diff --git a/argocd-apps/baikal.yaml b/argocd-apps/baikal.yaml deleted file mode 100644 index f68d8b5..0000000 --- a/argocd-apps/baikal.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: baikal - namespace: argocd -spec: - project: my-apps - source: - repoURL: https://git.dvirlabs.com/dvirlabs/my-apps.git - targetRevision: HEAD - path: charts/baikal - helm: - valueFiles: - - ../../manifests/baikal/values.yaml - destination: - server: https://kubernetes.default.svc - namespace: my-apps - syncPolicy: - automated: - prune: true - selfHeal: true diff --git a/charts/baikal/.helmignore b/charts/baikal/.helmignore deleted file mode 100644 index feb7464..0000000 --- a/charts/baikal/.helmignore +++ /dev/null @@ -1,32 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ -# OWNERS file for Kubernetes -OWNERS -# helm-docs templates -*.gotmpl -# docs folder -/docs -# icon -icon.png -icon.webp -icon-small.webp diff --git a/charts/baikal/CHANGELOG.md b/charts/baikal/CHANGELOG.md deleted file mode 100644 index fafead5..0000000 --- a/charts/baikal/CHANGELOG.md +++ /dev/null @@ -1,563 +0,0 @@ ---- -title: Changelog -pagefind: false ---- - -## [baikal-1.0.0](https://github.com/truecharts/charts/compare/baikal-0.0.34...baikal-1.0.0) (2022-11-10) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Major Change to GUI -- update helm general non-major ([#4342](https://github.com/truecharts/charts/issues/4342)) -- update helm general non-major ([#4349](https://github.com/truecharts/charts/issues/4349)) -- update helm general non-major ([#4329](https://github.com/truecharts/charts/issues/4329)) - -## [baikal-0.0.37](https://github.com/truecharts/charts/compare/baikal-0.0.34...baikal-0.0.37) (2022-11-08) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- update helm general non-major ([#4342](https://github.com/truecharts/charts/issues/4342)) -- update helm general non-major ([#4349](https://github.com/truecharts/charts/issues/4349)) -- update helm general non-major ([#4329](https://github.com/truecharts/charts/issues/4329)) - -## [baikal-0.0.36](https://github.com/truecharts/charts/compare/baikal-0.0.34...baikal-0.0.36) (2022-11-08) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- update helm general non-major ([#4342](https://github.com/truecharts/charts/issues/4342)) -- update helm general non-major ([#4329](https://github.com/truecharts/charts/issues/4329)) - -## [baikal-0.0.36](https://github.com/truecharts/charts/compare/baikal-0.0.34...baikal-0.0.36) (2022-11-08) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- update helm general non-major ([#4342](https://github.com/truecharts/charts/issues/4342)) -- update helm general non-major ([#4329](https://github.com/truecharts/charts/issues/4329)) - -## [baikal-0.0.36](https://github.com/truecharts/charts/compare/baikal-0.0.34...baikal-0.0.36) (2022-11-08) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- update helm general non-major ([#4342](https://github.com/truecharts/charts/issues/4342)) -- update helm general non-major ([#4329](https://github.com/truecharts/charts/issues/4329)) - -## [baikal-0.0.35](https://github.com/truecharts/charts/compare/baikal-0.0.34...baikal-0.0.35) (2022-11-07) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- update helm general non-major ([#4329](https://github.com/truecharts/charts/issues/4329)) - -## [baikal-0.0.35](https://github.com/truecharts/charts/compare/baikal-0.0.34...baikal-0.0.35) (2022-11-06) - -### Chore - -- Auto-update chart README [skip ci] -- update helm general non-major ([#4329](https://github.com/truecharts/charts/issues/4329)) - -## [baikal-0.0.34](https://github.com/truecharts/charts/compare/baikal-0.0.33...baikal-0.0.34) (2022-11-06) - -### Chore - -- Auto-update chart README [skip ci] -- update helm general non-major ([#4317](https://github.com/truecharts/charts/issues/4317)) - -## [baikal-0.0.33](https://github.com/truecharts/charts/compare/baikal-0.0.32...baikal-0.0.33) (2022-11-05) - -### Chore - -- Auto-update chart README [skip ci] -- update helm general non-major ([#4308](https://github.com/truecharts/charts/issues/4308)) - -## [baikal-0.0.32](https://github.com/truecharts/charts/compare/baikal-0.0.31...baikal-0.0.32) (2022-11-02) - -### Chore - -- Auto-update chart README [skip ci] -- update helm general non-major ([#4261](https://github.com/truecharts/charts/issues/4261)) - -## [baikal-0.0.31](https://github.com/truecharts/charts/compare/baikal-0.0.30...baikal-0.0.31) (2022-10-25) - -### Chore - -- Auto-update chart README [skip ci] -- update helm general non-major ([#4182](https://github.com/truecharts/charts/issues/4182)) - -## [baikal-0.0.30](https://github.com/truecharts/charts/compare/baikal-0.0.29...baikal-0.0.30) (2022-10-19) - -### Chore - -- Auto-update chart README [skip ci] -- update helm general non-major ([#4122](https://github.com/truecharts/charts/issues/4122)) - -## [baikal-0.0.29](https://github.com/truecharts/charts/compare/baikal-0.0.28...baikal-0.0.29) (2022-10-12) - -### Chore - -- Auto-update chart README [skip ci] -- update helm general non-major ([#4071](https://github.com/truecharts/charts/issues/4071)) - -## [baikal-0.0.28](https://github.com/truecharts/charts/compare/baikal-0.0.27...baikal-0.0.28) (2022-10-07) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- update helm general non-major - -## [baikal-0.0.28](https://github.com/truecharts/charts/compare/baikal-0.0.27...baikal-0.0.28) (2022-10-07) - -### Chore - -- Auto-update chart README [skip ci] -- update helm general non-major - -## [baikal-0.0.27](https://github.com/truecharts/charts/compare/baikal-0.0.26...baikal-0.0.27) (2022-10-05) - -### Chore - -- Auto-update chart README [skip ci] -- split addons in smaller templates ([#3979](https://github.com/truecharts/charts/issues/3979)) -- update helm general non-major - -## [baikal-0.0.26](https://github.com/truecharts/charts/compare/baikal-0.0.25...baikal-0.0.26) (2022-09-27) - -### Chore - -- Auto-update chart README [skip ci] -- update helm general non-major ([#3918](https://github.com/truecharts/charts/issues/3918)) - -## [baikal-0.0.25](https://github.com/truecharts/charts/compare/baikal-0.0.24...baikal-0.0.25) (2022-09-25) - -### Chore - -- Auto-update chart README [skip ci] -- update helm general non-major ([#3898](https://github.com/truecharts/charts/issues/3898)) - -## [baikal-0.0.24](https://github.com/truecharts/charts/compare/baikal-0.0.23...baikal-0.0.24) (2022-09-22) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- refactor Services SCALE GUI -- update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767)) -- split serviceSelector ([#3751](https://github.com/truecharts/charts/issues/3751)) - -## [baikal-0.0.24](https://github.com/truecharts/charts/compare/baikal-0.0.23...baikal-0.0.24) (2022-09-21) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- refactor Services SCALE GUI -- update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767)) -- split serviceSelector ([#3751](https://github.com/truecharts/charts/issues/3751)) - -## [baikal-0.0.24](https://github.com/truecharts/charts/compare/baikal-0.0.23...baikal-0.0.24) (2022-09-21) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- refactor Services SCALE GUI -- update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767)) -- split serviceSelector ([#3751](https://github.com/truecharts/charts/issues/3751)) - -## [baikal-0.0.24](https://github.com/truecharts/charts/compare/baikal-0.0.23...baikal-0.0.24) (2022-09-20) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- refactor Services SCALE GUI -- update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767)) -- split serviceSelector ([#3751](https://github.com/truecharts/charts/issues/3751)) - -## [baikal-0.0.24](https://github.com/truecharts/charts/compare/baikal-0.0.23...baikal-0.0.24) (2022-09-20) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- refactor Services SCALE GUI -- update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767)) -- split serviceSelector ([#3751](https://github.com/truecharts/charts/issues/3751)) - -## [baikal-0.0.24](https://github.com/truecharts/charts/compare/baikal-0.0.23...baikal-0.0.24) (2022-09-19) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- refactor Services SCALE GUI -- update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767)) -- split serviceSelector ([#3751](https://github.com/truecharts/charts/issues/3751)) - -## [baikal-0.0.24](https://github.com/truecharts/charts/compare/baikal-0.0.23...baikal-0.0.24) (2022-09-19) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- refactor Services SCALE GUI -- update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767)) -- split serviceSelector ([#3751](https://github.com/truecharts/charts/issues/3751)) - -## [baikal-0.0.24](https://github.com/truecharts/charts/compare/baikal-0.0.23...baikal-0.0.24) (2022-09-19) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- refactor Services SCALE GUI -- update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767)) -- split serviceSelector ([#3751](https://github.com/truecharts/charts/issues/3751)) - -## [baikal-0.0.24](https://github.com/truecharts/charts/compare/baikal-0.0.23...baikal-0.0.24) (2022-09-17) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- refactor Services SCALE GUI -- update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767)) -- split serviceSelector ([#3751](https://github.com/truecharts/charts/issues/3751)) - -## [baikal-0.0.24](https://github.com/truecharts/charts/compare/baikal-0.0.23...baikal-0.0.24) (2022-09-18) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767)) -- split serviceSelector ([#3751](https://github.com/truecharts/charts/issues/3751)) - -## [baikal-0.0.24](https://github.com/truecharts/charts/compare/baikal-0.0.23...baikal-0.0.24) (2022-09-16) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767)) -- split serviceSelector ([#3751](https://github.com/truecharts/charts/issues/3751)) - -## [baikal-0.0.24](https://github.com/truecharts/charts/compare/baikal-0.0.23...baikal-0.0.24) (2022-09-16) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767)) -- split serviceSelector ([#3751](https://github.com/truecharts/charts/issues/3751)) - -## [baikal-0.0.24](https://github.com/truecharts/charts/compare/baikal-0.0.23...baikal-0.0.24) (2022-09-15) - -### Chore - -- Auto-update chart README [skip ci] -- update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767)) -- split serviceSelector ([#3751](https://github.com/truecharts/charts/issues/3751)) - -## [baikal-0.0.24](https://github.com/truecharts/charts/compare/baikal-0.0.23...baikal-0.0.24) (2022-09-15) - -### Chore - -- update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767)) -- split serviceSelector ([#3751](https://github.com/truecharts/charts/issues/3751)) - -## [baikal-0.0.23](https://github.com/truecharts/charts/compare/baikal-0.0.22...baikal-0.0.23) (2022-09-12) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- update helm general non-major ([#3711](https://github.com/truecharts/charts/issues/3711)) - -## [baikal-0.0.23](https://github.com/truecharts/charts/compare/baikal-0.0.22...baikal-0.0.23) (2022-09-12) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- update helm general non-major ([#3711](https://github.com/truecharts/charts/issues/3711)) - -## [baikal-0.0.23](https://github.com/truecharts/charts/compare/baikal-0.0.22...baikal-0.0.23) (2022-09-11) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- update helm general non-major ([#3711](https://github.com/truecharts/charts/issues/3711)) - -## [baikal-0.0.23](https://github.com/truecharts/charts/compare/baikal-0.0.22...baikal-0.0.23) (2022-09-11) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- update helm general non-major ([#3711](https://github.com/truecharts/charts/issues/3711)) - -## [baikal-0.0.23](https://github.com/truecharts/charts/compare/baikal-0.0.22...baikal-0.0.23) (2022-09-11) - -### Chore - -- Auto-update chart README [skip ci] -- update helm general non-major ([#3711](https://github.com/truecharts/charts/issues/3711)) - -## [baikal-0.0.23](https://github.com/truecharts/charts/compare/baikal-0.0.22...baikal-0.0.23) (2022-09-11) - -### Chore - -- update helm general non-major ([#3711](https://github.com/truecharts/charts/issues/3711)) - -## [baikal-0.0.22](https://github.com/truecharts/charts/compare/baikal-0.0.21...baikal-0.0.22) (2022-08-30) - -### Chore - -- update helm general non-major ([#3639](https://github.com/truecharts/charts/issues/3639)) - -## [baikal-0.0.21](https://github.com/truecharts/charts/compare/baikal-0.0.20...baikal-0.0.21) (2022-08-30) - -### Chore - -- update helm chart common to v10.5.5 ([#3626](https://github.com/truecharts/charts/issues/3626)) - -## [baikal-0.0.20](https://github.com/truecharts/charts/compare/baikal-0.0.19...baikal-0.0.20) (2022-08-29) - -### Chore - -- update helm general non-major ([#3619](https://github.com/truecharts/charts/issues/3619)) - -## [baikal-0.0.19](https://github.com/truecharts/charts/compare/baikal-0.0.17...baikal-0.0.19) (2022-08-26) - -### Fix - -- some cleanup ([#3586](https://github.com/truecharts/charts/issues/3586)) - -## [baikal-0.0.17](https://github.com/truecharts/charts/compare/baikal-0.0.16...baikal-0.0.17) (2022-08-23) - -### Chore - -- update helm general non-major helm releases ([#3545](https://github.com/truecharts/charts/issues/3545)) - -## [baikal-0.0.16](https://github.com/truecharts/charts/compare/baikal-0.0.15...baikal-0.0.16) (2022-08-12) - -### Chore - -- add documentation checkbox/section to all SCALE Apps -- update helm general non-major helm releases ([#3456](https://github.com/truecharts/charts/issues/3456)) - -### Fix - -- move extraArgs from .Values.controller to .Values ([#3447](https://github.com/truecharts/charts/issues/3447)) - -## [baikal-0.0.15](https://github.com/truecharts/charts/compare/baikal-0.0.14...baikal-0.0.15) (2022-08-10) - -### Chore - -- update docker general non-major ([#3421](https://github.com/truecharts/charts/issues/3421)) - -### Fix - -- cleanup ([#3389](https://github.com/truecharts/charts/issues/3389)) - -## [baikal-0.0.14](https://github.com/truecharts/charts/compare/baikal-0.0.13...baikal-0.0.14) (2022-08-08) - -### Chore - -- update helm general non-major helm releases ([#3376](https://github.com/truecharts/charts/issues/3376)) -- replace questions parts with templates ([#3402](https://github.com/truecharts/charts/issues/3402)) - -## [baikal-0.0.13](https://github.com/truecharts/apps/compare/baikal-0.0.12...baikal-0.0.13) (2022-07-26) - -### Chore - -- update home links ([#3291](https://github.com/truecharts/apps/issues/3291)) -- update helm general non-major helm releases ([#3302](https://github.com/truecharts/apps/issues/3302)) - -## [baikal-0.0.12](https://github.com/truecharts/apps/compare/baikal-0.0.11...baikal-0.0.12) (2022-07-23) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Bump all charts to generate config and container references due to huge increase of repository -- update helm general non-major helm releases ([#3280](https://github.com/truecharts/apps/issues/3280)) - -### Feat - -- move dev apps to incubator and remove bad content from dev - -## [baikal-0.0.12](https://github.com/truecharts/apps/compare/baikal-0.0.11...baikal-0.0.12) (2022-07-23) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Bump all charts to generate config and container references due to huge increase of repository -- update helm general non-major helm releases ([#3280](https://github.com/truecharts/apps/issues/3280)) - -### Feat - -- move dev apps to incubator and remove bad content from dev - -## [baikal-0.0.12](https://github.com/truecharts/apps/compare/baikal-0.0.11...baikal-0.0.12) (2022-07-23) - -### Chore - -- Auto-update chart README [skip ci] -- Auto-update chart README [skip ci] -- Bump all charts to generate config and container references due to huge increase of repository -- update helm general non-major helm releases ([#3280](https://github.com/truecharts/apps/issues/3280)) - -### Feat - -- move dev apps to incubator and remove bad content from dev - - - -### [baikal-0.0.5](https://github.com/truecharts/apps/compare/baikal-0.0.4...baikal-0.0.5) (2022-05-05) - -#### Chore - -- update helm general non-major helm releases ([#2612](https://github.com/truecharts/apps/issues/2612)) - - - -### [baikal-0.0.4](https://github.com/truecharts/apps/compare/baikal-0.0.3...baikal-0.0.4) (2022-04-26) - -#### Chore - -- update helm general non-major helm releases ([#2573](https://github.com/truecharts/apps/issues/2573)) - - - -### [baikal-0.0.3](https://github.com/truecharts/apps/compare/baikal-0.0.2...baikal-0.0.3) (2022-04-20) - -#### Chore - -- add missing quote on description ([#2515](https://github.com/truecharts/apps/issues/2515)) -- update helm general non-major helm releases ([#2524](https://github.com/truecharts/apps/issues/2524)) - - - -### [baikal-0.0.2](https://github.com/truecharts/apps/compare/baikal-0.0.1...baikal-0.0.2) (2022-04-12) - -#### Chore - -- Auto-update chart README [skip ci] -- update helm general non-major helm releases ([#2480](https://github.com/truecharts/apps/issues/2480)) - -#### Fix - -- ensure ghcr is used when running tests ([#2449](https://github.com/truecharts/apps/issues/2449)) - - - -### baikal-0.0.1 (2022-04-07) - -#### Feat - -- Unraid Port - B ([#2440](https://github.com/truecharts/apps/issues/2440)) diff --git a/charts/baikal/Chart.lock b/charts/baikal/Chart.lock deleted file mode 100644 index 879177f..0000000 --- a/charts/baikal/Chart.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: common - repository: oci://tccr.io/truecharts - version: 28.16.2 -digest: sha256:5a4cb4205635ca4c128591b20d037825478c3662c8d7a3e5c4d676f421e55bb3 -generated: "2025-08-18T08:24:37.066886844Z" diff --git a/charts/baikal/Chart.yaml b/charts/baikal/Chart.yaml deleted file mode 100644 index 958c69c..0000000 --- a/charts/baikal/Chart.yaml +++ /dev/null @@ -1,33 +0,0 @@ -annotations: - artifacthub.io/links: |- - - name: support - url: https://discord.com/invite/tVsPTHWTtr - max_scale_version: 24.04.1 - min_scale_version: 24.04.0 - truecharts.org/category: utilities - truecharts.org/max_helm_version: "3.17" - truecharts.org/min_helm_version: "3.14" - truecharts.org/train: stable -apiVersion: v2 -appVersion: 0.10.1 -dependencies: -- name: common - repository: oci://tccr.io/truecharts - version: 28.16.2 -description: Baikal is a lightweight CalDAV+CardDAV server -home: https://truecharts.org/charts/stable/baikal -icon: https://truecharts.org/img/hotlink-ok/chart-icons/baikal.webp -keywords: -- baikal -kubeVersion: '>=1.24.0-0' -maintainers: -- email: info@truecharts.org - name: TrueCharts - url: https://truecharts.org -name: baikal -sources: -- https://github.com/ckulka/baikal-docker -- https://github.com/truecharts/charts/tree/master/charts/stable/baikal -- https://hub.docker.com/r/ckulka/baikal -type: application -version: 8.3.2 diff --git a/charts/baikal/README.md b/charts/baikal/README.md deleted file mode 100644 index 2673a22..0000000 --- a/charts/baikal/README.md +++ /dev/null @@ -1,50 +0,0 @@ ---- -title: README ---- - -## General Info - -For more information about this Chart, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/baikal) - -**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)** - -## Installation - -### Helm-Chart installation - -To install TrueCharts Helm charts using Helm, you can use our OCI Repository. - -`helm install mychart oci://tccr.io/truecharts/baikal` - -For more information on how to install TrueCharts Helm charts, checkout the [instructions on the website](/guides) - -## Chart Specific Guides and information - -All our charts have dedicated documentation pages. -The documentation for this chart can be found here: -https://truecharts.org/charts/stable/baikal - -## Configuration Options - -To view the chart specific options, please view Values.yaml included in the chart. -The most recent version of which, is available here: https://github.com/truecharts/public/blob/master/charts/stable/baikal/values.yaml - -All our Charts use a shared "common" library chart that contains most of the templating and options. -For the complete overview of all available options, please checkout the documentation for them on the [common docs on our website](/common) - -For information about the common chart and all defaults included with it, please review its values.yaml file available here: https://github.com/truecharts/public/blob/master/charts/library/common/values.yaml - -## Support - -- See the [Website](https://truecharts.org) -- Check our [Discord](https://discord.gg/tVsPTHWTtr) -- Open a [issue](https://github.com/truecharts/charts/issues/new/choose) - ---- - -## Sponsor TrueCharts - -TrueCharts can only exist due to the incredible effort of our staff. -Please consider making a [donation](/general/sponsor) or contributing back to the project any way you can! - -_All Rights Reserved - The TrueCharts Project_ diff --git a/charts/baikal/charts/common/.helmignore b/charts/baikal/charts/common/.helmignore deleted file mode 100644 index feb7464..0000000 --- a/charts/baikal/charts/common/.helmignore +++ /dev/null @@ -1,32 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ -# OWNERS file for Kubernetes -OWNERS -# helm-docs templates -*.gotmpl -# docs folder -/docs -# icon -icon.png -icon.webp -icon-small.webp diff --git a/charts/baikal/charts/common/Chart.lock b/charts/baikal/charts/common/Chart.lock deleted file mode 100644 index 2d93e99..0000000 --- a/charts/baikal/charts/common/Chart.lock +++ /dev/null @@ -1,3 +0,0 @@ -dependencies: [] -digest: sha256:643d5437104296e21d906ecb15b2c96ad278f20cfc4af53b12bb6069bd853726 -generated: "2025-08-18T01:12:02.398827845Z" diff --git a/charts/baikal/charts/common/Chart.yaml b/charts/baikal/charts/common/Chart.yaml deleted file mode 100644 index 2216223..0000000 --- a/charts/baikal/charts/common/Chart.yaml +++ /dev/null @@ -1,49 +0,0 @@ -annotations: - artifacthub.io/category: integration-delivery - artifacthub.io/license: BUSL-1.1 - artifacthub.io/links: |- - - name: support - url: https://discord.com/invite/tVsPTHWTtr - truecharts.org/category: unsorted - truecharts.org/max_helm_version: "3.17" - truecharts.org/min_helm_version: "3.14" - truecharts.org/train: library -apiVersion: v2 -appVersion: 1.11.0 -description: Function library for TrueCharts -home: https://truecharts.org/charts/library/common -icon: https://truecharts.org/img/hotlink-ok/chart-icons/common.webp -keywords: -- truecharts -- library-chart -- common -kubeVersion: '>=1.24.0-0' -maintainers: -- email: info@truecharts.org - name: TrueCharts - url: https://truecharts.org -name: common -sources: -- https://ghcr.io/cloudnative-pg/postgis -- https://ghcr.io/cloudnative-pg/postgresql -- https://ghcr.io/tensorchord/cloudnative-pgvecto.rs -- https://ghcr.io/traefik/whoami -- https://github.com/truecharts/charts/tree/master/charts/library/common -- https://github.com/truecharts/containers/tree/master/apps/alpine -- https://github.com/truecharts/containers/tree/master/apps/code-server -- https://github.com/truecharts/containers/tree/master/apps/db-wait-mariadb -- https://github.com/truecharts/containers/tree/master/apps/db-wait-mongodb -- https://github.com/truecharts/containers/tree/master/apps/db-wait-postgres -- https://github.com/truecharts/containers/tree/master/apps/db-wait-redis -- https://github.com/truecharts/containers/tree/master/apps/gluetun -- https://github.com/truecharts/containers/tree/master/apps/kubectl -- https://github.com/truecharts/containers/tree/master/apps/netshoot -- https://github.com/truecharts/containers/tree/master/apps/openvpn-client -- https://github.com/truecharts/containers/tree/master/apps/scratch -- https://github.com/truecharts/containers/tree/master/apps/tailscale -- https://github.com/truecharts/containers/tree/master/apps/wget -- https://github.com/truecharts/containers/tree/master/apps/wireguard -- https://hub.docker.com/_/ -- https://hub.docker.com/r/mikefarah/yq -type: library -version: 28.16.2 diff --git a/charts/baikal/charts/common/LICENSE b/charts/baikal/charts/common/LICENSE deleted file mode 100644 index 4ce034b..0000000 --- a/charts/baikal/charts/common/LICENSE +++ /dev/null @@ -1,106 +0,0 @@ -Business Source License 1.1 - -Parameters - -Licensor: The TrueCharts Project, it's owner and it's contributors -Licensed Work: The TrueCharts "Common" Helm Chart -Additional Use Grant: You may use the licensed work in production, as long - as it is directly sourced from a TrueCharts provided - official repository, catalog or source. You may also make private - modification to the directly sourced licenced work, - when used in production. - - The following cases are, due to their nature, also - defined as 'production use' and explicitly prohibited: - - Bundling, including or displaying the licensed work - with(in) another work intended for production use, - with the apparent intend of facilitating and/or - promoting production use by third parties in - violation of this license. - -Change Date: 2050-01-01 - -Change License: 3-clause BSD license - -For information about alternative licensing arrangements for the Software, -please contact: legal@truecharts.org - -Notice - -The Business Source License (this document, or the “License”) is not an Open -Source license. However, the Licensed Work will eventually be made available -under an Open Source License, as stated in this License. - -License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved. -“Business Source License” is a trademark of MariaDB Corporation Ab. - ------------------------------------------------------------------------------ - -Business Source License 1.1 - -Terms - -The Licensor hereby grants you the right to copy, modify, create derivative -works, redistribute, and make non-production use of the Licensed Work. The -Licensor may make an Additional Use Grant, above, permitting limited -production use. - -Effective on the Change Date, or the fourth anniversary of the first publicly -available distribution of a specific version of the Licensed Work under this -License, whichever comes first, the Licensor hereby grants you rights under -the terms of the Change License, and the rights granted in the paragraph -above terminate. - -If your use of the Licensed Work does not comply with the requirements -currently in effect as described in this License, you must purchase a -commercial license from the Licensor, its affiliated entities, or authorized -resellers, or you must refrain from using the Licensed Work. - -All copies of the original and modified Licensed Work, and derivative works -of the Licensed Work, are subject to this License. This License applies -separately for each version of the Licensed Work and the Change Date may vary -for each version of the Licensed Work released by Licensor. - -You must conspicuously display this License on each original or modified copy -of the Licensed Work. If you receive the Licensed Work in original or -modified form from a third party, the terms and conditions set forth in this -License apply to your use of that work. - -Any use of the Licensed Work in violation of this License will automatically -terminate your rights under this License for the current and all other -versions of the Licensed Work. - -This License does not grant you any right in any trademark or logo of -Licensor or its affiliates (provided that you may use a trademark or logo of -Licensor as expressly required by this License). - -TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON -AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS, -EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND -TITLE. - -MariaDB hereby grants you permission to use this License’s text to license -your works, and to refer to it using the trademark “Business Source License”, -as long as you comply with the Covenants of Licensor below. - -Covenants of Licensor - -In consideration of the right to use this License’s text and the “Business -Source License” name and trademark, Licensor covenants to MariaDB, and to all -other recipients of the licensed work to be provided by Licensor: - -1. To specify as the Change License the GPL Version 2.0 or any later version, - or a license that is compatible with GPL Version 2.0 or a later version, - where “compatible” means that software provided under the Change License can - be included in a program with software provided under GPL Version 2.0 or a - later version. Licensor may specify additional Change Licenses without - limitation. - -2. To either: (a) specify an additional grant of rights to use that does not - impose any additional restriction on the right granted in this License, as - the Additional Use Grant; or (b) insert the text “None”. - -3. To specify a Change Date. - -4. Not to modify this License in any other way. diff --git a/charts/baikal/charts/common/README.md b/charts/baikal/charts/common/README.md deleted file mode 100644 index c71419b..0000000 --- a/charts/baikal/charts/common/README.md +++ /dev/null @@ -1,50 +0,0 @@ ---- -title: README ---- - -## General Info - -For more information about this Chart, please check the docs on the TrueCharts [website](https://truecharts.org/charts/library/common) - -**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)** - -## Installation - -### Helm-Chart installation - -To install TrueCharts Helm charts using Helm, you can use our OCI Repository. - -`helm install mychart oci://tccr.io/truecharts/common` - -For more information on how to install TrueCharts Helm charts, checkout the [instructions on the website](/guides) - -## Chart Specific Guides and information - -All our charts have dedicated documentation pages. -The documentation for this chart can be found here: -https://truecharts.org/charts/library/common - -## Configuration Options - -To view the chart specific options, please view Values.yaml included in the chart. -The most recent version of which, is available here: https://github.com/truecharts/public/blob/master/charts/library/common/values.yaml - -All our Charts use a shared "common" library chart that contains most of the templating and options. -For the complete overview of all available options, please checkout the documentation for them on the [common docs on our website](/common) - -For information about the common chart and all defaults included with it, please review its values.yaml file available here: https://github.com/truecharts/public/blob/master/charts/library/common/values.yaml - -## Support - -- See the [Website](https://truecharts.org) -- Check our [Discord](https://discord.gg/tVsPTHWTtr) -- Open a [issue](https://github.com/truecharts/charts/issues/new/choose) - ---- - -## Sponsor TrueCharts - -TrueCharts can only exist due to the incredible effort of our staff. -Please consider making a [donation](/general/sponsor) or contributing back to the project any way you can! - -_All Rights Reserved - The TrueCharts Project_ diff --git a/charts/baikal/charts/common/templates/addons/_codeserver.tpl b/charts/baikal/charts/common/templates/addons/_codeserver.tpl deleted file mode 100644 index c1187fd..0000000 --- a/charts/baikal/charts/common/templates/addons/_codeserver.tpl +++ /dev/null @@ -1,72 +0,0 @@ -{{/* -Template to render code-server addon -It will include / inject the required templates based on the given values. -*/}} -{{- define "tc.v1.common.addon.codeserver" -}} - {{- $codeSrv := $.Values.addons.codeserver -}} - - {{- if $codeSrv.enabled -}} - {{- $targetSelector := list "main" -}} - {{- if $codeSrv.targetSelector -}} - {{- $targetSelector = $codeSrv.targetSelector -}} - {{- end -}} - - {{- if gt ($targetSelector|len) 1 -}} - {{- fail "Codeserver Addon - Can only be attached to a single workload at a time" -}} - {{- end -}} - - {{/* Append the code-server container to the workloads */}} - {{- range $targetSelector -}} - {{- $workload := get $.Values.workload . -}} - {{- $_ := set $workload.podSpec.containers "codeserver" $codeSrv.container -}} - {{- end -}} - - {{/* Add the code-server service */}} - {{- if $codeSrv.service.enabled -}} - {{/* Add the code-server service */}} - {{- $hasPrimaryService := false -}} - {{- $result := (include "tc.v1.common.lib.service.hasPrimary" $) | fromJson -}} - {{- if and $result.hasEnabled $result.hasPrimary -}} - {{- $hasPrimaryService = true -}} - {{- end -}} - - {{- $svcValues := $codeSrv.service -}} - {{- $_ := set $svcValues "targetSelector" ($targetSelector|first) -}} - {{- if not $hasPrimaryService -}} - {{- $_ := set $svcValues "primary" true -}} - {{- end -}} - - {{- if not $.Values.service -}} - {{- $_ := set $.Values "service" dict -}} - {{- end -}} - - {{- $_ := set $.Values.service "codeserver" $svcValues -}} - {{- end -}} - - {{/* Add the code-server ingress */}} - {{- if $codeSrv.ingress.enabled -}} - {{- $ingressValues := $codeSrv.ingress -}} - {{- if not $ingressValues.targetSelector -}} - {{/* Assumes that both service and port are named codeserver */}} - {{- $_ := set $ingressValues "targetSelector" (dict "codeserver" "codeserver") -}} - {{- end -}} - - {{- $hasPrimaryIngress := false -}} - {{- $result := (include "tc.v1.common.lib.ingress.hasPrimary" $) | fromJson -}} - {{- if and $result.hasEnabled $result.hasPrimary -}} - {{- $hasPrimaryIngress = true -}} - {{- end -}} - - {{- if not $hasPrimaryIngress -}} - {{- $_ := set $ingressValues "primary" true -}} - {{- end -}} - - {{- if not $.Values.ingress -}} - {{- $_ := set $.Values "ingress" dict -}} - {{- end -}} - - {{/* Let spawner handle the rest */}} - {{- $_ := set $.Values.ingress "codeserver" $ingressValues -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/addons/_gluetun.tpl b/charts/baikal/charts/common/templates/addons/_gluetun.tpl deleted file mode 100644 index c93e4f4..0000000 --- a/charts/baikal/charts/common/templates/addons/_gluetun.tpl +++ /dev/null @@ -1,78 +0,0 @@ -{{/* -Template to render VPN addon -It will include / inject the required templates based on the given values. -*/}} -{{- define "tc.v1.common.addon.gluetun" -}} - {{- $glue := $.Values.addons.gluetun -}} - {{- if $glue.enabled -}} - {{- if not $glue.container.env -}} - {{- $_ := set $glue.container "env" dict -}} - {{- end -}} - - {{- $fw := $glue.container.env.FIREWALL -}} - {{- if (eq $fw "on") -}} - {{- $nets := $glue.container.env.FIREWALL_OUTBOUND_SUBNETS | default list -}} - {{- if $nets -}}{{- $nets = $nets | splitList "," -}}{{- end -}} - {{- $nets = mustAppend $nets $.Values.chartContext.podCIDR -}} - {{- $nets = mustAppend $nets $.Values.chartContext.svcCIDR -}} - - {{- $cleanNets := list -}} - {{- range $nets -}}{{- $cleanNets = mustAppend $cleanNets (. | nospace) -}}{{- end -}} - {{- $nets = $cleanNets | mustUniq -}} - {{- $_ := set $glue.container.env "FIREWALL_OUTBOUND_SUBNETS" (join "," $nets) -}} - - {{- $inputPorts := $glue.container.env.FIREWALL_INPUT_PORTS | default list -}} - {{- if $inputPorts -}}{{- $inputPorts = $inputPorts | splitList "," -}}{{- end -}} - {{- if and - $.Values.service $.Values.service.main $.Values.service.main.ports - $.Values.service.main.ports.main $.Values.service.main.ports.main.port - -}} - {{- $inputPorts = mustAppend $inputPorts ($.Values.service.main.ports.main.port | toString) -}} - {{- end -}} - {{- $cleanInputPorts := list -}} - {{- range $inputPorts -}}{{- $cleanInputPorts = mustAppend $cleanInputPorts (. | nospace) -}}{{- end -}} - {{- $inputPorts = $cleanInputPorts | mustUniq -}} - {{- $_ := set $glue.container.env "FIREWALL_INPUT_PORTS" (join "," $inputPorts) -}} - {{- end -}} - - {{- $targetSelector := list "main" -}} - {{- if $glue.targetSelector -}} - {{- $targetSelector = $glue.targetSelector -}} - {{- end -}} - - {{/* Append the vpn container to the workloads */}} - {{- range $targetSelector -}} - {{- $workload := get $.Values.workload . -}} - {{- $_ := set $workload.podSpec.containers "gluetun" $glue.container -}} - {{- end -}} - - {{/* Mount secrets */}} - {{- range $secName, $secValues := $glue.secret -}} - {{- $secretName := printf "gluetun-%s" $secName -}} - {{- if not $secValues.basePath -}} - {{- fail (printf "Gluetun - Secret [%s] does not have basePath") -}} - {{- end -}} - {{- $_ := set $secValues "enabled" true -}} - {{- $_ := set $.Values.secret $secretName $secValues -}} - - {{- $persistence := (dict - "enabled" true "type" "secret" "objectName" $secretName "targetSelector" dict "items" list - ) -}} - {{- if $secValues.defaultMode -}} - {{- $_ := set $persistence "defaultMode" $secValues.defaultMode -}} - {{- end -}} - - {{- range $key, $val := $secValues.data -}} - {{- $item := (dict "key" $key "path" $key) -}} - {{- $_ := set $persistence "items" (mustAppend $persistence.items $item) -}} - {{- end -}} - - {{- $selectorValue := (dict "gluetun" (dict "mountPath" $secValues.basePath)) -}} - {{- range $targetSelector -}} - {{- $_ := set $persistence.targetSelector . $selectorValue -}} - {{- end -}} - - {{- $_ := set $.Values.persistence $secretName $persistence -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/addons/_netshoot.tpl b/charts/baikal/charts/common/templates/addons/_netshoot.tpl deleted file mode 100644 index d7b9e9c..0000000 --- a/charts/baikal/charts/common/templates/addons/_netshoot.tpl +++ /dev/null @@ -1,20 +0,0 @@ -{{/* -Template to render code-server addon -It will include / inject the required templates based on the given values. -*/}} -{{- define "tc.v1.common.addon.netshoot" -}} - {{- $netshoot := $.Values.addons.netshoot -}} - {{- if $netshoot.enabled -}} - {{- $targetSelector := list "main" -}} - {{- if $netshoot.targetSelector -}} - {{- $targetSelector = $netshoot.targetSelector -}} - {{- end -}} - - {{- range $targetSelector -}} - {{/* Append the code-server container to the workloads */}} - {{- $workload := get $.Values.workload . -}} - {{- $_ := set $workload.podSpec.containers "netshoot" $.Values.addons.netshoot.container -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/addons/_tailscale.tpl b/charts/baikal/charts/common/templates/addons/_tailscale.tpl deleted file mode 100644 index e3d5e5e..0000000 --- a/charts/baikal/charts/common/templates/addons/_tailscale.tpl +++ /dev/null @@ -1,56 +0,0 @@ -{{/* -Template to render VPN addon -It will include / inject the required templates based on the given values. -*/}} -{{- define "tc.v1.common.addon.tailscale" -}} - {{- $ts := $.Values.addons.tailscale -}} - {{- if $ts.enabled -}} - {{- $secContext := dict -}} - {{- $_ := set $secContext "runAsUser" 0 -}} - {{- $_ := set $secContext "runAsGroup" 0 -}} - {{- $_ := set $secContext "runAsNonRoot" true -}} - {{- $_ := set $secContext "readOnlyRootFilesystem" false -}} - - {{- if and $ts.container.env ($ts.container.env.TS_USERSPACE) -}} - {{- $_ := set $secContext "runAsUser" 1000 -}} - {{- $_ := set $secContext "runAsGroup" 1000 -}} - {{- $_ := set $secContext "runAsNonRoot" false -}} - {{- $_ := set $secContext "readOnlyRootFilesystem" true -}} - {{- end -}} - - {{- $newSecContext := $ts.container.securityContext -}} - {{- $newSecContext = mustMergeOverwrite $newSecContext $secContext -}} - {{- $_ := set $ts.container "securityContext" $newSecContext -}} - - {{- $targetSelector := list "main" -}} - {{- if $ts.targetSelector -}} - {{- $targetSelector = $ts.targetSelector -}} - {{- end -}} - - {{/* Append the vpn container to the workloads */}} - {{- range $targetSelector -}} - {{/* FIXME: https://github.com/tailscale/tailscale/issues/8188 */}} - {{- $workload := get $.Values.workload . -}} - {{- $_ := set $workload.podSpec "automountServiceAccountToken" true -}} - {{- $_ := set $workload.podSpec.containers "tailscale" $ts.container -}} - {{- end -}} - - {{- $persistence := $.Values.persistence.tailscalestate | default dict -}} - {{- $_ := set $persistence "enabled" true -}} - {{- if not $persistence.type -}} - {{- $_ := set $persistence "type" "emptyDir" -}} - {{- end -}} - {{- if not $persistence.targetSelector -}} - {{- $_ := set $persistence "targetSelector" dict -}} - {{- end -}} - - {{- $selectorValue := (dict "tailscale" (dict "mountPath" "/var/lib/tailscale")) -}} - {{- range $targetSelector -}} - {{- $_ := set $persistence.targetSelector . $selectorValue -}} - {{- end -}} - - {{/* Append the empty dir tailscale to the persistence */}} - {{- $_ := set $.Values.persistence "tailscalestate" $persistence -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_configmap.tpl b/charts/baikal/charts/common/templates/class/_configmap.tpl deleted file mode 100644 index 0d40e1d..0000000 --- a/charts/baikal/charts/common/templates/class/_configmap.tpl +++ /dev/null @@ -1,37 +0,0 @@ -{{/* Configmap Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.configmap" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the configmap. - labels: The labels of the configmap. - annotations: The annotations of the configmap. - data: The data of the configmap. - namespace: The namespace of the configmap. (Optional) -*/}} - -{{- define "tc.v1.common.class.configmap" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Configmap") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -data: - {{- tpl (toYaml $objectData.data) $rootCtx | nindent 2 }} - {{/* This comment is here to add a new line */}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_cronjob.tpl b/charts/baikal/charts/common/templates/class/_cronjob.tpl deleted file mode 100644 index b7b92af..0000000 --- a/charts/baikal/charts/common/templates/class/_cronjob.tpl +++ /dev/null @@ -1,52 +0,0 @@ -{{/* CronJob Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.cronjob" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: The object data to be used to render the CronJob. -*/}} - -{{- define "tc.v1.common.class.cronjob" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- include "tc.v1.common.lib.workload.cronjobValidation" (dict "objectData" $objectData) }} ---- -apiVersion: batch/v1 -kind: CronJob -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "CronJob") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - {{- include "tc.v1.common.lib.workload.cronjobSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) | indent 2 }} - template: - metadata: - {{- $labels := (mustMerge ($objectData.podSpec.labels | default dict) - (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.podLabels" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) - (include "tc.v1.common.lib.metadata.volumeLabels" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) - (include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $objectData.shortName) | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 12 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.podSpec.annotations | default dict) - (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.podAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 12 }} - {{- end }} - spec: - {{- include "tc.v1.common.lib.workload.pod" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 10 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_daemonset.tpl b/charts/baikal/charts/common/templates/class/_daemonset.tpl deleted file mode 100644 index f896b45..0000000 --- a/charts/baikal/charts/common/templates/class/_daemonset.tpl +++ /dev/null @@ -1,54 +0,0 @@ -{{/* DaemonSet Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.deployment" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: The object data to be used to render the DaemonSet. -*/}} - -{{- define "tc.v1.common.class.daemonset" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- include "tc.v1.common.lib.workload.daemonsetValidation" (dict "objectData" $objectData) }} ---- -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "DaemonSet") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - {{- include "tc.v1.common.lib.workload.daemonsetSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) | indent 2 }} - selector: - matchLabels: - {{- include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $objectData.shortName) | trim | nindent 6 }} - template: - metadata: - {{- $labels := (mustMerge ($objectData.podSpec.labels | default dict) - (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.podLabels" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) - (include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $objectData.shortName) | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 8 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.podSpec.annotations | default dict) - (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.podAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 8 }} - {{- end }} - spec: - {{- include "tc.v1.common.lib.workload.pod" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 6 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_deployment.tpl b/charts/baikal/charts/common/templates/class/_deployment.tpl deleted file mode 100644 index 2e65409..0000000 --- a/charts/baikal/charts/common/templates/class/_deployment.tpl +++ /dev/null @@ -1,55 +0,0 @@ -{{/* Deployment Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.deployment" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Deployment. -*/}} - -{{- define "tc.v1.common.class.deployment" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- include "tc.v1.common.lib.workload.deploymentValidation" (dict "objectData" $objectData) }} ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Deployment") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - {{- include "tc.v1.common.lib.workload.deploymentSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) | indent 2 }} - selector: - matchLabels: - {{- include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $objectData.shortName) | trim | nindent 6 }} - template: - metadata: - {{- $labels := (mustMerge ($objectData.podSpec.labels | default dict) - (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.podLabels" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) - (include "tc.v1.common.lib.metadata.volumeLabels" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) - (include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $objectData.shortName) | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 8 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.podSpec.annotations | default dict) - (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.podAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 8 }} - {{- end }} - spec: - {{- include "tc.v1.common.lib.workload.pod" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 6 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_endpoint.tpl b/charts/baikal/charts/common/templates/class/_endpoint.tpl deleted file mode 100644 index 29862e9..0000000 --- a/charts/baikal/charts/common/templates/class/_endpoint.tpl +++ /dev/null @@ -1,33 +0,0 @@ -{{/* Endpoint Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.endpoint" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: The service data, that will be used to render the Service object. -*/}} - -{{- define "tc.v1.common.class.endpoint" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} ---- -apiVersion: v1 -kind: Endpoints -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Endpoint") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -subsets: - - addresses: - {{- include "tc.v1.common.lib.endpoint.addresses" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 6 }} - ports: - {{- include "tc.v1.common.lib.endpoint.ports" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 6 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_endpointSlice.tpl b/charts/baikal/charts/common/templates/class/_endpointSlice.tpl deleted file mode 100644 index a2f2362..0000000 --- a/charts/baikal/charts/common/templates/class/_endpointSlice.tpl +++ /dev/null @@ -1,45 +0,0 @@ -{{/* EndpointSlice Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.endpointSlice" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: The service data, that will be used to render the Service object. -*/}} - -{{- define "tc.v1.common.class.endpointSlice" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $addressType := $objectData.addressType | default "IPv4" -}} - {{- if $objectData.addressType -}} - {{- $addressType = tpl $addressType $rootCtx -}} - {{- $validTypes := (list "IPv4" "IPv6" "FQDN") -}} - {{- if not (mustHas $addressType $validTypes) -}} - {{- fail (printf "EndpointSlice - Expected [addressType] to be one of [%s], but got [%s]" (join ", " $validTypes) $addressType) -}} - {{- end -}} - {{- end }} - ---- -apiVersion: discovery.k8s.io/v1 -kind: EndpointSlice -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Endpoint Slice") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- $_ := set $labels "kubernetes.io/service-name" $objectData.name -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -addressType: {{ $addressType }} -ports: -{{- include "tc.v1.common.lib.endpointslice.ports" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 }} -endpoints: -{{- include "tc.v1.common.lib.endpointslice.endpoints" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_horizontalPodAutoscaler.tpl b/charts/baikal/charts/common/templates/class/_horizontalPodAutoscaler.tpl deleted file mode 100644 index 4f6b635..0000000 --- a/charts/baikal/charts/common/templates/class/_horizontalPodAutoscaler.tpl +++ /dev/null @@ -1,192 +0,0 @@ -{{/* -This template serves as a blueprint for horizontal pod autoscaler objects that are created -using the common library. -*/}} -{{- define "tc.v1.common.class.hpa" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} ---- -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "VPA") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: {{ $objectData.workload.type }} - name: {{ $objectData.name }} - minReplicas: {{ $objectData.minReplicas }} - maxReplicas: {{ $objectData.maxReplicas }} - {{- if $objectData.metrics }} - metrics: - {{- include "tc.v1.common.class.hpa.metrics" (dict "objectData" $objectData "rootCtx" $rootCtx) | nindent 4 }} - {{- end -}} - {{- if $objectData.behavior }} - behavior: - {{- if $objectData.behavior.scaleUp }} - scaleUp: - {{- include "tc.v1.common.class.hpa.behavior" (dict "objectData" $objectData "rootCtx" $rootCtx "mode" "up") | nindent 4 }} - {{- end -}} - {{- if $objectData.behavior.scaleDown }} - scaleDown: - {{- include "tc.v1.common.class.hpa.behavior" (dict "objectData" $objectData "rootCtx" $rootCtx "mode" "down") | nindent 4 }} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.class.hpa.behavior" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $mode := .mode -}} - - {{- $key := ternary "scaleUp" "scaleDown" (eq $mode "up") -}} - {{- $behavior := get $objectData.behavior $key -}} - - {{- $defaultStabilizationWindowSeconds := ternary 0 300 (eq $mode "up") }} - selectPolicy: {{ $behavior.selectPolicy | default "Max" }} - stabilizationWindowSeconds: {{ $behavior.stabilizationWindowSeconds | default $defaultStabilizationWindowSeconds }} - {{- if $behavior.policies }} - policies: - {{- range $idx, $policy := $behavior.policies }} - - type: {{ $policy.type }} - value: {{ $policy.value }} - periodSeconds: {{ $policy.periodSeconds }} - {{- end }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.class.hpa.metrics" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- range $idx, $metric := $objectData.metrics }} - {{- if eq $metric.type "Resource" }} - {{- include "tc.v1.common.class.hpa.metrics.resource" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric) | nindent 6 }} - {{- else if eq $metric.type "ContainerResource" }} - {{- include "tc.v1.common.class.hpa.metrics.containerResource" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric) | nindent 6 }} - {{- else if eq $metric.type "Pods" }} - {{- include "tc.v1.common.class.hpa.metrics.pods" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric) | nindent 6 }} - {{- else if eq $metric.type "Object" }} - {{- include "tc.v1.common.class.hpa.metrics.object" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric) | nindent 6 }} - {{- else if eq $metric.type "External" }} - {{- include "tc.v1.common.class.hpa.metrics.external" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric) | nindent 6 }} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.class.hpa.metrics.resource" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx }} - - type: Resource - resource: - name: {{ .metric.resource.name }} - target: - type: {{ .metric.resource.target.type }} - {{- if eq .metric.resource.target.type "AverageValue" }} - averageValue: {{ .metric.resource.target.averageValue | quote }} - {{- else if eq .metric.resource.target.type "Utilization" }} - averageUtilization: {{ .metric.resource.target.averageUtilization }} - {{- end -}} - {{- with .metric.resource.target.value }} - value: {{ . | quote }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.class.hpa.metrics.containerResource" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx }} - - type: ContainerResource - containerResource: - name: {{ .metric.containerResource.name }} - container: {{ .metric.containerResource.container}} - target: - type: {{ .metric.containerResource.target.type }} - {{- if eq .metric.containerResource.target.type "AverageValue" }} - averageValue: {{ .metric.containerResource.target.averageValue | quote }} - {{- else if eq .metric.containerResource.target.type "Utilization" }} - averageUtilization: {{ .metric.containerResource.target.averageUtilization }} - {{- end -}} - {{- with .metric.containerResource.target.value }} - value: {{ . | quote }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.class.hpa.metrics.pods" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx }} - - type: Pods - pods: - target: - type: AverageValue - averageValue: {{ .metric.pods.target.averageValue | quote }} - metric: - name: {{ .metric.pods.metric.name }} - {{- if .metric.pods.metric.selector }} - selector: - matchLabels: - {{- range $key, $value := .metric.pods.metric.selector.matchLabels }} - {{ $key }}: {{ $value | quote }} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.class.hpa.metrics.object" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx }} - - type: Object - object: - target: - type: {{ .metric.object.target.type }} - {{- if eq .metric.object.target.type "Value" }} - value: {{ .metric.object.target.value | quote }} - {{- else if eq .metric.object.target.type "AverageValue" }} - averageValue: {{ .metric.object.target.averageValue | quote }} - {{- end }} - describedObject: - apiVersion: {{ .metric.object.describedObject.apiVersion }} - kind: {{ .metric.object.describedObject.kind }} - name: {{ .metric.object.describedObject.name }} - metric: - name: {{ .metric.object.metric.name }} - {{- if .metric.object.metric.selector }} - selector: - matchLabels: - {{- range $key, $value := .metric.object.metric.selector.matchLabels }} - {{ $key }}: {{ $value | quote }} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.class.hpa.metrics.external" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx }} - - type: External - external: - metric: - name: {{ .metric.external.metric.name }} - {{- if .metric.external.metric.selector }} - selector: - matchLabels: - {{- range $key, $value := .metric.external.metric.selector.matchLabels }} - {{ $key }}: {{ $value | quote }} - {{- end -}} - {{- end }} - target: - type: {{ .metric.external.target.type }} - {{- if eq .metric.external.target.type "Value" }} - value: {{ .metric.external.target.value | quote }} - {{- else if eq .metric.external.target.type "AverageValue" }} - averageValue: {{ .metric.external.target.averageValue | quote }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_ingress.tpl b/charts/baikal/charts/common/templates/class/_ingress.tpl deleted file mode 100644 index 14c730e..0000000 --- a/charts/baikal/charts/common/templates/class/_ingress.tpl +++ /dev/null @@ -1,121 +0,0 @@ -{{/* Ingress Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.ingress" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Ingress. -*/}} - -{{- define "tc.v1.common.class.ingress" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $svcData := (include "tc.v1.common.lib.ingress.targetSelector" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) -}} - {{- $_ := set $objectData "selectedService" $svcData -}} - - {{- if not (hasKey $objectData "integrations") -}} - {{- $_ := set $objectData "integrations" dict -}} - {{- end -}} - {{- if not (hasKey $objectData "annotations") -}} - {{- $_ := set $objectData "annotations" dict -}} - {{- end -}} - - {{- $ingressClassName := "" -}} - {{- if $objectData.ingressClassName -}} - {{- $ingressClassName = (tpl $objectData.ingressClassName $rootCtx) -}} - {{- end -}} - - {{- range $h := $objectData.hosts -}} - {{- $_ := set $h "host" (tpl $h.host $rootCtx) -}} - - {{- if not $h.paths -}} {{/* If no paths given, default to "/" */}} - {{- $_ := set $h "paths" (list (dict "path" "/")) -}} - {{- end -}} - - {{- range $p := $h.paths -}} - {{- $_ := set $p "path" (tpl ($p.path | default "/") $rootCtx) -}} - {{- $_ := set $p "pathType" (tpl ($p.pathType | default "Prefix") $rootCtx) -}} - {{- end -}} - {{- end -}} - - {{/* - When Stop All is set, force ingressClass "stopped" - to yeet ingress from the ingressController - */}} - {{- if (include "tc.v1.common.lib.util.stopAll" $rootCtx) -}} - {{- $ingressClassName = "tc-stopped" -}} - {{- end -}} - - {{- include "tc.v1.common.lib.ingress.integration.certManager" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.ingress.integration.traefik" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.ingress.integration.nginx" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- if ne $ingressClassName "tc-stopped" -}}{{/* If is stopped, dont render homepage annotations */}} - {{- include "tc.v1.common.lib.ingress.integration.homepage" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- end }} ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Ingress") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end }} - annotations: - checksum/secrets: {{ toJson $rootCtx.Values.secret | sha256sum }} - checksum/services: {{ toJson $rootCtx.Values.service | sha256sum }} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - {{- . | nindent 4 }} - {{- end }} -spec: - ingressClassName: {{ $ingressClassName | default nil }} - rules: - {{- range $h := $objectData.hosts }} - - host: {{ $h.host | quote }} - http: - paths: - {{- range $p := $h.paths -}} - {{- $newSvcData := (include "tc.v1.common.lib.ingress.backend.data" (dict - "rootCtx" $rootCtx "svcData" $svcData "override" $p.overrideService)) | fromYaml - }} - - path: {{ $p.path }} - pathType: {{ $p.pathType }} - backend: - service: - name: {{ $newSvcData.name }} - port: - number: {{ $newSvcData.port }} - {{- end -}} - {{- end -}} - {{/* If a certificateIssuer is defined in the whole ingress, use that */}} - {{- if and $objectData.integrations.certManager $objectData.integrations.certManager.enabled }} - tls: - {{- range $idx, $h := $objectData.hosts }} - - secretName: {{ printf "%s-tls-%d" $objectData.name ($idx | int) }} - hosts: - - {{ (tpl $h.host $rootCtx) | quote }} - {{- end -}} - {{/* else if a tls section is defined use the configuration from there */}} - {{- else if $objectData.tls }} - tls: - {{- range $idx, $t := $objectData.tls -}} - {{- $secretName := "" -}} - {{- if $t.secretName -}} - {{- $secretName = tpl $t.secretName $rootCtx -}} - {{- else if $t.certificateIssuer -}} - {{- $secretName = printf "%s-tls-%d" $objectData.name ($idx | int) -}} - {{- else if $t.clusterCertificate -}} - {{- $secretName = printf "certificate-issuer-%s" (tpl $t.clusterCertificate $rootCtx) -}} - {{- end }} - - secretName: {{ $secretName }} - hosts: - {{- range $h := $t.hosts }} - - {{ (tpl $h $rootCtx) | quote }} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_job.tpl b/charts/baikal/charts/common/templates/class/_job.tpl deleted file mode 100644 index a3e4e9a..0000000 --- a/charts/baikal/charts/common/templates/class/_job.tpl +++ /dev/null @@ -1,52 +0,0 @@ -{{/* Job Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.job" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Job. -*/}} - -{{- define "tc.v1.common.class.job" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- include "tc.v1.common.lib.workload.jobValidation" (dict "objectData" $objectData) }} ---- -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Job") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - {{- include "tc.v1.common.lib.workload.jobSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) | indent 2 }} - template: - metadata: - {{- $labels := (mustMerge ($objectData.podSpec.labels | default dict) - (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.podLabels" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) - (include "tc.v1.common.lib.metadata.volumeLabels" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) - (include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $objectData.shortName) | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 8 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.podSpec.annotations | default dict) - (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.podAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 8 }} - {{- end }} - spec: - {{- include "tc.v1.common.lib.workload.pod" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 6 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_mutatingWebhookConfiguration.tpl b/charts/baikal/charts/common/templates/class/_mutatingWebhookConfiguration.tpl deleted file mode 100644 index 2bcd6b9..0000000 --- a/charts/baikal/charts/common/templates/class/_mutatingWebhookConfiguration.tpl +++ /dev/null @@ -1,38 +0,0 @@ -{{/* MutatingWebhookConfiguration Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.mutatingWebhookConfiguration" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the MutatingWebhookConfiguration. - labels: The labels of the MutatingWebhookConfiguration. - annotations: The annotations of the MutatingWebhookConfiguration. - data: The data of the MutatingWebhookConfiguration. - namespace: The namespace of the MutatingWebhookConfiguration. (Optional) -*/}} - -{{- define "tc.v1.common.class.mutatingWebhookConfiguration" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Webhook") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -webhooks: - {{- range $webhook := $objectData.webhooks -}} - {{- include "tc.v1.common.lib.webhook" (dict "webhook" $webhook "rootCtx" $rootCtx) | trim | nindent 4 }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_networkAttachmentDefinition.tpl b/charts/baikal/charts/common/templates/class/_networkAttachmentDefinition.tpl deleted file mode 100644 index 1c0364d..0000000 --- a/charts/baikal/charts/common/templates/class/_networkAttachmentDefinition.tpl +++ /dev/null @@ -1,35 +0,0 @@ -{{/* Network Attachment Definition Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.networkAttachmentDefinition" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the Network Attachment Definition. - labels: The labels of the Network Attachment Definition. - annotations: The annotations of the Network Attachment Definition. - config: The config of the interface -*/}} - -{{- define "tc.v1.common.class.networkAttachmentDefinition" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} ---- -apiVersion: k8s.cni.cncf.io/v1 -kind: NetworkAttachmentDefinition -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Network Attachment Definition") }} - {{- $labels := (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml) | default dict -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml) | default dict -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - config: {{ $objectData.config | squote }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_networkPolicy.tpl b/charts/baikal/charts/common/templates/class/_networkPolicy.tpl deleted file mode 100644 index 735ea2b..0000000 --- a/charts/baikal/charts/common/templates/class/_networkPolicy.tpl +++ /dev/null @@ -1,185 +0,0 @@ -{{/* -Blueprint for the NetworkPolicy object -*/}} -{{- define "tc.v1.common.class.networkpolicy" -}} - {{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}} - {{- $networkPolicyName := $fullName -}} - {{- $values := .Values.networkPolicy -}} - - {{- if hasKey . "ObjectValues" -}} - {{- with .ObjectValues.networkPolicy -}} - {{- $values = . -}} - {{- end -}} - {{- end -}} - {{- $networkpolicyLabels := $values.labels -}} - {{- $networkpolicyAnnotations := $values.annotations -}} - - {{- if and (hasKey $values "nameOverride") $values.nameOverride -}} - {{- $networkPolicyName = printf "%v-%v" $networkPolicyName $values.nameOverride -}} - {{- end }} ---- -kind: NetworkPolicy -apiVersion: {{ include "tc.v1.common.capabilities.networkpolicy.apiVersion" $ }} -metadata: - name: {{ $networkPolicyName }} - namespace: {{ $.Values.namespace | default $.Values.global.namespace | default $.Release.Namespace }} - {{- $labels := (mustMerge ($networkpolicyLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($networkpolicyAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - podSelector: - {{- if $values.podSelector }} - {{- tpl (toYaml $values.podSelector) $ | nindent 4 }} - {{- else if $values.targetSelector }} - {{- $objectData := dict "targetSelector" $values.targetSelector }} - {{- $selectedPod := fromYaml ( include "tc.v1.common.lib.helpers.getSelectedPodValues" (dict "rootCtx" $ "objectData" $objectData)) }} - {{- $selectedPodName := $selectedPod.shortName }} - matchLabels: - {{- include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $ "objectType" "pod" "objectName" $selectedPodName) | indent 8 }} - {{- else }} - matchLabels: - {{- include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $ "objectType" "" "objectName" "") | indent 8 }} - {{- end }} - - {{- if $values.policyType }} - {{- if eq $values.policyType "ingress" }} - policyTypes: ["Ingress"] - {{- else if eq $values.policyType "egress" }} - policyTypes: ["Egress"] - - {{- else if eq $values.policyType "ingress-egress" }} - policyTypes: ["Ingress", "Egress"] - {{- end -}} - {{- end -}} - - {{- if $values.egress }} - egress: - {{- range $values.egress }} - - to: - {{- range .to -}} - {{- $nss := false -}} - {{- $ipb := false -}} - {{- if .ipBlock -}} - {{- if .ipBlock.cidr -}} - {{- $ipb = true }} - - ipBlock: - cidr: {{ .ipBlock.cidr }} - {{- if .ipBlock.except }} - except: - {{- range .ipBlock.except }} - - {{ . }} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if and ( .namespaceSelector ) ( not $ipb ) -}} - {{- if or ( .namespaceSelector.matchLabels ) ( .namespaceSelector.matchExpressions ) -}} - {{- $nss = true }} - - namespaceSelector: - {{- if .namespaceSelector.matchLabels }} - matchLabels: - {{- .namespaceSelector.matchLabels | toYaml | nindent 12 }} - {{- end -}} - {{- if .namespaceSelector.matchExpressions }} - matchExpressions: - {{- .namespaceSelector.matchExpressions | toYaml | nindent 12 }} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if and ( .podSelector ) ( not $ipb ) -}} - {{- if or ( .podSelector.matchLabels ) ( .podSelector.matchExpressions ) -}} - {{- if $nss }} - podSelector: - {{- else }} - - podSelector: - {{- end -}} - {{- if .podSelector.matchLabels }} - matchLabels: - {{- .podSelector.matchLabels | toYaml | nindent 12 }} - {{- end -}} - {{- if .podSelector.matchExpressions }} - matchExpressions: - {{- .podSelector.matchExpressions | toYaml | nindent 12 }} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- with .ports }} - ports: - {{- . | toYaml | nindent 6 }} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if $values.ingress }} - ingress: - {{- range $values.ingress }} - - from: - {{- range .from -}} - {{- $nss := false -}} - {{- $ipb := false -}} - {{- if .ipBlock -}} - {{- if .ipBlock.cidr -}} - {{- $ipb = true }} - - ipBlock: - cidr: {{ .ipBlock.cidr }} - {{- if .ipBlock.except }} - except: - {{- range .ipBlock.except }} - - {{ . }} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if and ( .namespaceSelector ) ( not $ipb ) -}} - {{- if or ( .namespaceSelector.matchLabels ) ( .namespaceSelector.matchExpressions ) -}} - {{- $nss = true }} - - namespaceSelector: - {{- if .namespaceSelector.matchLabels }} - matchLabels: - {{- .namespaceSelector.matchLabels | toYaml | nindent 12 }} - {{- end -}} - {{- if .namespaceSelector.matchExpressions }} - matchExpressions: - {{- .namespaceSelector.matchExpressions | toYaml | nindent 12 }} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if and ( .podSelector ) ( not $ipb ) -}} - {{- if or ( .podSelector.matchLabels ) ( .podSelector.matchExpressions ) -}} - {{- if $nss }} - podSelector: - {{- else }} - - podSelector: - {{- end }} - {{- if .podSelector.matchLabels }} - matchLabels: - {{- .podSelector.matchLabels | toYaml | nindent 12 }} - {{- end -}} - {{- if .podSelector.matchExpressions }} - matchExpressions: - {{- .podSelector.matchExpressions | toYaml | nindent 12 }} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- with .ports }} - ports: - {{- . | toYaml | nindent 6 }} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_persistentVolume.tpl b/charts/baikal/charts/common/templates/class/_persistentVolume.tpl deleted file mode 100644 index 2305eb7..0000000 --- a/charts/baikal/charts/common/templates/class/_persistentVolume.tpl +++ /dev/null @@ -1,75 +0,0 @@ -{{/* PersistentVolume Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.pv" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the PV. - labels: The labels of the PV. - annotations: The annotations of the PV. - provisioner: The provisioner to use for the PersistentVolume. - driver: The driver to use for the csi - retain: Whether to retain the PV after deletion. (Default: false) - size: The size of the PersistentVolume. (Default: 1Gi) -*/}} - -{{- define "tc.v1.common.class.pv" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $retain := $rootCtx.Values.global.fallbackDefaults.pvcRetain -}} - {{- if not (kindIs "invalid" $objectData.retain) -}} - {{- $retain = $objectData.retain -}} - {{- end -}} - - {{- $reclaimPolicy := ternary "Retain" "Delete" $retain -}} - - {{- $pvcSize := $rootCtx.Values.global.fallbackDefaults.pvcSize -}} - {{- with $objectData.size -}} - {{- $pvcSize = tpl . $rootCtx -}} - {{- end }} ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: {{ $objectData.name }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- if $retain -}} - {{- $_ := set $annotations "\"helm.sh/resource-policy\"" "keep" -}} - {{- end -}} - {{- $_ := set $annotations "pv.kubernetes.io/provisioned-by" $objectData.provisioner -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - capacity: - storage: {{ $pvcSize }} - persistentVolumeReclaimPolicy: {{ $reclaimPolicy }} - storageClassName: {{ $objectData.name }} - accessModes: - {{- include "tc.v1.common.lib.pvc.accessModes" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Persistent Volume") | trim | nindent 4 -}} - {{- if $objectData.mountOptions }} - mountOptions: - {{- range $opt := $objectData.mountOptions -}} - {{- if $opt.value }} - - {{ printf "%s=%s" (tpl $opt.key $rootCtx) (tpl (include "tc.v1.common.helper.makeIntOrNoop" $opt.value) $rootCtx) }} - {{- else }} - - {{ tpl $opt.key $rootCtx }} - {{- end -}} - {{- end -}} - {{- end -}} - {{- if $objectData.static -}} - {{- if eq "smb" $objectData.static.mode -}} - {{- include "tc.v1.common.lib.storage.smbCSI" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 -}} - {{- else if eq "nfs" $objectData.static.mode -}} - {{- include "tc.v1.common.lib.storage.nfsCSI" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_podDisruptionBudget.tpl b/charts/baikal/charts/common/templates/class/_podDisruptionBudget.tpl deleted file mode 100644 index 35799b1..0000000 --- a/charts/baikal/charts/common/templates/class/_podDisruptionBudget.tpl +++ /dev/null @@ -1,54 +0,0 @@ -{{/* poddisruptionbudget Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.podDisruptionBudget" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the podDisruptionBudget. - labels: The labels of the podDisruptionBudget. - annotations: The annotations of the podDisruptionBudget. - data: The data of the podDisruptionBudget. - namespace: The namespace of the podDisruptionBudget. (Optional) -*/}} - -{{- define "tc.v1.common.class.podDisruptionBudget" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} ---- -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Pod Disruption Budget") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - selector: - matchLabels: - {{- if $objectData.customLabels -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $objectData.customLabels) | trim) }} - {{- . | nindent 6 }} - {{- end -}} - {{- else -}} - {{- $selectedPod := fromJson (include "tc.v1.common.lib.helpers.getSelectedPodValues" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Pod Disruption Budget")) }} - {{- include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $selectedPod.shortName) | nindent 6 }} - {{- end -}} - {{- if hasKey $objectData "minAvailable" }} - minAvailable: {{ tpl (toString $objectData.minAvailable) $rootCtx }} - {{- end -}} - {{- if hasKey $objectData "maxUnavailable" }} - maxUnavailable: {{ tpl (toString $objectData.maxUnavailable) $rootCtx }} - {{- end -}} - {{- with $objectData.unhealthyPodEvictionPolicy }} - unhealthyPodEvictionPolicy: {{ tpl . $rootCtx }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_priorityClass.tpl b/charts/baikal/charts/common/templates/class/_priorityClass.tpl deleted file mode 100644 index 3b4b845..0000000 --- a/charts/baikal/charts/common/templates/class/_priorityClass.tpl +++ /dev/null @@ -1,40 +0,0 @@ -{{/* priorityclass Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.priorityclass" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the priorityclass. - labels: The labels of the priorityclass. - annotations: The annotations of the priorityclass. -*/}} - -{{- define "tc.v1.common.class.priorityclass" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $globalDefault := false -}} - {{- if not (kindIs "invalid" $objectData.globalDefault) -}} - {{- $globalDefault = $objectData.globalDefault -}} - {{- end }} ---- -apiVersion: scheduling.k8s.io/v1 -kind: PriorityClass -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Priority Class") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -value: {{ $objectData.value | default 1000000 }} -preemptionPolicy: {{ $objectData.preemptionPolicy | default "PreemptLowerPriority" }} -globalDefault: {{ $globalDefault }} -description: {{ $objectData.description | default "No description given" }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_pvc.tpl b/charts/baikal/charts/common/templates/class/_pvc.tpl deleted file mode 100644 index d161125..0000000 --- a/charts/baikal/charts/common/templates/class/_pvc.tpl +++ /dev/null @@ -1,51 +0,0 @@ -{{/* PersistentVolumeClaim Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.pvc" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the PVC. - labels: The labels of the PVC. - annotations: The annotations of the PVC. - size: The size of the PVC. (Default: 1Gi) - volumeName: The name of the volume to bind to. (Default: "") - retain: Whether to retain the PVC after deletion. (Default: false) - storageClass: The storage class to use. (Absent) -*/}} - -{{- define "tc.v1.common.class.pvc" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $pvcRetain := $rootCtx.Values.global.fallbackDefaults.pvcRetain -}} - {{- if (kindIs "bool" $objectData.retain) -}} - {{- $pvcRetain = $objectData.retain -}} - {{- end -}} - - {{- $pvcSize := $rootCtx.Values.global.fallbackDefaults.pvcSize -}} - {{- with $objectData.size -}} - {{- $pvcSize = tpl . $rootCtx -}} - {{- end }} ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Persistent Volume Claim") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- if $pvcRetain -}} - {{- $_ := set $annotations "\"helm.sh/resource-policy\"" "keep" -}} - {{- end -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - {{- include "tc.v1.common.lib.storage.pvc.spec" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_rbac.tpl b/charts/baikal/charts/common/templates/class/_rbac.tpl deleted file mode 100644 index d5f94a7..0000000 --- a/charts/baikal/charts/common/templates/class/_rbac.tpl +++ /dev/null @@ -1,64 +0,0 @@ -{{/* RBAC Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.rbac" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the rbac. - labels: The labels of the rbac. - annotations: The annotations of the rbac. - clusterWide: Whether the rbac is cluster wide or not. - rules: The rules of the rbac. - subjects: The subjects of the rbac. -*/}} - -{{- define "tc.v1.common.class.rbac" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: {{ ternary "ClusterRole" "Role" $objectData.clusterWide }} -metadata: - name: {{ $objectData.name }} - {{- if not $objectData.clusterWide }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "RBAC") }} - {{- end }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -rules: - {{- include "tc.v1.common.lib.rbac.rules" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: {{ ternary "ClusterRoleBinding" "RoleBinding" $objectData.clusterWide }} -metadata: - name: {{ $objectData.name }} - {{- if not $objectData.clusterWide }} - namespace: {{ $rootCtx.Release.Namespace }} - {{- end }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: {{ ternary "ClusterRole" "Role" $objectData.clusterWide }} - name: {{ $objectData.name }} -subjects: - {{- include "tc.v1.common.lib.rbac.serviceAccount" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 }} - {{- include "tc.v1.common.lib.rbac.subjects" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_route.tpl b/charts/baikal/charts/common/templates/class/_route.tpl deleted file mode 100644 index 7c2ef74..0000000 --- a/charts/baikal/charts/common/templates/class/_route.tpl +++ /dev/null @@ -1,87 +0,0 @@ -{{/* -This template serves as a blueprint for all Route objects that are created -within the common library. -*/}} -{{- define "tc.v1.common.class.route" -}} -{{- $values := .Values.route -}} -{{- if hasKey . "ObjectValues" -}} - {{- with .ObjectValues.route -}} - {{- $values = . -}} - {{- end -}} -{{- end -}} - - {{- $routeLabels := $values.labels -}} - {{- $routeAnnotations := $values.annotations -}} - -{{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}} -{{- if and (hasKey $values "nameOverride") $values.nameOverride -}} - {{- $fullName = printf "%v-%v" $fullName $values.nameOverride -}} -{{- end -}} -{{- $routeKind := $values.kind | default "HTTPRoute" -}} - -{{/* Get the name of the primary service, if any */}} -{{- $primaryServiceName := (include "tc.v1.common.lib.util.service.primary" (dict "rootCtx" $)) -}} -{{/* Get service values of the primary service, if any */}} -{{- $primaryService := get $.Values.service $primaryServiceName -}} -{{- $defaultServiceName := $fullName -}} - -{{- if and (hasKey $primaryService "nameOverride") $primaryService.nameOverride -}} - {{- $defaultServiceName = printf "%v-%v" $defaultServiceName $primaryService.nameOverride -}} -{{- end -}} -{{- $defaultServicePort := get $primaryService.ports (include "tc.v1.common.lib.util.service.ports.primary" (dict "svcValues" $primaryService "rootCtx" $)) }} - ---- -apiVersion: gateway.networking.k8s.io/v1alpha2 -{{- if and (ne $routeKind "GRPCRoute") (ne $routeKind "HTTPRoute") (ne $routeKind "TCPRoute") (ne $routeKind "TLSRoute") (ne $routeKind "UDPRoute") -}} - {{- fail (printf "Not a valid route kind (%s)" $routeKind) -}} -{{- end }} -kind: {{ $routeKind }} -metadata: - name: {{ $fullName }} - namespace: {{ $.Values.namespace | default $.Values.global.namespace | default $.Release.Namespace }} - {{- $labels := (mustMerge ($routeLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($routeAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) }} - annotations: - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }} - {{- . | nindent 4 }} - {{- end }} -spec: - parentRefs: - {{- range $values.parentRefs }} - - group: {{ default "gateway.networking.k8s.io" .group }} - kind: {{ default "Gateway" .kind }} - name: {{ required (printf "parentRef name is required for %v %v" $routeKind $fullName) .name }} - namespace: {{ required (printf "parentRef namespace is required for %v %v" $routeKind $fullName) .namespace }} - {{- if .sectionName }} - sectionName: {{ .sectionName | quote }} - {{- end }} - {{- end }} - {{- if and (ne $routeKind "TCPRoute") (ne $routeKind "UDPRoute") $values.hostnames }} - hostnames: - {{- with $values.hostnames }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- end }} - rules: - {{- range $values.rules }} - - backendRefs: - {{- range .backendRefs }} - - group: {{ default "" .group | quote}} - kind: {{ default "Service" .kind }} - name: {{ default $defaultServiceName .name }} - namespace: {{ default $.Release.Namespace .namespace }} - port: {{ default $defaultServicePort.port .port }} - weight: {{ default 1 .weight }} - {{- end }} - {{- if (eq $routeKind "HTTPRoute") }} - {{- with .matches }} - matches: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- end }} - {{- end }} -{{- end }} diff --git a/charts/baikal/charts/common/templates/class/_secret.tpl b/charts/baikal/charts/common/templates/class/_secret.tpl deleted file mode 100644 index 14b2f2a..0000000 --- a/charts/baikal/charts/common/templates/class/_secret.tpl +++ /dev/null @@ -1,58 +0,0 @@ -{{/* Secret Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.secret" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the secret. - labels: The labels of the secret. - annotations: The annotations of the secret. - type: The type of the secret. - data: The data of the secret. - namespace: The namespace of the secret. (Optional) -*/}} - -{{- define "tc.v1.common.class.secret" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $secretType := "Opaque" -}} - - {{- if eq $objectData.type "certificate" -}} - {{- $secretType = "kubernetes.io/tls" -}} - {{- else if eq $objectData.type "imagePullSecret" -}} - {{- $secretType = "kubernetes.io/dockerconfigjson" -}} - {{- else if $objectData.type -}} - {{- $secretType = $objectData.type -}} - {{- end }} ---- -apiVersion: v1 -kind: Secret -type: {{ $secretType }} -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Secret") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end -}} - {{- if (mustHas $objectData.type (list "certificate" "imagePullSecret")) }} -data: - {{- if eq $objectData.type "certificate" }} - tls.crt: {{ $objectData.data.certificate | trim | b64enc }} - tls.key: {{ $objectData.data.privatekey | trim | b64enc }} - {{- else if eq $objectData.type "imagePullSecret" }} - .dockerconfigjson: {{ $objectData.data | trim | b64enc }} - {{- end -}} - {{- else }} -stringData: - {{- tpl (toYaml $objectData.data) $rootCtx | nindent 2 }} - {{/* This comment is here to add a new line */}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_service.tpl b/charts/baikal/charts/common/templates/class/_service.tpl deleted file mode 100644 index 0c08e8d..0000000 --- a/charts/baikal/charts/common/templates/class/_service.tpl +++ /dev/null @@ -1,123 +0,0 @@ -{{/* Service Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.service" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: The service data, that will be used to render the Service object. -*/}} - -{{- define "tc.v1.common.class.service" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $svcType := $objectData.type | default $rootCtx.Values.global.fallbackDefaults.serviceType -}} - {{- $_ := set $objectData "annotations" ($objectData.annotations | default dict) -}} - - {{/* Init variables */}} - {{- $hasHTTPSPort := false -}} - {{- $hasHostPort := false -}} - {{- $hostNetwork := false -}} - {{- $podValues := dict -}} - - {{- range $portName, $port := $objectData.ports -}} - {{- if $port.enabled -}} - {{- if eq (tpl ($port.protocol | default "") $rootCtx) "https" -}} - {{- $hasHTTPSPort = true -}} - {{- end -}} - - {{- if and (hasKey $port "hostPort") $port.hostPort -}} - {{- $hasHostPort = true -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $specialTypes := (list "ExternalName" "ExternalIP") -}} - {{/* External Name / External IP does not rely on any pod values */}} - {{- if not (mustHas $svcType $specialTypes) -}} - {{/* Get Pod Values based on the selector (or the absence of it) */}} - {{- $podValues = fromJson (include "tc.v1.common.lib.helpers.getSelectedPodValues" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Service")) -}} - - {{- if $podValues -}} - {{/* Get Pod hostNetwork configuration */}} - {{- $hostNetwork = include "tc.v1.common.lib.pod.hostNetwork" (dict "rootCtx" $rootCtx "objectData" $podValues) -}} - {{/* When hostNetwork is set on the pod, force ClusterIP, so services wont try to bind the same ports on the host */}} - {{- if or (and (kindIs "bool" $hostNetwork) $hostNetwork) (and (kindIs "string" $hostNetwork) (eq $hostNetwork "true")) -}} - {{- $svcType = "ClusterIP" -}} - {{- end -}} - {{- end -}} - - {{/* When hostPort is defined, force ClusterIP aswell */}} - {{- if $hasHostPort -}} - {{- $svcType = "ClusterIP" -}} - {{- end -}} - {{- end -}} - - {{/* When Stop All is set, force ClusterIP as well */}} - {{- if (include "tc.v1.common.lib.util.stopAll" $rootCtx) -}} - {{- $svcType = "ClusterIP" -}} - {{- end -}} - {{- $_ := set $objectData "type" $svcType -}} - - {{- if eq $objectData.type "LoadBalancer" -}} - {{- include "tc.v1.common.lib.service.loadbalancer.validate" (dict "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.service.integration.metallb" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.service.integration.cilium" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- end -}} - {{- if $hasHTTPSPort -}} - {{- include "tc.v1.common.lib.service.integration.traefik" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- end }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Service") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "service" "objectName" $objectData.shortName) | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - {{- if eq $objectData.type "ClusterIP" -}} - {{- include "tc.v1.common.lib.service.spec.clusterIP" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 -}} - {{- else if eq $objectData.type "LoadBalancer" -}} - {{- include "tc.v1.common.lib.service.spec.loadBalancer" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 -}} - {{- else if eq $objectData.type "NodePort" -}} - {{- include "tc.v1.common.lib.service.spec.nodePort" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 -}} - {{- else if eq $objectData.type "ExternalName" -}} - {{- include "tc.v1.common.lib.service.spec.externalName" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 -}} - {{- else if eq $objectData.type "ExternalIP" -}} - {{- include "tc.v1.common.lib.service.spec.externalIP" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 -}} - {{- end -}} - {{- with (include "tc.v1.common.lib.service.ports" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} - ports: - {{- . | nindent 4 }} - {{- end -}} - {{- if not (mustHas $objectData.type $specialTypes) }} - selector: - {{- if $objectData.selectorLabels }} - {{- tpl (toYaml $objectData.selectorLabels) $rootCtx | nindent 4 }} - {{- else }} - {{- include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $podValues.shortName) | trim | nindent 4 -}} - {{- end }} - {{- end -}} - - {{- if eq $objectData.type "ExternalIP" -}} - {{- $useSlice := true -}} - {{- if kindIs "bool" $objectData.useSlice -}} - {{- $useSlice = $objectData.useSlice -}} - {{- end -}} - {{- if $useSlice -}} - {{- include "tc.v1.common.class.endpointSlice" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- else -}} - {{- include "tc.v1.common.class.endpoint" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_serviceAccount.tpl b/charts/baikal/charts/common/templates/class/_serviceAccount.tpl deleted file mode 100644 index 209bf0b..0000000 --- a/charts/baikal/charts/common/templates/class/_serviceAccount.tpl +++ /dev/null @@ -1,34 +0,0 @@ -{{/* Service Account Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.serviceAccount" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the serviceAccount. - labels: The labels of the serviceAccount. - annotations: The annotations of the serviceAccount. - autoMountToken: Whether to mount the ServiceAccount token or not. -*/}} - -{{- define "tc.v1.common.class.serviceAccount" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Service Account") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -automountServiceAccountToken: {{ $objectData.automountServiceAccountToken | default false }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_statefulset.tpl b/charts/baikal/charts/common/templates/class/_statefulset.tpl deleted file mode 100644 index 8de6c39..0000000 --- a/charts/baikal/charts/common/templates/class/_statefulset.tpl +++ /dev/null @@ -1,59 +0,0 @@ -{{/* StatefulSet Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.deployment" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: The object data to be used to render the StatefulSet. -*/}} - -{{- define "tc.v1.common.class.statefulset" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- include "tc.v1.common.lib.workload.statefulsetValidation" (dict "objectData" $objectData) }} ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "StatefulSet") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - {{- include "tc.v1.common.lib.workload.statefulsetSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) | indent 2 }} - selector: - matchLabels: - {{- include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $objectData.shortName) | trim | nindent 6 }} - template: - metadata: - {{- $labels := (mustMerge ($objectData.podSpec.labels | default dict) - (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.podLabels" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) - (include "tc.v1.common.lib.metadata.volumeLabels" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) - (include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $objectData.shortName) | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 8 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.podSpec.annotations | default dict) - (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.podAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 8 }} - {{- end }} - spec: - {{- include "tc.v1.common.lib.workload.pod" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 6 }} - {{- with (include "tc.v1.common.lib.storage.volumeClaimTemplates" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} - volumeClaimTemplates: - {{- . | nindent 4 }} - {{- end }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_storageClass.tpl b/charts/baikal/charts/common/templates/class/_storageClass.tpl deleted file mode 100644 index f9002aa..0000000 --- a/charts/baikal/charts/common/templates/class/_storageClass.tpl +++ /dev/null @@ -1,59 +0,0 @@ -{{/* Configmap Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.storageclass" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the storageclass. - labels: The labels of the storageclass. - annotations: The annotations of the storageclass. -*/}} - -{{- define "tc.v1.common.class.storageclass" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $isDefaultClass := false -}} - {{- if (hasKey $objectData "isDefault") -}} - {{- $isDefaultClass = $objectData.isDefault -}} - {{- end -}} - - {{- $allowVolExpand := true -}} - {{- if not (kindIs "invalid" $objectData.allowVolumeExpansion) -}} - {{- $allowVolExpand = $objectData.allowVolumeExpansion -}} - {{- end }} ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: {{ $objectData.name }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- $_ := set $annotations "storageclass.kubernetes.io/is-default-class" ($isDefaultClass | toString) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -provisioner: {{ $objectData.provisioner }} -{{- with $objectData.parameters }} -parameters: {{/* TODO: */}} - {{- range $k, $v := . -}} - {{- $val := tpl $v $rootCtx }} - {{ $k }}: {{ include "tc.v1.common.helper.makeIntOrNoop" $val | quote }} - {{- end -}} -{{- end }} -reclaimPolicy: {{ $objectData.reclaimPolicy | default "Retain" }} -allowVolumeExpansion: {{ $allowVolExpand }} -{{- with $objectData.mountOptions }} -mountOptions: - {{- range $opt := . }} - - {{ tpl $opt $rootCtx }} - {{- end -}} -{{- end }} -volumeBindingMode: {{ $objectData.volumeBindingMode | default "Immediate" }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_validatingWebhookConfiguration.tpl b/charts/baikal/charts/common/templates/class/_validatingWebhookConfiguration.tpl deleted file mode 100644 index f9f05d4..0000000 --- a/charts/baikal/charts/common/templates/class/_validatingWebhookConfiguration.tpl +++ /dev/null @@ -1,38 +0,0 @@ -{{/* ValidatingWebhookconfiguration Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.validatingWebhookconfiguration" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the validatingWebhookconfiguration. - labels: The labels of the validatingWebhookconfiguration. - annotations: The annotations of the validatingWebhookconfiguration. - data: The data of the validatingWebhookconfiguration. - namespace: The namespace of the validatingWebhookconfiguration. (Optional) -*/}} - -{{- define "tc.v1.common.class.validatingWebhookconfiguration" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Webhook") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -webhooks: - {{- range $webhook := $objectData.webhooks -}} - {{- include "tc.v1.common.lib.webhook" (dict "webhook" $webhook "rootCtx" $rootCtx) | trim | nindent 4 }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_verticalPodAutoscaler.tpl b/charts/baikal/charts/common/templates/class/_verticalPodAutoscaler.tpl deleted file mode 100644 index fe4c6d4..0000000 --- a/charts/baikal/charts/common/templates/class/_verticalPodAutoscaler.tpl +++ /dev/null @@ -1,77 +0,0 @@ -{{/* -This template serves as a blueprint for vertical pod autoscaler objects that are created -using the common library. -*/}} -{{- define "tc.v1.common.class.vpa" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $_ := set $objectData "updatePolicy" ($objectData.updatePolicy | default dict) -}} - {{- $_ := set $objectData "resourcePolicy" ($objectData.resourcePolicy | default dict) }} ---- -apiVersion: autoscaling.k8s.io/v1 -kind: VerticalPodAutoscaler -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "VPA") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - targetRef: - apiVersion: apps/v1 - kind: {{ $objectData.workload.type }} - name: {{ $objectData.name }} - updatePolicy: - updateMode: {{ $objectData.updatePolicy.updateMode | default "Auto" }} - {{- with $objectData.updatePolicy.minReplicas }} - minReplicas: {{ . }} - {{- end -}} - {{- if $objectData.updatePolicy.evictionRequirements }} - evictionRequirements: - {{- range $req := $objectData.updatePolicy.evictionRequirements }} - - resources: {{ $req.resources | toJson }} - changeRequirement: {{ $req.changeRequirement }} - {{- end -}} - {{- end -}} - {{- if and $objectData.resourcePolicy $objectData.resourcePolicy.containerPolicies }} - resourcePolicy: - containerPolicies: - {{- range $cPol := $objectData.resourcePolicy.containerPolicies }} - - containerName: {{ $cPol.containerName | quote }} - mode: {{ $cPol.mode }} - {{- if eq $cPol.mode "Off" -}}{{- continue -}}{{- end }} - controlledValues: {{ $cPol.controlledValues | default "RequestsAndLimits" }} - {{- if $cPol.controlledResources }} - controlledResources: {{ $cPol.controlledResources | toJson }} - {{- end -}} - {{- with $cPol.minAllowed -}} - {{- include "tc.v1.common.class.vpa.resources" (dict "item" "minAllowed" "resources" $cPol.minAllowed) | nindent 8 -}} - {{- end -}} - {{- with $cPol.maxAllowed -}} - {{- include "tc.v1.common.class.vpa.resources" (dict "item" "maxAllowed" "resources" $cPol.maxAllowed) | nindent 8 -}} - {{- end -}} - - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.class.vpa.resources" -}} - {{- $item := .item -}} - {{- $resources := .resources -}} - - {{ $item }}: - {{- with $resources.cpu }} - cpu: {{ . }} - {{- end -}} - {{- with $resources.memory }} - memory: {{ . }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_volumeSnapshot.tpl b/charts/baikal/charts/common/templates/class/_volumeSnapshot.tpl deleted file mode 100644 index 21d4c33..0000000 --- a/charts/baikal/charts/common/templates/class/_volumeSnapshot.tpl +++ /dev/null @@ -1,46 +0,0 @@ -{{/* volumesnapshot Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.volumesnapshot" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the volumesnapshot. - labels: The labels of the volumesnapshot. - annotations: The annotations of the volumesnapshot. - namespace: The namespace of the volumesnapshot. (Optional) -*/}} - -{{- define "tc.v1.common.class.volumesnapshot" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} ---- -apiVersion: snapshot.storage.k8s.io/v1 -kind: VolumeSnapshot -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "volumesnapshot") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - {{- with $objectData.volumeSnapshotClassName }} - volumeSnapshotClassName: {{ . }} - {{- end -}} - {{- if $objectData.source }} - source: - {{- with $objectData.source.persistentVolumeClaimName }} - persistentVolumeClaimName: {{ . }} - {{- end -}} - {{- with $objectData.source.volumeSnapshotContentName }} - volumeSnapshotContentName: {{ . }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/_volumeSnapshotClass.tpl b/charts/baikal/charts/common/templates/class/_volumeSnapshotClass.tpl deleted file mode 100644 index 3521ff4..0000000 --- a/charts/baikal/charts/common/templates/class/_volumeSnapshotClass.tpl +++ /dev/null @@ -1,45 +0,0 @@ -{{/* volumesnapshotclass Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.volumesnapshotclass" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the volumesnapshotclass. - labels: The labels of the volumesnapshotclass. - annotations: The annotations of the volumesnapshotclass. -*/}} - -{{- define "tc.v1.common.class.volumesnapshotclass" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $isDefault := false -}} - {{- if (kindIs "bool" $objectData.isDefault) -}} - {{- $isDefault = $objectData.isDefault -}} - {{- end }} ---- -apiVersion: snapshot.storage.k8s.io/v1 -kind: VolumeSnapshotClass -metadata: - name: {{ $objectData.name }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) }} - annotations: - snapshot.storage.kubernetes.io/is-default-class: {{ $isDefault | quote }} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - {{- . | nindent 4 }} - {{- end }} -driver: {{ tpl $objectData.driver $rootCtx }} -deletionPolicy: {{ $objectData.deletionPolicy | default "Retain" }} - {{- with $objectData.parameters }} -parameters: - {{- range $k, $v := . }} - {{ tpl $k $rootCtx }}: {{ (tpl ($v | toString) $rootCtx) | quote }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/cert-manager/_certificate.tpl b/charts/baikal/charts/common/templates/class/cert-manager/_certificate.tpl deleted file mode 100644 index f02bc4a..0000000 --- a/charts/baikal/charts/common/templates/class/cert-manager/_certificate.tpl +++ /dev/null @@ -1,60 +0,0 @@ -{{/* Certificate Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.certificate" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the certificate. - labels: The labels of the certificate. - annotations: The annotations of the certificate. - namespace: The namespace of the certificate. (Optional) -*/}} -{{- define "tc.v1.common.class.certificate" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} - ---- -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Cert Manager Certificate") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - secretName: {{ $objectData.name }} - dnsNames: - {{- range $h := $objectData.hosts }} - - {{ (tpl $h $rootCtx) | quote }} - {{- end }} - privateKey: - algorithm: ECDSA - size: 256 - rotationPolicy: Always - issuerRef: - name: {{ tpl $objectData.certificateIssuer $rootCtx }} - kind: ClusterIssuer - group: cert-manager.io - {{- if $objectData.certificateSecretTemplate }} - secretTemplate: - {{- $labels := (mustMerge ($objectData.certificateSecretTemplate.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 6 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.certificateSecretTemplate.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 6 }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/cnpg/_backup.tpl b/charts/baikal/charts/common/templates/class/cnpg/_backup.tpl deleted file mode 100644 index 1eb47f7..0000000 --- a/charts/baikal/charts/common/templates/class/cnpg/_backup.tpl +++ /dev/null @@ -1,41 +0,0 @@ -{{- define "tc.v1.common.class.cnpg.backup" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{/* Naming */}} - {{- $backupName := printf "%v-backup-%v" $objectData.name $objectData.backupName -}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $backupName "length" 253) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "CNPG Backup") -}} - - {{/* Metadata */}} - {{- $objLabels := $objectData.labels | default dict -}} - {{- $globalBackupLabels := $objectData.backups.labels | default dict -}} - {{- $backupLabels := $objectData.backupLabels | default dict -}} - {{- $backupLabels = mustMerge $backupLabels $objLabels $globalBackupLabels -}} - - {{- $objAnnotations := $objectData.annotations | default dict -}} - {{- $globalBackupAnnotations := $objectData.backups.annotations | default dict -}} - {{- $backupAnnotations := $objectData.backupAnnotations | default dict -}} - {{- $backupAnnotations = mustMerge $backupAnnotations $objAnnotations $globalBackupAnnotations }} - ---- -apiVersion: postgresql.cnpg.io/v1 -kind: Backup -metadata: - name: {{ $backupName }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "CNPG Backup") }} - labels: - cnpg.io/cluster: {{ $objectData.clusterName }} - {{- $labels := (mustMerge $backupLabels (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge $backupAnnotations (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - cluster: - name: {{ $objectData.clusterName }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/cnpg/_cluster.tpl b/charts/baikal/charts/common/templates/class/cnpg/_cluster.tpl deleted file mode 100644 index 2c3dfe2..0000000 --- a/charts/baikal/charts/common/templates/class/cnpg/_cluster.tpl +++ /dev/null @@ -1,261 +0,0 @@ -{{- define "tc.v1.common.class.cnpg.cluster" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectData.clusterName "length" 253) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "CNPG Cluster") -}} - - {{/* Initialize variables */}} - {{- $hibernation := "off" -}} - {{- $instances := 2 -}} - {{- $mode := "standalone" -}} - {{- $enableMonitoring := false -}} - {{- $disableDefaultQueries := false -}} - {{- $customQueries := list -}} - {{- $enableSuperUser := true -}} - {{- $inProgress := false -}} - {{- $reusePVC := true -}} - {{- $preloadLibraries := list -}} - {{- $walSize := $rootCtx.Values.global.fallbackDefaults.vctSize -}} - {{- $size := $rootCtx.Values.global.fallbackDefaults.vctSize -}} - {{- $primaryUpdateStrategy := "unsupervised" -}} - {{- $primaryUpdateMethod := "switchover" -}} - {{- $logLevel := "info" -}} - {{- $accessModes := $rootCtx.Values.global.fallbackDefaults.vctAccessModes -}} - {{- $walAccessModes := $rootCtx.Values.global.fallbackDefaults.vctAccessModes -}} - {{- $skipEmptyWalArchiveCheck := $rootCtx.Values.global.fallbackDefaults.cnpg.skipEmptyWalArchiveCheck -}} - - {{/* Make sure keys exist before try to access any sub keys */}} - {{- if not (hasKey $objectData "cluster") -}} - {{- $_ := set $objectData "cluster" dict -}} - {{- end -}} - {{- if not (hasKey $objectData "monitoring") -}} - {{- $_ := set $objectData "monitoring" dict -}} - {{- end -}} - {{- if not (hasKey $objectData "backups") -}} - {{- $_ := set $objectData "backups" dict -}} - {{- end -}} - {{- if not (hasKey $objectData.cluster "storage") -}} - {{- $_ := set $objectData.cluster "storage" dict -}} - {{- end -}} - {{- if not (hasKey $objectData.cluster "walStorage") -}} - {{- $_ := set $objectData.cluster "walStorage" dict -}} - {{- end -}} - {{- if not (hasKey $objectData.cluster "resources") -}} - {{- $_ := set $objectData.cluster "resources" dict -}} - {{- end -}} - {{/* Exclude extra resources */}} - {{- $_ := set $objectData.cluster.resources "excludeExtra" true -}} - - {{/* Metadata */}} - {{- $objLabels := $objectData.labels | default dict -}} - {{- $clusterLabels := $objectData.cluster.labels | default dict -}} - {{- $clusterLabels = mustMerge $clusterLabels $objLabels -}} - - {{- $objAnnotations := $objectData.annotations | default dict -}} - {{- $clusterAnnotations := $objectData.cluster.annotations | default dict -}} - {{- $clusterAnnotations = mustMerge $clusterAnnotations $objAnnotations -}} - - {{- with $objectData.cluster.instances -}} - {{- $instances = . -}} - {{- end -}} - - {{/* Stop All */}} - {{- if or $objectData.hibernate (include "tc.v1.common.lib.util.stopAll" $rootCtx) -}} - {{- $hibernation = "on" -}} - {{- end -}} - - {{/* General */}} - {{- with $objectData.mode -}} - {{- $mode = . -}} - {{- end -}} - - {{- with $objectData.cluster.primaryUpdateStrategy -}} - {{- $primaryUpdateStrategy = . -}} - {{- end -}} - {{- with $objectData.cluster.primaryUpdateMethod -}} - {{- $primaryUpdateMethod = . -}} - {{- end -}} - {{- with $objectData.cluster.logLevel -}} - {{- $logLevel = . -}} - {{- end -}} - - {{/* Monitoring */}} - {{- with $objectData.monitoring -}} - {{- if (kindIs "bool" .enablePodMonitor) -}} - {{- $enableMonitoring = .enablePodMonitor -}} - {{- end -}} - {{- if (kindIs "bool" .disableDefaultQueries) -}} - {{- $disableDefaultQueries = .disableDefaultQueries -}} - {{- end -}} - {{- with .customQueries -}} - {{- $customQueries = . -}} - {{- end -}} - {{- end -}} - - {{/* Superuser */}} - {{- if (kindIs "bool" $objectData.cluster.enableSuperuserAccess) -}} - {{- $enableSuperUser = $objectData.cluster.enableSuperuserAccess -}} - {{- end -}} - - {{/* Node Maintenance Window */}} - {{- if $objectData.cluster.singleNode -}} - {{- $inProgress = true -}} - {{- end -}} - - {{- with $objectData.cluster.nodeMaintenanceWindow -}} - {{- if (kindIs "bool" .inProgress) -}} - {{ $inProgress = .inProgress -}} - {{- end -}} - {{- if (kindIs "bool" .reusePVC) -}} - {{ $reusePVC = .reusePVC -}} - {{- end -}} - {{- end -}} - - {{/* Preload Libraries */}} - {{- if (kindIs "slice" $objectData.cluster.preloadLibraries) -}} - {{- $preloadLibraries = $objectData.cluster.preloadLibraries -}} - {{- end -}} - {{- if eq $objectData.type "timescaledb" -}} - {{- $preloadLibraries = mustAppend $preloadLibraries "timescaledb" -}} - {{- end -}} - {{- if eq $objectData.type "vectors" -}} - {{- $preloadLibraries = mustAppend $preloadLibraries "vectors.so" -}} - {{- end -}} - - {{/* Storage */}} - {{- with $objectData.cluster.storage.size -}} - {{- $size = . -}} - {{- end -}} - - {{- with $objectData.cluster.walStorage.size -}} - {{- $walSize = . -}} - {{- end -}} - - {{- with $objectData.cluster.storage.accessModes -}} - {{- $accessModes = . -}} - {{- end -}} - - {{- with $objectData.cluster.walStorage.accessModes -}} - {{- $walAccessModes = . -}} - {{- end -}} - - {{- with $objectData.cluster.skipEmptyWalArchiveCheck -}} - {{- $skipEmptyWalArchiveCheck = . -}} - {{- end -}} - - {{- $imageName := $objectData.cluster.imageName -}} - {{- if not $imageName -}} - {{/* Ensure version and container tracking */}} - {{- $imageType := ($objectData.type | default "postgres") | camelcase | title -}} - {{- if eq $imageType "Postgres" -}} - {{- $imageType = "" -}} - {{- end -}} - - {{/* Format is [postgresCustomNameVersionImage] */}} - {{- $imageKey := printf "postgres%s%sImage" $imageType $objectData.pgVersion -}} - {{- $imageValue := fromJson (include "tc.v1.common.lib.container.imageSelector" (dict "rootCtx" $rootCtx "objectData" (dict "imageSelector" $imageKey))) -}} - {{- $formatImage := printf "%s:%s" $imageValue.repository $imageValue.tag -}} - - {{- $imageName = $formatImage -}} - {{- end }} - ---- -apiVersion: postgresql.cnpg.io/v1 -kind: Cluster -metadata: - name: {{ $objectData.clusterName }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "CNPG Cluster") }} - labels: - cnpg.io/reload: "on" - {{- $labels := (mustMerge $clusterLabels (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - {{- . | nindent 4 }} - {{- end }} - annotations: - cnpg.io/hibernation: {{ $hibernation | quote }} - checksum/secrets: {{ toJson $rootCtx.Values.secret | sha256sum }} - {{- if $skipEmptyWalArchiveCheck }} - cnpg.io/skipEmptyWalArchiveCheck: "enabled" - {{- end }} - {{- $annotations := (mustMerge $clusterAnnotations (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - {{- . | nindent 4 }} - {{- end }} -spec: - imageName: {{ $imageName }} - {{/* This ignores `0` on purpose. */}} - postgresUID: {{ $objectData.cluster.postgresUID | default 26 }} - postgresGID: {{ $objectData.cluster.postgresGID | default 26 }} - enableSuperuserAccess: {{ $enableSuperUser }} - primaryUpdateStrategy: {{ $primaryUpdateStrategy }} - primaryUpdateMethod: {{ $primaryUpdateMethod }} - logLevel: {{ $logLevel }} - instances: {{ $instances }} - {{- if or $objectData.cluster.postgresql $preloadLibraries }} - postgresql: - {{- with $objectData.cluster.postgresql }} - parameters: - {{- range $k, $v := . }} - {{ $k }}: {{ tpl $v $rootCtx | quote }} - {{- end -}} - {{- end -}} - {{- with $preloadLibraries }} - shared_preload_libraries: - {{- range $lib := (. | mustUniq) }} - - {{ $lib | quote }} - {{- end -}} - {{- end -}} - {{- end }} - nodeMaintenanceWindow: - inProgress: {{ $inProgress }} - reusePVC: {{ $reusePVC }} - {{- with (include "tc.v1.common.lib.container.resources" (dict "rootCtx" $rootCtx "objectData" $objectData.cluster) | trim) }} - resources: - {{- . | nindent 4 }} - {{- end }} - storage: - pvcTemplate: - {{- $_ := set $objectData.cluster.storage "size" $size -}} - {{- $_ := set $objectData.cluster.storage "accessModes" $accessModes -}} - - {{- include "tc.v1.common.lib.storage.pvc.spec" (dict "rootCtx" $rootCtx "objectData" $objectData.cluster.storage) | trim | nindent 6 }} - walStorage: - pvcTemplate: - {{- $_ := set $objectData.cluster.walStorage "size" $walSize -}} - {{- $_ := set $objectData.cluster.walStorage "accessModes" $walAccessModes -}} - - {{- include "tc.v1.common.lib.storage.pvc.spec" (dict "rootCtx" $rootCtx "objectData" $objectData.cluster.walStorage) | trim | nindent 6 }} - {{- if $enableMonitoring }} - monitoring: - enablePodMonitor: {{ $enableMonitoring }} - disableDefaultQueries: {{ $disableDefaultQueries }} - {{- if $customQueries }} - customQueriesConfigMap: - {{- range $q := $customQueries }} - {{- $name := $q.name -}} - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $rootCtx "objectData" $q - "name" $q.name "caller" "CNPG Cluster" - "key" "monitoring.customQueries")) -}} - - {{- if eq $expandName "true" -}} - {{- $name = (printf "%s-cnpg-%s-%s" $fullname $objectData.shortName $q.name) -}} - {{- end }} - - name: {{ $name }} - key: {{ $q.key | default "custom-queries" }} - {{- end -}} - {{- end -}} - {{- end }} - bootstrap: - {{- if eq $mode "standalone" -}} - {{- include "tc.v1.common.lib.cnpg.cluster.bootstrap.standalone" (dict "rootCtx" $rootCtx "objectData" $objectData) | nindent 4 -}} - {{- else if eq $mode "recovery" -}} - {{- include "tc.v1.common.lib.cnpg.cluster.bootstrap.recovery" (dict "objectData" $objectData) | nindent 4 -}} - {{- include "tc.v1.common.lib.cnpg.cluster.bootstrap.recovery.externalCluster" (dict "rootCtx" $rootCtx "objectData" $objectData) | nindent 2 -}} - {{- end -}} - {{- if $objectData.backups.enabled }} - {{- include "tc.v1.common.lib.cnpg.cluster.backup" (dict "rootCtx" $rootCtx "objectData" $objectData) | nindent 2 -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/cnpg/_pooler.tpl b/charts/baikal/charts/common/templates/class/cnpg/_pooler.tpl deleted file mode 100644 index b9c39b8..0000000 --- a/charts/baikal/charts/common/templates/class/cnpg/_pooler.tpl +++ /dev/null @@ -1,57 +0,0 @@ -{{- define "tc.v1.common.class.cnpg.pooler" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{/* Naming */}} - {{- $poolerName := printf "%s-pooler-%s" $objectData.name $objectData.pooler.type -}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $poolerName "length" 253) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "CNPG Pooler") -}} - - {{/* Metadata */}} - {{- $objLabels := $objectData.labels | default dict -}} - {{- $poolerLabels := $objectData.pooler.labels | default dict -}} - {{- $poolerLabels = mustMerge $poolerLabels $objLabels -}} - - {{- $objAnnotations := $objectData.annotations | default dict -}} - {{- $poolerAnnotations := $objectData.pooler.annotations | default dict -}} - {{- $poolerAnnotations = mustMerge $poolerAnnotations $objAnnotations -}} - - {{- $instances := $objectData.pooler.instances | default 2 -}} - {{/* Stop All */}} - {{- if or $objectData.hibernate (include "tc.v1.common.lib.util.stopAll" $rootCtx) -}} - {{- $instances = 0 -}} - {{- end }} - ---- -apiVersion: postgresql.cnpg.io/v1 -kind: Pooler -metadata: - name: {{ $poolerName }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "CNPG Pooler") }} - labels: - cnpg.io/reload: "on" - {{- $labels := (mustMerge $poolerLabels (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - {{- . | nindent 4 }} - {{- end }} - annotations: - checksum/secrets: {{ toJson $rootCtx.Values.secret | sha256sum }} - {{- $annotations := (mustMerge $poolerAnnotations (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - {{- . | nindent 4 }} - {{- end }} -spec: - cluster: - name: {{ $objectData.clusterName }} - instances: {{ $instances }} - type: {{ $objectData.pooler.type }} - pgbouncer: - poolMode: {{ $objectData.pooler.poolMode | default "session" }} - {{/* https://cloudnative-pg.io/documentation/1.15/connection_pooling/#pgbouncer-configuration-options */}} - {{- with $objectData.pooler.parameters }} - parameters: - {{- range $key, $value := . }} - {{ $key }}: {{ tpl $value $rootCtx | quote }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/cnpg/_scheduledBackup.tpl b/charts/baikal/charts/common/templates/class/cnpg/_scheduledBackup.tpl deleted file mode 100644 index c541bf5..0000000 --- a/charts/baikal/charts/common/templates/class/cnpg/_scheduledBackup.tpl +++ /dev/null @@ -1,58 +0,0 @@ -{{- define "tc.v1.common.class.cnpg.scheduledbackup" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{/* Naming */}} - {{- $backupName := printf "%v-sched-backup-%v" $objectData.name $objectData.backupName -}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $backupName "length" 253) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "CNPG Scheduled Backup") -}} - - {{/* Metadata */}} - {{- $objLabels := $objectData.labels | default dict -}} - {{- $globalBackupLabels := $objectData.backups.labels | default dict -}} - {{- $backupLabels := $objectData.backupLabels | default dict -}} - {{- $backupLabels = mustMerge $backupLabels $objLabels $globalBackupLabels -}} - - {{- $objAnnotations := $objectData.annotations | default dict -}} - {{- $globalBackupAnnotations := $objectData.backups.annotations | default dict -}} - {{- $backupAnnotations := $objectData.backupAnnotations | default dict -}} - {{- $backupAnnotations = mustMerge $backupAnnotations $objAnnotations $globalBackupAnnotations -}} - - {{/* Data */}} - {{- $suspend := false -}} - {{- if (hasKey $objectData.schedData "suspend") -}} - {{- $suspend = $objectData.schedData.suspend -}} - {{- end -}} - {{- if or $objectData.hibernate (include "tc.v1.common.lib.util.stopAll" $rootCtx) -}} - {{- $suspend = true -}} - {{- end -}} - {{- $immediate := false -}} - {{- if (hasKey $objectData.schedData "immediate") -}} - {{- $immediate = $objectData.schedData.immediate -}} - {{- end }} - ---- -apiVersion: postgresql.cnpg.io/v1 -kind: ScheduledBackup -metadata: - name: {{ $backupName }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "CNPG Scheduled Backup") }} - labels: - cnpg.io/cluster: {{ $objectData.clusterName }} - {{- $labels := (mustMerge $backupLabels (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge $backupAnnotations (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - schedule: {{ $objectData.schedData.schedule }} - backupOwnerReference: {{ $objectData.schedData.backupOwnerReference | default "none" }} - suspend: {{ $suspend }} - immediate: {{ $immediate }} - cluster: - name: {{ $objectData.clusterName }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/metrics/_podMonitor.tpl b/charts/baikal/charts/common/templates/class/metrics/_podMonitor.tpl deleted file mode 100644 index 360c7ef..0000000 --- a/charts/baikal/charts/common/templates/class/metrics/_podMonitor.tpl +++ /dev/null @@ -1,48 +0,0 @@ -{{- define "tc.v1.common.class.podmonitor" -}} - {{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}} - {{- $podmonitorName := $fullName -}} - {{- $values := .Values.podmonitor -}} - - {{- if hasKey . "ObjectValues" -}} - {{- with .ObjectValues.metrics -}} - {{- $values = . -}} - {{- end -}} - {{- end -}} - {{- $podmonitorLabels := $values.labels -}} - {{- $podmonitorAnnotations := $values.annotations -}} - - {{- if and (hasKey $values "nameOverride") $values.nameOverride -}} - {{- $podmonitorName = printf "%v-%v" $podmonitorName $values.nameOverride -}} - {{- end }} - ---- -apiVersion: {{ include "tc.v1.common.capabilities.podmonitor.apiVersion" $ }} -kind: PodMonitor -metadata: - name: {{ $podmonitorName }} - namespace: {{ $.Values.namespace | default $.Values.global.namespace | default $.Release.Namespace }} - {{- $labels := (mustMerge ($podmonitorLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end }} - {{- $annotations := (mustMerge ($podmonitorAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - jobLabel: app.kubernetes.io/name - selector: - {{- if $values.selector }} - {{- tpl (toYaml $values.selector) $ | nindent 4 }} - {{- else }} - {{- $objectData := dict "targetSelector" $values.targetSelector }} - {{- $selectedPod := fromYaml ( include "tc.v1.common.lib.helpers.getSelectedPodValues" (dict "rootCtx" $ "objectData" $objectData)) }} - {{- $selectedPodName := $selectedPod.shortName }} - matchLabels: - {{- include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $ "objectType" "pod" "objectName" $selectedPodName) | indent 6 }} - {{- end }} - podMetricsEndpoints: - {{- tpl (toYaml $values.endpoints) $ | nindent 4 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/metrics/_prometheusRule.tpl b/charts/baikal/charts/common/templates/class/metrics/_prometheusRule.tpl deleted file mode 100644 index 60564fd..0000000 --- a/charts/baikal/charts/common/templates/class/metrics/_prometheusRule.tpl +++ /dev/null @@ -1,56 +0,0 @@ -{{- define "tc.v1.common.class.prometheusrule" -}} - {{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}} - {{- $prometheusruleName := $fullName -}} - {{- $values := .Values.prometheusrule -}} - - {{- if hasKey . "ObjectValues" -}} - {{- with .ObjectValues.metrics -}} - {{- $values = . -}} - {{- end -}} - {{- end -}} - {{- $prometheusruleLabels := $values.labels -}} - {{- $prometheusruleAnnotations := $values.annotations -}} - - {{- if and (hasKey $values "nameOverride") $values.nameOverride -}} - {{- $prometheusruleName = printf "%v-%v" $prometheusruleName $values.nameOverride -}} - {{- end }} - ---- -apiVersion: {{ include "tc.v1.common.capabilities.prometheusrule.apiVersion" $ }} -kind: PrometheusRule -metadata: - name: {{ $prometheusruleName }} - namespace: {{ $.Values.namespace | default $.Values.global.namespace | default $.Release.Namespace }} - {{- $labels := (mustMerge ($prometheusruleLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end }} - {{- $annotations := (mustMerge ($prometheusruleAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - groups: - {{- range $name, $groupValues := .groups }} - - name: {{ $prometheusruleName }}-{{ $name }} - rules: - {{- with $groupValues.rules }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $groupValues.additionalrules }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- end }} - {{- range $id, $groupValues := .additionalgroups }} - - name: {{ $prometheusruleName }}-{{ if $groupValues.name }}{{ $groupValues.name }}{{ else }}{{ $id }}{{ end }} - rules: - {{- with $groupValues.rules }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $groupValues.additionalrules }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- end }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/metrics/_serviceMonitor.tpl b/charts/baikal/charts/common/templates/class/metrics/_serviceMonitor.tpl deleted file mode 100644 index f98c071..0000000 --- a/charts/baikal/charts/common/templates/class/metrics/_serviceMonitor.tpl +++ /dev/null @@ -1,48 +0,0 @@ -{{- define "tc.v1.common.class.servicemonitor" -}} - {{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}} - {{- $servicemonitorName := $fullName -}} - {{- $values := .Values.servicemonitor -}} - - {{- if hasKey . "ObjectValues" -}} - {{- with .ObjectValues.metrics -}} - {{- $values = . -}} - {{- end -}} - {{- end -}} - {{- $servicemonitorLabels := $values.labels -}} - {{- $servicemonitorAnnotations := $values.annotations -}} - - {{- if and (hasKey $values "nameOverride") $values.nameOverride -}} - {{- $servicemonitorName = printf "%v-%v" $servicemonitorName $values.nameOverride -}} - {{- end }} - ---- -apiVersion: {{ include "tc.v1.common.capabilities.servicemonitor.apiVersion" $ }} -kind: ServiceMonitor -metadata: - name: {{ $servicemonitorName }} - namespace: {{ $.Values.namespace | default $.Values.global.namespace | default $.Release.Namespace }} - {{- $labels := (mustMerge ($servicemonitorLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end }} - {{- $annotations := (mustMerge ($servicemonitorAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - jobLabel: app.kubernetes.io/name - selector: - {{- if $values.selector }} - {{- tpl (toYaml $values.selector) $ | nindent 4 }} - {{- else }} - {{- $objectData := dict "targetSelector" $values.targetSelector }} - {{- $selectedService := fromYaml ( include "tc.v1.common.lib.helpers.getSelectedServiceValues" (dict "rootCtx" $ "objectData" $objectData)) }} - {{- $selectedServiceName := $selectedService.shortName }} - matchLabels: - {{- include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $ "objectType" "service" "objectName" $selectedServiceName) | indent 6 }} - {{- end }} - endpoints: - {{- tpl (toYaml $values.endpoints) $ | nindent 4 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/traefik-middleware/_middleware.tpl b/charts/baikal/charts/common/templates/class/traefik-middleware/_middleware.tpl deleted file mode 100644 index 1ec5b6d..0000000 --- a/charts/baikal/charts/common/templates/class/traefik-middleware/_middleware.tpl +++ /dev/null @@ -1,46 +0,0 @@ -{{/* Traefik Middleware Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.traefik.middleware" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the middleware. - labels: The labels of the middleware. - annotations: The annotations of the middleware. - data: The data of the middleware. - namespace: The namespace of the middleware. (Optional) -*/}} - -{{- define "tc.v1.common.class.traefik.middleware" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $typeClassMap := (include "tc.v1.common.lib.traefik.middlewares.map" $) | fromJson -}} - - {{- if not (hasKey $typeClassMap $objectData.type) -}} - {{- fail (printf "Traefik - Middleware [%s] is not supported. Supported middlewares are [%s]" $objectData.type (keys $typeClassMap | join ", ")) -}} - {{- end }} ---- -apiVersion: traefik.io/v1alpha1 -kind: Middleware -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Middleware") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - {{- /* - Nothing goes after the include, each middleware can also render other manifests. - For the same reason indentation must be handled by each middleware. - */ -}} - {{- include (get $typeClassMap $objectData.type) (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/volsync/_replicationDestination.tpl b/charts/baikal/charts/common/templates/class/volsync/_replicationDestination.tpl deleted file mode 100644 index 7ca2322..0000000 --- a/charts/baikal/charts/common/templates/class/volsync/_replicationDestination.tpl +++ /dev/null @@ -1,68 +0,0 @@ -{{/* replicationdestination Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.replicationdestination" (dict "rootCtx" $ "objectData" $objectData "volsyncData" $volsyncData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the replicationdestination. - labels: The labels of the replicationdestination. - annotations: The annotations of the replicationdestination. - data: The data of the replicationdestination. - namespace: The namespace of the replicationdestination. (Optional) -*/}} - -{{- define "tc.v1.common.class.replicationdestination" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $volsyncData := .volsyncData -}} - - {{- $cleanupTempPVC := false -}} - {{- $cleanupCachePVC := false -}} - {{- if and (hasKey $volsyncData "cleanupTempPVC") (kindIs "bool" $volsyncData.cleanupTempPVC) -}} - {{- $cleanupTempPVC = $volsyncData.cleanupTempPVC -}} - {{- end -}} - {{- if and (hasKey $volsyncData "cleanupCachePVC") (kindIs "bool" $volsyncData.cleanupCachePVC) -}} - {{- $cleanupCachePVC = $volsyncData.cleanupCachePVC -}} - {{- end -}} - - {{- $copyMethod := $volsyncData.copyMethod | default "Snapshot" -}} - {{- $capacity := $rootCtx.Values.global.fallbackDefaults.pvcSize -}} - {{- if $objectData.size -}} - {{- $capacity = $objectData.size -}} - {{- end -}} - {{- if $volsyncData.dest.capacity -}} - {{- $capacity = $volsyncData.dest.capacity -}} - {{- end }} ---- -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationDestination -metadata: - name: {{ printf "%s-%s-dest" $objectData.name $volsyncData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Replication Destination") }} - {{- $labels := (mustMerge ($volsyncData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($volsyncData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - trigger: - manual: restore-once - {{ $volsyncData.type }}: - repository: {{ $volsyncData.repository }} - copyMethod: {{ $copyMethod }} - capacity: {{ $capacity }} - {{- if eq $copyMethod "Direct" }} - destinationPVC: {{ $objectData.name }} - {{- end }} - cleanupTempPVC: {{ $cleanupTempPVC }} - cleanupCachePVC: {{ $cleanupCachePVC }} - {{- include "tc.v1.common.lib.volsync.storage" (dict "rootCtx" $rootCtx "objectData" $objectData "volsyncData" $volsyncData "target" "dest") | trim | nindent 4 }} - {{- include "tc.v1.common.lib.volsync.cache" (dict "rootCtx" $rootCtx "objectData" $objectData "volsyncData" $volsyncData "target" "dest") | trim | nindent 4 }} - {{- include "tc.v1.common.lib.volsync.moversecuritycontext" (dict "rootCtx" $rootCtx "objectData" $objectData "volsyncData" $volsyncData "target" "dest") | trim | nindent 4 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/class/volsync/_replicationSource.tpl b/charts/baikal/charts/common/templates/class/volsync/_replicationSource.tpl deleted file mode 100644 index 725576a..0000000 --- a/charts/baikal/charts/common/templates/class/volsync/_replicationSource.tpl +++ /dev/null @@ -1,68 +0,0 @@ -{{/* replicationsource Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.replicationsource" (dict "rootCtx" $ "objectData" $objectData "volsyncData" $volsyncData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the replicationsource. - labels: The labels of the replicationsource. - annotations: The annotations of the replicationsource. - data: The data of the replicationsource. - namespace: The namespace of the replicationsource. (Optional) -*/}} - -{{- define "tc.v1.common.class.replicationsource" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $volsyncData := .volsyncData -}} - - {{- $schedule := "0 0 * * *" -}} - {{- if and $volsyncData.src.trigger $volsyncData.src.trigger.schedule -}} - {{- $schedule = $volsyncData.src.trigger.schedule -}} - {{- end -}} - - {{- $retain := dict "hourly" 6 "daily" 5 "weekly" 4 "monthly" 3 "yearly" 1 -}} - {{- if $volsyncData.src.retain -}} - {{- $items := list "hourly" "daily" "weekly" "monthly" "yearly" -}} - {{- range $item := $items -}} - {{- with get $volsyncData.src.retain $item -}} - {{- $_ := set $retain $item . -}} - {{- end -}} - {{- end -}} - {{- end }} ---- -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: {{ printf "%s-%s" $objectData.name $volsyncData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Replication Source") }} - {{- $labels := (mustMerge ($volsyncData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($volsyncData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - sourcePVC: {{ $objectData.name }} - trigger: - schedule: {{ $schedule }} - {{ $volsyncData.type }}: - repository: {{ $volsyncData.repository }} - copyMethod: {{ $volsyncData.copyMethod | default "Snapshot" }} - pruneIntervalDays: {{ $volsyncData.src.pruneIntervalDays | default 7 }} - unlock: {{ now | date "20060102150405" | quote }} - retain: - hourly: {{ $retain.hourly }} - daily: {{ $retain.daily }} - weekly: {{ $retain.weekly }} - monthly: {{ $retain.monthly }} - yearly: {{ $retain.yearly }} - {{- include "tc.v1.common.lib.volsync.storage" (dict "rootCtx" $rootCtx "objectData" $objectData "volsyncData" $volsyncData "target" "src") | trim | nindent 4 }} - {{- include "tc.v1.common.lib.volsync.cache" (dict "rootCtx" $rootCtx "objectData" $objectData "volsyncData" $volsyncData "target" "src") | trim | nindent 4 }} - {{- include "tc.v1.common.lib.volsync.moversecuritycontext" (dict "rootCtx" $rootCtx "objectData" $objectData "volsyncData" $volsyncData "target" "src") | trim | nindent 4 }} -{{- end }} diff --git a/charts/baikal/charts/common/templates/helpers/_envDupeCheck.tpl b/charts/baikal/charts/common/templates/helpers/_envDupeCheck.tpl deleted file mode 100644 index da27c96..0000000 --- a/charts/baikal/charts/common/templates/helpers/_envDupeCheck.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{/* Check Env for Duplicates */}} -{{/* Call this template: -{{ include "tc.v1.common.helper.container.envDupeCheck" (dict "rootCtx" $ "objectData" $objectData "source" $source "key" $key) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.helper.container.envDupeCheck" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $source := .source -}} - {{- $type := .type -}} - {{- $key := .key -}} - - {{- $dupeEnv := (get $objectData.envDupe $key) -}} - - {{- if $dupeEnv -}} - {{- fail (printf "Container - Environment Variable [%s] in [%s] tried to override the Environment Variable that is already defined in [%s]" $key $source $dupeEnv.source) -}} - {{- end -}} - - {{- $_ := set $objectData.envDupe $key (dict "source" $source) -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/helpers/_getPortRange.tpl b/charts/baikal/charts/common/templates/helpers/_getPortRange.tpl deleted file mode 100644 index 8127fc5..0000000 --- a/charts/baikal/charts/common/templates/helpers/_getPortRange.tpl +++ /dev/null @@ -1,59 +0,0 @@ -{{/* Returns Lowest and Highest ports assigned to the any container in the pod */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.helpers.securityContext.getPortRange" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.helpers.securityContext.getPortRange" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{ $portRange := (dict "high" 0 "low" 0) }} - - {{- range $name, $service := $rootCtx.Values.service -}} - {{- $selected := false -}} - {{/* If service is enabled... */}} - {{- if $service.enabled -}} - - {{/* If there is a selector */}} - {{- if $service.targetSelector -}} - - {{/* And pod is selected */}} - {{- if eq $service.targetSelector $objectData.shortName -}} - {{- $selected = true -}} - {{- end -}} - - {{- else -}} - {{/* If no selector is defined but pod is primary */}} - {{- if $objectData.primary -}} - {{- $selected = true -}} - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- if $selected -}} - {{- range $name, $portValues := $service.ports -}} - {{- if $portValues.enabled -}} - - {{- $portToCheck := ($portValues.targetPort | default $portValues.port) -}} - {{- if kindIs "string" $portToCheck -}} - {{- $portToCheck = (tpl $portToCheck $rootCtx) | int -}} - {{- end -}} - - {{- if or (not $portRange.low) (lt ($portToCheck | int) ($portRange.low | int)) -}} - {{- $_ := set $portRange "low" $portToCheck -}} - {{- end -}} - - {{- if or (not $portRange.high) (gt ($portToCheck | int) ($portRange.high | int)) -}} - {{- $_ := set $portRange "high" $portToCheck -}} - {{- end -}} - - {{- end -}} - {{- end -}} - {{- end -}} - - {{- end -}} - - {{- $portRange | toJson -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/helpers/_getSelectedPod.tpl b/charts/baikal/charts/common/templates/helpers/_getSelectedPod.tpl deleted file mode 100644 index c2d7cf9..0000000 --- a/charts/baikal/charts/common/templates/helpers/_getSelectedPod.tpl +++ /dev/null @@ -1,47 +0,0 @@ -{{/* Service - Get Selected Pod */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.helpers.getSelectedPodValues" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -objectData: The object data of the service -rootCtx: The root context of the chart. -*/}} - -{{- define "tc.v1.common.lib.helpers.getSelectedPodValues" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $caller := .caller -}} - - {{- $podValues := dict -}} - {{- with $objectData.targetSelector -}} - {{- $podValues = mustDeepCopy (get $rootCtx.Values.workload .) -}} - - {{- if not $podValues -}} - {{- fail (printf "%s - Selected pod [%s] is not defined" $caller .) -}} - {{- end -}} - - {{- if not $podValues.enabled -}} - {{- fail (printf "%s - Selected pod [%s] is not enabled" $caller .) -}} - {{- end -}} - - {{/* While we know the shortName from targetSelector, let's set it explicitly - So service can reference this directly, to match the behaviour of a service - without targetSelector defined (assumes "use primary") */}} - {{- $_ := set $podValues "shortName" . -}} - {{- else -}} - - {{/* If no targetSelector is defined, we assume the service is using the primary pod */}} - {{/* Also no need to check for multiple primaries here, it's already done on the workload validation */}} - {{- range $podName, $pod := $rootCtx.Values.workload -}} - {{- if $pod.enabled -}} - {{- if $pod.primary -}} - {{- $podValues = mustDeepCopy $pod -}} - {{/* Set the shortName so service can use this on selector */}} - {{- $_ := set $podValues "shortName" $podName -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- end -}} - - {{/* Return values in Json, to preserve types */}} - {{ $podValues | toJson }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/helpers/_getSelectedService.tpl b/charts/baikal/charts/common/templates/helpers/_getSelectedService.tpl deleted file mode 100644 index d874222..0000000 --- a/charts/baikal/charts/common/templates/helpers/_getSelectedService.tpl +++ /dev/null @@ -1,47 +0,0 @@ -{{/* Service - Get Selected Service */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.helpers.getSelectedServiceValues" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -objectData: The object data of the service -rootCtx: The root context of the chart. -*/}} - -{{- define "tc.v1.common.lib.helpers.getSelectedServiceValues" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $caller := .caller -}} - - {{- $serviceValues := dict -}} - {{- with $objectData.targetSelector -}} - {{- $serviceValues = mustDeepCopy (get $rootCtx.Values.service .) -}} - - {{- if not $serviceValues -}} - {{- fail (printf "%s - Selected service [%s] is not defined" $caller .) -}} - {{- end -}} - - {{- if not $serviceValues.enabled -}} - {{- fail (printf "%s - Selected service [%s] is not enabled" $caller .) -}} - {{- end -}} - - {{/* While we know the shortName from targetSelector, let's set it explicitly - So service can reference this directly, to match the behaviour of a service - without targetSelector defined (assumes "use primary") */}} - {{- $_ := set $serviceValues "shortName" . -}} - {{- else -}} - - {{/* If no targetSelector is defined, we assume the service is using the primary service */}} - {{/* Also no need to check for multiple primaries here, it's already done on the service validation */}} - {{- range $serviceName, $service := $rootCtx.Values.service -}} - {{- if $service.enabled -}} - {{- if $service.primary -}} - {{- $serviceValues = mustDeepCopy $service -}} - {{/* Set the shortName so service can use this on selector */}} - {{- $_ := set $serviceValues "shortName" $serviceName -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- end -}} - - {{/* Return values in Json, to preserve types */}} - {{ $serviceValues | toJson }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/helpers/_makeIntOrNoop.tpl b/charts/baikal/charts/common/templates/helpers/_makeIntOrNoop.tpl deleted file mode 100644 index aec1ddf..0000000 --- a/charts/baikal/charts/common/templates/helpers/_makeIntOrNoop.tpl +++ /dev/null @@ -1,21 +0,0 @@ -{{- define "tc.v1.common.helper.makeIntOrNoop" -}} - {{- $value := . -}} - - {{/* - - Ints in Helm can be either int, int64 or float64. - - Values that start with zero should not be converted - to int again as this will strip leading zeros. - - Numbers converted to E notation by Helm will - always contain the "e" character. So we only - convert those. - */}} - {{- if and - (mustHas (kindOf $value) (list "int" "int64" "float64")) - (not (hasPrefix "0" ($value | toString))) - (contains "e" ($value | toString | lower)) - -}} - {{- $value | int -}} - {{- else -}} - {{- $value -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/_tc_capabilities.tpl b/charts/baikal/charts/common/templates/lib/_tc_capabilities.tpl deleted file mode 100644 index df9c5d5..0000000 --- a/charts/baikal/charts/common/templates/lib/_tc_capabilities.tpl +++ /dev/null @@ -1,19 +0,0 @@ -{{/* Return the appropriate apiVersion for PodMonitor */}} -{{- define "tc.v1.common.capabilities.podmonitor.apiVersion" -}} - {{- print "monitoring.coreos.com/v1" -}} -{{- end -}} - -{{/* Return the appropriate apiVersion for ServiceMonitor */}} -{{- define "tc.v1.common.capabilities.servicemonitor.apiVersion" -}} - {{- print "monitoring.coreos.com/v1" -}} -{{- end -}} - -{{/* Return the appropriate apiVersion for PrometheusRule */}} -{{- define "tc.v1.common.capabilities.prometheusrule.apiVersion" -}} - {{- print "monitoring.coreos.com/v1" -}} -{{- end -}} - -{{/* Return the appropriate apiVersion for NetworkPolicy*/}} -{{- define "tc.v1.common.capabilities.networkpolicy.apiVersion" -}} - {{- print "networking.k8s.io/v1" -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/certificate/_validation.tpl b/charts/baikal/charts/common/templates/lib/certificate/_validation.tpl deleted file mode 100644 index 9e84d10..0000000 --- a/charts/baikal/charts/common/templates/lib/certificate/_validation.tpl +++ /dev/null @@ -1,49 +0,0 @@ -{{/* Certificate Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.certificate.validation" (dict "rootCtx" $ "objectData" $objectData) -}} -objectData: - rootCtx: The root context of the chart. - objectData: The Certificate object. -*/}} - -{{- define "tc.v1.common.lib.certificate.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.certificateIssuer -}} - {{- fail "Cert Manager Certificate - Expected non-empty [certificateIssuer]" -}} - {{- end -}} - - {{- if not $objectData.hosts -}} - {{- fail "Cert Manager Certificate - Expected non-empty [hosts]" -}} - {{- end -}} - - {{- if not (kindIs "slice" $objectData.hosts) -}} - {{- fail (printf "Cert Manager Certificate - Expected [hosts] to be a [slice], but got [%s]" (kindOf $objectData.hosts)) -}} - {{- end -}} - - {{- range $h := $objectData.hosts -}} - {{- if not $h -}} - {{- fail "Cert Manager Certificate - Expected non-empty entry in [hosts]" -}} - {{- end -}} - - {{- $host := tpl $h $rootCtx -}} - {{- if (hasPrefix "http://" $host) -}} - {{- fail (printf "Cert Manager Certificate - Expected entry in [hosts] to not start with [http://], but got [%s]" $host) -}} - {{- end -}} - {{- if (hasPrefix "https://" $host) -}} - {{- fail (printf "Cert Manager Certificate - Expected entry in [hosts] to not start with [https://], but got [%s]" $host) -}} - {{- end -}} - {{- if (contains ":" $host) -}} - {{- fail (printf "Cert Manager Certificate - Expected entry in [hosts] to not contain [:], but got [%s]" $host) -}} - {{- end -}} - - {{- with $objectData.certificateSecretTemplate -}} - {{- if and (not .labels) (not .annotations) -}} - {{- fail "Cert Manager Certificate - Expected [certificateSecretTemplate] to have at least one of [labels, annotations]" -}} - {{- end -}} - - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData.certificateSecretTemplate "caller" "Cert Manager Certificate (certificateSecretTemplate)") -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/chart/_check_capabitilies.tpl b/charts/baikal/charts/common/templates/lib/chart/_check_capabitilies.tpl deleted file mode 100644 index 679f1b8..0000000 --- a/charts/baikal/charts/common/templates/lib/chart/_check_capabitilies.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{- define "tc.v1.common.check.capabilities" -}} - {{- $helmVersion := semver .Capabilities.HelmVersion.Version -}} - {{- $helmMinVer := semver "3.14.0" -}} - - {{- if .Chart.Annotations -}} - {{- $min := index .Chart.Annotations "truecharts.org/min_helm_version" -}} - {{- if $min -}} - {{/* Apply a relaxed version check */}} - {{- $helmMinVer = semver $min -}} - {{- end -}} - {{- end -}} - - {{- if eq -1 ($helmMinVer | $helmVersion.Compare) -}} - {{- fail (printf "Expected minimum helm version [%s], but found [%s]. Upgrade helm cli tool." $helmMinVer $helmVersion) -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/chart/_names.tpl b/charts/baikal/charts/common/templates/lib/chart/_names.tpl deleted file mode 100644 index ece50e2..0000000 --- a/charts/baikal/charts/common/templates/lib/chart/_names.tpl +++ /dev/null @@ -1,52 +0,0 @@ -{{/* Contains functions for generating names */}} - -{{/* Returns the name of the Chart */}} -{{- define "tc.v1.common.lib.chart.names.name" -}} - - {{- .Chart.Name | lower | trunc 63 | trimSuffix "-" -}} - -{{- end -}} - -{{/* Returns the fullname of the Chart */}} -{{- define "tc.v1.common.lib.chart.names.fullname" -}} - - {{- $name := include "tc.v1.common.lib.chart.names.name" . -}} - - {{- if contains $name .Release.Name -}} - {{- $name = .Release.Name -}} - {{- else -}} - {{- $name = printf "%s-%s" .Release.Name $name -}} - {{- end -}} - - {{- $name | lower | trunc 63 | trimSuffix "-" -}} - -{{- end -}} - -{{/* Returns the fqdn of the Chart */}} -{{- define "tc.v1.common.lib.chart.names.fqdn" -}} - - {{- printf "%s.%s" (include "tc.v1.common.lib.chart.names.fullname" .) .Release.Namespace | replace "+" "_" | trunc 63 | trimSuffix "-" -}} - -{{- end -}} - -{{/* Validates names */}} -{{- define "tc.v1.common.lib.chart.names.validation" -}} - - {{- $name := .name -}} - {{- $length := .length -}} - {{- if not $length -}} - {{- $length = 63 -}} - {{- end -}} - - {{- if not (and (mustRegexMatch "^[a-z0-9]((-?[a-z0-9]-?)*[a-z0-9])?$" $name) (le (len $name) $length)) -}} - {{- fail (printf "Name [%s] is not valid. Must start and end with an alphanumeric lowercase character. It can contain '-'. And must be at most %v characters." $name $length) -}} - {{- end -}} - -{{- end -}} - -{{/* Create chart name and version as used by the chart label */}} -{{- define "tc.v1.common.lib.chart.names.chart" -}} - - {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/chart/_notes.tpl b/charts/baikal/charts/common/templates/lib/chart/_notes.tpl deleted file mode 100644 index 0d4445a..0000000 --- a/charts/baikal/charts/common/templates/lib/chart/_notes.tpl +++ /dev/null @@ -1,38 +0,0 @@ -{{- define "tc.v1.common.lib.chart.notes" -}} - - {{- include "tc.v1.common.lib.chart.header" . -}} - - {{- include "tc.v1.common.lib.chart.custom" . -}} - - {{- include "tc.v1.common.lib.chart.footer" . -}} - - {{- include "tc.v1.common.lib.chart.warnings" . -}} - -{{- end -}} - -{{- define "tc.v1.common.lib.chart.header" -}} - {{- tpl $.Values.notes.header $ | nindent 0 }} -{{- end -}} - -{{- define "tc.v1.common.lib.chart.custom" -}} - {{- tpl $.Values.notes.custom $ | nindent 0 }} -{{- end -}} - -{{- define "tc.v1.common.lib.chart.footer" -}} - {{- tpl $.Values.notes.footer $ | nindent 0 }} -{{- end -}} - -{{- define "tc.v1.common.lib.chart.warnings" -}} - {{- range $w := $.Values.notes.warnings }} - {{- tpl $w $ | nindent 0 }} - {{- end }} -{{- end -}} - -{{- define "add.warning" -}} - {{- $rootCtx := .rootCtx -}} - {{- $warn := .warn -}} - - {{- $newWarns := $rootCtx.Values.notes.warnings -}} - {{- $newWarns = mustAppend $newWarns $warn -}} - {{- $_ := set $rootCtx.Values.notes "warnings" $newWarns -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/cnpg/_dbCredentialSecrets.tpl b/charts/baikal/charts/common/templates/lib/cnpg/_dbCredentialSecrets.tpl deleted file mode 100644 index 8555481..0000000 --- a/charts/baikal/charts/common/templates/lib/cnpg/_dbCredentialSecrets.tpl +++ /dev/null @@ -1,102 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.db.credentials.secrets" -}} - {{- $objectData := .objectData -}} - {{- $cnpg := .cnpg -}} - {{- $rootCtx := .rootCtx -}} - - {{- $dbPass := $objectData.password -}} - {{- $auth := printf "%s:%s" $objectData.user $dbPass -}} - - {{/* Double "%" to escape the interpolation and use the template on another printf */}} - {{- $stdTmpl := printf "postgresql://%s@%s-%%s:5432/%s" $auth $objectData.name $objectData.database -}} - {{- $nosslTmpl := printf "postgresql://%s@%s-%%s:5432/%s?sslmode=disable" $auth $objectData.name $objectData.database -}} - {{- $portHostTmpl := printf "%s-%%s:5432" $objectData.name -}} - {{- $hostTmpl := printf "%s-%%s" $objectData.name -}} - {{- $jdbcTmpl := printf "jdbc:postgresql://%s-%%s:5432/%s" $objectData.name $objectData.database -}} - - {{- $rwString := "rw" -}} - {{- $roString := "ro" -}} - {{- $poolEnabled := false -}} - {{- if and $objectData.pooler $objectData.pooler.enabled -}} - {{- $poolEnabled = true -}} - {{- $rwString = "pooler-rw" -}} - {{- $roString = "pooler-ro" -}} - {{- end -}} - - {{- $creds := (dict - "std" (printf $stdTmpl $rwString) - "nossl" (printf $nosslTmpl $rwString) - "portHost" (printf $portHostTmpl $rwString) - "host" (printf $hostTmpl $rwString) - "jdbc" (printf $jdbcTmpl $rwString) - ) -}} - - {{- $credsRO := dict -}} - {{- if and $poolEnabled $objectData.pooler.createRO -}} - {{- $credsRO = (dict - "std" (printf $stdTmpl $roString) - "nossl" (printf $nosslTmpl $roString) - "portHost" (printf $portHostTmpl $roString) - "host" (printf $hostTmpl $roString) - "jdbc" (printf $jdbcTmpl $roString) - ) -}} - {{- end -}} - - {{- with (include "tc.v1.common.lib.cnpg.secret.user" (dict "user" $objectData.user "pass" $dbPass) | fromYaml) -}} - {{- $_ := set $rootCtx.Values.secret (printf "cnpg-%s-user" $objectData.shortName) . -}} - {{- end -}} - - {{- with (include "tc.v1.common.lib.cnpg.secret.urls" (dict "creds" $creds "credsRO" $credsRO) | fromYaml) -}} - {{- $_ := set $rootCtx.Values.secret (printf "cnpg-%s-urls" $objectData.shortName) . -}} - {{- end -}} - - {{/* We need to mutate the actual (cnpg) values here not the copy */}} - {{- if not (hasKey $cnpg "creds") -}} - {{- $_ := set $cnpg "creds" dict -}} - {{- end -}} - - {{- $_ := set $cnpg.creds "password" $dbPass -}} - - {{- $_ := set $cnpg.creds "std" $creds.std -}} - {{- $_ := set $cnpg.creds "nossl" $creds.nossl -}} - {{- $_ := set $cnpg.creds "porthost" $creds.portHost -}} - {{- $_ := set $cnpg.creds "host" $creds.host -}} - {{- $_ := set $cnpg.creds "jdbc" $creds.jdbc -}} - - {{- if and $poolEnabled $objectData.pooler.createRO -}} - {{- $_ := set $cnpg.creds "stdRO" $credsRO.std -}} - {{- $_ := set $cnpg.creds "nosslRO" $credsRO.nossl -}} - {{- $_ := set $cnpg.creds "porthostRO" $credsRO.portHost -}} - {{- $_ := set $cnpg.creds "hostRO" $credsRO.host -}} - {{- $_ := set $cnpg.creds "jdbcRO" $credsRO.jdbc -}} - {{- end -}} - -{{- end -}} - -{{- define "tc.v1.common.lib.cnpg.secret.urls" -}} - {{- $creds := .creds -}} - {{- $credsRO := .credsRO }} -enabled: true -data: - std: {{ $creds.std }} - nossl: {{ $creds.nossl }} - porthost: {{ $creds.portHost }} - host: {{ $creds.host }} - jdbc: {{ $creds.jdbc }} - {{- if $credsRO }} - stdRO: {{ $credsRO.std }} - nosslRO: {{ $credsRO.nossl }} - porthostRO: {{ $credsRO.portHost }} - hostRO: {{ $credsRO.host }} - jdbcRO: {{ $credsRO.jdbc }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.cnpg.secret.user" -}} - {{- $user := .user -}} - {{- $pass := .pass }} -enabled: true -type: kubernetes.io/basic-auth -data: - username: {{ $user }} - password: {{ $pass }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/cnpg/_poolerMetrics.tpl b/charts/baikal/charts/common/templates/lib/cnpg/_poolerMetrics.tpl deleted file mode 100644 index 22a1913..0000000 --- a/charts/baikal/charts/common/templates/lib/cnpg/_poolerMetrics.tpl +++ /dev/null @@ -1,10 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.metrics.pooler" -}} -{{- $poolerName := .poolerName }} -enabled: true -type: podmonitor -selector: - matchLabels: - cnpg.io/poolerName: {{ $poolerName }} -endpoints: - - port: metrics -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/cnpg/backup/_spawner.tpl b/charts/baikal/charts/common/templates/lib/cnpg/backup/_spawner.tpl deleted file mode 100644 index 91ab9ed..0000000 --- a/charts/baikal/charts/common/templates/lib/cnpg/backup/_spawner.tpl +++ /dev/null @@ -1,14 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.spawner.backups" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- range $backup := $objectData.backups.manualBackups -}} - {{- $_ := set $objectData "backupName" $backup.name -}} - {{- $_ := set $objectData "backupLabels" $backup.labels -}} - {{- $_ := set $objectData "backupAnnotations" $backup.annotations -}} - - {{- include "tc.v1.common.lib.cnpg.backup.validation" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- include "tc.v1.common.class.cnpg.backup" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/cnpg/backup/_validation.tpl b/charts/baikal/charts/common/templates/lib/cnpg/backup/_validation.tpl deleted file mode 100644 index 20903f8..0000000 --- a/charts/baikal/charts/common/templates/lib/cnpg/backup/_validation.tpl +++ /dev/null @@ -1,7 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.backup.validation" -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.backupName -}} - {{- fail "CNPG Backup - Expected non-empty [name] in [backups.manualBackups] entry" -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/cnpg/barmanObjectStore/_getData.tpl b/charts/baikal/charts/common/templates/lib/cnpg/barmanObjectStore/_getData.tpl deleted file mode 100644 index 6cffbdb..0000000 --- a/charts/baikal/charts/common/templates/lib/cnpg/barmanObjectStore/_getData.tpl +++ /dev/null @@ -1,46 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.getData" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $type := .type -}} - - {{- $serverName := $objectData.clusterName -}} - {{- $destinationPath := "" -}} - {{- $creds := dict -}} - {{- $key := "" -}} - - {{- if eq $type "recovery" -}} - {{- $creds = (get $rootCtx.Values.credentials $objectData.recovery.credentials) -}} - {{- include "tc.v1.common.lib.credentials.validation" (dict "rootCtx" $rootCtx "caller" "CNPG BarmanObjectStore" "credName" $objectData.recovery.credentials) -}} - {{- $destinationPath = $objectData.recovery.destinationPath -}} - {{- $key = "recovery" -}} - - {{- if $objectData.recovery.serverName -}} - {{- $serverName = $objectData.recovery.serverName -}} - {{- end -}} - {{- if $objectData.recovery.revision -}} - {{- $serverName = printf "%s-r%s" $serverName $objectData.recovery.revision -}} - {{- end -}} - - {{- else if eq $type "backup" -}} - {{- $creds = (get $rootCtx.Values.credentials $objectData.backups.credentials) -}} - {{- include "tc.v1.common.lib.credentials.validation" (dict "rootCtx" $rootCtx "caller" "CNPG BarmanObjectStore" "credName" $objectData.backups.credentials) -}} - {{- $destinationPath = $objectData.backups.destinationPath -}} - {{- $key = "backups" -}} - - {{- if $objectData.backups.serverName -}} - {{- $serverName = $objectData.backups.serverName -}} - {{- end -}} - {{- if $objectData.backups.revision -}} - {{- $serverName = printf "%s-r%s" $serverName $objectData.backups.revision -}} - {{- end -}} - {{- end -}} - - {{- $data := (dict - "serverName" $serverName - "destinationPath" $destinationPath - "creds" $creds - "key" $key - ) -}} - - {{- $data | toYaml -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/cnpg/barmanObjectStore/_s3.tpl b/charts/baikal/charts/common/templates/lib/cnpg/barmanObjectStore/_s3.tpl deleted file mode 100644 index 51424df..0000000 --- a/charts/baikal/charts/common/templates/lib/cnpg/barmanObjectStore/_s3.tpl +++ /dev/null @@ -1,38 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.s3" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $type := .type -}} - {{- $data := .data -}} - - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - {{- $secretName := (printf "%s-cnpg-%s-provider-%s-s3-creds" $fullname $objectData.shortName $type) -}} - - {{- $calcData := include "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.getData" (dict - "rootCtx" $rootCtx "objectData" $objectData "type" $type) | fromYaml - -}} - - {{- $serverName := $calcData.serverName -}} - {{- $destinationPath := $calcData.destinationPath -}} - {{- $endpointURL := $calcData.creds.url -}} - {{- $bucket := $calcData.creds.bucket -}} - {{- $path := $calcData.creds.path -}} - {{- $key := $calcData.key -}} - - {{- if not $destinationPath -}} - {{- if $path -}} - {{- $destinationPath = (printf "s3://%s/%s/%s/cnpg" $bucket ($path | trimSuffix "/") $rootCtx.Release.Name) -}} - {{- else -}} - {{- $destinationPath = (printf "s3://%s/%s/cnpg" $bucket $rootCtx.Release.Name) -}} - {{- end -}} - {{- end }} -endpointURL: {{ $endpointURL }} -destinationPath: {{ $destinationPath }} -serverName: {{ $serverName }} -s3Credentials: - accessKeyId: - name: {{ $secretName }} - key: ACCESS_KEY_ID - secretAccessKey: - name: {{ $secretName }} - key: ACCESS_SECRET_KEY -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/cnpg/cluster/_backup.tpl b/charts/baikal/charts/common/templates/lib/cnpg/cluster/_backup.tpl deleted file mode 100644 index 7287480..0000000 --- a/charts/baikal/charts/common/templates/lib/cnpg/cluster/_backup.tpl +++ /dev/null @@ -1,43 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.cluster.backup" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $compression := "bzip2" -}} - {{- if and $objectData.backups.compression (not $objectData.backups.compression.enabled) -}} - {{- $compression = "" -}} - {{- end -}} - - {{- $encryption := "" -}} - {{- if and $objectData.backups.encryption $objectData.backups.encryption.enabled -}} - {{- $encryption = "AES256" -}} - {{- end }} -backup: - {{- with $objectData.backups.target }} - target: {{ . }} - {{- end }} - retentionPolicy: {{ $objectData.backups.retentionPolicy }} - barmanObjectStore: - data: - jobs: {{ $objectData.backups.jobs | default 2 }} - {{- with $compression }} - compression: {{ . }} - {{- end -}} - {{- with $encryption }} - encryption: {{ . }} - {{- end -}} - {{- if or $compression $encryption }} - wal: - {{- with $compression }} - compression: {{ . }} - {{- end -}} - {{- with $encryption }} - encryption: {{ . }} - {{- end -}} - {{- end -}} - {{/* Fetch provider data */}} - {{/* Get the creds defined in backup.$provider */}} - {{- $creds := (get $rootCtx.Values.credentials $objectData.backups.credentials) -}} - {{- include "tc.v1.common.lib.credentials.validation" (dict "rootCtx" $rootCtx "caller" "CNPG Backup" "credName" $objectData.backups.credentials) -}} - - {{- include (printf "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.%s" $creds.type) (dict "rootCtx" $rootCtx "objectData" $objectData "data" $creds "type" "backup") | nindent 4 -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/cnpg/cluster/_boostrapRecovery.tpl b/charts/baikal/charts/common/templates/lib/cnpg/cluster/_boostrapRecovery.tpl deleted file mode 100644 index 77a5dcd..0000000 --- a/charts/baikal/charts/common/templates/lib/cnpg/cluster/_boostrapRecovery.tpl +++ /dev/null @@ -1,25 +0,0 @@ -{{/* Recovery Template, called when mode is recovery */}} -{{- define "tc.v1.common.lib.cnpg.cluster.bootstrap.recovery" }} - {{- $objectData := .objectData }} -recovery: - secret: - name: {{ printf "%s-user" $objectData.clusterName }} - database: {{ $objectData.database }} - owner: {{ $objectData.user }} - {{- if eq $objectData.recovery.method "backup" }} - backup: - name: {{ $objectData.recovery.backupName }} - {{- else if eq $objectData.recovery.method "object_store" -}} - {{- $serverName := $objectData.recovery.serverName | default $objectData.clusterName -}} - {{- if $objectData.recovery.revision -}} - {{- $serverName = printf "%s-r%s" $serverName $objectData.recovery.revision -}} - {{- end }} - source: {{ $serverName }} - {{- end -}} - {{- if $objectData.recovery.pitrTarget -}} - {{- with $objectData.recovery.pitrTarget.time }} - recoveryTarget: - targetTime: {{ . | quote }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/cnpg/cluster/_bootstrapRecoveryExternalCluster.tpl b/charts/baikal/charts/common/templates/lib/cnpg/cluster/_bootstrapRecoveryExternalCluster.tpl deleted file mode 100644 index bea693c..0000000 --- a/charts/baikal/charts/common/templates/lib/cnpg/cluster/_bootstrapRecoveryExternalCluster.tpl +++ /dev/null @@ -1,22 +0,0 @@ -{{/* Recovery from externalClusters Template, called when mode is recovery */}} -{{- define "tc.v1.common.lib.cnpg.cluster.bootstrap.recovery.externalCluster" }} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if eq $objectData.recovery.method "object_store" }} -externalClusters: - {{- $serverName := $objectData.recovery.serverName | default $objectData.clusterName -}} - {{- if $objectData.recovery.revision -}} - {{- $serverName = printf "%s-r%s" $serverName $objectData.recovery.revision -}} - {{- end }} - - name: {{ $serverName }} - barmanObjectStore: - - {{/* Fetch provider data */}} - {{/* Get the creds defined in backup.$provider */}} - {{- $creds := (get $rootCtx.Values.credentials $objectData.recovery.credentials) -}} - {{- include "tc.v1.common.lib.credentials.validation" (dict "rootCtx" $rootCtx "caller" "CNPG Recovery External Cluster" "credName" $objectData.recovery.credentials) -}} - - {{- include (printf "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.