Initial Commit
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Markus Pesch 2021-10-28 19:41:17 +02:00
commit f83d91d991
Signed by: volker.raschek
GPG Key ID: 852BCC170D81A982
14 changed files with 695 additions and 0 deletions

103
.drone.yml Normal file
View File

@ -0,0 +1,103 @@
---
kind: pipeline
type: kubernetes
name: linter
platform:
os: linux
arch: amd64
steps:
- name: helm lint
commands:
- helm lint
image: quay.io/helmpack/chart-testing:latest
resources:
limits:
cpu: 50
memory: 50M
- name: markdown lint
commands:
- markdownlint *.md
image: docker.io/volkerraschek/markdownlint:0.28.1
resources:
limits:
cpu: 50
memory: 50M
- name: email-notification
environment:
PLUGIN_HOST:
from_secret: smtp_host
PLUGIN_USERNAME:
from_secret: smtp_username
PLUGIN_PASSWORD:
from_secret: smtp_password
PLUGIN_FROM:
from_secret: smtp_mail_address
image: docker.io/drillster/drone-email:latest
resources:
limits:
cpu: 50
memory: 25M
when:
status:
- changed
- failure
trigger:
event:
exclude:
- tag
---
kind: pipeline
type: kubernetes
name: sync
platform:
os: linux
arch: amd64
steps:
- name: github
image: docker.io/appleboy/drone-git-push:latest
resources:
limits:
cpu: 50
memory: 25M
settings:
branch: master
remote: ssh://git@github.com/volker-raschek/renovate-charts.git
force: true
ssh_key:
from_secret: ssh_key
- name: email-notification
environment:
PLUGIN_HOST:
from_secret: smtp_host
PLUGIN_USERNAME:
from_secret: smtp_username
PLUGIN_PASSWORD:
from_secret: smtp_password
PLUGIN_FROM:
from_secret: smtp_mail_address
image: docker.io/drillster/drone-email:latest
resources:
limits:
cpu: 50
memory: 25M
when:
status:
- changed
- failure
trigger:
branch:
- master
event:
- push
repo:
- volker.raschek/renovate-charts

12
.editorconfig Normal file
View File

@ -0,0 +1,12 @@
# EditorConfig is awesome: https://EditorConfig.org
# top-most EditorConfig file
root = true
[*]
indent_style = space
indent_size = 2
end_of_line = lf
charset = utf-8
trim_trailing_whitespace = true
insert_final_newline = false

3
.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
*.tgz
values2.yml
values2.yaml

30
.helmignore Normal file
View File

@ -0,0 +1,30 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
# drone
.drone.yml
# markdownlint
.markdownlint.yaml
# customized values
values2.yml
values2.yaml

144
.markdownlint.yaml Normal file
View File

@ -0,0 +1,144 @@
# markdownlint YAML configuration
# https://github.com/DavidAnson/markdownlint/blob/main/schema/.markdownlint.yaml
# Default state for all rules
default: true
# Path to configuration file to extend
extends: null
# MD003/heading-style/header-style - Heading style
MD003:
# Heading style
style: "atx"
# MD004/ul-style - Unordered list style
MD004:
style: "dash"
# MD007/ul-indent - Unordered list indentation
MD007:
# Spaces for indent
indent: 2
# Whether to indent the first level of the list
start_indented: false
# MD009/no-trailing-spaces - Trailing spaces
MD009:
# Spaces for line break
br_spaces: 2
# Allow spaces for empty lines in list items
list_item_empty_lines: false
# Include unnecessary breaks
strict: false
# MD010/no-hard-tabs - Hard tabs
MD010:
# Include code blocks
code_blocks: true
# MD012/no-multiple-blanks - Multiple consecutive blank lines
MD012:
# Consecutive blank lines
maximum: 1
# MD013/line-length - Line length
MD013:
# Number of characters
line_length: 80
# Number of characters for headings
heading_line_length: 80
# Number of characters for code blocks
code_block_line_length: 80
# Include code blocks
code_blocks: false
# Include tables
tables: false
# Include headings
headings: true
# Include headings
headers: true
# Strict length checking
strict: false
# Stern length checking
stern: false
# MD022/blanks-around-headings/blanks-around-headers - Headings should be surrounded by blank lines
MD022:
# Blank lines above heading
lines_above: 1
# Blank lines below heading
lines_below: 1
# MD024/no-duplicate-heading/no-duplicate-header - Multiple headings with the same content
MD024:
# Only check sibling headings
allow_different_nesting: true
# MD025/single-title/single-h1 - Multiple top-level headings in the same document
MD025:
# Heading level
level: 1
# RegExp for matching title in front matter
front_matter_title: "^\\s*title\\s*[:=]"
# MD026/no-trailing-punctuation - Trailing punctuation in heading
MD026:
# Punctuation characters
punctuation: ".,;:!。,;:!"
# MD029/ol-prefix - Ordered list item prefix
MD029:
# List style
style: "one_or_ordered"
# MD030/list-marker-space - Spaces after list markers
MD030:
# Spaces for single-line unordered list items
ul_single: 1
# Spaces for single-line ordered list items
ol_single: 1
# Spaces for multi-line unordered list items
ul_multi: 1
# Spaces for multi-line ordered list items
ol_multi: 1
# MD033/no-inline-html - Inline HTML
MD033:
# Allowed elements
allowed_elements: []
# MD035/hr-style - Horizontal rule style
MD035:
# Horizontal rule style
style: "---"
# MD036/no-emphasis-as-heading/no-emphasis-as-header - Emphasis used instead of a heading
MD036:
# Punctuation characters
punctuation: ".,;:!?。,;:!?"
# MD041/first-line-heading/first-line-h1 - First line in a file should be a top-level heading
MD041:
# Heading level
level: 1
# RegExp for matching title in front matter
front_matter_title: "^\\s*title\\s*[:=]"
# MD044/proper-names - Proper names should have the correct capitalization
MD044:
# List of proper names
# names:
# - drone
# Include code blocks
code_blocks: false
# MD046/code-block-style - Code block style
MD046:
# Block style
style: "fenced"
# MD048/code-fence-style - Code fence style
MD048:
# Code fence syle
style: "backtick"

