volker.raschek/athens-proxy-charts
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Initial Commit
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Markus Pesch 2022-05-21 11:09:39 +02:00
commit 64e21d43ab
Signed by: volker.raschek
GPG Key ID: 852BCC170D81A982
19 changed files with 1007 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
.drone.yml Normal file
View File

@ -0,0 +1,83 @@
---
kind: pipeline
type: kubernetes
name: linter
platform:
os: linux
arch: amd64
steps:
- name: helm lint
commands:
- helm lint
image: docker.io/volkerraschek/helm:3.8.0
resources:
limits:
cpu: 150
memory: 150M
- name: markdown lint
commands:
- markdownlint *.md
image: docker.io/volkerraschek/markdownlint:0.30.0
resources:
limits:
cpu: 150
memory: 150M
- name: email-notification
environment:
PLUGIN_HOST:
from_secret: smtp_host
PLUGIN_USERNAME:
from_secret: smtp_username
PLUGIN_PASSWORD:
from_secret: smtp_password
PLUGIN_FROM:
from_secret: smtp_mail_address
image: docker.io/drillster/drone-email:latest
resources:
limits:
cpu: 50
memory: 25M
when:
status:
- changed
- failure
trigger:
event:
exclude:
- tag
---
kind: pipeline
type: kubernetes
name: release
platform:
os: linux
steps:
- name: release-helm-chart
commands:
- helm repo add volker.raschek https://charts.cryptic.systems/volker.raschek
- helm package --version ${DRONE_TAG} .
- helm cm-push ${DRONE_REPO_NAME%-charts}-${DRONE_TAG}.tgz volker.raschek
environment:
HELM_REPO_PASSWORD:
from_secret: helm_repo_password
HELM_REPO_USERNAME:
from_secret: helm_repo_username
image: docker.io/volkerraschek/helm:3.8.0
resources:
limits:
cpu: 150
memory: 150M
trigger:
event:
- tag
repo:
- volker.raschek/drone-charts

12
.editorconfig Normal file
View File

@ -0,0 +1,12 @@
# EditorConfig is awesome: https://EditorConfig.org
# top-most EditorConfig file
root = true
[*]
indent_style = space
indent_size = 2
end_of_line = lf
charset = utf-8
trim_trailing_whitespace = true
insert_final_newline = false

3
.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
*.tgz
values2.yml
values2.yaml

32
.helmignore Normal file
View File

@ -0,0 +1,32 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
# drone
.drone.yml
# markdownlint
.markdownlint.yaml
# customized values
values2.yml
values2.yaml
# helm packages
*.tgz

