From 86b887d68681b45f013632b8d492e9cba0b984fd Mon Sep 17 00:00:00 2001 From: Spicoud Date: Wed, 6 Dec 2023 10:33:37 +0100 Subject: [PATCH] :tada: Inital commit --- .editorconfig | 12 + .github/workflows/docker-publish.yml | 46 + .gitignore | 37 + LICENSE | 190 ++ NOTICE | 17 + README.md | 160 ++ bouyguestelecom/spin/.helmignore | 23 + bouyguestelecom/spin/Chart.yaml | 25 + bouyguestelecom/spin/templates/NOTES.txt | 22 + bouyguestelecom/spin/templates/_helpers.tpl | 120 ++ bouyguestelecom/spin/templates/cm.yaml | 18 + .../spin/templates/deployment.yaml | 104 ++ bouyguestelecom/spin/templates/hpa.yaml | 37 + bouyguestelecom/spin/templates/ingress.yaml | 82 + .../spin/templates/poddisruptionbudget.yaml | 18 + bouyguestelecom/spin/templates/secret.yaml | 16 + bouyguestelecom/spin/templates/service.yaml | 38 + .../spin/templates/serviceaccount.yaml | 22 + .../spin/templates/tests/test-connection.yaml | 20 + bouyguestelecom/spin/values.schema.json | 1532 +++++++++++++++++ bouyguestelecom/spin/values.yaml | 273 +++ 21 files changed, 2812 insertions(+) create mode 100644 .editorconfig create mode 100644 .github/workflows/docker-publish.yml create mode 100644 .gitignore create mode 100644 LICENSE create mode 100644 NOTICE create mode 100644 README.md create mode 100644 bouyguestelecom/spin/.helmignore create mode 100644 bouyguestelecom/spin/Chart.yaml create mode 100644 bouyguestelecom/spin/templates/NOTES.txt create mode 100644 bouyguestelecom/spin/templates/_helpers.tpl create mode 100644 bouyguestelecom/spin/templates/cm.yaml create mode 100644 bouyguestelecom/spin/templates/deployment.yaml create mode 100644 bouyguestelecom/spin/templates/hpa.yaml create mode 100644 bouyguestelecom/spin/templates/ingress.yaml create mode 100644 bouyguestelecom/spin/templates/poddisruptionbudget.yaml create mode 100644 bouyguestelecom/spin/templates/secret.yaml create mode 100644 bouyguestelecom/spin/templates/service.yaml create mode 100644 bouyguestelecom/spin/templates/serviceaccount.yaml create mode 100644 bouyguestelecom/spin/templates/tests/test-connection.yaml create mode 100644 bouyguestelecom/spin/values.schema.json create mode 100644 bouyguestelecom/spin/values.yaml diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..5d47c21 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,12 @@ +# EditorConfig is awesome: https://EditorConfig.org + +# top-most EditorConfig file +root = true + +[*] +indent_style = space +indent_size = 2 +end_of_line = lf +charset = utf-8 +trim_trailing_whitespace = true +insert_final_newline = true diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml new file mode 100644 index 0000000..9b2300e --- /dev/null +++ b/.github/workflows/docker-publish.yml @@ -0,0 +1,46 @@ +# This is a basic workflow to help you get started with Actions + +name: Docker Publish spin helm + +# Controls when the workflow will run +on: + # Triggers the workflow on push or pull request events but only for the "main" branch + push: + branches: [ "main" ] + +# A workflow run is made up of one or more jobs that can run sequentially or in parallel +jobs: + # This workflow contains a single job called "build" + build: + # The type of runner that the job will run on + runs-on: ubuntu-latest + + # Steps represent a sequence of tasks that will be executed as part of the job + steps: + # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it + - uses: actions/checkout@v3 + + build-and-publish: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + + - name: Login to Docker Hub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Build and package Helm chart + run: | + helm package bouyguestelecom/spin -d packaged + + - name: Publish Helm chart + run: | + helm push packaged/*.tgz oci://registry-1.docker.io/bouyguestelecomcharts + diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..92a43e0 --- /dev/null +++ b/.gitignore @@ -0,0 +1,37 @@ +# General files for the project +pkg/* +*.pyc +bin/* +.project +/.bin +/_test/secrets/*.json + +# OSX leaves these everywhere on SMB shares +._* + +# OSX trash +.DS_Store + +# Files generated by JetBrains IDEs, e.g. IntelliJ IDEA +.idea/ +*.iml + +# Vscode files +.vscode + +# Emacs save files +*~ +\#*\# +.\#* + +# Vim-related files +[._]*.s[a-w][a-z] +[._]s[a-w][a-z] +*.un~ +Session.vim +.netrwhist + +# Chart dependencies +**/charts/*.tgz + +.history diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..17f3da3 --- /dev/null +++ b/LICENSE @@ -0,0 +1,190 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + Copyright 2023 Bouygues Telecom + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/NOTICE b/NOTICE new file mode 100644 index 0000000..91904cd --- /dev/null +++ b/NOTICE @@ -0,0 +1,17 @@ +This project includes software developed by Bouygues Telecom. + +This project is based on the Helm documentation and templates, which are licensed under the Apache License, Version 2.0. + +Copyright 2023 Bouygues SA + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. diff --git a/README.md b/README.md new file mode 100644 index 0000000..57beb3c --- /dev/null +++ b/README.md @@ -0,0 +1,160 @@ +# 🌀 Spin Helm Chart Template Repository ⎈ + +![Type: Helm Chart](https://img.shields.io/badge/Helm-0F1689?style=for-the-badge&logo=Helm&labelColor=0F1689) ![AppVersion: 1.16.0](https://img.shields.io/badge/kubernetes-326ce5.svg?&style=for-the-badge&logo=kubernetes&logoColor=white) + +Hello World! I'm the spin helm chart that You ( 🫵 ) need to get started quickly, without ( little 🤏 ) devops knowledge. + +This project provides template Helm Charts for deploying a web application into Kubernetes. + +**It offers the following documents 👇 :** + +| File | Description | +|--------------------------------------------|--------------------------------------------------------------------------| +| `/spin/Chart.yaml` | The definition file for your application. | +| `/spin/values.yaml` | Configurable values that are inserted into the following template files. | +| `/spin/values.schema.json` | Validate values in a chart's values.yaml file with JSON schemas. | +| `/spin/templates/deployment.yaml` | Template to configure your application's deployment. | +| `/spin/templates/service.yaml` | Template to configure your application's service. | +| `/spin/templates/hpa.yaml` | Template to configure your application's horizontal pod autoscaler. | +| `/spin/templates/ingress.yaml` | Template to configure your application's ingress . | +| `/spin/templates/cm.yaml` | Template to configure your application's config map. | +| `/spin/templates/poddisruptionbudget.yaml` | Template to configure your application's disruption budget . | +| `/spin/templates/secret.yaml` | Template to configure your secret data's applications. | +| `/spin/templates/serviceaccount.yaml` | Template to configure your application's service account. | +| `/spin/templates/NOTES.txt` | Helper to enable locating your application IP and PORT | +| `/spin/templates/_helpers.tpl` | Helper to store partials and helpers. | +| `/spin/templates/tests` | Tests folder application | + + +## 🟢 Prerequisites + +- Kubernetes 1.19+ +- Helm 3.8.0+ + +## 🌐 Chart Sources + +* `spin/`: Chart with API version v2 + +## 🤓 Getting started + +1️⃣ **Add this repository as a dependencies to your Chart.yaml** + +``` +dependencies: + - name: spin + version: 0.1.0 + repository: https://sara-picoud.github.io/spin-helms/ +``` + +[Learn more about subchart helm dependency 👈](https://helm.sh/docs/helm/helm_dependency/ ) + +2️⃣ **Configuring the spin's values in the values.yaml of your application** + +The most important thing is to declare the **'spin'** variable to be able to consume the values from the template. If a value is declared outside the **'spin'** scope, the value cannot be read by this template. + +**For example: 👇** + +``` +spin: + fullnameOverride: myApp + deployment: + imagePullSecrets: + - name: myApp-secret + image: + repository: registry.artifcatory + tag: 0.0.1 + ...... +``` +## 📚 API Values + +| Key | Type | Default | Description | +|-----------------------------------------------|--------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| autoscaling.enabled | bool | `true` | Enable or disable Horizontal Pod Autoscaler (Autoscalling)
[More about HPA ](https://kubernetes.io/fr/docs/tasks/run-application/horizontal-pod-autoscale-walkthrough/) | +| autoscaling.maxReplicas | int | `10` | Maximum number of pod replicas | +| autoscaling.minReplicas | int | `2` | Minimum number of pod replicas | +| autoscaling.targetCPUUtilizationPercentage | int | `100` | Target CPU Utilization Percentage | +| autoscaling.targetMemoryUtilizationPercentage | int | `100` | Target Memory Utilization Percentage | +| canary.cookie.enabled | bool | `false` | Enable or disable cookie-based routing
[More about canary release](https://dev.to/pavanbelagatti/kubernetes-deployments-rolling-vs-canary-vs-blue-green-4k9p#:~:text=Kubernetes%20canary%20deployment%20is%20a,the%20original%20replica%20set%20running.) | +| canary.cookie.name | string | `"x-hidden-prod"` | Name of the cookie to match | +| canary.enabled | bool | `false` | Enable or disable Canary releases | +| canary.header.enabled | bool | `false` | Enable or disable header-based routing | +| canary.header.name | string | `"cookie"` | Name of the HTTP header to match | +| canary.header.regex | string | `" "` | Regular expression to match the header value | +| canary.percent | object | `{"enabled":false,"value":20}` | Percentage-based routing settings | +| canary.percent.enabled | bool | `false` | Enable or disable percentage-based routing | +| canary.percent.value | int | `20` | Percentage of traffic to route to the Canary release | +| configFiles | object | `{}` | Set configurations files in configmaps.
