182 lines
7.5 KiB
Smarty
182 lines
7.5 KiB
Smarty
{{/* Returns projected Volume */}}
|
|
{{/* Call this template:
|
|
{{ include "tc.v1.common.lib.pod.volume.projected" (dict "rootCtx" $ "objectData" $objectData) }}
|
|
rootCtx: The root context of the chart.
|
|
objectData: The object data to be used to render the volume.
|
|
*/}}
|
|
{{- define "tc.v1.common.lib.pod.volume.projected" -}}
|
|
{{- $rootCtx := .rootCtx -}}
|
|
{{- $objectData := .objectData -}}
|
|
|
|
{{- if not $objectData.sources -}}
|
|
{{- fail "Persistence - Expected non-empty [sources] on [projected] type" -}}
|
|
{{- end -}}
|
|
|
|
{{- $defMode := "" -}}
|
|
{{- if (and $objectData.defaultMode (not (kindIs "string" $objectData.defaultMode))) -}}
|
|
{{- fail (printf "Persistence - Expected [defaultMode] to be [string], but got [%s]" (kindOf $objectData.defaultMode)) -}}
|
|
{{- end -}}
|
|
|
|
{{- with $objectData.defaultMode -}}
|
|
{{- $defMode = tpl $objectData.defaultMode $rootCtx -}}
|
|
{{- end -}}
|
|
|
|
{{- if and $defMode (not (mustRegexMatch "^[0-9]{4}$" $defMode)) -}}
|
|
{{- fail (printf "Persistence - Expected [defaultMode] to have be in format of [\"0777\"], but got [%q]" $defMode) -}}
|
|
{{- end -}}
|
|
{{- $allowedSources := (list "clusterTrustBundle" "configMap" "downwardAPI" "secret" "serviceAccountToken") }}
|
|
- name: {{ $objectData.shortName }}
|
|
projected:
|
|
{{- with $defMode }}
|
|
defaultMode: {{ . }}
|
|
{{- end }}
|
|
sources:
|
|
{{- range $source := $objectData.sources -}}
|
|
{{- if gt ($source | keys | len) 1 -}}
|
|
{{- fail "Persistence - Expected only one source type per item in [projected] volume" -}}
|
|
{{- end -}}
|
|
|
|
{{- $k := $source | keys | first -}}
|
|
{{- $v := (get $source $k) -}}
|
|
|
|
{{- if eq $k "serviceAccountToken" }}
|
|
{{- include "tc.v1.common.lib.pod.volume.projected.serviceAccountToken" (dict "rootCtx" $rootCtx "source" $v) | nindent 6 }}
|
|
{{- else if or (eq $k "secret") (eq $k "configMap") }}
|
|
{{- include "tc.v1.common.lib.pod.volume.projected.cm-secret" (dict "rootCtx" $rootCtx "source" $v "type" $k) | nindent 6 }}
|
|
{{- else if eq $k "downwardAPI" }}
|
|
{{- include "tc.v1.common.lib.pod.volume.projected.downwardAPI" (dict "rootCtx" $rootCtx "source" $v) | nindent 6 }}
|
|
{{- else if eq $k "clusterTrustBundle" }}
|
|
{{- include "tc.v1.common.lib.pod.volume.projected.clusterTrustBundle" (dict "rootCtx" $rootCtx "source" $v) | nindent 6 }}
|
|
{{- else -}}
|
|
{{- fail (printf "Persistence - Invalid source type [%s] for projected. Valid sources are [%s]" $k (join ", " $allowedSources)) -}}
|
|
{{- end -}}
|
|
{{- end -}}
|
|
{{- end -}}
|
|
|
|
{{- define "tc.v1.common.lib.pod.volume.projected.serviceAccountToken" -}}
|
|
{{- $rootCtx := .rootCtx -}}
|
|
{{- $source := .source -}}
|
|
|
|
{{- if hasKey $source "expirationSeconds" -}}
|
|
{{- if lt ($source.expirationSeconds | int) 600 -}}
|
|
{{- fail (printf "Persistence - Expected [expirationSeconds] to be greater than 600 seconds, but got [%v]" $source.expirationSeconds) -}}
|
|
{{- end -}}
|
|
{{- end -}}
|
|
|
|
{{- if not $source.path -}}
|
|
{{- fail "Persistence - Expected non-empty [path] on [serviceAccountToken] type" -}}
|
|
{{- end -}}
|
|
- serviceAccountToken:
|
|
{{- with $source.audience }}
|
|
audience: {{ tpl . $rootCtx }}
|
|
{{- end -}}
|
|
{{- with $source.expirationSeconds }}
|
|
expirationSeconds: {{ . }}
|
|
{{- end }}
|
|
path: {{ tpl $source.path $rootCtx }}
|
|
{{- end -}}
|
|
|
|
{{- define "tc.v1.common.lib.pod.volume.projected.downwardAPI" -}}
|
|
{{- $rootCtx := .rootCtx -}}
|
|
{{- $source := .source -}}
|
|
|
|
{{- if not (kindIs "map" $source) -}}
|
|
{{- fail (printf "Persistence - Expected [downwardAPI] in [sources] to be a map on [downwardAPI] type, but got [%s]" (kindOf $source)) -}}
|
|
{{- end -}}
|
|
|
|
{{- if not $source.items -}}
|
|
{{- fail "Persistence - Expected non-empty [items] on [downwardAPI] type" -}}
