You've already forked athens-proxy-charts
							
							Compare commits
	
		
			76 Commits
		
	
	
		
			0.1.5
			...
			5f78a0f071
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 5f78a0f071 | |||
| c157c8c210 | |||
| 5b9fa88dd6 | |||
| 458037db70 | |||
| b1bb94f0bd | |||
| 62a92fdabb | |||
| a01b0143c0 | |||
| 953fd85f53 | |||
| bf721d8af1 | |||
| 60fdfd90e1 | |||
| 71164d60ae | |||
| a00d40b792 | |||
| d02f63be7a | |||
| 744938f8f4 | |||
| e3185b2482 | |||
| e2fab050d3 | |||
| 83336c7f87 | |||
| 1e2a31edaa | |||
| 0b39de958a | |||
| a0abe49b23 | |||
| cc46ad7af1 | |||
| cd9a843a96 | |||
| 6b0d2ff350 | |||
| ccd7c9a1cd | |||
| b169136c37 | |||
| 9b4a708f29 | |||
| 053036bcd5 | |||
| 783e244cd3 | |||
| 41da943040 | |||
| 9ef0317677 | |||
| 5a890741e4 | |||
| cd16ddc5d8 | |||
| fd4c9d7e62 | |||
| 265ac3d9a9 | |||
| 7d20373804 | |||
| 2117bbed96 | |||
| a47f528585 | |||
| 716f6b06c3 | |||
| ee5111da20 | |||
| d954b2e3e7 | |||
| 840ee10717 | |||
| c5772856e3 | |||
| f047c145e2 | |||
| 7c0c6f4270 | |||
| 3cab48dd3c | |||
| 50e21e10d8 | |||
| 5b70f5e5fa | |||
| 09d205316e | |||
| c1e686fc2d | |||
| cfb5978593 | |||
| e04a9baec1 | |||
| 72908cae0b | |||
| 8c6f4db7f5 | |||
| 5eae090f40 | |||
| 60ed4abe97 | |||
| 1179b51895 | |||
| 1fcf9e7d4b | |||
| 00c2f285b1 | |||
| 1077afb673 | |||
| a4d1611f44 | |||
| 0950a51229 | |||
| ee9fa20df4 | |||
| 848f9c9fd8 | |||
| 2889a5390c | |||
| 14987d7265 | |||
| f9c03e8be4 | |||
| 055bcadd16 | |||
| 45d2cf7183 | |||
| 07c2bc6b72 | |||
| 9a58ec7806 | |||
| 55bb771c26 | |||
| e709d68cb8 | |||
| 1c22e90d85 | |||
| 6ef34f5f60 | |||
| 76593b2109 | |||
| cb9612fe74 | 
							
								
								
									
										106
									
								
								.drone.yml
									
									
									
									
									
								
							
							
						
						
									
										106
									
								
								.drone.yml
									
									
									
									
									
								
							| @@ -1,106 +0,0 @@ | |||||||
| --- |  | ||||||
| kind: pipeline |  | ||||||
| type: kubernetes |  | ||||||
| name: linter |  | ||||||
|  |  | ||||||
| clone: |  | ||||||
|   disable: true |  | ||||||
|  |  | ||||||
| platform: |  | ||||||
|   os: linux |  | ||||||
|   arch: amd64 |  | ||||||
|  |  | ||||||
| steps: |  | ||||||
| - name: clone |  | ||||||
|   image: git.cryptic.systems/volker.raschek/git:1.3.1 |  | ||||||
|  |  | ||||||
| - name: helm lint |  | ||||||
|   commands: |  | ||||||
|   - helm lint |  | ||||||
|   image: git.cryptic.systems/volker.raschek/helm:3.15.0 |  | ||||||
|   resources: |  | ||||||
|     limits: |  | ||||||
|       cpu: 150 |  | ||||||
|       memory: 150M |  | ||||||
|  |  | ||||||
| - name: markdown lint |  | ||||||
|   commands: |  | ||||||
|   - markdownlint *.md |  | ||||||
|   image: git.cryptic.systems/volker.raschek/markdownlint:0.41.0 |  | ||||||
|   resources: |  | ||||||
|     limits: |  | ||||||
|       cpu: 150 |  | ||||||
|       memory: 150M |  | ||||||
|  |  | ||||||
| - name: helm template |  | ||||||
|   commands: |  | ||||||
|   - helm template . |  | ||||||
|   image: git.cryptic.systems/volker.raschek/helm:3.15.0 |  | ||||||
|   resources: |  | ||||||
|     limits: |  | ||||||
|       cpu: 150 |  | ||||||
|       memory: 150M |  | ||||||
|  |  | ||||||
| - name: email-notification |  | ||||||
|   environment: |  | ||||||
|     SMTP_FROM_ADDRESS: |  | ||||||
|       from_secret: smtp_from_address |  | ||||||
|     SMTP_FROM_NAME: |  | ||||||
|       from_secret: smtp_from_name |  | ||||||
|     SMTP_HOST: |  | ||||||
|       from_secret: smtp_host |  | ||||||
|     SMTP_USERNAME: |  | ||||||
|       from_secret: smtp_username |  | ||||||
|     SMTP_PASSWORD: |  | ||||||
|       from_secret: smtp_password |  | ||||||
|   image: git.cryptic.systems/volker.raschek/drone-email:0.1.5 |  | ||||||
|   resources: |  | ||||||
|     limits: |  | ||||||
|       cpu: 150 |  | ||||||
|       memory: 150M |  | ||||||
|   when: |  | ||||||
|     status: |  | ||||||
|     - changed |  | ||||||
|     - failure |  | ||||||
|  |  | ||||||
| trigger: |  | ||||||
|   event: |  | ||||||
|     exclude: |  | ||||||
|     - tag |  | ||||||
|  |  | ||||||
| --- |  | ||||||
| kind: pipeline |  | ||||||
| type: kubernetes |  | ||||||
| name: release |  | ||||||
|  |  | ||||||
| clone: |  | ||||||
|   disable: true |  | ||||||
|  |  | ||||||
| platform: |  | ||||||
|   os: linux |  | ||||||
|  |  | ||||||
| steps: |  | ||||||
| - name: clone |  | ||||||
|   image: git.cryptic.systems/volker.raschek/git:1.3.1 |  | ||||||
|  |  | ||||||
| - name: release-helm-chart |  | ||||||
|   commands: |  | ||||||
|   - helm repo add volker.raschek https://charts.cryptic.systems/volker.raschek |  | ||||||
|   - helm package --version ${DRONE_TAG} . |  | ||||||
|   - helm cm-push ${DRONE_REPO_NAME%-charts}-${DRONE_TAG}.tgz volker.raschek |  | ||||||
|   environment: |  | ||||||
|     HELM_REPO_PASSWORD: |  | ||||||
|       from_secret: helm_repo_password |  | ||||||
|     HELM_REPO_USERNAME: |  | ||||||
|       from_secret: helm_repo_username |  | ||||||
|   image: git.cryptic.systems/volker.raschek/helm:3.15.0 |  | ||||||
|   resources: |  | ||||||
|     limits: |  | ||||||
|       cpu: 150 |  | ||||||
|       memory: 150M |  | ||||||
|  |  | ||||||
| trigger: |  | ||||||
|   event: |  | ||||||
|   - tag |  | ||||||
|   repo: |  | ||||||
|   - volker.raschek/athens-proxy-charts |  | ||||||
| @@ -1,6 +1,3 @@ | |||||||
| # EditorConfig is awesome: https://EditorConfig.org |  | ||||||
|  |  | ||||||
| # top-most EditorConfig file |  | ||||||
| root = true | root = true | ||||||
|  |  | ||||||
| [*] | [*] | ||||||
| @@ -10,3 +7,6 @@ end_of_line = lf | |||||||
| charset = utf-8 | charset = utf-8 | ||||||
| trim_trailing_whitespace = true | trim_trailing_whitespace = true | ||||||
| insert_final_newline = false | insert_final_newline = false | ||||||
|  |  | ||||||
|  | [Makefile] | ||||||
|  | indent_style = tab | ||||||
							
								
								
									
										114
									
								
								.gitea/scripts/add-annotations.sh
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										114
									
								
								.gitea/scripts/add-annotations.sh
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,114 @@ | |||||||
|  | #!/bin/bash | ||||||
|  |  | ||||||
|  | set -e | ||||||
|  |  | ||||||
|  | CHART_FILE="Chart.yaml" | ||||||
|  | if [ ! -f "${CHART_FILE}" ]; then | ||||||
|  |   echo "ERROR: ${CHART_FILE} not found!" 1>&2 | ||||||
|  |   exit 1 | ||||||
|  | fi | ||||||
|  |  | ||||||
|  | DEFAULT_NEW_TAG="$(git tag --sort=-version:refname | head -n 1)" | ||||||
|  | DEFAULT_OLD_TAG="$(git tag --sort=-version:refname | head -n 2 | tail -n 1)" | ||||||
|  |  | ||||||
|  | if [ -z "${1}" ]; then | ||||||
|  |   read -p "Enter start tag [${DEFAULT_OLD_TAG}]: " OLD_TAG | ||||||
|  |   if [ -z "${OLD_TAG}" ]; then | ||||||
|  |     OLD_TAG="${DEFAULT_OLD_TAG}" | ||||||
|  |   fi | ||||||
|  |  | ||||||
|  |   while [ -z "$(git tag --list "${OLD_TAG}")" ]; do | ||||||
|  |     echo "ERROR: Tag '${OLD_TAG}' not found!" 1>&2 | ||||||
|  |     read -p "Enter start tag [${DEFAULT_OLD_TAG}]: " OLD_TAG | ||||||
|  |     if [ -z "${OLD_TAG}" ]; then | ||||||
|  |       OLD_TAG="${DEFAULT_OLD_TAG}" | ||||||
|  |     fi | ||||||
|  |   done | ||||||
|  | else | ||||||
|  |   OLD_TAG=${1} | ||||||
|  |   if [ -z "$(git tag --list "${OLD_TAG}")" ]; then | ||||||
|  |     echo "ERROR: Tag '${OLD_TAG}' not found!" 1>&2 | ||||||
|  |     exit 1 | ||||||
|  |   fi | ||||||
|  | fi | ||||||
|  |  | ||||||
|  | if [ -z "${2}" ]; then | ||||||
|  |   read -p "Enter end tag [${DEFAULT_NEW_TAG}]: " NEW_TAG | ||||||
|  |   if [ -z "${NEW_TAG}" ]; then | ||||||
|  |     NEW_TAG="${DEFAULT_NEW_TAG}" | ||||||
|  |   fi | ||||||
|  |  | ||||||
|  |   while [ -z "$(git tag --list "${NEW_TAG}")" ]; do | ||||||
|  |     echo "ERROR: Tag '${NEW_TAG}' not found!" 1>&2 | ||||||
|  |     read -p "Enter end tag [${DEFAULT_NEW_TAG}]: " NEW_TAG | ||||||
|  |     if [ -z "${NEW_TAG}" ]; then | ||||||
|  |       NEW_TAG="${DEFAULT_NEW_TAG}" | ||||||
|  |     fi | ||||||
|  |   done | ||||||
|  | else | ||||||
|  |   NEW_TAG=${2} | ||||||
|  |  | ||||||
|  |   if [ -z "$(git tag --list "${NEW_TAG}")" ]; then | ||||||
|  |     echo "ERROR: Tag '${NEW_TAG}' not found!" 1>&2 | ||||||
|  |     exit 1 | ||||||
|  |   fi | ||||||
|  | fi | ||||||
|  |  | ||||||
|  | CHANGE_LOG_YAML=$(mktemp) | ||||||
|  | echo "[]" > "${CHANGE_LOG_YAML}" | ||||||
|  |  | ||||||
|  | function map_type_to_kind() { | ||||||
|  |   case "${1}" in | ||||||
|  |     feat) | ||||||
|  |       echo "added" | ||||||
|  |     ;; | ||||||
|  |     fix) | ||||||
|  |       echo "fixed" | ||||||
|  |     ;; | ||||||
|  |     chore|style|test|ci|docs|refac) | ||||||
|  |       echo "changed" | ||||||
|  |     ;; | ||||||
|  |     revert) | ||||||
|  |       echo "removed" | ||||||
|  |     ;; | ||||||
|  |     sec) | ||||||
|  |       echo "security" | ||||||
|  |     ;; | ||||||
|  |     *) | ||||||
|  |       echo "skip" | ||||||
|  |     ;; | ||||||
|  |   esac | ||||||
|  | } | ||||||
|  |  | ||||||
|  | COMMIT_TITLES="$(git log --pretty=format:"%s" "${OLD_TAG}..${NEW_TAG}")" | ||||||
|  |  | ||||||
|  | echo "INFO: Generate change log entries from ${OLD_TAG} until ${NEW_TAG}" | ||||||
|  |  | ||||||
|  | while IFS= read -r line; do | ||||||
|  |   if [[ "${line}" =~ ^([a-zA-Z]+)(\([^\)]+\))?\:\ (.+)$ ]]; then | ||||||
|  |     TYPE="${BASH_REMATCH[1]}" | ||||||
|  |     KIND=$(map_type_to_kind "${TYPE}") | ||||||
|  |  | ||||||
|  |     if [ "${KIND}" == "skip" ]; then | ||||||
|  |       continue | ||||||
|  |     fi | ||||||
|  |  | ||||||
|  |     DESC="${BASH_REMATCH[3]}" | ||||||
|  |  | ||||||
|  |     echo "- ${KIND}: ${DESC}" | ||||||
|  |  | ||||||
|  |     jq --arg kind "${KIND}" --arg description "${DESC}" '. += [ $ARGS.named ]' < "${CHANGE_LOG_YAML}" > "${CHANGE_LOG_YAML}.new" | ||||||
|  |     mv "${CHANGE_LOG_YAML}.new" "${CHANGE_LOG_YAML}" | ||||||
|  |  | ||||||
|  |   fi | ||||||
|  | done <<< "${COMMIT_TITLES}" | ||||||
|  |  | ||||||
|  | if [ -s "${CHANGE_LOG_YAML}" ]; then | ||||||
|  |   yq --inplace --input-format json --output-format yml "${CHANGE_LOG_YAML}" | ||||||
|  |   yq --no-colors --inplace ".annotations.\"artifacthub.io/changes\" |= loadstr(\"${CHANGE_LOG_YAML}\") | sort_keys(.)" "${CHART_FILE}" | ||||||
|  | else | ||||||
|  |   echo "ERROR: Changelog file is empty: ${CHANGE_LOG_YAML}" 1>&2 | ||||||
|  |   exit 1 | ||||||
|  | fi | ||||||
|  |  | ||||||
|  | rm "${CHANGE_LOG_YAML}" | ||||||
							
								
								
									
										32
									
								
								.gitea/workflows/generate-readme.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										32
									
								
								.gitea/workflows/generate-readme.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,32 @@ | |||||||
|  | name: Generate README | ||||||
|  |  | ||||||
|  | on: | ||||||
|  |   pull_request: | ||||||
|  |     paths: [ "README.md", "values.yaml" ] | ||||||
|  |     types: [ "opened", "reopened", "synchronize" ] | ||||||
|  |   push: | ||||||
|  |     branches: | ||||||
|  |     - '**' | ||||||
|  |     paths: [ "README.md", "values.yaml" ] | ||||||
|  |     tags-ignore: | ||||||
|  |     - '**' | ||||||
|  |   workflow_dispatch: {} | ||||||
|  |  | ||||||
|  | jobs: | ||||||
|  |   generate-parameters: | ||||||
|  |     container: | ||||||
|  |       image: docker.io/library/node:24.10.0-alpine | ||||||
|  |     runs-on: | ||||||
|  |     - ubuntu-latest | ||||||
|  |     steps: | ||||||
|  |     - name: Install tooling | ||||||
|  |       run: | | ||||||
|  |         apk update | ||||||
|  |         apk add git npm | ||||||
|  |     - uses: actions/checkout@v5.0.0 | ||||||
|  |     - name: Generate parameter section in README | ||||||
|  |       run: | | ||||||
|  |         npm install | ||||||
|  |         npm run readme:parameters | ||||||
|  |     - name: Compare diff | ||||||
|  |       run: git diff --exit-code --name-only README.md | ||||||
							
								
								
									
										42
									
								
								.gitea/workflows/helm.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										42
									
								
								.gitea/workflows/helm.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,42 @@ | |||||||
|  | name: Helm | ||||||
|  |  | ||||||
|  | on: | ||||||
|  |   pull_request: | ||||||
|  |     types: [ "opened", "reopened", "synchronize" ] | ||||||
|  |   push: | ||||||
|  |     branches: | ||||||
|  |     - '**' | ||||||
|  |     tags-ignore: | ||||||
|  |     - '**' | ||||||
|  |   workflow_dispatch: {} | ||||||
|  |  | ||||||
|  | jobs: | ||||||
|  |   helm-lint: | ||||||
|  |     container: | ||||||
|  |       image: docker.io/volkerraschek/helm:3.19.0 | ||||||
|  |     runs-on: | ||||||
|  |     - ubuntu-latest | ||||||
|  |     steps: | ||||||
|  |     - name: Install tooling | ||||||
|  |       run: | | ||||||
|  |         apk update | ||||||
|  |         apk add git npm | ||||||
|  |     - uses: actions/checkout@v5.0.0 | ||||||
|  |     - name: Lint helm files | ||||||
|  |       run: | | ||||||
|  |         helm lint --values values.yaml . | ||||||
|  |  | ||||||
|  |   helm-unittest: | ||||||
|  |     container: | ||||||
|  |       image: docker.io/volkerraschek/helm:3.19.0 | ||||||
|  |     runs-on: | ||||||
|  |     - ubuntu-latest | ||||||
|  |     steps: | ||||||
|  |     - name: Install tooling | ||||||
|  |       run: | | ||||||
|  |         apk update | ||||||
|  |         apk add git npm | ||||||
|  |     - uses: actions/checkout@v5.0.0 | ||||||
|  |     - name: Unittest | ||||||
|  |       run: | | ||||||
|  |         helm unittest --strict --file 'unittests/**/*.yaml' ./ | ||||||
							
								
								
									
										46
									
								
								.gitea/workflows/markdown-linters.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										46
									
								
								.gitea/workflows/markdown-linters.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,46 @@ | |||||||
|  | name: Markdown linter | ||||||
|  |  | ||||||
|  | on: | ||||||
|  |   pull_request: | ||||||
|  |     paths: [ "**/*.md" ] | ||||||
|  |     types: [ "opened", "reopened", "synchronize" ] | ||||||
|  |   push: | ||||||
|  |     branches: | ||||||
|  |     - '**' | ||||||
|  |     paths: [ "**/*.md" ] | ||||||
|  |     tags-ignore: | ||||||
|  |     - '**' | ||||||
|  |   workflow_dispatch: {} | ||||||
|  |  | ||||||
|  | jobs: | ||||||
|  |   markdown-link-checker: | ||||||
|  |     container: | ||||||
|  |       image: docker.io/library/node:24.10.0-alpine | ||||||
|  |     runs-on: | ||||||
|  |     - ubuntu-latest | ||||||
|  |     steps: | ||||||
|  |     - name: Install tooling | ||||||
|  |       run: | | ||||||
|  |         apk update | ||||||
|  |         apk add git npm | ||||||
|  |     - uses: actions/checkout@v5.0.0 | ||||||
|  |     - name: Verify links in markdown files | ||||||
|  |       run: | | ||||||
|  |         npm install | ||||||
|  |         npm run readme:link | ||||||
|  |  | ||||||
|  |   markdown-lint: | ||||||
|  |     container: | ||||||
|  |       image: docker.io/library/node:24.10.0-alpine | ||||||
|  |     runs-on: | ||||||
|  |     - ubuntu-latest | ||||||
|  |     steps: | ||||||
|  |     - name: Install tooling | ||||||
|  |       run: | | ||||||
|  |         apk update | ||||||
|  |         apk add git | ||||||
|  |     - uses: actions/checkout@v5.0.0 | ||||||
|  |     - name: Lint markdown files | ||||||
|  |       run: | | ||||||
|  |         npm install | ||||||
|  |         npm run readme:lint | ||||||
							
								
								
									
										72
									
								
								.gitea/workflows/release.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										72
									
								
								.gitea/workflows/release.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,72 @@ | |||||||
|  | name: Release | ||||||
|  |  | ||||||
|  | on: | ||||||
|  |   push: | ||||||
|  |     tags: | ||||||
|  |     - "**" | ||||||
|  |  | ||||||
|  | jobs: | ||||||
|  |   publish-chart: | ||||||
|  |     container: | ||||||
|  |       image: docker.io/volkerraschek/helm:3.19.0 | ||||||
|  |     runs-on: ubuntu-latest | ||||||
|  |     steps: | ||||||
|  |       - name: Install packages via apk | ||||||
|  |         run: | | ||||||
|  |           apk update | ||||||
|  |           apk add git npm jq yq | ||||||
|  |  | ||||||
|  |       - uses: actions/checkout@v5.0.0 | ||||||
|  |         with: | ||||||
|  |           fetch-depth: 0 | ||||||
|  |  | ||||||
|  |       - name: Add Artifacthub.io annotations | ||||||
|  |         run: | | ||||||
|  |           NEW_TAG="$(git tag --sort=-version:refname | head -n 1)" | ||||||
|  |           OLD_TAG="$(git tag --sort=-version:refname | head -n 2 | tail -n 1)" | ||||||
|  |           .gitea/scripts/add-annotations.sh "${OLD_TAG}" "${NEW_TAG}" | ||||||
|  |  | ||||||
|  |       - name: Extract meta information | ||||||
|  |         run: | | ||||||
|  |           echo "PACKAGE_VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV | ||||||
|  |           echo "REPOSITORY_NAME=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 2 | sed --regexp-extended 's/-charts?//g')" >> $GITHUB_ENV | ||||||
|  |           echo "REPOSITORY_OWNER=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 1)" >> $GITHUB_ENV | ||||||
|  |  | ||||||
|  |       - name: Update Helm Chart version in README.md | ||||||
|  |         run: sed -i -E "s/^CHART_VERSION=.*/CHART_VERSION=${PACKAGE_VERSION}/g" README.md | ||||||
|  |  | ||||||
|  |       - name: Package chart | ||||||
|  |         run: | | ||||||
|  |           helm dependency build | ||||||
|  |           helm package --version "${PACKAGE_VERSION}" ./ | ||||||
|  |  | ||||||
|  |       - name: Upload Chart to ChartMuseum | ||||||
|  |         env: | ||||||
|  |           CHARTMUSEUM_PASSWORD: ${{ secrets.CHARTMUSEUM_PASSWORD }} | ||||||
|  |           CHARTMUSEUM_REPOSITORY: ${{ vars.CHARTMUSEUM_REPOSITORY }} | ||||||
|  |           CHARTMUSEUM_USERNAME: ${{ secrets.CHARTMUSEUM_USERNAME }} | ||||||
|  |           CHARTMUSEUM_HOSTNAME: ${{ vars.CHARTMUSEUM_HOSTNAME }} | ||||||
|  |  | ||||||
|  |           GITEA_PACKAGE_REGISTRY_TOKEN: ${{ secrets.GIT_CRYPTIC_SYSTEMS_PACKAGE_REGISTRY_TOKEN }} | ||||||
|  |           GITEA_SERVER_URL: ${{ github.server_url }} | ||||||
|  |         run: | | ||||||
|  |           PACKAGE_VERSION=${GITHUB_REF#refs/tags/} | ||||||
|  |           REPOSITORY_NAME=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 2) | ||||||
|  |           REPOSITORY_OWNER=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 1) | ||||||
|  |  | ||||||
|  |           helm dependency build | ||||||
|  |           helm package --version "${PACKAGE_VERSION}" ./ | ||||||
|  |  | ||||||
|  |           # chart-museum | ||||||
|  |           helm repo add --username ${CHARTMUSEUM_USERNAME} --password ${CHARTMUSEUM_PASSWORD} chartmuseum https://${CHARTMUSEUM_HOSTNAME}/${CHARTMUSEUM_REPOSITORY} | ||||||
|  |           helm cm-push ${REPOSITORY_NAME}-${PACKAGE_VERSION}.tgz chartmuseum | ||||||
|  |           helm repo remove chartmuseum | ||||||
|  |  | ||||||
|  |       - name: Upload Chart to Gitea | ||||||
|  |         env: | ||||||
|  |           GITEA_PACKAGE_REGISTRY_TOKEN: ${{ secrets.GIT_CRYPTIC_SYSTEMS_PACKAGE_REGISTRY_TOKEN }} | ||||||
|  |           GITEA_SERVER_URL: ${{ github.server_url }} | ||||||
|  |         run: | | ||||||
|  |           helm repo add --username ${REPOSITORY_OWNER} --password ${GITEA_PACKAGE_REGISTRY_TOKEN} gitea ${GITEA_SERVER_URL}/api/packages/${REPOSITORY_OWNER}/helm | ||||||
|  |           helm cm-push ${REPOSITORY_NAME}-${PACKAGE_VERSION}.tgz gitea | ||||||
|  |           helm repo remove gitea | ||||||
							
								
								
									
										8
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										8
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							| @@ -1,3 +1,9 @@ | |||||||
| *.tgz | charts | ||||||
|  | node_modules | ||||||
|  | target | ||||||
| values2.yml | values2.yml | ||||||
| values2.yaml | values2.yaml | ||||||
|  | *.tgz | ||||||
|  |  | ||||||
|  | install.sh | ||||||
|  | uninstall.sh | ||||||
							
								
								
									
										32
									
								
								.helmignore
									
									
									
									
									
								
							
							
						
						
									
										32
									
								
								.helmignore
									
									
									
									
									
								
							| @@ -2,6 +2,7 @@ | |||||||
| # This supports shell glob matching, relative path matching, and | # This supports shell glob matching, relative path matching, and | ||||||
| # negation (prefixed with !). Only one pattern per line. | # negation (prefixed with !). Only one pattern per line. | ||||||
| .DS_Store | .DS_Store | ||||||
|  |  | ||||||
| # Common VCS dirs | # Common VCS dirs | ||||||
| .git/ | .git/ | ||||||
| .gitignore | .gitignore | ||||||
| @@ -10,23 +11,50 @@ | |||||||
| .hg/ | .hg/ | ||||||
| .hgignore | .hgignore | ||||||
| .svn/ | .svn/ | ||||||
|  |  | ||||||
| # Common backup files | # Common backup files | ||||||
| *.swp | *.swp | ||||||
| *.bak | *.bak | ||||||
| *.tmp | *.tmp | ||||||
| *.orig | *.orig | ||||||
| *~ | *~ | ||||||
|  |  | ||||||
| # Various IDEs | # Various IDEs | ||||||
| .project | .project | ||||||
| .idea/ | .idea/ | ||||||
| *.tmproj | *.tmproj | ||||||
| .vscode/ | .vscode/ | ||||||
|  |  | ||||||
| # drone | # drone | ||||||
| .drone.yml | .drone.yml | ||||||
| # markdownlint |  | ||||||
| .markdownlint.yaml | # editorconfig | ||||||
|  | .editorconfig | ||||||
|  |  | ||||||
| # customized values | # customized values | ||||||
| values2.yml | values2.yml | ||||||
| values2.yaml | values2.yaml | ||||||
|  |  | ||||||
| # helm packages | # helm packages | ||||||
| *.tgz | *.tgz | ||||||
|  | .helmignore | ||||||
|  | unittests | ||||||
|  |  | ||||||
|  | # markdownlint | ||||||
|  | .markdownlint.yml | ||||||
|  | .markdownlint.yaml | ||||||
|  | .markdownlintignore | ||||||
|  |  | ||||||
|  | # npm | ||||||
|  | .prettierignore | ||||||
|  | .npmrc | ||||||
|  | package* | ||||||
|  |  | ||||||
|  | # yamllint | ||||||
|  | .yamllint.yaml | ||||||
|  |  | ||||||
|  | # Others | ||||||
|  | CONTRIBUTING.md | ||||||
|  | CODEOWNERS | ||||||
|  | Makefile | ||||||
|  | renovate.json | ||||||
|   | |||||||
| @@ -45,9 +45,9 @@ MD012: | |||||||
| # MD013/line-length - Line length | # MD013/line-length - Line length | ||||||
| MD013: | MD013: | ||||||
|   # Number of characters |   # Number of characters | ||||||
|   line_length: 80 |   line_length: 120 | ||||||
|   # Number of characters for headings |   # Number of characters for headings | ||||||
|   heading_line_length: 80 |   heading_line_length: 120 | ||||||
|   # Number of characters for code blocks |   # Number of characters for code blocks | ||||||
|   code_block_line_length: 80 |   code_block_line_length: 80 | ||||||
|   # Include code blocks |   # Include code blocks | ||||||
| @@ -56,8 +56,6 @@ MD013: | |||||||
|   tables: false |   tables: false | ||||||
|   # Include headings |   # Include headings | ||||||
|   headings: true |   headings: true | ||||||
|   # Include headings |  | ||||||
|   headers: true |  | ||||||
|   # Strict length checking |   # Strict length checking | ||||||
|   strict: false |   strict: false | ||||||
|   # Stern length checking |   # Stern length checking | ||||||
| @@ -73,7 +71,7 @@ MD022: | |||||||
| # MD024/no-duplicate-heading/no-duplicate-header - Multiple headings with the same content | # MD024/no-duplicate-heading/no-duplicate-header - Multiple headings with the same content | ||||||
| MD024: | MD024: | ||||||
|   # Only check sibling headings |   # Only check sibling headings | ||||||
|   allow_different_nesting: true |   siblings_only: true | ||||||
|  |  | ||||||
| # MD025/single-title/single-h1 - Multiple top-level headings in the same document | # MD025/single-title/single-h1 - Multiple top-level headings in the same document | ||||||
| MD025: | MD025: | ||||||
| @@ -129,7 +127,20 @@ MD041: | |||||||
| MD044: | MD044: | ||||||
|   # List of proper names |   # List of proper names | ||||||
|   names: |   names: | ||||||
|   - gitea |     - Git | ||||||
|  |     - GitDevOps | ||||||
|  |     - Gitea | ||||||
|  |     - GitHub | ||||||
|  |     - GitLab | ||||||
|  |     - GitOps | ||||||
|  |     - kube-prometheus-stack | ||||||
|  |     - Memcached | ||||||
|  |     - Oracle | ||||||
|  |     - PostgreSQL | ||||||
|  |     - Prometheus | ||||||
|  |     - prometheus-exporter | ||||||
|  |     - SSL | ||||||
|  |     - TLS | ||||||
|   # Include code blocks |   # Include code blocks | ||||||
|   code_blocks: false |   code_blocks: false | ||||||
|  |  | ||||||
|   | |||||||
							
								
								
									
										4
									
								
								.markdownlintignore
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								.markdownlintignore
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,4 @@ | |||||||
|  | .github/ | ||||||
|  | Chart.lock | ||||||
|  | charts/ | ||||||
|  | node_modules/ | ||||||
							
								
								
									
										1
									
								
								.prettierignore
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										1
									
								
								.prettierignore
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1 @@ | |||||||
|  | Chart.lock | ||||||
							
								
								
									
										8
									
								
								.vscode/extensions.json
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										8
									
								
								.vscode/extensions.json
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @@ -0,0 +1,8 @@ | |||||||
|  | { | ||||||
|  |   "recommendations": [ | ||||||
|  |     "DavidAnson.vscode-markdownlint", | ||||||
|  |     "esbenp.prettier-vscode", | ||||||
|  |     "Tim-Koehler.helm-intellisense", | ||||||
|  |     "yzhang.markdown-all-in-one" | ||||||
|  |   ] | ||||||
|  | } | ||||||
							
								
								
									
										8
									
								
								.vscode/settings.json
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										8
									
								
								.vscode/settings.json
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @@ -0,0 +1,8 @@ | |||||||
|  | { | ||||||
|  |   "yaml.schemas": { | ||||||
|  |     "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.5.2/schema/helm-testsuite.json": [ | ||||||
|  |       "/unittests/**/*.yaml" | ||||||
|  |     ] | ||||||
|  |   }, | ||||||
|  |   "yaml.schemaStore.enable": true | ||||||
|  | } | ||||||
							
								
								
