stream lined pipe

Reviewed-on: #11

.gitea/workflows/buildPush.yaml

@@ -2,9 +2,6 @@ name: Package and publish helm chart
 
 on:
   push:
-    # Pattern matched against refs/tags
-    tags:
-      - '**'           # Push events to every tag including hierarchical tags like v1.0/beta
 jobs:
   package-helm:
     runs-on: ubuntu-latest
@@ -29,18 +26,19 @@ jobs:
         with:
           cmd: yq .version Chart.yaml
 
+      - name: Run helm lint on all changed charts
+        shell: bash
+        run: |
+          helm dependency build
+          helm lint .
+
       - name: build helm package
+        if: gitea.ref == 'refs/heads/main'
         shell: bash
         env:
-          REPO_PASSWORD: ${{ secrets.REPO_PASSWORD }}
-          REPO_USERNAME: ${{ secrets.REPO_USERNAME }}
-          REPO_HOST: ${{ secrets.REPO_HOST }}
+          PACKAGE_TOKEN: ${{ secrets.PACKAGE_TOKEN }}
           CHART_NAME: ${{ steps.chart_name.outputs.result }}
           CHART_VERSION: ${{ steps.chart_version.outputs.result }}
         run: |
-          REPO_PATH=$(git rev-parse --show-toplevel)
-          mkdir /tmp/build
-          cd /tmp/build
-          helm package $REPO_PATH
-          helm registry login --username $REPO_USERNAME --password $REPO_PASSWORD $REPO_HOST
-          helm push ${CHART_NAME}-${CHART_VERSION}.tgz oci://$REPO_HOST/helm
+          helm package .
+          curl -H "Authorization: token $PACKAGE_TOKEN" -X POST --upload-file ${CHART_NAME}-${CHART_VERSION}.tgz https://git.rre.nu/api/packages/jonas/helm/api/charts

.gitea/workflows/lint.yaml

@@ -1,26 +0,0 @@
-name: Lint and Test Charts
-
-on:
-  push:
-    branches:
-      - main
-
-jobs:
-  lint-test:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-
-      - name: Set up Helm
-        uses: azure/setup-helm@v4.2.0
-        with:
-          version: v3.14.4
-
-      - name: Lint the helm package
-        env:
-          ALL_CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }}
-        run: |
-          helm lint ./

.gitignore

@@ -5,6 +5,7 @@ bin/*
 .project
 /.bin
 /_test/secrets/*.json
+*.tgz
 
 # OSX leaves these everywhere on SMB shares
 ._*

CHANGES.md

@@ -1,5 +1,6 @@
 # next
 - added env.TZ to default to Europe/Stockholm
+- added deployment type
 
 # v1.0.0
 - first version

Chart.yaml

@@ -3,7 +3,7 @@ apiVersion: v2
 name: lib
 description: Common functions for my helm charts at home
 type: library
-version: 1.0.1
+version: 1.0.4
 kubeVersion: ">=1.27.0"
 home: git.rre.nu
 sources:

README.md

@@ -22,6 +22,9 @@ The following table lists the configurable parameters of the Lib chart and their
 | `controller.enabled` | should the main workload be included or not | `true` |
 | `controller.type` | valid options are deployment, statefulset, job | `"deployment"` |
 | `controller.replicas` | number of replicas | `1` |
+| `controller.lifecycle` | Define postStart and preStop handlers | `{}` |
+| `controller.command` | override the containers entrypoint | `null` |
+| `controller.args` | add argument to the override command | `[]` |
 | `image.repository` | container image name | `null` |
 | `image.pullPolicy` | kubernetes pull policy | `"IfNotPresent"` |
 | `image.tag` | Overrides the image tag whose default is the chart appVersion. | `""` |
@@ -45,6 +48,7 @@ The following table lists the configurable parameters of the Lib chart and their
 | `autoscaling.targetCPUUtilizationPercentage` |  | `80` |
 | `secrets` | Secrets that needs to be created | `{}` |
 | `configs` | ConfigMaps that needs to be created | `{}` |
+| `envFrom` | mount environment variables from secrets or configMaps | `[]` |
 | `env.TZ` |  | `"Europe/Stockholm"` |
 | `volumes` |  | `[]` |
 | `volumeMounts` |  | `[]` |

templates/_all.tpl

@@ -14,9 +14,9 @@ Main entrypoint for the common library chart. It will render all underlying temp
   {{ include "lib.configs" . | nindent 0 }}
   {{ if .Values.controller.enabled }}
     {{ if eq .Values.controller.type "statefulset" }}
-      {{- include "lib.statefulset" . | nindent 0}}
+      {{- include "lib.statefulset" . | nindent 0 }}
+    {{ else if eq .Values.controller.type "deployment" }}
+      {{- include "lib.deployment" . | nindent 0 }}
     {{- end -}}
   {{- end -}}
 {{- end -}}
-
-