|
|
{{- end }}
|
|
- downwardAPI:
|
|
items:
|
|
{{- $allowedItems := (list "fieldRef" "resourceFieldRef") }}
|
|
{{- range $item := $source.items -}}
|
|
{{- if not $item.path -}}
|
|
{{- fail "Persistence - Expected non-empty [path] on item in [downwardAPI] type" -}}
|
|
{{- end }}
|
|
- path: {{ tpl $item.path $rootCtx }}
|
|
{{- if hasKey $item "fieldRef" }}
|
|
{{- if not $item.fieldRef.fieldPath -}}
|
|
{{- fail "Persistence - Expected non-empty [fieldPath] under [fieldRef] on item in [downwardAPI] type" -}}
|
|
{{- end }}
|
|
fieldRef:
|
|
{{- with $item.fieldRef.apiVersion }}
|
|
apiVersion: {{ tpl . $rootCtx }}
|
|
{{- end }}
|
|
fieldPath: {{ tpl $item.fieldRef.fieldPath $rootCtx }}
|
|
{{- else if hasKey $item "resourceFieldRef" }}
|
|
{{- if not $item.resourceFieldRef.containerName -}}
|
|
{{- fail "Persistence - Expected non-empty [containerName] under [resourceFieldRef] on item in [downwardAPI] type" -}}
|
|
{{- end -}}
|
|
{{- if not $item.resourceFieldRef.resource -}}
|
|
{{- fail "Persistence - Expected non-empty [resource] under [resourceFieldRef] on item in [downwardAPI] type" -}}
|
|
{{- end }}
|
|
resourceFieldRef:
|
|
resource: {{ tpl $item.resourceFieldRef.resource $rootCtx }}
|
|
containerName: {{ tpl $item.resourceFieldRef.containerName $rootCtx }}
|
|
{{- if hasKey $item.resourceFieldRef "divisor" }}
|
|
divisor: {{ $item.resourceFieldRef.divisor }}
|
|
{{- end -}}
|
|
{{- else -}}
|
|
{{- fail (printf "Persistence - Expected item in downwardAPI to have one of [%s] keys. But found [%s]" (join ", " $allowedItems) (join ", " ($item | keys | sortAlpha))) -}}
|
|
{{- end -}}
|
|
{{- end -}}
|
|
{{- end -}}
|
|
|
|
{{- define "tc.v1.common.lib.pod.volume.projected.cm-secret" -}}
|
|
{{- $rootCtx := .rootCtx -}}
|
|
{{- $source := .source -}}
|
|
{{- $type := .type -}}
|
|
|
|
{{- if not $source.objectName -}}
|
|
{{- fail (printf "Persistence - Expected non-empty [objectName] on [%s] type" $type) -}}
|
|
{{- end -}}
|
|
|
|
{{- if not $source.items -}}
|
|
{{- fail (printf "Persistence - Expected non-empty [items] on [%s] type" $type) -}}
|
|
{{- end -}}
|
|
|
|
{{- if not (kindIs "slice" $source.items) -}}
|
|
{{- fail (printf "Persistence - Expected [items] to be a slice on [%s] type, but got [%s]" $type (kindOf $source.items)) -}}
|
|
{{- end -}}
|
|
|
|
{{- $objectName := tpl $source.objectName $rootCtx -}}
|
|
|
|
{{- $expandName := (include "tc.v1.common.lib.util.expandName" (dict
|
|
"rootCtx" $rootCtx "objectData" $source
|
|
"name" $source.objectName "caller" "Persistence - Projected"
|
|
"key" "persistence")) -}}
|
|
{{- $ltype := $type | lower -}}
|
|
{{- if eq $expandName "true" -}}
|
|
{{- $object := (get (get $rootCtx.Values $ltype) $objectName) -}}
|
|
{{- if and (not $object) (not $source.optional) -}}
|
|
{{- fail (printf "Persistence - Expected %s [%s] defined in [objectName] to exist" $ltype $objectName) -}}
|
|
{{- end -}}
|
|
|
|
{{- $objectName = (printf "%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $objectName) -}}
|
|
{{- end }}
|
|
- {{ $type }}:
|
|
name: {{ $objectName }}
|
|
{{- if hasKey $source "optional" }}
|
|
optional: {{ $source.optional }}
|
|
{{- end }}
|
|
items:
|
|
{{- range $item := $source.items -}}
|
|
{{- if not $item.key -}}
|
|
{{- fail (printf "Persistence - Expected non-empty [key] on item in [%s] type" $type) -}}
|
|
{{- end -}}
|
|
{{- if not $item.path -}}
|
|
{{- fail (printf "Persistence - Expected non-empty [path] on item in [%s] type" $type) -}}
|
|
{{- end }}
|
|
- key: {{ tpl $item.key $rootCtx }}
|
|
path: {{ tpl $item.path $rootCtx }}
|
|
{{- end -}}
|
|
{{- end -}}
|
|
|
|
{{- define "tc.v1.common.lib.pod.volume.projected.clusterTrustBundle" -}}
|
|
{{- $rootCtx := .rootCtx -}}
|
|
{{- $source := .source -}}
|
|
|
|
{{- fail "Persistence - Key [clusterTrustBundle] is not yet implemented in [projected type]" -}}
|
|
{{- end -}}
|