[More about configMap](https://kubernetes.io/docs/concepts/configuration/configmap/) | +| deployment.affinity | object | `{}` | Pod affinity configurartion : Hard node and soft zone anti-affinity | +| deployment.args | list | `[]` | Additional arguments to pass to the command | +| deployment.containerAdminPort | string | `""` | If defined, forces the container to use an admin port other than the one defined in service.httpAdminPort. | +| deployment.containerEnv | object | `{}` | Additional ENV | +| deployment.containerExtraPorts | string | `""` | Add extra ports to container | +| deployment.containerExtraSpecs | string | `""` | Add extra specifications to container | +| deployment.containerPort | string | `""` | If defined, forces the container to use a port other than the one defined in service.httpPort.
[More about deployment](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/) | +| deployment.extraInitContainers | list | `[]` | Add initContainers | +| deployment.extraVolumeMounts | list | `[]` | Add additionnal volumeMounts | +| deployment.extraVolumes | list | `[]` | Add additionnal volumes | +| deployment.image.pullPolicy | string | `"IfNotPresent"` | docker image pull policy | +| deployment.image.repository | string | `"nginx"` | docker image repository url | +| deployment.image.tag | string | `"10"` | docker image tag | +| deployment.livenessProbe | object |
`{"failureThreshold":5,"httpGet":`
`{"path":"/","port":80,"scheme":"HTTP"},`
`"initialDelaySeconds":50,"periodSeconds":10,`
`"successThreshold":1,"timeoutSeconds":1}`
| Liveness probe configuration
[More about liveness probes](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) | +| deployment.livenessProbe.failureThreshold | int | `5` | Number of consecutive unsuccessful checks to be considered not alive | +| deployment.livenessProbe.httpGet.path | string | `"/"` | The path to be used for the HTTP GET request | +| deployment.livenessProbe.httpGet.port | int | `80` | The port on which to perform the GET request | +| deployment.livenessProbe.httpGet.scheme | string | `"HTTP"` | The scheme for the GET request (e.g., HTTP or HTTPS) | +| deployment.livenessProbe.initialDelaySeconds | int | `50` | Initial delay before starting the check (in seconds) | +| deployment.livenessProbe.periodSeconds | int | `10` | Check frequency (in seconds) | +| deployment.livenessProbe.successThreshold | int | `1` | Number of consecutive successful checks to be considered alive | +| deployment.livenessProbe.timeoutSeconds | int | `1` | Maximum wait time for a response (in seconds) | +| deployment.nodeSelector | object | `{}` | An empty object means no node selector is applied, and the pod can be scheduled on any node | +| deployment.podAnnotations | object | `{}` | Additional annotations for the Pod | +| deployment.podSecurityContext | object |
`{"enabled":false,"fsGroup":1001}`
| Pod-level security context configuration | +| deployment.podSecurityContext.enabled | bool | `false`
[More about security context](https://kubernetes.io/docs/concepts/security/pod-security-standards/) | Enable or disable the pod security context | +| deployment.podSecurityContext.fsGroup | int | `1001` | Set the File System Group (fsGroup) for the pod volumes | +| deployment.readinessProbe | object |
`{"failureThreshold":10,"httpGet":`
`{"path":"/","port":80,"scheme":"HTTP"},`
`"initialDelaySeconds":5,"periodSeconds":5,`
`"successThreshold":1,"timeoutSeconds":5}`
| Readiness probe configuration
[More about readiness probes](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) | +| deployment.readinessProbe.failureThreshold | int | `10` | Number of consecutive unsuccessful checks to be considered not ready | +| deployment.readinessProbe.httpGet.path | string | `"/"` | The path to be used for the HTTP GET request | +| deployment.readinessProbe.httpGet.port | int | `80` | The port on which to perform the GET request | +| deployment.readinessProbe.httpGet.scheme | string | `"HTTP"` | The scheme for the GET request (e.g., HTTP or HTTPS) | +| deployment.readinessProbe.initialDelaySeconds | int | `5` | Initial delay before starting the check (in seconds) | +| deployment.readinessProbe.periodSeconds | int | `5` | Check frequency (in seconds) | +| deployment.readinessProbe.successThreshold | int | `1` | Number of consecutive successful checks to be considered ready | +| deployment.readinessProbe.timeoutSeconds | int | `5` | Maximum wait time for a response (in seconds) | +| deployment.replicaCount | int | `2` | ReplicaCount for the Pod | +| deployment.resources | object | `{limits : {cpu: 100m , memory: 128mi} , requests: {cpu: 100m , memory: 128mi } }` | Resource Management for Pods and Containers
[More about resources](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | +| deployment.restartPolicy | string | `"Always"` | Pod restart policy. One of `Always`, `OnFailure`, or `Never` | +| deployment.securityContext | object | `{"enabled":false}` | Security context of the containers | +| deployment.startupProbe | string | `""` | Empty means no startup probe is configured | +| deployment.tolerations | list | `[]` | Empty list means no tolerations are applied | +| deployment.volumeMounts | list | `[]` | VolumeMounts | +| flux | object |
`{"configmap":{"enabled":false,`
`"filename":"flux.json"`
`,"filepath":"/usr/src/app/"},`
`"enabled":false,"internal":{}}`
| List of allowed entities for ENP
[More about egress-network-policies](https://cloud.redhat.com/blog/guide-to-kubernetes-egress-network-policies) | +| flux.configmap.enabled | bool | `false` | Indicates if the ConfigMap is enabled (false by default) | +| flux.configmap.filename | string | `"flux.json"` | The name of the Flux configuration file (default: flux.json) | +| flux.configmap.filepath | string | `"/usr/src/app/"` | The file path for Flux configuration (default: /usr/src/app/) | +| flux.enabled | bool | `false` | Indicates if Flux is enabled (false by default) | +| flux.internal | object | `{}` | Internal settings for Flux (empty by default) | +| fullnameOverride | string | `""` | | +| github | object |
`{"enabled":false,"organization":`
`"votre-organisation",`
`"repository":"votre-repo"}`
| Log into github to generate tag image | +| ingress.annotations | object | `{}` | Additional annotations for the Ingress | +| ingress.enabled | bool | `true` | Enable or disable the creation of an Ingress resource for the deployment
[More about ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) | +| ingress.labels | object | `{}` | Additional labels for the Ingress | +| ingress.rules | list |
`[{"host":"chart-example.local","paths":`
`[{"path":"/","pathType": `
`"ImplementationSpecific"}]}]`
| List of rules for the Ingress | +| nameOverride | string | `""` | | +| podDisruptionBudget | object | `{}` | Empty means no PDB is applied
[More about disruption budget](https://kubernetes.io/docs/tasks/run-application/configure-pdb/) | +| secrets | object | `{"data":{},"type":""}` | Configuration settings for Kubernetes secrets
[More about secrets](https://kubernetes.io/docs/concepts/configuration/secret/) | +| secrets.data | object | `{}` | Key-value pairs stored as base64-encoded strings | +| service.enabled | bool | `true` | Enable or disable the creation of a Kubernetes service for the deployment
[More about service](https://kubernetes.io/docs/concepts/services-networking/service/) | +| service.extraPorts | list | `[]` | Additional Service ports, e. g. for custom admin console | +| service.httpAdminNodePort | string | `""` | The Management node port if type is NodePort (The range of valid ports is 30000-32767) | +| service.httpAdminPort | int | `8081` | The Management port | +| service.httpAdminPortName | string | `"http-admin"` | The Management port name | +| service.httpNodePort | string | `""` | The HTTP Service node port if type is NodePort (The range of valid ports is 30000-32767) | +| service.httpPort | int | `8080` | The http Service port | +| service.type | string | `"ClusterIP"` | The Service type | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created