144
.markdownlint.yaml Normal file
View File

@ -0,0 +1,144 @@
# markdownlint YAML configuration
# https://github.com/DavidAnson/markdownlint/blob/main/schema/.markdownlint.yaml
# Default state for all rules
default: true
# Path to configuration file to extend
extends: null
# MD003/heading-style/header-style - Heading style
MD003:
# Heading style
style: "atx"
# MD004/ul-style - Unordered list style
MD004:
style: "dash"
# MD007/ul-indent - Unordered list indentation
MD007:
# Spaces for indent
indent: 2
# Whether to indent the first level of the list
start_indented: false
# MD009/no-trailing-spaces - Trailing spaces
MD009:
# Spaces for line break
br_spaces: 2
# Allow spaces for empty lines in list items
list_item_empty_lines: false
# Include unnecessary breaks
strict: false
# MD010/no-hard-tabs - Hard tabs
MD010:
# Include code blocks
code_blocks: true
# MD012/no-multiple-blanks - Multiple consecutive blank lines
MD012:
# Consecutive blank lines
maximum: 1
# MD013/line-length - Line length
MD013:
# Number of characters
line_length: 80
# Number of characters for headings
heading_line_length: 80
# Number of characters for code blocks
code_block_line_length: 80
# Include code blocks
code_blocks: false
# Include tables
tables: false
# Include headings
headings: true
# Include headings
headers: true
# Strict length checking
strict: false
# Stern length checking
stern: false
# MD022/blanks-around-headings/blanks-around-headers - Headings should be surrounded by blank lines
MD022:
# Blank lines above heading
lines_above: 1
# Blank lines below heading
lines_below: 1
# MD024/no-duplicate-heading/no-duplicate-header - Multiple headings with the same content
MD024:
# Only check sibling headings
allow_different_nesting: true
# MD025/single-title/single-h1 - Multiple top-level headings in the same document
MD025:
# Heading level
level: 1
# RegExp for matching title in front matter
front_matter_title: "^\\s*title\\s*[:=]"
# MD026/no-trailing-punctuation - Trailing punctuation in heading
MD026:
# Punctuation characters
punctuation: ".,;:!。,;:!"
# MD029/ol-prefix - Ordered list item prefix
MD029:
# List style
style: "one_or_ordered"
# MD030/list-marker-space - Spaces after list markers
MD030:
# Spaces for single-line unordered list items
ul_single: 1
# Spaces for single-line ordered list items
ol_single: 1
# Spaces for multi-line unordered list items
ul_multi: 1
# Spaces for multi-line ordered list items
ol_multi: 1
# MD033/no-inline-html - Inline HTML
MD033:
# Allowed elements
allowed_elements: []
# MD035/hr-style - Horizontal rule style
MD035:
# Horizontal rule style
style: "---"
# MD036/no-emphasis-as-heading/no-emphasis-as-header - Emphasis used instead of a heading
MD036:
# Punctuation characters
punctuation: ".,;:!?。,;:!?"
# MD041/first-line-heading/first-line-h1 - First line in a file should be a top-level heading
MD041:
# Heading level
level: 1
# RegExp for matching title in front matter
front_matter_title: "^\\s*title\\s*[:=]"
# MD044/proper-names - Proper names should have the correct capitalization
MD044:
# List of proper names
names:
- gitea
# Include code blocks
code_blocks: false
# MD046/code-block-style - Code block style
MD046:
# Block style
style: "fenced"
# MD048/code-fence-style - Code fence style
MD048:
# Code fence syle
style: "backtick"

22
Chart.yaml Normal file
View File

@ -0,0 +1,22 @@
apiVersion: v2
name: athens-proxy
description: Athens proxy server for golang
type: application
version: "0.1.0"
appVersion: "0.11.0"
icon: https://github.com/gomods/athens/blob/main/docs/static/banner.png?raw=true
keywords:
- golang
- athens
- gomod
- go-proxy
sources:
- https://github.com/volker-raschek/athens-proxy-charts
- https://github.com/gomods/athens
- https://hub.docker.com/r/gomods/athens
maintainers:
- name: Markus Pesch
email: markus.pesch+apps@cryptic.systems

13
LICENSE Normal file
View File

@ -0,0 +1,13 @@
Copyright 2022 Markus Pesch
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