									
										20
									
								
								.yamllint.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										20
									
								
								.yamllint.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,20 @@ | |||||||
|  | --- | ||||||
|  | extends: default | ||||||
|  |  | ||||||
|  | ignore: | | ||||||
|  |   .yamllint | ||||||
|  |   node_modules | ||||||
|  |   templates | ||||||
|  |  | ||||||
|  |  | ||||||
|  | rules: | ||||||
|  |   truthy: | ||||||
|  |     allowed-values: ['true', 'false'] | ||||||
|  |     check-keys: False | ||||||
|  |     level: error | ||||||
|  |   line-length: disable | ||||||
|  |   document-start: disable | ||||||
|  |   comments: | ||||||
|  |     min-spaces-from-content: 1 | ||||||
|  |   braces: | ||||||
|  |     max-spaces-inside: 2 | ||||||
							
								
								
									
										1
									
								
								CODEOWNERS
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										1
									
								
								CODEOWNERS
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1 @@ | |||||||
|  | * @volker.raschek | ||||||
							
								
								
									
										82
									
								
								CONTRIBUTING.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										82
									
								
								CONTRIBUTING.md
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,82 @@ | |||||||
|  | # Contributing | ||||||
|  |  | ||||||
|  | I am very happy if you would like to provide a pull request 👍 | ||||||
|  |  | ||||||
|  | The content of this file describes which requirements contributors should fulfill before submitting a pull request (PR). | ||||||
|  |  | ||||||
|  | 1. [Valid Git commits](#valid-git-commits) | ||||||
|  |  | ||||||
|  | ## Valid Git commits | ||||||
|  |  | ||||||
|  | ### Commit message | ||||||
|  |  | ||||||
|  | The repository is subject to a strict commit message template. This states that there are several types of commits. For | ||||||
|  | example, `fix`, `chore`, `refac`, `test` or `doc`. All types are described in more detail below. | ||||||
|  |  | ||||||
|  | | type                | description                                                       | | ||||||
|  | | ------------------- | ----------------------------------------------------------------- | | ||||||
|  | | `feat`              | New feature.                                                      | | ||||||
|  | | `fix`               | Fixes a bug.                                                      | | ||||||
|  | | `refac`             | Refactoring production code.                                      | | ||||||
|  | | `style`             | Fixes formatting issues. No production code change.               | | ||||||
|  | | `docs`              | Adapt documentation. No production code change.                   | | ||||||
|  | | `test`              | Adds new or modifies existing tests. No production code change.   | | ||||||
|  | | `chore`             | Updating grunt tasks. Is everything which the user does not see.  | | ||||||
|  |  | ||||||
|  | Based on these types, commit messaged can then be created. Here are a few examples: | ||||||
|  |  | ||||||
|  | ```text | ||||||
|  | style(README): Wrong indentation | ||||||
|  | feat(deployment): support restartPolicy | ||||||
|  | fix(my-app): Add missing volume | ||||||
|  | docs(CONTRIBUTING): Describe how to commit correctly | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | This type of commit message makes it easier for me as maintainer to keep an overview and does not cause the commits of a | ||||||
|  | pull request PR to be combined into one commit (squashing). | ||||||
|  |  | ||||||
|  | ### Smart commits | ||||||
|  |  | ||||||
|  | Smart commits are excellent when it comes to tracking bugs or issues. In this repository, however, the rebasing of | ||||||
|  | commits is prohibited, which means that only merge commits are possible. This means that a smart commit message only | ||||||
|  | needs to be added to the merge commit. | ||||||
|  |  | ||||||
|  | This has the advantage that the maintainer can use the smart commit to find the merge commit and undo the entire history | ||||||
|  | of a merge without having to select individual commits. The following history illustrates the correct use of smart commits. | ||||||
|  |  | ||||||
|  | ```text | ||||||
|  | * 823edbc7 Volker Raschek (G) | [Close #2] feat(deployment): support additional containers | ||||||
|  | |\ | ||||||
|  | | * 321aebc3 Volker Raschek (G) | doc(README): generate README with new deployment attributes | ||||||
|  | | * 8d101dd3 Volker Raschek (G) | test(deployment): Extend unittest of additional containers | ||||||
|  | | * 6f2abd93 Volker Raschek (G) | fix(deployment): Extend deployment of additional containers | ||||||
|  | |/ | ||||||
|  | * aa5ebda bob (N) | [Close #1] feat(deployment): support initContainers | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | ### Commit signing | ||||||
|  |  | ||||||
|  | Another problem with Git is the chain of trust. Git allows the configuration of any name and e-mail address. An attacker | ||||||
|  | can impersonate any person and submit pull requests under a false identity. For as Linux Torvalds, the maintainer of the | ||||||
|  | Linux kernel. | ||||||
|  |  | ||||||
|  | ```bash | ||||||
|  | git config --global user.name 'Linux Torvalds' | ||||||
|  | git config --global user.email 'torvalds@linux-foundation.org' | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | To avoid this, some Git repositories expect signed commits. In particular, repositories that are subject to direct | ||||||
|  | delivery to customers. For this reason, the repository is subject to a branch protection rule that only allows signed | ||||||
|  | commits. *Until* there is *no verified* and *no signed* commit, the pull request is blocked. | ||||||
|  |  | ||||||
|  | The following articles describes how Git can be configured to sign commits. Please keep in mind, that the e-mail | ||||||
|  | address, which is used as UID of the GPG keyring must also be defined in the profile settings of your GitHub account. | ||||||
|  | Otherwise will be marked the Git commit as *Unverified*. | ||||||
|  |  | ||||||
|  | 1. [Signing Commits](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits) | ||||||
|  | 2. [Tell Git about your signing key](https://docs.github.com/en/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key) | ||||||
|  |  | ||||||
|  | Inspect your Git commit via `git log`. There should be mentioned, that your commit is signed. | ||||||
|  |  | ||||||
|  | Furthermore, the GPG key is unique. **Don't loose your private GPG key**. Backup your private key on a safe device. For | ||||||
|  | example an external USB drive. | ||||||
| @@ -1,9 +1,15 @@ | |||||||
|  | annotations: | ||||||
|  |   artifacthub.io/links: | | ||||||
|  |     - name: Athens proxy (binary) | ||||||
|  |       url: https://github.com/gomods/athens | ||||||
|  |     - name: support | ||||||
|  |       url: https://git.cryptic.systems/volker.raschek/athens-proxy/issues | ||||||
| apiVersion: v2 | apiVersion: v2 | ||||||
| name: athens-proxy | name: athens-proxy | ||||||
| description: Athens proxy server for golang | description: Athens proxy server for golang | ||||||
| type: application | type: application | ||||||
| version: "0.1.0" | version: "0.1.0" | ||||||
| appVersion: "v0.14.1" | appVersion: "v0.16.1" | ||||||
| icon: https://github.com/gomods/athens/blob/main/docs/static/banner.png?raw=true | icon: https://github.com/gomods/athens/blob/main/docs/static/banner.png?raw=true | ||||||
|  |  | ||||||
| keywords: | keywords: | ||||||
|   | |||||||
							
								
								
									
										28
									
								
								LICENSE
									
									
									
									
									
								
							
							
						
						
									
										28
									
								
								LICENSE
									
									
									
									
									
								
							| @@ -1,13 +1,21 @@ | |||||||
| Copyright 2022 Markus Pesch | MIT License | ||||||
|  |  | ||||||
| Licensed under the Apache License, Version 2.0 (the "License"); | Copyright (c) 2025 Markus Pesch | ||||||
| you may not use this file except in compliance with the License. |  | ||||||
| You may obtain a copy of the License at |  | ||||||
|  |  | ||||||
|     http://www.apache.org/licenses/LICENSE-2.0 | Permission is hereby granted, free of charge, to any person obtaining a copy | ||||||
|  | of this software and associated documentation files (the "Software"), to deal | ||||||
|  | in the Software without restriction, including without limitation the rights | ||||||
|  | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | ||||||
|  | copies of the Software, and to permit persons to whom the Software is | ||||||
|  | furnished to do so, subject to the following conditions: | ||||||
|  |  | ||||||
| Unless required by applicable law or agreed to in writing, software | The above copyright notice and this permission notice shall be included in all | ||||||
| distributed under the License is distributed on an "AS IS" BASIS, | copies or substantial portions of the Software. | ||||||
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |  | ||||||
| See the License for the specific language governing permissions and | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | ||||||
| limitations under the License. | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||||||
|  | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | ||||||
|  | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||||||
|  | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | ||||||
|  | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE | ||||||
|  | SOFTWARE. | ||||||
|   | |||||||
							
								
								
									
										91
									
								
								Makefile
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										91
									
								
								Makefile
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,91 @@ | |||||||
|  | # CONTAINER_RUNTIME | ||||||
|  | CONTAINER_RUNTIME?=$(shell which podman) | ||||||
|  |  | ||||||
|  | # HELM_IMAGE | ||||||
|  | HELM_IMAGE_REGISTRY_HOST?=docker.io | ||||||
|  | HELM_IMAGE_REPOSITORY?=volkerraschek/helm | ||||||
|  | HELM_IMAGE_VERSION?=3.19.0 # renovate: datasource=docker registryUrl=https://docker.io depName=volkerraschek/helm | ||||||
|  | HELM_IMAGE_FULLY_QUALIFIED=${HELM_IMAGE_REGISTRY_HOST}/${HELM_IMAGE_REPOSITORY}:${HELM_IMAGE_VERSION} | ||||||
|  |  | ||||||
|  | # NODE_IMAGE | ||||||
|  | NODE_IMAGE_REGISTRY_HOST?=docker.io | ||||||
|  | NODE_IMAGE_REPOSITORY?=library/node | ||||||
|  | NODE_IMAGE_VERSION?=24.10.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/library/node packageName=library/node | ||||||
|  | NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:${NODE_IMAGE_VERSION} | ||||||
|  |  | ||||||
|  | # MISSING DOT | ||||||
|  | # ============================================================================== | ||||||
|  | missing-dot: | ||||||
|  | 	grep --perl-regexp '## @(param|skip).*[^.]$$' values.yaml | ||||||
|  |  | ||||||
|  | # CONTAINER RUN - README | ||||||
|  | # ============================================================================== | ||||||
|  | PHONY+=container-run/readme | ||||||
|  | container-run/readme: container-run/readme/link container-run/readme/lint container-run/readme/parameters | ||||||
|  |  | ||||||
|  | container-run/readme/link: | ||||||
|  | 	${CONTAINER_RUNTIME} run \ | ||||||
|  | 		--rm \ | ||||||
|  | 		--volume $(shell pwd):$(shell pwd) \ | ||||||
|  | 		--workdir $(shell pwd) \ | ||||||
|  | 			${NODE_IMAGE_FULLY_QUALIFIED} \ | ||||||
|  | 				npm install && npm run readme:link | ||||||
|  |  | ||||||
|  | container-run/readme/lint: | ||||||
|  | 	${CONTAINER_RUNTIME} run \ | ||||||
|  | 		--rm \ | ||||||
|  | 		--volume $(shell pwd):$(shell pwd) \ | ||||||
|  | 		--workdir $(shell pwd) \ | ||||||
|  | 			${NODE_IMAGE_FULLY_QUALIFIED} \ | ||||||
|  | 				npm install && npm run readme:lint | ||||||
|  |  | ||||||
|  | container-run/readme/parameters: | ||||||
|  | 	${CONTAINER_RUNTIME} run \ | ||||||
|  | 		--rm \ | ||||||
|  | 		--volume $(shell pwd):$(shell pwd) \ | ||||||
|  | 		--workdir $(shell pwd) \ | ||||||
|  | 			${NODE_IMAGE_FULLY_QUALIFIED} \ | ||||||
|  | 				npm install && npm run readme:parameters | ||||||
|  |  | ||||||
|  | # CONTAINER RUN - HELM UNITTESTS | ||||||
|  | # ============================================================================== | ||||||
|  | PHONY+=container-run/helm-unittests | ||||||
|  | container-run/helm-unittests: | ||||||
|  | 	${CONTAINER_RUNTIME} run \ | ||||||
|  | 		--env HELM_REPO_PASSWORD=${CHART_SERVER_PASSWORD} \ | ||||||
|  | 		--env HELM_REPO_USERNAME=${CHART_SERVER_USERNAME} \ | ||||||
|  | 		--rm \ | ||||||
|  | 		--volume $(shell pwd):$(shell pwd) \ | ||||||
|  | 		--workdir $(shell pwd) \ | ||||||
|  | 			${HELM_IMAGE_FULLY_QUALIFIED} \ | ||||||
|  | 				unittest --strict --file 'unittests/**/*.yaml' ./ | ||||||
|  |  | ||||||
|  | # CONTAINER RUN - HELM UPDATE DEPENDENCIES | ||||||
|  | # ============================================================================== | ||||||
|  | PHONY+=container-run/helm-update-dependencies | ||||||
|  | container-run/helm-update-dependencies: | ||||||
|  | 	${CONTAINER_RUNTIME} run \ | ||||||
|  | 		--env HELM_REPO_PASSWORD=${CHART_SERVER_PASSWORD} \ | ||||||
|  | 		--env HELM_REPO_USERNAME=${CHART_SERVER_USERNAME} \ | ||||||
|  | 		--rm \ | ||||||
|  | 		--volume $(shell pwd):$(shell pwd) \ | ||||||
|  | 		--workdir $(shell pwd) \ | ||||||
|  | 			${HELM_IMAGE_FULLY_QUALIFIED} \ | ||||||
|  | 				dependency update | ||||||
|  |  | ||||||
|  | # CONTAINER RUN - MARKDOWN-LINT | ||||||
|  | # ============================================================================== | ||||||
|  | PHONY+=container-run/helm-lint | ||||||
|  | container-run/helm-lint: | ||||||
|  | 	${CONTAINER_RUNTIME} run \ | ||||||
|  | 		--rm \ | ||||||
|  | 		--volume $(shell pwd):$(shell pwd) \ | ||||||
|  | 		--workdir $(shell pwd) \ | ||||||
|  | 		${HELM_IMAGE_FULLY_QUALIFIED} \ | ||||||
|  | 			lint --values values.yaml . | ||||||
|  |  | ||||||
|  | # PHONY | ||||||
|  | # ============================================================================== | ||||||
|  | # Declare the contents of the PHONY variable as phony. We keep that information | ||||||
|  | # in a variable so we can use it in if_changed. | ||||||
|  | .PHONY: ${PHONY} | ||||||
							
								
								
									
										217
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										217
									
								
								README.md
									
									
									
									
									
								
							| @@ -1,6 +1,5 @@ | |||||||
| # athens-proxy-charts | # athens-proxy-charts | ||||||
|  |  | ||||||
| [](https://drone.cryptic.systems/volker.raschek/athens-proxy-charts) |  | ||||||
| [](https://artifacthub.io/packages/search?repo=volker-raschek) | [](https://artifacthub.io/packages/search?repo=volker-raschek) | ||||||
|  |  | ||||||
| This is an inofficial helm chart of the go-proxy | This is an inofficial helm chart of the go-proxy | ||||||
| @@ -26,7 +25,7 @@ below or via mounting the config.toml as additional persistent volume to | |||||||
|  |  | ||||||
| Create a `configmap.yaml` with multiple keys. One key describe the content of | Create a `configmap.yaml` with multiple keys. One key describe the content of | ||||||
| the `.gitconfig` file and another of `config` of the ssh client. All requests | the `.gitconfig` file and another of `config` of the ssh client. All requests | ||||||
| git clone comands with the prefix `http://github.com/` will be replaced by | Git clone comands with the prefix `http://github.com/` will be replaced by | ||||||
| `git@github.com:` to use SSH instead of HTTPS. The SSH keys are stored in a | `git@github.com:` to use SSH instead of HTTPS. The SSH keys are stored in a | ||||||
| separate secret. | separate secret. | ||||||
|  |  | ||||||
| @@ -104,11 +103,11 @@ extraVolumeMounts: | |||||||
|   mountPath: /root/.config/git |   mountPath: /root/.config/git | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
| ## Access private github.com repositories via developer token | ## Access private GitHub.com repositories via developer token | ||||||
|  |  | ||||||
| Another way to access private github repositories is via a github token, which | Another way to access private GitHub repositories is via a GitHub token, which | ||||||
| can be set via the environment variable `GITHUB_TOKEN`. Athens automatically | can be set via the environment variable `GITHUB_TOKEN`. Athens automatically | ||||||
| creates a `.netrc` file to access private github repositories. | creates a `.netrc` file to access private GitHub repositories. | ||||||
|  |  | ||||||
| ## Access private repositories via .netrc configuration | ## Access private repositories via .netrc configuration | ||||||
|  |  | ||||||
| @@ -117,7 +116,7 @@ HTTP. The file can also be defined via a custom secret and mounted into the home | |||||||
| directory of `root` for general authentication purpose. | directory of `root` for general authentication purpose. | ||||||
|  |  | ||||||
| The example below describe the definition and mounting of a custom `.netrc` file | The example below describe the definition and mounting of a custom `.netrc` file | ||||||
| to access private repositories hosted on github and gitlab. | to access private repositories hosted on GitHub and GitLab. | ||||||
|  |  | ||||||
| ```yaml | ```yaml | ||||||
| apiVersion: v1 | apiVersion: v1 | ||||||
| @@ -165,3 +164,209 @@ extraVolumeMounts: | |||||||
| - name: gomodules | - name: gomodules | ||||||
|   mountPath: /var/lib/athens |   mountPath: /var/lib/athens | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
|  | ## Parameters | ||||||
|  |  | ||||||
|  | ### Global | ||||||
|  |  | ||||||
|  | | Name               | Description                               | Value | | ||||||
|  | | ------------------ | ----------------------------------------- | ----- | | ||||||
|  | | `nameOverride`     | Individual release name suffix.           | `""`  | | ||||||
|  | | `fullnameOverride` | Override the complete release name logic. | `""`  | | ||||||
|  |  | ||||||
|  | ### Configuration | ||||||
|  |  | ||||||
|  | | Name                                                    | Description                                                                                                                                       | Value                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | | ||||||
|  | | ------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | ||||||
|  | | `config.env.existingSecret.enabled`                     | Mount an existing secret containing the application specific environment variables.                                                               | `false`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | | ||||||
|  | | `config.env.existingSecret.secretName`                  | Name of the existing secret containing the application specific environment variables.                                                            | `""`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | | ||||||
|  | | `config.env.secret.annotations`                         | Additional annotations of the secret containing the database credentials.                                                                         | `{}`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | | ||||||
|  | | `config.env.secret.labels`                              | Additional labels of the secret containing the database credentials.                                                                              | `{}`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | | ||||||
|  | | `config.env.secret.envs`                                | List of environment variables stored in a secret and mounted into the container.                                                                  | `{}`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | | ||||||
|  | | `config.downloadMode.enabled`                           | Enable mounting of a download mode file into the container file system. If enabled, the env `ATHENS_DOWNLOAD_MODE` will automatically be defined. | `false`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | | ||||||
|  | | `config.downloadMode.existingConfigMap.enabled`         | Enable to use an external config map for mounting the download mode file.                                                                         | `false`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | | ||||||
|  | | `config.downloadMode.existingConfigMap.configMapName`   | The name of the existing config map which should be used to mount the download mode file.                                                         | `""`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | | ||||||
|  | | `config.downloadMode.existingConfigMap.downloadModeKey` | The name of the key inside the config map where the content of the download mode file is stored.                                                  | `downloadMode`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  | | ||||||
|  | | `config.downloadMode.configMap.annotations`             | Additional annotations of the config map containing the download mode file.                                                                       | `{}`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | | ||||||
|  | | `config.downloadMode.configMap.labels`                  | Additional labels of the config map containing the download mode file.                                                                            | `{}`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | | ||||||
|  | | `config.downloadMode.configMap.content`                 | The content of the download mode file.                                                                                                            | `# downloadURL = "https://proxy.golang.org" | ||||||
|  | # | ||||||
|  | # mode = "async_redirect" | ||||||
|  | # | ||||||
|  | # download "github.com/gomods/*" { | ||||||
|  | #     mode = "sync" | ||||||
|  | # } | ||||||
|  | # | ||||||
|  | # download "golang.org/x/*" { | ||||||
|  | #     mode = "none" | ||||||
|  | # } | ||||||
|  | # | ||||||
|  | # download "github.com/pkg/*" { | ||||||
|  | #     mode = "redirect" | ||||||
|  | #     downloadURL = "https://gocenter.io" | ||||||
|  | # } | ||||||
|  | `                                                                                                                                                                                                                                                                                                                                                                          | | ||||||
|  | | `config.gitConfig.enabled`                              | Enable mounting of a .gitconfig file into the container file system.                                                                              | `false`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | | ||||||
|  | | `config.gitConfig.existingConfigMap.enabled`            | Enable to use an external config map for mounting the .gitconfig file.                                                                            | `false`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | | ||||||
|  | | `config.gitConfig.existingConfigMap.configMapName`      | The name of the existing config map which should be used to mount the .gitconfig file.                                                            | `""`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | | ||||||
|  | | `config.gitConfig.existingConfigMap.gitConfigKey`       | The name of the key inside the config map where the content of the .gitconfig file is stored.                                                     | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | | ||||||
|  | | `config.gitConfig.configMap.annotations`                | Additional annotations of the config map containing the .gitconfig file.                                                                          | `{}`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | | ||||||
|  | | `config.gitConfig.configMap.labels`                     | Additional labels of the config map containing the .gitconfig file.                                                                               | `{}`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | | ||||||
|  | | `config.gitConfig.configMap.content`                    | The content of the .gitconfig file.                                                                                                               | `# The .gitconfig file | ||||||
|  | # | ||||||
|  | # The .gitconfig file contains the user specific git configuration. It generally resides in the user's home | ||||||
|  | # directory. | ||||||
|  | # | ||||||
|  | # [url "git@github.com:"] insteadOf = https://github.com/ | ||||||
|  | `                                                                                                                                                                                                                                                                                                                                                                                                                                                                 | | ||||||
|  | | `config.netrc.enabled`                                  | Enable mounting of a .netrc file into the container file system.                                                                                  | `false`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | | ||||||
|  | | `config.netrc.existingSecret.enabled`                   | Enable to use an external secret for mounting the .netrc file.                                                                                    | `false`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | | ||||||
|  | | `config.netrc.existingSecret.secretName`                | The name of the existing secret which should be used to mount the .netrc file.                                                                    | `""`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | | ||||||
|  | | `config.netrc.existingSecret.netrcKey`                  | The name of the key inside the secret where the content of the .netrc file is stored.                                                             | `.netrc`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        | | ||||||
|  | | `config.netrc.secret.annotations`                       | Additional annotations of the secret containing the database credentials.                                                                         | `{}`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | | ||||||
|  | | `config.netrc.secret.labels`                            | Additional labels of the secret containing the database credentials.                                                                              | `{}`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | | ||||||
|  | | `config.netrc.secret.content`                           | The content of the .netrc file.                                                                                                                   | `# The .netrc file | ||||||
|  | # | ||||||
|  | # The .netrc file contains login and initialization information used by the auto-login process. It generally | ||||||
|  | # resides in the user's home directory, but a location outside of the home directory can be set using the | ||||||
|  | # environment variable NETRC. Both locations are overridden by the command line option -N. The selected file | ||||||
|  | # must be a regular file, or access will be denied. | ||||||
|  | # | ||||||
|  | # https://www.gnu.org/software/inetutils/manual/html_node/The-_002enetrc-file.html | ||||||
|  | # | ||||||
|  | # default login           [name]     password  [password/token] | ||||||
|  | # machine github.com      [octocat]  password  [PAT] | ||||||
|  | # machine api.github.com  [octocat]  password  [PAT] | ||||||
|  | ` | | ||||||
|  | | `config.ssh.enabled`                                    | Enable mounting of a .netrc file into the container file system.                                                                                  | `false`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | | ||||||
|  | | `config.ssh.existingSecret.enabled`                     | Enable to use an external secret for mounting the public and private SSH key files.                                                               | `false`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | | ||||||
|  | | `config.ssh.existingSecret.secretName`                  | The name of the existing secret which should be used to mount the public and private SSH key files.                                               | `""`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | | ||||||
|  | | `config.ssh.existingSecret.configKey`                   | The name of the key inside the secret where the content of the SSH client config file is stored.                                                  | `config`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        | | ||||||
|  | | `config.ssh.existingSecret.id_ed25519Key`               | The name of the key inside the secret where the content of the id_ed25519 key file is stored.                                                     | `id_ed25519`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    | | ||||||
|  | | `config.ssh.existingSecret.id_ed25519PubKey`            | The name of the key inside the secret where the content of the id_ed25519.pub key file is stored.                                                 | `id_ed25519.pub`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                | | ||||||
|  | | `config.ssh.existingSecret.id_rsaKey`                   | The name of the key inside the secret where the content of the id_rsa key file is stored.                                                         | `id_rsa`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        | | ||||||
|  | | `config.ssh.existingSecret.id_rsaPubKey`                | The name of the key inside the secret where the content of the id_ed25519.pub key file is stored.                                                 | `id_rsa.pub`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    | | ||||||
|  | | `config.ssh.secret.annotations`                         | Additional annotations of the secret containing the public and private SSH key files.                                                             | `{}`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | | ||||||
|  | | `config.ssh.secret.labels`                              | Additional labels of the secret containing the public and private SSH key files.                                                                  | `{}`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | | ||||||
|  | | `config.ssh.secret.config`                              | The content of the SSH client config file.                                                                                                        | `# Host * | ||||||
|  | #   IdentityFile ~/.ssh/id_ed25519 | ||||||
|  | #   IdentityFile ~/.ssh/id_rsa | ||||||
|  | `                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   | | ||||||
|  |  | ||||||
|  | ### Deployment | ||||||
|  |  | ||||||
|  | | Name                                               | Description                                                                                                | Value           | | ||||||
|  | | -------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | --------------- | | ||||||
|  | | `deployment.annotations`                           | Additional deployment annotations.                                                                         | `{}`            | | ||||||
|  | | `deployment.labels`                                | Additional deployment labels.                                                                              | `{}`            | | ||||||
|  | | `deployment.additionalContainers`                  | List of additional containers.                                                                             | `[]`            | | ||||||
|  | | `deployment.affinity`                              | Affinity for the athens-proxy deployment.                                                                  | `{}`            | | ||||||
|  | | `deployment.initContainers`                        | List of additional init containers.                                                                        | `[]`            | | ||||||
|  | | `deployment.dnsConfig`                             | dnsConfig of the athens-proxy deployment.                                                                  | `{}`            | | ||||||
|  | | `deployment.dnsPolicy`                             | dnsPolicy of the athens-proxy deployment.                                                                  | `""`            | | ||||||
|  | | `deployment.hostname`                              | Individual hostname of the pod.                                                                            | `""`            | | ||||||
|  | | `deployment.subdomain`                             | Individual domain of the pod.                                                                              | `""`            | | ||||||
|  | | `deployment.hostNetwork`                           | Use the kernel network namespace of the host system.                                                       | `false`         | | ||||||
|  | | `deployment.imagePullSecrets`                      | Secret to use for pulling the image.                                                                       | `[]`            | | ||||||
|  | | `deployment.athensProxy.args`                      | Arguments passed to the athens-proxy container.                                                            | `[]`            | | ||||||
|  | | `deployment.athensProxy.command`                   | Command passed to the athens-proxy container.                                                              | `[]`            | | ||||||
|  | | `deployment.athensProxy.env`                       | List of environment variables for the athens-proxy container.                                              | `[]`            | | ||||||
|  | | `deployment.athensProxy.envFrom`                   | List of environment variables mounted from configMaps or secrets for the athens-proxy container.           | `[]`            | | ||||||
|  | | `deployment.athensProxy.image.registry`            | Image registry, eg. `docker.io`.                                                                           | `docker.io`     | | ||||||
|  | | `deployment.athensProxy.image.repository`          | Image repository, eg. `library/busybox`.                                                                   | `gomods/athens` | | ||||||
|  | | `deployment.athensProxy.image.tag`                 | Custom image tag, eg. `0.1.0`. Defaults to `appVersion`.                                                   | `""`            | | ||||||
|  | | `deployment.athensProxy.image.pullPolicy`          | Image pull policy.                                                                                         | `IfNotPresent`  | | ||||||
|  | | `deployment.athensProxy.resources`                 | CPU and memory resources of the pod.                                                                       | `{}`            | | ||||||
|  | | `deployment.athensProxy.securityContext`           | Security context of the container of the deployment.                                                       | `{}`            | | ||||||
|  | | `deployment.athensProxy.volumeMounts`              | Additional volume mounts.                                                                                  | `[]`            | | ||||||
|  | | `deployment.nodeSelector`                          | NodeSelector of the athens-proxy deployment.                                                               | `{}`            | | ||||||
|  | | `deployment.priorityClassName`                     | PriorityClassName of the athens-proxy deployment.                                                          | `""`            | | ||||||
|  | | `deployment.replicas`                              | Number of replicas for the athens-proxy deployment.                                                        | `1`             | | ||||||
|  | | `deployment.restartPolicy`                         | Restart policy of the athens-proxy deployment.                                                             | `""`            | | ||||||
|  | | `deployment.securityContext`                       | Security context of the athens-proxy deployment.                                                           | `{}`            | | ||||||
|  | | `deployment.strategy.type`                         | Strategy type - `Recreate` or `RollingUpdate`.                                                             | `RollingUpdate` | | ||||||
|  | | `deployment.strategy.rollingUpdate.maxSurge`       | The maximum number of pods that can be scheduled above the desired number of pods during a rolling update. | `1`             | | ||||||
|  | | `deployment.strategy.rollingUpdate.maxUnavailable` | The maximum number of pods that can be unavailable during a rolling update.                                | `1`             | | ||||||
|  | | `deployment.terminationGracePeriodSeconds`         | How long to wait until forcefully kill the pod.                                                            | `60`            | | ||||||
|  | | `deployment.tolerations`                           | Tolerations of the athens-proxy deployment.                                                                | `[]`            | | ||||||
|  | | `deployment.topologySpreadConstraints`             | TopologySpreadConstraints of the athens-proxy deployment.                                                  | `[]`            | | ||||||
|  | | `deployment.volumes`                               | Additional volumes to mount into the pods of the prometheus-exporter deployment.                           | `[]`            | | ||||||
|  |  | ||||||
|  | ### Horizontal Pod Autoscaler (HPA) | ||||||
|  |  | ||||||
|  | | Name              | Description                                                                                        | Value       | | ||||||
|  | | ----------------- | -------------------------------------------------------------------------------------------------- | ----------- | | ||||||
|  | | `hpa.enabled`     | Enable the horizontal pod autoscaler (HPA).                                                        | `false`     | | ||||||
|  | | `hpa.annotations` | Additional annotations for the HPA.                                                                | `{}`        | | ||||||
|  | | `hpa.labels`      | Additional labels for the HPA.                                                                     | `{}`        | | ||||||
|  | | `hpa.metrics`     | Metrics contains the specifications for which to use to calculate the desired replica count.       | `undefined` | | ||||||
|  | | `hpa.minReplicas` | Min replicas is the lower limit for the number of replicas to which the autoscaler can scale down. | `1`         | | ||||||
|  | | `hpa.maxReplicas` | Upper limit for the number of pods that can be set by the autoscaler.                              | `10`        | | ||||||
|  |  | ||||||
|  | ### Ingress | ||||||
|  |  | ||||||
|  | | Name                  | Description                                                                                                          | Value   | | ||||||
|  | | --------------------- | -------------------------------------------------------------------------------------------------------------------- | ------- | | ||||||
|  | | `ingress.enabled`     | Enable creation of an ingress resource. Requires, that the http service is also enabled.                             | `false` | | ||||||
|  | | `ingress.className`   | Ingress class.                                                                                                       | `nginx` | | ||||||
|  | | `ingress.annotations` | Additional ingress annotations.                                                                                      | `{}`    | | ||||||
|  | | `ingress.labels`      | Additional ingress labels.                                                                                           | `{}`    | | ||||||
|  | | `ingress.hosts`       | Ingress specific configuration. Specification only required when another ingress controller is used instead of `t1k. | `[]`    | | ||||||
|  | | `ingress.tls`         | Ingress TLS settings. Specification only required when another ingress controller is used instead of `t1k``.         | `[]`    | | ||||||
|  |  | ||||||
|  | ### Persistence | ||||||
|  |  | ||||||
|  | | Name                                                                       | Description                                                                                                                                                                                                             | Value                        | | ||||||
|  | | -------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------- | | ||||||
|  | | `persistence.enabled`                                                      | Enable the feature to store the data on a persistent volume claim. If enabled, the volume will be automatically be mounted into the pod. Furthermore, the env `ATHENS_STORAGE_TYPE=disk` will automatically be defined. | `false`                      | | ||||||
|  | | `persistence.data.mountPath`                                               | The path where the persistent volume should be mounted in the container file system. This variable controls `ATHENS_DISK_STORAGE_ROOT`.                                                                                 | `/var/www/athens-proxy/data` | | ||||||
|  | | `persistence.data.existingPersistentVolumeClaim.enabled`                   | TODO                                                                                                                                                                                                                    | `false`                      | | ||||||
|  | | `persistence.data.existingPersistentVolumeClaim.persistentVolumeClaimName` | TODO                                                                                                                                                                                                                    | `""`                         | | ||||||
|  | | `persistence.data.persistentVolumeClaim.annotations`                       | Additional persistent volume claim annotations.                                                                                                                                                                         | `{}`                         | | ||||||
|  | | `persistence.data.persistentVolumeClaim.labels`                            | Additional persistent volume claim labels.                                                                                                                                                                              | `{}`                         | | ||||||
|  | | `persistence.data.persistentVolumeClaim.accessModes`                       | Access modes of the persistent volume claim.                                                                                                                                                                            | `["ReadWriteMany"]`          | | ||||||
|  | | `persistence.data.persistentVolumeClaim.storageClass`                      | Storage class of the persistent volume claim.                                                                                                                                                                           | `""`                         | | ||||||
|  | | `persistence.data.persistentVolumeClaim.storageSize`                       | Size of the persistent volume claim.                                                                                                                                                                                    | `5Gi`                        | | ||||||
|  |  | ||||||
|  | ### NetworkPolicies | ||||||
|  |  | ||||||
|  | | Name                                  | Description                                                                                           | Value   | | ||||||
|  | | ------------------------------------- | ----------------------------------------------------------------------------------------------------- | ------- | | ||||||
|  | | `networkPolicies.enabled`             | Enable network policies in general.                                                                   | `false` | | ||||||
|  | | `networkPolicies.default.enabled`     | Enable the network policy for accessing the application by default. For example to scape the metrics. | `false` | | ||||||
|  | | `networkPolicies.default.annotations` | Additional network policy annotations.                                                                | `{}`    | | ||||||
|  | | `networkPolicies.default.labels`      | Additional network policy labels.                                                                     | `{}`    | | ||||||
|  | | `networkPolicies.default.policyTypes` | List of policy types. Supported is ingress, egress or ingress and egress.                             | `[]`    | | ||||||
|  | | `networkPolicies.default.egress`      | Concrete egress network policy implementation.                                                        | `[]`    | | ||||||
|  | | `networkPolicies.default.ingress`     | Concrete ingress network policy implementation.                                                       | `[]`    | | ||||||
|  |  | ||||||
|  | ### Service | ||||||
|  |  | ||||||
|  | | Name                                     | Description                                                                                                                                                                                                | Value       | | ||||||
|  | | ---------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------- | | ||||||
|  | | `services.http.enabled`                  | Enable the service.                                                                                                                                                                                        | `true`      | | ||||||
|  | | `services.http.annotations`              | Additional service annotations.                                                                                                                                                                            | `{}`        | | ||||||
|  | | `services.http.externalIPs`              | External IPs for the service.                                                                                                                                                                              | `[]`        | | ||||||
|  | | `services.http.externalTrafficPolicy`    | If `service.type` is `NodePort` or `LoadBalancer`, set this to `Local` to tell kube-proxy to only use node local endpoints for cluster external traffic. Furthermore, this enables source IP preservation. | `Cluster`   | | ||||||
|  | | `services.http.internalTrafficPolicy`    | If `service.type` is `NodePort` or `LoadBalancer`, set this to `Local` to tell kube-proxy to only use node local endpoints for cluster internal traffic.                                                   | `Cluster`   | | ||||||
|  | | `services.http.ipFamilies`               | IPFamilies is list of IP families (e.g. `IPv4`, `IPv6`) assigned to this service. This field is usually assigned automatically based on cluster configuration and only required for customization.         | `[]`        | | ||||||
|  | | `services.http.labels`                   | Additional service labels.                                                                                                                                                                                 | `{}`        | | ||||||
|  | | `services.http.loadBalancerClass`        | LoadBalancerClass is the class of the load balancer implementation this Service belongs to. Requires service from type `LoadBalancer`.                                                                     | `""`        | | ||||||
|  | | `services.http.loadBalancerIP`           | LoadBalancer will get created with the IP specified in this field. Requires service from type `LoadBalancer`.                                                                                              | `""`        | | ||||||
|  | | `services.http.loadBalancerSourceRanges` | Source range filter for LoadBalancer. Requires service from type `LoadBalancer`.                                                                                                                           | `[]`        | | ||||||
|  | | `services.http.port`                     | Port to forward the traffic to.                                                                                                                                                                            | `3000`      | | ||||||
|  | | `services.http.sessionAffinity`          | Supports `ClientIP` and `None`. Enable client IP based session affinity via `ClientIP`.                                                                                                                    | `None`      | | ||||||
|  | | `services.http.sessionAffinityConfig`    | Contains the configuration of the session affinity.                                                                                                                                                        | `{}`        | | ||||||
|  | | `services.http.type`                     | Kubernetes service type for the traffic.                                                                                                                                                                   | `ClusterIP` | | ||||||
|  |  | ||||||
|  | ### ServiceAccount | ||||||
|  |  | ||||||
|  | | Name                                              | Description                                                                                                                                         | Value   | | ||||||
|  | | ------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | ------- | | ||||||
|  | | `serviceAccount.existing.enabled`                 | Use an existing service account instead of creating a new one. Assumes that the user has all the necessary kubernetes API authorizations.           | `false` | | ||||||
|  | | `serviceAccount.existing.serviceAccountName`      | Name of the existing service account.                                                                                                               | `""`    | | ||||||
|  | | `serviceAccount.new.annotations`                  | Additional service account annotations.                                                                                                             | `{}`    | | ||||||
|  | | `serviceAccount.new.labels`                       | Additional service account labels.                                                                                                                  | `{}`    | | ||||||
|  | | `serviceAccount.new.automountServiceAccountToken` | Enable/disable auto mounting of the service account token.                                                                                          | `true`  | | ||||||
|  | | `serviceAccount.new.imagePullSecrets`             | ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this serviceAccount. | `[]`    | | ||||||
|  | | `serviceAccount.new.secrets`                      | Secrets is the list of secrets allowed to be used by pods running using this ServiceAccount.                                                        | `[]`    | | ||||||
|   | |||||||
| @@ -1,12 +0,0 @@ | |||||||
| apiVersion: v1 |  | ||||||
| kind: ConfigMap |  | ||||||
| metadata: |  | ||||||
|   name: custom-configs |  | ||||||
| data: |  | ||||||
|   sshconfig: | |  | ||||||
|     Host github.com |  | ||||||
|       IdentityFile /root/.ssh/id_ed25519 |  | ||||||
|       StrictHostKeyChecking no |  | ||||||
|   gitconfig: | |  | ||||||
|     [url "git@github.com:"] |  | ||||||
|       insteadOf = https://github.com/ |  | ||||||
| @@ -1,26 +0,0 @@ | |||||||
| apiVersion: v1 |  | ||||||
| kind: Secret |  | ||||||
| metadata: |  | ||||||
|   name: custom-ssh-keys |  | ||||||
| type: Opaque |  | ||||||
| stringData: |  | ||||||
|   id_ed25519: | |  | ||||||
|     -----BEGIN OPENSSH PRIVATE KEY----- |  | ||||||
|     b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW |  | ||||||
|     QyNTUxOQAAACCpf/10TWlksg6/5mZF067fTGvW71I5QVJEp/nyC8hVHgAAAJgwWWNdMFlj |  | ||||||
|     XQAAAAtzc2gtZWQyNTUxOQAAACCpf/10TWlksg6/5mZF067fTGvW71I5QVJEp/nyC8hVHg |  | ||||||
|     AAAEDzTPitanzgl6iThoFCx8AXwsGLS5Q+3+K66ZOmN0p6+6l//XRNaWSyDr/mZkXTrt9M |  | ||||||
|     a9bvUjlBUkSn+fILyFUeAAAAEG1hcmt1c0BtYXJrdXMtcGMBAgMEBQ== |  | ||||||
|     -----END OPENSSH PRIVATE KEY----- |  | ||||||
|   id_ed25519.pub: | |  | ||||||
|     ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKl//XRNaWSyDr/mZkXTrt9Ma9bvUjlBUkSn+fILyFUe |  | ||||||
| --- |  | ||||||
| apiVersion: v1 |  | ||||||
| kind: Secret |  | ||||||
| metadata: |  | ||||||
|   name: custom-netrc |  | ||||||
| type: Opaque |  | ||||||
| stringData: |  | ||||||
|   netrc: | |  | ||||||
|     machine github.com login USERNAME password API-KEY |  | ||||||
|     machine gitlab.com login USERNAME password API-KEY |  | ||||||
							