%s" $creds.type) (dict "rootCtx" $rootCtx "objectData" $objectData "data" $creds "type" "recovery") | nindent 6 -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/cnpg/cluster/_bootstrapStandalone.tpl b/charts/baikal/charts/common/templates/lib/cnpg/cluster/_bootstrapStandalone.tpl deleted file mode 100644 index 99eb240..0000000 --- a/charts/baikal/charts/common/templates/lib/cnpg/cluster/_bootstrapStandalone.tpl +++ /dev/null @@ -1,78 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.cluster.bootstrap.standalone" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $initdb := dict -}} - {{- $postInitSQL := list -}} - {{- $postInitTemplateSQL := list -}} - {{- $postInitApplicationSQL := list -}} - {{- $dataChecksums := true -}} - {{- if not (hasKey $objectData.cluster "initdb") -}} - {{- $_ := set $objectData.cluster "initdb" dict -}} - {{- end -}} - - {{- if (kindIs "bool" $objectData.cluster.initdb.dataChecksums) -}} - {{- $dataChecksums = $objectData.cluster.initdb.dataChecksums -}} - {{- end -}} - - {{/* PostInitApplicationSQL */}} - {{- if eq $objectData.type "timescaledb" -}} - {{- $postInitApplicationSQL = concat $postInitApplicationSQL (list - "CREATE EXTENSION IF NOT EXISTS timescaledb;") -}} - {{- end -}} - {{- if eq $objectData.type "postgis" -}} - {{- $postInitApplicationSQL = concat $postInitApplicationSQL (list - "CREATE EXTENSION IF NOT EXISTS postgis;" - "CREATE EXTENSION IF NOT EXISTS postgis_topology;" - "CREATE EXTENSION IF NOT EXISTS fuzzystrmatch;" - "CREATE EXTENSION IF NOT EXISTS postgis_tiger_geocoder;") -}} - {{- end }} - - {{- if eq $objectData.type "vectors" -}} - {{- $postInitApplicationSQL = concat $postInitApplicationSQL (list - "CREATE EXTENSION IF NOT EXISTS vectors;") -}} - {{- end -}} - - {{- if $objectData.cluster.initdb -}} - {{- $postInitApplicationSQL = concat $postInitApplicationSQL ( $objectData.cluster.initdb.postInitApplicationSQL | default list ) -}} - {{- $postInitSQL = concat $postInitSQL ( $objectData.cluster.initdb.postInitSQL | default list ) -}} - {{- $postInitTemplateSQL = concat $postInitTemplateSQL ( $objectData.cluster.initdb.postInitTemplateSQL | default list ) -}} - {{- end -}} - -initdb: - secret: - name: {{ printf "%s-user" $objectData.clusterName }} - database: {{ $objectData.database }} - owner: {{ $objectData.user }} - dataChecksums: {{ $dataChecksums }} - {{- with $objectData.cluster.initdb.encoding }} - encoding: {{ . }} - {{- end -}} - {{- with $objectData.cluster.initdb.localeCollate }} - localeCollate: {{ . }} - {{- end -}} - {{- with $objectData.cluster.initdb.localeCtype }} - localeCtype: {{ . }} - {{- end -}} - {{- with $objectData.cluster.initdb.walSegmentSize }} - walSegmentSize: {{ . }} - {{- end -}} - {{- if $postInitApplicationSQL }} - postInitApplicationSQL: - {{- range $v := $postInitApplicationSQL }} - - {{ tpl $v $rootCtx | quote }} - {{- end -}} - {{- end -}} - {{- if $postInitSQL }} - postInitSQL: - {{- range $v := $postInitSQL }} - - {{ tpl $v $rootCtx | quote }} - {{- end -}} - {{- end -}} - {{- if $postInitTemplateSQL }} - postInitTemplateSQL: - {{- range $v := $postInitTemplateSQL }} - - {{ tpl $v $rootCtx | quote }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/cnpg/cluster/_validation.tpl b/charts/baikal/charts/common/templates/lib/cnpg/cluster/_validation.tpl deleted file mode 100644 index b0ea878..0000000 --- a/charts/baikal/charts/common/templates/lib/cnpg/cluster/_validation.tpl +++ /dev/null @@ -1,146 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.cluster.validation" -}} - {{- $objectData := .objectData -}} - - {{- $requiredKeys := (list "database" "user" "password") -}} - {{- range $key := $requiredKeys -}} - {{- if not (get $objectData $key) -}} - {{- fail (printf "CNPG - Expected a non-empty [%s] key" $key) -}} - {{- end -}} - {{- end -}} - - {{/* Kinda imposibble to happen, as we explicitly set it to string on the spawner */}} - {{- if not (kindIs "string" $objectData.pgVersion) -}} - {{/* We must ensure that this is a string, as it is used in image selector that require a string */}} - {{- fail (printf "CNPG - Expected [pgVersion] to be a string, but got [%s]" (kindOf $objectData.pgVersion)) -}} - {{- end -}} - - {{- $validVersions := (list "15" "16") -}} - {{- if not (mustHas $objectData.pgVersion $validVersions) -}} - {{- fail (printf "CNPG - Expected [pgVersion] to be one of [%s], but got [%s]" (join ", " $validVersions) $objectData.pgVersion) -}} - {{- end -}} - - {{- if (hasKey $objectData "hibernate") -}} - {{- if not (kindIs "bool" $objectData.hibernate) -}} - {{- fail (printf "CNPG - Expected [hibernate] to be a boolean, but got [%s]" (kindOf $objectData.hibernate)) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $objectData "instances") -}} - {{- if lt ($objectData.instances | int) 1 -}} - {{- fail (printf "CNPG - Expected [instances] to be greater than 0, but got [%d]" ($objectData.instances | int)) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $objectData "mode") -}} - {{- $validModes := (list "standalone" "replica" "recovery") -}} - {{- if not (mustHas $objectData.mode $validModes) -}} - {{- fail (printf "CNPG Cluster - Expected [mode] to be one of [%s], but got [%s]" (join ", " $validModes) $objectData.mode) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $objectData "type") -}} - {{- $validTypes := (list "postgres" "postgis" "timescaledb" "vectors") -}} - {{- if not (mustHas $objectData.type $validTypes) -}} - {{- fail (printf "CNPG Cluster - Expected [type] to be one of [%s], but got [%s]" (join ", " $validTypes) $objectData.type) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $objectData "cluster") -}} - {{- if (hasKey $objectData.cluster "logLevel") -}} - {{- $validLevels := (list "error" "warning" "info" "debug" "trace") -}} - {{- if not (mustHas $objectData.cluster.logLevel $validLevels) -}} - {{- fail (printf "CNPG Cluster - Expected [cluster.logLevel] to be one of [%s], but got [%s]" (join ", " $validLevels) $objectData.cluster.logLevel) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $objectData.cluster "primaryUpdateStrategy") -}} - {{- $validStrategies := (list "supervised" "unsupervised") -}} - {{- if not (mustHas $objectData.cluster.primaryUpdateStrategy $validStrategies) -}} - {{- fail (printf "CNPG Cluster - Expected [cluster.primaryUpdateStrategy] to be one of [%s], but got [%s]" (join ", " $validStrategies) $objectData.cluster.primaryUpdateStrategy) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $objectData.cluster "primaryUpdateMethod") -}} - {{- $validMethods := (list "switchover" "restart") -}} - {{- if not (mustHas $objectData.cluster.primaryUpdateMethod $validMethods) -}} - {{- fail (printf "CNPG Cluster - Expected [cluster.primaryUpdateMethod] to be one of [%s], but got [%s]" (join ", " $validMethods) $objectData.cluster.primaryUpdateMethod) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $objectData.cluster "initdb") -}} - {{- with $objectData.cluster.initdb.walSegmentSize -}} - {{- if not (mustHas (kindOf .) (list "int" "int64" "float64")) -}} - {{- fail (printf "CNPG Cluster - Expected [cluster.initdb.walSegmentSize] to be an integer, but got [%s]" (kindOf .)) -}} - {{- end -}} - {{- if or (lt (. | int) 1) (gt (. | int) 1024) -}} - {{- fail (printf "CNPG Cluster - Expected [cluster.initdb.walSegmentSize] to be between 1 and 1024, but got [%d]" (. | int)) -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if eq $objectData.mode "recovery" -}} - {{- if not $objectData.recovery -}} - {{- fail "CNPG Recovery - Expected a non-empty [recovery] key" -}} - {{- end -}} - - {{- $validMethods := (list "backup" "object_store" "pg_basebackup") -}} - {{- if not (mustHas $objectData.recovery.method $validMethods) -}} - {{- fail (printf "CNPG Recovery - Expected [recovery.method] to be one of [%s], but got [%s]" (join ", " $validMethods) $objectData.recovery.method) -}} - {{- end -}} - {{- if eq $objectData.recovery.method "backup" -}} - {{- if not $objectData.recovery.backupName -}} - {{- fail "CNPG Recovery - Expected a non-empty [recovery.backupName] key" -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if and $objectData.recovery $objectData.recovery.revision -}} - {{- if not (kindIs "string" $objectData.recovery.revision) -}} - {{- fail (printf "CNPG Recovery - Expected [recovery.revision] to be a string, got [%s]" (kindOf $objectData.recovery.revision)) -}} - {{- end -}} - {{- end -}} - - {{- if and $objectData.backups $objectData.backups.revision -}} - {{- if not (kindIs "string" $objectData.backups.revision) -}} - {{- fail (printf "CNPG Backup - Expected [backups.revision] to be a string, got [%s]" (kindOf $objectData.backups.revision)) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $objectData "backups") -}} - {{- if and $objectData.backups.enabled $objectData.backups.target -}} - {{- $validTargets := (list "primary" "prefer-standby") -}} - {{- if not (mustHas $objectData.backups.target $validTargets) -}} - {{- fail (printf "CNPG Backup - Expected [backups.target] to be one of [%s], but got [%s]" (join ", " $validTargets) $objectData.backups.target) -}} - {{- end -}} - - {{- $regexPolicy := "^[1-9][0-9]*[dwm]$" -}} {{/* Copied from upstream */}} - {{- if not (mustRegexMatch $regexPolicy $objectData.backups.retentionPolicy) -}} - {{- fail (printf "CNPG Backup - Expected [backups.retentionPolicy] to match regex [%s], got [%s]" $regexPolicy $objectData.backups.retentionPolicy) -}} - {{- end -}} - - {{- if eq $objectData.mode "recovery" -}} - {{- $serverNameBackup := $objectData.backups.serverName | default $objectData.clusterName -}} - {{- $serverNameRecovery := $objectData.recovery.serverName | default $objectData.clusterName -}} - - {{- if $objectData.backups.revision -}} - {{- $serverNameBackup = printf "%s-r%s" $serverNameBackup $objectData.backups.revision -}} - {{- end -}} - - {{- if $objectData.recovery.revision -}} - {{- $serverNameRecovery = printf "%s-r%s" $serverNameRecovery $objectData.recovery.revision -}} - {{- end -}} - - {{- if eq $serverNameBackup $serverNameRecovery -}} - {{- if $objectData.backups.serverName -}} - {{- fail (printf "CNPG Backup/Recovery - [backups.serverName] and [backups.revision] cannot match [recovery.serverName] and [recovery.revision] when in recovery mode and backup is enabled, for CNPG cluster [%s]" $objectData.clusterName) -}} - {{- else -}} - {{- fail (printf "CNPG Backup/Recovery - [backups.revision] cannot match [recovery.revision] when in recovery mode and backup is enabled, for CNPG cluster [%s]" $objectData.clusterName) -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/cnpg/pooler/_spawner.tpl b/charts/baikal/charts/common/templates/lib/cnpg/pooler/_spawner.tpl deleted file mode 100644 index e081487..0000000 --- a/charts/baikal/charts/common/templates/lib/cnpg/pooler/_spawner.tpl +++ /dev/null @@ -1,41 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.spawner.pooler" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not (hasKey $objectData "pooler") -}} - {{- $_ := set $objectData "pooler" dict -}} - {{- end -}} - - {{- $monitoring := false -}} - {{- if (hasKey $objectData "monitoring") -}} - {{- if (kindIs "bool" $objectData.monitoring.enablePodMonitor) -}} - {{- $monitoring := $objectData.monitoring.enablePodMonitor -}} - {{- end -}} - {{- end -}} - - {{- $_ := set $objectData.pooler "type" "rw" -}} - {{/* Validate Pooler */}} - {{- include "tc.v1.common.lib.cnpg.pooler.validation" (dict "objectData" $objectData) -}} - - {{/* Create the RW Pooler object */}} - {{- include "tc.v1.common.class.cnpg.pooler" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - - {{- if $monitoring -}} {{/* TODO: Unit tests for Pooler Metrics */}} - {{- $poolerMetrics := include "tc.v1.common.lib.cnpg.metrics.pooler" (dict "poolerName" (printf "%s-rw" $objectData.name)) | fromYaml -}} - {{- $_ := set $.Values.metrics (printf "cnpg-%s-rw" $objectData.shortName) $poolerMetrics -}} - {{- end -}} - - {{- if $objectData.pooler.createRO -}} - {{- $_ := set $objectData.pooler "type" "ro" -}} - - {{/* Validate Pooler */}} - {{- include "tc.v1.common.lib.cnpg.pooler.validation" (dict "objectData" $objectData) -}} - {{/* Create the RO Pooler object */}} - {{- include "tc.v1.common.class.cnpg.pooler" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - - {{- if $monitoring -}} {{/* TODO: Unit tests for Pooler Metrics */}} - {{- $poolerMetrics := include "tc.v1.common.lib.cnpg.metrics.pooler" (dict "poolerName" (printf "%s-rw" $objectData.name)) | fromYaml -}} - {{- $_ := set $.Values.metrics (printf "cnpg-%s-ro" $objectData.shortName) $poolerMetrics -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/cnpg/pooler/_validation.tpl b/charts/baikal/charts/common/templates/lib/cnpg/pooler/_validation.tpl deleted file mode 100644 index b590318..0000000 --- a/charts/baikal/charts/common/templates/lib/cnpg/pooler/_validation.tpl +++ /dev/null @@ -1,21 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.pooler.validation" -}} - {{- $objectData := .objectData -}} - - {{- $validTypes := (list "rw" "ro") -}} - {{- if not (mustHas $objectData.pooler.type $validTypes) -}} - {{- fail (printf "CNPG Pooler - Expected [type] to be one one of [%s], but got [%s]" (join ", " $validTypes) $objectData.pooler.type) -}} - {{- end -}} - - {{- if (hasKey $objectData.pooler "instances") -}} - {{- if lt ($objectData.pooler.instances | int) 1 -}} - {{- fail (printf "CNPG Pooler - Expected [instances] to be greater than 0, but got [%d]" ($objectData.instances | int)) -}} - {{- end -}} - {{- end -}} - - {{- $validPgModes := (list "session" "transaction") -}} - {{- if $objectData.pooler.poolMode -}} - {{- if not (mustHas $objectData.pooler.poolMode $validPgModes) -}} - {{- fail (printf "CNPG Pooler - Expected [poolMode] to be one of [%s], but got [%s]" (join ", " $validPgModes) $objectData.pooler.poolMode) -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/cnpg/providers/_providerSecretSpawner.tpl b/charts/baikal/charts/common/templates/lib/cnpg/providers/_providerSecretSpawner.tpl deleted file mode 100644 index 3e2db80..0000000 --- a/charts/baikal/charts/common/templates/lib/cnpg/providers/_providerSecretSpawner.tpl +++ /dev/null @@ -1,33 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.provider.secret.spawner" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $type := .type -}} - - {{- if not $type -}} - {{- fail "CNPG Provider Secret Spawner - No [type] was given" -}} - {{- end -}} - - {{- $provider := "" -}} - {{- $creds := dict -}} - {{- if eq $type "backup" -}} - {{- if not $objectData.backups.credentials -}} - {{- fail "CNPG Recovery Provider Secret Spawner - Expected [backups.credentials] to be defined on [backup] mode" -}} - {{- end -}} - {{/* Get the creds defined in backup.$provider */}} - {{- $creds = (get $rootCtx.Values.credentials $objectData.backups.credentials) -}} - {{- include "tc.v1.common.lib.credentials.validation" (dict "rootCtx" $rootCtx "caller" "CNPG Backup" "credName" $objectData.backups.credentials) -}} - {{- $provider = $creds.type -}} - {{- else if eq $type "recovery" -}} - {{- if not $objectData.recovery.credentials -}} - {{- fail "CNPG Recovery Provider Secret Spawner - Expected [recovery.credentials] to be defined on [recovery] mode" -}} - {{- end -}} - {{/* Get the creds defined in recovery.$provider */}} - {{- $creds = (get $rootCtx.Values.credentials $objectData.recovery.credentials) -}} - {{- include "tc.v1.common.lib.credentials.validation" (dict "rootCtx" $rootCtx "caller" "CNPG Backup" "credName" $objectData.recovery.credentials) -}} - {{- $provider = $creds.type -}} - {{- end -}} - - {{- with (include (printf "tc.v1.common.lib.cnpg.provider.%s.secret" $provider) (dict "creds" $creds) | fromYaml) -}} - {{- $_ := set $rootCtx.Values.secret (printf "cnpg-%s-provider-%s-%s-creds" $objectData.shortName $type $provider) . -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/cnpg/providers/_s3.tpl b/charts/baikal/charts/common/templates/lib/cnpg/providers/_s3.tpl deleted file mode 100644 index 34f51d2..0000000 --- a/charts/baikal/charts/common/templates/lib/cnpg/providers/_s3.tpl +++ /dev/null @@ -1,7 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.provider.s3.secret" -}} -{{- $creds := .creds }} -enabled: true -data: - ACCESS_KEY_ID: {{ $creds.accessKey | default "" | quote }} - ACCESS_SECRET_KEY: {{ $creds.secretKey | default "" | quote }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/cnpg/scheduledBackup/_spawner.tpl b/charts/baikal/charts/common/templates/lib/cnpg/scheduledBackup/_spawner.tpl deleted file mode 100644 index 9688241..0000000 --- a/charts/baikal/charts/common/templates/lib/cnpg/scheduledBackup/_spawner.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.spawner.scheduledBackups" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- range $schedBackup := $objectData.backups.scheduledBackups -}} - {{- $_ := set $objectData "backupName" $schedBackup.name -}} - {{- $_ := set $objectData "backupLabels" $schedBackup.labels -}} - {{- $_ := set $objectData "backupAnnotations" $schedBackup.annotations -}} - - {{/* Make a copy of the objectData */}} - {{- $newObjectData := mustDeepCopy $objectData -}} - {{/* Add the scheduled backup data */}} - {{- $_ := set $newObjectData "schedData" $schedBackup -}} - - {{- include "tc.v1.common.lib.cnpg.scheduledBackup.validation" (dict "objectData" $newObjectData) }} - {{- include "tc.v1.common.class.cnpg.scheduledbackup" (dict "rootCtx" $rootCtx "objectData" $newObjectData) -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/cnpg/scheduledBackup/_validation.tpl b/charts/baikal/charts/common/templates/lib/cnpg/scheduledBackup/_validation.tpl deleted file mode 100644 index 8138b86..0000000 --- a/charts/baikal/charts/common/templates/lib/cnpg/scheduledBackup/_validation.tpl +++ /dev/null @@ -1,30 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.scheduledBackup.validation" -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.backupName -}} - {{- fail "CNPG Scheduled Backup - Expected non-empty [name] in [backups.scheduledBackups] entry" -}} - {{- end -}} - - {{- if not $objectData.schedData.schedule -}} - {{- fail "CNPG Scheduled Backup - Expected non-empty [schedule] in [backups.scheduledBackups] entry" -}} - {{- end -}} - - {{- if (hasKey $objectData.schedData "backupOwnerReference") -}} - {{- $validOwnerRefs := (list "none" "self" "cluster") -}} - {{- if not (mustHas $objectData.schedData.backupOwnerReference $validOwnerRefs) -}} - {{- fail (printf "CNPG Scheduled Backup - Expected [backupOwnerReference] in [backups.scheduledBackups] entry to be one of [%s], but got [%s]" (join ", " $validOwnerRefs) $objectData.schedData.backupOwnerReference) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $objectData.schedData "immediate") -}} - {{- if not (kindIs "bool" $objectData.schedData.immediate) -}} - {{- fail (printf "CNPG Scheduled Backup - Expected [immediate] in [backups.scheduledBackups] entry to be a boolean, but got [%s]" (kindOf $objectData.schedData.immediate)) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $objectData.schedData "suspend") -}} - {{- if not (kindIs "bool" $objectData.schedData.suspend) -}} - {{- fail (printf "CNPG Scheduled Backup - Expected [suspend] in [backups.scheduledBackups] entry to be a boolean, but got [%s]" (kindOf $objectData.schedData.suspend)) -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/configmap/_validation.tpl b/charts/baikal/charts/common/templates/lib/configmap/_validation.tpl deleted file mode 100644 index e7d09c0..0000000 --- a/charts/baikal/charts/common/templates/lib/configmap/_validation.tpl +++ /dev/null @@ -1,21 +0,0 @@ -{{/* Configmap Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.configmap.validation" (dict "objectData" $objectData) -}} -objectData: - labels: The labels of the configmap. - annotations: The annotations of the configmap. - data: The data of the configmap. -*/}} - -{{- define "tc.v1.common.lib.configmap.validation" -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.data -}} - {{- fail "ConfigMap - Expected non-empty [data]" -}} - {{- end -}} - - {{- if not (kindIs "map" $objectData.data) -}} - {{- fail (printf "ConfigMap - Expected [data] to be a dictionary, but got [%v]" (kindOf $objectData.data)) -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/container/_args.tpl b/charts/baikal/charts/common/templates/lib/container/_args.tpl deleted file mode 100644 index afe3825..0000000 --- a/charts/baikal/charts/common/templates/lib/container/_args.tpl +++ /dev/null @@ -1,22 +0,0 @@ -{{/* Returns args list */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.args" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.args" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- range $key := (list "args" "extraArgs") -}} - {{- with (get $objectData $key) -}} - {{- if kindIs "string" . }} -- {{ tpl . $rootCtx | quote }} - {{- else if kindIs "slice" . -}} - {{- range $arg := . }} -- {{ tpl $arg $rootCtx | quote }} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/container/_command.tpl b/charts/baikal/charts/common/templates/lib/container/_command.tpl deleted file mode 100644 index 1a83eb8..0000000 --- a/charts/baikal/charts/common/templates/lib/container/_command.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{/* Returns command list */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.command" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.command" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if kindIs "string" $objectData.command }} -- {{ tpl $objectData.command $rootCtx | quote }} - {{- else if kindIs "slice" $objectData.command -}} - {{- range $objectData.command }} -- {{ tpl . $rootCtx | quote }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/container/_env.tpl b/charts/baikal/charts/common/templates/lib/container/_env.tpl deleted file mode 100644 index 01233a5..0000000 --- a/charts/baikal/charts/common/templates/lib/container/_env.tpl +++ /dev/null @@ -1,93 +0,0 @@ -{{/* Returns Env */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.env" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.env" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- range $k, $v := $objectData.env -}} - {{- include "tc.v1.common.helper.container.envDupeCheck" (dict "rootCtx" $rootCtx "objectData" $objectData "source" "env" "key" $k) }} -- name: {{ $k | quote }} - {{- if not (kindIs "map" $v) -}} - {{- $value := "" -}} - {{- if not (kindIs "invalid" $v) -}} {{/* Only tpl non-empty values */}} - {{- $value = $v -}} - {{- if kindIs "string" $v -}} - {{- $value = tpl $v $rootCtx -}} - {{- end -}} - {{- end }} - value: {{ include "tc.v1.common.helper.makeIntOrNoop" $value | quote }} - {{- else if kindIs "map" $v }} - valueFrom: - {{- $refs := (list "configMapKeyRef" "secretKeyRef" "fieldRef") -}} - {{- if or (ne (len ($v | keys)) 1) (not (mustHas ($v | keys | first) $refs)) -}} - {{- fail (printf "Container - Expected [env] with a ref to have one of [%s], but got [%s]" (join ", " $refs) (join ", " ($v | keys | sortAlpha))) -}} - {{- end -}} - - {{- $name := "" -}} - - - {{- range $key := (list "configMapKeyRef" "secretKeyRef") -}} - {{- if hasKey $v $key }} - {{ $key }}: - {{- $obj := get $v $key -}} - {{- if not $obj.name -}} - {{- fail (printf "Container - Expected non-empty [env.%s.name]" $key) -}} - {{- end -}} - - {{- if not $obj.key -}} - {{- fail (printf "Container - Expected non-empty [env.%s.key]" $key) -}} - {{- end }} - key: {{ $obj.key | quote }} - - {{- $name = tpl $obj.name $rootCtx -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $rootCtx "objectData" $obj - "name" $k "caller" "Container" - "key" "env")) -}} - - {{- if eq $expandName "true" -}} - {{- $item := ($key | trimSuffix "KeyRef" | lower) -}} - - {{- $data := (get $rootCtx.Values $item) -}} - {{- $data = (get $data $name) -}} - - {{- if not $data -}} - {{- fail (printf "Container - Expected in [env] the referenced %s [%s] to be defined" ($item | camelcase | title) $name) -}} - {{- end -}} - - {{- $found := false -}} - {{- range $k, $v := $data.data -}} - {{- if eq $k $obj.key -}} - {{- $found = true -}} - {{- end -}} - {{- end -}} - - {{- if not $found -}} - {{- fail (printf "Container - Expected in [env] the referenced key [%s] in %s [%s] to be defined" $obj.key ($item | camelcase | title) $name) -}} - {{- end -}} - - {{- $name = (printf "%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $name) -}} - {{- end }} - name: {{ $name | quote }} - {{- end -}} - {{- end -}} - - {{- if hasKey $v "fieldRef" }} - fieldRef: - {{- if not $v.fieldRef.fieldPath -}} - {{- fail "Container - Expected non-empty [env.fieldRef.fieldPath]" -}} - {{- end }} - fieldPath: {{ $v.fieldRef.fieldPath | quote }} - {{- if $v.fieldRef.apiVersion }} - apiVersion: {{ $v.fieldRef.apiVersion | quote }} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/container/_envFrom.tpl b/charts/baikal/charts/common/templates/lib/container/_envFrom.tpl deleted file mode 100644 index 213e0fd..0000000 --- a/charts/baikal/charts/common/templates/lib/container/_envFrom.tpl +++ /dev/null @@ -1,59 +0,0 @@ -{{/* Returns Env From */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.envFrom" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.envFrom" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $refs := (list "configMapRef" "secretRef") -}} - {{- range $envFrom := $objectData.envFrom -}} - {{- if and (not $envFrom.secretRef) (not $envFrom.configMapRef) -}} - {{- fail (printf "Container - Expected [envFrom] entry to have one of [%s]" (join ", " $refs)) -}} - {{- end -}} - - {{- if and $envFrom.secretRef $envFrom.configMapRef -}} - {{- fail (printf "Container - Expected [envFrom] entry to have only one of [%s], but got both" (join ", " $refs)) -}} - {{- end -}} - - {{- range $ref := $refs -}} - {{- with (get $envFrom $ref) -}} - {{- if not .name -}} - {{- fail (printf "Container - Expected non-empty [envFrom.%s.name]" $ref) -}} - {{- end -}} - - {{- $objectName := tpl .name $rootCtx -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $rootCtx "objectData" . - "name" $ref "caller" "Container" - "key" "envFrom")) -}} - - {{- if eq $expandName "true" -}} - {{- $object := dict -}} - {{- $source := "" -}} - {{- if eq $ref "configMapRef" -}} - {{- $object = (get $rootCtx.Values.configmap $objectName) -}} - {{- $source = "ConfigMap" -}} - {{- else if eq $ref "secretRef" -}} - {{- $object = (get $rootCtx.Values.secret $objectName) -}} - {{- $source = "Secret" -}} - {{- end -}} - - {{- if not $object -}} - {{- fail (printf "Container - Expected %s [%s] defined in [envFrom] to exist" $source $objectName) -}} - {{- end -}} - {{- range $k, $v := $object.data -}} - {{- include "tc.v1.common.helper.container.envDupeCheck" (dict "rootCtx" $rootCtx "objectData" $objectData "source" (printf "%s - %s" $source $objectName) "key" $k) -}} - {{- end -}} - - {{- $objectName = (printf "%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $objectName) -}} - {{- end }} -- {{ $ref }}: - name: {{ $objectName | quote }} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/container/_envList.tpl b/charts/baikal/charts/common/templates/lib/container/_envList.tpl deleted file mode 100644 index df491a4..0000000 --- a/charts/baikal/charts/common/templates/lib/container/_envList.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{/* Returns Env List */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.envList" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.envList" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- range $env := $objectData.envList -}} - {{- if not $env.name -}} - {{- fail "Container - Expected non-empty [envList.name]" -}} - {{- end -}} {{/* Empty value is valid */}} - {{- include "tc.v1.common.helper.container.envDupeCheck" (dict "rootCtx" $rootCtx "objectData" $objectData "source" "envList" "key" $env.name) -}} - {{- $value := $env.value -}} - {{- if kindIs "string" $env.value -}} - {{- $value = tpl $env.value $rootCtx -}} - {{- end }} -- name: {{ $env.name | quote }} - value: {{ include "tc.v1.common.helper.makeIntOrNoop" $value | quote }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/container/_fixedEnv.tpl b/charts/baikal/charts/common/templates/lib/container/_fixedEnv.tpl deleted file mode 100644 index a25887e..0000000 --- a/charts/baikal/charts/common/templates/lib/container/_fixedEnv.tpl +++ /dev/null @@ -1,97 +0,0 @@ -{{/* Returns Fixed Env */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.fixedEnv" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.fixedEnv" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{/* Avoid nil pointers */}} - {{- if not (hasKey $objectData "fixedEnv") -}} - {{- $_ := set $objectData "fixedEnv" dict -}} - {{- end -}} - - {{- $nvidiaCaps := $rootCtx.Values.containerOptions.NVIDIA_CAPS -}} - - {{- if $objectData.fixedEnv.NVIDIA_CAPS -}} - {{- $nvidiaCaps = $objectData.fixedEnv.NVIDIA_CAPS -}} - {{- end -}} - - {{- if not (deepEqual $nvidiaCaps (mustUniq $nvidiaCaps)) -}} - {{- fail (printf "Container - Expected [fixedEnv.NVIDIA_CAPS] to have only unique values, but got [%s]" (join ", " $nvidiaCaps)) -}} - {{- end -}} - - {{- $caps := (list "all" "compute" "utility" "graphics" "video") -}} - {{- range $cap := $nvidiaCaps -}} - {{- if not (mustHas $cap $caps) -}} - {{- fail (printf "Container - Expected [fixedEnv.NVIDIA_CAPS] entry to be one of [%s], but got [%s]" (join ", " $caps) $cap) -}} - {{- end -}} - {{- end -}} - - {{- $secContext := fromJson (include "tc.v1.common.lib.container.securityContext.calculate" (dict "rootCtx" $rootCtx "objectData" $objectData)) -}} - - {{- $fixed := list -}} - {{- $TZ := $objectData.fixedEnv.TZ | default $rootCtx.Values.TZ -}} - {{- $UMASK := $objectData.fixedEnv.UMASK | default $rootCtx.Values.securityContext.container.UMASK -}} - {{- $PUID := $objectData.fixedEnv.PUID | default $rootCtx.Values.securityContext.container.PUID -}} - {{- if and (not (kindIs "invalid" $objectData.fixedEnv.PUID)) (eq (int $objectData.fixedEnv.PUID) 0) -}} - {{- $PUID = $objectData.fixedEnv.PUID -}} - {{- end -}} - {{/* calculatedFSGroup is passed from the pod */}} - {{- $PGID := $objectData.calculatedFSGroup -}} - - {{- $fixed = mustAppend $fixed (dict "k" "TZ" "v" $TZ) -}} - {{- $fixed = mustAppend $fixed (dict "k" "UMASK" "v" $UMASK) -}} - {{- $fixed = mustAppend $fixed (dict "k" "UMASK_SET" "v" $UMASK) -}} - - {{- $nvidia := false -}} - {{- if eq (include "tc.v1.common.lib.container.resources.hasGPU" (dict "rootCtx" $rootCtx "objectData" $objectData "gpuType" "nvidia.com/gpu")) "true" -}} - {{- $nvidia = true -}} - {{- end -}} - - {{- if and ($rootCtx.Values.resources) ($rootCtx.Values.resources.limits) -}} - {{- range $k, $v := $rootCtx.Values.resources.limits -}} - {{- if and (eq $k "nvidia.com/gpu") (gt ($v | int) 0) -}} - {{- $nvidia = true -}} - {{- break -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if and ($objectData.resources) ($objectData.resources.limits) -}} - {{- range $k, $v := $objectData.resources.limits -}} - {{- if and (eq $k "nvidia.com/gpu") (gt ($v | int) 0) -}} - {{- $nvidia = true -}} - {{- break -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if $nvidia -}} - {{- $fixed = mustAppend $fixed (dict "k" "NVIDIA_DRIVER_CAPABILITIES" "v" (join "," $nvidiaCaps)) -}} - {{- else -}} - {{- $fixed = mustAppend $fixed (dict "k" "NVIDIA_VISIBLE_DEVICES" "v" "void") -}} - {{- end -}} - - {{/* If running as root and PUID is set (0 or greater), set related envs */}} - {{- if and (or (eq (int $secContext.runAsUser) 0) (eq (int $secContext.runAsGroup) 0)) (ge (int $PUID) 0) -}} - {{- $fixed = mustAppend $fixed (dict "k" "PUID" "v" $PUID) -}} - {{- $fixed = mustAppend $fixed (dict "k" "USER_ID" "v" $PUID) -}} - {{- $fixed = mustAppend $fixed (dict "k" "UID" "v" $PUID) -}} - {{- $fixed = mustAppend $fixed (dict "k" "PGID" "v" $PGID) -}} - {{- $fixed = mustAppend $fixed (dict "k" "GROUP_ID" "v" $PGID) -}} - {{- $fixed = mustAppend $fixed (dict "k" "GID" "v" $PGID) -}} - {{- end -}} - {{/* If rootFS is readOnly OR does not as root, let s6 containers to know that fs is readonly */}} - {{- if or $secContext.readOnlyRootFilesystem $secContext.runAsNonRoot -}} - {{- $fixed = mustAppend $fixed (dict "k" "S6_READ_ONLY_ROOT" "v" "1") -}} - {{- end -}} - - {{- range $env := $fixed -}} - {{- include "tc.v1.common.helper.container.envDupeCheck" (dict "rootCtx" $rootCtx "objectData" $objectData "source" "fixedEnv" "key" $env.k) }} -- name: {{ $env.k | quote }} - value: {{ (include "tc.v1.common.helper.makeIntOrNoop" $env.v) | quote }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/container/_imageSelector.tpl b/charts/baikal/charts/common/templates/lib/container/_imageSelector.tpl deleted file mode 100644 index 8308841..0000000 --- a/charts/baikal/charts/common/templates/lib/container/_imageSelector.tpl +++ /dev/null @@ -1,42 +0,0 @@ -{{/* Returns the image dictionary */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.imageSelector" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.imageSelector" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $imageObj := dict -}} - - {{- $selector := "image" -}} - {{- with $objectData.imageSelector -}} - {{- $selector = tpl . $rootCtx -}} - {{- end -}} - - {{- if hasKey $rootCtx.Values $selector -}} - {{- $imageObj = get $rootCtx.Values $selector -}} - {{- else -}} - {{- fail (printf "Container - Expected [.Values.%s] to exist" $selector) -}} - {{- end -}} - - {{- if not $imageObj.repository -}} - {{- fail (printf "Container - Expected non-empty [.Values.%s.repository]" $selector) -}} - {{- end -}} - - {{- if not $imageObj.tag -}} - {{- fail (printf "Container - Expected non-empty [.Values.%s.tag]" $selector) -}} - {{- end -}} - - {{- if not $imageObj.pullPolicy -}} - {{- $_ := set $imageObj "pullPolicy" "IfNotPresent" -}} - {{- end -}} - - {{- $policies := (list "IfNotPresent" "Always" "Never") -}} - {{- if not (mustHas $imageObj.pullPolicy $policies) -}} - {{- fail (printf "Container - Expected [.Values.%s.pullPolicy] to be one of [%s], but got [%s]" $selector (join ", " $policies) $imageObj.pullPolicy) -}} - {{- end -}} - - {{- $imageObj | toJson -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/container/_lifecycle.tpl b/charts/baikal/charts/common/templates/lib/container/_lifecycle.tpl deleted file mode 100644 index 2e2e9b9..0000000 --- a/charts/baikal/charts/common/templates/lib/container/_lifecycle.tpl +++ /dev/null @@ -1,37 +0,0 @@ -{{/* Returns lifecycle */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.lifecycle" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.lifecycle" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $hooks := (list "preStop" "postStart") -}} - {{- $types := (list "exec" "http" "https") -}} - {{- with $objectData.lifecycle -}} - {{- range $hook, $hookValues := . -}} - {{- if not (mustHas $hook $hooks) -}} - {{- fail (printf "Container - Expected [lifecycle] [hook] to be one of [%s], but got [%s]" (join ", " $hooks) $hook) -}} - {{- end -}} - - {{- if not $hookValues.type -}} - {{- fail "Container - Expected non-empty [lifecycle] [type]" -}} - {{- end -}} - - {{- if not (mustHas $hookValues.type $types) -}} - {{- fail (printf "Container - Expected [lifecycle] [type] to be one of [%s], but got [%s]" (join ", " $types) $hookValues.type) -}} - {{- end }} -{{ $hook }}: - {{- if eq $hookValues.type "exec" -}} - {{- include "tc.v1.common.lib.container.actions.exec" (dict "rootCtx" $rootCtx "objectData" $hookValues "caller" "lifecycle") | trim | nindent 2 -}} - {{- else if mustHas $hookValues.type (list "http" "https") -}} - {{- include "tc.v1.common.lib.container.actions.httpGet" (dict "rootCtx" $rootCtx "objectData" $hookValues "caller" "lifecycle") | trim | nindent 2 -}} - {{- end -}} - - {{- end -}} - {{- end -}} - - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/container/_ports.tpl b/charts/baikal/charts/common/templates/lib/container/_ports.tpl deleted file mode 100644 index 932fe27..0000000 --- a/charts/baikal/charts/common/templates/lib/container/_ports.tpl +++ /dev/null @@ -1,132 +0,0 @@ -{{/* Returns ports list */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.ports" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.ports" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $portsByName := dict -}} - - {{- range $serviceName, $serviceValues := $rootCtx.Values.service -}} - {{- $podSelected := false -}} - {{/* If service is enabled... */}} - {{- if $serviceValues.enabled -}} - - {{/* If there is a selector */}} - {{- if $serviceValues.targetSelector -}} - - {{/* And pod is selected */}} - {{- if eq $serviceValues.targetSelector $objectData.podShortName -}} - {{- $podSelected = true -}} - {{- end -}} - - {{- else -}} - {{/* If no selector is defined but pod is primary */}} - {{- if $objectData.podPrimary -}} - {{- $podSelected = true -}} - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- if $podSelected -}} - {{- range $portName, $portValues := $serviceValues.ports -}} - {{- $containerSelected := false -}} - - {{/* If service is enabled... */}} - {{- if $portValues.enabled -}} - {{/* If there is a selector */}} - {{- if $portValues.targetSelector -}} - - {{/* And container is selected */}} - {{- if eq $portValues.targetSelector $objectData.shortName -}} - {{- $containerSelected = true -}} - {{- end -}} - - {{- else -}} - {{/* If no selector is defined but container is primary */}} - {{- if $objectData.primary -}} - {{- $containerSelected = true -}} - {{- end -}} - - {{- end -}} - {{- end -}} - - {{/* If the container is selected render port */}} - {{- if $containerSelected -}} - {{- $containerPort := $portValues.targetPort | default $portValues.port -}} - {{- if kindIs "string" $containerPort -}} - {{- $containerPort = (tpl $containerPort $rootCtx) -}} - {{- end -}} - - {{- $tcpProtocols := (list "tcp" "http" "https") -}} - {{- $protocol := tpl ($portValues.protocol | default $rootCtx.Values.global.fallbackDefaults.serviceProtocol) $rootCtx -}} - {{- if mustHas $protocol $tcpProtocols -}} - {{- $protocol = "tcp" -}} - {{- end }} -- name: {{ $portName }} - containerPort: {{ $containerPort }} - protocol: {{ $protocol | upper }} - {{- with $portValues.hostPort }} - hostPort: {{ . }} - {{- else }} - hostPort: null - {{- end -}} - {{- $_ := set $portsByName $portName (dict "containerPort" (toString $containerPort) "serviceName" $serviceName) -}} - {{- end -}} - - {{- end -}} - {{- end -}} - {{- end -}} - - {{- include "tc.v1.common.lib.container.ports.detectSortingIssues" (dict "portsByName" $portsByName "rootCtx" $rootCtx) -}} - -{{- end -}} -{{/* Turning hostNetwork on, it creates hostPort automatically and turning it back off does not remove them. Setting hostPort explicitly to null will remove them. - There are still cases that hostPort is not removed, for example, if you have a TCP and UDP port with the same number. Only the TCPs hostPort will be removed. - Also note that setting hostPort to null always, it will NOT affect hostNetwork, as it will still create the hostPorts. - It only helps to remove them when hostNetwork is turned off. -*/}} - - -{{- define "tc.v1.common.lib.container.ports.detectSortingIssues" -}} - {{- $rootCtx := .rootCtx -}} - {{- $portsByName := .portsByName -}} - - {{- $portCounts := dict -}} - {{- range $name, $portValues := $portsByName -}} - {{- $count := 1 -}} - {{- $port := (get $portValues "containerPort") -}} - {{- if hasKey $portCounts $port -}} - {{- $count = add1 (get $portCounts $port) -}} - {{- end -}} - {{- $_ := set $portCounts $port $count -}} - {{- end -}} - - {{- $sorted := keys $portsByName | sortAlpha -}} - {{- range $idx, $name := $sorted -}} - {{- $portValues := (get $portsByName $name) -}} - {{- $port := $portValues.containerPort -}} - {{- if eq (get $portCounts $port) 1 -}} - {{- continue -}} - {{- end -}} - - {{- if lt $idx (sub (len $sorted) 1) -}} - {{- $nextPort := (get $portsByName (index $sorted (add1 $idx))).containerPort -}} - {{- if ne $port $nextPort -}} - {{- $portNamesUsingNum := list -}} - {{- range $name, $p := $portsByName -}} - {{- if eq $p.containerPort $port -}} - {{- $portNamesUsingNum = mustAppend $portNamesUsingNum $name -}} - {{- end -}} - {{- end -}} - {{- fail (printf "Port number [%s] is used by multiple ports [%s] in the service [%s] but their names are not adjacent when sorted alphabetically (Other ports in this container sorted: [%s]). This can cause issues with Kubernetes port updates." $port (join ", " $portNamesUsingNum) $portValues.serviceName (join ", " (keys $portsByName | sortAlpha))) -}} - {{- end -}} - {{- $_ := set $portCounts $port 1 -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/container/_primaryValidation.tpl b/charts/baikal/charts/common/templates/lib/container/_primaryValidation.tpl deleted file mode 100644 index 6928a78..0000000 --- a/charts/baikal/charts/common/templates/lib/container/_primaryValidation.tpl +++ /dev/null @@ -1,40 +0,0 @@ -{{/* Containers Basic Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.primaryValidation" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -*/}} -{{- define "tc.v1.common.lib.container.primaryValidation" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{/* Initialize values */}} - {{- $hasPrimary := false -}} - {{- $hasEnabled := false -}} - - {{/* Go over the contaienrs */}} - {{- range $name, $container := $objectData.podSpec.containers -}} - - {{/* If container is enabled */}} - {{- if $container.enabled -}} - {{- $hasEnabled = true -}} - - {{/* And container is primary */}} - {{- if and (hasKey $container "primary") ($container.primary) -}} - - {{/* Fail if there is already a primary container */}} - {{- if $hasPrimary -}} - {{- fail "Container - Only one container can be primary per workload" -}} - {{- end -}} - - {{- $hasPrimary = true -}} - - {{- end -}} - {{- end -}} - - {{- end -}} - - {{/* Require at least one primary container, if any enabled */}} - {{- if and $hasEnabled (not $hasPrimary) -}} - {{- fail "Container - At least one enabled container must be primary per workload" -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/container/_probes.tpl b/charts/baikal/charts/common/templates/lib/container/_probes.tpl deleted file mode 100644 index 53f0cfe..0000000 --- a/charts/baikal/charts/common/templates/lib/container/_probes.tpl +++ /dev/null @@ -1,105 +0,0 @@ -{{/* Returns Probes */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.probes" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.probes" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $probeNames := (list "liveness" "readiness" "startup") -}} - {{- $probeTypes := (list "http" "https" "tcp" "grpc" "exec") -}} - - {{- if not $objectData.probes -}} - {{- fail "Container - Expected non-empty [probes]" -}} - {{- end -}} - - {{- range $key := $probeNames -}} - {{- if not (get $objectData.probes $key) -}} - {{- fail (printf "Container - Expected [probes.%s] to be defined" $key) -}} - {{- end -}} - {{- end -}} - - {{- $probes := $objectData.probes -}} - {{- $diagMode := eq (include "tc.v1.common.lib.util.diagnosticMode" (dict "rootCtx" $rootCtx)) "true" -}} - {{- if $diagMode -}} - {{- $probes = dict -}} - {{- end -}} - - {{- range $probeName, $probe := $probes -}} - - {{- if not (mustHas $probeName $probeNames) -}} - {{- fail (printf "Container - Expected probe to be one of [%s], but got [%s]" (join ", " $probeNames) $probeName) -}} - {{- end -}} - - {{- $isEnabled := true -}} - {{- if kindIs "bool" $probe.enabled -}} - {{- $isEnabled = $probe.enabled -}} - {{- end -}} - - {{- if $isEnabled -}} - - {{- $probeType := $rootCtx.Values.global.fallbackDefaults.probeType -}} - - {{- with $probe.type -}} - {{- $probeType = tpl . $rootCtx -}} - {{- end -}} - - {{- if not (mustHas $probeType $probeTypes) -}} - {{- fail (printf "Container - Expected probe type to be one of [%s], but got [%s]" (join ", " $probeTypes) $probeType) -}} - {{- end }} -{{ $probeName }}Probe: - {{- if (mustHas $probeType (list "http" "https")) -}} - {{- include "tc.v1.common.lib.container.actions.httpGet" (dict "rootCtx" $rootCtx "objectData" $probe "caller" "probes") | trim | nindent 2 -}} - {{- else if eq $probeType "tcp" -}} - {{- include "tc.v1.common.lib.container.actions.tcpSocket" (dict "rootCtx" $rootCtx "objectData" $probe "caller" "probes") | trim | nindent 2 -}} - {{- else if eq $probeType "grpc" -}} - {{- include "tc.v1.common.lib.container.actions.grpc" (dict "rootCtx" $rootCtx "objectData" $probe "caller" "probes") | trim | nindent 2 -}} - {{- else if eq $probeType "exec" -}} - {{- include "tc.v1.common.lib.container.actions.exec" (dict "rootCtx" $rootCtx "objectData" $probe "caller" "probes") | trim | nindent 2 -}} - {{- end -}} - - {{- include "tc.v1.common.lib.container.probeTimeouts" (dict "rootCtx" $rootCtx "objectData" $probe "probeName" $probeName) | trim | nindent 2 -}} - - {{- end -}} - {{- end -}} -{{- end -}} - -{{/* Returns Probe Timeouts */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.probeTimeouts" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.probeTimeouts" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $probeName := .probeName -}} - - {{- $timeouts := mustDeepCopy (get $rootCtx.Values.global.fallbackDefaults.probeTimeouts $probeName) -}} - - {{- if $objectData.spec -}} {{/* Overwrite with defined timeouts */}} - {{- $timeouts = mustMergeOverwrite $timeouts $objectData.spec -}} - {{- end -}} - - {{- $keys := (list "initialDelaySeconds" "failureThreshold" "successThreshold" "timeoutSeconds" "periodSeconds") -}} - {{- range $key := $keys -}} - {{- $number := get $timeouts $key -}} - {{- if not (mustHas (kindOf $number) (list "float64" "int" "int64")) -}} - {{- fail (printf "Container - Expected [probes] [%s] to be a number, but got [%v]" $key $number) -}} - {{- end -}} - {{- end -}} - - {{- if mustHas $probeName (list "liveness" "startup") -}} - {{- if ne (int $timeouts.successThreshold) 1 -}} - {{- fail (printf "Container - Expected [probes] [successThreshold] to be 1 on [%s] probe" $probeName) -}} - {{- end -}} - {{- end }} - -initialDelaySeconds: {{ $timeouts.initialDelaySeconds }} -failureThreshold: {{ $timeouts.failureThreshold }} -successThreshold: {{ $timeouts.successThreshold }} -timeoutSeconds: {{ $timeouts.timeoutSeconds }} -periodSeconds: {{ $timeouts.periodSeconds }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/container/_resources.tpl b/charts/baikal/charts/common/templates/lib/container/_resources.tpl deleted file mode 100644 index 7bbdebf..0000000 --- a/charts/baikal/charts/common/templates/lib/container/_resources.tpl +++ /dev/null @@ -1,165 +0,0 @@ -{{/* Returns Resources */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.resources" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.resources" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $resources := mustDeepCopy $rootCtx.Values.resources -}} - - {{- if $objectData.resources -}} - {{- $resources = mustMergeOverwrite $resources $objectData.resources -}} - {{- end -}} - - {{/* We use the objectData instead of $resources, - as we only allow this flag on the container level */}} - {{- if not (hasKey $objectData "resources") -}} - {{- $_ := set $objectData "resources" dict -}} - {{- end -}} - {{- if not (hasKey $objectData.resources "excludeExtra") -}} - {{- $_ := set $objectData.resources "excludeExtra" false -}} - {{- end -}} - - {{- include "tc.v1.common.lib.container.resources.validation" (dict "resources" $resources) }} -requests: - cpu: {{ $resources.requests.cpu }} - memory: {{ $resources.requests.memory }} - {{- if $resources.limits }} -limits: - {{- with $resources.limits.cpu }} {{/* Passing 0, will not render it, meaning unlimited */}} - cpu: {{ . }} - {{- end -}} - {{- with $resources.limits.memory }} {{/* Passing 0, will not render it, meaning unlimited */}} - memory: {{ . }} - {{- end -}} - {{- if not $objectData.resources.excludeExtra -}} - {{- range $k, $v := (omit $resources.limits "cpu" "memory") }} {{/* Omit cpu and memory, as they are handled above */}} - {{- if or (not $v) (eq (toString $v) "0") -}} - {{- continue -}} - {{- end }} - {{ $k }}: {{ $v }} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} - - -{{- define "tc.v1.common.lib.resources.validation.data" -}} - {{/* CPU: https://regex101.com/r/D4HouI/1 */}} - {{/* MEM: https://regex101.com/r/NNPV2D/1 */}} - {{- $regex := (dict - "cpu" "^(0\\.[1-9]|[1-9][0-9]*)(\\.[0-9]|m?)$" - "memory" "^[1-9][0-9]*([EPTGMK]i?|e[0-9]+)?$" - ) -}} - - {{- $errorMsg := (dict - "cpu" "(Plain Integer - eg. 1), (Float - eg. 0.5), (Milicpu - eg. 500m)" - "memory" "(Suffixed with E/P/T/G/M/K - eg. 1G), (Suffixed with Ei/Pi/Ti/Gi/Mi/Ki - eg. 1Gi), (Plain Integer in bytes - eg. 1024), (Exponent - eg. 134e6)" - ) -}} - - {{- $data := (dict "regex" $regex "errorMsg" $errorMsg) -}} - - {{- $data | toJson -}} -{{- end -}} - -{{/* Validates resources to match a pattern */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.resources.validation" (dict "resources" $resources) }} -rootCtx: The root context of the chart. -resources: The resources object -*/}} -{{- define "tc.v1.common.lib.container.resources.validation" -}} - {{- $resources := .resources -}} - {{- $data := (include "tc.v1.common.lib.resources.validation.data" .) | fromJson -}} - {{- $regex := $data.regex -}} - {{- $errorMsg := $data.errorMsg -}} - - {{- $resourceTypes := (list "cpu" "memory") -}} - - {{- range $category := (list "requests") -}} {{/* We can also add "limits" here if we want to require them */}} - {{- if not (get $resources $category) -}} - {{- fail (printf "Container - Expected non-empty [resources.%s]" $category) -}} - {{- end -}} - - {{- range $type := $resourceTypes -}} - {{- if not (get (get $resources $category) $type) -}} - {{- fail (printf "Container - Expected non-empty [resources.%s.%s]" $category $type) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- range $key := (list "requests" "limits") -}} - {{- $resourceCategory := (get $resources $key) -}} - {{- if $resourceCategory -}} - - {{- range $type := $resourceTypes -}} - {{- $resourceValue := (get $resourceCategory $type) -}} - {{- if $resourceValue -}} {{/* Only try to match defined values */}} - {{- if not (mustRegexMatch (get $regex $type) (toString $resourceValue)) -}} - {{- fail (printf "Container - Expected [resources.%s.%s] to have one of the following formats [%s], but got [%s]" $key $type (get $errorMsg $type) $resourceValue) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.resources.hasGPU" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $gpuType := .gpuType -}} - - {{- $types := (list "nvidia.com/gpu" "amd.com/gpu" "gpu.intel.com/i915") -}} - {{- if $gpuType -}} - {{- $types = (list $gpuType) -}} - {{- end -}} - - {{- $gpu := false -}} - - {{- if and ($rootCtx.Values.resources) ($rootCtx.Values.resources.limits) -}} - {{- range $t := $types -}} - {{- if gt ((get $rootCtx.Values.resources.limits $t) | int) 0 -}} - {{- $gpu = true -}} - {{- break -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if $objectData.podSpec -}} - {{- range $k, $v := $objectData.podSpec.containers -}} - {{- if not $v.enabled -}} - {{- continue -}} - {{- end -}} - - {{- range $t := $types -}} - {{- if eq (include "tc.v1.common.lib.container.resources.hasGPU" (dict "rootCtx" $rootCtx "objectData" $v "gpuType" $t)) "true" -}} - {{- $gpu = true -}} - {{- break -}} - {{- end -}} - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- $gpu | toString -}} -{{- end -}} - -{{- define "tc.v1.common.lib.container.resources.hasGPU" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $gpuType := .gpuType -}} - - {{- $gpu := false -}} - - {{- if and ($objectData.resources) ($objectData.resources.limits) -}} - {{- if gt ((get $objectData.resources.limits $gpuType) | int) 0 -}} - {{- $gpu = true -}} - {{- end -}} - {{- end -}} - - {{- $gpu | toString -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/container/_securityContext.tpl b/charts/baikal/charts/common/templates/lib/container/_securityContext.tpl deleted file mode 100644 index d1af253..0000000 --- a/charts/baikal/charts/common/templates/lib/container/_securityContext.tpl +++ /dev/null @@ -1,185 +0,0 @@ -{{/* Returns Container Security Context */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.securityContext" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.securityContext" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{/* Initialize from the "global" options */}} - {{- $secContext := fromJson (include "tc.v1.common.lib.container.securityContext.calculate" (dict "rootCtx" $rootCtx "objectData" $objectData)) }} -runAsNonRoot: {{ $secContext.runAsNonRoot }} -runAsUser: {{ $secContext.runAsUser }} -runAsGroup: {{ $secContext.runAsGroup }} -readOnlyRootFilesystem: {{ $secContext.readOnlyRootFilesystem }} -allowPrivilegeEscalation: {{ $secContext.allowPrivilegeEscalation }} -privileged: {{ $secContext.privileged }} -seccompProfile: - type: {{ $secContext.seccompProfile.type }} - {{- if eq $secContext.seccompProfile.type "Localhost" }} - localhostProfile: {{ $secContext.seccompProfile.profile }} - {{- end }} -capabilities: - {{- if $secContext.capabilities.add }} - add: - {{- range $secContext.capabilities.add }} - - {{ . }} - {{- end -}} - {{- else }} - add: [] - {{- end -}} - {{- if $secContext.capabilities.drop }} - drop: - {{- range $secContext.capabilities.drop }} - - {{ . }} - {{- end -}} - {{- else }} - drop: [] - {{- end -}} -{{- end -}} - -{{/* Calculates Container Security Context */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.securityContext.calculate" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.securityContext.calculate" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $mustPrivileged := false -}} - {{- range $persistenceName, $persistenceValues := $rootCtx.Values.persistence -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $persistenceValues - "name" $persistenceName "caller" "Security Context" - "key" "persistence")) -}} - {{- if (eq $enabled "true") -}} - {{- if eq $persistenceValues.type "device" -}} - {{- $volume := (fromJson (include "tc.v1.common.lib.container.volumeMount.isSelected" (dict "persistenceName" $persistenceName "persistenceValues" $persistenceValues "objectData" $objectData "key" "persistence"))) -}} - {{- if $volume -}} {{/* If a volume is returned, it means that the container has an assigned device */}} - {{- $mustPrivileged = true -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if not $rootCtx.Values.securityContext.container -}} - {{- fail "Container - Expected non-empty [.Values.securityContext.container]" -}} - {{- end -}} - - {{/* Initialize from the "global" options */}} - {{- $secContext := mustDeepCopy $rootCtx.Values.securityContext.container -}} - - {{/* Override with containers options */}} - {{- with $objectData.securityContext -}} - {{- $secContext = mustMergeOverwrite $secContext . -}} - {{- end -}} - - {{/* Validations, as we might endup with null values after merge */}} - {{- range $key := (list "runAsUser" "runAsGroup") -}} - {{- $value := (get $secContext $key) -}} - {{- if not (mustHas (kindOf $value) (list "float64" "int" "int64")) -}} - {{- fail (printf "Container - Expected [securityContext.%s] to be [int], but got [%v] of type [%s]" $key $value (kindOf $value)) -}} - {{- end -}} - {{- end -}} - - {{- if or (eq (int $secContext.runAsUser) 0) (eq (int $secContext.runAsGroup) 0) -}} - {{- $_ := set $secContext "runAsNonRoot" false -}} - {{- else -}} - {{- $_ := set $secContext "runAsNonRoot" true -}} - {{- end -}} - - {{- if $secContext.privileged -}} {{/* When privileged is true, allowPrivilegeEscalation is required */}} - {{- $_ := set $secContext "allowPrivilegeEscalation" true -}} - {{- end -}} - - {{- if $mustPrivileged -}} - {{- $_ := set $secContext "privileged" true -}} - {{- $_ := set $secContext "allowPrivilegeEscalation" true -}} - {{- $_ := set $secContext "runAsNonRoot" false -}} - {{- $_ := set $secContext "runAsUser" 0 -}} - {{- $_ := set $secContext "runAsGroup" 0 -}} - {{- end -}} - - {{- range $key := (list "privileged" "allowPrivilegeEscalation" "runAsNonRoot" "readOnlyRootFilesystem") -}} - {{- $value := (get $secContext $key) -}} - {{- if not (kindIs "bool" $value) -}} - {{- fail (printf "Container - Expected [securityContext.%s] to be [bool], but got [%s] of type [%s]" $key $value (kindOf $value)) -}} - {{- end -}} - {{- end -}} - - {{- if not $secContext.seccompProfile -}} - {{- fail "Container - Expected [securityContext.seccompProfile] to be defined" -}} - {{- end -}} - - {{- $profiles := (list "RuntimeDefault" "Localhost" "Unconfined") -}} - {{- if not (mustHas $secContext.seccompProfile.type $profiles) -}} - {{- fail (printf "Container - Expected [securityContext.seccompProfile] to be one of [%s], but got [%s]" (join ", " $profiles) $secContext.seccompProfile.type) -}} - {{- end -}} - - {{- if eq $secContext.seccompProfile.type "Localhost" -}} - {{- if not $secContext.seccompProfile.profile -}} - {{- fail "Container - Expected [securityContext.seccompProfile.profile] to be defined on type [Localhost]" -}} - {{- end -}} - {{- end -}} - - {{- if not $secContext.capabilities -}} - {{- fail "Container - Expected [securityContext.capabilities] to be defined" -}} - {{- end -}} - - {{- $tempObjectData := (dict "shortName" $objectData.podShortName "primary" $objectData.podPrimary) -}} - {{- $portRange := fromJson (include "tc.v1.common.lib.helpers.securityContext.getPortRange" (dict "rootCtx" $rootCtx "objectData" $tempObjectData)) -}} - {{- if and $portRange.low (le (int $portRange.low) 1024) -}} {{/* If a container wants to bind a port <= 1024 add NET_BIND_SERVICE */}} - {{- $addCap := $secContext.capabilities.add -}} - {{- if not (mustHas "NET_BIND_SERIVCE" $addCap) -}} - {{- $addCap = mustAppend $addCap "NET_BIND_SERVICE" -}} - {{- end -}} - {{- $_ := set $secContext.capabilities "add" $addCap -}} - {{- end -}} - - {{/* - Most containers that run as root, is because it has to chown - files before switching to another user. - Lets add automatically the CHOWN cap. - */}} - {{- if eq (int $secContext.runAsUser) 0 -}} - - {{- if not (kindIs "bool" $secContext.capabilities.disableS6Caps) -}} - {{- fail (printf "Container - Expected [securityContext.capabilities.disableS6Caps] to be [bool], but got [%s] of type [%s]" $secContext.capabilities.disableS6Caps (kindOf $secContext.capabilities.disableS6Caps)) -}} - {{- end -}} - - {{- $addCap := $secContext.capabilities.add -}} - - {{- if not $secContext.capabilities.disableS6Caps -}} - {{- $addCap = mustAppend $addCap "CHOWN" -}} - {{- $addCap = mustAppend $addCap "SETUID" -}} - {{- $addCap = mustAppend $addCap "SETGID" -}} - {{- $addCap = mustAppend $addCap "FOWNER" -}} - {{- $addCap = mustAppend $addCap "DAC_OVERRIDE" -}} - {{- end -}} - - {{- $_ := set $secContext.capabilities "add" $addCap -}} - {{- end -}} - - {{- range $key := (list "add" "drop") -}} - {{- $item := (get $secContext.capabilities $key) -}} - {{- if not (kindIs "slice" $item) -}} - {{- fail (printf "Container - Expected [securityContext.capabilities.%s] to be [list], but got [%s]" $key (kindOf $item)) -}} - {{- end -}} - - {{- range $item -}} - {{- if not (kindIs "string" .) -}} - {{- fail (printf "Container - Expected items of [securityContext.capabilities.%s] to be [string], but got [%s]" $key (kindOf .)) -}} - {{- end -}} - {{- end -}} - - {{- if not (deepEqual (mustUniq $item) $item) -}} - {{- fail (printf "Container - Expected items of [securityContext.capabilities.%s] to be unique, but got [%s]" $key (join ", " $item)) -}} - {{- end -}} - {{- end -}} - - {{- $secContext | toJson -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/container/_termination.tpl b/charts/baikal/charts/common/templates/lib/container/_termination.tpl deleted file mode 100644 index 29f4d6a..0000000 --- a/charts/baikal/charts/common/templates/lib/container/_termination.tpl +++ /dev/null @@ -1,33 +0,0 @@ -{{/* Returns termination */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.termination" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.termination" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $termination := (dict "messagePath" "" "messagePolicy" "") -}} - - {{- with $objectData.termination -}} - {{- with .messagePath -}} - {{- $_ := set $termination "messagePath" (tpl . $rootCtx) -}} - {{- end -}} - - {{- with .messagePolicy -}} - - {{- $policy := (tpl . $rootCtx) -}} - - {{- $policies := (list "File" "FallbackToLogsOnError") -}} - {{- if not (mustHas $policy $policies) -}} - {{- fail (printf "Container - Expected [termination.messagePolicy] to be one of [%s], but got [%s]" (join ", " $policies) $policy) -}} - {{- end -}} - - {{- $_ := set $termination "messagePolicy" $policy -}} - {{- end -}} - - {{- end -}} - - {{- $termination | toJson -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/container/_volumeMounts.tpl b/charts/baikal/charts/common/templates/lib/container/_volumeMounts.tpl deleted file mode 100644 index 84b3cb6..0000000 --- a/charts/baikal/charts/common/templates/lib/container/_volumeMounts.tpl +++ /dev/null @@ -1,156 +0,0 @@ -{{/* Returns volumeMount list */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.volumeMount" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.volumeMount" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $volMounts := list -}} - - {{- $codeServerIgnoredTypes := (list "configmap" "secret" "vct") -}} - - {{- range $persistenceName, $persistenceValues := $rootCtx.Values.persistence -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $persistenceValues - "name" $persistenceName "caller" "Volume Mount" - "key" "persistence")) -}} - - {{/* TLDR: Enabled + Not VCT without STS */}} - {{- if and (eq $enabled "true") (not (and (eq $persistenceValues.type "vct") (ne $objectData.podType "StatefulSet"))) -}} - {{/* Dont try to mount configmap/sercet/vct to codeserver */}} - {{- if not (and (eq $objectData.shortName "codeserver") (mustHas $persistenceValues.type $codeServerIgnoredTypes)) -}} - {{- $volMount := (include "tc.v1.common.lib.container.volumeMount.isSelected" (dict - "rootCtx" $rootCtx "persistenceName" $persistenceName "persistenceValues" $persistenceValues "objectData" $objectData - )) | fromJson -}} - {{- if $volMount -}} - {{- $volMounts = mustAppend $volMounts $volMount -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- range $volMount := $volMounts -}} - {{/* Expand values */}} - {{- $_ := set $volMount "mountPath" (tpl $volMount.mountPath $rootCtx) -}} - {{- $_ := set $volMount "subPath" (tpl $volMount.subPath $rootCtx) -}} - {{- $_ := set $volMount "mountPropagation" (tpl $volMount.mountPropagation $rootCtx) -}} - - {{- if not $volMount.mountPath -}} - {{- fail (printf "Persistence - Expected non-empty [mountPath]") -}} - {{- end -}} - - {{- if not (hasPrefix "/" $volMount.mountPath) -}} - {{- fail (printf "Persistence - Expected [mountPath] to start with a forward slash [/]") -}} - {{- end -}} - - {{- $propagationTypes := (list "None" "HostToContainer" "Bidirectional") -}} - {{- if and $volMount.mountPropagation (not (mustHas $volMount.mountPropagation $propagationTypes)) -}} - {{- fail (printf "Persistence - Expected [mountPropagation] to be one of [%s], but got [%s]" (join ", " $propagationTypes) $volMount.mountPropagation) -}} - {{- end -}} - - {{- if not (kindIs "bool" $volMount.readOnly) -}} - {{- fail (printf "Persistence - Expected [readOnly] to be [boolean], but got [%s]" (kindOf $volMount.readOnly)) -}} - {{- end }} -- name: {{ $volMount.name }} - mountPath: {{ $volMount.mountPath }} - readOnly: {{ $volMount.readOnly }} - {{- with $volMount.subPath }} - subPath: {{ . }} - {{- end -}} - {{- with $volMount.mountPropagation }} - mountPropagation: {{ . }} - {{- end -}} - {{- end -}} - -{{- end -}} - -{{- define "tc.v1.common.lib.container.volumeMount.isSelected" -}} - {{- $persistenceName := .persistenceName -}} - {{- $persistenceValues := .persistenceValues -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{/* Initialize from the default values */}} - {{- $volMount := dict -}} - {{- if eq $persistenceValues.type "vct" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - {{- $persistenceName = printf "%s-%s" $fullname $persistenceName -}} - {{- end -}} - {{- $_ := set $volMount "name" $persistenceName -}} - {{- if eq $persistenceValues.type "device" -}} {{/* On devices use the hostPath as default if mountpath is not defined */}} - {{- $_ := set $volMount "mountPath" ($persistenceValues.mountPath | default $persistenceValues.hostPath | default "") -}} - {{- else -}} - {{- $_ := set $volMount "mountPath" ($persistenceValues.mountPath | default "") -}} - {{- end -}} - {{- $_ := set $volMount "subPath" ($persistenceValues.subPath | default "") -}} - {{- $_ := set $volMount "readOnly" ($persistenceValues.readOnly | default false) -}} - {{- $_ := set $volMount "mountPropagation" ($persistenceValues.mountPropagation | default "") -}} - - {{- $return := false -}} - {{/* If targetSelectAll is set, means all pods/containers */}} {{/* targetSelectAll does not make sense for vct */}} - {{- if and $persistenceValues.targetSelectAll (ne $persistenceValues.type "vct") -}} - {{- $return = true -}} - {{/* Set custom path on autopermissions container */}} - {{- if and (eq $objectData.shortName "autopermissions") $persistenceValues.autoPermissions -}} - {{- if $persistenceValues.autoPermissions.enabled -}} - {{- $return = true -}} - {{- $_ := set $volMount "mountPath" (printf "/mounts/%v" $persistenceName) -}} - {{- end -}} - {{- end -}} - - {{/* If the container is the autopermission */}} - {{- else if (eq $objectData.shortName "autopermissions") -}} - {{- if $persistenceValues.autoPermissions -}} - {{- if $persistenceValues.autoPermissions.enabled -}} - {{- $return = true -}} - {{- $_ := set $volMount "mountPath" (printf "/mounts/%v" $persistenceName) -}} - {{- end -}} - {{- end -}} - - {{/* Else if selector is defined */}} - {{- else if $persistenceValues.targetSelector -}} - {{- if not (kindIs "map" $persistenceValues.targetSelector) -}} - {{- fail (printf "Persistence - Expected [targetSelector] to be a [dict] but got [%s]" (kindOf $persistenceValues.targetSelector)) -}} - {{- end -}} - - {{/* If pod is selected */}} - {{- if mustHas $objectData.podShortName ($persistenceValues.targetSelector | keys) -}} - {{- $selectorValues := (get $persistenceValues.targetSelector $objectData.podShortName) -}} - {{- if not (kindIs "map" $selectorValues) -}} - {{- fail (printf "Persistence - Expected [targetSelector.%s] to be a [dict], but got [%s]" $objectData.podShortName (kindOf $selectorValues)) -}} - {{- end -}} - - {{- if not $selectorValues -}} - {{- fail (printf "Persistence - Expected non-empty [targetSelector.%s]" $objectData.podShortName) -}} - {{- end -}} - - {{/* If container is selected */}} - {{- if or (mustHas $objectData.shortName ($selectorValues | keys)) (eq $objectData.shortName "codeserver") -}} - {{/* Merge with values that might be set for the specific container */}} - {{- $fetchedSelectorValues := (get $selectorValues $objectData.shortName) -}} - {{- if and (eq $objectData.shortName "codeserver") (not $fetchedSelectorValues) -}} - {{- $fetchedSelectorValues = (get $selectorValues ($selectorValues | keys | first)) -}} - {{- end -}} - {{- $volMount = mustMergeOverwrite $volMount $fetchedSelectorValues -}} - {{- $return = true -}} - {{- end -}} - {{- end -}} - - {{/* if its the codeserver */}} - {{- else if (eq $objectData.shortName "codeserver") -}} - {{- $return = true -}} - - {{/* Else if not selector, but pod and container is primary */}} - {{- else if and $objectData.podPrimary $objectData.primary -}} - {{- $return = true -}} - {{- end -}} - - {{- if $return -}} {{/* If it's selected, return the volumeMount */}} - {{- $volMount | toJson -}} - {{- else -}} {{/* Else return an empty dict */}} - {{- dict | toJson -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/container/probe-lifecycle-actions/_exec.tpl b/charts/baikal/charts/common/templates/lib/container/probe-lifecycle-actions/_exec.tpl deleted file mode 100644 index 2413dea..0000000 --- a/charts/baikal/charts/common/templates/lib/container/probe-lifecycle-actions/_exec.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{/* Returns exec action */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.actions.exec" (dict "rootCtx" $ "objectData" $objectData "caller" $caller) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.actions.exec" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $caller := .caller -}} - - {{- if not $objectData.command -}} - {{- fail (printf "Container - Expected non-empty [%s] [command] on [exec] type" $caller) -}} - {{- end }} -exec: - command: - {{- include "tc.v1.common.lib.container.command" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 4}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/container/probe-lifecycle-actions/_grpc.tpl b/charts/baikal/charts/common/templates/lib/container/probe-lifecycle-actions/_grpc.tpl deleted file mode 100644 index e4170ec..0000000 --- a/charts/baikal/charts/common/templates/lib/container/probe-lifecycle-actions/_grpc.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{/* Returns grpc action */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.actions.tcpSocket" (dict "rootCtx" $ "objectData" $objectData "caller" $caller) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.actions.grpc" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $caller := .caller -}} - - {{- if not $objectData.port -}} - {{- fail (printf "Container - Expected non-empty [%s] [port] on [grpc] type" $caller) -}} - {{- end -}} - - {{- $port := $objectData.port -}} - - {{- if kindIs "string" $port -}} - {{- $port = tpl $port $rootCtx -}} - {{- end }} -grpc: - port: {{ $port }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/container/probe-lifecycle-actions/_httpGet.tpl b/charts/baikal/charts/common/templates/lib/container/probe-lifecycle-actions/_httpGet.tpl deleted file mode 100644 index d6c1221..0000000 --- a/charts/baikal/charts/common/templates/lib/container/probe-lifecycle-actions/_httpGet.tpl +++ /dev/null @@ -1,53 +0,0 @@ -{{/* Returns httpGet action */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.actions.httpGet" (dict "rootCtx" $ "objectData" $objectData "caller" $caller) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.actions.httpGet" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $caller := .caller -}} - - {{- if not $objectData.port -}} - {{- fail (printf "Container - Expected non-empty [%s] [port] on [http] type" $caller) -}} - {{- end -}} - - {{- $port := $objectData.port -}} - {{- $path := "/" -}} - {{- $scheme := "http" -}} - - {{- if kindIs "string" $port -}} - {{- $port = tpl $port $rootCtx -}} - {{- end -}} - - {{- with $objectData.path -}} - {{- $path = tpl . $rootCtx -}} - {{- end -}} - - {{- if not (hasPrefix "/" $path) -}} - {{- fail (printf "Container - Expected [%s] [path] to start with a forward slash [/] on [http] type" $caller) -}} - {{- end -}} - - {{- with $objectData.type -}} - {{- $scheme = tpl . $rootCtx -}} - {{- end }} -httpGet: - {{- with $objectData.host }} - host: {{ tpl . $rootCtx }} - {{- end }} - port: {{ $port }} - path: {{ $path }} - scheme: {{ $scheme | upper }} - {{- with $objectData.httpHeaders }} - httpHeaders: - {{- range $name, $value := . }} - {{- if not $value -}} - {{- fail "Container - Expected non-empty [value] on [httpHeaders]" -}} - {{- end }} - - name: {{ $name }} - value: {{ tpl (toString $value) $rootCtx | quote }} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/container/probe-lifecycle-actions/_tcpSocket.tpl b/charts/baikal/charts/common/templates/lib/container/probe-lifecycle-actions/_tcpSocket.tpl deleted file mode 100644 index dc2df7d..0000000 --- a/charts/baikal/charts/common/templates/lib/container/probe-lifecycle-actions/_tcpSocket.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{/* Returns tcpSocket action */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.actions.tcpSocket" (dict "rootCtx" $ "objectData" $objectData "caller" $caller) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.actions.tcpSocket" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $caller := .caller -}} - - {{- if not $objectData.port -}} - {{- fail (printf "Container - Expected non-empty [%s] [port] on [tcp] type" $caller) -}} - {{- end -}} - - {{- $port := $objectData.port -}} - - {{- if kindIs "string" $port -}} - {{- $port = tpl $port $rootCtx -}} - {{- end }} -tcpSocket: - port: {{ $port }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/credentials/_validation.tpl b/charts/baikal/charts/common/templates/lib/credentials/_validation.tpl deleted file mode 100644 index 18ae903..0000000 --- a/charts/baikal/charts/common/templates/lib/credentials/_validation.tpl +++ /dev/null @@ -1,31 +0,0 @@ -{{- define "tc.v1.common.lib.credentials.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $caller := .caller -}} - {{- $credName := .credName -}} - - {{- $credentials := get $rootCtx.Values.credentials $credName -}} - - {{- if not $credentials -}} - {{- fail (printf "%s - Expected credentials [%s] to be defined in [credentials] which currently contains [%s] keys" $caller $credName (keys $rootCtx.Values.credentials | join ", ")) -}} - {{- end -}} - - {{- $validCredTypes := list "s3" -}} - {{- if $credentials.type -}} {{/* Remove this if check if more types are supported in future */}} - {{- if not (mustHas $credentials.type $validCredTypes) -}} - {{- fail (printf "%s - Expected [type] in [credentials.%s] to be one of [%s], but got [%s]" $caller $credName (join ", " $validCredTypes) $credentials.type) -}} - {{- end -}} - {{- end -}} - - {{- $reqFields := list "url" "bucket" "encrKey" "accessKey" "secretKey" -}} - {{- range $key := $reqFields -}} - {{- if not (get $credentials $key) -}} - {{- fail (printf "VolSync - Expected non-empty [%s] in [credentials.%s]" $key $credName) -}} - {{- end -}} - {{- end -}} - - {{- $url := get $credentials "url" -}} - {{- if and (not (hasPrefix "http://" $url)) (not (hasPrefix "https://" $url)) -}} - {{- fail (printf "%s - Expected [url] in [credentials.%s] to start with [http://] or [https://]. It was observed that sometimes can cause issues if it does not. Got [%s]" $caller $credName $url) -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/dependencies/_clickhouseInjector.tpl b/charts/baikal/charts/common/templates/lib/dependencies/_clickhouseInjector.tpl deleted file mode 100644 index c94fec6..0000000 --- a/charts/baikal/charts/common/templates/lib/dependencies/_clickhouseInjector.tpl +++ /dev/null @@ -1,45 +0,0 @@ -{{/* - This template generates a random password and ensures it persists across updates/edits to the chart -*/}} -{{- define "tc.v1.common.dependencies.clickhouse.secret" -}} - -{{- if .Values.clickhouse.enabled -}} - {{/* Use with custom-set password */}} - {{- $dbPass := .Values.clickhouse.password -}} - - {{/* Prepare data */}} - {{- $dbHost := printf "%v-%v" .Release.Name "clickhouse" -}} - {{- $portHost := printf "%v:8123" $dbHost -}} - {{- $ping := printf "http://%v/ping" $portHost -}} - {{- $url := printf "http://%v:%v@%v/%v" .Values.clickhouse.clickhouseUsername $dbPass $portHost .Values.clickhouse.clickhouseDatabase -}} - {{- $jdbc := printf "jdbc:ch://%v/%v" $portHost -}} - - {{/* Append some values to clickhouse.creds, so apps using the dep, can use them */}} - {{- $_ := set .Values.clickhouse.creds "plain" ($dbHost | quote) -}} - {{- $_ := set .Values.clickhouse.creds "plainhost" ($dbHost | quote) -}} - {{- $_ := set .Values.clickhouse.creds "clickhousePassword" ($dbPass | quote) -}} - {{- $_ := set .Values.clickhouse.creds "plainport" ($portHost | quote) -}} - {{- $_ := set .Values.clickhouse.creds "plainporthost" ($portHost | quote) -}} - {{- $_ := set .Values.clickhouse.creds "ping" ($ping | quote) -}} - {{- $_ := set .Values.clickhouse.creds "complete" ($url | quote) -}} - {{- $_ := set .Values.clickhouse.creds "jdbc" ($jdbc | quote) -}} - -{{/* Create the secret (Comment also plays a role on correct formatting) */}} -enabled: true -expandObjectName: false -data: - clickhouse-password: {{ $dbPass }} - plainhost: {{ $dbHost }} - plainporthost: {{ $portHost }} - ping: {{ $ping }} - url: {{ $url }} - jdbc: {{ $jdbc }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.dependencies.clickhouse.injector" -}} - {{- $secret := include "tc.v1.common.dependencies.clickhouse.secret" . | fromYaml -}} - {{- if $secret -}} - {{- $_ := set .Values.secret ( printf "%s-%s" .Release.Name "clickhousecreds" ) $secret -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/dependencies/_dbWait.tpl b/charts/baikal/charts/common/templates/lib/dependencies/_dbWait.tpl deleted file mode 100644 index e287c4e..0000000 --- a/charts/baikal/charts/common/templates/lib/dependencies/_dbWait.tpl +++ /dev/null @@ -1,406 +0,0 @@ -{{- define "tc.v1.common.lib.deps.wait" -}} - {{- if .Values.redis.enabled -}} - {{- $container := include "tc.v1.common.lib.deps.wait.redis" $ | fromYaml -}} - {{- if $container -}} - {{- range .Values.workload -}} - {{- if not (hasKey .podSpec "initContainers") -}} - {{- $_ := set .podSpec "initContainers" dict -}} - {{- end -}} - {{- $_ := set .podSpec.initContainers "redis-wait" $container -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if .Values.mariadb.enabled -}} - {{- $container := include "tc.v1.common.lib.deps.wait.mariadb" $ | fromYaml -}} - {{- if $container -}} - {{- range .Values.workload -}} - {{- if not (hasKey .podSpec "initContainers") -}} - {{- $_ := set .podSpec "initContainers" dict -}} - {{- end -}} - {{- $_ := set .podSpec.initContainers "mariadb-wait" $container -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if .Values.mongodb.enabled -}} - {{- $container := include "tc.v1.common.lib.deps.wait.mongodb" $ | fromYaml -}} - {{- if $container -}} - {{- range .Values.workload -}} - {{- if not (hasKey .podSpec "initContainers") -}} - {{- $_ := set .podSpec "initContainers" dict -}} - {{- end -}} - {{- $_ := set .podSpec.initContainers "mongodb-wait" $container -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if .Values.clickhouse.enabled -}} - {{- $container := include "tc.v1.common.lib.deps.wait.clickhouse" $ | fromYaml -}} - {{- if $container -}} - {{- range .Values.workload -}} - {{- if not (hasKey .podSpec "initContainers") -}} - {{- $_ := set .podSpec "initContainers" dict -}} - {{- end -}} - {{- $_ := set .podSpec.initContainers "clickhouse-wait" $container -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if .Values.solr.enabled -}} - {{- $container := include "tc.v1.common.lib.deps.wait.solr" $ | fromYaml -}} - {{- if $container -}} - {{- range .Values.workload -}} - {{- if not (hasKey .podSpec "initContainers") -}} - {{- $_ := set .podSpec "initContainers" dict -}} - {{- end -}} - {{- $_ := set .podSpec.initContainers "solr-wait" $container -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $result := false -}} - {{- range .Values.cnpg -}} - {{- if .enabled -}} - {{- $result = true -}} - {{- end -}} - {{- end -}} - - {{- if $result -}} - {{- $container := include "tc.v1.common.lib.deps.wait.cnpg" $ | fromYaml -}} - {{- if $container -}} - {{- range $.Values.workload -}} - {{- if not (hasKey .podSpec "initContainers") -}} - {{- $_ := set .podSpec "initContainers" dict -}} - {{- end -}} - {{- $_ := set .podSpec.initContainers "cnpg-wait" $container -}} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.deps.wait.redis" -}} -enabled: true -type: system -imageSelector: redisClientImage -securityContext: - runAsUser: 568 - runAsGroup: 568 - readOnlyRootFilesystem: true - runAsNonRoot: true - allowPrivilegeEscalation: false - privileged: false - seccompProfile: - type: RuntimeDefault - capabilities: - add: [] - drop: - - ALL -resources: - excludeExtra: true - requests: - cpu: 10m - memory: 50Mi - limits: - cpu: 500m - memory: 512Mi -env: - REDIS_HOST: - secretKeyRef: - expandObjectName: false - name: '{{ printf "%s-%s" .Release.Name "rediscreds" }}' - key: plainhost - REDIS_PASSWORD: "{{ .Values.redis.password }}" - REDIS_PORT: "6379" -command: - - "/bin/sh" - - "-c" - - | - /bin/bash <<'EOF' - echo "Executing DB waits..." - [[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD"; - export LIVE=false; - until "$LIVE"; - do - response=$( - timeout -s 3 2 \ - redis-cli \ - -h "$REDIS_HOST" \ - -p "$REDIS_PORT" \ - ping - ) - if [ "$response" == "PONG" ] || [ "$response" == "LOADING Redis is loading the dataset in memory" ]; then - LIVE=true - echo "$response" - echo "Redis Responded, ending initcontainer and starting main container(s)..." - else - echo "$response" - echo "Redis not responding... Sleeping for 10 sec..." - sleep 10 - fi; - done - EOF -{{- end -}} - -{{- define "tc.v1.common.lib.deps.wait.mariadb" -}} -enabled: true -type: system -imageSelector: mariadbClientImage -securityContext: - runAsUser: 568 - runAsGroup: 568 - readOnlyRootFilesystem: true - runAsNonRoot: true - allowPrivilegeEscalation: false - privileged: false - seccompProfile: - type: RuntimeDefault - capabilities: - add: [] - drop: - - ALL -resources: - excludeExtra: true - requests: - cpu: 10m - memory: 50Mi - limits: - cpu: 500m - memory: 512Mi -env: - MARIADB_HOST: - secretKeyRef: - expandObjectName: false - name: '{{ printf "%s-%s" .Release.Name "mariadbcreds" }}' - key: plainhost - MARIADB_ROOT_PASSWORD: "{{ .Values.mariadb.rootPassword }}" -command: - - "/bin/sh" - - "-c" - - | - /bin/bash <<'EOF' - echo "Executing DB waits..." - until - mysqladmin -uroot -h"${MARIADB_HOST}" -p"${MARIADB_ROOT_PASSWORD}" ping \ - && mysqladmin -uroot -h"${MARIADB_HOST}" -p"${MARIADB_ROOT_PASSWORD}" status; - do sleep 2; - done - EOF -{{- end -}} - -{{- define "tc.v1.common.lib.deps.wait.mongodb" -}} -enabled: true -type: system -imageSelector: mongodbClientImage -securityContext: - runAsUser: 568 - runAsGroup: 568 - readOnlyRootFilesystem: true - runAsNonRoot: true - allowPrivilegeEscalation: false - privileged: false - seccompProfile: - type: RuntimeDefault - capabilities: - add: [] - drop: - - ALL -resources: - excludeExtra: true - requests: - cpu: 10m - memory: 50Mi - limits: - cpu: 500m - memory: 512Mi -env: - MONGODB_HOST: - secretKeyRef: - expandObjectName: false - name: '{{ printf "%s-%s" .Release.Name "mongodbcreds" }}' - key: plainhost - MONGODB_DATABASE: "{{ .Values.mongodb.mongodbDatabase }}" -command: - - "/bin/sh" - - "-c" - - | - /bin/bash <<'EOF' - echo "Executing DB waits..." - until - HOME=/config && echo "db.runCommand(\"ping\")" | mongosh --host ${MONGODB_HOST} --port 27017 ${MONGODB_DATABASE} --quiet; - do sleep 2; - done - EOF -{{- end -}} - -{{- define "tc.v1.common.lib.deps.wait.clickhouse" -}} -enabled: true -type: system -imageSelector: wgetImage -securityContext: - runAsUser: 568 - runAsGroup: 568 - readOnlyRootFilesystem: true - runAsNonRoot: true - allowPrivilegeEscalation: false - privileged: false - seccompProfile: - type: RuntimeDefault - capabilities: - add: [] - drop: - - ALL -resources: - excludeExtra: true - requests: - cpu: 10m - memory: 50Mi - limits: - cpu: 500m - memory: 512Mi -env: - CLICKHOUSE_PING: - secretKeyRef: - expandObjectName: false - name: '{{ printf "%s-%s" .Release.Name "clickhousecreds" }}' - key: ping -command: - - "/bin/sh" -args: - - "-c" - - | - echo "Executing DB waits..." - until wget --quiet --tries=1 --spider "${CLICKHOUSE_PING}"; do - echo "ClickHouse - no response. Sleeping 2 seconds..." - sleep 2 - done - echo "ClickHouse - accepting connections" -{{- end -}} - -{{- define "tc.v1.common.lib.deps.wait.solr" -}} -enabled: true -type: system -imageSelector: wgetImage -securityContext: - runAsUser: 568 - runAsGroup: 568 - readOnlyRootFilesystem: true - runAsNonRoot: true - allowPrivilegeEscalation: false - privileged: false - seccompProfile: - type: RuntimeDefault - capabilities: - add: [] - drop: - - ALL -resources: - excludeExtra: true - requests: - cpu: 10m - memory: 50Mi - limits: - cpu: 500m - memory: 512Mi -env: - SOLR_HOST: - secretKeyRef: - expandObjectName: false - name: '{{ printf "%s-%s" .Release.Name "solrcreds" }}' - key: plainhost - SOLR_CORES: "{{ .Values.solr.solrCores }}" - SOLR_ENABLE_AUTHENTICATION: "{{ .Values.solr.solrEnableAuthentication }}" - SOLR_ADMIN_USERNAME: "{{ .Values.solr.solrUsername }}" - SOLR_ADMIN_PASSWORD: - secretKeyRef: - expandObjectName: false - name: '{{ printf "%s-%s" .Release.Name "solrcreds" }}' - key: solr-password - -command: - - "/bin/sh" -args: - - "-c" - - | - echo "Executing DB waits..." - if [ "$SOLR_ENABLE_AUTHENTICATION" == "yes" ]; then - until curl --fail --user "${SOLR_ADMIN_USERNAME}":"${SOLR_ADMIN_PASSWORD}" "${SOLR_HOST}":8983/solr/"${SOLR_CORES}"/admin/ping; do - echo "Solr is not responding... Sleeping 2 seconds..." - sleep 2 - done - else - until curl --fail "${SOLR_HOST}":8983/solr/"${SOLR_CORES}"/admin/ping; do - echo "Solr is not responding... Sleeping 2 seconds..." - sleep 2 - done - fi -{{- end -}} - -{{- define "tc.v1.common.lib.deps.wait.cnpg" -}} -enabled: true -type: system -imageSelector: postgresClientImage -securityContext: - runAsUser: 568 - runAsGroup: 568 - readOnlyRootFilesystem: true - runAsNonRoot: true - allowPrivilegeEscalation: false - privileged: false - seccompProfile: - type: RuntimeDefault - capabilities: - add: [] - drop: - - ALL -resources: - excludeExtra: true - requests: - cpu: 10m - memory: 50Mi - limits: - cpu: 500m - memory: 512Mi -command: - - "/bin/sh" - - "-c" - - | - /bin/sh <<'EOF' -{{- range $name, $cnpg := .Values.cnpg -}} - {{- if $cnpg.enabled }} - echo "Executing DB waits..." - {{- $cnpgName := include "tc.v1.common.lib.chart.names.fullname" $ -}} - {{- $cnpgName = printf "%v-cnpg-%v" $cnpgName $name -}} - - {{/* Wait RW CNPG */}} - {{- include "cnpg.wait.script" (dict "url" (printf "%s-rw" $cnpgName) "user" .user "db" .database "on" "CNPG RW") | nindent 4 -}} - - {{- if and $cnpg.pooler $cnpg.pooler.enabled -}} - {{/* Wait RW Pooler */}} - {{- include "cnpg.wait.script" (dict "url" (printf "%s-pooler-rw" $cnpgName) "user" .user "db" .database "on" "CNPG Pooler RW") | nindent 4 -}} - - {{/* Wait RO Pooler */}} - {{- if $cnpg.pooler.createRO -}} - {{- include "cnpg.wait.script" (dict "url" (printf "%s-pooler-ro" $cnpgName) "user" .user "db" .database "on" "CNPG Pooler RO") | nindent 4 -}} - {{- end -}} - - {{- end -}} - {{- end -}} -{{- end }} - echo "Done executing DB waits..." - EOF -{{- end -}} - -{{- define "cnpg.wait.script" -}} - {{- $url := .url -}} - {{- $user := .user -}} - {{- $db := .db -}} - {{- $on := .on -}} -echo "Testing Database availability on [{{ $on }}]" -until - echo "Testing database on url: [{{ $url }}]" - pg_isready -U {{ $user }} -d {{ $db }} -h {{ $url }} - do sleep 5 -done -echo "Database available on url: [{{ $url }}]" -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/dependencies/_mariadbInjector.tpl b/charts/baikal/charts/common/templates/lib/dependencies/_mariadbInjector.tpl deleted file mode 100644 index 935519b..0000000 --- a/charts/baikal/charts/common/templates/lib/dependencies/_mariadbInjector.tpl +++ /dev/null @@ -1,56 +0,0 @@ -{{/* -This template generates a random password and ensures it persists across updates/edits to the chart -*/}} -{{- define "tc.v1.common.dependencies.mariadb.secret" -}} - -{{- if .Values.mariadb.enabled -}} - {{/* Use custom-set password */}} - {{- $dbPass := .Values.mariadb.password -}} - - {{/* Use custom-set root-password */}} - {{- $rootPass := .Values.mariadb.rootPassword -}} - - {{/* Prepare data */}} - {{- $dbhost := printf "%v-%v" .Release.Name "mariadb" -}} - {{- $portHost := printf "%v:3306" $dbhost -}} - {{- $complete := printf "sql://%v:%v@%v/%v" .Values.mariadb.mariadbUsername $dbPass $portHost .Values.mariadb.mariadbDatabase -}} - {{- $urlnossl := printf "sql://%v:%v@%v/%v?sslmode=disable" .Values.mariadb.mariadbUsername $dbPass $portHost .Values.mariadb.mariadbDatabase -}} - {{- $jdbc := printf "jdbc:sqlserver://%v/%v" $portHost .Values.mariadb.mariadbDatabase -}} - {{- $jdbcMySQL := printf "jdbc:mysql://%v/%v" $portHost .Values.mariadb.mariadbDatabase -}} - {{- $jdbcMariaDB := printf "jdbc:mariadb://%v/%v" $portHost .Values.mariadb.mariadbDatabase -}} - - {{/* Append some values to mariadb.creds, so apps using the dep, can use them */}} - {{- $_ := set .Values.mariadb.creds "mariadbPassword" ($dbPass | quote) -}} - {{- $_ := set .Values.mariadb.creds "mariadbRootPassword" ($rootPass | quote) -}} - {{- $_ := set .Values.mariadb.creds "plain" ($dbhost | quote) -}} - {{- $_ := set .Values.mariadb.creds "plainhost" ($dbhost | quote) -}} - {{- $_ := set .Values.mariadb.creds "plainport" ($portHost | quote) -}} - {{- $_ := set .Values.mariadb.creds "plainporthost" ($portHost | quote) -}} - {{- $_ := set .Values.mariadb.creds "complete" ($complete | quote) -}} - {{- $_ := set .Values.mariadb.creds "urlnossl" ($urlnossl | quote) -}} - {{- $_ := set .Values.mariadb.creds "jdbc" ($jdbc | quote) -}} - {{- $_ := set .Values.mariadb.creds "jdbcmysql" ($jdbcMySQL | quote) -}} - {{- $_ := set .Values.mariadb.creds "jdbcmariadb" ($jdbcMariaDB | quote) -}} - -{{/* Create the secret (Comment also plays a role on correct formatting) */}} -enabled: true -expandObjectName: false -data: - mariadb-password: {{ $dbPass }} - mariadb-root-password: {{ $rootPass }} - url: {{ $complete }} - urlnossl: {{ $urlnossl }} - plainporthost: {{ $portHost }} - plainhost: {{ $dbhost }} - jdbc: {{ $jdbc }} - jdbc-mysql: {{ $jdbcMySQL }} - jdbc-mariadb: {{ $jdbcMariaDB }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.dependencies.mariadb.injector" -}} - {{- $secret := include "tc.v1.common.dependencies.mariadb.secret" . | fromYaml -}} - {{- if $secret -}} - {{- $_ := set .Values.secret (printf "%s-%s" .Release.Name "mariadbcreds") $secret -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/dependencies/_mongodbInjector.tpl b/charts/baikal/charts/common/templates/lib/dependencies/_mongodbInjector.tpl deleted file mode 100644 index b3cbdda..0000000 --- a/charts/baikal/charts/common/templates/lib/dependencies/_mongodbInjector.tpl +++ /dev/null @@ -1,53 +0,0 @@ -{{/* -This template generates a random password and ensures it persists across updates/edits to the chart -*/}} -{{- define "tc.v1.common.dependencies.mongodb.secret" -}} - -{{- if .Values.mongodb.enabled -}} - {{/* Use custom-set password */}} - {{- $dbPass := .Values.mongodb.password -}} - - {{/* Use custom-set root-password */}} - {{- $rootPass := .Values.mongodb.rootPassword -}} - - {{/* Prepare data */}} - {{- $dbhost := printf "%v-%v" .Release.Name "mongodb" -}} - {{- $portHost := printf "%v:27017" $dbhost -}} - {{- $jdbc := printf "jdbc:mongodb://%v/%v" $portHost .Values.mongodb.mongodbDatabase -}} - {{- $url := printf "mongodb://%v:%v@%v/%v" .Values.mongodb.mongodbUsername $dbPass $portHost .Values.mongodb.mongodbDatabase -}} - {{- $urlssl := printf "%v?ssl=true" $url -}} - {{- $urltls := printf "%v?tls=true" $url -}} - - {{/* Append some values to mongodb.creds, so apps using the dep, can use them */}} - {{- $_ := set .Values.mongodb.creds "mongodbPassword" ($dbPass | quote) -}} - {{- $_ := set .Values.mongodb.creds "mongodbRootPassword" ($rootPass | quote) -}} - {{- $_ := set .Values.mongodb.creds "plain" ($dbhost | quote) -}} - {{- $_ := set .Values.mongodb.creds "plainhost" ($dbhost | quote) -}} - {{- $_ := set .Values.mongodb.creds "plainport" ($portHost | quote) -}} - {{- $_ := set .Values.mongodb.creds "plainporthost" ($portHost | quote) -}} - {{- $_ := set .Values.mongodb.creds "complete" ($url | quote) -}} - {{- $_ := set .Values.mongodb.creds "urlssl" ($urlssl | quote) -}} - {{- $_ := set .Values.mongodb.creds "urltls" ($urltls | quote) -}} - {{- $_ := set .Values.mongodb.creds "jdbc" ($jdbc | quote) -}} - -{{/* Create the secret (Comment also plays a role on correct formatting) */}} -enabled: true -expandObjectName: false -data: - mongodb-password: {{ $dbPass }} - mongodb-root-password: {{ $rootPass }} - url: {{ $url }} - urlssl: {{ $urlssl }} - urltls: {{ $urltls }} - jdbc: {{ $jdbc }} - plainhost: {{ $dbhost }} - plainporthost: {{ $portHost }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.dependencies.mongodb.injector" -}} - {{- $secret := include "tc.v1.common.dependencies.mongodb.secret" . | fromYaml -}} - {{- if $secret -}} - {{- $_ := set .Values.secret (printf "%s-%s" .Release.Name "mongodbcreds") $secret -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/dependencies/_redisInjector.tpl b/charts/baikal/charts/common/templates/lib/dependencies/_redisInjector.tpl deleted file mode 100644 index e500b40..0000000 --- a/charts/baikal/charts/common/templates/lib/dependencies/_redisInjector.tpl +++ /dev/null @@ -1,48 +0,0 @@ -{{/* -This template generates a random password and ensures it persists across updates/edits to the chart -*/}} -{{- define "tc.v1.common.dependencies.redis.secret" -}} - -{{- if .Values.redis.enabled -}} - {{- $dbIndex := .Values.redis.redisDatabase | default "0" -}} - {{/* Use with custom-set password */}} - {{- $dbPass := .Values.redis.password -}} - - {{- $redisUser := .Values.redis.redisUsername -}} - {{- if not $redisUser -}}{{/* If you try to print a nil value it will print as [nil] */}} - {{- $redisUser = "" -}} - {{- end -}} - {{/* Prepare data */}} - {{- $dbHost := printf "%v-%v" .Release.Name "redis" -}} - {{- $portHost := printf "%v:6379" $dbHost -}} - {{- $url := printf "redis://%v:%v@%v/%v" $redisUser $dbPass $portHost $dbIndex -}} - {{- $hostPass := printf "%v:%v@%v" $redisUser $dbPass $dbHost -}} - - {{/* Append some values to redis.creds, so apps using the dep, can use them */}} - {{- $_ := set .Values.redis.creds "redisPassword" ($dbPass | quote) -}} - {{- $_ := set .Values.redis.creds "plain" ($dbHost | quote) -}} - {{- $_ := set .Values.redis.creds "plainhost" ($dbHost | quote) -}} - {{- $_ := set .Values.redis.creds "plainport" ($portHost | quote) -}} - {{- $_ := set .Values.redis.creds "plainporthost" ($portHost | quote) -}} - {{- $_ := set .Values.redis.creds "plainhostpass" ($hostPass | quote) -}} - {{- $_ := set .Values.redis.creds "url" ($url | quote) -}} - -{{/* Create the secret (Comment also plays a role on correct formatting) */}} -enabled: true -expandObjectName: false -data: - redis-password: {{ $dbPass }} - plain: {{ $dbHost }} - url: {{ $url }} - plainhostpass: {{ $hostPass }} - plainporthost: {{ $portHost }} - plainhost: {{ $dbHost }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.dependencies.redis.injector" -}} - {{- $secret := include "tc.v1.common.dependencies.redis.secret" . | fromYaml -}} - {{- if $secret -}} - {{- $_ := set .Values.secret (printf "%s-%s" .Release.Name "rediscreds") $secret -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/dependencies/_solrInjector.tpl b/charts/baikal/charts/common/templates/lib/dependencies/_solrInjector.tpl deleted file mode 100644 index 357122a..0000000 --- a/charts/baikal/charts/common/templates/lib/dependencies/_solrInjector.tpl +++ /dev/null @@ -1,37 +0,0 @@ -{{/* -This template generates a random password and ensures it persists across updates/edits to the chart -*/}} -{{- define "tc.v1.common.dependencies.solr.secret" -}} - -{{- if .Values.solr.enabled -}} - {{/* Use with custom-set password */}} - {{- $solrPass := .Values.solr.password -}} - - {{/* Prepare data */}} - {{- $dbHost := printf "%v-%v" .Release.Name "solr" -}} - {{- $portHost := printf "%v:8983" $dbHost -}} - {{- $url := printf "http://%v:%v@%v/url/%v" .Values.solr.solrUsername $solrPass $portHost .Values.solr.solrCores -}} - - {{/* Append some values to solr.creds, so apps using the dep, can use them */}} - {{- $_ := set .Values.solr.creds "solrPassword" ($solrPass | quote) -}} - {{- $_ := set .Values.solr.creds "plain" ($dbHost | quote) -}} - {{- $_ := set .Values.solr.creds "plainhost" ($dbHost | quote) -}} - {{- $_ := set .Values.solr.creds "portHost" ($portHost | quote) -}} - {{- $_ := set .Values.solr.creds "url" ($url | quote) -}} - -{{/* Create the secret (Comment also plays a role on correct formatting) */}} -enabled: true -expandObjectName: false -data: - solr-password: {{ $solrPass }} - url: {{ $url }} - plainhost: {{ $dbHost }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.dependencies.solr.injector" -}} - {{- $secret := include "tc.v1.common.dependencies.solr.secret" . | fromYaml -}} - {{- if $secret -}} - {{- $_ := set .Values.secret (printf "%s-%s" .Release.Name "solrcreds") $secret -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/endpoint/_addresses.tpl b/charts/baikal/charts/common/templates/lib/endpoint/_addresses.tpl deleted file mode 100644 index c80950a..0000000 --- a/charts/baikal/charts/common/templates/lib/endpoint/_addresses.tpl +++ /dev/null @@ -1,20 +0,0 @@ -{{/* Endpoint - addresses */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.endpoint.addresses" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The object data of the service -*/}} - -{{- define "tc.v1.common.lib.endpoint.addresses" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.externalIP -}} - {{- fail "EndpointSlice - Expected non-empty [externalIP]" -}} - {{- end -}} - - {{- if not (kindIs "string" $objectData.externalIP) -}} {{/* Only single IP is supported currently on this lib */}} - {{- fail (printf "EndpointSlice - Expected [externalIP] to be a [string], but got [%s]" (kindOf $objectData.externalIP)) -}} - {{- end }} - - ip: {{ tpl $objectData.externalIP $rootCtx }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/endpoint/_ports.tpl b/charts/baikal/charts/common/templates/lib/endpoint/_ports.tpl deleted file mode 100644 index de9761f..0000000 --- a/charts/baikal/charts/common/templates/lib/endpoint/_ports.tpl +++ /dev/null @@ -1,40 +0,0 @@ -{{/* Endpoint - Ports */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.endpoint.ports" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The object data of the service -*/}} - -{{- define "tc.v1.common.lib.endpoint.ports" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $tcpProtocols := (list "tcp" "http" "https") -}} - {{- range $name, $portValues := $objectData.ports -}} - {{- if $portValues.enabled -}} - {{- $protocol := $rootCtx.Values.global.fallbackDefaults.serviceProtocol -}} {{/* Default to fallback protocol, if no protocol is defined */}} - {{- $port := $portValues.targetPort | default $portValues.port -}} - - {{/* Expand targetPort */}} - {{- if (kindIs "string" $port) -}} - {{- $port = (tpl $port $rootCtx) -}} - {{- end -}} - {{- $port = int $port -}} - - {{- with $portValues.protocol -}} - {{- $protocol = tpl . $rootCtx -}} - - {{- if mustHas $protocol $tcpProtocols -}} - {{- $protocol = "tcp" -}} - {{- end -}} - {{- end }} -- name: {{ $name }} - port: {{ $port }} - protocol: {{ $protocol | upper }} - {{- with $portValues.appProtocol }} - appProtocol: {{ tpl . $rootCtx | lower }} - {{- end -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/endpointSlice/_endpoints.tpl b/charts/baikal/charts/common/templates/lib/endpointSlice/_endpoints.tpl deleted file mode 100644 index 38d81e5..0000000 --- a/charts/baikal/charts/common/templates/lib/endpointSlice/_endpoints.tpl +++ /dev/null @@ -1,21 +0,0 @@ -{{/* EndpointSlice - endpoints */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.endpointslice.endpoints" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The object data of the service -*/}} - -{{- define "tc.v1.common.lib.endpointslice.endpoints" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.externalIP -}} - {{- fail "EndpointSlice - Expected non-empty [externalIP]" -}} - {{- end -}} - - {{- if not (kindIs "string" $objectData.externalIP) -}} {{/* Only single IP is supported currently on this lib */}} - {{- fail (printf "EndpointSlice - Expected [externalIP] to be a [string], but got [%s]" (kindOf $objectData.externalIP)) -}} - {{- end }} -- addresses: - - {{ tpl $objectData.externalIP $rootCtx }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/endpointSlice/_ports.tpl b/charts/baikal/charts/common/templates/lib/endpointSlice/_ports.tpl deleted file mode 100644 index 726b96d..0000000 --- a/charts/baikal/charts/common/templates/lib/endpointSlice/_ports.tpl +++ /dev/null @@ -1,40 +0,0 @@ -{{/* EndpointSlice - Ports */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.endpointslice.ports" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The object data of the service -*/}} - -{{- define "tc.v1.common.lib.endpointslice.ports" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $tcpProtocols := (list "tcp" "http" "https") -}} - {{- range $name, $portValues := $objectData.ports -}} - {{- if $portValues.enabled -}} - {{- $protocol := $rootCtx.Values.global.fallbackDefaults.serviceProtocol -}} {{/* Default to fallback protocol, if no protocol is defined */}} - {{- $port := $portValues.targetPort | default $portValues.port -}} - - {{/* Expand targetPort */}} - {{- if (kindIs "string" $port) -}} - {{- $port = (tpl $port $rootCtx) -}} - {{- end -}} - {{- $port = int $port -}} - - {{- with $portValues.protocol -}} - {{- $protocol = tpl . $rootCtx -}} - - {{- if mustHas $protocol $tcpProtocols -}} - {{- $protocol = "tcp" -}} - {{- end -}} - {{- end }} -- name: {{ $name }} - port: {{ $port }} - protocol: {{ $protocol | upper }} - {{- with $portValues.appProtocol }} - appProtocol: {{ tpl . $rootCtx | lower }} - {{- end -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/hpa/_validation.tpl b/charts/baikal/charts/common/templates/lib/hpa/_validation.tpl deleted file mode 100644 index a8195df..0000000 --- a/charts/baikal/charts/common/templates/lib/hpa/_validation.tpl +++ /dev/null @@ -1,360 +0,0 @@ -{{- define "tc.v1.common.lib.hpa.validation" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $minReplicas := 1 -}} - {{- with $objectData.minReplicas -}} - {{- if not (mustHas (kindOf $objectData.minReplicas) (list "int" "int64" "float64")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.minReplicas] to be an integer, but got [%s]" $objectData.hpaName (kindOf $objectData.minReplicas)) -}} - {{- end -}} - {{- $minReplicas = $objectData.minReplicas -}} - {{- end -}} - - {{- $maxReplicas := 3 -}} - {{- with $objectData.maxReplicas -}} - {{- if not (mustHas (kindOf $objectData.maxReplicas) (list "int" "int64" "float64")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.maxReplicas] to be an integer, but got [%s]" $objectData.hpaName (kindOf $objectData.maxReplicas)) -}} - {{- end -}} - {{- $maxReplicas = $objectData.maxReplicas -}} - {{- end -}} - - {{- $_ := set $objectData "minReplicas" $minReplicas -}} - {{- $_ := set $objectData "maxReplicas" $maxReplicas -}} - - {{- if lt $maxReplicas $minReplicas -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.minReplicas] to be less than [hpa.%s.maxReplicas], but got [%d] and [%d]" $objectData.hpaName $objectData.hpaName ($minReplicas | int) ($maxReplicas | int)) -}} - {{- end -}} - - {{- if $objectData.behavior -}} - {{- if $objectData.behavior.scaleUp -}} - {{- include "tc.v1.common.lib.hpa.validation.behavior" (dict "objectData" $objectData "rootCtx" $rootCtx "data" $objectData.behavior.scaleUp "key" "scaleUp") -}} - {{- end -}} - {{- if $objectData.behavior.scaleDown -}} - {{- include "tc.v1.common.lib.hpa.validation.behavior" (dict "objectData" $objectData "rootCtx" $rootCtx "data" $objectData.behavior.scaleDown "key" "scaleDown") -}} - {{- end -}} - {{- end -}} - - {{- if $objectData.metrics -}} - {{- include "tc.v1.common.lib.hpa.validation.metrics" (dict "objectData" $objectData "rootCtx" $rootCtx "data" $objectData.metrics) -}} - {{- end -}} - -{{- end -}} - -{{- define "tc.v1.common.lib.hpa.validation.behavior" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $data := .data -}} - {{- $key := .key -}} - - {{- if $data.selectPolicy -}} - {{- $validSelectPolicies := list "Max" "Min" "Disabled" -}} - {{- if not (mustHas $data.selectPolicy $validSelectPolicies) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.behavior.%s.selectPolicy] to be one of [%s], but got [%s]" $objectData.hpaName $key (join ", " $validSelectPolicies) $data.selectPolicy) -}} - {{- end -}} - {{- end -}} - - {{- if $data.stabilizationWindowSeconds -}} - {{- if not (mustHas (kindOf $data.stabilizationWindowSeconds) (list "int" "int64" "float64")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.behavior.%s.stabilizationWindowSeconds] to be an integer, but got [%s]" $objectData.hpaName $key (kindOf $data.stabilizationWindowSeconds)) -}} - {{- end -}} - {{- end -}} - - {{- if $data.policies -}} - {{- if not (kindIs "slice" $data.policies) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.behavior.%s.policies] to be a list, but got [%s]" $objectData.hpaName $key (kindOf $data.policies)) -}} - {{- end -}} - - {{- $validPolicies := list "Pods" "Percent" -}} - {{- range $idx, $policy := $data.policies -}} - {{- if not (kindIs "map" $policy) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.behavior.%s.policies.%d] to be a map, but got [%s]" $objectData.hpaName $key $idx (kindOf $policy)) -}} - {{- end -}} - - {{- if not (mustHas $policy.type $validPolicies) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.behavior.%s.policies.%d.type] to be one of [%s], but got [%s]" $objectData.hpaName $key $idx (join ", " $validPolicies) $policy.type) -}} - {{- end -}} - - {{- if not (mustHas (kindOf $policy.value) (list "int" "int64" "float64")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.behavior.%s.policies.%d.value] to be an integer, but got [%s]" $objectData.hpaName $key $idx (kindOf $policy.value)) -}} - {{- end -}} - - {{- if not (mustHas (kindOf $policy.periodSeconds) (list "int" "int64" "float64")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.behavior.%s.policies.%d.periodSeconds] to be an integer, but got [%s]" $objectData.hpaName $key $idx (kindOf $policy.periodSeconds)) -}} - {{- end -}} - - {{- if le ($policy.value | int) 0 -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.behavior.%s.policies.%d.value] to be greater than 0, but got [%v]" $objectData.hpaName $key $idx $policy.value) -}} - {{- end -}} - - {{- if or (lt ($policy.periodSeconds | int) 1) (gt ($policy.periodSeconds | int) 1800) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.behavior.%s.policies.%d.periodSeconds] to be between 1 and 1800, but got [%v]" $objectData.hpaName $key $idx $policy.periodSeconds) -}} - {{- end -}} - - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.hpa.validation.metrics" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- if not (kindIs "slice" $objectData.metrics) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics] to be a list, but got [%s]" $objectData.hpaName (kindOf $objectData.metrics)) -}} - {{- end -}} - - {{- range $idx, $metric := $objectData.metrics -}} - {{- if not (kindIs "map" $metric) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric)) -}} - {{- end -}} - - {{- if not (mustHas $metric.type (list "Resource" "Pods" "Object" "External" "ContainerResource")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.type] to be one of [Resource, Pods, Object, External, ContainerResource], but got [%s]" $objectData.hpaName $idx $metric.type) -}} - {{- end -}} - - {{- if eq $metric.type "Resource" -}} - {{- include "tc.v1.common.lib.hpa.validation.metrics.resource" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric "idx" $idx) -}} - {{- else if eq $metric.type "Pods" -}} - {{- include "tc.v1.common.lib.hpa.validation.metrics.pods" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric "idx" $idx) -}} - {{- else if eq $metric.type "Object" -}} - {{- include "tc.v1.common.lib.hpa.validation.metrics.object" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric "idx" $idx) -}} - {{- else if eq $metric.type "External" -}} - {{- include "tc.v1.common.lib.hpa.validation.metrics.external" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric "idx" $idx) -}} - {{- else if eq $metric.type "ContainerResource" -}} - {{- include "tc.v1.common.lib.hpa.validation.metrics.containerResource" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric "idx" $idx) -}} - {{- end -}} - - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.hpa.validation.metrics.resource" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $metric := .metric -}} - {{- $idx := .idx -}} - - {{- if not (kindIs "map" $metric.resource) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.resource] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.resource)) -}} - {{- end -}} - - {{- $validNames := list "cpu" "memory" -}} - {{- if not (mustHas $metric.resource.name $validNames) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.resource.name] to be one of [%s], but got [%s]" $objectData.hpaName $idx (join ", " $validNames) $metric.resource.name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.hpa.validation.metrics.metric.target" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric.resource "key" "resource" "idx" $idx) -}} -{{- end -}} - -{{- define "tc.v1.common.lib.hpa.validation.metrics.containerResource" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $metric := .metric -}} - {{- $idx := .idx -}} - - {{- if not (kindIs "map" $metric.containerResource) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.containerResource] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.containerResource)) -}} - {{- end -}} - - {{- $validNames := list "cpu" "memory" -}} - {{- if not (mustHas $metric.containerResource.name $validNames) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.containerResource.name] to be one of [%s], but got [%s]" $objectData.hpaName $idx (join ", " $validNames) $metric.containerResource.name) -}} - {{- end -}} - - {{- if not (mustHas $metric.containerResource.container $objectData.containerNames) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.containerResource.container] to be one of [%s], but got [%s]" $objectData.hpaName $idx (join ", " $objectData.containerNames) $metric.containerResource.container) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.hpa.validation.metrics.metric.target" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric.containerResource "key" "containerResource" "idx" $idx) -}} -{{- end -}} - -{{- define "tc.v1.common.lib.hpa.validation.metrics.pods" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $metric := .metric -}} - {{- $idx := .idx -}} - - {{- if not (kindIs "map" $metric.pods) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.pods] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.pods)) -}} - {{- end -}} - - {{- if not (kindIs "map" $metric.pods.metric) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.pods.metric] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.pods.metric)) -}} - {{- end -}} - - {{- if or (not $metric.pods.metric.name) (not (kindIs "string" $metric.pods.metric.name)) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.pods.metric.name] to be a string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.pods.metric.name)) -}} - {{- end -}} - - {{- if not (kindIs "map" $metric.pods.target) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.pods.target] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.pods.target)) -}} - {{- end -}} - - {{- if not (mustHas (kindOf $metric.pods.target.averageValue) (list "int" "int64" "float64" "string")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.pods.target.averageValue] to be an integer or string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.pods.target.averageValue)) -}} - {{- end -}} - - {{- if $metric.pods.metric.selector -}} - {{- include "tc.v1.common.lib.hpa.validation.metric.selector" (dict "objectData" $objectData "rootCtx" $rootCtx "data" $metric.pods "key" "pods" "idx" $idx) -}} - {{- end -}} - -{{- end -}} - -{{- define "tc.v1.common.lib.hpa.validation.metric.selector" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $data := .data -}} - {{- $key := .key -}} - {{- $idx := .idx -}} - - {{- if not (kindIs "map" $data.metric.selector) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.%s.metric.selector] to be a map, but got [%s]" $objectData.hpaName $idx $key (kindOf $data.metric.selector)) -}} - {{- end -}} - - {{- if not (kindIs "map" $data.metric.selector.matchLabels) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.%s.metric.selector.matchLabels] to be a map, but got [%s]" $objectData.hpaName $idx $key (kindOf $data.metric.selector.matchLabels)) -}} - {{- end -}} - - {{- range $k, $v := $data.metric.selector.matchLabels -}} - {{- if not (kindIs "string" $k) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.%s.metric.selector.matchLabels] to have string keys, but got [%s]" $objectData.hpaName $idx $key (kindOf $k)) -}} - {{- end -}} - - {{- if not (kindIs "string" $v) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.%s.metric.selector.matchLabels.%s] to be a string, but got [%s]" $objectData.hpaName $idx $key $k (kindOf $v)) -}} - {{- end -}} - {{- end -}} - -{{- end -}} - -{{- define "tc.v1.common.lib.hpa.validation.metrics.object" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $metric := .metric -}} - {{- $idx := .idx -}} - - {{- if not (kindIs "map" $metric.object) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.object)) -}} - {{- end -}} - - {{- if not (kindIs "map" $metric.object.metric) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object.metric] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.object.metric)) -}} - {{- end -}} - - {{- if or (not $metric.object.metric.name) (not (kindIs "string" $metric.object.metric.name)) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object.metric.name] to be a string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.object.metric.name)) -}} - {{- end -}} - - {{- if not (kindIs "map" $metric.object.target) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object.target] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.object.target)) -}} - {{- end -}} - - {{- $validTypes := list "AverageValue" "Value" -}} - {{- if not (mustHas $metric.object.target.type $validTypes) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object.target.type] to be one of [%s], but got [%s]" $objectData.hpaName $idx (join ", " $validTypes) $metric.object.target.type) -}} - {{- end -}} - - {{- if eq $metric.object.target.type "AverageValue" -}} - {{- if not (mustHas (kindOf $metric.object.target.averageValue) (list "int" "int64" "float64" "string")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object.target.averageValue] to be an integer or string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.object.target.averageValue)) -}} - {{- end -}} - {{- else if eq $metric.object.target.type "Value" -}} - {{- if not (mustHas (kindOf $metric.object.target.value) (list "int" "int64" "float64" "string")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object.target.value] to be an integer or string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.object.target.value)) -}} - {{- end -}} - {{- end -}} - - {{- if $metric.object.metric.selector -}} - {{- include "tc.v1.common.lib.hpa.validation.metric.selector" (dict "objectData" $objectData "rootCtx" $rootCtx "data" $metric.object "key" "object" "idx" $idx) -}} - {{- end -}} - - {{- if not (kindIs "map" $metric.object.describedObject) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object.describedObject] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.object.describedObject)) -}} - {{- end -}} - - {{- if or (not $metric.object.describedObject.name) (not (kindIs "string" $metric.object.describedObject.name)) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object.describedObject.name] to be a string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.object.describedObject.name)) -}} - {{- end -}} - - {{- if or (not $metric.object.describedObject.kind) (not (kindIs "string" $metric.object.describedObject.kind)) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object.describedObject.kind] to be a string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.object.describedObject.kind)) -}} - {{- end -}} - - {{- if or (not $metric.object.describedObject.apiVersion) (not (kindIs "string" $metric.object.describedObject.apiVersion)) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object.describedObject.apiVersion] to be a string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.object.describedObject.apiVersion)) -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.hpa.validation.metrics.external" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $metric := .metric -}} - {{- $idx := .idx -}} - - {{- if not (kindIs "map" $metric.external) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.external] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.external)) -}} - {{- end -}} - - {{- if not (kindIs "map" $metric.external.metric) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.external.metric] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.external.metric)) -}} - {{- end -}} - - {{- if or (not $metric.external.metric.name) (not (kindIs "string" $metric.external.metric.name)) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.external.metric.name] to be a string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.external.metric.name)) -}} - {{- end -}} - - {{- if not (kindIs "map" $metric.external.target) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.external.target] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.external.target)) -}} - {{- end -}} - - {{- $validTypes := list "AverageValue" "Value" -}} - {{- if not (mustHas $metric.external.target.type $validTypes) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.external.target.type] to be one of [%s], but got [%s]" $objectData.hpaName $idx (join ", " $validTypes) $metric.external.target.type) -}} - {{- end -}} - - {{- if eq $metric.external.target.type "AverageValue" -}} - {{- if not (mustHas (kindOf $metric.external.target.averageValue) (list "int" "int64" "float64" "string")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.external.target.averageValue] to be an integer or string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.external.target.averageValue)) -}} - {{- end -}} - {{- else if eq $metric.external.target.type "Value" -}} - {{- if not (mustHas (kindOf $metric.external.target.value) (list "int" "int64" "float64" "string")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.external.target.value] to be an integer or string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.external.target.value)) -}} - {{- end -}} - {{- end -}} - - {{- if $metric.external.metric.selector -}} - {{- include "tc.v1.common.lib.hpa.validation.metric.selector" (dict "objectData" $objectData "rootCtx" $rootCtx "data" $metric.external "key" "external" "idx" $idx) -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.hpa.validation.metrics.metric.target" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $data := .metric -}} - {{- $key := .key -}} - {{- $idx := .idx -}} - - {{- if not (kindIs "map" $data.target) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.%s.target] to be a map, but got [%s]" $objectData.hpaName $idx $key (kindOf $data.target)) -}} - {{- end -}} - - {{- $validTargetTypes := list "AverageValue" "Utilization" -}} - {{- if not (mustHas $data.target.type $validTargetTypes) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.%s.target.type] to be one of [%s], but got [%s]" $objectData.hpaName $idx $key (join ", " $validTargetTypes) $data.target.type) -}} - {{- end -}} - - {{- if eq $data.target.type "AverageValue" -}} - {{- if not (mustHas (kindOf $data.target.averageValue) (list "int" "int64" "float64" "string")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.%s.target.averageValue] to be an integer or string, but got [%s]" $objectData.hpaName $idx $key (kindOf $data.target.averageValue)) -}} - {{- end -}} - {{- else if eq $data.target.type "Utilization" -}} - {{- if not (mustHas (kindOf $data.target.averageUtilization) (list "int" "int64" "float64")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.%s.target.averageUtilization] to be an integer, but got [%s]" $objectData.hpaName $idx $key (kindOf $data.target.averageUtilization)) -}} - {{- end -}} - {{- end -}} - - {{- if $data.target.value -}} - {{- if not (mustHas (kindOf $data.target.value) (list "int" "int64" "float64" "string")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.%s.target.value] to be an integer or string, but got [%s]" $objectData.hpaName $idx $key (kindOf $data.target.value)) -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/imagePullSecret/_createData.tpl b/charts/baikal/charts/common/templates/lib/imagePullSecret/_createData.tpl deleted file mode 100644 index 5ebef01..0000000 --- a/charts/baikal/charts/common/templates/lib/imagePullSecret/_createData.tpl +++ /dev/null @@ -1,43 +0,0 @@ -{{/* Configmap Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.imagePullSecret.createData" (dict "objectData" $objectData "root" $rootCtx) -}} -rootCtx: The root context of the chart. -objectData: - data: The data of the imagePullSecret. -*/}} - -{{- define "tc.v1.common.lib.imagePullSecret.createData" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $registrySecret := dict -}} - - {{/* Auth is b64encoded and then the whole secret is b64encoded */}} - {{- $auth := printf "%s:%s" (tpl $objectData.data.username $rootCtx) (tpl $objectData.data.password $rootCtx) | b64enc -}} - - {{- $registry := dict -}} - {{- with $objectData.data -}} - {{- $registry = (dict "username" (tpl .username $rootCtx) "password" (tpl .password $rootCtx) - "email" (tpl .email $rootCtx) "auth" $auth) -}} - {{- end -}} - - {{- $registryKey := tpl $objectData.data.registry $rootCtx -}} - {{- $_ := set $registrySecret "auths" (dict $registryKey $registry) -}} - - {{/* - This should result in something like this: - { - "auths": { - "$registry": { - "username": "$username", - "password": "$password", - "email": "$email", - "auth": "($username:$password) base64" - } - } -} -*/}} - - {{/* Return the registrySecret as Json */}} - {{- $registrySecret | toJson -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/imagePullSecret/_validation.tpl b/charts/baikal/charts/common/templates/lib/imagePullSecret/_validation.tpl deleted file mode 100644 index 3162c83..0000000 --- a/charts/baikal/charts/common/templates/lib/imagePullSecret/_validation.tpl +++ /dev/null @@ -1,27 +0,0 @@ -{{/* Configmap Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.imagePullSecret.validation" (dict "objectData" $objectData) -}} -objectData: - labels: The labels of the imagePullSecret. - annotations: The annotations of the imagePullSecret. - data: The data of the imagePullSecret. -*/}} - -{{- define "tc.v1.common.lib.imagePullSecret.validation" -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.data -}} - {{- fail "Image Pull Secret - Expected non-empty [data]" -}} - {{- end -}} - - {{- if not (kindIs "map" $objectData.data) -}} - {{- fail (printf "Image Pull Secret - Expected [data] to be a dictionary, but got [%v]" (kindOf $objectData.data)) -}} - {{- end -}} - - {{- range $key := (list "username" "password" "registry" "email") -}} - {{- if not (get $objectData.data $key) -}} - {{- fail (printf "Image Pull Secret - Expected non-empty [%s]" $key) -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/ingress/_serviceData.tpl b/charts/baikal/charts/common/templates/lib/ingress/_serviceData.tpl deleted file mode 100644 index 3190dbf..0000000 --- a/charts/baikal/charts/common/templates/lib/ingress/_serviceData.tpl +++ /dev/null @@ -1,35 +0,0 @@ -{{- define "tc.v1.common.lib.ingress.backend.data" -}} - {{- $rootCtx := .rootCtx -}} - {{- $svcData := .svcData -}} - {{- $override := .override -}} - - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - - {{- with $override -}} - {{- $name := .name -}} - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $rootCtx "objectData" . "name" $name - "caller" "Ingress" "key" "overrideService" - )) -}} - - {{/* Init */}} - {{- $expName := $name -}} - - {{/* Expand if needed */}} - {{- if eq $expandName "true" -}} - {{/* But first check if the svc is primary */}} - {{- $svc := (get $rootCtx.Values.service $name) | default dict -}} - - {{- if $svc.primary -}} {{/* If primary, use fullname */}} - {{- $expName = $fullname -}} - {{- else -}} {{/* If not primary, use fullname + name */}} - {{- $expName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- end -}} - - {{- $svcData = (dict "name" $expName "port" .port) -}} - {{- end -}} - - {{- $svcData | toYaml -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/ingress/_targetSelector.tpl b/charts/baikal/charts/common/templates/lib/ingress/_targetSelector.tpl deleted file mode 100644 index 91a1e02..0000000 --- a/charts/baikal/charts/common/templates/lib/ingress/_targetSelector.tpl +++ /dev/null @@ -1,90 +0,0 @@ -{{/* Returns the selected service or fallback to primary */}} -{{- define "tc.v1.common.lib.ingress.targetSelector" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $selectedService := (dict "name" "" "port" 0) -}} - {{- $svcData := dict -}} - {{- $portData := dict -}} - {{- $svcName := "" -}} - {{- $portName := "" -}} - - {{- if $objectData.targetSelector -}} - {{/* We have validation that only 1 key is allowed */}} - {{- $svcName = ($objectData.targetSelector | keys | mustFirst) -}} - {{- $portName = (get $objectData.targetSelector $svcName) -}} - {{- $svcData = (get $rootCtx.Values.service $svcName) -}} - - {{- if not $svcData -}} - {{- fail (printf "Ingress - Expected targeted service [%s] to exist" $svcName) -}} - {{- end -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $svcData - "name" $svcName "caller" "Ingress" - "key" "ingress")) -}} - - {{- if ne $enabled "true" -}} - {{- fail (printf "Ingress - Expected targeted service [%s] to be enabled" $svcName) -}} - {{- end -}} - - {{- else -}} - {{/* Find the primary service */}} - {{- range $name, $service := $rootCtx.Values.service -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $service - "name" $name "caller" "Ingress" - "key" "ingress")) -}} - - {{/* Check if its enabled */}} - {{- if eq $enabled "true" -}} - - {{- if $service.primary -}} - {{- $svcName = $name -}} - {{- $svcData = $service -}} - - {{/* Find the primary port */}} - {{- range $name, $port := $svcData.ports -}} - {{- if $port.primary -}} - {{- $portName = $name -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if not $svcData -}} - {{- fail "Ingress - Expected [targetSelector] or a primary service to exist" -}} - {{- end -}} - - {{- end -}} - - {{- $portData = (get $svcData.ports $portName) -}} - {{- if not $portData -}} - {{- fail (printf "Ingress - Expected targeted service [%s] to have port [%s]" $svcName $portName) -}} - {{- end -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $portData - "name" $portName "caller" "Ingress" - "key" "ingress")) -}} - - {{- if ne $enabled "true" -}} - {{- fail (printf "Ingress - Expected targeted service port [%s] to be enabled" $portName) -}} - {{- end -}} - - {{- $expandedSvcName := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - {{- if not $svcData.primary -}} - {{- $expandedSvcName = printf "%s-%s" $expandedSvcName $svcName -}} - {{- end -}} - - {{- $protocol := default "http" -}} - {{- if eq $portData.protocol "https" -}} - {{- $protocol = "https" -}} - {{- end -}} - - {{- $selectedService = (dict "name" $expandedSvcName "port" (tpl ($portData.port | toString) $rootCtx) "protocol" $protocol) -}} - - {{- $selectedService | toYaml -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/ingress/_validation.tpl b/charts/baikal/charts/common/templates/lib/ingress/_validation.tpl deleted file mode 100644 index 1b03836..0000000 --- a/charts/baikal/charts/common/templates/lib/ingress/_validation.tpl +++ /dev/null @@ -1,189 +0,0 @@ -{{/* Ingress Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.ingress.validation" (dict "rootCtx" $ "objectData" $objectData) -}} -objectData: - rootCtx: The root context of the chart. - objectData: The Ingress object. -*/}} - -{{- define "tc.v1.common.lib.ingress.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if $objectData.targetSelector -}} - {{- if not (kindIs "map" $objectData.targetSelector) -}} - {{- fail (printf "Ingress - Expected [targetSelector] to be a [map], but got [%s]" (kindOf $objectData.targetSelector)) -}} - {{- end -}} - - {{- $selectors := $objectData.targetSelector | keys | len -}} - {{- if (gt $selectors 1) -}} - {{ fail (printf "Ingress - Expected [targetSelector] to have exactly one key, but got [%d]" $selectors) -}} - {{- end -}} - - {{- range $k, $v := $objectData.targetSelector -}} - {{- if not $v -}} - {{- fail (printf "Ingress - Expected [targetSelector.%s] to have a value" $k) -}} - {{- end -}} - - {{- if not (kindIs "string" $v) -}} - {{- fail (printf "Ingress - Expected [targetSelector.%s] to be a [string], but got [%s]" $k (kindOf $v)) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if $objectData.ingressClassName -}} - {{- $icn := tpl $objectData.ingressClassName $rootCtx -}} - {{- if eq $icn "tc-stopped" -}} - {{- fail "Ingress - Expected [ingressClassName] to not be [tc-stopped], this is reserved for internal use" -}} - {{- end -}} - {{- end -}} - - {{- if not $objectData.hosts -}} - {{- fail "Ingress - Expected non-empty [hosts]" -}} - {{- end -}} - - {{- if not (kindIs "slice" $objectData.hosts) -}} - {{- fail (printf "Ingress - Expected [hosts] to be a [slice], but got [%s]" (kindOf $objectData.hosts)) -}} - {{- end -}} - - {{- range $h := $objectData.hosts -}} - {{- if not $h.host -}} - {{- fail "Ingress - Expected non-empty [hosts.host]" -}} - {{- end -}} - - {{- $host := tpl $h.host $rootCtx -}} - {{- if (hasPrefix "http://" $host) -}} - {{- fail (printf "Ingress - Expected [hosts.host] to not start with [http://], but got [%s]" $host) -}} - {{- end -}} - {{- if (hasPrefix "https://" $host) -}} - {{- fail (printf "Ingress - Expected [hosts.host] to not start with [https://], but got [%s]" $host) -}} - {{- end -}} - {{- if (contains ":" $host) -}} - {{- fail (printf "Ingress - Expected [hosts.host] to not contain [:], but got [%s]" $host) -}} - {{- end -}} - - {{- if and $h.paths (not (kindIs "slice" $h.paths)) -}} - {{- fail (printf "Ingress - Expected [hosts.paths] to be a [slice], but got [%s]" (kindOf $h.paths)) -}} - {{- end -}} - - {{- range $p := $h.paths -}} - {{- $pathType := "Prefix" -}} - {{- if $p.pathType -}} - {{- $pathType = tpl $p.pathType $rootCtx -}} - {{- end -}} - - {{- $validPathTypes := (list "Prefix" "Exact" "ImplementationSpecific") -}} - {{- if not (mustHas $pathType $validPathTypes) -}} - {{- fail (printf "Ingress - Expected [hosts.paths.pathType] to be one of [%s], but got [%s]" (join ", " $validPathTypes) $pathType) -}} - {{- end -}} - - {{- $path := tpl ($p.path | default "/") $rootCtx -}} - {{- $prefixSlashTypes := (list "Prefix" "Exact") -}} - {{- if (mustHas $pathType $prefixSlashTypes) -}} - {{- if and $path (not (hasPrefix "/" $path)) -}} - {{- fail (printf "Ingress - Expected [hosts.paths.path] to start with [/], but got [%s]" $path) -}} - {{- end -}} - {{- end -}} - - {{/* If at least one thing in overrideService is defined... */}} - {{- with $p.overrideService -}} - {{- if not .name -}} - {{- fail "Ingress - Expected non-empty [hosts.paths.overrideService.name]" -}} - {{- end -}} - {{- if not .port -}} - {{- fail "Ingress - Expected non-empty [hosts.paths.overrideService.port]" -}} - {{- end -}} - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- range $t := $objectData.tls -}} - {{- if not $t.hosts -}} - {{- fail "Ingress - Expected non-empty [tls.hosts]" -}} - {{- end -}} - - {{- if not (kindIs "slice" $t.hosts) -}} - {{- fail (printf "Ingress - Expected [tls.hosts] to be a [slice], but got [%s]" (kindOf $t.hosts)) -}} - {{- end -}} - - {{- range $h := $t.hosts -}} - {{- if not $h -}} - {{- fail "Ingress - Expected non-empty entry in [tls.hosts]" -}} - {{- end -}} - - {{- $host := tpl $h $rootCtx -}} - {{- if (hasPrefix "http://" $host) -}} - {{- fail (printf "Ingress - Expected entry in [tls.hosts] to not start with [http://], but got [%s]" $host) -}} - {{- end -}} - {{- if (hasPrefix "https://" $host) -}} - {{- fail (printf "Ingress - Expected entry in [tls.hosts] to not start with [https://], but got [%s]" $host) -}} - {{- end -}} - {{- if (contains ":" $host) -}} - {{- fail (printf "Ingress - Expected entry in [tls.hosts] to not contain [:], but got [%s]" $host) -}} - {{- end -}} - {{- end -}} - - {{- $certOptions := (list "secretName" "certificateIssuer" "clusterCertificate") -}} - {{- $optsSet := list -}} - {{- range $opt := $certOptions -}} - {{- if (get $t $opt) -}} - {{- $optsSet = mustAppend $optsSet $opt -}} - {{- end -}} - {{- end -}} - - {{- if gt ($optsSet | len) 1 -}} - {{- fail (printf "Ingress - Expected only one of [%s] to be set, but got [%s]" (join ", " $certOptions) (join ", " $optsSet)) -}} - {{- end -}} - - {{- end -}} - -{{- end -}} - -{{/* Ingress Primary Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.ingress.primaryValidation" $ -}} -*/}} -{{- define "tc.v1.common.lib.ingress.primaryValidation" -}} - {{- $result := (include "tc.v1.common.lib.ingress.hasPrimary" $) | fromJson -}} - - {{/* Require at least one primary ingress, if any enabled */}} - {{- if and $result.hasEnabled (not $result.hasPrimary) -}} - {{- fail "Ingress - At least one enabled ingress must be primary" -}} - {{- end -}} - -{{- end -}} - -{{- define "tc.v1.common.lib.ingress.hasPrimary" -}} - - {{/* Initialize values */}} - {{- $hasPrimary := false -}} - {{- $hasEnabled := false -}} - - {{- range $name, $ingress := $.Values.ingress -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $ingress - "name" $name "caller" "Ingress" - "key" "ingress")) -}} - - {{/* If ingress is enabled */}} - {{- if eq $enabled "true" -}} - {{- $hasEnabled = true -}} - - {{/* And ingress is primary */}} - {{- if and (hasKey $ingress "primary") ($ingress.primary) -}} - {{/* Fail if there is already a primary ingress */}} - {{- if $hasPrimary -}} - {{- fail "Ingress - Only one ingress can be primary" -}} - {{- end -}} - - {{- $hasPrimary = true -}} - - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- (dict "hasPrimary" $hasPrimary "hasEnabled" $hasEnabled) | toJson -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/ingress/integrations/_certManager.tpl b/charts/baikal/charts/common/templates/lib/ingress/integrations/_certManager.tpl deleted file mode 100644 index 2df0cdb..0000000 --- a/charts/baikal/charts/common/templates/lib/ingress/integrations/_certManager.tpl +++ /dev/null @@ -1,29 +0,0 @@ -{{- define "tc.v1.common.lib.ingress.integration.certManager" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $certManager := $objectData.integrations.certManager -}} - - {{- if $certManager.enabled -}} - {{- include "tc.v1.common.lib.ingress.integration.certManager.validate" (dict "objectData" $objectData) -}} - - {{- $_ := set $objectData.annotations "cert-manager.io/cluster-issuer" $certManager.certificateIssuer -}} - {{- $_ := set $objectData.annotations "cert-manager.io/private-key-rotation-policy" "Always" -}} - - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.ingress.integration.certManager.validate" -}} - {{- $objectData := .objectData -}} - - {{- $certManager := $objectData.integrations.certManager -}} - - {{- if not $certManager.certificateIssuer -}} - {{- fail "Ingress - Expected a non-empty [integrations.certManager.certificateIssuer]" -}} - {{- end -}} - - {{- if not (kindIs "string" $certManager.certificateIssuer) -}} - {{- fail (printf "Ingress - Expected [integrations.certManager.certificateIssuer] to be a [string], but got [%s]" (kindOf $certManager.certificateIssuer)) -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/ingress/integrations/_homepage.tpl b/charts/baikal/charts/common/templates/lib/ingress/integrations/_homepage.tpl deleted file mode 100644 index 9a400c8..0000000 --- a/charts/baikal/charts/common/templates/lib/ingress/integrations/_homepage.tpl +++ /dev/null @@ -1,119 +0,0 @@ -{{- define "tc.v1.common.lib.ingress.integration.homepage" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $homepage := $objectData.integrations.homepage -}} - {{- if and $homepage $homepage.enabled -}} - {{- if not (hasKey $homepage "widget") -}} - {{- $_ := set $objectData.integrations.homepage "widget" dict -}} - {{- end -}} - - {{- $widEnabled := true -}} - {{- if and (hasKey $homepage.widget "enabled") (kindIs "bool" $homepage.widget.enabled) -}} - {{- $widEnabled = $homepage.widget.enabled -}} - {{- end -}} - - {{- include "tc.v1.common.lib.ingress.integration.homepage.validation" (dict "objectData" $objectData) -}} - - {{- $name := $homepage.name | default ($rootCtx.Release.Name | camelcase | title) -}} - {{- $desc := $homepage.description | default $rootCtx.Chart.Description -}} - {{- $icon := $homepage.icon | default $rootCtx.Chart.Icon -}} - {{- $defaultType := $rootCtx.Chart.Name | lower -}} - {{/* Remove any non-characters from the default type */}} - {{- $defaultType = regexReplaceAll "\\W+" $defaultType "" -}} - {{- $type := $homepage.widget.type | default $defaultType -}} - {{- $url := $homepage.widget.url -}} - {{- $version := $homepage.widget.version | default 1 | toString -}} - {{- $href := $homepage.href -}} - - {{- if not $href -}} - {{- $fHost := $objectData.hosts | mustFirst -}} - {{- $fPath := $fHost.paths | mustFirst -}} - {{- $host := tpl $fHost.host $rootCtx -}} - {{- $path := tpl $fPath.path $rootCtx -}} - - {{- $href = printf "https://%s/%s" $host ($path | trimPrefix "/") -}} - {{- end -}} - - {{- if not $url -}} - {{- $svc := $objectData.selectedService.name -}} - {{- $port := $objectData.selectedService.port -}} - {{- $prot := $objectData.selectedService.protocol -}} - {{- $ns := include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Ingress") -}} - - {{- $url = printf "%s://%s.%s.svc:%s" $prot $svc $ns $port -}} - {{- end -}} - - {{- $_ := set $objectData.annotations "gethomepage.dev/enabled" "true" -}} - {{- $_ := set $objectData.annotations "gethomepage.dev/name" (tpl $name $rootCtx) -}} - {{- $_ := set $objectData.annotations "gethomepage.dev/href" (tpl $href $rootCtx) -}} - {{- $_ := set $objectData.annotations "gethomepage.dev/description" (tpl $desc $rootCtx) -}} - {{- $_ := set $objectData.annotations "gethomepage.dev/icon" (tpl $icon $rootCtx) -}} - {{- with $homepage.group -}} - {{- $_ := set $objectData.annotations "gethomepage.dev/group" (tpl . $rootCtx) -}} - {{- end -}} - - {{- with $homepage.weight -}} - {{- $_ := set $objectData.annotations "gethomepage.dev/weight" (. | toString) -}} - {{- end -}} - - {{- $selector := printf "app.kubernetes.io/instance=%s,pod.lifecycle in (permanent)" $rootCtx.Release.Name -}} - {{- with $homepage.podSelector -}} - {{- $selector = (printf "pod.name in (%s),pod.lifecycle in (permanent)" (join "," .)) -}} - {{- end -}} - {{- $_ := set $objectData.annotations "gethomepage.dev/pod-selector" $selector -}} - - {{- if $widEnabled -}} - {{- $_ := set $objectData.annotations "gethomepage.dev/widget.type" (tpl $type $rootCtx) -}} - {{- $_ := set $objectData.annotations "gethomepage.dev/widget.version" (tpl $version $rootCtx) -}} - - {{- with $url -}} - {{- $_ := set $objectData.annotations "gethomepage.dev/widget.url" (tpl $url $rootCtx) -}} - {{- end -}} - - {{- if $homepage.widget.custom -}} - {{- range $k, $v := $homepage.widget.custom -}} - {{- if $v -}} - {{- $_ := set $objectData.annotations (printf "gethomepage.dev/widget.%s" $k) (tpl $v $rootCtx | toString) -}} - {{- end -}} - {{- end -}} - {{- range $homepage.widget.customkv -}} - {{- if .value -}} - {{- $_ := set $objectData.annotations (printf "gethomepage.dev/widget.%s" .key ) (tpl .value $rootCtx | toString) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- end -}} - - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.ingress.integration.homepage.validation" -}} - {{- $objectData := .objectData -}} - - {{- $homepage := $objectData.integrations.homepage -}} - - {{- with $homepage.podSelector -}} - {{- if not (kindIs "slice" .) -}} - {{- fail (printf "Ingress - Expected [integrations.homepage.podSelector] to be a [slice], but got [%s]" (kindOf .)) -}} - {{- end -}} - {{- end -}} - - {{- if $homepage.widget.custom -}} - {{- if not (kindIs "map" $homepage.widget.custom) -}} - {{- fail (printf "Ingress - Expected [integrations.homepage.widget.custom] to be a [map], but got [%s]" (kindOf $homepage.widget.custom)) -}} - {{- end -}} - {{- end -}} - - {{- if $homepage.widget.customkv -}} - {{- if not (kindIs "slice" $homepage.widget.customkv) -}} - {{- fail (printf "Ingress - Expected [integrations.homepage.widget.customkv] to be a [slice], but got [%s]" (kindOf $homepage.widget.customkv)) -}} - {{- end -}} - {{- range $item := $homepage.widget.customkv -}} - {{- if not $item.key -}} - {{- fail "Ingress - Expected non-empty [key] in [integrations.homepage.widget.customkv]" -}} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/ingress/integrations/_nginx.tpl b/charts/baikal/charts/common/templates/lib/ingress/integrations/_nginx.tpl deleted file mode 100644 index 8c53b1b..0000000 --- a/charts/baikal/charts/common/templates/lib/ingress/integrations/_nginx.tpl +++ /dev/null @@ -1,32 +0,0 @@ -{{- define "tc.v1.common.lib.ingress.integration.nginx" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $nginx := $objectData.integrations.nginx -}} - - {{- if $nginx.enabled -}} - - {{/* ipWhiteList */}} - {{- if $nginx.ipWhitelist -}} - {{- include "tc.v1.common.lib.ingress.integration.nginx.ipWhitelist" (dict "objectData" $objectData "whiteList" $nginx.ipWhitelist) -}} - {{- end -}} - - {{/* themePark */}} - {{- if and $nginx.themePark $nginx.themePark.enabled -}} - {{- include "tc.v1.common.lib.ingress.integration.nginx.themePark" (dict "objectData" $objectData "themePark" $nginx.themePark) -}} - {{- end -}} - - {{/* Auth */}} - {{- $validAuthTypes := (list "authentik" "authelia") -}} - {{- if and $nginx.auth $nginx.auth.type -}} - {{- if eq $nginx.auth.type "authentik" -}} - {{- include "tc.v1.common.lib.ingress.integration.nginx.auth.authentik" (dict "objectData" $objectData "auth" $nginx.auth) -}} - {{- else if eq $nginx.auth.type "authelia" -}} - {{- include "tc.v1.common.lib.ingress.integration.nginx.auth.authelia" (dict "objectData" $objectData "auth" $nginx.auth) -}} - {{- else -}} - {{- fail (printf "Ingress - Expected [integrations.nginx.auth.type] to be one of [%s], but got [%s]" (join ", " $validAuthTypes) $nginx.auth.type) -}} - {{- end -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/ingress/integrations/_traefik.tpl b/charts/baikal/charts/common/templates/lib/ingress/integrations/_traefik.tpl deleted file mode 100644 index 41ecb6f..0000000 --- a/charts/baikal/charts/common/templates/lib/ingress/integrations/_traefik.tpl +++ /dev/null @@ -1,112 +0,0 @@ -{{- define "tc.v1.common.lib.ingress.integration.traefik" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - {{- $ingMiddlewares := $rootCtx.Values.ingressMiddlewares -}} - {{- if $ingMiddlewares -}} - {{- $ingMiddlewares = $ingMiddlewares.traefik | default dict -}} - {{- end -}} - - {{- $traefik := $objectData.integrations.traefik -}} - {{- $enabled := "false" -}} - {{- if and (hasKey $traefik "enabled") (kindIs "bool" $traefik.enabled) -}} - {{- $enabled = $traefik.enabled | toString -}} - {{- end -}} - - {{- if eq $enabled "true" -}} - {{- include "tc.v1.common.lib.ingress.integration.traefik.validate" (dict "objectData" $objectData) -}} - {{- $namespace := include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Traefik Integration") -}} - - {{- $entrypoints := $traefik.entrypoints | default (list "websecure") -}} - {{- $middlewares := list -}} - - {{/* Add the user, common and chart middlewares */}} - {{- if $rootCtx.Values.global.traefik.commonMiddlewares -}} - {{- $middlewares = concat $middlewares $rootCtx.Values.global.traefik.commonMiddlewares -}} - {{- end -}} - - {{- if $traefik.chartMiddlewares -}} - {{- $middlewares = concat $middlewares $traefik.chartMiddlewares -}} - {{- end -}} - - {{- if $traefik.middlewares -}} - {{- $middlewares = concat $middlewares $traefik.middlewares -}} - {{- end -}} - - {{/* Make sure we dont have dupes */}} - {{- if not (deepEqual (mustUniq $entrypoints) $entrypoints) -}} - {{- fail (printf "Ingress - Combined traefik entrypoints contain duplicates [%s]" (join ", " $entrypoints)) -}} - {{- end -}} - - {{- $formattedMiddlewares := list -}} - {{- range $mid := $middlewares -}} - {{- $midNamespace := include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $mid "caller" "Traefik Integration") -}} - - {{- $midName := $mid.name -}} - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $rootCtx "objectData" $mid - "name" $mid.name "caller" "Traefik Integration" - "key" "middlewares")) -}} - - {{/* - Note: if the middleware defined in ingressMiddlewares.traefik has expandObjectName: false, - it has to also be set to false here - */}} - {{- if eq $expandName "true" -}} - {{- if eq $namespace $midNamespace -}} - {{- if not (hasKey $ingMiddlewares $mid.name) -}} - {{- fail (printf "Ingress - Traefik Middleware [%s] is not defined under [ingressMiddlewares.traefik]" $mid.name) -}} - {{- end -}} - {{- end -}} - - {{- $midName = (printf "%s-%s" $fullname $mid.name) -}} - {{- end -}} - - {{/* Format middleware */}} - {{- $formattedMiddlewares = mustAppend $formattedMiddlewares (printf "%s-%s@kubernetescrd" $midNamespace $midName) -}} - {{- end -}} - - {{- if $formattedMiddlewares -}} - {{/* Make sure we do not have dupes */}} - {{- if not (deepEqual (mustUniq $formattedMiddlewares) $formattedMiddlewares) -}} - {{- fail (printf "Ingress - Combined traefik middlewares contain duplicates [%s]" (join ", " $formattedMiddlewares)) -}} - {{- end -}} - {{- end -}} - - {{- $_ := set $objectData.annotations "traefik.ingress.kubernetes.io/router.entrypoints" (join "," $entrypoints) -}} - {{- if $formattedMiddlewares -}} - {{- $_ := set $objectData.annotations "traefik.ingress.kubernetes.io/router.middlewares" (join "," $formattedMiddlewares) -}} - {{- end -}} - - {{- if or $traefik.forceTLS (mustHas "websecure" $entrypoints) -}} - {{- $_ := set $objectData.annotations "traefik.ingress.kubernetes.io/router.tls" "true" -}} - {{- end -}} - - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.ingress.integration.traefik.validate" -}} - {{- $objectData := .objectData -}} - - {{- $traefik := $objectData.integrations.traefik -}} - - {{- if $traefik.entrypoints -}} - {{- if not (kindIs "slice" $traefik.entrypoints) -}} - {{- fail (printf "Ingress - Expected [integrations.traefik.entrypoints] to be a [slice], but got [%s]" (kindOf $traefik.entrypoints)) -}} - {{- end -}} - {{- end -}} - - {{- if $traefik.middlewares -}} - {{- if not (kindIs "slice" $traefik.middlewares) -}} - {{- fail (printf "Ingress - Expected [integrations.traefik.middlewares] to be a [slice], but got [%s]" (kindOf $traefik.middlewares)) -}} - {{- end -}} - {{- end -}} - - {{- if $traefik.chartMiddlewares -}} - {{- if not (kindIs "slice" $traefik.chartMiddlewares) -}} - {{- fail (printf "Ingress - Expected [integrations.traefik.chartMiddlewares] to be a [slice], but got [%s]" (kindOf $traefik.chartMiddlewares)) -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/ingress/integrations/nginx/_auth.tpl b/charts/baikal/charts/common/templates/lib/ingress/integrations/nginx/_auth.tpl deleted file mode 100644 index 52562b9..0000000 --- a/charts/baikal/charts/common/templates/lib/ingress/integrations/nginx/_auth.tpl +++ /dev/null @@ -1,53 +0,0 @@ -{{- define "tc.v1.common.lib.ingress.integration.nginx.auth.authentik" -}} - {{- $objectData := .objectData -}} - {{- $auth := .auth -}} - - {{- if and $auth.respondHeaders (not (kindIs "slice" $auth.responseHeaders)) -}} - {{- fail (printf "Ingress - Expected [integrations.nginx.auth.responseHeaders] to be a [slice], but got [%s]" (kindOf $auth.responseHeaders)) -}} - {{- end -}} - - {{- $respHeaders := ($auth.responseHeaders | default (list - "Set-Cookie" - "X-authentik-username" - "X-authentik-groups" - "X-authentik-entitlements" - "X-authentik-email" - "X-authentik-name" - "X-authentik-uid" - )) -}} - - {{- if or (not $auth.internalHost) (not $auth.externalHost) -}} - {{- fail "Ingress - Expected [integrations.nginx.auth.internalHost] and [integrations.nginx.auth.externalHost] to be set" -}} - {{- end -}} - - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/auth-method" "GET" -}} - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/auth-response-headers" (join "," $respHeaders) -}} - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/auth-snippet" "proxy_set_header X-Forwarded-Host $http_host;" -}} - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/auth-url" (printf "http://%s/outpost.goauthentik.io/auth/nginx" $auth.internalHost) -}} - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/auth-signin" (printf "https://%s/outpost.goauthentik.io/start?rd=$scheme://$http_host$escaped_request_uri" $auth.externalHost) -}} -{{- end -}} - -{{- define "tc.v1.common.lib.ingress.integration.nginx.auth.authelia" -}} - {{- $objectData := .objectData -}} - {{- $auth := .auth -}} - - {{- if and $auth.respondHeaders (not (kindIs "slice" $auth.responseHeaders)) -}} - {{- fail (printf "Ingress - Expected [integrations.nginx.auth.responseHeaders] to be a [slice], but got [%s]" (kindOf $auth.responseHeaders)) -}} - {{- end -}} - - {{- $respHeaders := ($auth.responseHeaders | default (list - "Remote-User" - "Remote-Name" - "Remote-Groups" - "Remote-Email" - )) -}} - - {{- if or (not $auth.internalHost) (not $auth.externalHost) -}} - {{- fail "Ingress - Expected [integrations.nginx.auth.internalHost] and [integrations.nginx.auth.externalHost] to be set" -}} - {{- end -}} - - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/auth-method" "GET" -}} - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/auth-url" (printf "http://%s/api/verify" $auth.internalHost) -}} - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/auth-response-headers" (join "," $respHeaders) -}} - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/auth-signin" (printf "https://%s?rm=$request_method" $auth.externalHost) -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/ingress/integrations/nginx/_ipWhiteList.tpl b/charts/baikal/charts/common/templates/lib/ingress/integrations/nginx/_ipWhiteList.tpl deleted file mode 100644 index f7e958b..0000000 --- a/charts/baikal/charts/common/templates/lib/ingress/integrations/nginx/_ipWhiteList.tpl +++ /dev/null @@ -1,12 +0,0 @@ -{{- define "tc.v1.common.lib.ingress.integration.nginx.ipWhitelist" -}} - {{- $objectData := .objectData -}} - {{- $whiteList := .whiteList -}} - - {{- if not (kindIs "slice" $whiteList) -}} - {{- fail (printf "Ingress - Expected [integrations.nginx.ipWhitelist] to be a [slice], but got [%s]" (kindOf $whiteList)) -}} - {{- end -}} - - {{- if $whiteList -}} - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/whitelist-source-range" (join "," $whiteList) -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/ingress/integrations/nginx/_themePark.tpl b/charts/baikal/charts/common/templates/lib/ingress/integrations/nginx/_themePark.tpl deleted file mode 100644 index 81e4e7f..0000000 --- a/charts/baikal/charts/common/templates/lib/ingress/integrations/nginx/_themePark.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{- define "tc.v1.common.lib.ingress.integration.nginx.themePark" -}} - {{- $objectData := .objectData -}} - {{- $theme := .themePark -}} - {{- if and $theme $theme.enabled (not (kindIs "string" $theme.css)) -}} - {{- fail (printf "Ingress - Expected [integrations.nginx.themepark.css] to be a [string], but got [%s]" (kindOf $theme.css)) -}} - {{- end -}} - - {{- $snippet := (list - "proxy_set_header Accept-Encoding \"\";" - "sub_filter" - "''" - (printf "'" $theme.css) - "';" - "sub_filter_once on;" - ) -}} - - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/configuration-snippet" (join "\n" $snippet) -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/metadata/_allAnnotations.tpl b/charts/baikal/charts/common/templates/lib/metadata/_allAnnotations.tpl deleted file mode 100644 index a00703f..0000000 --- a/charts/baikal/charts/common/templates/lib/metadata/_allAnnotations.tpl +++ /dev/null @@ -1,9 +0,0 @@ -{{/* Annotations that are added to all objects */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.metadata.allAnnotations" $ }} -*/}} -{{- define "tc.v1.common.lib.metadata.allAnnotations" -}} - {{/* Currently empty but can add later, if needed */}} -{{- include "tc.v1.common.lib.metadata.globalAnnotations" . }} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/metadata/_allLabels.tpl b/charts/baikal/charts/common/templates/lib/metadata/_allLabels.tpl deleted file mode 100644 index 3346f79..0000000 --- a/charts/baikal/charts/common/templates/lib/metadata/_allLabels.tpl +++ /dev/null @@ -1,15 +0,0 @@ -{{/* Labels that are added to all objects */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.metadata.allLabels" $ }} -*/}} -{{- define "tc.v1.common.lib.metadata.allLabels" -}} -helm.sh/chart: {{ include "tc.v1.common.lib.chart.names.chart" . }} -helm-revision: {{ .Release.Revision | quote }} -app.kubernetes.io/name: {{ include "tc.v1.common.lib.chart.names.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -app: {{ include "tc.v1.common.lib.chart.names.chart" . }} -release: {{ .Release.Name }} -{{- include "tc.v1.common.lib.metadata.globalLabels" . }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/metadata/_globalAnnotations.tpl b/charts/baikal/charts/common/templates/lib/metadata/_globalAnnotations.tpl deleted file mode 100644 index 1133783..0000000 --- a/charts/baikal/charts/common/templates/lib/metadata/_globalAnnotations.tpl +++ /dev/null @@ -1,6 +0,0 @@ -{{/* Returns the global annotations */}} -{{- define "tc.v1.common.lib.metadata.globalAnnotations" -}} - - {{- include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" .Values.global.annotations) -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/metadata/_globalLabels.tpl b/charts/baikal/charts/common/templates/lib/metadata/_globalLabels.tpl deleted file mode 100644 index 672f522..0000000 --- a/charts/baikal/charts/common/templates/lib/metadata/_globalLabels.tpl +++ /dev/null @@ -1,6 +0,0 @@ -{{/* Returns the global labels */}} -{{- define "tc.v1.common.lib.metadata.globalLabels" -}} - - {{- include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" .Values.global.labels) -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/metadata/_namespace.tpl b/charts/baikal/charts/common/templates/lib/metadata/_namespace.tpl deleted file mode 100644 index 7e6a193..0000000 --- a/charts/baikal/charts/common/templates/lib/metadata/_namespace.tpl +++ /dev/null @@ -1,26 +0,0 @@ -{{- define "tc.v1.common.lib.metadata.namespace" -}} - {{- $caller := .caller -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $namespace := $rootCtx.Release.Namespace -}} - - {{- with $rootCtx.Values.global.namespace -}} - {{- $namespace = tpl . $rootCtx -}} - {{- end -}} - - {{- with $rootCtx.Values.namespace -}} - {{- $namespace = tpl . $rootCtx -}} - {{- end -}} - - {{- with $objectData.namespace -}} - {{- $namespace = tpl . $rootCtx -}} - {{- end -}} - - {{- if not (and (mustRegexMatch "^[a-z0-9]((-?[a-z0-9]-?)*[a-z0-9])?$" $namespace) (le (len $namespace) 63)) -}} - {{- fail (printf "%s - Namespace [%s] is not valid. Must start and end with an alphanumeric lowercase character. It can contain '-'. And must be at most 63 characters." $caller $namespace) -}} - {{- end -}} - - {{- $namespace -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/metadata/_podAnnotations.tpl b/charts/baikal/charts/common/templates/lib/metadata/_podAnnotations.tpl deleted file mode 100644 index abe460b..0000000 --- a/charts/baikal/charts/common/templates/lib/metadata/_podAnnotations.tpl +++ /dev/null @@ -1,15 +0,0 @@ -{{/* Annotations that are added to podSpec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.metadata.podAnnotations" $ }} -*/}} -{{- define "tc.v1.common.lib.metadata.podAnnotations" -}} -checksum/persistence: {{ toJson $.Values.persistence | sha256sum }} -checksum/services: {{ toJson $.Values.service | sha256sum }} -checksum/configmaps: {{ toJson $.Values.configmap | sha256sum }} -checksum/secrets: {{ toJson $.Values.secret | sha256sum }} -checksum/cnpg: {{ toJson $.Values.cnpg | sha256sum }} -checksum/mariadb: {{ toJson $.Values.mariadb | sha256sum }} -checksum/redis: {{ toJson $.Values.redis | sha256sum }} -checksum/solr: {{ toJson $.Values.solr | sha256sum }} -checksum/mongodb: {{ toJson $.Values.mongodb | sha256sum }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/metadata/_podLabels.tpl b/charts/baikal/charts/common/templates/lib/metadata/_podLabels.tpl deleted file mode 100644 index 0f6b537..0000000 --- a/charts/baikal/charts/common/templates/lib/metadata/_podLabels.tpl +++ /dev/null @@ -1,26 +0,0 @@ -{{/* Labels that are added to podSpec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.metadata.podLabels" $ }} -*/}} -{{- define "tc.v1.common.lib.metadata.podLabels" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $type := $objectData.type -}} - - {{- $label := "" -}} - {{- $fleeting := (list "CronJob" "Job") -}} - {{- if (mustHas $type $fleeting) -}} - {{- $label = "fleeting" -}} - {{- end -}} - - {{- $permanent := (list "Deployment" "StatefulSet" "DaemonSet") -}} - {{- if (mustHas $type $permanent) -}} - {{- $label = "permanent" -}} - {{- end -}} - - {{- if not $label -}} - {{- fail "PodLabels - Template used in a place that is not designed to be used" -}} - {{- end }} -pod.lifecycle: {{ $label }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/metadata/_render.tpl b/charts/baikal/charts/common/templates/lib/metadata/_render.tpl deleted file mode 100644 index 9e5f3d9..0000000 --- a/charts/baikal/charts/common/templates/lib/metadata/_render.tpl +++ /dev/null @@ -1,37 +0,0 @@ -{{/* Renders a dict of labels */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) }} -{{ include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) }} -*/}} - -{{- define "tc.v1.common.lib.metadata.render" -}} - {{- $labels := .labels -}} - {{- $annotations := .annotations -}} - {{- $rootCtx := .rootCtx -}} - - {{- $seenLabels := list -}} - {{- $seenAnnotations := list -}} - - {{- with $labels -}} - {{- range $k, $v := . -}} - {{- if and $k $v -}} - {{- if not (mustHas $k $seenLabels) }} -{{ $k }}: {{ tpl $v $rootCtx | quote }} - {{- $seenLabels = mustAppend $seenLabels $k -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- with $annotations -}} - {{- range $k, $v := . -}} - {{- if and $k $v -}} - {{- if not (mustHas $k $seenAnnotations) }} -{{ $k }}: {{ tpl $v $rootCtx | quote }} - {{- $seenAnnotations = mustAppend $seenAnnotations $k -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/metadata/_selectorLabels.tpl b/charts/baikal/charts/common/templates/lib/metadata/_selectorLabels.tpl deleted file mode 100644 index aaf09be..0000000 --- a/charts/baikal/charts/common/templates/lib/metadata/_selectorLabels.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{/* Labels that are used on selectors */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" $objectType "objectName" $objectName) }} -podName is the "shortName" of the pod. The one you define in the .Values.workload -*/}} -{{- define "tc.v1.common.lib.metadata.selectorLabels" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectType := .objectType -}} - {{- $objectName := .objectName }} - -{{- if and $objectType $objectName }} -{{ printf "%s.name" $objectType }}: {{ $objectName }} -{{- end }} -app.kubernetes.io/name: {{ include "tc.v1.common.lib.chart.names.name" $rootCtx }} -app.kubernetes.io/instance: {{ $rootCtx.Release.Name }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/metadata/_validation.tpl b/charts/baikal/charts/common/templates/lib/metadata/_validation.tpl deleted file mode 100644 index b80f374..0000000 --- a/charts/baikal/charts/common/templates/lib/metadata/_validation.tpl +++ /dev/null @@ -1,22 +0,0 @@ -{{/* Metadata Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" $caller) -}} -objectData: - labels: The labels of the configmap. - annotations: The annotations of the configmap. - data: The data of the configmap. -*/}} - -{{- define "tc.v1.common.lib.metadata.validation" -}} - {{- $objectData := .objectData -}} - {{- $caller := .caller -}} - - {{- if and $objectData.labels (not (kindIs "map" $objectData.labels)) -}} - {{- fail (printf "%s - Expected [labels] to be a dictionary, but got [%v]" $caller (kindOf $objectData.labels)) -}} - {{- end -}} - - {{- if and $objectData.annotations (not (kindIs "map" $objectData.annotations)) -}} - {{- fail (printf "%s - Expected [annotations] to be a dictionary, but got [%v]" $caller (kindOf $objectData.annotations)) -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/metadata/_volumeLabels.tpl b/charts/baikal/charts/common/templates/lib/metadata/_volumeLabels.tpl deleted file mode 100644 index 8a1f507..0000000 --- a/charts/baikal/charts/common/templates/lib/metadata/_volumeLabels.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{/* Labels that are added to podSpec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.metadata.volumeLabels" $ }} -*/}} -{{- define "tc.v1.common.lib.metadata.volumeLabels" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $selectedVolumes := (include "tc.v1.common.lib.pod.volumes.selected" (dict "rootCtx" $rootCtx "objectData" $objectData)) | fromJson }} - - {{- $names := list -}} - {{- range $volume := $selectedVolumes.pvc -}} - {{- $names = mustAppend $names $volume.shortName -}} - {{- end }} - -truecharts.org/pvc: {{ $names | join "_" | quote }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_affinity.tpl b/charts/baikal/charts/common/templates/lib/pod/_affinity.tpl deleted file mode 100644 index 6a76123..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_affinity.tpl +++ /dev/null @@ -1,161 +0,0 @@ -{{/* Returns pod affinity */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.affinity" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.affinity" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $affinity := dict -}} - - {{/* Initialize from the "global" option */}} - {{- with $rootCtx.Values.podOptions.affinity -}} - {{- $affinity = . -}} - {{- end -}} - - {{/* Override with pods option */}} - {{- with $objectData.podSpec.affinity -}} - {{- $affinity = . -}} - {{- end -}} - - {{/* If default affinity is enabled and its one of this types, then merge it with user input */}} - {{- $validTypes := (list "Deployment" "StatefulSet") -}} - {{- if and (mustHas $objectData.type $validTypes) $rootCtx.Values.podOptions.defaultAffinity }} - {{- $defaultAffinity := (include "tc.v1.common.lib.pod.defaultAffinity" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) -}} - {{- $defaultAffinity = $defaultAffinity | default dict -}} - {{/* Merge user input overwriting the default */}} - {{- $affinity = mustMergeOverwrite $defaultAffinity $affinity -}} - {{- end -}} - - {{- include "tc.v1.common.lib.pod.affinity.validation" (dict "rootCtx" $rootCtx "objectData" $affinity) -}} - - {{- if $affinity.nodeAffinity }} -nodeAffinity: - {{- fail "TODO: not implemented" -}} - {{- end -}} - - {{- if $affinity.podAffinity }} -podAffinity: - {{- include "tc.v1.common.lib.pod.podAffinityOrPodAntiAffinity" (dict "rootCtx" $rootCtx "data" $affinity.podAffinity) | nindent 2 -}} - {{- end -}} - - {{- if $affinity.podAntiAffinity }} -podAntiAffinity: - {{- include "tc.v1.common.lib.pod.podAffinityOrPodAntiAffinity" (dict "rootCtx" $rootCtx "data" $affinity.podAntiAffinity) | nindent 2 -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.podAffinityOrPodAntiAffinity" -}} - {{- $rootCtx := .rootCtx -}} - {{- $data := .data -}} - - {{- if $data -}} - {{- if $data.requiredDuringSchedulingIgnoredDuringExecution }} - requiredDuringSchedulingIgnoredDuringExecution: - {{- range $term := $data.requiredDuringSchedulingIgnoredDuringExecution }} - - {{ include "tc.v1.common.lib.pod.podAffinityTerm" (dict "rootCtx" $rootCtx "data" $term) | trim | nindent 6 }} - {{- end -}} - {{- end -}} - - {{- if $data.preferredDuringSchedulingIgnoredDuringExecution }} - preferredDuringSchedulingIgnoredDuringExecution: - {{- range $term := $data.preferredDuringSchedulingIgnoredDuringExecution }} - - weight: {{ $term.weight }} - podAffinityTerm: - {{- include "tc.v1.common.lib.pod.podAffinityTerm" (dict "rootCtx" $rootCtx "data" $term.podAffinityTerm) | nindent 10 }} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.podAffinityTerm" -}} - {{- $rootCtx := .rootCtx -}} - {{- $data := .data -}} - - {{- if $data }} -topologyKey: {{ $data.topologyKey }} - - {{- if $data.matchLabelKeys }} -matchLabelKeys: - {{- range $data.matchLabelKeys }} - - {{ . }} - {{- end -}} - {{- end -}} - - {{- if $data.mismatchLabelKeys }} -mismatchLabelKeys: - {{- range $data.mismatchLabelKeys }} - - {{ . }} - {{- end -}} - {{- end -}} - - {{- if $data.namespaces }} -namespaces: - {{- range $data.namespaces }} - - {{ . }} - {{- end -}} - {{- end -}} - - {{- if $data.labelSelector }} -labelSelector: - {{- include "tc.v1.common.lib.pod.labelSelector" (dict "rootCtx" $rootCtx "data" $data.labelSelector) | nindent 2 -}} - {{- end -}} - - {{- if $data.namespaceSelector }} -namespaceSelector: - {{- include "tc.v1.common.lib.pod.labelSelector" (dict "rootCtx" $rootCtx "data" $data.namespaceSelector) | nindent 2 -}} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.labelSelector" -}} - {{- $rootCtx := .rootCtx -}} - {{- $data := .data }} - - {{- if $data.matchExpressions -}} -matchExpressions: - {{- range $expression := $data.matchExpressions }} - - key: {{ $expression.key }} - operator: {{ $expression.operator }} - {{- if mustHas $expression.operator (list "In" "NotIn") }} - values: - {{- range $expression.values }} - - {{ . }} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- if $data.matchLabels -}} -matchLabels: - {{- range $key, $value := $data.matchLabels }} - {{ $key }}: {{ $value }} - {{- end -}} - {{- end -}} -{{- end -}} - - -{{- define "tc.v1.common.lib.pod.defaultAffinity" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $selectedVolumes := (include "tc.v1.common.lib.pod.volumes.selected" (dict "rootCtx" $rootCtx "objectData" $objectData)) | fromJson }} - - {{- $names := list -}} - {{- range $volume := $selectedVolumes.pvc -}} - {{- $names = mustAppend $names $volume.shortName -}} - {{- end }} - - {{- if $names }} -podAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - topologyKey: kubernetes.io/hostname - labelSelector: - matchExpressions: - - key: truecharts.org/pvc - operator: In - values: - - {{ $names | join "_" }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_affinityValidation.tpl b/charts/baikal/charts/common/templates/lib/pod/_affinityValidation.tpl deleted file mode 100644 index 6c6b5d6..