You've already forked athens-proxy-charts
fix: improve chart
This commit is contained in:
114
.gitea/scripts/add-annotations.sh
Executable file
114
.gitea/scripts/add-annotations.sh
Executable file
@@ -0,0 +1,114 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
CHART_FILE="Chart.yaml"
|
||||||
|
if [ ! -f "${CHART_FILE}" ]; then
|
||||||
|
echo "ERROR: ${CHART_FILE} not found!" 1>&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
DEFAULT_NEW_TAG="$(git tag --sort=-version:refname | head -n 1)"
|
||||||
|
DEFAULT_OLD_TAG="$(git tag --sort=-version:refname | head -n 2 | tail -n 1)"
|
||||||
|
|
||||||
|
if [ -z "${1}" ]; then
|
||||||
|
read -p "Enter start tag [${DEFAULT_OLD_TAG}]: " OLD_TAG
|
||||||
|
if [ -z "${OLD_TAG}" ]; then
|
||||||
|
OLD_TAG="${DEFAULT_OLD_TAG}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
while [ -z "$(git tag --list "${OLD_TAG}")" ]; do
|
||||||
|
echo "ERROR: Tag '${OLD_TAG}' not found!" 1>&2
|
||||||
|
read -p "Enter start tag [${DEFAULT_OLD_TAG}]: " OLD_TAG
|
||||||
|
if [ -z "${OLD_TAG}" ]; then
|
||||||
|
OLD_TAG="${DEFAULT_OLD_TAG}"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
else
|
||||||
|
OLD_TAG=${1}
|
||||||
|
if [ -z "$(git tag --list "${OLD_TAG}")" ]; then
|
||||||
|
echo "ERROR: Tag '${OLD_TAG}' not found!" 1>&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -z "${2}" ]; then
|
||||||
|
read -p "Enter end tag [${DEFAULT_NEW_TAG}]: " NEW_TAG
|
||||||
|
if [ -z "${NEW_TAG}" ]; then
|
||||||
|
NEW_TAG="${DEFAULT_NEW_TAG}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
while [ -z "$(git tag --list "${NEW_TAG}")" ]; do
|
||||||
|
echo "ERROR: Tag '${NEW_TAG}' not found!" 1>&2
|
||||||
|
read -p "Enter end tag [${DEFAULT_NEW_TAG}]: " NEW_TAG
|
||||||
|
if [ -z "${NEW_TAG}" ]; then
|
||||||
|
NEW_TAG="${DEFAULT_NEW_TAG}"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
else
|
||||||
|
NEW_TAG=${2}
|
||||||
|
|
||||||
|
if [ -z "$(git tag --list "${NEW_TAG}")" ]; then
|
||||||
|
echo "ERROR: Tag '${NEW_TAG}' not found!" 1>&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
CHANGE_LOG_YAML=$(mktemp)
|
||||||
|
echo "[]" > "${CHANGE_LOG_YAML}"
|
||||||
|
|
||||||
|
function map_type_to_kind() {
|
||||||
|
case "${1}" in
|
||||||
|
feat)
|
||||||
|
echo "added"
|
||||||
|
;;
|
||||||
|
fix)
|
||||||
|
echo "fixed"
|
||||||
|
;;
|
||||||
|
chore|style|test|ci|docs|refac)
|
||||||
|
echo "changed"
|
||||||
|
;;
|
||||||
|
revert)
|
||||||
|
echo "removed"
|
||||||
|
;;
|
||||||
|
sec)
|
||||||
|
echo "security"
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "skip"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
}
|
||||||
|
|
||||||
|
COMMIT_TITLES="$(git log --pretty=format:"%s" "${OLD_TAG}..${NEW_TAG}")"
|
||||||
|
|
||||||
|
echo "INFO: Generate change log entries from ${OLD_TAG} until ${NEW_TAG}"
|
||||||
|
|
||||||
|
while IFS= read -r line; do
|
||||||
|
if [[ "${line}" =~ ^([a-zA-Z]+)(\([^\)]+\))?\:\ (.+)$ ]]; then
|
||||||
|
TYPE="${BASH_REMATCH[1]}"
|
||||||
|
KIND=$(map_type_to_kind "${TYPE}")
|
||||||
|
|
||||||
|
if [ "${KIND}" == "skip" ]; then
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
|
||||||
|
DESC="${BASH_REMATCH[3]}"
|
||||||
|
|
||||||
|
echo "- ${KIND}: ${DESC}"
|
||||||
|
|
||||||
|
jq --arg kind "${KIND}" --arg description "${DESC}" '. += [ $ARGS.named ]' < "${CHANGE_LOG_YAML}" > "${CHANGE_LOG_YAML}.new"
|
||||||
|
mv "${CHANGE_LOG_YAML}.new" "${CHANGE_LOG_YAML}"
|
||||||
|
|
||||||
|
fi
|
||||||
|
done <<< "${COMMIT_TITLES}"
|
||||||
|
|
||||||
|
if [ -s "${CHANGE_LOG_YAML}" ]; then
|
||||||
|
yq --inplace --input-format json --output-format yml "${CHANGE_LOG_YAML}"
|
||||||
|
yq --no-colors --inplace ".annotations.\"artifacthub.io/changes\" |= loadstr(\"${CHANGE_LOG_YAML}\") | sort_keys(.)" "${CHART_FILE}"
|
||||||
|
else
|
||||||
|
echo "ERROR: Changelog file is empty: ${CHANGE_LOG_YAML}" 1>&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
rm "${CHANGE_LOG_YAML}"
|
@@ -11,12 +11,12 @@ jobs:
|
|||||||
image: docker.io/volkerraschek/helm:3.19.0
|
image: docker.io/volkerraschek/helm:3.19.0
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- name: Install tooling
|
- name: Install packages via apk
|
||||||
run: |
|
run: |
|
||||||
apk update
|
apk update
|
||||||
apk add git npm yq
|
apk add git npm jq yq
|
||||||
|
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5.0.0
|
||||||
with:
|
with:
|
||||||
fetch-depth: 0
|
fetch-depth: 0
|
||||||
|
|
||||||
@@ -26,7 +26,21 @@ jobs:
|
|||||||
OLD_TAG="$(git tag --sort=-version:refname | head -n 2 | tail -n 1)"
|
OLD_TAG="$(git tag --sort=-version:refname | head -n 2 | tail -n 1)"
|
||||||
.gitea/scripts/add-annotations.sh "${OLD_TAG}" "${NEW_TAG}"
|
.gitea/scripts/add-annotations.sh "${OLD_TAG}" "${NEW_TAG}"
|
||||||
|
|
||||||
|
- name: Extract meta information
|
||||||
|
run: |
|
||||||
|
echo "PACKAGE_VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV
|
||||||
|
echo "REPOSITORY_NAME=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 2 | sed --regexp-extended 's/-charts?//g')" >> $GITHUB_ENV
|
||||||
|
echo "REPOSITORY_OWNER=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 1)" >> $GITHUB_ENV
|
||||||
|
|
||||||
|
- name: Update Helm Chart version in README.md
|
||||||
|
run: sed -i -E "s/^CHART_VERSION=.*/CHART_VERSION=${PACKAGE_VERSION}/g" README.md
|
||||||
|
|
||||||
- name: Package chart
|
- name: Package chart
|
||||||
|
run: |
|
||||||
|
helm dependency build
|
||||||
|
helm package --version "${PACKAGE_VERSION}" ./
|
||||||
|
|
||||||
|
- name: Upload Chart to ChartMuseum
|
||||||
env:
|
env:
|
||||||
CHARTMUSEUM_PASSWORD: ${{ secrets.CHARTMUSEUM_PASSWORD }}
|
CHARTMUSEUM_PASSWORD: ${{ secrets.CHARTMUSEUM_PASSWORD }}
|
||||||
CHARTMUSEUM_REPOSITORY: ${{ vars.CHARTMUSEUM_REPOSITORY }}
|
CHARTMUSEUM_REPOSITORY: ${{ vars.CHARTMUSEUM_REPOSITORY }}
|
||||||
@@ -48,7 +62,11 @@ jobs:
|
|||||||
helm cm-push ${REPOSITORY_NAME}-${PACKAGE_VERSION}.tgz chartmuseum
|
helm cm-push ${REPOSITORY_NAME}-${PACKAGE_VERSION}.tgz chartmuseum
|
||||||
helm repo remove chartmuseum
|
helm repo remove chartmuseum
|
||||||
|
|
||||||
# gitea
|
- name: Upload Chart to Gitea
|
||||||
|
env:
|
||||||
|
GITEA_PACKAGE_REGISTRY_TOKEN: ${{ secrets.GIT_CRYPTIC_SYSTEMS_PACKAGE_REGISTRY_TOKEN }}
|
||||||
|
GITEA_SERVER_URL: ${{ github.server_url }}
|
||||||
|
run: |
|
||||||
helm repo add --username ${REPOSITORY_OWNER} --password ${GITEA_PACKAGE_REGISTRY_TOKEN} gitea ${GITEA_SERVER_URL}/api/packages/${REPOSITORY_OWNER}/helm
|
helm repo add --username ${REPOSITORY_OWNER} --password ${GITEA_PACKAGE_REGISTRY_TOKEN} gitea ${GITEA_SERVER_URL}/api/packages/${REPOSITORY_OWNER}/helm
|
||||||
helm cm-push ${REPOSITORY_NAME}-${PACKAGE_VERSION}.tgz gitea
|
helm cm-push ${REPOSITORY_NAME}-${PACKAGE_VERSION}.tgz gitea
|
||||||
helm repo remove gitea
|
helm repo remove gitea
|
||||||
|
3
.gitignore
vendored
3
.gitignore
vendored
@@ -4,3 +4,6 @@ target
|
|||||||
values2.yml
|
values2.yml
|
||||||
values2.yaml
|
values2.yaml
|
||||||
*.tgz
|
*.tgz
|
||||||
|
|
||||||
|
install.sh
|
||||||
|
uninstall.sh
|
8
.vscode/extensions.json
vendored
Normal file
8
.vscode/extensions.json
vendored
Normal file
@@ -0,0 +1,8 @@
|
|||||||
|
{
|
||||||
|
"recommendations": [
|
||||||
|
"DavidAnson.vscode-markdownlint",
|
||||||
|
"esbenp.prettier-vscode",
|
||||||
|
"Tim-Koehler.helm-intellisense",
|
||||||
|
"yzhang.markdown-all-in-one"
|
||||||
|
]
|
||||||
|
}
|
8
.vscode/settings.json
vendored
Normal file
8
.vscode/settings.json
vendored
Normal file
@@ -0,0 +1,8 @@
|
|||||||
|
{
|
||||||
|
"yaml.schemas": {
|
||||||
|
"https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.5.2/schema/helm-testsuite.json": [
|
||||||
|
"/unittests/**/*.yaml"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"yaml.schemaStore.enable": true
|
||||||
|
}
|
20
.yamllint.yaml
Normal file
20
.yamllint.yaml
Normal file
@@ -0,0 +1,20 @@
|
|||||||
|
---
|
||||||
|
extends: default
|
||||||
|
|
||||||
|
ignore: |
|
||||||
|
.yamllint
|
||||||
|
node_modules
|
||||||
|
templates
|
||||||
|
|
||||||
|
|
||||||
|
rules:
|
||||||
|
truthy:
|
||||||
|
allowed-values: ['true', 'false']
|
||||||
|
check-keys: False
|
||||||
|
level: error
|
||||||
|
line-length: disable
|
||||||
|
document-start: disable
|
||||||
|
comments:
|
||||||
|
min-spaces-from-content: 1
|
||||||
|
braces:
|
||||||
|
max-spaces-inside: 2
|
@@ -1,3 +1,9 @@
|
|||||||
|
annotations:
|
||||||
|
artifacthub.io/links: |
|
||||||
|
- name: Athens proxy (binary)
|
||||||
|
url: https://github.com/gomods/athens
|
||||||
|
- name: support
|
||||||
|
url: https://git.cryptic.systems/volker.raschek/athens-proxy/issues
|
||||||
apiVersion: v2
|
apiVersion: v2
|
||||||
name: athens-proxy
|
name: athens-proxy
|
||||||
description: Athens proxy server for golang
|
description: Athens proxy server for golang
|
||||||
|
4
package-lock.json
generated
4
package-lock.json
generated
@@ -1,10 +1,10 @@
|
|||||||
{
|
{
|
||||||
"name": "athens-proxy-chart",
|
"name": "athens-proxy-charts",
|
||||||
"lockfileVersion": 3,
|
"lockfileVersion": 3,
|
||||||
"requires": true,
|
"requires": true,
|
||||||
"packages": {
|
"packages": {
|
||||||
"": {
|
"": {
|
||||||
"name": "athens-proxy-chart",
|
"name": "athens-proxy-charts",
|
||||||
"license": "MIT",
|
"license": "MIT",
|
||||||
"devDependencies": {
|
"devDependencies": {
|
||||||
"@bitnami/readme-generator-for-helm": "^2.5.0",
|
"@bitnami/readme-generator-for-helm": "^2.5.0",
|
||||||
|
@@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "athens-proxy-chart",
|
"name": "athens-proxy-charts",
|
||||||
"homepage": "https://git.cryptic.systems/volker.raschek/athens-proxy-chart.git",
|
"homepage": "https://git.cryptic.systems/volker.raschek/athens-proxy-charts.git",
|
||||||
"license": "MIT",
|
"license": "MIT",
|
||||||
"private": true,
|
"private": true,
|
||||||
"engineStrict": true,
|
"engineStrict": true,
|
||||||
|
@@ -25,8 +25,8 @@
|
|||||||
"matchStrings": [
|
"matchStrings": [
|
||||||
"VERSION=(?<currentValue>.*)"
|
"VERSION=(?<currentValue>.*)"
|
||||||
],
|
],
|
||||||
"depNameTemplate": "volker.raschek/athens-proxy-chart",
|
"depNameTemplate": "volker.raschek/athens-proxy-charts",
|
||||||
"packageNameTemplate": "https://git.cryptic.systems/volker.raschek/athens-proxy-chart",
|
"packageNameTemplate": "https://git.cryptic.systems/volker.raschek/athens-proxy-charts",
|
||||||
"datasourceTemplate": "git-tags",
|
"datasourceTemplate": "git-tags",
|
||||||
"versioningTemplate": "semver"
|
"versioningTemplate": "semver"
|
||||||
}
|
}
|
||||||
@@ -56,7 +56,7 @@
|
|||||||
],
|
],
|
||||||
"automerge": true,
|
"automerge": true,
|
||||||
"matchDepNames": [
|
"matchDepNames": [
|
||||||
"volker.raschek/athens-proxy-chart"
|
"volker.raschek/athens-proxy-charts"
|
||||||
],
|
],
|
||||||
"matchUpdateTypes": [
|
"matchUpdateTypes": [
|
||||||
"major",
|
"major",
|
||||||
|
@@ -1,3 +1,4 @@
|
|||||||
|
{{/* vim: set filetype=mustache: */}}
|
||||||
{{/*
|
{{/*
|
||||||
Expand the name of the chart.
|
Expand the name of the chart.
|
||||||
*/}}
|
*/}}
|
||||||
@@ -30,20 +31,26 @@ Create chart name and version as used by the chart label.
