Browse Source

add helm chart to repo

tags/0.0.6
Vladimir Smagin 2 months ago
parent
commit
018bf1894e
13 changed files with 477 additions and 4 deletions
  1. +6
    -0
      Jenkinsfile
  2. +12
    -4
      README.md
  3. +23
    -0
      deploy/helm_chart/.helmignore
  4. +21
    -0
      deploy/helm_chart/Chart.yaml
  5. +63
    -0
      deploy/helm_chart/templates/_helpers.tpl
  6. +69
    -0
      deploy/helm_chart/templates/clusterrole.yaml
  7. +18
    -0
      deploy/helm_chart/templates/clusterrole_binding.yaml
  8. +38
    -0
      deploy/helm_chart/templates/crds/blindage_v1alpha1_wordpress_crd.yaml
  9. +73
    -0
      deploy/helm_chart/templates/deployment.yaml
  10. +74
    -0
      deploy/helm_chart/templates/role.yaml
  11. +18
    -0
      deploy/helm_chart/templates/role_binding.yaml
  12. +17
    -0
      deploy/helm_chart/templates/serviceaccount.yaml
  13. +45
    -0
      deploy/helm_chart/values.yaml

+ 6
- 0
Jenkinsfile View File

@@ -30,6 +30,12 @@ node {
}

if ( git_tag != null ) {

stage("Update Helm Chart") {
sh "tar -zcvf /var/www/charts.blindage.org/wordpress-operator-${version}.tgz -C deploy/helm_chart ."
sh "cd /var/www/charts.blindage.org/ && helm repo index ."
}
stage("Push Image") {
try {



+ 12
- 4
README.md View File

@@ -16,14 +16,22 @@ You can find images here https://hub.docker.com/r/iam21h/cron-operator. Pin vers

## Deploy operator

Cluster scoped installation:
Edit files and run:

```
kubectl -f deploy/crds/blindage_v1alpha1_cronop_crd.yaml
kubectl -f deploy/clusterrole.yaml
kubectl -f deploy/clusterrole_binding.yaml # service account namespace here
kubectl -n default -f deploy/service_account.yaml
kubectl -n default -f deploy/operator.yaml
kubectl -f deploy/clusterrole_binding.yaml # edit service account namespace here
kubectl -n operators -f deploy/service_account.yaml
kubectl -n operators -f deploy/operator.yaml
```

or use Helm:

```
helm repo add 21h https://charts.blindage.org
helm repo update
helm install cron-operator 21h/cron-operator -n operators
```

Change `operator.yaml` if you want operator watch only specified namespace. Check `deploy` directory, may be you want to use Role instead of ClusterRole.


+ 23
- 0
deploy/helm_chart/.helmignore View File

@@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

+ 21
- 0
deploy/helm_chart/Chart.yaml View File

@@ -0,0 +1,21 @@
apiVersion: v2
name: cron-operator
description: A Helm chart for cron-operator

# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application

# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
version: 0.0.1

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application.
appVersion: 0.0.6

+ 63
- 0
deploy/helm_chart/templates/_helpers.tpl View File

@@ -0,0 +1,63 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "cron-operator.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}

{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "cron-operator.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}

{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "cron-operator.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}

{{/*
Common labels
*/}}
{{- define "cron-operator.labels" -}}
helm.sh/chart: {{ include "cron-operator.chart" . }}
{{ include "cron-operator.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}

{{/*
Selector labels
*/}}
{{- define "cron-operator.selectorLabels" -}}
app.kubernetes.io/name: {{ include "cron-operator.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}

{{/*
Create the name of the service account to use
*/}}
{{- define "cron-operator.serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}}
{{ default (include "cron-operator.fullname" .) .Values.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.serviceAccount.name }}
{{- end -}}
{{- end -}}

+ 69
- 0
deploy/helm_chart/templates/clusterrole.yaml View File

@@ -0,0 +1,69 @@
{{- if .Values.clusterScoped -}}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
name: cron-operator
rules:
- apiGroups:
- ""
resources:
- pods
- services
- services/finalizers
- endpoints
- persistentvolumeclaims
- events
- configmaps
- secrets
verbs:
- '*'
- apiGroups:
- apps
resources:
- deployments
- daemonsets
- replicasets
- statefulsets
verbs:
- '*'
- apiGroups:
- policy
resources:
- poddisruptionbudgets
verbs:
- '*'
- apiGroups:
- monitoring.coreos.com
resources:
- servicemonitors
verbs:
- get
- create
- apiGroups:
- apps
resourceNames:
- cron-operator
resources:
- deployments/finalizers
verbs:
- update
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- apiGroups:
- apps
resources:
- replicasets
verbs:
- get
- apiGroups:
- blindage.org
resources:
- '*'
verbs:
- '*'
{{- end }}