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_affinityValidation.tpl +++ /dev/null @@ -1,174 +0,0 @@ -{{- define "tc.v1.common.lib.pod.affinity.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if $objectData.podAffinity -}} - {{- include "tc.v1.common.lib.pod.affinity.validation.podAffinityOrPodAntiAffinity" (dict "rootCtx" $rootCtx "data" $objectData.podAffinity "key" "podAffinity") -}} - {{- end -}} - - {{- if $objectData.podAntiAffinity -}} - {{- include "tc.v1.common.lib.pod.affinity.validation.podAffinityOrPodAntiAffinity" (dict "rootCtx" $rootCtx "data" $objectData.podAntiAffinity "key" "podAntiAffinity") -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.affinity.validation.podAffinityOrPodAntiAffinity" -}} - {{- $rootCtx := .rootCtx -}} - {{- $data := .data -}} - {{- $key := .key -}} - - {{- if $data -}} - {{- if and (not $data.requiredDuringSchedulingIgnoredDuringExecution) (not $data.preferredDuringSchedulingIgnoredDuringExecution) -}} - {{- fail (printf "Affinity - Expected at least one of requiredDuringSchedulingIgnoredDuringExecution or preferredDuringSchedulingIgnoredDuringExecution in [affinity.%s]" $key) -}} - {{- end -}} - - {{- if $data.requiredDuringSchedulingIgnoredDuringExecution -}} - {{- $itemData := $data.requiredDuringSchedulingIgnoredDuringExecution -}} - {{- if not (kindIs "slice" $itemData) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.requiredDuringSchedulingIgnoredDuringExecution] to be a slice but got [%s]" $key (kindOf $itemData)) -}} - {{- end -}} - - {{- range $idx, $item := $itemData -}} - {{- include "tc.v1.common.lib.pod.affinity.validation.podAffinityTerm" (dict "rootCtx" $rootCtx "data" $item "key" (printf "%s.requiredDuringSchedulingIgnoredDuringExecution.%d" $key $idx)) -}} - {{- end -}} - {{- end -}} - - {{- if $data.preferredDuringSchedulingIgnoredDuringExecution -}} - {{- $itemData := $data.preferredDuringSchedulingIgnoredDuringExecution -}} - - {{- if not (kindIs "slice" $itemData) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.preferredDuringSchedulingIgnoredDuringExecution] to be a slice but got [%s]" $key (kindOf $itemData)) -}} - {{- end -}} - - {{- range $idx, $item := $itemData -}} - {{- if not (mustHas (kindOf $item.weight) (list "int" "int64" "float64")) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.preferredDuringSchedulingIgnoredDuringExecution.%d.weight] to be a number but got [%s]" $key $idx (kindOf $item.weight)) -}} - {{- end -}} - - {{- if or (gt ($item.weight | int) 100) (lt ($item.weight | int) 0) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.preferredDuringSchedulingIgnoredDuringExecution.%d.weight] to be between 0 and 100 but got [%d]" $key $idx ($item.weight | int)) -}} - {{- end -}} - - {{- if not $item.podAffinityTerm -}} - {{- fail (printf "Affinity - Expected [affinity.%s.preferredDuringSchedulingIgnoredDuringExecution.%d.podAffinityTerm] to be defined" $key $idx) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.pod.affinity.validation.podAffinityTerm" (dict "rootCtx" $rootCtx "data" $item.podAffinityTerm "key" (printf "%s.preferredDuringSchedulingIgnoredDuringExecution.%d.podAffinityTerm" $key $idx)) -}} - {{- end -}} - {{- end -}} - - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.affinity.validation.podAffinityTerm" -}} - {{- $rootCtx := .rootCtx -}} - {{- $data := .data -}} - {{- $key := .key -}} - - {{- if not (kindIs "string" $data.topologyKey) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.topologyKey] to be a string but got [%s]" $key (kindOf $data.topologyKey)) -}} - {{- end -}} - - {{- if $data.matchLabelKeys -}} - {{- if not (kindIs "slice" $data.matchLabelKeys) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchLabelKeys] to be a slice but got [%s]" $key (kindOf $data.matchLabelKeys)) -}} - {{- end -}} - - {{- range $idx, $value := $data.matchLabelKeys -}} - {{- if not (kindIs "string" $value) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchLabelKeys.%d] to be a string but got [%s]" $key $idx (kindOf $value)) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if $data.mismatchLabelKeys -}} - {{- if not (kindIs "slice" $data.mismatchLabelKeys) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.mismatchLabelKeys] to be a slice but got [%s]" $key (kindOf $data.mismatchLabelKeys)) -}} - {{- end -}} - - {{- range $idx, $value := $data.mismatchLabelKeys -}} - {{- if not (kindIs "string" $value) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.mismatchLabelKeys.%d] to be a string but got [%s]" $key $idx (kindOf $value)) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if $data.namespaces -}} - {{- if not (kindIs "slice" $data.namespaces) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.namespaces] to be a slice but got [%s]" $key (kindOf $data.namespaces)) -}} - {{- end -}} - - {{- range $idx, $value := $data.namespaces -}} - {{- if not (kindIs "string" $value) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.namespaces.%d] to be a string but got [%s]" $key $idx (kindOf $value)) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if $data.labelSelector -}} - {{- include "tc.v1.common.lib.pod.affinity.validation.labelSelector" (dict "rootCtx" $rootCtx "key" (printf "%s.labelSelector" $key) "data" $data.labelSelector) -}} - {{- end -}} - - {{- if $data.namespaceSelector -}} - {{- include "tc.v1.common.lib.pod.affinity.validation.labelSelector" (dict "rootCtx" $rootCtx "key" (printf "%s.namespaceSelector" $key) "data" $data.namespaceSelector) -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.affinity.validation.labelSelector" -}} - {{- $rootCtx := .rootCtx -}} - {{- $key := .key -}} - {{- $data := .data -}} - - {{- if not (kindIs "map" $data) -}} - {{- fail (printf "Affinity - Expected [affinity.%s] to be a map but got [%s]" $key (kindOf $data)) -}} - {{- end -}} - - {{- if $data.matchLabels -}} - {{- if not (kindIs "map" $data.matchLabels) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchLabels] to be a map but got [%s]" $key (kindOf $data.matchLabels)) -}} - {{- end -}} - - {{- range $key, $value := $data.matchLabels -}} - {{- if not (kindIs "string" $value) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchLabels.%s] to be a string but got [%s]" $key $key (kindOf $value)) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if $data.matchExpressions }} - {{- if not (kindIs "slice" $data.matchExpressions) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchExpressions] to be a slice but got [%s]" $key (kindOf $data.matchExpressions)) -}} - {{- end -}} - - {{- $validOperators := list "In" "NotIn" "Exists" "DoesNotExist" -}} - {{- range $idx, $exp := $data.matchExpressions -}} - {{- if not (kindIs "map" $exp) -}} - {{- fail (printf "Affinity - Expected item of [affinity.%s.matchExpressions.%d] to be a map but got [%s]" $key $idx (kindOf $exp)) -}} - {{- end -}} - - {{- if not (mustHas $exp.operator $validOperators) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchExpressions.%d.operator] to be one of [%s] but got [%s]" $key $idx (join ", " $validOperators) $exp.operator) -}} - {{- end -}} - - {{- if not (kindIs "string" $exp.key) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchExpressions.%d.key] to be a string but got [%s]" $key $idx (kindOf $exp.key)) -}} - {{- end -}} - - {{- if and (mustHas $exp.operator (list "In" "NotIn")) (not (kindIs "slice" $exp.values)) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchExpressions.%d.values] to be a slice but got [%s]" $key $idx (kindOf $exp.values)) -}} - {{- end -}} - - {{- if and (mustHas $exp.operator (list "Exists" "DoesNotExist")) $exp.values -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchExpressions.%d.values] to be empty when operator is Exists or DoesNotExist but got [%v]" $key $idx ($exp.values)) -}} - {{- else if not $exp.values -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchExpressions.%d.values] to be defined when operator is In or NotIn but got [%s]" $key $idx (kindOf $exp.values)) -}} - {{- end -}} - - {{- range $vIdx, $value := $exp.values -}} - {{- if not (kindIs "string" $value) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchExpressions.%d.values.%d] to be a string but got [%s]" $key $idx $vIdx (kindOf $value)) -}} - {{- end -}} - {{- end -}} - - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_autoMountServiceAccountToken.tpl b/charts/baikal/charts/common/templates/lib/pod/_autoMountServiceAccountToken.tpl deleted file mode 100644 index f6cc5ff..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_autoMountServiceAccountToken.tpl +++ /dev/null @@ -1,24 +0,0 @@ -{{/* Returns automountServiceAccountToken */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.automountServiceAccountToken" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.automountServiceAccountToken" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $automount := false -}} - - {{/* Initialize from the "global" option */}} - {{- if (kindIs "bool" $rootCtx.Values.podOptions.automountServiceAccountToken) -}} - {{- $automount = $rootCtx.Values.podOptions.automountServiceAccountToken -}} - {{- end -}} - - {{/* Override with pod's option */}} - {{- if (kindIs "bool" $objectData.podSpec.automountServiceAccountToken) -}} - {{- $automount = $objectData.podSpec.automountServiceAccountToken -}} - {{- end -}} - - {{- $automount -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_container.tpl b/charts/baikal/charts/common/templates/lib/pod/_container.tpl deleted file mode 100644 index 90f51fa..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_container.tpl +++ /dev/null @@ -1,62 +0,0 @@ -{{/* Returns Container */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.container" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.container" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $imageObj := fromJson (include "tc.v1.common.lib.container.imageSelector" (dict "rootCtx" $rootCtx "objectData" $objectData)) -}} - {{- $termination := fromJson (include "tc.v1.common.lib.container.termination" (dict "rootCtx" $rootCtx "objectData" $objectData)) }} -- name: {{ $objectData.name }} - image: {{ printf "%s:%s" $imageObj.repository $imageObj.tag }} - imagePullPolicy: {{ $imageObj.pullPolicy }} - tty: {{ $objectData.tty | default false }} - stdin: {{ $objectData.stdin | default false }} - {{- with (include "tc.v1.common.lib.container.command" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} - command: - {{- . | nindent 4 }} - {{- end -}} - {{- with (include "tc.v1.common.lib.container.args" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} - args: - {{- . | nindent 4 }} - {{- end -}} - {{- with $termination.messagePath }} - terminationMessagePath: {{ . }} - {{- end -}} - {{- with $termination.messagePolicy }} - terminationMessagePolicy: {{ . }} - {{- end -}} - {{- with (include "tc.v1.common.lib.container.lifecycle" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} - lifecycle: - {{- . | nindent 4 }} - {{- end -}} - {{- with (include "tc.v1.common.lib.container.ports" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} - ports: - {{- . | nindent 4 }} - {{- end -}} - {{- with (include "tc.v1.common.lib.container.volumeMount" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} - volumeMounts: - {{- . | nindent 4 }} - {{- end -}} - {{- include "tc.v1.common.lib.container.probes" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 -}} - {{- with (include "tc.v1.common.lib.container.resources" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} - resources: - {{- . | nindent 4 }} - {{- end }} - securityContext: - {{- include "tc.v1.common.lib.container.securityContext" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 4 }} - {{- /* Create a dict for storing env's so it can be checked for dupes */ -}} - {{- $_ := set $objectData "envDupe" dict -}} - {{- with (include "tc.v1.common.lib.container.envFrom" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} - envFrom: - {{- . | nindent 4 }} - {{- end }} - env: - {{- include "tc.v1.common.lib.container.fixedEnv" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 4 -}} - {{- include "tc.v1.common.lib.container.env" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 4 -}} - {{- include "tc.v1.common.lib.container.envList" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 4 -}} - {{- $_ := unset $objectData "envDupe" -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_containerSpawner.tpl b/charts/baikal/charts/common/templates/lib/pod/_containerSpawner.tpl deleted file mode 100644 index a1108ea..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_containerSpawner.tpl +++ /dev/null @@ -1,36 +0,0 @@ -{{/* Containers */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.containerSpawner" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.containerSpawner" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- include "tc.v1.common.lib.container.primaryValidation" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - - {{- range $containerName, $containerValues := $objectData.podSpec.containers -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $containerValues - "name" $containerName "caller" "Container" - "key" "containers")) -}} - - {{- if eq $enabled "true" -}} - {{- $container := (mustDeepCopy $containerValues) -}} - {{- $name := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - {{- if not $container.primary -}} - {{- $name = printf "%s-%s" $name $containerName -}} - {{- end -}} - - {{- $_ := set $container "name" $name -}} - {{- $_ := set $container "shortName" $containerName -}} - {{- $_ := set $container "podShortName" $objectData.shortName -}} - {{- $_ := set $container "podPrimary" $objectData.primary -}} - {{- $_ := set $container "podType" $objectData.type -}} - {{/* Created from the pod.securityContext, used by fixedEnv */}} - {{- $_ := set $container "calculatedFSGroup" $objectData.podSpec.calculatedFSGroup -}} - {{- include "tc.v1.common.lib.pod.container" (dict "rootCtx" $rootCtx "objectData" $container) | trim | nindent 0 -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_dns.tpl b/charts/baikal/charts/common/templates/lib/pod/_dns.tpl deleted file mode 100644 index 1f4ccfa..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_dns.tpl +++ /dev/null @@ -1,90 +0,0 @@ -{{/* Returns DNS Policy and Config */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.dns" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.dns" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $policy := "ClusterFirst" -}} - {{- $config := dict -}} - - {{/* Initialize from the "global" option */}} - {{- with $rootCtx.Values.podOptions.dnsPolicy -}} - {{- $policy = . -}} - {{- end -}} - - {{- with $rootCtx.Values.podOptions.dnsConfig -}} - {{- $config = . -}} - {{- end -}} - - {{/* Override with pod's option */}} - {{- with $objectData.podSpec.dnsPolicy -}} - {{- $policy = . -}} - {{- end -}} - - {{- with $objectData.podSpec.dnsConfig -}} - {{- $config = . -}} - {{- end -}} - - {{/* Expand policy */}} - {{- $policy = (tpl $policy $rootCtx) -}} - - {{/* If hostNetwork is enabled, then use ClusterFirstWithHostNet */}} - {{- $hostNet := include "tc.v1.common.lib.pod.hostNetwork" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- if or (and (kindIs "string" $hostNet) (eq $hostNet "true")) (and (kindIs "bool" $hostNet) $hostNet) -}} - {{- $policy = "ClusterFirstWithHostNet" -}} - {{- end -}} - - {{- $policies := (list "ClusterFirst" "ClusterFirstWithHostNet" "Default" "None") -}} - {{- if not (mustHas $policy $policies) -}} - {{- fail (printf "Expected [dnsPolicy] to be one of [%s], but got [%s]" (join ", " $policies) $policy) -}} - {{- end -}} - - {{/* When policy is set to None all keys are required */}} - {{- if eq $policy "None" -}} - - {{- range $key := (list "nameservers" "searches" "options") -}} - {{- if not (get $config $key) -}} - {{- fail (printf "Expected non-empty [dnsConfig.%s] with [dnsPolicy] set to [None]." $key) -}} - {{- end -}} - {{- end -}} - - {{- end }} -dnsPolicy: {{ $policy }} - {{- if or $config.nameservers $config.options $config.searches }} -dnsConfig: - {{- with $config.nameservers -}} - {{- if gt (len .) 3 -}} - {{- fail (printf "Expected no more than [3] [dnsConfig.nameservers], but got [%v]" (len .)) -}} - {{- end }} - nameservers: - {{- range . }} - - {{ tpl . $rootCtx }} - {{- end -}} - {{- end -}} - - {{- with $config.searches -}} - {{- if gt (len .) 6 -}} - {{- fail (printf "Expected no more than [6] [dnsConfig.searches], but got [%v]" (len .)) -}} - {{- end }} - searches: - {{- range . }} - - {{ tpl . $rootCtx }} - {{- end -}} - {{- end -}} - - {{- with $config.options }} - options: - {{- range . }} - - name: {{ tpl .name $rootCtx }} - {{- with .value }} - value: {{ tpl . $rootCtx | quote }} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_enableServiceLinks.tpl b/charts/baikal/charts/common/templates/lib/pod/_enableServiceLinks.tpl deleted file mode 100644 index 4d4864e..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_enableServiceLinks.tpl +++ /dev/null @@ -1,24 +0,0 @@ -{{/* Returns enableServiceLinks */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.enableServiceLinks" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.enableServiceLinks" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $enableServiceLinks := false -}} - - {{/* Initialize from the "global" option */}} - {{- if (kindIs "bool" $rootCtx.Values.podOptions.enableServiceLinks) -}} - {{- $enableServiceLinks = $rootCtx.Values.podOptions.enableServiceLinks -}} - {{- end -}} - - {{/* Override with pod's option */}} - {{- if (kindIs "bool" $objectData.podSpec.enableServiceLinks) -}} - {{- $enableServiceLinks = $objectData.podSpec.enableServiceLinks -}} - {{- end -}} - - {{- $enableServiceLinks -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_hostAliases.tpl b/charts/baikal/charts/common/templates/lib/pod/_hostAliases.tpl deleted file mode 100644 index 0b4a541..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_hostAliases.tpl +++ /dev/null @@ -1,37 +0,0 @@ -{{/* Returns Host Aliases */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.hostAliases" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.hostAliases" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $aliases := list -}} - - {{/* Initialize from the "global" option */}} - {{- with $rootCtx.Values.podOptions.hostAliases -}} - {{- $aliases = . -}} - {{- end -}} - - {{/* Override with pod's option */}} - {{- with $objectData.podSpec.hostAliases -}} - {{- $aliases = . -}} - {{- end -}} - - {{- range $aliases -}} - {{- if not .ip -}} - {{- fail (printf "Expected non-empty [ip] value on [hostAliases].") -}} - {{- end -}} - - {{- if not .hostnames -}} - {{- fail (printf "Expected non-empty [hostames] list on [hostAliases].") -}} - {{- end }} -- ip: {{ tpl .ip $rootCtx }} - hostnames: - {{- range .hostnames }} - - {{ tpl . $rootCtx }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_hostIPC.tpl b/charts/baikal/charts/common/templates/lib/pod/_hostIPC.tpl deleted file mode 100644 index 3065d23..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_hostIPC.tpl +++ /dev/null @@ -1,24 +0,0 @@ -{{/* Returns Host IPC */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.hostIPC" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.hostIPC" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $hostIPC := false -}} - - {{/* Initialize from the "global" option */}} - {{- if (kindIs "bool" $rootCtx.Values.podOptions.hostIPC) -}} - {{- $hostIPC = $rootCtx.Values.podOptions.hostIPC -}} - {{- end -}} - - {{/* Override with pods option */}} - {{- if (kindIs "bool" $objectData.podSpec.hostIPC) -}} - {{- $hostIPC = $objectData.podSpec.hostIPC -}} - {{- end -}} - - {{- $hostIPC -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_hostNetwork.tpl b/charts/baikal/charts/common/templates/lib/pod/_hostNetwork.tpl deleted file mode 100644 index 1159c64..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_hostNetwork.tpl +++ /dev/null @@ -1,24 +0,0 @@ -{{/* Returns Host Network */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.hostNetwork" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.hostNetwork" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $hostNet := false -}} - - {{/* Initialize from the "global" option */}} - {{- if (kindIs "bool" $rootCtx.Values.podOptions.hostNetwork) -}} - {{- $hostNet = $rootCtx.Values.podOptions.hostNetwork -}} - {{- end -}} - - {{/* Override with pod's option */}} - {{- if (kindIs "bool" $objectData.podSpec.hostNetwork) -}} - {{- $hostNet = $objectData.podSpec.hostNetwork -}} - {{- end -}} - - {{- $hostNet -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_hostPID.tpl b/charts/baikal/charts/common/templates/lib/pod/_hostPID.tpl deleted file mode 100644 index 5859ec2..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_hostPID.tpl +++ /dev/null @@ -1,24 +0,0 @@ -{{/* Returns Host PID */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.hostPID" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.hostPID" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $hostPID := false -}} - - {{/* Initialize from the "global" option */}} - {{- if (kindIs "bool" $rootCtx.Values.podOptions.hostPID) -}} - {{- $hostPID = $rootCtx.Values.podOptions.hostPID -}} - {{- end -}} - - {{/* Override with pods option */}} - {{- if (kindIs "bool" $objectData.podSpec.hostPID) -}} - {{- $hostPID = $objectData.podSpec.hostPID -}} - {{- end -}} - - {{- $hostPID -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_hostUsers.tpl b/charts/baikal/charts/common/templates/lib/pod/_hostUsers.tpl deleted file mode 100644 index b6e85ea..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_hostUsers.tpl +++ /dev/null @@ -1,28 +0,0 @@ -{{/* Returns Host Users */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.hostPID" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.hostUsers" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $hostUsers := false -}} - - {{- if $objectData.podSpec.calculatedHostUsers -}} - {{- $hostUsers = true -}} - {{- end -}} - - {{/* Override from the "global" option */}} - {{- if (kindIs "bool" $rootCtx.Values.podOptions.hostUsers) -}} - {{- $hostUsers = $rootCtx.Values.podOptions.hostUsers -}} - {{- end -}} - - {{/* Override with pods option */}} - {{- if (kindIs "bool" $objectData.podSpec.hostUsers) -}} - {{- $hostUsers = $objectData.podSpec.hostUsers -}} - {{- end -}} - - {{- $hostUsers -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_hostname.tpl.tpl b/charts/baikal/charts/common/templates/lib/pod/_hostname.tpl.tpl deleted file mode 100644 index f68769d..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_hostname.tpl.tpl +++ /dev/null @@ -1,22 +0,0 @@ -{{/* Returns Host Name */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.hostname" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.hostname" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $hostname := "" -}} - - {{- with $objectData.podSpec.hostname -}} - {{- $hostname = tpl . $rootCtx -}} - {{- end -}} - - {{- if $hostname -}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $hostname) -}} - {{- end -}} - - {{- $hostname -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_imagePullSecret.tpl b/charts/baikal/charts/common/templates/lib/pod/_imagePullSecret.tpl deleted file mode 100644 index 87b4c0f..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_imagePullSecret.tpl +++ /dev/null @@ -1,42 +0,0 @@ -{{/* Returns Image Pull Secret List */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.imagePullSecret" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.imagePullSecret" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $imgPullSecrets := list -}} - - {{- range $name, $imgPull := $rootCtx.Values.imagePullSecret -}} - {{- $pullName := (printf "%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $name) -}} - - {{- if $imgPull.existingSecret -}} - {{- $pullName = $imgPull.existingSecret -}} - {{- end -}} - - {{- if $imgPull.enabled -}} - {{/* If targetSelectAll is true */}} - {{- if $imgPull.targetSelectAll -}} - {{- $imgPullSecrets = mustAppend $imgPullSecrets $pullName -}} - - {{/* Else if targetSelector is a list */}} - {{- else if (kindIs "slice" $imgPull.targetSelector) -}} - {{- if (mustHas $objectData.shortName $imgPull.targetSelector) -}} - {{- $imgPullSecrets = mustAppend $imgPullSecrets $pullName -}} - {{- end -}} - - {{/* If not targetSelectAll or targetSelector, but is the primary pod */}} - {{- else if $objectData.primary -}} - {{- $imgPullSecrets = mustAppend $imgPullSecrets $pullName -}} - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- range $imgPullSecrets }} -- name: {{ . }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_initContainerSpawner.tpl b/charts/baikal/charts/common/templates/lib/pod/_initContainerSpawner.tpl deleted file mode 100644 index 7aa581b..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_initContainerSpawner.tpl +++ /dev/null @@ -1,83 +0,0 @@ -{{/* Init Containers */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.initContainerSpawner" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.initContainerSpawner" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $initContainers := (dict "system" list - "init" list - "install" list - "upgrade" list) -}} - - {{- $types := (list "system" "init" "install" "upgrade") -}} - - {{- $mergedContainers := $objectData.podSpec.initContainers -}} - - {{- range $containerName, $containerValues := $mergedContainers -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $containerValues - "name" $containerName "caller" "Init Container" - "key" "initContainers")) -}} - - {{- if eq $enabled "true" -}} - - {{- if not ($containerValues.type) -}} - {{- fail "InitContainer - Expected non-empty [type]" -}} - {{- end -}} - - {{- $containerType := tpl $containerValues.type $rootCtx -}} - {{- if not (mustHas $containerType $types) -}} - {{- fail (printf "InitContainer - Expected [type] to be one of [%s], but got [%s]" (join ", " $types) $containerType) -}} - {{- end -}} - - {{- $container := (mustDeepCopy $containerValues) -}} - {{- $name := printf "%s-%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $containerType $containerName -}} - - {{- $_ := set $container "name" $name -}} - {{- $_ := set $container "shortName" $containerName -}} - {{- $_ := set $container "podShortName" $objectData.shortName -}} - {{- $_ := set $container "podPrimary" $objectData.primary -}} - {{- $_ := set $container "podType" $objectData.type -}} - - {{/* Remove keys that do not apply on init containers */}} - {{- $_ := set $container "lifecycle" dict -}} - {{- $_ := set $container "probes" dict -}} - {{/* Template expects probes dict defined even if enabled */}} - {{- $_ := set $container.probes "liveness" (dict "enabled" false) -}} - {{- $_ := set $container.probes "readiness" (dict "enabled" false) -}} - {{- $_ := set $container.probes "startup" (dict "enabled" false) -}} - - {{/* Created from the pod.securityContext, used by fixedEnv */}} - {{- $_ := set $container "calculatedFSGroup" $objectData.podSpec.calculatedFSGroup -}} - - {{/* Append to list of containers based on type */}} - {{- $tempContainers := (get $initContainers $containerType) -}} - {{- $_ := set $initContainers $containerType (mustAppend $tempContainers $container) -}} - {{- end -}} - {{- end -}} - - {{- if $rootCtx.Release.IsInstall -}} - {{- range $container := (get $initContainers "install") -}} - {{- include "tc.v1.common.lib.pod.container" (dict "rootCtx" $rootCtx "objectData" $container) -}} - {{- end -}} - {{- end -}} - - {{- if $rootCtx.Release.IsUpgrade -}} - {{- range $container := (get $initContainers "upgrade") -}} - {{- include "tc.v1.common.lib.pod.container" (dict "rootCtx" $rootCtx "objectData" $container) -}} - {{- end -}} - {{- end -}} - - {{- range $container := (get $initContainers "system") -}} - {{- include "tc.v1.common.lib.pod.container" (dict "rootCtx" $rootCtx "objectData" $container) -}} - {{- end -}} - - {{- range $container := (get $initContainers "init") -}} - {{- include "tc.v1.common.lib.pod.container" (dict "rootCtx" $rootCtx "objectData" $container) -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_nodeSelector.tpl b/charts/baikal/charts/common/templates/lib/pod/_nodeSelector.tpl deleted file mode 100644 index b0b4b95..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_nodeSelector.tpl +++ /dev/null @@ -1,33 +0,0 @@ -{{/* Returns Node Selector */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.nodeSelector" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.nodeSelector" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $selectors := dict -}} - - {{/* Initialize from the "global" option */}} - {{- with $rootCtx.Values.podOptions.nodeSelector -}} - {{- $selectors = . -}} - {{- end -}} - - {{/* Override with pods option */}} - {{- with $objectData.podSpec.nodeSelector -}} - {{- $selectors = . -}} - {{- end -}} - - {{- if and (include "tc.v1.common.lib.util.stopAll" $rootCtx) (eq $objectData.type "DaemonSet") }} -"non-existing": "true" - {{ else }} - {{- range $k, $v := $selectors -}} - {{- if not $v -}} - {{- else }} -{{ $k }}: {{ tpl $v $rootCtx | quote }} - {{- end -}} - {{- end -}} - {{ end }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_podSecurityContext.tpl b/charts/baikal/charts/common/templates/lib/pod/_podSecurityContext.tpl deleted file mode 100644 index 878c2f4..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_podSecurityContext.tpl +++ /dev/null @@ -1,145 +0,0 @@ -{{/* Returns Pod Security Context */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.securityContext" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.securityContext" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $rootCtx.Values.securityContext.pod -}} - {{- fail "Pod - Expected non-empty [securityContext.pod]" -}} - {{- end -}} - - {{/* Initialize from the "global" option */}} - {{- $secContext := mustDeepCopy $rootCtx.Values.securityContext.pod -}} - - {{/* Override with pods option */}} - {{- with $objectData.podSpec.securityContext -}} - {{- $secContext = mustMergeOverwrite $secContext . -}} - {{- end -}} - - {{- $gpu := (include "tc.v1.common.lib.pod.resources.hasGPU" (dict "rootCtx" $rootCtx "objectData" $objectData)) -}} - - {{- $deviceGroups := (list 5 10 20 24) -}} - {{- $deviceAdded := false -}} - {{- $hostUsers := false -}} - {{- $hostUserPersistence := (list "configmap" "secret" "emptyDir" "downwardAPI" "projected") -}} - - {{- range $persistenceName, $persistenceValues := $rootCtx.Values.persistence -}} - {{- $podSelected := false -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $persistenceValues - "name" $persistenceName "caller" "Pod Security Context" - "key" "persistence")) -}} - {{- if (eq $enabled "true") -}} - {{- if $persistenceValues.targetSelectAll -}} - {{- $podSelected = true -}} - {{- else if and $persistenceValues.targetSelector (kindIs "map" $persistenceValues.targetSelector) -}} - {{- if mustHas $objectData.shortName ($persistenceValues.targetSelector | keys) -}} - {{- $podSelected = true -}} - {{- end -}} - {{- else if $objectData.primary -}} - {{- $podSelected = true -}} - {{- end -}} - {{- end -}} - - {{- if $podSelected -}} - {{- if eq $persistenceValues.type "device" -}} - {{- $deviceAdded = true -}} - {{- end -}} - - {{- if not (mustHas $persistenceValues.type $hostUserPersistence) -}} - {{- $hostUsers = true -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{/* Make sure no host "things" are used */}} - {{- $hostNet := (eq (include "tc.v1.common.lib.pod.hostNetwork" (dict "rootCtx" $rootCtx "objectData" $objectData)) "true") -}} - {{- $hostPID := (eq (include "tc.v1.common.lib.pod.hostPID" (dict "rootCtx" $rootCtx "objectData" $objectData)) "true") -}} - {{- $hostIPC := (eq (include "tc.v1.common.lib.pod.hostIPC" (dict "rootCtx" $rootCtx "objectData" $objectData)) "true") -}} - {{- if or $hostIPC $hostNet $hostPID -}} - {{- $hostUsers = true -}} - {{- end }} - - {{- range $containerName, $containerValues := $objectData.podSpec.containers -}} - {{- $secContContainer := fromJson (include "tc.v1.common.lib.container.securityContext.calculate" (dict "rootCtx" $rootCtx "objectData" $containerValues)) }} - {{- if or $secContContainer.allowPrivilegeEscalation $secContContainer.privileged $secContContainer.capabilities.add - (not $secContContainer.readOnlyRootFilesystem) (not $secContContainer.runAsNonRoot) - (lt ($secContContainer.runAsUser | int) 1) (lt ($secContContainer.runAsGroup | int) 1) -}} - {{- $hostUsers = true -}} - {{- end -}} - {{- end -}} - - {{- if eq $gpu "true" -}} - {{- $_ := set $secContext "supplementalGroups" (concat $secContext.supplementalGroups (list 44 107)) -}} - {{- $hostUsers = true -}} - {{- end -}} - - {{- if $deviceAdded -}} - {{- $_ := set $secContext "supplementalGroups" (concat $secContext.supplementalGroups $deviceGroups) -}} - {{- $hostUsers = true -}} - {{- end -}} - - {{- $_ := set $secContext "supplementalGroups" (concat $secContext.supplementalGroups (list 568)) -}} - - {{- if not (deepEqual $secContext.supplementalGroups (mustUniq $secContext.supplementalGroups)) -}} - {{- fail (printf "Pod - Expected [supplementalGroups] to have only unique values, but got [%s]" (join ", " $secContext.supplementalGroups)) -}} - {{- end -}} - - {{- $portRange := fromJson (include "tc.v1.common.lib.helpers.securityContext.getPortRange" (dict "rootCtx" $rootCtx "objectData" $objectData)) -}} - {{/* If a container wants to bind a port <= 1024 change the unprivileged_port_start */}} - {{- if and $portRange.low (le (int $portRange.low) 1024) -}} - {{/* That sysctl is not supported when hostNet is enabled */}} - {{- if ne (include "tc.v1.common.lib.pod.hostNetwork" (dict "rootCtx" $rootCtx "objectData" $objectData)) "true" -}} - {{- $_ := set $secContext "sysctls" (mustAppend $secContext.sysctls (dict "name" "net.ipv4.ip_unprivileged_port_start" "value" (printf "%v" $portRange.low))) -}} - {{- end -}} - {{- end -}} - - {{- if or (kindIs "invalid" $secContext.fsGroup) (eq (toString $secContext.fsGroup) "") -}} - {{- fail "Pod - Expected non-empty [fsGroup]" -}} - {{- end -}} - - {{/* Used by the fixedEnv template */}} - {{- $_ := set $objectData.podSpec "calculatedFSGroup" $secContext.fsGroup -}} - - {{- if not $secContext.fsGroupChangePolicy -}} - {{- fail "Pod - Expected non-empty [fsGroupChangePolicy]" -}} - {{- end -}} - - {{- $policies := (list "Always" "OnRootMismatch") -}} - {{- if not (mustHas $secContext.fsGroupChangePolicy $policies) -}} - {{- fail (printf "Pod - Expected [fsGroupChangePolicy] to be one of [%s], but got [%s]" (join ", " $policies) $secContext.fsGroupChangePolicy) -}} - {{- end }} -fsGroup: {{ include "tc.v1.common.helper.makeIntOrNoop" $secContext.fsGroup }} -fsGroupChangePolicy: {{ $secContext.fsGroupChangePolicy }} - {{- with $secContext.supplementalGroups }} -supplementalGroups: - {{- range . }} - - {{ include "tc.v1.common.helper.makeIntOrNoop" . }} - {{- end -}} - {{- else }} -supplementalGroups: [] - {{- end -}} - {{- with $secContext.sysctls }} -sysctls: - {{- $hostUsers = true -}} - {{- range . }} - {{- if not .name -}} - {{- fail "Pod - Expected non-empty [name] in [sysctls]" -}} - {{- end -}} - {{- if not .value -}} - {{- fail "Pod - Expected non-empty [value] in [sysctls]" -}} - {{- end }} - - name: {{ tpl .name $rootCtx | quote }} - value: {{ tpl .value $rootCtx | quote }} - {{- end -}} - {{- else }} -sysctls: [] - {{- end -}} - - {{/* Used by _hostUsers.tpl */}} - {{- $_ := set $objectData.podSpec "calculatedHostUsers" $hostUsers -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_priorityClassName.tpl b/charts/baikal/charts/common/templates/lib/pod/_priorityClassName.tpl deleted file mode 100644 index aaf15ac..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_priorityClassName.tpl +++ /dev/null @@ -1,24 +0,0 @@ -{{/* Returns Priority Class Name */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.priorityClassName" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.priorityClassName" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $className := "" -}} - - {{/* Initialize from the "global" option */}} - {{- with $rootCtx.Values.podOptions.priorityClassName -}} - {{- $className = tpl . $rootCtx -}} - {{- end -}} - - {{/* Override with pod's option */}} - {{- with $objectData.podSpec.priorityClassName -}} - {{- $className = tpl . $rootCtx -}} - {{- end -}} - - {{- $className -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_restartPolicy.tpl b/charts/baikal/charts/common/templates/lib/pod/_restartPolicy.tpl deleted file mode 100644 index 388a560..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_restartPolicy.tpl +++ /dev/null @@ -1,44 +0,0 @@ -{{/* Returns Restart Policy */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.restartPolicy" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.restartPolicy" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $policy := "Always" -}} - - {{- $jobTypes := (list "Job" "CronJob") -}} - {{- if mustHas $objectData.type $jobTypes -}} - {{- $policy = "OnFailure" -}} - {{- end -}} - - {{/* Initialize from the "defaults" */}} - {{- with $rootCtx.Values.podOptions.restartPolicy -}} - {{- $policy = tpl . $rootCtx -}} - {{- end -}} - - {{/* Override from the pod values, if defined */}} - {{- with $objectData.podSpec.restartPolicy -}} - {{- $policy = tpl . $rootCtx -}} - {{- end -}} - - {{- $policies := (list "Never" "Always" "OnFailure") -}} - {{- if not (mustHas $policy $policies) -}} - {{- fail (printf "Expected [restartPolicy] to be one of [%s] but got [%s]" (join ", " $policies) $policy) -}} - {{- end -}} - - {{- $types := (list "Deployment" "DaemonSet" "StatefulSet") -}} - {{- if and (ne "Always" $policy) (mustHas $objectData.type $types) -}} - {{- fail (printf "Expected [restartPolicy] to be [Always] for [%s] but got [%s]" $objectData.type $policy) -}} - {{- end -}} - - {{- if and (eq "Always" $policy) (mustHas $objectData.type $jobTypes) -}} - {{- $cronPolicies := mustWithout $policies "Always" -}} - {{- fail (printf "Expected [restartPolicy] to be one of [%s] for [%s] but got [%s]" (join ", " $cronPolicies) $objectData.type $policy) -}} - {{- end -}} - - {{- $policy -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_runtimeClassName.tpl b/charts/baikal/charts/common/templates/lib/pod/_runtimeClassName.tpl deleted file mode 100644 index fd54cb0..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_runtimeClassName.tpl +++ /dev/null @@ -1,24 +0,0 @@ -{{/* Returns Runtime Class Name */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.runtimeClassName" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.runtimeClassName" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $runtime := "" -}} - - {{/* Initialize from the "defaults" */}} - {{- with $rootCtx.Values.podOptions.runtimeClassName -}} - {{- $runtime = tpl . $rootCtx -}} - {{- end -}} - - {{/* Override from the pod values, if defined */}} - {{- with $objectData.podSpec.runtimeClassName -}} - {{- $runtime = tpl . $rootCtx -}} - {{- end -}} - - {{- $runtime -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_schedulerName.tpl b/charts/baikal/charts/common/templates/lib/pod/_schedulerName.tpl deleted file mode 100644 index 0b84582..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_schedulerName.tpl +++ /dev/null @@ -1,24 +0,0 @@ -{{/* Returns Scheduler Name */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.schedulerName" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.schedulerName" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $scheduler := "" -}} - - {{/* Initialize from the "global" option */}} - {{- with $rootCtx.Values.podOptions.schedulerName -}} - {{- $scheduler = tpl . $rootCtx -}} - {{- end -}} - - {{/* Override with pod's option */}} - {{- with $objectData.podSpec.schedulerName -}} - {{- $scheduler = tpl . $rootCtx -}} - {{- end -}} - - {{- $scheduler -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_serviceAccountName.tpl b/charts/baikal/charts/common/templates/lib/pod/_serviceAccountName.tpl deleted file mode 100644 index 8c14d86..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_serviceAccountName.tpl +++ /dev/null @@ -1,63 +0,0 @@ -{{/* Returns Service Account Name */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.serviceAccountName" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.serviceAccountName" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{/* Check if an explicit service account name is specified in podSpec */}} - {{- with $objectData.podSpec.serviceAccountName -}} - {{- $objectName := tpl . $rootCtx -}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName) -}} - {{- $objectName -}} - {{- else -}} - {{/* If not, use the auto-generated service account name */}} - {{- include "tc.v1.common.lib.pod.serviceAccountName.auto" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.serviceAccountName.auto" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $saName := "default" -}} - {{- $saNameCount := 0 -}} - - {{- range $name, $serviceAccount := $rootCtx.Values.serviceAccount -}} - {{- $tempName := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - - {{- if not $serviceAccount.primary -}} - {{- $tempName = (printf "%s-%s" $tempName $name) -}} - {{- end -}} - - {{- if $serviceAccount.enabled -}} - {{/* If targetSelectAll is true */}} - {{- if $serviceAccount.targetSelectAll -}} - {{- $saName = $tempName -}} - {{- $saNameCount = add1 $saNameCount -}} - - {{/* Else if targetSelector is a list */}} - {{- else if (kindIs "slice" $serviceAccount.targetSelector) -}} - {{- if (mustHas $objectData.shortName $serviceAccount.targetSelector) -}} - {{- $saName = $tempName -}} - {{- $saNameCount = add1 $saNameCount -}} - {{- end -}} - - {{/* If not targetSelectAll or targetSelector, but is the primary pod */}} - {{- else if $objectData.primary -}} - {{- $saName = $tempName -}} - {{- $saNameCount = add1 $saNameCount -}} - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- if gt $saNameCount 1 -}} - {{- fail (printf "Expected at most 1 ServiceAccount to be assigned on a pod [%s]. But [%v] were assigned" $objectData.shortName $saNameCount) -}} - {{- end -}} - - {{- $saName -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_shareProcessNamespace.tpl b/charts/baikal/charts/common/templates/lib/pod/_shareProcessNamespace.tpl deleted file mode 100644 index 1a2bd11..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_shareProcessNamespace.tpl +++ /dev/null @@ -1,24 +0,0 @@ -{{/* Returns Share Process Namespace */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.shareProcessNamespace" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.shareProcessNamespace" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $shareProcessNamespace := false -}} - - {{/* Initialize from the "global" option */}} - {{- if (kindIs "bool" $rootCtx.Values.podOptions.shareProcessNamespace) -}} - {{- $shareProcessNamespace = $rootCtx.Values.podOptions.shareProcessNamespace -}} - {{- end -}} - - {{/* Override with pods option */}} - {{- if (kindIs "bool" $objectData.podSpec.shareProcessNamespace) -}} - {{- $shareProcessNamespace = $objectData.podSpec.shareProcessNamespace -}} - {{- end -}} - - {{- $shareProcessNamespace -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_terminationGracePeriodSeconds.tpl b/charts/baikal/charts/common/templates/lib/pod/_terminationGracePeriodSeconds.tpl deleted file mode 100644 index c92eeaa..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_terminationGracePeriodSeconds.tpl +++ /dev/null @@ -1,29 +0,0 @@ -{{/* Returns Termination Grace Period Seconds */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.terminationGracePeriodSeconds" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.terminationGracePeriodSeconds" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $gracePeriod := "" -}} - - {{/* Initialize from the "global" option */}} - {{- with $rootCtx.Values.podOptions.terminationGracePeriodSeconds -}} - {{- $gracePeriod = . -}} - {{- end -}} - - {{/* Override with pod's option */}} - {{- with $objectData.podSpec.terminationGracePeriodSeconds -}} - {{- $gracePeriod = . -}} - {{- end -}} - - {{/* Expand tpl */}} - {{- if (kindIs "string" $gracePeriod) -}} - {{- $gracePeriod = tpl $gracePeriod $rootCtx -}} - {{- end -}} - - {{- $gracePeriod -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_tolerations.tpl b/charts/baikal/charts/common/templates/lib/pod/_tolerations.tpl deleted file mode 100644 index ca735d9..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_tolerations.tpl +++ /dev/null @@ -1,67 +0,0 @@ -{{/* Returns Tolerations */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.tolerations" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.tolerations" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $tolerations := list -}} - - {{/* Initialize from the "global" option */}} - {{- with $rootCtx.Values.podOptions.tolerations -}} - {{- $tolerations = . -}} - {{- end -}} - - {{/* Override from the "pod" option */}} - {{- with $objectData.podSpec.tolerations -}} - {{- $tolerations = . -}} - {{- end -}} - - {{- range $tolerations -}} - {{/* Expand values */}} - {{- $operator := (tpl (.operator | default "") $rootCtx) -}} - {{- $key := (tpl (.key | default "") $rootCtx) -}} - {{- $value := (tpl (.value | default "") $rootCtx) -}} - {{- $effect := (tpl (.effect | default "") $rootCtx) -}} - {{- $tolSeconds := .tolerationSeconds -}} - - {{- $operators := (list "Exists" "Equal") -}} - {{- if not (mustHas $operator $operators) -}} - {{- fail (printf "Expected [tolerations.operator] to be one of [%s] but got [%s]" (join ", " $operators) $operator) -}} - {{- end -}} - - {{- if and (eq $operator "Equal") (or (not $key) (not $value)) -}} - {{- fail "Expected non-empty [tolerations.key] and [tolerations.value] with [tolerations.operator] set to [Equal]" -}} - {{- end -}} - - {{- if and (eq $operator "Exists") $value -}} - {{- fail (printf "Expected empty [tolerations.value] with [tolerations.operator] set to [Exists], but got [%s]" $value) -}} - {{- end -}} - - {{- $effects := (list "NoExecute" "NoSchedule" "PreferNoSchedule") -}} - {{- if and $effect (not (mustHas $effect $effects)) -}} - {{- fail (printf "Expected [tolerations.effect] to be one of [%s], but got [%s]" (join ", " $effects) $effect) -}} - {{- end -}} - - {{- if and (not (kindIs "invalid" $tolSeconds)) (not (mustHas (kindOf $tolSeconds) (list "int" "int64" "float64"))) -}} - {{- fail (printf "Expected [tolerations.tolerationSeconds] to be a number, but got [%v]" $tolSeconds) -}} - {{- end }} -- operator: {{ $operator }} - {{- with $key }} - key: {{ $key }} - {{- end -}} - {{- with $effect }} - effect: {{ $effect }} - {{- end -}} - {{- with $value }} - value: {{ . }} - {{- end -}} - {{- if (mustHas (kindOf $tolSeconds) (list "int" "int64" "float64")) }} - tolerationSeconds: {{ $tolSeconds }} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_topologySpreadConstraints .tpl b/charts/baikal/charts/common/templates/lib/pod/_topologySpreadConstraints .tpl deleted file mode 100644 index 66c018f..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_topologySpreadConstraints .tpl +++ /dev/null @@ -1,37 +0,0 @@ -{{/* Returns topologySpreadConstraints */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.topologySpreadConstraints" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.topologySpreadConstraints" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $constraints := list -}} - - {{/* Initialize from the "global" option */}} - {{- with $rootCtx.Values.podOptions.topologySpreadConstraints -}} - {{- $constraints = . -}} - {{- end -}} - - {{/* Override with pods option */}} - {{- with $objectData.podSpec.topologySpreadConstraints -}} - {{- $constraints = . -}} - {{- end -}} - - {{- $validTypes := (list "Deployment" "StatefulSet") -}} - {{- if and (mustHas $objectData.type $validTypes) $rootCtx.Values.podOptions.defaultSpread }} -- maxSkew: 1 - whenUnsatisfiable: ScheduleAnyway - topologyKey: {{ default "kubernetes.io/hostname" $rootCtx.Values.global.fallbackDefaults.topologyKey }} - labelSelector: - matchLabels: - {{- include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $objectData.shortName) | indent 6 }} - nodeAffinityPolicy: Honor - nodeTaintsPolicy: Honor - {{- end -}} - {{- with $constraints -}} {{/* TODO: Template this, so we can add some validation around easy to make mistakes. Low Prio */}} - {{- . | toYaml | nindent 0 }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/_volumes.tpl b/charts/baikal/charts/common/templates/lib/pod/_volumes.tpl deleted file mode 100644 index 1d54621..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/_volumes.tpl +++ /dev/null @@ -1,122 +0,0 @@ -{{/* Returns Volumes */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.volumes" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.volumes" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $selectedVolumes := (include "tc.v1.common.lib.pod.volumes.selected" (dict "rootCtx" $rootCtx "objectData" $objectData)) | fromJson -}} - - {{- range $type, $volumes := $selectedVolumes -}} - {{- range $volume := $volumes -}} - {{- include (printf "tc.v1.common.lib.pod.volume.%s" $type) (dict "rootCtx" $rootCtx "objectData" $volume) | trim | nindent 0 -}} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.volumes.checkRWO" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $persistence := .persistence -}} - {{- $type := .type -}} - {{- $name := .name -}} - - {{/* Only check accessModes if persistence is one of those types */}} - {{- $typesWithAccessMode := (list "pvc") -}} - {{- if (mustHas $type $typesWithAccessMode) -}} - {{- $modes := include "tc.v1.common.lib.pvc.accessModes" (dict "rootCtx" $rootCtx - "objectData" $persistence "caller" "Volumes") | fromYamlArray - -}} - - {{- $hasRWO := include "tc.v1.common.lib.pod.volumes.hasRWO" (dict "modes" $modes) -}} - - {{- if eq $hasRWO "true" -}} - {{- if eq $objectData.type "DaemonSet" -}} - {{- fail "Expected [accessMode] to not be [ReadWriteOnce] when used on a [DaemonSet]" -}} - - {{- else if and (mustHas $objectData.type (list "Deployment" "StatefulSet")) (gt (($objectData.replicas| default 1) | int) 1) -}} - {{- include "add.warning" (dict "rootCtx" $rootCtx - "warn" (printf "WARNING: The [accessModes] on volume [%s] is set to [ReadWriteOnce] when on a [Deployment] with more than 1 replica" $name)) - -}} - {{- end -}} - {{- end -}} - - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.volumes.hasRWO" -}} - {{- $modes := .modes -}} - {{- $hasRWO := false -}} - {{- range $m := $modes -}} - {{- if eq $m "ReadWriteOnce" -}} - {{- $hasRWO = true -}} - {{- break -}} - {{- end -}} - {{- end -}} - {{- $hasRWO -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.volumes.selected" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $selectedVolumes := dict - "pvc" list - "secret" list - "configmap" list - "emptyDir" list - "hostPath" list - "nfs" list - "iscsi" list - "projected" list - "device" list - -}} - - {{- range $name, $persistenceValues := $rootCtx.Values.persistence -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $persistenceValues - "name" $name "caller" "Volumes" - "key" "persistence")) - -}} - - {{- if (ne $enabled "true") -}}{{- continue -}}{{- end -}} - {{- $persistence := (mustDeepCopy $persistenceValues) -}} - {{- $_ := set $persistence "shortName" $name -}} - - {{- $selected := false -}} - - {{- if $persistence.targetSelectAll -}} - {{- $selected = true -}} - {{- else if eq $objectData.shortName "autopermissions" -}} - {{- if and $persistence.autoPermissions $persistence.autoPermissions.enabled -}} - {{- $selected = true -}} - {{- end -}} - {{- else if $persistence.targetSelector -}} - {{- if not (kindIs "map" $persistence.targetSelector) -}} - {{- fail (printf "Persistence - Expected [targetSelector] to be [dict], but got [%s]" (kindOf $persistence.targetSelector)) -}} - {{- end -}} - - {{- if (mustHas $objectData.shortName (keys $persistence.targetSelector)) -}} - {{- $selected = true -}} - {{- end -}} - {{- else if $objectData.primary -}} - {{- $selected = true -}} - {{- end -}} - - {{- if not $selected -}}{{- continue -}}{{- end -}} - - {{- $type := ($persistence.type | default $rootCtx.Values.global.fallbackDefaults.persistenceType) -}} - {{- if eq $type "vct" -}}{{- continue -}}{{- end -}} - - {{- include "tc.v1.common.lib.pod.volumes.checkRWO" (dict - "rootCtx" $rootCtx "objectData" $objectData "persistence" $persistence "type" $type "name" $name) - -}} - - {{- $_ := set $selectedVolumes $type (mustAppend (index $selectedVolumes $type) $persistence) -}} - {{- end -}} - - {{- $selectedVolumes | toJson -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/volumes/_configmap.tpl b/charts/baikal/charts/common/templates/lib/pod/volumes/_configmap.tpl deleted file mode 100644 index 833fc7e..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/volumes/_configmap.tpl +++ /dev/null @@ -1,71 +0,0 @@ -{{/* Returns ConfigMap Volume */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.volume.configmap" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the volume. -*/}} -{{- define "tc.v1.common.lib.pod.volume.configmap" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.objectName -}} - {{- fail "Persistence - Expected non-empty [objectName] on [configmap] type" -}} - {{- end -}} - - {{- $objectName := tpl $objectData.objectName $rootCtx -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $rootCtx "objectData" $objectData - "name" $objectData.shortName "caller" "ConfigMap" - "key" "configmap")) -}} - - {{- if eq $expandName "true" -}} - {{- $object := (get $rootCtx.Values.configmap $objectName) -}} - {{- if and (not $object) (not $objectData.optional) -}} - {{- fail (printf "Persistence - Expected configmap [%s] defined in [objectName] to exist" $objectName) -}} - {{- end -}} - - {{- $objectName = (printf "%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $objectName) -}} - {{- end -}} - - {{- $optional := false -}} - {{- if hasKey $objectData "optional" -}} - {{- if not (kindIs "bool" $objectData.optional) -}} - {{- fail (printf "Persistence - Expected [optional] to be [bool], but got [%s]" (kindOf $objectData.optional)) -}} - {{- end -}} - {{- $optional = $objectData.optional -}} - {{- end -}} - - {{- $defMode := "" -}} - {{- if (and $objectData.defaultMode (not (kindIs "string" $objectData.defaultMode))) -}} - {{- fail (printf "Persistence - Expected [defaultMode] to be [string], but got [%s]" (kindOf $objectData.defaultMode)) -}} - {{- end -}} - - {{- with $objectData.defaultMode -}} - {{- $defMode = tpl $objectData.defaultMode $rootCtx -}} - {{- end -}} - - {{- if and $defMode (not (mustRegexMatch "^[0-9]{4}$" $defMode)) -}} - {{- fail (printf "Persistence - Expected [defaultMode] to have be in format of [\"0777\"], but got [%q]" $defMode) -}} - {{- end }} -- name: {{ $objectData.shortName }} - configMap: - name: {{ $objectName }} - {{- with $defMode }} - defaultMode: {{ . }} - {{- end }} - optional: {{ $optional }} - {{- with $objectData.items }} - items: - {{- range . -}} - {{- if not .key -}} - {{- fail "Persistence - Expected non-empty [items.key]" -}} - {{- end -}} - {{- if not .path -}} - {{- fail "Persistence - Expected non-empty [items.path]" -}} - {{- end }} - - key: {{ tpl .key $rootCtx }} - path: {{ tpl .path $rootCtx }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/volumes/_device.tpl b/charts/baikal/charts/common/templates/lib/pod/volumes/_device.tpl deleted file mode 100644 index b39192f..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/volumes/_device.tpl +++ /dev/null @@ -1,53 +0,0 @@ -{{/* Returns device (hostPath) Volume */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.volume.device" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the volume. -*/}} -{{- define "tc.v1.common.lib.pod.volume.device" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $hostPathType := "" -}} - {{- if $objectData.hostPathType -}} - {{- $hostPathType = tpl $objectData.hostPathType $rootCtx -}} - {{- end -}} - - {{- if not $objectData.hostPath -}} - {{- fail "Persistence - Expected non-empty [hostPath] on [device] type" -}} - {{- end -}} - {{- $hostPath := tpl $objectData.hostPath $rootCtx -}} - - {{- if not (hasPrefix "/" $hostPath) -}} - {{- fail "Persistence - Expected [hostPath] to start with a forward slash [/] on [device] type" -}} - {{- end -}} - - {{- $charDevices := (list "tty") -}} - {{- if not $hostPathType -}} - {{- range $char := $charDevices -}} - {{- if hasPrefix (printf "/dev/%v" $char) $hostPath -}} - {{- $hostPathType = "CharDevice" -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $blockDevices := (list "sd" "hd" "nvme") -}} - {{- if not $hostPathType -}} - {{- range $block := $blockDevices -}} - {{- if hasPrefix (printf "/dev/%v" $block) $hostPath -}} - {{- $hostPathType = "BlockDevice" -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $types := (list "DirectoryOrCreate" "Directory" "FileOrCreate" "File" "Socket" "CharDevice" "BlockDevice") -}} - {{- if and $hostPathType (not (mustHas $hostPathType $types)) -}} - {{- fail (printf "Persistence - Expected [hostPathType] to be one of [%s], but got [%s]" (join ", " $types) $hostPathType) -}} - {{- end }} -- name: {{ $objectData.shortName }} - hostPath: - path: {{ $hostPath }} - {{- with $hostPathType }} - type: {{ $hostPathType }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/volumes/_emptyDir.tpl b/charts/baikal/charts/common/templates/lib/pod/volumes/_emptyDir.tpl deleted file mode 100644 index cdf0bc1..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/volumes/_emptyDir.tpl +++ /dev/null @@ -1,45 +0,0 @@ -{{/* Returns emptyDir Volume */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.volume.emptyDir" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the volume. -*/}} -{{- define "tc.v1.common.lib.pod.volume.emptyDir" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $medium := "" -}} - {{- $size := "" -}} - {{- with $objectData.medium -}} - {{- $medium = tpl . $rootCtx -}} - {{- end -}} - {{- with $objectData.size -}} - {{- $size = tpl . $rootCtx -}} - {{- end -}} - - {{- if $size -}} - {{/* Size: https://regex101.com/r/NNPV2D/1 */}} - {{- if not (mustRegexMatch "^[1-9][0-9]*([EPTGMK]i?|e[0-9]+)?$" (toString $size)) -}} - {{- $formats := "(Suffixed with E/P/T/G/M/K - eg. 1G), (Suffixed with Ei/Pi/Ti/Gi/Mi/Ki - eg. 1Gi), (Plain Integer in bytes - eg. 1024), (Exponent - eg. 134e6)" -}} - {{- fail (printf "Persistence Expected [size] to have one of the following formats [%s], but got [%s]" $formats $size) -}} - {{- end -}} - {{- else if eq $medium "Memory" -}} - {{- $size = $rootCtx.Values.resources.limits.memory -}} - {{- end -}} - - {{- if and $medium (ne $medium "Memory") -}} - {{- fail (printf "Persistence - Expected [medium] to be one of [\"\", Memory], but got [%s] on [emptyDir] type" $medium) -}} - {{- end }} -- name: {{ $objectData.shortName }} - {{- if or $medium $size }} - emptyDir: - {{- if $medium }} - medium: {{ $medium }} - {{- end -}} - {{- if $size }} - sizeLimit: {{ $size }} - {{- end -}} - {{- else }} - emptyDir: {} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/volumes/_hostPath.tpl b/charts/baikal/charts/common/templates/lib/pod/volumes/_hostPath.tpl deleted file mode 100644 index 0cdea18..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/volumes/_hostPath.tpl +++ /dev/null @@ -1,35 +0,0 @@ -{{/* Returns hostPath Volume */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.volume.hostPath" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the volume. -*/}} -{{- define "tc.v1.common.lib.pod.volume.hostPath" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $hostPathType := "" -}} - {{- if $objectData.hostPathType -}} - {{- $hostPathType = tpl $objectData.hostPathType $rootCtx -}} - {{- end -}} - - {{- if not $objectData.hostPath -}} - {{- fail "Persistence - Expected non-empty [hostPath] on [hostPath] type" -}} - {{- end -}} - {{- $hostPath := tpl $objectData.hostPath $rootCtx -}} - - {{- if not (hasPrefix "/" $hostPath) -}} - {{- fail "Persistence - Expected [hostPath] to start with a forward slash [/] on [hostPath] type" -}} - {{- end -}} - - {{- $types := (list "DirectoryOrCreate" "Directory" "FileOrCreate" "File" "Socket" "CharDevice" "BlockDevice") -}} - {{- if and $hostPathType (not (mustHas $hostPathType $types)) -}} - {{- fail (printf "Persistence - Expected [hostPathType] to be one of [%s], but got [%s]" (join ", " $types) $hostPathType) -}} - {{- end }} -- name: {{ $objectData.shortName }} - hostPath: - path: {{ $hostPath }} - {{- with $hostPathType }} - type: {{ $hostPathType }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/volumes/_iscsi.tpl b/charts/baikal/charts/common/templates/lib/pod/volumes/_iscsi.tpl deleted file mode 100644 index 3769ef6..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/volumes/_iscsi.tpl +++ /dev/null @@ -1,75 +0,0 @@ -{{/* Returns iscsi Volume */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.volume.iscsi" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the volume. -*/}} -{{- define "tc.v1.common.lib.pod.volume.iscsi" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.iscsi -}} - {{- fail "Persistence - Expected non-empty [iscsi] object on [iscsi] type" -}} - {{- end -}} - - {{- with $objectData.iscsi.fsType -}} - {{- $validFSTypes := (list "ext4" "xfs" "ntfs") -}} - {{- $fsType := tpl . $rootCtx -}} - {{- if not (mustHas $fsType $validFSTypes) -}} - {{- fail (printf "Persistence - Expected [fsType] on [iscsi] type to be one of [%s], but got [%s]" (join ", " $validFSTypes) $fsType) -}} - {{- end -}} - {{- end -}} - - {{- if not $objectData.iscsi.targetPortal -}} - {{- fail "Persistence - Expected non-empty [targetPortal] on [iscsi] type" -}} - {{- end -}} - - {{- if not $objectData.iscsi.iqn -}} - {{- fail "Persistence - Expected non-empty [iqn] on [iscsi] type" -}} - {{- end -}} - - {{- if (kindIs "invalid" $objectData.iscsi.lun) -}} - {{- fail "Persistence - Expected non-empty [lun] on [iscsi] type" -}} - {{- end -}} - {{- $lun := $objectData.iscsi.lun -}} - {{- if (kindIs "string" $lun) -}} - {{- $lun = tpl $lun $rootCtx | float64 -}} - {{- end -}} - - {{- $authSession := false -}} - {{- $authDiscovery := false -}} - {{- if $objectData.iscsi.authSession -}} - {{- $authSession = true -}} - {{- end -}} - {{- if $objectData.iscsi.authDiscovery -}} - {{- $authDiscovery = true -}} - {{- end }} - -- name: {{ $objectData.shortName }} - iscsi: - targetPortal: {{ tpl $objectData.iscsi.targetPortal $rootCtx }} - {{- with $objectData.iscsi.portals }} - portals: - {{- range $portal := . }} - - {{ tpl $portal $rootCtx | quote }} - {{- end -}} - {{- end }} - iqn: {{ tpl $objectData.iscsi.iqn $rootCtx }} - lun: {{ include "tc.v1.common.helper.makeIntOrNoop" $lun }} - {{- with $objectData.iscsi.iscsiInterface }} - iscsiInterface: {{ tpl . $rootCtx }} - {{- end -}} - {{- with $objectData.iscsi.initiatorName }} - initiatorName: {{ tpl . $rootCtx }} - {{- end -}} - {{- with $objectData.iscsi.fsType }} - fsType: {{ tpl . $rootCtx }} - {{- end }} - chapAuthSession: {{ $authSession }} - chapAuthDiscovery: {{ $authDiscovery }} - {{- if or $authSession $authDiscovery -}} - {{- $secretName := (printf "%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $objectData.shortName) }} - secretRef: - name: {{ $secretName }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/volumes/_nfs.tpl b/charts/baikal/charts/common/templates/lib/pod/volumes/_nfs.tpl deleted file mode 100644 index 18b4113..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/volumes/_nfs.tpl +++ /dev/null @@ -1,27 +0,0 @@ -{{/* Returns NFS Volume */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.volume.nfs" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the volume. -*/}} -{{- define "tc.v1.common.lib.pod.volume.nfs" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.path -}} - {{- fail "Persistence - Expected non-empty [path] on [nfs] type" -}} - {{- end -}} - - {{- $path := tpl $objectData.path $rootCtx -}} - {{- if not (hasPrefix "/" $path) -}} - {{- fail "Persistence - Expected [path] to start with a forward slash [/] on [nfs] type" -}} - {{- end -}} - - {{- if not $objectData.server -}} - {{- fail "Persistence - Expected non-empty [server] on [nfs] type" -}} - {{- end }} -- name: {{ $objectData.shortName }} - nfs: - path: {{ $path }} - server: {{ tpl $objectData.server $rootCtx }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/volumes/_projected.tpl b/charts/baikal/charts/common/templates/lib/pod/volumes/_projected.tpl deleted file mode 100644 index 979125e..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/volumes/_projected.tpl +++ /dev/null @@ -1,181 +0,0 @@ -{{/* Returns projected Volume */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.volume.projected" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the volume. -*/}} -{{- define "tc.v1.common.lib.pod.volume.projected" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.sources -}} - {{- fail "Persistence - Expected non-empty [sources] on [projected] type" -}} - {{- end -}} - - {{- $defMode := "" -}} - {{- if (and $objectData.defaultMode (not (kindIs "string" $objectData.defaultMode))) -}} - {{- fail (printf "Persistence - Expected [defaultMode] to be [string], but got [%s]" (kindOf $objectData.defaultMode)) -}} - {{- end -}} - - {{- with $objectData.defaultMode -}} - {{- $defMode = tpl $objectData.defaultMode $rootCtx -}} - {{- end -}} - - {{- if and $defMode (not (mustRegexMatch "^[0-9]{4}$" $defMode)) -}} - {{- fail (printf "Persistence - Expected [defaultMode] to have be in format of [\"0777\"], but got [%q]" $defMode) -}} - {{- end -}} - {{- $allowedSources := (list "clusterTrustBundle" "configMap" "downwardAPI" "secret" "serviceAccountToken") }} -- name: {{ $objectData.shortName }} - projected: - {{- with $defMode }} - defaultMode: {{ . }} - {{- end }} - sources: - {{- range $source := $objectData.sources -}} - {{- if gt ($source | keys | len) 1 -}} - {{- fail "Persistence - Expected only one source type per item in [projected] volume" -}} - {{- end -}} - - {{- $k := $source | keys | first -}} - {{- $v := (get $source $k) -}} - - {{- if eq $k "serviceAccountToken" }} - {{- include "tc.v1.common.lib.pod.volume.projected.serviceAccountToken" (dict "rootCtx" $rootCtx "source" $v) | nindent 6 }} - {{- else if or (eq $k "secret") (eq $k "configMap") }} - {{- include "tc.v1.common.lib.pod.volume.projected.cm-secret" (dict "rootCtx" $rootCtx "source" $v "type" $k) | nindent 6 }} - {{- else if eq $k "downwardAPI" }} - {{- include "tc.v1.common.lib.pod.volume.projected.downwardAPI" (dict "rootCtx" $rootCtx "source" $v) | nindent 6 }} - {{- else if eq $k "clusterTrustBundle" }} - {{- include "tc.v1.common.lib.pod.volume.projected.clusterTrustBundle" (dict "rootCtx" $rootCtx "source" $v) | nindent 6 }} - {{- else -}} - {{- fail (printf "Persistence - Invalid source type [%s] for projected. Valid sources are [%s]" $k (join ", " $allowedSources)) -}} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.volume.projected.serviceAccountToken" -}} - {{- $rootCtx := .rootCtx -}} - {{- $source := .source -}} - - {{- if hasKey $source "expirationSeconds" -}} - {{- if lt ($source.expirationSeconds | int) 600 -}} - {{- fail (printf "Persistence - Expected [expirationSeconds] to be greater than 600 seconds, but got [%v]" $source.expirationSeconds) -}} - {{- end -}} - {{- end -}} - - {{- if not $source.path -}} - {{- fail "Persistence - Expected non-empty [path] on [serviceAccountToken] type" -}} - {{- end -}} -- serviceAccountToken: - {{- with $source.audience }} - audience: {{ tpl . $rootCtx }} - {{- end -}} - {{- with $source.expirationSeconds }} - expirationSeconds: {{ . }} - {{- end }} - path: {{ tpl $source.path $rootCtx }} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.volume.projected.downwardAPI" -}} - {{- $rootCtx := .rootCtx -}} - {{- $source := .source -}} - - {{- if not (kindIs "map" $source) -}} - {{- fail (printf "Persistence - Expected [downwardAPI] in [sources] to be a map on [downwardAPI] type, but got [%s]" (kindOf $source)) -}} - {{- end -}} - - {{- if not $source.items -}} - {{- fail "Persistence - Expected non-empty [items] on [downwardAPI] type" -}} - {{- end }} -- downwardAPI: - items: - {{- $allowedItems := (list "fieldRef" "resourceFieldRef") }} - {{- range $item := $source.items -}} - {{- if not $item.path -}} - {{- fail "Persistence - Expected non-empty [path] on item in [downwardAPI] type" -}} - {{- end }} - - path: {{ tpl $item.path $rootCtx }} - {{- if hasKey $item "fieldRef" }} - {{- if not $item.fieldRef.fieldPath -}} - {{- fail "Persistence - Expected non-empty [fieldPath] under [fieldRef] on item in [downwardAPI] type" -}} - {{- end }} - fieldRef: - {{- with $item.fieldRef.apiVersion }} - apiVersion: {{ tpl . $rootCtx }} - {{- end }} - fieldPath: {{ tpl $item.fieldRef.fieldPath $rootCtx }} - {{- else if hasKey $item "resourceFieldRef" }} - {{- if not $item.resourceFieldRef.containerName -}} - {{- fail "Persistence - Expected non-empty [containerName] under [resourceFieldRef] on item in [downwardAPI] type" -}} - {{- end -}} - {{- if not $item.resourceFieldRef.resource -}} - {{- fail "Persistence - Expected non-empty [resource] under [resourceFieldRef] on item in [downwardAPI] type" -}} - {{- end }} - resourceFieldRef: - resource: {{ tpl $item.resourceFieldRef.resource $rootCtx }} - containerName: {{ tpl $item.resourceFieldRef.containerName $rootCtx }} - {{- if hasKey $item.resourceFieldRef "divisor" }} - divisor: {{ $item.resourceFieldRef.divisor }} - {{- end -}} - {{- else -}} - {{- fail (printf "Persistence - Expected item in downwardAPI to have one of [%s] keys. But found [%s]" (join ", " $allowedItems) (join ", " ($item | keys | sortAlpha))) -}} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.volume.projected.cm-secret" -}} - {{- $rootCtx := .rootCtx -}} - {{- $source := .source -}} - {{- $type := .type -}} - - {{- if not $source.objectName -}} - {{- fail (printf "Persistence - Expected non-empty [objectName] on [%s] type" $type) -}} - {{- end -}} - - {{- if not $source.items -}} - {{- fail (printf "Persistence - Expected non-empty [items] on [%s] type" $type) -}} - {{- end -}} - - {{- if not (kindIs "slice" $source.items) -}} - {{- fail (printf "Persistence - Expected [items] to be a slice on [%s] type, but got [%s]" $type (kindOf $source.items)) -}} - {{- end -}} - - {{- $objectName := tpl $source.objectName $rootCtx -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $rootCtx "objectData" $source - "name" $source.objectName "caller" "Persistence - Projected" - "key" "persistence")) -}} - {{- $ltype := $type | lower -}} - {{- if eq $expandName "true" -}} - {{- $object := (get (get $rootCtx.Values $ltype) $objectName) -}} - {{- if and (not $object) (not $source.optional) -}} - {{- fail (printf "Persistence - Expected %s [%s] defined in [objectName] to exist" $ltype $objectName) -}} - {{- end -}} - - {{- $objectName = (printf "%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $objectName) -}} - {{- end }} -- {{ $type }}: - name: {{ $objectName }} - {{- if hasKey $source "optional" }} - optional: {{ $source.optional }} - {{- end }} - items: - {{- range $item := $source.items -}} - {{- if not $item.key -}} - {{- fail (printf "Persistence - Expected non-empty [key] on item in [%s] type" $type) -}} - {{- end -}} - {{- if not $item.path -}} - {{- fail (printf "Persistence - Expected non-empty [path] on item in [%s] type" $type) -}} - {{- end }} - - key: {{ tpl $item.key $rootCtx }} - path: {{ tpl $item.path $rootCtx }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.volume.projected.clusterTrustBundle" -}} - {{- $rootCtx := .rootCtx -}} - {{- $source := .source -}} - - {{- fail "Persistence - Key [clusterTrustBundle] is not yet implemented in [projected type]" -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/volumes/_pvc.tpl b/charts/baikal/charts/common/templates/lib/pod/volumes/_pvc.tpl deleted file mode 100644 index 1f93e96..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/volumes/_pvc.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{/* Returns PVC Volume */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.volume.pvc" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the volume. -*/}} -{{- define "tc.v1.common.lib.pod.volume.pvc" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $pvcName := include "tc.v1.common.lib.storage.pvc.name" (dict "rootCtx" $rootCtx "objectName" $objectData.shortName "objectData" $objectData) -}} - {{- with $objectData.existingClaim -}} - {{- $pvcName = tpl . $rootCtx -}} - {{- end }} -- name: {{ $objectData.shortName }} - persistentVolumeClaim: - claimName: {{ $pvcName }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/pod/volumes/_secret.tpl b/charts/baikal/charts/common/templates/lib/pod/volumes/_secret.tpl deleted file mode 100644 index ab8678f..0000000 --- a/charts/baikal/charts/common/templates/lib/pod/volumes/_secret.tpl +++ /dev/null @@ -1,71 +0,0 @@ -{{/* Returns Secret Volume */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.volume.secret" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the volume. -*/}} -{{- define "tc.v1.common.lib.pod.volume.secret" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.objectName -}} - {{- fail "Persistence - Expected non-empty [objectName] on [secret] type" -}} - {{- end -}} - - {{- $objectName := tpl $objectData.objectName $rootCtx -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $rootCtx "objectData" $objectData - "name" $objectData.shortName "caller" "Secret" - "key" "secret")) -}} - - {{- if eq $expandName "true" -}} - {{- $object := (get $rootCtx.Values.secret $objectName) -}} - {{- if and (not $object) (not $objectData.optional) -}} - {{- fail (printf "Persistence - Expected secret [%s] defined in [objectName] to exist" $objectName) -}} - {{- end -}} - - {{- $objectName = (printf "%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $objectName) -}} - {{- end -}} - - {{- $optional := false -}} - {{- if hasKey $objectData "optional" -}} - {{- if not (kindIs "bool" $objectData.optional) -}} - {{- fail (printf "Persistence - Expected [optional] to be [bool], but got [%s]" (kindOf $objectData.optional)) -}} - {{- end -}} - {{- $optional = $objectData.optional -}} - {{- end -}} - - {{- $defMode := "" -}} - {{- if (and $objectData.defaultMode (not (kindIs "string" $objectData.defaultMode))) -}} - {{- fail (printf "Persistence - Expected [defaultMode] to be [string], but got [%s]" (kindOf $objectData.defaultMode)) -}} - {{- end -}} - - {{- with $objectData.defaultMode -}} - {{- $defMode = tpl $objectData.defaultMode $rootCtx -}} - {{- end -}} - - {{- if and $defMode (not (mustRegexMatch "^[0-9]{4}$" $defMode)) -}} - {{- fail (printf "Persistence - Expected [defaultMode] to have be in format of [\"0777\"], but got [%q]" $defMode) -}} - {{- end }} -- name: {{ $objectData.shortName }} - secret: - secretName: {{ $objectName }} - {{- with $defMode }} - defaultMode: {{ . }} - {{- end }} - optional: {{ $optional }} - {{- with $objectData.items }} - items: - {{- range . -}} - {{- if not .key -}} - {{- fail "Persistence - Expected non-empty [items.key]" -}} - {{- end -}} - {{- if not .path -}} - {{- fail "Persistence - Expected non-empty [items.path]" -}} - {{- end }} - - key: {{ tpl .key $rootCtx }} - path: {{ tpl .path $rootCtx }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/podDistruptionBudget/_validation.tpl b/charts/baikal/charts/common/templates/lib/podDistruptionBudget/_validation.tpl deleted file mode 100644 index b92fc57..0000000 --- a/charts/baikal/charts/common/templates/lib/podDistruptionBudget/_validation.tpl +++ /dev/null @@ -1,52 +0,0 @@ -{{/* Metadata Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.podDisruptionBudget.validation" (dict "objectData" $objectData "caller" $caller) -}} -objectData: - labels: The labels of the configmap. - annotations: The annotations of the configmap. - data: The data of the configmap. -*/}} - -{{- define "tc.v1.common.lib.podDisruptionBudget.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if and $objectData.targetSelector (not (kindIs "string" $objectData.targetSelector)) -}} - {{- fail (printf "Pod Disruption Budget - Expected [targetSelector] to be [string], but got [%s]" (kindOf $objectData.targetSelector)) -}} - {{- end -}} - - {{- if and (not $objectData.targetSelector) (not $objectData.customLabels) -}} - {{- fail (printf "Pod Disruption Budget - Expected one of [targetSelector, customLabels] to be defined in [podDisruptionBudget.%s]" $objectData.shortName) -}} - {{- end -}} - - {{- if and $objectData.targetSelector $objectData.customLabels -}} - {{- fail (printf "Pod Disruption Budget - Expected only one of [targetSelector, customLabels] to be defined in [podDisruptionBudget.%s]" $objectData.shortName) -}} - {{- end -}} - - {{- with $objectData.unhealthyPodEvictionPolicy -}} - {{- $policies := (list "IfHealthyBudget" "AlwaysAllow") -}} - {{- if not (mustHas (tpl . $rootCtx) $policies) -}} - {{- fail (printf "Pod Disruption Budget - Expected [unhealthyPodEvictionPolicy] to be one of [%s], but got [%s]" (join ", " $policies) .) -}} - {{- end -}} - {{- end -}} - - {{- $hasKey := false -}} - {{- $keys := (list "minAvailable" "maxUnavailable") -}} - {{- range $key := $keys -}} - {{- if hasKey $objectData $key -}} - {{- $hasKey = true -}} - {{- if kindIs "invalid" (get $objectData $key) -}} - {{- fail (printf "Pod Disruption Budget - Expected the defined key [%v] in [podDisruptionBudget.%s] to not be empty" $key $objectData.shortName) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if and ($objectData.minAvailable) ($objectData.maxUnavailable) -}} - {{- fail (printf "Pod Disruption Budget - Expected one of [%s] to be defined in [podDisruptionBudget.%s], but got both" (join ", " $keys) $objectData.shortName) -}} - {{- end -}} - - {{- if not $hasKey -}} - {{- fail (printf "Pod Disruption Budget - Expected at least one of [%s] to be defined in [podDisruptionBudget.%s]" (join ", " $keys) $objectData.shortName) -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/priorityClass/_validation.tpl b/charts/baikal/charts/common/templates/lib/priorityClass/_validation.tpl deleted file mode 100644 index 446e6f1..0000000 --- a/charts/baikal/charts/common/templates/lib/priorityClass/_validation.tpl +++ /dev/null @@ -1,11 +0,0 @@ -{{- define "tc.v1.common.lib.priorityclass.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $validPolicies := (list "PreemptLowerPriority" "Never") -}} - {{- if $objectData.preemptionPolicy -}} - {{- if not (mustHas $objectData.preemptionPolicy $validPolicies) -}} - {{- fail (printf "Priority Class - Expected [preemptionPolicy] to be one of [%s], but got [%s]" (join ", " $validPolicies) $objectData.preemptionPolicy) -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/rbac/_getServiceAccounts.tpl b/charts/baikal/charts/common/templates/lib/rbac/_getServiceAccounts.tpl deleted file mode 100644 index 61a2305..0000000 --- a/charts/baikal/charts/common/templates/lib/rbac/_getServiceAccounts.tpl +++ /dev/null @@ -1,52 +0,0 @@ -{{/* Returns Service Account List for rbac */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.rbac.serviceAccount" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the RBAC. -*/}} -{{/* Parses service accounts, and checks if RBAC have selected any of them */}} -{{- define "tc.v1.common.lib.rbac.serviceAccount" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $serviceAccounts := list -}} - - {{- range $name, $serviceAccount := $rootCtx.Values.serviceAccount -}} - {{- $saName := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - - {{- if $serviceAccount.enabled -}} - - {{- if not $serviceAccount.primary -}} - {{- $saName = (printf "%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $name) -}} - {{- end -}} - - {{/* If allServiceAccounts is true */}} - {{- if $objectData.allServiceAccounts -}} - {{- $serviceAccounts = mustAppend $serviceAccounts $saName -}} - - {{/* Else if serviceAccounts is a list */}} - {{- else if (kindIs "slice" $objectData.serviceAccounts) -}} - {{- if (mustHas $name $objectData.serviceAccounts) -}} - {{- $serviceAccounts = mustAppend $serviceAccounts $saName -}} - {{- end -}} - - {{/* If not "allServiceAccounts" or "serviceAccounts", assign the primary service account to rbac */}} - {{- else if $serviceAccount.primary -}} - {{- if $objectData.primary -}} - {{- $serviceAccounts = mustAppend $serviceAccounts $saName -}} - {{- end -}} - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- if not $serviceAccounts -}} - {{- fail "RBAC - Expected at least one serviceAccount to be assigned. Assign one using [allServiceAccounts (boolean), serviceAccounts (list)]" -}} - {{- end -}} - - {{- range $serviceAccounts }} -- kind: ServiceAccount - name: {{ . }} - namespace: {{ $rootCtx.Release.Namespace }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/rbac/_rules.tpl b/charts/baikal/charts/common/templates/lib/rbac/_rules.tpl deleted file mode 100644 index 54813d1..0000000 --- a/charts/baikal/charts/common/templates/lib/rbac/_rules.tpl +++ /dev/null @@ -1,70 +0,0 @@ -{{/* Returns Rules for rbac */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.rbac.rules" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the RBAC. -*/}} -{{/* Parses service accounts, and checks if RBAC have selected any of them */}} -{{- define "tc.v1.common.lib.rbac.rules" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.rules -}} - {{- fail "RBAC - Expected non-empty [rbac.rules]" -}} - {{- end -}} - - {{- range $objectData.rules -}} - {{- if not .apiGroups -}} - {{- fail "RBAC - Expected non-empty [rbac.rules.apiGroups]" -}} - {{- end -}} - {{- if not .resources -}} - {{- fail "RBAC - Expected non-empty [rbac.rules.resources]" -}} - {{- end -}} - {{- if not .verbs -}} - {{- fail "RBAC - Expected non-empty [rbac.rules.verbs]" -}} - {{- end -}} - - {{- /* apiGroups */}} -- apiGroups: - {{- range .apiGroups }} - - {{ tpl . $rootCtx | quote }} - {{- end -}} - {{- /* resources */}} - resources: - {{- range .resources -}} - {{- if not . -}} - {{- fail "RBAC - Expected non-empty entry in [rbac.rules.resources]" -}} - {{- end }} - - {{ tpl . $rootCtx | quote }} - {{- end -}} - {{- /* resourceNames */}} - {{- if .resourceNames }} - resourceNames: - {{- range .resourceNames -}} - {{- if not . -}} - {{- fail "RBAC - Expected non-empty entry in [rbac.rules.resourceNames]" -}} - {{- end }} - - {{ tpl . $rootCtx | quote }} - {{- end -}} - {{- end -}} - {{- /* nonResourceURLs */}} - {{- if .nonResourceURLs }} - nonResourceURLs: - {{- range .nonResourceURLs }} - {{- if not . -}} - {{- fail "RBAC - Expected non-empty entry in [rbac.rules.nonResourceURLs]" -}} - {{- end }} - - {{ tpl . $rootCtx | quote }} - {{- end -}} - {{- end -}} - {{- /* verbs */}} - verbs: - {{- range .verbs -}} - {{- if not . -}} - {{- fail "RBAC - Expected non-empty entry in [rbac.rules.verbs]" -}} - {{- end }} - - {{ tpl . $rootCtx | quote }} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/rbac/_subjects.tpl b/charts/baikal/charts/common/templates/lib/rbac/_subjects.tpl deleted file mode 100644 index 89af224..0000000 --- a/charts/baikal/charts/common/templates/lib/rbac/_subjects.tpl +++ /dev/null @@ -1,17 +0,0 @@ -{{/* Returns Subjects for rbac */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.rbac.subjects" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the RBAC. -*/}} -{{/* Parses service accounts, and checks if RBAC have selected any of them */}} -{{- define "tc.v1.common.lib.rbac.subjects" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- range $objectData.subjects }} -- kind: {{ tpl (required "RBAC - Expected non-empty [rbac.subjects.kind]" .kind) $rootCtx | quote }} - name: {{ tpl (required "RBAC - Expected non-empty [rbac.subjects.name]" .name) $rootCtx | quote }} - apiGroup: {{ tpl (required "RBAC - Expected non-empty [rbac.subjects.apiGroup]" .apiGroup) $rootCtx | quote }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/rbac/_validation.tpl b/charts/baikal/charts/common/templates/lib/rbac/_validation.tpl deleted file mode 100644 index 81f7ca8..0000000 --- a/charts/baikal/charts/common/templates/lib/rbac/_validation.tpl +++ /dev/null @@ -1,38 +0,0 @@ -{{/* RBAC Primary Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.rbac.primaryValidation" $ -}} -*/}} - -{{- define "tc.v1.common.lib.rbac.primaryValidation" -}} - - {{/* Initialize values */}} - {{- $hasPrimary := false -}} - {{- $hasEnabled := false -}} - - {{- range $name, $rbac := .Values.rbac -}} - - {{/* If rbac is enabled */}} - {{- if $rbac.enabled -}} - {{- $hasEnabled = true -}} - - {{/* And rbac is primary */}} - {{- if and (hasKey $rbac "primary") ($rbac.primary) -}} - - {{/* Fail if there is already a primary rbac */}} - {{- if $hasPrimary -}} - {{- fail "RBAC - Only one rbac can be primary" -}} - {{- end -}} - - {{- $hasPrimary = true -}} - - {{- end -}} - - {{- end -}} - {{- end -}} - - {{/* Require at least one primary rbac, if any enabled */}} - {{- if and $hasEnabled (not $hasPrimary) -}} - {{- fail "RBAC - At least one enabled rbac must be primary" -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/secret/_validation.tpl b/charts/baikal/charts/common/templates/lib/secret/_validation.tpl deleted file mode 100644 index 109093c..0000000 --- a/charts/baikal/charts/common/templates/lib/secret/_validation.tpl +++ /dev/null @@ -1,31 +0,0 @@ -{{/* Secret Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.secret.validation" (dict "objectData" $objectData) -}} -objectData: - labels: The labels of the secret. - annotations: The annotations of the secret. - data: The data of the secret. -*/}} - -{{- define "tc.v1.common.lib.secret.validation" -}} - {{- $objectData := .objectData -}} - - {{- if $objectData.stringData -}} - {{- fail "Secret - Key [stringData] is not supported" -}} - {{- end -}} - - {{- if ne $objectData.type "kubernetes.io/service-account-token" -}} - {{- if and (not $objectData.data) -}} - {{- fail "Secret - Expected non-empty [data]" -}} - {{- end -}} - - {{- if and $objectData.data (not (kindIs "map" $objectData.data)) -}} - {{- fail (printf "Secret - Expected [data] to be a dictionary, but got [%v]" (kindOf $objectData.data)) -}} - {{- end -}} - - {{- if and (hasKey $objectData "type") (not $objectData.type) -}} - {{- fail (printf "Secret - Expected non-empty [type] key") -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/service/_ports.tpl b/charts/baikal/charts/common/templates/lib/service/_ports.tpl deleted file mode 100644 index 521a7fc..0000000 --- a/charts/baikal/charts/common/templates/lib/service/_ports.tpl +++ /dev/null @@ -1,63 +0,0 @@ -{{/* Service - Ports */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.ports" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The object data of the service -*/}} - -{{- define "tc.v1.common.lib.service.ports" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $tcpProtocols := (list "tcp" "http" "https") -}} - {{- range $name, $portValues := $objectData.ports -}} - {{- if $portValues.enabled -}} - {{- $protocol := $rootCtx.Values.global.fallbackDefaults.serviceProtocol -}} {{/* Default to fallback protocol, if no protocol is defined */}} - {{- $port := $portValues.port -}} - {{- $targetPort := $portValues.targetPort -}} - {{- $nodePort := $portValues.nodePort -}} - - {{/* Expand port */}} - {{- if (kindIs "string" $port) -}} - {{- $port = (tpl $port $rootCtx) -}} - {{- end -}} - {{- $port = int $port -}} - - {{/* Expand targetPort */}} - {{- if (kindIs "string" $targetPort) -}} - {{- $targetPort = tpl $targetPort $rootCtx -}} - {{- end -}} - {{- $targetPort = int $targetPort -}} - - {{/* Expand nodePort */}} - {{- if (kindIs "string" $nodePort) -}} - {{- $nodePort = tpl $nodePort $rootCtx -}} - {{- end -}} - {{- $nodePort = int $nodePort -}} - - {{- with $portValues.protocol -}} - {{- $protocol = tpl . $rootCtx -}} - - {{- if mustHas $protocol $tcpProtocols -}} - {{- $protocol = "tcp" -}} - {{- end -}} - {{- end }} -- name: {{ $name }} - port: {{ $port }} - protocol: {{ $protocol | upper }} - targetPort: {{ $targetPort | default $port }} {{/* If no targetPort, default to port */}} - {{- if (eq $objectData.type "NodePort") -}} - {{- if not $nodePort -}} - {{- fail "Service - Expected non-empty [nodePort] on NodePort service type" -}} - {{- end -}} - - {{- $minNodePort := int $rootCtx.Values.global.minNodePort -}} - {{- if (lt $nodePort $minNodePort) -}} - {{- fail (printf "Service - Expected [nodePort] to be higher than [%v], but got [%v]" $minNodePort $nodePort) -}} - {{- end }} - nodePort: {{ $nodePort }} - {{- end -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/service/_validation.tpl b/charts/baikal/charts/common/templates/lib/service/_validation.tpl deleted file mode 100644 index 10fcf36..0000000 --- a/charts/baikal/charts/common/templates/lib/service/_validation.tpl +++ /dev/null @@ -1,161 +0,0 @@ -{{/* Service Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.validation" (dict "objectData" $objectData) -}} -objectData: - rootCtx: The root context of the chart. - objectData: The service object. -*/}} - -{{- define "tc.v1.common.lib.service.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if and $objectData.targetSelector (not (kindIs "string" $objectData.targetSelector)) -}} - {{- fail (printf "Service - Expected [targetSelector] to be [string], but got [%s]" (kindOf $objectData.targetSelector)) -}} - {{- end -}} - - {{- $svcTypes := (list "ClusterIP" "LoadBalancer" "NodePort" "ExternalName" "ExternalIP") -}} - {{- if and $objectData.type (not (mustHas $objectData.type $svcTypes)) -}} - {{- fail (printf "Service - Expected [type] to be one of [%s] but got [%s]" (join ", " $svcTypes) $objectData.type) -}} - {{- end -}} - - {{- $hasEnabledPort := false -}} - {{- if ne $objectData.type "ExternalName" -}} - {{- range $name, $port := $objectData.ports -}} - {{- $enabled := "false" -}} - - {{- if not (kindIs "invalid" $port.enabled) -}} - {{- $enabled = (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $port - "name" $name "caller" "Service Validation Util" - "key" "port")) -}} - {{- end -}} - - {{- if eq $enabled "true" -}} - {{- $hasEnabledPort = true -}} - - {{- if and $port.targetSelector (not (kindIs "string" $port.targetSelector)) -}} - {{- fail (printf "Service - Expected [port.targetSelector] to be [string], but got [%s]" (kindOf $port.targetSelector)) -}} - {{- end -}} - - {{- if not $port.port -}} - {{- fail (printf "Service - Expected non-empty [port.port]") -}} - {{- end -}} - - {{- $protocolTypes := (list "tcp" "udp" "http" "https") -}} - {{- if $port.protocol -}} - {{- if not (mustHas (tpl $port.protocol $rootCtx) $protocolTypes) -}} - {{- fail (printf "Service - Expected [port.protocol] to be one of [%s] but got [%s]" (join ", " $protocolTypes) $port.protocol) -}} - {{- end -}} - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- if not $hasEnabledPort -}} - {{- fail "Service - Expected enabled service to have at least one port" -}} - {{- end -}} - {{- end -}} - -{{- end -}} - -{{/* Service Primary Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.primaryValidation" $ -}} -*/}} - -{{- define "tc.v1.common.lib.service.primaryValidation" -}} - {{- $result := (include "tc.v1.common.lib.service.hasPrimary" $) | fromJson -}} - - {{/* Require at least one primary service, if any enabled */}} - {{- if and $result.hasEnabled (not $result.hasPrimary) -}} - {{- fail "Service - At least one enabled service must be primary" -}} - {{- end -}} - -{{- end -}} - -{{- define "tc.v1.common.lib.service.hasPrimary" -}} - {{- $objectData := .objectData -}} - - {{- $hasPrimary := false -}} - {{- $hasEnabled := false -}} - - {{- range $name, $service := $.Values.service -}} - {{- $enabled := "false" -}} - - {{- if not (kindIs "invalid" $service.enabled) -}} - {{- $enabled = (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $service - "name" $name "caller" "Service Validation Util" - "key" "service")) -}} - {{- end -}} - - {{- if eq $enabled "true" -}} - {{- $hasEnabled = true -}} - - {{/* And service is primary */}} - {{- if and (hasKey $service "primary") ($service.primary) -}} - {{/* Fail if there is already a primary service */}} - {{- if $hasPrimary -}} - {{- fail "Service - Only one service can be primary" -}} - {{- end -}} - - {{- $hasPrimary = true -}} - - {{- include "tc.v1.common.lib.servicePort.primaryValidation" (dict "objectData" $service.ports) -}} - - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- (dict "hasPrimary" $hasPrimary "hasEnabled" $hasEnabled) | toJson -}} -{{- end -}} - - -{{/* Service Port Primary Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.primaryValidation" (dict "objectData" $objectData -}} -objectData: - The ports of the service. -*/}} -{{- define "tc.v1.common.lib.servicePort.primaryValidation" -}} - {{- $objectData := .objectData -}} - {{- $result := (include "tc.v1.common.lib.servicePort.hasPrimary" (dict "objectData" $objectData)) | fromJson -}} - - {{/* Require at least one primary service, if any enabled */}} - {{- if and $result.hasEnabled (not $result.hasPrimary) -}} - {{- fail "Service - At least one enabled port in service must be primary" -}} - {{- end -}} - -{{- end -}} - -{{- define "tc.v1.common.lib.servicePort.hasPrimary" -}} - {{- $objectData := .objectData -}} - - {{- $hasPrimary := false -}} - {{- $hasEnabled := false -}} - - {{- range $name, $port := $objectData -}} - - {{/* If service is enabled */}} - {{- if $port.enabled -}} - {{- $hasEnabled = true -}} - - {{/* And service is primary */}} - {{- if and (hasKey $port "primary") ($port.primary) -}} - - {{/* Fail if there is already a primary port */}} - {{- if $hasPrimary -}} - {{- fail "Service - Only one port per service can be primary" -}} - {{- end -}} - - {{- $hasPrimary = true -}} - - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- (dict "hasPrimary" $hasPrimary "hasEnabled" $hasEnabled) | toJson -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/service/integrations/_cilium.tpl b/charts/baikal/charts/common/templates/lib/service/integrations/_cilium.tpl deleted file mode 100644 index bf373e4..0000000 --- a/charts/baikal/charts/common/templates/lib/service/integrations/_cilium.tpl +++ /dev/null @@ -1,33 +0,0 @@ -{{- define "tc.v1.common.lib.service.integration.cilium" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $_ := set $objectData "integrations" ($objectData.integrations | default dict) -}} - {{- $cilium := $objectData.integrations.cilium -}} - - {{- if $cilium.enabled -}} - {{- include "tc.v1.common.lib.service.integration.validate" (dict "objectData" $objectData "integration" $cilium) -}} - - {{- if and $cilium.sharedKey (ne $objectData.externalTrafficPolicy "Local") -}} - {{/* If externalTrafficPolicy is not set or is not Local, add the shared key as annotation */}} - {{- $_ := set $objectData.annotations "lbipam.cilium.io/sharing-key" $cilium.sharedKey -}} - {{- end -}} - - {{- $ips := list -}} - - {{/* Handle loadBalancerIP (single) */}} - {{- if $objectData.loadBalancerIP -}} - {{- $ips = mustAppend $ips (tpl $objectData.loadBalancerIP $rootCtx) -}} - {{- end -}} - - {{/* Handle loadBalancerIPs (multiple) */}} - {{- range $ip := $objectData.loadBalancerIPs -}} - {{- $ips = mustAppend $ips (tpl $ip $rootCtx) -}} - {{- end -}} - - {{- if $ips -}} - {{- $_ := set $objectData.annotations "lbipam.cilium.io/ips" (join "," $ips) -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/service/integrations/_metallb.tpl b/charts/baikal/charts/common/templates/lib/service/integrations/_metallb.tpl deleted file mode 100644 index 8977694..0000000 --- a/charts/baikal/charts/common/templates/lib/service/integrations/_metallb.tpl +++ /dev/null @@ -1,38 +0,0 @@ -{{- define "tc.v1.common.lib.service.integration.metallb" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $_ := set $objectData "integrations" ($objectData.integrations | default dict) -}} - {{- $metallb := $objectData.integrations.metallb -}} - - {{- if $metallb.enabled -}} - {{- include "tc.v1.common.lib.service.integration.validate" (dict "objectData" $objectData "integration" $metallb) -}} - - {{ $sharedKey := (include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Service")) }} - {{- if $metallb.sharedKey -}} - {{- $sharedKey = $metallb.sharedKey -}} - {{- end -}} - - {{/* If externalTrafficPolicy is not set or is not Local, add the shared key as annotation */}} - {{- if ne $objectData.externalTrafficPolicy "Local" -}} - {{- $_ := set $objectData.annotations "metallb.io/allow-shared-ip" $sharedKey -}} - {{- end -}} - - {{- $ips := list -}} - - {{/* Handle loadBalancerIP (single) */}} - {{- if $objectData.loadBalancerIP -}} - {{- $ips = mustAppend $ips (tpl $objectData.loadBalancerIP $rootCtx) -}} - {{- end -}} - - {{/* Handle loadBalancerIPs (multiple) */}} - {{- range $ip := $objectData.loadBalancerIPs -}} - {{- $ips = mustAppend $ips (tpl $ip $rootCtx) -}} - {{- end -}} - - {{- if $ips -}} - {{- $_ := set $objectData.annotations "metallb.io/loadBalancerIPs" (join "," $ips) -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/service/integrations/_traefik.tpl b/charts/baikal/charts/common/templates/lib/service/integrations/_traefik.tpl deleted file mode 100644 index e8b64b8..0000000 --- a/charts/baikal/charts/common/templates/lib/service/integrations/_traefik.tpl +++ /dev/null @@ -1,12 +0,0 @@ -{{- define "tc.v1.common.lib.service.integration.traefik" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $_ := set $objectData "integrations" ($objectData.integrations | default dict) -}} - {{- $traefik := $objectData.integrations.traefik -}} - - {{- if $traefik.enabled -}} - {{- $_ := set $objectData.annotations "traefik.ingress.kubernetes.io/service.serversscheme" "https" -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/service/integrations/_validation.tpl b/charts/baikal/charts/common/templates/lib/service/integrations/_validation.tpl deleted file mode 100644 index bf438c0..0000000 --- a/charts/baikal/charts/common/templates/lib/service/integrations/_validation.tpl +++ /dev/null @@ -1,25 +0,0 @@ -{{- define "tc.v1.common.lib.service.integration.validate" -}} - {{- $objectData := .objectData -}} - {{- $integration := .integration -}} - - {{- if and $integration.sharedKey (eq $objectData.externalTrafficPolicy "Local") -}} - {{- fail (printf "Service - [sharedKey], cannot both be used together with [externalTrafficPolicy] set to [Local]" ) -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.service.loadbalancer.validate" -}} - {{- $objectData := .objectData -}} - - {{- if and $objectData.loadBalancerIPs (not (kindIs "slice" $objectData.loadBalancerIPs)) -}} - {{- fail (printf "Service - Expected [loadBalancerIPs] to be a slice, but got [%s]" (kindOf $objectData.loadBalancerIPs)) -}} - {{- end -}} - - {{- if and $objectData.loadBalancerIP (not (kindIs "string" $objectData.loadBalancerIP)) -}} - {{- fail (printf "Service - Expected [loadBalancerIP] to be a string, but got [%s]" (kindOf $objectData.loadBalancerIP)) -}} - {{- end -}} - - {{- if and $objectData.loadBalancerIP $objectData.loadBalancerIPs -}} - {{- fail "Service - Expected one of [loadBalancerIP, loadBalancerIPs] to be defined but got both" -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/service/serviceTypeConfig/_cluster_ip.tpl b/charts/baikal/charts/common/templates/lib/service/serviceTypeConfig/_cluster_ip.tpl deleted file mode 100644 index 97c8a37..0000000 --- a/charts/baikal/charts/common/templates/lib/service/serviceTypeConfig/_cluster_ip.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{/* Service - clusterIP */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.clusterIP" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.clusterIP" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} - - {{- with $objectData.clusterIP }} -clusterIP: {{ tpl . $rootCtx }} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/service/serviceTypeConfig/_externalIPs.tpl b/charts/baikal/charts/common/templates/lib/service/serviceTypeConfig/_externalIPs.tpl deleted file mode 100644 index fd53714..0000000 --- a/charts/baikal/charts/common/templates/lib/service/serviceTypeConfig/_externalIPs.tpl +++ /dev/null @@ -1,17 +0,0 @@ -{{/* Service - externalIPs */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.externalIPs" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.externalIPs" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- with $objectData.externalIPs -}} - {{- range . }} -- {{ tpl . $rootCtx }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/service/serviceTypeConfig/_externalTrafficPolicy.tpl b/charts/baikal/charts/common/templates/lib/service/serviceTypeConfig/_externalTrafficPolicy.tpl deleted file mode 100644 index 23c2851..0000000 --- a/charts/baikal/charts/common/templates/lib/service/serviceTypeConfig/_externalTrafficPolicy.tpl +++ /dev/null @@ -1,22 +0,0 @@ -{{/* Service - externalTrafficPolicy */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.externalTrafficPolicy" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.externalTrafficPolicy" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} - - {{- with $objectData.externalTrafficPolicy }} - {{- $policy := tpl . $rootCtx -}} - {{- $policies := (list "Cluster" "Local") -}} - - {{- if not (mustHas $policy $policies) -}} - {{- fail (printf "Service - Expected [externalTrafficPolicy] to be one of [%s], but got [%s]" (join ", " $policies) $policy) -}} - {{- end }} -externalTrafficPolicy: {{ $policy }} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/service/serviceTypeConfig/_ipFamily.tpl b/charts/baikal/charts/common/templates/lib/service/serviceTypeConfig/_ipFamily.tpl deleted file mode 100644 index 61228af..0000000 --- a/charts/baikal/charts/common/templates/lib/service/serviceTypeConfig/_ipFamily.tpl +++ /dev/null @@ -1,38 +0,0 @@ -{{/* Service - ipFamily */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.ipFamily" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.ipFamily" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- with $objectData.ipFamilyPolicy -}} - {{- $famPolicy := tpl . $rootCtx -}} - - {{- $stacks := (list "SingleStack" "PreferDualStack" "RequireDualStack") -}} - {{- if not (mustHas $famPolicy $stacks) -}} - {{- fail (printf "Service - Expected [ipFamilyPolicy] to be one of [%s], but got [%s]" (join ", " $stacks) $famPolicy) -}} - {{- end }} -ipFamilyPolicy: {{ $famPolicy }} - {{- end -}} - - {{- if and $objectData.ipFamilies (not (kindIs "slice" $objectData.ipFamilies)) -}} - {{- fail (printf "Service - Expected [ipFamilies] to be a list, but got a [%s]" (kindOf $objectData.ipFamilies)) -}} - {{- end -}} - - {{- with $objectData.ipFamilies }} -ipFamilies: - {{- range . }} - {{- $ipFam := tpl . $rootCtx -}} - - {{- $stacks := (list "IPv4" "IPv6") -}} - {{- if not (mustHas $ipFam $stacks) -}} - {{- fail (printf "Service - Expected [ipFamilies] to be one of [%s], but got [%s]" (join ", " $stacks) $ipFam) -}} - {{- end }} - - {{ $ipFam }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/service/serviceTypeConfig/_publishNotReadyAddresses.tpl b/charts/baikal/charts/common/templates/lib/service/serviceTypeConfig/_publishNotReadyAddresses.tpl deleted file mode 100644 index 6f9626e..0000000 --- a/charts/baikal/charts/common/templates/lib/service/serviceTypeConfig/_publishNotReadyAddresses.tpl +++ /dev/null @@ -1,19 +0,0 @@ -{{/* Service - publishNotReadyAddresses */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.publishNotReadyAddresses" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.publishNotReadyAddresses" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} - - {{- $publishAddr := false -}} - - {{- if (kindIs "bool" $objectData.publishNotReadyAddresses) -}} - {{- $publishAddr = $objectData.publishNotReadyAddresses -}} - {{- end -}} - - {{- $publishAddr -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/service/serviceTypeConfig/_sessionAffinity.tpl b/charts/baikal/charts/common/templates/lib/service/serviceTypeConfig/_sessionAffinity.tpl deleted file mode 100644 index a4a36b7..0000000 --- a/charts/baikal/charts/common/templates/lib/service/serviceTypeConfig/_sessionAffinity.tpl +++ /dev/null @@ -1,42 +0,0 @@ -{{/* Service - Session Affinity */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.sessionAffinity" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.sessionAffinity" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- with $objectData.sessionAffinity -}} - {{- $affinity := tpl . $rootCtx -}} - {{- $affinities := (list "ClientIP" "None") -}} - {{- if not (mustHas $affinity $affinities) -}} - {{- fail (printf "Service - Expected [sessionAffinity] to be one of [%s], but got [%s]" (join ", " $affinities) $affinity) -}} - {{- end }} -sessionAffinity: {{ $affinity }} - {{- if eq $affinity "ClientIP" -}} - {{- with $objectData.sessionAffinityConfig -}} - {{- with .clientIP -}} - - {{- $timeout := .timeoutSeconds -}} - {{- if kindIs "string" $timeout -}} - {{- $timeout = tpl $timeout $rootCtx -}} - {{- end -}} - - {{- $timeout = int $timeout -}} - {{- if and $timeout (mustHas (kindOf $timeout) (list "float64" "int64" "int")) -}} - {{- if or (lt $timeout 0) (gt $timeout 86400) -}} - {{- fail (printf "Service - Expected [sessionAffinityConfig.clientIP.timeoutSeconds] to be between [0 - 86400], but got [%v]" $timeout) -}} - {{- end }} -sessionAffinityConfig: - clientIP: - timeoutSeconds: {{ $timeout }} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/service/serviceTypeSpecs/_clusterIP.tpl b/charts/baikal/charts/common/templates/lib/service/serviceTypeSpecs/_clusterIP.tpl deleted file mode 100644 index 9b45d4f..0000000 --- a/charts/baikal/charts/common/templates/lib/service/serviceTypeSpecs/_clusterIP.tpl +++ /dev/null @@ -1,21 +0,0 @@ -{{/* Service - ClusterIP Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.spec.clusterIP" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.spec.clusterIP" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} - -type: ClusterIP -publishNotReadyAddresses: {{ include "tc.v1.common.lib.service.publishNotReadyAddresses" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim }} - {{- with (include "tc.v1.common.lib.service.externalIPs" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -externalIPs: - {{- . | nindent 2 }} - {{- end -}} - {{- include "tc.v1.common.lib.service.sessionAffinity" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.clusterIP" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.ipFamily" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/service/serviceTypeSpecs/_externalIP.tpl b/charts/baikal/charts/common/templates/lib/service/serviceTypeSpecs/_externalIP.tpl deleted file mode 100644 index e43e446..0000000 --- a/charts/baikal/charts/common/templates/lib/service/serviceTypeSpecs/_externalIP.tpl +++ /dev/null @@ -1,19 +0,0 @@ -{{/* Service - ExternalIP Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.spec.externalIP" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.spec.externalIP" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} - -publishNotReadyAddresses: {{ include "tc.v1.common.lib.service.publishNotReadyAddresses" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim }} - {{- with (include "tc.v1.common.lib.service.externalIPs" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -externalIPs: - {{- . | nindent 2 }} - {{- end -}} - {{- include "tc.v1.common.lib.service.sessionAffinity" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.externalTrafficPolicy" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/service/serviceTypeSpecs/_externalName.tpl b/charts/baikal/charts/common/templates/lib/service/serviceTypeSpecs/_externalName.tpl deleted file mode 100644 index 730e8ed..0000000 --- a/charts/baikal/charts/common/templates/lib/service/serviceTypeSpecs/_externalName.tpl +++ /dev/null @@ -1,26 +0,0 @@ -{{/* Service - ExternalName Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.spec.externalName" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.spec.externalName" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} - - {{- if not $objectData.externalName -}} - {{- fail "Service - Expected non-empty [externalName] on ExternalName service type." -}} - {{- end }} - -type: ExternalName -externalName: {{ tpl $objectData.externalName $rootCtx }} -publishNotReadyAddresses: {{ include "tc.v1.common.lib.service.publishNotReadyAddresses" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim }} - {{- with (include "tc.v1.common.lib.service.externalIPs" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -externalIPs: - {{- . | nindent 2 }} - {{- end }} - {{- include "tc.v1.common.lib.service.sessionAffinity" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.clusterIP" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.externalTrafficPolicy" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/service/serviceTypeSpecs/_loadBalancer.tpl b/charts/baikal/charts/common/templates/lib/service/serviceTypeSpecs/_loadBalancer.tpl deleted file mode 100644 index 780225d..0000000 --- a/charts/baikal/charts/common/templates/lib/service/serviceTypeSpecs/_loadBalancer.tpl +++ /dev/null @@ -1,29 +0,0 @@ -{{/* Service - LoadBalancer Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.spec.loadBalancer" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.spec.loadBalancer" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} - -type: LoadBalancer -allocateLoadBalancerNodePorts: {{ $objectData.allocateLoadBalancerNodePorts | default false }} -publishNotReadyAddresses: {{ include "tc.v1.common.lib.service.publishNotReadyAddresses" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim }} - {{- with (include "tc.v1.common.lib.service.externalIPs" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -externalIPs: - {{- . | nindent 2 }} - {{- end -}} - {{- with $objectData.loadBalancerSourceRanges }} -loadBalancerSourceRanges: - {{- range . }} - - {{ tpl . $rootCtx }} - {{- end -}} - {{- end -}} - {{- include "tc.v1.common.lib.service.clusterIP" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.ipFamily" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.externalTrafficPolicy" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.sessionAffinity" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/service/serviceTypeSpecs/_nodePort.tpl b/charts/baikal/charts/common/templates/lib/service/serviceTypeSpecs/_nodePort.tpl deleted file mode 100644 index a6bb34f..0000000 --- a/charts/baikal/charts/common/templates/lib/service/serviceTypeSpecs/_nodePort.tpl +++ /dev/null @@ -1,22 +0,0 @@ -{{/* Service - NodePort Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.spec.nodePort" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.spec.nodePort" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} - -type: NodePort -publishNotReadyAddresses: {{ include "tc.v1.common.lib.service.publishNotReadyAddresses" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim }} - {{- with (include "tc.v1.common.lib.service.externalIPs" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -externalIPs: - {{- . | nindent 2 }} - {{- end -}} - {{- include "tc.v1.common.lib.service.sessionAffinity" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.clusterIP" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.ipFamily" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.externalTrafficPolicy" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/serviceAccount/_validation.tpl b/charts/baikal/charts/common/templates/lib/serviceAccount/_validation.tpl deleted file mode 100644 index 6c82b2c..0000000 --- a/charts/baikal/charts/common/templates/lib/serviceAccount/_validation.tpl +++ /dev/null @@ -1,38 +0,0 @@ -{{/* Service Account Primary Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.serviceAccount.primaryValidation" $ -}} -*/}} - -{{- define "tc.v1.common.lib.serviceAccount.primaryValidation" -}} - - {{/* Initialize values */}} - {{- $hasPrimary := false -}} - {{- $hasEnabled := false -}} - - {{- range $name, $serviceAccount := .Values.serviceAccount -}} - - {{/* If service account is enabled */}} - {{- if $serviceAccount.enabled -}} - {{- $hasEnabled = true -}} - - {{/* And service account is primary */}} - {{- if and (hasKey $serviceAccount "primary") ($serviceAccount.primary) -}} - - {{/* Fail if there is already a primary service account */}} - {{- if $hasPrimary -}} - {{- fail "Service Account - Only one service account can be primary" -}} - {{- end -}} - - {{- $hasPrimary = true -}} - - {{- end -}} - - {{- end -}} - {{- end -}} - - {{/* Require at least one primary service account, if any enabled */}} - {{- if and $hasEnabled (not $hasPrimary) -}} - {{- fail "Service Account - At least one enabled service account must be primary" -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/storage/_accessModes.tpl b/charts/baikal/charts/common/templates/lib/storage/_accessModes.tpl deleted file mode 100644 index eb4be8b..0000000 --- a/charts/baikal/charts/common/templates/lib/storage/_accessModes.tpl +++ /dev/null @@ -1,32 +0,0 @@ -{{/* PVC - Access Modes */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pvc.accessModes" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The object data of the pvc -*/}} - -{{- define "tc.v1.common.lib.pvc.accessModes" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $caller := .caller -}} - - {{- $accessModes := $objectData.accessModes -}} - - {{- if kindIs "string" $accessModes -}} - {{- $accessModes = (list $accessModes) -}} - {{- end -}} - - {{- if not $accessModes -}} - {{- $accessModes = $rootCtx.Values.global.fallbackDefaults.accessModes -}} - {{- end -}} - - {{- $validAccessModes := (list "ReadWriteOnce" "ReadOnlyMany" "ReadWriteMany" "ReadWriteOncePod") -}} - - {{- range $accessModes -}} - {{- $mode := tpl . $rootCtx -}} - {{- if not (mustHas $mode $validAccessModes) -}} - {{- fail (printf "%s - Expected [accessModes] entry to be one of [%s], but got [%s]" $caller (join ", " $validAccessModes) $mode) -}} - {{- end }} -- {{ $mode }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/storage/_iscsiChap.tpl b/charts/baikal/charts/common/templates/lib/storage/_iscsiChap.tpl deleted file mode 100644 index 166bd45..0000000 --- a/charts/baikal/charts/common/templates/lib/storage/_iscsiChap.tpl +++ /dev/null @@ -1,43 +0,0 @@ -{{- define "tc.v1.common.lib.storage.iscsi.chap" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $data := dict -}} - - {{- if $objectData.iscsi.authSession -}} - {{- with $objectData.iscsi.authSession.username -}} - {{- $_ := set $data "node.session.auth.username" (tpl . $rootCtx) -}} - {{- end -}} - - {{- with $objectData.iscsi.authSession.password -}} - {{- $_ := set $data "node.session.auth.password" (tpl . $rootCtx) -}} - {{- end -}} - - {{- with $objectData.iscsi.authSession.usernameInitiator -}} - {{- $_ := set $data "node.session.auth.username_in" (tpl . $rootCtx) -}} - {{- end -}} - - {{- with $objectData.iscsi.authSession.passwordInitiator -}} - {{- $_ := set $data "node.session.auth.password_in" (tpl . $rootCtx) -}} - {{- end -}} - {{- end -}} - - {{- if $objectData.iscsi.authDiscovery -}} - {{- with $objectData.iscsi.authDiscovery.username -}} - {{- $_ := set $data "discovery.sendtargets.auth.username" (tpl . $rootCtx) -}} - {{- end -}} - - {{- with $objectData.iscsi.authDiscovery.password -}} - {{- $_ := set $data "discovery.sendtargets.auth.password" (tpl . $rootCtx) -}} - {{- end -}} - - {{- with $objectData.iscsi.authDiscovery.usernameInitiator -}} - {{- $_ := set $data "discovery.sendtargets.auth.username_in" (tpl . $rootCtx) -}} - {{- end -}} - - {{- with $objectData.iscsi.authDiscovery.passwordInitiator -}} - {{- $_ := set $data "discovery.sendtargets.auth.password_in" (tpl . $rootCtx) -}} - {{- end -}} - {{- end -}} - - {{- $data | toJson -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/storage/_nfsCSI.tpl b/charts/baikal/charts/common/templates/lib/storage/_nfsCSI.tpl deleted file mode 100644 index f3f9c01..0000000 --- a/charts/baikal/charts/common/templates/lib/storage/_nfsCSI.tpl +++ /dev/null @@ -1,21 +0,0 @@ -{{/* NFS CSI */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.storage.nfsCSI" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - driver: The name of the driver. - server: The server address. - share: The share to the NFS share. -*/}} -{{- define "tc.v1.common.lib.storage.nfsCSI" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} -csi: - driver: {{ $objectData.static.driver }} - {{- /* Create a unique handle, server/share#release-app-volumeName */}} - volumeHandle: {{ printf "%s%s#%s" $objectData.static.server $objectData.static.share $objectData.name }} - volumeAttributes: - server: {{ tpl $objectData.static.server $rootCtx }} - share: {{ tpl $objectData.static.share $rootCtx }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/storage/_smbCSI.tpl b/charts/baikal/charts/common/templates/lib/storage/_smbCSI.tpl deleted file mode 100644 index 522ead3..0000000 --- a/charts/baikal/charts/common/templates/lib/storage/_smbCSI.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{/* SMB CSI */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.storage.smbCSI" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - driver: The name of the driver. - server: The server address. - share: The share to the SMB share. -*/}} -{{- define "tc.v1.common.lib.storage.smbCSI" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} -csi: - driver: {{ $objectData.static.driver }} - {{- /* Create a unique handle, server/share#release-app-volumeName */}} - volumeHandle: {{ printf "%s/%s#%s" $objectData.static.server $objectData.static.share $objectData.name }} - volumeAttributes: - source: {{ printf "//%v/%v" (tpl $objectData.static.server $rootCtx) (tpl $objectData.static.share $rootCtx) }} - nodeStageSecretRef: - name: {{ $objectData.name }} - namespace: {{ $rootCtx.Release.Namespace }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/storage/_storageClassName.tpl b/charts/baikal/charts/common/templates/lib/storage/_storageClassName.tpl deleted file mode 100644 index 237b909..0000000 --- a/charts/baikal/charts/common/templates/lib/storage/_storageClassName.tpl +++ /dev/null @@ -1,39 +0,0 @@ -{{/* PVC - Storage Class Name */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.storage.storageClassName" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The object data of the pvc -*/}} -{{- define "tc.v1.common.lib.storage.storageClassName" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $caller := .caller -}} - - {{/* - If storageClass is defined on the objectData: - * "-" returns "", which means requesting a PV without class - * Else return the original defined storageClass - - Else if there is a storageClass defined in Values.global.fallbackDefaults.storageClass, return this - - In any other case, return nothing - */}} - - {{- $className := "" -}} - {{- if $objectData.storageClass -}} - {{- $storageClass := (tpl $objectData.storageClass $rootCtx) -}} - - {{- if eq "-" $storageClass -}} - {{- $className = "\"\"" -}} - {{- else -}} - {{- $className = tpl $storageClass $rootCtx -}} - {{- end -}} - - {{- else if $rootCtx.Values.global.fallbackDefaults.storageClass -}} - - {{- $className = tpl $rootCtx.Values.global.fallbackDefaults.storageClass $rootCtx -}} - - {{- end -}} - - {{- $className -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/storage/_storageClassValidation.tpl b/charts/baikal/charts/common/templates/lib/storage/_storageClassValidation.tpl deleted file mode 100644 index 5ddfc2c..0000000 --- a/charts/baikal/charts/common/templates/lib/storage/_storageClassValidation.tpl +++ /dev/null @@ -1,28 +0,0 @@ -{{- define "tc.v1.common.lib.storageclass.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.provisioner -}} - {{- fail "Storage Class - Expected non-empty [provisioner]" -}} - {{- end -}} - - {{- if (hasKey $objectData "isDefault") -}} - {{- if not (kindIs "bool" $objectData.isDefault) -}} - {{- fail (printf "Storage Class - Expected [isDefault] to be [boolean], but got [%s]" (kindOf $objectData.isDefault)) -}} - {{- end -}} - {{- end -}} - - {{- $validPolicies := (list "Retain" "Delete") -}} - {{- if $objectData.reclaimPolicy -}} - {{- if not (mustHas $objectData.reclaimPolicy $validPolicies) -}} - {{- fail (printf "Storage Class - Expected [reclaimPolicy] to be one of [%s], but got [%s]" (join ", " $validPolicies) $objectData.reclaimPolicy) -}} - {{- end -}} - {{- end -}} - - {{- $validBindModes := (list "WaitForFirstConsumer" "Immediate") -}} - {{- if $objectData.volumeBindingMode -}} - {{- if not (mustHas $objectData.volumeBindingMode $validBindModes) -}} - {{- fail (printf "Storage Class - Expected [volumeBindingMode] to be one of [%s], but got [%s]" (join ", " $validBindModes) $objectData.volumeBindingMode) -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/storage/_validation.tpl b/charts/baikal/charts/common/templates/lib/storage/_validation.tpl deleted file mode 100644 index 8c8276a..0000000 --- a/charts/baikal/charts/common/templates/lib/storage/_validation.tpl +++ /dev/null @@ -1,44 +0,0 @@ -{{/* Persistence Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.persistence.validation" (dict "objectData" $objectData) -}} -objectData: - rootCtx: The root context of the chart. - objectData: The persistence object. -*/}} - -{{- define "tc.v1.common.lib.persistence.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $types := (list "pvc" "vct" "emptyDir" "nfs" "iscsi" "hostPath" "secret" "configmap" "device" "projected") -}} - {{- if not (mustHas $objectData.type $types) -}} - {{- fail (printf "Persistence - Expected [type] to be one of [%s], but got [%s]" (join ", " $types) $objectData.type) -}} - {{- end -}} - - {{- if and $objectData.static $objectData.static.mode -}} - {{- $validModes := (list "disabled" "smb" "nfs" "custom") -}} - {{- if not (mustHas $objectData.static.mode $validModes) -}} - {{- fail (printf "Persistence - Expected [static.mode] to be one of [%s], but got [%s]" (join ", " $validModes) $objectData.static.mode) -}} - {{- end -}} - {{- end -}} - - {{- if $objectData.dataSource -}} - {{- if not $objectData.dataSource.name -}} - {{- fail "Persistence - Expected [dataSource.name] to be non-empty" -}} - {{- end -}} - - {{- if not $objectData.dataSource.kind -}} - {{- fail "Persistence - Expected [dataSource.kind] to be non-empty" -}} - {{- end -}} - - {{- $validKinds := (list "VolumeSnapshot" "PersistentVolumeClaim") -}} - {{- if not (mustHas $objectData.dataSource.kind $validKinds) -}} - {{- fail (printf "Persistence - Expected [dataSource.kind] to be one of [%s], but got [%s]" (join ", " $validKinds) $objectData.dataSource.kind) -}} - {{- end -}} - {{- end -}} - - {{- if and $objectData.targetSelector (not (kindIs "map" $objectData.targetSelector)) -}} - {{- fail (printf "Persistence - Expected [targetSelector] to be [dict], but got [%s]" (kindOf $objectData.targetSelector)) -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/storage/_validationCsiNFS.tpl b/charts/baikal/charts/common/templates/lib/storage/_validationCsiNFS.tpl deleted file mode 100644 index 46f9e1e..0000000 --- a/charts/baikal/charts/common/templates/lib/storage/_validationCsiNFS.tpl +++ /dev/null @@ -1,44 +0,0 @@ -{{/* Validate NFS CSI */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.storage.nfsCSI.validation" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - driver: The name of the driver. - mountOptions: The mount options. - server: The server address. - share: The share to the NFS share. -*/}} -{{- define "tc.v1.common.lib.storage.nfsCSI.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $required := (list "server" "share") -}} - {{- range $item := $required -}} - {{- if not (get $objectData.static $item) -}} - {{- fail (printf "NFS CSI - Expected [%v] to be non-empty" $item) -}} - {{- end -}} - {{- end -}} - - {{- if not (hasPrefix "/" $objectData.static.share) -}} - {{- fail "NFS CSI - Expected [share] to start with [/]" -}} - {{- end -}} - - {{/* TODO: Allow only specific opts / set specific opts by default? - {{- $validOpts := list -}} */}} - {{- range $opt := $objectData.mountOptions -}} - {{- if not (kindIs "map" $opt) -}} - {{- fail (printf "NFS CSI - Expected [mountOption] item to be a dict, but got [%s]" (kindOf $opt)) -}} - {{- end -}} - {{- if not $opt.key -}} - {{- fail "NFS CSI - Expected key in [mountOptions] to be non-empty" -}} - {{- end -}} - - {{/* - {{- $key := tpl $opt.key $rootCtx -}} - {{- if not (mustHas $key $validOpts) -}} - {{- fail (printf "NFS CSI - Expected [mountOptions] to be one of [%v], but got [%v]" (join ", " $validOpts) $opt) -}} - {{- end -}} - */}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/storage/_validationCsiSMB.tpl b/charts/baikal/charts/common/templates/lib/storage/_validationCsiSMB.tpl deleted file mode 100644 index 48298fd..0000000 --- a/charts/baikal/charts/common/templates/lib/storage/_validationCsiSMB.tpl +++ /dev/null @@ -1,48 +0,0 @@ -{{/* Validate SMB CSI */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.storage.smbCSI.validation" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - driver: The name of the driver. - mountOptions: The mount options. - server: The server address. - share: The share to the SMB share. -*/}} -{{- define "tc.v1.common.lib.storage.smbCSI.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $required := (list "server" "share" "username" "password") -}} - {{- range $item := $required -}} - {{- if not (get $objectData.static $item) -}} - {{- fail (printf "SMB CSI - Expected [%v] to be non-empty" $item) -}} - {{- end -}} - {{- end -}} - - {{- if hasPrefix "//" $objectData.static.server -}} - {{- fail "SMB CSI - Did not expect [server] to start with [//]" -}} - {{- end -}} - - {{- if hasPrefix "/" $objectData.static.share -}} - {{- fail "SMB CSI - Did not expect [share] to start with [/]" -}} - {{- end -}} - - {{/* TODO: Allow only specific opts? / set specific opts by default? - {{- $validOpts := list -}} */}} - {{- range $opt := $objectData.mountOptions -}} - {{- if not (kindIs "map" $opt) -}} - {{- fail (printf "SMB CSI - Expected [mountOption] item to be a dict, but got [%s]" (kindOf $opt)) -}} - {{- end -}} - {{- if not $opt.key -}} - {{- fail "SMB CSI - Expected key in [mountOptions] to be non-empty" -}} - {{- end -}} - - {{/* - {{- $key := tpl $opt.key $rootCtx -}} - {{- if not (mustHas $key $validOpts) -}} - {{- fail (printf "SMB CSI - Expected [mountOptions] to be one of [%v], but got [%v]" (join ", " $validOpts) $opt) -}} - {{- end -}} - */}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/storage/_validationVolumeSnapshot.tpl b/charts/baikal/charts/common/templates/lib/storage/_validationVolumeSnapshot.tpl deleted file mode 100644 index dc6e3fd..0000000 --- a/charts/baikal/charts/common/templates/lib/storage/_validationVolumeSnapshot.tpl +++ /dev/null @@ -1,29 +0,0 @@ -{{/* volumeSnapshot Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.volumesnapshot.validation" (dict "objectData" $objectData) -}} -objectData: - rootCtx: The root context of the chart. - objectData: The volumesnapshot object. -*/}} - -{{- define "tc.v1.common.lib.volumesnapshot.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.source -}} - {{- fail "Volume Snapshot - Expected non empty [source]" -}} - {{- end -}} - - {{- $sourceTypes := (list "volumeSnapshotContentName" "persistentVolumeClaimName") -}} - {{- $sourceCount := 0 -}} - {{- range $t := $sourceTypes -}} - {{- if (get $objectData.source $t) -}} - {{- $sourceCount = add1 $sourceCount -}} - {{- end -}} - {{- end -}} - - {{- if ne $sourceCount 1 -}} - {{- fail (printf "Volume Snapshot - Expected exactly one of the valid source types [%s]. Found [%d]" (join ", " $sourceTypes) $sourceCount) -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/storage/_validationVolumeSnapshotClass.tpl b/charts/baikal/charts/common/templates/lib/storage/_validationVolumeSnapshotClass.tpl deleted file mode 100644 index ea804b0..0000000 --- a/charts/baikal/charts/common/templates/lib/storage/_validationVolumeSnapshotClass.tpl +++ /dev/null @@ -1,15 +0,0 @@ -{{- define "tc.v1.common.lib.volumesnapshotclass.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $validPolicies := (list "Retain" "Delete") -}} - {{- if $objectData.deletionPolicy -}} - {{- if not (mustHas $objectData.deletionPolicy $validPolicies) -}} - {{- fail (printf "Volume Snapshot Class - Expected [deletionPolicy] to be one of [%s], but got [%s]" (join ", " $validPolicies) $objectData.deletionPolicy) -}} - {{- end -}} - {{- end -}} - - {{- if not $objectData.driver -}} - {{- fail "Volume Snapshot Class - Expected non empty [driver]" -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/storage/_volumeClaimTemplates.tpl b/charts/baikal/charts/common/templates/lib/storage/_volumeClaimTemplates.tpl deleted file mode 100644 index 52fe6e4..0000000 --- a/charts/baikal/charts/common/templates/lib/storage/_volumeClaimTemplates.tpl +++ /dev/null @@ -1,70 +0,0 @@ -{{/* Returns Volume Claim Templates */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.storage.volumeClaimTemplates" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.storage.volumeClaimTemplates" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- range $name, $vctValues := $rootCtx.Values.persistence -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $vctValues - "name" $name "caller" "Volume Claim Templates" - "key" "persistence")) -}} - - {{- if and (eq $enabled "true") (eq $vctValues.type "vct") -}} - {{- $vct := (mustDeepCopy $vctValues) -}} - - {{- $selected := false -}} - {{- $_ := set $vct "shortName" $name -}} - - {{- include "tc.v1.common.lib.persistence.validation" (dict "objectData" $vct) -}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $vct.shortName) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $vct "caller" "Volume Claim Templates") -}} - - {{/* If targetSelector is set, check if pod is selected */}} - {{- if $vct.targetSelector -}} - {{- if (mustHas $objectData.shortName (keys $vct.targetSelector)) -}} - {{- $selected = true -}} - {{- end -}} - - {{/* If no targetSelector is set or targetSelectAll, check if pod is primary */}} - {{- else -}} - {{- if $objectData.primary -}} - {{- $selected = true -}} - {{- end -}} - {{- end -}} - - {{/* If pod selected */}} - {{- if $selected -}} - {{- $vctSize := $rootCtx.Values.global.fallbackDefaults.vctSize -}} - {{- with $vct.size -}} - {{- $vctSize = tpl . $rootCtx -}} - {{- end -}} - {{- $_ := set $vct "size" $vctSize -}} - - {{- $vctAccessModes := $rootCtx.Values.global.fallbackDefaults.vctAccessModes -}} - {{- with $vct.accessModes -}} - {{- $vctAccessModes = . -}} - {{- end -}} - {{- $_ := set $vct "accessModes" $vctAccessModes }} -- metadata: - name: {{ include "tc.v1.common.lib.storage.pvc.name" (dict "rootCtx" $rootCtx "objectName" $vct.shortName "objectData" $vct) }} - {{- $labels := $vct.labels | default dict -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 6 }} - {{- end -}} - {{- $annotations := $vct.annotations | default dict -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 6 }} - {{- end }} - spec: - {{- include "tc.v1.common.lib.storage.pvc.spec" (dict "rootCtx" $rootCtx "objectData" $vct) | trim | nindent 4 }} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/storage/pvc/_name.tpl b/charts/baikal/charts/common/templates/lib/storage/pvc/_name.tpl deleted file mode 100644 index 97f3d74..0000000 --- a/charts/baikal/charts/common/templates/lib/storage/pvc/_name.tpl +++ /dev/null @@ -1,51 +0,0 @@ -{{/* Returns Persitent Volume Claim name*/}} -{{/* Call this template: -{{ include "tc.v1.common.lib.storage.pvc.name" (dict "rootCtx" $ "objectName" $objectName "objectData" $objectData) }} -objectName: the base name of the object without any alteration or sanitation -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.storage.pvc.name" -}} -{{- $rootCtx := .rootCtx -}} -{{- $objectName := .objectName -}} -{{- $objectData := .objectData -}} -{{- $hashValues := "" -}} - - {{- $renderedName := (printf "%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $objectName) -}} - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $renderedName) -}} - - {{- $modes := (list "smb" "nfs") -}} - {{- if $objectData.static -}} - {{- if and $objectData.static.mode (mustHas $objectData.static.mode $modes) -}} - - {{- $size := $objectData.size | default $rootCtx.Values.global.fallbackDefaults.pvcSize -}} - - {{/* Create a unique name taking into account server and share, - without this, changing one of those values is not possible */}} - - {{- $hashValues = (printf "%s-%s-%s" $size $objectData.static.server $objectData.static.share) -}} - {{- if $objectData.domain -}} - {{- $hashValues = (printf "%s-%s" $hashValues $objectData.domain) -}} - {{- end -}} - - {{- else if eq $objectData.static.mode "custom" -}} - {{- $hashValues = (printf "%s-%v" $size $objectData.csi) -}} - {{- end -}} - {{- end -}} - - {{/* Create a hash from the dataSource settings to ensure a new PVC is created when a dataSource is set*/}} - {{- if $objectData.dataSource -}} - {{- $hashValues = (printf "%s-%s-%s" $hashValues $objectData.dataSource.kind $objectData.dataSource.name) -}} - {{- end -}} - - {{- $objectName = $renderedName -}} - {{- if $hashValues -}} - {{- $hash := adler32sum $hashValues -}} - {{- $objectName = (printf "%s-%v" $renderedName $hash) -}} - {{- end -}} - - {{/* Return the new objectName */}} - {{- $objectName -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/storage/pvc/_spec.tpl b/charts/baikal/charts/common/templates/lib/storage/pvc/_spec.tpl deleted file mode 100644 index e60efcf..0000000 --- a/charts/baikal/charts/common/templates/lib/storage/pvc/_spec.tpl +++ /dev/null @@ -1,45 +0,0 @@ -{{/* Returns Persitant Volume Claim Spec*/}} -{{/* Call this template: -{{ include "tc.v1.common.lib.storage.pvc.spec" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.storage.pvc.spec" -}} -{{- $rootCtx := .rootCtx -}} -{{- $objectData := .objectData -}} - -{{- $size := $rootCtx.Values.global.fallbackDefaults.pvcSize -}} -{{- with $objectData.size -}} - {{- $size = tpl . $rootCtx -}} -{{- end }} - -accessModes: - {{- include "tc.v1.common.lib.pvc.accessModes" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "PVC") | trim | nindent 2 }} -resources: - requests: - storage: {{ $size }} - {{- with $objectData.volumeName }} -volumeName: {{ tpl . $rootCtx }} - {{- end -}} - {{- with (include "tc.v1.common.lib.storage.storageClassName" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "PVC") | trim) }} -storageClassName: {{ . }} - {{- end -}} - {{- with $objectData.dataSource -}} - {{- $sourceName := .name -}} - {{- if eq .kind "PersistentVolumeClaim" -}} - {{- with get $rootCtx.persistence $sourceName -}} - {{- $sourceName := (include "tc.v1.common.lib.storage.pvc.name" (dict "rootCtx" $rootCtx "objectName" $sourceName "objectData" .)) -}} - {{- end -}} - {{- end }} -dataSource: - kind: {{ .kind }} - name: {{ $sourceName }} - {{- end -}} - -{{- with $objectData.dataSourceRef }} -dataSourceRef: - kind: {{ .kind }} - name: {{ .name }} - apiGroup: {{ .apiGroup }} -{{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/_middlewares.tpl b/charts/baikal/charts/common/templates/lib/traefik/_middlewares.tpl deleted file mode 100644 index d9479d4..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/_middlewares.tpl +++ /dev/null @@ -1,58 +0,0 @@ -{{- define "tc.v1.common.lib.traefik.middlewares.map" -}} - {{- $typeClassMap := dict - "add-prefix" "tc.v1.common.class.traefik.middleware.addPrefix" - "basic-auth" "tc.v1.common.class.traefik.middleware.basicAuth" - "buffering" "tc.v1.common.class.traefik.middleware.buffering" - "chain" "tc.v1.common.class.traefik.middleware.chain" - "compress" "tc.v1.common.class.traefik.middleware.compress" - "content-type" "tc.v1.common.class.traefik.middleware.contentType" - "forward-auth" "tc.v1.common.class.traefik.middleware.forwardAuth" - "headers" "tc.v1.common.class.traefik.middleware.headers" - "ip-allow-list" "tc.v1.common.class.traefik.middleware.ipAllowList" - "rate-limit" "tc.v1.common.class.traefik.middleware.rateLimit" - "redirect-regex" "tc.v1.common.class.traefik.middleware.redirectRegex" - "redirect-scheme" "tc.v1.common.class.traefik.middleware.redirectScheme" - "replace-path" "tc.v1.common.class.traefik.middleware.replacePath" - "replace-path-regex" "tc.v1.common.class.traefik.middleware.replacePathRegex" - "retry" "tc.v1.common.class.traefik.middleware.retry" - "strip-prefix" "tc.v1.common.class.traefik.middleware.stripPrefix" - "strip-prefix-regex" "tc.v1.common.class.traefik.middleware.stripPrefixRegex" - - "plugin-bouncer" "tc.v1.common.class.traefik.middleware.pluginBouncer" - "plugin-geoblock" "tc.v1.common.class.traefik.middleware.pluginGeoblock" - "plugin-mod-security" "tc.v1.common.class.traefik.middleware.pluginModSecurity" - "plugin-real-ip" "tc.v1.common.class.traefik.middleware.pluginRealIP" - "plugin-rewrite-response-headers" "tc.v1.common.class.traefik.middleware.pluginRewriteResponseHeaders" - "plugin-theme-park" "tc.v1.common.class.traefik.middleware.pluginThemePark" - -}} - - {{- $typeClassMap | toJson -}} -{{- end -}} - -{{/* Only render if its not and has a value of 0 or greater */}} -{{- define "tc.v1.common.class.traefik.middleware.helper.int" -}} - {{- $key := .key -}} - {{- $value := .value -}} - - {{- if and (not (kindIs "invalid" $value)) (ge ($value | int) 0) -}} - {{- $key }}: {{ $value }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.class.traefik.middleware.helper.bool" -}} - {{- $key := .key -}} - {{- $value := .value | toString -}} - - {{- if or (eq $value "true") (eq $value "false") -}} - {{- $key }}: {{ $value }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.class.traefik.middleware.helper.string" -}} - {{- $key := .key -}} - {{- $value := .value | toString -}} - - {{- if and $value (ne $value "") -}} - {{- $key }}: {{ $value | quote }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/_validation.tpl b/charts/baikal/charts/common/templates/lib/traefik/_validation.tpl deleted file mode 100644 index 0442663..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/_validation.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{/* Middleware Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.traefik.middleware.validation" (dict "objectData" $objectData) -}} -objectData: - labels: The labels of the middleware. - annotations: The annotations of the middleware. - data: The data of the middleware. -*/}} - -{{- define "tc.v1.common.lib.traefik.middleware.validation" -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.type -}} - {{- fail "Middleware - Expected [type] to be set" -}} - {{- end -}} - - {{- if $objectData.data -}} - {{- if not (kindIs "map" $objectData.data) -}} - {{- fail (printf "Middleware - Expected [data] to be a dictionary, but got [%v]" (kindOf $objectData.data)) -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_addPrefix.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_addPrefix.tpl deleted file mode 100644 index 61e8480..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_addPrefix.tpl +++ /dev/null @@ -1,12 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.addPrefix" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - - {{- if not $mw.prefix -}} - {{- fail "Middleware (add-prefix) - Expected [prefix] to be set" -}} - {{- end }} - addPrefix: - prefix: {{ $mw.prefix }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_basicAuth.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_basicAuth.tpl deleted file mode 100644 index a9352df..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_basicAuth.tpl +++ /dev/null @@ -1,35 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.basicAuth" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - {{- $mw := $objectData.data -}} - - {{- $secret := $mw.secret | default "" -}} - {{- $users := list -}} - {{- $secretData := dict -}} - - {{- if and $mw.users $mw.secret -}} - {{- fail "Middleware (basic-auth) - Expected either [users] or [secret] to be set, but not both" -}} - {{- end -}} - {{- if and (not $mw.users) (not $mw.secret) -}} - {{- fail "Middleware (basic-auth) - Expected at least one of [users] or [secret] to be set" -}} - {{- end -}} - - {{- if $mw.users -}} - {{- $secret = $objectData.name -}} - {{- range $userData := $mw.users -}} - {{- $users = append $users (htpasswd $userData.username $userData.password) -}} - {{- end -}} - {{- $secretData = (dict - "name" $objectData.name - "labels" ($objectData.labels | default dict) - "annotations" ($objectData.annotations | default dict) - "data" (dict "users" ($users | join "\n"))) -}} - {{- end }} - basicAuth: - secret: {{ $secret }} -{{- if $secretData -}} - {{- include "tc.v1.common.class.secret" (dict "rootCtx" $rootCtx "objectData" $secretData) -}} -{{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_buffering.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_buffering.tpl deleted file mode 100644 index b56fbf3..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_buffering.tpl +++ /dev/null @@ -1,12 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.buffering" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data }} - buffering: - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "maxRequestBodyBytes" "value" $mw.maxRequestBodyBytes) | nindent 4 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "memRequestBodyBytes" "value" $mw.memRequestBodyBytes) | nindent 4 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "maxResponseBodyBytes" "value" $mw.maxResponseBodyBytes) | nindent 4 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "memResponseBodyBytes" "value" $mw.memResponseBodyBytes) | nindent 4 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "retryExpression" "value" $mw.retryExpression) | nindent 4 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_chain.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_chain.tpl deleted file mode 100644 index a916691..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_chain.tpl +++ /dev/null @@ -1,25 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.chain" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - - {{- $mw := $objectData.data -}} - {{- if not $mw.middlewares -}} - {{- fail "Middleware (chain) - Expected [middlewares] to be set" -}} - {{- end }} - chain: - middlewares: - {{- range $m := $mw.middlewares -}} - {{- $objectName := $m.name -}} - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $m "key" "middlewares" - "name" $objectName "caller" "Middleware (chain)" - )) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $objectName) -}} - {{- end }} - - name: {{ $objectName }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_compress.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_compress.tpl deleted file mode 100644 index b908b83..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_compress.tpl +++ /dev/null @@ -1,7 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.compress" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data }} - compress: {} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_contentType.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_contentType.tpl deleted file mode 100644 index da994bc..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_contentType.tpl +++ /dev/null @@ -1,7 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.contentType" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data }} - contentType: {} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_forwardAuth.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_forwardAuth.tpl deleted file mode 100644 index 1c79728..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_forwardAuth.tpl +++ /dev/null @@ -1,58 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.forwardAuth" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - - {{- if hasKey $mw "trustForwardHeader" -}} - {{- if not (kindIs "bool" $mw.trustForwardHeader) -}} - {{- fail (printf "Middleware (forward-auth) - Expected [trustForwardHeader] to be a boolean, but got [%s]" (kindOf $mw.trustForwardHeader)) -}} - {{- end -}} - {{- end -}} - - {{- if and $mw.tls (hasKey $mw.tls "insecureSkipVerify") -}} - {{- if not (kindIs "bool" $mw.tls.insecureSkipVerify) -}} - {{- fail (printf "Middleware (forward-auth) - Expected [tls.insecureSkipVerify] to be a boolean, but got [%s]" (kindOf $mw.tls.insecureSkipVerify)) -}} - {{- end -}} - {{- end -}} - - {{- if $mw.authResponseHeaders -}} - {{- if not (kindIs "slice" $mw.authResponseHeaders) -}} - {{- fail (printf "Middleware (forward-auth) - Expected [authResponseHeaders] to be a list, but got [%s]" (kindOf $mw.authResponseHeaders)) -}} - {{- end -}} - {{- end -}} - - {{- with $mw.authRequestHeaders -}} - {{- if not (kindIs "slice" $mw.authRequestHeaders) -}} - {{- fail (printf "Middleware (forward-auth) - Expected [authRequestHeaders] to be a list, but got [%s]" (kindOf $mw.authRequestHeaders)) -}} - {{- end -}} - {{- end -}} - - {{- if not $mw.address -}} - {{- fail "Middleware (forward-auth) - Expected [address] to be set" -}} - {{- end }} - forwardAuth: - address: {{ $mw.address }} - trustForwardHeader: {{ $mw.trustForwardHeader }} - - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "authResponseHeadersRegex" "value" $mw.authResponseHeadersRegex) | nindent 4 }} - - {{- if $mw.authResponseHeaders }} - authResponseHeaders: - {{- range $mw.authResponseHeaders }} - - {{ . | quote }} - {{- end }} - {{- end -}} - - {{- if $mw.authRequestHeaders }} - authRequestHeaders: - {{- range $mw.authRequestHeaders }} - - {{ . | quote }} - {{- end }} - {{- end -}} - - {{- if $mw.tls }} - tls: - insecureSkipVerify: {{ $mw.tls.insecureSkipVerify }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_headers.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_headers.tpl deleted file mode 100644 index a39b3b7..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_headers.tpl +++ /dev/null @@ -1,128 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.headers" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data }} - headers: - {{- if $mw.customRequestHeaders }} - customRequestHeaders: - {{- range $k, $v := $mw.customRequestHeaders }} - {{ $k }}: {{ $v }} - {{- end }} - {{- end -}} - - {{- if $mw.customResponseHeaders }} - customResponseHeaders: - {{- range $k, $v := $mw.customResponseHeaders }} - {{ $k }}: {{ $v }} - {{- end }} - {{- end -}} - - {{- if hasKey $mw "accessControlAllowCredentials" }} - accessControlAllowCredentials: {{ $mw.accessControlAllowCredentials }} - {{- end -}} - - {{- if $mw.accessControlAllowHeaders }} - accessControlAllowHeaders: - {{- range $mw.accessControlAllowHeaders }} - - {{ . | quote }} - {{- end }} - {{- end -}} - - {{- if $mw.accessControlAllowMethods }} - accessControlAllowMethods: - {{- range $mw.accessControlAllowMethods }} - - {{ . | quote }} - {{- end }} - {{- end -}} - - {{- if $mw.accessControlAllowOriginList }} - accessControlAllowOriginList: - {{- range $mw.accessControlAllowOriginList }} - - {{ . | quote }} - {{- end }} - {{- end -}} - - {{- if $mw.accessControlAllowOriginListRegex }} - accessControlAllowOriginListRegex: - {{- range $mw.accessControlAllowOriginListRegex }} - - {{ . | quote }} - {{- end }} - {{- end -}} - - {{- if $mw.accessControlExposeHeaders }} - accessControlExposeHeaders: - {{- range $mw.accessControlExposeHeaders }} - - {{ . | quote }} - {{- end }} - {{- end -}} - - {{- if $mw.accessControlMaxAge }} - accessControlMaxAge: {{ $mw.accessControlMaxAge }} - {{- end -}} - - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "addVaryHeader" "value" $mw.addVaryHeader) | nindent 4 }} - - {{- if $mw.allowedHosts }} - allowedHosts: - {{- range $mw.allowedHosts }} - - {{ . | quote }} - {{- end }} - {{- end -}} - - {{- if $mw.hostsProxyHeaders }} - hostsProxyHeaders: - {{- range $mw.hostsProxyHeaders }} - - {{ . | quote }} - {{- end }} - {{- end -}} - - {{- if $mw.sslProxyHeaders }} - sslProxyHeaders: - {{- range $k, $v := $mw.sslProxyHeaders }} - {{ $k }}: {{ $v }} - {{- end }} - {{- end -}} - - {{- if $mw.stsSeconds }} - stsSeconds: {{ $mw.stsSeconds }} - {{- end -}} - - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "stsIncludeSubdomains" "value" $mw.stsIncludeSubdomains) | nindent 4 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "stsPreload" "value" $mw.stsPreload) | nindent 4 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "forceSTSHeader" "value" $mw.forceSTSHeader) | nindent 4 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "frameDeny" "value" $mw.frameDeny) | nindent 4 }} - - {{- if $mw.customFrameOptionsValue }} - customFrameOptionsValue: {{ $mw.customFrameOptionsValue }} - {{- end -}} - - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "contentTypeNosniff" "value" $mw.contentTypeNosniff) | nindent 4 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "browserXssFilter" "value" $mw.browserXssFilter) | nindent 4 }} - - {{- if $mw.customBrowserXSSValue }} - customBrowserXSSValue: {{ $mw.customBrowserXSSValue }} - {{- end -}} - - {{- if $mw.contentSecurityPolicy }} - contentSecurityPolicy: {{ $mw.contentSecurityPolicy }} - {{- end -}} - - {{- if $mw.contentSecurityPolicyReportOnly }} - contentSecurityPolicyReportOnly: {{ $mw.contentSecurityPolicyReportOnly }} - {{- end -}} - - {{- if $mw.publicKey }} - publicKey: {{ $mw.publicKey }} - {{- end -}} - - {{- if $mw.referrerPolicy }} - referrerPolicy: {{ $mw.referrerPolicy }} - {{- end -}} - - {{- if $mw.permissionsPolicy }} - permissionsPolicy: {{ $mw.permissionsPolicy }} - {{- end -}} - - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "isDevelopment" "value" $mw.isDevelopment) | nindent 4 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_ipAllowList.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_ipAllowList.tpl deleted file mode 100644 index ff7fba7..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_ipAllowList.tpl +++ /dev/null @@ -1,38 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.ipAllowList" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - - {{- if $mw.sourceRange -}} - {{- if not (kindIs "slice" $mw.sourceRange) -}} - {{- fail (printf "Middleware (ip-allow-list) - Expected [sourceRange] to be a list, but got [%s]" (kindOf $mw.sourceRange)) -}} - {{- end -}} - {{- end -}} - - {{- if $mw.ipStrategy -}} - {{- if $mw.ipStrategy.excludedIPs -}} - {{- if not (kindIs "slice" $mw.ipStrategy.excludedIPs) -}} - {{- fail (printf "Middleware (ip-allow-list) - Expected [ipStrategy.excludedIPs] to be a list, but got [%s]" (kindOf $mw.ipStrategy.excludedIPs)) -}} - {{- end -}} - {{- end -}} - {{- end }} - ipAllowList: - {{- if $mw.sourceRange }} - sourceRange: - {{- range $mw.sourceRange }} - - {{ . | quote }} - {{- end }} - {{- end -}} - - {{- if $mw.ipStrategy }} - ipStrategy: - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "depth" "value" $mw.ipStrategy.depth) | nindent 6 }} - {{- if $mw.ipStrategy.excludedIPs }} - excludedIPs: - {{- range $mw.ipStrategy.excludedIPs }} - - {{ . | quote }} - {{- end }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_pluginBouncer.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_pluginBouncer.tpl deleted file mode 100644 index bcffed4..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_pluginBouncer.tpl +++ /dev/null @@ -1,70 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.pluginBouncer" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - - {{/* This has to match with the name of the plugin given on the traefik CLI */}} - {{- $mwName := "bouncer" -}} - {{- if $mw.pluginName -}} - {{- $mwName = $mw.pluginName -}} - {{- end -}} - {{- if not (hasKey $mw "enabled") -}} - {{- fail "Middleware (plugin-bouncer) - Expected [enabled] to be set" -}} - {{- end -}} - {{- if not (kindIs "bool" $mw.enabled) -}} - {{- fail (printf "Middleware (plugin-bouncer) - Expected [enabled] to be a boolean, but got [%s]" (kindOf $mw.enabled)) -}} - {{- end }} - plugin: - {{ $mwName }}: - enabled: {{ $mw.enabled }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "logLevel" "value" $mw.logLevel) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "updateIntervalSeconds" "value" $mw.updateIntervalSeconds) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "updateMaxFailure" "value" $mw.updateMaxFailure) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "defaultDecisionSeconds" "value" $mw.defaultDecisionSeconds) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "httpTimeoutSeconds" "value" $mw.httpTimeoutSeconds) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "crowdsecMode" "value" $mw.crowdsecMode) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "crowdsecAppsecEnabled" "value" $mw.crowdsecAppsecEnabled) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "crowdsecAppsecHost" "value" $mw.crowdsecAppsecHost) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "crowdsecAppsecFailureBlock" "value" $mw.crowdsecAppsecFailureBlock) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "crowdsecAppsecUnreachableBlock" "value" $mw.crowdsecAppsecUnreachableBlock) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "crowdsecLapiKey" "value" $mw.crowdsecLapiKey) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "crowdsecLapiHost" "value" $mw.crowdsecLapiHost) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "crowdsecLapiScheme" "value" $mw.crowdsecLapiScheme) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "crowdsecLapiTLSInsecureVerify" "value" $mw.crowdsecLapiTLSInsecureVerify) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "crowdsecCapiMachineId" "value" $mw.crowdsecCapiMachineId) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "crowdsecCapiPassword" "value" $mw.crowdsecCapiPassword) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "forwardedHeadersCustomName" "value" $mw.forwardedHeadersCustomName) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "remediationHeadersCustomName" "value" $mw.remediationHeadersCustomName) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "redisCacheEnabled" "value" $mw.redisCacheEnabled) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "redisCacheHost" "value" $mw.redisCacheHost) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "redisCachePassword" "value" $mw.redisCachePassword) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "redisCacheDatabase" "value" $mw.redisCacheDatabase) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "crowdsecLapiTLSCertificateAuthority" "value" $mw.crowdsecLapiTLSCertificateAuthority) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "crowdsecLapiTLSCertificateBouncer" "value" $mw.crowdsecLapiTLSCertificateBouncer) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "crowdsecLapiTLSCertificateBouncerKey" "value" $mw.crowdsecLapiTLSCertificateBouncerKey) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "captchaProvider" "value" $mw.captchaProvider) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "captchaSiteKey" "value" $mw.captchaSiteKey) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "captchaSecretKey" "value" $mw.captchaSecretKey) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "captchaGracePeriodSeconds" "value" $mw.captchaGracePeriodSeconds) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "captchaHTMLFilePath" "value" $mw.captchaHTMLFilePath) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "banHTMLFilePath" "value" $mw.banHTMLFilePath) | nindent 6 }} - {{- if $mw.crowdsecCapiScenarios }} - crowdsecCapiScenarios: - {{- range $mw.crowdsecCapiScenarios }} - - {{ . | quote }} - {{- end }} - {{- end -}} - {{- if $mw.forwardedHeadersTrustedIPs }} - forwardedHeadersTrustedIPs: - {{- range $mw.forwardedHeadersTrustedIPs }} - - {{ . | quote }} - {{- end }} - {{- end -}} - {{- if $mw.clientTrustedIPs }} - clientTrustedIPs: - {{- range $mw.clientTrustedIPs }} - - {{ . | quote }} - {{- end }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_pluginGeoblock.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_pluginGeoblock.tpl deleted file mode 100644 index 50cdbb6..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_pluginGeoblock.tpl +++ /dev/null @@ -1,37 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.pluginGeoblock" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - - {{/* This has to match with the name of the plugin given on the traefik CLI */}} - {{- $mwName := "GeoBlock" -}} - {{- if $mw.pluginName -}} - {{- $mwName = $mw.pluginName -}} - {{- end -}} - {{- if not $mw.api -}} - {{- fail "Middleware (plugin-geoblock) - Expected [api] to be set" -}} - {{- end -}} - {{- if not $mw.countries -}} - {{- fail "Middleware (plugin-geoblock) - Expected [countries] to be set" -}} - {{- end }} - plugin: - {{ $mwName }}: - api: {{ $mw.api }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "allowLocalRequests" "value" $mw.allowLocalRequests) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "logLocalRequests" "value" $mw.logLocalRequests) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "logAllowedRequests" "value" $mw.logAllowedRequests) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "logApiRequests" "value" $mw.logApiRequests) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "apiTimeoutMs" "value" $mw.apiTimeoutMs) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "cacheSize" "value" $mw.cacheSize) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "forceMonthlyUpdate" "value" $mw.forceMonthlyUpdate) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "allowUnknownCountries" "value" $mw.allowUnknownCountries) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "unknownCountryApiResponse" "value" $mw.unknownCountryApiResponse) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "blackListMode" "value" $mw.blackListMode) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "silentStartUp" "value" $mw.silentStartUp) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "addCountryHeader" "value" $mw.addCountryHeader) | nindent 6 }} - countries: - {{- range $mw.countries }} - - {{ . | quote }} - {{- end }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_pluginModSecurity.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_pluginModSecurity.tpl deleted file mode 100644 index 1e4aaa8..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_pluginModSecurity.tpl +++ /dev/null @@ -1,21 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.pluginModSecurity" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - - {{/* This has to match with the name of the plugin given on the traefik CLI */}} - {{- $mwName := "traefik-modsecurity-plugin" -}} - {{- if $mw.pluginName -}} - {{- $mwName = $mw.pluginName -}} - {{- end -}} - - {{- if not $mw.modSecurityUrl -}} - {{- fail "Middleware (modsecurity) - Expected [modSecurityUrl] to be set" -}} - {{- end }} - plugin: - {{ $mwName }}: - modSecurityUrl: {{ $mw.modSecurityUrl }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "timeoutMillis" "value" $mw.timeoutMillis) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "maxBodySize" "value" $mw.maxBodySize) | nindent 6 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_pluginRealIP.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_pluginRealIP.tpl deleted file mode 100644 index 5f7bd7e..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_pluginRealIP.tpl +++ /dev/null @@ -1,22 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.pluginRealIP" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - - {{/* This has to match with the name of the plugin given on the traefik CLI */}} - {{- $mwName := "traefik-real-ip" -}} - {{- if $mw.pluginName -}} - {{- $mwName = $mw.pluginName -}} - {{- end -}} - - {{- if not $mw.excludednets -}} - {{- fail "Middleware (real-ip) - Expected [excludednets] to be set" -}} - {{- end }} - plugin: - {{ $mwName }}: - excludednets: - {{- range $mw.excludednets }} - - {{ . | quote }} - {{- end }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_pluginRewriteResponseHeaders.