167
README.md Normal file
View File

@ -0,0 +1,167 @@
# athens-proxy-charts
[![Build Status](https://drone.cryptic.systems/api/badges/volker.raschek/athens-proxy-charts/status.svg)](https://drone.cryptic.systems/volker.raschek/athens-proxy-charts)
[![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/volker-raschek)](https://artifacthub.io/packages/search?repo=volker-raschek)
This is an inofficial helm chart of the go-proxy
[athens](https://github.com/gomods/athens) which supports more complex
configuration options.
This helm chart can be found on [artifacthub.io](https://artifacthub.io/) and
can be installed via helm.
```bash
helm repo add volker.raschek https://charts.cryptic.systems/volker.raschek
helm install athens-proxy volker.raschek/athens-proxy
```
## Customization
The complete deployment can be adapted via the `values.yaml` files. The
configuration of the proxy can be done via the environment variables described
below or via mounting the config.toml as additional persistent volume to
`/config/config.toml`
## Access private repositories via SSH
Create a `configmap.yaml` with multiple keys. One key describe the content of
the `.gitconfig` file and another of `config` of the ssh client. All requests
git clone comands with the prefix `http://github.com/` will be replaced by
`git@github.com:` to use SSH instead of HTTPS. The SSH keys are stored in a
separate secret.
```yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: custom-configs
data:
sshconfig: |
Host github.com
IdentifyFile /root/.ssh/id_ed25519
StrictHostKeyChecking no
gitconfig: |
[url "git@github.com:"]
insteadOf = https://github.com/
```
The secret definition below contains the SSH private and public key.
```yaml
apiVersion: v1
kind: Secret
metadata:
name: custom-ssh-keys
type: Opaque
stringData:
id_ed25519: |
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
QyNTUxOQAAACCpf/10TWlksg6/5mZF067fTGvW71I5QVJEp/nyC8hVHgAAAJgwWWNdMFlj
XQAAAAtzc2gtZWQyNTUxOQAAACCpf/10TWlksg6/5mZF067fTGvW71I5QVJEp/nyC8hVHg
AAAEDzTPitanzgl6iThoFCx8AXwsGLS5Q+3+K66ZOmN0p6+6l//XRNaWSyDr/mZkXTrt9M
a9bvUjlBUkSn+fILyFUeAAAAEG1hcmt1c0BtYXJrdXMtcGMBAgMEBQ==
-----END OPENSSH PRIVATE KEY-----
id_ed25519.pub: |
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKl//XRNaWSyDr/mZkXTrt9Ma9bvUjlBUkSn+fILyFUe
```
The item `config` of the configmap will be merged with the items of the secret
as virtual volume. This volume can than be mounted with special permissions
required for the ssh client.
```yaml
extraVolumes:
- name: ssh
projected:
defaultMode: 0644
sources:
- configMap:
name: custom-configs
items:
- key: sshconfig
path: config
- secret:
name: custom-ssh-keys
items:
- key: id_ed25519
path: id_ed25519
mode: 0600
- key: id_ed25519.pub
path: id_ed25519.pub
- name: gitconfig
configMap:
name: custom-configs
items:
- key: gitconfig
path: config
mode: 0644
extraVolumeMounts:
- name: ssh
mountPath: /root/.ssh
- name: gitconfig
mountPath: /root/.config/git
```
## Access private github.com repositories via developer token
Another way to access private github repositories is via a github token, which
can be set via the environment variable `GITHUB_TOKEN`. Athens automatically
creates a `.netrc` file to access private github repositories.
## Access private repositories via .netrc configuration
As describe above, a `.netrc` file is responsible for the authentication via
HTTP. The file can also be defined via a custom secret and mounted into the home
directory of `root` for general authentication purpose.
The example below describe the definition and mounting of a custom `.netrc` file
to access private repositories hosted on github and gitlab.
```yaml
apiVersion: v1
kind: Secret
metadata:
name: custom-netrc
type: Opaque
stringData:
netrc: |
machine github.com login USERNAME password API-KEY
machine gitlab.com login USERNAME password API-KEY
```
The file must then be mounted via extraVolumes and extraVolumeMounts.
```yaml
extraVolumes:
- name: netrc
secret:
secretName: custom-netrc
items:
- key: netrc
path: .netrc
mode: 0600
extraVolumeMounts:
- name: netrc
mountPath: /root
```
## Persistent storage
Unlike the athens default, the default here is `disk` - i.e. the files are
written to the container. Therefore, it is advisable to outsource the
corresponding storage location to persistent storage. The following example
describes the integration of a persistent storage claim.
```yaml
extraVolumes:
- name: gomodules
persistentVolumeClaim:
claimName: custom-gomodules-pvc
extraVolumeMounts:
- name: gomodules
mountPath: /var/lib/athens
```

12
examples/configmap.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: custom-configs
data:
sshconfig: |
Host github.com
IdentifyFile /root/.ssh/id_ed25519
StrictHostKeyChecking no
gitconfig: |
[url "git@github.com:"]
insteadOf = https://github.com/

26
examples/secret.yaml Normal file
View File

@ -0,0 +1,26 @@
apiVersion: v1
kind: Secret
metadata:
name: custom-ssh-keys
type: Opaque
stringData:
id_ed25519: |
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
QyNTUxOQAAACCpf/10TWlksg6/5mZF067fTGvW71I5QVJEp/nyC8hVHgAAAJgwWWNdMFlj
XQAAAAtzc2gtZWQyNTUxOQAAACCpf/10TWlksg6/5mZF067fTGvW71I5QVJEp/nyC8hVHg
AAAEDzTPitanzgl6iThoFCx8AXwsGLS5Q+3+K66ZOmN0p6+6l//XRNaWSyDr/mZkXTrt9M
a9bvUjlBUkSn+fILyFUeAAAAEG1hcmt1c0BtYXJrdXMtcGMBAgMEBQ==
-----END OPENSSH PRIVATE KEY-----
id_ed25519.pub: |
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKl//XRNaWSyDr/mZkXTrt9Ma9bvUjlBUkSn+fILyFUe
---
apiVersion: v1
kind: Secret
metadata:
name: custom-netrc
type: Opaque
stringData:
netrc: |
machine github.com login USERNAME password API-KEY
machine gitlab.com login USERNAME password API-KEY

