commit 725ed970be1e39a1e0df6d3af9ea086b39b87592 Author: Markus Pesch Date: Sun Aug 22 19:41:23 2021 +0200 Initial Commit diff --git a/.drone.yml b/.drone.yml new file mode 100644 index 0000000..0e0633a --- /dev/null +++ b/.drone.yml @@ -0,0 +1,101 @@ +--- +kind: pipeline +type: kubernetes +name: linter + +platform: + os: linux + arch: amd64 + +steps: +- name: helm lint + commands: + - helm lint + image: quay.io/helmpack/chart-testing:latest + resources: + limits: + cpu: 50 + memory: 50M + +- name: markdown lint + commands: + - markdownlint *.md + image: docker.io/tmknom/markdownlint:0.23.1 + resources: + limits: + cpu: 50 + memory: 50M + +- name: email-notification + environment: + PLUGIN_HOST: + from_secret: smtp_host + PLUGIN_USERNAME: + from_secret: smtp_username + PLUGIN_PASSWORD: + from_secret: smtp_password + PLUGIN_FROM: + from_secret: smtp_mail_address + image: docker.io/drillster/drone-email:latest + resources: + limits: + cpu: 50 + memory: 25M + when: + status: + - changed + - failure + +trigger: + event: + exclude: + - tag + +--- +kind: pipeline +type: kubernetes +name: sync + +platform: + os: linux + arch: amd64 + +steps: +- name: github + image: docker.io/appleboy/drone-git-push:latest + resources: + limits: + cpu: 50 + memory: 25M + settings: + branch: master + remote: ssh://git@github.com/volker-raschek/roundcube-charts.git + force: true + ssh_key: + from_secret: ssh_key + +- name: email-notification + environment: + PLUGIN_HOST: + from_secret: smtp_host + PLUGIN_USERNAME: + from_secret: smtp_username + PLUGIN_PASSWORD: + from_secret: smtp_password + PLUGIN_FROM: + from_secret: smtp_mail_address + image: docker.io/drillster/drone-email:latest + resources: + limits: + cpu: 50 + memory: 25M + when: + status: + - changed + - failure + +trigger: + event: + - push + repo: + - volker.raschek/roundcube-charts diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..9e30eb9 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +*.tgz \ No newline at end of file diff --git a/.helmignore b/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/.markdownlint.yaml b/.markdownlint.yaml new file mode 100644 index 0000000..c158976 --- /dev/null +++ b/.markdownlint.yaml @@ -0,0 +1,144 @@ +# markdownlint YAML configuration +# https://github.com/DavidAnson/markdownlint/blob/main/schema/.markdownlint.yaml + +# Default state for all rules +default: true + +# Path to configuration file to extend +extends: null + +# MD003/heading-style/header-style - Heading style +MD003: + # Heading style + style: "atx" + +# MD004/ul-style - Unordered list style +MD004: + style: "dash" + +# MD007/ul-indent - Unordered list indentation +MD007: + # Spaces for indent + indent: 2 + # Whether to indent the first level of the list + start_indented: false + +# MD009/no-trailing-spaces - Trailing spaces +MD009: + # Spaces for line break + br_spaces: 2 + # Allow spaces for empty lines in list items + list_item_empty_lines: false + # Include unnecessary breaks + strict: false + +# MD010/no-hard-tabs - Hard tabs +MD010: + # Include code blocks + code_blocks: true + +# MD012/no-multiple-blanks - Multiple consecutive blank lines +MD012: + # Consecutive blank lines + maximum: 1 + +# MD013/line-length - Line length +MD013: + # Number of characters + line_length: 80 + # Number of characters for headings + heading_line_length: 80 + # Number of characters for code blocks + code_block_line_length: 80 + # Include code blocks + code_blocks: false + # Include tables + tables: false + # Include headings + headings: true + # Include headings + headers: true + # Strict length checking + strict: false + # Stern length checking + stern: false + +# MD022/blanks-around-headings/blanks-around-headers - Headings should be surrounded by blank lines +MD022: + # Blank lines above heading + lines_above: 1 + # Blank lines below heading + lines_below: 1 + +# MD024/no-duplicate-heading/no-duplicate-header - Multiple headings with the same content +MD024: + # Only check sibling headings + allow_different_nesting: true + +# MD025/single-title/single-h1 - Multiple top-level headings in the same document +MD025: + # Heading level + level: 1 + # RegExp for matching title in front matter + front_matter_title: "^\\s*title\\s*[:=]" + +# MD026/no-trailing-punctuation - Trailing punctuation in heading +MD026: + # Punctuation characters + punctuation: ".,;:!。