Merge pull request #3 from ndustrialio/helm-templates

DEVOPS-224 - Helm templates v0.1.0
ndustrialio · Jun 10, 2021 · d6d7e78 · d6d7e78
2 parents ddcb54d + 03367fb
commit d6d7e78
Show file tree

Hide file tree

Showing 46 changed files with 3,000 additions and 12 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -1,7 +1,5 @@
 name: CI
-
 on: pull_request
-
 jobs:
   lint:
     runs-on: ubuntu-latest

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -1,10 +1,8 @@
 name: Release
-
 on:
   push:
     branches:
       - main
-
 jobs:
   release:
     runs-on: ubuntu-latest

diff --git a/.gitignore b/.gitignore
@@ -1 +1,2 @@
-**/charts/*.tgz
+.ci
+**/charts/*.tgz
diff --git a/Makefile b/Makefile
@@ -1,16 +1,18 @@
-REQUIRES := ct helm
+REQUIRES := helm
 
-.PHONY: help
 help: ## Show this help
 	@awk 'BEGIN {FS = ":.*?## "} /^[a-zA-Z -]+:.*?## / {printf "\033[36m%-10s\033[0m %s\n", $$1, $$2}' $(MAKEFILE_LIST) | sort
 
 $(REQUIRES):
 	@command -v $@ >/dev/null || { echo "Required but not found: $@" && false; }
 
-.PHONY: install
 install: ## Install required tools
 	brew install helm chart-testing
 
-.PHONY: lint
-lint: ct ## Lint charts
-	ct lint
+lint: ## Lint charts
+	./scripts/lint.sh
+
+gen:
+	./scripts/gen.sh
+
+.PHONY: gen lint install help
diff --git a/README.md b/README.md
@@ -18,6 +18,25 @@ helm repo update
 
 You can then run `helm search repo ndustrial` to see the charts.
 
+## Charts
+
+- [`common`](ndustrial/common/README.md) - common chart which provides helper functions for all charts
+- [`cronjob`](ndustrial/cronjob/README.md) - chart to deploy `CronJob` resources
+- [`deployment`](ndustrial/deployment/README.md) - chart to deploy `Deployment` resources
+- [`statefulset`](ndustrial/statefulset/README.md) - chart to deploy `StatefulSet` resources
+
 ## CI/CD
 