24
Chart.yaml Normal file
View File

@ -0,0 +1,24 @@
apiVersion: v2
name: renovate
description: Helm chart for renovate bot
type: application
version: 0.1.0
appVersion: 28.14.0-slim
icon: https://avatars3.githubusercontent.com/u/38656520?s=400&v=4
keywords:
- renovate
- github
- gitlab
- gitea
- ci/cd
- bot
sources:
- https://github.com/renovatebot/renovate
- https://hub.docker.com/r/renovate/renovate
- https://git.cryptic.systems/volker.raschek/renovate-charts
maintainers:
- name: Markus Pesch
email: markus.pesch+apps@cryptic.systems

13
LICENSE Normal file
View File

@ -0,0 +1,13 @@
Copyright 2021 Markus Pesch
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

23
README.md Normal file
View File

@ -0,0 +1,23 @@
# renovate-charts
[![Build Status](https://drone.cryptic.systems/api/badges/volker.raschek/renovate-charts/status.svg)](https://drone.cryptic.systems/volker.raschek/renovate-charts)
[![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/volker-raschek)](https://artifacthub.io/packages/search?repo=volker-raschek)
This is an inofficial helm chart for
[renovate](https://github.com/renovatebot/renovate/). Goal of this chart is to
be more lightweight than the official one.
This helm chart can be found on [artifacthub.io](https://artifacthub.io/) and
can be installed via helm.
```bash
helm repo add volker.raschek https://charts.cryptic.systems/volker.raschek
helm install drone volker.raschek/renovate
```
## Customization
All [configuration
options](https://docs.drone.io/runner/kubernetes/configuration/reference/) can
be defined in the `values.yml` file below the `config` section. Alternatively
can be the options passed via the `--set` flag of the `helm install` command.

62
templates/_helpers.tpl Normal file
View File

@ -0,0 +1,62 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "renovate.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "renovate.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "renovate.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "renovate.labels" -}}
helm.sh/chart: {{ include "renovate.chart" . }}
{{ include "renovate.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "renovate.selectorLabels" -}}
app.kubernetes.io/name: {{ include "renovate.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "renovate.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "renovate.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

16
templates/configmap.yaml Normal file
View File

@ -0,0 +1,16 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "renovate.fullname" . }}-env
labels:
{{- include "renovate.labels" . | nindent 4 }}
data:
{{- if not (hasKey .Values.renovate "env") -}}
{{- $_ := set .Values "env" dict -}}
{{- end -}}
{{/* SETUP CONFIG */}}
{{ range $key, $value := .Values.renovate.env }}
{{ upper $key}}: {{ quote $value }}
{{ end }}

95
templates/cronjob.yaml Normal file
View File

@ -0,0 +1,95 @@
{{- if semverCompare ">=1.21-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: batch/v1
{{- else -}}
apiVersion: batch/v1beta1
{{- end }}
kind: CronJob
metadata:
name: {{ include "renovate.fullname" . }}
labels:
{{- include "renovate.labels" . | nindent 4 }}
spec:
schedule: "{{ .Values.cronjob.schedule }}"
{{- with .Values.cronjob.concurrencyPolicy }}
concurrencyPolicy: {{ . }}
{{- end }}
{{- with .Values.cronjob.failedJobsHistoryLimit }}
failedJobsHistoryLimit: {{ . }}
{{- end }}
{{- with .Values.cronjob.successfulJobsHistoryLimit }}
successfulJobsHistoryLimit: {{ . }}
{{- end }}
jobTemplate:
spec:
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 12 }}
{{- end }}
spec:
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 12 }}
{{- end }}
containers:
- name: {{ .Chart.Name }}
{{- if or .Values.renovate.env .Values.renovate.secEnv }}
envFrom:
{{- if .Values.renovate.env }}
- configMapRef:
name: {{ include "renovate.fullname" . }}-env
{{- end }}
{{- if .Values.renovate.secEnv }}
- secretRef:
name: {{ include "renovate.fullname" . }}-secret-env
{{- end }}
{{- end }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
resources:
{{- toYaml .Values.resources | nindent 16 }}
securityContext:
{{- toYaml .Values.securityContext | nindent 16 }}
volumeMounts:
{{- if .Values.renovate.appConfig }}
- name: app-config
mountPath: /usr/src/app/config.json
subPath: config.json
{{- end }}
{{- if .Values.renovate.sshConfig.enabled }}
- name: ssh-config
mountPath: /home/ubuntu/.ssh
readOnly: true
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 12 }}
{{- end }}
restartPolicy: Never
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 12 }}
serviceAccountName: {{ include "renovate.serviceAccountName" . }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 12 }}
{{- end }}
volumes:
{{- if .Values.renovate.appConfig }}
- name: app-config
secret:
secretName: {{ include "renovate.fullname" . }}-app-config
{{- end }}
{{- if and .Values.renovate.sshConfig.enabled (not .Values.renovate.sshConfig.existingSecret) }}
- name: ssh-config
secret:
secretName: {{ include "renovate.fullname" . }}-ssh-config
{{- else if and .Values.renovate.sshConfig.enabled .Values.renovate.sshConfig.existingSecret -}}
- name: ssh-config
secret:
secretName: {{ .Values.renovate.sshConfig.existingSecret }}
{{- end -}}