|
|||||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
|
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
{{/*
|
||||||
|
Common annotations
|
||||||
|
*/}}
|
||||||
|
{{- define "athens-proxy.annotations" -}}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
{{/*
|
{{/*
|
||||||
Common labels
|
Common labels
|
||||||
*/}}
|
*/}}
|
||||||
{{- define "athens-proxy.labels" -}}
|
{{- define "athens-proxy.labels" -}}
|
||||||
helm.sh/chart: {{ include "athens-proxy.chart" . }}
|
|
||||||
{{ include "athens-proxy.selectorLabels" . }}
|
{{ include "athens-proxy.selectorLabels" . }}
|
||||||
{{- if .Chart.AppVersion }}
|
{{- if .Chart.AppVersion }}
|
||||||
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
|
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||||
|
helm.sh/chart: {{ include "athens-proxy.chart" . }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
{{/*
|
{{/*
|
||||||
Selector labels
|
Common selector labels
|
||||||
*/}}
|
*/}}
|
||||||
{{- define "athens-proxy.selectorLabels" -}}
|
{{- define "athens-proxy.selectorLabels" -}}
|
||||||
app.kubernetes.io/name: {{ include "athens-proxy.name" . }}
|
app.kubernetes.io/name: {{ include "athens-proxy.name" . }}
|
33
templates/athens-proxy/_configMap.tpl
Normal file
33
templates/athens-proxy/_configMap.tpl
Normal file
@@ -0,0 +1,33 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
{{/* annotations */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.configMap.downloadMode.annotations" -}}
|
||||||
|
{{ include "athens-proxy.annotations" . }}
|
||||||
|
{{- if .Values.config.downloadMode.configMap.annotations }}
|
||||||
|
{{ toYaml .Values.config.downloadMode.configMap.annotations }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.configMap.gitConfig.annotations" -}}
|
||||||
|
{{ include "athens-proxy.annotations" . }}
|
||||||
|
{{- if .Values.config.gitConfig.configMap.annotations }}
|
||||||
|
{{ toYaml .Values.config.gitConfig.configMap.annotations }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{/* labels */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.configMap.downloadMode.labels" -}}
|
||||||
|
{{ include "athens-proxy.labels" . }}
|
||||||
|
{{- if .Values.config.downloadMode.configMap.labels }}
|
||||||
|
{{ toYaml .Values.config.downloadMode.configMap.labels }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.configMap.gitConfig.labels" -}}
|
||||||
|
{{ include "athens-proxy.labels" . }}
|
||||||
|
{{- if .Values.config.gitConfig.configMap.labels }}
|
||||||
|
{{ toYaml .Values.config.gitConfig.configMap.labels }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
79
templates/athens-proxy/_deployment.tpl
Normal file
79
templates/athens-proxy/_deployment.tpl
Normal file
@@ -0,0 +1,79 @@
|
|||||||
|
{{/* vim: set filetype=mustache: */}}
|
||||||
|
|
||||||
|
{{/* annotations */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.deployment.annotations" -}}
|
||||||
|
{{ include "athens-proxy.annotations" . }}
|
||||||
|
{{- if .Values.deployment.annotations }}
|
||||||
|
{{ toYaml .Values.deployment.annotations }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{/* env */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.deployment.env" -}}
|
||||||
|
{{- $env := dict "env" (.Values.deployment.athensProxy.env | default (list) ) }}
|
||||||
|
{{- if and .Values.persistence.enabled }}
|
||||||
|
{{- $env = merge $env (dict "env" (list (dict "name" "ATHENS_STORAGE_TYPE" "value" "disk") (dict "name" "ATHENS_DISK_STORAGE_ROOT" "value" .Values.persistence.data.mountPath)))}}
|
||||||
|
{{- end }}
|
||||||
|
{{- if and (hasKey .Values.deployment.athensProxy.resources "limits") (hasKey .Values.deployment.athensProxy.resources.limits "cpu") }}
|
||||||
|
{{- $env = merge $env (dict "env" (list (dict "name" "GOMAXPROCS" "valueFrom" (dict "resourceFieldRef" (dict "divisor" "1" "resource" "limits.cpu"))))) }}
|
||||||
|
{{- end }}
|
||||||
|
{{ toYaml $env }}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
|
||||||
|
{{/* envFrom */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.deployment.envFrom" -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{/* image */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.deployment.images.athens-proxy.fqin" -}}
|
||||||
|
{{- $registry := .Values.deployment.athensProxy.image.registry -}}
|
||||||
|
{{- $repository := .Values.deployment.athensProxy.image.repository -}}
|
||||||
|
{{- $tag := default .Chart.AppVersion .Values.deployment.athensProxy.image.tag -}}
|
||||||
|
{{- printf "%s/%s:v%s" $registry $repository $tag -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{/* labels */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.deployment.labels" -}}
|
||||||
|
{{ include "athens-proxy.labels" . }}
|
||||||
|
{{- if .Values.deployment.labels }}
|
||||||
|
{{ toYaml .Values.deployment.labels }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{/* serviceAccount */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.deployment.serviceAccount" -}}
|
||||||
|
{{- if .Values.serviceAccount.existing.enabled -}}
|
||||||
|
{{- printf "%s" .Values.serviceAccount.existing.serviceAccountName -}}
|
||||||
|
{{- else -}}
|
||||||
|
{{- include "athens-proxy.fullname" . -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{/* volumeMounts */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.deployment.volumeMounts" -}}
|
||||||
|
{{- $volumeMounts := dict "volumeMounts" (.Values.deployment.athensProxy.volumeMounts | default (list) ) }}
|
||||||
|
{{- if .Values.persistence.enabled }}
|
||||||
|
{{- $volumeMounts = merge $volumeMounts (dict "volumeMounts" (list (dict "name" "data" "mountPath" .Values.persistence.data.mountPath))) }}
|
||||||
|
{{- end }}
|
||||||
|
{{ toYaml $volumeMounts }}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{/* volumes */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.deployment.volumes" -}}
|
||||||
|
{{- $volumes := dict "volumes" (.Values.deployment.athensProxy.volumes | default (list) ) }}
|
||||||
|
{{- if and .Values.persistence.enabled (not .Values.persistence.data.existingPersistentVolumeClaim.enabled) }}
|
||||||
|
{{- $volumes = merge $volumes (dict "volumes" (list (dict "name" "data" "persistentVolumeClaim" (dict "claimName" (include "athens-proxy.persistentVolumeClaim.data.name" $))))) }}
|
||||||
|
{{- else if and .Values.persistence.enabled .Values.persistence.data.existingPersistentVolumeClaim.enabled }}
|
||||||
|
{{- $volumes = merge $volumes (dict "volumes" (list (dict "name" "data" "persistentVolumeClaim" (dict "claimName" .Values.persistence.data.existingPersistentVolumeClaim.persistentVolumeClaimName)))) }}
|
||||||
|
{{- end }}
|
||||||
|
{{ toYaml $volumes }}
|
||||||
|
{{- end -}}
|
19
templates/athens-proxy/_hpa.tpl
Normal file
19
templates/athens-proxy/_hpa.tpl
Normal file
@@ -0,0 +1,19 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
{{/* annotations */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.hpa.annotations" -}}
|
||||||
|
{{ include "athens-proxy.annotations" . }}
|
||||||
|
{{- if .Values.hpa.annotations }}
|
||||||
|
{{ toYaml .Values.hpa.annotations }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{/* labels */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.hpa.labels" -}}
|
||||||
|
{{ include "athens-proxy.labels" . }}
|
||||||
|
{{- if .Values.hpa.labels }}
|
||||||
|
{{ toYaml .Values.hpa.labels }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
19
templates/athens-proxy/_ingress.tpl
Normal file
19
templates/athens-proxy/_ingress.tpl
Normal file
@@ -0,0 +1,19 @@
|
|||||||
|
{{/* vim: set filetype=mustache: */}}
|
||||||
|
|
||||||
|
{{/* annotations */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.ingress.annotations" -}}
|
||||||
|
{{ include "athens-proxy.annotations" . }}
|
||||||
|
{{- if .Values.ingress.annotations }}
|
||||||
|
{{ toYaml .Values.ingress.annotations }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{/* labels */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.ingress.labels" -}}
|
||||||
|
{{ include "athens-proxy.labels" . }}
|
||||||
|
{{- if .Values.ingress.labels }}
|
||||||
|
{{ toYaml .Values.ingress.labels }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
19
templates/athens-proxy/_networkPolicies.tpl
Normal file
19
templates/athens-proxy/_networkPolicies.tpl
Normal file
@@ -0,0 +1,19 @@
|
|||||||
|
{{/* vim: set filetype=mustache: */}}
|
||||||
|
|
||||||
|
{{/* annotations */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.networkPolicies.annotations" -}}
|
||||||
|
{{ include "athens-proxy.annotations" .context }}
|
||||||
|
{{- if .networkPolicy.annotations }}
|
||||||
|
{{ toYaml .networkPolicy.annotations }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{/* labels */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.networkPolicies.labels" -}}
|
||||||
|
{{ include "athens-proxy.labels" .context }}
|
||||||
|
{{- if .networkPolicy.labels }}
|
||||||
|
{{ toYaml .networkPolicy.labels }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
25
templates/athens-proxy/_persistentVolumeClaim.tpl
Normal file
25
templates/athens-proxy/_persistentVolumeClaim.tpl
Normal file
@@ -0,0 +1,25 @@
|
|||||||
|
{{/* vim: set filetype=mustache: */}}
|
||||||
|
|
||||||
|
{{/* annotations */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.persistentVolumeClaim.data.annotations" -}}
|
||||||
|
{{ include "athens-proxy.annotations" . }}
|
||||||
|
{{- if .Values.persistence.data.persistentVolumeClaim.annotations }}
|
||||||
|
{{ toYaml .Values.persistence.data.persistentVolumeClaim.annotations}}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{/* labels */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.persistentVolumeClaim.data.labels" -}}
|
||||||
|
{{ include "athens-proxy.labels" . }}
|
||||||
|
{{- if .Values.persistence.data.persistentVolumeClaim.labels }}
|
||||||
|
{{ toYaml .Values.persistence.data.persistentVolumeClaim.labels}}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{/* name */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.persistentVolumeClaim.data.name" -}}
|
||||||
|
{{ include "athens-proxy.fullname" . }}-data
|
||||||
|
{{- end }}
|
17
templates/athens-proxy/_pod.tpl
Normal file
17
templates/athens-proxy/_pod.tpl
Normal file
@@ -0,0 +1,17 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
{{/* annotations */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.pod.annotations" -}}
|
||||||
|
{{ include "athens-proxy.annotations" . }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{/* labels */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.pod.labels" -}}
|
||||||
|
{{ include "athens-proxy.labels" . }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.pod.selectorLabels" -}}
|
||||||
|
{{ include "athens-proxy.selectorLabels" . }}
|
||||||
|
{{- end }}
|
47
templates/athens-proxy/_secrets.tpl
Normal file
47
templates/athens-proxy/_secrets.tpl
Normal file
@@ -0,0 +1,47 @@
|
|||||||
|
{{/* vim: set filetype=mustache: */}}
|
||||||
|
|
||||||
|
{{/* annotations */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.secrets.env.annotations" -}}
|
||||||
|
{{ include "athens-proxy.annotations" . }}
|
||||||
|
{{- if .Values.config.env.secret.annotations }}
|
||||||
|
{{ toYaml .Values.config.env.secret.annotations }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.secrets.netrc.annotations" -}}
|
||||||
|
{{ include "athens-proxy.annotations" . }}
|
||||||
|
{{- if .Values.config.netrc.secret.annotations }}
|
||||||
|
{{ toYaml .Values.config.netrc.secret.annotations }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.secrets.ssh.annotations" -}}
|
||||||
|
{{ include "athens-proxy.annotations" . }}
|
||||||
|
{{- if .Values.config.ssh.secret.annotations }}
|
||||||
|
{{ toYaml .Values.config.ssh.secret.annotations }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{/* labels */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.secrets.env.labels" -}}
|
||||||
|
{{ include "athens-proxy.labels" . }}
|
||||||
|
{{- if .Values.config.env.secret.labels }}
|
||||||
|
{{ toYaml .Values.config.env.secret.labels }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.secrets.netrc.labels" -}}
|
||||||
|
{{ include "athens-proxy.labels" . }}
|
||||||
|
{{- if .Values.config.netrc.secret.labels }}
|
||||||
|
{{ toYaml .Values.config.netrc.secret.labels }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.secrets.ssh.labels" -}}
|
||||||
|
{{ include "athens-proxy.labels" . }}
|
||||||
|
{{- if .Values.config.ssh.secret.labels }}
|
||||||
|
{{ toYaml .Values.config.ssh.secret.labels }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
17
templates/athens-proxy/_serviceAccount.tpl
Normal file
17
templates/athens-proxy/_serviceAccount.tpl
Normal file
@@ -0,0 +1,17 @@
|
|||||||
|
{{/* vim: set filetype=mustache: */}}
|
||||||
|
|
||||||
|
{{/* annotations */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.serviceAccount.annotations" -}}
|
||||||
|
{{- if .Values.serviceAccount.new.annotations }}
|
||||||
|
{{ toYaml .Values.serviceAccount.new.annotations }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{/* labels */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.serviceAccount.labels" -}}
|
||||||
|
{{- if .Values.serviceAccount.new.labels }}
|
||||||
|
{{ toYaml .Values.serviceAccount.new.labels }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
29
templates/athens-proxy/_services.tpl
Normal file
29
templates/athens-proxy/_services.tpl
Normal file
@@ -0,0 +1,29 @@
|
|||||||
|
{{/* vim: set filetype=mustache: */}}
|
||||||
|
|
||||||
|
{{/* annotations */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.services.http.annotations" -}}
|
||||||
|
{{ include "athens-proxy.annotations" . }}
|
||||||
|
{{- if .Values.services.http.annotations }}
|
||||||
|
{{ toYaml .Values.services.http.annotations }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{/* labels */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.services.http.labels" -}}
|
||||||
|
{{ include "athens-proxy.labels" . }}
|
||||||
|
{{/* Add label to select the correct service via `selector.matchLabels` of the serviceMonitor resource. */}}
|
||||||
|
app.kubernetes.io/service-name: http
|
||||||
|
{{- if .Values.services.http.labels }}
|
||||||
|
{{ toYaml .Values.services.http.labels }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{/* names */}}
|
||||||
|
|
||||||
|
{{- define "athens-proxy.services.http.name" -}}
|
||||||
|
{{- if .Values.services.http.enabled -}}
|
||||||
|
{{ include "athens-proxy.fullname" . }}-http
|
||||||
|
{{- end -}}
|
||||||
|
{{- end -}}
|
19
templates/athens-proxy/configMapDownloadMode.yaml
Normal file
19
templates/athens-proxy/configMapDownloadMode.yaml
Normal file
@@ -0,0 +1,19 @@
|
|||||||
|
{{- if not .Values.config.downloadMode.existingConfigMap.enabled }}
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ConfigMap
|
||||||
|
metadata:
|
||||||
|
{{- with (include "athens-proxy.configMap.downloadMode.annotations" . | fromYaml) }}
|
||||||
|
annotations:
|
||||||
|
{{- tpl (toYaml .) $ | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with (include "athens-proxy.configMap.downloadMode.labels" . | fromYaml) }}
|
||||||
|
labels:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
name: {{ include "athens-proxy.fullname" . }}-download-mode-file
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
data:
|
||||||
|
downloadMode: |
|
||||||
|
{{- tpl .Values.config.downloadMode.configMap.content . | nindent 4 }}
|
||||||
|
{{- end }}
|
19
templates/athens-proxy/configMapGitConfig.yaml
Normal file
19
templates/athens-proxy/configMapGitConfig.yaml
Normal file
@@ -0,0 +1,19 @@
|
|||||||
|
{{- if not .Values.config.gitConfig.existingConfigMap.enabled }}
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ConfigMap
|
||||||
|
metadata:
|
||||||
|
{{- with (include "athens-proxy.configMap.gitConfig.annotations" . | fromYaml) }}
|
||||||
|
annotations:
|
||||||
|
{{- tpl (toYaml .) $ | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with (include "athens-proxy.configMap.gitConfig.labels" . | fromYaml) }}
|
||||||
|
labels:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
name: {{ include "athens-proxy.fullname" . }}-git-config
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
data:
|
||||||
|
.gitconfig: |
|
||||||
|
{{- tpl .Values.config.gitConfig.configMap.content . | nindent 4 }}
|
||||||
|
{{- end }}
|
135
templates/athens-proxy/deployment.yaml
Normal file
135
templates/athens-proxy/deployment.yaml
Normal file
@@ -0,0 +1,135 @@
|
|||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
{{- with (include "athens-proxy.deployment.annotations" . | fromYaml) }}
|
||||||
|
annotations:
|
||||||
|
{{- tpl (toYaml .) $ | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with (include "athens-proxy.deployment.labels" . | fromYaml) }}
|
||||||
|
labels:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
name: {{ include "athens-proxy.fullname" . }}
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
spec:
|
||||||
|
replicas: {{ .Values.deployment.replicas }}
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
{{- include "athens-proxy.pod.selectorLabels" . | nindent 6 }}
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
annotations:
|
||||||
|
{{- include "athens-proxy.pod.annotations" . | nindent 8 }}
|
||||||
|
labels:
|
||||||
|
{{- include "athens-proxy.pod.labels" . | nindent 8 }}
|
||||||
|
spec:
|
||||||
|
{{- with .Values.deployment.affinity }}
|
||||||
|
affinity:
|
||||||
|
{{- toYaml . | nindent 8 }}
|
||||||
|
{{- end }}
|
||||||
|
containers:
|
||||||
|
- name: athens-proxy
|
||||||
|
{{- with .Values.deployment.athensProxy.args }}
|
||||||
|
args:
|
||||||
|
{{- toYaml . | nindent 8 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with .Values.deployment.athensProxy.command }}
|
||||||
|
command:
|
||||||
|
{{- toYaml . | nindent 8 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- $env := (include "athens-proxy.deployment.env" . | fromYaml) }}
|
||||||
|
{{- if and (hasKey $env "env") (gt (len $env.env) 0) }}
|
||||||
|
env:
|
||||||
|
{{- toYaml $env.env | nindent 8 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- $envFrom := (include "athens-proxy.deployment.envFrom" . | fromYaml) }}
|
||||||
|
{{- if and (hasKey $envFrom "envFrom") (gt (len $envFrom.envFrom) 0) }}
|
||||||
|
envFrom:
|
||||||
|
{{- toYaml $envFrom.envFrom | nindent 8 }}
|
||||||
|
{{- end }}
|
||||||
|
image: {{ include "athens-proxy.deployment.images.athens-proxy.fqin" . | quote }}
|
||||||
|
imagePullPolicy: {{ .Values.deployment.athensProxy.image.pullPolicy }}
|
||||||
|
livenessProbe:
|
||||||
|
tcpSocket:
|
||||||
|
port: http
|
||||||
|
failureThreshold: 3
|
||||||
|
initialDelaySeconds: 5
|
||||||
|
periodSeconds: 60
|
||||||
|
successThreshold: 1
|
||||||
|
timeoutSeconds: 3
|
||||||
|
readinessProbe:
|
||||||
|
tcpSocket:
|
||||||
|
port: http
|
||||||
|
failureThreshold: 3
|
||||||
|
initialDelaySeconds: 5
|
||||||
|
periodSeconds: 15
|
||||||
|
successThreshold: 1
|
||||||
|
timeoutSeconds: 3
|
||||||
|
ports:
|
||||||
|
- name: http
|
||||||
|
containerPort: 3000
|
||||||
|
protocol: TCP
|
||||||
|
{{- with .Values.deployment.athensProxy.resources }}
|
||||||
|
resources:
|
||||||
|
{{- toYaml . | nindent 10 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with .Values.deployment.athensProxy.securityContext }}
|
||||||
|
securityContext:
|
||||||
|
{{- toYaml . | nindent 10 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- $volumeMounts := (include "athens-proxy.deployment.volumeMounts" . | fromYaml) }}
|
||||||
|
{{- if and (hasKey $volumeMounts "volumeMounts") (gt (len $volumeMounts.volumeMounts) 0) }}
|
||||||
|
volumeMounts:
|
||||||
|
{{- toYaml $volumeMounts.volumeMounts | nindent 8 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with .Values.deployment.dnsConfig }}
|
||||||
|
dnsConfig:
|
||||||
|
{{- toYaml . | nindent 8 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.deployment.dnsPolicy }}
|
||||||
|
dnsPolicy: {{ .Values.deployment.dnsPolicy }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.deployment.hostname }}
|
||||||
|
hostname: {{ .Values.deployment.hostname }}
|
||||||
|
{{- end }}
|
||||||
|
hostNetwork: {{ .Values.deployment.hostNetwork }}
|
||||||
|
{{- with .Values.deployment.imagePullSecrets }}
|
||||||
|
imagePullSecrets:
|
||||||
|
{{- toYaml . | nindent 8 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with .Values.deployment.nodeSelector }}
|
||||||
|
nodeSelector:
|
||||||
|
{{- toYaml . | nindent 8 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.deployment.priorityClassName }}
|
||||||
|
priorityClassName: {{ .Values.deployment.priorityClassName }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.deployment.restartPolicy }}
|
||||||
|
restartPolicy: {{ .Values.deployment.restartPolicy }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with .Values.deployment.securityContext }}
|
||||||
|
securityContext:
|
||||||
|
{{- toYaml . | nindent 8 }}
|
||||||
|
{{- end }}
|
||||||
|
serviceAccount: {{ include "athens-proxy.deployment.serviceAccount" . }}
|
||||||
|
{{- if .Values.deployment.subdomain }}
|
||||||
|
subdomain: {{ .Values.deployment.subdomain }}
|
||||||
|
{{- end }}
|
||||||
|
terminationGracePeriodSeconds: {{ .Values.deployment.terminationGracePeriodSeconds }}
|
||||||
|
{{- with .Values.deployment.tolerations }}
|
||||||
|
tolerations:
|
||||||
|