								
								
									
										2617
									
								
								package-lock.json
									
									
									
										generated
									
									
									
										Normal file
									
								
							
							
						
						
									
										2617
									
								
								package-lock.json
									
									
									
										generated
									
									
									
										Normal file
									
								
							
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							
							
								
								
									
										21
									
								
								package.json
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										21
									
								
								package.json
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,21 @@ | |||||||
|  | { | ||||||
|  |   "name": "athens-proxy-charts", | ||||||
|  |   "homepage": "https://git.cryptic.systems/volker.raschek/athens-proxy-charts.git", | ||||||
|  |   "license": "MIT", | ||||||
|  |   "private": true, | ||||||
|  |   "engineStrict": true, | ||||||
|  |   "engines": { | ||||||
|  |     "node": ">=16.0.0", | ||||||
|  |     "npm": ">=8.0.0" | ||||||
|  |   }, | ||||||
|  |   "scripts": { | ||||||
|  |     "readme:link": "markdown-link-check *.md", | ||||||
|  |     "readme:lint": "markdownlint *.md -f", | ||||||
|  |     "readme:parameters": "readme-generator -v values.yaml -r README.md" | ||||||
|  |   }, | ||||||
|  |   "devDependencies": { | ||||||
|  |     "@bitnami/readme-generator-for-helm": "^2.5.0", | ||||||
|  |     "markdown-link-check": "^3.13.6", | ||||||
|  |     "markdownlint-cli": "^0.45.0" | ||||||
|  |   } | ||||||
|  | } | ||||||
| @@ -1,26 +1,14 @@ | |||||||
| { | { | ||||||
|   "$schema": "https://docs.renovatebot.com/renovate-schema.json", |   "$schema": "https://docs.renovatebot.com/renovate-schema.json", | ||||||
|   "assignees": [ "volker.raschek" ], |   "extends": [ | ||||||
|   "labels": [ "renovate" ], |     "local>volker.raschek/renovate-config:default#master", | ||||||
|   "packageRules": [ |     "local>volker.raschek/renovate-config:container#master", | ||||||
|     { |     "local>volker.raschek/renovate-config:actions#master", | ||||||
|       "addLabels": [ "renovate/athens-proxy", "renovate/automerge" ], |     "local>volker.raschek/renovate-config:npm#master", | ||||||
|       "automerge": true, |     "local>volker.raschek/renovate-config:regexp#master" | ||||||
|       "matchManagers": "droneci", |  | ||||||
|       "matchUpdateTypes": [ "minor", "patch"] |  | ||||||
|     }, |  | ||||||
|     { |  | ||||||
|       "addLabels": [ "renovate/athens-proxy", "renovate/automerge" ], |  | ||||||
|       "automerge": false, |  | ||||||
|       "matchPackageNames": [ "gomods/athens" ], |  | ||||||
|       "matchManagers": [ "regex" ] |  | ||||||
|     } |  | ||||||
|   ], |   ], | ||||||
|   "rebaseLabel": "renovate/rebase", |   "customManagers": [ | ||||||
|   "rebaseWhen": "behind-base-branch", |  | ||||||
|   "regexManagers": [ |  | ||||||
|     { |     { | ||||||
|       "description": "Update container image reference", |  | ||||||
|       "fileMatch": [ |       "fileMatch": [ | ||||||
|         "^Chart\\.yaml$" |         "^Chart\\.yaml$" | ||||||
|       ], |       ], | ||||||
| @@ -28,7 +16,53 @@ | |||||||
|         "appVersion: \"(?<currentValue>.*?)\"\\s+" |         "appVersion: \"(?<currentValue>.*?)\"\\s+" | ||||||
|       ], |       ], | ||||||
|       "datasourceTemplate": "docker", |       "datasourceTemplate": "docker", | ||||||
|       "depNameTemplate": "gomods/athens" |       "depNameTemplate": "gomods/athens", | ||||||
|  |       "lookupNameTemplate": "docker.io/gomods/athens", | ||||||
|  |       "versioningTemplate": "semver" | ||||||
|  |     }, | ||||||
|  |     { | ||||||
|  |       "fileMatch": ["^README\\.md$"], | ||||||
|  |       "matchStrings": [ | ||||||
|  |         "VERSION=(?<currentValue>.*)" | ||||||
|  |       ], | ||||||
|  |       "depNameTemplate": "volker.raschek/athens-proxy-charts", | ||||||
|  |       "packageNameTemplate": "https://git.cryptic.systems/volker.raschek/athens-proxy-charts", | ||||||
|  |       "datasourceTemplate": "git-tags", | ||||||
|  |       "versioningTemplate": "semver" | ||||||
|  |     } | ||||||
|  |   ], | ||||||
|  |   "packageRules": [ | ||||||
|  |     { | ||||||
|  |       "addLabels": [ | ||||||
|  |         "renovate/automerge", | ||||||
|  |         "renovate/container" | ||||||
|  |       ], | ||||||
|  |       "automerge": true, | ||||||
|  |       "excludePackagePatterns": [ | ||||||
|  |         "gomods/athens" | ||||||
|  |       ], | ||||||
|  |       "matchDatasources": [ | ||||||
|  |         "docker" | ||||||
|  |       ], | ||||||
|  |       "matchUpdateTypes": [ | ||||||
|  |         "minor", | ||||||
|  |         "patch" | ||||||
|  |       ] | ||||||
|  |     }, | ||||||
|  |     { | ||||||
|  |       "addLabels": [ | ||||||
|  |         "renovate/automerge", | ||||||
|  |         "renovate/documentation" | ||||||
|  |       ], | ||||||
|  |       "automerge": true, | ||||||
|  |       "matchDepNames": [ | ||||||
|  |         "volker.raschek/athens-proxy-charts" | ||||||
|  |       ], | ||||||
|  |       "matchUpdateTypes": [ | ||||||
|  |         "major", | ||||||
|  |         "minor", | ||||||
|  |         "patch" | ||||||
|  |       ] | ||||||
|     } |     } | ||||||
|   ] |   ] | ||||||
| } | } | ||||||
|   | |||||||
| @@ -1,3 +1,4 @@ | |||||||
|  | {{/* vim: set filetype=mustache: */}} | ||||||
| {{/* | {{/* | ||||||
| Expand the name of the chart. | Expand the name of the chart. | ||||||
| */}} | */}} | ||||||
| @@ -30,20 +31,26 @@ Create chart name and version as used by the chart label. | |||||||
| {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} | ||||||
| {{- end }} | {{- end }} | ||||||
| 
 | 
 | ||||||
|  | {{/* | ||||||
|  | Common annotations | ||||||
|  | */}} | ||||||
|  | {{- define "athens-proxy.annotations" -}} | ||||||
|  | {{- end }} | ||||||
|  | 
 | ||||||
| {{/* | {{/* | ||||||
| Common labels | Common labels | ||||||
| */}} | */}} | ||||||
| {{- define "athens-proxy.labels" -}} | {{- define "athens-proxy.labels" -}} | ||||||
| helm.sh/chart: {{ include "athens-proxy.chart" . }} |  | ||||||
| {{ include "athens-proxy.selectorLabels" . }} | {{ include "athens-proxy.selectorLabels" . }} | ||||||
| {{- if .Chart.AppVersion }} | {{- if .Chart.AppVersion }} | ||||||
| app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} | ||||||
| {{- end }} | {{- end }} | ||||||
| app.kubernetes.io/managed-by: {{ .Release.Service }} | app.kubernetes.io/managed-by: {{ .Release.Service }} | ||||||
|  | helm.sh/chart: {{ include "athens-proxy.chart" . }} | ||||||
| {{- end }} | {{- end }} | ||||||
| 
 | 
 | ||||||
| {{/* | {{/* | ||||||
| Selector labels | Common selector labels | ||||||
| */}} | */}} | ||||||
| {{- define "athens-proxy.selectorLabels" -}} | {{- define "athens-proxy.selectorLabels" -}} | ||||||
| app.kubernetes.io/name: {{ include "athens-proxy.name" . }} | app.kubernetes.io/name: {{ include "athens-proxy.name" . }} | ||||||
							
								
								
									
										43
									
								
								templates/athens-proxy/_configMap.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										43
									
								
								templates/athens-proxy/_configMap.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,43 @@ | |||||||
|  | --- | ||||||
|  |  | ||||||
|  | {{/* annotations */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.configMap.downloadMode.annotations" -}} | ||||||
|  | {{ include "athens-proxy.annotations" . }} | ||||||
|  | {{- if .Values.config.downloadMode.configMap.annotations }} | ||||||
|  | {{ toYaml .Values.config.downloadMode.configMap.annotations }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.configMap.gitConfig.annotations" -}} | ||||||
|  | {{ include "athens-proxy.annotations" . }} | ||||||
|  | {{- if .Values.config.gitConfig.configMap.annotations }} | ||||||
|  | {{ toYaml .Values.config.gitConfig.configMap.annotations }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* labels */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.configMap.downloadMode.labels" -}} | ||||||
|  | {{ include "athens-proxy.labels" . }} | ||||||
|  | {{- if .Values.config.downloadMode.configMap.labels }} | ||||||
|  | {{ toYaml .Values.config.downloadMode.configMap.labels }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.configMap.gitConfig.labels" -}} | ||||||
|  | {{ include "athens-proxy.labels" . }} | ||||||
|  | {{- if .Values.config.gitConfig.configMap.labels }} | ||||||
|  | {{ toYaml .Values.config.gitConfig.configMap.labels }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* name */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.configMap.downloadMode.name" -}} | ||||||
|  | {{ include "athens-proxy.fullname" . }}-download-mode-file | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.configMap.gitConfig.name" -}} | ||||||
|  | {{ include "athens-proxy.fullname" . }}-gitconfig | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										243
									
								
								templates/athens-proxy/_deployment.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										243
									
								
								templates/athens-proxy/_deployment.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,243 @@ | |||||||
|  | {{/* vim: set filetype=mustache: */}} | ||||||
|  |  | ||||||
|  | {{/* annotations */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.deployment.annotations" -}} | ||||||
|  | {{ include "athens-proxy.annotations" . }} | ||||||
|  | {{- if .Values.deployment.annotations }} | ||||||
|  | {{ toYaml .Values.deployment.annotations }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* env */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.deployment.env" -}} | ||||||
|  | {{- $env := .Values.deployment.athensProxy.env | default (list) }} | ||||||
|  |  | ||||||
|  | {{- if and .Values.persistence.enabled }} | ||||||
|  | {{- $env = concat $env (list (dict "name" "ATHENS_STORAGE_TYPE" "value" "disk") (dict "name" "ATHENS_DISK_STORAGE_ROOT" "value" .Values.persistence.data.mountPath)) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- if .Values.config.downloadMode.enabled }} | ||||||
|  | {{- $env = concat $env (list (dict "name" "ATHENS_DOWNLOAD_MODE" "value" "file:/etc/athens/config/download-mode.d/download-mode")) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- if and (hasKey .Values.deployment.athensProxy.resources "limits") (hasKey .Values.deployment.athensProxy.resources.limits "cpu") }} | ||||||
|  | {{- $env = concat $env (list (dict "name" "GOMAXPROCS" "valueFrom" (dict "resourceFieldRef" (dict "divisor" "1" "resource" "limits.cpu")))) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{ toYaml (dict "env" $env) }} | ||||||
|  |  | ||||||
|  | {{- end -}} | ||||||
|  |  | ||||||
|  |  | ||||||
|  | {{/* envFrom */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.deployment.envFrom" -}} | ||||||
|  | {{- end -}} | ||||||
|  |  | ||||||
|  | {{/* image */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.deployment.images.athens-proxy.fqin" -}} | ||||||
|  | {{- $registry := .Values.deployment.athensProxy.image.registry -}} | ||||||
|  | {{- $repository := .Values.deployment.athensProxy.image.repository -}} | ||||||
|  | {{- $tag := default .Chart.AppVersion .Values.deployment.athensProxy.image.tag -}} | ||||||
|  | {{- printf "%s/%s:v%s" $registry $repository $tag -}} | ||||||
|  | {{- end -}} | ||||||
|  |  | ||||||
|  | {{/* labels */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.deployment.labels" -}} | ||||||
|  | {{ include "athens-proxy.labels" . }} | ||||||
|  | {{- if .Values.deployment.labels }} | ||||||
|  | {{ toYaml .Values.deployment.labels }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* serviceAccount */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.deployment.serviceAccount" -}} | ||||||
|  | {{- if .Values.serviceAccount.existing.enabled -}} | ||||||
|  | {{- printf "%s" .Values.serviceAccount.existing.serviceAccountName -}} | ||||||
|  | {{- else -}} | ||||||
|  | {{- include "athens-proxy.fullname" . -}} | ||||||
|  | {{- end -}} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* volumeMounts */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.deployment.volumeMounts" -}} | ||||||
|  | {{- $volumeMounts := .Values.deployment.athensProxy.volumeMounts | default (list) }} | ||||||
|  | {{- if .Values.persistence.enabled }} | ||||||
|  | {{- $volumeMounts = concat $volumeMounts (list (dict "name" "data" "mountPath" .Values.persistence.data.mountPath)) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* volumes (download mode) */}} | ||||||
|  | {{- if .Values.config.downloadMode.enabled }} | ||||||
|  | {{- $volumeMounts = concat $volumeMounts (list (dict "name" "download-mode" "mountPath" "/etc/athens/config/download-mode.d" )) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* volumeMount (git config) */}} | ||||||
|  | {{- if .Values.config.gitConfig.enabled }} | ||||||
|  | {{- $volumeMounts = concat $volumeMounts (list (dict "name" "secrets" "mountPath" "/root/.gitconfig" "subPath" ".gitconfig" )) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* volumeMount (netrc) */}} | ||||||
|  | {{- if .Values.config.netrc.enabled }} | ||||||
|  | {{- $volumeMounts = concat $volumeMounts (list (dict "name" "secrets" "mountPath" "/root/.netrc" "subPath" ".netrc" )) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* volumeMount (ssh) */}} | ||||||
|  | {{- if and .Values.config.ssh.enabled }} | ||||||
|  | {{- if or (and (not .Values.config.ssh.existingSecret.enabled) (gt (len .Values.config.ssh.secret.config) 0)) (and .Values.config.ssh.existingSecret.enabled (gt (len .Values.config.ssh.existingSecret.configKey) 0)) }} | ||||||
|  | {{- $volumeMounts = concat $volumeMounts (list (dict "name" "secrets" "mountPath" "/root/.ssh/config" "subPath" "config" )) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- if or (and (not .Values.config.ssh.existingSecret.enabled) (gt (len .Values.config.ssh.secret.id_ed25519) 0)) (and .Values.config.ssh.existingSecret.enabled (gt (len .Values.config.ssh.existingSecret.id_ed25519Key) 0)) }} | ||||||
|  | {{- $volumeMounts = concat $volumeMounts (list (dict "name" "secrets" "mountPath" "/root/.ssh/id_ed25519" "subPath" "id_ed25519" )) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- if or (and (not .Values.config.ssh.existingSecret.enabled) (gt (len .Values.config.ssh.secret.id_ed25519_pub) 0)) (and .Values.config.ssh.existingSecret.enabled (gt (len .Values.config.ssh.existingSecret.id_ed25519PubKey) 0)) }} | ||||||
|  | {{- $volumeMounts = concat $volumeMounts (list (dict "name" "secrets" "mountPath" "/root/.ssh/id_ed25519.pub" "subPath" "id_ed25519.pub" )) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- if or (and (not .Values.config.ssh.existingSecret.enabled) (gt (len .Values.config.ssh.secret.id_rsa) 0)) (and .Values.config.ssh.existingSecret.enabled (gt (len .Values.config.ssh.existingSecret.id_rsaKey) 0)) }} | ||||||
|  | {{- $volumeMounts = concat $volumeMounts (list (dict "name" "secrets" "mountPath" "/root/.ssh/id_rsa" "subPath" "id_rsa" )) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- if or (and (not .Values.config.ssh.existingSecret.enabled) (gt (len .Values.config.ssh.secret.id_rsa_pub) 0)) (and .Values.config.ssh.existingSecret.enabled (gt (len .Values.config.ssh.existingSecret.id_rsaPubKey) 0)) }} | ||||||
|  | {{- $volumeMounts = concat $volumeMounts (list (dict "name" "secrets" "mountPath" "/root/.ssh/id_rsa.pub" "subPath" "id_rsa.pub" )) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{ toYaml (dict "volumeMounts" $volumeMounts) }} | ||||||
|  | {{- end -}} | ||||||
|  |  | ||||||
|  | {{/* volumes */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.deployment.volumes" -}} | ||||||
|  | {{- $volumes := .Values.deployment.athensProxy.volumes | default (list) }} | ||||||
|  |  | ||||||
|  |  | ||||||
|  | {{/* volumes (data) */}} | ||||||
|  | {{- if .Values.persistence.enabled }} | ||||||
|  | {{- $claimName := include "athens-proxy.persistentVolumeClaim.data.name" $ }} | ||||||
|  | {{- if .Values.persistence.data.existingPersistentVolumeClaim.enabled }} | ||||||
|  | {{- $claimName = .Values.persistence.data.existingPersistentVolumeClaim.persistentVolumeClaimName }} | ||||||
|  | {{- end }} | ||||||
|  | {{- $volumes = concat $volumes (list (dict "name" "data" "persistentVolumeClaim" (dict "claimName" $claimName))) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  |  | ||||||
|  | {{/* volumes (download mode) */}} | ||||||
|  | {{- if .Values.config.downloadMode.enabled }} | ||||||
|  | {{- $itemList := list (dict "key" "downloadMode" "path" "download-mode" "mode" 0644) }} | ||||||
|  | {{- $configMapName := include "athens-proxy.configMap.downloadMode.name" $ }} | ||||||
|  | {{- if and .Values.config.downloadMode.existingConfigMap.enabled (gt (len .Values.config.downloadMode.existingConfigMap.configMapName) 0) }} | ||||||
|  | {{- $itemList = list (dict "key" .Values.config.downloadMode.existingConfigMap.downloadModeKey "path" "download-mode" "mode" 0644) }} | ||||||
|  | {{- $configMapName = .Values.config.downloadMode.existingConfigMap.configMapName }} | ||||||
|  | {{- end }} | ||||||
|  | {{- $volumes = concat $volumes (list (dict "name" "download-mode" "configMap" (dict "name" $configMapName "items" $itemList))) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  |  | ||||||
|  | {{/* volumes (git config) */}} | ||||||
|  | {{- $projectedSecretSources := list -}} | ||||||
|  |  | ||||||
|  | {{- if .Values.config.gitConfig.enabled }} | ||||||
|  | {{- $itemList := list (dict "key" ".gitconfig" "path" ".gitconfig" "mode" 0644) }} | ||||||
|  | {{- $configMapName := include "athens-proxy.configMap.gitConfig.name" . }} | ||||||
|  | {{- if .Values.config.gitConfig.existingConfigMap.enabled }} | ||||||
|  | {{- $itemList = list (dict "key" .Values.config.gitConfig.existingConfigMap.gitConfigKey "path" ".gitconfig" "mode" 0644) }} | ||||||
|  | {{- $configMapName = .Values.config.gitConfig.existingConfigMap.configMapName }} | ||||||
|  | {{- end }} | ||||||
|  | {{- $projectedSecretSources = concat $projectedSecretSources (list (dict "configMap" (dict "name" $configMapName "items" $itemList))) }} | ||||||
|  |  | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* volumes (netrc) */}} | ||||||
|  |  | ||||||
|  | {{- if .Values.config.netrc.enabled }} | ||||||
|  | {{- $itemList := list (dict "key" ".netrc" "path" ".netrc" "mode" 0600) }} | ||||||
|  | {{- $secretName := include "athens-proxy.secrets.netrc.name" . }} | ||||||
|  | {{- if .Values.config.netrc.existingSecret.enabled }} | ||||||
|  | {{- $itemList = list (dict "key" .Values.config.netrc.existingSecret.netrcKey "path" ".netrc" "mode" 0600) }} | ||||||
|  | {{- $secretName = .Values.config.netrc.existingSecret.secretName }} | ||||||
|  | {{- end }} | ||||||
|  | {{- $projectedSecretSources = concat $projectedSecretSources (list (dict "secret" (dict "name" $secretName "items" $itemList))) }} | ||||||
|  |  | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* volumes (ssh) */}} | ||||||
|  | {{- if .Values.config.ssh.enabled }} | ||||||
|  |  | ||||||
|  | {{- $itemList := list -}} | ||||||
|  | {{- $secretName := include "athens-proxy.secrets.ssh.name" . }} | ||||||
|  |  | ||||||
|  | {{- if and .Values.config.ssh.existingSecret.enabled .Values.config.ssh.existingSecret.secretName }} | ||||||
|  | {{- $secretName = .Values.config.ssh.existingSecret.secretName }} | ||||||
|  |  | ||||||
|  | {{- if gt (len .Values.config.ssh.existingSecret.configKey) 0 }} | ||||||
|  | {{- $configItem := dict "key" .Values.config.ssh.existingSecret.configKey "path" "config" "mode" 0600 }} | ||||||
|  | {{- $itemList = concat $itemList (list $configItem) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- if gt (len .Values.config.ssh.existingSecret.id_ed25519Key) 0 }} | ||||||
|  | {{- $idED25519Item := dict "key" .Values.config.ssh.existingSecret.id_ed25519Key "path" "id_ed25519" "mode" 0600 }} | ||||||
|  | {{- $itemList = concat $itemList (list $idED25519Item) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- if gt (len .Values.config.ssh.existingSecret.id_ed25519PubKey) 0 }} | ||||||
|  | {{- $idED25519PubItem := dict "key" .Values.config.ssh.existingSecret.id_ed25519PubKey "path" "id_ed25519.pub" "mode" 0644 }} | ||||||
|  | {{- $itemList = concat $itemList (list $idED25519PubItem) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- if gt (len .Values.config.ssh.existingSecret.id_rsaKey) 0 }} | ||||||
|  | {{- $idRSAItem := dict "key" .Values.config.ssh.existingSecret.id_rsaKey "path" "id_rsa" "mode" 0600 }} | ||||||
|  | {{- $itemList = concat $itemList (list $idRSAItem) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- if gt (len .Values.config.ssh.existingSecret.id_rsaPubKey) 0 }} | ||||||
|  | {{- $idRSAPubItem := dict "key" .Values.config.ssh.existingSecret.id_rsaPubKey "path" "id_rsa.pub" "mode" 0644 }} | ||||||
|  | {{- $itemList = concat $itemList (list $idRSAPubItem) }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- if not .Values.config.ssh.existingSecret.enabled }} | ||||||
|  | {{- if gt (len .Values.config.ssh.secret.config) 0 }} | ||||||
|  | {{- $configItem := dict "key" "config" "path" "config" "mode" 0600 }} | ||||||
|  | {{- $itemList = concat $itemList (list $configItem) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- if gt (len .Values.config.ssh.secret.id_ed25519) 0 }} | ||||||
|  | {{- $idED25519Item := dict "key" "id_ed25519" "path" "id_ed25519" "mode" 0600 }} | ||||||
|  | {{- $itemList = concat $itemList (list $idED25519Item) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- if gt (len .Values.config.ssh.secret.id_ed25519_pub) 0 }} | ||||||
|  | {{- $idED25519PubItem := dict "key" "id_ed25519.pub" "path" "id_ed25519.pub" "mode" 0644 }} | ||||||
|  | {{- $itemList = concat $itemList (list $idED25519PubItem) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- if gt (len .Values.config.ssh.secret.id_rsa) 0 }} | ||||||
|  | {{- $idRSAItem := dict "key" "id_rsa" "path" "id_rsa" "mode" 0600 }} | ||||||
|  | {{- $itemList = concat $itemList (list $idRSAItem) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- if gt (len .Values.config.ssh.secret.id_rsa_pub) 0 }} | ||||||
|  | {{- $idRSAPubItem := dict "key" "id_rsa.pub" "path" "id_rsa.pub" "mode" 0644 }} | ||||||
|  | {{- $itemList = concat $itemList (list $idRSAPubItem) }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- $projectedSecretSources = concat $projectedSecretSources (list (dict "secret" (dict "name" $secretName "items" $itemList))) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- if gt (len $projectedSecretSources) 0 }} | ||||||
|  | {{- $projectedSecretVolume := dict "name" "secrets" "projected" (dict "sources" $projectedSecretSources) }} | ||||||
|  | {{- $volumes = concat $volumes (list $projectedSecretVolume) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{ toYaml (dict "volumes" $volumes) }} | ||||||
|  | {{- end -}} | ||||||
							