templates/_configmaps.tpl

@@ -1,6 +1,6 @@
 {{- define "lib.configs" -}}
 {{- $fullName := include "lib.fullname" . -}}
-{{- $namespace := .Values.namespace -}}
+{{- $namespace := .Values.namespace | default "default" -}}
 {{- $commonLabels := include "lib.labels" . }}
 {{- range $name, $values := .Values.configs }}
 {{- if $values.enabled -}}

templates/_deployment.tpl

@@ -0,0 +1,54 @@
+{{- define "lib.deployment" -}}
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "lib.fullname" . }}
+  namespace: {{ .Values.namespace }}
+  labels:
+    {{- include "lib.labels" . | nindent 4 }}
+spec:
+  {{- if not .Values.autoscaling.enabled }}
+  replicas: {{ .Values.replicaCount }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "lib.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "lib.labels" . | nindent 8 }}
+        {{- with .Values.controller.labels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "lib.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      containers:
+        {{- include "lib.parts.container" . | nindent 8 -}}
+      {{- with .Values.volumes }}
+      volumes:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+{{- end }}

templates/_helpers.tpl

@@ -72,54 +72,3 @@ Merge the local chart values and the library chart defaults
     {{- $_ := set . "Values" (deepCopy $mergedValues) -}}
   {{- end -}}
 {{- end -}}
-
-{{/*
-Get all environment variables and
-secrets that should be mounted as environment variables
-*/}}
-{{- define "lib.environmentVariables" -}}
-{{- $envIncluded := "false" -}}
-{{- $fullName := include "lib.fullname" . -}}
-{{- range $name, $settings := .Values.secrets -}}
-{{- if $settings.enabled -}}
-{{- if $settings.env -}}
-{{- $envIncluded := "true" -}}
-{{- range $key, $value := $settings.data }}
-- name: {{ $key }}
-  valueFrom:
-    secretKeyRef:
-      name: {{ $fullName }}-{{ $name }}
-      key: {{ $key }}
-{{- end -}}
-{{- range $key, $value := $settings.stringData }}
-- name: {{ $key }}
-  valueFrom:
-    secretKeyRef:
-      name: {{ $fullName }}-{{ $name }}
-      key: {{ $key }}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-{{- range $name, $settings := .Values.configs -}}
-{{- if $settings.enabled -}}
-{{- if $settings.env -}}
-{{- $envIncluded := "true" -}}
-{{- range $key, $value := $settings.data }}
-- name: {{ $key }}
-  valueFrom:
-    configMapKeyRef:
-      name: {{ $fullName }}-{{ $name }}
-      key: {{ $key }}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-{{- if $envIncluded = "true" -}}
-  {{- if .Values.env -}}
-    {{- toYaml .Values.env | nindent 0 -}}
-  {{- end -}}
-{{- else -}}
-  {{- toYaml .Values.env | nindent 0 -}}
-{{- end -}}
-{{- end -}}

templates/_ingress.tpl

@@ -7,6 +7,7 @@
   {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
   {{- end }}
 {{- end }}
+---
 {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
 apiVersion: networking.k8s.io/v1
 {{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
@@ -20,8 +21,7 @@ metadata:
   namespace: {{ .Values.namespace }}
   labels:
     {{- include "lib.labels" . | nindent 4 }}
-  {{- with .Values.ingressingresstservicePort }}
-  {{- $svcName := .Values.ingress.service -}}
+  {{- with .Values.ingress.annotations }}
   annotations:
     {{- toYaml . | nindent 4 }}
   {{- end }}
@@ -52,7 +52,7 @@ spec:
             backend:
               {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
               service:
-                name: {{ $fullName }}-${{ $svcName }}
+                name: {{ $fullName }}-{{ $svcName }}
                 port:
                   number: {{ $svcPort }}
               {{- else }}

templates/_secrets.tpl

@@ -1,6 +1,6 @@
 {{- define "lib.secrets" -}}
 {{- $fullName := include "lib.fullname" . -}}
-{{- $namespace := .Values.namespace -}}
+{{- $namespace := .Values.namespace | default "default" -}}
 {{- $commonLabels := include "lib.labels" . }}
 {{- range $name, $values := .Values.secrets }}
 {{- if $values.enabled -}}

templates/_service.tpl

@@ -14,16 +14,16 @@ metadata:
   labels:
     {{- $labels | nindent 4 }}
 spec:
-  type: {{ $values.type }}
+  type: {{ default "ClusterIP" $values.type }}
   ports:
   {{- range $k, $v := $values.ports }}
     - port: {{ $v.port }}
-      targetPort: {{ default $v.targetPort $v.port }}
-      protocol: {{ $v.protocol }}
+      targetPort: {{ default $v.port $v.targetPort }}
+      protocol: {{ default "TCP" $v.protocol }}
       name: {{ $k }}
   {{- end }}
   selector:
     {{- $selectorlabels | nindent 4 }}
 {{- end -}}
 {{- end -}}
-{{- end -}}
+{{- end -}}

