From 804a4d82b983d4bc36fa3729742c175496a21789 Mon Sep 17 00:00:00 2001 From: AnchorArray Date: Thu, 6 Jun 2024 08:09:29 -0700 Subject: [PATCH] Add scaffolding template for creating new helm charts --- charts/scaffold/.helmignore | 23 +++ charts/scaffold/CHANGELOG.md | 19 +++ charts/scaffold/Chart.yaml | 6 + charts/scaffold/README.md | 102 +++++++++++++ charts/scaffold/README.md.gotmpl | 76 ++++++++++ charts/scaffold/templates/NOTES.txt | 55 +++++++ charts/scaffold/templates/_helpers.tpl | 65 +++++++++ charts/scaffold/templates/deployment.yaml | 97 ++++++++++++ charts/scaffold/templates/hpa.yaml | 32 ++++ charts/scaffold/templates/ingress.yaml | 61 ++++++++ charts/scaffold/templates/service.yaml | 19 +++ charts/scaffold/templates/serviceaccount.yaml | 13 ++ charts/scaffold/values.yaml | 138 ++++++++++++++++++ 13 files changed, 706 insertions(+) create mode 100644 charts/scaffold/.helmignore create mode 100644 charts/scaffold/CHANGELOG.md create mode 100644 charts/scaffold/Chart.yaml create mode 100644 charts/scaffold/README.md create mode 100644 charts/scaffold/README.md.gotmpl create mode 100644 charts/scaffold/templates/NOTES.txt create mode 100644 charts/scaffold/templates/_helpers.tpl create mode 100644 charts/scaffold/templates/deployment.yaml create mode 100644 charts/scaffold/templates/hpa.yaml create mode 100644 charts/scaffold/templates/ingress.yaml create mode 100644 charts/scaffold/templates/service.yaml create mode 100644 charts/scaffold/templates/serviceaccount.yaml create mode 100644 charts/scaffold/values.yaml diff --git a/charts/scaffold/.helmignore b/charts/scaffold/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/scaffold/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/scaffold/CHANGELOG.md b/charts/scaffold/CHANGELOG.md new file mode 100644 index 0000000..2baa79f --- /dev/null +++ b/charts/scaffold/CHANGELOG.md @@ -0,0 +1,19 @@ +# Changelog + +All notable changes to this project will be documented in this file. + +The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), +and this project adheres to [Semantic Versioning] +(https://semver.org/spec/v2.0.0.html). + +## [0.2.0] - 2024-05-14 + +### Updated + +- Default image tag from `1.0.19` to `1.0.20-dev2` + +## [0.1.0] - 2024-05-08 + +### Added + +- Initial release of `` Helm chart diff --git a/charts/scaffold/Chart.yaml b/charts/scaffold/Chart.yaml new file mode 100644 index 0000000..1a8cb67 --- /dev/null +++ b/charts/scaffold/Chart.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +name: +description: A Helm chart for WhyLabs +type: application +version: 0.2.0 +appVersion: "1.0.20-dev2" diff --git a/charts/scaffold/README.md b/charts/scaffold/README.md new file mode 100644 index 0000000..b3d6c9d --- /dev/null +++ b/charts/scaffold/README.md @@ -0,0 +1,102 @@ +# + +![Version: 0.2.0](https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.0.20-dev2](https://img.shields.io/badge/AppVersion-1.0.20--dev2-informational?style=flat-square) + +A Helm chart for WhyLabs + +## Installing the Chart + +```shell +# Downloads a .tgz file to the working directory or --destination path +helm pull \ + oci://ghcr.io/whylabs/ \ + --version 0.2.0 + +helm diff upgrade \ + --allow-unreleased \ + --namespace \ + `# Specify the .tgz file as the chart` \ + + -0.2.0.tgz +``` + +After you've installed the repo you can install the chart. + +```shell +helm upgrade --install \ + --create-namespace \ + --namespace \ + + -0.2.0.tgz +``` + +## Horizontal Pod Autoscaling (HPA) + +The Horizontal Pod Autoscaler automatically scales the number of pods in a +replication controller, deployment, replica set or stateful set based on +observed CPU utilization (or, with custom metrics support, on some other +application-provided metrics). The Horizontal Pod Autoscaler uses the following +formula to calculate the desired number of pods: + +```text +Desired Replicas = [ (Current Utilization / Target Utilization) * Current Replicas ] +``` + +For example, if an HPA is configured with a target CPU utilization of 50%, there +are currently 3 pods, and the current average CPU utilization is 90%, the number +of replicas will be scaled to 6: + +```text +Desired Replicas = ⌈ (90% / 50%) * 3 ⌉ + = ⌈ 1.8 * 3 ⌉ + = ⌈ 5.4 ⌉ + = 6 +``` + +HPA uses the same formula for both increasing and decreasing the number of pods. +Horizontal pod scaling is disabled by default. To enable it, set the +`hpa.enabled` key to `true`. The pods QoS class will