36
renovate.json Normal file
View File

@ -0,0 +1,36 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"automergeStrategy": "merge-commit",
"automergeType": "pr",
"assignees": [ "volker.raschek" ],
"labels": [ "renovate" ],
"packageRules": [
{
"addLabels": [ "renovate/athens-proxy", "renovate/automerge" ],
"automerge": true,
"matchManagers": "drone",
"matchUpdateTypes": [ "minor", "patch"]
},
{
"addLabels": [ "renovate/athens-proxy", "renovate/automerge" ],
"automerge": false,
"matchPackageNames": [ "gomods/athens" ],
"matchManagers": [ "regex" ]
}
],
"rebaseLabel": "renovate/rebase",
"rebaseWhen": "behind-base-branch",
"regexManagers": [
{
"description": "Update container image reference",
"fileMatch": [
"^Chart\\.yaml$"
],
"matchStrings": [
"appVersion: \"(?<currentValue>.*?)\"\\s+"
],
"datasourceTemplate": "docker",
"depNameTemplate": "gomods/athens"
}
]
}

51
templates/_helpers.tpl Normal file
View File

@ -0,0 +1,51 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "athens-proxy.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "athens-proxy.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "athens-proxy.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "athens-proxy.labels" -}}
helm.sh/chart: {{ include "athens-proxy.chart" . }}
{{ include "athens-proxy.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "athens-proxy.selectorLabels" -}}
app.kubernetes.io/name: {{ include "athens-proxy.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

74
templates/deployment.yaml Normal file
View File

@ -0,0 +1,74 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "athens-proxy.fullname" . }}
labels:
{{- include "athens-proxy.labels" . | nindent 4 }}
spec:
selector:
matchLabels:
{{- include "athens-proxy.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "athens-proxy.selectorLabels" . | nindent 8 }}
spec:
containers:
- name: {{ .Chart.Name }}
envFrom:
- secretRef:
name: {{ include "athens-proxy.fullname" . }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:v{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
livenessProbe:
httpGet:
scheme: HTTP
path: /healthz
port: http
ports:
- name: http
containerPort: {{ .Values.config.ATHENS_PORT | default 3000 }}
protocol: TCP
readinessProbe:
httpGet:
scheme: HTTP
path: /healthz
port: http
resources:
{{- toYaml .Values.resources | nindent 12 }}
{{- with .Values.extraVolumeMounts }}
volumeMounts:
{{- toYaml . | nindent 10 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.podPriorityClassName }}
priorityClassName: {{ .Values.podPriorityClassName }}
{{- end }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
serviceAccountName: {{ include "athens-proxy.fullname" . }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.extraVolumes }}
volumes:
{{- toYaml . | nindent 8 }}
{{- end }}

61
templates/ingress.yaml Normal file
View File

@ -0,0 +1,61 @@
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "athens-proxy.fullname" . -}}
{{- $svcPort := .Values.service.port -}}
{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
{{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
{{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
{{- end }}
{{- end }}
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
{{- include "athens-proxy.labels" . | nindent 4 }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
ingressClassName: {{ .Values.ingress.className }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
{{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
pathType: {{ .pathType }}
{{- end }}
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ $fullName }}
port:
number: {{ $svcPort }}
{{- else }}
serviceName: {{ $fullName }}
servicePort: {{ $svcPort }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