								
								
									
										19
									
								
								templates/athens-proxy/_hpa.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										19
									
								
								templates/athens-proxy/_hpa.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,19 @@ | |||||||
|  | --- | ||||||
|  |  | ||||||
|  | {{/* annotations */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.hpa.annotations" -}} | ||||||
|  | {{ include "athens-proxy.annotations" . }} | ||||||
|  | {{- if .Values.hpa.annotations }} | ||||||
|  | {{ toYaml .Values.hpa.annotations }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* labels */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.hpa.labels" -}} | ||||||
|  | {{ include "athens-proxy.labels" . }} | ||||||
|  | {{- if .Values.hpa.labels }} | ||||||
|  | {{ toYaml .Values.hpa.labels }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										19
									
								
								templates/athens-proxy/_ingress.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										19
									
								
								templates/athens-proxy/_ingress.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,19 @@ | |||||||
|  | {{/* vim: set filetype=mustache: */}} | ||||||
|  |  | ||||||
|  | {{/* annotations */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.ingress.annotations" -}} | ||||||
|  | {{ include "athens-proxy.annotations" . }} | ||||||
|  | {{- if .Values.ingress.annotations }} | ||||||
|  | {{ toYaml .Values.ingress.annotations }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* labels */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.ingress.labels" -}} | ||||||
|  | {{ include "athens-proxy.labels" . }} | ||||||
|  | {{- if .Values.ingress.labels }} | ||||||
|  | {{ toYaml .Values.ingress.labels }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										19
									
								
								templates/athens-proxy/_networkPolicies.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										19
									
								
								templates/athens-proxy/_networkPolicies.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,19 @@ | |||||||
|  | {{/* vim: set filetype=mustache: */}} | ||||||
|  |  | ||||||
|  | {{/* annotations */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.networkPolicies.annotations" -}} | ||||||
|  | {{ include "athens-proxy.annotations" .context }} | ||||||
|  | {{- if .networkPolicy.annotations }} | ||||||
|  | {{ toYaml .networkPolicy.annotations }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* labels */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.networkPolicies.labels" -}} | ||||||
|  | {{ include "athens-proxy.labels" .context }} | ||||||
|  | {{- if .networkPolicy.labels }} | ||||||
|  | {{ toYaml .networkPolicy.labels }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										25
									
								
								templates/athens-proxy/_persistentVolumeClaim.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										25
									
								
								templates/athens-proxy/_persistentVolumeClaim.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,25 @@ | |||||||
|  | {{/* vim: set filetype=mustache: */}} | ||||||
|  |  | ||||||
|  | {{/* annotations */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.persistentVolumeClaim.data.annotations" -}} | ||||||
|  | {{ include "athens-proxy.annotations" . }} | ||||||
|  | {{- if .Values.persistence.data.persistentVolumeClaim.annotations }} | ||||||
|  | {{ toYaml .Values.persistence.data.persistentVolumeClaim.annotations}} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* labels */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.persistentVolumeClaim.data.labels" -}} | ||||||
|  | {{ include "athens-proxy.labels" . }} | ||||||
|  | {{- if .Values.persistence.data.persistentVolumeClaim.labels }} | ||||||
|  | {{ toYaml .Values.persistence.data.persistentVolumeClaim.labels}} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* name */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.persistentVolumeClaim.data.name" -}} | ||||||
|  | {{ include "athens-proxy.fullname" . }}-data | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										17
									
								
								templates/athens-proxy/_pod.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										17
									
								
								templates/athens-proxy/_pod.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,17 @@ | |||||||
|  | --- | ||||||
|  |  | ||||||
|  | {{/* annotations */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.pod.annotations" -}} | ||||||
|  | {{ include "athens-proxy.annotations" . }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* labels */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.pod.labels" -}} | ||||||
|  | {{ include "athens-proxy.labels" . }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.pod.selectorLabels" -}} | ||||||
|  | {{ include "athens-proxy.selectorLabels" . }} | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										61
									
								
								templates/athens-proxy/_secrets.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										61
									
								
								templates/athens-proxy/_secrets.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,61 @@ | |||||||
|  | {{/* vim: set filetype=mustache: */}} | ||||||
|  |  | ||||||
|  | {{/* annotations */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.secrets.env.annotations" -}} | ||||||
|  | {{ include "athens-proxy.annotations" . }} | ||||||
|  | {{- if .Values.config.env.secret.annotations }} | ||||||
|  | {{ toYaml .Values.config.env.secret.annotations }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.secrets.netrc.annotations" -}} | ||||||
|  | {{ include "athens-proxy.annotations" . }} | ||||||
|  | {{- if .Values.config.netrc.secret.annotations }} | ||||||
|  | {{ toYaml .Values.config.netrc.secret.annotations }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.secrets.ssh.annotations" -}} | ||||||
|  | {{ include "athens-proxy.annotations" . }} | ||||||
|  | {{- if .Values.config.ssh.secret.annotations }} | ||||||
|  | {{ toYaml .Values.config.ssh.secret.annotations }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* labels */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.secrets.env.labels" -}} | ||||||
|  | {{ include "athens-proxy.labels" . }} | ||||||
|  | {{- if .Values.config.env.secret.labels }} | ||||||
|  | {{ toYaml .Values.config.env.secret.labels }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.secrets.netrc.labels" -}} | ||||||
|  | {{ include "athens-proxy.labels" . }} | ||||||
|  | {{- if .Values.config.netrc.secret.labels }} | ||||||
|  | {{ toYaml .Values.config.netrc.secret.labels }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.secrets.ssh.labels" -}} | ||||||
|  | {{ include "athens-proxy.labels" . }} | ||||||
|  | {{- if .Values.config.ssh.secret.labels }} | ||||||
|  | {{ toYaml .Values.config.ssh.secret.labels }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* name */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.secrets.env.name" -}} | ||||||
|  | {{ include "athens-proxy.fullname" . }}-env | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.secrets.netrc.name" -}} | ||||||
|  | {{ include "athens-proxy.fullname" . }}-netrc | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.secrets.ssh.name" -}} | ||||||
|  | {{ include "athens-proxy.fullname" . }}-ssh | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										17
									
								
								templates/athens-proxy/_serviceAccount.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										17
									
								
								templates/athens-proxy/_serviceAccount.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,17 @@ | |||||||
|  | {{/* vim: set filetype=mustache: */}} | ||||||
|  |  | ||||||
|  | {{/* annotations */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.serviceAccount.annotations" -}} | ||||||
|  | {{- if .Values.serviceAccount.new.annotations }} | ||||||
|  | {{ toYaml .Values.serviceAccount.new.annotations }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* labels */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.serviceAccount.labels" -}} | ||||||
|  | {{- if .Values.serviceAccount.new.labels }} | ||||||
|  | {{ toYaml .Values.serviceAccount.new.labels }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										29
									
								
								templates/athens-proxy/_services.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										29
									
								
								templates/athens-proxy/_services.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,29 @@ | |||||||
|  | {{/* vim: set filetype=mustache: */}} | ||||||
|  |  | ||||||
|  | {{/* annotations */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.services.http.annotations" -}} | ||||||
|  | {{ include "athens-proxy.annotations" . }} | ||||||
|  | {{- if .Values.services.http.annotations }} | ||||||
|  | {{ toYaml .Values.services.http.annotations }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* labels */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.services.http.labels" -}} | ||||||
|  | {{ include "athens-proxy.labels" . }} | ||||||
|  | {{/* Add label to select the correct service via `selector.matchLabels` of the serviceMonitor resource. */}} | ||||||
|  | app.kubernetes.io/service-name: http | ||||||
|  | {{- if .Values.services.http.labels }} | ||||||
|  | {{ toYaml .Values.services.http.labels }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* names */}} | ||||||
|  |  | ||||||
|  | {{- define "athens-proxy.services.http.name" -}} | ||||||
|  | {{- if .Values.services.http.enabled -}} | ||||||
|  | {{ include "athens-proxy.fullname" . }}-http | ||||||
|  | {{- end -}} | ||||||
|  | {{- end -}} | ||||||
							
								
								
									
										19
									
								
								templates/athens-proxy/configMapDownloadMode.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										19
									
								
								templates/athens-proxy/configMapDownloadMode.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,19 @@ | |||||||
|  | {{- if not .Values.config.downloadMode.existingConfigMap.enabled }} | ||||||
|  | --- | ||||||
|  | apiVersion: v1 | ||||||
|  | kind: ConfigMap | ||||||
|  | metadata: | ||||||
|  |   {{- with (include "athens-proxy.configMap.downloadMode.annotations" . | fromYaml) }} | ||||||
|  |   annotations: | ||||||
|  |     {{- tpl (toYaml .) $ | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- with (include "athens-proxy.configMap.downloadMode.labels" . | fromYaml) }} | ||||||
|  |   labels: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   name: {{ include "athens-proxy.configMap.downloadMode.name" . }} | ||||||
|  |   namespace: {{ .Release.Namespace }} | ||||||
|  | data: | ||||||
|  |   downloadMode: | | ||||||
|  |     {{- tpl .Values.config.downloadMode.configMap.content . | nindent 4 }} | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										19
									
								
								templates/athens-proxy/configMapGitConfig.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										19
									
								
								templates/athens-proxy/configMapGitConfig.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,19 @@ | |||||||
|  | {{- if not .Values.config.gitConfig.existingConfigMap.enabled }} | ||||||
|  | --- | ||||||
|  | apiVersion: v1 | ||||||
|  | kind: ConfigMap | ||||||
|  | metadata: | ||||||
|  |   {{- with (include "athens-proxy.configMap.gitConfig.annotations" . | fromYaml) }} | ||||||
|  |   annotations: | ||||||
|  |     {{- tpl (toYaml .) $ | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- with (include "athens-proxy.configMap.gitConfig.labels" . | fromYaml) }} | ||||||
|  |   labels: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   name: {{ include "athens-proxy.fullname" . }}-git-config | ||||||
|  |   namespace: {{ .Release.Namespace }} | ||||||
|  | data: | ||||||
|  |   .gitconfig: | | ||||||
|  |     {{- tpl .Values.config.gitConfig.configMap.content . | nindent 4 }} | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										135
									
								
								templates/athens-proxy/deployment.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										135
									
								
								templates/athens-proxy/deployment.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,135 @@ | |||||||
|  | apiVersion: apps/v1 | ||||||
|  | kind: Deployment | ||||||
|  | metadata: | ||||||
|  |   {{- with (include "athens-proxy.deployment.annotations" . | fromYaml) }} | ||||||
|  |   annotations: | ||||||
|  |     {{- tpl (toYaml .) $ | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- with (include "athens-proxy.deployment.labels" . | fromYaml) }} | ||||||
|  |   labels: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   name: {{ include "athens-proxy.fullname" . }} | ||||||
|  |   namespace: {{ .Release.Namespace }} | ||||||
|  | spec: | ||||||
|  |   replicas: {{ .Values.deployment.replicas }} | ||||||
|  |   selector: | ||||||
|  |     matchLabels: | ||||||
|  |       {{- include "athens-proxy.pod.selectorLabels" . | nindent 6 }} | ||||||
|  |   template: | ||||||
|  |     metadata: | ||||||
|  |       annotations: | ||||||
|  |         {{- include "athens-proxy.pod.annotations" . | nindent 8 }} | ||||||
|  |       labels: | ||||||
|  |         {{- include "athens-proxy.pod.labels" . | nindent 8 }} | ||||||
|  |     spec: | ||||||
|  |       {{- with .Values.deployment.affinity }} | ||||||
|  |       affinity: | ||||||
|  |         {{- toYaml . | nindent 8 }} | ||||||
|  |       {{- end }} | ||||||
|  |       containers: | ||||||
|  |       - name: athens-proxy | ||||||
|  |         {{- with .Values.deployment.athensProxy.args }} | ||||||
|  |         args: | ||||||
|  |         {{- toYaml . | nindent 8 }} | ||||||
|  |         {{- end }} | ||||||
|  |         {{- with .Values.deployment.athensProxy.command }} | ||||||
|  |         command: | ||||||
|  |         {{- toYaml . | nindent 8 }} | ||||||
|  |         {{- end }} | ||||||
|  |         {{- $env := (include "athens-proxy.deployment.env" . | fromYaml) }} | ||||||
|  |         {{- if and (hasKey $env "env") (gt (len $env.env) 0) }} | ||||||
|  |         env: | ||||||
|  |         {{- toYaml $env.env | nindent 8 }} | ||||||
|  |         {{- end }} | ||||||
|  |         {{- $envFrom := (include "athens-proxy.deployment.envFrom" . | fromYaml) }} | ||||||
|  |         {{- if and (hasKey $envFrom "envFrom") (gt (len $envFrom.envFrom) 0) }} | ||||||
|  |         envFrom: | ||||||
|  |         {{- toYaml $envFrom.envFrom | nindent 8 }} | ||||||
|  |         {{- end }} | ||||||
|  |         image: {{ include "athens-proxy.deployment.images.athens-proxy.fqin" . | quote }} | ||||||
|  |         imagePullPolicy: {{ .Values.deployment.athensProxy.image.pullPolicy }} | ||||||
|  |         livenessProbe: | ||||||
|  |           tcpSocket: | ||||||
|  |             port: http | ||||||
|  |           failureThreshold: 3 | ||||||
|  |           initialDelaySeconds: 5 | ||||||
|  |           periodSeconds: 60 | ||||||
|  |           successThreshold: 1 | ||||||
|  |           timeoutSeconds: 3 | ||||||
|  |         readinessProbe: | ||||||
|  |           tcpSocket: | ||||||
|  |             port: http | ||||||
|  |           failureThreshold: 3 | ||||||
|  |           initialDelaySeconds: 5 | ||||||
|  |           periodSeconds: 15 | ||||||
|  |           successThreshold: 1 | ||||||
|  |           timeoutSeconds: 3 | ||||||
|  |         ports: | ||||||
|  |         - name: http | ||||||
|  |           containerPort: 3000 | ||||||
|  |           protocol: TCP | ||||||
|  |         {{- with .Values.deployment.athensProxy.resources }} | ||||||
|  |         resources: | ||||||
|  |           {{- toYaml . | nindent 10 }} | ||||||
|  |         {{- end }} | ||||||
|  |         {{- with .Values.deployment.athensProxy.securityContext }} | ||||||
|  |         securityContext: | ||||||
|  |           {{- toYaml . | nindent 10 }} | ||||||
|  |         {{- end }} | ||||||
|  |         {{- $volumeMounts := (include "athens-proxy.deployment.volumeMounts" . | fromYaml) }} | ||||||
|  |         {{- if and (hasKey $volumeMounts "volumeMounts") (gt (len $volumeMounts.volumeMounts) 0) }} | ||||||
|  |         volumeMounts: | ||||||
|  |         {{- toYaml $volumeMounts.volumeMounts | nindent 8 }} | ||||||
|  |         {{- end }} | ||||||
|  |       {{- with .Values.deployment.dnsConfig }} | ||||||
|  |       dnsConfig: | ||||||
|  |         {{- toYaml . | nindent 8 }} | ||||||
|  |       {{- end }} | ||||||
|  |       {{- if .Values.deployment.dnsPolicy }} | ||||||
|  |       dnsPolicy: {{ .Values.deployment.dnsPolicy }} | ||||||
|  |       {{- end }} | ||||||
|  |       {{- if .Values.deployment.hostname }} | ||||||
|  |       hostname: {{ .Values.deployment.hostname }} | ||||||
|  |       {{- end }} | ||||||
|  |       hostNetwork: {{ .Values.deployment.hostNetwork }} | ||||||
|  |       {{- with .Values.deployment.imagePullSecrets }} | ||||||
|  |       imagePullSecrets: | ||||||
|  |         {{- toYaml . | nindent 8 }} | ||||||
|  |       {{- end }} | ||||||
|  |       {{- with .Values.deployment.nodeSelector }} | ||||||
|  |       nodeSelector: | ||||||
|  |         {{- toYaml . | nindent 8 }} | ||||||
|  |       {{- end }} | ||||||
|  |       {{- if .Values.deployment.priorityClassName }} | ||||||
|  |       priorityClassName: {{ .Values.deployment.priorityClassName }} | ||||||
|  |       {{- end }} | ||||||
|  |       {{- if .Values.deployment.restartPolicy }} | ||||||
|  |       restartPolicy: {{ .Values.deployment.restartPolicy }} | ||||||
|  |       {{- end }} | ||||||
|  |       {{- with .Values.deployment.securityContext }} | ||||||
|  |       securityContext: | ||||||
|  |         {{- toYaml . | nindent 8 }} | ||||||
|  |       {{- end }} | ||||||
|  |       serviceAccount: {{ include "athens-proxy.deployment.serviceAccount" . }} | ||||||
|  |       {{- if .Values.deployment.subdomain }} | ||||||
|  |       subdomain: {{ .Values.deployment.subdomain }} | ||||||
|  |       {{- end }} | ||||||
|  |       terminationGracePeriodSeconds: {{ .Values.deployment.terminationGracePeriodSeconds }} | ||||||
|  |       {{- with .Values.deployment.tolerations }} | ||||||
|  |       tolerations: | ||||||
|  |       {{- toYaml . | nindent 6 }} | ||||||
|  |       {{- end }} | ||||||
|  |       {{- with .Values.deployment.topologySpreadConstraints }} | ||||||
|  |       topologySpreadConstraints: | ||||||
|  |       {{- toYaml . | nindent 6 }} | ||||||
|  |       {{- end }} | ||||||
|  |       {{- $volumes := (include "athens-proxy.deployment.volumes" . | fromYaml) }} | ||||||
|  |       {{- if and (hasKey $volumes "volumes") (gt (len $volumes.volumes) 0) }} | ||||||
|  |       volumes: | ||||||
|  |       {{- toYaml $volumes.volumes | nindent 6 }} | ||||||
|  |       {{- end }} | ||||||
|  |   {{- with .Values.deployment.strategy }} | ||||||
|  |   strategy: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
							
								
								
									
										25
									
								
								templates/athens-proxy/hpa.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										25
									
								
								templates/athens-proxy/hpa.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,25 @@ | |||||||
|  | {{- if .Values.hpa.enabled -}} | ||||||
|  | --- | ||||||
|  | apiVersion: autoscaling/v2 | ||||||
|  | kind: HorizontalPodAutoscaler | ||||||
|  | metadata: | ||||||
|  |   {{- with (include "athens-proxy.hpa.annotations" . | fromYaml) }} | ||||||
|  |   annotations: | ||||||
|  |     {{- tpl (toYaml .) $ | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- with (include "athens-proxy.hpa.labels" . | fromYaml) }} | ||||||
|  |   labels: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   name: {{ include "athens-proxy.fullname" . }} | ||||||
|  |   namespace: {{ .Release.Namespace }} | ||||||
|  | spec: | ||||||
|  |   metrics: | ||||||
|  |   {{- toYaml .Values.hpa.metrics | nindent 2 }} | ||||||
|  |   maxReplicas: {{ .Values.hpa.maxReplicas }} | ||||||
|  |   minReplicas: {{ .Values.hpa.minReplicas }} | ||||||
|  |   scaleTargetRef: | ||||||
|  |     apiVersion: apps/v1 | ||||||
|  |     kind: Deployment | ||||||
|  |     name: {{ include "athens-proxy.fullname" . }} | ||||||
|  | {{- end -}} | ||||||
							
								
								
									
										45
									
								
								templates/athens-proxy/ingress.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										45
									
								
								templates/athens-proxy/ingress.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,45 @@ | |||||||
|  | {{- if and .Values.services.http.enabled .Values.ingress.enabled }} | ||||||
|  | --- | ||||||
|  | apiVersion: networking.k8s.io/v1 | ||||||
|  | kind: Ingress | ||||||
|  | metadata: | ||||||
|  |   {{- with (include "athens-proxy.ingress.annotations" . | fromYaml) }} | ||||||
|  |   annotations: | ||||||
|  |     {{- tpl (toYaml .) $ | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- with (include "athens-proxy.ingress.labels" . | fromYaml) }} | ||||||
|  |   labels: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   name: {{ include "athens-proxy.fullname" . }} | ||||||
|  |   namespace: {{ .Release.Namespace }} | ||||||
|  | spec: | ||||||
|  |   ingressClassName: {{ .Values.ingress.className }} | ||||||
|  |   rules: | ||||||
|  |   {{- range .Values.ingress.hosts }} | ||||||
|  |   - host: {{ tpl .host $ | quote }} | ||||||
|  |     http: | ||||||
|  |       paths: | ||||||
|  |       {{- range .paths }} | ||||||
|  |       - path: {{ .path }} | ||||||
|  |         {{- if .pathType }} | ||||||
|  |         pathType: {{ .pathType }} | ||||||
|  |         {{- end }} | ||||||
|  |         backend: | ||||||
|  |           service: | ||||||
|  |             name: {{ include "athens-proxy.services.http.name" $ }} | ||||||
|  |             port: | ||||||
|  |               number: {{ $.Values.services.http.port }} | ||||||
|  |       {{- end }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- if .Values.ingress.tls }} | ||||||
|  |   tls: | ||||||
|  |   {{- range .Values.ingress.tls }} | ||||||
|  |   - hosts: | ||||||
|  |     {{- range .hosts }} | ||||||
|  |     - {{ tpl . $ | quote }} | ||||||
|  |     {{- end }} | ||||||
|  |     secretName: {{ .secretName | quote }} | ||||||
|  |   {{- end }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										36
									
								
								templates/athens-proxy/networkPolicies.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										36
									
								
								templates/athens-proxy/networkPolicies.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,36 @@ | |||||||
|  | {{- if .Values.networkPolicies.enabled }} | ||||||
|  | {{- range $key, $value := .Values.networkPolicies -}} | ||||||
|  | {{- if and (not (eq $key "enabled")) $value.enabled }} | ||||||
|  | --- | ||||||
|  | apiVersion: networking.k8s.io/v1 | ||||||
|  | kind: NetworkPolicy | ||||||
|  | metadata: | ||||||
|  |   {{- with (include "athens-proxy.networkPolicies.annotations" (dict "networkPolicy" $value "context" $) | fromYaml) }} | ||||||
|  |   annotations: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- with (include "athens-proxy.networkPolicies.labels" (dict "networkPolicy" $value "context" $) | fromYaml) }} | ||||||
|  |   labels: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   name: {{ printf "%s-%s" (include "athens-proxy.fullname" $ ) $key }} | ||||||
|  |   namespace: {{ $.Release.Namespace }} | ||||||
|  | spec: | ||||||
|  |   podSelector: | ||||||
|  |     matchLabels: | ||||||
|  |       {{- include "athens-proxy.pod.selectorLabels" $ | nindent 6 }} | ||||||
|  |   {{- with $value.policyTypes }} | ||||||
|  |   policyTypes: | ||||||
|  |   {{- toYaml . | nindent 2 }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- with $value.egress }} | ||||||
|  |   egress: | ||||||
|  |   {{- toYaml . | nindent 2 }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- with $value.ingress }} | ||||||
|  |   ingress: | ||||||
|  |   {{- toYaml . | nindent 2 }} | ||||||
|  |   {{- end }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										26
									
								
								templates/athens-proxy/persistentVolumeClaim.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										26
									
								
								templates/athens-proxy/persistentVolumeClaim.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,26 @@ | |||||||
|  | {{- if and .Values.persistence.enabled (not .Values.persistence.data.existingPersistentVolumeClaim.enabled) }} | ||||||
|  | apiVersion: v1 | ||||||
|  | kind: PersistentVolumeClaim | ||||||
|  | metadata: | ||||||
|  |   {{- with (include "athens-proxy.persistentVolumeClaim.data.annotations" . | fromYaml) }} | ||||||
|  |   annotations: | ||||||
|  |     {{- tpl (toYaml .) $ | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- with (include "athens-proxy.persistentVolumeClaim.data.labels" . | fromYaml) }} | ||||||
|  |   labels: | ||||||
|  |     {{- tpl (toYaml .) $ | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   name: {{ include "athens-proxy.persistentVolumeClaim.data.name" . }} | ||||||
|  |   namespace: {{ $.Release.Namespace }} | ||||||
|  | spec: | ||||||
|  |   {{- with .Values.persistence.data.persistentVolumeClaim.accessModes }} | ||||||
|  |   accessModes: | ||||||
|  |     {{ toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   resources: | ||||||
|  |     requests: | ||||||
|  |       storage: {{ .Values.persistence.data.persistentVolumeClaim.storageSize }} | ||||||
|  |   {{- if .Values.persistence.data.persistentVolumeClaim.storageClassName }} | ||||||
|  |   storageClassName: {{ .Values.persistence.data.persistentVolumeClaim.storageClassName }} | ||||||
|  |   {{- end }} | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										20
									
								
								templates/athens-proxy/secretEnv.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										20
									
								
								templates/athens-proxy/secretEnv.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,20 @@ | |||||||
|  | {{- if not .Values.config.env.existingSecret.enabled }} | ||||||
|  | --- | ||||||
|  | apiVersion: v1 | ||||||
|  | kind: Secret | ||||||
|  | metadata: | ||||||
|  |   {{- with (include "athens-proxy.secrets.env.annotations" . | fromYaml) }} | ||||||
|  |   annotations: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- with (include "athens-proxy.secrets.env.labels" . | fromYaml) }} | ||||||
|  |   labels: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   name: {{ include "athens-proxy.secrets.env.name" . }} | ||||||
|  |   namespace: {{ .Release.Namespace }} | ||||||
|  | stringData: | ||||||
|  |   {{- range $key, $value := .Values.config.env.secret.envs }} | ||||||
|  |   {{ upper $key }}: {{ quote $value }} | ||||||
|  |   {{- end }} | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										19
									
								
								templates/athens-proxy/secretNetRC.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										19
									
								
								templates/athens-proxy/secretNetRC.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,19 @@ | |||||||
|  | {{- if and .Values.config.netrc.enabled (not .Values.config.netrc.existingSecret.enabled) }} | ||||||
|  | --- | ||||||
|  | apiVersion: v1 | ||||||
|  | kind: Secret | ||||||
|  | metadata: | ||||||
|  |   {{- with (include "athens-proxy.secrets.netrc.annotations" . | fromYaml) }} | ||||||
|  |   annotations: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- with (include "athens-proxy.secrets.netrc.labels" . | fromYaml) }} | ||||||
|  |   labels: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   name: {{ include "athens-proxy.secrets.netrc.name" . }} | ||||||
|  |   namespace: {{ .Release.Namespace }} | ||||||
|  | stringData: | ||||||
|  |   .netrc: | | ||||||
|  |     {{- tpl .Values.config.netrc.secret.content . | nindent 4 }} | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										35
									
								
								templates/athens-proxy/secretSSH.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										35
									
								
								templates/athens-proxy/secretSSH.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,35 @@ | |||||||
|  | {{- if not .Values.config.ssh.existingSecret.enabled }} | ||||||
|  | --- | ||||||
|  | apiVersion: v1 | ||||||
|  | kind: Secret | ||||||
|  | metadata: | ||||||
|  |   {{- with (include "athens-proxy.secrets.ssh.annotations" . | fromYaml) }} | ||||||
|  |   annotations: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- with (include "athens-proxy.secrets.ssh.labels" . | fromYaml) }} | ||||||
|  |   labels: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   name: {{ include "athens-proxy.secrets.ssh.name" . }} | ||||||
|  |   namespace: {{ .Release.Namespace }} | ||||||
|  | stringData: | ||||||
|  |   config: | | ||||||
|  |     {{- tpl $.Values.config.ssh.secret.config $ | nindent 4 }} | ||||||
|  |   {{- if .Values.config.ssh.secret.id_ed25519 }} | ||||||
|  |   id_ed25519: | | ||||||
|  |     {{- .Values.config.ssh.secret.id_ed25519 | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- if .Values.config.ssh.secret.id_ed25519_pub }} | ||||||
|  |   id_ed25519.pub: | | ||||||
|  |     {{- .Values.config.ssh.secret.id_ed25519_pub | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- if .Values.config.ssh.secret.id_rsa }} | ||||||
|  |   id_rsa: | | ||||||
|  |     {{- .Values.config.ssh.secret.id_rsa | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- if .Values.config.ssh.secret.id_rsa_pub }} | ||||||
|  |   id_rsa.pub: | | ||||||
|  |     {{- .Values.config.ssh.secret.id_rsa_pub | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										25
									
								
								templates/athens-proxy/serviceAccount.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										25
									
								
								templates/athens-proxy/serviceAccount.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,25 @@ | |||||||
|  | {{- if not .Values.serviceAccount.existing.enabled }} | ||||||
|  | --- | ||||||
|  | apiVersion: v1 | ||||||
|  | kind: ServiceAccount | ||||||
|  | metadata: | ||||||
|  |   {{- with (include "athens-proxy.serviceAccount.annotations" . | fromYaml) }} | ||||||
|  |   annotations: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- with (include "athens-proxy.serviceAccount.labels" . | fromYaml) }} | ||||||
|  |   labels: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   name: {{ include "athens-proxy.fullname" . }} | ||||||
|  |   namespace: {{ .Release.Namespace }} | ||||||
|  | automountServiceAccountToken: {{ .Values.serviceAccount.new.automountServiceAccountToken }} | ||||||
|  | {{- with .Values.serviceAccount.new.imagePullSecrets }} | ||||||
|  | imagePullSecrets: | ||||||
|  |   {{- toYaml . | nindent 4 }} | ||||||
|  | {{- end }} | ||||||
|  | {{- with .Values.serviceAccount.new.secrets }} | ||||||
|  | secrets: | ||||||
|  |   {{- toYaml . | nindent 4 }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										57
									
								
								templates/athens-proxy/serviceHTTP.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										57
									