templates/_statefulset.tpl

@@ -35,34 +35,11 @@ spec:
       securityContext:
         {{- toYaml .Values.controller.podSecurityContext | nindent 8 }}
       containers:
-        - name: {{ .Chart.Name }}
-          securityContext:
-            {{- toYaml .Values.controller.securityContext | nindent 12 }}
-          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
-          ports:
-          {{- range $name, $values := .Values.service -}}
-          {{- if $values.enabled -}}
-          {{- range $k, $v := $values.ports }}
-            - name: {{ $k }}
-              containerPort: {{ $v.targetPort | default $v.port }}
-              protocol: {{ $v.protocol }}
-          {{- end -}}
-          {{- end -}}
-          {{- end }}
-          env:
-            {{- include "lib.environmentVariables" . | default "[]" | nindent 12 }}
-          livenessProbe:
-            {{- toYaml .Values.livenessProbe | nindent 12 }}
-          readinessProbe:
-            {{- toYaml .Values.readinessProbe | nindent 12 }}
-          resources:
-            {{- toYaml .Values.resources | nindent 12 }}
-          volumeMounts:
-            {{- range $i, $values := .Values.volumeClaimTemplates }}
-            - name: {{ $values.name }}
-              mountPath: {{ $values.mountPath }}
-            {{- end }}
+        {{- include "lib.parts.container" . | nindent 8 -}}
+      {{- with .Values.volumes }}
+      volumes:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
       {{- with .Values.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}

templates/parts/_containers.tpl

@@ -0,0 +1,53 @@
+{{- define "lib.parts.container" -}}
+{{/*
+create the environment varable list
+*/}}
+- name: {{ .Chart.Name }}
+  securityContext:
+    {{- toYaml .Values.securityContext | nindent 4 }}
+  image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+  imagePullPolicy: {{ .Values.image.pullPolicy }}
+  {{- with .Values.controller.command }}
+  command: {{ toYaml . | nindent 4}}
+  {{- end }}
+  {{- with .Values.controller.args }}
+  args: {{ toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.controller.lifecycle }}
+  lifecycle:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  ports:
+  {{- range $name, $values := .Values.service -}}
+  {{- if $values.enabled -}}
+  {{- range $k, $v := $values.ports }}
+    - name: {{ $k }}
+      containerPort: {{ default $v.port $v.targetPort }}
+  {{- end -}}
+  {{- end -}}
+  {{- end }}
+  env:
+    {{- include "lib.parts.env" . | nindent 4 -}}
+  {{- with .Values.livenessProbe }}
+  livenessProbe:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.readinessProbe }}
+  readinessProbe:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.resources }}
+  resources:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- if or .Values.volumeMounts .Values.volumeClaimTemplates }}
+  volumeMounts:
+  {{- end }}
+  {{- with .Values.volumeMounts }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- range $v := .Values.volumeClaimTemplates }}
+    - name: {{ $v.name }}
+      mountPath: {{ $v.mountPath }}
+  {{- end }}
+{{- end }}

templates/parts/_env.tpl

@@ -0,0 +1,26 @@
+{{/*
+Get all environment variables configMaps and
+secrets that should be mounted as environment variables
+*/}}
+{{- define "lib.parts.env" -}}
+  {{/*
+  environment variables from .Values.env
+  */}}
+  {{- range $name, $value := .Values.env -}}
+    {{- printf "- name: %s" $name | nindent 0 }}
+    {{- printf "value: %s" $value | nindent 2 }}
+  {{- end -}}
+  {{/*
+  environment variables from configMaps
+  */}}
+  {{- range $cfgName, $settings := .Values.configs -}}
+    {{- if and $settings.enabled $settings.env -}}
+      {{- range $key, $value := $settings.data -}}
+        {{- printf "- name: %s" $key | nindent 0 }}
+        {{- printf "valueFrom:" | nindent 2 }}
+        {{- printf "configMapKeyRef:" | nindent 4 }}
+        {{- printf "name: %s" $key | nindent 5 }}
+      {{- end }}
+    {{- end }}
+  {{- end -}}
+{{- end -}}

values.yaml

@@ -4,6 +4,9 @@ controller: # main workload
   enabled: true # should the main workload be included or not
   type: deployment # valid options are deployment, statefulset, job
   replicas: 1 # number of replicas
+  lifecycle: {} # Define postStart and preStop handlers
+  command: # override the containers entrypoint
+  args: [] # add argument to the override command
 
 image:
   repository:  # container image name
@@ -85,21 +88,27 @@ secrets: {} # Secrets that needs to be created
 #     type:     #default Opaque
 #     annotations: {}
 #     labels: {}
-#     env: false #should template load each key in the seacret as
 #     data:
 #        KEY: VALUE
 
 configs: {} # ConfigMaps that needs to be created
 # configs:
 #   <name>:
+#     enabled: false # should the configMap be created or not
 #     annotations: {}
 #     labels: {}
-#     env: false #should template load each key in the seacret as
 #     data:
 #        KEY: VALUE
 
+envFrom: [] # mount environment variables from secrets or configMaps
+# - configMapRef:
+#     name: config-map-name
+# - secretRef:
+#     name: secret-name
+
 env:  # environment variables the controller should have
   TZ: Europe/Stockholm
+
 # Additional volumes on the output Deployment definition.
 volumes: []
 # - name: foo