23
templates/secrets.yaml Normal file
View File

@ -0,0 +1,23 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ include "athens-proxy.fullname" . }}
type: Opaque
stringData:
{{- if not (hasKey .Values "config") -}}
{{- $_ := set .Values "config" dict -}}
{{- end -}}
{{- if not (hasKey .Values.config "ATHENS_DISK_STORAGE_ROOT") -}}
{{- $_ := set .Values.config "ATHENS_DISK_STORAGE_ROOT" "/var/lib/athens" -}}
{{- end -}}
{{- if not (hasKey .Values.config "ATHENS_STORAGE_TYPE") -}}
{{- $_ := set .Values.config "ATHENS_STORAGE_TYPE" "disk" -}}
{{- end -}}
{{/* SETUP CONFIG */}}
{{ range $key, $value := .Values.config }}
{{ upper $key}}: {{ quote $value }}
{{ end }}

36
templates/service.yaml Normal file
View File

@ -0,0 +1,36 @@
apiVersion: v1
kind: Service
metadata:
{{- with .Values.service.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
labels:
{{- include "athens-proxy.labels" . | nindent 4 }}
name: {{ include "athens-proxy.fullname" . }}
spec:
{{- with .Values.service.externalIPs }}
externalIPs:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- if .Values.service.externalTrafficPolicy }}
externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }}
{{- end }}
{{- if and .Values.service.loadBalancerClass (eq .Values.service.type "LoadBalancer") }}
loadBalancerClass: {{ .Values.service.loadBalancerClass }}
{{- end }}
{{- if and .Values.service.loadBalancerIP (eq .Values.service.type "LoadBalancer") }}
loadBalancerIP: {{ .Values.service.loadBalancerIP }}
{{- end }}
{{- with .Values.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{- toYaml . | nindent 2 }}
{{- end }}
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.port }}
targetPort: {{ .Values.service.targetPort }}
protocol: TCP
name: {{ .Values.service.name }}
selector:
{{- include "athens-proxy.selectorLabels" . | nindent 4 }}

10
templates/serviceAccount.yaml Normal file
View File

@ -0,0 +1,10 @@
apiVersion: v1
kind: ServiceAccount
metadata:
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
labels:
{{- include "athens-proxy.labels" . | nindent 4 }}
name: {{ include "athens-proxy.fullname" . }}

15
templates/tests/test-connection.yaml Normal file
View File

@ -0,0 +1,15 @@
apiVersion: v1
kind: Pod
metadata:
name: "{{ include "athens-proxy.fullname" . }}-test-connection"
labels:
{{- include "athens-proxy.labels" . | nindent 4 }}
annotations:
"helm.sh/hook": test
spec:
containers:
- name: wget
image: busybox
command: ['wget']
args: ['{{ include "athens-proxy.fullname" . }}:{{ .Values.service.port }}']
restartPolicy: Never