[More about service account](https://kubernetes.io/docs/concepts/security/service-accounts/) | +| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | +| serviceAccount.imagePullSecrets | list | `[]` | Image pull secrets that are attached to the ServiceAccount | +| serviceAccount.name | string | `""` | If not set and create is true, a name is generated using the fullname template | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.11.3](https://github.com/norwoodj/helm-docs/releases/v1.11.3) diff --git a/bouyguestelecom/spin/.helmignore b/bouyguestelecom/spin/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/bouyguestelecom/spin/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/bouyguestelecom/spin/Chart.yaml b/bouyguestelecom/spin/Chart.yaml new file mode 100644 index 0000000..c0bdd26 --- /dev/null +++ b/bouyguestelecom/spin/Chart.yaml @@ -0,0 +1,25 @@ +apiVersion: v2 +name: spin +description: A Helm chart for Kubernetes +sources: + - https://github.com/BouyguesTelecom/charts/tree/main/bouyguestelecom/spin +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/bouyguestelecom/spin/templates/NOTES.txt b/bouyguestelecom/spin/templates/NOTES.txt new file mode 100644 index 0000000..ff7a78a --- /dev/null +++ b/bouyguestelecom/spin/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ .Release.Name }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ .Release.Name }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ .Release.Name }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "spin.fullname" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/bouyguestelecom/spin/templates/_helpers.tpl b/bouyguestelecom/spin/templates/_helpers.tpl new file mode 100644 index 0000000..dcb0e37 --- /dev/null +++ b/bouyguestelecom/spin/templates/_helpers.tpl @@ -0,0 +1,120 @@ +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "spin.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "spin.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "spin.labels" -}} +helm.sh/chart: {{ include "spin.chart" . }} +{{ include "spin.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{- define "spin.subchart" -}} +{{- printf "%s-%s" "webapp" .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Selector labels +*/}} +{{- define "spin.selectorLabels" -}} +app.kubernetes.io/name: {{ include "spin.fullname" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create host +*/}} +{{- define "spin.host" -}} +{{- printf "%s.%s" .Values.environment .Values.domain }} +{{- end }} + +{{/* +Detect which version of main image we should use +*/}} +{{- define "spin.version" -}} +{{- if .Values.github.enabled }} +{{- printf "Fetching latest tag from GitHub..." | quote -}} +{{- printf -}} +{{- $githubTag := printf "https://api.github.com/repos/%s/%s/releases/latest" .Values.github.organization .Values.github.repository | quote }} +{{- $githubTagResponse := printf "$(curl -s %s)" $githubTag | quote }} +{{- $githubTagResponse -}} +{{- else }} +{{- .Values.deployment.image.tag | quote -}} +{{- end }} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "spin.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "spin.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Create volumes mounts definition +*/}} +{{- define "spin.volumeMounts" -}} +{{- if .Values.flux.configmap.enabled }} +volumeMounts: +- name: config-flux-volume +mountPath: {{ .Values.flux.configmap.filepath -}}{{- .Values.flux.configmap.filename }} +subPath: {{ .Values.flux.configmap.filename }} +{{- end }} +{{- with .Values.deployment.volumeMounts }} +volumeMounts: + {{- toYaml . | nindent 2 }} +{{- end }} +{{- with .Values.deployment.extraVolumeMounts }} + {{- toYaml | nindent 2 }} +{{- end }} +{{- end }} + +{{/* +Create volumes definition +*/}} +{{- define "spin.volumes" -}} + volumes: + {{- if .Values.flux.configmap.enabled }} + volumes: + - name: config-flux-volume + configMap: + name: {{ .Release.Name }}-config-flux + {{- end }} + {{- with .Values.deployment.volumes }} + {{- toYaml . | nindent 2 }} + {{- end }} + {{- with .Values.deployment.extraVolumes }} + {{- toYaml . | nindent 2 }} + {{- end }} +{{- end }} + diff --git a/bouyguestelecom/spin/templates/cm.yaml b/bouyguestelecom/spin/templates/cm.yaml new file mode 100644 index 0000000..5cb069c --- /dev/null +++ b/bouyguestelecom/spin/templates/cm.yaml @@ -0,0 +1,18 @@ +{{- /* +Copyright Bouygues Telecom SA +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.configFiles }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-conf + labels: + {{- include "spin.labels" . | nindent 4 }} +data: +{{- range $filename, $content := .Values.configFiles }} + {{ $filename }}: |- +{{ $content | indent 4 }} +{{- end }} +{{- end }} diff --git a/bouyguestelecom/spin/templates/deployment.yaml b/bouyguestelecom/spin/templates/deployment.yaml new file mode 100644 index 0000000..86aae3b --- /dev/null +++ b/bouyguestelecom/spin/templates/deployment.yaml @@ -0,0 +1,104 @@ +{{- /* +Copyright Bouygues Telecom SA +SPDX-License-Identifier: APACHE-2.0 +*/}} + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Release.Name }} + labels: + {{- include "spin.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.deployment.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "spin.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.deployment.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "spin.selectorLabels" . | nindent 8 }} + spec: + imagePullSecrets: + {{- if .Values.deployment.imagePullSecrets }} + {{- toYaml .Values.deployment.imagePullSecrets | nindent 2 }} + {{- else }} + - name: {{ .Release.Name }}-secret + {{- end }} + serviceAccountName: {{ include "spin.serviceAccountName" . }} + {{- if .Values.deployment.podSecurityContext.enabled }} + securityContext: {{- omit .Values.deployment.podSecurityContext "enabled" | toYaml | nindent 8 }} + {{- end }} + restartPolicy: {{ .Values.deployment.restartPolicy }} + {{- if .Values.deployment.extraInitContainers }} + initContainers: + {{- with .Values.deployment.extraInitContainers }} + {{- tpl . $ | nindent 8 }} + {{- end }} + {{- end }} + containers: + - name: {{ .Chart.Name }} + {{- if .Values.deployment.securityContext.enabled }} + securityContext: + {{- toYaml .Values.deployment.securityContext | nindent 12 }} + {{- end }} + image: {{ .Values.deployment.image.repository }}:{{ include "spin.version" . | replace "\"" "" }} + {{- with .Values.deployment.command }} + command: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.deployment.args }} + args: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.deployment.containerExtraSpecs }} + {{- tpl . $ | nindent 10 }} + {{- end }} + imagePullPolicy: {{ .Values.deployment.image.pullPolicy }} + ports: + - name: {{ .Values.service.httpPortName }} + containerPort: {{ default .Values.service.httpPort .Values.deployment.containerPort }} + {{- if or .Values.service.httpAdminPort .Values.deployment.containerAdminPort }} + - name: {{ .Values.service.httpAdminPortName }} + containerPort: {{ default .Values.service.httpAdminPort .Values.deployment.containerAdminPort }} + {{- end }} + {{- with .Values.deployment.containerExtraPorts }} + {{- tpl . $ | nindent 12 }} + {{- end }} + livenessProbe: + {{- toYaml .Values.deployment.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.deployment.readinessProbe | nindent 12 }} + {{- with .Values.deployment.startupProbe }} + startupProbe: + {{- tpl . $ | nindent 12 }} + {{- end }} + resources: + {{- toYaml .Values.deployment.resources | nindent 12 }} + {{ include "spin.volumeMounts" . | nindent 10 }} + env: + {{- with .Values.deployment.containerEnv }} + {{- range .env }} + - name: {{ .name }} + value: {{ .value | quote }} + {{- end }} + {{- end }} + {{- with .Values.deployment.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.deployment.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.deployment.