								
								templates/athens-proxy/serviceHTTP.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,57 @@ | |||||||
|  | {{- if .Values.services.http.enabled }} | ||||||
|  | --- | ||||||
|  | apiVersion: v1 | ||||||
|  | kind: Service | ||||||
|  | metadata: | ||||||
|  |   {{- with (include "athens-proxy.services.http.annotations" . | fromYaml) }} | ||||||
|  |   annotations: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- with (include "athens-proxy.services.http.labels" . | fromYaml) }} | ||||||
|  |   labels: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   name: {{ include "athens-proxy.services.http.name" . }} | ||||||
|  |   namespace: {{ .Release.Namespace }} | ||||||
|  | spec: | ||||||
|  |   {{- if not (empty .Values.services.http.externalIPs) }} | ||||||
|  |   externalIPs: | ||||||
|  |   {{- range .Values.services.http.externalIPs }} | ||||||
|  |   - {{ . }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- if and (or (eq .Values.services.http.type "LoadBalancer") (eq .Values.services.http.type "NodePort") ) .Values.services.http.externalTrafficPolicy }} | ||||||
|  |   externalTrafficPolicy: {{ .Values.services.http.externalTrafficPolicy }} | ||||||
|  |   {{- end }} | ||||||
|  |   internalTrafficPolicy: {{ required "No internal traffic policy defined!" .Values.services.http.internalTrafficPolicy }} | ||||||
|  |   {{- if .Values.services.http.ipFamilies }} | ||||||
|  |   ipFamilies: | ||||||
|  |   {{- range .Values.services.http.ipFamilies }} | ||||||
|  |   - {{ . }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- if and (eq .Values.services.http.type "LoadBalancer") .Values.services.http.loadBalancerClass }} | ||||||
|  |   loadBalancerClass: {{ .Values.services.http.loadBalancerClass }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- if and (eq .Values.services.http.type "LoadBalancer") .Values.services.http.loadBalancerIP }} | ||||||
|  |   loadBalancerIP: {{ .Values.services.http.loadBalancerIP }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- if eq .Values.services.http.type "LoadBalancer" }} | ||||||
|  |   loadBalancerSourceRanges: | ||||||
|  |   {{- range .Values.services.http.loadBalancerSourceRanges }} | ||||||
|  |   - {{ . }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- end }} | ||||||
|  |   ports: | ||||||
|  |   - name: http | ||||||
|  |     protocol: TCP | ||||||
|  |     port: {{ required "No service port defined!" .Values.services.http.port }} | ||||||
|  |   selector: | ||||||
|  |     {{- include "athens-proxy.pod.selectorLabels" . | nindent 4 }} | ||||||
|  |   sessionAffinity: {{ required "No session affinity defined!" .Values.services.http.sessionAffinity }} | ||||||
|  |   {{- with .Values.services.http.sessionAffinityConfig }} | ||||||
|  |   sessionAffinityConfig: | ||||||
|  |     {{- toYaml . | nindent 4}} | ||||||
|  |   {{- end }} | ||||||
|  |   type: {{ required "No service type defined!" .Values.services.http.type }} | ||||||
|  | {{- end }} | ||||||
| @@ -1,74 +0,0 @@ | |||||||
| apiVersion: apps/v1 |  | ||||||
| kind: Deployment |  | ||||||
| metadata: |  | ||||||
|   name: {{ include "athens-proxy.fullname" . }} |  | ||||||
|   labels: |  | ||||||
|     {{- include "athens-proxy.labels" . | nindent 4 }} |  | ||||||
| spec: |  | ||||||
|   selector: |  | ||||||
|     matchLabels: |  | ||||||
|       {{- include "athens-proxy.selectorLabels" . | nindent 6 }} |  | ||||||
|   template: |  | ||||||
|     metadata: |  | ||||||
|       {{- with .Values.podAnnotations }} |  | ||||||
|       annotations: |  | ||||||
|         {{- toYaml . | nindent 8 }} |  | ||||||
|       {{- end }} |  | ||||||
|       labels: |  | ||||||
|         {{- include "athens-proxy.selectorLabels" . | nindent 8 }} |  | ||||||
|     spec: |  | ||||||
|       containers: |  | ||||||
|         - name: {{ .Chart.Name }} |  | ||||||
|           envFrom: |  | ||||||
|           - secretRef: |  | ||||||
|               name: {{ include "athens-proxy.fullname" . }} |  | ||||||
|           securityContext: |  | ||||||
|             {{- toYaml .Values.securityContext | nindent 12 }} |  | ||||||
|           image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" |  | ||||||
|           imagePullPolicy: {{ .Values.image.pullPolicy }} |  | ||||||
|           livenessProbe: |  | ||||||
|             httpGet: |  | ||||||
|               scheme: HTTP |  | ||||||
|               path: /healthz |  | ||||||
|               port: http |  | ||||||
|           ports: |  | ||||||
|           - name: http |  | ||||||
|             containerPort: {{ .Values.config.ATHENS_PORT | default 3000 }} |  | ||||||
|             protocol: TCP |  | ||||||
|           readinessProbe: |  | ||||||
|             httpGet: |  | ||||||
|               scheme: HTTP |  | ||||||
|               path: /healthz |  | ||||||
|               port: http |  | ||||||
|           resources: |  | ||||||
|             {{- toYaml .Values.resources | nindent 12 }} |  | ||||||
|           {{- with .Values.extraVolumeMounts }} |  | ||||||
|           volumeMounts: |  | ||||||
|             {{- toYaml . | nindent 10 }} |  | ||||||
|           {{- end }} |  | ||||||
|       {{- with .Values.affinity }} |  | ||||||
|       affinity: |  | ||||||
|         {{- toYaml . | nindent 8 }} |  | ||||||
|       {{- end }} |  | ||||||
|       {{- with .Values.imagePullSecrets }} |  | ||||||
|       imagePullSecrets: |  | ||||||
|         {{- toYaml . | nindent 8 }} |  | ||||||
|       {{- end }} |  | ||||||
|       {{- with .Values.nodeSelector }} |  | ||||||
|       nodeSelector: |  | ||||||
|         {{- toYaml . | nindent 8 }} |  | ||||||
|       {{- end }} |  | ||||||
|       {{- if .Values.podPriorityClassName }} |  | ||||||
|       priorityClassName: {{ .Values.podPriorityClassName }} |  | ||||||
|       {{- end }} |  | ||||||
|       securityContext: |  | ||||||
|         {{- toYaml .Values.podSecurityContext | nindent 8 }} |  | ||||||
|       serviceAccountName: {{ include "athens-proxy.fullname" . }} |  | ||||||
|       {{- with .Values.tolerations }} |  | ||||||
|       tolerations: |  | ||||||
|         {{- toYaml . | nindent 8 }} |  | ||||||
|       {{- end }} |  | ||||||
|       {{- with .Values.extraVolumes }} |  | ||||||
|       volumes: |  | ||||||
|         {{- toYaml . | nindent 8 }} |  | ||||||
|       {{- end }} |  | ||||||
| @@ -1,61 +0,0 @@ | |||||||
| {{- if .Values.ingress.enabled -}} |  | ||||||
| {{- $fullName := include "athens-proxy.fullname" . -}} |  | ||||||
| {{- $svcPort := .Values.service.port -}} |  | ||||||
| {{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} |  | ||||||
|   {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} |  | ||||||
|   {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} |  | ||||||
|   {{- end }} |  | ||||||
| {{- end }} |  | ||||||
| {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} |  | ||||||
| apiVersion: networking.k8s.io/v1 |  | ||||||
| {{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} |  | ||||||
| apiVersion: networking.k8s.io/v1beta1 |  | ||||||
| {{- else -}} |  | ||||||
| apiVersion: extensions/v1beta1 |  | ||||||
| {{- end }} |  | ||||||
| kind: Ingress |  | ||||||
| metadata: |  | ||||||
|   name: {{ $fullName }} |  | ||||||
|   labels: |  | ||||||
|     {{- include "athens-proxy.labels" . | nindent 4 }} |  | ||||||
|   {{- with .Values.ingress.annotations }} |  | ||||||
|   annotations: |  | ||||||
|     {{- toYaml . | nindent 4 }} |  | ||||||
|   {{- end }} |  | ||||||
| spec: |  | ||||||
|   {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} |  | ||||||
|   ingressClassName: {{ .Values.ingress.className }} |  | ||||||
|   {{- end }} |  | ||||||
|   {{- if .Values.ingress.tls }} |  | ||||||
|   tls: |  | ||||||
|     {{- range .Values.ingress.tls }} |  | ||||||
|     - hosts: |  | ||||||
|         {{- range .hosts }} |  | ||||||
|         - {{ . | quote }} |  | ||||||
|         {{- end }} |  | ||||||
|       secretName: {{ .secretName }} |  | ||||||
|     {{- end }} |  | ||||||
|   {{- end }} |  | ||||||
|   rules: |  | ||||||
|     {{- range .Values.ingress.hosts }} |  | ||||||
|     - host: {{ .host | quote }} |  | ||||||
|       http: |  | ||||||
|         paths: |  | ||||||
|           {{- range .paths }} |  | ||||||
|           - path: {{ .path }} |  | ||||||
|             {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} |  | ||||||
|             pathType: {{ .pathType }} |  | ||||||
|             {{- end }} |  | ||||||
|             backend: |  | ||||||
|               {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} |  | ||||||
|               service: |  | ||||||
|                 name: {{ $fullName }} |  | ||||||
|                 port: |  | ||||||
|                   number: {{ $svcPort }} |  | ||||||
|               {{- else }} |  | ||||||
|               serviceName: {{ $fullName }} |  | ||||||
|               servicePort: {{ $svcPort }} |  | ||||||
|               {{- end }} |  | ||||||
|           {{- end }} |  | ||||||
|     {{- end }} |  | ||||||
| {{- end }} |  | ||||||
| @@ -1,23 +0,0 @@ | |||||||
| apiVersion: v1 |  | ||||||
| kind: Secret |  | ||||||
| metadata: |  | ||||||
|   name: {{ include "athens-proxy.fullname" . }} |  | ||||||
| type: Opaque |  | ||||||
| stringData: |  | ||||||
|  |  | ||||||
|   {{- if not (hasKey .Values "config") -}} |  | ||||||
|   {{- $_ := set .Values "config" dict -}} |  | ||||||
|   {{- end -}} |  | ||||||
|  |  | ||||||
|   {{- if not (hasKey .Values.config "ATHENS_DISK_STORAGE_ROOT") -}} |  | ||||||
|   {{- $_ := set .Values.config "ATHENS_DISK_STORAGE_ROOT" "/var/lib/athens" -}} |  | ||||||
|   {{- end -}} |  | ||||||
|  |  | ||||||
|   {{- if not (hasKey .Values.config "ATHENS_STORAGE_TYPE") -}} |  | ||||||
|   {{- $_ := set .Values.config "ATHENS_STORAGE_TYPE" "disk" -}} |  | ||||||
|   {{- end -}} |  | ||||||
|  |  | ||||||
|   {{/* SETUP CONFIG */}} |  | ||||||
|   {{ range $key, $value := .Values.config }} |  | ||||||
|   {{ upper $key}}: {{ quote $value }} |  | ||||||
|   {{ end }} |  | ||||||
| @@ -1,36 +0,0 @@ | |||||||
| apiVersion: v1 |  | ||||||
| kind: Service |  | ||||||
| metadata: |  | ||||||
|   {{- with .Values.service.annotations }} |  | ||||||
|   annotations: |  | ||||||
|     {{- toYaml . | nindent 4 }} |  | ||||||
|   {{- end }} |  | ||||||
|   labels: |  | ||||||
|     {{- include "athens-proxy.labels" . | nindent 4 }} |  | ||||||
|   name: {{ include "athens-proxy.fullname" . }} |  | ||||||
| spec: |  | ||||||
|   {{- with .Values.service.externalIPs }} |  | ||||||
|   externalIPs: |  | ||||||
|   {{- toYaml . | nindent 2 }} |  | ||||||
|   {{- end }} |  | ||||||
|   {{- if .Values.service.externalTrafficPolicy }} |  | ||||||
|   externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }} |  | ||||||
|   {{- end }} |  | ||||||
|   {{- if and .Values.service.loadBalancerClass (eq .Values.service.type "LoadBalancer") }} |  | ||||||
|   loadBalancerClass: {{ .Values.service.loadBalancerClass }} |  | ||||||
|   {{- end }} |  | ||||||
|   {{- if and .Values.service.loadBalancerIP (eq .Values.service.type "LoadBalancer") }} |  | ||||||
|   loadBalancerIP: {{ .Values.service.loadBalancerIP }} |  | ||||||
|   {{- end }} |  | ||||||
|   {{- with .Values.service.loadBalancerSourceRanges }} |  | ||||||
|   loadBalancerSourceRanges: |  | ||||||
|   {{- toYaml . | nindent 2 }} |  | ||||||
|   {{- end }} |  | ||||||
|   type: {{ .Values.service.type }} |  | ||||||
|   ports: |  | ||||||
|     - port: {{ .Values.service.port }} |  | ||||||
|       targetPort: {{ .Values.service.targetPort }} |  | ||||||
|       protocol: TCP |  | ||||||
|       name: {{ .Values.service.name }} |  | ||||||
|   selector: |  | ||||||
|     {{- include "athens-proxy.selectorLabels" . | nindent 4 }} |  | ||||||
| @@ -1,10 +0,0 @@ | |||||||
| apiVersion: v1 |  | ||||||
| kind: ServiceAccount |  | ||||||
| metadata: |  | ||||||
|   {{- with .Values.serviceAccount.annotations }} |  | ||||||
|   annotations: |  | ||||||
|     {{- toYaml . | nindent 4 }} |  | ||||||
|   {{- end }} |  | ||||||
|   labels: |  | ||||||
|     {{- include "athens-proxy.labels" . | nindent 4 }} |  | ||||||
|   name: {{ include "athens-proxy.fullname" . }} |  | ||||||
| @@ -1,15 +0,0 @@ | |||||||
| apiVersion: v1 |  | ||||||
| kind: Pod |  | ||||||
| metadata: |  | ||||||
|   name: "{{ include "athens-proxy.fullname" . }}-test-connection" |  | ||||||
|   labels: |  | ||||||
|     {{- include "athens-proxy.labels" . | nindent 4 }} |  | ||||||
|   annotations: |  | ||||||
|     "helm.sh/hook": test |  | ||||||
| spec: |  | ||||||
|   containers: |  | ||||||
|     - name: wget |  | ||||||
|       image: busybox |  | ||||||
|       command: ['wget'] |  | ||||||
|       args: ['{{ include "athens-proxy.fullname" . }}:{{ .Values.service.port }}'] |  | ||||||
|   restartPolicy: Never |  | ||||||
							
								
								
									
										88
									
								
								unittests/configMaps/downloadMode.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										88
									
								
								unittests/configMaps/downloadMode.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,88 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: ConfigMap downloadMode | ||||||
|  | release: | ||||||
|  |   name: athens-proxy-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/athens-proxy/configMapDownloadMode.yaml | ||||||
|  | tests: | ||||||
|  | - it: Skip rending by using existing config map. | ||||||
|  |   set: | ||||||
|  |     config.downloadMode.existingConfigMap.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Rendering by default. | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - containsDocument: | ||||||
|  |       apiVersion: v1 | ||||||
|  |       kind: ConfigMap | ||||||
|  |       name: athens-proxy-unittest-download-mode-file | ||||||
|  |       namespace: testing | ||||||
|  |   - notExists: | ||||||
|  |       path: metadata.annotations | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: athens-proxy-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: athens-proxy | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         helm.sh/chart: athens-proxy-0.1.0 | ||||||
|  |   - equal: | ||||||
|  |       path: data.downloadMode | ||||||
|  |       value: | | ||||||
|  |         # downloadURL = "https://proxy.golang.org" | ||||||
|  |         # | ||||||
|  |         # mode = "async_redirect" | ||||||
|  |         # | ||||||
|  |         # download "github.com/gomods/*" { | ||||||
|  |         #     mode = "sync" | ||||||
|  |         # } | ||||||
|  |         # | ||||||
|  |         # download "golang.org/x/*" { | ||||||
|  |         #     mode = "none" | ||||||
|  |         # } | ||||||
|  |         # | ||||||
|  |         # download "github.com/pkg/*" { | ||||||
|  |         #     mode = "redirect" | ||||||
|  |         #     downloadURL = "https://gocenter.io" | ||||||
|  |         # } | ||||||
|  |  | ||||||
|  | - it: Rendering custom annotations and labels. | ||||||
|  |   set: | ||||||
|  |     config.downloadMode.configMap.annotations: | ||||||
|  |       foo: bar | ||||||
|  |       bar: foo | ||||||
|  |     config.downloadMode.configMap.labels: | ||||||
|  |       foo: bar | ||||||
|  |       bar: foo | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.annotations | ||||||
|  |       value: | ||||||
|  |         foo: bar | ||||||
|  |         bar: foo | ||||||
|  |   - isSubset: | ||||||
|  |       path: metadata.labels | ||||||
|  |       content: | ||||||
|  |         foo: bar | ||||||
|  |         bar: foo | ||||||
|  |  | ||||||
|  | - it: Rendering custom configuration | ||||||
|  |   set: | ||||||
|  |     config.downloadMode.configMap.content: | | ||||||
|  |       downloadURL = "https://proxy.golang.org" | ||||||
|  |       mode = "async_redirect" | ||||||
|  |  | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: data.downloadMode | ||||||
|  |       value: | | ||||||
|  |         downloadURL = "https://proxy.golang.org" | ||||||
|  |         mode = "async_redirect" | ||||||
							
								
								
									
										83
									
								
								unittests/configMaps/gitConfig.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										83
									
								
								unittests/configMaps/gitConfig.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,83 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: ConfigMap gitConfig | ||||||
|  | release: | ||||||
|  |   name: athens-proxy-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/athens-proxy/configMapGitConfig.yaml | ||||||
|  | tests: | ||||||
|  | - it: Skip rending by using existing config map. | ||||||
|  |   set: | ||||||
|  |     config.gitConfig.existingConfigMap.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Rendering by default. | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - containsDocument: | ||||||
|  |       apiVersion: v1 | ||||||
|  |       kind: ConfigMap | ||||||
|  |       name: athens-proxy-unittest-git-config | ||||||
|  |       namespace: testing | ||||||
|  |   - notExists: | ||||||
|  |       path: metadata.annotations | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: athens-proxy-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: athens-proxy | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         helm.sh/chart: athens-proxy-0.1.0 | ||||||
|  |   - equal: | ||||||
|  |       path: data[".gitconfig"] | ||||||
|  |       value: | | ||||||
|  |         # The .gitconfig file | ||||||
|  |         # | ||||||
|  |         # The .gitconfig file contains the user specific git configuration. It generally resides in the user's home | ||||||
|  |         # directory. | ||||||
|  |         # | ||||||
|  |         # [url "git@github.com:"] insteadOf = https://github.com/ | ||||||
|  |  | ||||||
|  | - it: Rendering custom annotations and labels. | ||||||
|  |   set: | ||||||
|  |     config.gitConfig.configMap.annotations: | ||||||
|  |       foo: bar | ||||||
|  |       bar: foo | ||||||
|  |     config.gitConfig.configMap.labels: | ||||||
|  |       foo: bar | ||||||
|  |       bar: foo | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.annotations | ||||||
|  |       value: | ||||||
|  |         foo: bar | ||||||
|  |         bar: foo | ||||||
|  |   - isSubset: | ||||||
|  |       path: metadata.labels | ||||||
|  |       content: | ||||||
|  |         foo: bar | ||||||
|  |         bar: foo | ||||||
|  |  | ||||||
|  | - it: Rendering custom configuration | ||||||
|  |   set: | ||||||
|  |     config.gitConfig.configMap.content: | | ||||||
|  |       [url "git@github.com:"] | ||||||
|  |       insteadOf = https://github.com/ | ||||||
|  |  | ||||||
|  |       [url "git@git.cryptic.systems:"] | ||||||
|  |       insteadOf = https://git.cryptic.systems/ | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: data[".gitconfig"] | ||||||
|  |       value: | | ||||||
|  |         [url "git@github.com:"] | ||||||
|  |         insteadOf = https://github.com/ | ||||||
|  |  | ||||||
|  |         [url "git@git.cryptic.systems:"] | ||||||
|  |         insteadOf = https://git.cryptic.systems/ | ||||||
							
								
								
									
										466
									
								
								unittests/deployment/deployment.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										466
									
								
								unittests/deployment/deployment.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,466 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: Deployment template | ||||||
|  | release: | ||||||
|  |   name: athens-proxy-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/athens-proxy/deployment.yaml | ||||||
|  | tests: | ||||||
|  | - it: Rendering default | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - containsDocument: | ||||||
|  |       apiVersion: apps/v1 | ||||||
|  |       kind: Deployment | ||||||
|  |       name: athens-proxy-unittest | ||||||
|  |       namespace: testing | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - notExists: | ||||||
|  |       path: metadata.annotations | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: athens-proxy-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: athens-proxy | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         helm.sh/chart: athens-proxy-0.1.0 | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - equal: | ||||||
|  |       path: spec.replicas | ||||||
|  |       value: 1 | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: athens-proxy-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: athens-proxy | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         helm.sh/chart: athens-proxy-0.1.0 | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.template.spec.affinity | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.template.spec.containers[0].args | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.template.spec.containers[0].command | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.template.spec.containers[0].envFrom | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.containers[0].image | ||||||
|  |       value: docker.io/gomods/athens:v0.1.0 | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.containers[0].imagePullPolicy | ||||||
|  |       value: IfNotPresent | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.template.spec.containers[0].resources | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.template.spec.containers[0].securityContext | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.template.spec.dnsConfig | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.template.spec.dnsPolicy | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.template.spec.hostname | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.hostNetwork | ||||||
|  |       value: false | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.template.spec.imagePullSecrets | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.template.spec.nodeSelector | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.template.spec.priorityClassName | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.template.spec.restartPolicy | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.template.spec.subdomain | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.terminationGracePeriodSeconds | ||||||
|  |       value: 60 | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.template.spec.tolerations | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.template.spec.topologySpreadConstraints | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - equal: | ||||||
|  |       path: spec.strategy | ||||||
|  |       value: | ||||||
|  |         type: "RollingUpdate" | ||||||
|  |         rollingUpdate: | ||||||
|  |           maxSurge: 1 | ||||||
|  |           maxUnavailable: 1 | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Test custom replicas | ||||||
|  |   set: | ||||||
|  |     # Ensure that the secrets and config maps are well configured. | ||||||
|  |  | ||||||
|  |     # Normal test values | ||||||
|  |     deployment.replicas: 3 | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: spec.replicas | ||||||
|  |       value: 3 | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Test custom affinity | ||||||
|  |   set: | ||||||
|  |     # Ensure that the secrets and config maps are well configured. | ||||||
|  |  | ||||||
|  |     # Normal test values | ||||||
|  |     deployment.affinity: | ||||||
|  |       nodeAffinity: | ||||||
|  |         requiredDuringSchedulingIgnoredDuringExecution: | ||||||
|  |           nodeSelectorTerms: | ||||||
|  |           - matchExpressions: | ||||||
|  |             - key: topology.kubernetes.io/zone | ||||||
|  |               operator: In | ||||||
|  |               values: | ||||||
|  |               - antarctica-east1 | ||||||
|  |               - antarctica-west1 | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.affinity | ||||||
|  |       value: | ||||||
|  |         nodeAffinity: | ||||||
|  |           requiredDuringSchedulingIgnoredDuringExecution: | ||||||
|  |             nodeSelectorTerms: | ||||||
|  |             - matchExpressions: | ||||||
|  |               - key: topology.kubernetes.io/zone | ||||||
|  |                 operator: In | ||||||
|  |                 values: | ||||||
|  |                 - antarctica-east1 | ||||||
|  |                 - antarctica-west1 | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Test additional arguments | ||||||
|  |   set: | ||||||
|  |     # Ensure that the secrets and config maps are well configured. | ||||||
|  |  | ||||||
|  |     # Normal test values | ||||||
|  |     deployment.athensProxy.args: | ||||||
|  |     - "--foo=bar" | ||||||
|  |     - "--bar=foo" | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.containers[0].args | ||||||
|  |       value: | ||||||
|  |       - --foo=bar | ||||||
|  |       - --bar=foo | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Test additional command | ||||||
|  |   set: | ||||||
|  |     # Ensure that the secrets and config maps are well configured. | ||||||
|  |  | ||||||
|  |     # Normal test values | ||||||
|  |     deployment.athensProxy.command: | ||||||
|  |     - "/bin/sh" | ||||||
|  |     - "-c" | ||||||
|  |     - "echo hello" | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.containers[0].command | ||||||
|  |       value: | ||||||
|  |       - "/bin/sh" | ||||||
|  |       - "-c" | ||||||
|  |       - "echo hello" | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Test custom imageRegistry and imageRepository | ||||||
|  |   set: | ||||||
|  |     # Ensure that the secrets and config maps are well configured. | ||||||
|  |  | ||||||
|  |     # Normal test values | ||||||
|  |     deployment.athensProxy.image.registry: registry.example.local | ||||||
|  |     deployment.athensProxy.image.repository: path/special/athens-proxy | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.containers[0].image | ||||||
|  |       value: registry.example.local/path/special/athens-proxy:v0.1.0 | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Test custom imagePullPolicy | ||||||
|  |   set: | ||||||
|  |     # Ensure that the secrets and config maps are well configured. | ||||||
|  |  | ||||||
|  |     # Normal test values | ||||||
|  |     deployment.athensProxy.image.pullPolicy: Always | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.containers[0].imagePullPolicy | ||||||
|  |       value: Always | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Test custom resource limits and requests | ||||||
|  |   set: | ||||||
|  |     # Ensure that the secrets and config maps are well configured. | ||||||
|  |  | ||||||
|  |     # Normal test values | ||||||
|  |     deployment.athensProxy.resources: | ||||||
|  |       limits: | ||||||
|  |         cpu: 100m | ||||||
|  |         memory: 250MB | ||||||
|  |       requests: | ||||||
|  |         cpu: 25m | ||||||
|  |         memory: 100MB | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.containers[0].env | ||||||
|  |       value: | ||||||
|  |       - name: GOMAXPROCS | ||||||
|  |         valueFrom: | ||||||
|  |           resourceFieldRef: | ||||||
|  |             divisor: "1" | ||||||
|  |             resource: limits.cpu | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.containers[0].resources | ||||||
|  |       value: | ||||||
|  |         limits: | ||||||
|  |           cpu: 100m | ||||||
|  |           memory: 250MB | ||||||
|  |         requests: | ||||||
|  |           cpu: 25m | ||||||
|  |           memory: 100MB | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Test custom securityContext | ||||||
|  |   set: | ||||||
|  |     # Ensure that the secrets and config maps are well configured. | ||||||
|  |  | ||||||
|  |     # Normal test values | ||||||
|  |     deployment.athensProxy.securityContext: | ||||||
|  |       capabilities: | ||||||
|  |         add: | ||||||
|  |         - NET_RAW | ||||||
|  |         drop: | ||||||
|  |         - ALL | ||||||
|  |       privileged: false | ||||||
|  |       readOnlyRootFilesystem: true | ||||||
|  |       runAsNonRoot: true | ||||||
|  |       runAsUser: 1000 | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.containers[0].securityContext | ||||||
|  |       value: | ||||||
|  |         capabilities: | ||||||
|  |           add: | ||||||
|  |           - NET_RAW | ||||||
|  |           drop: | ||||||
|  |           - ALL | ||||||
|  |         privileged: false | ||||||
|  |         readOnlyRootFilesystem: true | ||||||
|  |         runAsNonRoot: true | ||||||
|  |         runAsUser: 1000 | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Test dnsConfig | ||||||
|  |   set: | ||||||
|  |     # Ensure that the secrets and config maps are well configured. | ||||||
|  |  | ||||||
|  |     # Normal test values | ||||||
|  |     deployment.dnsConfig: | ||||||
|  |       nameservers: | ||||||
|  |       - "8.8.8.8" | ||||||
|  |       - "8.8.4.4" | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.dnsConfig | ||||||
|  |       value: | ||||||
|  |         nameservers: | ||||||
|  |         - "8.8.8.8" | ||||||
|  |         - "8.8.4.4" | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Test dnsPolicy | ||||||
|  |   set: | ||||||
|  |     # Ensure that the secrets and config maps are well configured. | ||||||
|  |  | ||||||
|  |     # Normal test values | ||||||
|  |     deployment.dnsPolicy: ClusterFirst | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.dnsPolicy | ||||||
|  |       value: ClusterFirst | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Test hostNetwork, hostname, subdomain | ||||||
|  |   set: | ||||||
|  |     # Ensure that the secrets and config maps are well configured. | ||||||
|  |  | ||||||
|  |     # Normal test values | ||||||
|  |     deployment.hostNetwork: true | ||||||
|  |     deployment.hostname: pg-exporter | ||||||
|  |     deployment.subdomain: exporters.internal | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.hostNetwork | ||||||
|  |       value: true | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.hostname | ||||||
|  |       value: pg-exporter | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.subdomain | ||||||
|  |       value: exporters.internal | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Test imagePullSecrets | ||||||
|  |   set: | ||||||
|  |     # Ensure that the secrets and config maps are well configured. | ||||||
|  |  | ||||||
|  |     # Normal test values | ||||||
|  |     deployment.imagePullSecrets: | ||||||
|  |     - name: my-pull-secret | ||||||
|  |     - name: my-special-secret | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.imagePullSecrets | ||||||
|  |       value: | ||||||
|  |       - name: my-pull-secret | ||||||
|  |       - name: my-special-secret | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Test nodeSelector | ||||||
|  |   set: | ||||||
|  |     # Ensure that the secrets and config maps are well configured. | ||||||
|  |  | ||||||
|  |     # Normal test values | ||||||
|  |     deployment.nodeSelector: | ||||||
|  |       foo: bar | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.nodeSelector | ||||||
|  |       value: | ||||||
|  |         foo: bar | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Test priorityClassName | ||||||
|  |   set: | ||||||
|  |     # Ensure that the secrets and config maps are well configured. | ||||||
|  |  | ||||||
|  |     # Normal test values | ||||||
|  |     deployment.priorityClassName: my-priority | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.priorityClassName | ||||||
|  |       value: my-priority | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Test restartPolicy | ||||||
|  |   set: | ||||||
|  |     # Ensure that the secrets and config maps are well configured. | ||||||
|  |  | ||||||
|  |     # Normal test values | ||||||
|  |     deployment.restartPolicy: Always | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.restartPolicy | ||||||
|  |       value: Always | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Test terminationGracePeriodSeconds | ||||||
|  |   set: | ||||||
|  |     # Ensure that the secrets and config maps are well configured. | ||||||
|  |  | ||||||
|  |     # Normal test values | ||||||
|  |     deployment.terminationGracePeriodSeconds: 120 | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.terminationGracePeriodSeconds | ||||||
|  |       value: 120 | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Test tolerations | ||||||
|  |   set: | ||||||
|  |     # Ensure that the secrets and config maps are well configured. | ||||||
|  |  | ||||||
|  |     # Normal test values | ||||||
|  |     deployment.tolerations: | ||||||
|  |     - key: database/type | ||||||
|  |       operator: Equal | ||||||
|  |       value: postgres | ||||||
|  |       effect: NoSchedule | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.tolerations | ||||||
|  |       value: | ||||||
|  |       - key: database/type | ||||||
|  |         operator: Equal | ||||||
|  |         value: postgres | ||||||
|  |         effect: NoSchedule | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Test topologySpreadConstraints | ||||||
|  |   set: | ||||||
|  |     # Ensure that the secrets and config maps are well configured. | ||||||
|  |  | ||||||
|  |     # Normal test values | ||||||
|  |     deployment.topologySpreadConstraints: | ||||||
|  |     - topologyKey: kubernetes.io/hostname | ||||||
|  |       whenUnsatisfiable: DoNotSchedule | ||||||
|  |       labelSelector: | ||||||
|  |         matchLabels: | ||||||
|  |           app.kubernetes.io/instance: athens-proxy | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.topologySpreadConstraints | ||||||
|  |       value: | ||||||
|  |       - topologyKey: kubernetes.io/hostname | ||||||
|  |         whenUnsatisfiable: DoNotSchedule | ||||||
|  |         labelSelector: | ||||||
|  |           matchLabels: | ||||||
|  |             app.kubernetes.io/instance: athens-proxy | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Test additional volumeMounts and volumes | ||||||
|  |   set: | ||||||
|  |     # Ensure that the secrets and config maps are well configured. | ||||||
|  |  | ||||||
|  |     # Normal test values | ||||||
|  |     deployment.athensProxy.volumeMounts: | ||||||
|  |     - name: data | ||||||
|  |       mountPath: /usr/lib/athens-proxy/data | ||||||
|  |     deployment.volumes: | ||||||
|  |     - name: data | ||||||
|  |       hostPath: | ||||||
|  |         path: /usr/lib/athens-proxy/data | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |       value: | ||||||
|  |       - name: data | ||||||
|  |         mountPath: /usr/lib/athens-proxy/data | ||||||
|  |     template: templates/athens-proxy/deployment.yaml | ||||||
|  |  | ||||||
							
								
								