+ 18
- 0
deploy/helm_chart/templates/clusterrole_binding.yaml View File

@@ -0,0 +1,18 @@
{{- if .Values.clusterScoped -}}
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: cron-operator
subjects:
- kind: ServiceAccount
name: {{ include "cron-operator.serviceAccountName" . }}
{{ if .Values.watchNamespace }}
namespace: "{{ .Values.watchNamespace }}"
{{ else }}
namespace: "{{ .Release.Namespace }}"
{{ end }}
roleRef:
kind: ClusterRole
name: cron-operator
apiGroup: rbac.authorization.k8s.io
{{- end }}

+ 38
- 0
deploy/helm_chart/templates/crds/blindage_v1alpha1_wordpress_crd.yaml View File

@@ -0,0 +1,38 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: crones.blindage.org
spec:
group: blindage.org
names:
kind: cron
listKind: cronList
plural: crones
singular: cron
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
type: object
status:
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true

+ 73
- 0
deploy/helm_chart/templates/deployment.yaml View File

@@ -0,0 +1,73 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "cron-operator.fullname" . }}
labels:
{{- include "cron-operator.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
{{- include "cron-operator.selectorLabels" . | nindent 6 }}
template:
metadata:
labels:
{{- include "cron-operator.selectorLabels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "cron-operator.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: "operator"
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
command:
- cron-operator
env:
{{- if .Values.clusterScoped }}
{{ if .Values.watchNamespace }}
- name: WATCH_NAMESPACE
value: "{{ .Values.watchNamespace }}"
{{ else }}
- name: WATCH_NAMESPACE
value: ""
{{ end }}
{{ else }}
{{ if .Values.watchNamespace }}
- name: WATCH_NAMESPACE
value: "{{ .Values.watchNamespace }}"
{{ else }}
- name: WATCH_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
{{ end }}
{{ end }}
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: OPERATOR_NAME
value: "cron-operator"
- name: SENTRY_DSN
value: "{{ .Values.sentry_dsn }}"
resources:
{{- toYaml .Values.resources | nindent 12 }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

+ 74
- 0
deploy/helm_chart/templates/role.yaml View File

@@ -0,0 +1,74 @@
{{- if not .Values.clusterScoped -}}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
creationTimestamp: null
name: cron-operator
{{ if .Values.watchNamespace }}
namespace: "{{ .Values.watchNamespace }}"
{{ else }}
namespace: "{{ .Release.Namespace }}"
{{ end }}
rules:
- apiGroups:
- ""
resources:
- pods
- services
- services/finalizers
- endpoints
- persistentvolumeclaims
- events
- configmaps
- secrets
verbs:
- '*'
- apiGroups:
- apps
resources:
- deployments
- daemonsets
- replicasets
- statefulsets
verbs:
- '*'
- apiGroups:
- policy
resources:
- poddisruptionbudgets
verbs:
- '*'
- apiGroups:
- monitoring.coreos.com
resources:
- servicemonitors
verbs:
- get
- create
- apiGroups:
- apps
resourceNames:
- cron-operator
resources:
- deployments/finalizers
verbs:
- update
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- apiGroups:
- apps
resources:
- replicasets
verbs:
- get
- apiGroups:
- blindage.org
resources:
- '*'
verbs:
- '*'
{{- end }}

+ 18
- 0
deploy/helm_chart/templates/role_binding.yaml View File

@@ -0,0 +1,18 @@
{{- if not .Values.clusterScoped -}}
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: cron-operator
{{ if .Values.watchNamespace }}
namespace: "{{ .Values.watchNamespace }}"
{{ else }}
namespace: "{{ .Release.Namespace }}"
{{ end }}
subjects:
- kind: ServiceAccount
name: {{ include "cron-operator.serviceAccountName" . }}
roleRef:
kind: Role
name: cron-operator
apiGroup: rbac.authorization.k8s.io
{{- end }}

+ 17
- 0
deploy/helm_chart/templates/serviceaccount.yaml View File

@@ -0,0 +1,17 @@
{{- if .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "cron-operator.serviceAccountName" . }}
{{ if .Values.watchNamespace }}
namespace: "{{ .Values.watchNamespace }}"
{{ else }}
namespace: "{{ .Release.Namespace }}"
{{ end }}
labels:
{{- include "cron-operator.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end -}}

+ 45
- 0
deploy/helm_chart/values.yaml View File

@@ -0,0 +1,45 @@
# set visibility of CRs
# true: all CRs will be visible across cluster
# false: CRs visible only in watchNamespace below
clusterScoped: true

# set namespace with watched CRs
# if empty and clusterScoped=true: try to see whole cluster, ClusterRole will be used
# if defined and clusterScoped=true: try to see only specified namespace in cluster, ClusterRole will be used
# if empty and clusterScoped=false: try to see only in operator's namespace in cluster, Role will be used
# if defined and clusterScoped=false: try to see only specified namespace in cluster, Role will be used
watchNamespace: ""

replicaCount: 1

image:
repository: iam21h/cron-operator
tag: 0.0.6
pullPolicy: Always

sentry_dsn: ""

imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""

serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: cron-operator

podSecurityContext: {}

securityContext: {}

resources: {}

nodeSelector: {}

tolerations: []

affinity: {}

Loading…
Cancel
Save