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{ include "spin.volumes" . | nindent 6 }} diff --git a/bouyguestelecom/spin/templates/hpa.yaml b/bouyguestelecom/spin/templates/hpa.yaml new file mode 100644 index 0000000..0ce5c42 --- /dev/null +++ b/bouyguestelecom/spin/templates/hpa.yaml @@ -0,0 +1,37 @@ +{{- /* +Copyright Bouygues Telecom SA +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ .Release.Name }} + labels: + {{- include "spin.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ .Release.Name }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/bouyguestelecom/spin/templates/ingress.yaml b/bouyguestelecom/spin/templates/ingress.yaml new file mode 100644 index 0000000..a0dd4af --- /dev/null +++ b/bouyguestelecom/spin/templates/ingress.yaml @@ -0,0 +1,82 @@ +{{- /* +Copyright Bouygues Telecom SA +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.ingress.enabled -}} +{{- $svcPort := .Values.service.httpPort -}} +{{- $ingress := .Values.ingress -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .Release.Name }}-ingress{{- if eq .Values.canary.enabled true }}-canary{{- end }} + labels: + {{- include "spin.labels" . | nindent 4 }} + {{- range $key, $value := $ingress.labels }} + {{- printf "%s: %s" $key (tpl $value $ | quote) | nindent 4 }} + {{- end }} + app.kubernetes.io/component: http + {{- if or .Values.ingress.annotations .Values.ingress.tls }} + annotations: + {{- if eq $.Values.canary.enabled true }} + nginx.ingress.kubernetes.io/canary: "true" + {{- if eq .Values.canary.header.enabled true }} + nginx.ingress.kubernetes.io/canary-by-header: {{ .Values.canary.header.name }} + {{- if or (kindIs "invalid" $.Values.canary.header.regex) (eq $.Values.canary.header.regex "") }} + nginx.ingress.kubernetes.io/canary-by-header-value: "true" + {{- else}} + nginx.ingress.kubernetes.io/canary-by-header-pattern: {{ .Values.canary.header.regex }} + {{- end}} + {{- end}} + {{- if eq $.Values.canary.cookie.enabled true }} + nginx.ingress.kubernetes.io/canary-by-cookie: {{ .Values.canary.cookie.name }} + {{- end}} + {{- if eq $.Values.canary.percent.enabled true }} + nginx.ingress.kubernetes.io/canary-weight: '{{ .Values.canary.percent.value }}' + {{- end}} + {{- end }} + {{- with .Values.ingress.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- end }} +spec: +{{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} +{{- end }} + tls: + - hosts: + {{- if and .Values.environment .Values.domain }} + - {{- include "spin.host" . | quote }} + {{- else }} + - {{ .Values.ingress.host }} + {{- end }} + {{- if .Values.ingress.tls.secretName }} + secretName: {{ .Values.ingress.tls.secretName }} + {{- else }} + secretName: {{ .Release.Name }}-tls + {{- end }} + rules: + {{- range .Values.ingress.rules }} + {{- if .host }} + - host: {{ tpl .host $ | quote }} + {{- end }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + service: + name: {{ .Release.Name }}-service + port: + number: {{ .backend.service.port.number | default $svcPort }} + {{- end }} + {{- end }} +{{- end }} diff --git a/bouyguestelecom/spin/templates/poddisruptionbudget.yaml b/bouyguestelecom/spin/templates/poddisruptionbudget.yaml new file mode 100644 index 0000000..57d59da --- /dev/null +++ b/bouyguestelecom/spin/templates/poddisruptionbudget.yaml @@ -0,0 +1,18 @@ +{{- /* +Copyright Bouygues Telecom SA +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.podDisruptionBudget -}} +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ .Release.Name }} + labels: + {{- include "spin.labels" . | nindent 4 }} +spec: + {{- toYaml .Values.podDisruptionBudget | nindent 2 }} + selector: + matchLabels: + {{- include "spin.selectorLabels" . | nindent 6 }} +{{- end -}} diff --git a/bouyguestelecom/spin/templates/secret.yaml b/bouyguestelecom/spin/templates/secret.yaml new file mode 100644 index 0000000..fd58e83 --- /dev/null +++ b/bouyguestelecom/spin/templates/secret.yaml @@ -0,0 +1,16 @@ +{{- /* +Copyright Bouygues Telecom SA +SPDX-License-Identifier: APACHE-2.0 +*/}} + +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Release.Name }}-secret + labels: + {{- include "spin.labels" . | nindent 4 }} +data: + {{- with .Values.secrets.data }} + {{- toYaml . | nindent 4 }} + {{- end }} +type: {{ .Values.secrets.type }} diff --git a/bouyguestelecom/spin/templates/service.yaml b/bouyguestelecom/spin/templates/service.yaml new file mode 100644 index 0000000..7082cfd --- /dev/null +++ b/bouyguestelecom/spin/templates/service.yaml @@ -0,0 +1,38 @@ +{{- /* +Copyright Bouygues Telecom SA +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.service.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Release.Name }}-service + labels: + {{- include "spin.labels" . | nindent 4 }} + app.kubernetes.io/component: http +spec: + type: {{ .Values.service.type }} + ports: + - name: {{ .Values.service.httpPortName }} + port: {{ .Values.service.httpPort }} + targetPort: {{ .Values.service.httpPortName }} + {{- if and (eq "NodePort" .Values.service.type) .Values.service.httpNodePort }} + nodePort: {{ .Values.service.httpNodePort }} + {{- end }} + protocol: TCP + {{- if or .Values.service.httpAdminPort .Values.service.httpAdminNodePort }} + - name: {{ .Values.service.httpAdminPortName }} + port: {{ .Values.service.httpAdminPort }} + targetPort: {{ .Values.service.httpAdminPortName }} + {{- if and (eq "NodePort" .Values.service.type) .Values.service.httpAdminNodePort }} + nodePort: {{ .Values.service.httpAdminNodePort }} + {{- end }} + protocol: TCP + {{- end }} + {{- with .Values.service.extraPorts }} + {{- toYaml . | nindent 4 }} + {{- end }} + selector: + {{- include "spin.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/bouyguestelecom/spin/templates/serviceaccount.yaml b/bouyguestelecom/spin/templates/serviceaccount.yaml new file mode 100644 index 0000000..1fb9d61 --- /dev/null +++ b/bouyguestelecom/spin/templates/serviceaccount.yaml @@ -0,0 +1,22 @@ +{{- /* +Copyright Bouygues Telecom SA +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "spin.serviceAccountName" . }} + labels: + {{- include "spin.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} +{{- if .Values.serviceAccount.imagePullSecrets }} +imagePullSecrets: + {{- printf "- name: %s-dockercfg-xxxxx" (include "spin.fullname" .) | nindent 4 }} + {{- toYaml .Values.serviceAccount.imagePullSecrets | nindent 4 }} +{{- end }} diff --git a/bouyguestelecom/spin/templates/tests/test-connection.yaml b/bouyguestelecom/spin/templates/tests/test-connection.yaml new file mode 100644 index 0000000..ade3a26 --- /dev/null +++ b/bouyguestelecom/spin/templates/tests/test-connection.yaml @@ -0,0 +1,20 @@ +{{- /* +Copyright Bouygues Telecom SA +SPDX-License-Identifier: APACHE-2.0 +*/}} + +apiVersion: v1 +kind: Pod +metadata: + name: "{{ .Release.Name }}-test-connection" + labels: + {{- include "spin.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ .Release.Name }}:{{ .Values.service.httpPort }}'] + restartPolicy: Never diff --git a/bouyguestelecom/spin/values.schema.json b/bouyguestelecom/spin/values.schema.json new file mode 100644 index 0000000..3318b30 --- /dev/null +++ b/bouyguestelecom/spin/values.schema.json @@ -0,0 +1,1532 @@ +{ + "$schema": "https://json-schema.org/draft/2019-09/schema", + "type": "object", + "title": "Root Schema for Helm template", + "required": [ + "deployment", + "ingress", + "service", + "secrets" + ], + "properties": { + "fullnameOverride": { + "type": "string", + "default": "", + "title": "The fullnameOverride Schema", + "examples": [ + "" + ] + }, + "nameOverride": { + "type": "string", + "default": "", + "title": "The nameOverride Schema", + "examples": [ + "" + ] + }, + "deployment": { + "type": "object", + "default": {}, + "title": "The deployment Schema", + "required": [ + "containerPort", + "containerAdminPort", + "replicaCount", + "podAnnotations", + "imagePullSecrets", + "image", + "containerEnv", + "containerExtraPorts", + "containerExtraSpecs", + "args", + "podSecurityContext", + "extraInitContainers", + "restartPolicy", + "securityContext", + "volumes", + "volumeMounts", + "command", + "nodeSelector", + "affinity", + "readinessProbe", + "livenessProbe", + "resources", + "tolerations", + "startupProbe", + "extraVolumes", + "extraVolumeMounts" + ], + "properties": { + "containerPort": { + "type": "string", + "default": "", + "title": "The