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_pluginRewriteResponseHeaders.tpl deleted file mode 100644 index be82a99..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_pluginRewriteResponseHeaders.tpl +++ /dev/null @@ -1,40 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.pluginRewriteResponseHeaders" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - - {{/* This has to match with the name of the plugin given on the traefik CLI */}} - {{- $mwName := "rewriteResponseHeaders" -}} - {{- if $mw.pluginName -}} - {{- $mwName = $mw.pluginName -}} - {{- end -}} - - {{- if not $mw.rewrites -}} - {{- fail "Middleware (rewrite-response-headers) - Expected [rewrites] to be set" -}} - {{- end }} - - {{- if not (kindIs "slice" $mw.rewrites) -}} - {{- fail (printf "Middleware (rewrite-response-headers) - Expected [rewrites] to be a list, but got [%s]" (kindOf $mw.rewrites)) -}} - {{- end }} - - {{- range $index, $config := $mw.rewrites -}} - {{- if not $config.header -}} - {{- fail (printf "Middleware (rewrite-response-headers) - Expected [header] to be set for rewrite [%v]" $index) -}} - {{- end -}} - {{- if not $config.regex -}} - {{- fail (printf "Middleware (rewrite-response-headers) - Expected [regex] to be set for rewrite [%v]" $index) -}} - {{- end -}} - {{- if not $config.replacement -}} - {{- fail (printf "Middleware (rewrite-response-headers) - Expected [replacement] to be set for rewrite [%v]" $index) -}} - {{- end -}} - {{- end }} - plugin: - {{ $mwName }}: - rewrites: - {{- range $index, $rewriteResponseHeader := $mw.rewrites }} - - header: {{ $rewriteResponseHeader.header }} - regex: {{ $rewriteResponseHeader.regex | quote }} - replacement: {{ $rewriteResponseHeader.replacement | quote }} - {{- end }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_pluginThemePark.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_pluginThemePark.tpl deleted file mode 100644 index da3eee7..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_pluginThemePark.tpl +++ /dev/null @@ -1,30 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.pluginThemePark" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - - {{/* This has to match with the name of the plugin given on the traefik CLI */}} - {{- $mwName := "traefik-themepark" -}} - {{- if $mw.pluginName -}} - {{- $mwName = $mw.pluginName -}} - {{- end -}} - - {{- if not $mw.app -}} - {{- fail "Middleware (themepark) - Expected [app] to be set" -}} - {{- end -}} - {{- if not $mw.theme -}} - {{- fail "Middleware (themepark) - Expected [theme] to be set" -}} - {{- end }} - plugin: - {{ $mwName }}: - app: {{ $mw.app }} - theme: {{ $mw.theme }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "baseUrl" "value" $mw.baseUrl) | nindent 6 }} - {{- if $mw.addons }} - addons: - {{- range $mw.addons }} - - {{ . | quote }} - {{- end }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_rateLimit.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_rateLimit.tpl deleted file mode 100644 index 5fad37d..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_rateLimit.tpl +++ /dev/null @@ -1,13 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.rateLimit" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - - {{- if and (not $mw.average) (not $mw.burst) -}} - {{- fail "Middleware (rate-limit) - Expected either [average] or [burst] to be set" -}} - {{- end }} - rateLimit: - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "average" "value" $mw.average) | nindent 4 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "burst" "value" $mw.burst) | nindent 4 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_redirectRegex.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_redirectRegex.tpl deleted file mode 100644 index cde75e7..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_redirectRegex.tpl +++ /dev/null @@ -1,22 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.redirectRegex" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - {{- if not $mw.regex -}} - {{- fail "Middleware (redirect-regex) - Expected [regex] to be set" -}} - {{- end -}} - {{- if not $mw.replacement -}} - {{- fail "Middleware (redirect-regex) - Expected [replacement] to be set" -}} - {{- end -}} - - {{- if hasKey $mw "permanent" -}} - {{- if not (kindIs "bool" $mw.permanent) -}} - {{- fail (printf "Middleware (redirect-regex) - Expected [permanent] to be a boolean, but got [%s]" (kindOf $mw.permanent)) -}} - {{- end -}} - {{- end }} - redirectRegex: - regex: {{ $mw.regex }} - replacement: {{ $mw.replacement }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "permanent" "value" $mw.permanent) | nindent 4 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_redirectScheme.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_redirectScheme.tpl deleted file mode 100644 index 8f8a062..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_redirectScheme.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.redirectScheme" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - {{- if not $mw.scheme -}} - {{- fail "Middleware (redirect-scheme) - Expected [scheme] to be set" -}} - {{- end -}} - - {{- if hasKey $mw "permanent" -}} - {{- if not (kindIs "bool" $mw.permanent) -}} - {{- fail (printf "Middleware (redirect-scheme) - Expected [permanent] to be a boolean, but got [%s]" (kindOf $mw.permanent)) -}} - {{- end -}} - {{- end }} - redirectScheme: - scheme: {{ $mw.scheme }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "permanent" "value" $mw.permanent) | nindent 4 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_replacePath.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_replacePath.tpl deleted file mode 100644 index b7db73e..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_replacePath.tpl +++ /dev/null @@ -1,11 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.replacePath" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - {{- if not $mw.path -}} - {{- fail "Middleware (replace-path) - Expected [path] to be set" -}} - {{- end }} - replacePath: - path: {{ $mw.path }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_replacePathRegex.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_replacePathRegex.tpl deleted file mode 100644 index a2416b9..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_replacePathRegex.tpl +++ /dev/null @@ -1,15 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.replacePathRegex" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - {{- if not $mw.regex -}} - {{- fail "Middleware (replace-path-regex) - Expected [regex] to be set" -}} - {{- end -}} - {{- if not $mw.replacement -}} - {{- fail "Middleware (replace-path-regex) - Expected [replacement] to be set" -}} - {{- end }} - replacePathRegex: - regex: {{ $mw.regex }} - replacement: {{ $mw.replacement }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_retry.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_retry.tpl deleted file mode 100644 index 76d8b58..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_retry.tpl +++ /dev/null @@ -1,12 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.retry" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - {{- if not $mw.attempts -}} - {{- fail "Middleware (retry) - Expected [attempts] to be set" -}} - {{- end }} - retry: - attempts: {{ $mw.attempts }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "initialInterval" "value" $mw.initialInterval) | nindent 4 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_stripPrefix.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_stripPrefix.tpl deleted file mode 100644 index 55a733c..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_stripPrefix.tpl +++ /dev/null @@ -1,21 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.stripPrefix" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - {{- if not $mw.prefix -}} - {{- fail "Middleware (strip-prefix) - Expected [prefix] to be set" -}} - {{- end -}} - - {{- if hasKey $mw "forceSlash" -}} - {{- if not (kindIs "bool" $mw.forceSlash) -}} - {{- fail (printf "Middleware (strip-prefix) - Expected [forceSlash] to be a boolean, but got [%s]" (kindOf $mw.forceSlash)) -}} - {{- end -}} - {{- end }} - stripPrefix: - prefix: - {{- range $mw.prefix }} - - {{ . | quote }} - {{- end -}} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "forceSlash" "value" $mw.forceSlash) | nindent 4 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_stripPrefixRegex.tpl b/charts/baikal/charts/common/templates/lib/traefik/middlewares/_stripPrefixRegex.tpl deleted file mode 100644 index 9d49959..0000000 --- a/charts/baikal/charts/common/templates/lib/traefik/middlewares/_stripPrefixRegex.tpl +++ /dev/null @@ -1,14 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.stripPrefixRegex" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - {{- if not $mw.regex -}} - {{- fail "Middleware (strip-prefix-regex) - Expected [regex] to be set" -}} - {{- end }} - stripPrefixRegex: - regex: - {{- range $mw.regex }} - - {{ . | quote }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/util/_autoperms.tpl b/charts/baikal/charts/common/templates/lib/util/_autoperms.tpl deleted file mode 100644 index d380120..0000000 --- a/charts/baikal/charts/common/templates/lib/util/_autoperms.tpl +++ /dev/null @@ -1,141 +0,0 @@ -{{/* Contains the auto-permissions job */}} -{{- define "tc.v1.common.lib.util.autoperms" -}} - -{{- $permAllowedTypes := (list "hostPath" "emptyDir" "nfs") -}} -{{/* If you change this path, you must change it under _volumeMounts.tpl too*/}} -{{- $basePath := "/mounts" -}} - -{{/* Init an empty dict to hold data */}} -{{- $mounts := dict -}} - -{{/* Go over persistence and gather needed data */}} -{{- range $name, $mount := .Values.persistence -}} - {{- if and $mount.enabled $mount.autoPermissions -}} - {{/* If autoPermissions is enabled...*/}} - {{- if $mount.autoPermissions.enabled -}} - {{- if or $mount.autoPermissions.chown $mount.autoPermissions.chmod -}} - {{- $type := $.Values.global.fallbackDefaults.persistenceType -}} - {{- if $mount.type -}} - {{- $type = $mount.type -}} - {{- end -}} - - {{- if not (mustHas $type $permAllowedTypes) -}} - {{- fail (printf "Auto Permissions - Allowed persistent types for auto permissions are [%v], but got [%v] on [%v]" (join ", " $permAllowedTypes) $type $name) -}} - {{- end -}} - - {{- if $mount.readOnly -}} - {{- fail (printf "Auto Permissions - You cannot change permissions/ownership automatically on [%v] with readOnly enabled" $name) -}} - {{- end -}} - - {{/* Add some data regarding what actions to perform */}} - {{- $_ := set $mounts $name $mount.autoPermissions -}} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- if $mounts }} -enabled: true -type: Job -annotations: - "helm.sh/hook": pre-install, pre-upgrade - "helm.sh/hook-weight": "3" - "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation,hook-failed -podSpec: - restartPolicy: Never - containers: - # If you change this name, you must change it under _volumeMounts.tpl - autopermissions: - enabled: true - primary: true - imageSelector: alpineImage - securityContext: - runAsNonRoot: false - runAsUser: 0 - capabilities: - disableS6Caps: true - add: - - CHOWN - - DAC_OVERRIDE - - FOWNER - resources: - excludeExtra: true - limits: - cpu: 2000m - memory: 2Gi - probes: - liveness: - type: exec - command: - - cat - - /tmp/healthy - readiness: - type: exec - command: - - cat - - /tmp/healthy - startup: - type: exec - command: - - cat - - /tmp/healthy - command: - - /bin/sh - - -c - args: - - | - echo "Starting auto permissions job..." - touch /tmp/healthy - - echo "Automatically correcting ownership and permissions..." - - {{- range $name, $vol := $mounts }} - {{- $mountPath := (printf "%v/%v" $basePath $name) -}} - - {{- $user := "" -}} - {{- if $vol.user -}} - {{- $user = $vol.user -}} - {{- end -}} - - {{- $group := $.Values.securityContext.pod.fsGroup -}} - {{- if $vol.group -}} - {{- $group = $vol.group -}} - {{- end -}} - - {{- $r := "" -}} - {{- if $vol.recursive -}} - {{- $r = "-R" -}} - {{- end -}} - - {{/* Permissions */}} - {{- if $vol.chmod }} - echo "Automatically correcting permissions for {{ $mountPath }}..." - before=$(stat -c "%a" {{ $mountPath }}) - chmod {{ $r }} {{ $vol.chmod }} {{ $mountPath }} || echo "Failed setting permissions using chmod..." - echo "Permissions before: [$before]" - echo "Permissions after: [$(stat -c "%a" {{ $mountPath }})]" - echo "" - {{- end -}} - - {{/* Ownership */}} - {{- if $vol.chown }} - echo "Automatically correcting ownership for {{ $mountPath }}..." - before=$(stat -c "%u:%g" {{ $mountPath }}) - chown {{ $r }} -f {{ $user }}:{{ $group }} {{ $mountPath }} || echo "Failed setting ownership using chown..." - - echo "Ownership before: [$before]" - echo "Ownership after: [$(stat -c "%u:%g" {{ $mountPath }})]" - echo "" - {{- end -}} - {{- end }} - echo "Finished auto permissions job..." -{{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.util.autoperms.job" -}} - {{- $job := (include "tc.v1.common.lib.util.autoperms" $) | fromYaml -}} - {{- if $job -}} - # If you change this name, you must change it under _volumes.tpl - {{- $_ := set $.Values.workload "autopermissions" $job -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/util/_chartcontext.tpl b/charts/baikal/charts/common/templates/lib/util/_chartcontext.tpl deleted file mode 100644 index 567dd6e..0000000 --- a/charts/baikal/charts/common/templates/lib/util/_chartcontext.tpl +++ /dev/null @@ -1,211 +0,0 @@ -{{/* Returns the primary Workload object */}} -{{- define "tc.v1.common.lib.util.chartcontext" -}} - - {{/* Prepare an empty object so it the chartcontext.data util behave properly */}} - {{- $objectData := (dict - "override" dict - "targetSelector" dict - "path" "" - ) -}} - - {{- $context := (include "tc.v1.common.lib.util.chartcontext.data" (dict "rootCtx" $ "objectData" $objectData) | fromYaml) -}} - - {{- $_ := set $.Values "chartContext" $context -}} - - {{/* This flag is only used in CI/Unit Tests so we can confirm that $context is correctly generated */}} - {{- if $.Values.createChartContextConfigmap -}} - {{- $_ := set $.Values.configmap "chart-context" (dict - "enabled" true - "data" $context - ) -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.util.chartcontext.data" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{/* Create defaults */}} - {{- $protocol := "http" -}} - {{- $host := "127.0.0.1" -}} - {{- $port := "443" -}} - {{- $path := "/" -}} - {{- $podCIDR := "172.16.0.0/16" -}} - {{- $svcCIDR := "172.17.0.0/16" -}} - - {{- if $rootCtx.Values.global.podCIDR -}} - {{- $podCIDR = $rootCtx.Values.global.podCIDR -}} - {{- end -}} - - {{- if $rootCtx.Values.global.svcCIDR -}} - {{- $svcCIDR = $rootCtx.Values.global.svcCIDR -}} - {{- end -}} - - {{/* TODO: Find ways to implement CIDR detection */}} - - {{/* If there is ingress, get data from the primary */}} - {{- $primaryIngressName := include "tc.v1.common.lib.util.ingress.primary" (dict "rootCtx" $rootCtx) -}} - {{- $selectedIngress := (get $rootCtx.Values.ingress $primaryIngressName) -}} - - {{- with $objectData.targetSelector -}} - {{- if .ingress -}} - {{- $ing := (get $rootCtx.Values.ingress .ingress) -}} - {{- if $ing -}} - {{- $selectedIngress = $ing -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- with $selectedIngress -}} - {{- $firstHost := list -}} - {{- if (kindIs "slice" .hosts) -}} - {{- $firstHost = ((.hosts | default list) | mustFirst) -}} - {{- end -}} - {{- if $firstHost -}} - {{- if $firstHost.host -}} - {{- $host = tpl $firstHost.host $rootCtx -}} - {{- end -}} - - {{- $firstPath := list -}} - {{- if (kindIs "slice" $firstHost.paths) -}} - {{- $firstPath = (($firstHost.paths | default list) | mustFirst) -}} - {{- end -}} - {{- if $firstPath -}} - {{- $path = $firstPath.path -}} - {{- end -}} - {{- end -}} - - {{- if and .integrations .integrations.traefik -}} - {{- $enabled := true -}} - {{- if and (hasKey .integrations.traefik "enabled") (kindIs "bool" .integrations.traefik.enabled) -}} - {{- $enabled = .integrations.traefik.enabled -}} - {{- end -}} - - {{- if $enabled -}} - {{- $entrypoints := (.integrations.traefik.entrypoints | default (list "websecure")) -}} - {{- if kindIs "slice" $entrypoints -}} - {{- if mustHas "websecure" $entrypoints -}} - {{- $port = "443" -}} - {{- else if mustHas "web" $entrypoints -}} - {{- $port = "80" -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if and .integrations .integrations.certManager .integrations.certManager.enabled -}} - {{- $protocol = "https" -}} - {{- $port = "443" -}} - {{- end -}} - - {{- $tls := ((.tls | default list) | mustFirst) -}} - {{- if (or $tls.secretName $tls.certificateIssuer $tls.clusterCertificate) -}} - {{- $protocol = "https" -}} - {{- $port = "443" -}} - {{- end -}} - {{- end -}} - - {{/* If there is no ingress, we have to use service */}} - {{- if not $selectedIngress -}} - {{- $primaryServiceName := include "tc.v1.common.lib.util.service.primary" (dict "rootCtx" $rootCtx) -}} - {{- $selectedService := (get $rootCtx.Values.service $primaryServiceName) -}} - - {{- with $objectData.targetSelector -}} - {{- if .service -}} - {{- $svc := (get $rootCtx.Values.service .service) -}} - {{- if $svc -}} - {{- $selectedService = $svc -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $primaryPort := dict -}} - {{- if $selectedService -}} - {{- $primaryPortName := include "tc.v1.common.lib.util.service.ports.primary" (dict "rootCtx" $rootCtx "svcValues" $selectedService) -}} - {{- $selectedPort := dict -}} - {{- if $selectedService.ports -}} {{/* eg, ExternalName does not require ports */}} - {{- $selectedPort = (get $selectedService.ports $primaryPortName) -}} - {{- end -}} - - {{- with $objectData.targetSelector -}} - {{- if .port -}} - {{- $port := (get $selectedService.ports .port) -}} - {{- if $port -}} - {{- $selectedPort = $port -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if not $selectedPort -}} - {{- $portName := ($selectedService.ports | keys | sortAlpha | mustFirst) -}} - {{- if $selectedService.ports -}} {{/* eg, ExternalName does not require ports */}} - {{- $selectedPort = (get $selectedService.ports $portName) -}} - {{- end -}} - {{- end -}} - - {{- $port = tpl ($selectedPort.port | toString) $rootCtx -}} - - {{- if mustHas $selectedPort.protocol (list "http" "https") -}} - {{- $protocol = $selectedPort.protocol -}} - {{- else -}} - {{- $protocol = "http" -}} - {{- end -}} - - {{- if eq $selectedService.type "LoadBalancer" -}} - {{- if (kindIs "string" $selectedService.loadBalancerIP) -}} - {{- with $selectedService.loadBalancerIP -}} - {{- $host = tpl . $rootCtx | toString -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{/* Overrides */}} - {{- with $objectData.override -}} - {{- if .protocol -}} - {{- $protocol = .protocol -}} - {{- end -}} - - {{- if .host -}} - {{- $host = .host -}} - {{- end -}} - - {{- if .port -}} - {{- $port = .port -}} - {{- end -}} - {{- end -}} - - {{- with $objectData.path -}} - {{- $path = . -}} - {{- end -}} - - {{/* URL Will not include the path. */}} - {{- $url := printf "%s://%s:%s" $protocol $host $port -}} - {{- $urlWithPortAndPath := printf "%s://%s:%s%s" $protocol $host $port $path -}} - - {{/* Clean up the URL */}} - {{- $port = $port | toString -}} - {{- if eq $port "443" -}} - {{- $url = $url | trimSuffix ":443" -}} - {{- $url = $url | replace $protocol "https" -}} - {{- $urlWithPortAndPath = $urlWithPortAndPath | replace $protocol "https" -}} - {{- $protocol = "https" -}} - {{- end -}} - - {{- if eq $port "80" -}} - {{- $url = $url | trimSuffix ":80" -}} - {{- $url = $url | replace $protocol "http" -}} - {{- $urlWithPortAndPath = $urlWithPortAndPath | replace $protocol "http" -}} - {{- $protocol = "http" -}} - {{- end -}} - - {{- $context := (dict - "podCIDR" $podCIDR "svcCIDR" $svcCIDR - "appUrl" $url "appUrlWithPortAndPath" $urlWithPortAndPath - "appHost" $host "appPort" $port - "appPath" $path "appProtocol" $protocol - ) -}} - - {{- $context | toJson -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/util/_diagnosticMode.tpl b/charts/baikal/charts/common/templates/lib/util/_diagnosticMode.tpl deleted file mode 100644 index f12228b..0000000 --- a/charts/baikal/charts/common/templates/lib/util/_diagnosticMode.tpl +++ /dev/null @@ -1,29 +0,0 @@ -{{- define "tc.v1.common.lib.util.diagnosticMode" -}} - {{- $rootCtx := .rootCtx -}} - - {{- $diagMode := "" -}} - - {{- $itemsToCheck := (list $rootCtx.Values $rootCtx.Values.global) -}} - - {{- range $item := $itemsToCheck -}} - {{- if hasKey $item "diagnosticMode" -}} - {{- if not (kindIs "map" $item.diagnosticMode) -}} - {{- fail (printf "Diagnostic Mode - Expected [diagnosticMode] to be a map, but got [%s]" (kindOf $item.diagnosticMode)) -}} - {{- end -}} - {{- if hasKey $item.diagnosticMode "enabled" -}} - {{- if not (kindIs "bool" $item.diagnosticMode.enabled) -}} - {{- fail (printf "Diagnostic Mode - Expected [diagnosticMode.enabled] to be a bool, but got [%s]" (kindOf $item.diagnosticMode.enabled)) -}} - {{- end -}} - {{- end -}} - - {{/* Ignore if its not true as we want any item - that is true to apply regardless of the order - */}} - {{- if $item.diagnosticMode.enabled -}} - {{- $diagMode = true -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $diagMode | toString -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/util/_enabled.tpl b/charts/baikal/charts/common/templates/lib/util/_enabled.tpl deleted file mode 100644 index 0fb7aeb..0000000 --- a/charts/baikal/charts/common/templates/lib/util/_enabled.tpl +++ /dev/null @@ -1,29 +0,0 @@ -{{- define "tc.v1.common.lib.util.enabled" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $key := .key -}} - {{- $name := (.name | toString) -}} - {{- $caller := .caller -}} - - {{- $enabled := false -}} - {{- if not (hasKey $objectData "enabled") -}} - {{- fail (printf "%s - Expected the key [enabled] in [%s.%s] to exist" $caller $key $name) -}} - {{- end -}} - - {{- if (kindIs "invalid" $objectData.enabled) -}} - {{- fail (printf "%s - Expected the defined key [enabled] in [%s.%s] to not be empty" $caller $key $name) -}} - {{- end -}} - {{- $enabled = $objectData.enabled -}} - - {{- if kindIs "string" $enabled -}} - {{- $enabled = tpl $enabled $rootCtx -}} - {{- if eq $enabled "true" -}} - {{- $enabled = true -}} - {{- else if eq $enabled "false" -}} - {{- $enabled = false -}} - {{- end -}} - {{- end -}} - - {{/* NOTE: Always treat the returned result as string */}} - {{- $enabled -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/util/_expandName.tpl b/charts/baikal/charts/common/templates/lib/util/_expandName.tpl deleted file mode 100644 index 44e23f8..0000000 --- a/charts/baikal/charts/common/templates/lib/util/_expandName.tpl +++ /dev/null @@ -1,30 +0,0 @@ -{{- define "tc.v1.common.lib.util.expandName" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $key := .key -}} - {{- $name := (.name | toString) -}} - {{- $caller := .caller -}} - - {{- $expandName := true -}} - {{- if (hasKey $objectData "expandObjectName") -}} - {{- if not (kindIs "invalid" $objectData.expandObjectName) -}} - {{- $expandName = $objectData.expandObjectName -}} - {{- else -}} - {{- fail (printf "%s - Expected the defined key [expandObjectName] in [%s.%s] to not be empty" $caller $key $name) -}} - {{- end -}} - {{- end -}} - - {{- if kindIs "string" $expandName -}} - {{- $expandName = tpl $expandName $rootCtx -}} - - {{/* After tpl it becomes a string, not a bool */}} - {{- if eq $expandName "true" -}} - {{- $expandName = true -}} - {{- else if eq $expandName "false" -}} - {{- $expandName = false -}} - {{- end -}} - {{- end -}} - - {{/* NOTE: Always treat the returned result as string */}} - {{- $expandName -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/util/_metadataList.tpl b/charts/baikal/charts/common/templates/lib/util/_metadataList.tpl deleted file mode 100644 index 0a05ab5..0000000 --- a/charts/baikal/charts/common/templates/lib/util/_metadataList.tpl +++ /dev/null @@ -1,20 +0,0 @@ -{{- define "tc.v1.common.lib.util.metaListToDict" -}} - {{- $objectData := .objectData -}} - {{- $annoList := $objectData.annotationsList -}} - {{- $labelList := $objectData.labelsList -}} - - {{- if not $objectData.annotations -}} - {{- $_ := set $objectData "annotations" dict -}} - {{- end -}} - {{- if not $objectData.labels -}} - {{- $_ := set $objectData "labels" dict -}} - {{- end -}} - - {{- range $a := $annoList -}} - {{- $_ := set $objectData.annotations $a.name $a.value -}} - {{- end -}} - - {{- range $l := $labelList -}} - {{- $_ := set $objectData.labels $l.name $l.value -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/util/_primary_certificate.tpl b/charts/baikal/charts/common/templates/lib/util/_primary_certificate.tpl deleted file mode 100644 index fabc2b3..0000000 --- a/charts/baikal/charts/common/templates/lib/util/_primary_certificate.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{/* Return the name of the primary Cert object */}} -{{- define "tc.v1.common.lib.util.cert.primary" -}} - {{- $Certs := $.Values.cert -}} - - {{- $enabledCerts := dict -}} - {{- range $name, $cert := $Certs -}} - {{- if $cert.enabled -}} - {{- $_ := set $enabledCerts $name . -}} - {{- end -}} - {{- end -}} - - {{- $result := "" -}} - {{- range $name, $cert := $enabledCerts -}} - {{- if and (hasKey $cert "primary") $cert.primary -}} - {{- $result = $name -}} - {{- end -}} - {{- end -}} - - {{- if not $result -}} - {{- $result = keys $Certs | first -}} - {{- end -}} - {{- $result -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/util/_primary_cnpg.tpl b/charts/baikal/charts/common/templates/lib/util/_primary_cnpg.tpl deleted file mode 100644 index 07ea0c0..0000000 --- a/charts/baikal/charts/common/templates/lib/util/_primary_cnpg.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{/* Return the name of the primary cnpg object */}} -{{- define "tc.v1.common.lib.util.cnpg.primary" -}} - {{- $cnpgs := .Values.cnpg -}} - - {{- $enabledcnpges := dict -}} - {{- range $name, $cnpg := $cnpgs -}} - {{- if $cnpg.enabled -}} - {{- $_ := set $enabledcnpges $name . -}} - {{- end -}} - {{- end -}} - - {{- $result := "" -}} - {{- range $name, $cnpg := $enabledcnpges -}} - {{- if and (hasKey $cnpg "primary") $cnpg.primary -}} - {{- $result = $name -}} - {{- end -}} - {{- end -}} - - {{- if not $result -}} - {{- $result = keys $enabledcnpges | first -}} - {{- end -}} - {{- $result -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/util/_primary_ingress.tpl b/charts/baikal/charts/common/templates/lib/util/_primary_ingress.tpl deleted file mode 100644 index ff0cd52..0000000 --- a/charts/baikal/charts/common/templates/lib/util/_primary_ingress.tpl +++ /dev/null @@ -1,30 +0,0 @@ -{{/* Return the name of the enabled primary ingress object */}} -{{- define "tc.v1.common.lib.util.ingress.primary" -}} - {{- $rootCtx := .rootCtx -}} - - {{- $result := "" -}} - {{- range $name, $ingress := $rootCtx.Values.ingress -}} - {{- $enabled := "false" -}} - - {{- if not (kindIs "invalid" $ingress.enabled) -}} - {{- $enabled = (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $ingress - "name" $name "caller" "Primary Ingress Util" - "key" "ingress")) -}} - {{- end -}} - - {{- if eq $enabled "true" -}} - {{- if $ingress.primary -}} - {{/* - While this will overwrite if there are - more than 1 primary ingress, its not an issue - as there is validation down the line that will - fail if there are more than 1 primary ingress - */}} - {{- $result = $name -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $result -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/util/_primary_metrics.tpl b/charts/baikal/charts/common/templates/lib/util/_primary_metrics.tpl deleted file mode 100644 index f085399..0000000 --- a/charts/baikal/charts/common/templates/lib/util/_primary_metrics.tpl +++ /dev/null @@ -1,30 +0,0 @@ -{{/* Return the name of the primary metrics object */}} -{{- define "tc.v1.common.lib.util.metrics.primary" -}} - {{- $metrics := .Values.metrics -}} - - {{- $enabledMetrics := dict -}} - {{- range $name, $metrics := $metrics -}} - {{- if $metrics.enabled -}} - {{- $_ := set $enabledMetrics $name $metrics -}} - {{- end -}} - {{- end -}} - - {{- $result := "" -}} - {{- range $name, $metrics := $enabledMetrics -}} - {{- if (hasKey $metrics "primary") -}} - {{- if $metrics.primary -}} - {{- if $result -}} - {{- fail "More than one metrics are set as primary. This is not supported." -}} - {{- end -}} - {{- $result = $name -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if not $result -}} - {{- if eq (len $enabledMetrics) 1 -}} - {{- $result = keys $enabledMetrics | mustFirst -}} - {{- end -}} - {{- end -}} - {{- $result -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/util/_primary_port.tpl b/charts/baikal/charts/common/templates/lib/util/_primary_port.tpl deleted file mode 100644 index 1ba09bf..0000000 --- a/charts/baikal/charts/common/templates/lib/util/_primary_port.tpl +++ /dev/null @@ -1,32 +0,0 @@ -{{/* A dict containing .values and .serviceName is passed when this function is called */}} -{{/* Return the primary port for a given Service object. */}} -{{- define "tc.v1.common.lib.util.service.ports.primary" -}} - {{- $rootCtx := .rootCtx -}} - {{- $svcValues := .svcValues -}} - - {{- $result := "" -}} - {{- range $name, $port := $svcValues.ports -}} - {{- $enabled := "false" -}} - - {{- if not (kindIs "invalid" $port.enabled) -}} - {{- $enabled = (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $port - "name" $name "caller" "Primary Port Util" - "key" ".ports.$portname.enabled")) -}} - {{- end -}} - - {{- if eq $enabled "true" -}} - {{- if $port.primary -}} - {{/* - While this will overwrite if there are - more than 1 primary port, its not an issue - as there is validation down the line that will - fail if there are more than 1 primary port - */}} - {{- $result = $name -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $result -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/util/_primary_route.tpl b/charts/baikal/charts/common/templates/lib/util/_primary_route.tpl deleted file mode 100644 index 04da801..0000000 --- a/charts/baikal/charts/common/templates/lib/util/_primary_route.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{/* Return the name of the primary route object */}} -{{- define "tc.v1.common.lib.util.route.primary" -}} - {{- $routees := $.Values.route -}} - - {{- $enabledroutees := dict -}} - {{- range $name, $route := $routees -}} - {{- if $route.enabled -}} - {{- $_ := set $enabledroutees $name . -}} - {{- end -}} - {{- end -}} - - {{- $result := "" -}} - {{- range $name, $route := $enabledroutees -}} - {{- if and (hasKey $route "primary") $route.primary -}} - {{- $result = $name -}} - {{- end -}} - {{- end -}} - - {{- if not $result -}} - {{- $result = keys $enabledroutees | first -}} - {{- end -}} - {{- $result -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/util/_primary_service.tpl b/charts/baikal/charts/common/templates/lib/util/_primary_service.tpl deleted file mode 100644 index 1972134..0000000 --- a/charts/baikal/charts/common/templates/lib/util/_primary_service.tpl +++ /dev/null @@ -1,30 +0,0 @@ -{{/* Returns the primary service object */}} -{{- define "tc.v1.common.lib.util.service.primary" -}} - {{- $rootCtx := .rootCtx -}} - - {{- $result := "" -}} - {{- range $name, $service := $rootCtx.Values.service -}} - {{- $enabled := "false" -}} - - {{- if not (kindIs "invalid" $service.enabled) -}} - {{- $enabled = (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $service - "name" $name "caller" "Primary service Util" - "key" "service")) -}} - {{- end -}} - - {{- if eq $enabled "true" -}} - {{- if $service.primary -}} - {{/* - While this will overwrite if there are - more than 1 primary service, its not an issue - as there is validation down the line that will - fail if there are more than 1 primary service - */}} - {{- $result = $name -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $result -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/util/_primary_workload.tpl b/charts/baikal/charts/common/templates/lib/util/_primary_workload.tpl deleted file mode 100644 index b24836b..0000000 --- a/charts/baikal/charts/common/templates/lib/util/_primary_workload.tpl +++ /dev/null @@ -1,35 +0,0 @@ -{{/* Returns the primary Workload object */}} -{{- define "tc.v1.common.lib.util.workload.primary" -}} - {{- $Workloads := .workload -}} - - {{- $enabledWorkloads := dict -}} - {{- range $name, $Workload := $Workloads -}} - {{- if $Workload.enabled -}} - {{- $_ := set $enabledWorkloads $name $Workload -}} - {{- end -}} - {{- end -}} - - {{- $result := "" -}} - {{- range $name, $Workload := $enabledWorkloads -}} - {{- if (hasKey $Workload "primary") -}} - {{- if $Workload.primary -}} - {{- if $result -}} - {{- fail "More than one Workloads are set as primary. This is not supported." -}} - {{- end -}} - {{- $result = $name -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if not $result -}} - {{- if eq (len $enabledWorkloads) 1 -}} - {{- $result = keys $enabledWorkloads | mustFirst -}} - {{- else -}} - {{- if $enabledWorkloads -}} - {{- fail "At least one Workload must be set as primary" -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $result -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/util/_stopAll.tpl b/charts/baikal/charts/common/templates/lib/util/_stopAll.tpl deleted file mode 100644 index a545c8d..0000000 --- a/charts/baikal/charts/common/templates/lib/util/_stopAll.tpl +++ /dev/null @@ -1,10 +0,0 @@ -{{- define "tc.v1.common.lib.util.stopAll" -}} - {{- $rootCtx := . -}} - - {{- $stop := "" -}} - {{- if $rootCtx.Values.global.stopAll -}} - {{- $stop = true -}} - {{- end -}} - - {{- $stop -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/volsync/_cache.tpl b/charts/baikal/charts/common/templates/lib/volsync/_cache.tpl deleted file mode 100644 index a3cdcb3..0000000 --- a/charts/baikal/charts/common/templates/lib/volsync/_cache.tpl +++ /dev/null @@ -1,21 +0,0 @@ -{{- define "tc.v1.common.lib.volsync.cache" -}} - {{- $creds := .creds -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $volsyncData := .volsyncData -}} - {{- $target := get $volsyncData .target -}} - -cacheCapacity: {{ $target.cacheCapacity | default "10Gi" }} - - {{- with $target.cacheStorageClassName }} -cacheStorageClassName: {{ $target.cacheStorageClassName }} - {{- end -}} - - {{- with $target.cacheAccessModes }} -cacheAccessModes: - {{- range . }} - - {{ . }} - {{- end }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/volsync/_moverSecurityContext.tpl b/charts/baikal/charts/common/templates/lib/volsync/_moverSecurityContext.tpl deleted file mode 100644 index f86162d..0000000 --- a/charts/baikal/charts/common/templates/lib/volsync/_moverSecurityContext.tpl +++ /dev/null @@ -1,28 +0,0 @@ -{{- define "tc.v1.common.lib.volsync.moversecuritycontext" -}} - {{- $creds := .creds -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $volsyncData := .volsyncData -}} - {{- $target := get $volsyncData .target -}} - - {{- $sec := dict - "runAsUser" $rootCtx.Values.securityContext.container.runAsUser - "runAsGroup" $rootCtx.Values.securityContext.container.runAsGroup - "fsGroup" $rootCtx.Values.securityContext.pod.fsGroup - -}} - - {{- if $target.moverSecurityContext -}} - {{- $items := list "runAsUser" "runAsGroup" "fsGroup" -}} - {{- range $item := $items -}} - {{- if hasKey $target.moverSecurityContext $item -}} - {{- $_ := set $sec $item (get $target.moverSecurityContext $item) -}} - {{- end -}} - {{- end -}} - {{- end }} - -moverSecurityContext: - runAsUser: {{ $sec.runAsUser }} - runAsGroup: {{ $sec.runAsGroup }} - fsGroup: {{ $sec.fsGroup }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/volsync/_storage.tpl b/charts/baikal/charts/common/templates/lib/volsync/_storage.tpl deleted file mode 100644 index dd03e1f..0000000 --- a/charts/baikal/charts/common/templates/lib/volsync/_storage.tpl +++ /dev/null @@ -1,37 +0,0 @@ -{{- define "tc.v1.common.lib.volsync.storage" -}} - {{- $creds := .creds -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $volsyncData := .volsyncData -}} - {{- $target := get $volsyncData .target -}} - - {{- $accessModes := $rootCtx.Values.global.fallbackDefaults.accessModes -}} - {{- if $objectData.accessModes }} - {{- $accessModes = $objectData.accessModes }} - {{- end }} - {{- if $target.accessModes }} - {{- $accessModes = $target.accessModes }} - {{- end }} - - {{- $storageClassName := $rootCtx.Values.global.fallbackDefaults.storageClass -}} - {{- if $objectData.storageClass }} - {{- $storageClassName = $objectData.storageClass }} - {{- end }} - {{- if $target.storageClassName }} - {{- $storageClassName = $target.storageClassName }} - {{- end }} - - {{- with $storageClassName }} -storageClassName: {{ . }} - {{- end }} - -accessModes: - {{- range $accessModes }} - - {{ . }} - {{- end }} - - {{- with $target.volumeSnapshotClassName }} -volumeSnapshotClassName: {{ . }} - {{- end }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/volsync/_validation.tpl b/charts/baikal/charts/common/templates/lib/volsync/_validation.tpl deleted file mode 100644 index ce13811..0000000 --- a/charts/baikal/charts/common/templates/lib/volsync/_validation.tpl +++ /dev/null @@ -1,35 +0,0 @@ -{{- define "tc.v1.common.lib.volsync.validation" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- if not $objectData.name -}} - {{- fail "VolSync - Expected non-empty [name]" -}} - {{- end -}} - - {{- if not $objectData.type -}} - {{- fail "VolSync - Expected non-empty [type]" -}} - {{- end -}} - - {{- $validTypes := list "restic" -}} - {{- if not (mustHas $objectData.type $validTypes) -}} - {{- fail (printf "VolSync - Expected [type] to be one of [%s], but got [%s]" (join ", " $validTypes) $objectData.type) -}} - {{- end -}} - - {{- if not $objectData.credentials -}} - {{- fail "VolSync - Expected non-empty [credentials]" -}} - {{- end -}} - - {{- if not (kindIs "string" $objectData.credentials) -}} - {{- fail (printf "VolSync - Expected [credentials] to be a string, but got [%s]" (kindOf $objectData.credentials)) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.credentials.validation" (dict "rootCtx" $rootCtx "caller" "VolSync" "credName" $objectData.credentials) -}} - - {{- $copyMethods := list "Clone" "Direct" "Snapshot" -}} - {{- if $objectData.copyMethod -}} - {{- if not (mustHas $objectData.copyMethod $copyMethods) -}} - {{- fail (printf "VolSync - Expected [copyMethod] to be one of [%s], but got [%s]" (join ", " $copyMethods) $objectData.copyMethod) -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/vpa/_validation.tpl b/charts/baikal/charts/common/templates/lib/vpa/_validation.tpl deleted file mode 100644 index 2ede292..0000000 --- a/charts/baikal/charts/common/templates/lib/vpa/_validation.tpl +++ /dev/null @@ -1,115 +0,0 @@ -{{- define "tc.v1.common.lib.vpa.validation" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $updPolicy := $objectData.updatePolicy -}} - {{- if $updPolicy -}} - {{- if not (kindIs "map" $updPolicy) -}} - {{- fail (printf "Vertical Pod Autoscaler - Expected [vpa.%s.updatePolicy] to be a dictionary, but got [%s]" $objectData.vpaName (kindOf $updPolicy)) -}} - {{- end -}} - - {{- $validModes := list "Auto" "Off" "Initial" "Recreate" -}} - {{- if and $updPolicy.updateMode (not (mustHas $updPolicy.updateMode $validModes)) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value [%s] on [vpa.%s.updatePolicy.updateMode] is not valid. Must be one of [%s]" $updPolicy.updateMode $objectData.vpaName (join ", " $validModes)) -}} - {{- end -}} - - {{- if and $updPolicy.minReplicas (le ($updPolicy.minReplicas | int) 0) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value [%v] on [vpa.%s.updatePolicy.minReplicas] must be greater than 0." $updPolicy.minReplicas $objectData.vpaName) -}} - {{- end -}} - - {{- if $updPolicy.evictionRequirements -}} - {{- if not (kindIs "slice" $updPolicy.evictionRequirements) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value on [vpa.%s.updatePolicy.evictionRequirements] must be a list, but got [%s]" $objectData.vpaName (kindOf $updPolicy.evictionRequirements)) -}} - {{- end -}} - {{- range $idx, $req := $updPolicy.evictionRequirements -}} - {{- if not (kindIs "map" $req) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value on [vpa.%s.updatePolicy.evictionRequirements.%d] must be a map, but got [%s]" $objectData.vpaName $idx (kindOf $req)) -}} - {{- end -}} - - {{- if not $req.resources -}} - {{- fail (printf "Vertical Pod Autoscaler - Value on [vpa.%s.updatePolicy.evictionRequirements.%d.resources] is required." $objectData.vpaName $idx) -}} - {{- end -}} - - {{- if not (kindIs "slice" $req.resources) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value on [vpa.%s.updatePolicy.evictionRequirements.%d.resources] must be a list, but got [%s]" $objectData.vpaName $idx (kindOf $req.resources)) -}} - {{- end -}} - - {{- $validResources := (list "cpu" "memory") -}} - {{- range $x, $r := $req.resources -}} - {{- if not (mustHas $r $validResources) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value [%s] on [vpa.%s.updatePolicy.evictionRequirements.%d.resources.%d] is not valid. Must be one of [%s]" $r $objectData.vpaName $idx $x (join ", " $validResources)) -}} - {{- end -}} - {{- end -}} - - {{- $validReq := (list "TargetHigherThanRequests" "TargetLowerThanRequests") -}} - {{- if not (mustHas $req.changeRequirement $validReq) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value [%s] on [vpa.%s.updatePolicy.evictionRequirements.%d.changeRequirement] is not valid. Must be one of [%s]" $req.changeRequirement $objectData.vpaName $idx (join ", " $validReq)) -}} - {{- end -}} - - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $resPolicy := $objectData.resourcePolicy -}} - {{- if and $resPolicy $resPolicy.containerPolicies -}} - {{- if not (kindIs "slice" $resPolicy.containerPolicies) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value on [vpa.%s.resourcePolicy.containerPolicies] must be a list, but got [%s]" $objectData.vpaName (kindOf $resPolicy.containerPolicies)) -}} - {{- end -}} - - {{- $validModes := (list "Auto" "Off") -}} - {{- range $idx, $cPol := $resPolicy.containerPolicies -}} - {{- if not (kindIs "map" $cPol) -}} - {{- fail (printf "Vertical Pod Autoscaler - Expected [vpa.%s.resourcePolicy.containerPolicies.%d] to be a dictionary, but got [%s]" $objectData.vpaName $idx (kindOf $cPol)) -}} - {{- end -}} - - {{- $validContainers := mustAppend $objectData.containerNames "*" -}} - {{- if not (mustHas $cPol.containerName $validContainers) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value [%s] on [vpa.%s.resourcePolicy.containerPolicies.%d.containerName] is not valid. Must be one of [%s]" $cPol.containerName $objectData.vpaName $idx (join ", " $validContainers)) -}} - {{- end -}} - - {{- if and $cPol.mode (not (mustHas $cPol.mode $validModes)) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value [%s] on [vpa.%s.resourcePolicy.containerPolicies.%d.mode] is not valid. Must be one of [%s]" $cPol.mode $objectData.vpaName $idx (join ", " $validModes)) -}} - {{- end -}} - - {{- if $cPol.controlledResources -}} - {{- if not (kindIs "slice" $cPol.controlledResources) -}} - {{- fail (printf "Vertical Pod Autoscaler - Expected [vpa.%s.resourcePolicy.containerPolicies.%d.controlledResources] to be a list, but got [%s]" $objectData.vpaName $idx (kindOf $cPol.controlledResources)) -}} - {{- end -}} - - {{- $validRes := (list "cpu" "memory") -}} - {{- range $x, $r := $cPol.controlledResources -}} - {{- if not (mustHas $r $validRes) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value [%s] on [vpa.%s.resourcePolicy.containerPolicies.%d.controlledResources.%d] is not valid. Must be one of [%s]" $r $objectData.vpaName $idx $x (join ", " $validRes)) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if $cPol.controlledValues -}} - {{- $validVals := (list "RequestsAndLimits" "RequestsOnly") -}} - {{- if not (mustHas $cPol.controlledValues $validVals) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value [%s] on [vpa.%s.resourcePolicy.containerPolicies.%d.controlledValues] is not valid. Must be one of [%s]" $cPol.controlledValues $objectData.vpaName $idx (join ", " $validVals)) -}} - {{- end -}} - {{- end -}} - - {{- $data := (include "tc.v1.common.lib.resources.validation.data" .) | fromJson -}} - {{- $regex := $data.regex -}} - {{- $errorMsg := $data.errorMsg -}} - - {{- $items := (list "minAllowed" "maxAllowed") -}} - {{- range $item := $items -}} - {{- if not (get $cPol $item) -}}{{- continue -}}{{- end -}} - - {{- if not (kindIs "map" (get $cPol $item)) -}} - {{- fail (printf "Vertical Pod Autoscaler - Expected [vpa.%s.resourcePolicy.containerPolicies.%d.%s] to be a dictionary, but got [%s]" $objectData.vpaName $idx $item (kindOf (get $cPol $item))) -}} - {{- end -}} - - {{- range $k, $v := (get $cPol $item) -}} - {{- if not (mustRegexMatch (get $regex $k) (toString $v)) -}} - {{- fail (printf "Vertical Pod Autoscaler - Expected [vpa.%s.resourcePolicy.containerPolicies.%d.%s.%s] to have one of the following formats [%s], but got [%s]" $objectData.vpaName $idx $item $k (get $errorMsg $k) $v) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/webhook/_admissionReviewVersions.tpl b/charts/baikal/charts/common/templates/lib/webhook/_admissionReviewVersions.tpl deleted file mode 100644 index ff4a81d..0000000 --- a/charts/baikal/charts/common/templates/lib/webhook/_admissionReviewVersions.tpl +++ /dev/null @@ -1,8 +0,0 @@ -{{- define "tc.v1.common.lib.webhook.admissionReviewVersions" -}} - {{- $admissionReviewVersions := .admissionReviewVersions -}} - {{- $rootCtx := .rootCtx }} -admissionReviewVersions: - {{- range $admissionReviewVersions }} - - {{ tpl . $rootCtx }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/webhook/_clientConfig.tpl b/charts/baikal/charts/common/templates/lib/webhook/_clientConfig.tpl deleted file mode 100644 index 14b2444..0000000 --- a/charts/baikal/charts/common/templates/lib/webhook/_clientConfig.tpl +++ /dev/null @@ -1,22 +0,0 @@ -{{- define "tc.v1.common.lib.webhook.clientConfig" -}} - {{- $clientConfig := .clientConfig -}} - {{- $rootCtx := .rootCtx }} -clientConfig: - {{- if $clientConfig.caBundle }} - caBundle: {{ tpl $clientConfig.caBundle $rootCtx | quote }} - {{- end -}} - {{- if $clientConfig.url }} - url: {{ tpl $clientConfig.url $rootCtx | quote }} - {{- end -}} - {{- if $clientConfig.service }} - service: - name: {{ tpl $clientConfig.service.name $rootCtx }} - namespace: {{ tpl $clientConfig.service.namespace $rootCtx }} - {{- with $clientConfig.service.path }} - path: {{ tpl . $rootCtx | quote }} - {{- end -}} - {{- with $clientConfig.service.port }} - port: {{ tpl . $rootCtx }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/webhook/_rules.tpl b/charts/baikal/charts/common/templates/lib/webhook/_rules.tpl deleted file mode 100644 index dfa1952..0000000 --- a/charts/baikal/charts/common/templates/lib/webhook/_rules.tpl +++ /dev/null @@ -1,26 +0,0 @@ -{{- define "tc.v1.common.lib.webhook.rules" -}} - {{- $rules := .rules -}} - {{- $rootCtx := .rootCtx }} -rules: - {{- range $rule := $rules }} - - apiVersions: - {{- range $rule.apiVersions }} - - {{ tpl . $rootCtx | quote }} - {{- end }} - apiGroups: - {{- range $rule.apiGroups }} - - {{ tpl . $rootCtx | quote }} - {{- end }} - operations: - {{- range $rule.operations }} - - {{ tpl . $rootCtx | quote }} - {{- end }} - resources: - {{- range $rule.resources }} - - {{ tpl . $rootCtx | quote }} - {{- end -}} - {{- with $rule.scope }} - scope: {{ tpl . $rootCtx | quote }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/webhook/_validation.tpl b/charts/baikal/charts/common/templates/lib/webhook/_validation.tpl deleted file mode 100644 index bf794e1..0000000 --- a/charts/baikal/charts/common/templates/lib/webhook/_validation.tpl +++ /dev/null @@ -1,152 +0,0 @@ -{{- define "tc.v1.common.lib.webhook.validation" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- if not $objectData.type -}} - {{- fail (printf "Webhook - Expected [type] in [webhook.%v] to not be empty" $objectData.shortName) -}} - {{- end -}} - - {{- $type := tpl $objectData.type $rootCtx -}} - {{- $types := (list "validating" "mutating") -}} - {{- if not (mustHas $type $types) -}} - {{- fail (printf "Webhook - Expected [type] in [webhook.%v] to be one of [%s], but got [%v]" $objectData.shortName (join ", " $types) $type) -}} - {{- end -}} - - {{- if not $objectData.webhooks -}} - {{- fail (printf "Webhook - Expected [webhooks] in [webhook.%v] to not be empty" $objectData.shortName) -}} - {{- end -}} - - {{- if not (kindIs "slice" $objectData.webhooks) -}} - {{- fail (printf "Webhook - Expected [webhooks] in [webhook.%v] to be a list, but got [%v]" $objectData.shortName (kindOf $objectData.webhooks)) -}} - {{- end -}} - - {{- range $webhook := $objectData.webhooks -}} - {{- if not $webhook.name -}} - {{- fail (printf "Webhook - Expected [name] in [webhook.%v] to not be empty" $objectData.shortName) -}} - {{- end -}} - - {{- $webhookName := tpl $webhook.name $rootCtx -}} - - {{- if not $webhook.admissionReviewVersions -}} - {{- fail (printf "Webhook - Expected [admissionReviewVersions] in [webhook.%v.%v] to not be empty" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- range $adm := $webhook.admissionReviewVersions -}} - {{- if not (kindIs "string" $adm) -}} - {{- fail (printf "Webhook - Expected [admissionReviewVersions] in [webhook.%v.%v] to be a string" $objectData.shortName $webhookName) -}} - {{- end -}} - {{- end -}} - - {{- if not $webhook.clientConfig -}} - {{- fail (printf "Webhook - Expected [clientConfig] in [webhook.%v.%v] to not be empty" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- with $webhook.clientConfig -}} - {{- if and .url .service -}} - {{- fail (printf "Webhook - Expected either [url] or [service] in [webhook.%v.%v] to be defined, but got both" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- $service := .service -}} - - {{- if $service -}} - {{- if not $service.name -}} - {{- fail (printf "Webhook - Expected [service.name] in [webhook.%v.%v] to not be empty" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- if not $service.namespace -}} - {{- fail (printf "Webhook - Expected [service.namespace] in [webhook.%v.%v] to not be empty" $objectData.shortName $webhookName) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if not $webhook.rules -}} - {{- fail (printf "Webhook - Expected [rules] in [webhook.%v.%v] to not be empty" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- if not (kindIs "slice" $webhook.rules) -}} - {{- fail (printf "Webhook - Expected [rules] in [webhook.%v.%v] to be a list, but got [%v]" $objectData.shortName $webhookName (kindOf $webhook.rules)) -}} - {{- end -}} - - {{- range $rule := $webhook.rules -}} - {{- if not $rule.apiGroups -}} - {{- fail (printf "Webhook - Expected [apiGroups] in [webhook.%v.%v] to not be empty" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- if not $rule.apiVersions -}} - {{- fail (printf "Webhook - Expected [apiVersions] in [webhook.%v.%v] to not be empty" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- if not $rule.operations -}} - {{- fail (printf "Webhook - Expected [operations] in [webhook.%v.%v] to not be empty" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- if not $rule.resources -}} - {{- fail (printf "Webhook - Expected [resources] in [webhook.%v.%v] to not be empty" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- $scopes := (list "Cluster" "Namespaced" "*") -}} - {{- with $rule.scope -}} - {{- $scope := tpl . $rootCtx -}} - {{- if not (mustHas $scope $scopes) -}} - {{- fail (printf "Webhook - Expected [scope] in [webhook.%v.%v] to be one of [%s], but got [%v]" $objectData.shortName $webhookName (join ", " $scopes) $scope) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- with $webhook.failurePolicy -}} - {{- $policy := tpl . $rootCtx -}} - {{- $failPolicies := (list "Ignore" "Fail") -}} - {{- if not (mustHas $policy $failPolicies) -}} - {{- fail (printf "Webhook - Expected [failurePolicy] in [webhook.%v.%v] to be one of [%s], but got [%v]" $objectData.shortName $webhookName (join ", " $failPolicies) $policy) -}} - {{- end -}} - {{- end -}} - - {{- with $webhook.matchPolicy -}} - {{- $policy := tpl . $rootCtx -}} - {{- $matchPolicies := (list "Exact" "Equivalent") -}} - {{- if not (mustHas $policy $matchPolicies) -}} - {{- fail (printf "Webhook - Expected [matchPolicy] in [webhook.%v.%v] to be one of [%s], but got [%v]" $objectData.shortName $webhookName (join ", " $matchPolicies) $policy) -}} - {{- end -}} - {{- end -}} - - {{- if and (eq $type "validating") $webhook.reinvocationPolicy -}} - {{- fail (printf "Webhook - Expected [mutating] type in [webhook.%v.%v] when [reinvocationPolicy] is defined" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- if and (eq $type "mutating") $webhook.reinvocationPolicy -}} - {{- $policy := tpl $webhook.reinvocationPolicy $rootCtx -}} - {{- $reinvPolicies := (list "Never" "IfNeeded") -}} - {{- if not (mustHas $policy $reinvPolicies) -}} - {{- fail (printf "Webhook - Expected [reinvocationPolicy] in [webhook.%v.%v] to be one of [%s], but got [%v]" $objectData.shortName $webhookName (join ", " $reinvPolicies) $policy) -}} - {{- end -}} - {{- end -}} - - {{- with $webhook.sideEffects -}} - {{- $effect := tpl . $rootCtx -}} - {{- $sideEffects := (list "None" "NoneOnDryRun") -}} - {{- if not (mustHas $effect $sideEffects) -}} - {{- fail (printf "Webhook - Expected [sideEffects] in [webhook.%v.%v] to be one of [%s], but got [%v]" $objectData.shortName $webhookName (join ", " $sideEffects) $effect) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $webhook "timeoutSeconds") -}} - {{- if (kindIs "invalid" $webhook.timeoutSeconds) -}} - {{- fail (printf "Webhook - Expected the defined key [timeoutSeconds] in [webhook.%v.%v] to not be empty" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- if not (mustHas (kindOf $webhook.timeoutSeconds) (list "int" "int64" "float64")) -}} - {{- fail (printf "Webhook - Expected [timeoutSeconds] in [webhook.%v.%v] to be an integer, but got [%v]" $objectData.shortName $webhookName (kindOf $webhook.timeoutSeconds)) -}} - {{- end -}} - - {{- if (lt (int $webhook.timeoutSeconds) 1) -}} - {{- fail (printf "Webhook - Expected [timeoutSeconds] in [webhook.%v.%v] to be greater than 0, but got [%v]" $objectData.shortName $webhookName $webhook.timeoutSeconds) -}} - {{- end -}} - - {{- if (gt (int $webhook.timeoutSeconds) 30) -}} - {{- fail (printf "Webhook - Expected [timeoutSeconds] in [webhook.%v.%v] to be less than 30, but got [%v]" $objectData.shortName $webhookName $webhook.timeoutSeconds) -}} - {{- end -}} - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/webhook/_webhook.tpl b/charts/baikal/charts/common/templates/lib/webhook/_webhook.tpl deleted file mode 100644 index f49ea21..0000000 --- a/charts/baikal/charts/common/templates/lib/webhook/_webhook.tpl +++ /dev/null @@ -1,31 +0,0 @@ -{{- define "tc.v1.common.lib.webhook" -}} - {{- $webhook := .webhook -}} - {{- $rootCtx := .rootCtx }} -- name: {{ tpl $webhook.name $rootCtx }} - {{- with $webhook.failurePolicy }} - failurePolicy: {{ tpl . $rootCtx }} - {{- end -}} - {{- with $webhook.matchPolicy }} - matchPolicy: {{ tpl . $rootCtx }} - {{- end -}} - {{- with $webhook.reinvocationPolicy }} - reinvocationPolicy: {{ tpl . $rootCtx }} - {{- end -}} - {{- with $webhook.sideEffects }} - sideEffects: {{ tpl . $rootCtx }} - {{- end -}} - {{- with $webhook.timeoutSeconds }} - timeoutSeconds: {{ . }} - {{- end -}} - {{- include "tc.v1.common.lib.webhook.admissionReviewVersions" (dict "rootCtx" $rootCtx "admissionReviewVersions" $webhook.admissionReviewVersions) | trim | nindent 2 -}} - {{- include "tc.v1.common.lib.webhook.clientConfig" (dict "rootCtx" $rootCtx "clientConfig" $webhook.clientConfig) | trim | nindent 2 -}} - {{- include "tc.v1.common.lib.webhook.rules" (dict "rootCtx" $rootCtx "rules" $webhook.rules) | trim | nindent 2 -}} - {{- with $webhook.namespaceSelector }} - namespaceSelector: - {{- tpl (toYaml $webhook.namespaceSelector) $rootCtx | nindent 2 -}} - {{- end -}} - {{- with $webhook.objectSelector }} - objectSelector: - {{- tpl (toYaml $webhook.objectSelector) $rootCtx | nindent 2 -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/workload/_cronjobSpec.tpl b/charts/baikal/charts/common/templates/lib/workload/_cronjobSpec.tpl deleted file mode 100644 index cd1f1a0..0000000 --- a/charts/baikal/charts/common/templates/lib/workload/_cronjobSpec.tpl +++ /dev/null @@ -1,31 +0,0 @@ -{{/* CronJob Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.cronjobSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - schedule: The schedule in Cron format, see https://en.wikipedia.org/wiki/Cron. - concurrencyPolicy: Allow, Forbid, or Replace. Defaults to Allow. - failedJobsHistoryLimit: The number of failed finished jobs to retain. Defaults to 1. - successfulJobsHistoryLimit: The number of successful finished jobs to retain. Defaults to 3. - startingDeadlineSeconds: Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Defaults to nil. - timezone: The timezone name. Defaults to .Values.TZ - +jobSpec data -*/}} -{{- define "tc.v1.common.lib.workload.cronjobSpec" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $suspend := $objectData.suspend | default false -}} - {{- if (include "tc.v1.common.lib.util.stopAll" $rootCtx) -}} - {{- $suspend = true -}} - {{- end }} -timeZone: {{ (tpl ($objectData.timezone | default $rootCtx.Values.TZ) $rootCtx) | quote }} -schedule: {{ (tpl $objectData.schedule $rootCtx) | quote }} -concurrencyPolicy: {{ $objectData.concurrencyPolicy | default "Forbid" }} -failedJobsHistoryLimit: {{ $objectData.failedJobsHistoryLimit | default 1 }} -successfulJobsHistoryLimit: {{ $objectData.successfulJobsHistoryLimit | default 3 }} -startingDeadlineSeconds: {{ $objectData.startingDeadlineSeconds | default 600 }} -suspend: {{ $suspend }} -jobTemplate: - spec: - {{- include "tc.v1.common.lib.workload.jobSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) | indent 4 }} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/workload/_daemonsetSpec.tpl b/charts/baikal/charts/common/templates/lib/workload/_daemonsetSpec.tpl deleted file mode 100644 index c177719..0000000 --- a/charts/baikal/charts/common/templates/lib/workload/_daemonsetSpec.tpl +++ /dev/null @@ -1,30 +0,0 @@ -{{/* DaemonSet Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.daemonsetSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - revisionHistoryLimit: The number of old ReplicaSets to retain to allow rollback. - strategy: The daemonset strategy to use to replace existing pods with new ones. -*/}} -{{- define "tc.v1.common.lib.workload.daemonsetSpec" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- include "tc.v1.common.lib.workload.components.strategyType" (dict - "rootCtx" $rootCtx "objectData" $objectData - "defaultStrategy" "RollingUpdate" "resource" "DaemonSet" - ) }} -revisionHistoryLimit: {{ $objectData.revisionHistoryLimit | default 3 }} -updateStrategy: - type: {{ $objectData.strategy }} - {{- if and (eq $objectData.strategy "RollingUpdate") $objectData.rollingUpdate -}} - {{ if (or (hasKey $objectData.rollingUpdate "maxUnavailable") (hasKey $objectData.rollingUpdate "maxSurge")) }} - rollingUpdate: - {{- if hasKey $objectData.rollingUpdate "maxUnavailable" }} - maxUnavailable: {{ $objectData.rollingUpdate.maxUnavailable }} - {{- end -}} - {{- if hasKey $objectData.rollingUpdate "maxSurge" }} - maxSurge: {{ $objectData.rollingUpdate.maxSurge }} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/workload/_deploymentSpec.tpl b/charts/baikal/charts/common/templates/lib/workload/_deploymentSpec.tpl deleted file mode 100644 index 0672381..0000000 --- a/charts/baikal/charts/common/templates/lib/workload/_deploymentSpec.tpl +++ /dev/null @@ -1,39 +0,0 @@ -{{/* Deployment Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.deploymentSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - replicas: The number of replicas. - revisionHistoryLimit: The number of old ReplicaSets to retain to allow rollback. - strategy: The deployment strategy to use to replace existing pods with new ones. -*/}} -{{- define "tc.v1.common.lib.workload.deploymentSpec" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- include "tc.v1.common.lib.workload.components.strategyType" (dict - "rootCtx" $rootCtx "objectData" $objectData - "defaultStrategy" "Recreate" "resource" "Deployment" - ) -}} - {{- $replicas := 1 -}} - {{- if hasKey $objectData "replicas" -}} - {{- $replicas = $objectData.replicas -}} - {{- end -}} - {{- if (include "tc.v1.common.lib.util.stopAll" $rootCtx) -}} - {{- $replicas = 0 -}} - {{- end }} -replicas: {{ $replicas }} -revisionHistoryLimit: {{ $objectData.revisionHistoryLimit | default 3 }} -strategy: - type: {{ $objectData.strategy }} - {{- if and (eq $objectData.strategy "RollingUpdate") $objectData.rollingUpdate -}} - {{ if (or (hasKey $objectData.rollingUpdate "maxUnavailable") (hasKey $objectData.rollingUpdate "maxSurge")) }} - rollingUpdate: - {{- if hasKey $objectData.rollingUpdate "maxUnavailable" }} - maxUnavailable: {{ $objectData.rollingUpdate.maxUnavailable }} - {{- end -}} - {{- if hasKey $objectData.rollingUpdate "maxSurge" }} - maxSurge: {{ $objectData.rollingUpdate.maxSurge }} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/workload/_jobSpec.tpl b/charts/baikal/charts/common/templates/lib/workload/_jobSpec.tpl deleted file mode 100644 index bca25f6..0000000 --- a/charts/baikal/charts/common/templates/lib/workload/_jobSpec.tpl +++ /dev/null @@ -1,31 +0,0 @@ -{{/* Job Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.jobSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - backoffLimit: The number of retries before marking this job failed. Defaults to 6. - completions: The desired number of successfully finished pods the job should be run with. Defaults to 1. - parallelism: The maximum desired number of pods the job should run at any given time. Defaults to 1. - activeDeadlineSeconds: Specifies the duration in seconds relative to the startTime that the job may be active before the system tries to terminate it; value must be positive integer. If set to nil, the job is never terminated due to timeout. - ttlSecondsAfterFinished: TTLSecondsAfterFinished limits the lifetime of a Job that has finished execution (either Complete or Failed). If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted. When the Job is being deleted, its lifecycle guarantees (e.g. finalizers) will be honored. If this field is unset, the Job won't be automatically deleted. If this field is set to zero, the Job becomes eligible to be deleted immediately after it finishes. This field is alpha-level and is only honored by servers that enable the TTLAfterFinished feature. - completionMode: CompletionMode specifies how Pod completions are tracked. It can be `NonIndexed` (default) or `Indexed`. -*/}} -{{- define "tc.v1.common.lib.workload.jobSpec" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $parallelism := 1 -}} - {{- if hasKey $objectData "parallelism" -}} - {{- $parallelism = $objectData.parallelism -}} - {{- end -}} - {{- if (include "tc.v1.common.lib.util.stopAll" $rootCtx) -}} - {{- $parallelism = 0 -}} - {{- end }} -backoffLimit: {{ $objectData.backoffLimit | default 5 }} -completionMode: {{ $objectData.completionMode | default "NonIndexed" }} -completions: {{ $objectData.completions | default nil }} -parallelism: {{ $parallelism }} -ttlSecondsAfterFinished: {{ $objectData.ttlSecondsAfterFinished | default 120 }} - {{- with $objectData.activeDeadlineSeconds }} -activeDeadlineSeconds: {{ . }} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/workload/_pod.tpl b/charts/baikal/charts/common/templates/lib/workload/_pod.tpl deleted file mode 100644 index cb4b521..0000000 --- a/charts/baikal/charts/common/templates/lib/workload/_pod.tpl +++ /dev/null @@ -1,71 +0,0 @@ -{{/* Pod Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.pod" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.workload.pod" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} -serviceAccountName: {{ include "tc.v1.common.lib.pod.serviceAccountName" (dict "rootCtx" $rootCtx "objectData" $objectData) }} -automountServiceAccountToken: {{ include "tc.v1.common.lib.pod.automountServiceAccountToken" (dict "rootCtx" $rootCtx "objectData" $objectData) }} -runtimeClassName: {{ include "tc.v1.common.lib.pod.runtimeClassName" (dict "rootCtx" $rootCtx "objectData" $objectData) }} - {{- with (include "tc.v1.common.lib.pod.imagePullSecret" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -imagePullSecrets: - {{- . | nindent 2 }} - {{- end }} -hostNetwork: {{ include "tc.v1.common.lib.pod.hostNetwork" (dict "rootCtx" $rootCtx "objectData" $objectData) }} -hostPID: {{ include "tc.v1.common.lib.pod.hostPID" (dict "rootCtx" $rootCtx "objectData" $objectData) }} -hostIPC: {{ include "tc.v1.common.lib.pod.hostIPC" (dict "rootCtx" $rootCtx "objectData" $objectData) }} -shareProcessNamespace: {{ include "tc.v1.common.lib.pod.shareProcessNamespace" (dict "rootCtx" $rootCtx "objectData" $objectData) }} -enableServiceLinks: {{ include "tc.v1.common.lib.pod.enableServiceLinks" (dict "rootCtx" $rootCtx "objectData" $objectData) }} -restartPolicy: {{ include "tc.v1.common.lib.pod.restartPolicy" (dict "rootCtx" $rootCtx "objectData" $objectData) }} - {{- with (include "tc.v1.common.lib.pod.schedulerName" (dict "rootCtx" $rootCtx "objectData" $objectData)) }} -schedulerName: {{ . }} - {{- end -}} - {{- with (include "tc.v1.common.lib.pod.priorityClassName" (dict "rootCtx" $rootCtx "objectData" $objectData)) }} -priorityClassName: {{ . }} - {{- end -}} - {{- with (include "tc.v1.common.lib.pod.nodeSelector" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -nodeSelector: - {{- . | nindent 2 }} - {{- end -}} - {{- with (include "tc.v1.common.lib.pod.affinity" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -affinity: - {{- . | nindent 2 }} - {{- end -}} - {{- with (include "tc.v1.common.lib.pod.topologySpreadConstraints" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -topologySpreadConstraints: - {{- . | nindent 2 }} - {{- end -}} - {{- with (include "tc.v1.common.lib.pod.hostAliases" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -hostAliases: - {{- . | nindent 2 }} - {{- end -}} - {{- with (include "tc.v1.common.lib.pod.hostname" (dict "rootCtx" $rootCtx "objectData" $objectData)) }} -hostname: {{ . }} - {{- end -}} - {{- include "tc.v1.common.lib.pod.dns" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- with (include "tc.v1.common.lib.pod.terminationGracePeriodSeconds" (dict "rootCtx" $rootCtx "objectData" $objectData)) }} -terminationGracePeriodSeconds: {{ . }} - {{- end -}} - {{- with (include "tc.v1.common.lib.pod.tolerations" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -tolerations: - {{- . | nindent 2 }} - {{- end }} -securityContext: - {{- include "tc.v1.common.lib.pod.securityContext" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 }} -hostUsers: {{ include "tc.v1.common.lib.pod.hostUsers" (dict "rootCtx" $rootCtx "objectData" $objectData) }} - {{- if $objectData.podSpec.containers }} -containers: - {{- include "tc.v1.common.lib.pod.containerSpawner" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 -}} - {{- end -}} - {{- if $objectData.podSpec.initContainers }} -initContainers: - {{- include "tc.v1.common.lib.pod.initContainerSpawner" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 -}} - {{- end -}} - {{- with (include "tc.v1.common.lib.pod.volumes" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -volumes: - {{- . | nindent 2 }} -{{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/workload/_statefulsetSpec.tpl b/charts/baikal/charts/common/templates/lib/workload/_statefulsetSpec.tpl deleted file mode 100644 index bd26f33..0000000 --- a/charts/baikal/charts/common/templates/lib/workload/_statefulsetSpec.tpl +++ /dev/null @@ -1,40 +0,0 @@ -{{/* StatefulSet Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.statefulsetSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - replicas: The number of replicas. - revisionHistoryLimit: The number of old ReplicaSets to retain to allow rollback. - strategy: The statefulset strategy to use to replace existing pods with new ones. -*/}} -{{- define "tc.v1.common.lib.workload.statefulsetSpec" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- include "tc.v1.common.lib.workload.components.strategyType" (dict - "rootCtx" $rootCtx "objectData" $objectData - "defaultStrategy" "RollingUpdate" "resource" "StatefulSet" - ) -}} - {{- $replicas := 1 -}} - {{- if hasKey $objectData "replicas" -}} - {{- $replicas = $objectData.replicas -}} - {{- end -}} - {{- if (include "tc.v1.common.lib.util.stopAll" $rootCtx) -}} - {{- $replicas = 0 -}} - {{- end }} -replicas: {{ $replicas }} -revisionHistoryLimit: {{ $objectData.revisionHistoryLimit | default 3 }} -serviceName: {{ $objectData.name }} -updateStrategy: - type: {{ $objectData.strategy }} - {{- if and (eq $objectData.strategy "RollingUpdate") $objectData.rollingUpdate -}} - {{- if (or (hasKey $objectData.rollingUpdate "maxUnavailable") (hasKey $objectData.rollingUpdate "partition")) }} - rollingUpdate: - {{- if hasKey $objectData.rollingUpdate "maxUnavailable" }} - maxUnavailable: {{ $objectData.rollingUpdate.maxUnavailable }} - {{- end -}} - {{- if hasKey $objectData.rollingUpdate "partition" }} - partition: {{ $objectData.rollingUpdate.partition }} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/workload/components/_strategyType.tpl b/charts/baikal/charts/common/templates/lib/workload/components/_strategyType.tpl deleted file mode 100644 index 99fdcea..0000000 --- a/charts/baikal/charts/common/templates/lib/workload/components/_strategyType.tpl +++ /dev/null @@ -1,71 +0,0 @@ -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.components.strategyType" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - replicas: The number of replicas. - strategy: The deployment strategy to use to replace existing pods with new ones. -*/}} -{{- define "tc.v1.common.lib.workload.components.strategyType" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $defaultStrategy := .defaultStrategy -}} - {{- $resource := .resource -}} - {{- $strategy := $objectData.strategy | default $defaultStrategy -}} - - {{- $replicas := 1 -}} - {{- if hasKey $objectData "replicas" -}} - {{- $replicas = $objectData.replicas -}} - {{- end -}} - {{- $replicas = $replicas | int -}} - - {{- $volsRWO := list -}} - {{- range $name, $persistence := $rootCtx.Values.persistence }} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $persistence - "name" $name "caller" "Volumes" - "key" "persistence")) -}} - - {{- if (ne $enabled "true") -}}{{- continue -}}{{- end -}} - - {{- $type := ($persistence.type | default $rootCtx.Values.global.fallbackDefaults.persistenceType) -}} - {{- $typesWithAccessMode := (list "pvc") -}} - - {{- if (mustHas $type $typesWithAccessMode) -}} - {{- $modes := include "tc.v1.common.lib.pvc.accessModes" (dict "rootCtx" $rootCtx - "objectData" $persistence "caller" "Volumes") | fromYamlArray - -}} - - {{- $hasRWO := include "tc.v1.common.lib.pod.volumes.hasRWO" (dict "modes" $modes) -}} - {{- if ne $hasRWO "true" -}}{{- continue -}}{{- end -}} - {{- $volsRWO = mustAppend $volsRWO $name -}} - {{- end -}} - {{- end -}} - - {{/* If there are any RWO vols, do some checks and add warnings */}} - {{- if gt (len $volsRWO) 0 -}} - {{/* RWO + replicas > 1 is a no-no */}} - {{- if gt $replicas 1 -}} - {{- include "add.warning" (dict "rootCtx" $rootCtx "warn" (printf - "WARNING: The [accessModes] on volume(s) [%s] is set to [ReadWriteOnce] with a more than 1 replica. This is not stables" (join "," $volsRWO) - )) -}} - {{- else -}} - {{/* DaemonSets and StatefulSets can have RWO with 1 replica under their supported strategies (OnDelete, RollingUpdate) */}} - - {{- if eq $resource "Deployment" -}} - - {{/* On Deployments with single replicas, warn if strategy is not recreate */}} - {{- if eq $strategy "Recreate" -}} - {{- include "add.warning" (dict "rootCtx" $rootCtx "warn" (printf - "WARNING: The [accessModes] on volume(s) [%s] is set to [ReadWriteOnce] with a single replica and an strategy of [%s]. %s" - (join "," $volsRWO) $strategy "This is not stable, defaulting to [Recreate] strategy" - )) -}} - {{- end -}} - {{- $strategy = "Recreate" -}} - - {{- end -}} - {{- end -}} - {{- end -}} - - {{/* Update strategy */}} - {{- $_ := set $objectData "strategy" $strategy -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/workload/validation/_cronjobValidation.tpl b/charts/baikal/charts/common/templates/lib/workload/validation/_cronjobValidation.tpl deleted file mode 100644 index 26604a0..0000000 --- a/charts/baikal/charts/common/templates/lib/workload/validation/_cronjobValidation.tpl +++ /dev/null @@ -1,29 +0,0 @@ -{{/* CronJob Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.cronjobValidation" (dict "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - completionMode: The completionMode of the object. - completions: The completions of the object. - parallelism: The parallelism of the object. -*/}} -{{- define "tc.v1.common.lib.workload.cronjobValidation" -}} - {{- $objectData := .objectData -}} - - {{- if $objectData.concurrencyPolicy -}} - {{- $concurrencyPolicy := $objectData.concurrencyPolicy -}} - - {{- $policies := (list "Allow" "Forbid" "Replace") -}} - {{- if not (mustHas $concurrencyPolicy $policies) -}} - {{- fail (printf "CronJob - Expected [concurrencyPolicy] to be one of [%s], but got [%v]" (join ", " $policies) $concurrencyPolicy) -}} - {{- end -}} - - {{- end -}} - - {{- if not $objectData.schedule -}} - {{- fail "CronJob - Expected non-empty [schedule]" -}} - {{- end -}} - - {{/* CronJob contains a job inside, so we validate job values too */}} - {{- include "tc.v1.common.lib.workload.jobValidation" (dict "objectData" $objectData) -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/workload/validation/_daemonsetValidation.tpl b/charts/baikal/charts/common/templates/lib/workload/validation/_daemonsetValidation.tpl deleted file mode 100644 index 1283a03..0000000 --- a/charts/baikal/charts/common/templates/lib/workload/validation/_daemonsetValidation.tpl +++ /dev/null @@ -1,30 +0,0 @@ -{{/* DaemonSet Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.daemonsetValidation" (dict "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - strategy: The strategy of the object. - rollingUpdate: The rollingUpdate of the object. -*/}} -{{- define "tc.v1.common.lib.workload.daemonsetValidation" -}} - {{- $objectData := .objectData -}} - - {{- if $objectData.strategy -}} - {{- $strategy := $objectData.strategy -}} - - {{- $strategies := (list "OnDelete" "RollingUpdate") -}} - {{- if not (mustHas $strategy $strategies) -}} - {{- fail (printf "DaemonSet - Expected [strategy] to be one of [%s], but got [%v]" (join ", " $strategies) $strategy) -}} - {{- end -}} - - {{- end -}} - - {{- if $objectData.rollingUpdate -}} - {{- $rollUp := $objectData.rollingUpdate -}} - - {{- if and $rollUp (not (kindIs "map" $rollUp)) -}} - {{- fail (printf "DaemonSet - Expected [rollingUpdate] to be a dictionary, but got [%v]" (kindOf $rollUp)) -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/workload/validation/_deploymentValidation.tpl b/charts/baikal/charts/common/templates/lib/workload/validation/_deploymentValidation.tpl deleted file mode 100644 index 293d9f2..0000000 --- a/charts/baikal/charts/common/templates/lib/workload/validation/_deploymentValidation.tpl +++ /dev/null @@ -1,30 +0,0 @@ -{{/* Deployment Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.deploymentValidation" (dict "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - strategy: The strategy of the object. - rollingUpdate: The rollingUpdate of the object. -*/}} -{{- define "tc.v1.common.lib.workload.deploymentValidation" -}} - {{- $objectData := .objectData -}} - - {{- if $objectData.strategy -}} - {{- $strategy := $objectData.strategy -}} - - {{- $strategies := (list "Recreate" "RollingUpdate") -}} - {{- if not (mustHas $strategy $strategies) -}} - {{- fail (printf "Deployment - Expected [strategy] to be one of [%s], but got [%v]" (join ", " $strategies) $strategy) -}} - {{- end -}} - - {{- end -}} - - {{- if $objectData.rollingUpdate -}} - {{- $rollUp := $objectData.rollingUpdate -}} - - {{- if and $rollUp (not (kindIs "map" $rollUp)) -}} - {{- fail (printf "Deployment - Expected [rollingUpdate] to be a dictionary, but got [%v]" (kindOf $rollUp)) -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/workload/validation/_jobValidation.tpl b/charts/baikal/charts/common/templates/lib/workload/validation/_jobValidation.tpl deleted file mode 100644 index a68027e..0000000 --- a/charts/baikal/charts/common/templates/lib/workload/validation/_jobValidation.tpl +++ /dev/null @@ -1,32 +0,0 @@ -{{/* Job Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.jobValidation" (dict "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - completionMode: The completionMode of the object. - completions: The completions of the object. - parallelism: The parallelism of the object. -*/}} -{{- define "tc.v1.common.lib.workload.jobValidation" -}} - {{- $objectData := .objectData -}} - - {{- if $objectData.completionMode -}} - {{- $completionMode := $objectData.completionMode -}} - - {{- if not (mustHas $completionMode (list "Indexed" "NonIndexed")) -}} - {{- fail (printf "Job - Expected [completionMode] to be one of [Indexed, NonIndexed], but got [%v]" $completionMode) -}} - {{- end -}} - - {{- if eq $completionMode "Indexed" -}} - {{- if not $objectData.completions -}} - {{- fail "Job - Expected [completions] to be set when [completionMode] is set to [Indexed]" -}} - {{- end -}} - - {{- if not $objectData.parallelism -}} - {{- fail "Job - Expected [parallelism] to be set when [completionMode] is set to [Indexed]" -}} - {{- end -}} - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/workload/validation/_statefusetValidation.tpl b/charts/baikal/charts/common/templates/lib/workload/validation/_statefusetValidation.tpl deleted file mode 100644 index 4bfd4b2..0000000 --- a/charts/baikal/charts/common/templates/lib/workload/validation/_statefusetValidation.tpl +++ /dev/null @@ -1,30 +0,0 @@ -{{/* StatefulSet Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.statefulsetValidation" (dict "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - strategy: The strategy of the object. - rollingUpdate: The rollingUpdate of the object. -*/}} -{{- define "tc.v1.common.lib.workload.statefulsetValidation" -}} - {{- $objectData := .objectData -}} - - {{- if $objectData.strategy -}} - {{- $strategy := $objectData.strategy -}} - - {{- $strategies := (list "OnDelete" "RollingUpdate") -}} - {{- if not (mustHas $strategy $strategies) -}} - {{- fail (printf "StatefulSet - Expected [strategy] to be one of [%s], but got [%v]" (join ", " $strategies) $strategy) -}} - {{- end -}} - - {{- end -}} - - {{- if $objectData.rollingUpdate -}} - {{- $rollUp := $objectData.rollingUpdate -}} - - {{- if and $rollUp (not (kindIs "map" $rollUp)) -}} - {{- fail (printf "StatefulSet - Expected [rollingUpdate] to be a dictionary, but got [%v]" (kindOf $rollUp)) -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/lib/workload/validation/_workloadValidation.tpl b/charts/baikal/charts/common/templates/lib/workload/validation/_workloadValidation.tpl deleted file mode 100644 index 052def5..0000000 --- a/charts/baikal/charts/common/templates/lib/workload/validation/_workloadValidation.tpl +++ /dev/null @@ -1,43 +0,0 @@ -{{/* Workload Basic Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.primaryValidation" $ -}} -*/}} -{{- define "tc.v1.common.lib.workload.primaryValidation" -}} - - {{/* Initialize values */}} - {{- $hasPrimary := false -}} - {{- $hasEnabled := false -}} - - {{/* Go over workload */}} - {{- range $name, $workload := .Values.workload -}} - - {{/* If workload is enabled */}} - {{- if $workload.enabled -}} - - {{- $types := (list "Deployment" "StatefulSet" "DaemonSet" "Job" "CronJob") -}} - {{- if not (mustHas $workload.type $types) -}} - {{- fail (printf "Workload - Expected [type] to be one of [%s], but got [%s]" (join ", " $types) $workload.type) -}} - {{- end -}} - - {{- $hasEnabled = true -}} - - {{/* And workload is primary */}} - {{- if $workload.primary -}} - {{/* Fail if there is already a primary workload */}} - {{- if $hasPrimary -}} - {{- fail "Workload - Only one workload can be primary" -}} - {{- end -}} - - {{- $hasPrimary = true -}} - - {{- end -}} - {{- end -}} - - {{- end -}} - - {{/* Require at one primary workload, if any enabled */}} - {{- if and $hasEnabled (not $hasPrimary) -}} - {{- fail "Workload - One enabled workload must be primary" -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/loader/_all.tpl b/charts/baikal/charts/common/templates/loader/_all.tpl deleted file mode 100644 index 2983499..0000000 --- a/charts/baikal/charts/common/templates/loader/_all.tpl +++ /dev/null @@ -1,8 +0,0 @@ -{{/* Main entrypoint for the library */}} -{{- define "tc.v1.common.loader.all" -}} - - {{- include "tc.v1.common.loader.init" . -}} - - {{- include "tc.v1.common.loader.apply" . -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/loader/_apply.tpl b/charts/baikal/charts/common/templates/loader/_apply.tpl deleted file mode 100644 index 20a634d..0000000 --- a/charts/baikal/charts/common/templates/loader/_apply.tpl +++ /dev/null @@ -1,79 +0,0 @@ -{{/* Loads all spawners */}} -{{- define "tc.v1.common.loader.apply" -}} - - {{/* Inject custom tpl files, as defined in values.yaml */}} - {{- include "tc.v1.common.spawner.extraTpl" . | nindent 0 -}} - - {{/* Ensure automatic permissions containers are injected */}} - {{- include "tc.v1.common.lib.util.autoperms.job" $ -}} - - {{/* Make sure there are not any YAML errors */}} - {{- include "tc.v1.common.values.validate" .Values -}} - - {{/* Render ConfigMap(s) */}} - {{- include "tc.v1.common.spawner.configmap" . | nindent 0 -}} - - {{/* Render priorityclass(s) */}} - {{- include "tc.v1.common.spawner.priorityclass" . | nindent 0 -}} - - {{/* Render Secret(s) */}} - {{- include "tc.v1.common.spawner.secret" . | nindent 0 -}} - - {{/* Render Image Pull Secrets(s) */}} - {{- include "tc.v1.common.spawner.imagePullSecret" . | nindent 0 -}} - - {{/* Render Service Accounts(s) */}} - {{- include "tc.v1.common.spawner.serviceAccount" . | nindent 0 -}} - - {{/* Render RBAC(s) */}} - {{- include "tc.v1.common.spawner.rbac" . | nindent 0 -}} - - {{/* Render Workload(s) */}} - {{- include "tc.v1.common.spawner.workload" . | nindent 0 -}} - - {{/* Render Services(s) */}} - {{- include "tc.v1.common.spawner.service" . | nindent 0 -}} - - {{/* Render storageClass(s) */}} - {{- include "tc.v1.common.spawner.storageclass" . | nindent 0 -}} - - {{/* Render PVC(s) */}} - {{- include "tc.v1.common.spawner.pvc" . | nindent 0 -}} - - {{/* Render volumeSnapshot(s) */}} - {{- include "tc.v1.common.spawner.volumesnapshot" . | nindent 0 -}} - - {{/* Render volumeSnapshotClass(s) */}} - {{- include "tc.v1.common.spawner.volumesnapshotclass" . | nindent 0 -}} - - {{/* Render Middleware(s) */}} - {{- include "tc.v1.common.spawner.traefik.middleware" . | nindent 0 -}} - - {{/* Render ingress(s) */}} - {{- include "tc.v1.common.spawner.ingress" . | nindent 0 -}} - - {{/* Render Gateway API Route(s) */}} - {{- include "tc.v1.common.spawner.routes" . | nindent 0 -}} - - {{/* Render Horizontal Pod Autoscalers(s) */}} - {{- include "tc.v1.common.spawner.hpa" . | nindent 0 -}} - - {{/* Render Networkpolicy(s) */}} - {{- include "tc.v1.common.spawner.networkpolicy" . | nindent 0 -}} - - {{/* Render podDisruptionBudget(s) */}} - {{- include "tc.v1.common.spawner.podDisruptionBudget" . | nindent 0 -}} - - {{/* Render webhook(s) */}} - {{- include "tc.v1.common.spawner.webhook" . | nindent 0 -}} - - {{/* Render Prometheus Metrics(s) */}} - {{- include "tc.v1.common.spawner.metrics" . | nindent 0 -}} - - {{/* Render Cert-Manager Certificates(s) */}} - {{- include "tc.v1.common.spawner.certificate" . | nindent 0 -}} - - {{/* Render Vertical Pod Autoscaler */}} - {{ include "tc.v1.common.spawner.vpa" . | nindent 0 -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/loader/_init.tpl b/charts/baikal/charts/common/templates/loader/_init.tpl deleted file mode 100644 index 6a2f78e..0000000 --- a/charts/baikal/charts/common/templates/loader/_init.tpl +++ /dev/null @@ -1,53 +0,0 @@ -{{/* Initialiaze values of the chart */}} -{{- define "tc.v1.common.loader.init" -}} - - {{- include "tc.v1.common.check.capabilities" . -}} - - {{/* Merge chart values and the common chart defaults */}} - {{- include "tc.v1.common.values.init" . -}} - - {{/* Ensure TrueCharts chart context information is available */}} - {{- include "tc.v1.common.lib.util.chartcontext" . -}} - - {{/* Autogenerate postgresql passwords if needed */}} - {{- include "tc.v1.common.spawner.cnpg" . }} - - {{/* Autogenerate redis passwords if needed */}} - {{- include "tc.v1.common.dependencies.redis.injector" . }} - - {{/* Autogenerate mariadb passwords if needed */}} - {{- include "tc.v1.common.dependencies.mariadb.injector" . }} - - {{/* Autogenerate mongodb passwords if needed */}} - {{- include "tc.v1.common.dependencies.mongodb.injector" . }} - - {{/* Autogenerate clickhouse passwords if needed */}} - {{- include "tc.v1.common.dependencies.clickhouse.injector" . }} - - {{/* Autogenerate solr passwords if needed */}} - {{- include "tc.v1.common.dependencies.solr.injector" . }} - - {{/* Enable code-server add-on if required */}} - {{- if .Values.addons.codeserver.enabled }} - {{- include "tc.v1.common.addon.codeserver" . }} - {{- end -}} - - {{/* Enable gluetun add-on if required */}} - {{- if and .Values.addons.gluetun .Values.addons.gluetun.enabled -}} - {{- include "tc.v1.common.addon.gluetun" . }} - {{- end -}} - - {{/* Enable tailscale add-on if required */}} - {{- if and .Values.addons.tailscale .Values.addons.tailscale.enabled -}} - {{- include "tc.v1.common.addon.tailscale" . }} - {{- end -}} - - {{/* Enable netshoot add-on if required */}} - {{- if and .Values.addons.netshoot .Values.addons.netshoot.enabled }} - {{- include "tc.v1.common.addon.netshoot" . }} - {{- end -}} - - {{/* Append database wait containers to pods */}} - {{- include "tc.v1.common.lib.deps.wait" $ }} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/_cnpg.tpl b/charts/baikal/charts/common/templates/spawner/_cnpg.tpl deleted file mode 100644 index 40a0b11..0000000 --- a/charts/baikal/charts/common/templates/spawner/_cnpg.tpl +++ /dev/null @@ -1,76 +0,0 @@ -{{/* Renders the cnpg objects required by the chart */}} -{{- define "tc.v1.common.spawner.cnpg" -}} - - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $cnpg := $.Values.cnpg -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $cnpg - "name" $name "caller" "CNPG" - "key" "cnpg")) -}} - - {{/* Create a copy */}} - {{- $objectData := mustDeepCopy $cnpg -}} - {{- $objectName := printf "%s-cnpg-%s" $fullname $name -}} - - {{/* Set the name */}} - {{- $_ := set $objectData "name" $objectName -}} - {{/* Short name is the one that defined on the chart*/}} - {{- $_ := set $objectData "shortName" $name -}} - {{/* Set the cluster name */}} - {{- $_ := set $objectData "clusterName" $objectData.name -}} - - {{- if eq $enabled "true" -}} - - {{/* Handle version string */}} - {{- $pgVersion := ($objectData.pgVersion | default $.Values.global.fallbackDefaults.cnpg.pgVersion) | toString -}} - - {{/* Set the updated pgVersion version to objectData */}} - {{- $_ := set $objectData "pgVersion" $pgVersion -}} - - {{/* allow for injecting major upgrade code */}} - {{- if $objectData.upgradeMajor -}} - {{/* TODO: actually handle postgres version updates here */}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Handle Backups/ScheduledBackups */}} - {{- if and (hasKey $objectData "backups") $objectData.backups.enabled -}} - - {{/* Create Backups */}} - {{- include "tc.v1.common.lib.cnpg.spawner.backups" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{/* Create ScheduledBackups */}} - {{- include "tc.v1.common.lib.cnpg.spawner.scheduledBackups" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{/* Create secret for backup store */}} - {{- include "tc.v1.common.lib.cnpg.provider.secret.spawner" (dict "rootCtx" $ "objectData" $objectData "type" "backup") -}} - {{- end -}} - - {{/* Handle Pooler(s) */}} - {{- if and $objectData.pooler $objectData.pooler.enabled -}} - {{- include "tc.v1.common.lib.cnpg.spawner.pooler" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- end -}} - - {{/* Handle Cluster */}} - {{/* Validate Cluster */}} - {{- include "tc.v1.common.lib.cnpg.cluster.validation" (dict "objectData" $objectData) -}} - - {{- if and (eq $objectData.mode "recovery") (eq $objectData.recovery.method "object_store") -}} - {{/* Create secret for recovery store */}} - {{- include "tc.v1.common.lib.cnpg.provider.secret.spawner" (dict "rootCtx" $ "objectData" $objectData "type" "recovery") -}} - {{- end -}} - - {{/* Create the Cluster object */}} - {{- include "tc.v1.common.class.cnpg.cluster" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{/* TODO: Create configmaps for cluster.monitoring.customQueries */}} - - {{/* Handle DB Credentials Secret, will also inject creds to cnpg.creds */}} - {{- include "tc.v1.common.lib.cnpg.db.credentials.secrets" (dict "rootCtx" $ "cnpg" $cnpg "objectData" $objectData) -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/_configmap.tpl b/charts/baikal/charts/common/templates/spawner/_configmap.tpl deleted file mode 100644 index eb3f4a0..0000000 --- a/charts/baikal/charts/common/templates/spawner/_configmap.tpl +++ /dev/null @@ -1,50 +0,0 @@ -{{/* Configmap Spawwner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.configmap" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.configmap" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $configmap := .Values.configmap -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $configmap - "name" $name "caller" "ConfigMap" - "key" "configmap")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the configmap */}} - {{- $objectData := (mustDeepCopy $configmap) -}} - - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "ConfigMap" - "key" "configmap")) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} {{/* Configmaps have a max name length of 253 */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName "length" 253) -}} - {{- include "tc.v1.common.lib.configmap.validation" (dict "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "ConfigMap") -}} - - {{/* Set the name of the configmap */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.configmap" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/_extraTpl.tpl b/charts/baikal/charts/common/templates/spawner/_extraTpl.tpl deleted file mode 100644 index 701fb04..0000000 --- a/charts/baikal/charts/common/templates/spawner/_extraTpl.tpl +++ /dev/null @@ -1,13 +0,0 @@ -{{- define "tc.v1.common.spawner.extraTpl" -}} - {{- range $item := .Values.extraTpl }} - {{- if not $item -}} - {{- fail "Extra tpl - Expected non-empty [extraTpl] item" -}} - {{- end }} ---- - {{- if kindIs "string" $item }} - {{- tpl $item $ | nindent 0 }} - {{- else }} - {{- tpl ($item | toYaml) $ | nindent 0 }} - {{- end }} - {{- end }} -{{- end }} diff --git a/charts/baikal/charts/common/templates/spawner/_horizontalPodAutoscaler.tpl b/charts/baikal/charts/common/templates/spawner/_horizontalPodAutoscaler.tpl deleted file mode 100644 index a88ebaa..0000000 --- a/charts/baikal/charts/common/templates/spawner/_horizontalPodAutoscaler.tpl +++ /dev/null @@ -1,69 +0,0 @@ -{{/* horizontal Pod Autoscaler Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.hpa" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.hpa" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - {{- range $name, $hpa := .Values.hpa -}} - {{- $enabledHPA := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $hpa - "name" $name "caller" "Horizontal Pod Autoscaler" - "key" "hpa")) -}} - - {{- if ne $enabledHPA "true" -}}{{- continue -}}{{- end -}} - - {{- $objectData := (mustDeepCopy $hpa) -}} - {{- $_ := set $objectData "hpaName" $name -}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $name) -}} - - {{- range $workloadName, $workload := $.Values.workload -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $workload - "name" $name "caller" "hpa" - "key" "workload")) -}} - - {{- if ne $enabled "true" -}}{{- continue -}}{{- end -}} - {{- $containerNames := list -}} - {{- range $cName, $c := $workload.podSpec.containers -}} - {{- $enabledContainer := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $c - "name" $cName "caller" "Vertical Pod Autoscaler" - "key" "workload.podSpec.containers")) -}} - {{- if ne $enabledContainer "true" -}}{{- continue -}}{{- end -}} - {{- $containerNames = mustAppend $containerNames $cName -}} - {{- end -}} - {{- $_ := set $objectData "containerNames" $containerNames -}} - {{- include "tc.v1.common.lib.hpa.validation" (dict "objectData" $objectData "rootCtx" $) -}} - - {{/* Create a copy of the workload */}} - {{- $_ := set $objectData "workload" (mustDeepCopy $workload) -}} - - {{/* Generate the name of the hpa */}} - {{- $objectName := $fullname -}} - {{- if not $objectData.workload.primary -}} - {{- $objectName = printf "%s-%s" $fullname $workloadName -}} - {{- end -}} - - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Horizontal Pod Autoscaler") -}} - - {{/* Set the name of the workload */}} - {{- $_ := set $objectData "name" $objectName -}} - - {{/* Short name is the one that defined on the chart, used on selectors */}} - {{- $_ := set $objectData "shortName" $workloadName -}} - - {{- if or (not $objectData.targetSelector) (mustHas $workloadName $objectData.targetSelector) -}} - {{/* Call class to create the object */}} - {{- $types := (list "Deployment" "StatefulSet" "DaemonSet") -}} - {{- if (mustHas $objectData.workload.type $types) -}} - {{- include "tc.v1.common.class.hpa" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- end -}} - {{- end -}} - - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/_imagePullSecret.tpl b/charts/baikal/charts/common/templates/spawner/_imagePullSecret.tpl deleted file mode 100644 index 5dfb309..0000000 --- a/charts/baikal/charts/common/templates/spawner/_imagePullSecret.tpl +++ /dev/null @@ -1,51 +0,0 @@ -{{/* Image Pull Secrets Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.imagePullSecret" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.imagePullSecret" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $imgPullSecret := .Values.imagePullSecret -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $imgPullSecret - "name" $name "caller" "Image Pull Secret" - "key" "imagePullSecret")) -}} - - {{- if $imgPullSecret.existingSecret -}} - {{- continue -}} - {{- end -}} - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the configmap */}} - {{- $objectData := (mustDeepCopy $imgPullSecret) -}} - - {{- $objectName := (printf "%s-%s" $fullname $name) -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} {{/* Secrets have a max name length of 253 */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName "length" 253) -}} - {{- include "tc.v1.common.lib.imagePullSecret.validation" (dict "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Image Pull Secret") -}} - {{- $data := include "tc.v1.common.lib.imagePullSecret.createData" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{/* Update the data */}} - {{- $_ := set $objectData "data" $data -}} - - {{/* Set the type to Image Pull Secret */}} - {{- $_ := set $objectData "type" "imagePullSecret" -}} - - {{/* Set the name of the image pull secret */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.secret" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/_ingress.tpl b/charts/baikal/charts/common/templates/spawner/_ingress.tpl deleted file mode 100644 index 8f79130..0000000 --- a/charts/baikal/charts/common/templates/spawner/_ingress.tpl +++ /dev/null @@ -1,90 +0,0 @@ -{{/* Ingress Spawwner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.ingress" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.ingress" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{/* Validate that only 1 primary exists */}} - {{- include "tc.v1.common.lib.ingress.primaryValidation" $ -}} - - {{- range $name, $ingress := .Values.ingress -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $ingress - "name" $name "caller" "Ingress" - "key" "ingress")) -}} - - {{- if and (eq $enabled "false") ($ingress.required) -}} - {{- fail (printf "Ingress - Expected ingress [%s] to be enabled. This chart is designed to work only with ingress enabled." $name) -}} - {{- end -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the ingress */}} - {{- $objectData := (mustDeepCopy $ingress) -}} - - {{/* Init object name */}} - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Ingress" - "key" "ingress")) -}} - - {{- if eq $expandName "true" -}} - {{/* Expand the name of the service if expandName resolves to true */}} - {{- $objectName = $fullname -}} - {{- end -}} - - {{- if and (eq $expandName "true") (not $objectData.primary) -}} - {{/* If the ingress is not primary append its name to fullname */}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName "length" 253) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Ingress") -}} - {{- include "tc.v1.common.lib.ingress.validation" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{/* Set the name of the ingress */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.ingress" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- $hasCertIssuer := false -}} - {{- if $objectData.integrations -}} - {{- if and $objectData.integrations.certManager $objectData.integrations.certManager.enabled -}} - {{- $hasCertIssuer = true -}} - {{- end -}} - {{- end -}} - - {{- if not $hasCertIssuer -}} - {{- range $idx, $tlsData := $objectData.tls -}} - {{- if $tlsData.certificateIssuer -}} - {{- $certName := printf "%s-tls-%d" $objectData.name ($idx | int) -}} - - {{- $certObjData := (dict - "name" $certName "shortName" $name - "hosts" $tlsData.hosts - "certificateIssuer" $tlsData.certificateIssuer - ) -}} - - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $certName) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $certObjData "caller" "Ingress (certificateIssuer)") -}} - {{- include "tc.v1.common.lib.certificate.validation" (dict "rootCtx" $ "objectData" $certObjData) -}} - - {{/* Create the certificate with the certData */}} - {{- include "tc.v1.common.class.certificate" (dict "rootCtx" $ "objectData" $certObjData) -}} - - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/_metrics.tpl b/charts/baikal/charts/common/templates/spawner/_metrics.tpl deleted file mode 100644 index 7d72777..0000000 --- a/charts/baikal/charts/common/templates/spawner/_metrics.tpl +++ /dev/null @@ -1,28 +0,0 @@ -{{/* Renders the Ingress objects required by the chart */}} -{{- define "tc.v1.common.spawner.metrics" -}} - {{/* Generate named metricses as required */}} - {{- range $name, $metrics := .Values.metrics -}} - {{- if $metrics.enabled -}} - {{- $metricsValues := $metrics -}} - - {{/* set defaults */}} - {{- if and (not $metricsValues.nameOverride) (ne $name (include "tc.v1.common.lib.util.metrics.primary" $)) -}} - {{- $_ := set $metricsValues "nameOverride" $name -}} - {{- end -}} - - {{- $_ := set $ "ObjectValues" (dict "metrics" $metricsValues) -}} - {{- if eq $metricsValues.type "podmonitor" -}} - {{- include "tc.v1.common.class.podmonitor" $ -}} - {{- else if eq $metricsValues.type "servicemonitor" -}} - {{- include "tc.v1.common.class.servicemonitor" $ -}} - {{- else -}} - {{/* TODO: Add Fail case */}} - {{- end -}} - - {{- if $metricsValues.PrometheusRule -}} - {{- include "tc.v1.common.class.prometheusrule" $ -}} - {{- end -}} - - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/_networkPolicy.tpl b/charts/baikal/charts/common/templates/spawner/_networkPolicy.tpl deleted file mode 100644 index 46e4ea2..0000000 --- a/charts/baikal/charts/common/templates/spawner/_networkPolicy.tpl +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -Renders the networkPolicy objects required by the chart. -*/}} -{{- define "tc.v1.common.spawner.networkpolicy" -}} - {{/* Generate named networkpolicy as required */}} - {{- range $name, $networkPolicy := .Values.networkPolicy -}} - {{- if $networkPolicy.enabled -}} - {{- $networkPolicyValues := $networkPolicy -}} - - {{/* set the default nameOverride to the networkpolicy name */}} - {{- if not $networkPolicyValues.nameOverride -}} - {{- $_ := set $networkPolicyValues "nameOverride" $name -}} - {{- end -}} - - {{- $_ := set $ "ObjectValues" (dict "networkPolicy" $networkPolicyValues) -}} - {{- include "tc.v1.common.class.networkpolicy" $ -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/_podDisruptionBudget.tpl b/charts/baikal/charts/common/templates/spawner/_podDisruptionBudget.tpl deleted file mode 100644 index 053e33f..0000000 --- a/charts/baikal/charts/common/templates/spawner/_podDisruptionBudget.tpl +++ /dev/null @@ -1,50 +0,0 @@ -{{/* poddisruptionbudget Spawwner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.podDisruptionBudget" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.podDisruptionBudget" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $pdb := .Values.podDisruptionBudget -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $pdb - "name" $name "caller" "Pod Disruption Budget" - "key" "podDisruptionBudget")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the poddisruptionbudget */}} - {{- $objectData := (mustDeepCopy $pdb) -}} - - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Pod Disruption Budget" - "key" "podDisruptionBudget")) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Pod Disruption Budget") -}} - - {{/* Set the name of the poddisruptionbudget */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{- include "tc.v1.common.lib.podDisruptionBudget.validation" (dict "objectData" $objectData "rootCtx" $) -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.podDisruptionBudget" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/_priorityClass.tpl b/charts/baikal/charts/common/templates/spawner/_priorityClass.tpl deleted file mode 100644 index 97a5d13..0000000 --- a/charts/baikal/charts/common/templates/spawner/_priorityClass.tpl +++ /dev/null @@ -1,51 +0,0 @@ -{{/* Priority Class Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.priorityclass" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.priorityclass" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $priorityclass := .Values.priorityClass -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $priorityclass - "name" $name "caller" "Priority Class" - "key" "priorityClass")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the priorityclass */}} - {{- $objectData := (mustDeepCopy $priorityclass) -}} - - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Priority Class" - "key" "priorityClass")) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} {{/* priorityclasss have a max name length of 253 */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName "length" 253) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "priorityclass") -}} - - {{/* Set the name of the priorityclass */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Validate */}} - {{- include "tc.v1.common.lib.priorityclass.validation" (dict "rootCtx" $ "objectData" $objectData) -}} - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.priorityclass" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/_pvc.tpl b/charts/baikal/charts/common/templates/spawner/_pvc.tpl deleted file mode 100644 index b4b3b06..0000000 --- a/charts/baikal/charts/common/templates/spawner/_pvc.tpl +++ /dev/null @@ -1,192 +0,0 @@ -{{/* PVC Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.pvc" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.pvc" -}} - - {{- range $name, $persistence := .Values.persistence -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $persistence - "name" $name "caller" "Persistence" - "key" "persistence")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the persistence */}} - {{- $objectData := (mustDeepCopy $persistence) -}} - - {{- $_ := set $objectData "type" ($objectData.type | default $.Values.global.fallbackDefaults.persistenceType) -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform general validations */}} - {{- include "tc.v1.common.lib.persistence.validation" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Persistence") -}} - - {{/* Only spawn PVC if its enabled and any type of "pvc" */}} - {{- $types := (list "pvc") -}} - {{- if and (mustHas $objectData.type $types) (not $objectData.existingClaim) -}} - - {{/* Set the name of the PVC */}} - {{- $_ := set $objectData "name" (include "tc.v1.common.lib.storage.pvc.name" (dict "rootCtx" $ "objectName" $name "objectData" $objectData)) -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{- if and $objectData.static $objectData.static.mode (ne $objectData.static.mode "disabled") -}} - {{- $_ := set $objectData "storageClass" ($objectData.storageClass | default $objectData.name) -}} - {{- $_ := set $objectData "volumeName" $objectData.name -}} - - {{- if eq $objectData.static.mode "smb" -}} - {{/* Validate SMB CSI */}} - {{- include "tc.v1.common.lib.storage.smbCSI.validation" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- $_ := set $objectData "provisioner" "smb.csi.k8s.io" -}} - {{- $_ := set $objectData.static "driver" "smb.csi.k8s.io" -}} - - {{/* Create secret with creds */}} - {{- $secretData := (dict - "name" $objectData.name - "labels" ($objectData.labels | default dict) - "annotations" ($objectData.annotations | default dict) - "data" (dict "username" $objectData.static.username "password" $objectData.static.password) - ) -}} - {{- with $objectData.domain -}} - {{- $_ := set $secretData.data "domain" . -}} - {{- end -}} - {{- include "tc.v1.common.class.secret" (dict "rootCtx" $ "objectData" $secretData) -}} - - {{- else if eq $objectData.static.mode "nfs" -}} - {{/* Validate NFS CSI */}} - {{- include "tc.v1.common.lib.storage.nfsCSI.validation" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- $_ := set $objectData "provisioner" "nfs.csi.k8s.io" -}} - {{- $_ := set $objectData.static "driver" "nfs.csi.k8s.io" -}} - - {{- else if eq $objectData.static.mode "custom" -}} - - {{- $_ := set $objectData "provisioner" $objectData.static.provisioner -}} - {{- $_ := set $objectData.static "driver" $objectData.static.driver -}} - - {{- end -}} - - {{/* Create the PV */}} - {{- include "tc.v1.common.class.pv" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- else if $objectData.volumeName -}} - - {{- $_ := set $objectData "storageClass" ($objectData.storageClass | default $objectData.name) -}} - - {{- end -}} - - {{/* Create VolSync objects */}} - {{- range $volsync := $objectData.volsync -}} - {{- $srcEnabled := eq (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $volsync.src - "name" $volsync.name "caller" "VolSync Source" - "key" "volsync")) "true" -}} - {{- $destEnabled := eq (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $volsync.dest - "name" $volsync.name "caller" "VolSync Destination" - "key" "volsync")) "true" -}} - - {{- if or $srcEnabled $destEnabled -}} - {{- $volsyncData := (mustDeepCopy $volsync) -}} - - {{- include "tc.v1.common.lib.volsync.validation" (dict "objectData" $volsyncData "rootCtx" $) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $volsyncData "caller" "PVC - VolSync") -}} - - {{/* Create Secret for VolSync */}} - {{- $volsyncSecretName := printf "%s-volsync-%s" $objectData.name $volsyncData.name -}} - {{- $_ := set $volsyncData "repository" $volsyncSecretName -}} - - {{- $credentials := get $.Values.credentials $volsync.credentials -}} - - {{/* Only amazon needs the https:// trimmed, anything else requires it */}} - {{- $url := $credentials.url -}} - {{- if hasPrefix "https://s3." $url -}} - {{- $url = trimPrefix "https://" $url -}} - {{- end -}} - - {{- $baseRepo := printf "s3:%s/%s" $url $credentials.bucket -}} - {{- $repoSuffix := printf "%s/volsync/%s-volsync-%s" $.Release.Name $objectData.shortName $volsyncData.name -}} - {{- $resticrepository := printf "%s/%s" $baseRepo $repoSuffix -}} - {{- if $credentials.path -}} - {{- $resticrepository = printf "%s/%s/%s" $baseRepo ($credentials.path | trimSuffix "/") $repoSuffix -}} - {{- end -}} - - {{- $volsyncSecretData := (dict - "name" $volsyncSecretName - "labels" ($volsync.labels | default dict) - "annotations" ($volsync.annotations | default dict) - "data" (dict - "RESTIC_REPOSITORY" $resticrepository - "RESTIC_PASSWORD" $credentials.encrKey - "AWS_ACCESS_KEY_ID" $credentials.accessKey - "AWS_SECRET_ACCESS_KEY" $credentials.secretKey - ) - ) -}} - - {{- include "tc.v1.common.class.secret" (dict "rootCtx" $ "objectData" $volsyncSecretData) -}} - {{/* Create VolSync resources*/}} - {{- if $srcEnabled -}} - {{- include "tc.v1.common.class.replicationsource" (dict "rootCtx" $ "objectData" $objectData "volsyncData" $volsyncData) -}} - {{- end -}} - - {{- if $destEnabled -}} - {{- include "tc.v1.common.class.replicationdestination" (dict "rootCtx" $ "objectData" $objectData "volsyncData" $volsyncData) -}} - - {{/* modify PVC if enabled */}} - {{- $destname := printf "%s-%s-dest" $objectData.name $volsyncData.name -}} - {{- $datasourceref := dict "kind" "ReplicationDestination" "apiGroup" "volsync.backube" "name" $destname -}} - {{- $_ := set $objectData "dataSourceRef" $datasourceref -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.pvc" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{/* Create VolumeSnapshots */}} - {{- range $volSnap := $objectData.volumeSnapshots -}} - - {{/* Create a copy of the volumesnapshot */}} - {{- $volSnapData := (mustDeepCopy $volSnap) -}} - {{/* PVC FullName - Snapshot Name*/}} - {{- $snapshotName := printf "%s-%s" $objectData.name $volSnap.name -}} - - {{/* Perform validations */}} {{/* volumesnapshots have a max name length of 253 */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $snapshotName "length" 253) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $volSnapData "caller" "PVC - Volume Snapshot") -}} - - {{/* Set the name of the volumesnapshot */}} - {{- $_ := set $volSnapData "name" $snapshotName -}} - {{- $_ := set $volSnapData "shortName" $volSnap.name -}} - {{- $_ := set $volSnapData "source" (dict "persistentVolumeClaimName" $objectData.name) -}} - - {{- include "tc.v1.common.lib.volumesnapshot.validation" (dict "objectData" $volSnapData) -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.volumesnapshot" (dict "rootCtx" $ "objectData" $volSnapData) -}} - {{- end -}} - {{- end -}} - - {{- if eq $objectData.type "iscsi" -}} - {{- if or $objectData.iscsi.authSession $objectData.iscsi.authDiscovery -}} - {{/* Set the name of the PVC */}} - {{- $_ := set $objectData "name" (include "tc.v1.common.lib.storage.pvc.name" (dict "rootCtx" $ "objectName" $name "objectData" $objectData)) -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{- $secretData := (dict - "name" $objectData.name - "labels" ($objectData.labels | default dict) - "annotations" ($objectData.annotations | default dict) - "type" "kubernetes.io/iscsi-chap" - "data" (include "tc.v1.common.lib.storage.iscsi.chap" (dict "rootCtx" $ "objectData" $objectData) | fromJson) - ) -}} - {{- include "tc.v1.common.class.secret" (dict "rootCtx" $ "objectData" $secretData) -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/_rbac.tpl b/charts/baikal/charts/common/templates/spawner/_rbac.tpl deleted file mode 100644 index 1ead85d..0000000 --- a/charts/baikal/charts/common/templates/spawner/_rbac.tpl +++ /dev/null @@ -1,50 +0,0 @@ -{{/* RBAC Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.rbac" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.rbac" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{/* Primary validation for enabled rbacs. */}} - {{- include "tc.v1.common.lib.rbac.primaryValidation" $ -}} - - {{- range $name, $rbac := .Values.rbac -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $rbac - "name" $name "caller" "RBAC" - "key" "rbac")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the configmap */}} - {{- $objectData := (mustDeepCopy $rbac) -}} - - {{- $objectName := $fullname -}} - {{- if not $objectData.primary -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "RBAC") -}} - - {{/* Set the name of the rbac */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* If clusteWide key does not exist, assume false */}} - {{- if not (hasKey $objectData "clusterWide") -}} - {{- $_ := set $objectData "clusterWide" false -}} - {{- end -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.rbac" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/_route.tpl b/charts/baikal/charts/common/templates/spawner/_route.tpl deleted file mode 100644 index 5ecf210..0000000 --- a/charts/baikal/charts/common/templates/spawner/_route.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{/* Renders the Route objects required by the chart */}} -{{- define "tc.v1.common.spawner.routes" -}} - {{- /* Generate named routes as required */ -}} - {{- range $name, $route := .Values.route }} - {{- if $route.enabled -}} - {{- $routeValues := $route -}} - - {{/* set defaults */}} - {{- if and (not $routeValues.nameOverride) (ne $name (include "tc.v1.common.lib.util.route.primary" $)) -}} - {{- $_ := set $routeValues "nameOverride" $name -}} - {{- end -}} - - {{- $_ := set $ "ObjectValues" (dict "route" $routeValues) -}} - {{- include "tc.v1.common.class.route" $ | nindent 0 -}} - {{- $_ := unset $.ObjectValues "route" -}} - {{- end }} - {{- end }} -{{- end }} diff --git a/charts/baikal/charts/common/templates/spawner/_secret.tpl b/charts/baikal/charts/common/templates/spawner/_secret.tpl deleted file mode 100644 index 08b5168..0000000 --- a/charts/baikal/charts/common/templates/spawner/_secret.tpl +++ /dev/null @@ -1,49 +0,0 @@ -{{/* Secret Spawwner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.secret" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.secret" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $secret := .Values.secret -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $secret - "name" $name "caller" "Secret" - "key" "secret")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the secret */}} - {{- $objectData := (mustDeepCopy $secret) -}} - - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Secret" - "key" "secret")) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} {{/* Secrets have a max name length of 253 */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName "length" 253) -}} - {{- include "tc.v1.common.lib.secret.validation" (dict "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Secret") -}} - - {{/* Set the name of the secret */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.secret" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/_service.tpl b/charts/baikal/charts/common/templates/spawner/_service.tpl deleted file mode 100644 index 8d03e8b..0000000 --- a/charts/baikal/charts/common/templates/spawner/_service.tpl +++ /dev/null @@ -1,73 +0,0 @@ -{{/* Service Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.service" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.service" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{/* Primary validation for enabled service. */}} - {{- include "tc.v1.common.lib.service.primaryValidation" $ -}} - {{/* Initialize with existing URLs or an empty list */}} - {{- $allUrls := $.Values.chartContext.internalUrls | default list -}} - - {{- range $name, $service := .Values.service -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $service - "name" $name "caller" "Service" - "key" "service")) -}} - - {{- if ne $enabled "true" -}}{{- continue -}}{{- end -}} - - {{/* Create a copy of the configmap */}} - {{- $objectData := (mustDeepCopy $service) -}} - {{- $namespace := (include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $ "objectData" $service "caller" "Service")) -}} - - {{/* Init object name */}} - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Service" - "key" "service")) -}} - - {{- if eq $expandName "true" -}} - {{/* Expand the name of the service if expandName resolves to true */}} - {{- $objectName = $fullname -}} - {{- end -}} - - {{- if and (eq $expandName "true") (not $objectData.primary) -}} - {{/* If the service is not primary append its name to fullname */}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Service") -}} - {{- include "tc.v1.common.lib.service.validation" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{/* Set the name of the service */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Now iterate over the ports in the service */}} - {{- range $port := $service.ports -}} - {{- $enabledP := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $port - "name" $name "caller" "service" - "key" "port")) -}} - {{- if ne $enabledP "true" -}}{{- continue -}}{{- end -}} - {{- $internalUrl := (printf "%s.%s.svc.cluster.local:%s" $objectName $namespace $port.port) -}} - {{/* Append URLS */}} - {{- $allUrls = mustAppend $allUrls $internalUrl -}} - {{- end -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.service" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- end -}} - - {{/* Update internalUrls after the loop */}} - {{- $_ := set $.Values.chartContext "internalUrls" $allUrls -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/_serviceAccount.tpl b/charts/baikal/charts/common/templates/spawner/_serviceAccount.tpl deleted file mode 100644 index e1ab3a5..0000000 --- a/charts/baikal/charts/common/templates/spawner/_serviceAccount.tpl +++ /dev/null @@ -1,45 +0,0 @@ -{{/* Service Account Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.serviceAccount" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.serviceAccount" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{/* Primary validation for enabled service accounts. */}} - {{- include "tc.v1.common.lib.serviceAccount.primaryValidation" $ -}} - - {{- range $name, $serviceAccount := .Values.serviceAccount -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $serviceAccount - "name" $name "caller" "Service Account" - "key" "serviceAccount")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the configmap */}} - {{- $objectData := (mustDeepCopy $serviceAccount) -}} - - {{- $objectName := $fullname -}} - {{- if not $objectData.primary -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Service Account") -}} - - {{/* Set the name of the service account */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.serviceAccount" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/_storageClass.tpl b/charts/baikal/charts/common/templates/spawner/_storageClass.tpl deleted file mode 100644 index dbbf511..0000000 --- a/charts/baikal/charts/common/templates/spawner/_storageClass.tpl +++ /dev/null @@ -1,51 +0,0 @@ -{{/* Configmap Spawwner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.storageclass" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.storageclass" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $storageclass := .Values.storageClass -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $storageclass - "name" $name "caller" "Storage Class" - "key" "storageClass")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the storageclass */}} - {{- $objectData := (mustDeepCopy $storageclass) -}} - - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Storage Class" - "key" "storageClass")) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} {{/* Configmaps have a max name length of 253 */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName "length" 253) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "StorageClass") -}} - - {{/* Set the name of the storageclass */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Validate */}} - {{- include "tc.v1.common.lib.storageclass.validation" (dict "rootCtx" $ "objectData" $objectData) -}} - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.storageclass" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/_verticalPodAutoscaler.tpl b/charts/baikal/charts/common/templates/spawner/_verticalPodAutoscaler.tpl deleted file mode 100644 index 4b1ea84..0000000 --- a/charts/baikal/charts/common/templates/spawner/_verticalPodAutoscaler.tpl +++ /dev/null @@ -1,70 +0,0 @@ -{{/* Vertical Pod Autoscaler Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.vpa" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.vpa" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - {{- range $name, $vpa := .Values.vpa -}} - {{- $enabledVPA := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $vpa - "name" $name "caller" "Vertical Pod Autoscaler" - "key" "vpa")) -}} - - {{- if ne $enabledVPA "true" -}}{{- continue -}}{{- end -}} - - {{- $objectData := (mustDeepCopy $vpa) -}} - {{- $_ := set $objectData "vpaName" $name -}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $name) -}} - - {{- range $workloadName, $workload := $.Values.workload -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $workload - "name" $name "caller" "Vertical Pod Autoscaler" - "key" "workload")) -}} - - {{- if ne $enabled "true" -}}{{- continue -}}{{- end -}} - - {{- $containerNames := list -}} - {{- range $cName, $c := $workload.podSpec.containers -}} - {{- $enabledContainer := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $c - "name" $cName "caller" "Vertical Pod Autoscaler" - "key" "workload.podSpec.containers")) -}} - {{- if ne $enabledContainer "true" -}}{{- continue -}}{{- end -}} - {{- $containerNames = mustAppend $containerNames $cName -}} - {{- end -}} - {{- $_ := set $objectData "containerNames" $containerNames -}} - {{- include "tc.v1.common.lib.vpa.validation" (dict "objectData" $objectData "rootCtx" $) -}} - - {{/* Create a copy of the workload */}} - {{- $_ := set $objectData "workload" (mustDeepCopy $workload) -}} - - {{/* Generate the name of the vpa */}} - {{- $objectName := $fullname -}} - {{- if not $objectData.workload.primary -}} - {{- $objectName = printf "%s-%s" $fullname $workloadName -}} - {{- end -}} - - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Vertical Pod Autoscaler") -}} - - {{/* Set the name of the workload */}} - {{- $_ := set $objectData "name" $objectName -}} - - {{/* Short name is the one that defined on the chart, used on selectors */}} - {{- $_ := set $objectData "shortName" $workloadName -}} - - {{- if or (not $objectData.targetSelector) (mustHas $workloadName $objectData.targetSelector) -}} - {{/* Call class to create the object */}} - {{- $types := (list "Deployment" "StatefulSet" "DaemonSet") -}} - {{- if (mustHas $objectData.workload.type $types) -}} - {{- include "tc.v1.common.class.vpa" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- end -}} - {{- end -}} - - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/_volumeSnapshot.tpl b/charts/baikal/charts/common/templates/spawner/_volumeSnapshot.tpl deleted file mode 100644 index d8309df..0000000 --- a/charts/baikal/charts/common/templates/spawner/_volumeSnapshot.tpl +++ /dev/null @@ -1,50 +0,0 @@ -{{/* volumesnapshot Spawwner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.volumesnapshot" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.volumesnapshot" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $volumesnapshot := .Values.volumeSnapshots -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $volumesnapshot - "name" $name "caller" "Volume Snapshot" - "key" "volumeSnapshots")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the volumesnapshot */}} - {{- $objectData := (mustDeepCopy $volumesnapshot) -}} - - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Volume Snapshot" - "key" "volumeSnapshots")) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} {{/* volumesnapshots have a max name length of 253 */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName "length" 253) -}} - {{- include "tc.v1.common.lib.volumesnapshot.validation" (dict "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "VolumeSnapshot") -}} - - {{/* Set the name of the volumesnapshot */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.volumesnapshot" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/_volumeSnapshotClass.tpl b/charts/baikal/charts/common/templates/spawner/_volumeSnapshotClass.tpl deleted file mode 100644 index 693651b..0000000 --- a/charts/baikal/charts/common/templates/spawner/_volumeSnapshotClass.tpl +++ /dev/null @@ -1,50 +0,0 @@ -{{/* volumesnapshotclass Spawwner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.volumesnapshotclass" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.volumesnapshotclass" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $volumesnapshotclass := .Values.volumeSnapshotClass -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $volumesnapshotclass - "name" $name "caller" "Volume Snapshot Class" - "key" "volumeSnapshotClass")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the volumesnapshotclass */}} - {{- $objectData := (mustDeepCopy $volumesnapshotclass) -}} - - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Volume Snapshot Class" - "key" "volumeSnapshotClass")) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} {{/* volumesnapshotclasss have a max name length of 253 */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName "length" 253) -}} - {{- include "tc.v1.common.lib.volumesnapshotclass.validation" (dict "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Volume Snapshot Class") -}} - - {{/* Set the name of the volumesnapshotclass */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.volumesnapshotclass" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/_webhook.tpl b/charts/baikal/charts/common/templates/spawner/_webhook.tpl deleted file mode 100644 index 1f7d318..0000000 --- a/charts/baikal/charts/common/templates/spawner/_webhook.tpl +++ /dev/null @@ -1,56 +0,0 @@ -{{/* MutatingWebhookConfiguration Spawwner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.webhook" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.webhook" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $mutatingWebhookConfiguration := .Values.webhook -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $mutatingWebhookConfiguration - "name" $name "caller" "Webhook" - "key" "webhook")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the mutatingWebhookConfiguration */}} - {{- $objectData := (mustDeepCopy $mutatingWebhookConfiguration) -}} - - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Webhook" - "key" "webhook")) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Webhook") -}} - - {{/* Set the name of the MutatingWebhookConfiguration */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{- include "tc.v1.common.lib.webhook.validation" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- $type := tpl $objectData.type $ -}} - {{/* Call class to create the object */}} - {{- if eq $type "validating" -}} - {{- include "tc.v1.common.class.validatingWebhookconfiguration" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- else if eq $type "mutating" -}} - {{- include "tc.v1.common.class.mutatingWebhookConfiguration" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- end -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/_workload.tpl b/charts/baikal/charts/common/templates/spawner/_workload.tpl deleted file mode 100644 index 1f5b17f..0000000 --- a/charts/baikal/charts/common/templates/spawner/_workload.tpl +++ /dev/null @@ -1,64 +0,0 @@ -{{/* Workload Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.workload" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.workload" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{/* Primary validation for enabled workload. */}} - {{- include "tc.v1.common.lib.workload.primaryValidation" $ -}} - - {{- range $name, $workload := .Values.workload -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $workload - "name" $name "caller" "Workload" - "key" "workload")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the workload */}} - {{- $objectData := (mustDeepCopy $workload) -}} - - {{/* Generate the name of the workload */}} - {{- $objectName := $fullname -}} - {{- if not $objectData.primary -}} - {{- $objectName = printf "%s-%s" $fullname $name -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Workload") -}} - - {{/* Set the name of the workload */}} - {{- $_ := set $objectData "name" $objectName -}} - - {{/* Short name is the one that defined on the chart, used on selectors */}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Set the podSpec so it doesn't fail on nil pointer */}} - {{- if not (hasKey $objectData "podSpec") -}} - {{- fail "Workload - Expected [podSpec] key to exist" -}} - {{- end -}} - - {{/* Call class to create the object */}} - {{- if eq $objectData.type "Deployment" -}} - {{- include "tc.v1.common.class.deployment" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- else if eq $objectData.type "StatefulSet" -}} - {{- include "tc.v1.common.class.statefulset" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- else if eq $objectData.type "DaemonSet" -}} - {{- include "tc.v1.common.class.daemonset" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- else if eq $objectData.type "Job" -}} - {{- include "tc.v1.common.class.job" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- else if eq $objectData.type "CronJob" -}} - {{- include "tc.v1.common.class.cronjob" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- end -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/cert-manager/_certificate.tpl b/charts/baikal/charts/common/templates/spawner/cert-manager/_certificate.tpl deleted file mode 100644 index 98d8e2c..0000000 --- a/charts/baikal/charts/common/templates/spawner/cert-manager/_certificate.tpl +++ /dev/null @@ -1,50 +0,0 @@ -{{/* Certificate Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.priorityclass" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.certificate" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $cert := .Values.certificate -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $cert - "name" $name "caller" "Cert Manager Certificate" - "key" "certificate")) -}} - {{- if eq $enabled "true" -}} - {{- $objectData := (mustDeepCopy $cert) -}} - - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Cert Manager Certificate" - "key" "certificate")) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{/* If a certificateSecretTemplate is defined, adjust name */}} - {{- if $objectData.certificateSecretTemplate }} - {{- $objectName = printf "certificate-issuer-%s" $name -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName "length" 253) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Cert Manager Certificate") -}} - {{- include "tc.v1.common.lib.certificate.validation" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{/* Set the name of the secret */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.certificate" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/spawner/traefik/_middleware.tpl b/charts/baikal/charts/common/templates/spawner/traefik/_middleware.tpl deleted file mode 100644 index e45a926..0000000 --- a/charts/baikal/charts/common/templates/spawner/traefik/_middleware.tpl +++ /dev/null @@ -1,121 +0,0 @@ -{{/* Traefik Middleware Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.configmap" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.traefik.middleware" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - {{- if not .Values.ingressMiddlewares -}} - {{- $_ := set $.Values "ingressMiddlewares" dict -}} - {{- end -}} - {{- if not .Values.ingressMiddlewares.traefik -}} - {{- $_ := set $.Values.ingressMiddlewares "traefik" dict -}} - {{- end -}} - - {{- $filteredMiddlewares := dict -}} - {{- $hasIngressEnabled := false -}} - {{/* Go over all ingresses and get their defined middlewares */}} - {{- range $ingName, $ing := $.Values.ingress -}} - {{- $enabledIng := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $ing - "name" $ingName "caller" "Ingress" - "key" "ingress")) -}} - - {{/* Skip disabled ingresses or ingresses without traefik integration */}} - {{- if ne $enabledIng "true" -}}{{- continue -}}{{- end -}} - {{- if not $ing.integrations -}} - {{- $_ := set $ing "integrations" dict -}} - {{- end -}} - {{- if not $ing.integrations.traefik -}} - {{- $_ := set $ing.integrations "traefik" dict -}} - {{- end -}} - {{- $traefik := $ing.integrations.traefik -}} - {{- $enabledTraefikIntegration := "false" -}} - {{- if and (hasKey $traefik "enabled") (kindIs "bool" $traefik.enabled) -}} - {{- $enabledTraefikIntegration = $traefik.enabled | toString -}} - {{- end -}} - {{- if ne $enabledTraefikIntegration "true" }}{{- continue -}}{{- end -}} - - {{- $hasIngressEnabled = true -}} - - {{/* User middlewares */}} - {{- if and $traefik.middlewares (not (kindIs "slice" $traefik.middlewares)) -}}{{- continue -}}{{- end -}} - {{- range $mw := $traefik.middlewares -}} - {{- if $mw.namespace -}}{{- continue -}}{{- end -}} - {{- $_ := set $filteredMiddlewares $mw.name "user-mw" -}} - {{- end -}} - - {{/* Chart middlewares */}} - {{- if and $traefik.chartMiddlewares (not (kindIs "slice" $traefik.chartMiddlewares)) -}}{{- continue -}}{{- end -}} - {{- range $mw := $traefik.chartMiddlewares -}} - {{- if $mw.namespace -}}{{- continue -}}{{- end -}} - {{- $_ := set $filteredMiddlewares $mw.name "chart-mw" -}} - {{- end -}} - - {{- end -}} - - {{- if $hasIngressEnabled -}} - {{/* Global Middlewares */}} - {{- range $mw := $.Values.global.traefik.commonMiddlewares -}} - {{- if $mw.namespace -}}{{- continue -}}{{- end -}} - {{- $_ := set $filteredMiddlewares $mw.name "global-mw" -}} - {{- end -}} - {{- end -}} - - {{- range $name, $middleware := $.Values.ingressMiddlewares.traefik -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $middleware - "name" $name "caller" "Middleware" - "key" "middlewares")) - -}} - - {{- if ne $enabled "true" -}} - {{- $indexedMid := get $filteredMiddlewares $name -}} - {{- if not $indexedMid -}}{{- continue -}}{{- end -}} - - {{/* - If current middleware manifest is in the middlewares listed under one of the above sections - Forcefully enable it/render it. - */}} - {{- $enabled = "true" -}} - - {{- if eq $indexedMid "user-mw" -}} - {{- include "add.warning" (dict "rootCtx" $ "warn" (printf - "WARNING: Because middleware [%s] was used in an ingress under traefik integration, it was forcefully enabled." - )) -}} - {{- end -}} - {{- end -}} - - {{- if eq $enabled "true" -}} - {{/* Create a copy of the middleware */}} - {{- $objectData := (mustDeepCopy $middleware) -}} - - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Middleware" - "key" "middlewares")) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{/* Perform validations */}} {{/* Middleware have a max name length of 253 */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName "length" 253) -}} - {{- include "tc.v1.common.lib.traefik.middleware.validation" (dict "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Middleware") -}} - - {{/* Set the name of the middleware */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.traefik.middleware" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/templates/values/_init.tpl b/charts/baikal/charts/common/templates/values/_init.tpl deleted file mode 100644 index f36747d..0000000 --- a/charts/baikal/charts/common/templates/values/_init.tpl +++ /dev/null @@ -1,31 +0,0 @@ -{{/* Merge chart values and the common chart defaults */}} -{{/* The ".common" is the name of the library */}} -{{/* Call this template: -{{ include "tc.v1.common.values.init" $ }} -*/}} - -{{- define "tc.v1.common.values.init" -}} - {{- if .Values.common -}} - {{- $commonValues := mustDeepCopy .Values.common -}} - {{- $chartValues := mustDeepCopy (omit .Values "common") -}} - {{- $mergedValues := mustMergeOverwrite $commonValues $chartValues -}} - {{- range $name, $dependencyValues := .Values.dependencies -}} - {{ $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $dependencyValues - "name" $name "caller" "dependency" - "key" "dependencies")) }} - {{- if eq $enabled "true" -}} - {{- $dependencyValues := omit $dependencyValues "global " -}} - {{- $dependencyValues := omit $dependencyValues "securityContext " -}} - {{- $dependencyValues := omit $dependencyValues "podOptions " -}} - {{- $mergedValues = mustMergeOverwrite $mergedValues $dependencyValues -}} - {{- end -}} - {{- range $mergedValues.addons -}} - {{- if .enabled -}} - {{- $mergedValues = mustMergeOverwrite $mergedValues . -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- $_ := set . "Values" (mustDeepCopy $mergedValues) -}} - {{- end -}} -{{- end -}} diff --git a/charts/baikal/charts/common/templates/values/_validate.tpl b/charts/baikal/charts/common/templates/values/_validate.tpl deleted file mode 100644 index 3d4f7a1..0000000 --- a/charts/baikal/charts/common/templates/values/_validate.tpl +++ /dev/null @@ -1,32 +0,0 @@ -{{/* Validates any object that it does not contain helm errors */}} -{{/* This usually can happen after merging values from an include that did not render correcly */}} -{{/* Any object will be passed to "toYaml" */}} -{{/* Call this template: -{{ include "tc.v1.common.values.validate" . }} -*/}} -{{- define "tc.v1.common.values.validate" -}} - {{- $allValues := (toYaml .) -}} - - {{- if contains "error converting YAML to JSON" $allValues -}} - {{/* Print values to show values with the error included. */}} - {{/* Ideally we would want to extract the error only, but because it usually contains ":", - It gets parsed as dict and it cant regex matched it afterwards */}} - - {{- fail (printf "%s \n %s \n\n %s \n %v \n %s \n\n %s" - "Chart - Values contain an error that may be a result of merging. Make sure you don't have any invalid YAML characters starting a value." - "Renderd Values containing the error:" - "=============================================================================================" - $allValues - "=============================================================================================" - "See error above values." - ) -}} - {{- end -}} - - {{/* Catch update related issues */}} - {{- if .addons -}} - {{- if .addons.vpn -}} - {{- fail (printf "Your current Common-Chart version does not support [.Values.addons.vpn] please use [.Values.addons.tailscale] or [.Values.addons.gluetun] instead") }} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/baikal/charts/common/values.yaml b/charts/baikal/charts/common/values.yaml deleted file mode 100644 index 4c8b781..0000000 --- a/charts/baikal/charts/common/values.yaml +++ /dev/null @@ -1,1365 +0,0 @@ -# -- Global values -global: - # -- Set additional global labels - labels: {} - # -- Set additional global annotations - annotations: {} - # -- Set a global namespace - # TODO: Currently some objects do not support this - namespace: "" - diagnosticMode: - enabled: false - fallbackDefaults: - # -- Define a storageClassName that will be used for all PVCs - # Can be overruled per PVC - storageClass: - # -- Default probe type - probeType: http - # -- Default Service Protocol - serviceProtocol: tcp - # -- Default Service Type - serviceType: ClusterIP - # -- Default persistence type - persistenceType: pvc - # -- Default Retain PVC - pvcRetain: false - # -- Default PVC Size - pvcSize: 100Gi - # -- Default VCT Size - vctSize: 100Gi - # -- Default PVC Access Modes - accessModes: - - ReadWriteOnce - # -- Default VCT Access Modes - vctAccessModes: - - ReadWriteOnce - # -- Default probe timeouts - probeTimeouts: - liveness: - initialDelaySeconds: 12 - periodSeconds: 15 - timeoutSeconds: 5 - failureThreshold: 5 - successThreshold: 1 - readiness: - initialDelaySeconds: 10 - periodSeconds: 12 - timeoutSeconds: 5 - failureThreshold: 4 - successThreshold: 2 - startup: - initialDelaySeconds: 10 - periodSeconds: 5 - timeoutSeconds: 3 - failureThreshold: 60 - successThreshold: 1 - # -- Define a postgresql version for CNPG - # will be used for all CNPG objects - # Can be overruled per CNPG objects - - # -- Define a topologyKey for default topologySpreadConstraints - # Will be used when defaultSpread: true - topologyKey: kubernetes.io/hostname - cnpg: - pgVersion: 16 - skipEmptyWalArchiveCheck: true - traefik: - commonMiddlewares: - - name: tc-basic-secure-headers - # -- Minimum nodePort value - minNodePort: 9000 - # -- Enable to stop most pods and containers including cnpg - # does not include stand-alone pods - stopAll: false - -# -- Explicitly set a namespace for this chart only -namespace: "" - -image: - repository: ghcr.io/traefik/whoami - pullPolicy: IfNotPresent - tag: v1.11.0@sha256:200689790a0a0ea48ca45992e0450bc26ccab5307375b41c84dfc4f2475937ab - -chartContext: - appUrl: "" - podCIDR: "" - svcCIDR: "" - -# -- Security Context -securityContext: - # -- Container security context for all containers - # Can be overruled per container - container: - runAsUser: 568 - runAsGroup: 568 - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - privileged: false - seccompProfile: - type: RuntimeDefault - capabilities: - add: [] - drop: - - ALL - # When set to false, it will automatically - # add CHOWN, SETUID, SETGID, FOWNER, DAC_OVERRIDE - # capabilities ONLY when container runs as ROOT - disableS6Caps: false - # -- PUID for all containers - # Can be overruled per container - PUID: 568 - # -- UMASK for all containers - # Can be overruled per container - UMASK: "0022" - # -- Pod security context for all pods - # Can be overruled per pod - pod: - fsGroup: 568 - fsGroupChangePolicy: OnRootMismatch - supplementalGroups: [] - sysctls: [] - -# -- Resources -# Can be overruled per container -resources: - limits: - cpu: 1000m - memory: 1500Mi - requests: - cpu: 100m - memory: 250Mi - -containerOptions: - NVIDIA_CAPS: - - all - -# -- Options for all pods -# Can be overruled per pod -podOptions: - enableServiceLinks: false - hostNetwork: false - hostPID: false - hostIPC: false - # If this key exists, takes precedence over the automated calculation - # hostUsers: false - shareProcessNamespace: false - affinity: {} - dnsPolicy: ClusterFirst - dnsConfig: - options: - - name: ndots - value: "1" - hostAliases: [] - nodeSelector: - kubernetes.io/arch: "amd64" - # -- Used to enforce a good spread for Deployments and StatefulSets by default - defaultSpread: true - defaultAffinity: true - topologySpreadConstraints: [] - tolerations: [] - schedulerName: "" - priorityClassName: "" - runtimeClassName: "" - automountServiceAccountToken: false - terminationGracePeriodSeconds: 60 - -# -- (docs/workload/README.md) -workload: - main: - enabled: true - primary: true - type: Deployment - dbWait: true - podSpec: - containers: - main: - enabled: true - primary: true - imageSelector: image - probes: - liveness: - enabled: true - type: "{{ .Values.service.main.ports.main.protocol }}" - port: "{{ $.Values.service.main.ports.main.targetPort | default .Values.service.main.ports.main.port }}" - readiness: - enabled: true - type: "{{ .Values.service.main.ports.main.protocol }}" - port: "{{ $.Values.service.main.ports.main.targetPort | default .Values.service.main.ports.main.port }}" - startup: - enabled: true - type: "{{ .Values.service.main.ports.main.protocol }}" - port: "{{ $.Values.service.main.ports.main.targetPort | default .Values.service.main.ports.main.port }}" - -# -- Timezone used everywhere applicable -TZ: UTC - -# -- Diagnostic Mode -diagnosticMode: - enabled: false - -# -- Vertical pod autoscaler -vpa: - main: - enabled: false - targetSelector: [] - # updatePolicy: - # updateMode: auto - resourcePolicy: - containerPolicies: - - containerName: "*" - minAllowed: - cpu: 50m - memory: 50Mi - maxAllowed: - cpu: 8000m - memory: 20Gi - controlledResources: ["cpu", "memory"] - -# -- Horizontal pod autoscaler -hpa: - main: - enabled: false - targetSelector: [] - # minReplicas: 1 - # maxReplicas: 3 - - # metrics: # Optional, list of metric specs - # - type: Resource # Can be Resource, Pods, Object, External, or ContainerResource - # resource: - # name: cpu - # target: - # type: Utilization # Or Value / AverageValue - # averageUtilization: 50 - - # - type: Resource - # resource: - # name: memory - # target: - # type: AverageValue - # averageValue: 500Mi - - # behavior: # Optional: controls scaling behavior - # scaleUp: - # stabilizationWindowSeconds: 0 - # policies: - # - type: Percent - # value: 100 - # periodSeconds: 15 - # scaleDown: - # stabilizationWindowSeconds: 300 - # policies: - # - type: Pods - # value: 4 - # periodSeconds: 60 - -# -- (docs/service/README.md) -service: - main: - ## Integration stuff - # integration: - # metallb: - # enabled: false - ## Optional to set shared key manually, otherwise set to namespace - # sharedKey: "" - # - # cilium: - # enabled: false - ## Optional to set shared key manually, otherwise ignored (namespace sharing) - # sharedKey: "" - # - # traefik: - # enabled: false - enabled: true - primary: true - ports: - main: - enabled: true - primary: true - protocol: http - -credentials: - {} - # mys3: - # type: s3 - # url: "" - # path: "" - # bucket: "" - # accessKey: "" - # secretKey: "" - # ## Is used in cases where things are encrypted by a backup utility - # encrKey: "" - -ingressMiddlewares: - traefik: - tc-basic-secure-headers: - enabled: false - type: headers - data: - accessControlAllowMethods: - - GET - - OPTIONS - - HEAD - - PUT - accessControlMaxAge: 100 - stsSeconds: 63072000 - forceSTSHeader: true - contentTypeNosniff: true - browserXssFilter: true - referrerPolicy: same-origin - customRequestHeaders: - X-Forwarded-Proto: "https" -# basic-auth: -# enabled: true -# type: basicAuth -# data: -# # middleware specific data ie -# users: -# - username: user1 -# password: password1 -# some-other-middleware: -# enabled: true -# type: someOtherMiddleware -# data: -# # middleware specific data ie -# someOtherMiddlewareData: someOtherMiddlewareData - -# -- (docs/persistence/README.md) -persistence: - shared: - enabled: true - type: emptyDir - mountPath: /shared - targetSelectAll: true - varlogs: - enabled: true - type: emptyDir - mountPath: /var/logs - medium: Memory - targetSelectAll: true - varrun: - enabled: true - type: emptyDir - mountPath: /var/run - medium: Memory - targetSelectAll: true - tmp: - enabled: true - type: emptyDir - mountPath: /tmp - medium: Memory - targetSelectAll: true - devshm: - enabled: true - type: emptyDir - mountPath: /dev/shm - medium: Memory - targetSelectAll: true -# backupexample: -# ## the default backup path, is the credential path suffixed by the releasename, volsync and both the pvc and volsync names -# enabled: true -# type: pvc -# mountPath: /backedup -# targetSelectAll: true -# volsync: -# - name: mybackup -# ## TODO: other options -# type: restic -# credentials: mys3 -# dest: -# enabled: true -# src: -# enabled: true -# iscsi: -# enabled: true -# type: iscsi -# mountPath: /dev/shm -# iscsi: -# targetPortal: 10.0.2.15:3260 -# portals: ['10.0.2.16:3260', '10.0.2.17:3260'] #optional -# iqn: iqn.2001-04.com.example:storage.kube.sys1.xyz -# lun: 0 -# fsType: ext4 #Optional -# iscsiInterface: default #Optional -# initiatorName: iqn.1994-05.com.redhat:node1 #Optional -# authSession: -# username: "someusername" -# password: "somepassword" -# usernameInitiator: "someusernameInitiator" -# passwordInitiator: "somepasswordInitiator" -# authDiscovery: -# username: "someusername" -# password: "somepassword" -# usernameInitiator: "someusernameInitiator" -# passwordInitiator: "somepasswordInitiator" -# vct: -# enabled: true -# type: vct -# mountPath: /shared -# dynamic-pvc: -# enabled: true -# type: pvc -# mountPath: /shared -# targetSelectAll: true -# dynamic-pvc-dataSource: -# enabled: true -# type: pvc -# mountPath: /shared -# targetSelectAll: true -# dataSource: -# kind: "PersistentVolumeClaim" -# name: "existingPVC" -# existing-claim: -# enabled: true -# type: pvc -# existingClaim: "someclaim" -# mountPath: /shared -# targetSelectAll: true -# existingpv-pvc: -# enabled: true -# type: pvc -# mountPath: /shared -# targetSelectAll: true -# volumeName: "somePV" -# static-nfs-pvc: -# enabled: true -# type: pvc -# mountPath: /shared -# targetSelectAll: true -# static: -# mode: nfs -# server: "/someserver" -# share: "someshare" -# static-smb-pvc: -# enabled: true -# type: pvc -# mountPath: /shared -# targetSelectAll: true -# static: -# mode: smb -# server: "/someserver" -# share: "someshare" -# domain: "somedomain" -# user: "someuser" -# password: "somepass" -# static-custom-pvc: -# enabled: true -# type: pvc -# mountPath: /shared -# targetSelectAll: true -# static: -# mode: custom -# provisioner: "some.provisioner" -# driver: "somedriver" -# # Custom CSI definition here -# csi: {} -# example-volumesnapshot: -# enabled: true -# type: pvc -# mountPath: /shared -# targetSelectAll: true -# volumeSnapshots: -# - name: "mysnapshot" -# volumeSnapshotClassName: "mysnapshotclass" (optional) - -volumeSnapshotClass: {} -volumeSnapshots: {} -# volumeSnapshots: -# mysnapshot: -# volumeSnapshotClassName: "mycustomsnapshot" (optional) -# source: -# # pick one -# persistentVolumeClaimName: "mypvcname" (does not get altered) -# volumeSnapshotContentName: "mysnapshotname" - -# -- (docs/imagePullSecrets.md) -imagePullSecret: {} - -# -- (docs/configmap.md) -configmap: {} - -# -- (docs/secret.md) -secret: {} - -# -- (docs/serviceAccount.md) -serviceAccount: {} - -# -- (docs/rbac.md) -rbac: {} - -# NOTES.txt -notes: - header: | - # Thank you for installing {{ .Chart.Name }} by TrueCharts. - # custom: "{{ toYaml $.Values }}" - custom: | - {{- if .Values.chartContext.appUrl }} - ## Connecting externally - You can use this Chart by opening the following links in your browser: - - {{ toYaml .Values.chartContext.appUrl }} - {{- end }} - - {{ if .Chart.Dependencies }} - ## Dependencies for {{ .Chart.Name }} - - {{- range .Chart.Dependencies }} - - Chart: {{ .Repository }}/{{ .Name }} - Version: {{ .Version }} - {{- end }} - {{- end }} - - - {{- if .Values.chartContext.internalUrls }} - ## Connecting Internally - - You can reach this chart inside your cluster, using the following service URLS: - {{- range $url := .Values.chartContext.internalUrls -}} - - {{ $url }} - {{- end }} - {{- end }} - - ## Sources for {{ .Chart.Name }} - - {{- range .Chart.Sources }} - - {{ . }} - {{- end -}} - - {{- $link := .Chart.Annotations.docs -}} - {{- if not $link -}} - {{- $link = .Chart.Home -}} - {{- end }} - - See more for **{{ $.Chart.Name }}** at ({{ $link }}) - footer: | - ## Documentation - Please check out the TrueCharts documentation on: - https://truecharts.org - - OpenSource can only exist with your help, please consider supporting TrueCharts: - https://truecharts.org/sponsor - warnings: [] - -#### -## -## TrueCharts Specific Root Objects -## -#### - -gluetunImage: - repository: tccr.io/tccr/gluetun - tag: v3.40.0@sha256:a8189e29155e0f8142be1500ae068a92b189b1b25abbba036321e74d6389bf2b - pullPolicy: IfNotPresent - -netshootImage: - repository: tccr.io/tccr/netshoot - tag: v0.14.0@sha256:28ede4317d22391e7d89a15eb78dc2afc3587ece02c76c983dde7239a0e43679 - pullPolicy: IfNotPresent - -tailscaleImage: - repository: tccr.io/tccr/tailscale - tag: v1.86.2@sha256:7694928c789a246fe2fb58e10dd604f66b18b4ef961409095b689f7762523ed1 - pullPolicy: IfNotPresent - -codeserverImage: - repository: tccr.io/tccr/code-server - tag: v4.103.1@sha256:b754400a938e74eaaf07fa6fb9b64a24a4e6c5d88c94f914748b202f1fb57ce6 - pullPolicy: IfNotPresent - -alpineImage: - repository: tccr.io/tccr/alpine - tag: v3.22.1 - pullPolicy: IfNotPresent - -scratchImage: - repository: tccr.io/tccr/scratch - tag: latest@sha256:4aef9dbf99ea2a8857ed4ce9d9bf79d330b79044884c7374e392445d122ec746 - pullPolicy: IfNotPresent - -kubectlImage: - repository: tccr.io/tccr/kubectl - tag: latest@sha256:b16dca4e8ec1c9128a8b7712ebd3713f69d3dd24d622799a482e7ce3929a702b - pullPolicy: IfNotPresent - -wgetImage: - repository: tccr.io/tccr/wget - tag: v1.0.0@sha256:961566b0149f766abfaa82326aad9c3089e3311eca5d4910ff2d4faf70ddbb10 - pullPolicy: IfNotPresent - -yqImage: - pullPolicy: IfNotPresent - repository: docker.io/mikefarah/yq - tag: 4.47.1@sha256:b9285dd3b0bea3c34d0c54415dd48d767dabd9644d489bd6e253660847b58419 - -postgresClientImage: - repository: tccr.io/tccr/db-wait-postgres - tag: v1.1.0@sha256:182687540102534aeb28fce4d124274e81a849a43556214977c378ae2a580b35 - pullPolicy: IfNotPresent - -mariadbClientImage: - repository: tccr.io/tccr/db-wait-mariadb - tag: v1.1.0@sha256:bd60b6087bacaf5e697243f764065ea5d04da1af703b2009be3752c1aede6d32 - pullPolicy: IfNotPresent - -redisClientImage: - repository: tccr.io/tccr/db-wait-redis - tag: v1.1.0@sha256:14c792c5d2faf5b5c7f8325e387700d70571bf930d321de81483aa704c198e40 - pullPolicy: IfNotPresent - -mongodbClientImage: - repository: tccr.io/tccr/db-wait-mongodb - tag: v1.2.0@sha256:fe22e616bd3facd3d2e959cfaae9795a8503c8fb6bb90487a14dfd14cbd3ffe3 - pullPolicy: IfNotPresent - -postgres15Image: - repository: ghcr.io/cloudnative-pg/postgresql - tag: "15.13" - pullPolicy: IfNotPresent - -postgres16Image: - repository: ghcr.io/cloudnative-pg/postgresql - tag: "16.9" - pullPolicy: IfNotPresent - -postgresPostgis15Image: - repository: ghcr.io/cloudnative-pg/postgis - tag: "15-3.4" - pullPolicy: IfNotPresent - -postgresPostgis16Image: - repository: ghcr.io/cloudnative-pg/postgis - tag: "16-3.4" - pullPolicy: IfNotPresent - -postgresVectors15Image: - repository: ghcr.io/tensorchord/cloudnative-pgvecto.rs - tag: "15.7-v0.2.1" - pullPolicy: IfNotPresent - -postgresVectors16Image: - repository: ghcr.io/tensorchord/cloudnative-pgvecto.rs - tag: "16.3-v0.2.1" - pullPolicy: IfNotPresent - -# -- OpenVPN specific configuration -# @default -- See below -openvpnImage: - # -- Specify the openvpn client image - repository: tccr.io/tccr/openvpn-client - # -- Specify the openvpn client image tag - tag: latest@sha256:9bfdf50791d6e51056e31c03f73c9db329b2b72e7746155cfdc63e0c8b49b55a - # -- Specify the openvpn client image pull policy - pullPolicy: IfNotPresent - -# -- WireGuard specific configuration -# @default -- See below -wireguardImage: - # -- Specify the WireGuard image - repository: tccr.io/tccr/wireguard - # -- Specify the WireGuard image tag - tag: v1.0.20210914@sha256:683b8b74d64ebd07f9955147539834c2a4b60fee51d2a36fa76b9aba689601bf - # -- Specify the WireGuard image pull policy - pullPolicy: IfNotPresent - -# -- Configure the ingresses for the chart here. -# Additional ingresses can be added by adding a dictionary key similar to the 'main' ingress. -# @default -- See below -ingress: - main: - # -- Enables or disables the ingress - enabled: false - # -- Make this the primary ingress (used in probes, notes, etc...). - # If there is more than 1 ingress, make sure that only 1 ingress is marked as primary. - primary: true - # -- Ensure this ingress is always enabled. - required: false - # expandObjectName: false - # -- Provide additional labels which may be required. - labels: {} - # -- Provide additional annotations which may be required. - annotations: {} - # -- Set the ingressClass that is used for this ingress. - # Requires Kubernetes >=1.19 - ingressClassName: "" - # Defaults to primary service and primary port - # targetSelector: - # # service: port - # main: main - ## Configure the hosts for the ingress - hosts: [] - # - # -- Host address. Helm template can be passed. - # host: chart-example.local - # ## Configure the paths for the host - # paths: - # - # -- Path. Helm template can be passed. - # path: / - # # -- Ignored if not kubeVersion >= 1.14-0 - # pathType: Prefix - # # -- Overrides the service reference for this path, by default the selector is honored - # overrideService: - # # -- Overrides the service name reference for this path - # name: - # # -- Overrides the service port reference for this path - # port: - # -- Configure TLS for the ingress. Both secretName and hosts can process a Helm template. - # Gets ignored when clusterIssuer is filled - tls: [] - # - secretName: chart-example-tls - # certificateIssuer: "" - # hosts: - # - chart-example.local - integrations: - certManager: - enabled: false - certificateIssuer: "" - traefik: - enabled: false - # Default to websecure - entrypoints: - - websecure - # Ensures tls annotation is set - forceTLS: true - middlewares: [] - # - name: my-middleware - # # Optional, by default will try to - # # "lookup" the namespace based on the name - # namespace: "" - nginx: - enabled: false - themepark: - enabled: false - css: "" - ipWhitelist: [] - auth: - # empty to disable, options: "authentik" or "authelia" - type: "" - # Internal Domain name + port to reach the auth provider, excluding http(s) - internalHost: "" - # External (ingress) Domain name to reach the auth provider, excluding http(s) - externalHost: "" - # Optional: override default response headers - responseHeaders: [] - homepage: - enabled: false - # Default: chart name - name: "" - # Default: chart description - description: "" - # Default: no group - group: "" - # Default: chart icon - icon: "" - widget: - # Default: chartname - type: "" - # Default to ingress host 0 - url: "" - custom: - # somesetting: some value - customkv: - # - key: some key - # value: some value - -certificate: {} -# main: -# enabled: false -# certificateIssuer: someissuer -# hosts: -# - somehost -# # Optional -# certificateSecretTemplate: -# labels: {} -# annotations: {} - -# -- BETA: Configure the gateway routes for the chart here. -# Additional routes can be added by adding a dictionary key similar to the 'main' route. -# Please be aware that this is an early beta of this feature, TrueCharts does not guarantee this actually works. -# Being BETA this can/will change in the future without notice, please do not use unless you want to take that risk -# [[ref]](https://gateway-api.sigs.k8s.io/references/spec/#gateway.networking.k8s.io%2fv1alpha2) -# @default -- See below -route: - main: - # -- Enables or disables the route - enabled: false - # -- Set the route kind - # Valid options are GRPCRoute, HTTPRoute, TCPRoute, TLSRoute, UDPRoute - kind: HTTPRoute - # -- Provide additional annotations which may be required. - annotations: {} - # -- Provide additional labels which may be required. - labels: {} - # -- Configure the resource the route attaches to. - parentRefs: - - group: gateway.networking.k8s.io - kind: Gateway - name: - namespace: - sectionName: - # -- Host addresses - hostnames: [] - # -- Configure rules for routing. Defaults to the primary service. - rules: - - backendRefs: - - group: "" - kind: Service - name: - namespace: - port: - weight: 1 - ## Configure conditions used for matching incoming requests. Only for HTTPRoutes - matches: - - path: - type: PathPrefix - value: / - -podDisruptionBudget: - main: - enabled: false - # -- Custom Selector Labels - # customLabels: - # customKey: customValue - # maxUnavailable: 1 - # minAvailable: 1 - targetSelector: main - -webhook: - validating: - enabled: false - type: validating - webhooks: [] - mutating: - enabled: false - type: mutating - webhooks: [] - -priorityClass: {} -# priorityClass: -# example: -# provisioner: some.provisioner.io -# enabled: true -# value: 1000000 -# preemptionPolicy: PreemptLowerPriority -# globalDefault: false -# description: "some description" - -# # -- create storageClasses on demand -storageClass: {} -# storageClass: -# example: -# provisioner: some.provisioner.io -# enabled: true -# isDefaultClass: false -# parameters: {} -# reclaimPolicy: retain -# allowVolumeExpansion: true -# volumeBindingMode: Immediate -# mountOptions: [] - -metrics: - main: - enabled: false - primary: true - # options: servicemonitor, podmonitor - type: "servicemonitor" - # defaults to selectorLabels - selector: {} - endpoints: - - port: main - interval: 5s - scrapeTimeout: 5s - path: / - honorLabels: false - prometheusRule: - enabled: false - groups: {} - # somegroup: - # # list of rules - # rules: [] - # # list to support adding rules via the SCALE GUI without overwrithing the rules - # additionalrules: [] - # List to support adding groups using the SCALE GUI - additionalgroups: - # - name: "somegroup" - # # list of rules - # rules: [] - # # list to support adding rules via the SCALE GUI without overwrithing the rules - # additionalrules: [] - -# -- The common chart supports several add-ons. These can be configured under this key. -# @default -- See below -addons: - gluetun: - enabled: false - targetSelector: - - main - secret: - # vpn-conf: - # basePath: /gluetun/wireguard - # data: - # # Effective path /gluetun/wireguard/wg0.conf - # wg0.conf: | - # some conf - # wg1.conf: | - # some conf - # scripts: - # basePath: /gluetun/scripts - # defaultMode: "0777" - # data: - # # Effective path /gluetun/scripts/up.sh - # up.sh: | - # some conf - container: - enabled: true - imageSelector: gluetunImage - probes: - liveness: - enabled: false - readiness: - enabled: false - startup: - enabled: false - resources: - excludeExtra: true - securityContext: - runAsUser: 0 - runAsNonRoot: false - readOnlyRootFilesystem: false - runAsGroup: 568 - capabilities: - add: - - NET_ADMIN - - NET_RAW - - MKNOD - env: - DOT: "off" - DNS_KEEP_NAMESERVER: "on" - FIREWALL: "off" - FIREWALL_OUTBOUND_SUBNETS: "" - FIREWALL_INPUT_PORTS: "" - - # -- Tailscale specific configuration - # @default -- See below - # See more