{{- toYaml . | nindent 6 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with .Values.deployment.topologySpreadConstraints }}
|
||||||
|
topologySpreadConstraints:
|
||||||
|
{{- toYaml . | nindent 6 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- $volumes := (include "athens-proxy.deployment.volumes" . | fromYaml) }}
|
||||||
|
{{- if and (hasKey $volumes "volumes") (gt (len $volumes.volumes) 0) }}
|
||||||
|
volumes:
|
||||||
|
{{- toYaml $volumes.volumes | nindent 6 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with .Values.deployment.strategy }}
|
||||||
|
strategy:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
25
templates/athens-proxy/hpa.yaml
Normal file
25
templates/athens-proxy/hpa.yaml
Normal file
@@ -0,0 +1,25 @@
|
|||||||
|
{{- if .Values.hpa.enabled -}}
|
||||||
|
---
|
||||||
|
apiVersion: autoscaling/v2
|
||||||
|
kind: HorizontalPodAutoscaler
|
||||||
|
metadata:
|
||||||
|
{{- with (include "athens-proxy.hpa.annotations" . | fromYaml) }}
|
||||||
|
annotations:
|
||||||
|
{{- tpl (toYaml .) $ | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with (include "athens-proxy.hpa.labels" . | fromYaml) }}
|
||||||
|
labels:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
name: {{ include "athens-proxy.fullname" . }}
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
spec:
|
||||||
|
metrics:
|
||||||
|
{{- toYaml .Values.hpa.metrics | nindent 2 }}
|
||||||
|
maxReplicas: {{ .Values.hpa.maxReplicas }}
|
||||||
|
minReplicas: {{ .Values.hpa.minReplicas }}
|
||||||
|
scaleTargetRef:
|
||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
name: {{ include "athens-proxy.fullname" . }}
|
||||||
|
{{- end -}}
|
45
templates/athens-proxy/ingress.yaml
Normal file
45
templates/athens-proxy/ingress.yaml
Normal file
@@ -0,0 +1,45 @@
|
|||||||
|
{{- if and .Values.services.http.enabled .Values.ingress.enabled }}
|
||||||
|
---
|
||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
{{- with (include "athens-proxy.ingress.annotations" . | fromYaml) }}
|
||||||
|
annotations:
|
||||||
|
{{- tpl (toYaml .) $ | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with (include "athens-proxy.ingress.labels" . | fromYaml) }}
|
||||||
|
labels:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
name: {{ include "athens-proxy.fullname" . }}
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
spec:
|
||||||
|
ingressClassName: {{ .Values.ingress.className }}
|
||||||
|
rules:
|
||||||
|
{{- range .Values.ingress.hosts }}
|
||||||
|
- host: {{ tpl .host $ | quote }}
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
{{- range .paths }}
|
||||||
|
- path: {{ .path }}
|
||||||
|
{{- if .pathType }}
|
||||||
|
pathType: {{ .pathType }}
|
||||||
|
{{- end }}
|
||||||
|
backend:
|
||||||
|
service:
|
||||||
|
name: {{ include "athens-proxy.services.http.name" $ }}
|
||||||
|
port:
|
||||||
|
number: {{ $.Values.services.http.port }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.ingress.tls }}
|
||||||
|
tls:
|
||||||
|
{{- range .Values.ingress.tls }}
|
||||||
|
- hosts:
|
||||||
|
{{- range .hosts }}
|
||||||
|
- {{ tpl . $ | quote }}
|
||||||
|
{{- end }}
|
||||||
|
secretName: {{ .secretName | quote }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
36
templates/athens-proxy/networkPolicies.yaml
Normal file
36
templates/athens-proxy/networkPolicies.yaml
Normal file
@@ -0,0 +1,36 @@
|
|||||||
|
{{- if .Values.networkPolicies.enabled }}
|
||||||
|
{{- range $key, $value := .Values.networkPolicies -}}
|
||||||
|
{{- if and (not (eq $key "enabled")) $value.enabled }}
|
||||||
|
---
|
||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: NetworkPolicy
|
||||||
|
metadata:
|
||||||
|
{{- with (include "athens-proxy.networkPolicies.annotations" (dict "networkPolicy" $value "context" $) | fromYaml) }}
|
||||||
|
annotations:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with (include "athens-proxy.networkPolicies.labels" (dict "networkPolicy" $value "context" $) | fromYaml) }}
|
||||||
|
labels:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
name: {{ printf "%s-%s" (include "athens-proxy.fullname" $ ) $key }}
|
||||||
|
namespace: {{ $.Release.Namespace }}
|
||||||
|
spec:
|
||||||
|
podSelector:
|
||||||
|
matchLabels:
|
||||||
|
{{- include "athens-proxy.pod.selectorLabels" $ | nindent 6 }}
|
||||||
|
{{- with $value.policyTypes }}
|
||||||
|
policyTypes:
|
||||||
|
{{- toYaml . | nindent 2 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with $value.egress }}
|
||||||
|
egress:
|
||||||
|
{{- toYaml . | nindent 2 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with $value.ingress }}
|
||||||
|
ingress:
|
||||||
|
{{- toYaml . | nindent 2 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
26
templates/athens-proxy/persistentVolumeClaim.yaml
Normal file
26
templates/athens-proxy/persistentVolumeClaim.yaml
Normal file
@@ -0,0 +1,26 @@
|
|||||||
|
{{- if and .Values.persistence.enabled (not .Values.persistence.data.existingPersistentVolumeClaim.enabled) }}
|
||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolumeClaim
|
||||||
|
metadata:
|
||||||
|
{{- with (include "athens-proxy.persistentVolumeClaim.data.annotations" . | fromYaml) }}
|
||||||
|
annotations:
|
||||||
|
{{- tpl (toYaml .) $ | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with (include "athens-proxy.persistentVolumeClaim.data.labels" . | fromYaml) }}
|
||||||
|
labels:
|
||||||
|
{{- tpl (toYaml .) $ | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
name: {{ include "athens-proxy.persistentVolumeClaim.data.name" . }}
|
||||||
|
namespace: {{ $.Release.Namespace }}
|
||||||
|
spec:
|
||||||
|
{{- with .Values.persistence.data.persistentVolumeClaim.accessModes }}
|
||||||
|
accessModes:
|
||||||
|
{{ toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: {{ .Values.persistence.data.persistentVolumeClaim.storageSize }}
|
||||||
|
{{- if .Values.persistence.data.persistentVolumeClaim.storageClassName }}
|
||||||
|
storageClassName: {{ .Values.persistence.data.persistentVolumeClaim.storageClassName }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
20
templates/athens-proxy/secretEnv.yaml
Normal file
20
templates/athens-proxy/secretEnv.yaml
Normal file
@@ -0,0 +1,20 @@
|
|||||||
|
{{- if not .Values.config.env.existingSecret.enabled }}
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
{{- with (include "athens-proxy.secrets.env.annotations" . | fromYaml) }}
|
||||||
|
annotations:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with (include "athens-proxy.secrets.env.labels" . | fromYaml) }}
|
||||||
|
labels:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
name: {{ include "athens-proxy.fullname" . }}-env
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
stringData:
|
||||||
|
{{- range $key, $value := .Values.config.env.secret.envs }}
|
||||||
|
{{ upper $key }}: {{ quote $value }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
19
templates/athens-proxy/secretNetRC.yaml
Normal file
19
templates/athens-proxy/secretNetRC.yaml
Normal file
@@ -0,0 +1,19 @@
|
|||||||
|
{{- if not .Values.config.netrc.existingSecret.enabled }}
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
{{- with (include "athens-proxy.secrets.netrc.annotations" . | fromYaml) }}
|
||||||
|
annotations:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with (include "athens-proxy.secrets.netrc.labels" . | fromYaml) }}
|
||||||
|
labels:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
name: {{ include "athens-proxy.fullname" . }}-netrc
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
stringData:
|
||||||
|
.netrc: |
|
||||||
|
{{- tpl .Values.config.netrc.secret.content . | nindent 4 }}
|
||||||
|
{{- end }}
|
35
templates/athens-proxy/secretSSH.yaml
Normal file
35
templates/athens-proxy/secretSSH.yaml
Normal file
@@ -0,0 +1,35 @@
|
|||||||
|
{{- if not .Values.config.ssh.existingSecret.enabled }}
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
{{- with (include "athens-proxy.secrets.ssh.annotations" . | fromYaml) }}
|
||||||
|
annotations:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with (include "athens-proxy.secrets.ssh.labels" . | fromYaml) }}
|
||||||
|
labels:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
name: {{ include "athens-proxy.fullname" . }}-ssh
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
stringData:
|
||||||
|
config: |
|
||||||
|
{{- tpl $.Values.config.ssh.secret.config $ | nindent 4 }}
|
||||||
|
{{- if .Values.config.ssh.secret.id_ed25519 }}
|
||||||
|
id_ed25519: |
|
||||||
|
{{- .Values.config.ssh.secret.id_ed25519 | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.config.ssh.secret.id_ed25519_pub }}
|
||||||
|
id_ed25519.pub: |
|
||||||
|
{{- .Values.config.ssh.secret.id_ed25519_pub | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.config.ssh.secret.id_rsa }}
|
||||||
|
id_rsa: |
|
||||||
|
{{- .Values.config.ssh.secret.id_rsa | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.config.ssh.secret.id_rsa_pub }}
|
||||||
|
id_rsa.pub: |
|
||||||
|
{{- .Values.config.ssh.secret.id_rsa_pub | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
25
templates/athens-proxy/serviceAccount.yaml
Normal file
25
templates/athens-proxy/serviceAccount.yaml
Normal file
@@ -0,0 +1,25 @@
|
|||||||
|
{{- if not .Values.serviceAccount.existing.enabled }}
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ServiceAccount
|
||||||
|
metadata:
|
||||||
|
{{- with (include "athens-proxy.serviceAccount.annotations" . | fromYaml) }}
|
||||||
|
annotations:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with (include "athens-proxy.serviceAccount.labels" . | fromYaml) }}
|
||||||
|
labels:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
name: {{ include "athens-proxy.fullname" . }}
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
automountServiceAccountToken: {{ .Values.serviceAccount.new.automountServiceAccountToken }}
|
||||||
|
{{- with .Values.serviceAccount.new.imagePullSecrets }}
|
||||||
|
imagePullSecrets:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with .Values.serviceAccount.new.secrets }}
|
||||||
|
secrets:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
57
templates/athens-proxy/serviceHTTP.yaml
Normal file
57
templates/athens-proxy/serviceHTTP.yaml
Normal file
@@ -0,0 +1,57 @@
|
|||||||
|
{{- if .Values.services.http.enabled }}
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
{{- with (include "athens-proxy.services.http.annotations" . | fromYaml) }}
|
||||||
|
annotations:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with (include "athens-proxy.services.http.labels" . | fromYaml) }}
|
||||||
|
labels:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
name: {{ include "athens-proxy.services.http.name" . }}
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
spec:
|
||||||
|
{{- if not (empty .Values.services.http.externalIPs) }}
|
||||||
|
externalIPs:
|
||||||
|
{{- range .Values.services.http.externalIPs }}
|
||||||
|
- {{ . }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if and (or (eq .Values.services.http.type "LoadBalancer") (eq .Values.services.http.type "NodePort") ) .Values.services.http.externalTrafficPolicy }}
|
||||||
|
externalTrafficPolicy: {{ .Values.services.http.externalTrafficPolicy }}
|
||||||
|
{{- end }}
|
||||||
|
internalTrafficPolicy: {{ required "No internal traffic policy defined!" .Values.services.http.internalTrafficPolicy }}
|
||||||
|
{{- if .Values.services.http.ipFamilies }}
|
||||||
|
ipFamilies:
|
||||||
|
{{- range .Values.services.http.ipFamilies }}
|
||||||
|
- {{ . }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if and (eq .Values.services.http.type "LoadBalancer") .Values.services.http.loadBalancerClass }}
|
||||||
|
loadBalancerClass: {{ .Values.services.http.loadBalancerClass }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if and (eq .Values.services.http.type "LoadBalancer") .Values.services.http.loadBalancerIP }}
|
||||||
|
loadBalancerIP: {{ .Values.services.http.loadBalancerIP }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if eq .Values.services.http.type "LoadBalancer" }}
|
||||||
|
loadBalancerSourceRanges:
|
||||||
|
{{- range .Values.services.http.loadBalancerSourceRanges }}
|
||||||
|
- {{ . }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
ports:
|
||||||
|
- name: http
|
||||||
|
protocol: TCP
|
||||||
|
port: {{ required "No service port defined!" .Values.services.http.port }}
|
||||||
|
selector:
|
||||||
|
{{- include "athens-proxy.pod.selectorLabels" . | nindent 4 }}
|
||||||
|
sessionAffinity: {{ required "No session affinity defined!" .Values.services.http.sessionAffinity }}
|
||||||
|
{{- with .Values.services.http.sessionAffinityConfig }}
|
||||||
|
sessionAffinityConfig:
|
||||||
|
{{- toYaml . | nindent 4}}
|
||||||
|
{{- end }}
|
||||||
|
type: {{ required "No service type defined!" .Values.services.http.type }}
|
||||||
|
{{- end }}
|
@@ -1,72 +0,0 @@
|
|||||||
apiVersion: apps/v1
|
|
||||||
kind: Deployment
|
|
||||||
metadata:
|
|
||||||
name: {{ include "athens-proxy.fullname" . }}
|
|
||||||
labels:
|
|
||||||
{{- include "athens-proxy.labels" . | nindent 4 }}
|
|
||||||
spec:
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
{{- include "athens-proxy.selectorLabels" . | nindent 6 }}
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
{{- with .Values.podAnnotations }}
|
|
||||||
annotations:
|
|
||||||
{{- toYaml . | nindent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
labels:
|
|
||||||
{{- include "athens-proxy.selectorLabels" . | nindent 8 }}
|
|
||||||
spec:
|
|
||||||
containers:
|
|
||||||
- name: {{ .Chart.Name }}
|
|
||||||
envFrom:
|
|
||||||
- secretRef:
|
|
||||||
name: {{ include "athens-proxy.fullname" . }}
|
|
||||||
securityContext:
|
|
||||||
{{- toYaml .Values.securityContext | nindent 12 }}
|
|
||||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
|
|
||||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
||||||
{{- with .Values.livenessProbe }}
|
|
||||||
livenessProbe:
|
|
||||||
{{- toYaml . | nindent 12 }}
|
|
||||||
{{- end }}
|
|
||||||
ports:
|
|
||||||
- name: http
|
|
||||||
containerPort: {{ .Values.config.ATHENS_PORT | default 3000 }}
|
|
||||||
protocol: TCP
|
|
||||||
{{- with .Values.readinessProbe }}
|
|
||||||
readinessProbe:
|
|
||||||
{{- toYaml . | nindent 12 }}
|
|
||||||
{{- end }}
|
|
||||||
resources:
|
|
||||||
{{- toYaml .Values.resources | nindent 12 }}
|
|
||||||
{{- with .Values.extraVolumeMounts }}
|
|
||||||
volumeMounts:
|
|
||||||
{{- toYaml . | nindent 10 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- with .Values.affinity }}
|
|
||||||
affinity:
|
|
||||||
{{- toYaml . | nindent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- with .Values.imagePullSecrets }}
|
|
||||||
imagePullSecrets:
|
|
||||||
{{- toYaml . | nindent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- with .Values.nodeSelector }}
|
|
||||||
nodeSelector:
|
|
||||||
{{- toYaml . | nindent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.podPriorityClassName }}
|
|
||||||
priorityClassName: {{ .Values.podPriorityClassName }}
|
|
||||||
{{- end }}
|
|
||||||
securityContext:
|
|
||||||
{{- toYaml .Values.podSecurityContext | nindent 8 }}
|
|
||||||
serviceAccountName: {{ include "athens-proxy.fullname" . }}
|
|
||||||
{{- with .Values.tolerations }}
|
|
||||||
tolerations:
|
|
||||||
{{- toYaml . | nindent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- with .Values.extraVolumes }}
|
|
||||||
volumes:
|
|
||||||
{{- toYaml . | nindent 8 }}
|
|
||||||
{{- end }}
|
|
@@ -1,61 +0,0 @@
|
|||||||
{{- if .Values.ingress.enabled -}}
|
|
||||||
{{- $fullName := include "athens-proxy.fullname" . -}}
|
|
||||||
{{- $svcPort := .Values.service.port -}}
|
|
||||||
{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
|
|
||||||
{{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
|
|
||||||
{{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
|
|
||||||
apiVersion: networking.k8s.io/v1
|
|
||||||
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
|
|
||||||
apiVersion: networking.k8s.io/v1beta1
|
|
||||||
{{- else -}}
|
|
||||||
apiVersion: extensions/v1beta1
|
|
||||||
{{- end }}
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: {{ $fullName }}
|
|
||||||
labels:
|
|
||||||
{{- include "athens-proxy.labels" . | nindent 4 }}
|
|
||||||
{{- with .Values.ingress.annotations }}
|
|
||||||
annotations:
|
|
||||||
{{- toYaml . | nindent 4 }}
|
|
||||||
{{- end }}
|
|
||||||
spec:
|
|
||||||
{{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
|
|
||||||
ingressClassName: {{ .Values.ingress.className }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.ingress.tls }}
|
|
||||||
tls:
|
|
||||||
{{- range .Values.ingress.tls }}
|
|
||||||
- hosts:
|
|
||||||
{{- range .hosts }}
|
|
||||||
- {{ . | quote }}
|
|
||||||
{{- end }}
|
|
||||||
secretName: {{ .secretName }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
rules:
|
|
||||||
{{- range .Values.ingress.hosts }}
|
|
||||||
- host: {{ .host | quote }}
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
{{- range .paths }}
|
|
||||||
- path: {{ .path }}
|
|
||||||
{{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
|
|
||||||
pathType: {{ .pathType }}
|
|
||||||
{{- end }}
|
|
||||||
backend:
|
|
||||||
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
|
|
||||||
service:
|
|
||||||
name: {{ $fullName }}
|
|
||||||
port:
|
|
||||||
number: {{ $svcPort }}
|
|
||||||
{{- else }}
|
|
||||||
serviceName: {{ $fullName }}
|
|
||||||
servicePort: {{ $svcPort }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
@@ -1,23 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: Secret
|
|
||||||
metadata:
|
|
||||||
name: {{ include "athens-proxy.fullname" . }}
|
|
||||||
type: Opaque
|
|
||||||
stringData:
|
|
||||||
|
|
||||||
{{- if not (hasKey .Values "config") -}}
|
|
||||||
{{- $_ := set .Values "config" dict -}}
|
|
||||||
{{- end -}}
|
|
||||||
|
|
||||||
{{- if not (hasKey .Values.config "ATHENS_DISK_STORAGE_ROOT") -}}
|
|
||||||
{{- $_ := set .Values.config "ATHENS_DISK_STORAGE_ROOT" "/var/lib/athens" -}}
|
|
||||||
{{- end -}}
|
|
||||||
|
|
||||||
{{- if not (hasKey .Values.config "ATHENS_STORAGE_TYPE") -}}
|
|
||||||
{{- $_ := set .Values.config "ATHENS_STORAGE_TYPE" "disk" -}}
|
|
||||||
{{- end -}}
|
|
||||||
|
|
||||||
{{/* SETUP CONFIG */}}
|
|
||||||
{{ range $key, $value := .Values.config }}
|
|
||||||
{{ upper $key}}: {{ quote $value }}
|
|
||||||
{{ end }}
|
|
@@ -1,36 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
{{- with .Values.service.annotations }}
|
|
||||||
annotations:
|
|
||||||
{{- toYaml . | nindent 4 }}
|
|
||||||
{{- end }}
|
|
||||||
labels:
|
|
||||||
{{- include "athens-proxy.labels" . | nindent 4 }}
|
|
||||||
name: {{ include "athens-proxy.fullname" . }}
|
|
||||||
spec:
|
|
||||||
{{- with .Values.service.externalIPs }}
|
|
||||||
externalIPs:
|
|
||||||
{{- toYaml . | nindent 2 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.service.externalTrafficPolicy }}
|
|
||||||
externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if and .Values.service.loadBalancerClass (eq .Values.service.type "LoadBalancer") }}
|
|
||||||
loadBalancerClass: {{ .Values.service.loadBalancerClass }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if and .Values.service.loadBalancerIP (eq .Values.service.type "LoadBalancer") }}
|
|
||||||
loadBalancerIP: {{ .Values.service.loadBalancerIP }}
|
|
||||||
{{- end }}
|
|
||||||
{{- with .Values.service.loadBalancerSourceRanges }}
|
|
||||||
loadBalancerSourceRanges:
|
|
||||||
{{- toYaml . | nindent 2 }}
|
|
||||||
{{- end }}
|
|
||||||
type: {{ .Values.service.type }}
|
|
||||||
ports:
|
|
||||||
- port: {{ .Values.service.port }}
|
|
||||||
targetPort: {{ .Values.service.targetPort }}
|
|
||||||
protocol: TCP
|
|
||||||
name: {{ .Values.service.name }}
|
|
||||||
selector:
|
|
||||||
{{- include "athens-proxy.selectorLabels" . | nindent 4 }}
|
|
@@ -1,10 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: ServiceAccount
|
|
||||||
metadata:
|
|
||||||
{{- with .Values.serviceAccount.annotations }}
|
|
||||||
annotations:
|
|
||||||
{{- toYaml . | nindent 4 }}
|
|
||||||
{{- end }}
|
|
||||||
labels:
|
|
||||||
{{- include "athens-proxy.labels" . | nindent 4 }}
|
|
||||||
name: {{ include "athens-proxy.fullname" . }}
|
|
@@ -1,15 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: Pod
|
|
||||||
metadata:
|
|
||||||
name: "{{ include "athens-proxy.fullname" . }}-test-connection"
|
|
||||||
labels:
|
|
||||||
{{- include "athens-proxy.labels" . | nindent 4 }}
|
|
||||||
annotations:
|
|
||||||
"helm.sh/hook": test
|
|
||||||
spec:
|
|
||||||
containers:
|
|
||||||
- name: wget
|
|
||||||
image: busybox
|
|
||||||
command: ['wget']
|
|
||||||
args: ['{{ include "athens-proxy.fullname" . }}:{{ .Values.service.port }}']
|
|
||||||
restartPolicy: Never
|
|
88
unittests/configMaps/downloadMode.yaml
Normal file
88
unittests/configMaps/downloadMode.yaml
Normal file
@@ -0,0 +1,88 @@
|
|||||||
|
chart:
|
||||||
|
appVersion: 0.1.0
|
||||||
|
version: 0.1.0
|
||||||
|
suite: ConfigMap downloadMode
|
||||||
|
release:
|
||||||
|
name: athens-proxy-unittest
|
||||||
|
namespace: testing
|
||||||
|
templates:
|
||||||
|
- templates/athens-proxy/configMapDownloadMode.yaml
|
||||||
|
tests:
|
||||||
|
- it: Skip rending by using existing config map.
|
||||||
|
set:
|
||||||
|
config.downloadMode.existingConfigMap.enabled: true
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 0
|
||||||
|
|
||||||
|
- it: Rendering by default.