containerPort Schema", + "examples": [ + "" + ] + }, + "containerAdminPort": { + "type": "string", + "default": "", + "title": "The containerAdminPort Schema", + "examples": [ + "" + ] + }, + "replicaCount": { + "type": "integer", + "default": 0, + "title": "The replicaCount Schema", + "examples": [ + 2 + ] + }, + "podAnnotations": { + "type": "object", + "default": {}, + "title": "The podAnnotations Schema", + "required": [], + "properties": {}, + "examples": [{}] + }, + "imagePullSecrets": { + "type": "array", + "default": [], + "title": "The imagePullSecrets Schema", + "items": {}, + "examples": [ + [] + ] + }, + "image": { + "type": "object", + "default": {}, + "title": "The image Schema", + "required": [ + "repository", + "pullPolicy", + "tag" + ], + "properties": { + "repository": { + "type": "string", + "default": "", + "title": "The repository Schema", + "examples": [ + "nginx" + ] + }, + "pullPolicy": { + "type": "string", + "default": "", + "title": "The pullPolicy Schema", + "examples": [ + "IfNotPresent" + ] + }, + "tag": { + "type": "string", + "default": "", + "title": "The tag Schema", + "examples": [ + "10" + ] + } + }, + "examples": [{ + "repository": "nginx", + "pullPolicy": "IfNotPresent", + "tag": "10" + }] + }, + "containerEnv": { + "type": "object", + "default": {}, + "title": "The containerEnv Schema", + "required": [], + "properties": {}, + "examples": [{}] + }, + "containerExtraPorts": { + "type": "string", + "default": "", + "title": "The containerExtraPorts Schema", + "examples": [ + "" + ] + }, + "containerExtraSpecs": { + "type": "string", + "default": "", + "title": "The containerExtraSpecs Schema", + "examples": [ + "" + ] + }, + "args": { + "type": "array", + "default": [], + "title": "The args Schema", + "items": {}, + "examples": [ + [] + ] + }, + "podSecurityContext": { + "type": "object", + "default": {}, + "title": "The podSecurityContext Schema", + "required": [ + "enabled", + "fsGroup" + ], + "properties": { + "enabled": { + "type": "boolean", + "default": false, + "title": "The enabled Schema", + "examples": [ + false + ] + }, + "fsGroup": { + "type": "integer", + "default": 0, + "title": "The fsGroup Schema", + "examples": [ + 1001 + ] + } + }, + "examples": [{ + "enabled": false, + "fsGroup": 1001 + }] + }, + "extraInitContainers": { + "type": "array", + "default": [], + "title": "The extraInitContainers Schema", + "items": {}, + "examples": [ + [] + ] + }, + "restartPolicy": { + "type": "string", + "default": "", + "title": "The restartPolicy Schema", + "examples": [ + "Always" + ] + }, + "securityContext": { + "type": "object", + "default": {}, + "title": "The securityContext Schema", + "required": [ + "enabled" + ], + "properties": { + "enabled": { + "type": "boolean", + "default": false, + "title": "The enabled Schema", + "examples": [ + false + ] + } + }, + "examples": [{ + "enabled": false + }] + }, + "volumes": { + "type": "array", + "default": [], + "title": "The volumes Schema", + "examples": [ + "" + ] + }, + "volumeMounts": { + "type": "array", + "default": [], + "title": "The volumeMounts Schema", + "examples": [ + "" + ] + }, + "command": { + "type": "array", + "default": [], + "title": "The command Schema", + "items": {}, + "examples": [ + [] + ] + }, + "nodeSelector": { + "type": "object", + "default": {}, + "title": "The nodeSelector Schema", + "required": [], + "properties": {}, + "examples": [{}] + }, + "affinity": { + "type": "object", + "default": {}, + "title": "The affinity Schema", + "required": [], + "properties": {}, + "examples": [{}] + }, + "readinessProbe": { + "type": "object", + "default": {}, + "title": "The readinessProbe Schema", + "required": [ + "httpGet", + "initialDelaySeconds", + "timeoutSeconds", + "periodSeconds", + "successThreshold", + "failureThreshold" + ], + "properties": { + "httpGet": { + "type": "object", + "default": {}, + "title": "The httpGet Schema", + "required": [ + "path", + "port", + "scheme" + ], + "properties": { + "path": { + "type": "string", + "default": "", + "title": "The path Schema", + "examples": [ + "/" + ] + }, + "port": { + "type": "integer", + "default": 0, + "title": "The port Schema", + "examples": [ + 80 + ] + }, + "scheme": { + "type": "string", + "default": "", + "title": "The scheme Schema", + "examples": [ + "HTTP" + ] + } + }, + "examples": [{ + "path": "/", + "port": 80, + "scheme": "HTTP" + }] + }, + "initialDelaySeconds": { + "type": "integer", + "default": 0, + "title": "The initialDelaySeconds Schema", + "examples": [ + 5 + ] + }, + "timeoutSeconds": { + "type": "integer", + "default": 0, + "title": "The timeoutSeconds Schema", + "examples": [ + 5 + ] + }, + "periodSeconds": { + "type": "integer", + "default": 0, + "title": "The periodSeconds Schema", + "examples": [ + 5 + ] + }, + "successThreshold": { + "type": "integer", + "default": 0, + "title": "The successThreshold Schema", + "examples": [ + 1 + ] + }, + "failureThreshold": { + "type": "integer", + "default": 0, + "title": "The failureThreshold Schema", + "examples": [ + 10 + ] + } + }, + "examples": [{ + "httpGet": { + "path": "/", + "port": 80, + "scheme": "HTTP" + }, + "initialDelaySeconds": 5, + "timeoutSeconds": 5, + "periodSeconds": 5, + "successThreshold": 1, + "failureThreshold": 10 + }] + }, + "livenessProbe": { + "type": "object", + "default": {}, + "title": "The livenessProbe Schema", + "required": [ + "httpGet", + "initialDelaySeconds", + "timeoutSeconds", + "periodSeconds", + "successThreshold", + "failureThreshold" + ], + "properties": { + "httpGet": { + "type": "object", + "default": {}, + "title": "The httpGet Schema", + "required": [ + "path", + "port", + "scheme" + ], + "properties": { + "path": { + "type": "string", + "default": "", + "title": "The path Schema", + "examples": [ + "/" + ] + }, + "port": { + "type": "integer", + "default": 0, + "title": "The port Schema", + "examples": [ + 80 + ] + }, + "scheme": { + "type": "string", + "default": "", + "title": "The scheme Schema", + "examples": [ + "HTTP" + ] + } + }, + "examples": [{ + "path": "/", + "port": 80, + "scheme": "HTTP" + }] + }, + "initialDelaySeconds": { + "type": "integer", + "default": 0, + "title": "The initialDelaySeconds Schema", + "examples": [ + 50 + ] + }, + "timeoutSeconds": { + "type": "integer", + "default": 0, + "title": "The timeoutSeconds Schema", + "examples": [ + 1 + ] + }, + "periodSeconds": { + "type": "integer", + "default": 0, + "title": "The periodSeconds Schema", + "examples": [ + 10 + ] + }, + "successThreshold": { + "type": "integer", + "default": 0, + "title": "The successThreshold Schema", + "examples": [ + 1 + ] + }, + "failureThreshold": { + "type": "integer", + "default": 0, + "title": "The failureThreshold Schema", + "examples": [ + 5 + ] + } + }, + "examples": [{ + "httpGet": { + "path": "/", + "port": 80, + "scheme": "HTTP" + }, + "initialDelaySeconds": 50, + "timeoutSeconds": 1, + "periodSeconds": 10, + "successThreshold": 1, + "failureThreshold": 5 + }] + }, + "resources": { + "type": "object", + "default": {}, + "title": "The resources Schema", + "required": [], + "properties": { + "limits": { + "type": "object", + "default": {}, + "title": "The limits Schema", + "required": [ + "cpu", + "memory" + ], + "properties": { + "cpu": { + "type": "string", + "default": "", + "title": "The cpu Schema", + "examples": [ + "500m" + ] + }, + "memory": { + "type": "string", + "default": "", + "title": "The memory Schema", + "examples": [ + "1Gi" + ] + } + }, + "examples": [{ + "cpu": "500m", + "memory": "1Gi" + }] + }, + "requests": { + "type": "object", + "default": {}, + "title": "The requests Schema", + "required": [ + "cpu", + "memory" + ], + "properties": { + "cpu": { + "type": "string", + "default": "", + "title": "The cpu Schema", + "examples": [ + "100m" + ] + }, + "memory": { + "type": "string", + "default": "", + "title": "The memory Schema", + "examples": [ + "128Mi" + ] + } + }, + "examples": [{ + "cpu": "100m", + "memory": "128Mi" + }] + } + }, + "examples": [{ + "limits": { + "cpu": "100m", + "memory": "128Mi" + }, + "requests": { + "cpu": "100m", + "memory": "128Mi" + } + }] + }, + "tolerations": { + "type": "array", + "default": [], + "title": "The tolerations Schema", + "items": {}, + "examples": [ + [] + ] + }, + "startupProbe": { + "type": "string", + "default": "", + "title": "The startupProbe Schema", + "examples": [ + "" + ] + }, + "extraVolumes": { + "type": "array", + "default": [], + "title": "The extraVolumes Schema", + "examples": [ + "" + ] + }, + "extraVolumeMounts": { + "type": "string", + "default": "", + "title": "The extraVolumeMounts Schema", + "examples": [ + "" + ] + } + }, + "examples": [{ + "containerPort": "", + "containerAdminPort": "", + "replicaCount": 2, + "podAnnotations": {}, + "imagePullSecrets": [], + "image": { + "repository": "nginx", + "pullPolicy": "IfNotPresent", + "tag": "10" + }, + "containerEnv": {}, + "containerExtraPorts": "", + "containerExtraSpecs": "", + "args": [], + "podSecurityContext": { + "enabled": false, + "fsGroup": 1001 + }, + "extraInitContainers": [], + "restartPolicy": "Always", + "securityContext": { + "enabled": false + }, + "volumes": [], + "volumeMounts": [], + "command": [], + "nodeSelector": {}, + "affinity": {}, + "readinessProbe": { + "httpGet": { + "path": "/", + "port": 80, + "scheme": "HTTP" + }, + "initialDelaySeconds": 5, + "timeoutSeconds": 5, + "periodSeconds": 5, + "successThreshold": 1, + "failureThreshold": 10 + }, + "livenessProbe": { + "httpGet": { + "path": "/", + "port": 80, + "scheme": "HTTP" + }, + "initialDelaySeconds": 50, + "timeoutSeconds": 1, + "periodSeconds": 10, + "successThreshold": 1, + "failureThreshold": 5 + }, + "resources": { + "limits": { + "cpu": "100m", + "memory": "128Mi" + }, + "requests": { + "cpu": "100m", + "memory": "128Mi" + } + }, + "tolerations": [], + "startupProbe": "", + "extraVolumes": [], + "extraVolumeMounts": "" + }] + }, + "autoscaling": { + "type": "object", + "default": {}, + "title": "The autoscaling Schema", + "required": [ + "enabled", + "minReplicas", + "maxReplicas", + "targetCPUUtilizationPercentage", + "targetMemoryUtilizationPercentage" + ], + "properties": { + "enabled": { + "type": "boolean", + "default": false, + "title": "The enabled Schema", + "examples": [ + true + ] + }, + "minReplicas": { + "type": "integer", + "default": 0, + "title": "The minReplicas Schema", + "examples": [ + 2 + ] + }, + "maxReplicas": { + "type": "integer", + "default": 0, + "title": "The maxReplicas Schema", + "examples": [ + 10 + ] + }, + "targetCPUUtilizationPercentage": { + "type": "integer", + "default": 0, + "title": "The targetCPUUtilizationPercentage Schema", + "examples": [ + 100 + ] + }, + "targetMemoryUtilizationPercentage": { + "type": "integer", + "default": 0, + "title": "The targetMemoryUtilizationPercentage Schema", + "examples": [ + 100 + ] + } + }, + "examples": [{ + "enabled": true, + "minReplicas": 2, + "maxReplicas": 10, + "targetCPUUtilizationPercentage": 100, + "targetMemoryUtilizationPercentage": 100 + }] + }, + "ingress": { + "type": "object", + "default": {}, + "title": "The ingress Schema", + "required": [ + "enabled", + "labels", + "className", + "annotations", + "host", + "tls", + "rules" + ], + "properties": { + "enabled": { + "type": "boolean", + "default": false, + "title": "The enabled Schema", + "examples": [ + true + ] + }, + "labels": { + "type": "object", + "default": {}, + "title": "The labels Schema", + "required": [], + "properties": {}, + "examples": [{}] + }, + "className": { + "type": "string", + "default": "", + "title": "The className Schema", + "examples": [ + "" + ] + }, + "annotations": { + "type": "object", + "default": {}, + "title": "The annotations Schema", + "required": [], + "properties": {}, + "examples": [{}] + }, + "host": { + "type": "string", + "default": "", + "title": "The host Schema", + "examples": [ + "your-host" + ] + }, + "tls": { + "type": "object", + "default": {}, + "title": "The tls Schema", + "required": [ + "secretName" + ], + "properties": { + "secretName": { + "type": "string", + "default": "", + "title": "The secretName Schema", + "examples": [ + "" + ] + } + }, + "examples": [{ + "secretName": "" + }] + }, + "rules": { + "type": "array", + "default": [], + "title": "The rules Schema", + "items": { + "type": "object", + "default": {}, + "title": "A Schema", + "required": [ + "host", + "paths" + ], + "properties": { + "host": { + "type": "string", + "default": "", + "title": "The host Schema", + "examples": [ + "chart-example.local" + ] + }, + "paths": { + "type": "array", + "default": [], + "title": "The paths Schema", + "items": { + "type": "object", + "default": {}, + "title": "A Schema", + "required": [ + "path", + "pathType" + ], + "properties": { + "path": { + "type": "string", + "default": "", + "title": "The path Schema", + "examples": [ + "/" + ] + }, + "pathType": { + "type": "string", + "default": "", + "title": "The pathType Schema", + "examples": [ + "ImplementationSpecific" + ] + } + }, + "examples": [{ + "path": "/", + "pathType": "ImplementationSpecific" + }] + }, + "examples": [ + [{ + "path": "/", + "pathType": "ImplementationSpecific" + }] + ] + } + }, + "examples": [{ + "host": "chart-example.local", + "paths": [{ + "path": "/", + "pathType": "ImplementationSpecific" + }] + }] + }, + "examples": [ + [{ + "host": "chart-example.local", + "paths": [{ + "path": "/", + "pathType": "ImplementationSpecific" + }] + }] + ] + } + }, + "examples": [{ + "enabled": true, + "labels": {}, + "className": "", + "annotations": {}, + "host": "your-host", + "tls": { + "secretName": "" + }, + "rules": [{ + "host": "chart-example.local", + "paths": [{ + "path": "/", + "pathType": "ImplementationSpecific" + }] + }] + }] + }, + "service": { + "type": "object", + "default": {}, + "title": "The service Schema", + "required": [ + "enabled", + "httpPortName", + "type", + "httpPort", + "httpNodePort", + "httpAdminPort", + "httpAdminPortName", + "httpAdminNodePort", + "extraPorts" + ], + "properties": { + "enabled": { + "type": "boolean", + "default": false, + "title": "The enabled Schema", + "examples": [ + true + ] + }, + "httpPortName": { + "type": "string", + "default": "", + "title": "The httpPortName Schema", + "examples": [ + "http" + ] + }, + "type": { + "type": "string", + "default": "", + "title": "The type Schema", + "examples": [ + "ClusterIP" + ] + }, + "httpPort": { + "type": "integer", + "default": 0, + "title": "The httpPort Schema", + "examples": [ + 8080 + ] + }, + "httpNodePort": { + "type": "string", + "default": "", + "title": "The httpNodePort Schema", + "examples": [ + "" + ] + }, + "httpAdminPort": { + "type": "integer", + "default": 0, + "title": "The httpAdminPort Schema", + "examples": [ + 8081 + ] + }, + "httpAdminPortName": { + "type": "string", + "default": "", + "title": "The httpAdminPortName Schema", + "examples": [ + "http-admin" + ] + }, + "httpAdminNodePort": { + "type": "string", + "default": "", + "title": "The httpAdminNodePort Schema", + "examples": [ + "" + ] + }, + "extraPorts": { + "type": "array", + "default": [], + "title": "The extraPorts Schema", + "items": {}, + "examples": [ + [] + ] + } + }, + "examples": [{ + "enabled": true, + "httpPortName": "http", + "type": "ClusterIP", + "httpPort": 8080, + "httpNodePort": "", + "httpAdminPort": 8081, + "httpAdminPortName": "http-admin", + "httpAdminNodePort": "", + "extraPorts": [] + }] + }, + "serviceAccount": { + "type": "object", + "default": {}, + "title": "The serviceAccount Schema", + "required": [ + "create", + "annotations", + "name", + "imagePullSecrets" + ], + "properties": { + "create": { + "type": "boolean", + "default": false, + "title": "The create Schema", + "examples": [ + true + ] + }, + "annotations": { + "type": "object", + "default": {}, + "title": "The annotations Schema", + "required": [], + "properties": {}, + "examples": [{}] + }, + "name": { + "type": "string", + "default": "", + "title": "The name Schema", + "examples": [ + "" + ] + }, + "imagePullSecrets": { + "type": "array", + "default": [], + "title": "The