info for the configuration - # https://github.com/tailscale/tailscale/blob/main/docs/k8s/run.sh - tailscale: - enabled: false - targetSelector: - - main - # -- you can directly specify the config file here - config: "" - container: - enabled: true - imageSelector: "tailscaleImage" - probes: - liveness: - enabled: false - readiness: - enabled: false - startup: - enabled: false - command: - - /usr/local/bin/containerboot - resources: - excludeExtra: true - env: - # Set KUBE_SECRET to empty string to force tailscale - # to use the filesystem for state tracking. - # With secret for state tracking you can't always - # know if the app that uses this sidecard will - # use a custom ServiceAccount and will lead to falure. - TS_KUBE_SECRET: "" - TS_SOCKET: /var/run/tailscale/tailscaled.sock - TS_STATE_DIR: /var/lib/tailscale/state - TS_USERSPACE: true - TS_AUTH_ONCE: true - TS_ACCEPT_DNS: false - TS_AUTH_KEY: "" - TS_TAILSCALED_EXTRA_ARGS: "" - TS_EXTRA_ARGS: "" - TS_SOCKS5_SERVER: "" - TS_DEST_IP: "" - TS_ROUTES: "" - TS_OUTBOUND_HTTP_PROXY_LISTEN: "" - securityContext: - capabilities: - add: - - NET_ADMIN - - NET_RAW - - # -- Auth key to connect to the VPN Service - authkey: "" - # As a sidecar, it should only need to run in userspace - userspace: true - auth_once: true - accept_dns: false - routes: "" - dest_ip: "" - sock5_server: "" - extra_args: "" - daemon_extra_args: "" - outbound_http_proxy_listen: "" - # -- Annotations for tailscale sidecar - annotations: {} - - # -- The common library supports adding a code-server add-on to access files. It can be configured under this key. - # @default -- See values.yaml - codeserver: - enabled: false - # -- Enable running a code-server container in the pod - container: - enabled: true - probes: - liveness: - enabled: true - port: 12321 - path: "/" - readiness: - enabled: true - port: 12321 - path: "/" - startup: - enabled: true - port: 12321 - path: "/" - imageSelector: "codeserverImage" - resources: - excludeExtra: true - securityContext: - runAsUser: 0 - runAsGroup: 0 - runAsNonRoot: false - readOnlyRootFilesystem: false - args: - - "--port" - - "12321" - - "/" - - --auth - - none - # - --user-data-dir - # - "/config/.vscode" - # -- Select a workload to add the addon to - targetSelector: - - "main" - - service: - # -- Enable a service for the code-server add-on. - enabled: true - type: ClusterIP - # Specify the default port information - ports: - codeserver: - enabled: true - primary: true - protocol: http - port: 12321 - targetPort: 12321 - - ingress: - # -- Enable an ingress for the code-server add-on. - enabled: false - annotations: {} - # kubernetes.io/ingress.class: nginx - labels: {} - hosts: - - host: code.chart-example.local - paths: - - path: / - # Ignored if not kubeVersion >= 1.14-0 - pathType: Prefix - tls: [] - - netshoot: - # -- Enable running a netshoot container in the pod - enabled: false - container: - enabled: true - command: - - /bin/sh - - -c - - sleep infinity - probes: - liveness: - enabled: false - readiness: - enabled: false - startup: - enabled: false - imageSelector: "netshootImage" - resources: - excludeExtra: true - securityContext: - runAsUser: 0 - runAsGroup: 0 - runAsNonRoot: false - readOnlyRootFilesystem: false - capabilities: - add: - - NET_ADMIN - - NET_RAW - -dependencies: - -########################################################################## -# This section contains some pre-config for frequently used dependencies # -########################################################################## - -cnpg: - main: - enabled: false - primary: true - # -- Puts the cnpg cluster in hibernation mode - hibernate: false - # Additional Labels and annotations for all cnpg objects - labels: {} - annotations: {} - - # Type of the CNPG database. Available types: - # * `postgres` - # * `postgis` - # * `timescaledb` - # * `vectors` - type: postgres - - # Version of Postgresql to use, changes cluster naming scheme - # * `15` - # * `16` - pgVersion: 16 - - # Cluster mode of operation. Available modes: - # * `standalone` - default mode. Creates new or updates an existing CNPG cluster. - # * `replica` - Creates a replica cluster from an existing CNPG cluster. # TODO - # * `recovery` - Same as standalone but creates a cluster from a backup, object store or via pg_basebackup. - mode: standalone - - # Database details - database: "app" - user: "app" - password: "PLACEHOLDERPASSWORD" - - # Database cluster configuration - cluster: - # Additional Labels and annotations for cnpg cluster - labels: {} - annotations: {} - - # Number of instances - instances: 2 - - # set to true on single-node clusters to allow PVCs to be kept on instance restart - singleNode: false - - ## set to configure the skipEmptyWalArchiveCheck annotation - # skipEmptyWalArchiveCheck: true - # # -- storage size for the data pvc's - # # Follows the same spec as .Values.Persistence type=PVC - # storage: - # size: "256Gi" - # # -- storage size for the wal pvc's - # # Follows the same spec as .Values.Persistence type=PVC - # walStorage: - # size: "256Gi" - # -- Gets scaled to 0 if hibernation is true - ## See .Values.resources for more info - # resources: - - # Method to follow to upgrade the primary server during a rolling update procedure, after all replicas have been - # successfully updated. It can be switchover (default) or in-place (restart). - primaryUpdateMethod: switchover - - # Strategy to follow to upgrade the primary server during a rolling update procedure, after all replicas have been - # successfully updated: it can be automated (unsupervised - default) or manual (supervised) - # Example of rolling update strategy: - # - unsupervised: automated update of the primary once all - # replicas have been upgraded (default) - # - supervised: requires manual supervision to perform - # the switchover of the primary - # -- change to supervised to disable unsupervised updates - primaryUpdateStrategy: unsupervised - - # The instances' log level, one of the following values: error, warning, info (default), debug, trace - logLevel: info - - # The configuration for the CA and related certificates - # See: https://cloudnative-pg.io/documentation/current/api_reference/#CertificatesConfiguration - certificates: - - # When this option is enabled, the operator will use the SuperuserSecret to update the postgres user password. - # If the secret is not present, the operator will automatically create one. - # When this option is disabled, the operator will ignore the SuperuserSecret content, delete it when automatically created, - # and then blank the password of the postgres user by setting it to NULL. - - # enableSuperuserAccess: true - - # Configuration of the PostgreSQL server - # See: https://cloudnative-pg.io/documentation/current/api_reference/#PostgresConfiguration - postgresql: - - # BootstrapInitDB is the configuration of the bootstrap process when initdb is used - # See: https://cloudnative-pg.io/documentation/current/bootstrap/ - # See: https://cloudnative-pg.io/documentation/current/api_reference/#bootstrapinitdb - initdb: {} - # postInitSQL: - # - CREATE EXTENSION IF NOT EXISTS vector; - # postInitApplicationSQL: - # - CREATE EXTENSION IF NOT EXISTS someextension; - # -- set to enable prometheus metrics - monitoring: - enablePodMonitor: false - disableDefaultQueries: false - customQueries: [] - # - name: "pg_cache_hit_ratio" - # expandObjectName: true - # key: "custom-key" (defaults to "custom-queries") - # query: "SELECT current_database() as datname, sum(heap_blks_hit) / (sum(heap_blks_hit) + sum(heap_blks_read)) as ratio FROM pg_statio_user_tables;" - # metrics: - # - datname: - # usage: "LABEL" - # description: "Name of the database database" - # - ratio: - # usage: GAUGE - # description: "Cache hit ratio" - # Recovery settings if the chosen mode is `recovery`. - recovery: - ## - # Backup Recovery Method - # Available recovery methods: - # * `backup` - Recovers a CNPG cluster from a CNPG backup (PITR supported) Needs to be on the same cluster in the same namespace. - # * `object_store` - Recovers a CNPG cluster from a barman object store (PITR supported). - # * `pg_basebackup` - Recovers a CNPG cluster viaa streaming replication protocol. Useful if you want to - # migrate databases to CloudNativePG, even from outside Kubernetes. # TODO - method: object_store - ## set a revision to append to the serverName to ensure restore and backup dont target the same thing - # revision: 1 - - # override serverName in recovery obkect - servername: "" - - ## Point in time recovery target. Specify one of the following: - pitrTarget: - # Time in RFC3339 format - time: "" - - # Name of the backup to recover from. Required if method is `backup`. - backupName: "" - - # Object Store Recovery Method - clusterName: "" - - # Overrides the provider specific default path. Defaults to: - # S3: s3:// - # Azure: https://..core.windows.net/ - # Google: gs:// - destinationPath: "" - - # Database cluster backup configuration - backups: - # You need to configure backups manually, so backups are disabled by default. - enabled: false - - encryption: - enabled: false - ## set a revision to append to the serverName to ensure restore and backup dont target the same thing - # revision: 1 - - # override serverName in recovery obkect - servername: "" - - # Overrides the provider specific default path. Defaults to: - # S3: s3:// - # Azure: https://..core.windows.net/ - # Google: gs:// - destinationPath: "" - - # default: primary, other option prefer-standby - target: "" - - # name of credentials in .Values.Credentials - credentials: "" - - scheduledBackups: - - name: daily-backup - schedule: "0 0 0 * * *" - backupOwnerReference: self - immediate: true - suspend: false - - retentionPolicy: "30d" - - # - Manual list of backups - manualBackups: [] - # - name: today - # labels: {} - # annotations: {} - # - name: beforeUpgrade - # labels: {} - # annotations: {} - - # Database cluster PgBouncer configuration - pooler: - enabled: false - # -- enable to create extra pgbouncer for readonly access - createRO: false - poolMode: session - # -- Gets scaled to 0 if hibernation is true - instances: 2 - # parameters: - # max_client_conn: "1000" - # default_pool_size: "25" - labels: {} - annotations: {} - - # -- contains credentials and urls output by generator - creds: {} - -# -- Redis dependency configuration -# @default -- See below -redis: - enabled: false - includeCommon: false - password: "PLACEHOLDERPASSWORD" - # -- can be used to make an easy accessible note which URLS to use to access the DB. - creds: {} - secret: - credentials: - enabled: false - -# -- mariadb dependency configuration -# @default -- See below -mariadb: - enabled: false - includeCommon: false - password: "PLACEHOLDERPASSWORD" - rootPassword: "PLACEHOLDERROOTPASSWORD" - # -- can be used to make an easy accessable note which URLS to use to access the DB. - creds: {} - -# -- mongodb dependency configuration -# @default -- See below -mongodb: - enabled: false - includeCommon: false - password: "PLACEHOLDERPASSWORD" - rootPassword: "PLACEHOLDERROOTPASSWORD" - # -- can be used to make an easy accessable note which URLS to use to access the DB. - creds: {} - -# -- clickhouse dependency configuration -# @default -- See below -clickhouse: - enabled: false - includeCommon: false - password: "PLACEHOLDERPASSWORD" - # -- can be used to make an easy accessable note which URLS to use to access the DB. - creds: {} - -# -- solr dependency configuration -# @default -- See below -solr: - enabled: false - includeCommon: false - password: "PLACEHOLDERPASSWORD" - solrCores: 1 - solrEnableAuthentication: "no" - # -- can be used to make an easy accessable note which URLS to use to access the DB. - creds: {} - -# -- List of extra objects to deploy with the release -extraTpl: [] diff --git a/charts/baikal/templates/common.yaml b/charts/baikal/templates/common.yaml deleted file mode 100644 index 78d963f..0000000 --- a/charts/baikal/templates/common.yaml +++ /dev/null @@ -1,2 +0,0 @@ -{{/* Render the templates */}} -{{ include "tc.v1.common.loader.all" . }} diff --git a/charts/baikal/values.yaml b/charts/baikal/values.yaml deleted file mode 100644 index 832853c..0000000 --- a/charts/baikal/values.yaml +++ /dev/null @@ -1,31 +0,0 @@ -image: - pullPolicy: IfNotPresent - repository: docker.io/ckulka/baikal - tag: 0.10.1-nginx@sha256:434bdd162247cc6aa6f878c9b4dce6216e39e79526b980453b13812d5f8ebf4b -persistence: - config: - enabled: true - mountPath: /var/www/baikal/config - specific: - enabled: true - mountPath: /var/www/baikal/Specific - -securityContext: - container: - readOnlyRootFilesystem: false - runAsGroup: 0 - runAsUser: 0 -service: - main: - ports: - main: - port: 10293 - protocol: http - targetPort: 80 -workload: - main: - podSpec: - containers: - main: - env: - BAIKAL_SKIP_CHOWN: false diff --git a/charts/common/.helmignore b/charts/common/.helmignore deleted file mode 100644 index feb7464..0000000 --- a/charts/common/.helmignore +++ /dev/null @@ -1,32 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ -# OWNERS file for Kubernetes -OWNERS -# helm-docs templates -*.gotmpl -# docs folder -/docs -# icon -icon.png -icon.webp -icon-small.webp diff --git a/charts/common/Chart.lock b/charts/common/Chart.lock deleted file mode 100644 index 2d93e99..0000000 --- a/charts/common/Chart.lock +++ /dev/null @@ -1,3 +0,0 @@ -dependencies: [] -digest: sha256:643d5437104296e21d906ecb15b2c96ad278f20cfc4af53b12bb6069bd853726 -generated: "2025-08-18T01:12:02.398827845Z" diff --git a/charts/common/Chart.yaml b/charts/common/Chart.yaml deleted file mode 100644 index 2216223..0000000 --- a/charts/common/Chart.yaml +++ /dev/null @@ -1,49 +0,0 @@ -annotations: - artifacthub.io/category: integration-delivery - artifacthub.io/license: BUSL-1.1 - artifacthub.io/links: |- - - name: support - url: https://discord.com/invite/tVsPTHWTtr - truecharts.org/category: unsorted - truecharts.org/max_helm_version: "3.17" - truecharts.org/min_helm_version: "3.14" - truecharts.org/train: library -apiVersion: v2 -appVersion: 1.11.0 -description: Function library for TrueCharts -home: https://truecharts.org/charts/library/common -icon: https://truecharts.org/img/hotlink-ok/chart-icons/common.webp -keywords: -- truecharts -- library-chart -- common -kubeVersion: '>=1.24.0-0' -maintainers: -- email: info@truecharts.org - name: TrueCharts - url: https://truecharts.org -name: common -sources: -- https://ghcr.io/cloudnative-pg/postgis -- https://ghcr.io/cloudnative-pg/postgresql -- https://ghcr.io/tensorchord/cloudnative-pgvecto.rs -- https://ghcr.io/traefik/whoami -- https://github.com/truecharts/charts/tree/master/charts/library/common -- https://github.com/truecharts/containers/tree/master/apps/alpine -- https://github.com/truecharts/containers/tree/master/apps/code-server -- https://github.com/truecharts/containers/tree/master/apps/db-wait-mariadb -- https://github.com/truecharts/containers/tree/master/apps/db-wait-mongodb -- https://github.com/truecharts/containers/tree/master/apps/db-wait-postgres -- https://github.com/truecharts/containers/tree/master/apps/db-wait-redis -- https://github.com/truecharts/containers/tree/master/apps/gluetun -- https://github.com/truecharts/containers/tree/master/apps/kubectl -- https://github.com/truecharts/containers/tree/master/apps/netshoot -- https://github.com/truecharts/containers/tree/master/apps/openvpn-client -- https://github.com/truecharts/containers/tree/master/apps/scratch -- https://github.com/truecharts/containers/tree/master/apps/tailscale -- https://github.com/truecharts/containers/tree/master/apps/wget -- https://github.com/truecharts/containers/tree/master/apps/wireguard -- https://hub.docker.com/_/ -- https://hub.docker.com/r/mikefarah/yq -type: library -version: 28.16.2 diff --git a/charts/common/LICENSE b/charts/common/LICENSE deleted file mode 100644 index 4ce034b..0000000 --- a/charts/common/LICENSE +++ /dev/null @@ -1,106 +0,0 @@ -Business Source License 1.1 - -Parameters - -Licensor: The TrueCharts Project, it's owner and it's contributors -Licensed Work: The TrueCharts "Common" Helm Chart -Additional Use Grant: You may use the licensed work in production, as long - as it is directly sourced from a TrueCharts provided - official repository, catalog or source. You may also make private - modification to the directly sourced licenced work, - when used in production. - - The following cases are, due to their nature, also - defined as 'production use' and explicitly prohibited: - - Bundling, including or displaying the licensed work - with(in) another work intended for production use, - with the apparent intend of facilitating and/or - promoting production use by third parties in - violation of this license. - -Change Date: 2050-01-01 - -Change License: 3-clause BSD license - -For information about alternative licensing arrangements for the Software, -please contact: legal@truecharts.org - -Notice - -The Business Source License (this document, or the “License”) is not an Open -Source license. However, the Licensed Work will eventually be made available -under an Open Source License, as stated in this License. - -License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved. -“Business Source License” is a trademark of MariaDB Corporation Ab. - ------------------------------------------------------------------------------ - -Business Source License 1.1 - -Terms - -The Licensor hereby grants you the right to copy, modify, create derivative -works, redistribute, and make non-production use of the Licensed Work. The -Licensor may make an Additional Use Grant, above, permitting limited -production use. - -Effective on the Change Date, or the fourth anniversary of the first publicly -available distribution of a specific version of the Licensed Work under this -License, whichever comes first, the Licensor hereby grants you rights under -the terms of the Change License, and the rights granted in the paragraph -above terminate. - -If your use of the Licensed Work does not comply with the requirements -currently in effect as described in this License, you must purchase a -commercial license from the Licensor, its affiliated entities, or authorized -resellers, or you must refrain from using the Licensed Work. - -All copies of the original and modified Licensed Work, and derivative works -of the Licensed Work, are subject to this License. This License applies -separately for each version of the Licensed Work and the Change Date may vary -for each version of the Licensed Work released by Licensor. - -You must conspicuously display this License on each original or modified copy -of the Licensed Work. If you receive the Licensed Work in original or -modified form from a third party, the terms and conditions set forth in this -License apply to your use of that work. - -Any use of the Licensed Work in violation of this License will automatically -terminate your rights under this License for the current and all other -versions of the Licensed Work. - -This License does not grant you any right in any trademark or logo of -Licensor or its affiliates (provided that you may use a trademark or logo of -Licensor as expressly required by this License). - -TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON -AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS, -EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND -TITLE. - -MariaDB hereby grants you permission to use this License’s text to license -your works, and to refer to it using the trademark “Business Source License”, -as long as you comply with the Covenants of Licensor below. - -Covenants of Licensor - -In consideration of the right to use this License’s text and the “Business -Source License” name and trademark, Licensor covenants to MariaDB, and to all -other recipients of the licensed work to be provided by Licensor: - -1. To specify as the Change License the GPL Version 2.0 or any later version, - or a license that is compatible with GPL Version 2.0 or a later version, - where “compatible” means that software provided under the Change License can - be included in a program with software provided under GPL Version 2.0 or a - later version. Licensor may specify additional Change Licenses without - limitation. - -2. To either: (a) specify an additional grant of rights to use that does not - impose any additional restriction on the right granted in this License, as - the Additional Use Grant; or (b) insert the text “None”. - -3. To specify a Change Date. - -4. Not to modify this License in any other way. diff --git a/charts/common/README.md b/charts/common/README.md deleted file mode 100644 index c71419b..0000000 --- a/charts/common/README.md +++ /dev/null @@ -1,50 +0,0 @@ ---- -title: README ---- - -## General Info - -For more information about this Chart, please check the docs on the TrueCharts [website](https://truecharts.org/charts/library/common) - -**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)** - -## Installation - -### Helm-Chart installation - -To install TrueCharts Helm charts using Helm, you can use our OCI Repository. - -`helm install mychart oci://tccr.io/truecharts/common` - -For more information on how to install TrueCharts Helm charts, checkout the [instructions on the website](/guides) - -## Chart Specific Guides and information - -All our charts have dedicated documentation pages. -The documentation for this chart can be found here: -https://truecharts.org/charts/library/common - -## Configuration Options - -To view the chart specific options, please view Values.yaml included in the chart. -The most recent version of which, is available here: https://github.com/truecharts/public/blob/master/charts/library/common/values.yaml - -All our Charts use a shared "common" library chart that contains most of the templating and options. -For the complete overview of all available options, please checkout the documentation for them on the [common docs on our website](/common) - -For information about the common chart and all defaults included with it, please review its values.yaml file available here: https://github.com/truecharts/public/blob/master/charts/library/common/values.yaml - -## Support - -- See the [Website](https://truecharts.org) -- Check our [Discord](https://discord.gg/tVsPTHWTtr) -- Open a [issue](https://github.com/truecharts/charts/issues/new/choose) - ---- - -## Sponsor TrueCharts - -TrueCharts can only exist due to the incredible effort of our staff. -Please consider making a [donation](/general/sponsor) or contributing back to the project any way you can! - -_All Rights Reserved - The TrueCharts Project_ diff --git a/charts/common/templates/addons/_codeserver.tpl b/charts/common/templates/addons/_codeserver.tpl deleted file mode 100644 index c1187fd..0000000 --- a/charts/common/templates/addons/_codeserver.tpl +++ /dev/null @@ -1,72 +0,0 @@ -{{/* -Template to render code-server addon -It will include / inject the required templates based on the given values. -*/}} -{{- define "tc.v1.common.addon.codeserver" -}} - {{- $codeSrv := $.Values.addons.codeserver -}} - - {{- if $codeSrv.enabled -}} - {{- $targetSelector := list "main" -}} - {{- if $codeSrv.targetSelector -}} - {{- $targetSelector = $codeSrv.targetSelector -}} - {{- end -}} - - {{- if gt ($targetSelector|len) 1 -}} - {{- fail "Codeserver Addon - Can only be attached to a single workload at a time" -}} - {{- end -}} - - {{/* Append the code-server container to the workloads */}} - {{- range $targetSelector -}} - {{- $workload := get $.Values.workload . -}} - {{- $_ := set $workload.podSpec.containers "codeserver" $codeSrv.container -}} - {{- end -}} - - {{/* Add the code-server service */}} - {{- if $codeSrv.service.enabled -}} - {{/* Add the code-server service */}} - {{- $hasPrimaryService := false -}} - {{- $result := (include "tc.v1.common.lib.service.hasPrimary" $) | fromJson -}} - {{- if and $result.hasEnabled $result.hasPrimary -}} - {{- $hasPrimaryService = true -}} - {{- end -}} - - {{- $svcValues := $codeSrv.service -}} - {{- $_ := set $svcValues "targetSelector" ($targetSelector|first) -}} - {{- if not $hasPrimaryService -}} - {{- $_ := set $svcValues "primary" true -}} - {{- end -}} - - {{- if not $.Values.service -}} - {{- $_ := set $.Values "service" dict -}} - {{- end -}} - - {{- $_ := set $.Values.service "codeserver" $svcValues -}} - {{- end -}} - - {{/* Add the code-server ingress */}} - {{- if $codeSrv.ingress.enabled -}} - {{- $ingressValues := $codeSrv.ingress -}} - {{- if not $ingressValues.targetSelector -}} - {{/* Assumes that both service and port are named codeserver */}} - {{- $_ := set $ingressValues "targetSelector" (dict "codeserver" "codeserver") -}} - {{- end -}} - - {{- $hasPrimaryIngress := false -}} - {{- $result := (include "tc.v1.common.lib.ingress.hasPrimary" $) | fromJson -}} - {{- if and $result.hasEnabled $result.hasPrimary -}} - {{- $hasPrimaryIngress = true -}} - {{- end -}} - - {{- if not $hasPrimaryIngress -}} - {{- $_ := set $ingressValues "primary" true -}} - {{- end -}} - - {{- if not $.Values.ingress -}} - {{- $_ := set $.Values "ingress" dict -}} - {{- end -}} - - {{/* Let spawner handle the rest */}} - {{- $_ := set $.Values.ingress "codeserver" $ingressValues -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/addons/_gluetun.tpl b/charts/common/templates/addons/_gluetun.tpl deleted file mode 100644 index c93e4f4..0000000 --- a/charts/common/templates/addons/_gluetun.tpl +++ /dev/null @@ -1,78 +0,0 @@ -{{/* -Template to render VPN addon -It will include / inject the required templates based on the given values. -*/}} -{{- define "tc.v1.common.addon.gluetun" -}} - {{- $glue := $.Values.addons.gluetun -}} - {{- if $glue.enabled -}} - {{- if not $glue.container.env -}} - {{- $_ := set $glue.container "env" dict -}} - {{- end -}} - - {{- $fw := $glue.container.env.FIREWALL -}} - {{- if (eq $fw "on") -}} - {{- $nets := $glue.container.env.FIREWALL_OUTBOUND_SUBNETS | default list -}} - {{- if $nets -}}{{- $nets = $nets | splitList "," -}}{{- end -}} - {{- $nets = mustAppend $nets $.Values.chartContext.podCIDR -}} - {{- $nets = mustAppend $nets $.Values.chartContext.svcCIDR -}} - - {{- $cleanNets := list -}} - {{- range $nets -}}{{- $cleanNets = mustAppend $cleanNets (. | nospace) -}}{{- end -}} - {{- $nets = $cleanNets | mustUniq -}} - {{- $_ := set $glue.container.env "FIREWALL_OUTBOUND_SUBNETS" (join "," $nets) -}} - - {{- $inputPorts := $glue.container.env.FIREWALL_INPUT_PORTS | default list -}} - {{- if $inputPorts -}}{{- $inputPorts = $inputPorts | splitList "," -}}{{- end -}} - {{- if and - $.Values.service $.Values.service.main $.Values.service.main.ports - $.Values.service.main.ports.main $.Values.service.main.ports.main.port - -}} - {{- $inputPorts = mustAppend $inputPorts ($.Values.service.main.ports.main.port | toString) -}} - {{- end -}} - {{- $cleanInputPorts := list -}} - {{- range $inputPorts -}}{{- $cleanInputPorts = mustAppend $cleanInputPorts (. | nospace) -}}{{- end -}} - {{- $inputPorts = $cleanInputPorts | mustUniq -}} - {{- $_ := set $glue.container.env "FIREWALL_INPUT_PORTS" (join "," $inputPorts) -}} - {{- end -}} - - {{- $targetSelector := list "main" -}} - {{- if $glue.targetSelector -}} - {{- $targetSelector = $glue.targetSelector -}} - {{- end -}} - - {{/* Append the vpn container to the workloads */}} - {{- range $targetSelector -}} - {{- $workload := get $.Values.workload . -}} - {{- $_ := set $workload.podSpec.containers "gluetun" $glue.container -}} - {{- end -}} - - {{/* Mount secrets */}} - {{- range $secName, $secValues := $glue.secret -}} - {{- $secretName := printf "gluetun-%s" $secName -}} - {{- if not $secValues.basePath -}} - {{- fail (printf "Gluetun - Secret [%s] does not have basePath") -}} - {{- end -}} - {{- $_ := set $secValues "enabled" true -}} - {{- $_ := set $.Values.secret $secretName $secValues -}} - - {{- $persistence := (dict - "enabled" true "type" "secret" "objectName" $secretName "targetSelector" dict "items" list - ) -}} - {{- if $secValues.defaultMode -}} - {{- $_ := set $persistence "defaultMode" $secValues.defaultMode -}} - {{- end -}} - - {{- range $key, $val := $secValues.data -}} - {{- $item := (dict "key" $key "path" $key) -}} - {{- $_ := set $persistence "items" (mustAppend $persistence.items $item) -}} - {{- end -}} - - {{- $selectorValue := (dict "gluetun" (dict "mountPath" $secValues.basePath)) -}} - {{- range $targetSelector -}} - {{- $_ := set $persistence.targetSelector . $selectorValue -}} - {{- end -}} - - {{- $_ := set $.Values.persistence $secretName $persistence -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/addons/_netshoot.tpl b/charts/common/templates/addons/_netshoot.tpl deleted file mode 100644 index d7b9e9c..0000000 --- a/charts/common/templates/addons/_netshoot.tpl +++ /dev/null @@ -1,20 +0,0 @@ -{{/* -Template to render code-server addon -It will include / inject the required templates based on the given values. -*/}} -{{- define "tc.v1.common.addon.netshoot" -}} - {{- $netshoot := $.Values.addons.netshoot -}} - {{- if $netshoot.enabled -}} - {{- $targetSelector := list "main" -}} - {{- if $netshoot.targetSelector -}} - {{- $targetSelector = $netshoot.targetSelector -}} - {{- end -}} - - {{- range $targetSelector -}} - {{/* Append the code-server container to the workloads */}} - {{- $workload := get $.Values.workload . -}} - {{- $_ := set $workload.podSpec.containers "netshoot" $.Values.addons.netshoot.container -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/addons/_tailscale.tpl b/charts/common/templates/addons/_tailscale.tpl deleted file mode 100644 index e3d5e5e..0000000 --- a/charts/common/templates/addons/_tailscale.tpl +++ /dev/null @@ -1,56 +0,0 @@ -{{/* -Template to render VPN addon -It will include / inject the required templates based on the given values. -*/}} -{{- define "tc.v1.common.addon.tailscale" -}} - {{- $ts := $.Values.addons.tailscale -}} - {{- if $ts.enabled -}} - {{- $secContext := dict -}} - {{- $_ := set $secContext "runAsUser" 0 -}} - {{- $_ := set $secContext "runAsGroup" 0 -}} - {{- $_ := set $secContext "runAsNonRoot" true -}} - {{- $_ := set $secContext "readOnlyRootFilesystem" false -}} - - {{- if and $ts.container.env ($ts.container.env.TS_USERSPACE) -}} - {{- $_ := set $secContext "runAsUser" 1000 -}} - {{- $_ := set $secContext "runAsGroup" 1000 -}} - {{- $_ := set $secContext "runAsNonRoot" false -}} - {{- $_ := set $secContext "readOnlyRootFilesystem" true -}} - {{- end -}} - - {{- $newSecContext := $ts.container.securityContext -}} - {{- $newSecContext = mustMergeOverwrite $newSecContext $secContext -}} - {{- $_ := set $ts.container "securityContext" $newSecContext -}} - - {{- $targetSelector := list "main" -}} - {{- if $ts.targetSelector -}} - {{- $targetSelector = $ts.targetSelector -}} - {{- end -}} - - {{/* Append the vpn container to the workloads */}} - {{- range $targetSelector -}} - {{/* FIXME: https://github.com/tailscale/tailscale/issues/8188 */}} - {{- $workload := get $.Values.workload . -}} - {{- $_ := set $workload.podSpec "automountServiceAccountToken" true -}} - {{- $_ := set $workload.podSpec.containers "tailscale" $ts.container -}} - {{- end -}} - - {{- $persistence := $.Values.persistence.tailscalestate | default dict -}} - {{- $_ := set $persistence "enabled" true -}} - {{- if not $persistence.type -}} - {{- $_ := set $persistence "type" "emptyDir" -}} - {{- end -}} - {{- if not $persistence.targetSelector -}} - {{- $_ := set $persistence "targetSelector" dict -}} - {{- end -}} - - {{- $selectorValue := (dict "tailscale" (dict "mountPath" "/var/lib/tailscale")) -}} - {{- range $targetSelector -}} - {{- $_ := set $persistence.targetSelector . $selectorValue -}} - {{- end -}} - - {{/* Append the empty dir tailscale to the persistence */}} - {{- $_ := set $.Values.persistence "tailscalestate" $persistence -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/class/_configmap.tpl b/charts/common/templates/class/_configmap.tpl deleted file mode 100644 index 0d40e1d..0000000 --- a/charts/common/templates/class/_configmap.tpl +++ /dev/null @@ -1,37 +0,0 @@ -{{/* Configmap Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.configmap" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the configmap. - labels: The labels of the configmap. - annotations: The annotations of the configmap. - data: The data of the configmap. - namespace: The namespace of the configmap. (Optional) -*/}} - -{{- define "tc.v1.common.class.configmap" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Configmap") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -data: - {{- tpl (toYaml $objectData.data) $rootCtx | nindent 2 }} - {{/* This comment is here to add a new line */}} -{{- end -}} diff --git a/charts/common/templates/class/_cronjob.tpl b/charts/common/templates/class/_cronjob.tpl deleted file mode 100644 index b7b92af..0000000 --- a/charts/common/templates/class/_cronjob.tpl +++ /dev/null @@ -1,52 +0,0 @@ -{{/* CronJob Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.cronjob" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: The object data to be used to render the CronJob. -*/}} - -{{- define "tc.v1.common.class.cronjob" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- include "tc.v1.common.lib.workload.cronjobValidation" (dict "objectData" $objectData) }} ---- -apiVersion: batch/v1 -kind: CronJob -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "CronJob") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - {{- include "tc.v1.common.lib.workload.cronjobSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) | indent 2 }} - template: - metadata: - {{- $labels := (mustMerge ($objectData.podSpec.labels | default dict) - (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.podLabels" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) - (include "tc.v1.common.lib.metadata.volumeLabels" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) - (include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $objectData.shortName) | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 12 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.podSpec.annotations | default dict) - (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.podAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 12 }} - {{- end }} - spec: - {{- include "tc.v1.common.lib.workload.pod" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 10 }} -{{- end -}} diff --git a/charts/common/templates/class/_daemonset.tpl b/charts/common/templates/class/_daemonset.tpl deleted file mode 100644 index f896b45..0000000 --- a/charts/common/templates/class/_daemonset.tpl +++ /dev/null @@ -1,54 +0,0 @@ -{{/* DaemonSet Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.deployment" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: The object data to be used to render the DaemonSet. -*/}} - -{{- define "tc.v1.common.class.daemonset" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- include "tc.v1.common.lib.workload.daemonsetValidation" (dict "objectData" $objectData) }} ---- -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "DaemonSet") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - {{- include "tc.v1.common.lib.workload.daemonsetSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) | indent 2 }} - selector: - matchLabels: - {{- include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $objectData.shortName) | trim | nindent 6 }} - template: - metadata: - {{- $labels := (mustMerge ($objectData.podSpec.labels | default dict) - (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.podLabels" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) - (include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $objectData.shortName) | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 8 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.podSpec.annotations | default dict) - (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.podAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 8 }} - {{- end }} - spec: - {{- include "tc.v1.common.lib.workload.pod" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 6 }} -{{- end -}} diff --git a/charts/common/templates/class/_deployment.tpl b/charts/common/templates/class/_deployment.tpl deleted file mode 100644 index 2e65409..0000000 --- a/charts/common/templates/class/_deployment.tpl +++ /dev/null @@ -1,55 +0,0 @@ -{{/* Deployment Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.deployment" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Deployment. -*/}} - -{{- define "tc.v1.common.class.deployment" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- include "tc.v1.common.lib.workload.deploymentValidation" (dict "objectData" $objectData) }} ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Deployment") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - {{- include "tc.v1.common.lib.workload.deploymentSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) | indent 2 }} - selector: - matchLabels: - {{- include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $objectData.shortName) | trim | nindent 6 }} - template: - metadata: - {{- $labels := (mustMerge ($objectData.podSpec.labels | default dict) - (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.podLabels" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) - (include "tc.v1.common.lib.metadata.volumeLabels" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) - (include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $objectData.shortName) | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 8 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.podSpec.annotations | default dict) - (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.podAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 8 }} - {{- end }} - spec: - {{- include "tc.v1.common.lib.workload.pod" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 6 }} -{{- end -}} diff --git a/charts/common/templates/class/_endpoint.tpl b/charts/common/templates/class/_endpoint.tpl deleted file mode 100644 index 29862e9..0000000 --- a/charts/common/templates/class/_endpoint.tpl +++ /dev/null @@ -1,33 +0,0 @@ -{{/* Endpoint Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.endpoint" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: The service data, that will be used to render the Service object. -*/}} - -{{- define "tc.v1.common.class.endpoint" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} ---- -apiVersion: v1 -kind: Endpoints -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Endpoint") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -subsets: - - addresses: - {{- include "tc.v1.common.lib.endpoint.addresses" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 6 }} - ports: - {{- include "tc.v1.common.lib.endpoint.ports" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 6 }} -{{- end -}} diff --git a/charts/common/templates/class/_endpointSlice.tpl b/charts/common/templates/class/_endpointSlice.tpl deleted file mode 100644 index a2f2362..0000000 --- a/charts/common/templates/class/_endpointSlice.tpl +++ /dev/null @@ -1,45 +0,0 @@ -{{/* EndpointSlice Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.endpointSlice" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: The service data, that will be used to render the Service object. -*/}} - -{{- define "tc.v1.common.class.endpointSlice" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $addressType := $objectData.addressType | default "IPv4" -}} - {{- if $objectData.addressType -}} - {{- $addressType = tpl $addressType $rootCtx -}} - {{- $validTypes := (list "IPv4" "IPv6" "FQDN") -}} - {{- if not (mustHas $addressType $validTypes) -}} - {{- fail (printf "EndpointSlice - Expected [addressType] to be one of [%s], but got [%s]" (join ", " $validTypes) $addressType) -}} - {{- end -}} - {{- end }} - ---- -apiVersion: discovery.k8s.io/v1 -kind: EndpointSlice -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Endpoint Slice") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- $_ := set $labels "kubernetes.io/service-name" $objectData.name -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -addressType: {{ $addressType }} -ports: -{{- include "tc.v1.common.lib.endpointslice.ports" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 }} -endpoints: -{{- include "tc.v1.common.lib.endpointslice.endpoints" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 }} -{{- end -}} diff --git a/charts/common/templates/class/_horizontalPodAutoscaler.tpl b/charts/common/templates/class/_horizontalPodAutoscaler.tpl deleted file mode 100644 index 4f6b635..0000000 --- a/charts/common/templates/class/_horizontalPodAutoscaler.tpl +++ /dev/null @@ -1,192 +0,0 @@ -{{/* -This template serves as a blueprint for horizontal pod autoscaler objects that are created -using the common library. -*/}} -{{- define "tc.v1.common.class.hpa" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} ---- -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "VPA") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: {{ $objectData.workload.type }} - name: {{ $objectData.name }} - minReplicas: {{ $objectData.minReplicas }} - maxReplicas: {{ $objectData.maxReplicas }} - {{- if $objectData.metrics }} - metrics: - {{- include "tc.v1.common.class.hpa.metrics" (dict "objectData" $objectData "rootCtx" $rootCtx) | nindent 4 }} - {{- end -}} - {{- if $objectData.behavior }} - behavior: - {{- if $objectData.behavior.scaleUp }} - scaleUp: - {{- include "tc.v1.common.class.hpa.behavior" (dict "objectData" $objectData "rootCtx" $rootCtx "mode" "up") | nindent 4 }} - {{- end -}} - {{- if $objectData.behavior.scaleDown }} - scaleDown: - {{- include "tc.v1.common.class.hpa.behavior" (dict "objectData" $objectData "rootCtx" $rootCtx "mode" "down") | nindent 4 }} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.class.hpa.behavior" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $mode := .mode -}} - - {{- $key := ternary "scaleUp" "scaleDown" (eq $mode "up") -}} - {{- $behavior := get $objectData.behavior $key -}} - - {{- $defaultStabilizationWindowSeconds := ternary 0 300 (eq $mode "up") }} - selectPolicy: {{ $behavior.selectPolicy | default "Max" }} - stabilizationWindowSeconds: {{ $behavior.stabilizationWindowSeconds | default $defaultStabilizationWindowSeconds }} - {{- if $behavior.policies }} - policies: - {{- range $idx, $policy := $behavior.policies }} - - type: {{ $policy.type }} - value: {{ $policy.value }} - periodSeconds: {{ $policy.periodSeconds }} - {{- end }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.class.hpa.metrics" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- range $idx, $metric := $objectData.metrics }} - {{- if eq $metric.type "Resource" }} - {{- include "tc.v1.common.class.hpa.metrics.resource" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric) | nindent 6 }} - {{- else if eq $metric.type "ContainerResource" }} - {{- include "tc.v1.common.class.hpa.metrics.containerResource" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric) | nindent 6 }} - {{- else if eq $metric.type "Pods" }} - {{- include "tc.v1.common.class.hpa.metrics.pods" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric) | nindent 6 }} - {{- else if eq $metric.type "Object" }} - {{- include "tc.v1.common.class.hpa.metrics.object" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric) | nindent 6 }} - {{- else if eq $metric.type "External" }} - {{- include "tc.v1.common.class.hpa.metrics.external" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric) | nindent 6 }} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.class.hpa.metrics.resource" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx }} - - type: Resource - resource: - name: {{ .metric.resource.name }} - target: - type: {{ .metric.resource.target.type }} - {{- if eq .metric.resource.target.type "AverageValue" }} - averageValue: {{ .metric.resource.target.averageValue | quote }} - {{- else if eq .metric.resource.target.type "Utilization" }} - averageUtilization: {{ .metric.resource.target.averageUtilization }} - {{- end -}} - {{- with .metric.resource.target.value }} - value: {{ . | quote }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.class.hpa.metrics.containerResource" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx }} - - type: ContainerResource - containerResource: - name: {{ .metric.containerResource.name }} - container: {{ .metric.containerResource.container}} - target: - type: {{ .metric.containerResource.target.type }} - {{- if eq .metric.containerResource.target.type "AverageValue" }} - averageValue: {{ .metric.containerResource.target.averageValue | quote }} - {{- else if eq .metric.containerResource.target.type "Utilization" }} - averageUtilization: {{ .metric.containerResource.target.averageUtilization }} - {{- end -}} - {{- with .metric.containerResource.target.value }} - value: {{ . | quote }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.class.hpa.metrics.pods" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx }} - - type: Pods - pods: - target: - type: AverageValue - averageValue: {{ .metric.pods.target.averageValue | quote }} - metric: - name: {{ .metric.pods.metric.name }} - {{- if .metric.pods.metric.selector }} - selector: - matchLabels: - {{- range $key, $value := .metric.pods.metric.selector.matchLabels }} - {{ $key }}: {{ $value | quote }} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.class.hpa.metrics.object" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx }} - - type: Object - object: - target: - type: {{ .metric.object.target.type }} - {{- if eq .metric.object.target.type "Value" }} - value: {{ .metric.object.target.value | quote }} - {{- else if eq .metric.object.target.type "AverageValue" }} - averageValue: {{ .metric.object.target.averageValue | quote }} - {{- end }} - describedObject: - apiVersion: {{ .metric.object.describedObject.apiVersion }} - kind: {{ .metric.object.describedObject.kind }} - name: {{ .metric.object.describedObject.name }} - metric: - name: {{ .metric.object.metric.name }} - {{- if .metric.object.metric.selector }} - selector: - matchLabels: - {{- range $key, $value := .metric.object.metric.selector.matchLabels }} - {{ $key }}: {{ $value | quote }} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.class.hpa.metrics.external" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx }} - - type: External - external: - metric: - name: {{ .metric.external.metric.name }} - {{- if .metric.external.metric.selector }} - selector: - matchLabels: - {{- range $key, $value := .metric.external.metric.selector.matchLabels }} - {{ $key }}: {{ $value | quote }} - {{- end -}} - {{- end }} - target: - type: {{ .metric.external.target.type }} - {{- if eq .metric.external.target.type "Value" }} - value: {{ .metric.external.target.value | quote }} - {{- else if eq .metric.external.target.type "AverageValue" }} - averageValue: {{ .metric.external.target.averageValue | quote }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/class/_ingress.tpl b/charts/common/templates/class/_ingress.tpl deleted file mode 100644 index 14c730e..0000000 --- a/charts/common/templates/class/_ingress.tpl +++ /dev/null @@ -1,121 +0,0 @@ -{{/* Ingress Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.ingress" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Ingress. -*/}} - -{{- define "tc.v1.common.class.ingress" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $svcData := (include "tc.v1.common.lib.ingress.targetSelector" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) -}} - {{- $_ := set $objectData "selectedService" $svcData -}} - - {{- if not (hasKey $objectData "integrations") -}} - {{- $_ := set $objectData "integrations" dict -}} - {{- end -}} - {{- if not (hasKey $objectData "annotations") -}} - {{- $_ := set $objectData "annotations" dict -}} - {{- end -}} - - {{- $ingressClassName := "" -}} - {{- if $objectData.ingressClassName -}} - {{- $ingressClassName = (tpl $objectData.ingressClassName $rootCtx) -}} - {{- end -}} - - {{- range $h := $objectData.hosts -}} - {{- $_ := set $h "host" (tpl $h.host $rootCtx) -}} - - {{- if not $h.paths -}} {{/* If no paths given, default to "/" */}} - {{- $_ := set $h "paths" (list (dict "path" "/")) -}} - {{- end -}} - - {{- range $p := $h.paths -}} - {{- $_ := set $p "path" (tpl ($p.path | default "/") $rootCtx) -}} - {{- $_ := set $p "pathType" (tpl ($p.pathType | default "Prefix") $rootCtx) -}} - {{- end -}} - {{- end -}} - - {{/* - When Stop All is set, force ingressClass "stopped" - to yeet ingress from the ingressController - */}} - {{- if (include "tc.v1.common.lib.util.stopAll" $rootCtx) -}} - {{- $ingressClassName = "tc-stopped" -}} - {{- end -}} - - {{- include "tc.v1.common.lib.ingress.integration.certManager" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.ingress.integration.traefik" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.ingress.integration.nginx" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- if ne $ingressClassName "tc-stopped" -}}{{/* If is stopped, dont render homepage annotations */}} - {{- include "tc.v1.common.lib.ingress.integration.homepage" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- end }} ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Ingress") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end }} - annotations: - checksum/secrets: {{ toJson $rootCtx.Values.secret | sha256sum }} - checksum/services: {{ toJson $rootCtx.Values.service | sha256sum }} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - {{- . | nindent 4 }} - {{- end }} -spec: - ingressClassName: {{ $ingressClassName | default nil }} - rules: - {{- range $h := $objectData.hosts }} - - host: {{ $h.host | quote }} - http: - paths: - {{- range $p := $h.paths -}} - {{- $newSvcData := (include "tc.v1.common.lib.ingress.backend.data" (dict - "rootCtx" $rootCtx "svcData" $svcData "override" $p.overrideService)) | fromYaml - }} - - path: {{ $p.path }} - pathType: {{ $p.pathType }} - backend: - service: - name: {{ $newSvcData.name }} - port: - number: {{ $newSvcData.port }} - {{- end -}} - {{- end -}} - {{/* If a certificateIssuer is defined in the whole ingress, use that */}} - {{- if and $objectData.integrations.certManager $objectData.integrations.certManager.enabled }} - tls: - {{- range $idx, $h := $objectData.hosts }} - - secretName: {{ printf "%s-tls-%d" $objectData.name ($idx | int) }} - hosts: - - {{ (tpl $h.host $rootCtx) | quote }} - {{- end -}} - {{/* else if a tls section is defined use the configuration from there */}} - {{- else if $objectData.tls }} - tls: - {{- range $idx, $t := $objectData.tls -}} - {{- $secretName := "" -}} - {{- if $t.secretName -}} - {{- $secretName = tpl $t.secretName $rootCtx -}} - {{- else if $t.certificateIssuer -}} - {{- $secretName = printf "%s-tls-%d" $objectData.name ($idx | int) -}} - {{- else if $t.clusterCertificate -}} - {{- $secretName = printf "certificate-issuer-%s" (tpl $t.clusterCertificate $rootCtx) -}} - {{- end }} - - secretName: {{ $secretName }} - hosts: - {{- range $h := $t.hosts }} - - {{ (tpl $h $rootCtx) | quote }} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/class/_job.tpl b/charts/common/templates/class/_job.tpl deleted file mode 100644 index a3e4e9a..0000000 --- a/charts/common/templates/class/_job.tpl +++ /dev/null @@ -1,52 +0,0 @@ -{{/* Job Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.job" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Job. -*/}} - -{{- define "tc.v1.common.class.job" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- include "tc.v1.common.lib.workload.jobValidation" (dict "objectData" $objectData) }} ---- -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Job") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - {{- include "tc.v1.common.lib.workload.jobSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) | indent 2 }} - template: - metadata: - {{- $labels := (mustMerge ($objectData.podSpec.labels | default dict) - (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.podLabels" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) - (include "tc.v1.common.lib.metadata.volumeLabels" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) - (include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $objectData.shortName) | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 8 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.podSpec.annotations | default dict) - (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.podAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 8 }} - {{- end }} - spec: - {{- include "tc.v1.common.lib.workload.pod" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 6 }} -{{- end -}} diff --git a/charts/common/templates/class/_mutatingWebhookConfiguration.tpl b/charts/common/templates/class/_mutatingWebhookConfiguration.tpl deleted file mode 100644 index 2bcd6b9..0000000 --- a/charts/common/templates/class/_mutatingWebhookConfiguration.tpl +++ /dev/null @@ -1,38 +0,0 @@ -{{/* MutatingWebhookConfiguration Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.mutatingWebhookConfiguration" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the MutatingWebhookConfiguration. - labels: The labels of the MutatingWebhookConfiguration. - annotations: The annotations of the MutatingWebhookConfiguration. - data: The data of the MutatingWebhookConfiguration. - namespace: The namespace of the MutatingWebhookConfiguration. (Optional) -*/}} - -{{- define "tc.v1.common.class.mutatingWebhookConfiguration" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Webhook") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -webhooks: - {{- range $webhook := $objectData.webhooks -}} - {{- include "tc.v1.common.lib.webhook" (dict "webhook" $webhook "rootCtx" $rootCtx) | trim | nindent 4 }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/class/_networkAttachmentDefinition.tpl b/charts/common/templates/class/_networkAttachmentDefinition.tpl deleted file mode 100644 index 1c0364d..0000000 --- a/charts/common/templates/class/_networkAttachmentDefinition.tpl +++ /dev/null @@ -1,35 +0,0 @@ -{{/* Network Attachment Definition Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.networkAttachmentDefinition" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the Network Attachment Definition. - labels: The labels of the Network Attachment Definition. - annotations: The annotations of the Network Attachment Definition. - config: The config of the interface -*/}} - -{{- define "tc.v1.common.class.networkAttachmentDefinition" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} ---- -apiVersion: k8s.cni.cncf.io/v1 -kind: NetworkAttachmentDefinition -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Network Attachment Definition") }} - {{- $labels := (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml) | default dict -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml) | default dict -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - config: {{ $objectData.config | squote }} -{{- end -}} diff --git a/charts/common/templates/class/_networkPolicy.tpl b/charts/common/templates/class/_networkPolicy.tpl deleted file mode 100644 index 735ea2b..0000000 --- a/charts/common/templates/class/_networkPolicy.tpl +++ /dev/null @@ -1,185 +0,0 @@ -{{/* -Blueprint for the NetworkPolicy object -*/}} -{{- define "tc.v1.common.class.networkpolicy" -}} - {{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}} - {{- $networkPolicyName := $fullName -}} - {{- $values := .Values.networkPolicy -}} - - {{- if hasKey . "ObjectValues" -}} - {{- with .ObjectValues.networkPolicy -}} - {{- $values = . -}} - {{- end -}} - {{- end -}} - {{- $networkpolicyLabels := $values.labels -}} - {{- $networkpolicyAnnotations := $values.annotations -}} - - {{- if and (hasKey $values "nameOverride") $values.nameOverride -}} - {{- $networkPolicyName = printf "%v-%v" $networkPolicyName $values.nameOverride -}} - {{- end }} ---- -kind: NetworkPolicy -apiVersion: {{ include "tc.v1.common.capabilities.networkpolicy.apiVersion" $ }} -metadata: - name: {{ $networkPolicyName }} - namespace: {{ $.Values.namespace | default $.Values.global.namespace | default $.Release.Namespace }} - {{- $labels := (mustMerge ($networkpolicyLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($networkpolicyAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - podSelector: - {{- if $values.podSelector }} - {{- tpl (toYaml $values.podSelector) $ | nindent 4 }} - {{- else if $values.targetSelector }} - {{- $objectData := dict "targetSelector" $values.targetSelector }} - {{- $selectedPod := fromYaml ( include "tc.v1.common.lib.helpers.getSelectedPodValues" (dict "rootCtx" $ "objectData" $objectData)) }} - {{- $selectedPodName := $selectedPod.shortName }} - matchLabels: - {{- include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $ "objectType" "pod" "objectName" $selectedPodName) | indent 8 }} - {{- else }} - matchLabels: - {{- include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $ "objectType" "" "objectName" "") | indent 8 }} - {{- end }} - - {{- if $values.policyType }} - {{- if eq $values.policyType "ingress" }} - policyTypes: ["Ingress"] - {{- else if eq $values.policyType "egress" }} - policyTypes: ["Egress"] - - {{- else if eq $values.policyType "ingress-egress" }} - policyTypes: ["Ingress", "Egress"] - {{- end -}} - {{- end -}} - - {{- if $values.egress }} - egress: - {{- range $values.egress }} - - to: - {{- range .to -}} - {{- $nss := false -}} - {{- $ipb := false -}} - {{- if .ipBlock -}} - {{- if .ipBlock.cidr -}} - {{- $ipb = true }} - - ipBlock: - cidr: {{ .ipBlock.cidr }} - {{- if .ipBlock.except }} - except: - {{- range .ipBlock.except }} - - {{ . }} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if and ( .namespaceSelector ) ( not $ipb ) -}} - {{- if or ( .namespaceSelector.matchLabels ) ( .namespaceSelector.matchExpressions ) -}} - {{- $nss = true }} - - namespaceSelector: - {{- if .namespaceSelector.matchLabels }} - matchLabels: - {{- .namespaceSelector.matchLabels | toYaml | nindent 12 }} - {{- end -}} - {{- if .namespaceSelector.matchExpressions }} - matchExpressions: - {{- .namespaceSelector.matchExpressions | toYaml | nindent 12 }} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if and ( .podSelector ) ( not $ipb ) -}} - {{- if or ( .podSelector.matchLabels ) ( .podSelector.matchExpressions ) -}} - {{- if $nss }} - podSelector: - {{- else }} - - podSelector: - {{- end -}} - {{- if .podSelector.matchLabels }} - matchLabels: - {{- .podSelector.matchLabels | toYaml | nindent 12 }} - {{- end -}} - {{- if .podSelector.matchExpressions }} - matchExpressions: - {{- .podSelector.matchExpressions | toYaml | nindent 12 }} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- with .ports }} - ports: - {{- . | toYaml | nindent 6 }} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if $values.ingress }} - ingress: - {{- range $values.ingress }} - - from: - {{- range .from -}} - {{- $nss := false -}} - {{- $ipb := false -}} - {{- if .ipBlock -}} - {{- if .ipBlock.cidr -}} - {{- $ipb = true }} - - ipBlock: - cidr: {{ .ipBlock.cidr }} - {{- if .ipBlock.except }} - except: - {{- range .ipBlock.except }} - - {{ . }} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if and ( .namespaceSelector ) ( not $ipb ) -}} - {{- if or ( .namespaceSelector.matchLabels ) ( .namespaceSelector.matchExpressions ) -}} - {{- $nss = true }} - - namespaceSelector: - {{- if .namespaceSelector.matchLabels }} - matchLabels: - {{- .namespaceSelector.matchLabels | toYaml | nindent 12 }} - {{- end -}} - {{- if .namespaceSelector.matchExpressions }} - matchExpressions: - {{- .namespaceSelector.matchExpressions | toYaml | nindent 12 }} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if and ( .podSelector ) ( not $ipb ) -}} - {{- if or ( .podSelector.matchLabels ) ( .podSelector.matchExpressions ) -}} - {{- if $nss }} - podSelector: - {{- else }} - - podSelector: - {{- end }} - {{- if .podSelector.matchLabels }} - matchLabels: - {{- .podSelector.matchLabels | toYaml | nindent 12 }} - {{- end -}} - {{- if .podSelector.matchExpressions }} - matchExpressions: - {{- .podSelector.matchExpressions | toYaml | nindent 12 }} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- with .ports }} - ports: - {{- . | toYaml | nindent 6 }} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/class/_persistentVolume.tpl b/charts/common/templates/class/_persistentVolume.tpl deleted file mode 100644 index 2305eb7..0000000 --- a/charts/common/templates/class/_persistentVolume.tpl +++ /dev/null @@ -1,75 +0,0 @@ -{{/* PersistentVolume Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.pv" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the PV. - labels: The labels of the PV. - annotations: The annotations of the PV. - provisioner: The provisioner to use for the PersistentVolume. - driver: The driver to use for the csi - retain: Whether to retain the PV after deletion. (Default: false) - size: The size of the PersistentVolume. (Default: 1Gi) -*/}} - -{{- define "tc.v1.common.class.pv" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $retain := $rootCtx.Values.global.fallbackDefaults.pvcRetain -}} - {{- if not (kindIs "invalid" $objectData.retain) -}} - {{- $retain = $objectData.retain -}} - {{- end -}} - - {{- $reclaimPolicy := ternary "Retain" "Delete" $retain -}} - - {{- $pvcSize := $rootCtx.Values.global.fallbackDefaults.pvcSize -}} - {{- with $objectData.size -}} - {{- $pvcSize = tpl . $rootCtx -}} - {{- end }} ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: {{ $objectData.name }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- if $retain -}} - {{- $_ := set $annotations "\"helm.sh/resource-policy\"" "keep" -}} - {{- end -}} - {{- $_ := set $annotations "pv.kubernetes.io/provisioned-by" $objectData.provisioner -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - capacity: - storage: {{ $pvcSize }} - persistentVolumeReclaimPolicy: {{ $reclaimPolicy }} - storageClassName: {{ $objectData.name }} - accessModes: - {{- include "tc.v1.common.lib.pvc.accessModes" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Persistent Volume") | trim | nindent 4 -}} - {{- if $objectData.mountOptions }} - mountOptions: - {{- range $opt := $objectData.mountOptions -}} - {{- if $opt.value }} - - {{ printf "%s=%s" (tpl $opt.key $rootCtx) (tpl (include "tc.v1.common.helper.makeIntOrNoop" $opt.value) $rootCtx) }} - {{- else }} - - {{ tpl $opt.key $rootCtx }} - {{- end -}} - {{- end -}} - {{- end -}} - {{- if $objectData.static -}} - {{- if eq "smb" $objectData.static.mode -}} - {{- include "tc.v1.common.lib.storage.smbCSI" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 -}} - {{- else if eq "nfs" $objectData.static.mode -}} - {{- include "tc.v1.common.lib.storage.nfsCSI" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/class/_podDisruptionBudget.tpl b/charts/common/templates/class/_podDisruptionBudget.tpl deleted file mode 100644 index 35799b1..0000000 --- a/charts/common/templates/class/_podDisruptionBudget.tpl +++ /dev/null @@ -1,54 +0,0 @@ -{{/* poddisruptionbudget Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.podDisruptionBudget" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the podDisruptionBudget. - labels: The labels of the podDisruptionBudget. - annotations: The annotations of the podDisruptionBudget. - data: The data of the podDisruptionBudget. - namespace: The namespace of the podDisruptionBudget. (Optional) -*/}} - -{{- define "tc.v1.common.class.podDisruptionBudget" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} ---- -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Pod Disruption Budget") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - selector: - matchLabels: - {{- if $objectData.customLabels -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $objectData.customLabels) | trim) }} - {{- . | nindent 6 }} - {{- end -}} - {{- else -}} - {{- $selectedPod := fromJson (include "tc.v1.common.lib.helpers.getSelectedPodValues" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Pod Disruption Budget")) }} - {{- include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $selectedPod.shortName) | nindent 6 }} - {{- end -}} - {{- if hasKey $objectData "minAvailable" }} - minAvailable: {{ tpl (toString $objectData.minAvailable) $rootCtx }} - {{- end -}} - {{- if hasKey $objectData "maxUnavailable" }} - maxUnavailable: {{ tpl (toString $objectData.maxUnavailable) $rootCtx }} - {{- end -}} - {{- with $objectData.unhealthyPodEvictionPolicy }} - unhealthyPodEvictionPolicy: {{ tpl . $rootCtx }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/class/_priorityClass.tpl b/charts/common/templates/class/_priorityClass.tpl deleted file mode 100644 index 3b4b845..0000000 --- a/charts/common/templates/class/_priorityClass.tpl +++ /dev/null @@ -1,40 +0,0 @@ -{{/* priorityclass Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.priorityclass" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the priorityclass. - labels: The labels of the priorityclass. - annotations: The annotations of the priorityclass. -*/}} - -{{- define "tc.v1.common.class.priorityclass" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $globalDefault := false -}} - {{- if not (kindIs "invalid" $objectData.globalDefault) -}} - {{- $globalDefault = $objectData.globalDefault -}} - {{- end }} ---- -apiVersion: scheduling.k8s.io/v1 -kind: PriorityClass -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Priority Class") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -value: {{ $objectData.value | default 1000000 }} -preemptionPolicy: {{ $objectData.preemptionPolicy | default "PreemptLowerPriority" }} -globalDefault: {{ $globalDefault }} -description: {{ $objectData.description | default "No description given" }} -{{- end -}} diff --git a/charts/common/templates/class/_pvc.tpl b/charts/common/templates/class/_pvc.tpl deleted file mode 100644 index d161125..0000000 --- a/charts/common/templates/class/_pvc.tpl +++ /dev/null @@ -1,51 +0,0 @@ -{{/* PersistentVolumeClaim Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.pvc" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the PVC. - labels: The labels of the PVC. - annotations: The annotations of the PVC. - size: The size of the PVC. (Default: 1Gi) - volumeName: The name of the volume to bind to. (Default: "") - retain: Whether to retain the PVC after deletion. (Default: false) - storageClass: The storage class to use. (Absent) -*/}} - -{{- define "tc.v1.common.class.pvc" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $pvcRetain := $rootCtx.Values.global.fallbackDefaults.pvcRetain -}} - {{- if (kindIs "bool" $objectData.retain) -}} - {{- $pvcRetain = $objectData.retain -}} - {{- end -}} - - {{- $pvcSize := $rootCtx.Values.global.fallbackDefaults.pvcSize -}} - {{- with $objectData.size -}} - {{- $pvcSize = tpl . $rootCtx -}} - {{- end }} ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Persistent Volume Claim") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- if $pvcRetain -}} - {{- $_ := set $annotations "\"helm.sh/resource-policy\"" "keep" -}} - {{- end -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - {{- include "tc.v1.common.lib.storage.pvc.spec" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 }} -{{- end -}} diff --git a/charts/common/templates/class/_rbac.tpl b/charts/common/templates/class/_rbac.tpl deleted file mode 100644 index d5f94a7..0000000 --- a/charts/common/templates/class/_rbac.tpl +++ /dev/null @@ -1,64 +0,0 @@ -{{/* RBAC Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.rbac" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the rbac. - labels: The labels of the rbac. - annotations: The annotations of the rbac. - clusterWide: Whether the rbac is cluster wide or not. - rules: The rules of the rbac. - subjects: The subjects of the rbac. -*/}} - -{{- define "tc.v1.common.class.rbac" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: {{ ternary "ClusterRole" "Role" $objectData.clusterWide }} -metadata: - name: {{ $objectData.name }} - {{- if not $objectData.clusterWide }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "RBAC") }} - {{- end }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -rules: - {{- include "tc.v1.common.lib.rbac.rules" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: {{ ternary "ClusterRoleBinding" "RoleBinding" $objectData.clusterWide }} -metadata: - name: {{ $objectData.name }} - {{- if not $objectData.clusterWide }} - namespace: {{ $rootCtx.Release.Namespace }} - {{- end }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: {{ ternary "ClusterRole" "Role" $objectData.clusterWide }} - name: {{ $objectData.name }} -subjects: - {{- include "tc.v1.common.lib.rbac.serviceAccount" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 }} - {{- include "tc.v1.common.lib.rbac.subjects" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 }} -{{- end -}} diff --git a/charts/common/templates/class/_route.tpl b/charts/common/templates/class/_route.tpl deleted file mode 100644 index 7c2ef74..0000000 --- a/charts/common/templates/class/_route.tpl +++ /dev/null @@ -1,87 +0,0 @@ -{{/* -This template serves as a blueprint for all Route objects that are created -within the common library. -*/}} -{{- define "tc.v1.common.class.route" -}} -{{- $values := .Values.route -}} -{{- if hasKey . "ObjectValues" -}} - {{- with .ObjectValues.route -}} - {{- $values = . -}} - {{- end -}} -{{- end -}} - - {{- $routeLabels := $values.labels -}} - {{- $routeAnnotations := $values.annotations -}} - -{{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}} -{{- if and (hasKey $values "nameOverride") $values.nameOverride -}} - {{- $fullName = printf "%v-%v" $fullName $values.nameOverride -}} -{{- end -}} -{{- $routeKind := $values.kind | default "HTTPRoute" -}} - -{{/* Get the name of the primary service, if any */}} -{{- $primaryServiceName := (include "tc.v1.common.lib.util.service.primary" (dict "rootCtx" $)) -}} -{{/* Get service values of the primary service, if any */}} -{{- $primaryService := get $.Values.service $primaryServiceName -}} -{{- $defaultServiceName := $fullName -}} - -{{- if and (hasKey $primaryService "nameOverride") $primaryService.nameOverride -}} - {{- $defaultServiceName = printf "%v-%v" $defaultServiceName $primaryService.nameOverride -}} -{{- end -}} -{{- $defaultServicePort := get $primaryService.ports (include "tc.v1.common.lib.util.service.ports.primary" (dict "svcValues" $primaryService "rootCtx" $)) }} - ---- -apiVersion: gateway.networking.k8s.io/v1alpha2 -{{- if and (ne $routeKind "GRPCRoute") (ne $routeKind "HTTPRoute") (ne $routeKind "TCPRoute") (ne $routeKind "TLSRoute") (ne $routeKind "UDPRoute") -}} - {{- fail (printf "Not a valid route kind (%s)" $routeKind) -}} -{{- end }} -kind: {{ $routeKind }} -metadata: - name: {{ $fullName }} - namespace: {{ $.Values.namespace | default $.Values.global.namespace | default $.Release.Namespace }} - {{- $labels := (mustMerge ($routeLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($routeAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) }} - annotations: - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }} - {{- . | nindent 4 }} - {{- end }} -spec: - parentRefs: - {{- range $values.parentRefs }} - - group: {{ default "gateway.networking.k8s.io" .group }} - kind: {{ default "Gateway" .kind }} - name: {{ required (printf "parentRef name is required for %v %v" $routeKind $fullName) .name }} - namespace: {{ required (printf "parentRef namespace is required for %v %v" $routeKind $fullName) .namespace }} - {{- if .sectionName }} - sectionName: {{ .sectionName | quote }} - {{- end }} - {{- end }} - {{- if and (ne $routeKind "TCPRoute") (ne $routeKind "UDPRoute") $values.hostnames }} - hostnames: - {{- with $values.hostnames }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- end }} - rules: - {{- range $values.rules }} - - backendRefs: - {{- range .backendRefs }} - - group: {{ default "" .group | quote}} - kind: {{ default "Service" .kind }} - name: {{ default $defaultServiceName .name }} - namespace: {{ default $.Release.Namespace .namespace }} - port: {{ default $defaultServicePort.port .port }} - weight: {{ default 1 .weight }} - {{- end }} - {{- if (eq $routeKind "HTTPRoute") }} - {{- with .matches }} - matches: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- end }} - {{- end }} -{{- end }} diff --git a/charts/common/templates/class/_secret.tpl b/charts/common/templates/class/_secret.tpl deleted file mode 100644 index 14b2f2a..0000000 --- a/charts/common/templates/class/_secret.tpl +++ /dev/null @@ -1,58 +0,0 @@ -{{/* Secret Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.secret" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the secret. - labels: The labels of the secret. - annotations: The annotations of the secret. - type: The type of the secret. - data: The data of the secret. - namespace: The namespace of the secret. (Optional) -*/}} - -{{- define "tc.v1.common.class.secret" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $secretType := "Opaque" -}} - - {{- if eq $objectData.type "certificate" -}} - {{- $secretType = "kubernetes.io/tls" -}} - {{- else if eq $objectData.type "imagePullSecret" -}} - {{- $secretType = "kubernetes.io/dockerconfigjson" -}} - {{- else if $objectData.type -}} - {{- $secretType = $objectData.type -}} - {{- end }} ---- -apiVersion: v1 -kind: Secret -type: {{ $secretType }} -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Secret") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end -}} - {{- if (mustHas $objectData.type (list "certificate" "imagePullSecret")) }} -data: - {{- if eq $objectData.type "certificate" }} - tls.crt: {{ $objectData.data.certificate | trim | b64enc }} - tls.key: {{ $objectData.data.privatekey | trim | b64enc }} - {{- else if eq $objectData.type "imagePullSecret" }} - .dockerconfigjson: {{ $objectData.data | trim | b64enc }} - {{- end -}} - {{- else }} -stringData: - {{- tpl (toYaml $objectData.data) $rootCtx | nindent 2 }} - {{/* This comment is here to add a new line */}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/class/_service.tpl b/charts/common/templates/class/_service.tpl deleted file mode 100644 index 0c08e8d..0000000 --- a/charts/common/templates/class/_service.tpl +++ /dev/null @@ -1,123 +0,0 @@ -{{/* Service Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.service" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: The service data, that will be used to render the Service object. -*/}} - -{{- define "tc.v1.common.class.service" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $svcType := $objectData.type | default $rootCtx.Values.global.fallbackDefaults.serviceType -}} - {{- $_ := set $objectData "annotations" ($objectData.annotations | default dict) -}} - - {{/* Init variables */}} - {{- $hasHTTPSPort := false -}} - {{- $hasHostPort := false -}} - {{- $hostNetwork := false -}} - {{- $podValues := dict -}} - - {{- range $portName, $port := $objectData.ports -}} - {{- if $port.enabled -}} - {{- if eq (tpl ($port.protocol | default "") $rootCtx) "https" -}} - {{- $hasHTTPSPort = true -}} - {{- end -}} - - {{- if and (hasKey $port "hostPort") $port.hostPort -}} - {{- $hasHostPort = true -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $specialTypes := (list "ExternalName" "ExternalIP") -}} - {{/* External Name / External IP does not rely on any pod values */}} - {{- if not (mustHas $svcType $specialTypes) -}} - {{/* Get Pod Values based on the selector (or the absence of it) */}} - {{- $podValues = fromJson (include "tc.v1.common.lib.helpers.getSelectedPodValues" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Service")) -}} - - {{- if $podValues -}} - {{/* Get Pod hostNetwork configuration */}} - {{- $hostNetwork = include "tc.v1.common.lib.pod.hostNetwork" (dict "rootCtx" $rootCtx "objectData" $podValues) -}} - {{/* When hostNetwork is set on the pod, force ClusterIP, so services wont try to bind the same ports on the host */}} - {{- if or (and (kindIs "bool" $hostNetwork) $hostNetwork) (and (kindIs "string" $hostNetwork) (eq $hostNetwork "true")) -}} - {{- $svcType = "ClusterIP" -}} - {{- end -}} - {{- end -}} - - {{/* When hostPort is defined, force ClusterIP aswell */}} - {{- if $hasHostPort -}} - {{- $svcType = "ClusterIP" -}} - {{- end -}} - {{- end -}} - - {{/* When Stop All is set, force ClusterIP as well */}} - {{- if (include "tc.v1.common.lib.util.stopAll" $rootCtx) -}} - {{- $svcType = "ClusterIP" -}} - {{- end -}} - {{- $_ := set $objectData "type" $svcType -}} - - {{- if eq $objectData.type "LoadBalancer" -}} - {{- include "tc.v1.common.lib.service.loadbalancer.validate" (dict "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.service.integration.metallb" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.service.integration.cilium" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- end -}} - {{- if $hasHTTPSPort -}} - {{- include "tc.v1.common.lib.service.integration.traefik" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- end }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Service") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "service" "objectName" $objectData.shortName) | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - {{- if eq $objectData.type "ClusterIP" -}} - {{- include "tc.v1.common.lib.service.spec.clusterIP" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 -}} - {{- else if eq $objectData.type "LoadBalancer" -}} - {{- include "tc.v1.common.lib.service.spec.loadBalancer" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 -}} - {{- else if eq $objectData.type "NodePort" -}} - {{- include "tc.v1.common.lib.service.spec.nodePort" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 -}} - {{- else if eq $objectData.type "ExternalName" -}} - {{- include "tc.v1.common.lib.service.spec.externalName" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 -}} - {{- else if eq $objectData.type "ExternalIP" -}} - {{- include "tc.v1.common.lib.service.spec.externalIP" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 -}} - {{- end -}} - {{- with (include "tc.v1.common.lib.service.ports" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} - ports: - {{- . | nindent 4 }} - {{- end -}} - {{- if not (mustHas $objectData.type $specialTypes) }} - selector: - {{- if $objectData.selectorLabels }} - {{- tpl (toYaml $objectData.selectorLabels) $rootCtx | nindent 4 }} - {{- else }} - {{- include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $podValues.shortName) | trim | nindent 4 -}} - {{- end }} - {{- end -}} - - {{- if eq $objectData.type "ExternalIP" -}} - {{- $useSlice := true -}} - {{- if kindIs "bool" $objectData.useSlice -}} - {{- $useSlice = $objectData.useSlice -}} - {{- end -}} - {{- if $useSlice -}} - {{- include "tc.v1.common.class.endpointSlice" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- else -}} - {{- include "tc.v1.common.class.endpoint" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/class/_serviceAccount.tpl b/charts/common/templates/class/_serviceAccount.tpl deleted file mode 100644 index 209bf0b..0000000 --- a/charts/common/templates/class/_serviceAccount.tpl +++ /dev/null @@ -1,34 +0,0 @@ -{{/* Service Account Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.serviceAccount" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the serviceAccount. - labels: The labels of the serviceAccount. - annotations: The annotations of the serviceAccount. - autoMountToken: Whether to mount the ServiceAccount token or not. -*/}} - -{{- define "tc.v1.common.class.serviceAccount" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Service Account") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -automountServiceAccountToken: {{ $objectData.automountServiceAccountToken | default false }} -{{- end -}} diff --git a/charts/common/templates/class/_statefulset.tpl b/charts/common/templates/class/_statefulset.tpl deleted file mode 100644 index 8de6c39..0000000 --- a/charts/common/templates/class/_statefulset.tpl +++ /dev/null @@ -1,59 +0,0 @@ -{{/* StatefulSet Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.deployment" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: The object data to be used to render the StatefulSet. -*/}} - -{{- define "tc.v1.common.class.statefulset" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- include "tc.v1.common.lib.workload.statefulsetValidation" (dict "objectData" $objectData) }} ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "StatefulSet") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - {{- include "tc.v1.common.lib.workload.statefulsetSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) | indent 2 }} - selector: - matchLabels: - {{- include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $objectData.shortName) | trim | nindent 6 }} - template: - metadata: - {{- $labels := (mustMerge ($objectData.podSpec.labels | default dict) - (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.podLabels" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) - (include "tc.v1.common.lib.metadata.volumeLabels" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) - (include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $objectData.shortName) | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 8 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.podSpec.annotations | default dict) - (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml) - (include "tc.v1.common.lib.metadata.podAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 8 }} - {{- end }} - spec: - {{- include "tc.v1.common.lib.workload.pod" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 6 }} - {{- with (include "tc.v1.common.lib.storage.volumeClaimTemplates" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} - volumeClaimTemplates: - {{- . | nindent 4 }} - {{- end }} -{{- end -}} diff --git a/charts/common/templates/class/_storageClass.tpl b/charts/common/templates/class/_storageClass.tpl deleted file mode 100644 index f9002aa..0000000 --- a/charts/common/templates/class/_storageClass.tpl +++ /dev/null @@ -1,59 +0,0 @@ -{{/* Configmap Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.storageclass" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the storageclass. - labels: The labels of the storageclass. - annotations: The annotations of the storageclass. -*/}} - -{{- define "tc.v1.common.class.storageclass" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $isDefaultClass := false -}} - {{- if (hasKey $objectData "isDefault") -}} - {{- $isDefaultClass = $objectData.isDefault -}} - {{- end -}} - - {{- $allowVolExpand := true -}} - {{- if not (kindIs "invalid" $objectData.allowVolumeExpansion) -}} - {{- $allowVolExpand = $objectData.allowVolumeExpansion -}} - {{- end }} ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: {{ $objectData.name }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- $_ := set $annotations "storageclass.kubernetes.io/is-default-class" ($isDefaultClass | toString) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -provisioner: {{ $objectData.provisioner }} -{{- with $objectData.parameters }} -parameters: {{/* TODO: */}} - {{- range $k, $v := . -}} - {{- $val := tpl $v $rootCtx }} - {{ $k }}: {{ include "tc.v1.common.helper.makeIntOrNoop" $val | quote }} - {{- end -}} -{{- end }} -reclaimPolicy: {{ $objectData.reclaimPolicy | default "Retain" }} -allowVolumeExpansion: {{ $allowVolExpand }} -{{- with $objectData.mountOptions }} -mountOptions: - {{- range $opt := . }} - - {{ tpl $opt $rootCtx }} - {{- end -}} -{{- end }} -volumeBindingMode: {{ $objectData.volumeBindingMode | default "Immediate" }} -{{- end -}} diff --git a/charts/common/templates/class/_validatingWebhookConfiguration.tpl b/charts/common/templates/class/_validatingWebhookConfiguration.tpl deleted file mode 100644 index f9f05d4..0000000 --- a/charts/common/templates/class/_validatingWebhookConfiguration.tpl +++ /dev/null @@ -1,38 +0,0 @@ -{{/* ValidatingWebhookconfiguration Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.validatingWebhookconfiguration" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the validatingWebhookconfiguration. - labels: The labels of the validatingWebhookconfiguration. - annotations: The annotations of the validatingWebhookconfiguration. - data: The data of the validatingWebhookconfiguration. - namespace: The namespace of the validatingWebhookconfiguration. (Optional) -*/}} - -{{- define "tc.v1.common.class.validatingWebhookconfiguration" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Webhook") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -webhooks: - {{- range $webhook := $objectData.webhooks -}} - {{- include "tc.v1.common.lib.webhook" (dict "webhook" $webhook "rootCtx" $rootCtx) | trim | nindent 4 }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/class/_verticalPodAutoscaler.tpl b/charts/common/templates/class/_verticalPodAutoscaler.tpl deleted file mode 100644 index fe4c6d4..0000000 --- a/charts/common/templates/class/_verticalPodAutoscaler.tpl +++ /dev/null @@ -1,77 +0,0 @@ -{{/* -This template serves as a blueprint for vertical pod autoscaler objects that are created -using the common library. -*/}} -{{- define "tc.v1.common.class.vpa" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $_ := set $objectData "updatePolicy" ($objectData.updatePolicy | default dict) -}} - {{- $_ := set $objectData "resourcePolicy" ($objectData.resourcePolicy | default dict) }} ---- -apiVersion: autoscaling.k8s.io/v1 -kind: VerticalPodAutoscaler -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "VPA") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - targetRef: - apiVersion: apps/v1 - kind: {{ $objectData.workload.type }} - name: {{ $objectData.name }} - updatePolicy: - updateMode: {{ $objectData.updatePolicy.updateMode | default "Auto" }} - {{- with $objectData.updatePolicy.minReplicas }} - minReplicas: {{ . }} - {{- end -}} - {{- if $objectData.updatePolicy.evictionRequirements }} - evictionRequirements: - {{- range $req := $objectData.updatePolicy.evictionRequirements }} - - resources: {{ $req.resources | toJson }} - changeRequirement: {{ $req.changeRequirement }} - {{- end -}} - {{- end -}} - {{- if and $objectData.resourcePolicy $objectData.resourcePolicy.containerPolicies }} - resourcePolicy: - containerPolicies: - {{- range $cPol := $objectData.resourcePolicy.containerPolicies }} - - containerName: {{ $cPol.containerName | quote }} - mode: {{ $cPol.mode }} - {{- if eq $cPol.mode "Off" -}}{{- continue -}}{{- end }} - controlledValues: {{ $cPol.controlledValues | default "RequestsAndLimits" }} - {{- if $cPol.controlledResources }} - controlledResources: {{ $cPol.controlledResources | toJson }} - {{- end -}} - {{- with $cPol.minAllowed -}} - {{- include "tc.v1.common.class.vpa.resources" (dict "item" "minAllowed" "resources" $cPol.minAllowed) | nindent 8 -}} - {{- end -}} - {{- with $cPol.maxAllowed -}} - {{- include "tc.v1.common.class.vpa.resources" (dict "item" "maxAllowed" "resources" $cPol.maxAllowed) | nindent 8 -}} - {{- end -}} - - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.class.vpa.resources" -}} - {{- $item := .item -}} - {{- $resources := .resources -}} - - {{ $item }}: - {{- with $resources.cpu }} - cpu: {{ . }} - {{- end -}} - {{- with $resources.memory }} - memory: {{ . }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/class/_volumeSnapshot.tpl b/charts/common/templates/class/_volumeSnapshot.tpl deleted file mode 100644 index 21d4c33..0000000 --- a/charts/common/templates/class/_volumeSnapshot.tpl +++ /dev/null @@ -1,46 +0,0 @@ -{{/* volumesnapshot Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.volumesnapshot" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the volumesnapshot. - labels: The labels of the volumesnapshot. - annotations: The annotations of the volumesnapshot. - namespace: The namespace of the volumesnapshot. (Optional) -*/}} - -{{- define "tc.v1.common.class.volumesnapshot" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} ---- -apiVersion: snapshot.storage.k8s.io/v1 -kind: VolumeSnapshot -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "volumesnapshot") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - {{- with $objectData.volumeSnapshotClassName }} - volumeSnapshotClassName: {{ . }} - {{- end -}} - {{- if $objectData.source }} - source: - {{- with $objectData.source.persistentVolumeClaimName }} - persistentVolumeClaimName: {{ . }} - {{- end -}} - {{- with $objectData.source.volumeSnapshotContentName }} - volumeSnapshotContentName: {{ . }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/class/_volumeSnapshotClass.tpl b/charts/common/templates/class/_volumeSnapshotClass.tpl deleted file mode 100644 index 3521ff4..0000000 --- a/charts/common/templates/class/_volumeSnapshotClass.tpl +++ /dev/null @@ -1,45 +0,0 @@ -{{/* volumesnapshotclass Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.volumesnapshotclass" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the volumesnapshotclass. - labels: The labels of the volumesnapshotclass. - annotations: The annotations of the volumesnapshotclass. -*/}} - -{{- define "tc.v1.common.class.volumesnapshotclass" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $isDefault := false -}} - {{- if (kindIs "bool" $objectData.isDefault) -}} - {{- $isDefault = $objectData.isDefault -}} - {{- end }} ---- -apiVersion: snapshot.storage.k8s.io/v1 -kind: VolumeSnapshotClass -metadata: - name: {{ $objectData.name }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) }} - annotations: - snapshot.storage.kubernetes.io/is-default-class: {{ $isDefault | quote }} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - {{- . | nindent 4 }} - {{- end }} -driver: {{ tpl $objectData.driver $rootCtx }} -deletionPolicy: {{ $objectData.deletionPolicy | default "Retain" }} - {{- with $objectData.parameters }} -parameters: - {{- range $k, $v := . }} - {{ tpl $k $rootCtx }}: {{ (tpl ($v | toString) $rootCtx) | quote }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/class/cert-manager/_certificate.tpl b/charts/common/templates/class/cert-manager/_certificate.tpl deleted file mode 100644 index f02bc4a..0000000 --- a/charts/common/templates/class/cert-manager/_certificate.tpl +++ /dev/null @@ -1,60 +0,0 @@ -{{/* Certificate Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.certificate" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the certificate. - labels: The labels of the certificate. - annotations: The annotations of the certificate. - namespace: The namespace of the certificate. (Optional) -*/}} -{{- define "tc.v1.common.class.certificate" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} - ---- -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Cert Manager Certificate") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - secretName: {{ $objectData.name }} - dnsNames: - {{- range $h := $objectData.hosts }} - - {{ (tpl $h $rootCtx) | quote }} - {{- end }} - privateKey: - algorithm: ECDSA - size: 256 - rotationPolicy: Always - issuerRef: - name: {{ tpl $objectData.certificateIssuer $rootCtx }} - kind: ClusterIssuer - group: cert-manager.io - {{- if $objectData.certificateSecretTemplate }} - secretTemplate: - {{- $labels := (mustMerge ($objectData.certificateSecretTemplate.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 6 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.certificateSecretTemplate.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 6 }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/class/cnpg/_backup.tpl b/charts/common/templates/class/cnpg/_backup.tpl deleted file mode 100644 index 1eb47f7..0000000 --- a/charts/common/templates/class/cnpg/_backup.tpl +++ /dev/null @@ -1,41 +0,0 @@ -{{- define "tc.v1.common.class.cnpg.backup" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{/* Naming */}} - {{- $backupName := printf "%v-backup-%v" $objectData.name $objectData.backupName -}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $backupName "length" 253) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "CNPG Backup") -}} - - {{/* Metadata */}} - {{- $objLabels := $objectData.labels | default dict -}} - {{- $globalBackupLabels := $objectData.backups.labels | default dict -}} - {{- $backupLabels := $objectData.backupLabels | default dict -}} - {{- $backupLabels = mustMerge $backupLabels $objLabels $globalBackupLabels -}} - - {{- $objAnnotations := $objectData.annotations | default dict -}} - {{- $globalBackupAnnotations := $objectData.backups.annotations | default dict -}} - {{- $backupAnnotations := $objectData.backupAnnotations | default dict -}} - {{- $backupAnnotations = mustMerge $backupAnnotations $objAnnotations $globalBackupAnnotations }} - ---- -apiVersion: postgresql.cnpg.io/v1 -kind: Backup -metadata: - name: {{ $backupName }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "CNPG Backup") }} - labels: - cnpg.io/cluster: {{ $objectData.clusterName }} - {{- $labels := (mustMerge $backupLabels (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge $backupAnnotations (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - cluster: - name: {{ $objectData.clusterName }} -{{- end -}} diff --git a/charts/common/templates/class/cnpg/_cluster.tpl b/charts/common/templates/class/cnpg/_cluster.tpl deleted file mode 100644 index 2c3dfe2..0000000 --- a/charts/common/templates/class/cnpg/_cluster.tpl +++ /dev/null @@ -1,261 +0,0 @@ -{{- define "tc.v1.common.class.cnpg.cluster" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectData.clusterName "length" 253) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "CNPG Cluster") -}} - - {{/* Initialize variables */}} - {{- $hibernation := "off" -}} - {{- $instances := 2 -}} - {{- $mode := "standalone" -}} - {{- $enableMonitoring := false -}} - {{- $disableDefaultQueries := false -}} - {{- $customQueries := list -}} - {{- $enableSuperUser := true -}} - {{- $inProgress := false -}} - {{- $reusePVC := true -}} - {{- $preloadLibraries := list -}} - {{- $walSize := $rootCtx.Values.global.fallbackDefaults.vctSize -}} - {{- $size := $rootCtx.Values.global.fallbackDefaults.vctSize -}} - {{- $primaryUpdateStrategy := "unsupervised" -}} - {{- $primaryUpdateMethod := "switchover" -}} - {{- $logLevel := "info" -}} - {{- $accessModes := $rootCtx.Values.global.fallbackDefaults.vctAccessModes -}} - {{- $walAccessModes := $rootCtx.Values.global.fallbackDefaults.vctAccessModes -}} - {{- $skipEmptyWalArchiveCheck := $rootCtx.Values.global.fallbackDefaults.cnpg.skipEmptyWalArchiveCheck -}} - - {{/* Make sure keys exist before try to access any sub keys */}} - {{- if not (hasKey $objectData "cluster") -}} - {{- $_ := set $objectData "cluster" dict -}} - {{- end -}} - {{- if not (hasKey $objectData "monitoring") -}} - {{- $_ := set $objectData "monitoring" dict -}} - {{- end -}} - {{- if not (hasKey $objectData "backups") -}} - {{- $_ := set $objectData "backups" dict -}} - {{- end -}} - {{- if not (hasKey $objectData.cluster "storage") -}} - {{- $_ := set $objectData.cluster "storage" dict -}} - {{- end -}} - {{- if not (hasKey $objectData.cluster "walStorage") -}} - {{- $_ := set $objectData.cluster "walStorage" dict -}} - {{- end -}} - {{- if not (hasKey $objectData.cluster "resources") -}} - {{- $_ := set $objectData.cluster "resources" dict -}} - {{- end -}} - {{/* Exclude extra resources */}} - {{- $_ := set $objectData.cluster.resources "excludeExtra" true -}} - - {{/* Metadata */}} - {{- $objLabels := $objectData.labels | default dict -}} - {{- $clusterLabels := $objectData.cluster.labels | default dict -}} - {{- $clusterLabels = mustMerge $clusterLabels $objLabels -}} - - {{- $objAnnotations := $objectData.annotations | default dict -}} - {{- $clusterAnnotations := $objectData.cluster.annotations | default dict -}} - {{- $clusterAnnotations = mustMerge $clusterAnnotations $objAnnotations -}} - - {{- with $objectData.cluster.instances -}} - {{- $instances = . -}} - {{- end -}} - - {{/* Stop All */}} - {{- if or $objectData.hibernate (include "tc.v1.common.lib.util.stopAll" $rootCtx) -}} - {{- $hibernation = "on" -}} - {{- end -}} - - {{/* General */}} - {{- with $objectData.mode -}} - {{- $mode = . -}} - {{- end -}} - - {{- with $objectData.cluster.primaryUpdateStrategy -}} - {{- $primaryUpdateStrategy = . -}} - {{- end -}} - {{- with $objectData.cluster.primaryUpdateMethod -}} - {{- $primaryUpdateMethod = . -}} - {{- end -}} - {{- with $objectData.cluster.logLevel -}} - {{- $logLevel = . -}} - {{- end -}} - - {{/* Monitoring */}} - {{- with $objectData.monitoring -}} - {{- if (kindIs "bool" .enablePodMonitor) -}} - {{- $enableMonitoring = .enablePodMonitor -}} - {{- end -}} - {{- if (kindIs "bool" .disableDefaultQueries) -}} - {{- $disableDefaultQueries = .disableDefaultQueries -}} - {{- end -}} - {{- with .customQueries -}} - {{- $customQueries = . -}} - {{- end -}} - {{- end -}} - - {{/* Superuser */}} - {{- if (kindIs "bool" $objectData.cluster.enableSuperuserAccess) -}} - {{- $enableSuperUser = $objectData.cluster.enableSuperuserAccess -}} - {{- end -}} - - {{/* Node Maintenance Window */}} - {{- if $objectData.cluster.singleNode -}} - {{- $inProgress = true -}} - {{- end -}} - - {{- with $objectData.cluster.nodeMaintenanceWindow -}} - {{- if (kindIs "bool" .inProgress) -}} - {{ $inProgress = .inProgress -}} - {{- end -}} - {{- if (kindIs "bool" .reusePVC) -}} - {{ $reusePVC = .reusePVC -}} - {{- end -}} - {{- end -}} - - {{/* Preload Libraries */}} - {{- if (kindIs "slice" $objectData.cluster.preloadLibraries) -}} - {{- $preloadLibraries = $objectData.cluster.preloadLibraries -}} - {{- end -}} - {{- if eq $objectData.type "timescaledb" -}} - {{- $preloadLibraries = mustAppend $preloadLibraries "timescaledb" -}} - {{- end -}} - {{- if eq $objectData.type "vectors" -}} - {{- $preloadLibraries = mustAppend $preloadLibraries "vectors.so" -}} - {{- end -}} - - {{/* Storage */}} - {{- with $objectData.cluster.storage.size -}} - {{- $size = . -}} - {{- end -}} - - {{- with $objectData.cluster.walStorage.size -}} - {{- $walSize = . -}} - {{- end -}} - - {{- with $objectData.cluster.storage.accessModes -}} - {{- $accessModes = . -}} - {{- end -}} - - {{- with $objectData.cluster.walStorage.accessModes -}} - {{- $walAccessModes = . -}} - {{- end -}} - - {{- with $objectData.cluster.skipEmptyWalArchiveCheck -}} - {{- $skipEmptyWalArchiveCheck = . -}} - {{- end -}} - - {{- $imageName := $objectData.cluster.imageName -}} - {{- if not $imageName -}} - {{/* Ensure version and container tracking */}} - {{- $imageType := ($objectData.type | default "postgres") | camelcase | title -}} - {{- if eq $imageType "Postgres" -}} - {{- $imageType = "" -}} - {{- end -}} - - {{/* Format is [postgresCustomNameVersionImage] */}} - {{- $imageKey := printf "postgres%s%sImage" $imageType $objectData.pgVersion -}} - {{- $imageValue := fromJson (include "tc.v1.common.lib.container.imageSelector" (dict "rootCtx" $rootCtx "objectData" (dict "imageSelector" $imageKey))) -}} - {{- $formatImage := printf "%s:%s" $imageValue.repository $imageValue.tag -}} - - {{- $imageName = $formatImage -}} - {{- end }} - ---- -apiVersion: postgresql.cnpg.io/v1 -kind: Cluster -metadata: - name: {{ $objectData.clusterName }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "CNPG Cluster") }} - labels: - cnpg.io/reload: "on" - {{- $labels := (mustMerge $clusterLabels (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - {{- . | nindent 4 }} - {{- end }} - annotations: - cnpg.io/hibernation: {{ $hibernation | quote }} - checksum/secrets: {{ toJson $rootCtx.Values.secret | sha256sum }} - {{- if $skipEmptyWalArchiveCheck }} - cnpg.io/skipEmptyWalArchiveCheck: "enabled" - {{- end }} - {{- $annotations := (mustMerge $clusterAnnotations (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - {{- . | nindent 4 }} - {{- end }} -spec: - imageName: {{ $imageName }} - {{/* This ignores `0` on purpose. */}} - postgresUID: {{ $objectData.cluster.postgresUID | default 26 }} - postgresGID: {{ $objectData.cluster.postgresGID | default 26 }} - enableSuperuserAccess: {{ $enableSuperUser }} - primaryUpdateStrategy: {{ $primaryUpdateStrategy }} - primaryUpdateMethod: {{ $primaryUpdateMethod }} - logLevel: {{ $logLevel }} - instances: {{ $instances }} - {{- if or $objectData.cluster.postgresql $preloadLibraries }} - postgresql: - {{- with $objectData.cluster.postgresql }} - parameters: - {{- range $k, $v := . }} - {{ $k }}: {{ tpl $v $rootCtx | quote }} - {{- end -}} - {{- end -}} - {{- with $preloadLibraries }} - shared_preload_libraries: - {{- range $lib := (. | mustUniq) }} - - {{ $lib | quote }} - {{- end -}} - {{- end -}} - {{- end }} - nodeMaintenanceWindow: - inProgress: {{ $inProgress }} - reusePVC: {{ $reusePVC }} - {{- with (include "tc.v1.common.lib.container.resources" (dict "rootCtx" $rootCtx "objectData" $objectData.cluster) | trim) }} - resources: - {{- . | nindent 4 }} - {{- end }} - storage: - pvcTemplate: - {{- $_ := set $objectData.cluster.storage "size" $size -}} - {{- $_ := set $objectData.cluster.storage "accessModes" $accessModes -}} - - {{- include "tc.v1.common.lib.storage.pvc.spec" (dict "rootCtx" $rootCtx "objectData" $objectData.cluster.storage) | trim | nindent 6 }} - walStorage: - pvcTemplate: - {{- $_ := set $objectData.cluster.walStorage "size" $walSize -}} - {{- $_ := set $objectData.cluster.walStorage "accessModes" $walAccessModes -}} - - {{- include "tc.v1.common.lib.storage.pvc.spec" (dict "rootCtx" $rootCtx "objectData" $objectData.cluster.walStorage) | trim | nindent 6 }} - {{- if $enableMonitoring }} - monitoring: - enablePodMonitor: {{ $enableMonitoring }} - disableDefaultQueries: {{ $disableDefaultQueries }} - {{- if $customQueries }} - customQueriesConfigMap: - {{- range $q := $customQueries }} - {{- $name := $q.name -}} - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $rootCtx "objectData" $q - "name" $q.name "caller" "CNPG Cluster" - "key" "monitoring.customQueries")) -}} - - {{- if eq $expandName "true" -}} - {{- $name = (printf "%s-cnpg-%s-%s" $fullname $objectData.shortName $q.name) -}} - {{- end }} - - name: {{ $name }} - key: {{ $q.key | default "custom-queries" }} - {{- end -}} - {{- end -}} - {{- end }} - bootstrap: - {{- if eq $mode "standalone" -}} - {{- include "tc.v1.common.lib.cnpg.cluster.bootstrap.standalone" (dict "rootCtx" $rootCtx "objectData" $objectData) | nindent 4 -}} - {{- else if eq $mode "recovery" -}} - {{- include "tc.v1.common.lib.cnpg.cluster.bootstrap.recovery" (dict "objectData" $objectData) | nindent 4 -}} - {{- include "tc.v1.common.lib.cnpg.cluster.bootstrap.recovery.externalCluster" (dict "rootCtx" $rootCtx "objectData" $objectData) | nindent 2 -}} - {{- end -}} - {{- if $objectData.backups.enabled }} - {{- include "tc.v1.common.lib.cnpg.cluster.backup" (dict "rootCtx" $rootCtx "objectData" $objectData) | nindent 2 -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/class/cnpg/_pooler.tpl b/charts/common/templates/class/cnpg/_pooler.tpl deleted file mode 100644 index b9c39b8..0000000 --- a/charts/common/templates/class/cnpg/_pooler.tpl +++ /dev/null @@ -1,57 +0,0 @@ -{{- define "tc.v1.common.class.cnpg.pooler" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{/* Naming */}} - {{- $poolerName := printf "%s-pooler-%s" $objectData.name $objectData.pooler.type -}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $poolerName "length" 253) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "CNPG Pooler") -}} - - {{/* Metadata */}} - {{- $objLabels := $objectData.labels | default dict -}} - {{- $poolerLabels := $objectData.pooler.labels | default dict -}} - {{- $poolerLabels = mustMerge $poolerLabels $objLabels -}} - - {{- $objAnnotations := $objectData.annotations | default dict -}} - {{- $poolerAnnotations := $objectData.pooler.annotations | default dict -}} - {{- $poolerAnnotations = mustMerge $poolerAnnotations $objAnnotations -}} - - {{- $instances := $objectData.pooler.instances | default 2 -}} - {{/* Stop All */}} - {{- if or $objectData.hibernate (include "tc.v1.common.lib.util.stopAll" $rootCtx) -}} - {{- $instances = 0 -}} - {{- end }} - ---- -apiVersion: postgresql.cnpg.io/v1 -kind: Pooler -metadata: - name: {{ $poolerName }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "CNPG Pooler") }} - labels: - cnpg.io/reload: "on" - {{- $labels := (mustMerge $poolerLabels (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - {{- . | nindent 4 }} - {{- end }} - annotations: - checksum/secrets: {{ toJson $rootCtx.Values.secret | sha256sum }} - {{- $annotations := (mustMerge $poolerAnnotations (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - {{- . | nindent 4 }} - {{- end }} -spec: - cluster: - name: {{ $objectData.clusterName }} - instances: {{ $instances }} - type: {{ $objectData.pooler.type }} - pgbouncer: - poolMode: {{ $objectData.pooler.poolMode | default "session" }} - {{/* https://cloudnative-pg.io/documentation/1.15/connection_pooling/#pgbouncer-configuration-options */}} - {{- with $objectData.pooler.parameters }} - parameters: - {{- range $key, $value := . }} - {{ $key }}: {{ tpl $value $rootCtx | quote }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/class/cnpg/_scheduledBackup.tpl b/charts/common/templates/class/cnpg/_scheduledBackup.tpl deleted file mode 100644 index c541bf5..0000000 --- a/charts/common/templates/class/cnpg/_scheduledBackup.tpl +++ /dev/null @@ -1,58 +0,0 @@ -{{- define "tc.v1.common.class.cnpg.scheduledbackup" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{/* Naming */}} - {{- $backupName := printf "%v-sched-backup-%v" $objectData.name $objectData.backupName -}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $backupName "length" 253) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "CNPG Scheduled Backup") -}} - - {{/* Metadata */}} - {{- $objLabels := $objectData.labels | default dict -}} - {{- $globalBackupLabels := $objectData.backups.labels | default dict -}} - {{- $backupLabels := $objectData.backupLabels | default dict -}} - {{- $backupLabels = mustMerge $backupLabels $objLabels $globalBackupLabels -}} - - {{- $objAnnotations := $objectData.annotations | default dict -}} - {{- $globalBackupAnnotations := $objectData.backups.annotations | default dict -}} - {{- $backupAnnotations := $objectData.backupAnnotations | default dict -}} - {{- $backupAnnotations = mustMerge $backupAnnotations $objAnnotations $globalBackupAnnotations -}} - - {{/* Data */}} - {{- $suspend := false -}} - {{- if (hasKey $objectData.schedData "suspend") -}} - {{- $suspend = $objectData.schedData.suspend -}} - {{- end -}} - {{- if or $objectData.hibernate (include "tc.v1.common.lib.util.stopAll" $rootCtx) -}} - {{- $suspend = true -}} - {{- end -}} - {{- $immediate := false -}} - {{- if (hasKey $objectData.schedData "immediate") -}} - {{- $immediate = $objectData.schedData.immediate -}} - {{- end }} - ---- -apiVersion: postgresql.cnpg.io/v1 -kind: ScheduledBackup -metadata: - name: {{ $backupName }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "CNPG Scheduled Backup") }} - labels: - cnpg.io/cluster: {{ $objectData.clusterName }} - {{- $labels := (mustMerge $backupLabels (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge $backupAnnotations (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - schedule: {{ $objectData.schedData.schedule }} - backupOwnerReference: {{ $objectData.schedData.backupOwnerReference | default "none" }} - suspend: {{ $suspend }} - immediate: {{ $immediate }} - cluster: - name: {{ $objectData.clusterName }} -{{- end -}} diff --git a/charts/common/templates/class/metrics/_podMonitor.tpl b/charts/common/templates/class/metrics/_podMonitor.tpl deleted file mode 100644 index 360c7ef..0000000 --- a/charts/common/templates/class/metrics/_podMonitor.tpl +++ /dev/null @@ -1,48 +0,0 @@ -{{- define "tc.v1.common.class.podmonitor" -}} - {{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}} - {{- $podmonitorName := $fullName -}} - {{- $values := .Values.podmonitor -}} - - {{- if hasKey . "ObjectValues" -}} - {{- with .ObjectValues.metrics -}} - {{- $values = . -}} - {{- end -}} - {{- end -}} - {{- $podmonitorLabels := $values.labels -}} - {{- $podmonitorAnnotations := $values.annotations -}} - - {{- if and (hasKey $values "nameOverride") $values.nameOverride -}} - {{- $podmonitorName = printf "%v-%v" $podmonitorName $values.nameOverride -}} - {{- end }} - ---- -apiVersion: {{ include "tc.v1.common.capabilities.podmonitor.apiVersion" $ }} -kind: PodMonitor -metadata: - name: {{ $podmonitorName }} - namespace: {{ $.Values.namespace | default $.Values.global.namespace | default $.Release.Namespace }} - {{- $labels := (mustMerge ($podmonitorLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end }} - {{- $annotations := (mustMerge ($podmonitorAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - jobLabel: app.kubernetes.io/name - selector: - {{- if $values.selector }} - {{- tpl (toYaml $values.selector) $ | nindent 4 }} - {{- else }} - {{- $objectData := dict "targetSelector" $values.targetSelector }} - {{- $selectedPod := fromYaml ( include "tc.v1.common.lib.helpers.getSelectedPodValues" (dict "rootCtx" $ "objectData" $objectData)) }} - {{- $selectedPodName := $selectedPod.shortName }} - matchLabels: - {{- include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $ "objectType" "pod" "objectName" $selectedPodName) | indent 6 }} - {{- end }} - podMetricsEndpoints: - {{- tpl (toYaml $values.endpoints) $ | nindent 4 }} -{{- end -}} diff --git a/charts/common/templates/class/metrics/_prometheusRule.tpl b/charts/common/templates/class/metrics/_prometheusRule.tpl deleted file mode 100644 index 60564fd..0000000 --- a/charts/common/templates/class/metrics/_prometheusRule.tpl +++ /dev/null @@ -1,56 +0,0 @@ -{{- define "tc.v1.common.class.prometheusrule" -}} - {{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}} - {{- $prometheusruleName := $fullName -}} - {{- $values := .Values.prometheusrule -}} - - {{- if hasKey . "ObjectValues" -}} - {{- with .ObjectValues.metrics -}} - {{- $values = . -}} - {{- end -}} - {{- end -}} - {{- $prometheusruleLabels := $values.labels -}} - {{- $prometheusruleAnnotations := $values.annotations -}} - - {{- if and (hasKey $values "nameOverride") $values.nameOverride -}} - {{- $prometheusruleName = printf "%v-%v" $prometheusruleName $values.nameOverride -}} - {{- end }} - ---- -apiVersion: {{ include "tc.v1.common.capabilities.prometheusrule.apiVersion" $ }} -kind: PrometheusRule -metadata: - name: {{ $prometheusruleName }} - namespace: {{ $.Values.namespace | default $.Values.global.namespace | default $.Release.Namespace }} - {{- $labels := (mustMerge ($prometheusruleLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end }} - {{- $annotations := (mustMerge ($prometheusruleAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - groups: - {{- range $name, $groupValues := .groups }} - - name: {{ $prometheusruleName }}-{{ $name }} - rules: - {{- with $groupValues.rules }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $groupValues.additionalrules }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- end }} - {{- range $id, $groupValues := .additionalgroups }} - - name: {{ $prometheusruleName }}-{{ if $groupValues.name }}{{ $groupValues.name }}{{ else }}{{ $id }}{{ end }} - rules: - {{- with $groupValues.rules }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $groupValues.additionalrules }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- end }} -{{- end -}} diff --git a/charts/common/templates/class/metrics/_serviceMonitor.tpl b/charts/common/templates/class/metrics/_serviceMonitor.tpl deleted file mode 100644 index f98c071..0000000 --- a/charts/common/templates/class/metrics/_serviceMonitor.tpl +++ /dev/null @@ -1,48 +0,0 @@ -{{- define "tc.v1.common.class.servicemonitor" -}} - {{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}} - {{- $servicemonitorName := $fullName -}} - {{- $values := .Values.servicemonitor -}} - - {{- if hasKey . "ObjectValues" -}} - {{- with .ObjectValues.metrics -}} - {{- $values = . -}} - {{- end -}} - {{- end -}} - {{- $servicemonitorLabels := $values.labels -}} - {{- $servicemonitorAnnotations := $values.annotations -}} - - {{- if and (hasKey $values "nameOverride") $values.nameOverride -}} - {{- $servicemonitorName = printf "%v-%v" $servicemonitorName $values.nameOverride -}} - {{- end }} - ---- -apiVersion: {{ include "tc.v1.common.capabilities.servicemonitor.apiVersion" $ }} -kind: ServiceMonitor -metadata: - name: {{ $servicemonitorName }} - namespace: {{ $.Values.namespace | default $.Values.global.namespace | default $.Release.Namespace }} - {{- $labels := (mustMerge ($servicemonitorLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end }} - {{- $annotations := (mustMerge ($servicemonitorAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - jobLabel: app.kubernetes.io/name - selector: - {{- if $values.selector }} - {{- tpl (toYaml $values.selector) $ | nindent 4 }} - {{- else }} - {{- $objectData := dict "targetSelector" $values.targetSelector }} - {{- $selectedService := fromYaml ( include "tc.v1.common.lib.helpers.getSelectedServiceValues" (dict "rootCtx" $ "objectData" $objectData)) }} - {{- $selectedServiceName := $selectedService.shortName }} - matchLabels: - {{- include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $ "objectType" "service" "objectName" $selectedServiceName) | indent 6 }} - {{- end }} - endpoints: - {{- tpl (toYaml $values.endpoints) $ | nindent 4 }} -{{- end -}} diff --git a/charts/common/templates/class/traefik-middleware/_middleware.tpl b/charts/common/templates/class/traefik-middleware/_middleware.tpl deleted file mode 100644 index 1ec5b6d..0000000 --- a/charts/common/templates/class/traefik-middleware/_middleware.tpl +++ /dev/null @@ -1,46 +0,0 @@ -{{/* Traefik Middleware Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.traefik.middleware" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the middleware. - labels: The labels of the middleware. - annotations: The annotations of the middleware. - data: The data of the middleware. - namespace: The namespace of the middleware. (Optional) -*/}} - -{{- define "tc.v1.common.class.traefik.middleware" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $typeClassMap := (include "tc.v1.common.lib.traefik.middlewares.map" $) | fromJson -}} - - {{- if not (hasKey $typeClassMap $objectData.type) -}} - {{- fail (printf "Traefik - Middleware [%s] is not supported. Supported middlewares are [%s]" $objectData.type (keys $typeClassMap | join ", ")) -}} - {{- end }} ---- -apiVersion: traefik.io/v1alpha1 -kind: Middleware -metadata: - name: {{ $objectData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Middleware") }} - {{- $labels := (mustMerge ($objectData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - {{- /* - Nothing goes after the include, each middleware can also render other manifests. - For the same reason indentation must be handled by each middleware. - */ -}} - {{- include (get $typeClassMap $objectData.type) (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -{{- end -}} diff --git a/charts/common/templates/class/volsync/_replicationDestination.tpl b/charts/common/templates/class/volsync/_replicationDestination.tpl deleted file mode 100644 index 7ca2322..0000000 --- a/charts/common/templates/class/volsync/_replicationDestination.tpl +++ /dev/null @@ -1,68 +0,0 @@ -{{/* replicationdestination Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.replicationdestination" (dict "rootCtx" $ "objectData" $objectData "volsyncData" $volsyncData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the replicationdestination. - labels: The labels of the replicationdestination. - annotations: The annotations of the replicationdestination. - data: The data of the replicationdestination. - namespace: The namespace of the replicationdestination. (Optional) -*/}} - -{{- define "tc.v1.common.class.replicationdestination" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $volsyncData := .volsyncData -}} - - {{- $cleanupTempPVC := false -}} - {{- $cleanupCachePVC := false -}} - {{- if and (hasKey $volsyncData "cleanupTempPVC") (kindIs "bool" $volsyncData.cleanupTempPVC) -}} - {{- $cleanupTempPVC = $volsyncData.cleanupTempPVC -}} - {{- end -}} - {{- if and (hasKey $volsyncData "cleanupCachePVC") (kindIs "bool" $volsyncData.cleanupCachePVC) -}} - {{- $cleanupCachePVC = $volsyncData.cleanupCachePVC -}} - {{- end -}} - - {{- $copyMethod := $volsyncData.copyMethod | default "Snapshot" -}} - {{- $capacity := $rootCtx.Values.global.fallbackDefaults.pvcSize -}} - {{- if $objectData.size -}} - {{- $capacity = $objectData.size -}} - {{- end -}} - {{- if $volsyncData.dest.capacity -}} - {{- $capacity = $volsyncData.dest.capacity -}} - {{- end }} ---- -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationDestination -metadata: - name: {{ printf "%s-%s-dest" $objectData.name $volsyncData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Replication Destination") }} - {{- $labels := (mustMerge ($volsyncData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($volsyncData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - trigger: - manual: restore-once - {{ $volsyncData.type }}: - repository: {{ $volsyncData.repository }} - copyMethod: {{ $copyMethod }} - capacity: {{ $capacity }} - {{- if eq $copyMethod "Direct" }} - destinationPVC: {{ $objectData.name }} - {{- end }} - cleanupTempPVC: {{ $cleanupTempPVC }} - cleanupCachePVC: {{ $cleanupCachePVC }} - {{- include "tc.v1.common.lib.volsync.storage" (dict "rootCtx" $rootCtx "objectData" $objectData "volsyncData" $volsyncData "target" "dest") | trim | nindent 4 }} - {{- include "tc.v1.common.lib.volsync.cache" (dict "rootCtx" $rootCtx "objectData" $objectData "volsyncData" $volsyncData "target" "dest") | trim | nindent 4 }} - {{- include "tc.v1.common.lib.volsync.moversecuritycontext" (dict "rootCtx" $rootCtx "objectData" $objectData "volsyncData" $volsyncData "target" "dest") | trim | nindent 4 }} -{{- end -}} diff --git a/charts/common/templates/class/volsync/_replicationSource.tpl b/charts/common/templates/class/volsync/_replicationSource.tpl deleted file mode 100644 index 725576a..0000000 --- a/charts/common/templates/class/volsync/_replicationSource.tpl +++ /dev/null @@ -1,68 +0,0 @@ -{{/* replicationsource Class */}} -{{/* Call this template: -{{ include "tc.v1.common.class.replicationsource" (dict "rootCtx" $ "objectData" $objectData "volsyncData" $volsyncData) }} - -rootCtx: The root context of the chart. -objectData: - name: The name of the replicationsource. - labels: The labels of the replicationsource. - annotations: The annotations of the replicationsource. - data: The data of the replicationsource. - namespace: The namespace of the replicationsource. (Optional) -*/}} - -{{- define "tc.v1.common.class.replicationsource" -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $volsyncData := .volsyncData -}} - - {{- $schedule := "0 0 * * *" -}} - {{- if and $volsyncData.src.trigger $volsyncData.src.trigger.schedule -}} - {{- $schedule = $volsyncData.src.trigger.schedule -}} - {{- end -}} - - {{- $retain := dict "hourly" 6 "daily" 5 "weekly" 4 "monthly" 3 "yearly" 1 -}} - {{- if $volsyncData.src.retain -}} - {{- $items := list "hourly" "daily" "weekly" "monthly" "yearly" -}} - {{- range $item := $items -}} - {{- with get $volsyncData.src.retain $item -}} - {{- $_ := set $retain $item . -}} - {{- end -}} - {{- end -}} - {{- end }} ---- -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: {{ printf "%s-%s" $objectData.name $volsyncData.name }} - namespace: {{ include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Replication Source") }} - {{- $labels := (mustMerge ($volsyncData.labels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 4 }} - {{- end -}} - {{- $annotations := (mustMerge ($volsyncData.annotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 4 }} - {{- end }} -spec: - sourcePVC: {{ $objectData.name }} - trigger: - schedule: {{ $schedule }} - {{ $volsyncData.type }}: - repository: {{ $volsyncData.repository }} - copyMethod: {{ $volsyncData.copyMethod | default "Snapshot" }} - pruneIntervalDays: {{ $volsyncData.src.pruneIntervalDays | default 7 }} - unlock: {{ now | date "20060102150405" | quote }} - retain: - hourly: {{ $retain.hourly }} - daily: {{ $retain.daily }} - weekly: {{ $retain.weekly }} - monthly: {{ $retain.monthly }} - yearly: {{ $retain.yearly }} - {{- include "tc.v1.common.lib.volsync.storage" (dict "rootCtx" $rootCtx "objectData" $objectData "volsyncData" $volsyncData "target" "src") | trim | nindent 4 }} - {{- include "tc.v1.common.lib.volsync.cache" (dict "rootCtx" $rootCtx "objectData" $objectData "volsyncData" $volsyncData "target" "src") | trim | nindent 4 }} - {{- include "tc.v1.common.lib.volsync.moversecuritycontext" (dict "rootCtx" $rootCtx "objectData" $objectData "volsyncData" $volsyncData "target" "src") | trim | nindent 4 }} -{{- end }} diff --git a/charts/common/templates/helpers/_envDupeCheck.tpl b/charts/common/templates/helpers/_envDupeCheck.tpl deleted file mode 100644 index da27c96..0000000 --- a/charts/common/templates/helpers/_envDupeCheck.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{/* Check Env for Duplicates */}} -{{/* Call this template: -{{ include "tc.v1.common.helper.container.envDupeCheck" (dict "rootCtx" $ "objectData" $objectData "source" $source "key" $key) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.helper.container.envDupeCheck" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $source := .source -}} - {{- $type := .type -}} - {{- $key := .key -}} - - {{- $dupeEnv := (get $objectData.envDupe $key) -}} - - {{- if $dupeEnv -}} - {{- fail (printf "Container - Environment Variable [%s] in [%s] tried to override the Environment Variable that is already defined in [%s]" $key $source $dupeEnv.source) -}} - {{- end -}} - - {{- $_ := set $objectData.envDupe $key (dict "source" $source) -}} - -{{- end -}} diff --git a/charts/common/templates/helpers/_getPortRange.tpl b/charts/common/templates/helpers/_getPortRange.tpl deleted file mode 100644 index 8127fc5..0000000 --- a/charts/common/templates/helpers/_getPortRange.tpl +++ /dev/null @@ -1,59 +0,0 @@ -{{/* Returns Lowest and Highest ports assigned to the any container in the pod */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.helpers.securityContext.getPortRange" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.helpers.securityContext.getPortRange" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{ $portRange := (dict "high" 0 "low" 0) }} - - {{- range $name, $service := $rootCtx.Values.service -}} - {{- $selected := false -}} - {{/* If service is enabled... */}} - {{- if $service.enabled -}} - - {{/* If there is a selector */}} - {{- if $service.targetSelector -}} - - {{/* And pod is selected */}} - {{- if eq $service.targetSelector $objectData.shortName -}} - {{- $selected = true -}} - {{- end -}} - - {{- else -}} - {{/* If no selector is defined but pod is primary */}} - {{- if $objectData.primary -}} - {{- $selected = true -}} - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- if $selected -}} - {{- range $name, $portValues := $service.ports -}} - {{- if $portValues.enabled -}} - - {{- $portToCheck := ($portValues.targetPort | default $portValues.port) -}} - {{- if kindIs "string" $portToCheck -}} - {{- $portToCheck = (tpl $portToCheck $rootCtx) | int -}} - {{- end -}} - - {{- if or (not $portRange.low) (lt ($portToCheck | int) ($portRange.low | int)) -}} - {{- $_ := set $portRange "low" $portToCheck -}} - {{- end -}} - - {{- if or (not $portRange.high) (gt ($portToCheck | int) ($portRange.high | int)) -}} - {{- $_ := set $portRange "high" $portToCheck -}} - {{- end -}} - - {{- end -}} - {{- end -}} - {{- end -}} - - {{- end -}} - - {{- $portRange | toJson -}} -{{- end -}} diff --git a/charts/common/templates/helpers/_getSelectedPod.tpl b/charts/common/templates/helpers/_getSelectedPod.tpl deleted file mode 100644 index c2d7cf9..0000000 --- a/charts/common/templates/helpers/_getSelectedPod.tpl +++ /dev/null @@ -1,47 +0,0 @@ -{{/* Service - Get Selected Pod */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.helpers.getSelectedPodValues" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -objectData: The object data of the service -rootCtx: The root context of the chart. -*/}} - -{{- define "tc.v1.common.lib.helpers.getSelectedPodValues" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $caller := .caller -}} - - {{- $podValues := dict -}} - {{- with $objectData.targetSelector -}} - {{- $podValues = mustDeepCopy (get $rootCtx.Values.workload .) -}} - - {{- if not $podValues -}} - {{- fail (printf "%s - Selected pod [%s] is not defined" $caller .) -}} - {{- end -}} - - {{- if not $podValues.enabled -}} - {{- fail (printf "%s - Selected pod [%s] is not enabled" $caller .) -}} - {{- end -}} - - {{/* While we know the shortName from targetSelector, let's set it explicitly - So service can reference this directly, to match the behaviour of a service - without targetSelector defined (assumes "use primary") */}} - {{- $_ := set $podValues "shortName" . -}} - {{- else -}} - - {{/* If no targetSelector is defined, we assume the service is using the primary pod */}} - {{/* Also no need to check for multiple primaries here, it's already done on the workload validation */}} - {{- range $podName, $pod := $rootCtx.Values.workload -}} - {{- if $pod.enabled -}} - {{- if $pod.primary -}} - {{- $podValues = mustDeepCopy $pod -}} - {{/* Set the shortName so service can use this on selector */}} - {{- $_ := set $podValues "shortName" $podName -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- end -}} - - {{/* Return values in Json, to preserve types */}} - {{ $podValues | toJson }} -{{- end -}} diff --git a/charts/common/templates/helpers/_getSelectedService.tpl b/charts/common/templates/helpers/_getSelectedService.tpl deleted file mode 100644 index d874222..0000000 --- a/charts/common/templates/helpers/_getSelectedService.tpl +++ /dev/null @@ -1,47 +0,0 @@ -{{/* Service - Get Selected Service */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.helpers.getSelectedServiceValues" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -objectData: The object data of the service -rootCtx: The root context of the chart. -*/}} - -{{- define "tc.v1.common.lib.helpers.getSelectedServiceValues" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $caller := .caller -}} - - {{- $serviceValues := dict -}} - {{- with $objectData.targetSelector -}} - {{- $serviceValues = mustDeepCopy (get $rootCtx.Values.service .) -}} - - {{- if not $serviceValues -}} - {{- fail (printf "%s - Selected service [%s] is not defined" $caller .) -}} - {{- end -}} - - {{- if not $serviceValues.enabled -}} - {{- fail (printf "%s - Selected service [%s] is not enabled" $caller .) -}} - {{- end -}} - - {{/* While we know the shortName from targetSelector, let's set it explicitly - So service can reference this directly, to match the behaviour of a service - without targetSelector defined (assumes "use primary") */}} - {{- $_ := set $serviceValues "shortName" . -}} - {{- else -}} - - {{/* If no targetSelector is defined, we assume the service is using the primary service */}} - {{/* Also no need to check for multiple primaries here, it's already done on the service validation */}} - {{- range $serviceName, $service := $rootCtx.Values.service -}} - {{- if $service.enabled -}} - {{- if $service.primary -}} - {{- $serviceValues = mustDeepCopy $service -}} - {{/* Set the shortName so service can use this on selector */}} - {{- $_ := set $serviceValues "shortName" $serviceName -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- end -}} - - {{/* Return values in Json, to preserve types */}} - {{ $serviceValues | toJson }} -{{- end -}} diff --git a/charts/common/templates/helpers/_makeIntOrNoop.tpl b/charts/common/templates/helpers/_makeIntOrNoop.tpl deleted file mode 100644 index aec1ddf..0000000 --- a/charts/common/templates/helpers/_makeIntOrNoop.tpl +++ /dev/null @@ -1,21 +0,0 @@ -{{- define "tc.v1.common.helper.makeIntOrNoop" -}} - {{- $value := . -}} - - {{/* - - Ints in Helm can be either int, int64 or float64. - - Values that start with zero should not be converted - to int again as this will strip leading zeros. - - Numbers converted to E notation by Helm will - always contain the "e" character. So we only - convert those. - */}} - {{- if and - (mustHas (kindOf $value) (list "int" "int64" "float64")) - (not (hasPrefix "0" ($value | toString))) - (contains "e" ($value | toString | lower)) - -}} - {{- $value | int -}} - {{- else -}} - {{- $value -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/_tc_capabilities.tpl b/charts/common/templates/lib/_tc_capabilities.tpl deleted file mode 100644 index df9c5d5..0000000 --- a/charts/common/templates/lib/_tc_capabilities.tpl +++ /dev/null @@ -1,19 +0,0 @@ -{{/* Return the appropriate apiVersion for PodMonitor */}} -{{- define "tc.v1.common.capabilities.podmonitor.apiVersion" -}} - {{- print "monitoring.coreos.com/v1" -}} -{{- end -}} - -{{/* Return the appropriate apiVersion for ServiceMonitor */}} -{{- define "tc.v1.common.capabilities.servicemonitor.apiVersion" -}} - {{- print "monitoring.coreos.com/v1" -}} -{{- end -}} - -{{/* Return the appropriate apiVersion for PrometheusRule */}} -{{- define "tc.v1.common.capabilities.prometheusrule.apiVersion" -}} - {{- print "monitoring.coreos.com/v1" -}} -{{- end -}} - -{{/* Return the appropriate apiVersion for NetworkPolicy*/}} -{{- define "tc.v1.common.capabilities.networkpolicy.apiVersion" -}} - {{- print "networking.k8s.io/v1" -}} -{{- end -}} diff --git a/charts/common/templates/lib/certificate/_validation.tpl b/charts/common/templates/lib/certificate/_validation.tpl deleted file mode 100644 index 9e84d10..0000000 --- a/charts/common/templates/lib/certificate/_validation.tpl +++ /dev/null @@ -1,49 +0,0 @@ -{{/* Certificate Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.certificate.validation" (dict "rootCtx" $ "objectData" $objectData) -}} -objectData: - rootCtx: The root context of the chart. - objectData: The Certificate object. -*/}} - -{{- define "tc.v1.common.lib.certificate.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.certificateIssuer -}} - {{- fail "Cert Manager Certificate - Expected non-empty [certificateIssuer]" -}} - {{- end -}} - - {{- if not $objectData.hosts -}} - {{- fail "Cert Manager Certificate - Expected non-empty [hosts]" -}} - {{- end -}} - - {{- if not (kindIs "slice" $objectData.hosts) -}} - {{- fail (printf "Cert Manager Certificate - Expected [hosts] to be a [slice], but got [%s]" (kindOf $objectData.hosts)) -}} - {{- end -}} - - {{- range $h := $objectData.hosts -}} - {{- if not $h -}} - {{- fail "Cert Manager Certificate - Expected non-empty entry in [hosts]" -}} - {{- end -}} - - {{- $host := tpl $h $rootCtx -}} - {{- if (hasPrefix "http://" $host) -}} - {{- fail (printf "Cert Manager Certificate - Expected entry in [hosts] to not start with [http://], but got [%s]" $host) -}} - {{- end -}} - {{- if (hasPrefix "https://" $host) -}} - {{- fail (printf "Cert Manager Certificate - Expected entry in [hosts] to not start with [https://], but got [%s]" $host) -}} - {{- end -}} - {{- if (contains ":" $host) -}} - {{- fail (printf "Cert Manager Certificate - Expected entry in [hosts] to not contain [:], but got [%s]" $host) -}} - {{- end -}} - - {{- with $objectData.certificateSecretTemplate -}} - {{- if and (not .labels) (not .annotations) -}} - {{- fail "Cert Manager Certificate - Expected [certificateSecretTemplate] to have at least one of [labels, annotations]" -}} - {{- end -}} - - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData.certificateSecretTemplate "caller" "Cert Manager Certificate (certificateSecretTemplate)") -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/chart/_check_capabitilies.tpl b/charts/common/templates/lib/chart/_check_capabitilies.tpl deleted file mode 100644 index 679f1b8..0000000 --- a/charts/common/templates/lib/chart/_check_capabitilies.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{- define "tc.v1.common.check.capabilities" -}} - {{- $helmVersion := semver .Capabilities.HelmVersion.Version -}} - {{- $helmMinVer := semver "3.14.0" -}} - - {{- if .Chart.Annotations -}} - {{- $min := index .Chart.Annotations "truecharts.org/min_helm_version" -}} - {{- if $min -}} - {{/* Apply a relaxed version check */}} - {{- $helmMinVer = semver $min -}} - {{- end -}} - {{- end -}} - - {{- if eq -1 ($helmMinVer | $helmVersion.Compare) -}} - {{- fail (printf "Expected minimum helm version [%s], but found [%s]. Upgrade helm cli tool." $helmMinVer $helmVersion) -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/chart/_names.tpl b/charts/common/templates/lib/chart/_names.tpl deleted file mode 100644 index ece50e2..0000000 --- a/charts/common/templates/lib/chart/_names.tpl +++ /dev/null @@ -1,52 +0,0 @@ -{{/* Contains functions for generating names */}} - -{{/* Returns the name of the Chart */}} -{{- define "tc.v1.common.lib.chart.names.name" -}} - - {{- .Chart.Name | lower | trunc 63 | trimSuffix "-" -}} - -{{- end -}} - -{{/* Returns the fullname of the Chart */}} -{{- define "tc.v1.common.lib.chart.names.fullname" -}} - - {{- $name := include "tc.v1.common.lib.chart.names.name" . -}} - - {{- if contains $name .Release.Name -}} - {{- $name = .Release.Name -}} - {{- else -}} - {{- $name = printf "%s-%s" .Release.Name $name -}} - {{- end -}} - - {{- $name | lower | trunc 63 | trimSuffix "-" -}} - -{{- end -}} - -{{/* Returns the fqdn of the Chart */}} -{{- define "tc.v1.common.lib.chart.names.fqdn" -}} - - {{- printf "%s.%s" (include "tc.v1.common.lib.chart.names.fullname" .) .Release.Namespace | replace "+" "_" | trunc 63 | trimSuffix "-" -}} - -{{- end -}} - -{{/* Validates names */}} -{{- define "tc.v1.common.lib.chart.names.validation" -}} - - {{- $name := .name -}} - {{- $length := .length -}} - {{- if not $length -}} - {{- $length = 63 -}} - {{- end -}} - - {{- if not (and (mustRegexMatch "^[a-z0-9]((-?[a-z0-9]-?)*[a-z0-9])?$" $name) (le (len $name) $length)) -}} - {{- fail (printf "Name [%s] is not valid. Must start and end with an alphanumeric lowercase character. It can contain '-'. And must be at most %v characters." $name $length) -}} - {{- end -}} - -{{- end -}} - -{{/* Create chart name and version as used by the chart label */}} -{{- define "tc.v1.common.lib.chart.names.chart" -}} - - {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} - -{{- end -}} diff --git a/charts/common/templates/lib/chart/_notes.tpl b/charts/common/templates/lib/chart/_notes.tpl deleted file mode 100644 index 0d4445a..0000000 --- a/charts/common/templates/lib/chart/_notes.tpl +++ /dev/null @@ -1,38 +0,0 @@ -{{- define "tc.v1.common.lib.chart.notes" -}} - - {{- include "tc.v1.common.lib.chart.header" . -}} - - {{- include "tc.v1.common.lib.chart.custom" . -}} - - {{- include "tc.v1.common.lib.chart.footer" . -}} - - {{- include "tc.v1.common.lib.chart.warnings" . -}} - -{{- end -}} - -{{- define "tc.v1.common.lib.chart.header" -}} - {{- tpl $.Values.notes.header $ | nindent 0 }} -{{- end -}} - -{{- define "tc.v1.common.lib.chart.custom" -}} - {{- tpl $.Values.notes.custom $ | nindent 0 }} -{{- end -}} - -{{- define "tc.v1.common.lib.chart.footer" -}} - {{- tpl $.Values.notes.footer $ | nindent 0 }} -{{- end -}} - -{{- define "tc.v1.common.lib.chart.warnings" -}} - {{- range $w := $.Values.notes.warnings }} - {{- tpl $w $ | nindent 0 }} - {{- end }} -{{- end -}} - -{{- define "add.warning" -}} - {{- $rootCtx := .rootCtx -}} - {{- $warn := .warn -}} - - {{- $newWarns := $rootCtx.Values.notes.warnings -}} - {{- $newWarns = mustAppend $newWarns $warn -}} - {{- $_ := set $rootCtx.Values.notes "warnings" $newWarns -}} -{{- end -}} diff --git a/charts/common/templates/lib/cnpg/_dbCredentialSecrets.tpl b/charts/common/templates/lib/cnpg/_dbCredentialSecrets.tpl deleted file mode 100644 index 8555481..0000000 --- a/charts/common/templates/lib/cnpg/_dbCredentialSecrets.tpl +++ /dev/null @@ -1,102 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.db.credentials.secrets" -}} - {{- $objectData := .objectData -}} - {{- $cnpg := .cnpg -}} - {{- $rootCtx := .rootCtx -}} - - {{- $dbPass := $objectData.password -}} - {{- $auth := printf "%s:%s" $objectData.user $dbPass -}} - - {{/* Double "%" to escape the interpolation and use the template on another printf */}} - {{- $stdTmpl := printf "postgresql://%s@%s-%%s:5432/%s" $auth $objectData.name $objectData.database -}} - {{- $nosslTmpl := printf "postgresql://%s@%s-%%s:5432/%s?sslmode=disable" $auth $objectData.name $objectData.database -}} - {{- $portHostTmpl := printf "%s-%%s:5432" $objectData.name -}} - {{- $hostTmpl := printf "%s-%%s" $objectData.name -}} - {{- $jdbcTmpl := printf "jdbc:postgresql://%s-%%s:5432/%s" $objectData.name $objectData.database -}} - - {{- $rwString := "rw" -}} - {{- $roString := "ro" -}} - {{- $poolEnabled := false -}} - {{- if and $objectData.pooler $objectData.pooler.enabled -}} - {{- $poolEnabled = true -}} - {{- $rwString = "pooler-rw" -}} - {{- $roString = "pooler-ro" -}} - {{- end -}} - - {{- $creds := (dict - "std" (printf $stdTmpl $rwString) - "nossl" (printf $nosslTmpl $rwString) - "portHost" (printf $portHostTmpl $rwString) - "host" (printf $hostTmpl $rwString) - "jdbc" (printf $jdbcTmpl $rwString) - ) -}} - - {{- $credsRO := dict -}} - {{- if and $poolEnabled $objectData.pooler.createRO -}} - {{- $credsRO = (dict - "std" (printf $stdTmpl $roString) - "nossl" (printf $nosslTmpl $roString) - "portHost" (printf $portHostTmpl $roString) - "host" (printf $hostTmpl $roString) - "jdbc" (printf $jdbcTmpl $roString) - ) -}} - {{- end -}} - - {{- with (include "tc.v1.common.lib.cnpg.secret.user" (dict "user" $objectData.user "pass" $dbPass) | fromYaml) -}} - {{- $_ := set $rootCtx.Values.secret (printf "cnpg-%s-user" $objectData.shortName) . -}} - {{- end -}} - - {{- with (include "tc.v1.common.lib.cnpg.secret.urls" (dict "creds" $creds "credsRO" $credsRO) | fromYaml) -}} - {{- $_ := set $rootCtx.Values.secret (printf "cnpg-%s-urls" $objectData.shortName) . -}} - {{- end -}} - - {{/* We need to mutate the actual (cnpg) values here not the copy */}} - {{- if not (hasKey $cnpg "creds") -}} - {{- $_ := set $cnpg "creds" dict -}} - {{- end -}} - - {{- $_ := set $cnpg.creds "password" $dbPass -}} - - {{- $_ := set $cnpg.creds "std" $creds.std -}} - {{- $_ := set $cnpg.creds "nossl" $creds.nossl -}} - {{- $_ := set $cnpg.creds "porthost" $creds.portHost -}} - {{- $_ := set $cnpg.creds "host" $creds.host -}} - {{- $_ := set $cnpg.creds "jdbc" $creds.jdbc -}} - - {{- if and $poolEnabled $objectData.pooler.createRO -}} - {{- $_ := set $cnpg.creds "stdRO" $credsRO.std -}} - {{- $_ := set $cnpg.creds "nosslRO" $credsRO.nossl -}} - {{- $_ := set $cnpg.creds "porthostRO" $credsRO.portHost -}} - {{- $_ := set $cnpg.creds "hostRO" $credsRO.host -}} - {{- $_ := set $cnpg.creds "jdbcRO" $credsRO.jdbc -}} - {{- end -}} - -{{- end -}} - -{{- define "tc.v1.common.lib.cnpg.secret.urls" -}} - {{- $creds := .creds -}} - {{- $credsRO := .credsRO }} -enabled: true -data: - std: {{ $creds.std }} - nossl: {{ $creds.nossl }} - porthost: {{ $creds.portHost }} - host: {{ $creds.host }} - jdbc: {{ $creds.jdbc }} - {{- if $credsRO }} - stdRO: {{ $credsRO.std }} - nosslRO: {{ $credsRO.nossl }} - porthostRO: {{ $credsRO.portHost }} - hostRO: {{ $credsRO.host }} - jdbcRO: {{ $credsRO.jdbc }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.cnpg.secret.user" -}} - {{- $user := .user -}} - {{- $pass := .pass }} -enabled: true -type: kubernetes.io/basic-auth -data: - username: {{ $user }} - password: {{ $pass }} -{{- end -}} diff --git a/charts/common/templates/lib/cnpg/_poolerMetrics.tpl b/charts/common/templates/lib/cnpg/_poolerMetrics.tpl deleted file mode 100644 index 22a1913..0000000 --- a/charts/common/templates/lib/cnpg/_poolerMetrics.tpl +++ /dev/null @@ -1,10 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.metrics.pooler" -}} -{{- $poolerName := .poolerName }} -enabled: true -type: podmonitor -selector: - matchLabels: - cnpg.io/poolerName: {{ $poolerName }} -endpoints: - - port: metrics -{{- end -}} diff --git a/charts/common/templates/lib/cnpg/backup/_spawner.tpl b/charts/common/templates/lib/cnpg/backup/_spawner.tpl deleted file mode 100644 index 91ab9ed..0000000 --- a/charts/common/templates/lib/cnpg/backup/_spawner.tpl +++ /dev/null @@ -1,14 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.spawner.backups" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- range $backup := $objectData.backups.manualBackups -}} - {{- $_ := set $objectData "backupName" $backup.name -}} - {{- $_ := set $objectData "backupLabels" $backup.labels -}} - {{- $_ := set $objectData "backupAnnotations" $backup.annotations -}} - - {{- include "tc.v1.common.lib.cnpg.backup.validation" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- include "tc.v1.common.class.cnpg.backup" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/cnpg/backup/_validation.tpl b/charts/common/templates/lib/cnpg/backup/_validation.tpl deleted file mode 100644 index 20903f8..0000000 --- a/charts/common/templates/lib/cnpg/backup/_validation.tpl +++ /dev/null @@ -1,7 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.backup.validation" -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.backupName -}} - {{- fail "CNPG Backup - Expected non-empty [name] in [backups.manualBackups] entry" -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/cnpg/barmanObjectStore/_getData.tpl b/charts/common/templates/lib/cnpg/barmanObjectStore/_getData.tpl deleted file mode 100644 index 6cffbdb..0000000 --- a/charts/common/templates/lib/cnpg/barmanObjectStore/_getData.tpl +++ /dev/null @@ -1,46 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.getData" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $type := .type -}} - - {{- $serverName := $objectData.clusterName -}} - {{- $destinationPath := "" -}} - {{- $creds := dict -}} - {{- $key := "" -}} - - {{- if eq $type "recovery" -}} - {{- $creds = (get $rootCtx.Values.credentials $objectData.recovery.credentials) -}} - {{- include "tc.v1.common.lib.credentials.validation" (dict "rootCtx" $rootCtx "caller" "CNPG BarmanObjectStore" "credName" $objectData.recovery.credentials) -}} - {{- $destinationPath = $objectData.recovery.destinationPath -}} - {{- $key = "recovery" -}} - - {{- if $objectData.recovery.serverName -}} - {{- $serverName = $objectData.recovery.serverName -}} - {{- end -}} - {{- if $objectData.recovery.revision -}} - {{- $serverName = printf "%s-r%s" $serverName $objectData.recovery.revision -}} - {{- end -}} - - {{- else if eq $type "backup" -}} - {{- $creds = (get $rootCtx.Values.credentials $objectData.backups.credentials) -}} - {{- include "tc.v1.common.lib.credentials.validation" (dict "rootCtx" $rootCtx "caller" "CNPG BarmanObjectStore" "credName" $objectData.backups.credentials) -}} - {{- $destinationPath = $objectData.backups.destinationPath -}} - {{- $key = "backups" -}} - - {{- if $objectData.backups.serverName -}} - {{- $serverName = $objectData.backups.serverName -}} - {{- end -}} - {{- if $objectData.backups.revision -}} - {{- $serverName = printf "%s-r%s" $serverName $objectData.backups.revision -}} - {{- end -}} - {{- end -}} - - {{- $data := (dict - "serverName" $serverName - "destinationPath" $destinationPath - "creds" $creds - "key" $key - ) -}} - - {{- $data | toYaml -}} -{{- end -}} diff --git a/charts/common/templates/lib/cnpg/barmanObjectStore/_s3.tpl b/charts/common/templates/lib/cnpg/barmanObjectStore/_s3.tpl deleted file mode 100644 index 51424df..0000000 --- a/charts/common/templates/lib/cnpg/barmanObjectStore/_s3.tpl +++ /dev/null @@ -1,38 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.s3" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $type := .type -}} - {{- $data := .data -}} - - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - {{- $secretName := (printf "%s-cnpg-%s-provider-%s-s3-creds" $fullname $objectData.shortName $type) -}} - - {{- $calcData := include "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.getData" (dict - "rootCtx" $rootCtx "objectData" $objectData "type" $type) | fromYaml - -}} - - {{- $serverName := $calcData.serverName -}} - {{- $destinationPath := $calcData.destinationPath -}} - {{- $endpointURL := $calcData.creds.url -}} - {{- $bucket := $calcData.creds.bucket -}} - {{- $path := $calcData.creds.path -}} - {{- $key := $calcData.key -}} - - {{- if not $destinationPath -}} - {{- if $path -}} - {{- $destinationPath = (printf "s3://%s/%s/%s/cnpg" $bucket ($path | trimSuffix "/") $rootCtx.Release.Name) -}} - {{- else -}} - {{- $destinationPath = (printf "s3://%s/%s/cnpg" $bucket $rootCtx.Release.Name) -}} - {{- end -}} - {{- end }} -endpointURL: {{ $endpointURL }} -destinationPath: {{ $destinationPath }} -serverName: {{ $serverName }} -s3Credentials: - accessKeyId: - name: {{ $secretName }} - key: ACCESS_KEY_ID - secretAccessKey: - name: {{ $secretName }} - key: ACCESS_SECRET_KEY -{{- end -}} diff --git a/charts/common/templates/lib/cnpg/cluster/_backup.tpl b/charts/common/templates/lib/cnpg/cluster/_backup.tpl deleted file mode 100644 index 7287480..0000000 --- a/charts/common/templates/lib/cnpg/cluster/_backup.tpl +++ /dev/null @@ -1,43 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.cluster.backup" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $compression := "bzip2" -}} - {{- if and $objectData.backups.compression (not $objectData.backups.compression.enabled) -}} - {{- $compression = "" -}} - {{- end -}} - - {{- $encryption := "" -}} - {{- if and $objectData.backups.encryption $objectData.backups.encryption.enabled -}} - {{- $encryption = "AES256" -}} - {{- end }} -backup: - {{- with $objectData.backups.target }} - target: {{ . }} - {{- end }} - retentionPolicy: {{ $objectData.backups.retentionPolicy }} - barmanObjectStore: - data: - jobs: {{ $objectData.backups.jobs | default 2 }} - {{- with $compression }} - compression: {{ . }} - {{- end -}} - {{- with $encryption }} - encryption: {{ . }} - {{- end -}} - {{- if or $compression $encryption }} - wal: - {{- with $compression }} - compression: {{ . }} - {{- end -}} - {{- with $encryption }} - encryption: {{ . }} - {{- end -}} - {{- end -}} - {{/* Fetch provider data */}} - {{/* Get the creds defined in backup.$provider */}} - {{- $creds := (get $rootCtx.Values.credentials $objectData.backups.credentials) -}} - {{- include "tc.v1.common.lib.credentials.validation" (dict "rootCtx" $rootCtx "caller" "CNPG Backup" "credName" $objectData.backups.credentials) -}} - - {{- include (printf "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.%s" $creds.type) (dict "rootCtx" $rootCtx "objectData" $objectData "data" $creds "type" "backup") | nindent 4 -}} -{{- end -}} diff --git a/charts/common/templates/lib/cnpg/cluster/_boostrapRecovery.tpl b/charts/common/templates/lib/cnpg/cluster/_boostrapRecovery.tpl deleted file mode 100644 index 77a5dcd..0000000 --- a/charts/common/templates/lib/cnpg/cluster/_boostrapRecovery.tpl +++ /dev/null @@ -1,25 +0,0 @@ -{{/* Recovery Template, called when mode is recovery */}} -{{- define "tc.v1.common.lib.cnpg.cluster.bootstrap.recovery" }} - {{- $objectData := .objectData }} -recovery: - secret: - name: {{ printf "%s-user" $objectData.clusterName }} - database: {{ $objectData.database }} - owner: {{ $objectData.user }} - {{- if eq $objectData.recovery.method "backup" }} - backup: - name: {{ $objectData.recovery.backupName }} - {{- else if eq $objectData.recovery.method "object_store" -}} - {{- $serverName := $objectData.recovery.serverName | default $objectData.clusterName -}} - {{- if $objectData.recovery.revision -}} - {{- $serverName = printf "%s-r%s" $serverName $objectData.recovery.revision -}} - {{- end }} - source: {{ $serverName }} - {{- end -}} - {{- if $objectData.recovery.pitrTarget -}} - {{- with $objectData.recovery.pitrTarget.time }} - recoveryTarget: - targetTime: {{ . | quote }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/cnpg/cluster/_bootstrapRecoveryExternalCluster.tpl b/charts/common/templates/lib/cnpg/cluster/_bootstrapRecoveryExternalCluster.tpl deleted file mode 100644 index bea693c..0000000 --- a/charts/common/templates/lib/cnpg/cluster/_bootstrapRecoveryExternalCluster.tpl +++ /dev/null @@ -1,22 +0,0 @@ -{{/* Recovery from externalClusters Template, called when mode is recovery */}} -{{- define "tc.v1.common.lib.cnpg.cluster.bootstrap.recovery.externalCluster" }} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if eq $objectData.recovery.method "object_store" }} -externalClusters: - {{- $serverName := $objectData.recovery.serverName | default $objectData.clusterName -}} - {{- if $objectData.recovery.revision -}} - {{- $serverName = printf "%s-r%s" $serverName $objectData.recovery.revision -}} - {{- end }} - - name: {{ $serverName }} - barmanObjectStore: - - {{/* Fetch provider data */}} - {{/* Get the creds defined in backup.$provider */}} - {{- $creds := (get $rootCtx.Values.credentials $objectData.recovery.credentials) -}} - {{- include "tc.v1.common.lib.credentials.validation" (dict "rootCtx" $rootCtx "caller" "CNPG Recovery External Cluster" "credName" $objectData.recovery.credentials) -}} - - {{- include (printf "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.%s" $creds.type) (dict "rootCtx" $rootCtx "objectData" $objectData "data" $creds "type" "recovery") | nindent 6 -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/cnpg/cluster/_bootstrapStandalone.tpl b/charts/common/templates/lib/cnpg/cluster/_bootstrapStandalone.tpl deleted file mode 100644 index 99eb240..0000000 --- a/charts/common/templates/lib/cnpg/cluster/_bootstrapStandalone.tpl +++ /dev/null @@ -1,78 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.cluster.bootstrap.standalone" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $initdb := dict -}} - {{- $postInitSQL := list -}} - {{- $postInitTemplateSQL := list -}} - {{- $postInitApplicationSQL := list -}} - {{- $dataChecksums := true -}} - {{- if not (hasKey $objectData.cluster "initdb") -}} - {{- $_ := set $objectData.cluster "initdb" dict -}} - {{- end -}} - - {{- if (kindIs "bool" $objectData.cluster.initdb.dataChecksums) -}} - {{- $dataChecksums = $objectData.cluster.initdb.dataChecksums -}} - {{- end -}} - - {{/* PostInitApplicationSQL */}} - {{- if eq $objectData.type "timescaledb" -}} - {{- $postInitApplicationSQL = concat $postInitApplicationSQL (list - "CREATE EXTENSION IF NOT EXISTS timescaledb;") -}} - {{- end -}} - {{- if eq $objectData.type "postgis" -}} - {{- $postInitApplicationSQL = concat $postInitApplicationSQL (list - "CREATE EXTENSION IF NOT EXISTS postgis;" - "CREATE EXTENSION IF NOT EXISTS postgis_topology;" - "CREATE EXTENSION IF NOT EXISTS fuzzystrmatch;" - "CREATE EXTENSION IF NOT EXISTS postgis_tiger_geocoder;") -}} - {{- end }} - - {{- if eq $objectData.type "vectors" -}} - {{- $postInitApplicationSQL = concat $postInitApplicationSQL (list - "CREATE EXTENSION IF NOT EXISTS vectors;") -}} - {{- end -}} - - {{- if $objectData.cluster.initdb -}} - {{- $postInitApplicationSQL = concat $postInitApplicationSQL ( $objectData.cluster.initdb.postInitApplicationSQL | default list ) -}} - {{- $postInitSQL = concat $postInitSQL ( $objectData.cluster.initdb.postInitSQL | default list ) -}} - {{- $postInitTemplateSQL = concat $postInitTemplateSQL ( $objectData.cluster.initdb.postInitTemplateSQL | default list ) -}} - {{- end -}} - -initdb: - secret: - name: {{ printf "%s-user" $objectData.clusterName }} - database: {{ $objectData.database }} - owner: {{ $objectData.user }} - dataChecksums: {{ $dataChecksums }} - {{- with $objectData.cluster.initdb.encoding }} - encoding: {{ . }} - {{- end -}} - {{- with $objectData.cluster.initdb.localeCollate }} - localeCollate: {{ . }} - {{- end -}} - {{- with $objectData.cluster.initdb.localeCtype }} - localeCtype: {{ . }} - {{- end -}} - {{- with $objectData.cluster.initdb.walSegmentSize }} - walSegmentSize: {{ . }} - {{- end -}} - {{- if $postInitApplicationSQL }} - postInitApplicationSQL: - {{- range $v := $postInitApplicationSQL }} - - {{ tpl $v $rootCtx | quote }} - {{- end -}} - {{- end -}} - {{- if $postInitSQL }} - postInitSQL: - {{- range $v := $postInitSQL }} - - {{ tpl $v $rootCtx | quote }} - {{- end -}} - {{- end -}} - {{- if $postInitTemplateSQL }} - postInitTemplateSQL: - {{- range $v := $postInitTemplateSQL }} - - {{ tpl $v $rootCtx | quote }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/cnpg/cluster/_validation.tpl b/charts/common/templates/lib/cnpg/cluster/_validation.tpl deleted file mode 100644 index b0ea878..0000000 --- a/charts/common/templates/lib/cnpg/cluster/_validation.tpl +++ /dev/null @@ -1,146 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.cluster.validation" -}} - {{- $objectData := .objectData -}} - - {{- $requiredKeys := (list "database" "user" "password") -}} - {{- range $key := $requiredKeys -}} - {{- if not (get $objectData $key) -}} - {{- fail (printf "CNPG - Expected a non-empty [%s] key" $key) -}} - {{- end -}} - {{- end -}} - - {{/* Kinda imposibble to happen, as we explicitly set it to string on the spawner */}} - {{- if not (kindIs "string" $objectData.pgVersion) -}} - {{/* We must ensure that this is a string, as it is used in image selector that require a string */}} - {{- fail (printf "CNPG - Expected [pgVersion] to be a string, but got [%s]" (kindOf $objectData.pgVersion)) -}} - {{- end -}} - - {{- $validVersions := (list "15" "16") -}} - {{- if not (mustHas $objectData.pgVersion $validVersions) -}} - {{- fail (printf "CNPG - Expected [pgVersion] to be one of [%s], but got [%s]" (join ", " $validVersions) $objectData.pgVersion) -}} - {{- end -}} - - {{- if (hasKey $objectData "hibernate") -}} - {{- if not (kindIs "bool" $objectData.hibernate) -}} - {{- fail (printf "CNPG - Expected [hibernate] to be a boolean, but got [%s]" (kindOf $objectData.hibernate)) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $objectData "instances") -}} - {{- if lt ($objectData.instances | int) 1 -}} - {{- fail (printf "CNPG - Expected [instances] to be greater than 0, but got [%d]" ($objectData.instances | int)) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $objectData "mode") -}} - {{- $validModes := (list "standalone" "replica" "recovery") -}} - {{- if not (mustHas $objectData.mode $validModes) -}} - {{- fail (printf "CNPG Cluster - Expected [mode] to be one of [%s], but got [%s]" (join ", " $validModes) $objectData.mode) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $objectData "type") -}} - {{- $validTypes := (list "postgres" "postgis" "timescaledb" "vectors") -}} - {{- if not (mustHas $objectData.type $validTypes) -}} - {{- fail (printf "CNPG Cluster - Expected [type] to be one of [%s], but got [%s]" (join ", " $validTypes) $objectData.type) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $objectData "cluster") -}} - {{- if (hasKey $objectData.cluster "logLevel") -}} - {{- $validLevels := (list "error" "warning" "info" "debug" "trace") -}} - {{- if not (mustHas $objectData.cluster.logLevel $validLevels) -}} - {{- fail (printf "CNPG Cluster - Expected [cluster.logLevel] to be one of [%s], but got [%s]" (join ", " $validLevels) $objectData.cluster.logLevel) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $objectData.cluster "primaryUpdateStrategy") -}} - {{- $validStrategies := (list "supervised" "unsupervised") -}} - {{- if not (mustHas $objectData.cluster.primaryUpdateStrategy $validStrategies) -}} - {{- fail (printf "CNPG Cluster - Expected [cluster.primaryUpdateStrategy] to be one of [%s], but got [%s]" (join ", " $validStrategies) $objectData.cluster.primaryUpdateStrategy) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $objectData.cluster "primaryUpdateMethod") -}} - {{- $validMethods := (list "switchover" "restart") -}} - {{- if not (mustHas $objectData.cluster.primaryUpdateMethod $validMethods) -}} - {{- fail (printf "CNPG Cluster - Expected [cluster.primaryUpdateMethod] to be one of [%s], but got [%s]" (join ", " $validMethods) $objectData.cluster.primaryUpdateMethod) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $objectData.cluster "initdb") -}} - {{- with $objectData.cluster.initdb.walSegmentSize -}} - {{- if not (mustHas (kindOf .) (list "int" "int64" "float64")) -}} - {{- fail (printf "CNPG Cluster - Expected [cluster.initdb.walSegmentSize] to be an integer, but got [%s]" (kindOf .)) -}} - {{- end -}} - {{- if or (lt (. | int) 1) (gt (. | int) 1024) -}} - {{- fail (printf "CNPG Cluster - Expected [cluster.initdb.walSegmentSize] to be between 1 and 1024, but got [%d]" (. | int)) -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if eq $objectData.mode "recovery" -}} - {{- if not $objectData.recovery -}} - {{- fail "CNPG Recovery - Expected a non-empty [recovery] key" -}} - {{- end -}} - - {{- $validMethods := (list "backup" "object_store" "pg_basebackup") -}} - {{- if not (mustHas $objectData.recovery.method $validMethods) -}} - {{- fail (printf "CNPG Recovery - Expected [recovery.method] to be one of [%s], but got [%s]" (join ", " $validMethods) $objectData.recovery.method) -}} - {{- end -}} - {{- if eq $objectData.recovery.method "backup" -}} - {{- if not $objectData.recovery.backupName -}} - {{- fail "CNPG Recovery - Expected a non-empty [recovery.backupName] key" -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if and $objectData.recovery $objectData.recovery.revision -}} - {{- if not (kindIs "string" $objectData.recovery.revision) -}} - {{- fail (printf "CNPG Recovery - Expected [recovery.revision] to be a string, got [%s]" (kindOf $objectData.recovery.revision)) -}} - {{- end -}} - {{- end -}} - - {{- if and $objectData.backups $objectData.backups.revision -}} - {{- if not (kindIs "string" $objectData.backups.revision) -}} - {{- fail (printf "CNPG Backup - Expected [backups.revision] to be a string, got [%s]" (kindOf $objectData.backups.revision)) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $objectData "backups") -}} - {{- if and $objectData.backups.enabled $objectData.backups.target -}} - {{- $validTargets := (list "primary" "prefer-standby") -}} - {{- if not (mustHas $objectData.backups.target $validTargets) -}} - {{- fail (printf "CNPG Backup - Expected [backups.target] to be one of [%s], but got [%s]" (join ", " $validTargets) $objectData.backups.target) -}} - {{- end -}} - - {{- $regexPolicy := "^[1-9][0-9]*[dwm]$" -}} {{/* Copied from upstream */}} - {{- if not (mustRegexMatch $regexPolicy $objectData.backups.retentionPolicy) -}} - {{- fail (printf "CNPG Backup - Expected [backups.retentionPolicy] to match regex [%s], got [%s]" $regexPolicy $objectData.backups.retentionPolicy) -}} - {{- end -}} - - {{- if eq $objectData.mode "recovery" -}} - {{- $serverNameBackup := $objectData.backups.serverName | default $objectData.clusterName -}} - {{- $serverNameRecovery := $objectData.recovery.serverName | default $objectData.clusterName -}} - - {{- if $objectData.backups.revision -}} - {{- $serverNameBackup = printf "%s-r%s" $serverNameBackup $objectData.backups.revision -}} - {{- end -}} - - {{- if $objectData.recovery.revision -}} - {{- $serverNameRecovery = printf "%s-r%s" $serverNameRecovery $objectData.recovery.revision -}} - {{- end -}} - - {{- if eq $serverNameBackup $serverNameRecovery -}} - {{- if $objectData.backups.serverName -}} - {{- fail (printf "CNPG Backup/Recovery - [backups.serverName] and [backups.revision] cannot match [recovery.serverName] and [recovery.revision] when in recovery mode and backup is enabled, for CNPG cluster [%s]" $objectData.clusterName) -}} - {{- else -}} - {{- fail (printf "CNPG Backup/Recovery - [backups.revision] cannot match [recovery.revision] when in recovery mode and backup is enabled, for CNPG cluster [%s]" $objectData.clusterName) -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - -{{- end -}} diff --git a/charts/common/templates/lib/cnpg/pooler/_spawner.tpl b/charts/common/templates/lib/cnpg/pooler/_spawner.tpl deleted file mode 100644 index e081487..0000000 --- a/charts/common/templates/lib/cnpg/pooler/_spawner.tpl +++ /dev/null @@ -1,41 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.spawner.pooler" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not (hasKey $objectData "pooler") -}} - {{- $_ := set $objectData "pooler" dict -}} - {{- end -}} - - {{- $monitoring := false -}} - {{- if (hasKey $objectData "monitoring") -}} - {{- if (kindIs "bool" $objectData.monitoring.enablePodMonitor) -}} - {{- $monitoring := $objectData.monitoring.enablePodMonitor -}} - {{- end -}} - {{- end -}} - - {{- $_ := set $objectData.pooler "type" "rw" -}} - {{/* Validate Pooler */}} - {{- include "tc.v1.common.lib.cnpg.pooler.validation" (dict "objectData" $objectData) -}} - - {{/* Create the RW Pooler object */}} - {{- include "tc.v1.common.class.cnpg.pooler" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - - {{- if $monitoring -}} {{/* TODO: Unit tests for Pooler Metrics */}} - {{- $poolerMetrics := include "tc.v1.common.lib.cnpg.metrics.pooler" (dict "poolerName" (printf "%s-rw" $objectData.name)) | fromYaml -}} - {{- $_ := set $.Values.metrics (printf "cnpg-%s-rw" $objectData.shortName) $poolerMetrics -}} - {{- end -}} - - {{- if $objectData.pooler.createRO -}} - {{- $_ := set $objectData.pooler "type" "ro" -}} - - {{/* Validate Pooler */}} - {{- include "tc.v1.common.lib.cnpg.pooler.validation" (dict "objectData" $objectData) -}} - {{/* Create the RO Pooler object */}} - {{- include "tc.v1.common.class.cnpg.pooler" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - - {{- if $monitoring -}} {{/* TODO: Unit tests for Pooler Metrics */}} - {{- $poolerMetrics := include "tc.v1.common.lib.cnpg.metrics.pooler" (dict "poolerName" (printf "%s-rw" $objectData.name)) | fromYaml -}} - {{- $_ := set $.Values.metrics (printf "cnpg-%s-ro" $objectData.shortName) $poolerMetrics -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/cnpg/pooler/_validation.tpl b/charts/common/templates/lib/cnpg/pooler/_validation.tpl deleted file mode 100644 index b590318..0000000 --- a/charts/common/templates/lib/cnpg/pooler/_validation.tpl +++ /dev/null @@ -1,21 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.pooler.validation" -}} - {{- $objectData := .objectData -}} - - {{- $validTypes := (list "rw" "ro") -}} - {{- if not (mustHas $objectData.pooler.type $validTypes) -}} - {{- fail (printf "CNPG Pooler - Expected [type] to be one one of [%s], but got [%s]" (join ", " $validTypes) $objectData.pooler.type) -}} - {{- end -}} - - {{- if (hasKey $objectData.pooler "instances") -}} - {{- if lt ($objectData.pooler.instances | int) 1 -}} - {{- fail (printf "CNPG Pooler - Expected [instances] to be greater than 0, but got [%d]" ($objectData.instances | int)) -}} - {{- end -}} - {{- end -}} - - {{- $validPgModes := (list "session" "transaction") -}} - {{- if $objectData.pooler.poolMode -}} - {{- if not (mustHas $objectData.pooler.poolMode $validPgModes) -}} - {{- fail (printf "CNPG Pooler - Expected [poolMode] to be one of [%s], but got [%s]" (join ", " $validPgModes) $objectData.pooler.poolMode) -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/cnpg/providers/_providerSecretSpawner.tpl b/charts/common/templates/lib/cnpg/providers/_providerSecretSpawner.tpl deleted file mode 100644 index 3e2db80..0000000 --- a/charts/common/templates/lib/cnpg/providers/_providerSecretSpawner.tpl +++ /dev/null @@ -1,33 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.provider.secret.spawner" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $type := .type -}} - - {{- if not $type -}} - {{- fail "CNPG Provider Secret Spawner - No [type] was given" -}} - {{- end -}} - - {{- $provider := "" -}} - {{- $creds := dict -}} - {{- if eq $type "backup" -}} - {{- if not $objectData.backups.credentials -}} - {{- fail "CNPG Recovery Provider Secret Spawner - Expected [backups.credentials] to be defined on [backup] mode" -}} - {{- end -}} - {{/* Get the creds defined in backup.