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 1
|
||||||
|
- containsDocument:
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ConfigMap
|
||||||
|
name: athens-proxy-unittest-download-mode-file
|
||||||
|
namespace: testing
|
||||||
|
- notExists:
|
||||||
|
path: metadata.annotations
|
||||||
|
- equal:
|
||||||
|
path: metadata.labels
|
||||||
|
value:
|
||||||
|
app.kubernetes.io/instance: athens-proxy-unittest
|
||||||
|
app.kubernetes.io/managed-by: Helm
|
||||||
|
app.kubernetes.io/name: athens-proxy
|
||||||
|
app.kubernetes.io/version: 0.1.0
|
||||||
|
helm.sh/chart: athens-proxy-0.1.0
|
||||||
|
- equal:
|
||||||
|
path: data.downloadMode
|
||||||
|
value: |
|
||||||
|
# downloadURL = "https://proxy.golang.org"
|
||||||
|
#
|
||||||
|
# mode = "async_redirect"
|
||||||
|
#
|
||||||
|
# download "github.com/gomods/*" {
|
||||||
|
# mode = "sync"
|
||||||
|
# }
|
||||||
|
#
|
||||||
|
# download "golang.org/x/*" {
|
||||||
|
# mode = "none"
|
||||||
|
# }
|
||||||
|
#
|
||||||
|
# download "github.com/pkg/*" {
|
||||||
|
# mode = "redirect"
|
||||||
|
# downloadURL = "https://gocenter.io"
|
||||||
|
# }
|
||||||
|
|
||||||
|
- it: Rendering custom annotations and labels.
|
||||||
|
set:
|
||||||
|
config.downloadMode.configMap.annotations:
|
||||||
|
foo: bar
|
||||||
|
bar: foo
|
||||||
|
config.downloadMode.configMap.labels:
|
||||||
|
foo: bar
|
||||||
|
bar: foo
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: metadata.annotations
|
||||||
|
value:
|
||||||
|
foo: bar
|
||||||
|
bar: foo
|
||||||
|
- isSubset:
|
||||||
|
path: metadata.labels
|
||||||
|
content:
|
||||||
|
foo: bar
|
||||||
|
bar: foo
|
||||||
|
|
||||||
|
- it: Rendering custom configuration
|
||||||
|
set:
|
||||||
|
config.downloadMode.configMap.content: |
|
||||||
|
downloadURL = "https://proxy.golang.org"
|
||||||
|
mode = "async_redirect"
|
||||||
|
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: data.downloadMode
|
||||||
|
value: |
|
||||||
|
downloadURL = "https://proxy.golang.org"
|
||||||
|
mode = "async_redirect"
|
77
unittests/configMaps/gitConfig.yaml
Normal file
77
unittests/configMaps/gitConfig.yaml
Normal file
@@ -0,0 +1,77 @@
|
|||||||
|
chart:
|
||||||
|
appVersion: 0.1.0
|
||||||
|
version: 0.1.0
|
||||||
|
suite: ConfigMap gitConfig
|
||||||
|
release:
|
||||||
|
name: athens-proxy-unittest
|
||||||
|
namespace: testing
|
||||||
|
templates:
|
||||||
|
- templates/athens-proxy/configMapGitConfig.yaml
|
||||||
|
tests:
|
||||||
|
- it: Skip rending by using existing config map.
|
||||||
|
set:
|
||||||
|
config.gitConfig.existingConfigMap.enabled: true
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 0
|
||||||
|
|
||||||
|
- it: Rendering by default.
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 1
|
||||||
|
- containsDocument:
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ConfigMap
|
||||||
|
name: athens-proxy-unittest-git-config
|
||||||
|
namespace: testing
|
||||||
|
- notExists:
|
||||||
|
path: metadata.annotations
|
||||||
|
- equal:
|
||||||
|
path: metadata.labels
|
||||||
|
value:
|
||||||
|
app.kubernetes.io/instance: athens-proxy-unittest
|
||||||
|
app.kubernetes.io/managed-by: Helm
|
||||||
|
app.kubernetes.io/name: athens-proxy
|
||||||
|
app.kubernetes.io/version: 0.1.0
|
||||||
|
helm.sh/chart: athens-proxy-0.1.0
|
||||||
|
- isNullOrEmpty:
|
||||||
|
path: data[".gitconfig"]
|
||||||
|
|
||||||
|
- it: Rendering custom annotations and labels.
|
||||||
|
set:
|
||||||
|
config.gitConfig.configMap.annotations:
|
||||||
|
foo: bar
|
||||||
|
bar: foo
|
||||||
|
config.gitConfig.configMap.labels:
|
||||||
|
foo: bar
|
||||||
|
bar: foo
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: metadata.annotations
|
||||||
|
value:
|
||||||
|
foo: bar
|
||||||
|
bar: foo
|
||||||
|
- isSubset:
|
||||||
|
path: metadata.labels
|
||||||
|
content:
|
||||||
|
foo: bar
|
||||||
|
bar: foo
|
||||||
|
|
||||||
|
- it: Rendering custom configuration
|
||||||
|
set:
|
||||||
|
config.gitConfig.configMap.content: |
|
||||||
|
[url "git@github.com:"]
|
||||||
|
insteadOf = https://github.com/
|
||||||
|
|
||||||
|
[url "git@git.cryptic.systems:"]
|
||||||
|
insteadOf = https://git.cryptic.systems/
|
||||||
|
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: data[".gitconfig"]
|
||||||
|
value: |
|
||||||
|
[url "git@github.com:"]
|
||||||
|
insteadOf = https://github.com/
|
||||||
|
|
||||||
|
[url "git@git.cryptic.systems:"]
|
||||||
|
insteadOf = https://git.cryptic.systems/
|
528
unittests/deployment/deployment.yaml
Normal file
528
unittests/deployment/deployment.yaml
Normal file
@@ -0,0 +1,528 @@
|
|||||||
|
chart:
|
||||||
|
appVersion: 0.1.0
|
||||||
|
version: 0.1.0
|
||||||
|
suite: Deployment template
|
||||||
|
release:
|
||||||
|
name: athens-proxy-unittest
|
||||||
|
namespace: testing
|
||||||
|
templates:
|
||||||
|
- templates/athens-proxy/deployment.yaml
|
||||||
|
tests:
|
||||||
|
- it: Rendering default
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 1
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- containsDocument:
|
||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
name: athens-proxy-unittest
|
||||||
|
namespace: testing
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- notExists:
|
||||||
|
path: metadata.annotations
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- equal:
|
||||||
|
path: metadata.labels
|
||||||
|
value:
|
||||||
|
app.kubernetes.io/instance: athens-proxy-unittest
|
||||||
|
app.kubernetes.io/managed-by: Helm
|
||||||
|
app.kubernetes.io/name: athens-proxy
|
||||||
|
app.kubernetes.io/version: 0.1.0
|
||||||
|
helm.sh/chart: athens-proxy-0.1.0
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- equal:
|
||||||
|
path: spec.replicas
|
||||||
|
value: 1
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- equal:
|
||||||
|
path: spec.template.metadata.labels
|
||||||
|
value:
|
||||||
|
app.kubernetes.io/instance: athens-proxy-unittest
|
||||||
|
app.kubernetes.io/managed-by: Helm
|
||||||
|
app.kubernetes.io/name: athens-proxy
|
||||||
|
app.kubernetes.io/version: 0.1.0
|
||||||
|
helm.sh/chart: athens-proxy-0.1.0
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- notExists:
|
||||||
|
path: spec.template.spec.affinity
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- notExists:
|
||||||
|
path: spec.template.spec.containers[0].args
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- notExists:
|
||||||
|
path: spec.template.spec.containers[0].command
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- notExists:
|
||||||
|
path: spec.template.spec.containers[0].envFrom
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- notExists:
|
||||||
|
path: spec.template.spec.containers[0].volumeMounts
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.containers[0].image
|
||||||
|
value: docker.io/gomods/athens:v0.1.0
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.containers[0].imagePullPolicy
|
||||||
|
value: IfNotPresent
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- notExists:
|
||||||
|
path: spec.template.spec.containers[0].resources
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- notExists:
|
||||||
|
path: spec.template.spec.containers[0].securityContext
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- notExists:
|
||||||
|
path: spec.template.spec.dnsConfig
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- notExists:
|
||||||
|
path: spec.template.spec.dnsPolicy
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- notExists:
|
||||||
|
path: spec.template.spec.hostname
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.hostNetwork
|
||||||
|
value: false
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- notExists:
|
||||||
|
path: spec.template.spec.imagePullSecrets
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- notExists:
|
||||||
|
path: spec.template.spec.nodeSelector
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- notExists:
|
||||||
|
path: spec.template.spec.priorityClassName
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- notExists:
|
||||||
|
path: spec.template.spec.restartPolicy
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- notExists:
|
||||||
|
path: spec.template.spec.subdomain
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.terminationGracePeriodSeconds
|
||||||
|
value: 60
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- notExists:
|
||||||
|
path: spec.template.spec.tolerations
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- notExists:
|
||||||
|
path: spec.template.spec.topologySpreadConstraints
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- equal:
|
||||||
|
path: spec.strategy
|
||||||
|
value:
|
||||||
|
type: "RollingUpdate"
|
||||||
|
rollingUpdate:
|
||||||
|
maxSurge: 1
|
||||||
|
maxUnavailable: 1
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
|
||||||
|
- it: Test custom replicas
|
||||||
|
set:
|
||||||
|
# Ensure that the secrets and config maps are well configured.
|
||||||
|
|
||||||
|
# Normal test values
|
||||||
|
deployment.replicas: 3
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.replicas
|
||||||
|
value: 3
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
|
||||||
|
- it: Test custom affinity
|
||||||
|
set:
|
||||||
|
# Ensure that the secrets and config maps are well configured.
|
||||||
|
|
||||||
|
# Normal test values
|
||||||
|
deployment.affinity:
|
||||||
|
nodeAffinity:
|
||||||
|
requiredDuringSchedulingIgnoredDuringExecution:
|
||||||
|
nodeSelectorTerms:
|
||||||
|
- matchExpressions:
|
||||||
|
- key: topology.kubernetes.io/zone
|
||||||
|
operator: In
|
||||||
|
values:
|
||||||
|
- antarctica-east1
|
||||||
|
- antarctica-west1
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.affinity
|
||||||
|
value:
|
||||||
|
nodeAffinity:
|
||||||
|
requiredDuringSchedulingIgnoredDuringExecution:
|
||||||
|
nodeSelectorTerms:
|
||||||
|
- matchExpressions:
|
||||||
|
- key: topology.kubernetes.io/zone
|
||||||
|
operator: In
|
||||||
|
values:
|
||||||
|
- antarctica-east1
|
||||||
|
- antarctica-west1
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
|
||||||
|
- it: Test additional arguments
|
||||||
|
set:
|
||||||
|
# Ensure that the secrets and config maps are well configured.
|
||||||
|
|
||||||
|
# Normal test values
|
||||||
|
deployment.athensProxy.args:
|
||||||
|
- "--foo=bar"
|
||||||
|
- "--bar=foo"
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.containers[0].args
|
||||||
|
value:
|
||||||
|
- --foo=bar
|
||||||
|
- --bar=foo
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
|
||||||
|
- it: Test additional command
|
||||||
|
set:
|
||||||
|
# Ensure that the secrets and config maps are well configured.
|
||||||
|
|
||||||
|
# Normal test values
|
||||||
|
deployment.athensProxy.command:
|
||||||
|
- "/bin/sh"
|
||||||
|
- "-c"
|
||||||
|
- "echo hello"
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.containers[0].command
|
||||||
|
value:
|
||||||
|
- "/bin/sh"
|
||||||
|
- "-c"
|
||||||
|
- "echo hello"
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
|
||||||
|
- it: Test custom imageRegistry and imageRepository
|
||||||
|
set:
|
||||||
|
# Ensure that the secrets and config maps are well configured.
|
||||||
|
|
||||||
|
# Normal test values
|
||||||
|
deployment.athensProxy.image.registry: registry.example.local
|
||||||
|
deployment.athensProxy.image.repository: path/special/athens-proxy
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.containers[0].image
|
||||||
|
value: registry.example.local/path/special/athens-proxy:v0.1.0
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
|
||||||
|
- it: Test custom imagePullPolicy
|
||||||
|
set:
|
||||||
|
# Ensure that the secrets and config maps are well configured.
|
||||||
|
|
||||||
|
# Normal test values
|
||||||
|
deployment.athensProxy.image.pullPolicy: Always
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.containers[0].imagePullPolicy
|
||||||
|
value: Always
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
|
||||||
|
- it: Test custom resource limits and requests
|
||||||
|
set:
|
||||||
|
# Ensure that the secrets and config maps are well configured.
|
||||||
|
|
||||||
|
# Normal test values
|
||||||
|
deployment.athensProxy.resources:
|
||||||
|
limits:
|
||||||
|
cpu: 100m
|
||||||
|
memory: 250MB
|
||||||
|
requests:
|
||||||
|
cpu: 25m
|
||||||
|
memory: 100MB
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.containers[0].env
|
||||||
|
value:
|
||||||
|
- name: GOMAXPROCS
|
||||||
|
valueFrom:
|
||||||
|
resourceFieldRef:
|
||||||
|
divisor: "1"
|
||||||
|
resource: limits.cpu
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.containers[0].resources
|
||||||
|
value:
|
||||||
|
limits:
|
||||||
|
cpu: 100m
|
||||||
|
memory: 250MB
|
||||||
|
requests:
|
||||||
|
cpu: 25m
|
||||||
|
memory: 100MB
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
|
||||||
|
- it: Test custom securityContext
|
||||||
|
set:
|
||||||
|
# Ensure that the secrets and config maps are well configured.
|
||||||
|
|
||||||
|
# Normal test values
|
||||||
|
deployment.athensProxy.securityContext:
|
||||||
|
capabilities:
|
||||||
|
add:
|
||||||
|
- NET_RAW
|
||||||
|
drop:
|
||||||
|
- ALL
|
||||||
|
privileged: false
|
||||||
|
readOnlyRootFilesystem: true
|
||||||
|
runAsNonRoot: true
|
||||||
|
runAsUser: 1000
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.containers[0].securityContext
|
||||||
|
value:
|
||||||
|
capabilities:
|
||||||
|
add:
|
||||||
|
- NET_RAW
|
||||||
|
drop:
|
||||||
|
- ALL
|
||||||
|
privileged: false
|
||||||
|
readOnlyRootFilesystem: true
|
||||||
|
runAsNonRoot: true
|
||||||
|
runAsUser: 1000
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
|
||||||
|
- it: Test dnsConfig
|
||||||
|
set:
|
||||||
|
# Ensure that the secrets and config maps are well configured.
|
||||||
|
|
||||||
|
# Normal test values
|
||||||
|
deployment.dnsConfig:
|
||||||
|
nameservers:
|
||||||
|
- "8.8.8.8"
|
||||||
|
- "8.8.4.4"
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.dnsConfig
|
||||||
|
value:
|
||||||
|
nameservers:
|
||||||
|
- "8.8.8.8"
|
||||||
|
- "8.8.4.4"
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
|
||||||
|
- it: Test dnsPolicy
|
||||||
|
set:
|
||||||
|
# Ensure that the secrets and config maps are well configured.
|
||||||
|
|
||||||
|
# Normal test values
|
||||||
|
deployment.dnsPolicy: ClusterFirst
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.dnsPolicy
|
||||||
|
value: ClusterFirst
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
|
||||||
|
- it: Test hostNetwork, hostname, subdomain
|
||||||
|
set:
|
||||||
|
# Ensure that the secrets and config maps are well configured.
|
||||||
|
|
||||||
|
# Normal test values
|
||||||
|
deployment.hostNetwork: true
|
||||||
|
deployment.hostname: pg-exporter
|
||||||
|
deployment.subdomain: exporters.internal
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.hostNetwork
|
||||||
|
value: true
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.hostname
|
||||||
|
value: pg-exporter
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.subdomain
|
||||||
|
value: exporters.internal
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
|
||||||
|
- it: Test imagePullSecrets
|
||||||
|
set:
|
||||||
|
# Ensure that the secrets and config maps are well configured.
|
||||||
|
|
||||||
|
# Normal test values
|
||||||
|
deployment.imagePullSecrets:
|
||||||
|
- name: my-pull-secret
|
||||||
|
- name: my-special-secret
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.imagePullSecrets
|
||||||
|
value:
|
||||||
|
- name: my-pull-secret
|
||||||
|
- name: my-special-secret
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
|
||||||
|
- it: Test nodeSelector
|
||||||
|
set:
|
||||||
|
# Ensure that the secrets and config maps are well configured.
|
||||||
|
|
||||||
|
# Normal test values
|
||||||
|
deployment.nodeSelector:
|
||||||
|
foo: bar
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.nodeSelector
|
||||||
|
value:
|
||||||
|
foo: bar
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
|
||||||
|
- it: Test priorityClassName
|
||||||
|
set:
|
||||||
|
# Ensure that the secrets and config maps are well configured.
|
||||||
|
|
||||||
|
# Normal test values
|
||||||
|
deployment.priorityClassName: my-priority
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.priorityClassName
|
||||||
|
value: my-priority
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
|
||||||
|
- it: Test restartPolicy
|
||||||
|
set:
|
||||||
|
# Ensure that the secrets and config maps are well configured.
|
||||||
|
|
||||||
|
# Normal test values
|
||||||
|
deployment.restartPolicy: Always
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.restartPolicy
|
||||||
|
value: Always
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
|
||||||
|
- it: Test terminationGracePeriodSeconds
|
||||||
|
set:
|
||||||
|
# Ensure that the secrets and config maps are well configured.
|
||||||
|
|
||||||
|
# Normal test values
|
||||||
|
deployment.terminationGracePeriodSeconds: 120
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.terminationGracePeriodSeconds
|
||||||
|
value: 120
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
|
||||||
|
- it: Test tolerations
|
||||||
|
set:
|
||||||
|
# Ensure that the secrets and config maps are well configured.
|
||||||
|
|
||||||
|
# Normal test values
|
||||||
|
deployment.tolerations:
|
||||||
|
- key: database/type
|
||||||
|
operator: Equal
|
||||||
|
value: postgres
|
||||||
|
effect: NoSchedule
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.tolerations
|
||||||
|
value:
|
||||||
|
- key: database/type
|
||||||
|
operator: Equal
|
||||||
|
value: postgres
|
||||||
|
effect: NoSchedule
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
|
||||||
|
- it: Test topologySpreadConstraints
|
||||||
|
set:
|
||||||
|
# Ensure that the secrets and config maps are well configured.
|
||||||
|
|
||||||
|
# Normal test values
|
||||||
|
deployment.topologySpreadConstraints:
|
||||||
|
- topologyKey: kubernetes.io/hostname
|
||||||
|
whenUnsatisfiable: DoNotSchedule
|
||||||
|
labelSelector:
|
||||||
|
matchLabels:
|
||||||
|
app.kubernetes.io/instance: athens-proxy
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.topologySpreadConstraints
|
||||||
|
value:
|
||||||
|
- topologyKey: kubernetes.io/hostname
|
||||||
|
whenUnsatisfiable: DoNotSchedule
|
||||||
|
labelSelector:
|
||||||
|
matchLabels:
|
||||||
|
app.kubernetes.io/instance: athens-proxy
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
|
||||||
|
- it: Test additional volumeMounts and volumes
|
||||||
|
set:
|
||||||
|
# Ensure that the secrets and config maps are well configured.
|
||||||
|
|
||||||
|
# Normal test values
|
||||||
|
deployment.athensProxy.volumeMounts:
|
||||||
|
- name: data
|
||||||
|
mountPath: /usr/lib/athens-proxy/data
|
||||||
|
deployment.volumes:
|
||||||
|
- name: data
|
||||||
|
hostPath:
|
||||||
|
path: /usr/lib/athens-proxy/data
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.template.spec.containers[0].volumeMounts
|
||||||
|
value:
|
||||||
|
- name: data
|
||||||
|
mountPath: /usr/lib/athens-proxy/data
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
|
||||||
|
- it: Test persistent volume claim
|
||||||
|
set:
|
||||||
|
persistence.enabled: true
|
||||||
|
asserts:
|
||||||
|
- contains:
|
||||||
|
path: spec.template.spec.containers[0].env
|
||||||
|
content:
|
||||||
|
name: ATHENS_STORAGE_TYPE
|
||||||
|
value: disk
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- contains:
|
||||||
|
path: spec.template.spec.containers[0].env
|
||||||
|
content:
|
||||||
|
name: ATHENS_DISK_STORAGE_ROOT
|
||||||
|
value: /var/www/athens-proxy/data
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- contains:
|
||||||
|
path: spec.template.spec.containers[0].volumeMounts
|
||||||
|
content:
|
||||||
|
name: data
|
||||||
|
mountPath: /var/www/athens-proxy/data
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- contains:
|
||||||
|
path: spec.template.spec.volumes
|
||||||
|
content:
|
||||||
|
name: data
|
||||||
|
persistentVolumeClaim:
|
||||||
|
claimName: athens-proxy-unittest-data
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
|
||||||
|
- it: Test existing persistent volume claim
|
||||||
|
set:
|
||||||
|
persistence.enabled: true
|
||||||
|
persistence.data.mountPath: "/mnt/go-proxy/data"
|
||||||
|
persistence.data.existingPersistentVolumeClaim.enabled: true
|
||||||
|
persistence.data.existingPersistentVolumeClaim.persistentVolumeClaimName: "my-special-pvc"
|
||||||
|
asserts:
|
||||||
|
- contains:
|
||||||
|
path: spec.template.spec.containers[0].env
|
||||||
|
content:
|
||||||
|
name: ATHENS_STORAGE_TYPE
|
||||||
|
value: disk
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- contains:
|
||||||
|
path: spec.template.spec.containers[0].env
|
||||||
|
content:
|
||||||
|
name: ATHENS_DISK_STORAGE_ROOT
|
||||||
|
value: /mnt/go-proxy/data
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- contains:
|
||||||
|
path: spec.template.spec.containers[0].volumeMounts
|
||||||
|
content:
|
||||||
|
name: data
|
||||||
|
mountPath: /mnt/go-proxy/data
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
||||||
|
- contains:
|
||||||
|
path: spec.template.spec.volumes
|
||||||
|
content:
|
||||||
|
name: data
|
||||||
|
persistentVolumeClaim:
|
||||||
|
claimName: my-special-pvc
|
||||||
|
template: templates/athens-proxy/deployment.yaml
|
116
unittests/hpa/default.yaml
Normal file
116
unittests/hpa/default.yaml
Normal file
@@ -0,0 +1,116 @@
|
|||||||
|
chart:
|
||||||
|
appVersion: 0.1.0
|
||||||
|
version: 0.1.0
|
||||||
|
suite: HPA template (basic)
|
||||||
|
release:
|
||||||
|
name: athens-proxy-unittest
|
||||||
|
namespace: testing
|
||||||
|
templates:
|
||||||
|
- templates/athens-proxy/hpa.yaml
|
||||||
|
tests:
|
||||||
|
- it: Skip rendering by default.