impact HPA behavior as a +deployment that is allowed to burst CPU usage will cause more aggressive HPA +scaling than a deployment with a `Guaranteed` QoS that does not go above 100% +utilization. + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | Affinity settings for `Pod` [scheduling](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). If an explicit label selector is not provided for pod affinity or pod anti-affinity one will be created from the pod selector labels. | +| autoscaling | object | `{"enabled":false,"maxReplicas":100,"minReplicas":1,"targetCPUUtilizationPercentage":70}` | [Horizontal Pod Autoscaler](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) configuration for the `` container. | +| commonLabels | object | `{}` | Labels to add to all chart resources. | +| env | object | `{}` | [Environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) for the `` container. | +| extraVolumeMounts | list | `[]` | Extra [volume mounts](https://kubernetes.io/docs/concepts/storage/volumes/) for the `` container. | +| extraVolumes | list | `[]` | Extra [volumes](https://kubernetes.io/docs/concepts/storage/volumes/) for the `Pod`. | +| fullnameOverride | string | `""` | Override the full name of the chart. | +| image.pullPolicy | string | `"IfNotPresent"` | Image pull policy for the `` container. | +| image.repository | string | `"registry.gitlab.com/whylabs/langkit-container"` | Image repository for the `` container. | +| image.tag | string | `""` | Image tag for the `` container, this will default to `.Chart.AppVersion` if not set. | +| imagePullSecrets[0] | list | `{"name":""}` | Image pull secrets for the `` container. Defaults to `whylabs-{{ .Release.Name }}-registry-credentials`. | +| ingress | object | `{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"chart-example.local","paths":[{"path":"/","pathType":"ImplementationSpecific"}]}],"tls":[]}` | [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) configuration for the `` container. | +| livenessProbe | object | `{"failureThreshold":3,"httpGet":{"path":"/health","port":8000},"initialDelaySeconds":30,"periodSeconds":30}` | [Liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) configuration for the `` container. | +| nameOverride | string | `""` | Override the name of the chart. | +| nodeSelector | object | `{}` | Node labels to match for `Pod` [scheduling](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). | +| podAnnotations | object | `{}` | Annotations to add to the `Pod`. | +| podLabels | object | `{}` | Labels to add to the `Pod`. | +| podSecurityContext | object | `{"runAsNonRoot":true}` | [Pod security context](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#podsecuritycontext-v1-core), this supports full customisation. | +| readinessProbe | object | `{"failureThreshold":10,"httpGet":{"path":"/health","port":8000},"initialDelaySeconds":30,"periodSeconds":30}` | [Readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) configuration for the `` container. | +| replicaCount | int | `4` | Number of replicas for the service. | +| resources | object | `{"limits":{"cpu":"4","ephemeral-storage":"250Mi","memory":"4Gi"},"requests":{"cpu":"4","ephemeral-storage":"250Mi","memory":"4Gi"}}` | [Resources](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for the `` container. | +| securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsNonRoot":true,"runAsUser":1000}` | [Security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) for the `` container. | +| service.annotations | object | `{}` | Service annotations. | +| service.port | int | `80` | Service HTTP port. | +| service.targetPort | int | `8000` | The port on which the application container is listening. | +| service.type | string | `"ClusterIP"` | Service Type, i.e. ClusterIp, LoadBalancer, etc. | +| serviceAccount.annotations | object | `{}` | Annotations to add to the service account. | +| serviceAccount.automount | bool | `true` | Set this to `false` to [opt out of API credential automounting](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#opt-out-of-api-credential-automounting) for the `ServiceAccount`. | +| serviceAccount.create | bool | `true` | If `true`, create a new `ServiceAccount`. | +| serviceAccount.labels | object | `{}` | Labels to add to the service account. | +| serviceAccount.name | string | `""` | If this is set and `serviceAccount.create` is `true` this will be used for the created `ServiceAccount` name, if set and `serviceAccount.create` is `false` then this will define an existing `ServiceAccount` to use. | +| tolerations | list | `[]` | Node taints which will be tolerated for `Pod` [scheduling](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). | + +---------------------------------------------- + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs/). \ No newline at end of file diff --git a/charts/scaffold/README.md.gotmpl b/charts/scaffold/README.md.gotmpl new file mode 100644 index 0000000..64cf9d8 --- /dev/null +++ b/charts/scaffold/README.md.gotmpl @@ -0,0 +1,76 @@ +{{ template "chart.header" . }} +{{ template "chart.deprecationWarning" . }} + +{{ template "chart.badgesSection" . }} + +{{ template "chart.description" . }} + +{{ template "chart.homepageLine" . }} + +{{ template "chart.maintainersSection" . }} + +{{ template "chart.sourcesSection" . }} + +## Installing the Chart + +```shell +# Downloads a .tgz file to the working directory or --destination path +helm pull \ + oci://ghcr.io/whylabs/{{ template "chart.name" . }} \ + --version {{ template "chart.version" . }} + +helm diff upgrade \ + --allow-unreleased \ + --namespace \ + `# Specify the .tgz file as the chart` \ + {{ template "chart.name" . }} + {{ template "chart.name" . }}-{{ template "chart.version" . }}.tgz +``` + +After you've installed the repo you can install the chart. + +```shell +helm upgrade --install \ + --create-namespace \ + --namespace \ + {{ template "chart.name" . }} + {{ template "chart.name" . }}-{{ template "chart.version" . }}.tgz +``` + +## Horizontal Pod Autoscaling (HPA) + +The Horizontal Pod Autoscaler automatically scales the number of pods in a +replication controller, deployment, replica set or stateful set based on +observed CPU utilization (or, with custom metrics support, on some other +application-provided metrics). The Horizontal Pod Autoscaler uses the following +formula to calculate the desired number of pods: + +```text +Desired Replicas = [ (Current Utilization / Target Utilization) * Current Replicas ] +``` + +For example, if an HPA is configured with a target CPU utilization of 50%, there +are currently 3 pods, and the current average CPU utilization is 90%, the number +of replicas will be scaled to 6: + +```text +Desired Replicas = ⌈ (90% / 50%) * 3 ⌉ + = ⌈ 1.8 * 3 ⌉ + = ⌈ 5.4 ⌉ + = 6 +``` + +HPA uses the same formula for both increasing and decreasing the number of pods. +Horizontal pod scaling is disabled by default. To enable it, set the +`hpa.enabled` key to `true`. The pods QoS class will impact HPA behavior as a +deployment that is allowed to burst CPU usage will cause more aggressive HPA +scaling than a deployment with a `Guaranteed` QoS that does not go above 100% +utilization. + +{{ template "chart.requirementsSection" . }} + +{{ template "chart.valuesSection" . }} + +---------------------------------------------- + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs/). \ No newline at end of file diff --git a/charts/scaffold/templates/NOTES.txt b/charts/scaffold/templates/NOTES.txt new file mode 100644 index 0000000..555f371 --- /dev/null +++ b/charts/scaffold/templates/NOTES.txt @@ -0,0 +1,55 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include ".fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include ".fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include ".fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include ".name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} + +2. Ensure the necessary secrets are created. Your application requires specific secrets to function properly: + + - Secret for API Key: `whylabs-{{ .Release.Name }}-api-key` + - Secret for API Secret: `whylabs-{{ .Release.Name }}-api-secret` + - Secret for pulling private image: `whylabs-{{ .Release.Name }}-registry-credentials` + + You can create these secrets with the following commands: + ``` + kubectl create secret generic whylabs-{{ .Release.Name }}-api-key \ + --namespace {{ .Release.Namespace }} \ + --from-literal=WHYLABS_API_KEY='' + + kubectl create secret generic whylabs-{{ .Release.Name }}-api-secret \ + --namespace {{ .Release.Namespace }} \ + --from-literal=CONTAINER_PASSWORD='' + + kubectl create secret docker-registry whylabs-{{ .Release.Name }}-registry-credentials \ + --namespace {{ .Release.Namespace }} \ + --docker-server="registry.gitlab.com" \ + --docker-username="" \ + --docker-password="" \ + --docker-email="" + ``` + + Replace `` and other values with the actual values you need to use. + +3. After creating the secrets, verify that they are correctly set up by running: + + ``` + kubectl get secrets --namespace {{ .Release.Namespace }} + ``` + diff --git a/charts/scaffold/templates/_helpers.tpl b/charts/scaffold/templates/_helpers.tpl new file mode 100644 index 0000000..e9e9a22 --- /dev/null +++ b/charts/scaffold/templates/_helpers.tpl @@ -0,0 +1,65 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define ".name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define ".fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define ".chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define ".labels" -}} +helm.sh/chart: {{ include ".chart" . }} +{{ include ".selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- with .Values.commonLabels }} +{{ toYaml . }} +{{- end }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define ".selectorLabels" -}} +app.kubernetes.io/name: {{ include ".name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define ".serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include ".fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/scaffold/templates/deployment.yaml b/charts/scaffold/templates/deployment.yaml new file mode 100644 index 0000000..7f94640 --- /dev/null +++ b/charts/scaffold/templates/deployment.yaml @@ -0,0 +1,97 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include ".fullname" . }} + labels: + {{- include ".labels" . | nindent 4 }} +spec: + revisionHistoryLimit: 1 + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include ".selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include ".labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + imagePullSecrets: + {{- if .Values.imagePullSecrets }} + {{- range .Values.imagePullSecrets }} + {{- if .name }} + - name: {{ .name }} + {{- else }} + - name: whylabs-{{ $.Release.Name }}-registry-credentials + {{- end }} + {{- end }} + {{- else }} + - name: whylabs-{{ .Release.Name }}-registry-credentials + {{- end }} + serviceAccountName: {{ include ".serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- if .Values.env }} + env: + {{- range $key, $value := .Values.env }} + - name: {{ $key }} + value: {{ $value | quote }} + {{- end }} + {{- end }} + envFrom: + - secretRef: + name: whylabs-{{ .Release.Name }}-api-key + - secretRef: + name: whylabs-{{ .Release.Name }}-api-secret + ports: + - name: http + containerPort: {{ .Values.service.targetPort }} + protocol: TCP + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + - name: temp-dir + mountPath: /tmp + {{- if .Values.extraVolumeMounts }} + {{- with .extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + {{- end }} + volumes: + - name: temp-dir + emptyDir: {} + {{- if .Values.extraVolumes }} + {{- with .Values.extraVolumes }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/scaffold/templates/hpa.yaml b/charts/scaffold/templates/hpa.yaml new file mode 100644 index 0000000..395df66 --- /dev/null +++ b/charts/scaffold/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include ".fullname" . }} + labels: + {{- include ".labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include ".fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/charts/scaffold/templates/ingress.yaml b/charts/scaffold/templates/ingress.yaml new file mode 100644 index 0000000..af470e7 --- /dev/null +++ b/charts/scaffold/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include ".fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include ".labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/scaffold/templates/service.yaml b/charts/scaffold/templates/service.yaml new file mode 100644 index 0000000..9d17017 --- /dev/null +++ b/charts/scaffold/templates/service.