$provider */}} - {{- $creds = (get $rootCtx.Values.credentials $objectData.backups.credentials) -}} - {{- include "tc.v1.common.lib.credentials.validation" (dict "rootCtx" $rootCtx "caller" "CNPG Backup" "credName" $objectData.backups.credentials) -}} - {{- $provider = $creds.type -}} - {{- else if eq $type "recovery" -}} - {{- if not $objectData.recovery.credentials -}} - {{- fail "CNPG Recovery Provider Secret Spawner - Expected [recovery.credentials] to be defined on [recovery] mode" -}} - {{- end -}} - {{/* Get the creds defined in recovery.$provider */}} - {{- $creds = (get $rootCtx.Values.credentials $objectData.recovery.credentials) -}} - {{- include "tc.v1.common.lib.credentials.validation" (dict "rootCtx" $rootCtx "caller" "CNPG Backup" "credName" $objectData.recovery.credentials) -}} - {{- $provider = $creds.type -}} - {{- end -}} - - {{- with (include (printf "tc.v1.common.lib.cnpg.provider.%s.secret" $provider) (dict "creds" $creds) | fromYaml) -}} - {{- $_ := set $rootCtx.Values.secret (printf "cnpg-%s-provider-%s-%s-creds" $objectData.shortName $type $provider) . -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/cnpg/providers/_s3.tpl b/charts/common/templates/lib/cnpg/providers/_s3.tpl deleted file mode 100644 index 34f51d2..0000000 --- a/charts/common/templates/lib/cnpg/providers/_s3.tpl +++ /dev/null @@ -1,7 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.provider.s3.secret" -}} -{{- $creds := .creds }} -enabled: true -data: - ACCESS_KEY_ID: {{ $creds.accessKey | default "" | quote }} - ACCESS_SECRET_KEY: {{ $creds.secretKey | default "" | quote }} -{{- end -}} diff --git a/charts/common/templates/lib/cnpg/scheduledBackup/_spawner.tpl b/charts/common/templates/lib/cnpg/scheduledBackup/_spawner.tpl deleted file mode 100644 index 9688241..0000000 --- a/charts/common/templates/lib/cnpg/scheduledBackup/_spawner.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.spawner.scheduledBackups" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- range $schedBackup := $objectData.backups.scheduledBackups -}} - {{- $_ := set $objectData "backupName" $schedBackup.name -}} - {{- $_ := set $objectData "backupLabels" $schedBackup.labels -}} - {{- $_ := set $objectData "backupAnnotations" $schedBackup.annotations -}} - - {{/* Make a copy of the objectData */}} - {{- $newObjectData := mustDeepCopy $objectData -}} - {{/* Add the scheduled backup data */}} - {{- $_ := set $newObjectData "schedData" $schedBackup -}} - - {{- include "tc.v1.common.lib.cnpg.scheduledBackup.validation" (dict "objectData" $newObjectData) }} - {{- include "tc.v1.common.class.cnpg.scheduledbackup" (dict "rootCtx" $rootCtx "objectData" $newObjectData) -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/cnpg/scheduledBackup/_validation.tpl b/charts/common/templates/lib/cnpg/scheduledBackup/_validation.tpl deleted file mode 100644 index 8138b86..0000000 --- a/charts/common/templates/lib/cnpg/scheduledBackup/_validation.tpl +++ /dev/null @@ -1,30 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.scheduledBackup.validation" -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.backupName -}} - {{- fail "CNPG Scheduled Backup - Expected non-empty [name] in [backups.scheduledBackups] entry" -}} - {{- end -}} - - {{- if not $objectData.schedData.schedule -}} - {{- fail "CNPG Scheduled Backup - Expected non-empty [schedule] in [backups.scheduledBackups] entry" -}} - {{- end -}} - - {{- if (hasKey $objectData.schedData "backupOwnerReference") -}} - {{- $validOwnerRefs := (list "none" "self" "cluster") -}} - {{- if not (mustHas $objectData.schedData.backupOwnerReference $validOwnerRefs) -}} - {{- fail (printf "CNPG Scheduled Backup - Expected [backupOwnerReference] in [backups.scheduledBackups] entry to be one of [%s], but got [%s]" (join ", " $validOwnerRefs) $objectData.schedData.backupOwnerReference) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $objectData.schedData "immediate") -}} - {{- if not (kindIs "bool" $objectData.schedData.immediate) -}} - {{- fail (printf "CNPG Scheduled Backup - Expected [immediate] in [backups.scheduledBackups] entry to be a boolean, but got [%s]" (kindOf $objectData.schedData.immediate)) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $objectData.schedData "suspend") -}} - {{- if not (kindIs "bool" $objectData.schedData.suspend) -}} - {{- fail (printf "CNPG Scheduled Backup - Expected [suspend] in [backups.scheduledBackups] entry to be a boolean, but got [%s]" (kindOf $objectData.schedData.suspend)) -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/configmap/_validation.tpl b/charts/common/templates/lib/configmap/_validation.tpl deleted file mode 100644 index e7d09c0..0000000 --- a/charts/common/templates/lib/configmap/_validation.tpl +++ /dev/null @@ -1,21 +0,0 @@ -{{/* Configmap Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.configmap.validation" (dict "objectData" $objectData) -}} -objectData: - labels: The labels of the configmap. - annotations: The annotations of the configmap. - data: The data of the configmap. -*/}} - -{{- define "tc.v1.common.lib.configmap.validation" -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.data -}} - {{- fail "ConfigMap - Expected non-empty [data]" -}} - {{- end -}} - - {{- if not (kindIs "map" $objectData.data) -}} - {{- fail (printf "ConfigMap - Expected [data] to be a dictionary, but got [%v]" (kindOf $objectData.data)) -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/container/_args.tpl b/charts/common/templates/lib/container/_args.tpl deleted file mode 100644 index afe3825..0000000 --- a/charts/common/templates/lib/container/_args.tpl +++ /dev/null @@ -1,22 +0,0 @@ -{{/* Returns args list */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.args" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.args" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- range $key := (list "args" "extraArgs") -}} - {{- with (get $objectData $key) -}} - {{- if kindIs "string" . }} -- {{ tpl . $rootCtx | quote }} - {{- else if kindIs "slice" . -}} - {{- range $arg := . }} -- {{ tpl $arg $rootCtx | quote }} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/container/_command.tpl b/charts/common/templates/lib/container/_command.tpl deleted file mode 100644 index 1a83eb8..0000000 --- a/charts/common/templates/lib/container/_command.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{/* Returns command list */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.command" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.command" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if kindIs "string" $objectData.command }} -- {{ tpl $objectData.command $rootCtx | quote }} - {{- else if kindIs "slice" $objectData.command -}} - {{- range $objectData.command }} -- {{ tpl . $rootCtx | quote }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/container/_env.tpl b/charts/common/templates/lib/container/_env.tpl deleted file mode 100644 index 01233a5..0000000 --- a/charts/common/templates/lib/container/_env.tpl +++ /dev/null @@ -1,93 +0,0 @@ -{{/* Returns Env */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.env" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.env" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- range $k, $v := $objectData.env -}} - {{- include "tc.v1.common.helper.container.envDupeCheck" (dict "rootCtx" $rootCtx "objectData" $objectData "source" "env" "key" $k) }} -- name: {{ $k | quote }} - {{- if not (kindIs "map" $v) -}} - {{- $value := "" -}} - {{- if not (kindIs "invalid" $v) -}} {{/* Only tpl non-empty values */}} - {{- $value = $v -}} - {{- if kindIs "string" $v -}} - {{- $value = tpl $v $rootCtx -}} - {{- end -}} - {{- end }} - value: {{ include "tc.v1.common.helper.makeIntOrNoop" $value | quote }} - {{- else if kindIs "map" $v }} - valueFrom: - {{- $refs := (list "configMapKeyRef" "secretKeyRef" "fieldRef") -}} - {{- if or (ne (len ($v | keys)) 1) (not (mustHas ($v | keys | first) $refs)) -}} - {{- fail (printf "Container - Expected [env] with a ref to have one of [%s], but got [%s]" (join ", " $refs) (join ", " ($v | keys | sortAlpha))) -}} - {{- end -}} - - {{- $name := "" -}} - - - {{- range $key := (list "configMapKeyRef" "secretKeyRef") -}} - {{- if hasKey $v $key }} - {{ $key }}: - {{- $obj := get $v $key -}} - {{- if not $obj.name -}} - {{- fail (printf "Container - Expected non-empty [env.%s.name]" $key) -}} - {{- end -}} - - {{- if not $obj.key -}} - {{- fail (printf "Container - Expected non-empty [env.%s.key]" $key) -}} - {{- end }} - key: {{ $obj.key | quote }} - - {{- $name = tpl $obj.name $rootCtx -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $rootCtx "objectData" $obj - "name" $k "caller" "Container" - "key" "env")) -}} - - {{- if eq $expandName "true" -}} - {{- $item := ($key | trimSuffix "KeyRef" | lower) -}} - - {{- $data := (get $rootCtx.Values $item) -}} - {{- $data = (get $data $name) -}} - - {{- if not $data -}} - {{- fail (printf "Container - Expected in [env] the referenced %s [%s] to be defined" ($item | camelcase | title) $name) -}} - {{- end -}} - - {{- $found := false -}} - {{- range $k, $v := $data.data -}} - {{- if eq $k $obj.key -}} - {{- $found = true -}} - {{- end -}} - {{- end -}} - - {{- if not $found -}} - {{- fail (printf "Container - Expected in [env] the referenced key [%s] in %s [%s] to be defined" $obj.key ($item | camelcase | title) $name) -}} - {{- end -}} - - {{- $name = (printf "%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $name) -}} - {{- end }} - name: {{ $name | quote }} - {{- end -}} - {{- end -}} - - {{- if hasKey $v "fieldRef" }} - fieldRef: - {{- if not $v.fieldRef.fieldPath -}} - {{- fail "Container - Expected non-empty [env.fieldRef.fieldPath]" -}} - {{- end }} - fieldPath: {{ $v.fieldRef.fieldPath | quote }} - {{- if $v.fieldRef.apiVersion }} - apiVersion: {{ $v.fieldRef.apiVersion | quote }} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/container/_envFrom.tpl b/charts/common/templates/lib/container/_envFrom.tpl deleted file mode 100644 index 213e0fd..0000000 --- a/charts/common/templates/lib/container/_envFrom.tpl +++ /dev/null @@ -1,59 +0,0 @@ -{{/* Returns Env From */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.envFrom" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.envFrom" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $refs := (list "configMapRef" "secretRef") -}} - {{- range $envFrom := $objectData.envFrom -}} - {{- if and (not $envFrom.secretRef) (not $envFrom.configMapRef) -}} - {{- fail (printf "Container - Expected [envFrom] entry to have one of [%s]" (join ", " $refs)) -}} - {{- end -}} - - {{- if and $envFrom.secretRef $envFrom.configMapRef -}} - {{- fail (printf "Container - Expected [envFrom] entry to have only one of [%s], but got both" (join ", " $refs)) -}} - {{- end -}} - - {{- range $ref := $refs -}} - {{- with (get $envFrom $ref) -}} - {{- if not .name -}} - {{- fail (printf "Container - Expected non-empty [envFrom.%s.name]" $ref) -}} - {{- end -}} - - {{- $objectName := tpl .name $rootCtx -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $rootCtx "objectData" . - "name" $ref "caller" "Container" - "key" "envFrom")) -}} - - {{- if eq $expandName "true" -}} - {{- $object := dict -}} - {{- $source := "" -}} - {{- if eq $ref "configMapRef" -}} - {{- $object = (get $rootCtx.Values.configmap $objectName) -}} - {{- $source = "ConfigMap" -}} - {{- else if eq $ref "secretRef" -}} - {{- $object = (get $rootCtx.Values.secret $objectName) -}} - {{- $source = "Secret" -}} - {{- end -}} - - {{- if not $object -}} - {{- fail (printf "Container - Expected %s [%s] defined in [envFrom] to exist" $source $objectName) -}} - {{- end -}} - {{- range $k, $v := $object.data -}} - {{- include "tc.v1.common.helper.container.envDupeCheck" (dict "rootCtx" $rootCtx "objectData" $objectData "source" (printf "%s - %s" $source $objectName) "key" $k) -}} - {{- end -}} - - {{- $objectName = (printf "%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $objectName) -}} - {{- end }} -- {{ $ref }}: - name: {{ $objectName | quote }} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/container/_envList.tpl b/charts/common/templates/lib/container/_envList.tpl deleted file mode 100644 index df491a4..0000000 --- a/charts/common/templates/lib/container/_envList.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{/* Returns Env List */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.envList" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.envList" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- range $env := $objectData.envList -}} - {{- if not $env.name -}} - {{- fail "Container - Expected non-empty [envList.name]" -}} - {{- end -}} {{/* Empty value is valid */}} - {{- include "tc.v1.common.helper.container.envDupeCheck" (dict "rootCtx" $rootCtx "objectData" $objectData "source" "envList" "key" $env.name) -}} - {{- $value := $env.value -}} - {{- if kindIs "string" $env.value -}} - {{- $value = tpl $env.value $rootCtx -}} - {{- end }} -- name: {{ $env.name | quote }} - value: {{ include "tc.v1.common.helper.makeIntOrNoop" $value | quote }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/container/_fixedEnv.tpl b/charts/common/templates/lib/container/_fixedEnv.tpl deleted file mode 100644 index a25887e..0000000 --- a/charts/common/templates/lib/container/_fixedEnv.tpl +++ /dev/null @@ -1,97 +0,0 @@ -{{/* Returns Fixed Env */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.fixedEnv" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.fixedEnv" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{/* Avoid nil pointers */}} - {{- if not (hasKey $objectData "fixedEnv") -}} - {{- $_ := set $objectData "fixedEnv" dict -}} - {{- end -}} - - {{- $nvidiaCaps := $rootCtx.Values.containerOptions.NVIDIA_CAPS -}} - - {{- if $objectData.fixedEnv.NVIDIA_CAPS -}} - {{- $nvidiaCaps = $objectData.fixedEnv.NVIDIA_CAPS -}} - {{- end -}} - - {{- if not (deepEqual $nvidiaCaps (mustUniq $nvidiaCaps)) -}} - {{- fail (printf "Container - Expected [fixedEnv.NVIDIA_CAPS] to have only unique values, but got [%s]" (join ", " $nvidiaCaps)) -}} - {{- end -}} - - {{- $caps := (list "all" "compute" "utility" "graphics" "video") -}} - {{- range $cap := $nvidiaCaps -}} - {{- if not (mustHas $cap $caps) -}} - {{- fail (printf "Container - Expected [fixedEnv.NVIDIA_CAPS] entry to be one of [%s], but got [%s]" (join ", " $caps) $cap) -}} - {{- end -}} - {{- end -}} - - {{- $secContext := fromJson (include "tc.v1.common.lib.container.securityContext.calculate" (dict "rootCtx" $rootCtx "objectData" $objectData)) -}} - - {{- $fixed := list -}} - {{- $TZ := $objectData.fixedEnv.TZ | default $rootCtx.Values.TZ -}} - {{- $UMASK := $objectData.fixedEnv.UMASK | default $rootCtx.Values.securityContext.container.UMASK -}} - {{- $PUID := $objectData.fixedEnv.PUID | default $rootCtx.Values.securityContext.container.PUID -}} - {{- if and (not (kindIs "invalid" $objectData.fixedEnv.PUID)) (eq (int $objectData.fixedEnv.PUID) 0) -}} - {{- $PUID = $objectData.fixedEnv.PUID -}} - {{- end -}} - {{/* calculatedFSGroup is passed from the pod */}} - {{- $PGID := $objectData.calculatedFSGroup -}} - - {{- $fixed = mustAppend $fixed (dict "k" "TZ" "v" $TZ) -}} - {{- $fixed = mustAppend $fixed (dict "k" "UMASK" "v" $UMASK) -}} - {{- $fixed = mustAppend $fixed (dict "k" "UMASK_SET" "v" $UMASK) -}} - - {{- $nvidia := false -}} - {{- if eq (include "tc.v1.common.lib.container.resources.hasGPU" (dict "rootCtx" $rootCtx "objectData" $objectData "gpuType" "nvidia.com/gpu")) "true" -}} - {{- $nvidia = true -}} - {{- end -}} - - {{- if and ($rootCtx.Values.resources) ($rootCtx.Values.resources.limits) -}} - {{- range $k, $v := $rootCtx.Values.resources.limits -}} - {{- if and (eq $k "nvidia.com/gpu") (gt ($v | int) 0) -}} - {{- $nvidia = true -}} - {{- break -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if and ($objectData.resources) ($objectData.resources.limits) -}} - {{- range $k, $v := $objectData.resources.limits -}} - {{- if and (eq $k "nvidia.com/gpu") (gt ($v | int) 0) -}} - {{- $nvidia = true -}} - {{- break -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if $nvidia -}} - {{- $fixed = mustAppend $fixed (dict "k" "NVIDIA_DRIVER_CAPABILITIES" "v" (join "," $nvidiaCaps)) -}} - {{- else -}} - {{- $fixed = mustAppend $fixed (dict "k" "NVIDIA_VISIBLE_DEVICES" "v" "void") -}} - {{- end -}} - - {{/* If running as root and PUID is set (0 or greater), set related envs */}} - {{- if and (or (eq (int $secContext.runAsUser) 0) (eq (int $secContext.runAsGroup) 0)) (ge (int $PUID) 0) -}} - {{- $fixed = mustAppend $fixed (dict "k" "PUID" "v" $PUID) -}} - {{- $fixed = mustAppend $fixed (dict "k" "USER_ID" "v" $PUID) -}} - {{- $fixed = mustAppend $fixed (dict "k" "UID" "v" $PUID) -}} - {{- $fixed = mustAppend $fixed (dict "k" "PGID" "v" $PGID) -}} - {{- $fixed = mustAppend $fixed (dict "k" "GROUP_ID" "v" $PGID) -}} - {{- $fixed = mustAppend $fixed (dict "k" "GID" "v" $PGID) -}} - {{- end -}} - {{/* If rootFS is readOnly OR does not as root, let s6 containers to know that fs is readonly */}} - {{- if or $secContext.readOnlyRootFilesystem $secContext.runAsNonRoot -}} - {{- $fixed = mustAppend $fixed (dict "k" "S6_READ_ONLY_ROOT" "v" "1") -}} - {{- end -}} - - {{- range $env := $fixed -}} - {{- include "tc.v1.common.helper.container.envDupeCheck" (dict "rootCtx" $rootCtx "objectData" $objectData "source" "fixedEnv" "key" $env.k) }} -- name: {{ $env.k | quote }} - value: {{ (include "tc.v1.common.helper.makeIntOrNoop" $env.v) | quote }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/container/_imageSelector.tpl b/charts/common/templates/lib/container/_imageSelector.tpl deleted file mode 100644 index 8308841..0000000 --- a/charts/common/templates/lib/container/_imageSelector.tpl +++ /dev/null @@ -1,42 +0,0 @@ -{{/* Returns the image dictionary */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.imageSelector" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.imageSelector" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $imageObj := dict -}} - - {{- $selector := "image" -}} - {{- with $objectData.imageSelector -}} - {{- $selector = tpl . $rootCtx -}} - {{- end -}} - - {{- if hasKey $rootCtx.Values $selector -}} - {{- $imageObj = get $rootCtx.Values $selector -}} - {{- else -}} - {{- fail (printf "Container - Expected [.Values.%s] to exist" $selector) -}} - {{- end -}} - - {{- if not $imageObj.repository -}} - {{- fail (printf "Container - Expected non-empty [.Values.%s.repository]" $selector) -}} - {{- end -}} - - {{- if not $imageObj.tag -}} - {{- fail (printf "Container - Expected non-empty [.Values.%s.tag]" $selector) -}} - {{- end -}} - - {{- if not $imageObj.pullPolicy -}} - {{- $_ := set $imageObj "pullPolicy" "IfNotPresent" -}} - {{- end -}} - - {{- $policies := (list "IfNotPresent" "Always" "Never") -}} - {{- if not (mustHas $imageObj.pullPolicy $policies) -}} - {{- fail (printf "Container - Expected [.Values.%s.pullPolicy] to be one of [%s], but got [%s]" $selector (join ", " $policies) $imageObj.pullPolicy) -}} - {{- end -}} - - {{- $imageObj | toJson -}} -{{- end -}} diff --git a/charts/common/templates/lib/container/_lifecycle.tpl b/charts/common/templates/lib/container/_lifecycle.tpl deleted file mode 100644 index 2e2e9b9..0000000 --- a/charts/common/templates/lib/container/_lifecycle.tpl +++ /dev/null @@ -1,37 +0,0 @@ -{{/* Returns lifecycle */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.lifecycle" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.lifecycle" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $hooks := (list "preStop" "postStart") -}} - {{- $types := (list "exec" "http" "https") -}} - {{- with $objectData.lifecycle -}} - {{- range $hook, $hookValues := . -}} - {{- if not (mustHas $hook $hooks) -}} - {{- fail (printf "Container - Expected [lifecycle] [hook] to be one of [%s], but got [%s]" (join ", " $hooks) $hook) -}} - {{- end -}} - - {{- if not $hookValues.type -}} - {{- fail "Container - Expected non-empty [lifecycle] [type]" -}} - {{- end -}} - - {{- if not (mustHas $hookValues.type $types) -}} - {{- fail (printf "Container - Expected [lifecycle] [type] to be one of [%s], but got [%s]" (join ", " $types) $hookValues.type) -}} - {{- end }} -{{ $hook }}: - {{- if eq $hookValues.type "exec" -}} - {{- include "tc.v1.common.lib.container.actions.exec" (dict "rootCtx" $rootCtx "objectData" $hookValues "caller" "lifecycle") | trim | nindent 2 -}} - {{- else if mustHas $hookValues.type (list "http" "https") -}} - {{- include "tc.v1.common.lib.container.actions.httpGet" (dict "rootCtx" $rootCtx "objectData" $hookValues "caller" "lifecycle") | trim | nindent 2 -}} - {{- end -}} - - {{- end -}} - {{- end -}} - - -{{- end -}} diff --git a/charts/common/templates/lib/container/_ports.tpl b/charts/common/templates/lib/container/_ports.tpl deleted file mode 100644 index 932fe27..0000000 --- a/charts/common/templates/lib/container/_ports.tpl +++ /dev/null @@ -1,132 +0,0 @@ -{{/* Returns ports list */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.ports" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.ports" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $portsByName := dict -}} - - {{- range $serviceName, $serviceValues := $rootCtx.Values.service -}} - {{- $podSelected := false -}} - {{/* If service is enabled... */}} - {{- if $serviceValues.enabled -}} - - {{/* If there is a selector */}} - {{- if $serviceValues.targetSelector -}} - - {{/* And pod is selected */}} - {{- if eq $serviceValues.targetSelector $objectData.podShortName -}} - {{- $podSelected = true -}} - {{- end -}} - - {{- else -}} - {{/* If no selector is defined but pod is primary */}} - {{- if $objectData.podPrimary -}} - {{- $podSelected = true -}} - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- if $podSelected -}} - {{- range $portName, $portValues := $serviceValues.ports -}} - {{- $containerSelected := false -}} - - {{/* If service is enabled... */}} - {{- if $portValues.enabled -}} - {{/* If there is a selector */}} - {{- if $portValues.targetSelector -}} - - {{/* And container is selected */}} - {{- if eq $portValues.targetSelector $objectData.shortName -}} - {{- $containerSelected = true -}} - {{- end -}} - - {{- else -}} - {{/* If no selector is defined but container is primary */}} - {{- if $objectData.primary -}} - {{- $containerSelected = true -}} - {{- end -}} - - {{- end -}} - {{- end -}} - - {{/* If the container is selected render port */}} - {{- if $containerSelected -}} - {{- $containerPort := $portValues.targetPort | default $portValues.port -}} - {{- if kindIs "string" $containerPort -}} - {{- $containerPort = (tpl $containerPort $rootCtx) -}} - {{- end -}} - - {{- $tcpProtocols := (list "tcp" "http" "https") -}} - {{- $protocol := tpl ($portValues.protocol | default $rootCtx.Values.global.fallbackDefaults.serviceProtocol) $rootCtx -}} - {{- if mustHas $protocol $tcpProtocols -}} - {{- $protocol = "tcp" -}} - {{- end }} -- name: {{ $portName }} - containerPort: {{ $containerPort }} - protocol: {{ $protocol | upper }} - {{- with $portValues.hostPort }} - hostPort: {{ . }} - {{- else }} - hostPort: null - {{- end -}} - {{- $_ := set $portsByName $portName (dict "containerPort" (toString $containerPort) "serviceName" $serviceName) -}} - {{- end -}} - - {{- end -}} - {{- end -}} - {{- end -}} - - {{- include "tc.v1.common.lib.container.ports.detectSortingIssues" (dict "portsByName" $portsByName "rootCtx" $rootCtx) -}} - -{{- end -}} -{{/* Turning hostNetwork on, it creates hostPort automatically and turning it back off does not remove them. Setting hostPort explicitly to null will remove them. - There are still cases that hostPort is not removed, for example, if you have a TCP and UDP port with the same number. Only the TCPs hostPort will be removed. - Also note that setting hostPort to null always, it will NOT affect hostNetwork, as it will still create the hostPorts. - It only helps to remove them when hostNetwork is turned off. -*/}} - - -{{- define "tc.v1.common.lib.container.ports.detectSortingIssues" -}} - {{- $rootCtx := .rootCtx -}} - {{- $portsByName := .portsByName -}} - - {{- $portCounts := dict -}} - {{- range $name, $portValues := $portsByName -}} - {{- $count := 1 -}} - {{- $port := (get $portValues "containerPort") -}} - {{- if hasKey $portCounts $port -}} - {{- $count = add1 (get $portCounts $port) -}} - {{- end -}} - {{- $_ := set $portCounts $port $count -}} - {{- end -}} - - {{- $sorted := keys $portsByName | sortAlpha -}} - {{- range $idx, $name := $sorted -}} - {{- $portValues := (get $portsByName $name) -}} - {{- $port := $portValues.containerPort -}} - {{- if eq (get $portCounts $port) 1 -}} - {{- continue -}} - {{- end -}} - - {{- if lt $idx (sub (len $sorted) 1) -}} - {{- $nextPort := (get $portsByName (index $sorted (add1 $idx))).containerPort -}} - {{- if ne $port $nextPort -}} - {{- $portNamesUsingNum := list -}} - {{- range $name, $p := $portsByName -}} - {{- if eq $p.containerPort $port -}} - {{- $portNamesUsingNum = mustAppend $portNamesUsingNum $name -}} - {{- end -}} - {{- end -}} - {{- fail (printf "Port number [%s] is used by multiple ports [%s] in the service [%s] but their names are not adjacent when sorted alphabetically (Other ports in this container sorted: [%s]). This can cause issues with Kubernetes port updates." $port (join ", " $portNamesUsingNum) $portValues.serviceName (join ", " (keys $portsByName | sortAlpha))) -}} - {{- end -}} - {{- $_ := set $portCounts $port 1 -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/container/_primaryValidation.tpl b/charts/common/templates/lib/container/_primaryValidation.tpl deleted file mode 100644 index 6928a78..0000000 --- a/charts/common/templates/lib/container/_primaryValidation.tpl +++ /dev/null @@ -1,40 +0,0 @@ -{{/* Containers Basic Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.primaryValidation" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -*/}} -{{- define "tc.v1.common.lib.container.primaryValidation" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{/* Initialize values */}} - {{- $hasPrimary := false -}} - {{- $hasEnabled := false -}} - - {{/* Go over the contaienrs */}} - {{- range $name, $container := $objectData.podSpec.containers -}} - - {{/* If container is enabled */}} - {{- if $container.enabled -}} - {{- $hasEnabled = true -}} - - {{/* And container is primary */}} - {{- if and (hasKey $container "primary") ($container.primary) -}} - - {{/* Fail if there is already a primary container */}} - {{- if $hasPrimary -}} - {{- fail "Container - Only one container can be primary per workload" -}} - {{- end -}} - - {{- $hasPrimary = true -}} - - {{- end -}} - {{- end -}} - - {{- end -}} - - {{/* Require at least one primary container, if any enabled */}} - {{- if and $hasEnabled (not $hasPrimary) -}} - {{- fail "Container - At least one enabled container must be primary per workload" -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/container/_probes.tpl b/charts/common/templates/lib/container/_probes.tpl deleted file mode 100644 index 53f0cfe..0000000 --- a/charts/common/templates/lib/container/_probes.tpl +++ /dev/null @@ -1,105 +0,0 @@ -{{/* Returns Probes */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.probes" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.probes" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $probeNames := (list "liveness" "readiness" "startup") -}} - {{- $probeTypes := (list "http" "https" "tcp" "grpc" "exec") -}} - - {{- if not $objectData.probes -}} - {{- fail "Container - Expected non-empty [probes]" -}} - {{- end -}} - - {{- range $key := $probeNames -}} - {{- if not (get $objectData.probes $key) -}} - {{- fail (printf "Container - Expected [probes.%s] to be defined" $key) -}} - {{- end -}} - {{- end -}} - - {{- $probes := $objectData.probes -}} - {{- $diagMode := eq (include "tc.v1.common.lib.util.diagnosticMode" (dict "rootCtx" $rootCtx)) "true" -}} - {{- if $diagMode -}} - {{- $probes = dict -}} - {{- end -}} - - {{- range $probeName, $probe := $probes -}} - - {{- if not (mustHas $probeName $probeNames) -}} - {{- fail (printf "Container - Expected probe to be one of [%s], but got [%s]" (join ", " $probeNames) $probeName) -}} - {{- end -}} - - {{- $isEnabled := true -}} - {{- if kindIs "bool" $probe.enabled -}} - {{- $isEnabled = $probe.enabled -}} - {{- end -}} - - {{- if $isEnabled -}} - - {{- $probeType := $rootCtx.Values.global.fallbackDefaults.probeType -}} - - {{- with $probe.type -}} - {{- $probeType = tpl . $rootCtx -}} - {{- end -}} - - {{- if not (mustHas $probeType $probeTypes) -}} - {{- fail (printf "Container - Expected probe type to be one of [%s], but got [%s]" (join ", " $probeTypes) $probeType) -}} - {{- end }} -{{ $probeName }}Probe: - {{- if (mustHas $probeType (list "http" "https")) -}} - {{- include "tc.v1.common.lib.container.actions.httpGet" (dict "rootCtx" $rootCtx "objectData" $probe "caller" "probes") | trim | nindent 2 -}} - {{- else if eq $probeType "tcp" -}} - {{- include "tc.v1.common.lib.container.actions.tcpSocket" (dict "rootCtx" $rootCtx "objectData" $probe "caller" "probes") | trim | nindent 2 -}} - {{- else if eq $probeType "grpc" -}} - {{- include "tc.v1.common.lib.container.actions.grpc" (dict "rootCtx" $rootCtx "objectData" $probe "caller" "probes") | trim | nindent 2 -}} - {{- else if eq $probeType "exec" -}} - {{- include "tc.v1.common.lib.container.actions.exec" (dict "rootCtx" $rootCtx "objectData" $probe "caller" "probes") | trim | nindent 2 -}} - {{- end -}} - - {{- include "tc.v1.common.lib.container.probeTimeouts" (dict "rootCtx" $rootCtx "objectData" $probe "probeName" $probeName) | trim | nindent 2 -}} - - {{- end -}} - {{- end -}} -{{- end -}} - -{{/* Returns Probe Timeouts */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.probeTimeouts" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.probeTimeouts" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $probeName := .probeName -}} - - {{- $timeouts := mustDeepCopy (get $rootCtx.Values.global.fallbackDefaults.probeTimeouts $probeName) -}} - - {{- if $objectData.spec -}} {{/* Overwrite with defined timeouts */}} - {{- $timeouts = mustMergeOverwrite $timeouts $objectData.spec -}} - {{- end -}} - - {{- $keys := (list "initialDelaySeconds" "failureThreshold" "successThreshold" "timeoutSeconds" "periodSeconds") -}} - {{- range $key := $keys -}} - {{- $number := get $timeouts $key -}} - {{- if not (mustHas (kindOf $number) (list "float64" "int" "int64")) -}} - {{- fail (printf "Container - Expected [probes] [%s] to be a number, but got [%v]" $key $number) -}} - {{- end -}} - {{- end -}} - - {{- if mustHas $probeName (list "liveness" "startup") -}} - {{- if ne (int $timeouts.successThreshold) 1 -}} - {{- fail (printf "Container - Expected [probes] [successThreshold] to be 1 on [%s] probe" $probeName) -}} - {{- end -}} - {{- end }} - -initialDelaySeconds: {{ $timeouts.initialDelaySeconds }} -failureThreshold: {{ $timeouts.failureThreshold }} -successThreshold: {{ $timeouts.successThreshold }} -timeoutSeconds: {{ $timeouts.timeoutSeconds }} -periodSeconds: {{ $timeouts.periodSeconds }} -{{- end -}} diff --git a/charts/common/templates/lib/container/_resources.tpl b/charts/common/templates/lib/container/_resources.tpl deleted file mode 100644 index 7bbdebf..0000000 --- a/charts/common/templates/lib/container/_resources.tpl +++ /dev/null @@ -1,165 +0,0 @@ -{{/* Returns Resources */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.resources" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.resources" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $resources := mustDeepCopy $rootCtx.Values.resources -}} - - {{- if $objectData.resources -}} - {{- $resources = mustMergeOverwrite $resources $objectData.resources -}} - {{- end -}} - - {{/* We use the objectData instead of $resources, - as we only allow this flag on the container level */}} - {{- if not (hasKey $objectData "resources") -}} - {{- $_ := set $objectData "resources" dict -}} - {{- end -}} - {{- if not (hasKey $objectData.resources "excludeExtra") -}} - {{- $_ := set $objectData.resources "excludeExtra" false -}} - {{- end -}} - - {{- include "tc.v1.common.lib.container.resources.validation" (dict "resources" $resources) }} -requests: - cpu: {{ $resources.requests.cpu }} - memory: {{ $resources.requests.memory }} - {{- if $resources.limits }} -limits: - {{- with $resources.limits.cpu }} {{/* Passing 0, will not render it, meaning unlimited */}} - cpu: {{ . }} - {{- end -}} - {{- with $resources.limits.memory }} {{/* Passing 0, will not render it, meaning unlimited */}} - memory: {{ . }} - {{- end -}} - {{- if not $objectData.resources.excludeExtra -}} - {{- range $k, $v := (omit $resources.limits "cpu" "memory") }} {{/* Omit cpu and memory, as they are handled above */}} - {{- if or (not $v) (eq (toString $v) "0") -}} - {{- continue -}} - {{- end }} - {{ $k }}: {{ $v }} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} - - -{{- define "tc.v1.common.lib.resources.validation.data" -}} - {{/* CPU: https://regex101.com/r/D4HouI/1 */}} - {{/* MEM: https://regex101.com/r/NNPV2D/1 */}} - {{- $regex := (dict - "cpu" "^(0\\.[1-9]|[1-9][0-9]*)(\\.[0-9]|m?)$" - "memory" "^[1-9][0-9]*([EPTGMK]i?|e[0-9]+)?$" - ) -}} - - {{- $errorMsg := (dict - "cpu" "(Plain Integer - eg. 1), (Float - eg. 0.5), (Milicpu - eg. 500m)" - "memory" "(Suffixed with E/P/T/G/M/K - eg. 1G), (Suffixed with Ei/Pi/Ti/Gi/Mi/Ki - eg. 1Gi), (Plain Integer in bytes - eg. 1024), (Exponent - eg. 134e6)" - ) -}} - - {{- $data := (dict "regex" $regex "errorMsg" $errorMsg) -}} - - {{- $data | toJson -}} -{{- end -}} - -{{/* Validates resources to match a pattern */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.resources.validation" (dict "resources" $resources) }} -rootCtx: The root context of the chart. -resources: The resources object -*/}} -{{- define "tc.v1.common.lib.container.resources.validation" -}} - {{- $resources := .resources -}} - {{- $data := (include "tc.v1.common.lib.resources.validation.data" .) | fromJson -}} - {{- $regex := $data.regex -}} - {{- $errorMsg := $data.errorMsg -}} - - {{- $resourceTypes := (list "cpu" "memory") -}} - - {{- range $category := (list "requests") -}} {{/* We can also add "limits" here if we want to require them */}} - {{- if not (get $resources $category) -}} - {{- fail (printf "Container - Expected non-empty [resources.%s]" $category) -}} - {{- end -}} - - {{- range $type := $resourceTypes -}} - {{- if not (get (get $resources $category) $type) -}} - {{- fail (printf "Container - Expected non-empty [resources.%s.%s]" $category $type) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- range $key := (list "requests" "limits") -}} - {{- $resourceCategory := (get $resources $key) -}} - {{- if $resourceCategory -}} - - {{- range $type := $resourceTypes -}} - {{- $resourceValue := (get $resourceCategory $type) -}} - {{- if $resourceValue -}} {{/* Only try to match defined values */}} - {{- if not (mustRegexMatch (get $regex $type) (toString $resourceValue)) -}} - {{- fail (printf "Container - Expected [resources.%s.%s] to have one of the following formats [%s], but got [%s]" $key $type (get $errorMsg $type) $resourceValue) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.resources.hasGPU" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $gpuType := .gpuType -}} - - {{- $types := (list "nvidia.com/gpu" "amd.com/gpu" "gpu.intel.com/i915") -}} - {{- if $gpuType -}} - {{- $types = (list $gpuType) -}} - {{- end -}} - - {{- $gpu := false -}} - - {{- if and ($rootCtx.Values.resources) ($rootCtx.Values.resources.limits) -}} - {{- range $t := $types -}} - {{- if gt ((get $rootCtx.Values.resources.limits $t) | int) 0 -}} - {{- $gpu = true -}} - {{- break -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if $objectData.podSpec -}} - {{- range $k, $v := $objectData.podSpec.containers -}} - {{- if not $v.enabled -}} - {{- continue -}} - {{- end -}} - - {{- range $t := $types -}} - {{- if eq (include "tc.v1.common.lib.container.resources.hasGPU" (dict "rootCtx" $rootCtx "objectData" $v "gpuType" $t)) "true" -}} - {{- $gpu = true -}} - {{- break -}} - {{- end -}} - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- $gpu | toString -}} -{{- end -}} - -{{- define "tc.v1.common.lib.container.resources.hasGPU" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $gpuType := .gpuType -}} - - {{- $gpu := false -}} - - {{- if and ($objectData.resources) ($objectData.resources.limits) -}} - {{- if gt ((get $objectData.resources.limits $gpuType) | int) 0 -}} - {{- $gpu = true -}} - {{- end -}} - {{- end -}} - - {{- $gpu | toString -}} -{{- end -}} diff --git a/charts/common/templates/lib/container/_securityContext.tpl b/charts/common/templates/lib/container/_securityContext.tpl deleted file mode 100644 index d1af253..0000000 --- a/charts/common/templates/lib/container/_securityContext.tpl +++ /dev/null @@ -1,185 +0,0 @@ -{{/* Returns Container Security Context */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.securityContext" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.securityContext" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{/* Initialize from the "global" options */}} - {{- $secContext := fromJson (include "tc.v1.common.lib.container.securityContext.calculate" (dict "rootCtx" $rootCtx "objectData" $objectData)) }} -runAsNonRoot: {{ $secContext.runAsNonRoot }} -runAsUser: {{ $secContext.runAsUser }} -runAsGroup: {{ $secContext.runAsGroup }} -readOnlyRootFilesystem: {{ $secContext.readOnlyRootFilesystem }} -allowPrivilegeEscalation: {{ $secContext.allowPrivilegeEscalation }} -privileged: {{ $secContext.privileged }} -seccompProfile: - type: {{ $secContext.seccompProfile.type }} - {{- if eq $secContext.seccompProfile.type "Localhost" }} - localhostProfile: {{ $secContext.seccompProfile.profile }} - {{- end }} -capabilities: - {{- if $secContext.capabilities.add }} - add: - {{- range $secContext.capabilities.add }} - - {{ . }} - {{- end -}} - {{- else }} - add: [] - {{- end -}} - {{- if $secContext.capabilities.drop }} - drop: - {{- range $secContext.capabilities.drop }} - - {{ . }} - {{- end -}} - {{- else }} - drop: [] - {{- end -}} -{{- end -}} - -{{/* Calculates Container Security Context */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.securityContext.calculate" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.securityContext.calculate" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $mustPrivileged := false -}} - {{- range $persistenceName, $persistenceValues := $rootCtx.Values.persistence -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $persistenceValues - "name" $persistenceName "caller" "Security Context" - "key" "persistence")) -}} - {{- if (eq $enabled "true") -}} - {{- if eq $persistenceValues.type "device" -}} - {{- $volume := (fromJson (include "tc.v1.common.lib.container.volumeMount.isSelected" (dict "persistenceName" $persistenceName "persistenceValues" $persistenceValues "objectData" $objectData "key" "persistence"))) -}} - {{- if $volume -}} {{/* If a volume is returned, it means that the container has an assigned device */}} - {{- $mustPrivileged = true -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if not $rootCtx.Values.securityContext.container -}} - {{- fail "Container - Expected non-empty [.Values.securityContext.container]" -}} - {{- end -}} - - {{/* Initialize from the "global" options */}} - {{- $secContext := mustDeepCopy $rootCtx.Values.securityContext.container -}} - - {{/* Override with containers options */}} - {{- with $objectData.securityContext -}} - {{- $secContext = mustMergeOverwrite $secContext . -}} - {{- end -}} - - {{/* Validations, as we might endup with null values after merge */}} - {{- range $key := (list "runAsUser" "runAsGroup") -}} - {{- $value := (get $secContext $key) -}} - {{- if not (mustHas (kindOf $value) (list "float64" "int" "int64")) -}} - {{- fail (printf "Container - Expected [securityContext.%s] to be [int], but got [%v] of type [%s]" $key $value (kindOf $value)) -}} - {{- end -}} - {{- end -}} - - {{- if or (eq (int $secContext.runAsUser) 0) (eq (int $secContext.runAsGroup) 0) -}} - {{- $_ := set $secContext "runAsNonRoot" false -}} - {{- else -}} - {{- $_ := set $secContext "runAsNonRoot" true -}} - {{- end -}} - - {{- if $secContext.privileged -}} {{/* When privileged is true, allowPrivilegeEscalation is required */}} - {{- $_ := set $secContext "allowPrivilegeEscalation" true -}} - {{- end -}} - - {{- if $mustPrivileged -}} - {{- $_ := set $secContext "privileged" true -}} - {{- $_ := set $secContext "allowPrivilegeEscalation" true -}} - {{- $_ := set $secContext "runAsNonRoot" false -}} - {{- $_ := set $secContext "runAsUser" 0 -}} - {{- $_ := set $secContext "runAsGroup" 0 -}} - {{- end -}} - - {{- range $key := (list "privileged" "allowPrivilegeEscalation" "runAsNonRoot" "readOnlyRootFilesystem") -}} - {{- $value := (get $secContext $key) -}} - {{- if not (kindIs "bool" $value) -}} - {{- fail (printf "Container - Expected [securityContext.%s] to be [bool], but got [%s] of type [%s]" $key $value (kindOf $value)) -}} - {{- end -}} - {{- end -}} - - {{- if not $secContext.seccompProfile -}} - {{- fail "Container - Expected [securityContext.seccompProfile] to be defined" -}} - {{- end -}} - - {{- $profiles := (list "RuntimeDefault" "Localhost" "Unconfined") -}} - {{- if not (mustHas $secContext.seccompProfile.type $profiles) -}} - {{- fail (printf "Container - Expected [securityContext.seccompProfile] to be one of [%s], but got [%s]" (join ", " $profiles) $secContext.seccompProfile.type) -}} - {{- end -}} - - {{- if eq $secContext.seccompProfile.type "Localhost" -}} - {{- if not $secContext.seccompProfile.profile -}} - {{- fail "Container - Expected [securityContext.seccompProfile.profile] to be defined on type [Localhost]" -}} - {{- end -}} - {{- end -}} - - {{- if not $secContext.capabilities -}} - {{- fail "Container - Expected [securityContext.capabilities] to be defined" -}} - {{- end -}} - - {{- $tempObjectData := (dict "shortName" $objectData.podShortName "primary" $objectData.podPrimary) -}} - {{- $portRange := fromJson (include "tc.v1.common.lib.helpers.securityContext.getPortRange" (dict "rootCtx" $rootCtx "objectData" $tempObjectData)) -}} - {{- if and $portRange.low (le (int $portRange.low) 1024) -}} {{/* If a container wants to bind a port <= 1024 add NET_BIND_SERVICE */}} - {{- $addCap := $secContext.capabilities.add -}} - {{- if not (mustHas "NET_BIND_SERIVCE" $addCap) -}} - {{- $addCap = mustAppend $addCap "NET_BIND_SERVICE" -}} - {{- end -}} - {{- $_ := set $secContext.capabilities "add" $addCap -}} - {{- end -}} - - {{/* - Most containers that run as root, is because it has to chown - files before switching to another user. - Lets add automatically the CHOWN cap. - */}} - {{- if eq (int $secContext.runAsUser) 0 -}} - - {{- if not (kindIs "bool" $secContext.capabilities.disableS6Caps) -}} - {{- fail (printf "Container - Expected [securityContext.capabilities.disableS6Caps] to be [bool], but got [%s] of type [%s]" $secContext.capabilities.disableS6Caps (kindOf $secContext.capabilities.disableS6Caps)) -}} - {{- end -}} - - {{- $addCap := $secContext.capabilities.add -}} - - {{- if not $secContext.capabilities.disableS6Caps -}} - {{- $addCap = mustAppend $addCap "CHOWN" -}} - {{- $addCap = mustAppend $addCap "SETUID" -}} - {{- $addCap = mustAppend $addCap "SETGID" -}} - {{- $addCap = mustAppend $addCap "FOWNER" -}} - {{- $addCap = mustAppend $addCap "DAC_OVERRIDE" -}} - {{- end -}} - - {{- $_ := set $secContext.capabilities "add" $addCap -}} - {{- end -}} - - {{- range $key := (list "add" "drop") -}} - {{- $item := (get $secContext.capabilities $key) -}} - {{- if not (kindIs "slice" $item) -}} - {{- fail (printf "Container - Expected [securityContext.capabilities.%s] to be [list], but got [%s]" $key (kindOf $item)) -}} - {{- end -}} - - {{- range $item -}} - {{- if not (kindIs "string" .) -}} - {{- fail (printf "Container - Expected items of [securityContext.capabilities.%s] to be [string], but got [%s]" $key (kindOf .)) -}} - {{- end -}} - {{- end -}} - - {{- if not (deepEqual (mustUniq $item) $item) -}} - {{- fail (printf "Container - Expected items of [securityContext.capabilities.%s] to be unique, but got [%s]" $key (join ", " $item)) -}} - {{- end -}} - {{- end -}} - - {{- $secContext | toJson -}} -{{- end -}} diff --git a/charts/common/templates/lib/container/_termination.tpl b/charts/common/templates/lib/container/_termination.tpl deleted file mode 100644 index 29f4d6a..0000000 --- a/charts/common/templates/lib/container/_termination.tpl +++ /dev/null @@ -1,33 +0,0 @@ -{{/* Returns termination */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.termination" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.termination" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $termination := (dict "messagePath" "" "messagePolicy" "") -}} - - {{- with $objectData.termination -}} - {{- with .messagePath -}} - {{- $_ := set $termination "messagePath" (tpl . $rootCtx) -}} - {{- end -}} - - {{- with .messagePolicy -}} - - {{- $policy := (tpl . $rootCtx) -}} - - {{- $policies := (list "File" "FallbackToLogsOnError") -}} - {{- if not (mustHas $policy $policies) -}} - {{- fail (printf "Container - Expected [termination.messagePolicy] to be one of [%s], but got [%s]" (join ", " $policies) $policy) -}} - {{- end -}} - - {{- $_ := set $termination "messagePolicy" $policy -}} - {{- end -}} - - {{- end -}} - - {{- $termination | toJson -}} -{{- end -}} diff --git a/charts/common/templates/lib/container/_volumeMounts.tpl b/charts/common/templates/lib/container/_volumeMounts.tpl deleted file mode 100644 index 84b3cb6..0000000 --- a/charts/common/templates/lib/container/_volumeMounts.tpl +++ /dev/null @@ -1,156 +0,0 @@ -{{/* Returns volumeMount list */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.volumeMount" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.volumeMount" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $volMounts := list -}} - - {{- $codeServerIgnoredTypes := (list "configmap" "secret" "vct") -}} - - {{- range $persistenceName, $persistenceValues := $rootCtx.Values.persistence -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $persistenceValues - "name" $persistenceName "caller" "Volume Mount" - "key" "persistence")) -}} - - {{/* TLDR: Enabled + Not VCT without STS */}} - {{- if and (eq $enabled "true") (not (and (eq $persistenceValues.type "vct") (ne $objectData.podType "StatefulSet"))) -}} - {{/* Dont try to mount configmap/sercet/vct to codeserver */}} - {{- if not (and (eq $objectData.shortName "codeserver") (mustHas $persistenceValues.type $codeServerIgnoredTypes)) -}} - {{- $volMount := (include "tc.v1.common.lib.container.volumeMount.isSelected" (dict - "rootCtx" $rootCtx "persistenceName" $persistenceName "persistenceValues" $persistenceValues "objectData" $objectData - )) | fromJson -}} - {{- if $volMount -}} - {{- $volMounts = mustAppend $volMounts $volMount -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- range $volMount := $volMounts -}} - {{/* Expand values */}} - {{- $_ := set $volMount "mountPath" (tpl $volMount.mountPath $rootCtx) -}} - {{- $_ := set $volMount "subPath" (tpl $volMount.subPath $rootCtx) -}} - {{- $_ := set $volMount "mountPropagation" (tpl $volMount.mountPropagation $rootCtx) -}} - - {{- if not $volMount.mountPath -}} - {{- fail (printf "Persistence - Expected non-empty [mountPath]") -}} - {{- end -}} - - {{- if not (hasPrefix "/" $volMount.mountPath) -}} - {{- fail (printf "Persistence - Expected [mountPath] to start with a forward slash [/]") -}} - {{- end -}} - - {{- $propagationTypes := (list "None" "HostToContainer" "Bidirectional") -}} - {{- if and $volMount.mountPropagation (not (mustHas $volMount.mountPropagation $propagationTypes)) -}} - {{- fail (printf "Persistence - Expected [mountPropagation] to be one of [%s], but got [%s]" (join ", " $propagationTypes) $volMount.mountPropagation) -}} - {{- end -}} - - {{- if not (kindIs "bool" $volMount.readOnly) -}} - {{- fail (printf "Persistence - Expected [readOnly] to be [boolean], but got [%s]" (kindOf $volMount.readOnly)) -}} - {{- end }} -- name: {{ $volMount.name }} - mountPath: {{ $volMount.mountPath }} - readOnly: {{ $volMount.readOnly }} - {{- with $volMount.subPath }} - subPath: {{ . }} - {{- end -}} - {{- with $volMount.mountPropagation }} - mountPropagation: {{ . }} - {{- end -}} - {{- end -}} - -{{- end -}} - -{{- define "tc.v1.common.lib.container.volumeMount.isSelected" -}} - {{- $persistenceName := .persistenceName -}} - {{- $persistenceValues := .persistenceValues -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{/* Initialize from the default values */}} - {{- $volMount := dict -}} - {{- if eq $persistenceValues.type "vct" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - {{- $persistenceName = printf "%s-%s" $fullname $persistenceName -}} - {{- end -}} - {{- $_ := set $volMount "name" $persistenceName -}} - {{- if eq $persistenceValues.type "device" -}} {{/* On devices use the hostPath as default if mountpath is not defined */}} - {{- $_ := set $volMount "mountPath" ($persistenceValues.mountPath | default $persistenceValues.hostPath | default "") -}} - {{- else -}} - {{- $_ := set $volMount "mountPath" ($persistenceValues.mountPath | default "") -}} - {{- end -}} - {{- $_ := set $volMount "subPath" ($persistenceValues.subPath | default "") -}} - {{- $_ := set $volMount "readOnly" ($persistenceValues.readOnly | default false) -}} - {{- $_ := set $volMount "mountPropagation" ($persistenceValues.mountPropagation | default "") -}} - - {{- $return := false -}} - {{/* If targetSelectAll is set, means all pods/containers */}} {{/* targetSelectAll does not make sense for vct */}} - {{- if and $persistenceValues.targetSelectAll (ne $persistenceValues.type "vct") -}} - {{- $return = true -}} - {{/* Set custom path on autopermissions container */}} - {{- if and (eq $objectData.shortName "autopermissions") $persistenceValues.autoPermissions -}} - {{- if $persistenceValues.autoPermissions.enabled -}} - {{- $return = true -}} - {{- $_ := set $volMount "mountPath" (printf "/mounts/%v" $persistenceName) -}} - {{- end -}} - {{- end -}} - - {{/* If the container is the autopermission */}} - {{- else if (eq $objectData.shortName "autopermissions") -}} - {{- if $persistenceValues.autoPermissions -}} - {{- if $persistenceValues.autoPermissions.enabled -}} - {{- $return = true -}} - {{- $_ := set $volMount "mountPath" (printf "/mounts/%v" $persistenceName) -}} - {{- end -}} - {{- end -}} - - {{/* Else if selector is defined */}} - {{- else if $persistenceValues.targetSelector -}} - {{- if not (kindIs "map" $persistenceValues.targetSelector) -}} - {{- fail (printf "Persistence - Expected [targetSelector] to be a [dict] but got [%s]" (kindOf $persistenceValues.targetSelector)) -}} - {{- end -}} - - {{/* If pod is selected */}} - {{- if mustHas $objectData.podShortName ($persistenceValues.targetSelector | keys) -}} - {{- $selectorValues := (get $persistenceValues.targetSelector $objectData.podShortName) -}} - {{- if not (kindIs "map" $selectorValues) -}} - {{- fail (printf "Persistence - Expected [targetSelector.%s] to be a [dict], but got [%s]" $objectData.podShortName (kindOf $selectorValues)) -}} - {{- end -}} - - {{- if not $selectorValues -}} - {{- fail (printf "Persistence - Expected non-empty [targetSelector.%s]" $objectData.podShortName) -}} - {{- end -}} - - {{/* If container is selected */}} - {{- if or (mustHas $objectData.shortName ($selectorValues | keys)) (eq $objectData.shortName "codeserver") -}} - {{/* Merge with values that might be set for the specific container */}} - {{- $fetchedSelectorValues := (get $selectorValues $objectData.shortName) -}} - {{- if and (eq $objectData.shortName "codeserver") (not $fetchedSelectorValues) -}} - {{- $fetchedSelectorValues = (get $selectorValues ($selectorValues | keys | first)) -}} - {{- end -}} - {{- $volMount = mustMergeOverwrite $volMount $fetchedSelectorValues -}} - {{- $return = true -}} - {{- end -}} - {{- end -}} - - {{/* if its the codeserver */}} - {{- else if (eq $objectData.shortName "codeserver") -}} - {{- $return = true -}} - - {{/* Else if not selector, but pod and container is primary */}} - {{- else if and $objectData.podPrimary $objectData.primary -}} - {{- $return = true -}} - {{- end -}} - - {{- if $return -}} {{/* If it's selected, return the volumeMount */}} - {{- $volMount | toJson -}} - {{- else -}} {{/* Else return an empty dict */}} - {{- dict | toJson -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/container/probe-lifecycle-actions/_exec.tpl b/charts/common/templates/lib/container/probe-lifecycle-actions/_exec.tpl deleted file mode 100644 index 2413dea..0000000 --- a/charts/common/templates/lib/container/probe-lifecycle-actions/_exec.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{/* Returns exec action */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.actions.exec" (dict "rootCtx" $ "objectData" $objectData "caller" $caller) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.actions.exec" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $caller := .caller -}} - - {{- if not $objectData.command -}} - {{- fail (printf "Container - Expected non-empty [%s] [command] on [exec] type" $caller) -}} - {{- end }} -exec: - command: - {{- include "tc.v1.common.lib.container.command" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 4}} -{{- end -}} diff --git a/charts/common/templates/lib/container/probe-lifecycle-actions/_grpc.tpl b/charts/common/templates/lib/container/probe-lifecycle-actions/_grpc.tpl deleted file mode 100644 index e4170ec..0000000 --- a/charts/common/templates/lib/container/probe-lifecycle-actions/_grpc.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{/* Returns grpc action */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.actions.tcpSocket" (dict "rootCtx" $ "objectData" $objectData "caller" $caller) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.actions.grpc" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $caller := .caller -}} - - {{- if not $objectData.port -}} - {{- fail (printf "Container - Expected non-empty [%s] [port] on [grpc] type" $caller) -}} - {{- end -}} - - {{- $port := $objectData.port -}} - - {{- if kindIs "string" $port -}} - {{- $port = tpl $port $rootCtx -}} - {{- end }} -grpc: - port: {{ $port }} -{{- end -}} diff --git a/charts/common/templates/lib/container/probe-lifecycle-actions/_httpGet.tpl b/charts/common/templates/lib/container/probe-lifecycle-actions/_httpGet.tpl deleted file mode 100644 index d6c1221..0000000 --- a/charts/common/templates/lib/container/probe-lifecycle-actions/_httpGet.tpl +++ /dev/null @@ -1,53 +0,0 @@ -{{/* Returns httpGet action */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.actions.httpGet" (dict "rootCtx" $ "objectData" $objectData "caller" $caller) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.actions.httpGet" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $caller := .caller -}} - - {{- if not $objectData.port -}} - {{- fail (printf "Container - Expected non-empty [%s] [port] on [http] type" $caller) -}} - {{- end -}} - - {{- $port := $objectData.port -}} - {{- $path := "/" -}} - {{- $scheme := "http" -}} - - {{- if kindIs "string" $port -}} - {{- $port = tpl $port $rootCtx -}} - {{- end -}} - - {{- with $objectData.path -}} - {{- $path = tpl . $rootCtx -}} - {{- end -}} - - {{- if not (hasPrefix "/" $path) -}} - {{- fail (printf "Container - Expected [%s] [path] to start with a forward slash [/] on [http] type" $caller) -}} - {{- end -}} - - {{- with $objectData.type -}} - {{- $scheme = tpl . $rootCtx -}} - {{- end }} -httpGet: - {{- with $objectData.host }} - host: {{ tpl . $rootCtx }} - {{- end }} - port: {{ $port }} - path: {{ $path }} - scheme: {{ $scheme | upper }} - {{- with $objectData.httpHeaders }} - httpHeaders: - {{- range $name, $value := . }} - {{- if not $value -}} - {{- fail "Container - Expected non-empty [value] on [httpHeaders]" -}} - {{- end }} - - name: {{ $name }} - value: {{ tpl (toString $value) $rootCtx | quote }} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/container/probe-lifecycle-actions/_tcpSocket.tpl b/charts/common/templates/lib/container/probe-lifecycle-actions/_tcpSocket.tpl deleted file mode 100644 index dc2df7d..0000000 --- a/charts/common/templates/lib/container/probe-lifecycle-actions/_tcpSocket.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{/* Returns tcpSocket action */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.container.actions.tcpSocket" (dict "rootCtx" $ "objectData" $objectData "caller" $caller) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the container. -*/}} -{{- define "tc.v1.common.lib.container.actions.tcpSocket" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $caller := .caller -}} - - {{- if not $objectData.port -}} - {{- fail (printf "Container - Expected non-empty [%s] [port] on [tcp] type" $caller) -}} - {{- end -}} - - {{- $port := $objectData.port -}} - - {{- if kindIs "string" $port -}} - {{- $port = tpl $port $rootCtx -}} - {{- end }} -tcpSocket: - port: {{ $port }} -{{- end -}} diff --git a/charts/common/templates/lib/credentials/_validation.tpl b/charts/common/templates/lib/credentials/_validation.tpl deleted file mode 100644 index 18ae903..0000000 --- a/charts/common/templates/lib/credentials/_validation.tpl +++ /dev/null @@ -1,31 +0,0 @@ -{{- define "tc.v1.common.lib.credentials.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $caller := .caller -}} - {{- $credName := .credName -}} - - {{- $credentials := get $rootCtx.Values.credentials $credName -}} - - {{- if not $credentials -}} - {{- fail (printf "%s - Expected credentials [%s] to be defined in [credentials] which currently contains [%s] keys" $caller $credName (keys $rootCtx.Values.credentials | join ", ")) -}} - {{- end -}} - - {{- $validCredTypes := list "s3" -}} - {{- if $credentials.type -}} {{/* Remove this if check if more types are supported in future */}} - {{- if not (mustHas $credentials.type $validCredTypes) -}} - {{- fail (printf "%s - Expected [type] in [credentials.%s] to be one of [%s], but got [%s]" $caller $credName (join ", " $validCredTypes) $credentials.type) -}} - {{- end -}} - {{- end -}} - - {{- $reqFields := list "url" "bucket" "encrKey" "accessKey" "secretKey" -}} - {{- range $key := $reqFields -}} - {{- if not (get $credentials $key) -}} - {{- fail (printf "VolSync - Expected non-empty [%s] in [credentials.%s]" $key $credName) -}} - {{- end -}} - {{- end -}} - - {{- $url := get $credentials "url" -}} - {{- if and (not (hasPrefix "http://" $url)) (not (hasPrefix "https://" $url)) -}} - {{- fail (printf "%s - Expected [url] in [credentials.%s] to start with [http://] or [https://]. It was observed that sometimes can cause issues if it does not. Got [%s]" $caller $credName $url) -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/dependencies/_clickhouseInjector.tpl b/charts/common/templates/lib/dependencies/_clickhouseInjector.tpl deleted file mode 100644 index c94fec6..0000000 --- a/charts/common/templates/lib/dependencies/_clickhouseInjector.tpl +++ /dev/null @@ -1,45 +0,0 @@ -{{/* - This template generates a random password and ensures it persists across updates/edits to the chart -*/}} -{{- define "tc.v1.common.dependencies.clickhouse.secret" -}} - -{{- if .Values.clickhouse.enabled -}} - {{/* Use with custom-set password */}} - {{- $dbPass := .Values.clickhouse.password -}} - - {{/* Prepare data */}} - {{- $dbHost := printf "%v-%v" .Release.Name "clickhouse" -}} - {{- $portHost := printf "%v:8123" $dbHost -}} - {{- $ping := printf "http://%v/ping" $portHost -}} - {{- $url := printf "http://%v:%v@%v/%v" .Values.clickhouse.clickhouseUsername $dbPass $portHost .Values.clickhouse.clickhouseDatabase -}} - {{- $jdbc := printf "jdbc:ch://%v/%v" $portHost -}} - - {{/* Append some values to clickhouse.creds, so apps using the dep, can use them */}} - {{- $_ := set .Values.clickhouse.creds "plain" ($dbHost | quote) -}} - {{- $_ := set .Values.clickhouse.creds "plainhost" ($dbHost | quote) -}} - {{- $_ := set .Values.clickhouse.creds "clickhousePassword" ($dbPass | quote) -}} - {{- $_ := set .Values.clickhouse.creds "plainport" ($portHost | quote) -}} - {{- $_ := set .Values.clickhouse.creds "plainporthost" ($portHost | quote) -}} - {{- $_ := set .Values.clickhouse.creds "ping" ($ping | quote) -}} - {{- $_ := set .Values.clickhouse.creds "complete" ($url | quote) -}} - {{- $_ := set .Values.clickhouse.creds "jdbc" ($jdbc | quote) -}} - -{{/* Create the secret (Comment also plays a role on correct formatting) */}} -enabled: true -expandObjectName: false -data: - clickhouse-password: {{ $dbPass }} - plainhost: {{ $dbHost }} - plainporthost: {{ $portHost }} - ping: {{ $ping }} - url: {{ $url }} - jdbc: {{ $jdbc }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.dependencies.clickhouse.injector" -}} - {{- $secret := include "tc.v1.common.dependencies.clickhouse.secret" . | fromYaml -}} - {{- if $secret -}} - {{- $_ := set .Values.secret ( printf "%s-%s" .Release.Name "clickhousecreds" ) $secret -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/dependencies/_dbWait.tpl b/charts/common/templates/lib/dependencies/_dbWait.tpl deleted file mode 100644 index e287c4e..0000000 --- a/charts/common/templates/lib/dependencies/_dbWait.tpl +++ /dev/null @@ -1,406 +0,0 @@ -{{- define "tc.v1.common.lib.deps.wait" -}} - {{- if .Values.redis.enabled -}} - {{- $container := include "tc.v1.common.lib.deps.wait.redis" $ | fromYaml -}} - {{- if $container -}} - {{- range .Values.workload -}} - {{- if not (hasKey .podSpec "initContainers") -}} - {{- $_ := set .podSpec "initContainers" dict -}} - {{- end -}} - {{- $_ := set .podSpec.initContainers "redis-wait" $container -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if .Values.mariadb.enabled -}} - {{- $container := include "tc.v1.common.lib.deps.wait.mariadb" $ | fromYaml -}} - {{- if $container -}} - {{- range .Values.workload -}} - {{- if not (hasKey .podSpec "initContainers") -}} - {{- $_ := set .podSpec "initContainers" dict -}} - {{- end -}} - {{- $_ := set .podSpec.initContainers "mariadb-wait" $container -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if .Values.mongodb.enabled -}} - {{- $container := include "tc.v1.common.lib.deps.wait.mongodb" $ | fromYaml -}} - {{- if $container -}} - {{- range .Values.workload -}} - {{- if not (hasKey .podSpec "initContainers") -}} - {{- $_ := set .podSpec "initContainers" dict -}} - {{- end -}} - {{- $_ := set .podSpec.initContainers "mongodb-wait" $container -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if .Values.clickhouse.enabled -}} - {{- $container := include "tc.v1.common.lib.deps.wait.clickhouse" $ | fromYaml -}} - {{- if $container -}} - {{- range .Values.workload -}} - {{- if not (hasKey .podSpec "initContainers") -}} - {{- $_ := set .podSpec "initContainers" dict -}} - {{- end -}} - {{- $_ := set .podSpec.initContainers "clickhouse-wait" $container -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if .Values.solr.enabled -}} - {{- $container := include "tc.v1.common.lib.deps.wait.solr" $ | fromYaml -}} - {{- if $container -}} - {{- range .Values.workload -}} - {{- if not (hasKey .podSpec "initContainers") -}} - {{- $_ := set .podSpec "initContainers" dict -}} - {{- end -}} - {{- $_ := set .podSpec.initContainers "solr-wait" $container -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $result := false -}} - {{- range .Values.cnpg -}} - {{- if .enabled -}} - {{- $result = true -}} - {{- end -}} - {{- end -}} - - {{- if $result -}} - {{- $container := include "tc.v1.common.lib.deps.wait.cnpg" $ | fromYaml -}} - {{- if $container -}} - {{- range $.Values.workload -}} - {{- if not (hasKey .podSpec "initContainers") -}} - {{- $_ := set .podSpec "initContainers" dict -}} - {{- end -}} - {{- $_ := set .podSpec.initContainers "cnpg-wait" $container -}} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.deps.wait.redis" -}} -enabled: true -type: system -imageSelector: redisClientImage -securityContext: - runAsUser: 568 - runAsGroup: 568 - readOnlyRootFilesystem: true - runAsNonRoot: true - allowPrivilegeEscalation: false - privileged: false - seccompProfile: - type: RuntimeDefault - capabilities: - add: [] - drop: - - ALL -resources: - excludeExtra: true - requests: - cpu: 10m - memory: 50Mi - limits: - cpu: 500m - memory: 512Mi -env: - REDIS_HOST: - secretKeyRef: - expandObjectName: false - name: '{{ printf "%s-%s" .Release.Name "rediscreds" }}' - key: plainhost - REDIS_PASSWORD: "{{ .Values.redis.password }}" - REDIS_PORT: "6379" -command: - - "/bin/sh" - - "-c" - - | - /bin/bash <<'EOF' - echo "Executing DB waits..." - [[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD"; - export LIVE=false; - until "$LIVE"; - do - response=$( - timeout -s 3 2 \ - redis-cli \ - -h "$REDIS_HOST" \ - -p "$REDIS_PORT" \ - ping - ) - if [ "$response" == "PONG" ] || [ "$response" == "LOADING Redis is loading the dataset in memory" ]; then - LIVE=true - echo "$response" - echo "Redis Responded, ending initcontainer and starting main container(s)..." - else - echo "$response" - echo "Redis not responding... Sleeping for 10 sec..." - sleep 10 - fi; - done - EOF -{{- end -}} - -{{- define "tc.v1.common.lib.deps.wait.mariadb" -}} -enabled: true -type: system -imageSelector: mariadbClientImage -securityContext: - runAsUser: 568 - runAsGroup: 568 - readOnlyRootFilesystem: true - runAsNonRoot: true - allowPrivilegeEscalation: false - privileged: false - seccompProfile: - type: RuntimeDefault - capabilities: - add: [] - drop: - - ALL -resources: - excludeExtra: true - requests: - cpu: 10m - memory: 50Mi - limits: - cpu: 500m - memory: 512Mi -env: - MARIADB_HOST: - secretKeyRef: - expandObjectName: false - name: '{{ printf "%s-%s" .Release.Name "mariadbcreds" }}' - key: plainhost - MARIADB_ROOT_PASSWORD: "{{ .Values.mariadb.rootPassword }}" -command: - - "/bin/sh" - - "-c" - - | - /bin/bash <<'EOF' - echo "Executing DB waits..." - until - mysqladmin -uroot -h"${MARIADB_HOST}" -p"${MARIADB_ROOT_PASSWORD}" ping \ - && mysqladmin -uroot -h"${MARIADB_HOST}" -p"${MARIADB_ROOT_PASSWORD}" status; - do sleep 2; - done - EOF -{{- end -}} - -{{- define "tc.v1.common.lib.deps.wait.mongodb" -}} -enabled: true -type: system -imageSelector: mongodbClientImage -securityContext: - runAsUser: 568 - runAsGroup: 568 - readOnlyRootFilesystem: true - runAsNonRoot: true - allowPrivilegeEscalation: false - privileged: false - seccompProfile: - type: RuntimeDefault - capabilities: - add: [] - drop: - - ALL -resources: - excludeExtra: true - requests: - cpu: 10m - memory: 50Mi - limits: - cpu: 500m - memory: 512Mi -env: - MONGODB_HOST: - secretKeyRef: - expandObjectName: false - name: '{{ printf "%s-%s" .Release.Name "mongodbcreds" }}' - key: plainhost - MONGODB_DATABASE: "{{ .Values.mongodb.mongodbDatabase }}" -command: - - "/bin/sh" - - "-c" - - | - /bin/bash <<'EOF' - echo "Executing DB waits..." - until - HOME=/config && echo "db.runCommand(\"ping\")" | mongosh --host ${MONGODB_HOST} --port 27017 ${MONGODB_DATABASE} --quiet; - do sleep 2; - done - EOF -{{- end -}} - -{{- define "tc.v1.common.lib.deps.wait.clickhouse" -}} -enabled: true -type: system -imageSelector: wgetImage -securityContext: - runAsUser: 568 - runAsGroup: 568 - readOnlyRootFilesystem: true - runAsNonRoot: true - allowPrivilegeEscalation: false - privileged: false - seccompProfile: - type: RuntimeDefault - capabilities: - add: [] - drop: - - ALL -resources: - excludeExtra: true - requests: - cpu: 10m - memory: 50Mi - limits: - cpu: 500m - memory: 512Mi -env: - CLICKHOUSE_PING: - secretKeyRef: - expandObjectName: false - name: '{{ printf "%s-%s" .Release.Name "clickhousecreds" }}' - key: ping -command: - - "/bin/sh" -args: - - "-c" - - | - echo "Executing DB waits..." - until wget --quiet --tries=1 --spider "${CLICKHOUSE_PING}"; do - echo "ClickHouse - no response. Sleeping 2 seconds..." - sleep 2 - done - echo "ClickHouse - accepting connections" -{{- end -}} - -{{- define "tc.v1.common.lib.deps.wait.solr" -}} -enabled: true -type: system -imageSelector: wgetImage -securityContext: - runAsUser: 568 - runAsGroup: 568 - readOnlyRootFilesystem: true - runAsNonRoot: true - allowPrivilegeEscalation: false - privileged: false - seccompProfile: - type: RuntimeDefault - capabilities: - add: [] - drop: - - ALL -resources: - excludeExtra: true - requests: - cpu: 10m - memory: 50Mi - limits: - cpu: 500m - memory: 512Mi -env: - SOLR_HOST: - secretKeyRef: - expandObjectName: false - name: '{{ printf "%s-%s" .Release.Name "solrcreds" }}' - key: plainhost - SOLR_CORES: "{{ .Values.solr.solrCores }}" - SOLR_ENABLE_AUTHENTICATION: "{{ .Values.solr.solrEnableAuthentication }}" - SOLR_ADMIN_USERNAME: "{{ .Values.solr.solrUsername }}" - SOLR_ADMIN_PASSWORD: - secretKeyRef: - expandObjectName: false - name: '{{ printf "%s-%s" .Release.Name "solrcreds" }}' - key: solr-password - -command: - - "/bin/sh" -args: - - "-c" - - | - echo "Executing DB waits..." - if [ "$SOLR_ENABLE_AUTHENTICATION" == "yes" ]; then - until curl --fail --user "${SOLR_ADMIN_USERNAME}":"${SOLR_ADMIN_PASSWORD}" "${SOLR_HOST}":8983/solr/"${SOLR_CORES}"/admin/ping; do - echo "Solr is not responding... Sleeping 2 seconds..." - sleep 2 - done - else - until curl --fail "${SOLR_HOST}":8983/solr/"${SOLR_CORES}"/admin/ping; do - echo "Solr is not responding... Sleeping 2 seconds..." - sleep 2 - done - fi -{{- end -}} - -{{- define "tc.v1.common.lib.deps.wait.cnpg" -}} -enabled: true -type: system -imageSelector: postgresClientImage -securityContext: - runAsUser: 568 - runAsGroup: 568 - readOnlyRootFilesystem: true - runAsNonRoot: true - allowPrivilegeEscalation: false - privileged: false - seccompProfile: - type: RuntimeDefault - capabilities: - add: [] - drop: - - ALL -resources: - excludeExtra: true - requests: - cpu: 10m - memory: 50Mi - limits: - cpu: 500m - memory: 512Mi -command: - - "/bin/sh" - - "-c" - - | - /bin/sh <<'EOF' -{{- range $name, $cnpg := .Values.cnpg -}} - {{- if $cnpg.enabled }} - echo "Executing DB waits..." - {{- $cnpgName := include "tc.v1.common.lib.chart.names.fullname" $ -}} - {{- $cnpgName = printf "%v-cnpg-%v" $cnpgName $name -}} - - {{/* Wait RW CNPG */}} - {{- include "cnpg.wait.script" (dict "url" (printf "%s-rw" $cnpgName) "user" .user "db" .database "on" "CNPG RW") | nindent 4 -}} - - {{- if and $cnpg.pooler $cnpg.pooler.enabled -}} - {{/* Wait RW Pooler */}} - {{- include "cnpg.wait.script" (dict "url" (printf "%s-pooler-rw" $cnpgName) "user" .user "db" .database "on" "CNPG Pooler RW") | nindent 4 -}} - - {{/* Wait RO Pooler */}} - {{- if $cnpg.pooler.createRO -}} - {{- include "cnpg.wait.script" (dict "url" (printf "%s-pooler-ro" $cnpgName) "user" .user "db" .database "on" "CNPG Pooler RO") | nindent 4 -}} - {{- end -}} - - {{- end -}} - {{- end -}} -{{- end }} - echo "Done executing DB waits..." - EOF -{{- end -}} - -{{- define "cnpg.wait.script" -}} - {{- $url := .url -}} - {{- $user := .user -}} - {{- $db := .db -}} - {{- $on := .on -}} -echo "Testing Database availability on [{{ $on }}]" -until - echo "Testing database on url: [{{ $url }}]" - pg_isready -U {{ $user }} -d {{ $db }} -h {{ $url }} - do sleep 5 -done -echo "Database available on url: [{{ $url }}]" -{{- end -}} diff --git a/charts/common/templates/lib/dependencies/_mariadbInjector.tpl b/charts/common/templates/lib/dependencies/_mariadbInjector.tpl deleted file mode 100644 index 935519b..0000000 --- a/charts/common/templates/lib/dependencies/_mariadbInjector.tpl +++ /dev/null @@ -1,56 +0,0 @@ -{{/* -This template generates a random password and ensures it persists across updates/edits to the chart -*/}} -{{- define "tc.v1.common.dependencies.mariadb.secret" -}} - -{{- if .Values.mariadb.enabled -}} - {{/* Use custom-set password */}} - {{- $dbPass := .Values.mariadb.password -}} - - {{/* Use custom-set root-password */}} - {{- $rootPass := .Values.mariadb.rootPassword -}} - - {{/* Prepare data */}} - {{- $dbhost := printf "%v-%v" .Release.Name "mariadb" -}} - {{- $portHost := printf "%v:3306" $dbhost -}} - {{- $complete := printf "sql://%v:%v@%v/%v" .Values.mariadb.mariadbUsername $dbPass $portHost .Values.mariadb.mariadbDatabase -}} - {{- $urlnossl := printf "sql://%v:%v@%v/%v?sslmode=disable" .Values.mariadb.mariadbUsername $dbPass $portHost .Values.mariadb.mariadbDatabase -}} - {{- $jdbc := printf "jdbc:sqlserver://%v/%v" $portHost .Values.mariadb.mariadbDatabase -}} - {{- $jdbcMySQL := printf "jdbc:mysql://%v/%v" $portHost .Values.mariadb.mariadbDatabase -}} - {{- $jdbcMariaDB := printf "jdbc:mariadb://%v/%v" $portHost .Values.mariadb.mariadbDatabase -}} - - {{/* Append some values to mariadb.creds, so apps using the dep, can use them */}} - {{- $_ := set .Values.mariadb.creds "mariadbPassword" ($dbPass | quote) -}} - {{- $_ := set .Values.mariadb.creds "mariadbRootPassword" ($rootPass | quote) -}} - {{- $_ := set .Values.mariadb.creds "plain" ($dbhost | quote) -}} - {{- $_ := set .Values.mariadb.creds "plainhost" ($dbhost | quote) -}} - {{- $_ := set .Values.mariadb.creds "plainport" ($portHost | quote) -}} - {{- $_ := set .Values.mariadb.creds "plainporthost" ($portHost | quote) -}} - {{- $_ := set .Values.mariadb.creds "complete" ($complete | quote) -}} - {{- $_ := set .Values.mariadb.creds "urlnossl" ($urlnossl | quote) -}} - {{- $_ := set .Values.mariadb.creds "jdbc" ($jdbc | quote) -}} - {{- $_ := set .Values.mariadb.creds "jdbcmysql" ($jdbcMySQL | quote) -}} - {{- $_ := set .Values.mariadb.creds "jdbcmariadb" ($jdbcMariaDB | quote) -}} - -{{/* Create the secret (Comment also plays a role on correct formatting) */}} -enabled: true -expandObjectName: false -data: - mariadb-password: {{ $dbPass }} - mariadb-root-password: {{ $rootPass }} - url: {{ $complete }} - urlnossl: {{ $urlnossl }} - plainporthost: {{ $portHost }} - plainhost: {{ $dbhost }} - jdbc: {{ $jdbc }} - jdbc-mysql: {{ $jdbcMySQL }} - jdbc-mariadb: {{ $jdbcMariaDB }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.dependencies.mariadb.injector" -}} - {{- $secret := include "tc.v1.common.dependencies.mariadb.secret" . | fromYaml -}} - {{- if $secret -}} - {{- $_ := set .Values.secret (printf "%s-%s" .Release.Name "mariadbcreds") $secret -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/dependencies/_mongodbInjector.tpl b/charts/common/templates/lib/dependencies/_mongodbInjector.tpl deleted file mode 100644 index b3cbdda..0000000 --- a/charts/common/templates/lib/dependencies/_mongodbInjector.tpl +++ /dev/null @@ -1,53 +0,0 @@ -{{/* -This template generates a random password and ensures it persists across updates/edits to the chart -*/}} -{{- define "tc.v1.common.dependencies.mongodb.secret" -}} - -{{- if .Values.mongodb.enabled -}} - {{/* Use custom-set password */}} - {{- $dbPass := .Values.mongodb.password -}} - - {{/* Use custom-set root-password */}} - {{- $rootPass := .Values.mongodb.rootPassword -}} - - {{/* Prepare data */}} - {{- $dbhost := printf "%v-%v" .Release.Name "mongodb" -}} - {{- $portHost := printf "%v:27017" $dbhost -}} - {{- $jdbc := printf "jdbc:mongodb://%v/%v" $portHost .Values.mongodb.mongodbDatabase -}} - {{- $url := printf "mongodb://%v:%v@%v/%v" .Values.mongodb.mongodbUsername $dbPass $portHost .Values.mongodb.mongodbDatabase -}} - {{- $urlssl := printf "%v?ssl=true" $url -}} - {{- $urltls := printf "%v?tls=true" $url -}} - - {{/* Append some values to mongodb.creds, so apps using the dep, can use them */}} - {{- $_ := set .Values.mongodb.creds "mongodbPassword" ($dbPass | quote) -}} - {{- $_ := set .Values.mongodb.creds "mongodbRootPassword" ($rootPass | quote) -}} - {{- $_ := set .Values.mongodb.creds "plain" ($dbhost | quote) -}} - {{- $_ := set .Values.mongodb.creds "plainhost" ($dbhost | quote) -}} - {{- $_ := set .Values.mongodb.creds "plainport" ($portHost | quote) -}} - {{- $_ := set .Values.mongodb.creds "plainporthost" ($portHost | quote) -}} - {{- $_ := set .Values.mongodb.creds "complete" ($url | quote) -}} - {{- $_ := set .Values.mongodb.creds "urlssl" ($urlssl | quote) -}} - {{- $_ := set .Values.mongodb.creds "urltls" ($urltls | quote) -}} - {{- $_ := set .Values.mongodb.creds "jdbc" ($jdbc | quote) -}} - -{{/* Create the secret (Comment also plays a role on correct formatting) */}} -enabled: true -expandObjectName: false -data: - mongodb-password: {{ $dbPass }} - mongodb-root-password: {{ $rootPass }} - url: {{ $url }} - urlssl: {{ $urlssl }} - urltls: {{ $urltls }} - jdbc: {{ $jdbc }} - plainhost: {{ $dbhost }} - plainporthost: {{ $portHost }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.dependencies.mongodb.injector" -}} - {{- $secret := include "tc.v1.common.dependencies.mongodb.secret" . | fromYaml -}} - {{- if $secret -}} - {{- $_ := set .Values.secret (printf "%s-%s" .Release.Name "mongodbcreds") $secret -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/dependencies/_redisInjector.tpl b/charts/common/templates/lib/dependencies/_redisInjector.tpl deleted file mode 100644 index e500b40..0000000 --- a/charts/common/templates/lib/dependencies/_redisInjector.tpl +++ /dev/null @@ -1,48 +0,0 @@ -{{/* -This template generates a random password and ensures it persists across updates/edits to the chart -*/}} -{{- define "tc.v1.common.dependencies.redis.secret" -}} - -{{- if .Values.redis.enabled -}} - {{- $dbIndex := .Values.redis.redisDatabase | default "0" -}} - {{/* Use with custom-set password */}} - {{- $dbPass := .Values.redis.password -}} - - {{- $redisUser := .Values.redis.redisUsername -}} - {{- if not $redisUser -}}{{/* If you try to print a nil value it will print as [nil] */}} - {{- $redisUser = "" -}} - {{- end -}} - {{/* Prepare data */}} - {{- $dbHost := printf "%v-%v" .Release.Name "redis" -}} - {{- $portHost := printf "%v:6379" $dbHost -}} - {{- $url := printf "redis://%v:%v@%v/%v" $redisUser $dbPass $portHost $dbIndex -}} - {{- $hostPass := printf "%v:%v@%v" $redisUser $dbPass $dbHost -}} - - {{/* Append some values to redis.creds, so apps using the dep, can use them */}} - {{- $_ := set .Values.redis.creds "redisPassword" ($dbPass | quote) -}} - {{- $_ := set .Values.redis.creds "plain" ($dbHost | quote) -}} - {{- $_ := set .Values.redis.creds "plainhost" ($dbHost | quote) -}} - {{- $_ := set .Values.redis.creds "plainport" ($portHost | quote) -}} - {{- $_ := set .Values.redis.creds "plainporthost" ($portHost | quote) -}} - {{- $_ := set .Values.redis.creds "plainhostpass" ($hostPass | quote) -}} - {{- $_ := set .Values.redis.creds "url" ($url | quote) -}} - -{{/* Create the secret (Comment also plays a role on correct formatting) */}} -enabled: true -expandObjectName: false -data: - redis-password: {{ $dbPass }} - plain: {{ $dbHost }} - url: {{ $url }} - plainhostpass: {{ $hostPass }} - plainporthost: {{ $portHost }} - plainhost: {{ $dbHost }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.dependencies.redis.injector" -}} - {{- $secret := include "tc.v1.common.dependencies.redis.secret" . | fromYaml -}} - {{- if $secret -}} - {{- $_ := set .Values.secret (printf "%s-%s" .Release.Name "rediscreds") $secret -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/dependencies/_solrInjector.tpl b/charts/common/templates/lib/dependencies/_solrInjector.tpl deleted file mode 100644 index 357122a..0000000 --- a/charts/common/templates/lib/dependencies/_solrInjector.tpl +++ /dev/null @@ -1,37 +0,0 @@ -{{/* -This template generates a random password and ensures it persists across updates/edits to the chart -*/}} -{{- define "tc.v1.common.dependencies.solr.secret" -}} - -{{- if .Values.solr.enabled -}} - {{/* Use with custom-set password */}} - {{- $solrPass := .Values.solr.password -}} - - {{/* Prepare data */}} - {{- $dbHost := printf "%v-%v" .Release.Name "solr" -}} - {{- $portHost := printf "%v:8983" $dbHost -}} - {{- $url := printf "http://%v:%v@%v/url/%v" .Values.solr.solrUsername $solrPass $portHost .Values.solr.solrCores -}} - - {{/* Append some values to solr.creds, so apps using the dep, can use them */}} - {{- $_ := set .Values.solr.creds "solrPassword" ($solrPass | quote) -}} - {{- $_ := set .Values.solr.creds "plain" ($dbHost | quote) -}} - {{- $_ := set .Values.solr.creds "plainhost" ($dbHost | quote) -}} - {{- $_ := set .Values.solr.creds "portHost" ($portHost | quote) -}} - {{- $_ := set .Values.solr.creds "url" ($url | quote) -}} - -{{/* Create the secret (Comment also plays a role on correct formatting) */}} -enabled: true -expandObjectName: false -data: - solr-password: {{ $solrPass }} - url: {{ $url }} - plainhost: {{ $dbHost }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.dependencies.solr.injector" -}} - {{- $secret := include "tc.v1.common.dependencies.solr.secret" . | fromYaml -}} - {{- if $secret -}} - {{- $_ := set .Values.secret (printf "%s-%s" .Release.Name "solrcreds") $secret -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/endpoint/_addresses.tpl b/charts/common/templates/lib/endpoint/_addresses.tpl deleted file mode 100644 index c80950a..0000000 --- a/charts/common/templates/lib/endpoint/_addresses.tpl +++ /dev/null @@ -1,20 +0,0 @@ -{{/* Endpoint - addresses */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.endpoint.addresses" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The object data of the service -*/}} - -{{- define "tc.v1.common.lib.endpoint.addresses" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.externalIP -}} - {{- fail "EndpointSlice - Expected non-empty [externalIP]" -}} - {{- end -}} - - {{- if not (kindIs "string" $objectData.externalIP) -}} {{/* Only single IP is supported currently on this lib */}} - {{- fail (printf "EndpointSlice - Expected [externalIP] to be a [string], but got [%s]" (kindOf $objectData.externalIP)) -}} - {{- end }} - - ip: {{ tpl $objectData.externalIP $rootCtx }} -{{- end -}} diff --git a/charts/common/templates/lib/endpoint/_ports.tpl b/charts/common/templates/lib/endpoint/_ports.tpl deleted file mode 100644 index de9761f..0000000 --- a/charts/common/templates/lib/endpoint/_ports.tpl +++ /dev/null @@ -1,40 +0,0 @@ -{{/* Endpoint - Ports */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.endpoint.ports" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The object data of the service -*/}} - -{{- define "tc.v1.common.lib.endpoint.ports" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $tcpProtocols := (list "tcp" "http" "https") -}} - {{- range $name, $portValues := $objectData.ports -}} - {{- if $portValues.enabled -}} - {{- $protocol := $rootCtx.Values.global.fallbackDefaults.serviceProtocol -}} {{/* Default to fallback protocol, if no protocol is defined */}} - {{- $port := $portValues.targetPort | default $portValues.port -}} - - {{/* Expand targetPort */}} - {{- if (kindIs "string" $port) -}} - {{- $port = (tpl $port $rootCtx) -}} - {{- end -}} - {{- $port = int $port -}} - - {{- with $portValues.protocol -}} - {{- $protocol = tpl . $rootCtx -}} - - {{- if mustHas $protocol $tcpProtocols -}} - {{- $protocol = "tcp" -}} - {{- end -}} - {{- end }} -- name: {{ $name }} - port: {{ $port }} - protocol: {{ $protocol | upper }} - {{- with $portValues.appProtocol }} - appProtocol: {{ tpl . $rootCtx | lower }} - {{- end -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/endpointSlice/_endpoints.tpl b/charts/common/templates/lib/endpointSlice/_endpoints.tpl deleted file mode 100644 index 38d81e5..0000000 --- a/charts/common/templates/lib/endpointSlice/_endpoints.tpl +++ /dev/null @@ -1,21 +0,0 @@ -{{/* EndpointSlice - endpoints */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.endpointslice.endpoints" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The object data of the service -*/}} - -{{- define "tc.v1.common.lib.endpointslice.endpoints" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.externalIP -}} - {{- fail "EndpointSlice - Expected non-empty [externalIP]" -}} - {{- end -}} - - {{- if not (kindIs "string" $objectData.externalIP) -}} {{/* Only single IP is supported currently on this lib */}} - {{- fail (printf "EndpointSlice - Expected [externalIP] to be a [string], but got [%s]" (kindOf $objectData.externalIP)) -}} - {{- end }} -- addresses: - - {{ tpl $objectData.externalIP $rootCtx }} -{{- end -}} diff --git a/charts/common/templates/lib/endpointSlice/_ports.tpl b/charts/common/templates/lib/endpointSlice/_ports.tpl deleted file mode 100644 index 726b96d..0000000 --- a/charts/common/templates/lib/endpointSlice/_ports.tpl +++ /dev/null @@ -1,40 +0,0 @@ -{{/* EndpointSlice - Ports */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.endpointslice.ports" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The object data of the service -*/}} - -{{- define "tc.v1.common.lib.endpointslice.ports" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $tcpProtocols := (list "tcp" "http" "https") -}} - {{- range $name, $portValues := $objectData.ports -}} - {{- if $portValues.enabled -}} - {{- $protocol := $rootCtx.Values.global.fallbackDefaults.serviceProtocol -}} {{/* Default to fallback protocol, if no protocol is defined */}} - {{- $port := $portValues.targetPort | default $portValues.port -}} - - {{/* Expand targetPort */}} - {{- if (kindIs "string" $port) -}} - {{- $port = (tpl $port $rootCtx) -}} - {{- end -}} - {{- $port = int $port -}} - - {{- with $portValues.protocol -}} - {{- $protocol = tpl . $rootCtx -}} - - {{- if mustHas $protocol $tcpProtocols -}} - {{- $protocol = "tcp" -}} - {{- end -}} - {{- end }} -- name: {{ $name }} - port: {{ $port }} - protocol: {{ $protocol | upper }} - {{- with $portValues.appProtocol }} - appProtocol: {{ tpl . $rootCtx | lower }} - {{- end -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/hpa/_validation.tpl b/charts/common/templates/lib/hpa/_validation.tpl deleted file mode 100644 index a8195df..0000000 --- a/charts/common/templates/lib/hpa/_validation.tpl +++ /dev/null @@ -1,360 +0,0 @@ -{{- define "tc.v1.common.lib.hpa.validation" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $minReplicas := 1 -}} - {{- with $objectData.minReplicas -}} - {{- if not (mustHas (kindOf $objectData.minReplicas) (list "int" "int64" "float64")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.minReplicas] to be an integer, but got [%s]" $objectData.hpaName (kindOf $objectData.minReplicas)) -}} - {{- end -}} - {{- $minReplicas = $objectData.minReplicas -}} - {{- end -}} - - {{- $maxReplicas := 3 -}} - {{- with $objectData.maxReplicas -}} - {{- if not (mustHas (kindOf $objectData.maxReplicas) (list "int" "int64" "float64")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.maxReplicas] to be an integer, but got [%s]" $objectData.hpaName (kindOf $objectData.maxReplicas)) -}} - {{- end -}} - {{- $maxReplicas = $objectData.maxReplicas -}} - {{- end -}} - - {{- $_ := set $objectData "minReplicas" $minReplicas -}} - {{- $_ := set $objectData "maxReplicas" $maxReplicas -}} - - {{- if lt $maxReplicas $minReplicas -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.minReplicas] to be less than [hpa.%s.maxReplicas], but got [%d] and [%d]" $objectData.hpaName $objectData.hpaName ($minReplicas | int) ($maxReplicas | int)) -}} - {{- end -}} - - {{- if $objectData.behavior -}} - {{- if $objectData.behavior.scaleUp -}} - {{- include "tc.v1.common.lib.hpa.validation.behavior" (dict "objectData" $objectData "rootCtx" $rootCtx "data" $objectData.behavior.scaleUp "key" "scaleUp") -}} - {{- end -}} - {{- if $objectData.behavior.scaleDown -}} - {{- include "tc.v1.common.lib.hpa.validation.behavior" (dict "objectData" $objectData "rootCtx" $rootCtx "data" $objectData.behavior.scaleDown "key" "scaleDown") -}} - {{- end -}} - {{- end -}} - - {{- if $objectData.metrics -}} - {{- include "tc.v1.common.lib.hpa.validation.metrics" (dict "objectData" $objectData "rootCtx" $rootCtx "data" $objectData.metrics) -}} - {{- end -}} - -{{- end -}} - -{{- define "tc.v1.common.lib.hpa.validation.behavior" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $data := .data -}} - {{- $key := .key -}} - - {{- if $data.selectPolicy -}} - {{- $validSelectPolicies := list "Max" "Min" "Disabled" -}} - {{- if not (mustHas $data.selectPolicy $validSelectPolicies) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.behavior.%s.selectPolicy] to be one of [%s], but got [%s]" $objectData.hpaName $key (join ", " $validSelectPolicies) $data.selectPolicy) -}} - {{- end -}} - {{- end -}} - - {{- if $data.stabilizationWindowSeconds -}} - {{- if not (mustHas (kindOf $data.stabilizationWindowSeconds) (list "int" "int64" "float64")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.behavior.%s.stabilizationWindowSeconds] to be an integer, but got [%s]" $objectData.hpaName $key (kindOf $data.stabilizationWindowSeconds)) -}} - {{- end -}} - {{- end -}} - - {{- if $data.policies -}} - {{- if not (kindIs "slice" $data.policies) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.behavior.%s.policies] to be a list, but got [%s]" $objectData.hpaName $key (kindOf $data.policies)) -}} - {{- end -}} - - {{- $validPolicies := list "Pods" "Percent" -}} - {{- range $idx, $policy := $data.policies -}} - {{- if not (kindIs "map" $policy) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.behavior.%s.policies.%d] to be a map, but got [%s]" $objectData.hpaName $key $idx (kindOf $policy)) -}} - {{- end -}} - - {{- if not (mustHas $policy.type $validPolicies) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.behavior.%s.policies.%d.type] to be one of [%s], but got [%s]" $objectData.hpaName $key $idx (join ", " $validPolicies) $policy.type) -}} - {{- end -}} - - {{- if not (mustHas (kindOf $policy.value) (list "int" "int64" "float64")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.behavior.%s.policies.%d.value] to be an integer, but got [%s]" $objectData.hpaName $key $idx (kindOf $policy.value)) -}} - {{- end -}} - - {{- if not (mustHas (kindOf $policy.periodSeconds) (list "int" "int64" "float64")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.behavior.%s.policies.%d.periodSeconds] to be an integer, but got [%s]" $objectData.hpaName $key $idx (kindOf $policy.periodSeconds)) -}} - {{- end -}} - - {{- if le ($policy.value | int) 0 -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.behavior.%s.policies.%d.value] to be greater than 0, but got [%v]" $objectData.hpaName $key $idx $policy.value) -}} - {{- end -}} - - {{- if or (lt ($policy.periodSeconds | int) 1) (gt ($policy.periodSeconds | int) 1800) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.behavior.%s.policies.%d.periodSeconds] to be between 1 and 1800, but got [%v]" $objectData.hpaName $key $idx $policy.periodSeconds) -}} - {{- end -}} - - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.hpa.validation.metrics" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- if not (kindIs "slice" $objectData.metrics) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics] to be a list, but got [%s]" $objectData.hpaName (kindOf $objectData.metrics)) -}} - {{- end -}} - - {{- range $idx, $metric := $objectData.metrics -}} - {{- if not (kindIs "map" $metric) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric)) -}} - {{- end -}} - - {{- if not (mustHas $metric.type (list "Resource" "Pods" "Object" "External" "ContainerResource")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.type] to be one of [Resource, Pods, Object, External, ContainerResource], but got [%s]" $objectData.hpaName $idx $metric.type) -}} - {{- end -}} - - {{- if eq $metric.type "Resource" -}} - {{- include "tc.v1.common.lib.hpa.validation.metrics.resource" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric "idx" $idx) -}} - {{- else if eq $metric.type "Pods" -}} - {{- include "tc.v1.common.lib.hpa.validation.metrics.pods" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric "idx" $idx) -}} - {{- else if eq $metric.type "Object" -}} - {{- include "tc.v1.common.lib.hpa.validation.metrics.object" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric "idx" $idx) -}} - {{- else if eq $metric.type "External" -}} - {{- include "tc.v1.common.lib.hpa.validation.metrics.external" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric "idx" $idx) -}} - {{- else if eq $metric.type "ContainerResource" -}} - {{- include "tc.v1.common.lib.hpa.validation.metrics.containerResource" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric "idx" $idx) -}} - {{- end -}} - - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.hpa.validation.metrics.resource" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $metric := .metric -}} - {{- $idx := .idx -}} - - {{- if not (kindIs "map" $metric.resource) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.resource] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.resource)) -}} - {{- end -}} - - {{- $validNames := list "cpu" "memory" -}} - {{- if not (mustHas $metric.resource.name $validNames) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.resource.name] to be one of [%s], but got [%s]" $objectData.hpaName $idx (join ", " $validNames) $metric.resource.name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.hpa.validation.metrics.metric.target" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric.resource "key" "resource" "idx" $idx) -}} -{{- end -}} - -{{- define "tc.v1.common.lib.hpa.validation.metrics.containerResource" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $metric := .metric -}} - {{- $idx := .idx -}} - - {{- if not (kindIs "map" $metric.containerResource) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.containerResource] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.containerResource)) -}} - {{- end -}} - - {{- $validNames := list "cpu" "memory" -}} - {{- if not (mustHas $metric.containerResource.name $validNames) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.containerResource.name] to be one of [%s], but got [%s]" $objectData.hpaName $idx (join ", " $validNames) $metric.containerResource.name) -}} - {{- end -}} - - {{- if not (mustHas $metric.containerResource.container $objectData.containerNames) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.containerResource.container] to be one of [%s], but got [%s]" $objectData.hpaName $idx (join ", " $objectData.containerNames) $metric.containerResource.container) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.hpa.validation.metrics.metric.target" (dict "objectData" $objectData "rootCtx" $rootCtx "metric" $metric.containerResource "key" "containerResource" "idx" $idx) -}} -{{- end -}} - -{{- define "tc.v1.common.lib.hpa.validation.metrics.pods" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $metric := .metric -}} - {{- $idx := .idx -}} - - {{- if not (kindIs "map" $metric.pods) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.pods] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.pods)) -}} - {{- end -}} - - {{- if not (kindIs "map" $metric.pods.metric) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.pods.metric] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.pods.metric)) -}} - {{- end -}} - - {{- if or (not $metric.pods.metric.name) (not (kindIs "string" $metric.pods.metric.name)) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.pods.metric.name] to be a string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.pods.metric.name)) -}} - {{- end -}} - - {{- if not (kindIs "map" $metric.pods.target) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.pods.target] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.pods.target)) -}} - {{- end -}} - - {{- if not (mustHas (kindOf $metric.pods.target.averageValue) (list "int" "int64" "float64" "string")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.pods.target.averageValue] to be an integer or string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.pods.target.averageValue)) -}} - {{- end -}} - - {{- if $metric.pods.metric.selector -}} - {{- include "tc.v1.common.lib.hpa.validation.metric.selector" (dict "objectData" $objectData "rootCtx" $rootCtx "data" $metric.pods "key" "pods" "idx" $idx) -}} - {{- end -}} - -{{- end -}} - -{{- define "tc.v1.common.lib.hpa.validation.metric.selector" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $data := .data -}} - {{- $key := .key -}} - {{- $idx := .idx -}} - - {{- if not (kindIs "map" $data.metric.selector) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.%s.metric.selector] to be a map, but got [%s]" $objectData.hpaName $idx $key (kindOf $data.metric.selector)) -}} - {{- end -}} - - {{- if not (kindIs "map" $data.metric.selector.matchLabels) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.%s.metric.selector.matchLabels] to be a map, but got [%s]" $objectData.hpaName $idx $key (kindOf $data.metric.selector.matchLabels)) -}} - {{- end -}} - - {{- range $k, $v := $data.metric.selector.matchLabels -}} - {{- if not (kindIs "string" $k) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.%s.metric.selector.matchLabels] to have string keys, but got [%s]" $objectData.hpaName $idx $key (kindOf $k)) -}} - {{- end -}} - - {{- if not (kindIs "string" $v) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.%s.metric.selector.matchLabels.%s] to be a string, but got [%s]" $objectData.hpaName $idx $key $k (kindOf $v)) -}} - {{- end -}} - {{- end -}} - -{{- end -}} - -{{- define "tc.v1.common.lib.hpa.validation.metrics.object" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $metric := .metric -}} - {{- $idx := .idx -}} - - {{- if not (kindIs "map" $metric.object) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.object)) -}} - {{- end -}} - - {{- if not (kindIs "map" $metric.object.metric) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object.metric] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.object.metric)) -}} - {{- end -}} - - {{- if or (not $metric.object.metric.name) (not (kindIs "string" $metric.object.metric.name)) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object.metric.name] to be a string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.object.metric.name)) -}} - {{- end -}} - - {{- if not (kindIs "map" $metric.object.target) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object.target] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.object.target)) -}} - {{- end -}} - - {{- $validTypes := list "AverageValue" "Value" -}} - {{- if not (mustHas $metric.object.target.type $validTypes) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object.target.type] to be one of [%s], but got [%s]" $objectData.hpaName $idx (join ", " $validTypes) $metric.object.target.type) -}} - {{- end -}} - - {{- if eq $metric.object.target.type "AverageValue" -}} - {{- if not (mustHas (kindOf $metric.object.target.averageValue) (list "int" "int64" "float64" "string")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object.target.averageValue] to be an integer or string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.object.target.averageValue)) -}} - {{- end -}} - {{- else if eq $metric.object.target.type "Value" -}} - {{- if not (mustHas (kindOf $metric.object.target.value) (list "int" "int64" "float64" "string")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object.target.value] to be an integer or string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.object.target.value)) -}} - {{- end -}} - {{- end -}} - - {{- if $metric.object.metric.selector -}} - {{- include "tc.v1.common.lib.hpa.validation.metric.selector" (dict "objectData" $objectData "rootCtx" $rootCtx "data" $metric.object "key" "object" "idx" $idx) -}} - {{- end -}} - - {{- if not (kindIs "map" $metric.object.describedObject) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object.describedObject] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.object.describedObject)) -}} - {{- end -}} - - {{- if or (not $metric.object.describedObject.name) (not (kindIs "string" $metric.object.describedObject.name)) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object.describedObject.name] to be a string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.object.describedObject.name)) -}} - {{- end -}} - - {{- if or (not $metric.object.describedObject.kind) (not (kindIs "string" $metric.object.describedObject.kind)) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object.describedObject.kind] to be a string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.object.describedObject.kind)) -}} - {{- end -}} - - {{- if or (not $metric.object.describedObject.apiVersion) (not (kindIs "string" $metric.object.describedObject.apiVersion)) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.object.describedObject.apiVersion] to be a string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.object.describedObject.apiVersion)) -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.hpa.validation.metrics.external" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $metric := .metric -}} - {{- $idx := .idx -}} - - {{- if not (kindIs "map" $metric.external) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.external] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.external)) -}} - {{- end -}} - - {{- if not (kindIs "map" $metric.external.metric) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.external.metric] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.external.metric)) -}} - {{- end -}} - - {{- if or (not $metric.external.metric.name) (not (kindIs "string" $metric.external.metric.name)) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.external.metric.name] to be a string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.external.metric.name)) -}} - {{- end -}} - - {{- if not (kindIs "map" $metric.external.target) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.external.target] to be a map, but got [%s]" $objectData.hpaName $idx (kindOf $metric.external.target)) -}} - {{- end -}} - - {{- $validTypes := list "AverageValue" "Value" -}} - {{- if not (mustHas $metric.external.target.type $validTypes) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.external.target.type] to be one of [%s], but got [%s]" $objectData.hpaName $idx (join ", " $validTypes) $metric.external.target.type) -}} - {{- end -}} - - {{- if eq $metric.external.target.type "AverageValue" -}} - {{- if not (mustHas (kindOf $metric.external.target.averageValue) (list "int" "int64" "float64" "string")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.external.target.averageValue] to be an integer or string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.external.target.averageValue)) -}} - {{- end -}} - {{- else if eq $metric.external.target.type "Value" -}} - {{- if not (mustHas (kindOf $metric.external.target.value) (list "int" "int64" "float64" "string")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.external.target.value] to be an integer or string, but got [%s]" $objectData.hpaName $idx (kindOf $metric.external.target.value)) -}} - {{- end -}} - {{- end -}} - - {{- if $metric.external.metric.selector -}} - {{- include "tc.v1.common.lib.hpa.validation.metric.selector" (dict "objectData" $objectData "rootCtx" $rootCtx "data" $metric.external "key" "external" "idx" $idx) -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.hpa.validation.metrics.metric.target" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $data := .metric -}} - {{- $key := .key -}} - {{- $idx := .idx -}} - - {{- if not (kindIs "map" $data.target) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.%s.target] to be a map, but got [%s]" $objectData.hpaName $idx $key (kindOf $data.target)) -}} - {{- end -}} - - {{- $validTargetTypes := list "AverageValue" "Utilization" -}} - {{- if not (mustHas $data.target.type $validTargetTypes) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.%s.target.type] to be one of [%s], but got [%s]" $objectData.hpaName $idx $key (join ", " $validTargetTypes) $data.target.type) -}} - {{- end -}} - - {{- if eq $data.target.type "AverageValue" -}} - {{- if not (mustHas (kindOf $data.target.averageValue) (list "int" "int64" "float64" "string")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.%s.target.averageValue] to be an integer or string, but got [%s]" $objectData.hpaName $idx $key (kindOf $data.target.averageValue)) -}} - {{- end -}} - {{- else if eq $data.target.type "Utilization" -}} - {{- if not (mustHas (kindOf $data.target.averageUtilization) (list "int" "int64" "float64")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.%s.target.averageUtilization] to be an integer, but got [%s]" $objectData.hpaName $idx $key (kindOf $data.target.averageUtilization)) -}} - {{- end -}} - {{- end -}} - - {{- if $data.target.value -}} - {{- if not (mustHas (kindOf $data.target.value) (list "int" "int64" "float64" "string")) -}} - {{- fail (printf "Horizontal Pod Autoscaler - Expected [hpa.%s.metrics.%d.%s.target.value] to be an integer or string, but got [%s]" $objectData.hpaName $idx $key (kindOf $data.target.value)) -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/imagePullSecret/_createData.tpl b/charts/common/templates/lib/imagePullSecret/_createData.tpl deleted file mode 100644 index 5ebef01..0000000 --- a/charts/common/templates/lib/imagePullSecret/_createData.tpl +++ /dev/null @@ -1,43 +0,0 @@ -{{/* Configmap Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.imagePullSecret.createData" (dict "objectData" $objectData "root" $rootCtx) -}} -rootCtx: The root context of the chart. -objectData: - data: The data of the imagePullSecret. -*/}} - -{{- define "tc.v1.common.lib.imagePullSecret.createData" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $registrySecret := dict -}} - - {{/* Auth is b64encoded and then the whole secret is b64encoded */}} - {{- $auth := printf "%s:%s" (tpl $objectData.data.username $rootCtx) (tpl $objectData.data.password $rootCtx) | b64enc -}} - - {{- $registry := dict -}} - {{- with $objectData.data -}} - {{- $registry = (dict "username" (tpl .username $rootCtx) "password" (tpl .password $rootCtx) - "email" (tpl .email $rootCtx) "auth" $auth) -}} - {{- end -}} - - {{- $registryKey := tpl $objectData.data.registry $rootCtx -}} - {{- $_ := set $registrySecret "auths" (dict $registryKey $registry) -}} - - {{/* - This should result in something like this: - { - "auths": { - "$registry": { - "username": "$username", - "password": "$password", - "email": "$email", - "auth": "($username:$password) base64" - } - } -} -*/}} - - {{/* Return the registrySecret as Json */}} - {{- $registrySecret | toJson -}} -{{- end -}} diff --git a/charts/common/templates/lib/imagePullSecret/_validation.tpl b/charts/common/templates/lib/imagePullSecret/_validation.tpl deleted file mode 100644 index 3162c83..0000000 --- a/charts/common/templates/lib/imagePullSecret/_validation.tpl +++ /dev/null @@ -1,27 +0,0 @@ -{{/* Configmap Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.imagePullSecret.validation" (dict "objectData" $objectData) -}} -objectData: - labels: The labels of the imagePullSecret. - annotations: The annotations of the imagePullSecret. - data: The data of the imagePullSecret. -*/}} - -{{- define "tc.v1.common.lib.imagePullSecret.validation" -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.data -}} - {{- fail "Image Pull Secret - Expected non-empty [data]" -}} - {{- end -}} - - {{- if not (kindIs "map" $objectData.data) -}} - {{- fail (printf "Image Pull Secret - Expected [data] to be a dictionary, but got [%v]" (kindOf $objectData.data)) -}} - {{- end -}} - - {{- range $key := (list "username" "password" "registry" "email") -}} - {{- if not (get $objectData.data $key) -}} - {{- fail (printf "Image Pull Secret - Expected non-empty [%s]" $key) -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/ingress/_serviceData.tpl b/charts/common/templates/lib/ingress/_serviceData.tpl deleted file mode 100644 index 3190dbf..0000000 --- a/charts/common/templates/lib/ingress/_serviceData.tpl +++ /dev/null @@ -1,35 +0,0 @@ -{{- define "tc.v1.common.lib.ingress.backend.data" -}} - {{- $rootCtx := .rootCtx -}} - {{- $svcData := .svcData -}} - {{- $override := .override -}} - - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - - {{- with $override -}} - {{- $name := .name -}} - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $rootCtx "objectData" . "name" $name - "caller" "Ingress" "key" "overrideService" - )) -}} - - {{/* Init */}} - {{- $expName := $name -}} - - {{/* Expand if needed */}} - {{- if eq $expandName "true" -}} - {{/* But first check if the svc is primary */}} - {{- $svc := (get $rootCtx.Values.service $name) | default dict -}} - - {{- if $svc.primary -}} {{/* If primary, use fullname */}} - {{- $expName = $fullname -}} - {{- else -}} {{/* If not primary, use fullname + name */}} - {{- $expName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- end -}} - - {{- $svcData = (dict "name" $expName "port" .port) -}} - {{- end -}} - - {{- $svcData | toYaml -}} -{{- end -}} diff --git a/charts/common/templates/lib/ingress/_targetSelector.tpl b/charts/common/templates/lib/ingress/_targetSelector.tpl deleted file mode 100644 index 91a1e02..0000000 --- a/charts/common/templates/lib/ingress/_targetSelector.tpl +++ /dev/null @@ -1,90 +0,0 @@ -{{/* Returns the selected service or fallback to primary */}} -{{- define "tc.v1.common.lib.ingress.targetSelector" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $selectedService := (dict "name" "" "port" 0) -}} - {{- $svcData := dict -}} - {{- $portData := dict -}} - {{- $svcName := "" -}} - {{- $portName := "" -}} - - {{- if $objectData.targetSelector -}} - {{/* We have validation that only 1 key is allowed */}} - {{- $svcName = ($objectData.targetSelector | keys | mustFirst) -}} - {{- $portName = (get $objectData.targetSelector $svcName) -}} - {{- $svcData = (get $rootCtx.Values.service $svcName) -}} - - {{- if not $svcData -}} - {{- fail (printf "Ingress - Expected targeted service [%s] to exist" $svcName) -}} - {{- end -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $svcData - "name" $svcName "caller" "Ingress" - "key" "ingress")) -}} - - {{- if ne $enabled "true" -}} - {{- fail (printf "Ingress - Expected targeted service [%s] to be enabled" $svcName) -}} - {{- end -}} - - {{- else -}} - {{/* Find the primary service */}} - {{- range $name, $service := $rootCtx.Values.service -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $service - "name" $name "caller" "Ingress" - "key" "ingress")) -}} - - {{/* Check if its enabled */}} - {{- if eq $enabled "true" -}} - - {{- if $service.primary -}} - {{- $svcName = $name -}} - {{- $svcData = $service -}} - - {{/* Find the primary port */}} - {{- range $name, $port := $svcData.ports -}} - {{- if $port.primary -}} - {{- $portName = $name -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if not $svcData -}} - {{- fail "Ingress - Expected [targetSelector] or a primary service to exist" -}} - {{- end -}} - - {{- end -}} - - {{- $portData = (get $svcData.ports $portName) -}} - {{- if not $portData -}} - {{- fail (printf "Ingress - Expected targeted service [%s] to have port [%s]" $svcName $portName) -}} - {{- end -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $portData - "name" $portName "caller" "Ingress" - "key" "ingress")) -}} - - {{- if ne $enabled "true" -}} - {{- fail (printf "Ingress - Expected targeted service port [%s] to be enabled" $portName) -}} - {{- end -}} - - {{- $expandedSvcName := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - {{- if not $svcData.primary -}} - {{- $expandedSvcName = printf "%s-%s" $expandedSvcName $svcName -}} - {{- end -}} - - {{- $protocol := default "http" -}} - {{- if eq $portData.protocol "https" -}} - {{- $protocol = "https" -}} - {{- end -}} - - {{- $selectedService = (dict "name" $expandedSvcName "port" (tpl ($portData.port | toString) $rootCtx) "protocol" $protocol) -}} - - {{- $selectedService | toYaml -}} -{{- end -}} diff --git a/charts/common/templates/lib/ingress/_validation.tpl b/charts/common/templates/lib/ingress/_validation.tpl deleted file mode 100644 index 1b03836..0000000 --- a/charts/common/templates/lib/ingress/_validation.tpl +++ /dev/null @@ -1,189 +0,0 @@ -{{/* Ingress Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.ingress.validation" (dict "rootCtx" $ "objectData" $objectData) -}} -objectData: - rootCtx: The root context of the chart. - objectData: The Ingress object. -*/}} - -{{- define "tc.v1.common.lib.ingress.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if $objectData.targetSelector -}} - {{- if not (kindIs "map" $objectData.targetSelector) -}} - {{- fail (printf "Ingress - Expected [targetSelector] to be a [map], but got [%s]" (kindOf $objectData.targetSelector)) -}} - {{- end -}} - - {{- $selectors := $objectData.targetSelector | keys | len -}} - {{- if (gt $selectors 1) -}} - {{ fail (printf "Ingress - Expected [targetSelector] to have exactly one key, but got [%d]" $selectors) -}} - {{- end -}} - - {{- range $k, $v := $objectData.targetSelector -}} - {{- if not $v -}} - {{- fail (printf "Ingress - Expected [targetSelector.%s] to have a value" $k) -}} - {{- end -}} - - {{- if not (kindIs "string" $v) -}} - {{- fail (printf "Ingress - Expected [targetSelector.%s] to be a [string], but got [%s]" $k (kindOf $v)) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if $objectData.ingressClassName -}} - {{- $icn := tpl $objectData.ingressClassName $rootCtx -}} - {{- if eq $icn "tc-stopped" -}} - {{- fail "Ingress - Expected [ingressClassName] to not be [tc-stopped], this is reserved for internal use" -}} - {{- end -}} - {{- end -}} - - {{- if not $objectData.hosts -}} - {{- fail "Ingress - Expected non-empty [hosts]" -}} - {{- end -}} - - {{- if not (kindIs "slice" $objectData.hosts) -}} - {{- fail (printf "Ingress - Expected [hosts] to be a [slice], but got [%s]" (kindOf $objectData.hosts)) -}} - {{- end -}} - - {{- range $h := $objectData.hosts -}} - {{- if not $h.host -}} - {{- fail "Ingress - Expected non-empty [hosts.host]" -}} - {{- end -}} - - {{- $host := tpl $h.host $rootCtx -}} - {{- if (hasPrefix "http://" $host) -}} - {{- fail (printf "Ingress - Expected [hosts.host] to not start with [http://], but got [%s]" $host) -}} - {{- end -}} - {{- if (hasPrefix "https://" $host) -}} - {{- fail (printf "Ingress - Expected [hosts.host] to not start with [https://], but got [%s]" $host) -}} - {{- end -}} - {{- if (contains ":" $host) -}} - {{- fail (printf "Ingress - Expected [hosts.host] to not contain [:], but got [%s]" $host) -}} - {{- end -}} - - {{- if and $h.paths (not (kindIs "slice" $h.paths)) -}} - {{- fail (printf "Ingress - Expected [hosts.paths] to be a [slice], but got [%s]" (kindOf $h.paths)) -}} - {{- end -}} - - {{- range $p := $h.paths -}} - {{- $pathType := "Prefix" -}} - {{- if $p.pathType -}} - {{- $pathType = tpl $p.pathType $rootCtx -}} - {{- end -}} - - {{- $validPathTypes := (list "Prefix" "Exact" "ImplementationSpecific") -}} - {{- if not (mustHas $pathType $validPathTypes) -}} - {{- fail (printf "Ingress - Expected [hosts.paths.pathType] to be one of [%s], but got [%s]" (join ", " $validPathTypes) $pathType) -}} - {{- end -}} - - {{- $path := tpl ($p.path | default "/") $rootCtx -}} - {{- $prefixSlashTypes := (list "Prefix" "Exact") -}} - {{- if (mustHas $pathType $prefixSlashTypes) -}} - {{- if and $path (not (hasPrefix "/" $path)) -}} - {{- fail (printf "Ingress - Expected [hosts.paths.path] to start with [/], but got [%s]" $path) -}} - {{- end -}} - {{- end -}} - - {{/* If at least one thing in overrideService is defined... */}} - {{- with $p.overrideService -}} - {{- if not .name -}} - {{- fail "Ingress - Expected non-empty [hosts.paths.overrideService.name]" -}} - {{- end -}} - {{- if not .port -}} - {{- fail "Ingress - Expected non-empty [hosts.paths.overrideService.port]" -}} - {{- end -}} - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- range $t := $objectData.tls -}} - {{- if not $t.hosts -}} - {{- fail "Ingress - Expected non-empty [tls.hosts]" -}} - {{- end -}} - - {{- if not (kindIs "slice" $t.hosts) -}} - {{- fail (printf "Ingress - Expected [tls.hosts] to be a [slice], but got [%s]" (kindOf $t.hosts)) -}} - {{- end -}} - - {{- range $h := $t.hosts -}} - {{- if not $h -}} - {{- fail "Ingress - Expected non-empty entry in [tls.hosts]" -}} - {{- end -}} - - {{- $host := tpl $h $rootCtx -}} - {{- if (hasPrefix "http://" $host) -}} - {{- fail (printf "Ingress - Expected entry in [tls.hosts] to not start with [http://], but got [%s]" $host) -}} - {{- end -}} - {{- if (hasPrefix "https://" $host) -}} - {{- fail (printf "Ingress - Expected entry in [tls.hosts] to not start with [https://], but got [%s]" $host) -}} - {{- end -}} - {{- if (contains ":" $host) -}} - {{- fail (printf "Ingress - Expected entry in [tls.hosts] to not contain [:], but got [%s]" $host) -}} - {{- end -}} - {{- end -}} - - {{- $certOptions := (list "secretName" "certificateIssuer" "clusterCertificate") -}} - {{- $optsSet := list -}} - {{- range $opt := $certOptions -}} - {{- if (get $t $opt) -}} - {{- $optsSet = mustAppend $optsSet $opt -}} - {{- end -}} - {{- end -}} - - {{- if gt ($optsSet | len) 1 -}} - {{- fail (printf "Ingress - Expected only one of [%s] to be set, but got [%s]" (join ", " $certOptions) (join ", " $optsSet)) -}} - {{- end -}} - - {{- end -}} - -{{- end -}} - -{{/* Ingress Primary Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.ingress.primaryValidation" $ -}} -*/}} -{{- define "tc.v1.common.lib.ingress.primaryValidation" -}} - {{- $result := (include "tc.v1.common.lib.ingress.hasPrimary" $) | fromJson -}} - - {{/* Require at least one primary ingress, if any enabled */}} - {{- if and $result.hasEnabled (not $result.hasPrimary) -}} - {{- fail "Ingress - At least one enabled ingress must be primary" -}} - {{- end -}} - -{{- end -}} - -{{- define "tc.v1.common.lib.ingress.hasPrimary" -}} - - {{/* Initialize values */}} - {{- $hasPrimary := false -}} - {{- $hasEnabled := false -}} - - {{- range $name, $ingress := $.Values.ingress -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $ingress - "name" $name "caller" "Ingress" - "key" "ingress")) -}} - - {{/* If ingress is enabled */}} - {{- if eq $enabled "true" -}} - {{- $hasEnabled = true -}} - - {{/* And ingress is primary */}} - {{- if and (hasKey $ingress "primary") ($ingress.primary) -}} - {{/* Fail if there is already a primary ingress */}} - {{- if $hasPrimary -}} - {{- fail "Ingress - Only one ingress can be primary" -}} - {{- end -}} - - {{- $hasPrimary = true -}} - - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- (dict "hasPrimary" $hasPrimary "hasEnabled" $hasEnabled) | toJson -}} -{{- end -}} diff --git a/charts/common/templates/lib/ingress/integrations/_certManager.tpl b/charts/common/templates/lib/ingress/integrations/_certManager.tpl deleted file mode 100644 index 2df0cdb..0000000 --- a/charts/common/templates/lib/ingress/integrations/_certManager.tpl +++ /dev/null @@ -1,29 +0,0 @@ -{{- define "tc.v1.common.lib.ingress.integration.certManager" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $certManager := $objectData.integrations.certManager -}} - - {{- if $certManager.enabled -}} - {{- include "tc.v1.common.lib.ingress.integration.certManager.validate" (dict "objectData" $objectData) -}} - - {{- $_ := set $objectData.annotations "cert-manager.io/cluster-issuer" $certManager.certificateIssuer -}} - {{- $_ := set $objectData.annotations "cert-manager.io/private-key-rotation-policy" "Always" -}} - - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.ingress.integration.certManager.validate" -}} - {{- $objectData := .objectData -}} - - {{- $certManager := $objectData.integrations.certManager -}} - - {{- if not $certManager.certificateIssuer -}} - {{- fail "Ingress - Expected a non-empty [integrations.certManager.certificateIssuer]" -}} - {{- end -}} - - {{- if not (kindIs "string" $certManager.certificateIssuer) -}} - {{- fail (printf "Ingress - Expected [integrations.certManager.certificateIssuer] to be a [string], but got [%s]" (kindOf $certManager.certificateIssuer)) -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/ingress/integrations/_homepage.tpl b/charts/common/templates/lib/ingress/integrations/_homepage.tpl deleted file mode 100644 index 9a400c8..0000000 --- a/charts/common/templates/lib/ingress/integrations/_homepage.tpl +++ /dev/null @@ -1,119 +0,0 @@ -{{- define "tc.v1.common.lib.ingress.integration.homepage" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $homepage := $objectData.integrations.homepage -}} - {{- if and $homepage $homepage.enabled -}} - {{- if not (hasKey $homepage "widget") -}} - {{- $_ := set $objectData.integrations.homepage "widget" dict -}} - {{- end -}} - - {{- $widEnabled := true -}} - {{- if and (hasKey $homepage.widget "enabled") (kindIs "bool" $homepage.widget.enabled) -}} - {{- $widEnabled = $homepage.widget.enabled -}} - {{- end -}} - - {{- include "tc.v1.common.lib.ingress.integration.homepage.validation" (dict "objectData" $objectData) -}} - - {{- $name := $homepage.name | default ($rootCtx.Release.Name | camelcase | title) -}} - {{- $desc := $homepage.description | default $rootCtx.Chart.Description -}} - {{- $icon := $homepage.icon | default $rootCtx.Chart.Icon -}} - {{- $defaultType := $rootCtx.Chart.Name | lower -}} - {{/* Remove any non-characters from the default type */}} - {{- $defaultType = regexReplaceAll "\\W+" $defaultType "" -}} - {{- $type := $homepage.widget.type | default $defaultType -}} - {{- $url := $homepage.widget.url -}} - {{- $version := $homepage.widget.version | default 1 | toString -}} - {{- $href := $homepage.href -}} - - {{- if not $href -}} - {{- $fHost := $objectData.hosts | mustFirst -}} - {{- $fPath := $fHost.paths | mustFirst -}} - {{- $host := tpl $fHost.host $rootCtx -}} - {{- $path := tpl $fPath.path $rootCtx -}} - - {{- $href = printf "https://%s/%s" $host ($path | trimPrefix "/") -}} - {{- end -}} - - {{- if not $url -}} - {{- $svc := $objectData.selectedService.name -}} - {{- $port := $objectData.selectedService.port -}} - {{- $prot := $objectData.selectedService.protocol -}} - {{- $ns := include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Ingress") -}} - - {{- $url = printf "%s://%s.%s.svc:%s" $prot $svc $ns $port -}} - {{- end -}} - - {{- $_ := set $objectData.annotations "gethomepage.dev/enabled" "true" -}} - {{- $_ := set $objectData.annotations "gethomepage.dev/name" (tpl $name $rootCtx) -}} - {{- $_ := set $objectData.annotations "gethomepage.dev/href" (tpl $href $rootCtx) -}} - {{- $_ := set $objectData.annotations "gethomepage.dev/description" (tpl $desc $rootCtx) -}} - {{- $_ := set $objectData.annotations "gethomepage.dev/icon" (tpl $icon $rootCtx) -}} - {{- with $homepage.group -}} - {{- $_ := set $objectData.annotations "gethomepage.dev/group" (tpl . $rootCtx) -}} - {{- end -}} - - {{- with $homepage.weight -}} - {{- $_ := set $objectData.annotations "gethomepage.dev/weight" (. | toString) -}} - {{- end -}} - - {{- $selector := printf "app.kubernetes.io/instance=%s,pod.lifecycle in (permanent)" $rootCtx.Release.Name -}} - {{- with $homepage.podSelector -}} - {{- $selector = (printf "pod.name in (%s),pod.lifecycle in (permanent)" (join "," .)) -}} - {{- end -}} - {{- $_ := set $objectData.annotations "gethomepage.dev/pod-selector" $selector -}} - - {{- if $widEnabled -}} - {{- $_ := set $objectData.annotations "gethomepage.dev/widget.type" (tpl $type $rootCtx) -}} - {{- $_ := set $objectData.annotations "gethomepage.dev/widget.version" (tpl $version $rootCtx) -}} - - {{- with $url -}} - {{- $_ := set $objectData.annotations "gethomepage.dev/widget.url" (tpl $url $rootCtx) -}} - {{- end -}} - - {{- if $homepage.widget.custom -}} - {{- range $k, $v := $homepage.widget.custom -}} - {{- if $v -}} - {{- $_ := set $objectData.annotations (printf "gethomepage.dev/widget.%s" $k) (tpl $v $rootCtx | toString) -}} - {{- end -}} - {{- end -}} - {{- range $homepage.widget.customkv -}} - {{- if .value -}} - {{- $_ := set $objectData.annotations (printf "gethomepage.dev/widget.%s" .key ) (tpl .value $rootCtx | toString) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- end -}} - - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.ingress.integration.homepage.validation" -}} - {{- $objectData := .objectData -}} - - {{- $homepage := $objectData.integrations.homepage -}} - - {{- with $homepage.podSelector -}} - {{- if not (kindIs "slice" .) -}} - {{- fail (printf "Ingress - Expected [integrations.homepage.podSelector] to be a [slice], but got [%s]" (kindOf .)) -}} - {{- end -}} - {{- end -}} - - {{- if $homepage.widget.custom -}} - {{- if not (kindIs "map" $homepage.widget.custom) -}} - {{- fail (printf "Ingress - Expected [integrations.homepage.widget.custom] to be a [map], but got [%s]" (kindOf $homepage.widget.custom)) -}} - {{- end -}} - {{- end -}} - - {{- if $homepage.widget.customkv -}} - {{- if not (kindIs "slice" $homepage.widget.customkv) -}} - {{- fail (printf "Ingress - Expected [integrations.homepage.widget.customkv] to be a [slice], but got [%s]" (kindOf $homepage.widget.customkv)) -}} - {{- end -}} - {{- range $item := $homepage.widget.customkv -}} - {{- if not $item.key -}} - {{- fail "Ingress - Expected non-empty [key] in [integrations.homepage.widget.customkv]" -}} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/ingress/integrations/_nginx.tpl b/charts/common/templates/lib/ingress/integrations/_nginx.tpl deleted file mode 100644 index 8c53b1b..0000000 --- a/charts/common/templates/lib/ingress/integrations/_nginx.tpl +++ /dev/null @@ -1,32 +0,0 @@ -{{- define "tc.v1.common.lib.ingress.integration.nginx" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $nginx := $objectData.integrations.nginx -}} - - {{- if $nginx.enabled -}} - - {{/* ipWhiteList */}} - {{- if $nginx.ipWhitelist -}} - {{- include "tc.v1.common.lib.ingress.integration.nginx.ipWhitelist" (dict "objectData" $objectData "whiteList" $nginx.ipWhitelist) -}} - {{- end -}} - - {{/* themePark */}} - {{- if and $nginx.themePark $nginx.themePark.enabled -}} - {{- include "tc.v1.common.lib.ingress.integration.nginx.themePark" (dict "objectData" $objectData "themePark" $nginx.themePark) -}} - {{- end -}} - - {{/* Auth */}} - {{- $validAuthTypes := (list "authentik" "authelia") -}} - {{- if and $nginx.auth $nginx.auth.type -}} - {{- if eq $nginx.auth.type "authentik" -}} - {{- include "tc.v1.common.lib.ingress.integration.nginx.auth.authentik" (dict "objectData" $objectData "auth" $nginx.auth) -}} - {{- else if eq $nginx.auth.type "authelia" -}} - {{- include "tc.v1.common.lib.ingress.integration.nginx.auth.authelia" (dict "objectData" $objectData "auth" $nginx.auth) -}} - {{- else -}} - {{- fail (printf "Ingress - Expected [integrations.nginx.auth.type] to be one of [%s], but got [%s]" (join ", " $validAuthTypes) $nginx.auth.type) -}} - {{- end -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/ingress/integrations/_traefik.tpl b/charts/common/templates/lib/ingress/integrations/_traefik.tpl deleted file mode 100644 index 41ecb6f..0000000 --- a/charts/common/templates/lib/ingress/integrations/_traefik.tpl +++ /dev/null @@ -1,112 +0,0 @@ -{{- define "tc.v1.common.lib.ingress.integration.traefik" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - {{- $ingMiddlewares := $rootCtx.Values.ingressMiddlewares -}} - {{- if $ingMiddlewares -}} - {{- $ingMiddlewares = $ingMiddlewares.traefik | default dict -}} - {{- end -}} - - {{- $traefik := $objectData.integrations.traefik -}} - {{- $enabled := "false" -}} - {{- if and (hasKey $traefik "enabled") (kindIs "bool" $traefik.enabled) -}} - {{- $enabled = $traefik.enabled | toString -}} - {{- end -}} - - {{- if eq $enabled "true" -}} - {{- include "tc.v1.common.lib.ingress.integration.traefik.validate" (dict "objectData" $objectData) -}} - {{- $namespace := include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Traefik Integration") -}} - - {{- $entrypoints := $traefik.entrypoints | default (list "websecure") -}} - {{- $middlewares := list -}} - - {{/* Add the user, common and chart middlewares */}} - {{- if $rootCtx.Values.global.traefik.commonMiddlewares -}} - {{- $middlewares = concat $middlewares $rootCtx.Values.global.traefik.commonMiddlewares -}} - {{- end -}} - - {{- if $traefik.chartMiddlewares -}} - {{- $middlewares = concat $middlewares $traefik.chartMiddlewares -}} - {{- end -}} - - {{- if $traefik.middlewares -}} - {{- $middlewares = concat $middlewares $traefik.middlewares -}} - {{- end -}} - - {{/* Make sure we dont have dupes */}} - {{- if not (deepEqual (mustUniq $entrypoints) $entrypoints) -}} - {{- fail (printf "Ingress - Combined traefik entrypoints contain duplicates [%s]" (join ", " $entrypoints)) -}} - {{- end -}} - - {{- $formattedMiddlewares := list -}} - {{- range $mid := $middlewares -}} - {{- $midNamespace := include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $mid "caller" "Traefik Integration") -}} - - {{- $midName := $mid.name -}} - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $rootCtx "objectData" $mid - "name" $mid.name "caller" "Traefik Integration" - "key" "middlewares")) -}} - - {{/* - Note: if the middleware defined in ingressMiddlewares.traefik has expandObjectName: false, - it has to also be set to false here - */}} - {{- if eq $expandName "true" -}} - {{- if eq $namespace $midNamespace -}} - {{- if not (hasKey $ingMiddlewares $mid.name) -}} - {{- fail (printf "Ingress - Traefik Middleware [%s] is not defined under [ingressMiddlewares.traefik]" $mid.name) -}} - {{- end -}} - {{- end -}} - - {{- $midName = (printf "%s-%s" $fullname $mid.name) -}} - {{- end -}} - - {{/* Format middleware */}} - {{- $formattedMiddlewares = mustAppend $formattedMiddlewares (printf "%s-%s@kubernetescrd" $midNamespace $midName) -}} - {{- end -}} - - {{- if $formattedMiddlewares -}} - {{/* Make sure we do not have dupes */}} - {{- if not (deepEqual (mustUniq $formattedMiddlewares) $formattedMiddlewares) -}} - {{- fail (printf "Ingress - Combined traefik middlewares contain duplicates [%s]" (join ", " $formattedMiddlewares)) -}} - {{- end -}} - {{- end -}} - - {{- $_ := set $objectData.annotations "traefik.ingress.kubernetes.io/router.entrypoints" (join "," $entrypoints) -}} - {{- if $formattedMiddlewares -}} - {{- $_ := set $objectData.annotations "traefik.ingress.kubernetes.io/router.middlewares" (join "," $formattedMiddlewares) -}} - {{- end -}} - - {{- if or $traefik.forceTLS (mustHas "websecure" $entrypoints) -}} - {{- $_ := set $objectData.annotations "traefik.ingress.kubernetes.io/router.tls" "true" -}} - {{- end -}} - - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.ingress.integration.traefik.validate" -}} - {{- $objectData := .objectData -}} - - {{- $traefik := $objectData.integrations.traefik -}} - - {{- if $traefik.entrypoints -}} - {{- if not (kindIs "slice" $traefik.entrypoints) -}} - {{- fail (printf "Ingress - Expected [integrations.traefik.entrypoints] to be a [slice], but got [%s]" (kindOf $traefik.entrypoints)) -}} - {{- end -}} - {{- end -}} - - {{- if $traefik.middlewares -}} - {{- if not (kindIs "slice" $traefik.middlewares) -}} - {{- fail (printf "Ingress - Expected [integrations.traefik.middlewares] to be a [slice], but got [%s]" (kindOf $traefik.middlewares)) -}} - {{- end -}} - {{- end -}} - - {{- if $traefik.chartMiddlewares -}} - {{- if not (kindIs "slice" $traefik.chartMiddlewares) -}} - {{- fail (printf "Ingress - Expected [integrations.traefik.chartMiddlewares] to be a [slice], but got [%s]" (kindOf $traefik.chartMiddlewares)) -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/ingress/integrations/nginx/_auth.tpl b/charts/common/templates/lib/ingress/integrations/nginx/_auth.tpl deleted file mode 100644 index 52562b9..0000000 --- a/charts/common/templates/lib/ingress/integrations/nginx/_auth.tpl +++ /dev/null @@ -1,53 +0,0 @@ -{{- define "tc.v1.common.lib.ingress.integration.nginx.auth.authentik" -}} - {{- $objectData := .objectData -}} - {{- $auth := .auth -}} - - {{- if and $auth.respondHeaders (not (kindIs "slice" $auth.responseHeaders)) -}} - {{- fail (printf "Ingress - Expected [integrations.nginx.auth.responseHeaders] to be a [slice], but got [%s]" (kindOf $auth.responseHeaders)) -}} - {{- end -}} - - {{- $respHeaders := ($auth.responseHeaders | default (list - "Set-Cookie" - "X-authentik-username" - "X-authentik-groups" - "X-authentik-entitlements" - "X-authentik-email" - "X-authentik-name" - "X-authentik-uid" - )) -}} - - {{- if or (not $auth.internalHost) (not $auth.externalHost) -}} - {{- fail "Ingress - Expected [integrations.nginx.auth.internalHost] and [integrations.nginx.auth.externalHost] to be set" -}} - {{- end -}} - - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/auth-method" "GET" -}} - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/auth-response-headers" (join "," $respHeaders) -}} - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/auth-snippet" "proxy_set_header X-Forwarded-Host $http_host;" -}} - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/auth-url" (printf "http://%s/outpost.goauthentik.io/auth/nginx" $auth.internalHost) -}} - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/auth-signin" (printf "https://%s/outpost.goauthentik.io/start?rd=$scheme://$http_host$escaped_request_uri" $auth.externalHost) -}} -{{- end -}} - -{{- define "tc.v1.common.lib.ingress.integration.nginx.auth.authelia" -}} - {{- $objectData := .objectData -}} - {{- $auth := .auth -}} - - {{- if and $auth.respondHeaders (not (kindIs "slice" $auth.responseHeaders)) -}} - {{- fail (printf "Ingress - Expected [integrations.nginx.auth.responseHeaders] to be a [slice], but got [%s]" (kindOf $auth.responseHeaders)) -}} - {{- end -}} - - {{- $respHeaders := ($auth.responseHeaders | default (list - "Remote-User" - "Remote-Name" - "Remote-Groups" - "Remote-Email" - )) -}} - - {{- if or (not $auth.internalHost) (not $auth.externalHost) -}} - {{- fail "Ingress - Expected [integrations.nginx.auth.internalHost] and [integrations.nginx.auth.externalHost] to be set" -}} - {{- end -}} - - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/auth-method" "GET" -}} - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/auth-url" (printf "http://%s/api/verify" $auth.internalHost) -}} - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/auth-response-headers" (join "," $respHeaders) -}} - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/auth-signin" (printf "https://%s?rm=$request_method" $auth.externalHost) -}} -{{- end -}} diff --git a/charts/common/templates/lib/ingress/integrations/nginx/_ipWhiteList.tpl b/charts/common/templates/lib/ingress/integrations/nginx/_ipWhiteList.tpl deleted file mode 100644 index f7e958b..0000000 --- a/charts/common/templates/lib/ingress/integrations/nginx/_ipWhiteList.tpl +++ /dev/null @@ -1,12 +0,0 @@ -{{- define "tc.v1.common.lib.ingress.integration.nginx.ipWhitelist" -}} - {{- $objectData := .objectData -}} - {{- $whiteList := .whiteList -}} - - {{- if not (kindIs "slice" $whiteList) -}} - {{- fail (printf "Ingress - Expected [integrations.nginx.ipWhitelist] to be a [slice], but got [%s]" (kindOf $whiteList)) -}} - {{- end -}} - - {{- if $whiteList -}} - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/whitelist-source-range" (join "," $whiteList) -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/ingress/integrations/nginx/_themePark.tpl b/charts/common/templates/lib/ingress/integrations/nginx/_themePark.tpl deleted file mode 100644 index 81e4e7f..0000000 --- a/charts/common/templates/lib/ingress/integrations/nginx/_themePark.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{- define "tc.v1.common.lib.ingress.integration.nginx.themePark" -}} - {{- $objectData := .objectData -}} - {{- $theme := .themePark -}} - {{- if and $theme $theme.enabled (not (kindIs "string" $theme.css)) -}} - {{- fail (printf "Ingress - Expected [integrations.nginx.themepark.css] to be a [string], but got [%s]" (kindOf $theme.css)) -}} - {{- end -}} - - {{- $snippet := (list - "proxy_set_header Accept-Encoding \"\";" - "sub_filter" - "''" - (printf "'" $theme.css) - "';" - "sub_filter_once on;" - ) -}} - - {{- $_ := set $objectData.annotations "nginx.ingress.kubernetes.io/configuration-snippet" (join "\n" $snippet) -}} -{{- end -}} diff --git a/charts/common/templates/lib/metadata/_allAnnotations.tpl b/charts/common/templates/lib/metadata/_allAnnotations.tpl deleted file mode 100644 index a00703f..0000000 --- a/charts/common/templates/lib/metadata/_allAnnotations.tpl +++ /dev/null @@ -1,9 +0,0 @@ -{{/* Annotations that are added to all objects */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.metadata.allAnnotations" $ }} -*/}} -{{- define "tc.v1.common.lib.metadata.allAnnotations" -}} - {{/* Currently empty but can add later, if needed */}} -{{- include "tc.v1.common.lib.metadata.globalAnnotations" . }} - -{{- end -}} diff --git a/charts/common/templates/lib/metadata/_allLabels.tpl b/charts/common/templates/lib/metadata/_allLabels.tpl deleted file mode 100644 index 3346f79..0000000 --- a/charts/common/templates/lib/metadata/_allLabels.tpl +++ /dev/null @@ -1,15 +0,0 @@ -{{/* Labels that are added to all objects */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.metadata.allLabels" $ }} -*/}} -{{- define "tc.v1.common.lib.metadata.allLabels" -}} -helm.sh/chart: {{ include "tc.v1.common.lib.chart.names.chart" . }} -helm-revision: {{ .Release.Revision | quote }} -app.kubernetes.io/name: {{ include "tc.v1.common.lib.chart.names.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -app: {{ include "tc.v1.common.lib.chart.names.chart" . }} -release: {{ .Release.Name }} -{{- include "tc.v1.common.lib.metadata.globalLabels" . }} -{{- end -}} diff --git a/charts/common/templates/lib/metadata/_globalAnnotations.tpl b/charts/common/templates/lib/metadata/_globalAnnotations.tpl deleted file mode 100644 index 1133783..0000000 --- a/charts/common/templates/lib/metadata/_globalAnnotations.tpl +++ /dev/null @@ -1,6 +0,0 @@ -{{/* Returns the global annotations */}} -{{- define "tc.v1.common.lib.metadata.globalAnnotations" -}} - - {{- include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" .Values.global.annotations) -}} - -{{- end -}} diff --git a/charts/common/templates/lib/metadata/_globalLabels.tpl b/charts/common/templates/lib/metadata/_globalLabels.tpl deleted file mode 100644 index 672f522..0000000 --- a/charts/common/templates/lib/metadata/_globalLabels.tpl +++ /dev/null @@ -1,6 +0,0 @@ -{{/* Returns the global labels */}} -{{- define "tc.v1.common.lib.metadata.globalLabels" -}} - - {{- include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" .Values.global.labels) -}} - -{{- end -}} diff --git a/charts/common/templates/lib/metadata/_namespace.tpl b/charts/common/templates/lib/metadata/_namespace.tpl deleted file mode 100644 index 7e6a193..0000000 --- a/charts/common/templates/lib/metadata/_namespace.tpl +++ /dev/null @@ -1,26 +0,0 @@ -{{- define "tc.v1.common.lib.metadata.namespace" -}} - {{- $caller := .caller -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $namespace := $rootCtx.Release.Namespace -}} - - {{- with $rootCtx.Values.global.namespace -}} - {{- $namespace = tpl . $rootCtx -}} - {{- end -}} - - {{- with $rootCtx.Values.namespace -}} - {{- $namespace = tpl . $rootCtx -}} - {{- end -}} - - {{- with $objectData.namespace -}} - {{- $namespace = tpl . $rootCtx -}} - {{- end -}} - - {{- if not (and (mustRegexMatch "^[a-z0-9]((-?[a-z0-9]-?)*[a-z0-9])?$" $namespace) (le (len $namespace) 63)) -}} - {{- fail (printf "%s - Namespace [%s] is not valid. Must start and end with an alphanumeric lowercase character. It can contain '-'. And must be at most 63 characters." $caller $namespace) -}} - {{- end -}} - - {{- $namespace -}} - -{{- end -}} diff --git a/charts/common/templates/lib/metadata/_podAnnotations.tpl b/charts/common/templates/lib/metadata/_podAnnotations.tpl deleted file mode 100644 index abe460b..0000000 --- a/charts/common/templates/lib/metadata/_podAnnotations.tpl +++ /dev/null @@ -1,15 +0,0 @@ -{{/* Annotations that are added to podSpec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.metadata.podAnnotations" $ }} -*/}} -{{- define "tc.v1.common.lib.metadata.podAnnotations" -}} -checksum/persistence: {{ toJson $.Values.persistence | sha256sum }} -checksum/services: {{ toJson $.Values.service | sha256sum }} -checksum/configmaps: {{ toJson $.Values.configmap | sha256sum }} -checksum/secrets: {{ toJson $.Values.secret | sha256sum }} -checksum/cnpg: {{ toJson $.Values.cnpg | sha256sum }} -checksum/mariadb: {{ toJson $.Values.mariadb | sha256sum }} -checksum/redis: {{ toJson $.Values.redis | sha256sum }} -checksum/solr: {{ toJson $.Values.solr | sha256sum }} -checksum/mongodb: {{ toJson $.Values.mongodb | sha256sum }} -{{- end -}} diff --git a/charts/common/templates/lib/metadata/_podLabels.tpl b/charts/common/templates/lib/metadata/_podLabels.tpl deleted file mode 100644 index 0f6b537..0000000 --- a/charts/common/templates/lib/metadata/_podLabels.tpl +++ /dev/null @@ -1,26 +0,0 @@ -{{/* Labels that are added to podSpec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.metadata.podLabels" $ }} -*/}} -{{- define "tc.v1.common.lib.metadata.podLabels" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $type := $objectData.type -}} - - {{- $label := "" -}} - {{- $fleeting := (list "CronJob" "Job") -}} - {{- if (mustHas $type $fleeting) -}} - {{- $label = "fleeting" -}} - {{- end -}} - - {{- $permanent := (list "Deployment" "StatefulSet" "DaemonSet") -}} - {{- if (mustHas $type $permanent) -}} - {{- $label = "permanent" -}} - {{- end -}} - - {{- if not $label -}} - {{- fail "PodLabels - Template used in a place that is not designed to be used" -}} - {{- end }} -pod.lifecycle: {{ $label }} -{{- end -}} diff --git a/charts/common/templates/lib/metadata/_render.tpl b/charts/common/templates/lib/metadata/_render.tpl deleted file mode 100644 index 9e5f3d9..0000000 --- a/charts/common/templates/lib/metadata/_render.tpl +++ /dev/null @@ -1,37 +0,0 @@ -{{/* Renders a dict of labels */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) }} -{{ include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) }} -*/}} - -{{- define "tc.v1.common.lib.metadata.render" -}} - {{- $labels := .labels -}} - {{- $annotations := .annotations -}} - {{- $rootCtx := .rootCtx -}} - - {{- $seenLabels := list -}} - {{- $seenAnnotations := list -}} - - {{- with $labels -}} - {{- range $k, $v := . -}} - {{- if and $k $v -}} - {{- if not (mustHas $k $seenLabels) }} -{{ $k }}: {{ tpl $v $rootCtx | quote }} - {{- $seenLabels = mustAppend $seenLabels $k -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- with $annotations -}} - {{- range $k, $v := . -}} - {{- if and $k $v -}} - {{- if not (mustHas $k $seenAnnotations) }} -{{ $k }}: {{ tpl $v $rootCtx | quote }} - {{- $seenAnnotations = mustAppend $seenAnnotations $k -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/metadata/_selectorLabels.tpl b/charts/common/templates/lib/metadata/_selectorLabels.tpl deleted file mode 100644 index aaf09be..0000000 --- a/charts/common/templates/lib/metadata/_selectorLabels.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{/* Labels that are used on selectors */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" $objectType "objectName" $objectName) }} -podName is the "shortName" of the pod. The one you define in the .Values.workload -*/}} -{{- define "tc.v1.common.lib.metadata.selectorLabels" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectType := .objectType -}} - {{- $objectName := .objectName }} - -{{- if and $objectType $objectName }} -{{ printf "%s.name" $objectType }}: {{ $objectName }} -{{- end }} -app.kubernetes.io/name: {{ include "tc.v1.common.lib.chart.names.name" $rootCtx }} -app.kubernetes.io/instance: {{ $rootCtx.Release.Name }} -{{- end -}} diff --git a/charts/common/templates/lib/metadata/_validation.tpl b/charts/common/templates/lib/metadata/_validation.tpl deleted file mode 100644 index b80f374..0000000 --- a/charts/common/templates/lib/metadata/_validation.tpl +++ /dev/null @@ -1,22 +0,0 @@ -{{/* Metadata Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" $caller) -}} -objectData: - labels: The labels of the configmap. - annotations: The annotations of the configmap. - data: The data of the configmap. -*/}} - -{{- define "tc.v1.common.lib.metadata.validation" -}} - {{- $objectData := .objectData -}} - {{- $caller := .caller -}} - - {{- if and $objectData.labels (not (kindIs "map" $objectData.labels)) -}} - {{- fail (printf "%s - Expected [labels] to be a dictionary, but got [%v]" $caller (kindOf $objectData.labels)) -}} - {{- end -}} - - {{- if and $objectData.annotations (not (kindIs "map" $objectData.annotations)) -}} - {{- fail (printf "%s - Expected [annotations] to be a dictionary, but got [%v]" $caller (kindOf $objectData.annotations)) -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/metadata/_volumeLabels.tpl b/charts/common/templates/lib/metadata/_volumeLabels.tpl deleted file mode 100644 index 8a1f507..0000000 --- a/charts/common/templates/lib/metadata/_volumeLabels.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{/* Labels that are added to podSpec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.metadata.volumeLabels" $ }} -*/}} -{{- define "tc.v1.common.lib.metadata.volumeLabels" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $selectedVolumes := (include "tc.v1.common.lib.pod.volumes.selected" (dict "rootCtx" $rootCtx "objectData" $objectData)) | fromJson }} - - {{- $names := list -}} - {{- range $volume := $selectedVolumes.pvc -}} - {{- $names = mustAppend $names $volume.shortName -}} - {{- end }} - -truecharts.org/pvc: {{ $names | join "_" | quote }} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_affinity.tpl b/charts/common/templates/lib/pod/_affinity.tpl deleted file mode 100644 index 6a76123..0000000 --- a/charts/common/templates/lib/pod/_affinity.tpl +++ /dev/null @@ -1,161 +0,0 @@ -{{/* Returns pod affinity */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.affinity" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.affinity" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $affinity := dict -}} - - {{/* Initialize from the "global" option */}} - {{- with $rootCtx.Values.podOptions.affinity -}} - {{- $affinity = . -}} - {{- end -}} - - {{/* Override with pods option */}} - {{- with $objectData.podSpec.affinity -}} - {{- $affinity = . -}} - {{- end -}} - - {{/* If default affinity is enabled and its one of this types, then merge it with user input */}} - {{- $validTypes := (list "Deployment" "StatefulSet") -}} - {{- if and (mustHas $objectData.type $validTypes) $rootCtx.Values.podOptions.defaultAffinity }} - {{- $defaultAffinity := (include "tc.v1.common.lib.pod.defaultAffinity" (dict "rootCtx" $rootCtx "objectData" $objectData) | fromYaml) -}} - {{- $defaultAffinity = $defaultAffinity | default dict -}} - {{/* Merge user input overwriting the default */}} - {{- $affinity = mustMergeOverwrite $defaultAffinity $affinity -}} - {{- end -}} - - {{- include "tc.v1.common.lib.pod.affinity.validation" (dict "rootCtx" $rootCtx "objectData" $affinity) -}} - - {{- if $affinity.nodeAffinity }} -nodeAffinity: - {{- fail "TODO: not implemented" -}} - {{- end -}} - - {{- if $affinity.podAffinity }} -podAffinity: - {{- include "tc.v1.common.lib.pod.podAffinityOrPodAntiAffinity" (dict "rootCtx" $rootCtx "data" $affinity.podAffinity) | nindent 2 -}} - {{- end -}} - - {{- if $affinity.podAntiAffinity }} -podAntiAffinity: - {{- include "tc.v1.common.lib.pod.podAffinityOrPodAntiAffinity" (dict "rootCtx" $rootCtx "data" $affinity.podAntiAffinity) | nindent 2 -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.podAffinityOrPodAntiAffinity" -}} - {{- $rootCtx := .rootCtx -}} - {{- $data := .data -}} - - {{- if $data -}} - {{- if $data.requiredDuringSchedulingIgnoredDuringExecution }} - requiredDuringSchedulingIgnoredDuringExecution: - {{- range $term := $data.requiredDuringSchedulingIgnoredDuringExecution }} - - {{ include "tc.v1.common.lib.pod.podAffinityTerm" (dict "rootCtx" $rootCtx "data" $term) | trim | nindent 6 }} - {{- end -}} - {{- end -}} - - {{- if $data.preferredDuringSchedulingIgnoredDuringExecution }} - preferredDuringSchedulingIgnoredDuringExecution: - {{- range $term := $data.preferredDuringSchedulingIgnoredDuringExecution }} - - weight: {{ $term.weight }} - podAffinityTerm: - {{- include "tc.v1.common.lib.pod.podAffinityTerm" (dict "rootCtx" $rootCtx "data" $term.podAffinityTerm) | nindent 10 }} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.podAffinityTerm" -}} - {{- $rootCtx := .rootCtx -}} - {{- $data := .data -}} - - {{- if $data }} -topologyKey: {{ $data.topologyKey }} - - {{- if $data.matchLabelKeys }} -matchLabelKeys: - {{- range $data.matchLabelKeys }} - - {{ . }} - {{- end -}} - {{- end -}} - - {{- if $data.mismatchLabelKeys }} -mismatchLabelKeys: - {{- range $data.mismatchLabelKeys }} - - {{ . }} - {{- end -}} - {{- end -}} - - {{- if $data.namespaces }} -namespaces: - {{- range $data.namespaces }} - - {{ . }} - {{- end -}} - {{- end -}} - - {{- if $data.labelSelector }} -labelSelector: - {{- include "tc.v1.common.lib.pod.labelSelector" (dict "rootCtx" $rootCtx "data" $data.labelSelector) | nindent 2 -}} - {{- end -}} - - {{- if $data.namespaceSelector }} -namespaceSelector: - {{- include "tc.v1.common.lib.pod.labelSelector" (dict "rootCtx" $rootCtx "data" $data.namespaceSelector) | nindent 2 -}} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.labelSelector" -}} - {{- $rootCtx := .rootCtx -}} - {{- $data := .data }} - - {{- if $data.matchExpressions -}} -matchExpressions: - {{- range $expression := $data.matchExpressions }} - - key: {{ $expression.key }} - operator: {{ $expression.operator }} - {{- if mustHas $expression.operator (list "In" "NotIn") }} - values: - {{- range $expression.values }} - - {{ . }} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- if $data.matchLabels -}} -matchLabels: - {{- range $key, $value := $data.matchLabels }} - {{ $key }}: {{ $value }} - {{- end -}} - {{- end -}} -{{- end -}} - - -{{- define "tc.v1.common.lib.pod.defaultAffinity" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $selectedVolumes := (include "tc.v1.common.lib.pod.volumes.selected" (dict "rootCtx" $rootCtx "objectData" $objectData)) | fromJson }} - - {{- $names := list -}} - {{- range $volume := $selectedVolumes.pvc -}} - {{- $names = mustAppend $names $volume.shortName -}} - {{- end }} - - {{- if $names }} -podAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - topologyKey: kubernetes.io/hostname - labelSelector: - matchExpressions: - - key: truecharts.org/pvc - operator: In - values: - - {{ $names | join "_" }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_affinityValidation.tpl b/charts/common/templates/lib/pod/_affinityValidation.tpl deleted file mode 100644 index 6c6b5d6..0000000 --- a/charts/common/templates/lib/pod/_affinityValidation.tpl +++ /dev/null @@ -1,174 +0,0 @@ -{{- define "tc.v1.common.lib.pod.affinity.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if $objectData.podAffinity -}} - {{- include "tc.v1.common.lib.pod.affinity.validation.podAffinityOrPodAntiAffinity" (dict "rootCtx" $rootCtx "data" $objectData.podAffinity "key" "podAffinity") -}} - {{- end -}} - - {{- if $objectData.podAntiAffinity -}} - {{- include "tc.v1.common.lib.pod.affinity.validation.podAffinityOrPodAntiAffinity" (dict "rootCtx" $rootCtx "data" $objectData.podAntiAffinity "key" "podAntiAffinity") -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.affinity.validation.podAffinityOrPodAntiAffinity" -}} - {{- $rootCtx := .rootCtx -}} - {{- $data := .data -}} - {{- $key := .key -}} - - {{- if $data -}} - {{- if and (not $data.requiredDuringSchedulingIgnoredDuringExecution) (not $data.preferredDuringSchedulingIgnoredDuringExecution) -}} - {{- fail (printf "Affinity - Expected at least one of requiredDuringSchedulingIgnoredDuringExecution or preferredDuringSchedulingIgnoredDuringExecution in [affinity.%s]" $key) -}} - {{- end -}} - - {{- if $data.requiredDuringSchedulingIgnoredDuringExecution -}} - {{- $itemData := $data.requiredDuringSchedulingIgnoredDuringExecution -}} - {{- if not (kindIs "slice" $itemData) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.requiredDuringSchedulingIgnoredDuringExecution] to be a slice but got [%s]" $key (kindOf $itemData)) -}} - {{- end -}} - - {{- range $idx, $item := $itemData -}} - {{- include "tc.v1.common.lib.pod.affinity.validation.podAffinityTerm" (dict "rootCtx" $rootCtx "data" $item "key" (printf "%s.requiredDuringSchedulingIgnoredDuringExecution.%d" $key $idx)) -}} - {{- end -}} - {{- end -}} - - {{- if $data.preferredDuringSchedulingIgnoredDuringExecution -}} - {{- $itemData := $data.preferredDuringSchedulingIgnoredDuringExecution -}} - - {{- if not (kindIs "slice" $itemData) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.preferredDuringSchedulingIgnoredDuringExecution] to be a slice but got [%s]" $key (kindOf $itemData)) -}} - {{- end -}} - - {{- range $idx, $item := $itemData -}} - {{- if not (mustHas (kindOf $item.weight) (list "int" "int64" "float64")) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.preferredDuringSchedulingIgnoredDuringExecution.%d.weight] to be a number but got [%s]" $key $idx (kindOf $item.weight)) -}} - {{- end -}} - - {{- if or (gt ($item.weight | int) 100) (lt ($item.weight | int) 0) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.preferredDuringSchedulingIgnoredDuringExecution.%d.weight] to be between 0 and 100 but got [%d]" $key $idx ($item.weight | int)) -}} - {{- end -}} - - {{- if not $item.podAffinityTerm -}} - {{- fail (printf "Affinity - Expected [affinity.%s.preferredDuringSchedulingIgnoredDuringExecution.%d.podAffinityTerm] to be defined" $key $idx) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.pod.affinity.validation.podAffinityTerm" (dict "rootCtx" $rootCtx "data" $item.podAffinityTerm "key" (printf "%s.preferredDuringSchedulingIgnoredDuringExecution.%d.podAffinityTerm" $key $idx)) -}} - {{- end -}} - {{- end -}} - - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.affinity.validation.podAffinityTerm" -}} - {{- $rootCtx := .rootCtx -}} - {{- $data := .data -}} - {{- $key := .key -}} - - {{- if not (kindIs "string" $data.topologyKey) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.topologyKey] to be a string but got [%s]" $key (kindOf $data.topologyKey)) -}} - {{- end -}} - - {{- if $data.matchLabelKeys -}} - {{- if not (kindIs "slice" $data.matchLabelKeys) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchLabelKeys] to be a slice but got [%s]" $key (kindOf $data.matchLabelKeys)) -}} - {{- end -}} - - {{- range $idx, $value := $data.matchLabelKeys -}} - {{- if not (kindIs "string" $value) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchLabelKeys.%d] to be a string but got [%s]" $key $idx (kindOf $value)) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if $data.mismatchLabelKeys -}} - {{- if not (kindIs "slice" $data.mismatchLabelKeys) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.mismatchLabelKeys] to be a slice but got [%s]" $key (kindOf $data.mismatchLabelKeys)) -}} - {{- end -}} - - {{- range $idx, $value := $data.mismatchLabelKeys -}} - {{- if not (kindIs "string" $value) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.mismatchLabelKeys.%d] to be a string but got [%s]" $key $idx (kindOf $value)) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if $data.namespaces -}} - {{- if not (kindIs "slice" $data.namespaces) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.namespaces] to be a slice but got [%s]" $key (kindOf $data.namespaces)) -}} - {{- end -}} - - {{- range $idx, $value := $data.namespaces -}} - {{- if not (kindIs "string" $value) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.namespaces.%d] to be a string but got [%s]" $key $idx (kindOf $value)) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if $data.labelSelector -}} - {{- include "tc.v1.common.lib.pod.affinity.validation.labelSelector" (dict "rootCtx" $rootCtx "key" (printf "%s.labelSelector" $key) "data" $data.labelSelector) -}} - {{- end -}} - - {{- if $data.namespaceSelector -}} - {{- include "tc.v1.common.lib.pod.affinity.validation.labelSelector" (dict "rootCtx" $rootCtx "key" (printf "%s.namespaceSelector" $key) "data" $data.namespaceSelector) -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.affinity.validation.labelSelector" -}} - {{- $rootCtx := .rootCtx -}} - {{- $key := .key -}} - {{- $data := .data -}} - - {{- if not (kindIs "map" $data) -}} - {{- fail (printf "Affinity - Expected [affinity.%s] to be a map but got [%s]" $key (kindOf $data)) -}} - {{- end -}} - - {{- if $data.matchLabels -}} - {{- if not (kindIs "map" $data.matchLabels) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchLabels] to be a map but got [%s]" $key (kindOf $data.matchLabels)) -}} - {{- end -}} - - {{- range $key, $value := $data.matchLabels -}} - {{- if not (kindIs "string" $value) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchLabels.%s] to be a string but got [%s]" $key $key (kindOf $value)) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if $data.matchExpressions }} - {{- if not (kindIs "slice" $data.matchExpressions) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchExpressions] to be a slice but got [%s]" $key (kindOf $data.matchExpressions)) -}} - {{- end -}} - - {{- $validOperators := list "In" "NotIn" "Exists" "DoesNotExist" -}} - {{- range $idx, $exp := $data.matchExpressions -}} - {{- if not (kindIs "map" $exp) -}} - {{- fail (printf "Affinity - Expected item of [affinity.%s.matchExpressions.%d] to be a map but got [%s]" $key $idx (kindOf $exp)) -}} - {{- end -}} - - {{- if not (mustHas $exp.operator $validOperators) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchExpressions.%d.operator] to be one of [%s] but got [%s]" $key $idx (join ", " $validOperators) $exp.operator) -}} - {{- end -}} - - {{- if not (kindIs "string" $exp.key) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchExpressions.%d.key] to be a string but got [%s]" $key $idx (kindOf $exp.key)) -}} - {{- end -}} - - {{- if and (mustHas $exp.operator (list "In" "NotIn")) (not (kindIs "slice" $exp.values)) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchExpressions.%d.values] to be a slice but got [%s]" $key $idx (kindOf $exp.values)) -}} - {{- end -}} - - {{- if and (mustHas $exp.operator (list "Exists" "DoesNotExist")) $exp.values -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchExpressions.%d.values] to be empty when operator is Exists or DoesNotExist but got [%v]" $key $idx ($exp.values)) -}} - {{- else if not $exp.values -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchExpressions.%d.values] to be defined when operator is In or NotIn but got [%s]" $key $idx (kindOf $exp.values)) -}} - {{- end -}} - - {{- range $vIdx, $value := $exp.values -}} - {{- if not (kindIs "string" $value) -}} - {{- fail (printf "Affinity - Expected [affinity.%s.matchExpressions.%d.values.