55
templates/secrets.yaml Normal file
View File

@ -0,0 +1,55 @@
{{- if .Values.renovate.secEnv }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "renovate.fullname" . }}-secret-env
labels:
{{- include "renovate.labels" . | nindent 4 }}
type: Opaque
stringData:
{{- if not (hasKey .Values.renovate "secEnv") -}}
{{- $_ := set .Values "secEnv" dict -}}
{{- end -}}
{{/* SETUP CONFIG */}}
{{ range $key, $value := .Values.renovate.secEnv }}
{{ upper $key}}: {{ quote $value }}
{{ end }}
{{- end }}
{{- if .Values.renovate.appConfig }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "renovate.fullname" . }}-app-config
labels:
{{- include "renovate.labels" . | nindent 4 }}
type: Opaque
stringData:
config.json: {{ .Values.renovate.appConfig | quote }}
{{- end }}
{{- if .Values.renovate.sshConfig.enabled }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "renovate.fullname" . }}-ssh-config
labels:
{{- include "renovate.labels" . | nindent 4 }}
type: Opaque
stringData:
{{- if and .Values.renovate.sshConfig.id_rsa .Values.renovate.sshConfig.id_rsa_pub }}
id_rsa: {{ .Values.renovate.sshConfig.id_rsa | quote }}
id_rsa.pub: {{ .Values.renovate.sshConfig.id_rsa_pub | quote }}
{{- end }}
{{- if and .Values.renovate.sshConfig.id_ed25519 .Values.renovate.sshConfig.id_ed25519_pub }}
id_ed25519: {{ .Values.renovate.sshConfig.id_ed25519 | quote }}
id_ed25519.pub: {{ .Values.renovate.sshConfig.id_ed25519_pub | quote }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,12 @@
{{- if .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "renovate.serviceAccountName" . }}
labels:
{{- include "renovate.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

103
values.yaml Normal file
View File

@ -0,0 +1,103 @@
# Default values for renovate.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1
image:
repository: docker.io/renovate/renovate
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: ""
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
podAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
cronjob:
# At 01:00 every day
schedule: '*/5 * * * *'
concurrencyPolicy: ''
failedJobsHistoryLimit: ''
successfulJobsHistoryLimit: ''
renovate:
env: {}
# LOG_LEVEL
# Define the log level of renovate
# LOG_LEVEL: ""
# RENOVATE_AUTODISCOVER
# You can set RENOVATE_AUTODISCOVER to true to run Renovate on all repos you
# have push access to. Alternatively can this property also be defined via
# config.json file.
# https://docs.renovatebot.com/self-hosted-configuration/#autodiscover
# RENOVATE_ENDPOINT
# Custom endpoint. Mostly path to the API of the SCM software. Alternatively
# can this property also be defined via config.json file.
# https://docs.renovatebot.com/self-hosted-configuration/#endpoint
# RENOVATE_ENDPOINT: ""
# RENOVATE_GIT_AUTHOR
# Name and email adress for the renovate bot. Alternatively can this
# property also be defined via config.json file.
# RENOVATE_GIT_AUTHOR: "Firstname Lastname <firname.lastname@example.local"
# RENOVATE_PLATFORM
# Platform type of repository. Alternatively can this property also be
# defined via config.json file.
# https://docs.renovatebot.com/self-hosted-configuration/#platform
# RENOVATE_PLATFORM: ""
secEnv: {}
# GITHUB_COM_TOKEN
# https://github.com/renovatebot/renovate/blob/main/docs/usage/getting-started/running.md#githubcom-token-for-release-notes
# GITHUB_COM_TOKEN: ""
appConfig: ''
sshConfig:
enabled: false
# existingSecret:
# id_rsa: ''
# id_rsa.pub: ''
# id_ed25519: ''
# id_ed25519.pub: ''
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
affinity: {}
nodeSelector: {}
tolerations: []