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include ".fullname" . }} + labels: + {{- include ".labels" . | nindent 4 }} + {{- if .Values.service.annotations }} + annotations: + {{- .Values.service.annotations | toYaml | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.service.type }} + ports: + - name: http + protocol: TCP + port: {{ .Values.service.port }} + targetPort: {{ .Values.service.targetPort }} + selector: + {{- include ".selectorLabels" . | nindent 4 }} diff --git a/charts/scaffold/templates/serviceaccount.yaml b/charts/scaffold/templates/serviceaccount.yaml new file mode 100644 index 0000000..1d1d00a --- /dev/null +++ b/charts/scaffold/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include ".serviceAccountName" . }} + labels: + {{- include ".labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/charts/scaffold/values.yaml b/charts/scaffold/values.yaml new file mode 100644 index 0000000..243b878 --- /dev/null +++ b/charts/scaffold/values.yaml @@ -0,0 +1,138 @@ +# -- Number of replicas for the service. +replicaCount: 4 + +image: + # -- Image repository for the `` container. + repository: registry.gitlab.com/whylabs/langkit-container + # -- Image pull policy for the `` container. + pullPolicy: IfNotPresent + # -- (string) Image tag for the `` container, this will default to `.Chart.AppVersion` if not set. + tag: "" + +imagePullSecrets: + # -- (list) Image pull secrets for the `` container. Defaults to `whylabs-{{ .Release.Name }}-registry-credentials`. + - name: "" + +# -- (string) Override the name of the chart. +nameOverride: "" + +# -- (string) Override the full name of the chart. +fullnameOverride: "" + +# -- Labels to add to all chart resources. +commonLabels: {} + +# -- [Environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) for the `` container. +env: {} + # MY_ENV_VAR: "my env var value" + +serviceAccount: + # -- If `true`, create a new `ServiceAccount`. + create: true + # -- (string) If this is set and `serviceAccount.create` is `true` this will be used for the created `ServiceAccount` name, if set and `serviceAccount.create` is `false` then this will define an existing `ServiceAccount` to use. + name: "" + # -- Labels to add to the service account. + labels: {} + # -- Annotations to add to the service account. + annotations: {} + # -- Set this to `false` to [opt out of API credential automounting](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#opt-out-of-api-credential-automounting) for the `ServiceAccount`. + automount: true + +service: + # -- Service annotations. + annotations: {} + # -- Service Type, i.e. ClusterIp, LoadBalancer, etc. + type: ClusterIP + # -- Service HTTP port. + port: 80 + # -- The port on which the application container is listening. + targetPort: 8000 + +# -- Annotations to add to the `Pod`. +podAnnotations: {} + +# -- Labels to add to the `Pod`. +podLabels: {} + +# -- [Pod security context](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#podsecuritycontext-v1-core), this supports full customisation. +podSecurityContext: + runAsNonRoot: true + +# -- [Security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) for the `` container. +securityContext: + privileged: false + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + capabilities: + drop: ["ALL"] + +# -- [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) configuration for the `` container. +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +# -- [Resources](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for the `` container. +resources: + requests: + cpu: "4" + memory: 4Gi + ephemeral-storage: 250Mi + limits: + cpu: "4" + memory: 4Gi + ephemeral-storage: 250Mi + +# -- [Liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) configuration for the `` container. +livenessProbe: + httpGet: + path: /health + port: 8000 + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 30 + +# -- [Readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) configuration for the `` container. +readinessProbe: + httpGet: + path: /health + port: 8000 + failureThreshold: 10 + initialDelaySeconds: 30 + periodSeconds: 30 + +# -- [Horizontal Pod Autoscaler](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) configuration for the `` container. +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 70 + # targetMemoryUtilizationPercentage: 70 + +# -- Extra [volumes](https://kubernetes.io/docs/concepts/storage/volumes/) for the `Pod`. +extraVolumes: [] + +# -- Extra [volume mounts](https://kubernetes.io/docs/concepts/storage/volumes/) for the `` container. +extraVolumeMounts: [] + +# -- Node labels to match for `Pod` [scheduling](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). +nodeSelector: {} + +# -- Node taints which will be tolerated for `Pod` [scheduling](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). +tolerations: [] + +# -- Affinity settings for `Pod` [scheduling](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). If an explicit label selector is not provided for pod affinity or pod anti-affinity one will be created from the pod selector labels. +affinity: {}