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 0
|
||||||
|
|
||||||
|
- it: Rendering when enabled - default
|
||||||
|
set:
|
||||||
|
hpa.enabled: true
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 1
|
||||||
|
- containsDocument:
|
||||||
|
apiVersion: autoscaling/v2
|
||||||
|
kind: HorizontalPodAutoscaler
|
||||||
|
name: athens-proxy-unittest
|
||||||
|
namespace: testing
|
||||||
|
- notExists:
|
||||||
|
path: metadata.annotations
|
||||||
|
- equal:
|
||||||
|
path: metadata.labels
|
||||||
|
value:
|
||||||
|
app.kubernetes.io/instance: athens-proxy-unittest
|
||||||
|
app.kubernetes.io/managed-by: Helm
|
||||||
|
app.kubernetes.io/name: athens-proxy
|
||||||
|
app.kubernetes.io/version: 0.1.0
|
||||||
|
helm.sh/chart: athens-proxy-0.1.0
|
||||||
|
- contains:
|
||||||
|
path: spec.metrics
|
||||||
|
content:
|
||||||
|
resource:
|
||||||
|
name: cpu
|
||||||
|
target:
|
||||||
|
averageUtilization: 65
|
||||||
|
type: Utilization
|
||||||
|
type: Resource
|
||||||
|
- equal:
|
||||||
|
path: spec.maxReplicas
|
||||||
|
value: 10
|
||||||
|
- equal:
|
||||||
|
path: spec.minReplicas
|
||||||
|
value: 1
|
||||||
|
- equal:
|
||||||
|
path: spec.scaleTargetRef
|
||||||
|
value:
|
||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
name: athens-proxy-unittest
|
||||||
|
|
||||||
|
- it: Rendering when enabled - custom values
|
||||||
|
set:
|
||||||
|
hpa.enabled: true
|
||||||
|
hpa.annotations:
|
||||||
|
foo: bar
|
||||||
|
hpa.labels:
|
||||||
|
bar: foo
|
||||||
|
hpa.maxReplicas: 25
|
||||||
|
hpa.minReplicas: 5
|
||||||
|
hpa.metrics:
|
||||||
|
- resource:
|
||||||
|
name: memory
|
||||||
|
target:
|
||||||
|
averageUtilization: 65
|
||||||
|
type: Utilization
|
||||||
|
type: Resource
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 1
|
||||||
|
- containsDocument:
|
||||||
|
apiVersion: autoscaling/v2
|
||||||
|
kind: HorizontalPodAutoscaler
|
||||||
|
name: athens-proxy-unittest
|
||||||
|
namespace: testing
|
||||||
|
- equal:
|
||||||
|
path: metadata.annotations
|
||||||
|
value:
|
||||||
|
foo: bar
|
||||||
|
- equal:
|
||||||
|
path: metadata.labels
|
||||||
|
value:
|
||||||
|
app.kubernetes.io/instance: athens-proxy-unittest
|
||||||
|
app.kubernetes.io/managed-by: Helm
|
||||||
|
app.kubernetes.io/name: athens-proxy
|
||||||
|
app.kubernetes.io/version: 0.1.0
|
||||||
|
bar: foo
|
||||||
|
helm.sh/chart: athens-proxy-0.1.0
|
||||||
|
- contains:
|
||||||
|
path: spec.metrics
|
||||||
|
content:
|
||||||
|
resource:
|
||||||
|
name: memory
|
||||||
|
target:
|
||||||
|
averageUtilization: 65
|
||||||
|
type: Utilization
|
||||||
|
type: Resource
|
||||||
|
- equal:
|
||||||
|
path: spec.maxReplicas
|
||||||
|
value: 25
|
||||||
|
- equal:
|
||||||
|
path: spec.minReplicas
|
||||||
|
value: 5
|
||||||
|
- equal:
|
||||||
|
path: spec.scaleTargetRef
|
||||||
|
value:
|
||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
name: athens-proxy-unittest
|
139
unittests/ingress/ingress.yaml
Normal file
139
unittests/ingress/ingress.yaml
Normal file
@@ -0,0 +1,139 @@
|
|||||||
|
chart:
|
||||||
|
appVersion: 0.1.0
|
||||||
|
version: 0.1.0
|
||||||
|
suite: Ingress template
|
||||||
|
release:
|
||||||
|
name: athens-proxy-unittest
|
||||||
|
namespace: testing
|
||||||
|
templates:
|
||||||
|
- templates/athens-proxy/ingress.yaml
|
||||||
|
tests:
|
||||||
|
- it: Skip ingress by default.
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 0
|
||||||
|
|
||||||
|
- it: Skip ingress, when service is disabled.
|
||||||
|
set:
|
||||||
|
services.http.enabled: false
|
||||||
|
ingress.enabled: true
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 0
|
||||||
|
|
||||||
|
- it: Render ingress with default values.
|
||||||
|
set:
|
||||||
|
ingress.enabled: true
|
||||||
|
ingress.hosts:
|
||||||
|
- host: athens-proxy.example.local
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
pathType: Prefix
|
||||||
|
ingress.tls:
|
||||||
|
- secretName: athens-proxy-http-tls
|
||||||
|
hosts:
|
||||||
|
- athens-proxy.example.local
|
||||||
|
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 1
|
||||||
|
- containsDocument:
|
||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: Ingress
|
||||||
|
name: athens-proxy-unittest
|
||||||
|
namespace: testing
|
||||||
|
- notExists:
|
||||||
|
path: metadata.annotations
|
||||||
|
- equal:
|
||||||
|
path: metadata.labels
|
||||||
|
value:
|
||||||
|
app.kubernetes.io/instance: athens-proxy-unittest
|
||||||
|
app.kubernetes.io/managed-by: Helm
|
||||||
|
app.kubernetes.io/name: athens-proxy
|
||||||
|
app.kubernetes.io/version: 0.1.0
|
||||||
|
helm.sh/chart: athens-proxy-0.1.0
|
||||||
|
- equal:
|
||||||
|
path: spec.ingressClassName
|
||||||
|
value: nginx
|
||||||
|
- contains:
|
||||||
|
path: spec.rules
|
||||||
|
content:
|
||||||
|
host: athens-proxy.example.local
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
pathType: Prefix
|
||||||
|
backend:
|
||||||
|
service:
|
||||||
|
name: athens-proxy-unittest-http
|
||||||
|
port:
|
||||||
|
number: 3000
|
||||||
|
- contains:
|
||||||
|
path: spec.tls
|
||||||
|
content:
|
||||||
|
hosts:
|
||||||
|
- athens-proxy.example.local
|
||||||
|
secretName: athens-proxy-http-tls
|
||||||
|
|
||||||
|
- it: Render ingress with custom values.
|
||||||
|
set:
|
||||||
|
ingress.enabled: true
|
||||||
|
ingress.annotations:
|
||||||
|
foo: bar
|
||||||
|
ingress.className: nginx
|
||||||
|
ingress.labels:
|
||||||
|
bar: foo
|
||||||
|
ingress.hosts:
|
||||||
|
- host: athens-proxy.example.local
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
pathType: Prefix
|
||||||
|
ingress.tls:
|
||||||
|
- secretName: athens-proxy-http-tls
|
||||||
|
hosts:
|
||||||
|
- athens-proxy.example.local
|
||||||
|
services.http.port: 8080
|
||||||
|
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 1
|
||||||
|
- containsDocument:
|
||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: Ingress
|
||||||
|
name: athens-proxy-unittest
|
||||||
|
namespace: testing
|
||||||
|
- equal:
|
||||||
|
path: metadata.annotations
|
||||||
|
value:
|
||||||
|
foo: bar
|
||||||
|
- equal:
|
||||||
|
path: metadata.labels
|
||||||
|
value:
|
||||||
|
app.kubernetes.io/instance: athens-proxy-unittest
|
||||||
|
app.kubernetes.io/managed-by: Helm
|
||||||
|
app.kubernetes.io/name: athens-proxy
|
||||||
|
app.kubernetes.io/version: 0.1.0
|
||||||
|
helm.sh/chart: athens-proxy-0.1.0
|
||||||
|
bar: foo
|
||||||
|
- equal:
|
||||||
|
path: spec.ingressClassName
|
||||||
|
value: nginx
|
||||||
|
- contains:
|
||||||
|
path: spec.rules
|
||||||
|
content:
|
||||||
|
host: athens-proxy.example.local
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
pathType: Prefix
|
||||||
|
backend:
|
||||||
|
service:
|
||||||
|
name: athens-proxy-unittest-http
|
||||||
|
port:
|
||||||
|
number: 8080
|
||||||
|
- contains:
|
||||||
|
path: spec.tls
|
||||||
|
content:
|
||||||
|
hosts:
|
||||||
|
- athens-proxy.example.local
|
||||||
|
secretName: athens-proxy-http-tls
|
118
unittests/networkPolicies/default.yaml
Normal file
118
unittests/networkPolicies/default.yaml
Normal file
@@ -0,0 +1,118 @@
|
|||||||
|
chart:
|
||||||
|
appVersion: 0.1.0
|
||||||
|
version: 0.1.0
|
||||||
|
suite: NetworkPolicies template
|
||||||
|
release:
|
||||||
|
name: athens-proxy-unittest
|
||||||
|
namespace: testing
|
||||||
|
templates:
|
||||||
|
- templates/athens-proxy/networkPolicies.yaml
|
||||||
|
tests:
|
||||||
|
- it: Skip networkPolicies in general disabled.
|
||||||
|
set:
|
||||||
|
networkPolicies.enabled: false
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 0
|
||||||
|
|
||||||
|
- it: Skip networkPolicy 'default' when disabled.
|
||||||
|
set:
|
||||||
|
networkPolicies.enabled: true
|
||||||
|
networkPolicies.default.enabled: false
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 0
|
||||||
|
|
||||||
|
- it: Loop over networkPolicies
|
||||||
|
set:
|
||||||
|
networkPolicies.enabled: true
|
||||||
|
networkPolicies.default.enabled: false
|
||||||
|
networkPolicies.nginx.enabled: true
|
||||||
|
networkPolicies.prometheus.enabled: true
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 2
|
||||||
|
|
||||||
|
- it: Template networkPolicy 'default' without policyTypes, egress and ingress configuration
|
||||||
|
set:
|
||||||
|
networkPolicies.enabled: true
|
||||||
|
networkPolicies.default.enabled: true
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 1
|
||||||
|
- containsDocument:
|
||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: NetworkPolicy
|
||||||
|
name: athens-proxy-unittest-default
|
||||||
|
namespace: testing
|
||||||
|
- notExists:
|
||||||
|
path: metadata.annotations
|
||||||
|
- equal:
|
||||||
|
path: metadata.labels
|
||||||
|
value:
|
||||||
|
app.kubernetes.io/instance: athens-proxy-unittest
|
||||||
|
app.kubernetes.io/managed-by: Helm
|
||||||
|
app.kubernetes.io/name: athens-proxy
|
||||||
|
app.kubernetes.io/version: 0.1.0
|
||||||
|
helm.sh/chart: athens-proxy-0.1.0
|
||||||
|
- equal:
|
||||||
|
path: spec.podSelector.matchLabels
|
||||||
|
value:
|
||||||
|
app.kubernetes.io/instance: athens-proxy-unittest
|
||||||
|
app.kubernetes.io/name: athens-proxy
|
||||||
|
- notExists:
|
||||||
|
path: spec.policyTypes
|
||||||
|
- notExists:
|
||||||
|
path: spec.egress
|
||||||
|
- notExists:
|
||||||
|
path: spec.ingress
|
||||||
|
|
||||||
|
- it: Template networkPolicy 'default' with policyTypes, egress and ingress configuration
|
||||||
|
set:
|
||||||
|
networkPolicies.enabled: true
|
||||||
|
networkPolicies.default.enabled: true
|
||||||
|
networkPolicies.default.policyTypes:
|
||||||
|
- Egress
|
||||||
|
- Ingress
|
||||||
|
networkPolicies.default.ingress:
|
||||||
|
- from:
|
||||||
|
- namespaceSelector:
|
||||||
|
matchLabels:
|
||||||
|
kubernetes.io/metadata.name: khv-production
|
||||||
|
podSelector:
|
||||||
|
matchLabels:
|
||||||
|
app.kubernetes.io/name: prometheus
|
||||||
|
networkPolicies.default.egress:
|
||||||
|
- to:
|
||||||
|
- namespaceSelector:
|
||||||
|
matchLabels:
|
||||||
|
kubernetes.io/metadata.name: database
|
||||||
|
podSelector:
|
||||||
|
matchLabels:
|
||||||
|
app.kubernetes.io/name: oracle
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.policyTypes
|
||||||
|
value:
|
||||||
|
- Egress
|
||||||
|
- Ingress
|
||||||
|
- equal:
|
||||||
|
path: spec.egress
|
||||||
|
value:
|
||||||
|
- to:
|
||||||
|
- namespaceSelector:
|
||||||
|
matchLabels:
|
||||||
|
kubernetes.io/metadata.name: database
|
||||||
|
podSelector:
|
||||||
|
matchLabels:
|
||||||
|
app.kubernetes.io/name: oracle
|
||||||
|
- equal:
|
||||||
|
path: spec.ingress
|
||||||
|
value:
|
||||||
|
- from:
|
||||||
|
- namespaceSelector:
|
||||||
|
matchLabels:
|
||||||
|
kubernetes.io/metadata.name: khv-production
|
||||||
|
podSelector:
|
||||||
|
matchLabels:
|
||||||
|
app.kubernetes.io/name: prometheus
|
90
unittests/persistentVolumeClaim/persistentVolumeClaim.yaml
Normal file
90
unittests/persistentVolumeClaim/persistentVolumeClaim.yaml
Normal file
@@ -0,0 +1,90 @@
|
|||||||
|
chart:
|
||||||
|
appVersion: 0.1.0
|
||||||
|
version: 0.1.0
|
||||||
|
suite: PersistentVolumeClaim template
|
||||||
|
release:
|
||||||
|
name: athens-proxy-unittest
|
||||||
|
namespace: testing
|
||||||
|
templates:
|
||||||
|
- templates/athens-proxy/persistentVolumeClaim.yaml
|
||||||
|
tests:
|
||||||
|
- it: Rendering default
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 0
|
||||||
|
|
||||||
|
- it: Rendering with enabled persistent storage
|
||||||
|
set:
|
||||||
|
persistence.enabled: true
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 1
|
||||||
|
- containsDocument:
|
||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolumeClaim
|
||||||
|
name: athens-proxy-unittest-data
|
||||||
|
namespace: testing
|
||||||
|
- notExists:
|
||||||
|
path: metadata.annotations
|
||||||
|
- equal:
|
||||||
|
path: metadata.labels
|
||||||
|
value:
|
||||||
|
app.kubernetes.io/instance: athens-proxy-unittest
|
||||||
|
app.kubernetes.io/managed-by: Helm
|
||||||
|
app.kubernetes.io/name: athens-proxy
|
||||||
|
app.kubernetes.io/version: 0.1.0
|
||||||
|
helm.sh/chart: athens-proxy-0.1.0
|
||||||
|
- equal:
|
||||||
|
path: spec.accessModes
|
||||||
|
value:
|
||||||
|
- ReadWriteMany
|
||||||
|
- isSubset:
|
||||||
|
path: spec.resources
|
||||||
|
content:
|
||||||
|
requests:
|
||||||
|
storage: 5Gi
|
||||||
|
- notExists:
|
||||||
|
path: spec.storageClassName
|
||||||
|
|
||||||
|
- it: Rendering with custom enabled persistent storage
|
||||||
|
set:
|
||||||
|
persistence.enabled: true
|
||||||
|
persistence.data.persistentVolumeClaim.annotations:
|
||||||
|
foo: bar
|
||||||
|
persistence.data.persistentVolumeClaim.labels:
|
||||||
|
bar: foo
|
||||||
|
persistence.data.persistentVolumeClaim.storageClassName: my-storage-class
|
||||||
|
persistence.data.persistentVolumeClaim.storageSize: 10Gi
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 1
|
||||||
|
- containsDocument:
|
||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolumeClaim
|
||||||
|
name: athens-proxy-unittest-data
|
||||||
|
namespace: testing
|
||||||
|
- equal:
|
||||||
|
path: metadata.annotations
|
||||||
|
value:
|
||||||
|
foo: bar
|
||||||
|
- equal:
|
||||||
|
path: metadata.labels
|
||||||
|
value:
|
||||||
|
app.kubernetes.io/instance: athens-proxy-unittest
|
||||||
|
app.kubernetes.io/managed-by: Helm
|
||||||
|
app.kubernetes.io/name: athens-proxy
|
||||||
|
app.kubernetes.io/version: 0.1.0
|
||||||
|
bar: foo
|
||||||
|
helm.sh/chart: athens-proxy-0.1.0
|
||||||
|
- equal:
|
||||||
|
path: spec.accessModes
|
||||||
|
value:
|
||||||
|
- ReadWriteMany
|
||||||
|
- isSubset:
|
||||||
|
path: spec.resources
|
||||||
|
content:
|
||||||
|
requests:
|
||||||
|
storage: 10Gi
|
||||||
|
- equal:
|
||||||
|
path: spec.storageClassName
|
||||||
|
value: my-storage-class
|
67
unittests/secrets/env.yaml
Normal file
67
unittests/secrets/env.yaml
Normal file
@@ -0,0 +1,67 @@
|
|||||||
|
chart:
|
||||||
|
appVersion: 0.1.0
|
||||||
|
version: 0.1.0
|
||||||
|
suite: Secret environment variables
|
||||||
|
release:
|
||||||
|
name: athens-proxy-unittest
|
||||||
|
namespace: testing
|
||||||
|
templates:
|
||||||
|
- templates/athens-proxy/secretEnv.yaml
|
||||||
|
tests:
|
||||||
|
- it: Skip rendering by using existing secret.
|
||||||
|
set:
|
||||||
|
config.env.existingSecret.enabled: true
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 0
|
||||||
|
|
||||||
|
- it: Rendering env secret with default values.
