindent 0}}
   {{- end -}}
   {{ include "lib.service" . | nindent 0 }}
-  {{ if eq .Values.controller.type "statefulset" }}
-  {{- include "lib.statefulset" . | nindent 0}}
+  {{ include "lib.secrets" . | nindent 0 }}
+  {{ include "lib.configs" . | nindent 0 }}
+  {{ if .Values.controller.enabled }}
+    {{ if eq .Values.controller.type "statefulset" }}
+      {{- include "lib.statefulset" . | nindent 0}}
+    {{- end -}}
   {{- end -}}
 {{- end -}}
 
diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl
index 55b9640..36b68df 100644
--- a/templates/_helpers.tpl
+++ b/templates/_helpers.tpl
@@ -61,7 +61,9 @@ Create the name of the service account to use
 {{- end }}
 {{- end }}
 
-{{/* Merge the local chart values and the library chart defaults */}}
+{{/* 
+Merge the local chart values and the library chart defaults 
+*/}}
 {{- define "lib.values.setup" -}}
   {{- if .Values.lib -}}
     {{- $defaultValues := deepCopy .Values.lib -}}
@@ -70,3 +72,54 @@ Create the name of the service account to use
     {{- $_ := set . "Values" (deepCopy $mergedValues) -}}
   {{- end -}}
 {{- end -}}
+
+{{/* 
+Get all environment variables and
+secrets that should be mounted as environment variables
+*/}}
+{{- define "lib.environmentVariables" -}}
+{{- $envIncluded := "false" -}}
+{{- $fullName := include "lib.fullname" . -}}
+{{- range $name, $settings := .Values.secrets -}}
+{{- if $settings.enabled -}}
+{{- if $settings.env -}}
+{{- $envIncluded := "true" -}}
+{{- range $key, $value := $settings.data }}
+- name: {{ $key }}
+  valueFrom:
+    secretKeyRef:
+      name: {{ $fullName }}-{{ $name }}
+      key: {{ $key }}
+{{- end -}}
+{{- range $key, $value := $settings.stringData }}
+- name: {{ $key }}
+  valueFrom:
+    secretKeyRef:
+      name: {{ $fullName }}-{{ $name }}
+      key: {{ $key }}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- range $name, $settings := .Values.configs -}}
+{{- if $settings.enabled -}}
+{{- if $settings.env -}}
+{{- $envIncluded := "true" -}}
+{{- range $key, $value := $settings.data }}
+- name: {{ $key }}
+  valueFrom:
+    configMapKeyRef:
+      name: {{ $fullName }}-{{ $name }}
+      key: {{ $key }}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- if $envIncluded = "true" -}}
+  {{- if .Values.env -}}
+    {{- toYaml .Values.env | nindent 0 -}}
+  {{- end -}}
+{{- else -}}
+  {{- toYaml .Values.env | nindent 0 -}}
+{{- end -}}
+{{- end -}}
\ No newline at end of file
diff --git a/templates/_ingress.tpl b/templates/_ingress.tpl
index f2ea24e..0f1f9a5 100644
--- a/templates/_ingress.tpl
+++ b/templates/_ingress.tpl
@@ -1,7 +1,7 @@
-{{- if .Values.ingress.enabled -}}
+{{ define "lib.ingress" }}
 {{- $fullName := include "lib.fullname" . -}}
-{{- $svcName := .Values.ingress.service -}}
 {{- $svcPort := .Values.ingress.servicePort -}}
+{{- $svcName := .Values.ingress.service -}}
 {{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
   {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
   {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
@@ -17,9 +17,11 @@ apiVersion: extensions/v1beta1
 kind: Ingress
 metadata:
   name: {{ $fullName }}
+  namespace: {{ .Values.namespace }}
   labels:
     {{- include "lib.labels" . | nindent 4 }}
-  {{- with .Values.ingress.annotations }}
+  {{- with .Values.ingressingresstservicePort }}
+  {{- $svcName := .Values.ingress.service -}}
   annotations:
     {{- toYaml . | nindent 4 }}
   {{- end }}
@@ -50,11 +52,11 @@ spec:
             backend:
               {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
               service:
-                name: {{ $fullName }}
+                name: {{ $fullName }}-${{ $svcName }}
                 port:
                   number: {{ $svcPort }}
               {{- else }}
-              serviceName: {{ $fullName }}
+              serviceName: {{ $fullName }}-${{ $svcName }}
               servicePort: {{ $svcPort }}
               {{- end }}
           {{- end }}
diff --git a/templates/_statefulset.tpl b/templates/_statefulset.tpl
index 01ab70a..d1b762c 100644
--- a/templates/_statefulset.tpl
+++ b/templates/_statefulset.tpl
@@ -50,6 +50,8 @@ spec:
           {{- end -}}
           {{- end -}}
           {{- end }}
+          env:
+            {{- include "lib.environmentVariables" . | default "{}" | nindent 12 }}
           livenessProbe:
             {{- toYaml .Values.livenessProbe | nindent 12 }}
           readinessProbe:
diff --git a/values.yaml b/values.yaml
index bdc3f7d..99bd303 100644
--- a/values.yaml
+++ b/values.yaml
@@ -1,54 +1,28 @@
 ---
-# Namespace to deploy to, if not set it targets default namespace
 namespace: default
-
 controller:
   # -- enable the controller
   enabled: true
   # type of controller
   # valid options are deployment, statefulset, job
   type: deployment
-  annotations: {}
-  labels: {}
   replicas: 1
-  podSecurityContext: {}
-  securityContext: {}
-    # capabilities:
-    #   drop:
-    #   - ALL
-    # readOnlyRootFilesystem: true
-    # runAsNonRoot: true
-  # runAsUser: 1000
 
