From ae5365a1a7c33ffc712779588c477315912eba52 Mon Sep 17 00:00:00 2001 From: Kirill Plis Date: Mon, 12 Feb 2024 20:34:53 +0700 Subject: [PATCH 1/2] add services for each container --- standard-app/templates/network/service.yaml | 27 ++++++++- .../templates/workloads/deployment.yaml | 57 +++++++++++++++++-- 2 files changed, 76 insertions(+), 8 deletions(-) diff --git a/standard-app/templates/network/service.yaml b/standard-app/templates/network/service.yaml index c8a1c89..50a5df9 100644 --- a/standard-app/templates/network/service.yaml +++ b/standard-app/templates/network/service.yaml @@ -1,5 +1,28 @@ {{ range $appName, $appConfig := .Values.apps }} -{{- if $appConfig.service }} +{{- if $appConfig.containers }} +{{- range $containerName, $containerConfig := $appConfig.containers }} +{{- if $containerConfig.service }} +apiVersion: v1 +kind: Service +metadata: + name: {{ $containerName }} + labels: + app: {{ if $.Values.pr }}{{ $.Release.Name }}-{{ $appName | trimPrefix $.Release.Name | trimPrefix "-" }}{{ else }}{{ $appName }}{{ end }} + product: {{ $.Release.Name }} + {{- with $.Values.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + type: {{ $containerConfig.service.type | default "ClusterIP" }} + ports: + - port: {{ $containerConfig.service.port }} + targetPort: {{ $containerConfig.service.targetPort }} + protocol: {{ $containerConfig.service.protocol }} + selector: + app: {{ if $.Values.pr }}{{ $.Release.Name }}-{{ $appName | trimPrefix $.Release.Name | trimPrefix "-" }}{{ else }}{{ $appName }}{{ end }} +{{- end }} +{{- end }} +{{- else if $appConfig.service }} apiVersion: v1 kind: Service metadata: @@ -18,6 +41,7 @@ spec: protocol: {{ $appConfig.service.protocol }} selector: app: {{ if $.Values.pr }}{{ $.Release.Name }}-{{ $appName | trimPrefix $.Release.Name | trimPrefix "-" }}{{ else }}{{ $appName }}{{ end }} +{{- end }} --- {{- if $appConfig.rollout }} apiVersion: v1 @@ -40,5 +64,4 @@ spec: app: {{ if $.Values.pr }}{{ $.Release.Name }}-{{ $appName | trimPrefix $.Chart.Name | trimPrefix "-" }}{{ else }}{{ $appName }}{{ end }} --- {{- end }} -{{- end }} {{- end }} \ No newline at end of file diff --git a/standard-app/templates/workloads/deployment.yaml b/standard-app/templates/workloads/deployment.yaml index 6482ed7..3b30c78 100644 --- a/standard-app/templates/workloads/deployment.yaml +++ b/standard-app/templates/workloads/deployment.yaml @@ -100,15 +100,32 @@ spec: - {{ . | quote }} {{- end }} {{- end }} + {{- if $containerConfig.args }} args: {{- range $containerConfig.args }} - {{ . | quote -}} {{ end }} - {{- if $appConfig.volumes }} - volumeMounts: - {{- range $appConfig.volumes }} - - mountPath: {{ .mountPath }} - name: {{ .name }} + {{ end }} + {{- if $containerConfig.service }} + ports: + - name: {{ $containerConfig.service.name }} + containerPort: {{ $containerConfig.service.port }} + protocol: {{ $containerConfig.service.protocol }} + {{- else if $appConfig.service }} + ports: + - name: {{ $appConfig.service.name }} + containerPort: {{ $appConfig.service.port }} + protocol: {{ $appConfig.service.protocol }} + {{- end }} + {{- if $containerConfig.readinessProbe }} + readinessProbe: + {{- with $containerConfig.readinessProbe }} + {{- toYaml . | nindent 12 }} + {{- end }} + {{- else if $appConfig.readinessProbe }} + readinessProbe: + {{- with $appConfig.readinessProbe }} + {{- toYaml . | nindent 12 }} {{- end }} {{- end }} env: @@ -121,12 +138,40 @@ spec: - secretRef: name: {{ $containerName }} {{- end }} + {{- if $appConfig.secrets }} + - secretRef: + name: {{ $appName }} + {{- end }} {{- if $.Values.secrets }} - secretRef: name: {{ $.Release.Name }} {{- end }} + {{- if $containerConfig.resources }} + resources: + {{- with $containerConfig.resources }} + {{- toYaml . | nindent 12 }} + {{- end }} + {{- else if $appConfig.resources }} + resources: + {{- with $appConfig.resources }} + {{- toYaml . | nindent 12 }} + {{- end }} + {{- end }} + {{- if $containerConfig.volumes }} + volumeMounts: + {{- range $containerConfig.volumes }} + - mountPath: {{ .mountPath }} + name: {{ .name }} + {{- end }} + {{- else if $appConfig.volumes }} + volumeMounts: + {{- range $appConfig.volumes }} + - mountPath: {{ .mountPath }} + name: {{ .name }} + {{- end }} {{- end }} - {{- else }} + {{- end }} + {{- else }} - name: {{ $appName }} image: "{{- $appConfig.image | default $.Values.image }}:{{- $appConfig.tag | default $.Values.tag }}" imagePullPolicy: "{{- $appConfig.imagePullPolicy | default $.Values.imagePullPolicy }}" From 284cfb2e1e83e88ca97a7c105b573316a5d12e73 Mon Sep 17 00:00:00 2001 From: Kirill Plis Date: Mon, 12 Feb 2024 20:53:49 +0700 Subject: [PATCH 2/2] bump version, update secret and service, update changelog --- standard-app/CHANGELOG.md | 2 + standard-app/Chart.yaml | 2 +- .../templates/configs/externalsecret.yaml | 52 ++++++++++++++++--- standard-app/templates/network/service.yaml | 8 +++ 4 files changed, 57 insertions(+), 7 deletions(-) diff --git a/standard-app/CHANGELOG.md b/standard-app/CHANGELOG.md index e69de29..b3e4f33 100644 --- a/standard-app/CHANGELOG.md +++ b/standard-app/CHANGELOG.md @@ -0,0 +1,2 @@ +# 0.3.0 +* implemented services, ports, readiness probe, volume mounts and resources configuration support at the container level in deployments \ No newline at end of file diff --git a/standard-app/Chart.yaml b/standard-app/Chart.yaml index 6c48784..0b7be23 100644 --- a/standard-app/Chart.yaml +++ b/standard-app/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: standard-app description: A Helm chart library by Cloudkite type: application -version: 0.2.0 +version: 0.3.0 maintainters: - email: hello@cloudkite.io name: cloudkite diff --git a/standard-app/templates/configs/externalsecret.yaml b/standard-app/templates/configs/externalsecret.yaml index 1010919..fb181ec 100644 --- a/standard-app/templates/configs/externalsecret.yaml +++ b/standard-app/templates/configs/externalsecret.yaml @@ -1,6 +1,46 @@ -# deployment secret {{- if .Values.externalSecret }} + +# deployment secrets {{- range $appName, $appConfig := .Values.apps }} + +# deployment container secret +{{- range $containerName, $containerConfig := $appConfig.containers -}} +{{- if $containerConfig.secrets }} +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: {{ $containerName }} + labels: + app: {{ $appName }} + product: {{ $.Release.Name }} + {{- with $.Values.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + refreshInterval: 1m + secretStoreRef: + kind: ClusterSecretStore + name: {{ $.Values.externalSecret.secretStoreName }} + target: + name: {{ $containerName }} + creationPolicy: Owner + data: + {{- range $secret := $containerConfig.secrets }} + - secretKey: {{ $secret.secretKey }} + remoteRef: + {{- if eq $.Values.externalSecret.type "gcp" }} + key: {{ $.Release.Name | upper }}_{{ $secret }} + {{- end }} + {{- if eq $.Values.externalSecret.type "vault" }} + key: {{ $.Values.externalSecret.secretPath }}/{{ $.Release.Name }} + property: {{ $secret.property | default $secret.secretKey }} + {{- end }} + {{- end }} +--- +{{- end }} +{{- end }} + +# deployment global secret {{- if $appConfig.secrets }} apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret @@ -10,7 +50,7 @@ metadata: app: {{ if $.Values.pr }}{{ $.Release.Name }}-{{ $appName | trimPrefix $.Release.Name | trimPrefix "-" }}{{ else }}{{ $appName }}{{ end }} product: {{ $.Release.Name }} {{- with $.Values.labels }} - {{- toYaml . | nindent 4 }} + {{- toYaml . | nindent 4 }} {{- end }} spec: refreshInterval: {{ $.Values.externalSecret.refreshInterval | default "1m" }} @@ -24,13 +64,13 @@ spec: {{- range $secret := $appConfig.secrets }} - secretKey: {{ $secret.secretKey }} remoteRef: - {{- if eq $.Values.externalSecret.type "gcp" }} + {{- if eq $.Values.externalSecret.type "gcp" }} key: {{ $.Release.Name | upper }}_{{ $secret }} - {{- end }} - {{- if eq $.Values.externalSecret.type "vault" }} + {{- end }} + {{- if eq $.Values.externalSecret.type "vault" }} key: {{ $.Values.externalSecret.secretPath }}/{{ $.Release.Name }} property: {{ $secret.property | default $secret.secretKey }} - {{- end }} + {{- end }} {{- end }} --- {{- end }} diff --git a/standard-app/templates/network/service.yaml b/standard-app/templates/network/service.yaml index 50a5df9..bcbdd17 100644 --- a/standard-app/templates/network/service.yaml +++ b/standard-app/templates/network/service.yaml @@ -1,4 +1,7 @@ +# deployment services {{ range $appName, $appConfig := .Values.apps }} + +# deployment container service {{- if $appConfig.containers }} {{- range $containerName, $containerConfig := $appConfig.containers }} {{- if $containerConfig.service }} @@ -22,6 +25,8 @@ spec: app: {{ if $.Values.pr }}{{ $.Release.Name }}-{{ $appName | trimPrefix $.Release.Name | trimPrefix "-" }}{{ else }}{{ $appName }}{{ end }} {{- end }} {{- end }} + +# deployment global service {{- else if $appConfig.service }} apiVersion: v1 kind: Service @@ -43,6 +48,9 @@ spec: app: {{ if $.Values.pr }}{{ $.Release.Name }}-{{ $appName | trimPrefix $.Release.Name | trimPrefix "-" }}{{ else }}{{ $appName }}{{ end }} {{- end }} --- + +# rollout services +# rollout global service {{- if $appConfig.rollout }} apiVersion: v1 kind: Service