									
										83
									
								
								unittests/deployment/downloadMode.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										83
									
								
								unittests/deployment/downloadMode.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,83 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: Deployment template | ||||||
|  | release: | ||||||
|  |   name: athens-proxy-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/athens-proxy/deployment.yaml | ||||||
|  | tests: | ||||||
|  | - it: Rendering default without mounted download mode config map | ||||||
|  |   asserts: | ||||||
|  |     - notContains: | ||||||
|  |         path: spec.template.spec.containers[0].env | ||||||
|  |         content: | ||||||
|  |           name: ATHENS_DOWNLOAD_MODE | ||||||
|  |           value: file:/etc/athens/config/download-mode.d/download-mode | ||||||
|  |     - notContains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: download-mode | ||||||
|  |           mountPath: /etc/athens/config/download-mode.d | ||||||
|  |     - notContains: | ||||||
|  |         path: spec.template.spec.volumes | ||||||
|  |         content: | ||||||
|  |           name: download-mode | ||||||
|  |           configMap: | ||||||
|  |             name: athens-proxy-unittest-download-mode-file | ||||||
|  |  | ||||||
|  | - it: Rendering default with mounted gitconfig configMap | ||||||
|  |   set: | ||||||
|  |     config.downloadMode.enabled: true | ||||||
|  |     persistence.enabled: true | ||||||
|  |   asserts: | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].env | ||||||
|  |         content: | ||||||
|  |           name: ATHENS_DOWNLOAD_MODE | ||||||
|  |           value: file:/etc/athens/config/download-mode.d/download-mode | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: download-mode | ||||||
|  |           mountPath: /etc/athens/config/download-mode.d | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.volumes | ||||||
|  |         content: | ||||||
|  |           name: download-mode | ||||||
|  |           configMap: | ||||||
|  |             items: | ||||||
|  |               - key: downloadMode | ||||||
|  |                 mode: 0644 | ||||||
|  |                 path: download-mode | ||||||
|  |             name: athens-proxy-unittest-download-mode-file | ||||||
|  |  | ||||||
|  | - it: Rendering with custom download mode configMap | ||||||
|  |   set: | ||||||
|  |     config.downloadMode.enabled: true | ||||||
|  |     config.downloadMode.existingConfigMap.enabled: true | ||||||
|  |     config.downloadMode.existingConfigMap.configMapName: "my-custom-configmap" | ||||||
|  |     config.downloadMode.existingConfigMap.downloadModeKey: "my-custom-download-mode-filename-key" | ||||||
|  |     persistence.enabled: true | ||||||
|  |   asserts: | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].env | ||||||
|  |         content: | ||||||
|  |           name: ATHENS_DOWNLOAD_MODE | ||||||
|  |           value: file:/etc/athens/config/download-mode.d/download-mode | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: download-mode | ||||||
|  |           mountPath: /etc/athens/config/download-mode.d | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.volumes | ||||||
|  |         content: | ||||||
|  |           name: download-mode | ||||||
|  |           configMap: | ||||||
|  |             items: | ||||||
|  |             - key: "my-custom-download-mode-filename-key" | ||||||
|  |               path: "download-mode" | ||||||
|  |               mode: 0644 | ||||||
|  |             name: my-custom-configmap | ||||||
							
								
								
									
										81
									
								
								unittests/deployment/gitConfig.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										81
									
								
								unittests/deployment/gitConfig.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,81 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: Deployment template | ||||||
|  | release: | ||||||
|  |   name: athens-proxy-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/athens-proxy/deployment.yaml | ||||||
|  | tests: | ||||||
|  | - it: Rendering default without mounted git config map | ||||||
|  |   asserts: | ||||||
|  |     - notContains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           mountPath: /root/.gitconfig | ||||||
|  |           subPath: .gitconfig | ||||||
|  |     - notContains: | ||||||
|  |         path: spec.template.spec.volumes | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           projected: | ||||||
|  |             sources: | ||||||
|  |             - configMap: | ||||||
|  |                 items: | ||||||
|  |                 - key: .gitconfig | ||||||
|  |                   path: .gitconfig | ||||||
|  |                   mode: 0600 | ||||||
|  |                 name: athens-proxy-unittest-gitconfig | ||||||
|  |  | ||||||
|  | - it: Rendering default with mounted gitconfig configMap | ||||||
|  |   set: | ||||||
|  |     config.gitConfig.enabled: true | ||||||
|  |     persistence.enabled: true | ||||||
|  |   asserts: | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           mountPath: /root/.gitconfig | ||||||
|  |           subPath: .gitconfig | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.volumes | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           projected: | ||||||
|  |             sources: | ||||||
|  |             - configMap: | ||||||
|  |                 items: | ||||||
|  |                 - key: .gitconfig | ||||||
|  |                   path: .gitconfig | ||||||
|  |                   mode: 0644 | ||||||
|  |                 name: athens-proxy-unittest-gitconfig | ||||||
|  |  | ||||||
|  | - it: Rendering with custom gitconfig configMap | ||||||
|  |   set: | ||||||
|  |     config.gitConfig.enabled: true | ||||||
|  |     config.gitConfig.existingConfigMap.enabled: true | ||||||
|  |     config.gitConfig.existingConfigMap.configMapName: "my-custom-configmap" | ||||||
|  |     config.gitConfig.existingConfigMap.gitConfigKey: "my-gitconfig-key" | ||||||
|  |     persistence.enabled: true | ||||||
|  |   asserts: | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           mountPath: /root/.gitconfig | ||||||
|  |           subPath: .gitconfig | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.volumes | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           projected: | ||||||
|  |             sources: | ||||||
|  |             - configMap: | ||||||
|  |                 items: | ||||||
|  |                 - key: my-gitconfig-key | ||||||
|  |                   path: .gitconfig | ||||||
|  |                   mode: 0644 | ||||||
|  |                 name: my-custom-configmap | ||||||
							
								
								
									
										80
									
								
								unittests/deployment/netrc.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										80
									
								
								unittests/deployment/netrc.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,80 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: Deployment template | ||||||
|  | release: | ||||||
|  |   name: athens-proxy-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/athens-proxy/deployment.yaml | ||||||
|  | tests: | ||||||
|  | - it: Rendering default without mounted netrc secret | ||||||
|  |   asserts: | ||||||
|  |     - notContains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: netrc | ||||||
|  |           mountPath: /root | ||||||
|  |     - notContains: | ||||||
|  |         path: spec.template.spec.volumes | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           projected: | ||||||
|  |             sources: | ||||||
|  |             - secret: | ||||||
|  |                 items: | ||||||
|  |                 - key: .netrc | ||||||
|  |                   path: .netrc | ||||||
|  |                   mode: 0600 | ||||||
|  |                 name: athens-proxy-unittest-netrc | ||||||
|  |  | ||||||
|  | - it: Rendering default with mounted netrc secret | ||||||
|  |   set: | ||||||
|  |     config.netrc.enabled: true | ||||||
|  |     persistence.enabled: true | ||||||
|  |   asserts: | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           mountPath: /root/.netrc | ||||||
|  |           subPath: .netrc | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.volumes | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           projected: | ||||||
|  |             sources: | ||||||
|  |             - secret: | ||||||
|  |                 items: | ||||||
|  |                 - key: .netrc | ||||||
|  |                   path: .netrc | ||||||
|  |                   mode: 0600 | ||||||
|  |                 name: athens-proxy-unittest-netrc | ||||||
|  |  | ||||||
|  | - it: Rendering with custom netrc secret | ||||||
|  |   set: | ||||||
|  |     config.netrc.enabled: true | ||||||
|  |     config.netrc.existingSecret.enabled: true | ||||||
|  |     config.netrc.existingSecret.secretName: "my-custom-secret" | ||||||
|  |     config.netrc.existingSecret.netrcKey: "my-netrc-key" | ||||||
|  |     persistence.enabled: true | ||||||
|  |   asserts: | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           mountPath: /root/.netrc | ||||||
|  |           subPath: .netrc | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.volumes | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           projected: | ||||||
|  |             sources: | ||||||
|  |             - secret: | ||||||
|  |                 items: | ||||||
|  |                 - key: my-netrc-key | ||||||
|  |                   path: .netrc | ||||||
|  |                   mode: 0600 | ||||||
|  |                 name: my-custom-secret | ||||||
							
								
								
									
										73
									
								
								unittests/deployment/persistentVolumeClaim.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										73
									
								
								unittests/deployment/persistentVolumeClaim.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,73 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: Deployment template | ||||||
|  | release: | ||||||
|  |   name: athens-proxy-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/athens-proxy/deployment.yaml | ||||||
|  | tests: | ||||||
|  | - it: Test persistent volume claim | ||||||
|  |   set: | ||||||
|  |     persistence.enabled: true | ||||||
|  |   asserts: | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].env | ||||||
|  |         content: | ||||||
|  |           name: ATHENS_STORAGE_TYPE | ||||||
|  |           value: disk | ||||||
|  |       template: templates/athens-proxy/deployment.yaml | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].env | ||||||
|  |         content: | ||||||
|  |           name: ATHENS_DISK_STORAGE_ROOT | ||||||
|  |           value: /var/www/athens-proxy/data | ||||||
|  |       template: templates/athens-proxy/deployment.yaml | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: data | ||||||
|  |           mountPath: /var/www/athens-proxy/data | ||||||
|  |       template: templates/athens-proxy/deployment.yaml | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.volumes | ||||||
|  |         content: | ||||||
|  |           name: data | ||||||
|  |           persistentVolumeClaim: | ||||||
|  |             claimName: athens-proxy-unittest-data | ||||||
|  |       template: templates/athens-proxy/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Test existing persistent volume claim | ||||||
|  |   set: | ||||||
|  |     config.netrc.enabled: true | ||||||
|  |     persistence.enabled: true | ||||||
|  |     persistence.data.mountPath: "/mnt/go-proxy/data" | ||||||
|  |     persistence.data.existingPersistentVolumeClaim.enabled: true | ||||||
|  |     persistence.data.existingPersistentVolumeClaim.persistentVolumeClaimName: "my-special-pvc" | ||||||
|  |   asserts: | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].env | ||||||
|  |         content: | ||||||
|  |           name: ATHENS_STORAGE_TYPE | ||||||
|  |           value: disk | ||||||
|  |       template: templates/athens-proxy/deployment.yaml | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].env | ||||||
|  |         content: | ||||||
|  |           name: ATHENS_DISK_STORAGE_ROOT | ||||||
|  |           value: /mnt/go-proxy/data | ||||||
|  |       template: templates/athens-proxy/deployment.yaml | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: data | ||||||
|  |           mountPath: /mnt/go-proxy/data | ||||||
|  |       template: templates/athens-proxy/deployment.yaml | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.volumes | ||||||
|  |         content: | ||||||
|  |           name: data | ||||||
|  |           persistentVolumeClaim: | ||||||
|  |             claimName: my-special-pvc | ||||||
|  |       template: templates/athens-proxy/deployment.yaml | ||||||
							
								
								
									
										221
									
								
								unittests/deployment/ssh.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										221
									
								
								unittests/deployment/ssh.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,221 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: Deployment template | ||||||
|  | release: | ||||||
|  |   name: athens-proxy-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/athens-proxy/deployment.yaml | ||||||
|  | tests: | ||||||
|  | - it: Rendering default without mounted ssh secret | ||||||
|  |   asserts: | ||||||
|  |     - notContains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           mountPath: /root/.ssh/config | ||||||
|  |           subPath: config | ||||||
|  |     - notContains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           mountPath: /root/.ssh/id_ed25519 | ||||||
|  |           subPath: id_ed25519 | ||||||
|  |     - notContains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           mountPath: /root/.ssh/id_ed25519.pub | ||||||
|  |           subPath: id_ed25519.pub | ||||||
|  |     - notContains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           mountPath: /root/.ssh/id_rsa | ||||||
|  |           subPath: id_rsa | ||||||
|  |     - notContains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           mountPath: /root/.ssh/id_rsa.pub | ||||||
|  |           subPath: id_rsa.pub | ||||||
|  |     - notContains: | ||||||
|  |         path: spec.template.spec.volumes | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           projected: | ||||||
|  |             sources: | ||||||
|  |             - secret: | ||||||
|  |                 items: | ||||||
|  |                 - key: config | ||||||
|  |                   path: config | ||||||
|  |                   mode: 0644 | ||||||
|  |                 - key: id_ed25519 | ||||||
|  |                   path: id_ed25519 | ||||||
|  |                   mode: 0600 | ||||||
|  |                 - key: id_ed25519.pub | ||||||
|  |                   path: id_ed25519.pub | ||||||
|  |                   mode: 0644 | ||||||
|  |                 - key: id_rsa | ||||||
|  |                   path: id_rsa | ||||||
|  |                   mode: 0600 | ||||||
|  |                 - key: id_rsa.pub | ||||||
|  |                   path: id_rsa.pub | ||||||
|  |                   mode: 0644 | ||||||
|  |                 name: athens-proxy-unittest-ssh | ||||||
|  |  | ||||||
|  | - it: Rendering default with mounted ssh config | ||||||
|  |   set: | ||||||
|  |     config.ssh.enabled: true | ||||||
|  |     persistence.enabled: true | ||||||
|  |   asserts: | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           mountPath: /root/.ssh/config | ||||||
|  |           subPath: config | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.volumes | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           projected: | ||||||
|  |             sources: | ||||||
|  |             - secret: | ||||||
|  |                 items: | ||||||
|  |                 - key: config | ||||||
|  |                   path: config | ||||||
|  |                   mode: 0600 | ||||||
|  |                 name: athens-proxy-unittest-ssh | ||||||
|  |  | ||||||
|  | - it: Rendering default with mounted ssh keys | ||||||
|  |   set: | ||||||
|  |     config.ssh.enabled: true | ||||||
|  |     config.ssh.secret.id_ed25519: foo | ||||||
|  |     config.ssh.secret.id_ed25519_pub: bar | ||||||
|  |     config.ssh.secret.id_rsa: foo | ||||||
|  |     config.ssh.secret.id_rsa_pub: bar | ||||||
|  |     persistence.enabled: true | ||||||
|  |   asserts: | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           mountPath: /root/.ssh/config | ||||||
|  |           subPath: config | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           mountPath: /root/.ssh/id_ed25519 | ||||||
|  |           subPath: id_ed25519 | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           mountPath: /root/.ssh/id_ed25519.pub | ||||||
|  |           subPath: id_ed25519.pub | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           mountPath: /root/.ssh/id_rsa | ||||||
|  |           subPath: id_rsa | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           mountPath: /root/.ssh/id_rsa.pub | ||||||
|  |           subPath: id_rsa.pub | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.volumes | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           projected: | ||||||
|  |             sources: | ||||||
|  |             - secret: | ||||||
|  |                 items: | ||||||
|  |                 - key: config | ||||||
|  |                   path: config | ||||||
|  |                   mode: 0600 | ||||||
|  |                 - key: id_ed25519 | ||||||
|  |                   path: id_ed25519 | ||||||
|  |                   mode: 0600 | ||||||
|  |                 - key: id_ed25519.pub | ||||||
|  |                   path: id_ed25519.pub | ||||||
|  |                   mode: 0644 | ||||||
|  |                 - key: id_rsa | ||||||
|  |                   path: id_rsa | ||||||
|  |                   mode: 0600 | ||||||
|  |                 - key: id_rsa.pub | ||||||
|  |                   path: id_rsa.pub | ||||||
|  |                   mode: 0644 | ||||||
|  |                 name: athens-proxy-unittest-ssh | ||||||
|  |  | ||||||
|  | - it: Rendering with custom ssh secret | ||||||
|  |   set: | ||||||
|  |     config.ssh.enabled: true | ||||||
|  |     config.ssh.existingSecret.enabled: true | ||||||
|  |     config.ssh.existingSecret.secretName: "my-custom-secret" | ||||||
|  |     config.ssh.existingSecret.configKey : "my-config-key" | ||||||
|  |     config.ssh.existingSecret.id_ed25519Key : "my-private-ed25519-key" | ||||||
|  |     config.ssh.existingSecret.id_ed25519PubKey : "my-public-ed25519-key" | ||||||
|  |     config.ssh.existingSecret.id_rsaKey : "my-private-rsa-key" | ||||||
|  |     config.ssh.existingSecret.id_rsaPubKey : "my-public-rsa-key" | ||||||
|  |     persistence.enabled: true | ||||||
|  |   asserts: | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           mountPath: /root/.ssh/config | ||||||
|  |           subPath: config | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           mountPath: /root/.ssh/id_ed25519 | ||||||
|  |           subPath: id_ed25519 | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           mountPath: /root/.ssh/id_ed25519.pub | ||||||
|  |           subPath: id_ed25519.pub | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           mountPath: /root/.ssh/id_rsa | ||||||
|  |           subPath: id_rsa | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           mountPath: /root/.ssh/id_rsa.pub | ||||||
|  |           subPath: id_rsa.pub | ||||||
|  |     - contains: | ||||||
|  |         path: spec.template.spec.volumes | ||||||
|  |         content: | ||||||
|  |           name: secrets | ||||||
|  |           projected: | ||||||
|  |             sources: | ||||||
|  |             - secret: | ||||||
|  |                 items: | ||||||
|  |                 - key: my-config-key | ||||||
|  |                   path: config | ||||||
|  |                   mode: 0600 | ||||||
|  |                 - key: my-private-ed25519-key | ||||||
|  |                   path: id_ed25519 | ||||||
|  |                   mode: 0600 | ||||||
|  |                 - key: my-public-ed25519-key | ||||||
|  |                   path: id_ed25519.pub | ||||||
|  |                   mode: 0644 | ||||||
|  |                 - key: my-private-rsa-key | ||||||
|  |                   path: id_rsa | ||||||
|  |                   mode: 0600 | ||||||
|  |                 - key: my-public-rsa-key | ||||||
|  |                   path: id_rsa.pub | ||||||
|  |                   mode: 0644 | ||||||
|  |                 name: my-custom-secret | ||||||
							
								
								
									
										116
									
								
								unittests/hpa/default.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										116
									
								
								unittests/hpa/default.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,116 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: HPA template (basic) | ||||||
|  | release: | ||||||
|  |   name: athens-proxy-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/athens-proxy/hpa.yaml | ||||||
|  | tests: | ||||||
|  | - it: Skip rendering by default. | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Rendering when enabled - default | ||||||
|  |   set: | ||||||
|  |     hpa.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - containsDocument: | ||||||
|  |       apiVersion: autoscaling/v2 | ||||||
|  |       kind: HorizontalPodAutoscaler | ||||||
|  |       name: athens-proxy-unittest | ||||||
|  |       namespace: testing | ||||||
|  |   - notExists: | ||||||
|  |       path: metadata.annotations | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: athens-proxy-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: athens-proxy | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         helm.sh/chart: athens-proxy-0.1.0 | ||||||
|  |   - contains: | ||||||
|  |       path: spec.metrics | ||||||
|  |       content: | ||||||
|  |         resource: | ||||||
|  |           name: cpu | ||||||
|  |           target: | ||||||
|  |             averageUtilization: 65 | ||||||
|  |             type: Utilization | ||||||
|  |         type: Resource | ||||||
|  |   - equal: | ||||||
|  |       path: spec.maxReplicas | ||||||
|  |       value: 10 | ||||||
|  |   - equal: | ||||||
|  |       path: spec.minReplicas | ||||||
|  |       value: 1 | ||||||
|  |   - equal: | ||||||
|  |       path: spec.scaleTargetRef | ||||||
|  |       value: | ||||||
|  |         apiVersion: apps/v1 | ||||||
|  |         kind: Deployment | ||||||
|  |         name: athens-proxy-unittest | ||||||
|  |  | ||||||
|  | - it: Rendering when enabled - custom values | ||||||
|  |   set: | ||||||
|  |     hpa.enabled: true | ||||||
|  |     hpa.annotations: | ||||||
|  |       foo: bar | ||||||
|  |     hpa.labels: | ||||||
|  |       bar: foo | ||||||
|  |     hpa.maxReplicas: 25 | ||||||
|  |     hpa.minReplicas: 5 | ||||||
|  |     hpa.metrics: | ||||||
|  |     - resource: | ||||||
|  |         name: memory | ||||||
|  |         target: | ||||||
|  |           averageUtilization: 65 | ||||||
|  |           type: Utilization | ||||||
|  |       type: Resource | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - containsDocument: | ||||||
|  |       apiVersion: autoscaling/v2 | ||||||
|  |       kind: HorizontalPodAutoscaler | ||||||
|  |       name: athens-proxy-unittest | ||||||
|  |       namespace: testing | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.annotations | ||||||
|  |       value: | ||||||
|  |         foo: bar | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: athens-proxy-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: athens-proxy | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         bar: foo | ||||||
|  |         helm.sh/chart: athens-proxy-0.1.0 | ||||||
|  |   - contains: | ||||||
|  |       path: spec.metrics | ||||||
|  |       content: | ||||||
|  |         resource: | ||||||
|  |           name: memory | ||||||
|  |           target: | ||||||
|  |             averageUtilization: 65 | ||||||
|  |             type: Utilization | ||||||
|  |         type: Resource | ||||||
|  |   - equal: | ||||||
|  |       path: spec.maxReplicas | ||||||
|  |       value: 25 | ||||||
|  |   - equal: | ||||||
|  |       path: spec.minReplicas | ||||||
|  |       value: 5 | ||||||
|  |   - equal: | ||||||
|  |       path: spec.scaleTargetRef | ||||||
|  |       value: | ||||||
|  |         apiVersion: apps/v1 | ||||||
|  |         kind: Deployment | ||||||
|  |         name: athens-proxy-unittest | ||||||
							
								
								
									
										139
									
								
								unittests/ingress/ingress.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										139
									
								
								unittests/ingress/ingress.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,139 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: Ingress template | ||||||
|  | release: | ||||||
|  |   name: athens-proxy-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/athens-proxy/ingress.yaml | ||||||
|  | tests: | ||||||
|  | - it: Skip ingress by default. | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Skip ingress, when service is disabled. | ||||||
|  |   set: | ||||||
|  |     services.http.enabled: false | ||||||
|  |     ingress.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Render ingress with default values. | ||||||
|  |   set: | ||||||
|  |     ingress.enabled: true | ||||||
|  |     ingress.hosts: | ||||||
|  |     - host: athens-proxy.example.local | ||||||
|  |       paths: | ||||||
|  |       - path: / | ||||||
|  |         pathType: Prefix | ||||||
|  |     ingress.tls: | ||||||
|  |     - secretName: athens-proxy-http-tls | ||||||
|  |       hosts: | ||||||
|  |       - athens-proxy.example.local | ||||||
|  |  | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - containsDocument: | ||||||
|  |       apiVersion: networking.k8s.io/v1 | ||||||
|  |       kind: Ingress | ||||||
|  |       name: athens-proxy-unittest | ||||||
|  |       namespace: testing | ||||||
|  |   - notExists: | ||||||
|  |       path: metadata.annotations | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: athens-proxy-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: athens-proxy | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         helm.sh/chart: athens-proxy-0.1.0 | ||||||
|  |   - equal: | ||||||
|  |       path: spec.ingressClassName | ||||||
|  |       value: nginx | ||||||
|  |   - contains: | ||||||
|  |       path: spec.rules | ||||||
|  |       content: | ||||||
|  |         host: athens-proxy.example.local | ||||||
|  |         http: | ||||||
|  |           paths: | ||||||
|  |           - path: / | ||||||
|  |             pathType: Prefix | ||||||
|  |             backend: | ||||||
|  |               service: | ||||||
|  |                 name: athens-proxy-unittest-http | ||||||
|  |                 port: | ||||||
|  |                   number: 3000 | ||||||
|  |   - contains: | ||||||
|  |       path: spec.tls | ||||||
|  |       content: | ||||||
|  |         hosts: | ||||||
|  |         - athens-proxy.example.local | ||||||
|  |         secretName: athens-proxy-http-tls | ||||||
|  |  | ||||||
|  | - it: Render ingress with custom values. | ||||||
|  |   set: | ||||||
|  |     ingress.enabled: true | ||||||
|  |     ingress.annotations: | ||||||
|  |       foo: bar | ||||||
|  |     ingress.className: nginx | ||||||
|  |     ingress.labels: | ||||||
|  |       bar: foo | ||||||
|  |     ingress.hosts: | ||||||
|  |     - host: athens-proxy.example.local | ||||||
|  |       paths: | ||||||
|  |       - path: / | ||||||
|  |         pathType: Prefix | ||||||
|  |     ingress.tls: | ||||||
|  |     - secretName: athens-proxy-http-tls | ||||||
|  |       hosts: | ||||||
|  |       - athens-proxy.example.local | ||||||
|  |     services.http.port: 8080 | ||||||
|  |  | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - containsDocument: | ||||||
|  |       apiVersion: networking.k8s.io/v1 | ||||||
|  |       kind: Ingress | ||||||
|  |       name: athens-proxy-unittest | ||||||
|  |       namespace: testing | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.annotations | ||||||
|  |       value: | ||||||
|  |         foo: bar | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: athens-proxy-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: athens-proxy | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         helm.sh/chart: athens-proxy-0.1.0 | ||||||
|  |         bar: foo | ||||||
|  |   - equal: | ||||||
|  |       path: spec.ingressClassName | ||||||
|  |       value: nginx | ||||||
|  |   - contains: | ||||||
|  |       path: spec.rules | ||||||
|  |       content: | ||||||
|  |         host: athens-proxy.example.local | ||||||
|  |         http: | ||||||
|  |           paths: | ||||||
|  |           - path: / | ||||||
|  |             pathType: Prefix | ||||||
|  |             backend: | ||||||
|  |               service: | ||||||
|  |                 name: athens-proxy-unittest-http | ||||||
|  |                 port: | ||||||
|  |                   number: 8080 | ||||||
|  |   - contains: | ||||||
|  |       path: spec.tls | ||||||
|  |       content: | ||||||
|  |         hosts: | ||||||
|  |         - athens-proxy.example.local | ||||||
|  |         secretName: athens-proxy-http-tls | ||||||
							
								
								
									
										118
									
								
								unittests/networkPolicies/default.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										118
									
								
								unittests/networkPolicies/default.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,118 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: NetworkPolicies template | ||||||
|  | release: | ||||||
|  |   name: athens-proxy-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/athens-proxy/networkPolicies.yaml | ||||||
|  | tests: | ||||||
|  | - it: Skip networkPolicies in general disabled. | ||||||
|  |   set: | ||||||
|  |     networkPolicies.enabled: false | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Skip networkPolicy 'default' when disabled. | ||||||
|  |   set: | ||||||
|  |     networkPolicies.enabled: true | ||||||
|  |     networkPolicies.default.enabled: false | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Loop over networkPolicies | ||||||
|  |   set: | ||||||
|  |     networkPolicies.enabled: true | ||||||
|  |     networkPolicies.default.enabled: false | ||||||
|  |     networkPolicies.nginx.enabled: true | ||||||
|  |     networkPolicies.prometheus.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 2 | ||||||
|  |  | ||||||
|  | - it: Template networkPolicy 'default' without policyTypes, egress and ingress configuration | ||||||
|  |   set: | ||||||
|  |     networkPolicies.enabled: true | ||||||
|  |     networkPolicies.default.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - containsDocument: | ||||||
|  |       apiVersion: networking.k8s.io/v1 | ||||||
|  |       kind: NetworkPolicy | ||||||
|  |       name: athens-proxy-unittest-default | ||||||
|  |       namespace: testing | ||||||
|  |   - notExists: | ||||||
|  |       path: metadata.annotations | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: athens-proxy-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: athens-proxy | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         helm.sh/chart: athens-proxy-0.1.0 | ||||||
|  |   - equal: | ||||||
|  |       path: spec.podSelector.matchLabels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: athens-proxy-unittest | ||||||
|  |         app.kubernetes.io/name: athens-proxy | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.policyTypes | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.egress | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.ingress | ||||||
|  |  | ||||||
|  | - it: Template networkPolicy 'default' with policyTypes, egress and ingress configuration | ||||||
|  |   set: | ||||||
|  |     networkPolicies.enabled: true | ||||||
|  |     networkPolicies.default.enabled: true | ||||||
|  |     networkPolicies.default.policyTypes: | ||||||
|  |     - Egress | ||||||
|  |     - Ingress | ||||||
|  |     networkPolicies.default.ingress: | ||||||
|  |     - from: | ||||||
|  |       - namespaceSelector: | ||||||
|  |           matchLabels: | ||||||
|  |             kubernetes.io/metadata.name: khv-production | ||||||
|  |         podSelector: | ||||||
|  |           matchLabels: | ||||||
|  |             app.kubernetes.io/name: prometheus | ||||||
|  |     networkPolicies.default.egress: | ||||||
|  |     - to: | ||||||
|  |       - namespaceSelector: | ||||||
|  |           matchLabels: | ||||||
|  |             kubernetes.io/metadata.name: database | ||||||
|  |         podSelector: | ||||||
|  |           matchLabels: | ||||||
|  |             app.kubernetes.io/name: oracle | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: spec.policyTypes | ||||||
|  |       value: | ||||||
|  |       - Egress | ||||||
|  |       - Ingress | ||||||
|  |   - equal: | ||||||
|  |       path: spec.egress | ||||||
|  |       value: | ||||||
|  |       - to: | ||||||
|  |         - namespaceSelector: | ||||||
|  |             matchLabels: | ||||||
|  |               kubernetes.io/metadata.name: database | ||||||
|  |           podSelector: | ||||||
|  |             matchLabels: | ||||||
|  |               app.kubernetes.io/name: oracle | ||||||
|  |   - equal: | ||||||
|  |       path: spec.ingress | ||||||
|  |       value: | ||||||
|  |       - from: | ||||||
|  |         - namespaceSelector: | ||||||
|  |             matchLabels: | ||||||
|  |               kubernetes.io/metadata.name: khv-production | ||||||
|  |           podSelector: | ||||||
|  |             matchLabels: | ||||||
|  |               app.kubernetes.io/name: prometheus | ||||||
							
								
								
									
										90
									
								
								unittests/persistentVolumeClaim/persistentVolumeClaim.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										90
									
								
								unittests/persistentVolumeClaim/persistentVolumeClaim.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,90 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: PersistentVolumeClaim template | ||||||
|  | release: | ||||||
|  |   name: athens-proxy-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/athens-proxy/persistentVolumeClaim.yaml | ||||||
|  | tests: | ||||||
|  | - it: Rendering default | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Rendering with enabled persistent storage | ||||||
|  |   set: | ||||||
|  |     persistence.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - containsDocument: | ||||||
|  |       apiVersion: v1 | ||||||
|  |       kind: PersistentVolumeClaim | ||||||
|  |       name: athens-proxy-unittest-data | ||||||
|  |       namespace: testing | ||||||
|  |   - notExists: | ||||||
|  |       path: metadata.annotations | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: athens-proxy-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: athens-proxy | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         helm.sh/chart: athens-proxy-0.1.0 | ||||||
|  |   - equal: | ||||||
|  |       path: spec.accessModes | ||||||
|  |       value: | ||||||
|  |       - ReadWriteMany | ||||||
|  |   - isSubset: | ||||||
|  |       path: spec.resources | ||||||
|  |       content: | ||||||
|  |         requests: | ||||||
|  |           storage: 5Gi | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.storageClassName | ||||||
|  |  | ||||||
|  | - it: Rendering with custom enabled persistent storage | ||||||
|  |   set: | ||||||
|  |     persistence.enabled: true | ||||||
|  |     persistence.data.persistentVolumeClaim.annotations: | ||||||
|  |       foo: bar | ||||||
|  |     persistence.data.persistentVolumeClaim.labels: | ||||||
|  |       bar: foo | ||||||
|  |     persistence.data.persistentVolumeClaim.storageClassName: my-storage-class | ||||||
|  |     persistence.data.persistentVolumeClaim.storageSize: 10Gi | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - containsDocument: | ||||||
|  |       apiVersion: v1 | ||||||
|  |       kind: PersistentVolumeClaim | ||||||
|  |       name: athens-proxy-unittest-data | ||||||
|  |       namespace: testing | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.annotations | ||||||
|  |       value: | ||||||
|  |         foo: bar | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: athens-proxy-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: athens-proxy | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         bar: foo | ||||||
|  |         helm.sh/chart: athens-proxy-0.1.0 | ||||||
|  |   - equal: | ||||||
|  |       path: spec.accessModes | ||||||
|  |       value: | ||||||
|  |       - ReadWriteMany | ||||||
|  |   - isSubset: | ||||||
|  |       path: spec.resources | ||||||
|  |       content: | ||||||
|  |         requests: | ||||||
|  |           storage: 10Gi | ||||||
|  |   - equal: | ||||||
|  |       path: spec.storageClassName | ||||||
|  |       value: my-storage-class | ||||||
							