imagePullSecrets Schema", + "items": {}, + "examples": [ + [] + ] + } + }, + "examples": [{ + "create": true, + "annotations": {}, + "name": "", + "imagePullSecrets": [] + }] + }, + "canary": { + "type": "object", + "default": {}, + "title": "The canary Schema", + "required": [ + "enabled", + "header", + "cookie", + "percent" + ], + "properties": { + "enabled": { + "type": "boolean", + "default": false, + "title": "The enabled Schema", + "examples": [ + false + ] + }, + "header": { + "type": "object", + "default": {}, + "title": "The header Schema", + "required": [ + "enabled", + "name", + "regex" + ], + "properties": { + "enabled": { + "type": "boolean", + "default": false, + "title": "The enabled Schema", + "examples": [ + false + ] + }, + "name": { + "type": "string", + "default": "", + "title": "The name Schema", + "examples": [ + "cookie" + ] + }, + "regex": { + "type": "string", + "default": "", + "title": "The regex Schema", + "examples": [ + " " + ] + } + }, + "examples": [{ + "enabled": false, + "name": "cookie", + "regex": "" + }] + }, + "cookie": { + "type": "object", + "default": {}, + "title": "The cookie Schema", + "required": [ + "enabled", + "name" + ], + "properties": { + "enabled": { + "type": "boolean", + "default": false, + "title": "The enabled Schema", + "examples": [ + false + ] + }, + "name": { + "type": "string", + "default": "", + "title": "The name Schema", + "examples": [ + "x-hidden-prod" + ] + } + }, + "examples": [{ + "enabled": false, + "name": "x-hidden-prod" + }] + }, + "percent": { + "type": "object", + "default": {}, + "title": "The percent Schema", + "required": [ + "enabled", + "value" + ], + "properties": { + "enabled": { + "type": "boolean", + "default": false, + "title": "The enabled Schema", + "examples": [ + false + ] + }, + "value": { + "type": "integer", + "default": 0, + "title": "The value Schema", + "examples": [ + 20 + ] + } + }, + "examples": [{ + "enabled": false, + "value": 20 + }] + } + }, + "examples": [{ + "enabled": false, + "header": { + "enabled": false, + "name": "cookie", + "regex": "" + }, + "cookie": { + "enabled": false, + "name": "x-hidden-prod" + }, + "percent": { + "enabled": false, + "value": 20 + } + }] + }, + "flux": { + "type": "object", + "default": {}, + "title": "The flux Schema", + "required": [ + "enabled", + "configmap", + "internal" + ], + "properties": { + "enabled": { + "type": "boolean", + "default": false, + "title": "The enabled Schema", + "examples": [ + false + ] + }, + "configmap": { + "type": "object", + "default": {}, + "title": "The configmap Schema", + "required": [ + "enabled", + "filepath", + "filename" + ], + "properties": { + "enabled": { + "type": "boolean", + "default": false, + "title": "The enabled Schema", + "examples": [ + false + ] + }, + "filepath": { + "type": "string", + "default": "", + "title": "The filepath Schema", + "examples": [ + "/usr/src/app/" + ] + }, + "filename": { + "type": "string", + "default": "", + "title": "The filename Schema", + "examples": [ + "flux.json" + ] + } + }, + "examples": [{ + "enabled": false, + "filepath": "/usr/src/app/", + "filename": "flux.json" + }] + }, + "internal": { + "type": "object", + "default": {}, + "title": "The internal Schema", + "required": [], + "properties": {}, + "examples": [{}] + } + }, + "examples": [{ + "enabled": false, + "configmap": { + "enabled": false, + "filepath": "/usr/src/app/", + "filename": "flux.json" + }, + "internal": {} + }] + }, + "podDisruptionBudget": { + "type": "object", + "default": {}, + "title": "The podDisruptionBudget Schema", + "required": [], + "properties": {}, + "examples": [{}] + }, + "secrets": { + "type": "object", + "default": {}, + "title": "The secrets Schema", + "required": [ + "data", + "type" + ], + "properties": { + "data": { + "type": "object", + "default": {}, + "title": "The data Schema", + "required": [], + "properties": {}, + "examples": [{}] + }, + "type": { + "type": "string", + "default": "", + "title": "The type Schema", + "examples": [ + "" + ] + } + }, + "examples": [{ + "data": {}, + "type": "" + }] + }, + "configFiles": { + "type": "object", + "default": {}, + "title": "The configFiles Schema", + "required": [], + "properties": {}, + "examples": [{}] + }, + "github": { + "type": "object", + "default": {}, + "title": "The github Schema", + "required": [ + "enabled", + "organization", + "repository" + ], + "properties": { + "enabled": { + "type": "boolean", + "default": false, + "title": "The enabled Schema", + "examples": [ + false + ] + }, + "organization": { + "type": "string", + "default": "", + "title": "The organization Schema", + "examples": [ + "votre-organisation" + ] + }, + "repository": { + "type": "string", + "default": "", + "title": "The repository Schema", + "examples": [ + "votre-repo" + ] + } + }, + "examples": [{ + "enabled": false, + "organization": "votre-organisation", + "repository": "votre-repo" + }] + } + }, + "examples": [{ + "fullnameOverride": "", + "nameOverride": "", + "deployment": { + "containerPort": "", + "containerAdminPort": "", + "replicaCount": 2, + "podAnnotations": {}, + "imagePullSecrets": [], + "image": { + "repository": "nginx", + "pullPolicy": "IfNotPresent", + "tag": "10" + }, + "containerEnv": {}, + "containerExtraPorts": "", + "containerExtraSpecs": "", + "args": [], + "podSecurityContext": { + "enabled": false, + "fsGroup": 1001 + }, + "extraInitContainers": [], + "restartPolicy": "Always", + "securityContext": { + "enabled": false + }, + "volumes": [], + "volumeMounts": [], + "command": [], + "nodeSelector": {}, + "affinity": {}, + "readinessProbe": { + "httpGet": { + "path": "/", + "port": 80, + "scheme": "HTTP" + }, + "initialDelaySeconds": 5, + "timeoutSeconds": 5, + "periodSeconds": 5, + "successThreshold": 1, + "failureThreshold": 10 + }, + "livenessProbe": { + "httpGet": { + "path": "/", + "port": 80, + "scheme": "HTTP" + }, + "initialDelaySeconds": 50, + "timeoutSeconds": 1, + "periodSeconds": 10, + "successThreshold": 1, + "failureThreshold": 5 + }, + "resources": { + "limits": { + "cpu": "100m", + "memory": "128Mi" + }, + "requests": { + "cpu": "100m", + "memory": "128Mi" + } + }, + "tolerations": [], + "startupProbe": "", + "extraVolumes": [], + "extraVolumeMounts": "" + }, + "autoscaling": { + "enabled": true, + "minReplicas": 2, + "maxReplicas": 10, + "targetCPUUtilizationPercentage": 100, + "targetMemoryUtilizationPercentage": 100 + }, + "ingress": { + "enabled": true, + "labels": {}, + "className": "", + "annotations": {}, + "host": "your-host", + "tls": { + "secretName": "" + }, + "rules": [{ + "host": "chart-example.local", + "paths": [{ + "path": "/", + "pathType": "ImplementationSpecific" + }] + }] + }, + "service": { + "enabled": true, + "httpPortName": "http", + "type": "ClusterIP", + "httpPort": 8080, + "httpNodePort": "", + "httpAdminPort": 8081, + "httpAdminPortName": "http-admin", + "httpAdminNodePort": "", + "extraPorts": [] + }, + "serviceAccount": { + "create": true, + "annotations": {}, + "name": "", + "imagePullSecrets": [] + }, + "canary": { + "enabled": false, + "header": { + "enabled": false, + "name": "cookie", + "regex": "" + }, + "cookie": { + "enabled": false, + "name": "x-hidden-prod" + }, + "percent": { + "enabled": false, + "value": 20 + } + }, + "flux": { + "enabled": false, + "configmap": { + "enabled": false, + "filepath": "/usr/src/app/", + "filename": "flux.json" + }, + "internal": {} + }, + "podDisruptionBudget": {}, + "secrets": { + "data": {}, + "type": "" + }, + "configFiles": {}, + "github": { + "enabled": false, + "organization": "votre-organisation", + "repository": "votre-repo" + } + }] +} \ No newline at end of file diff --git a/bouyguestelecom/spin/values.yaml b/bouyguestelecom/spin/values.yaml new file mode 100644 index 0000000..36f3f05 --- /dev/null +++ b/bouyguestelecom/spin/values.yaml @@ -0,0 +1,273 @@ +# Default values for spin. +# This is a YAML-formatted file. + +# Override the fully qualified name +fullnameOverride: "" + +# Optionally override the name +nameOverride: "" + +# -- Deployment +deployment: + # -- If defined, forces the container to use a port other than the one defined in service.httpPort. + containerPort: '' + # -- If defined, forces the container to use an admin port other than the one defined in service.httpAdminPort. + containerAdminPort: '' + # -- ReplicaCount for the Pod + replicaCount: 2 + # -- Additional annotations for the Pod + podAnnotations: {} + imagePullSecrets: [] + # -- Docker image configuration settings + image: + # -- docker image repository url + repository: nginx + # -- docker image pull policy + pullPolicy: IfNotPresent + # -- docker image tag + tag: "10" + # -- Additional ENV + containerEnv: {} + # -- Add extra ports to container + containerExtraPorts: '' + # -- Add extra specifications to container + containerExtraSpecs: '' + # -- Additional arguments to pass to the command + args: [ ] + # -- Pod-level security context configuration + podSecurityContext: + # -- Enable or disable the pod security context + enabled: false + # -- Set the File System Group (fsGroup) for the pod volumes + fsGroup: 1001 ## generic value + # -- Add initContainers + extraInitContainers: [] + # -- Pod restart policy. One of `Always`, `OnFailure`, or `Never` + restartPolicy: Always + # -- Security context + securityContext: + enabled: false + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + # Volumes + volumes: [] + # - name: kafka-jks + # configMap: + # name: {{ include "spin.fullName" . }}-conf-kafka-jks + # Command to execute within the container + # -- VolumeMounts + volumeMounts: [] + # - name: kafka-jks + # mountPath: /home/devops/config/kafka + command: [] + # -- Node Selector settings for pod scheduling + # -- An empty object means no node selector is applied, and the pod can be scheduled on any node + nodeSelector: {} + # -- Pod affinity configurartion : Hard node and soft zone anti-affinity + affinity: {} + # -- Readiness probe configuration + readinessProbe: + httpGet: + # -- The path to be used for the HTTP GET request + path: / + # -- The port on which to perform the GET request + port: 80 + # -- The scheme for the GET request (e.g., HTTP or HTTPS) + scheme: HTTP + # -- Initial delay before starting the check (in seconds) + initialDelaySeconds: 5 + # -- Maximum wait time for a response (in seconds) + timeoutSeconds: 5 + # -- Check frequency (in seconds) + periodSeconds: 5 + # -- Number of consecutive successful checks to be considered ready + successThreshold: 1 + # -- Number of consecutive unsuccessful checks to be considered not ready + failureThreshold: 10 + # -- Liveness probe configuration + livenessProbe: + httpGet: + # -- The path to be used for the HTTP GET request + path: / + # -- The port on which to perform the GET request + port: 80 + # -- The scheme for the GET request (e.g., HTTP or HTTPS) + scheme: HTTP + # -- Initial delay before starting the check (in seconds) + initialDelaySeconds: 50 + # -- Maximum wait time for a response (in seconds) + timeoutSeconds: 1 + # -- Check frequency (in seconds) + periodSeconds: 10 + # -- Number of consecutive successful checks to be considered alive + successThreshold: 1 + # -- Number of consecutive unsuccessful checks to be considered not alive + failureThreshold: 5 + # -- Resource Management for Pods and Containers + resources: + limits: + cpu: "500m" + memory: "1Gi" + requests: + cpu: "100m" + memory: "128Mi" + # -- Tolerations for pod assignment + # -- Empty list means no tolerations are applied + tolerations: [ ] + # -- Startup probe settings (overrides liveness and readiness for slow-starting pods) + # -- Empty means no startup probe is configured + startupProbe: | + # -- Add additionnal volumes + extraVolumes: [] + # - name: application-config + # configMap: + # name: {{ include "spin.fullName" . }}-conf + # - name: logback-config + # configMap: + # name: {{ include "spin.fullName" . }}-conf + # -- Add additionnal volumeMounts + extraVolumeMounts: "" + # - name: application-config + # mountPath: /home/devops/config/application.yml + # subPath: application.yml + # readOnly: true + # - name: logback-config + # mountPath: /home/devops/config/logback.xml + # subPath: logback.xml + # readOnly: true + +# -- Autoscaling +autoscaling: + # -- Enable or disable Horizontal Pod Autoscaler (Autoscalling) + enabled: true + # -- Minimum number of pod replicas + minReplicas: 2 + # -- Maximum number of pod replicas + maxReplicas: 10 + # -- target CPU Utilization Percentage + targetCPUUtilizationPercentage: 100 + # -- target Memory Utilization Percentage + targetMemoryUtilizationPercentage: 100 + +# -- Ingress configuration +ingress: + # -- Enable or disable the creation of an Ingress resource for the deployment + enabled: true + # -- Additional labels for the Ingress + labels: {} + className: "" + # -- Additional annotations for the Ingress + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + host: "your-host" + tls: + secretName: '' + # -- List of rules for the Ingress + rules: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + +# -- Service configuration +service: + # -- Enable or disable the creation of a Kubernetes service for the deployment + enabled: true + httpPortName: http + # -- The Service type + type: ClusterIP + # -- The http Service port + httpPort: 8080 + # -- The HTTP Service node port if type is NodePort (The range of valid ports is 30000-32767) + httpNodePort: '' + # -- The Management port + httpAdminPort: 8081 + # -- The Management port name + httpAdminPortName: http-admin + # -- The Management node port if type is NodePort (The range of valid ports is 30000-32767) + httpAdminNodePort: '' + # -- Additional Service ports, e. g. for custom admin console + extraPorts: [ ] + +serviceAccount: + # -- Specifies whether a service account should be created + create: true + # -- Annotations to add to the service account + annotations: {} + # -- The name of the service account to use. + # -- If not set and create is true, a name is generated using the fullname template + name: "" + # -- Image pull secrets that are attached to the ServiceAccount + imagePullSecrets: [] + +# -- Canary release configuration settings +canary: + # -- Enable or disable Canary releases + enabled: false + # -- HTTP header-based routing settings + header: + # -- Enable or disable header-based routing + enabled: false + # -- Name of the HTTP header to match + name: cookie + # -- Regular expression to match the header value + regex: '' + # -- Cookie-based routing settings + cookie: + # -- Enable or disable cookie-based routing + enabled: false + # -- Name of the cookie to match + name: x-hidden-prod + # -- Percentage-based routing settings + percent: + # -- Enable or disable percentage-based routing + enabled: false + # -- Percentage of traffic to route to the Canary release + value: 20 + +# -- ENP allows object configuration +# -- List of allowed entities for ENP (see [Readme ENPR](#egress-network-policy-enp)) +flux: + # -- Indicates if Flux is enabled (false by default) + enabled: false + configmap: + # -- Indicates if the ConfigMap is enabled (false by default) + enabled: false + # -- The file path for Flux configuration (default: /usr/src/app/) + filepath: /usr/src/app/ + # -- The name of the Flux configuration file (default: flux.json) + filename: flux.json + # -- Configuration for Flux ConfigMap + # -- Internal settings for Flux (empty by default) + internal: {} + +# -- Pod Disruption Budget settings +# -- Empty means no PDB is applied +podDisruptionBudget: {} +# maxUnavailable: 1 +# minAvailable: 1 + +# -- Configuration settings for Kubernetes secrets +secrets: + # -- Key-value pairs stored as base64-encoded strings + data: {} + type: '' + +# -- Set configurations files in configmaps. +configFiles: {} + #Here is samples configurations files : application.properties + #application.yml: |- + # insert_your_application_configuration_here + #logback.xml: |- +# insert_your_logback_configuration_here + +# -- Log into github to generate tag image +github: + enabled: false + organization: "votre-organisation" + repository: "votre-repo" \ No newline at end of file