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 1
|
||||||
|
- containsDocument:
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
name: athens-proxy-unittest-env
|
||||||
|
namespace: testing
|
||||||
|
- notExists:
|
||||||
|
path: metadata.annotations
|
||||||
|
- equal:
|
||||||
|
path: metadata.labels
|
||||||
|
value:
|
||||||
|
app.kubernetes.io/instance: athens-proxy-unittest
|
||||||
|
app.kubernetes.io/managed-by: Helm
|
||||||
|
app.kubernetes.io/name: athens-proxy
|
||||||
|
app.kubernetes.io/version: 0.1.0
|
||||||
|
helm.sh/chart: athens-proxy-0.1.0
|
||||||
|
- isNullOrEmpty:
|
||||||
|
path: stringData
|
||||||
|
|
||||||
|
- it: Rendering env secret with custom values.
|
||||||
|
set:
|
||||||
|
config.env.secret.envs.ATHENS_GITHUB_TOKEN: my-secret-token
|
||||||
|
asserts:
|
||||||
|
- isSubset:
|
||||||
|
path: stringData
|
||||||
|
content:
|
||||||
|
ATHENS_GITHUB_TOKEN: my-secret-token
|
||||||
|
|
||||||
|
- it: Rendering custom annotations and labels.
|
||||||
|
set:
|
||||||
|
config.env.secret.annotations:
|
||||||
|
foo: bar
|
||||||
|
bar: foo
|
||||||
|
config.env.secret.labels:
|
||||||
|
foo: bar
|
||||||
|
bar: foo
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: metadata.annotations
|
||||||
|
value:
|
||||||
|
foo: bar
|
||||||
|
bar: foo
|
||||||
|
- isSubset:
|
||||||
|
path: metadata.labels
|
||||||
|
content:
|
||||||
|
foo: bar
|
||||||
|
bar: foo
|
83
unittests/secrets/netrc.yaml
Normal file
83
unittests/secrets/netrc.yaml
Normal file
@@ -0,0 +1,83 @@
|
|||||||
|
chart:
|
||||||
|
appVersion: 0.1.0
|
||||||
|
version: 0.1.0
|
||||||
|
suite: Secret netrc template
|
||||||
|
release:
|
||||||
|
name: athens-proxy-unittest
|
||||||
|
namespace: testing
|
||||||
|
templates:
|
||||||
|
- templates/athens-proxy/secretNetRC.yaml
|
||||||
|
tests:
|
||||||
|
- it: Skip rendering by using existing secret.
|
||||||
|
set:
|
||||||
|
config.netrc.existingSecret.enabled: true
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 0
|
||||||
|
|
||||||
|
- it: Rendering netrc secret with default values.
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 1
|
||||||
|
- containsDocument:
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
name: athens-proxy-unittest-netrc
|
||||||
|
namespace: testing
|
||||||
|
- notExists:
|
||||||
|
path: metadata.annotations
|
||||||
|
- equal:
|
||||||
|
path: metadata.labels
|
||||||
|
value:
|
||||||
|
app.kubernetes.io/instance: athens-proxy-unittest
|
||||||
|
app.kubernetes.io/managed-by: Helm
|
||||||
|
app.kubernetes.io/name: athens-proxy
|
||||||
|
app.kubernetes.io/version: 0.1.0
|
||||||
|
helm.sh/chart: athens-proxy-0.1.0
|
||||||
|
- equal:
|
||||||
|
path: stringData[".netrc"]
|
||||||
|
value: |
|
||||||
|
# The .netrc file
|
||||||
|
#
|
||||||
|
# The .netrc file contains login and initialization information used by the auto-login process. It generally
|
||||||
|
# resides in the user's home directory, but a location outside of the home directory can be set using the
|
||||||
|
# environment variable NETRC. Both locations are overridden by the command line option -N. The selected file
|
||||||
|
# must be a regular file, or access will be denied.
|
||||||
|
#
|
||||||
|
# https://www.gnu.org/software/inetutils/manual/html_node/The-_002enetrc-file.html
|
||||||
|
#
|
||||||
|
# default login [name] password [password/token]
|
||||||
|
# machine github.com [octocat] password [PAT]
|
||||||
|
# machine api.github.com [octocat] password [PAT]
|
||||||
|
|
||||||
|
- it: Rendering netrc secret with custom values.
|
||||||
|
set:
|
||||||
|
config.netrc.secret.content: |
|
||||||
|
default github.com hugo password kinnock
|
||||||
|
default api.github.com hugo password kinnock
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: stringData[".netrc"]
|
||||||
|
value: |
|
||||||
|
default github.com hugo password kinnock
|
||||||
|
default api.github.com hugo password kinnock
|
||||||
|
|
||||||
|
- it: Rendering custom annotations and labels.
|
||||||
|
set:
|
||||||
|
config.netrc.secret.annotations:
|
||||||
|
foo: bar
|
||||||
|
bar: foo
|
||||||
|
config.netrc.secret.labels:
|
||||||
|
foo: bar
|
||||||
|
bar: foo
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: metadata.annotations
|
||||||
|
value:
|
||||||
|
foo: bar
|
||||||
|
bar: foo
|
||||||
|
- isSubset:
|
||||||
|
path: metadata.labels
|
||||||
|
content:
|
||||||
|
foo: bar
|
||||||
|
bar: foo
|
109
unittests/secrets/ssh.yaml
Normal file
109
unittests/secrets/ssh.yaml
Normal file
@@ -0,0 +1,109 @@
|
|||||||
|
chart:
|
||||||
|
appVersion: 0.1.0
|
||||||
|
version: 0.1.0
|
||||||
|
suite: Secret ssh template
|
||||||
|
release:
|
||||||
|
name: athens-proxy-unittest
|
||||||
|
namespace: testing
|
||||||
|
templates:
|
||||||
|
- templates/athens-proxy/secretSSH.yaml
|
||||||
|
tests:
|
||||||
|
- it: Skip rendering by using existing secret.
|
||||||
|
set:
|
||||||
|
config.ssh.existingSecret.enabled: true
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 0
|
||||||
|
|
||||||
|
- it: Rendering ssh secret with default values.
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 1
|
||||||
|
- containsDocument:
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
name: athens-proxy-unittest-ssh
|
||||||
|
namespace: testing
|
||||||
|
- notExists:
|
||||||
|
path: metadata.annotations
|
||||||
|
- equal:
|
||||||
|
path: metadata.labels
|
||||||
|
value:
|
||||||
|
app.kubernetes.io/instance: athens-proxy-unittest
|
||||||
|
app.kubernetes.io/managed-by: Helm
|
||||||
|
app.kubernetes.io/name: athens-proxy
|
||||||
|
app.kubernetes.io/version: 0.1.0
|
||||||
|
helm.sh/chart: athens-proxy-0.1.0
|
||||||
|
- equal:
|
||||||
|
path: stringData.config
|
||||||
|
value: |
|
||||||
|
# Host *
|
||||||
|
# IdentityFile ~/.ssh/id_ed25519
|
||||||
|
# IdentityFile ~/.ssh/id_rsa
|
||||||
|
- notExists:
|
||||||
|
path: stringData.id_ed25519
|
||||||
|
- notExists:
|
||||||
|
path: stringData["id_ed25519.pub"]
|
||||||
|
- notExists:
|
||||||
|
path: stringData.id_rsa
|
||||||
|
- notExists:
|
||||||
|
path: stringData["id_rsa.pub"]
|
||||||
|
|
||||||
|
- it: Rendering ssh secret with custom values.
|
||||||
|
set:
|
||||||
|
config.ssh.secret.config: |
|
||||||
|
Host *
|
||||||
|
IdentityFile ~/.ssh/id_ed25519
|
||||||
|
IdentityFile ~/.ssh/id_rsa
|
||||||
|
config.ssh.secret.id_ed25519: |
|
||||||
|
my-private-25519-key
|
||||||
|
config.ssh.secret.id_ed25519_pub: |
|
||||||
|
my-public-25519-key
|
||||||
|
config.ssh.secret.id_rsa: |
|
||||||
|
my-private-rsa-key
|
||||||
|
config.ssh.secret.id_rsa_pub: |
|
||||||
|
my-public-rsa-key
|
||||||
|
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: stringData.config
|
||||||
|
value: |
|
||||||
|
Host *
|
||||||
|
IdentityFile ~/.ssh/id_ed25519
|
||||||
|
IdentityFile ~/.ssh/id_rsa
|
||||||
|
- equal:
|
||||||
|
path: stringData.id_ed25519
|
||||||
|
value: |
|
||||||
|
my-private-25519-key
|
||||||
|
- equal:
|
||||||
|
path: stringData["id_ed25519.pub"]
|
||||||
|
value: |
|
||||||
|
my-public-25519-key
|
||||||
|
- equal:
|
||||||
|
path: stringData.id_rsa
|
||||||
|
value: |
|
||||||
|
my-private-rsa-key
|
||||||
|
- equal:
|
||||||
|
path: stringData["id_rsa.pub"]
|
||||||
|
value: |
|
||||||
|
my-public-rsa-key
|
||||||
|
|
||||||
|
- it: Rendering custom annotations and labels.
|
||||||
|
set:
|
||||||
|
config.ssh.secret.annotations:
|
||||||
|
foo: bar
|
||||||
|
bar: foo
|
||||||
|
config.ssh.secret.labels:
|
||||||
|
foo: bar
|
||||||
|
bar: foo
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: metadata.annotations
|
||||||
|
value:
|
||||||
|
foo: bar
|
||||||
|
bar: foo
|
||||||
|
- isSubset:
|
||||||
|
path: metadata.labels
|
||||||
|
content:
|
||||||
|
foo: bar
|
||||||
|
bar: foo
|
79
unittests/serviceAccounts/serviceAccount.yaml
Normal file
79
unittests/serviceAccounts/serviceAccount.yaml
Normal file
@@ -0,0 +1,79 @@
|
|||||||
|
chart:
|
||||||
|
appVersion: 0.1.0
|
||||||
|
version: 0.1.0
|
||||||
|
suite: ServiceAccount athens-proxy template
|
||||||
|
release:
|
||||||
|
name: athens-proxy-unittest
|
||||||
|
namespace: testing
|
||||||
|
templates:
|
||||||
|
- templates/athens-proxy/serviceAccount.yaml
|
||||||
|
tests:
|
||||||
|
- it: Skip rendering.
|
||||||
|
set:
|
||||||
|
serviceAccount.existing.enabled: true
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 0
|
||||||
|
|
||||||
|
- it: Rendering serviceAccount with default values.
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 1
|
||||||
|
- containsDocument:
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ServiceAccount
|
||||||
|
name: athens-proxy-unittest
|
||||||
|
namespace: testing
|
||||||
|
- notExists:
|
||||||
|
path: metadata.annotations
|
||||||
|
- notExists:
|
||||||
|
path: metadata.labels
|
||||||
|
- equal:
|
||||||
|
path: automountServiceAccountToken
|
||||||
|
value: true
|
||||||
|
- notExists:
|
||||||
|
path: imagePullSecrets
|
||||||
|
- notExists:
|
||||||
|
path: secrets
|
||||||
|
|
||||||
|
|
||||||
|
- it: Rendering serviceAccount with custom values.
|
||||||
|
set:
|
||||||
|
serviceAccount.new.annotations:
|
||||||
|
foo: bar
|
||||||
|
serviceAccount.new.labels:
|
||||||
|
bar: foo
|
||||||
|
serviceAccount.new.automountServiceAccountToken: false
|
||||||
|
serviceAccount.new.imagePullSecrets:
|
||||||
|
- name: "my-pull-secret"
|
||||||
|
serviceAccount.new.secrets:
|
||||||
|
- name: "my-secret"
|
||||||
|
namespace: "my-namespace"
|
||||||
|
fieldPath: "my-path"
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 1
|
||||||
|
- equal:
|
||||||
|
path: metadata.annotations
|
||||||
|
value:
|
||||||
|
foo: bar
|
||||||
|
- equal:
|
||||||
|
path: metadata.labels
|
||||||
|
value:
|
||||||
|
bar: foo
|
||||||
|
- equal:
|
||||||
|
path: metadata.name
|
||||||
|
value: athens-proxy-unittest
|
||||||
|
- equal:
|
||||||
|
path: automountServiceAccountToken
|
||||||
|
value: false
|
||||||
|
- equal:
|
||||||
|
path: imagePullSecrets
|
||||||
|
value:
|
||||||
|
- name: "my-pull-secret"
|
||||||
|
- equal:
|
||||||
|
path: secrets
|
||||||
|
value:
|
||||||
|
- name: "my-secret"
|
||||||
|
namespace: "my-namespace"
|
||||||
|
fieldPath: "my-path"
|
174
unittests/services/http.yaml
Normal file
174
unittests/services/http.yaml
Normal file
@@ -0,0 +1,174 @@
|
|||||||
|
chart:
|
||||||
|
appVersion: 0.1.0
|
||||||
|
version: 0.1.0
|
||||||
|
suite: Service http template
|
||||||
|
release:
|
||||||
|
name: athens-proxy-unittest
|
||||||
|
namespace: testing
|
||||||
|
templates:
|
||||||
|
- templates/athens-proxy/serviceHTTP.yaml
|
||||||
|
tests:
|
||||||
|
- it: Skip service when disabled.
|
||||||
|
set:
|
||||||
|
services.http.enabled: false
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 0
|
||||||
|
|
||||||
|
- it: Rendering service with default values.
|
||||||
|
asserts:
|
||||||
|
- hasDocuments:
|
||||||
|
count: 1
|
||||||
|
- containsDocument:
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
name: athens-proxy-unittest-http
|
||||||
|
namespace: testing
|
||||||
|
- notExists:
|
||||||
|
path: metadata.annotations
|
||||||
|
- equal:
|
||||||
|
path: metadata.labels
|
||||||
|
value:
|
||||||
|
app.kubernetes.io/instance: athens-proxy-unittest
|
||||||
|
app.kubernetes.io/managed-by: Helm
|
||||||
|
app.kubernetes.io/name: athens-proxy
|
||||||
|
app.kubernetes.io/service-name: http
|
||||||
|
app.kubernetes.io/version: 0.1.0
|
||||||
|
helm.sh/chart: athens-proxy-0.1.0
|
||||||
|
- notExists:
|
||||||
|
path: spec.externalIPs
|
||||||
|
- notExists:
|
||||||
|
path: spec.externalTrafficPolicy
|
||||||
|
- equal:
|
||||||
|
path: spec.internalTrafficPolicy
|
||||||
|
value: Cluster
|
||||||
|
- notExists:
|
||||||
|
path: spec.ipFamilies
|
||||||
|
- notExists:
|
||||||
|
path: spec.loadBalancerClass
|
||||||
|
- notExists:
|
||||||
|
path: spec.loadBalancerIP
|
||||||
|
- notExists:
|
||||||
|
path: spec.loadBalancerSourceRanges
|
||||||
|
- equal:
|
||||||
|
path: spec.ports[0].name
|
||||||
|
value: http
|
||||||
|
- equal:
|
||||||
|
path: spec.ports[0].protocol
|
||||||
|
value: TCP
|
||||||
|
- equal:
|
||||||
|
path: spec.ports[0].port
|
||||||
|
value: 3000
|
||||||
|
- equal:
|
||||||
|
path: spec.selector
|
||||||
|
value:
|
||||||
|
app.kubernetes.io/instance: athens-proxy-unittest
|
||||||
|
app.kubernetes.io/name: athens-proxy
|
||||||
|
- equal:
|
||||||
|
path: spec.sessionAffinity
|
||||||
|
value: None
|
||||||
|
- notExists:
|
||||||
|
path: spec.sessionAffinityConfig
|
||||||
|
- equal:
|
||||||
|
path: spec.type
|
||||||
|
value: ClusterIP
|
||||||
|
|
||||||
|
- it: Require internalTrafficPolicy.
|
||||||
|
set:
|
||||||
|
services.http.internalTrafficPolicy: ""
|
||||||
|
asserts:
|
||||||
|
- failedTemplate:
|
||||||
|
errorMessage: No internal traffic policy defined!
|
||||||
|
|
||||||
|
- it: Require port.
|
||||||
|
set:
|
||||||
|
services.http.port: ""
|
||||||
|
asserts:
|
||||||
|
- failedTemplate:
|
||||||
|
errorMessage: No service port defined!
|
||||||
|
|
||||||
|
- it: Require sessionAffinity.
|
||||||
|
set:
|
||||||
|
services.http.sessionAffinity: ""
|
||||||
|
asserts:
|
||||||
|
- failedTemplate:
|
||||||
|
errorMessage: No session affinity defined!
|
||||||
|
|
||||||
|
- it: Require service type.
|
||||||
|
set:
|
||||||
|
services.http.type: ""
|
||||||
|
asserts:
|
||||||
|
- failedTemplate:
|
||||||
|
errorMessage: No service type defined!
|
||||||
|
|
||||||
|
- it: Render service with custom annotations and labels.
|
||||||
|
set:
|
||||||
|
services.http.annotations:
|
||||||
|
foo: bar
|
||||||
|
services.http.labels:
|
||||||
|
bar: foo
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: metadata.annotations
|
||||||
|
value:
|
||||||
|
foo: bar
|
||||||
|
- equal:
|
||||||
|
path: metadata.labels
|
||||||
|
value:
|
||||||
|
app.kubernetes.io/instance: athens-proxy-unittest
|
||||||
|
app.kubernetes.io/managed-by: Helm
|
||||||
|
app.kubernetes.io/name: athens-proxy
|
||||||
|
app.kubernetes.io/service-name: http
|
||||||
|
app.kubernetes.io/version: 0.1.0
|
||||||
|
helm.sh/chart: athens-proxy-0.1.0
|
||||||
|
bar: foo
|
||||||
|
|
||||||
|
- it: Change defaults
|
||||||
|
set:
|
||||||
|
services.http.externalIPs:
|
||||||
|
- "10.11.12.13/32"
|
||||||
|
services.http.externalTrafficPolicy: Local
|
||||||
|
services.http.internalTrafficPolicy: Local
|
||||||
|
services.http.ipFamilies:
|
||||||
|
- IPv4
|
||||||
|
services.http.loadBalancerClass: aws
|
||||||
|
services.http.loadBalancerIP: "11.12.13.14"
|
||||||
|
services.http.loadBalancerSourceRanges:
|
||||||
|
- "11.12.0.0/17"
|
||||||
|
services.http.port: 10443
|
||||||
|
services.http.sessionAffinity: ClientIP
|
||||||
|
services.http.type: LoadBalancer
|
||||||
|
asserts:
|
||||||
|
- equal:
|
||||||
|
path: spec.externalIPs
|
||||||
|
value:
|
||||||
|
- 10.11.12.13/32
|
||||||
|
- equal:
|
||||||
|
path: spec.externalTrafficPolicy
|
||||||
|
value: Local
|
||||||
|
- equal:
|
||||||
|
path: spec.internalTrafficPolicy
|
||||||
|
value: Local
|
||||||
|
- equal:
|
||||||
|
path: spec.ipFamilies
|
||||||
|
value:
|
||||||
|
- IPv4
|
||||||
|
- equal:
|
||||||
|
path: spec.loadBalancerClass
|
||||||
|
value: aws
|
||||||
|
- equal:
|
||||||
|
path: spec.loadBalancerIP
|
||||||
|
value: "11.12.13.14"
|
||||||
|
- equal:
|
||||||
|
path: spec.loadBalancerSourceRanges
|
||||||
|
value:
|
||||||
|
- "11.12.0.0/17"
|
||||||
|
- equal:
|
||||||
|
path: spec.ports[0].port
|
||||||
|
value: 10443
|
||||||
|
- equal:
|
||||||
|
path: spec.sessionAffinity
|
||||||
|
value: ClientIP
|
||||||
|
- equal:
|
||||||
|
path: spec.type
|
||||||
|
value: LoadBalancer
|
738
values.yaml
738
values.yaml
@@ -1,199 +1,587 @@
|
|||||||
affinity: {}
|
# Declare variables to be passed into your templates.
|
||||||
|
## @section Global
|
||||||
image:
|
## @param nameOverride Individual release name suffix.
|
||||||
repository: docker.io/gomods/athens
|
## @param fullnameOverride Override the complete release name logic.
|
||||||
pullPolicy: IfNotPresent
|
|
||||||
# Overrides the image tag whose default is the chart appVersion.
|
|
||||||
tag: ""
|
|
||||||
|
|
||||||
imagePullSecrets: []
|
|
||||||
nameOverride: ""
|
nameOverride: ""
|
||||||
fullnameOverride: ""
|
fullnameOverride: ""
|
||||||
|
|
||||||
podAnnotations: {}
|
## @section Configuration
|
||||||
|
config:
|
||||||
|
env:
|
||||||
|
## @param config.env.existingSecret.enabled Mount an existing secret containing the application specific environment variables.