								
								
									
										67
									
								
								unittests/secrets/env.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										67
									
								
								unittests/secrets/env.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,67 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: Secret environment variables | ||||||
|  | release: | ||||||
|  |   name: athens-proxy-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/athens-proxy/secretEnv.yaml | ||||||
|  | tests: | ||||||
|  | - it: Skip rendering by using existing secret. | ||||||
|  |   set: | ||||||
|  |     config.env.existingSecret.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Rendering env secret with default values. | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - containsDocument: | ||||||
|  |       apiVersion: v1 | ||||||
|  |       kind: Secret | ||||||
|  |       name: athens-proxy-unittest-env | ||||||
|  |       namespace: testing | ||||||
|  |   - notExists: | ||||||
|  |       path: metadata.annotations | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: athens-proxy-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: athens-proxy | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         helm.sh/chart: athens-proxy-0.1.0 | ||||||
|  |   - isNullOrEmpty: | ||||||
|  |       path: stringData | ||||||
|  |  | ||||||
|  | - it: Rendering env secret with custom values. | ||||||
|  |   set: | ||||||
|  |     config.env.secret.envs.ATHENS_GITHUB_TOKEN: my-secret-token | ||||||
|  |   asserts: | ||||||
|  |   - isSubset: | ||||||
|  |       path: stringData | ||||||
|  |       content: | ||||||
|  |         ATHENS_GITHUB_TOKEN: my-secret-token | ||||||
|  |  | ||||||
|  | - it: Rendering custom annotations and labels. | ||||||
|  |   set: | ||||||
|  |     config.env.secret.annotations: | ||||||
|  |       foo: bar | ||||||
|  |       bar: foo | ||||||
|  |     config.env.secret.labels: | ||||||
|  |       foo: bar | ||||||
|  |       bar: foo | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.annotations | ||||||
|  |       value: | ||||||
|  |         foo: bar | ||||||
|  |         bar: foo | ||||||
|  |   - isSubset: | ||||||
|  |       path: metadata.labels | ||||||
|  |       content: | ||||||
|  |         foo: bar | ||||||
|  |         bar: foo | ||||||
							
								
								
									
										93
									
								
								unittests/secrets/netrc.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										93
									
								
								unittests/secrets/netrc.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,93 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: Secret netrc template | ||||||
|  | release: | ||||||
|  |   name: athens-proxy-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/athens-proxy/secretNetRC.yaml | ||||||
|  | tests: | ||||||
|  | - it: Skip rendering by default | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Skip rendering by using existing secret. | ||||||
|  |   set: | ||||||
|  |     config.netrc.enabled: true | ||||||
|  |     config.netrc.existingSecret.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Rendering netrc secret with default values. | ||||||
|  |   set: | ||||||
|  |     config.netrc.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - containsDocument: | ||||||
|  |       apiVersion: v1 | ||||||
|  |       kind: Secret | ||||||
|  |       name: athens-proxy-unittest-netrc | ||||||
|  |       namespace: testing | ||||||
|  |   - notExists: | ||||||
|  |       path: metadata.annotations | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: athens-proxy-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: athens-proxy | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         helm.sh/chart: athens-proxy-0.1.0 | ||||||
|  |   - equal: | ||||||
|  |       path: stringData[".netrc"] | ||||||
|  |       value: | | ||||||
|  |         # The .netrc file | ||||||
|  |         # | ||||||
|  |         # The .netrc file contains login and initialization information used by the auto-login process. It generally | ||||||
|  |         # resides in the user's home directory, but a location outside of the home directory can be set using the | ||||||
|  |         # environment variable NETRC. Both locations are overridden by the command line option -N. The selected file | ||||||
|  |         # must be a regular file, or access will be denied. | ||||||
|  |         # | ||||||
|  |         # https://www.gnu.org/software/inetutils/manual/html_node/The-_002enetrc-file.html | ||||||
|  |         # | ||||||
|  |         # default login           [name]     password  [password/token] | ||||||
|  |         # machine github.com      [octocat]  password  [PAT] | ||||||
|  |         # machine api.github.com  [octocat]  password  [PAT] | ||||||
|  |  | ||||||
|  | - it: Rendering netrc secret with custom values. | ||||||
|  |   set: | ||||||
|  |     config.netrc.enabled: true | ||||||
|  |     config.netrc.secret.content: | | ||||||
|  |       default github.com hugo password kinnock | ||||||
|  |       default api.github.com hugo password kinnock | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: stringData[".netrc"] | ||||||
|  |       value: | | ||||||
|  |         default github.com hugo password kinnock | ||||||
|  |         default api.github.com hugo password kinnock | ||||||
|  |  | ||||||
|  | - it: Rendering custom annotations and labels. | ||||||
|  |   set: | ||||||
|  |     config.netrc.enabled: true | ||||||
|  |     config.netrc.secret.annotations: | ||||||
|  |       foo: bar | ||||||
|  |       bar: foo | ||||||
|  |     config.netrc.secret.labels: | ||||||
|  |       foo: bar | ||||||
|  |       bar: foo | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.annotations | ||||||
|  |       value: | ||||||
|  |         foo: bar | ||||||
|  |         bar: foo | ||||||
|  |   - isSubset: | ||||||
|  |       path: metadata.labels | ||||||
|  |       content: | ||||||
|  |         foo: bar | ||||||
|  |         bar: foo | ||||||
							
								
								
									
										109
									
								
								unittests/secrets/ssh.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										109
									
								
								unittests/secrets/ssh.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,109 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: Secret ssh template | ||||||
|  | release: | ||||||
|  |   name: athens-proxy-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/athens-proxy/secretSSH.yaml | ||||||
|  | tests: | ||||||
|  | - it: Skip rendering by using existing secret. | ||||||
|  |   set: | ||||||
|  |     config.ssh.existingSecret.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Rendering ssh secret with default values. | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - containsDocument: | ||||||
|  |       apiVersion: v1 | ||||||
|  |       kind: Secret | ||||||
|  |       name: athens-proxy-unittest-ssh | ||||||
|  |       namespace: testing | ||||||
|  |   - notExists: | ||||||
|  |       path: metadata.annotations | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: athens-proxy-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: athens-proxy | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         helm.sh/chart: athens-proxy-0.1.0 | ||||||
|  |   - equal: | ||||||
|  |       path: stringData.config | ||||||
|  |       value: | | ||||||
|  |         # Host * | ||||||
|  |         #   IdentityFile ~/.ssh/id_ed25519 | ||||||
|  |         #   IdentityFile ~/.ssh/id_rsa | ||||||
|  |   - notExists: | ||||||
|  |       path: stringData.id_ed25519 | ||||||
|  |   - notExists: | ||||||
|  |       path: stringData["id_ed25519.pub"] | ||||||
|  |   - notExists: | ||||||
|  |       path: stringData.id_rsa | ||||||
|  |   - notExists: | ||||||
|  |       path: stringData["id_rsa.pub"] | ||||||
|  |  | ||||||
|  | - it: Rendering ssh secret with custom values. | ||||||
|  |   set: | ||||||
|  |     config.ssh.secret.config: | | ||||||
|  |       Host * | ||||||
|  |         IdentityFile ~/.ssh/id_ed25519 | ||||||
|  |         IdentityFile ~/.ssh/id_rsa | ||||||
|  |     config.ssh.secret.id_ed25519: | | ||||||
|  |       my-private-25519-key | ||||||
|  |     config.ssh.secret.id_ed25519_pub: | | ||||||
|  |       my-public-25519-key | ||||||
|  |     config.ssh.secret.id_rsa: | | ||||||
|  |       my-private-rsa-key | ||||||
|  |     config.ssh.secret.id_rsa_pub: | | ||||||
|  |       my-public-rsa-key | ||||||
|  |  | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: stringData.config | ||||||
|  |       value: | | ||||||
|  |         Host * | ||||||
|  |           IdentityFile ~/.ssh/id_ed25519 | ||||||
|  |           IdentityFile ~/.ssh/id_rsa | ||||||
|  |   - equal: | ||||||
|  |       path: stringData.id_ed25519 | ||||||
|  |       value: | | ||||||
|  |         my-private-25519-key | ||||||
|  |   - equal: | ||||||
|  |       path: stringData["id_ed25519.pub"] | ||||||
|  |       value: | | ||||||
|  |         my-public-25519-key | ||||||
|  |   - equal: | ||||||
|  |       path: stringData.id_rsa | ||||||
|  |       value: | | ||||||
|  |         my-private-rsa-key | ||||||
|  |   - equal: | ||||||
|  |       path: stringData["id_rsa.pub"] | ||||||
|  |       value: | | ||||||
|  |         my-public-rsa-key | ||||||
|  |  | ||||||
|  | - it: Rendering custom annotations and labels. | ||||||
|  |   set: | ||||||
|  |     config.ssh.secret.annotations: | ||||||
|  |       foo: bar | ||||||
|  |       bar: foo | ||||||
|  |     config.ssh.secret.labels: | ||||||
|  |       foo: bar | ||||||
|  |       bar: foo | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.annotations | ||||||
|  |       value: | ||||||
|  |         foo: bar | ||||||
|  |         bar: foo | ||||||
|  |   - isSubset: | ||||||
|  |       path: metadata.labels | ||||||
|  |       content: | ||||||
|  |         foo: bar | ||||||
|  |         bar: foo | ||||||
							
								
								
									
										79
									
								
								unittests/serviceAccounts/serviceAccount.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										79
									
								
								unittests/serviceAccounts/serviceAccount.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,79 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: ServiceAccount athens-proxy template | ||||||
|  | release: | ||||||
|  |   name: athens-proxy-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/athens-proxy/serviceAccount.yaml | ||||||
|  | tests: | ||||||
|  | - it: Skip rendering. | ||||||
|  |   set: | ||||||
|  |     serviceAccount.existing.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Rendering serviceAccount with default values. | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - containsDocument: | ||||||
|  |       apiVersion: v1 | ||||||
|  |       kind: ServiceAccount | ||||||
|  |       name: athens-proxy-unittest | ||||||
|  |       namespace: testing | ||||||
|  |   - notExists: | ||||||
|  |       path: metadata.annotations | ||||||
|  |   - notExists: | ||||||
|  |       path: metadata.labels | ||||||
|  |   - equal: | ||||||
|  |       path: automountServiceAccountToken | ||||||
|  |       value: true | ||||||
|  |   - notExists: | ||||||
|  |       path: imagePullSecrets | ||||||
|  |   - notExists: | ||||||
|  |       path: secrets | ||||||
|  |  | ||||||
|  |  | ||||||
|  | - it: Rendering serviceAccount with custom values. | ||||||
|  |   set: | ||||||
|  |     serviceAccount.new.annotations: | ||||||
|  |       foo: bar | ||||||
|  |     serviceAccount.new.labels: | ||||||
|  |       bar: foo | ||||||
|  |     serviceAccount.new.automountServiceAccountToken: false | ||||||
|  |     serviceAccount.new.imagePullSecrets: | ||||||
|  |     - name: "my-pull-secret" | ||||||
|  |     serviceAccount.new.secrets: | ||||||
|  |     - name: "my-secret" | ||||||
|  |       namespace: "my-namespace" | ||||||
|  |       fieldPath: "my-path" | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.annotations | ||||||
|  |       value: | ||||||
|  |         foo: bar | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         bar: foo | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.name | ||||||
|  |       value: athens-proxy-unittest | ||||||
|  |   - equal: | ||||||
|  |       path: automountServiceAccountToken | ||||||
|  |       value: false | ||||||
|  |   - equal: | ||||||
|  |       path: imagePullSecrets | ||||||
|  |       value: | ||||||
|  |         - name: "my-pull-secret" | ||||||
|  |   - equal: | ||||||
|  |       path: secrets | ||||||
|  |       value: | ||||||
|  |       - name: "my-secret" | ||||||
|  |         namespace: "my-namespace" | ||||||
|  |         fieldPath: "my-path" | ||||||
							
								
								
									
										174
									
								
								unittests/services/http.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										174
									
								
								unittests/services/http.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,174 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: Service http template | ||||||
|  | release: | ||||||
|  |   name: athens-proxy-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/athens-proxy/serviceHTTP.yaml | ||||||
|  | tests: | ||||||
|  | - it: Skip service when disabled. | ||||||
|  |   set: | ||||||
|  |     services.http.enabled: false | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Rendering service with default values. | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - containsDocument: | ||||||
|  |       apiVersion: v1 | ||||||
|  |       kind: Service | ||||||
|  |       name: athens-proxy-unittest-http | ||||||
|  |       namespace: testing | ||||||
|  |   - notExists: | ||||||
|  |       path: metadata.annotations | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: athens-proxy-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: athens-proxy | ||||||
|  |         app.kubernetes.io/service-name: http | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         helm.sh/chart: athens-proxy-0.1.0 | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.externalIPs | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.externalTrafficPolicy | ||||||
|  |   - equal: | ||||||
|  |       path: spec.internalTrafficPolicy | ||||||
|  |       value: Cluster | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.ipFamilies | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.loadBalancerClass | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.loadBalancerIP | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.loadBalancerSourceRanges | ||||||
|  |   - equal: | ||||||
|  |       path: spec.ports[0].name | ||||||
|  |       value: http | ||||||
|  |   - equal: | ||||||
|  |       path: spec.ports[0].protocol | ||||||
|  |       value: TCP | ||||||
|  |   - equal: | ||||||
|  |       path: spec.ports[0].port | ||||||
|  |       value: 3000 | ||||||
|  |   - equal: | ||||||
|  |       path: spec.selector | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: athens-proxy-unittest | ||||||
|  |         app.kubernetes.io/name: athens-proxy | ||||||
|  |   - equal: | ||||||
|  |       path: spec.sessionAffinity | ||||||
|  |       value: None | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.sessionAffinityConfig | ||||||
|  |   - equal: | ||||||
|  |       path: spec.type | ||||||
|  |       value: ClusterIP | ||||||
|  |  | ||||||
|  | - it: Require internalTrafficPolicy. | ||||||
|  |   set: | ||||||
|  |     services.http.internalTrafficPolicy: "" | ||||||
|  |   asserts: | ||||||
|  |   - failedTemplate: | ||||||
|  |       errorMessage: No internal traffic policy defined! | ||||||
|  |  | ||||||
|  | - it: Require port. | ||||||
|  |   set: | ||||||
|  |     services.http.port: "" | ||||||
|  |   asserts: | ||||||
|  |   - failedTemplate: | ||||||
|  |       errorMessage: No service port defined! | ||||||
|  |  | ||||||
|  | - it: Require sessionAffinity. | ||||||
|  |   set: | ||||||
|  |     services.http.sessionAffinity: "" | ||||||
|  |   asserts: | ||||||
|  |   - failedTemplate: | ||||||
|  |       errorMessage: No session affinity defined! | ||||||
|  |  | ||||||
|  | - it: Require service type. | ||||||
|  |   set: | ||||||
|  |     services.http.type: "" | ||||||
|  |   asserts: | ||||||
|  |   - failedTemplate: | ||||||
|  |       errorMessage: No service type defined! | ||||||
|  |  | ||||||
|  | - it: Render service with custom annotations and labels. | ||||||
|  |   set: | ||||||
|  |     services.http.annotations: | ||||||
|  |       foo: bar | ||||||
|  |     services.http.labels: | ||||||
|  |       bar: foo | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.annotations | ||||||
|  |       value: | ||||||
|  |         foo: bar | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: athens-proxy-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: athens-proxy | ||||||
|  |         app.kubernetes.io/service-name: http | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         helm.sh/chart: athens-proxy-0.1.0 | ||||||
|  |         bar: foo | ||||||
|  |  | ||||||
|  | - it: Change defaults | ||||||
|  |   set: | ||||||
|  |     services.http.externalIPs: | ||||||
|  |     - "10.11.12.13/32" | ||||||
|  |     services.http.externalTrafficPolicy: Local | ||||||
|  |     services.http.internalTrafficPolicy: Local | ||||||
|  |     services.http.ipFamilies: | ||||||
|  |     - IPv4 | ||||||
|  |     services.http.loadBalancerClass: aws | ||||||
|  |     services.http.loadBalancerIP: "11.12.13.14" | ||||||
|  |     services.http.loadBalancerSourceRanges: | ||||||
|  |     - "11.12.0.0/17" | ||||||
|  |     services.http.port: 10443 | ||||||
|  |     services.http.sessionAffinity: ClientIP | ||||||
|  |     services.http.type: LoadBalancer | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: spec.externalIPs | ||||||
|  |       value: | ||||||
|  |       - 10.11.12.13/32 | ||||||
|  |   - equal: | ||||||
|  |       path: spec.externalTrafficPolicy | ||||||
|  |       value: Local | ||||||
|  |   - equal: | ||||||
|  |       path: spec.internalTrafficPolicy | ||||||
|  |       value: Local | ||||||
|  |   - equal: | ||||||
|  |       path: spec.ipFamilies | ||||||
|  |       value: | ||||||
|  |       - IPv4 | ||||||
|  |   - equal: | ||||||
|  |       path: spec.loadBalancerClass | ||||||
|  |       value: aws | ||||||
|  |   - equal: | ||||||
|  |       path: spec.loadBalancerIP | ||||||
|  |       value: "11.12.13.14" | ||||||
|  |   - equal: | ||||||
|  |       path: spec.loadBalancerSourceRanges | ||||||
|  |       value: | ||||||
|  |       - "11.12.0.0/17" | ||||||
|  |   - equal: | ||||||
|  |       path: spec.ports[0].port | ||||||
|  |       value: 10443 | ||||||
|  |   - equal: | ||||||
|  |       path: spec.sessionAffinity | ||||||
|  |       value: ClientIP | ||||||
|  |   - equal: | ||||||
|  |       path: spec.type | ||||||
|  |       value: LoadBalancer | ||||||
							
								
								
									
										769
									
								
								values.yaml
									
									
									
									
									
								
							
							
						
						
									
										769
									
								
								values.yaml
									
									
									
									
									