 We use GitHub Actions to test and release our charts. On a pull request, our [CI pipeline](./.github/workflows/ci.yaml) will lint and test any changes via Helm's [Chart Testing](https://github.com/helm/chart-testing#readme) tool. On a commit to master, our [Release pipeline](./.github/workflows/release.yaml) will package and release new charts to [GitHub Pages](https://pages.github.com/) via Helm's [Chart Releaser](https://github.com/helm/chart-releaser#readme).
+
+## Development
+
+All charts depend on the ndustrial [`common` chart](ndustrial/common/README.md).
+
+### README Generator
+
+Documentation is generated using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) and can be ran via `make gen`.
+
+### Lint Testing
+
+Helm linting is done via Helm's [Chart Testing](https://github.com/helm/chart-testing#readme). This is ran via the CI pipeline but can be ran locally via docker with `make lint`.
diff --git a/ct.yaml b/ct.yaml
@@ -2,5 +2,7 @@
 remote: origin
 target-branch: main
 chart-dirs:
-  - charts
+  - ndustrial
 helm-extra-args: --timeout 600s
+chart-repos:
+  - ndustrial=https://ndustrialio.github.io/charts
diff --git a/examples/cert-manager.yml b/examples/cert-manager.yml
@@ -0,0 +1,23 @@
+ndustrial:
+  owner: helm
+  name: cert-manager-example
+  organization: ndustrial
+contxt: {}
+ports:
+  - containerPort: 80
+    name: http
+service:
+  type: ClusterIP
+ingress:
+  enabled: true
+  certManager: true
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-staging
+    kubernetes.io/ingress.class: nginx-global
+    nginx.ingress.kubernetes.io/configuration-snippet: |
+      more_set_headers "X-Robots-Tag: noindex";
+  tls: true
+  hostname: cert-manager-example.staging.pizzandustrial.com
+image:
+  registry: docker.ops.ndustrial.io
+  repository: library/nginx
diff --git a/ndustrial/cronjob/.gitignore b/ndustrial/cronjob/.gitignore
@@ -0,0 +1 @@
+charts
diff --git a/ndustrial/cronjob/Chart.lock b/ndustrial/cronjob/Chart.lock
@@ -0,0 +1,6 @@
+dependencies:
+- name: common
+  repository: https://ndustrialio.github.io/charts
+  version: 0.1.3
+digest: sha256:c32a37fc1cf1dd6709a75a632371acdf5b85d2e5127d9d043f3de2f73657dfb6
+generated: "2021-06-10T17:05:45.0432468Z"
diff --git a/ndustrial/cronjob/Chart.yaml b/ndustrial/cronjob/Chart.yaml
@@ -0,0 +1,18 @@
+apiVersion: v2
+name: cronjob
+description: A Helm chart for deploying k8s cronjobs
+type: application
+dependencies:
+  - name: common
+    repository: https://ndustrialio.github.io/charts
+    version: 0.1.3
+    tags:
+      - ndustrial-common
+sources:
+  - https://github.com/ndustrialio/charts/tree/main/ndustrial/cronjob
+maintainers:
+  - email: devops@ndustrial.io
+    name: DevOps
+# Please make sure that version and appVersion are always the same.
+version: 0.1.0
+appVersion: 0.1.0
diff --git a/ndustrial/cronjob/README.md b/ndustrial/cronjob/README.md
diff --git a/ndustrial/cronjob/templates/_helpers.tpl b/ndustrial/cronjob/templates/_helpers.tpl
@@ -0,0 +1,32 @@
+{{/* vim: set filetype=mustache: */}}
+
+{{/*
+Return the proper Docker Image Registry Secret Names
+*/}}
+{{- define "cronjob.imagePullSecrets" -}}
+{{ include "common.images.pullSecrets" (dict "images" (list .Values.image) "global" .Values.global) }}
+{{- end -}}
+
+{{/*
+Returns the proper service account name depending if an explicit service account name is set
+in the values file. If the name is not set it will default to either common.names.fullname if serviceAccount.create
+is true or default otherwise.
+*/}}
+{{- define "cronjob.serviceAccountName" -}}
+    {{- if .Values.serviceAccount.create -}}
+        {{- if (empty .Values.serviceAccount.name) -}}
+          {{- printf "%s-cronjob" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" -}}
+        {{- else -}}
+          {{ default "default" .Values.serviceAccount.name }}
+        {{- end -}}
+    {{- else -}}
+        {{ default "default" .Values.serviceAccount.name }}
+    {{- end -}}
+{{- end -}}
+
+{{/*
+Return the proper cronjob.image name
+*/}}
+{{- define "cronjob.image" -}}
+{{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }}
+{{- end -}}
diff --git a/ndustrial/cronjob/templates/cronjob.yaml b/ndustrial/cronjob/templates/cronjob.yaml
@@ -0,0 +1,146 @@
+apiVersion: {{ template "common.capabilities.cronjob.apiVersion" . }}
+kind: CronJob
+metadata:
+  name: {{ include "common.names.fullname" . }}
+  labels: {{- include "common.labels.standard" . | nindent 4 }}
+    ndustrial.io/component: cronjob
+    {{- if .Values.labels }}
+    {{- include "common.tplvalues.render" (dict "value" .Values.labels "context" $) | nindent 4 }}
+    {{- end }}
+  {{- if .Values.annotations }}
+  annotations: {{- toYaml .Values.annotations | nindent 4 }}
+  {{- end }}
+spec:
+  schedule: {{ .Values.schedule | quote }}
+  {{- with .Values.concurrencyPolicy }}
+  concurrencyPolicy: {{ . }}
+  {{- end }}
+  {{- with .Values.failedJobsHistoryLimit }}
+  failedJobsHistoryLimit: {{ . }}
+  {{- end }}
+  {{- with .Values.successfulJobsHistoryLimit }}
+  successfulJobsHistoryLimit: {{ . }}
+  {{- end }}
+  {{- with .Values.startingDeadlineSeconds }}
+  startingDeadlineSeconds: {{ . }}
+  {{- end }}
+  jobTemplate:
+    metadata:
+      labels: {{- include "common.labels.standard" . | nindent 8 }}
+        ndustrial.io/component: cronjob
+        {{- if .Values.labels }}
+        {{- include "common.tplvalues.render" (dict "value" .Values.labels "context" $) | nindent 8 }}
+        {{- end }}
+      {{- if .Values.annotations }}
+      annotations: {{- toYaml .Values.annotations | nindent 8 }}
+      {{- end }}
+    spec:
+      {{- with .Values.activeDeadlineSeconds }}
+      activeDeadlineSeconds: {{ . }}