|
||||||
|
## @param config.env.existingSecret.secretName Name of the existing secret containing the application specific environment variables.
|
||||||
|
existingSecret:
|
||||||
|
enabled: false
|
||||||
|
secretName: ""
|
||||||
|
|
||||||
podPriorityClassName: ""
|
## @param config.env.secret.annotations Additional annotations of the secret containing the database credentials.
|
||||||
|
## @param config.env.secret.labels Additional labels of the secret containing the database credentials.
|
||||||
|
## @param config.env.secret.envs List of environment variables stored in a secret and mounted into the container.
|
||||||
|
secret:
|
||||||
|
annotations: {}
|
||||||
|
labels: {}
|
||||||
|
envs: {}
|
||||||
|
# ATHENS_AZURE_ACCOUNT_KEY:
|
||||||
|
# ATHENS_AZURE_ACCOUNT_NAME:
|
||||||
|
# ATHENS_AZURE_CONTAINER_NAME:
|
||||||
|
# ATHENS_CLOUD_RUNTIME:
|
||||||
|
# ATHENS_DOWNLOAD_MODE:
|
||||||
|
# ATHENS_DOWNLOAD_URL:
|
||||||
|
# ATHENS_ETCD_ENDPOINTS:
|
||||||
|
# ATHENS_EXTERNAL_STORAGE_URL:
|
||||||
|
# ATHENS_FILTER_FILE:
|
||||||
|
# ATHENS_GITHUB_TOKEN:
|
||||||
|
# ATHENS_GLOBAL_ENDPOINT:
|
||||||
|
# ATHENS_GO_BINARY_ENV_VARS:
|
||||||
|
# ATHENS_GOGET_DIR:
|
||||||
|
# ATHENS_GOGET_WORKERS:
|
||||||
|
# ATHENS_GONOSUM_PATTERNS:
|
||||||
|
# ATHENS_HGRC_PATH:
|
||||||
|
# ATHENS_INDEX_MYSQL_DATABASE:
|
||||||
|
# ATHENS_INDEX_MYSQL_HOST:
|
||||||
|
# ATHENS_INDEX_MYSQL_PARAMS:
|
||||||
|
# ATHENS_INDEX_MYSQL_PASSWORD:
|
||||||
|
# ATHENS_INDEX_MYSQL_PORT:
|
||||||
|
# ATHENS_INDEX_MYSQL_PROTOCOL:
|
||||||
|
# ATHENS_INDEX_MYSQL_USER:
|
||||||
|
# ATHENS_INDEX_POSTGRES_DATABASE:
|
||||||
|
# ATHENS_INDEX_POSTGRES_HOST:
|
||||||
|
# ATHENS_INDEX_POSTGRES_PARAMS:
|
||||||
|
# ATHENS_INDEX_POSTGRES_PASSWORD:
|
||||||
|
# ATHENS_INDEX_POSTGRES_PORT:
|
||||||
|
# ATHENS_INDEX_POSTGRES_USER:
|
||||||
|
# ATHENS_INDEX_TYPE:
|
||||||
|
# ATHENS_LOG_LEVEL:
|
||||||
|
# ATHENS_MINIO_ACCESS_KEY_ID:
|
||||||
|
# ATHENS_MINIO_BUCKET_NAME:
|
||||||
|
# ATHENS_MINIO_ENDPOINT:
|
||||||
|
# ATHENS_MINIO_REGION:
|
||||||
|
# ATHENS_MINIO_SECRET_ACCESS_KEY:
|
||||||
|
# ATHENS_MINIO_USE_SSL:
|
||||||
|
# ATHENS_MONGO_CERT_PATH:
|
||||||
|
# ATHENS_MONGO_DEFAULT_DATABASE:
|
||||||
|
# ATHENS_MONGO_INSECURE:
|
||||||
|
# ATHENS_MONGO_STORAGE_URL:
|
||||||
|
# ATHENS_NETRC_PATH:
|
||||||
|
# ATHENS_PATH_PREFIX:
|
||||||
|
# ATHENS_PORT:
|
||||||
|
# ATHENS_PROTOCOL_WORKERS:
|
||||||
|
# ATHENS_PROXY_VALIDATOR:
|
||||||
|
# ATHENS_REDIS_ENDPOINT:
|
||||||
|
# ATHENS_REDIS_PASSWORD:
|
||||||
|
# ATHENS_REDIS_SENTINEL_ENDPOINTS:
|
||||||
|
# ATHENS_ROBOTS_FILE:
|
||||||
|
# ATHENS_SINGLE_FLIGHT_TYPE:
|
||||||
|
# ATHENS_STATS_EXPORTER:
|
||||||
|
# ATHENS_STORAGE_GCP_BUCKET:
|
||||||
|
# ATHENS_STORAGE_GCP_JSON_KEY:
|
||||||
|
# ATHENS_STORAGE_TYPE:
|
||||||
|
# ATHENS_SUM_DBS:
|
||||||
|
# ATHENS_TIMEOUT:
|
||||||
|
# ATHENS_TLSCERT_FILE:
|
||||||
|
# ATHENS_TLSKEY_FILE:
|
||||||
|
# ATHENS_TRACE_EXPORTER_URL:
|
||||||
|
# ATHENS_TRACE_EXPORTER:
|
||||||
|
# AWS_ACCESS_KEY_ID:
|
||||||
|
# AWS_ENDPOINT:
|
||||||
|
# AWS_FORCE_PATH_STYLE:
|
||||||
|
# AWS_REGION:
|
||||||
|
# AWS_SECRET_ACCESS_KEY:
|
||||||
|
# AWS_SESSION_TOKEN:
|
||||||
|
# BASIC_AUTH_PASS:
|
||||||
|
# BASIC_AUTH_USER:
|
||||||
|
# CDN_ENDPOINT:
|
||||||
|
# GO_BINARY_PATH:
|
||||||
|
# GO_ENV:
|
||||||
|
# GOOGLE_CLOUD_PROJECT:
|
||||||
|
# MY_S3_BUCKET_NAME:
|
||||||
|
# PROXY_FORCE_SSL:
|
||||||
|
|
||||||
podSecurityContext: {}
|
downloadMode:
|
||||||
# fsGroup: 2000
|
## @param config.downloadMode.existingConfigMap.enabled TODO:
|
||||||
|
## @param config.downloadMode.existingConfigMap.secretName TODO:
|
||||||
|
existingConfigMap:
|
||||||
|
enabled: false
|
||||||
|
secretName: ""
|
||||||
|
|
||||||
securityContext: {}
|
## @param config.downloadMode.configMap.annotations Additional annotations of the config map containing the download mode file.
|
||||||
# capabilities:
|
## @param config.downloadMode.configMap.labels Additional labels of the config map containing the download mode file.
|
||||||
# drop:
|
## @param config.downloadMode.configMap.content Additional labels of the config map containing the download mode file.
|
||||||
# - ALL
|
configMap:
|
||||||
# readOnlyRootFilesystem: true
|
annotations: {}
|
||||||
# runAsNonRoot: true
|
labels: {}
|
||||||
# runAsUser: 1000
|
content: |
|
||||||
|
# downloadURL = "https://proxy.golang.org"
|
||||||
|
#
|
||||||
|
# mode = "async_redirect"
|
||||||
|
#
|
||||||
|
# download "github.com/gomods/*" {
|
||||||
|
# mode = "sync"
|
||||||
|
# }
|
||||||
|
#
|
||||||
|
# download "golang.org/x/*" {
|
||||||
|
# mode = "none"
|
||||||
|
# }
|
||||||
|
#
|
||||||
|
# download "github.com/pkg/*" {
|
||||||
|
# mode = "redirect"
|
||||||
|
# downloadURL = "https://gocenter.io"
|
||||||
|
# }
|
||||||
|
|
||||||
config: {}
|
gitConfig:
|
||||||
# ATHENS_AZURE_ACCOUNT_KEY:
|
## @param config.gitConfig.existingConfigMap.enabled TODO:
|
||||||
# ATHENS_AZURE_ACCOUNT_NAME:
|
## @param config.gitConfig.existingConfigMap.secretName TODO:
|
||||||
# ATHENS_AZURE_CONTAINER_NAME:
|
existingConfigMap:
|
||||||
# ATHENS_CLOUD_RUNTIME:
|
enabled: false
|
||||||
# ATHENS_DOWNLOAD_MODE:
|
secretName: ""
|
||||||
# ATHENS_DOWNLOAD_URL:
|
|
||||||
# ATHENS_ETCD_ENDPOINTS:
|
|
||||||
# ATHENS_EXTERNAL_STORAGE_URL:
|
|
||||||
# ATHENS_FILTER_FILE:
|
|
||||||
# ATHENS_GITHUB_TOKEN:
|
|
||||||
# ATHENS_GLOBAL_ENDPOINT:
|
|
||||||
# ATHENS_GO_BINARY_ENV_VARS:
|
|
||||||
# ATHENS_GOGET_DIR:
|
|
||||||
# ATHENS_GOGET_WORKERS:
|
|
||||||
# ATHENS_GONOSUM_PATTERNS:
|
|
||||||
# ATHENS_HGRC_PATH:
|
|
||||||
# ATHENS_INDEX_MYSQL_DATABASE:
|
|
||||||
# ATHENS_INDEX_MYSQL_HOST:
|
|
||||||
# ATHENS_INDEX_MYSQL_PARAMS:
|
|
||||||
# ATHENS_INDEX_MYSQL_PASSWORD:
|
|
||||||
# ATHENS_INDEX_MYSQL_PORT:
|
|
||||||
# ATHENS_INDEX_MYSQL_PROTOCOL:
|
|
||||||
# ATHENS_INDEX_MYSQL_USER:
|
|
||||||
# ATHENS_INDEX_POSTGRES_DATABASE:
|
|
||||||
# ATHENS_INDEX_POSTGRES_HOST:
|
|
||||||
# ATHENS_INDEX_POSTGRES_PARAMS:
|
|
||||||
# ATHENS_INDEX_POSTGRES_PASSWORD:
|
|
||||||
# ATHENS_INDEX_POSTGRES_PORT:
|
|
||||||
# ATHENS_INDEX_POSTGRES_USER:
|
|
||||||
# ATHENS_INDEX_TYPE:
|
|
||||||
# ATHENS_LOG_LEVEL:
|
|
||||||
# ATHENS_MINIO_ACCESS_KEY_ID:
|
|
||||||
# ATHENS_MINIO_BUCKET_NAME:
|
|
||||||
# ATHENS_MINIO_ENDPOINT:
|
|
||||||
# ATHENS_MINIO_REGION:
|
|
||||||
# ATHENS_MINIO_SECRET_ACCESS_KEY:
|
|
||||||
# ATHENS_MINIO_USE_SSL:
|
|
||||||
# ATHENS_MONGO_CERT_PATH:
|
|
||||||
# ATHENS_MONGO_DEFAULT_DATABASE:
|
|
||||||
# ATHENS_MONGO_INSECURE:
|
|
||||||
# ATHENS_MONGO_STORAGE_URL:
|
|
||||||
# ATHENS_NETRC_PATH:
|
|
||||||
# ATHENS_PATH_PREFIX:
|
|
||||||
# ATHENS_PORT:
|
|
||||||
# ATHENS_PROTOCOL_WORKERS:
|
|
||||||
# ATHENS_PROXY_VALIDATOR:
|
|
||||||
# ATHENS_REDIS_ENDPOINT:
|
|
||||||
# ATHENS_REDIS_PASSWORD:
|
|
||||||
# ATHENS_REDIS_SENTINEL_ENDPOINTS:
|
|
||||||
# ATHENS_ROBOTS_FILE:
|
|
||||||
# ATHENS_SINGLE_FLIGHT_TYPE:
|
|
||||||
# ATHENS_STATS_EXPORTER:
|
|
||||||
# ATHENS_STORAGE_GCP_BUCKET:
|
|
||||||
# ATHENS_STORAGE_GCP_JSON_KEY:
|
|
||||||
# ATHENS_STORAGE_TYPE:
|
|
||||||
# ATHENS_SUM_DBS:
|
|
||||||
# ATHENS_TIMEOUT:
|
|
||||||
# ATHENS_TLSCERT_FILE:
|
|
||||||
# ATHENS_TLSKEY_FILE:
|
|
||||||
# ATHENS_TRACE_EXPORTER_URL:
|
|
||||||
# ATHENS_TRACE_EXPORTER:
|
|
||||||
# AWS_ACCESS_KEY_ID:
|
|
||||||
# AWS_ENDPOINT:
|
|
||||||
# AWS_FORCE_PATH_STYLE:
|
|
||||||
# AWS_REGION:
|
|
||||||
# AWS_SECRET_ACCESS_KEY:
|
|
||||||
# AWS_SESSION_TOKEN:
|
|
||||||
# BASIC_AUTH_PASS:
|
|
||||||
# BASIC_AUTH_USER:
|
|
||||||
# CDN_ENDPOINT:
|
|
||||||
# GO_BINARY_PATH:
|
|
||||||
# GO_ENV:
|
|
||||||
# GOOGLE_CLOUD_PROJECT:
|
|
||||||
# MY_S3_BUCKET_NAME:
|
|
||||||
# PROXY_FORCE_SSL:
|
|
||||||
|
|
||||||
livenessProbe:
|
## @param config.gitConfig.configMap.annotations Additional annotations of the config map containing the download mode file.
|
||||||
httpGet:
|
## @param config.gitConfig.configMap.labels Additional labels of the config map containing the download mode file.
|
||||||
scheme: HTTP
|
## @param config.gitConfig.configMap.content TODO:
|
||||||
path: /healthz
|
configMap:
|
||||||
port: http
|
annotations: {}
|
||||||
|
labels: {}
|
||||||
|
content: |
|
||||||
|
|
||||||
replicaCount: 1
|
netrc:
|
||||||
|
## @param config.netrc.existingSecret.enabled TODO:.
|
||||||
|
## @param config.netrc.existingSecret.secretName TODO:
|
||||||
|
existingSecret:
|
||||||
|
enabled: false
|
||||||
|
secretName: ""
|
||||||
|
|
||||||
serviceAccount:
|
## @param config.netrc.secret.annotations Additional annotations of the secret containing the database credentials.
|
||||||
|
## @param config.netrc.secret.labels Additional labels of the secret containing the database credentials.
|
||||||
|
## @param config.netrc.secret.content TODO:
|
||||||
|
secret:
|
||||||
|
annotations: {}
|
||||||
|
labels: {}
|
||||||
|
content: |
|
||||||
|
# The .netrc file
|
||||||
|
#
|
||||||
|
# The .netrc file contains login and initialization information used by the auto-login process. It generally
|
||||||
|
# resides in the user's home directory, but a location outside of the home directory can be set using the
|
||||||
|
# environment variable NETRC. Both locations are overridden by the command line option -N. The selected file
|
||||||
|
# must be a regular file, or access will be denied.
|
||||||
|
#
|
||||||
|
# https://www.gnu.org/software/inetutils/manual/html_node/The-_002enetrc-file.html
|
||||||
|
#
|
||||||
|
# default login [name] password [password/token]
|
||||||
|
# machine github.com [octocat] password [PAT]
|
||||||
|
# machine api.github.com [octocat] password [PAT]
|
||||||
|
|
||||||
|
ssh:
|
||||||
|
## @param config.ssh.existingSecret.enabled TODO:.
|
||||||
|
## @param config.ssh.existingSecret.secretName TODO:
|
||||||
|
existingSecret:
|
||||||
|
enabled: false
|
||||||
|
|
||||||
|
## @param config.ssh.secret.annotations Additional annotations of the secret containing the database credentials.
|
||||||
|
## @param config.ssh.secret.labels Additional labels of the secret containing the database credentials.
|
||||||
|
## @param config.ssh.secret.files TODO:
|
||||||
|
## @skip config.ssh.secret.id_ed25519 TODO:
|
||||||
|
## @skip config.ssh.secret.id_ed25519_pub TODO:
|
||||||
|
## @skip config.ssh.secret.id_rsa TODO:
|
||||||
|
## @skip config.ssh.secret.id_rsa_pub TODO:
|
||||||
|
secret:
|
||||||
|
annotations: {}
|
||||||
|
labels: {}
|
||||||
|
config: |
|
||||||
|
# Host *
|
||||||
|
# IdentityFile ~/.ssh/id_ed25519
|
||||||
|
# IdentityFile ~/.ssh/id_rsa
|
||||||
|
id_ed25519: ""
|
||||||
|
id_ed25519_pub: ""
|
||||||
|
id_rsa: ""
|
||||||
|
id_rsa_pub: ""
|
||||||
|
|
||||||
|
## @section Deployment
|
||||||
|
deployment:
|
||||||
|
## @param deployment.annotations Additional deployment annotations.
|
||||||
|
## @param deployment.labels Additional deployment labels.
|
||||||
annotations: {}
|
annotations: {}
|
||||||
|
labels: {}
|
||||||
|
|
||||||
service:
|
## @param deployment.additionalContainers List of additional containers.
|
||||||
|
additionalContainers: []
|
||||||
|
# - command: [ "sh", "-c", "echo hello world" ]
|
||||||
|
# image: "docker.io/library/busybox:latest"
|
||||||
|
# name: side-car
|
||||||
|
|
||||||
|
## @param deployment.affinity Affinity for the athens-proxy deployment.
|
||||||
|
affinity: {}
|
||||||
|
# nodeAffinity:
|
||||||
|
# requiredDuringSchedulingIgnoredDuringExecution:
|
||||||
|
# nodeSelectorTerms:
|
||||||
|
# - matchExpressions:
|
||||||
|
# - key: kubernetes.io/os
|
||||||
|
# operator: In
|
||||||
|
# values:
|
||||||
|
# - linux
|
||||||
|
# preferredDuringSchedulingIgnoredDuringExecution:
|
||||||
|
# - weight: 20
|
||||||
|
# preference:
|
||||||
|
# matchExpressions:
|
||||||
|
# - key: kubernetes.io/arch
|
||||||
|
# operator: In
|
||||||
|
# values:
|
||||||
|
# - amd64
|
||||||
|
|
||||||
|
## @param deployment.initContainers List of additional init containers.
|
||||||
|
initContainers: []
|
||||||
|
# - command: [ "sh", "-c", "echo hello world" ]
|
||||||
|
# image: "docker.io/library/busybox:latest"
|
||||||
|
# name: init
|
||||||
|
|
||||||
|
## @param deployment.dnsConfig dnsConfig of the athens-proxy deployment.
|
||||||
|
dnsConfig: {}
|
||||||
|
# nameservers:
|
||||||
|
# - 192.0.2.1 # this is an example
|
||||||
|
# searches:
|
||||||
|
# - ns1.svc.cluster-domain.example
|
||||||
|
# - my.dns.search.suffix
|
||||||
|
# options:
|
||||||
|
# - name: ndots
|
||||||
|
# value: "2"
|
||||||
|
# - name: edns0
|
||||||
|
|
||||||
|
## @param deployment.dnsPolicy dnsPolicy of the athens-proxy deployment.
|
||||||
|
dnsPolicy: ""
|
||||||
|
|
||||||
|
## @param deployment.hostname Individual hostname of the pod.
|
||||||
|
## @param deployment.subdomain Individual domain of the pod.
|
||||||
|
hostname: ""
|
||||||
|
subdomain: ""
|
||||||
|
|
||||||
|
## @param deployment.hostNetwork Use the kernel network namespace of the host system.
|
||||||
|
hostNetwork: false
|
||||||
|
|
||||||
|
## @param deployment.imagePullSecrets Secret to use for pulling the image.
|
||||||
|
imagePullSecrets: []
|
||||||
|
# - name: "my-custom-secret"
|
||||||
|
|
||||||
|
athensProxy:
|
||||||
|
## @param deployment.athensProxy.args Arguments passed to the athens-proxy container.
|
||||||
|
args: []
|
||||||
|
|
||||||
|
## @param deployment.athensProxy.command Command passed to the athens-proxy container.
|
||||||
|
command: []
|
||||||
|
|
||||||
|
## @param deployment.athensProxy.env List of environment variables for the athens-proxy container.
|
||||||
|
env: []
|
||||||
|
# - name: SPECIAL_ENV_A
|
||||||
|
# value: special-key
|
||||||
|
# - name: SPECIAL_ENV
|
||||||
|
# valueFrom:
|
||||||
|
# configMapKeyRef:
|
||||||
|
# name: special-config
|
||||||
|
# key: special-key
|
||||||
|
# - name: SPECIAL_ENV
|
||||||
|
# valueFrom:
|
||||||
|
# secretKeyRef:
|
||||||
|
# name: special-secret
|
||||||
|
# key: special-key
|
||||||
|
|
||||||
|
## @param deployment.athensProxy.envFrom List of environment variables mounted from configMaps or secrets for the athens-proxy container.