%d] to be a string but got [%s]" $key $idx $vIdx (kindOf $value)) -}} - {{- end -}} - {{- end -}} - - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_autoMountServiceAccountToken.tpl b/charts/common/templates/lib/pod/_autoMountServiceAccountToken.tpl deleted file mode 100644 index f6cc5ff..0000000 --- a/charts/common/templates/lib/pod/_autoMountServiceAccountToken.tpl +++ /dev/null @@ -1,24 +0,0 @@ -{{/* Returns automountServiceAccountToken */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.automountServiceAccountToken" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.automountServiceAccountToken" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $automount := false -}} - - {{/* Initialize from the "global" option */}} - {{- if (kindIs "bool" $rootCtx.Values.podOptions.automountServiceAccountToken) -}} - {{- $automount = $rootCtx.Values.podOptions.automountServiceAccountToken -}} - {{- end -}} - - {{/* Override with pod's option */}} - {{- if (kindIs "bool" $objectData.podSpec.automountServiceAccountToken) -}} - {{- $automount = $objectData.podSpec.automountServiceAccountToken -}} - {{- end -}} - - {{- $automount -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_container.tpl b/charts/common/templates/lib/pod/_container.tpl deleted file mode 100644 index 90f51fa..0000000 --- a/charts/common/templates/lib/pod/_container.tpl +++ /dev/null @@ -1,62 +0,0 @@ -{{/* Returns Container */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.container" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.container" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $imageObj := fromJson (include "tc.v1.common.lib.container.imageSelector" (dict "rootCtx" $rootCtx "objectData" $objectData)) -}} - {{- $termination := fromJson (include "tc.v1.common.lib.container.termination" (dict "rootCtx" $rootCtx "objectData" $objectData)) }} -- name: {{ $objectData.name }} - image: {{ printf "%s:%s" $imageObj.repository $imageObj.tag }} - imagePullPolicy: {{ $imageObj.pullPolicy }} - tty: {{ $objectData.tty | default false }} - stdin: {{ $objectData.stdin | default false }} - {{- with (include "tc.v1.common.lib.container.command" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} - command: - {{- . | nindent 4 }} - {{- end -}} - {{- with (include "tc.v1.common.lib.container.args" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} - args: - {{- . | nindent 4 }} - {{- end -}} - {{- with $termination.messagePath }} - terminationMessagePath: {{ . }} - {{- end -}} - {{- with $termination.messagePolicy }} - terminationMessagePolicy: {{ . }} - {{- end -}} - {{- with (include "tc.v1.common.lib.container.lifecycle" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} - lifecycle: - {{- . | nindent 4 }} - {{- end -}} - {{- with (include "tc.v1.common.lib.container.ports" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} - ports: - {{- . | nindent 4 }} - {{- end -}} - {{- with (include "tc.v1.common.lib.container.volumeMount" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} - volumeMounts: - {{- . | nindent 4 }} - {{- end -}} - {{- include "tc.v1.common.lib.container.probes" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 -}} - {{- with (include "tc.v1.common.lib.container.resources" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} - resources: - {{- . | nindent 4 }} - {{- end }} - securityContext: - {{- include "tc.v1.common.lib.container.securityContext" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 4 }} - {{- /* Create a dict for storing env's so it can be checked for dupes */ -}} - {{- $_ := set $objectData "envDupe" dict -}} - {{- with (include "tc.v1.common.lib.container.envFrom" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} - envFrom: - {{- . | nindent 4 }} - {{- end }} - env: - {{- include "tc.v1.common.lib.container.fixedEnv" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 4 -}} - {{- include "tc.v1.common.lib.container.env" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 4 -}} - {{- include "tc.v1.common.lib.container.envList" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 4 -}} - {{- $_ := unset $objectData "envDupe" -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_containerSpawner.tpl b/charts/common/templates/lib/pod/_containerSpawner.tpl deleted file mode 100644 index a1108ea..0000000 --- a/charts/common/templates/lib/pod/_containerSpawner.tpl +++ /dev/null @@ -1,36 +0,0 @@ -{{/* Containers */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.containerSpawner" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.containerSpawner" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- include "tc.v1.common.lib.container.primaryValidation" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - - {{- range $containerName, $containerValues := $objectData.podSpec.containers -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $containerValues - "name" $containerName "caller" "Container" - "key" "containers")) -}} - - {{- if eq $enabled "true" -}} - {{- $container := (mustDeepCopy $containerValues) -}} - {{- $name := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - {{- if not $container.primary -}} - {{- $name = printf "%s-%s" $name $containerName -}} - {{- end -}} - - {{- $_ := set $container "name" $name -}} - {{- $_ := set $container "shortName" $containerName -}} - {{- $_ := set $container "podShortName" $objectData.shortName -}} - {{- $_ := set $container "podPrimary" $objectData.primary -}} - {{- $_ := set $container "podType" $objectData.type -}} - {{/* Created from the pod.securityContext, used by fixedEnv */}} - {{- $_ := set $container "calculatedFSGroup" $objectData.podSpec.calculatedFSGroup -}} - {{- include "tc.v1.common.lib.pod.container" (dict "rootCtx" $rootCtx "objectData" $container) | trim | nindent 0 -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_dns.tpl b/charts/common/templates/lib/pod/_dns.tpl deleted file mode 100644 index 1f4ccfa..0000000 --- a/charts/common/templates/lib/pod/_dns.tpl +++ /dev/null @@ -1,90 +0,0 @@ -{{/* Returns DNS Policy and Config */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.dns" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.dns" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $policy := "ClusterFirst" -}} - {{- $config := dict -}} - - {{/* Initialize from the "global" option */}} - {{- with $rootCtx.Values.podOptions.dnsPolicy -}} - {{- $policy = . -}} - {{- end -}} - - {{- with $rootCtx.Values.podOptions.dnsConfig -}} - {{- $config = . -}} - {{- end -}} - - {{/* Override with pod's option */}} - {{- with $objectData.podSpec.dnsPolicy -}} - {{- $policy = . -}} - {{- end -}} - - {{- with $objectData.podSpec.dnsConfig -}} - {{- $config = . -}} - {{- end -}} - - {{/* Expand policy */}} - {{- $policy = (tpl $policy $rootCtx) -}} - - {{/* If hostNetwork is enabled, then use ClusterFirstWithHostNet */}} - {{- $hostNet := include "tc.v1.common.lib.pod.hostNetwork" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- if or (and (kindIs "string" $hostNet) (eq $hostNet "true")) (and (kindIs "bool" $hostNet) $hostNet) -}} - {{- $policy = "ClusterFirstWithHostNet" -}} - {{- end -}} - - {{- $policies := (list "ClusterFirst" "ClusterFirstWithHostNet" "Default" "None") -}} - {{- if not (mustHas $policy $policies) -}} - {{- fail (printf "Expected [dnsPolicy] to be one of [%s], but got [%s]" (join ", " $policies) $policy) -}} - {{- end -}} - - {{/* When policy is set to None all keys are required */}} - {{- if eq $policy "None" -}} - - {{- range $key := (list "nameservers" "searches" "options") -}} - {{- if not (get $config $key) -}} - {{- fail (printf "Expected non-empty [dnsConfig.%s] with [dnsPolicy] set to [None]." $key) -}} - {{- end -}} - {{- end -}} - - {{- end }} -dnsPolicy: {{ $policy }} - {{- if or $config.nameservers $config.options $config.searches }} -dnsConfig: - {{- with $config.nameservers -}} - {{- if gt (len .) 3 -}} - {{- fail (printf "Expected no more than [3] [dnsConfig.nameservers], but got [%v]" (len .)) -}} - {{- end }} - nameservers: - {{- range . }} - - {{ tpl . $rootCtx }} - {{- end -}} - {{- end -}} - - {{- with $config.searches -}} - {{- if gt (len .) 6 -}} - {{- fail (printf "Expected no more than [6] [dnsConfig.searches], but got [%v]" (len .)) -}} - {{- end }} - searches: - {{- range . }} - - {{ tpl . $rootCtx }} - {{- end -}} - {{- end -}} - - {{- with $config.options }} - options: - {{- range . }} - - name: {{ tpl .name $rootCtx }} - {{- with .value }} - value: {{ tpl . $rootCtx | quote }} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_enableServiceLinks.tpl b/charts/common/templates/lib/pod/_enableServiceLinks.tpl deleted file mode 100644 index 4d4864e..0000000 --- a/charts/common/templates/lib/pod/_enableServiceLinks.tpl +++ /dev/null @@ -1,24 +0,0 @@ -{{/* Returns enableServiceLinks */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.enableServiceLinks" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.enableServiceLinks" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $enableServiceLinks := false -}} - - {{/* Initialize from the "global" option */}} - {{- if (kindIs "bool" $rootCtx.Values.podOptions.enableServiceLinks) -}} - {{- $enableServiceLinks = $rootCtx.Values.podOptions.enableServiceLinks -}} - {{- end -}} - - {{/* Override with pod's option */}} - {{- if (kindIs "bool" $objectData.podSpec.enableServiceLinks) -}} - {{- $enableServiceLinks = $objectData.podSpec.enableServiceLinks -}} - {{- end -}} - - {{- $enableServiceLinks -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_hostAliases.tpl b/charts/common/templates/lib/pod/_hostAliases.tpl deleted file mode 100644 index 0b4a541..0000000 --- a/charts/common/templates/lib/pod/_hostAliases.tpl +++ /dev/null @@ -1,37 +0,0 @@ -{{/* Returns Host Aliases */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.hostAliases" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.hostAliases" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $aliases := list -}} - - {{/* Initialize from the "global" option */}} - {{- with $rootCtx.Values.podOptions.hostAliases -}} - {{- $aliases = . -}} - {{- end -}} - - {{/* Override with pod's option */}} - {{- with $objectData.podSpec.hostAliases -}} - {{- $aliases = . -}} - {{- end -}} - - {{- range $aliases -}} - {{- if not .ip -}} - {{- fail (printf "Expected non-empty [ip] value on [hostAliases].") -}} - {{- end -}} - - {{- if not .hostnames -}} - {{- fail (printf "Expected non-empty [hostames] list on [hostAliases].") -}} - {{- end }} -- ip: {{ tpl .ip $rootCtx }} - hostnames: - {{- range .hostnames }} - - {{ tpl . $rootCtx }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_hostIPC.tpl b/charts/common/templates/lib/pod/_hostIPC.tpl deleted file mode 100644 index 3065d23..0000000 --- a/charts/common/templates/lib/pod/_hostIPC.tpl +++ /dev/null @@ -1,24 +0,0 @@ -{{/* Returns Host IPC */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.hostIPC" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.hostIPC" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $hostIPC := false -}} - - {{/* Initialize from the "global" option */}} - {{- if (kindIs "bool" $rootCtx.Values.podOptions.hostIPC) -}} - {{- $hostIPC = $rootCtx.Values.podOptions.hostIPC -}} - {{- end -}} - - {{/* Override with pods option */}} - {{- if (kindIs "bool" $objectData.podSpec.hostIPC) -}} - {{- $hostIPC = $objectData.podSpec.hostIPC -}} - {{- end -}} - - {{- $hostIPC -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_hostNetwork.tpl b/charts/common/templates/lib/pod/_hostNetwork.tpl deleted file mode 100644 index 1159c64..0000000 --- a/charts/common/templates/lib/pod/_hostNetwork.tpl +++ /dev/null @@ -1,24 +0,0 @@ -{{/* Returns Host Network */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.hostNetwork" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.hostNetwork" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $hostNet := false -}} - - {{/* Initialize from the "global" option */}} - {{- if (kindIs "bool" $rootCtx.Values.podOptions.hostNetwork) -}} - {{- $hostNet = $rootCtx.Values.podOptions.hostNetwork -}} - {{- end -}} - - {{/* Override with pod's option */}} - {{- if (kindIs "bool" $objectData.podSpec.hostNetwork) -}} - {{- $hostNet = $objectData.podSpec.hostNetwork -}} - {{- end -}} - - {{- $hostNet -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_hostPID.tpl b/charts/common/templates/lib/pod/_hostPID.tpl deleted file mode 100644 index 5859ec2..0000000 --- a/charts/common/templates/lib/pod/_hostPID.tpl +++ /dev/null @@ -1,24 +0,0 @@ -{{/* Returns Host PID */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.hostPID" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.hostPID" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $hostPID := false -}} - - {{/* Initialize from the "global" option */}} - {{- if (kindIs "bool" $rootCtx.Values.podOptions.hostPID) -}} - {{- $hostPID = $rootCtx.Values.podOptions.hostPID -}} - {{- end -}} - - {{/* Override with pods option */}} - {{- if (kindIs "bool" $objectData.podSpec.hostPID) -}} - {{- $hostPID = $objectData.podSpec.hostPID -}} - {{- end -}} - - {{- $hostPID -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_hostUsers.tpl b/charts/common/templates/lib/pod/_hostUsers.tpl deleted file mode 100644 index b6e85ea..0000000 --- a/charts/common/templates/lib/pod/_hostUsers.tpl +++ /dev/null @@ -1,28 +0,0 @@ -{{/* Returns Host Users */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.hostPID" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.hostUsers" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $hostUsers := false -}} - - {{- if $objectData.podSpec.calculatedHostUsers -}} - {{- $hostUsers = true -}} - {{- end -}} - - {{/* Override from the "global" option */}} - {{- if (kindIs "bool" $rootCtx.Values.podOptions.hostUsers) -}} - {{- $hostUsers = $rootCtx.Values.podOptions.hostUsers -}} - {{- end -}} - - {{/* Override with pods option */}} - {{- if (kindIs "bool" $objectData.podSpec.hostUsers) -}} - {{- $hostUsers = $objectData.podSpec.hostUsers -}} - {{- end -}} - - {{- $hostUsers -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_hostname.tpl.tpl b/charts/common/templates/lib/pod/_hostname.tpl.tpl deleted file mode 100644 index f68769d..0000000 --- a/charts/common/templates/lib/pod/_hostname.tpl.tpl +++ /dev/null @@ -1,22 +0,0 @@ -{{/* Returns Host Name */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.hostname" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.hostname" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $hostname := "" -}} - - {{- with $objectData.podSpec.hostname -}} - {{- $hostname = tpl . $rootCtx -}} - {{- end -}} - - {{- if $hostname -}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $hostname) -}} - {{- end -}} - - {{- $hostname -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_imagePullSecret.tpl b/charts/common/templates/lib/pod/_imagePullSecret.tpl deleted file mode 100644 index 87b4c0f..0000000 --- a/charts/common/templates/lib/pod/_imagePullSecret.tpl +++ /dev/null @@ -1,42 +0,0 @@ -{{/* Returns Image Pull Secret List */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.imagePullSecret" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.imagePullSecret" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $imgPullSecrets := list -}} - - {{- range $name, $imgPull := $rootCtx.Values.imagePullSecret -}} - {{- $pullName := (printf "%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $name) -}} - - {{- if $imgPull.existingSecret -}} - {{- $pullName = $imgPull.existingSecret -}} - {{- end -}} - - {{- if $imgPull.enabled -}} - {{/* If targetSelectAll is true */}} - {{- if $imgPull.targetSelectAll -}} - {{- $imgPullSecrets = mustAppend $imgPullSecrets $pullName -}} - - {{/* Else if targetSelector is a list */}} - {{- else if (kindIs "slice" $imgPull.targetSelector) -}} - {{- if (mustHas $objectData.shortName $imgPull.targetSelector) -}} - {{- $imgPullSecrets = mustAppend $imgPullSecrets $pullName -}} - {{- end -}} - - {{/* If not targetSelectAll or targetSelector, but is the primary pod */}} - {{- else if $objectData.primary -}} - {{- $imgPullSecrets = mustAppend $imgPullSecrets $pullName -}} - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- range $imgPullSecrets }} -- name: {{ . }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_initContainerSpawner.tpl b/charts/common/templates/lib/pod/_initContainerSpawner.tpl deleted file mode 100644 index 7aa581b..0000000 --- a/charts/common/templates/lib/pod/_initContainerSpawner.tpl +++ /dev/null @@ -1,83 +0,0 @@ -{{/* Init Containers */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.initContainerSpawner" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.initContainerSpawner" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $initContainers := (dict "system" list - "init" list - "install" list - "upgrade" list) -}} - - {{- $types := (list "system" "init" "install" "upgrade") -}} - - {{- $mergedContainers := $objectData.podSpec.initContainers -}} - - {{- range $containerName, $containerValues := $mergedContainers -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $containerValues - "name" $containerName "caller" "Init Container" - "key" "initContainers")) -}} - - {{- if eq $enabled "true" -}} - - {{- if not ($containerValues.type) -}} - {{- fail "InitContainer - Expected non-empty [type]" -}} - {{- end -}} - - {{- $containerType := tpl $containerValues.type $rootCtx -}} - {{- if not (mustHas $containerType $types) -}} - {{- fail (printf "InitContainer - Expected [type] to be one of [%s], but got [%s]" (join ", " $types) $containerType) -}} - {{- end -}} - - {{- $container := (mustDeepCopy $containerValues) -}} - {{- $name := printf "%s-%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $containerType $containerName -}} - - {{- $_ := set $container "name" $name -}} - {{- $_ := set $container "shortName" $containerName -}} - {{- $_ := set $container "podShortName" $objectData.shortName -}} - {{- $_ := set $container "podPrimary" $objectData.primary -}} - {{- $_ := set $container "podType" $objectData.type -}} - - {{/* Remove keys that do not apply on init containers */}} - {{- $_ := set $container "lifecycle" dict -}} - {{- $_ := set $container "probes" dict -}} - {{/* Template expects probes dict defined even if enabled */}} - {{- $_ := set $container.probes "liveness" (dict "enabled" false) -}} - {{- $_ := set $container.probes "readiness" (dict "enabled" false) -}} - {{- $_ := set $container.probes "startup" (dict "enabled" false) -}} - - {{/* Created from the pod.securityContext, used by fixedEnv */}} - {{- $_ := set $container "calculatedFSGroup" $objectData.podSpec.calculatedFSGroup -}} - - {{/* Append to list of containers based on type */}} - {{- $tempContainers := (get $initContainers $containerType) -}} - {{- $_ := set $initContainers $containerType (mustAppend $tempContainers $container) -}} - {{- end -}} - {{- end -}} - - {{- if $rootCtx.Release.IsInstall -}} - {{- range $container := (get $initContainers "install") -}} - {{- include "tc.v1.common.lib.pod.container" (dict "rootCtx" $rootCtx "objectData" $container) -}} - {{- end -}} - {{- end -}} - - {{- if $rootCtx.Release.IsUpgrade -}} - {{- range $container := (get $initContainers "upgrade") -}} - {{- include "tc.v1.common.lib.pod.container" (dict "rootCtx" $rootCtx "objectData" $container) -}} - {{- end -}} - {{- end -}} - - {{- range $container := (get $initContainers "system") -}} - {{- include "tc.v1.common.lib.pod.container" (dict "rootCtx" $rootCtx "objectData" $container) -}} - {{- end -}} - - {{- range $container := (get $initContainers "init") -}} - {{- include "tc.v1.common.lib.pod.container" (dict "rootCtx" $rootCtx "objectData" $container) -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/pod/_nodeSelector.tpl b/charts/common/templates/lib/pod/_nodeSelector.tpl deleted file mode 100644 index b0b4b95..0000000 --- a/charts/common/templates/lib/pod/_nodeSelector.tpl +++ /dev/null @@ -1,33 +0,0 @@ -{{/* Returns Node Selector */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.nodeSelector" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.nodeSelector" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $selectors := dict -}} - - {{/* Initialize from the "global" option */}} - {{- with $rootCtx.Values.podOptions.nodeSelector -}} - {{- $selectors = . -}} - {{- end -}} - - {{/* Override with pods option */}} - {{- with $objectData.podSpec.nodeSelector -}} - {{- $selectors = . -}} - {{- end -}} - - {{- if and (include "tc.v1.common.lib.util.stopAll" $rootCtx) (eq $objectData.type "DaemonSet") }} -"non-existing": "true" - {{ else }} - {{- range $k, $v := $selectors -}} - {{- if not $v -}} - {{- else }} -{{ $k }}: {{ tpl $v $rootCtx | quote }} - {{- end -}} - {{- end -}} - {{ end }} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_podSecurityContext.tpl b/charts/common/templates/lib/pod/_podSecurityContext.tpl deleted file mode 100644 index 878c2f4..0000000 --- a/charts/common/templates/lib/pod/_podSecurityContext.tpl +++ /dev/null @@ -1,145 +0,0 @@ -{{/* Returns Pod Security Context */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.securityContext" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.securityContext" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $rootCtx.Values.securityContext.pod -}} - {{- fail "Pod - Expected non-empty [securityContext.pod]" -}} - {{- end -}} - - {{/* Initialize from the "global" option */}} - {{- $secContext := mustDeepCopy $rootCtx.Values.securityContext.pod -}} - - {{/* Override with pods option */}} - {{- with $objectData.podSpec.securityContext -}} - {{- $secContext = mustMergeOverwrite $secContext . -}} - {{- end -}} - - {{- $gpu := (include "tc.v1.common.lib.pod.resources.hasGPU" (dict "rootCtx" $rootCtx "objectData" $objectData)) -}} - - {{- $deviceGroups := (list 5 10 20 24) -}} - {{- $deviceAdded := false -}} - {{- $hostUsers := false -}} - {{- $hostUserPersistence := (list "configmap" "secret" "emptyDir" "downwardAPI" "projected") -}} - - {{- range $persistenceName, $persistenceValues := $rootCtx.Values.persistence -}} - {{- $podSelected := false -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $persistenceValues - "name" $persistenceName "caller" "Pod Security Context" - "key" "persistence")) -}} - {{- if (eq $enabled "true") -}} - {{- if $persistenceValues.targetSelectAll -}} - {{- $podSelected = true -}} - {{- else if and $persistenceValues.targetSelector (kindIs "map" $persistenceValues.targetSelector) -}} - {{- if mustHas $objectData.shortName ($persistenceValues.targetSelector | keys) -}} - {{- $podSelected = true -}} - {{- end -}} - {{- else if $objectData.primary -}} - {{- $podSelected = true -}} - {{- end -}} - {{- end -}} - - {{- if $podSelected -}} - {{- if eq $persistenceValues.type "device" -}} - {{- $deviceAdded = true -}} - {{- end -}} - - {{- if not (mustHas $persistenceValues.type $hostUserPersistence) -}} - {{- $hostUsers = true -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{/* Make sure no host "things" are used */}} - {{- $hostNet := (eq (include "tc.v1.common.lib.pod.hostNetwork" (dict "rootCtx" $rootCtx "objectData" $objectData)) "true") -}} - {{- $hostPID := (eq (include "tc.v1.common.lib.pod.hostPID" (dict "rootCtx" $rootCtx "objectData" $objectData)) "true") -}} - {{- $hostIPC := (eq (include "tc.v1.common.lib.pod.hostIPC" (dict "rootCtx" $rootCtx "objectData" $objectData)) "true") -}} - {{- if or $hostIPC $hostNet $hostPID -}} - {{- $hostUsers = true -}} - {{- end }} - - {{- range $containerName, $containerValues := $objectData.podSpec.containers -}} - {{- $secContContainer := fromJson (include "tc.v1.common.lib.container.securityContext.calculate" (dict "rootCtx" $rootCtx "objectData" $containerValues)) }} - {{- if or $secContContainer.allowPrivilegeEscalation $secContContainer.privileged $secContContainer.capabilities.add - (not $secContContainer.readOnlyRootFilesystem) (not $secContContainer.runAsNonRoot) - (lt ($secContContainer.runAsUser | int) 1) (lt ($secContContainer.runAsGroup | int) 1) -}} - {{- $hostUsers = true -}} - {{- end -}} - {{- end -}} - - {{- if eq $gpu "true" -}} - {{- $_ := set $secContext "supplementalGroups" (concat $secContext.supplementalGroups (list 44 107)) -}} - {{- $hostUsers = true -}} - {{- end -}} - - {{- if $deviceAdded -}} - {{- $_ := set $secContext "supplementalGroups" (concat $secContext.supplementalGroups $deviceGroups) -}} - {{- $hostUsers = true -}} - {{- end -}} - - {{- $_ := set $secContext "supplementalGroups" (concat $secContext.supplementalGroups (list 568)) -}} - - {{- if not (deepEqual $secContext.supplementalGroups (mustUniq $secContext.supplementalGroups)) -}} - {{- fail (printf "Pod - Expected [supplementalGroups] to have only unique values, but got [%s]" (join ", " $secContext.supplementalGroups)) -}} - {{- end -}} - - {{- $portRange := fromJson (include "tc.v1.common.lib.helpers.securityContext.getPortRange" (dict "rootCtx" $rootCtx "objectData" $objectData)) -}} - {{/* If a container wants to bind a port <= 1024 change the unprivileged_port_start */}} - {{- if and $portRange.low (le (int $portRange.low) 1024) -}} - {{/* That sysctl is not supported when hostNet is enabled */}} - {{- if ne (include "tc.v1.common.lib.pod.hostNetwork" (dict "rootCtx" $rootCtx "objectData" $objectData)) "true" -}} - {{- $_ := set $secContext "sysctls" (mustAppend $secContext.sysctls (dict "name" "net.ipv4.ip_unprivileged_port_start" "value" (printf "%v" $portRange.low))) -}} - {{- end -}} - {{- end -}} - - {{- if or (kindIs "invalid" $secContext.fsGroup) (eq (toString $secContext.fsGroup) "") -}} - {{- fail "Pod - Expected non-empty [fsGroup]" -}} - {{- end -}} - - {{/* Used by the fixedEnv template */}} - {{- $_ := set $objectData.podSpec "calculatedFSGroup" $secContext.fsGroup -}} - - {{- if not $secContext.fsGroupChangePolicy -}} - {{- fail "Pod - Expected non-empty [fsGroupChangePolicy]" -}} - {{- end -}} - - {{- $policies := (list "Always" "OnRootMismatch") -}} - {{- if not (mustHas $secContext.fsGroupChangePolicy $policies) -}} - {{- fail (printf "Pod - Expected [fsGroupChangePolicy] to be one of [%s], but got [%s]" (join ", " $policies) $secContext.fsGroupChangePolicy) -}} - {{- end }} -fsGroup: {{ include "tc.v1.common.helper.makeIntOrNoop" $secContext.fsGroup }} -fsGroupChangePolicy: {{ $secContext.fsGroupChangePolicy }} - {{- with $secContext.supplementalGroups }} -supplementalGroups: - {{- range . }} - - {{ include "tc.v1.common.helper.makeIntOrNoop" . }} - {{- end -}} - {{- else }} -supplementalGroups: [] - {{- end -}} - {{- with $secContext.sysctls }} -sysctls: - {{- $hostUsers = true -}} - {{- range . }} - {{- if not .name -}} - {{- fail "Pod - Expected non-empty [name] in [sysctls]" -}} - {{- end -}} - {{- if not .value -}} - {{- fail "Pod - Expected non-empty [value] in [sysctls]" -}} - {{- end }} - - name: {{ tpl .name $rootCtx | quote }} - value: {{ tpl .value $rootCtx | quote }} - {{- end -}} - {{- else }} -sysctls: [] - {{- end -}} - - {{/* Used by _hostUsers.tpl */}} - {{- $_ := set $objectData.podSpec "calculatedHostUsers" $hostUsers -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_priorityClassName.tpl b/charts/common/templates/lib/pod/_priorityClassName.tpl deleted file mode 100644 index aaf15ac..0000000 --- a/charts/common/templates/lib/pod/_priorityClassName.tpl +++ /dev/null @@ -1,24 +0,0 @@ -{{/* Returns Priority Class Name */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.priorityClassName" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.priorityClassName" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $className := "" -}} - - {{/* Initialize from the "global" option */}} - {{- with $rootCtx.Values.podOptions.priorityClassName -}} - {{- $className = tpl . $rootCtx -}} - {{- end -}} - - {{/* Override with pod's option */}} - {{- with $objectData.podSpec.priorityClassName -}} - {{- $className = tpl . $rootCtx -}} - {{- end -}} - - {{- $className -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_restartPolicy.tpl b/charts/common/templates/lib/pod/_restartPolicy.tpl deleted file mode 100644 index 388a560..0000000 --- a/charts/common/templates/lib/pod/_restartPolicy.tpl +++ /dev/null @@ -1,44 +0,0 @@ -{{/* Returns Restart Policy */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.restartPolicy" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.restartPolicy" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $policy := "Always" -}} - - {{- $jobTypes := (list "Job" "CronJob") -}} - {{- if mustHas $objectData.type $jobTypes -}} - {{- $policy = "OnFailure" -}} - {{- end -}} - - {{/* Initialize from the "defaults" */}} - {{- with $rootCtx.Values.podOptions.restartPolicy -}} - {{- $policy = tpl . $rootCtx -}} - {{- end -}} - - {{/* Override from the pod values, if defined */}} - {{- with $objectData.podSpec.restartPolicy -}} - {{- $policy = tpl . $rootCtx -}} - {{- end -}} - - {{- $policies := (list "Never" "Always" "OnFailure") -}} - {{- if not (mustHas $policy $policies) -}} - {{- fail (printf "Expected [restartPolicy] to be one of [%s] but got [%s]" (join ", " $policies) $policy) -}} - {{- end -}} - - {{- $types := (list "Deployment" "DaemonSet" "StatefulSet") -}} - {{- if and (ne "Always" $policy) (mustHas $objectData.type $types) -}} - {{- fail (printf "Expected [restartPolicy] to be [Always] for [%s] but got [%s]" $objectData.type $policy) -}} - {{- end -}} - - {{- if and (eq "Always" $policy) (mustHas $objectData.type $jobTypes) -}} - {{- $cronPolicies := mustWithout $policies "Always" -}} - {{- fail (printf "Expected [restartPolicy] to be one of [%s] for [%s] but got [%s]" (join ", " $cronPolicies) $objectData.type $policy) -}} - {{- end -}} - - {{- $policy -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_runtimeClassName.tpl b/charts/common/templates/lib/pod/_runtimeClassName.tpl deleted file mode 100644 index fd54cb0..0000000 --- a/charts/common/templates/lib/pod/_runtimeClassName.tpl +++ /dev/null @@ -1,24 +0,0 @@ -{{/* Returns Runtime Class Name */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.runtimeClassName" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.runtimeClassName" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $runtime := "" -}} - - {{/* Initialize from the "defaults" */}} - {{- with $rootCtx.Values.podOptions.runtimeClassName -}} - {{- $runtime = tpl . $rootCtx -}} - {{- end -}} - - {{/* Override from the pod values, if defined */}} - {{- with $objectData.podSpec.runtimeClassName -}} - {{- $runtime = tpl . $rootCtx -}} - {{- end -}} - - {{- $runtime -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_schedulerName.tpl b/charts/common/templates/lib/pod/_schedulerName.tpl deleted file mode 100644 index 0b84582..0000000 --- a/charts/common/templates/lib/pod/_schedulerName.tpl +++ /dev/null @@ -1,24 +0,0 @@ -{{/* Returns Scheduler Name */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.schedulerName" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.schedulerName" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $scheduler := "" -}} - - {{/* Initialize from the "global" option */}} - {{- with $rootCtx.Values.podOptions.schedulerName -}} - {{- $scheduler = tpl . $rootCtx -}} - {{- end -}} - - {{/* Override with pod's option */}} - {{- with $objectData.podSpec.schedulerName -}} - {{- $scheduler = tpl . $rootCtx -}} - {{- end -}} - - {{- $scheduler -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_serviceAccountName.tpl b/charts/common/templates/lib/pod/_serviceAccountName.tpl deleted file mode 100644 index 8c14d86..0000000 --- a/charts/common/templates/lib/pod/_serviceAccountName.tpl +++ /dev/null @@ -1,63 +0,0 @@ -{{/* Returns Service Account Name */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.serviceAccountName" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.serviceAccountName" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{/* Check if an explicit service account name is specified in podSpec */}} - {{- with $objectData.podSpec.serviceAccountName -}} - {{- $objectName := tpl . $rootCtx -}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName) -}} - {{- $objectName -}} - {{- else -}} - {{/* If not, use the auto-generated service account name */}} - {{- include "tc.v1.common.lib.pod.serviceAccountName.auto" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.serviceAccountName.auto" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $saName := "default" -}} - {{- $saNameCount := 0 -}} - - {{- range $name, $serviceAccount := $rootCtx.Values.serviceAccount -}} - {{- $tempName := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - - {{- if not $serviceAccount.primary -}} - {{- $tempName = (printf "%s-%s" $tempName $name) -}} - {{- end -}} - - {{- if $serviceAccount.enabled -}} - {{/* If targetSelectAll is true */}} - {{- if $serviceAccount.targetSelectAll -}} - {{- $saName = $tempName -}} - {{- $saNameCount = add1 $saNameCount -}} - - {{/* Else if targetSelector is a list */}} - {{- else if (kindIs "slice" $serviceAccount.targetSelector) -}} - {{- if (mustHas $objectData.shortName $serviceAccount.targetSelector) -}} - {{- $saName = $tempName -}} - {{- $saNameCount = add1 $saNameCount -}} - {{- end -}} - - {{/* If not targetSelectAll or targetSelector, but is the primary pod */}} - {{- else if $objectData.primary -}} - {{- $saName = $tempName -}} - {{- $saNameCount = add1 $saNameCount -}} - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- if gt $saNameCount 1 -}} - {{- fail (printf "Expected at most 1 ServiceAccount to be assigned on a pod [%s]. But [%v] were assigned" $objectData.shortName $saNameCount) -}} - {{- end -}} - - {{- $saName -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_shareProcessNamespace.tpl b/charts/common/templates/lib/pod/_shareProcessNamespace.tpl deleted file mode 100644 index 1a2bd11..0000000 --- a/charts/common/templates/lib/pod/_shareProcessNamespace.tpl +++ /dev/null @@ -1,24 +0,0 @@ -{{/* Returns Share Process Namespace */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.shareProcessNamespace" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.shareProcessNamespace" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $shareProcessNamespace := false -}} - - {{/* Initialize from the "global" option */}} - {{- if (kindIs "bool" $rootCtx.Values.podOptions.shareProcessNamespace) -}} - {{- $shareProcessNamespace = $rootCtx.Values.podOptions.shareProcessNamespace -}} - {{- end -}} - - {{/* Override with pods option */}} - {{- if (kindIs "bool" $objectData.podSpec.shareProcessNamespace) -}} - {{- $shareProcessNamespace = $objectData.podSpec.shareProcessNamespace -}} - {{- end -}} - - {{- $shareProcessNamespace -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_terminationGracePeriodSeconds.tpl b/charts/common/templates/lib/pod/_terminationGracePeriodSeconds.tpl deleted file mode 100644 index c92eeaa..0000000 --- a/charts/common/templates/lib/pod/_terminationGracePeriodSeconds.tpl +++ /dev/null @@ -1,29 +0,0 @@ -{{/* Returns Termination Grace Period Seconds */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.terminationGracePeriodSeconds" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.terminationGracePeriodSeconds" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $gracePeriod := "" -}} - - {{/* Initialize from the "global" option */}} - {{- with $rootCtx.Values.podOptions.terminationGracePeriodSeconds -}} - {{- $gracePeriod = . -}} - {{- end -}} - - {{/* Override with pod's option */}} - {{- with $objectData.podSpec.terminationGracePeriodSeconds -}} - {{- $gracePeriod = . -}} - {{- end -}} - - {{/* Expand tpl */}} - {{- if (kindIs "string" $gracePeriod) -}} - {{- $gracePeriod = tpl $gracePeriod $rootCtx -}} - {{- end -}} - - {{- $gracePeriod -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_tolerations.tpl b/charts/common/templates/lib/pod/_tolerations.tpl deleted file mode 100644 index ca735d9..0000000 --- a/charts/common/templates/lib/pod/_tolerations.tpl +++ /dev/null @@ -1,67 +0,0 @@ -{{/* Returns Tolerations */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.tolerations" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.tolerations" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $tolerations := list -}} - - {{/* Initialize from the "global" option */}} - {{- with $rootCtx.Values.podOptions.tolerations -}} - {{- $tolerations = . -}} - {{- end -}} - - {{/* Override from the "pod" option */}} - {{- with $objectData.podSpec.tolerations -}} - {{- $tolerations = . -}} - {{- end -}} - - {{- range $tolerations -}} - {{/* Expand values */}} - {{- $operator := (tpl (.operator | default "") $rootCtx) -}} - {{- $key := (tpl (.key | default "") $rootCtx) -}} - {{- $value := (tpl (.value | default "") $rootCtx) -}} - {{- $effect := (tpl (.effect | default "") $rootCtx) -}} - {{- $tolSeconds := .tolerationSeconds -}} - - {{- $operators := (list "Exists" "Equal") -}} - {{- if not (mustHas $operator $operators) -}} - {{- fail (printf "Expected [tolerations.operator] to be one of [%s] but got [%s]" (join ", " $operators) $operator) -}} - {{- end -}} - - {{- if and (eq $operator "Equal") (or (not $key) (not $value)) -}} - {{- fail "Expected non-empty [tolerations.key] and [tolerations.value] with [tolerations.operator] set to [Equal]" -}} - {{- end -}} - - {{- if and (eq $operator "Exists") $value -}} - {{- fail (printf "Expected empty [tolerations.value] with [tolerations.operator] set to [Exists], but got [%s]" $value) -}} - {{- end -}} - - {{- $effects := (list "NoExecute" "NoSchedule" "PreferNoSchedule") -}} - {{- if and $effect (not (mustHas $effect $effects)) -}} - {{- fail (printf "Expected [tolerations.effect] to be one of [%s], but got [%s]" (join ", " $effects) $effect) -}} - {{- end -}} - - {{- if and (not (kindIs "invalid" $tolSeconds)) (not (mustHas (kindOf $tolSeconds) (list "int" "int64" "float64"))) -}} - {{- fail (printf "Expected [tolerations.tolerationSeconds] to be a number, but got [%v]" $tolSeconds) -}} - {{- end }} -- operator: {{ $operator }} - {{- with $key }} - key: {{ $key }} - {{- end -}} - {{- with $effect }} - effect: {{ $effect }} - {{- end -}} - {{- with $value }} - value: {{ . }} - {{- end -}} - {{- if (mustHas (kindOf $tolSeconds) (list "int" "int64" "float64")) }} - tolerationSeconds: {{ $tolSeconds }} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_topologySpreadConstraints .tpl b/charts/common/templates/lib/pod/_topologySpreadConstraints .tpl deleted file mode 100644 index 66c018f..0000000 --- a/charts/common/templates/lib/pod/_topologySpreadConstraints .tpl +++ /dev/null @@ -1,37 +0,0 @@ -{{/* Returns topologySpreadConstraints */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.topologySpreadConstraints" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.topologySpreadConstraints" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $constraints := list -}} - - {{/* Initialize from the "global" option */}} - {{- with $rootCtx.Values.podOptions.topologySpreadConstraints -}} - {{- $constraints = . -}} - {{- end -}} - - {{/* Override with pods option */}} - {{- with $objectData.podSpec.topologySpreadConstraints -}} - {{- $constraints = . -}} - {{- end -}} - - {{- $validTypes := (list "Deployment" "StatefulSet") -}} - {{- if and (mustHas $objectData.type $validTypes) $rootCtx.Values.podOptions.defaultSpread }} -- maxSkew: 1 - whenUnsatisfiable: ScheduleAnyway - topologyKey: {{ default "kubernetes.io/hostname" $rootCtx.Values.global.fallbackDefaults.topologyKey }} - labelSelector: - matchLabels: - {{- include "tc.v1.common.lib.metadata.selectorLabels" (dict "rootCtx" $rootCtx "objectType" "pod" "objectName" $objectData.shortName) | indent 6 }} - nodeAffinityPolicy: Honor - nodeTaintsPolicy: Honor - {{- end -}} - {{- with $constraints -}} {{/* TODO: Template this, so we can add some validation around easy to make mistakes. Low Prio */}} - {{- . | toYaml | nindent 0 }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/_volumes.tpl b/charts/common/templates/lib/pod/_volumes.tpl deleted file mode 100644 index 1d54621..0000000 --- a/charts/common/templates/lib/pod/_volumes.tpl +++ /dev/null @@ -1,122 +0,0 @@ -{{/* Returns Volumes */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.volumes" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.pod.volumes" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $selectedVolumes := (include "tc.v1.common.lib.pod.volumes.selected" (dict "rootCtx" $rootCtx "objectData" $objectData)) | fromJson -}} - - {{- range $type, $volumes := $selectedVolumes -}} - {{- range $volume := $volumes -}} - {{- include (printf "tc.v1.common.lib.pod.volume.%s" $type) (dict "rootCtx" $rootCtx "objectData" $volume) | trim | nindent 0 -}} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.volumes.checkRWO" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $persistence := .persistence -}} - {{- $type := .type -}} - {{- $name := .name -}} - - {{/* Only check accessModes if persistence is one of those types */}} - {{- $typesWithAccessMode := (list "pvc") -}} - {{- if (mustHas $type $typesWithAccessMode) -}} - {{- $modes := include "tc.v1.common.lib.pvc.accessModes" (dict "rootCtx" $rootCtx - "objectData" $persistence "caller" "Volumes") | fromYamlArray - -}} - - {{- $hasRWO := include "tc.v1.common.lib.pod.volumes.hasRWO" (dict "modes" $modes) -}} - - {{- if eq $hasRWO "true" -}} - {{- if eq $objectData.type "DaemonSet" -}} - {{- fail "Expected [accessMode] to not be [ReadWriteOnce] when used on a [DaemonSet]" -}} - - {{- else if and (mustHas $objectData.type (list "Deployment" "StatefulSet")) (gt (($objectData.replicas| default 1) | int) 1) -}} - {{- include "add.warning" (dict "rootCtx" $rootCtx - "warn" (printf "WARNING: The [accessModes] on volume [%s] is set to [ReadWriteOnce] when on a [Deployment] with more than 1 replica" $name)) - -}} - {{- end -}} - {{- end -}} - - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.volumes.hasRWO" -}} - {{- $modes := .modes -}} - {{- $hasRWO := false -}} - {{- range $m := $modes -}} - {{- if eq $m "ReadWriteOnce" -}} - {{- $hasRWO = true -}} - {{- break -}} - {{- end -}} - {{- end -}} - {{- $hasRWO -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.volumes.selected" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $selectedVolumes := dict - "pvc" list - "secret" list - "configmap" list - "emptyDir" list - "hostPath" list - "nfs" list - "iscsi" list - "projected" list - "device" list - -}} - - {{- range $name, $persistenceValues := $rootCtx.Values.persistence -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $persistenceValues - "name" $name "caller" "Volumes" - "key" "persistence")) - -}} - - {{- if (ne $enabled "true") -}}{{- continue -}}{{- end -}} - {{- $persistence := (mustDeepCopy $persistenceValues) -}} - {{- $_ := set $persistence "shortName" $name -}} - - {{- $selected := false -}} - - {{- if $persistence.targetSelectAll -}} - {{- $selected = true -}} - {{- else if eq $objectData.shortName "autopermissions" -}} - {{- if and $persistence.autoPermissions $persistence.autoPermissions.enabled -}} - {{- $selected = true -}} - {{- end -}} - {{- else if $persistence.targetSelector -}} - {{- if not (kindIs "map" $persistence.targetSelector) -}} - {{- fail (printf "Persistence - Expected [targetSelector] to be [dict], but got [%s]" (kindOf $persistence.targetSelector)) -}} - {{- end -}} - - {{- if (mustHas $objectData.shortName (keys $persistence.targetSelector)) -}} - {{- $selected = true -}} - {{- end -}} - {{- else if $objectData.primary -}} - {{- $selected = true -}} - {{- end -}} - - {{- if not $selected -}}{{- continue -}}{{- end -}} - - {{- $type := ($persistence.type | default $rootCtx.Values.global.fallbackDefaults.persistenceType) -}} - {{- if eq $type "vct" -}}{{- continue -}}{{- end -}} - - {{- include "tc.v1.common.lib.pod.volumes.checkRWO" (dict - "rootCtx" $rootCtx "objectData" $objectData "persistence" $persistence "type" $type "name" $name) - -}} - - {{- $_ := set $selectedVolumes $type (mustAppend (index $selectedVolumes $type) $persistence) -}} - {{- end -}} - - {{- $selectedVolumes | toJson -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/volumes/_configmap.tpl b/charts/common/templates/lib/pod/volumes/_configmap.tpl deleted file mode 100644 index 833fc7e..0000000 --- a/charts/common/templates/lib/pod/volumes/_configmap.tpl +++ /dev/null @@ -1,71 +0,0 @@ -{{/* Returns ConfigMap Volume */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.volume.configmap" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the volume. -*/}} -{{- define "tc.v1.common.lib.pod.volume.configmap" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.objectName -}} - {{- fail "Persistence - Expected non-empty [objectName] on [configmap] type" -}} - {{- end -}} - - {{- $objectName := tpl $objectData.objectName $rootCtx -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $rootCtx "objectData" $objectData - "name" $objectData.shortName "caller" "ConfigMap" - "key" "configmap")) -}} - - {{- if eq $expandName "true" -}} - {{- $object := (get $rootCtx.Values.configmap $objectName) -}} - {{- if and (not $object) (not $objectData.optional) -}} - {{- fail (printf "Persistence - Expected configmap [%s] defined in [objectName] to exist" $objectName) -}} - {{- end -}} - - {{- $objectName = (printf "%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $objectName) -}} - {{- end -}} - - {{- $optional := false -}} - {{- if hasKey $objectData "optional" -}} - {{- if not (kindIs "bool" $objectData.optional) -}} - {{- fail (printf "Persistence - Expected [optional] to be [bool], but got [%s]" (kindOf $objectData.optional)) -}} - {{- end -}} - {{- $optional = $objectData.optional -}} - {{- end -}} - - {{- $defMode := "" -}} - {{- if (and $objectData.defaultMode (not (kindIs "string" $objectData.defaultMode))) -}} - {{- fail (printf "Persistence - Expected [defaultMode] to be [string], but got [%s]" (kindOf $objectData.defaultMode)) -}} - {{- end -}} - - {{- with $objectData.defaultMode -}} - {{- $defMode = tpl $objectData.defaultMode $rootCtx -}} - {{- end -}} - - {{- if and $defMode (not (mustRegexMatch "^[0-9]{4}$" $defMode)) -}} - {{- fail (printf "Persistence - Expected [defaultMode] to have be in format of [\"0777\"], but got [%q]" $defMode) -}} - {{- end }} -- name: {{ $objectData.shortName }} - configMap: - name: {{ $objectName }} - {{- with $defMode }} - defaultMode: {{ . }} - {{- end }} - optional: {{ $optional }} - {{- with $objectData.items }} - items: - {{- range . -}} - {{- if not .key -}} - {{- fail "Persistence - Expected non-empty [items.key]" -}} - {{- end -}} - {{- if not .path -}} - {{- fail "Persistence - Expected non-empty [items.path]" -}} - {{- end }} - - key: {{ tpl .key $rootCtx }} - path: {{ tpl .path $rootCtx }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/volumes/_device.tpl b/charts/common/templates/lib/pod/volumes/_device.tpl deleted file mode 100644 index b39192f..0000000 --- a/charts/common/templates/lib/pod/volumes/_device.tpl +++ /dev/null @@ -1,53 +0,0 @@ -{{/* Returns device (hostPath) Volume */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.volume.device" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the volume. -*/}} -{{- define "tc.v1.common.lib.pod.volume.device" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $hostPathType := "" -}} - {{- if $objectData.hostPathType -}} - {{- $hostPathType = tpl $objectData.hostPathType $rootCtx -}} - {{- end -}} - - {{- if not $objectData.hostPath -}} - {{- fail "Persistence - Expected non-empty [hostPath] on [device] type" -}} - {{- end -}} - {{- $hostPath := tpl $objectData.hostPath $rootCtx -}} - - {{- if not (hasPrefix "/" $hostPath) -}} - {{- fail "Persistence - Expected [hostPath] to start with a forward slash [/] on [device] type" -}} - {{- end -}} - - {{- $charDevices := (list "tty") -}} - {{- if not $hostPathType -}} - {{- range $char := $charDevices -}} - {{- if hasPrefix (printf "/dev/%v" $char) $hostPath -}} - {{- $hostPathType = "CharDevice" -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $blockDevices := (list "sd" "hd" "nvme") -}} - {{- if not $hostPathType -}} - {{- range $block := $blockDevices -}} - {{- if hasPrefix (printf "/dev/%v" $block) $hostPath -}} - {{- $hostPathType = "BlockDevice" -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $types := (list "DirectoryOrCreate" "Directory" "FileOrCreate" "File" "Socket" "CharDevice" "BlockDevice") -}} - {{- if and $hostPathType (not (mustHas $hostPathType $types)) -}} - {{- fail (printf "Persistence - Expected [hostPathType] to be one of [%s], but got [%s]" (join ", " $types) $hostPathType) -}} - {{- end }} -- name: {{ $objectData.shortName }} - hostPath: - path: {{ $hostPath }} - {{- with $hostPathType }} - type: {{ $hostPathType }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/volumes/_emptyDir.tpl b/charts/common/templates/lib/pod/volumes/_emptyDir.tpl deleted file mode 100644 index cdf0bc1..0000000 --- a/charts/common/templates/lib/pod/volumes/_emptyDir.tpl +++ /dev/null @@ -1,45 +0,0 @@ -{{/* Returns emptyDir Volume */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.volume.emptyDir" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the volume. -*/}} -{{- define "tc.v1.common.lib.pod.volume.emptyDir" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $medium := "" -}} - {{- $size := "" -}} - {{- with $objectData.medium -}} - {{- $medium = tpl . $rootCtx -}} - {{- end -}} - {{- with $objectData.size -}} - {{- $size = tpl . $rootCtx -}} - {{- end -}} - - {{- if $size -}} - {{/* Size: https://regex101.com/r/NNPV2D/1 */}} - {{- if not (mustRegexMatch "^[1-9][0-9]*([EPTGMK]i?|e[0-9]+)?$" (toString $size)) -}} - {{- $formats := "(Suffixed with E/P/T/G/M/K - eg. 1G), (Suffixed with Ei/Pi/Ti/Gi/Mi/Ki - eg. 1Gi), (Plain Integer in bytes - eg. 1024), (Exponent - eg. 134e6)" -}} - {{- fail (printf "Persistence Expected [size] to have one of the following formats [%s], but got [%s]" $formats $size) -}} - {{- end -}} - {{- else if eq $medium "Memory" -}} - {{- $size = $rootCtx.Values.resources.limits.memory -}} - {{- end -}} - - {{- if and $medium (ne $medium "Memory") -}} - {{- fail (printf "Persistence - Expected [medium] to be one of [\"\", Memory], but got [%s] on [emptyDir] type" $medium) -}} - {{- end }} -- name: {{ $objectData.shortName }} - {{- if or $medium $size }} - emptyDir: - {{- if $medium }} - medium: {{ $medium }} - {{- end -}} - {{- if $size }} - sizeLimit: {{ $size }} - {{- end -}} - {{- else }} - emptyDir: {} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/volumes/_hostPath.tpl b/charts/common/templates/lib/pod/volumes/_hostPath.tpl deleted file mode 100644 index 0cdea18..0000000 --- a/charts/common/templates/lib/pod/volumes/_hostPath.tpl +++ /dev/null @@ -1,35 +0,0 @@ -{{/* Returns hostPath Volume */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.volume.hostPath" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the volume. -*/}} -{{- define "tc.v1.common.lib.pod.volume.hostPath" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $hostPathType := "" -}} - {{- if $objectData.hostPathType -}} - {{- $hostPathType = tpl $objectData.hostPathType $rootCtx -}} - {{- end -}} - - {{- if not $objectData.hostPath -}} - {{- fail "Persistence - Expected non-empty [hostPath] on [hostPath] type" -}} - {{- end -}} - {{- $hostPath := tpl $objectData.hostPath $rootCtx -}} - - {{- if not (hasPrefix "/" $hostPath) -}} - {{- fail "Persistence - Expected [hostPath] to start with a forward slash [/] on [hostPath] type" -}} - {{- end -}} - - {{- $types := (list "DirectoryOrCreate" "Directory" "FileOrCreate" "File" "Socket" "CharDevice" "BlockDevice") -}} - {{- if and $hostPathType (not (mustHas $hostPathType $types)) -}} - {{- fail (printf "Persistence - Expected [hostPathType] to be one of [%s], but got [%s]" (join ", " $types) $hostPathType) -}} - {{- end }} -- name: {{ $objectData.shortName }} - hostPath: - path: {{ $hostPath }} - {{- with $hostPathType }} - type: {{ $hostPathType }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/volumes/_iscsi.tpl b/charts/common/templates/lib/pod/volumes/_iscsi.tpl deleted file mode 100644 index 3769ef6..0000000 --- a/charts/common/templates/lib/pod/volumes/_iscsi.tpl +++ /dev/null @@ -1,75 +0,0 @@ -{{/* Returns iscsi Volume */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.volume.iscsi" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the volume. -*/}} -{{- define "tc.v1.common.lib.pod.volume.iscsi" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.iscsi -}} - {{- fail "Persistence - Expected non-empty [iscsi] object on [iscsi] type" -}} - {{- end -}} - - {{- with $objectData.iscsi.fsType -}} - {{- $validFSTypes := (list "ext4" "xfs" "ntfs") -}} - {{- $fsType := tpl . $rootCtx -}} - {{- if not (mustHas $fsType $validFSTypes) -}} - {{- fail (printf "Persistence - Expected [fsType] on [iscsi] type to be one of [%s], but got [%s]" (join ", " $validFSTypes) $fsType) -}} - {{- end -}} - {{- end -}} - - {{- if not $objectData.iscsi.targetPortal -}} - {{- fail "Persistence - Expected non-empty [targetPortal] on [iscsi] type" -}} - {{- end -}} - - {{- if not $objectData.iscsi.iqn -}} - {{- fail "Persistence - Expected non-empty [iqn] on [iscsi] type" -}} - {{- end -}} - - {{- if (kindIs "invalid" $objectData.iscsi.lun) -}} - {{- fail "Persistence - Expected non-empty [lun] on [iscsi] type" -}} - {{- end -}} - {{- $lun := $objectData.iscsi.lun -}} - {{- if (kindIs "string" $lun) -}} - {{- $lun = tpl $lun $rootCtx | float64 -}} - {{- end -}} - - {{- $authSession := false -}} - {{- $authDiscovery := false -}} - {{- if $objectData.iscsi.authSession -}} - {{- $authSession = true -}} - {{- end -}} - {{- if $objectData.iscsi.authDiscovery -}} - {{- $authDiscovery = true -}} - {{- end }} - -- name: {{ $objectData.shortName }} - iscsi: - targetPortal: {{ tpl $objectData.iscsi.targetPortal $rootCtx }} - {{- with $objectData.iscsi.portals }} - portals: - {{- range $portal := . }} - - {{ tpl $portal $rootCtx | quote }} - {{- end -}} - {{- end }} - iqn: {{ tpl $objectData.iscsi.iqn $rootCtx }} - lun: {{ include "tc.v1.common.helper.makeIntOrNoop" $lun }} - {{- with $objectData.iscsi.iscsiInterface }} - iscsiInterface: {{ tpl . $rootCtx }} - {{- end -}} - {{- with $objectData.iscsi.initiatorName }} - initiatorName: {{ tpl . $rootCtx }} - {{- end -}} - {{- with $objectData.iscsi.fsType }} - fsType: {{ tpl . $rootCtx }} - {{- end }} - chapAuthSession: {{ $authSession }} - chapAuthDiscovery: {{ $authDiscovery }} - {{- if or $authSession $authDiscovery -}} - {{- $secretName := (printf "%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $objectData.shortName) }} - secretRef: - name: {{ $secretName }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/volumes/_nfs.tpl b/charts/common/templates/lib/pod/volumes/_nfs.tpl deleted file mode 100644 index 18b4113..0000000 --- a/charts/common/templates/lib/pod/volumes/_nfs.tpl +++ /dev/null @@ -1,27 +0,0 @@ -{{/* Returns NFS Volume */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.volume.nfs" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the volume. -*/}} -{{- define "tc.v1.common.lib.pod.volume.nfs" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.path -}} - {{- fail "Persistence - Expected non-empty [path] on [nfs] type" -}} - {{- end -}} - - {{- $path := tpl $objectData.path $rootCtx -}} - {{- if not (hasPrefix "/" $path) -}} - {{- fail "Persistence - Expected [path] to start with a forward slash [/] on [nfs] type" -}} - {{- end -}} - - {{- if not $objectData.server -}} - {{- fail "Persistence - Expected non-empty [server] on [nfs] type" -}} - {{- end }} -- name: {{ $objectData.shortName }} - nfs: - path: {{ $path }} - server: {{ tpl $objectData.server $rootCtx }} -{{- end -}} diff --git a/charts/common/templates/lib/pod/volumes/_projected.tpl b/charts/common/templates/lib/pod/volumes/_projected.tpl deleted file mode 100644 index 979125e..0000000 --- a/charts/common/templates/lib/pod/volumes/_projected.tpl +++ /dev/null @@ -1,181 +0,0 @@ -{{/* Returns projected Volume */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.volume.projected" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the volume. -*/}} -{{- define "tc.v1.common.lib.pod.volume.projected" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.sources -}} - {{- fail "Persistence - Expected non-empty [sources] on [projected] type" -}} - {{- end -}} - - {{- $defMode := "" -}} - {{- if (and $objectData.defaultMode (not (kindIs "string" $objectData.defaultMode))) -}} - {{- fail (printf "Persistence - Expected [defaultMode] to be [string], but got [%s]" (kindOf $objectData.defaultMode)) -}} - {{- end -}} - - {{- with $objectData.defaultMode -}} - {{- $defMode = tpl $objectData.defaultMode $rootCtx -}} - {{- end -}} - - {{- if and $defMode (not (mustRegexMatch "^[0-9]{4}$" $defMode)) -}} - {{- fail (printf "Persistence - Expected [defaultMode] to have be in format of [\"0777\"], but got [%q]" $defMode) -}} - {{- end -}} - {{- $allowedSources := (list "clusterTrustBundle" "configMap" "downwardAPI" "secret" "serviceAccountToken") }} -- name: {{ $objectData.shortName }} - projected: - {{- with $defMode }} - defaultMode: {{ . }} - {{- end }} - sources: - {{- range $source := $objectData.sources -}} - {{- if gt ($source | keys | len) 1 -}} - {{- fail "Persistence - Expected only one source type per item in [projected] volume" -}} - {{- end -}} - - {{- $k := $source | keys | first -}} - {{- $v := (get $source $k) -}} - - {{- if eq $k "serviceAccountToken" }} - {{- include "tc.v1.common.lib.pod.volume.projected.serviceAccountToken" (dict "rootCtx" $rootCtx "source" $v) | nindent 6 }} - {{- else if or (eq $k "secret") (eq $k "configMap") }} - {{- include "tc.v1.common.lib.pod.volume.projected.cm-secret" (dict "rootCtx" $rootCtx "source" $v "type" $k) | nindent 6 }} - {{- else if eq $k "downwardAPI" }} - {{- include "tc.v1.common.lib.pod.volume.projected.downwardAPI" (dict "rootCtx" $rootCtx "source" $v) | nindent 6 }} - {{- else if eq $k "clusterTrustBundle" }} - {{- include "tc.v1.common.lib.pod.volume.projected.clusterTrustBundle" (dict "rootCtx" $rootCtx "source" $v) | nindent 6 }} - {{- else -}} - {{- fail (printf "Persistence - Invalid source type [%s] for projected. Valid sources are [%s]" $k (join ", " $allowedSources)) -}} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.volume.projected.serviceAccountToken" -}} - {{- $rootCtx := .rootCtx -}} - {{- $source := .source -}} - - {{- if hasKey $source "expirationSeconds" -}} - {{- if lt ($source.expirationSeconds | int) 600 -}} - {{- fail (printf "Persistence - Expected [expirationSeconds] to be greater than 600 seconds, but got [%v]" $source.expirationSeconds) -}} - {{- end -}} - {{- end -}} - - {{- if not $source.path -}} - {{- fail "Persistence - Expected non-empty [path] on [serviceAccountToken] type" -}} - {{- end -}} -- serviceAccountToken: - {{- with $source.audience }} - audience: {{ tpl . $rootCtx }} - {{- end -}} - {{- with $source.expirationSeconds }} - expirationSeconds: {{ . }} - {{- end }} - path: {{ tpl $source.path $rootCtx }} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.volume.projected.downwardAPI" -}} - {{- $rootCtx := .rootCtx -}} - {{- $source := .source -}} - - {{- if not (kindIs "map" $source) -}} - {{- fail (printf "Persistence - Expected [downwardAPI] in [sources] to be a map on [downwardAPI] type, but got [%s]" (kindOf $source)) -}} - {{- end -}} - - {{- if not $source.items -}} - {{- fail "Persistence - Expected non-empty [items] on [downwardAPI] type" -}} - {{- end }} -- downwardAPI: - items: - {{- $allowedItems := (list "fieldRef" "resourceFieldRef") }} - {{- range $item := $source.items -}} - {{- if not $item.path -}} - {{- fail "Persistence - Expected non-empty [path] on item in [downwardAPI] type" -}} - {{- end }} - - path: {{ tpl $item.path $rootCtx }} - {{- if hasKey $item "fieldRef" }} - {{- if not $item.fieldRef.fieldPath -}} - {{- fail "Persistence - Expected non-empty [fieldPath] under [fieldRef] on item in [downwardAPI] type" -}} - {{- end }} - fieldRef: - {{- with $item.fieldRef.apiVersion }} - apiVersion: {{ tpl . $rootCtx }} - {{- end }} - fieldPath: {{ tpl $item.fieldRef.fieldPath $rootCtx }} - {{- else if hasKey $item "resourceFieldRef" }} - {{- if not $item.resourceFieldRef.containerName -}} - {{- fail "Persistence - Expected non-empty [containerName] under [resourceFieldRef] on item in [downwardAPI] type" -}} - {{- end -}} - {{- if not $item.resourceFieldRef.resource -}} - {{- fail "Persistence - Expected non-empty [resource] under [resourceFieldRef] on item in [downwardAPI] type" -}} - {{- end }} - resourceFieldRef: - resource: {{ tpl $item.resourceFieldRef.resource $rootCtx }} - containerName: {{ tpl $item.resourceFieldRef.containerName $rootCtx }} - {{- if hasKey $item.resourceFieldRef "divisor" }} - divisor: {{ $item.resourceFieldRef.divisor }} - {{- end -}} - {{- else -}} - {{- fail (printf "Persistence - Expected item in downwardAPI to have one of [%s] keys. But found [%s]" (join ", " $allowedItems) (join ", " ($item | keys | sortAlpha))) -}} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.volume.projected.cm-secret" -}} - {{- $rootCtx := .rootCtx -}} - {{- $source := .source -}} - {{- $type := .type -}} - - {{- if not $source.objectName -}} - {{- fail (printf "Persistence - Expected non-empty [objectName] on [%s] type" $type) -}} - {{- end -}} - - {{- if not $source.items -}} - {{- fail (printf "Persistence - Expected non-empty [items] on [%s] type" $type) -}} - {{- end -}} - - {{- if not (kindIs "slice" $source.items) -}} - {{- fail (printf "Persistence - Expected [items] to be a slice on [%s] type, but got [%s]" $type (kindOf $source.items)) -}} - {{- end -}} - - {{- $objectName := tpl $source.objectName $rootCtx -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $rootCtx "objectData" $source - "name" $source.objectName "caller" "Persistence - Projected" - "key" "persistence")) -}} - {{- $ltype := $type | lower -}} - {{- if eq $expandName "true" -}} - {{- $object := (get (get $rootCtx.Values $ltype) $objectName) -}} - {{- if and (not $object) (not $source.optional) -}} - {{- fail (printf "Persistence - Expected %s [%s] defined in [objectName] to exist" $ltype $objectName) -}} - {{- end -}} - - {{- $objectName = (printf "%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $objectName) -}} - {{- end }} -- {{ $type }}: - name: {{ $objectName }} - {{- if hasKey $source "optional" }} - optional: {{ $source.optional }} - {{- end }} - items: - {{- range $item := $source.items -}} - {{- if not $item.key -}} - {{- fail (printf "Persistence - Expected non-empty [key] on item in [%s] type" $type) -}} - {{- end -}} - {{- if not $item.path -}} - {{- fail (printf "Persistence - Expected non-empty [path] on item in [%s] type" $type) -}} - {{- end }} - - key: {{ tpl $item.key $rootCtx }} - path: {{ tpl $item.path $rootCtx }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.pod.volume.projected.clusterTrustBundle" -}} - {{- $rootCtx := .rootCtx -}} - {{- $source := .source -}} - - {{- fail "Persistence - Key [clusterTrustBundle] is not yet implemented in [projected type]" -}} -{{- end -}} diff --git a/charts/common/templates/lib/pod/volumes/_pvc.tpl b/charts/common/templates/lib/pod/volumes/_pvc.tpl deleted file mode 100644 index 1f93e96..0000000 --- a/charts/common/templates/lib/pod/volumes/_pvc.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{/* Returns PVC Volume */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.volume.pvc" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the volume. -*/}} -{{- define "tc.v1.common.lib.pod.volume.pvc" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $pvcName := include "tc.v1.common.lib.storage.pvc.name" (dict "rootCtx" $rootCtx "objectName" $objectData.shortName "objectData" $objectData) -}} - {{- with $objectData.existingClaim -}} - {{- $pvcName = tpl . $rootCtx -}} - {{- end }} -- name: {{ $objectData.shortName }} - persistentVolumeClaim: - claimName: {{ $pvcName }} -{{- end -}} diff --git a/charts/common/templates/lib/pod/volumes/_secret.tpl b/charts/common/templates/lib/pod/volumes/_secret.tpl deleted file mode 100644 index ab8678f..0000000 --- a/charts/common/templates/lib/pod/volumes/_secret.tpl +++ /dev/null @@ -1,71 +0,0 @@ -{{/* Returns Secret Volume */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pod.volume.secret" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the volume. -*/}} -{{- define "tc.v1.common.lib.pod.volume.secret" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.objectName -}} - {{- fail "Persistence - Expected non-empty [objectName] on [secret] type" -}} - {{- end -}} - - {{- $objectName := tpl $objectData.objectName $rootCtx -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $rootCtx "objectData" $objectData - "name" $objectData.shortName "caller" "Secret" - "key" "secret")) -}} - - {{- if eq $expandName "true" -}} - {{- $object := (get $rootCtx.Values.secret $objectName) -}} - {{- if and (not $object) (not $objectData.optional) -}} - {{- fail (printf "Persistence - Expected secret [%s] defined in [objectName] to exist" $objectName) -}} - {{- end -}} - - {{- $objectName = (printf "%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $objectName) -}} - {{- end -}} - - {{- $optional := false -}} - {{- if hasKey $objectData "optional" -}} - {{- if not (kindIs "bool" $objectData.optional) -}} - {{- fail (printf "Persistence - Expected [optional] to be [bool], but got [%s]" (kindOf $objectData.optional)) -}} - {{- end -}} - {{- $optional = $objectData.optional -}} - {{- end -}} - - {{- $defMode := "" -}} - {{- if (and $objectData.defaultMode (not (kindIs "string" $objectData.defaultMode))) -}} - {{- fail (printf "Persistence - Expected [defaultMode] to be [string], but got [%s]" (kindOf $objectData.defaultMode)) -}} - {{- end -}} - - {{- with $objectData.defaultMode -}} - {{- $defMode = tpl $objectData.defaultMode $rootCtx -}} - {{- end -}} - - {{- if and $defMode (not (mustRegexMatch "^[0-9]{4}$" $defMode)) -}} - {{- fail (printf "Persistence - Expected [defaultMode] to have be in format of [\"0777\"], but got [%q]" $defMode) -}} - {{- end }} -- name: {{ $objectData.shortName }} - secret: - secretName: {{ $objectName }} - {{- with $defMode }} - defaultMode: {{ . }} - {{- end }} - optional: {{ $optional }} - {{- with $objectData.items }} - items: - {{- range . -}} - {{- if not .key -}} - {{- fail "Persistence - Expected non-empty [items.key]" -}} - {{- end -}} - {{- if not .path -}} - {{- fail "Persistence - Expected non-empty [items.path]" -}} - {{- end }} - - key: {{ tpl .key $rootCtx }} - path: {{ tpl .path $rootCtx }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/podDistruptionBudget/_validation.tpl b/charts/common/templates/lib/podDistruptionBudget/_validation.tpl deleted file mode 100644 index b92fc57..0000000 --- a/charts/common/templates/lib/podDistruptionBudget/_validation.tpl +++ /dev/null @@ -1,52 +0,0 @@ -{{/* Metadata Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.podDisruptionBudget.validation" (dict "objectData" $objectData "caller" $caller) -}} -objectData: - labels: The labels of the configmap. - annotations: The annotations of the configmap. - data: The data of the configmap. -*/}} - -{{- define "tc.v1.common.lib.podDisruptionBudget.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if and $objectData.targetSelector (not (kindIs "string" $objectData.targetSelector)) -}} - {{- fail (printf "Pod Disruption Budget - Expected [targetSelector] to be [string], but got [%s]" (kindOf $objectData.targetSelector)) -}} - {{- end -}} - - {{- if and (not $objectData.targetSelector) (not $objectData.customLabels) -}} - {{- fail (printf "Pod Disruption Budget - Expected one of [targetSelector, customLabels] to be defined in [podDisruptionBudget.%s]" $objectData.shortName) -}} - {{- end -}} - - {{- if and $objectData.targetSelector $objectData.customLabels -}} - {{- fail (printf "Pod Disruption Budget - Expected only one of [targetSelector, customLabels] to be defined in [podDisruptionBudget.%s]" $objectData.shortName) -}} - {{- end -}} - - {{- with $objectData.unhealthyPodEvictionPolicy -}} - {{- $policies := (list "IfHealthyBudget" "AlwaysAllow") -}} - {{- if not (mustHas (tpl . $rootCtx) $policies) -}} - {{- fail (printf "Pod Disruption Budget - Expected [unhealthyPodEvictionPolicy] to be one of [%s], but got [%s]" (join ", " $policies) .) -}} - {{- end -}} - {{- end -}} - - {{- $hasKey := false -}} - {{- $keys := (list "minAvailable" "maxUnavailable") -}} - {{- range $key := $keys -}} - {{- if hasKey $objectData $key -}} - {{- $hasKey = true -}} - {{- if kindIs "invalid" (get $objectData $key) -}} - {{- fail (printf "Pod Disruption Budget - Expected the defined key [%v] in [podDisruptionBudget.%s] to not be empty" $key $objectData.shortName) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if and ($objectData.minAvailable) ($objectData.maxUnavailable) -}} - {{- fail (printf "Pod Disruption Budget - Expected one of [%s] to be defined in [podDisruptionBudget.%s], but got both" (join ", " $keys) $objectData.shortName) -}} - {{- end -}} - - {{- if not $hasKey -}} - {{- fail (printf "Pod Disruption Budget - Expected at least one of [%s] to be defined in [podDisruptionBudget.%s]" (join ", " $keys) $objectData.shortName) -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/priorityClass/_validation.tpl b/charts/common/templates/lib/priorityClass/_validation.tpl deleted file mode 100644 index 446e6f1..0000000 --- a/charts/common/templates/lib/priorityClass/_validation.tpl +++ /dev/null @@ -1,11 +0,0 @@ -{{- define "tc.v1.common.lib.priorityclass.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $validPolicies := (list "PreemptLowerPriority" "Never") -}} - {{- if $objectData.preemptionPolicy -}} - {{- if not (mustHas $objectData.preemptionPolicy $validPolicies) -}} - {{- fail (printf "Priority Class - Expected [preemptionPolicy] to be one of [%s], but got [%s]" (join ", " $validPolicies) $objectData.preemptionPolicy) -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/rbac/_getServiceAccounts.tpl b/charts/common/templates/lib/rbac/_getServiceAccounts.tpl deleted file mode 100644 index 61a2305..0000000 --- a/charts/common/templates/lib/rbac/_getServiceAccounts.tpl +++ /dev/null @@ -1,52 +0,0 @@ -{{/* Returns Service Account List for rbac */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.rbac.serviceAccount" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the RBAC. -*/}} -{{/* Parses service accounts, and checks if RBAC have selected any of them */}} -{{- define "tc.v1.common.lib.rbac.serviceAccount" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $serviceAccounts := list -}} - - {{- range $name, $serviceAccount := $rootCtx.Values.serviceAccount -}} - {{- $saName := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - - {{- if $serviceAccount.enabled -}} - - {{- if not $serviceAccount.primary -}} - {{- $saName = (printf "%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $name) -}} - {{- end -}} - - {{/* If allServiceAccounts is true */}} - {{- if $objectData.allServiceAccounts -}} - {{- $serviceAccounts = mustAppend $serviceAccounts $saName -}} - - {{/* Else if serviceAccounts is a list */}} - {{- else if (kindIs "slice" $objectData.serviceAccounts) -}} - {{- if (mustHas $name $objectData.serviceAccounts) -}} - {{- $serviceAccounts = mustAppend $serviceAccounts $saName -}} - {{- end -}} - - {{/* If not "allServiceAccounts" or "serviceAccounts", assign the primary service account to rbac */}} - {{- else if $serviceAccount.primary -}} - {{- if $objectData.primary -}} - {{- $serviceAccounts = mustAppend $serviceAccounts $saName -}} - {{- end -}} - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- if not $serviceAccounts -}} - {{- fail "RBAC - Expected at least one serviceAccount to be assigned. Assign one using [allServiceAccounts (boolean), serviceAccounts (list)]" -}} - {{- end -}} - - {{- range $serviceAccounts }} -- kind: ServiceAccount - name: {{ . }} - namespace: {{ $rootCtx.Release.Namespace }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/rbac/_rules.tpl b/charts/common/templates/lib/rbac/_rules.tpl deleted file mode 100644 index 54813d1..0000000 --- a/charts/common/templates/lib/rbac/_rules.tpl +++ /dev/null @@ -1,70 +0,0 @@ -{{/* Returns Rules for rbac */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.rbac.rules" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the RBAC. -*/}} -{{/* Parses service accounts, and checks if RBAC have selected any of them */}} -{{- define "tc.v1.common.lib.rbac.rules" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.rules -}} - {{- fail "RBAC - Expected non-empty [rbac.rules]" -}} - {{- end -}} - - {{- range $objectData.rules -}} - {{- if not .apiGroups -}} - {{- fail "RBAC - Expected non-empty [rbac.rules.apiGroups]" -}} - {{- end -}} - {{- if not .resources -}} - {{- fail "RBAC - Expected non-empty [rbac.rules.resources]" -}} - {{- end -}} - {{- if not .verbs -}} - {{- fail "RBAC - Expected non-empty [rbac.rules.verbs]" -}} - {{- end -}} - - {{- /* apiGroups */}} -- apiGroups: - {{- range .apiGroups }} - - {{ tpl . $rootCtx | quote }} - {{- end -}} - {{- /* resources */}} - resources: - {{- range .resources -}} - {{- if not . -}} - {{- fail "RBAC - Expected non-empty entry in [rbac.rules.resources]" -}} - {{- end }} - - {{ tpl . $rootCtx | quote }} - {{- end -}} - {{- /* resourceNames */}} - {{- if .resourceNames }} - resourceNames: - {{- range .resourceNames -}} - {{- if not . -}} - {{- fail "RBAC - Expected non-empty entry in [rbac.rules.resourceNames]" -}} - {{- end }} - - {{ tpl . $rootCtx | quote }} - {{- end -}} - {{- end -}} - {{- /* nonResourceURLs */}} - {{- if .nonResourceURLs }} - nonResourceURLs: - {{- range .nonResourceURLs }} - {{- if not . -}} - {{- fail "RBAC - Expected non-empty entry in [rbac.rules.nonResourceURLs]" -}} - {{- end }} - - {{ tpl . $rootCtx | quote }} - {{- end -}} - {{- end -}} - {{- /* verbs */}} - verbs: - {{- range .verbs -}} - {{- if not . -}} - {{- fail "RBAC - Expected non-empty entry in [rbac.rules.verbs]" -}} - {{- end }} - - {{ tpl . $rootCtx | quote }} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/rbac/_subjects.tpl b/charts/common/templates/lib/rbac/_subjects.tpl deleted file mode 100644 index 89af224..0000000 --- a/charts/common/templates/lib/rbac/_subjects.tpl +++ /dev/null @@ -1,17 +0,0 @@ -{{/* Returns Subjects for rbac */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.rbac.subjects" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the RBAC. -*/}} -{{/* Parses service accounts, and checks if RBAC have selected any of them */}} -{{- define "tc.v1.common.lib.rbac.subjects" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- range $objectData.subjects }} -- kind: {{ tpl (required "RBAC - Expected non-empty [rbac.subjects.kind]" .kind) $rootCtx | quote }} - name: {{ tpl (required "RBAC - Expected non-empty [rbac.subjects.name]" .name) $rootCtx | quote }} - apiGroup: {{ tpl (required "RBAC - Expected non-empty [rbac.subjects.apiGroup]" .apiGroup) $rootCtx | quote }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/rbac/_validation.tpl b/charts/common/templates/lib/rbac/_validation.tpl deleted file mode 100644 index 81f7ca8..0000000 --- a/charts/common/templates/lib/rbac/_validation.tpl +++ /dev/null @@ -1,38 +0,0 @@ -{{/* RBAC Primary Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.rbac.primaryValidation" $ -}} -*/}} - -{{- define "tc.v1.common.lib.rbac.primaryValidation" -}} - - {{/* Initialize values */}} - {{- $hasPrimary := false -}} - {{- $hasEnabled := false -}} - - {{- range $name, $rbac := .Values.rbac -}} - - {{/* If rbac is enabled */}} - {{- if $rbac.enabled -}} - {{- $hasEnabled = true -}} - - {{/* And rbac is primary */}} - {{- if and (hasKey $rbac "primary") ($rbac.primary) -}} - - {{/* Fail if there is already a primary rbac */}} - {{- if $hasPrimary -}} - {{- fail "RBAC - Only one rbac can be primary" -}} - {{- end -}} - - {{- $hasPrimary = true -}} - - {{- end -}} - - {{- end -}} - {{- end -}} - - {{/* Require at least one primary rbac, if any enabled */}} - {{- if and $hasEnabled (not $hasPrimary) -}} - {{- fail "RBAC - At least one enabled rbac must be primary" -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/secret/_validation.tpl b/charts/common/templates/lib/secret/_validation.tpl deleted file mode 100644 index 109093c..0000000 --- a/charts/common/templates/lib/secret/_validation.tpl +++ /dev/null @@ -1,31 +0,0 @@ -{{/* Secret Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.secret.validation" (dict "objectData" $objectData) -}} -objectData: - labels: The labels of the secret. - annotations: The annotations of the secret. - data: The data of the secret. -*/}} - -{{- define "tc.v1.common.lib.secret.validation" -}} - {{- $objectData := .objectData -}} - - {{- if $objectData.stringData -}} - {{- fail "Secret - Key [stringData] is not supported" -}} - {{- end -}} - - {{- if ne $objectData.type "kubernetes.io/service-account-token" -}} - {{- if and (not $objectData.data) -}} - {{- fail "Secret - Expected non-empty [data]" -}} - {{- end -}} - - {{- if and $objectData.data (not (kindIs "map" $objectData.data)) -}} - {{- fail (printf "Secret - Expected [data] to be a dictionary, but got [%v]" (kindOf $objectData.data)) -}} - {{- end -}} - - {{- if and (hasKey $objectData "type") (not $objectData.type) -}} - {{- fail (printf "Secret - Expected non-empty [type] key") -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/service/_ports.tpl b/charts/common/templates/lib/service/_ports.tpl deleted file mode 100644 index 521a7fc..0000000 --- a/charts/common/templates/lib/service/_ports.tpl +++ /dev/null @@ -1,63 +0,0 @@ -{{/* Service - Ports */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.ports" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The object data of the service -*/}} - -{{- define "tc.v1.common.lib.service.ports" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $tcpProtocols := (list "tcp" "http" "https") -}} - {{- range $name, $portValues := $objectData.ports -}} - {{- if $portValues.enabled -}} - {{- $protocol := $rootCtx.Values.global.fallbackDefaults.serviceProtocol -}} {{/* Default to fallback protocol, if no protocol is defined */}} - {{- $port := $portValues.port -}} - {{- $targetPort := $portValues.targetPort -}} - {{- $nodePort := $portValues.nodePort -}} - - {{/* Expand port */}} - {{- if (kindIs "string" $port) -}} - {{- $port = (tpl $port $rootCtx) -}} - {{- end -}} - {{- $port = int $port -}} - - {{/* Expand targetPort */}} - {{- if (kindIs "string" $targetPort) -}} - {{- $targetPort = tpl $targetPort $rootCtx -}} - {{- end -}} - {{- $targetPort = int $targetPort -}} - - {{/* Expand nodePort */}} - {{- if (kindIs "string" $nodePort) -}} - {{- $nodePort = tpl $nodePort $rootCtx -}} - {{- end -}} - {{- $nodePort = int $nodePort -}} - - {{- with $portValues.protocol -}} - {{- $protocol = tpl . $rootCtx -}} - - {{- if mustHas $protocol $tcpProtocols -}} - {{- $protocol = "tcp" -}} - {{- end -}} - {{- end }} -- name: {{ $name }} - port: {{ $port }} - protocol: {{ $protocol | upper }} - targetPort: {{ $targetPort | default $port }} {{/* If no targetPort, default to port */}} - {{- if (eq $objectData.type "NodePort") -}} - {{- if not $nodePort -}} - {{- fail "Service - Expected non-empty [nodePort] on NodePort service type" -}} - {{- end -}} - - {{- $minNodePort := int $rootCtx.Values.global.minNodePort -}} - {{- if (lt $nodePort $minNodePort) -}} - {{- fail (printf "Service - Expected [nodePort] to be higher than [%v], but got [%v]" $minNodePort $nodePort) -}} - {{- end }} - nodePort: {{ $nodePort }} - {{- end -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/service/_validation.tpl b/charts/common/templates/lib/service/_validation.tpl deleted file mode 100644 index 10fcf36..0000000 --- a/charts/common/templates/lib/service/_validation.tpl +++ /dev/null @@ -1,161 +0,0 @@ -{{/* Service Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.validation" (dict "objectData" $objectData) -}} -objectData: - rootCtx: The root context of the chart. - objectData: The service object. -*/}} - -{{- define "tc.v1.common.lib.service.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if and $objectData.targetSelector (not (kindIs "string" $objectData.targetSelector)) -}} - {{- fail (printf "Service - Expected [targetSelector] to be [string], but got [%s]" (kindOf $objectData.targetSelector)) -}} - {{- end -}} - - {{- $svcTypes := (list "ClusterIP" "LoadBalancer" "NodePort" "ExternalName" "ExternalIP") -}} - {{- if and $objectData.type (not (mustHas $objectData.type $svcTypes)) -}} - {{- fail (printf "Service - Expected [type] to be one of [%s] but got [%s]" (join ", " $svcTypes) $objectData.type) -}} - {{- end -}} - - {{- $hasEnabledPort := false -}} - {{- if ne $objectData.type "ExternalName" -}} - {{- range $name, $port := $objectData.ports -}} - {{- $enabled := "false" -}} - - {{- if not (kindIs "invalid" $port.enabled) -}} - {{- $enabled = (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $port - "name" $name "caller" "Service Validation Util" - "key" "port")) -}} - {{- end -}} - - {{- if eq $enabled "true" -}} - {{- $hasEnabledPort = true -}} - - {{- if and $port.targetSelector (not (kindIs "string" $port.targetSelector)) -}} - {{- fail (printf "Service - Expected [port.targetSelector] to be [string], but got [%s]" (kindOf $port.targetSelector)) -}} - {{- end -}} - - {{- if not $port.port -}} - {{- fail (printf "Service - Expected non-empty [port.port]") -}} - {{- end -}} - - {{- $protocolTypes := (list "tcp" "udp" "http" "https") -}} - {{- if $port.protocol -}} - {{- if not (mustHas (tpl $port.protocol $rootCtx) $protocolTypes) -}} - {{- fail (printf "Service - Expected [port.protocol] to be one of [%s] but got [%s]" (join ", " $protocolTypes) $port.protocol) -}} - {{- end -}} - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- if not $hasEnabledPort -}} - {{- fail "Service - Expected enabled service to have at least one port" -}} - {{- end -}} - {{- end -}} - -{{- end -}} - -{{/* Service Primary Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.primaryValidation" $ -}} -*/}} - -{{- define "tc.v1.common.lib.service.primaryValidation" -}} - {{- $result := (include "tc.v1.common.lib.service.hasPrimary" $) | fromJson -}} - - {{/* Require at least one primary service, if any enabled */}} - {{- if and $result.hasEnabled (not $result.hasPrimary) -}} - {{- fail "Service - At least one enabled service must be primary" -}} - {{- end -}} - -{{- end -}} - -{{- define "tc.v1.common.lib.service.hasPrimary" -}} - {{- $objectData := .objectData -}} - - {{- $hasPrimary := false -}} - {{- $hasEnabled := false -}} - - {{- range $name, $service := $.Values.service -}} - {{- $enabled := "false" -}} - - {{- if not (kindIs "invalid" $service.enabled) -}} - {{- $enabled = (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $service - "name" $name "caller" "Service Validation Util" - "key" "service")) -}} - {{- end -}} - - {{- if eq $enabled "true" -}} - {{- $hasEnabled = true -}} - - {{/* And service is primary */}} - {{- if and (hasKey $service "primary") ($service.primary) -}} - {{/* Fail if there is already a primary service */}} - {{- if $hasPrimary -}} - {{- fail "Service - Only one service can be primary" -}} - {{- end -}} - - {{- $hasPrimary = true -}} - - {{- include "tc.v1.common.lib.servicePort.primaryValidation" (dict "objectData" $service.ports) -}} - - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- (dict "hasPrimary" $hasPrimary "hasEnabled" $hasEnabled) | toJson -}} -{{- end -}} - - -{{/* Service Port Primary Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.primaryValidation" (dict "objectData" $objectData -}} -objectData: - The ports of the service. -*/}} -{{- define "tc.v1.common.lib.servicePort.primaryValidation" -}} - {{- $objectData := .objectData -}} - {{- $result := (include "tc.v1.common.lib.servicePort.hasPrimary" (dict "objectData" $objectData)) | fromJson -}} - - {{/* Require at least one primary service, if any enabled */}} - {{- if and $result.hasEnabled (not $result.hasPrimary) -}} - {{- fail "Service - At least one enabled port in service must be primary" -}} - {{- end -}} - -{{- end -}} - -{{- define "tc.v1.common.lib.servicePort.hasPrimary" -}} - {{- $objectData := .objectData -}} - - {{- $hasPrimary := false -}} - {{- $hasEnabled := false -}} - - {{- range $name, $port := $objectData -}} - - {{/* If service is enabled */}} - {{- if $port.enabled -}} - {{- $hasEnabled = true -}} - - {{/* And service is primary */}} - {{- if and (hasKey $port "primary") ($port.primary) -}} - - {{/* Fail if there is already a primary port */}} - {{- if $hasPrimary -}} - {{- fail "Service - Only one port per service can be primary" -}} - {{- end -}} - - {{- $hasPrimary = true -}} - - {{- end -}} - - {{- end -}} - {{- end -}} - - {{- (dict "hasPrimary" $hasPrimary "hasEnabled" $hasEnabled) | toJson -}} -{{- end -}} diff --git a/charts/common/templates/lib/service/integrations/_cilium.tpl b/charts/common/templates/lib/service/integrations/_cilium.tpl deleted file mode 100644 index bf373e4..0000000 --- a/charts/common/templates/lib/service/integrations/_cilium.tpl +++ /dev/null @@ -1,33 +0,0 @@ -{{- define "tc.v1.common.lib.service.integration.cilium" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $_ := set $objectData "integrations" ($objectData.integrations | default dict) -}} - {{- $cilium := $objectData.integrations.cilium -}} - - {{- if $cilium.enabled -}} - {{- include "tc.v1.common.lib.service.integration.validate" (dict "objectData" $objectData "integration" $cilium) -}} - - {{- if and $cilium.sharedKey (ne $objectData.externalTrafficPolicy "Local") -}} - {{/* If externalTrafficPolicy is not set or is not Local, add the shared key as annotation */}} - {{- $_ := set $objectData.annotations "lbipam.cilium.io/sharing-key" $cilium.sharedKey -}} - {{- end -}} - - {{- $ips := list -}} - - {{/* Handle loadBalancerIP (single) */}} - {{- if $objectData.loadBalancerIP -}} - {{- $ips = mustAppend $ips (tpl $objectData.loadBalancerIP $rootCtx) -}} - {{- end -}} - - {{/* Handle loadBalancerIPs (multiple) */}} - {{- range $ip := $objectData.loadBalancerIPs -}} - {{- $ips = mustAppend $ips (tpl $ip $rootCtx) -}} - {{- end -}} - - {{- if $ips -}} - {{- $_ := set $objectData.annotations "lbipam.cilium.io/ips" (join "," $ips) -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/service/integrations/_metallb.tpl b/charts/common/templates/lib/service/integrations/_metallb.tpl deleted file mode 100644 index 8977694..0000000 --- a/charts/common/templates/lib/service/integrations/_metallb.tpl +++ /dev/null @@ -1,38 +0,0 @@ -{{- define "tc.v1.common.lib.service.integration.metallb" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $_ := set $objectData "integrations" ($objectData.integrations | default dict) -}} - {{- $metallb := $objectData.integrations.metallb -}} - - {{- if $metallb.enabled -}} - {{- include "tc.v1.common.lib.service.integration.validate" (dict "objectData" $objectData "integration" $metallb) -}} - - {{ $sharedKey := (include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "Service")) }} - {{- if $metallb.sharedKey -}} - {{- $sharedKey = $metallb.sharedKey -}} - {{- end -}} - - {{/* If externalTrafficPolicy is not set or is not Local, add the shared key as annotation */}} - {{- if ne $objectData.externalTrafficPolicy "Local" -}} - {{- $_ := set $objectData.annotations "metallb.io/allow-shared-ip" $sharedKey -}} - {{- end -}} - - {{- $ips := list -}} - - {{/* Handle loadBalancerIP (single) */}} - {{- if $objectData.loadBalancerIP -}} - {{- $ips = mustAppend $ips (tpl $objectData.loadBalancerIP $rootCtx) -}} - {{- end -}} - - {{/* Handle loadBalancerIPs (multiple) */}} - {{- range $ip := $objectData.loadBalancerIPs -}} - {{- $ips = mustAppend $ips (tpl $ip $rootCtx) -}} - {{- end -}} - - {{- if $ips -}} - {{- $_ := set $objectData.annotations "metallb.io/loadBalancerIPs" (join "," $ips) -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/service/integrations/_traefik.tpl b/charts/common/templates/lib/service/integrations/_traefik.tpl deleted file mode 100644 index e8b64b8..0000000 --- a/charts/common/templates/lib/service/integrations/_traefik.tpl +++ /dev/null @@ -1,12 +0,0 @@ -{{- define "tc.v1.common.lib.service.integration.traefik" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $_ := set $objectData "integrations" ($objectData.integrations | default dict) -}} - {{- $traefik := $objectData.integrations.traefik -}} - - {{- if $traefik.enabled -}} - {{- $_ := set $objectData.annotations "traefik.ingress.kubernetes.io/service.serversscheme" "https" -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/service/integrations/_validation.tpl b/charts/common/templates/lib/service/integrations/_validation.tpl deleted file mode 100644 index bf438c0..0000000 --- a/charts/common/templates/lib/service/integrations/_validation.tpl +++ /dev/null @@ -1,25 +0,0 @@ -{{- define "tc.v1.common.lib.service.integration.validate" -}} - {{- $objectData := .objectData -}} - {{- $integration := .integration -}} - - {{- if and $integration.sharedKey (eq $objectData.externalTrafficPolicy "Local") -}} - {{- fail (printf "Service - [sharedKey], cannot both be used together with [externalTrafficPolicy] set to [Local]" ) -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.service.loadbalancer.validate" -}} - {{- $objectData := .objectData -}} - - {{- if and $objectData.loadBalancerIPs (not (kindIs "slice" $objectData.loadBalancerIPs)) -}} - {{- fail (printf "Service - Expected [loadBalancerIPs] to be a slice, but got [%s]" (kindOf $objectData.loadBalancerIPs)) -}} - {{- end -}} - - {{- if and $objectData.loadBalancerIP (not (kindIs "string" $objectData.loadBalancerIP)) -}} - {{- fail (printf "Service - Expected [loadBalancerIP] to be a string, but got [%s]" (kindOf $objectData.loadBalancerIP)) -}} - {{- end -}} - - {{- if and $objectData.loadBalancerIP $objectData.loadBalancerIPs -}} - {{- fail "Service - Expected one of [loadBalancerIP, loadBalancerIPs] to be defined but got both" -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/service/serviceTypeConfig/_cluster_ip.tpl b/charts/common/templates/lib/service/serviceTypeConfig/_cluster_ip.tpl deleted file mode 100644 index 97c8a37..0000000 --- a/charts/common/templates/lib/service/serviceTypeConfig/_cluster_ip.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{/* Service - clusterIP */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.clusterIP" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.clusterIP" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} - - {{- with $objectData.clusterIP }} -clusterIP: {{ tpl . $rootCtx }} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/service/serviceTypeConfig/_externalIPs.tpl b/charts/common/templates/lib/service/serviceTypeConfig/_externalIPs.tpl deleted file mode 100644 index fd53714..0000000 --- a/charts/common/templates/lib/service/serviceTypeConfig/_externalIPs.tpl +++ /dev/null @@ -1,17 +0,0 @@ -{{/* Service - externalIPs */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.externalIPs" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.externalIPs" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- with $objectData.externalIPs -}} - {{- range . }} -- {{ tpl . $rootCtx }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/service/serviceTypeConfig/_externalTrafficPolicy.tpl b/charts/common/templates/lib/service/serviceTypeConfig/_externalTrafficPolicy.tpl deleted file mode 100644 index 23c2851..0000000 --- a/charts/common/templates/lib/service/serviceTypeConfig/_externalTrafficPolicy.tpl +++ /dev/null @@ -1,22 +0,0 @@ -{{/* Service - externalTrafficPolicy */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.externalTrafficPolicy" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.externalTrafficPolicy" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} - - {{- with $objectData.externalTrafficPolicy }} - {{- $policy := tpl . $rootCtx -}} - {{- $policies := (list "Cluster" "Local") -}} - - {{- if not (mustHas $policy $policies) -}} - {{- fail (printf "Service - Expected [externalTrafficPolicy] to be one of [%s], but got [%s]" (join ", " $policies) $policy) -}} - {{- end }} -externalTrafficPolicy: {{ $policy }} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/service/serviceTypeConfig/_ipFamily.tpl b/charts/common/templates/lib/service/serviceTypeConfig/_ipFamily.tpl deleted file mode 100644 index 61228af..0000000 --- a/charts/common/templates/lib/service/serviceTypeConfig/_ipFamily.tpl +++ /dev/null @@ -1,38 +0,0 @@ -{{/* Service - ipFamily */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.ipFamily" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.ipFamily" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- with $objectData.ipFamilyPolicy -}} - {{- $famPolicy := tpl . $rootCtx -}} - - {{- $stacks := (list "SingleStack" "PreferDualStack" "RequireDualStack") -}} - {{- if not (mustHas $famPolicy $stacks) -}} - {{- fail (printf "Service - Expected [ipFamilyPolicy] to be one of [%s], but got [%s]" (join ", " $stacks) $famPolicy) -}} - {{- end }} -ipFamilyPolicy: {{ $famPolicy }} - {{- end -}} - - {{- if and $objectData.ipFamilies (not (kindIs "slice" $objectData.ipFamilies)) -}} - {{- fail (printf "Service - Expected [ipFamilies] to be a list, but got a [%s]" (kindOf $objectData.ipFamilies)) -}} - {{- end -}} - - {{- with $objectData.ipFamilies }} -ipFamilies: - {{- range . }} - {{- $ipFam := tpl . $rootCtx -}} - - {{- $stacks := (list "IPv4" "IPv6") -}} - {{- if not (mustHas $ipFam $stacks) -}} - {{- fail (printf "Service - Expected [ipFamilies] to be one of [%s], but got [%s]" (join ", " $stacks) $ipFam) -}} - {{- end }} - - {{ $ipFam }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/service/serviceTypeConfig/_publishNotReadyAddresses.tpl b/charts/common/templates/lib/service/serviceTypeConfig/_publishNotReadyAddresses.tpl deleted file mode 100644 index 6f9626e..0000000 --- a/charts/common/templates/lib/service/serviceTypeConfig/_publishNotReadyAddresses.tpl +++ /dev/null @@ -1,19 +0,0 @@ -{{/* Service - publishNotReadyAddresses */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.publishNotReadyAddresses" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.publishNotReadyAddresses" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} - - {{- $publishAddr := false -}} - - {{- if (kindIs "bool" $objectData.publishNotReadyAddresses) -}} - {{- $publishAddr = $objectData.publishNotReadyAddresses -}} - {{- end -}} - - {{- $publishAddr -}} -{{- end -}} diff --git a/charts/common/templates/lib/service/serviceTypeConfig/_sessionAffinity.tpl b/charts/common/templates/lib/service/serviceTypeConfig/_sessionAffinity.tpl deleted file mode 100644 index a4a36b7..0000000 --- a/charts/common/templates/lib/service/serviceTypeConfig/_sessionAffinity.tpl +++ /dev/null @@ -1,42 +0,0 @@ -{{/* Service - Session Affinity */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.sessionAffinity" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.sessionAffinity" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- with $objectData.sessionAffinity -}} - {{- $affinity := tpl . $rootCtx -}} - {{- $affinities := (list "ClientIP" "None") -}} - {{- if not (mustHas $affinity $affinities) -}} - {{- fail (printf "Service - Expected [sessionAffinity] to be one of [%s], but got [%s]" (join ", " $affinities) $affinity) -}} - {{- end }} -sessionAffinity: {{ $affinity }} - {{- if eq $affinity "ClientIP" -}} - {{- with $objectData.sessionAffinityConfig -}} - {{- with .clientIP -}} - - {{- $timeout := .timeoutSeconds -}} - {{- if kindIs "string" $timeout -}} - {{- $timeout = tpl $timeout $rootCtx -}} - {{- end -}} - - {{- $timeout = int $timeout -}} - {{- if and $timeout (mustHas (kindOf $timeout) (list "float64" "int64" "int")) -}} - {{- if or (lt $timeout 0) (gt $timeout 86400) -}} - {{- fail (printf "Service - Expected [sessionAffinityConfig.clientIP.timeoutSeconds] to be between [0 - 86400], but got [%v]" $timeout) -}} - {{- end }} -sessionAffinityConfig: - clientIP: - timeoutSeconds: {{ $timeout }} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/service/serviceTypeSpecs/_clusterIP.tpl b/charts/common/templates/lib/service/serviceTypeSpecs/_clusterIP.tpl deleted file mode 100644 index 9b45d4f..0000000 --- a/charts/common/templates/lib/service/serviceTypeSpecs/_clusterIP.tpl +++ /dev/null @@ -1,21 +0,0 @@ -{{/* Service - ClusterIP Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.spec.clusterIP" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.spec.clusterIP" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} - -type: ClusterIP -publishNotReadyAddresses: {{ include "tc.v1.common.lib.service.publishNotReadyAddresses" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim }} - {{- with (include "tc.v1.common.lib.service.externalIPs" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -externalIPs: - {{- . | nindent 2 }} - {{- end -}} - {{- include "tc.v1.common.lib.service.sessionAffinity" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.clusterIP" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.ipFamily" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} -{{- end -}} diff --git a/charts/common/templates/lib/service/serviceTypeSpecs/_externalIP.tpl b/charts/common/templates/lib/service/serviceTypeSpecs/_externalIP.tpl deleted file mode 100644 index e43e446..0000000 --- a/charts/common/templates/lib/service/serviceTypeSpecs/_externalIP.tpl +++ /dev/null @@ -1,19 +0,0 @@ -{{/* Service - ExternalIP Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.spec.externalIP" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.spec.externalIP" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} - -publishNotReadyAddresses: {{ include "tc.v1.common.lib.service.publishNotReadyAddresses" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim }} - {{- with (include "tc.v1.common.lib.service.externalIPs" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -externalIPs: - {{- . | nindent 2 }} - {{- end -}} - {{- include "tc.v1.common.lib.service.sessionAffinity" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.externalTrafficPolicy" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} -{{- end -}} diff --git a/charts/common/templates/lib/service/serviceTypeSpecs/_externalName.tpl b/charts/common/templates/lib/service/serviceTypeSpecs/_externalName.tpl deleted file mode 100644 index 730e8ed..0000000 --- a/charts/common/templates/lib/service/serviceTypeSpecs/_externalName.tpl +++ /dev/null @@ -1,26 +0,0 @@ -{{/* Service - ExternalName Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.spec.externalName" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.spec.externalName" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} - - {{- if not $objectData.externalName -}} - {{- fail "Service - Expected non-empty [externalName] on ExternalName service type." -}} - {{- end }} - -type: ExternalName -externalName: {{ tpl $objectData.externalName $rootCtx }} -publishNotReadyAddresses: {{ include "tc.v1.common.lib.service.publishNotReadyAddresses" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim }} - {{- with (include "tc.v1.common.lib.service.externalIPs" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -externalIPs: - {{- . | nindent 2 }} - {{- end }} - {{- include "tc.v1.common.lib.service.sessionAffinity" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.clusterIP" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.externalTrafficPolicy" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} -{{- end -}} diff --git a/charts/common/templates/lib/service/serviceTypeSpecs/_loadBalancer.tpl b/charts/common/templates/lib/service/serviceTypeSpecs/_loadBalancer.tpl deleted file mode 100644 index 780225d..0000000 --- a/charts/common/templates/lib/service/serviceTypeSpecs/_loadBalancer.tpl +++ /dev/null @@ -1,29 +0,0 @@ -{{/* Service - LoadBalancer Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.spec.loadBalancer" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.spec.loadBalancer" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} - -type: LoadBalancer -allocateLoadBalancerNodePorts: {{ $objectData.allocateLoadBalancerNodePorts | default false }} -publishNotReadyAddresses: {{ include "tc.v1.common.lib.service.publishNotReadyAddresses" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim }} - {{- with (include "tc.v1.common.lib.service.externalIPs" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -externalIPs: - {{- . | nindent 2 }} - {{- end -}} - {{- with $objectData.loadBalancerSourceRanges }} -loadBalancerSourceRanges: - {{- range . }} - - {{ tpl . $rootCtx }} - {{- end -}} - {{- end -}} - {{- include "tc.v1.common.lib.service.clusterIP" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.ipFamily" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.externalTrafficPolicy" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.sessionAffinity" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} -{{- end -}} diff --git a/charts/common/templates/lib/service/serviceTypeSpecs/_nodePort.tpl b/charts/common/templates/lib/service/serviceTypeSpecs/_nodePort.tpl deleted file mode 100644 index a6bb34f..0000000 --- a/charts/common/templates/lib/service/serviceTypeSpecs/_nodePort.tpl +++ /dev/null @@ -1,22 +0,0 @@ -{{/* Service - NodePort Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.service.spec.nodePort" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The service object data -*/}} - -{{- define "tc.v1.common.lib.service.spec.nodePort" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} - -type: NodePort -publishNotReadyAddresses: {{ include "tc.v1.common.lib.service.publishNotReadyAddresses" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim }} - {{- with (include "tc.v1.common.lib.service.externalIPs" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -externalIPs: - {{- . | nindent 2 }} - {{- end -}} - {{- include "tc.v1.common.lib.service.sessionAffinity" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.clusterIP" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.ipFamily" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} - {{- include "tc.v1.common.lib.service.externalTrafficPolicy" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 0 }} -{{- end -}} diff --git a/charts/common/templates/lib/serviceAccount/_validation.tpl b/charts/common/templates/lib/serviceAccount/_validation.tpl deleted file mode 100644 index 6c82b2c..0000000 --- a/charts/common/templates/lib/serviceAccount/_validation.tpl +++ /dev/null @@ -1,38 +0,0 @@ -{{/* Service Account Primary Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.serviceAccount.primaryValidation" $ -}} -*/}} - -{{- define "tc.v1.common.lib.serviceAccount.primaryValidation" -}} - - {{/* Initialize values */}} - {{- $hasPrimary := false -}} - {{- $hasEnabled := false -}} - - {{- range $name, $serviceAccount := .Values.serviceAccount -}} - - {{/* If service account is enabled */}} - {{- if $serviceAccount.enabled -}} - {{- $hasEnabled = true -}} - - {{/* And service account is primary */}} - {{- if and (hasKey $serviceAccount "primary") ($serviceAccount.primary) -}} - - {{/* Fail if there is already a primary service account */}} - {{- if $hasPrimary -}} - {{- fail "Service Account - Only one service account can be primary" -}} - {{- end -}} - - {{- $hasPrimary = true -}} - - {{- end -}} - - {{- end -}} - {{- end -}} - - {{/* Require at least one primary service account, if any enabled */}} - {{- if and $hasEnabled (not $hasPrimary) -}} - {{- fail "Service Account - At least one enabled service account must be primary" -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/storage/_accessModes.tpl b/charts/common/templates/lib/storage/_accessModes.tpl deleted file mode 100644 index eb4be8b..0000000 --- a/charts/common/templates/lib/storage/_accessModes.tpl +++ /dev/null @@ -1,32 +0,0 @@ -{{/* PVC - Access Modes */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.pvc.accessModes" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The object data of the pvc -*/}} - -{{- define "tc.v1.common.lib.pvc.accessModes" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $caller := .caller -}} - - {{- $accessModes := $objectData.accessModes -}} - - {{- if kindIs "string" $accessModes -}} - {{- $accessModes = (list $accessModes) -}} - {{- end -}} - - {{- if not $accessModes -}} - {{- $accessModes = $rootCtx.Values.global.fallbackDefaults.accessModes -}} - {{- end -}} - - {{- $validAccessModes := (list "ReadWriteOnce" "ReadOnlyMany" "ReadWriteMany" "ReadWriteOncePod") -}} - - {{- range $accessModes -}} - {{- $mode := tpl . $rootCtx -}} - {{- if not (mustHas $mode $validAccessModes) -}} - {{- fail (printf "%s - Expected [accessModes] entry to be one of [%s], but got [%s]" $caller (join ", " $validAccessModes) $mode) -}} - {{- end }} -- {{ $mode }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/storage/_iscsiChap.tpl b/charts/common/templates/lib/storage/_iscsiChap.tpl deleted file mode 100644 index 166bd45..0000000 --- a/charts/common/templates/lib/storage/_iscsiChap.tpl +++ /dev/null @@ -1,43 +0,0 @@ -{{- define "tc.v1.common.lib.storage.iscsi.chap" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $data := dict -}} - - {{- if $objectData.iscsi.authSession -}} - {{- with $objectData.iscsi.authSession.username -}} - {{- $_ := set $data "node.session.auth.username" (tpl . $rootCtx) -}} - {{- end -}} - - {{- with $objectData.iscsi.authSession.password -}} - {{- $_ := set $data "node.session.auth.password" (tpl . $rootCtx) -}} - {{- end -}} - - {{- with $objectData.iscsi.authSession.usernameInitiator -}} - {{- $_ := set $data "node.session.auth.username_in" (tpl . $rootCtx) -}} - {{- end -}} - - {{- with $objectData.iscsi.authSession.passwordInitiator -}} - {{- $_ := set $data "node.session.auth.password_in" (tpl . $rootCtx) -}} - {{- end -}} - {{- end -}} - - {{- if $objectData.iscsi.authDiscovery -}} - {{- with $objectData.iscsi.authDiscovery.username -}} - {{- $_ := set $data "discovery.sendtargets.auth.username" (tpl . $rootCtx) -}} - {{- end -}} - - {{- with $objectData.iscsi.authDiscovery.password -}} - {{- $_ := set $data "discovery.sendtargets.auth.password" (tpl . $rootCtx) -}} - {{- end -}} - - {{- with $objectData.iscsi.authDiscovery.usernameInitiator -}} - {{- $_ := set $data "discovery.sendtargets.auth.username_in" (tpl . $rootCtx) -}} - {{- end -}} - - {{- with $objectData.iscsi.authDiscovery.passwordInitiator -}} - {{- $_ := set $data "discovery.sendtargets.auth.password_in" (tpl . $rootCtx) -}} - {{- end -}} - {{- end -}} - - {{- $data | toJson -}} -{{- end -}} diff --git a/charts/common/templates/lib/storage/_nfsCSI.tpl b/charts/common/templates/lib/storage/_nfsCSI.tpl deleted file mode 100644 index f3f9c01..0000000 --- a/charts/common/templates/lib/storage/_nfsCSI.tpl +++ /dev/null @@ -1,21 +0,0 @@ -{{/* NFS CSI */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.storage.nfsCSI" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - driver: The name of the driver. - server: The server address. - share: The share to the NFS share. -*/}} -{{- define "tc.v1.common.lib.storage.nfsCSI" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} -csi: - driver: {{ $objectData.static.driver }} - {{- /* Create a unique handle, server/share#release-app-volumeName */}} - volumeHandle: {{ printf "%s%s#%s" $objectData.static.server $objectData.static.share $objectData.name }} - volumeAttributes: - server: {{ tpl $objectData.static.server $rootCtx }} - share: {{ tpl $objectData.static.share $rootCtx }} -{{- end -}} diff --git a/charts/common/templates/lib/storage/_smbCSI.tpl b/charts/common/templates/lib/storage/_smbCSI.tpl deleted file mode 100644 index 522ead3..0000000 --- a/charts/common/templates/lib/storage/_smbCSI.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{/* SMB CSI */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.storage.smbCSI" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - driver: The name of the driver. - server: The server address. - share: The share to the SMB share. -*/}} -{{- define "tc.v1.common.lib.storage.smbCSI" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} -csi: - driver: {{ $objectData.static.driver }} - {{- /* Create a unique handle, server/share#release-app-volumeName */}} - volumeHandle: {{ printf "%s/%s#%s" $objectData.static.server $objectData.static.share $objectData.name }} - volumeAttributes: - source: {{ printf "//%v/%v" (tpl $objectData.static.server $rootCtx) (tpl $objectData.static.share $rootCtx) }} - nodeStageSecretRef: - name: {{ $objectData.name }} - namespace: {{ $rootCtx.Release.Namespace }} -{{- end -}} diff --git a/charts/common/templates/lib/storage/_storageClassName.tpl b/charts/common/templates/lib/storage/_storageClassName.tpl deleted file mode 100644 index 237b909..0000000 --- a/charts/common/templates/lib/storage/_storageClassName.tpl +++ /dev/null @@ -1,39 +0,0 @@ -{{/* PVC - Storage Class Name */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.storage.storageClassName" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: The object data of the pvc -*/}} -{{- define "tc.v1.common.lib.storage.storageClassName" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $caller := .caller -}} - - {{/* - If storageClass is defined on the objectData: - * "-" returns "", which means requesting a PV without class - * Else return the original defined storageClass - - Else if there is a storageClass defined in Values.global.fallbackDefaults.storageClass, return this - - In any other case, return nothing - */}} - - {{- $className := "" -}} - {{- if $objectData.storageClass -}} - {{- $storageClass := (tpl $objectData.storageClass $rootCtx) -}} - - {{- if eq "-" $storageClass -}} - {{- $className = "\"\"" -}} - {{- else -}} - {{- $className = tpl $storageClass $rootCtx -}} - {{- end -}} - - {{- else if $rootCtx.Values.global.fallbackDefaults.storageClass -}} - - {{- $className = tpl $rootCtx.Values.global.fallbackDefaults.storageClass $rootCtx -}} - - {{- end -}} - - {{- $className -}} -{{- end -}} diff --git a/charts/common/templates/lib/storage/_storageClassValidation.tpl b/charts/common/templates/lib/storage/_storageClassValidation.tpl deleted file mode 100644 index 5ddfc2c..0000000 --- a/charts/common/templates/lib/storage/_storageClassValidation.tpl +++ /dev/null @@ -1,28 +0,0 @@ -{{- define "tc.v1.common.lib.storageclass.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.provisioner -}} - {{- fail "Storage Class - Expected non-empty [provisioner]" -}} - {{- end -}} - - {{- if (hasKey $objectData "isDefault") -}} - {{- if not (kindIs "bool" $objectData.isDefault) -}} - {{- fail (printf "Storage Class - Expected [isDefault] to be [boolean], but got [%s]" (kindOf $objectData.isDefault)) -}} - {{- end -}} - {{- end -}} - - {{- $validPolicies := (list "Retain" "Delete") -}} - {{- if $objectData.reclaimPolicy -}} - {{- if not (mustHas $objectData.reclaimPolicy $validPolicies) -}} - {{- fail (printf "Storage Class - Expected [reclaimPolicy] to be one of [%s], but got [%s]" (join ", " $validPolicies) $objectData.reclaimPolicy) -}} - {{- end -}} - {{- end -}} - - {{- $validBindModes := (list "WaitForFirstConsumer" "Immediate") -}} - {{- if $objectData.volumeBindingMode -}} - {{- if not (mustHas $objectData.volumeBindingMode $validBindModes) -}} - {{- fail (printf "Storage Class - Expected [volumeBindingMode] to be one of [%s], but got [%s]" (join ", " $validBindModes) $objectData.volumeBindingMode) -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/storage/_validation.tpl b/charts/common/templates/lib/storage/_validation.tpl deleted file mode 100644 index 8c8276a..0000000 --- a/charts/common/templates/lib/storage/_validation.tpl +++ /dev/null @@ -1,44 +0,0 @@ -{{/* Persistence Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.persistence.validation" (dict "objectData" $objectData) -}} -objectData: - rootCtx: The root context of the chart. - objectData: The persistence object. -*/}} - -{{- define "tc.v1.common.lib.persistence.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $types := (list "pvc" "vct" "emptyDir" "nfs" "iscsi" "hostPath" "secret" "configmap" "device" "projected") -}} - {{- if not (mustHas $objectData.type $types) -}} - {{- fail (printf "Persistence - Expected [type] to be one of [%s], but got [%s]" (join ", " $types) $objectData.type) -}} - {{- end -}} - - {{- if and $objectData.static $objectData.static.mode -}} - {{- $validModes := (list "disabled" "smb" "nfs" "custom") -}} - {{- if not (mustHas $objectData.static.mode $validModes) -}} - {{- fail (printf "Persistence - Expected [static.mode] to be one of [%s], but got [%s]" (join ", " $validModes) $objectData.static.mode) -}} - {{- end -}} - {{- end -}} - - {{- if $objectData.dataSource -}} - {{- if not $objectData.dataSource.name -}} - {{- fail "Persistence - Expected [dataSource.name] to be non-empty" -}} - {{- end -}} - - {{- if not $objectData.dataSource.kind -}} - {{- fail "Persistence - Expected [dataSource.kind] to be non-empty" -}} - {{- end -}} - - {{- $validKinds := (list "VolumeSnapshot" "PersistentVolumeClaim") -}} - {{- if not (mustHas $objectData.dataSource.kind $validKinds) -}} - {{- fail (printf "Persistence - Expected [dataSource.kind] to be one of [%s], but got [%s]" (join ", " $validKinds) $objectData.dataSource.kind) -}} - {{- end -}} - {{- end -}} - - {{- if and $objectData.targetSelector (not (kindIs "map" $objectData.targetSelector)) -}} - {{- fail (printf "Persistence - Expected [targetSelector] to be [dict], but got [%s]" (kindOf $objectData.targetSelector)) -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/storage/_validationCsiNFS.tpl b/charts/common/templates/lib/storage/_validationCsiNFS.tpl deleted file mode 100644 index 46f9e1e..0000000 --- a/charts/common/templates/lib/storage/_validationCsiNFS.tpl +++ /dev/null @@ -1,44 +0,0 @@ -{{/* Validate NFS CSI */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.storage.nfsCSI.validation" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - driver: The name of the driver. - mountOptions: The mount options. - server: The server address. - share: The share to the NFS share. -*/}} -{{- define "tc.v1.common.lib.storage.nfsCSI.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $required := (list "server" "share") -}} - {{- range $item := $required -}} - {{- if not (get $objectData.static $item) -}} - {{- fail (printf "NFS CSI - Expected [%v] to be non-empty" $item) -}} - {{- end -}} - {{- end -}} - - {{- if not (hasPrefix "/" $objectData.static.share) -}} - {{- fail "NFS CSI - Expected [share] to start with [/]" -}} - {{- end -}} - - {{/* TODO: Allow only specific opts / set specific opts by default? - {{- $validOpts := list -}} */}} - {{- range $opt := $objectData.mountOptions -}} - {{- if not (kindIs "map" $opt) -}} - {{- fail (printf "NFS CSI - Expected [mountOption] item to be a dict, but got [%s]" (kindOf $opt)) -}} - {{- end -}} - {{- if not $opt.key -}} - {{- fail "NFS CSI - Expected key in [mountOptions] to be non-empty" -}} - {{- end -}} - - {{/* - {{- $key := tpl $opt.key $rootCtx -}} - {{- if not (mustHas $key $validOpts) -}} - {{- fail (printf "NFS CSI - Expected [mountOptions] to be one of [%v], but got [%v]" (join ", " $validOpts) $opt) -}} - {{- end -}} - */}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/storage/_validationCsiSMB.tpl b/charts/common/templates/lib/storage/_validationCsiSMB.tpl deleted file mode 100644 index 48298fd..0000000 --- a/charts/common/templates/lib/storage/_validationCsiSMB.tpl +++ /dev/null @@ -1,48 +0,0 @@ -{{/* Validate SMB CSI */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.storage.smbCSI.validation" (dict "rootCtx" $ "objectData" $objectData) }} - -rootCtx: The root context of the chart. -objectData: - driver: The name of the driver. - mountOptions: The mount options. - server: The server address. - share: The share to the SMB share. -*/}} -{{- define "tc.v1.common.lib.storage.smbCSI.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $required := (list "server" "share" "username" "password") -}} - {{- range $item := $required -}} - {{- if not (get $objectData.static $item) -}} - {{- fail (printf "SMB CSI - Expected [%v] to be non-empty" $item) -}} - {{- end -}} - {{- end -}} - - {{- if hasPrefix "//" $objectData.static.server -}} - {{- fail "SMB CSI - Did not expect [server] to start with [//]" -}} - {{- end -}} - - {{- if hasPrefix "/" $objectData.static.share -}} - {{- fail "SMB CSI - Did not expect [share] to start with [/]" -}} - {{- end -}} - - {{/* TODO: Allow only specific opts? / set specific opts by default? - {{- $validOpts := list -}} */}} - {{- range $opt := $objectData.mountOptions -}} - {{- if not (kindIs "map" $opt) -}} - {{- fail (printf "SMB CSI - Expected [mountOption] item to be a dict, but got [%s]" (kindOf $opt)) -}} - {{- end -}} - {{- if not $opt.key -}} - {{- fail "SMB CSI - Expected key in [mountOptions] to be non-empty" -}} - {{- end -}} - - {{/* - {{- $key := tpl $opt.key $rootCtx -}} - {{- if not (mustHas $key $validOpts) -}} - {{- fail (printf "SMB CSI - Expected [mountOptions] to be one of [%v], but got [%v]" (join ", " $validOpts) $opt) -}} - {{- end -}} - */}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/storage/_validationVolumeSnapshot.tpl b/charts/common/templates/lib/storage/_validationVolumeSnapshot.tpl deleted file mode 100644 index dc6e3fd..0000000 --- a/charts/common/templates/lib/storage/_validationVolumeSnapshot.tpl +++ /dev/null @@ -1,29 +0,0 @@ -{{/* volumeSnapshot Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.volumesnapshot.validation" (dict "objectData" $objectData) -}} -objectData: - rootCtx: The root context of the chart. - objectData: The volumesnapshot object. -*/}} - -{{- define "tc.v1.common.lib.volumesnapshot.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.source -}} - {{- fail "Volume Snapshot - Expected non empty [source]" -}} - {{- end -}} - - {{- $sourceTypes := (list "volumeSnapshotContentName" "persistentVolumeClaimName") -}} - {{- $sourceCount := 0 -}} - {{- range $t := $sourceTypes -}} - {{- if (get $objectData.source $t) -}} - {{- $sourceCount = add1 $sourceCount -}} - {{- end -}} - {{- end -}} - - {{- if ne $sourceCount 1 -}} - {{- fail (printf "Volume Snapshot - Expected exactly one of the valid source types [%s]. Found [%d]" (join ", " $sourceTypes) $sourceCount) -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/storage/_validationVolumeSnapshotClass.tpl b/charts/common/templates/lib/storage/_validationVolumeSnapshotClass.tpl deleted file mode 100644 index ea804b0..0000000 --- a/charts/common/templates/lib/storage/_validationVolumeSnapshotClass.tpl +++ /dev/null @@ -1,15 +0,0 @@ -{{- define "tc.v1.common.lib.volumesnapshotclass.validation" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- $validPolicies := (list "Retain" "Delete") -}} - {{- if $objectData.deletionPolicy -}} - {{- if not (mustHas $objectData.deletionPolicy $validPolicies) -}} - {{- fail (printf "Volume Snapshot Class - Expected [deletionPolicy] to be one of [%s], but got [%s]" (join ", " $validPolicies) $objectData.deletionPolicy) -}} - {{- end -}} - {{- end -}} - - {{- if not $objectData.driver -}} - {{- fail "Volume Snapshot Class - Expected non empty [driver]" -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/storage/_volumeClaimTemplates.tpl b/charts/common/templates/lib/storage/_volumeClaimTemplates.tpl deleted file mode 100644 index 52fe6e4..0000000 --- a/charts/common/templates/lib/storage/_volumeClaimTemplates.tpl +++ /dev/null @@ -1,70 +0,0 @@ -{{/* Returns Volume Claim Templates */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.storage.volumeClaimTemplates" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.storage.volumeClaimTemplates" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{- range $name, $vctValues := $rootCtx.Values.persistence -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $vctValues - "name" $name "caller" "Volume Claim Templates" - "key" "persistence")) -}} - - {{- if and (eq $enabled "true") (eq $vctValues.type "vct") -}} - {{- $vct := (mustDeepCopy $vctValues) -}} - - {{- $selected := false -}} - {{- $_ := set $vct "shortName" $name -}} - - {{- include "tc.v1.common.lib.persistence.validation" (dict "objectData" $vct) -}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $vct.shortName) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $vct "caller" "Volume Claim Templates") -}} - - {{/* If targetSelector is set, check if pod is selected */}} - {{- if $vct.targetSelector -}} - {{- if (mustHas $objectData.shortName (keys $vct.targetSelector)) -}} - {{- $selected = true -}} - {{- end -}} - - {{/* If no targetSelector is set or targetSelectAll, check if pod is primary */}} - {{- else -}} - {{- if $objectData.primary -}} - {{- $selected = true -}} - {{- end -}} - {{- end -}} - - {{/* If pod selected */}} - {{- if $selected -}} - {{- $vctSize := $rootCtx.Values.global.fallbackDefaults.vctSize -}} - {{- with $vct.size -}} - {{- $vctSize = tpl . $rootCtx -}} - {{- end -}} - {{- $_ := set $vct "size" $vctSize -}} - - {{- $vctAccessModes := $rootCtx.Values.global.fallbackDefaults.vctAccessModes -}} - {{- with $vct.accessModes -}} - {{- $vctAccessModes = . -}} - {{- end -}} - {{- $_ := set $vct "accessModes" $vctAccessModes }} -- metadata: - name: {{ include "tc.v1.common.lib.storage.pvc.name" (dict "rootCtx" $rootCtx "objectName" $vct.shortName "objectData" $vct) }} - {{- $labels := $vct.labels | default dict -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }} - labels: - {{- . | nindent 6 }} - {{- end -}} - {{- $annotations := $vct.annotations | default dict -}} - {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }} - annotations: - {{- . | nindent 6 }} - {{- end }} - spec: - {{- include "tc.v1.common.lib.storage.pvc.spec" (dict "rootCtx" $rootCtx "objectData" $vct) | trim | nindent 4 }} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/storage/pvc/_name.tpl b/charts/common/templates/lib/storage/pvc/_name.tpl deleted file mode 100644 index 97f3d74..0000000 --- a/charts/common/templates/lib/storage/pvc/_name.tpl +++ /dev/null @@ -1,51 +0,0 @@ -{{/* Returns Persitent Volume Claim name*/}} -{{/* Call this template: -{{ include "tc.v1.common.lib.storage.pvc.name" (dict "rootCtx" $ "objectName" $objectName "objectData" $objectData) }} -objectName: the base name of the object without any alteration or sanitation -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.storage.pvc.name" -}} -{{- $rootCtx := .rootCtx -}} -{{- $objectName := .objectName -}} -{{- $objectData := .objectData -}} -{{- $hashValues := "" -}} - - {{- $renderedName := (printf "%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $objectName) -}} - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $renderedName) -}} - - {{- $modes := (list "smb" "nfs") -}} - {{- if $objectData.static -}} - {{- if and $objectData.static.mode (mustHas $objectData.static.mode $modes) -}} - - {{- $size := $objectData.size | default $rootCtx.Values.global.fallbackDefaults.pvcSize -}} - - {{/* Create a unique name taking into account server and share, - without this, changing one of those values is not possible */}} - - {{- $hashValues = (printf "%s-%s-%s" $size $objectData.static.server $objectData.static.share) -}} - {{- if $objectData.domain -}} - {{- $hashValues = (printf "%s-%s" $hashValues $objectData.domain) -}} - {{- end -}} - - {{- else if eq $objectData.static.mode "custom" -}} - {{- $hashValues = (printf "%s-%v" $size $objectData.csi) -}} - {{- end -}} - {{- end -}} - - {{/* Create a hash from the dataSource settings to ensure a new PVC is created when a dataSource is set*/}} - {{- if $objectData.dataSource -}} - {{- $hashValues = (printf "%s-%s-%s" $hashValues $objectData.dataSource.kind $objectData.dataSource.name) -}} - {{- end -}} - - {{- $objectName = $renderedName -}} - {{- if $hashValues -}} - {{- $hash := adler32sum $hashValues -}} - {{- $objectName = (printf "%s-%v" $renderedName $hash) -}} - {{- end -}} - - {{/* Return the new objectName */}} - {{- $objectName -}} - -{{- end -}} diff --git a/charts/common/templates/lib/storage/pvc/_spec.tpl b/charts/common/templates/lib/storage/pvc/_spec.tpl deleted file mode 100644 index e60efcf..0000000 --- a/charts/common/templates/lib/storage/pvc/_spec.tpl +++ /dev/null @@ -1,45 +0,0 @@ -{{/* Returns Persitant Volume Claim Spec*/}} -{{/* Call this template: -{{ include "tc.v1.common.lib.storage.pvc.spec" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.storage.pvc.spec" -}} -{{- $rootCtx := .rootCtx -}} -{{- $objectData := .objectData -}} - -{{- $size := $rootCtx.Values.global.fallbackDefaults.pvcSize -}} -{{- with $objectData.size -}} - {{- $size = tpl . $rootCtx -}} -{{- end }} - -accessModes: - {{- include "tc.v1.common.lib.pvc.accessModes" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "PVC") | trim | nindent 2 }} -resources: - requests: - storage: {{ $size }} - {{- with $objectData.volumeName }} -volumeName: {{ tpl . $rootCtx }} - {{- end -}} - {{- with (include "tc.v1.common.lib.storage.storageClassName" (dict "rootCtx" $rootCtx "objectData" $objectData "caller" "PVC") | trim) }} -storageClassName: {{ . }} - {{- end -}} - {{- with $objectData.dataSource -}} - {{- $sourceName := .name -}} - {{- if eq .kind "PersistentVolumeClaim" -}} - {{- with get $rootCtx.persistence $sourceName -}} - {{- $sourceName := (include "tc.v1.common.lib.storage.pvc.name" (dict "rootCtx" $rootCtx "objectName" $sourceName "objectData" .)) -}} - {{- end -}} - {{- end }} -dataSource: - kind: {{ .kind }} - name: {{ $sourceName }} - {{- end -}} - -{{- with $objectData.dataSourceRef }} -dataSourceRef: - kind: {{ .kind }} - name: {{ .name }} - apiGroup: {{ .apiGroup }} -{{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/_middlewares.tpl b/charts/common/templates/lib/traefik/_middlewares.tpl deleted file mode 100644 index d9479d4..0000000 --- a/charts/common/templates/lib/traefik/_middlewares.tpl +++ /dev/null @@ -1,58 +0,0 @@ -{{- define "tc.v1.common.lib.traefik.middlewares.map" -}} - {{- $typeClassMap := dict - "add-prefix" "tc.v1.common.class.traefik.middleware.addPrefix" - "basic-auth" "tc.v1.common.class.traefik.middleware.basicAuth" - "buffering" "tc.v1.common.class.traefik.middleware.buffering" - "chain" "tc.v1.common.class.traefik.middleware.chain" - "compress" "tc.v1.common.class.traefik.middleware.compress" - "content-type" "tc.v1.common.class.traefik.middleware.contentType" - "forward-auth" "tc.v1.common.class.traefik.middleware.forwardAuth" - "headers" "tc.v1.common.class.traefik.middleware.headers" - "ip-allow-list" "tc.v1.common.class.traefik.middleware.ipAllowList" - "rate-limit" "tc.v1.common.class.traefik.middleware.rateLimit" - "redirect-regex" "tc.v1.common.class.traefik.middleware.redirectRegex" - "redirect-scheme" "tc.v1.common.class.traefik.middleware.redirectScheme" - "replace-path" "tc.v1.common.class.traefik.middleware.replacePath" - "replace-path-regex" "tc.v1.common.class.traefik.middleware.replacePathRegex" - "retry" "tc.v1.common.class.traefik.middleware.retry" - "strip-prefix" "tc.v1.common.class.traefik.middleware.stripPrefix" - "strip-prefix-regex" "tc.v1.common.class.traefik.middleware.stripPrefixRegex" - - "plugin-bouncer" "tc.v1.common.class.traefik.middleware.pluginBouncer" - "plugin-geoblock" "tc.v1.common.class.traefik.middleware.pluginGeoblock" - "plugin-mod-security" "tc.v1.common.class.traefik.middleware.pluginModSecurity" - "plugin-real-ip" "tc.v1.common.class.traefik.middleware.pluginRealIP" - "plugin-rewrite-response-headers" "tc.v1.common.class.traefik.middleware.pluginRewriteResponseHeaders" - "plugin-theme-park" "tc.v1.common.class.traefik.middleware.pluginThemePark" - -}} - - {{- $typeClassMap | toJson -}} -{{- end -}} - -{{/* Only render if its not and has a value of 0 or greater */}} -{{- define "tc.v1.common.class.traefik.middleware.helper.int" -}} - {{- $key := .key -}} - {{- $value := .value -}} - - {{- if and (not (kindIs "invalid" $value)) (ge ($value | int) 0) -}} - {{- $key }}: {{ $value }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.class.traefik.middleware.helper.bool" -}} - {{- $key := .key -}} - {{- $value := .value | toString -}} - - {{- if or (eq $value "true") (eq $value "false") -}} - {{- $key }}: {{ $value }} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.class.traefik.middleware.helper.string" -}} - {{- $key := .key -}} - {{- $value := .value | toString -}} - - {{- if and $value (ne $value "") -}} - {{- $key }}: {{ $value | quote }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/_validation.tpl b/charts/common/templates/lib/traefik/_validation.tpl deleted file mode 100644 index 0442663..0000000 --- a/charts/common/templates/lib/traefik/_validation.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{/* Middleware Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.traefik.middleware.validation" (dict "objectData" $objectData) -}} -objectData: - labels: The labels of the middleware. - annotations: The annotations of the middleware. - data: The data of the middleware. -*/}} - -{{- define "tc.v1.common.lib.traefik.middleware.validation" -}} - {{- $objectData := .objectData -}} - - {{- if not $objectData.type -}} - {{- fail "Middleware - Expected [type] to be set" -}} - {{- end -}} - - {{- if $objectData.data -}} - {{- if not (kindIs "map" $objectData.data) -}} - {{- fail (printf "Middleware - Expected [data] to be a dictionary, but got [%v]" (kindOf $objectData.data)) -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_addPrefix.tpl b/charts/common/templates/lib/traefik/middlewares/_addPrefix.tpl deleted file mode 100644 index 61e8480..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_addPrefix.tpl +++ /dev/null @@ -1,12 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.addPrefix" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - - {{- if not $mw.prefix -}} - {{- fail "Middleware (add-prefix) - Expected [prefix] to be set" -}} - {{- end }} - addPrefix: - prefix: {{ $mw.prefix }} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_basicAuth.tpl b/charts/common/templates/lib/traefik/middlewares/_basicAuth.tpl deleted file mode 100644 index a9352df..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_basicAuth.tpl +++ /dev/null @@ -1,35 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.basicAuth" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - {{- $mw := $objectData.data -}} - - {{- $secret := $mw.secret | default "" -}} - {{- $users := list -}} - {{- $secretData := dict -}} - - {{- if and $mw.users $mw.secret -}} - {{- fail "Middleware (basic-auth) - Expected either [users] or [secret] to be set, but not both" -}} - {{- end -}} - {{- if and (not $mw.users) (not $mw.secret) -}} - {{- fail "Middleware (basic-auth) - Expected at least one of [users] or [secret] to be set" -}} - {{- end -}} - - {{- if $mw.users -}} - {{- $secret = $objectData.name -}} - {{- range $userData := $mw.users -}} - {{- $users = append $users (htpasswd $userData.username $userData.password) -}} - {{- end -}} - {{- $secretData = (dict - "name" $objectData.name - "labels" ($objectData.labels | default dict) - "annotations" ($objectData.annotations | default dict) - "data" (dict "users" ($users | join "\n"))) -}} - {{- end }} - basicAuth: - secret: {{ $secret }} -{{- if $secretData -}} - {{- include "tc.v1.common.class.secret" (dict "rootCtx" $rootCtx "objectData" $secretData) -}} -{{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_buffering.tpl b/charts/common/templates/lib/traefik/middlewares/_buffering.tpl deleted file mode 100644 index b56fbf3..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_buffering.tpl +++ /dev/null @@ -1,12 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.buffering" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data }} - buffering: - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "maxRequestBodyBytes" "value" $mw.maxRequestBodyBytes) | nindent 4 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "memRequestBodyBytes" "value" $mw.memRequestBodyBytes) | nindent 4 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "maxResponseBodyBytes" "value" $mw.maxResponseBodyBytes) | nindent 4 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "memResponseBodyBytes" "value" $mw.memResponseBodyBytes) | nindent 4 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "retryExpression" "value" $mw.retryExpression) | nindent 4 }} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_chain.tpl b/charts/common/templates/lib/traefik/middlewares/_chain.tpl deleted file mode 100644 index a916691..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_chain.tpl +++ /dev/null @@ -1,25 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.chain" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}} - - {{- $mw := $objectData.data -}} - {{- if not $mw.middlewares -}} - {{- fail "Middleware (chain) - Expected [middlewares] to be set" -}} - {{- end }} - chain: - middlewares: - {{- range $m := $mw.middlewares -}} - {{- $objectName := $m.name -}} - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $m "key" "middlewares" - "name" $objectName "caller" "Middleware (chain)" - )) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $objectName) -}} - {{- end }} - - name: {{ $objectName }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_compress.tpl b/charts/common/templates/lib/traefik/middlewares/_compress.tpl deleted file mode 100644 index b908b83..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_compress.tpl +++ /dev/null @@ -1,7 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.compress" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data }} - compress: {} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_contentType.tpl b/charts/common/templates/lib/traefik/middlewares/_contentType.tpl deleted file mode 100644 index da994bc..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_contentType.tpl +++ /dev/null @@ -1,7 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.contentType" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data }} - contentType: {} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_forwardAuth.tpl b/charts/common/templates/lib/traefik/middlewares/_forwardAuth.tpl deleted file mode 100644 index 1c79728..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_forwardAuth.tpl +++ /dev/null @@ -1,58 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.forwardAuth" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - - {{- if hasKey $mw "trustForwardHeader" -}} - {{- if not (kindIs "bool" $mw.trustForwardHeader) -}} - {{- fail (printf "Middleware (forward-auth) - Expected [trustForwardHeader] to be a boolean, but got [%s]" (kindOf $mw.trustForwardHeader)) -}} - {{- end -}} - {{- end -}} - - {{- if and $mw.tls (hasKey $mw.tls "insecureSkipVerify") -}} - {{- if not (kindIs "bool" $mw.tls.insecureSkipVerify) -}} - {{- fail (printf "Middleware (forward-auth) - Expected [tls.insecureSkipVerify] to be a boolean, but got [%s]" (kindOf $mw.tls.insecureSkipVerify)) -}} - {{- end -}} - {{- end -}} - - {{- if $mw.authResponseHeaders -}} - {{- if not (kindIs "slice" $mw.authResponseHeaders) -}} - {{- fail (printf "Middleware (forward-auth) - Expected [authResponseHeaders] to be a list, but got [%s]" (kindOf $mw.authResponseHeaders)) -}} - {{- end -}} - {{- end -}} - - {{- with $mw.authRequestHeaders -}} - {{- if not (kindIs "slice" $mw.authRequestHeaders) -}} - {{- fail (printf "Middleware (forward-auth) - Expected [authRequestHeaders] to be a list, but got [%s]" (kindOf $mw.authRequestHeaders)) -}} - {{- end -}} - {{- end -}} - - {{- if not $mw.address -}} - {{- fail "Middleware (forward-auth) - Expected [address] to be set" -}} - {{- end }} - forwardAuth: - address: {{ $mw.address }} - trustForwardHeader: {{ $mw.trustForwardHeader }} - - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "authResponseHeadersRegex" "value" $mw.authResponseHeadersRegex) | nindent 4 }} - - {{- if $mw.authResponseHeaders }} - authResponseHeaders: - {{- range $mw.authResponseHeaders }} - - {{ . | quote }} - {{- end }} - {{- end -}} - - {{- if $mw.authRequestHeaders }} - authRequestHeaders: - {{- range $mw.authRequestHeaders }} - - {{ . | quote }} - {{- end }} - {{- end -}} - - {{- if $mw.tls }} - tls: - insecureSkipVerify: {{ $mw.tls.insecureSkipVerify }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_headers.tpl b/charts/common/templates/lib/traefik/middlewares/_headers.tpl deleted file mode 100644 index a39b3b7..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_headers.tpl +++ /dev/null @@ -1,128 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.headers" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data }} - headers: - {{- if $mw.customRequestHeaders }} - customRequestHeaders: - {{- range $k, $v := $mw.customRequestHeaders }} - {{ $k }}: {{ $v }} - {{- end }} - {{- end -}} - - {{- if $mw.customResponseHeaders }} - customResponseHeaders: - {{- range $k, $v := $mw.customResponseHeaders }} - {{ $k }}: {{ $v }} - {{- end }} - {{- end -}} - - {{- if hasKey $mw "accessControlAllowCredentials" }} - accessControlAllowCredentials: {{ $mw.accessControlAllowCredentials }} - {{- end -}} - - {{- if $mw.accessControlAllowHeaders }} - accessControlAllowHeaders: - {{- range $mw.accessControlAllowHeaders }} - - {{ . | quote }} - {{- end }} - {{- end -}} - - {{- if $mw.accessControlAllowMethods }} - accessControlAllowMethods: - {{- range $mw.accessControlAllowMethods }} - - {{ . | quote }} - {{- end }} - {{- end -}} - - {{- if $mw.accessControlAllowOriginList }} - accessControlAllowOriginList: - {{- range $mw.accessControlAllowOriginList }} - - {{ . | quote }} - {{- end }} - {{- end -}} - - {{- if $mw.accessControlAllowOriginListRegex }} - accessControlAllowOriginListRegex: - {{- range $mw.accessControlAllowOriginListRegex }} - - {{ . | quote }} - {{- end }} - {{- end -}} - - {{- if $mw.accessControlExposeHeaders }} - accessControlExposeHeaders: - {{- range $mw.accessControlExposeHeaders }} - - {{ . | quote }} - {{- end }} - {{- end -}} - - {{- if $mw.accessControlMaxAge }} - accessControlMaxAge: {{ $mw.accessControlMaxAge }} - {{- end -}} - - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "addVaryHeader" "value" $mw.addVaryHeader) | nindent 4 }} - - {{- if $mw.allowedHosts }} - allowedHosts: - {{- range $mw.allowedHosts }} - - {{ . | quote }} - {{- end }} - {{- end -}} - - {{- if $mw.hostsProxyHeaders }} - hostsProxyHeaders: - {{- range $mw.hostsProxyHeaders }} - - {{ . | quote }} - {{- end }} - {{- end -}} - - {{- if $mw.sslProxyHeaders }} - sslProxyHeaders: - {{- range $k, $v := $mw.sslProxyHeaders }} - {{ $k }}: {{ $v }} - {{- end }} - {{- end -}} - - {{- if $mw.stsSeconds }} - stsSeconds: {{ $mw.stsSeconds }} - {{- end -}} - - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "stsIncludeSubdomains" "value" $mw.stsIncludeSubdomains) | nindent 4 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "stsPreload" "value" $mw.stsPreload) | nindent 4 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "forceSTSHeader" "value" $mw.forceSTSHeader) | nindent 4 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "frameDeny" "value" $mw.frameDeny) | nindent 4 }} - - {{- if $mw.customFrameOptionsValue }} - customFrameOptionsValue: {{ $mw.customFrameOptionsValue }} - {{- end -}} - - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "contentTypeNosniff" "value" $mw.contentTypeNosniff) | nindent 4 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "browserXssFilter" "value" $mw.browserXssFilter) | nindent 4 }} - - {{- if $mw.customBrowserXSSValue }} - customBrowserXSSValue: {{ $mw.customBrowserXSSValue }} - {{- end -}} - - {{- if $mw.contentSecurityPolicy }} - contentSecurityPolicy: {{ $mw.contentSecurityPolicy }} - {{- end -}} - - {{- if $mw.contentSecurityPolicyReportOnly }} - contentSecurityPolicyReportOnly: {{ $mw.contentSecurityPolicyReportOnly }} - {{- end -}} - - {{- if $mw.publicKey }} - publicKey: {{ $mw.publicKey }} - {{- end -}} - - {{- if $mw.referrerPolicy }} - referrerPolicy: {{ $mw.referrerPolicy }} - {{- end -}} - - {{- if $mw.permissionsPolicy }} - permissionsPolicy: {{ $mw.permissionsPolicy }} - {{- end -}} - - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "isDevelopment" "value" $mw.isDevelopment) | nindent 4 }} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_ipAllowList.tpl b/charts/common/templates/lib/traefik/middlewares/_ipAllowList.tpl deleted file mode 100644 index ff7fba7..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_ipAllowList.tpl +++ /dev/null @@ -1,38 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.ipAllowList" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - - {{- if $mw.sourceRange -}} - {{- if not (kindIs "slice" $mw.sourceRange) -}} - {{- fail (printf "Middleware (ip-allow-list) - Expected [sourceRange] to be a list, but got [%s]" (kindOf $mw.sourceRange)) -}} - {{- end -}} - {{- end -}} - - {{- if $mw.ipStrategy -}} - {{- if $mw.ipStrategy.excludedIPs -}} - {{- if not (kindIs "slice" $mw.ipStrategy.excludedIPs) -}} - {{- fail (printf "Middleware (ip-allow-list) - Expected [ipStrategy.excludedIPs] to be a list, but got [%s]" (kindOf $mw.ipStrategy.excludedIPs)) -}} - {{- end -}} - {{- end -}} - {{- end }} - ipAllowList: - {{- if $mw.sourceRange }} - sourceRange: - {{- range $mw.sourceRange }} - - {{ . | quote }} - {{- end }} - {{- end -}} - - {{- if $mw.ipStrategy }} - ipStrategy: - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "depth" "value" $mw.ipStrategy.depth) | nindent 6 }} - {{- if $mw.ipStrategy.excludedIPs }} - excludedIPs: - {{- range $mw.ipStrategy.excludedIPs }} - - {{ . | quote }} - {{- end }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_pluginBouncer.tpl b/charts/common/templates/lib/traefik/middlewares/_pluginBouncer.tpl deleted file mode 100644 index bcffed4..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_pluginBouncer.tpl +++ /dev/null @@ -1,70 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.pluginBouncer" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - - {{/* This has to match with the name of the plugin given on the traefik CLI */}} - {{- $mwName := "bouncer" -}} - {{- if $mw.pluginName -}} - {{- $mwName = $mw.pluginName -}} - {{- end -}} - {{- if not (hasKey $mw "enabled") -}} - {{- fail "Middleware (plugin-bouncer) - Expected [enabled] to be set" -}} - {{- end -}} - {{- if not (kindIs "bool" $mw.enabled) -}} - {{- fail (printf "Middleware (plugin-bouncer) - Expected [enabled] to be a boolean, but got [%s]" (kindOf $mw.enabled)) -}} - {{- end }} - plugin: - {{ $mwName }}: - enabled: {{ $mw.enabled }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "logLevel" "value" $mw.logLevel) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "updateIntervalSeconds" "value" $mw.updateIntervalSeconds) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "updateMaxFailure" "value" $mw.updateMaxFailure) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "defaultDecisionSeconds" "value" $mw.defaultDecisionSeconds) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "httpTimeoutSeconds" "value" $mw.httpTimeoutSeconds) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "crowdsecMode" "value" $mw.crowdsecMode) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "crowdsecAppsecEnabled" "value" $mw.crowdsecAppsecEnabled) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "crowdsecAppsecHost" "value" $mw.crowdsecAppsecHost) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "crowdsecAppsecFailureBlock" "value" $mw.crowdsecAppsecFailureBlock) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "crowdsecAppsecUnreachableBlock" "value" $mw.crowdsecAppsecUnreachableBlock) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "crowdsecLapiKey" "value" $mw.crowdsecLapiKey) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "crowdsecLapiHost" "value" $mw.crowdsecLapiHost) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "crowdsecLapiScheme" "value" $mw.crowdsecLapiScheme) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "crowdsecLapiTLSInsecureVerify" "value" $mw.crowdsecLapiTLSInsecureVerify) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "crowdsecCapiMachineId" "value" $mw.crowdsecCapiMachineId) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "crowdsecCapiPassword" "value" $mw.crowdsecCapiPassword) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "forwardedHeadersCustomName" "value" $mw.forwardedHeadersCustomName) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "remediationHeadersCustomName" "value" $mw.remediationHeadersCustomName) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "redisCacheEnabled" "value" $mw.redisCacheEnabled) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "redisCacheHost" "value" $mw.redisCacheHost) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "redisCachePassword" "value" $mw.redisCachePassword) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "redisCacheDatabase" "value" $mw.redisCacheDatabase) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "crowdsecLapiTLSCertificateAuthority" "value" $mw.crowdsecLapiTLSCertificateAuthority) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "crowdsecLapiTLSCertificateBouncer" "value" $mw.crowdsecLapiTLSCertificateBouncer) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "crowdsecLapiTLSCertificateBouncerKey" "value" $mw.crowdsecLapiTLSCertificateBouncerKey) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "captchaProvider" "value" $mw.captchaProvider) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "captchaSiteKey" "value" $mw.captchaSiteKey) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "captchaSecretKey" "value" $mw.captchaSecretKey) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "captchaGracePeriodSeconds" "value" $mw.captchaGracePeriodSeconds) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "captchaHTMLFilePath" "value" $mw.captchaHTMLFilePath) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "banHTMLFilePath" "value" $mw.banHTMLFilePath) | nindent 6 }} - {{- if $mw.crowdsecCapiScenarios }} - crowdsecCapiScenarios: - {{- range $mw.crowdsecCapiScenarios }} - - {{ . | quote }} - {{- end }} - {{- end -}} - {{- if $mw.forwardedHeadersTrustedIPs }} - forwardedHeadersTrustedIPs: - {{- range $mw.forwardedHeadersTrustedIPs }} - - {{ . | quote }} - {{- end }} - {{- end -}} - {{- if $mw.clientTrustedIPs }} - clientTrustedIPs: - {{- range $mw.clientTrustedIPs }} - - {{ . | quote }} - {{- end }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_pluginGeoblock.tpl b/charts/common/templates/lib/traefik/middlewares/_pluginGeoblock.tpl deleted file mode 100644 index 50cdbb6..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_pluginGeoblock.tpl +++ /dev/null @@ -1,37 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.pluginGeoblock" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - - {{/* This has to match with the name of the plugin given on the traefik CLI */}} - {{- $mwName := "GeoBlock" -}} - {{- if $mw.pluginName -}} - {{- $mwName = $mw.pluginName -}} - {{- end -}} - {{- if not $mw.api -}} - {{- fail "Middleware (plugin-geoblock) - Expected [api] to be set" -}} - {{- end -}} - {{- if not $mw.countries -}} - {{- fail "Middleware (plugin-geoblock) - Expected [countries] to be set" -}} - {{- end }} - plugin: - {{ $mwName }}: - api: {{ $mw.api }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "allowLocalRequests" "value" $mw.allowLocalRequests) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "logLocalRequests" "value" $mw.logLocalRequests) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "logAllowedRequests" "value" $mw.logAllowedRequests) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "logApiRequests" "value" $mw.logApiRequests) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "apiTimeoutMs" "value" $mw.apiTimeoutMs) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "cacheSize" "value" $mw.cacheSize) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "forceMonthlyUpdate" "value" $mw.forceMonthlyUpdate) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "allowUnknownCountries" "value" $mw.allowUnknownCountries) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "unknownCountryApiResponse" "value" $mw.unknownCountryApiResponse) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "blackListMode" "value" $mw.blackListMode) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "silentStartUp" "value" $mw.silentStartUp) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "addCountryHeader" "value" $mw.addCountryHeader) | nindent 6 }} - countries: - {{- range $mw.countries }} - - {{ . | quote }} - {{- end }} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_pluginModSecurity.tpl b/charts/common/templates/lib/traefik/middlewares/_pluginModSecurity.tpl deleted file mode 100644 index 1e4aaa8..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_pluginModSecurity.tpl +++ /dev/null @@ -1,21 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.pluginModSecurity" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - - {{/* This has to match with the name of the plugin given on the traefik CLI */}} - {{- $mwName := "traefik-modsecurity-plugin" -}} - {{- if $mw.pluginName -}} - {{- $mwName = $mw.pluginName -}} - {{- end -}} - - {{- if not $mw.modSecurityUrl -}} - {{- fail "Middleware (modsecurity) - Expected [modSecurityUrl] to be set" -}} - {{- end }} - plugin: - {{ $mwName }}: - modSecurityUrl: {{ $mw.modSecurityUrl }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "timeoutMillis" "value" $mw.timeoutMillis) | nindent 6 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "maxBodySize" "value" $mw.maxBodySize) | nindent 6 }} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_pluginRealIP.tpl b/charts/common/templates/lib/traefik/middlewares/_pluginRealIP.tpl deleted file mode 100644 index 5f7bd7e..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_pluginRealIP.tpl +++ /dev/null @@ -1,22 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.pluginRealIP" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - - {{/* This has to match with the name of the plugin given on the traefik CLI */}} - {{- $mwName := "traefik-real-ip" -}} - {{- if $mw.pluginName -}} - {{- $mwName = $mw.pluginName -}} - {{- end -}} - - {{- if not $mw.excludednets -}} - {{- fail "Middleware (real-ip) - Expected [excludednets] to be set" -}} - {{- end }} - plugin: - {{ $mwName }}: - excludednets: - {{- range $mw.excludednets }} - - {{ . | quote }} - {{- end }} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_pluginRewriteResponseHeaders.tpl b/charts/common/templates/lib/traefik/middlewares/_pluginRewriteResponseHeaders.tpl deleted file mode 100644 index be82a99..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_pluginRewriteResponseHeaders.tpl +++ /dev/null @@ -1,40 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.pluginRewriteResponseHeaders" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - - {{/* This has to match with the name of the plugin given on the traefik CLI */}} - {{- $mwName := "rewriteResponseHeaders" -}} - {{- if $mw.pluginName -}} - {{- $mwName = $mw.pluginName -}} - {{- end -}} - - {{- if not $mw.rewrites -}} - {{- fail "Middleware (rewrite-response-headers) - Expected [rewrites] to be set" -}} - {{- end }} - - {{- if not (kindIs "slice" $mw.rewrites) -}} - {{- fail (printf "Middleware (rewrite-response-headers) - Expected [rewrites] to be a list, but got [%s]" (kindOf $mw.rewrites)) -}} - {{- end }} - - {{- range $index, $config := $mw.rewrites -}} - {{- if not $config.header -}} - {{- fail (printf "Middleware (rewrite-response-headers) - Expected [header] to be set for rewrite [%v]" $index) -}} - {{- end -}} - {{- if not $config.regex -}} - {{- fail (printf "Middleware (rewrite-response-headers) - Expected [regex] to be set for rewrite [%v]" $index) -}} - {{- end -}} - {{- if not $config.replacement -}} - {{- fail (printf "Middleware (rewrite-response-headers) - Expected [replacement] to be set for rewrite [%v]" $index) -}} - {{- end -}} - {{- end }} - plugin: - {{ $mwName }}: - rewrites: - {{- range $index, $rewriteResponseHeader := $mw.rewrites }} - - header: {{ $rewriteResponseHeader.header }} - regex: {{ $rewriteResponseHeader.regex | quote }} - replacement: {{ $rewriteResponseHeader.replacement | quote }} - {{- end }} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_pluginThemePark.tpl b/charts/common/templates/lib/traefik/middlewares/_pluginThemePark.tpl deleted file mode 100644 index da3eee7..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_pluginThemePark.tpl +++ /dev/null @@ -1,30 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.pluginThemePark" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - - {{/* This has to match with the name of the plugin given on the traefik CLI */}} - {{- $mwName := "traefik-themepark" -}} - {{- if $mw.pluginName -}} - {{- $mwName = $mw.pluginName -}} - {{- end -}} - - {{- if not $mw.app -}} - {{- fail "Middleware (themepark) - Expected [app] to be set" -}} - {{- end -}} - {{- if not $mw.theme -}} - {{- fail "Middleware (themepark) - Expected [theme] to be set" -}} - {{- end }} - plugin: - {{ $mwName }}: - app: {{ $mw.app }} - theme: {{ $mw.theme }} - {{- include "tc.v1.common.class.traefik.middleware.helper.string" (dict "key" "baseUrl" "value" $mw.baseUrl) | nindent 6 }} - {{- if $mw.addons }} - addons: - {{- range $mw.addons }} - - {{ . | quote }} - {{- end }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_rateLimit.tpl b/charts/common/templates/lib/traefik/middlewares/_rateLimit.tpl deleted file mode 100644 index 5fad37d..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_rateLimit.tpl +++ /dev/null @@ -1,13 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.rateLimit" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - - {{- if and (not $mw.average) (not $mw.burst) -}} - {{- fail "Middleware (rate-limit) - Expected either [average] or [burst] to be set" -}} - {{- end }} - rateLimit: - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "average" "value" $mw.average) | nindent 4 }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "burst" "value" $mw.burst) | nindent 4 }} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_redirectRegex.tpl b/charts/common/templates/lib/traefik/middlewares/_redirectRegex.tpl deleted file mode 100644 index cde75e7..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_redirectRegex.tpl +++ /dev/null @@ -1,22 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.redirectRegex" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - {{- if not $mw.regex -}} - {{- fail "Middleware (redirect-regex) - Expected [regex] to be set" -}} - {{- end -}} - {{- if not $mw.replacement -}} - {{- fail "Middleware (redirect-regex) - Expected [replacement] to be set" -}} - {{- end -}} - - {{- if hasKey $mw "permanent" -}} - {{- if not (kindIs "bool" $mw.permanent) -}} - {{- fail (printf "Middleware (redirect-regex) - Expected [permanent] to be a boolean, but got [%s]" (kindOf $mw.permanent)) -}} - {{- end -}} - {{- end }} - redirectRegex: - regex: {{ $mw.regex }} - replacement: {{ $mw.replacement }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "permanent" "value" $mw.permanent) | nindent 4 }} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_redirectScheme.tpl b/charts/common/templates/lib/traefik/middlewares/_redirectScheme.tpl deleted file mode 100644 index 8f8a062..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_redirectScheme.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.redirectScheme" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - {{- if not $mw.scheme -}} - {{- fail "Middleware (redirect-scheme) - Expected [scheme] to be set" -}} - {{- end -}} - - {{- if hasKey $mw "permanent" -}} - {{- if not (kindIs "bool" $mw.permanent) -}} - {{- fail (printf "Middleware (redirect-scheme) - Expected [permanent] to be a boolean, but got [%s]" (kindOf $mw.permanent)) -}} - {{- end -}} - {{- end }} - redirectScheme: - scheme: {{ $mw.scheme }} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "permanent" "value" $mw.permanent) | nindent 4 }} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_replacePath.tpl b/charts/common/templates/lib/traefik/middlewares/_replacePath.tpl deleted file mode 100644 index b7db73e..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_replacePath.tpl +++ /dev/null @@ -1,11 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.replacePath" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - {{- if not $mw.path -}} - {{- fail "Middleware (replace-path) - Expected [path] to be set" -}} - {{- end }} - replacePath: - path: {{ $mw.path }} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_replacePathRegex.tpl b/charts/common/templates/lib/traefik/middlewares/_replacePathRegex.tpl deleted file mode 100644 index a2416b9..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_replacePathRegex.tpl +++ /dev/null @@ -1,15 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.replacePathRegex" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - {{- if not $mw.regex -}} - {{- fail "Middleware (replace-path-regex) - Expected [regex] to be set" -}} - {{- end -}} - {{- if not $mw.replacement -}} - {{- fail "Middleware (replace-path-regex) - Expected [replacement] to be set" -}} - {{- end }} - replacePathRegex: - regex: {{ $mw.regex }} - replacement: {{ $mw.replacement }} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_retry.tpl b/charts/common/templates/lib/traefik/middlewares/_retry.tpl deleted file mode 100644 index 76d8b58..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_retry.tpl +++ /dev/null @@ -1,12 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.retry" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - {{- if not $mw.attempts -}} - {{- fail "Middleware (retry) - Expected [attempts] to be set" -}} - {{- end }} - retry: - attempts: {{ $mw.attempts }} - {{- include "tc.v1.common.class.traefik.middleware.helper.int" (dict "key" "initialInterval" "value" $mw.initialInterval) | nindent 4 }} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_stripPrefix.tpl b/charts/common/templates/lib/traefik/middlewares/_stripPrefix.tpl deleted file mode 100644 index 55a733c..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_stripPrefix.tpl +++ /dev/null @@ -1,21 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.stripPrefix" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - {{- if not $mw.prefix -}} - {{- fail "Middleware (strip-prefix) - Expected [prefix] to be set" -}} - {{- end -}} - - {{- if hasKey $mw "forceSlash" -}} - {{- if not (kindIs "bool" $mw.forceSlash) -}} - {{- fail (printf "Middleware (strip-prefix) - Expected [forceSlash] to be a boolean, but got [%s]" (kindOf $mw.forceSlash)) -}} - {{- end -}} - {{- end }} - stripPrefix: - prefix: - {{- range $mw.prefix }} - - {{ . | quote }} - {{- end -}} - {{- include "tc.v1.common.class.traefik.middleware.helper.bool" (dict "key" "forceSlash" "value" $mw.forceSlash) | nindent 4 }} -{{- end -}} diff --git a/charts/common/templates/lib/traefik/middlewares/_stripPrefixRegex.tpl b/charts/common/templates/lib/traefik/middlewares/_stripPrefixRegex.tpl deleted file mode 100644 index 9d49959..0000000 --- a/charts/common/templates/lib/traefik/middlewares/_stripPrefixRegex.tpl +++ /dev/null @@ -1,14 +0,0 @@ -{{- define "tc.v1.common.class.traefik.middleware.stripPrefixRegex" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $mw := $objectData.data -}} - {{- if not $mw.regex -}} - {{- fail "Middleware (strip-prefix-regex) - Expected [regex] to be set" -}} - {{- end }} - stripPrefixRegex: - regex: - {{- range $mw.regex }} - - {{ . | quote }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/util/_autoperms.tpl b/charts/common/templates/lib/util/_autoperms.tpl deleted file mode 100644 index d380120..0000000 --- a/charts/common/templates/lib/util/_autoperms.tpl +++ /dev/null @@ -1,141 +0,0 @@ -{{/* Contains the auto-permissions job */}} -{{- define "tc.v1.common.lib.util.autoperms" -}} - -{{- $permAllowedTypes := (list "hostPath" "emptyDir" "nfs") -}} -{{/* If you change this path, you must change it under _volumeMounts.tpl too*/}} -{{- $basePath := "/mounts" -}} - -{{/* Init an empty dict to hold data */}} -{{- $mounts := dict -}} - -{{/* Go over persistence and gather needed data */}} -{{- range $name, $mount := .Values.persistence -}} - {{- if and $mount.enabled $mount.autoPermissions -}} - {{/* If autoPermissions is enabled...