secrets/configmaps added

This commit is contained in:
Jonas Forsberg 2024-10-18 07:56:18 +02:00
parent 15806b7ab7
commit d52444b21c
5 changed files with 135 additions and 58 deletions

View File

@ -6,10 +6,17 @@ Main entrypoint for the common library chart. It will render all underlying temp
{{- if .Values.serviceAccount.create -}}
{{- include "lib.serviceaccount" . | nindent 0 }}
{{- end -}}
{{- if .Values.ingress.enabled -}}
{{- include "lib.ingress" . | nindent 0}}
{{- end -}}
{{ include "lib.service" . | nindent 0 }}
{{ include "lib.secrets" . | nindent 0 }}
{{ include "lib.configs" . | nindent 0 }}
{{ if .Values.controller.enabled }}
{{ if eq .Values.controller.type "statefulset" }}
{{- include "lib.statefulset" . | nindent 0}}
{{- end -}}
{{- end -}}
{{- end -}}

View File

@ -61,7 +61,9 @@ Create the name of the service account to use
{{- end }}
{{- end }}
{{/* Merge the local chart values and the library chart defaults */}}
{{/*
Merge the local chart values and the library chart defaults
*/}}
{{- define "lib.values.setup" -}}
{{- if .Values.lib -}}
{{- $defaultValues := deepCopy .Values.lib -}}
@ -70,3 +72,54 @@ Create the name of the service account to use
{{- $_ := set . "Values" (deepCopy $mergedValues) -}}
{{- end -}}
{{- end -}}
{{/*
Get all environment variables and
secrets that should be mounted as environment variables
*/}}
{{- define "lib.environmentVariables" -}}
{{- $envIncluded := "false" -}}
{{- $fullName := include "lib.fullname" . -}}
{{- range $name, $settings := .Values.secrets -}}
{{- if $settings.enabled -}}
{{- if $settings.env -}}
{{- $envIncluded := "true" -}}
{{- range $key, $value := $settings.data }}
- name: {{ $key }}
valueFrom:
secretKeyRef:
name: {{ $fullName }}-{{ $name }}
key: {{ $key }}
{{- end -}}
{{- range $key, $value := $settings.stringData }}
- name: {{ $key }}
valueFrom:
secretKeyRef:
name: {{ $fullName }}-{{ $name }}
key: {{ $key }}
{{- end -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- range $name, $settings := .Values.configs -}}
{{- if $settings.enabled -}}
{{- if $settings.env -}}
{{- $envIncluded := "true" -}}
{{- range $key, $value := $settings.data }}
- name: {{ $key }}
valueFrom:
configMapKeyRef:
name: {{ $fullName }}-{{ $name }}
key: {{ $key }}
{{- end -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- if $envIncluded = "true" -}}
{{- if .Values.env -}}
{{- toYaml .Values.env | nindent 0 -}}
{{- end -}}
{{- else -}}
{{- toYaml .Values.env | nindent 0 -}}
{{- end -}}
{{- end -}}

View File

@ -1,7 +1,7 @@
{{- if .Values.ingress.enabled -}}
{{ define "lib.ingress" }}
{{- $fullName := include "lib.fullname" . -}}
{{- $svcName := .Values.ingress.service -}}
{{- $svcPort := .Values.ingress.servicePort -}}
{{- $svcName := .Values.ingress.service -}}
{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
{{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
{{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
@ -17,9 +17,11 @@ apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ $fullName }}
namespace: {{ .Values.namespace }}
labels:
{{- include "lib.labels" . | nindent 4 }}
{{- with .Values.ingress.annotations }}
{{- with .Values.ingressingresstservicePort }}
{{- $svcName := .Values.ingress.service -}}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
@ -50,11 +52,11 @@ spec:
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ $fullName }}
name: {{ $fullName }}-${{ $svcName }}
port:
number: {{ $svcPort }}
{{- else }}
serviceName: {{ $fullName }}
serviceName: {{ $fullName }}-${{ $svcName }}
servicePort: {{ $svcPort }}
{{- end }}
{{- end }}

View File

@ -50,6 +50,8 @@ spec:
{{- end -}}
{{- end -}}
{{- end }}
env:
{{- include "lib.environmentVariables" . | default "{}" | nindent 12 }}
livenessProbe:
{{- toYaml .Values.livenessProbe | nindent 12 }}
readinessProbe:

View File

@ -1,24 +1,12 @@
---
# Namespace to deploy to, if not set it targets default namespace
namespace: default
controller:
# -- enable the controller
enabled: true
# type of controller
# valid options are deployment, statefulset, job
type: deployment
annotations: {}
labels: {}
replicas: 1
podSecurityContext: {}
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
image:
repository:
@ -26,29 +14,15 @@ image:
# Overrides the image tag whose default is the chart appVersion.
tag: ""
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
serviceAccount:
# Specifies whether a service account should be created
create: true
# Automatically mount a ServiceAccount's API credentials?
automount: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
service:
main:
enabled: false
enabled: true
type: ClusterIP
annotations: {}
labels: {}
ports: {}
ports:
# http:
# # -- Enables or disables the port
# enabled: false#
@ -70,16 +44,16 @@ service:
# # [[ref]](https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport)
# nodePort:
ingress:
main:
enabled: false
service: main
#Service to target
servicePort: 80
className: ""
annotations: {}
annotations:
{}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
service: main
servicePort: 80
hosts:
- host: chart-example.local
paths:
@ -90,7 +64,8 @@ ingress:
# hosts:
# - chart-example.local
resources: {}
resources:
{}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
@ -109,6 +84,29 @@ autoscaling:
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80
# Secrets that needs to be created
secrets: {}
# secrets:
# <name>:
# type: #default Opaque
# annotations: {}
# labels: {}
# env: false #should template load each key in the seacret as
# data:
# KEY: VALUE
# ConfigMaps that needs to be created
configs: {}
# configs:
# <name>:
# annotations: {}
# labels: {}
# env: false #should template load each key in the seacret as
# data:
# KEY: VALUE
env: {}
# Additional volumes on the output Deployment definition.
volumes: []
# - name: foo
@ -122,6 +120,21 @@ volumeMounts: []
# mountPath: "/etc/foo"
# readOnly: true
serviceAccount:
# Specifies whether a service account should be created
create: true
# Automatically mount a ServiceAccount's API credentials?
automount: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
livenessProbe: {}
readinessProbe: {}
nodeSelector: {}
tolerations: []