|
||||||
|
envFrom: []
|
||||||
|
# - configMapRef:
|
||||||
|
# name: special-config
|
||||||
|
# - secretRef:
|
||||||
|
# name: special-secret
|
||||||
|
|
||||||
|
## @param deployment.athensProxy.image.registry Image registry, eg. `docker.io`.
|
||||||
|
## @param deployment.athensProxy.image.repository Image repository, eg. `library/busybox`.
|
||||||
|
## @param deployment.athensProxy.image.tag Custom image tag, eg. `0.1.0`. Defaults to `appVersion`.
|
||||||
|
## @param deployment.athensProxy.image.pullPolicy Image pull policy.
|
||||||
|
image:
|
||||||
|
registry: docker.io
|
||||||
|
repository: gomods/athens
|
||||||
|
tag: ""
|
||||||
|
pullPolicy: IfNotPresent
|
||||||
|
|
||||||
|
## @param deployment.athensProxy.resources CPU and memory resources of the pod.
|
||||||
|
resources: {}
|
||||||
|
# limits:
|
||||||
|
# cpu:
|
||||||
|
# ephemeral-storage:
|
||||||
|
# memory:
|
||||||
|
# requests:
|
||||||
|
# cpu:
|
||||||
|
# ephemeral-storage:
|
||||||
|
# memory:
|
||||||
|
|
||||||
|
## @param deployment.athensProxy.securityContext Security context of the container of the deployment.
|
||||||
|
securityContext: {}
|
||||||
|
# capabilities:
|
||||||
|
# add:
|
||||||
|
# - NET_RAW
|
||||||
|
# drop:
|
||||||
|
# - ALL
|
||||||
|
# privileged: false
|
||||||
|
# readOnlyRootFilesystem: true
|
||||||
|
# runAsNonRoot: true
|
||||||
|
# runAsUser: 1000
|
||||||
|
|
||||||
|
## @param deployment.athensProxy.volumeMounts Additional volume mounts.
|
||||||
|
volumeMounts: []
|
||||||
|
# - name: my-configmap-volume
|
||||||
|
# mountPath: /configmap
|
||||||
|
# readOnly: true
|
||||||
|
|
||||||
|
## @param deployment.nodeSelector NodeSelector of the athens-proxy deployment.
|
||||||
|
nodeSelector: {}
|
||||||
|
|
||||||
|
## @param deployment.priorityClassName PriorityClassName of the athens-proxy deployment.
|
||||||
|
priorityClassName: ""
|
||||||
|
|
||||||
|
## @param deployment.replicas Number of replicas for the athens-proxy deployment.
|
||||||
|
replicas: 1
|
||||||
|
|
||||||
|
## @param deployment.restartPolicy Restart policy of the athens-proxy deployment.
|
||||||
|
restartPolicy: ""
|
||||||
|
|
||||||
|
## @param deployment.securityContext Security context of the athens-proxy deployment.
|
||||||
|
securityContext: {}
|
||||||
|
# fsGroup: 2000
|
||||||
|
|
||||||
|
## @param deployment.strategy.type Strategy type - `Recreate` or `RollingUpdate`.
|
||||||
|
## @param deployment.strategy.rollingUpdate.maxSurge The maximum number of pods that can be scheduled above the desired number of pods during a rolling update.
|
||||||
|
## @param deployment.strategy.rollingUpdate.maxUnavailable The maximum number of pods that can be unavailable during a rolling update.
|
||||||
|
strategy:
|
||||||
|
type: "RollingUpdate"
|
||||||
|
rollingUpdate:
|
||||||
|
maxSurge: 1
|
||||||
|
maxUnavailable: 1
|
||||||
|
|
||||||
|
## @param deployment.terminationGracePeriodSeconds How long to wait until forcefully kill the pod.
|
||||||
|
terminationGracePeriodSeconds: 60
|
||||||
|
|
||||||
|
## @param deployment.tolerations Tolerations of the athens-proxy deployment.
|
||||||
|
tolerations: []
|
||||||
|
# - key: database/type
|
||||||
|
# operator: Equal
|
||||||
|
# value: postgres
|
||||||
|
# effect: NoSchedule
|
||||||
|
|
||||||
|
## @param deployment.topologySpreadConstraints TopologySpreadConstraints of the athens-proxy deployment.
|
||||||
|
topologySpreadConstraints: []
|
||||||
|
# - topologyKey: kubernetes.io/hostname
|
||||||
|
# whenUnsatisfiable: DoNotSchedule
|
||||||
|
# labelSelector:
|
||||||
|
# matchLabels:
|
||||||
|
# app.kubernetes.io/instance: prometheus-athens-proxy
|
||||||
|
|
||||||
|
## @param deployment.volumes Additional volumes to mount into the pods of the prometheus-exporter deployment.
|
||||||
|
volumes: []
|
||||||
|
# - name: my-configmap-volume
|
||||||
|
# config:
|
||||||
|
# name: my-configmap
|
||||||
|
# - name: my-secret-volume
|
||||||
|
# secret:
|
||||||
|
# secretName: my-secret
|
||||||
|
|
||||||
|
## @section Horizontal Pod Autoscaler (HPA)
|
||||||
|
# In order for the HPA to function successfully, a metric server is required, especially for resource consumption. The
|
||||||
|
# metric server enables the CPU and memory utilisation to be recorded. If such a metric server is not available, the HPA
|
||||||
|
# cannot scale pods based on CPU or memory utilisation. Further information be be found here:
|
||||||
|
# https://github.com/kubernetes-sigs/metrics-server#deployment
|
||||||
|
hpa:
|
||||||
|
## @param hpa.enabled Enable the horizontal pod autoscaler (HPA).
|
||||||
|
## @param hpa.annotations Additional annotations for the HPA.
|
||||||
|
## @param hpa.labels Additional labels for the HPA.
|
||||||
|
## @param hpa.metrics Metrics contains the specifications for which to use to calculate the desired replica count.
|
||||||
|
## @skip hpa.metrics Skip individual HPA metric configurations.
|
||||||
|
## @param hpa.minReplicas Min replicas is the lower limit for the number of replicas to which the autoscaler can scale down.
|
||||||
|
## @param hpa.maxReplicas Upper limit for the number of pods that can be set by the autoscaler.
|
||||||
|
enabled: false
|
||||||
annotations: {}
|
annotations: {}
|
||||||
# externalIPs: []
|
labels: {}
|
||||||
# externalTrafficPolicy: "Cluster"
|
metrics:
|
||||||
# loadBalancerClass: ""
|
- resource:
|
||||||
# loadBalancerIP: ""
|
name: cpu
|
||||||
# loadBalancerSourceRanges: []
|
target:
|
||||||
# internalTrafficPolicy: "Cluster"
|
averageUtilization: 65
|
||||||
name: http
|
type: Utilization
|
||||||
targetPort: 3000
|
type: Resource
|
||||||
type: ClusterIP
|
# - resource:
|
||||||
port: 3000
|
# name: memory
|
||||||
|
# target:
|
||||||
|
# averageUtilization: 65
|
||||||
|
# type: Utilization
|
||||||
|
minReplicas: 1
|
||||||
|
maxReplicas: 10
|
||||||
|
|
||||||
|
## @section Ingress
|
||||||
ingress:
|
ingress:
|
||||||
|
## @param ingress.enabled Enable creation of an ingress resource. Requires, that the http service is also enabled.
|
||||||
|
## @param ingress.className Ingress class.
|
||||||
|
## @param ingress.annotations Additional ingress annotations.
|
||||||
|
## @param ingress.labels Additional ingress labels.
|
||||||
enabled: false
|
enabled: false
|
||||||
className: "nginx"
|
className: "nginx"
|
||||||
annotations: {}
|
annotations: {}
|
||||||
# kubernetes.io/ingress.class: nginx
|
labels: {}
|
||||||
# cert-manager.io/issuer:
|
|
||||||
# kubernetes.io/tls-acme: "true"
|
|
||||||
hosts:
|
|
||||||
- host: "your-hostname"
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
pathType: ImplementationSpecific
|
|
||||||
tls:
|
|
||||||
- secretName: "your-tls-secret"
|
|
||||||
hosts:
|
|
||||||
- "your-hostname"
|
|
||||||
|
|
||||||
readinessProbe:
|
## @param ingress.hosts Ingress specific configuration. Specification only required when another ingress controller is used instead of `t1k.
|
||||||
httpGet:
|
## @skip ingress.hosts Skip individual host configuration.
|
||||||
scheme: HTTP
|
hosts: []
|
||||||
path: /healthz
|
# - host: athens-proxy.example.local
|
||||||
port: http
|
# paths:
|
||||||
|
# - path: /
|
||||||
|
# pathType: Prefix
|
||||||
|
|
||||||
resources: {}
|
## @param ingress.tls Ingress TLS settings. Specification only required when another ingress controller is used instead of `t1k``.
|
||||||
# We usually recommend not to specify default resources and to leave this as a conscious
|
## @skip ingress.tls Skip individual TLS configuration.
|
||||||
# choice for the user. This also increases chances charts run on environments with little
|
tls: []
|
||||||
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
# - secretName: athens-proxy-http-tls
|
||||||
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
# hosts:
|
||||||
# limits:
|
# - athens-proxy.example.local
|
||||||
# cpu: 100m
|
|
||||||
# memory: 128Mi
|
|
||||||
# requests:
|
|
||||||
# cpu: 100m
|
|
||||||
# memory: 128Mi
|
|
||||||
|
|
||||||
nodeSelector:
|
## @section Persistence
|
||||||
kubernetes.io/arch: amd64
|
persistence:
|
||||||
|
## @param persistence.enabled Enable the feature to store the data on a persistent volume claim. If enabled, the volume will be automatically be mounted into the pod. Furthermore, the env `ATHENS_STORAGE_TYPE=disk` will automatically be defined.
|
||||||
|
enabled: false
|
||||||
|
|
||||||
tolerations: []
|
data:
|
||||||
|
## @param persistence.data.mountPath The path where the persistent volume should be mounted in the container file system. This variable controls `ATHENS_DISK_STORAGE_ROOT`.
|
||||||
|
mountPath: "/var/www/athens-proxy/data"
|
||||||
|
|
||||||
# extra volumes for the pod
|
existingPersistentVolumeClaim:
|
||||||
extraVolumes: {}
|
enabled: false
|
||||||
# The following example mount the same secret, which contains tls certificates
|
persistentVolumeClaimName: ""
|
||||||
# under different names. Each volume mount contains only selected items of the
|
|
||||||
# secret. This make it easier to place the items on different locations inside the
|
|
||||||
# container filesystem via extraVolumeMounts.
|
|
||||||
# - name: custom-ca-anchor
|
|
||||||
# secret:
|
|
||||||
# secretName: athens-proxy-custom-tls-certificates
|
|
||||||
# items:
|
|
||||||
# - key: ca.crt
|
|
||||||
# path: ca.crt
|
|
||||||
# mode: 0444
|
|
||||||
# - name: custom-tls-certificates
|
|
||||||
# secret:
|
|
||||||
# secretName: athens-proxy-custom-tls-certificates
|
|
||||||
# items:
|
|
||||||
# - key: tls.key
|
|
||||||
# path: tls.key
|
|
||||||
# mode: 0400
|
|
||||||
# - key: tls.crt
|
|
||||||
# path: tls.crt
|
|
||||||
# mode: 0444
|
|
||||||
|
|
||||||
extraVolumeMounts: {}
|
persistentVolumeClaim:
|
||||||
# The following example follows the example of extraVolumes and mounts the
|
annotations: {}
|
||||||
# volumes to the corresponding paths in the container filesystem.
|
labels: {}
|
||||||
# - name: custom-ca-anchor
|
accessModes:
|
||||||
# mountPath: /usr/local/share/ca-certificates
|
- ReadWriteMany
|
||||||
# - name: custom-tls-certificates
|
storageClass: ""
|
||||||
# mountPath: /etc/athens-proxy/tls
|
storageSize: "5Gi"
|
||||||
|
|
||||||
|
## @section NetworkPolicies
|
||||||
|
## @param networkPolicies.enabled Enable network policies in general.
|
||||||
|
networkPolicies:
|
||||||
|
enabled: false
|
||||||
|
|
||||||
|
## @param networkPolicies.default.enabled Enable the network policy for accessing the application by default. For example to scape the metrics.
|
||||||
|
## @param networkPolicies.default.annotations Additional network policy annotations.
|
||||||
|
## @param networkPolicies.default.labels Additional network policy labels.
|
||||||
|
## @param networkPolicies.default.policyTypes List of policy types. Supported is ingress, egress or ingress and egress.
|
||||||
|
## @param networkPolicies.default.egress Concrete egress network policy implementation.
|
||||||
|
## @skip networkPolicies.default.egress Skip individual egress configuration.
|
||||||
|
## @param networkPolicies.default.ingress Concrete ingress network policy implementation.
|
||||||
|
## @skip networkPolicies.default.ingress Skip individual ingress configuration.
|
||||||
|
default:
|
||||||
|
enabled: false
|
||||||
|
annotations: {}
|
||||||
|
labels: {}
|
||||||
|
policyTypes: []
|
||||||
|
# - Egress
|
||||||
|
# - Ingress
|
||||||
|
egress: []
|
||||||
|
# Allow outgoing traffic to database host
|
||||||
|
#
|
||||||
|
# - to:
|
||||||
|
# - ipBlock:
|
||||||
|
# cidr: 192.168.179.1/32
|
||||||
|
# ports:
|
||||||
|
# - port: 5432
|
||||||
|
# protocol: TCP
|
||||||
|
|
||||||
|
# Allow outgoing DNS traffic to the internal running DNS-Server. For example core-dns.
|
||||||
|
#
|
||||||
|
# - to:
|
||||||
|
# - namespaceSelector:
|
||||||
|
# matchLabels:
|
||||||
|
# kubernetes.io/metadata.name: kube-system
|
||||||
|
# podSelector:
|
||||||
|
# matchLabels:
|
||||||
|
# k8s-app: kube-dns
|
||||||
|
# ports:
|
||||||
|
# - port: 53
|
||||||
|
# protocol: TCP
|
||||||
|
# - port: 53
|
||||||
|
# protocol: UDP
|
||||||
|
|
||||||
|
ingress: []
|
||||||
|
# Allow incoming HTTP traffic from prometheus.
|
||||||
|
#
|
||||||
|
# - from:
|
||||||
|
# - namespaceSelector:
|
||||||
|
# matchLabels:
|
||||||
|
# kubernetes.io/metadata.name: monitoring
|
||||||
|
# podSelector:
|
||||||
|
# matchLabels:
|
||||||
|
# app.kubernetes.io/name: prometheus
|
||||||
|
# ports:
|
||||||
|
# - port: http
|
||||||
|
# protocol: TCP
|
||||||
|
|
||||||
|
# Allow incoming HTTP traffic from ingress-nginx.
|
||||||
|
#
|
||||||
|
# - from:
|
||||||
|
# - namespaceSelector:
|
||||||
|
# matchLabels:
|
||||||
|
# kubernetes.io/metadata.name: ingress-nginx
|
||||||
|
# podSelector:
|
||||||
|
# matchLabels:
|
||||||
|
# app.kubernetes.io/name: ingress-nginx
|
||||||
|
# ports:
|
||||||
|
# - port: http
|
||||||
|
# protocol: TCP
|
||||||
|
|
||||||
|
## @section Service
|
||||||
|
## @param services.http.enabled Enable the service.
|
||||||
|
## @param services.http.annotations Additional service annotations.
|
||||||
|
## @param services.http.externalIPs External IPs for the service.
|
||||||
|
## @param services.http.externalTrafficPolicy If `service.type` is `NodePort` or `LoadBalancer`, set this to `Local` to tell kube-proxy to only use node local endpoints for cluster external traffic. Furthermore, this enables source IP preservation.
|
||||||
|
## @param services.http.internalTrafficPolicy If `service.type` is `NodePort` or `LoadBalancer`, set this to `Local` to tell kube-proxy to only use node local endpoints for cluster internal traffic.
|
||||||
|
## @param services.http.ipFamilies IPFamilies is list of IP families (e.g. `IPv4`, `IPv6`) assigned to this service. This field is usually assigned automatically based on cluster configuration and only required for customization.
|
||||||
|
## @param services.http.labels Additional service labels.
|
||||||
|
## @param services.http.loadBalancerClass LoadBalancerClass is the class of the load balancer implementation this Service belongs to. Requires service from type `LoadBalancer`.
|
||||||
|
## @param services.http.loadBalancerIP LoadBalancer will get created with the IP specified in this field. Requires service from type `LoadBalancer`.
|
||||||
|
## @param services.http.loadBalancerSourceRanges Source range filter for LoadBalancer. Requires service from type `LoadBalancer`.
|
||||||
|
## @param services.http.port Port to forward the traffic to.
|
||||||
|
## @param services.http.sessionAffinity Supports `ClientIP` and `None`. Enable client IP based session affinity via `ClientIP`.
|
||||||
|
## @param services.http.sessionAffinityConfig Contains the configuration of the session affinity.
|
||||||
|
## @param services.http.type Kubernetes service type for the traffic.
|
||||||
|
services:
|
||||||
|
http:
|
||||||
|
enabled: true
|
||||||
|
annotations: {}
|
||||||
|
externalIPs: []
|
||||||
|
externalTrafficPolicy: "Cluster"
|
||||||
|
internalTrafficPolicy: "Cluster"
|
||||||
|
ipFamilies: []
|
||||||
|
labels: {}
|
||||||
|
loadBalancerClass: ""
|
||||||
|
loadBalancerIP: ""
|
||||||
|
loadBalancerSourceRanges: []
|
||||||
|
port: 3000
|
||||||
|
sessionAffinity: "None"
|
||||||
|
sessionAffinityConfig: {}
|
||||||
|
type: "ClusterIP"
|
||||||
|
|
||||||
|
## @section ServiceAccount
|
||||||
|
serviceAccount:
|
||||||
|
## @param serviceAccount.existing.enabled Use an existing service account instead of creating a new one. Assumes that the user has all the necessary kubernetes API authorizations.
|
||||||
|
## @param serviceAccount.existing.serviceAccountName Name of the existing service account.
|
||||||
|
existing:
|
||||||
|
enabled: false
|
||||||
|
serviceAccountName: ""
|
||||||
|
|
||||||
|
## @param serviceAccount.new.annotations Additional service account annotations.
|
||||||
|
## @param serviceAccount.new.labels Additional service account labels.
|
||||||
|
## @param serviceAccount.new.automountServiceAccountToken Enable/disable auto mounting of the service account token.
|
||||||
|
## @param serviceAccount.new.imagePullSecrets ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this serviceAccount.
|
||||||
|
## @param serviceAccount.new.secrets Secrets is the list of secrets allowed to be used by pods running using this ServiceAccount.
|
||||||
|
new:
|
||||||
|
annotations: {}
|
||||||
|
labels: {}
|
||||||
|
automountServiceAccountToken: true
|
||||||
|
imagePullSecrets: []
|
||||||
|
# - name: "my-image-pull-secret"
|
||||||
|
secrets: []
|
||||||
|
# - name: "my-secret"
|
||||||
|
# namespace: "my-namespace"
|
||||||
|
# fieldPath: "my-field"
|
||||||
|
Reference in New Issue
Block a user