*/}} - {{- if $mount.autoPermissions.enabled -}} - {{- if or $mount.autoPermissions.chown $mount.autoPermissions.chmod -}} - {{- $type := $.Values.global.fallbackDefaults.persistenceType -}} - {{- if $mount.type -}} - {{- $type = $mount.type -}} - {{- end -}} - - {{- if not (mustHas $type $permAllowedTypes) -}} - {{- fail (printf "Auto Permissions - Allowed persistent types for auto permissions are [%v], but got [%v] on [%v]" (join ", " $permAllowedTypes) $type $name) -}} - {{- end -}} - - {{- if $mount.readOnly -}} - {{- fail (printf "Auto Permissions - You cannot change permissions/ownership automatically on [%v] with readOnly enabled" $name) -}} - {{- end -}} - - {{/* Add some data regarding what actions to perform */}} - {{- $_ := set $mounts $name $mount.autoPermissions -}} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} - -{{- if $mounts }} -enabled: true -type: Job -annotations: - "helm.sh/hook": pre-install, pre-upgrade - "helm.sh/hook-weight": "3" - "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation,hook-failed -podSpec: - restartPolicy: Never - containers: - # If you change this name, you must change it under _volumeMounts.tpl - autopermissions: - enabled: true - primary: true - imageSelector: alpineImage - securityContext: - runAsNonRoot: false - runAsUser: 0 - capabilities: - disableS6Caps: true - add: - - CHOWN - - DAC_OVERRIDE - - FOWNER - resources: - excludeExtra: true - limits: - cpu: 2000m - memory: 2Gi - probes: - liveness: - type: exec - command: - - cat - - /tmp/healthy - readiness: - type: exec - command: - - cat - - /tmp/healthy - startup: - type: exec - command: - - cat - - /tmp/healthy - command: - - /bin/sh - - -c - args: - - | - echo "Starting auto permissions job..." - touch /tmp/healthy - - echo "Automatically correcting ownership and permissions..." - - {{- range $name, $vol := $mounts }} - {{- $mountPath := (printf "%v/%v" $basePath $name) -}} - - {{- $user := "" -}} - {{- if $vol.user -}} - {{- $user = $vol.user -}} - {{- end -}} - - {{- $group := $.Values.securityContext.pod.fsGroup -}} - {{- if $vol.group -}} - {{- $group = $vol.group -}} - {{- end -}} - - {{- $r := "" -}} - {{- if $vol.recursive -}} - {{- $r = "-R" -}} - {{- end -}} - - {{/* Permissions */}} - {{- if $vol.chmod }} - echo "Automatically correcting permissions for {{ $mountPath }}..." - before=$(stat -c "%a" {{ $mountPath }}) - chmod {{ $r }} {{ $vol.chmod }} {{ $mountPath }} || echo "Failed setting permissions using chmod..." - echo "Permissions before: [$before]" - echo "Permissions after: [$(stat -c "%a" {{ $mountPath }})]" - echo "" - {{- end -}} - - {{/* Ownership */}} - {{- if $vol.chown }} - echo "Automatically correcting ownership for {{ $mountPath }}..." - before=$(stat -c "%u:%g" {{ $mountPath }}) - chown {{ $r }} -f {{ $user }}:{{ $group }} {{ $mountPath }} || echo "Failed setting ownership using chown..." - - echo "Ownership before: [$before]" - echo "Ownership after: [$(stat -c "%u:%g" {{ $mountPath }})]" - echo "" - {{- end -}} - {{- end }} - echo "Finished auto permissions job..." -{{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.util.autoperms.job" -}} - {{- $job := (include "tc.v1.common.lib.util.autoperms" $) | fromYaml -}} - {{- if $job -}} - # If you change this name, you must change it under _volumes.tpl - {{- $_ := set $.Values.workload "autopermissions" $job -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/util/_chartcontext.tpl b/charts/common/templates/lib/util/_chartcontext.tpl deleted file mode 100644 index 567dd6e..0000000 --- a/charts/common/templates/lib/util/_chartcontext.tpl +++ /dev/null @@ -1,211 +0,0 @@ -{{/* Returns the primary Workload object */}} -{{- define "tc.v1.common.lib.util.chartcontext" -}} - - {{/* Prepare an empty object so it the chartcontext.data util behave properly */}} - {{- $objectData := (dict - "override" dict - "targetSelector" dict - "path" "" - ) -}} - - {{- $context := (include "tc.v1.common.lib.util.chartcontext.data" (dict "rootCtx" $ "objectData" $objectData) | fromYaml) -}} - - {{- $_ := set $.Values "chartContext" $context -}} - - {{/* This flag is only used in CI/Unit Tests so we can confirm that $context is correctly generated */}} - {{- if $.Values.createChartContextConfigmap -}} - {{- $_ := set $.Values.configmap "chart-context" (dict - "enabled" true - "data" $context - ) -}} - {{- end -}} -{{- end -}} - -{{- define "tc.v1.common.lib.util.chartcontext.data" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - - {{/* Create defaults */}} - {{- $protocol := "http" -}} - {{- $host := "127.0.0.1" -}} - {{- $port := "443" -}} - {{- $path := "/" -}} - {{- $podCIDR := "172.16.0.0/16" -}} - {{- $svcCIDR := "172.17.0.0/16" -}} - - {{- if $rootCtx.Values.global.podCIDR -}} - {{- $podCIDR = $rootCtx.Values.global.podCIDR -}} - {{- end -}} - - {{- if $rootCtx.Values.global.svcCIDR -}} - {{- $svcCIDR = $rootCtx.Values.global.svcCIDR -}} - {{- end -}} - - {{/* TODO: Find ways to implement CIDR detection */}} - - {{/* If there is ingress, get data from the primary */}} - {{- $primaryIngressName := include "tc.v1.common.lib.util.ingress.primary" (dict "rootCtx" $rootCtx) -}} - {{- $selectedIngress := (get $rootCtx.Values.ingress $primaryIngressName) -}} - - {{- with $objectData.targetSelector -}} - {{- if .ingress -}} - {{- $ing := (get $rootCtx.Values.ingress .ingress) -}} - {{- if $ing -}} - {{- $selectedIngress = $ing -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- with $selectedIngress -}} - {{- $firstHost := list -}} - {{- if (kindIs "slice" .hosts) -}} - {{- $firstHost = ((.hosts | default list) | mustFirst) -}} - {{- end -}} - {{- if $firstHost -}} - {{- if $firstHost.host -}} - {{- $host = tpl $firstHost.host $rootCtx -}} - {{- end -}} - - {{- $firstPath := list -}} - {{- if (kindIs "slice" $firstHost.paths) -}} - {{- $firstPath = (($firstHost.paths | default list) | mustFirst) -}} - {{- end -}} - {{- if $firstPath -}} - {{- $path = $firstPath.path -}} - {{- end -}} - {{- end -}} - - {{- if and .integrations .integrations.traefik -}} - {{- $enabled := true -}} - {{- if and (hasKey .integrations.traefik "enabled") (kindIs "bool" .integrations.traefik.enabled) -}} - {{- $enabled = .integrations.traefik.enabled -}} - {{- end -}} - - {{- if $enabled -}} - {{- $entrypoints := (.integrations.traefik.entrypoints | default (list "websecure")) -}} - {{- if kindIs "slice" $entrypoints -}} - {{- if mustHas "websecure" $entrypoints -}} - {{- $port = "443" -}} - {{- else if mustHas "web" $entrypoints -}} - {{- $port = "80" -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if and .integrations .integrations.certManager .integrations.certManager.enabled -}} - {{- $protocol = "https" -}} - {{- $port = "443" -}} - {{- end -}} - - {{- $tls := ((.tls | default list) | mustFirst) -}} - {{- if (or $tls.secretName $tls.certificateIssuer $tls.clusterCertificate) -}} - {{- $protocol = "https" -}} - {{- $port = "443" -}} - {{- end -}} - {{- end -}} - - {{/* If there is no ingress, we have to use service */}} - {{- if not $selectedIngress -}} - {{- $primaryServiceName := include "tc.v1.common.lib.util.service.primary" (dict "rootCtx" $rootCtx) -}} - {{- $selectedService := (get $rootCtx.Values.service $primaryServiceName) -}} - - {{- with $objectData.targetSelector -}} - {{- if .service -}} - {{- $svc := (get $rootCtx.Values.service .service) -}} - {{- if $svc -}} - {{- $selectedService = $svc -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $primaryPort := dict -}} - {{- if $selectedService -}} - {{- $primaryPortName := include "tc.v1.common.lib.util.service.ports.primary" (dict "rootCtx" $rootCtx "svcValues" $selectedService) -}} - {{- $selectedPort := dict -}} - {{- if $selectedService.ports -}} {{/* eg, ExternalName does not require ports */}} - {{- $selectedPort = (get $selectedService.ports $primaryPortName) -}} - {{- end -}} - - {{- with $objectData.targetSelector -}} - {{- if .port -}} - {{- $port := (get $selectedService.ports .port) -}} - {{- if $port -}} - {{- $selectedPort = $port -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if not $selectedPort -}} - {{- $portName := ($selectedService.ports | keys | sortAlpha | mustFirst) -}} - {{- if $selectedService.ports -}} {{/* eg, ExternalName does not require ports */}} - {{- $selectedPort = (get $selectedService.ports $portName) -}} - {{- end -}} - {{- end -}} - - {{- $port = tpl ($selectedPort.port | toString) $rootCtx -}} - - {{- if mustHas $selectedPort.protocol (list "http" "https") -}} - {{- $protocol = $selectedPort.protocol -}} - {{- else -}} - {{- $protocol = "http" -}} - {{- end -}} - - {{- if eq $selectedService.type "LoadBalancer" -}} - {{- if (kindIs "string" $selectedService.loadBalancerIP) -}} - {{- with $selectedService.loadBalancerIP -}} - {{- $host = tpl . $rootCtx | toString -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{/* Overrides */}} - {{- with $objectData.override -}} - {{- if .protocol -}} - {{- $protocol = .protocol -}} - {{- end -}} - - {{- if .host -}} - {{- $host = .host -}} - {{- end -}} - - {{- if .port -}} - {{- $port = .port -}} - {{- end -}} - {{- end -}} - - {{- with $objectData.path -}} - {{- $path = . -}} - {{- end -}} - - {{/* URL Will not include the path. */}} - {{- $url := printf "%s://%s:%s" $protocol $host $port -}} - {{- $urlWithPortAndPath := printf "%s://%s:%s%s" $protocol $host $port $path -}} - - {{/* Clean up the URL */}} - {{- $port = $port | toString -}} - {{- if eq $port "443" -}} - {{- $url = $url | trimSuffix ":443" -}} - {{- $url = $url | replace $protocol "https" -}} - {{- $urlWithPortAndPath = $urlWithPortAndPath | replace $protocol "https" -}} - {{- $protocol = "https" -}} - {{- end -}} - - {{- if eq $port "80" -}} - {{- $url = $url | trimSuffix ":80" -}} - {{- $url = $url | replace $protocol "http" -}} - {{- $urlWithPortAndPath = $urlWithPortAndPath | replace $protocol "http" -}} - {{- $protocol = "http" -}} - {{- end -}} - - {{- $context := (dict - "podCIDR" $podCIDR "svcCIDR" $svcCIDR - "appUrl" $url "appUrlWithPortAndPath" $urlWithPortAndPath - "appHost" $host "appPort" $port - "appPath" $path "appProtocol" $protocol - ) -}} - - {{- $context | toJson -}} -{{- end -}} diff --git a/charts/common/templates/lib/util/_diagnosticMode.tpl b/charts/common/templates/lib/util/_diagnosticMode.tpl deleted file mode 100644 index f12228b..0000000 --- a/charts/common/templates/lib/util/_diagnosticMode.tpl +++ /dev/null @@ -1,29 +0,0 @@ -{{- define "tc.v1.common.lib.util.diagnosticMode" -}} - {{- $rootCtx := .rootCtx -}} - - {{- $diagMode := "" -}} - - {{- $itemsToCheck := (list $rootCtx.Values $rootCtx.Values.global) -}} - - {{- range $item := $itemsToCheck -}} - {{- if hasKey $item "diagnosticMode" -}} - {{- if not (kindIs "map" $item.diagnosticMode) -}} - {{- fail (printf "Diagnostic Mode - Expected [diagnosticMode] to be a map, but got [%s]" (kindOf $item.diagnosticMode)) -}} - {{- end -}} - {{- if hasKey $item.diagnosticMode "enabled" -}} - {{- if not (kindIs "bool" $item.diagnosticMode.enabled) -}} - {{- fail (printf "Diagnostic Mode - Expected [diagnosticMode.enabled] to be a bool, but got [%s]" (kindOf $item.diagnosticMode.enabled)) -}} - {{- end -}} - {{- end -}} - - {{/* Ignore if its not true as we want any item - that is true to apply regardless of the order - */}} - {{- if $item.diagnosticMode.enabled -}} - {{- $diagMode = true -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $diagMode | toString -}} -{{- end -}} diff --git a/charts/common/templates/lib/util/_enabled.tpl b/charts/common/templates/lib/util/_enabled.tpl deleted file mode 100644 index 0fb7aeb..0000000 --- a/charts/common/templates/lib/util/_enabled.tpl +++ /dev/null @@ -1,29 +0,0 @@ -{{- define "tc.v1.common.lib.util.enabled" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $key := .key -}} - {{- $name := (.name | toString) -}} - {{- $caller := .caller -}} - - {{- $enabled := false -}} - {{- if not (hasKey $objectData "enabled") -}} - {{- fail (printf "%s - Expected the key [enabled] in [%s.%s] to exist" $caller $key $name) -}} - {{- end -}} - - {{- if (kindIs "invalid" $objectData.enabled) -}} - {{- fail (printf "%s - Expected the defined key [enabled] in [%s.%s] to not be empty" $caller $key $name) -}} - {{- end -}} - {{- $enabled = $objectData.enabled -}} - - {{- if kindIs "string" $enabled -}} - {{- $enabled = tpl $enabled $rootCtx -}} - {{- if eq $enabled "true" -}} - {{- $enabled = true -}} - {{- else if eq $enabled "false" -}} - {{- $enabled = false -}} - {{- end -}} - {{- end -}} - - {{/* NOTE: Always treat the returned result as string */}} - {{- $enabled -}} -{{- end -}} diff --git a/charts/common/templates/lib/util/_expandName.tpl b/charts/common/templates/lib/util/_expandName.tpl deleted file mode 100644 index 44e23f8..0000000 --- a/charts/common/templates/lib/util/_expandName.tpl +++ /dev/null @@ -1,30 +0,0 @@ -{{- define "tc.v1.common.lib.util.expandName" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $key := .key -}} - {{- $name := (.name | toString) -}} - {{- $caller := .caller -}} - - {{- $expandName := true -}} - {{- if (hasKey $objectData "expandObjectName") -}} - {{- if not (kindIs "invalid" $objectData.expandObjectName) -}} - {{- $expandName = $objectData.expandObjectName -}} - {{- else -}} - {{- fail (printf "%s - Expected the defined key [expandObjectName] in [%s.%s] to not be empty" $caller $key $name) -}} - {{- end -}} - {{- end -}} - - {{- if kindIs "string" $expandName -}} - {{- $expandName = tpl $expandName $rootCtx -}} - - {{/* After tpl it becomes a string, not a bool */}} - {{- if eq $expandName "true" -}} - {{- $expandName = true -}} - {{- else if eq $expandName "false" -}} - {{- $expandName = false -}} - {{- end -}} - {{- end -}} - - {{/* NOTE: Always treat the returned result as string */}} - {{- $expandName -}} -{{- end -}} diff --git a/charts/common/templates/lib/util/_metadataList.tpl b/charts/common/templates/lib/util/_metadataList.tpl deleted file mode 100644 index 0a05ab5..0000000 --- a/charts/common/templates/lib/util/_metadataList.tpl +++ /dev/null @@ -1,20 +0,0 @@ -{{- define "tc.v1.common.lib.util.metaListToDict" -}} - {{- $objectData := .objectData -}} - {{- $annoList := $objectData.annotationsList -}} - {{- $labelList := $objectData.labelsList -}} - - {{- if not $objectData.annotations -}} - {{- $_ := set $objectData "annotations" dict -}} - {{- end -}} - {{- if not $objectData.labels -}} - {{- $_ := set $objectData "labels" dict -}} - {{- end -}} - - {{- range $a := $annoList -}} - {{- $_ := set $objectData.annotations $a.name $a.value -}} - {{- end -}} - - {{- range $l := $labelList -}} - {{- $_ := set $objectData.labels $l.name $l.value -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/util/_primary_certificate.tpl b/charts/common/templates/lib/util/_primary_certificate.tpl deleted file mode 100644 index fabc2b3..0000000 --- a/charts/common/templates/lib/util/_primary_certificate.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{/* Return the name of the primary Cert object */}} -{{- define "tc.v1.common.lib.util.cert.primary" -}} - {{- $Certs := $.Values.cert -}} - - {{- $enabledCerts := dict -}} - {{- range $name, $cert := $Certs -}} - {{- if $cert.enabled -}} - {{- $_ := set $enabledCerts $name . -}} - {{- end -}} - {{- end -}} - - {{- $result := "" -}} - {{- range $name, $cert := $enabledCerts -}} - {{- if and (hasKey $cert "primary") $cert.primary -}} - {{- $result = $name -}} - {{- end -}} - {{- end -}} - - {{- if not $result -}} - {{- $result = keys $Certs | first -}} - {{- end -}} - {{- $result -}} -{{- end -}} diff --git a/charts/common/templates/lib/util/_primary_cnpg.tpl b/charts/common/templates/lib/util/_primary_cnpg.tpl deleted file mode 100644 index 07ea0c0..0000000 --- a/charts/common/templates/lib/util/_primary_cnpg.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{/* Return the name of the primary cnpg object */}} -{{- define "tc.v1.common.lib.util.cnpg.primary" -}} - {{- $cnpgs := .Values.cnpg -}} - - {{- $enabledcnpges := dict -}} - {{- range $name, $cnpg := $cnpgs -}} - {{- if $cnpg.enabled -}} - {{- $_ := set $enabledcnpges $name . -}} - {{- end -}} - {{- end -}} - - {{- $result := "" -}} - {{- range $name, $cnpg := $enabledcnpges -}} - {{- if and (hasKey $cnpg "primary") $cnpg.primary -}} - {{- $result = $name -}} - {{- end -}} - {{- end -}} - - {{- if not $result -}} - {{- $result = keys $enabledcnpges | first -}} - {{- end -}} - {{- $result -}} -{{- end -}} diff --git a/charts/common/templates/lib/util/_primary_ingress.tpl b/charts/common/templates/lib/util/_primary_ingress.tpl deleted file mode 100644 index ff0cd52..0000000 --- a/charts/common/templates/lib/util/_primary_ingress.tpl +++ /dev/null @@ -1,30 +0,0 @@ -{{/* Return the name of the enabled primary ingress object */}} -{{- define "tc.v1.common.lib.util.ingress.primary" -}} - {{- $rootCtx := .rootCtx -}} - - {{- $result := "" -}} - {{- range $name, $ingress := $rootCtx.Values.ingress -}} - {{- $enabled := "false" -}} - - {{- if not (kindIs "invalid" $ingress.enabled) -}} - {{- $enabled = (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $ingress - "name" $name "caller" "Primary Ingress Util" - "key" "ingress")) -}} - {{- end -}} - - {{- if eq $enabled "true" -}} - {{- if $ingress.primary -}} - {{/* - While this will overwrite if there are - more than 1 primary ingress, its not an issue - as there is validation down the line that will - fail if there are more than 1 primary ingress - */}} - {{- $result = $name -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $result -}} -{{- end -}} diff --git a/charts/common/templates/lib/util/_primary_metrics.tpl b/charts/common/templates/lib/util/_primary_metrics.tpl deleted file mode 100644 index f085399..0000000 --- a/charts/common/templates/lib/util/_primary_metrics.tpl +++ /dev/null @@ -1,30 +0,0 @@ -{{/* Return the name of the primary metrics object */}} -{{- define "tc.v1.common.lib.util.metrics.primary" -}} - {{- $metrics := .Values.metrics -}} - - {{- $enabledMetrics := dict -}} - {{- range $name, $metrics := $metrics -}} - {{- if $metrics.enabled -}} - {{- $_ := set $enabledMetrics $name $metrics -}} - {{- end -}} - {{- end -}} - - {{- $result := "" -}} - {{- range $name, $metrics := $enabledMetrics -}} - {{- if (hasKey $metrics "primary") -}} - {{- if $metrics.primary -}} - {{- if $result -}} - {{- fail "More than one metrics are set as primary. This is not supported." -}} - {{- end -}} - {{- $result = $name -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if not $result -}} - {{- if eq (len $enabledMetrics) 1 -}} - {{- $result = keys $enabledMetrics | mustFirst -}} - {{- end -}} - {{- end -}} - {{- $result -}} -{{- end -}} diff --git a/charts/common/templates/lib/util/_primary_port.tpl b/charts/common/templates/lib/util/_primary_port.tpl deleted file mode 100644 index 1ba09bf..0000000 --- a/charts/common/templates/lib/util/_primary_port.tpl +++ /dev/null @@ -1,32 +0,0 @@ -{{/* A dict containing .values and .serviceName is passed when this function is called */}} -{{/* Return the primary port for a given Service object. */}} -{{- define "tc.v1.common.lib.util.service.ports.primary" -}} - {{- $rootCtx := .rootCtx -}} - {{- $svcValues := .svcValues -}} - - {{- $result := "" -}} - {{- range $name, $port := $svcValues.ports -}} - {{- $enabled := "false" -}} - - {{- if not (kindIs "invalid" $port.enabled) -}} - {{- $enabled = (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $port - "name" $name "caller" "Primary Port Util" - "key" ".ports.$portname.enabled")) -}} - {{- end -}} - - {{- if eq $enabled "true" -}} - {{- if $port.primary -}} - {{/* - While this will overwrite if there are - more than 1 primary port, its not an issue - as there is validation down the line that will - fail if there are more than 1 primary port - */}} - {{- $result = $name -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $result -}} -{{- end -}} diff --git a/charts/common/templates/lib/util/_primary_route.tpl b/charts/common/templates/lib/util/_primary_route.tpl deleted file mode 100644 index 04da801..0000000 --- a/charts/common/templates/lib/util/_primary_route.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{/* Return the name of the primary route object */}} -{{- define "tc.v1.common.lib.util.route.primary" -}} - {{- $routees := $.Values.route -}} - - {{- $enabledroutees := dict -}} - {{- range $name, $route := $routees -}} - {{- if $route.enabled -}} - {{- $_ := set $enabledroutees $name . -}} - {{- end -}} - {{- end -}} - - {{- $result := "" -}} - {{- range $name, $route := $enabledroutees -}} - {{- if and (hasKey $route "primary") $route.primary -}} - {{- $result = $name -}} - {{- end -}} - {{- end -}} - - {{- if not $result -}} - {{- $result = keys $enabledroutees | first -}} - {{- end -}} - {{- $result -}} -{{- end -}} diff --git a/charts/common/templates/lib/util/_primary_service.tpl b/charts/common/templates/lib/util/_primary_service.tpl deleted file mode 100644 index 1972134..0000000 --- a/charts/common/templates/lib/util/_primary_service.tpl +++ /dev/null @@ -1,30 +0,0 @@ -{{/* Returns the primary service object */}} -{{- define "tc.v1.common.lib.util.service.primary" -}} - {{- $rootCtx := .rootCtx -}} - - {{- $result := "" -}} - {{- range $name, $service := $rootCtx.Values.service -}} - {{- $enabled := "false" -}} - - {{- if not (kindIs "invalid" $service.enabled) -}} - {{- $enabled = (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $service - "name" $name "caller" "Primary service Util" - "key" "service")) -}} - {{- end -}} - - {{- if eq $enabled "true" -}} - {{- if $service.primary -}} - {{/* - While this will overwrite if there are - more than 1 primary service, its not an issue - as there is validation down the line that will - fail if there are more than 1 primary service - */}} - {{- $result = $name -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $result -}} -{{- end -}} diff --git a/charts/common/templates/lib/util/_primary_workload.tpl b/charts/common/templates/lib/util/_primary_workload.tpl deleted file mode 100644 index b24836b..0000000 --- a/charts/common/templates/lib/util/_primary_workload.tpl +++ /dev/null @@ -1,35 +0,0 @@ -{{/* Returns the primary Workload object */}} -{{- define "tc.v1.common.lib.util.workload.primary" -}} - {{- $Workloads := .workload -}} - - {{- $enabledWorkloads := dict -}} - {{- range $name, $Workload := $Workloads -}} - {{- if $Workload.enabled -}} - {{- $_ := set $enabledWorkloads $name $Workload -}} - {{- end -}} - {{- end -}} - - {{- $result := "" -}} - {{- range $name, $Workload := $enabledWorkloads -}} - {{- if (hasKey $Workload "primary") -}} - {{- if $Workload.primary -}} - {{- if $result -}} - {{- fail "More than one Workloads are set as primary. This is not supported." -}} - {{- end -}} - {{- $result = $name -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if not $result -}} - {{- if eq (len $enabledWorkloads) 1 -}} - {{- $result = keys $enabledWorkloads | mustFirst -}} - {{- else -}} - {{- if $enabledWorkloads -}} - {{- fail "At least one Workload must be set as primary" -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $result -}} -{{- end -}} diff --git a/charts/common/templates/lib/util/_stopAll.tpl b/charts/common/templates/lib/util/_stopAll.tpl deleted file mode 100644 index a545c8d..0000000 --- a/charts/common/templates/lib/util/_stopAll.tpl +++ /dev/null @@ -1,10 +0,0 @@ -{{- define "tc.v1.common.lib.util.stopAll" -}} - {{- $rootCtx := . -}} - - {{- $stop := "" -}} - {{- if $rootCtx.Values.global.stopAll -}} - {{- $stop = true -}} - {{- end -}} - - {{- $stop -}} -{{- end -}} diff --git a/charts/common/templates/lib/volsync/_cache.tpl b/charts/common/templates/lib/volsync/_cache.tpl deleted file mode 100644 index a3cdcb3..0000000 --- a/charts/common/templates/lib/volsync/_cache.tpl +++ /dev/null @@ -1,21 +0,0 @@ -{{- define "tc.v1.common.lib.volsync.cache" -}} - {{- $creds := .creds -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $volsyncData := .volsyncData -}} - {{- $target := get $volsyncData .target -}} - -cacheCapacity: {{ $target.cacheCapacity | default "10Gi" }} - - {{- with $target.cacheStorageClassName }} -cacheStorageClassName: {{ $target.cacheStorageClassName }} - {{- end -}} - - {{- with $target.cacheAccessModes }} -cacheAccessModes: - {{- range . }} - - {{ . }} - {{- end }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/volsync/_moverSecurityContext.tpl b/charts/common/templates/lib/volsync/_moverSecurityContext.tpl deleted file mode 100644 index f86162d..0000000 --- a/charts/common/templates/lib/volsync/_moverSecurityContext.tpl +++ /dev/null @@ -1,28 +0,0 @@ -{{- define "tc.v1.common.lib.volsync.moversecuritycontext" -}} - {{- $creds := .creds -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $volsyncData := .volsyncData -}} - {{- $target := get $volsyncData .target -}} - - {{- $sec := dict - "runAsUser" $rootCtx.Values.securityContext.container.runAsUser - "runAsGroup" $rootCtx.Values.securityContext.container.runAsGroup - "fsGroup" $rootCtx.Values.securityContext.pod.fsGroup - -}} - - {{- if $target.moverSecurityContext -}} - {{- $items := list "runAsUser" "runAsGroup" "fsGroup" -}} - {{- range $item := $items -}} - {{- if hasKey $target.moverSecurityContext $item -}} - {{- $_ := set $sec $item (get $target.moverSecurityContext $item) -}} - {{- end -}} - {{- end -}} - {{- end }} - -moverSecurityContext: - runAsUser: {{ $sec.runAsUser }} - runAsGroup: {{ $sec.runAsGroup }} - fsGroup: {{ $sec.fsGroup }} -{{- end -}} diff --git a/charts/common/templates/lib/volsync/_storage.tpl b/charts/common/templates/lib/volsync/_storage.tpl deleted file mode 100644 index dd03e1f..0000000 --- a/charts/common/templates/lib/volsync/_storage.tpl +++ /dev/null @@ -1,37 +0,0 @@ -{{- define "tc.v1.common.lib.volsync.storage" -}} - {{- $creds := .creds -}} - - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData -}} - {{- $volsyncData := .volsyncData -}} - {{- $target := get $volsyncData .target -}} - - {{- $accessModes := $rootCtx.Values.global.fallbackDefaults.accessModes -}} - {{- if $objectData.accessModes }} - {{- $accessModes = $objectData.accessModes }} - {{- end }} - {{- if $target.accessModes }} - {{- $accessModes = $target.accessModes }} - {{- end }} - - {{- $storageClassName := $rootCtx.Values.global.fallbackDefaults.storageClass -}} - {{- if $objectData.storageClass }} - {{- $storageClassName = $objectData.storageClass }} - {{- end }} - {{- if $target.storageClassName }} - {{- $storageClassName = $target.storageClassName }} - {{- end }} - - {{- with $storageClassName }} -storageClassName: {{ . }} - {{- end }} - -accessModes: - {{- range $accessModes }} - - {{ . }} - {{- end }} - - {{- with $target.volumeSnapshotClassName }} -volumeSnapshotClassName: {{ . }} - {{- end }} -{{- end -}} diff --git a/charts/common/templates/lib/volsync/_validation.tpl b/charts/common/templates/lib/volsync/_validation.tpl deleted file mode 100644 index ce13811..0000000 --- a/charts/common/templates/lib/volsync/_validation.tpl +++ /dev/null @@ -1,35 +0,0 @@ -{{- define "tc.v1.common.lib.volsync.validation" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- if not $objectData.name -}} - {{- fail "VolSync - Expected non-empty [name]" -}} - {{- end -}} - - {{- if not $objectData.type -}} - {{- fail "VolSync - Expected non-empty [type]" -}} - {{- end -}} - - {{- $validTypes := list "restic" -}} - {{- if not (mustHas $objectData.type $validTypes) -}} - {{- fail (printf "VolSync - Expected [type] to be one of [%s], but got [%s]" (join ", " $validTypes) $objectData.type) -}} - {{- end -}} - - {{- if not $objectData.credentials -}} - {{- fail "VolSync - Expected non-empty [credentials]" -}} - {{- end -}} - - {{- if not (kindIs "string" $objectData.credentials) -}} - {{- fail (printf "VolSync - Expected [credentials] to be a string, but got [%s]" (kindOf $objectData.credentials)) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.credentials.validation" (dict "rootCtx" $rootCtx "caller" "VolSync" "credName" $objectData.credentials) -}} - - {{- $copyMethods := list "Clone" "Direct" "Snapshot" -}} - {{- if $objectData.copyMethod -}} - {{- if not (mustHas $objectData.copyMethod $copyMethods) -}} - {{- fail (printf "VolSync - Expected [copyMethod] to be one of [%s], but got [%s]" (join ", " $copyMethods) $objectData.copyMethod) -}} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/vpa/_validation.tpl b/charts/common/templates/lib/vpa/_validation.tpl deleted file mode 100644 index 2ede292..0000000 --- a/charts/common/templates/lib/vpa/_validation.tpl +++ /dev/null @@ -1,115 +0,0 @@ -{{- define "tc.v1.common.lib.vpa.validation" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- $updPolicy := $objectData.updatePolicy -}} - {{- if $updPolicy -}} - {{- if not (kindIs "map" $updPolicy) -}} - {{- fail (printf "Vertical Pod Autoscaler - Expected [vpa.%s.updatePolicy] to be a dictionary, but got [%s]" $objectData.vpaName (kindOf $updPolicy)) -}} - {{- end -}} - - {{- $validModes := list "Auto" "Off" "Initial" "Recreate" -}} - {{- if and $updPolicy.updateMode (not (mustHas $updPolicy.updateMode $validModes)) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value [%s] on [vpa.%s.updatePolicy.updateMode] is not valid. Must be one of [%s]" $updPolicy.updateMode $objectData.vpaName (join ", " $validModes)) -}} - {{- end -}} - - {{- if and $updPolicy.minReplicas (le ($updPolicy.minReplicas | int) 0) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value [%v] on [vpa.%s.updatePolicy.minReplicas] must be greater than 0." $updPolicy.minReplicas $objectData.vpaName) -}} - {{- end -}} - - {{- if $updPolicy.evictionRequirements -}} - {{- if not (kindIs "slice" $updPolicy.evictionRequirements) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value on [vpa.%s.updatePolicy.evictionRequirements] must be a list, but got [%s]" $objectData.vpaName (kindOf $updPolicy.evictionRequirements)) -}} - {{- end -}} - {{- range $idx, $req := $updPolicy.evictionRequirements -}} - {{- if not (kindIs "map" $req) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value on [vpa.%s.updatePolicy.evictionRequirements.%d] must be a map, but got [%s]" $objectData.vpaName $idx (kindOf $req)) -}} - {{- end -}} - - {{- if not $req.resources -}} - {{- fail (printf "Vertical Pod Autoscaler - Value on [vpa.%s.updatePolicy.evictionRequirements.%d.resources] is required." $objectData.vpaName $idx) -}} - {{- end -}} - - {{- if not (kindIs "slice" $req.resources) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value on [vpa.%s.updatePolicy.evictionRequirements.%d.resources] must be a list, but got [%s]" $objectData.vpaName $idx (kindOf $req.resources)) -}} - {{- end -}} - - {{- $validResources := (list "cpu" "memory") -}} - {{- range $x, $r := $req.resources -}} - {{- if not (mustHas $r $validResources) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value [%s] on [vpa.%s.updatePolicy.evictionRequirements.%d.resources.%d] is not valid. Must be one of [%s]" $r $objectData.vpaName $idx $x (join ", " $validResources)) -}} - {{- end -}} - {{- end -}} - - {{- $validReq := (list "TargetHigherThanRequests" "TargetLowerThanRequests") -}} - {{- if not (mustHas $req.changeRequirement $validReq) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value [%s] on [vpa.%s.updatePolicy.evictionRequirements.%d.changeRequirement] is not valid. Must be one of [%s]" $req.changeRequirement $objectData.vpaName $idx (join ", " $validReq)) -}} - {{- end -}} - - {{- end -}} - {{- end -}} - {{- end -}} - - {{- $resPolicy := $objectData.resourcePolicy -}} - {{- if and $resPolicy $resPolicy.containerPolicies -}} - {{- if not (kindIs "slice" $resPolicy.containerPolicies) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value on [vpa.%s.resourcePolicy.containerPolicies] must be a list, but got [%s]" $objectData.vpaName (kindOf $resPolicy.containerPolicies)) -}} - {{- end -}} - - {{- $validModes := (list "Auto" "Off") -}} - {{- range $idx, $cPol := $resPolicy.containerPolicies -}} - {{- if not (kindIs "map" $cPol) -}} - {{- fail (printf "Vertical Pod Autoscaler - Expected [vpa.%s.resourcePolicy.containerPolicies.%d] to be a dictionary, but got [%s]" $objectData.vpaName $idx (kindOf $cPol)) -}} - {{- end -}} - - {{- $validContainers := mustAppend $objectData.containerNames "*" -}} - {{- if not (mustHas $cPol.containerName $validContainers) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value [%s] on [vpa.%s.resourcePolicy.containerPolicies.%d.containerName] is not valid. Must be one of [%s]" $cPol.containerName $objectData.vpaName $idx (join ", " $validContainers)) -}} - {{- end -}} - - {{- if and $cPol.mode (not (mustHas $cPol.mode $validModes)) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value [%s] on [vpa.%s.resourcePolicy.containerPolicies.%d.mode] is not valid. Must be one of [%s]" $cPol.mode $objectData.vpaName $idx (join ", " $validModes)) -}} - {{- end -}} - - {{- if $cPol.controlledResources -}} - {{- if not (kindIs "slice" $cPol.controlledResources) -}} - {{- fail (printf "Vertical Pod Autoscaler - Expected [vpa.%s.resourcePolicy.containerPolicies.%d.controlledResources] to be a list, but got [%s]" $objectData.vpaName $idx (kindOf $cPol.controlledResources)) -}} - {{- end -}} - - {{- $validRes := (list "cpu" "memory") -}} - {{- range $x, $r := $cPol.controlledResources -}} - {{- if not (mustHas $r $validRes) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value [%s] on [vpa.%s.resourcePolicy.containerPolicies.%d.controlledResources.%d] is not valid. Must be one of [%s]" $r $objectData.vpaName $idx $x (join ", " $validRes)) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if $cPol.controlledValues -}} - {{- $validVals := (list "RequestsAndLimits" "RequestsOnly") -}} - {{- if not (mustHas $cPol.controlledValues $validVals) -}} - {{- fail (printf "Vertical Pod Autoscaler - Value [%s] on [vpa.%s.resourcePolicy.containerPolicies.%d.controlledValues] is not valid. Must be one of [%s]" $cPol.controlledValues $objectData.vpaName $idx (join ", " $validVals)) -}} - {{- end -}} - {{- end -}} - - {{- $data := (include "tc.v1.common.lib.resources.validation.data" .) | fromJson -}} - {{- $regex := $data.regex -}} - {{- $errorMsg := $data.errorMsg -}} - - {{- $items := (list "minAllowed" "maxAllowed") -}} - {{- range $item := $items -}} - {{- if not (get $cPol $item) -}}{{- continue -}}{{- end -}} - - {{- if not (kindIs "map" (get $cPol $item)) -}} - {{- fail (printf "Vertical Pod Autoscaler - Expected [vpa.%s.resourcePolicy.containerPolicies.%d.%s] to be a dictionary, but got [%s]" $objectData.vpaName $idx $item (kindOf (get $cPol $item))) -}} - {{- end -}} - - {{- range $k, $v := (get $cPol $item) -}} - {{- if not (mustRegexMatch (get $regex $k) (toString $v)) -}} - {{- fail (printf "Vertical Pod Autoscaler - Expected [vpa.%s.resourcePolicy.containerPolicies.%d.%s.%s] to have one of the following formats [%s], but got [%s]" $objectData.vpaName $idx $item $k (get $errorMsg $k) $v) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/webhook/_admissionReviewVersions.tpl b/charts/common/templates/lib/webhook/_admissionReviewVersions.tpl deleted file mode 100644 index ff4a81d..0000000 --- a/charts/common/templates/lib/webhook/_admissionReviewVersions.tpl +++ /dev/null @@ -1,8 +0,0 @@ -{{- define "tc.v1.common.lib.webhook.admissionReviewVersions" -}} - {{- $admissionReviewVersions := .admissionReviewVersions -}} - {{- $rootCtx := .rootCtx }} -admissionReviewVersions: - {{- range $admissionReviewVersions }} - - {{ tpl . $rootCtx }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/webhook/_clientConfig.tpl b/charts/common/templates/lib/webhook/_clientConfig.tpl deleted file mode 100644 index 14b2444..0000000 --- a/charts/common/templates/lib/webhook/_clientConfig.tpl +++ /dev/null @@ -1,22 +0,0 @@ -{{- define "tc.v1.common.lib.webhook.clientConfig" -}} - {{- $clientConfig := .clientConfig -}} - {{- $rootCtx := .rootCtx }} -clientConfig: - {{- if $clientConfig.caBundle }} - caBundle: {{ tpl $clientConfig.caBundle $rootCtx | quote }} - {{- end -}} - {{- if $clientConfig.url }} - url: {{ tpl $clientConfig.url $rootCtx | quote }} - {{- end -}} - {{- if $clientConfig.service }} - service: - name: {{ tpl $clientConfig.service.name $rootCtx }} - namespace: {{ tpl $clientConfig.service.namespace $rootCtx }} - {{- with $clientConfig.service.path }} - path: {{ tpl . $rootCtx | quote }} - {{- end -}} - {{- with $clientConfig.service.port }} - port: {{ tpl . $rootCtx }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/webhook/_rules.tpl b/charts/common/templates/lib/webhook/_rules.tpl deleted file mode 100644 index dfa1952..0000000 --- a/charts/common/templates/lib/webhook/_rules.tpl +++ /dev/null @@ -1,26 +0,0 @@ -{{- define "tc.v1.common.lib.webhook.rules" -}} - {{- $rules := .rules -}} - {{- $rootCtx := .rootCtx }} -rules: - {{- range $rule := $rules }} - - apiVersions: - {{- range $rule.apiVersions }} - - {{ tpl . $rootCtx | quote }} - {{- end }} - apiGroups: - {{- range $rule.apiGroups }} - - {{ tpl . $rootCtx | quote }} - {{- end }} - operations: - {{- range $rule.operations }} - - {{ tpl . $rootCtx | quote }} - {{- end }} - resources: - {{- range $rule.resources }} - - {{ tpl . $rootCtx | quote }} - {{- end -}} - {{- with $rule.scope }} - scope: {{ tpl . $rootCtx | quote }} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/webhook/_validation.tpl b/charts/common/templates/lib/webhook/_validation.tpl deleted file mode 100644 index bf794e1..0000000 --- a/charts/common/templates/lib/webhook/_validation.tpl +++ /dev/null @@ -1,152 +0,0 @@ -{{- define "tc.v1.common.lib.webhook.validation" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - - {{- if not $objectData.type -}} - {{- fail (printf "Webhook - Expected [type] in [webhook.%v] to not be empty" $objectData.shortName) -}} - {{- end -}} - - {{- $type := tpl $objectData.type $rootCtx -}} - {{- $types := (list "validating" "mutating") -}} - {{- if not (mustHas $type $types) -}} - {{- fail (printf "Webhook - Expected [type] in [webhook.%v] to be one of [%s], but got [%v]" $objectData.shortName (join ", " $types) $type) -}} - {{- end -}} - - {{- if not $objectData.webhooks -}} - {{- fail (printf "Webhook - Expected [webhooks] in [webhook.%v] to not be empty" $objectData.shortName) -}} - {{- end -}} - - {{- if not (kindIs "slice" $objectData.webhooks) -}} - {{- fail (printf "Webhook - Expected [webhooks] in [webhook.%v] to be a list, but got [%v]" $objectData.shortName (kindOf $objectData.webhooks)) -}} - {{- end -}} - - {{- range $webhook := $objectData.webhooks -}} - {{- if not $webhook.name -}} - {{- fail (printf "Webhook - Expected [name] in [webhook.%v] to not be empty" $objectData.shortName) -}} - {{- end -}} - - {{- $webhookName := tpl $webhook.name $rootCtx -}} - - {{- if not $webhook.admissionReviewVersions -}} - {{- fail (printf "Webhook - Expected [admissionReviewVersions] in [webhook.%v.%v] to not be empty" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- range $adm := $webhook.admissionReviewVersions -}} - {{- if not (kindIs "string" $adm) -}} - {{- fail (printf "Webhook - Expected [admissionReviewVersions] in [webhook.%v.%v] to be a string" $objectData.shortName $webhookName) -}} - {{- end -}} - {{- end -}} - - {{- if not $webhook.clientConfig -}} - {{- fail (printf "Webhook - Expected [clientConfig] in [webhook.%v.%v] to not be empty" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- with $webhook.clientConfig -}} - {{- if and .url .service -}} - {{- fail (printf "Webhook - Expected either [url] or [service] in [webhook.%v.%v] to be defined, but got both" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- $service := .service -}} - - {{- if $service -}} - {{- if not $service.name -}} - {{- fail (printf "Webhook - Expected [service.name] in [webhook.%v.%v] to not be empty" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- if not $service.namespace -}} - {{- fail (printf "Webhook - Expected [service.namespace] in [webhook.%v.%v] to not be empty" $objectData.shortName $webhookName) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if not $webhook.rules -}} - {{- fail (printf "Webhook - Expected [rules] in [webhook.%v.%v] to not be empty" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- if not (kindIs "slice" $webhook.rules) -}} - {{- fail (printf "Webhook - Expected [rules] in [webhook.%v.%v] to be a list, but got [%v]" $objectData.shortName $webhookName (kindOf $webhook.rules)) -}} - {{- end -}} - - {{- range $rule := $webhook.rules -}} - {{- if not $rule.apiGroups -}} - {{- fail (printf "Webhook - Expected [apiGroups] in [webhook.%v.%v] to not be empty" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- if not $rule.apiVersions -}} - {{- fail (printf "Webhook - Expected [apiVersions] in [webhook.%v.%v] to not be empty" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- if not $rule.operations -}} - {{- fail (printf "Webhook - Expected [operations] in [webhook.%v.%v] to not be empty" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- if not $rule.resources -}} - {{- fail (printf "Webhook - Expected [resources] in [webhook.%v.%v] to not be empty" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- $scopes := (list "Cluster" "Namespaced" "*") -}} - {{- with $rule.scope -}} - {{- $scope := tpl . $rootCtx -}} - {{- if not (mustHas $scope $scopes) -}} - {{- fail (printf "Webhook - Expected [scope] in [webhook.%v.%v] to be one of [%s], but got [%v]" $objectData.shortName $webhookName (join ", " $scopes) $scope) -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{- with $webhook.failurePolicy -}} - {{- $policy := tpl . $rootCtx -}} - {{- $failPolicies := (list "Ignore" "Fail") -}} - {{- if not (mustHas $policy $failPolicies) -}} - {{- fail (printf "Webhook - Expected [failurePolicy] in [webhook.%v.%v] to be one of [%s], but got [%v]" $objectData.shortName $webhookName (join ", " $failPolicies) $policy) -}} - {{- end -}} - {{- end -}} - - {{- with $webhook.matchPolicy -}} - {{- $policy := tpl . $rootCtx -}} - {{- $matchPolicies := (list "Exact" "Equivalent") -}} - {{- if not (mustHas $policy $matchPolicies) -}} - {{- fail (printf "Webhook - Expected [matchPolicy] in [webhook.%v.%v] to be one of [%s], but got [%v]" $objectData.shortName $webhookName (join ", " $matchPolicies) $policy) -}} - {{- end -}} - {{- end -}} - - {{- if and (eq $type "validating") $webhook.reinvocationPolicy -}} - {{- fail (printf "Webhook - Expected [mutating] type in [webhook.%v.%v] when [reinvocationPolicy] is defined" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- if and (eq $type "mutating") $webhook.reinvocationPolicy -}} - {{- $policy := tpl $webhook.reinvocationPolicy $rootCtx -}} - {{- $reinvPolicies := (list "Never" "IfNeeded") -}} - {{- if not (mustHas $policy $reinvPolicies) -}} - {{- fail (printf "Webhook - Expected [reinvocationPolicy] in [webhook.%v.%v] to be one of [%s], but got [%v]" $objectData.shortName $webhookName (join ", " $reinvPolicies) $policy) -}} - {{- end -}} - {{- end -}} - - {{- with $webhook.sideEffects -}} - {{- $effect := tpl . $rootCtx -}} - {{- $sideEffects := (list "None" "NoneOnDryRun") -}} - {{- if not (mustHas $effect $sideEffects) -}} - {{- fail (printf "Webhook - Expected [sideEffects] in [webhook.%v.%v] to be one of [%s], but got [%v]" $objectData.shortName $webhookName (join ", " $sideEffects) $effect) -}} - {{- end -}} - {{- end -}} - - {{- if (hasKey $webhook "timeoutSeconds") -}} - {{- if (kindIs "invalid" $webhook.timeoutSeconds) -}} - {{- fail (printf "Webhook - Expected the defined key [timeoutSeconds] in [webhook.%v.%v] to not be empty" $objectData.shortName $webhookName) -}} - {{- end -}} - - {{- if not (mustHas (kindOf $webhook.timeoutSeconds) (list "int" "int64" "float64")) -}} - {{- fail (printf "Webhook - Expected [timeoutSeconds] in [webhook.%v.%v] to be an integer, but got [%v]" $objectData.shortName $webhookName (kindOf $webhook.timeoutSeconds)) -}} - {{- end -}} - - {{- if (lt (int $webhook.timeoutSeconds) 1) -}} - {{- fail (printf "Webhook - Expected [timeoutSeconds] in [webhook.%v.%v] to be greater than 0, but got [%v]" $objectData.shortName $webhookName $webhook.timeoutSeconds) -}} - {{- end -}} - - {{- if (gt (int $webhook.timeoutSeconds) 30) -}} - {{- fail (printf "Webhook - Expected [timeoutSeconds] in [webhook.%v.%v] to be less than 30, but got [%v]" $objectData.shortName $webhookName $webhook.timeoutSeconds) -}} - {{- end -}} - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/webhook/_webhook.tpl b/charts/common/templates/lib/webhook/_webhook.tpl deleted file mode 100644 index f49ea21..0000000 --- a/charts/common/templates/lib/webhook/_webhook.tpl +++ /dev/null @@ -1,31 +0,0 @@ -{{- define "tc.v1.common.lib.webhook" -}} - {{- $webhook := .webhook -}} - {{- $rootCtx := .rootCtx }} -- name: {{ tpl $webhook.name $rootCtx }} - {{- with $webhook.failurePolicy }} - failurePolicy: {{ tpl . $rootCtx }} - {{- end -}} - {{- with $webhook.matchPolicy }} - matchPolicy: {{ tpl . $rootCtx }} - {{- end -}} - {{- with $webhook.reinvocationPolicy }} - reinvocationPolicy: {{ tpl . $rootCtx }} - {{- end -}} - {{- with $webhook.sideEffects }} - sideEffects: {{ tpl . $rootCtx }} - {{- end -}} - {{- with $webhook.timeoutSeconds }} - timeoutSeconds: {{ . }} - {{- end -}} - {{- include "tc.v1.common.lib.webhook.admissionReviewVersions" (dict "rootCtx" $rootCtx "admissionReviewVersions" $webhook.admissionReviewVersions) | trim | nindent 2 -}} - {{- include "tc.v1.common.lib.webhook.clientConfig" (dict "rootCtx" $rootCtx "clientConfig" $webhook.clientConfig) | trim | nindent 2 -}} - {{- include "tc.v1.common.lib.webhook.rules" (dict "rootCtx" $rootCtx "rules" $webhook.rules) | trim | nindent 2 -}} - {{- with $webhook.namespaceSelector }} - namespaceSelector: - {{- tpl (toYaml $webhook.namespaceSelector) $rootCtx | nindent 2 -}} - {{- end -}} - {{- with $webhook.objectSelector }} - objectSelector: - {{- tpl (toYaml $webhook.objectSelector) $rootCtx | nindent 2 -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/workload/_cronjobSpec.tpl b/charts/common/templates/lib/workload/_cronjobSpec.tpl deleted file mode 100644 index cd1f1a0..0000000 --- a/charts/common/templates/lib/workload/_cronjobSpec.tpl +++ /dev/null @@ -1,31 +0,0 @@ -{{/* CronJob Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.cronjobSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - schedule: The schedule in Cron format, see https://en.wikipedia.org/wiki/Cron. - concurrencyPolicy: Allow, Forbid, or Replace. Defaults to Allow. - failedJobsHistoryLimit: The number of failed finished jobs to retain. Defaults to 1. - successfulJobsHistoryLimit: The number of successful finished jobs to retain. Defaults to 3. - startingDeadlineSeconds: Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Defaults to nil. - timezone: The timezone name. Defaults to .Values.TZ - +jobSpec data -*/}} -{{- define "tc.v1.common.lib.workload.cronjobSpec" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $suspend := $objectData.suspend | default false -}} - {{- if (include "tc.v1.common.lib.util.stopAll" $rootCtx) -}} - {{- $suspend = true -}} - {{- end }} -timeZone: {{ (tpl ($objectData.timezone | default $rootCtx.Values.TZ) $rootCtx) | quote }} -schedule: {{ (tpl $objectData.schedule $rootCtx) | quote }} -concurrencyPolicy: {{ $objectData.concurrencyPolicy | default "Forbid" }} -failedJobsHistoryLimit: {{ $objectData.failedJobsHistoryLimit | default 1 }} -successfulJobsHistoryLimit: {{ $objectData.successfulJobsHistoryLimit | default 3 }} -startingDeadlineSeconds: {{ $objectData.startingDeadlineSeconds | default 600 }} -suspend: {{ $suspend }} -jobTemplate: - spec: - {{- include "tc.v1.common.lib.workload.jobSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) | indent 4 }} -{{- end -}} diff --git a/charts/common/templates/lib/workload/_daemonsetSpec.tpl b/charts/common/templates/lib/workload/_daemonsetSpec.tpl deleted file mode 100644 index c177719..0000000 --- a/charts/common/templates/lib/workload/_daemonsetSpec.tpl +++ /dev/null @@ -1,30 +0,0 @@ -{{/* DaemonSet Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.daemonsetSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - revisionHistoryLimit: The number of old ReplicaSets to retain to allow rollback. - strategy: The daemonset strategy to use to replace existing pods with new ones. -*/}} -{{- define "tc.v1.common.lib.workload.daemonsetSpec" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- include "tc.v1.common.lib.workload.components.strategyType" (dict - "rootCtx" $rootCtx "objectData" $objectData - "defaultStrategy" "RollingUpdate" "resource" "DaemonSet" - ) }} -revisionHistoryLimit: {{ $objectData.revisionHistoryLimit | default 3 }} -updateStrategy: - type: {{ $objectData.strategy }} - {{- if and (eq $objectData.strategy "RollingUpdate") $objectData.rollingUpdate -}} - {{ if (or (hasKey $objectData.rollingUpdate "maxUnavailable") (hasKey $objectData.rollingUpdate "maxSurge")) }} - rollingUpdate: - {{- if hasKey $objectData.rollingUpdate "maxUnavailable" }} - maxUnavailable: {{ $objectData.rollingUpdate.maxUnavailable }} - {{- end -}} - {{- if hasKey $objectData.rollingUpdate "maxSurge" }} - maxSurge: {{ $objectData.rollingUpdate.maxSurge }} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/workload/_deploymentSpec.tpl b/charts/common/templates/lib/workload/_deploymentSpec.tpl deleted file mode 100644 index 0672381..0000000 --- a/charts/common/templates/lib/workload/_deploymentSpec.tpl +++ /dev/null @@ -1,39 +0,0 @@ -{{/* Deployment Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.deploymentSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - replicas: The number of replicas. - revisionHistoryLimit: The number of old ReplicaSets to retain to allow rollback. - strategy: The deployment strategy to use to replace existing pods with new ones. -*/}} -{{- define "tc.v1.common.lib.workload.deploymentSpec" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- include "tc.v1.common.lib.workload.components.strategyType" (dict - "rootCtx" $rootCtx "objectData" $objectData - "defaultStrategy" "Recreate" "resource" "Deployment" - ) -}} - {{- $replicas := 1 -}} - {{- if hasKey $objectData "replicas" -}} - {{- $replicas = $objectData.replicas -}} - {{- end -}} - {{- if (include "tc.v1.common.lib.util.stopAll" $rootCtx) -}} - {{- $replicas = 0 -}} - {{- end }} -replicas: {{ $replicas }} -revisionHistoryLimit: {{ $objectData.revisionHistoryLimit | default 3 }} -strategy: - type: {{ $objectData.strategy }} - {{- if and (eq $objectData.strategy "RollingUpdate") $objectData.rollingUpdate -}} - {{ if (or (hasKey $objectData.rollingUpdate "maxUnavailable") (hasKey $objectData.rollingUpdate "maxSurge")) }} - rollingUpdate: - {{- if hasKey $objectData.rollingUpdate "maxUnavailable" }} - maxUnavailable: {{ $objectData.rollingUpdate.maxUnavailable }} - {{- end -}} - {{- if hasKey $objectData.rollingUpdate "maxSurge" }} - maxSurge: {{ $objectData.rollingUpdate.maxSurge }} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/workload/_jobSpec.tpl b/charts/common/templates/lib/workload/_jobSpec.tpl deleted file mode 100644 index bca25f6..0000000 --- a/charts/common/templates/lib/workload/_jobSpec.tpl +++ /dev/null @@ -1,31 +0,0 @@ -{{/* Job Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.jobSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - backoffLimit: The number of retries before marking this job failed. Defaults to 6. - completions: The desired number of successfully finished pods the job should be run with. Defaults to 1. - parallelism: The maximum desired number of pods the job should run at any given time. Defaults to 1. - activeDeadlineSeconds: Specifies the duration in seconds relative to the startTime that the job may be active before the system tries to terminate it; value must be positive integer. If set to nil, the job is never terminated due to timeout. - ttlSecondsAfterFinished: TTLSecondsAfterFinished limits the lifetime of a Job that has finished execution (either Complete or Failed). If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted. When the Job is being deleted, its lifecycle guarantees (e.g. finalizers) will be honored. If this field is unset, the Job won't be automatically deleted. If this field is set to zero, the Job becomes eligible to be deleted immediately after it finishes. This field is alpha-level and is only honored by servers that enable the TTLAfterFinished feature. - completionMode: CompletionMode specifies how Pod completions are tracked. It can be `NonIndexed` (default) or `Indexed`. -*/}} -{{- define "tc.v1.common.lib.workload.jobSpec" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $parallelism := 1 -}} - {{- if hasKey $objectData "parallelism" -}} - {{- $parallelism = $objectData.parallelism -}} - {{- end -}} - {{- if (include "tc.v1.common.lib.util.stopAll" $rootCtx) -}} - {{- $parallelism = 0 -}} - {{- end }} -backoffLimit: {{ $objectData.backoffLimit | default 5 }} -completionMode: {{ $objectData.completionMode | default "NonIndexed" }} -completions: {{ $objectData.completions | default nil }} -parallelism: {{ $parallelism }} -ttlSecondsAfterFinished: {{ $objectData.ttlSecondsAfterFinished | default 120 }} - {{- with $objectData.activeDeadlineSeconds }} -activeDeadlineSeconds: {{ . }} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/workload/_pod.tpl b/charts/common/templates/lib/workload/_pod.tpl deleted file mode 100644 index cb4b521..0000000 --- a/charts/common/templates/lib/workload/_pod.tpl +++ /dev/null @@ -1,71 +0,0 @@ -{{/* Pod Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.pod" (dict "rootCtx" $ "objectData" $objectData) }} -rootCtx: The root context of the chart. -objectData: The object data to be used to render the Pod. -*/}} -{{- define "tc.v1.common.lib.workload.pod" -}} - {{- $rootCtx := .rootCtx -}} - {{- $objectData := .objectData }} -serviceAccountName: {{ include "tc.v1.common.lib.pod.serviceAccountName" (dict "rootCtx" $rootCtx "objectData" $objectData) }} -automountServiceAccountToken: {{ include "tc.v1.common.lib.pod.automountServiceAccountToken" (dict "rootCtx" $rootCtx "objectData" $objectData) }} -runtimeClassName: {{ include "tc.v1.common.lib.pod.runtimeClassName" (dict "rootCtx" $rootCtx "objectData" $objectData) }} - {{- with (include "tc.v1.common.lib.pod.imagePullSecret" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -imagePullSecrets: - {{- . | nindent 2 }} - {{- end }} -hostNetwork: {{ include "tc.v1.common.lib.pod.hostNetwork" (dict "rootCtx" $rootCtx "objectData" $objectData) }} -hostPID: {{ include "tc.v1.common.lib.pod.hostPID" (dict "rootCtx" $rootCtx "objectData" $objectData) }} -hostIPC: {{ include "tc.v1.common.lib.pod.hostIPC" (dict "rootCtx" $rootCtx "objectData" $objectData) }} -shareProcessNamespace: {{ include "tc.v1.common.lib.pod.shareProcessNamespace" (dict "rootCtx" $rootCtx "objectData" $objectData) }} -enableServiceLinks: {{ include "tc.v1.common.lib.pod.enableServiceLinks" (dict "rootCtx" $rootCtx "objectData" $objectData) }} -restartPolicy: {{ include "tc.v1.common.lib.pod.restartPolicy" (dict "rootCtx" $rootCtx "objectData" $objectData) }} - {{- with (include "tc.v1.common.lib.pod.schedulerName" (dict "rootCtx" $rootCtx "objectData" $objectData)) }} -schedulerName: {{ . }} - {{- end -}} - {{- with (include "tc.v1.common.lib.pod.priorityClassName" (dict "rootCtx" $rootCtx "objectData" $objectData)) }} -priorityClassName: {{ . }} - {{- end -}} - {{- with (include "tc.v1.common.lib.pod.nodeSelector" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -nodeSelector: - {{- . | nindent 2 }} - {{- end -}} - {{- with (include "tc.v1.common.lib.pod.affinity" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -affinity: - {{- . | nindent 2 }} - {{- end -}} - {{- with (include "tc.v1.common.lib.pod.topologySpreadConstraints" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -topologySpreadConstraints: - {{- . | nindent 2 }} - {{- end -}} - {{- with (include "tc.v1.common.lib.pod.hostAliases" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -hostAliases: - {{- . | nindent 2 }} - {{- end -}} - {{- with (include "tc.v1.common.lib.pod.hostname" (dict "rootCtx" $rootCtx "objectData" $objectData)) }} -hostname: {{ . }} - {{- end -}} - {{- include "tc.v1.common.lib.pod.dns" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} - {{- with (include "tc.v1.common.lib.pod.terminationGracePeriodSeconds" (dict "rootCtx" $rootCtx "objectData" $objectData)) }} -terminationGracePeriodSeconds: {{ . }} - {{- end -}} - {{- with (include "tc.v1.common.lib.pod.tolerations" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -tolerations: - {{- . | nindent 2 }} - {{- end }} -securityContext: - {{- include "tc.v1.common.lib.pod.securityContext" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 }} -hostUsers: {{ include "tc.v1.common.lib.pod.hostUsers" (dict "rootCtx" $rootCtx "objectData" $objectData) }} - {{- if $objectData.podSpec.containers }} -containers: - {{- include "tc.v1.common.lib.pod.containerSpawner" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 -}} - {{- end -}} - {{- if $objectData.podSpec.initContainers }} -initContainers: - {{- include "tc.v1.common.lib.pod.initContainerSpawner" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 -}} - {{- end -}} - {{- with (include "tc.v1.common.lib.pod.volumes" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim) }} -volumes: - {{- . | nindent 2 }} -{{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/workload/_statefulsetSpec.tpl b/charts/common/templates/lib/workload/_statefulsetSpec.tpl deleted file mode 100644 index bd26f33..0000000 --- a/charts/common/templates/lib/workload/_statefulsetSpec.tpl +++ /dev/null @@ -1,40 +0,0 @@ -{{/* StatefulSet Spec */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.statefulsetSpec" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - replicas: The number of replicas. - revisionHistoryLimit: The number of old ReplicaSets to retain to allow rollback. - strategy: The statefulset strategy to use to replace existing pods with new ones. -*/}} -{{- define "tc.v1.common.lib.workload.statefulsetSpec" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- include "tc.v1.common.lib.workload.components.strategyType" (dict - "rootCtx" $rootCtx "objectData" $objectData - "defaultStrategy" "RollingUpdate" "resource" "StatefulSet" - ) -}} - {{- $replicas := 1 -}} - {{- if hasKey $objectData "replicas" -}} - {{- $replicas = $objectData.replicas -}} - {{- end -}} - {{- if (include "tc.v1.common.lib.util.stopAll" $rootCtx) -}} - {{- $replicas = 0 -}} - {{- end }} -replicas: {{ $replicas }} -revisionHistoryLimit: {{ $objectData.revisionHistoryLimit | default 3 }} -serviceName: {{ $objectData.name }} -updateStrategy: - type: {{ $objectData.strategy }} - {{- if and (eq $objectData.strategy "RollingUpdate") $objectData.rollingUpdate -}} - {{- if (or (hasKey $objectData.rollingUpdate "maxUnavailable") (hasKey $objectData.rollingUpdate "partition")) }} - rollingUpdate: - {{- if hasKey $objectData.rollingUpdate "maxUnavailable" }} - maxUnavailable: {{ $objectData.rollingUpdate.maxUnavailable }} - {{- end -}} - {{- if hasKey $objectData.rollingUpdate "partition" }} - partition: {{ $objectData.rollingUpdate.partition }} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/workload/components/_strategyType.tpl b/charts/common/templates/lib/workload/components/_strategyType.tpl deleted file mode 100644 index 99fdcea..0000000 --- a/charts/common/templates/lib/workload/components/_strategyType.tpl +++ /dev/null @@ -1,71 +0,0 @@ -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.components.strategyType" (dict "rootCtx" $rootCtx "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - replicas: The number of replicas. - strategy: The deployment strategy to use to replace existing pods with new ones. -*/}} -{{- define "tc.v1.common.lib.workload.components.strategyType" -}} - {{- $objectData := .objectData -}} - {{- $rootCtx := .rootCtx -}} - {{- $defaultStrategy := .defaultStrategy -}} - {{- $resource := .resource -}} - {{- $strategy := $objectData.strategy | default $defaultStrategy -}} - - {{- $replicas := 1 -}} - {{- if hasKey $objectData "replicas" -}} - {{- $replicas = $objectData.replicas -}} - {{- end -}} - {{- $replicas = $replicas | int -}} - - {{- $volsRWO := list -}} - {{- range $name, $persistence := $rootCtx.Values.persistence }} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $rootCtx "objectData" $persistence - "name" $name "caller" "Volumes" - "key" "persistence")) -}} - - {{- if (ne $enabled "true") -}}{{- continue -}}{{- end -}} - - {{- $type := ($persistence.type | default $rootCtx.Values.global.fallbackDefaults.persistenceType) -}} - {{- $typesWithAccessMode := (list "pvc") -}} - - {{- if (mustHas $type $typesWithAccessMode) -}} - {{- $modes := include "tc.v1.common.lib.pvc.accessModes" (dict "rootCtx" $rootCtx - "objectData" $persistence "caller" "Volumes") | fromYamlArray - -}} - - {{- $hasRWO := include "tc.v1.common.lib.pod.volumes.hasRWO" (dict "modes" $modes) -}} - {{- if ne $hasRWO "true" -}}{{- continue -}}{{- end -}} - {{- $volsRWO = mustAppend $volsRWO $name -}} - {{- end -}} - {{- end -}} - - {{/* If there are any RWO vols, do some checks and add warnings */}} - {{- if gt (len $volsRWO) 0 -}} - {{/* RWO + replicas > 1 is a no-no */}} - {{- if gt $replicas 1 -}} - {{- include "add.warning" (dict "rootCtx" $rootCtx "warn" (printf - "WARNING: The [accessModes] on volume(s) [%s] is set to [ReadWriteOnce] with a more than 1 replica. This is not stables" (join "," $volsRWO) - )) -}} - {{- else -}} - {{/* DaemonSets and StatefulSets can have RWO with 1 replica under their supported strategies (OnDelete, RollingUpdate) */}} - - {{- if eq $resource "Deployment" -}} - - {{/* On Deployments with single replicas, warn if strategy is not recreate */}} - {{- if eq $strategy "Recreate" -}} - {{- include "add.warning" (dict "rootCtx" $rootCtx "warn" (printf - "WARNING: The [accessModes] on volume(s) [%s] is set to [ReadWriteOnce] with a single replica and an strategy of [%s]. %s" - (join "," $volsRWO) $strategy "This is not stable, defaulting to [Recreate] strategy" - )) -}} - {{- end -}} - {{- $strategy = "Recreate" -}} - - {{- end -}} - {{- end -}} - {{- end -}} - - {{/* Update strategy */}} - {{- $_ := set $objectData "strategy" $strategy -}} -{{- end -}} diff --git a/charts/common/templates/lib/workload/validation/_cronjobValidation.tpl b/charts/common/templates/lib/workload/validation/_cronjobValidation.tpl deleted file mode 100644 index 26604a0..0000000 --- a/charts/common/templates/lib/workload/validation/_cronjobValidation.tpl +++ /dev/null @@ -1,29 +0,0 @@ -{{/* CronJob Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.cronjobValidation" (dict "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - completionMode: The completionMode of the object. - completions: The completions of the object. - parallelism: The parallelism of the object. -*/}} -{{- define "tc.v1.common.lib.workload.cronjobValidation" -}} - {{- $objectData := .objectData -}} - - {{- if $objectData.concurrencyPolicy -}} - {{- $concurrencyPolicy := $objectData.concurrencyPolicy -}} - - {{- $policies := (list "Allow" "Forbid" "Replace") -}} - {{- if not (mustHas $concurrencyPolicy $policies) -}} - {{- fail (printf "CronJob - Expected [concurrencyPolicy] to be one of [%s], but got [%v]" (join ", " $policies) $concurrencyPolicy) -}} - {{- end -}} - - {{- end -}} - - {{- if not $objectData.schedule -}} - {{- fail "CronJob - Expected non-empty [schedule]" -}} - {{- end -}} - - {{/* CronJob contains a job inside, so we validate job values too */}} - {{- include "tc.v1.common.lib.workload.jobValidation" (dict "objectData" $objectData) -}} -{{- end -}} diff --git a/charts/common/templates/lib/workload/validation/_daemonsetValidation.tpl b/charts/common/templates/lib/workload/validation/_daemonsetValidation.tpl deleted file mode 100644 index 1283a03..0000000 --- a/charts/common/templates/lib/workload/validation/_daemonsetValidation.tpl +++ /dev/null @@ -1,30 +0,0 @@ -{{/* DaemonSet Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.daemonsetValidation" (dict "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - strategy: The strategy of the object. - rollingUpdate: The rollingUpdate of the object. -*/}} -{{- define "tc.v1.common.lib.workload.daemonsetValidation" -}} - {{- $objectData := .objectData -}} - - {{- if $objectData.strategy -}} - {{- $strategy := $objectData.strategy -}} - - {{- $strategies := (list "OnDelete" "RollingUpdate") -}} - {{- if not (mustHas $strategy $strategies) -}} - {{- fail (printf "DaemonSet - Expected [strategy] to be one of [%s], but got [%v]" (join ", " $strategies) $strategy) -}} - {{- end -}} - - {{- end -}} - - {{- if $objectData.rollingUpdate -}} - {{- $rollUp := $objectData.rollingUpdate -}} - - {{- if and $rollUp (not (kindIs "map" $rollUp)) -}} - {{- fail (printf "DaemonSet - Expected [rollingUpdate] to be a dictionary, but got [%v]" (kindOf $rollUp)) -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/workload/validation/_deploymentValidation.tpl b/charts/common/templates/lib/workload/validation/_deploymentValidation.tpl deleted file mode 100644 index 293d9f2..0000000 --- a/charts/common/templates/lib/workload/validation/_deploymentValidation.tpl +++ /dev/null @@ -1,30 +0,0 @@ -{{/* Deployment Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.deploymentValidation" (dict "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - strategy: The strategy of the object. - rollingUpdate: The rollingUpdate of the object. -*/}} -{{- define "tc.v1.common.lib.workload.deploymentValidation" -}} - {{- $objectData := .objectData -}} - - {{- if $objectData.strategy -}} - {{- $strategy := $objectData.strategy -}} - - {{- $strategies := (list "Recreate" "RollingUpdate") -}} - {{- if not (mustHas $strategy $strategies) -}} - {{- fail (printf "Deployment - Expected [strategy] to be one of [%s], but got [%v]" (join ", " $strategies) $strategy) -}} - {{- end -}} - - {{- end -}} - - {{- if $objectData.rollingUpdate -}} - {{- $rollUp := $objectData.rollingUpdate -}} - - {{- if and $rollUp (not (kindIs "map" $rollUp)) -}} - {{- fail (printf "Deployment - Expected [rollingUpdate] to be a dictionary, but got [%v]" (kindOf $rollUp)) -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/workload/validation/_jobValidation.tpl b/charts/common/templates/lib/workload/validation/_jobValidation.tpl deleted file mode 100644 index a68027e..0000000 --- a/charts/common/templates/lib/workload/validation/_jobValidation.tpl +++ /dev/null @@ -1,32 +0,0 @@ -{{/* Job Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.jobValidation" (dict "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - completionMode: The completionMode of the object. - completions: The completions of the object. - parallelism: The parallelism of the object. -*/}} -{{- define "tc.v1.common.lib.workload.jobValidation" -}} - {{- $objectData := .objectData -}} - - {{- if $objectData.completionMode -}} - {{- $completionMode := $objectData.completionMode -}} - - {{- if not (mustHas $completionMode (list "Indexed" "NonIndexed")) -}} - {{- fail (printf "Job - Expected [completionMode] to be one of [Indexed, NonIndexed], but got [%v]" $completionMode) -}} - {{- end -}} - - {{- if eq $completionMode "Indexed" -}} - {{- if not $objectData.completions -}} - {{- fail "Job - Expected [completions] to be set when [completionMode] is set to [Indexed]" -}} - {{- end -}} - - {{- if not $objectData.parallelism -}} - {{- fail "Job - Expected [parallelism] to be set when [completionMode] is set to [Indexed]" -}} - {{- end -}} - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/lib/workload/validation/_statefusetValidation.tpl b/charts/common/templates/lib/workload/validation/_statefusetValidation.tpl deleted file mode 100644 index 4bfd4b2..0000000 --- a/charts/common/templates/lib/workload/validation/_statefusetValidation.tpl +++ /dev/null @@ -1,30 +0,0 @@ -{{/* StatefulSet Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.statefulsetValidation" (dict "objectData" $objectData) -}} -rootCtx: The root context of the chart. -objectData: - strategy: The strategy of the object. - rollingUpdate: The rollingUpdate of the object. -*/}} -{{- define "tc.v1.common.lib.workload.statefulsetValidation" -}} - {{- $objectData := .objectData -}} - - {{- if $objectData.strategy -}} - {{- $strategy := $objectData.strategy -}} - - {{- $strategies := (list "OnDelete" "RollingUpdate") -}} - {{- if not (mustHas $strategy $strategies) -}} - {{- fail (printf "StatefulSet - Expected [strategy] to be one of [%s], but got [%v]" (join ", " $strategies) $strategy) -}} - {{- end -}} - - {{- end -}} - - {{- if $objectData.rollingUpdate -}} - {{- $rollUp := $objectData.rollingUpdate -}} - - {{- if and $rollUp (not (kindIs "map" $rollUp)) -}} - {{- fail (printf "StatefulSet - Expected [rollingUpdate] to be a dictionary, but got [%v]" (kindOf $rollUp)) -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/lib/workload/validation/_workloadValidation.tpl b/charts/common/templates/lib/workload/validation/_workloadValidation.tpl deleted file mode 100644 index 052def5..0000000 --- a/charts/common/templates/lib/workload/validation/_workloadValidation.tpl +++ /dev/null @@ -1,43 +0,0 @@ -{{/* Workload Basic Validation */}} -{{/* Call this template: -{{ include "tc.v1.common.lib.workload.primaryValidation" $ -}} -*/}} -{{- define "tc.v1.common.lib.workload.primaryValidation" -}} - - {{/* Initialize values */}} - {{- $hasPrimary := false -}} - {{- $hasEnabled := false -}} - - {{/* Go over workload */}} - {{- range $name, $workload := .Values.workload -}} - - {{/* If workload is enabled */}} - {{- if $workload.enabled -}} - - {{- $types := (list "Deployment" "StatefulSet" "DaemonSet" "Job" "CronJob") -}} - {{- if not (mustHas $workload.type $types) -}} - {{- fail (printf "Workload - Expected [type] to be one of [%s], but got [%s]" (join ", " $types) $workload.type) -}} - {{- end -}} - - {{- $hasEnabled = true -}} - - {{/* And workload is primary */}} - {{- if $workload.primary -}} - {{/* Fail if there is already a primary workload */}} - {{- if $hasPrimary -}} - {{- fail "Workload - Only one workload can be primary" -}} - {{- end -}} - - {{- $hasPrimary = true -}} - - {{- end -}} - {{- end -}} - - {{- end -}} - - {{/* Require at one primary workload, if any enabled */}} - {{- if and $hasEnabled (not $hasPrimary) -}} - {{- fail "Workload - One enabled workload must be primary" -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/loader/_all.tpl b/charts/common/templates/loader/_all.tpl deleted file mode 100644 index 2983499..0000000 --- a/charts/common/templates/loader/_all.tpl +++ /dev/null @@ -1,8 +0,0 @@ -{{/* Main entrypoint for the library */}} -{{- define "tc.v1.common.loader.all" -}} - - {{- include "tc.v1.common.loader.init" . -}} - - {{- include "tc.v1.common.loader.apply" . -}} - -{{- end -}} diff --git a/charts/common/templates/loader/_apply.tpl b/charts/common/templates/loader/_apply.tpl deleted file mode 100644 index 20a634d..0000000 --- a/charts/common/templates/loader/_apply.tpl +++ /dev/null @@ -1,79 +0,0 @@ -{{/* Loads all spawners */}} -{{- define "tc.v1.common.loader.apply" -}} - - {{/* Inject custom tpl files, as defined in values.yaml */}} - {{- include "tc.v1.common.spawner.extraTpl" . | nindent 0 -}} - - {{/* Ensure automatic permissions containers are injected */}} - {{- include "tc.v1.common.lib.util.autoperms.job" $ -}} - - {{/* Make sure there are not any YAML errors */}} - {{- include "tc.v1.common.values.validate" .Values -}} - - {{/* Render ConfigMap(s) */}} - {{- include "tc.v1.common.spawner.configmap" . | nindent 0 -}} - - {{/* Render priorityclass(s) */}} - {{- include "tc.v1.common.spawner.priorityclass" . | nindent 0 -}} - - {{/* Render Secret(s) */}} - {{- include "tc.v1.common.spawner.secret" . | nindent 0 -}} - - {{/* Render Image Pull Secrets(s) */}} - {{- include "tc.v1.common.spawner.imagePullSecret" . | nindent 0 -}} - - {{/* Render Service Accounts(s) */}} - {{- include "tc.v1.common.spawner.serviceAccount" . | nindent 0 -}} - - {{/* Render RBAC(s) */}} - {{- include "tc.v1.common.spawner.rbac" . | nindent 0 -}} - - {{/* Render Workload(s) */}} - {{- include "tc.v1.common.spawner.workload" . | nindent 0 -}} - - {{/* Render Services(s) */}} - {{- include "tc.v1.common.spawner.service" . | nindent 0 -}} - - {{/* Render storageClass(s) */}} - {{- include "tc.v1.common.spawner.storageclass" . | nindent 0 -}} - - {{/* Render PVC(s) */}} - {{- include "tc.v1.common.spawner.pvc" . | nindent 0 -}} - - {{/* Render volumeSnapshot(s) */}} - {{- include "tc.v1.common.spawner.volumesnapshot" . | nindent 0 -}} - - {{/* Render volumeSnapshotClass(s) */}} - {{- include "tc.v1.common.spawner.volumesnapshotclass" . | nindent 0 -}} - - {{/* Render Middleware(s) */}} - {{- include "tc.v1.common.spawner.traefik.middleware" . | nindent 0 -}} - - {{/* Render ingress(s) */}} - {{- include "tc.v1.common.spawner.ingress" . | nindent 0 -}} - - {{/* Render Gateway API Route(s) */}} - {{- include "tc.v1.common.spawner.routes" . | nindent 0 -}} - - {{/* Render Horizontal Pod Autoscalers(s) */}} - {{- include "tc.v1.common.spawner.hpa" . | nindent 0 -}} - - {{/* Render Networkpolicy(s) */}} - {{- include "tc.v1.common.spawner.networkpolicy" . | nindent 0 -}} - - {{/* Render podDisruptionBudget(s) */}} - {{- include "tc.v1.common.spawner.podDisruptionBudget" . | nindent 0 -}} - - {{/* Render webhook(s) */}} - {{- include "tc.v1.common.spawner.webhook" . | nindent 0 -}} - - {{/* Render Prometheus Metrics(s) */}} - {{- include "tc.v1.common.spawner.metrics" . | nindent 0 -}} - - {{/* Render Cert-Manager Certificates(s) */}} - {{- include "tc.v1.common.spawner.certificate" . | nindent 0 -}} - - {{/* Render Vertical Pod Autoscaler */}} - {{ include "tc.v1.common.spawner.vpa" . | nindent 0 -}} - -{{- end -}} diff --git a/charts/common/templates/loader/_init.tpl b/charts/common/templates/loader/_init.tpl deleted file mode 100644 index 6a2f78e..0000000 --- a/charts/common/templates/loader/_init.tpl +++ /dev/null @@ -1,53 +0,0 @@ -{{/* Initialiaze values of the chart */}} -{{- define "tc.v1.common.loader.init" -}} - - {{- include "tc.v1.common.check.capabilities" . -}} - - {{/* Merge chart values and the common chart defaults */}} - {{- include "tc.v1.common.values.init" . -}} - - {{/* Ensure TrueCharts chart context information is available */}} - {{- include "tc.v1.common.lib.util.chartcontext" . -}} - - {{/* Autogenerate postgresql passwords if needed */}} - {{- include "tc.v1.common.spawner.cnpg" . }} - - {{/* Autogenerate redis passwords if needed */}} - {{- include "tc.v1.common.dependencies.redis.injector" . }} - - {{/* Autogenerate mariadb passwords if needed */}} - {{- include "tc.v1.common.dependencies.mariadb.injector" . }} - - {{/* Autogenerate mongodb passwords if needed */}} - {{- include "tc.v1.common.dependencies.mongodb.injector" . }} - - {{/* Autogenerate clickhouse passwords if needed */}} - {{- include "tc.v1.common.dependencies.clickhouse.injector" . }} - - {{/* Autogenerate solr passwords if needed */}} - {{- include "tc.v1.common.dependencies.solr.injector" . }} - - {{/* Enable code-server add-on if required */}} - {{- if .Values.addons.codeserver.enabled }} - {{- include "tc.v1.common.addon.codeserver" . }} - {{- end -}} - - {{/* Enable gluetun add-on if required */}} - {{- if and .Values.addons.gluetun .Values.addons.gluetun.enabled -}} - {{- include "tc.v1.common.addon.gluetun" . }} - {{- end -}} - - {{/* Enable tailscale add-on if required */}} - {{- if and .Values.addons.tailscale .Values.addons.tailscale.enabled -}} - {{- include "tc.v1.common.addon.tailscale" . }} - {{- end -}} - - {{/* Enable netshoot add-on if required */}} - {{- if and .Values.addons.netshoot .Values.addons.netshoot.enabled }} - {{- include "tc.v1.common.addon.netshoot" . }} - {{- end -}} - - {{/* Append database wait containers to pods */}} - {{- include "tc.v1.common.lib.deps.wait" $ }} - -{{- end -}} diff --git a/charts/common/templates/spawner/_cnpg.tpl b/charts/common/templates/spawner/_cnpg.tpl deleted file mode 100644 index 40a0b11..0000000 --- a/charts/common/templates/spawner/_cnpg.tpl +++ /dev/null @@ -1,76 +0,0 @@ -{{/* Renders the cnpg objects required by the chart */}} -{{- define "tc.v1.common.spawner.cnpg" -}} - - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $cnpg := $.Values.cnpg -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $cnpg - "name" $name "caller" "CNPG" - "key" "cnpg")) -}} - - {{/* Create a copy */}} - {{- $objectData := mustDeepCopy $cnpg -}} - {{- $objectName := printf "%s-cnpg-%s" $fullname $name -}} - - {{/* Set the name */}} - {{- $_ := set $objectData "name" $objectName -}} - {{/* Short name is the one that defined on the chart*/}} - {{- $_ := set $objectData "shortName" $name -}} - {{/* Set the cluster name */}} - {{- $_ := set $objectData "clusterName" $objectData.name -}} - - {{- if eq $enabled "true" -}} - - {{/* Handle version string */}} - {{- $pgVersion := ($objectData.pgVersion | default $.Values.global.fallbackDefaults.cnpg.pgVersion) | toString -}} - - {{/* Set the updated pgVersion version to objectData */}} - {{- $_ := set $objectData "pgVersion" $pgVersion -}} - - {{/* allow for injecting major upgrade code */}} - {{- if $objectData.upgradeMajor -}} - {{/* TODO: actually handle postgres version updates here */}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Handle Backups/ScheduledBackups */}} - {{- if and (hasKey $objectData "backups") $objectData.backups.enabled -}} - - {{/* Create Backups */}} - {{- include "tc.v1.common.lib.cnpg.spawner.backups" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{/* Create ScheduledBackups */}} - {{- include "tc.v1.common.lib.cnpg.spawner.scheduledBackups" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{/* Create secret for backup store */}} - {{- include "tc.v1.common.lib.cnpg.provider.secret.spawner" (dict "rootCtx" $ "objectData" $objectData "type" "backup") -}} - {{- end -}} - - {{/* Handle Pooler(s) */}} - {{- if and $objectData.pooler $objectData.pooler.enabled -}} - {{- include "tc.v1.common.lib.cnpg.spawner.pooler" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- end -}} - - {{/* Handle Cluster */}} - {{/* Validate Cluster */}} - {{- include "tc.v1.common.lib.cnpg.cluster.validation" (dict "objectData" $objectData) -}} - - {{- if and (eq $objectData.mode "recovery") (eq $objectData.recovery.method "object_store") -}} - {{/* Create secret for recovery store */}} - {{- include "tc.v1.common.lib.cnpg.provider.secret.spawner" (dict "rootCtx" $ "objectData" $objectData "type" "recovery") -}} - {{- end -}} - - {{/* Create the Cluster object */}} - {{- include "tc.v1.common.class.cnpg.cluster" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{/* TODO: Create configmaps for cluster.monitoring.customQueries */}} - - {{/* Handle DB Credentials Secret, will also inject creds to cnpg.creds */}} - {{- include "tc.v1.common.lib.cnpg.db.credentials.secrets" (dict "rootCtx" $ "cnpg" $cnpg "objectData" $objectData) -}} - {{- end -}} - - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/spawner/_configmap.tpl b/charts/common/templates/spawner/_configmap.tpl deleted file mode 100644 index eb3f4a0..0000000 --- a/charts/common/templates/spawner/_configmap.tpl +++ /dev/null @@ -1,50 +0,0 @@ -{{/* Configmap Spawwner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.configmap" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.configmap" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $configmap := .Values.configmap -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $configmap - "name" $name "caller" "ConfigMap" - "key" "configmap")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the configmap */}} - {{- $objectData := (mustDeepCopy $configmap) -}} - - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "ConfigMap" - "key" "configmap")) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} {{/* Configmaps have a max name length of 253 */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName "length" 253) -}} - {{- include "tc.v1.common.lib.configmap.validation" (dict "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "ConfigMap") -}} - - {{/* Set the name of the configmap */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.configmap" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/spawner/_extraTpl.tpl b/charts/common/templates/spawner/_extraTpl.tpl deleted file mode 100644 index 701fb04..0000000 --- a/charts/common/templates/spawner/_extraTpl.tpl +++ /dev/null @@ -1,13 +0,0 @@ -{{- define "tc.v1.common.spawner.extraTpl" -}} - {{- range $item := .Values.extraTpl }} - {{- if not $item -}} - {{- fail "Extra tpl - Expected non-empty [extraTpl] item" -}} - {{- end }} ---- - {{- if kindIs "string" $item }} - {{- tpl $item $ | nindent 0 }} - {{- else }} - {{- tpl ($item | toYaml) $ | nindent 0 }} - {{- end }} - {{- end }} -{{- end }} diff --git a/charts/common/templates/spawner/_horizontalPodAutoscaler.tpl b/charts/common/templates/spawner/_horizontalPodAutoscaler.tpl deleted file mode 100644 index a88ebaa..0000000 --- a/charts/common/templates/spawner/_horizontalPodAutoscaler.tpl +++ /dev/null @@ -1,69 +0,0 @@ -{{/* horizontal Pod Autoscaler Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.hpa" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.hpa" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - {{- range $name, $hpa := .Values.hpa -}} - {{- $enabledHPA := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $hpa - "name" $name "caller" "Horizontal Pod Autoscaler" - "key" "hpa")) -}} - - {{- if ne $enabledHPA "true" -}}{{- continue -}}{{- end -}} - - {{- $objectData := (mustDeepCopy $hpa) -}} - {{- $_ := set $objectData "hpaName" $name -}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $name) -}} - - {{- range $workloadName, $workload := $.Values.workload -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $workload - "name" $name "caller" "hpa" - "key" "workload")) -}} - - {{- if ne $enabled "true" -}}{{- continue -}}{{- end -}} - {{- $containerNames := list -}} - {{- range $cName, $c := $workload.podSpec.containers -}} - {{- $enabledContainer := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $c - "name" $cName "caller" "Vertical Pod Autoscaler" - "key" "workload.podSpec.containers")) -}} - {{- if ne $enabledContainer "true" -}}{{- continue -}}{{- end -}} - {{- $containerNames = mustAppend $containerNames $cName -}} - {{- end -}} - {{- $_ := set $objectData "containerNames" $containerNames -}} - {{- include "tc.v1.common.lib.hpa.validation" (dict "objectData" $objectData "rootCtx" $) -}} - - {{/* Create a copy of the workload */}} - {{- $_ := set $objectData "workload" (mustDeepCopy $workload) -}} - - {{/* Generate the name of the hpa */}} - {{- $objectName := $fullname -}} - {{- if not $objectData.workload.primary -}} - {{- $objectName = printf "%s-%s" $fullname $workloadName -}} - {{- end -}} - - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Horizontal Pod Autoscaler") -}} - - {{/* Set the name of the workload */}} - {{- $_ := set $objectData "name" $objectName -}} - - {{/* Short name is the one that defined on the chart, used on selectors */}} - {{- $_ := set $objectData "shortName" $workloadName -}} - - {{- if or (not $objectData.targetSelector) (mustHas $workloadName $objectData.targetSelector) -}} - {{/* Call class to create the object */}} - {{- $types := (list "Deployment" "StatefulSet" "DaemonSet") -}} - {{- if (mustHas $objectData.workload.type $types) -}} - {{- include "tc.v1.common.class.hpa" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- end -}} - {{- end -}} - - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/spawner/_imagePullSecret.tpl b/charts/common/templates/spawner/_imagePullSecret.tpl deleted file mode 100644 index 5dfb309..0000000 --- a/charts/common/templates/spawner/_imagePullSecret.tpl +++ /dev/null @@ -1,51 +0,0 @@ -{{/* Image Pull Secrets Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.imagePullSecret" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.imagePullSecret" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $imgPullSecret := .Values.imagePullSecret -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $imgPullSecret - "name" $name "caller" "Image Pull Secret" - "key" "imagePullSecret")) -}} - - {{- if $imgPullSecret.existingSecret -}} - {{- continue -}} - {{- end -}} - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the configmap */}} - {{- $objectData := (mustDeepCopy $imgPullSecret) -}} - - {{- $objectName := (printf "%s-%s" $fullname $name) -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} {{/* Secrets have a max name length of 253 */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName "length" 253) -}} - {{- include "tc.v1.common.lib.imagePullSecret.validation" (dict "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Image Pull Secret") -}} - {{- $data := include "tc.v1.common.lib.imagePullSecret.createData" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{/* Update the data */}} - {{- $_ := set $objectData "data" $data -}} - - {{/* Set the type to Image Pull Secret */}} - {{- $_ := set $objectData "type" "imagePullSecret" -}} - - {{/* Set the name of the image pull secret */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.secret" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/spawner/_ingress.tpl b/charts/common/templates/spawner/_ingress.tpl deleted file mode 100644 index 8f79130..0000000 --- a/charts/common/templates/spawner/_ingress.tpl +++ /dev/null @@ -1,90 +0,0 @@ -{{/* Ingress Spawwner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.ingress" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.ingress" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{/* Validate that only 1 primary exists */}} - {{- include "tc.v1.common.lib.ingress.primaryValidation" $ -}} - - {{- range $name, $ingress := .Values.ingress -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $ingress - "name" $name "caller" "Ingress" - "key" "ingress")) -}} - - {{- if and (eq $enabled "false") ($ingress.required) -}} - {{- fail (printf "Ingress - Expected ingress [%s] to be enabled. This chart is designed to work only with ingress enabled." $name) -}} - {{- end -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the ingress */}} - {{- $objectData := (mustDeepCopy $ingress) -}} - - {{/* Init object name */}} - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Ingress" - "key" "ingress")) -}} - - {{- if eq $expandName "true" -}} - {{/* Expand the name of the service if expandName resolves to true */}} - {{- $objectName = $fullname -}} - {{- end -}} - - {{- if and (eq $expandName "true") (not $objectData.primary) -}} - {{/* If the ingress is not primary append its name to fullname */}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName "length" 253) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Ingress") -}} - {{- include "tc.v1.common.lib.ingress.validation" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{/* Set the name of the ingress */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.ingress" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- $hasCertIssuer := false -}} - {{- if $objectData.integrations -}} - {{- if and $objectData.integrations.certManager $objectData.integrations.certManager.enabled -}} - {{- $hasCertIssuer = true -}} - {{- end -}} - {{- end -}} - - {{- if not $hasCertIssuer -}} - {{- range $idx, $tlsData := $objectData.tls -}} - {{- if $tlsData.certificateIssuer -}} - {{- $certName := printf "%s-tls-%d" $objectData.name ($idx | int) -}} - - {{- $certObjData := (dict - "name" $certName "shortName" $name - "hosts" $tlsData.hosts - "certificateIssuer" $tlsData.certificateIssuer - ) -}} - - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $certName) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $certObjData "caller" "Ingress (certificateIssuer)") -}} - {{- include "tc.v1.common.lib.certificate.validation" (dict "rootCtx" $ "objectData" $certObjData) -}} - - {{/* Create the certificate with the certData */}} - {{- include "tc.v1.common.class.certificate" (dict "rootCtx" $ "objectData" $certObjData) -}} - - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/spawner/_metrics.tpl b/charts/common/templates/spawner/_metrics.tpl deleted file mode 100644 index 7d72777..0000000 --- a/charts/common/templates/spawner/_metrics.tpl +++ /dev/null @@ -1,28 +0,0 @@ -{{/* Renders the Ingress objects required by the chart */}} -{{- define "tc.v1.common.spawner.metrics" -}} - {{/* Generate named metricses as required */}} - {{- range $name, $metrics := .Values.metrics -}} - {{- if $metrics.enabled -}} - {{- $metricsValues := $metrics -}} - - {{/* set defaults */}} - {{- if and (not $metricsValues.nameOverride) (ne $name (include "tc.v1.common.lib.util.metrics.primary" $)) -}} - {{- $_ := set $metricsValues "nameOverride" $name -}} - {{- end -}} - - {{- $_ := set $ "ObjectValues" (dict "metrics" $metricsValues) -}} - {{- if eq $metricsValues.type "podmonitor" -}} - {{- include "tc.v1.common.class.podmonitor" $ -}} - {{- else if eq $metricsValues.type "servicemonitor" -}} - {{- include "tc.v1.common.class.servicemonitor" $ -}} - {{- else -}} - {{/* TODO: Add Fail case */}} - {{- end -}} - - {{- if $metricsValues.PrometheusRule -}} - {{- include "tc.v1.common.class.prometheusrule" $ -}} - {{- end -}} - - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/spawner/_networkPolicy.tpl b/charts/common/templates/spawner/_networkPolicy.tpl deleted file mode 100644 index 46e4ea2..0000000 --- a/charts/common/templates/spawner/_networkPolicy.tpl +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -Renders the networkPolicy objects required by the chart. -*/}} -{{- define "tc.v1.common.spawner.networkpolicy" -}} - {{/* Generate named networkpolicy as required */}} - {{- range $name, $networkPolicy := .Values.networkPolicy -}} - {{- if $networkPolicy.enabled -}} - {{- $networkPolicyValues := $networkPolicy -}} - - {{/* set the default nameOverride to the networkpolicy name */}} - {{- if not $networkPolicyValues.nameOverride -}} - {{- $_ := set $networkPolicyValues "nameOverride" $name -}} - {{- end -}} - - {{- $_ := set $ "ObjectValues" (dict "networkPolicy" $networkPolicyValues) -}} - {{- include "tc.v1.common.class.networkpolicy" $ -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/spawner/_podDisruptionBudget.tpl b/charts/common/templates/spawner/_podDisruptionBudget.tpl deleted file mode 100644 index 053e33f..0000000 --- a/charts/common/templates/spawner/_podDisruptionBudget.tpl +++ /dev/null @@ -1,50 +0,0 @@ -{{/* poddisruptionbudget Spawwner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.podDisruptionBudget" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.podDisruptionBudget" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $pdb := .Values.podDisruptionBudget -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $pdb - "name" $name "caller" "Pod Disruption Budget" - "key" "podDisruptionBudget")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the poddisruptionbudget */}} - {{- $objectData := (mustDeepCopy $pdb) -}} - - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Pod Disruption Budget" - "key" "podDisruptionBudget")) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Pod Disruption Budget") -}} - - {{/* Set the name of the poddisruptionbudget */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{- include "tc.v1.common.lib.podDisruptionBudget.validation" (dict "objectData" $objectData "rootCtx" $) -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.podDisruptionBudget" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/spawner/_priorityClass.tpl b/charts/common/templates/spawner/_priorityClass.tpl deleted file mode 100644 index 97a5d13..0000000 --- a/charts/common/templates/spawner/_priorityClass.tpl +++ /dev/null @@ -1,51 +0,0 @@ -{{/* Priority Class Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.priorityclass" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.priorityclass" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $priorityclass := .Values.priorityClass -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $priorityclass - "name" $name "caller" "Priority Class" - "key" "priorityClass")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the priorityclass */}} - {{- $objectData := (mustDeepCopy $priorityclass) -}} - - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Priority Class" - "key" "priorityClass")) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} {{/* priorityclasss have a max name length of 253 */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName "length" 253) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "priorityclass") -}} - - {{/* Set the name of the priorityclass */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Validate */}} - {{- include "tc.v1.common.lib.priorityclass.validation" (dict "rootCtx" $ "objectData" $objectData) -}} - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.priorityclass" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/spawner/_pvc.tpl b/charts/common/templates/spawner/_pvc.tpl deleted file mode 100644 index b4b3b06..0000000 --- a/charts/common/templates/spawner/_pvc.tpl +++ /dev/null @@ -1,192 +0,0 @@ -{{/* PVC Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.pvc" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.pvc" -}} - - {{- range $name, $persistence := .Values.persistence -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $persistence - "name" $name "caller" "Persistence" - "key" "persistence")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the persistence */}} - {{- $objectData := (mustDeepCopy $persistence) -}} - - {{- $_ := set $objectData "type" ($objectData.type | default $.Values.global.fallbackDefaults.persistenceType) -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform general validations */}} - {{- include "tc.v1.common.lib.persistence.validation" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Persistence") -}} - - {{/* Only spawn PVC if its enabled and any type of "pvc" */}} - {{- $types := (list "pvc") -}} - {{- if and (mustHas $objectData.type $types) (not $objectData.existingClaim) -}} - - {{/* Set the name of the PVC */}} - {{- $_ := set $objectData "name" (include "tc.v1.common.lib.storage.pvc.name" (dict "rootCtx" $ "objectName" $name "objectData" $objectData)) -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{- if and $objectData.static $objectData.static.mode (ne $objectData.static.mode "disabled") -}} - {{- $_ := set $objectData "storageClass" ($objectData.storageClass | default $objectData.name) -}} - {{- $_ := set $objectData "volumeName" $objectData.name -}} - - {{- if eq $objectData.static.mode "smb" -}} - {{/* Validate SMB CSI */}} - {{- include "tc.v1.common.lib.storage.smbCSI.validation" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- $_ := set $objectData "provisioner" "smb.csi.k8s.io" -}} - {{- $_ := set $objectData.static "driver" "smb.csi.k8s.io" -}} - - {{/* Create secret with creds */}} - {{- $secretData := (dict - "name" $objectData.name - "labels" ($objectData.labels | default dict) - "annotations" ($objectData.annotations | default dict) - "data" (dict "username" $objectData.static.username "password" $objectData.static.password) - ) -}} - {{- with $objectData.domain -}} - {{- $_ := set $secretData.data "domain" . -}} - {{- end -}} - {{- include "tc.v1.common.class.secret" (dict "rootCtx" $ "objectData" $secretData) -}} - - {{- else if eq $objectData.static.mode "nfs" -}} - {{/* Validate NFS CSI */}} - {{- include "tc.v1.common.lib.storage.nfsCSI.validation" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- $_ := set $objectData "provisioner" "nfs.csi.k8s.io" -}} - {{- $_ := set $objectData.static "driver" "nfs.csi.k8s.io" -}} - - {{- else if eq $objectData.static.mode "custom" -}} - - {{- $_ := set $objectData "provisioner" $objectData.static.provisioner -}} - {{- $_ := set $objectData.static "driver" $objectData.static.driver -}} - - {{- end -}} - - {{/* Create the PV */}} - {{- include "tc.v1.common.class.pv" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- else if $objectData.volumeName -}} - - {{- $_ := set $objectData "storageClass" ($objectData.storageClass | default $objectData.name) -}} - - {{- end -}} - - {{/* Create VolSync objects */}} - {{- range $volsync := $objectData.volsync -}} - {{- $srcEnabled := eq (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $volsync.src - "name" $volsync.name "caller" "VolSync Source" - "key" "volsync")) "true" -}} - {{- $destEnabled := eq (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $volsync.dest - "name" $volsync.name "caller" "VolSync Destination" - "key" "volsync")) "true" -}} - - {{- if or $srcEnabled $destEnabled -}} - {{- $volsyncData := (mustDeepCopy $volsync) -}} - - {{- include "tc.v1.common.lib.volsync.validation" (dict "objectData" $volsyncData "rootCtx" $) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $volsyncData "caller" "PVC - VolSync") -}} - - {{/* Create Secret for VolSync */}} - {{- $volsyncSecretName := printf "%s-volsync-%s" $objectData.name $volsyncData.name -}} - {{- $_ := set $volsyncData "repository" $volsyncSecretName -}} - - {{- $credentials := get $.Values.credentials $volsync.credentials -}} - - {{/* Only amazon needs the https:// trimmed, anything else requires it */}} - {{- $url := $credentials.url -}} - {{- if hasPrefix "https://s3." $url -}} - {{- $url = trimPrefix "https://" $url -}} - {{- end -}} - - {{- $baseRepo := printf "s3:%s/%s" $url $credentials.bucket -}} - {{- $repoSuffix := printf "%s/volsync/%s-volsync-%s" $.Release.Name $objectData.shortName $volsyncData.name -}} - {{- $resticrepository := printf "%s/%s" $baseRepo $repoSuffix -}} - {{- if $credentials.path -}} - {{- $resticrepository = printf "%s/%s/%s" $baseRepo ($credentials.path | trimSuffix "/") $repoSuffix -}} - {{- end -}} - - {{- $volsyncSecretData := (dict - "name" $volsyncSecretName - "labels" ($volsync.labels | default dict) - "annotations" ($volsync.annotations | default dict) - "data" (dict - "RESTIC_REPOSITORY" $resticrepository - "RESTIC_PASSWORD" $credentials.encrKey - "AWS_ACCESS_KEY_ID" $credentials.accessKey - "AWS_SECRET_ACCESS_KEY" $credentials.secretKey - ) - ) -}} - - {{- include "tc.v1.common.class.secret" (dict "rootCtx" $ "objectData" $volsyncSecretData) -}} - {{/* Create VolSync resources*/}} - {{- if $srcEnabled -}} - {{- include "tc.v1.common.class.replicationsource" (dict "rootCtx" $ "objectData" $objectData "volsyncData" $volsyncData) -}} - {{- end -}} - - {{- if $destEnabled -}} - {{- include "tc.v1.common.class.replicationdestination" (dict "rootCtx" $ "objectData" $objectData "volsyncData" $volsyncData) -}} - - {{/* modify PVC if enabled */}} - {{- $destname := printf "%s-%s-dest" $objectData.name $volsyncData.name -}} - {{- $datasourceref := dict "kind" "ReplicationDestination" "apiGroup" "volsync.backube" "name" $destname -}} - {{- $_ := set $objectData "dataSourceRef" $datasourceref -}} - {{- end -}} - {{- end -}} - {{- end -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.pvc" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{/* Create VolumeSnapshots */}} - {{- range $volSnap := $objectData.volumeSnapshots -}} - - {{/* Create a copy of the volumesnapshot */}} - {{- $volSnapData := (mustDeepCopy $volSnap) -}} - {{/* PVC FullName - Snapshot Name*/}} - {{- $snapshotName := printf "%s-%s" $objectData.name $volSnap.name -}} - - {{/* Perform validations */}} {{/* volumesnapshots have a max name length of 253 */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $snapshotName "length" 253) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $volSnapData "caller" "PVC - Volume Snapshot") -}} - - {{/* Set the name of the volumesnapshot */}} - {{- $_ := set $volSnapData "name" $snapshotName -}} - {{- $_ := set $volSnapData "shortName" $volSnap.name -}} - {{- $_ := set $volSnapData "source" (dict "persistentVolumeClaimName" $objectData.name) -}} - - {{- include "tc.v1.common.lib.volumesnapshot.validation" (dict "objectData" $volSnapData) -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.volumesnapshot" (dict "rootCtx" $ "objectData" $volSnapData) -}} - {{- end -}} - {{- end -}} - - {{- if eq $objectData.type "iscsi" -}} - {{- if or $objectData.iscsi.authSession $objectData.iscsi.authDiscovery -}} - {{/* Set the name of the PVC */}} - {{- $_ := set $objectData "name" (include "tc.v1.common.lib.storage.pvc.name" (dict "rootCtx" $ "objectName" $name "objectData" $objectData)) -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{- $secretData := (dict - "name" $objectData.name - "labels" ($objectData.labels | default dict) - "annotations" ($objectData.annotations | default dict) - "type" "kubernetes.io/iscsi-chap" - "data" (include "tc.v1.common.lib.storage.iscsi.chap" (dict "rootCtx" $ "objectData" $objectData) | fromJson) - ) -}} - {{- include "tc.v1.common.class.secret" (dict "rootCtx" $ "objectData" $secretData) -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/spawner/_rbac.tpl b/charts/common/templates/spawner/_rbac.tpl deleted file mode 100644 index 1ead85d..0000000 --- a/charts/common/templates/spawner/_rbac.tpl +++ /dev/null @@ -1,50 +0,0 @@ -{{/* RBAC Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.rbac" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.rbac" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{/* Primary validation for enabled rbacs. */}} - {{- include "tc.v1.common.lib.rbac.primaryValidation" $ -}} - - {{- range $name, $rbac := .Values.rbac -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $rbac - "name" $name "caller" "RBAC" - "key" "rbac")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the configmap */}} - {{- $objectData := (mustDeepCopy $rbac) -}} - - {{- $objectName := $fullname -}} - {{- if not $objectData.primary -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "RBAC") -}} - - {{/* Set the name of the rbac */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* If clusteWide key does not exist, assume false */}} - {{- if not (hasKey $objectData "clusterWide") -}} - {{- $_ := set $objectData "clusterWide" false -}} - {{- end -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.rbac" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/spawner/_route.tpl b/charts/common/templates/spawner/_route.tpl deleted file mode 100644 index 5ecf210..0000000 --- a/charts/common/templates/spawner/_route.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{/* Renders the Route objects required by the chart */}} -{{- define "tc.v1.common.spawner.routes" -}} - {{- /* Generate named routes as required */ -}} - {{- range $name, $route := .Values.route }} - {{- if $route.enabled -}} - {{- $routeValues := $route -}} - - {{/* set defaults */}} - {{- if and (not $routeValues.nameOverride) (ne $name (include "tc.v1.common.lib.util.route.primary" $)) -}} - {{- $_ := set $routeValues "nameOverride" $name -}} - {{- end -}} - - {{- $_ := set $ "ObjectValues" (dict "route" $routeValues) -}} - {{- include "tc.v1.common.class.route" $ | nindent 0 -}} - {{- $_ := unset $.ObjectValues "route" -}} - {{- end }} - {{- end }} -{{- end }} diff --git a/charts/common/templates/spawner/_secret.tpl b/charts/common/templates/spawner/_secret.tpl deleted file mode 100644 index 08b5168..0000000 --- a/charts/common/templates/spawner/_secret.tpl +++ /dev/null @@ -1,49 +0,0 @@ -{{/* Secret Spawwner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.secret" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.secret" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $secret := .Values.secret -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $secret - "name" $name "caller" "Secret" - "key" "secret")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the secret */}} - {{- $objectData := (mustDeepCopy $secret) -}} - - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Secret" - "key" "secret")) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} {{/* Secrets have a max name length of 253 */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName "length" 253) -}} - {{- include "tc.v1.common.lib.secret.validation" (dict "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Secret") -}} - - {{/* Set the name of the secret */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.secret" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/spawner/_service.tpl b/charts/common/templates/spawner/_service.tpl deleted file mode 100644 index 8d03e8b..0000000 --- a/charts/common/templates/spawner/_service.tpl +++ /dev/null @@ -1,73 +0,0 @@ -{{/* Service Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.service" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.service" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{/* Primary validation for enabled service. */}} - {{- include "tc.v1.common.lib.service.primaryValidation" $ -}} - {{/* Initialize with existing URLs or an empty list */}} - {{- $allUrls := $.Values.chartContext.internalUrls | default list -}} - - {{- range $name, $service := .Values.service -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $service - "name" $name "caller" "Service" - "key" "service")) -}} - - {{- if ne $enabled "true" -}}{{- continue -}}{{- end -}} - - {{/* Create a copy of the configmap */}} - {{- $objectData := (mustDeepCopy $service) -}} - {{- $namespace := (include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $ "objectData" $service "caller" "Service")) -}} - - {{/* Init object name */}} - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Service" - "key" "service")) -}} - - {{- if eq $expandName "true" -}} - {{/* Expand the name of the service if expandName resolves to true */}} - {{- $objectName = $fullname -}} - {{- end -}} - - {{- if and (eq $expandName "true") (not $objectData.primary) -}} - {{/* If the service is not primary append its name to fullname */}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Service") -}} - {{- include "tc.v1.common.lib.service.validation" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{/* Set the name of the service */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Now iterate over the ports in the service */}} - {{- range $port := $service.ports -}} - {{- $enabledP := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $port - "name" $name "caller" "service" - "key" "port")) -}} - {{- if ne $enabledP "true" -}}{{- continue -}}{{- end -}} - {{- $internalUrl := (printf "%s.%s.svc.cluster.local:%s" $objectName $namespace $port.port) -}} - {{/* Append URLS */}} - {{- $allUrls = mustAppend $allUrls $internalUrl -}} - {{- end -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.service" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- end -}} - - {{/* Update internalUrls after the loop */}} - {{- $_ := set $.Values.chartContext "internalUrls" $allUrls -}} -{{- end -}} diff --git a/charts/common/templates/spawner/_serviceAccount.tpl b/charts/common/templates/spawner/_serviceAccount.tpl deleted file mode 100644 index e1ab3a5..0000000 --- a/charts/common/templates/spawner/_serviceAccount.tpl +++ /dev/null @@ -1,45 +0,0 @@ -{{/* Service Account Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.serviceAccount" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.serviceAccount" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{/* Primary validation for enabled service accounts. */}} - {{- include "tc.v1.common.lib.serviceAccount.primaryValidation" $ -}} - - {{- range $name, $serviceAccount := .Values.serviceAccount -}} - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $serviceAccount - "name" $name "caller" "Service Account" - "key" "serviceAccount")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the configmap */}} - {{- $objectData := (mustDeepCopy $serviceAccount) -}} - - {{- $objectName := $fullname -}} - {{- if not $objectData.primary -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Service Account") -}} - - {{/* Set the name of the service account */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.serviceAccount" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/spawner/_storageClass.tpl b/charts/common/templates/spawner/_storageClass.tpl deleted file mode 100644 index dbbf511..0000000 --- a/charts/common/templates/spawner/_storageClass.tpl +++ /dev/null @@ -1,51 +0,0 @@ -{{/* Configmap Spawwner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.storageclass" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.storageclass" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $storageclass := .Values.storageClass -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $storageclass - "name" $name "caller" "Storage Class" - "key" "storageClass")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the storageclass */}} - {{- $objectData := (mustDeepCopy $storageclass) -}} - - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Storage Class" - "key" "storageClass")) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} {{/* Configmaps have a max name length of 253 */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName "length" 253) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "StorageClass") -}} - - {{/* Set the name of the storageclass */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Validate */}} - {{- include "tc.v1.common.lib.storageclass.validation" (dict "rootCtx" $ "objectData" $objectData) -}} - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.storageclass" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/spawner/_verticalPodAutoscaler.tpl b/charts/common/templates/spawner/_verticalPodAutoscaler.tpl deleted file mode 100644 index 4b1ea84..0000000 --- a/charts/common/templates/spawner/_verticalPodAutoscaler.tpl +++ /dev/null @@ -1,70 +0,0 @@ -{{/* Vertical Pod Autoscaler Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.vpa" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.vpa" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - {{- range $name, $vpa := .Values.vpa -}} - {{- $enabledVPA := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $vpa - "name" $name "caller" "Vertical Pod Autoscaler" - "key" "vpa")) -}} - - {{- if ne $enabledVPA "true" -}}{{- continue -}}{{- end -}} - - {{- $objectData := (mustDeepCopy $vpa) -}} - {{- $_ := set $objectData "vpaName" $name -}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $name) -}} - - {{- range $workloadName, $workload := $.Values.workload -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $workload - "name" $name "caller" "Vertical Pod Autoscaler" - "key" "workload")) -}} - - {{- if ne $enabled "true" -}}{{- continue -}}{{- end -}} - - {{- $containerNames := list -}} - {{- range $cName, $c := $workload.podSpec.containers -}} - {{- $enabledContainer := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $c - "name" $cName "caller" "Vertical Pod Autoscaler" - "key" "workload.podSpec.containers")) -}} - {{- if ne $enabledContainer "true" -}}{{- continue -}}{{- end -}} - {{- $containerNames = mustAppend $containerNames $cName -}} - {{- end -}} - {{- $_ := set $objectData "containerNames" $containerNames -}} - {{- include "tc.v1.common.lib.vpa.validation" (dict "objectData" $objectData "rootCtx" $) -}} - - {{/* Create a copy of the workload */}} - {{- $_ := set $objectData "workload" (mustDeepCopy $workload) -}} - - {{/* Generate the name of the vpa */}} - {{- $objectName := $fullname -}} - {{- if not $objectData.workload.primary -}} - {{- $objectName = printf "%s-%s" $fullname $workloadName -}} - {{- end -}} - - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Vertical Pod Autoscaler") -}} - - {{/* Set the name of the workload */}} - {{- $_ := set $objectData "name" $objectName -}} - - {{/* Short name is the one that defined on the chart, used on selectors */}} - {{- $_ := set $objectData "shortName" $workloadName -}} - - {{- if or (not $objectData.targetSelector) (mustHas $workloadName $objectData.targetSelector) -}} - {{/* Call class to create the object */}} - {{- $types := (list "Deployment" "StatefulSet" "DaemonSet") -}} - {{- if (mustHas $objectData.workload.type $types) -}} - {{- include "tc.v1.common.class.vpa" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- end -}} - {{- end -}} - - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/spawner/_volumeSnapshot.tpl b/charts/common/templates/spawner/_volumeSnapshot.tpl deleted file mode 100644 index d8309df..0000000 --- a/charts/common/templates/spawner/_volumeSnapshot.tpl +++ /dev/null @@ -1,50 +0,0 @@ -{{/* volumesnapshot Spawwner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.volumesnapshot" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.volumesnapshot" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $volumesnapshot := .Values.volumeSnapshots -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $volumesnapshot - "name" $name "caller" "Volume Snapshot" - "key" "volumeSnapshots")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the volumesnapshot */}} - {{- $objectData := (mustDeepCopy $volumesnapshot) -}} - - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Volume Snapshot" - "key" "volumeSnapshots")) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} {{/* volumesnapshots have a max name length of 253 */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName "length" 253) -}} - {{- include "tc.v1.common.lib.volumesnapshot.validation" (dict "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "VolumeSnapshot") -}} - - {{/* Set the name of the volumesnapshot */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.volumesnapshot" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/spawner/_volumeSnapshotClass.tpl b/charts/common/templates/spawner/_volumeSnapshotClass.tpl deleted file mode 100644 index 693651b..0000000 --- a/charts/common/templates/spawner/_volumeSnapshotClass.tpl +++ /dev/null @@ -1,50 +0,0 @@ -{{/* volumesnapshotclass Spawwner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.volumesnapshotclass" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.volumesnapshotclass" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $volumesnapshotclass := .Values.volumeSnapshotClass -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $volumesnapshotclass - "name" $name "caller" "Volume Snapshot Class" - "key" "volumeSnapshotClass")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the volumesnapshotclass */}} - {{- $objectData := (mustDeepCopy $volumesnapshotclass) -}} - - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Volume Snapshot Class" - "key" "volumeSnapshotClass")) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} {{/* volumesnapshotclasss have a max name length of 253 */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName "length" 253) -}} - {{- include "tc.v1.common.lib.volumesnapshotclass.validation" (dict "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Volume Snapshot Class") -}} - - {{/* Set the name of the volumesnapshotclass */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.volumesnapshotclass" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/spawner/_webhook.tpl b/charts/common/templates/spawner/_webhook.tpl deleted file mode 100644 index 1f7d318..0000000 --- a/charts/common/templates/spawner/_webhook.tpl +++ /dev/null @@ -1,56 +0,0 @@ -{{/* MutatingWebhookConfiguration Spawwner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.webhook" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.webhook" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $mutatingWebhookConfiguration := .Values.webhook -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $mutatingWebhookConfiguration - "name" $name "caller" "Webhook" - "key" "webhook")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the mutatingWebhookConfiguration */}} - {{- $objectData := (mustDeepCopy $mutatingWebhookConfiguration) -}} - - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Webhook" - "key" "webhook")) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Webhook") -}} - - {{/* Set the name of the MutatingWebhookConfiguration */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{- include "tc.v1.common.lib.webhook.validation" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- $type := tpl $objectData.type $ -}} - {{/* Call class to create the object */}} - {{- if eq $type "validating" -}} - {{- include "tc.v1.common.class.validatingWebhookconfiguration" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- else if eq $type "mutating" -}} - {{- include "tc.v1.common.class.mutatingWebhookConfiguration" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- end -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/spawner/_workload.tpl b/charts/common/templates/spawner/_workload.tpl deleted file mode 100644 index 1f5b17f..0000000 --- a/charts/common/templates/spawner/_workload.tpl +++ /dev/null @@ -1,64 +0,0 @@ -{{/* Workload Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.workload" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.workload" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{/* Primary validation for enabled workload. */}} - {{- include "tc.v1.common.lib.workload.primaryValidation" $ -}} - - {{- range $name, $workload := .Values.workload -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $workload - "name" $name "caller" "Workload" - "key" "workload")) -}} - - {{- if eq $enabled "true" -}} - - {{/* Create a copy of the workload */}} - {{- $objectData := (mustDeepCopy $workload) -}} - - {{/* Generate the name of the workload */}} - {{- $objectName := $fullname -}} - {{- if not $objectData.primary -}} - {{- $objectName = printf "%s-%s" $fullname $name -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Workload") -}} - - {{/* Set the name of the workload */}} - {{- $_ := set $objectData "name" $objectName -}} - - {{/* Short name is the one that defined on the chart, used on selectors */}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Set the podSpec so it doesn't fail on nil pointer */}} - {{- if not (hasKey $objectData "podSpec") -}} - {{- fail "Workload - Expected [podSpec] key to exist" -}} - {{- end -}} - - {{/* Call class to create the object */}} - {{- if eq $objectData.type "Deployment" -}} - {{- include "tc.v1.common.class.deployment" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- else if eq $objectData.type "StatefulSet" -}} - {{- include "tc.v1.common.class.statefulset" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- else if eq $objectData.type "DaemonSet" -}} - {{- include "tc.v1.common.class.daemonset" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- else if eq $objectData.type "Job" -}} - {{- include "tc.v1.common.class.job" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- else if eq $objectData.type "CronJob" -}} - {{- include "tc.v1.common.class.cronjob" (dict "rootCtx" $ "objectData" $objectData) -}} - {{- end -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/spawner/cert-manager/_certificate.tpl b/charts/common/templates/spawner/cert-manager/_certificate.tpl deleted file mode 100644 index 98d8e2c..0000000 --- a/charts/common/templates/spawner/cert-manager/_certificate.tpl +++ /dev/null @@ -1,50 +0,0 @@ -{{/* Certificate Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.priorityclass" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.certificate" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - - {{- range $name, $cert := .Values.certificate -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $cert - "name" $name "caller" "Cert Manager Certificate" - "key" "certificate")) -}} - {{- if eq $enabled "true" -}} - {{- $objectData := (mustDeepCopy $cert) -}} - - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Cert Manager Certificate" - "key" "certificate")) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{/* If a certificateSecretTemplate is defined, adjust name */}} - {{- if $objectData.certificateSecretTemplate }} - {{- $objectName = printf "certificate-issuer-%s" $name -}} - {{- end -}} - - {{- include "tc.v1.common.lib.util.metaListToDict" (dict "objectData" $objectData) -}} - - {{/* Perform validations */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName "length" 253) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Cert Manager Certificate") -}} - {{- include "tc.v1.common.lib.certificate.validation" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{/* Set the name of the secret */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.certificate" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/spawner/traefik/_middleware.tpl b/charts/common/templates/spawner/traefik/_middleware.tpl deleted file mode 100644 index e45a926..0000000 --- a/charts/common/templates/spawner/traefik/_middleware.tpl +++ /dev/null @@ -1,121 +0,0 @@ -{{/* Traefik Middleware Spawner */}} -{{/* Call this template: -{{ include "tc.v1.common.spawner.configmap" $ -}} -*/}} - -{{- define "tc.v1.common.spawner.traefik.middleware" -}} - {{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}} - {{- if not .Values.ingressMiddlewares -}} - {{- $_ := set $.Values "ingressMiddlewares" dict -}} - {{- end -}} - {{- if not .Values.ingressMiddlewares.traefik -}} - {{- $_ := set $.Values.ingressMiddlewares "traefik" dict -}} - {{- end -}} - - {{- $filteredMiddlewares := dict -}} - {{- $hasIngressEnabled := false -}} - {{/* Go over all ingresses and get their defined middlewares */}} - {{- range $ingName, $ing := $.Values.ingress -}} - {{- $enabledIng := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $ing - "name" $ingName "caller" "Ingress" - "key" "ingress")) -}} - - {{/* Skip disabled ingresses or ingresses without traefik integration */}} - {{- if ne $enabledIng "true" -}}{{- continue -}}{{- end -}} - {{- if not $ing.integrations -}} - {{- $_ := set $ing "integrations" dict -}} - {{- end -}} - {{- if not $ing.integrations.traefik -}} - {{- $_ := set $ing.integrations "traefik" dict -}} - {{- end -}} - {{- $traefik := $ing.integrations.traefik -}} - {{- $enabledTraefikIntegration := "false" -}} - {{- if and (hasKey $traefik "enabled") (kindIs "bool" $traefik.enabled) -}} - {{- $enabledTraefikIntegration = $traefik.enabled | toString -}} - {{- end -}} - {{- if ne $enabledTraefikIntegration "true" }}{{- continue -}}{{- end -}} - - {{- $hasIngressEnabled = true -}} - - {{/* User middlewares */}} - {{- if and $traefik.middlewares (not (kindIs "slice" $traefik.middlewares)) -}}{{- continue -}}{{- end -}} - {{- range $mw := $traefik.middlewares -}} - {{- if $mw.namespace -}}{{- continue -}}{{- end -}} - {{- $_ := set $filteredMiddlewares $mw.name "user-mw" -}} - {{- end -}} - - {{/* Chart middlewares */}} - {{- if and $traefik.chartMiddlewares (not (kindIs "slice" $traefik.chartMiddlewares)) -}}{{- continue -}}{{- end -}} - {{- range $mw := $traefik.chartMiddlewares -}} - {{- if $mw.namespace -}}{{- continue -}}{{- end -}} - {{- $_ := set $filteredMiddlewares $mw.name "chart-mw" -}} - {{- end -}} - - {{- end -}} - - {{- if $hasIngressEnabled -}} - {{/* Global Middlewares */}} - {{- range $mw := $.Values.global.traefik.commonMiddlewares -}} - {{- if $mw.namespace -}}{{- continue -}}{{- end -}} - {{- $_ := set $filteredMiddlewares $mw.name "global-mw" -}} - {{- end -}} - {{- end -}} - - {{- range $name, $middleware := $.Values.ingressMiddlewares.traefik -}} - - {{- $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $middleware - "name" $name "caller" "Middleware" - "key" "middlewares")) - -}} - - {{- if ne $enabled "true" -}} - {{- $indexedMid := get $filteredMiddlewares $name -}} - {{- if not $indexedMid -}}{{- continue -}}{{- end -}} - - {{/* - If current middleware manifest is in the middlewares listed under one of the above sections - Forcefully enable it/render it. - */}} - {{- $enabled = "true" -}} - - {{- if eq $indexedMid "user-mw" -}} - {{- include "add.warning" (dict "rootCtx" $ "warn" (printf - "WARNING: Because middleware [%s] was used in an ingress under traefik integration, it was forcefully enabled." - )) -}} - {{- end -}} - {{- end -}} - - {{- if eq $enabled "true" -}} - {{/* Create a copy of the middleware */}} - {{- $objectData := (mustDeepCopy $middleware) -}} - - {{- $objectName := $name -}} - - {{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict - "rootCtx" $ "objectData" $objectData - "name" $name "caller" "Middleware" - "key" "middlewares")) -}} - - {{- if eq $expandName "true" -}} - {{- $objectName = (printf "%s-%s" $fullname $name) -}} - {{- end -}} - - {{/* Perform validations */}} {{/* Middleware have a max name length of 253 */}} - {{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName "length" 253) -}} - {{- include "tc.v1.common.lib.traefik.middleware.validation" (dict "objectData" $objectData) -}} - {{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $objectData "caller" "Middleware") -}} - - {{/* Set the name of the middleware */}} - {{- $_ := set $objectData "name" $objectName -}} - {{- $_ := set $objectData "shortName" $name -}} - - {{/* Call class to create the object */}} - {{- include "tc.v1.common.class.traefik.middleware" (dict "rootCtx" $ "objectData" $objectData) -}} - - {{- end -}} - - {{- end -}} - -{{- end -}} diff --git a/charts/common/templates/values/_init.tpl b/charts/common/templates/values/_init.tpl deleted file mode 100644 index f36747d..0000000 --- a/charts/common/templates/values/_init.tpl +++ /dev/null @@ -1,31 +0,0 @@ -{{/* Merge chart values and the common chart defaults */}} -{{/* The ".common" is the name of the library */}} -{{/* Call this template: -{{ include "tc.v1.common.values.init" $ }} -*/}} - -{{- define "tc.v1.common.values.init" -}} - {{- if .Values.common -}} - {{- $commonValues := mustDeepCopy .Values.common -}} - {{- $chartValues := mustDeepCopy (omit .Values "common") -}} - {{- $mergedValues := mustMergeOverwrite $commonValues $chartValues -}} - {{- range $name, $dependencyValues := .Values.dependencies -}} - {{ $enabled := (include "tc.v1.common.lib.util.enabled" (dict - "rootCtx" $ "objectData" $dependencyValues - "name" $name "caller" "dependency" - "key" "dependencies")) }} - {{- if eq $enabled "true" -}} - {{- $dependencyValues := omit $dependencyValues "global " -}} - {{- $dependencyValues := omit $dependencyValues "securityContext " -}} - {{- $dependencyValues := omit $dependencyValues "podOptions " -}} - {{- $mergedValues = mustMergeOverwrite $mergedValues $dependencyValues -}} - {{- end -}} - {{- range $mergedValues.addons -}} - {{- if .enabled -}} - {{- $mergedValues = mustMergeOverwrite $mergedValues . -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- $_ := set . "Values" (mustDeepCopy $mergedValues) -}} - {{- end -}} -{{- end -}} diff --git a/charts/common/templates/values/_validate.tpl b/charts/common/templates/values/_validate.tpl deleted file mode 100644 index 3d4f7a1..0000000 --- a/charts/common/templates/values/_validate.tpl +++ /dev/null @@ -1,32 +0,0 @@ -{{/* Validates any object that it does not contain helm errors */}} -{{/* This usually can happen after merging values from an include that did not render correcly */}} -{{/* Any object will be passed to "toYaml" */}} -{{/* Call this template: -{{ include "tc.v1.common.values.validate" . }} -*/}} -{{- define "tc.v1.common.values.validate" -}} - {{- $allValues := (toYaml .) -}} - - {{- if contains "error converting YAML to JSON" $allValues -}} - {{/* Print values to show values with the error included. */}} - {{/* Ideally we would want to extract the error only, but because it usually contains ":", - It gets parsed as dict and it cant regex matched it afterwards */}} - - {{- fail (printf "%s \n %s \n\n %s \n %v \n %s \n\n %s" - "Chart - Values contain an error that may be a result of merging. Make sure you don't have any invalid YAML characters starting a value." - "Renderd Values containing the error:" - "=============================================================================================" - $allValues - "=============================================================================================" - "See error above values." - ) -}} - {{- end -}} - - {{/* Catch update related issues */}} - {{- if .addons -}} - {{- if .addons.vpn -}} - {{- fail (printf "Your current Common-Chart version does not support [.Values.addons.vpn] please use [.Values.addons.tailscale] or [.Values.addons.gluetun] instead") }} - {{- end -}} - {{- end -}} - -{{- end -}} diff --git a/charts/common/values.yaml b/charts/common/values.yaml deleted file mode 100644 index 4c8b781..0000000 --- a/charts/common/values.yaml +++ /dev/null @@ -1,1365 +0,0 @@ -# -- Global values -global: - # -- Set additional global labels - labels: {} - # -- Set additional global annotations - annotations: {} - # -- Set a global namespace - # TODO: Currently some objects do not support this - namespace: "" - diagnosticMode: - enabled: false - fallbackDefaults: - # -- Define a storageClassName that will be used for all PVCs - # Can be overruled per PVC - storageClass: - # -- Default probe type - probeType: http - # -- Default Service Protocol - serviceProtocol: tcp - # -- Default Service Type - serviceType: ClusterIP - # -- Default persistence type - persistenceType: pvc - # -- Default Retain PVC - pvcRetain: false - # -- Default PVC Size - pvcSize: 100Gi - # -- Default VCT Size - vctSize: 100Gi - # -- Default PVC Access Modes - accessModes: - - ReadWriteOnce - # -- Default VCT Access Modes - vctAccessModes: - - ReadWriteOnce - # -- Default probe timeouts - probeTimeouts: - liveness: - initialDelaySeconds: 12 - periodSeconds: 15 - timeoutSeconds: 5 - failureThreshold: 5 - successThreshold: 1 - readiness: - initialDelaySeconds: 10 - periodSeconds: 12 - timeoutSeconds: 5 - failureThreshold: 4 - successThreshold: 2 - startup: - initialDelaySeconds: 10 - periodSeconds: 5 - timeoutSeconds: 3 - failureThreshold: 60 - successThreshold: 1 - # -- Define a postgresql version for CNPG - # will be used for all CNPG objects - # Can be overruled per CNPG objects - - # -- Define a topologyKey for default topologySpreadConstraints - # Will be used when defaultSpread: true - topologyKey: kubernetes.io/hostname - cnpg: - pgVersion: 16 - skipEmptyWalArchiveCheck: true - traefik: - commonMiddlewares: - - name: tc-basic-secure-headers - # -- Minimum nodePort value - minNodePort: 9000 - # -- Enable to stop most pods and containers including cnpg - # does not include stand-alone pods - stopAll: false - -# -- Explicitly set a namespace for this chart only -namespace: "" - -image: - repository: ghcr.io/traefik/whoami - pullPolicy: IfNotPresent - tag: v1.11.0@sha256:200689790a0a0ea48ca45992e0450bc26ccab5307375b41c84dfc4f2475937ab - -chartContext: - appUrl: "" - podCIDR: "" - svcCIDR: "" - -# -- Security Context -securityContext: - # -- Container security context for all containers - # Can be overruled per container - container: - runAsUser: 568 - runAsGroup: 568 - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - privileged: false - seccompProfile: - type: RuntimeDefault - capabilities: - add: [] - drop: - - ALL - # When set to false, it will automatically - # add CHOWN, SETUID, SETGID, FOWNER, DAC_OVERRIDE - # capabilities ONLY when container runs as ROOT - disableS6Caps: false - # -- PUID for all containers - # Can be overruled per container - PUID: 568 - # -- UMASK for all containers - # Can be overruled per container - UMASK: "0022" - # -- Pod security context for all pods - # Can be overruled per pod - pod: - fsGroup: 568 - fsGroupChangePolicy: OnRootMismatch - supplementalGroups: [] - sysctls: [] - -# -- Resources -# Can be overruled per container -resources: - limits: - cpu: 1000m - memory: 1500Mi - requests: - cpu: 100m - memory: 250Mi - -containerOptions: - NVIDIA_CAPS: - - all - -# -- Options for all pods -# Can be overruled per pod -podOptions: - enableServiceLinks: false - hostNetwork: false - hostPID: false - hostIPC: false - # If this key exists, takes precedence over the automated calculation - # hostUsers: false - shareProcessNamespace: false - affinity: {} - dnsPolicy: ClusterFirst - dnsConfig: - options: - - name: ndots - value: "1" - hostAliases: [] - nodeSelector: - kubernetes.io/arch: "amd64" - # -- Used to enforce a good spread for Deployments and StatefulSets by default - defaultSpread: true - defaultAffinity: true - topologySpreadConstraints: [] - tolerations: [] - schedulerName: "" - priorityClassName: "" - runtimeClassName: "" - automountServiceAccountToken: false - terminationGracePeriodSeconds: 60 - -# -- (docs/workload/README.md) -workload: - main: - enabled: true - primary: true - type: Deployment - dbWait: true - podSpec: - containers: - main: - enabled: true - primary: true - imageSelector: image - probes: - liveness: - enabled: true - type: "{{ .Values.service.main.ports.main.protocol }}" - port: "{{ $.Values.service.main.ports.main.targetPort | default .Values.service.main.ports.main.port }}" - readiness: - enabled: true - type: "{{ .Values.service.main.ports.main.protocol }}" - port: "{{ $.Values.service.main.ports.main.targetPort | default .Values.service.main.ports.main.port }}" - startup: - enabled: true - type: "{{ .Values.service.main.ports.main.protocol }}" - port: "{{ $.Values.service.main.ports.main.targetPort | default .Values.service.main.ports.main.port }}" - -# -- Timezone used everywhere applicable -TZ: UTC - -# -- Diagnostic Mode -diagnosticMode: - enabled: false - -# -- Vertical pod autoscaler -vpa: - main: - enabled: false - targetSelector: [] - # updatePolicy: - # updateMode: auto - resourcePolicy: - containerPolicies: - - containerName: "*" - minAllowed: - cpu: 50m - memory: 50Mi - maxAllowed: - cpu: 8000m - memory: 20Gi - controlledResources: ["cpu", "memory"] - -# -- Horizontal pod autoscaler -hpa: - main: - enabled: false - targetSelector: [] - # minReplicas: 1 - # maxReplicas: 3 - - # metrics: # Optional, list of metric specs - # - type: Resource # Can be Resource, Pods, Object, External, or ContainerResource - # resource: - # name: cpu - # target: - # type: Utilization # Or Value / AverageValue - # averageUtilization: 50 - - # - type: Resource - # resource: - # name: memory - # target: - # type: AverageValue - # averageValue: 500Mi - - # behavior: # Optional: controls scaling behavior - # scaleUp: - # stabilizationWindowSeconds: 0 - # policies: - # - type: Percent - # value: 100 - # periodSeconds: 15 - # scaleDown: - # stabilizationWindowSeconds: 300 - # policies: - # - type: Pods - # value: 4 - # periodSeconds: 60 - -# -- (docs/service/README.md) -service: - main: - ## Integration stuff - # integration: - # metallb: - # enabled: false - ## Optional to set shared key manually, otherwise set to namespace - # sharedKey: "" - # - # cilium: - # enabled: false - ## Optional to set shared key manually, otherwise ignored (namespace sharing) - # sharedKey: "" - # - # traefik: - # enabled: false - enabled: true - primary: true - ports: - main: - enabled: true - primary: true - protocol: http - -credentials: - {} - # mys3: - # type: s3 - # url: "" - # path: "" - # bucket: "" - # accessKey: "" - # secretKey: "" - # ## Is used in cases where things are encrypted by a backup utility - # encrKey: "" - -ingressMiddlewares: - traefik: - tc-basic-secure-headers: - enabled: false - type: headers - data: - accessControlAllowMethods: - - GET - - OPTIONS - - HEAD - - PUT - accessControlMaxAge: 100 - stsSeconds: 63072000 - forceSTSHeader: true - contentTypeNosniff: true - browserXssFilter: true - referrerPolicy: same-origin - customRequestHeaders: - X-Forwarded-Proto: "https" -# basic-auth: -# enabled: true -# type: basicAuth -# data: -# # middleware specific data ie -# users: -# - username: user1 -# password: password1 -# some-other-middleware: -# enabled: true -# type: someOtherMiddleware -# data: -# # middleware specific data ie -# someOtherMiddlewareData: someOtherMiddlewareData - -# -- (docs/persistence/README.md) -persistence: - shared: - enabled: true - type: emptyDir - mountPath: /shared - targetSelectAll: true - varlogs: - enabled: true - type: emptyDir - mountPath: /var/logs - medium: Memory - targetSelectAll: true - varrun: - enabled: true - type: emptyDir - mountPath: /var/run - medium: Memory - targetSelectAll: true - tmp: - enabled: true - type: emptyDir - mountPath: /tmp - medium: Memory - targetSelectAll: true - devshm: - enabled: true - type: emptyDir - mountPath: /dev/shm - medium: Memory - targetSelectAll: true -# backupexample: -# ## the default backup path, is the credential path suffixed by the releasename, volsync and both the pvc and volsync names -# enabled: true -# type: pvc -# mountPath: /backedup -# targetSelectAll: true -# volsync: -# - name: mybackup -# ## TODO: other options -# type: restic -# credentials: mys3 -# dest: -# enabled: true -# src: -# enabled: true -# iscsi: -# enabled: true -# type: iscsi -# mountPath: /dev/shm -# iscsi: -# targetPortal: 10.0.2.15:3260 -# portals: ['10.0.2.16:3260', '10.0.2.17:3260'] #optional -# iqn: iqn.2001-04.com.example:storage.kube.sys1.xyz -# lun: 0 -# fsType: ext4 #Optional -# iscsiInterface: default #Optional -# initiatorName: iqn.1994-05.com.redhat:node1 #Optional -# authSession: -# username: "someusername" -# password: "somepassword" -# usernameInitiator: "someusernameInitiator" -# passwordInitiator: "somepasswordInitiator" -# authDiscovery: -# username: "someusername" -# password: "somepassword" -# usernameInitiator: "someusernameInitiator" -# passwordInitiator: "somepasswordInitiator" -# vct: -# enabled: true -# type: vct -# mountPath: /shared -# dynamic-pvc: -# enabled: true -# type: pvc -# mountPath: /shared -# targetSelectAll: true -# dynamic-pvc-dataSource: -# enabled: true -# type: pvc -# mountPath: /shared -# targetSelectAll: true -# dataSource: -# kind: "PersistentVolumeClaim" -# name: "existingPVC" -# existing-claim: -# enabled: true -# type: pvc -# existingClaim: "someclaim" -# mountPath: /shared -# targetSelectAll: true -# existingpv-pvc: -# enabled: true -# type: pvc -# mountPath: /shared -# targetSelectAll: true -# volumeName: "somePV" -# static-nfs-pvc: -# enabled: true -# type: pvc -# mountPath: /shared -# targetSelectAll: true -# static: -# mode: nfs -# server: "/someserver" -# share: "someshare" -# static-smb-pvc: -# enabled: true -# type: pvc -# mountPath: /shared -# targetSelectAll: true -# static: -# mode: smb -# server: "/someserver" -# share: "someshare" -# domain: "somedomain" -# user: "someuser" -# password: "somepass" -# static-custom-pvc: -# enabled: true -# type: pvc -# mountPath: /shared -# targetSelectAll: true -# static: -# mode: custom -# provisioner: "some.provisioner" -# driver: "somedriver" -# # Custom CSI definition here -# csi: {} -# example-volumesnapshot: -# enabled: true -# type: pvc -# mountPath: /shared -# targetSelectAll: true -# volumeSnapshots: -# - name: "mysnapshot" -# volumeSnapshotClassName: "mysnapshotclass" (optional) - -volumeSnapshotClass: {} -volumeSnapshots: {} -# volumeSnapshots: -# mysnapshot: -# volumeSnapshotClassName: "mycustomsnapshot" (optional) -# source: -# # pick one -# persistentVolumeClaimName: "mypvcname" (does not get altered) -# volumeSnapshotContentName: "mysnapshotname" - -# -- (docs/imagePullSecrets.md) -imagePullSecret: {} - -# -- (docs/configmap.md) -configmap: {} - -# -- (docs/secret.md) -secret: {} - -# -- (docs/serviceAccount.md) -serviceAccount: {} - -# -- (docs/rbac.md) -rbac: {} - -# NOTES.txt -notes: - header: | - # Thank you for installing {{ .Chart.Name }} by TrueCharts. - # custom: "{{ toYaml $.Values }}" - custom: | - {{- if .Values.chartContext.appUrl }} - ## Connecting externally - You can use this Chart by opening the following links in your browser: - - {{ toYaml .Values.chartContext.appUrl }} - {{- end }} - - {{ if .Chart.Dependencies }} - ## Dependencies for {{ .Chart.Name }} - - {{- range .Chart.Dependencies }} - - Chart: {{ .Repository }}/{{ .Name }} - Version: {{ .Version }} - {{- end }} - {{- end }} - - - {{- if .Values.chartContext.internalUrls }} - ## Connecting Internally - - You can reach this chart inside your cluster, using the following service URLS: - {{- range $url := .Values.chartContext.internalUrls -}} - - {{ $url }} - {{- end }} - {{- end }} - - ## Sources for {{ .Chart.Name }} - - {{- range .Chart.Sources }} - - {{ . }} - {{- end -}} - - {{- $link := .Chart.Annotations.docs -}} - {{- if not $link -}} - {{- $link = .Chart.Home -}} - {{- end }} - - See more for **{{ $.Chart.Name }}** at ({{ $link }}) - footer: | - ## Documentation - Please check out the TrueCharts documentation on: - https://truecharts.org - - OpenSource can only exist with your help, please consider supporting TrueCharts: - https://truecharts.org/sponsor - warnings: [] - -#### -## -## TrueCharts Specific Root Objects -## -#### - -gluetunImage: - repository: tccr.io/tccr/gluetun - tag: v3.40.0@sha256:a8189e29155e0f8142be1500ae068a92b189b1b25abbba036321e74d6389bf2b - pullPolicy: IfNotPresent - -netshootImage: - repository: tccr.io/tccr/netshoot - tag: v0.14.0@sha256:28ede4317d22391e7d89a15eb78dc2afc3587ece02c76c983dde7239a0e43679 - pullPolicy: IfNotPresent - -tailscaleImage: - repository: tccr.io/tccr/tailscale - tag: v1.86.2@sha256:7694928c789a246fe2fb58e10dd604f66b18b4ef961409095b689f7762523ed1 - pullPolicy: IfNotPresent - -codeserverImage: - repository: tccr.io/tccr/code-server - tag: v4.103.1@sha256:b754400a938e74eaaf07fa6fb9b64a24a4e6c5d88c94f914748b202f1fb57ce6 - pullPolicy: IfNotPresent - -alpineImage: - repository: tccr.io/tccr/alpine - tag: v3.22.1 - pullPolicy: IfNotPresent - -scratchImage: - repository: tccr.io/tccr/scratch - tag: latest@sha256:4aef9dbf99ea2a8857ed4ce9d9bf79d330b79044884c7374e392445d122ec746 - pullPolicy: IfNotPresent - -kubectlImage: - repository: tccr.io/tccr/kubectl - tag: latest@sha256:b16dca4e8ec1c9128a8b7712ebd3713f69d3dd24d622799a482e7ce3929a702b - pullPolicy: IfNotPresent - -wgetImage: - repository: tccr.io/tccr/wget - tag: v1.0.0@sha256:961566b0149f766abfaa82326aad9c3089e3311eca5d4910ff2d4faf70ddbb10 - pullPolicy: IfNotPresent - -yqImage: - pullPolicy: IfNotPresent - repository: docker.io/mikefarah/yq - tag: 4.47.1@sha256:b9285dd3b0bea3c34d0c54415dd48d767dabd9644d489bd6e253660847b58419 - -postgresClientImage: - repository: tccr.io/tccr/db-wait-postgres - tag: v1.1.0@sha256:182687540102534aeb28fce4d124274e81a849a43556214977c378ae2a580b35 - pullPolicy: IfNotPresent - -mariadbClientImage: - repository: tccr.io/tccr/db-wait-mariadb - tag: v1.1.0@sha256:bd60b6087bacaf5e697243f764065ea5d04da1af703b2009be3752c1aede6d32 - pullPolicy: IfNotPresent - -redisClientImage: - repository: tccr.io/tccr/db-wait-redis - tag: v1.1.0@sha256:14c792c5d2faf5b5c7f8325e387700d70571bf930d321de81483aa704c198e40 - pullPolicy: IfNotPresent - -mongodbClientImage: - repository: tccr.io/tccr/db-wait-mongodb - tag: v1.2.0@sha256:fe22e616bd3facd3d2e959cfaae9795a8503c8fb6bb90487a14dfd14cbd3ffe3 - pullPolicy: IfNotPresent - -postgres15Image: - repository: ghcr.io/cloudnative-pg/postgresql - tag: "15.13" - pullPolicy: IfNotPresent - -postgres16Image: - repository: ghcr.io/cloudnative-pg/postgresql - tag: "16.9" - pullPolicy: IfNotPresent - -postgresPostgis15Image: - repository: ghcr.io/cloudnative-pg/postgis - tag: "15-3.4" - pullPolicy: IfNotPresent - -postgresPostgis16Image: - repository: ghcr.io/cloudnative-pg/postgis - tag: "16-3.4" - pullPolicy: IfNotPresent - -postgresVectors15Image: - repository: ghcr.io/tensorchord/cloudnative-pgvecto.rs - tag: "15.7-v0.2.1" - pullPolicy: IfNotPresent - -postgresVectors16Image: - repository: ghcr.io/tensorchord/cloudnative-pgvecto.rs - tag: "16.3-v0.2.1" - pullPolicy: IfNotPresent - -# -- OpenVPN specific configuration -# @default -- See below -openvpnImage: - # -- Specify the openvpn client image - repository: tccr.io/tccr/openvpn-client - # -- Specify the openvpn client image tag - tag: latest@sha256:9bfdf50791d6e51056e31c03f73c9db329b2b72e7746155cfdc63e0c8b49b55a - # -- Specify the openvpn client image pull policy - pullPolicy: IfNotPresent - -# -- WireGuard specific configuration -# @default -- See below -wireguardImage: - # -- Specify the WireGuard image - repository: tccr.io/tccr/wireguard - # -- Specify the WireGuard image tag - tag: v1.0.20210914@sha256:683b8b74d64ebd07f9955147539834c2a4b60fee51d2a36fa76b9aba689601bf - # -- Specify the WireGuard image pull policy - pullPolicy: IfNotPresent - -# -- Configure the ingresses for the chart here. -# Additional ingresses can be added by adding a dictionary key similar to the 'main' ingress. -# @default -- See below -ingress: - main: - # -- Enables or disables the ingress - enabled: false - # -- Make this the primary ingress (used in probes, notes, etc...). - # If there is more than 1 ingress, make sure that only 1 ingress is marked as primary. - primary: true - # -- Ensure this ingress is always enabled. - required: false - # expandObjectName: false - # -- Provide additional labels which may be required. - labels: {} - # -- Provide additional annotations which may be required. - annotations: {} - # -- Set the ingressClass that is used for this ingress. - # Requires Kubernetes >=1.19 - ingressClassName: "" - # Defaults to primary service and primary port - # targetSelector: - # # service: port - # main: main - ## Configure the hosts for the ingress - hosts: [] - # - # -- Host address. Helm template can be passed. - # host: chart-example.local - # ## Configure the paths for the host - # paths: - # - # -- Path. Helm template can be passed. - # path: / - # # -- Ignored if not kubeVersion >= 1.14-0 - # pathType: Prefix - # # -- Overrides the service reference for this path, by default the selector is honored - # overrideService: - # # -- Overrides the service name reference for this path - # name: - # # -- Overrides the service port reference for this path - # port: - # -- Configure TLS for the ingress. Both secretName and hosts can process a Helm template. - # Gets ignored when clusterIssuer is filled - tls: [] - # - secretName: chart-example-tls - # certificateIssuer: "" - # hosts: - # - chart-example.local - integrations: - certManager: - enabled: false - certificateIssuer: "" - traefik: - enabled: false - # Default to websecure - entrypoints: - - websecure - # Ensures tls annotation is set - forceTLS: true - middlewares: [] - # - name: my-middleware - # # Optional, by default will try to - # # "lookup" the namespace based on the name - # namespace: "" - nginx: - enabled: false - themepark: - enabled: false - css: "" - ipWhitelist: [] - auth: - # empty to disable, options: "authentik" or "authelia" - type: "" - # Internal Domain name + port to reach the auth provider, excluding http(s) - internalHost: "" - # External (ingress) Domain name to reach the auth provider, excluding http(s) - externalHost: "" - # Optional: override default response headers - responseHeaders: [] - homepage: - enabled: false - # Default: chart name - name: "" - # Default: chart description - description: "" - # Default: no group - group: "" - # Default: chart icon - icon: "" - widget: - # Default: chartname - type: "" - # Default to ingress host 0 - url: "" - custom: - # somesetting: some value - customkv: - # - key: some key - # value: some value - -certificate: {} -# main: -# enabled: false -# certificateIssuer: someissuer -# hosts: -# - somehost -# # Optional -# certificateSecretTemplate: -# labels: {} -# annotations: {} - -# -- BETA: Configure the gateway routes for the chart here. -# Additional routes can be added by adding a dictionary key similar to the 'main' route. -# Please be aware that this is an early beta of this feature, TrueCharts does not guarantee this actually works. -# Being BETA this can/will change in the future without notice, please do not use unless you want to take that risk -# [[ref]](https://gateway-api.sigs.k8s.io/references/spec/#gateway.networking.k8s.io%2fv1alpha2) -# @default -- See below -route: - main: - # -- Enables or disables the route - enabled: false - # -- Set the route kind - # Valid options are GRPCRoute, HTTPRoute, TCPRoute, TLSRoute, UDPRoute - kind: HTTPRoute - # -- Provide additional annotations which may be required. - annotations: {} - # -- Provide additional labels which may be required. - labels: {} - # -- Configure the resource the route attaches to. - parentRefs: - - group: gateway.networking.k8s.io - kind: Gateway - name: - namespace: - sectionName: - # -- Host addresses - hostnames: [] - # -- Configure rules for routing. Defaults to the primary service. - rules: - - backendRefs: - - group: "" - kind: Service - name: - namespace: - port: - weight: 1 - ## Configure conditions used for matching incoming requests. Only for HTTPRoutes - matches: - - path: - type: PathPrefix - value: / - -podDisruptionBudget: - main: - enabled: false - # -- Custom Selector Labels - # customLabels: - # customKey: customValue - # maxUnavailable: 1 - # minAvailable: 1 - targetSelector: main - -webhook: - validating: - enabled: false - type: validating - webhooks: [] - mutating: - enabled: false - type: mutating - webhooks: [] - -priorityClass: {} -# priorityClass: -# example: -# provisioner: some.provisioner.io -# enabled: true -# value: 1000000 -# preemptionPolicy: PreemptLowerPriority -# globalDefault: false -# description: "some description" - -# # -- create storageClasses on demand -storageClass: {} -# storageClass: -# example: -# provisioner: some.provisioner.io -# enabled: true -# isDefaultClass: false -# parameters: {} -# reclaimPolicy: retain -# allowVolumeExpansion: true -# volumeBindingMode: Immediate -# mountOptions: [] - -metrics: - main: - enabled: false - primary: true - # options: servicemonitor, podmonitor - type: "servicemonitor" - # defaults to selectorLabels - selector: {} - endpoints: - - port: main - interval: 5s - scrapeTimeout: 5s - path: / - honorLabels: false - prometheusRule: - enabled: false - groups: {} - # somegroup: - # # list of rules - # rules: [] - # # list to support adding rules via the SCALE GUI without overwrithing the rules - # additionalrules: [] - # List to support adding groups using the SCALE GUI - additionalgroups: - # - name: "somegroup" - # # list of rules - # rules: [] - # # list to support adding rules via the SCALE GUI without overwrithing the rules - # additionalrules: [] - -# -- The common chart supports several add-ons. These can be configured under this key. -# @default -- See below -addons: - gluetun: - enabled: false - targetSelector: - - main - secret: - # vpn-conf: - # basePath: /gluetun/wireguard - # data: - # # Effective path /gluetun/wireguard/wg0.conf - # wg0.conf: | - # some conf - # wg1.conf: | - # some conf - # scripts: - # basePath: /gluetun/scripts - # defaultMode: "0777" - # data: - # # Effective path /gluetun/scripts/up.sh - # up.sh: | - # some conf - container: - enabled: true - imageSelector: gluetunImage - probes: - liveness: - enabled: false - readiness: - enabled: false - startup: - enabled: false - resources: - excludeExtra: true - securityContext: - runAsUser: 0 - runAsNonRoot: false - readOnlyRootFilesystem: false - runAsGroup: 568 - capabilities: - add: - - NET_ADMIN - - NET_RAW - - MKNOD - env: - DOT: "off" - DNS_KEEP_NAMESERVER: "on" - FIREWALL: "off" - FIREWALL_OUTBOUND_SUBNETS: "" - FIREWALL_INPUT_PORTS: "" - - # -- Tailscale specific configuration - # @default -- See below - # See more info for the configuration - # https://github.com/tailscale/tailscale/blob/main/docs/k8s/run.sh - tailscale: - enabled: false - targetSelector: - - main - # -- you can directly specify the config file here - config: "" - container: - enabled: true - imageSelector: "tailscaleImage" - probes: - liveness: - enabled: false - readiness: - enabled: false - startup: - enabled: false - command: - - /usr/local/bin/containerboot - resources: - excludeExtra: true - env: - # Set KUBE_SECRET to empty string to force tailscale - # to use the filesystem for state tracking. - # With secret for state tracking you can't always - # know if the app that uses this sidecard will - # use a custom ServiceAccount and will lead to falure. - TS_KUBE_SECRET: "" - TS_SOCKET: /var/run/tailscale/tailscaled.sock - TS_STATE_DIR: /var/lib/tailscale/state - TS_USERSPACE: true - TS_AUTH_ONCE: true - TS_ACCEPT_DNS: false - TS_AUTH_KEY: "" - TS_TAILSCALED_EXTRA_ARGS: "" - TS_EXTRA_ARGS: "" - TS_SOCKS5_SERVER: "" - TS_DEST_IP: "" - TS_ROUTES: "" - TS_OUTBOUND_HTTP_PROXY_LISTEN: "" - securityContext: - capabilities: - add: - - NET_ADMIN - - NET_RAW - - # -- Auth key to connect to the VPN Service - authkey: "" - # As a sidecar, it should only need to run in userspace - userspace: true - auth_once: true - accept_dns: false - routes: "" - dest_ip: "" - sock5_server: "" - extra_args: "" - daemon_extra_args: "" - outbound_http_proxy_listen: "" - # -- Annotations for tailscale sidecar - annotations: {} - - # -- The common library supports adding a code-server add-on to access files. It can be configured under this key. - # @default -- See values.yaml - codeserver: - enabled: false - # -- Enable running a code-server container in the pod - container: - enabled: true - probes: - liveness: - enabled: true - port: 12321 - path: "/" - readiness: - enabled: true - port: 12321 - path: "/" - startup: - enabled: true - port: 12321 - path: "/" - imageSelector: "codeserverImage" - resources: - excludeExtra: true - securityContext: - runAsUser: 0 - runAsGroup: 0 - runAsNonRoot: false - readOnlyRootFilesystem: false - args: - - "--port" - - "12321" - - "/" - - --auth - - none - # - --user-data-dir - # - "/config/.vscode" - # -- Select a workload to add the addon to - targetSelector: - - "main" - - service: - # -- Enable a service for the code-server add-on. - enabled: true - type: ClusterIP - # Specify the default port information - ports: - codeserver: - enabled: true - primary: true - protocol: http - port: 12321 - targetPort: 12321 - - ingress: - # -- Enable an ingress for the code-server add-on. - enabled: false - annotations: {} - # kubernetes.io/ingress.class: nginx - labels: {} - hosts: - - host: code.chart-example.local - paths: - - path: / - # Ignored if not kubeVersion >= 1.14-0 - pathType: Prefix - tls: [] - - netshoot: - # -- Enable running a netshoot container in the pod - enabled: false - container: - enabled: true - command: - - /bin/sh - - -c - - sleep infinity - probes: - liveness: - enabled: false - readiness: - enabled: false - startup: - enabled: false - imageSelector: "netshootImage" - resources: - excludeExtra: true - securityContext: - runAsUser: 0 - runAsGroup: 0 - runAsNonRoot: false - readOnlyRootFilesystem: false - capabilities: - add: - - NET_ADMIN - - NET_RAW - -dependencies: - -########################################################################## -# This section contains some pre-config for frequently used dependencies # -########################################################################## - -cnpg: - main: - enabled: false - primary: true - # -- Puts the cnpg cluster in hibernation mode - hibernate: false - # Additional Labels and annotations for all cnpg objects - labels: {} - annotations: {} - - # Type of the CNPG database. Available types: - # * `postgres` - # * `postgis` - # * `timescaledb` - # * `vectors` - type: postgres - - # Version of Postgresql to use, changes cluster naming scheme - # * `15` - # * `16` - pgVersion: 16 - - # Cluster mode of operation. Available modes: - # * `standalone` - default mode. Creates new or updates an existing CNPG cluster. - # * `replica` - Creates a replica cluster from an existing CNPG cluster. # TODO - # * `recovery` - Same as standalone but creates a cluster from a backup, object store or via pg_basebackup. - mode: standalone - - # Database details - database: "app" - user: "app" - password: "PLACEHOLDERPASSWORD" - - # Database cluster configuration - cluster: - # Additional Labels and annotations for cnpg cluster - labels: {} - annotations: {} - - # Number of instances - instances: 2 - - # set to true on single-node clusters to allow PVCs to be kept on instance restart - singleNode: false - - ## set to configure the skipEmptyWalArchiveCheck annotation - # skipEmptyWalArchiveCheck: true - # # -- storage size for the data pvc's - # # Follows the same spec as .Values.Persistence type=PVC - # storage: - # size: "256Gi" - # # -- storage size for the wal pvc's - # # Follows the same spec as .Values.Persistence type=PVC - # walStorage: - # size: "256Gi" - # -- Gets scaled to 0 if hibernation is true - ## See .Values.resources for more info - # resources: - - # Method to follow to upgrade the primary server during a rolling update procedure, after all replicas have been - # successfully updated. It can be switchover (default) or in-place (restart). - primaryUpdateMethod: switchover - - # Strategy to follow to upgrade the primary server during a rolling update procedure, after all replicas have been - # successfully updated: it can be automated (unsupervised - default) or manual (supervised) - # Example of rolling update strategy: - # - unsupervised: automated update of the primary once all - # replicas have been upgraded (default) - # - supervised: requires manual supervision to perform - # the switchover of the primary - # -- change to supervised to disable unsupervised updates - primaryUpdateStrategy: unsupervised - - # The instances' log level, one of the following values: error, warning, info (default), debug, trace - logLevel: info - - # The configuration for the CA and related certificates - # See: https://cloudnative-pg.io/documentation/current/api_reference/#CertificatesConfiguration - certificates: - - # When this option is enabled, the operator will use the SuperuserSecret to update the postgres user password. - # If the secret is not present, the operator will automatically create one. - # When this option is disabled, the operator will ignore the SuperuserSecret content, delete it when automatically created, - # and then blank the password of the postgres user by setting it to NULL. - - # enableSuperuserAccess: true - - # Configuration of the PostgreSQL server - # See: https://cloudnative-pg.io/documentation/current/api_reference/#PostgresConfiguration - postgresql: - - # BootstrapInitDB is the configuration of the bootstrap process when initdb is used - # See: https://cloudnative-pg.io/documentation/current/bootstrap/ - # See: https://cloudnative-pg.io/documentation/current/api_reference/#bootstrapinitdb - initdb: {} - # postInitSQL: - # - CREATE EXTENSION IF NOT EXISTS vector; - # postInitApplicationSQL: - # - CREATE EXTENSION IF NOT EXISTS someextension; - # -- set to enable prometheus metrics - monitoring: - enablePodMonitor: false - disableDefaultQueries: false - customQueries: [] - # - name: "pg_cache_hit_ratio" - # expandObjectName: true - # key: "custom-key" (defaults to "custom-queries") - # query: "SELECT current_database() as datname, sum(heap_blks_hit) / (sum(heap_blks_hit) + sum(heap_blks_read)) as ratio FROM pg_statio_user_tables;" - # metrics: - # - datname: - # usage: "LABEL" - # description: "Name of the database database" - # - ratio: - # usage: GAUGE - # description: "Cache hit ratio" - # Recovery settings if the chosen mode is `recovery`. - recovery: - ## - # Backup Recovery Method - # Available recovery methods: - # * `backup` - Recovers a CNPG cluster from a CNPG backup (PITR supported) Needs to be on the same cluster in the same namespace. - # * `object_store` - Recovers a CNPG cluster from a barman object store (PITR supported). - # * `pg_basebackup` - Recovers a CNPG cluster viaa streaming replication protocol. Useful if you want to - # migrate databases to CloudNativePG, even from outside Kubernetes. # TODO - method: object_store - ## set a revision to append to the serverName to ensure restore and backup dont target the same thing - # revision: 1 - - # override serverName in recovery obkect - servername: "" - - ## Point in time recovery target. Specify one of the following: - pitrTarget: - # Time in RFC3339 format - time: "" - - # Name of the backup to recover from. Required if method is `backup`. - backupName: "" - - # Object Store Recovery Method - clusterName: "" - - # Overrides the provider specific default path. Defaults to: - # S3: s3:// - # Azure: https://..core.windows.net/ - # Google: gs:// - destinationPath: "" - - # Database cluster backup configuration - backups: - # You need to configure backups manually, so backups are disabled by default. - enabled: false - - encryption: - enabled: false - ## set a revision to append to the serverName to ensure restore and backup dont target the same thing - # revision: 1 - - # override serverName in recovery obkect - servername: "" - - # Overrides the provider specific default path. Defaults to: - # S3: s3:// - # Azure: https://..core.windows.net/ - # Google: gs:// - destinationPath: "" - - # default: primary, other option prefer-standby - target: "" - - # name of credentials in .Values.Credentials - credentials: "" - - scheduledBackups: - - name: daily-backup - schedule: "0 0 0 * * *" - backupOwnerReference: self - immediate: true - suspend: false - - retentionPolicy: "30d" - - # - Manual list of backups - manualBackups: [] - # - name: today - # labels: {} - # annotations: {} - # - name: beforeUpgrade - # labels: {} - # annotations: {} - - # Database cluster PgBouncer configuration - pooler: - enabled: false - # -- enable to create extra pgbouncer for readonly access - createRO: false - poolMode: session - # -- Gets scaled to 0 if hibernation is true - instances: 2 - # parameters: - # max_client_conn: "1000" - # default_pool_size: "25" - labels: {} - annotations: {} - - # -- contains credentials and urls output by generator - creds: {} - -# -- Redis dependency configuration -# @default -- See below -redis: - enabled: false - includeCommon: false - password: "PLACEHOLDERPASSWORD" - # -- can be used to make an easy accessible note which URLS to use to access the DB. - creds: {} - secret: - credentials: - enabled: false - -# -- mariadb dependency configuration -# @default -- See below -mariadb: - enabled: false - includeCommon: false - password: "PLACEHOLDERPASSWORD" - rootPassword: "PLACEHOLDERROOTPASSWORD" - # -- can be used to make an easy accessable note which URLS to use to access the DB. - creds: {} - -# -- mongodb dependency configuration -# @default -- See below -mongodb: - enabled: false - includeCommon: false - password: "PLACEHOLDERPASSWORD" - rootPassword: "PLACEHOLDERROOTPASSWORD" - # -- can be used to make an easy accessable note which URLS to use to access the DB. - creds: {} - -# -- clickhouse dependency configuration -# @default -- See below -clickhouse: - enabled: false - includeCommon: false - password: "PLACEHOLDERPASSWORD" - # -- can be used to make an easy accessable note which URLS to use to access the DB. - creds: {} - -# -- solr dependency configuration -# @default -- See below -solr: - enabled: false - includeCommon: false - password: "PLACEHOLDERPASSWORD" - solrCores: 1 - solrEnableAuthentication: "no" - # -- can be used to make an easy accessable note which URLS to use to access the DB. - creds: {} - -# -- List of extra objects to deploy with the release -extraTpl: [] diff --git a/manifests/baikal/values.yaml b/manifests/baikal/values.yaml deleted file mode 100644 index ad50a6f..0000000 --- a/manifests/baikal/values.yaml +++ /dev/null @@ -1,34 +0,0 @@ -image: - repository: ckulka/baikal - tag: latest - pullPolicy: IfNotPresent - -service: - main: - enabled: true - ports: - http: - port: 80 - -ingress: - main: - enabled: true - ingressClassName: traefik - hosts: - - host: baikal.dvirlabs.com - paths: - - path: / - pathType: Prefix - tls: - - hosts: - - baikal.dvirlabs.com - -persistence: - data: - enabled: true - storageClass: nfs-client - size: 5Gi - # Required by TrueCharts common lib: - mountPath: /var/www/baikal/Specific - -resources: {}