187
values.yaml Normal file
View File

@ -0,0 +1,187 @@
affinity: {}
image:
repository: docker.io/gomods/athens
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: ""
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
podAnnotations: {}
podPriorityClassName: ""
podSecurityContext: {}
# fsGroup: 2000
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
config: {}
# ATHENS_AZURE_ACCOUNT_KEY:
# ATHENS_AZURE_ACCOUNT_NAME:
# ATHENS_AZURE_CONTAINER_NAME:
# ATHENS_CLOUD_RUNTIME:
# ATHENS_DOWNLOAD_MODE:
# ATHENS_DOWNLOAD_URL:
# ATHENS_ETCD_ENDPOINTS:
# ATHENS_EXTERNAL_STORAGE_URL:
# ATHENS_FILTER_FILE:
# ATHENS_GITHUB_TOKEN:
# ATHENS_GLOBAL_ENDPOINT:
# ATHENS_GO_BINARY_ENV_VARS:
# ATHENS_GOGET_DIR:
# ATHENS_GOGET_WORKERS:
# ATHENS_GONOSUM_PATTERNS:
# ATHENS_HGRC_PATH:
# ATHENS_INDEX_MYSQL_DATABASE:
# ATHENS_INDEX_MYSQL_HOST:
# ATHENS_INDEX_MYSQL_PARAMS:
# ATHENS_INDEX_MYSQL_PASSWORD:
# ATHENS_INDEX_MYSQL_PORT:
# ATHENS_INDEX_MYSQL_PROTOCOL:
# ATHENS_INDEX_MYSQL_USER:
# ATHENS_INDEX_POSTGRES_DATABASE:
# ATHENS_INDEX_POSTGRES_HOST:
# ATHENS_INDEX_POSTGRES_PARAMS:
# ATHENS_INDEX_POSTGRES_PASSWORD:
# ATHENS_INDEX_POSTGRES_PORT:
# ATHENS_INDEX_POSTGRES_USER:
# ATHENS_INDEX_TYPE:
# ATHENS_LOG_LEVEL:
# ATHENS_MINIO_ACCESS_KEY_ID:
# ATHENS_MINIO_BUCKET_NAME:
# ATHENS_MINIO_ENDPOINT:
# ATHENS_MINIO_REGION:
# ATHENS_MINIO_SECRET_ACCESS_KEY:
# ATHENS_MINIO_USE_SSL:
# ATHENS_MONGO_CERT_PATH:
# ATHENS_MONGO_DEFAULT_DATABASE:
# ATHENS_MONGO_INSECURE:
# ATHENS_MONGO_STORAGE_URL:
# ATHENS_NETRC_PATH:
# ATHENS_PATH_PREFIX:
# ATHENS_PORT:
# ATHENS_PROTOCOL_WORKERS:
# ATHENS_PROXY_VALIDATOR:
# ATHENS_REDIS_ENDPOINT:
# ATHENS_REDIS_PASSWORD:
# ATHENS_REDIS_SENTINEL_ENDPOINTS:
# ATHENS_ROBOTS_FILE:
# ATHENS_SINGLE_FLIGHT_TYPE:
# ATHENS_STATS_EXPORTER:
# ATHENS_STORAGE_GCP_BUCKET:
# ATHENS_STORAGE_GCP_JSON_KEY:
# ATHENS_STORAGE_TYPE:
# ATHENS_SUM_DBS:
# ATHENS_TIMEOUT:
# ATHENS_TLSCERT_FILE:
# ATHENS_TLSKEY_FILE:
# ATHENS_TRACE_EXPORTER_URL:
# ATHENS_TRACE_EXPORTER:
# AWS_ACCESS_KEY_ID:
# AWS_ENDPOINT:
# AWS_FORCE_PATH_STYLE:
# AWS_REGION:
# AWS_SECRET_ACCESS_KEY:
# AWS_SESSION_TOKEN:
# BASIC_AUTH_PASS:
# BASIC_AUTH_USER:
# CDN_ENDPOINT:
# GO_BINARY_PATH:
# GO_ENV:
# GOOGLE_CLOUD_PROJECT:
# MY_S3_BUCKET_NAME:
# PROXY_FORCE_SSL:
replicaCount: 1
serviceAccount:
annotations: {}
service:
annotations: {}
# externalIPs: []
# externalTrafficPolicy: "Cluster"
# loadBalancerClass: ""
# loadBalancerIP: ""
# loadBalancerSourceRanges: []
# internalTrafficPolicy: "Cluster"
name: http
targetPort: 3000
type: ClusterIP
port: 3000
ingress:
enabled: false
className: "nginx"
annotations: {}
# kubernetes.io/ingress.class: nginx
# cert-manager.io/issuer:
# kubernetes.io/tls-acme: "true"
hosts:
- host: "your-hostname"
paths:
- path: /
pathType: ImplementationSpecific
tls:
- secretName: "your-tls-secret"
hosts:
- "your-hostname"
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
nodeSelector:
kubernetes.io/arch: amd64
tolerations: []
# extra volumes for the pod
extraVolumes: {}
# The following example mount the same secret, which contains tls certificates
# under different names. Each volume mount contains only selected items of the
# secret. This make it easier to place the items on different locations inside the
# container filesystem via extraVolumeMounts.
# - name: custom-ca-anchor
# secret:
# secretName: athens-proxy-custom-tls-certificates
# items:
# - key: ca.crt
# path: ca.crt
# mode: 0444
# - name: custom-tls-certificates
# secret:
# secretName: athens-proxy-custom-tls-certificates
# items:
# - key: tls.key
# path: tls.key
# mode: 0400
# - key: tls.crt
# path: tls.crt
# mode: 0444
extraVolumeMounts: {}
# The following example follows the example of extraVolumes and mounts the
# volumes to the corresponding paths in the container filesystem.
# - name: custom-ca-anchor
# mountPath: /usr/local/share/ca-certificates
# - name: custom-tls-certificates
# mountPath: /etc/athens-proxy/tls