								
							| @@ -1,187 +1,626 @@ | |||||||
| affinity: {} | # Declare variables to be passed into your templates. | ||||||
|  | ## @section Global | ||||||
| image: | ## @param nameOverride Individual release name suffix. | ||||||
|   repository: docker.io/gomods/athens | ## @param fullnameOverride Override the complete release name logic. | ||||||
|   pullPolicy: IfNotPresent |  | ||||||
|   # Overrides the image tag whose default is the chart appVersion. |  | ||||||
|   tag: "" |  | ||||||
|  |  | ||||||
| imagePullSecrets: [] |  | ||||||
| nameOverride: "" | nameOverride: "" | ||||||
| fullnameOverride: "" | fullnameOverride: "" | ||||||
|  |  | ||||||
| podAnnotations: {} | ## @section Configuration | ||||||
|  | config: | ||||||
|  |   env: | ||||||
|  |     ## @param config.env.existingSecret.enabled Mount an existing secret containing the application specific environment variables. | ||||||
|  |     ## @param config.env.existingSecret.secretName Name of the existing secret containing the application specific environment variables. | ||||||
|  |     existingSecret: | ||||||
|  |       enabled: false | ||||||
|  |       secretName: "" | ||||||
|  |  | ||||||
| podPriorityClassName: "" |     ## @param config.env.secret.annotations Additional annotations of the secret containing the database credentials. | ||||||
|  |     ## @param config.env.secret.labels Additional labels of the secret containing the database credentials. | ||||||
|  |     ## @param config.env.secret.envs List of environment variables stored in a secret and mounted into the container. | ||||||
|  |     secret: | ||||||
|  |       annotations: {} | ||||||
|  |       labels: {} | ||||||
|  |       envs: {} | ||||||
|  |         # ATHENS_AZURE_ACCOUNT_KEY: | ||||||
|  |         # ATHENS_AZURE_ACCOUNT_NAME: | ||||||
|  |         # ATHENS_AZURE_CONTAINER_NAME: | ||||||
|  |         # ATHENS_CLOUD_RUNTIME: | ||||||
|  |         # ATHENS_DOWNLOAD_URL: | ||||||
|  |         # ATHENS_ETCD_ENDPOINTS: | ||||||
|  |         # ATHENS_EXTERNAL_STORAGE_URL: | ||||||
|  |         # ATHENS_FILTER_FILE: | ||||||
|  |         # ATHENS_GITHUB_TOKEN: | ||||||
|  |         # ATHENS_GLOBAL_ENDPOINT: | ||||||
|  |         # ATHENS_GO_BINARY_ENV_VARS: | ||||||
|  |         # ATHENS_GOGET_DIR: | ||||||
|  |         # ATHENS_GOGET_WORKERS: | ||||||
|  |         # ATHENS_GONOSUM_PATTERNS: | ||||||
|  |         # ATHENS_HGRC_PATH: | ||||||
|  |         # ATHENS_INDEX_MYSQL_DATABASE: | ||||||
|  |         # ATHENS_INDEX_MYSQL_HOST: | ||||||
|  |         # ATHENS_INDEX_MYSQL_PARAMS: | ||||||
|  |         # ATHENS_INDEX_MYSQL_PASSWORD: | ||||||
|  |         # ATHENS_INDEX_MYSQL_PORT: | ||||||
|  |         # ATHENS_INDEX_MYSQL_PROTOCOL: | ||||||
|  |         # ATHENS_INDEX_MYSQL_USER: | ||||||
|  |         # ATHENS_INDEX_POSTGRES_DATABASE: | ||||||
|  |         # ATHENS_INDEX_POSTGRES_HOST: | ||||||
|  |         # ATHENS_INDEX_POSTGRES_PARAMS: | ||||||
|  |         # ATHENS_INDEX_POSTGRES_PASSWORD: | ||||||
|  |         # ATHENS_INDEX_POSTGRES_PORT: | ||||||
|  |         # ATHENS_INDEX_POSTGRES_USER: | ||||||
|  |         # ATHENS_INDEX_TYPE: | ||||||
|  |         # ATHENS_LOG_LEVEL: | ||||||
|  |         # ATHENS_MINIO_ACCESS_KEY_ID: | ||||||
|  |         # ATHENS_MINIO_BUCKET_NAME: | ||||||
|  |         # ATHENS_MINIO_ENDPOINT: | ||||||
|  |         # ATHENS_MINIO_REGION: | ||||||
|  |         # ATHENS_MINIO_SECRET_ACCESS_KEY: | ||||||
|  |         # ATHENS_MINIO_USE_SSL: | ||||||
|  |         # ATHENS_MONGO_CERT_PATH: | ||||||
|  |         # ATHENS_MONGO_DEFAULT_DATABASE: | ||||||
|  |         # ATHENS_MONGO_INSECURE: | ||||||
|  |         # ATHENS_MONGO_STORAGE_URL: | ||||||
|  |         # ATHENS_PATH_PREFIX: | ||||||
|  |         # ATHENS_PORT: | ||||||
|  |         # ATHENS_PROTOCOL_WORKERS: | ||||||
|  |         # ATHENS_PROXY_VALIDATOR: | ||||||
|  |         # ATHENS_REDIS_ENDPOINT: | ||||||
|  |         # ATHENS_REDIS_PASSWORD: | ||||||
|  |         # ATHENS_REDIS_SENTINEL_ENDPOINTS: | ||||||
|  |         # ATHENS_ROBOTS_FILE: | ||||||
|  |         # ATHENS_SINGLE_FLIGHT_TYPE: | ||||||
|  |         # ATHENS_STATS_EXPORTER: | ||||||
|  |         # ATHENS_STORAGE_GCP_BUCKET: | ||||||
|  |         # ATHENS_STORAGE_GCP_JSON_KEY: | ||||||
|  |         # ATHENS_SUM_DBS: | ||||||
|  |         # ATHENS_TIMEOUT: | ||||||
|  |         # ATHENS_TLSCERT_FILE: | ||||||
|  |         # ATHENS_TLSKEY_FILE: | ||||||
|  |         # ATHENS_TRACE_EXPORTER_URL: | ||||||
|  |         # ATHENS_TRACE_EXPORTER: | ||||||
|  |         # AWS_ACCESS_KEY_ID: | ||||||
|  |         # AWS_ENDPOINT: | ||||||
|  |         # AWS_FORCE_PATH_STYLE: | ||||||
|  |         # AWS_REGION: | ||||||
|  |         # AWS_SECRET_ACCESS_KEY: | ||||||
|  |         # AWS_SESSION_TOKEN: | ||||||
|  |         # BASIC_AUTH_PASS: | ||||||
|  |         # BASIC_AUTH_USER: | ||||||
|  |         # CDN_ENDPOINT: | ||||||
|  |         # GO_BINARY_PATH: | ||||||
|  |         # GO_ENV: | ||||||
|  |         # GOOGLE_CLOUD_PROJECT: | ||||||
|  |         # MY_S3_BUCKET_NAME: | ||||||
|  |         # PROXY_FORCE_SSL: | ||||||
|  |  | ||||||
| podSecurityContext: {} |   downloadMode: | ||||||
|   # fsGroup: 2000 |     ## @param config.downloadMode.enabled Enable mounting of a download mode file into the container file system. If enabled, the env `ATHENS_DOWNLOAD_MODE` will automatically be defined. | ||||||
|  |     enabled: false | ||||||
|  |  | ||||||
| securityContext: {} |     ## @param config.downloadMode.existingConfigMap.enabled Enable to use an external config map for mounting the download mode file. | ||||||
|   # capabilities: |     ## @param config.downloadMode.existingConfigMap.configMapName The name of the existing config map which should be used to mount the download mode file. | ||||||
|   #   drop: |     ## @param config.downloadMode.existingConfigMap.downloadModeKey The name of the key inside the config map where the content of the download mode file is stored. | ||||||
|   #   - ALL |     existingConfigMap: | ||||||
|   # readOnlyRootFilesystem: true |       enabled: false | ||||||
|   # runAsNonRoot: true |       configMapName: "" | ||||||
|   # runAsUser: 1000 |       downloadModeKey: "downloadMode" | ||||||
|  |  | ||||||
| config: {} |     ## @param config.downloadMode.configMap.annotations Additional annotations of the config map containing the download mode file. | ||||||
|   # ATHENS_AZURE_ACCOUNT_KEY: |     ## @param config.downloadMode.configMap.labels Additional labels of the config map containing the download mode file. | ||||||
|   # ATHENS_AZURE_ACCOUNT_NAME: |     ## @param config.downloadMode.configMap.content The content of the download mode file. | ||||||
|   # ATHENS_AZURE_CONTAINER_NAME: |     configMap: | ||||||
|   # ATHENS_CLOUD_RUNTIME: |       annotations: {} | ||||||
|   # ATHENS_DOWNLOAD_MODE: |       labels: {} | ||||||
|   # ATHENS_DOWNLOAD_URL: |       content: | | ||||||
|   # ATHENS_ETCD_ENDPOINTS: |         # downloadURL = "https://proxy.golang.org" | ||||||
|   # ATHENS_EXTERNAL_STORAGE_URL: |         # | ||||||
|   # ATHENS_FILTER_FILE: |         # mode = "async_redirect" | ||||||
|   # ATHENS_GITHUB_TOKEN: |         # | ||||||
|   # ATHENS_GLOBAL_ENDPOINT: |         # download "github.com/gomods/*" { | ||||||
|   # ATHENS_GO_BINARY_ENV_VARS: |         #     mode = "sync" | ||||||
|   # ATHENS_GOGET_DIR: |         # } | ||||||
|   # ATHENS_GOGET_WORKERS: |         # | ||||||
|   # ATHENS_GONOSUM_PATTERNS: |         # download "golang.org/x/*" { | ||||||
|   # ATHENS_HGRC_PATH: |         #     mode = "none" | ||||||
|   # ATHENS_INDEX_MYSQL_DATABASE: |         # } | ||||||
|   # ATHENS_INDEX_MYSQL_HOST: |         # | ||||||
|   # ATHENS_INDEX_MYSQL_PARAMS: |         # download "github.com/pkg/*" { | ||||||
|   # ATHENS_INDEX_MYSQL_PASSWORD: |         #     mode = "redirect" | ||||||
|   # ATHENS_INDEX_MYSQL_PORT: |         #     downloadURL = "https://gocenter.io" | ||||||
|   # ATHENS_INDEX_MYSQL_PROTOCOL: |         # } | ||||||
|   # ATHENS_INDEX_MYSQL_USER: |  | ||||||
|   # ATHENS_INDEX_POSTGRES_DATABASE: |  | ||||||
|   # ATHENS_INDEX_POSTGRES_HOST: |  | ||||||
|   # ATHENS_INDEX_POSTGRES_PARAMS: |  | ||||||
|   # ATHENS_INDEX_POSTGRES_PASSWORD: |  | ||||||
|   # ATHENS_INDEX_POSTGRES_PORT: |  | ||||||
|   # ATHENS_INDEX_POSTGRES_USER: |  | ||||||
|   # ATHENS_INDEX_TYPE: |  | ||||||
|   # ATHENS_LOG_LEVEL: |  | ||||||
|   # ATHENS_MINIO_ACCESS_KEY_ID: |  | ||||||
|   # ATHENS_MINIO_BUCKET_NAME: |  | ||||||
|   # ATHENS_MINIO_ENDPOINT: |  | ||||||
|   # ATHENS_MINIO_REGION: |  | ||||||
|   # ATHENS_MINIO_SECRET_ACCESS_KEY: |  | ||||||
|   # ATHENS_MINIO_USE_SSL: |  | ||||||
|   # ATHENS_MONGO_CERT_PATH: |  | ||||||
|   # ATHENS_MONGO_DEFAULT_DATABASE: |  | ||||||
|   # ATHENS_MONGO_INSECURE: |  | ||||||
|   # ATHENS_MONGO_STORAGE_URL: |  | ||||||
|   # ATHENS_NETRC_PATH: |  | ||||||
|   # ATHENS_PATH_PREFIX: |  | ||||||
|   # ATHENS_PORT: |  | ||||||
|   # ATHENS_PROTOCOL_WORKERS: |  | ||||||
|   # ATHENS_PROXY_VALIDATOR: |  | ||||||
|   # ATHENS_REDIS_ENDPOINT: |  | ||||||
|   # ATHENS_REDIS_PASSWORD: |  | ||||||
|   # ATHENS_REDIS_SENTINEL_ENDPOINTS: |  | ||||||
|   # ATHENS_ROBOTS_FILE: |  | ||||||
|   # ATHENS_SINGLE_FLIGHT_TYPE: |  | ||||||
|   # ATHENS_STATS_EXPORTER: |  | ||||||
|   # ATHENS_STORAGE_GCP_BUCKET: |  | ||||||
|   # ATHENS_STORAGE_GCP_JSON_KEY: |  | ||||||
|   # ATHENS_STORAGE_TYPE: |  | ||||||
|   # ATHENS_SUM_DBS: |  | ||||||
|   # ATHENS_TIMEOUT: |  | ||||||
|   # ATHENS_TLSCERT_FILE: |  | ||||||
|   # ATHENS_TLSKEY_FILE: |  | ||||||
|   # ATHENS_TRACE_EXPORTER_URL: |  | ||||||
|   # ATHENS_TRACE_EXPORTER: |  | ||||||
|   # AWS_ACCESS_KEY_ID: |  | ||||||
|   # AWS_ENDPOINT: |  | ||||||
|   # AWS_FORCE_PATH_STYLE: |  | ||||||
|   # AWS_REGION: |  | ||||||
|   # AWS_SECRET_ACCESS_KEY: |  | ||||||
|   # AWS_SESSION_TOKEN: |  | ||||||
|   # BASIC_AUTH_PASS: |  | ||||||
|   # BASIC_AUTH_USER: |  | ||||||
|   # CDN_ENDPOINT: |  | ||||||
|   # GO_BINARY_PATH: |  | ||||||
|   # GO_ENV: |  | ||||||
|   # GOOGLE_CLOUD_PROJECT: |  | ||||||
|   # MY_S3_BUCKET_NAME: |  | ||||||
|   # PROXY_FORCE_SSL: |  | ||||||
|  |  | ||||||
| replicaCount: 1 |   gitConfig: | ||||||
|  |     ## @param config.gitConfig.enabled Enable mounting of a .gitconfig file into the container file system. | ||||||
|  |     enabled: false | ||||||
|  |  | ||||||
| serviceAccount: |     ## @param config.gitConfig.existingConfigMap.enabled Enable to use an external config map for mounting the .gitconfig file. | ||||||
|  |     ## @param config.gitConfig.existingConfigMap.configMapName The name of the existing config map which should be used to mount the .gitconfig file. | ||||||
|  |     ## @param config.gitConfig.existingConfigMap.gitConfigKey The name of the key inside the config map where the content of the .gitconfig file is stored. | ||||||
|  |     existingConfigMap: | ||||||
|  |       enabled: false | ||||||
|  |       configMapName: "" | ||||||
|  |       gitConfigKey: | ||||||
|  |  | ||||||
|  |     ## @param config.gitConfig.configMap.annotations Additional annotations of the config map containing the .gitconfig file. | ||||||
|  |     ## @param config.gitConfig.configMap.labels Additional labels of the config map containing the .gitconfig file. | ||||||
|  |     ## @param config.gitConfig.configMap.content The content of the .gitconfig file. | ||||||
|  |     configMap: | ||||||
|  |       annotations: {} | ||||||
|  |       labels: {} | ||||||
|  |       content: | | ||||||
|  |         # The .gitconfig file | ||||||
|  |         # | ||||||
|  |         # The .gitconfig file contains the user specific git configuration. It generally resides in the user's home | ||||||
|  |         # directory. | ||||||
|  |         # | ||||||
|  |         # [url "git@github.com:"] insteadOf = https://github.com/ | ||||||
|  |  | ||||||
|  |   netrc: | ||||||
|  |     ## @param config.netrc.enabled Enable mounting of a .netrc file into the container file system. | ||||||
|  |     enabled: false | ||||||
|  |  | ||||||
|  |     ## @param config.netrc.existingSecret.enabled Enable to use an external secret for mounting the .netrc file. | ||||||
|  |     ## @param config.netrc.existingSecret.secretName The name of the existing secret which should be used to mount the .netrc file. | ||||||
|  |     ## @param config.netrc.existingSecret.netrcKey The name of the key inside the secret where the content of the .netrc file is stored. | ||||||
|  |     existingSecret: | ||||||
|  |       enabled: false | ||||||
|  |       secretName: "" | ||||||
|  |       netrcKey: ".netrc" | ||||||
|  |  | ||||||
|  |     ## @param config.netrc.secret.annotations Additional annotations of the secret containing the database credentials. | ||||||
|  |     ## @param config.netrc.secret.labels Additional labels of the secret containing the database credentials. | ||||||
|  |     ## @param config.netrc.secret.content The content of the .netrc file. | ||||||
|  |     secret: | ||||||
|  |       annotations: {} | ||||||
|  |       labels: {} | ||||||
|  |       content: | | ||||||
|  |         # The .netrc file | ||||||
|  |         # | ||||||
|  |         # The .netrc file contains login and initialization information used by the auto-login process. It generally | ||||||
|  |         # resides in the user's home directory, but a location outside of the home directory can be set using the | ||||||
|  |         # environment variable NETRC. Both locations are overridden by the command line option -N. The selected file | ||||||
|  |         # must be a regular file, or access will be denied. | ||||||
|  |         # | ||||||
|  |         # https://www.gnu.org/software/inetutils/manual/html_node/The-_002enetrc-file.html | ||||||
|  |         # | ||||||
|  |         # default login           [name]     password  [password/token] | ||||||
|  |         # machine github.com      [octocat]  password  [PAT] | ||||||
|  |         # machine api.github.com  [octocat]  password  [PAT] | ||||||
|  |  | ||||||
|  |   ssh: | ||||||
|  |     ## @param config.ssh.enabled Enable mounting of a .netrc file into the container file system. | ||||||
|  |     enabled: false | ||||||
|  |  | ||||||
|  |     ## @param config.ssh.existingSecret.enabled Enable to use an external secret for mounting the public and private SSH key files. | ||||||
|  |     ## @param config.ssh.existingSecret.secretName The name of the existing secret which should be used to mount the public and private SSH key files. | ||||||
|  |     ## @param config.ssh.existingSecret.configKey The name of the key inside the secret where the content of the SSH client config file is stored. | ||||||
|  |     ## @param config.ssh.existingSecret.id_ed25519Key The name of the key inside the secret where the content of the id_ed25519 key file is stored. | ||||||
|  |     ## @param config.ssh.existingSecret.id_ed25519PubKey The name of the key inside the secret where the content of the id_ed25519.pub key file is stored. | ||||||
|  |     ## @param config.ssh.existingSecret.id_rsaKey The name of the key inside the secret where the content of the id_rsa key file is stored. | ||||||
|  |     ## @param config.ssh.existingSecret.id_rsaPubKey The name of the key inside the secret where the content of the id_ed25519.pub key file is stored. | ||||||
|  |     existingSecret: | ||||||
|  |       enabled: false | ||||||
|  |       secretName: "" | ||||||
|  |       configKey: "config" | ||||||
|  |       id_ed25519Key: "id_ed25519" | ||||||
|  |       id_ed25519PubKey: "id_ed25519.pub" | ||||||
|  |       id_rsaKey: "id_rsa" | ||||||
|  |       id_rsaPubKey: "id_rsa.pub" | ||||||
|  |  | ||||||
|  |     ## @param config.ssh.secret.annotations Additional annotations of the secret containing the public and private SSH key files. | ||||||
|  |     ## @param config.ssh.secret.labels Additional labels of the secret containing the public and private SSH key files. | ||||||
|  |     ## @param config.ssh.secret.config The content of the SSH client config file. | ||||||
|  |     ## @skip config.ssh.secret.id_ed25519 The content of the private SSH ed25519 key. | ||||||
|  |     ## @skip config.ssh.secret.id_ed25519_pub The content of the public SSH ed25519 key. | ||||||
|  |     ## @skip config.ssh.secret.id_rsa The content of the private SSH RSA key. | ||||||
|  |     ## @skip config.ssh.secret.id_rsa_pub The content of the public SSH RSA key. | ||||||
|  |     secret: | ||||||
|  |       annotations: {} | ||||||
|  |       labels: {} | ||||||
|  |       config: | | ||||||
|  |         # Host * | ||||||
|  |         #   IdentityFile ~/.ssh/id_ed25519 | ||||||
|  |         #   IdentityFile ~/.ssh/id_rsa | ||||||
|  |       id_ed25519: "" | ||||||
|  |       id_ed25519_pub: "" | ||||||
|  |       id_rsa: "" | ||||||
|  |       id_rsa_pub: "" | ||||||
|  |  | ||||||
|  | ## @section Deployment | ||||||
|  | deployment: | ||||||
|  |   ## @param deployment.annotations Additional deployment annotations. | ||||||
|  |   ## @param deployment.labels Additional deployment labels. | ||||||
|   annotations: {} |   annotations: {} | ||||||
|  |   labels: {} | ||||||
|  |  | ||||||
| service: |   ## @param deployment.additionalContainers List of additional containers. | ||||||
|  |   additionalContainers: [] | ||||||
|  |   # - command: [ "sh", "-c", "echo hello world" ] | ||||||
|  |   #   image: "docker.io/library/busybox:latest" | ||||||
|  |   #   name: side-car | ||||||
|  |  | ||||||
|  |   ## @param deployment.affinity Affinity for the athens-proxy deployment. | ||||||
|  |   affinity: {} | ||||||
|  |     # nodeAffinity: | ||||||
|  |     #   requiredDuringSchedulingIgnoredDuringExecution: | ||||||
|  |     #     nodeSelectorTerms: | ||||||
|  |     #     - matchExpressions: | ||||||
|  |     #       - key: kubernetes.io/os | ||||||
|  |     #         operator: In | ||||||
|  |     #         values: | ||||||
|  |     #         - linux | ||||||
|  |     #   preferredDuringSchedulingIgnoredDuringExecution: | ||||||
|  |     #   - weight: 20 | ||||||
|  |     #     preference: | ||||||
|  |     #       matchExpressions: | ||||||
|  |     #       - key: kubernetes.io/arch | ||||||
|  |     #         operator: In | ||||||
|  |     #         values: | ||||||
|  |     #         - amd64 | ||||||
|  |  | ||||||
|  |   ## @param deployment.initContainers List of additional init containers. | ||||||
|  |   initContainers: [] | ||||||
|  |   # - command: [ "sh", "-c", "echo hello world" ] | ||||||
|  |   #   image: "docker.io/library/busybox:latest" | ||||||
|  |   #   name: init | ||||||
|  |  | ||||||
|  |   ## @param deployment.dnsConfig dnsConfig of the athens-proxy deployment. | ||||||
|  |   dnsConfig: {} | ||||||
|  |     # nameservers: | ||||||
|  |     # - 192.0.2.1 # this is an example | ||||||
|  |     # searches: | ||||||
|  |     # - ns1.svc.cluster-domain.example | ||||||
|  |     # - my.dns.search.suffix | ||||||
|  |     # options: | ||||||
|  |     # - name: ndots | ||||||
|  |     #   value: "2" | ||||||
|  |     # - name: edns0 | ||||||
|  |  | ||||||
|  |   ## @param deployment.dnsPolicy dnsPolicy of the athens-proxy deployment. | ||||||
|  |   dnsPolicy: "" | ||||||
|  |  | ||||||
|  |   ## @param deployment.hostname Individual hostname of the pod. | ||||||
|  |   ## @param deployment.subdomain Individual domain of the pod. | ||||||
|  |   hostname: "" | ||||||
|  |   subdomain: "" | ||||||
|  |  | ||||||
|  |   ## @param deployment.hostNetwork Use the kernel network namespace of the host system. | ||||||
|  |   hostNetwork: false | ||||||
|  |  | ||||||
|  |   ## @param deployment.imagePullSecrets Secret to use for pulling the image. | ||||||
|  |   imagePullSecrets: [] | ||||||
|  |   # - name: "my-custom-secret" | ||||||
|  |  | ||||||
|  |   athensProxy: | ||||||
|  |     ## @param deployment.athensProxy.args Arguments passed to the athens-proxy container. | ||||||
|  |     args: [] | ||||||
|  |  | ||||||
|  |     ## @param deployment.athensProxy.command Command passed to the athens-proxy container. | ||||||
|  |     command: [] | ||||||
|  |  | ||||||
|  |     ## @param deployment.athensProxy.env List of environment variables for the athens-proxy container. | ||||||
|  |     env: [] | ||||||
|  |     # - name: SPECIAL_ENV_A | ||||||
|  |     #   value: special-key | ||||||
|  |     # - name: SPECIAL_ENV | ||||||
|  |     #   valueFrom: | ||||||
|  |     #     configMapKeyRef: | ||||||
|  |     #       name: special-config | ||||||
|  |     #       key: special-key | ||||||
|  |     # - name: SPECIAL_ENV | ||||||
|  |     #   valueFrom: | ||||||
|  |     #     secretKeyRef: | ||||||
|  |     #       name: special-secret | ||||||
|  |     #       key: special-key | ||||||
|  |  | ||||||
|  |     ## @param deployment.athensProxy.envFrom List of environment variables mounted from configMaps or secrets for the athens-proxy container. | ||||||
|  |     envFrom: [] | ||||||
|  |     # - configMapRef: | ||||||
|  |     #     name: special-config | ||||||
|  |     # - secretRef: | ||||||
|  |     #     name: special-secret | ||||||
|  |  | ||||||
|  |     ## @param deployment.athensProxy.image.registry Image registry, eg. `docker.io`. | ||||||
|  |     ## @param deployment.athensProxy.image.repository Image repository, eg. `library/busybox`. | ||||||
|  |     ## @param deployment.athensProxy.image.tag Custom image tag, eg. `0.1.0`. Defaults to `appVersion`. | ||||||
|  |     ## @param deployment.athensProxy.image.pullPolicy Image pull policy. | ||||||
|  |     image: | ||||||
|  |       registry: docker.io | ||||||
|  |       repository: gomods/athens | ||||||
|  |       tag: "" | ||||||
|  |       pullPolicy: IfNotPresent | ||||||
|  |  | ||||||
|  |     ## @param deployment.athensProxy.resources CPU and memory resources of the pod. | ||||||
|  |     resources: {} | ||||||
|  |       # limits: | ||||||
|  |       #   cpu: | ||||||
|  |       #   ephemeral-storage: | ||||||
|  |       #   memory: | ||||||
|  |       # requests: | ||||||
|  |       #   cpu: | ||||||
|  |       #   ephemeral-storage: | ||||||
|  |       #   memory: | ||||||
|  |  | ||||||
|  |     ## @param deployment.athensProxy.securityContext Security context of the container of the deployment. | ||||||
|  |     securityContext: {} | ||||||
|  |       # capabilities: | ||||||
|  |       #   add: | ||||||
|  |       #   - NET_RAW | ||||||
|  |       #   drop: | ||||||
|  |       #   - ALL | ||||||
|  |       # privileged: false | ||||||
|  |       # readOnlyRootFilesystem: true | ||||||
|  |       # runAsNonRoot: true | ||||||
|  |       # runAsUser: 1000 | ||||||
|  |  | ||||||
|  |     ## @param deployment.athensProxy.volumeMounts Additional volume mounts. | ||||||
|  |     volumeMounts: [] | ||||||
|  |     # - name: my-configmap-volume | ||||||
|  |     #   mountPath: /configmap | ||||||
|  |     #   readOnly: true | ||||||
|  |  | ||||||
|  |   ## @param deployment.nodeSelector NodeSelector of the athens-proxy deployment. | ||||||
|  |   nodeSelector: {} | ||||||
|  |  | ||||||
|  |   ## @param deployment.priorityClassName PriorityClassName of the athens-proxy deployment. | ||||||
|  |   priorityClassName: "" | ||||||
|  |  | ||||||
|  |   ## @param deployment.replicas Number of replicas for the athens-proxy deployment. | ||||||
|  |   replicas: 1 | ||||||
|  |  | ||||||
|  |   ## @param deployment.restartPolicy Restart policy of the athens-proxy deployment. | ||||||
|  |   restartPolicy: "" | ||||||
|  |  | ||||||
|  |   ## @param deployment.securityContext Security context of the athens-proxy deployment. | ||||||
|  |   securityContext: {} | ||||||
|  |     # fsGroup: 2000 | ||||||
|  |  | ||||||
|  |   ## @param deployment.strategy.type Strategy type - `Recreate` or `RollingUpdate`. | ||||||
|  |   ## @param deployment.strategy.rollingUpdate.maxSurge The maximum number of pods that can be scheduled above the desired number of pods during a rolling update. | ||||||
|  |   ## @param deployment.strategy.rollingUpdate.maxUnavailable The maximum number of pods that can be unavailable during a rolling update. | ||||||
|  |   strategy: | ||||||
|  |     type: "RollingUpdate" | ||||||
|  |     rollingUpdate: | ||||||
|  |       maxSurge: 1 | ||||||
|  |       maxUnavailable: 1 | ||||||
|  |  | ||||||
|  |   ## @param deployment.terminationGracePeriodSeconds How long to wait until forcefully kill the pod. | ||||||
|  |   terminationGracePeriodSeconds: 60 | ||||||
|  |  | ||||||
|  |   ## @param deployment.tolerations Tolerations of the athens-proxy deployment. | ||||||
|  |   tolerations: [] | ||||||
|  |   # - key: database/type | ||||||
|  |   #   operator: Equal | ||||||
|  |   #   value: postgres | ||||||
|  |   #   effect: NoSchedule | ||||||
|  |  | ||||||
|  |   ## @param deployment.topologySpreadConstraints TopologySpreadConstraints of the athens-proxy deployment. | ||||||
|  |   topologySpreadConstraints: [] | ||||||
|  |   # - topologyKey: kubernetes.io/hostname | ||||||
|  |   #   whenUnsatisfiable: DoNotSchedule | ||||||
|  |   #   labelSelector: | ||||||
|  |   #     matchLabels: | ||||||
|  |   #       app.kubernetes.io/instance: prometheus-athens-proxy | ||||||
|  |  | ||||||
|  |   ## @param deployment.volumes Additional volumes to mount into the pods of the prometheus-exporter deployment. | ||||||
|  |   volumes: [] | ||||||
|  |   # - name: my-configmap-volume | ||||||
|  |   #   config: | ||||||
|  |   #     name: my-configmap | ||||||
|  |   # - name: my-secret-volume | ||||||
|  |   #   secret: | ||||||
|  |   #     secretName: my-secret | ||||||
|  |  | ||||||
|  | ## @section Horizontal Pod Autoscaler (HPA) | ||||||
|  | # In order for the HPA to function successfully, a metric server is required, especially for resource consumption. The | ||||||
|  | # metric server enables the CPU and memory utilisation to be recorded. If such a metric server is not available, the HPA | ||||||
|  | # cannot scale pods based on CPU or memory utilisation. Further information be be found here: | ||||||
|  | # https://github.com/kubernetes-sigs/metrics-server#deployment | ||||||
|  | hpa: | ||||||
|  |   ## @param hpa.enabled Enable the horizontal pod autoscaler (HPA). | ||||||
|  |   ## @param hpa.annotations Additional annotations for the HPA. | ||||||
|  |   ## @param hpa.labels Additional labels for the HPA. | ||||||
|  |   ## @param hpa.metrics Metrics contains the specifications for which to use to calculate the desired replica count. | ||||||
|  |   ## @skip hpa.metrics Skip individual HPA metric configurations. | ||||||
|  |   ## @param hpa.minReplicas Min replicas is the lower limit for the number of replicas to which the autoscaler can scale down. | ||||||
|  |   ## @param hpa.maxReplicas Upper limit for the number of pods that can be set by the autoscaler. | ||||||
|  |   enabled: false | ||||||
|   annotations: {} |   annotations: {} | ||||||
|   # externalIPs: [] |   labels: {} | ||||||
|   # externalTrafficPolicy: "Cluster" |   metrics: | ||||||
|   # loadBalancerClass: "" |   - resource: | ||||||
|   # loadBalancerIP: "" |       name: cpu | ||||||
|   # loadBalancerSourceRanges: [] |       target: | ||||||
|   # internalTrafficPolicy: "Cluster" |         averageUtilization: 65 | ||||||
|   name: http |         type: Utilization | ||||||
|   targetPort: 3000 |     type: Resource | ||||||
|   type: ClusterIP |   # - resource: | ||||||
|   port: 3000 |   #     name: memory | ||||||
|  |   #     target: | ||||||
|  |   #       averageUtilization: 65 | ||||||
|  |   #       type: Utilization | ||||||
|  |   minReplicas: 1 | ||||||
|  |   maxReplicas: 10 | ||||||
|  |  | ||||||
|  | ## @section Ingress | ||||||
| ingress: | ingress: | ||||||
|  |   ## @param ingress.enabled Enable creation of an ingress resource. Requires, that the http service is also enabled. | ||||||
|  |   ## @param ingress.className Ingress class. | ||||||
|  |   ## @param ingress.annotations Additional ingress annotations. | ||||||
|  |   ## @param ingress.labels Additional ingress labels. | ||||||
|   enabled: false |   enabled: false | ||||||
|   className: "nginx" |   className: "nginx" | ||||||
|   annotations: {} |   annotations: {} | ||||||
|     # kubernetes.io/ingress.class: nginx |   labels: {} | ||||||
|     # cert-manager.io/issuer: |  | ||||||
|     # kubernetes.io/tls-acme: "true" |  | ||||||
|   hosts: |  | ||||||
|   - host: "your-hostname" |  | ||||||
|     paths: |  | ||||||
|     - path: / |  | ||||||
|       pathType: ImplementationSpecific |  | ||||||
|   tls: |  | ||||||
|   - secretName: "your-tls-secret" |  | ||||||
|     hosts: |  | ||||||
|     - "your-hostname" |  | ||||||
|  |  | ||||||
| resources: {} |   ## @param ingress.hosts Ingress specific configuration. Specification only required when another ingress controller is used instead of `t1k. | ||||||
|   # We usually recommend not to specify default resources and to leave this as a conscious |   ## @skip ingress.hosts Skip individual host configuration. | ||||||
|   # choice for the user. This also increases chances charts run on environments with little |   hosts: [] | ||||||
|   # resources, such as Minikube. If you do want to specify resources, uncomment the following |   # - host: athens-proxy.example.local | ||||||
|   # lines, adjust them as necessary, and remove the curly braces after 'resources:'. |   #   paths: | ||||||
|   # limits: |   #   - path: / | ||||||
|   #   cpu: 100m |   #     pathType: Prefix | ||||||
|   #   memory: 128Mi |  | ||||||
|   # requests: |  | ||||||
|   #   cpu: 100m |  | ||||||
|   #   memory: 128Mi |  | ||||||
|  |  | ||||||
| nodeSelector: |   ## @param ingress.tls Ingress TLS settings. Specification only required when another ingress controller is used instead of `t1k``. | ||||||
|   kubernetes.io/arch: amd64 |   ## @skip ingress.tls Skip individual TLS configuration. | ||||||
|  |   tls: [] | ||||||
|  |   # - secretName: athens-proxy-http-tls | ||||||
|  |   #   hosts: | ||||||
|  |   #   - athens-proxy.example.local | ||||||
|  |  | ||||||
| tolerations: [] | ## @section Persistence | ||||||
|  | persistence: | ||||||
|  |   ## @param persistence.enabled Enable the feature to store the data on a persistent volume claim. If enabled, the volume will be automatically be mounted into the pod. Furthermore, the env `ATHENS_STORAGE_TYPE=disk` will automatically be defined. | ||||||
|  |   enabled: false | ||||||
|  |  | ||||||
| # extra volumes for the pod |   data: | ||||||
| extraVolumes: {} |     ## @param persistence.data.mountPath The path where the persistent volume should be mounted in the container file system. This variable controls `ATHENS_DISK_STORAGE_ROOT`. | ||||||
| # The following example mount the same secret, which contains tls certificates |     mountPath: "/var/www/athens-proxy/data" | ||||||
| # under different names. Each volume mount contains only selected items of the |  | ||||||
| # secret. This make it easier to place the items on different locations inside the |  | ||||||
| # container filesystem via extraVolumeMounts. |  | ||||||
| # - name: custom-ca-anchor |  | ||||||
| #   secret: |  | ||||||
| #     secretName: athens-proxy-custom-tls-certificates |  | ||||||
| #     items: |  | ||||||
| #     - key: ca.crt |  | ||||||
| #       path: ca.crt |  | ||||||
| #       mode: 0444 |  | ||||||
| # - name: custom-tls-certificates |  | ||||||
| #   secret: |  | ||||||
| #     secretName: athens-proxy-custom-tls-certificates |  | ||||||
| #     items: |  | ||||||
| #     - key: tls.key |  | ||||||
| #       path: tls.key |  | ||||||
| #       mode: 0400 |  | ||||||
| #     - key: tls.crt |  | ||||||
| #       path: tls.crt |  | ||||||
| #       mode: 0444 |  | ||||||
|  |  | ||||||
| extraVolumeMounts: {} |     ## @param persistence.data.existingPersistentVolumeClaim.enabled TODO | ||||||
| # The following example follows the example of extraVolumes and mounts the |     ## @param persistence.data.existingPersistentVolumeClaim.persistentVolumeClaimName TODO | ||||||
| # volumes to the corresponding paths in the container filesystem. |     existingPersistentVolumeClaim: | ||||||
| # - name: custom-ca-anchor |       enabled: false | ||||||
| #   mountPath: /usr/local/share/ca-certificates |       persistentVolumeClaimName: "" | ||||||
| # - name: custom-tls-certificates |  | ||||||
| #   mountPath: /etc/athens-proxy/tls |     ## @param persistence.data.persistentVolumeClaim.annotations Additional persistent volume claim annotations. | ||||||
|  |     ## @param persistence.data.persistentVolumeClaim.labels Additional persistent volume claim labels. | ||||||
|  |     ## @param persistence.data.persistentVolumeClaim.accessModes Access modes of the persistent volume claim. | ||||||
|  |     ## @param persistence.data.persistentVolumeClaim.storageClass Storage class of the persistent volume claim. | ||||||
|  |     ## @param persistence.data.persistentVolumeClaim.storageSize Size of the persistent volume claim. | ||||||
|  |     persistentVolumeClaim: | ||||||
|  |       annotations: {} | ||||||
|  |       labels: {} | ||||||
|  |       accessModes: | ||||||
|  |       - ReadWriteMany | ||||||
|  |       storageClass: "" | ||||||
|  |       storageSize: "5Gi" | ||||||
|  |  | ||||||
|  | ## @section NetworkPolicies | ||||||
|  | ## @param networkPolicies.enabled Enable network policies in general. | ||||||
|  | networkPolicies: | ||||||
|  |   enabled: false | ||||||
|  |  | ||||||
|  |   ## @param networkPolicies.default.enabled Enable the network policy for accessing the application by default. For example to scape the metrics. | ||||||
|  |   ## @param networkPolicies.default.annotations Additional network policy annotations. | ||||||
|  |   ## @param networkPolicies.default.labels Additional network policy labels. | ||||||
|  |   ## @param networkPolicies.default.policyTypes List of policy types. Supported is ingress, egress or ingress and egress. | ||||||
|  |   ## @param networkPolicies.default.egress Concrete egress network policy implementation. | ||||||
|  |   ## @skip networkPolicies.default.egress Skip individual egress configuration. | ||||||
|  |   ## @param networkPolicies.default.ingress Concrete ingress network policy implementation. | ||||||
|  |   ## @skip networkPolicies.default.ingress Skip individual ingress configuration. | ||||||
|  |   default: | ||||||
|  |     enabled: false | ||||||
|  |     annotations: {} | ||||||
|  |     labels: {} | ||||||
|  |     policyTypes: [] | ||||||
|  |     # - Egress | ||||||
|  |     # - Ingress | ||||||
|  |     egress: [] | ||||||
|  |     # Allow outgoing traffic to database host | ||||||
|  |     # | ||||||
|  |     # - to: | ||||||
|  |     #   - ipBlock: | ||||||
|  |     #       cidr: 192.168.179.1/32 | ||||||
|  |     #   ports: | ||||||
|  |     #   - port: 5432 | ||||||
|  |     #     protocol: TCP | ||||||
|  |  | ||||||
|  |     # Allow outgoing DNS traffic to the internal running DNS-Server. For example core-dns. | ||||||
|  |     # | ||||||
|  |     # - to: | ||||||
|  |     #   - namespaceSelector: | ||||||
|  |     #       matchLabels: | ||||||
|  |     #         kubernetes.io/metadata.name: kube-system | ||||||
|  |     #     podSelector: | ||||||
|  |     #       matchLabels: | ||||||
|  |     #        k8s-app: kube-dns | ||||||
|  |     #   ports: | ||||||
|  |     #   - port: 53 | ||||||
|  |     #     protocol: TCP | ||||||
|  |     #   - port: 53 | ||||||
|  |     #     protocol: UDP | ||||||
|  |  | ||||||
|  |     ingress: [] | ||||||
|  |     # Allow incoming HTTP traffic from prometheus. | ||||||
|  |     # | ||||||
|  |     # - from: | ||||||
|  |     #   - namespaceSelector: | ||||||
|  |     #       matchLabels: | ||||||
|  |     #         kubernetes.io/metadata.name: monitoring | ||||||
|  |     #     podSelector: | ||||||
|  |     #       matchLabels: | ||||||
|  |     #         app.kubernetes.io/name: prometheus | ||||||
|  |     #   ports: | ||||||
|  |     #   - port: http | ||||||
|  |     #     protocol: TCP | ||||||
|  |  | ||||||
|  |     # Allow incoming HTTP traffic from ingress-nginx. | ||||||
|  |     # | ||||||
|  |     # - from: | ||||||
|  |     #   - namespaceSelector: | ||||||
|  |     #       matchLabels: | ||||||
|  |     #         kubernetes.io/metadata.name: ingress-nginx | ||||||
|  |     #     podSelector: | ||||||
|  |     #       matchLabels: | ||||||
|  |     #         app.kubernetes.io/name: ingress-nginx | ||||||
|  |     #   ports: | ||||||
|  |     #   - port: http | ||||||
|  |     #     protocol: TCP | ||||||
|  |  | ||||||
|  | ## @section Service | ||||||
|  | ## @param services.http.enabled Enable the service. | ||||||
|  | ## @param services.http.annotations Additional service annotations. | ||||||
|  | ## @param services.http.externalIPs External IPs for the service. | ||||||
|  | ## @param services.http.externalTrafficPolicy If `service.type` is `NodePort` or `LoadBalancer`, set this to `Local` to tell kube-proxy to only use node local endpoints for cluster external traffic. Furthermore, this enables source IP preservation. | ||||||
|  | ## @param services.http.internalTrafficPolicy If `service.type` is `NodePort` or `LoadBalancer`, set this to `Local` to tell kube-proxy to only use node local endpoints for cluster internal traffic. | ||||||
|  | ## @param services.http.ipFamilies IPFamilies is list of IP families (e.g. `IPv4`, `IPv6`) assigned to this service. This field is usually assigned automatically based on cluster configuration and only required for customization. | ||||||
|  | ## @param services.http.labels Additional service labels. | ||||||
|  | ## @param services.http.loadBalancerClass LoadBalancerClass is the class of the load balancer implementation this Service belongs to. Requires service from type `LoadBalancer`. | ||||||
|  | ## @param services.http.loadBalancerIP LoadBalancer will get created with the IP specified in this field. Requires service from type `LoadBalancer`. | ||||||
|  | ## @param services.http.loadBalancerSourceRanges Source range filter for LoadBalancer. Requires service from type `LoadBalancer`. | ||||||
|  | ## @param services.http.port Port to forward the traffic to. | ||||||
|  | ## @param services.http.sessionAffinity Supports `ClientIP` and `None`. Enable client IP based session affinity via `ClientIP`. | ||||||
|  | ## @param services.http.sessionAffinityConfig Contains the configuration of the session affinity. | ||||||
|  | ## @param services.http.type Kubernetes service type for the traffic. | ||||||
|  | services: | ||||||
|  |   http: | ||||||
|  |     enabled: true | ||||||
|  |     annotations: {} | ||||||
|  |     externalIPs: [] | ||||||
|  |     externalTrafficPolicy: "Cluster" | ||||||
|  |     internalTrafficPolicy: "Cluster" | ||||||
|  |     ipFamilies: [] | ||||||
|  |     labels: {} | ||||||
|  |     loadBalancerClass: "" | ||||||
|  |     loadBalancerIP: "" | ||||||
|  |     loadBalancerSourceRanges: [] | ||||||
|  |     port: 3000 | ||||||
|  |     sessionAffinity: "None" | ||||||
|  |     sessionAffinityConfig: {} | ||||||
|  |     type: "ClusterIP" | ||||||
|  |  | ||||||
|  | ## @section ServiceAccount | ||||||
|  | serviceAccount: | ||||||
|  |   ## @param serviceAccount.existing.enabled Use an existing service account instead of creating a new one. Assumes that the user has all the necessary kubernetes API authorizations. | ||||||
|  |   ## @param serviceAccount.existing.serviceAccountName Name of the existing service account. | ||||||
|  |   existing: | ||||||
|  |     enabled: false | ||||||
|  |     serviceAccountName: "" | ||||||
|  |  | ||||||
|  |   ## @param serviceAccount.new.annotations Additional service account annotations. | ||||||
|  |   ## @param serviceAccount.new.labels Additional service account labels. | ||||||
|  |   ## @param serviceAccount.new.automountServiceAccountToken Enable/disable auto mounting of the service account token. | ||||||
|  |   ## @param serviceAccount.new.imagePullSecrets ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this serviceAccount. | ||||||
|  |   ## @param serviceAccount.new.secrets Secrets is the list of secrets allowed to be used by pods running using this ServiceAccount. | ||||||
|  |   new: | ||||||
|  |     annotations: {} | ||||||
|  |     labels: {} | ||||||
|  |     automountServiceAccountToken: true | ||||||
|  |     imagePullSecrets: [] | ||||||
|  |     # - name: "my-image-pull-secret" | ||||||
|  |     secrets: [] | ||||||
|  |     # - name: "my-secret" | ||||||
|  |     #   namespace: "my-namespace" | ||||||
|  |     #   fieldPath: "my-field" | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user