 image:
-  repository: 
+  repository:
   pullPolicy:
   # Overrides the image tag whose default is the chart appVersion.
   tag: ""
 
-imagePullSecrets: []
-nameOverride: ""
 fullnameOverride: ""
 
-serviceAccount:
-  # Specifies whether a service account should be created
-  create: true
-  # Automatically mount a ServiceAccount's API credentials?
-  automount: true
-  # Annotations to add to the service account
-  annotations: {}
-  # The name of the service account to use.
-  # If not set and create is true, a name is generated using the fullname template
-  name: ""
-
-
 service:
   main:
-    enabled: false
+    enabled: true
     type: ClusterIP
     annotations: {}
     labels: {}
-    ports: {}
+    ports:
 #      http:
 #        # -- Enables or disables the port
 #        enabled: false#
@@ -68,29 +42,30 @@ service:
 #
 #        # -- Specify the nodePort value for the LoadBalancer and NodePort service types.
 #        # [[ref]](https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport)
-#        nodePort:    
-
+#        nodePort:
 
 ingress:
-  main:
-    enabled: false
-    className: ""
-    annotations: {}
-      # kubernetes.io/ingress.class: nginx
-      # kubernetes.io/tls-acme: "true"
-    service: main
-    servicePort: 80
-    hosts:
-      - host: chart-example.local
-        paths:
-          - path: /
-            pathType: ImplementationSpecific
-    tls: []
-    #  - secretName: chart-example-tls
-    #    hosts:
-    #      - chart-example.local
+  enabled: false
+  service: main
+  #Service to target
+  servicePort: 80
+  className: ""
+  annotations:
+    {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  hosts:
+    - host: chart-example.local
+      paths:
+        - path: /
+          pathType: ImplementationSpecific
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local
 
-resources: {}
+resources:
+  {}
   # We usually recommend not to specify default resources and to leave this as a conscious
   # choice for the user. This also increases chances charts run on environments with little
   # resources, such as Minikube. If you do want to specify resources, uncomment the following
@@ -109,6 +84,29 @@ autoscaling:
   targetCPUUtilizationPercentage: 80
   # targetMemoryUtilizationPercentage: 80
 
+# Secrets that needs to be created
+secrets: {}
+# secrets:
+#   <name>: 
+#     type:     #default Opaque
+#     annotations: {}
+#     labels: {}
+#     env: false #should template load each key in the seacret as 
+#     data:
+#        KEY: VALUE
+
+# ConfigMaps that needs to be created
+configs: {}
+# configs:
+#   <name>: 
+#     annotations: {}
+#     labels: {}
+#     env: false #should template load each key in the seacret as 
+#     data:
+#        KEY: VALUE
+
+env: {}
+
 # Additional volumes on the output Deployment definition.
 volumes: []
 # - name: foo
@@ -122,6 +120,21 @@ volumeMounts: []
 #   mountPath: "/etc/foo"
 #   readOnly: true
 
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: true
+  # Automatically mount a ServiceAccount's API credentials?
+  automount: true
+  # Annotations to add to the service account
+  annotations: {}
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: ""
+
+livenessProbe: {}
+
+readinessProbe: {}
+
 nodeSelector: {}
 
 tolerations: []