+      {{- end }}
+      {{- with .Values.backoffLimit }}
+      backoffLimit: {{ . }}
+      {{- end }}
+      {{- with .Values.completions }}
+      completions: {{ . }}
+      {{- end }}
+      {{- with .Values.parallelism }}
+      parallelism: {{ . }}
+      {{- end }}
+      {{- with .Values.ttlSecondsAfterFinished }}
+      ttlSecondsAfterFinished: {{ . }}
+      {{- end }}
+
+      template:
+        metadata:
+          labels:
+            ndustrial.io/component: cronjob
+            {{- include "common.labels.standard" . | nindent 12 }}
+            {{- if .Values.labels }}
+            {{- include "common.tplvalues.render" (dict "value" .Values.labels "context" $) | nindent 12 }}
+            {{- end }}
+            {{- if .Values.podLabels }}
+            {{- toYaml .Values.podLabels | nindent 12 }}
+            {{- end }}
+          {{- if .Values.podAnnotations }}
+          annotations: {{- toYaml .Values.podAnnotations | nindent 12 }}
+          {{- end }}
+        spec:
+          restartPolicy: Never
+          shareProcessNamespace: {{ .Values.shareProcessNamespace }}
+          {{- include "cronjob.imagePullSecrets" . | nindent 10 }}
+          {{- if .Values.podSecurityContext.enabled }}
+          securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 12 }}
+          {{- end }}
+          {{- if .Values.priorityClassName }}
+          priorityClassName: {{ .Values.priorityClassName | quote }}
+          {{- end }}
+          {{- if .Values.affinity }}
+          affinity: {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" $) | nindent 12 }}
+          {{- else }}
+          affinity:
+            podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "context" $) | nindent 14 }}
+            podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "context" $) | nindent 14 }}
+            nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 14 }}
+          {{- end }}
+          {{- if .Values.nodeSelector }}
+          nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.nodeSelector "context" $) | nindent 12 }}
+          {{- end }}
+          {{- if .Values.tolerations }}
+          tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" $) | nindent 12 }}
+          {{- end }}
+          {{- if .Values.hostAliases }}
+          hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 12 }}
+          {{- end }}
+          initContainers:
+            {{- if .Values.initContainers }}
+            {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 12 }}
+            {{- end }}
+          serviceAccountName: {{ template "cronjob.serviceAccountName" . }}
+          containers:
+            - name: {{ .Chart.Name }}
+              image: {{ template "cronjob.image" . }}
+              imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
+              {{- if .Values.command }}
+              command: {{- include "common.tplvalues.render" (dict "value" .Values.command "context" $) | nindent 16 }}
+              {{- end }}
+              {{- if .Values.args }}
+              args: {{- include "common.tplvalues.render" (dict "value" .Values.args "context" $) | nindent 16 }}
+              {{- end }}
+              {{- if .Values.containerSecurityContext.enabled }}
+              securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 16 }}
+              {{- end }}
+              env:
+                {{- if .Values.extraEnvVars }}
+                {{- include "common.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 16 }}
+                {{- end }}
+                - name: POD_NAMESPACE
+                  valueFrom:
+                    fieldRef:
+                      fieldPath: metadata.namespace
+              envFrom:
+                {{- if .Values.extraEnvVarsCM }}
+                - configMapRef:
+                    name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsCM "context" $) }}
+                {{- end }}
+                {{- if .Values.extraEnvVarsSecret }}
+                - secretRef:
+                    name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsSecret "context" $) }}
+                {{- end }}
+              {{- if .Values.lifecycleHooks }}
+              lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleHooks "context" $) | nindent 16 }}
+              {{- end }}
+              {{- if .Values.resources }}
+              resources: {{- toYaml .Values.resources | nindent 16 }}
+              {{- end }}
+              volumeMounts:
+                {{- if .Values.extraVolumeMounts }}
+                {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 16 }}
+                {{- end }}
+            {{- if .Values.sidecars }}
+            {{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 12 }}
+            {{- end }}
+          volumes:
+            {{- if .Values.extraVolumes }}
+            {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 12 }}
+            {{- end }}
diff --git a/ndustrial/cronjob/templates/serviceaccount.yaml b/ndustrial/cronjob/templates/serviceaccount.yaml
@@ -0,0 +1,15 @@
+{{- if .Values.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+automountServiceAccountToken: true
+metadata:
+  labels:
+    ndustrial.io/component: cronjob
+  {{- include "common.labels.standard" . | nindent 4 }}
+  name: {{ template "cronjob.serviceAccountName" . }}
+  {{- $mergedAnnotations := merge .Values.serviceAccount.annotations .Values.annotations }}
+  {{- if $mergedAnnotations }}
+  annotations: {{- include "common.tplvalues.render" ( dict "value" $mergedAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+  namespace: {{ .Release.Namespace | quote }}
+{{- end }}