,;:!" + +# MD029/ol-prefix - Ordered list item prefix +MD029: + # List style + style: "one_or_ordered" + +# MD030/list-marker-space - Spaces after list markers +MD030: + # Spaces for single-line unordered list items + ul_single: 1 + # Spaces for single-line ordered list items + ol_single: 1 + # Spaces for multi-line unordered list items + ul_multi: 1 + # Spaces for multi-line ordered list items + ol_multi: 1 + +# MD033/no-inline-html - Inline HTML +MD033: + # Allowed elements + allowed_elements: [] + +# MD035/hr-style - Horizontal rule style +MD035: + # Horizontal rule style + style: "---" + +# MD036/no-emphasis-as-heading/no-emphasis-as-header - Emphasis used instead of a heading +MD036: + # Punctuation characters + punctuation: ".,;:!?。,;:!?" + +# MD041/first-line-heading/first-line-h1 - First line in a file should be a top-level heading +MD041: + # Heading level + level: 1 + # RegExp for matching title in front matter + front_matter_title: "^\\s*title\\s*[:=]" + +# MD044/proper-names - Proper names should have the correct capitalization +MD044: + # List of proper names + # names: + # - drone + # Include code blocks + code_blocks: false + +# MD046/code-block-style - Code block style +MD046: + # Block style + style: "fenced" + +# MD048/code-fence-style - Code fence style +MD048: + # Code fence syle + style: "backtick" \ No newline at end of file diff --git a/Chart.yaml b/Chart.yaml new file mode 100644 index 0000000..8383ed9 --- /dev/null +++ b/Chart.yaml @@ -0,0 +1,20 @@ +apiVersion: v2 +name: roundcube +description: Helm chart for roundcube +type: application +version: 0.1.0 +appVersion: "1.4.11-apache" +icon: https://upload.wikimedia.org/wikipedia/commons/e/e3/Roundcube_logo_icon.svg + +keywords: +- roundcube +- webmail + +sources: +- https://github.com/volker-raschek/roundcube-charts +- https://github.com/roundcube/roundcubemail +- https://hub.docker.com/r/roundcube/roundcubemail/ + +maintainers: +- name: Markus Pesch + email: markus.pesch+apps@cryptic.systems diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..bf58594 --- /dev/null +++ b/LICENSE @@ -0,0 +1,13 @@ +Copyright 2021 Markus Pesch + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..13deee0 --- /dev/null +++ b/README.md @@ -0,0 +1,24 @@ +# roundcube-charts + +[![Build Status](https://drone.cryptic.systems/api/badges/volker.raschek/roundcube-charts/status.svg)](https://drone.cryptic.systems/volker.raschek/roundcube-charts) +[![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/volker-raschek)](https://artifacthub.io/packages/search?repo=volker-raschek) + +This is an inofficial helm chart for +[roundcube](https://github.com/roundcube/roundcubemail), because it is not yet +an official helm chart available. + +This helm chart can be found on [artifacthub.io](https://artifacthub.io/) and +can be installed via helm. + +```bash +helm repo add volker.raschek https://charts.cryptic.systems/volker.raschek +helm install drone volker.raschek/roundcube +``` + +## Customization + +All [configuration +options](https://github.com/roundcube/roundcubemail-docker/blob/master/README.md#configurationenvironment-variables) +can be defined in the `values.yml` file below the `config` section. +Alternatively can be the options passed via the `--set` flag of the `helm +install` command. diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl new file mode 100644 index 0000000..c7c3dba --- /dev/null +++ b/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "roundcube.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "roundcube.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "roundcube.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "roundcube.labels" -}} +helm.sh/chart: {{ include "roundcube.chart" . }} +{{ include "roundcube.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "roundcube.selectorLabels" -}} +app.kubernetes.io/name: {{ include "roundcube.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "roundcube.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "roundcube.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/templates/deployment.yaml b/templates/deployment.yaml new file mode 100644 index 0000000..838fc9f --- /dev/null +++ b/templates/deployment.yaml @@ -0,0 +1,61 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "roundcube.fullname" . }} + labels: + {{- include "roundcube.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "roundcube.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "roundcube.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "roundcube.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + envFrom: + - secretRef: + name: {{ include "roundcube.fullname" . }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: 80 + protocol: TCP + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/templates/ingress.yaml b/templates/ingress.yaml new file mode 100644 index 0000000..98be2bf --- /dev/null +++ b/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "roundcube.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "roundcube.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/templates/secrets.yaml b/templates/secrets.yaml new file mode 100644 index 0000000..8307e74 --- /dev/null +++ b/templates/secrets.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "roundcube.fullname" . }} +type: Opaque +stringData: + + {{- if not (hasKey .Values "config") -}} + {{- $_ := set .Values "config" dict -}} + {{- end -}} + + {{/* SETUP CONFIG */}} + {{ range $key, $value := .Values.config }} + {{ upper $key}}: {{ quote $value }} + {{ end }} diff --git a/templates/service.yaml b/templates/service.yaml new file mode 100644 index 0000000..2ca93e3 --- /dev/null +++ b/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "roundcube.fullname" . }} + labels: + {{- include "roundcube.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "roundcube.selectorLabels" . | nindent 4 }} diff --git a/templates/serviceaccount.yaml b/templates/serviceaccount.yaml new file mode 100644 index 0000000..08af6a7 --- /dev/null +++ b/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "roundcube.serviceAccountName" . }} + labels: + {{- include "roundcube.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/templates/tests/test-connection.yaml b/templates/tests/test-connection.yaml new file mode 100644 index 0000000..f819cbf --- /dev/null +++ b/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "roundcube.fullname" . }}-test-connection" + labels: + {{- include "roundcube.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "roundcube.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/values.yaml b/values.yaml new file mode 100644 index 0000000..5d9b1ea --- /dev/null +++ b/values.yaml @@ -0,0 +1,146 @@ +# Default values for roundcube. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +image: + repository: docker.io/roundcube/roundcubemail + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +config: + # ROUNDCUBEMAIL_DEFAULT_HOST + # Hostname of the IMAP server to connect to. For encrypted connections, prefix + # the host with tls:// (STARTTLS) or ssl:// (SSL/TLS). + # ROUNDCUBEMAIL_DEFAULT_HOST: "" + + # ROUNDCUBEMAIL_DEFAULT_PORT + # IMAP port number; defaults to 143 + # ROUNDCUBEMAIL_DEFAULT_PORT: "" + + # ROUNDCUBEMAIL_SMTP_USER + # SMTP username (if the outgoing email server requires authentication). Use "%u" to let Roundcube use the IMAP login user name. + # ROUNDCUBEMAIL_SMTP_USER: "%u" + + # ROUNDCUBEMAIL_SMTP_PASS + # SMTP password (if required). Use "%p" for the current IMAP login password. + # ROUNDCUBEMAIL_SMTP_PASS: "%p" + + # ROUNDCUBEMAIL_DES_KEY + # This key is used to encrypt the users IMAP password which is temporarily stored in the session database. For security reasons it's important that your Roundcube installation has its very own encryption key and that you *don't use the default value! * + # ROUNDCUBEMAIL_DES_KEY: "" + + # ROUNDCUBEMAIL_LANGUAGE + # This key is used to select preffered default language. + # ROUNDCUBEMAIL_LANGUAGE: "de_DE" + + # ROUNDCUBEMAIL_SMTP_SERVER + # Hostname of the SMTP server to send mails. For encrypted connections, prefix + # the host with tls:// (STARTTLS) or ssl:// (SSL/TLS). + # ROUNDCUBEMAIL_SMTP_SERVER: "" + + # ROUNDCUBEMAIL_SMTP_PORT + # SMTP port number; defaults to 587 + # ROUNDCUBEMAIL_SMTP_PORT: "" + + # ROUNDCUBEMAIL_PLUGINS + # List of built-in plugins to activate. Defaults to archive,zipdownload + # ROUNDCUBEMAIL_PLUGINS: "" + + # ROUNDCUBEMAIL_SKIN + # Configures the default theme. Defaults to larry + # ROUNDCUBEMAIL_SKIN: "" + + # ROUNDCUBEMAIL_UPLOAD_MAX_FILESIZE + # File upload size limit; defaults to 5M + # ROUNDCUBEMAIL_UPLOAD_MAX_FILESIZE: "" + + # ROUNDCUBEMAIL_DB_TYPE + # Database provider; currently supported: mysql, pgsql, sqlite + # ROUNDCUBEMAIL_DB_TYPE: "" + + # ROUNDCUBEMAIL_DB_HOST + # Host (or Docker instance) name of the database service; defaults to mysql or + # postgres depending on linked containers. + # ROUNDCUBEMAIL_DB_HOST: "" + + # ROUNDCUBEMAIL_DB_PORT + # Port number of the database service; defaults to 3306 or 5432 depending on + # linked containers. + # ROUNDCUBEMAIL_DB_PORT: "" + + # ROUNDCUBEMAIL_DB_USER + # The database username for Roundcube; defaults to root on mysql + # ROUNDCUBEMAIL_DB_USER: "" + + # ROUNDCUBEMAIL_DB_PASSWORD + # The password for the database connection + # ROUNDCUBEMAIL_DB_PASSWORD: "" + + # ROUNDCUBEMAIL_DB_NAME + # The database name for Roundcube to use; defaults to roundcubemail + # ROUNDCUBEMAIL_DB_NAME: "" + +service: + type: ClusterIP + port: 80 + +ingress: + enabled: false + className: "" + annotations: {} + # cert-manager.io/issuer: "" + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: roundcube-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +nodeSelector: {} + +tolerations: [] + +affinity: {}